1 // SPDX-License-Identifier: ISC
3 * Copyright (c) 2010 Broadcom Corporation
6 /* Toplevel file. Relies on dhd_linux.c to send commands to the dongle. */
8 #include <linux/kernel.h>
9 #include <linux/etherdevice.h>
10 #include <linux/module.h>
11 #include <linux/vmalloc.h>
12 #include <net/cfg80211.h>
13 #include <net/netlink.h>
14 #include <uapi/linux/if_arp.h>
16 #include <brcmu_utils.h>
18 #include <brcmu_wifi.h>
19 #include <brcm_hw_ids.h>
22 #include "tracepoint.h"
23 #include "fwil_types.h"
36 #define BRCMF_SCAN_IE_LEN_MAX 2048
38 #define WPA_OUI "\x00\x50\xF2" /* WPA OUI */
39 #define WPA_OUI_TYPE 1
40 #define RSN_OUI "\x00\x0F\xAC" /* RSN OUI */
41 #define WME_OUI_TYPE 2
42 #define WPS_OUI_TYPE 4
44 #define VS_IE_FIXED_HDR_LEN 6
45 #define WPA_IE_VERSION_LEN 2
46 #define WPA_IE_MIN_OUI_LEN 4
47 #define WPA_IE_SUITE_COUNT_LEN 2
49 #define WPA_CIPHER_NONE 0 /* None */
50 #define WPA_CIPHER_WEP_40 1 /* WEP (40-bit) */
51 #define WPA_CIPHER_TKIP 2 /* TKIP: default for WPA */
52 #define WPA_CIPHER_AES_CCM 4 /* AES (CCM) */
53 #define WPA_CIPHER_WEP_104 5 /* WEP (104-bit) */
55 #define RSN_AKM_NONE 0 /* None (IBSS) */
56 #define RSN_AKM_UNSPECIFIED 1 /* Over 802.1x */
57 #define RSN_AKM_PSK 2 /* Pre-shared Key */
58 #define RSN_AKM_SHA256_1X 5 /* SHA256, 802.1X */
59 #define RSN_AKM_SHA256_PSK 6 /* SHA256, Pre-shared Key */
60 #define RSN_AKM_SAE 8 /* SAE */
61 #define RSN_CAP_LEN 2 /* Length of RSN capabilities */
62 #define RSN_CAP_PTK_REPLAY_CNTR_MASK (BIT(2) | BIT(3))
63 #define RSN_CAP_MFPR_MASK BIT(6)
64 #define RSN_CAP_MFPC_MASK BIT(7)
65 #define RSN_PMKID_COUNT_LEN 2
67 #define VNDR_IE_CMD_LEN 4 /* length of the set command
68 * string :"add", "del" (+ NUL)
70 #define VNDR_IE_COUNT_OFFSET 4
71 #define VNDR_IE_PKTFLAG_OFFSET 8
72 #define VNDR_IE_VSIE_OFFSET 12
73 #define VNDR_IE_HDR_SIZE 12
74 #define VNDR_IE_PARSE_LIMIT 5
76 #define DOT11_MGMT_HDR_LEN 24 /* d11 management header len */
77 #define DOT11_BCN_PRB_FIXED_LEN 12 /* beacon/probe fixed length */
79 #define BRCMF_SCAN_JOIN_ACTIVE_DWELL_TIME_MS 320
80 #define BRCMF_SCAN_JOIN_PASSIVE_DWELL_TIME_MS 400
81 #define BRCMF_SCAN_JOIN_PROBE_INTERVAL_MS 20
83 #define BRCMF_SCAN_CHANNEL_TIME 40
84 #define BRCMF_SCAN_UNASSOC_TIME 40
85 #define BRCMF_SCAN_PASSIVE_TIME 120
87 #define BRCMF_ND_INFO_TIMEOUT msecs_to_jiffies(2000)
89 #define BRCMF_PS_MAX_TIMEOUT_MS 2000
91 #define BRCMF_ASSOC_PARAMS_FIXED_SIZE \
92 (sizeof(struct brcmf_assoc_params_le) - sizeof(u16))
94 static bool check_vif_up(struct brcmf_cfg80211_vif *vif)
96 if (!test_bit(BRCMF_VIF_STATUS_READY, &vif->sme_state)) {
97 brcmf_dbg(INFO, "device is not ready : status (%lu)\n",
104 #define RATE_TO_BASE100KBPS(rate) (((rate) * 10) / 2)
105 #define RATETAB_ENT(_rateid, _flags) \
107 .bitrate = RATE_TO_BASE100KBPS(_rateid), \
108 .hw_value = (_rateid), \
112 static struct ieee80211_rate __wl_rates[] = {
113 RATETAB_ENT(BRCM_RATE_1M, 0),
114 RATETAB_ENT(BRCM_RATE_2M, IEEE80211_RATE_SHORT_PREAMBLE),
115 RATETAB_ENT(BRCM_RATE_5M5, IEEE80211_RATE_SHORT_PREAMBLE),
116 RATETAB_ENT(BRCM_RATE_11M, IEEE80211_RATE_SHORT_PREAMBLE),
117 RATETAB_ENT(BRCM_RATE_6M, 0),
118 RATETAB_ENT(BRCM_RATE_9M, 0),
119 RATETAB_ENT(BRCM_RATE_12M, 0),
120 RATETAB_ENT(BRCM_RATE_18M, 0),
121 RATETAB_ENT(BRCM_RATE_24M, 0),
122 RATETAB_ENT(BRCM_RATE_36M, 0),
123 RATETAB_ENT(BRCM_RATE_48M, 0),
124 RATETAB_ENT(BRCM_RATE_54M, 0),
127 #define wl_g_rates (__wl_rates + 0)
128 #define wl_g_rates_size ARRAY_SIZE(__wl_rates)
129 #define wl_a_rates (__wl_rates + 4)
130 #define wl_a_rates_size (wl_g_rates_size - 4)
132 #define CHAN2G(_channel, _freq) { \
133 .band = NL80211_BAND_2GHZ, \
134 .center_freq = (_freq), \
135 .hw_value = (_channel), \
136 .max_antenna_gain = 0, \
140 #define CHAN5G(_channel) { \
141 .band = NL80211_BAND_5GHZ, \
142 .center_freq = 5000 + (5 * (_channel)), \
143 .hw_value = (_channel), \
144 .max_antenna_gain = 0, \
148 static struct ieee80211_channel __wl_2ghz_channels[] = {
149 CHAN2G(1, 2412), CHAN2G(2, 2417), CHAN2G(3, 2422), CHAN2G(4, 2427),
150 CHAN2G(5, 2432), CHAN2G(6, 2437), CHAN2G(7, 2442), CHAN2G(8, 2447),
151 CHAN2G(9, 2452), CHAN2G(10, 2457), CHAN2G(11, 2462), CHAN2G(12, 2467),
152 CHAN2G(13, 2472), CHAN2G(14, 2484)
155 static struct ieee80211_channel __wl_5ghz_channels[] = {
156 CHAN5G(34), CHAN5G(36), CHAN5G(38), CHAN5G(40), CHAN5G(42),
157 CHAN5G(44), CHAN5G(46), CHAN5G(48), CHAN5G(52), CHAN5G(56),
158 CHAN5G(60), CHAN5G(64), CHAN5G(100), CHAN5G(104), CHAN5G(108),
159 CHAN5G(112), CHAN5G(116), CHAN5G(120), CHAN5G(124), CHAN5G(128),
160 CHAN5G(132), CHAN5G(136), CHAN5G(140), CHAN5G(144), CHAN5G(149),
161 CHAN5G(153), CHAN5G(157), CHAN5G(161), CHAN5G(165)
164 /* Band templates duplicated per wiphy. The channel info
165 * above is added to the band during setup.
167 static const struct ieee80211_supported_band __wl_band_2ghz = {
168 .band = NL80211_BAND_2GHZ,
169 .bitrates = wl_g_rates,
170 .n_bitrates = wl_g_rates_size,
173 static const struct ieee80211_supported_band __wl_band_5ghz = {
174 .band = NL80211_BAND_5GHZ,
175 .bitrates = wl_a_rates,
176 .n_bitrates = wl_a_rates_size,
179 /* This is to override regulatory domains defined in cfg80211 module (reg.c)
180 * By default world regulatory domain defined in reg.c puts the flags
181 * NL80211_RRF_NO_IR for 5GHz channels (for * 36..48 and 149..165).
182 * With respect to these flags, wpa_supplicant doesn't * start p2p
183 * operations on 5GHz channels. All the changes in world regulatory
184 * domain are to be done here.
186 static const struct ieee80211_regdomain brcmf_regdom = {
190 /* IEEE 802.11b/g, channels 1..11 */
191 REG_RULE(2412-10, 2472+10, 40, 6, 20, 0),
193 /* IEEE 802.11 channel 14 - Only JP enables
194 * this and for 802.11b only
196 REG_RULE(2484-10, 2484+10, 20, 6, 20, 0),
197 /* IEEE 802.11a, channel 36..64 */
198 REG_RULE(5150-10, 5350+10, 160, 6, 20, 0),
199 /* IEEE 802.11a, channel 100..165 */
200 REG_RULE(5470-10, 5850+10, 160, 6, 20, 0), }
203 /* Note: brcmf_cipher_suites is an array of int defining which cipher suites
204 * are supported. A pointer to this array and the number of entries is passed
205 * on to upper layers. AES_CMAC defines whether or not the driver supports MFP.
206 * So the cipher suite AES_CMAC has to be the last one in the array, and when
207 * device does not support MFP then the number of suites will be decreased by 1
209 static const u32 brcmf_cipher_suites[] = {
210 WLAN_CIPHER_SUITE_WEP40,
211 WLAN_CIPHER_SUITE_WEP104,
212 WLAN_CIPHER_SUITE_TKIP,
213 WLAN_CIPHER_SUITE_CCMP,
214 /* Keep as last entry: */
215 WLAN_CIPHER_SUITE_AES_CMAC
218 /* Vendor specific ie. id = 221, oui and type defines exact ie */
219 struct brcmf_vs_tlv {
226 struct parsed_vndr_ie_info {
228 u32 ie_len; /* total length including id & length field */
229 struct brcmf_vs_tlv vndrie;
232 struct parsed_vndr_ies {
234 struct parsed_vndr_ie_info ie_info[VNDR_IE_PARSE_LIMIT];
237 static u8 nl80211_band_to_fwil(enum nl80211_band band)
240 case NL80211_BAND_2GHZ:
242 case NL80211_BAND_5GHZ:
251 static u16 chandef_to_chanspec(struct brcmu_d11inf *d11inf,
252 struct cfg80211_chan_def *ch)
254 struct brcmu_chan ch_inf;
257 brcmf_dbg(TRACE, "chandef: control %d center %d width %d\n",
258 ch->chan->center_freq, ch->center_freq1, ch->width);
259 ch_inf.chnum = ieee80211_frequency_to_channel(ch->center_freq1);
260 primary_offset = ch->chan->center_freq - ch->center_freq1;
262 case NL80211_CHAN_WIDTH_20:
263 case NL80211_CHAN_WIDTH_20_NOHT:
264 ch_inf.bw = BRCMU_CHAN_BW_20;
265 WARN_ON(primary_offset != 0);
267 case NL80211_CHAN_WIDTH_40:
268 ch_inf.bw = BRCMU_CHAN_BW_40;
269 if (primary_offset > 0)
270 ch_inf.sb = BRCMU_CHAN_SB_U;
272 ch_inf.sb = BRCMU_CHAN_SB_L;
274 case NL80211_CHAN_WIDTH_80:
275 ch_inf.bw = BRCMU_CHAN_BW_80;
276 if (primary_offset == -30)
277 ch_inf.sb = BRCMU_CHAN_SB_LL;
278 else if (primary_offset == -10)
279 ch_inf.sb = BRCMU_CHAN_SB_LU;
280 else if (primary_offset == 10)
281 ch_inf.sb = BRCMU_CHAN_SB_UL;
283 ch_inf.sb = BRCMU_CHAN_SB_UU;
285 case NL80211_CHAN_WIDTH_160:
286 ch_inf.bw = BRCMU_CHAN_BW_160;
287 if (primary_offset == -70)
288 ch_inf.sb = BRCMU_CHAN_SB_LLL;
289 else if (primary_offset == -50)
290 ch_inf.sb = BRCMU_CHAN_SB_LLU;
291 else if (primary_offset == -30)
292 ch_inf.sb = BRCMU_CHAN_SB_LUL;
293 else if (primary_offset == -10)
294 ch_inf.sb = BRCMU_CHAN_SB_LUU;
295 else if (primary_offset == 10)
296 ch_inf.sb = BRCMU_CHAN_SB_ULL;
297 else if (primary_offset == 30)
298 ch_inf.sb = BRCMU_CHAN_SB_ULU;
299 else if (primary_offset == 50)
300 ch_inf.sb = BRCMU_CHAN_SB_UUL;
302 ch_inf.sb = BRCMU_CHAN_SB_UUU;
304 case NL80211_CHAN_WIDTH_80P80:
305 case NL80211_CHAN_WIDTH_5:
306 case NL80211_CHAN_WIDTH_10:
310 switch (ch->chan->band) {
311 case NL80211_BAND_2GHZ:
312 ch_inf.band = BRCMU_CHAN_BAND_2G;
314 case NL80211_BAND_5GHZ:
315 ch_inf.band = BRCMU_CHAN_BAND_5G;
317 case NL80211_BAND_60GHZ:
321 d11inf->encchspec(&ch_inf);
323 brcmf_dbg(TRACE, "chanspec: 0x%x\n", ch_inf.chspec);
324 return ch_inf.chspec;
327 u16 channel_to_chanspec(struct brcmu_d11inf *d11inf,
328 struct ieee80211_channel *ch)
330 struct brcmu_chan ch_inf;
332 ch_inf.chnum = ieee80211_frequency_to_channel(ch->center_freq);
333 ch_inf.bw = BRCMU_CHAN_BW_20;
334 d11inf->encchspec(&ch_inf);
336 return ch_inf.chspec;
339 /* Traverse a string of 1-byte tag/1-byte length/variable-length value
340 * triples, returning a pointer to the substring whose first element
343 static const struct brcmf_tlv *
344 brcmf_parse_tlvs(const void *buf, int buflen, uint key)
346 const struct brcmf_tlv *elt = buf;
349 /* find tagged parameter */
350 while (totlen >= TLV_HDR_LEN) {
353 /* validate remaining totlen */
354 if ((elt->id == key) && (totlen >= (len + TLV_HDR_LEN)))
357 elt = (struct brcmf_tlv *)((u8 *)elt + (len + TLV_HDR_LEN));
358 totlen -= (len + TLV_HDR_LEN);
364 /* Is any of the tlvs the expected entry? If
365 * not update the tlvs buffer pointer/length.
368 brcmf_tlv_has_ie(const u8 *ie, const u8 **tlvs, u32 *tlvs_len,
369 const u8 *oui, u32 oui_len, u8 type)
371 /* If the contents match the OUI and the type */
372 if (ie[TLV_LEN_OFF] >= oui_len + 1 &&
373 !memcmp(&ie[TLV_BODY_OFF], oui, oui_len) &&
374 type == ie[TLV_BODY_OFF + oui_len]) {
380 /* point to the next ie */
381 ie += ie[TLV_LEN_OFF] + TLV_HDR_LEN;
382 /* calculate the length of the rest of the buffer */
383 *tlvs_len -= (int)(ie - *tlvs);
384 /* update the pointer to the start of the buffer */
390 static struct brcmf_vs_tlv *
391 brcmf_find_wpaie(const u8 *parse, u32 len)
393 const struct brcmf_tlv *ie;
395 while ((ie = brcmf_parse_tlvs(parse, len, WLAN_EID_VENDOR_SPECIFIC))) {
396 if (brcmf_tlv_has_ie((const u8 *)ie, &parse, &len,
397 WPA_OUI, TLV_OUI_LEN, WPA_OUI_TYPE))
398 return (struct brcmf_vs_tlv *)ie;
403 static struct brcmf_vs_tlv *
404 brcmf_find_wpsie(const u8 *parse, u32 len)
406 const struct brcmf_tlv *ie;
408 while ((ie = brcmf_parse_tlvs(parse, len, WLAN_EID_VENDOR_SPECIFIC))) {
409 if (brcmf_tlv_has_ie((u8 *)ie, &parse, &len,
410 WPA_OUI, TLV_OUI_LEN, WPS_OUI_TYPE))
411 return (struct brcmf_vs_tlv *)ie;
416 static int brcmf_vif_change_validate(struct brcmf_cfg80211_info *cfg,
417 struct brcmf_cfg80211_vif *vif,
418 enum nl80211_iftype new_type)
420 struct brcmf_cfg80211_vif *pos;
421 bool check_combos = false;
423 struct iface_combination_params params = {
424 .num_different_channels = 1,
427 list_for_each_entry(pos, &cfg->vif_list, list)
429 params.iftype_num[new_type]++;
431 /* concurrent interfaces so need check combinations */
433 params.iftype_num[pos->wdev.iftype]++;
437 ret = cfg80211_check_combinations(cfg->wiphy, ¶ms);
442 static int brcmf_vif_add_validate(struct brcmf_cfg80211_info *cfg,
443 enum nl80211_iftype new_type)
445 struct brcmf_cfg80211_vif *pos;
446 struct iface_combination_params params = {
447 .num_different_channels = 1,
450 list_for_each_entry(pos, &cfg->vif_list, list)
451 params.iftype_num[pos->wdev.iftype]++;
453 params.iftype_num[new_type]++;
454 return cfg80211_check_combinations(cfg->wiphy, ¶ms);
457 static void convert_key_from_CPU(struct brcmf_wsec_key *key,
458 struct brcmf_wsec_key_le *key_le)
460 key_le->index = cpu_to_le32(key->index);
461 key_le->len = cpu_to_le32(key->len);
462 key_le->algo = cpu_to_le32(key->algo);
463 key_le->flags = cpu_to_le32(key->flags);
464 key_le->rxiv.hi = cpu_to_le32(key->rxiv.hi);
465 key_le->rxiv.lo = cpu_to_le16(key->rxiv.lo);
466 key_le->iv_initialized = cpu_to_le32(key->iv_initialized);
467 memcpy(key_le->data, key->data, sizeof(key->data));
468 memcpy(key_le->ea, key->ea, sizeof(key->ea));
472 send_key_to_dongle(struct brcmf_if *ifp, struct brcmf_wsec_key *key)
474 struct brcmf_pub *drvr = ifp->drvr;
476 struct brcmf_wsec_key_le key_le;
478 convert_key_from_CPU(key, &key_le);
480 brcmf_netdev_wait_pend8021x(ifp);
482 err = brcmf_fil_bsscfg_data_set(ifp, "wsec_key", &key_le,
486 bphy_err(drvr, "wsec_key error (%d)\n", err);
491 brcmf_cfg80211_update_proto_addr_mode(struct wireless_dev *wdev)
493 struct brcmf_cfg80211_vif *vif;
494 struct brcmf_if *ifp;
496 vif = container_of(wdev, struct brcmf_cfg80211_vif, wdev);
499 if ((wdev->iftype == NL80211_IFTYPE_ADHOC) ||
500 (wdev->iftype == NL80211_IFTYPE_AP) ||
501 (wdev->iftype == NL80211_IFTYPE_P2P_GO))
502 brcmf_proto_configure_addr_mode(ifp->drvr, ifp->ifidx,
505 brcmf_proto_configure_addr_mode(ifp->drvr, ifp->ifidx,
509 static int brcmf_get_first_free_bsscfgidx(struct brcmf_pub *drvr)
513 for (bsscfgidx = 0; bsscfgidx < BRCMF_MAX_IFS; bsscfgidx++) {
514 /* bsscfgidx 1 is reserved for legacy P2P */
517 if (!drvr->iflist[bsscfgidx])
524 static int brcmf_cfg80211_request_ap_if(struct brcmf_if *ifp)
526 struct brcmf_pub *drvr = ifp->drvr;
527 struct brcmf_mbss_ssid_le mbss_ssid_le;
531 memset(&mbss_ssid_le, 0, sizeof(mbss_ssid_le));
532 bsscfgidx = brcmf_get_first_free_bsscfgidx(ifp->drvr);
536 mbss_ssid_le.bsscfgidx = cpu_to_le32(bsscfgidx);
537 mbss_ssid_le.SSID_len = cpu_to_le32(5);
538 sprintf(mbss_ssid_le.SSID, "ssid%d" , bsscfgidx);
540 err = brcmf_fil_bsscfg_data_set(ifp, "bsscfg:ssid", &mbss_ssid_le,
541 sizeof(mbss_ssid_le));
543 bphy_err(drvr, "setting ssid failed %d\n", err);
549 * brcmf_ap_add_vif() - create a new AP virtual interface for multiple BSS
551 * @wiphy: wiphy device of new interface.
552 * @name: name of the new interface.
553 * @params: contains mac address for AP device.
556 struct wireless_dev *brcmf_ap_add_vif(struct wiphy *wiphy, const char *name,
557 struct vif_params *params)
559 struct brcmf_cfg80211_info *cfg = wiphy_to_cfg(wiphy);
560 struct brcmf_if *ifp = netdev_priv(cfg_to_ndev(cfg));
561 struct brcmf_pub *drvr = cfg->pub;
562 struct brcmf_cfg80211_vif *vif;
565 if (brcmf_cfg80211_vif_event_armed(cfg))
566 return ERR_PTR(-EBUSY);
568 brcmf_dbg(INFO, "Adding vif \"%s\"\n", name);
570 vif = brcmf_alloc_vif(cfg, NL80211_IFTYPE_AP);
572 return (struct wireless_dev *)vif;
574 brcmf_cfg80211_arm_vif_event(cfg, vif);
576 err = brcmf_cfg80211_request_ap_if(ifp);
578 brcmf_cfg80211_arm_vif_event(cfg, NULL);
582 /* wait for firmware event */
583 err = brcmf_cfg80211_wait_vif_event(cfg, BRCMF_E_IF_ADD,
584 BRCMF_VIF_EVENT_TIMEOUT);
585 brcmf_cfg80211_arm_vif_event(cfg, NULL);
587 bphy_err(drvr, "timeout occurred\n");
592 /* interface created in firmware */
595 bphy_err(drvr, "no if pointer provided\n");
600 strncpy(ifp->ndev->name, name, sizeof(ifp->ndev->name) - 1);
601 err = brcmf_net_attach(ifp, true);
603 bphy_err(drvr, "Registering netdevice failed\n");
604 free_netdev(ifp->ndev);
608 return &ifp->vif->wdev;
615 static bool brcmf_is_apmode(struct brcmf_cfg80211_vif *vif)
617 enum nl80211_iftype iftype;
619 iftype = vif->wdev.iftype;
620 return iftype == NL80211_IFTYPE_AP || iftype == NL80211_IFTYPE_P2P_GO;
623 static bool brcmf_is_ibssmode(struct brcmf_cfg80211_vif *vif)
625 return vif->wdev.iftype == NL80211_IFTYPE_ADHOC;
629 * brcmf_mon_add_vif() - create monitor mode virtual interface
631 * @wiphy: wiphy device of new interface.
632 * @name: name of the new interface.
634 static struct wireless_dev *brcmf_mon_add_vif(struct wiphy *wiphy,
637 struct brcmf_cfg80211_info *cfg = wiphy_to_cfg(wiphy);
638 struct brcmf_cfg80211_vif *vif;
639 struct net_device *ndev;
640 struct brcmf_if *ifp;
643 if (cfg->pub->mon_if) {
648 vif = brcmf_alloc_vif(cfg, NL80211_IFTYPE_MONITOR);
654 ndev = alloc_netdev(sizeof(*ifp), name, NET_NAME_UNKNOWN, ether_setup);
659 ndev->type = ARPHRD_IEEE80211_RADIOTAP;
660 ndev->ieee80211_ptr = &vif->wdev;
661 ndev->needs_free_netdev = true;
662 ndev->priv_destructor = brcmf_cfg80211_free_netdev;
663 SET_NETDEV_DEV(ndev, wiphy_dev(cfg->wiphy));
665 ifp = netdev_priv(ndev);
668 ifp->drvr = cfg->pub;
671 vif->wdev.netdev = ndev;
673 err = brcmf_net_mon_attach(ifp);
675 brcmf_err("Failed to attach %s device\n", ndev->name);
680 cfg->pub->mon_if = ifp;
690 static int brcmf_mon_del_vif(struct wiphy *wiphy, struct wireless_dev *wdev)
692 struct brcmf_cfg80211_info *cfg = wiphy_to_cfg(wiphy);
693 struct net_device *ndev = wdev->netdev;
695 ndev->netdev_ops->ndo_stop(ndev);
697 brcmf_net_detach(ndev, true);
699 cfg->pub->mon_if = NULL;
704 static struct wireless_dev *brcmf_cfg80211_add_iface(struct wiphy *wiphy,
706 unsigned char name_assign_type,
707 enum nl80211_iftype type,
708 struct vif_params *params)
710 struct brcmf_cfg80211_info *cfg = wiphy_to_cfg(wiphy);
711 struct brcmf_pub *drvr = cfg->pub;
712 struct wireless_dev *wdev;
715 brcmf_dbg(TRACE, "enter: %s type %d\n", name, type);
716 err = brcmf_vif_add_validate(wiphy_to_cfg(wiphy), type);
718 bphy_err(drvr, "iface validation failed: err=%d\n", err);
722 case NL80211_IFTYPE_ADHOC:
723 case NL80211_IFTYPE_STATION:
724 case NL80211_IFTYPE_AP_VLAN:
725 case NL80211_IFTYPE_WDS:
726 case NL80211_IFTYPE_MESH_POINT:
727 return ERR_PTR(-EOPNOTSUPP);
728 case NL80211_IFTYPE_MONITOR:
729 return brcmf_mon_add_vif(wiphy, name);
730 case NL80211_IFTYPE_AP:
731 wdev = brcmf_ap_add_vif(wiphy, name, params);
733 case NL80211_IFTYPE_P2P_CLIENT:
734 case NL80211_IFTYPE_P2P_GO:
735 case NL80211_IFTYPE_P2P_DEVICE:
736 wdev = brcmf_p2p_add_vif(wiphy, name, name_assign_type, type, params);
738 case NL80211_IFTYPE_UNSPECIFIED:
740 return ERR_PTR(-EINVAL);
744 bphy_err(drvr, "add iface %s type %d failed: err=%d\n", name,
745 type, (int)PTR_ERR(wdev));
747 brcmf_cfg80211_update_proto_addr_mode(wdev);
752 static void brcmf_scan_config_mpc(struct brcmf_if *ifp, int mpc)
754 if (brcmf_feat_is_quirk_enabled(ifp, BRCMF_FEAT_QUIRK_NEED_MPC))
755 brcmf_set_mpc(ifp, mpc);
758 void brcmf_set_mpc(struct brcmf_if *ifp, int mpc)
760 struct brcmf_pub *drvr = ifp->drvr;
763 if (check_vif_up(ifp->vif)) {
764 err = brcmf_fil_iovar_int_set(ifp, "mpc", mpc);
766 bphy_err(drvr, "fail to set mpc\n");
769 brcmf_dbg(INFO, "MPC : %d\n", mpc);
773 s32 brcmf_notify_escan_complete(struct brcmf_cfg80211_info *cfg,
774 struct brcmf_if *ifp, bool aborted,
777 struct brcmf_pub *drvr = cfg->pub;
778 struct brcmf_scan_params_le params_le;
779 struct cfg80211_scan_request *scan_request;
784 brcmf_dbg(SCAN, "Enter\n");
786 /* clear scan request, because the FW abort can cause a second call */
787 /* to this functon and might cause a double cfg80211_scan_done */
788 scan_request = cfg->scan_request;
789 cfg->scan_request = NULL;
791 if (timer_pending(&cfg->escan_timeout))
792 del_timer_sync(&cfg->escan_timeout);
795 /* Do a scan abort to stop the driver's scan engine */
796 brcmf_dbg(SCAN, "ABORT scan in firmware\n");
797 memset(¶ms_le, 0, sizeof(params_le));
798 eth_broadcast_addr(params_le.bssid);
799 params_le.bss_type = DOT11_BSSTYPE_ANY;
800 params_le.scan_type = 0;
801 params_le.channel_num = cpu_to_le32(1);
802 params_le.nprobes = cpu_to_le32(1);
803 params_le.active_time = cpu_to_le32(-1);
804 params_le.passive_time = cpu_to_le32(-1);
805 params_le.home_time = cpu_to_le32(-1);
806 /* Scan is aborted by setting channel_list[0] to -1 */
807 params_le.channel_list[0] = cpu_to_le16(-1);
808 /* E-Scan (or anyother type) can be aborted by SCAN */
809 err = brcmf_fil_cmd_data_set(ifp, BRCMF_C_SCAN,
810 ¶ms_le, sizeof(params_le));
812 bphy_err(drvr, "Scan abort failed\n");
815 brcmf_scan_config_mpc(ifp, 1);
818 * e-scan can be initiated internally
819 * which takes precedence.
821 if (cfg->int_escan_map) {
822 brcmf_dbg(SCAN, "scheduled scan completed (%x)\n",
824 while (cfg->int_escan_map) {
825 bucket = __ffs(cfg->int_escan_map);
826 cfg->int_escan_map &= ~BIT(bucket);
827 reqid = brcmf_pno_find_reqid_by_bucket(cfg->pno,
830 brcmf_dbg(SCAN, "report results: reqid=%llu\n",
832 cfg80211_sched_scan_results(cfg_to_wiphy(cfg),
836 } else if (scan_request) {
837 struct cfg80211_scan_info info = {
841 brcmf_dbg(SCAN, "ESCAN Completed scan: %s\n",
842 aborted ? "Aborted" : "Done");
843 cfg80211_scan_done(scan_request, &info);
845 if (!test_and_clear_bit(BRCMF_SCAN_STATUS_BUSY, &cfg->scan_status))
846 brcmf_dbg(SCAN, "Scan complete, probably P2P scan\n");
851 static int brcmf_cfg80211_del_ap_iface(struct wiphy *wiphy,
852 struct wireless_dev *wdev)
854 struct brcmf_cfg80211_info *cfg = wiphy_to_cfg(wiphy);
855 struct net_device *ndev = wdev->netdev;
856 struct brcmf_if *ifp = netdev_priv(ndev);
857 struct brcmf_pub *drvr = cfg->pub;
861 brcmf_cfg80211_arm_vif_event(cfg, ifp->vif);
863 err = brcmf_fil_bsscfg_data_set(ifp, "interface_remove", NULL, 0);
865 bphy_err(drvr, "interface_remove failed %d\n", err);
869 /* wait for firmware event */
870 ret = brcmf_cfg80211_wait_vif_event(cfg, BRCMF_E_IF_DEL,
871 BRCMF_VIF_EVENT_TIMEOUT);
873 bphy_err(drvr, "timeout occurred\n");
878 brcmf_remove_interface(ifp, true);
881 brcmf_cfg80211_arm_vif_event(cfg, NULL);
886 int brcmf_cfg80211_del_iface(struct wiphy *wiphy, struct wireless_dev *wdev)
888 struct brcmf_cfg80211_info *cfg = wiphy_to_cfg(wiphy);
889 struct net_device *ndev = wdev->netdev;
891 if (ndev && ndev == cfg_to_ndev(cfg))
894 /* vif event pending in firmware */
895 if (brcmf_cfg80211_vif_event_armed(cfg))
899 if (test_bit(BRCMF_SCAN_STATUS_BUSY, &cfg->scan_status) &&
900 cfg->escan_info.ifp == netdev_priv(ndev))
901 brcmf_notify_escan_complete(cfg, netdev_priv(ndev),
904 brcmf_fil_iovar_int_set(netdev_priv(ndev), "mpc", 1);
907 switch (wdev->iftype) {
908 case NL80211_IFTYPE_ADHOC:
909 case NL80211_IFTYPE_STATION:
910 case NL80211_IFTYPE_AP_VLAN:
911 case NL80211_IFTYPE_WDS:
912 case NL80211_IFTYPE_MESH_POINT:
914 case NL80211_IFTYPE_MONITOR:
915 return brcmf_mon_del_vif(wiphy, wdev);
916 case NL80211_IFTYPE_AP:
917 return brcmf_cfg80211_del_ap_iface(wiphy, wdev);
918 case NL80211_IFTYPE_P2P_CLIENT:
919 case NL80211_IFTYPE_P2P_GO:
920 case NL80211_IFTYPE_P2P_DEVICE:
921 return brcmf_p2p_del_vif(wiphy, wdev);
922 case NL80211_IFTYPE_UNSPECIFIED:
930 brcmf_cfg80211_change_iface(struct wiphy *wiphy, struct net_device *ndev,
931 enum nl80211_iftype type,
932 struct vif_params *params)
934 struct brcmf_cfg80211_info *cfg = wiphy_to_cfg(wiphy);
935 struct brcmf_if *ifp = netdev_priv(ndev);
936 struct brcmf_cfg80211_vif *vif = ifp->vif;
937 struct brcmf_pub *drvr = cfg->pub;
942 brcmf_dbg(TRACE, "Enter, bsscfgidx=%d, type=%d\n", ifp->bsscfgidx,
945 /* WAR: There are a number of p2p interface related problems which
946 * need to be handled initially (before doing the validate).
947 * wpa_supplicant tends to do iface changes on p2p device/client/go
948 * which are not always possible/allowed. However we need to return
949 * OK otherwise the wpa_supplicant wont start. The situation differs
950 * on configuration and setup (p2pon=1 module param). The first check
951 * is to see if the request is a change to station for p2p iface.
953 if ((type == NL80211_IFTYPE_STATION) &&
954 ((vif->wdev.iftype == NL80211_IFTYPE_P2P_CLIENT) ||
955 (vif->wdev.iftype == NL80211_IFTYPE_P2P_GO) ||
956 (vif->wdev.iftype == NL80211_IFTYPE_P2P_DEVICE))) {
957 brcmf_dbg(TRACE, "Ignoring cmd for p2p if\n");
958 /* Now depending on whether module param p2pon=1 was used the
959 * response needs to be either 0 or EOPNOTSUPP. The reason is
960 * that if p2pon=1 is used, but a newer supplicant is used then
961 * we should return an error, as this combination wont work.
962 * In other situations 0 is returned and supplicant will start
963 * normally. It will give a trace in cfg80211, but it is the
964 * only way to get it working. Unfortunately this will result
965 * in situation where we wont support new supplicant in
966 * combination with module param p2pon=1, but that is the way
967 * it is. If the user tries this then unloading of driver might
970 if (cfg->p2p.p2pdev_dynamically)
975 err = brcmf_vif_change_validate(wiphy_to_cfg(wiphy), vif, type);
977 bphy_err(drvr, "iface validation failed: err=%d\n", err);
981 case NL80211_IFTYPE_MONITOR:
982 case NL80211_IFTYPE_WDS:
983 bphy_err(drvr, "type (%d) : currently we do not support this type\n",
986 case NL80211_IFTYPE_ADHOC:
989 case NL80211_IFTYPE_STATION:
992 case NL80211_IFTYPE_AP:
993 case NL80211_IFTYPE_P2P_GO:
1002 if (type == NL80211_IFTYPE_P2P_GO) {
1003 brcmf_dbg(INFO, "IF Type = P2P GO\n");
1004 err = brcmf_p2p_ifchange(cfg, BRCMF_FIL_P2P_IF_GO);
1007 brcmf_dbg(INFO, "IF Type = AP\n");
1010 err = brcmf_fil_cmd_int_set(ifp, BRCMF_C_SET_INFRA, infra);
1012 bphy_err(drvr, "WLC_SET_INFRA error (%d)\n", err);
1016 brcmf_dbg(INFO, "IF Type = %s\n", brcmf_is_ibssmode(vif) ?
1019 ndev->ieee80211_ptr->iftype = type;
1021 brcmf_cfg80211_update_proto_addr_mode(&vif->wdev);
1024 brcmf_dbg(TRACE, "Exit\n");
1029 static void brcmf_escan_prep(struct brcmf_cfg80211_info *cfg,
1030 struct brcmf_scan_params_le *params_le,
1031 struct cfg80211_scan_request *request)
1039 struct brcmf_ssid_le ssid_le;
1041 eth_broadcast_addr(params_le->bssid);
1042 params_le->bss_type = DOT11_BSSTYPE_ANY;
1043 params_le->scan_type = BRCMF_SCANTYPE_ACTIVE;
1044 params_le->channel_num = 0;
1045 params_le->nprobes = cpu_to_le32(-1);
1046 params_le->active_time = cpu_to_le32(-1);
1047 params_le->passive_time = cpu_to_le32(-1);
1048 params_le->home_time = cpu_to_le32(-1);
1049 memset(¶ms_le->ssid_le, 0, sizeof(params_le->ssid_le));
1051 n_ssids = request->n_ssids;
1052 n_channels = request->n_channels;
1054 /* Copy channel array if applicable */
1055 brcmf_dbg(SCAN, "### List of channelspecs to scan ### %d\n",
1057 if (n_channels > 0) {
1058 for (i = 0; i < n_channels; i++) {
1059 chanspec = channel_to_chanspec(&cfg->d11inf,
1060 request->channels[i]);
1061 brcmf_dbg(SCAN, "Chan : %d, Channel spec: %x\n",
1062 request->channels[i]->hw_value, chanspec);
1063 params_le->channel_list[i] = cpu_to_le16(chanspec);
1066 brcmf_dbg(SCAN, "Scanning all channels\n");
1068 /* Copy ssid array if applicable */
1069 brcmf_dbg(SCAN, "### List of SSIDs to scan ### %d\n", n_ssids);
1071 offset = offsetof(struct brcmf_scan_params_le, channel_list) +
1072 n_channels * sizeof(u16);
1073 offset = roundup(offset, sizeof(u32));
1074 ptr = (char *)params_le + offset;
1075 for (i = 0; i < n_ssids; i++) {
1076 memset(&ssid_le, 0, sizeof(ssid_le));
1078 cpu_to_le32(request->ssids[i].ssid_len);
1079 memcpy(ssid_le.SSID, request->ssids[i].ssid,
1080 request->ssids[i].ssid_len);
1081 if (!ssid_le.SSID_len)
1082 brcmf_dbg(SCAN, "%d: Broadcast scan\n", i);
1084 brcmf_dbg(SCAN, "%d: scan for %.32s size=%d\n",
1085 i, ssid_le.SSID, ssid_le.SSID_len);
1086 memcpy(ptr, &ssid_le, sizeof(ssid_le));
1087 ptr += sizeof(ssid_le);
1090 brcmf_dbg(SCAN, "Performing passive scan\n");
1091 params_le->scan_type = BRCMF_SCANTYPE_PASSIVE;
1093 /* Adding mask to channel numbers */
1094 params_le->channel_num =
1095 cpu_to_le32((n_ssids << BRCMF_SCAN_PARAMS_NSSID_SHIFT) |
1096 (n_channels & BRCMF_SCAN_PARAMS_COUNT_MASK));
1100 brcmf_run_escan(struct brcmf_cfg80211_info *cfg, struct brcmf_if *ifp,
1101 struct cfg80211_scan_request *request)
1103 struct brcmf_pub *drvr = cfg->pub;
1104 s32 params_size = BRCMF_SCAN_PARAMS_FIXED_SIZE +
1105 offsetof(struct brcmf_escan_params_le, params_le);
1106 struct brcmf_escan_params_le *params;
1109 brcmf_dbg(SCAN, "E-SCAN START\n");
1111 if (request != NULL) {
1112 /* Allocate space for populating ssids in struct */
1113 params_size += sizeof(u32) * ((request->n_channels + 1) / 2);
1115 /* Allocate space for populating ssids in struct */
1116 params_size += sizeof(struct brcmf_ssid_le) * request->n_ssids;
1119 params = kzalloc(params_size, GFP_KERNEL);
1124 BUG_ON(params_size + sizeof("escan") >= BRCMF_DCMD_MEDLEN);
1125 brcmf_escan_prep(cfg, ¶ms->params_le, request);
1126 params->version = cpu_to_le32(BRCMF_ESCAN_REQ_VERSION);
1127 params->action = cpu_to_le16(WL_ESCAN_ACTION_START);
1128 params->sync_id = cpu_to_le16(0x1234);
1130 err = brcmf_fil_iovar_data_set(ifp, "escan", params, params_size);
1133 brcmf_dbg(INFO, "system busy : escan canceled\n");
1135 bphy_err(drvr, "error (%d)\n", err);
1144 brcmf_do_escan(struct brcmf_if *ifp, struct cfg80211_scan_request *request)
1146 struct brcmf_cfg80211_info *cfg = ifp->drvr->config;
1148 struct brcmf_scan_results *results;
1149 struct escan_info *escan = &cfg->escan_info;
1151 brcmf_dbg(SCAN, "Enter\n");
1153 escan->wiphy = cfg->wiphy;
1154 escan->escan_state = WL_ESCAN_STATE_SCANNING;
1156 brcmf_scan_config_mpc(ifp, 0);
1157 results = (struct brcmf_scan_results *)cfg->escan_info.escan_buf;
1158 results->version = 0;
1160 results->buflen = WL_ESCAN_RESULTS_FIXED_SIZE;
1162 err = escan->run(cfg, ifp, request);
1164 brcmf_scan_config_mpc(ifp, 1);
1169 brcmf_cfg80211_scan(struct wiphy *wiphy, struct cfg80211_scan_request *request)
1171 struct brcmf_cfg80211_info *cfg = wiphy_to_cfg(wiphy);
1172 struct brcmf_pub *drvr = cfg->pub;
1173 struct brcmf_cfg80211_vif *vif;
1176 brcmf_dbg(TRACE, "Enter\n");
1177 vif = container_of(request->wdev, struct brcmf_cfg80211_vif, wdev);
1178 if (!check_vif_up(vif))
1181 if (test_bit(BRCMF_SCAN_STATUS_BUSY, &cfg->scan_status)) {
1182 bphy_err(drvr, "Scanning already: status (%lu)\n",
1186 if (test_bit(BRCMF_SCAN_STATUS_ABORT, &cfg->scan_status)) {
1187 bphy_err(drvr, "Scanning being aborted: status (%lu)\n",
1191 if (test_bit(BRCMF_SCAN_STATUS_SUPPRESS, &cfg->scan_status)) {
1192 bphy_err(drvr, "Scanning suppressed: status (%lu)\n",
1196 if (test_bit(BRCMF_VIF_STATUS_CONNECTING, &vif->sme_state)) {
1197 bphy_err(drvr, "Connecting: status (%lu)\n", vif->sme_state);
1201 /* If scan req comes for p2p0, send it over primary I/F */
1202 if (vif == cfg->p2p.bss_idx[P2PAPI_BSSCFG_DEVICE].vif)
1203 vif = cfg->p2p.bss_idx[P2PAPI_BSSCFG_PRIMARY].vif;
1205 brcmf_dbg(SCAN, "START ESCAN\n");
1207 cfg->scan_request = request;
1208 set_bit(BRCMF_SCAN_STATUS_BUSY, &cfg->scan_status);
1210 cfg->escan_info.run = brcmf_run_escan;
1211 err = brcmf_p2p_scan_prep(wiphy, request, vif);
1215 err = brcmf_vif_set_mgmt_ie(vif, BRCMF_VNDR_IE_PRBREQ_FLAG,
1216 request->ie, request->ie_len);
1220 err = brcmf_do_escan(vif->ifp, request);
1224 /* Arm scan timeout timer */
1225 mod_timer(&cfg->escan_timeout,
1226 jiffies + msecs_to_jiffies(BRCMF_ESCAN_TIMER_INTERVAL_MS));
1231 bphy_err(drvr, "scan error (%d)\n", err);
1232 clear_bit(BRCMF_SCAN_STATUS_BUSY, &cfg->scan_status);
1233 cfg->scan_request = NULL;
1237 static s32 brcmf_set_rts(struct net_device *ndev, u32 rts_threshold)
1239 struct brcmf_if *ifp = netdev_priv(ndev);
1240 struct brcmf_pub *drvr = ifp->drvr;
1243 err = brcmf_fil_iovar_int_set(ifp, "rtsthresh", rts_threshold);
1245 bphy_err(drvr, "Error (%d)\n", err);
1250 static s32 brcmf_set_frag(struct net_device *ndev, u32 frag_threshold)
1252 struct brcmf_if *ifp = netdev_priv(ndev);
1253 struct brcmf_pub *drvr = ifp->drvr;
1256 err = brcmf_fil_iovar_int_set(ifp, "fragthresh",
1259 bphy_err(drvr, "Error (%d)\n", err);
1264 static s32 brcmf_set_retry(struct net_device *ndev, u32 retry, bool l)
1266 struct brcmf_if *ifp = netdev_priv(ndev);
1267 struct brcmf_pub *drvr = ifp->drvr;
1269 u32 cmd = (l ? BRCMF_C_SET_LRL : BRCMF_C_SET_SRL);
1271 err = brcmf_fil_cmd_int_set(ifp, cmd, retry);
1273 bphy_err(drvr, "cmd (%d) , error (%d)\n", cmd, err);
1279 static s32 brcmf_cfg80211_set_wiphy_params(struct wiphy *wiphy, u32 changed)
1281 struct brcmf_cfg80211_info *cfg = wiphy_to_cfg(wiphy);
1282 struct net_device *ndev = cfg_to_ndev(cfg);
1283 struct brcmf_if *ifp = netdev_priv(ndev);
1286 brcmf_dbg(TRACE, "Enter\n");
1287 if (!check_vif_up(ifp->vif))
1290 if (changed & WIPHY_PARAM_RTS_THRESHOLD &&
1291 (cfg->conf->rts_threshold != wiphy->rts_threshold)) {
1292 cfg->conf->rts_threshold = wiphy->rts_threshold;
1293 err = brcmf_set_rts(ndev, cfg->conf->rts_threshold);
1297 if (changed & WIPHY_PARAM_FRAG_THRESHOLD &&
1298 (cfg->conf->frag_threshold != wiphy->frag_threshold)) {
1299 cfg->conf->frag_threshold = wiphy->frag_threshold;
1300 err = brcmf_set_frag(ndev, cfg->conf->frag_threshold);
1304 if (changed & WIPHY_PARAM_RETRY_LONG
1305 && (cfg->conf->retry_long != wiphy->retry_long)) {
1306 cfg->conf->retry_long = wiphy->retry_long;
1307 err = brcmf_set_retry(ndev, cfg->conf->retry_long, true);
1311 if (changed & WIPHY_PARAM_RETRY_SHORT
1312 && (cfg->conf->retry_short != wiphy->retry_short)) {
1313 cfg->conf->retry_short = wiphy->retry_short;
1314 err = brcmf_set_retry(ndev, cfg->conf->retry_short, false);
1320 brcmf_dbg(TRACE, "Exit\n");
1324 static void brcmf_init_prof(struct brcmf_cfg80211_profile *prof)
1326 memset(prof, 0, sizeof(*prof));
1329 static u16 brcmf_map_fw_linkdown_reason(const struct brcmf_event_msg *e)
1333 switch (e->event_code) {
1334 case BRCMF_E_DEAUTH:
1335 case BRCMF_E_DEAUTH_IND:
1336 case BRCMF_E_DISASSOC_IND:
1347 static int brcmf_set_pmk(struct brcmf_if *ifp, const u8 *pmk_data, u16 pmk_len)
1349 struct brcmf_pub *drvr = ifp->drvr;
1350 struct brcmf_wsec_pmk_le pmk;
1353 /* convert to firmware key format */
1354 pmk.key_len = cpu_to_le16(pmk_len << 1);
1355 pmk.flags = cpu_to_le16(BRCMF_WSEC_PASSPHRASE);
1356 for (i = 0; i < pmk_len; i++)
1357 snprintf(&pmk.key[2 * i], 3, "%02x", pmk_data[i]);
1359 /* store psk in firmware */
1360 err = brcmf_fil_cmd_data_set(ifp, BRCMF_C_SET_WSEC_PMK,
1363 bphy_err(drvr, "failed to change PSK in firmware (len=%u)\n",
1369 static int brcmf_set_sae_password(struct brcmf_if *ifp, const u8 *pwd_data,
1372 struct brcmf_pub *drvr = ifp->drvr;
1373 struct brcmf_wsec_sae_pwd_le sae_pwd;
1376 if (pwd_len > BRCMF_WSEC_MAX_SAE_PASSWORD_LEN) {
1377 bphy_err(drvr, "sae_password must be less than %d\n",
1378 BRCMF_WSEC_MAX_SAE_PASSWORD_LEN);
1382 sae_pwd.key_len = cpu_to_le16(pwd_len);
1383 memcpy(sae_pwd.key, pwd_data, pwd_len);
1385 err = brcmf_fil_iovar_data_set(ifp, "sae_password", &sae_pwd,
1388 bphy_err(drvr, "failed to set SAE password in firmware (len=%u)\n",
1394 static void brcmf_link_down(struct brcmf_cfg80211_vif *vif, u16 reason,
1395 bool locally_generated)
1397 struct brcmf_cfg80211_info *cfg = wiphy_to_cfg(vif->wdev.wiphy);
1398 struct brcmf_pub *drvr = cfg->pub;
1399 bool bus_up = drvr->bus_if->state == BRCMF_BUS_UP;
1402 brcmf_dbg(TRACE, "Enter\n");
1404 if (test_and_clear_bit(BRCMF_VIF_STATUS_CONNECTED, &vif->sme_state)) {
1406 brcmf_dbg(INFO, "Call WLC_DISASSOC to stop excess roaming\n");
1407 err = brcmf_fil_cmd_data_set(vif->ifp,
1408 BRCMF_C_DISASSOC, NULL, 0);
1410 bphy_err(drvr, "WLC_DISASSOC failed (%d)\n",
1414 if ((vif->wdev.iftype == NL80211_IFTYPE_STATION) ||
1415 (vif->wdev.iftype == NL80211_IFTYPE_P2P_CLIENT))
1416 cfg80211_disconnected(vif->wdev.netdev, reason, NULL, 0,
1417 locally_generated, GFP_KERNEL);
1419 clear_bit(BRCMF_VIF_STATUS_CONNECTING, &vif->sme_state);
1420 clear_bit(BRCMF_SCAN_STATUS_SUPPRESS, &cfg->scan_status);
1421 brcmf_btcoex_set_mode(vif, BRCMF_BTCOEX_ENABLED, 0);
1422 if (vif->profile.use_fwsup != BRCMF_PROFILE_FWSUP_NONE) {
1424 brcmf_set_pmk(vif->ifp, NULL, 0);
1425 vif->profile.use_fwsup = BRCMF_PROFILE_FWSUP_NONE;
1427 brcmf_dbg(TRACE, "Exit\n");
1431 brcmf_cfg80211_join_ibss(struct wiphy *wiphy, struct net_device *ndev,
1432 struct cfg80211_ibss_params *params)
1434 struct brcmf_cfg80211_info *cfg = wiphy_to_cfg(wiphy);
1435 struct brcmf_if *ifp = netdev_priv(ndev);
1436 struct brcmf_cfg80211_profile *profile = &ifp->vif->profile;
1437 struct brcmf_pub *drvr = cfg->pub;
1438 struct brcmf_join_params join_params;
1439 size_t join_params_size = 0;
1446 brcmf_dbg(TRACE, "Enter\n");
1447 if (!check_vif_up(ifp->vif))
1451 brcmf_dbg(CONN, "SSID: %s\n", params->ssid);
1453 brcmf_dbg(CONN, "SSID: NULL, Not supported\n");
1457 set_bit(BRCMF_VIF_STATUS_CONNECTING, &ifp->vif->sme_state);
1460 brcmf_dbg(CONN, "BSSID: %pM\n", params->bssid);
1462 brcmf_dbg(CONN, "No BSSID specified\n");
1464 if (params->chandef.chan)
1465 brcmf_dbg(CONN, "channel: %d\n",
1466 params->chandef.chan->center_freq);
1468 brcmf_dbg(CONN, "no channel specified\n");
1470 if (params->channel_fixed)
1471 brcmf_dbg(CONN, "fixed channel required\n");
1473 brcmf_dbg(CONN, "no fixed channel required\n");
1475 if (params->ie && params->ie_len)
1476 brcmf_dbg(CONN, "ie len: %d\n", params->ie_len);
1478 brcmf_dbg(CONN, "no ie specified\n");
1480 if (params->beacon_interval)
1481 brcmf_dbg(CONN, "beacon interval: %d\n",
1482 params->beacon_interval);
1484 brcmf_dbg(CONN, "no beacon interval specified\n");
1486 if (params->basic_rates)
1487 brcmf_dbg(CONN, "basic rates: %08X\n", params->basic_rates);
1489 brcmf_dbg(CONN, "no basic rates specified\n");
1491 if (params->privacy)
1492 brcmf_dbg(CONN, "privacy required\n");
1494 brcmf_dbg(CONN, "no privacy required\n");
1496 /* Configure Privacy for starter */
1497 if (params->privacy)
1498 wsec |= WEP_ENABLED;
1500 err = brcmf_fil_iovar_int_set(ifp, "wsec", wsec);
1502 bphy_err(drvr, "wsec failed (%d)\n", err);
1506 /* Configure Beacon Interval for starter */
1507 if (params->beacon_interval)
1508 bcnprd = params->beacon_interval;
1512 err = brcmf_fil_cmd_int_set(ifp, BRCMF_C_SET_BCNPRD, bcnprd);
1514 bphy_err(drvr, "WLC_SET_BCNPRD failed (%d)\n", err);
1518 /* Configure required join parameter */
1519 memset(&join_params, 0, sizeof(struct brcmf_join_params));
1522 ssid_len = min_t(u32, params->ssid_len, IEEE80211_MAX_SSID_LEN);
1523 memcpy(join_params.ssid_le.SSID, params->ssid, ssid_len);
1524 join_params.ssid_le.SSID_len = cpu_to_le32(ssid_len);
1525 join_params_size = sizeof(join_params.ssid_le);
1528 if (params->bssid) {
1529 memcpy(join_params.params_le.bssid, params->bssid, ETH_ALEN);
1530 join_params_size += BRCMF_ASSOC_PARAMS_FIXED_SIZE;
1531 memcpy(profile->bssid, params->bssid, ETH_ALEN);
1533 eth_broadcast_addr(join_params.params_le.bssid);
1534 eth_zero_addr(profile->bssid);
1538 if (params->chandef.chan) {
1542 ieee80211_frequency_to_channel(
1543 params->chandef.chan->center_freq);
1544 if (params->channel_fixed) {
1545 /* adding chanspec */
1546 chanspec = chandef_to_chanspec(&cfg->d11inf,
1548 join_params.params_le.chanspec_list[0] =
1549 cpu_to_le16(chanspec);
1550 join_params.params_le.chanspec_num = cpu_to_le32(1);
1551 join_params_size += sizeof(join_params.params_le);
1554 /* set channel for starter */
1555 target_channel = cfg->channel;
1556 err = brcmf_fil_cmd_int_set(ifp, BRCMF_C_SET_CHANNEL,
1559 bphy_err(drvr, "WLC_SET_CHANNEL failed (%d)\n", err);
1565 cfg->ibss_starter = false;
1568 err = brcmf_fil_cmd_data_set(ifp, BRCMF_C_SET_SSID,
1569 &join_params, join_params_size);
1571 bphy_err(drvr, "WLC_SET_SSID failed (%d)\n", err);
1577 clear_bit(BRCMF_VIF_STATUS_CONNECTING, &ifp->vif->sme_state);
1578 brcmf_dbg(TRACE, "Exit\n");
1583 brcmf_cfg80211_leave_ibss(struct wiphy *wiphy, struct net_device *ndev)
1585 struct brcmf_if *ifp = netdev_priv(ndev);
1587 brcmf_dbg(TRACE, "Enter\n");
1588 if (!check_vif_up(ifp->vif)) {
1589 /* When driver is being unloaded, it can end up here. If an
1590 * error is returned then later on a debug trace in the wireless
1591 * core module will be printed. To avoid this 0 is returned.
1596 brcmf_link_down(ifp->vif, WLAN_REASON_DEAUTH_LEAVING, true);
1597 brcmf_net_setcarrier(ifp, false);
1599 brcmf_dbg(TRACE, "Exit\n");
1604 static s32 brcmf_set_wpa_version(struct net_device *ndev,
1605 struct cfg80211_connect_params *sme)
1607 struct brcmf_if *ifp = netdev_priv(ndev);
1608 struct brcmf_cfg80211_profile *profile = ndev_to_prof(ndev);
1609 struct brcmf_pub *drvr = ifp->drvr;
1610 struct brcmf_cfg80211_security *sec;
1614 if (sme->crypto.wpa_versions & NL80211_WPA_VERSION_1)
1615 val = WPA_AUTH_PSK | WPA_AUTH_UNSPECIFIED;
1616 else if (sme->crypto.wpa_versions & NL80211_WPA_VERSION_2)
1617 val = WPA2_AUTH_PSK | WPA2_AUTH_UNSPECIFIED;
1618 else if (sme->crypto.wpa_versions & NL80211_WPA_VERSION_3)
1619 val = WPA3_AUTH_SAE_PSK;
1621 val = WPA_AUTH_DISABLED;
1622 brcmf_dbg(CONN, "setting wpa_auth to 0x%0x\n", val);
1623 err = brcmf_fil_bsscfg_int_set(ifp, "wpa_auth", val);
1625 bphy_err(drvr, "set wpa_auth failed (%d)\n", err);
1628 sec = &profile->sec;
1629 sec->wpa_versions = sme->crypto.wpa_versions;
1633 static s32 brcmf_set_auth_type(struct net_device *ndev,
1634 struct cfg80211_connect_params *sme)
1636 struct brcmf_if *ifp = netdev_priv(ndev);
1637 struct brcmf_cfg80211_profile *profile = ndev_to_prof(ndev);
1638 struct brcmf_pub *drvr = ifp->drvr;
1639 struct brcmf_cfg80211_security *sec;
1643 switch (sme->auth_type) {
1644 case NL80211_AUTHTYPE_OPEN_SYSTEM:
1646 brcmf_dbg(CONN, "open system\n");
1648 case NL80211_AUTHTYPE_SHARED_KEY:
1650 brcmf_dbg(CONN, "shared key\n");
1652 case NL80211_AUTHTYPE_SAE:
1654 brcmf_dbg(CONN, "SAE authentication\n");
1658 brcmf_dbg(CONN, "automatic, auth type (%d)\n", sme->auth_type);
1662 err = brcmf_fil_bsscfg_int_set(ifp, "auth", val);
1664 bphy_err(drvr, "set auth failed (%d)\n", err);
1667 sec = &profile->sec;
1668 sec->auth_type = sme->auth_type;
1673 brcmf_set_wsec_mode(struct net_device *ndev,
1674 struct cfg80211_connect_params *sme)
1676 struct brcmf_if *ifp = netdev_priv(ndev);
1677 struct brcmf_cfg80211_profile *profile = ndev_to_prof(ndev);
1678 struct brcmf_pub *drvr = ifp->drvr;
1679 struct brcmf_cfg80211_security *sec;
1685 if (sme->crypto.n_ciphers_pairwise) {
1686 switch (sme->crypto.ciphers_pairwise[0]) {
1687 case WLAN_CIPHER_SUITE_WEP40:
1688 case WLAN_CIPHER_SUITE_WEP104:
1691 case WLAN_CIPHER_SUITE_TKIP:
1692 pval = TKIP_ENABLED;
1694 case WLAN_CIPHER_SUITE_CCMP:
1697 case WLAN_CIPHER_SUITE_AES_CMAC:
1701 bphy_err(drvr, "invalid cipher pairwise (%d)\n",
1702 sme->crypto.ciphers_pairwise[0]);
1706 if (sme->crypto.cipher_group) {
1707 switch (sme->crypto.cipher_group) {
1708 case WLAN_CIPHER_SUITE_WEP40:
1709 case WLAN_CIPHER_SUITE_WEP104:
1712 case WLAN_CIPHER_SUITE_TKIP:
1713 gval = TKIP_ENABLED;
1715 case WLAN_CIPHER_SUITE_CCMP:
1718 case WLAN_CIPHER_SUITE_AES_CMAC:
1722 bphy_err(drvr, "invalid cipher group (%d)\n",
1723 sme->crypto.cipher_group);
1728 brcmf_dbg(CONN, "pval (%d) gval (%d)\n", pval, gval);
1729 /* In case of privacy, but no security and WPS then simulate */
1730 /* setting AES. WPS-2.0 allows no security */
1731 if (brcmf_find_wpsie(sme->ie, sme->ie_len) && !pval && !gval &&
1736 err = brcmf_fil_bsscfg_int_set(ifp, "wsec", wsec);
1738 bphy_err(drvr, "error (%d)\n", err);
1742 sec = &profile->sec;
1743 sec->cipher_pairwise = sme->crypto.ciphers_pairwise[0];
1744 sec->cipher_group = sme->crypto.cipher_group;
1750 brcmf_set_key_mgmt(struct net_device *ndev, struct cfg80211_connect_params *sme)
1752 struct brcmf_if *ifp = netdev_priv(ndev);
1753 struct brcmf_cfg80211_profile *profile = &ifp->vif->profile;
1754 struct brcmf_pub *drvr = ifp->drvr;
1757 const struct brcmf_tlv *rsn_ie;
1765 profile->use_fwsup = BRCMF_PROFILE_FWSUP_NONE;
1766 profile->is_ft = false;
1768 if (!sme->crypto.n_akm_suites)
1771 err = brcmf_fil_bsscfg_int_get(netdev_priv(ndev), "wpa_auth", &val);
1773 bphy_err(drvr, "could not get wpa_auth (%d)\n", err);
1776 if (val & (WPA_AUTH_PSK | WPA_AUTH_UNSPECIFIED)) {
1777 switch (sme->crypto.akm_suites[0]) {
1778 case WLAN_AKM_SUITE_8021X:
1779 val = WPA_AUTH_UNSPECIFIED;
1781 profile->use_fwsup = BRCMF_PROFILE_FWSUP_1X;
1783 case WLAN_AKM_SUITE_PSK:
1787 bphy_err(drvr, "invalid akm suite (%d)\n",
1788 sme->crypto.akm_suites[0]);
1791 } else if (val & (WPA2_AUTH_PSK | WPA2_AUTH_UNSPECIFIED)) {
1792 switch (sme->crypto.akm_suites[0]) {
1793 case WLAN_AKM_SUITE_8021X:
1794 val = WPA2_AUTH_UNSPECIFIED;
1796 profile->use_fwsup = BRCMF_PROFILE_FWSUP_1X;
1798 case WLAN_AKM_SUITE_8021X_SHA256:
1799 val = WPA2_AUTH_1X_SHA256;
1801 profile->use_fwsup = BRCMF_PROFILE_FWSUP_1X;
1803 case WLAN_AKM_SUITE_PSK_SHA256:
1804 val = WPA2_AUTH_PSK_SHA256;
1806 case WLAN_AKM_SUITE_PSK:
1807 val = WPA2_AUTH_PSK;
1809 case WLAN_AKM_SUITE_FT_8021X:
1810 val = WPA2_AUTH_UNSPECIFIED | WPA2_AUTH_FT;
1811 profile->is_ft = true;
1813 profile->use_fwsup = BRCMF_PROFILE_FWSUP_1X;
1815 case WLAN_AKM_SUITE_FT_PSK:
1816 val = WPA2_AUTH_PSK | WPA2_AUTH_FT;
1817 profile->is_ft = true;
1820 bphy_err(drvr, "invalid akm suite (%d)\n",
1821 sme->crypto.akm_suites[0]);
1824 } else if (val & WPA3_AUTH_SAE_PSK) {
1825 switch (sme->crypto.akm_suites[0]) {
1826 case WLAN_AKM_SUITE_SAE:
1827 val = WPA3_AUTH_SAE_PSK;
1828 if (sme->crypto.sae_pwd) {
1829 brcmf_dbg(INFO, "using SAE offload\n");
1830 profile->use_fwsup = BRCMF_PROFILE_FWSUP_SAE;
1833 case WLAN_AKM_SUITE_FT_OVER_SAE:
1834 val = WPA3_AUTH_SAE_PSK | WPA2_AUTH_FT;
1835 profile->is_ft = true;
1836 if (sme->crypto.sae_pwd) {
1837 brcmf_dbg(INFO, "using SAE offload\n");
1838 profile->use_fwsup = BRCMF_PROFILE_FWSUP_SAE;
1842 bphy_err(drvr, "invalid akm suite (%d)\n",
1843 sme->crypto.akm_suites[0]);
1848 if (profile->use_fwsup == BRCMF_PROFILE_FWSUP_1X)
1849 brcmf_dbg(INFO, "using 1X offload\n");
1851 if (!brcmf_feat_is_enabled(ifp, BRCMF_FEAT_MFP))
1852 goto skip_mfp_config;
1853 /* The MFP mode (1 or 2) needs to be determined, parse IEs. The
1854 * IE will not be verified, just a quick search for MFP config
1856 rsn_ie = brcmf_parse_tlvs((const u8 *)sme->ie, sme->ie_len,
1859 goto skip_mfp_config;
1860 ie = (const u8 *)rsn_ie;
1861 ie_len = rsn_ie->len + TLV_HDR_LEN;
1862 /* Skip unicast suite */
1863 offset = TLV_HDR_LEN + WPA_IE_VERSION_LEN + WPA_IE_MIN_OUI_LEN;
1864 if (offset + WPA_IE_SUITE_COUNT_LEN >= ie_len)
1865 goto skip_mfp_config;
1866 /* Skip multicast suite */
1867 count = ie[offset] + (ie[offset + 1] << 8);
1868 offset += WPA_IE_SUITE_COUNT_LEN + (count * WPA_IE_MIN_OUI_LEN);
1869 if (offset + WPA_IE_SUITE_COUNT_LEN >= ie_len)
1870 goto skip_mfp_config;
1871 /* Skip auth key management suite(s) */
1872 count = ie[offset] + (ie[offset + 1] << 8);
1873 offset += WPA_IE_SUITE_COUNT_LEN + (count * WPA_IE_MIN_OUI_LEN);
1874 if (offset + WPA_IE_SUITE_COUNT_LEN > ie_len)
1875 goto skip_mfp_config;
1876 /* Ready to read capabilities */
1877 mfp = BRCMF_MFP_NONE;
1878 rsn_cap = ie[offset] + (ie[offset + 1] << 8);
1879 if (rsn_cap & RSN_CAP_MFPR_MASK)
1880 mfp = BRCMF_MFP_REQUIRED;
1881 else if (rsn_cap & RSN_CAP_MFPC_MASK)
1882 mfp = BRCMF_MFP_CAPABLE;
1883 brcmf_fil_bsscfg_int_set(netdev_priv(ndev), "mfp", mfp);
1886 brcmf_dbg(CONN, "setting wpa_auth to %d\n", val);
1887 err = brcmf_fil_bsscfg_int_set(netdev_priv(ndev), "wpa_auth", val);
1889 bphy_err(drvr, "could not set wpa_auth (%d)\n", err);
1897 brcmf_set_sharedkey(struct net_device *ndev,
1898 struct cfg80211_connect_params *sme)
1900 struct brcmf_if *ifp = netdev_priv(ndev);
1901 struct brcmf_pub *drvr = ifp->drvr;
1902 struct brcmf_cfg80211_profile *profile = ndev_to_prof(ndev);
1903 struct brcmf_cfg80211_security *sec;
1904 struct brcmf_wsec_key key;
1908 brcmf_dbg(CONN, "key len (%d)\n", sme->key_len);
1910 if (sme->key_len == 0)
1913 sec = &profile->sec;
1914 brcmf_dbg(CONN, "wpa_versions 0x%x cipher_pairwise 0x%x\n",
1915 sec->wpa_versions, sec->cipher_pairwise);
1917 if (sec->wpa_versions & (NL80211_WPA_VERSION_1 | NL80211_WPA_VERSION_2 |
1918 NL80211_WPA_VERSION_3))
1921 if (!(sec->cipher_pairwise &
1922 (WLAN_CIPHER_SUITE_WEP40 | WLAN_CIPHER_SUITE_WEP104)))
1925 memset(&key, 0, sizeof(key));
1926 key.len = (u32) sme->key_len;
1927 key.index = (u32) sme->key_idx;
1928 if (key.len > sizeof(key.data)) {
1929 bphy_err(drvr, "Too long key length (%u)\n", key.len);
1932 memcpy(key.data, sme->key, key.len);
1933 key.flags = BRCMF_PRIMARY_KEY;
1934 switch (sec->cipher_pairwise) {
1935 case WLAN_CIPHER_SUITE_WEP40:
1936 key.algo = CRYPTO_ALGO_WEP1;
1938 case WLAN_CIPHER_SUITE_WEP104:
1939 key.algo = CRYPTO_ALGO_WEP128;
1942 bphy_err(drvr, "Invalid algorithm (%d)\n",
1943 sme->crypto.ciphers_pairwise[0]);
1946 /* Set the new key/index */
1947 brcmf_dbg(CONN, "key length (%d) key index (%d) algo (%d)\n",
1948 key.len, key.index, key.algo);
1949 brcmf_dbg(CONN, "key \"%s\"\n", key.data);
1950 err = send_key_to_dongle(ifp, &key);
1954 if (sec->auth_type == NL80211_AUTHTYPE_SHARED_KEY) {
1955 brcmf_dbg(CONN, "set auth_type to shared key\n");
1956 val = WL_AUTH_SHARED_KEY; /* shared key */
1957 err = brcmf_fil_bsscfg_int_set(ifp, "auth", val);
1959 bphy_err(drvr, "set auth failed (%d)\n", err);
1965 enum nl80211_auth_type brcmf_war_auth_type(struct brcmf_if *ifp,
1966 enum nl80211_auth_type type)
1968 if (type == NL80211_AUTHTYPE_AUTOMATIC &&
1969 brcmf_feat_is_quirk_enabled(ifp, BRCMF_FEAT_QUIRK_AUTO_AUTH)) {
1970 brcmf_dbg(CONN, "WAR: use OPEN instead of AUTO\n");
1971 type = NL80211_AUTHTYPE_OPEN_SYSTEM;
1976 static void brcmf_set_join_pref(struct brcmf_if *ifp,
1977 struct cfg80211_bss_selection *bss_select)
1979 struct brcmf_pub *drvr = ifp->drvr;
1980 struct brcmf_join_pref_params join_pref_params[2];
1981 enum nl80211_band band;
1984 join_pref_params[i].len = 2;
1985 join_pref_params[i].rssi_gain = 0;
1987 if (bss_select->behaviour != NL80211_BSS_SELECT_ATTR_BAND_PREF)
1988 brcmf_fil_cmd_int_set(ifp, BRCMF_C_SET_ASSOC_PREFER, WLC_BAND_AUTO);
1990 switch (bss_select->behaviour) {
1991 case __NL80211_BSS_SELECT_ATTR_INVALID:
1992 brcmf_c_set_joinpref_default(ifp);
1994 case NL80211_BSS_SELECT_ATTR_BAND_PREF:
1995 join_pref_params[i].type = BRCMF_JOIN_PREF_BAND;
1996 band = bss_select->param.band_pref;
1997 join_pref_params[i].band = nl80211_band_to_fwil(band);
2000 case NL80211_BSS_SELECT_ATTR_RSSI_ADJUST:
2001 join_pref_params[i].type = BRCMF_JOIN_PREF_RSSI_DELTA;
2002 band = bss_select->param.adjust.band;
2003 join_pref_params[i].band = nl80211_band_to_fwil(band);
2004 join_pref_params[i].rssi_gain = bss_select->param.adjust.delta;
2007 case NL80211_BSS_SELECT_ATTR_RSSI:
2011 join_pref_params[i].type = BRCMF_JOIN_PREF_RSSI;
2012 join_pref_params[i].len = 2;
2013 join_pref_params[i].rssi_gain = 0;
2014 join_pref_params[i].band = 0;
2015 err = brcmf_fil_iovar_data_set(ifp, "join_pref", join_pref_params,
2016 sizeof(join_pref_params));
2018 bphy_err(drvr, "Set join_pref error (%d)\n", err);
2022 brcmf_cfg80211_connect(struct wiphy *wiphy, struct net_device *ndev,
2023 struct cfg80211_connect_params *sme)
2025 struct brcmf_cfg80211_info *cfg = wiphy_to_cfg(wiphy);
2026 struct brcmf_if *ifp = netdev_priv(ndev);
2027 struct brcmf_cfg80211_profile *profile = &ifp->vif->profile;
2028 struct ieee80211_channel *chan = sme->channel;
2029 struct brcmf_pub *drvr = ifp->drvr;
2030 struct brcmf_join_params join_params;
2031 size_t join_params_size;
2032 const struct brcmf_tlv *rsn_ie;
2033 const struct brcmf_vs_tlv *wpa_ie;
2036 struct brcmf_ext_join_params_le *ext_join_params;
2041 brcmf_dbg(TRACE, "Enter\n");
2042 if (!check_vif_up(ifp->vif))
2046 bphy_err(drvr, "Invalid ssid\n");
2050 if (ifp->vif == cfg->p2p.bss_idx[P2PAPI_BSSCFG_PRIMARY].vif) {
2051 /* A normal (non P2P) connection request setup. */
2054 /* find the WPA_IE */
2055 wpa_ie = brcmf_find_wpaie((u8 *)sme->ie, sme->ie_len);
2058 ie_len = wpa_ie->len + TLV_HDR_LEN;
2060 /* find the RSN_IE */
2061 rsn_ie = brcmf_parse_tlvs((const u8 *)sme->ie,
2066 ie_len = rsn_ie->len + TLV_HDR_LEN;
2069 brcmf_fil_iovar_data_set(ifp, "wpaie", ie, ie_len);
2072 err = brcmf_vif_set_mgmt_ie(ifp->vif, BRCMF_VNDR_IE_ASSOCREQ_FLAG,
2073 sme->ie, sme->ie_len);
2075 bphy_err(drvr, "Set Assoc REQ IE Failed\n");
2077 brcmf_dbg(TRACE, "Applied Vndr IEs for Assoc request\n");
2079 set_bit(BRCMF_VIF_STATUS_CONNECTING, &ifp->vif->sme_state);
2083 ieee80211_frequency_to_channel(chan->center_freq);
2084 chanspec = channel_to_chanspec(&cfg->d11inf, chan);
2085 brcmf_dbg(CONN, "channel=%d, center_req=%d, chanspec=0x%04x\n",
2086 cfg->channel, chan->center_freq, chanspec);
2092 brcmf_dbg(INFO, "ie (%p), ie_len (%zd)\n", sme->ie, sme->ie_len);
2094 err = brcmf_set_wpa_version(ndev, sme);
2096 bphy_err(drvr, "wl_set_wpa_version failed (%d)\n", err);
2100 sme->auth_type = brcmf_war_auth_type(ifp, sme->auth_type);
2101 err = brcmf_set_auth_type(ndev, sme);
2103 bphy_err(drvr, "wl_set_auth_type failed (%d)\n", err);
2107 err = brcmf_set_wsec_mode(ndev, sme);
2109 bphy_err(drvr, "wl_set_set_cipher failed (%d)\n", err);
2113 err = brcmf_set_key_mgmt(ndev, sme);
2115 bphy_err(drvr, "wl_set_key_mgmt failed (%d)\n", err);
2119 err = brcmf_set_sharedkey(ndev, sme);
2121 bphy_err(drvr, "brcmf_set_sharedkey failed (%d)\n", err);
2125 if (sme->crypto.psk &&
2126 profile->use_fwsup != BRCMF_PROFILE_FWSUP_SAE) {
2127 if (WARN_ON(profile->use_fwsup != BRCMF_PROFILE_FWSUP_NONE)) {
2131 brcmf_dbg(INFO, "using PSK offload\n");
2132 profile->use_fwsup = BRCMF_PROFILE_FWSUP_PSK;
2135 if (profile->use_fwsup != BRCMF_PROFILE_FWSUP_NONE) {
2136 /* enable firmware supplicant for this interface */
2137 err = brcmf_fil_iovar_int_set(ifp, "sup_wpa", 1);
2139 bphy_err(drvr, "failed to enable fw supplicant\n");
2144 if (profile->use_fwsup == BRCMF_PROFILE_FWSUP_PSK)
2145 err = brcmf_set_pmk(ifp, sme->crypto.psk,
2146 BRCMF_WSEC_MAX_PSK_LEN);
2147 else if (profile->use_fwsup == BRCMF_PROFILE_FWSUP_SAE) {
2148 /* clean up user-space RSNE */
2149 err = brcmf_fil_iovar_data_set(ifp, "wpaie", NULL, 0);
2151 bphy_err(drvr, "failed to clean up user-space RSNE\n");
2154 err = brcmf_set_sae_password(ifp, sme->crypto.sae_pwd,
2155 sme->crypto.sae_pwd_len);
2156 if (!err && sme->crypto.psk)
2157 err = brcmf_set_pmk(ifp, sme->crypto.psk,
2158 BRCMF_WSEC_MAX_PSK_LEN);
2163 /* Join with specific BSSID and cached SSID
2164 * If SSID is zero join based on BSSID only
2166 join_params_size = offsetof(struct brcmf_ext_join_params_le, assoc_le) +
2167 offsetof(struct brcmf_assoc_params_le, chanspec_list);
2169 join_params_size += sizeof(u16);
2170 ext_join_params = kzalloc(sizeof(*ext_join_params), GFP_KERNEL);
2171 if (ext_join_params == NULL) {
2175 ssid_len = min_t(u32, sme->ssid_len, IEEE80211_MAX_SSID_LEN);
2176 ext_join_params->ssid_le.SSID_len = cpu_to_le32(ssid_len);
2177 memcpy(&ext_join_params->ssid_le.SSID, sme->ssid, ssid_len);
2178 if (ssid_len < IEEE80211_MAX_SSID_LEN)
2179 brcmf_dbg(CONN, "SSID \"%s\", len (%d)\n",
2180 ext_join_params->ssid_le.SSID, ssid_len);
2182 /* Set up join scan parameters */
2183 ext_join_params->scan_le.scan_type = -1;
2184 ext_join_params->scan_le.home_time = cpu_to_le32(-1);
2187 memcpy(&ext_join_params->assoc_le.bssid, sme->bssid, ETH_ALEN);
2189 eth_broadcast_addr(ext_join_params->assoc_le.bssid);
2192 ext_join_params->assoc_le.chanspec_num = cpu_to_le32(1);
2194 ext_join_params->assoc_le.chanspec_list[0] =
2195 cpu_to_le16(chanspec);
2196 /* Increase dwell time to receive probe response or detect
2197 * beacon from target AP at a noisy air only during connect
2200 ext_join_params->scan_le.active_time =
2201 cpu_to_le32(BRCMF_SCAN_JOIN_ACTIVE_DWELL_TIME_MS);
2202 ext_join_params->scan_le.passive_time =
2203 cpu_to_le32(BRCMF_SCAN_JOIN_PASSIVE_DWELL_TIME_MS);
2204 /* To sync with presence period of VSDB GO send probe request
2205 * more frequently. Probe request will be stopped when it gets
2206 * probe response from target AP/GO.
2208 ext_join_params->scan_le.nprobes =
2209 cpu_to_le32(BRCMF_SCAN_JOIN_ACTIVE_DWELL_TIME_MS /
2210 BRCMF_SCAN_JOIN_PROBE_INTERVAL_MS);
2212 ext_join_params->scan_le.active_time = cpu_to_le32(-1);
2213 ext_join_params->scan_le.passive_time = cpu_to_le32(-1);
2214 ext_join_params->scan_le.nprobes = cpu_to_le32(-1);
2217 brcmf_set_join_pref(ifp, &sme->bss_select);
2219 err = brcmf_fil_bsscfg_data_set(ifp, "join", ext_join_params,
2221 kfree(ext_join_params);
2223 /* This is it. join command worked, we are done */
2226 /* join command failed, fallback to set ssid */
2227 memset(&join_params, 0, sizeof(join_params));
2228 join_params_size = sizeof(join_params.ssid_le);
2230 memcpy(&join_params.ssid_le.SSID, sme->ssid, ssid_len);
2231 join_params.ssid_le.SSID_len = cpu_to_le32(ssid_len);
2234 memcpy(join_params.params_le.bssid, sme->bssid, ETH_ALEN);
2236 eth_broadcast_addr(join_params.params_le.bssid);
2239 join_params.params_le.chanspec_list[0] = cpu_to_le16(chanspec);
2240 join_params.params_le.chanspec_num = cpu_to_le32(1);
2241 join_params_size += sizeof(join_params.params_le);
2243 err = brcmf_fil_cmd_data_set(ifp, BRCMF_C_SET_SSID,
2244 &join_params, join_params_size);
2246 bphy_err(drvr, "BRCMF_C_SET_SSID failed (%d)\n", err);
2250 clear_bit(BRCMF_VIF_STATUS_CONNECTING, &ifp->vif->sme_state);
2251 brcmf_dbg(TRACE, "Exit\n");
2256 brcmf_cfg80211_disconnect(struct wiphy *wiphy, struct net_device *ndev,
2259 struct brcmf_cfg80211_info *cfg = wiphy_to_cfg(wiphy);
2260 struct brcmf_if *ifp = netdev_priv(ndev);
2261 struct brcmf_cfg80211_profile *profile = &ifp->vif->profile;
2262 struct brcmf_pub *drvr = cfg->pub;
2263 struct brcmf_scb_val_le scbval;
2266 brcmf_dbg(TRACE, "Enter. Reason code = %d\n", reason_code);
2267 if (!check_vif_up(ifp->vif))
2270 clear_bit(BRCMF_VIF_STATUS_CONNECTED, &ifp->vif->sme_state);
2271 clear_bit(BRCMF_VIF_STATUS_CONNECTING, &ifp->vif->sme_state);
2272 cfg80211_disconnected(ndev, reason_code, NULL, 0, true, GFP_KERNEL);
2274 memcpy(&scbval.ea, &profile->bssid, ETH_ALEN);
2275 scbval.val = cpu_to_le32(reason_code);
2276 err = brcmf_fil_cmd_data_set(ifp, BRCMF_C_DISASSOC,
2277 &scbval, sizeof(scbval));
2279 bphy_err(drvr, "error (%d)\n", err);
2281 brcmf_dbg(TRACE, "Exit\n");
2286 brcmf_cfg80211_set_tx_power(struct wiphy *wiphy, struct wireless_dev *wdev,
2287 enum nl80211_tx_power_setting type, s32 mbm)
2289 struct brcmf_cfg80211_info *cfg = wiphy_to_cfg(wiphy);
2290 struct net_device *ndev = cfg_to_ndev(cfg);
2291 struct brcmf_if *ifp = netdev_priv(ndev);
2292 struct brcmf_pub *drvr = cfg->pub;
2297 brcmf_dbg(TRACE, "Enter %d %d\n", type, mbm);
2298 if (!check_vif_up(ifp->vif))
2302 case NL80211_TX_POWER_AUTOMATIC:
2304 case NL80211_TX_POWER_LIMITED:
2305 case NL80211_TX_POWER_FIXED:
2307 bphy_err(drvr, "TX_POWER_FIXED - dbm is negative\n");
2311 qdbm = MBM_TO_DBM(4 * mbm);
2314 qdbm |= WL_TXPWR_OVERRIDE;
2317 bphy_err(drvr, "Unsupported type %d\n", type);
2321 /* Make sure radio is off or on as far as software is concerned */
2322 disable = WL_RADIO_SW_DISABLE << 16;
2323 err = brcmf_fil_cmd_int_set(ifp, BRCMF_C_SET_RADIO, disable);
2325 bphy_err(drvr, "WLC_SET_RADIO error (%d)\n", err);
2327 err = brcmf_fil_iovar_int_set(ifp, "qtxpower", qdbm);
2329 bphy_err(drvr, "qtxpower error (%d)\n", err);
2332 brcmf_dbg(TRACE, "Exit %d (qdbm)\n", qdbm & ~WL_TXPWR_OVERRIDE);
2337 brcmf_cfg80211_get_tx_power(struct wiphy *wiphy, struct wireless_dev *wdev,
2340 struct brcmf_cfg80211_info *cfg = wiphy_to_cfg(wiphy);
2341 struct brcmf_cfg80211_vif *vif = wdev_to_vif(wdev);
2342 struct brcmf_pub *drvr = cfg->pub;
2346 brcmf_dbg(TRACE, "Enter\n");
2347 if (!check_vif_up(vif))
2350 err = brcmf_fil_iovar_int_get(vif->ifp, "qtxpower", &qdbm);
2352 bphy_err(drvr, "error (%d)\n", err);
2355 *dbm = (qdbm & ~WL_TXPWR_OVERRIDE) / 4;
2358 brcmf_dbg(TRACE, "Exit (0x%x %d)\n", qdbm, *dbm);
2363 brcmf_cfg80211_config_default_key(struct wiphy *wiphy, struct net_device *ndev,
2364 int link_id, u8 key_idx, bool unicast,
2367 struct brcmf_if *ifp = netdev_priv(ndev);
2368 struct brcmf_pub *drvr = ifp->drvr;
2373 brcmf_dbg(TRACE, "Enter\n");
2374 brcmf_dbg(CONN, "key index (%d)\n", key_idx);
2375 if (!check_vif_up(ifp->vif))
2378 err = brcmf_fil_bsscfg_int_get(ifp, "wsec", &wsec);
2380 bphy_err(drvr, "WLC_GET_WSEC error (%d)\n", err);
2384 if (wsec & WEP_ENABLED) {
2385 /* Just select a new current key */
2387 err = brcmf_fil_cmd_int_set(ifp,
2388 BRCMF_C_SET_KEY_PRIMARY, index);
2390 bphy_err(drvr, "error (%d)\n", err);
2393 brcmf_dbg(TRACE, "Exit\n");
2398 brcmf_cfg80211_del_key(struct wiphy *wiphy, struct net_device *ndev,
2399 int link_id, u8 key_idx, bool pairwise,
2402 struct brcmf_if *ifp = netdev_priv(ndev);
2403 struct brcmf_wsec_key *key;
2406 brcmf_dbg(TRACE, "Enter\n");
2407 brcmf_dbg(CONN, "key index (%d)\n", key_idx);
2409 if (!check_vif_up(ifp->vif))
2412 if (key_idx >= BRCMF_MAX_DEFAULT_KEYS) {
2413 /* we ignore this key index in this case */
2417 key = &ifp->vif->profile.key[key_idx];
2419 if (key->algo == CRYPTO_ALGO_OFF) {
2420 brcmf_dbg(CONN, "Ignore clearing of (never configured) key\n");
2424 memset(key, 0, sizeof(*key));
2425 key->index = (u32)key_idx;
2426 key->flags = BRCMF_PRIMARY_KEY;
2428 /* Clear the key/index */
2429 err = send_key_to_dongle(ifp, key);
2431 brcmf_dbg(TRACE, "Exit\n");
2436 brcmf_cfg80211_add_key(struct wiphy *wiphy, struct net_device *ndev,
2437 int link_id, u8 key_idx, bool pairwise,
2438 const u8 *mac_addr, struct key_params *params)
2440 struct brcmf_cfg80211_info *cfg = wiphy_to_cfg(wiphy);
2441 struct brcmf_if *ifp = netdev_priv(ndev);
2442 struct brcmf_pub *drvr = cfg->pub;
2443 struct brcmf_wsec_key *key;
2450 brcmf_dbg(TRACE, "Enter\n");
2451 brcmf_dbg(CONN, "key index (%d)\n", key_idx);
2452 if (!check_vif_up(ifp->vif))
2455 if (key_idx >= BRCMF_MAX_DEFAULT_KEYS) {
2456 /* we ignore this key index in this case */
2457 bphy_err(drvr, "invalid key index (%d)\n", key_idx);
2461 if (params->key_len == 0)
2462 return brcmf_cfg80211_del_key(wiphy, ndev, -1, key_idx,
2463 pairwise, mac_addr);
2465 if (params->key_len > sizeof(key->data)) {
2466 bphy_err(drvr, "Too long key length (%u)\n", params->key_len);
2471 if (mac_addr && (params->cipher != WLAN_CIPHER_SUITE_WEP40) &&
2472 (params->cipher != WLAN_CIPHER_SUITE_WEP104)) {
2473 brcmf_dbg(TRACE, "Ext key, mac %pM", mac_addr);
2477 key = &ifp->vif->profile.key[key_idx];
2478 memset(key, 0, sizeof(*key));
2479 if ((ext_key) && (!is_multicast_ether_addr(mac_addr)))
2480 memcpy((char *)&key->ea, (void *)mac_addr, ETH_ALEN);
2481 key->len = params->key_len;
2482 key->index = key_idx;
2483 memcpy(key->data, params->key, key->len);
2485 key->flags = BRCMF_PRIMARY_KEY;
2487 if (params->seq && params->seq_len == 6) {
2491 ivptr = (u8 *)params->seq;
2492 key->rxiv.hi = (ivptr[5] << 24) | (ivptr[4] << 16) |
2493 (ivptr[3] << 8) | ivptr[2];
2494 key->rxiv.lo = (ivptr[1] << 8) | ivptr[0];
2495 key->iv_initialized = true;
2498 switch (params->cipher) {
2499 case WLAN_CIPHER_SUITE_WEP40:
2500 key->algo = CRYPTO_ALGO_WEP1;
2502 brcmf_dbg(CONN, "WLAN_CIPHER_SUITE_WEP40\n");
2504 case WLAN_CIPHER_SUITE_WEP104:
2505 key->algo = CRYPTO_ALGO_WEP128;
2507 brcmf_dbg(CONN, "WLAN_CIPHER_SUITE_WEP104\n");
2509 case WLAN_CIPHER_SUITE_TKIP:
2510 if (!brcmf_is_apmode(ifp->vif)) {
2511 brcmf_dbg(CONN, "Swapping RX/TX MIC key\n");
2512 memcpy(keybuf, &key->data[24], sizeof(keybuf));
2513 memcpy(&key->data[24], &key->data[16], sizeof(keybuf));
2514 memcpy(&key->data[16], keybuf, sizeof(keybuf));
2516 key->algo = CRYPTO_ALGO_TKIP;
2518 brcmf_dbg(CONN, "WLAN_CIPHER_SUITE_TKIP\n");
2520 case WLAN_CIPHER_SUITE_AES_CMAC:
2521 key->algo = CRYPTO_ALGO_AES_CCM;
2523 brcmf_dbg(CONN, "WLAN_CIPHER_SUITE_AES_CMAC\n");
2525 case WLAN_CIPHER_SUITE_CCMP:
2526 key->algo = CRYPTO_ALGO_AES_CCM;
2528 brcmf_dbg(CONN, "WLAN_CIPHER_SUITE_CCMP\n");
2531 bphy_err(drvr, "Invalid cipher (0x%x)\n", params->cipher);
2536 err = send_key_to_dongle(ifp, key);
2540 err = brcmf_fil_bsscfg_int_get(ifp, "wsec", &wsec);
2542 bphy_err(drvr, "get wsec error (%d)\n", err);
2546 err = brcmf_fil_bsscfg_int_set(ifp, "wsec", wsec);
2548 bphy_err(drvr, "set wsec error (%d)\n", err);
2553 brcmf_dbg(TRACE, "Exit\n");
2558 brcmf_cfg80211_get_key(struct wiphy *wiphy, struct net_device *ndev,
2559 int link_id, u8 key_idx, bool pairwise,
2560 const u8 *mac_addr, void *cookie,
2561 void (*callback)(void *cookie,
2562 struct key_params *params))
2564 struct brcmf_cfg80211_info *cfg = wiphy_to_cfg(wiphy);
2565 struct key_params params;
2566 struct brcmf_if *ifp = netdev_priv(ndev);
2567 struct brcmf_cfg80211_profile *profile = &ifp->vif->profile;
2568 struct brcmf_pub *drvr = cfg->pub;
2569 struct brcmf_cfg80211_security *sec;
2573 brcmf_dbg(TRACE, "Enter\n");
2574 brcmf_dbg(CONN, "key index (%d)\n", key_idx);
2575 if (!check_vif_up(ifp->vif))
2578 memset(¶ms, 0, sizeof(params));
2580 err = brcmf_fil_bsscfg_int_get(ifp, "wsec", &wsec);
2582 bphy_err(drvr, "WLC_GET_WSEC error (%d)\n", err);
2583 /* Ignore this error, may happen during DISASSOC */
2587 if (wsec & WEP_ENABLED) {
2588 sec = &profile->sec;
2589 if (sec->cipher_pairwise & WLAN_CIPHER_SUITE_WEP40) {
2590 params.cipher = WLAN_CIPHER_SUITE_WEP40;
2591 brcmf_dbg(CONN, "WLAN_CIPHER_SUITE_WEP40\n");
2592 } else if (sec->cipher_pairwise & WLAN_CIPHER_SUITE_WEP104) {
2593 params.cipher = WLAN_CIPHER_SUITE_WEP104;
2594 brcmf_dbg(CONN, "WLAN_CIPHER_SUITE_WEP104\n");
2596 } else if (wsec & TKIP_ENABLED) {
2597 params.cipher = WLAN_CIPHER_SUITE_TKIP;
2598 brcmf_dbg(CONN, "WLAN_CIPHER_SUITE_TKIP\n");
2599 } else if (wsec & AES_ENABLED) {
2600 params.cipher = WLAN_CIPHER_SUITE_AES_CMAC;
2601 brcmf_dbg(CONN, "WLAN_CIPHER_SUITE_AES_CMAC\n");
2603 bphy_err(drvr, "Invalid algo (0x%x)\n", wsec);
2607 callback(cookie, ¶ms);
2610 brcmf_dbg(TRACE, "Exit\n");
2615 brcmf_cfg80211_config_default_mgmt_key(struct wiphy *wiphy,
2616 struct net_device *ndev, int link_id,
2619 struct brcmf_if *ifp = netdev_priv(ndev);
2621 brcmf_dbg(TRACE, "Enter key_idx %d\n", key_idx);
2623 if (brcmf_feat_is_enabled(ifp, BRCMF_FEAT_MFP))
2626 brcmf_dbg(INFO, "Not supported\n");
2632 brcmf_cfg80211_reconfigure_wep(struct brcmf_if *ifp)
2634 struct brcmf_pub *drvr = ifp->drvr;
2637 struct brcmf_wsec_key *key;
2640 for (key_idx = 0; key_idx < BRCMF_MAX_DEFAULT_KEYS; key_idx++) {
2641 key = &ifp->vif->profile.key[key_idx];
2642 if ((key->algo == CRYPTO_ALGO_WEP1) ||
2643 (key->algo == CRYPTO_ALGO_WEP128))
2646 if (key_idx == BRCMF_MAX_DEFAULT_KEYS)
2649 err = send_key_to_dongle(ifp, key);
2651 bphy_err(drvr, "Setting WEP key failed (%d)\n", err);
2654 err = brcmf_fil_bsscfg_int_get(ifp, "wsec", &wsec);
2656 bphy_err(drvr, "get wsec error (%d)\n", err);
2659 wsec |= WEP_ENABLED;
2660 err = brcmf_fil_bsscfg_int_set(ifp, "wsec", wsec);
2662 bphy_err(drvr, "set wsec error (%d)\n", err);
2665 static void brcmf_convert_sta_flags(u32 fw_sta_flags, struct station_info *si)
2667 struct nl80211_sta_flag_update *sfu;
2669 brcmf_dbg(TRACE, "flags %08x\n", fw_sta_flags);
2670 si->filled |= BIT_ULL(NL80211_STA_INFO_STA_FLAGS);
2671 sfu = &si->sta_flags;
2672 sfu->mask = BIT(NL80211_STA_FLAG_WME) |
2673 BIT(NL80211_STA_FLAG_AUTHENTICATED) |
2674 BIT(NL80211_STA_FLAG_ASSOCIATED) |
2675 BIT(NL80211_STA_FLAG_AUTHORIZED);
2676 if (fw_sta_flags & BRCMF_STA_WME)
2677 sfu->set |= BIT(NL80211_STA_FLAG_WME);
2678 if (fw_sta_flags & BRCMF_STA_AUTHE)
2679 sfu->set |= BIT(NL80211_STA_FLAG_AUTHENTICATED);
2680 if (fw_sta_flags & BRCMF_STA_ASSOC)
2681 sfu->set |= BIT(NL80211_STA_FLAG_ASSOCIATED);
2682 if (fw_sta_flags & BRCMF_STA_AUTHO)
2683 sfu->set |= BIT(NL80211_STA_FLAG_AUTHORIZED);
2686 static void brcmf_fill_bss_param(struct brcmf_if *ifp, struct station_info *si)
2688 struct brcmf_pub *drvr = ifp->drvr;
2691 struct brcmf_bss_info_le bss_le;
2696 buf = kzalloc(WL_BSS_INFO_MAX, GFP_KERNEL);
2700 buf->len = cpu_to_le32(WL_BSS_INFO_MAX);
2701 err = brcmf_fil_cmd_data_get(ifp, BRCMF_C_GET_BSS_INFO, buf,
2704 bphy_err(drvr, "Failed to get bss info (%d)\n", err);
2707 si->filled |= BIT_ULL(NL80211_STA_INFO_BSS_PARAM);
2708 si->bss_param.beacon_interval = le16_to_cpu(buf->bss_le.beacon_period);
2709 si->bss_param.dtim_period = buf->bss_le.dtim_period;
2710 capability = le16_to_cpu(buf->bss_le.capability);
2711 if (capability & IEEE80211_HT_STBC_PARAM_DUAL_CTS_PROT)
2712 si->bss_param.flags |= BSS_PARAM_FLAGS_CTS_PROT;
2713 if (capability & WLAN_CAPABILITY_SHORT_PREAMBLE)
2714 si->bss_param.flags |= BSS_PARAM_FLAGS_SHORT_PREAMBLE;
2715 if (capability & WLAN_CAPABILITY_SHORT_SLOT_TIME)
2716 si->bss_param.flags |= BSS_PARAM_FLAGS_SHORT_SLOT_TIME;
2723 brcmf_cfg80211_get_station_ibss(struct brcmf_if *ifp,
2724 struct station_info *sinfo)
2726 struct brcmf_pub *drvr = ifp->drvr;
2727 struct brcmf_scb_val_le scbval;
2728 struct brcmf_pktcnt_le pktcnt;
2733 /* Get the current tx rate */
2734 err = brcmf_fil_cmd_int_get(ifp, BRCMF_C_GET_RATE, &rate);
2736 bphy_err(drvr, "BRCMF_C_GET_RATE error (%d)\n", err);
2739 sinfo->filled |= BIT_ULL(NL80211_STA_INFO_TX_BITRATE);
2740 sinfo->txrate.legacy = rate * 5;
2742 memset(&scbval, 0, sizeof(scbval));
2743 err = brcmf_fil_cmd_data_get(ifp, BRCMF_C_GET_RSSI, &scbval,
2746 bphy_err(drvr, "BRCMF_C_GET_RSSI error (%d)\n", err);
2749 rssi = le32_to_cpu(scbval.val);
2750 sinfo->filled |= BIT_ULL(NL80211_STA_INFO_SIGNAL);
2751 sinfo->signal = rssi;
2753 err = brcmf_fil_cmd_data_get(ifp, BRCMF_C_GET_GET_PKTCNTS, &pktcnt,
2756 bphy_err(drvr, "BRCMF_C_GET_GET_PKTCNTS error (%d)\n", err);
2759 sinfo->filled |= BIT_ULL(NL80211_STA_INFO_RX_PACKETS) |
2760 BIT_ULL(NL80211_STA_INFO_RX_DROP_MISC) |
2761 BIT_ULL(NL80211_STA_INFO_TX_PACKETS) |
2762 BIT_ULL(NL80211_STA_INFO_TX_FAILED);
2763 sinfo->rx_packets = le32_to_cpu(pktcnt.rx_good_pkt);
2764 sinfo->rx_dropped_misc = le32_to_cpu(pktcnt.rx_bad_pkt);
2765 sinfo->tx_packets = le32_to_cpu(pktcnt.tx_good_pkt);
2766 sinfo->tx_failed = le32_to_cpu(pktcnt.tx_bad_pkt);
2772 brcmf_cfg80211_get_station(struct wiphy *wiphy, struct net_device *ndev,
2773 const u8 *mac, struct station_info *sinfo)
2775 struct brcmf_cfg80211_info *cfg = wiphy_to_cfg(wiphy);
2776 struct brcmf_if *ifp = netdev_priv(ndev);
2777 struct brcmf_pub *drvr = cfg->pub;
2778 struct brcmf_scb_val_le scb_val;
2780 struct brcmf_sta_info_le sta_info_le;
2783 s32 total_rssi_avg = 0;
2789 brcmf_dbg(TRACE, "Enter, MAC %pM\n", mac);
2790 if (!check_vif_up(ifp->vif))
2793 if (brcmf_is_ibssmode(ifp->vif))
2794 return brcmf_cfg80211_get_station_ibss(ifp, sinfo);
2796 memset(&sta_info_le, 0, sizeof(sta_info_le));
2797 memcpy(&sta_info_le, mac, ETH_ALEN);
2798 err = brcmf_fil_iovar_data_get(ifp, "tdls_sta_info",
2800 sizeof(sta_info_le));
2801 is_tdls_peer = !err;
2803 err = brcmf_fil_iovar_data_get(ifp, "sta_info",
2805 sizeof(sta_info_le));
2807 bphy_err(drvr, "GET STA INFO failed, %d\n", err);
2811 brcmf_dbg(TRACE, "version %d\n", le16_to_cpu(sta_info_le.ver));
2812 sinfo->filled = BIT_ULL(NL80211_STA_INFO_INACTIVE_TIME);
2813 sinfo->inactive_time = le32_to_cpu(sta_info_le.idle) * 1000;
2814 sta_flags = le32_to_cpu(sta_info_le.flags);
2815 brcmf_convert_sta_flags(sta_flags, sinfo);
2816 sinfo->sta_flags.mask |= BIT(NL80211_STA_FLAG_TDLS_PEER);
2818 sinfo->sta_flags.set |= BIT(NL80211_STA_FLAG_TDLS_PEER);
2820 sinfo->sta_flags.set &= ~BIT(NL80211_STA_FLAG_TDLS_PEER);
2821 if (sta_flags & BRCMF_STA_ASSOC) {
2822 sinfo->filled |= BIT_ULL(NL80211_STA_INFO_CONNECTED_TIME);
2823 sinfo->connected_time = le32_to_cpu(sta_info_le.in);
2824 brcmf_fill_bss_param(ifp, sinfo);
2826 if (sta_flags & BRCMF_STA_SCBSTATS) {
2827 sinfo->filled |= BIT_ULL(NL80211_STA_INFO_TX_FAILED);
2828 sinfo->tx_failed = le32_to_cpu(sta_info_le.tx_failures);
2829 sinfo->filled |= BIT_ULL(NL80211_STA_INFO_TX_PACKETS);
2830 sinfo->tx_packets = le32_to_cpu(sta_info_le.tx_pkts);
2831 sinfo->tx_packets += le32_to_cpu(sta_info_le.tx_mcast_pkts);
2832 sinfo->filled |= BIT_ULL(NL80211_STA_INFO_RX_PACKETS);
2833 sinfo->rx_packets = le32_to_cpu(sta_info_le.rx_ucast_pkts);
2834 sinfo->rx_packets += le32_to_cpu(sta_info_le.rx_mcast_pkts);
2835 if (sinfo->tx_packets) {
2836 sinfo->filled |= BIT_ULL(NL80211_STA_INFO_TX_BITRATE);
2837 sinfo->txrate.legacy =
2838 le32_to_cpu(sta_info_le.tx_rate) / 100;
2840 if (sinfo->rx_packets) {
2841 sinfo->filled |= BIT_ULL(NL80211_STA_INFO_RX_BITRATE);
2842 sinfo->rxrate.legacy =
2843 le32_to_cpu(sta_info_le.rx_rate) / 100;
2845 if (le16_to_cpu(sta_info_le.ver) >= 4) {
2846 sinfo->filled |= BIT_ULL(NL80211_STA_INFO_TX_BYTES);
2847 sinfo->tx_bytes = le64_to_cpu(sta_info_le.tx_tot_bytes);
2848 sinfo->filled |= BIT_ULL(NL80211_STA_INFO_RX_BYTES);
2849 sinfo->rx_bytes = le64_to_cpu(sta_info_le.rx_tot_bytes);
2851 for (i = 0; i < BRCMF_ANT_MAX; i++) {
2852 if (sta_info_le.rssi[i] == 0 ||
2853 sta_info_le.rx_lastpkt_rssi[i] == 0)
2855 sinfo->chains |= BIT(count_rssi);
2856 sinfo->chain_signal[count_rssi] =
2857 sta_info_le.rx_lastpkt_rssi[i];
2858 sinfo->chain_signal_avg[count_rssi] =
2859 sta_info_le.rssi[i];
2860 total_rssi += sta_info_le.rx_lastpkt_rssi[i];
2861 total_rssi_avg += sta_info_le.rssi[i];
2865 sinfo->filled |= BIT_ULL(NL80211_STA_INFO_SIGNAL);
2866 sinfo->filled |= BIT_ULL(NL80211_STA_INFO_SIGNAL_AVG);
2867 sinfo->filled |= BIT_ULL(NL80211_STA_INFO_CHAIN_SIGNAL);
2869 BIT_ULL(NL80211_STA_INFO_CHAIN_SIGNAL_AVG);
2870 sinfo->signal = total_rssi / count_rssi;
2871 sinfo->signal_avg = total_rssi_avg / count_rssi;
2872 } else if (test_bit(BRCMF_VIF_STATUS_CONNECTED,
2873 &ifp->vif->sme_state)) {
2874 memset(&scb_val, 0, sizeof(scb_val));
2875 err = brcmf_fil_cmd_data_get(ifp, BRCMF_C_GET_RSSI,
2876 &scb_val, sizeof(scb_val));
2878 bphy_err(drvr, "Could not get rssi (%d)\n",
2882 rssi = le32_to_cpu(scb_val.val);
2883 sinfo->filled |= BIT_ULL(NL80211_STA_INFO_SIGNAL);
2884 sinfo->signal = rssi;
2885 brcmf_dbg(CONN, "RSSI %d dBm\n", rssi);
2890 brcmf_dbg(TRACE, "Exit\n");
2895 brcmf_cfg80211_dump_station(struct wiphy *wiphy, struct net_device *ndev,
2896 int idx, u8 *mac, struct station_info *sinfo)
2898 struct brcmf_cfg80211_info *cfg = wiphy_to_cfg(wiphy);
2899 struct brcmf_if *ifp = netdev_priv(ndev);
2900 struct brcmf_pub *drvr = cfg->pub;
2903 brcmf_dbg(TRACE, "Enter, idx %d\n", idx);
2906 cfg->assoclist.count = cpu_to_le32(BRCMF_MAX_ASSOCLIST);
2907 err = brcmf_fil_cmd_data_get(ifp, BRCMF_C_GET_ASSOCLIST,
2909 sizeof(cfg->assoclist));
2911 /* GET_ASSOCLIST unsupported by firmware of older chips */
2913 bphy_info_once(drvr, "BRCMF_C_GET_ASSOCLIST unsupported\n");
2915 bphy_err(drvr, "BRCMF_C_GET_ASSOCLIST failed, err=%d\n",
2918 cfg->assoclist.count = 0;
2922 if (idx < le32_to_cpu(cfg->assoclist.count)) {
2923 memcpy(mac, cfg->assoclist.mac[idx], ETH_ALEN);
2924 return brcmf_cfg80211_get_station(wiphy, ndev, mac, sinfo);
2930 brcmf_cfg80211_set_power_mgmt(struct wiphy *wiphy, struct net_device *ndev,
2931 bool enabled, s32 timeout)
2935 struct brcmf_cfg80211_info *cfg = wiphy_to_cfg(wiphy);
2936 struct brcmf_if *ifp = netdev_priv(ndev);
2937 struct brcmf_pub *drvr = cfg->pub;
2939 brcmf_dbg(TRACE, "Enter\n");
2942 * Powersave enable/disable request is coming from the
2943 * cfg80211 even before the interface is up. In that
2944 * scenario, driver will be storing the power save
2945 * preference in cfg struct to apply this to
2946 * FW later while initializing the dongle
2948 cfg->pwr_save = enabled;
2949 if (!check_vif_up(ifp->vif)) {
2951 brcmf_dbg(INFO, "Device is not ready, storing the value in cfg_info struct\n");
2955 pm = enabled ? PM_FAST : PM_OFF;
2956 /* Do not enable the power save after assoc if it is a p2p interface */
2957 if (ifp->vif->wdev.iftype == NL80211_IFTYPE_P2P_CLIENT) {
2958 brcmf_dbg(INFO, "Do not enable power save for P2P clients\n");
2961 brcmf_dbg(INFO, "power save %s\n", (pm ? "enabled" : "disabled"));
2963 err = brcmf_fil_cmd_int_set(ifp, BRCMF_C_SET_PM, pm);
2966 bphy_err(drvr, "net_device is not ready yet\n");
2968 bphy_err(drvr, "error (%d)\n", err);
2971 err = brcmf_fil_iovar_int_set(ifp, "pm2_sleep_ret",
2972 min_t(u32, timeout, BRCMF_PS_MAX_TIMEOUT_MS));
2974 bphy_err(drvr, "Unable to set pm timeout, (%d)\n", err);
2977 brcmf_dbg(TRACE, "Exit\n");
2981 static s32 brcmf_inform_single_bss(struct brcmf_cfg80211_info *cfg,
2982 struct brcmf_bss_info_le *bi)
2984 struct wiphy *wiphy = cfg_to_wiphy(cfg);
2985 struct brcmf_pub *drvr = cfg->pub;
2986 struct cfg80211_bss *bss;
2987 enum nl80211_band band;
2988 struct brcmu_chan ch;
2991 u16 notify_capability;
2992 u16 notify_interval;
2994 size_t notify_ielen;
2995 struct cfg80211_inform_bss bss_data = {};
2997 if (le32_to_cpu(bi->length) > WL_BSS_INFO_MAX) {
2998 bphy_err(drvr, "Bss info is larger than buffer. Discarding\n");
3003 ch.chspec = le16_to_cpu(bi->chanspec);
3004 cfg->d11inf.decchspec(&ch);
3005 bi->ctl_ch = ch.control_ch_num;
3007 channel = bi->ctl_ch;
3009 if (channel <= CH_MAX_2G_CHANNEL)
3010 band = NL80211_BAND_2GHZ;
3012 band = NL80211_BAND_5GHZ;
3014 freq = ieee80211_channel_to_frequency(channel, band);
3015 bss_data.chan = ieee80211_get_channel(wiphy, freq);
3016 bss_data.scan_width = NL80211_BSS_CHAN_WIDTH_20;
3017 bss_data.boottime_ns = ktime_to_ns(ktime_get_boottime());
3019 notify_capability = le16_to_cpu(bi->capability);
3020 notify_interval = le16_to_cpu(bi->beacon_period);
3021 notify_ie = (u8 *)bi + le16_to_cpu(bi->ie_offset);
3022 notify_ielen = le32_to_cpu(bi->ie_length);
3023 bss_data.signal = (s16)le16_to_cpu(bi->RSSI) * 100;
3025 brcmf_dbg(CONN, "bssid: %pM\n", bi->BSSID);
3026 brcmf_dbg(CONN, "Channel: %d(%d)\n", channel, freq);
3027 brcmf_dbg(CONN, "Capability: %X\n", notify_capability);
3028 brcmf_dbg(CONN, "Beacon interval: %d\n", notify_interval);
3029 brcmf_dbg(CONN, "Signal: %d\n", bss_data.signal);
3031 bss = cfg80211_inform_bss_data(wiphy, &bss_data,
3032 CFG80211_BSS_FTYPE_UNKNOWN,
3033 (const u8 *)bi->BSSID,
3034 0, notify_capability,
3035 notify_interval, notify_ie,
3036 notify_ielen, GFP_KERNEL);
3041 cfg80211_put_bss(wiphy, bss);
3046 static struct brcmf_bss_info_le *
3047 next_bss_le(struct brcmf_scan_results *list, struct brcmf_bss_info_le *bss)
3050 return list->bss_info_le;
3051 return (struct brcmf_bss_info_le *)((unsigned long)bss +
3052 le32_to_cpu(bss->length));
3055 static s32 brcmf_inform_bss(struct brcmf_cfg80211_info *cfg)
3057 struct brcmf_pub *drvr = cfg->pub;
3058 struct brcmf_scan_results *bss_list;
3059 struct brcmf_bss_info_le *bi = NULL; /* must be initialized */
3063 bss_list = (struct brcmf_scan_results *)cfg->escan_info.escan_buf;
3064 if (bss_list->count != 0 &&
3065 bss_list->version != BRCMF_BSS_INFO_VERSION) {
3066 bphy_err(drvr, "Version %d != WL_BSS_INFO_VERSION\n",
3070 brcmf_dbg(SCAN, "scanned AP count (%d)\n", bss_list->count);
3071 for (i = 0; i < bss_list->count; i++) {
3072 bi = next_bss_le(bss_list, bi);
3073 err = brcmf_inform_single_bss(cfg, bi);
3080 static s32 brcmf_inform_ibss(struct brcmf_cfg80211_info *cfg,
3081 struct net_device *ndev, const u8 *bssid)
3083 struct wiphy *wiphy = cfg_to_wiphy(cfg);
3084 struct brcmf_pub *drvr = cfg->pub;
3085 struct ieee80211_channel *notify_channel;
3086 struct brcmf_bss_info_le *bi = NULL;
3087 struct ieee80211_supported_band *band;
3088 struct cfg80211_bss *bss;
3089 struct brcmu_chan ch;
3093 u16 notify_capability;
3094 u16 notify_interval;
3096 size_t notify_ielen;
3099 brcmf_dbg(TRACE, "Enter\n");
3101 buf = kzalloc(WL_BSS_INFO_MAX, GFP_KERNEL);
3107 *(__le32 *)buf = cpu_to_le32(WL_BSS_INFO_MAX);
3109 err = brcmf_fil_cmd_data_get(netdev_priv(ndev), BRCMF_C_GET_BSS_INFO,
3110 buf, WL_BSS_INFO_MAX);
3112 bphy_err(drvr, "WLC_GET_BSS_INFO failed: %d\n", err);
3116 bi = (struct brcmf_bss_info_le *)(buf + 4);
3118 ch.chspec = le16_to_cpu(bi->chanspec);
3119 cfg->d11inf.decchspec(&ch);
3121 if (ch.band == BRCMU_CHAN_BAND_2G)
3122 band = wiphy->bands[NL80211_BAND_2GHZ];
3124 band = wiphy->bands[NL80211_BAND_5GHZ];
3126 freq = ieee80211_channel_to_frequency(ch.control_ch_num, band->band);
3127 cfg->channel = freq;
3128 notify_channel = ieee80211_get_channel(wiphy, freq);
3130 notify_capability = le16_to_cpu(bi->capability);
3131 notify_interval = le16_to_cpu(bi->beacon_period);
3132 notify_ie = (u8 *)bi + le16_to_cpu(bi->ie_offset);
3133 notify_ielen = le32_to_cpu(bi->ie_length);
3134 notify_signal = (s16)le16_to_cpu(bi->RSSI) * 100;
3136 brcmf_dbg(CONN, "channel: %d(%d)\n", ch.control_ch_num, freq);
3137 brcmf_dbg(CONN, "capability: %X\n", notify_capability);
3138 brcmf_dbg(CONN, "beacon interval: %d\n", notify_interval);
3139 brcmf_dbg(CONN, "signal: %d\n", notify_signal);
3141 bss = cfg80211_inform_bss(wiphy, notify_channel,
3142 CFG80211_BSS_FTYPE_UNKNOWN, bssid, 0,
3143 notify_capability, notify_interval,
3144 notify_ie, notify_ielen, notify_signal,
3152 cfg80211_put_bss(wiphy, bss);
3158 brcmf_dbg(TRACE, "Exit\n");
3163 static s32 brcmf_update_bss_info(struct brcmf_cfg80211_info *cfg,
3164 struct brcmf_if *ifp)
3166 struct brcmf_pub *drvr = cfg->pub;
3167 struct brcmf_bss_info_le *bi;
3168 const struct brcmf_tlv *tim;
3173 brcmf_dbg(TRACE, "Enter\n");
3174 if (brcmf_is_ibssmode(ifp->vif))
3177 *(__le32 *)cfg->extra_buf = cpu_to_le32(WL_EXTRA_BUF_MAX);
3178 err = brcmf_fil_cmd_data_get(ifp, BRCMF_C_GET_BSS_INFO,
3179 cfg->extra_buf, WL_EXTRA_BUF_MAX);
3181 bphy_err(drvr, "Could not get bss info %d\n", err);
3182 goto update_bss_info_out;
3185 bi = (struct brcmf_bss_info_le *)(cfg->extra_buf + 4);
3186 err = brcmf_inform_single_bss(cfg, bi);
3188 goto update_bss_info_out;
3190 ie = ((u8 *)bi) + le16_to_cpu(bi->ie_offset);
3191 ie_len = le32_to_cpu(bi->ie_length);
3193 tim = brcmf_parse_tlvs(ie, ie_len, WLAN_EID_TIM);
3196 * active scan was done so we could not get dtim
3197 * information out of probe response.
3198 * so we speficially query dtim information to dongle.
3201 err = brcmf_fil_iovar_int_get(ifp, "dtim_assoc", &var);
3203 bphy_err(drvr, "wl dtim_assoc failed (%d)\n", err);
3204 goto update_bss_info_out;
3208 update_bss_info_out:
3209 brcmf_dbg(TRACE, "Exit");
3213 void brcmf_abort_scanning(struct brcmf_cfg80211_info *cfg)
3215 struct escan_info *escan = &cfg->escan_info;
3217 set_bit(BRCMF_SCAN_STATUS_ABORT, &cfg->scan_status);
3218 if (cfg->int_escan_map || cfg->scan_request) {
3219 escan->escan_state = WL_ESCAN_STATE_IDLE;
3220 brcmf_notify_escan_complete(cfg, escan->ifp, true, true);
3222 clear_bit(BRCMF_SCAN_STATUS_BUSY, &cfg->scan_status);
3223 clear_bit(BRCMF_SCAN_STATUS_ABORT, &cfg->scan_status);
3226 static void brcmf_cfg80211_escan_timeout_worker(struct work_struct *work)
3228 struct brcmf_cfg80211_info *cfg =
3229 container_of(work, struct brcmf_cfg80211_info,
3230 escan_timeout_work);
3232 brcmf_inform_bss(cfg);
3233 brcmf_notify_escan_complete(cfg, cfg->escan_info.ifp, true, true);
3236 static void brcmf_escan_timeout(struct timer_list *t)
3238 struct brcmf_cfg80211_info *cfg =
3239 from_timer(cfg, t, escan_timeout);
3240 struct brcmf_pub *drvr = cfg->pub;
3242 if (cfg->int_escan_map || cfg->scan_request) {
3243 bphy_err(drvr, "timer expired\n");
3244 schedule_work(&cfg->escan_timeout_work);
3249 brcmf_compare_update_same_bss(struct brcmf_cfg80211_info *cfg,
3250 struct brcmf_bss_info_le *bss,
3251 struct brcmf_bss_info_le *bss_info_le)
3253 struct brcmu_chan ch_bss, ch_bss_info_le;
3255 ch_bss.chspec = le16_to_cpu(bss->chanspec);
3256 cfg->d11inf.decchspec(&ch_bss);
3257 ch_bss_info_le.chspec = le16_to_cpu(bss_info_le->chanspec);
3258 cfg->d11inf.decchspec(&ch_bss_info_le);
3260 if (!memcmp(&bss_info_le->BSSID, &bss->BSSID, ETH_ALEN) &&
3261 ch_bss.band == ch_bss_info_le.band &&
3262 bss_info_le->SSID_len == bss->SSID_len &&
3263 !memcmp(bss_info_le->SSID, bss->SSID, bss_info_le->SSID_len)) {
3264 if ((bss->flags & BRCMF_BSS_RSSI_ON_CHANNEL) ==
3265 (bss_info_le->flags & BRCMF_BSS_RSSI_ON_CHANNEL)) {
3266 s16 bss_rssi = le16_to_cpu(bss->RSSI);
3267 s16 bss_info_rssi = le16_to_cpu(bss_info_le->RSSI);
3269 /* preserve max RSSI if the measurements are
3270 * both on-channel or both off-channel
3272 if (bss_info_rssi > bss_rssi)
3273 bss->RSSI = bss_info_le->RSSI;
3274 } else if ((bss->flags & BRCMF_BSS_RSSI_ON_CHANNEL) &&
3275 (bss_info_le->flags & BRCMF_BSS_RSSI_ON_CHANNEL) == 0) {
3276 /* preserve the on-channel rssi measurement
3277 * if the new measurement is off channel
3279 bss->RSSI = bss_info_le->RSSI;
3280 bss->flags |= BRCMF_BSS_RSSI_ON_CHANNEL;
3288 brcmf_cfg80211_escan_handler(struct brcmf_if *ifp,
3289 const struct brcmf_event_msg *e, void *data)
3291 struct brcmf_pub *drvr = ifp->drvr;
3292 struct brcmf_cfg80211_info *cfg = drvr->config;
3294 struct brcmf_escan_result_le *escan_result_le;
3296 struct brcmf_bss_info_le *bss_info_le;
3297 struct brcmf_bss_info_le *bss = NULL;
3299 struct brcmf_scan_results *list;
3305 if (status == BRCMF_E_STATUS_ABORT)
3308 if (!test_bit(BRCMF_SCAN_STATUS_BUSY, &cfg->scan_status)) {
3309 bphy_err(drvr, "scan not ready, bsscfgidx=%d\n",
3314 if (status == BRCMF_E_STATUS_PARTIAL) {
3315 brcmf_dbg(SCAN, "ESCAN Partial result\n");
3316 if (e->datalen < sizeof(*escan_result_le)) {
3317 bphy_err(drvr, "invalid event data length\n");
3320 escan_result_le = (struct brcmf_escan_result_le *) data;
3321 if (!escan_result_le) {
3322 bphy_err(drvr, "Invalid escan result (NULL pointer)\n");
3325 escan_buflen = le32_to_cpu(escan_result_le->buflen);
3326 if (escan_buflen > BRCMF_ESCAN_BUF_SIZE ||
3327 escan_buflen > e->datalen ||
3328 escan_buflen < sizeof(*escan_result_le)) {
3329 bphy_err(drvr, "Invalid escan buffer length: %d\n",
3333 if (le16_to_cpu(escan_result_le->bss_count) != 1) {
3334 bphy_err(drvr, "Invalid bss_count %d: ignoring\n",
3335 escan_result_le->bss_count);
3338 bss_info_le = &escan_result_le->bss_info_le;
3340 if (brcmf_p2p_scan_finding_common_channel(cfg, bss_info_le))
3343 if (!cfg->int_escan_map && !cfg->scan_request) {
3344 brcmf_dbg(SCAN, "result without cfg80211 request\n");
3348 bi_length = le32_to_cpu(bss_info_le->length);
3349 if (bi_length != escan_buflen - WL_ESCAN_RESULTS_FIXED_SIZE) {
3350 bphy_err(drvr, "Ignoring invalid bss_info length: %d\n",
3355 if (!(cfg_to_wiphy(cfg)->interface_modes &
3356 BIT(NL80211_IFTYPE_ADHOC))) {
3357 if (le16_to_cpu(bss_info_le->capability) &
3358 WLAN_CAPABILITY_IBSS) {
3359 bphy_err(drvr, "Ignoring IBSS result\n");
3364 list = (struct brcmf_scan_results *)
3365 cfg->escan_info.escan_buf;
3366 if (bi_length > BRCMF_ESCAN_BUF_SIZE - list->buflen) {
3367 bphy_err(drvr, "Buffer is too small: ignoring\n");
3371 for (i = 0; i < list->count; i++) {
3372 bss = bss ? (struct brcmf_bss_info_le *)
3373 ((unsigned char *)bss +
3374 le32_to_cpu(bss->length)) : list->bss_info_le;
3375 if (brcmf_compare_update_same_bss(cfg, bss,
3379 memcpy(&cfg->escan_info.escan_buf[list->buflen], bss_info_le,
3381 list->version = le32_to_cpu(bss_info_le->version);
3382 list->buflen += bi_length;
3385 cfg->escan_info.escan_state = WL_ESCAN_STATE_IDLE;
3386 if (brcmf_p2p_scan_finding_common_channel(cfg, NULL))
3388 if (cfg->int_escan_map || cfg->scan_request) {
3389 brcmf_inform_bss(cfg);
3390 aborted = status != BRCMF_E_STATUS_SUCCESS;
3391 brcmf_notify_escan_complete(cfg, ifp, aborted, false);
3393 brcmf_dbg(SCAN, "Ignored scan complete result 0x%x\n",
3400 static void brcmf_init_escan(struct brcmf_cfg80211_info *cfg)
3402 brcmf_fweh_register(cfg->pub, BRCMF_E_ESCAN_RESULT,
3403 brcmf_cfg80211_escan_handler);
3404 cfg->escan_info.escan_state = WL_ESCAN_STATE_IDLE;
3405 /* Init scan_timeout timer */
3406 timer_setup(&cfg->escan_timeout, brcmf_escan_timeout, 0);
3407 INIT_WORK(&cfg->escan_timeout_work,
3408 brcmf_cfg80211_escan_timeout_worker);
3411 static struct cfg80211_scan_request *
3412 brcmf_alloc_internal_escan_request(struct wiphy *wiphy, u32 n_netinfo) {
3413 struct cfg80211_scan_request *req;
3416 req_size = sizeof(*req) +
3417 n_netinfo * sizeof(req->channels[0]) +
3418 n_netinfo * sizeof(*req->ssids);
3420 req = kzalloc(req_size, GFP_KERNEL);
3423 req->ssids = (void *)(&req->channels[0]) +
3424 n_netinfo * sizeof(req->channels[0]);
3429 static int brcmf_internal_escan_add_info(struct cfg80211_scan_request *req,
3430 u8 *ssid, u8 ssid_len, u8 channel)
3432 struct ieee80211_channel *chan;
3433 enum nl80211_band band;
3436 if (channel <= CH_MAX_2G_CHANNEL)
3437 band = NL80211_BAND_2GHZ;
3439 band = NL80211_BAND_5GHZ;
3441 freq = ieee80211_channel_to_frequency(channel, band);
3445 chan = ieee80211_get_channel(req->wiphy, freq);
3449 for (i = 0; i < req->n_channels; i++) {
3450 if (req->channels[i] == chan)
3453 if (i == req->n_channels)
3454 req->channels[req->n_channels++] = chan;
3456 for (i = 0; i < req->n_ssids; i++) {
3457 if (req->ssids[i].ssid_len == ssid_len &&
3458 !memcmp(req->ssids[i].ssid, ssid, ssid_len))
3461 if (i == req->n_ssids) {
3462 memcpy(req->ssids[req->n_ssids].ssid, ssid, ssid_len);
3463 req->ssids[req->n_ssids++].ssid_len = ssid_len;
3468 static int brcmf_start_internal_escan(struct brcmf_if *ifp, u32 fwmap,
3469 struct cfg80211_scan_request *request)
3471 struct brcmf_cfg80211_info *cfg = ifp->drvr->config;
3474 if (test_bit(BRCMF_SCAN_STATUS_BUSY, &cfg->scan_status)) {
3475 if (cfg->int_escan_map)
3476 brcmf_dbg(SCAN, "aborting internal scan: map=%u\n",
3477 cfg->int_escan_map);
3478 /* Abort any on-going scan */
3479 brcmf_abort_scanning(cfg);
3482 brcmf_dbg(SCAN, "start internal scan: map=%u\n", fwmap);
3483 set_bit(BRCMF_SCAN_STATUS_BUSY, &cfg->scan_status);
3484 cfg->escan_info.run = brcmf_run_escan;
3485 err = brcmf_do_escan(ifp, request);
3487 clear_bit(BRCMF_SCAN_STATUS_BUSY, &cfg->scan_status);
3490 cfg->int_escan_map = fwmap;
3494 static struct brcmf_pno_net_info_le *
3495 brcmf_get_netinfo_array(struct brcmf_pno_scanresults_le *pfn_v1)
3497 struct brcmf_pno_scanresults_v2_le *pfn_v2;
3498 struct brcmf_pno_net_info_le *netinfo;
3500 switch (pfn_v1->version) {
3504 case cpu_to_le32(1):
3505 netinfo = (struct brcmf_pno_net_info_le *)(pfn_v1 + 1);
3507 case cpu_to_le32(2):
3508 pfn_v2 = (struct brcmf_pno_scanresults_v2_le *)pfn_v1;
3509 netinfo = (struct brcmf_pno_net_info_le *)(pfn_v2 + 1);
3516 /* PFN result doesn't have all the info which are required by the supplicant
3517 * (For e.g IEs) Do a target Escan so that sched scan results are reported
3518 * via wl_inform_single_bss in the required format. Escan does require the
3519 * scan request in the form of cfg80211_scan_request. For timebeing, create
3520 * cfg80211_scan_request one out of the received PNO event.
3523 brcmf_notify_sched_scan_results(struct brcmf_if *ifp,
3524 const struct brcmf_event_msg *e, void *data)
3526 struct brcmf_pub *drvr = ifp->drvr;
3527 struct brcmf_cfg80211_info *cfg = drvr->config;
3528 struct brcmf_pno_net_info_le *netinfo, *netinfo_start;
3529 struct cfg80211_scan_request *request = NULL;
3530 struct wiphy *wiphy = cfg_to_wiphy(cfg);
3532 struct brcmf_pno_scanresults_le *pfn_result;
3538 brcmf_dbg(SCAN, "Enter\n");
3540 if (e->datalen < (sizeof(*pfn_result) + sizeof(*netinfo))) {
3541 brcmf_dbg(SCAN, "Event data to small. Ignore\n");
3545 if (e->event_code == BRCMF_E_PFN_NET_LOST) {
3546 brcmf_dbg(SCAN, "PFN NET LOST event. Do Nothing\n");
3550 pfn_result = (struct brcmf_pno_scanresults_le *)data;
3551 result_count = le32_to_cpu(pfn_result->count);
3552 status = le32_to_cpu(pfn_result->status);
3554 /* PFN event is limited to fit 512 bytes so we may get
3555 * multiple NET_FOUND events. For now place a warning here.
3557 WARN_ON(status != BRCMF_PNO_SCAN_COMPLETE);
3558 brcmf_dbg(SCAN, "PFN NET FOUND event. count: %d\n", result_count);
3559 if (!result_count) {
3560 bphy_err(drvr, "FALSE PNO Event. (pfn_count == 0)\n");
3564 netinfo_start = brcmf_get_netinfo_array(pfn_result);
3565 datalen = e->datalen - ((void *)netinfo_start - (void *)pfn_result);
3566 if (datalen < result_count * sizeof(*netinfo)) {
3567 bphy_err(drvr, "insufficient event data\n");
3571 request = brcmf_alloc_internal_escan_request(wiphy,
3579 for (i = 0; i < result_count; i++) {
3580 netinfo = &netinfo_start[i];
3582 if (netinfo->SSID_len > IEEE80211_MAX_SSID_LEN)
3583 netinfo->SSID_len = IEEE80211_MAX_SSID_LEN;
3584 brcmf_dbg(SCAN, "SSID:%.32s Channel:%d\n",
3585 netinfo->SSID, netinfo->channel);
3586 bucket_map |= brcmf_pno_get_bucket_map(cfg->pno, netinfo);
3587 err = brcmf_internal_escan_add_info(request,
3598 err = brcmf_start_internal_escan(ifp, bucket_map, request);
3603 cfg80211_sched_scan_stopped(wiphy, 0);
3610 brcmf_cfg80211_sched_scan_start(struct wiphy *wiphy,
3611 struct net_device *ndev,
3612 struct cfg80211_sched_scan_request *req)
3614 struct brcmf_cfg80211_info *cfg = wiphy_to_cfg(wiphy);
3615 struct brcmf_if *ifp = netdev_priv(ndev);
3616 struct brcmf_pub *drvr = cfg->pub;
3618 brcmf_dbg(SCAN, "Enter: n_match_sets=%d n_ssids=%d\n",
3619 req->n_match_sets, req->n_ssids);
3621 if (test_bit(BRCMF_SCAN_STATUS_SUPPRESS, &cfg->scan_status)) {
3622 bphy_err(drvr, "Scanning suppressed: status=%lu\n",
3627 if (req->n_match_sets <= 0) {
3628 brcmf_dbg(SCAN, "invalid number of matchsets specified: %d\n",
3633 return brcmf_pno_start_sched_scan(ifp, req);
3636 static int brcmf_cfg80211_sched_scan_stop(struct wiphy *wiphy,
3637 struct net_device *ndev, u64 reqid)
3639 struct brcmf_cfg80211_info *cfg = wiphy_to_cfg(wiphy);
3640 struct brcmf_if *ifp = netdev_priv(ndev);
3642 brcmf_dbg(SCAN, "enter\n");
3643 brcmf_pno_stop_sched_scan(ifp, reqid);
3644 if (cfg->int_escan_map)
3645 brcmf_notify_escan_complete(cfg, ifp, true, true);
3649 static __always_inline void brcmf_delay(u32 ms)
3651 if (ms < 1000 / HZ) {
3659 static s32 brcmf_config_wowl_pattern(struct brcmf_if *ifp, u8 cmd[4],
3660 u8 *pattern, u32 patternsize, u8 *mask,
3663 struct brcmf_fil_wowl_pattern_le *filter;
3670 masksize = (patternsize + 7) / 8;
3671 patternoffset = sizeof(*filter) - sizeof(filter->cmd) + masksize;
3673 bufsize = sizeof(*filter) + patternsize + masksize;
3674 buf = kzalloc(bufsize, GFP_KERNEL);
3677 filter = (struct brcmf_fil_wowl_pattern_le *)buf;
3679 memcpy(filter->cmd, cmd, 4);
3680 filter->masksize = cpu_to_le32(masksize);
3681 filter->offset = cpu_to_le32(packet_offset);
3682 filter->patternoffset = cpu_to_le32(patternoffset);
3683 filter->patternsize = cpu_to_le32(patternsize);
3684 filter->type = cpu_to_le32(BRCMF_WOWL_PATTERN_TYPE_BITMAP);
3686 if ((mask) && (masksize))
3687 memcpy(buf + sizeof(*filter), mask, masksize);
3688 if ((pattern) && (patternsize))
3689 memcpy(buf + sizeof(*filter) + masksize, pattern, patternsize);
3691 ret = brcmf_fil_iovar_data_set(ifp, "wowl_pattern", buf, bufsize);
3698 brcmf_wowl_nd_results(struct brcmf_if *ifp, const struct brcmf_event_msg *e,
3701 struct brcmf_pub *drvr = ifp->drvr;
3702 struct brcmf_cfg80211_info *cfg = drvr->config;
3703 struct brcmf_pno_scanresults_le *pfn_result;
3704 struct brcmf_pno_net_info_le *netinfo;
3706 brcmf_dbg(SCAN, "Enter\n");
3708 if (e->datalen < (sizeof(*pfn_result) + sizeof(*netinfo))) {
3709 brcmf_dbg(SCAN, "Event data to small. Ignore\n");
3713 pfn_result = (struct brcmf_pno_scanresults_le *)data;
3715 if (e->event_code == BRCMF_E_PFN_NET_LOST) {
3716 brcmf_dbg(SCAN, "PFN NET LOST event. Ignore\n");
3720 if (le32_to_cpu(pfn_result->count) < 1) {
3721 bphy_err(drvr, "Invalid result count, expected 1 (%d)\n",
3722 le32_to_cpu(pfn_result->count));
3726 netinfo = brcmf_get_netinfo_array(pfn_result);
3727 if (netinfo->SSID_len > IEEE80211_MAX_SSID_LEN)
3728 netinfo->SSID_len = IEEE80211_MAX_SSID_LEN;
3729 memcpy(cfg->wowl.nd->ssid.ssid, netinfo->SSID, netinfo->SSID_len);
3730 cfg->wowl.nd->ssid.ssid_len = netinfo->SSID_len;
3731 cfg->wowl.nd->n_channels = 1;
3732 cfg->wowl.nd->channels[0] =
3733 ieee80211_channel_to_frequency(netinfo->channel,
3734 netinfo->channel <= CH_MAX_2G_CHANNEL ?
3735 NL80211_BAND_2GHZ : NL80211_BAND_5GHZ);
3736 cfg->wowl.nd_info->n_matches = 1;
3737 cfg->wowl.nd_info->matches[0] = cfg->wowl.nd;
3739 /* Inform (the resume task) that the net detect information was recvd */
3740 cfg->wowl.nd_data_completed = true;
3741 wake_up(&cfg->wowl.nd_data_wait);
3748 static void brcmf_report_wowl_wakeind(struct wiphy *wiphy, struct brcmf_if *ifp)
3750 struct brcmf_cfg80211_info *cfg = wiphy_to_cfg(wiphy);
3751 struct brcmf_pub *drvr = cfg->pub;
3752 struct brcmf_wowl_wakeind_le wake_ind_le;
3753 struct cfg80211_wowlan_wakeup wakeup_data;
3754 struct cfg80211_wowlan_wakeup *wakeup;
3759 err = brcmf_fil_iovar_data_get(ifp, "wowl_wakeind", &wake_ind_le,
3760 sizeof(wake_ind_le));
3762 bphy_err(drvr, "Get wowl_wakeind failed, err = %d\n", err);
3766 wakeind = le32_to_cpu(wake_ind_le.ucode_wakeind);
3767 if (wakeind & (BRCMF_WOWL_MAGIC | BRCMF_WOWL_DIS | BRCMF_WOWL_BCN |
3768 BRCMF_WOWL_RETR | BRCMF_WOWL_NET |
3769 BRCMF_WOWL_PFN_FOUND)) {
3770 wakeup = &wakeup_data;
3771 memset(&wakeup_data, 0, sizeof(wakeup_data));
3772 wakeup_data.pattern_idx = -1;
3774 if (wakeind & BRCMF_WOWL_MAGIC) {
3775 brcmf_dbg(INFO, "WOWL Wake indicator: BRCMF_WOWL_MAGIC\n");
3776 wakeup_data.magic_pkt = true;
3778 if (wakeind & BRCMF_WOWL_DIS) {
3779 brcmf_dbg(INFO, "WOWL Wake indicator: BRCMF_WOWL_DIS\n");
3780 wakeup_data.disconnect = true;
3782 if (wakeind & BRCMF_WOWL_BCN) {
3783 brcmf_dbg(INFO, "WOWL Wake indicator: BRCMF_WOWL_BCN\n");
3784 wakeup_data.disconnect = true;
3786 if (wakeind & BRCMF_WOWL_RETR) {
3787 brcmf_dbg(INFO, "WOWL Wake indicator: BRCMF_WOWL_RETR\n");
3788 wakeup_data.disconnect = true;
3790 if (wakeind & BRCMF_WOWL_NET) {
3791 brcmf_dbg(INFO, "WOWL Wake indicator: BRCMF_WOWL_NET\n");
3792 /* For now always map to pattern 0, no API to get
3793 * correct information available at the moment.
3795 wakeup_data.pattern_idx = 0;
3797 if (wakeind & BRCMF_WOWL_PFN_FOUND) {
3798 brcmf_dbg(INFO, "WOWL Wake indicator: BRCMF_WOWL_PFN_FOUND\n");
3799 timeout = wait_event_timeout(cfg->wowl.nd_data_wait,
3800 cfg->wowl.nd_data_completed,
3801 BRCMF_ND_INFO_TIMEOUT);
3803 bphy_err(drvr, "No result for wowl net detect\n");
3805 wakeup_data.net_detect = cfg->wowl.nd_info;
3807 if (wakeind & BRCMF_WOWL_GTK_FAILURE) {
3808 brcmf_dbg(INFO, "WOWL Wake indicator: BRCMF_WOWL_GTK_FAILURE\n");
3809 wakeup_data.gtk_rekey_failure = true;
3814 cfg80211_report_wowlan_wakeup(&ifp->vif->wdev, wakeup, GFP_KERNEL);
3819 static void brcmf_report_wowl_wakeind(struct wiphy *wiphy, struct brcmf_if *ifp)
3823 #endif /* CONFIG_PM */
3825 static s32 brcmf_cfg80211_resume(struct wiphy *wiphy)
3827 struct brcmf_cfg80211_info *cfg = wiphy_to_cfg(wiphy);
3828 struct net_device *ndev = cfg_to_ndev(cfg);
3829 struct brcmf_if *ifp = netdev_priv(ndev);
3831 brcmf_dbg(TRACE, "Enter\n");
3833 if (cfg->wowl.active) {
3834 brcmf_report_wowl_wakeind(wiphy, ifp);
3835 brcmf_fil_iovar_int_set(ifp, "wowl_clear", 0);
3836 brcmf_config_wowl_pattern(ifp, "clr", NULL, 0, NULL, 0);
3837 if (!brcmf_feat_is_enabled(ifp, BRCMF_FEAT_WOWL_ARP_ND))
3838 brcmf_configure_arp_nd_offload(ifp, true);
3839 brcmf_fil_cmd_int_set(ifp, BRCMF_C_SET_PM,
3840 cfg->wowl.pre_pmmode);
3841 cfg->wowl.active = false;
3842 if (cfg->wowl.nd_enabled) {
3843 brcmf_cfg80211_sched_scan_stop(cfg->wiphy, ifp->ndev, 0);
3844 brcmf_fweh_unregister(cfg->pub, BRCMF_E_PFN_NET_FOUND);
3845 brcmf_fweh_register(cfg->pub, BRCMF_E_PFN_NET_FOUND,
3846 brcmf_notify_sched_scan_results);
3847 cfg->wowl.nd_enabled = false;
3853 static void brcmf_configure_wowl(struct brcmf_cfg80211_info *cfg,
3854 struct brcmf_if *ifp,
3855 struct cfg80211_wowlan *wowl)
3858 struct brcmf_wowl_wakeind_le wowl_wakeind;
3861 brcmf_dbg(TRACE, "Suspend, wowl config.\n");
3863 if (!brcmf_feat_is_enabled(ifp, BRCMF_FEAT_WOWL_ARP_ND))
3864 brcmf_configure_arp_nd_offload(ifp, false);
3865 brcmf_fil_cmd_int_get(ifp, BRCMF_C_GET_PM, &cfg->wowl.pre_pmmode);
3866 brcmf_fil_cmd_int_set(ifp, BRCMF_C_SET_PM, PM_MAX);
3869 if (wowl->disconnect)
3870 wowl_config = BRCMF_WOWL_DIS | BRCMF_WOWL_BCN | BRCMF_WOWL_RETR;
3871 if (wowl->magic_pkt)
3872 wowl_config |= BRCMF_WOWL_MAGIC;
3873 if ((wowl->patterns) && (wowl->n_patterns)) {
3874 wowl_config |= BRCMF_WOWL_NET;
3875 for (i = 0; i < wowl->n_patterns; i++) {
3876 brcmf_config_wowl_pattern(ifp, "add",
3877 (u8 *)wowl->patterns[i].pattern,
3878 wowl->patterns[i].pattern_len,
3879 (u8 *)wowl->patterns[i].mask,
3880 wowl->patterns[i].pkt_offset);
3883 if (wowl->nd_config) {
3884 brcmf_cfg80211_sched_scan_start(cfg->wiphy, ifp->ndev,
3886 wowl_config |= BRCMF_WOWL_PFN_FOUND;
3888 cfg->wowl.nd_data_completed = false;
3889 cfg->wowl.nd_enabled = true;
3890 /* Now reroute the event for PFN to the wowl function. */
3891 brcmf_fweh_unregister(cfg->pub, BRCMF_E_PFN_NET_FOUND);
3892 brcmf_fweh_register(cfg->pub, BRCMF_E_PFN_NET_FOUND,
3893 brcmf_wowl_nd_results);
3895 if (wowl->gtk_rekey_failure)
3896 wowl_config |= BRCMF_WOWL_GTK_FAILURE;
3897 if (!test_bit(BRCMF_VIF_STATUS_CONNECTED, &ifp->vif->sme_state))
3898 wowl_config |= BRCMF_WOWL_UNASSOC;
3900 memcpy(&wowl_wakeind, "clear", 6);
3901 brcmf_fil_iovar_data_set(ifp, "wowl_wakeind", &wowl_wakeind,
3902 sizeof(wowl_wakeind));
3903 brcmf_fil_iovar_int_set(ifp, "wowl", wowl_config);
3904 brcmf_fil_iovar_int_set(ifp, "wowl_activate", 1);
3905 brcmf_bus_wowl_config(cfg->pub->bus_if, true);
3906 cfg->wowl.active = true;
3909 static int brcmf_keepalive_start(struct brcmf_if *ifp, unsigned int interval)
3911 struct brcmf_mkeep_alive_pkt_le kalive = {0};
3914 /* Configure Null function/data keepalive */
3915 kalive.version = cpu_to_le16(1);
3916 kalive.period_msec = cpu_to_le32(interval * MSEC_PER_SEC);
3917 kalive.len_bytes = cpu_to_le16(0);
3918 kalive.keep_alive_id = 0;
3920 ret = brcmf_fil_iovar_data_set(ifp, "mkeep_alive", &kalive, sizeof(kalive));
3922 brcmf_err("keep-alive packet config failed, ret=%d\n", ret);
3927 static s32 brcmf_cfg80211_suspend(struct wiphy *wiphy,
3928 struct cfg80211_wowlan *wowl)
3930 struct brcmf_cfg80211_info *cfg = wiphy_to_cfg(wiphy);
3931 struct net_device *ndev = cfg_to_ndev(cfg);
3932 struct brcmf_if *ifp = netdev_priv(ndev);
3933 struct brcmf_cfg80211_vif *vif;
3935 brcmf_dbg(TRACE, "Enter\n");
3937 /* if the primary net_device is not READY there is nothing
3938 * we can do but pray resume goes smoothly.
3940 if (!check_vif_up(ifp->vif))
3943 /* Stop scheduled scan */
3944 if (brcmf_feat_is_enabled(ifp, BRCMF_FEAT_PNO))
3945 brcmf_cfg80211_sched_scan_stop(wiphy, ndev, 0);
3947 /* end any scanning */
3948 if (test_bit(BRCMF_SCAN_STATUS_BUSY, &cfg->scan_status))
3949 brcmf_abort_scanning(cfg);
3952 brcmf_bus_wowl_config(cfg->pub->bus_if, false);
3953 list_for_each_entry(vif, &cfg->vif_list, list) {
3954 if (!test_bit(BRCMF_VIF_STATUS_READY, &vif->sme_state))
3956 /* While going to suspend if associated with AP
3957 * disassociate from AP to save power while system is
3958 * in suspended state
3960 brcmf_link_down(vif, WLAN_REASON_UNSPECIFIED, true);
3961 /* Make sure WPA_Supplicant receives all the event
3962 * generated due to DISASSOC call to the fw to keep
3963 * the state fw and WPA_Supplicant state consistent
3968 brcmf_set_mpc(ifp, 1);
3971 /* Configure WOWL paramaters */
3972 brcmf_configure_wowl(cfg, ifp, wowl);
3974 /* Prevent disassociation due to inactivity with keep-alive */
3975 brcmf_keepalive_start(ifp, 30);
3979 brcmf_dbg(TRACE, "Exit\n");
3980 /* clear any scanning activity */
3981 cfg->scan_status = 0;
3986 brcmf_update_pmklist(struct brcmf_cfg80211_info *cfg, struct brcmf_if *ifp)
3988 struct brcmf_pmk_list_le *pmk_list;
3993 pmk_list = &cfg->pmk_list;
3994 npmk = le32_to_cpu(pmk_list->npmk);
3996 brcmf_dbg(CONN, "No of elements %d\n", npmk);
3997 for (i = 0; i < npmk; i++)
3998 brcmf_dbg(CONN, "PMK[%d]: %pM\n", i, &pmk_list->pmk[i].bssid);
4000 err = brcmf_fil_iovar_data_set(ifp, "pmkid_info", pmk_list,
4007 brcmf_cfg80211_set_pmksa(struct wiphy *wiphy, struct net_device *ndev,
4008 struct cfg80211_pmksa *pmksa)
4010 struct brcmf_cfg80211_info *cfg = wiphy_to_cfg(wiphy);
4011 struct brcmf_if *ifp = netdev_priv(ndev);
4012 struct brcmf_pmksa *pmk = &cfg->pmk_list.pmk[0];
4013 struct brcmf_pub *drvr = cfg->pub;
4017 brcmf_dbg(TRACE, "Enter\n");
4018 if (!check_vif_up(ifp->vif))
4021 npmk = le32_to_cpu(cfg->pmk_list.npmk);
4022 for (i = 0; i < npmk; i++)
4023 if (!memcmp(pmksa->bssid, pmk[i].bssid, ETH_ALEN))
4025 if (i < BRCMF_MAXPMKID) {
4026 memcpy(pmk[i].bssid, pmksa->bssid, ETH_ALEN);
4027 memcpy(pmk[i].pmkid, pmksa->pmkid, WLAN_PMKID_LEN);
4030 cfg->pmk_list.npmk = cpu_to_le32(npmk);
4033 bphy_err(drvr, "Too many PMKSA entries cached %d\n", npmk);
4037 brcmf_dbg(CONN, "set_pmksa - PMK bssid: %pM =\n", pmk[npmk].bssid);
4038 brcmf_dbg(CONN, "%*ph\n", WLAN_PMKID_LEN, pmk[npmk].pmkid);
4040 err = brcmf_update_pmklist(cfg, ifp);
4042 brcmf_dbg(TRACE, "Exit\n");
4047 brcmf_cfg80211_del_pmksa(struct wiphy *wiphy, struct net_device *ndev,
4048 struct cfg80211_pmksa *pmksa)
4050 struct brcmf_cfg80211_info *cfg = wiphy_to_cfg(wiphy);
4051 struct brcmf_if *ifp = netdev_priv(ndev);
4052 struct brcmf_pmksa *pmk = &cfg->pmk_list.pmk[0];
4053 struct brcmf_pub *drvr = cfg->pub;
4057 brcmf_dbg(TRACE, "Enter\n");
4058 if (!check_vif_up(ifp->vif))
4061 brcmf_dbg(CONN, "del_pmksa - PMK bssid = %pM\n", pmksa->bssid);
4063 npmk = le32_to_cpu(cfg->pmk_list.npmk);
4064 for (i = 0; i < npmk; i++)
4065 if (!memcmp(pmksa->bssid, pmk[i].bssid, ETH_ALEN))
4068 if ((npmk > 0) && (i < npmk)) {
4069 for (; i < (npmk - 1); i++) {
4070 memcpy(&pmk[i].bssid, &pmk[i + 1].bssid, ETH_ALEN);
4071 memcpy(&pmk[i].pmkid, &pmk[i + 1].pmkid,
4074 memset(&pmk[i], 0, sizeof(*pmk));
4075 cfg->pmk_list.npmk = cpu_to_le32(npmk - 1);
4077 bphy_err(drvr, "Cache entry not found\n");
4081 err = brcmf_update_pmklist(cfg, ifp);
4083 brcmf_dbg(TRACE, "Exit\n");
4089 brcmf_cfg80211_flush_pmksa(struct wiphy *wiphy, struct net_device *ndev)
4091 struct brcmf_cfg80211_info *cfg = wiphy_to_cfg(wiphy);
4092 struct brcmf_if *ifp = netdev_priv(ndev);
4095 brcmf_dbg(TRACE, "Enter\n");
4096 if (!check_vif_up(ifp->vif))
4099 memset(&cfg->pmk_list, 0, sizeof(cfg->pmk_list));
4100 err = brcmf_update_pmklist(cfg, ifp);
4102 brcmf_dbg(TRACE, "Exit\n");
4107 static s32 brcmf_configure_opensecurity(struct brcmf_if *ifp)
4109 struct brcmf_pub *drvr = ifp->drvr;
4114 err = brcmf_fil_bsscfg_int_set(ifp, "auth", 0);
4116 bphy_err(drvr, "auth error %d\n", err);
4120 err = brcmf_fil_bsscfg_int_set(ifp, "wsec", 0);
4122 bphy_err(drvr, "wsec error %d\n", err);
4125 /* set upper-layer auth */
4126 if (brcmf_is_ibssmode(ifp->vif))
4127 wpa_val = WPA_AUTH_NONE;
4129 wpa_val = WPA_AUTH_DISABLED;
4130 err = brcmf_fil_bsscfg_int_set(ifp, "wpa_auth", wpa_val);
4132 bphy_err(drvr, "wpa_auth error %d\n", err);
4139 static bool brcmf_valid_wpa_oui(u8 *oui, bool is_rsn_ie)
4142 return (memcmp(oui, RSN_OUI, TLV_OUI_LEN) == 0);
4144 return (memcmp(oui, WPA_OUI, TLV_OUI_LEN) == 0);
4148 brcmf_configure_wpaie(struct brcmf_if *ifp,
4149 const struct brcmf_vs_tlv *wpa_ie,
4152 struct brcmf_pub *drvr = ifp->drvr;
4153 u32 auth = 0; /* d11 open authentication */
4165 u32 wme_bss_disable;
4168 brcmf_dbg(TRACE, "Enter\n");
4172 len = wpa_ie->len + TLV_HDR_LEN;
4173 data = (u8 *)wpa_ie;
4174 offset = TLV_HDR_LEN;
4176 offset += VS_IE_FIXED_HDR_LEN;
4178 offset += WPA_IE_VERSION_LEN;
4180 /* check for multicast cipher suite */
4181 if (offset + WPA_IE_MIN_OUI_LEN > len) {
4183 bphy_err(drvr, "no multicast cipher suite\n");
4187 if (!brcmf_valid_wpa_oui(&data[offset], is_rsn_ie)) {
4189 bphy_err(drvr, "ivalid OUI\n");
4192 offset += TLV_OUI_LEN;
4194 /* pick up multicast cipher */
4195 switch (data[offset]) {
4196 case WPA_CIPHER_NONE:
4199 case WPA_CIPHER_WEP_40:
4200 case WPA_CIPHER_WEP_104:
4203 case WPA_CIPHER_TKIP:
4204 gval = TKIP_ENABLED;
4206 case WPA_CIPHER_AES_CCM:
4211 bphy_err(drvr, "Invalid multi cast cipher info\n");
4216 /* walk thru unicast cipher list and pick up what we recognize */
4217 count = data[offset] + (data[offset + 1] << 8);
4218 offset += WPA_IE_SUITE_COUNT_LEN;
4219 /* Check for unicast suite(s) */
4220 if (offset + (WPA_IE_MIN_OUI_LEN * count) > len) {
4222 bphy_err(drvr, "no unicast cipher suite\n");
4225 for (i = 0; i < count; i++) {
4226 if (!brcmf_valid_wpa_oui(&data[offset], is_rsn_ie)) {
4228 bphy_err(drvr, "ivalid OUI\n");
4231 offset += TLV_OUI_LEN;
4232 switch (data[offset]) {
4233 case WPA_CIPHER_NONE:
4235 case WPA_CIPHER_WEP_40:
4236 case WPA_CIPHER_WEP_104:
4237 pval |= WEP_ENABLED;
4239 case WPA_CIPHER_TKIP:
4240 pval |= TKIP_ENABLED;
4242 case WPA_CIPHER_AES_CCM:
4243 pval |= AES_ENABLED;
4246 bphy_err(drvr, "Invalid unicast security info\n");
4250 /* walk thru auth management suite list and pick up what we recognize */
4251 count = data[offset] + (data[offset + 1] << 8);
4252 offset += WPA_IE_SUITE_COUNT_LEN;
4253 /* Check for auth key management suite(s) */
4254 if (offset + (WPA_IE_MIN_OUI_LEN * count) > len) {
4256 bphy_err(drvr, "no auth key mgmt suite\n");
4259 for (i = 0; i < count; i++) {
4260 if (!brcmf_valid_wpa_oui(&data[offset], is_rsn_ie)) {
4262 bphy_err(drvr, "ivalid OUI\n");
4265 offset += TLV_OUI_LEN;
4266 switch (data[offset]) {
4268 brcmf_dbg(TRACE, "RSN_AKM_NONE\n");
4269 wpa_auth |= WPA_AUTH_NONE;
4271 case RSN_AKM_UNSPECIFIED:
4272 brcmf_dbg(TRACE, "RSN_AKM_UNSPECIFIED\n");
4273 is_rsn_ie ? (wpa_auth |= WPA2_AUTH_UNSPECIFIED) :
4274 (wpa_auth |= WPA_AUTH_UNSPECIFIED);
4277 brcmf_dbg(TRACE, "RSN_AKM_PSK\n");
4278 is_rsn_ie ? (wpa_auth |= WPA2_AUTH_PSK) :
4279 (wpa_auth |= WPA_AUTH_PSK);
4281 case RSN_AKM_SHA256_PSK:
4282 brcmf_dbg(TRACE, "RSN_AKM_MFP_PSK\n");
4283 wpa_auth |= WPA2_AUTH_PSK_SHA256;
4285 case RSN_AKM_SHA256_1X:
4286 brcmf_dbg(TRACE, "RSN_AKM_MFP_1X\n");
4287 wpa_auth |= WPA2_AUTH_1X_SHA256;
4290 brcmf_dbg(TRACE, "RSN_AKM_SAE\n");
4291 wpa_auth |= WPA3_AUTH_SAE_PSK;
4294 bphy_err(drvr, "Invalid key mgmt info\n");
4299 mfp = BRCMF_MFP_NONE;
4301 wme_bss_disable = 1;
4302 if ((offset + RSN_CAP_LEN) <= len) {
4303 rsn_cap = data[offset] + (data[offset + 1] << 8);
4304 if (rsn_cap & RSN_CAP_PTK_REPLAY_CNTR_MASK)
4305 wme_bss_disable = 0;
4306 if (rsn_cap & RSN_CAP_MFPR_MASK) {
4307 brcmf_dbg(TRACE, "MFP Required\n");
4308 mfp = BRCMF_MFP_REQUIRED;
4309 /* Firmware only supports mfp required in
4310 * combination with WPA2_AUTH_PSK_SHA256,
4311 * WPA2_AUTH_1X_SHA256, or WPA3_AUTH_SAE_PSK.
4313 if (!(wpa_auth & (WPA2_AUTH_PSK_SHA256 |
4314 WPA2_AUTH_1X_SHA256 |
4315 WPA3_AUTH_SAE_PSK))) {
4319 /* Firmware has requirement that WPA2_AUTH_PSK/
4320 * WPA2_AUTH_UNSPECIFIED be set, if SHA256 OUI
4321 * is to be included in the rsn ie.
4323 if (wpa_auth & WPA2_AUTH_PSK_SHA256)
4324 wpa_auth |= WPA2_AUTH_PSK;
4325 else if (wpa_auth & WPA2_AUTH_1X_SHA256)
4326 wpa_auth |= WPA2_AUTH_UNSPECIFIED;
4327 } else if (rsn_cap & RSN_CAP_MFPC_MASK) {
4328 brcmf_dbg(TRACE, "MFP Capable\n");
4329 mfp = BRCMF_MFP_CAPABLE;
4332 offset += RSN_CAP_LEN;
4333 /* set wme_bss_disable to sync RSN Capabilities */
4334 err = brcmf_fil_bsscfg_int_set(ifp, "wme_bss_disable",
4337 bphy_err(drvr, "wme_bss_disable error %d\n", err);
4341 /* Skip PMKID cnt as it is know to be 0 for AP. */
4342 offset += RSN_PMKID_COUNT_LEN;
4344 /* See if there is BIP wpa suite left for MFP */
4345 if (brcmf_feat_is_enabled(ifp, BRCMF_FEAT_MFP) &&
4346 ((offset + WPA_IE_MIN_OUI_LEN) <= len)) {
4347 err = brcmf_fil_bsscfg_data_set(ifp, "bip",
4349 WPA_IE_MIN_OUI_LEN);
4351 bphy_err(drvr, "bip error %d\n", err);
4356 /* FOR WPS , set SES_OW_ENABLED */
4357 wsec = (pval | gval | SES_OW_ENABLED);
4360 err = brcmf_fil_bsscfg_int_set(ifp, "auth", auth);
4362 bphy_err(drvr, "auth error %d\n", err);
4366 err = brcmf_fil_bsscfg_int_set(ifp, "wsec", wsec);
4368 bphy_err(drvr, "wsec error %d\n", err);
4371 /* Configure MFP, this needs to go after wsec otherwise the wsec command
4372 * will overwrite the values set by MFP
4374 if (brcmf_feat_is_enabled(ifp, BRCMF_FEAT_MFP)) {
4375 err = brcmf_fil_bsscfg_int_set(ifp, "mfp", mfp);
4377 bphy_err(drvr, "mfp error %d\n", err);
4381 /* set upper-layer auth */
4382 err = brcmf_fil_bsscfg_int_set(ifp, "wpa_auth", wpa_auth);
4384 bphy_err(drvr, "wpa_auth error %d\n", err);
4393 brcmf_parse_vndr_ies(const u8 *vndr_ie_buf, u32 vndr_ie_len,
4394 struct parsed_vndr_ies *vndr_ies)
4396 struct brcmf_vs_tlv *vndrie;
4397 struct brcmf_tlv *ie;
4398 struct parsed_vndr_ie_info *parsed_info;
4401 remaining_len = (s32)vndr_ie_len;
4402 memset(vndr_ies, 0, sizeof(*vndr_ies));
4404 ie = (struct brcmf_tlv *)vndr_ie_buf;
4406 if (ie->id != WLAN_EID_VENDOR_SPECIFIC)
4408 vndrie = (struct brcmf_vs_tlv *)ie;
4409 /* len should be bigger than OUI length + one */
4410 if (vndrie->len < (VS_IE_FIXED_HDR_LEN - TLV_HDR_LEN + 1)) {
4411 brcmf_err("invalid vndr ie. length is too small %d\n",
4415 /* if wpa or wme ie, do not add ie */
4416 if (!memcmp(vndrie->oui, (u8 *)WPA_OUI, TLV_OUI_LEN) &&
4417 ((vndrie->oui_type == WPA_OUI_TYPE) ||
4418 (vndrie->oui_type == WME_OUI_TYPE))) {
4419 brcmf_dbg(TRACE, "Found WPA/WME oui. Do not add it\n");
4423 parsed_info = &vndr_ies->ie_info[vndr_ies->count];
4425 /* save vndr ie information */
4426 parsed_info->ie_ptr = (char *)vndrie;
4427 parsed_info->ie_len = vndrie->len + TLV_HDR_LEN;
4428 memcpy(&parsed_info->vndrie, vndrie, sizeof(*vndrie));
4432 brcmf_dbg(TRACE, "** OUI %3ph, type 0x%02x\n",
4433 parsed_info->vndrie.oui,
4434 parsed_info->vndrie.oui_type);
4436 if (vndr_ies->count >= VNDR_IE_PARSE_LIMIT)
4439 remaining_len -= (ie->len + TLV_HDR_LEN);
4440 if (remaining_len <= TLV_HDR_LEN)
4443 ie = (struct brcmf_tlv *)(((u8 *)ie) + ie->len +
4450 brcmf_vndr_ie(u8 *iebuf, s32 pktflag, u8 *ie_ptr, u32 ie_len, s8 *add_del_cmd)
4452 strscpy(iebuf, add_del_cmd, VNDR_IE_CMD_LEN);
4454 put_unaligned_le32(1, &iebuf[VNDR_IE_COUNT_OFFSET]);
4456 put_unaligned_le32(pktflag, &iebuf[VNDR_IE_PKTFLAG_OFFSET]);
4458 memcpy(&iebuf[VNDR_IE_VSIE_OFFSET], ie_ptr, ie_len);
4460 return ie_len + VNDR_IE_HDR_SIZE;
4463 s32 brcmf_vif_set_mgmt_ie(struct brcmf_cfg80211_vif *vif, s32 pktflag,
4464 const u8 *vndr_ie_buf, u32 vndr_ie_len)
4466 struct brcmf_pub *drvr;
4467 struct brcmf_if *ifp;
4468 struct vif_saved_ie *saved_ie;
4472 u8 *mgmt_ie_buf = NULL;
4473 int mgmt_ie_buf_len;
4475 u32 del_add_ie_buf_len = 0;
4476 u32 total_ie_buf_len = 0;
4477 u32 parsed_ie_buf_len = 0;
4478 struct parsed_vndr_ies old_vndr_ies;
4479 struct parsed_vndr_ies new_vndr_ies;
4480 struct parsed_vndr_ie_info *vndrie_info;
4483 int remained_buf_len;
4489 saved_ie = &vif->saved_ie;
4491 brcmf_dbg(TRACE, "bsscfgidx %d, pktflag : 0x%02X\n", ifp->bsscfgidx,
4493 iovar_ie_buf = kzalloc(WL_EXTRA_BUF_MAX, GFP_KERNEL);
4496 curr_ie_buf = iovar_ie_buf;
4498 case BRCMF_VNDR_IE_PRBREQ_FLAG:
4499 mgmt_ie_buf = saved_ie->probe_req_ie;
4500 mgmt_ie_len = &saved_ie->probe_req_ie_len;
4501 mgmt_ie_buf_len = sizeof(saved_ie->probe_req_ie);
4503 case BRCMF_VNDR_IE_PRBRSP_FLAG:
4504 mgmt_ie_buf = saved_ie->probe_res_ie;
4505 mgmt_ie_len = &saved_ie->probe_res_ie_len;
4506 mgmt_ie_buf_len = sizeof(saved_ie->probe_res_ie);
4508 case BRCMF_VNDR_IE_BEACON_FLAG:
4509 mgmt_ie_buf = saved_ie->beacon_ie;
4510 mgmt_ie_len = &saved_ie->beacon_ie_len;
4511 mgmt_ie_buf_len = sizeof(saved_ie->beacon_ie);
4513 case BRCMF_VNDR_IE_ASSOCREQ_FLAG:
4514 mgmt_ie_buf = saved_ie->assoc_req_ie;
4515 mgmt_ie_len = &saved_ie->assoc_req_ie_len;
4516 mgmt_ie_buf_len = sizeof(saved_ie->assoc_req_ie);
4518 case BRCMF_VNDR_IE_ASSOCRSP_FLAG:
4519 mgmt_ie_buf = saved_ie->assoc_res_ie;
4520 mgmt_ie_len = &saved_ie->assoc_res_ie_len;
4521 mgmt_ie_buf_len = sizeof(saved_ie->assoc_res_ie);
4525 bphy_err(drvr, "not suitable type\n");
4529 if (vndr_ie_len > mgmt_ie_buf_len) {
4531 bphy_err(drvr, "extra IE size too big\n");
4535 /* parse and save new vndr_ie in curr_ie_buff before comparing it */
4536 if (vndr_ie_buf && vndr_ie_len && curr_ie_buf) {
4538 brcmf_parse_vndr_ies(vndr_ie_buf, vndr_ie_len, &new_vndr_ies);
4539 for (i = 0; i < new_vndr_ies.count; i++) {
4540 vndrie_info = &new_vndr_ies.ie_info[i];
4541 memcpy(ptr + parsed_ie_buf_len, vndrie_info->ie_ptr,
4542 vndrie_info->ie_len);
4543 parsed_ie_buf_len += vndrie_info->ie_len;
4547 if (mgmt_ie_buf && *mgmt_ie_len) {
4548 if (parsed_ie_buf_len && (parsed_ie_buf_len == *mgmt_ie_len) &&
4549 (memcmp(mgmt_ie_buf, curr_ie_buf,
4550 parsed_ie_buf_len) == 0)) {
4551 brcmf_dbg(TRACE, "Previous mgmt IE equals to current IE\n");
4555 /* parse old vndr_ie */
4556 brcmf_parse_vndr_ies(mgmt_ie_buf, *mgmt_ie_len, &old_vndr_ies);
4558 /* make a command to delete old ie */
4559 for (i = 0; i < old_vndr_ies.count; i++) {
4560 vndrie_info = &old_vndr_ies.ie_info[i];
4562 brcmf_dbg(TRACE, "DEL ID : %d, Len: %d , OUI:%3ph\n",
4563 vndrie_info->vndrie.id,
4564 vndrie_info->vndrie.len,
4565 vndrie_info->vndrie.oui);
4567 del_add_ie_buf_len = brcmf_vndr_ie(curr_ie_buf, pktflag,
4568 vndrie_info->ie_ptr,
4569 vndrie_info->ie_len,
4571 curr_ie_buf += del_add_ie_buf_len;
4572 total_ie_buf_len += del_add_ie_buf_len;
4577 /* Add if there is any extra IE */
4578 if (mgmt_ie_buf && parsed_ie_buf_len) {
4581 remained_buf_len = mgmt_ie_buf_len;
4583 /* make a command to add new ie */
4584 for (i = 0; i < new_vndr_ies.count; i++) {
4585 vndrie_info = &new_vndr_ies.ie_info[i];
4587 /* verify remained buf size before copy data */
4588 if (remained_buf_len < (vndrie_info->vndrie.len +
4589 VNDR_IE_VSIE_OFFSET)) {
4590 bphy_err(drvr, "no space in mgmt_ie_buf: len left %d",
4594 remained_buf_len -= (vndrie_info->ie_len +
4595 VNDR_IE_VSIE_OFFSET);
4597 brcmf_dbg(TRACE, "ADDED ID : %d, Len: %d, OUI:%3ph\n",
4598 vndrie_info->vndrie.id,
4599 vndrie_info->vndrie.len,
4600 vndrie_info->vndrie.oui);
4602 del_add_ie_buf_len = brcmf_vndr_ie(curr_ie_buf, pktflag,
4603 vndrie_info->ie_ptr,
4604 vndrie_info->ie_len,
4607 /* save the parsed IE in wl struct */
4608 memcpy(ptr + (*mgmt_ie_len), vndrie_info->ie_ptr,
4609 vndrie_info->ie_len);
4610 *mgmt_ie_len += vndrie_info->ie_len;
4612 curr_ie_buf += del_add_ie_buf_len;
4613 total_ie_buf_len += del_add_ie_buf_len;
4616 if (total_ie_buf_len) {
4617 err = brcmf_fil_bsscfg_data_set(ifp, "vndr_ie", iovar_ie_buf,
4620 bphy_err(drvr, "vndr ie set error : %d\n", err);
4624 kfree(iovar_ie_buf);
4628 s32 brcmf_vif_clear_mgmt_ies(struct brcmf_cfg80211_vif *vif)
4630 static const s32 pktflags[] = {
4631 BRCMF_VNDR_IE_PRBREQ_FLAG,
4632 BRCMF_VNDR_IE_PRBRSP_FLAG,
4633 BRCMF_VNDR_IE_BEACON_FLAG
4637 for (i = 0; i < ARRAY_SIZE(pktflags); i++)
4638 brcmf_vif_set_mgmt_ie(vif, pktflags[i], NULL, 0);
4640 memset(&vif->saved_ie, 0, sizeof(vif->saved_ie));
4645 brcmf_config_ap_mgmt_ie(struct brcmf_cfg80211_vif *vif,
4646 struct cfg80211_beacon_data *beacon)
4648 struct brcmf_pub *drvr = vif->ifp->drvr;
4651 /* Set Beacon IEs to FW */
4652 err = brcmf_vif_set_mgmt_ie(vif, BRCMF_VNDR_IE_BEACON_FLAG,
4653 beacon->tail, beacon->tail_len);
4655 bphy_err(drvr, "Set Beacon IE Failed\n");
4658 brcmf_dbg(TRACE, "Applied Vndr IEs for Beacon\n");
4660 /* Set Probe Response IEs to FW */
4661 err = brcmf_vif_set_mgmt_ie(vif, BRCMF_VNDR_IE_PRBRSP_FLAG,
4662 beacon->proberesp_ies,
4663 beacon->proberesp_ies_len);
4665 bphy_err(drvr, "Set Probe Resp IE Failed\n");
4667 brcmf_dbg(TRACE, "Applied Vndr IEs for Probe Resp\n");
4669 /* Set Assoc Response IEs to FW */
4670 err = brcmf_vif_set_mgmt_ie(vif, BRCMF_VNDR_IE_ASSOCRSP_FLAG,
4671 beacon->assocresp_ies,
4672 beacon->assocresp_ies_len);
4674 brcmf_err("Set Assoc Resp IE Failed\n");
4676 brcmf_dbg(TRACE, "Applied Vndr IEs for Assoc Resp\n");
4682 brcmf_parse_configure_security(struct brcmf_if *ifp,
4683 struct cfg80211_ap_settings *settings,
4684 enum nl80211_iftype dev_role)
4686 const struct brcmf_tlv *rsn_ie;
4687 const struct brcmf_vs_tlv *wpa_ie;
4690 /* find the RSN_IE */
4691 rsn_ie = brcmf_parse_tlvs((u8 *)settings->beacon.tail,
4692 settings->beacon.tail_len, WLAN_EID_RSN);
4694 /* find the WPA_IE */
4695 wpa_ie = brcmf_find_wpaie((u8 *)settings->beacon.tail,
4696 settings->beacon.tail_len);
4698 if (wpa_ie || rsn_ie) {
4699 brcmf_dbg(TRACE, "WPA(2) IE is found\n");
4702 err = brcmf_configure_wpaie(ifp, wpa_ie, false);
4706 struct brcmf_vs_tlv *tmp_ie;
4708 tmp_ie = (struct brcmf_vs_tlv *)rsn_ie;
4711 err = brcmf_configure_wpaie(ifp, tmp_ie, true);
4716 brcmf_dbg(TRACE, "No WPA(2) IEs found\n");
4717 brcmf_configure_opensecurity(ifp);
4724 brcmf_cfg80211_start_ap(struct wiphy *wiphy, struct net_device *ndev,
4725 struct cfg80211_ap_settings *settings)
4728 struct brcmf_cfg80211_info *cfg = wiphy_to_cfg(wiphy);
4729 struct brcmf_if *ifp = netdev_priv(ndev);
4730 struct brcmf_pub *drvr = cfg->pub;
4731 struct brcmf_cfg80211_profile *profile = &ifp->vif->profile;
4732 struct cfg80211_crypto_settings *crypto = &settings->crypto;
4733 const struct brcmf_tlv *ssid_ie;
4734 const struct brcmf_tlv *country_ie;
4735 struct brcmf_ssid_le ssid_le;
4737 struct brcmf_join_params join_params;
4738 enum nl80211_iftype dev_role;
4739 struct brcmf_fil_bss_enable_le bss_enable;
4740 u16 chanspec = chandef_to_chanspec(&cfg->d11inf, &settings->chandef);
4745 brcmf_dbg(TRACE, "ctrlchn=%d, center=%d, bw=%d, beacon_interval=%d, dtim_period=%d,\n",
4746 settings->chandef.chan->hw_value,
4747 settings->chandef.center_freq1, settings->chandef.width,
4748 settings->beacon_interval, settings->dtim_period);
4749 brcmf_dbg(TRACE, "ssid=%s(%zu), auth_type=%d, inactivity_timeout=%d\n",
4750 settings->ssid, settings->ssid_len, settings->auth_type,
4751 settings->inactivity_timeout);
4752 dev_role = ifp->vif->wdev.iftype;
4753 mbss = ifp->vif->mbss;
4755 /* store current 11d setting */
4756 if (brcmf_fil_cmd_int_get(ifp, BRCMF_C_GET_REGULATORY,
4757 &ifp->vif->is_11d)) {
4758 is_11d = supports_11d = false;
4760 country_ie = brcmf_parse_tlvs((u8 *)settings->beacon.tail,
4761 settings->beacon.tail_len,
4763 is_11d = country_ie ? 1 : 0;
4764 supports_11d = true;
4767 memset(&ssid_le, 0, sizeof(ssid_le));
4768 if (settings->ssid == NULL || settings->ssid_len == 0) {
4769 ie_offset = DOT11_MGMT_HDR_LEN + DOT11_BCN_PRB_FIXED_LEN;
4770 ssid_ie = brcmf_parse_tlvs(
4771 (u8 *)&settings->beacon.head[ie_offset],
4772 settings->beacon.head_len - ie_offset,
4774 if (!ssid_ie || ssid_ie->len > IEEE80211_MAX_SSID_LEN)
4777 memcpy(ssid_le.SSID, ssid_ie->data, ssid_ie->len);
4778 ssid_le.SSID_len = cpu_to_le32(ssid_ie->len);
4779 brcmf_dbg(TRACE, "SSID is (%s) in Head\n", ssid_le.SSID);
4781 memcpy(ssid_le.SSID, settings->ssid, settings->ssid_len);
4782 ssid_le.SSID_len = cpu_to_le32((u32)settings->ssid_len);
4786 brcmf_set_mpc(ifp, 0);
4787 brcmf_configure_arp_nd_offload(ifp, false);
4790 /* Parameters shared by all radio interfaces */
4792 if ((supports_11d) && (is_11d != ifp->vif->is_11d)) {
4793 err = brcmf_fil_cmd_int_set(ifp, BRCMF_C_SET_REGULATORY,
4796 bphy_err(drvr, "Regulatory Set Error, %d\n",
4801 if (settings->beacon_interval) {
4802 err = brcmf_fil_cmd_int_set(ifp, BRCMF_C_SET_BCNPRD,
4803 settings->beacon_interval);
4805 bphy_err(drvr, "Beacon Interval Set Error, %d\n",
4810 if (settings->dtim_period) {
4811 err = brcmf_fil_cmd_int_set(ifp, BRCMF_C_SET_DTIMPRD,
4812 settings->dtim_period);
4814 bphy_err(drvr, "DTIM Interval Set Error, %d\n",
4820 if ((dev_role == NL80211_IFTYPE_AP) &&
4821 ((ifp->ifidx == 0) ||
4822 (!brcmf_feat_is_enabled(ifp, BRCMF_FEAT_RSDB) &&
4823 !brcmf_feat_is_enabled(ifp, BRCMF_FEAT_MCHAN)))) {
4824 err = brcmf_fil_cmd_int_set(ifp, BRCMF_C_DOWN, 1);
4826 bphy_err(drvr, "BRCMF_C_DOWN error %d\n",
4830 brcmf_fil_iovar_int_set(ifp, "apsta", 0);
4833 err = brcmf_fil_cmd_int_set(ifp, BRCMF_C_SET_INFRA, 1);
4835 bphy_err(drvr, "SET INFRA error %d\n", err);
4838 } else if (WARN_ON(supports_11d && (is_11d != ifp->vif->is_11d))) {
4839 /* Multiple-BSS should use same 11d configuration */
4844 /* Interface specific setup */
4845 if (dev_role == NL80211_IFTYPE_AP) {
4846 if ((brcmf_feat_is_enabled(ifp, BRCMF_FEAT_MBSS)) && (!mbss))
4847 brcmf_fil_iovar_int_set(ifp, "mbss", 1);
4849 err = brcmf_fil_cmd_int_set(ifp, BRCMF_C_SET_AP, 1);
4851 bphy_err(drvr, "setting AP mode failed %d\n",
4856 /* Firmware 10.x requires setting channel after enabling
4857 * AP and before bringing interface up.
4859 err = brcmf_fil_iovar_int_set(ifp, "chanspec", chanspec);
4861 bphy_err(drvr, "Set Channel failed: chspec=%d, %d\n",
4866 err = brcmf_fil_cmd_int_set(ifp, BRCMF_C_UP, 1);
4868 bphy_err(drvr, "BRCMF_C_UP error (%d)\n", err);
4873 brcmf_dbg(INFO, "using PSK offload\n");
4874 profile->use_fwauth |= BIT(BRCMF_PROFILE_FWAUTH_PSK);
4875 err = brcmf_set_pmk(ifp, crypto->psk,
4876 BRCMF_WSEC_MAX_PSK_LEN);
4880 if (crypto->sae_pwd) {
4881 brcmf_dbg(INFO, "using SAE offload\n");
4882 profile->use_fwauth |= BIT(BRCMF_PROFILE_FWAUTH_SAE);
4883 err = brcmf_set_sae_password(ifp, crypto->sae_pwd,
4884 crypto->sae_pwd_len);
4888 if (profile->use_fwauth == 0)
4889 profile->use_fwauth = BIT(BRCMF_PROFILE_FWAUTH_NONE);
4891 err = brcmf_parse_configure_security(ifp, settings,
4894 bphy_err(drvr, "brcmf_parse_configure_security error\n");
4898 /* On DOWN the firmware removes the WEP keys, reconfigure
4899 * them if they were set.
4901 brcmf_cfg80211_reconfigure_wep(ifp);
4903 memset(&join_params, 0, sizeof(join_params));
4904 /* join parameters starts with ssid */
4905 memcpy(&join_params.ssid_le, &ssid_le, sizeof(ssid_le));
4907 err = brcmf_fil_cmd_data_set(ifp, BRCMF_C_SET_SSID,
4908 &join_params, sizeof(join_params));
4910 bphy_err(drvr, "SET SSID error (%d)\n", err);
4914 err = brcmf_fil_iovar_int_set(ifp, "closednet",
4915 settings->hidden_ssid);
4917 bphy_err(drvr, "%s closednet error (%d)\n",
4918 settings->hidden_ssid ?
4919 "enabled" : "disabled",
4924 brcmf_dbg(TRACE, "AP mode configuration complete\n");
4925 } else if (dev_role == NL80211_IFTYPE_P2P_GO) {
4926 err = brcmf_fil_iovar_int_set(ifp, "chanspec", chanspec);
4928 bphy_err(drvr, "Set Channel failed: chspec=%d, %d\n",
4933 err = brcmf_parse_configure_security(ifp, settings,
4934 NL80211_IFTYPE_P2P_GO);
4936 brcmf_err("brcmf_parse_configure_security error\n");
4940 err = brcmf_fil_bsscfg_data_set(ifp, "ssid", &ssid_le,
4943 bphy_err(drvr, "setting ssid failed %d\n", err);
4946 bss_enable.bsscfgidx = cpu_to_le32(ifp->bsscfgidx);
4947 bss_enable.enable = cpu_to_le32(1);
4948 err = brcmf_fil_iovar_data_set(ifp, "bss", &bss_enable,
4949 sizeof(bss_enable));
4951 bphy_err(drvr, "bss_enable config failed %d\n", err);
4955 brcmf_dbg(TRACE, "GO mode configuration complete\n");
4960 brcmf_config_ap_mgmt_ie(ifp->vif, &settings->beacon);
4961 set_bit(BRCMF_VIF_STATUS_AP_CREATED, &ifp->vif->sme_state);
4962 brcmf_net_setcarrier(ifp, true);
4965 if ((err) && (!mbss)) {
4966 brcmf_set_mpc(ifp, 1);
4967 brcmf_configure_arp_nd_offload(ifp, true);
4972 static int brcmf_cfg80211_stop_ap(struct wiphy *wiphy, struct net_device *ndev,
4973 unsigned int link_id)
4975 struct brcmf_cfg80211_info *cfg = wiphy_to_cfg(wiphy);
4976 struct brcmf_if *ifp = netdev_priv(ndev);
4977 struct brcmf_pub *drvr = cfg->pub;
4978 struct brcmf_cfg80211_profile *profile = &ifp->vif->profile;
4980 struct brcmf_fil_bss_enable_le bss_enable;
4981 struct brcmf_join_params join_params;
4983 brcmf_dbg(TRACE, "Enter\n");
4985 if (ifp->vif->wdev.iftype == NL80211_IFTYPE_AP) {
4986 /* Due to most likely deauths outstanding we sleep */
4987 /* first to make sure they get processed by fw. */
4990 if (profile->use_fwauth != BIT(BRCMF_PROFILE_FWAUTH_NONE)) {
4991 if (profile->use_fwauth & BIT(BRCMF_PROFILE_FWAUTH_PSK))
4992 brcmf_set_pmk(ifp, NULL, 0);
4993 if (profile->use_fwauth & BIT(BRCMF_PROFILE_FWAUTH_SAE))
4994 brcmf_set_sae_password(ifp, NULL, 0);
4995 profile->use_fwauth = BIT(BRCMF_PROFILE_FWAUTH_NONE);
4998 if (ifp->vif->mbss) {
4999 err = brcmf_fil_cmd_int_set(ifp, BRCMF_C_DOWN, 1);
5003 /* First BSS doesn't get a full reset */
5004 if (ifp->bsscfgidx == 0)
5005 brcmf_fil_iovar_int_set(ifp, "closednet", 0);
5007 memset(&join_params, 0, sizeof(join_params));
5008 err = brcmf_fil_cmd_data_set(ifp, BRCMF_C_SET_SSID,
5009 &join_params, sizeof(join_params));
5011 bphy_err(drvr, "SET SSID error (%d)\n", err);
5012 err = brcmf_fil_cmd_int_set(ifp, BRCMF_C_DOWN, 1);
5014 bphy_err(drvr, "BRCMF_C_DOWN error %d\n", err);
5015 err = brcmf_fil_cmd_int_set(ifp, BRCMF_C_SET_AP, 0);
5017 bphy_err(drvr, "setting AP mode failed %d\n", err);
5018 if (brcmf_feat_is_enabled(ifp, BRCMF_FEAT_MBSS))
5019 brcmf_fil_iovar_int_set(ifp, "mbss", 0);
5020 brcmf_fil_cmd_int_set(ifp, BRCMF_C_SET_REGULATORY,
5022 /* Bring device back up so it can be used again */
5023 err = brcmf_fil_cmd_int_set(ifp, BRCMF_C_UP, 1);
5025 bphy_err(drvr, "BRCMF_C_UP error %d\n", err);
5027 brcmf_vif_clear_mgmt_ies(ifp->vif);
5029 bss_enable.bsscfgidx = cpu_to_le32(ifp->bsscfgidx);
5030 bss_enable.enable = cpu_to_le32(0);
5031 err = brcmf_fil_iovar_data_set(ifp, "bss", &bss_enable,
5032 sizeof(bss_enable));
5034 bphy_err(drvr, "bss_enable config failed %d\n", err);
5036 brcmf_set_mpc(ifp, 1);
5037 brcmf_configure_arp_nd_offload(ifp, true);
5038 clear_bit(BRCMF_VIF_STATUS_AP_CREATED, &ifp->vif->sme_state);
5039 brcmf_net_setcarrier(ifp, false);
5045 brcmf_cfg80211_change_beacon(struct wiphy *wiphy, struct net_device *ndev,
5046 struct cfg80211_beacon_data *info)
5048 struct brcmf_if *ifp = netdev_priv(ndev);
5051 brcmf_dbg(TRACE, "Enter\n");
5053 err = brcmf_config_ap_mgmt_ie(ifp->vif, info);
5059 brcmf_cfg80211_del_station(struct wiphy *wiphy, struct net_device *ndev,
5060 struct station_del_parameters *params)
5062 struct brcmf_cfg80211_info *cfg = wiphy_to_cfg(wiphy);
5063 struct brcmf_pub *drvr = cfg->pub;
5064 struct brcmf_scb_val_le scbval;
5065 struct brcmf_if *ifp = netdev_priv(ndev);
5071 brcmf_dbg(TRACE, "Enter %pM\n", params->mac);
5073 if (ifp->vif == cfg->p2p.bss_idx[P2PAPI_BSSCFG_DEVICE].vif)
5074 ifp = cfg->p2p.bss_idx[P2PAPI_BSSCFG_PRIMARY].vif->ifp;
5075 if (!check_vif_up(ifp->vif))
5078 memcpy(&scbval.ea, params->mac, ETH_ALEN);
5079 scbval.val = cpu_to_le32(params->reason_code);
5080 err = brcmf_fil_cmd_data_set(ifp, BRCMF_C_SCB_DEAUTHENTICATE_FOR_REASON,
5081 &scbval, sizeof(scbval));
5083 bphy_err(drvr, "SCB_DEAUTHENTICATE_FOR_REASON failed %d\n",
5086 brcmf_dbg(TRACE, "Exit\n");
5091 brcmf_cfg80211_change_station(struct wiphy *wiphy, struct net_device *ndev,
5092 const u8 *mac, struct station_parameters *params)
5094 struct brcmf_cfg80211_info *cfg = wiphy_to_cfg(wiphy);
5095 struct brcmf_pub *drvr = cfg->pub;
5096 struct brcmf_if *ifp = netdev_priv(ndev);
5099 brcmf_dbg(TRACE, "Enter, MAC %pM, mask 0x%04x set 0x%04x\n", mac,
5100 params->sta_flags_mask, params->sta_flags_set);
5102 /* Ignore all 00 MAC */
5103 if (is_zero_ether_addr(mac))
5106 if (!(params->sta_flags_mask & BIT(NL80211_STA_FLAG_AUTHORIZED)))
5109 if (params->sta_flags_set & BIT(NL80211_STA_FLAG_AUTHORIZED))
5110 err = brcmf_fil_cmd_data_set(ifp, BRCMF_C_SET_SCB_AUTHORIZE,
5111 (void *)mac, ETH_ALEN);
5113 err = brcmf_fil_cmd_data_set(ifp, BRCMF_C_SET_SCB_DEAUTHORIZE,
5114 (void *)mac, ETH_ALEN);
5116 bphy_err(drvr, "Setting SCB (de-)authorize failed, %d\n", err);
5122 brcmf_cfg80211_update_mgmt_frame_registrations(struct wiphy *wiphy,
5123 struct wireless_dev *wdev,
5124 struct mgmt_frame_regs *upd)
5126 struct brcmf_cfg80211_vif *vif;
5128 vif = container_of(wdev, struct brcmf_cfg80211_vif, wdev);
5130 vif->mgmt_rx_reg = upd->interface_stypes;
5135 brcmf_cfg80211_mgmt_tx(struct wiphy *wiphy, struct wireless_dev *wdev,
5136 struct cfg80211_mgmt_tx_params *params, u64 *cookie)
5138 struct brcmf_cfg80211_info *cfg = wiphy_to_cfg(wiphy);
5139 struct ieee80211_channel *chan = params->chan;
5140 struct brcmf_pub *drvr = cfg->pub;
5141 const u8 *buf = params->buf;
5142 size_t len = params->len;
5143 const struct ieee80211_mgmt *mgmt;
5144 struct brcmf_cfg80211_vif *vif;
5148 struct brcmf_fil_action_frame_le *action_frame;
5149 struct brcmf_fil_af_params_le *af_params;
5154 brcmf_dbg(TRACE, "Enter\n");
5158 mgmt = (const struct ieee80211_mgmt *)buf;
5160 if (!ieee80211_is_mgmt(mgmt->frame_control)) {
5161 bphy_err(drvr, "Driver only allows MGMT packet type\n");
5165 vif = container_of(wdev, struct brcmf_cfg80211_vif, wdev);
5167 if (ieee80211_is_probe_resp(mgmt->frame_control)) {
5168 /* Right now the only reason to get a probe response */
5169 /* is for p2p listen response or for p2p GO from */
5170 /* wpa_supplicant. Unfortunately the probe is send */
5171 /* on primary ndev, while dongle wants it on the p2p */
5172 /* vif. Since this is only reason for a probe */
5173 /* response to be sent, the vif is taken from cfg. */
5174 /* If ever desired to send proberesp for non p2p */
5175 /* response then data should be checked for */
5176 /* "DIRECT-". Note in future supplicant will take */
5177 /* dedicated p2p wdev to do this and then this 'hack'*/
5178 /* is not needed anymore. */
5179 ie_offset = DOT11_MGMT_HDR_LEN +
5180 DOT11_BCN_PRB_FIXED_LEN;
5181 ie_len = len - ie_offset;
5182 if (vif == cfg->p2p.bss_idx[P2PAPI_BSSCFG_PRIMARY].vif)
5183 vif = cfg->p2p.bss_idx[P2PAPI_BSSCFG_DEVICE].vif;
5184 err = brcmf_vif_set_mgmt_ie(vif,
5185 BRCMF_VNDR_IE_PRBRSP_FLAG,
5188 cfg80211_mgmt_tx_status(wdev, *cookie, buf, len, true,
5190 } else if (ieee80211_is_action(mgmt->frame_control)) {
5191 if (len > BRCMF_FIL_ACTION_FRAME_SIZE + DOT11_MGMT_HDR_LEN) {
5192 bphy_err(drvr, "invalid action frame length\n");
5196 af_params = kzalloc(sizeof(*af_params), GFP_KERNEL);
5197 if (af_params == NULL) {
5198 bphy_err(drvr, "unable to allocate frame\n");
5202 action_frame = &af_params->action_frame;
5203 /* Add the packet Id */
5204 action_frame->packet_id = cpu_to_le32(*cookie);
5206 memcpy(&action_frame->da[0], &mgmt->da[0], ETH_ALEN);
5207 memcpy(&af_params->bssid[0], &mgmt->bssid[0], ETH_ALEN);
5208 /* Add the length exepted for 802.11 header */
5209 action_frame->len = cpu_to_le16(len - DOT11_MGMT_HDR_LEN);
5210 /* Add the channel. Use the one specified as parameter if any or
5211 * the current one (got from the firmware) otherwise
5214 freq = chan->center_freq;
5216 brcmf_fil_cmd_int_get(vif->ifp, BRCMF_C_GET_CHANNEL,
5218 chan_nr = ieee80211_frequency_to_channel(freq);
5219 af_params->channel = cpu_to_le32(chan_nr);
5220 af_params->dwell_time = cpu_to_le32(params->wait);
5221 memcpy(action_frame->data, &buf[DOT11_MGMT_HDR_LEN],
5222 le16_to_cpu(action_frame->len));
5224 brcmf_dbg(TRACE, "Action frame, cookie=%lld, len=%d, freq=%d\n",
5225 *cookie, le16_to_cpu(action_frame->len), freq);
5227 ack = brcmf_p2p_send_action_frame(cfg, cfg_to_ndev(cfg),
5230 cfg80211_mgmt_tx_status(wdev, *cookie, buf, len, ack,
5234 brcmf_dbg(TRACE, "Unhandled, fc=%04x!!\n", mgmt->frame_control);
5235 brcmf_dbg_hex_dump(true, buf, len, "payload, len=%zu\n", len);
5242 static int brcmf_cfg80211_set_cqm_rssi_range_config(struct wiphy *wiphy,
5243 struct net_device *ndev,
5244 s32 rssi_low, s32 rssi_high)
5246 struct brcmf_cfg80211_vif *vif;
5247 struct brcmf_if *ifp;
5250 brcmf_dbg(TRACE, "low=%d high=%d", rssi_low, rssi_high);
5252 ifp = netdev_priv(ndev);
5255 if (rssi_low != vif->cqm_rssi_low || rssi_high != vif->cqm_rssi_high) {
5256 /* The firmware will send an event when the RSSI is less than or
5257 * equal to a configured level and the previous RSSI event was
5258 * less than or equal to a different level. Set a third level
5259 * so that we also detect the transition from rssi <= rssi_high
5260 * to rssi > rssi_high.
5262 struct brcmf_rssi_event_le config = {
5263 .rate_limit_msec = cpu_to_le32(0),
5264 .rssi_level_num = 3,
5266 clamp_val(rssi_low, S8_MIN, S8_MAX - 2),
5267 clamp_val(rssi_high, S8_MIN + 1, S8_MAX - 1),
5272 err = brcmf_fil_iovar_data_set(ifp, "rssi_event", &config,
5277 vif->cqm_rssi_low = rssi_low;
5278 vif->cqm_rssi_high = rssi_high;
5286 brcmf_cfg80211_cancel_remain_on_channel(struct wiphy *wiphy,
5287 struct wireless_dev *wdev,
5290 struct brcmf_cfg80211_info *cfg = wiphy_to_cfg(wiphy);
5291 struct brcmf_pub *drvr = cfg->pub;
5292 struct brcmf_cfg80211_vif *vif;
5295 brcmf_dbg(TRACE, "Enter p2p listen cancel\n");
5297 vif = cfg->p2p.bss_idx[P2PAPI_BSSCFG_DEVICE].vif;
5299 bphy_err(drvr, "No p2p device available for probe response\n");
5303 brcmf_p2p_cancel_remain_on_channel(vif->ifp);
5308 static int brcmf_cfg80211_get_channel(struct wiphy *wiphy,
5309 struct wireless_dev *wdev,
5310 unsigned int link_id,
5311 struct cfg80211_chan_def *chandef)
5313 struct brcmf_cfg80211_info *cfg = wiphy_to_cfg(wiphy);
5314 struct net_device *ndev = wdev->netdev;
5315 struct brcmf_pub *drvr = cfg->pub;
5316 struct brcmu_chan ch;
5317 enum nl80211_band band = 0;
5318 enum nl80211_chan_width width = 0;
5322 if (!ndev || drvr->bus_if->state != BRCMF_BUS_UP)
5325 err = brcmf_fil_iovar_int_get(netdev_priv(ndev), "chanspec", &chanspec);
5327 bphy_err(drvr, "chanspec failed (%d)\n", err);
5331 ch.chspec = chanspec;
5332 cfg->d11inf.decchspec(&ch);
5335 case BRCMU_CHAN_BAND_2G:
5336 band = NL80211_BAND_2GHZ;
5338 case BRCMU_CHAN_BAND_5G:
5339 band = NL80211_BAND_5GHZ;
5344 case BRCMU_CHAN_BW_80:
5345 width = NL80211_CHAN_WIDTH_80;
5347 case BRCMU_CHAN_BW_40:
5348 width = NL80211_CHAN_WIDTH_40;
5350 case BRCMU_CHAN_BW_20:
5351 width = NL80211_CHAN_WIDTH_20;
5353 case BRCMU_CHAN_BW_80P80:
5354 width = NL80211_CHAN_WIDTH_80P80;
5356 case BRCMU_CHAN_BW_160:
5357 width = NL80211_CHAN_WIDTH_160;
5361 freq = ieee80211_channel_to_frequency(ch.control_ch_num, band);
5362 chandef->chan = ieee80211_get_channel(wiphy, freq);
5363 chandef->width = width;
5364 chandef->center_freq1 = ieee80211_channel_to_frequency(ch.chnum, band);
5365 chandef->center_freq2 = 0;
5370 static int brcmf_cfg80211_crit_proto_start(struct wiphy *wiphy,
5371 struct wireless_dev *wdev,
5372 enum nl80211_crit_proto_id proto,
5375 struct brcmf_cfg80211_info *cfg = wiphy_to_cfg(wiphy);
5376 struct brcmf_cfg80211_vif *vif;
5378 vif = container_of(wdev, struct brcmf_cfg80211_vif, wdev);
5380 /* only DHCP support for now */
5381 if (proto != NL80211_CRIT_PROTO_DHCP)
5384 /* suppress and abort scanning */
5385 set_bit(BRCMF_SCAN_STATUS_SUPPRESS, &cfg->scan_status);
5386 brcmf_abort_scanning(cfg);
5388 return brcmf_btcoex_set_mode(vif, BRCMF_BTCOEX_DISABLED, duration);
5391 static void brcmf_cfg80211_crit_proto_stop(struct wiphy *wiphy,
5392 struct wireless_dev *wdev)
5394 struct brcmf_cfg80211_info *cfg = wiphy_to_cfg(wiphy);
5395 struct brcmf_cfg80211_vif *vif;
5397 vif = container_of(wdev, struct brcmf_cfg80211_vif, wdev);
5399 brcmf_btcoex_set_mode(vif, BRCMF_BTCOEX_ENABLED, 0);
5400 clear_bit(BRCMF_SCAN_STATUS_SUPPRESS, &cfg->scan_status);
5404 brcmf_notify_tdls_peer_event(struct brcmf_if *ifp,
5405 const struct brcmf_event_msg *e, void *data)
5407 switch (e->reason) {
5408 case BRCMF_E_REASON_TDLS_PEER_DISCOVERED:
5409 brcmf_dbg(TRACE, "TDLS Peer Discovered\n");
5411 case BRCMF_E_REASON_TDLS_PEER_CONNECTED:
5412 brcmf_dbg(TRACE, "TDLS Peer Connected\n");
5413 brcmf_proto_add_tdls_peer(ifp->drvr, ifp->ifidx, (u8 *)e->addr);
5415 case BRCMF_E_REASON_TDLS_PEER_DISCONNECTED:
5416 brcmf_dbg(TRACE, "TDLS Peer Disconnected\n");
5417 brcmf_proto_delete_peer(ifp->drvr, ifp->ifidx, (u8 *)e->addr);
5424 static int brcmf_convert_nl80211_tdls_oper(enum nl80211_tdls_operation oper)
5429 case NL80211_TDLS_DISCOVERY_REQ:
5430 ret = BRCMF_TDLS_MANUAL_EP_DISCOVERY;
5432 case NL80211_TDLS_SETUP:
5433 ret = BRCMF_TDLS_MANUAL_EP_CREATE;
5435 case NL80211_TDLS_TEARDOWN:
5436 ret = BRCMF_TDLS_MANUAL_EP_DELETE;
5439 brcmf_err("unsupported operation: %d\n", oper);
5445 static int brcmf_cfg80211_tdls_oper(struct wiphy *wiphy,
5446 struct net_device *ndev, const u8 *peer,
5447 enum nl80211_tdls_operation oper)
5449 struct brcmf_cfg80211_info *cfg = wiphy_to_cfg(wiphy);
5450 struct brcmf_pub *drvr = cfg->pub;
5451 struct brcmf_if *ifp;
5452 struct brcmf_tdls_iovar_le info;
5455 ret = brcmf_convert_nl80211_tdls_oper(oper);
5459 ifp = netdev_priv(ndev);
5460 memset(&info, 0, sizeof(info));
5461 info.mode = (u8)ret;
5463 memcpy(info.ea, peer, ETH_ALEN);
5465 ret = brcmf_fil_iovar_data_set(ifp, "tdls_endpoint",
5466 &info, sizeof(info));
5468 bphy_err(drvr, "tdls_endpoint iovar failed: ret=%d\n", ret);
5474 brcmf_cfg80211_update_conn_params(struct wiphy *wiphy,
5475 struct net_device *ndev,
5476 struct cfg80211_connect_params *sme,
5479 struct brcmf_cfg80211_info *cfg = wiphy_to_cfg(wiphy);
5480 struct brcmf_pub *drvr = cfg->pub;
5481 struct brcmf_if *ifp;
5484 if (!(changed & UPDATE_ASSOC_IES))
5487 ifp = netdev_priv(ndev);
5488 err = brcmf_vif_set_mgmt_ie(ifp->vif, BRCMF_VNDR_IE_ASSOCREQ_FLAG,
5489 sme->ie, sme->ie_len);
5491 bphy_err(drvr, "Set Assoc REQ IE Failed\n");
5493 brcmf_dbg(TRACE, "Applied Vndr IEs for Assoc request\n");
5500 brcmf_cfg80211_set_rekey_data(struct wiphy *wiphy, struct net_device *ndev,
5501 struct cfg80211_gtk_rekey_data *gtk)
5503 struct brcmf_cfg80211_info *cfg = wiphy_to_cfg(wiphy);
5504 struct brcmf_pub *drvr = cfg->pub;
5505 struct brcmf_if *ifp = netdev_priv(ndev);
5506 struct brcmf_gtk_keyinfo_le gtk_le;
5509 brcmf_dbg(TRACE, "Enter, bssidx=%d\n", ifp->bsscfgidx);
5511 memcpy(gtk_le.kck, gtk->kck, sizeof(gtk_le.kck));
5512 memcpy(gtk_le.kek, gtk->kek, sizeof(gtk_le.kek));
5513 memcpy(gtk_le.replay_counter, gtk->replay_ctr,
5514 sizeof(gtk_le.replay_counter));
5516 ret = brcmf_fil_iovar_data_set(ifp, "gtk_key_info", >k_le,
5519 bphy_err(drvr, "gtk_key_info iovar failed: ret=%d\n", ret);
5525 static int brcmf_cfg80211_set_pmk(struct wiphy *wiphy, struct net_device *dev,
5526 const struct cfg80211_pmk_conf *conf)
5528 struct brcmf_if *ifp;
5530 brcmf_dbg(TRACE, "enter\n");
5532 /* expect using firmware supplicant for 1X */
5533 ifp = netdev_priv(dev);
5534 if (WARN_ON(ifp->vif->profile.use_fwsup != BRCMF_PROFILE_FWSUP_1X))
5537 if (conf->pmk_len > BRCMF_WSEC_MAX_PSK_LEN)
5540 return brcmf_set_pmk(ifp, conf->pmk, conf->pmk_len);
5543 static int brcmf_cfg80211_del_pmk(struct wiphy *wiphy, struct net_device *dev,
5546 struct brcmf_if *ifp;
5548 brcmf_dbg(TRACE, "enter\n");
5549 ifp = netdev_priv(dev);
5550 if (WARN_ON(ifp->vif->profile.use_fwsup != BRCMF_PROFILE_FWSUP_1X))
5553 return brcmf_set_pmk(ifp, NULL, 0);
5556 static struct cfg80211_ops brcmf_cfg80211_ops = {
5557 .add_virtual_intf = brcmf_cfg80211_add_iface,
5558 .del_virtual_intf = brcmf_cfg80211_del_iface,
5559 .change_virtual_intf = brcmf_cfg80211_change_iface,
5560 .scan = brcmf_cfg80211_scan,
5561 .set_wiphy_params = brcmf_cfg80211_set_wiphy_params,
5562 .join_ibss = brcmf_cfg80211_join_ibss,
5563 .leave_ibss = brcmf_cfg80211_leave_ibss,
5564 .get_station = brcmf_cfg80211_get_station,
5565 .dump_station = brcmf_cfg80211_dump_station,
5566 .set_tx_power = brcmf_cfg80211_set_tx_power,
5567 .get_tx_power = brcmf_cfg80211_get_tx_power,
5568 .add_key = brcmf_cfg80211_add_key,
5569 .del_key = brcmf_cfg80211_del_key,
5570 .get_key = brcmf_cfg80211_get_key,
5571 .set_default_key = brcmf_cfg80211_config_default_key,
5572 .set_default_mgmt_key = brcmf_cfg80211_config_default_mgmt_key,
5573 .set_power_mgmt = brcmf_cfg80211_set_power_mgmt,
5574 .connect = brcmf_cfg80211_connect,
5575 .disconnect = brcmf_cfg80211_disconnect,
5576 .suspend = brcmf_cfg80211_suspend,
5577 .resume = brcmf_cfg80211_resume,
5578 .set_pmksa = brcmf_cfg80211_set_pmksa,
5579 .del_pmksa = brcmf_cfg80211_del_pmksa,
5580 .flush_pmksa = brcmf_cfg80211_flush_pmksa,
5581 .start_ap = brcmf_cfg80211_start_ap,
5582 .stop_ap = brcmf_cfg80211_stop_ap,
5583 .change_beacon = brcmf_cfg80211_change_beacon,
5584 .del_station = brcmf_cfg80211_del_station,
5585 .change_station = brcmf_cfg80211_change_station,
5586 .sched_scan_start = brcmf_cfg80211_sched_scan_start,
5587 .sched_scan_stop = brcmf_cfg80211_sched_scan_stop,
5588 .update_mgmt_frame_registrations =
5589 brcmf_cfg80211_update_mgmt_frame_registrations,
5590 .mgmt_tx = brcmf_cfg80211_mgmt_tx,
5591 .set_cqm_rssi_range_config = brcmf_cfg80211_set_cqm_rssi_range_config,
5592 .remain_on_channel = brcmf_p2p_remain_on_channel,
5593 .cancel_remain_on_channel = brcmf_cfg80211_cancel_remain_on_channel,
5594 .get_channel = brcmf_cfg80211_get_channel,
5595 .start_p2p_device = brcmf_p2p_start_device,
5596 .stop_p2p_device = brcmf_p2p_stop_device,
5597 .crit_proto_start = brcmf_cfg80211_crit_proto_start,
5598 .crit_proto_stop = brcmf_cfg80211_crit_proto_stop,
5599 .tdls_oper = brcmf_cfg80211_tdls_oper,
5600 .update_connect_params = brcmf_cfg80211_update_conn_params,
5601 .set_pmk = brcmf_cfg80211_set_pmk,
5602 .del_pmk = brcmf_cfg80211_del_pmk,
5605 struct cfg80211_ops *brcmf_cfg80211_get_ops(struct brcmf_mp_device *settings)
5607 struct cfg80211_ops *ops;
5609 ops = kmemdup(&brcmf_cfg80211_ops, sizeof(brcmf_cfg80211_ops),
5612 if (ops && settings->roamoff)
5613 ops->update_connect_params = NULL;
5618 struct brcmf_cfg80211_vif *brcmf_alloc_vif(struct brcmf_cfg80211_info *cfg,
5619 enum nl80211_iftype type)
5621 struct brcmf_cfg80211_vif *vif_walk;
5622 struct brcmf_cfg80211_vif *vif;
5624 struct brcmf_if *ifp = brcmf_get_ifp(cfg->pub, 0);
5626 brcmf_dbg(TRACE, "allocating virtual interface (size=%zu)\n",
5628 vif = kzalloc(sizeof(*vif), GFP_KERNEL);
5630 return ERR_PTR(-ENOMEM);
5632 vif->wdev.wiphy = cfg->wiphy;
5633 vif->wdev.iftype = type;
5635 brcmf_init_prof(&vif->profile);
5637 if (type == NL80211_IFTYPE_AP &&
5638 brcmf_feat_is_enabled(ifp, BRCMF_FEAT_MBSS)) {
5640 list_for_each_entry(vif_walk, &cfg->vif_list, list) {
5641 if (vif_walk->wdev.iftype == NL80211_IFTYPE_AP) {
5649 list_add_tail(&vif->list, &cfg->vif_list);
5653 void brcmf_free_vif(struct brcmf_cfg80211_vif *vif)
5655 list_del(&vif->list);
5659 void brcmf_cfg80211_free_netdev(struct net_device *ndev)
5661 struct brcmf_cfg80211_vif *vif;
5662 struct brcmf_if *ifp;
5664 ifp = netdev_priv(ndev);
5668 brcmf_free_vif(vif);
5671 static bool brcmf_is_linkup(struct brcmf_cfg80211_vif *vif,
5672 const struct brcmf_event_msg *e)
5674 u32 event = e->event_code;
5675 u32 status = e->status;
5677 if ((vif->profile.use_fwsup == BRCMF_PROFILE_FWSUP_PSK ||
5678 vif->profile.use_fwsup == BRCMF_PROFILE_FWSUP_SAE) &&
5679 event == BRCMF_E_PSK_SUP &&
5680 status == BRCMF_E_STATUS_FWSUP_COMPLETED)
5681 set_bit(BRCMF_VIF_STATUS_EAP_SUCCESS, &vif->sme_state);
5682 if (event == BRCMF_E_SET_SSID && status == BRCMF_E_STATUS_SUCCESS) {
5683 brcmf_dbg(CONN, "Processing set ssid\n");
5684 memcpy(vif->profile.bssid, e->addr, ETH_ALEN);
5685 if (vif->profile.use_fwsup != BRCMF_PROFILE_FWSUP_PSK &&
5686 vif->profile.use_fwsup != BRCMF_PROFILE_FWSUP_SAE)
5689 set_bit(BRCMF_VIF_STATUS_ASSOC_SUCCESS, &vif->sme_state);
5692 if (test_bit(BRCMF_VIF_STATUS_EAP_SUCCESS, &vif->sme_state) &&
5693 test_bit(BRCMF_VIF_STATUS_ASSOC_SUCCESS, &vif->sme_state)) {
5694 clear_bit(BRCMF_VIF_STATUS_EAP_SUCCESS, &vif->sme_state);
5695 clear_bit(BRCMF_VIF_STATUS_ASSOC_SUCCESS, &vif->sme_state);
5701 static bool brcmf_is_linkdown(struct brcmf_cfg80211_vif *vif,
5702 const struct brcmf_event_msg *e)
5704 u32 event = e->event_code;
5705 u16 flags = e->flags;
5707 if ((event == BRCMF_E_DEAUTH) || (event == BRCMF_E_DEAUTH_IND) ||
5708 (event == BRCMF_E_DISASSOC_IND) ||
5709 ((event == BRCMF_E_LINK) && (!(flags & BRCMF_EVENT_MSG_LINK)))) {
5710 brcmf_dbg(CONN, "Processing link down\n");
5711 clear_bit(BRCMF_VIF_STATUS_EAP_SUCCESS, &vif->sme_state);
5712 clear_bit(BRCMF_VIF_STATUS_ASSOC_SUCCESS, &vif->sme_state);
5718 static bool brcmf_is_nonetwork(struct brcmf_cfg80211_info *cfg,
5719 const struct brcmf_event_msg *e)
5721 u32 event = e->event_code;
5722 u32 status = e->status;
5724 if (event == BRCMF_E_LINK && status == BRCMF_E_STATUS_NO_NETWORKS) {
5725 brcmf_dbg(CONN, "Processing Link %s & no network found\n",
5726 e->flags & BRCMF_EVENT_MSG_LINK ? "up" : "down");
5730 if (event == BRCMF_E_SET_SSID && status != BRCMF_E_STATUS_SUCCESS) {
5731 brcmf_dbg(CONN, "Processing connecting & no network found\n");
5735 if (event == BRCMF_E_PSK_SUP &&
5736 status != BRCMF_E_STATUS_FWSUP_COMPLETED) {
5737 brcmf_dbg(CONN, "Processing failed supplicant state: %u\n",
5745 static void brcmf_clear_assoc_ies(struct brcmf_cfg80211_info *cfg)
5747 struct brcmf_cfg80211_connect_info *conn_info = cfg_to_conn(cfg);
5749 kfree(conn_info->req_ie);
5750 conn_info->req_ie = NULL;
5751 conn_info->req_ie_len = 0;
5752 kfree(conn_info->resp_ie);
5753 conn_info->resp_ie = NULL;
5754 conn_info->resp_ie_len = 0;
5757 u8 brcmf_map_prio_to_prec(void *config, u8 prio)
5759 struct brcmf_cfg80211_info *cfg = (struct brcmf_cfg80211_info *)config;
5762 return (prio == PRIO_8021D_NONE || prio == PRIO_8021D_BE) ?
5765 /* For those AC(s) with ACM flag set to 1, convert its 4-level priority
5766 * to an 8-level precedence which is the same as BE's
5768 if (prio > PRIO_8021D_EE &&
5769 cfg->ac_priority[prio] == cfg->ac_priority[PRIO_8021D_BE])
5770 return cfg->ac_priority[prio] * 2;
5772 /* Conversion of 4-level priority to 8-level precedence */
5773 if (prio == PRIO_8021D_BE || prio == PRIO_8021D_BK ||
5774 prio == PRIO_8021D_CL || prio == PRIO_8021D_VO)
5775 return cfg->ac_priority[prio] * 2;
5777 return cfg->ac_priority[prio] * 2 + 1;
5780 u8 brcmf_map_prio_to_aci(void *config, u8 prio)
5782 /* Prio here refers to the 802.1d priority in range of 0 to 7.
5783 * ACI here refers to the WLAN AC Index in range of 0 to 3.
5784 * This function will return ACI corresponding to input prio.
5786 struct brcmf_cfg80211_info *cfg = (struct brcmf_cfg80211_info *)config;
5789 return cfg->ac_priority[prio];
5794 static void brcmf_init_wmm_prio(u8 *priority)
5796 /* Initialize AC priority array to default
5797 * 802.1d priority as per following table:
5798 * 802.1d prio 0,3 maps to BE
5799 * 802.1d prio 1,2 maps to BK
5800 * 802.1d prio 4,5 maps to VI
5801 * 802.1d prio 6,7 maps to VO
5803 priority[0] = BRCMF_FWS_FIFO_AC_BE;
5804 priority[3] = BRCMF_FWS_FIFO_AC_BE;
5805 priority[1] = BRCMF_FWS_FIFO_AC_BK;
5806 priority[2] = BRCMF_FWS_FIFO_AC_BK;
5807 priority[4] = BRCMF_FWS_FIFO_AC_VI;
5808 priority[5] = BRCMF_FWS_FIFO_AC_VI;
5809 priority[6] = BRCMF_FWS_FIFO_AC_VO;
5810 priority[7] = BRCMF_FWS_FIFO_AC_VO;
5813 static void brcmf_wifi_prioritize_acparams(const
5814 struct brcmf_cfg80211_edcf_acparam *acp, u8 *priority)
5821 u8 ranking_basis[EDCF_AC_COUNT];
5822 u8 aci_prio[EDCF_AC_COUNT]; /* AC_BE, AC_BK, AC_VI, AC_VO */
5825 for (aci = 0; aci < EDCF_AC_COUNT; aci++, acp++) {
5826 aifsn = acp->ACI & EDCF_AIFSN_MASK;
5827 acm = (acp->ACI & EDCF_ACM_MASK) ? 1 : 0;
5828 ecwmin = acp->ECW & EDCF_ECWMIN_MASK;
5829 ecwmax = (acp->ECW & EDCF_ECWMAX_MASK) >> EDCF_ECWMAX_SHIFT;
5830 brcmf_dbg(CONN, "ACI %d aifsn %d acm %d ecwmin %d ecwmax %d\n",
5831 aci, aifsn, acm, ecwmin, ecwmax);
5832 /* Default AC_VO will be the lowest ranking value */
5833 ranking_basis[aci] = aifsn + ecwmin + ecwmax;
5834 /* Initialise priority starting at 0 (AC_BE) */
5837 /* If ACM is set, STA can't use this AC as per 802.11.
5838 * Change the ranking to BE
5840 if (aci != AC_BE && aci != AC_BK && acm == 1)
5841 ranking_basis[aci] = ranking_basis[AC_BE];
5844 /* Ranking method which works for AC priority
5845 * swapping when values for cwmin, cwmax and aifsn are varied
5846 * Compare each aci_prio against each other aci_prio
5848 for (aci = 0; aci < EDCF_AC_COUNT; aci++) {
5849 for (index = 0; index < EDCF_AC_COUNT; index++) {
5851 /* Smaller ranking value has higher priority,
5852 * so increment priority for each ACI which has
5853 * a higher ranking value
5855 if (ranking_basis[aci] < ranking_basis[index])
5861 /* By now, aci_prio[] will be in range of 0 to 3.
5862 * Use ACI prio to get the new priority value for
5863 * each 802.1d traffic type, in this range.
5865 if (!(aci_prio[AC_BE] == aci_prio[AC_BK] &&
5866 aci_prio[AC_BK] == aci_prio[AC_VI] &&
5867 aci_prio[AC_VI] == aci_prio[AC_VO])) {
5868 /* 802.1d 0,3 maps to BE */
5869 priority[0] = aci_prio[AC_BE];
5870 priority[3] = aci_prio[AC_BE];
5872 /* 802.1d 1,2 maps to BK */
5873 priority[1] = aci_prio[AC_BK];
5874 priority[2] = aci_prio[AC_BK];
5876 /* 802.1d 4,5 maps to VO */
5877 priority[4] = aci_prio[AC_VI];
5878 priority[5] = aci_prio[AC_VI];
5880 /* 802.1d 6,7 maps to VO */
5881 priority[6] = aci_prio[AC_VO];
5882 priority[7] = aci_prio[AC_VO];
5884 /* Initialize to default priority */
5885 brcmf_init_wmm_prio(priority);
5888 brcmf_dbg(CONN, "Adj prio BE 0->%d, BK 1->%d, BK 2->%d, BE 3->%d\n",
5889 priority[0], priority[1], priority[2], priority[3]);
5891 brcmf_dbg(CONN, "Adj prio VI 4->%d, VI 5->%d, VO 6->%d, VO 7->%d\n",
5892 priority[4], priority[5], priority[6], priority[7]);
5895 static s32 brcmf_get_assoc_ies(struct brcmf_cfg80211_info *cfg,
5896 struct brcmf_if *ifp)
5898 struct brcmf_pub *drvr = cfg->pub;
5899 struct brcmf_cfg80211_assoc_ielen_le *assoc_info;
5900 struct brcmf_cfg80211_connect_info *conn_info = cfg_to_conn(cfg);
5901 struct brcmf_cfg80211_edcf_acparam edcf_acparam_info[EDCF_AC_COUNT];
5906 brcmf_clear_assoc_ies(cfg);
5908 err = brcmf_fil_iovar_data_get(ifp, "assoc_info",
5909 cfg->extra_buf, WL_ASSOC_INFO_MAX);
5911 bphy_err(drvr, "could not get assoc info (%d)\n", err);
5915 (struct brcmf_cfg80211_assoc_ielen_le *)cfg->extra_buf;
5916 req_len = le32_to_cpu(assoc_info->req_len);
5917 resp_len = le32_to_cpu(assoc_info->resp_len);
5919 err = brcmf_fil_iovar_data_get(ifp, "assoc_req_ies",
5923 bphy_err(drvr, "could not get assoc req (%d)\n", err);
5926 conn_info->req_ie_len = req_len;
5928 kmemdup(cfg->extra_buf, conn_info->req_ie_len,
5930 if (!conn_info->req_ie)
5931 conn_info->req_ie_len = 0;
5933 conn_info->req_ie_len = 0;
5934 conn_info->req_ie = NULL;
5937 err = brcmf_fil_iovar_data_get(ifp, "assoc_resp_ies",
5941 bphy_err(drvr, "could not get assoc resp (%d)\n", err);
5944 conn_info->resp_ie_len = resp_len;
5945 conn_info->resp_ie =
5946 kmemdup(cfg->extra_buf, conn_info->resp_ie_len,
5948 if (!conn_info->resp_ie)
5949 conn_info->resp_ie_len = 0;
5951 err = brcmf_fil_iovar_data_get(ifp, "wme_ac_sta",
5953 sizeof(edcf_acparam_info));
5955 brcmf_err("could not get wme_ac_sta (%d)\n", err);
5959 brcmf_wifi_prioritize_acparams(edcf_acparam_info,
5962 conn_info->resp_ie_len = 0;
5963 conn_info->resp_ie = NULL;
5965 brcmf_dbg(CONN, "req len (%d) resp len (%d)\n",
5966 conn_info->req_ie_len, conn_info->resp_ie_len);
5972 brcmf_bss_roaming_done(struct brcmf_cfg80211_info *cfg,
5973 struct net_device *ndev,
5974 const struct brcmf_event_msg *e)
5976 struct brcmf_if *ifp = netdev_priv(ndev);
5977 struct brcmf_cfg80211_profile *profile = &ifp->vif->profile;
5978 struct brcmf_cfg80211_connect_info *conn_info = cfg_to_conn(cfg);
5979 struct wiphy *wiphy = cfg_to_wiphy(cfg);
5980 struct ieee80211_channel *notify_channel = NULL;
5981 struct ieee80211_supported_band *band;
5982 struct brcmf_bss_info_le *bi;
5983 struct brcmu_chan ch;
5984 struct cfg80211_roam_info roam_info = {};
5989 brcmf_dbg(TRACE, "Enter\n");
5991 brcmf_get_assoc_ies(cfg, ifp);
5992 memcpy(profile->bssid, e->addr, ETH_ALEN);
5993 brcmf_update_bss_info(cfg, ifp);
5995 buf = kzalloc(WL_BSS_INFO_MAX, GFP_KERNEL);
6001 /* data sent to dongle has to be little endian */
6002 *(__le32 *)buf = cpu_to_le32(WL_BSS_INFO_MAX);
6003 err = brcmf_fil_cmd_data_get(ifp, BRCMF_C_GET_BSS_INFO,
6004 buf, WL_BSS_INFO_MAX);
6009 bi = (struct brcmf_bss_info_le *)(buf + 4);
6010 ch.chspec = le16_to_cpu(bi->chanspec);
6011 cfg->d11inf.decchspec(&ch);
6013 if (ch.band == BRCMU_CHAN_BAND_2G)
6014 band = wiphy->bands[NL80211_BAND_2GHZ];
6016 band = wiphy->bands[NL80211_BAND_5GHZ];
6018 freq = ieee80211_channel_to_frequency(ch.control_ch_num, band->band);
6019 notify_channel = ieee80211_get_channel(wiphy, freq);
6024 roam_info.links[0].channel = notify_channel;
6025 roam_info.links[0].bssid = profile->bssid;
6026 roam_info.req_ie = conn_info->req_ie;
6027 roam_info.req_ie_len = conn_info->req_ie_len;
6028 roam_info.resp_ie = conn_info->resp_ie;
6029 roam_info.resp_ie_len = conn_info->resp_ie_len;
6031 cfg80211_roamed(ndev, &roam_info, GFP_KERNEL);
6032 brcmf_dbg(CONN, "Report roaming result\n");
6034 if (profile->use_fwsup == BRCMF_PROFILE_FWSUP_1X && profile->is_ft) {
6035 cfg80211_port_authorized(ndev, profile->bssid, GFP_KERNEL);
6036 brcmf_dbg(CONN, "Report port authorized\n");
6039 set_bit(BRCMF_VIF_STATUS_CONNECTED, &ifp->vif->sme_state);
6040 brcmf_dbg(TRACE, "Exit\n");
6045 brcmf_bss_connect_done(struct brcmf_cfg80211_info *cfg,
6046 struct net_device *ndev, const struct brcmf_event_msg *e,
6049 struct brcmf_if *ifp = netdev_priv(ndev);
6050 struct brcmf_cfg80211_profile *profile = &ifp->vif->profile;
6051 struct brcmf_cfg80211_connect_info *conn_info = cfg_to_conn(cfg);
6052 struct cfg80211_connect_resp_params conn_params;
6054 brcmf_dbg(TRACE, "Enter\n");
6056 if (test_and_clear_bit(BRCMF_VIF_STATUS_CONNECTING,
6057 &ifp->vif->sme_state)) {
6058 memset(&conn_params, 0, sizeof(conn_params));
6060 brcmf_get_assoc_ies(cfg, ifp);
6061 brcmf_update_bss_info(cfg, ifp);
6062 set_bit(BRCMF_VIF_STATUS_CONNECTED,
6063 &ifp->vif->sme_state);
6064 conn_params.status = WLAN_STATUS_SUCCESS;
6066 conn_params.status = WLAN_STATUS_AUTH_TIMEOUT;
6068 conn_params.links[0].bssid = profile->bssid;
6069 conn_params.req_ie = conn_info->req_ie;
6070 conn_params.req_ie_len = conn_info->req_ie_len;
6071 conn_params.resp_ie = conn_info->resp_ie;
6072 conn_params.resp_ie_len = conn_info->resp_ie_len;
6073 cfg80211_connect_done(ndev, &conn_params, GFP_KERNEL);
6074 brcmf_dbg(CONN, "Report connect result - connection %s\n",
6075 completed ? "succeeded" : "failed");
6077 brcmf_dbg(TRACE, "Exit\n");
6082 brcmf_notify_connect_status_ap(struct brcmf_cfg80211_info *cfg,
6083 struct net_device *ndev,
6084 const struct brcmf_event_msg *e, void *data)
6086 struct brcmf_pub *drvr = cfg->pub;
6087 static int generation;
6088 u32 event = e->event_code;
6089 u32 reason = e->reason;
6090 struct station_info *sinfo;
6092 brcmf_dbg(CONN, "event %s (%u), reason %d\n",
6093 brcmf_fweh_event_name(event), event, reason);
6094 if (event == BRCMF_E_LINK && reason == BRCMF_E_REASON_LINK_BSSCFG_DIS &&
6095 ndev != cfg_to_ndev(cfg)) {
6096 brcmf_dbg(CONN, "AP mode link down\n");
6097 complete(&cfg->vif_disabled);
6101 if (((event == BRCMF_E_ASSOC_IND) || (event == BRCMF_E_REASSOC_IND)) &&
6102 (reason == BRCMF_E_STATUS_SUCCESS)) {
6104 bphy_err(drvr, "No IEs present in ASSOC/REASSOC_IND\n");
6108 sinfo = kzalloc(sizeof(*sinfo), GFP_KERNEL);
6112 sinfo->assoc_req_ies = data;
6113 sinfo->assoc_req_ies_len = e->datalen;
6115 sinfo->generation = generation;
6116 cfg80211_new_sta(ndev, e->addr, sinfo, GFP_KERNEL);
6119 } else if ((event == BRCMF_E_DISASSOC_IND) ||
6120 (event == BRCMF_E_DEAUTH_IND) ||
6121 (event == BRCMF_E_DEAUTH)) {
6122 cfg80211_del_sta(ndev, e->addr, GFP_KERNEL);
6128 brcmf_notify_connect_status(struct brcmf_if *ifp,
6129 const struct brcmf_event_msg *e, void *data)
6131 struct brcmf_cfg80211_info *cfg = ifp->drvr->config;
6132 struct net_device *ndev = ifp->ndev;
6133 struct brcmf_cfg80211_profile *profile = &ifp->vif->profile;
6134 struct ieee80211_channel *chan;
6137 if ((e->event_code == BRCMF_E_DEAUTH) ||
6138 (e->event_code == BRCMF_E_DEAUTH_IND) ||
6139 (e->event_code == BRCMF_E_DISASSOC_IND) ||
6140 ((e->event_code == BRCMF_E_LINK) && (!e->flags))) {
6141 brcmf_proto_delete_peer(ifp->drvr, ifp->ifidx, (u8 *)e->addr);
6144 if (brcmf_is_apmode(ifp->vif)) {
6145 err = brcmf_notify_connect_status_ap(cfg, ndev, e, data);
6146 } else if (brcmf_is_linkup(ifp->vif, e)) {
6147 brcmf_dbg(CONN, "Linkup\n");
6148 if (brcmf_is_ibssmode(ifp->vif)) {
6149 brcmf_inform_ibss(cfg, ndev, e->addr);
6150 chan = ieee80211_get_channel(cfg->wiphy, cfg->channel);
6151 memcpy(profile->bssid, e->addr, ETH_ALEN);
6152 cfg80211_ibss_joined(ndev, e->addr, chan, GFP_KERNEL);
6153 clear_bit(BRCMF_VIF_STATUS_CONNECTING,
6154 &ifp->vif->sme_state);
6155 set_bit(BRCMF_VIF_STATUS_CONNECTED,
6156 &ifp->vif->sme_state);
6158 brcmf_bss_connect_done(cfg, ndev, e, true);
6159 brcmf_net_setcarrier(ifp, true);
6160 } else if (brcmf_is_linkdown(ifp->vif, e)) {
6161 brcmf_dbg(CONN, "Linkdown\n");
6162 if (!brcmf_is_ibssmode(ifp->vif) &&
6163 test_bit(BRCMF_VIF_STATUS_CONNECTED,
6164 &ifp->vif->sme_state)) {
6165 if (memcmp(profile->bssid, e->addr, ETH_ALEN))
6168 brcmf_bss_connect_done(cfg, ndev, e, false);
6169 brcmf_link_down(ifp->vif,
6170 brcmf_map_fw_linkdown_reason(e),
6172 (BRCMF_E_DEAUTH_IND |
6173 BRCMF_E_DISASSOC_IND)
6175 brcmf_init_prof(ndev_to_prof(ndev));
6176 if (ndev != cfg_to_ndev(cfg))
6177 complete(&cfg->vif_disabled);
6178 brcmf_net_setcarrier(ifp, false);
6180 } else if (brcmf_is_nonetwork(cfg, e)) {
6181 if (brcmf_is_ibssmode(ifp->vif))
6182 clear_bit(BRCMF_VIF_STATUS_CONNECTING,
6183 &ifp->vif->sme_state);
6185 brcmf_bss_connect_done(cfg, ndev, e, false);
6192 brcmf_notify_roaming_status(struct brcmf_if *ifp,
6193 const struct brcmf_event_msg *e, void *data)
6195 struct brcmf_cfg80211_info *cfg = ifp->drvr->config;
6196 u32 event = e->event_code;
6197 u32 status = e->status;
6199 if (event == BRCMF_E_ROAM && status == BRCMF_E_STATUS_SUCCESS) {
6200 if (test_bit(BRCMF_VIF_STATUS_CONNECTED,
6201 &ifp->vif->sme_state)) {
6202 brcmf_bss_roaming_done(cfg, ifp->ndev, e);
6204 brcmf_bss_connect_done(cfg, ifp->ndev, e, true);
6205 brcmf_net_setcarrier(ifp, true);
6213 brcmf_notify_mic_status(struct brcmf_if *ifp,
6214 const struct brcmf_event_msg *e, void *data)
6216 u16 flags = e->flags;
6217 enum nl80211_key_type key_type;
6219 if (flags & BRCMF_EVENT_MSG_GROUP)
6220 key_type = NL80211_KEYTYPE_GROUP;
6222 key_type = NL80211_KEYTYPE_PAIRWISE;
6224 cfg80211_michael_mic_failure(ifp->ndev, (u8 *)&e->addr, key_type, -1,
6230 static s32 brcmf_notify_rssi(struct brcmf_if *ifp,
6231 const struct brcmf_event_msg *e, void *data)
6233 struct brcmf_cfg80211_vif *vif = ifp->vif;
6234 struct brcmf_rssi_be *info = data;
6235 s32 rssi, snr, noise;
6236 s32 low, high, last;
6238 if (e->datalen < sizeof(*info)) {
6239 brcmf_err("insufficient RSSI event data\n");
6243 rssi = be32_to_cpu(info->rssi);
6244 snr = be32_to_cpu(info->snr);
6245 noise = be32_to_cpu(info->noise);
6247 low = vif->cqm_rssi_low;
6248 high = vif->cqm_rssi_high;
6249 last = vif->cqm_rssi_last;
6251 brcmf_dbg(TRACE, "rssi=%d snr=%d noise=%d low=%d high=%d last=%d\n",
6252 rssi, snr, noise, low, high, last);
6254 vif->cqm_rssi_last = rssi;
6256 if (rssi <= low || rssi == 0) {
6257 brcmf_dbg(INFO, "LOW rssi=%d\n", rssi);
6258 cfg80211_cqm_rssi_notify(ifp->ndev,
6259 NL80211_CQM_RSSI_THRESHOLD_EVENT_LOW,
6261 } else if (rssi > high) {
6262 brcmf_dbg(INFO, "HIGH rssi=%d\n", rssi);
6263 cfg80211_cqm_rssi_notify(ifp->ndev,
6264 NL80211_CQM_RSSI_THRESHOLD_EVENT_HIGH,
6271 static s32 brcmf_notify_vif_event(struct brcmf_if *ifp,
6272 const struct brcmf_event_msg *e, void *data)
6274 struct brcmf_cfg80211_info *cfg = ifp->drvr->config;
6275 struct brcmf_if_event *ifevent = (struct brcmf_if_event *)data;
6276 struct brcmf_cfg80211_vif_event *event = &cfg->vif_event;
6277 struct brcmf_cfg80211_vif *vif;
6279 brcmf_dbg(TRACE, "Enter: action %u flags %u ifidx %u bsscfgidx %u\n",
6280 ifevent->action, ifevent->flags, ifevent->ifidx,
6281 ifevent->bsscfgidx);
6283 spin_lock(&event->vif_event_lock);
6284 event->action = ifevent->action;
6287 switch (ifevent->action) {
6288 case BRCMF_E_IF_ADD:
6289 /* waiting process may have timed out */
6290 if (!cfg->vif_event.vif) {
6291 spin_unlock(&event->vif_event_lock);
6298 vif->wdev.netdev = ifp->ndev;
6299 ifp->ndev->ieee80211_ptr = &vif->wdev;
6300 SET_NETDEV_DEV(ifp->ndev, wiphy_dev(cfg->wiphy));
6302 spin_unlock(&event->vif_event_lock);
6303 wake_up(&event->vif_wq);
6306 case BRCMF_E_IF_DEL:
6307 spin_unlock(&event->vif_event_lock);
6308 /* event may not be upon user request */
6309 if (brcmf_cfg80211_vif_event_armed(cfg))
6310 wake_up(&event->vif_wq);
6313 case BRCMF_E_IF_CHANGE:
6314 spin_unlock(&event->vif_event_lock);
6315 wake_up(&event->vif_wq);
6319 spin_unlock(&event->vif_event_lock);
6325 static void brcmf_init_conf(struct brcmf_cfg80211_conf *conf)
6327 conf->frag_threshold = (u32)-1;
6328 conf->rts_threshold = (u32)-1;
6329 conf->retry_short = (u32)-1;
6330 conf->retry_long = (u32)-1;
6333 static void brcmf_register_event_handlers(struct brcmf_cfg80211_info *cfg)
6335 brcmf_fweh_register(cfg->pub, BRCMF_E_LINK,
6336 brcmf_notify_connect_status);
6337 brcmf_fweh_register(cfg->pub, BRCMF_E_DEAUTH_IND,
6338 brcmf_notify_connect_status);
6339 brcmf_fweh_register(cfg->pub, BRCMF_E_DEAUTH,
6340 brcmf_notify_connect_status);
6341 brcmf_fweh_register(cfg->pub, BRCMF_E_DISASSOC_IND,
6342 brcmf_notify_connect_status);
6343 brcmf_fweh_register(cfg->pub, BRCMF_E_ASSOC_IND,
6344 brcmf_notify_connect_status);
6345 brcmf_fweh_register(cfg->pub, BRCMF_E_REASSOC_IND,
6346 brcmf_notify_connect_status);
6347 brcmf_fweh_register(cfg->pub, BRCMF_E_ROAM,
6348 brcmf_notify_roaming_status);
6349 brcmf_fweh_register(cfg->pub, BRCMF_E_MIC_ERROR,
6350 brcmf_notify_mic_status);
6351 brcmf_fweh_register(cfg->pub, BRCMF_E_SET_SSID,
6352 brcmf_notify_connect_status);
6353 brcmf_fweh_register(cfg->pub, BRCMF_E_PFN_NET_FOUND,
6354 brcmf_notify_sched_scan_results);
6355 brcmf_fweh_register(cfg->pub, BRCMF_E_IF,
6356 brcmf_notify_vif_event);
6357 brcmf_fweh_register(cfg->pub, BRCMF_E_P2P_PROBEREQ_MSG,
6358 brcmf_p2p_notify_rx_mgmt_p2p_probereq);
6359 brcmf_fweh_register(cfg->pub, BRCMF_E_P2P_DISC_LISTEN_COMPLETE,
6360 brcmf_p2p_notify_listen_complete);
6361 brcmf_fweh_register(cfg->pub, BRCMF_E_ACTION_FRAME_RX,
6362 brcmf_p2p_notify_action_frame_rx);
6363 brcmf_fweh_register(cfg->pub, BRCMF_E_ACTION_FRAME_COMPLETE,
6364 brcmf_p2p_notify_action_tx_complete);
6365 brcmf_fweh_register(cfg->pub, BRCMF_E_ACTION_FRAME_OFF_CHAN_COMPLETE,
6366 brcmf_p2p_notify_action_tx_complete);
6367 brcmf_fweh_register(cfg->pub, BRCMF_E_PSK_SUP,
6368 brcmf_notify_connect_status);
6369 brcmf_fweh_register(cfg->pub, BRCMF_E_RSSI, brcmf_notify_rssi);
6372 static void brcmf_deinit_priv_mem(struct brcmf_cfg80211_info *cfg)
6376 kfree(cfg->extra_buf);
6377 cfg->extra_buf = NULL;
6378 kfree(cfg->wowl.nd);
6379 cfg->wowl.nd = NULL;
6380 kfree(cfg->wowl.nd_info);
6381 cfg->wowl.nd_info = NULL;
6382 kfree(cfg->escan_info.escan_buf);
6383 cfg->escan_info.escan_buf = NULL;
6386 static s32 brcmf_init_priv_mem(struct brcmf_cfg80211_info *cfg)
6388 cfg->conf = kzalloc(sizeof(*cfg->conf), GFP_KERNEL);
6390 goto init_priv_mem_out;
6391 cfg->extra_buf = kzalloc(WL_EXTRA_BUF_MAX, GFP_KERNEL);
6392 if (!cfg->extra_buf)
6393 goto init_priv_mem_out;
6394 cfg->wowl.nd = kzalloc(sizeof(*cfg->wowl.nd) + sizeof(u32), GFP_KERNEL);
6396 goto init_priv_mem_out;
6397 cfg->wowl.nd_info = kzalloc(sizeof(*cfg->wowl.nd_info) +
6398 sizeof(struct cfg80211_wowlan_nd_match *),
6400 if (!cfg->wowl.nd_info)
6401 goto init_priv_mem_out;
6402 cfg->escan_info.escan_buf = kzalloc(BRCMF_ESCAN_BUF_SIZE, GFP_KERNEL);
6403 if (!cfg->escan_info.escan_buf)
6404 goto init_priv_mem_out;
6409 brcmf_deinit_priv_mem(cfg);
6414 static s32 wl_init_priv(struct brcmf_cfg80211_info *cfg)
6418 cfg->scan_request = NULL;
6419 cfg->pwr_save = true;
6420 cfg->dongle_up = false; /* dongle is not up yet */
6421 err = brcmf_init_priv_mem(cfg);
6424 brcmf_register_event_handlers(cfg);
6425 mutex_init(&cfg->usr_sync);
6426 brcmf_init_escan(cfg);
6427 brcmf_init_conf(cfg->conf);
6428 brcmf_init_wmm_prio(cfg->ac_priority);
6429 init_completion(&cfg->vif_disabled);
6433 static void wl_deinit_priv(struct brcmf_cfg80211_info *cfg)
6435 cfg->dongle_up = false; /* dongle down */
6436 brcmf_abort_scanning(cfg);
6437 brcmf_deinit_priv_mem(cfg);
6438 brcmf_clear_assoc_ies(cfg);
6441 static void init_vif_event(struct brcmf_cfg80211_vif_event *event)
6443 init_waitqueue_head(&event->vif_wq);
6444 spin_lock_init(&event->vif_event_lock);
6447 static s32 brcmf_dongle_roam(struct brcmf_if *ifp)
6449 struct brcmf_pub *drvr = ifp->drvr;
6452 __le32 roamtrigger[2];
6453 __le32 roam_delta[2];
6455 /* Configure beacon timeout value based upon roaming setting */
6456 if (ifp->drvr->settings->roamoff)
6457 bcn_timeout = BRCMF_DEFAULT_BCN_TIMEOUT_ROAM_OFF;
6459 bcn_timeout = BRCMF_DEFAULT_BCN_TIMEOUT_ROAM_ON;
6460 err = brcmf_fil_iovar_int_set(ifp, "bcn_timeout", bcn_timeout);
6462 bphy_err(drvr, "bcn_timeout error (%d)\n", err);
6463 goto roam_setup_done;
6466 /* Enable/Disable built-in roaming to allow supplicant to take care of
6469 brcmf_dbg(INFO, "Internal Roaming = %s\n",
6470 ifp->drvr->settings->roamoff ? "Off" : "On");
6471 err = brcmf_fil_iovar_int_set(ifp, "roam_off",
6472 ifp->drvr->settings->roamoff);
6474 bphy_err(drvr, "roam_off error (%d)\n", err);
6475 goto roam_setup_done;
6478 roamtrigger[0] = cpu_to_le32(WL_ROAM_TRIGGER_LEVEL);
6479 roamtrigger[1] = cpu_to_le32(BRCM_BAND_ALL);
6480 err = brcmf_fil_cmd_data_set(ifp, BRCMF_C_SET_ROAM_TRIGGER,
6481 (void *)roamtrigger, sizeof(roamtrigger));
6483 bphy_err(drvr, "WLC_SET_ROAM_TRIGGER error (%d)\n", err);
6485 roam_delta[0] = cpu_to_le32(WL_ROAM_DELTA);
6486 roam_delta[1] = cpu_to_le32(BRCM_BAND_ALL);
6487 err = brcmf_fil_cmd_data_set(ifp, BRCMF_C_SET_ROAM_DELTA,
6488 (void *)roam_delta, sizeof(roam_delta));
6490 bphy_err(drvr, "WLC_SET_ROAM_DELTA error (%d)\n", err);
6499 brcmf_dongle_scantime(struct brcmf_if *ifp)
6501 struct brcmf_pub *drvr = ifp->drvr;
6504 err = brcmf_fil_cmd_int_set(ifp, BRCMF_C_SET_SCAN_CHANNEL_TIME,
6505 BRCMF_SCAN_CHANNEL_TIME);
6507 bphy_err(drvr, "Scan assoc time error (%d)\n", err);
6508 goto dongle_scantime_out;
6510 err = brcmf_fil_cmd_int_set(ifp, BRCMF_C_SET_SCAN_UNASSOC_TIME,
6511 BRCMF_SCAN_UNASSOC_TIME);
6513 bphy_err(drvr, "Scan unassoc time error (%d)\n", err);
6514 goto dongle_scantime_out;
6517 err = brcmf_fil_cmd_int_set(ifp, BRCMF_C_SET_SCAN_PASSIVE_TIME,
6518 BRCMF_SCAN_PASSIVE_TIME);
6520 bphy_err(drvr, "Scan passive time error (%d)\n", err);
6521 goto dongle_scantime_out;
6524 dongle_scantime_out:
6528 static void brcmf_update_bw40_channel_flag(struct ieee80211_channel *channel,
6529 struct brcmu_chan *ch)
6533 ht40_flag = channel->flags & IEEE80211_CHAN_NO_HT40;
6534 if (ch->sb == BRCMU_CHAN_SB_U) {
6535 if (ht40_flag == IEEE80211_CHAN_NO_HT40)
6536 channel->flags &= ~IEEE80211_CHAN_NO_HT40;
6537 channel->flags |= IEEE80211_CHAN_NO_HT40PLUS;
6539 /* It should be one of
6540 * IEEE80211_CHAN_NO_HT40 or
6541 * IEEE80211_CHAN_NO_HT40PLUS
6543 channel->flags &= ~IEEE80211_CHAN_NO_HT40;
6544 if (ht40_flag == IEEE80211_CHAN_NO_HT40)
6545 channel->flags |= IEEE80211_CHAN_NO_HT40MINUS;
6549 static int brcmf_construct_chaninfo(struct brcmf_cfg80211_info *cfg,
6552 struct wiphy *wiphy = cfg_to_wiphy(cfg);
6553 struct brcmf_pub *drvr = cfg->pub;
6554 struct brcmf_if *ifp = brcmf_get_ifp(drvr, 0);
6555 struct ieee80211_supported_band *band;
6556 struct ieee80211_channel *channel;
6557 struct brcmf_chanspec_list *list;
6558 struct brcmu_chan ch;
6565 pbuf = kzalloc(BRCMF_DCMD_MEDLEN, GFP_KERNEL);
6570 list = (struct brcmf_chanspec_list *)pbuf;
6572 err = brcmf_fil_iovar_data_get(ifp, "chanspecs", pbuf,
6575 bphy_err(drvr, "get chanspecs error (%d)\n", err);
6579 band = wiphy->bands[NL80211_BAND_2GHZ];
6581 for (i = 0; i < band->n_channels; i++)
6582 band->channels[i].flags = IEEE80211_CHAN_DISABLED;
6583 band = wiphy->bands[NL80211_BAND_5GHZ];
6585 for (i = 0; i < band->n_channels; i++)
6586 band->channels[i].flags = IEEE80211_CHAN_DISABLED;
6588 total = le32_to_cpu(list->count);
6589 for (i = 0; i < total; i++) {
6590 ch.chspec = (u16)le32_to_cpu(list->element[i]);
6591 cfg->d11inf.decchspec(&ch);
6593 if (ch.band == BRCMU_CHAN_BAND_2G) {
6594 band = wiphy->bands[NL80211_BAND_2GHZ];
6595 } else if (ch.band == BRCMU_CHAN_BAND_5G) {
6596 band = wiphy->bands[NL80211_BAND_5GHZ];
6598 bphy_err(drvr, "Invalid channel Spec. 0x%x.\n",
6604 if (!(bw_cap[band->band] & WLC_BW_40MHZ_BIT) &&
6605 ch.bw == BRCMU_CHAN_BW_40)
6607 if (!(bw_cap[band->band] & WLC_BW_80MHZ_BIT) &&
6608 ch.bw == BRCMU_CHAN_BW_80)
6612 for (j = 0; j < band->n_channels; j++) {
6613 if (band->channels[j].hw_value == ch.control_ch_num) {
6614 channel = &band->channels[j];
6619 /* It seems firmware supports some channel we never
6620 * considered. Something new in IEEE standard?
6622 bphy_err(drvr, "Ignoring unexpected firmware channel %d\n",
6627 if (channel->orig_flags & IEEE80211_CHAN_DISABLED)
6630 /* assuming the chanspecs order is HT20,
6631 * HT40 upper, HT40 lower, and VHT80.
6634 case BRCMU_CHAN_BW_160:
6635 channel->flags &= ~IEEE80211_CHAN_NO_160MHZ;
6637 case BRCMU_CHAN_BW_80:
6638 channel->flags &= ~IEEE80211_CHAN_NO_80MHZ;
6640 case BRCMU_CHAN_BW_40:
6641 brcmf_update_bw40_channel_flag(channel, &ch);
6644 wiphy_warn(wiphy, "Firmware reported unsupported bandwidth %d\n",
6647 case BRCMU_CHAN_BW_20:
6648 /* enable the channel and disable other bandwidths
6649 * for now as mentioned order assure they are enabled
6650 * for subsequent chanspecs.
6652 channel->flags = IEEE80211_CHAN_NO_HT40 |
6653 IEEE80211_CHAN_NO_80MHZ |
6654 IEEE80211_CHAN_NO_160MHZ;
6655 ch.bw = BRCMU_CHAN_BW_20;
6656 cfg->d11inf.encchspec(&ch);
6657 chaninfo = ch.chspec;
6658 err = brcmf_fil_bsscfg_int_get(ifp, "per_chan_info",
6661 if (chaninfo & WL_CHAN_RADAR)
6663 (IEEE80211_CHAN_RADAR |
6664 IEEE80211_CHAN_NO_IR);
6665 if (chaninfo & WL_CHAN_PASSIVE)
6667 IEEE80211_CHAN_NO_IR;
6677 static int brcmf_enable_bw40_2g(struct brcmf_cfg80211_info *cfg)
6679 struct brcmf_pub *drvr = cfg->pub;
6680 struct brcmf_if *ifp = brcmf_get_ifp(drvr, 0);
6681 struct ieee80211_supported_band *band;
6682 struct brcmf_fil_bwcap_le band_bwcap;
6683 struct brcmf_chanspec_list *list;
6687 struct brcmu_chan ch;
6691 /* verify support for bw_cap command */
6693 err = brcmf_fil_iovar_int_get(ifp, "bw_cap", &val);
6696 /* only set 2G bandwidth using bw_cap command */
6697 band_bwcap.band = cpu_to_le32(WLC_BAND_2G);
6698 band_bwcap.bw_cap = cpu_to_le32(WLC_BW_CAP_40MHZ);
6699 err = brcmf_fil_iovar_data_set(ifp, "bw_cap", &band_bwcap,
6700 sizeof(band_bwcap));
6702 brcmf_dbg(INFO, "fallback to mimo_bw_cap\n");
6703 val = WLC_N_BW_40ALL;
6704 err = brcmf_fil_iovar_int_set(ifp, "mimo_bw_cap", val);
6708 /* update channel info in 2G band */
6709 pbuf = kzalloc(BRCMF_DCMD_MEDLEN, GFP_KERNEL);
6714 ch.band = BRCMU_CHAN_BAND_2G;
6715 ch.bw = BRCMU_CHAN_BW_40;
6716 ch.sb = BRCMU_CHAN_SB_NONE;
6718 cfg->d11inf.encchspec(&ch);
6720 /* pass encoded chanspec in query */
6721 *(__le16 *)pbuf = cpu_to_le16(ch.chspec);
6723 err = brcmf_fil_iovar_data_get(ifp, "chanspecs", pbuf,
6726 bphy_err(drvr, "get chanspecs error (%d)\n", err);
6731 band = cfg_to_wiphy(cfg)->bands[NL80211_BAND_2GHZ];
6732 list = (struct brcmf_chanspec_list *)pbuf;
6733 num_chan = le32_to_cpu(list->count);
6734 for (i = 0; i < num_chan; i++) {
6735 ch.chspec = (u16)le32_to_cpu(list->element[i]);
6736 cfg->d11inf.decchspec(&ch);
6737 if (WARN_ON(ch.band != BRCMU_CHAN_BAND_2G))
6739 if (WARN_ON(ch.bw != BRCMU_CHAN_BW_40))
6741 for (j = 0; j < band->n_channels; j++) {
6742 if (band->channels[j].hw_value == ch.control_ch_num)
6745 if (WARN_ON(j == band->n_channels))
6748 brcmf_update_bw40_channel_flag(&band->channels[j], &ch);
6755 static void brcmf_get_bwcap(struct brcmf_if *ifp, u32 bw_cap[])
6757 struct brcmf_pub *drvr = ifp->drvr;
6758 u32 band, mimo_bwcap;
6762 err = brcmf_fil_iovar_int_get(ifp, "bw_cap", &band);
6764 bw_cap[NL80211_BAND_2GHZ] = band;
6766 err = brcmf_fil_iovar_int_get(ifp, "bw_cap", &band);
6768 bw_cap[NL80211_BAND_5GHZ] = band;
6774 brcmf_dbg(INFO, "fallback to mimo_bw_cap info\n");
6776 err = brcmf_fil_iovar_int_get(ifp, "mimo_bw_cap", &mimo_bwcap);
6778 /* assume 20MHz if firmware does not give a clue */
6779 mimo_bwcap = WLC_N_BW_20ALL;
6781 switch (mimo_bwcap) {
6782 case WLC_N_BW_40ALL:
6783 bw_cap[NL80211_BAND_2GHZ] |= WLC_BW_40MHZ_BIT;
6785 case WLC_N_BW_20IN2G_40IN5G:
6786 bw_cap[NL80211_BAND_5GHZ] |= WLC_BW_40MHZ_BIT;
6788 case WLC_N_BW_20ALL:
6789 bw_cap[NL80211_BAND_2GHZ] |= WLC_BW_20MHZ_BIT;
6790 bw_cap[NL80211_BAND_5GHZ] |= WLC_BW_20MHZ_BIT;
6793 bphy_err(drvr, "invalid mimo_bw_cap value\n");
6797 static void brcmf_update_ht_cap(struct ieee80211_supported_band *band,
6798 u32 bw_cap[2], u32 nchain)
6800 band->ht_cap.ht_supported = true;
6801 if (bw_cap[band->band] & WLC_BW_40MHZ_BIT) {
6802 band->ht_cap.cap |= IEEE80211_HT_CAP_SGI_40;
6803 band->ht_cap.cap |= IEEE80211_HT_CAP_SUP_WIDTH_20_40;
6805 band->ht_cap.cap |= IEEE80211_HT_CAP_SGI_20;
6806 band->ht_cap.cap |= IEEE80211_HT_CAP_DSSSCCK40;
6807 band->ht_cap.ampdu_factor = IEEE80211_HT_MAX_AMPDU_64K;
6808 band->ht_cap.ampdu_density = IEEE80211_HT_MPDU_DENSITY_16;
6809 memset(band->ht_cap.mcs.rx_mask, 0xff, nchain);
6810 band->ht_cap.mcs.tx_params = IEEE80211_HT_MCS_TX_DEFINED;
6813 static __le16 brcmf_get_mcs_map(u32 nchain, enum ieee80211_vht_mcs_support supp)
6818 for (i = 0, mcs_map = 0xFFFF; i < nchain; i++)
6819 mcs_map = (mcs_map << 2) | supp;
6821 return cpu_to_le16(mcs_map);
6824 static void brcmf_update_vht_cap(struct ieee80211_supported_band *band,
6825 u32 bw_cap[2], u32 nchain, u32 txstreams,
6826 u32 txbf_bfe_cap, u32 txbf_bfr_cap)
6830 /* not allowed in 2.4G band */
6831 if (band->band == NL80211_BAND_2GHZ)
6834 band->vht_cap.vht_supported = true;
6835 /* 80MHz is mandatory */
6836 band->vht_cap.cap |= IEEE80211_VHT_CAP_SHORT_GI_80;
6837 if (bw_cap[band->band] & WLC_BW_160MHZ_BIT) {
6838 band->vht_cap.cap |= IEEE80211_VHT_CAP_SUPP_CHAN_WIDTH_160MHZ;
6839 band->vht_cap.cap |= IEEE80211_VHT_CAP_SHORT_GI_160;
6841 /* all support 256-QAM */
6842 mcs_map = brcmf_get_mcs_map(nchain, IEEE80211_VHT_MCS_SUPPORT_0_9);
6843 band->vht_cap.vht_mcs.rx_mcs_map = mcs_map;
6844 band->vht_cap.vht_mcs.tx_mcs_map = mcs_map;
6846 /* Beamforming support information */
6847 if (txbf_bfe_cap & BRCMF_TXBF_SU_BFE_CAP)
6848 band->vht_cap.cap |= IEEE80211_VHT_CAP_SU_BEAMFORMEE_CAPABLE;
6849 if (txbf_bfe_cap & BRCMF_TXBF_MU_BFE_CAP)
6850 band->vht_cap.cap |= IEEE80211_VHT_CAP_MU_BEAMFORMEE_CAPABLE;
6851 if (txbf_bfr_cap & BRCMF_TXBF_SU_BFR_CAP)
6852 band->vht_cap.cap |= IEEE80211_VHT_CAP_SU_BEAMFORMER_CAPABLE;
6853 if (txbf_bfr_cap & BRCMF_TXBF_MU_BFR_CAP)
6854 band->vht_cap.cap |= IEEE80211_VHT_CAP_MU_BEAMFORMER_CAPABLE;
6856 if ((txbf_bfe_cap || txbf_bfr_cap) && (txstreams > 1)) {
6857 band->vht_cap.cap |=
6858 (2 << IEEE80211_VHT_CAP_BEAMFORMEE_STS_SHIFT);
6859 band->vht_cap.cap |= ((txstreams - 1) <<
6860 IEEE80211_VHT_CAP_SOUNDING_DIMENSIONS_SHIFT);
6861 band->vht_cap.cap |=
6862 IEEE80211_VHT_CAP_VHT_LINK_ADAPTATION_VHT_MRQ_MFB;
6866 static int brcmf_setup_wiphybands(struct brcmf_cfg80211_info *cfg)
6868 struct brcmf_pub *drvr = cfg->pub;
6869 struct brcmf_if *ifp = brcmf_get_ifp(drvr, 0);
6870 struct wiphy *wiphy = cfg_to_wiphy(cfg);
6873 u32 bw_cap[2] = { WLC_BW_20MHZ_BIT, WLC_BW_20MHZ_BIT };
6878 struct ieee80211_supported_band *band;
6880 u32 txbf_bfe_cap = 0;
6881 u32 txbf_bfr_cap = 0;
6883 (void)brcmf_fil_iovar_int_get(ifp, "vhtmode", &vhtmode);
6884 err = brcmf_fil_iovar_int_get(ifp, "nmode", &nmode);
6886 bphy_err(drvr, "nmode error (%d)\n", err);
6888 brcmf_get_bwcap(ifp, bw_cap);
6890 brcmf_dbg(INFO, "nmode=%d, vhtmode=%d, bw_cap=(%d, %d)\n",
6891 nmode, vhtmode, bw_cap[NL80211_BAND_2GHZ],
6892 bw_cap[NL80211_BAND_5GHZ]);
6894 err = brcmf_fil_iovar_int_get(ifp, "rxchain", &rxchain);
6896 /* rxchain unsupported by firmware of older chips */
6898 bphy_info_once(drvr, "rxchain unsupported\n");
6900 bphy_err(drvr, "rxchain error (%d)\n", err);
6904 for (nchain = 0; rxchain; nchain++)
6905 rxchain = rxchain & (rxchain - 1);
6907 brcmf_dbg(INFO, "nchain=%d\n", nchain);
6909 err = brcmf_construct_chaninfo(cfg, bw_cap);
6911 bphy_err(drvr, "brcmf_construct_chaninfo failed (%d)\n", err);
6916 (void)brcmf_fil_iovar_int_get(ifp, "txstreams", &txstreams);
6917 (void)brcmf_fil_iovar_int_get(ifp, "txbf_bfe_cap",
6919 (void)brcmf_fil_iovar_int_get(ifp, "txbf_bfr_cap",
6923 for (i = 0; i < ARRAY_SIZE(wiphy->bands); i++) {
6924 band = wiphy->bands[i];
6929 brcmf_update_ht_cap(band, bw_cap, nchain);
6931 brcmf_update_vht_cap(band, bw_cap, nchain, txstreams,
6932 txbf_bfe_cap, txbf_bfr_cap);
6938 static const struct ieee80211_txrx_stypes
6939 brcmf_txrx_stypes[NUM_NL80211_IFTYPES] = {
6940 [NL80211_IFTYPE_STATION] = {
6942 .rx = BIT(IEEE80211_STYPE_ACTION >> 4) |
6943 BIT(IEEE80211_STYPE_PROBE_REQ >> 4)
6945 [NL80211_IFTYPE_P2P_CLIENT] = {
6947 .rx = BIT(IEEE80211_STYPE_ACTION >> 4) |
6948 BIT(IEEE80211_STYPE_PROBE_REQ >> 4)
6950 [NL80211_IFTYPE_P2P_GO] = {
6952 .rx = BIT(IEEE80211_STYPE_ASSOC_REQ >> 4) |
6953 BIT(IEEE80211_STYPE_REASSOC_REQ >> 4) |
6954 BIT(IEEE80211_STYPE_PROBE_REQ >> 4) |
6955 BIT(IEEE80211_STYPE_DISASSOC >> 4) |
6956 BIT(IEEE80211_STYPE_AUTH >> 4) |
6957 BIT(IEEE80211_STYPE_DEAUTH >> 4) |
6958 BIT(IEEE80211_STYPE_ACTION >> 4)
6960 [NL80211_IFTYPE_P2P_DEVICE] = {
6962 .rx = BIT(IEEE80211_STYPE_ACTION >> 4) |
6963 BIT(IEEE80211_STYPE_PROBE_REQ >> 4)
6965 [NL80211_IFTYPE_AP] = {
6967 .rx = BIT(IEEE80211_STYPE_ASSOC_REQ >> 4) |
6968 BIT(IEEE80211_STYPE_REASSOC_REQ >> 4) |
6969 BIT(IEEE80211_STYPE_PROBE_REQ >> 4) |
6970 BIT(IEEE80211_STYPE_DISASSOC >> 4) |
6971 BIT(IEEE80211_STYPE_AUTH >> 4) |
6972 BIT(IEEE80211_STYPE_DEAUTH >> 4) |
6973 BIT(IEEE80211_STYPE_ACTION >> 4)
6978 * brcmf_setup_ifmodes() - determine interface modes and combinations.
6980 * @wiphy: wiphy object.
6981 * @ifp: interface object needed for feat module api.
6983 * The interface modes and combinations are determined dynamically here
6984 * based on firmware functionality.
6986 * no p2p and no mbss:
6988 * #STA <= 1, #AP <= 1, channels = 1, 2 total
6992 * #STA <= 1, #AP <= 1, channels = 1, 2 total
6993 * #AP <= 4, matching BI, channels = 1, 4 total
6996 * #STA <= 1, #AP <= 2, channels = 2, 4 total
6998 * p2p, no mchan, and mbss:
7000 * #STA <= 1, #P2P-DEV <= 1, #{P2P-CL, P2P-GO} <= 1, channels = 1, 3 total
7001 * #STA <= 1, #P2P-DEV <= 1, #AP <= 1, #P2P-CL <= 1, channels = 1, 4 total
7002 * #AP <= 4, matching BI, channels = 1, 4 total
7004 * p2p, mchan, and mbss:
7006 * #STA <= 1, #P2P-DEV <= 1, #{P2P-CL, P2P-GO} <= 1, channels = 2, 3 total
7007 * #STA <= 1, #P2P-DEV <= 1, #AP <= 1, #P2P-CL <= 1, channels = 1, 4 total
7008 * #AP <= 4, matching BI, channels = 1, 4 total
7010 * p2p, rsdb, and no mbss:
7011 * #STA <= 1, #P2P-DEV <= 1, #{P2P-CL, P2P-GO} <= 2, AP <= 2,
7012 * channels = 2, 4 total
7014 static int brcmf_setup_ifmodes(struct wiphy *wiphy, struct brcmf_if *ifp)
7016 struct ieee80211_iface_combination *combo = NULL;
7017 struct ieee80211_iface_limit *c0_limits = NULL;
7018 struct ieee80211_iface_limit *p2p_limits = NULL;
7019 struct ieee80211_iface_limit *mbss_limits = NULL;
7020 bool mon_flag, mbss, p2p, rsdb, mchan;
7021 int i, c, n_combos, n_limits;
7023 mon_flag = brcmf_feat_is_enabled(ifp, BRCMF_FEAT_MONITOR_FLAG);
7024 mbss = brcmf_feat_is_enabled(ifp, BRCMF_FEAT_MBSS);
7025 p2p = brcmf_feat_is_enabled(ifp, BRCMF_FEAT_P2P);
7026 rsdb = brcmf_feat_is_enabled(ifp, BRCMF_FEAT_RSDB);
7027 mchan = brcmf_feat_is_enabled(ifp, BRCMF_FEAT_MCHAN);
7029 n_combos = 1 + !!(p2p && !rsdb) + !!mbss;
7030 combo = kcalloc(n_combos, sizeof(*combo), GFP_KERNEL);
7034 wiphy->interface_modes = BIT(NL80211_IFTYPE_STATION) |
7035 BIT(NL80211_IFTYPE_ADHOC) |
7036 BIT(NL80211_IFTYPE_AP);
7038 wiphy->interface_modes |= BIT(NL80211_IFTYPE_MONITOR);
7040 wiphy->interface_modes |= BIT(NL80211_IFTYPE_P2P_CLIENT) |
7041 BIT(NL80211_IFTYPE_P2P_GO) |
7042 BIT(NL80211_IFTYPE_P2P_DEVICE);
7046 n_limits = 1 + mon_flag + (p2p ? 2 : 0) + (rsdb || !p2p);
7047 c0_limits = kcalloc(n_limits, sizeof(*c0_limits), GFP_KERNEL);
7051 combo[c].num_different_channels = 1 + (rsdb || (p2p && mchan));
7052 c0_limits[i].max = 1;
7053 c0_limits[i++].types = BIT(NL80211_IFTYPE_STATION);
7055 c0_limits[i].max = 1;
7056 c0_limits[i++].types = BIT(NL80211_IFTYPE_MONITOR);
7059 c0_limits[i].max = 1;
7060 c0_limits[i++].types = BIT(NL80211_IFTYPE_P2P_DEVICE);
7061 c0_limits[i].max = 1 + rsdb;
7062 c0_limits[i++].types = BIT(NL80211_IFTYPE_P2P_CLIENT) |
7063 BIT(NL80211_IFTYPE_P2P_GO);
7066 c0_limits[i].max = 2;
7067 c0_limits[i++].types = BIT(NL80211_IFTYPE_AP);
7068 combo[c].max_interfaces = 4;
7070 combo[c].max_interfaces = i;
7072 c0_limits[i].max = 2;
7073 c0_limits[i++].types = BIT(NL80211_IFTYPE_AP);
7074 combo[c].max_interfaces = 3;
7076 c0_limits[i].max = 1;
7077 c0_limits[i++].types = BIT(NL80211_IFTYPE_AP);
7078 combo[c].max_interfaces = i;
7080 combo[c].n_limits = i;
7081 combo[c].limits = c0_limits;
7086 p2p_limits = kcalloc(4, sizeof(*p2p_limits), GFP_KERNEL);
7089 p2p_limits[i].max = 1;
7090 p2p_limits[i++].types = BIT(NL80211_IFTYPE_STATION);
7091 p2p_limits[i].max = 1;
7092 p2p_limits[i++].types = BIT(NL80211_IFTYPE_AP);
7093 p2p_limits[i].max = 1;
7094 p2p_limits[i++].types = BIT(NL80211_IFTYPE_P2P_CLIENT);
7095 p2p_limits[i].max = 1;
7096 p2p_limits[i++].types = BIT(NL80211_IFTYPE_P2P_DEVICE);
7097 combo[c].num_different_channels = 1;
7098 combo[c].max_interfaces = i;
7099 combo[c].n_limits = i;
7100 combo[c].limits = p2p_limits;
7106 n_limits = 1 + mon_flag;
7107 mbss_limits = kcalloc(n_limits, sizeof(*mbss_limits),
7111 mbss_limits[i].max = 4;
7112 mbss_limits[i++].types = BIT(NL80211_IFTYPE_AP);
7114 mbss_limits[i].max = 1;
7115 mbss_limits[i++].types = BIT(NL80211_IFTYPE_MONITOR);
7117 combo[c].beacon_int_infra_match = true;
7118 combo[c].num_different_channels = 1;
7119 combo[c].max_interfaces = 4 + mon_flag;
7120 combo[c].n_limits = i;
7121 combo[c].limits = mbss_limits;
7124 wiphy->n_iface_combinations = n_combos;
7125 wiphy->iface_combinations = combo;
7137 static const struct wiphy_wowlan_support brcmf_wowlan_support = {
7138 .flags = WIPHY_WOWLAN_MAGIC_PKT | WIPHY_WOWLAN_DISCONNECT,
7139 .n_patterns = BRCMF_WOWL_MAXPATTERNS,
7140 .pattern_max_len = BRCMF_WOWL_MAXPATTERNSIZE,
7141 .pattern_min_len = 1,
7142 .max_pkt_offset = 1500,
7146 static void brcmf_wiphy_wowl_params(struct wiphy *wiphy, struct brcmf_if *ifp)
7149 struct brcmf_cfg80211_info *cfg = wiphy_to_cfg(wiphy);
7150 struct brcmf_pub *drvr = cfg->pub;
7151 struct wiphy_wowlan_support *wowl;
7153 wowl = kmemdup(&brcmf_wowlan_support, sizeof(brcmf_wowlan_support),
7156 bphy_err(drvr, "only support basic wowlan features\n");
7157 wiphy->wowlan = &brcmf_wowlan_support;
7161 if (brcmf_feat_is_enabled(ifp, BRCMF_FEAT_PNO)) {
7162 if (brcmf_feat_is_enabled(ifp, BRCMF_FEAT_WOWL_ND)) {
7163 wowl->flags |= WIPHY_WOWLAN_NET_DETECT;
7164 wowl->max_nd_match_sets = BRCMF_PNO_MAX_PFN_COUNT;
7165 init_waitqueue_head(&cfg->wowl.nd_data_wait);
7168 if (brcmf_feat_is_enabled(ifp, BRCMF_FEAT_WOWL_GTK)) {
7169 wowl->flags |= WIPHY_WOWLAN_SUPPORTS_GTK_REKEY;
7170 wowl->flags |= WIPHY_WOWLAN_GTK_REKEY_FAILURE;
7173 wiphy->wowlan = wowl;
7177 static int brcmf_setup_wiphy(struct wiphy *wiphy, struct brcmf_if *ifp)
7179 struct brcmf_pub *drvr = ifp->drvr;
7180 const struct ieee80211_iface_combination *combo;
7181 struct ieee80211_supported_band *band;
7182 u16 max_interfaces = 0;
7188 wiphy->max_scan_ssids = WL_NUM_SCAN_MAX;
7189 wiphy->max_scan_ie_len = BRCMF_SCAN_IE_LEN_MAX;
7190 wiphy->max_num_pmkids = BRCMF_MAXPMKID;
7192 err = brcmf_setup_ifmodes(wiphy, ifp);
7196 for (i = 0, combo = wiphy->iface_combinations;
7197 i < wiphy->n_iface_combinations; i++, combo++) {
7198 max_interfaces = max(max_interfaces, combo->max_interfaces);
7201 for (i = 0; i < max_interfaces && i < ARRAY_SIZE(drvr->addresses);
7203 u8 *addr = drvr->addresses[i].addr;
7205 memcpy(addr, drvr->mac, ETH_ALEN);
7208 addr[ETH_ALEN - 1] ^= i;
7211 wiphy->addresses = drvr->addresses;
7212 wiphy->n_addresses = i;
7214 wiphy->signal_type = CFG80211_SIGNAL_TYPE_MBM;
7215 wiphy->cipher_suites = brcmf_cipher_suites;
7216 wiphy->n_cipher_suites = ARRAY_SIZE(brcmf_cipher_suites);
7217 if (!brcmf_feat_is_enabled(ifp, BRCMF_FEAT_MFP))
7218 wiphy->n_cipher_suites--;
7219 wiphy->bss_select_support = BIT(NL80211_BSS_SELECT_ATTR_RSSI) |
7220 BIT(NL80211_BSS_SELECT_ATTR_BAND_PREF) |
7221 BIT(NL80211_BSS_SELECT_ATTR_RSSI_ADJUST);
7223 wiphy->flags |= WIPHY_FLAG_NETNS_OK |
7224 WIPHY_FLAG_PS_ON_BY_DEFAULT |
7225 WIPHY_FLAG_HAVE_AP_SME |
7226 WIPHY_FLAG_OFFCHAN_TX |
7227 WIPHY_FLAG_HAS_REMAIN_ON_CHANNEL;
7228 if (brcmf_feat_is_enabled(ifp, BRCMF_FEAT_TDLS))
7229 wiphy->flags |= WIPHY_FLAG_SUPPORTS_TDLS;
7230 if (!ifp->drvr->settings->roamoff)
7231 wiphy->flags |= WIPHY_FLAG_SUPPORTS_FW_ROAM;
7232 if (brcmf_feat_is_enabled(ifp, BRCMF_FEAT_FWSUP)) {
7233 wiphy_ext_feature_set(wiphy,
7234 NL80211_EXT_FEATURE_4WAY_HANDSHAKE_STA_PSK);
7235 wiphy_ext_feature_set(wiphy,
7236 NL80211_EXT_FEATURE_4WAY_HANDSHAKE_STA_1X);
7237 if (brcmf_feat_is_enabled(ifp, BRCMF_FEAT_SAE))
7238 wiphy_ext_feature_set(wiphy,
7239 NL80211_EXT_FEATURE_SAE_OFFLOAD);
7241 if (brcmf_feat_is_enabled(ifp, BRCMF_FEAT_FWAUTH)) {
7242 wiphy_ext_feature_set(wiphy,
7243 NL80211_EXT_FEATURE_4WAY_HANDSHAKE_AP_PSK);
7244 if (brcmf_feat_is_enabled(ifp, BRCMF_FEAT_SAE))
7245 wiphy_ext_feature_set(wiphy,
7246 NL80211_EXT_FEATURE_SAE_OFFLOAD_AP);
7248 wiphy->mgmt_stypes = brcmf_txrx_stypes;
7249 wiphy->max_remain_on_channel_duration = 5000;
7250 if (brcmf_feat_is_enabled(ifp, BRCMF_FEAT_PNO)) {
7251 gscan = brcmf_feat_is_enabled(ifp, BRCMF_FEAT_GSCAN);
7252 brcmf_pno_wiphy_params(wiphy, gscan);
7254 /* vendor commands/events support */
7255 wiphy->vendor_commands = brcmf_vendor_cmds;
7256 wiphy->n_vendor_commands = BRCMF_VNDR_CMDS_LAST - 1;
7258 if (brcmf_feat_is_enabled(ifp, BRCMF_FEAT_WOWL))
7259 brcmf_wiphy_wowl_params(wiphy, ifp);
7260 err = brcmf_fil_cmd_data_get(ifp, BRCMF_C_GET_BANDLIST, &bandlist,
7263 bphy_err(drvr, "could not obtain band info: err=%d\n", err);
7266 /* first entry in bandlist is number of bands */
7267 n_bands = le32_to_cpu(bandlist[0]);
7268 for (i = 1; i <= n_bands && i < ARRAY_SIZE(bandlist); i++) {
7269 if (bandlist[i] == cpu_to_le32(WLC_BAND_2G)) {
7270 band = kmemdup(&__wl_band_2ghz, sizeof(__wl_band_2ghz),
7275 band->channels = kmemdup(&__wl_2ghz_channels,
7276 sizeof(__wl_2ghz_channels),
7278 if (!band->channels) {
7283 band->n_channels = ARRAY_SIZE(__wl_2ghz_channels);
7284 wiphy->bands[NL80211_BAND_2GHZ] = band;
7286 if (bandlist[i] == cpu_to_le32(WLC_BAND_5G)) {
7287 band = kmemdup(&__wl_band_5ghz, sizeof(__wl_band_5ghz),
7292 band->channels = kmemdup(&__wl_5ghz_channels,
7293 sizeof(__wl_5ghz_channels),
7295 if (!band->channels) {
7300 band->n_channels = ARRAY_SIZE(__wl_5ghz_channels);
7301 wiphy->bands[NL80211_BAND_5GHZ] = band;
7305 if (wiphy->bands[NL80211_BAND_5GHZ] &&
7306 brcmf_feat_is_enabled(ifp, BRCMF_FEAT_DOT11H))
7307 wiphy_ext_feature_set(wiphy,
7308 NL80211_EXT_FEATURE_DFS_OFFLOAD);
7310 wiphy_ext_feature_set(wiphy, NL80211_EXT_FEATURE_CQM_RSSI_LIST);
7312 wiphy_read_of_freq_limits(wiphy);
7317 static s32 brcmf_config_dongle(struct brcmf_cfg80211_info *cfg)
7319 struct brcmf_pub *drvr = cfg->pub;
7320 struct net_device *ndev;
7321 struct wireless_dev *wdev;
7322 struct brcmf_if *ifp;
7329 ndev = cfg_to_ndev(cfg);
7330 wdev = ndev->ieee80211_ptr;
7331 ifp = netdev_priv(ndev);
7333 /* make sure RF is ready for work */
7334 brcmf_fil_cmd_int_set(ifp, BRCMF_C_UP, 0);
7336 brcmf_dongle_scantime(ifp);
7338 power_mode = cfg->pwr_save ? PM_FAST : PM_OFF;
7339 err = brcmf_fil_cmd_int_set(ifp, BRCMF_C_SET_PM, power_mode);
7341 goto default_conf_out;
7342 brcmf_dbg(INFO, "power save set to %s\n",
7343 (power_mode ? "enabled" : "disabled"));
7345 err = brcmf_dongle_roam(ifp);
7347 goto default_conf_out;
7348 err = brcmf_cfg80211_change_iface(wdev->wiphy, ndev, wdev->iftype,
7351 goto default_conf_out;
7353 brcmf_configure_arp_nd_offload(ifp, true);
7355 err = brcmf_fil_cmd_int_set(ifp, BRCMF_C_SET_FAKEFRAG, 1);
7357 bphy_err(drvr, "failed to set frameburst mode\n");
7358 goto default_conf_out;
7361 cfg->dongle_up = true;
7368 static s32 __brcmf_cfg80211_up(struct brcmf_if *ifp)
7370 set_bit(BRCMF_VIF_STATUS_READY, &ifp->vif->sme_state);
7372 return brcmf_config_dongle(ifp->drvr->config);
7375 static s32 __brcmf_cfg80211_down(struct brcmf_if *ifp)
7377 struct brcmf_cfg80211_info *cfg = ifp->drvr->config;
7380 * While going down, if associated with AP disassociate
7381 * from AP to save power
7383 if (check_vif_up(ifp->vif)) {
7384 brcmf_link_down(ifp->vif, WLAN_REASON_UNSPECIFIED, true);
7386 /* Make sure WPA_Supplicant receives all the event
7387 generated due to DISASSOC call to the fw to keep
7388 the state fw and WPA_Supplicant state consistent
7393 brcmf_abort_scanning(cfg);
7394 clear_bit(BRCMF_VIF_STATUS_READY, &ifp->vif->sme_state);
7399 s32 brcmf_cfg80211_up(struct net_device *ndev)
7401 struct brcmf_if *ifp = netdev_priv(ndev);
7402 struct brcmf_cfg80211_info *cfg = ifp->drvr->config;
7405 mutex_lock(&cfg->usr_sync);
7406 err = __brcmf_cfg80211_up(ifp);
7407 mutex_unlock(&cfg->usr_sync);
7412 s32 brcmf_cfg80211_down(struct net_device *ndev)
7414 struct brcmf_if *ifp = netdev_priv(ndev);
7415 struct brcmf_cfg80211_info *cfg = ifp->drvr->config;
7418 mutex_lock(&cfg->usr_sync);
7419 err = __brcmf_cfg80211_down(ifp);
7420 mutex_unlock(&cfg->usr_sync);
7425 enum nl80211_iftype brcmf_cfg80211_get_iftype(struct brcmf_if *ifp)
7427 struct wireless_dev *wdev = &ifp->vif->wdev;
7429 return wdev->iftype;
7432 bool brcmf_get_vif_state_any(struct brcmf_cfg80211_info *cfg,
7433 unsigned long state)
7435 struct brcmf_cfg80211_vif *vif;
7437 list_for_each_entry(vif, &cfg->vif_list, list) {
7438 if (test_bit(state, &vif->sme_state))
7444 static inline bool vif_event_equals(struct brcmf_cfg80211_vif_event *event,
7449 spin_lock(&event->vif_event_lock);
7450 evt_action = event->action;
7451 spin_unlock(&event->vif_event_lock);
7452 return evt_action == action;
7455 void brcmf_cfg80211_arm_vif_event(struct brcmf_cfg80211_info *cfg,
7456 struct brcmf_cfg80211_vif *vif)
7458 struct brcmf_cfg80211_vif_event *event = &cfg->vif_event;
7460 spin_lock(&event->vif_event_lock);
7463 spin_unlock(&event->vif_event_lock);
7466 bool brcmf_cfg80211_vif_event_armed(struct brcmf_cfg80211_info *cfg)
7468 struct brcmf_cfg80211_vif_event *event = &cfg->vif_event;
7471 spin_lock(&event->vif_event_lock);
7472 armed = event->vif != NULL;
7473 spin_unlock(&event->vif_event_lock);
7478 int brcmf_cfg80211_wait_vif_event(struct brcmf_cfg80211_info *cfg,
7479 u8 action, ulong timeout)
7481 struct brcmf_cfg80211_vif_event *event = &cfg->vif_event;
7483 return wait_event_timeout(event->vif_wq,
7484 vif_event_equals(event, action), timeout);
7487 static bool brmcf_use_iso3166_ccode_fallback(struct brcmf_pub *drvr)
7489 if (drvr->settings->trivial_ccode_map)
7492 switch (drvr->bus_if->chip) {
7493 case BRCM_CC_4345_CHIP_ID:
7494 case BRCM_CC_43602_CHIP_ID:
7501 static s32 brcmf_translate_country_code(struct brcmf_pub *drvr, char alpha2[2],
7502 struct brcmf_fil_country_le *ccreq)
7504 struct brcmfmac_pd_cc *country_codes;
7505 struct brcmfmac_pd_cc_entry *cc;
7509 if ((alpha2[0] == ccreq->country_abbrev[0]) &&
7510 (alpha2[1] == ccreq->country_abbrev[1])) {
7511 brcmf_dbg(TRACE, "Country code already set\n");
7515 country_codes = drvr->settings->country_codes;
7516 if (!country_codes) {
7517 if (brmcf_use_iso3166_ccode_fallback(drvr)) {
7518 brcmf_dbg(TRACE, "No country codes configured for device, using ISO3166 code and 0 rev\n");
7519 memset(ccreq, 0, sizeof(*ccreq));
7520 ccreq->country_abbrev[0] = alpha2[0];
7521 ccreq->country_abbrev[1] = alpha2[1];
7522 ccreq->ccode[0] = alpha2[0];
7523 ccreq->ccode[1] = alpha2[1];
7527 brcmf_dbg(TRACE, "No country codes configured for device\n");
7532 for (i = 0; i < country_codes->table_size; i++) {
7533 cc = &country_codes->table[i];
7534 if ((cc->iso3166[0] == '\0') && (found_index == -1))
7536 if ((cc->iso3166[0] == alpha2[0]) &&
7537 (cc->iso3166[1] == alpha2[1])) {
7542 if (found_index == -1) {
7543 brcmf_dbg(TRACE, "No country code match found\n");
7546 memset(ccreq, 0, sizeof(*ccreq));
7547 ccreq->rev = cpu_to_le32(country_codes->table[found_index].rev);
7548 memcpy(ccreq->ccode, country_codes->table[found_index].cc,
7549 BRCMF_COUNTRY_BUF_SZ);
7550 ccreq->country_abbrev[0] = alpha2[0];
7551 ccreq->country_abbrev[1] = alpha2[1];
7552 ccreq->country_abbrev[2] = 0;
7557 static void brcmf_cfg80211_reg_notifier(struct wiphy *wiphy,
7558 struct regulatory_request *req)
7560 struct brcmf_cfg80211_info *cfg = wiphy_to_cfg(wiphy);
7561 struct brcmf_if *ifp = brcmf_get_ifp(cfg->pub, 0);
7562 struct brcmf_pub *drvr = cfg->pub;
7563 struct brcmf_fil_country_le ccreq;
7567 /* The country code gets set to "00" by default at boot, ignore */
7568 if (req->alpha2[0] == '0' && req->alpha2[1] == '0')
7571 /* ignore non-ISO3166 country codes */
7572 for (i = 0; i < 2; i++)
7573 if (req->alpha2[i] < 'A' || req->alpha2[i] > 'Z') {
7574 bphy_err(drvr, "not an ISO3166 code (0x%02x 0x%02x)\n",
7575 req->alpha2[0], req->alpha2[1]);
7579 brcmf_dbg(TRACE, "Enter: initiator=%d, alpha=%c%c\n", req->initiator,
7580 req->alpha2[0], req->alpha2[1]);
7582 err = brcmf_fil_iovar_data_get(ifp, "country", &ccreq, sizeof(ccreq));
7584 bphy_err(drvr, "Country code iovar returned err = %d\n", err);
7588 err = brcmf_translate_country_code(ifp->drvr, req->alpha2, &ccreq);
7592 err = brcmf_fil_iovar_data_set(ifp, "country", &ccreq, sizeof(ccreq));
7594 bphy_err(drvr, "Firmware rejected country setting\n");
7597 brcmf_setup_wiphybands(cfg);
7600 static void brcmf_free_wiphy(struct wiphy *wiphy)
7607 if (wiphy->iface_combinations) {
7608 for (i = 0; i < wiphy->n_iface_combinations; i++)
7609 kfree(wiphy->iface_combinations[i].limits);
7611 kfree(wiphy->iface_combinations);
7612 if (wiphy->bands[NL80211_BAND_2GHZ]) {
7613 kfree(wiphy->bands[NL80211_BAND_2GHZ]->channels);
7614 kfree(wiphy->bands[NL80211_BAND_2GHZ]);
7616 if (wiphy->bands[NL80211_BAND_5GHZ]) {
7617 kfree(wiphy->bands[NL80211_BAND_5GHZ]->channels);
7618 kfree(wiphy->bands[NL80211_BAND_5GHZ]);
7620 #if IS_ENABLED(CONFIG_PM)
7621 if (wiphy->wowlan != &brcmf_wowlan_support)
7622 kfree(wiphy->wowlan);
7626 struct brcmf_cfg80211_info *brcmf_cfg80211_attach(struct brcmf_pub *drvr,
7627 struct cfg80211_ops *ops,
7630 struct wiphy *wiphy = drvr->wiphy;
7631 struct net_device *ndev = brcmf_get_ifp(drvr, 0)->ndev;
7632 struct brcmf_cfg80211_info *cfg;
7633 struct brcmf_cfg80211_vif *vif;
7634 struct brcmf_if *ifp;
7640 bphy_err(drvr, "ndev is invalid\n");
7644 cfg = kzalloc(sizeof(*cfg), GFP_KERNEL);
7646 bphy_err(drvr, "Could not allocate wiphy device\n");
7652 init_vif_event(&cfg->vif_event);
7653 INIT_LIST_HEAD(&cfg->vif_list);
7655 vif = brcmf_alloc_vif(cfg, NL80211_IFTYPE_STATION);
7659 ifp = netdev_priv(ndev);
7661 vif->wdev.netdev = ndev;
7662 ndev->ieee80211_ptr = &vif->wdev;
7663 SET_NETDEV_DEV(ndev, wiphy_dev(cfg->wiphy));
7665 err = wl_init_priv(cfg);
7667 bphy_err(drvr, "Failed to init iwm_priv (%d)\n", err);
7668 brcmf_free_vif(vif);
7673 /* determine d11 io type before wiphy setup */
7674 err = brcmf_fil_cmd_int_get(ifp, BRCMF_C_GET_VERSION, &io_type);
7676 bphy_err(drvr, "Failed to get D11 version (%d)\n", err);
7679 cfg->d11inf.io_type = (u8)io_type;
7680 brcmu_d11_attach(&cfg->d11inf);
7682 /* regulatory notifer below needs access to cfg so
7687 err = brcmf_setup_wiphy(wiphy, ifp);
7691 brcmf_dbg(INFO, "Registering custom regulatory\n");
7692 wiphy->reg_notifier = brcmf_cfg80211_reg_notifier;
7693 wiphy->regulatory_flags |= REGULATORY_CUSTOM_REG;
7694 wiphy_apply_custom_regulatory(wiphy, &brcmf_regdom);
7696 /* firmware defaults to 40MHz disabled in 2G band. We signal
7697 * cfg80211 here that we do and have it decide we can enable
7698 * it. But first check if device does support 2G operation.
7700 if (wiphy->bands[NL80211_BAND_2GHZ]) {
7701 cap = &wiphy->bands[NL80211_BAND_2GHZ]->ht_cap.cap;
7702 *cap |= IEEE80211_HT_CAP_SUP_WIDTH_20_40;
7705 if (brcmf_feat_is_enabled(ifp, BRCMF_FEAT_WOWL_GTK))
7706 ops->set_rekey_data = brcmf_cfg80211_set_rekey_data;
7708 err = wiphy_register(wiphy);
7710 bphy_err(drvr, "Could not register wiphy device (%d)\n", err);
7714 err = brcmf_setup_wiphybands(cfg);
7716 bphy_err(drvr, "Setting wiphy bands failed (%d)\n", err);
7717 goto wiphy_unreg_out;
7720 /* If cfg80211 didn't disable 40MHz HT CAP in wiphy_register(),
7721 * setup 40MHz in 2GHz band and enable OBSS scanning.
7723 if (cap && (*cap & IEEE80211_HT_CAP_SUP_WIDTH_20_40)) {
7724 err = brcmf_enable_bw40_2g(cfg);
7726 err = brcmf_fil_iovar_int_set(ifp, "obss_coex",
7727 BRCMF_OBSS_COEX_AUTO);
7729 *cap &= ~IEEE80211_HT_CAP_SUP_WIDTH_20_40;
7732 err = brcmf_fweh_activate_events(ifp);
7734 bphy_err(drvr, "FWEH activation failed (%d)\n", err);
7735 goto wiphy_unreg_out;
7738 err = brcmf_p2p_attach(cfg, p2pdev_forced);
7740 bphy_err(drvr, "P2P initialisation failed (%d)\n", err);
7741 goto wiphy_unreg_out;
7743 err = brcmf_btcoex_attach(cfg);
7745 bphy_err(drvr, "BT-coex initialisation failed (%d)\n", err);
7746 brcmf_p2p_detach(&cfg->p2p);
7747 goto wiphy_unreg_out;
7749 err = brcmf_pno_attach(cfg);
7751 bphy_err(drvr, "PNO initialisation failed (%d)\n", err);
7752 brcmf_btcoex_detach(cfg);
7753 brcmf_p2p_detach(&cfg->p2p);
7754 goto wiphy_unreg_out;
7757 if (brcmf_feat_is_enabled(ifp, BRCMF_FEAT_TDLS)) {
7758 err = brcmf_fil_iovar_int_set(ifp, "tdls_enable", 1);
7760 brcmf_dbg(INFO, "TDLS not enabled (%d)\n", err);
7761 wiphy->flags &= ~WIPHY_FLAG_SUPPORTS_TDLS;
7763 brcmf_fweh_register(cfg->pub, BRCMF_E_TDLS_PEER_EVENT,
7764 brcmf_notify_tdls_peer_event);
7768 /* (re-) activate FWEH event handling */
7769 err = brcmf_fweh_activate_events(ifp);
7771 bphy_err(drvr, "FWEH activation failed (%d)\n", err);
7775 /* Fill in some of the advertised nl80211 supported features */
7776 if (brcmf_feat_is_enabled(ifp, BRCMF_FEAT_SCAN_RANDOM_MAC)) {
7777 wiphy->features |= NL80211_FEATURE_SCHED_SCAN_RANDOM_MAC_ADDR;
7779 if (wiphy->wowlan &&
7780 wiphy->wowlan->flags & WIPHY_WOWLAN_NET_DETECT)
7781 wiphy->features |= NL80211_FEATURE_ND_RANDOM_MAC_ADDR;
7788 brcmf_pno_detach(cfg);
7789 brcmf_btcoex_detach(cfg);
7790 brcmf_p2p_detach(&cfg->p2p);
7792 wiphy_unregister(cfg->wiphy);
7794 wl_deinit_priv(cfg);
7795 brcmf_free_vif(vif);
7798 brcmf_free_wiphy(wiphy);
7803 void brcmf_cfg80211_detach(struct brcmf_cfg80211_info *cfg)
7808 brcmf_pno_detach(cfg);
7809 brcmf_btcoex_detach(cfg);
7810 wiphy_unregister(cfg->wiphy);
7811 wl_deinit_priv(cfg);
7812 brcmf_free_wiphy(cfg->wiphy);
projects / linux-block.git / blob