2 * Copyright (c) 2010 Broadcom Corporation
4 * Permission to use, copy, modify, and/or distribute this software for any
5 * purpose with or without fee is hereby granted, provided that the above
6 * copyright notice and this permission notice appear in all copies.
8 * THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES
9 * WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF
10 * MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR ANY
11 * SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES
12 * WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN ACTION
13 * OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF OR IN
14 * CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE.
17 /* Toplevel file. Relies on dhd_linux.c to send commands to the dongle. */
19 #include <linux/kernel.h>
20 #include <linux/etherdevice.h>
21 #include <linux/module.h>
22 #include <linux/vmalloc.h>
23 #include <net/cfg80211.h>
24 #include <net/netlink.h>
26 #include <brcmu_utils.h>
28 #include <brcmu_wifi.h>
31 #include "tracepoint.h"
32 #include "fwil_types.h"
44 #define BRCMF_SCAN_IE_LEN_MAX 2048
46 #define WPA_OUI "\x00\x50\xF2" /* WPA OUI */
47 #define WPA_OUI_TYPE 1
48 #define RSN_OUI "\x00\x0F\xAC" /* RSN OUI */
49 #define WME_OUI_TYPE 2
50 #define WPS_OUI_TYPE 4
52 #define VS_IE_FIXED_HDR_LEN 6
53 #define WPA_IE_VERSION_LEN 2
54 #define WPA_IE_MIN_OUI_LEN 4
55 #define WPA_IE_SUITE_COUNT_LEN 2
57 #define WPA_CIPHER_NONE 0 /* None */
58 #define WPA_CIPHER_WEP_40 1 /* WEP (40-bit) */
59 #define WPA_CIPHER_TKIP 2 /* TKIP: default for WPA */
60 #define WPA_CIPHER_AES_CCM 4 /* AES (CCM) */
61 #define WPA_CIPHER_WEP_104 5 /* WEP (104-bit) */
63 #define RSN_AKM_NONE 0 /* None (IBSS) */
64 #define RSN_AKM_UNSPECIFIED 1 /* Over 802.1x */
65 #define RSN_AKM_PSK 2 /* Pre-shared Key */
66 #define RSN_AKM_SHA256_1X 5 /* SHA256, 802.1X */
67 #define RSN_AKM_SHA256_PSK 6 /* SHA256, Pre-shared Key */
68 #define RSN_CAP_LEN 2 /* Length of RSN capabilities */
69 #define RSN_CAP_PTK_REPLAY_CNTR_MASK (BIT(2) | BIT(3))
70 #define RSN_CAP_MFPR_MASK BIT(6)
71 #define RSN_CAP_MFPC_MASK BIT(7)
72 #define RSN_PMKID_COUNT_LEN 2
74 #define VNDR_IE_CMD_LEN 4 /* length of the set command
75 * string :"add", "del" (+ NUL)
77 #define VNDR_IE_COUNT_OFFSET 4
78 #define VNDR_IE_PKTFLAG_OFFSET 8
79 #define VNDR_IE_VSIE_OFFSET 12
80 #define VNDR_IE_HDR_SIZE 12
81 #define VNDR_IE_PARSE_LIMIT 5
83 #define DOT11_MGMT_HDR_LEN 24 /* d11 management header len */
84 #define DOT11_BCN_PRB_FIXED_LEN 12 /* beacon/probe fixed length */
86 #define BRCMF_SCAN_JOIN_ACTIVE_DWELL_TIME_MS 320
87 #define BRCMF_SCAN_JOIN_PASSIVE_DWELL_TIME_MS 400
88 #define BRCMF_SCAN_JOIN_PROBE_INTERVAL_MS 20
90 #define BRCMF_SCAN_CHANNEL_TIME 40
91 #define BRCMF_SCAN_UNASSOC_TIME 40
92 #define BRCMF_SCAN_PASSIVE_TIME 120
94 #define BRCMF_ND_INFO_TIMEOUT msecs_to_jiffies(2000)
96 #define BRCMF_ASSOC_PARAMS_FIXED_SIZE \
97 (sizeof(struct brcmf_assoc_params_le) - sizeof(u16))
99 static bool check_vif_up(struct brcmf_cfg80211_vif *vif)
101 if (!test_bit(BRCMF_VIF_STATUS_READY, &vif->sme_state)) {
102 brcmf_dbg(INFO, "device is not ready : status (%lu)\n",
109 #define RATE_TO_BASE100KBPS(rate) (((rate) * 10) / 2)
110 #define RATETAB_ENT(_rateid, _flags) \
112 .bitrate = RATE_TO_BASE100KBPS(_rateid), \
113 .hw_value = (_rateid), \
117 static struct ieee80211_rate __wl_rates[] = {
118 RATETAB_ENT(BRCM_RATE_1M, 0),
119 RATETAB_ENT(BRCM_RATE_2M, IEEE80211_RATE_SHORT_PREAMBLE),
120 RATETAB_ENT(BRCM_RATE_5M5, IEEE80211_RATE_SHORT_PREAMBLE),
121 RATETAB_ENT(BRCM_RATE_11M, IEEE80211_RATE_SHORT_PREAMBLE),
122 RATETAB_ENT(BRCM_RATE_6M, 0),
123 RATETAB_ENT(BRCM_RATE_9M, 0),
124 RATETAB_ENT(BRCM_RATE_12M, 0),
125 RATETAB_ENT(BRCM_RATE_18M, 0),
126 RATETAB_ENT(BRCM_RATE_24M, 0),
127 RATETAB_ENT(BRCM_RATE_36M, 0),
128 RATETAB_ENT(BRCM_RATE_48M, 0),
129 RATETAB_ENT(BRCM_RATE_54M, 0),
132 #define wl_g_rates (__wl_rates + 0)
133 #define wl_g_rates_size ARRAY_SIZE(__wl_rates)
134 #define wl_a_rates (__wl_rates + 4)
135 #define wl_a_rates_size (wl_g_rates_size - 4)
137 #define CHAN2G(_channel, _freq) { \
138 .band = NL80211_BAND_2GHZ, \
139 .center_freq = (_freq), \
140 .hw_value = (_channel), \
141 .max_antenna_gain = 0, \
145 #define CHAN5G(_channel) { \
146 .band = NL80211_BAND_5GHZ, \
147 .center_freq = 5000 + (5 * (_channel)), \
148 .hw_value = (_channel), \
149 .max_antenna_gain = 0, \
153 static struct ieee80211_channel __wl_2ghz_channels[] = {
154 CHAN2G(1, 2412), CHAN2G(2, 2417), CHAN2G(3, 2422), CHAN2G(4, 2427),
155 CHAN2G(5, 2432), CHAN2G(6, 2437), CHAN2G(7, 2442), CHAN2G(8, 2447),
156 CHAN2G(9, 2452), CHAN2G(10, 2457), CHAN2G(11, 2462), CHAN2G(12, 2467),
157 CHAN2G(13, 2472), CHAN2G(14, 2484)
160 static struct ieee80211_channel __wl_5ghz_channels[] = {
161 CHAN5G(34), CHAN5G(36), CHAN5G(38), CHAN5G(40), CHAN5G(42),
162 CHAN5G(44), CHAN5G(46), CHAN5G(48), CHAN5G(52), CHAN5G(56),
163 CHAN5G(60), CHAN5G(64), CHAN5G(100), CHAN5G(104), CHAN5G(108),
164 CHAN5G(112), CHAN5G(116), CHAN5G(120), CHAN5G(124), CHAN5G(128),
165 CHAN5G(132), CHAN5G(136), CHAN5G(140), CHAN5G(144), CHAN5G(149),
166 CHAN5G(153), CHAN5G(157), CHAN5G(161), CHAN5G(165)
169 /* Band templates duplicated per wiphy. The channel info
170 * above is added to the band during setup.
172 static const struct ieee80211_supported_band __wl_band_2ghz = {
173 .band = NL80211_BAND_2GHZ,
174 .bitrates = wl_g_rates,
175 .n_bitrates = wl_g_rates_size,
178 static const struct ieee80211_supported_band __wl_band_5ghz = {
179 .band = NL80211_BAND_5GHZ,
180 .bitrates = wl_a_rates,
181 .n_bitrates = wl_a_rates_size,
184 /* This is to override regulatory domains defined in cfg80211 module (reg.c)
185 * By default world regulatory domain defined in reg.c puts the flags
186 * NL80211_RRF_NO_IR for 5GHz channels (for * 36..48 and 149..165).
187 * With respect to these flags, wpa_supplicant doesn't * start p2p
188 * operations on 5GHz channels. All the changes in world regulatory
189 * domain are to be done here.
191 static const struct ieee80211_regdomain brcmf_regdom = {
195 /* IEEE 802.11b/g, channels 1..11 */
196 REG_RULE(2412-10, 2472+10, 40, 6, 20, 0),
198 /* IEEE 802.11 channel 14 - Only JP enables
199 * this and for 802.11b only
201 REG_RULE(2484-10, 2484+10, 20, 6, 20, 0),
202 /* IEEE 802.11a, channel 36..64 */
203 REG_RULE(5150-10, 5350+10, 80, 6, 20, 0),
204 /* IEEE 802.11a, channel 100..165 */
205 REG_RULE(5470-10, 5850+10, 80, 6, 20, 0), }
208 /* Note: brcmf_cipher_suites is an array of int defining which cipher suites
209 * are supported. A pointer to this array and the number of entries is passed
210 * on to upper layers. AES_CMAC defines whether or not the driver supports MFP.
211 * So the cipher suite AES_CMAC has to be the last one in the array, and when
212 * device does not support MFP then the number of suites will be decreased by 1
214 static const u32 brcmf_cipher_suites[] = {
215 WLAN_CIPHER_SUITE_WEP40,
216 WLAN_CIPHER_SUITE_WEP104,
217 WLAN_CIPHER_SUITE_TKIP,
218 WLAN_CIPHER_SUITE_CCMP,
219 /* Keep as last entry: */
220 WLAN_CIPHER_SUITE_AES_CMAC
223 /* Vendor specific ie. id = 221, oui and type defines exact ie */
224 struct brcmf_vs_tlv {
231 struct parsed_vndr_ie_info {
233 u32 ie_len; /* total length including id & length field */
234 struct brcmf_vs_tlv vndrie;
237 struct parsed_vndr_ies {
239 struct parsed_vndr_ie_info ie_info[VNDR_IE_PARSE_LIMIT];
242 static u8 nl80211_band_to_fwil(enum nl80211_band band)
245 case NL80211_BAND_2GHZ:
247 case NL80211_BAND_5GHZ:
256 static u16 chandef_to_chanspec(struct brcmu_d11inf *d11inf,
257 struct cfg80211_chan_def *ch)
259 struct brcmu_chan ch_inf;
262 brcmf_dbg(TRACE, "chandef: control %d center %d width %d\n",
263 ch->chan->center_freq, ch->center_freq1, ch->width);
264 ch_inf.chnum = ieee80211_frequency_to_channel(ch->center_freq1);
265 primary_offset = ch->chan->center_freq - ch->center_freq1;
267 case NL80211_CHAN_WIDTH_20:
268 case NL80211_CHAN_WIDTH_20_NOHT:
269 ch_inf.bw = BRCMU_CHAN_BW_20;
270 WARN_ON(primary_offset != 0);
272 case NL80211_CHAN_WIDTH_40:
273 ch_inf.bw = BRCMU_CHAN_BW_40;
274 if (primary_offset > 0)
275 ch_inf.sb = BRCMU_CHAN_SB_U;
277 ch_inf.sb = BRCMU_CHAN_SB_L;
279 case NL80211_CHAN_WIDTH_80:
280 ch_inf.bw = BRCMU_CHAN_BW_80;
281 if (primary_offset == -30)
282 ch_inf.sb = BRCMU_CHAN_SB_LL;
283 else if (primary_offset == -10)
284 ch_inf.sb = BRCMU_CHAN_SB_LU;
285 else if (primary_offset == 10)
286 ch_inf.sb = BRCMU_CHAN_SB_UL;
288 ch_inf.sb = BRCMU_CHAN_SB_UU;
290 case NL80211_CHAN_WIDTH_80P80:
291 case NL80211_CHAN_WIDTH_160:
292 case NL80211_CHAN_WIDTH_5:
293 case NL80211_CHAN_WIDTH_10:
297 switch (ch->chan->band) {
298 case NL80211_BAND_2GHZ:
299 ch_inf.band = BRCMU_CHAN_BAND_2G;
301 case NL80211_BAND_5GHZ:
302 ch_inf.band = BRCMU_CHAN_BAND_5G;
304 case NL80211_BAND_60GHZ:
308 d11inf->encchspec(&ch_inf);
310 return ch_inf.chspec;
313 u16 channel_to_chanspec(struct brcmu_d11inf *d11inf,
314 struct ieee80211_channel *ch)
316 struct brcmu_chan ch_inf;
318 ch_inf.chnum = ieee80211_frequency_to_channel(ch->center_freq);
319 ch_inf.bw = BRCMU_CHAN_BW_20;
320 d11inf->encchspec(&ch_inf);
322 return ch_inf.chspec;
325 /* Traverse a string of 1-byte tag/1-byte length/variable-length value
326 * triples, returning a pointer to the substring whose first element
329 static const struct brcmf_tlv *
330 brcmf_parse_tlvs(const void *buf, int buflen, uint key)
332 const struct brcmf_tlv *elt = buf;
335 /* find tagged parameter */
336 while (totlen >= TLV_HDR_LEN) {
339 /* validate remaining totlen */
340 if ((elt->id == key) && (totlen >= (len + TLV_HDR_LEN)))
343 elt = (struct brcmf_tlv *)((u8 *)elt + (len + TLV_HDR_LEN));
344 totlen -= (len + TLV_HDR_LEN);
350 /* Is any of the tlvs the expected entry? If
351 * not update the tlvs buffer pointer/length.
354 brcmf_tlv_has_ie(const u8 *ie, const u8 **tlvs, u32 *tlvs_len,
355 const u8 *oui, u32 oui_len, u8 type)
357 /* If the contents match the OUI and the type */
358 if (ie[TLV_LEN_OFF] >= oui_len + 1 &&
359 !memcmp(&ie[TLV_BODY_OFF], oui, oui_len) &&
360 type == ie[TLV_BODY_OFF + oui_len]) {
366 /* point to the next ie */
367 ie += ie[TLV_LEN_OFF] + TLV_HDR_LEN;
368 /* calculate the length of the rest of the buffer */
369 *tlvs_len -= (int)(ie - *tlvs);
370 /* update the pointer to the start of the buffer */
376 static struct brcmf_vs_tlv *
377 brcmf_find_wpaie(const u8 *parse, u32 len)
379 const struct brcmf_tlv *ie;
381 while ((ie = brcmf_parse_tlvs(parse, len, WLAN_EID_VENDOR_SPECIFIC))) {
382 if (brcmf_tlv_has_ie((const u8 *)ie, &parse, &len,
383 WPA_OUI, TLV_OUI_LEN, WPA_OUI_TYPE))
384 return (struct brcmf_vs_tlv *)ie;
389 static struct brcmf_vs_tlv *
390 brcmf_find_wpsie(const u8 *parse, u32 len)
392 const struct brcmf_tlv *ie;
394 while ((ie = brcmf_parse_tlvs(parse, len, WLAN_EID_VENDOR_SPECIFIC))) {
395 if (brcmf_tlv_has_ie((u8 *)ie, &parse, &len,
396 WPA_OUI, TLV_OUI_LEN, WPS_OUI_TYPE))
397 return (struct brcmf_vs_tlv *)ie;
402 static int brcmf_vif_change_validate(struct brcmf_cfg80211_info *cfg,
403 struct brcmf_cfg80211_vif *vif,
404 enum nl80211_iftype new_type)
406 struct brcmf_cfg80211_vif *pos;
407 bool check_combos = false;
409 struct iface_combination_params params = {
410 .num_different_channels = 1,
413 list_for_each_entry(pos, &cfg->vif_list, list)
415 params.iftype_num[new_type]++;
417 /* concurrent interfaces so need check combinations */
419 params.iftype_num[pos->wdev.iftype]++;
423 ret = cfg80211_check_combinations(cfg->wiphy, ¶ms);
428 static int brcmf_vif_add_validate(struct brcmf_cfg80211_info *cfg,
429 enum nl80211_iftype new_type)
431 struct brcmf_cfg80211_vif *pos;
432 struct iface_combination_params params = {
433 .num_different_channels = 1,
436 list_for_each_entry(pos, &cfg->vif_list, list)
437 params.iftype_num[pos->wdev.iftype]++;
439 params.iftype_num[new_type]++;
440 return cfg80211_check_combinations(cfg->wiphy, ¶ms);
443 static void convert_key_from_CPU(struct brcmf_wsec_key *key,
444 struct brcmf_wsec_key_le *key_le)
446 key_le->index = cpu_to_le32(key->index);
447 key_le->len = cpu_to_le32(key->len);
448 key_le->algo = cpu_to_le32(key->algo);
449 key_le->flags = cpu_to_le32(key->flags);
450 key_le->rxiv.hi = cpu_to_le32(key->rxiv.hi);
451 key_le->rxiv.lo = cpu_to_le16(key->rxiv.lo);
452 key_le->iv_initialized = cpu_to_le32(key->iv_initialized);
453 memcpy(key_le->data, key->data, sizeof(key->data));
454 memcpy(key_le->ea, key->ea, sizeof(key->ea));
458 send_key_to_dongle(struct brcmf_if *ifp, struct brcmf_wsec_key *key)
460 struct brcmf_pub *drvr = ifp->drvr;
462 struct brcmf_wsec_key_le key_le;
464 convert_key_from_CPU(key, &key_le);
466 brcmf_netdev_wait_pend8021x(ifp);
468 err = brcmf_fil_bsscfg_data_set(ifp, "wsec_key", &key_le,
472 bphy_err(drvr, "wsec_key error (%d)\n", err);
477 brcmf_cfg80211_update_proto_addr_mode(struct wireless_dev *wdev)
479 struct brcmf_cfg80211_vif *vif;
480 struct brcmf_if *ifp;
482 vif = container_of(wdev, struct brcmf_cfg80211_vif, wdev);
485 if ((wdev->iftype == NL80211_IFTYPE_ADHOC) ||
486 (wdev->iftype == NL80211_IFTYPE_AP) ||
487 (wdev->iftype == NL80211_IFTYPE_P2P_GO))
488 brcmf_proto_configure_addr_mode(ifp->drvr, ifp->ifidx,
491 brcmf_proto_configure_addr_mode(ifp->drvr, ifp->ifidx,
495 static int brcmf_get_first_free_bsscfgidx(struct brcmf_pub *drvr)
499 for (bsscfgidx = 0; bsscfgidx < BRCMF_MAX_IFS; bsscfgidx++) {
500 /* bsscfgidx 1 is reserved for legacy P2P */
503 if (!drvr->iflist[bsscfgidx])
510 static int brcmf_cfg80211_request_ap_if(struct brcmf_if *ifp)
512 struct brcmf_pub *drvr = ifp->drvr;
513 struct brcmf_mbss_ssid_le mbss_ssid_le;
517 memset(&mbss_ssid_le, 0, sizeof(mbss_ssid_le));
518 bsscfgidx = brcmf_get_first_free_bsscfgidx(ifp->drvr);
522 mbss_ssid_le.bsscfgidx = cpu_to_le32(bsscfgidx);
523 mbss_ssid_le.SSID_len = cpu_to_le32(5);
524 sprintf(mbss_ssid_le.SSID, "ssid%d" , bsscfgidx);
526 err = brcmf_fil_bsscfg_data_set(ifp, "bsscfg:ssid", &mbss_ssid_le,
527 sizeof(mbss_ssid_le));
529 bphy_err(drvr, "setting ssid failed %d\n", err);
535 * brcmf_ap_add_vif() - create a new AP virtual interface for multiple BSS
537 * @wiphy: wiphy device of new interface.
538 * @name: name of the new interface.
539 * @params: contains mac address for AP device.
542 struct wireless_dev *brcmf_ap_add_vif(struct wiphy *wiphy, const char *name,
543 struct vif_params *params)
545 struct brcmf_cfg80211_info *cfg = wiphy_to_cfg(wiphy);
546 struct brcmf_if *ifp = netdev_priv(cfg_to_ndev(cfg));
547 struct brcmf_pub *drvr = cfg->pub;
548 struct brcmf_cfg80211_vif *vif;
551 if (brcmf_cfg80211_vif_event_armed(cfg))
552 return ERR_PTR(-EBUSY);
554 brcmf_dbg(INFO, "Adding vif \"%s\"\n", name);
556 vif = brcmf_alloc_vif(cfg, NL80211_IFTYPE_AP);
558 return (struct wireless_dev *)vif;
560 brcmf_cfg80211_arm_vif_event(cfg, vif);
562 err = brcmf_cfg80211_request_ap_if(ifp);
564 brcmf_cfg80211_arm_vif_event(cfg, NULL);
568 /* wait for firmware event */
569 err = brcmf_cfg80211_wait_vif_event(cfg, BRCMF_E_IF_ADD,
570 BRCMF_VIF_EVENT_TIMEOUT);
571 brcmf_cfg80211_arm_vif_event(cfg, NULL);
573 bphy_err(drvr, "timeout occurred\n");
578 /* interface created in firmware */
581 bphy_err(drvr, "no if pointer provided\n");
586 strncpy(ifp->ndev->name, name, sizeof(ifp->ndev->name) - 1);
587 err = brcmf_net_attach(ifp, true);
589 bphy_err(drvr, "Registering netdevice failed\n");
590 free_netdev(ifp->ndev);
594 return &ifp->vif->wdev;
601 static bool brcmf_is_apmode(struct brcmf_cfg80211_vif *vif)
603 enum nl80211_iftype iftype;
605 iftype = vif->wdev.iftype;
606 return iftype == NL80211_IFTYPE_AP || iftype == NL80211_IFTYPE_P2P_GO;
609 static bool brcmf_is_ibssmode(struct brcmf_cfg80211_vif *vif)
611 return vif->wdev.iftype == NL80211_IFTYPE_ADHOC;
614 static struct wireless_dev *brcmf_cfg80211_add_iface(struct wiphy *wiphy,
616 unsigned char name_assign_type,
617 enum nl80211_iftype type,
618 struct vif_params *params)
620 struct brcmf_cfg80211_info *cfg = wiphy_to_cfg(wiphy);
621 struct brcmf_pub *drvr = cfg->pub;
622 struct wireless_dev *wdev;
625 brcmf_dbg(TRACE, "enter: %s type %d\n", name, type);
626 err = brcmf_vif_add_validate(wiphy_to_cfg(wiphy), type);
628 bphy_err(drvr, "iface validation failed: err=%d\n", err);
632 case NL80211_IFTYPE_ADHOC:
633 case NL80211_IFTYPE_STATION:
634 case NL80211_IFTYPE_AP_VLAN:
635 case NL80211_IFTYPE_WDS:
636 case NL80211_IFTYPE_MONITOR:
637 case NL80211_IFTYPE_MESH_POINT:
638 return ERR_PTR(-EOPNOTSUPP);
639 case NL80211_IFTYPE_AP:
640 wdev = brcmf_ap_add_vif(wiphy, name, params);
642 case NL80211_IFTYPE_P2P_CLIENT:
643 case NL80211_IFTYPE_P2P_GO:
644 case NL80211_IFTYPE_P2P_DEVICE:
645 wdev = brcmf_p2p_add_vif(wiphy, name, name_assign_type, type, params);
647 case NL80211_IFTYPE_UNSPECIFIED:
649 return ERR_PTR(-EINVAL);
653 bphy_err(drvr, "add iface %s type %d failed: err=%d\n", name,
654 type, (int)PTR_ERR(wdev));
656 brcmf_cfg80211_update_proto_addr_mode(wdev);
661 static void brcmf_scan_config_mpc(struct brcmf_if *ifp, int mpc)
663 if (brcmf_feat_is_quirk_enabled(ifp, BRCMF_FEAT_QUIRK_NEED_MPC))
664 brcmf_set_mpc(ifp, mpc);
667 void brcmf_set_mpc(struct brcmf_if *ifp, int mpc)
669 struct brcmf_pub *drvr = ifp->drvr;
672 if (check_vif_up(ifp->vif)) {
673 err = brcmf_fil_iovar_int_set(ifp, "mpc", mpc);
675 bphy_err(drvr, "fail to set mpc\n");
678 brcmf_dbg(INFO, "MPC : %d\n", mpc);
682 s32 brcmf_notify_escan_complete(struct brcmf_cfg80211_info *cfg,
683 struct brcmf_if *ifp, bool aborted,
686 struct brcmf_pub *drvr = cfg->pub;
687 struct brcmf_scan_params_le params_le;
688 struct cfg80211_scan_request *scan_request;
693 brcmf_dbg(SCAN, "Enter\n");
695 /* clear scan request, because the FW abort can cause a second call */
696 /* to this functon and might cause a double cfg80211_scan_done */
697 scan_request = cfg->scan_request;
698 cfg->scan_request = NULL;
700 if (timer_pending(&cfg->escan_timeout))
701 del_timer_sync(&cfg->escan_timeout);
704 /* Do a scan abort to stop the driver's scan engine */
705 brcmf_dbg(SCAN, "ABORT scan in firmware\n");
706 memset(¶ms_le, 0, sizeof(params_le));
707 eth_broadcast_addr(params_le.bssid);
708 params_le.bss_type = DOT11_BSSTYPE_ANY;
709 params_le.scan_type = 0;
710 params_le.channel_num = cpu_to_le32(1);
711 params_le.nprobes = cpu_to_le32(1);
712 params_le.active_time = cpu_to_le32(-1);
713 params_le.passive_time = cpu_to_le32(-1);
714 params_le.home_time = cpu_to_le32(-1);
715 /* Scan is aborted by setting channel_list[0] to -1 */
716 params_le.channel_list[0] = cpu_to_le16(-1);
717 /* E-Scan (or anyother type) can be aborted by SCAN */
718 err = brcmf_fil_cmd_data_set(ifp, BRCMF_C_SCAN,
719 ¶ms_le, sizeof(params_le));
721 bphy_err(drvr, "Scan abort failed\n");
724 brcmf_scan_config_mpc(ifp, 1);
727 * e-scan can be initiated internally
728 * which takes precedence.
730 if (cfg->int_escan_map) {
731 brcmf_dbg(SCAN, "scheduled scan completed (%x)\n",
733 while (cfg->int_escan_map) {
734 bucket = __ffs(cfg->int_escan_map);
735 cfg->int_escan_map &= ~BIT(bucket);
736 reqid = brcmf_pno_find_reqid_by_bucket(cfg->pno,
739 brcmf_dbg(SCAN, "report results: reqid=%llu\n",
741 cfg80211_sched_scan_results(cfg_to_wiphy(cfg),
745 } else if (scan_request) {
746 struct cfg80211_scan_info info = {
750 brcmf_dbg(SCAN, "ESCAN Completed scan: %s\n",
751 aborted ? "Aborted" : "Done");
752 cfg80211_scan_done(scan_request, &info);
754 if (!test_and_clear_bit(BRCMF_SCAN_STATUS_BUSY, &cfg->scan_status))
755 brcmf_dbg(SCAN, "Scan complete, probably P2P scan\n");
760 static int brcmf_cfg80211_del_ap_iface(struct wiphy *wiphy,
761 struct wireless_dev *wdev)
763 struct brcmf_cfg80211_info *cfg = wiphy_to_cfg(wiphy);
764 struct net_device *ndev = wdev->netdev;
765 struct brcmf_if *ifp = netdev_priv(ndev);
766 struct brcmf_pub *drvr = cfg->pub;
770 brcmf_cfg80211_arm_vif_event(cfg, ifp->vif);
772 err = brcmf_fil_bsscfg_data_set(ifp, "interface_remove", NULL, 0);
774 bphy_err(drvr, "interface_remove failed %d\n", err);
778 /* wait for firmware event */
779 ret = brcmf_cfg80211_wait_vif_event(cfg, BRCMF_E_IF_DEL,
780 BRCMF_VIF_EVENT_TIMEOUT);
782 bphy_err(drvr, "timeout occurred\n");
787 brcmf_remove_interface(ifp, true);
790 brcmf_cfg80211_arm_vif_event(cfg, NULL);
795 int brcmf_cfg80211_del_iface(struct wiphy *wiphy, struct wireless_dev *wdev)
797 struct brcmf_cfg80211_info *cfg = wiphy_to_cfg(wiphy);
798 struct net_device *ndev = wdev->netdev;
800 if (ndev && ndev == cfg_to_ndev(cfg))
803 /* vif event pending in firmware */
804 if (brcmf_cfg80211_vif_event_armed(cfg))
808 if (test_bit(BRCMF_SCAN_STATUS_BUSY, &cfg->scan_status) &&
809 cfg->escan_info.ifp == netdev_priv(ndev))
810 brcmf_notify_escan_complete(cfg, netdev_priv(ndev),
813 brcmf_fil_iovar_int_set(netdev_priv(ndev), "mpc", 1);
816 switch (wdev->iftype) {
817 case NL80211_IFTYPE_ADHOC:
818 case NL80211_IFTYPE_STATION:
819 case NL80211_IFTYPE_AP_VLAN:
820 case NL80211_IFTYPE_WDS:
821 case NL80211_IFTYPE_MONITOR:
822 case NL80211_IFTYPE_MESH_POINT:
824 case NL80211_IFTYPE_AP:
825 return brcmf_cfg80211_del_ap_iface(wiphy, wdev);
826 case NL80211_IFTYPE_P2P_CLIENT:
827 case NL80211_IFTYPE_P2P_GO:
828 case NL80211_IFTYPE_P2P_DEVICE:
829 return brcmf_p2p_del_vif(wiphy, wdev);
830 case NL80211_IFTYPE_UNSPECIFIED:
838 brcmf_cfg80211_change_iface(struct wiphy *wiphy, struct net_device *ndev,
839 enum nl80211_iftype type,
840 struct vif_params *params)
842 struct brcmf_cfg80211_info *cfg = wiphy_to_cfg(wiphy);
843 struct brcmf_if *ifp = netdev_priv(ndev);
844 struct brcmf_cfg80211_vif *vif = ifp->vif;
845 struct brcmf_pub *drvr = cfg->pub;
850 brcmf_dbg(TRACE, "Enter, bsscfgidx=%d, type=%d\n", ifp->bsscfgidx,
853 /* WAR: There are a number of p2p interface related problems which
854 * need to be handled initially (before doing the validate).
855 * wpa_supplicant tends to do iface changes on p2p device/client/go
856 * which are not always possible/allowed. However we need to return
857 * OK otherwise the wpa_supplicant wont start. The situation differs
858 * on configuration and setup (p2pon=1 module param). The first check
859 * is to see if the request is a change to station for p2p iface.
861 if ((type == NL80211_IFTYPE_STATION) &&
862 ((vif->wdev.iftype == NL80211_IFTYPE_P2P_CLIENT) ||
863 (vif->wdev.iftype == NL80211_IFTYPE_P2P_GO) ||
864 (vif->wdev.iftype == NL80211_IFTYPE_P2P_DEVICE))) {
865 brcmf_dbg(TRACE, "Ignoring cmd for p2p if\n");
866 /* Now depending on whether module param p2pon=1 was used the
867 * response needs to be either 0 or EOPNOTSUPP. The reason is
868 * that if p2pon=1 is used, but a newer supplicant is used then
869 * we should return an error, as this combination wont work.
870 * In other situations 0 is returned and supplicant will start
871 * normally. It will give a trace in cfg80211, but it is the
872 * only way to get it working. Unfortunately this will result
873 * in situation where we wont support new supplicant in
874 * combination with module param p2pon=1, but that is the way
875 * it is. If the user tries this then unloading of driver might
878 if (cfg->p2p.p2pdev_dynamically)
883 err = brcmf_vif_change_validate(wiphy_to_cfg(wiphy), vif, type);
885 bphy_err(drvr, "iface validation failed: err=%d\n", err);
889 case NL80211_IFTYPE_MONITOR:
890 case NL80211_IFTYPE_WDS:
891 bphy_err(drvr, "type (%d) : currently we do not support this type\n",
894 case NL80211_IFTYPE_ADHOC:
897 case NL80211_IFTYPE_STATION:
900 case NL80211_IFTYPE_AP:
901 case NL80211_IFTYPE_P2P_GO:
910 if (type == NL80211_IFTYPE_P2P_GO) {
911 brcmf_dbg(INFO, "IF Type = P2P GO\n");
912 err = brcmf_p2p_ifchange(cfg, BRCMF_FIL_P2P_IF_GO);
915 brcmf_dbg(INFO, "IF Type = AP\n");
918 err = brcmf_fil_cmd_int_set(ifp, BRCMF_C_SET_INFRA, infra);
920 bphy_err(drvr, "WLC_SET_INFRA error (%d)\n", err);
924 brcmf_dbg(INFO, "IF Type = %s\n", brcmf_is_ibssmode(vif) ?
927 ndev->ieee80211_ptr->iftype = type;
929 brcmf_cfg80211_update_proto_addr_mode(&vif->wdev);
932 brcmf_dbg(TRACE, "Exit\n");
937 static void brcmf_escan_prep(struct brcmf_cfg80211_info *cfg,
938 struct brcmf_scan_params_le *params_le,
939 struct cfg80211_scan_request *request)
947 struct brcmf_ssid_le ssid_le;
949 eth_broadcast_addr(params_le->bssid);
950 params_le->bss_type = DOT11_BSSTYPE_ANY;
951 params_le->scan_type = BRCMF_SCANTYPE_ACTIVE;
952 params_le->channel_num = 0;
953 params_le->nprobes = cpu_to_le32(-1);
954 params_le->active_time = cpu_to_le32(-1);
955 params_le->passive_time = cpu_to_le32(-1);
956 params_le->home_time = cpu_to_le32(-1);
957 memset(¶ms_le->ssid_le, 0, sizeof(params_le->ssid_le));
959 n_ssids = request->n_ssids;
960 n_channels = request->n_channels;
962 /* Copy channel array if applicable */
963 brcmf_dbg(SCAN, "### List of channelspecs to scan ### %d\n",
965 if (n_channels > 0) {
966 for (i = 0; i < n_channels; i++) {
967 chanspec = channel_to_chanspec(&cfg->d11inf,
968 request->channels[i]);
969 brcmf_dbg(SCAN, "Chan : %d, Channel spec: %x\n",
970 request->channels[i]->hw_value, chanspec);
971 params_le->channel_list[i] = cpu_to_le16(chanspec);
974 brcmf_dbg(SCAN, "Scanning all channels\n");
976 /* Copy ssid array if applicable */
977 brcmf_dbg(SCAN, "### List of SSIDs to scan ### %d\n", n_ssids);
979 offset = offsetof(struct brcmf_scan_params_le, channel_list) +
980 n_channels * sizeof(u16);
981 offset = roundup(offset, sizeof(u32));
982 ptr = (char *)params_le + offset;
983 for (i = 0; i < n_ssids; i++) {
984 memset(&ssid_le, 0, sizeof(ssid_le));
986 cpu_to_le32(request->ssids[i].ssid_len);
987 memcpy(ssid_le.SSID, request->ssids[i].ssid,
988 request->ssids[i].ssid_len);
989 if (!ssid_le.SSID_len)
990 brcmf_dbg(SCAN, "%d: Broadcast scan\n", i);
992 brcmf_dbg(SCAN, "%d: scan for %.32s size=%d\n",
993 i, ssid_le.SSID, ssid_le.SSID_len);
994 memcpy(ptr, &ssid_le, sizeof(ssid_le));
995 ptr += sizeof(ssid_le);
998 brcmf_dbg(SCAN, "Performing passive scan\n");
999 params_le->scan_type = BRCMF_SCANTYPE_PASSIVE;
1001 /* Adding mask to channel numbers */
1002 params_le->channel_num =
1003 cpu_to_le32((n_ssids << BRCMF_SCAN_PARAMS_NSSID_SHIFT) |
1004 (n_channels & BRCMF_SCAN_PARAMS_COUNT_MASK));
1008 brcmf_run_escan(struct brcmf_cfg80211_info *cfg, struct brcmf_if *ifp,
1009 struct cfg80211_scan_request *request)
1011 struct brcmf_pub *drvr = cfg->pub;
1012 s32 params_size = BRCMF_SCAN_PARAMS_FIXED_SIZE +
1013 offsetof(struct brcmf_escan_params_le, params_le);
1014 struct brcmf_escan_params_le *params;
1017 brcmf_dbg(SCAN, "E-SCAN START\n");
1019 if (request != NULL) {
1020 /* Allocate space for populating ssids in struct */
1021 params_size += sizeof(u32) * ((request->n_channels + 1) / 2);
1023 /* Allocate space for populating ssids in struct */
1024 params_size += sizeof(struct brcmf_ssid_le) * request->n_ssids;
1027 params = kzalloc(params_size, GFP_KERNEL);
1032 BUG_ON(params_size + sizeof("escan") >= BRCMF_DCMD_MEDLEN);
1033 brcmf_escan_prep(cfg, ¶ms->params_le, request);
1034 params->version = cpu_to_le32(BRCMF_ESCAN_REQ_VERSION);
1035 params->action = cpu_to_le16(WL_ESCAN_ACTION_START);
1036 params->sync_id = cpu_to_le16(0x1234);
1038 err = brcmf_fil_iovar_data_set(ifp, "escan", params, params_size);
1041 brcmf_dbg(INFO, "system busy : escan canceled\n");
1043 bphy_err(drvr, "error (%d)\n", err);
1052 brcmf_do_escan(struct brcmf_if *ifp, struct cfg80211_scan_request *request)
1054 struct brcmf_cfg80211_info *cfg = ifp->drvr->config;
1056 struct brcmf_scan_results *results;
1057 struct escan_info *escan = &cfg->escan_info;
1059 brcmf_dbg(SCAN, "Enter\n");
1061 escan->wiphy = cfg->wiphy;
1062 escan->escan_state = WL_ESCAN_STATE_SCANNING;
1064 brcmf_scan_config_mpc(ifp, 0);
1065 results = (struct brcmf_scan_results *)cfg->escan_info.escan_buf;
1066 results->version = 0;
1068 results->buflen = WL_ESCAN_RESULTS_FIXED_SIZE;
1070 err = escan->run(cfg, ifp, request);
1072 brcmf_scan_config_mpc(ifp, 1);
1077 brcmf_cfg80211_scan(struct wiphy *wiphy, struct cfg80211_scan_request *request)
1079 struct brcmf_cfg80211_info *cfg = wiphy_to_cfg(wiphy);
1080 struct brcmf_pub *drvr = cfg->pub;
1081 struct brcmf_cfg80211_vif *vif;
1084 brcmf_dbg(TRACE, "Enter\n");
1085 vif = container_of(request->wdev, struct brcmf_cfg80211_vif, wdev);
1086 if (!check_vif_up(vif))
1089 if (test_bit(BRCMF_SCAN_STATUS_BUSY, &cfg->scan_status)) {
1090 bphy_err(drvr, "Scanning already: status (%lu)\n",
1094 if (test_bit(BRCMF_SCAN_STATUS_ABORT, &cfg->scan_status)) {
1095 bphy_err(drvr, "Scanning being aborted: status (%lu)\n",
1099 if (test_bit(BRCMF_SCAN_STATUS_SUPPRESS, &cfg->scan_status)) {
1100 bphy_err(drvr, "Scanning suppressed: status (%lu)\n",
1104 if (test_bit(BRCMF_VIF_STATUS_CONNECTING, &vif->sme_state)) {
1105 bphy_err(drvr, "Connecting: status (%lu)\n", vif->sme_state);
1109 /* If scan req comes for p2p0, send it over primary I/F */
1110 if (vif == cfg->p2p.bss_idx[P2PAPI_BSSCFG_DEVICE].vif)
1111 vif = cfg->p2p.bss_idx[P2PAPI_BSSCFG_PRIMARY].vif;
1113 brcmf_dbg(SCAN, "START ESCAN\n");
1115 cfg->scan_request = request;
1116 set_bit(BRCMF_SCAN_STATUS_BUSY, &cfg->scan_status);
1118 cfg->escan_info.run = brcmf_run_escan;
1119 err = brcmf_p2p_scan_prep(wiphy, request, vif);
1123 err = brcmf_vif_set_mgmt_ie(vif, BRCMF_VNDR_IE_PRBREQ_FLAG,
1124 request->ie, request->ie_len);
1128 err = brcmf_do_escan(vif->ifp, request);
1132 /* Arm scan timeout timer */
1133 mod_timer(&cfg->escan_timeout,
1134 jiffies + msecs_to_jiffies(BRCMF_ESCAN_TIMER_INTERVAL_MS));
1139 bphy_err(drvr, "scan error (%d)\n", err);
1140 clear_bit(BRCMF_SCAN_STATUS_BUSY, &cfg->scan_status);
1141 cfg->scan_request = NULL;
1145 static s32 brcmf_set_rts(struct net_device *ndev, u32 rts_threshold)
1147 struct brcmf_if *ifp = netdev_priv(ndev);
1148 struct brcmf_pub *drvr = ifp->drvr;
1151 err = brcmf_fil_iovar_int_set(ifp, "rtsthresh", rts_threshold);
1153 bphy_err(drvr, "Error (%d)\n", err);
1158 static s32 brcmf_set_frag(struct net_device *ndev, u32 frag_threshold)
1160 struct brcmf_if *ifp = netdev_priv(ndev);
1161 struct brcmf_pub *drvr = ifp->drvr;
1164 err = brcmf_fil_iovar_int_set(ifp, "fragthresh",
1167 bphy_err(drvr, "Error (%d)\n", err);
1172 static s32 brcmf_set_retry(struct net_device *ndev, u32 retry, bool l)
1174 struct brcmf_if *ifp = netdev_priv(ndev);
1175 struct brcmf_pub *drvr = ifp->drvr;
1177 u32 cmd = (l ? BRCMF_C_SET_LRL : BRCMF_C_SET_SRL);
1179 err = brcmf_fil_cmd_int_set(ifp, cmd, retry);
1181 bphy_err(drvr, "cmd (%d) , error (%d)\n", cmd, err);
1187 static s32 brcmf_cfg80211_set_wiphy_params(struct wiphy *wiphy, u32 changed)
1189 struct brcmf_cfg80211_info *cfg = wiphy_to_cfg(wiphy);
1190 struct net_device *ndev = cfg_to_ndev(cfg);
1191 struct brcmf_if *ifp = netdev_priv(ndev);
1194 brcmf_dbg(TRACE, "Enter\n");
1195 if (!check_vif_up(ifp->vif))
1198 if (changed & WIPHY_PARAM_RTS_THRESHOLD &&
1199 (cfg->conf->rts_threshold != wiphy->rts_threshold)) {
1200 cfg->conf->rts_threshold = wiphy->rts_threshold;
1201 err = brcmf_set_rts(ndev, cfg->conf->rts_threshold);
1205 if (changed & WIPHY_PARAM_FRAG_THRESHOLD &&
1206 (cfg->conf->frag_threshold != wiphy->frag_threshold)) {
1207 cfg->conf->frag_threshold = wiphy->frag_threshold;
1208 err = brcmf_set_frag(ndev, cfg->conf->frag_threshold);
1212 if (changed & WIPHY_PARAM_RETRY_LONG
1213 && (cfg->conf->retry_long != wiphy->retry_long)) {
1214 cfg->conf->retry_long = wiphy->retry_long;
1215 err = brcmf_set_retry(ndev, cfg->conf->retry_long, true);
1219 if (changed & WIPHY_PARAM_RETRY_SHORT
1220 && (cfg->conf->retry_short != wiphy->retry_short)) {
1221 cfg->conf->retry_short = wiphy->retry_short;
1222 err = brcmf_set_retry(ndev, cfg->conf->retry_short, false);
1228 brcmf_dbg(TRACE, "Exit\n");
1232 static void brcmf_init_prof(struct brcmf_cfg80211_profile *prof)
1234 memset(prof, 0, sizeof(*prof));
1237 static u16 brcmf_map_fw_linkdown_reason(const struct brcmf_event_msg *e)
1241 switch (e->event_code) {
1242 case BRCMF_E_DEAUTH:
1243 case BRCMF_E_DEAUTH_IND:
1244 case BRCMF_E_DISASSOC_IND:
1255 static int brcmf_set_pmk(struct brcmf_if *ifp, const u8 *pmk_data, u16 pmk_len)
1257 struct brcmf_pub *drvr = ifp->drvr;
1258 struct brcmf_wsec_pmk_le pmk;
1261 /* convert to firmware key format */
1262 pmk.key_len = cpu_to_le16(pmk_len << 1);
1263 pmk.flags = cpu_to_le16(BRCMF_WSEC_PASSPHRASE);
1264 for (i = 0; i < pmk_len; i++)
1265 snprintf(&pmk.key[2 * i], 3, "%02x", pmk_data[i]);
1267 /* store psk in firmware */
1268 err = brcmf_fil_cmd_data_set(ifp, BRCMF_C_SET_WSEC_PMK,
1271 bphy_err(drvr, "failed to change PSK in firmware (len=%u)\n",
1277 static void brcmf_link_down(struct brcmf_cfg80211_vif *vif, u16 reason)
1279 struct brcmf_cfg80211_info *cfg = wiphy_to_cfg(vif->wdev.wiphy);
1280 struct brcmf_pub *drvr = cfg->pub;
1283 brcmf_dbg(TRACE, "Enter\n");
1285 if (test_and_clear_bit(BRCMF_VIF_STATUS_CONNECTED, &vif->sme_state)) {
1286 brcmf_dbg(INFO, "Call WLC_DISASSOC to stop excess roaming\n");
1287 err = brcmf_fil_cmd_data_set(vif->ifp,
1288 BRCMF_C_DISASSOC, NULL, 0);
1290 bphy_err(drvr, "WLC_DISASSOC failed (%d)\n", err);
1292 if ((vif->wdev.iftype == NL80211_IFTYPE_STATION) ||
1293 (vif->wdev.iftype == NL80211_IFTYPE_P2P_CLIENT))
1294 cfg80211_disconnected(vif->wdev.netdev, reason, NULL, 0,
1297 clear_bit(BRCMF_VIF_STATUS_CONNECTING, &vif->sme_state);
1298 clear_bit(BRCMF_SCAN_STATUS_SUPPRESS, &cfg->scan_status);
1299 brcmf_btcoex_set_mode(vif, BRCMF_BTCOEX_ENABLED, 0);
1300 if (vif->profile.use_fwsup != BRCMF_PROFILE_FWSUP_NONE) {
1301 brcmf_set_pmk(vif->ifp, NULL, 0);
1302 vif->profile.use_fwsup = BRCMF_PROFILE_FWSUP_NONE;
1304 brcmf_dbg(TRACE, "Exit\n");
1308 brcmf_cfg80211_join_ibss(struct wiphy *wiphy, struct net_device *ndev,
1309 struct cfg80211_ibss_params *params)
1311 struct brcmf_cfg80211_info *cfg = wiphy_to_cfg(wiphy);
1312 struct brcmf_if *ifp = netdev_priv(ndev);
1313 struct brcmf_cfg80211_profile *profile = &ifp->vif->profile;
1314 struct brcmf_pub *drvr = cfg->pub;
1315 struct brcmf_join_params join_params;
1316 size_t join_params_size = 0;
1323 brcmf_dbg(TRACE, "Enter\n");
1324 if (!check_vif_up(ifp->vif))
1328 brcmf_dbg(CONN, "SSID: %s\n", params->ssid);
1330 brcmf_dbg(CONN, "SSID: NULL, Not supported\n");
1334 set_bit(BRCMF_VIF_STATUS_CONNECTING, &ifp->vif->sme_state);
1337 brcmf_dbg(CONN, "BSSID: %pM\n", params->bssid);
1339 brcmf_dbg(CONN, "No BSSID specified\n");
1341 if (params->chandef.chan)
1342 brcmf_dbg(CONN, "channel: %d\n",
1343 params->chandef.chan->center_freq);
1345 brcmf_dbg(CONN, "no channel specified\n");
1347 if (params->channel_fixed)
1348 brcmf_dbg(CONN, "fixed channel required\n");
1350 brcmf_dbg(CONN, "no fixed channel required\n");
1352 if (params->ie && params->ie_len)
1353 brcmf_dbg(CONN, "ie len: %d\n", params->ie_len);
1355 brcmf_dbg(CONN, "no ie specified\n");
1357 if (params->beacon_interval)
1358 brcmf_dbg(CONN, "beacon interval: %d\n",
1359 params->beacon_interval);
1361 brcmf_dbg(CONN, "no beacon interval specified\n");
1363 if (params->basic_rates)
1364 brcmf_dbg(CONN, "basic rates: %08X\n", params->basic_rates);
1366 brcmf_dbg(CONN, "no basic rates specified\n");
1368 if (params->privacy)
1369 brcmf_dbg(CONN, "privacy required\n");
1371 brcmf_dbg(CONN, "no privacy required\n");
1373 /* Configure Privacy for starter */
1374 if (params->privacy)
1375 wsec |= WEP_ENABLED;
1377 err = brcmf_fil_iovar_int_set(ifp, "wsec", wsec);
1379 bphy_err(drvr, "wsec failed (%d)\n", err);
1383 /* Configure Beacon Interval for starter */
1384 if (params->beacon_interval)
1385 bcnprd = params->beacon_interval;
1389 err = brcmf_fil_cmd_int_set(ifp, BRCMF_C_SET_BCNPRD, bcnprd);
1391 bphy_err(drvr, "WLC_SET_BCNPRD failed (%d)\n", err);
1395 /* Configure required join parameter */
1396 memset(&join_params, 0, sizeof(struct brcmf_join_params));
1399 ssid_len = min_t(u32, params->ssid_len, IEEE80211_MAX_SSID_LEN);
1400 memcpy(join_params.ssid_le.SSID, params->ssid, ssid_len);
1401 join_params.ssid_le.SSID_len = cpu_to_le32(ssid_len);
1402 join_params_size = sizeof(join_params.ssid_le);
1405 if (params->bssid) {
1406 memcpy(join_params.params_le.bssid, params->bssid, ETH_ALEN);
1407 join_params_size += BRCMF_ASSOC_PARAMS_FIXED_SIZE;
1408 memcpy(profile->bssid, params->bssid, ETH_ALEN);
1410 eth_broadcast_addr(join_params.params_le.bssid);
1411 eth_zero_addr(profile->bssid);
1415 if (params->chandef.chan) {
1419 ieee80211_frequency_to_channel(
1420 params->chandef.chan->center_freq);
1421 if (params->channel_fixed) {
1422 /* adding chanspec */
1423 chanspec = chandef_to_chanspec(&cfg->d11inf,
1425 join_params.params_le.chanspec_list[0] =
1426 cpu_to_le16(chanspec);
1427 join_params.params_le.chanspec_num = cpu_to_le32(1);
1428 join_params_size += sizeof(join_params.params_le);
1431 /* set channel for starter */
1432 target_channel = cfg->channel;
1433 err = brcmf_fil_cmd_int_set(ifp, BRCMF_C_SET_CHANNEL,
1436 bphy_err(drvr, "WLC_SET_CHANNEL failed (%d)\n", err);
1442 cfg->ibss_starter = false;
1445 err = brcmf_fil_cmd_data_set(ifp, BRCMF_C_SET_SSID,
1446 &join_params, join_params_size);
1448 bphy_err(drvr, "WLC_SET_SSID failed (%d)\n", err);
1454 clear_bit(BRCMF_VIF_STATUS_CONNECTING, &ifp->vif->sme_state);
1455 brcmf_dbg(TRACE, "Exit\n");
1460 brcmf_cfg80211_leave_ibss(struct wiphy *wiphy, struct net_device *ndev)
1462 struct brcmf_if *ifp = netdev_priv(ndev);
1464 brcmf_dbg(TRACE, "Enter\n");
1465 if (!check_vif_up(ifp->vif)) {
1466 /* When driver is being unloaded, it can end up here. If an
1467 * error is returned then later on a debug trace in the wireless
1468 * core module will be printed. To avoid this 0 is returned.
1473 brcmf_link_down(ifp->vif, WLAN_REASON_DEAUTH_LEAVING);
1474 brcmf_net_setcarrier(ifp, false);
1476 brcmf_dbg(TRACE, "Exit\n");
1481 static s32 brcmf_set_wpa_version(struct net_device *ndev,
1482 struct cfg80211_connect_params *sme)
1484 struct brcmf_if *ifp = netdev_priv(ndev);
1485 struct brcmf_cfg80211_profile *profile = ndev_to_prof(ndev);
1486 struct brcmf_pub *drvr = ifp->drvr;
1487 struct brcmf_cfg80211_security *sec;
1491 if (sme->crypto.wpa_versions & NL80211_WPA_VERSION_1)
1492 val = WPA_AUTH_PSK | WPA_AUTH_UNSPECIFIED;
1493 else if (sme->crypto.wpa_versions & NL80211_WPA_VERSION_2)
1494 val = WPA2_AUTH_PSK | WPA2_AUTH_UNSPECIFIED;
1496 val = WPA_AUTH_DISABLED;
1497 brcmf_dbg(CONN, "setting wpa_auth to 0x%0x\n", val);
1498 err = brcmf_fil_bsscfg_int_set(ifp, "wpa_auth", val);
1500 bphy_err(drvr, "set wpa_auth failed (%d)\n", err);
1503 sec = &profile->sec;
1504 sec->wpa_versions = sme->crypto.wpa_versions;
1508 static s32 brcmf_set_auth_type(struct net_device *ndev,
1509 struct cfg80211_connect_params *sme)
1511 struct brcmf_if *ifp = netdev_priv(ndev);
1512 struct brcmf_cfg80211_profile *profile = ndev_to_prof(ndev);
1513 struct brcmf_pub *drvr = ifp->drvr;
1514 struct brcmf_cfg80211_security *sec;
1518 switch (sme->auth_type) {
1519 case NL80211_AUTHTYPE_OPEN_SYSTEM:
1521 brcmf_dbg(CONN, "open system\n");
1523 case NL80211_AUTHTYPE_SHARED_KEY:
1525 brcmf_dbg(CONN, "shared key\n");
1529 brcmf_dbg(CONN, "automatic, auth type (%d)\n", sme->auth_type);
1533 err = brcmf_fil_bsscfg_int_set(ifp, "auth", val);
1535 bphy_err(drvr, "set auth failed (%d)\n", err);
1538 sec = &profile->sec;
1539 sec->auth_type = sme->auth_type;
1544 brcmf_set_wsec_mode(struct net_device *ndev,
1545 struct cfg80211_connect_params *sme)
1547 struct brcmf_if *ifp = netdev_priv(ndev);
1548 struct brcmf_cfg80211_profile *profile = ndev_to_prof(ndev);
1549 struct brcmf_pub *drvr = ifp->drvr;
1550 struct brcmf_cfg80211_security *sec;
1556 if (sme->crypto.n_ciphers_pairwise) {
1557 switch (sme->crypto.ciphers_pairwise[0]) {
1558 case WLAN_CIPHER_SUITE_WEP40:
1559 case WLAN_CIPHER_SUITE_WEP104:
1562 case WLAN_CIPHER_SUITE_TKIP:
1563 pval = TKIP_ENABLED;
1565 case WLAN_CIPHER_SUITE_CCMP:
1568 case WLAN_CIPHER_SUITE_AES_CMAC:
1572 bphy_err(drvr, "invalid cipher pairwise (%d)\n",
1573 sme->crypto.ciphers_pairwise[0]);
1577 if (sme->crypto.cipher_group) {
1578 switch (sme->crypto.cipher_group) {
1579 case WLAN_CIPHER_SUITE_WEP40:
1580 case WLAN_CIPHER_SUITE_WEP104:
1583 case WLAN_CIPHER_SUITE_TKIP:
1584 gval = TKIP_ENABLED;
1586 case WLAN_CIPHER_SUITE_CCMP:
1589 case WLAN_CIPHER_SUITE_AES_CMAC:
1593 bphy_err(drvr, "invalid cipher group (%d)\n",
1594 sme->crypto.cipher_group);
1599 brcmf_dbg(CONN, "pval (%d) gval (%d)\n", pval, gval);
1600 /* In case of privacy, but no security and WPS then simulate */
1601 /* setting AES. WPS-2.0 allows no security */
1602 if (brcmf_find_wpsie(sme->ie, sme->ie_len) && !pval && !gval &&
1607 err = brcmf_fil_bsscfg_int_set(ifp, "wsec", wsec);
1609 bphy_err(drvr, "error (%d)\n", err);
1613 sec = &profile->sec;
1614 sec->cipher_pairwise = sme->crypto.ciphers_pairwise[0];
1615 sec->cipher_group = sme->crypto.cipher_group;
1621 brcmf_set_key_mgmt(struct net_device *ndev, struct cfg80211_connect_params *sme)
1623 struct brcmf_if *ifp = netdev_priv(ndev);
1624 struct brcmf_cfg80211_profile *profile = &ifp->vif->profile;
1625 struct brcmf_pub *drvr = ifp->drvr;
1628 const struct brcmf_tlv *rsn_ie;
1636 profile->use_fwsup = BRCMF_PROFILE_FWSUP_NONE;
1638 if (!sme->crypto.n_akm_suites)
1641 err = brcmf_fil_bsscfg_int_get(netdev_priv(ndev), "wpa_auth", &val);
1643 bphy_err(drvr, "could not get wpa_auth (%d)\n", err);
1646 if (val & (WPA_AUTH_PSK | WPA_AUTH_UNSPECIFIED)) {
1647 switch (sme->crypto.akm_suites[0]) {
1648 case WLAN_AKM_SUITE_8021X:
1649 val = WPA_AUTH_UNSPECIFIED;
1651 profile->use_fwsup = BRCMF_PROFILE_FWSUP_1X;
1653 case WLAN_AKM_SUITE_PSK:
1657 bphy_err(drvr, "invalid cipher group (%d)\n",
1658 sme->crypto.cipher_group);
1661 } else if (val & (WPA2_AUTH_PSK | WPA2_AUTH_UNSPECIFIED)) {
1662 switch (sme->crypto.akm_suites[0]) {
1663 case WLAN_AKM_SUITE_8021X:
1664 val = WPA2_AUTH_UNSPECIFIED;
1666 profile->use_fwsup = BRCMF_PROFILE_FWSUP_1X;
1668 case WLAN_AKM_SUITE_8021X_SHA256:
1669 val = WPA2_AUTH_1X_SHA256;
1671 profile->use_fwsup = BRCMF_PROFILE_FWSUP_1X;
1673 case WLAN_AKM_SUITE_PSK_SHA256:
1674 val = WPA2_AUTH_PSK_SHA256;
1676 case WLAN_AKM_SUITE_PSK:
1677 val = WPA2_AUTH_PSK;
1679 case WLAN_AKM_SUITE_FT_8021X:
1680 val = WPA2_AUTH_UNSPECIFIED | WPA2_AUTH_FT;
1682 profile->use_fwsup = BRCMF_PROFILE_FWSUP_1X;
1684 case WLAN_AKM_SUITE_FT_PSK:
1685 val = WPA2_AUTH_PSK | WPA2_AUTH_FT;
1688 bphy_err(drvr, "invalid cipher group (%d)\n",
1689 sme->crypto.cipher_group);
1694 if (profile->use_fwsup == BRCMF_PROFILE_FWSUP_1X)
1695 brcmf_dbg(INFO, "using 1X offload\n");
1697 if (!brcmf_feat_is_enabled(ifp, BRCMF_FEAT_MFP))
1698 goto skip_mfp_config;
1699 /* The MFP mode (1 or 2) needs to be determined, parse IEs. The
1700 * IE will not be verified, just a quick search for MFP config
1702 rsn_ie = brcmf_parse_tlvs((const u8 *)sme->ie, sme->ie_len,
1705 goto skip_mfp_config;
1706 ie = (const u8 *)rsn_ie;
1707 ie_len = rsn_ie->len + TLV_HDR_LEN;
1708 /* Skip unicast suite */
1709 offset = TLV_HDR_LEN + WPA_IE_VERSION_LEN + WPA_IE_MIN_OUI_LEN;
1710 if (offset + WPA_IE_SUITE_COUNT_LEN >= ie_len)
1711 goto skip_mfp_config;
1712 /* Skip multicast suite */
1713 count = ie[offset] + (ie[offset + 1] << 8);
1714 offset += WPA_IE_SUITE_COUNT_LEN + (count * WPA_IE_MIN_OUI_LEN);
1715 if (offset + WPA_IE_SUITE_COUNT_LEN >= ie_len)
1716 goto skip_mfp_config;
1717 /* Skip auth key management suite(s) */
1718 count = ie[offset] + (ie[offset + 1] << 8);
1719 offset += WPA_IE_SUITE_COUNT_LEN + (count * WPA_IE_MIN_OUI_LEN);
1720 if (offset + WPA_IE_SUITE_COUNT_LEN > ie_len)
1721 goto skip_mfp_config;
1722 /* Ready to read capabilities */
1723 mfp = BRCMF_MFP_NONE;
1724 rsn_cap = ie[offset] + (ie[offset + 1] << 8);
1725 if (rsn_cap & RSN_CAP_MFPR_MASK)
1726 mfp = BRCMF_MFP_REQUIRED;
1727 else if (rsn_cap & RSN_CAP_MFPC_MASK)
1728 mfp = BRCMF_MFP_CAPABLE;
1729 brcmf_fil_bsscfg_int_set(netdev_priv(ndev), "mfp", mfp);
1732 brcmf_dbg(CONN, "setting wpa_auth to %d\n", val);
1733 err = brcmf_fil_bsscfg_int_set(netdev_priv(ndev), "wpa_auth", val);
1735 bphy_err(drvr, "could not set wpa_auth (%d)\n", err);
1743 brcmf_set_sharedkey(struct net_device *ndev,
1744 struct cfg80211_connect_params *sme)
1746 struct brcmf_if *ifp = netdev_priv(ndev);
1747 struct brcmf_pub *drvr = ifp->drvr;
1748 struct brcmf_cfg80211_profile *profile = ndev_to_prof(ndev);
1749 struct brcmf_cfg80211_security *sec;
1750 struct brcmf_wsec_key key;
1754 brcmf_dbg(CONN, "key len (%d)\n", sme->key_len);
1756 if (sme->key_len == 0)
1759 sec = &profile->sec;
1760 brcmf_dbg(CONN, "wpa_versions 0x%x cipher_pairwise 0x%x\n",
1761 sec->wpa_versions, sec->cipher_pairwise);
1763 if (sec->wpa_versions & (NL80211_WPA_VERSION_1 | NL80211_WPA_VERSION_2))
1766 if (!(sec->cipher_pairwise &
1767 (WLAN_CIPHER_SUITE_WEP40 | WLAN_CIPHER_SUITE_WEP104)))
1770 memset(&key, 0, sizeof(key));
1771 key.len = (u32) sme->key_len;
1772 key.index = (u32) sme->key_idx;
1773 if (key.len > sizeof(key.data)) {
1774 bphy_err(drvr, "Too long key length (%u)\n", key.len);
1777 memcpy(key.data, sme->key, key.len);
1778 key.flags = BRCMF_PRIMARY_KEY;
1779 switch (sec->cipher_pairwise) {
1780 case WLAN_CIPHER_SUITE_WEP40:
1781 key.algo = CRYPTO_ALGO_WEP1;
1783 case WLAN_CIPHER_SUITE_WEP104:
1784 key.algo = CRYPTO_ALGO_WEP128;
1787 bphy_err(drvr, "Invalid algorithm (%d)\n",
1788 sme->crypto.ciphers_pairwise[0]);
1791 /* Set the new key/index */
1792 brcmf_dbg(CONN, "key length (%d) key index (%d) algo (%d)\n",
1793 key.len, key.index, key.algo);
1794 brcmf_dbg(CONN, "key \"%s\"\n", key.data);
1795 err = send_key_to_dongle(ifp, &key);
1799 if (sec->auth_type == NL80211_AUTHTYPE_SHARED_KEY) {
1800 brcmf_dbg(CONN, "set auth_type to shared key\n");
1801 val = WL_AUTH_SHARED_KEY; /* shared key */
1802 err = brcmf_fil_bsscfg_int_set(ifp, "auth", val);
1804 bphy_err(drvr, "set auth failed (%d)\n", err);
1810 enum nl80211_auth_type brcmf_war_auth_type(struct brcmf_if *ifp,
1811 enum nl80211_auth_type type)
1813 if (type == NL80211_AUTHTYPE_AUTOMATIC &&
1814 brcmf_feat_is_quirk_enabled(ifp, BRCMF_FEAT_QUIRK_AUTO_AUTH)) {
1815 brcmf_dbg(CONN, "WAR: use OPEN instead of AUTO\n");
1816 type = NL80211_AUTHTYPE_OPEN_SYSTEM;
1821 static void brcmf_set_join_pref(struct brcmf_if *ifp,
1822 struct cfg80211_bss_selection *bss_select)
1824 struct brcmf_pub *drvr = ifp->drvr;
1825 struct brcmf_join_pref_params join_pref_params[2];
1826 enum nl80211_band band;
1829 join_pref_params[i].len = 2;
1830 join_pref_params[i].rssi_gain = 0;
1832 if (bss_select->behaviour != NL80211_BSS_SELECT_ATTR_BAND_PREF)
1833 brcmf_fil_cmd_int_set(ifp, BRCMF_C_SET_ASSOC_PREFER, WLC_BAND_AUTO);
1835 switch (bss_select->behaviour) {
1836 case __NL80211_BSS_SELECT_ATTR_INVALID:
1837 brcmf_c_set_joinpref_default(ifp);
1839 case NL80211_BSS_SELECT_ATTR_BAND_PREF:
1840 join_pref_params[i].type = BRCMF_JOIN_PREF_BAND;
1841 band = bss_select->param.band_pref;
1842 join_pref_params[i].band = nl80211_band_to_fwil(band);
1845 case NL80211_BSS_SELECT_ATTR_RSSI_ADJUST:
1846 join_pref_params[i].type = BRCMF_JOIN_PREF_RSSI_DELTA;
1847 band = bss_select->param.adjust.band;
1848 join_pref_params[i].band = nl80211_band_to_fwil(band);
1849 join_pref_params[i].rssi_gain = bss_select->param.adjust.delta;
1852 case NL80211_BSS_SELECT_ATTR_RSSI:
1856 join_pref_params[i].type = BRCMF_JOIN_PREF_RSSI;
1857 join_pref_params[i].len = 2;
1858 join_pref_params[i].rssi_gain = 0;
1859 join_pref_params[i].band = 0;
1860 err = brcmf_fil_iovar_data_set(ifp, "join_pref", join_pref_params,
1861 sizeof(join_pref_params));
1863 bphy_err(drvr, "Set join_pref error (%d)\n", err);
1867 brcmf_cfg80211_connect(struct wiphy *wiphy, struct net_device *ndev,
1868 struct cfg80211_connect_params *sme)
1870 struct brcmf_cfg80211_info *cfg = wiphy_to_cfg(wiphy);
1871 struct brcmf_if *ifp = netdev_priv(ndev);
1872 struct brcmf_cfg80211_profile *profile = &ifp->vif->profile;
1873 struct ieee80211_channel *chan = sme->channel;
1874 struct brcmf_pub *drvr = ifp->drvr;
1875 struct brcmf_join_params join_params;
1876 size_t join_params_size;
1877 const struct brcmf_tlv *rsn_ie;
1878 const struct brcmf_vs_tlv *wpa_ie;
1881 struct brcmf_ext_join_params_le *ext_join_params;
1886 brcmf_dbg(TRACE, "Enter\n");
1887 if (!check_vif_up(ifp->vif))
1891 bphy_err(drvr, "Invalid ssid\n");
1895 if (ifp->vif == cfg->p2p.bss_idx[P2PAPI_BSSCFG_PRIMARY].vif) {
1896 /* A normal (non P2P) connection request setup. */
1899 /* find the WPA_IE */
1900 wpa_ie = brcmf_find_wpaie((u8 *)sme->ie, sme->ie_len);
1903 ie_len = wpa_ie->len + TLV_HDR_LEN;
1905 /* find the RSN_IE */
1906 rsn_ie = brcmf_parse_tlvs((const u8 *)sme->ie,
1911 ie_len = rsn_ie->len + TLV_HDR_LEN;
1914 brcmf_fil_iovar_data_set(ifp, "wpaie", ie, ie_len);
1917 err = brcmf_vif_set_mgmt_ie(ifp->vif, BRCMF_VNDR_IE_ASSOCREQ_FLAG,
1918 sme->ie, sme->ie_len);
1920 bphy_err(drvr, "Set Assoc REQ IE Failed\n");
1922 brcmf_dbg(TRACE, "Applied Vndr IEs for Assoc request\n");
1924 set_bit(BRCMF_VIF_STATUS_CONNECTING, &ifp->vif->sme_state);
1928 ieee80211_frequency_to_channel(chan->center_freq);
1929 chanspec = channel_to_chanspec(&cfg->d11inf, chan);
1930 brcmf_dbg(CONN, "channel=%d, center_req=%d, chanspec=0x%04x\n",
1931 cfg->channel, chan->center_freq, chanspec);
1937 brcmf_dbg(INFO, "ie (%p), ie_len (%zd)\n", sme->ie, sme->ie_len);
1939 err = brcmf_set_wpa_version(ndev, sme);
1941 bphy_err(drvr, "wl_set_wpa_version failed (%d)\n", err);
1945 sme->auth_type = brcmf_war_auth_type(ifp, sme->auth_type);
1946 err = brcmf_set_auth_type(ndev, sme);
1948 bphy_err(drvr, "wl_set_auth_type failed (%d)\n", err);
1952 err = brcmf_set_wsec_mode(ndev, sme);
1954 bphy_err(drvr, "wl_set_set_cipher failed (%d)\n", err);
1958 err = brcmf_set_key_mgmt(ndev, sme);
1960 bphy_err(drvr, "wl_set_key_mgmt failed (%d)\n", err);
1964 err = brcmf_set_sharedkey(ndev, sme);
1966 bphy_err(drvr, "brcmf_set_sharedkey failed (%d)\n", err);
1970 if (sme->crypto.psk) {
1971 if (WARN_ON(profile->use_fwsup != BRCMF_PROFILE_FWSUP_NONE)) {
1975 brcmf_dbg(INFO, "using PSK offload\n");
1976 profile->use_fwsup = BRCMF_PROFILE_FWSUP_PSK;
1979 if (profile->use_fwsup != BRCMF_PROFILE_FWSUP_NONE) {
1980 /* enable firmware supplicant for this interface */
1981 err = brcmf_fil_iovar_int_set(ifp, "sup_wpa", 1);
1983 bphy_err(drvr, "failed to enable fw supplicant\n");
1988 if (profile->use_fwsup == BRCMF_PROFILE_FWSUP_PSK) {
1989 err = brcmf_set_pmk(ifp, sme->crypto.psk,
1990 BRCMF_WSEC_MAX_PSK_LEN);
1995 /* Join with specific BSSID and cached SSID
1996 * If SSID is zero join based on BSSID only
1998 join_params_size = offsetof(struct brcmf_ext_join_params_le, assoc_le) +
1999 offsetof(struct brcmf_assoc_params_le, chanspec_list);
2001 join_params_size += sizeof(u16);
2002 ext_join_params = kzalloc(join_params_size, GFP_KERNEL);
2003 if (ext_join_params == NULL) {
2007 ssid_len = min_t(u32, sme->ssid_len, IEEE80211_MAX_SSID_LEN);
2008 ext_join_params->ssid_le.SSID_len = cpu_to_le32(ssid_len);
2009 memcpy(&ext_join_params->ssid_le.SSID, sme->ssid, ssid_len);
2010 if (ssid_len < IEEE80211_MAX_SSID_LEN)
2011 brcmf_dbg(CONN, "SSID \"%s\", len (%d)\n",
2012 ext_join_params->ssid_le.SSID, ssid_len);
2014 /* Set up join scan parameters */
2015 ext_join_params->scan_le.scan_type = -1;
2016 ext_join_params->scan_le.home_time = cpu_to_le32(-1);
2019 memcpy(&ext_join_params->assoc_le.bssid, sme->bssid, ETH_ALEN);
2021 eth_broadcast_addr(ext_join_params->assoc_le.bssid);
2024 ext_join_params->assoc_le.chanspec_num = cpu_to_le32(1);
2026 ext_join_params->assoc_le.chanspec_list[0] =
2027 cpu_to_le16(chanspec);
2028 /* Increase dwell time to receive probe response or detect
2029 * beacon from target AP at a noisy air only during connect
2032 ext_join_params->scan_le.active_time =
2033 cpu_to_le32(BRCMF_SCAN_JOIN_ACTIVE_DWELL_TIME_MS);
2034 ext_join_params->scan_le.passive_time =
2035 cpu_to_le32(BRCMF_SCAN_JOIN_PASSIVE_DWELL_TIME_MS);
2036 /* To sync with presence period of VSDB GO send probe request
2037 * more frequently. Probe request will be stopped when it gets
2038 * probe response from target AP/GO.
2040 ext_join_params->scan_le.nprobes =
2041 cpu_to_le32(BRCMF_SCAN_JOIN_ACTIVE_DWELL_TIME_MS /
2042 BRCMF_SCAN_JOIN_PROBE_INTERVAL_MS);
2044 ext_join_params->scan_le.active_time = cpu_to_le32(-1);
2045 ext_join_params->scan_le.passive_time = cpu_to_le32(-1);
2046 ext_join_params->scan_le.nprobes = cpu_to_le32(-1);
2049 brcmf_set_join_pref(ifp, &sme->bss_select);
2051 err = brcmf_fil_bsscfg_data_set(ifp, "join", ext_join_params,
2053 kfree(ext_join_params);
2055 /* This is it. join command worked, we are done */
2058 /* join command failed, fallback to set ssid */
2059 memset(&join_params, 0, sizeof(join_params));
2060 join_params_size = sizeof(join_params.ssid_le);
2062 memcpy(&join_params.ssid_le.SSID, sme->ssid, ssid_len);
2063 join_params.ssid_le.SSID_len = cpu_to_le32(ssid_len);
2066 memcpy(join_params.params_le.bssid, sme->bssid, ETH_ALEN);
2068 eth_broadcast_addr(join_params.params_le.bssid);
2071 join_params.params_le.chanspec_list[0] = cpu_to_le16(chanspec);
2072 join_params.params_le.chanspec_num = cpu_to_le32(1);
2073 join_params_size += sizeof(join_params.params_le);
2075 err = brcmf_fil_cmd_data_set(ifp, BRCMF_C_SET_SSID,
2076 &join_params, join_params_size);
2078 bphy_err(drvr, "BRCMF_C_SET_SSID failed (%d)\n", err);
2082 clear_bit(BRCMF_VIF_STATUS_CONNECTING, &ifp->vif->sme_state);
2083 brcmf_dbg(TRACE, "Exit\n");
2088 brcmf_cfg80211_disconnect(struct wiphy *wiphy, struct net_device *ndev,
2091 struct brcmf_cfg80211_info *cfg = wiphy_to_cfg(wiphy);
2092 struct brcmf_if *ifp = netdev_priv(ndev);
2093 struct brcmf_cfg80211_profile *profile = &ifp->vif->profile;
2094 struct brcmf_pub *drvr = cfg->pub;
2095 struct brcmf_scb_val_le scbval;
2098 brcmf_dbg(TRACE, "Enter. Reason code = %d\n", reason_code);
2099 if (!check_vif_up(ifp->vif))
2102 clear_bit(BRCMF_VIF_STATUS_CONNECTED, &ifp->vif->sme_state);
2103 clear_bit(BRCMF_VIF_STATUS_CONNECTING, &ifp->vif->sme_state);
2104 cfg80211_disconnected(ndev, reason_code, NULL, 0, true, GFP_KERNEL);
2106 memcpy(&scbval.ea, &profile->bssid, ETH_ALEN);
2107 scbval.val = cpu_to_le32(reason_code);
2108 err = brcmf_fil_cmd_data_set(ifp, BRCMF_C_DISASSOC,
2109 &scbval, sizeof(scbval));
2111 bphy_err(drvr, "error (%d)\n", err);
2113 brcmf_dbg(TRACE, "Exit\n");
2118 brcmf_cfg80211_set_tx_power(struct wiphy *wiphy, struct wireless_dev *wdev,
2119 enum nl80211_tx_power_setting type, s32 mbm)
2121 struct brcmf_cfg80211_info *cfg = wiphy_to_cfg(wiphy);
2122 struct net_device *ndev = cfg_to_ndev(cfg);
2123 struct brcmf_if *ifp = netdev_priv(ndev);
2124 struct brcmf_pub *drvr = cfg->pub;
2129 brcmf_dbg(TRACE, "Enter %d %d\n", type, mbm);
2130 if (!check_vif_up(ifp->vif))
2134 case NL80211_TX_POWER_AUTOMATIC:
2136 case NL80211_TX_POWER_LIMITED:
2137 case NL80211_TX_POWER_FIXED:
2139 bphy_err(drvr, "TX_POWER_FIXED - dbm is negative\n");
2143 qdbm = MBM_TO_DBM(4 * mbm);
2146 qdbm |= WL_TXPWR_OVERRIDE;
2149 bphy_err(drvr, "Unsupported type %d\n", type);
2153 /* Make sure radio is off or on as far as software is concerned */
2154 disable = WL_RADIO_SW_DISABLE << 16;
2155 err = brcmf_fil_cmd_int_set(ifp, BRCMF_C_SET_RADIO, disable);
2157 bphy_err(drvr, "WLC_SET_RADIO error (%d)\n", err);
2159 err = brcmf_fil_iovar_int_set(ifp, "qtxpower", qdbm);
2161 bphy_err(drvr, "qtxpower error (%d)\n", err);
2164 brcmf_dbg(TRACE, "Exit %d (qdbm)\n", qdbm & ~WL_TXPWR_OVERRIDE);
2169 brcmf_cfg80211_get_tx_power(struct wiphy *wiphy, struct wireless_dev *wdev,
2172 struct brcmf_cfg80211_info *cfg = wiphy_to_cfg(wiphy);
2173 struct brcmf_cfg80211_vif *vif = wdev_to_vif(wdev);
2174 struct brcmf_pub *drvr = cfg->pub;
2178 brcmf_dbg(TRACE, "Enter\n");
2179 if (!check_vif_up(vif))
2182 err = brcmf_fil_iovar_int_get(vif->ifp, "qtxpower", &qdbm);
2184 bphy_err(drvr, "error (%d)\n", err);
2187 *dbm = (qdbm & ~WL_TXPWR_OVERRIDE) / 4;
2190 brcmf_dbg(TRACE, "Exit (0x%x %d)\n", qdbm, *dbm);
2195 brcmf_cfg80211_config_default_key(struct wiphy *wiphy, struct net_device *ndev,
2196 u8 key_idx, bool unicast, bool multicast)
2198 struct brcmf_if *ifp = netdev_priv(ndev);
2199 struct brcmf_pub *drvr = ifp->drvr;
2204 brcmf_dbg(TRACE, "Enter\n");
2205 brcmf_dbg(CONN, "key index (%d)\n", key_idx);
2206 if (!check_vif_up(ifp->vif))
2209 err = brcmf_fil_bsscfg_int_get(ifp, "wsec", &wsec);
2211 bphy_err(drvr, "WLC_GET_WSEC error (%d)\n", err);
2215 if (wsec & WEP_ENABLED) {
2216 /* Just select a new current key */
2218 err = brcmf_fil_cmd_int_set(ifp,
2219 BRCMF_C_SET_KEY_PRIMARY, index);
2221 bphy_err(drvr, "error (%d)\n", err);
2224 brcmf_dbg(TRACE, "Exit\n");
2229 brcmf_cfg80211_del_key(struct wiphy *wiphy, struct net_device *ndev,
2230 u8 key_idx, bool pairwise, const u8 *mac_addr)
2232 struct brcmf_if *ifp = netdev_priv(ndev);
2233 struct brcmf_wsec_key *key;
2236 brcmf_dbg(TRACE, "Enter\n");
2237 brcmf_dbg(CONN, "key index (%d)\n", key_idx);
2239 if (!check_vif_up(ifp->vif))
2242 if (key_idx >= BRCMF_MAX_DEFAULT_KEYS) {
2243 /* we ignore this key index in this case */
2247 key = &ifp->vif->profile.key[key_idx];
2249 if (key->algo == CRYPTO_ALGO_OFF) {
2250 brcmf_dbg(CONN, "Ignore clearing of (never configured) key\n");
2254 memset(key, 0, sizeof(*key));
2255 key->index = (u32)key_idx;
2256 key->flags = BRCMF_PRIMARY_KEY;
2258 /* Clear the key/index */
2259 err = send_key_to_dongle(ifp, key);
2261 brcmf_dbg(TRACE, "Exit\n");
2266 brcmf_cfg80211_add_key(struct wiphy *wiphy, struct net_device *ndev,
2267 u8 key_idx, bool pairwise, const u8 *mac_addr,
2268 struct key_params *params)
2270 struct brcmf_cfg80211_info *cfg = wiphy_to_cfg(wiphy);
2271 struct brcmf_if *ifp = netdev_priv(ndev);
2272 struct brcmf_pub *drvr = cfg->pub;
2273 struct brcmf_wsec_key *key;
2280 brcmf_dbg(TRACE, "Enter\n");
2281 brcmf_dbg(CONN, "key index (%d)\n", key_idx);
2282 if (!check_vif_up(ifp->vif))
2285 if (key_idx >= BRCMF_MAX_DEFAULT_KEYS) {
2286 /* we ignore this key index in this case */
2287 bphy_err(drvr, "invalid key index (%d)\n", key_idx);
2291 if (params->key_len == 0)
2292 return brcmf_cfg80211_del_key(wiphy, ndev, key_idx, pairwise,
2295 if (params->key_len > sizeof(key->data)) {
2296 bphy_err(drvr, "Too long key length (%u)\n", params->key_len);
2301 if (mac_addr && (params->cipher != WLAN_CIPHER_SUITE_WEP40) &&
2302 (params->cipher != WLAN_CIPHER_SUITE_WEP104)) {
2303 brcmf_dbg(TRACE, "Ext key, mac %pM", mac_addr);
2307 key = &ifp->vif->profile.key[key_idx];
2308 memset(key, 0, sizeof(*key));
2309 if ((ext_key) && (!is_multicast_ether_addr(mac_addr)))
2310 memcpy((char *)&key->ea, (void *)mac_addr, ETH_ALEN);
2311 key->len = params->key_len;
2312 key->index = key_idx;
2313 memcpy(key->data, params->key, key->len);
2315 key->flags = BRCMF_PRIMARY_KEY;
2317 switch (params->cipher) {
2318 case WLAN_CIPHER_SUITE_WEP40:
2319 key->algo = CRYPTO_ALGO_WEP1;
2321 brcmf_dbg(CONN, "WLAN_CIPHER_SUITE_WEP40\n");
2323 case WLAN_CIPHER_SUITE_WEP104:
2324 key->algo = CRYPTO_ALGO_WEP128;
2326 brcmf_dbg(CONN, "WLAN_CIPHER_SUITE_WEP104\n");
2328 case WLAN_CIPHER_SUITE_TKIP:
2329 if (!brcmf_is_apmode(ifp->vif)) {
2330 brcmf_dbg(CONN, "Swapping RX/TX MIC key\n");
2331 memcpy(keybuf, &key->data[24], sizeof(keybuf));
2332 memcpy(&key->data[24], &key->data[16], sizeof(keybuf));
2333 memcpy(&key->data[16], keybuf, sizeof(keybuf));
2335 key->algo = CRYPTO_ALGO_TKIP;
2337 brcmf_dbg(CONN, "WLAN_CIPHER_SUITE_TKIP\n");
2339 case WLAN_CIPHER_SUITE_AES_CMAC:
2340 key->algo = CRYPTO_ALGO_AES_CCM;
2342 brcmf_dbg(CONN, "WLAN_CIPHER_SUITE_AES_CMAC\n");
2344 case WLAN_CIPHER_SUITE_CCMP:
2345 key->algo = CRYPTO_ALGO_AES_CCM;
2347 brcmf_dbg(CONN, "WLAN_CIPHER_SUITE_CCMP\n");
2350 bphy_err(drvr, "Invalid cipher (0x%x)\n", params->cipher);
2355 err = send_key_to_dongle(ifp, key);
2359 err = brcmf_fil_bsscfg_int_get(ifp, "wsec", &wsec);
2361 bphy_err(drvr, "get wsec error (%d)\n", err);
2365 err = brcmf_fil_bsscfg_int_set(ifp, "wsec", wsec);
2367 bphy_err(drvr, "set wsec error (%d)\n", err);
2372 brcmf_dbg(TRACE, "Exit\n");
2377 brcmf_cfg80211_get_key(struct wiphy *wiphy, struct net_device *ndev, u8 key_idx,
2378 bool pairwise, const u8 *mac_addr, void *cookie,
2379 void (*callback)(void *cookie,
2380 struct key_params *params))
2382 struct brcmf_cfg80211_info *cfg = wiphy_to_cfg(wiphy);
2383 struct key_params params;
2384 struct brcmf_if *ifp = netdev_priv(ndev);
2385 struct brcmf_cfg80211_profile *profile = &ifp->vif->profile;
2386 struct brcmf_pub *drvr = cfg->pub;
2387 struct brcmf_cfg80211_security *sec;
2391 brcmf_dbg(TRACE, "Enter\n");
2392 brcmf_dbg(CONN, "key index (%d)\n", key_idx);
2393 if (!check_vif_up(ifp->vif))
2396 memset(¶ms, 0, sizeof(params));
2398 err = brcmf_fil_bsscfg_int_get(ifp, "wsec", &wsec);
2400 bphy_err(drvr, "WLC_GET_WSEC error (%d)\n", err);
2401 /* Ignore this error, may happen during DISASSOC */
2405 if (wsec & WEP_ENABLED) {
2406 sec = &profile->sec;
2407 if (sec->cipher_pairwise & WLAN_CIPHER_SUITE_WEP40) {
2408 params.cipher = WLAN_CIPHER_SUITE_WEP40;
2409 brcmf_dbg(CONN, "WLAN_CIPHER_SUITE_WEP40\n");
2410 } else if (sec->cipher_pairwise & WLAN_CIPHER_SUITE_WEP104) {
2411 params.cipher = WLAN_CIPHER_SUITE_WEP104;
2412 brcmf_dbg(CONN, "WLAN_CIPHER_SUITE_WEP104\n");
2414 } else if (wsec & TKIP_ENABLED) {
2415 params.cipher = WLAN_CIPHER_SUITE_TKIP;
2416 brcmf_dbg(CONN, "WLAN_CIPHER_SUITE_TKIP\n");
2417 } else if (wsec & AES_ENABLED) {
2418 params.cipher = WLAN_CIPHER_SUITE_AES_CMAC;
2419 brcmf_dbg(CONN, "WLAN_CIPHER_SUITE_AES_CMAC\n");
2421 bphy_err(drvr, "Invalid algo (0x%x)\n", wsec);
2425 callback(cookie, ¶ms);
2428 brcmf_dbg(TRACE, "Exit\n");
2433 brcmf_cfg80211_config_default_mgmt_key(struct wiphy *wiphy,
2434 struct net_device *ndev, u8 key_idx)
2436 struct brcmf_if *ifp = netdev_priv(ndev);
2438 brcmf_dbg(TRACE, "Enter key_idx %d\n", key_idx);
2440 if (brcmf_feat_is_enabled(ifp, BRCMF_FEAT_MFP))
2443 brcmf_dbg(INFO, "Not supported\n");
2449 brcmf_cfg80211_reconfigure_wep(struct brcmf_if *ifp)
2451 struct brcmf_pub *drvr = ifp->drvr;
2454 struct brcmf_wsec_key *key;
2457 for (key_idx = 0; key_idx < BRCMF_MAX_DEFAULT_KEYS; key_idx++) {
2458 key = &ifp->vif->profile.key[key_idx];
2459 if ((key->algo == CRYPTO_ALGO_WEP1) ||
2460 (key->algo == CRYPTO_ALGO_WEP128))
2463 if (key_idx == BRCMF_MAX_DEFAULT_KEYS)
2466 err = send_key_to_dongle(ifp, key);
2468 bphy_err(drvr, "Setting WEP key failed (%d)\n", err);
2471 err = brcmf_fil_bsscfg_int_get(ifp, "wsec", &wsec);
2473 bphy_err(drvr, "get wsec error (%d)\n", err);
2476 wsec |= WEP_ENABLED;
2477 err = brcmf_fil_bsscfg_int_set(ifp, "wsec", wsec);
2479 bphy_err(drvr, "set wsec error (%d)\n", err);
2482 static void brcmf_convert_sta_flags(u32 fw_sta_flags, struct station_info *si)
2484 struct nl80211_sta_flag_update *sfu;
2486 brcmf_dbg(TRACE, "flags %08x\n", fw_sta_flags);
2487 si->filled |= BIT_ULL(NL80211_STA_INFO_STA_FLAGS);
2488 sfu = &si->sta_flags;
2489 sfu->mask = BIT(NL80211_STA_FLAG_WME) |
2490 BIT(NL80211_STA_FLAG_AUTHENTICATED) |
2491 BIT(NL80211_STA_FLAG_ASSOCIATED) |
2492 BIT(NL80211_STA_FLAG_AUTHORIZED);
2493 if (fw_sta_flags & BRCMF_STA_WME)
2494 sfu->set |= BIT(NL80211_STA_FLAG_WME);
2495 if (fw_sta_flags & BRCMF_STA_AUTHE)
2496 sfu->set |= BIT(NL80211_STA_FLAG_AUTHENTICATED);
2497 if (fw_sta_flags & BRCMF_STA_ASSOC)
2498 sfu->set |= BIT(NL80211_STA_FLAG_ASSOCIATED);
2499 if (fw_sta_flags & BRCMF_STA_AUTHO)
2500 sfu->set |= BIT(NL80211_STA_FLAG_AUTHORIZED);
2503 static void brcmf_fill_bss_param(struct brcmf_if *ifp, struct station_info *si)
2505 struct brcmf_pub *drvr = ifp->drvr;
2508 struct brcmf_bss_info_le bss_le;
2513 buf = kzalloc(WL_BSS_INFO_MAX, GFP_KERNEL);
2517 buf->len = cpu_to_le32(WL_BSS_INFO_MAX);
2518 err = brcmf_fil_cmd_data_get(ifp, BRCMF_C_GET_BSS_INFO, buf,
2521 bphy_err(drvr, "Failed to get bss info (%d)\n", err);
2524 si->filled |= BIT_ULL(NL80211_STA_INFO_BSS_PARAM);
2525 si->bss_param.beacon_interval = le16_to_cpu(buf->bss_le.beacon_period);
2526 si->bss_param.dtim_period = buf->bss_le.dtim_period;
2527 capability = le16_to_cpu(buf->bss_le.capability);
2528 if (capability & IEEE80211_HT_STBC_PARAM_DUAL_CTS_PROT)
2529 si->bss_param.flags |= BSS_PARAM_FLAGS_CTS_PROT;
2530 if (capability & WLAN_CAPABILITY_SHORT_PREAMBLE)
2531 si->bss_param.flags |= BSS_PARAM_FLAGS_SHORT_PREAMBLE;
2532 if (capability & WLAN_CAPABILITY_SHORT_SLOT_TIME)
2533 si->bss_param.flags |= BSS_PARAM_FLAGS_SHORT_SLOT_TIME;
2540 brcmf_cfg80211_get_station_ibss(struct brcmf_if *ifp,
2541 struct station_info *sinfo)
2543 struct brcmf_pub *drvr = ifp->drvr;
2544 struct brcmf_scb_val_le scbval;
2545 struct brcmf_pktcnt_le pktcnt;
2550 /* Get the current tx rate */
2551 err = brcmf_fil_cmd_int_get(ifp, BRCMF_C_GET_RATE, &rate);
2553 bphy_err(drvr, "BRCMF_C_GET_RATE error (%d)\n", err);
2556 sinfo->filled |= BIT_ULL(NL80211_STA_INFO_TX_BITRATE);
2557 sinfo->txrate.legacy = rate * 5;
2559 memset(&scbval, 0, sizeof(scbval));
2560 err = brcmf_fil_cmd_data_get(ifp, BRCMF_C_GET_RSSI, &scbval,
2563 bphy_err(drvr, "BRCMF_C_GET_RSSI error (%d)\n", err);
2566 rssi = le32_to_cpu(scbval.val);
2567 sinfo->filled |= BIT_ULL(NL80211_STA_INFO_SIGNAL);
2568 sinfo->signal = rssi;
2570 err = brcmf_fil_cmd_data_get(ifp, BRCMF_C_GET_GET_PKTCNTS, &pktcnt,
2573 bphy_err(drvr, "BRCMF_C_GET_GET_PKTCNTS error (%d)\n", err);
2576 sinfo->filled |= BIT_ULL(NL80211_STA_INFO_RX_PACKETS) |
2577 BIT_ULL(NL80211_STA_INFO_RX_DROP_MISC) |
2578 BIT_ULL(NL80211_STA_INFO_TX_PACKETS) |
2579 BIT_ULL(NL80211_STA_INFO_TX_FAILED);
2580 sinfo->rx_packets = le32_to_cpu(pktcnt.rx_good_pkt);
2581 sinfo->rx_dropped_misc = le32_to_cpu(pktcnt.rx_bad_pkt);
2582 sinfo->tx_packets = le32_to_cpu(pktcnt.tx_good_pkt);
2583 sinfo->tx_failed = le32_to_cpu(pktcnt.tx_bad_pkt);
2589 brcmf_cfg80211_get_station(struct wiphy *wiphy, struct net_device *ndev,
2590 const u8 *mac, struct station_info *sinfo)
2592 struct brcmf_cfg80211_info *cfg = wiphy_to_cfg(wiphy);
2593 struct brcmf_if *ifp = netdev_priv(ndev);
2594 struct brcmf_pub *drvr = cfg->pub;
2595 struct brcmf_scb_val_le scb_val;
2597 struct brcmf_sta_info_le sta_info_le;
2605 brcmf_dbg(TRACE, "Enter, MAC %pM\n", mac);
2606 if (!check_vif_up(ifp->vif))
2609 if (brcmf_is_ibssmode(ifp->vif))
2610 return brcmf_cfg80211_get_station_ibss(ifp, sinfo);
2612 memset(&sta_info_le, 0, sizeof(sta_info_le));
2613 memcpy(&sta_info_le, mac, ETH_ALEN);
2614 err = brcmf_fil_iovar_data_get(ifp, "tdls_sta_info",
2616 sizeof(sta_info_le));
2617 is_tdls_peer = !err;
2619 err = brcmf_fil_iovar_data_get(ifp, "sta_info",
2621 sizeof(sta_info_le));
2623 bphy_err(drvr, "GET STA INFO failed, %d\n", err);
2627 brcmf_dbg(TRACE, "version %d\n", le16_to_cpu(sta_info_le.ver));
2628 sinfo->filled = BIT_ULL(NL80211_STA_INFO_INACTIVE_TIME);
2629 sinfo->inactive_time = le32_to_cpu(sta_info_le.idle) * 1000;
2630 sta_flags = le32_to_cpu(sta_info_le.flags);
2631 brcmf_convert_sta_flags(sta_flags, sinfo);
2632 sinfo->sta_flags.mask |= BIT(NL80211_STA_FLAG_TDLS_PEER);
2634 sinfo->sta_flags.set |= BIT(NL80211_STA_FLAG_TDLS_PEER);
2636 sinfo->sta_flags.set &= ~BIT(NL80211_STA_FLAG_TDLS_PEER);
2637 if (sta_flags & BRCMF_STA_ASSOC) {
2638 sinfo->filled |= BIT_ULL(NL80211_STA_INFO_CONNECTED_TIME);
2639 sinfo->connected_time = le32_to_cpu(sta_info_le.in);
2640 brcmf_fill_bss_param(ifp, sinfo);
2642 if (sta_flags & BRCMF_STA_SCBSTATS) {
2643 sinfo->filled |= BIT_ULL(NL80211_STA_INFO_TX_FAILED);
2644 sinfo->tx_failed = le32_to_cpu(sta_info_le.tx_failures);
2645 sinfo->filled |= BIT_ULL(NL80211_STA_INFO_TX_PACKETS);
2646 sinfo->tx_packets = le32_to_cpu(sta_info_le.tx_pkts);
2647 sinfo->tx_packets += le32_to_cpu(sta_info_le.tx_mcast_pkts);
2648 sinfo->filled |= BIT_ULL(NL80211_STA_INFO_RX_PACKETS);
2649 sinfo->rx_packets = le32_to_cpu(sta_info_le.rx_ucast_pkts);
2650 sinfo->rx_packets += le32_to_cpu(sta_info_le.rx_mcast_pkts);
2651 if (sinfo->tx_packets) {
2652 sinfo->filled |= BIT_ULL(NL80211_STA_INFO_TX_BITRATE);
2653 sinfo->txrate.legacy =
2654 le32_to_cpu(sta_info_le.tx_rate) / 100;
2656 if (sinfo->rx_packets) {
2657 sinfo->filled |= BIT_ULL(NL80211_STA_INFO_RX_BITRATE);
2658 sinfo->rxrate.legacy =
2659 le32_to_cpu(sta_info_le.rx_rate) / 100;
2661 if (le16_to_cpu(sta_info_le.ver) >= 4) {
2662 sinfo->filled |= BIT_ULL(NL80211_STA_INFO_TX_BYTES);
2663 sinfo->tx_bytes = le64_to_cpu(sta_info_le.tx_tot_bytes);
2664 sinfo->filled |= BIT_ULL(NL80211_STA_INFO_RX_BYTES);
2665 sinfo->rx_bytes = le64_to_cpu(sta_info_le.rx_tot_bytes);
2669 for (i = 0; i < BRCMF_ANT_MAX; i++) {
2670 if (sta_info_le.rssi[i]) {
2671 sinfo->chain_signal_avg[count_rssi] =
2672 sta_info_le.rssi[i];
2673 sinfo->chain_signal[count_rssi] =
2674 sta_info_le.rssi[i];
2675 total_rssi += sta_info_le.rssi[i];
2680 sinfo->filled |= BIT_ULL(NL80211_STA_INFO_CHAIN_SIGNAL);
2681 sinfo->chains = count_rssi;
2683 sinfo->filled |= BIT_ULL(NL80211_STA_INFO_SIGNAL);
2684 total_rssi /= count_rssi;
2685 sinfo->signal = total_rssi;
2686 } else if (test_bit(BRCMF_VIF_STATUS_CONNECTED,
2687 &ifp->vif->sme_state)) {
2688 memset(&scb_val, 0, sizeof(scb_val));
2689 err = brcmf_fil_cmd_data_get(ifp, BRCMF_C_GET_RSSI,
2690 &scb_val, sizeof(scb_val));
2692 bphy_err(drvr, "Could not get rssi (%d)\n",
2696 rssi = le32_to_cpu(scb_val.val);
2697 sinfo->filled |= BIT_ULL(NL80211_STA_INFO_SIGNAL);
2698 sinfo->signal = rssi;
2699 brcmf_dbg(CONN, "RSSI %d dBm\n", rssi);
2704 brcmf_dbg(TRACE, "Exit\n");
2709 brcmf_cfg80211_dump_station(struct wiphy *wiphy, struct net_device *ndev,
2710 int idx, u8 *mac, struct station_info *sinfo)
2712 struct brcmf_cfg80211_info *cfg = wiphy_to_cfg(wiphy);
2713 struct brcmf_if *ifp = netdev_priv(ndev);
2714 struct brcmf_pub *drvr = cfg->pub;
2717 brcmf_dbg(TRACE, "Enter, idx %d\n", idx);
2720 cfg->assoclist.count = cpu_to_le32(BRCMF_MAX_ASSOCLIST);
2721 err = brcmf_fil_cmd_data_get(ifp, BRCMF_C_GET_ASSOCLIST,
2723 sizeof(cfg->assoclist));
2725 bphy_err(drvr, "BRCMF_C_GET_ASSOCLIST unsupported, err=%d\n",
2727 cfg->assoclist.count = 0;
2731 if (idx < le32_to_cpu(cfg->assoclist.count)) {
2732 memcpy(mac, cfg->assoclist.mac[idx], ETH_ALEN);
2733 return brcmf_cfg80211_get_station(wiphy, ndev, mac, sinfo);
2739 brcmf_cfg80211_set_power_mgmt(struct wiphy *wiphy, struct net_device *ndev,
2740 bool enabled, s32 timeout)
2744 struct brcmf_cfg80211_info *cfg = wiphy_to_cfg(wiphy);
2745 struct brcmf_if *ifp = netdev_priv(ndev);
2746 struct brcmf_pub *drvr = cfg->pub;
2748 brcmf_dbg(TRACE, "Enter\n");
2751 * Powersave enable/disable request is coming from the
2752 * cfg80211 even before the interface is up. In that
2753 * scenario, driver will be storing the power save
2754 * preference in cfg struct to apply this to
2755 * FW later while initializing the dongle
2757 cfg->pwr_save = enabled;
2758 if (!check_vif_up(ifp->vif)) {
2760 brcmf_dbg(INFO, "Device is not ready, storing the value in cfg_info struct\n");
2764 pm = enabled ? PM_FAST : PM_OFF;
2765 /* Do not enable the power save after assoc if it is a p2p interface */
2766 if (ifp->vif->wdev.iftype == NL80211_IFTYPE_P2P_CLIENT) {
2767 brcmf_dbg(INFO, "Do not enable power save for P2P clients\n");
2770 brcmf_dbg(INFO, "power save %s\n", (pm ? "enabled" : "disabled"));
2772 err = brcmf_fil_cmd_int_set(ifp, BRCMF_C_SET_PM, pm);
2775 bphy_err(drvr, "net_device is not ready yet\n");
2777 bphy_err(drvr, "error (%d)\n", err);
2780 brcmf_dbg(TRACE, "Exit\n");
2784 static s32 brcmf_inform_single_bss(struct brcmf_cfg80211_info *cfg,
2785 struct brcmf_bss_info_le *bi)
2787 struct wiphy *wiphy = cfg_to_wiphy(cfg);
2788 struct brcmf_pub *drvr = cfg->pub;
2789 struct cfg80211_bss *bss;
2790 enum nl80211_band band;
2791 struct brcmu_chan ch;
2794 u16 notify_capability;
2795 u16 notify_interval;
2797 size_t notify_ielen;
2798 struct cfg80211_inform_bss bss_data = {};
2800 if (le32_to_cpu(bi->length) > WL_BSS_INFO_MAX) {
2801 bphy_err(drvr, "Bss info is larger than buffer. Discarding\n");
2806 ch.chspec = le16_to_cpu(bi->chanspec);
2807 cfg->d11inf.decchspec(&ch);
2808 bi->ctl_ch = ch.control_ch_num;
2810 channel = bi->ctl_ch;
2812 if (channel <= CH_MAX_2G_CHANNEL)
2813 band = NL80211_BAND_2GHZ;
2815 band = NL80211_BAND_5GHZ;
2817 freq = ieee80211_channel_to_frequency(channel, band);
2818 bss_data.chan = ieee80211_get_channel(wiphy, freq);
2819 bss_data.scan_width = NL80211_BSS_CHAN_WIDTH_20;
2820 bss_data.boottime_ns = ktime_to_ns(ktime_get_boottime());
2822 notify_capability = le16_to_cpu(bi->capability);
2823 notify_interval = le16_to_cpu(bi->beacon_period);
2824 notify_ie = (u8 *)bi + le16_to_cpu(bi->ie_offset);
2825 notify_ielen = le32_to_cpu(bi->ie_length);
2826 bss_data.signal = (s16)le16_to_cpu(bi->RSSI) * 100;
2828 brcmf_dbg(CONN, "bssid: %pM\n", bi->BSSID);
2829 brcmf_dbg(CONN, "Channel: %d(%d)\n", channel, freq);
2830 brcmf_dbg(CONN, "Capability: %X\n", notify_capability);
2831 brcmf_dbg(CONN, "Beacon interval: %d\n", notify_interval);
2832 brcmf_dbg(CONN, "Signal: %d\n", bss_data.signal);
2834 bss = cfg80211_inform_bss_data(wiphy, &bss_data,
2835 CFG80211_BSS_FTYPE_UNKNOWN,
2836 (const u8 *)bi->BSSID,
2837 0, notify_capability,
2838 notify_interval, notify_ie,
2839 notify_ielen, GFP_KERNEL);
2844 cfg80211_put_bss(wiphy, bss);
2849 static struct brcmf_bss_info_le *
2850 next_bss_le(struct brcmf_scan_results *list, struct brcmf_bss_info_le *bss)
2853 return list->bss_info_le;
2854 return (struct brcmf_bss_info_le *)((unsigned long)bss +
2855 le32_to_cpu(bss->length));
2858 static s32 brcmf_inform_bss(struct brcmf_cfg80211_info *cfg)
2860 struct brcmf_pub *drvr = cfg->pub;
2861 struct brcmf_scan_results *bss_list;
2862 struct brcmf_bss_info_le *bi = NULL; /* must be initialized */
2866 bss_list = (struct brcmf_scan_results *)cfg->escan_info.escan_buf;
2867 if (bss_list->count != 0 &&
2868 bss_list->version != BRCMF_BSS_INFO_VERSION) {
2869 bphy_err(drvr, "Version %d != WL_BSS_INFO_VERSION\n",
2873 brcmf_dbg(SCAN, "scanned AP count (%d)\n", bss_list->count);
2874 for (i = 0; i < bss_list->count; i++) {
2875 bi = next_bss_le(bss_list, bi);
2876 err = brcmf_inform_single_bss(cfg, bi);
2883 static s32 brcmf_inform_ibss(struct brcmf_cfg80211_info *cfg,
2884 struct net_device *ndev, const u8 *bssid)
2886 struct wiphy *wiphy = cfg_to_wiphy(cfg);
2887 struct brcmf_pub *drvr = cfg->pub;
2888 struct ieee80211_channel *notify_channel;
2889 struct brcmf_bss_info_le *bi = NULL;
2890 struct ieee80211_supported_band *band;
2891 struct cfg80211_bss *bss;
2892 struct brcmu_chan ch;
2896 u16 notify_capability;
2897 u16 notify_interval;
2899 size_t notify_ielen;
2902 brcmf_dbg(TRACE, "Enter\n");
2904 buf = kzalloc(WL_BSS_INFO_MAX, GFP_KERNEL);
2910 *(__le32 *)buf = cpu_to_le32(WL_BSS_INFO_MAX);
2912 err = brcmf_fil_cmd_data_get(netdev_priv(ndev), BRCMF_C_GET_BSS_INFO,
2913 buf, WL_BSS_INFO_MAX);
2915 bphy_err(drvr, "WLC_GET_BSS_INFO failed: %d\n", err);
2919 bi = (struct brcmf_bss_info_le *)(buf + 4);
2921 ch.chspec = le16_to_cpu(bi->chanspec);
2922 cfg->d11inf.decchspec(&ch);
2924 if (ch.band == BRCMU_CHAN_BAND_2G)
2925 band = wiphy->bands[NL80211_BAND_2GHZ];
2927 band = wiphy->bands[NL80211_BAND_5GHZ];
2929 freq = ieee80211_channel_to_frequency(ch.control_ch_num, band->band);
2930 cfg->channel = freq;
2931 notify_channel = ieee80211_get_channel(wiphy, freq);
2933 notify_capability = le16_to_cpu(bi->capability);
2934 notify_interval = le16_to_cpu(bi->beacon_period);
2935 notify_ie = (u8 *)bi + le16_to_cpu(bi->ie_offset);
2936 notify_ielen = le32_to_cpu(bi->ie_length);
2937 notify_signal = (s16)le16_to_cpu(bi->RSSI) * 100;
2939 brcmf_dbg(CONN, "channel: %d(%d)\n", ch.control_ch_num, freq);
2940 brcmf_dbg(CONN, "capability: %X\n", notify_capability);
2941 brcmf_dbg(CONN, "beacon interval: %d\n", notify_interval);
2942 brcmf_dbg(CONN, "signal: %d\n", notify_signal);
2944 bss = cfg80211_inform_bss(wiphy, notify_channel,
2945 CFG80211_BSS_FTYPE_UNKNOWN, bssid, 0,
2946 notify_capability, notify_interval,
2947 notify_ie, notify_ielen, notify_signal,
2955 cfg80211_put_bss(wiphy, bss);
2961 brcmf_dbg(TRACE, "Exit\n");
2966 static s32 brcmf_update_bss_info(struct brcmf_cfg80211_info *cfg,
2967 struct brcmf_if *ifp)
2969 struct brcmf_pub *drvr = cfg->pub;
2970 struct brcmf_bss_info_le *bi;
2971 const struct brcmf_tlv *tim;
2972 u16 beacon_interval;
2978 brcmf_dbg(TRACE, "Enter\n");
2979 if (brcmf_is_ibssmode(ifp->vif))
2982 *(__le32 *)cfg->extra_buf = cpu_to_le32(WL_EXTRA_BUF_MAX);
2983 err = brcmf_fil_cmd_data_get(ifp, BRCMF_C_GET_BSS_INFO,
2984 cfg->extra_buf, WL_EXTRA_BUF_MAX);
2986 bphy_err(drvr, "Could not get bss info %d\n", err);
2987 goto update_bss_info_out;
2990 bi = (struct brcmf_bss_info_le *)(cfg->extra_buf + 4);
2991 err = brcmf_inform_single_bss(cfg, bi);
2993 goto update_bss_info_out;
2995 ie = ((u8 *)bi) + le16_to_cpu(bi->ie_offset);
2996 ie_len = le32_to_cpu(bi->ie_length);
2997 beacon_interval = le16_to_cpu(bi->beacon_period);
2999 tim = brcmf_parse_tlvs(ie, ie_len, WLAN_EID_TIM);
3001 dtim_period = tim->data[1];
3004 * active scan was done so we could not get dtim
3005 * information out of probe response.
3006 * so we speficially query dtim information to dongle.
3009 err = brcmf_fil_iovar_int_get(ifp, "dtim_assoc", &var);
3011 bphy_err(drvr, "wl dtim_assoc failed (%d)\n", err);
3012 goto update_bss_info_out;
3014 dtim_period = (u8)var;
3017 update_bss_info_out:
3018 brcmf_dbg(TRACE, "Exit");
3022 void brcmf_abort_scanning(struct brcmf_cfg80211_info *cfg)
3024 struct escan_info *escan = &cfg->escan_info;
3026 set_bit(BRCMF_SCAN_STATUS_ABORT, &cfg->scan_status);
3027 if (cfg->int_escan_map || cfg->scan_request) {
3028 escan->escan_state = WL_ESCAN_STATE_IDLE;
3029 brcmf_notify_escan_complete(cfg, escan->ifp, true, true);
3031 clear_bit(BRCMF_SCAN_STATUS_BUSY, &cfg->scan_status);
3032 clear_bit(BRCMF_SCAN_STATUS_ABORT, &cfg->scan_status);
3035 static void brcmf_cfg80211_escan_timeout_worker(struct work_struct *work)
3037 struct brcmf_cfg80211_info *cfg =
3038 container_of(work, struct brcmf_cfg80211_info,
3039 escan_timeout_work);
3041 brcmf_inform_bss(cfg);
3042 brcmf_notify_escan_complete(cfg, cfg->escan_info.ifp, true, true);
3045 static void brcmf_escan_timeout(struct timer_list *t)
3047 struct brcmf_cfg80211_info *cfg =
3048 from_timer(cfg, t, escan_timeout);
3049 struct brcmf_pub *drvr = cfg->pub;
3051 if (cfg->int_escan_map || cfg->scan_request) {
3052 bphy_err(drvr, "timer expired\n");
3053 schedule_work(&cfg->escan_timeout_work);
3058 brcmf_compare_update_same_bss(struct brcmf_cfg80211_info *cfg,
3059 struct brcmf_bss_info_le *bss,
3060 struct brcmf_bss_info_le *bss_info_le)
3062 struct brcmu_chan ch_bss, ch_bss_info_le;
3064 ch_bss.chspec = le16_to_cpu(bss->chanspec);
3065 cfg->d11inf.decchspec(&ch_bss);
3066 ch_bss_info_le.chspec = le16_to_cpu(bss_info_le->chanspec);
3067 cfg->d11inf.decchspec(&ch_bss_info_le);
3069 if (!memcmp(&bss_info_le->BSSID, &bss->BSSID, ETH_ALEN) &&
3070 ch_bss.band == ch_bss_info_le.band &&
3071 bss_info_le->SSID_len == bss->SSID_len &&
3072 !memcmp(bss_info_le->SSID, bss->SSID, bss_info_le->SSID_len)) {
3073 if ((bss->flags & BRCMF_BSS_RSSI_ON_CHANNEL) ==
3074 (bss_info_le->flags & BRCMF_BSS_RSSI_ON_CHANNEL)) {
3075 s16 bss_rssi = le16_to_cpu(bss->RSSI);
3076 s16 bss_info_rssi = le16_to_cpu(bss_info_le->RSSI);
3078 /* preserve max RSSI if the measurements are
3079 * both on-channel or both off-channel
3081 if (bss_info_rssi > bss_rssi)
3082 bss->RSSI = bss_info_le->RSSI;
3083 } else if ((bss->flags & BRCMF_BSS_RSSI_ON_CHANNEL) &&
3084 (bss_info_le->flags & BRCMF_BSS_RSSI_ON_CHANNEL) == 0) {
3085 /* preserve the on-channel rssi measurement
3086 * if the new measurement is off channel
3088 bss->RSSI = bss_info_le->RSSI;
3089 bss->flags |= BRCMF_BSS_RSSI_ON_CHANNEL;
3097 brcmf_cfg80211_escan_handler(struct brcmf_if *ifp,
3098 const struct brcmf_event_msg *e, void *data)
3100 struct brcmf_pub *drvr = ifp->drvr;
3101 struct brcmf_cfg80211_info *cfg = drvr->config;
3103 struct brcmf_escan_result_le *escan_result_le;
3105 struct brcmf_bss_info_le *bss_info_le;
3106 struct brcmf_bss_info_le *bss = NULL;
3108 struct brcmf_scan_results *list;
3114 if (status == BRCMF_E_STATUS_ABORT)
3117 if (!test_bit(BRCMF_SCAN_STATUS_BUSY, &cfg->scan_status)) {
3118 bphy_err(drvr, "scan not ready, bsscfgidx=%d\n",
3123 if (status == BRCMF_E_STATUS_PARTIAL) {
3124 brcmf_dbg(SCAN, "ESCAN Partial result\n");
3125 if (e->datalen < sizeof(*escan_result_le)) {
3126 bphy_err(drvr, "invalid event data length\n");
3129 escan_result_le = (struct brcmf_escan_result_le *) data;
3130 if (!escan_result_le) {
3131 bphy_err(drvr, "Invalid escan result (NULL pointer)\n");
3134 escan_buflen = le32_to_cpu(escan_result_le->buflen);
3135 if (escan_buflen > BRCMF_ESCAN_BUF_SIZE ||
3136 escan_buflen > e->datalen ||
3137 escan_buflen < sizeof(*escan_result_le)) {
3138 bphy_err(drvr, "Invalid escan buffer length: %d\n",
3142 if (le16_to_cpu(escan_result_le->bss_count) != 1) {
3143 bphy_err(drvr, "Invalid bss_count %d: ignoring\n",
3144 escan_result_le->bss_count);
3147 bss_info_le = &escan_result_le->bss_info_le;
3149 if (brcmf_p2p_scan_finding_common_channel(cfg, bss_info_le))
3152 if (!cfg->int_escan_map && !cfg->scan_request) {
3153 brcmf_dbg(SCAN, "result without cfg80211 request\n");
3157 bi_length = le32_to_cpu(bss_info_le->length);
3158 if (bi_length != escan_buflen - WL_ESCAN_RESULTS_FIXED_SIZE) {
3159 bphy_err(drvr, "Ignoring invalid bss_info length: %d\n",
3164 if (!(cfg_to_wiphy(cfg)->interface_modes &
3165 BIT(NL80211_IFTYPE_ADHOC))) {
3166 if (le16_to_cpu(bss_info_le->capability) &
3167 WLAN_CAPABILITY_IBSS) {
3168 bphy_err(drvr, "Ignoring IBSS result\n");
3173 list = (struct brcmf_scan_results *)
3174 cfg->escan_info.escan_buf;
3175 if (bi_length > BRCMF_ESCAN_BUF_SIZE - list->buflen) {
3176 bphy_err(drvr, "Buffer is too small: ignoring\n");
3180 for (i = 0; i < list->count; i++) {
3181 bss = bss ? (struct brcmf_bss_info_le *)
3182 ((unsigned char *)bss +
3183 le32_to_cpu(bss->length)) : list->bss_info_le;
3184 if (brcmf_compare_update_same_bss(cfg, bss,
3188 memcpy(&cfg->escan_info.escan_buf[list->buflen], bss_info_le,
3190 list->version = le32_to_cpu(bss_info_le->version);
3191 list->buflen += bi_length;
3194 cfg->escan_info.escan_state = WL_ESCAN_STATE_IDLE;
3195 if (brcmf_p2p_scan_finding_common_channel(cfg, NULL))
3197 if (cfg->int_escan_map || cfg->scan_request) {
3198 brcmf_inform_bss(cfg);
3199 aborted = status != BRCMF_E_STATUS_SUCCESS;
3200 brcmf_notify_escan_complete(cfg, ifp, aborted, false);
3202 brcmf_dbg(SCAN, "Ignored scan complete result 0x%x\n",
3209 static void brcmf_init_escan(struct brcmf_cfg80211_info *cfg)
3211 brcmf_fweh_register(cfg->pub, BRCMF_E_ESCAN_RESULT,
3212 brcmf_cfg80211_escan_handler);
3213 cfg->escan_info.escan_state = WL_ESCAN_STATE_IDLE;
3214 /* Init scan_timeout timer */
3215 timer_setup(&cfg->escan_timeout, brcmf_escan_timeout, 0);
3216 INIT_WORK(&cfg->escan_timeout_work,
3217 brcmf_cfg80211_escan_timeout_worker);
3220 static struct cfg80211_scan_request *
3221 brcmf_alloc_internal_escan_request(struct wiphy *wiphy, u32 n_netinfo) {
3222 struct cfg80211_scan_request *req;
3225 req_size = sizeof(*req) +
3226 n_netinfo * sizeof(req->channels[0]) +
3227 n_netinfo * sizeof(*req->ssids);
3229 req = kzalloc(req_size, GFP_KERNEL);
3232 req->ssids = (void *)(&req->channels[0]) +
3233 n_netinfo * sizeof(req->channels[0]);
3238 static int brcmf_internal_escan_add_info(struct cfg80211_scan_request *req,
3239 u8 *ssid, u8 ssid_len, u8 channel)
3241 struct ieee80211_channel *chan;
3242 enum nl80211_band band;
3245 if (channel <= CH_MAX_2G_CHANNEL)
3246 band = NL80211_BAND_2GHZ;
3248 band = NL80211_BAND_5GHZ;
3250 freq = ieee80211_channel_to_frequency(channel, band);
3254 chan = ieee80211_get_channel(req->wiphy, freq);
3258 for (i = 0; i < req->n_channels; i++) {
3259 if (req->channels[i] == chan)
3262 if (i == req->n_channels)
3263 req->channels[req->n_channels++] = chan;
3265 for (i = 0; i < req->n_ssids; i++) {
3266 if (req->ssids[i].ssid_len == ssid_len &&
3267 !memcmp(req->ssids[i].ssid, ssid, ssid_len))
3270 if (i == req->n_ssids) {
3271 memcpy(req->ssids[req->n_ssids].ssid, ssid, ssid_len);
3272 req->ssids[req->n_ssids++].ssid_len = ssid_len;
3277 static int brcmf_start_internal_escan(struct brcmf_if *ifp, u32 fwmap,
3278 struct cfg80211_scan_request *request)
3280 struct brcmf_cfg80211_info *cfg = ifp->drvr->config;
3283 if (test_bit(BRCMF_SCAN_STATUS_BUSY, &cfg->scan_status)) {
3284 if (cfg->int_escan_map)
3285 brcmf_dbg(SCAN, "aborting internal scan: map=%u\n",
3286 cfg->int_escan_map);
3287 /* Abort any on-going scan */
3288 brcmf_abort_scanning(cfg);
3291 brcmf_dbg(SCAN, "start internal scan: map=%u\n", fwmap);
3292 set_bit(BRCMF_SCAN_STATUS_BUSY, &cfg->scan_status);
3293 cfg->escan_info.run = brcmf_run_escan;
3294 err = brcmf_do_escan(ifp, request);
3296 clear_bit(BRCMF_SCAN_STATUS_BUSY, &cfg->scan_status);
3299 cfg->int_escan_map = fwmap;
3303 static struct brcmf_pno_net_info_le *
3304 brcmf_get_netinfo_array(struct brcmf_pno_scanresults_le *pfn_v1)
3306 struct brcmf_pno_scanresults_v2_le *pfn_v2;
3307 struct brcmf_pno_net_info_le *netinfo;
3309 switch (pfn_v1->version) {
3313 case cpu_to_le32(1):
3314 netinfo = (struct brcmf_pno_net_info_le *)(pfn_v1 + 1);
3316 case cpu_to_le32(2):
3317 pfn_v2 = (struct brcmf_pno_scanresults_v2_le *)pfn_v1;
3318 netinfo = (struct brcmf_pno_net_info_le *)(pfn_v2 + 1);
3325 /* PFN result doesn't have all the info which are required by the supplicant
3326 * (For e.g IEs) Do a target Escan so that sched scan results are reported
3327 * via wl_inform_single_bss in the required format. Escan does require the
3328 * scan request in the form of cfg80211_scan_request. For timebeing, create
3329 * cfg80211_scan_request one out of the received PNO event.
3332 brcmf_notify_sched_scan_results(struct brcmf_if *ifp,
3333 const struct brcmf_event_msg *e, void *data)
3335 struct brcmf_pub *drvr = ifp->drvr;
3336 struct brcmf_cfg80211_info *cfg = drvr->config;
3337 struct brcmf_pno_net_info_le *netinfo, *netinfo_start;
3338 struct cfg80211_scan_request *request = NULL;
3339 struct wiphy *wiphy = cfg_to_wiphy(cfg);
3341 struct brcmf_pno_scanresults_le *pfn_result;
3347 brcmf_dbg(SCAN, "Enter\n");
3349 if (e->datalen < (sizeof(*pfn_result) + sizeof(*netinfo))) {
3350 brcmf_dbg(SCAN, "Event data to small. Ignore\n");
3354 if (e->event_code == BRCMF_E_PFN_NET_LOST) {
3355 brcmf_dbg(SCAN, "PFN NET LOST event. Do Nothing\n");
3359 pfn_result = (struct brcmf_pno_scanresults_le *)data;
3360 result_count = le32_to_cpu(pfn_result->count);
3361 status = le32_to_cpu(pfn_result->status);
3363 /* PFN event is limited to fit 512 bytes so we may get
3364 * multiple NET_FOUND events. For now place a warning here.
3366 WARN_ON(status != BRCMF_PNO_SCAN_COMPLETE);
3367 brcmf_dbg(SCAN, "PFN NET FOUND event. count: %d\n", result_count);
3368 if (!result_count) {
3369 bphy_err(drvr, "FALSE PNO Event. (pfn_count == 0)\n");
3373 netinfo_start = brcmf_get_netinfo_array(pfn_result);
3374 datalen = e->datalen - ((void *)netinfo_start - (void *)pfn_result);
3375 if (datalen < result_count * sizeof(*netinfo)) {
3376 bphy_err(drvr, "insufficient event data\n");
3380 request = brcmf_alloc_internal_escan_request(wiphy,
3388 for (i = 0; i < result_count; i++) {
3389 netinfo = &netinfo_start[i];
3391 if (netinfo->SSID_len > IEEE80211_MAX_SSID_LEN)
3392 netinfo->SSID_len = IEEE80211_MAX_SSID_LEN;
3393 brcmf_dbg(SCAN, "SSID:%.32s Channel:%d\n",
3394 netinfo->SSID, netinfo->channel);
3395 bucket_map |= brcmf_pno_get_bucket_map(cfg->pno, netinfo);
3396 err = brcmf_internal_escan_add_info(request,
3407 err = brcmf_start_internal_escan(ifp, bucket_map, request);
3412 cfg80211_sched_scan_stopped(wiphy, 0);
3419 brcmf_cfg80211_sched_scan_start(struct wiphy *wiphy,
3420 struct net_device *ndev,
3421 struct cfg80211_sched_scan_request *req)
3423 struct brcmf_cfg80211_info *cfg = wiphy_to_cfg(wiphy);
3424 struct brcmf_if *ifp = netdev_priv(ndev);
3425 struct brcmf_pub *drvr = cfg->pub;
3427 brcmf_dbg(SCAN, "Enter: n_match_sets=%d n_ssids=%d\n",
3428 req->n_match_sets, req->n_ssids);
3430 if (test_bit(BRCMF_SCAN_STATUS_SUPPRESS, &cfg->scan_status)) {
3431 bphy_err(drvr, "Scanning suppressed: status=%lu\n",
3436 if (req->n_match_sets <= 0) {
3437 brcmf_dbg(SCAN, "invalid number of matchsets specified: %d\n",
3442 return brcmf_pno_start_sched_scan(ifp, req);
3445 static int brcmf_cfg80211_sched_scan_stop(struct wiphy *wiphy,
3446 struct net_device *ndev, u64 reqid)
3448 struct brcmf_cfg80211_info *cfg = wiphy_to_cfg(wiphy);
3449 struct brcmf_if *ifp = netdev_priv(ndev);
3451 brcmf_dbg(SCAN, "enter\n");
3452 brcmf_pno_stop_sched_scan(ifp, reqid);
3453 if (cfg->int_escan_map)
3454 brcmf_notify_escan_complete(cfg, ifp, true, true);
3458 static __always_inline void brcmf_delay(u32 ms)
3460 if (ms < 1000 / HZ) {
3468 static s32 brcmf_config_wowl_pattern(struct brcmf_if *ifp, u8 cmd[4],
3469 u8 *pattern, u32 patternsize, u8 *mask,
3472 struct brcmf_fil_wowl_pattern_le *filter;
3479 masksize = (patternsize + 7) / 8;
3480 patternoffset = sizeof(*filter) - sizeof(filter->cmd) + masksize;
3482 bufsize = sizeof(*filter) + patternsize + masksize;
3483 buf = kzalloc(bufsize, GFP_KERNEL);
3486 filter = (struct brcmf_fil_wowl_pattern_le *)buf;
3488 memcpy(filter->cmd, cmd, 4);
3489 filter->masksize = cpu_to_le32(masksize);
3490 filter->offset = cpu_to_le32(packet_offset);
3491 filter->patternoffset = cpu_to_le32(patternoffset);
3492 filter->patternsize = cpu_to_le32(patternsize);
3493 filter->type = cpu_to_le32(BRCMF_WOWL_PATTERN_TYPE_BITMAP);
3495 if ((mask) && (masksize))
3496 memcpy(buf + sizeof(*filter), mask, masksize);
3497 if ((pattern) && (patternsize))
3498 memcpy(buf + sizeof(*filter) + masksize, pattern, patternsize);
3500 ret = brcmf_fil_iovar_data_set(ifp, "wowl_pattern", buf, bufsize);
3507 brcmf_wowl_nd_results(struct brcmf_if *ifp, const struct brcmf_event_msg *e,
3510 struct brcmf_pub *drvr = ifp->drvr;
3511 struct brcmf_cfg80211_info *cfg = drvr->config;
3512 struct brcmf_pno_scanresults_le *pfn_result;
3513 struct brcmf_pno_net_info_le *netinfo;
3515 brcmf_dbg(SCAN, "Enter\n");
3517 if (e->datalen < (sizeof(*pfn_result) + sizeof(*netinfo))) {
3518 brcmf_dbg(SCAN, "Event data to small. Ignore\n");
3522 pfn_result = (struct brcmf_pno_scanresults_le *)data;
3524 if (e->event_code == BRCMF_E_PFN_NET_LOST) {
3525 brcmf_dbg(SCAN, "PFN NET LOST event. Ignore\n");
3529 if (le32_to_cpu(pfn_result->count) < 1) {
3530 bphy_err(drvr, "Invalid result count, expected 1 (%d)\n",
3531 le32_to_cpu(pfn_result->count));
3535 netinfo = brcmf_get_netinfo_array(pfn_result);
3536 if (netinfo->SSID_len > IEEE80211_MAX_SSID_LEN)
3537 netinfo->SSID_len = IEEE80211_MAX_SSID_LEN;
3538 memcpy(cfg->wowl.nd->ssid.ssid, netinfo->SSID, netinfo->SSID_len);
3539 cfg->wowl.nd->ssid.ssid_len = netinfo->SSID_len;
3540 cfg->wowl.nd->n_channels = 1;
3541 cfg->wowl.nd->channels[0] =
3542 ieee80211_channel_to_frequency(netinfo->channel,
3543 netinfo->channel <= CH_MAX_2G_CHANNEL ?
3544 NL80211_BAND_2GHZ : NL80211_BAND_5GHZ);
3545 cfg->wowl.nd_info->n_matches = 1;
3546 cfg->wowl.nd_info->matches[0] = cfg->wowl.nd;
3548 /* Inform (the resume task) that the net detect information was recvd */
3549 cfg->wowl.nd_data_completed = true;
3550 wake_up(&cfg->wowl.nd_data_wait);
3557 static void brcmf_report_wowl_wakeind(struct wiphy *wiphy, struct brcmf_if *ifp)
3559 struct brcmf_cfg80211_info *cfg = wiphy_to_cfg(wiphy);
3560 struct brcmf_pub *drvr = cfg->pub;
3561 struct brcmf_wowl_wakeind_le wake_ind_le;
3562 struct cfg80211_wowlan_wakeup wakeup_data;
3563 struct cfg80211_wowlan_wakeup *wakeup;
3568 err = brcmf_fil_iovar_data_get(ifp, "wowl_wakeind", &wake_ind_le,
3569 sizeof(wake_ind_le));
3571 bphy_err(drvr, "Get wowl_wakeind failed, err = %d\n", err);
3575 wakeind = le32_to_cpu(wake_ind_le.ucode_wakeind);
3576 if (wakeind & (BRCMF_WOWL_MAGIC | BRCMF_WOWL_DIS | BRCMF_WOWL_BCN |
3577 BRCMF_WOWL_RETR | BRCMF_WOWL_NET |
3578 BRCMF_WOWL_PFN_FOUND)) {
3579 wakeup = &wakeup_data;
3580 memset(&wakeup_data, 0, sizeof(wakeup_data));
3581 wakeup_data.pattern_idx = -1;
3583 if (wakeind & BRCMF_WOWL_MAGIC) {
3584 brcmf_dbg(INFO, "WOWL Wake indicator: BRCMF_WOWL_MAGIC\n");
3585 wakeup_data.magic_pkt = true;
3587 if (wakeind & BRCMF_WOWL_DIS) {
3588 brcmf_dbg(INFO, "WOWL Wake indicator: BRCMF_WOWL_DIS\n");
3589 wakeup_data.disconnect = true;
3591 if (wakeind & BRCMF_WOWL_BCN) {
3592 brcmf_dbg(INFO, "WOWL Wake indicator: BRCMF_WOWL_BCN\n");
3593 wakeup_data.disconnect = true;
3595 if (wakeind & BRCMF_WOWL_RETR) {
3596 brcmf_dbg(INFO, "WOWL Wake indicator: BRCMF_WOWL_RETR\n");
3597 wakeup_data.disconnect = true;
3599 if (wakeind & BRCMF_WOWL_NET) {
3600 brcmf_dbg(INFO, "WOWL Wake indicator: BRCMF_WOWL_NET\n");
3601 /* For now always map to pattern 0, no API to get
3602 * correct information available at the moment.
3604 wakeup_data.pattern_idx = 0;
3606 if (wakeind & BRCMF_WOWL_PFN_FOUND) {
3607 brcmf_dbg(INFO, "WOWL Wake indicator: BRCMF_WOWL_PFN_FOUND\n");
3608 timeout = wait_event_timeout(cfg->wowl.nd_data_wait,
3609 cfg->wowl.nd_data_completed,
3610 BRCMF_ND_INFO_TIMEOUT);
3612 bphy_err(drvr, "No result for wowl net detect\n");
3614 wakeup_data.net_detect = cfg->wowl.nd_info;
3616 if (wakeind & BRCMF_WOWL_GTK_FAILURE) {
3617 brcmf_dbg(INFO, "WOWL Wake indicator: BRCMF_WOWL_GTK_FAILURE\n");
3618 wakeup_data.gtk_rekey_failure = true;
3623 cfg80211_report_wowlan_wakeup(&ifp->vif->wdev, wakeup, GFP_KERNEL);
3628 static void brcmf_report_wowl_wakeind(struct wiphy *wiphy, struct brcmf_if *ifp)
3632 #endif /* CONFIG_PM */
3634 static s32 brcmf_cfg80211_resume(struct wiphy *wiphy)
3636 struct brcmf_cfg80211_info *cfg = wiphy_to_cfg(wiphy);
3637 struct net_device *ndev = cfg_to_ndev(cfg);
3638 struct brcmf_if *ifp = netdev_priv(ndev);
3640 brcmf_dbg(TRACE, "Enter\n");
3642 if (cfg->wowl.active) {
3643 brcmf_report_wowl_wakeind(wiphy, ifp);
3644 brcmf_fil_iovar_int_set(ifp, "wowl_clear", 0);
3645 brcmf_config_wowl_pattern(ifp, "clr", NULL, 0, NULL, 0);
3646 if (!brcmf_feat_is_enabled(ifp, BRCMF_FEAT_WOWL_ARP_ND))
3647 brcmf_configure_arp_nd_offload(ifp, true);
3648 brcmf_fil_cmd_int_set(ifp, BRCMF_C_SET_PM,
3649 cfg->wowl.pre_pmmode);
3650 cfg->wowl.active = false;
3651 if (cfg->wowl.nd_enabled) {
3652 brcmf_cfg80211_sched_scan_stop(cfg->wiphy, ifp->ndev, 0);
3653 brcmf_fweh_unregister(cfg->pub, BRCMF_E_PFN_NET_FOUND);
3654 brcmf_fweh_register(cfg->pub, BRCMF_E_PFN_NET_FOUND,
3655 brcmf_notify_sched_scan_results);
3656 cfg->wowl.nd_enabled = false;
3662 static void brcmf_configure_wowl(struct brcmf_cfg80211_info *cfg,
3663 struct brcmf_if *ifp,
3664 struct cfg80211_wowlan *wowl)
3667 struct brcmf_wowl_wakeind_le wowl_wakeind;
3670 brcmf_dbg(TRACE, "Suspend, wowl config.\n");
3672 if (!brcmf_feat_is_enabled(ifp, BRCMF_FEAT_WOWL_ARP_ND))
3673 brcmf_configure_arp_nd_offload(ifp, false);
3674 brcmf_fil_cmd_int_get(ifp, BRCMF_C_GET_PM, &cfg->wowl.pre_pmmode);
3675 brcmf_fil_cmd_int_set(ifp, BRCMF_C_SET_PM, PM_MAX);
3678 if (wowl->disconnect)
3679 wowl_config = BRCMF_WOWL_DIS | BRCMF_WOWL_BCN | BRCMF_WOWL_RETR;
3680 if (wowl->magic_pkt)
3681 wowl_config |= BRCMF_WOWL_MAGIC;
3682 if ((wowl->patterns) && (wowl->n_patterns)) {
3683 wowl_config |= BRCMF_WOWL_NET;
3684 for (i = 0; i < wowl->n_patterns; i++) {
3685 brcmf_config_wowl_pattern(ifp, "add",
3686 (u8 *)wowl->patterns[i].pattern,
3687 wowl->patterns[i].pattern_len,
3688 (u8 *)wowl->patterns[i].mask,
3689 wowl->patterns[i].pkt_offset);
3692 if (wowl->nd_config) {
3693 brcmf_cfg80211_sched_scan_start(cfg->wiphy, ifp->ndev,
3695 wowl_config |= BRCMF_WOWL_PFN_FOUND;
3697 cfg->wowl.nd_data_completed = false;
3698 cfg->wowl.nd_enabled = true;
3699 /* Now reroute the event for PFN to the wowl function. */
3700 brcmf_fweh_unregister(cfg->pub, BRCMF_E_PFN_NET_FOUND);
3701 brcmf_fweh_register(cfg->pub, BRCMF_E_PFN_NET_FOUND,
3702 brcmf_wowl_nd_results);
3704 if (wowl->gtk_rekey_failure)
3705 wowl_config |= BRCMF_WOWL_GTK_FAILURE;
3706 if (!test_bit(BRCMF_VIF_STATUS_CONNECTED, &ifp->vif->sme_state))
3707 wowl_config |= BRCMF_WOWL_UNASSOC;
3709 memcpy(&wowl_wakeind, "clear", 6);
3710 brcmf_fil_iovar_data_set(ifp, "wowl_wakeind", &wowl_wakeind,
3711 sizeof(wowl_wakeind));
3712 brcmf_fil_iovar_int_set(ifp, "wowl", wowl_config);
3713 brcmf_fil_iovar_int_set(ifp, "wowl_activate", 1);
3714 brcmf_bus_wowl_config(cfg->pub->bus_if, true);
3715 cfg->wowl.active = true;
3718 static s32 brcmf_cfg80211_suspend(struct wiphy *wiphy,
3719 struct cfg80211_wowlan *wowl)
3721 struct brcmf_cfg80211_info *cfg = wiphy_to_cfg(wiphy);
3722 struct net_device *ndev = cfg_to_ndev(cfg);
3723 struct brcmf_if *ifp = netdev_priv(ndev);
3724 struct brcmf_cfg80211_vif *vif;
3726 brcmf_dbg(TRACE, "Enter\n");
3728 /* if the primary net_device is not READY there is nothing
3729 * we can do but pray resume goes smoothly.
3731 if (!check_vif_up(ifp->vif))
3734 /* Stop scheduled scan */
3735 if (brcmf_feat_is_enabled(ifp, BRCMF_FEAT_PNO))
3736 brcmf_cfg80211_sched_scan_stop(wiphy, ndev, 0);
3738 /* end any scanning */
3739 if (test_bit(BRCMF_SCAN_STATUS_BUSY, &cfg->scan_status))
3740 brcmf_abort_scanning(cfg);
3743 brcmf_bus_wowl_config(cfg->pub->bus_if, false);
3744 list_for_each_entry(vif, &cfg->vif_list, list) {
3745 if (!test_bit(BRCMF_VIF_STATUS_READY, &vif->sme_state))
3747 /* While going to suspend if associated with AP
3748 * disassociate from AP to save power while system is
3749 * in suspended state
3751 brcmf_link_down(vif, WLAN_REASON_UNSPECIFIED);
3752 /* Make sure WPA_Supplicant receives all the event
3753 * generated due to DISASSOC call to the fw to keep
3754 * the state fw and WPA_Supplicant state consistent
3759 brcmf_set_mpc(ifp, 1);
3762 /* Configure WOWL paramaters */
3763 brcmf_configure_wowl(cfg, ifp, wowl);
3767 brcmf_dbg(TRACE, "Exit\n");
3768 /* clear any scanning activity */
3769 cfg->scan_status = 0;
3774 brcmf_update_pmklist(struct brcmf_cfg80211_info *cfg, struct brcmf_if *ifp)
3776 struct brcmf_pmk_list_le *pmk_list;
3781 pmk_list = &cfg->pmk_list;
3782 npmk = le32_to_cpu(pmk_list->npmk);
3784 brcmf_dbg(CONN, "No of elements %d\n", npmk);
3785 for (i = 0; i < npmk; i++)
3786 brcmf_dbg(CONN, "PMK[%d]: %pM\n", i, &pmk_list->pmk[i].bssid);
3788 err = brcmf_fil_iovar_data_set(ifp, "pmkid_info", pmk_list,
3795 brcmf_cfg80211_set_pmksa(struct wiphy *wiphy, struct net_device *ndev,
3796 struct cfg80211_pmksa *pmksa)
3798 struct brcmf_cfg80211_info *cfg = wiphy_to_cfg(wiphy);
3799 struct brcmf_if *ifp = netdev_priv(ndev);
3800 struct brcmf_pmksa *pmk = &cfg->pmk_list.pmk[0];
3801 struct brcmf_pub *drvr = cfg->pub;
3805 brcmf_dbg(TRACE, "Enter\n");
3806 if (!check_vif_up(ifp->vif))
3809 npmk = le32_to_cpu(cfg->pmk_list.npmk);
3810 for (i = 0; i < npmk; i++)
3811 if (!memcmp(pmksa->bssid, pmk[i].bssid, ETH_ALEN))
3813 if (i < BRCMF_MAXPMKID) {
3814 memcpy(pmk[i].bssid, pmksa->bssid, ETH_ALEN);
3815 memcpy(pmk[i].pmkid, pmksa->pmkid, WLAN_PMKID_LEN);
3818 cfg->pmk_list.npmk = cpu_to_le32(npmk);
3821 bphy_err(drvr, "Too many PMKSA entries cached %d\n", npmk);
3825 brcmf_dbg(CONN, "set_pmksa - PMK bssid: %pM =\n", pmk[npmk].bssid);
3826 for (i = 0; i < WLAN_PMKID_LEN; i += 4)
3827 brcmf_dbg(CONN, "%02x %02x %02x %02x\n", pmk[npmk].pmkid[i],
3828 pmk[npmk].pmkid[i + 1], pmk[npmk].pmkid[i + 2],
3829 pmk[npmk].pmkid[i + 3]);
3831 err = brcmf_update_pmklist(cfg, ifp);
3833 brcmf_dbg(TRACE, "Exit\n");
3838 brcmf_cfg80211_del_pmksa(struct wiphy *wiphy, struct net_device *ndev,
3839 struct cfg80211_pmksa *pmksa)
3841 struct brcmf_cfg80211_info *cfg = wiphy_to_cfg(wiphy);
3842 struct brcmf_if *ifp = netdev_priv(ndev);
3843 struct brcmf_pmksa *pmk = &cfg->pmk_list.pmk[0];
3844 struct brcmf_pub *drvr = cfg->pub;
3848 brcmf_dbg(TRACE, "Enter\n");
3849 if (!check_vif_up(ifp->vif))
3852 brcmf_dbg(CONN, "del_pmksa - PMK bssid = %pM\n", pmksa->bssid);
3854 npmk = le32_to_cpu(cfg->pmk_list.npmk);
3855 for (i = 0; i < npmk; i++)
3856 if (!memcmp(pmksa->bssid, pmk[i].bssid, ETH_ALEN))
3859 if ((npmk > 0) && (i < npmk)) {
3860 for (; i < (npmk - 1); i++) {
3861 memcpy(&pmk[i].bssid, &pmk[i + 1].bssid, ETH_ALEN);
3862 memcpy(&pmk[i].pmkid, &pmk[i + 1].pmkid,
3865 memset(&pmk[i], 0, sizeof(*pmk));
3866 cfg->pmk_list.npmk = cpu_to_le32(npmk - 1);
3868 bphy_err(drvr, "Cache entry not found\n");
3872 err = brcmf_update_pmklist(cfg, ifp);
3874 brcmf_dbg(TRACE, "Exit\n");
3880 brcmf_cfg80211_flush_pmksa(struct wiphy *wiphy, struct net_device *ndev)
3882 struct brcmf_cfg80211_info *cfg = wiphy_to_cfg(wiphy);
3883 struct brcmf_if *ifp = netdev_priv(ndev);
3886 brcmf_dbg(TRACE, "Enter\n");
3887 if (!check_vif_up(ifp->vif))
3890 memset(&cfg->pmk_list, 0, sizeof(cfg->pmk_list));
3891 err = brcmf_update_pmklist(cfg, ifp);
3893 brcmf_dbg(TRACE, "Exit\n");
3898 static s32 brcmf_configure_opensecurity(struct brcmf_if *ifp)
3900 struct brcmf_pub *drvr = ifp->drvr;
3905 err = brcmf_fil_bsscfg_int_set(ifp, "auth", 0);
3907 bphy_err(drvr, "auth error %d\n", err);
3911 err = brcmf_fil_bsscfg_int_set(ifp, "wsec", 0);
3913 bphy_err(drvr, "wsec error %d\n", err);
3916 /* set upper-layer auth */
3917 if (brcmf_is_ibssmode(ifp->vif))
3918 wpa_val = WPA_AUTH_NONE;
3920 wpa_val = WPA_AUTH_DISABLED;
3921 err = brcmf_fil_bsscfg_int_set(ifp, "wpa_auth", wpa_val);
3923 bphy_err(drvr, "wpa_auth error %d\n", err);
3930 static bool brcmf_valid_wpa_oui(u8 *oui, bool is_rsn_ie)
3933 return (memcmp(oui, RSN_OUI, TLV_OUI_LEN) == 0);
3935 return (memcmp(oui, WPA_OUI, TLV_OUI_LEN) == 0);
3939 brcmf_configure_wpaie(struct brcmf_if *ifp,
3940 const struct brcmf_vs_tlv *wpa_ie,
3943 struct brcmf_pub *drvr = ifp->drvr;
3944 u32 auth = 0; /* d11 open authentication */
3956 u32 wme_bss_disable;
3959 brcmf_dbg(TRACE, "Enter\n");
3963 len = wpa_ie->len + TLV_HDR_LEN;
3964 data = (u8 *)wpa_ie;
3965 offset = TLV_HDR_LEN;
3967 offset += VS_IE_FIXED_HDR_LEN;
3969 offset += WPA_IE_VERSION_LEN;
3971 /* check for multicast cipher suite */
3972 if (offset + WPA_IE_MIN_OUI_LEN > len) {
3974 bphy_err(drvr, "no multicast cipher suite\n");
3978 if (!brcmf_valid_wpa_oui(&data[offset], is_rsn_ie)) {
3980 bphy_err(drvr, "ivalid OUI\n");
3983 offset += TLV_OUI_LEN;
3985 /* pick up multicast cipher */
3986 switch (data[offset]) {
3987 case WPA_CIPHER_NONE:
3990 case WPA_CIPHER_WEP_40:
3991 case WPA_CIPHER_WEP_104:
3994 case WPA_CIPHER_TKIP:
3995 gval = TKIP_ENABLED;
3997 case WPA_CIPHER_AES_CCM:
4002 bphy_err(drvr, "Invalid multi cast cipher info\n");
4007 /* walk thru unicast cipher list and pick up what we recognize */
4008 count = data[offset] + (data[offset + 1] << 8);
4009 offset += WPA_IE_SUITE_COUNT_LEN;
4010 /* Check for unicast suite(s) */
4011 if (offset + (WPA_IE_MIN_OUI_LEN * count) > len) {
4013 bphy_err(drvr, "no unicast cipher suite\n");
4016 for (i = 0; i < count; i++) {
4017 if (!brcmf_valid_wpa_oui(&data[offset], is_rsn_ie)) {
4019 bphy_err(drvr, "ivalid OUI\n");
4022 offset += TLV_OUI_LEN;
4023 switch (data[offset]) {
4024 case WPA_CIPHER_NONE:
4026 case WPA_CIPHER_WEP_40:
4027 case WPA_CIPHER_WEP_104:
4028 pval |= WEP_ENABLED;
4030 case WPA_CIPHER_TKIP:
4031 pval |= TKIP_ENABLED;
4033 case WPA_CIPHER_AES_CCM:
4034 pval |= AES_ENABLED;
4037 bphy_err(drvr, "Invalid unicast security info\n");
4041 /* walk thru auth management suite list and pick up what we recognize */
4042 count = data[offset] + (data[offset + 1] << 8);
4043 offset += WPA_IE_SUITE_COUNT_LEN;
4044 /* Check for auth key management suite(s) */
4045 if (offset + (WPA_IE_MIN_OUI_LEN * count) > len) {
4047 bphy_err(drvr, "no auth key mgmt suite\n");
4050 for (i = 0; i < count; i++) {
4051 if (!brcmf_valid_wpa_oui(&data[offset], is_rsn_ie)) {
4053 bphy_err(drvr, "ivalid OUI\n");
4056 offset += TLV_OUI_LEN;
4057 switch (data[offset]) {
4059 brcmf_dbg(TRACE, "RSN_AKM_NONE\n");
4060 wpa_auth |= WPA_AUTH_NONE;
4062 case RSN_AKM_UNSPECIFIED:
4063 brcmf_dbg(TRACE, "RSN_AKM_UNSPECIFIED\n");
4064 is_rsn_ie ? (wpa_auth |= WPA2_AUTH_UNSPECIFIED) :
4065 (wpa_auth |= WPA_AUTH_UNSPECIFIED);
4068 brcmf_dbg(TRACE, "RSN_AKM_PSK\n");
4069 is_rsn_ie ? (wpa_auth |= WPA2_AUTH_PSK) :
4070 (wpa_auth |= WPA_AUTH_PSK);
4072 case RSN_AKM_SHA256_PSK:
4073 brcmf_dbg(TRACE, "RSN_AKM_MFP_PSK\n");
4074 wpa_auth |= WPA2_AUTH_PSK_SHA256;
4076 case RSN_AKM_SHA256_1X:
4077 brcmf_dbg(TRACE, "RSN_AKM_MFP_1X\n");
4078 wpa_auth |= WPA2_AUTH_1X_SHA256;
4081 bphy_err(drvr, "Invalid key mgmt info\n");
4086 mfp = BRCMF_MFP_NONE;
4088 wme_bss_disable = 1;
4089 if ((offset + RSN_CAP_LEN) <= len) {
4090 rsn_cap = data[offset] + (data[offset + 1] << 8);
4091 if (rsn_cap & RSN_CAP_PTK_REPLAY_CNTR_MASK)
4092 wme_bss_disable = 0;
4093 if (rsn_cap & RSN_CAP_MFPR_MASK) {
4094 brcmf_dbg(TRACE, "MFP Required\n");
4095 mfp = BRCMF_MFP_REQUIRED;
4096 /* Firmware only supports mfp required in
4097 * combination with WPA2_AUTH_PSK_SHA256 or
4098 * WPA2_AUTH_1X_SHA256.
4100 if (!(wpa_auth & (WPA2_AUTH_PSK_SHA256 |
4101 WPA2_AUTH_1X_SHA256))) {
4105 /* Firmware has requirement that WPA2_AUTH_PSK/
4106 * WPA2_AUTH_UNSPECIFIED be set, if SHA256 OUI
4107 * is to be included in the rsn ie.
4109 if (wpa_auth & WPA2_AUTH_PSK_SHA256)
4110 wpa_auth |= WPA2_AUTH_PSK;
4111 else if (wpa_auth & WPA2_AUTH_1X_SHA256)
4112 wpa_auth |= WPA2_AUTH_UNSPECIFIED;
4113 } else if (rsn_cap & RSN_CAP_MFPC_MASK) {
4114 brcmf_dbg(TRACE, "MFP Capable\n");
4115 mfp = BRCMF_MFP_CAPABLE;
4118 offset += RSN_CAP_LEN;
4119 /* set wme_bss_disable to sync RSN Capabilities */
4120 err = brcmf_fil_bsscfg_int_set(ifp, "wme_bss_disable",
4123 bphy_err(drvr, "wme_bss_disable error %d\n", err);
4127 /* Skip PMKID cnt as it is know to be 0 for AP. */
4128 offset += RSN_PMKID_COUNT_LEN;
4130 /* See if there is BIP wpa suite left for MFP */
4131 if (brcmf_feat_is_enabled(ifp, BRCMF_FEAT_MFP) &&
4132 ((offset + WPA_IE_MIN_OUI_LEN) <= len)) {
4133 err = brcmf_fil_bsscfg_data_set(ifp, "bip",
4135 WPA_IE_MIN_OUI_LEN);
4137 bphy_err(drvr, "bip error %d\n", err);
4142 /* FOR WPS , set SES_OW_ENABLED */
4143 wsec = (pval | gval | SES_OW_ENABLED);
4146 err = brcmf_fil_bsscfg_int_set(ifp, "auth", auth);
4148 bphy_err(drvr, "auth error %d\n", err);
4152 err = brcmf_fil_bsscfg_int_set(ifp, "wsec", wsec);
4154 bphy_err(drvr, "wsec error %d\n", err);
4157 /* Configure MFP, this needs to go after wsec otherwise the wsec command
4158 * will overwrite the values set by MFP
4160 if (brcmf_feat_is_enabled(ifp, BRCMF_FEAT_MFP)) {
4161 err = brcmf_fil_bsscfg_int_set(ifp, "mfp", mfp);
4163 bphy_err(drvr, "mfp error %d\n", err);
4167 /* set upper-layer auth */
4168 err = brcmf_fil_bsscfg_int_set(ifp, "wpa_auth", wpa_auth);
4170 bphy_err(drvr, "wpa_auth error %d\n", err);
4179 brcmf_parse_vndr_ies(const u8 *vndr_ie_buf, u32 vndr_ie_len,
4180 struct parsed_vndr_ies *vndr_ies)
4182 struct brcmf_vs_tlv *vndrie;
4183 struct brcmf_tlv *ie;
4184 struct parsed_vndr_ie_info *parsed_info;
4187 remaining_len = (s32)vndr_ie_len;
4188 memset(vndr_ies, 0, sizeof(*vndr_ies));
4190 ie = (struct brcmf_tlv *)vndr_ie_buf;
4192 if (ie->id != WLAN_EID_VENDOR_SPECIFIC)
4194 vndrie = (struct brcmf_vs_tlv *)ie;
4195 /* len should be bigger than OUI length + one */
4196 if (vndrie->len < (VS_IE_FIXED_HDR_LEN - TLV_HDR_LEN + 1)) {
4197 brcmf_err("invalid vndr ie. length is too small %d\n",
4201 /* if wpa or wme ie, do not add ie */
4202 if (!memcmp(vndrie->oui, (u8 *)WPA_OUI, TLV_OUI_LEN) &&
4203 ((vndrie->oui_type == WPA_OUI_TYPE) ||
4204 (vndrie->oui_type == WME_OUI_TYPE))) {
4205 brcmf_dbg(TRACE, "Found WPA/WME oui. Do not add it\n");
4209 parsed_info = &vndr_ies->ie_info[vndr_ies->count];
4211 /* save vndr ie information */
4212 parsed_info->ie_ptr = (char *)vndrie;
4213 parsed_info->ie_len = vndrie->len + TLV_HDR_LEN;
4214 memcpy(&parsed_info->vndrie, vndrie, sizeof(*vndrie));
4218 brcmf_dbg(TRACE, "** OUI %02x %02x %02x, type 0x%02x\n",
4219 parsed_info->vndrie.oui[0],
4220 parsed_info->vndrie.oui[1],
4221 parsed_info->vndrie.oui[2],
4222 parsed_info->vndrie.oui_type);
4224 if (vndr_ies->count >= VNDR_IE_PARSE_LIMIT)
4227 remaining_len -= (ie->len + TLV_HDR_LEN);
4228 if (remaining_len <= TLV_HDR_LEN)
4231 ie = (struct brcmf_tlv *)(((u8 *)ie) + ie->len +
4238 brcmf_vndr_ie(u8 *iebuf, s32 pktflag, u8 *ie_ptr, u32 ie_len, s8 *add_del_cmd)
4241 strncpy(iebuf, add_del_cmd, VNDR_IE_CMD_LEN - 1);
4242 iebuf[VNDR_IE_CMD_LEN - 1] = '\0';
4244 put_unaligned_le32(1, &iebuf[VNDR_IE_COUNT_OFFSET]);
4246 put_unaligned_le32(pktflag, &iebuf[VNDR_IE_PKTFLAG_OFFSET]);
4248 memcpy(&iebuf[VNDR_IE_VSIE_OFFSET], ie_ptr, ie_len);
4250 return ie_len + VNDR_IE_HDR_SIZE;
4253 s32 brcmf_vif_set_mgmt_ie(struct brcmf_cfg80211_vif *vif, s32 pktflag,
4254 const u8 *vndr_ie_buf, u32 vndr_ie_len)
4256 struct brcmf_pub *drvr;
4257 struct brcmf_if *ifp;
4258 struct vif_saved_ie *saved_ie;
4262 u8 *mgmt_ie_buf = NULL;
4263 int mgmt_ie_buf_len;
4265 u32 del_add_ie_buf_len = 0;
4266 u32 total_ie_buf_len = 0;
4267 u32 parsed_ie_buf_len = 0;
4268 struct parsed_vndr_ies old_vndr_ies;
4269 struct parsed_vndr_ies new_vndr_ies;
4270 struct parsed_vndr_ie_info *vndrie_info;
4273 int remained_buf_len;
4279 saved_ie = &vif->saved_ie;
4281 brcmf_dbg(TRACE, "bsscfgidx %d, pktflag : 0x%02X\n", ifp->bsscfgidx,
4283 iovar_ie_buf = kzalloc(WL_EXTRA_BUF_MAX, GFP_KERNEL);
4286 curr_ie_buf = iovar_ie_buf;
4288 case BRCMF_VNDR_IE_PRBREQ_FLAG:
4289 mgmt_ie_buf = saved_ie->probe_req_ie;
4290 mgmt_ie_len = &saved_ie->probe_req_ie_len;
4291 mgmt_ie_buf_len = sizeof(saved_ie->probe_req_ie);
4293 case BRCMF_VNDR_IE_PRBRSP_FLAG:
4294 mgmt_ie_buf = saved_ie->probe_res_ie;
4295 mgmt_ie_len = &saved_ie->probe_res_ie_len;
4296 mgmt_ie_buf_len = sizeof(saved_ie->probe_res_ie);
4298 case BRCMF_VNDR_IE_BEACON_FLAG:
4299 mgmt_ie_buf = saved_ie->beacon_ie;
4300 mgmt_ie_len = &saved_ie->beacon_ie_len;
4301 mgmt_ie_buf_len = sizeof(saved_ie->beacon_ie);
4303 case BRCMF_VNDR_IE_ASSOCREQ_FLAG:
4304 mgmt_ie_buf = saved_ie->assoc_req_ie;
4305 mgmt_ie_len = &saved_ie->assoc_req_ie_len;
4306 mgmt_ie_buf_len = sizeof(saved_ie->assoc_req_ie);
4310 bphy_err(drvr, "not suitable type\n");
4314 if (vndr_ie_len > mgmt_ie_buf_len) {
4316 bphy_err(drvr, "extra IE size too big\n");
4320 /* parse and save new vndr_ie in curr_ie_buff before comparing it */
4321 if (vndr_ie_buf && vndr_ie_len && curr_ie_buf) {
4323 brcmf_parse_vndr_ies(vndr_ie_buf, vndr_ie_len, &new_vndr_ies);
4324 for (i = 0; i < new_vndr_ies.count; i++) {
4325 vndrie_info = &new_vndr_ies.ie_info[i];
4326 memcpy(ptr + parsed_ie_buf_len, vndrie_info->ie_ptr,
4327 vndrie_info->ie_len);
4328 parsed_ie_buf_len += vndrie_info->ie_len;
4332 if (mgmt_ie_buf && *mgmt_ie_len) {
4333 if (parsed_ie_buf_len && (parsed_ie_buf_len == *mgmt_ie_len) &&
4334 (memcmp(mgmt_ie_buf, curr_ie_buf,
4335 parsed_ie_buf_len) == 0)) {
4336 brcmf_dbg(TRACE, "Previous mgmt IE equals to current IE\n");
4340 /* parse old vndr_ie */
4341 brcmf_parse_vndr_ies(mgmt_ie_buf, *mgmt_ie_len, &old_vndr_ies);
4343 /* make a command to delete old ie */
4344 for (i = 0; i < old_vndr_ies.count; i++) {
4345 vndrie_info = &old_vndr_ies.ie_info[i];
4347 brcmf_dbg(TRACE, "DEL ID : %d, Len: %d , OUI:%02x:%02x:%02x\n",
4348 vndrie_info->vndrie.id,
4349 vndrie_info->vndrie.len,
4350 vndrie_info->vndrie.oui[0],
4351 vndrie_info->vndrie.oui[1],
4352 vndrie_info->vndrie.oui[2]);
4354 del_add_ie_buf_len = brcmf_vndr_ie(curr_ie_buf, pktflag,
4355 vndrie_info->ie_ptr,
4356 vndrie_info->ie_len,
4358 curr_ie_buf += del_add_ie_buf_len;
4359 total_ie_buf_len += del_add_ie_buf_len;
4364 /* Add if there is any extra IE */
4365 if (mgmt_ie_buf && parsed_ie_buf_len) {
4368 remained_buf_len = mgmt_ie_buf_len;
4370 /* make a command to add new ie */
4371 for (i = 0; i < new_vndr_ies.count; i++) {
4372 vndrie_info = &new_vndr_ies.ie_info[i];
4374 /* verify remained buf size before copy data */
4375 if (remained_buf_len < (vndrie_info->vndrie.len +
4376 VNDR_IE_VSIE_OFFSET)) {
4377 bphy_err(drvr, "no space in mgmt_ie_buf: len left %d",
4381 remained_buf_len -= (vndrie_info->ie_len +
4382 VNDR_IE_VSIE_OFFSET);
4384 brcmf_dbg(TRACE, "ADDED ID : %d, Len: %d, OUI:%02x:%02x:%02x\n",
4385 vndrie_info->vndrie.id,
4386 vndrie_info->vndrie.len,
4387 vndrie_info->vndrie.oui[0],
4388 vndrie_info->vndrie.oui[1],
4389 vndrie_info->vndrie.oui[2]);
4391 del_add_ie_buf_len = brcmf_vndr_ie(curr_ie_buf, pktflag,
4392 vndrie_info->ie_ptr,
4393 vndrie_info->ie_len,
4396 /* save the parsed IE in wl struct */
4397 memcpy(ptr + (*mgmt_ie_len), vndrie_info->ie_ptr,
4398 vndrie_info->ie_len);
4399 *mgmt_ie_len += vndrie_info->ie_len;
4401 curr_ie_buf += del_add_ie_buf_len;
4402 total_ie_buf_len += del_add_ie_buf_len;
4405 if (total_ie_buf_len) {
4406 err = brcmf_fil_bsscfg_data_set(ifp, "vndr_ie", iovar_ie_buf,
4409 bphy_err(drvr, "vndr ie set error : %d\n", err);
4413 kfree(iovar_ie_buf);
4417 s32 brcmf_vif_clear_mgmt_ies(struct brcmf_cfg80211_vif *vif)
4420 BRCMF_VNDR_IE_PRBREQ_FLAG,
4421 BRCMF_VNDR_IE_PRBRSP_FLAG,
4422 BRCMF_VNDR_IE_BEACON_FLAG
4426 for (i = 0; i < ARRAY_SIZE(pktflags); i++)
4427 brcmf_vif_set_mgmt_ie(vif, pktflags[i], NULL, 0);
4429 memset(&vif->saved_ie, 0, sizeof(vif->saved_ie));
4434 brcmf_config_ap_mgmt_ie(struct brcmf_cfg80211_vif *vif,
4435 struct cfg80211_beacon_data *beacon)
4437 struct brcmf_pub *drvr = vif->ifp->drvr;
4440 /* Set Beacon IEs to FW */
4441 err = brcmf_vif_set_mgmt_ie(vif, BRCMF_VNDR_IE_BEACON_FLAG,
4442 beacon->tail, beacon->tail_len);
4444 bphy_err(drvr, "Set Beacon IE Failed\n");
4447 brcmf_dbg(TRACE, "Applied Vndr IEs for Beacon\n");
4449 /* Set Probe Response IEs to FW */
4450 err = brcmf_vif_set_mgmt_ie(vif, BRCMF_VNDR_IE_PRBRSP_FLAG,
4451 beacon->proberesp_ies,
4452 beacon->proberesp_ies_len);
4454 bphy_err(drvr, "Set Probe Resp IE Failed\n");
4456 brcmf_dbg(TRACE, "Applied Vndr IEs for Probe Resp\n");
4462 brcmf_cfg80211_start_ap(struct wiphy *wiphy, struct net_device *ndev,
4463 struct cfg80211_ap_settings *settings)
4466 struct brcmf_cfg80211_info *cfg = wiphy_to_cfg(wiphy);
4467 struct brcmf_if *ifp = netdev_priv(ndev);
4468 struct brcmf_pub *drvr = cfg->pub;
4469 const struct brcmf_tlv *ssid_ie;
4470 const struct brcmf_tlv *country_ie;
4471 struct brcmf_ssid_le ssid_le;
4473 const struct brcmf_tlv *rsn_ie;
4474 const struct brcmf_vs_tlv *wpa_ie;
4475 struct brcmf_join_params join_params;
4476 enum nl80211_iftype dev_role;
4477 struct brcmf_fil_bss_enable_le bss_enable;
4478 u16 chanspec = chandef_to_chanspec(&cfg->d11inf, &settings->chandef);
4483 brcmf_dbg(TRACE, "ctrlchn=%d, center=%d, bw=%d, beacon_interval=%d, dtim_period=%d,\n",
4484 settings->chandef.chan->hw_value,
4485 settings->chandef.center_freq1, settings->chandef.width,
4486 settings->beacon_interval, settings->dtim_period);
4487 brcmf_dbg(TRACE, "ssid=%s(%zu), auth_type=%d, inactivity_timeout=%d\n",
4488 settings->ssid, settings->ssid_len, settings->auth_type,
4489 settings->inactivity_timeout);
4490 dev_role = ifp->vif->wdev.iftype;
4491 mbss = ifp->vif->mbss;
4493 /* store current 11d setting */
4494 if (brcmf_fil_cmd_int_get(ifp, BRCMF_C_GET_REGULATORY,
4495 &ifp->vif->is_11d)) {
4496 is_11d = supports_11d = false;
4498 country_ie = brcmf_parse_tlvs((u8 *)settings->beacon.tail,
4499 settings->beacon.tail_len,
4501 is_11d = country_ie ? 1 : 0;
4502 supports_11d = true;
4505 memset(&ssid_le, 0, sizeof(ssid_le));
4506 if (settings->ssid == NULL || settings->ssid_len == 0) {
4507 ie_offset = DOT11_MGMT_HDR_LEN + DOT11_BCN_PRB_FIXED_LEN;
4508 ssid_ie = brcmf_parse_tlvs(
4509 (u8 *)&settings->beacon.head[ie_offset],
4510 settings->beacon.head_len - ie_offset,
4512 if (!ssid_ie || ssid_ie->len > IEEE80211_MAX_SSID_LEN)
4515 memcpy(ssid_le.SSID, ssid_ie->data, ssid_ie->len);
4516 ssid_le.SSID_len = cpu_to_le32(ssid_ie->len);
4517 brcmf_dbg(TRACE, "SSID is (%s) in Head\n", ssid_le.SSID);
4519 memcpy(ssid_le.SSID, settings->ssid, settings->ssid_len);
4520 ssid_le.SSID_len = cpu_to_le32((u32)settings->ssid_len);
4524 brcmf_set_mpc(ifp, 0);
4525 brcmf_configure_arp_nd_offload(ifp, false);
4528 /* find the RSN_IE */
4529 rsn_ie = brcmf_parse_tlvs((u8 *)settings->beacon.tail,
4530 settings->beacon.tail_len, WLAN_EID_RSN);
4532 /* find the WPA_IE */
4533 wpa_ie = brcmf_find_wpaie((u8 *)settings->beacon.tail,
4534 settings->beacon.tail_len);
4536 if ((wpa_ie != NULL || rsn_ie != NULL)) {
4537 brcmf_dbg(TRACE, "WPA(2) IE is found\n");
4538 if (wpa_ie != NULL) {
4540 err = brcmf_configure_wpaie(ifp, wpa_ie, false);
4544 struct brcmf_vs_tlv *tmp_ie;
4546 tmp_ie = (struct brcmf_vs_tlv *)rsn_ie;
4549 err = brcmf_configure_wpaie(ifp, tmp_ie, true);
4554 brcmf_dbg(TRACE, "No WPA(2) IEs found\n");
4555 brcmf_configure_opensecurity(ifp);
4558 /* Parameters shared by all radio interfaces */
4560 if ((supports_11d) && (is_11d != ifp->vif->is_11d)) {
4561 err = brcmf_fil_cmd_int_set(ifp, BRCMF_C_SET_REGULATORY,
4564 bphy_err(drvr, "Regulatory Set Error, %d\n",
4569 if (settings->beacon_interval) {
4570 err = brcmf_fil_cmd_int_set(ifp, BRCMF_C_SET_BCNPRD,
4571 settings->beacon_interval);
4573 bphy_err(drvr, "Beacon Interval Set Error, %d\n",
4578 if (settings->dtim_period) {
4579 err = brcmf_fil_cmd_int_set(ifp, BRCMF_C_SET_DTIMPRD,
4580 settings->dtim_period);
4582 bphy_err(drvr, "DTIM Interval Set Error, %d\n",
4588 if ((dev_role == NL80211_IFTYPE_AP) &&
4589 ((ifp->ifidx == 0) ||
4590 !brcmf_feat_is_enabled(ifp, BRCMF_FEAT_RSDB))) {
4591 err = brcmf_fil_cmd_int_set(ifp, BRCMF_C_DOWN, 1);
4593 bphy_err(drvr, "BRCMF_C_DOWN error %d\n",
4597 brcmf_fil_iovar_int_set(ifp, "apsta", 0);
4600 err = brcmf_fil_cmd_int_set(ifp, BRCMF_C_SET_INFRA, 1);
4602 bphy_err(drvr, "SET INFRA error %d\n", err);
4605 } else if (WARN_ON(supports_11d && (is_11d != ifp->vif->is_11d))) {
4606 /* Multiple-BSS should use same 11d configuration */
4611 /* Interface specific setup */
4612 if (dev_role == NL80211_IFTYPE_AP) {
4613 if ((brcmf_feat_is_enabled(ifp, BRCMF_FEAT_MBSS)) && (!mbss))
4614 brcmf_fil_iovar_int_set(ifp, "mbss", 1);
4616 err = brcmf_fil_cmd_int_set(ifp, BRCMF_C_SET_AP, 1);
4618 bphy_err(drvr, "setting AP mode failed %d\n",
4623 /* Firmware 10.x requires setting channel after enabling
4624 * AP and before bringing interface up.
4626 err = brcmf_fil_iovar_int_set(ifp, "chanspec", chanspec);
4628 bphy_err(drvr, "Set Channel failed: chspec=%d, %d\n",
4633 err = brcmf_fil_cmd_int_set(ifp, BRCMF_C_UP, 1);
4635 bphy_err(drvr, "BRCMF_C_UP error (%d)\n", err);
4638 /* On DOWN the firmware removes the WEP keys, reconfigure
4639 * them if they were set.
4641 brcmf_cfg80211_reconfigure_wep(ifp);
4643 memset(&join_params, 0, sizeof(join_params));
4644 /* join parameters starts with ssid */
4645 memcpy(&join_params.ssid_le, &ssid_le, sizeof(ssid_le));
4647 err = brcmf_fil_cmd_data_set(ifp, BRCMF_C_SET_SSID,
4648 &join_params, sizeof(join_params));
4650 bphy_err(drvr, "SET SSID error (%d)\n", err);
4654 if (settings->hidden_ssid) {
4655 err = brcmf_fil_iovar_int_set(ifp, "closednet", 1);
4657 bphy_err(drvr, "closednet error (%d)\n", err);
4662 brcmf_dbg(TRACE, "AP mode configuration complete\n");
4663 } else if (dev_role == NL80211_IFTYPE_P2P_GO) {
4664 err = brcmf_fil_iovar_int_set(ifp, "chanspec", chanspec);
4666 bphy_err(drvr, "Set Channel failed: chspec=%d, %d\n",
4670 err = brcmf_fil_bsscfg_data_set(ifp, "ssid", &ssid_le,
4673 bphy_err(drvr, "setting ssid failed %d\n", err);
4676 bss_enable.bsscfgidx = cpu_to_le32(ifp->bsscfgidx);
4677 bss_enable.enable = cpu_to_le32(1);
4678 err = brcmf_fil_iovar_data_set(ifp, "bss", &bss_enable,
4679 sizeof(bss_enable));
4681 bphy_err(drvr, "bss_enable config failed %d\n", err);
4685 brcmf_dbg(TRACE, "GO mode configuration complete\n");
4690 brcmf_config_ap_mgmt_ie(ifp->vif, &settings->beacon);
4691 set_bit(BRCMF_VIF_STATUS_AP_CREATED, &ifp->vif->sme_state);
4692 brcmf_net_setcarrier(ifp, true);
4695 if ((err) && (!mbss)) {
4696 brcmf_set_mpc(ifp, 1);
4697 brcmf_configure_arp_nd_offload(ifp, true);
4702 static int brcmf_cfg80211_stop_ap(struct wiphy *wiphy, struct net_device *ndev)
4704 struct brcmf_cfg80211_info *cfg = wiphy_to_cfg(wiphy);
4705 struct brcmf_if *ifp = netdev_priv(ndev);
4706 struct brcmf_pub *drvr = cfg->pub;
4708 struct brcmf_fil_bss_enable_le bss_enable;
4709 struct brcmf_join_params join_params;
4711 brcmf_dbg(TRACE, "Enter\n");
4713 if (ifp->vif->wdev.iftype == NL80211_IFTYPE_AP) {
4714 /* Due to most likely deauths outstanding we sleep */
4715 /* first to make sure they get processed by fw. */
4718 if (ifp->vif->mbss) {
4719 err = brcmf_fil_cmd_int_set(ifp, BRCMF_C_DOWN, 1);
4723 /* First BSS doesn't get a full reset */
4724 if (ifp->bsscfgidx == 0)
4725 brcmf_fil_iovar_int_set(ifp, "closednet", 0);
4727 memset(&join_params, 0, sizeof(join_params));
4728 err = brcmf_fil_cmd_data_set(ifp, BRCMF_C_SET_SSID,
4729 &join_params, sizeof(join_params));
4731 bphy_err(drvr, "SET SSID error (%d)\n", err);
4732 err = brcmf_fil_cmd_int_set(ifp, BRCMF_C_DOWN, 1);
4734 bphy_err(drvr, "BRCMF_C_DOWN error %d\n", err);
4735 err = brcmf_fil_cmd_int_set(ifp, BRCMF_C_SET_AP, 0);
4737 bphy_err(drvr, "setting AP mode failed %d\n", err);
4738 if (brcmf_feat_is_enabled(ifp, BRCMF_FEAT_MBSS))
4739 brcmf_fil_iovar_int_set(ifp, "mbss", 0);
4740 brcmf_fil_cmd_int_set(ifp, BRCMF_C_SET_REGULATORY,
4742 /* Bring device back up so it can be used again */
4743 err = brcmf_fil_cmd_int_set(ifp, BRCMF_C_UP, 1);
4745 bphy_err(drvr, "BRCMF_C_UP error %d\n", err);
4747 brcmf_vif_clear_mgmt_ies(ifp->vif);
4749 bss_enable.bsscfgidx = cpu_to_le32(ifp->bsscfgidx);
4750 bss_enable.enable = cpu_to_le32(0);
4751 err = brcmf_fil_iovar_data_set(ifp, "bss", &bss_enable,
4752 sizeof(bss_enable));
4754 bphy_err(drvr, "bss_enable config failed %d\n", err);
4756 brcmf_set_mpc(ifp, 1);
4757 brcmf_configure_arp_nd_offload(ifp, true);
4758 clear_bit(BRCMF_VIF_STATUS_AP_CREATED, &ifp->vif->sme_state);
4759 brcmf_net_setcarrier(ifp, false);
4765 brcmf_cfg80211_change_beacon(struct wiphy *wiphy, struct net_device *ndev,
4766 struct cfg80211_beacon_data *info)
4768 struct brcmf_if *ifp = netdev_priv(ndev);
4771 brcmf_dbg(TRACE, "Enter\n");
4773 err = brcmf_config_ap_mgmt_ie(ifp->vif, info);
4779 brcmf_cfg80211_del_station(struct wiphy *wiphy, struct net_device *ndev,
4780 struct station_del_parameters *params)
4782 struct brcmf_cfg80211_info *cfg = wiphy_to_cfg(wiphy);
4783 struct brcmf_pub *drvr = cfg->pub;
4784 struct brcmf_scb_val_le scbval;
4785 struct brcmf_if *ifp = netdev_priv(ndev);
4791 brcmf_dbg(TRACE, "Enter %pM\n", params->mac);
4793 if (ifp->vif == cfg->p2p.bss_idx[P2PAPI_BSSCFG_DEVICE].vif)
4794 ifp = cfg->p2p.bss_idx[P2PAPI_BSSCFG_PRIMARY].vif->ifp;
4795 if (!check_vif_up(ifp->vif))
4798 memcpy(&scbval.ea, params->mac, ETH_ALEN);
4799 scbval.val = cpu_to_le32(params->reason_code);
4800 err = brcmf_fil_cmd_data_set(ifp, BRCMF_C_SCB_DEAUTHENTICATE_FOR_REASON,
4801 &scbval, sizeof(scbval));
4803 bphy_err(drvr, "SCB_DEAUTHENTICATE_FOR_REASON failed %d\n",
4806 brcmf_dbg(TRACE, "Exit\n");
4811 brcmf_cfg80211_change_station(struct wiphy *wiphy, struct net_device *ndev,
4812 const u8 *mac, struct station_parameters *params)
4814 struct brcmf_cfg80211_info *cfg = wiphy_to_cfg(wiphy);
4815 struct brcmf_pub *drvr = cfg->pub;
4816 struct brcmf_if *ifp = netdev_priv(ndev);
4819 brcmf_dbg(TRACE, "Enter, MAC %pM, mask 0x%04x set 0x%04x\n", mac,
4820 params->sta_flags_mask, params->sta_flags_set);
4822 /* Ignore all 00 MAC */
4823 if (is_zero_ether_addr(mac))
4826 if (!(params->sta_flags_mask & BIT(NL80211_STA_FLAG_AUTHORIZED)))
4829 if (params->sta_flags_set & BIT(NL80211_STA_FLAG_AUTHORIZED))
4830 err = brcmf_fil_cmd_data_set(ifp, BRCMF_C_SET_SCB_AUTHORIZE,
4831 (void *)mac, ETH_ALEN);
4833 err = brcmf_fil_cmd_data_set(ifp, BRCMF_C_SET_SCB_DEAUTHORIZE,
4834 (void *)mac, ETH_ALEN);
4836 bphy_err(drvr, "Setting SCB (de-)authorize failed, %d\n", err);
4842 brcmf_cfg80211_mgmt_frame_register(struct wiphy *wiphy,
4843 struct wireless_dev *wdev,
4844 u16 frame_type, bool reg)
4846 struct brcmf_cfg80211_vif *vif;
4849 brcmf_dbg(TRACE, "Enter, frame_type %04x, reg=%d\n", frame_type, reg);
4851 mgmt_type = (frame_type & IEEE80211_FCTL_STYPE) >> 4;
4852 vif = container_of(wdev, struct brcmf_cfg80211_vif, wdev);
4854 vif->mgmt_rx_reg |= BIT(mgmt_type);
4856 vif->mgmt_rx_reg &= ~BIT(mgmt_type);
4861 brcmf_cfg80211_mgmt_tx(struct wiphy *wiphy, struct wireless_dev *wdev,
4862 struct cfg80211_mgmt_tx_params *params, u64 *cookie)
4864 struct brcmf_cfg80211_info *cfg = wiphy_to_cfg(wiphy);
4865 struct ieee80211_channel *chan = params->chan;
4866 struct brcmf_pub *drvr = cfg->pub;
4867 const u8 *buf = params->buf;
4868 size_t len = params->len;
4869 const struct ieee80211_mgmt *mgmt;
4870 struct brcmf_cfg80211_vif *vif;
4874 struct brcmf_fil_action_frame_le *action_frame;
4875 struct brcmf_fil_af_params_le *af_params;
4880 brcmf_dbg(TRACE, "Enter\n");
4884 mgmt = (const struct ieee80211_mgmt *)buf;
4886 if (!ieee80211_is_mgmt(mgmt->frame_control)) {
4887 bphy_err(drvr, "Driver only allows MGMT packet type\n");
4891 vif = container_of(wdev, struct brcmf_cfg80211_vif, wdev);
4893 if (ieee80211_is_probe_resp(mgmt->frame_control)) {
4894 /* Right now the only reason to get a probe response */
4895 /* is for p2p listen response or for p2p GO from */
4896 /* wpa_supplicant. Unfortunately the probe is send */
4897 /* on primary ndev, while dongle wants it on the p2p */
4898 /* vif. Since this is only reason for a probe */
4899 /* response to be sent, the vif is taken from cfg. */
4900 /* If ever desired to send proberesp for non p2p */
4901 /* response then data should be checked for */
4902 /* "DIRECT-". Note in future supplicant will take */
4903 /* dedicated p2p wdev to do this and then this 'hack'*/
4904 /* is not needed anymore. */
4905 ie_offset = DOT11_MGMT_HDR_LEN +
4906 DOT11_BCN_PRB_FIXED_LEN;
4907 ie_len = len - ie_offset;
4908 if (vif == cfg->p2p.bss_idx[P2PAPI_BSSCFG_PRIMARY].vif)
4909 vif = cfg->p2p.bss_idx[P2PAPI_BSSCFG_DEVICE].vif;
4910 err = brcmf_vif_set_mgmt_ie(vif,
4911 BRCMF_VNDR_IE_PRBRSP_FLAG,
4914 cfg80211_mgmt_tx_status(wdev, *cookie, buf, len, true,
4916 } else if (ieee80211_is_action(mgmt->frame_control)) {
4917 if (len > BRCMF_FIL_ACTION_FRAME_SIZE + DOT11_MGMT_HDR_LEN) {
4918 bphy_err(drvr, "invalid action frame length\n");
4922 af_params = kzalloc(sizeof(*af_params), GFP_KERNEL);
4923 if (af_params == NULL) {
4924 bphy_err(drvr, "unable to allocate frame\n");
4928 action_frame = &af_params->action_frame;
4929 /* Add the packet Id */
4930 action_frame->packet_id = cpu_to_le32(*cookie);
4932 memcpy(&action_frame->da[0], &mgmt->da[0], ETH_ALEN);
4933 memcpy(&af_params->bssid[0], &mgmt->bssid[0], ETH_ALEN);
4934 /* Add the length exepted for 802.11 header */
4935 action_frame->len = cpu_to_le16(len - DOT11_MGMT_HDR_LEN);
4936 /* Add the channel. Use the one specified as parameter if any or
4937 * the current one (got from the firmware) otherwise
4940 freq = chan->center_freq;
4942 brcmf_fil_cmd_int_get(vif->ifp, BRCMF_C_GET_CHANNEL,
4944 chan_nr = ieee80211_frequency_to_channel(freq);
4945 af_params->channel = cpu_to_le32(chan_nr);
4947 memcpy(action_frame->data, &buf[DOT11_MGMT_HDR_LEN],
4948 le16_to_cpu(action_frame->len));
4950 brcmf_dbg(TRACE, "Action frame, cookie=%lld, len=%d, freq=%d\n",
4951 *cookie, le16_to_cpu(action_frame->len), freq);
4953 ack = brcmf_p2p_send_action_frame(cfg, cfg_to_ndev(cfg),
4956 cfg80211_mgmt_tx_status(wdev, *cookie, buf, len, ack,
4960 brcmf_dbg(TRACE, "Unhandled, fc=%04x!!\n", mgmt->frame_control);
4961 brcmf_dbg_hex_dump(true, buf, len, "payload, len=%zu\n", len);
4970 brcmf_cfg80211_cancel_remain_on_channel(struct wiphy *wiphy,
4971 struct wireless_dev *wdev,
4974 struct brcmf_cfg80211_info *cfg = wiphy_to_cfg(wiphy);
4975 struct brcmf_pub *drvr = cfg->pub;
4976 struct brcmf_cfg80211_vif *vif;
4979 brcmf_dbg(TRACE, "Enter p2p listen cancel\n");
4981 vif = cfg->p2p.bss_idx[P2PAPI_BSSCFG_DEVICE].vif;
4983 bphy_err(drvr, "No p2p device available for probe response\n");
4987 brcmf_p2p_cancel_remain_on_channel(vif->ifp);
4992 static int brcmf_cfg80211_get_channel(struct wiphy *wiphy,
4993 struct wireless_dev *wdev,
4994 struct cfg80211_chan_def *chandef)
4996 struct brcmf_cfg80211_info *cfg = wiphy_to_cfg(wiphy);
4997 struct net_device *ndev = wdev->netdev;
4998 struct brcmf_pub *drvr = cfg->pub;
4999 struct brcmf_if *ifp;
5000 struct brcmu_chan ch;
5001 enum nl80211_band band = 0;
5002 enum nl80211_chan_width width = 0;
5008 ifp = netdev_priv(ndev);
5010 err = brcmf_fil_iovar_int_get(ifp, "chanspec", &chanspec);
5012 bphy_err(drvr, "chanspec failed (%d)\n", err);
5016 ch.chspec = chanspec;
5017 cfg->d11inf.decchspec(&ch);
5020 case BRCMU_CHAN_BAND_2G:
5021 band = NL80211_BAND_2GHZ;
5023 case BRCMU_CHAN_BAND_5G:
5024 band = NL80211_BAND_5GHZ;
5029 case BRCMU_CHAN_BW_80:
5030 width = NL80211_CHAN_WIDTH_80;
5032 case BRCMU_CHAN_BW_40:
5033 width = NL80211_CHAN_WIDTH_40;
5035 case BRCMU_CHAN_BW_20:
5036 width = NL80211_CHAN_WIDTH_20;
5038 case BRCMU_CHAN_BW_80P80:
5039 width = NL80211_CHAN_WIDTH_80P80;
5041 case BRCMU_CHAN_BW_160:
5042 width = NL80211_CHAN_WIDTH_160;
5046 freq = ieee80211_channel_to_frequency(ch.control_ch_num, band);
5047 chandef->chan = ieee80211_get_channel(wiphy, freq);
5048 chandef->width = width;
5049 chandef->center_freq1 = ieee80211_channel_to_frequency(ch.chnum, band);
5050 chandef->center_freq2 = 0;
5055 static int brcmf_cfg80211_crit_proto_start(struct wiphy *wiphy,
5056 struct wireless_dev *wdev,
5057 enum nl80211_crit_proto_id proto,
5060 struct brcmf_cfg80211_info *cfg = wiphy_to_cfg(wiphy);
5061 struct brcmf_cfg80211_vif *vif;
5063 vif = container_of(wdev, struct brcmf_cfg80211_vif, wdev);
5065 /* only DHCP support for now */
5066 if (proto != NL80211_CRIT_PROTO_DHCP)
5069 /* suppress and abort scanning */
5070 set_bit(BRCMF_SCAN_STATUS_SUPPRESS, &cfg->scan_status);
5071 brcmf_abort_scanning(cfg);
5073 return brcmf_btcoex_set_mode(vif, BRCMF_BTCOEX_DISABLED, duration);
5076 static void brcmf_cfg80211_crit_proto_stop(struct wiphy *wiphy,
5077 struct wireless_dev *wdev)
5079 struct brcmf_cfg80211_info *cfg = wiphy_to_cfg(wiphy);
5080 struct brcmf_cfg80211_vif *vif;
5082 vif = container_of(wdev, struct brcmf_cfg80211_vif, wdev);
5084 brcmf_btcoex_set_mode(vif, BRCMF_BTCOEX_ENABLED, 0);
5085 clear_bit(BRCMF_SCAN_STATUS_SUPPRESS, &cfg->scan_status);
5089 brcmf_notify_tdls_peer_event(struct brcmf_if *ifp,
5090 const struct brcmf_event_msg *e, void *data)
5092 switch (e->reason) {
5093 case BRCMF_E_REASON_TDLS_PEER_DISCOVERED:
5094 brcmf_dbg(TRACE, "TDLS Peer Discovered\n");
5096 case BRCMF_E_REASON_TDLS_PEER_CONNECTED:
5097 brcmf_dbg(TRACE, "TDLS Peer Connected\n");
5098 brcmf_proto_add_tdls_peer(ifp->drvr, ifp->ifidx, (u8 *)e->addr);
5100 case BRCMF_E_REASON_TDLS_PEER_DISCONNECTED:
5101 brcmf_dbg(TRACE, "TDLS Peer Disconnected\n");
5102 brcmf_proto_delete_peer(ifp->drvr, ifp->ifidx, (u8 *)e->addr);
5109 static int brcmf_convert_nl80211_tdls_oper(enum nl80211_tdls_operation oper)
5114 case NL80211_TDLS_DISCOVERY_REQ:
5115 ret = BRCMF_TDLS_MANUAL_EP_DISCOVERY;
5117 case NL80211_TDLS_SETUP:
5118 ret = BRCMF_TDLS_MANUAL_EP_CREATE;
5120 case NL80211_TDLS_TEARDOWN:
5121 ret = BRCMF_TDLS_MANUAL_EP_DELETE;
5124 brcmf_err("unsupported operation: %d\n", oper);
5130 static int brcmf_cfg80211_tdls_oper(struct wiphy *wiphy,
5131 struct net_device *ndev, const u8 *peer,
5132 enum nl80211_tdls_operation oper)
5134 struct brcmf_cfg80211_info *cfg = wiphy_to_cfg(wiphy);
5135 struct brcmf_pub *drvr = cfg->pub;
5136 struct brcmf_if *ifp;
5137 struct brcmf_tdls_iovar_le info;
5140 ret = brcmf_convert_nl80211_tdls_oper(oper);
5144 ifp = netdev_priv(ndev);
5145 memset(&info, 0, sizeof(info));
5146 info.mode = (u8)ret;
5148 memcpy(info.ea, peer, ETH_ALEN);
5150 ret = brcmf_fil_iovar_data_set(ifp, "tdls_endpoint",
5151 &info, sizeof(info));
5153 bphy_err(drvr, "tdls_endpoint iovar failed: ret=%d\n", ret);
5159 brcmf_cfg80211_update_conn_params(struct wiphy *wiphy,
5160 struct net_device *ndev,
5161 struct cfg80211_connect_params *sme,
5164 struct brcmf_cfg80211_info *cfg = wiphy_to_cfg(wiphy);
5165 struct brcmf_pub *drvr = cfg->pub;
5166 struct brcmf_if *ifp;
5169 if (!(changed & UPDATE_ASSOC_IES))
5172 ifp = netdev_priv(ndev);
5173 err = brcmf_vif_set_mgmt_ie(ifp->vif, BRCMF_VNDR_IE_ASSOCREQ_FLAG,
5174 sme->ie, sme->ie_len);
5176 bphy_err(drvr, "Set Assoc REQ IE Failed\n");
5178 brcmf_dbg(TRACE, "Applied Vndr IEs for Assoc request\n");
5185 brcmf_cfg80211_set_rekey_data(struct wiphy *wiphy, struct net_device *ndev,
5186 struct cfg80211_gtk_rekey_data *gtk)
5188 struct brcmf_cfg80211_info *cfg = wiphy_to_cfg(wiphy);
5189 struct brcmf_pub *drvr = cfg->pub;
5190 struct brcmf_if *ifp = netdev_priv(ndev);
5191 struct brcmf_gtk_keyinfo_le gtk_le;
5194 brcmf_dbg(TRACE, "Enter, bssidx=%d\n", ifp->bsscfgidx);
5196 memcpy(gtk_le.kck, gtk->kck, sizeof(gtk_le.kck));
5197 memcpy(gtk_le.kek, gtk->kek, sizeof(gtk_le.kek));
5198 memcpy(gtk_le.replay_counter, gtk->replay_ctr,
5199 sizeof(gtk_le.replay_counter));
5201 ret = brcmf_fil_iovar_data_set(ifp, "gtk_key_info", >k_le,
5204 bphy_err(drvr, "gtk_key_info iovar failed: ret=%d\n", ret);
5210 static int brcmf_cfg80211_set_pmk(struct wiphy *wiphy, struct net_device *dev,
5211 const struct cfg80211_pmk_conf *conf)
5213 struct brcmf_if *ifp;
5215 brcmf_dbg(TRACE, "enter\n");
5217 /* expect using firmware supplicant for 1X */
5218 ifp = netdev_priv(dev);
5219 if (WARN_ON(ifp->vif->profile.use_fwsup != BRCMF_PROFILE_FWSUP_1X))
5222 if (conf->pmk_len > BRCMF_WSEC_MAX_PSK_LEN)
5225 return brcmf_set_pmk(ifp, conf->pmk, conf->pmk_len);
5228 static int brcmf_cfg80211_del_pmk(struct wiphy *wiphy, struct net_device *dev,
5231 struct brcmf_if *ifp;
5233 brcmf_dbg(TRACE, "enter\n");
5234 ifp = netdev_priv(dev);
5235 if (WARN_ON(ifp->vif->profile.use_fwsup != BRCMF_PROFILE_FWSUP_1X))
5238 return brcmf_set_pmk(ifp, NULL, 0);
5241 static struct cfg80211_ops brcmf_cfg80211_ops = {
5242 .add_virtual_intf = brcmf_cfg80211_add_iface,
5243 .del_virtual_intf = brcmf_cfg80211_del_iface,
5244 .change_virtual_intf = brcmf_cfg80211_change_iface,
5245 .scan = brcmf_cfg80211_scan,
5246 .set_wiphy_params = brcmf_cfg80211_set_wiphy_params,
5247 .join_ibss = brcmf_cfg80211_join_ibss,
5248 .leave_ibss = brcmf_cfg80211_leave_ibss,
5249 .get_station = brcmf_cfg80211_get_station,
5250 .dump_station = brcmf_cfg80211_dump_station,
5251 .set_tx_power = brcmf_cfg80211_set_tx_power,
5252 .get_tx_power = brcmf_cfg80211_get_tx_power,
5253 .add_key = brcmf_cfg80211_add_key,
5254 .del_key = brcmf_cfg80211_del_key,
5255 .get_key = brcmf_cfg80211_get_key,
5256 .set_default_key = brcmf_cfg80211_config_default_key,
5257 .set_default_mgmt_key = brcmf_cfg80211_config_default_mgmt_key,
5258 .set_power_mgmt = brcmf_cfg80211_set_power_mgmt,
5259 .connect = brcmf_cfg80211_connect,
5260 .disconnect = brcmf_cfg80211_disconnect,
5261 .suspend = brcmf_cfg80211_suspend,
5262 .resume = brcmf_cfg80211_resume,
5263 .set_pmksa = brcmf_cfg80211_set_pmksa,
5264 .del_pmksa = brcmf_cfg80211_del_pmksa,
5265 .flush_pmksa = brcmf_cfg80211_flush_pmksa,
5266 .start_ap = brcmf_cfg80211_start_ap,
5267 .stop_ap = brcmf_cfg80211_stop_ap,
5268 .change_beacon = brcmf_cfg80211_change_beacon,
5269 .del_station = brcmf_cfg80211_del_station,
5270 .change_station = brcmf_cfg80211_change_station,
5271 .sched_scan_start = brcmf_cfg80211_sched_scan_start,
5272 .sched_scan_stop = brcmf_cfg80211_sched_scan_stop,
5273 .mgmt_frame_register = brcmf_cfg80211_mgmt_frame_register,
5274 .mgmt_tx = brcmf_cfg80211_mgmt_tx,
5275 .remain_on_channel = brcmf_p2p_remain_on_channel,
5276 .cancel_remain_on_channel = brcmf_cfg80211_cancel_remain_on_channel,
5277 .get_channel = brcmf_cfg80211_get_channel,
5278 .start_p2p_device = brcmf_p2p_start_device,
5279 .stop_p2p_device = brcmf_p2p_stop_device,
5280 .crit_proto_start = brcmf_cfg80211_crit_proto_start,
5281 .crit_proto_stop = brcmf_cfg80211_crit_proto_stop,
5282 .tdls_oper = brcmf_cfg80211_tdls_oper,
5283 .update_connect_params = brcmf_cfg80211_update_conn_params,
5284 .set_pmk = brcmf_cfg80211_set_pmk,
5285 .del_pmk = brcmf_cfg80211_del_pmk,
5288 struct cfg80211_ops *brcmf_cfg80211_get_ops(struct brcmf_mp_device *settings)
5290 struct cfg80211_ops *ops;
5292 ops = kmemdup(&brcmf_cfg80211_ops, sizeof(brcmf_cfg80211_ops),
5295 if (ops && settings->roamoff)
5296 ops->update_connect_params = NULL;
5301 struct brcmf_cfg80211_vif *brcmf_alloc_vif(struct brcmf_cfg80211_info *cfg,
5302 enum nl80211_iftype type)
5304 struct brcmf_cfg80211_vif *vif_walk;
5305 struct brcmf_cfg80211_vif *vif;
5308 brcmf_dbg(TRACE, "allocating virtual interface (size=%zu)\n",
5310 vif = kzalloc(sizeof(*vif), GFP_KERNEL);
5312 return ERR_PTR(-ENOMEM);
5314 vif->wdev.wiphy = cfg->wiphy;
5315 vif->wdev.iftype = type;
5317 brcmf_init_prof(&vif->profile);
5319 if (type == NL80211_IFTYPE_AP) {
5321 list_for_each_entry(vif_walk, &cfg->vif_list, list) {
5322 if (vif_walk->wdev.iftype == NL80211_IFTYPE_AP) {
5330 list_add_tail(&vif->list, &cfg->vif_list);
5334 void brcmf_free_vif(struct brcmf_cfg80211_vif *vif)
5336 list_del(&vif->list);
5340 void brcmf_cfg80211_free_netdev(struct net_device *ndev)
5342 struct brcmf_cfg80211_vif *vif;
5343 struct brcmf_if *ifp;
5345 ifp = netdev_priv(ndev);
5349 brcmf_free_vif(vif);
5352 static bool brcmf_is_linkup(struct brcmf_cfg80211_vif *vif,
5353 const struct brcmf_event_msg *e)
5355 u32 event = e->event_code;
5356 u32 status = e->status;
5358 if (vif->profile.use_fwsup == BRCMF_PROFILE_FWSUP_PSK &&
5359 event == BRCMF_E_PSK_SUP &&
5360 status == BRCMF_E_STATUS_FWSUP_COMPLETED)
5361 set_bit(BRCMF_VIF_STATUS_EAP_SUCCESS, &vif->sme_state);
5362 if (event == BRCMF_E_SET_SSID && status == BRCMF_E_STATUS_SUCCESS) {
5363 brcmf_dbg(CONN, "Processing set ssid\n");
5364 memcpy(vif->profile.bssid, e->addr, ETH_ALEN);
5365 if (vif->profile.use_fwsup != BRCMF_PROFILE_FWSUP_PSK)
5368 set_bit(BRCMF_VIF_STATUS_ASSOC_SUCCESS, &vif->sme_state);
5371 if (test_bit(BRCMF_VIF_STATUS_EAP_SUCCESS, &vif->sme_state) &&
5372 test_bit(BRCMF_VIF_STATUS_ASSOC_SUCCESS, &vif->sme_state)) {
5373 clear_bit(BRCMF_VIF_STATUS_EAP_SUCCESS, &vif->sme_state);
5374 clear_bit(BRCMF_VIF_STATUS_ASSOC_SUCCESS, &vif->sme_state);
5380 static bool brcmf_is_linkdown(const struct brcmf_event_msg *e)
5382 u32 event = e->event_code;
5383 u16 flags = e->flags;
5385 if ((event == BRCMF_E_DEAUTH) || (event == BRCMF_E_DEAUTH_IND) ||
5386 (event == BRCMF_E_DISASSOC_IND) ||
5387 ((event == BRCMF_E_LINK) && (!(flags & BRCMF_EVENT_MSG_LINK)))) {
5388 brcmf_dbg(CONN, "Processing link down\n");
5394 static bool brcmf_is_nonetwork(struct brcmf_cfg80211_info *cfg,
5395 const struct brcmf_event_msg *e)
5397 u32 event = e->event_code;
5398 u32 status = e->status;
5400 if (event == BRCMF_E_LINK && status == BRCMF_E_STATUS_NO_NETWORKS) {
5401 brcmf_dbg(CONN, "Processing Link %s & no network found\n",
5402 e->flags & BRCMF_EVENT_MSG_LINK ? "up" : "down");
5406 if (event == BRCMF_E_SET_SSID && status != BRCMF_E_STATUS_SUCCESS) {
5407 brcmf_dbg(CONN, "Processing connecting & no network found\n");
5411 if (event == BRCMF_E_PSK_SUP &&
5412 status != BRCMF_E_STATUS_FWSUP_COMPLETED) {
5413 brcmf_dbg(CONN, "Processing failed supplicant state: %u\n",
5421 static void brcmf_clear_assoc_ies(struct brcmf_cfg80211_info *cfg)
5423 struct brcmf_cfg80211_connect_info *conn_info = cfg_to_conn(cfg);
5425 kfree(conn_info->req_ie);
5426 conn_info->req_ie = NULL;
5427 conn_info->req_ie_len = 0;
5428 kfree(conn_info->resp_ie);
5429 conn_info->resp_ie = NULL;
5430 conn_info->resp_ie_len = 0;
5433 static s32 brcmf_get_assoc_ies(struct brcmf_cfg80211_info *cfg,
5434 struct brcmf_if *ifp)
5436 struct brcmf_pub *drvr = cfg->pub;
5437 struct brcmf_cfg80211_assoc_ielen_le *assoc_info;
5438 struct brcmf_cfg80211_connect_info *conn_info = cfg_to_conn(cfg);
5443 brcmf_clear_assoc_ies(cfg);
5445 err = brcmf_fil_iovar_data_get(ifp, "assoc_info",
5446 cfg->extra_buf, WL_ASSOC_INFO_MAX);
5448 bphy_err(drvr, "could not get assoc info (%d)\n", err);
5452 (struct brcmf_cfg80211_assoc_ielen_le *)cfg->extra_buf;
5453 req_len = le32_to_cpu(assoc_info->req_len);
5454 resp_len = le32_to_cpu(assoc_info->resp_len);
5456 err = brcmf_fil_iovar_data_get(ifp, "assoc_req_ies",
5460 bphy_err(drvr, "could not get assoc req (%d)\n", err);
5463 conn_info->req_ie_len = req_len;
5465 kmemdup(cfg->extra_buf, conn_info->req_ie_len,
5467 if (!conn_info->req_ie)
5468 conn_info->req_ie_len = 0;
5470 conn_info->req_ie_len = 0;
5471 conn_info->req_ie = NULL;
5474 err = brcmf_fil_iovar_data_get(ifp, "assoc_resp_ies",
5478 bphy_err(drvr, "could not get assoc resp (%d)\n", err);
5481 conn_info->resp_ie_len = resp_len;
5482 conn_info->resp_ie =
5483 kmemdup(cfg->extra_buf, conn_info->resp_ie_len,
5485 if (!conn_info->resp_ie)
5486 conn_info->resp_ie_len = 0;
5488 conn_info->resp_ie_len = 0;
5489 conn_info->resp_ie = NULL;
5491 brcmf_dbg(CONN, "req len (%d) resp len (%d)\n",
5492 conn_info->req_ie_len, conn_info->resp_ie_len);
5498 brcmf_bss_roaming_done(struct brcmf_cfg80211_info *cfg,
5499 struct net_device *ndev,
5500 const struct brcmf_event_msg *e)
5502 struct brcmf_if *ifp = netdev_priv(ndev);
5503 struct brcmf_cfg80211_profile *profile = &ifp->vif->profile;
5504 struct brcmf_cfg80211_connect_info *conn_info = cfg_to_conn(cfg);
5505 struct wiphy *wiphy = cfg_to_wiphy(cfg);
5506 struct ieee80211_channel *notify_channel = NULL;
5507 struct ieee80211_supported_band *band;
5508 struct brcmf_bss_info_le *bi;
5509 struct brcmu_chan ch;
5510 struct cfg80211_roam_info roam_info = {};
5515 brcmf_dbg(TRACE, "Enter\n");
5517 brcmf_get_assoc_ies(cfg, ifp);
5518 memcpy(profile->bssid, e->addr, ETH_ALEN);
5519 brcmf_update_bss_info(cfg, ifp);
5521 buf = kzalloc(WL_BSS_INFO_MAX, GFP_KERNEL);
5527 /* data sent to dongle has to be little endian */
5528 *(__le32 *)buf = cpu_to_le32(WL_BSS_INFO_MAX);
5529 err = brcmf_fil_cmd_data_get(ifp, BRCMF_C_GET_BSS_INFO,
5530 buf, WL_BSS_INFO_MAX);
5535 bi = (struct brcmf_bss_info_le *)(buf + 4);
5536 ch.chspec = le16_to_cpu(bi->chanspec);
5537 cfg->d11inf.decchspec(&ch);
5539 if (ch.band == BRCMU_CHAN_BAND_2G)
5540 band = wiphy->bands[NL80211_BAND_2GHZ];
5542 band = wiphy->bands[NL80211_BAND_5GHZ];
5544 freq = ieee80211_channel_to_frequency(ch.control_ch_num, band->band);
5545 notify_channel = ieee80211_get_channel(wiphy, freq);
5550 roam_info.channel = notify_channel;
5551 roam_info.bssid = profile->bssid;
5552 roam_info.req_ie = conn_info->req_ie;
5553 roam_info.req_ie_len = conn_info->req_ie_len;
5554 roam_info.resp_ie = conn_info->resp_ie;
5555 roam_info.resp_ie_len = conn_info->resp_ie_len;
5557 cfg80211_roamed(ndev, &roam_info, GFP_KERNEL);
5558 brcmf_dbg(CONN, "Report roaming result\n");
5560 set_bit(BRCMF_VIF_STATUS_CONNECTED, &ifp->vif->sme_state);
5561 brcmf_dbg(TRACE, "Exit\n");
5566 brcmf_bss_connect_done(struct brcmf_cfg80211_info *cfg,
5567 struct net_device *ndev, const struct brcmf_event_msg *e,
5570 struct brcmf_if *ifp = netdev_priv(ndev);
5571 struct brcmf_cfg80211_profile *profile = &ifp->vif->profile;
5572 struct brcmf_cfg80211_connect_info *conn_info = cfg_to_conn(cfg);
5573 struct cfg80211_connect_resp_params conn_params;
5575 brcmf_dbg(TRACE, "Enter\n");
5577 if (test_and_clear_bit(BRCMF_VIF_STATUS_CONNECTING,
5578 &ifp->vif->sme_state)) {
5579 memset(&conn_params, 0, sizeof(conn_params));
5581 brcmf_get_assoc_ies(cfg, ifp);
5582 brcmf_update_bss_info(cfg, ifp);
5583 set_bit(BRCMF_VIF_STATUS_CONNECTED,
5584 &ifp->vif->sme_state);
5585 conn_params.status = WLAN_STATUS_SUCCESS;
5587 conn_params.status = WLAN_STATUS_AUTH_TIMEOUT;
5589 conn_params.bssid = profile->bssid;
5590 conn_params.req_ie = conn_info->req_ie;
5591 conn_params.req_ie_len = conn_info->req_ie_len;
5592 conn_params.resp_ie = conn_info->resp_ie;
5593 conn_params.resp_ie_len = conn_info->resp_ie_len;
5594 cfg80211_connect_done(ndev, &conn_params, GFP_KERNEL);
5595 brcmf_dbg(CONN, "Report connect result - connection %s\n",
5596 completed ? "succeeded" : "failed");
5598 brcmf_dbg(TRACE, "Exit\n");
5603 brcmf_notify_connect_status_ap(struct brcmf_cfg80211_info *cfg,
5604 struct net_device *ndev,
5605 const struct brcmf_event_msg *e, void *data)
5607 struct brcmf_pub *drvr = cfg->pub;
5608 static int generation;
5609 u32 event = e->event_code;
5610 u32 reason = e->reason;
5611 struct station_info *sinfo;
5613 brcmf_dbg(CONN, "event %s (%u), reason %d\n",
5614 brcmf_fweh_event_name(event), event, reason);
5615 if (event == BRCMF_E_LINK && reason == BRCMF_E_REASON_LINK_BSSCFG_DIS &&
5616 ndev != cfg_to_ndev(cfg)) {
5617 brcmf_dbg(CONN, "AP mode link down\n");
5618 complete(&cfg->vif_disabled);
5622 if (((event == BRCMF_E_ASSOC_IND) || (event == BRCMF_E_REASSOC_IND)) &&
5623 (reason == BRCMF_E_STATUS_SUCCESS)) {
5625 bphy_err(drvr, "No IEs present in ASSOC/REASSOC_IND\n");
5629 sinfo = kzalloc(sizeof(*sinfo), GFP_KERNEL);
5633 sinfo->assoc_req_ies = data;
5634 sinfo->assoc_req_ies_len = e->datalen;
5636 sinfo->generation = generation;
5637 cfg80211_new_sta(ndev, e->addr, sinfo, GFP_KERNEL);
5640 } else if ((event == BRCMF_E_DISASSOC_IND) ||
5641 (event == BRCMF_E_DEAUTH_IND) ||
5642 (event == BRCMF_E_DEAUTH)) {
5643 cfg80211_del_sta(ndev, e->addr, GFP_KERNEL);
5649 brcmf_notify_connect_status(struct brcmf_if *ifp,
5650 const struct brcmf_event_msg *e, void *data)
5652 struct brcmf_cfg80211_info *cfg = ifp->drvr->config;
5653 struct net_device *ndev = ifp->ndev;
5654 struct brcmf_cfg80211_profile *profile = &ifp->vif->profile;
5655 struct ieee80211_channel *chan;
5658 if ((e->event_code == BRCMF_E_DEAUTH) ||
5659 (e->event_code == BRCMF_E_DEAUTH_IND) ||
5660 (e->event_code == BRCMF_E_DISASSOC_IND) ||
5661 ((e->event_code == BRCMF_E_LINK) && (!e->flags))) {
5662 brcmf_proto_delete_peer(ifp->drvr, ifp->ifidx, (u8 *)e->addr);
5665 if (brcmf_is_apmode(ifp->vif)) {
5666 err = brcmf_notify_connect_status_ap(cfg, ndev, e, data);
5667 } else if (brcmf_is_linkup(ifp->vif, e)) {
5668 brcmf_dbg(CONN, "Linkup\n");
5669 if (brcmf_is_ibssmode(ifp->vif)) {
5670 brcmf_inform_ibss(cfg, ndev, e->addr);
5671 chan = ieee80211_get_channel(cfg->wiphy, cfg->channel);
5672 memcpy(profile->bssid, e->addr, ETH_ALEN);
5673 cfg80211_ibss_joined(ndev, e->addr, chan, GFP_KERNEL);
5674 clear_bit(BRCMF_VIF_STATUS_CONNECTING,
5675 &ifp->vif->sme_state);
5676 set_bit(BRCMF_VIF_STATUS_CONNECTED,
5677 &ifp->vif->sme_state);
5679 brcmf_bss_connect_done(cfg, ndev, e, true);
5680 brcmf_net_setcarrier(ifp, true);
5681 } else if (brcmf_is_linkdown(e)) {
5682 brcmf_dbg(CONN, "Linkdown\n");
5683 if (!brcmf_is_ibssmode(ifp->vif)) {
5684 brcmf_bss_connect_done(cfg, ndev, e, false);
5685 brcmf_link_down(ifp->vif,
5686 brcmf_map_fw_linkdown_reason(e));
5687 brcmf_init_prof(ndev_to_prof(ndev));
5688 if (ndev != cfg_to_ndev(cfg))
5689 complete(&cfg->vif_disabled);
5690 brcmf_net_setcarrier(ifp, false);
5692 } else if (brcmf_is_nonetwork(cfg, e)) {
5693 if (brcmf_is_ibssmode(ifp->vif))
5694 clear_bit(BRCMF_VIF_STATUS_CONNECTING,
5695 &ifp->vif->sme_state);
5697 brcmf_bss_connect_done(cfg, ndev, e, false);
5704 brcmf_notify_roaming_status(struct brcmf_if *ifp,
5705 const struct brcmf_event_msg *e, void *data)
5707 struct brcmf_cfg80211_info *cfg = ifp->drvr->config;
5708 u32 event = e->event_code;
5709 u32 status = e->status;
5711 if (event == BRCMF_E_ROAM && status == BRCMF_E_STATUS_SUCCESS) {
5712 if (test_bit(BRCMF_VIF_STATUS_CONNECTED,
5713 &ifp->vif->sme_state)) {
5714 brcmf_bss_roaming_done(cfg, ifp->ndev, e);
5716 brcmf_bss_connect_done(cfg, ifp->ndev, e, true);
5717 brcmf_net_setcarrier(ifp, true);
5725 brcmf_notify_mic_status(struct brcmf_if *ifp,
5726 const struct brcmf_event_msg *e, void *data)
5728 u16 flags = e->flags;
5729 enum nl80211_key_type key_type;
5731 if (flags & BRCMF_EVENT_MSG_GROUP)
5732 key_type = NL80211_KEYTYPE_GROUP;
5734 key_type = NL80211_KEYTYPE_PAIRWISE;
5736 cfg80211_michael_mic_failure(ifp->ndev, (u8 *)&e->addr, key_type, -1,
5742 static s32 brcmf_notify_vif_event(struct brcmf_if *ifp,
5743 const struct brcmf_event_msg *e, void *data)
5745 struct brcmf_cfg80211_info *cfg = ifp->drvr->config;
5746 struct brcmf_if_event *ifevent = (struct brcmf_if_event *)data;
5747 struct brcmf_cfg80211_vif_event *event = &cfg->vif_event;
5748 struct brcmf_cfg80211_vif *vif;
5750 brcmf_dbg(TRACE, "Enter: action %u flags %u ifidx %u bsscfgidx %u\n",
5751 ifevent->action, ifevent->flags, ifevent->ifidx,
5752 ifevent->bsscfgidx);
5754 spin_lock(&event->vif_event_lock);
5755 event->action = ifevent->action;
5758 switch (ifevent->action) {
5759 case BRCMF_E_IF_ADD:
5760 /* waiting process may have timed out */
5761 if (!cfg->vif_event.vif) {
5762 spin_unlock(&event->vif_event_lock);
5769 vif->wdev.netdev = ifp->ndev;
5770 ifp->ndev->ieee80211_ptr = &vif->wdev;
5771 SET_NETDEV_DEV(ifp->ndev, wiphy_dev(cfg->wiphy));
5773 spin_unlock(&event->vif_event_lock);
5774 wake_up(&event->vif_wq);
5777 case BRCMF_E_IF_DEL:
5778 spin_unlock(&event->vif_event_lock);
5779 /* event may not be upon user request */
5780 if (brcmf_cfg80211_vif_event_armed(cfg))
5781 wake_up(&event->vif_wq);
5784 case BRCMF_E_IF_CHANGE:
5785 spin_unlock(&event->vif_event_lock);
5786 wake_up(&event->vif_wq);
5790 spin_unlock(&event->vif_event_lock);
5796 static void brcmf_init_conf(struct brcmf_cfg80211_conf *conf)
5798 conf->frag_threshold = (u32)-1;
5799 conf->rts_threshold = (u32)-1;
5800 conf->retry_short = (u32)-1;
5801 conf->retry_long = (u32)-1;
5804 static void brcmf_register_event_handlers(struct brcmf_cfg80211_info *cfg)
5806 brcmf_fweh_register(cfg->pub, BRCMF_E_LINK,
5807 brcmf_notify_connect_status);
5808 brcmf_fweh_register(cfg->pub, BRCMF_E_DEAUTH_IND,
5809 brcmf_notify_connect_status);
5810 brcmf_fweh_register(cfg->pub, BRCMF_E_DEAUTH,
5811 brcmf_notify_connect_status);
5812 brcmf_fweh_register(cfg->pub, BRCMF_E_DISASSOC_IND,
5813 brcmf_notify_connect_status);
5814 brcmf_fweh_register(cfg->pub, BRCMF_E_ASSOC_IND,
5815 brcmf_notify_connect_status);
5816 brcmf_fweh_register(cfg->pub, BRCMF_E_REASSOC_IND,
5817 brcmf_notify_connect_status);
5818 brcmf_fweh_register(cfg->pub, BRCMF_E_ROAM,
5819 brcmf_notify_roaming_status);
5820 brcmf_fweh_register(cfg->pub, BRCMF_E_MIC_ERROR,
5821 brcmf_notify_mic_status);
5822 brcmf_fweh_register(cfg->pub, BRCMF_E_SET_SSID,
5823 brcmf_notify_connect_status);
5824 brcmf_fweh_register(cfg->pub, BRCMF_E_PFN_NET_FOUND,
5825 brcmf_notify_sched_scan_results);
5826 brcmf_fweh_register(cfg->pub, BRCMF_E_IF,
5827 brcmf_notify_vif_event);
5828 brcmf_fweh_register(cfg->pub, BRCMF_E_P2P_PROBEREQ_MSG,
5829 brcmf_p2p_notify_rx_mgmt_p2p_probereq);
5830 brcmf_fweh_register(cfg->pub, BRCMF_E_P2P_DISC_LISTEN_COMPLETE,
5831 brcmf_p2p_notify_listen_complete);
5832 brcmf_fweh_register(cfg->pub, BRCMF_E_ACTION_FRAME_RX,
5833 brcmf_p2p_notify_action_frame_rx);
5834 brcmf_fweh_register(cfg->pub, BRCMF_E_ACTION_FRAME_COMPLETE,
5835 brcmf_p2p_notify_action_tx_complete);
5836 brcmf_fweh_register(cfg->pub, BRCMF_E_ACTION_FRAME_OFF_CHAN_COMPLETE,
5837 brcmf_p2p_notify_action_tx_complete);
5838 brcmf_fweh_register(cfg->pub, BRCMF_E_PSK_SUP,
5839 brcmf_notify_connect_status);
5842 static void brcmf_deinit_priv_mem(struct brcmf_cfg80211_info *cfg)
5846 kfree(cfg->extra_buf);
5847 cfg->extra_buf = NULL;
5848 kfree(cfg->wowl.nd);
5849 cfg->wowl.nd = NULL;
5850 kfree(cfg->wowl.nd_info);
5851 cfg->wowl.nd_info = NULL;
5852 kfree(cfg->escan_info.escan_buf);
5853 cfg->escan_info.escan_buf = NULL;
5856 static s32 brcmf_init_priv_mem(struct brcmf_cfg80211_info *cfg)
5858 cfg->conf = kzalloc(sizeof(*cfg->conf), GFP_KERNEL);
5860 goto init_priv_mem_out;
5861 cfg->extra_buf = kzalloc(WL_EXTRA_BUF_MAX, GFP_KERNEL);
5862 if (!cfg->extra_buf)
5863 goto init_priv_mem_out;
5864 cfg->wowl.nd = kzalloc(sizeof(*cfg->wowl.nd) + sizeof(u32), GFP_KERNEL);
5866 goto init_priv_mem_out;
5867 cfg->wowl.nd_info = kzalloc(sizeof(*cfg->wowl.nd_info) +
5868 sizeof(struct cfg80211_wowlan_nd_match *),
5870 if (!cfg->wowl.nd_info)
5871 goto init_priv_mem_out;
5872 cfg->escan_info.escan_buf = kzalloc(BRCMF_ESCAN_BUF_SIZE, GFP_KERNEL);
5873 if (!cfg->escan_info.escan_buf)
5874 goto init_priv_mem_out;
5879 brcmf_deinit_priv_mem(cfg);
5884 static s32 wl_init_priv(struct brcmf_cfg80211_info *cfg)
5888 cfg->scan_request = NULL;
5889 cfg->pwr_save = true;
5890 cfg->dongle_up = false; /* dongle is not up yet */
5891 err = brcmf_init_priv_mem(cfg);
5894 brcmf_register_event_handlers(cfg);
5895 mutex_init(&cfg->usr_sync);
5896 brcmf_init_escan(cfg);
5897 brcmf_init_conf(cfg->conf);
5898 init_completion(&cfg->vif_disabled);
5902 static void wl_deinit_priv(struct brcmf_cfg80211_info *cfg)
5904 cfg->dongle_up = false; /* dongle down */
5905 brcmf_abort_scanning(cfg);
5906 brcmf_deinit_priv_mem(cfg);
5909 static void init_vif_event(struct brcmf_cfg80211_vif_event *event)
5911 init_waitqueue_head(&event->vif_wq);
5912 spin_lock_init(&event->vif_event_lock);
5915 static s32 brcmf_dongle_roam(struct brcmf_if *ifp)
5917 struct brcmf_pub *drvr = ifp->drvr;
5920 __le32 roamtrigger[2];
5921 __le32 roam_delta[2];
5923 /* Configure beacon timeout value based upon roaming setting */
5924 if (ifp->drvr->settings->roamoff)
5925 bcn_timeout = BRCMF_DEFAULT_BCN_TIMEOUT_ROAM_OFF;
5927 bcn_timeout = BRCMF_DEFAULT_BCN_TIMEOUT_ROAM_ON;
5928 err = brcmf_fil_iovar_int_set(ifp, "bcn_timeout", bcn_timeout);
5930 bphy_err(drvr, "bcn_timeout error (%d)\n", err);
5931 goto roam_setup_done;
5934 /* Enable/Disable built-in roaming to allow supplicant to take care of
5937 brcmf_dbg(INFO, "Internal Roaming = %s\n",
5938 ifp->drvr->settings->roamoff ? "Off" : "On");
5939 err = brcmf_fil_iovar_int_set(ifp, "roam_off",
5940 ifp->drvr->settings->roamoff);
5942 bphy_err(drvr, "roam_off error (%d)\n", err);
5943 goto roam_setup_done;
5946 roamtrigger[0] = cpu_to_le32(WL_ROAM_TRIGGER_LEVEL);
5947 roamtrigger[1] = cpu_to_le32(BRCM_BAND_ALL);
5948 err = brcmf_fil_cmd_data_set(ifp, BRCMF_C_SET_ROAM_TRIGGER,
5949 (void *)roamtrigger, sizeof(roamtrigger));
5951 bphy_err(drvr, "WLC_SET_ROAM_TRIGGER error (%d)\n", err);
5952 goto roam_setup_done;
5955 roam_delta[0] = cpu_to_le32(WL_ROAM_DELTA);
5956 roam_delta[1] = cpu_to_le32(BRCM_BAND_ALL);
5957 err = brcmf_fil_cmd_data_set(ifp, BRCMF_C_SET_ROAM_DELTA,
5958 (void *)roam_delta, sizeof(roam_delta));
5960 bphy_err(drvr, "WLC_SET_ROAM_DELTA error (%d)\n", err);
5961 goto roam_setup_done;
5969 brcmf_dongle_scantime(struct brcmf_if *ifp)
5971 struct brcmf_pub *drvr = ifp->drvr;
5974 err = brcmf_fil_cmd_int_set(ifp, BRCMF_C_SET_SCAN_CHANNEL_TIME,
5975 BRCMF_SCAN_CHANNEL_TIME);
5977 bphy_err(drvr, "Scan assoc time error (%d)\n", err);
5978 goto dongle_scantime_out;
5980 err = brcmf_fil_cmd_int_set(ifp, BRCMF_C_SET_SCAN_UNASSOC_TIME,
5981 BRCMF_SCAN_UNASSOC_TIME);
5983 bphy_err(drvr, "Scan unassoc time error (%d)\n", err);
5984 goto dongle_scantime_out;
5987 err = brcmf_fil_cmd_int_set(ifp, BRCMF_C_SET_SCAN_PASSIVE_TIME,
5988 BRCMF_SCAN_PASSIVE_TIME);
5990 bphy_err(drvr, "Scan passive time error (%d)\n", err);
5991 goto dongle_scantime_out;
5994 dongle_scantime_out:
5998 static void brcmf_update_bw40_channel_flag(struct ieee80211_channel *channel,
5999 struct brcmu_chan *ch)
6003 ht40_flag = channel->flags & IEEE80211_CHAN_NO_HT40;
6004 if (ch->sb == BRCMU_CHAN_SB_U) {
6005 if (ht40_flag == IEEE80211_CHAN_NO_HT40)
6006 channel->flags &= ~IEEE80211_CHAN_NO_HT40;
6007 channel->flags |= IEEE80211_CHAN_NO_HT40PLUS;
6009 /* It should be one of
6010 * IEEE80211_CHAN_NO_HT40 or
6011 * IEEE80211_CHAN_NO_HT40PLUS
6013 channel->flags &= ~IEEE80211_CHAN_NO_HT40;
6014 if (ht40_flag == IEEE80211_CHAN_NO_HT40)
6015 channel->flags |= IEEE80211_CHAN_NO_HT40MINUS;
6019 static int brcmf_construct_chaninfo(struct brcmf_cfg80211_info *cfg,
6022 struct wiphy *wiphy = cfg_to_wiphy(cfg);
6023 struct brcmf_pub *drvr = cfg->pub;
6024 struct brcmf_if *ifp = brcmf_get_ifp(drvr, 0);
6025 struct ieee80211_supported_band *band;
6026 struct ieee80211_channel *channel;
6027 struct brcmf_chanspec_list *list;
6028 struct brcmu_chan ch;
6035 pbuf = kzalloc(BRCMF_DCMD_MEDLEN, GFP_KERNEL);
6040 list = (struct brcmf_chanspec_list *)pbuf;
6042 err = brcmf_fil_iovar_data_get(ifp, "chanspecs", pbuf,
6045 bphy_err(drvr, "get chanspecs error (%d)\n", err);
6049 band = wiphy->bands[NL80211_BAND_2GHZ];
6051 for (i = 0; i < band->n_channels; i++)
6052 band->channels[i].flags = IEEE80211_CHAN_DISABLED;
6053 band = wiphy->bands[NL80211_BAND_5GHZ];
6055 for (i = 0; i < band->n_channels; i++)
6056 band->channels[i].flags = IEEE80211_CHAN_DISABLED;
6058 total = le32_to_cpu(list->count);
6059 for (i = 0; i < total; i++) {
6060 ch.chspec = (u16)le32_to_cpu(list->element[i]);
6061 cfg->d11inf.decchspec(&ch);
6063 if (ch.band == BRCMU_CHAN_BAND_2G) {
6064 band = wiphy->bands[NL80211_BAND_2GHZ];
6065 } else if (ch.band == BRCMU_CHAN_BAND_5G) {
6066 band = wiphy->bands[NL80211_BAND_5GHZ];
6068 bphy_err(drvr, "Invalid channel Spec. 0x%x.\n",
6074 if (!(bw_cap[band->band] & WLC_BW_40MHZ_BIT) &&
6075 ch.bw == BRCMU_CHAN_BW_40)
6077 if (!(bw_cap[band->band] & WLC_BW_80MHZ_BIT) &&
6078 ch.bw == BRCMU_CHAN_BW_80)
6082 for (j = 0; j < band->n_channels; j++) {
6083 if (band->channels[j].hw_value == ch.control_ch_num) {
6084 channel = &band->channels[j];
6089 /* It seems firmware supports some channel we never
6090 * considered. Something new in IEEE standard?
6092 bphy_err(drvr, "Ignoring unexpected firmware channel %d\n",
6097 if (channel->orig_flags & IEEE80211_CHAN_DISABLED)
6100 /* assuming the chanspecs order is HT20,
6101 * HT40 upper, HT40 lower, and VHT80.
6104 case BRCMU_CHAN_BW_160:
6105 channel->flags &= ~IEEE80211_CHAN_NO_160MHZ;
6107 case BRCMU_CHAN_BW_80:
6108 channel->flags &= ~IEEE80211_CHAN_NO_80MHZ;
6110 case BRCMU_CHAN_BW_40:
6111 brcmf_update_bw40_channel_flag(channel, &ch);
6114 wiphy_warn(wiphy, "Firmware reported unsupported bandwidth %d\n",
6117 case BRCMU_CHAN_BW_20:
6118 /* enable the channel and disable other bandwidths
6119 * for now as mentioned order assure they are enabled
6120 * for subsequent chanspecs.
6122 channel->flags = IEEE80211_CHAN_NO_HT40 |
6123 IEEE80211_CHAN_NO_80MHZ |
6124 IEEE80211_CHAN_NO_160MHZ;
6125 ch.bw = BRCMU_CHAN_BW_20;
6126 cfg->d11inf.encchspec(&ch);
6127 chaninfo = ch.chspec;
6128 err = brcmf_fil_bsscfg_int_get(ifp, "per_chan_info",
6131 if (chaninfo & WL_CHAN_RADAR)
6133 (IEEE80211_CHAN_RADAR |
6134 IEEE80211_CHAN_NO_IR);
6135 if (chaninfo & WL_CHAN_PASSIVE)
6137 IEEE80211_CHAN_NO_IR;
6147 static int brcmf_enable_bw40_2g(struct brcmf_cfg80211_info *cfg)
6149 struct brcmf_pub *drvr = cfg->pub;
6150 struct brcmf_if *ifp = brcmf_get_ifp(drvr, 0);
6151 struct ieee80211_supported_band *band;
6152 struct brcmf_fil_bwcap_le band_bwcap;
6153 struct brcmf_chanspec_list *list;
6157 struct brcmu_chan ch;
6161 /* verify support for bw_cap command */
6163 err = brcmf_fil_iovar_int_get(ifp, "bw_cap", &val);
6166 /* only set 2G bandwidth using bw_cap command */
6167 band_bwcap.band = cpu_to_le32(WLC_BAND_2G);
6168 band_bwcap.bw_cap = cpu_to_le32(WLC_BW_CAP_40MHZ);
6169 err = brcmf_fil_iovar_data_set(ifp, "bw_cap", &band_bwcap,
6170 sizeof(band_bwcap));
6172 brcmf_dbg(INFO, "fallback to mimo_bw_cap\n");
6173 val = WLC_N_BW_40ALL;
6174 err = brcmf_fil_iovar_int_set(ifp, "mimo_bw_cap", val);
6178 /* update channel info in 2G band */
6179 pbuf = kzalloc(BRCMF_DCMD_MEDLEN, GFP_KERNEL);
6184 ch.band = BRCMU_CHAN_BAND_2G;
6185 ch.bw = BRCMU_CHAN_BW_40;
6186 ch.sb = BRCMU_CHAN_SB_NONE;
6188 cfg->d11inf.encchspec(&ch);
6190 /* pass encoded chanspec in query */
6191 *(__le16 *)pbuf = cpu_to_le16(ch.chspec);
6193 err = brcmf_fil_iovar_data_get(ifp, "chanspecs", pbuf,
6196 bphy_err(drvr, "get chanspecs error (%d)\n", err);
6201 band = cfg_to_wiphy(cfg)->bands[NL80211_BAND_2GHZ];
6202 list = (struct brcmf_chanspec_list *)pbuf;
6203 num_chan = le32_to_cpu(list->count);
6204 for (i = 0; i < num_chan; i++) {
6205 ch.chspec = (u16)le32_to_cpu(list->element[i]);
6206 cfg->d11inf.decchspec(&ch);
6207 if (WARN_ON(ch.band != BRCMU_CHAN_BAND_2G))
6209 if (WARN_ON(ch.bw != BRCMU_CHAN_BW_40))
6211 for (j = 0; j < band->n_channels; j++) {
6212 if (band->channels[j].hw_value == ch.control_ch_num)
6215 if (WARN_ON(j == band->n_channels))
6218 brcmf_update_bw40_channel_flag(&band->channels[j], &ch);
6225 static void brcmf_get_bwcap(struct brcmf_if *ifp, u32 bw_cap[])
6227 struct brcmf_pub *drvr = ifp->drvr;
6228 u32 band, mimo_bwcap;
6232 err = brcmf_fil_iovar_int_get(ifp, "bw_cap", &band);
6234 bw_cap[NL80211_BAND_2GHZ] = band;
6236 err = brcmf_fil_iovar_int_get(ifp, "bw_cap", &band);
6238 bw_cap[NL80211_BAND_5GHZ] = band;
6244 brcmf_dbg(INFO, "fallback to mimo_bw_cap info\n");
6246 err = brcmf_fil_iovar_int_get(ifp, "mimo_bw_cap", &mimo_bwcap);
6248 /* assume 20MHz if firmware does not give a clue */
6249 mimo_bwcap = WLC_N_BW_20ALL;
6251 switch (mimo_bwcap) {
6252 case WLC_N_BW_40ALL:
6253 bw_cap[NL80211_BAND_2GHZ] |= WLC_BW_40MHZ_BIT;
6255 case WLC_N_BW_20IN2G_40IN5G:
6256 bw_cap[NL80211_BAND_5GHZ] |= WLC_BW_40MHZ_BIT;
6258 case WLC_N_BW_20ALL:
6259 bw_cap[NL80211_BAND_2GHZ] |= WLC_BW_20MHZ_BIT;
6260 bw_cap[NL80211_BAND_5GHZ] |= WLC_BW_20MHZ_BIT;
6263 bphy_err(drvr, "invalid mimo_bw_cap value\n");
6267 static void brcmf_update_ht_cap(struct ieee80211_supported_band *band,
6268 u32 bw_cap[2], u32 nchain)
6270 band->ht_cap.ht_supported = true;
6271 if (bw_cap[band->band] & WLC_BW_40MHZ_BIT) {
6272 band->ht_cap.cap |= IEEE80211_HT_CAP_SGI_40;
6273 band->ht_cap.cap |= IEEE80211_HT_CAP_SUP_WIDTH_20_40;
6275 band->ht_cap.cap |= IEEE80211_HT_CAP_SGI_20;
6276 band->ht_cap.cap |= IEEE80211_HT_CAP_DSSSCCK40;
6277 band->ht_cap.ampdu_factor = IEEE80211_HT_MAX_AMPDU_64K;
6278 band->ht_cap.ampdu_density = IEEE80211_HT_MPDU_DENSITY_16;
6279 memset(band->ht_cap.mcs.rx_mask, 0xff, nchain);
6280 band->ht_cap.mcs.tx_params = IEEE80211_HT_MCS_TX_DEFINED;
6283 static __le16 brcmf_get_mcs_map(u32 nchain, enum ieee80211_vht_mcs_support supp)
6288 for (i = 0, mcs_map = 0xFFFF; i < nchain; i++)
6289 mcs_map = (mcs_map << 2) | supp;
6291 return cpu_to_le16(mcs_map);
6294 static void brcmf_update_vht_cap(struct ieee80211_supported_band *band,
6295 u32 bw_cap[2], u32 nchain, u32 txstreams,
6296 u32 txbf_bfe_cap, u32 txbf_bfr_cap)
6300 /* not allowed in 2.4G band */
6301 if (band->band == NL80211_BAND_2GHZ)
6304 band->vht_cap.vht_supported = true;
6305 /* 80MHz is mandatory */
6306 band->vht_cap.cap |= IEEE80211_VHT_CAP_SHORT_GI_80;
6307 if (bw_cap[band->band] & WLC_BW_160MHZ_BIT) {
6308 band->vht_cap.cap |= IEEE80211_VHT_CAP_SUPP_CHAN_WIDTH_160MHZ;
6309 band->vht_cap.cap |= IEEE80211_VHT_CAP_SHORT_GI_160;
6311 /* all support 256-QAM */
6312 mcs_map = brcmf_get_mcs_map(nchain, IEEE80211_VHT_MCS_SUPPORT_0_9);
6313 band->vht_cap.vht_mcs.rx_mcs_map = mcs_map;
6314 band->vht_cap.vht_mcs.tx_mcs_map = mcs_map;
6316 /* Beamforming support information */
6317 if (txbf_bfe_cap & BRCMF_TXBF_SU_BFE_CAP)
6318 band->vht_cap.cap |= IEEE80211_VHT_CAP_SU_BEAMFORMEE_CAPABLE;
6319 if (txbf_bfe_cap & BRCMF_TXBF_MU_BFE_CAP)
6320 band->vht_cap.cap |= IEEE80211_VHT_CAP_MU_BEAMFORMEE_CAPABLE;
6321 if (txbf_bfr_cap & BRCMF_TXBF_SU_BFR_CAP)
6322 band->vht_cap.cap |= IEEE80211_VHT_CAP_SU_BEAMFORMER_CAPABLE;
6323 if (txbf_bfr_cap & BRCMF_TXBF_MU_BFR_CAP)
6324 band->vht_cap.cap |= IEEE80211_VHT_CAP_MU_BEAMFORMER_CAPABLE;
6326 if ((txbf_bfe_cap || txbf_bfr_cap) && (txstreams > 1)) {
6327 band->vht_cap.cap |=
6328 (2 << IEEE80211_VHT_CAP_BEAMFORMEE_STS_SHIFT);
6329 band->vht_cap.cap |= ((txstreams - 1) <<
6330 IEEE80211_VHT_CAP_SOUNDING_DIMENSIONS_SHIFT);
6331 band->vht_cap.cap |=
6332 IEEE80211_VHT_CAP_VHT_LINK_ADAPTATION_VHT_MRQ_MFB;
6336 static int brcmf_setup_wiphybands(struct brcmf_cfg80211_info *cfg)
6338 struct brcmf_pub *drvr = cfg->pub;
6339 struct brcmf_if *ifp = brcmf_get_ifp(drvr, 0);
6340 struct wiphy *wiphy = cfg_to_wiphy(cfg);
6343 u32 bw_cap[2] = { WLC_BW_20MHZ_BIT, WLC_BW_20MHZ_BIT };
6348 struct ieee80211_supported_band *band;
6350 u32 txbf_bfe_cap = 0;
6351 u32 txbf_bfr_cap = 0;
6353 (void)brcmf_fil_iovar_int_get(ifp, "vhtmode", &vhtmode);
6354 err = brcmf_fil_iovar_int_get(ifp, "nmode", &nmode);
6356 bphy_err(drvr, "nmode error (%d)\n", err);
6358 brcmf_get_bwcap(ifp, bw_cap);
6360 brcmf_dbg(INFO, "nmode=%d, vhtmode=%d, bw_cap=(%d, %d)\n",
6361 nmode, vhtmode, bw_cap[NL80211_BAND_2GHZ],
6362 bw_cap[NL80211_BAND_5GHZ]);
6364 err = brcmf_fil_iovar_int_get(ifp, "rxchain", &rxchain);
6366 bphy_err(drvr, "rxchain error (%d)\n", err);
6369 for (nchain = 0; rxchain; nchain++)
6370 rxchain = rxchain & (rxchain - 1);
6372 brcmf_dbg(INFO, "nchain=%d\n", nchain);
6374 err = brcmf_construct_chaninfo(cfg, bw_cap);
6376 bphy_err(drvr, "brcmf_construct_chaninfo failed (%d)\n", err);
6381 (void)brcmf_fil_iovar_int_get(ifp, "txstreams", &txstreams);
6382 (void)brcmf_fil_iovar_int_get(ifp, "txbf_bfe_cap",
6384 (void)brcmf_fil_iovar_int_get(ifp, "txbf_bfr_cap",
6388 for (i = 0; i < ARRAY_SIZE(wiphy->bands); i++) {
6389 band = wiphy->bands[i];
6394 brcmf_update_ht_cap(band, bw_cap, nchain);
6396 brcmf_update_vht_cap(band, bw_cap, nchain, txstreams,
6397 txbf_bfe_cap, txbf_bfr_cap);
6403 static const struct ieee80211_txrx_stypes
6404 brcmf_txrx_stypes[NUM_NL80211_IFTYPES] = {
6405 [NL80211_IFTYPE_STATION] = {
6407 .rx = BIT(IEEE80211_STYPE_ACTION >> 4) |
6408 BIT(IEEE80211_STYPE_PROBE_REQ >> 4)
6410 [NL80211_IFTYPE_P2P_CLIENT] = {
6412 .rx = BIT(IEEE80211_STYPE_ACTION >> 4) |
6413 BIT(IEEE80211_STYPE_PROBE_REQ >> 4)
6415 [NL80211_IFTYPE_P2P_GO] = {
6417 .rx = BIT(IEEE80211_STYPE_ASSOC_REQ >> 4) |
6418 BIT(IEEE80211_STYPE_REASSOC_REQ >> 4) |
6419 BIT(IEEE80211_STYPE_PROBE_REQ >> 4) |
6420 BIT(IEEE80211_STYPE_DISASSOC >> 4) |
6421 BIT(IEEE80211_STYPE_AUTH >> 4) |
6422 BIT(IEEE80211_STYPE_DEAUTH >> 4) |
6423 BIT(IEEE80211_STYPE_ACTION >> 4)
6425 [NL80211_IFTYPE_P2P_DEVICE] = {
6427 .rx = BIT(IEEE80211_STYPE_ACTION >> 4) |
6428 BIT(IEEE80211_STYPE_PROBE_REQ >> 4)
6430 [NL80211_IFTYPE_AP] = {
6432 .rx = BIT(IEEE80211_STYPE_ASSOC_REQ >> 4) |
6433 BIT(IEEE80211_STYPE_REASSOC_REQ >> 4) |
6434 BIT(IEEE80211_STYPE_PROBE_REQ >> 4) |
6435 BIT(IEEE80211_STYPE_DISASSOC >> 4) |
6436 BIT(IEEE80211_STYPE_AUTH >> 4) |
6437 BIT(IEEE80211_STYPE_DEAUTH >> 4) |
6438 BIT(IEEE80211_STYPE_ACTION >> 4)
6443 * brcmf_setup_ifmodes() - determine interface modes and combinations.
6445 * @wiphy: wiphy object.
6446 * @ifp: interface object needed for feat module api.
6448 * The interface modes and combinations are determined dynamically here
6449 * based on firmware functionality.
6451 * no p2p and no mbss:
6453 * #STA <= 1, #AP <= 1, channels = 1, 2 total
6457 * #STA <= 1, #AP <= 1, channels = 1, 2 total
6458 * #AP <= 4, matching BI, channels = 1, 4 total
6460 * p2p, no mchan, and mbss:
6462 * #STA <= 1, #P2P-DEV <= 1, #{P2P-CL, P2P-GO} <= 1, channels = 1, 3 total
6463 * #STA <= 1, #P2P-DEV <= 1, #AP <= 1, #P2P-CL <= 1, channels = 1, 4 total
6464 * #AP <= 4, matching BI, channels = 1, 4 total
6466 * p2p, mchan, and mbss:
6468 * #STA <= 1, #P2P-DEV <= 1, #{P2P-CL, P2P-GO} <= 1, channels = 2, 3 total
6469 * #STA <= 1, #P2P-DEV <= 1, #AP <= 1, #P2P-CL <= 1, channels = 1, 4 total
6470 * #AP <= 4, matching BI, channels = 1, 4 total
6472 static int brcmf_setup_ifmodes(struct wiphy *wiphy, struct brcmf_if *ifp)
6474 struct ieee80211_iface_combination *combo = NULL;
6475 struct ieee80211_iface_limit *c0_limits = NULL;
6476 struct ieee80211_iface_limit *p2p_limits = NULL;
6477 struct ieee80211_iface_limit *mbss_limits = NULL;
6481 mbss = brcmf_feat_is_enabled(ifp, BRCMF_FEAT_MBSS);
6482 p2p = brcmf_feat_is_enabled(ifp, BRCMF_FEAT_P2P);
6484 n_combos = 1 + !!p2p + !!mbss;
6485 combo = kcalloc(n_combos, sizeof(*combo), GFP_KERNEL);
6489 wiphy->interface_modes = BIT(NL80211_IFTYPE_STATION) |
6490 BIT(NL80211_IFTYPE_ADHOC) |
6491 BIT(NL80211_IFTYPE_AP);
6495 c0_limits = kcalloc(p2p ? 3 : 2, sizeof(*c0_limits), GFP_KERNEL);
6498 c0_limits[i].max = 1;
6499 c0_limits[i++].types = BIT(NL80211_IFTYPE_STATION);
6501 if (brcmf_feat_is_enabled(ifp, BRCMF_FEAT_MCHAN))
6502 combo[c].num_different_channels = 2;
6504 combo[c].num_different_channels = 1;
6505 wiphy->interface_modes |= BIT(NL80211_IFTYPE_P2P_CLIENT) |
6506 BIT(NL80211_IFTYPE_P2P_GO) |
6507 BIT(NL80211_IFTYPE_P2P_DEVICE);
6508 c0_limits[i].max = 1;
6509 c0_limits[i++].types = BIT(NL80211_IFTYPE_P2P_DEVICE);
6510 c0_limits[i].max = 1;
6511 c0_limits[i++].types = BIT(NL80211_IFTYPE_P2P_CLIENT) |
6512 BIT(NL80211_IFTYPE_P2P_GO);
6514 combo[c].num_different_channels = 1;
6515 c0_limits[i].max = 1;
6516 c0_limits[i++].types = BIT(NL80211_IFTYPE_AP);
6518 combo[c].max_interfaces = i;
6519 combo[c].n_limits = i;
6520 combo[c].limits = c0_limits;
6525 p2p_limits = kcalloc(4, sizeof(*p2p_limits), GFP_KERNEL);
6528 p2p_limits[i].max = 1;
6529 p2p_limits[i++].types = BIT(NL80211_IFTYPE_STATION);
6530 p2p_limits[i].max = 1;
6531 p2p_limits[i++].types = BIT(NL80211_IFTYPE_AP);
6532 p2p_limits[i].max = 1;
6533 p2p_limits[i++].types = BIT(NL80211_IFTYPE_P2P_CLIENT);
6534 p2p_limits[i].max = 1;
6535 p2p_limits[i++].types = BIT(NL80211_IFTYPE_P2P_DEVICE);
6536 combo[c].num_different_channels = 1;
6537 combo[c].max_interfaces = i;
6538 combo[c].n_limits = i;
6539 combo[c].limits = p2p_limits;
6545 mbss_limits = kcalloc(1, sizeof(*mbss_limits), GFP_KERNEL);
6548 mbss_limits[i].max = 4;
6549 mbss_limits[i++].types = BIT(NL80211_IFTYPE_AP);
6550 combo[c].beacon_int_infra_match = true;
6551 combo[c].num_different_channels = 1;
6552 combo[c].max_interfaces = 4;
6553 combo[c].n_limits = i;
6554 combo[c].limits = mbss_limits;
6557 wiphy->n_iface_combinations = n_combos;
6558 wiphy->iface_combinations = combo;
6570 static const struct wiphy_wowlan_support brcmf_wowlan_support = {
6571 .flags = WIPHY_WOWLAN_MAGIC_PKT | WIPHY_WOWLAN_DISCONNECT,
6572 .n_patterns = BRCMF_WOWL_MAXPATTERNS,
6573 .pattern_max_len = BRCMF_WOWL_MAXPATTERNSIZE,
6574 .pattern_min_len = 1,
6575 .max_pkt_offset = 1500,
6579 static void brcmf_wiphy_wowl_params(struct wiphy *wiphy, struct brcmf_if *ifp)
6582 struct brcmf_cfg80211_info *cfg = wiphy_to_cfg(wiphy);
6583 struct brcmf_pub *drvr = cfg->pub;
6584 struct wiphy_wowlan_support *wowl;
6586 wowl = kmemdup(&brcmf_wowlan_support, sizeof(brcmf_wowlan_support),
6589 bphy_err(drvr, "only support basic wowlan features\n");
6590 wiphy->wowlan = &brcmf_wowlan_support;
6594 if (brcmf_feat_is_enabled(ifp, BRCMF_FEAT_PNO)) {
6595 if (brcmf_feat_is_enabled(ifp, BRCMF_FEAT_WOWL_ND)) {
6596 wowl->flags |= WIPHY_WOWLAN_NET_DETECT;
6597 wowl->max_nd_match_sets = BRCMF_PNO_MAX_PFN_COUNT;
6598 init_waitqueue_head(&cfg->wowl.nd_data_wait);
6601 if (brcmf_feat_is_enabled(ifp, BRCMF_FEAT_WOWL_GTK)) {
6602 wowl->flags |= WIPHY_WOWLAN_SUPPORTS_GTK_REKEY;
6603 wowl->flags |= WIPHY_WOWLAN_GTK_REKEY_FAILURE;
6606 wiphy->wowlan = wowl;
6610 static int brcmf_setup_wiphy(struct wiphy *wiphy, struct brcmf_if *ifp)
6612 struct brcmf_pub *drvr = ifp->drvr;
6613 const struct ieee80211_iface_combination *combo;
6614 struct ieee80211_supported_band *band;
6615 u16 max_interfaces = 0;
6621 wiphy->max_scan_ssids = WL_NUM_SCAN_MAX;
6622 wiphy->max_scan_ie_len = BRCMF_SCAN_IE_LEN_MAX;
6623 wiphy->max_num_pmkids = BRCMF_MAXPMKID;
6625 err = brcmf_setup_ifmodes(wiphy, ifp);
6629 for (i = 0, combo = wiphy->iface_combinations;
6630 i < wiphy->n_iface_combinations; i++, combo++) {
6631 max_interfaces = max(max_interfaces, combo->max_interfaces);
6634 for (i = 0; i < max_interfaces && i < ARRAY_SIZE(drvr->addresses);
6636 u8 *addr = drvr->addresses[i].addr;
6638 memcpy(addr, drvr->mac, ETH_ALEN);
6641 addr[ETH_ALEN - 1] ^= i;
6644 wiphy->addresses = drvr->addresses;
6645 wiphy->n_addresses = i;
6647 wiphy->signal_type = CFG80211_SIGNAL_TYPE_MBM;
6648 wiphy->cipher_suites = brcmf_cipher_suites;
6649 wiphy->n_cipher_suites = ARRAY_SIZE(brcmf_cipher_suites);
6650 if (!brcmf_feat_is_enabled(ifp, BRCMF_FEAT_MFP))
6651 wiphy->n_cipher_suites--;
6652 wiphy->bss_select_support = BIT(NL80211_BSS_SELECT_ATTR_RSSI) |
6653 BIT(NL80211_BSS_SELECT_ATTR_BAND_PREF) |
6654 BIT(NL80211_BSS_SELECT_ATTR_RSSI_ADJUST);
6656 wiphy->flags |= WIPHY_FLAG_NETNS_OK |
6657 WIPHY_FLAG_PS_ON_BY_DEFAULT |
6658 WIPHY_FLAG_HAVE_AP_SME |
6659 WIPHY_FLAG_OFFCHAN_TX |
6660 WIPHY_FLAG_HAS_REMAIN_ON_CHANNEL;
6661 if (brcmf_feat_is_enabled(ifp, BRCMF_FEAT_TDLS))
6662 wiphy->flags |= WIPHY_FLAG_SUPPORTS_TDLS;
6663 if (!ifp->drvr->settings->roamoff)
6664 wiphy->flags |= WIPHY_FLAG_SUPPORTS_FW_ROAM;
6665 if (brcmf_feat_is_enabled(ifp, BRCMF_FEAT_FWSUP)) {
6666 wiphy_ext_feature_set(wiphy,
6667 NL80211_EXT_FEATURE_4WAY_HANDSHAKE_STA_PSK);
6668 wiphy_ext_feature_set(wiphy,
6669 NL80211_EXT_FEATURE_4WAY_HANDSHAKE_STA_1X);
6671 wiphy->mgmt_stypes = brcmf_txrx_stypes;
6672 wiphy->max_remain_on_channel_duration = 5000;
6673 if (brcmf_feat_is_enabled(ifp, BRCMF_FEAT_PNO)) {
6674 gscan = brcmf_feat_is_enabled(ifp, BRCMF_FEAT_GSCAN);
6675 brcmf_pno_wiphy_params(wiphy, gscan);
6677 /* vendor commands/events support */
6678 wiphy->vendor_commands = brcmf_vendor_cmds;
6679 wiphy->n_vendor_commands = BRCMF_VNDR_CMDS_LAST - 1;
6681 if (brcmf_feat_is_enabled(ifp, BRCMF_FEAT_WOWL))
6682 brcmf_wiphy_wowl_params(wiphy, ifp);
6683 err = brcmf_fil_cmd_data_get(ifp, BRCMF_C_GET_BANDLIST, &bandlist,
6686 bphy_err(drvr, "could not obtain band info: err=%d\n", err);
6689 /* first entry in bandlist is number of bands */
6690 n_bands = le32_to_cpu(bandlist[0]);
6691 for (i = 1; i <= n_bands && i < ARRAY_SIZE(bandlist); i++) {
6692 if (bandlist[i] == cpu_to_le32(WLC_BAND_2G)) {
6693 band = kmemdup(&__wl_band_2ghz, sizeof(__wl_band_2ghz),
6698 band->channels = kmemdup(&__wl_2ghz_channels,
6699 sizeof(__wl_2ghz_channels),
6701 if (!band->channels) {
6706 band->n_channels = ARRAY_SIZE(__wl_2ghz_channels);
6707 wiphy->bands[NL80211_BAND_2GHZ] = band;
6709 if (bandlist[i] == cpu_to_le32(WLC_BAND_5G)) {
6710 band = kmemdup(&__wl_band_5ghz, sizeof(__wl_band_5ghz),
6715 band->channels = kmemdup(&__wl_5ghz_channels,
6716 sizeof(__wl_5ghz_channels),
6718 if (!band->channels) {
6723 band->n_channels = ARRAY_SIZE(__wl_5ghz_channels);
6724 wiphy->bands[NL80211_BAND_5GHZ] = band;
6728 wiphy_read_of_freq_limits(wiphy);
6733 static s32 brcmf_config_dongle(struct brcmf_cfg80211_info *cfg)
6735 struct brcmf_pub *drvr = cfg->pub;
6736 struct net_device *ndev;
6737 struct wireless_dev *wdev;
6738 struct brcmf_if *ifp;
6745 ndev = cfg_to_ndev(cfg);
6746 wdev = ndev->ieee80211_ptr;
6747 ifp = netdev_priv(ndev);
6749 /* make sure RF is ready for work */
6750 brcmf_fil_cmd_int_set(ifp, BRCMF_C_UP, 0);
6752 brcmf_dongle_scantime(ifp);
6754 power_mode = cfg->pwr_save ? PM_FAST : PM_OFF;
6755 err = brcmf_fil_cmd_int_set(ifp, BRCMF_C_SET_PM, power_mode);
6757 goto default_conf_out;
6758 brcmf_dbg(INFO, "power save set to %s\n",
6759 (power_mode ? "enabled" : "disabled"));
6761 err = brcmf_dongle_roam(ifp);
6763 goto default_conf_out;
6764 err = brcmf_cfg80211_change_iface(wdev->wiphy, ndev, wdev->iftype,
6767 goto default_conf_out;
6769 brcmf_configure_arp_nd_offload(ifp, true);
6771 err = brcmf_fil_cmd_int_set(ifp, BRCMF_C_SET_FAKEFRAG, 1);
6773 bphy_err(drvr, "failed to set frameburst mode\n");
6774 goto default_conf_out;
6777 cfg->dongle_up = true;
6784 static s32 __brcmf_cfg80211_up(struct brcmf_if *ifp)
6786 set_bit(BRCMF_VIF_STATUS_READY, &ifp->vif->sme_state);
6788 return brcmf_config_dongle(ifp->drvr->config);
6791 static s32 __brcmf_cfg80211_down(struct brcmf_if *ifp)
6793 struct brcmf_cfg80211_info *cfg = ifp->drvr->config;
6796 * While going down, if associated with AP disassociate
6797 * from AP to save power
6799 if (check_vif_up(ifp->vif)) {
6800 brcmf_link_down(ifp->vif, WLAN_REASON_UNSPECIFIED);
6802 /* Make sure WPA_Supplicant receives all the event
6803 generated due to DISASSOC call to the fw to keep
6804 the state fw and WPA_Supplicant state consistent
6809 brcmf_abort_scanning(cfg);
6810 clear_bit(BRCMF_VIF_STATUS_READY, &ifp->vif->sme_state);
6815 s32 brcmf_cfg80211_up(struct net_device *ndev)
6817 struct brcmf_if *ifp = netdev_priv(ndev);
6818 struct brcmf_cfg80211_info *cfg = ifp->drvr->config;
6821 mutex_lock(&cfg->usr_sync);
6822 err = __brcmf_cfg80211_up(ifp);
6823 mutex_unlock(&cfg->usr_sync);
6828 s32 brcmf_cfg80211_down(struct net_device *ndev)
6830 struct brcmf_if *ifp = netdev_priv(ndev);
6831 struct brcmf_cfg80211_info *cfg = ifp->drvr->config;
6834 mutex_lock(&cfg->usr_sync);
6835 err = __brcmf_cfg80211_down(ifp);
6836 mutex_unlock(&cfg->usr_sync);
6841 enum nl80211_iftype brcmf_cfg80211_get_iftype(struct brcmf_if *ifp)
6843 struct wireless_dev *wdev = &ifp->vif->wdev;
6845 return wdev->iftype;
6848 bool brcmf_get_vif_state_any(struct brcmf_cfg80211_info *cfg,
6849 unsigned long state)
6851 struct brcmf_cfg80211_vif *vif;
6853 list_for_each_entry(vif, &cfg->vif_list, list) {
6854 if (test_bit(state, &vif->sme_state))
6860 static inline bool vif_event_equals(struct brcmf_cfg80211_vif_event *event,
6865 spin_lock(&event->vif_event_lock);
6866 evt_action = event->action;
6867 spin_unlock(&event->vif_event_lock);
6868 return evt_action == action;
6871 void brcmf_cfg80211_arm_vif_event(struct brcmf_cfg80211_info *cfg,
6872 struct brcmf_cfg80211_vif *vif)
6874 struct brcmf_cfg80211_vif_event *event = &cfg->vif_event;
6876 spin_lock(&event->vif_event_lock);
6879 spin_unlock(&event->vif_event_lock);
6882 bool brcmf_cfg80211_vif_event_armed(struct brcmf_cfg80211_info *cfg)
6884 struct brcmf_cfg80211_vif_event *event = &cfg->vif_event;
6887 spin_lock(&event->vif_event_lock);
6888 armed = event->vif != NULL;
6889 spin_unlock(&event->vif_event_lock);
6894 int brcmf_cfg80211_wait_vif_event(struct brcmf_cfg80211_info *cfg,
6895 u8 action, ulong timeout)
6897 struct brcmf_cfg80211_vif_event *event = &cfg->vif_event;
6899 return wait_event_timeout(event->vif_wq,
6900 vif_event_equals(event, action), timeout);
6903 static s32 brcmf_translate_country_code(struct brcmf_pub *drvr, char alpha2[2],
6904 struct brcmf_fil_country_le *ccreq)
6906 struct brcmfmac_pd_cc *country_codes;
6907 struct brcmfmac_pd_cc_entry *cc;
6911 country_codes = drvr->settings->country_codes;
6912 if (!country_codes) {
6913 brcmf_dbg(TRACE, "No country codes configured for device\n");
6917 if ((alpha2[0] == ccreq->country_abbrev[0]) &&
6918 (alpha2[1] == ccreq->country_abbrev[1])) {
6919 brcmf_dbg(TRACE, "Country code already set\n");
6924 for (i = 0; i < country_codes->table_size; i++) {
6925 cc = &country_codes->table[i];
6926 if ((cc->iso3166[0] == '\0') && (found_index == -1))
6928 if ((cc->iso3166[0] == alpha2[0]) &&
6929 (cc->iso3166[1] == alpha2[1])) {
6934 if (found_index == -1) {
6935 brcmf_dbg(TRACE, "No country code match found\n");
6938 memset(ccreq, 0, sizeof(*ccreq));
6939 ccreq->rev = cpu_to_le32(country_codes->table[found_index].rev);
6940 memcpy(ccreq->ccode, country_codes->table[found_index].cc,
6941 BRCMF_COUNTRY_BUF_SZ);
6942 ccreq->country_abbrev[0] = alpha2[0];
6943 ccreq->country_abbrev[1] = alpha2[1];
6944 ccreq->country_abbrev[2] = 0;
6949 static void brcmf_cfg80211_reg_notifier(struct wiphy *wiphy,
6950 struct regulatory_request *req)
6952 struct brcmf_cfg80211_info *cfg = wiphy_to_cfg(wiphy);
6953 struct brcmf_if *ifp = brcmf_get_ifp(cfg->pub, 0);
6954 struct brcmf_pub *drvr = cfg->pub;
6955 struct brcmf_fil_country_le ccreq;
6959 /* The country code gets set to "00" by default at boot, ignore */
6960 if (req->alpha2[0] == '0' && req->alpha2[1] == '0')
6963 /* ignore non-ISO3166 country codes */
6964 for (i = 0; i < 2; i++)
6965 if (req->alpha2[i] < 'A' || req->alpha2[i] > 'Z') {
6966 bphy_err(drvr, "not an ISO3166 code (0x%02x 0x%02x)\n",
6967 req->alpha2[0], req->alpha2[1]);
6971 brcmf_dbg(TRACE, "Enter: initiator=%d, alpha=%c%c\n", req->initiator,
6972 req->alpha2[0], req->alpha2[1]);
6974 err = brcmf_fil_iovar_data_get(ifp, "country", &ccreq, sizeof(ccreq));
6976 bphy_err(drvr, "Country code iovar returned err = %d\n", err);
6980 err = brcmf_translate_country_code(ifp->drvr, req->alpha2, &ccreq);
6984 err = brcmf_fil_iovar_data_set(ifp, "country", &ccreq, sizeof(ccreq));
6986 bphy_err(drvr, "Firmware rejected country setting\n");
6989 brcmf_setup_wiphybands(cfg);
6992 static void brcmf_free_wiphy(struct wiphy *wiphy)
6999 if (wiphy->iface_combinations) {
7000 for (i = 0; i < wiphy->n_iface_combinations; i++)
7001 kfree(wiphy->iface_combinations[i].limits);
7003 kfree(wiphy->iface_combinations);
7004 if (wiphy->bands[NL80211_BAND_2GHZ]) {
7005 kfree(wiphy->bands[NL80211_BAND_2GHZ]->channels);
7006 kfree(wiphy->bands[NL80211_BAND_2GHZ]);
7008 if (wiphy->bands[NL80211_BAND_5GHZ]) {
7009 kfree(wiphy->bands[NL80211_BAND_5GHZ]->channels);
7010 kfree(wiphy->bands[NL80211_BAND_5GHZ]);
7012 #if IS_ENABLED(CONFIG_PM)
7013 if (wiphy->wowlan != &brcmf_wowlan_support)
7014 kfree(wiphy->wowlan);
7018 struct brcmf_cfg80211_info *brcmf_cfg80211_attach(struct brcmf_pub *drvr,
7019 struct cfg80211_ops *ops,
7022 struct wiphy *wiphy = drvr->wiphy;
7023 struct net_device *ndev = brcmf_get_ifp(drvr, 0)->ndev;
7024 struct brcmf_cfg80211_info *cfg;
7025 struct brcmf_cfg80211_vif *vif;
7026 struct brcmf_if *ifp;
7032 bphy_err(drvr, "ndev is invalid\n");
7036 cfg = kzalloc(sizeof(*cfg), GFP_KERNEL);
7038 bphy_err(drvr, "Could not allocate wiphy device\n");
7044 init_vif_event(&cfg->vif_event);
7045 INIT_LIST_HEAD(&cfg->vif_list);
7047 vif = brcmf_alloc_vif(cfg, NL80211_IFTYPE_STATION);
7051 ifp = netdev_priv(ndev);
7053 vif->wdev.netdev = ndev;
7054 ndev->ieee80211_ptr = &vif->wdev;
7055 SET_NETDEV_DEV(ndev, wiphy_dev(cfg->wiphy));
7057 err = wl_init_priv(cfg);
7059 bphy_err(drvr, "Failed to init iwm_priv (%d)\n", err);
7060 brcmf_free_vif(vif);
7065 /* determine d11 io type before wiphy setup */
7066 err = brcmf_fil_cmd_int_get(ifp, BRCMF_C_GET_VERSION, &io_type);
7068 bphy_err(drvr, "Failed to get D11 version (%d)\n", err);
7071 cfg->d11inf.io_type = (u8)io_type;
7072 brcmu_d11_attach(&cfg->d11inf);
7074 /* regulatory notifer below needs access to cfg so
7079 err = brcmf_setup_wiphy(wiphy, ifp);
7083 brcmf_dbg(INFO, "Registering custom regulatory\n");
7084 wiphy->reg_notifier = brcmf_cfg80211_reg_notifier;
7085 wiphy->regulatory_flags |= REGULATORY_CUSTOM_REG;
7086 wiphy_apply_custom_regulatory(wiphy, &brcmf_regdom);
7088 /* firmware defaults to 40MHz disabled in 2G band. We signal
7089 * cfg80211 here that we do and have it decide we can enable
7090 * it. But first check if device does support 2G operation.
7092 if (wiphy->bands[NL80211_BAND_2GHZ]) {
7093 cap = &wiphy->bands[NL80211_BAND_2GHZ]->ht_cap.cap;
7094 *cap |= IEEE80211_HT_CAP_SUP_WIDTH_20_40;
7097 if (brcmf_feat_is_enabled(ifp, BRCMF_FEAT_WOWL_GTK))
7098 ops->set_rekey_data = brcmf_cfg80211_set_rekey_data;
7100 err = wiphy_register(wiphy);
7102 bphy_err(drvr, "Could not register wiphy device (%d)\n", err);
7106 err = brcmf_setup_wiphybands(cfg);
7108 bphy_err(drvr, "Setting wiphy bands failed (%d)\n", err);
7109 goto wiphy_unreg_out;
7112 /* If cfg80211 didn't disable 40MHz HT CAP in wiphy_register(),
7113 * setup 40MHz in 2GHz band and enable OBSS scanning.
7115 if (cap && (*cap & IEEE80211_HT_CAP_SUP_WIDTH_20_40)) {
7116 err = brcmf_enable_bw40_2g(cfg);
7118 err = brcmf_fil_iovar_int_set(ifp, "obss_coex",
7119 BRCMF_OBSS_COEX_AUTO);
7121 *cap &= ~IEEE80211_HT_CAP_SUP_WIDTH_20_40;
7124 err = brcmf_fweh_activate_events(ifp);
7126 bphy_err(drvr, "FWEH activation failed (%d)\n", err);
7127 goto wiphy_unreg_out;
7130 err = brcmf_p2p_attach(cfg, p2pdev_forced);
7132 bphy_err(drvr, "P2P initialisation failed (%d)\n", err);
7133 goto wiphy_unreg_out;
7135 err = brcmf_btcoex_attach(cfg);
7137 bphy_err(drvr, "BT-coex initialisation failed (%d)\n", err);
7138 brcmf_p2p_detach(&cfg->p2p);
7139 goto wiphy_unreg_out;
7141 err = brcmf_pno_attach(cfg);
7143 bphy_err(drvr, "PNO initialisation failed (%d)\n", err);
7144 brcmf_btcoex_detach(cfg);
7145 brcmf_p2p_detach(&cfg->p2p);
7146 goto wiphy_unreg_out;
7149 if (brcmf_feat_is_enabled(ifp, BRCMF_FEAT_TDLS)) {
7150 err = brcmf_fil_iovar_int_set(ifp, "tdls_enable", 1);
7152 brcmf_dbg(INFO, "TDLS not enabled (%d)\n", err);
7153 wiphy->flags &= ~WIPHY_FLAG_SUPPORTS_TDLS;
7155 brcmf_fweh_register(cfg->pub, BRCMF_E_TDLS_PEER_EVENT,
7156 brcmf_notify_tdls_peer_event);
7160 /* (re-) activate FWEH event handling */
7161 err = brcmf_fweh_activate_events(ifp);
7163 bphy_err(drvr, "FWEH activation failed (%d)\n", err);
7167 /* Fill in some of the advertised nl80211 supported features */
7168 if (brcmf_feat_is_enabled(ifp, BRCMF_FEAT_SCAN_RANDOM_MAC)) {
7169 wiphy->features |= NL80211_FEATURE_SCHED_SCAN_RANDOM_MAC_ADDR;
7171 if (wiphy->wowlan &&
7172 wiphy->wowlan->flags & WIPHY_WOWLAN_NET_DETECT)
7173 wiphy->features |= NL80211_FEATURE_ND_RANDOM_MAC_ADDR;
7180 brcmf_pno_detach(cfg);
7181 brcmf_btcoex_detach(cfg);
7182 brcmf_p2p_detach(&cfg->p2p);
7184 wiphy_unregister(cfg->wiphy);
7186 wl_deinit_priv(cfg);
7187 brcmf_free_vif(vif);
7190 brcmf_free_wiphy(wiphy);
7195 void brcmf_cfg80211_detach(struct brcmf_cfg80211_info *cfg)
7200 brcmf_pno_detach(cfg);
7201 brcmf_btcoex_detach(cfg);
7202 wiphy_unregister(cfg->wiphy);
7204 wl_deinit_priv(cfg);
7205 brcmf_free_wiphy(cfg->wiphy);