2 * Copyright (c) 2010 Broadcom Corporation
4 * Permission to use, copy, modify, and/or distribute this software for any
5 * purpose with or without fee is hereby granted, provided that the above
6 * copyright notice and this permission notice appear in all copies.
8 * THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES
9 * WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF
10 * MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR ANY
11 * SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES
12 * WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN ACTION
13 * OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF OR IN
14 * CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE.
17 /* Toplevel file. Relies on dhd_linux.c to send commands to the dongle. */
19 #include <linux/kernel.h>
20 #include <linux/etherdevice.h>
21 #include <linux/module.h>
22 #include <linux/vmalloc.h>
23 #include <net/cfg80211.h>
24 #include <net/netlink.h>
26 #include <brcmu_utils.h>
28 #include <brcmu_wifi.h>
31 #include "tracepoint.h"
32 #include "fwil_types.h"
44 #define BRCMF_SCAN_IE_LEN_MAX 2048
46 #define WPA_OUI "\x00\x50\xF2" /* WPA OUI */
47 #define WPA_OUI_TYPE 1
48 #define RSN_OUI "\x00\x0F\xAC" /* RSN OUI */
49 #define WME_OUI_TYPE 2
50 #define WPS_OUI_TYPE 4
52 #define VS_IE_FIXED_HDR_LEN 6
53 #define WPA_IE_VERSION_LEN 2
54 #define WPA_IE_MIN_OUI_LEN 4
55 #define WPA_IE_SUITE_COUNT_LEN 2
57 #define WPA_CIPHER_NONE 0 /* None */
58 #define WPA_CIPHER_WEP_40 1 /* WEP (40-bit) */
59 #define WPA_CIPHER_TKIP 2 /* TKIP: default for WPA */
60 #define WPA_CIPHER_AES_CCM 4 /* AES (CCM) */
61 #define WPA_CIPHER_WEP_104 5 /* WEP (104-bit) */
63 #define RSN_AKM_NONE 0 /* None (IBSS) */
64 #define RSN_AKM_UNSPECIFIED 1 /* Over 802.1x */
65 #define RSN_AKM_PSK 2 /* Pre-shared Key */
66 #define RSN_AKM_SHA256_1X 5 /* SHA256, 802.1X */
67 #define RSN_AKM_SHA256_PSK 6 /* SHA256, Pre-shared Key */
68 #define RSN_CAP_LEN 2 /* Length of RSN capabilities */
69 #define RSN_CAP_PTK_REPLAY_CNTR_MASK (BIT(2) | BIT(3))
70 #define RSN_CAP_MFPR_MASK BIT(6)
71 #define RSN_CAP_MFPC_MASK BIT(7)
72 #define RSN_PMKID_COUNT_LEN 2
74 #define VNDR_IE_CMD_LEN 4 /* length of the set command
75 * string :"add", "del" (+ NUL)
77 #define VNDR_IE_COUNT_OFFSET 4
78 #define VNDR_IE_PKTFLAG_OFFSET 8
79 #define VNDR_IE_VSIE_OFFSET 12
80 #define VNDR_IE_HDR_SIZE 12
81 #define VNDR_IE_PARSE_LIMIT 5
83 #define DOT11_MGMT_HDR_LEN 24 /* d11 management header len */
84 #define DOT11_BCN_PRB_FIXED_LEN 12 /* beacon/probe fixed length */
86 #define BRCMF_SCAN_JOIN_ACTIVE_DWELL_TIME_MS 320
87 #define BRCMF_SCAN_JOIN_PASSIVE_DWELL_TIME_MS 400
88 #define BRCMF_SCAN_JOIN_PROBE_INTERVAL_MS 20
90 #define BRCMF_SCAN_CHANNEL_TIME 40
91 #define BRCMF_SCAN_UNASSOC_TIME 40
92 #define BRCMF_SCAN_PASSIVE_TIME 120
94 #define BRCMF_ND_INFO_TIMEOUT msecs_to_jiffies(2000)
96 #define BRCMF_ASSOC_PARAMS_FIXED_SIZE \
97 (sizeof(struct brcmf_assoc_params_le) - sizeof(u16))
99 static bool check_vif_up(struct brcmf_cfg80211_vif *vif)
101 if (!test_bit(BRCMF_VIF_STATUS_READY, &vif->sme_state)) {
102 brcmf_dbg(INFO, "device is not ready : status (%lu)\n",
109 #define RATE_TO_BASE100KBPS(rate) (((rate) * 10) / 2)
110 #define RATETAB_ENT(_rateid, _flags) \
112 .bitrate = RATE_TO_BASE100KBPS(_rateid), \
113 .hw_value = (_rateid), \
117 static struct ieee80211_rate __wl_rates[] = {
118 RATETAB_ENT(BRCM_RATE_1M, 0),
119 RATETAB_ENT(BRCM_RATE_2M, IEEE80211_RATE_SHORT_PREAMBLE),
120 RATETAB_ENT(BRCM_RATE_5M5, IEEE80211_RATE_SHORT_PREAMBLE),
121 RATETAB_ENT(BRCM_RATE_11M, IEEE80211_RATE_SHORT_PREAMBLE),
122 RATETAB_ENT(BRCM_RATE_6M, 0),
123 RATETAB_ENT(BRCM_RATE_9M, 0),
124 RATETAB_ENT(BRCM_RATE_12M, 0),
125 RATETAB_ENT(BRCM_RATE_18M, 0),
126 RATETAB_ENT(BRCM_RATE_24M, 0),
127 RATETAB_ENT(BRCM_RATE_36M, 0),
128 RATETAB_ENT(BRCM_RATE_48M, 0),
129 RATETAB_ENT(BRCM_RATE_54M, 0),
132 #define wl_g_rates (__wl_rates + 0)
133 #define wl_g_rates_size ARRAY_SIZE(__wl_rates)
134 #define wl_a_rates (__wl_rates + 4)
135 #define wl_a_rates_size (wl_g_rates_size - 4)
137 #define CHAN2G(_channel, _freq) { \
138 .band = NL80211_BAND_2GHZ, \
139 .center_freq = (_freq), \
140 .hw_value = (_channel), \
141 .max_antenna_gain = 0, \
145 #define CHAN5G(_channel) { \
146 .band = NL80211_BAND_5GHZ, \
147 .center_freq = 5000 + (5 * (_channel)), \
148 .hw_value = (_channel), \
149 .max_antenna_gain = 0, \
153 static struct ieee80211_channel __wl_2ghz_channels[] = {
154 CHAN2G(1, 2412), CHAN2G(2, 2417), CHAN2G(3, 2422), CHAN2G(4, 2427),
155 CHAN2G(5, 2432), CHAN2G(6, 2437), CHAN2G(7, 2442), CHAN2G(8, 2447),
156 CHAN2G(9, 2452), CHAN2G(10, 2457), CHAN2G(11, 2462), CHAN2G(12, 2467),
157 CHAN2G(13, 2472), CHAN2G(14, 2484)
160 static struct ieee80211_channel __wl_5ghz_channels[] = {
161 CHAN5G(34), CHAN5G(36), CHAN5G(38), CHAN5G(40), CHAN5G(42),
162 CHAN5G(44), CHAN5G(46), CHAN5G(48), CHAN5G(52), CHAN5G(56),
163 CHAN5G(60), CHAN5G(64), CHAN5G(100), CHAN5G(104), CHAN5G(108),
164 CHAN5G(112), CHAN5G(116), CHAN5G(120), CHAN5G(124), CHAN5G(128),
165 CHAN5G(132), CHAN5G(136), CHAN5G(140), CHAN5G(144), CHAN5G(149),
166 CHAN5G(153), CHAN5G(157), CHAN5G(161), CHAN5G(165)
169 /* Band templates duplicated per wiphy. The channel info
170 * above is added to the band during setup.
172 static const struct ieee80211_supported_band __wl_band_2ghz = {
173 .band = NL80211_BAND_2GHZ,
174 .bitrates = wl_g_rates,
175 .n_bitrates = wl_g_rates_size,
178 static const struct ieee80211_supported_band __wl_band_5ghz = {
179 .band = NL80211_BAND_5GHZ,
180 .bitrates = wl_a_rates,
181 .n_bitrates = wl_a_rates_size,
184 /* This is to override regulatory domains defined in cfg80211 module (reg.c)
185 * By default world regulatory domain defined in reg.c puts the flags
186 * NL80211_RRF_NO_IR for 5GHz channels (for * 36..48 and 149..165).
187 * With respect to these flags, wpa_supplicant doesn't * start p2p
188 * operations on 5GHz channels. All the changes in world regulatory
189 * domain are to be done here.
191 static const struct ieee80211_regdomain brcmf_regdom = {
195 /* IEEE 802.11b/g, channels 1..11 */
196 REG_RULE(2412-10, 2472+10, 40, 6, 20, 0),
198 /* IEEE 802.11 channel 14 - Only JP enables
199 * this and for 802.11b only
201 REG_RULE(2484-10, 2484+10, 20, 6, 20, 0),
202 /* IEEE 802.11a, channel 36..64 */
203 REG_RULE(5150-10, 5350+10, 80, 6, 20, 0),
204 /* IEEE 802.11a, channel 100..165 */
205 REG_RULE(5470-10, 5850+10, 80, 6, 20, 0), }
208 /* Note: brcmf_cipher_suites is an array of int defining which cipher suites
209 * are supported. A pointer to this array and the number of entries is passed
210 * on to upper layers. AES_CMAC defines whether or not the driver supports MFP.
211 * So the cipher suite AES_CMAC has to be the last one in the array, and when
212 * device does not support MFP then the number of suites will be decreased by 1
214 static const u32 brcmf_cipher_suites[] = {
215 WLAN_CIPHER_SUITE_WEP40,
216 WLAN_CIPHER_SUITE_WEP104,
217 WLAN_CIPHER_SUITE_TKIP,
218 WLAN_CIPHER_SUITE_CCMP,
219 /* Keep as last entry: */
220 WLAN_CIPHER_SUITE_AES_CMAC
223 /* Vendor specific ie. id = 221, oui and type defines exact ie */
224 struct brcmf_vs_tlv {
231 struct parsed_vndr_ie_info {
233 u32 ie_len; /* total length including id & length field */
234 struct brcmf_vs_tlv vndrie;
237 struct parsed_vndr_ies {
239 struct parsed_vndr_ie_info ie_info[VNDR_IE_PARSE_LIMIT];
242 static u8 nl80211_band_to_fwil(enum nl80211_band band)
245 case NL80211_BAND_2GHZ:
247 case NL80211_BAND_5GHZ:
256 static u16 chandef_to_chanspec(struct brcmu_d11inf *d11inf,
257 struct cfg80211_chan_def *ch)
259 struct brcmu_chan ch_inf;
262 brcmf_dbg(TRACE, "chandef: control %d center %d width %d\n",
263 ch->chan->center_freq, ch->center_freq1, ch->width);
264 ch_inf.chnum = ieee80211_frequency_to_channel(ch->center_freq1);
265 primary_offset = ch->chan->center_freq - ch->center_freq1;
267 case NL80211_CHAN_WIDTH_20:
268 case NL80211_CHAN_WIDTH_20_NOHT:
269 ch_inf.bw = BRCMU_CHAN_BW_20;
270 WARN_ON(primary_offset != 0);
272 case NL80211_CHAN_WIDTH_40:
273 ch_inf.bw = BRCMU_CHAN_BW_40;
274 if (primary_offset > 0)
275 ch_inf.sb = BRCMU_CHAN_SB_U;
277 ch_inf.sb = BRCMU_CHAN_SB_L;
279 case NL80211_CHAN_WIDTH_80:
280 ch_inf.bw = BRCMU_CHAN_BW_80;
281 if (primary_offset == -30)
282 ch_inf.sb = BRCMU_CHAN_SB_LL;
283 else if (primary_offset == -10)
284 ch_inf.sb = BRCMU_CHAN_SB_LU;
285 else if (primary_offset == 10)
286 ch_inf.sb = BRCMU_CHAN_SB_UL;
288 ch_inf.sb = BRCMU_CHAN_SB_UU;
290 case NL80211_CHAN_WIDTH_80P80:
291 case NL80211_CHAN_WIDTH_160:
292 case NL80211_CHAN_WIDTH_5:
293 case NL80211_CHAN_WIDTH_10:
297 switch (ch->chan->band) {
298 case NL80211_BAND_2GHZ:
299 ch_inf.band = BRCMU_CHAN_BAND_2G;
301 case NL80211_BAND_5GHZ:
302 ch_inf.band = BRCMU_CHAN_BAND_5G;
304 case NL80211_BAND_60GHZ:
308 d11inf->encchspec(&ch_inf);
310 return ch_inf.chspec;
313 u16 channel_to_chanspec(struct brcmu_d11inf *d11inf,
314 struct ieee80211_channel *ch)
316 struct brcmu_chan ch_inf;
318 ch_inf.chnum = ieee80211_frequency_to_channel(ch->center_freq);
319 ch_inf.bw = BRCMU_CHAN_BW_20;
320 d11inf->encchspec(&ch_inf);
322 return ch_inf.chspec;
325 /* Traverse a string of 1-byte tag/1-byte length/variable-length value
326 * triples, returning a pointer to the substring whose first element
329 static const struct brcmf_tlv *
330 brcmf_parse_tlvs(const void *buf, int buflen, uint key)
332 const struct brcmf_tlv *elt = buf;
335 /* find tagged parameter */
336 while (totlen >= TLV_HDR_LEN) {
339 /* validate remaining totlen */
340 if ((elt->id == key) && (totlen >= (len + TLV_HDR_LEN)))
343 elt = (struct brcmf_tlv *)((u8 *)elt + (len + TLV_HDR_LEN));
344 totlen -= (len + TLV_HDR_LEN);
350 /* Is any of the tlvs the expected entry? If
351 * not update the tlvs buffer pointer/length.
354 brcmf_tlv_has_ie(const u8 *ie, const u8 **tlvs, u32 *tlvs_len,
355 const u8 *oui, u32 oui_len, u8 type)
357 /* If the contents match the OUI and the type */
358 if (ie[TLV_LEN_OFF] >= oui_len + 1 &&
359 !memcmp(&ie[TLV_BODY_OFF], oui, oui_len) &&
360 type == ie[TLV_BODY_OFF + oui_len]) {
366 /* point to the next ie */
367 ie += ie[TLV_LEN_OFF] + TLV_HDR_LEN;
368 /* calculate the length of the rest of the buffer */
369 *tlvs_len -= (int)(ie - *tlvs);
370 /* update the pointer to the start of the buffer */
376 static struct brcmf_vs_tlv *
377 brcmf_find_wpaie(const u8 *parse, u32 len)
379 const struct brcmf_tlv *ie;
381 while ((ie = brcmf_parse_tlvs(parse, len, WLAN_EID_VENDOR_SPECIFIC))) {
382 if (brcmf_tlv_has_ie((const u8 *)ie, &parse, &len,
383 WPA_OUI, TLV_OUI_LEN, WPA_OUI_TYPE))
384 return (struct brcmf_vs_tlv *)ie;
389 static struct brcmf_vs_tlv *
390 brcmf_find_wpsie(const u8 *parse, u32 len)
392 const struct brcmf_tlv *ie;
394 while ((ie = brcmf_parse_tlvs(parse, len, WLAN_EID_VENDOR_SPECIFIC))) {
395 if (brcmf_tlv_has_ie((u8 *)ie, &parse, &len,
396 WPA_OUI, TLV_OUI_LEN, WPS_OUI_TYPE))
397 return (struct brcmf_vs_tlv *)ie;
402 static int brcmf_vif_change_validate(struct brcmf_cfg80211_info *cfg,
403 struct brcmf_cfg80211_vif *vif,
404 enum nl80211_iftype new_type)
406 struct brcmf_cfg80211_vif *pos;
407 bool check_combos = false;
409 struct iface_combination_params params = {
410 .num_different_channels = 1,
413 list_for_each_entry(pos, &cfg->vif_list, list)
415 params.iftype_num[new_type]++;
417 /* concurrent interfaces so need check combinations */
419 params.iftype_num[pos->wdev.iftype]++;
423 ret = cfg80211_check_combinations(cfg->wiphy, ¶ms);
428 static int brcmf_vif_add_validate(struct brcmf_cfg80211_info *cfg,
429 enum nl80211_iftype new_type)
431 struct brcmf_cfg80211_vif *pos;
432 struct iface_combination_params params = {
433 .num_different_channels = 1,
436 list_for_each_entry(pos, &cfg->vif_list, list)
437 params.iftype_num[pos->wdev.iftype]++;
439 params.iftype_num[new_type]++;
440 return cfg80211_check_combinations(cfg->wiphy, ¶ms);
443 static void convert_key_from_CPU(struct brcmf_wsec_key *key,
444 struct brcmf_wsec_key_le *key_le)
446 key_le->index = cpu_to_le32(key->index);
447 key_le->len = cpu_to_le32(key->len);
448 key_le->algo = cpu_to_le32(key->algo);
449 key_le->flags = cpu_to_le32(key->flags);
450 key_le->rxiv.hi = cpu_to_le32(key->rxiv.hi);
451 key_le->rxiv.lo = cpu_to_le16(key->rxiv.lo);
452 key_le->iv_initialized = cpu_to_le32(key->iv_initialized);
453 memcpy(key_le->data, key->data, sizeof(key->data));
454 memcpy(key_le->ea, key->ea, sizeof(key->ea));
458 send_key_to_dongle(struct brcmf_if *ifp, struct brcmf_wsec_key *key)
461 struct brcmf_wsec_key_le key_le;
463 convert_key_from_CPU(key, &key_le);
465 brcmf_netdev_wait_pend8021x(ifp);
467 err = brcmf_fil_bsscfg_data_set(ifp, "wsec_key", &key_le,
471 brcmf_err("wsec_key error (%d)\n", err);
476 brcmf_configure_arp_nd_offload(struct brcmf_if *ifp, bool enable)
482 mode = BRCMF_ARP_OL_AGENT | BRCMF_ARP_OL_PEER_AUTO_REPLY;
486 /* Try to set and enable ARP offload feature, this may fail, then it */
487 /* is simply not supported and err 0 will be returned */
488 err = brcmf_fil_iovar_int_set(ifp, "arp_ol", mode);
490 brcmf_dbg(TRACE, "failed to set ARP offload mode to 0x%x, err = %d\n",
494 err = brcmf_fil_iovar_int_set(ifp, "arpoe", enable);
496 brcmf_dbg(TRACE, "failed to configure (%d) ARP offload err = %d\n",
500 brcmf_dbg(TRACE, "successfully configured (%d) ARP offload to 0x%x\n",
504 err = brcmf_fil_iovar_int_set(ifp, "ndoe", enable);
506 brcmf_dbg(TRACE, "failed to configure (%d) ND offload err = %d\n",
510 brcmf_dbg(TRACE, "successfully configured (%d) ND offload to 0x%x\n",
517 brcmf_cfg80211_update_proto_addr_mode(struct wireless_dev *wdev)
519 struct brcmf_cfg80211_vif *vif;
520 struct brcmf_if *ifp;
522 vif = container_of(wdev, struct brcmf_cfg80211_vif, wdev);
525 if ((wdev->iftype == NL80211_IFTYPE_ADHOC) ||
526 (wdev->iftype == NL80211_IFTYPE_AP) ||
527 (wdev->iftype == NL80211_IFTYPE_P2P_GO))
528 brcmf_proto_configure_addr_mode(ifp->drvr, ifp->ifidx,
531 brcmf_proto_configure_addr_mode(ifp->drvr, ifp->ifidx,
535 static int brcmf_get_first_free_bsscfgidx(struct brcmf_pub *drvr)
539 for (bsscfgidx = 0; bsscfgidx < BRCMF_MAX_IFS; bsscfgidx++) {
540 /* bsscfgidx 1 is reserved for legacy P2P */
543 if (!drvr->iflist[bsscfgidx])
550 static int brcmf_cfg80211_request_ap_if(struct brcmf_if *ifp)
552 struct brcmf_mbss_ssid_le mbss_ssid_le;
556 memset(&mbss_ssid_le, 0, sizeof(mbss_ssid_le));
557 bsscfgidx = brcmf_get_first_free_bsscfgidx(ifp->drvr);
561 mbss_ssid_le.bsscfgidx = cpu_to_le32(bsscfgidx);
562 mbss_ssid_le.SSID_len = cpu_to_le32(5);
563 sprintf(mbss_ssid_le.SSID, "ssid%d" , bsscfgidx);
565 err = brcmf_fil_bsscfg_data_set(ifp, "bsscfg:ssid", &mbss_ssid_le,
566 sizeof(mbss_ssid_le));
568 brcmf_err("setting ssid failed %d\n", err);
574 * brcmf_ap_add_vif() - create a new AP virtual interface for multiple BSS
576 * @wiphy: wiphy device of new interface.
577 * @name: name of the new interface.
578 * @params: contains mac address for AP device.
581 struct wireless_dev *brcmf_ap_add_vif(struct wiphy *wiphy, const char *name,
582 struct vif_params *params)
584 struct brcmf_cfg80211_info *cfg = wiphy_to_cfg(wiphy);
585 struct brcmf_if *ifp = netdev_priv(cfg_to_ndev(cfg));
586 struct brcmf_cfg80211_vif *vif;
589 if (brcmf_cfg80211_vif_event_armed(cfg))
590 return ERR_PTR(-EBUSY);
592 brcmf_dbg(INFO, "Adding vif \"%s\"\n", name);
594 vif = brcmf_alloc_vif(cfg, NL80211_IFTYPE_AP);
596 return (struct wireless_dev *)vif;
598 brcmf_cfg80211_arm_vif_event(cfg, vif);
600 err = brcmf_cfg80211_request_ap_if(ifp);
602 brcmf_cfg80211_arm_vif_event(cfg, NULL);
606 /* wait for firmware event */
607 err = brcmf_cfg80211_wait_vif_event(cfg, BRCMF_E_IF_ADD,
608 BRCMF_VIF_EVENT_TIMEOUT);
609 brcmf_cfg80211_arm_vif_event(cfg, NULL);
611 brcmf_err("timeout occurred\n");
616 /* interface created in firmware */
619 brcmf_err("no if pointer provided\n");
624 strncpy(ifp->ndev->name, name, sizeof(ifp->ndev->name) - 1);
625 err = brcmf_net_attach(ifp, true);
627 brcmf_err("Registering netdevice failed\n");
628 free_netdev(ifp->ndev);
632 return &ifp->vif->wdev;
639 static bool brcmf_is_apmode(struct brcmf_cfg80211_vif *vif)
641 enum nl80211_iftype iftype;
643 iftype = vif->wdev.iftype;
644 return iftype == NL80211_IFTYPE_AP || iftype == NL80211_IFTYPE_P2P_GO;
647 static bool brcmf_is_ibssmode(struct brcmf_cfg80211_vif *vif)
649 return vif->wdev.iftype == NL80211_IFTYPE_ADHOC;
652 static struct wireless_dev *brcmf_cfg80211_add_iface(struct wiphy *wiphy,
654 unsigned char name_assign_type,
655 enum nl80211_iftype type,
656 struct vif_params *params)
658 struct wireless_dev *wdev;
661 brcmf_dbg(TRACE, "enter: %s type %d\n", name, type);
662 err = brcmf_vif_add_validate(wiphy_to_cfg(wiphy), type);
664 brcmf_err("iface validation failed: err=%d\n", err);
668 case NL80211_IFTYPE_ADHOC:
669 case NL80211_IFTYPE_STATION:
670 case NL80211_IFTYPE_AP_VLAN:
671 case NL80211_IFTYPE_WDS:
672 case NL80211_IFTYPE_MONITOR:
673 case NL80211_IFTYPE_MESH_POINT:
674 return ERR_PTR(-EOPNOTSUPP);
675 case NL80211_IFTYPE_AP:
676 wdev = brcmf_ap_add_vif(wiphy, name, params);
678 case NL80211_IFTYPE_P2P_CLIENT:
679 case NL80211_IFTYPE_P2P_GO:
680 case NL80211_IFTYPE_P2P_DEVICE:
681 wdev = brcmf_p2p_add_vif(wiphy, name, name_assign_type, type, params);
683 case NL80211_IFTYPE_UNSPECIFIED:
685 return ERR_PTR(-EINVAL);
689 brcmf_err("add iface %s type %d failed: err=%d\n",
690 name, type, (int)PTR_ERR(wdev));
692 brcmf_cfg80211_update_proto_addr_mode(wdev);
697 static void brcmf_scan_config_mpc(struct brcmf_if *ifp, int mpc)
699 if (brcmf_feat_is_quirk_enabled(ifp, BRCMF_FEAT_QUIRK_NEED_MPC))
700 brcmf_set_mpc(ifp, mpc);
703 void brcmf_set_mpc(struct brcmf_if *ifp, int mpc)
707 if (check_vif_up(ifp->vif)) {
708 err = brcmf_fil_iovar_int_set(ifp, "mpc", mpc);
710 brcmf_err("fail to set mpc\n");
713 brcmf_dbg(INFO, "MPC : %d\n", mpc);
717 s32 brcmf_notify_escan_complete(struct brcmf_cfg80211_info *cfg,
718 struct brcmf_if *ifp, bool aborted,
721 struct brcmf_scan_params_le params_le;
722 struct cfg80211_scan_request *scan_request;
727 brcmf_dbg(SCAN, "Enter\n");
729 /* clear scan request, because the FW abort can cause a second call */
730 /* to this functon and might cause a double cfg80211_scan_done */
731 scan_request = cfg->scan_request;
732 cfg->scan_request = NULL;
734 if (timer_pending(&cfg->escan_timeout))
735 del_timer_sync(&cfg->escan_timeout);
738 /* Do a scan abort to stop the driver's scan engine */
739 brcmf_dbg(SCAN, "ABORT scan in firmware\n");
740 memset(¶ms_le, 0, sizeof(params_le));
741 eth_broadcast_addr(params_le.bssid);
742 params_le.bss_type = DOT11_BSSTYPE_ANY;
743 params_le.scan_type = 0;
744 params_le.channel_num = cpu_to_le32(1);
745 params_le.nprobes = cpu_to_le32(1);
746 params_le.active_time = cpu_to_le32(-1);
747 params_le.passive_time = cpu_to_le32(-1);
748 params_le.home_time = cpu_to_le32(-1);
749 /* Scan is aborted by setting channel_list[0] to -1 */
750 params_le.channel_list[0] = cpu_to_le16(-1);
751 /* E-Scan (or anyother type) can be aborted by SCAN */
752 err = brcmf_fil_cmd_data_set(ifp, BRCMF_C_SCAN,
753 ¶ms_le, sizeof(params_le));
755 brcmf_err("Scan abort failed\n");
758 brcmf_scan_config_mpc(ifp, 1);
761 * e-scan can be initiated internally
762 * which takes precedence.
764 if (cfg->int_escan_map) {
765 brcmf_dbg(SCAN, "scheduled scan completed (%x)\n",
767 while (cfg->int_escan_map) {
768 bucket = __ffs(cfg->int_escan_map);
769 cfg->int_escan_map &= ~BIT(bucket);
770 reqid = brcmf_pno_find_reqid_by_bucket(cfg->pno,
773 brcmf_dbg(SCAN, "report results: reqid=%llu\n",
775 cfg80211_sched_scan_results(cfg_to_wiphy(cfg),
779 } else if (scan_request) {
780 struct cfg80211_scan_info info = {
784 brcmf_dbg(SCAN, "ESCAN Completed scan: %s\n",
785 aborted ? "Aborted" : "Done");
786 cfg80211_scan_done(scan_request, &info);
788 if (!test_and_clear_bit(BRCMF_SCAN_STATUS_BUSY, &cfg->scan_status))
789 brcmf_dbg(SCAN, "Scan complete, probably P2P scan\n");
794 static int brcmf_cfg80211_del_ap_iface(struct wiphy *wiphy,
795 struct wireless_dev *wdev)
797 struct brcmf_cfg80211_info *cfg = wiphy_priv(wiphy);
798 struct net_device *ndev = wdev->netdev;
799 struct brcmf_if *ifp = netdev_priv(ndev);
803 brcmf_cfg80211_arm_vif_event(cfg, ifp->vif);
805 err = brcmf_fil_bsscfg_data_set(ifp, "interface_remove", NULL, 0);
807 brcmf_err("interface_remove failed %d\n", err);
811 /* wait for firmware event */
812 ret = brcmf_cfg80211_wait_vif_event(cfg, BRCMF_E_IF_DEL,
813 BRCMF_VIF_EVENT_TIMEOUT);
815 brcmf_err("timeout occurred\n");
820 brcmf_remove_interface(ifp, true);
823 brcmf_cfg80211_arm_vif_event(cfg, NULL);
828 int brcmf_cfg80211_del_iface(struct wiphy *wiphy, struct wireless_dev *wdev)
830 struct brcmf_cfg80211_info *cfg = wiphy_priv(wiphy);
831 struct net_device *ndev = wdev->netdev;
833 if (ndev && ndev == cfg_to_ndev(cfg))
836 /* vif event pending in firmware */
837 if (brcmf_cfg80211_vif_event_armed(cfg))
841 if (test_bit(BRCMF_SCAN_STATUS_BUSY, &cfg->scan_status) &&
842 cfg->escan_info.ifp == netdev_priv(ndev))
843 brcmf_notify_escan_complete(cfg, netdev_priv(ndev),
846 brcmf_fil_iovar_int_set(netdev_priv(ndev), "mpc", 1);
849 switch (wdev->iftype) {
850 case NL80211_IFTYPE_ADHOC:
851 case NL80211_IFTYPE_STATION:
852 case NL80211_IFTYPE_AP_VLAN:
853 case NL80211_IFTYPE_WDS:
854 case NL80211_IFTYPE_MONITOR:
855 case NL80211_IFTYPE_MESH_POINT:
857 case NL80211_IFTYPE_AP:
858 return brcmf_cfg80211_del_ap_iface(wiphy, wdev);
859 case NL80211_IFTYPE_P2P_CLIENT:
860 case NL80211_IFTYPE_P2P_GO:
861 case NL80211_IFTYPE_P2P_DEVICE:
862 return brcmf_p2p_del_vif(wiphy, wdev);
863 case NL80211_IFTYPE_UNSPECIFIED:
871 brcmf_cfg80211_change_iface(struct wiphy *wiphy, struct net_device *ndev,
872 enum nl80211_iftype type,
873 struct vif_params *params)
875 struct brcmf_cfg80211_info *cfg = wiphy_priv(wiphy);
876 struct brcmf_if *ifp = netdev_priv(ndev);
877 struct brcmf_cfg80211_vif *vif = ifp->vif;
882 brcmf_dbg(TRACE, "Enter, bsscfgidx=%d, type=%d\n", ifp->bsscfgidx,
885 /* WAR: There are a number of p2p interface related problems which
886 * need to be handled initially (before doing the validate).
887 * wpa_supplicant tends to do iface changes on p2p device/client/go
888 * which are not always possible/allowed. However we need to return
889 * OK otherwise the wpa_supplicant wont start. The situation differs
890 * on configuration and setup (p2pon=1 module param). The first check
891 * is to see if the request is a change to station for p2p iface.
893 if ((type == NL80211_IFTYPE_STATION) &&
894 ((vif->wdev.iftype == NL80211_IFTYPE_P2P_CLIENT) ||
895 (vif->wdev.iftype == NL80211_IFTYPE_P2P_GO) ||
896 (vif->wdev.iftype == NL80211_IFTYPE_P2P_DEVICE))) {
897 brcmf_dbg(TRACE, "Ignoring cmd for p2p if\n");
898 /* Now depending on whether module param p2pon=1 was used the
899 * response needs to be either 0 or EOPNOTSUPP. The reason is
900 * that if p2pon=1 is used, but a newer supplicant is used then
901 * we should return an error, as this combination wont work.
902 * In other situations 0 is returned and supplicant will start
903 * normally. It will give a trace in cfg80211, but it is the
904 * only way to get it working. Unfortunately this will result
905 * in situation where we wont support new supplicant in
906 * combination with module param p2pon=1, but that is the way
907 * it is. If the user tries this then unloading of driver might
910 if (cfg->p2p.p2pdev_dynamically)
915 err = brcmf_vif_change_validate(wiphy_to_cfg(wiphy), vif, type);
917 brcmf_err("iface validation failed: err=%d\n", err);
921 case NL80211_IFTYPE_MONITOR:
922 case NL80211_IFTYPE_WDS:
923 brcmf_err("type (%d) : currently we do not support this type\n",
926 case NL80211_IFTYPE_ADHOC:
929 case NL80211_IFTYPE_STATION:
932 case NL80211_IFTYPE_AP:
933 case NL80211_IFTYPE_P2P_GO:
942 if (type == NL80211_IFTYPE_P2P_GO) {
943 brcmf_dbg(INFO, "IF Type = P2P GO\n");
944 err = brcmf_p2p_ifchange(cfg, BRCMF_FIL_P2P_IF_GO);
947 brcmf_dbg(INFO, "IF Type = AP\n");
950 err = brcmf_fil_cmd_int_set(ifp, BRCMF_C_SET_INFRA, infra);
952 brcmf_err("WLC_SET_INFRA error (%d)\n", err);
956 brcmf_dbg(INFO, "IF Type = %s\n", brcmf_is_ibssmode(vif) ?
959 ndev->ieee80211_ptr->iftype = type;
961 brcmf_cfg80211_update_proto_addr_mode(&vif->wdev);
964 brcmf_dbg(TRACE, "Exit\n");
969 static void brcmf_escan_prep(struct brcmf_cfg80211_info *cfg,
970 struct brcmf_scan_params_le *params_le,
971 struct cfg80211_scan_request *request)
979 struct brcmf_ssid_le ssid_le;
981 eth_broadcast_addr(params_le->bssid);
982 params_le->bss_type = DOT11_BSSTYPE_ANY;
983 params_le->scan_type = BRCMF_SCANTYPE_ACTIVE;
984 params_le->channel_num = 0;
985 params_le->nprobes = cpu_to_le32(-1);
986 params_le->active_time = cpu_to_le32(-1);
987 params_le->passive_time = cpu_to_le32(-1);
988 params_le->home_time = cpu_to_le32(-1);
989 memset(¶ms_le->ssid_le, 0, sizeof(params_le->ssid_le));
991 n_ssids = request->n_ssids;
992 n_channels = request->n_channels;
994 /* Copy channel array if applicable */
995 brcmf_dbg(SCAN, "### List of channelspecs to scan ### %d\n",
997 if (n_channels > 0) {
998 for (i = 0; i < n_channels; i++) {
999 chanspec = channel_to_chanspec(&cfg->d11inf,
1000 request->channels[i]);
1001 brcmf_dbg(SCAN, "Chan : %d, Channel spec: %x\n",
1002 request->channels[i]->hw_value, chanspec);
1003 params_le->channel_list[i] = cpu_to_le16(chanspec);
1006 brcmf_dbg(SCAN, "Scanning all channels\n");
1008 /* Copy ssid array if applicable */
1009 brcmf_dbg(SCAN, "### List of SSIDs to scan ### %d\n", n_ssids);
1011 offset = offsetof(struct brcmf_scan_params_le, channel_list) +
1012 n_channels * sizeof(u16);
1013 offset = roundup(offset, sizeof(u32));
1014 ptr = (char *)params_le + offset;
1015 for (i = 0; i < n_ssids; i++) {
1016 memset(&ssid_le, 0, sizeof(ssid_le));
1018 cpu_to_le32(request->ssids[i].ssid_len);
1019 memcpy(ssid_le.SSID, request->ssids[i].ssid,
1020 request->ssids[i].ssid_len);
1021 if (!ssid_le.SSID_len)
1022 brcmf_dbg(SCAN, "%d: Broadcast scan\n", i);
1024 brcmf_dbg(SCAN, "%d: scan for %.32s size=%d\n",
1025 i, ssid_le.SSID, ssid_le.SSID_len);
1026 memcpy(ptr, &ssid_le, sizeof(ssid_le));
1027 ptr += sizeof(ssid_le);
1030 brcmf_dbg(SCAN, "Performing passive scan\n");
1031 params_le->scan_type = BRCMF_SCANTYPE_PASSIVE;
1033 /* Adding mask to channel numbers */
1034 params_le->channel_num =
1035 cpu_to_le32((n_ssids << BRCMF_SCAN_PARAMS_NSSID_SHIFT) |
1036 (n_channels & BRCMF_SCAN_PARAMS_COUNT_MASK));
1040 brcmf_run_escan(struct brcmf_cfg80211_info *cfg, struct brcmf_if *ifp,
1041 struct cfg80211_scan_request *request)
1043 s32 params_size = BRCMF_SCAN_PARAMS_FIXED_SIZE +
1044 offsetof(struct brcmf_escan_params_le, params_le);
1045 struct brcmf_escan_params_le *params;
1048 brcmf_dbg(SCAN, "E-SCAN START\n");
1050 if (request != NULL) {
1051 /* Allocate space for populating ssids in struct */
1052 params_size += sizeof(u32) * ((request->n_channels + 1) / 2);
1054 /* Allocate space for populating ssids in struct */
1055 params_size += sizeof(struct brcmf_ssid_le) * request->n_ssids;
1058 params = kzalloc(params_size, GFP_KERNEL);
1063 BUG_ON(params_size + sizeof("escan") >= BRCMF_DCMD_MEDLEN);
1064 brcmf_escan_prep(cfg, ¶ms->params_le, request);
1065 params->version = cpu_to_le32(BRCMF_ESCAN_REQ_VERSION);
1066 params->action = cpu_to_le16(WL_ESCAN_ACTION_START);
1067 params->sync_id = cpu_to_le16(0x1234);
1069 err = brcmf_fil_iovar_data_set(ifp, "escan", params, params_size);
1072 brcmf_dbg(INFO, "system busy : escan canceled\n");
1074 brcmf_err("error (%d)\n", err);
1083 brcmf_do_escan(struct brcmf_if *ifp, struct cfg80211_scan_request *request)
1085 struct brcmf_cfg80211_info *cfg = ifp->drvr->config;
1088 struct brcmf_scan_results *results;
1089 struct escan_info *escan = &cfg->escan_info;
1091 brcmf_dbg(SCAN, "Enter\n");
1093 escan->wiphy = cfg->wiphy;
1094 escan->escan_state = WL_ESCAN_STATE_SCANNING;
1095 passive_scan = cfg->active_scan ? 0 : 1;
1096 err = brcmf_fil_cmd_int_set(ifp, BRCMF_C_SET_PASSIVE_SCAN,
1099 brcmf_err("error (%d)\n", err);
1102 brcmf_scan_config_mpc(ifp, 0);
1103 results = (struct brcmf_scan_results *)cfg->escan_info.escan_buf;
1104 results->version = 0;
1106 results->buflen = WL_ESCAN_RESULTS_FIXED_SIZE;
1108 err = escan->run(cfg, ifp, request);
1110 brcmf_scan_config_mpc(ifp, 1);
1115 brcmf_cfg80211_escan(struct wiphy *wiphy, struct brcmf_cfg80211_vif *vif,
1116 struct cfg80211_scan_request *request,
1117 struct cfg80211_ssid *this_ssid)
1119 struct brcmf_if *ifp = vif->ifp;
1120 struct brcmf_cfg80211_info *cfg = wiphy_to_cfg(wiphy);
1121 struct cfg80211_ssid *ssids;
1126 struct brcmf_ssid_le ssid_le;
1129 brcmf_dbg(SCAN, "START ESCAN\n");
1131 if (test_bit(BRCMF_SCAN_STATUS_BUSY, &cfg->scan_status)) {
1132 brcmf_err("Scanning already: status (%lu)\n", cfg->scan_status);
1135 if (test_bit(BRCMF_SCAN_STATUS_ABORT, &cfg->scan_status)) {
1136 brcmf_err("Scanning being aborted: status (%lu)\n",
1140 if (test_bit(BRCMF_SCAN_STATUS_SUPPRESS, &cfg->scan_status)) {
1141 brcmf_err("Scanning suppressed: status (%lu)\n",
1145 if (test_bit(BRCMF_VIF_STATUS_CONNECTING, &ifp->vif->sme_state)) {
1146 brcmf_err("Connecting: status (%lu)\n", ifp->vif->sme_state);
1150 /* If scan req comes for p2p0, send it over primary I/F */
1151 if (vif == cfg->p2p.bss_idx[P2PAPI_BSSCFG_DEVICE].vif)
1152 vif = cfg->p2p.bss_idx[P2PAPI_BSSCFG_PRIMARY].vif;
1157 ssids = request->ssids;
1161 /* we don't do escan in ibss */
1165 cfg->scan_request = request;
1166 set_bit(BRCMF_SCAN_STATUS_BUSY, &cfg->scan_status);
1168 cfg->escan_info.run = brcmf_run_escan;
1169 err = brcmf_p2p_scan_prep(wiphy, request, vif);
1173 err = brcmf_do_escan(vif->ifp, request);
1177 brcmf_dbg(SCAN, "ssid \"%s\", ssid_len (%d)\n",
1178 ssids->ssid, ssids->ssid_len);
1179 memset(&ssid_le, 0, sizeof(ssid_le));
1180 SSID_len = min_t(u8, sizeof(ssid_le.SSID), ssids->ssid_len);
1181 ssid_le.SSID_len = cpu_to_le32(0);
1184 memcpy(ssid_le.SSID, ssids->ssid, SSID_len);
1185 ssid_le.SSID_len = cpu_to_le32(SSID_len);
1188 brcmf_dbg(SCAN, "Broadcast scan\n");
1190 passive_scan = cfg->active_scan ? 0 : 1;
1191 err = brcmf_fil_cmd_int_set(ifp, BRCMF_C_SET_PASSIVE_SCAN,
1194 brcmf_err("WLC_SET_PASSIVE_SCAN error (%d)\n", err);
1197 brcmf_scan_config_mpc(ifp, 0);
1198 err = brcmf_fil_cmd_data_set(ifp, BRCMF_C_SCAN, &ssid_le,
1202 brcmf_dbg(INFO, "BUSY: scan for \"%s\" canceled\n",
1205 brcmf_err("WLC_SCAN error (%d)\n", err);
1207 brcmf_scan_config_mpc(ifp, 1);
1212 /* Arm scan timeout timer */
1213 mod_timer(&cfg->escan_timeout, jiffies +
1214 BRCMF_ESCAN_TIMER_INTERVAL_MS * HZ / 1000);
1219 clear_bit(BRCMF_SCAN_STATUS_BUSY, &cfg->scan_status);
1220 cfg->scan_request = NULL;
1225 brcmf_cfg80211_scan(struct wiphy *wiphy, struct cfg80211_scan_request *request)
1227 struct brcmf_cfg80211_vif *vif;
1230 brcmf_dbg(TRACE, "Enter\n");
1231 vif = container_of(request->wdev, struct brcmf_cfg80211_vif, wdev);
1232 if (!check_vif_up(vif))
1235 err = brcmf_cfg80211_escan(wiphy, vif, request, NULL);
1238 brcmf_err("scan error (%d)\n", err);
1240 brcmf_dbg(TRACE, "Exit\n");
1244 static s32 brcmf_set_rts(struct net_device *ndev, u32 rts_threshold)
1248 err = brcmf_fil_iovar_int_set(netdev_priv(ndev), "rtsthresh",
1251 brcmf_err("Error (%d)\n", err);
1256 static s32 brcmf_set_frag(struct net_device *ndev, u32 frag_threshold)
1260 err = brcmf_fil_iovar_int_set(netdev_priv(ndev), "fragthresh",
1263 brcmf_err("Error (%d)\n", err);
1268 static s32 brcmf_set_retry(struct net_device *ndev, u32 retry, bool l)
1271 u32 cmd = (l ? BRCMF_C_SET_LRL : BRCMF_C_SET_SRL);
1273 err = brcmf_fil_cmd_int_set(netdev_priv(ndev), cmd, retry);
1275 brcmf_err("cmd (%d) , error (%d)\n", cmd, err);
1281 static s32 brcmf_cfg80211_set_wiphy_params(struct wiphy *wiphy, u32 changed)
1283 struct brcmf_cfg80211_info *cfg = wiphy_to_cfg(wiphy);
1284 struct net_device *ndev = cfg_to_ndev(cfg);
1285 struct brcmf_if *ifp = netdev_priv(ndev);
1288 brcmf_dbg(TRACE, "Enter\n");
1289 if (!check_vif_up(ifp->vif))
1292 if (changed & WIPHY_PARAM_RTS_THRESHOLD &&
1293 (cfg->conf->rts_threshold != wiphy->rts_threshold)) {
1294 cfg->conf->rts_threshold = wiphy->rts_threshold;
1295 err = brcmf_set_rts(ndev, cfg->conf->rts_threshold);
1299 if (changed & WIPHY_PARAM_FRAG_THRESHOLD &&
1300 (cfg->conf->frag_threshold != wiphy->frag_threshold)) {
1301 cfg->conf->frag_threshold = wiphy->frag_threshold;
1302 err = brcmf_set_frag(ndev, cfg->conf->frag_threshold);
1306 if (changed & WIPHY_PARAM_RETRY_LONG
1307 && (cfg->conf->retry_long != wiphy->retry_long)) {
1308 cfg->conf->retry_long = wiphy->retry_long;
1309 err = brcmf_set_retry(ndev, cfg->conf->retry_long, true);
1313 if (changed & WIPHY_PARAM_RETRY_SHORT
1314 && (cfg->conf->retry_short != wiphy->retry_short)) {
1315 cfg->conf->retry_short = wiphy->retry_short;
1316 err = brcmf_set_retry(ndev, cfg->conf->retry_short, false);
1322 brcmf_dbg(TRACE, "Exit\n");
1326 static void brcmf_init_prof(struct brcmf_cfg80211_profile *prof)
1328 memset(prof, 0, sizeof(*prof));
1331 static u16 brcmf_map_fw_linkdown_reason(const struct brcmf_event_msg *e)
1335 switch (e->event_code) {
1336 case BRCMF_E_DEAUTH:
1337 case BRCMF_E_DEAUTH_IND:
1338 case BRCMF_E_DISASSOC_IND:
1349 static int brcmf_set_pmk(struct brcmf_if *ifp, const u8 *pmk_data, u16 pmk_len)
1351 struct brcmf_wsec_pmk_le pmk;
1354 memset(&pmk, 0, sizeof(pmk));
1356 /* pass pmk directly */
1357 pmk.key_len = cpu_to_le16(pmk_len);
1358 pmk.flags = cpu_to_le16(0);
1359 memcpy(pmk.key, pmk_data, pmk_len);
1361 /* store psk in firmware */
1362 err = brcmf_fil_cmd_data_set(ifp, BRCMF_C_SET_WSEC_PMK,
1365 brcmf_err("failed to change PSK in firmware (len=%u)\n",
1371 static void brcmf_link_down(struct brcmf_cfg80211_vif *vif, u16 reason)
1373 struct brcmf_cfg80211_info *cfg = wiphy_to_cfg(vif->wdev.wiphy);
1376 brcmf_dbg(TRACE, "Enter\n");
1378 if (test_and_clear_bit(BRCMF_VIF_STATUS_CONNECTED, &vif->sme_state)) {
1379 brcmf_dbg(INFO, "Call WLC_DISASSOC to stop excess roaming\n ");
1380 err = brcmf_fil_cmd_data_set(vif->ifp,
1381 BRCMF_C_DISASSOC, NULL, 0);
1383 brcmf_err("WLC_DISASSOC failed (%d)\n", err);
1385 if ((vif->wdev.iftype == NL80211_IFTYPE_STATION) ||
1386 (vif->wdev.iftype == NL80211_IFTYPE_P2P_CLIENT))
1387 cfg80211_disconnected(vif->wdev.netdev, reason, NULL, 0,
1390 clear_bit(BRCMF_VIF_STATUS_CONNECTING, &vif->sme_state);
1391 clear_bit(BRCMF_SCAN_STATUS_SUPPRESS, &cfg->scan_status);
1392 brcmf_btcoex_set_mode(vif, BRCMF_BTCOEX_ENABLED, 0);
1393 if (vif->profile.use_fwsup != BRCMF_PROFILE_FWSUP_NONE) {
1394 brcmf_set_pmk(vif->ifp, NULL, 0);
1395 vif->profile.use_fwsup = BRCMF_PROFILE_FWSUP_NONE;
1397 brcmf_dbg(TRACE, "Exit\n");
1401 brcmf_cfg80211_join_ibss(struct wiphy *wiphy, struct net_device *ndev,
1402 struct cfg80211_ibss_params *params)
1404 struct brcmf_cfg80211_info *cfg = wiphy_to_cfg(wiphy);
1405 struct brcmf_if *ifp = netdev_priv(ndev);
1406 struct brcmf_cfg80211_profile *profile = &ifp->vif->profile;
1407 struct brcmf_join_params join_params;
1408 size_t join_params_size = 0;
1415 brcmf_dbg(TRACE, "Enter\n");
1416 if (!check_vif_up(ifp->vif))
1420 brcmf_dbg(CONN, "SSID: %s\n", params->ssid);
1422 brcmf_dbg(CONN, "SSID: NULL, Not supported\n");
1426 set_bit(BRCMF_VIF_STATUS_CONNECTING, &ifp->vif->sme_state);
1429 brcmf_dbg(CONN, "BSSID: %pM\n", params->bssid);
1431 brcmf_dbg(CONN, "No BSSID specified\n");
1433 if (params->chandef.chan)
1434 brcmf_dbg(CONN, "channel: %d\n",
1435 params->chandef.chan->center_freq);
1437 brcmf_dbg(CONN, "no channel specified\n");
1439 if (params->channel_fixed)
1440 brcmf_dbg(CONN, "fixed channel required\n");
1442 brcmf_dbg(CONN, "no fixed channel required\n");
1444 if (params->ie && params->ie_len)
1445 brcmf_dbg(CONN, "ie len: %d\n", params->ie_len);
1447 brcmf_dbg(CONN, "no ie specified\n");
1449 if (params->beacon_interval)
1450 brcmf_dbg(CONN, "beacon interval: %d\n",
1451 params->beacon_interval);
1453 brcmf_dbg(CONN, "no beacon interval specified\n");
1455 if (params->basic_rates)
1456 brcmf_dbg(CONN, "basic rates: %08X\n", params->basic_rates);
1458 brcmf_dbg(CONN, "no basic rates specified\n");
1460 if (params->privacy)
1461 brcmf_dbg(CONN, "privacy required\n");
1463 brcmf_dbg(CONN, "no privacy required\n");
1465 /* Configure Privacy for starter */
1466 if (params->privacy)
1467 wsec |= WEP_ENABLED;
1469 err = brcmf_fil_iovar_int_set(ifp, "wsec", wsec);
1471 brcmf_err("wsec failed (%d)\n", err);
1475 /* Configure Beacon Interval for starter */
1476 if (params->beacon_interval)
1477 bcnprd = params->beacon_interval;
1481 err = brcmf_fil_cmd_int_set(ifp, BRCMF_C_SET_BCNPRD, bcnprd);
1483 brcmf_err("WLC_SET_BCNPRD failed (%d)\n", err);
1487 /* Configure required join parameter */
1488 memset(&join_params, 0, sizeof(struct brcmf_join_params));
1491 ssid_len = min_t(u32, params->ssid_len, IEEE80211_MAX_SSID_LEN);
1492 memcpy(join_params.ssid_le.SSID, params->ssid, ssid_len);
1493 join_params.ssid_le.SSID_len = cpu_to_le32(ssid_len);
1494 join_params_size = sizeof(join_params.ssid_le);
1497 if (params->bssid) {
1498 memcpy(join_params.params_le.bssid, params->bssid, ETH_ALEN);
1499 join_params_size += BRCMF_ASSOC_PARAMS_FIXED_SIZE;
1500 memcpy(profile->bssid, params->bssid, ETH_ALEN);
1502 eth_broadcast_addr(join_params.params_le.bssid);
1503 eth_zero_addr(profile->bssid);
1507 if (params->chandef.chan) {
1511 ieee80211_frequency_to_channel(
1512 params->chandef.chan->center_freq);
1513 if (params->channel_fixed) {
1514 /* adding chanspec */
1515 chanspec = chandef_to_chanspec(&cfg->d11inf,
1517 join_params.params_le.chanspec_list[0] =
1518 cpu_to_le16(chanspec);
1519 join_params.params_le.chanspec_num = cpu_to_le32(1);
1520 join_params_size += sizeof(join_params.params_le);
1523 /* set channel for starter */
1524 target_channel = cfg->channel;
1525 err = brcmf_fil_cmd_int_set(ifp, BRCMF_C_SET_CHANNEL,
1528 brcmf_err("WLC_SET_CHANNEL failed (%d)\n", err);
1534 cfg->ibss_starter = false;
1537 err = brcmf_fil_cmd_data_set(ifp, BRCMF_C_SET_SSID,
1538 &join_params, join_params_size);
1540 brcmf_err("WLC_SET_SSID failed (%d)\n", err);
1546 clear_bit(BRCMF_VIF_STATUS_CONNECTING, &ifp->vif->sme_state);
1547 brcmf_dbg(TRACE, "Exit\n");
1552 brcmf_cfg80211_leave_ibss(struct wiphy *wiphy, struct net_device *ndev)
1554 struct brcmf_if *ifp = netdev_priv(ndev);
1556 brcmf_dbg(TRACE, "Enter\n");
1557 if (!check_vif_up(ifp->vif)) {
1558 /* When driver is being unloaded, it can end up here. If an
1559 * error is returned then later on a debug trace in the wireless
1560 * core module will be printed. To avoid this 0 is returned.
1565 brcmf_link_down(ifp->vif, WLAN_REASON_DEAUTH_LEAVING);
1566 brcmf_net_setcarrier(ifp, false);
1568 brcmf_dbg(TRACE, "Exit\n");
1573 static s32 brcmf_set_wpa_version(struct net_device *ndev,
1574 struct cfg80211_connect_params *sme)
1576 struct brcmf_cfg80211_profile *profile = ndev_to_prof(ndev);
1577 struct brcmf_cfg80211_security *sec;
1581 if (sme->crypto.wpa_versions & NL80211_WPA_VERSION_1)
1582 val = WPA_AUTH_PSK | WPA_AUTH_UNSPECIFIED;
1583 else if (sme->crypto.wpa_versions & NL80211_WPA_VERSION_2)
1584 val = WPA2_AUTH_PSK | WPA2_AUTH_UNSPECIFIED;
1586 val = WPA_AUTH_DISABLED;
1587 brcmf_dbg(CONN, "setting wpa_auth to 0x%0x\n", val);
1588 err = brcmf_fil_bsscfg_int_set(netdev_priv(ndev), "wpa_auth", val);
1590 brcmf_err("set wpa_auth failed (%d)\n", err);
1593 sec = &profile->sec;
1594 sec->wpa_versions = sme->crypto.wpa_versions;
1598 static s32 brcmf_set_auth_type(struct net_device *ndev,
1599 struct cfg80211_connect_params *sme)
1601 struct brcmf_cfg80211_profile *profile = ndev_to_prof(ndev);
1602 struct brcmf_cfg80211_security *sec;
1606 switch (sme->auth_type) {
1607 case NL80211_AUTHTYPE_OPEN_SYSTEM:
1609 brcmf_dbg(CONN, "open system\n");
1611 case NL80211_AUTHTYPE_SHARED_KEY:
1613 brcmf_dbg(CONN, "shared key\n");
1617 brcmf_dbg(CONN, "automatic, auth type (%d)\n", sme->auth_type);
1621 err = brcmf_fil_bsscfg_int_set(netdev_priv(ndev), "auth", val);
1623 brcmf_err("set auth failed (%d)\n", err);
1626 sec = &profile->sec;
1627 sec->auth_type = sme->auth_type;
1632 brcmf_set_wsec_mode(struct net_device *ndev,
1633 struct cfg80211_connect_params *sme)
1635 struct brcmf_cfg80211_profile *profile = ndev_to_prof(ndev);
1636 struct brcmf_cfg80211_security *sec;
1642 if (sme->crypto.n_ciphers_pairwise) {
1643 switch (sme->crypto.ciphers_pairwise[0]) {
1644 case WLAN_CIPHER_SUITE_WEP40:
1645 case WLAN_CIPHER_SUITE_WEP104:
1648 case WLAN_CIPHER_SUITE_TKIP:
1649 pval = TKIP_ENABLED;
1651 case WLAN_CIPHER_SUITE_CCMP:
1654 case WLAN_CIPHER_SUITE_AES_CMAC:
1658 brcmf_err("invalid cipher pairwise (%d)\n",
1659 sme->crypto.ciphers_pairwise[0]);
1663 if (sme->crypto.cipher_group) {
1664 switch (sme->crypto.cipher_group) {
1665 case WLAN_CIPHER_SUITE_WEP40:
1666 case WLAN_CIPHER_SUITE_WEP104:
1669 case WLAN_CIPHER_SUITE_TKIP:
1670 gval = TKIP_ENABLED;
1672 case WLAN_CIPHER_SUITE_CCMP:
1675 case WLAN_CIPHER_SUITE_AES_CMAC:
1679 brcmf_err("invalid cipher group (%d)\n",
1680 sme->crypto.cipher_group);
1685 brcmf_dbg(CONN, "pval (%d) gval (%d)\n", pval, gval);
1686 /* In case of privacy, but no security and WPS then simulate */
1687 /* setting AES. WPS-2.0 allows no security */
1688 if (brcmf_find_wpsie(sme->ie, sme->ie_len) && !pval && !gval &&
1693 err = brcmf_fil_bsscfg_int_set(netdev_priv(ndev), "wsec", wsec);
1695 brcmf_err("error (%d)\n", err);
1699 sec = &profile->sec;
1700 sec->cipher_pairwise = sme->crypto.ciphers_pairwise[0];
1701 sec->cipher_group = sme->crypto.cipher_group;
1707 brcmf_set_key_mgmt(struct net_device *ndev, struct cfg80211_connect_params *sme)
1709 struct brcmf_if *ifp = netdev_priv(ndev);
1710 struct brcmf_cfg80211_profile *profile = &ifp->vif->profile;
1713 const struct brcmf_tlv *rsn_ie;
1721 profile->use_fwsup = BRCMF_PROFILE_FWSUP_NONE;
1723 if (!sme->crypto.n_akm_suites)
1726 err = brcmf_fil_bsscfg_int_get(netdev_priv(ndev), "wpa_auth", &val);
1728 brcmf_err("could not get wpa_auth (%d)\n", err);
1731 if (val & (WPA_AUTH_PSK | WPA_AUTH_UNSPECIFIED)) {
1732 switch (sme->crypto.akm_suites[0]) {
1733 case WLAN_AKM_SUITE_8021X:
1734 val = WPA_AUTH_UNSPECIFIED;
1736 profile->use_fwsup = BRCMF_PROFILE_FWSUP_1X;
1738 case WLAN_AKM_SUITE_PSK:
1742 brcmf_err("invalid cipher group (%d)\n",
1743 sme->crypto.cipher_group);
1746 } else if (val & (WPA2_AUTH_PSK | WPA2_AUTH_UNSPECIFIED)) {
1747 switch (sme->crypto.akm_suites[0]) {
1748 case WLAN_AKM_SUITE_8021X:
1749 val = WPA2_AUTH_UNSPECIFIED;
1751 profile->use_fwsup = BRCMF_PROFILE_FWSUP_1X;
1753 case WLAN_AKM_SUITE_8021X_SHA256:
1754 val = WPA2_AUTH_1X_SHA256;
1756 profile->use_fwsup = BRCMF_PROFILE_FWSUP_1X;
1758 case WLAN_AKM_SUITE_PSK_SHA256:
1759 val = WPA2_AUTH_PSK_SHA256;
1761 case WLAN_AKM_SUITE_PSK:
1762 val = WPA2_AUTH_PSK;
1765 brcmf_err("invalid cipher group (%d)\n",
1766 sme->crypto.cipher_group);
1771 if (profile->use_fwsup == BRCMF_PROFILE_FWSUP_1X)
1772 brcmf_dbg(INFO, "using 1X offload\n");
1774 if (!brcmf_feat_is_enabled(ifp, BRCMF_FEAT_MFP))
1775 goto skip_mfp_config;
1776 /* The MFP mode (1 or 2) needs to be determined, parse IEs. The
1777 * IE will not be verified, just a quick search for MFP config
1779 rsn_ie = brcmf_parse_tlvs((const u8 *)sme->ie, sme->ie_len,
1782 goto skip_mfp_config;
1783 ie = (const u8 *)rsn_ie;
1784 ie_len = rsn_ie->len + TLV_HDR_LEN;
1785 /* Skip unicast suite */
1786 offset = TLV_HDR_LEN + WPA_IE_VERSION_LEN + WPA_IE_MIN_OUI_LEN;
1787 if (offset + WPA_IE_SUITE_COUNT_LEN >= ie_len)
1788 goto skip_mfp_config;
1789 /* Skip multicast suite */
1790 count = ie[offset] + (ie[offset + 1] << 8);
1791 offset += WPA_IE_SUITE_COUNT_LEN + (count * WPA_IE_MIN_OUI_LEN);
1792 if (offset + WPA_IE_SUITE_COUNT_LEN >= ie_len)
1793 goto skip_mfp_config;
1794 /* Skip auth key management suite(s) */
1795 count = ie[offset] + (ie[offset + 1] << 8);
1796 offset += WPA_IE_SUITE_COUNT_LEN + (count * WPA_IE_MIN_OUI_LEN);
1797 if (offset + WPA_IE_SUITE_COUNT_LEN > ie_len)
1798 goto skip_mfp_config;
1799 /* Ready to read capabilities */
1800 mfp = BRCMF_MFP_NONE;
1801 rsn_cap = ie[offset] + (ie[offset + 1] << 8);
1802 if (rsn_cap & RSN_CAP_MFPR_MASK)
1803 mfp = BRCMF_MFP_REQUIRED;
1804 else if (rsn_cap & RSN_CAP_MFPC_MASK)
1805 mfp = BRCMF_MFP_CAPABLE;
1806 brcmf_fil_bsscfg_int_set(netdev_priv(ndev), "mfp", mfp);
1809 brcmf_dbg(CONN, "setting wpa_auth to %d\n", val);
1810 err = brcmf_fil_bsscfg_int_set(netdev_priv(ndev), "wpa_auth", val);
1812 brcmf_err("could not set wpa_auth (%d)\n", err);
1820 brcmf_set_sharedkey(struct net_device *ndev,
1821 struct cfg80211_connect_params *sme)
1823 struct brcmf_cfg80211_profile *profile = ndev_to_prof(ndev);
1824 struct brcmf_cfg80211_security *sec;
1825 struct brcmf_wsec_key key;
1829 brcmf_dbg(CONN, "key len (%d)\n", sme->key_len);
1831 if (sme->key_len == 0)
1834 sec = &profile->sec;
1835 brcmf_dbg(CONN, "wpa_versions 0x%x cipher_pairwise 0x%x\n",
1836 sec->wpa_versions, sec->cipher_pairwise);
1838 if (sec->wpa_versions & (NL80211_WPA_VERSION_1 | NL80211_WPA_VERSION_2))
1841 if (!(sec->cipher_pairwise &
1842 (WLAN_CIPHER_SUITE_WEP40 | WLAN_CIPHER_SUITE_WEP104)))
1845 memset(&key, 0, sizeof(key));
1846 key.len = (u32) sme->key_len;
1847 key.index = (u32) sme->key_idx;
1848 if (key.len > sizeof(key.data)) {
1849 brcmf_err("Too long key length (%u)\n", key.len);
1852 memcpy(key.data, sme->key, key.len);
1853 key.flags = BRCMF_PRIMARY_KEY;
1854 switch (sec->cipher_pairwise) {
1855 case WLAN_CIPHER_SUITE_WEP40:
1856 key.algo = CRYPTO_ALGO_WEP1;
1858 case WLAN_CIPHER_SUITE_WEP104:
1859 key.algo = CRYPTO_ALGO_WEP128;
1862 brcmf_err("Invalid algorithm (%d)\n",
1863 sme->crypto.ciphers_pairwise[0]);
1866 /* Set the new key/index */
1867 brcmf_dbg(CONN, "key length (%d) key index (%d) algo (%d)\n",
1868 key.len, key.index, key.algo);
1869 brcmf_dbg(CONN, "key \"%s\"\n", key.data);
1870 err = send_key_to_dongle(netdev_priv(ndev), &key);
1874 if (sec->auth_type == NL80211_AUTHTYPE_SHARED_KEY) {
1875 brcmf_dbg(CONN, "set auth_type to shared key\n");
1876 val = WL_AUTH_SHARED_KEY; /* shared key */
1877 err = brcmf_fil_bsscfg_int_set(netdev_priv(ndev), "auth", val);
1879 brcmf_err("set auth failed (%d)\n", err);
1885 enum nl80211_auth_type brcmf_war_auth_type(struct brcmf_if *ifp,
1886 enum nl80211_auth_type type)
1888 if (type == NL80211_AUTHTYPE_AUTOMATIC &&
1889 brcmf_feat_is_quirk_enabled(ifp, BRCMF_FEAT_QUIRK_AUTO_AUTH)) {
1890 brcmf_dbg(CONN, "WAR: use OPEN instead of AUTO\n");
1891 type = NL80211_AUTHTYPE_OPEN_SYSTEM;
1896 static void brcmf_set_join_pref(struct brcmf_if *ifp,
1897 struct cfg80211_bss_selection *bss_select)
1899 struct brcmf_join_pref_params join_pref_params[2];
1900 enum nl80211_band band;
1903 join_pref_params[i].len = 2;
1904 join_pref_params[i].rssi_gain = 0;
1906 if (bss_select->behaviour != NL80211_BSS_SELECT_ATTR_BAND_PREF)
1907 brcmf_fil_cmd_int_set(ifp, BRCMF_C_SET_ASSOC_PREFER, WLC_BAND_AUTO);
1909 switch (bss_select->behaviour) {
1910 case __NL80211_BSS_SELECT_ATTR_INVALID:
1911 brcmf_c_set_joinpref_default(ifp);
1913 case NL80211_BSS_SELECT_ATTR_BAND_PREF:
1914 join_pref_params[i].type = BRCMF_JOIN_PREF_BAND;
1915 band = bss_select->param.band_pref;
1916 join_pref_params[i].band = nl80211_band_to_fwil(band);
1919 case NL80211_BSS_SELECT_ATTR_RSSI_ADJUST:
1920 join_pref_params[i].type = BRCMF_JOIN_PREF_RSSI_DELTA;
1921 band = bss_select->param.adjust.band;
1922 join_pref_params[i].band = nl80211_band_to_fwil(band);
1923 join_pref_params[i].rssi_gain = bss_select->param.adjust.delta;
1926 case NL80211_BSS_SELECT_ATTR_RSSI:
1930 join_pref_params[i].type = BRCMF_JOIN_PREF_RSSI;
1931 join_pref_params[i].len = 2;
1932 join_pref_params[i].rssi_gain = 0;
1933 join_pref_params[i].band = 0;
1934 err = brcmf_fil_iovar_data_set(ifp, "join_pref", join_pref_params,
1935 sizeof(join_pref_params));
1937 brcmf_err("Set join_pref error (%d)\n", err);
1941 brcmf_cfg80211_connect(struct wiphy *wiphy, struct net_device *ndev,
1942 struct cfg80211_connect_params *sme)
1944 struct brcmf_cfg80211_info *cfg = wiphy_to_cfg(wiphy);
1945 struct brcmf_if *ifp = netdev_priv(ndev);
1946 struct brcmf_cfg80211_profile *profile = &ifp->vif->profile;
1947 struct ieee80211_channel *chan = sme->channel;
1948 struct brcmf_join_params join_params;
1949 size_t join_params_size;
1950 const struct brcmf_tlv *rsn_ie;
1951 const struct brcmf_vs_tlv *wpa_ie;
1954 struct brcmf_ext_join_params_le *ext_join_params;
1959 brcmf_dbg(TRACE, "Enter\n");
1960 if (!check_vif_up(ifp->vif))
1964 brcmf_err("Invalid ssid\n");
1968 if (ifp->vif == cfg->p2p.bss_idx[P2PAPI_BSSCFG_PRIMARY].vif) {
1969 /* A normal (non P2P) connection request setup. */
1972 /* find the WPA_IE */
1973 wpa_ie = brcmf_find_wpaie((u8 *)sme->ie, sme->ie_len);
1976 ie_len = wpa_ie->len + TLV_HDR_LEN;
1978 /* find the RSN_IE */
1979 rsn_ie = brcmf_parse_tlvs((const u8 *)sme->ie,
1984 ie_len = rsn_ie->len + TLV_HDR_LEN;
1987 brcmf_fil_iovar_data_set(ifp, "wpaie", ie, ie_len);
1990 err = brcmf_vif_set_mgmt_ie(ifp->vif, BRCMF_VNDR_IE_ASSOCREQ_FLAG,
1991 sme->ie, sme->ie_len);
1993 brcmf_err("Set Assoc REQ IE Failed\n");
1995 brcmf_dbg(TRACE, "Applied Vndr IEs for Assoc request\n");
1997 set_bit(BRCMF_VIF_STATUS_CONNECTING, &ifp->vif->sme_state);
2001 ieee80211_frequency_to_channel(chan->center_freq);
2002 chanspec = channel_to_chanspec(&cfg->d11inf, chan);
2003 brcmf_dbg(CONN, "channel=%d, center_req=%d, chanspec=0x%04x\n",
2004 cfg->channel, chan->center_freq, chanspec);
2010 brcmf_dbg(INFO, "ie (%p), ie_len (%zd)\n", sme->ie, sme->ie_len);
2012 err = brcmf_set_wpa_version(ndev, sme);
2014 brcmf_err("wl_set_wpa_version failed (%d)\n", err);
2018 sme->auth_type = brcmf_war_auth_type(ifp, sme->auth_type);
2019 err = brcmf_set_auth_type(ndev, sme);
2021 brcmf_err("wl_set_auth_type failed (%d)\n", err);
2025 err = brcmf_set_wsec_mode(ndev, sme);
2027 brcmf_err("wl_set_set_cipher failed (%d)\n", err);
2031 err = brcmf_set_key_mgmt(ndev, sme);
2033 brcmf_err("wl_set_key_mgmt failed (%d)\n", err);
2037 err = brcmf_set_sharedkey(ndev, sme);
2039 brcmf_err("brcmf_set_sharedkey failed (%d)\n", err);
2043 if (sme->crypto.psk) {
2044 if (WARN_ON(profile->use_fwsup != BRCMF_PROFILE_FWSUP_NONE)) {
2048 brcmf_dbg(INFO, "using PSK offload\n");
2049 profile->use_fwsup = BRCMF_PROFILE_FWSUP_PSK;
2052 if (profile->use_fwsup != BRCMF_PROFILE_FWSUP_NONE) {
2053 /* enable firmware supplicant for this interface */
2054 err = brcmf_fil_iovar_int_set(ifp, "sup_wpa", 1);
2056 brcmf_err("failed to enable fw supplicant\n");
2061 if (profile->use_fwsup == BRCMF_PROFILE_FWSUP_PSK) {
2062 err = brcmf_set_pmk(ifp, sme->crypto.psk,
2063 BRCMF_WSEC_MAX_PSK_LEN);
2068 /* Join with specific BSSID and cached SSID
2069 * If SSID is zero join based on BSSID only
2071 join_params_size = offsetof(struct brcmf_ext_join_params_le, assoc_le) +
2072 offsetof(struct brcmf_assoc_params_le, chanspec_list);
2074 join_params_size += sizeof(u16);
2075 ext_join_params = kzalloc(join_params_size, GFP_KERNEL);
2076 if (ext_join_params == NULL) {
2080 ssid_len = min_t(u32, sme->ssid_len, IEEE80211_MAX_SSID_LEN);
2081 ext_join_params->ssid_le.SSID_len = cpu_to_le32(ssid_len);
2082 memcpy(&ext_join_params->ssid_le.SSID, sme->ssid, ssid_len);
2083 if (ssid_len < IEEE80211_MAX_SSID_LEN)
2084 brcmf_dbg(CONN, "SSID \"%s\", len (%d)\n",
2085 ext_join_params->ssid_le.SSID, ssid_len);
2087 /* Set up join scan parameters */
2088 ext_join_params->scan_le.scan_type = -1;
2089 ext_join_params->scan_le.home_time = cpu_to_le32(-1);
2092 memcpy(&ext_join_params->assoc_le.bssid, sme->bssid, ETH_ALEN);
2094 eth_broadcast_addr(ext_join_params->assoc_le.bssid);
2097 ext_join_params->assoc_le.chanspec_num = cpu_to_le32(1);
2099 ext_join_params->assoc_le.chanspec_list[0] =
2100 cpu_to_le16(chanspec);
2101 /* Increase dwell time to receive probe response or detect
2102 * beacon from target AP at a noisy air only during connect
2105 ext_join_params->scan_le.active_time =
2106 cpu_to_le32(BRCMF_SCAN_JOIN_ACTIVE_DWELL_TIME_MS);
2107 ext_join_params->scan_le.passive_time =
2108 cpu_to_le32(BRCMF_SCAN_JOIN_PASSIVE_DWELL_TIME_MS);
2109 /* To sync with presence period of VSDB GO send probe request
2110 * more frequently. Probe request will be stopped when it gets
2111 * probe response from target AP/GO.
2113 ext_join_params->scan_le.nprobes =
2114 cpu_to_le32(BRCMF_SCAN_JOIN_ACTIVE_DWELL_TIME_MS /
2115 BRCMF_SCAN_JOIN_PROBE_INTERVAL_MS);
2117 ext_join_params->scan_le.active_time = cpu_to_le32(-1);
2118 ext_join_params->scan_le.passive_time = cpu_to_le32(-1);
2119 ext_join_params->scan_le.nprobes = cpu_to_le32(-1);
2122 brcmf_set_join_pref(ifp, &sme->bss_select);
2124 err = brcmf_fil_bsscfg_data_set(ifp, "join", ext_join_params,
2126 kfree(ext_join_params);
2128 /* This is it. join command worked, we are done */
2131 /* join command failed, fallback to set ssid */
2132 memset(&join_params, 0, sizeof(join_params));
2133 join_params_size = sizeof(join_params.ssid_le);
2135 memcpy(&join_params.ssid_le.SSID, sme->ssid, ssid_len);
2136 join_params.ssid_le.SSID_len = cpu_to_le32(ssid_len);
2139 memcpy(join_params.params_le.bssid, sme->bssid, ETH_ALEN);
2141 eth_broadcast_addr(join_params.params_le.bssid);
2144 join_params.params_le.chanspec_list[0] = cpu_to_le16(chanspec);
2145 join_params.params_le.chanspec_num = cpu_to_le32(1);
2146 join_params_size += sizeof(join_params.params_le);
2148 err = brcmf_fil_cmd_data_set(ifp, BRCMF_C_SET_SSID,
2149 &join_params, join_params_size);
2151 brcmf_err("BRCMF_C_SET_SSID failed (%d)\n", err);
2155 clear_bit(BRCMF_VIF_STATUS_CONNECTING, &ifp->vif->sme_state);
2156 brcmf_dbg(TRACE, "Exit\n");
2161 brcmf_cfg80211_disconnect(struct wiphy *wiphy, struct net_device *ndev,
2164 struct brcmf_if *ifp = netdev_priv(ndev);
2165 struct brcmf_cfg80211_profile *profile = &ifp->vif->profile;
2166 struct brcmf_scb_val_le scbval;
2169 brcmf_dbg(TRACE, "Enter. Reason code = %d\n", reason_code);
2170 if (!check_vif_up(ifp->vif))
2173 clear_bit(BRCMF_VIF_STATUS_CONNECTED, &ifp->vif->sme_state);
2174 clear_bit(BRCMF_VIF_STATUS_CONNECTING, &ifp->vif->sme_state);
2175 cfg80211_disconnected(ndev, reason_code, NULL, 0, true, GFP_KERNEL);
2177 memcpy(&scbval.ea, &profile->bssid, ETH_ALEN);
2178 scbval.val = cpu_to_le32(reason_code);
2179 err = brcmf_fil_cmd_data_set(ifp, BRCMF_C_DISASSOC,
2180 &scbval, sizeof(scbval));
2182 brcmf_err("error (%d)\n", err);
2184 brcmf_dbg(TRACE, "Exit\n");
2189 brcmf_cfg80211_set_tx_power(struct wiphy *wiphy, struct wireless_dev *wdev,
2190 enum nl80211_tx_power_setting type, s32 mbm)
2192 struct brcmf_cfg80211_info *cfg = wiphy_to_cfg(wiphy);
2193 struct net_device *ndev = cfg_to_ndev(cfg);
2194 struct brcmf_if *ifp = netdev_priv(ndev);
2199 brcmf_dbg(TRACE, "Enter %d %d\n", type, mbm);
2200 if (!check_vif_up(ifp->vif))
2204 case NL80211_TX_POWER_AUTOMATIC:
2206 case NL80211_TX_POWER_LIMITED:
2207 case NL80211_TX_POWER_FIXED:
2209 brcmf_err("TX_POWER_FIXED - dbm is negative\n");
2213 qdbm = MBM_TO_DBM(4 * mbm);
2216 qdbm |= WL_TXPWR_OVERRIDE;
2219 brcmf_err("Unsupported type %d\n", type);
2223 /* Make sure radio is off or on as far as software is concerned */
2224 disable = WL_RADIO_SW_DISABLE << 16;
2225 err = brcmf_fil_cmd_int_set(ifp, BRCMF_C_SET_RADIO, disable);
2227 brcmf_err("WLC_SET_RADIO error (%d)\n", err);
2229 err = brcmf_fil_iovar_int_set(ifp, "qtxpower", qdbm);
2231 brcmf_err("qtxpower error (%d)\n", err);
2234 brcmf_dbg(TRACE, "Exit %d (qdbm)\n", qdbm & ~WL_TXPWR_OVERRIDE);
2239 brcmf_cfg80211_get_tx_power(struct wiphy *wiphy, struct wireless_dev *wdev,
2242 struct brcmf_cfg80211_info *cfg = wiphy_to_cfg(wiphy);
2243 struct net_device *ndev = cfg_to_ndev(cfg);
2244 struct brcmf_if *ifp = netdev_priv(ndev);
2248 brcmf_dbg(TRACE, "Enter\n");
2249 if (!check_vif_up(ifp->vif))
2252 err = brcmf_fil_iovar_int_get(ifp, "qtxpower", &qdbm);
2254 brcmf_err("error (%d)\n", err);
2257 *dbm = (qdbm & ~WL_TXPWR_OVERRIDE) / 4;
2260 brcmf_dbg(TRACE, "Exit (0x%x %d)\n", qdbm, *dbm);
2265 brcmf_cfg80211_config_default_key(struct wiphy *wiphy, struct net_device *ndev,
2266 u8 key_idx, bool unicast, bool multicast)
2268 struct brcmf_if *ifp = netdev_priv(ndev);
2273 brcmf_dbg(TRACE, "Enter\n");
2274 brcmf_dbg(CONN, "key index (%d)\n", key_idx);
2275 if (!check_vif_up(ifp->vif))
2278 err = brcmf_fil_bsscfg_int_get(ifp, "wsec", &wsec);
2280 brcmf_err("WLC_GET_WSEC error (%d)\n", err);
2284 if (wsec & WEP_ENABLED) {
2285 /* Just select a new current key */
2287 err = brcmf_fil_cmd_int_set(ifp,
2288 BRCMF_C_SET_KEY_PRIMARY, index);
2290 brcmf_err("error (%d)\n", err);
2293 brcmf_dbg(TRACE, "Exit\n");
2298 brcmf_cfg80211_del_key(struct wiphy *wiphy, struct net_device *ndev,
2299 u8 key_idx, bool pairwise, const u8 *mac_addr)
2301 struct brcmf_if *ifp = netdev_priv(ndev);
2302 struct brcmf_wsec_key *key;
2305 brcmf_dbg(TRACE, "Enter\n");
2306 brcmf_dbg(CONN, "key index (%d)\n", key_idx);
2308 if (!check_vif_up(ifp->vif))
2311 if (key_idx >= BRCMF_MAX_DEFAULT_KEYS) {
2312 /* we ignore this key index in this case */
2316 key = &ifp->vif->profile.key[key_idx];
2318 if (key->algo == CRYPTO_ALGO_OFF) {
2319 brcmf_dbg(CONN, "Ignore clearing of (never configured) key\n");
2323 memset(key, 0, sizeof(*key));
2324 key->index = (u32)key_idx;
2325 key->flags = BRCMF_PRIMARY_KEY;
2327 /* Clear the key/index */
2328 err = send_key_to_dongle(ifp, key);
2330 brcmf_dbg(TRACE, "Exit\n");
2335 brcmf_cfg80211_add_key(struct wiphy *wiphy, struct net_device *ndev,
2336 u8 key_idx, bool pairwise, const u8 *mac_addr,
2337 struct key_params *params)
2339 struct brcmf_if *ifp = netdev_priv(ndev);
2340 struct brcmf_wsec_key *key;
2347 brcmf_dbg(TRACE, "Enter\n");
2348 brcmf_dbg(CONN, "key index (%d)\n", key_idx);
2349 if (!check_vif_up(ifp->vif))
2352 if (key_idx >= BRCMF_MAX_DEFAULT_KEYS) {
2353 /* we ignore this key index in this case */
2354 brcmf_err("invalid key index (%d)\n", key_idx);
2358 if (params->key_len == 0)
2359 return brcmf_cfg80211_del_key(wiphy, ndev, key_idx, pairwise,
2362 if (params->key_len > sizeof(key->data)) {
2363 brcmf_err("Too long key length (%u)\n", params->key_len);
2368 if (mac_addr && (params->cipher != WLAN_CIPHER_SUITE_WEP40) &&
2369 (params->cipher != WLAN_CIPHER_SUITE_WEP104)) {
2370 brcmf_dbg(TRACE, "Ext key, mac %pM", mac_addr);
2374 key = &ifp->vif->profile.key[key_idx];
2375 memset(key, 0, sizeof(*key));
2376 if ((ext_key) && (!is_multicast_ether_addr(mac_addr)))
2377 memcpy((char *)&key->ea, (void *)mac_addr, ETH_ALEN);
2378 key->len = params->key_len;
2379 key->index = key_idx;
2380 memcpy(key->data, params->key, key->len);
2382 key->flags = BRCMF_PRIMARY_KEY;
2384 switch (params->cipher) {
2385 case WLAN_CIPHER_SUITE_WEP40:
2386 key->algo = CRYPTO_ALGO_WEP1;
2388 brcmf_dbg(CONN, "WLAN_CIPHER_SUITE_WEP40\n");
2390 case WLAN_CIPHER_SUITE_WEP104:
2391 key->algo = CRYPTO_ALGO_WEP128;
2393 brcmf_dbg(CONN, "WLAN_CIPHER_SUITE_WEP104\n");
2395 case WLAN_CIPHER_SUITE_TKIP:
2396 if (!brcmf_is_apmode(ifp->vif)) {
2397 brcmf_dbg(CONN, "Swapping RX/TX MIC key\n");
2398 memcpy(keybuf, &key->data[24], sizeof(keybuf));
2399 memcpy(&key->data[24], &key->data[16], sizeof(keybuf));
2400 memcpy(&key->data[16], keybuf, sizeof(keybuf));
2402 key->algo = CRYPTO_ALGO_TKIP;
2404 brcmf_dbg(CONN, "WLAN_CIPHER_SUITE_TKIP\n");
2406 case WLAN_CIPHER_SUITE_AES_CMAC:
2407 key->algo = CRYPTO_ALGO_AES_CCM;
2409 brcmf_dbg(CONN, "WLAN_CIPHER_SUITE_AES_CMAC\n");
2411 case WLAN_CIPHER_SUITE_CCMP:
2412 key->algo = CRYPTO_ALGO_AES_CCM;
2414 brcmf_dbg(CONN, "WLAN_CIPHER_SUITE_CCMP\n");
2417 brcmf_err("Invalid cipher (0x%x)\n", params->cipher);
2422 err = send_key_to_dongle(ifp, key);
2426 err = brcmf_fil_bsscfg_int_get(ifp, "wsec", &wsec);
2428 brcmf_err("get wsec error (%d)\n", err);
2432 err = brcmf_fil_bsscfg_int_set(ifp, "wsec", wsec);
2434 brcmf_err("set wsec error (%d)\n", err);
2439 brcmf_dbg(TRACE, "Exit\n");
2444 brcmf_cfg80211_get_key(struct wiphy *wiphy, struct net_device *ndev, u8 key_idx,
2445 bool pairwise, const u8 *mac_addr, void *cookie,
2446 void (*callback)(void *cookie,
2447 struct key_params *params))
2449 struct key_params params;
2450 struct brcmf_if *ifp = netdev_priv(ndev);
2451 struct brcmf_cfg80211_profile *profile = &ifp->vif->profile;
2452 struct brcmf_cfg80211_security *sec;
2456 brcmf_dbg(TRACE, "Enter\n");
2457 brcmf_dbg(CONN, "key index (%d)\n", key_idx);
2458 if (!check_vif_up(ifp->vif))
2461 memset(¶ms, 0, sizeof(params));
2463 err = brcmf_fil_bsscfg_int_get(ifp, "wsec", &wsec);
2465 brcmf_err("WLC_GET_WSEC error (%d)\n", err);
2466 /* Ignore this error, may happen during DISASSOC */
2470 if (wsec & WEP_ENABLED) {
2471 sec = &profile->sec;
2472 if (sec->cipher_pairwise & WLAN_CIPHER_SUITE_WEP40) {
2473 params.cipher = WLAN_CIPHER_SUITE_WEP40;
2474 brcmf_dbg(CONN, "WLAN_CIPHER_SUITE_WEP40\n");
2475 } else if (sec->cipher_pairwise & WLAN_CIPHER_SUITE_WEP104) {
2476 params.cipher = WLAN_CIPHER_SUITE_WEP104;
2477 brcmf_dbg(CONN, "WLAN_CIPHER_SUITE_WEP104\n");
2479 } else if (wsec & TKIP_ENABLED) {
2480 params.cipher = WLAN_CIPHER_SUITE_TKIP;
2481 brcmf_dbg(CONN, "WLAN_CIPHER_SUITE_TKIP\n");
2482 } else if (wsec & AES_ENABLED) {
2483 params.cipher = WLAN_CIPHER_SUITE_AES_CMAC;
2484 brcmf_dbg(CONN, "WLAN_CIPHER_SUITE_AES_CMAC\n");
2486 brcmf_err("Invalid algo (0x%x)\n", wsec);
2490 callback(cookie, ¶ms);
2493 brcmf_dbg(TRACE, "Exit\n");
2498 brcmf_cfg80211_config_default_mgmt_key(struct wiphy *wiphy,
2499 struct net_device *ndev, u8 key_idx)
2501 struct brcmf_if *ifp = netdev_priv(ndev);
2503 brcmf_dbg(TRACE, "Enter key_idx %d\n", key_idx);
2505 if (brcmf_feat_is_enabled(ifp, BRCMF_FEAT_MFP))
2508 brcmf_dbg(INFO, "Not supported\n");
2514 brcmf_cfg80211_reconfigure_wep(struct brcmf_if *ifp)
2518 struct brcmf_wsec_key *key;
2521 for (key_idx = 0; key_idx < BRCMF_MAX_DEFAULT_KEYS; key_idx++) {
2522 key = &ifp->vif->profile.key[key_idx];
2523 if ((key->algo == CRYPTO_ALGO_WEP1) ||
2524 (key->algo == CRYPTO_ALGO_WEP128))
2527 if (key_idx == BRCMF_MAX_DEFAULT_KEYS)
2530 err = send_key_to_dongle(ifp, key);
2532 brcmf_err("Setting WEP key failed (%d)\n", err);
2535 err = brcmf_fil_bsscfg_int_get(ifp, "wsec", &wsec);
2537 brcmf_err("get wsec error (%d)\n", err);
2540 wsec |= WEP_ENABLED;
2541 err = brcmf_fil_bsscfg_int_set(ifp, "wsec", wsec);
2543 brcmf_err("set wsec error (%d)\n", err);
2546 static void brcmf_convert_sta_flags(u32 fw_sta_flags, struct station_info *si)
2548 struct nl80211_sta_flag_update *sfu;
2550 brcmf_dbg(TRACE, "flags %08x\n", fw_sta_flags);
2551 si->filled |= BIT(NL80211_STA_INFO_STA_FLAGS);
2552 sfu = &si->sta_flags;
2553 sfu->mask = BIT(NL80211_STA_FLAG_WME) |
2554 BIT(NL80211_STA_FLAG_AUTHENTICATED) |
2555 BIT(NL80211_STA_FLAG_ASSOCIATED) |
2556 BIT(NL80211_STA_FLAG_AUTHORIZED);
2557 if (fw_sta_flags & BRCMF_STA_WME)
2558 sfu->set |= BIT(NL80211_STA_FLAG_WME);
2559 if (fw_sta_flags & BRCMF_STA_AUTHE)
2560 sfu->set |= BIT(NL80211_STA_FLAG_AUTHENTICATED);
2561 if (fw_sta_flags & BRCMF_STA_ASSOC)
2562 sfu->set |= BIT(NL80211_STA_FLAG_ASSOCIATED);
2563 if (fw_sta_flags & BRCMF_STA_AUTHO)
2564 sfu->set |= BIT(NL80211_STA_FLAG_AUTHORIZED);
2567 static void brcmf_fill_bss_param(struct brcmf_if *ifp, struct station_info *si)
2571 struct brcmf_bss_info_le bss_le;
2576 buf = kzalloc(WL_BSS_INFO_MAX, GFP_KERNEL);
2580 buf->len = cpu_to_le32(WL_BSS_INFO_MAX);
2581 err = brcmf_fil_cmd_data_get(ifp, BRCMF_C_GET_BSS_INFO, buf,
2584 brcmf_err("Failed to get bss info (%d)\n", err);
2587 si->filled |= BIT(NL80211_STA_INFO_BSS_PARAM);
2588 si->bss_param.beacon_interval = le16_to_cpu(buf->bss_le.beacon_period);
2589 si->bss_param.dtim_period = buf->bss_le.dtim_period;
2590 capability = le16_to_cpu(buf->bss_le.capability);
2591 if (capability & IEEE80211_HT_STBC_PARAM_DUAL_CTS_PROT)
2592 si->bss_param.flags |= BSS_PARAM_FLAGS_CTS_PROT;
2593 if (capability & WLAN_CAPABILITY_SHORT_PREAMBLE)
2594 si->bss_param.flags |= BSS_PARAM_FLAGS_SHORT_PREAMBLE;
2595 if (capability & WLAN_CAPABILITY_SHORT_SLOT_TIME)
2596 si->bss_param.flags |= BSS_PARAM_FLAGS_SHORT_SLOT_TIME;
2603 brcmf_cfg80211_get_station_ibss(struct brcmf_if *ifp,
2604 struct station_info *sinfo)
2606 struct brcmf_scb_val_le scbval;
2607 struct brcmf_pktcnt_le pktcnt;
2612 /* Get the current tx rate */
2613 err = brcmf_fil_cmd_int_get(ifp, BRCMF_C_GET_RATE, &rate);
2615 brcmf_err("BRCMF_C_GET_RATE error (%d)\n", err);
2618 sinfo->filled |= BIT(NL80211_STA_INFO_TX_BITRATE);
2619 sinfo->txrate.legacy = rate * 5;
2621 memset(&scbval, 0, sizeof(scbval));
2622 err = brcmf_fil_cmd_data_get(ifp, BRCMF_C_GET_RSSI, &scbval,
2625 brcmf_err("BRCMF_C_GET_RSSI error (%d)\n", err);
2628 rssi = le32_to_cpu(scbval.val);
2629 sinfo->filled |= BIT(NL80211_STA_INFO_SIGNAL);
2630 sinfo->signal = rssi;
2632 err = brcmf_fil_cmd_data_get(ifp, BRCMF_C_GET_GET_PKTCNTS, &pktcnt,
2635 brcmf_err("BRCMF_C_GET_GET_PKTCNTS error (%d)\n", err);
2638 sinfo->filled |= BIT(NL80211_STA_INFO_RX_PACKETS) |
2639 BIT(NL80211_STA_INFO_RX_DROP_MISC) |
2640 BIT(NL80211_STA_INFO_TX_PACKETS) |
2641 BIT(NL80211_STA_INFO_TX_FAILED);
2642 sinfo->rx_packets = le32_to_cpu(pktcnt.rx_good_pkt);
2643 sinfo->rx_dropped_misc = le32_to_cpu(pktcnt.rx_bad_pkt);
2644 sinfo->tx_packets = le32_to_cpu(pktcnt.tx_good_pkt);
2645 sinfo->tx_failed = le32_to_cpu(pktcnt.tx_bad_pkt);
2651 brcmf_cfg80211_get_station(struct wiphy *wiphy, struct net_device *ndev,
2652 const u8 *mac, struct station_info *sinfo)
2654 struct brcmf_if *ifp = netdev_priv(ndev);
2655 struct brcmf_scb_val_le scb_val;
2657 struct brcmf_sta_info_le sta_info_le;
2665 brcmf_dbg(TRACE, "Enter, MAC %pM\n", mac);
2666 if (!check_vif_up(ifp->vif))
2669 if (brcmf_is_ibssmode(ifp->vif))
2670 return brcmf_cfg80211_get_station_ibss(ifp, sinfo);
2672 memset(&sta_info_le, 0, sizeof(sta_info_le));
2673 memcpy(&sta_info_le, mac, ETH_ALEN);
2674 err = brcmf_fil_iovar_data_get(ifp, "tdls_sta_info",
2676 sizeof(sta_info_le));
2677 is_tdls_peer = !err;
2679 err = brcmf_fil_iovar_data_get(ifp, "sta_info",
2681 sizeof(sta_info_le));
2683 brcmf_err("GET STA INFO failed, %d\n", err);
2687 brcmf_dbg(TRACE, "version %d\n", le16_to_cpu(sta_info_le.ver));
2688 sinfo->filled = BIT(NL80211_STA_INFO_INACTIVE_TIME);
2689 sinfo->inactive_time = le32_to_cpu(sta_info_le.idle) * 1000;
2690 sta_flags = le32_to_cpu(sta_info_le.flags);
2691 brcmf_convert_sta_flags(sta_flags, sinfo);
2692 sinfo->sta_flags.mask |= BIT(NL80211_STA_FLAG_TDLS_PEER);
2694 sinfo->sta_flags.set |= BIT(NL80211_STA_FLAG_TDLS_PEER);
2696 sinfo->sta_flags.set &= ~BIT(NL80211_STA_FLAG_TDLS_PEER);
2697 if (sta_flags & BRCMF_STA_ASSOC) {
2698 sinfo->filled |= BIT(NL80211_STA_INFO_CONNECTED_TIME);
2699 sinfo->connected_time = le32_to_cpu(sta_info_le.in);
2700 brcmf_fill_bss_param(ifp, sinfo);
2702 if (sta_flags & BRCMF_STA_SCBSTATS) {
2703 sinfo->filled |= BIT(NL80211_STA_INFO_TX_FAILED);
2704 sinfo->tx_failed = le32_to_cpu(sta_info_le.tx_failures);
2705 sinfo->filled |= BIT(NL80211_STA_INFO_TX_PACKETS);
2706 sinfo->tx_packets = le32_to_cpu(sta_info_le.tx_pkts);
2707 sinfo->tx_packets += le32_to_cpu(sta_info_le.tx_mcast_pkts);
2708 sinfo->filled |= BIT(NL80211_STA_INFO_RX_PACKETS);
2709 sinfo->rx_packets = le32_to_cpu(sta_info_le.rx_ucast_pkts);
2710 sinfo->rx_packets += le32_to_cpu(sta_info_le.rx_mcast_pkts);
2711 if (sinfo->tx_packets) {
2712 sinfo->filled |= BIT(NL80211_STA_INFO_TX_BITRATE);
2713 sinfo->txrate.legacy =
2714 le32_to_cpu(sta_info_le.tx_rate) / 100;
2716 if (sinfo->rx_packets) {
2717 sinfo->filled |= BIT(NL80211_STA_INFO_RX_BITRATE);
2718 sinfo->rxrate.legacy =
2719 le32_to_cpu(sta_info_le.rx_rate) / 100;
2721 if (le16_to_cpu(sta_info_le.ver) >= 4) {
2722 sinfo->filled |= BIT(NL80211_STA_INFO_TX_BYTES);
2723 sinfo->tx_bytes = le64_to_cpu(sta_info_le.tx_tot_bytes);
2724 sinfo->filled |= BIT(NL80211_STA_INFO_RX_BYTES);
2725 sinfo->rx_bytes = le64_to_cpu(sta_info_le.rx_tot_bytes);
2729 for (i = 0; i < BRCMF_ANT_MAX; i++) {
2730 if (sta_info_le.rssi[i]) {
2731 sinfo->chain_signal_avg[count_rssi] =
2732 sta_info_le.rssi[i];
2733 sinfo->chain_signal[count_rssi] =
2734 sta_info_le.rssi[i];
2735 total_rssi += sta_info_le.rssi[i];
2740 sinfo->filled |= BIT(NL80211_STA_INFO_CHAIN_SIGNAL);
2741 sinfo->chains = count_rssi;
2743 sinfo->filled |= BIT(NL80211_STA_INFO_SIGNAL);
2744 total_rssi /= count_rssi;
2745 sinfo->signal = total_rssi;
2746 } else if (test_bit(BRCMF_VIF_STATUS_CONNECTED,
2747 &ifp->vif->sme_state)) {
2748 memset(&scb_val, 0, sizeof(scb_val));
2749 err = brcmf_fil_cmd_data_get(ifp, BRCMF_C_GET_RSSI,
2750 &scb_val, sizeof(scb_val));
2752 brcmf_err("Could not get rssi (%d)\n", err);
2755 rssi = le32_to_cpu(scb_val.val);
2756 sinfo->filled |= BIT(NL80211_STA_INFO_SIGNAL);
2757 sinfo->signal = rssi;
2758 brcmf_dbg(CONN, "RSSI %d dBm\n", rssi);
2763 brcmf_dbg(TRACE, "Exit\n");
2768 brcmf_cfg80211_dump_station(struct wiphy *wiphy, struct net_device *ndev,
2769 int idx, u8 *mac, struct station_info *sinfo)
2771 struct brcmf_cfg80211_info *cfg = wiphy_to_cfg(wiphy);
2772 struct brcmf_if *ifp = netdev_priv(ndev);
2775 brcmf_dbg(TRACE, "Enter, idx %d\n", idx);
2778 cfg->assoclist.count = cpu_to_le32(BRCMF_MAX_ASSOCLIST);
2779 err = brcmf_fil_cmd_data_get(ifp, BRCMF_C_GET_ASSOCLIST,
2781 sizeof(cfg->assoclist));
2783 brcmf_err("BRCMF_C_GET_ASSOCLIST unsupported, err=%d\n",
2785 cfg->assoclist.count = 0;
2789 if (idx < le32_to_cpu(cfg->assoclist.count)) {
2790 memcpy(mac, cfg->assoclist.mac[idx], ETH_ALEN);
2791 return brcmf_cfg80211_get_station(wiphy, ndev, mac, sinfo);
2797 brcmf_cfg80211_set_power_mgmt(struct wiphy *wiphy, struct net_device *ndev,
2798 bool enabled, s32 timeout)
2802 struct brcmf_cfg80211_info *cfg = wiphy_to_cfg(wiphy);
2803 struct brcmf_if *ifp = netdev_priv(ndev);
2805 brcmf_dbg(TRACE, "Enter\n");
2808 * Powersave enable/disable request is coming from the
2809 * cfg80211 even before the interface is up. In that
2810 * scenario, driver will be storing the power save
2811 * preference in cfg struct to apply this to
2812 * FW later while initializing the dongle
2814 cfg->pwr_save = enabled;
2815 if (!check_vif_up(ifp->vif)) {
2817 brcmf_dbg(INFO, "Device is not ready, storing the value in cfg_info struct\n");
2821 pm = enabled ? PM_FAST : PM_OFF;
2822 /* Do not enable the power save after assoc if it is a p2p interface */
2823 if (ifp->vif->wdev.iftype == NL80211_IFTYPE_P2P_CLIENT) {
2824 brcmf_dbg(INFO, "Do not enable power save for P2P clients\n");
2827 brcmf_dbg(INFO, "power save %s\n", (pm ? "enabled" : "disabled"));
2829 err = brcmf_fil_cmd_int_set(ifp, BRCMF_C_SET_PM, pm);
2832 brcmf_err("net_device is not ready yet\n");
2834 brcmf_err("error (%d)\n", err);
2837 brcmf_dbg(TRACE, "Exit\n");
2841 static s32 brcmf_inform_single_bss(struct brcmf_cfg80211_info *cfg,
2842 struct brcmf_bss_info_le *bi)
2844 struct wiphy *wiphy = cfg_to_wiphy(cfg);
2845 struct ieee80211_channel *notify_channel;
2846 struct cfg80211_bss *bss;
2847 struct ieee80211_supported_band *band;
2848 struct brcmu_chan ch;
2851 u16 notify_capability;
2852 u16 notify_interval;
2854 size_t notify_ielen;
2857 if (le32_to_cpu(bi->length) > WL_BSS_INFO_MAX) {
2858 brcmf_err("Bss info is larger than buffer. Discarding\n");
2863 ch.chspec = le16_to_cpu(bi->chanspec);
2864 cfg->d11inf.decchspec(&ch);
2865 bi->ctl_ch = ch.control_ch_num;
2867 channel = bi->ctl_ch;
2869 if (channel <= CH_MAX_2G_CHANNEL)
2870 band = wiphy->bands[NL80211_BAND_2GHZ];
2872 band = wiphy->bands[NL80211_BAND_5GHZ];
2874 freq = ieee80211_channel_to_frequency(channel, band->band);
2875 notify_channel = ieee80211_get_channel(wiphy, freq);
2877 notify_capability = le16_to_cpu(bi->capability);
2878 notify_interval = le16_to_cpu(bi->beacon_period);
2879 notify_ie = (u8 *)bi + le16_to_cpu(bi->ie_offset);
2880 notify_ielen = le32_to_cpu(bi->ie_length);
2881 notify_signal = (s16)le16_to_cpu(bi->RSSI) * 100;
2883 brcmf_dbg(CONN, "bssid: %pM\n", bi->BSSID);
2884 brcmf_dbg(CONN, "Channel: %d(%d)\n", channel, freq);
2885 brcmf_dbg(CONN, "Capability: %X\n", notify_capability);
2886 brcmf_dbg(CONN, "Beacon interval: %d\n", notify_interval);
2887 brcmf_dbg(CONN, "Signal: %d\n", notify_signal);
2889 bss = cfg80211_inform_bss(wiphy, notify_channel,
2890 CFG80211_BSS_FTYPE_UNKNOWN,
2891 (const u8 *)bi->BSSID,
2892 0, notify_capability,
2893 notify_interval, notify_ie,
2894 notify_ielen, notify_signal,
2900 cfg80211_put_bss(wiphy, bss);
2905 static struct brcmf_bss_info_le *
2906 next_bss_le(struct brcmf_scan_results *list, struct brcmf_bss_info_le *bss)
2909 return list->bss_info_le;
2910 return (struct brcmf_bss_info_le *)((unsigned long)bss +
2911 le32_to_cpu(bss->length));
2914 static s32 brcmf_inform_bss(struct brcmf_cfg80211_info *cfg)
2916 struct brcmf_scan_results *bss_list;
2917 struct brcmf_bss_info_le *bi = NULL; /* must be initialized */
2921 bss_list = (struct brcmf_scan_results *)cfg->escan_info.escan_buf;
2922 if (bss_list->count != 0 &&
2923 bss_list->version != BRCMF_BSS_INFO_VERSION) {
2924 brcmf_err("Version %d != WL_BSS_INFO_VERSION\n",
2928 brcmf_dbg(SCAN, "scanned AP count (%d)\n", bss_list->count);
2929 for (i = 0; i < bss_list->count; i++) {
2930 bi = next_bss_le(bss_list, bi);
2931 err = brcmf_inform_single_bss(cfg, bi);
2938 static s32 brcmf_inform_ibss(struct brcmf_cfg80211_info *cfg,
2939 struct net_device *ndev, const u8 *bssid)
2941 struct wiphy *wiphy = cfg_to_wiphy(cfg);
2942 struct ieee80211_channel *notify_channel;
2943 struct brcmf_bss_info_le *bi = NULL;
2944 struct ieee80211_supported_band *band;
2945 struct cfg80211_bss *bss;
2946 struct brcmu_chan ch;
2950 u16 notify_capability;
2951 u16 notify_interval;
2953 size_t notify_ielen;
2956 brcmf_dbg(TRACE, "Enter\n");
2958 buf = kzalloc(WL_BSS_INFO_MAX, GFP_KERNEL);
2964 *(__le32 *)buf = cpu_to_le32(WL_BSS_INFO_MAX);
2966 err = brcmf_fil_cmd_data_get(netdev_priv(ndev), BRCMF_C_GET_BSS_INFO,
2967 buf, WL_BSS_INFO_MAX);
2969 brcmf_err("WLC_GET_BSS_INFO failed: %d\n", err);
2973 bi = (struct brcmf_bss_info_le *)(buf + 4);
2975 ch.chspec = le16_to_cpu(bi->chanspec);
2976 cfg->d11inf.decchspec(&ch);
2978 if (ch.band == BRCMU_CHAN_BAND_2G)
2979 band = wiphy->bands[NL80211_BAND_2GHZ];
2981 band = wiphy->bands[NL80211_BAND_5GHZ];
2983 freq = ieee80211_channel_to_frequency(ch.control_ch_num, band->band);
2984 cfg->channel = freq;
2985 notify_channel = ieee80211_get_channel(wiphy, freq);
2987 notify_capability = le16_to_cpu(bi->capability);
2988 notify_interval = le16_to_cpu(bi->beacon_period);
2989 notify_ie = (u8 *)bi + le16_to_cpu(bi->ie_offset);
2990 notify_ielen = le32_to_cpu(bi->ie_length);
2991 notify_signal = (s16)le16_to_cpu(bi->RSSI) * 100;
2993 brcmf_dbg(CONN, "channel: %d(%d)\n", ch.control_ch_num, freq);
2994 brcmf_dbg(CONN, "capability: %X\n", notify_capability);
2995 brcmf_dbg(CONN, "beacon interval: %d\n", notify_interval);
2996 brcmf_dbg(CONN, "signal: %d\n", notify_signal);
2998 bss = cfg80211_inform_bss(wiphy, notify_channel,
2999 CFG80211_BSS_FTYPE_UNKNOWN, bssid, 0,
3000 notify_capability, notify_interval,
3001 notify_ie, notify_ielen, notify_signal,
3009 cfg80211_put_bss(wiphy, bss);
3015 brcmf_dbg(TRACE, "Exit\n");
3020 static s32 brcmf_update_bss_info(struct brcmf_cfg80211_info *cfg,
3021 struct brcmf_if *ifp)
3023 struct brcmf_bss_info_le *bi;
3024 const struct brcmf_tlv *tim;
3025 u16 beacon_interval;
3031 brcmf_dbg(TRACE, "Enter\n");
3032 if (brcmf_is_ibssmode(ifp->vif))
3035 *(__le32 *)cfg->extra_buf = cpu_to_le32(WL_EXTRA_BUF_MAX);
3036 err = brcmf_fil_cmd_data_get(ifp, BRCMF_C_GET_BSS_INFO,
3037 cfg->extra_buf, WL_EXTRA_BUF_MAX);
3039 brcmf_err("Could not get bss info %d\n", err);
3040 goto update_bss_info_out;
3043 bi = (struct brcmf_bss_info_le *)(cfg->extra_buf + 4);
3044 err = brcmf_inform_single_bss(cfg, bi);
3046 goto update_bss_info_out;
3048 ie = ((u8 *)bi) + le16_to_cpu(bi->ie_offset);
3049 ie_len = le32_to_cpu(bi->ie_length);
3050 beacon_interval = le16_to_cpu(bi->beacon_period);
3052 tim = brcmf_parse_tlvs(ie, ie_len, WLAN_EID_TIM);
3054 dtim_period = tim->data[1];
3057 * active scan was done so we could not get dtim
3058 * information out of probe response.
3059 * so we speficially query dtim information to dongle.
3062 err = brcmf_fil_iovar_int_get(ifp, "dtim_assoc", &var);
3064 brcmf_err("wl dtim_assoc failed (%d)\n", err);
3065 goto update_bss_info_out;
3067 dtim_period = (u8)var;
3070 update_bss_info_out:
3071 brcmf_dbg(TRACE, "Exit");
3075 void brcmf_abort_scanning(struct brcmf_cfg80211_info *cfg)
3077 struct escan_info *escan = &cfg->escan_info;
3079 set_bit(BRCMF_SCAN_STATUS_ABORT, &cfg->scan_status);
3080 if (cfg->int_escan_map || cfg->scan_request) {
3081 escan->escan_state = WL_ESCAN_STATE_IDLE;
3082 brcmf_notify_escan_complete(cfg, escan->ifp, true, true);
3084 clear_bit(BRCMF_SCAN_STATUS_BUSY, &cfg->scan_status);
3085 clear_bit(BRCMF_SCAN_STATUS_ABORT, &cfg->scan_status);
3088 static void brcmf_cfg80211_escan_timeout_worker(struct work_struct *work)
3090 struct brcmf_cfg80211_info *cfg =
3091 container_of(work, struct brcmf_cfg80211_info,
3092 escan_timeout_work);
3094 brcmf_inform_bss(cfg);
3095 brcmf_notify_escan_complete(cfg, cfg->escan_info.ifp, true, true);
3098 static void brcmf_escan_timeout(unsigned long data)
3100 struct brcmf_cfg80211_info *cfg =
3101 (struct brcmf_cfg80211_info *)data;
3103 if (cfg->int_escan_map || cfg->scan_request) {
3104 brcmf_err("timer expired\n");
3105 schedule_work(&cfg->escan_timeout_work);
3110 brcmf_compare_update_same_bss(struct brcmf_cfg80211_info *cfg,
3111 struct brcmf_bss_info_le *bss,
3112 struct brcmf_bss_info_le *bss_info_le)
3114 struct brcmu_chan ch_bss, ch_bss_info_le;
3116 ch_bss.chspec = le16_to_cpu(bss->chanspec);
3117 cfg->d11inf.decchspec(&ch_bss);
3118 ch_bss_info_le.chspec = le16_to_cpu(bss_info_le->chanspec);
3119 cfg->d11inf.decchspec(&ch_bss_info_le);
3121 if (!memcmp(&bss_info_le->BSSID, &bss->BSSID, ETH_ALEN) &&
3122 ch_bss.band == ch_bss_info_le.band &&
3123 bss_info_le->SSID_len == bss->SSID_len &&
3124 !memcmp(bss_info_le->SSID, bss->SSID, bss_info_le->SSID_len)) {
3125 if ((bss->flags & BRCMF_BSS_RSSI_ON_CHANNEL) ==
3126 (bss_info_le->flags & BRCMF_BSS_RSSI_ON_CHANNEL)) {
3127 s16 bss_rssi = le16_to_cpu(bss->RSSI);
3128 s16 bss_info_rssi = le16_to_cpu(bss_info_le->RSSI);
3130 /* preserve max RSSI if the measurements are
3131 * both on-channel or both off-channel
3133 if (bss_info_rssi > bss_rssi)
3134 bss->RSSI = bss_info_le->RSSI;
3135 } else if ((bss->flags & BRCMF_BSS_RSSI_ON_CHANNEL) &&
3136 (bss_info_le->flags & BRCMF_BSS_RSSI_ON_CHANNEL) == 0) {
3137 /* preserve the on-channel rssi measurement
3138 * if the new measurement is off channel
3140 bss->RSSI = bss_info_le->RSSI;
3141 bss->flags |= BRCMF_BSS_RSSI_ON_CHANNEL;
3149 brcmf_cfg80211_escan_handler(struct brcmf_if *ifp,
3150 const struct brcmf_event_msg *e, void *data)
3152 struct brcmf_cfg80211_info *cfg = ifp->drvr->config;
3154 struct brcmf_escan_result_le *escan_result_le;
3156 struct brcmf_bss_info_le *bss_info_le;
3157 struct brcmf_bss_info_le *bss = NULL;
3159 struct brcmf_scan_results *list;
3165 if (status == BRCMF_E_STATUS_ABORT)
3168 if (!test_bit(BRCMF_SCAN_STATUS_BUSY, &cfg->scan_status)) {
3169 brcmf_err("scan not ready, bsscfgidx=%d\n", ifp->bsscfgidx);
3173 if (status == BRCMF_E_STATUS_PARTIAL) {
3174 brcmf_dbg(SCAN, "ESCAN Partial result\n");
3175 if (e->datalen < sizeof(*escan_result_le)) {
3176 brcmf_err("invalid event data length\n");
3179 escan_result_le = (struct brcmf_escan_result_le *) data;
3180 if (!escan_result_le) {
3181 brcmf_err("Invalid escan result (NULL pointer)\n");
3184 escan_buflen = le32_to_cpu(escan_result_le->buflen);
3185 if (escan_buflen > BRCMF_ESCAN_BUF_SIZE ||
3186 escan_buflen > e->datalen ||
3187 escan_buflen < sizeof(*escan_result_le)) {
3188 brcmf_err("Invalid escan buffer length: %d\n",
3192 if (le16_to_cpu(escan_result_le->bss_count) != 1) {
3193 brcmf_err("Invalid bss_count %d: ignoring\n",
3194 escan_result_le->bss_count);
3197 bss_info_le = &escan_result_le->bss_info_le;
3199 if (brcmf_p2p_scan_finding_common_channel(cfg, bss_info_le))
3202 if (!cfg->int_escan_map && !cfg->scan_request) {
3203 brcmf_dbg(SCAN, "result without cfg80211 request\n");
3207 bi_length = le32_to_cpu(bss_info_le->length);
3208 if (bi_length != escan_buflen - WL_ESCAN_RESULTS_FIXED_SIZE) {
3209 brcmf_err("Ignoring invalid bss_info length: %d\n",
3214 if (!(cfg_to_wiphy(cfg)->interface_modes &
3215 BIT(NL80211_IFTYPE_ADHOC))) {
3216 if (le16_to_cpu(bss_info_le->capability) &
3217 WLAN_CAPABILITY_IBSS) {
3218 brcmf_err("Ignoring IBSS result\n");
3223 list = (struct brcmf_scan_results *)
3224 cfg->escan_info.escan_buf;
3225 if (bi_length > BRCMF_ESCAN_BUF_SIZE - list->buflen) {
3226 brcmf_err("Buffer is too small: ignoring\n");
3230 for (i = 0; i < list->count; i++) {
3231 bss = bss ? (struct brcmf_bss_info_le *)
3232 ((unsigned char *)bss +
3233 le32_to_cpu(bss->length)) : list->bss_info_le;
3234 if (brcmf_compare_update_same_bss(cfg, bss,
3238 memcpy(&cfg->escan_info.escan_buf[list->buflen], bss_info_le,
3240 list->version = le32_to_cpu(bss_info_le->version);
3241 list->buflen += bi_length;
3244 cfg->escan_info.escan_state = WL_ESCAN_STATE_IDLE;
3245 if (brcmf_p2p_scan_finding_common_channel(cfg, NULL))
3247 if (cfg->int_escan_map || cfg->scan_request) {
3248 brcmf_inform_bss(cfg);
3249 aborted = status != BRCMF_E_STATUS_SUCCESS;
3250 brcmf_notify_escan_complete(cfg, ifp, aborted, false);
3252 brcmf_dbg(SCAN, "Ignored scan complete result 0x%x\n",
3259 static void brcmf_init_escan(struct brcmf_cfg80211_info *cfg)
3261 brcmf_fweh_register(cfg->pub, BRCMF_E_ESCAN_RESULT,
3262 brcmf_cfg80211_escan_handler);
3263 cfg->escan_info.escan_state = WL_ESCAN_STATE_IDLE;
3264 /* Init scan_timeout timer */
3265 init_timer(&cfg->escan_timeout);
3266 cfg->escan_timeout.data = (unsigned long) cfg;
3267 cfg->escan_timeout.function = brcmf_escan_timeout;
3268 INIT_WORK(&cfg->escan_timeout_work,
3269 brcmf_cfg80211_escan_timeout_worker);
3272 static struct cfg80211_scan_request *
3273 brcmf_alloc_internal_escan_request(struct wiphy *wiphy, u32 n_netinfo) {
3274 struct cfg80211_scan_request *req;
3277 req_size = sizeof(*req) +
3278 n_netinfo * sizeof(req->channels[0]) +
3279 n_netinfo * sizeof(*req->ssids);
3281 req = kzalloc(req_size, GFP_KERNEL);
3284 req->ssids = (void *)(&req->channels[0]) +
3285 n_netinfo * sizeof(req->channels[0]);
3290 static int brcmf_internal_escan_add_info(struct cfg80211_scan_request *req,
3291 u8 *ssid, u8 ssid_len, u8 channel)
3293 struct ieee80211_channel *chan;
3294 enum nl80211_band band;
3297 if (channel <= CH_MAX_2G_CHANNEL)
3298 band = NL80211_BAND_2GHZ;
3300 band = NL80211_BAND_5GHZ;
3302 freq = ieee80211_channel_to_frequency(channel, band);
3306 chan = ieee80211_get_channel(req->wiphy, freq);
3310 for (i = 0; i < req->n_channels; i++) {
3311 if (req->channels[i] == chan)
3314 if (i == req->n_channels)
3315 req->channels[req->n_channels++] = chan;
3317 for (i = 0; i < req->n_ssids; i++) {
3318 if (req->ssids[i].ssid_len == ssid_len &&
3319 !memcmp(req->ssids[i].ssid, ssid, ssid_len))
3322 if (i == req->n_ssids) {
3323 memcpy(req->ssids[req->n_ssids].ssid, ssid, ssid_len);
3324 req->ssids[req->n_ssids++].ssid_len = ssid_len;
3329 static int brcmf_start_internal_escan(struct brcmf_if *ifp, u32 fwmap,
3330 struct cfg80211_scan_request *request)
3332 struct brcmf_cfg80211_info *cfg = ifp->drvr->config;
3335 if (test_bit(BRCMF_SCAN_STATUS_BUSY, &cfg->scan_status)) {
3336 if (cfg->int_escan_map)
3337 brcmf_dbg(SCAN, "aborting internal scan: map=%u\n",
3338 cfg->int_escan_map);
3339 /* Abort any on-going scan */
3340 brcmf_abort_scanning(cfg);
3343 brcmf_dbg(SCAN, "start internal scan: map=%u\n", fwmap);
3344 set_bit(BRCMF_SCAN_STATUS_BUSY, &cfg->scan_status);
3345 cfg->escan_info.run = brcmf_run_escan;
3346 err = brcmf_do_escan(ifp, request);
3348 clear_bit(BRCMF_SCAN_STATUS_BUSY, &cfg->scan_status);
3351 cfg->int_escan_map = fwmap;
3355 static struct brcmf_pno_net_info_le *
3356 brcmf_get_netinfo_array(struct brcmf_pno_scanresults_le *pfn_v1)
3358 struct brcmf_pno_scanresults_v2_le *pfn_v2;
3359 struct brcmf_pno_net_info_le *netinfo;
3361 switch (pfn_v1->version) {
3365 case cpu_to_le32(1):
3366 netinfo = (struct brcmf_pno_net_info_le *)(pfn_v1 + 1);
3368 case cpu_to_le32(2):
3369 pfn_v2 = (struct brcmf_pno_scanresults_v2_le *)pfn_v1;
3370 netinfo = (struct brcmf_pno_net_info_le *)(pfn_v2 + 1);
3377 /* PFN result doesn't have all the info which are required by the supplicant
3378 * (For e.g IEs) Do a target Escan so that sched scan results are reported
3379 * via wl_inform_single_bss in the required format. Escan does require the
3380 * scan request in the form of cfg80211_scan_request. For timebeing, create
3381 * cfg80211_scan_request one out of the received PNO event.
3384 brcmf_notify_sched_scan_results(struct brcmf_if *ifp,
3385 const struct brcmf_event_msg *e, void *data)
3387 struct brcmf_cfg80211_info *cfg = ifp->drvr->config;
3388 struct brcmf_pno_net_info_le *netinfo, *netinfo_start;
3389 struct cfg80211_scan_request *request = NULL;
3390 struct wiphy *wiphy = cfg_to_wiphy(cfg);
3392 struct brcmf_pno_scanresults_le *pfn_result;
3398 brcmf_dbg(SCAN, "Enter\n");
3400 if (e->datalen < (sizeof(*pfn_result) + sizeof(*netinfo))) {
3401 brcmf_dbg(SCAN, "Event data to small. Ignore\n");
3405 if (e->event_code == BRCMF_E_PFN_NET_LOST) {
3406 brcmf_dbg(SCAN, "PFN NET LOST event. Do Nothing\n");
3410 pfn_result = (struct brcmf_pno_scanresults_le *)data;
3411 result_count = le32_to_cpu(pfn_result->count);
3412 status = le32_to_cpu(pfn_result->status);
3414 /* PFN event is limited to fit 512 bytes so we may get
3415 * multiple NET_FOUND events. For now place a warning here.
3417 WARN_ON(status != BRCMF_PNO_SCAN_COMPLETE);
3418 brcmf_dbg(SCAN, "PFN NET FOUND event. count: %d\n", result_count);
3419 if (!result_count) {
3420 brcmf_err("FALSE PNO Event. (pfn_count == 0)\n");
3424 netinfo_start = brcmf_get_netinfo_array(pfn_result);
3425 datalen = e->datalen - ((void *)netinfo_start - (void *)pfn_result);
3426 if (datalen < result_count * sizeof(*netinfo)) {
3427 brcmf_err("insufficient event data\n");
3431 request = brcmf_alloc_internal_escan_request(wiphy,
3439 for (i = 0; i < result_count; i++) {
3440 netinfo = &netinfo_start[i];
3442 if (netinfo->SSID_len > IEEE80211_MAX_SSID_LEN)
3443 netinfo->SSID_len = IEEE80211_MAX_SSID_LEN;
3444 brcmf_dbg(SCAN, "SSID:%.32s Channel:%d\n",
3445 netinfo->SSID, netinfo->channel);
3446 bucket_map |= brcmf_pno_get_bucket_map(cfg->pno, netinfo);
3447 err = brcmf_internal_escan_add_info(request,
3458 err = brcmf_start_internal_escan(ifp, bucket_map, request);
3463 cfg80211_sched_scan_stopped(wiphy, 0);
3470 brcmf_cfg80211_sched_scan_start(struct wiphy *wiphy,
3471 struct net_device *ndev,
3472 struct cfg80211_sched_scan_request *req)
3474 struct brcmf_if *ifp = netdev_priv(ndev);
3475 struct brcmf_cfg80211_info *cfg = wiphy_priv(wiphy);
3477 brcmf_dbg(SCAN, "Enter: n_match_sets=%d n_ssids=%d\n",
3478 req->n_match_sets, req->n_ssids);
3480 if (test_bit(BRCMF_SCAN_STATUS_SUPPRESS, &cfg->scan_status)) {
3481 brcmf_err("Scanning suppressed: status=%lu\n",
3486 if (req->n_match_sets <= 0) {
3487 brcmf_dbg(SCAN, "invalid number of matchsets specified: %d\n",
3492 return brcmf_pno_start_sched_scan(ifp, req);
3495 static int brcmf_cfg80211_sched_scan_stop(struct wiphy *wiphy,
3496 struct net_device *ndev, u64 reqid)
3498 struct brcmf_cfg80211_info *cfg = wiphy_to_cfg(wiphy);
3499 struct brcmf_if *ifp = netdev_priv(ndev);
3501 brcmf_dbg(SCAN, "enter\n");
3502 brcmf_pno_stop_sched_scan(ifp, reqid);
3503 if (cfg->int_escan_map)
3504 brcmf_notify_escan_complete(cfg, ifp, true, true);
3508 static __always_inline void brcmf_delay(u32 ms)
3510 if (ms < 1000 / HZ) {
3518 static s32 brcmf_config_wowl_pattern(struct brcmf_if *ifp, u8 cmd[4],
3519 u8 *pattern, u32 patternsize, u8 *mask,
3522 struct brcmf_fil_wowl_pattern_le *filter;
3529 masksize = (patternsize + 7) / 8;
3530 patternoffset = sizeof(*filter) - sizeof(filter->cmd) + masksize;
3532 bufsize = sizeof(*filter) + patternsize + masksize;
3533 buf = kzalloc(bufsize, GFP_KERNEL);
3536 filter = (struct brcmf_fil_wowl_pattern_le *)buf;
3538 memcpy(filter->cmd, cmd, 4);
3539 filter->masksize = cpu_to_le32(masksize);
3540 filter->offset = cpu_to_le32(packet_offset);
3541 filter->patternoffset = cpu_to_le32(patternoffset);
3542 filter->patternsize = cpu_to_le32(patternsize);
3543 filter->type = cpu_to_le32(BRCMF_WOWL_PATTERN_TYPE_BITMAP);
3545 if ((mask) && (masksize))
3546 memcpy(buf + sizeof(*filter), mask, masksize);
3547 if ((pattern) && (patternsize))
3548 memcpy(buf + sizeof(*filter) + masksize, pattern, patternsize);
3550 ret = brcmf_fil_iovar_data_set(ifp, "wowl_pattern", buf, bufsize);
3557 brcmf_wowl_nd_results(struct brcmf_if *ifp, const struct brcmf_event_msg *e,
3560 struct brcmf_cfg80211_info *cfg = ifp->drvr->config;
3561 struct brcmf_pno_scanresults_le *pfn_result;
3562 struct brcmf_pno_net_info_le *netinfo;
3564 brcmf_dbg(SCAN, "Enter\n");
3566 if (e->datalen < (sizeof(*pfn_result) + sizeof(*netinfo))) {
3567 brcmf_dbg(SCAN, "Event data to small. Ignore\n");
3571 pfn_result = (struct brcmf_pno_scanresults_le *)data;
3573 if (e->event_code == BRCMF_E_PFN_NET_LOST) {
3574 brcmf_dbg(SCAN, "PFN NET LOST event. Ignore\n");
3578 if (le32_to_cpu(pfn_result->count) < 1) {
3579 brcmf_err("Invalid result count, expected 1 (%d)\n",
3580 le32_to_cpu(pfn_result->count));
3584 netinfo = brcmf_get_netinfo_array(pfn_result);
3585 if (netinfo->SSID_len > IEEE80211_MAX_SSID_LEN)
3586 netinfo->SSID_len = IEEE80211_MAX_SSID_LEN;
3587 memcpy(cfg->wowl.nd->ssid.ssid, netinfo->SSID, netinfo->SSID_len);
3588 cfg->wowl.nd->ssid.ssid_len = netinfo->SSID_len;
3589 cfg->wowl.nd->n_channels = 1;
3590 cfg->wowl.nd->channels[0] =
3591 ieee80211_channel_to_frequency(netinfo->channel,
3592 netinfo->channel <= CH_MAX_2G_CHANNEL ?
3593 NL80211_BAND_2GHZ : NL80211_BAND_5GHZ);
3594 cfg->wowl.nd_info->n_matches = 1;
3595 cfg->wowl.nd_info->matches[0] = cfg->wowl.nd;
3597 /* Inform (the resume task) that the net detect information was recvd */
3598 cfg->wowl.nd_data_completed = true;
3599 wake_up(&cfg->wowl.nd_data_wait);
3606 static void brcmf_report_wowl_wakeind(struct wiphy *wiphy, struct brcmf_if *ifp)
3608 struct brcmf_cfg80211_info *cfg = wiphy_to_cfg(wiphy);
3609 struct brcmf_wowl_wakeind_le wake_ind_le;
3610 struct cfg80211_wowlan_wakeup wakeup_data;
3611 struct cfg80211_wowlan_wakeup *wakeup;
3616 err = brcmf_fil_iovar_data_get(ifp, "wowl_wakeind", &wake_ind_le,
3617 sizeof(wake_ind_le));
3619 brcmf_err("Get wowl_wakeind failed, err = %d\n", err);
3623 wakeind = le32_to_cpu(wake_ind_le.ucode_wakeind);
3624 if (wakeind & (BRCMF_WOWL_MAGIC | BRCMF_WOWL_DIS | BRCMF_WOWL_BCN |
3625 BRCMF_WOWL_RETR | BRCMF_WOWL_NET |
3626 BRCMF_WOWL_PFN_FOUND)) {
3627 wakeup = &wakeup_data;
3628 memset(&wakeup_data, 0, sizeof(wakeup_data));
3629 wakeup_data.pattern_idx = -1;
3631 if (wakeind & BRCMF_WOWL_MAGIC) {
3632 brcmf_dbg(INFO, "WOWL Wake indicator: BRCMF_WOWL_MAGIC\n");
3633 wakeup_data.magic_pkt = true;
3635 if (wakeind & BRCMF_WOWL_DIS) {
3636 brcmf_dbg(INFO, "WOWL Wake indicator: BRCMF_WOWL_DIS\n");
3637 wakeup_data.disconnect = true;
3639 if (wakeind & BRCMF_WOWL_BCN) {
3640 brcmf_dbg(INFO, "WOWL Wake indicator: BRCMF_WOWL_BCN\n");
3641 wakeup_data.disconnect = true;
3643 if (wakeind & BRCMF_WOWL_RETR) {
3644 brcmf_dbg(INFO, "WOWL Wake indicator: BRCMF_WOWL_RETR\n");
3645 wakeup_data.disconnect = true;
3647 if (wakeind & BRCMF_WOWL_NET) {
3648 brcmf_dbg(INFO, "WOWL Wake indicator: BRCMF_WOWL_NET\n");
3649 /* For now always map to pattern 0, no API to get
3650 * correct information available at the moment.
3652 wakeup_data.pattern_idx = 0;
3654 if (wakeind & BRCMF_WOWL_PFN_FOUND) {
3655 brcmf_dbg(INFO, "WOWL Wake indicator: BRCMF_WOWL_PFN_FOUND\n");
3656 timeout = wait_event_timeout(cfg->wowl.nd_data_wait,
3657 cfg->wowl.nd_data_completed,
3658 BRCMF_ND_INFO_TIMEOUT);
3660 brcmf_err("No result for wowl net detect\n");
3662 wakeup_data.net_detect = cfg->wowl.nd_info;
3664 if (wakeind & BRCMF_WOWL_GTK_FAILURE) {
3665 brcmf_dbg(INFO, "WOWL Wake indicator: BRCMF_WOWL_GTK_FAILURE\n");
3666 wakeup_data.gtk_rekey_failure = true;
3671 cfg80211_report_wowlan_wakeup(&ifp->vif->wdev, wakeup, GFP_KERNEL);
3676 static void brcmf_report_wowl_wakeind(struct wiphy *wiphy, struct brcmf_if *ifp)
3680 #endif /* CONFIG_PM */
3682 static s32 brcmf_cfg80211_resume(struct wiphy *wiphy)
3684 struct brcmf_cfg80211_info *cfg = wiphy_to_cfg(wiphy);
3685 struct net_device *ndev = cfg_to_ndev(cfg);
3686 struct brcmf_if *ifp = netdev_priv(ndev);
3688 brcmf_dbg(TRACE, "Enter\n");
3690 if (cfg->wowl.active) {
3691 brcmf_report_wowl_wakeind(wiphy, ifp);
3692 brcmf_fil_iovar_int_set(ifp, "wowl_clear", 0);
3693 brcmf_config_wowl_pattern(ifp, "clr", NULL, 0, NULL, 0);
3694 if (!brcmf_feat_is_enabled(ifp, BRCMF_FEAT_WOWL_ARP_ND))
3695 brcmf_configure_arp_nd_offload(ifp, true);
3696 brcmf_fil_cmd_int_set(ifp, BRCMF_C_SET_PM,
3697 cfg->wowl.pre_pmmode);
3698 cfg->wowl.active = false;
3699 if (cfg->wowl.nd_enabled) {
3700 brcmf_cfg80211_sched_scan_stop(cfg->wiphy, ifp->ndev, 0);
3701 brcmf_fweh_unregister(cfg->pub, BRCMF_E_PFN_NET_FOUND);
3702 brcmf_fweh_register(cfg->pub, BRCMF_E_PFN_NET_FOUND,
3703 brcmf_notify_sched_scan_results);
3704 cfg->wowl.nd_enabled = false;
3710 static void brcmf_configure_wowl(struct brcmf_cfg80211_info *cfg,
3711 struct brcmf_if *ifp,
3712 struct cfg80211_wowlan *wowl)
3715 struct brcmf_wowl_wakeind_le wowl_wakeind;
3718 brcmf_dbg(TRACE, "Suspend, wowl config.\n");
3720 if (!brcmf_feat_is_enabled(ifp, BRCMF_FEAT_WOWL_ARP_ND))
3721 brcmf_configure_arp_nd_offload(ifp, false);
3722 brcmf_fil_cmd_int_get(ifp, BRCMF_C_GET_PM, &cfg->wowl.pre_pmmode);
3723 brcmf_fil_cmd_int_set(ifp, BRCMF_C_SET_PM, PM_MAX);
3726 if (wowl->disconnect)
3727 wowl_config = BRCMF_WOWL_DIS | BRCMF_WOWL_BCN | BRCMF_WOWL_RETR;
3728 if (wowl->magic_pkt)
3729 wowl_config |= BRCMF_WOWL_MAGIC;
3730 if ((wowl->patterns) && (wowl->n_patterns)) {
3731 wowl_config |= BRCMF_WOWL_NET;
3732 for (i = 0; i < wowl->n_patterns; i++) {
3733 brcmf_config_wowl_pattern(ifp, "add",
3734 (u8 *)wowl->patterns[i].pattern,
3735 wowl->patterns[i].pattern_len,
3736 (u8 *)wowl->patterns[i].mask,
3737 wowl->patterns[i].pkt_offset);
3740 if (wowl->nd_config) {
3741 brcmf_cfg80211_sched_scan_start(cfg->wiphy, ifp->ndev,
3743 wowl_config |= BRCMF_WOWL_PFN_FOUND;
3745 cfg->wowl.nd_data_completed = false;
3746 cfg->wowl.nd_enabled = true;
3747 /* Now reroute the event for PFN to the wowl function. */
3748 brcmf_fweh_unregister(cfg->pub, BRCMF_E_PFN_NET_FOUND);
3749 brcmf_fweh_register(cfg->pub, BRCMF_E_PFN_NET_FOUND,
3750 brcmf_wowl_nd_results);
3752 if (wowl->gtk_rekey_failure)
3753 wowl_config |= BRCMF_WOWL_GTK_FAILURE;
3754 if (!test_bit(BRCMF_VIF_STATUS_CONNECTED, &ifp->vif->sme_state))
3755 wowl_config |= BRCMF_WOWL_UNASSOC;
3757 memcpy(&wowl_wakeind, "clear", 6);
3758 brcmf_fil_iovar_data_set(ifp, "wowl_wakeind", &wowl_wakeind,
3759 sizeof(wowl_wakeind));
3760 brcmf_fil_iovar_int_set(ifp, "wowl", wowl_config);
3761 brcmf_fil_iovar_int_set(ifp, "wowl_activate", 1);
3762 brcmf_bus_wowl_config(cfg->pub->bus_if, true);
3763 cfg->wowl.active = true;
3766 static s32 brcmf_cfg80211_suspend(struct wiphy *wiphy,
3767 struct cfg80211_wowlan *wowl)
3769 struct brcmf_cfg80211_info *cfg = wiphy_to_cfg(wiphy);
3770 struct net_device *ndev = cfg_to_ndev(cfg);
3771 struct brcmf_if *ifp = netdev_priv(ndev);
3772 struct brcmf_cfg80211_vif *vif;
3774 brcmf_dbg(TRACE, "Enter\n");
3776 /* if the primary net_device is not READY there is nothing
3777 * we can do but pray resume goes smoothly.
3779 if (!check_vif_up(ifp->vif))
3782 /* Stop scheduled scan */
3783 if (brcmf_feat_is_enabled(ifp, BRCMF_FEAT_PNO))
3784 brcmf_cfg80211_sched_scan_stop(wiphy, ndev, 0);
3786 /* end any scanning */
3787 if (test_bit(BRCMF_SCAN_STATUS_BUSY, &cfg->scan_status))
3788 brcmf_abort_scanning(cfg);
3791 brcmf_bus_wowl_config(cfg->pub->bus_if, false);
3792 list_for_each_entry(vif, &cfg->vif_list, list) {
3793 if (!test_bit(BRCMF_VIF_STATUS_READY, &vif->sme_state))
3795 /* While going to suspend if associated with AP
3796 * disassociate from AP to save power while system is
3797 * in suspended state
3799 brcmf_link_down(vif, WLAN_REASON_UNSPECIFIED);
3800 /* Make sure WPA_Supplicant receives all the event
3801 * generated due to DISASSOC call to the fw to keep
3802 * the state fw and WPA_Supplicant state consistent
3807 brcmf_set_mpc(ifp, 1);
3810 /* Configure WOWL paramaters */
3811 brcmf_configure_wowl(cfg, ifp, wowl);
3815 brcmf_dbg(TRACE, "Exit\n");
3816 /* clear any scanning activity */
3817 cfg->scan_status = 0;
3822 brcmf_update_pmklist(struct brcmf_cfg80211_info *cfg, struct brcmf_if *ifp)
3824 struct brcmf_pmk_list_le *pmk_list;
3829 pmk_list = &cfg->pmk_list;
3830 npmk = le32_to_cpu(pmk_list->npmk);
3832 brcmf_dbg(CONN, "No of elements %d\n", npmk);
3833 for (i = 0; i < npmk; i++)
3834 brcmf_dbg(CONN, "PMK[%d]: %pM\n", i, &pmk_list->pmk[i].bssid);
3836 err = brcmf_fil_iovar_data_set(ifp, "pmkid_info", pmk_list,
3843 brcmf_cfg80211_set_pmksa(struct wiphy *wiphy, struct net_device *ndev,
3844 struct cfg80211_pmksa *pmksa)
3846 struct brcmf_cfg80211_info *cfg = wiphy_to_cfg(wiphy);
3847 struct brcmf_if *ifp = netdev_priv(ndev);
3848 struct brcmf_pmksa *pmk = &cfg->pmk_list.pmk[0];
3852 brcmf_dbg(TRACE, "Enter\n");
3853 if (!check_vif_up(ifp->vif))
3856 npmk = le32_to_cpu(cfg->pmk_list.npmk);
3857 for (i = 0; i < npmk; i++)
3858 if (!memcmp(pmksa->bssid, pmk[i].bssid, ETH_ALEN))
3860 if (i < BRCMF_MAXPMKID) {
3861 memcpy(pmk[i].bssid, pmksa->bssid, ETH_ALEN);
3862 memcpy(pmk[i].pmkid, pmksa->pmkid, WLAN_PMKID_LEN);
3865 cfg->pmk_list.npmk = cpu_to_le32(npmk);
3868 brcmf_err("Too many PMKSA entries cached %d\n", npmk);
3872 brcmf_dbg(CONN, "set_pmksa - PMK bssid: %pM =\n", pmk[npmk].bssid);
3873 for (i = 0; i < WLAN_PMKID_LEN; i += 4)
3874 brcmf_dbg(CONN, "%02x %02x %02x %02x\n", pmk[npmk].pmkid[i],
3875 pmk[npmk].pmkid[i + 1], pmk[npmk].pmkid[i + 2],
3876 pmk[npmk].pmkid[i + 3]);
3878 err = brcmf_update_pmklist(cfg, ifp);
3880 brcmf_dbg(TRACE, "Exit\n");
3885 brcmf_cfg80211_del_pmksa(struct wiphy *wiphy, struct net_device *ndev,
3886 struct cfg80211_pmksa *pmksa)
3888 struct brcmf_cfg80211_info *cfg = wiphy_to_cfg(wiphy);
3889 struct brcmf_if *ifp = netdev_priv(ndev);
3890 struct brcmf_pmksa *pmk = &cfg->pmk_list.pmk[0];
3894 brcmf_dbg(TRACE, "Enter\n");
3895 if (!check_vif_up(ifp->vif))
3898 brcmf_dbg(CONN, "del_pmksa - PMK bssid = %pM\n", pmksa->bssid);
3900 npmk = le32_to_cpu(cfg->pmk_list.npmk);
3901 for (i = 0; i < npmk; i++)
3902 if (!memcmp(pmksa->bssid, pmk[i].bssid, ETH_ALEN))
3905 if ((npmk > 0) && (i < npmk)) {
3906 for (; i < (npmk - 1); i++) {
3907 memcpy(&pmk[i].bssid, &pmk[i + 1].bssid, ETH_ALEN);
3908 memcpy(&pmk[i].pmkid, &pmk[i + 1].pmkid,
3911 memset(&pmk[i], 0, sizeof(*pmk));
3912 cfg->pmk_list.npmk = cpu_to_le32(npmk - 1);
3914 brcmf_err("Cache entry not found\n");
3918 err = brcmf_update_pmklist(cfg, ifp);
3920 brcmf_dbg(TRACE, "Exit\n");
3926 brcmf_cfg80211_flush_pmksa(struct wiphy *wiphy, struct net_device *ndev)
3928 struct brcmf_cfg80211_info *cfg = wiphy_to_cfg(wiphy);
3929 struct brcmf_if *ifp = netdev_priv(ndev);
3932 brcmf_dbg(TRACE, "Enter\n");
3933 if (!check_vif_up(ifp->vif))
3936 memset(&cfg->pmk_list, 0, sizeof(cfg->pmk_list));
3937 err = brcmf_update_pmklist(cfg, ifp);
3939 brcmf_dbg(TRACE, "Exit\n");
3944 static s32 brcmf_configure_opensecurity(struct brcmf_if *ifp)
3950 err = brcmf_fil_bsscfg_int_set(ifp, "auth", 0);
3952 brcmf_err("auth error %d\n", err);
3956 err = brcmf_fil_bsscfg_int_set(ifp, "wsec", 0);
3958 brcmf_err("wsec error %d\n", err);
3961 /* set upper-layer auth */
3962 if (brcmf_is_ibssmode(ifp->vif))
3963 wpa_val = WPA_AUTH_NONE;
3965 wpa_val = WPA_AUTH_DISABLED;
3966 err = brcmf_fil_bsscfg_int_set(ifp, "wpa_auth", wpa_val);
3968 brcmf_err("wpa_auth error %d\n", err);
3975 static bool brcmf_valid_wpa_oui(u8 *oui, bool is_rsn_ie)
3978 return (memcmp(oui, RSN_OUI, TLV_OUI_LEN) == 0);
3980 return (memcmp(oui, WPA_OUI, TLV_OUI_LEN) == 0);
3984 brcmf_configure_wpaie(struct brcmf_if *ifp,
3985 const struct brcmf_vs_tlv *wpa_ie,
3988 u32 auth = 0; /* d11 open authentication */
4000 u32 wme_bss_disable;
4003 brcmf_dbg(TRACE, "Enter\n");
4007 len = wpa_ie->len + TLV_HDR_LEN;
4008 data = (u8 *)wpa_ie;
4009 offset = TLV_HDR_LEN;
4011 offset += VS_IE_FIXED_HDR_LEN;
4013 offset += WPA_IE_VERSION_LEN;
4015 /* check for multicast cipher suite */
4016 if (offset + WPA_IE_MIN_OUI_LEN > len) {
4018 brcmf_err("no multicast cipher suite\n");
4022 if (!brcmf_valid_wpa_oui(&data[offset], is_rsn_ie)) {
4024 brcmf_err("ivalid OUI\n");
4027 offset += TLV_OUI_LEN;
4029 /* pick up multicast cipher */
4030 switch (data[offset]) {
4031 case WPA_CIPHER_NONE:
4034 case WPA_CIPHER_WEP_40:
4035 case WPA_CIPHER_WEP_104:
4038 case WPA_CIPHER_TKIP:
4039 gval = TKIP_ENABLED;
4041 case WPA_CIPHER_AES_CCM:
4046 brcmf_err("Invalid multi cast cipher info\n");
4051 /* walk thru unicast cipher list and pick up what we recognize */
4052 count = data[offset] + (data[offset + 1] << 8);
4053 offset += WPA_IE_SUITE_COUNT_LEN;
4054 /* Check for unicast suite(s) */
4055 if (offset + (WPA_IE_MIN_OUI_LEN * count) > len) {
4057 brcmf_err("no unicast cipher suite\n");
4060 for (i = 0; i < count; i++) {
4061 if (!brcmf_valid_wpa_oui(&data[offset], is_rsn_ie)) {
4063 brcmf_err("ivalid OUI\n");
4066 offset += TLV_OUI_LEN;
4067 switch (data[offset]) {
4068 case WPA_CIPHER_NONE:
4070 case WPA_CIPHER_WEP_40:
4071 case WPA_CIPHER_WEP_104:
4072 pval |= WEP_ENABLED;
4074 case WPA_CIPHER_TKIP:
4075 pval |= TKIP_ENABLED;
4077 case WPA_CIPHER_AES_CCM:
4078 pval |= AES_ENABLED;
4081 brcmf_err("Invalid unicast security info\n");
4085 /* walk thru auth management suite list and pick up what we recognize */
4086 count = data[offset] + (data[offset + 1] << 8);
4087 offset += WPA_IE_SUITE_COUNT_LEN;
4088 /* Check for auth key management suite(s) */
4089 if (offset + (WPA_IE_MIN_OUI_LEN * count) > len) {
4091 brcmf_err("no auth key mgmt suite\n");
4094 for (i = 0; i < count; i++) {
4095 if (!brcmf_valid_wpa_oui(&data[offset], is_rsn_ie)) {
4097 brcmf_err("ivalid OUI\n");
4100 offset += TLV_OUI_LEN;
4101 switch (data[offset]) {
4103 brcmf_dbg(TRACE, "RSN_AKM_NONE\n");
4104 wpa_auth |= WPA_AUTH_NONE;
4106 case RSN_AKM_UNSPECIFIED:
4107 brcmf_dbg(TRACE, "RSN_AKM_UNSPECIFIED\n");
4108 is_rsn_ie ? (wpa_auth |= WPA2_AUTH_UNSPECIFIED) :
4109 (wpa_auth |= WPA_AUTH_UNSPECIFIED);
4112 brcmf_dbg(TRACE, "RSN_AKM_PSK\n");
4113 is_rsn_ie ? (wpa_auth |= WPA2_AUTH_PSK) :
4114 (wpa_auth |= WPA_AUTH_PSK);
4116 case RSN_AKM_SHA256_PSK:
4117 brcmf_dbg(TRACE, "RSN_AKM_MFP_PSK\n");
4118 wpa_auth |= WPA2_AUTH_PSK_SHA256;
4120 case RSN_AKM_SHA256_1X:
4121 brcmf_dbg(TRACE, "RSN_AKM_MFP_1X\n");
4122 wpa_auth |= WPA2_AUTH_1X_SHA256;
4125 brcmf_err("Invalid key mgmt info\n");
4130 mfp = BRCMF_MFP_NONE;
4132 wme_bss_disable = 1;
4133 if ((offset + RSN_CAP_LEN) <= len) {
4134 rsn_cap = data[offset] + (data[offset + 1] << 8);
4135 if (rsn_cap & RSN_CAP_PTK_REPLAY_CNTR_MASK)
4136 wme_bss_disable = 0;
4137 if (rsn_cap & RSN_CAP_MFPR_MASK) {
4138 brcmf_dbg(TRACE, "MFP Required\n");
4139 mfp = BRCMF_MFP_REQUIRED;
4140 /* Firmware only supports mfp required in
4141 * combination with WPA2_AUTH_PSK_SHA256 or
4142 * WPA2_AUTH_1X_SHA256.
4144 if (!(wpa_auth & (WPA2_AUTH_PSK_SHA256 |
4145 WPA2_AUTH_1X_SHA256))) {
4149 /* Firmware has requirement that WPA2_AUTH_PSK/
4150 * WPA2_AUTH_UNSPECIFIED be set, if SHA256 OUI
4151 * is to be included in the rsn ie.
4153 if (wpa_auth & WPA2_AUTH_PSK_SHA256)
4154 wpa_auth |= WPA2_AUTH_PSK;
4155 else if (wpa_auth & WPA2_AUTH_1X_SHA256)
4156 wpa_auth |= WPA2_AUTH_UNSPECIFIED;
4157 } else if (rsn_cap & RSN_CAP_MFPC_MASK) {
4158 brcmf_dbg(TRACE, "MFP Capable\n");
4159 mfp = BRCMF_MFP_CAPABLE;
4162 offset += RSN_CAP_LEN;
4163 /* set wme_bss_disable to sync RSN Capabilities */
4164 err = brcmf_fil_bsscfg_int_set(ifp, "wme_bss_disable",
4167 brcmf_err("wme_bss_disable error %d\n", err);
4171 /* Skip PMKID cnt as it is know to be 0 for AP. */
4172 offset += RSN_PMKID_COUNT_LEN;
4174 /* See if there is BIP wpa suite left for MFP */
4175 if (brcmf_feat_is_enabled(ifp, BRCMF_FEAT_MFP) &&
4176 ((offset + WPA_IE_MIN_OUI_LEN) <= len)) {
4177 err = brcmf_fil_bsscfg_data_set(ifp, "bip",
4179 WPA_IE_MIN_OUI_LEN);
4181 brcmf_err("bip error %d\n", err);
4186 /* FOR WPS , set SES_OW_ENABLED */
4187 wsec = (pval | gval | SES_OW_ENABLED);
4190 err = brcmf_fil_bsscfg_int_set(ifp, "auth", auth);
4192 brcmf_err("auth error %d\n", err);
4196 err = brcmf_fil_bsscfg_int_set(ifp, "wsec", wsec);
4198 brcmf_err("wsec error %d\n", err);
4201 /* Configure MFP, this needs to go after wsec otherwise the wsec command
4202 * will overwrite the values set by MFP
4204 if (brcmf_feat_is_enabled(ifp, BRCMF_FEAT_MFP)) {
4205 err = brcmf_fil_bsscfg_int_set(ifp, "mfp", mfp);
4207 brcmf_err("mfp error %d\n", err);
4211 /* set upper-layer auth */
4212 err = brcmf_fil_bsscfg_int_set(ifp, "wpa_auth", wpa_auth);
4214 brcmf_err("wpa_auth error %d\n", err);
4223 brcmf_parse_vndr_ies(const u8 *vndr_ie_buf, u32 vndr_ie_len,
4224 struct parsed_vndr_ies *vndr_ies)
4226 struct brcmf_vs_tlv *vndrie;
4227 struct brcmf_tlv *ie;
4228 struct parsed_vndr_ie_info *parsed_info;
4231 remaining_len = (s32)vndr_ie_len;
4232 memset(vndr_ies, 0, sizeof(*vndr_ies));
4234 ie = (struct brcmf_tlv *)vndr_ie_buf;
4236 if (ie->id != WLAN_EID_VENDOR_SPECIFIC)
4238 vndrie = (struct brcmf_vs_tlv *)ie;
4239 /* len should be bigger than OUI length + one */
4240 if (vndrie->len < (VS_IE_FIXED_HDR_LEN - TLV_HDR_LEN + 1)) {
4241 brcmf_err("invalid vndr ie. length is too small %d\n",
4245 /* if wpa or wme ie, do not add ie */
4246 if (!memcmp(vndrie->oui, (u8 *)WPA_OUI, TLV_OUI_LEN) &&
4247 ((vndrie->oui_type == WPA_OUI_TYPE) ||
4248 (vndrie->oui_type == WME_OUI_TYPE))) {
4249 brcmf_dbg(TRACE, "Found WPA/WME oui. Do not add it\n");
4253 parsed_info = &vndr_ies->ie_info[vndr_ies->count];
4255 /* save vndr ie information */
4256 parsed_info->ie_ptr = (char *)vndrie;
4257 parsed_info->ie_len = vndrie->len + TLV_HDR_LEN;
4258 memcpy(&parsed_info->vndrie, vndrie, sizeof(*vndrie));
4262 brcmf_dbg(TRACE, "** OUI %02x %02x %02x, type 0x%02x\n",
4263 parsed_info->vndrie.oui[0],
4264 parsed_info->vndrie.oui[1],
4265 parsed_info->vndrie.oui[2],
4266 parsed_info->vndrie.oui_type);
4268 if (vndr_ies->count >= VNDR_IE_PARSE_LIMIT)
4271 remaining_len -= (ie->len + TLV_HDR_LEN);
4272 if (remaining_len <= TLV_HDR_LEN)
4275 ie = (struct brcmf_tlv *)(((u8 *)ie) + ie->len +
4282 brcmf_vndr_ie(u8 *iebuf, s32 pktflag, u8 *ie_ptr, u32 ie_len, s8 *add_del_cmd)
4285 strncpy(iebuf, add_del_cmd, VNDR_IE_CMD_LEN - 1);
4286 iebuf[VNDR_IE_CMD_LEN - 1] = '\0';
4288 put_unaligned_le32(1, &iebuf[VNDR_IE_COUNT_OFFSET]);
4290 put_unaligned_le32(pktflag, &iebuf[VNDR_IE_PKTFLAG_OFFSET]);
4292 memcpy(&iebuf[VNDR_IE_VSIE_OFFSET], ie_ptr, ie_len);
4294 return ie_len + VNDR_IE_HDR_SIZE;
4297 s32 brcmf_vif_set_mgmt_ie(struct brcmf_cfg80211_vif *vif, s32 pktflag,
4298 const u8 *vndr_ie_buf, u32 vndr_ie_len)
4300 struct brcmf_if *ifp;
4301 struct vif_saved_ie *saved_ie;
4305 u8 *mgmt_ie_buf = NULL;
4306 int mgmt_ie_buf_len;
4308 u32 del_add_ie_buf_len = 0;
4309 u32 total_ie_buf_len = 0;
4310 u32 parsed_ie_buf_len = 0;
4311 struct parsed_vndr_ies old_vndr_ies;
4312 struct parsed_vndr_ies new_vndr_ies;
4313 struct parsed_vndr_ie_info *vndrie_info;
4316 int remained_buf_len;
4321 saved_ie = &vif->saved_ie;
4323 brcmf_dbg(TRACE, "bsscfgidx %d, pktflag : 0x%02X\n", ifp->bsscfgidx,
4325 iovar_ie_buf = kzalloc(WL_EXTRA_BUF_MAX, GFP_KERNEL);
4328 curr_ie_buf = iovar_ie_buf;
4330 case BRCMF_VNDR_IE_PRBREQ_FLAG:
4331 mgmt_ie_buf = saved_ie->probe_req_ie;
4332 mgmt_ie_len = &saved_ie->probe_req_ie_len;
4333 mgmt_ie_buf_len = sizeof(saved_ie->probe_req_ie);
4335 case BRCMF_VNDR_IE_PRBRSP_FLAG:
4336 mgmt_ie_buf = saved_ie->probe_res_ie;
4337 mgmt_ie_len = &saved_ie->probe_res_ie_len;
4338 mgmt_ie_buf_len = sizeof(saved_ie->probe_res_ie);
4340 case BRCMF_VNDR_IE_BEACON_FLAG:
4341 mgmt_ie_buf = saved_ie->beacon_ie;
4342 mgmt_ie_len = &saved_ie->beacon_ie_len;
4343 mgmt_ie_buf_len = sizeof(saved_ie->beacon_ie);
4345 case BRCMF_VNDR_IE_ASSOCREQ_FLAG:
4346 mgmt_ie_buf = saved_ie->assoc_req_ie;
4347 mgmt_ie_len = &saved_ie->assoc_req_ie_len;
4348 mgmt_ie_buf_len = sizeof(saved_ie->assoc_req_ie);
4352 brcmf_err("not suitable type\n");
4356 if (vndr_ie_len > mgmt_ie_buf_len) {
4358 brcmf_err("extra IE size too big\n");
4362 /* parse and save new vndr_ie in curr_ie_buff before comparing it */
4363 if (vndr_ie_buf && vndr_ie_len && curr_ie_buf) {
4365 brcmf_parse_vndr_ies(vndr_ie_buf, vndr_ie_len, &new_vndr_ies);
4366 for (i = 0; i < new_vndr_ies.count; i++) {
4367 vndrie_info = &new_vndr_ies.ie_info[i];
4368 memcpy(ptr + parsed_ie_buf_len, vndrie_info->ie_ptr,
4369 vndrie_info->ie_len);
4370 parsed_ie_buf_len += vndrie_info->ie_len;
4374 if (mgmt_ie_buf && *mgmt_ie_len) {
4375 if (parsed_ie_buf_len && (parsed_ie_buf_len == *mgmt_ie_len) &&
4376 (memcmp(mgmt_ie_buf, curr_ie_buf,
4377 parsed_ie_buf_len) == 0)) {
4378 brcmf_dbg(TRACE, "Previous mgmt IE equals to current IE\n");
4382 /* parse old vndr_ie */
4383 brcmf_parse_vndr_ies(mgmt_ie_buf, *mgmt_ie_len, &old_vndr_ies);
4385 /* make a command to delete old ie */
4386 for (i = 0; i < old_vndr_ies.count; i++) {
4387 vndrie_info = &old_vndr_ies.ie_info[i];
4389 brcmf_dbg(TRACE, "DEL ID : %d, Len: %d , OUI:%02x:%02x:%02x\n",
4390 vndrie_info->vndrie.id,
4391 vndrie_info->vndrie.len,
4392 vndrie_info->vndrie.oui[0],
4393 vndrie_info->vndrie.oui[1],
4394 vndrie_info->vndrie.oui[2]);
4396 del_add_ie_buf_len = brcmf_vndr_ie(curr_ie_buf, pktflag,
4397 vndrie_info->ie_ptr,
4398 vndrie_info->ie_len,
4400 curr_ie_buf += del_add_ie_buf_len;
4401 total_ie_buf_len += del_add_ie_buf_len;
4406 /* Add if there is any extra IE */
4407 if (mgmt_ie_buf && parsed_ie_buf_len) {
4410 remained_buf_len = mgmt_ie_buf_len;
4412 /* make a command to add new ie */
4413 for (i = 0; i < new_vndr_ies.count; i++) {
4414 vndrie_info = &new_vndr_ies.ie_info[i];
4416 /* verify remained buf size before copy data */
4417 if (remained_buf_len < (vndrie_info->vndrie.len +
4418 VNDR_IE_VSIE_OFFSET)) {
4419 brcmf_err("no space in mgmt_ie_buf: len left %d",
4423 remained_buf_len -= (vndrie_info->ie_len +
4424 VNDR_IE_VSIE_OFFSET);
4426 brcmf_dbg(TRACE, "ADDED ID : %d, Len: %d, OUI:%02x:%02x:%02x\n",
4427 vndrie_info->vndrie.id,
4428 vndrie_info->vndrie.len,
4429 vndrie_info->vndrie.oui[0],
4430 vndrie_info->vndrie.oui[1],
4431 vndrie_info->vndrie.oui[2]);
4433 del_add_ie_buf_len = brcmf_vndr_ie(curr_ie_buf, pktflag,
4434 vndrie_info->ie_ptr,
4435 vndrie_info->ie_len,
4438 /* save the parsed IE in wl struct */
4439 memcpy(ptr + (*mgmt_ie_len), vndrie_info->ie_ptr,
4440 vndrie_info->ie_len);
4441 *mgmt_ie_len += vndrie_info->ie_len;
4443 curr_ie_buf += del_add_ie_buf_len;
4444 total_ie_buf_len += del_add_ie_buf_len;
4447 if (total_ie_buf_len) {
4448 err = brcmf_fil_bsscfg_data_set(ifp, "vndr_ie", iovar_ie_buf,
4451 brcmf_err("vndr ie set error : %d\n", err);
4455 kfree(iovar_ie_buf);
4459 s32 brcmf_vif_clear_mgmt_ies(struct brcmf_cfg80211_vif *vif)
4462 BRCMF_VNDR_IE_PRBREQ_FLAG,
4463 BRCMF_VNDR_IE_PRBRSP_FLAG,
4464 BRCMF_VNDR_IE_BEACON_FLAG
4468 for (i = 0; i < ARRAY_SIZE(pktflags); i++)
4469 brcmf_vif_set_mgmt_ie(vif, pktflags[i], NULL, 0);
4471 memset(&vif->saved_ie, 0, sizeof(vif->saved_ie));
4476 brcmf_config_ap_mgmt_ie(struct brcmf_cfg80211_vif *vif,
4477 struct cfg80211_beacon_data *beacon)
4481 /* Set Beacon IEs to FW */
4482 err = brcmf_vif_set_mgmt_ie(vif, BRCMF_VNDR_IE_BEACON_FLAG,
4483 beacon->tail, beacon->tail_len);
4485 brcmf_err("Set Beacon IE Failed\n");
4488 brcmf_dbg(TRACE, "Applied Vndr IEs for Beacon\n");
4490 /* Set Probe Response IEs to FW */
4491 err = brcmf_vif_set_mgmt_ie(vif, BRCMF_VNDR_IE_PRBRSP_FLAG,
4492 beacon->proberesp_ies,
4493 beacon->proberesp_ies_len);
4495 brcmf_err("Set Probe Resp IE Failed\n");
4497 brcmf_dbg(TRACE, "Applied Vndr IEs for Probe Resp\n");
4503 brcmf_cfg80211_start_ap(struct wiphy *wiphy, struct net_device *ndev,
4504 struct cfg80211_ap_settings *settings)
4507 struct brcmf_cfg80211_info *cfg = wiphy_to_cfg(wiphy);
4508 struct brcmf_if *ifp = netdev_priv(ndev);
4509 const struct brcmf_tlv *ssid_ie;
4510 const struct brcmf_tlv *country_ie;
4511 struct brcmf_ssid_le ssid_le;
4513 const struct brcmf_tlv *rsn_ie;
4514 const struct brcmf_vs_tlv *wpa_ie;
4515 struct brcmf_join_params join_params;
4516 enum nl80211_iftype dev_role;
4517 struct brcmf_fil_bss_enable_le bss_enable;
4518 u16 chanspec = chandef_to_chanspec(&cfg->d11inf, &settings->chandef);
4523 brcmf_dbg(TRACE, "ctrlchn=%d, center=%d, bw=%d, beacon_interval=%d, dtim_period=%d,\n",
4524 settings->chandef.chan->hw_value,
4525 settings->chandef.center_freq1, settings->chandef.width,
4526 settings->beacon_interval, settings->dtim_period);
4527 brcmf_dbg(TRACE, "ssid=%s(%zu), auth_type=%d, inactivity_timeout=%d\n",
4528 settings->ssid, settings->ssid_len, settings->auth_type,
4529 settings->inactivity_timeout);
4530 dev_role = ifp->vif->wdev.iftype;
4531 mbss = ifp->vif->mbss;
4533 /* store current 11d setting */
4534 if (brcmf_fil_cmd_int_get(ifp, BRCMF_C_GET_REGULATORY,
4535 &ifp->vif->is_11d)) {
4536 is_11d = supports_11d = false;
4538 country_ie = brcmf_parse_tlvs((u8 *)settings->beacon.tail,
4539 settings->beacon.tail_len,
4541 is_11d = country_ie ? 1 : 0;
4542 supports_11d = true;
4545 memset(&ssid_le, 0, sizeof(ssid_le));
4546 if (settings->ssid == NULL || settings->ssid_len == 0) {
4547 ie_offset = DOT11_MGMT_HDR_LEN + DOT11_BCN_PRB_FIXED_LEN;
4548 ssid_ie = brcmf_parse_tlvs(
4549 (u8 *)&settings->beacon.head[ie_offset],
4550 settings->beacon.head_len - ie_offset,
4552 if (!ssid_ie || ssid_ie->len > IEEE80211_MAX_SSID_LEN)
4555 memcpy(ssid_le.SSID, ssid_ie->data, ssid_ie->len);
4556 ssid_le.SSID_len = cpu_to_le32(ssid_ie->len);
4557 brcmf_dbg(TRACE, "SSID is (%s) in Head\n", ssid_le.SSID);
4559 memcpy(ssid_le.SSID, settings->ssid, settings->ssid_len);
4560 ssid_le.SSID_len = cpu_to_le32((u32)settings->ssid_len);
4564 brcmf_set_mpc(ifp, 0);
4565 brcmf_configure_arp_nd_offload(ifp, false);
4568 /* find the RSN_IE */
4569 rsn_ie = brcmf_parse_tlvs((u8 *)settings->beacon.tail,
4570 settings->beacon.tail_len, WLAN_EID_RSN);
4572 /* find the WPA_IE */
4573 wpa_ie = brcmf_find_wpaie((u8 *)settings->beacon.tail,
4574 settings->beacon.tail_len);
4576 if ((wpa_ie != NULL || rsn_ie != NULL)) {
4577 brcmf_dbg(TRACE, "WPA(2) IE is found\n");
4578 if (wpa_ie != NULL) {
4580 err = brcmf_configure_wpaie(ifp, wpa_ie, false);
4584 struct brcmf_vs_tlv *tmp_ie;
4586 tmp_ie = (struct brcmf_vs_tlv *)rsn_ie;
4589 err = brcmf_configure_wpaie(ifp, tmp_ie, true);
4594 brcmf_dbg(TRACE, "No WPA(2) IEs found\n");
4595 brcmf_configure_opensecurity(ifp);
4598 /* Parameters shared by all radio interfaces */
4600 if ((supports_11d) && (is_11d != ifp->vif->is_11d)) {
4601 err = brcmf_fil_cmd_int_set(ifp, BRCMF_C_SET_REGULATORY,
4604 brcmf_err("Regulatory Set Error, %d\n", err);
4608 if (settings->beacon_interval) {
4609 err = brcmf_fil_cmd_int_set(ifp, BRCMF_C_SET_BCNPRD,
4610 settings->beacon_interval);
4612 brcmf_err("Beacon Interval Set Error, %d\n",
4617 if (settings->dtim_period) {
4618 err = brcmf_fil_cmd_int_set(ifp, BRCMF_C_SET_DTIMPRD,
4619 settings->dtim_period);
4621 brcmf_err("DTIM Interval Set Error, %d\n", err);
4626 if ((dev_role == NL80211_IFTYPE_AP) &&
4627 ((ifp->ifidx == 0) ||
4628 !brcmf_feat_is_enabled(ifp, BRCMF_FEAT_RSDB))) {
4629 err = brcmf_fil_cmd_int_set(ifp, BRCMF_C_DOWN, 1);
4631 brcmf_err("BRCMF_C_DOWN error %d\n", err);
4634 brcmf_fil_iovar_int_set(ifp, "apsta", 0);
4637 err = brcmf_fil_cmd_int_set(ifp, BRCMF_C_SET_INFRA, 1);
4639 brcmf_err("SET INFRA error %d\n", err);
4642 } else if (WARN_ON(supports_11d && (is_11d != ifp->vif->is_11d))) {
4643 /* Multiple-BSS should use same 11d configuration */
4648 /* Interface specific setup */
4649 if (dev_role == NL80211_IFTYPE_AP) {
4650 if ((brcmf_feat_is_enabled(ifp, BRCMF_FEAT_MBSS)) && (!mbss))
4651 brcmf_fil_iovar_int_set(ifp, "mbss", 1);
4653 err = brcmf_fil_cmd_int_set(ifp, BRCMF_C_SET_AP, 1);
4655 brcmf_err("setting AP mode failed %d\n", err);
4659 /* Firmware 10.x requires setting channel after enabling
4660 * AP and before bringing interface up.
4662 err = brcmf_fil_iovar_int_set(ifp, "chanspec", chanspec);
4664 brcmf_err("Set Channel failed: chspec=%d, %d\n",
4669 err = brcmf_fil_cmd_int_set(ifp, BRCMF_C_UP, 1);
4671 brcmf_err("BRCMF_C_UP error (%d)\n", err);
4674 /* On DOWN the firmware removes the WEP keys, reconfigure
4675 * them if they were set.
4677 brcmf_cfg80211_reconfigure_wep(ifp);
4679 memset(&join_params, 0, sizeof(join_params));
4680 /* join parameters starts with ssid */
4681 memcpy(&join_params.ssid_le, &ssid_le, sizeof(ssid_le));
4683 err = brcmf_fil_cmd_data_set(ifp, BRCMF_C_SET_SSID,
4684 &join_params, sizeof(join_params));
4686 brcmf_err("SET SSID error (%d)\n", err);
4690 if (settings->hidden_ssid) {
4691 err = brcmf_fil_iovar_int_set(ifp, "closednet", 1);
4693 brcmf_err("closednet error (%d)\n", err);
4698 brcmf_dbg(TRACE, "AP mode configuration complete\n");
4699 } else if (dev_role == NL80211_IFTYPE_P2P_GO) {
4700 err = brcmf_fil_iovar_int_set(ifp, "chanspec", chanspec);
4702 brcmf_err("Set Channel failed: chspec=%d, %d\n",
4706 err = brcmf_fil_bsscfg_data_set(ifp, "ssid", &ssid_le,
4709 brcmf_err("setting ssid failed %d\n", err);
4712 bss_enable.bsscfgidx = cpu_to_le32(ifp->bsscfgidx);
4713 bss_enable.enable = cpu_to_le32(1);
4714 err = brcmf_fil_iovar_data_set(ifp, "bss", &bss_enable,
4715 sizeof(bss_enable));
4717 brcmf_err("bss_enable config failed %d\n", err);
4721 brcmf_dbg(TRACE, "GO mode configuration complete\n");
4726 brcmf_config_ap_mgmt_ie(ifp->vif, &settings->beacon);
4727 set_bit(BRCMF_VIF_STATUS_AP_CREATED, &ifp->vif->sme_state);
4728 brcmf_net_setcarrier(ifp, true);
4731 if ((err) && (!mbss)) {
4732 brcmf_set_mpc(ifp, 1);
4733 brcmf_configure_arp_nd_offload(ifp, true);
4738 static int brcmf_cfg80211_stop_ap(struct wiphy *wiphy, struct net_device *ndev)
4740 struct brcmf_if *ifp = netdev_priv(ndev);
4742 struct brcmf_fil_bss_enable_le bss_enable;
4743 struct brcmf_join_params join_params;
4745 brcmf_dbg(TRACE, "Enter\n");
4747 if (ifp->vif->wdev.iftype == NL80211_IFTYPE_AP) {
4748 /* Due to most likely deauths outstanding we sleep */
4749 /* first to make sure they get processed by fw. */
4752 if (ifp->vif->mbss) {
4753 err = brcmf_fil_cmd_int_set(ifp, BRCMF_C_DOWN, 1);
4757 /* First BSS doesn't get a full reset */
4758 if (ifp->bsscfgidx == 0)
4759 brcmf_fil_iovar_int_set(ifp, "closednet", 0);
4761 memset(&join_params, 0, sizeof(join_params));
4762 err = brcmf_fil_cmd_data_set(ifp, BRCMF_C_SET_SSID,
4763 &join_params, sizeof(join_params));
4765 brcmf_err("SET SSID error (%d)\n", err);
4766 err = brcmf_fil_cmd_int_set(ifp, BRCMF_C_DOWN, 1);
4768 brcmf_err("BRCMF_C_DOWN error %d\n", err);
4769 err = brcmf_fil_cmd_int_set(ifp, BRCMF_C_SET_AP, 0);
4771 brcmf_err("setting AP mode failed %d\n", err);
4772 if (brcmf_feat_is_enabled(ifp, BRCMF_FEAT_MBSS))
4773 brcmf_fil_iovar_int_set(ifp, "mbss", 0);
4774 brcmf_fil_cmd_int_set(ifp, BRCMF_C_SET_REGULATORY,
4776 /* Bring device back up so it can be used again */
4777 err = brcmf_fil_cmd_int_set(ifp, BRCMF_C_UP, 1);
4779 brcmf_err("BRCMF_C_UP error %d\n", err);
4781 brcmf_vif_clear_mgmt_ies(ifp->vif);
4783 bss_enable.bsscfgidx = cpu_to_le32(ifp->bsscfgidx);
4784 bss_enable.enable = cpu_to_le32(0);
4785 err = brcmf_fil_iovar_data_set(ifp, "bss", &bss_enable,
4786 sizeof(bss_enable));
4788 brcmf_err("bss_enable config failed %d\n", err);
4790 brcmf_set_mpc(ifp, 1);
4791 brcmf_configure_arp_nd_offload(ifp, true);
4792 clear_bit(BRCMF_VIF_STATUS_AP_CREATED, &ifp->vif->sme_state);
4793 brcmf_net_setcarrier(ifp, false);
4799 brcmf_cfg80211_change_beacon(struct wiphy *wiphy, struct net_device *ndev,
4800 struct cfg80211_beacon_data *info)
4802 struct brcmf_if *ifp = netdev_priv(ndev);
4805 brcmf_dbg(TRACE, "Enter\n");
4807 err = brcmf_config_ap_mgmt_ie(ifp->vif, info);
4813 brcmf_cfg80211_del_station(struct wiphy *wiphy, struct net_device *ndev,
4814 struct station_del_parameters *params)
4816 struct brcmf_cfg80211_info *cfg = wiphy_to_cfg(wiphy);
4817 struct brcmf_scb_val_le scbval;
4818 struct brcmf_if *ifp = netdev_priv(ndev);
4824 brcmf_dbg(TRACE, "Enter %pM\n", params->mac);
4826 if (ifp->vif == cfg->p2p.bss_idx[P2PAPI_BSSCFG_DEVICE].vif)
4827 ifp = cfg->p2p.bss_idx[P2PAPI_BSSCFG_PRIMARY].vif->ifp;
4828 if (!check_vif_up(ifp->vif))
4831 memcpy(&scbval.ea, params->mac, ETH_ALEN);
4832 scbval.val = cpu_to_le32(params->reason_code);
4833 err = brcmf_fil_cmd_data_set(ifp, BRCMF_C_SCB_DEAUTHENTICATE_FOR_REASON,
4834 &scbval, sizeof(scbval));
4836 brcmf_err("SCB_DEAUTHENTICATE_FOR_REASON failed %d\n", err);
4838 brcmf_dbg(TRACE, "Exit\n");
4843 brcmf_cfg80211_change_station(struct wiphy *wiphy, struct net_device *ndev,
4844 const u8 *mac, struct station_parameters *params)
4846 struct brcmf_if *ifp = netdev_priv(ndev);
4849 brcmf_dbg(TRACE, "Enter, MAC %pM, mask 0x%04x set 0x%04x\n", mac,
4850 params->sta_flags_mask, params->sta_flags_set);
4852 /* Ignore all 00 MAC */
4853 if (is_zero_ether_addr(mac))
4856 if (!(params->sta_flags_mask & BIT(NL80211_STA_FLAG_AUTHORIZED)))
4859 if (params->sta_flags_set & BIT(NL80211_STA_FLAG_AUTHORIZED))
4860 err = brcmf_fil_cmd_data_set(ifp, BRCMF_C_SET_SCB_AUTHORIZE,
4861 (void *)mac, ETH_ALEN);
4863 err = brcmf_fil_cmd_data_set(ifp, BRCMF_C_SET_SCB_DEAUTHORIZE,
4864 (void *)mac, ETH_ALEN);
4866 brcmf_err("Setting SCB (de-)authorize failed, %d\n", err);
4872 brcmf_cfg80211_mgmt_frame_register(struct wiphy *wiphy,
4873 struct wireless_dev *wdev,
4874 u16 frame_type, bool reg)
4876 struct brcmf_cfg80211_vif *vif;
4879 brcmf_dbg(TRACE, "Enter, frame_type %04x, reg=%d\n", frame_type, reg);
4881 mgmt_type = (frame_type & IEEE80211_FCTL_STYPE) >> 4;
4882 vif = container_of(wdev, struct brcmf_cfg80211_vif, wdev);
4884 vif->mgmt_rx_reg |= BIT(mgmt_type);
4886 vif->mgmt_rx_reg &= ~BIT(mgmt_type);
4891 brcmf_cfg80211_mgmt_tx(struct wiphy *wiphy, struct wireless_dev *wdev,
4892 struct cfg80211_mgmt_tx_params *params, u64 *cookie)
4894 struct brcmf_cfg80211_info *cfg = wiphy_to_cfg(wiphy);
4895 struct ieee80211_channel *chan = params->chan;
4896 const u8 *buf = params->buf;
4897 size_t len = params->len;
4898 const struct ieee80211_mgmt *mgmt;
4899 struct brcmf_cfg80211_vif *vif;
4903 struct brcmf_fil_action_frame_le *action_frame;
4904 struct brcmf_fil_af_params_le *af_params;
4909 brcmf_dbg(TRACE, "Enter\n");
4913 mgmt = (const struct ieee80211_mgmt *)buf;
4915 if (!ieee80211_is_mgmt(mgmt->frame_control)) {
4916 brcmf_err("Driver only allows MGMT packet type\n");
4920 vif = container_of(wdev, struct brcmf_cfg80211_vif, wdev);
4922 if (ieee80211_is_probe_resp(mgmt->frame_control)) {
4923 /* Right now the only reason to get a probe response */
4924 /* is for p2p listen response or for p2p GO from */
4925 /* wpa_supplicant. Unfortunately the probe is send */
4926 /* on primary ndev, while dongle wants it on the p2p */
4927 /* vif. Since this is only reason for a probe */
4928 /* response to be sent, the vif is taken from cfg. */
4929 /* If ever desired to send proberesp for non p2p */
4930 /* response then data should be checked for */
4931 /* "DIRECT-". Note in future supplicant will take */
4932 /* dedicated p2p wdev to do this and then this 'hack'*/
4933 /* is not needed anymore. */
4934 ie_offset = DOT11_MGMT_HDR_LEN +
4935 DOT11_BCN_PRB_FIXED_LEN;
4936 ie_len = len - ie_offset;
4937 if (vif == cfg->p2p.bss_idx[P2PAPI_BSSCFG_PRIMARY].vif)
4938 vif = cfg->p2p.bss_idx[P2PAPI_BSSCFG_DEVICE].vif;
4939 err = brcmf_vif_set_mgmt_ie(vif,
4940 BRCMF_VNDR_IE_PRBRSP_FLAG,
4943 cfg80211_mgmt_tx_status(wdev, *cookie, buf, len, true,
4945 } else if (ieee80211_is_action(mgmt->frame_control)) {
4946 if (len > BRCMF_FIL_ACTION_FRAME_SIZE + DOT11_MGMT_HDR_LEN) {
4947 brcmf_err("invalid action frame length\n");
4951 af_params = kzalloc(sizeof(*af_params), GFP_KERNEL);
4952 if (af_params == NULL) {
4953 brcmf_err("unable to allocate frame\n");
4957 action_frame = &af_params->action_frame;
4958 /* Add the packet Id */
4959 action_frame->packet_id = cpu_to_le32(*cookie);
4961 memcpy(&action_frame->da[0], &mgmt->da[0], ETH_ALEN);
4962 memcpy(&af_params->bssid[0], &mgmt->bssid[0], ETH_ALEN);
4963 /* Add the length exepted for 802.11 header */
4964 action_frame->len = cpu_to_le16(len - DOT11_MGMT_HDR_LEN);
4965 /* Add the channel. Use the one specified as parameter if any or
4966 * the current one (got from the firmware) otherwise
4969 freq = chan->center_freq;
4971 brcmf_fil_cmd_int_get(vif->ifp, BRCMF_C_GET_CHANNEL,
4973 chan_nr = ieee80211_frequency_to_channel(freq);
4974 af_params->channel = cpu_to_le32(chan_nr);
4976 memcpy(action_frame->data, &buf[DOT11_MGMT_HDR_LEN],
4977 le16_to_cpu(action_frame->len));
4979 brcmf_dbg(TRACE, "Action frame, cookie=%lld, len=%d, freq=%d\n",
4980 *cookie, le16_to_cpu(action_frame->len), freq);
4982 ack = brcmf_p2p_send_action_frame(cfg, cfg_to_ndev(cfg),
4985 cfg80211_mgmt_tx_status(wdev, *cookie, buf, len, ack,
4989 brcmf_dbg(TRACE, "Unhandled, fc=%04x!!\n", mgmt->frame_control);
4990 brcmf_dbg_hex_dump(true, buf, len, "payload, len=%zu\n", len);
4999 brcmf_cfg80211_cancel_remain_on_channel(struct wiphy *wiphy,
5000 struct wireless_dev *wdev,
5003 struct brcmf_cfg80211_info *cfg = wiphy_to_cfg(wiphy);
5004 struct brcmf_cfg80211_vif *vif;
5007 brcmf_dbg(TRACE, "Enter p2p listen cancel\n");
5009 vif = cfg->p2p.bss_idx[P2PAPI_BSSCFG_DEVICE].vif;
5011 brcmf_err("No p2p device available for probe response\n");
5015 brcmf_p2p_cancel_remain_on_channel(vif->ifp);
5020 static int brcmf_cfg80211_get_channel(struct wiphy *wiphy,
5021 struct wireless_dev *wdev,
5022 struct cfg80211_chan_def *chandef)
5024 struct brcmf_cfg80211_info *cfg = wiphy_to_cfg(wiphy);
5025 struct net_device *ndev = wdev->netdev;
5026 struct brcmf_if *ifp;
5027 struct brcmu_chan ch;
5028 enum nl80211_band band = 0;
5029 enum nl80211_chan_width width = 0;
5035 ifp = netdev_priv(ndev);
5037 err = brcmf_fil_iovar_int_get(ifp, "chanspec", &chanspec);
5039 brcmf_err("chanspec failed (%d)\n", err);
5043 ch.chspec = chanspec;
5044 cfg->d11inf.decchspec(&ch);
5047 case BRCMU_CHAN_BAND_2G:
5048 band = NL80211_BAND_2GHZ;
5050 case BRCMU_CHAN_BAND_5G:
5051 band = NL80211_BAND_5GHZ;
5056 case BRCMU_CHAN_BW_80:
5057 width = NL80211_CHAN_WIDTH_80;
5059 case BRCMU_CHAN_BW_40:
5060 width = NL80211_CHAN_WIDTH_40;
5062 case BRCMU_CHAN_BW_20:
5063 width = NL80211_CHAN_WIDTH_20;
5065 case BRCMU_CHAN_BW_80P80:
5066 width = NL80211_CHAN_WIDTH_80P80;
5068 case BRCMU_CHAN_BW_160:
5069 width = NL80211_CHAN_WIDTH_160;
5073 freq = ieee80211_channel_to_frequency(ch.control_ch_num, band);
5074 chandef->chan = ieee80211_get_channel(wiphy, freq);
5075 chandef->width = width;
5076 chandef->center_freq1 = ieee80211_channel_to_frequency(ch.chnum, band);
5077 chandef->center_freq2 = 0;
5082 static int brcmf_cfg80211_crit_proto_start(struct wiphy *wiphy,
5083 struct wireless_dev *wdev,
5084 enum nl80211_crit_proto_id proto,
5087 struct brcmf_cfg80211_info *cfg = wiphy_to_cfg(wiphy);
5088 struct brcmf_cfg80211_vif *vif;
5090 vif = container_of(wdev, struct brcmf_cfg80211_vif, wdev);
5092 /* only DHCP support for now */
5093 if (proto != NL80211_CRIT_PROTO_DHCP)
5096 /* suppress and abort scanning */
5097 set_bit(BRCMF_SCAN_STATUS_SUPPRESS, &cfg->scan_status);
5098 brcmf_abort_scanning(cfg);
5100 return brcmf_btcoex_set_mode(vif, BRCMF_BTCOEX_DISABLED, duration);
5103 static void brcmf_cfg80211_crit_proto_stop(struct wiphy *wiphy,
5104 struct wireless_dev *wdev)
5106 struct brcmf_cfg80211_info *cfg = wiphy_to_cfg(wiphy);
5107 struct brcmf_cfg80211_vif *vif;
5109 vif = container_of(wdev, struct brcmf_cfg80211_vif, wdev);
5111 brcmf_btcoex_set_mode(vif, BRCMF_BTCOEX_ENABLED, 0);
5112 clear_bit(BRCMF_SCAN_STATUS_SUPPRESS, &cfg->scan_status);
5116 brcmf_notify_tdls_peer_event(struct brcmf_if *ifp,
5117 const struct brcmf_event_msg *e, void *data)
5119 switch (e->reason) {
5120 case BRCMF_E_REASON_TDLS_PEER_DISCOVERED:
5121 brcmf_dbg(TRACE, "TDLS Peer Discovered\n");
5123 case BRCMF_E_REASON_TDLS_PEER_CONNECTED:
5124 brcmf_dbg(TRACE, "TDLS Peer Connected\n");
5125 brcmf_proto_add_tdls_peer(ifp->drvr, ifp->ifidx, (u8 *)e->addr);
5127 case BRCMF_E_REASON_TDLS_PEER_DISCONNECTED:
5128 brcmf_dbg(TRACE, "TDLS Peer Disconnected\n");
5129 brcmf_proto_delete_peer(ifp->drvr, ifp->ifidx, (u8 *)e->addr);
5136 static int brcmf_convert_nl80211_tdls_oper(enum nl80211_tdls_operation oper)
5141 case NL80211_TDLS_DISCOVERY_REQ:
5142 ret = BRCMF_TDLS_MANUAL_EP_DISCOVERY;
5144 case NL80211_TDLS_SETUP:
5145 ret = BRCMF_TDLS_MANUAL_EP_CREATE;
5147 case NL80211_TDLS_TEARDOWN:
5148 ret = BRCMF_TDLS_MANUAL_EP_DELETE;
5151 brcmf_err("unsupported operation: %d\n", oper);
5157 static int brcmf_cfg80211_tdls_oper(struct wiphy *wiphy,
5158 struct net_device *ndev, const u8 *peer,
5159 enum nl80211_tdls_operation oper)
5161 struct brcmf_if *ifp;
5162 struct brcmf_tdls_iovar_le info;
5165 ret = brcmf_convert_nl80211_tdls_oper(oper);
5169 ifp = netdev_priv(ndev);
5170 memset(&info, 0, sizeof(info));
5171 info.mode = (u8)ret;
5173 memcpy(info.ea, peer, ETH_ALEN);
5175 ret = brcmf_fil_iovar_data_set(ifp, "tdls_endpoint",
5176 &info, sizeof(info));
5178 brcmf_err("tdls_endpoint iovar failed: ret=%d\n", ret);
5184 brcmf_cfg80211_update_conn_params(struct wiphy *wiphy,
5185 struct net_device *ndev,
5186 struct cfg80211_connect_params *sme,
5189 struct brcmf_if *ifp;
5192 if (!(changed & UPDATE_ASSOC_IES))
5195 ifp = netdev_priv(ndev);
5196 err = brcmf_vif_set_mgmt_ie(ifp->vif, BRCMF_VNDR_IE_ASSOCREQ_FLAG,
5197 sme->ie, sme->ie_len);
5199 brcmf_err("Set Assoc REQ IE Failed\n");
5201 brcmf_dbg(TRACE, "Applied Vndr IEs for Assoc request\n");
5208 brcmf_cfg80211_set_rekey_data(struct wiphy *wiphy, struct net_device *ndev,
5209 struct cfg80211_gtk_rekey_data *gtk)
5211 struct brcmf_if *ifp = netdev_priv(ndev);
5212 struct brcmf_gtk_keyinfo_le gtk_le;
5215 brcmf_dbg(TRACE, "Enter, bssidx=%d\n", ifp->bsscfgidx);
5217 memcpy(gtk_le.kck, gtk->kck, sizeof(gtk_le.kck));
5218 memcpy(gtk_le.kek, gtk->kek, sizeof(gtk_le.kek));
5219 memcpy(gtk_le.replay_counter, gtk->replay_ctr,
5220 sizeof(gtk_le.replay_counter));
5222 ret = brcmf_fil_iovar_data_set(ifp, "gtk_key_info", >k_le,
5225 brcmf_err("gtk_key_info iovar failed: ret=%d\n", ret);
5231 static int brcmf_cfg80211_set_pmk(struct wiphy *wiphy, struct net_device *dev,
5232 const struct cfg80211_pmk_conf *conf)
5234 struct brcmf_if *ifp;
5236 brcmf_dbg(TRACE, "enter\n");
5238 /* expect using firmware supplicant for 1X */
5239 ifp = netdev_priv(dev);
5240 if (WARN_ON(ifp->vif->profile.use_fwsup != BRCMF_PROFILE_FWSUP_1X))
5243 return brcmf_set_pmk(ifp, conf->pmk, conf->pmk_len);
5246 static int brcmf_cfg80211_del_pmk(struct wiphy *wiphy, struct net_device *dev,
5249 struct brcmf_if *ifp;
5251 brcmf_dbg(TRACE, "enter\n");
5252 ifp = netdev_priv(dev);
5253 if (WARN_ON(ifp->vif->profile.use_fwsup != BRCMF_PROFILE_FWSUP_1X))
5256 return brcmf_set_pmk(ifp, NULL, 0);
5259 static struct cfg80211_ops brcmf_cfg80211_ops = {
5260 .add_virtual_intf = brcmf_cfg80211_add_iface,
5261 .del_virtual_intf = brcmf_cfg80211_del_iface,
5262 .change_virtual_intf = brcmf_cfg80211_change_iface,
5263 .scan = brcmf_cfg80211_scan,
5264 .set_wiphy_params = brcmf_cfg80211_set_wiphy_params,
5265 .join_ibss = brcmf_cfg80211_join_ibss,
5266 .leave_ibss = brcmf_cfg80211_leave_ibss,
5267 .get_station = brcmf_cfg80211_get_station,
5268 .dump_station = brcmf_cfg80211_dump_station,
5269 .set_tx_power = brcmf_cfg80211_set_tx_power,
5270 .get_tx_power = brcmf_cfg80211_get_tx_power,
5271 .add_key = brcmf_cfg80211_add_key,
5272 .del_key = brcmf_cfg80211_del_key,
5273 .get_key = brcmf_cfg80211_get_key,
5274 .set_default_key = brcmf_cfg80211_config_default_key,
5275 .set_default_mgmt_key = brcmf_cfg80211_config_default_mgmt_key,
5276 .set_power_mgmt = brcmf_cfg80211_set_power_mgmt,
5277 .connect = brcmf_cfg80211_connect,
5278 .disconnect = brcmf_cfg80211_disconnect,
5279 .suspend = brcmf_cfg80211_suspend,
5280 .resume = brcmf_cfg80211_resume,
5281 .set_pmksa = brcmf_cfg80211_set_pmksa,
5282 .del_pmksa = brcmf_cfg80211_del_pmksa,
5283 .flush_pmksa = brcmf_cfg80211_flush_pmksa,
5284 .start_ap = brcmf_cfg80211_start_ap,
5285 .stop_ap = brcmf_cfg80211_stop_ap,
5286 .change_beacon = brcmf_cfg80211_change_beacon,
5287 .del_station = brcmf_cfg80211_del_station,
5288 .change_station = brcmf_cfg80211_change_station,
5289 .sched_scan_start = brcmf_cfg80211_sched_scan_start,
5290 .sched_scan_stop = brcmf_cfg80211_sched_scan_stop,
5291 .mgmt_frame_register = brcmf_cfg80211_mgmt_frame_register,
5292 .mgmt_tx = brcmf_cfg80211_mgmt_tx,
5293 .remain_on_channel = brcmf_p2p_remain_on_channel,
5294 .cancel_remain_on_channel = brcmf_cfg80211_cancel_remain_on_channel,
5295 .get_channel = brcmf_cfg80211_get_channel,
5296 .start_p2p_device = brcmf_p2p_start_device,
5297 .stop_p2p_device = brcmf_p2p_stop_device,
5298 .crit_proto_start = brcmf_cfg80211_crit_proto_start,
5299 .crit_proto_stop = brcmf_cfg80211_crit_proto_stop,
5300 .tdls_oper = brcmf_cfg80211_tdls_oper,
5301 .update_connect_params = brcmf_cfg80211_update_conn_params,
5302 .set_pmk = brcmf_cfg80211_set_pmk,
5303 .del_pmk = brcmf_cfg80211_del_pmk,
5306 struct brcmf_cfg80211_vif *brcmf_alloc_vif(struct brcmf_cfg80211_info *cfg,
5307 enum nl80211_iftype type)
5309 struct brcmf_cfg80211_vif *vif_walk;
5310 struct brcmf_cfg80211_vif *vif;
5313 brcmf_dbg(TRACE, "allocating virtual interface (size=%zu)\n",
5315 vif = kzalloc(sizeof(*vif), GFP_KERNEL);
5317 return ERR_PTR(-ENOMEM);
5319 vif->wdev.wiphy = cfg->wiphy;
5320 vif->wdev.iftype = type;
5322 brcmf_init_prof(&vif->profile);
5324 if (type == NL80211_IFTYPE_AP) {
5326 list_for_each_entry(vif_walk, &cfg->vif_list, list) {
5327 if (vif_walk->wdev.iftype == NL80211_IFTYPE_AP) {
5335 list_add_tail(&vif->list, &cfg->vif_list);
5339 void brcmf_free_vif(struct brcmf_cfg80211_vif *vif)
5341 list_del(&vif->list);
5345 void brcmf_cfg80211_free_netdev(struct net_device *ndev)
5347 struct brcmf_cfg80211_vif *vif;
5348 struct brcmf_if *ifp;
5350 ifp = netdev_priv(ndev);
5354 brcmf_free_vif(vif);
5357 static bool brcmf_is_linkup(struct brcmf_cfg80211_vif *vif,
5358 const struct brcmf_event_msg *e)
5360 u32 event = e->event_code;
5361 u32 status = e->status;
5363 if (vif->profile.use_fwsup == BRCMF_PROFILE_FWSUP_PSK &&
5364 event == BRCMF_E_PSK_SUP &&
5365 status == BRCMF_E_STATUS_FWSUP_COMPLETED)
5366 set_bit(BRCMF_VIF_STATUS_EAP_SUCCESS, &vif->sme_state);
5367 if (event == BRCMF_E_SET_SSID && status == BRCMF_E_STATUS_SUCCESS) {
5368 brcmf_dbg(CONN, "Processing set ssid\n");
5369 memcpy(vif->profile.bssid, e->addr, ETH_ALEN);
5370 if (vif->profile.use_fwsup != BRCMF_PROFILE_FWSUP_PSK)
5373 set_bit(BRCMF_VIF_STATUS_ASSOC_SUCCESS, &vif->sme_state);
5376 if (test_bit(BRCMF_VIF_STATUS_EAP_SUCCESS, &vif->sme_state) &&
5377 test_bit(BRCMF_VIF_STATUS_ASSOC_SUCCESS, &vif->sme_state)) {
5378 clear_bit(BRCMF_VIF_STATUS_EAP_SUCCESS, &vif->sme_state);
5379 clear_bit(BRCMF_VIF_STATUS_ASSOC_SUCCESS, &vif->sme_state);
5385 static bool brcmf_is_linkdown(struct brcmf_cfg80211_vif *vif,
5386 const struct brcmf_event_msg *e)
5388 u32 event = e->event_code;
5389 u16 flags = e->flags;
5391 if ((event == BRCMF_E_DEAUTH) || (event == BRCMF_E_DEAUTH_IND) ||
5392 (event == BRCMF_E_DISASSOC_IND) ||
5393 ((event == BRCMF_E_LINK) && (!(flags & BRCMF_EVENT_MSG_LINK)))) {
5394 brcmf_dbg(CONN, "Processing link down\n");
5395 clear_bit(BRCMF_VIF_STATUS_EAP_SUCCESS, &vif->sme_state);
5396 clear_bit(BRCMF_VIF_STATUS_ASSOC_SUCCESS, &vif->sme_state);
5402 static bool brcmf_is_nonetwork(struct brcmf_cfg80211_info *cfg,
5403 const struct brcmf_event_msg *e)
5405 u32 event = e->event_code;
5406 u32 status = e->status;
5408 if (event == BRCMF_E_LINK && status == BRCMF_E_STATUS_NO_NETWORKS) {
5409 brcmf_dbg(CONN, "Processing Link %s & no network found\n",
5410 e->flags & BRCMF_EVENT_MSG_LINK ? "up" : "down");
5414 if (event == BRCMF_E_SET_SSID && status != BRCMF_E_STATUS_SUCCESS) {
5415 brcmf_dbg(CONN, "Processing connecting & no network found\n");
5419 if (event == BRCMF_E_PSK_SUP &&
5420 status != BRCMF_E_STATUS_FWSUP_COMPLETED) {
5421 brcmf_dbg(CONN, "Processing failed supplicant state: %u\n",
5429 static void brcmf_clear_assoc_ies(struct brcmf_cfg80211_info *cfg)
5431 struct brcmf_cfg80211_connect_info *conn_info = cfg_to_conn(cfg);
5433 kfree(conn_info->req_ie);
5434 conn_info->req_ie = NULL;
5435 conn_info->req_ie_len = 0;
5436 kfree(conn_info->resp_ie);
5437 conn_info->resp_ie = NULL;
5438 conn_info->resp_ie_len = 0;
5441 static s32 brcmf_get_assoc_ies(struct brcmf_cfg80211_info *cfg,
5442 struct brcmf_if *ifp)
5444 struct brcmf_cfg80211_assoc_ielen_le *assoc_info;
5445 struct brcmf_cfg80211_connect_info *conn_info = cfg_to_conn(cfg);
5450 brcmf_clear_assoc_ies(cfg);
5452 err = brcmf_fil_iovar_data_get(ifp, "assoc_info",
5453 cfg->extra_buf, WL_ASSOC_INFO_MAX);
5455 brcmf_err("could not get assoc info (%d)\n", err);
5459 (struct brcmf_cfg80211_assoc_ielen_le *)cfg->extra_buf;
5460 req_len = le32_to_cpu(assoc_info->req_len);
5461 resp_len = le32_to_cpu(assoc_info->resp_len);
5462 if (req_len > WL_EXTRA_BUF_MAX || resp_len > WL_EXTRA_BUF_MAX) {
5463 brcmf_err("invalid lengths in assoc info: req %u resp %u\n",
5468 err = brcmf_fil_iovar_data_get(ifp, "assoc_req_ies",
5472 brcmf_err("could not get assoc req (%d)\n", err);
5475 conn_info->req_ie_len = req_len;
5477 kmemdup(cfg->extra_buf, conn_info->req_ie_len,
5479 if (!conn_info->req_ie)
5480 conn_info->req_ie_len = 0;
5482 conn_info->req_ie_len = 0;
5483 conn_info->req_ie = NULL;
5486 err = brcmf_fil_iovar_data_get(ifp, "assoc_resp_ies",
5490 brcmf_err("could not get assoc resp (%d)\n", err);
5493 conn_info->resp_ie_len = resp_len;
5494 conn_info->resp_ie =
5495 kmemdup(cfg->extra_buf, conn_info->resp_ie_len,
5497 if (!conn_info->resp_ie)
5498 conn_info->resp_ie_len = 0;
5500 conn_info->resp_ie_len = 0;
5501 conn_info->resp_ie = NULL;
5503 brcmf_dbg(CONN, "req len (%d) resp len (%d)\n",
5504 conn_info->req_ie_len, conn_info->resp_ie_len);
5510 brcmf_bss_roaming_done(struct brcmf_cfg80211_info *cfg,
5511 struct net_device *ndev,
5512 const struct brcmf_event_msg *e)
5514 struct brcmf_if *ifp = netdev_priv(ndev);
5515 struct brcmf_cfg80211_profile *profile = &ifp->vif->profile;
5516 struct brcmf_cfg80211_connect_info *conn_info = cfg_to_conn(cfg);
5517 struct wiphy *wiphy = cfg_to_wiphy(cfg);
5518 struct ieee80211_channel *notify_channel = NULL;
5519 struct ieee80211_supported_band *band;
5520 struct brcmf_bss_info_le *bi;
5521 struct brcmu_chan ch;
5522 struct cfg80211_roam_info roam_info = {};
5527 brcmf_dbg(TRACE, "Enter\n");
5529 brcmf_get_assoc_ies(cfg, ifp);
5530 memcpy(profile->bssid, e->addr, ETH_ALEN);
5531 brcmf_update_bss_info(cfg, ifp);
5533 buf = kzalloc(WL_BSS_INFO_MAX, GFP_KERNEL);
5539 /* data sent to dongle has to be little endian */
5540 *(__le32 *)buf = cpu_to_le32(WL_BSS_INFO_MAX);
5541 err = brcmf_fil_cmd_data_get(ifp, BRCMF_C_GET_BSS_INFO,
5542 buf, WL_BSS_INFO_MAX);
5547 bi = (struct brcmf_bss_info_le *)(buf + 4);
5548 ch.chspec = le16_to_cpu(bi->chanspec);
5549 cfg->d11inf.decchspec(&ch);
5551 if (ch.band == BRCMU_CHAN_BAND_2G)
5552 band = wiphy->bands[NL80211_BAND_2GHZ];
5554 band = wiphy->bands[NL80211_BAND_5GHZ];
5556 freq = ieee80211_channel_to_frequency(ch.control_ch_num, band->band);
5557 notify_channel = ieee80211_get_channel(wiphy, freq);
5562 roam_info.channel = notify_channel;
5563 roam_info.bssid = profile->bssid;
5564 roam_info.req_ie = conn_info->req_ie;
5565 roam_info.req_ie_len = conn_info->req_ie_len;
5566 roam_info.resp_ie = conn_info->resp_ie;
5567 roam_info.resp_ie_len = conn_info->resp_ie_len;
5569 cfg80211_roamed(ndev, &roam_info, GFP_KERNEL);
5570 brcmf_dbg(CONN, "Report roaming result\n");
5572 set_bit(BRCMF_VIF_STATUS_CONNECTED, &ifp->vif->sme_state);
5573 brcmf_dbg(TRACE, "Exit\n");
5578 brcmf_bss_connect_done(struct brcmf_cfg80211_info *cfg,
5579 struct net_device *ndev, const struct brcmf_event_msg *e,
5582 struct brcmf_if *ifp = netdev_priv(ndev);
5583 struct brcmf_cfg80211_profile *profile = &ifp->vif->profile;
5584 struct brcmf_cfg80211_connect_info *conn_info = cfg_to_conn(cfg);
5585 struct cfg80211_connect_resp_params conn_params;
5587 brcmf_dbg(TRACE, "Enter\n");
5589 if (test_and_clear_bit(BRCMF_VIF_STATUS_CONNECTING,
5590 &ifp->vif->sme_state)) {
5591 memset(&conn_params, 0, sizeof(conn_params));
5593 brcmf_get_assoc_ies(cfg, ifp);
5594 brcmf_update_bss_info(cfg, ifp);
5595 set_bit(BRCMF_VIF_STATUS_CONNECTED,
5596 &ifp->vif->sme_state);
5597 conn_params.status = WLAN_STATUS_SUCCESS;
5599 conn_params.status = WLAN_STATUS_AUTH_TIMEOUT;
5601 conn_params.bssid = profile->bssid;
5602 conn_params.req_ie = conn_info->req_ie;
5603 conn_params.req_ie_len = conn_info->req_ie_len;
5604 conn_params.resp_ie = conn_info->resp_ie;
5605 conn_params.resp_ie_len = conn_info->resp_ie_len;
5606 cfg80211_connect_done(ndev, &conn_params, GFP_KERNEL);
5607 brcmf_dbg(CONN, "Report connect result - connection %s\n",
5608 completed ? "succeeded" : "failed");
5610 brcmf_dbg(TRACE, "Exit\n");
5615 brcmf_notify_connect_status_ap(struct brcmf_cfg80211_info *cfg,
5616 struct net_device *ndev,
5617 const struct brcmf_event_msg *e, void *data)
5619 static int generation;
5620 u32 event = e->event_code;
5621 u32 reason = e->reason;
5622 struct station_info sinfo;
5624 brcmf_dbg(CONN, "event %s (%u), reason %d\n",
5625 brcmf_fweh_event_name(event), event, reason);
5626 if (event == BRCMF_E_LINK && reason == BRCMF_E_REASON_LINK_BSSCFG_DIS &&
5627 ndev != cfg_to_ndev(cfg)) {
5628 brcmf_dbg(CONN, "AP mode link down\n");
5629 complete(&cfg->vif_disabled);
5633 if (((event == BRCMF_E_ASSOC_IND) || (event == BRCMF_E_REASSOC_IND)) &&
5634 (reason == BRCMF_E_STATUS_SUCCESS)) {
5635 memset(&sinfo, 0, sizeof(sinfo));
5637 brcmf_err("No IEs present in ASSOC/REASSOC_IND");
5640 sinfo.assoc_req_ies = data;
5641 sinfo.assoc_req_ies_len = e->datalen;
5643 sinfo.generation = generation;
5644 cfg80211_new_sta(ndev, e->addr, &sinfo, GFP_KERNEL);
5645 } else if ((event == BRCMF_E_DISASSOC_IND) ||
5646 (event == BRCMF_E_DEAUTH_IND) ||
5647 (event == BRCMF_E_DEAUTH)) {
5648 cfg80211_del_sta(ndev, e->addr, GFP_KERNEL);
5654 brcmf_notify_connect_status(struct brcmf_if *ifp,
5655 const struct brcmf_event_msg *e, void *data)
5657 struct brcmf_cfg80211_info *cfg = ifp->drvr->config;
5658 struct net_device *ndev = ifp->ndev;
5659 struct brcmf_cfg80211_profile *profile = &ifp->vif->profile;
5660 struct ieee80211_channel *chan;
5663 if ((e->event_code == BRCMF_E_DEAUTH) ||
5664 (e->event_code == BRCMF_E_DEAUTH_IND) ||
5665 (e->event_code == BRCMF_E_DISASSOC_IND) ||
5666 ((e->event_code == BRCMF_E_LINK) && (!e->flags))) {
5667 brcmf_proto_delete_peer(ifp->drvr, ifp->ifidx, (u8 *)e->addr);
5670 if (brcmf_is_apmode(ifp->vif)) {
5671 err = brcmf_notify_connect_status_ap(cfg, ndev, e, data);
5672 } else if (brcmf_is_linkup(ifp->vif, e)) {
5673 brcmf_dbg(CONN, "Linkup\n");
5674 if (brcmf_is_ibssmode(ifp->vif)) {
5675 brcmf_inform_ibss(cfg, ndev, e->addr);
5676 chan = ieee80211_get_channel(cfg->wiphy, cfg->channel);
5677 memcpy(profile->bssid, e->addr, ETH_ALEN);
5678 cfg80211_ibss_joined(ndev, e->addr, chan, GFP_KERNEL);
5679 clear_bit(BRCMF_VIF_STATUS_CONNECTING,
5680 &ifp->vif->sme_state);
5681 set_bit(BRCMF_VIF_STATUS_CONNECTED,
5682 &ifp->vif->sme_state);
5684 brcmf_bss_connect_done(cfg, ndev, e, true);
5685 brcmf_net_setcarrier(ifp, true);
5686 } else if (brcmf_is_linkdown(ifp->vif, e)) {
5687 brcmf_dbg(CONN, "Linkdown\n");
5688 if (!brcmf_is_ibssmode(ifp->vif)) {
5689 brcmf_bss_connect_done(cfg, ndev, e, false);
5690 brcmf_link_down(ifp->vif,
5691 brcmf_map_fw_linkdown_reason(e));
5692 brcmf_init_prof(ndev_to_prof(ndev));
5693 if (ndev != cfg_to_ndev(cfg))
5694 complete(&cfg->vif_disabled);
5695 brcmf_net_setcarrier(ifp, false);
5697 } else if (brcmf_is_nonetwork(cfg, e)) {
5698 if (brcmf_is_ibssmode(ifp->vif))
5699 clear_bit(BRCMF_VIF_STATUS_CONNECTING,
5700 &ifp->vif->sme_state);
5702 brcmf_bss_connect_done(cfg, ndev, e, false);
5709 brcmf_notify_roaming_status(struct brcmf_if *ifp,
5710 const struct brcmf_event_msg *e, void *data)
5712 struct brcmf_cfg80211_info *cfg = ifp->drvr->config;
5713 u32 event = e->event_code;
5714 u32 status = e->status;
5716 if (event == BRCMF_E_ROAM && status == BRCMF_E_STATUS_SUCCESS) {
5717 if (test_bit(BRCMF_VIF_STATUS_CONNECTED,
5718 &ifp->vif->sme_state)) {
5719 brcmf_bss_roaming_done(cfg, ifp->ndev, e);
5721 brcmf_bss_connect_done(cfg, ifp->ndev, e, true);
5722 brcmf_net_setcarrier(ifp, true);
5730 brcmf_notify_mic_status(struct brcmf_if *ifp,
5731 const struct brcmf_event_msg *e, void *data)
5733 u16 flags = e->flags;
5734 enum nl80211_key_type key_type;
5736 if (flags & BRCMF_EVENT_MSG_GROUP)
5737 key_type = NL80211_KEYTYPE_GROUP;
5739 key_type = NL80211_KEYTYPE_PAIRWISE;
5741 cfg80211_michael_mic_failure(ifp->ndev, (u8 *)&e->addr, key_type, -1,
5747 static s32 brcmf_notify_vif_event(struct brcmf_if *ifp,
5748 const struct brcmf_event_msg *e, void *data)
5750 struct brcmf_cfg80211_info *cfg = ifp->drvr->config;
5751 struct brcmf_if_event *ifevent = (struct brcmf_if_event *)data;
5752 struct brcmf_cfg80211_vif_event *event = &cfg->vif_event;
5753 struct brcmf_cfg80211_vif *vif;
5755 brcmf_dbg(TRACE, "Enter: action %u flags %u ifidx %u bsscfgidx %u\n",
5756 ifevent->action, ifevent->flags, ifevent->ifidx,
5757 ifevent->bsscfgidx);
5759 spin_lock(&event->vif_event_lock);
5760 event->action = ifevent->action;
5763 switch (ifevent->action) {
5764 case BRCMF_E_IF_ADD:
5765 /* waiting process may have timed out */
5766 if (!cfg->vif_event.vif) {
5767 spin_unlock(&event->vif_event_lock);
5774 vif->wdev.netdev = ifp->ndev;
5775 ifp->ndev->ieee80211_ptr = &vif->wdev;
5776 SET_NETDEV_DEV(ifp->ndev, wiphy_dev(cfg->wiphy));
5778 spin_unlock(&event->vif_event_lock);
5779 wake_up(&event->vif_wq);
5782 case BRCMF_E_IF_DEL:
5783 spin_unlock(&event->vif_event_lock);
5784 /* event may not be upon user request */
5785 if (brcmf_cfg80211_vif_event_armed(cfg))
5786 wake_up(&event->vif_wq);
5789 case BRCMF_E_IF_CHANGE:
5790 spin_unlock(&event->vif_event_lock);
5791 wake_up(&event->vif_wq);
5795 spin_unlock(&event->vif_event_lock);
5801 static void brcmf_init_conf(struct brcmf_cfg80211_conf *conf)
5803 conf->frag_threshold = (u32)-1;
5804 conf->rts_threshold = (u32)-1;
5805 conf->retry_short = (u32)-1;
5806 conf->retry_long = (u32)-1;
5809 static void brcmf_register_event_handlers(struct brcmf_cfg80211_info *cfg)
5811 brcmf_fweh_register(cfg->pub, BRCMF_E_LINK,
5812 brcmf_notify_connect_status);
5813 brcmf_fweh_register(cfg->pub, BRCMF_E_DEAUTH_IND,
5814 brcmf_notify_connect_status);
5815 brcmf_fweh_register(cfg->pub, BRCMF_E_DEAUTH,
5816 brcmf_notify_connect_status);
5817 brcmf_fweh_register(cfg->pub, BRCMF_E_DISASSOC_IND,
5818 brcmf_notify_connect_status);
5819 brcmf_fweh_register(cfg->pub, BRCMF_E_ASSOC_IND,
5820 brcmf_notify_connect_status);
5821 brcmf_fweh_register(cfg->pub, BRCMF_E_REASSOC_IND,
5822 brcmf_notify_connect_status);
5823 brcmf_fweh_register(cfg->pub, BRCMF_E_ROAM,
5824 brcmf_notify_roaming_status);
5825 brcmf_fweh_register(cfg->pub, BRCMF_E_MIC_ERROR,
5826 brcmf_notify_mic_status);
5827 brcmf_fweh_register(cfg->pub, BRCMF_E_SET_SSID,
5828 brcmf_notify_connect_status);
5829 brcmf_fweh_register(cfg->pub, BRCMF_E_PFN_NET_FOUND,
5830 brcmf_notify_sched_scan_results);
5831 brcmf_fweh_register(cfg->pub, BRCMF_E_IF,
5832 brcmf_notify_vif_event);
5833 brcmf_fweh_register(cfg->pub, BRCMF_E_P2P_PROBEREQ_MSG,
5834 brcmf_p2p_notify_rx_mgmt_p2p_probereq);
5835 brcmf_fweh_register(cfg->pub, BRCMF_E_P2P_DISC_LISTEN_COMPLETE,
5836 brcmf_p2p_notify_listen_complete);
5837 brcmf_fweh_register(cfg->pub, BRCMF_E_ACTION_FRAME_RX,
5838 brcmf_p2p_notify_action_frame_rx);
5839 brcmf_fweh_register(cfg->pub, BRCMF_E_ACTION_FRAME_COMPLETE,
5840 brcmf_p2p_notify_action_tx_complete);
5841 brcmf_fweh_register(cfg->pub, BRCMF_E_ACTION_FRAME_OFF_CHAN_COMPLETE,
5842 brcmf_p2p_notify_action_tx_complete);
5843 brcmf_fweh_register(cfg->pub, BRCMF_E_PSK_SUP,
5844 brcmf_notify_connect_status);
5847 static void brcmf_deinit_priv_mem(struct brcmf_cfg80211_info *cfg)
5851 kfree(cfg->extra_buf);
5852 cfg->extra_buf = NULL;
5853 kfree(cfg->wowl.nd);
5854 cfg->wowl.nd = NULL;
5855 kfree(cfg->wowl.nd_info);
5856 cfg->wowl.nd_info = NULL;
5857 kfree(cfg->escan_info.escan_buf);
5858 cfg->escan_info.escan_buf = NULL;
5861 static s32 brcmf_init_priv_mem(struct brcmf_cfg80211_info *cfg)
5863 cfg->conf = kzalloc(sizeof(*cfg->conf), GFP_KERNEL);
5865 goto init_priv_mem_out;
5866 cfg->extra_buf = kzalloc(WL_EXTRA_BUF_MAX, GFP_KERNEL);
5867 if (!cfg->extra_buf)
5868 goto init_priv_mem_out;
5869 cfg->wowl.nd = kzalloc(sizeof(*cfg->wowl.nd) + sizeof(u32), GFP_KERNEL);
5871 goto init_priv_mem_out;
5872 cfg->wowl.nd_info = kzalloc(sizeof(*cfg->wowl.nd_info) +
5873 sizeof(struct cfg80211_wowlan_nd_match *),
5875 if (!cfg->wowl.nd_info)
5876 goto init_priv_mem_out;
5877 cfg->escan_info.escan_buf = kzalloc(BRCMF_ESCAN_BUF_SIZE, GFP_KERNEL);
5878 if (!cfg->escan_info.escan_buf)
5879 goto init_priv_mem_out;
5884 brcmf_deinit_priv_mem(cfg);
5889 static s32 wl_init_priv(struct brcmf_cfg80211_info *cfg)
5893 cfg->scan_request = NULL;
5894 cfg->pwr_save = true;
5895 cfg->active_scan = true; /* we do active scan per default */
5896 cfg->dongle_up = false; /* dongle is not up yet */
5897 err = brcmf_init_priv_mem(cfg);
5900 brcmf_register_event_handlers(cfg);
5901 mutex_init(&cfg->usr_sync);
5902 brcmf_init_escan(cfg);
5903 brcmf_init_conf(cfg->conf);
5904 init_completion(&cfg->vif_disabled);
5908 static void wl_deinit_priv(struct brcmf_cfg80211_info *cfg)
5910 cfg->dongle_up = false; /* dongle down */
5911 brcmf_abort_scanning(cfg);
5912 brcmf_deinit_priv_mem(cfg);
5915 static void init_vif_event(struct brcmf_cfg80211_vif_event *event)
5917 init_waitqueue_head(&event->vif_wq);
5918 spin_lock_init(&event->vif_event_lock);
5921 static s32 brcmf_dongle_roam(struct brcmf_if *ifp)
5925 __le32 roamtrigger[2];
5926 __le32 roam_delta[2];
5928 /* Configure beacon timeout value based upon roaming setting */
5929 if (ifp->drvr->settings->roamoff)
5930 bcn_timeout = BRCMF_DEFAULT_BCN_TIMEOUT_ROAM_OFF;
5932 bcn_timeout = BRCMF_DEFAULT_BCN_TIMEOUT_ROAM_ON;
5933 err = brcmf_fil_iovar_int_set(ifp, "bcn_timeout", bcn_timeout);
5935 brcmf_err("bcn_timeout error (%d)\n", err);
5936 goto roam_setup_done;
5939 /* Enable/Disable built-in roaming to allow supplicant to take care of
5942 brcmf_dbg(INFO, "Internal Roaming = %s\n",
5943 ifp->drvr->settings->roamoff ? "Off" : "On");
5944 err = brcmf_fil_iovar_int_set(ifp, "roam_off",
5945 ifp->drvr->settings->roamoff);
5947 brcmf_err("roam_off error (%d)\n", err);
5948 goto roam_setup_done;
5951 roamtrigger[0] = cpu_to_le32(WL_ROAM_TRIGGER_LEVEL);
5952 roamtrigger[1] = cpu_to_le32(BRCM_BAND_ALL);
5953 err = brcmf_fil_cmd_data_set(ifp, BRCMF_C_SET_ROAM_TRIGGER,
5954 (void *)roamtrigger, sizeof(roamtrigger));
5956 brcmf_err("WLC_SET_ROAM_TRIGGER error (%d)\n", err);
5957 goto roam_setup_done;
5960 roam_delta[0] = cpu_to_le32(WL_ROAM_DELTA);
5961 roam_delta[1] = cpu_to_le32(BRCM_BAND_ALL);
5962 err = brcmf_fil_cmd_data_set(ifp, BRCMF_C_SET_ROAM_DELTA,
5963 (void *)roam_delta, sizeof(roam_delta));
5965 brcmf_err("WLC_SET_ROAM_DELTA error (%d)\n", err);
5966 goto roam_setup_done;
5974 brcmf_dongle_scantime(struct brcmf_if *ifp)
5978 err = brcmf_fil_cmd_int_set(ifp, BRCMF_C_SET_SCAN_CHANNEL_TIME,
5979 BRCMF_SCAN_CHANNEL_TIME);
5981 brcmf_err("Scan assoc time error (%d)\n", err);
5982 goto dongle_scantime_out;
5984 err = brcmf_fil_cmd_int_set(ifp, BRCMF_C_SET_SCAN_UNASSOC_TIME,
5985 BRCMF_SCAN_UNASSOC_TIME);
5987 brcmf_err("Scan unassoc time error (%d)\n", err);
5988 goto dongle_scantime_out;
5991 err = brcmf_fil_cmd_int_set(ifp, BRCMF_C_SET_SCAN_PASSIVE_TIME,
5992 BRCMF_SCAN_PASSIVE_TIME);
5994 brcmf_err("Scan passive time error (%d)\n", err);
5995 goto dongle_scantime_out;
5998 dongle_scantime_out:
6002 static void brcmf_update_bw40_channel_flag(struct ieee80211_channel *channel,
6003 struct brcmu_chan *ch)
6007 ht40_flag = channel->flags & IEEE80211_CHAN_NO_HT40;
6008 if (ch->sb == BRCMU_CHAN_SB_U) {
6009 if (ht40_flag == IEEE80211_CHAN_NO_HT40)
6010 channel->flags &= ~IEEE80211_CHAN_NO_HT40;
6011 channel->flags |= IEEE80211_CHAN_NO_HT40PLUS;
6013 /* It should be one of
6014 * IEEE80211_CHAN_NO_HT40 or
6015 * IEEE80211_CHAN_NO_HT40PLUS
6017 channel->flags &= ~IEEE80211_CHAN_NO_HT40;
6018 if (ht40_flag == IEEE80211_CHAN_NO_HT40)
6019 channel->flags |= IEEE80211_CHAN_NO_HT40MINUS;
6023 static int brcmf_construct_chaninfo(struct brcmf_cfg80211_info *cfg,
6026 struct brcmf_if *ifp = netdev_priv(cfg_to_ndev(cfg));
6027 struct ieee80211_supported_band *band;
6028 struct ieee80211_channel *channel;
6029 struct wiphy *wiphy;
6030 struct brcmf_chanspec_list *list;
6031 struct brcmu_chan ch;
6038 pbuf = kzalloc(BRCMF_DCMD_MEDLEN, GFP_KERNEL);
6043 list = (struct brcmf_chanspec_list *)pbuf;
6045 err = brcmf_fil_iovar_data_get(ifp, "chanspecs", pbuf,
6048 brcmf_err("get chanspecs error (%d)\n", err);
6052 wiphy = cfg_to_wiphy(cfg);
6053 band = wiphy->bands[NL80211_BAND_2GHZ];
6055 for (i = 0; i < band->n_channels; i++)
6056 band->channels[i].flags = IEEE80211_CHAN_DISABLED;
6057 band = wiphy->bands[NL80211_BAND_5GHZ];
6059 for (i = 0; i < band->n_channels; i++)
6060 band->channels[i].flags = IEEE80211_CHAN_DISABLED;
6062 total = le32_to_cpu(list->count);
6063 for (i = 0; i < total; i++) {
6064 ch.chspec = (u16)le32_to_cpu(list->element[i]);
6065 cfg->d11inf.decchspec(&ch);
6067 if (ch.band == BRCMU_CHAN_BAND_2G) {
6068 band = wiphy->bands[NL80211_BAND_2GHZ];
6069 } else if (ch.band == BRCMU_CHAN_BAND_5G) {
6070 band = wiphy->bands[NL80211_BAND_5GHZ];
6072 brcmf_err("Invalid channel Spec. 0x%x.\n", ch.chspec);
6077 if (!(bw_cap[band->band] & WLC_BW_40MHZ_BIT) &&
6078 ch.bw == BRCMU_CHAN_BW_40)
6080 if (!(bw_cap[band->band] & WLC_BW_80MHZ_BIT) &&
6081 ch.bw == BRCMU_CHAN_BW_80)
6085 for (j = 0; j < band->n_channels; j++) {
6086 if (band->channels[j].hw_value == ch.control_ch_num) {
6087 channel = &band->channels[j];
6092 /* It seems firmware supports some channel we never
6093 * considered. Something new in IEEE standard?
6095 brcmf_err("Ignoring unexpected firmware channel %d\n",
6100 if (channel->orig_flags & IEEE80211_CHAN_DISABLED)
6103 /* assuming the chanspecs order is HT20,
6104 * HT40 upper, HT40 lower, and VHT80.
6106 if (ch.bw == BRCMU_CHAN_BW_80) {
6107 channel->flags &= ~IEEE80211_CHAN_NO_80MHZ;
6108 } else if (ch.bw == BRCMU_CHAN_BW_40) {
6109 brcmf_update_bw40_channel_flag(channel, &ch);
6111 /* enable the channel and disable other bandwidths
6112 * for now as mentioned order assure they are enabled
6113 * for subsequent chanspecs.
6115 channel->flags = IEEE80211_CHAN_NO_HT40 |
6116 IEEE80211_CHAN_NO_80MHZ |
6117 IEEE80211_CHAN_NO_160MHZ;
6118 ch.bw = BRCMU_CHAN_BW_20;
6119 cfg->d11inf.encchspec(&ch);
6120 chaninfo = ch.chspec;
6121 err = brcmf_fil_bsscfg_int_get(ifp, "per_chan_info",
6124 if (chaninfo & WL_CHAN_RADAR)
6126 (IEEE80211_CHAN_RADAR |
6127 IEEE80211_CHAN_NO_IR);
6128 if (chaninfo & WL_CHAN_PASSIVE)
6130 IEEE80211_CHAN_NO_IR;
6140 static int brcmf_enable_bw40_2g(struct brcmf_cfg80211_info *cfg)
6142 struct brcmf_if *ifp = netdev_priv(cfg_to_ndev(cfg));
6143 struct ieee80211_supported_band *band;
6144 struct brcmf_fil_bwcap_le band_bwcap;
6145 struct brcmf_chanspec_list *list;
6149 struct brcmu_chan ch;
6153 /* verify support for bw_cap command */
6155 err = brcmf_fil_iovar_int_get(ifp, "bw_cap", &val);
6158 /* only set 2G bandwidth using bw_cap command */
6159 band_bwcap.band = cpu_to_le32(WLC_BAND_2G);
6160 band_bwcap.bw_cap = cpu_to_le32(WLC_BW_CAP_40MHZ);
6161 err = brcmf_fil_iovar_data_set(ifp, "bw_cap", &band_bwcap,
6162 sizeof(band_bwcap));
6164 brcmf_dbg(INFO, "fallback to mimo_bw_cap\n");
6165 val = WLC_N_BW_40ALL;
6166 err = brcmf_fil_iovar_int_set(ifp, "mimo_bw_cap", val);
6170 /* update channel info in 2G band */
6171 pbuf = kzalloc(BRCMF_DCMD_MEDLEN, GFP_KERNEL);
6176 ch.band = BRCMU_CHAN_BAND_2G;
6177 ch.bw = BRCMU_CHAN_BW_40;
6178 ch.sb = BRCMU_CHAN_SB_NONE;
6180 cfg->d11inf.encchspec(&ch);
6182 /* pass encoded chanspec in query */
6183 *(__le16 *)pbuf = cpu_to_le16(ch.chspec);
6185 err = brcmf_fil_iovar_data_get(ifp, "chanspecs", pbuf,
6188 brcmf_err("get chanspecs error (%d)\n", err);
6193 band = cfg_to_wiphy(cfg)->bands[NL80211_BAND_2GHZ];
6194 list = (struct brcmf_chanspec_list *)pbuf;
6195 num_chan = le32_to_cpu(list->count);
6196 for (i = 0; i < num_chan; i++) {
6197 ch.chspec = (u16)le32_to_cpu(list->element[i]);
6198 cfg->d11inf.decchspec(&ch);
6199 if (WARN_ON(ch.band != BRCMU_CHAN_BAND_2G))
6201 if (WARN_ON(ch.bw != BRCMU_CHAN_BW_40))
6203 for (j = 0; j < band->n_channels; j++) {
6204 if (band->channels[j].hw_value == ch.control_ch_num)
6207 if (WARN_ON(j == band->n_channels))
6210 brcmf_update_bw40_channel_flag(&band->channels[j], &ch);
6217 static void brcmf_get_bwcap(struct brcmf_if *ifp, u32 bw_cap[])
6219 u32 band, mimo_bwcap;
6223 err = brcmf_fil_iovar_int_get(ifp, "bw_cap", &band);
6225 bw_cap[NL80211_BAND_2GHZ] = band;
6227 err = brcmf_fil_iovar_int_get(ifp, "bw_cap", &band);
6229 bw_cap[NL80211_BAND_5GHZ] = band;
6235 brcmf_dbg(INFO, "fallback to mimo_bw_cap info\n");
6237 err = brcmf_fil_iovar_int_get(ifp, "mimo_bw_cap", &mimo_bwcap);
6239 /* assume 20MHz if firmware does not give a clue */
6240 mimo_bwcap = WLC_N_BW_20ALL;
6242 switch (mimo_bwcap) {
6243 case WLC_N_BW_40ALL:
6244 bw_cap[NL80211_BAND_2GHZ] |= WLC_BW_40MHZ_BIT;
6246 case WLC_N_BW_20IN2G_40IN5G:
6247 bw_cap[NL80211_BAND_5GHZ] |= WLC_BW_40MHZ_BIT;
6249 case WLC_N_BW_20ALL:
6250 bw_cap[NL80211_BAND_2GHZ] |= WLC_BW_20MHZ_BIT;
6251 bw_cap[NL80211_BAND_5GHZ] |= WLC_BW_20MHZ_BIT;
6254 brcmf_err("invalid mimo_bw_cap value\n");
6258 static void brcmf_update_ht_cap(struct ieee80211_supported_band *band,
6259 u32 bw_cap[2], u32 nchain)
6261 band->ht_cap.ht_supported = true;
6262 if (bw_cap[band->band] & WLC_BW_40MHZ_BIT) {
6263 band->ht_cap.cap |= IEEE80211_HT_CAP_SGI_40;
6264 band->ht_cap.cap |= IEEE80211_HT_CAP_SUP_WIDTH_20_40;
6266 band->ht_cap.cap |= IEEE80211_HT_CAP_SGI_20;
6267 band->ht_cap.cap |= IEEE80211_HT_CAP_DSSSCCK40;
6268 band->ht_cap.ampdu_factor = IEEE80211_HT_MAX_AMPDU_64K;
6269 band->ht_cap.ampdu_density = IEEE80211_HT_MPDU_DENSITY_16;
6270 memset(band->ht_cap.mcs.rx_mask, 0xff, nchain);
6271 band->ht_cap.mcs.tx_params = IEEE80211_HT_MCS_TX_DEFINED;
6274 static __le16 brcmf_get_mcs_map(u32 nchain, enum ieee80211_vht_mcs_support supp)
6279 for (i = 0, mcs_map = 0xFFFF; i < nchain; i++)
6280 mcs_map = (mcs_map << 2) | supp;
6282 return cpu_to_le16(mcs_map);
6285 static void brcmf_update_vht_cap(struct ieee80211_supported_band *band,
6286 u32 bw_cap[2], u32 nchain, u32 txstreams,
6287 u32 txbf_bfe_cap, u32 txbf_bfr_cap)
6291 /* not allowed in 2.4G band */
6292 if (band->band == NL80211_BAND_2GHZ)
6295 band->vht_cap.vht_supported = true;
6296 /* 80MHz is mandatory */
6297 band->vht_cap.cap |= IEEE80211_VHT_CAP_SHORT_GI_80;
6298 if (bw_cap[band->band] & WLC_BW_160MHZ_BIT) {
6299 band->vht_cap.cap |= IEEE80211_VHT_CAP_SUPP_CHAN_WIDTH_160MHZ;
6300 band->vht_cap.cap |= IEEE80211_VHT_CAP_SHORT_GI_160;
6302 /* all support 256-QAM */
6303 mcs_map = brcmf_get_mcs_map(nchain, IEEE80211_VHT_MCS_SUPPORT_0_9);
6304 band->vht_cap.vht_mcs.rx_mcs_map = mcs_map;
6305 band->vht_cap.vht_mcs.tx_mcs_map = mcs_map;
6307 /* Beamforming support information */
6308 if (txbf_bfe_cap & BRCMF_TXBF_SU_BFE_CAP)
6309 band->vht_cap.cap |= IEEE80211_VHT_CAP_SU_BEAMFORMEE_CAPABLE;
6310 if (txbf_bfe_cap & BRCMF_TXBF_MU_BFE_CAP)
6311 band->vht_cap.cap |= IEEE80211_VHT_CAP_MU_BEAMFORMEE_CAPABLE;
6312 if (txbf_bfr_cap & BRCMF_TXBF_SU_BFR_CAP)
6313 band->vht_cap.cap |= IEEE80211_VHT_CAP_SU_BEAMFORMER_CAPABLE;
6314 if (txbf_bfr_cap & BRCMF_TXBF_MU_BFR_CAP)
6315 band->vht_cap.cap |= IEEE80211_VHT_CAP_MU_BEAMFORMER_CAPABLE;
6317 if ((txbf_bfe_cap || txbf_bfr_cap) && (txstreams > 1)) {
6318 band->vht_cap.cap |=
6319 (2 << IEEE80211_VHT_CAP_BEAMFORMEE_STS_SHIFT);
6320 band->vht_cap.cap |= ((txstreams - 1) <<
6321 IEEE80211_VHT_CAP_SOUNDING_DIMENSIONS_SHIFT);
6322 band->vht_cap.cap |=
6323 IEEE80211_VHT_CAP_VHT_LINK_ADAPTATION_VHT_MRQ_MFB;
6327 static int brcmf_setup_wiphybands(struct wiphy *wiphy)
6329 struct brcmf_cfg80211_info *cfg = wiphy_priv(wiphy);
6330 struct brcmf_if *ifp = netdev_priv(cfg_to_ndev(cfg));
6333 u32 bw_cap[2] = { WLC_BW_20MHZ_BIT, WLC_BW_20MHZ_BIT };
6338 struct ieee80211_supported_band *band;
6340 u32 txbf_bfe_cap = 0;
6341 u32 txbf_bfr_cap = 0;
6343 (void)brcmf_fil_iovar_int_get(ifp, "vhtmode", &vhtmode);
6344 err = brcmf_fil_iovar_int_get(ifp, "nmode", &nmode);
6346 brcmf_err("nmode error (%d)\n", err);
6348 brcmf_get_bwcap(ifp, bw_cap);
6350 brcmf_dbg(INFO, "nmode=%d, vhtmode=%d, bw_cap=(%d, %d)\n",
6351 nmode, vhtmode, bw_cap[NL80211_BAND_2GHZ],
6352 bw_cap[NL80211_BAND_5GHZ]);
6354 err = brcmf_fil_iovar_int_get(ifp, "rxchain", &rxchain);
6356 brcmf_err("rxchain error (%d)\n", err);
6359 for (nchain = 0; rxchain; nchain++)
6360 rxchain = rxchain & (rxchain - 1);
6362 brcmf_dbg(INFO, "nchain=%d\n", nchain);
6364 err = brcmf_construct_chaninfo(cfg, bw_cap);
6366 brcmf_err("brcmf_construct_chaninfo failed (%d)\n", err);
6371 (void)brcmf_fil_iovar_int_get(ifp, "txstreams", &txstreams);
6372 (void)brcmf_fil_iovar_int_get(ifp, "txbf_bfe_cap",
6374 (void)brcmf_fil_iovar_int_get(ifp, "txbf_bfr_cap",
6378 wiphy = cfg_to_wiphy(cfg);
6379 for (i = 0; i < ARRAY_SIZE(wiphy->bands); i++) {
6380 band = wiphy->bands[i];
6385 brcmf_update_ht_cap(band, bw_cap, nchain);
6387 brcmf_update_vht_cap(band, bw_cap, nchain, txstreams,
6388 txbf_bfe_cap, txbf_bfr_cap);
6394 static const struct ieee80211_txrx_stypes
6395 brcmf_txrx_stypes[NUM_NL80211_IFTYPES] = {
6396 [NL80211_IFTYPE_STATION] = {
6398 .rx = BIT(IEEE80211_STYPE_ACTION >> 4) |
6399 BIT(IEEE80211_STYPE_PROBE_REQ >> 4)
6401 [NL80211_IFTYPE_P2P_CLIENT] = {
6403 .rx = BIT(IEEE80211_STYPE_ACTION >> 4) |
6404 BIT(IEEE80211_STYPE_PROBE_REQ >> 4)
6406 [NL80211_IFTYPE_P2P_GO] = {
6408 .rx = BIT(IEEE80211_STYPE_ASSOC_REQ >> 4) |
6409 BIT(IEEE80211_STYPE_REASSOC_REQ >> 4) |
6410 BIT(IEEE80211_STYPE_PROBE_REQ >> 4) |
6411 BIT(IEEE80211_STYPE_DISASSOC >> 4) |
6412 BIT(IEEE80211_STYPE_AUTH >> 4) |
6413 BIT(IEEE80211_STYPE_DEAUTH >> 4) |
6414 BIT(IEEE80211_STYPE_ACTION >> 4)
6416 [NL80211_IFTYPE_P2P_DEVICE] = {
6418 .rx = BIT(IEEE80211_STYPE_ACTION >> 4) |
6419 BIT(IEEE80211_STYPE_PROBE_REQ >> 4)
6424 * brcmf_setup_ifmodes() - determine interface modes and combinations.
6426 * @wiphy: wiphy object.
6427 * @ifp: interface object needed for feat module api.
6429 * The interface modes and combinations are determined dynamically here
6430 * based on firmware functionality.
6432 * no p2p and no mbss:
6434 * #STA <= 1, #AP <= 1, channels = 1, 2 total
6438 * #STA <= 1, #AP <= 1, channels = 1, 2 total
6439 * #AP <= 4, matching BI, channels = 1, 4 total
6441 * p2p, no mchan, and mbss:
6443 * #STA <= 1, #P2P-DEV <= 1, #{P2P-CL, P2P-GO} <= 1, channels = 1, 3 total
6444 * #STA <= 1, #P2P-DEV <= 1, #AP <= 1, #P2P-CL <= 1, channels = 1, 4 total
6445 * #AP <= 4, matching BI, channels = 1, 4 total
6447 * p2p, mchan, and mbss:
6449 * #STA <= 1, #P2P-DEV <= 1, #{P2P-CL, P2P-GO} <= 1, channels = 2, 3 total
6450 * #STA <= 1, #P2P-DEV <= 1, #AP <= 1, #P2P-CL <= 1, channels = 1, 4 total
6451 * #AP <= 4, matching BI, channels = 1, 4 total
6453 static int brcmf_setup_ifmodes(struct wiphy *wiphy, struct brcmf_if *ifp)
6455 struct ieee80211_iface_combination *combo = NULL;
6456 struct ieee80211_iface_limit *c0_limits = NULL;
6457 struct ieee80211_iface_limit *p2p_limits = NULL;
6458 struct ieee80211_iface_limit *mbss_limits = NULL;
6462 mbss = brcmf_feat_is_enabled(ifp, BRCMF_FEAT_MBSS);
6463 p2p = brcmf_feat_is_enabled(ifp, BRCMF_FEAT_P2P);
6465 n_combos = 1 + !!p2p + !!mbss;
6466 combo = kcalloc(n_combos, sizeof(*combo), GFP_KERNEL);
6470 wiphy->interface_modes = BIT(NL80211_IFTYPE_STATION) |
6471 BIT(NL80211_IFTYPE_ADHOC) |
6472 BIT(NL80211_IFTYPE_AP);
6476 c0_limits = kcalloc(p2p ? 3 : 2, sizeof(*c0_limits), GFP_KERNEL);
6479 c0_limits[i].max = 1;
6480 c0_limits[i++].types = BIT(NL80211_IFTYPE_STATION);
6482 if (brcmf_feat_is_enabled(ifp, BRCMF_FEAT_MCHAN))
6483 combo[c].num_different_channels = 2;
6485 combo[c].num_different_channels = 1;
6486 wiphy->interface_modes |= BIT(NL80211_IFTYPE_P2P_CLIENT) |
6487 BIT(NL80211_IFTYPE_P2P_GO) |
6488 BIT(NL80211_IFTYPE_P2P_DEVICE);
6489 c0_limits[i].max = 1;
6490 c0_limits[i++].types = BIT(NL80211_IFTYPE_P2P_DEVICE);
6491 c0_limits[i].max = 1;
6492 c0_limits[i++].types = BIT(NL80211_IFTYPE_P2P_CLIENT) |
6493 BIT(NL80211_IFTYPE_P2P_GO);
6495 combo[c].num_different_channels = 1;
6496 c0_limits[i].max = 1;
6497 c0_limits[i++].types = BIT(NL80211_IFTYPE_AP);
6499 combo[c].max_interfaces = i;
6500 combo[c].n_limits = i;
6501 combo[c].limits = c0_limits;
6506 p2p_limits = kcalloc(4, sizeof(*p2p_limits), GFP_KERNEL);
6509 p2p_limits[i].max = 1;
6510 p2p_limits[i++].types = BIT(NL80211_IFTYPE_STATION);
6511 p2p_limits[i].max = 1;
6512 p2p_limits[i++].types = BIT(NL80211_IFTYPE_AP);
6513 p2p_limits[i].max = 1;
6514 p2p_limits[i++].types = BIT(NL80211_IFTYPE_P2P_CLIENT);
6515 p2p_limits[i].max = 1;
6516 p2p_limits[i++].types = BIT(NL80211_IFTYPE_P2P_DEVICE);
6517 combo[c].num_different_channels = 1;
6518 combo[c].max_interfaces = i;
6519 combo[c].n_limits = i;
6520 combo[c].limits = p2p_limits;
6526 mbss_limits = kcalloc(1, sizeof(*mbss_limits), GFP_KERNEL);
6529 mbss_limits[i].max = 4;
6530 mbss_limits[i++].types = BIT(NL80211_IFTYPE_AP);
6531 combo[c].beacon_int_infra_match = true;
6532 combo[c].num_different_channels = 1;
6533 combo[c].max_interfaces = 4;
6534 combo[c].n_limits = i;
6535 combo[c].limits = mbss_limits;
6538 wiphy->n_iface_combinations = n_combos;
6539 wiphy->iface_combinations = combo;
6551 static const struct wiphy_wowlan_support brcmf_wowlan_support = {
6552 .flags = WIPHY_WOWLAN_MAGIC_PKT | WIPHY_WOWLAN_DISCONNECT,
6553 .n_patterns = BRCMF_WOWL_MAXPATTERNS,
6554 .pattern_max_len = BRCMF_WOWL_MAXPATTERNSIZE,
6555 .pattern_min_len = 1,
6556 .max_pkt_offset = 1500,
6560 static void brcmf_wiphy_wowl_params(struct wiphy *wiphy, struct brcmf_if *ifp)
6563 struct brcmf_cfg80211_info *cfg = wiphy_to_cfg(wiphy);
6564 struct wiphy_wowlan_support *wowl;
6566 wowl = kmemdup(&brcmf_wowlan_support, sizeof(brcmf_wowlan_support),
6569 brcmf_err("only support basic wowlan features\n");
6570 wiphy->wowlan = &brcmf_wowlan_support;
6574 if (brcmf_feat_is_enabled(ifp, BRCMF_FEAT_PNO)) {
6575 if (brcmf_feat_is_enabled(ifp, BRCMF_FEAT_WOWL_ND)) {
6576 wowl->flags |= WIPHY_WOWLAN_NET_DETECT;
6577 wowl->max_nd_match_sets = BRCMF_PNO_MAX_PFN_COUNT;
6578 init_waitqueue_head(&cfg->wowl.nd_data_wait);
6581 if (brcmf_feat_is_enabled(ifp, BRCMF_FEAT_WOWL_GTK)) {
6582 wowl->flags |= WIPHY_WOWLAN_SUPPORTS_GTK_REKEY;
6583 wowl->flags |= WIPHY_WOWLAN_GTK_REKEY_FAILURE;
6586 wiphy->wowlan = wowl;
6590 static int brcmf_setup_wiphy(struct wiphy *wiphy, struct brcmf_if *ifp)
6592 struct brcmf_pub *drvr = ifp->drvr;
6593 const struct ieee80211_iface_combination *combo;
6594 struct ieee80211_supported_band *band;
6595 u16 max_interfaces = 0;
6601 wiphy->max_scan_ssids = WL_NUM_SCAN_MAX;
6602 wiphy->max_scan_ie_len = BRCMF_SCAN_IE_LEN_MAX;
6603 wiphy->max_num_pmkids = BRCMF_MAXPMKID;
6605 err = brcmf_setup_ifmodes(wiphy, ifp);
6609 for (i = 0, combo = wiphy->iface_combinations;
6610 i < wiphy->n_iface_combinations; i++, combo++) {
6611 max_interfaces = max(max_interfaces, combo->max_interfaces);
6614 for (i = 0; i < max_interfaces && i < ARRAY_SIZE(drvr->addresses);
6616 u8 *addr = drvr->addresses[i].addr;
6618 memcpy(addr, drvr->mac, ETH_ALEN);
6621 addr[ETH_ALEN - 1] ^= i;
6624 wiphy->addresses = drvr->addresses;
6625 wiphy->n_addresses = i;
6627 wiphy->signal_type = CFG80211_SIGNAL_TYPE_MBM;
6628 wiphy->cipher_suites = brcmf_cipher_suites;
6629 wiphy->n_cipher_suites = ARRAY_SIZE(brcmf_cipher_suites);
6630 if (!brcmf_feat_is_enabled(ifp, BRCMF_FEAT_MFP))
6631 wiphy->n_cipher_suites--;
6632 wiphy->bss_select_support = BIT(NL80211_BSS_SELECT_ATTR_RSSI) |
6633 BIT(NL80211_BSS_SELECT_ATTR_BAND_PREF) |
6634 BIT(NL80211_BSS_SELECT_ATTR_RSSI_ADJUST);
6636 wiphy->flags |= WIPHY_FLAG_NETNS_OK |
6637 WIPHY_FLAG_PS_ON_BY_DEFAULT |
6638 WIPHY_FLAG_OFFCHAN_TX |
6639 WIPHY_FLAG_HAS_REMAIN_ON_CHANNEL;
6640 if (brcmf_feat_is_enabled(ifp, BRCMF_FEAT_TDLS))
6641 wiphy->flags |= WIPHY_FLAG_SUPPORTS_TDLS;
6642 if (!ifp->drvr->settings->roamoff)
6643 wiphy->flags |= WIPHY_FLAG_SUPPORTS_FW_ROAM;
6644 if (brcmf_feat_is_enabled(ifp, BRCMF_FEAT_FWSUP)) {
6645 wiphy_ext_feature_set(wiphy,
6646 NL80211_EXT_FEATURE_4WAY_HANDSHAKE_STA_PSK);
6647 wiphy_ext_feature_set(wiphy,
6648 NL80211_EXT_FEATURE_4WAY_HANDSHAKE_STA_1X);
6650 wiphy->mgmt_stypes = brcmf_txrx_stypes;
6651 wiphy->max_remain_on_channel_duration = 5000;
6652 if (brcmf_feat_is_enabled(ifp, BRCMF_FEAT_PNO)) {
6653 gscan = brcmf_feat_is_enabled(ifp, BRCMF_FEAT_GSCAN);
6654 brcmf_pno_wiphy_params(wiphy, gscan);
6656 /* vendor commands/events support */
6657 wiphy->vendor_commands = brcmf_vendor_cmds;
6658 wiphy->n_vendor_commands = BRCMF_VNDR_CMDS_LAST - 1;
6660 if (brcmf_feat_is_enabled(ifp, BRCMF_FEAT_WOWL))
6661 brcmf_wiphy_wowl_params(wiphy, ifp);
6662 err = brcmf_fil_cmd_data_get(ifp, BRCMF_C_GET_BANDLIST, &bandlist,
6665 brcmf_err("could not obtain band info: err=%d\n", err);
6668 /* first entry in bandlist is number of bands */
6669 n_bands = le32_to_cpu(bandlist[0]);
6670 for (i = 1; i <= n_bands && i < ARRAY_SIZE(bandlist); i++) {
6671 if (bandlist[i] == cpu_to_le32(WLC_BAND_2G)) {
6672 band = kmemdup(&__wl_band_2ghz, sizeof(__wl_band_2ghz),
6677 band->channels = kmemdup(&__wl_2ghz_channels,
6678 sizeof(__wl_2ghz_channels),
6680 if (!band->channels) {
6685 band->n_channels = ARRAY_SIZE(__wl_2ghz_channels);
6686 wiphy->bands[NL80211_BAND_2GHZ] = band;
6688 if (bandlist[i] == cpu_to_le32(WLC_BAND_5G)) {
6689 band = kmemdup(&__wl_band_5ghz, sizeof(__wl_band_5ghz),
6694 band->channels = kmemdup(&__wl_5ghz_channels,
6695 sizeof(__wl_5ghz_channels),
6697 if (!band->channels) {
6702 band->n_channels = ARRAY_SIZE(__wl_5ghz_channels);
6703 wiphy->bands[NL80211_BAND_5GHZ] = band;
6707 wiphy_read_of_freq_limits(wiphy);
6712 static s32 brcmf_config_dongle(struct brcmf_cfg80211_info *cfg)
6714 struct net_device *ndev;
6715 struct wireless_dev *wdev;
6716 struct brcmf_if *ifp;
6723 ndev = cfg_to_ndev(cfg);
6724 wdev = ndev->ieee80211_ptr;
6725 ifp = netdev_priv(ndev);
6727 /* make sure RF is ready for work */
6728 brcmf_fil_cmd_int_set(ifp, BRCMF_C_UP, 0);
6730 brcmf_dongle_scantime(ifp);
6732 power_mode = cfg->pwr_save ? PM_FAST : PM_OFF;
6733 err = brcmf_fil_cmd_int_set(ifp, BRCMF_C_SET_PM, power_mode);
6735 goto default_conf_out;
6736 brcmf_dbg(INFO, "power save set to %s\n",
6737 (power_mode ? "enabled" : "disabled"));
6739 err = brcmf_dongle_roam(ifp);
6741 goto default_conf_out;
6742 err = brcmf_cfg80211_change_iface(wdev->wiphy, ndev, wdev->iftype,
6745 goto default_conf_out;
6747 brcmf_configure_arp_nd_offload(ifp, true);
6749 cfg->dongle_up = true;
6756 static s32 __brcmf_cfg80211_up(struct brcmf_if *ifp)
6758 set_bit(BRCMF_VIF_STATUS_READY, &ifp->vif->sme_state);
6760 return brcmf_config_dongle(ifp->drvr->config);
6763 static s32 __brcmf_cfg80211_down(struct brcmf_if *ifp)
6765 struct brcmf_cfg80211_info *cfg = ifp->drvr->config;
6768 * While going down, if associated with AP disassociate
6769 * from AP to save power
6771 if (check_vif_up(ifp->vif)) {
6772 brcmf_link_down(ifp->vif, WLAN_REASON_UNSPECIFIED);
6774 /* Make sure WPA_Supplicant receives all the event
6775 generated due to DISASSOC call to the fw to keep
6776 the state fw and WPA_Supplicant state consistent
6781 brcmf_abort_scanning(cfg);
6782 clear_bit(BRCMF_VIF_STATUS_READY, &ifp->vif->sme_state);
6787 s32 brcmf_cfg80211_up(struct net_device *ndev)
6789 struct brcmf_if *ifp = netdev_priv(ndev);
6790 struct brcmf_cfg80211_info *cfg = ifp->drvr->config;
6793 mutex_lock(&cfg->usr_sync);
6794 err = __brcmf_cfg80211_up(ifp);
6795 mutex_unlock(&cfg->usr_sync);
6800 s32 brcmf_cfg80211_down(struct net_device *ndev)
6802 struct brcmf_if *ifp = netdev_priv(ndev);
6803 struct brcmf_cfg80211_info *cfg = ifp->drvr->config;
6806 mutex_lock(&cfg->usr_sync);
6807 err = __brcmf_cfg80211_down(ifp);
6808 mutex_unlock(&cfg->usr_sync);
6813 enum nl80211_iftype brcmf_cfg80211_get_iftype(struct brcmf_if *ifp)
6815 struct wireless_dev *wdev = &ifp->vif->wdev;
6817 return wdev->iftype;
6820 bool brcmf_get_vif_state_any(struct brcmf_cfg80211_info *cfg,
6821 unsigned long state)
6823 struct brcmf_cfg80211_vif *vif;
6825 list_for_each_entry(vif, &cfg->vif_list, list) {
6826 if (test_bit(state, &vif->sme_state))
6832 static inline bool vif_event_equals(struct brcmf_cfg80211_vif_event *event,
6837 spin_lock(&event->vif_event_lock);
6838 evt_action = event->action;
6839 spin_unlock(&event->vif_event_lock);
6840 return evt_action == action;
6843 void brcmf_cfg80211_arm_vif_event(struct brcmf_cfg80211_info *cfg,
6844 struct brcmf_cfg80211_vif *vif)
6846 struct brcmf_cfg80211_vif_event *event = &cfg->vif_event;
6848 spin_lock(&event->vif_event_lock);
6851 spin_unlock(&event->vif_event_lock);
6854 bool brcmf_cfg80211_vif_event_armed(struct brcmf_cfg80211_info *cfg)
6856 struct brcmf_cfg80211_vif_event *event = &cfg->vif_event;
6859 spin_lock(&event->vif_event_lock);
6860 armed = event->vif != NULL;
6861 spin_unlock(&event->vif_event_lock);
6866 int brcmf_cfg80211_wait_vif_event(struct brcmf_cfg80211_info *cfg,
6867 u8 action, ulong timeout)
6869 struct brcmf_cfg80211_vif_event *event = &cfg->vif_event;
6871 return wait_event_timeout(event->vif_wq,
6872 vif_event_equals(event, action), timeout);
6875 static s32 brcmf_translate_country_code(struct brcmf_pub *drvr, char alpha2[2],
6876 struct brcmf_fil_country_le *ccreq)
6878 struct brcmfmac_pd_cc *country_codes;
6879 struct brcmfmac_pd_cc_entry *cc;
6883 country_codes = drvr->settings->country_codes;
6884 if (!country_codes) {
6885 brcmf_dbg(TRACE, "No country codes configured for device\n");
6889 if ((alpha2[0] == ccreq->country_abbrev[0]) &&
6890 (alpha2[1] == ccreq->country_abbrev[1])) {
6891 brcmf_dbg(TRACE, "Country code already set\n");
6896 for (i = 0; i < country_codes->table_size; i++) {
6897 cc = &country_codes->table[i];
6898 if ((cc->iso3166[0] == '\0') && (found_index == -1))
6900 if ((cc->iso3166[0] == alpha2[0]) &&
6901 (cc->iso3166[1] == alpha2[1])) {
6906 if (found_index == -1) {
6907 brcmf_dbg(TRACE, "No country code match found\n");
6910 memset(ccreq, 0, sizeof(*ccreq));
6911 ccreq->rev = cpu_to_le32(country_codes->table[found_index].rev);
6912 memcpy(ccreq->ccode, country_codes->table[found_index].cc,
6913 BRCMF_COUNTRY_BUF_SZ);
6914 ccreq->country_abbrev[0] = alpha2[0];
6915 ccreq->country_abbrev[1] = alpha2[1];
6916 ccreq->country_abbrev[2] = 0;
6921 static void brcmf_cfg80211_reg_notifier(struct wiphy *wiphy,
6922 struct regulatory_request *req)
6924 struct brcmf_cfg80211_info *cfg = wiphy_priv(wiphy);
6925 struct brcmf_if *ifp = netdev_priv(cfg_to_ndev(cfg));
6926 struct brcmf_fil_country_le ccreq;
6930 /* The country code gets set to "00" by default at boot, ignore */
6931 if (req->alpha2[0] == '0' && req->alpha2[1] == '0')
6934 /* ignore non-ISO3166 country codes */
6935 for (i = 0; i < 2; i++)
6936 if (req->alpha2[i] < 'A' || req->alpha2[i] > 'Z') {
6937 brcmf_err("not an ISO3166 code (0x%02x 0x%02x)\n",
6938 req->alpha2[0], req->alpha2[1]);
6942 brcmf_dbg(TRACE, "Enter: initiator=%d, alpha=%c%c\n", req->initiator,
6943 req->alpha2[0], req->alpha2[1]);
6945 err = brcmf_fil_iovar_data_get(ifp, "country", &ccreq, sizeof(ccreq));
6947 brcmf_err("Country code iovar returned err = %d\n", err);
6951 err = brcmf_translate_country_code(ifp->drvr, req->alpha2, &ccreq);
6955 err = brcmf_fil_iovar_data_set(ifp, "country", &ccreq, sizeof(ccreq));
6957 brcmf_err("Firmware rejected country setting\n");
6960 brcmf_setup_wiphybands(wiphy);
6963 static void brcmf_free_wiphy(struct wiphy *wiphy)
6970 if (wiphy->iface_combinations) {
6971 for (i = 0; i < wiphy->n_iface_combinations; i++)
6972 kfree(wiphy->iface_combinations[i].limits);
6974 kfree(wiphy->iface_combinations);
6975 if (wiphy->bands[NL80211_BAND_2GHZ]) {
6976 kfree(wiphy->bands[NL80211_BAND_2GHZ]->channels);
6977 kfree(wiphy->bands[NL80211_BAND_2GHZ]);
6979 if (wiphy->bands[NL80211_BAND_5GHZ]) {
6980 kfree(wiphy->bands[NL80211_BAND_5GHZ]->channels);
6981 kfree(wiphy->bands[NL80211_BAND_5GHZ]);
6983 #if IS_ENABLED(CONFIG_PM)
6984 if (wiphy->wowlan != &brcmf_wowlan_support)
6985 kfree(wiphy->wowlan);
6990 struct brcmf_cfg80211_info *brcmf_cfg80211_attach(struct brcmf_pub *drvr,
6991 struct device *busdev,
6994 struct net_device *ndev = brcmf_get_ifp(drvr, 0)->ndev;
6995 struct brcmf_cfg80211_info *cfg;
6996 struct wiphy *wiphy;
6997 struct cfg80211_ops *ops;
6998 struct brcmf_cfg80211_vif *vif;
6999 struct brcmf_if *ifp;
7005 brcmf_err("ndev is invalid\n");
7009 ops = kmemdup(&brcmf_cfg80211_ops, sizeof(*ops), GFP_KERNEL);
7013 ifp = netdev_priv(ndev);
7015 if (brcmf_feat_is_enabled(ifp, BRCMF_FEAT_WOWL_GTK))
7016 ops->set_rekey_data = brcmf_cfg80211_set_rekey_data;
7018 wiphy = wiphy_new(ops, sizeof(struct brcmf_cfg80211_info));
7020 brcmf_err("Could not allocate wiphy device\n");
7023 memcpy(wiphy->perm_addr, drvr->mac, ETH_ALEN);
7024 set_wiphy_dev(wiphy, busdev);
7026 cfg = wiphy_priv(wiphy);
7030 init_vif_event(&cfg->vif_event);
7031 INIT_LIST_HEAD(&cfg->vif_list);
7033 vif = brcmf_alloc_vif(cfg, NL80211_IFTYPE_STATION);
7038 vif->wdev.netdev = ndev;
7039 ndev->ieee80211_ptr = &vif->wdev;
7040 SET_NETDEV_DEV(ndev, wiphy_dev(cfg->wiphy));
7042 err = wl_init_priv(cfg);
7044 brcmf_err("Failed to init iwm_priv (%d)\n", err);
7045 brcmf_free_vif(vif);
7050 /* determine d11 io type before wiphy setup */
7051 err = brcmf_fil_cmd_int_get(ifp, BRCMF_C_GET_VERSION, &io_type);
7053 brcmf_err("Failed to get D11 version (%d)\n", err);
7056 cfg->d11inf.io_type = (u8)io_type;
7057 brcmu_d11_attach(&cfg->d11inf);
7059 err = brcmf_setup_wiphy(wiphy, ifp);
7063 brcmf_dbg(INFO, "Registering custom regulatory\n");
7064 wiphy->reg_notifier = brcmf_cfg80211_reg_notifier;
7065 wiphy->regulatory_flags |= REGULATORY_CUSTOM_REG;
7066 wiphy_apply_custom_regulatory(wiphy, &brcmf_regdom);
7068 /* firmware defaults to 40MHz disabled in 2G band. We signal
7069 * cfg80211 here that we do and have it decide we can enable
7070 * it. But first check if device does support 2G operation.
7072 if (wiphy->bands[NL80211_BAND_2GHZ]) {
7073 cap = &wiphy->bands[NL80211_BAND_2GHZ]->ht_cap.cap;
7074 *cap |= IEEE80211_HT_CAP_SUP_WIDTH_20_40;
7076 err = wiphy_register(wiphy);
7078 brcmf_err("Could not register wiphy device (%d)\n", err);
7082 err = brcmf_setup_wiphybands(wiphy);
7084 brcmf_err("Setting wiphy bands failed (%d)\n", err);
7085 goto wiphy_unreg_out;
7088 /* If cfg80211 didn't disable 40MHz HT CAP in wiphy_register(),
7089 * setup 40MHz in 2GHz band and enable OBSS scanning.
7091 if (cap && (*cap & IEEE80211_HT_CAP_SUP_WIDTH_20_40)) {
7092 err = brcmf_enable_bw40_2g(cfg);
7094 err = brcmf_fil_iovar_int_set(ifp, "obss_coex",
7095 BRCMF_OBSS_COEX_AUTO);
7097 *cap &= ~IEEE80211_HT_CAP_SUP_WIDTH_20_40;
7099 /* p2p might require that "if-events" get processed by fweh. So
7100 * activate the already registered event handlers now and activate
7101 * the rest when initialization has completed. drvr->config needs to
7102 * be assigned before activating events.
7105 err = brcmf_fweh_activate_events(ifp);
7107 brcmf_err("FWEH activation failed (%d)\n", err);
7108 goto wiphy_unreg_out;
7111 err = brcmf_p2p_attach(cfg, p2pdev_forced);
7113 brcmf_err("P2P initialisation failed (%d)\n", err);
7114 goto wiphy_unreg_out;
7116 err = brcmf_btcoex_attach(cfg);
7118 brcmf_err("BT-coex initialisation failed (%d)\n", err);
7119 brcmf_p2p_detach(&cfg->p2p);
7120 goto wiphy_unreg_out;
7122 err = brcmf_pno_attach(cfg);
7124 brcmf_err("PNO initialisation failed (%d)\n", err);
7125 brcmf_btcoex_detach(cfg);
7126 brcmf_p2p_detach(&cfg->p2p);
7127 goto wiphy_unreg_out;
7130 if (brcmf_feat_is_enabled(ifp, BRCMF_FEAT_TDLS)) {
7131 err = brcmf_fil_iovar_int_set(ifp, "tdls_enable", 1);
7133 brcmf_dbg(INFO, "TDLS not enabled (%d)\n", err);
7134 wiphy->flags &= ~WIPHY_FLAG_SUPPORTS_TDLS;
7136 brcmf_fweh_register(cfg->pub, BRCMF_E_TDLS_PEER_EVENT,
7137 brcmf_notify_tdls_peer_event);
7141 /* (re-) activate FWEH event handling */
7142 err = brcmf_fweh_activate_events(ifp);
7144 brcmf_err("FWEH activation failed (%d)\n", err);
7148 /* Fill in some of the advertised nl80211 supported features */
7149 if (brcmf_feat_is_enabled(ifp, BRCMF_FEAT_SCAN_RANDOM_MAC)) {
7150 wiphy->features |= NL80211_FEATURE_SCHED_SCAN_RANDOM_MAC_ADDR;
7152 if (wiphy->wowlan &&
7153 wiphy->wowlan->flags & WIPHY_WOWLAN_NET_DETECT)
7154 wiphy->features |= NL80211_FEATURE_ND_RANDOM_MAC_ADDR;
7161 brcmf_pno_detach(cfg);
7162 brcmf_btcoex_detach(cfg);
7163 brcmf_p2p_detach(&cfg->p2p);
7165 wiphy_unregister(cfg->wiphy);
7167 wl_deinit_priv(cfg);
7168 brcmf_free_vif(vif);
7171 brcmf_free_wiphy(wiphy);
7177 void brcmf_cfg80211_detach(struct brcmf_cfg80211_info *cfg)
7182 brcmf_pno_detach(cfg);
7183 brcmf_btcoex_detach(cfg);
7184 wiphy_unregister(cfg->wiphy);
7186 wl_deinit_priv(cfg);
7187 brcmf_free_wiphy(cfg->wiphy);