1 // SPDX-License-Identifier: GPL-2.0-only
2 /*
3 * NXP Wireless LAN device driver: station event handling
4 *
5 * Copyright 2011-2020 NXP
6 */
7
8 #include "decl.h"
9 #include "ioctl.h"
10 #include "util.h"
11 #include "fw.h"
12 #include "main.h"
13 #include "wmm.h"
14 #include "11n.h"
15
16 #define MWIFIEX_IBSS_CONNECT_EVT_FIX_SIZE 12
17
mwifiex_check_ibss_peer_capabilities(struct mwifiex_private * priv,struct mwifiex_sta_node * sta_ptr,struct sk_buff * event)18 static int mwifiex_check_ibss_peer_capabilities(struct mwifiex_private *priv,
19 struct mwifiex_sta_node *sta_ptr,
20 struct sk_buff *event)
21 {
22 int evt_len, ele_len;
23 u8 *curr;
24 struct ieee_types_header *ele_hdr;
25 struct mwifiex_ie_types_mgmt_frame *tlv_mgmt_frame;
26 const struct ieee80211_ht_cap *ht_cap;
27 const struct ieee80211_vht_cap *vht_cap;
28
29 skb_pull(event, MWIFIEX_IBSS_CONNECT_EVT_FIX_SIZE);
30 evt_len = event->len;
31 curr = event->data;
32
33 mwifiex_dbg_dump(priv->adapter, EVT_D, "ibss peer capabilities:",
34 event->data, event->len);
35
36 skb_push(event, MWIFIEX_IBSS_CONNECT_EVT_FIX_SIZE);
37
38 tlv_mgmt_frame = (void *)curr;
39 if (evt_len >= sizeof(*tlv_mgmt_frame) &&
40 le16_to_cpu(tlv_mgmt_frame->header.type) ==
41 TLV_TYPE_UAP_MGMT_FRAME) {
42 /* Locate curr pointer to the start of beacon tlv,
43 * timestamp 8 bytes, beacon intervel 2 bytes,
44 * capability info 2 bytes, totally 12 byte beacon header
45 */
46 evt_len = le16_to_cpu(tlv_mgmt_frame->header.len);
47 curr += (sizeof(*tlv_mgmt_frame) + 12);
48 } else {
49 mwifiex_dbg(priv->adapter, MSG,
50 "management frame tlv not found!\n");
51 return 0;
52 }
53
54 while (evt_len >= sizeof(*ele_hdr)) {
55 ele_hdr = (struct ieee_types_header *)curr;
56 ele_len = ele_hdr->len;
57
58 if (evt_len < ele_len + sizeof(*ele_hdr))
59 break;
60
61 switch (ele_hdr->element_id) {
62 case WLAN_EID_HT_CAPABILITY:
63 sta_ptr->is_11n_enabled = true;
64 ht_cap = (void *)(ele_hdr + 2);
65 sta_ptr->max_amsdu = le16_to_cpu(ht_cap->cap_info) &
66 IEEE80211_HT_CAP_MAX_AMSDU ?
67 MWIFIEX_TX_DATA_BUF_SIZE_8K :
68 MWIFIEX_TX_DATA_BUF_SIZE_4K;
69 mwifiex_dbg(priv->adapter, INFO,
70 "11n enabled!, max_amsdu : %d\n",
71 sta_ptr->max_amsdu);
72 break;
73
74 case WLAN_EID_VHT_CAPABILITY:
75 sta_ptr->is_11ac_enabled = true;
76 vht_cap = (void *)(ele_hdr + 2);
77 /* check VHT MAXMPDU capability */
78 switch (le32_to_cpu(vht_cap->vht_cap_info) & 0x3) {
79 case IEEE80211_VHT_CAP_MAX_MPDU_LENGTH_11454:
80 sta_ptr->max_amsdu =
81 MWIFIEX_TX_DATA_BUF_SIZE_12K;
82 break;
83 case IEEE80211_VHT_CAP_MAX_MPDU_LENGTH_7991:
84 sta_ptr->max_amsdu =
85 MWIFIEX_TX_DATA_BUF_SIZE_8K;
86 break;
87 case IEEE80211_VHT_CAP_MAX_MPDU_LENGTH_3895:
88 sta_ptr->max_amsdu =
89 MWIFIEX_TX_DATA_BUF_SIZE_4K;
90 break;
91 default:
92 break;
93 }
94
95 mwifiex_dbg(priv->adapter, INFO,
96 "11ac enabled!, max_amsdu : %d\n",
97 sta_ptr->max_amsdu);
98 break;
99 default:
100 break;
101 }
102
103 curr += (ele_len + sizeof(*ele_hdr));
104 evt_len -= (ele_len + sizeof(*ele_hdr));
105 }
106
107 return 0;
108 }
109
110 /*
111 * This function resets the connection state.
112 *
113 * The function is invoked after receiving a disconnect event from firmware,
114 * and performs the following actions -
115 * - Set media status to disconnected
116 * - Clean up Tx and Rx packets
117 * - Resets SNR/NF/RSSI value in driver
118 * - Resets security configurations in driver
119 * - Enables auto data rate
120 * - Saves the previous SSID and BSSID so that they can
121 * be used for re-association, if required
122 * - Erases current SSID and BSSID information
123 * - Sends a disconnect event to upper layers/applications.
124 */
mwifiex_reset_connect_state(struct mwifiex_private * priv,u16 reason_code,bool from_ap)125 void mwifiex_reset_connect_state(struct mwifiex_private *priv, u16 reason_code,
126 bool from_ap)
127 {
128 struct mwifiex_adapter *adapter = priv->adapter;
129
130 if (!priv->media_connected)
131 return;
132
133 mwifiex_dbg(adapter, INFO,
134 "info: handles disconnect event\n");
135
136 priv->media_connected = false;
137
138 priv->auth_flag = 0;
139 priv->auth_alg = WLAN_AUTH_NONE;
140
141 priv->scan_block = false;
142 priv->port_open = false;
143
144 if ((GET_BSS_ROLE(priv) == MWIFIEX_BSS_ROLE_STA) &&
145 ISSUPP_TDLS_ENABLED(priv->adapter->fw_cap_info)) {
146 mwifiex_disable_all_tdls_links(priv);
147
148 if (priv->adapter->auto_tdls)
149 mwifiex_clean_auto_tdls(priv);
150 }
151
152 /* Free Tx and Rx packets, report disconnect to upper layer */
153 mwifiex_clean_txrx(priv);
154
155 /* Reset SNR/NF/RSSI values */
156 priv->data_rssi_last = 0;
157 priv->data_nf_last = 0;
158 priv->data_rssi_avg = 0;
159 priv->data_nf_avg = 0;
160 priv->bcn_rssi_last = 0;
161 priv->bcn_nf_last = 0;
162 priv->bcn_rssi_avg = 0;
163 priv->bcn_nf_avg = 0;
164 priv->rxpd_rate = 0;
165 priv->rxpd_htinfo = 0;
166 priv->sec_info.wpa_enabled = false;
167 priv->sec_info.wpa2_enabled = false;
168 priv->wpa_ie_len = 0;
169
170 priv->sec_info.wapi_enabled = false;
171 priv->wapi_ie_len = 0;
172 priv->sec_info.wapi_key_on = false;
173
174 priv->sec_info.encryption_mode = 0;
175
176 /* Enable auto data rate */
177 priv->is_data_rate_auto = true;
178 priv->data_rate = 0;
179
180 priv->ht_param_present = false;
181
182 if ((GET_BSS_ROLE(priv) == MWIFIEX_BSS_ROLE_STA ||
183 GET_BSS_ROLE(priv) == MWIFIEX_BSS_ROLE_UAP) && priv->hist_data)
184 mwifiex_hist_data_reset(priv);
185
186 if (priv->bss_mode == NL80211_IFTYPE_ADHOC)
187 priv->adhoc_state = ADHOC_IDLE;
188
189 /*
190 * Memorize the previous SSID and BSSID so
191 * it could be used for re-assoc
192 */
193
194 mwifiex_dbg(adapter, INFO,
195 "info: previous SSID=%s, SSID len=%u\n",
196 priv->prev_ssid.ssid, priv->prev_ssid.ssid_len);
197
198 mwifiex_dbg(adapter, INFO,
199 "info: current SSID=%s, SSID len=%u\n",
200 priv->curr_bss_params.bss_descriptor.ssid.ssid,
201 priv->curr_bss_params.bss_descriptor.ssid.ssid_len);
202
203 memcpy(&priv->prev_ssid,
204 &priv->curr_bss_params.bss_descriptor.ssid,
205 sizeof(struct cfg80211_ssid));
206
207 memcpy(priv->prev_bssid,
208 priv->curr_bss_params.bss_descriptor.mac_address, ETH_ALEN);
209
210 /* Need to erase the current SSID and BSSID info */
211 memset(&priv->curr_bss_params, 0x00, sizeof(priv->curr_bss_params));
212
213 adapter->tx_lock_flag = false;
214 adapter->pps_uapsd_mode = false;
215
216 if (test_bit(MWIFIEX_IS_CMD_TIMEDOUT, &adapter->work_flags) &&
217 adapter->curr_cmd)
218 return;
219 priv->media_connected = false;
220 mwifiex_dbg(adapter, MSG,
221 "info: successfully disconnected from %pM: reason code %d\n",
222 priv->cfg_bssid, reason_code);
223 if (priv->bss_mode == NL80211_IFTYPE_STATION ||
224 priv->bss_mode == NL80211_IFTYPE_P2P_CLIENT) {
225 if (adapter->host_mlme_enabled && adapter->host_mlme_link_lost)
226 mwifiex_host_mlme_disconnect(adapter->priv_link_lost,
227 reason_code, NULL);
228 else
229 cfg80211_disconnected(priv->netdev, reason_code, NULL,
230 0, !from_ap, GFP_KERNEL);
231 }
232 eth_zero_addr(priv->cfg_bssid);
233
234 mwifiex_stop_net_dev_queue(priv->netdev, adapter);
235 if (netif_carrier_ok(priv->netdev))
236 netif_carrier_off(priv->netdev);
237
238 if (!ISSUPP_FIRMWARE_SUPPLICANT(priv->adapter->fw_cap_info))
239 return;
240
241 mwifiex_send_cmd(priv, HostCmd_CMD_GTK_REKEY_OFFLOAD_CFG,
242 HostCmd_ACT_GEN_REMOVE, 0, NULL, false);
243 }
244
mwifiex_parse_tdls_event(struct mwifiex_private * priv,struct sk_buff * event_skb)245 static int mwifiex_parse_tdls_event(struct mwifiex_private *priv,
246 struct sk_buff *event_skb)
247 {
248 int ret = 0;
249 struct mwifiex_adapter *adapter = priv->adapter;
250 struct mwifiex_sta_node *sta_ptr;
251 struct mwifiex_tdls_generic_event *tdls_evt =
252 (void *)event_skb->data + sizeof(adapter->event_cause);
253 u8 *mac = tdls_evt->peer_mac;
254
255 /* reserved 2 bytes are not mandatory in tdls event */
256 if (event_skb->len < (sizeof(struct mwifiex_tdls_generic_event) -
257 sizeof(u16) - sizeof(adapter->event_cause))) {
258 mwifiex_dbg(adapter, ERROR, "Invalid event length!\n");
259 return -1;
260 }
261
262 sta_ptr = mwifiex_get_sta_entry(priv, tdls_evt->peer_mac);
263 if (!sta_ptr) {
264 mwifiex_dbg(adapter, ERROR, "cannot get sta entry!\n");
265 return -1;
266 }
267
268 switch (le16_to_cpu(tdls_evt->type)) {
269 case TDLS_EVENT_LINK_TEAR_DOWN:
270 cfg80211_tdls_oper_request(priv->netdev,
271 tdls_evt->peer_mac,
272 NL80211_TDLS_TEARDOWN,
273 le16_to_cpu(tdls_evt->u.reason_code),
274 GFP_KERNEL);
275 break;
276 case TDLS_EVENT_CHAN_SWITCH_RESULT:
277 mwifiex_dbg(adapter, EVENT, "tdls channel switch result :\n");
278 mwifiex_dbg(adapter, EVENT,
279 "status=0x%x, reason=0x%x cur_chan=%d\n",
280 tdls_evt->u.switch_result.status,
281 tdls_evt->u.switch_result.reason,
282 tdls_evt->u.switch_result.cur_chan);
283
284 /* tdls channel switch failed */
285 if (tdls_evt->u.switch_result.status != 0) {
286 switch (tdls_evt->u.switch_result.cur_chan) {
287 case TDLS_BASE_CHANNEL:
288 sta_ptr->tdls_status = TDLS_IN_BASE_CHAN;
289 break;
290 case TDLS_OFF_CHANNEL:
291 sta_ptr->tdls_status = TDLS_IN_OFF_CHAN;
292 break;
293 default:
294 break;
295 }
296 return ret;
297 }
298
299 /* tdls channel switch success */
300 switch (tdls_evt->u.switch_result.cur_chan) {
301 case TDLS_BASE_CHANNEL:
302 if (sta_ptr->tdls_status == TDLS_IN_BASE_CHAN)
303 break;
304 mwifiex_update_ralist_tx_pause_in_tdls_cs(priv, mac,
305 false);
306 sta_ptr->tdls_status = TDLS_IN_BASE_CHAN;
307 break;
308 case TDLS_OFF_CHANNEL:
309 if (sta_ptr->tdls_status == TDLS_IN_OFF_CHAN)
310 break;
311 mwifiex_update_ralist_tx_pause_in_tdls_cs(priv, mac,
312 true);
313 sta_ptr->tdls_status = TDLS_IN_OFF_CHAN;
314 break;
315 default:
316 break;
317 }
318
319 break;
320 case TDLS_EVENT_START_CHAN_SWITCH:
321 mwifiex_dbg(adapter, EVENT, "tdls start channel switch...\n");
322 sta_ptr->tdls_status = TDLS_CHAN_SWITCHING;
323 break;
324 case TDLS_EVENT_CHAN_SWITCH_STOPPED:
325 mwifiex_dbg(adapter, EVENT,
326 "tdls chan switch stopped, reason=%d\n",
327 tdls_evt->u.cs_stop_reason);
328 break;
329 default:
330 break;
331 }
332
333 return ret;
334 }
335
mwifiex_process_uap_tx_pause(struct mwifiex_private * priv,struct mwifiex_ie_types_header * tlv)336 static void mwifiex_process_uap_tx_pause(struct mwifiex_private *priv,
337 struct mwifiex_ie_types_header *tlv)
338 {
339 struct mwifiex_tx_pause_tlv *tp;
340 struct mwifiex_sta_node *sta_ptr;
341
342 tp = (void *)tlv;
343 mwifiex_dbg(priv->adapter, EVENT,
344 "uap tx_pause: %pM pause=%d, pkts=%d\n",
345 tp->peermac, tp->tx_pause,
346 tp->pkt_cnt);
347
348 if (ether_addr_equal(tp->peermac, priv->netdev->dev_addr)) {
349 if (tp->tx_pause)
350 priv->port_open = false;
351 else
352 priv->port_open = true;
353 } else if (is_multicast_ether_addr(tp->peermac)) {
354 mwifiex_update_ralist_tx_pause(priv, tp->peermac, tp->tx_pause);
355 } else {
356 spin_lock_bh(&priv->sta_list_spinlock);
357 sta_ptr = mwifiex_get_sta_entry(priv, tp->peermac);
358 if (sta_ptr && sta_ptr->tx_pause != tp->tx_pause) {
359 sta_ptr->tx_pause = tp->tx_pause;
360 spin_unlock_bh(&priv->sta_list_spinlock);
361 mwifiex_update_ralist_tx_pause(priv, tp->peermac,
362 tp->tx_pause);
363 } else {
364 spin_unlock_bh(&priv->sta_list_spinlock);
365 }
366 }
367 }
368
mwifiex_process_sta_tx_pause(struct mwifiex_private * priv,struct mwifiex_ie_types_header * tlv)369 static void mwifiex_process_sta_tx_pause(struct mwifiex_private *priv,
370 struct mwifiex_ie_types_header *tlv)
371 {
372 struct mwifiex_tx_pause_tlv *tp;
373 struct mwifiex_sta_node *sta_ptr;
374 int status;
375
376 tp = (void *)tlv;
377 mwifiex_dbg(priv->adapter, EVENT,
378 "sta tx_pause: %pM pause=%d, pkts=%d\n",
379 tp->peermac, tp->tx_pause,
380 tp->pkt_cnt);
381
382 if (ether_addr_equal(tp->peermac, priv->cfg_bssid)) {
383 if (tp->tx_pause)
384 priv->port_open = false;
385 else
386 priv->port_open = true;
387 } else {
388 if (!ISSUPP_TDLS_ENABLED(priv->adapter->fw_cap_info))
389 return;
390
391 status = mwifiex_get_tdls_link_status(priv, tp->peermac);
392 if (mwifiex_is_tdls_link_setup(status)) {
393 spin_lock_bh(&priv->sta_list_spinlock);
394 sta_ptr = mwifiex_get_sta_entry(priv, tp->peermac);
395 if (sta_ptr && sta_ptr->tx_pause != tp->tx_pause) {
396 sta_ptr->tx_pause = tp->tx_pause;
397 spin_unlock_bh(&priv->sta_list_spinlock);
398 mwifiex_update_ralist_tx_pause(priv,
399 tp->peermac,
400 tp->tx_pause);
401 } else {
402 spin_unlock_bh(&priv->sta_list_spinlock);
403 }
404 }
405 }
406 }
407
mwifiex_process_multi_chan_event(struct mwifiex_private * priv,struct sk_buff * event_skb)408 void mwifiex_process_multi_chan_event(struct mwifiex_private *priv,
409 struct sk_buff *event_skb)
410 {
411 struct mwifiex_ie_types_multi_chan_info *chan_info;
412 struct mwifiex_ie_types_mc_group_info *grp_info;
413 struct mwifiex_adapter *adapter = priv->adapter;
414 struct mwifiex_ie_types_header *tlv;
415 u16 tlv_buf_left, tlv_type, tlv_len;
416 int intf_num, bss_type, bss_num, i;
417 struct mwifiex_private *intf_priv;
418
419 tlv_buf_left = event_skb->len - sizeof(u32);
420 chan_info = (void *)event_skb->data + sizeof(u32);
421
422 if (le16_to_cpu(chan_info->header.type) != TLV_TYPE_MULTI_CHAN_INFO ||
423 tlv_buf_left < sizeof(struct mwifiex_ie_types_multi_chan_info)) {
424 mwifiex_dbg(adapter, ERROR,
425 "unknown TLV in chan_info event\n");
426 return;
427 }
428
429 adapter->usb_mc_status = le16_to_cpu(chan_info->status);
430 mwifiex_dbg(adapter, EVENT, "multi chan operation %s\n",
431 adapter->usb_mc_status ? "started" : "over");
432
433 tlv_buf_left -= sizeof(struct mwifiex_ie_types_multi_chan_info);
434 tlv = (struct mwifiex_ie_types_header *)chan_info->tlv_buffer;
435
436 while (tlv_buf_left >= (int)sizeof(struct mwifiex_ie_types_header)) {
437 tlv_type = le16_to_cpu(tlv->type);
438 tlv_len = le16_to_cpu(tlv->len);
439 if ((sizeof(struct mwifiex_ie_types_header) + tlv_len) >
440 tlv_buf_left) {
441 mwifiex_dbg(adapter, ERROR, "wrong tlv: tlvLen=%d,\t"
442 "tlvBufLeft=%d\n", tlv_len, tlv_buf_left);
443 break;
444 }
445 if (tlv_type != TLV_TYPE_MC_GROUP_INFO) {
446 mwifiex_dbg(adapter, ERROR, "wrong tlv type: 0x%x\n",
447 tlv_type);
448 break;
449 }
450
451 grp_info = (struct mwifiex_ie_types_mc_group_info *)tlv;
452 intf_num = grp_info->intf_num;
453 for (i = 0; i < intf_num; i++) {
454 bss_type = grp_info->bss_type_numlist[i] >> 4;
455 bss_num = grp_info->bss_type_numlist[i] & BSS_NUM_MASK;
456 intf_priv = mwifiex_get_priv_by_id(adapter, bss_num,
457 bss_type);
458 if (!intf_priv) {
459 mwifiex_dbg(adapter, ERROR,
460 "Invalid bss_type bss_num\t"
461 "in multi channel event\n");
462 continue;
463 }
464 if (adapter->iface_type == MWIFIEX_USB) {
465 u8 ep;
466
467 ep = grp_info->hid_num.usb_ep_num;
468 if (ep == MWIFIEX_USB_EP_DATA ||
469 ep == MWIFIEX_USB_EP_DATA_CH2)
470 intf_priv->usb_port = ep;
471 }
472 }
473
474 tlv_buf_left -= sizeof(struct mwifiex_ie_types_header) +
475 tlv_len;
476 tlv = (void *)((u8 *)tlv + tlv_len +
477 sizeof(struct mwifiex_ie_types_header));
478 }
479
480 if (adapter->iface_type == MWIFIEX_USB) {
481 adapter->tx_lock_flag = true;
482 adapter->usb_mc_setup = true;
483 mwifiex_multi_chan_resync(adapter);
484 }
485 }
486
mwifiex_process_tx_pause_event(struct mwifiex_private * priv,struct sk_buff * event_skb)487 void mwifiex_process_tx_pause_event(struct mwifiex_private *priv,
488 struct sk_buff *event_skb)
489 {
490 struct mwifiex_ie_types_header *tlv;
491 u16 tlv_type, tlv_len;
492 int tlv_buf_left;
493
494 if (!priv->media_connected) {
495 mwifiex_dbg(priv->adapter, ERROR,
496 "tx_pause event while disconnected; bss_role=%d\n",
497 priv->bss_role);
498 return;
499 }
500
501 tlv_buf_left = event_skb->len - sizeof(u32);
502 tlv = (void *)event_skb->data + sizeof(u32);
503
504 while (tlv_buf_left >= (int)sizeof(struct mwifiex_ie_types_header)) {
505 tlv_type = le16_to_cpu(tlv->type);
506 tlv_len = le16_to_cpu(tlv->len);
507 if ((sizeof(struct mwifiex_ie_types_header) + tlv_len) >
508 tlv_buf_left) {
509 mwifiex_dbg(priv->adapter, ERROR,
510 "wrong tlv: tlvLen=%d, tlvBufLeft=%d\n",
511 tlv_len, tlv_buf_left);
512 break;
513 }
514 if (tlv_type == TLV_TYPE_TX_PAUSE) {
515 if (GET_BSS_ROLE(priv) == MWIFIEX_BSS_ROLE_STA)
516 mwifiex_process_sta_tx_pause(priv, tlv);
517 else
518 mwifiex_process_uap_tx_pause(priv, tlv);
519 }
520
521 tlv_buf_left -= sizeof(struct mwifiex_ie_types_header) +
522 tlv_len;
523 tlv = (void *)((u8 *)tlv + tlv_len +
524 sizeof(struct mwifiex_ie_types_header));
525 }
526
527 }
528
529 /*
530 * This function handles coex events generated by firmware
531 */
mwifiex_bt_coex_wlan_param_update_event(struct mwifiex_private * priv,struct sk_buff * event_skb)532 void mwifiex_bt_coex_wlan_param_update_event(struct mwifiex_private *priv,
533 struct sk_buff *event_skb)
534 {
535 struct mwifiex_adapter *adapter = priv->adapter;
536 struct mwifiex_ie_types_header *tlv;
537 struct mwifiex_ie_types_btcoex_aggr_win_size *winsizetlv;
538 struct mwifiex_ie_types_btcoex_scan_time *scantlv;
539 s32 len = event_skb->len - sizeof(u32);
540 u8 *cur_ptr = event_skb->data + sizeof(u32);
541 u16 tlv_type, tlv_len;
542
543 while (len >= sizeof(struct mwifiex_ie_types_header)) {
544 tlv = (struct mwifiex_ie_types_header *)cur_ptr;
545 tlv_len = le16_to_cpu(tlv->len);
546 tlv_type = le16_to_cpu(tlv->type);
547
548 if ((tlv_len + sizeof(struct mwifiex_ie_types_header)) > len)
549 break;
550 switch (tlv_type) {
551 case TLV_BTCOEX_WL_AGGR_WINSIZE:
552 winsizetlv =
553 (struct mwifiex_ie_types_btcoex_aggr_win_size *)tlv;
554 adapter->coex_win_size = winsizetlv->coex_win_size;
555 adapter->coex_tx_win_size =
556 winsizetlv->tx_win_size;
557 adapter->coex_rx_win_size =
558 winsizetlv->rx_win_size;
559 mwifiex_coex_ampdu_rxwinsize(adapter);
560 mwifiex_update_ampdu_txwinsize(adapter);
561 break;
562
563 case TLV_BTCOEX_WL_SCANTIME:
564 scantlv =
565 (struct mwifiex_ie_types_btcoex_scan_time *)tlv;
566 adapter->coex_scan = scantlv->coex_scan;
567 adapter->coex_min_scan_time = le16_to_cpu(scantlv->min_scan_time);
568 adapter->coex_max_scan_time = le16_to_cpu(scantlv->max_scan_time);
569 break;
570
571 default:
572 break;
573 }
574
575 len -= tlv_len + sizeof(struct mwifiex_ie_types_header);
576 cur_ptr += tlv_len +
577 sizeof(struct mwifiex_ie_types_header);
578 }
579
580 dev_dbg(adapter->dev, "coex_scan=%d min_scan=%d coex_win=%d, tx_win=%d rx_win=%d\n",
581 adapter->coex_scan, adapter->coex_min_scan_time,
582 adapter->coex_win_size, adapter->coex_tx_win_size,
583 adapter->coex_rx_win_size);
584 }
585
586 static void
mwifiex_fw_dump_info_event(struct mwifiex_private * priv,struct sk_buff * event_skb)587 mwifiex_fw_dump_info_event(struct mwifiex_private *priv,
588 struct sk_buff *event_skb)
589 {
590 struct mwifiex_adapter *adapter = priv->adapter;
591 struct mwifiex_fw_dump_header *fw_dump_hdr =
592 (void *)adapter->event_body;
593
594 if (adapter->iface_type != MWIFIEX_USB) {
595 mwifiex_dbg(adapter, MSG,
596 "event is not on usb interface, ignore it\n");
597 return;
598 }
599
600 if (!adapter->devdump_data) {
601 /* When receive the first event, allocate device dump
602 * buffer, dump driver info.
603 */
604 adapter->devdump_data = vzalloc(MWIFIEX_FW_DUMP_SIZE);
605 if (!adapter->devdump_data) {
606 mwifiex_dbg(adapter, ERROR,
607 "vzalloc devdump data failure!\n");
608 return;
609 }
610
611 mwifiex_drv_info_dump(adapter);
612
613 /* If no proceeded event arrive in 10s, upload device
614 * dump data, this will be useful if the end of
615 * transmission event get lost, in this cornel case,
616 * user would still get partial of the dump.
617 */
618 schedule_delayed_work(&adapter->devdump_work,
619 msecs_to_jiffies(MWIFIEX_TIMER_10S));
620 }
621
622 /* Overflow check */
623 if (adapter->devdump_len + event_skb->len >= MWIFIEX_FW_DUMP_SIZE)
624 goto upload_dump;
625
626 memmove(adapter->devdump_data + adapter->devdump_len,
627 adapter->event_skb->data, event_skb->len);
628 adapter->devdump_len += event_skb->len;
629
630 if (le16_to_cpu(fw_dump_hdr->type) == FW_DUMP_INFO_ENDED) {
631 mwifiex_dbg(adapter, MSG,
632 "receive end of transmission flag event!\n");
633 goto upload_dump;
634 }
635 return;
636
637 upload_dump:
638 cancel_delayed_work_sync(&adapter->devdump_work);
639 mwifiex_upload_device_dump(adapter);
640 }
641
642 /*
643 * This function handles events generated by firmware.
644 *
645 * This is a generic function and handles all events.
646 *
647 * Event specific routines are called by this function based
648 * upon the generated event cause.
649 *
650 * For the following events, the function just forwards them to upper
651 * layers, optionally recording the change -
652 * - EVENT_LINK_SENSED
653 * - EVENT_MIC_ERR_UNICAST
654 * - EVENT_MIC_ERR_MULTICAST
655 * - EVENT_PORT_RELEASE
656 * - EVENT_RSSI_LOW
657 * - EVENT_SNR_LOW
658 * - EVENT_MAX_FAIL
659 * - EVENT_RSSI_HIGH
660 * - EVENT_SNR_HIGH
661 * - EVENT_DATA_RSSI_LOW
662 * - EVENT_DATA_SNR_LOW
663 * - EVENT_DATA_RSSI_HIGH
664 * - EVENT_DATA_SNR_HIGH
665 * - EVENT_LINK_QUALITY
666 * - EVENT_PRE_BEACON_LOST
667 * - EVENT_IBSS_COALESCED
668 * - EVENT_IBSS_STA_CONNECT
669 * - EVENT_IBSS_STA_DISCONNECT
670 * - EVENT_WEP_ICV_ERR
671 * - EVENT_BW_CHANGE
672 * - EVENT_HOSTWAKE_STAIE
673 *
674 * For the following events, no action is taken -
675 * - EVENT_MIB_CHANGED
676 * - EVENT_INIT_DONE
677 * - EVENT_DUMMY_HOST_WAKEUP_SIGNAL
678 *
679 * Rest of the supported events requires driver handling -
680 * - EVENT_DEAUTHENTICATED
681 * - EVENT_DISASSOCIATED
682 * - EVENT_LINK_LOST
683 * - EVENT_PS_SLEEP
684 * - EVENT_PS_AWAKE
685 * - EVENT_DEEP_SLEEP_AWAKE
686 * - EVENT_HS_ACT_REQ
687 * - EVENT_ADHOC_BCN_LOST
688 * - EVENT_BG_SCAN_REPORT
689 * - EVENT_WMM_STATUS_CHANGE
690 * - EVENT_ADDBA
691 * - EVENT_DELBA
692 * - EVENT_BA_STREAM_TIEMOUT
693 * - EVENT_AMSDU_AGGR_CTRL
694 * - EVENT_FW_DUMP_INFO
695 */
mwifiex_process_sta_event(struct mwifiex_private * priv)696 int mwifiex_process_sta_event(struct mwifiex_private *priv)
697 {
698 struct mwifiex_adapter *adapter = priv->adapter;
699 int ret = 0, i;
700 u32 eventcause = adapter->event_cause;
701 u16 ctrl, reason_code;
702 u8 ibss_sta_addr[ETH_ALEN];
703 struct mwifiex_sta_node *sta_ptr;
704
705 switch (eventcause) {
706 case EVENT_DUMMY_HOST_WAKEUP_SIGNAL:
707 mwifiex_dbg(adapter, ERROR,
708 "invalid EVENT: DUMMY_HOST_WAKEUP_SIGNAL, ignore it\n");
709 break;
710 case EVENT_LINK_SENSED:
711 mwifiex_dbg(adapter, EVENT, "event: LINK_SENSED\n");
712 if (!netif_carrier_ok(priv->netdev))
713 netif_carrier_on(priv->netdev);
714 mwifiex_wake_up_net_dev_queue(priv->netdev, adapter);
715 break;
716
717 case EVENT_DEAUTHENTICATED:
718 mwifiex_dbg(adapter, EVENT, "event: Deauthenticated\n");
719 if (priv->wps.session_enable) {
720 mwifiex_dbg(adapter, INFO,
721 "info: receive deauth event in wps session\n");
722 break;
723 }
724 adapter->dbg.num_event_deauth++;
725 if (priv->media_connected) {
726 reason_code =
727 get_unaligned_le16(adapter->event_body);
728 mwifiex_reset_connect_state(priv, reason_code, true);
729 }
730 break;
731
732 case EVENT_DISASSOCIATED:
733 mwifiex_dbg(adapter, EVENT, "event: Disassociated\n");
734 if (priv->wps.session_enable) {
735 mwifiex_dbg(adapter, INFO,
736 "info: receive disassoc event in wps session\n");
737 break;
738 }
739 adapter->dbg.num_event_disassoc++;
740 if (priv->media_connected) {
741 reason_code =
742 get_unaligned_le16(adapter->event_body);
743 mwifiex_reset_connect_state(priv, reason_code, true);
744 }
745 break;
746
747 case EVENT_LINK_LOST:
748 mwifiex_dbg(adapter, EVENT, "event: Link lost\n");
749 adapter->dbg.num_event_link_lost++;
750 if (priv->media_connected) {
751 reason_code =
752 get_unaligned_le16(adapter->event_body);
753 if (adapter->host_mlme_enabled) {
754 adapter->priv_link_lost = priv;
755 adapter->host_mlme_link_lost = true;
756 queue_work(adapter->host_mlme_workqueue,
757 &adapter->host_mlme_work);
758 } else {
759 mwifiex_reset_connect_state(priv, reason_code,
760 true);
761 }
762 }
763 break;
764
765 case EVENT_PS_SLEEP:
766 mwifiex_dbg(adapter, EVENT, "info: EVENT: SLEEP\n");
767
768 adapter->ps_state = PS_STATE_PRE_SLEEP;
769
770 mwifiex_check_ps_cond(adapter);
771 break;
772
773 case EVENT_PS_AWAKE:
774 mwifiex_dbg(adapter, EVENT, "info: EVENT: AWAKE\n");
775 if (!adapter->pps_uapsd_mode &&
776 (priv->port_open ||
777 (priv->bss_mode == NL80211_IFTYPE_ADHOC)) &&
778 priv->media_connected && adapter->sleep_period.period) {
779 adapter->pps_uapsd_mode = true;
780 mwifiex_dbg(adapter, EVENT,
781 "event: PPS/UAPSD mode activated\n");
782 }
783 adapter->tx_lock_flag = false;
784 if (adapter->pps_uapsd_mode && adapter->gen_null_pkt) {
785 if (mwifiex_check_last_packet_indication(priv)) {
786 if (adapter->data_sent ||
787 (adapter->if_ops.is_port_ready &&
788 !adapter->if_ops.is_port_ready(priv))) {
789 adapter->ps_state = PS_STATE_AWAKE;
790 adapter->pm_wakeup_card_req = false;
791 adapter->pm_wakeup_fw_try = false;
792 del_timer(&adapter->wakeup_timer);
793 break;
794 }
795 if (!mwifiex_send_null_packet
796 (priv,
797 MWIFIEX_TxPD_POWER_MGMT_NULL_PACKET |
798 MWIFIEX_TxPD_POWER_MGMT_LAST_PACKET))
799 adapter->ps_state =
800 PS_STATE_SLEEP;
801 return 0;
802 }
803 }
804 adapter->ps_state = PS_STATE_AWAKE;
805 adapter->pm_wakeup_card_req = false;
806 adapter->pm_wakeup_fw_try = false;
807 del_timer(&adapter->wakeup_timer);
808
809 break;
810
811 case EVENT_DEEP_SLEEP_AWAKE:
812 adapter->if_ops.wakeup_complete(adapter);
813 mwifiex_dbg(adapter, EVENT, "event: DS_AWAKE\n");
814 if (adapter->is_deep_sleep)
815 adapter->is_deep_sleep = false;
816 break;
817
818 case EVENT_HS_ACT_REQ:
819 mwifiex_dbg(adapter, EVENT, "event: HS_ACT_REQ\n");
820 ret = mwifiex_send_cmd(priv, HostCmd_CMD_802_11_HS_CFG_ENH,
821 0, 0, NULL, false);
822 break;
823
824 case EVENT_MIC_ERR_UNICAST:
825 mwifiex_dbg(adapter, EVENT, "event: UNICAST MIC ERROR\n");
826 cfg80211_michael_mic_failure(priv->netdev, priv->cfg_bssid,
827 NL80211_KEYTYPE_PAIRWISE,
828 -1, NULL, GFP_KERNEL);
829 break;
830
831 case EVENT_MIC_ERR_MULTICAST:
832 mwifiex_dbg(adapter, EVENT, "event: MULTICAST MIC ERROR\n");
833 cfg80211_michael_mic_failure(priv->netdev, priv->cfg_bssid,
834 NL80211_KEYTYPE_GROUP,
835 -1, NULL, GFP_KERNEL);
836 break;
837 case EVENT_MIB_CHANGED:
838 case EVENT_INIT_DONE:
839 break;
840
841 case EVENT_ADHOC_BCN_LOST:
842 mwifiex_dbg(adapter, EVENT, "event: ADHOC_BCN_LOST\n");
843 mwifiex_clean_txrx(priv);
844 mwifiex_stop_net_dev_queue(priv->netdev, adapter);
845 if (netif_carrier_ok(priv->netdev))
846 netif_carrier_off(priv->netdev);
847 break;
848
849 case EVENT_BG_SCAN_REPORT:
850 mwifiex_dbg(adapter, EVENT, "event: BGS_REPORT\n");
851 ret = mwifiex_send_cmd(priv, HostCmd_CMD_802_11_BG_SCAN_QUERY,
852 HostCmd_ACT_GEN_GET, 0, NULL, false);
853 break;
854
855 case EVENT_BG_SCAN_STOPPED:
856 dev_dbg(adapter->dev, "event: BGS_STOPPED\n");
857 cfg80211_sched_scan_stopped(priv->wdev.wiphy, 0);
858 if (priv->sched_scanning)
859 priv->sched_scanning = false;
860 break;
861
862 case EVENT_PORT_RELEASE:
863 mwifiex_dbg(adapter, EVENT, "event: PORT RELEASE\n");
864 priv->port_open = true;
865 break;
866
867 case EVENT_EXT_SCAN_REPORT:
868 mwifiex_dbg(adapter, EVENT, "event: EXT_SCAN Report\n");
869 /* We intend to skip this event during suspend, but handle
870 * it in interface disabled case
871 */
872 if (adapter->ext_scan && (!priv->scan_aborting ||
873 !netif_running(priv->netdev)))
874 ret = mwifiex_handle_event_ext_scan_report(priv,
875 adapter->event_skb->data);
876
877 break;
878
879 case EVENT_WMM_STATUS_CHANGE:
880 mwifiex_dbg(adapter, EVENT, "event: WMM status changed\n");
881 ret = mwifiex_send_cmd(priv, HostCmd_CMD_WMM_GET_STATUS,
882 0, 0, NULL, false);
883 break;
884
885 case EVENT_RSSI_LOW:
886 cfg80211_cqm_rssi_notify(priv->netdev,
887 NL80211_CQM_RSSI_THRESHOLD_EVENT_LOW,
888 0, GFP_KERNEL);
889 mwifiex_send_cmd(priv, HostCmd_CMD_RSSI_INFO,
890 HostCmd_ACT_GEN_GET, 0, NULL, false);
891 priv->subsc_evt_rssi_state = RSSI_LOW_RECVD;
892 mwifiex_dbg(adapter, EVENT, "event: Beacon RSSI_LOW\n");
893 break;
894 case EVENT_SNR_LOW:
895 mwifiex_dbg(adapter, EVENT, "event: Beacon SNR_LOW\n");
896 break;
897 case EVENT_MAX_FAIL:
898 mwifiex_dbg(adapter, EVENT, "event: MAX_FAIL\n");
899 break;
900 case EVENT_RSSI_HIGH:
901 cfg80211_cqm_rssi_notify(priv->netdev,
902 NL80211_CQM_RSSI_THRESHOLD_EVENT_HIGH,
903 0, GFP_KERNEL);
904 mwifiex_send_cmd(priv, HostCmd_CMD_RSSI_INFO,
905 HostCmd_ACT_GEN_GET, 0, NULL, false);
906 priv->subsc_evt_rssi_state = RSSI_HIGH_RECVD;
907 mwifiex_dbg(adapter, EVENT, "event: Beacon RSSI_HIGH\n");
908 break;
909 case EVENT_SNR_HIGH:
910 mwifiex_dbg(adapter, EVENT, "event: Beacon SNR_HIGH\n");
911 break;
912 case EVENT_DATA_RSSI_LOW:
913 mwifiex_dbg(adapter, EVENT, "event: Data RSSI_LOW\n");
914 break;
915 case EVENT_DATA_SNR_LOW:
916 mwifiex_dbg(adapter, EVENT, "event: Data SNR_LOW\n");
917 break;
918 case EVENT_DATA_RSSI_HIGH:
919 mwifiex_dbg(adapter, EVENT, "event: Data RSSI_HIGH\n");
920 break;
921 case EVENT_DATA_SNR_HIGH:
922 mwifiex_dbg(adapter, EVENT, "event: Data SNR_HIGH\n");
923 break;
924 case EVENT_LINK_QUALITY:
925 mwifiex_dbg(adapter, EVENT, "event: Link Quality\n");
926 break;
927 case EVENT_PRE_BEACON_LOST:
928 mwifiex_dbg(adapter, EVENT, "event: Pre-Beacon Lost\n");
929 break;
930 case EVENT_IBSS_COALESCED:
931 mwifiex_dbg(adapter, EVENT, "event: IBSS_COALESCED\n");
932 ret = mwifiex_send_cmd(priv,
933 HostCmd_CMD_802_11_IBSS_COALESCING_STATUS,
934 HostCmd_ACT_GEN_GET, 0, NULL, false);
935 break;
936 case EVENT_IBSS_STA_CONNECT:
937 ether_addr_copy(ibss_sta_addr, adapter->event_body + 2);
938 mwifiex_dbg(adapter, EVENT, "event: IBSS_STA_CONNECT %pM\n",
939 ibss_sta_addr);
940 sta_ptr = mwifiex_add_sta_entry(priv, ibss_sta_addr);
941 if (sta_ptr && adapter->adhoc_11n_enabled) {
942 mwifiex_check_ibss_peer_capabilities(priv, sta_ptr,
943 adapter->event_skb);
944 if (sta_ptr->is_11n_enabled)
945 for (i = 0; i < MAX_NUM_TID; i++)
946 sta_ptr->ampdu_sta[i] =
947 priv->aggr_prio_tbl[i].ampdu_user;
948 else
949 for (i = 0; i < MAX_NUM_TID; i++)
950 sta_ptr->ampdu_sta[i] =
951 BA_STREAM_NOT_ALLOWED;
952 memset(sta_ptr->rx_seq, 0xff, sizeof(sta_ptr->rx_seq));
953 }
954
955 break;
956 case EVENT_IBSS_STA_DISCONNECT:
957 ether_addr_copy(ibss_sta_addr, adapter->event_body + 2);
958 mwifiex_dbg(adapter, EVENT, "event: IBSS_STA_DISCONNECT %pM\n",
959 ibss_sta_addr);
960 sta_ptr = mwifiex_get_sta_entry(priv, ibss_sta_addr);
961 if (sta_ptr && sta_ptr->is_11n_enabled) {
962 mwifiex_11n_del_rx_reorder_tbl_by_ta(priv,
963 ibss_sta_addr);
964 mwifiex_del_tx_ba_stream_tbl_by_ra(priv, ibss_sta_addr);
965 }
966 mwifiex_wmm_del_peer_ra_list(priv, ibss_sta_addr);
967 mwifiex_del_sta_entry(priv, ibss_sta_addr);
968 break;
969 case EVENT_ADDBA:
970 mwifiex_dbg(adapter, EVENT, "event: ADDBA Request\n");
971 mwifiex_send_cmd(priv, HostCmd_CMD_11N_ADDBA_RSP,
972 HostCmd_ACT_GEN_SET, 0,
973 adapter->event_body, false);
974 break;
975 case EVENT_DELBA:
976 mwifiex_dbg(adapter, EVENT, "event: DELBA Request\n");
977 mwifiex_11n_delete_ba_stream(priv, adapter->event_body);
978 break;
979 case EVENT_BA_STREAM_TIEMOUT:
980 mwifiex_dbg(adapter, EVENT, "event: BA Stream timeout\n");
981 mwifiex_11n_ba_stream_timeout(priv,
982 (struct host_cmd_ds_11n_batimeout
983 *)
984 adapter->event_body);
985 break;
986 case EVENT_AMSDU_AGGR_CTRL:
987 ctrl = get_unaligned_le16(adapter->event_body);
988 mwifiex_dbg(adapter, EVENT,
989 "event: AMSDU_AGGR_CTRL %d\n", ctrl);
990
991 adapter->tx_buf_size =
992 min_t(u16, adapter->curr_tx_buf_size, ctrl);
993 mwifiex_dbg(adapter, EVENT, "event: tx_buf_size %d\n",
994 adapter->tx_buf_size);
995 break;
996
997 case EVENT_WEP_ICV_ERR:
998 mwifiex_dbg(adapter, EVENT, "event: WEP ICV error\n");
999 break;
1000
1001 case EVENT_BW_CHANGE:
1002 mwifiex_dbg(adapter, EVENT, "event: BW Change\n");
1003 break;
1004
1005 case EVENT_HOSTWAKE_STAIE:
1006 mwifiex_dbg(adapter, EVENT,
1007 "event: HOSTWAKE_STAIE %d\n", eventcause);
1008 break;
1009
1010 case EVENT_REMAIN_ON_CHAN_EXPIRED:
1011 mwifiex_dbg(adapter, EVENT,
1012 "event: Remain on channel expired\n");
1013
1014 if (adapter->host_mlme_enabled &&
1015 (priv->auth_flag & HOST_MLME_AUTH_PENDING)) {
1016 priv->auth_flag = 0;
1017 priv->auth_alg = WLAN_AUTH_NONE;
1018 } else {
1019 cfg80211_remain_on_channel_expired(&priv->wdev,
1020 priv->roc_cfg.cookie,
1021 &priv->roc_cfg.chan,
1022 GFP_ATOMIC);
1023 }
1024
1025 memset(&priv->roc_cfg, 0x00, sizeof(struct mwifiex_roc_cfg));
1026
1027 break;
1028
1029 case EVENT_CHANNEL_SWITCH_ANN:
1030 mwifiex_dbg(adapter, EVENT, "event: Channel Switch Announcement\n");
1031 priv->csa_expire_time =
1032 jiffies + msecs_to_jiffies(DFS_CHAN_MOVE_TIME);
1033 priv->csa_chan = priv->curr_bss_params.bss_descriptor.channel;
1034 ret = mwifiex_send_cmd(priv, HostCmd_CMD_802_11_DEAUTHENTICATE,
1035 HostCmd_ACT_GEN_SET, 0,
1036 priv->curr_bss_params.bss_descriptor.mac_address,
1037 false);
1038 break;
1039
1040 case EVENT_TDLS_GENERIC_EVENT:
1041 ret = mwifiex_parse_tdls_event(priv, adapter->event_skb);
1042 break;
1043
1044 case EVENT_TX_DATA_PAUSE:
1045 mwifiex_dbg(adapter, EVENT, "event: TX DATA PAUSE\n");
1046 mwifiex_process_tx_pause_event(priv, adapter->event_skb);
1047 break;
1048
1049 case EVENT_MULTI_CHAN_INFO:
1050 mwifiex_dbg(adapter, EVENT, "event: multi-chan info\n");
1051 mwifiex_process_multi_chan_event(priv, adapter->event_skb);
1052 break;
1053
1054 case EVENT_TX_STATUS_REPORT:
1055 mwifiex_dbg(adapter, EVENT, "event: TX_STATUS Report\n");
1056 mwifiex_parse_tx_status_event(priv, adapter->event_body);
1057 break;
1058
1059 case EVENT_CHANNEL_REPORT_RDY:
1060 mwifiex_dbg(adapter, EVENT, "event: Channel Report\n");
1061 ret = mwifiex_11h_handle_chanrpt_ready(priv,
1062 adapter->event_skb);
1063 break;
1064 case EVENT_RADAR_DETECTED:
1065 mwifiex_dbg(adapter, EVENT, "event: Radar detected\n");
1066 ret = mwifiex_11h_handle_radar_detected(priv,
1067 adapter->event_skb);
1068 break;
1069 case EVENT_BT_COEX_WLAN_PARA_CHANGE:
1070 dev_dbg(adapter->dev, "EVENT: BT coex wlan param update\n");
1071 if (adapter->ignore_btcoex_events)
1072 break;
1073
1074 mwifiex_bt_coex_wlan_param_update_event(priv,
1075 adapter->event_skb);
1076 break;
1077 case EVENT_RXBA_SYNC:
1078 dev_dbg(adapter->dev, "EVENT: RXBA_SYNC\n");
1079 mwifiex_11n_rxba_sync_event(priv, adapter->event_body,
1080 adapter->event_skb->len -
1081 sizeof(eventcause));
1082 break;
1083 case EVENT_FW_DUMP_INFO:
1084 mwifiex_dbg(adapter, EVENT, "event: firmware debug info\n");
1085 mwifiex_fw_dump_info_event(priv, adapter->event_skb);
1086 break;
1087 /* Debugging event; not used, but let's not print an ERROR for it. */
1088 case EVENT_UNKNOWN_DEBUG:
1089 mwifiex_dbg(adapter, EVENT, "event: debug\n");
1090 break;
1091 default:
1092 mwifiex_dbg(adapter, ERROR, "event: unknown event id: %#x\n",
1093 eventcause);
1094 break;
1095 }
1096
1097 return ret;
1098 }
1099