xref: /freebsd/sys/contrib/dev/athk/ath11k/wmi.c (revision 59c8e88e72633afbc47a4ace0d2170d00d51f7dc)
1 // SPDX-License-Identifier: BSD-3-Clause-Clear
2 /*
3  * Copyright (c) 2018-2019 The Linux Foundation. All rights reserved.
4  * Copyright (c) 2021, 2023 Qualcomm Innovation Center, Inc. All rights reserved.
5  */
6 #include <linux/skbuff.h>
7 #include <linux/ctype.h>
8 #include <net/mac80211.h>
9 #include <net/cfg80211.h>
10 #include <linux/completion.h>
11 #include <linux/if_ether.h>
12 #include <linux/types.h>
13 #include <linux/pci.h>
14 #include <linux/uuid.h>
15 #include <linux/time.h>
16 #if defined(CONFIG_OF)
17 #include <linux/of.h>
18 #endif
19 #if defined(__FreeBSD__)
20 #include <linux/math64.h>
21 #endif
22 #include "core.h"
23 #include "debug.h"
24 #include "mac.h"
25 #include "hw.h"
26 #include "peer.h"
27 #include "testmode.h"
28 
29 struct wmi_tlv_policy {
30 	size_t min_len;
31 };
32 
33 struct wmi_tlv_svc_ready_parse {
34 	bool wmi_svc_bitmap_done;
35 };
36 
37 struct wmi_tlv_dma_ring_caps_parse {
38 	struct wmi_dma_ring_capabilities *dma_ring_caps;
39 	u32 n_dma_ring_caps;
40 };
41 
42 struct wmi_tlv_svc_rdy_ext_parse {
43 	struct ath11k_service_ext_param param;
44 #if defined(__linux__)
45 	struct wmi_soc_mac_phy_hw_mode_caps *hw_caps;
46 	struct wmi_hw_mode_capabilities *hw_mode_caps;
47 #elif defined(__FreeBSD__)
48 	const struct wmi_soc_mac_phy_hw_mode_caps *hw_caps;
49 	const struct wmi_hw_mode_capabilities *hw_mode_caps;
50 #endif
51 	u32 n_hw_mode_caps;
52 	u32 tot_phy_id;
53 	struct wmi_hw_mode_capabilities pref_hw_mode_caps;
54 	struct wmi_mac_phy_capabilities *mac_phy_caps;
55 	u32 n_mac_phy_caps;
56 #if defined(__linux__)
57 	struct wmi_soc_hal_reg_capabilities *soc_hal_reg_caps;
58 	struct wmi_hal_reg_capabilities_ext *ext_hal_reg_caps;
59 #elif defined(__FreeBSD__)
60 	const struct wmi_soc_hal_reg_capabilities *soc_hal_reg_caps;
61 	const struct wmi_hal_reg_capabilities_ext *ext_hal_reg_caps;
62 #endif
63 	u32 n_ext_hal_reg_caps;
64 	struct wmi_tlv_dma_ring_caps_parse dma_caps_parse;
65 	bool hw_mode_done;
66 	bool mac_phy_done;
67 	bool ext_hal_reg_done;
68 	bool mac_phy_chainmask_combo_done;
69 	bool mac_phy_chainmask_cap_done;
70 	bool oem_dma_ring_cap_done;
71 	bool dma_ring_cap_done;
72 };
73 
74 struct wmi_tlv_svc_rdy_ext2_parse {
75 	struct wmi_tlv_dma_ring_caps_parse dma_caps_parse;
76 	bool dma_ring_cap_done;
77 };
78 
79 struct wmi_tlv_rdy_parse {
80 	u32 num_extra_mac_addr;
81 };
82 
83 struct wmi_tlv_dma_buf_release_parse {
84 	struct ath11k_wmi_dma_buf_release_fixed_param fixed;
85 #if defined(__linux__)
86 	struct wmi_dma_buf_release_entry *buf_entry;
87 	struct wmi_dma_buf_release_meta_data *meta_data;
88 #elif defined(__FreeBSD__)
89 	const struct wmi_dma_buf_release_entry *buf_entry;
90 	const struct wmi_dma_buf_release_meta_data *meta_data;
91 #endif
92 	u32 num_buf_entry;
93 	u32 num_meta;
94 	bool buf_entry_done;
95 	bool meta_data_done;
96 };
97 
98 struct wmi_tlv_fw_stats_parse {
99 	const struct wmi_stats_event *ev;
100 	const struct wmi_per_chain_rssi_stats *rssi;
101 	struct ath11k_fw_stats *stats;
102 	int rssi_num;
103 	bool chain_rssi_done;
104 };
105 
106 struct wmi_tlv_mgmt_rx_parse {
107 	const struct wmi_mgmt_rx_hdr *fixed;
108 	const u8 *frame_buf;
109 	bool frame_buf_done;
110 };
111 
112 static const struct wmi_tlv_policy wmi_tlv_policies[] = {
113 	[WMI_TAG_ARRAY_BYTE]
114 		= { .min_len = 0 },
115 	[WMI_TAG_ARRAY_UINT32]
116 		= { .min_len = 0 },
117 	[WMI_TAG_SERVICE_READY_EVENT]
118 		= { .min_len = sizeof(struct wmi_service_ready_event) },
119 	[WMI_TAG_SERVICE_READY_EXT_EVENT]
120 		= { .min_len =  sizeof(struct wmi_service_ready_ext_event) },
121 	[WMI_TAG_SOC_MAC_PHY_HW_MODE_CAPS]
122 		= { .min_len = sizeof(struct wmi_soc_mac_phy_hw_mode_caps) },
123 	[WMI_TAG_SOC_HAL_REG_CAPABILITIES]
124 		= { .min_len = sizeof(struct wmi_soc_hal_reg_capabilities) },
125 	[WMI_TAG_VDEV_START_RESPONSE_EVENT]
126 		= { .min_len = sizeof(struct wmi_vdev_start_resp_event) },
127 	[WMI_TAG_PEER_DELETE_RESP_EVENT]
128 		= { .min_len = sizeof(struct wmi_peer_delete_resp_event) },
129 	[WMI_TAG_OFFLOAD_BCN_TX_STATUS_EVENT]
130 		= { .min_len = sizeof(struct wmi_bcn_tx_status_event) },
131 	[WMI_TAG_VDEV_STOPPED_EVENT]
132 		= { .min_len = sizeof(struct wmi_vdev_stopped_event) },
133 	[WMI_TAG_REG_CHAN_LIST_CC_EVENT]
134 		= { .min_len = sizeof(struct wmi_reg_chan_list_cc_event) },
135 	[WMI_TAG_REG_CHAN_LIST_CC_EXT_EVENT]
136 		= { .min_len = sizeof(struct wmi_reg_chan_list_cc_ext_event) },
137 	[WMI_TAG_MGMT_RX_HDR]
138 		= { .min_len = sizeof(struct wmi_mgmt_rx_hdr) },
139 	[WMI_TAG_MGMT_TX_COMPL_EVENT]
140 		= { .min_len = sizeof(struct wmi_mgmt_tx_compl_event) },
141 	[WMI_TAG_SCAN_EVENT]
142 		= { .min_len = sizeof(struct wmi_scan_event) },
143 	[WMI_TAG_PEER_STA_KICKOUT_EVENT]
144 		= { .min_len = sizeof(struct wmi_peer_sta_kickout_event) },
145 	[WMI_TAG_ROAM_EVENT]
146 		= { .min_len = sizeof(struct wmi_roam_event) },
147 	[WMI_TAG_CHAN_INFO_EVENT]
148 		= { .min_len = sizeof(struct wmi_chan_info_event) },
149 	[WMI_TAG_PDEV_BSS_CHAN_INFO_EVENT]
150 		= { .min_len = sizeof(struct wmi_pdev_bss_chan_info_event) },
151 	[WMI_TAG_VDEV_INSTALL_KEY_COMPLETE_EVENT]
152 		= { .min_len = sizeof(struct wmi_vdev_install_key_compl_event) },
153 	[WMI_TAG_READY_EVENT] = {
154 		.min_len = sizeof(struct wmi_ready_event_min) },
155 	[WMI_TAG_SERVICE_AVAILABLE_EVENT]
156 		= {.min_len = sizeof(struct wmi_service_available_event) },
157 	[WMI_TAG_PEER_ASSOC_CONF_EVENT]
158 		= { .min_len = sizeof(struct wmi_peer_assoc_conf_event) },
159 	[WMI_TAG_STATS_EVENT]
160 		= { .min_len = sizeof(struct wmi_stats_event) },
161 	[WMI_TAG_PDEV_CTL_FAILSAFE_CHECK_EVENT]
162 		= { .min_len = sizeof(struct wmi_pdev_ctl_failsafe_chk_event) },
163 	[WMI_TAG_HOST_SWFDA_EVENT] = {
164 		.min_len = sizeof(struct wmi_fils_discovery_event) },
165 	[WMI_TAG_OFFLOAD_PRB_RSP_TX_STATUS_EVENT] = {
166 		.min_len = sizeof(struct wmi_probe_resp_tx_status_event) },
167 	[WMI_TAG_VDEV_DELETE_RESP_EVENT] = {
168 		.min_len = sizeof(struct wmi_vdev_delete_resp_event) },
169 	[WMI_TAG_OBSS_COLOR_COLLISION_EVT] = {
170 		.min_len = sizeof(struct wmi_obss_color_collision_event) },
171 	[WMI_TAG_11D_NEW_COUNTRY_EVENT] = {
172 		.min_len = sizeof(struct wmi_11d_new_cc_ev) },
173 	[WMI_TAG_PER_CHAIN_RSSI_STATS] = {
174 		.min_len = sizeof(struct wmi_per_chain_rssi_stats) },
175 	[WMI_TAG_TWT_ADD_DIALOG_COMPLETE_EVENT] = {
176 		.min_len = sizeof(struct wmi_twt_add_dialog_event) },
177 };
178 
179 #define PRIMAP(_hw_mode_) \
180 	[_hw_mode_] = _hw_mode_##_PRI
181 
182 static const int ath11k_hw_mode_pri_map[] = {
183 	PRIMAP(WMI_HOST_HW_MODE_SINGLE),
184 	PRIMAP(WMI_HOST_HW_MODE_DBS),
185 	PRIMAP(WMI_HOST_HW_MODE_SBS_PASSIVE),
186 	PRIMAP(WMI_HOST_HW_MODE_SBS),
187 	PRIMAP(WMI_HOST_HW_MODE_DBS_SBS),
188 	PRIMAP(WMI_HOST_HW_MODE_DBS_OR_SBS),
189 	/* keep last */
190 	PRIMAP(WMI_HOST_HW_MODE_MAX),
191 };
192 
193 static int
194 #if defined(__linux__)
195 ath11k_wmi_tlv_iter(struct ath11k_base *ab, const void *ptr, size_t len,
196 #elif defined(__FreeBSD__)
197 ath11k_wmi_tlv_iter(struct ath11k_base *ab, const u8 *ptr, size_t len,
198 #endif
199 		    int (*iter)(struct ath11k_base *ab, u16 tag, u16 len,
200 				const void *ptr, void *data),
201 		    void *data)
202 {
203 #if defined(__linux__)
204 	const void *begin = ptr;
205 #elif defined(__FreeBSD__)
206 	const u8 *begin = ptr;
207 #endif
208 	const struct wmi_tlv *tlv;
209 	u16 tlv_tag, tlv_len;
210 	int ret;
211 
212 	while (len > 0) {
213 		if (len < sizeof(*tlv)) {
214 			ath11k_err(ab, "wmi tlv parse failure at byte %zd (%zu bytes left, %zu expected)\n",
215 				   ptr - begin, len, sizeof(*tlv));
216 			return -EINVAL;
217 		}
218 
219 #if defined(__linux__)
220 		tlv = ptr;
221 #elif defined(__FreeBSD__)
222 		tlv = (const void *)ptr;
223 #endif
224 		tlv_tag = FIELD_GET(WMI_TLV_TAG, tlv->header);
225 		tlv_len = FIELD_GET(WMI_TLV_LEN, tlv->header);
226 		ptr += sizeof(*tlv);
227 		len -= sizeof(*tlv);
228 
229 		if (tlv_len > len) {
230 			ath11k_err(ab, "wmi tlv parse failure of tag %u at byte %zd (%zu bytes left, %u expected)\n",
231 				   tlv_tag, ptr - begin, len, tlv_len);
232 			return -EINVAL;
233 		}
234 
235 		if (tlv_tag < ARRAY_SIZE(wmi_tlv_policies) &&
236 		    wmi_tlv_policies[tlv_tag].min_len &&
237 		    wmi_tlv_policies[tlv_tag].min_len > tlv_len) {
238 			ath11k_err(ab, "wmi tlv parse failure of tag %u at byte %zd (%u bytes is less than min length %zu)\n",
239 				   tlv_tag, ptr - begin, tlv_len,
240 				   wmi_tlv_policies[tlv_tag].min_len);
241 			return -EINVAL;
242 		}
243 
244 #if defined(__linux__)
245 		ret = iter(ab, tlv_tag, tlv_len, ptr, data);
246 #elif defined(__FreeBSD__)
247 		ret = iter(ab, tlv_tag, tlv_len, (const void *)ptr, data);
248 #endif
249 		if (ret)
250 			return ret;
251 
252 		ptr += tlv_len;
253 		len -= tlv_len;
254 	}
255 
256 	return 0;
257 }
258 
259 static int ath11k_wmi_tlv_iter_parse(struct ath11k_base *ab, u16 tag, u16 len,
260 				     const void *ptr, void *data)
261 {
262 	const void **tb = data;
263 
264 	if (tag < WMI_TAG_MAX)
265 		tb[tag] = ptr;
266 
267 	return 0;
268 }
269 
270 static int ath11k_wmi_tlv_parse(struct ath11k_base *ar, const void **tb,
271 				const void *ptr, size_t len)
272 {
273 	return ath11k_wmi_tlv_iter(ar, ptr, len, ath11k_wmi_tlv_iter_parse,
274 				   (void *)tb);
275 }
276 
277 const void **ath11k_wmi_tlv_parse_alloc(struct ath11k_base *ab, const void *ptr,
278 					size_t len, gfp_t gfp)
279 {
280 	const void **tb;
281 	int ret;
282 
283 	tb = kcalloc(WMI_TAG_MAX, sizeof(*tb), gfp);
284 	if (!tb)
285 		return ERR_PTR(-ENOMEM);
286 
287 	ret = ath11k_wmi_tlv_parse(ab, tb, ptr, len);
288 	if (ret) {
289 		kfree(tb);
290 		return ERR_PTR(ret);
291 	}
292 
293 	return tb;
294 }
295 
296 static int ath11k_wmi_cmd_send_nowait(struct ath11k_pdev_wmi *wmi, struct sk_buff *skb,
297 				      u32 cmd_id)
298 {
299 	struct ath11k_skb_cb *skb_cb = ATH11K_SKB_CB(skb);
300 	struct ath11k_base *ab = wmi->wmi_ab->ab;
301 	struct wmi_cmd_hdr *cmd_hdr;
302 	int ret;
303 	u32 cmd = 0;
304 
305 	if (skb_push(skb, sizeof(struct wmi_cmd_hdr)) == NULL)
306 		return -ENOMEM;
307 
308 	cmd |= FIELD_PREP(WMI_CMD_HDR_CMD_ID, cmd_id);
309 
310 	cmd_hdr = (struct wmi_cmd_hdr *)skb->data;
311 	cmd_hdr->cmd_id = cmd;
312 
313 	trace_ath11k_wmi_cmd(ab, cmd_id, skb->data, skb->len);
314 
315 	memset(skb_cb, 0, sizeof(*skb_cb));
316 	ret = ath11k_htc_send(&ab->htc, wmi->eid, skb);
317 
318 	if (ret)
319 		goto err_pull;
320 
321 	return 0;
322 
323 err_pull:
324 	skb_pull(skb, sizeof(struct wmi_cmd_hdr));
325 	return ret;
326 }
327 
328 int ath11k_wmi_cmd_send(struct ath11k_pdev_wmi *wmi, struct sk_buff *skb,
329 			u32 cmd_id)
330 {
331 	struct ath11k_wmi_base *wmi_sc = wmi->wmi_ab;
332 	int ret = -EOPNOTSUPP;
333 	struct ath11k_base *ab = wmi_sc->ab;
334 
335 	might_sleep();
336 
337 	if (ab->hw_params.credit_flow) {
338 		wait_event_timeout(wmi_sc->tx_credits_wq, ({
339 			ret = ath11k_wmi_cmd_send_nowait(wmi, skb, cmd_id);
340 
341 			if (ret && test_bit(ATH11K_FLAG_CRASH_FLUSH,
342 					    &wmi_sc->ab->dev_flags))
343 				ret = -ESHUTDOWN;
344 
345 			(ret != -EAGAIN);
346 			}), WMI_SEND_TIMEOUT_HZ);
347 	} else {
348 		wait_event_timeout(wmi->tx_ce_desc_wq, ({
349 			ret = ath11k_wmi_cmd_send_nowait(wmi, skb, cmd_id);
350 
351 			if (ret && test_bit(ATH11K_FLAG_CRASH_FLUSH,
352 					    &wmi_sc->ab->dev_flags))
353 				ret = -ESHUTDOWN;
354 
355 			(ret != -ENOBUFS);
356 			}), WMI_SEND_TIMEOUT_HZ);
357 	}
358 
359 	if (ret == -EAGAIN)
360 		ath11k_warn(wmi_sc->ab, "wmi command %d timeout\n", cmd_id);
361 
362 	if (ret == -ENOBUFS)
363 		ath11k_warn(wmi_sc->ab, "ce desc not available for wmi command %d\n",
364 			    cmd_id);
365 
366 	return ret;
367 }
368 
369 static int ath11k_pull_svc_ready_ext(struct ath11k_pdev_wmi *wmi_handle,
370 				     const void *ptr,
371 				     struct ath11k_service_ext_param *param)
372 {
373 	const struct wmi_service_ready_ext_event *ev = ptr;
374 
375 	if (!ev)
376 		return -EINVAL;
377 
378 	/* Move this to host based bitmap */
379 	param->default_conc_scan_config_bits = ev->default_conc_scan_config_bits;
380 	param->default_fw_config_bits =	ev->default_fw_config_bits;
381 	param->he_cap_info = ev->he_cap_info;
382 	param->mpdu_density = ev->mpdu_density;
383 	param->max_bssid_rx_filters = ev->max_bssid_rx_filters;
384 	memcpy(&param->ppet, &ev->ppet, sizeof(param->ppet));
385 
386 	return 0;
387 }
388 
389 static int
390 ath11k_pull_mac_phy_cap_svc_ready_ext(struct ath11k_pdev_wmi *wmi_handle,
391 #if defined(__linux__)
392 				      struct wmi_soc_mac_phy_hw_mode_caps *hw_caps,
393 				      struct wmi_hw_mode_capabilities *wmi_hw_mode_caps,
394 				      struct wmi_soc_hal_reg_capabilities *hal_reg_caps,
395 #elif defined(__FreeBSD__)
396 				      const struct wmi_soc_mac_phy_hw_mode_caps *hw_caps,
397 				      const struct wmi_hw_mode_capabilities *wmi_hw_mode_caps,
398 				      const struct wmi_soc_hal_reg_capabilities *hal_reg_caps,
399 #endif
400 				      struct wmi_mac_phy_capabilities *wmi_mac_phy_caps,
401 				      u8 hw_mode_id, u8 phy_id,
402 				      struct ath11k_pdev *pdev)
403 {
404 	struct wmi_mac_phy_capabilities *mac_phy_caps;
405 	struct ath11k_base *ab = wmi_handle->wmi_ab->ab;
406 	struct ath11k_band_cap *cap_band;
407 	struct ath11k_pdev_cap *pdev_cap = &pdev->cap;
408 	u32 phy_map;
409 	u32 hw_idx, phy_idx = 0;
410 
411 	if (!hw_caps || !wmi_hw_mode_caps || !hal_reg_caps)
412 		return -EINVAL;
413 
414 	for (hw_idx = 0; hw_idx < hw_caps->num_hw_modes; hw_idx++) {
415 		if (hw_mode_id == wmi_hw_mode_caps[hw_idx].hw_mode_id)
416 			break;
417 
418 		phy_map = wmi_hw_mode_caps[hw_idx].phy_id_map;
419 		while (phy_map) {
420 			phy_map >>= 1;
421 			phy_idx++;
422 		}
423 	}
424 
425 	if (hw_idx == hw_caps->num_hw_modes)
426 		return -EINVAL;
427 
428 	phy_idx += phy_id;
429 	if (phy_id >= hal_reg_caps->num_phy)
430 		return -EINVAL;
431 
432 	mac_phy_caps = wmi_mac_phy_caps + phy_idx;
433 
434 	pdev->pdev_id = mac_phy_caps->pdev_id;
435 	pdev_cap->supported_bands |= mac_phy_caps->supported_bands;
436 	pdev_cap->ampdu_density = mac_phy_caps->ampdu_density;
437 	ab->target_pdev_ids[ab->target_pdev_count].supported_bands =
438 		mac_phy_caps->supported_bands;
439 	ab->target_pdev_ids[ab->target_pdev_count].pdev_id = mac_phy_caps->pdev_id;
440 	ab->target_pdev_count++;
441 
442 	if (!(mac_phy_caps->supported_bands & WMI_HOST_WLAN_2G_CAP) &&
443 	    !(mac_phy_caps->supported_bands & WMI_HOST_WLAN_5G_CAP))
444 		return -EINVAL;
445 
446 	/* Take non-zero tx/rx chainmask. If tx/rx chainmask differs from
447 	 * band to band for a single radio, need to see how this should be
448 	 * handled.
449 	 */
450 	if (mac_phy_caps->supported_bands & WMI_HOST_WLAN_2G_CAP) {
451 		pdev_cap->tx_chain_mask = mac_phy_caps->tx_chain_mask_2g;
452 		pdev_cap->rx_chain_mask = mac_phy_caps->rx_chain_mask_2g;
453 	}
454 
455 	if (mac_phy_caps->supported_bands & WMI_HOST_WLAN_5G_CAP) {
456 		pdev_cap->vht_cap = mac_phy_caps->vht_cap_info_5g;
457 		pdev_cap->vht_mcs = mac_phy_caps->vht_supp_mcs_5g;
458 		pdev_cap->he_mcs = mac_phy_caps->he_supp_mcs_5g;
459 		pdev_cap->tx_chain_mask = mac_phy_caps->tx_chain_mask_5g;
460 		pdev_cap->rx_chain_mask = mac_phy_caps->rx_chain_mask_5g;
461 		pdev_cap->nss_ratio_enabled =
462 			WMI_NSS_RATIO_ENABLE_DISABLE_GET(mac_phy_caps->nss_ratio);
463 		pdev_cap->nss_ratio_info =
464 			WMI_NSS_RATIO_INFO_GET(mac_phy_caps->nss_ratio);
465 	}
466 
467 	/* tx/rx chainmask reported from fw depends on the actual hw chains used,
468 	 * For example, for 4x4 capable macphys, first 4 chains can be used for first
469 	 * mac and the remaining 4 chains can be used for the second mac or vice-versa.
470 	 * In this case, tx/rx chainmask 0xf will be advertised for first mac and 0xf0
471 	 * will be advertised for second mac or vice-versa. Compute the shift value
472 	 * for tx/rx chainmask which will be used to advertise supported ht/vht rates to
473 	 * mac80211.
474 	 */
475 	pdev_cap->tx_chain_mask_shift =
476 			find_first_bit((unsigned long *)&pdev_cap->tx_chain_mask, 32);
477 	pdev_cap->rx_chain_mask_shift =
478 			find_first_bit((unsigned long *)&pdev_cap->rx_chain_mask, 32);
479 
480 	if (mac_phy_caps->supported_bands & WMI_HOST_WLAN_2G_CAP) {
481 		cap_band = &pdev_cap->band[NL80211_BAND_2GHZ];
482 		cap_band->phy_id = mac_phy_caps->phy_id;
483 		cap_band->max_bw_supported = mac_phy_caps->max_bw_supported_2g;
484 		cap_band->ht_cap_info = mac_phy_caps->ht_cap_info_2g;
485 		cap_band->he_cap_info[0] = mac_phy_caps->he_cap_info_2g;
486 		cap_band->he_cap_info[1] = mac_phy_caps->he_cap_info_2g_ext;
487 		cap_band->he_mcs = mac_phy_caps->he_supp_mcs_2g;
488 		memcpy(cap_band->he_cap_phy_info, &mac_phy_caps->he_cap_phy_info_2g,
489 		       sizeof(u32) * PSOC_HOST_MAX_PHY_SIZE);
490 		memcpy(&cap_band->he_ppet, &mac_phy_caps->he_ppet2g,
491 		       sizeof(struct ath11k_ppe_threshold));
492 	}
493 
494 	if (mac_phy_caps->supported_bands & WMI_HOST_WLAN_5G_CAP) {
495 		cap_band = &pdev_cap->band[NL80211_BAND_5GHZ];
496 		cap_band->phy_id = mac_phy_caps->phy_id;
497 		cap_band->max_bw_supported = mac_phy_caps->max_bw_supported_5g;
498 		cap_band->ht_cap_info = mac_phy_caps->ht_cap_info_5g;
499 		cap_band->he_cap_info[0] = mac_phy_caps->he_cap_info_5g;
500 		cap_band->he_cap_info[1] = mac_phy_caps->he_cap_info_5g_ext;
501 		cap_band->he_mcs = mac_phy_caps->he_supp_mcs_5g;
502 		memcpy(cap_band->he_cap_phy_info, &mac_phy_caps->he_cap_phy_info_5g,
503 		       sizeof(u32) * PSOC_HOST_MAX_PHY_SIZE);
504 		memcpy(&cap_band->he_ppet, &mac_phy_caps->he_ppet5g,
505 		       sizeof(struct ath11k_ppe_threshold));
506 
507 		cap_band = &pdev_cap->band[NL80211_BAND_6GHZ];
508 		cap_band->max_bw_supported = mac_phy_caps->max_bw_supported_5g;
509 		cap_band->ht_cap_info = mac_phy_caps->ht_cap_info_5g;
510 		cap_band->he_cap_info[0] = mac_phy_caps->he_cap_info_5g;
511 		cap_band->he_cap_info[1] = mac_phy_caps->he_cap_info_5g_ext;
512 		cap_band->he_mcs = mac_phy_caps->he_supp_mcs_5g;
513 		memcpy(cap_band->he_cap_phy_info, &mac_phy_caps->he_cap_phy_info_5g,
514 		       sizeof(u32) * PSOC_HOST_MAX_PHY_SIZE);
515 		memcpy(&cap_band->he_ppet, &mac_phy_caps->he_ppet5g,
516 		       sizeof(struct ath11k_ppe_threshold));
517 	}
518 
519 	return 0;
520 }
521 
522 static int
523 ath11k_pull_reg_cap_svc_rdy_ext(struct ath11k_pdev_wmi *wmi_handle,
524 #if defined(__linux__)
525 				struct wmi_soc_hal_reg_capabilities *reg_caps,
526 				struct wmi_hal_reg_capabilities_ext *wmi_ext_reg_cap,
527 #elif defined(__FreeBSD__)
528 				const struct wmi_soc_hal_reg_capabilities *reg_caps,
529 				const struct wmi_hal_reg_capabilities_ext *wmi_ext_reg_cap,
530 #endif
531 				u8 phy_idx,
532 				struct ath11k_hal_reg_capabilities_ext *param)
533 {
534 #if defined(__linux__)
535 	struct wmi_hal_reg_capabilities_ext *ext_reg_cap;
536 #elif defined(__FreeBSD__)
537 	const struct wmi_hal_reg_capabilities_ext *ext_reg_cap;
538 #endif
539 
540 	if (!reg_caps || !wmi_ext_reg_cap)
541 		return -EINVAL;
542 
543 	if (phy_idx >= reg_caps->num_phy)
544 		return -EINVAL;
545 
546 	ext_reg_cap = &wmi_ext_reg_cap[phy_idx];
547 
548 	param->phy_id = ext_reg_cap->phy_id;
549 	param->eeprom_reg_domain = ext_reg_cap->eeprom_reg_domain;
550 	param->eeprom_reg_domain_ext =
551 			      ext_reg_cap->eeprom_reg_domain_ext;
552 	param->regcap1 = ext_reg_cap->regcap1;
553 	param->regcap2 = ext_reg_cap->regcap2;
554 	/* check if param->wireless_mode is needed */
555 	param->low_2ghz_chan = ext_reg_cap->low_2ghz_chan;
556 	param->high_2ghz_chan = ext_reg_cap->high_2ghz_chan;
557 	param->low_5ghz_chan = ext_reg_cap->low_5ghz_chan;
558 	param->high_5ghz_chan = ext_reg_cap->high_5ghz_chan;
559 
560 	return 0;
561 }
562 
563 static int ath11k_pull_service_ready_tlv(struct ath11k_base *ab,
564 					 const void *evt_buf,
565 					 struct ath11k_targ_cap *cap)
566 {
567 	const struct wmi_service_ready_event *ev = evt_buf;
568 
569 	if (!ev) {
570 		ath11k_err(ab, "%s: failed by NULL param\n",
571 			   __func__);
572 		return -EINVAL;
573 	}
574 
575 	cap->phy_capability = ev->phy_capability;
576 	cap->max_frag_entry = ev->max_frag_entry;
577 	cap->num_rf_chains = ev->num_rf_chains;
578 	cap->ht_cap_info = ev->ht_cap_info;
579 	cap->vht_cap_info = ev->vht_cap_info;
580 	cap->vht_supp_mcs = ev->vht_supp_mcs;
581 	cap->hw_min_tx_power = ev->hw_min_tx_power;
582 	cap->hw_max_tx_power = ev->hw_max_tx_power;
583 	cap->sys_cap_info = ev->sys_cap_info;
584 	cap->min_pkt_size_enable = ev->min_pkt_size_enable;
585 	cap->max_bcn_ie_size = ev->max_bcn_ie_size;
586 	cap->max_num_scan_channels = ev->max_num_scan_channels;
587 	cap->max_supported_macs = ev->max_supported_macs;
588 	cap->wmi_fw_sub_feat_caps = ev->wmi_fw_sub_feat_caps;
589 	cap->txrx_chainmask = ev->txrx_chainmask;
590 	cap->default_dbs_hw_mode_index = ev->default_dbs_hw_mode_index;
591 	cap->num_msdu_desc = ev->num_msdu_desc;
592 
593 	return 0;
594 }
595 
596 /* Save the wmi_service_bitmap into a linear bitmap. The wmi_services in
597  * wmi_service ready event are advertised in b0-b3 (LSB 4-bits) of each
598  * 4-byte word.
599  */
600 static void ath11k_wmi_service_bitmap_copy(struct ath11k_pdev_wmi *wmi,
601 					   const u32 *wmi_svc_bm)
602 {
603 	int i, j;
604 
605 	for (i = 0, j = 0; i < WMI_SERVICE_BM_SIZE && j < WMI_MAX_SERVICE; i++) {
606 		do {
607 			if (wmi_svc_bm[i] & BIT(j % WMI_SERVICE_BITS_IN_SIZE32))
608 				set_bit(j, wmi->wmi_ab->svc_map);
609 		} while (++j % WMI_SERVICE_BITS_IN_SIZE32);
610 	}
611 }
612 
613 static int ath11k_wmi_tlv_svc_rdy_parse(struct ath11k_base *ab, u16 tag, u16 len,
614 					const void *ptr, void *data)
615 {
616 	struct wmi_tlv_svc_ready_parse *svc_ready = data;
617 	struct ath11k_pdev_wmi *wmi_handle = &ab->wmi_ab.wmi[0];
618 	u16 expect_len;
619 
620 	switch (tag) {
621 	case WMI_TAG_SERVICE_READY_EVENT:
622 		if (ath11k_pull_service_ready_tlv(ab, ptr, &ab->target_caps))
623 			return -EINVAL;
624 		break;
625 
626 	case WMI_TAG_ARRAY_UINT32:
627 		if (!svc_ready->wmi_svc_bitmap_done) {
628 			expect_len = WMI_SERVICE_BM_SIZE * sizeof(u32);
629 			if (len < expect_len) {
630 				ath11k_warn(ab, "invalid len %d for the tag 0x%x\n",
631 					    len, tag);
632 				return -EINVAL;
633 			}
634 
635 			ath11k_wmi_service_bitmap_copy(wmi_handle, ptr);
636 
637 			svc_ready->wmi_svc_bitmap_done = true;
638 		}
639 		break;
640 	default:
641 		break;
642 	}
643 
644 	return 0;
645 }
646 
647 static int ath11k_service_ready_event(struct ath11k_base *ab, struct sk_buff *skb)
648 {
649 	struct wmi_tlv_svc_ready_parse svc_ready = { };
650 	int ret;
651 
652 	ret = ath11k_wmi_tlv_iter(ab, skb->data, skb->len,
653 				  ath11k_wmi_tlv_svc_rdy_parse,
654 				  &svc_ready);
655 	if (ret) {
656 		ath11k_warn(ab, "failed to parse tlv %d\n", ret);
657 		return ret;
658 	}
659 
660 	ath11k_dbg(ab, ATH11K_DBG_WMI, "event service ready");
661 
662 	return 0;
663 }
664 
665 struct sk_buff *ath11k_wmi_alloc_skb(struct ath11k_wmi_base *wmi_sc, u32 len)
666 {
667 	struct sk_buff *skb;
668 	struct ath11k_base *ab = wmi_sc->ab;
669 	u32 round_len = roundup(len, 4);
670 
671 	skb = ath11k_htc_alloc_skb(ab, WMI_SKB_HEADROOM + round_len);
672 	if (!skb)
673 		return NULL;
674 
675 	skb_reserve(skb, WMI_SKB_HEADROOM);
676 	if (!IS_ALIGNED((unsigned long)skb->data, 4))
677 		ath11k_warn(ab, "unaligned WMI skb data\n");
678 
679 	skb_put(skb, round_len);
680 	memset(skb->data, 0, round_len);
681 
682 	return skb;
683 }
684 
685 static u32 ath11k_wmi_mgmt_get_freq(struct ath11k *ar,
686 				    struct ieee80211_tx_info *info)
687 {
688 	struct ath11k_base *ab = ar->ab;
689 	u32 freq = 0;
690 
691 	if (ab->hw_params.support_off_channel_tx &&
692 	    ar->scan.is_roc &&
693 	    (info->flags & IEEE80211_TX_CTL_TX_OFFCHAN))
694 		freq = ar->scan.roc_freq;
695 
696 	return freq;
697 }
698 
699 int ath11k_wmi_mgmt_send(struct ath11k *ar, u32 vdev_id, u32 buf_id,
700 			 struct sk_buff *frame)
701 {
702 	struct ath11k_pdev_wmi *wmi = ar->wmi;
703 	struct ieee80211_tx_info *info = IEEE80211_SKB_CB(frame);
704 	struct wmi_mgmt_send_cmd *cmd;
705 	struct wmi_tlv *frame_tlv;
706 	struct sk_buff *skb;
707 	u32 buf_len;
708 	int ret, len;
709 
710 	buf_len = frame->len < WMI_MGMT_SEND_DOWNLD_LEN ?
711 		  frame->len : WMI_MGMT_SEND_DOWNLD_LEN;
712 
713 	len = sizeof(*cmd) + sizeof(*frame_tlv) + roundup(buf_len, 4);
714 
715 	skb = ath11k_wmi_alloc_skb(wmi->wmi_ab, len);
716 	if (!skb)
717 		return -ENOMEM;
718 
719 	cmd = (struct wmi_mgmt_send_cmd *)skb->data;
720 	cmd->tlv_header = FIELD_PREP(WMI_TLV_TAG, WMI_TAG_MGMT_TX_SEND_CMD) |
721 			  FIELD_PREP(WMI_TLV_LEN, sizeof(*cmd) - TLV_HDR_SIZE);
722 	cmd->vdev_id = vdev_id;
723 	cmd->desc_id = buf_id;
724 	cmd->chanfreq = ath11k_wmi_mgmt_get_freq(ar, info);
725 	cmd->paddr_lo = lower_32_bits(ATH11K_SKB_CB(frame)->paddr);
726 	cmd->paddr_hi = upper_32_bits(ATH11K_SKB_CB(frame)->paddr);
727 	cmd->frame_len = frame->len;
728 	cmd->buf_len = buf_len;
729 	cmd->tx_params_valid = 0;
730 
731 	frame_tlv = (struct wmi_tlv *)(skb->data + sizeof(*cmd));
732 	frame_tlv->header = FIELD_PREP(WMI_TLV_TAG, WMI_TAG_ARRAY_BYTE) |
733 			    FIELD_PREP(WMI_TLV_LEN, buf_len);
734 
735 	memcpy(frame_tlv->value, frame->data, buf_len);
736 
737 	ath11k_ce_byte_swap(frame_tlv->value, buf_len);
738 
739 	ret = ath11k_wmi_cmd_send(wmi, skb, WMI_MGMT_TX_SEND_CMDID);
740 	if (ret) {
741 		ath11k_warn(ar->ab,
742 			    "failed to submit WMI_MGMT_TX_SEND_CMDID cmd\n");
743 		dev_kfree_skb(skb);
744 	}
745 
746 	ath11k_dbg(ar->ab, ATH11K_DBG_WMI, "cmd mgmt tx send");
747 
748 	return ret;
749 }
750 
751 int ath11k_wmi_vdev_create(struct ath11k *ar, u8 *macaddr,
752 			   struct vdev_create_params *param)
753 {
754 	struct ath11k_pdev_wmi *wmi = ar->wmi;
755 	struct wmi_vdev_create_cmd *cmd;
756 	struct sk_buff *skb;
757 	struct wmi_vdev_txrx_streams *txrx_streams;
758 	struct wmi_tlv *tlv;
759 	int ret, len;
760 #if defined(__linux__)
761 	void *ptr;
762 #elif defined(__FreeBSD__)
763 	u8 *ptr;
764 #endif
765 
766 	/* It can be optimized my sending tx/rx chain configuration
767 	 * only for supported bands instead of always sending it for
768 	 * both the bands.
769 	 */
770 	len = sizeof(*cmd) + TLV_HDR_SIZE +
771 		(WMI_NUM_SUPPORTED_BAND_MAX * sizeof(*txrx_streams));
772 
773 	skb = ath11k_wmi_alloc_skb(wmi->wmi_ab, len);
774 	if (!skb)
775 		return -ENOMEM;
776 
777 	cmd = (struct wmi_vdev_create_cmd *)skb->data;
778 	cmd->tlv_header = FIELD_PREP(WMI_TLV_TAG, WMI_TAG_VDEV_CREATE_CMD) |
779 			  FIELD_PREP(WMI_TLV_LEN, sizeof(*cmd) - TLV_HDR_SIZE);
780 
781 	cmd->vdev_id = param->if_id;
782 	cmd->vdev_type = param->type;
783 	cmd->vdev_subtype = param->subtype;
784 	cmd->num_cfg_txrx_streams = WMI_NUM_SUPPORTED_BAND_MAX;
785 	cmd->pdev_id = param->pdev_id;
786 	cmd->mbssid_flags = param->mbssid_flags;
787 	cmd->mbssid_tx_vdev_id = param->mbssid_tx_vdev_id;
788 
789 	ether_addr_copy(cmd->vdev_macaddr.addr, macaddr);
790 
791 	ptr = skb->data + sizeof(*cmd);
792 	len = WMI_NUM_SUPPORTED_BAND_MAX * sizeof(*txrx_streams);
793 
794 #if defined(__linux__)
795 	tlv = ptr;
796 #elif defined(__FreeBSD__)
797 	tlv = (void *)ptr;
798 #endif
799 	tlv->header = FIELD_PREP(WMI_TLV_TAG, WMI_TAG_ARRAY_STRUCT) |
800 		      FIELD_PREP(WMI_TLV_LEN, len);
801 
802 	ptr += TLV_HDR_SIZE;
803 #if defined(__linux__)
804 	txrx_streams = ptr;
805 #elif defined(__FreeBSD__)
806 	txrx_streams = (void *)ptr;
807 #endif
808 	len = sizeof(*txrx_streams);
809 	txrx_streams->tlv_header =
810 		FIELD_PREP(WMI_TLV_TAG, WMI_TAG_VDEV_TXRX_STREAMS) |
811 		FIELD_PREP(WMI_TLV_LEN, len - TLV_HDR_SIZE);
812 	txrx_streams->band = WMI_TPC_CHAINMASK_CONFIG_BAND_2G;
813 	txrx_streams->supported_tx_streams =
814 				 param->chains[NL80211_BAND_2GHZ].tx;
815 	txrx_streams->supported_rx_streams =
816 				 param->chains[NL80211_BAND_2GHZ].rx;
817 
818 	txrx_streams++;
819 	txrx_streams->tlv_header =
820 		FIELD_PREP(WMI_TLV_TAG, WMI_TAG_VDEV_TXRX_STREAMS) |
821 		FIELD_PREP(WMI_TLV_LEN, len - TLV_HDR_SIZE);
822 	txrx_streams->band = WMI_TPC_CHAINMASK_CONFIG_BAND_5G;
823 	txrx_streams->supported_tx_streams =
824 				 param->chains[NL80211_BAND_5GHZ].tx;
825 	txrx_streams->supported_rx_streams =
826 				 param->chains[NL80211_BAND_5GHZ].rx;
827 
828 	ret = ath11k_wmi_cmd_send(wmi, skb, WMI_VDEV_CREATE_CMDID);
829 	if (ret) {
830 		ath11k_warn(ar->ab,
831 			    "failed to submit WMI_VDEV_CREATE_CMDID\n");
832 		dev_kfree_skb(skb);
833 	}
834 
835 	ath11k_dbg(ar->ab, ATH11K_DBG_WMI,
836 		   "cmd vdev create id %d type %d subtype %d macaddr %pM pdevid %d\n",
837 		   param->if_id, param->type, param->subtype,
838 		   macaddr, param->pdev_id);
839 
840 	return ret;
841 }
842 
843 int ath11k_wmi_vdev_delete(struct ath11k *ar, u8 vdev_id)
844 {
845 	struct ath11k_pdev_wmi *wmi = ar->wmi;
846 	struct wmi_vdev_delete_cmd *cmd;
847 	struct sk_buff *skb;
848 	int ret;
849 
850 	skb = ath11k_wmi_alloc_skb(wmi->wmi_ab, sizeof(*cmd));
851 	if (!skb)
852 		return -ENOMEM;
853 
854 	cmd = (struct wmi_vdev_delete_cmd *)skb->data;
855 	cmd->tlv_header = FIELD_PREP(WMI_TLV_TAG, WMI_TAG_VDEV_DELETE_CMD) |
856 			  FIELD_PREP(WMI_TLV_LEN, sizeof(*cmd) - TLV_HDR_SIZE);
857 	cmd->vdev_id = vdev_id;
858 
859 	ret = ath11k_wmi_cmd_send(wmi, skb, WMI_VDEV_DELETE_CMDID);
860 	if (ret) {
861 		ath11k_warn(ar->ab, "failed to submit WMI_VDEV_DELETE_CMDID\n");
862 		dev_kfree_skb(skb);
863 	}
864 
865 	ath11k_dbg(ar->ab, ATH11K_DBG_WMI, "cmd vdev delete id %d\n", vdev_id);
866 
867 	return ret;
868 }
869 
870 int ath11k_wmi_vdev_stop(struct ath11k *ar, u8 vdev_id)
871 {
872 	struct ath11k_pdev_wmi *wmi = ar->wmi;
873 	struct wmi_vdev_stop_cmd *cmd;
874 	struct sk_buff *skb;
875 	int ret;
876 
877 	skb = ath11k_wmi_alloc_skb(wmi->wmi_ab, sizeof(*cmd));
878 	if (!skb)
879 		return -ENOMEM;
880 
881 	cmd = (struct wmi_vdev_stop_cmd *)skb->data;
882 
883 	cmd->tlv_header = FIELD_PREP(WMI_TLV_TAG, WMI_TAG_VDEV_STOP_CMD) |
884 			  FIELD_PREP(WMI_TLV_LEN, sizeof(*cmd) - TLV_HDR_SIZE);
885 	cmd->vdev_id = vdev_id;
886 
887 	ret = ath11k_wmi_cmd_send(wmi, skb, WMI_VDEV_STOP_CMDID);
888 	if (ret) {
889 		ath11k_warn(ar->ab, "failed to submit WMI_VDEV_STOP cmd\n");
890 		dev_kfree_skb(skb);
891 	}
892 
893 	ath11k_dbg(ar->ab, ATH11K_DBG_WMI, "cmd vdev stop id 0x%x\n", vdev_id);
894 
895 	return ret;
896 }
897 
898 int ath11k_wmi_vdev_down(struct ath11k *ar, u8 vdev_id)
899 {
900 	struct ath11k_pdev_wmi *wmi = ar->wmi;
901 	struct wmi_vdev_down_cmd *cmd;
902 	struct sk_buff *skb;
903 	int ret;
904 
905 	skb = ath11k_wmi_alloc_skb(wmi->wmi_ab, sizeof(*cmd));
906 	if (!skb)
907 		return -ENOMEM;
908 
909 	cmd = (struct wmi_vdev_down_cmd *)skb->data;
910 
911 	cmd->tlv_header = FIELD_PREP(WMI_TLV_TAG, WMI_TAG_VDEV_DOWN_CMD) |
912 			  FIELD_PREP(WMI_TLV_LEN, sizeof(*cmd) - TLV_HDR_SIZE);
913 	cmd->vdev_id = vdev_id;
914 
915 	ret = ath11k_wmi_cmd_send(wmi, skb, WMI_VDEV_DOWN_CMDID);
916 	if (ret) {
917 		ath11k_warn(ar->ab, "failed to submit WMI_VDEV_DOWN cmd\n");
918 		dev_kfree_skb(skb);
919 	}
920 
921 	ath11k_dbg(ar->ab, ATH11K_DBG_WMI, "cmd vdev down id 0x%x\n", vdev_id);
922 
923 	return ret;
924 }
925 
926 static void ath11k_wmi_put_wmi_channel(struct wmi_channel *chan,
927 				       struct wmi_vdev_start_req_arg *arg)
928 {
929 	u32 center_freq1 = arg->channel.band_center_freq1;
930 
931 	memset(chan, 0, sizeof(*chan));
932 
933 	chan->mhz = arg->channel.freq;
934 	chan->band_center_freq1 = arg->channel.band_center_freq1;
935 
936 	if (arg->channel.mode == MODE_11AX_HE160) {
937 		if (arg->channel.freq > arg->channel.band_center_freq1)
938 			chan->band_center_freq1 = center_freq1 + 40;
939 		else
940 			chan->band_center_freq1 = center_freq1 - 40;
941 
942 		chan->band_center_freq2 = arg->channel.band_center_freq1;
943 
944 	} else if ((arg->channel.mode == MODE_11AC_VHT80_80) ||
945 		   (arg->channel.mode == MODE_11AX_HE80_80)) {
946 		chan->band_center_freq2 = arg->channel.band_center_freq2;
947 	} else {
948 		chan->band_center_freq2 = 0;
949 	}
950 
951 	chan->info |= FIELD_PREP(WMI_CHAN_INFO_MODE, arg->channel.mode);
952 	if (arg->channel.passive)
953 		chan->info |= WMI_CHAN_INFO_PASSIVE;
954 	if (arg->channel.allow_ibss)
955 		chan->info |= WMI_CHAN_INFO_ADHOC_ALLOWED;
956 	if (arg->channel.allow_ht)
957 		chan->info |= WMI_CHAN_INFO_ALLOW_HT;
958 	if (arg->channel.allow_vht)
959 		chan->info |= WMI_CHAN_INFO_ALLOW_VHT;
960 	if (arg->channel.allow_he)
961 		chan->info |= WMI_CHAN_INFO_ALLOW_HE;
962 	if (arg->channel.ht40plus)
963 		chan->info |= WMI_CHAN_INFO_HT40_PLUS;
964 	if (arg->channel.chan_radar)
965 		chan->info |= WMI_CHAN_INFO_DFS;
966 	if (arg->channel.freq2_radar)
967 		chan->info |= WMI_CHAN_INFO_DFS_FREQ2;
968 
969 	chan->reg_info_1 = FIELD_PREP(WMI_CHAN_REG_INFO1_MAX_PWR,
970 				      arg->channel.max_power) |
971 		FIELD_PREP(WMI_CHAN_REG_INFO1_MAX_REG_PWR,
972 			   arg->channel.max_reg_power);
973 
974 	chan->reg_info_2 = FIELD_PREP(WMI_CHAN_REG_INFO2_ANT_MAX,
975 				      arg->channel.max_antenna_gain) |
976 		FIELD_PREP(WMI_CHAN_REG_INFO2_MAX_TX_PWR,
977 			   arg->channel.max_power);
978 }
979 
980 int ath11k_wmi_vdev_start(struct ath11k *ar, struct wmi_vdev_start_req_arg *arg,
981 			  bool restart)
982 {
983 	struct ath11k_pdev_wmi *wmi = ar->wmi;
984 	struct wmi_vdev_start_request_cmd *cmd;
985 	struct sk_buff *skb;
986 	struct wmi_channel *chan;
987 	struct wmi_tlv *tlv;
988 #if defined(__linux__)
989 	void *ptr;
990 #elif defined(__FreeBSD__)
991 	u8 *ptr;
992 #endif
993 	int ret, len;
994 
995 	if (WARN_ON(arg->ssid_len > sizeof(cmd->ssid.ssid)))
996 		return -EINVAL;
997 
998 	len = sizeof(*cmd) + sizeof(*chan) + TLV_HDR_SIZE;
999 
1000 	skb = ath11k_wmi_alloc_skb(wmi->wmi_ab, len);
1001 	if (!skb)
1002 		return -ENOMEM;
1003 
1004 	cmd = (struct wmi_vdev_start_request_cmd *)skb->data;
1005 	cmd->tlv_header = FIELD_PREP(WMI_TLV_TAG,
1006 				     WMI_TAG_VDEV_START_REQUEST_CMD) |
1007 			  FIELD_PREP(WMI_TLV_LEN, sizeof(*cmd) - TLV_HDR_SIZE);
1008 	cmd->vdev_id = arg->vdev_id;
1009 	cmd->beacon_interval = arg->bcn_intval;
1010 	cmd->bcn_tx_rate = arg->bcn_tx_rate;
1011 	cmd->dtim_period = arg->dtim_period;
1012 	cmd->num_noa_descriptors = arg->num_noa_descriptors;
1013 	cmd->preferred_rx_streams = arg->pref_rx_streams;
1014 	cmd->preferred_tx_streams = arg->pref_tx_streams;
1015 	cmd->cac_duration_ms = arg->cac_duration_ms;
1016 	cmd->regdomain = arg->regdomain;
1017 	cmd->he_ops = arg->he_ops;
1018 	cmd->mbssid_flags = arg->mbssid_flags;
1019 	cmd->mbssid_tx_vdev_id = arg->mbssid_tx_vdev_id;
1020 
1021 	if (!restart) {
1022 		if (arg->ssid) {
1023 			cmd->ssid.ssid_len = arg->ssid_len;
1024 			memcpy(cmd->ssid.ssid, arg->ssid, arg->ssid_len);
1025 		}
1026 		if (arg->hidden_ssid)
1027 			cmd->flags |= WMI_VDEV_START_HIDDEN_SSID;
1028 		if (arg->pmf_enabled)
1029 			cmd->flags |= WMI_VDEV_START_PMF_ENABLED;
1030 	}
1031 
1032 	cmd->flags |= WMI_VDEV_START_LDPC_RX_ENABLED;
1033 	if (test_bit(ATH11K_FLAG_HW_CRYPTO_DISABLED, &ar->ab->dev_flags))
1034 		cmd->flags |= WMI_VDEV_START_HW_ENCRYPTION_DISABLED;
1035 
1036 	ptr = skb->data + sizeof(*cmd);
1037 #if defined(__linux__)
1038 	chan = ptr;
1039 #elif defined(__FreeBSD__)
1040 	chan = (void *)ptr;
1041 #endif
1042 
1043 	ath11k_wmi_put_wmi_channel(chan, arg);
1044 
1045 	chan->tlv_header = FIELD_PREP(WMI_TLV_TAG, WMI_TAG_CHANNEL) |
1046 			   FIELD_PREP(WMI_TLV_LEN,
1047 				      sizeof(*chan) - TLV_HDR_SIZE);
1048 	ptr += sizeof(*chan);
1049 
1050 #if defined(__linux__)
1051 	tlv = ptr;
1052 #elif defined(__FreeBSD__)
1053 	tlv = (void *)ptr;
1054 #endif
1055 	tlv->header = FIELD_PREP(WMI_TLV_TAG, WMI_TAG_ARRAY_STRUCT) |
1056 		      FIELD_PREP(WMI_TLV_LEN, 0);
1057 
1058 	/* Note: This is a nested TLV containing:
1059 	 * [wmi_tlv][wmi_p2p_noa_descriptor][wmi_tlv]..
1060 	 */
1061 
1062 	ptr += sizeof(*tlv);
1063 
1064 	if (restart)
1065 		ret = ath11k_wmi_cmd_send(wmi, skb,
1066 					  WMI_VDEV_RESTART_REQUEST_CMDID);
1067 	else
1068 		ret = ath11k_wmi_cmd_send(wmi, skb,
1069 					  WMI_VDEV_START_REQUEST_CMDID);
1070 	if (ret) {
1071 		ath11k_warn(ar->ab, "failed to submit vdev_%s cmd\n",
1072 			    restart ? "restart" : "start");
1073 		dev_kfree_skb(skb);
1074 	}
1075 
1076 	ath11k_dbg(ar->ab, ATH11K_DBG_WMI, "cmd vdev %s id 0x%x freq 0x%x mode 0x%x\n",
1077 		   restart ? "restart" : "start", arg->vdev_id,
1078 		   arg->channel.freq, arg->channel.mode);
1079 
1080 	return ret;
1081 }
1082 
1083 int ath11k_wmi_vdev_up(struct ath11k *ar, u32 vdev_id, u32 aid, const u8 *bssid,
1084 		       u8 *tx_bssid, u32 nontx_profile_idx, u32 nontx_profile_cnt)
1085 {
1086 	struct ath11k_pdev_wmi *wmi = ar->wmi;
1087 	struct wmi_vdev_up_cmd *cmd;
1088 	struct ieee80211_bss_conf *bss_conf;
1089 	struct ath11k_vif *arvif;
1090 	struct sk_buff *skb;
1091 	int ret;
1092 
1093 	arvif = ath11k_mac_get_arvif(ar, vdev_id);
1094 
1095 	skb = ath11k_wmi_alloc_skb(wmi->wmi_ab, sizeof(*cmd));
1096 	if (!skb)
1097 		return -ENOMEM;
1098 
1099 	cmd = (struct wmi_vdev_up_cmd *)skb->data;
1100 
1101 	cmd->tlv_header = FIELD_PREP(WMI_TLV_TAG, WMI_TAG_VDEV_UP_CMD) |
1102 			  FIELD_PREP(WMI_TLV_LEN, sizeof(*cmd) - TLV_HDR_SIZE);
1103 	cmd->vdev_id = vdev_id;
1104 	cmd->vdev_assoc_id = aid;
1105 
1106 	ether_addr_copy(cmd->vdev_bssid.addr, bssid);
1107 
1108 	cmd->nontx_profile_idx = nontx_profile_idx;
1109 	cmd->nontx_profile_cnt = nontx_profile_cnt;
1110 	if (tx_bssid)
1111 		ether_addr_copy(cmd->tx_vdev_bssid.addr, tx_bssid);
1112 
1113 	if (arvif && arvif->vif->type == NL80211_IFTYPE_STATION) {
1114 		bss_conf = &arvif->vif->bss_conf;
1115 
1116 		if (bss_conf->nontransmitted) {
1117 			ether_addr_copy(cmd->tx_vdev_bssid.addr,
1118 					bss_conf->transmitter_bssid);
1119 			cmd->nontx_profile_idx = bss_conf->bssid_index;
1120 			cmd->nontx_profile_cnt = bss_conf->bssid_indicator;
1121 		}
1122 	}
1123 
1124 	ret = ath11k_wmi_cmd_send(wmi, skb, WMI_VDEV_UP_CMDID);
1125 	if (ret) {
1126 		ath11k_warn(ar->ab, "failed to submit WMI_VDEV_UP cmd\n");
1127 		dev_kfree_skb(skb);
1128 	}
1129 
1130 	ath11k_dbg(ar->ab, ATH11K_DBG_WMI,
1131 		   "cmd vdev up id 0x%x assoc id %d bssid %pM\n",
1132 		   vdev_id, aid, bssid);
1133 
1134 	return ret;
1135 }
1136 
1137 int ath11k_wmi_send_peer_create_cmd(struct ath11k *ar,
1138 				    struct peer_create_params *param)
1139 {
1140 	struct ath11k_pdev_wmi *wmi = ar->wmi;
1141 	struct wmi_peer_create_cmd *cmd;
1142 	struct sk_buff *skb;
1143 	int ret;
1144 
1145 	skb = ath11k_wmi_alloc_skb(wmi->wmi_ab, sizeof(*cmd));
1146 	if (!skb)
1147 		return -ENOMEM;
1148 
1149 	cmd = (struct wmi_peer_create_cmd *)skb->data;
1150 	cmd->tlv_header = FIELD_PREP(WMI_TLV_TAG, WMI_TAG_PEER_CREATE_CMD) |
1151 			  FIELD_PREP(WMI_TLV_LEN, sizeof(*cmd) - TLV_HDR_SIZE);
1152 
1153 	ether_addr_copy(cmd->peer_macaddr.addr, param->peer_addr);
1154 	cmd->peer_type = param->peer_type;
1155 	cmd->vdev_id = param->vdev_id;
1156 
1157 	ret = ath11k_wmi_cmd_send(wmi, skb, WMI_PEER_CREATE_CMDID);
1158 	if (ret) {
1159 		ath11k_warn(ar->ab, "failed to submit WMI_PEER_CREATE cmd\n");
1160 		dev_kfree_skb(skb);
1161 	}
1162 
1163 	ath11k_dbg(ar->ab, ATH11K_DBG_WMI,
1164 		   "cmd peer create vdev_id %d peer_addr %pM\n",
1165 		   param->vdev_id, param->peer_addr);
1166 
1167 	return ret;
1168 }
1169 
1170 int ath11k_wmi_send_peer_delete_cmd(struct ath11k *ar,
1171 				    const u8 *peer_addr, u8 vdev_id)
1172 {
1173 	struct ath11k_pdev_wmi *wmi = ar->wmi;
1174 	struct wmi_peer_delete_cmd *cmd;
1175 	struct sk_buff *skb;
1176 	int ret;
1177 
1178 	skb = ath11k_wmi_alloc_skb(wmi->wmi_ab, sizeof(*cmd));
1179 	if (!skb)
1180 		return -ENOMEM;
1181 
1182 	cmd = (struct wmi_peer_delete_cmd *)skb->data;
1183 	cmd->tlv_header = FIELD_PREP(WMI_TLV_TAG, WMI_TAG_PEER_DELETE_CMD) |
1184 			  FIELD_PREP(WMI_TLV_LEN, sizeof(*cmd) - TLV_HDR_SIZE);
1185 
1186 	ether_addr_copy(cmd->peer_macaddr.addr, peer_addr);
1187 	cmd->vdev_id = vdev_id;
1188 
1189 	ret = ath11k_wmi_cmd_send(wmi, skb, WMI_PEER_DELETE_CMDID);
1190 	if (ret) {
1191 		ath11k_warn(ar->ab, "failed to send WMI_PEER_DELETE cmd\n");
1192 		dev_kfree_skb(skb);
1193 	}
1194 
1195 	ath11k_dbg(ar->ab, ATH11K_DBG_WMI,
1196 		   "cmd peer delete vdev_id %d peer_addr %pM\n",
1197 		   vdev_id,  peer_addr);
1198 
1199 	return ret;
1200 }
1201 
1202 int ath11k_wmi_send_pdev_set_regdomain(struct ath11k *ar,
1203 				       struct pdev_set_regdomain_params *param)
1204 {
1205 	struct ath11k_pdev_wmi *wmi = ar->wmi;
1206 	struct wmi_pdev_set_regdomain_cmd *cmd;
1207 	struct sk_buff *skb;
1208 	int ret;
1209 
1210 	skb = ath11k_wmi_alloc_skb(wmi->wmi_ab, sizeof(*cmd));
1211 	if (!skb)
1212 		return -ENOMEM;
1213 
1214 	cmd = (struct wmi_pdev_set_regdomain_cmd *)skb->data;
1215 	cmd->tlv_header = FIELD_PREP(WMI_TLV_TAG,
1216 				     WMI_TAG_PDEV_SET_REGDOMAIN_CMD) |
1217 			  FIELD_PREP(WMI_TLV_LEN, sizeof(*cmd) - TLV_HDR_SIZE);
1218 
1219 	cmd->reg_domain = param->current_rd_in_use;
1220 	cmd->reg_domain_2g = param->current_rd_2g;
1221 	cmd->reg_domain_5g = param->current_rd_5g;
1222 	cmd->conformance_test_limit_2g = param->ctl_2g;
1223 	cmd->conformance_test_limit_5g = param->ctl_5g;
1224 	cmd->dfs_domain = param->dfs_domain;
1225 	cmd->pdev_id = param->pdev_id;
1226 
1227 	ret = ath11k_wmi_cmd_send(wmi, skb, WMI_PDEV_SET_REGDOMAIN_CMDID);
1228 	if (ret) {
1229 		ath11k_warn(ar->ab,
1230 			    "failed to send WMI_PDEV_SET_REGDOMAIN cmd\n");
1231 		dev_kfree_skb(skb);
1232 	}
1233 
1234 	ath11k_dbg(ar->ab, ATH11K_DBG_WMI,
1235 		   "cmd pdev regd rd %d rd2g %d rd5g %d domain %d pdev id %d\n",
1236 		   param->current_rd_in_use, param->current_rd_2g,
1237 		   param->current_rd_5g, param->dfs_domain, param->pdev_id);
1238 
1239 	return ret;
1240 }
1241 
1242 int ath11k_wmi_set_peer_param(struct ath11k *ar, const u8 *peer_addr,
1243 			      u32 vdev_id, u32 param_id, u32 param_val)
1244 {
1245 	struct ath11k_pdev_wmi *wmi = ar->wmi;
1246 	struct wmi_peer_set_param_cmd *cmd;
1247 	struct sk_buff *skb;
1248 	int ret;
1249 
1250 	skb = ath11k_wmi_alloc_skb(wmi->wmi_ab, sizeof(*cmd));
1251 	if (!skb)
1252 		return -ENOMEM;
1253 
1254 	cmd = (struct wmi_peer_set_param_cmd *)skb->data;
1255 	cmd->tlv_header = FIELD_PREP(WMI_TLV_TAG, WMI_TAG_PEER_SET_PARAM_CMD) |
1256 			  FIELD_PREP(WMI_TLV_LEN, sizeof(*cmd) - TLV_HDR_SIZE);
1257 	ether_addr_copy(cmd->peer_macaddr.addr, peer_addr);
1258 	cmd->vdev_id = vdev_id;
1259 	cmd->param_id = param_id;
1260 	cmd->param_value = param_val;
1261 
1262 	ret = ath11k_wmi_cmd_send(wmi, skb, WMI_PEER_SET_PARAM_CMDID);
1263 	if (ret) {
1264 		ath11k_warn(ar->ab, "failed to send WMI_PEER_SET_PARAM cmd\n");
1265 		dev_kfree_skb(skb);
1266 	}
1267 
1268 	ath11k_dbg(ar->ab, ATH11K_DBG_WMI,
1269 		   "cmd peer set param vdev %d peer 0x%pM set param %d value %d\n",
1270 		   vdev_id, peer_addr, param_id, param_val);
1271 
1272 	return ret;
1273 }
1274 
1275 int ath11k_wmi_send_peer_flush_tids_cmd(struct ath11k *ar,
1276 					u8 peer_addr[ETH_ALEN],
1277 					struct peer_flush_params *param)
1278 {
1279 	struct ath11k_pdev_wmi *wmi = ar->wmi;
1280 	struct wmi_peer_flush_tids_cmd *cmd;
1281 	struct sk_buff *skb;
1282 	int ret;
1283 
1284 	skb = ath11k_wmi_alloc_skb(wmi->wmi_ab, sizeof(*cmd));
1285 	if (!skb)
1286 		return -ENOMEM;
1287 
1288 	cmd = (struct wmi_peer_flush_tids_cmd *)skb->data;
1289 	cmd->tlv_header = FIELD_PREP(WMI_TLV_TAG, WMI_TAG_PEER_FLUSH_TIDS_CMD) |
1290 			  FIELD_PREP(WMI_TLV_LEN, sizeof(*cmd) - TLV_HDR_SIZE);
1291 
1292 	ether_addr_copy(cmd->peer_macaddr.addr, peer_addr);
1293 	cmd->peer_tid_bitmap = param->peer_tid_bitmap;
1294 	cmd->vdev_id = param->vdev_id;
1295 
1296 	ret = ath11k_wmi_cmd_send(wmi, skb, WMI_PEER_FLUSH_TIDS_CMDID);
1297 	if (ret) {
1298 		ath11k_warn(ar->ab,
1299 			    "failed to send WMI_PEER_FLUSH_TIDS cmd\n");
1300 		dev_kfree_skb(skb);
1301 	}
1302 
1303 	ath11k_dbg(ar->ab, ATH11K_DBG_WMI,
1304 		   "cmd peer flush tids vdev_id %d peer_addr %pM tids %08x\n",
1305 		   param->vdev_id, peer_addr, param->peer_tid_bitmap);
1306 
1307 	return ret;
1308 }
1309 
1310 int ath11k_wmi_peer_rx_reorder_queue_setup(struct ath11k *ar,
1311 					   int vdev_id, const u8 *addr,
1312 					   dma_addr_t paddr, u8 tid,
1313 					   u8 ba_window_size_valid,
1314 					   u32 ba_window_size)
1315 {
1316 	struct wmi_peer_reorder_queue_setup_cmd *cmd;
1317 	struct sk_buff *skb;
1318 	int ret;
1319 
1320 	skb = ath11k_wmi_alloc_skb(ar->wmi->wmi_ab, sizeof(*cmd));
1321 	if (!skb)
1322 		return -ENOMEM;
1323 
1324 	cmd = (struct wmi_peer_reorder_queue_setup_cmd *)skb->data;
1325 	cmd->tlv_header = FIELD_PREP(WMI_TLV_TAG,
1326 				     WMI_TAG_REORDER_QUEUE_SETUP_CMD) |
1327 			  FIELD_PREP(WMI_TLV_LEN, sizeof(*cmd) - TLV_HDR_SIZE);
1328 
1329 	ether_addr_copy(cmd->peer_macaddr.addr, addr);
1330 	cmd->vdev_id = vdev_id;
1331 	cmd->tid = tid;
1332 	cmd->queue_ptr_lo = lower_32_bits(paddr);
1333 	cmd->queue_ptr_hi = upper_32_bits(paddr);
1334 	cmd->queue_no = tid;
1335 	cmd->ba_window_size_valid = ba_window_size_valid;
1336 	cmd->ba_window_size = ba_window_size;
1337 
1338 	ret = ath11k_wmi_cmd_send(ar->wmi, skb,
1339 				  WMI_PEER_REORDER_QUEUE_SETUP_CMDID);
1340 	if (ret) {
1341 		ath11k_warn(ar->ab,
1342 			    "failed to send WMI_PEER_REORDER_QUEUE_SETUP\n");
1343 		dev_kfree_skb(skb);
1344 	}
1345 
1346 	ath11k_dbg(ar->ab, ATH11K_DBG_WMI,
1347 		   "cmd peer reorder queue setup addr %pM vdev_id %d tid %d\n",
1348 		   addr, vdev_id, tid);
1349 
1350 	return ret;
1351 }
1352 
1353 int
1354 ath11k_wmi_rx_reord_queue_remove(struct ath11k *ar,
1355 				 struct rx_reorder_queue_remove_params *param)
1356 {
1357 	struct ath11k_pdev_wmi *wmi = ar->wmi;
1358 	struct wmi_peer_reorder_queue_remove_cmd *cmd;
1359 	struct sk_buff *skb;
1360 	int ret;
1361 
1362 	skb = ath11k_wmi_alloc_skb(wmi->wmi_ab, sizeof(*cmd));
1363 	if (!skb)
1364 		return -ENOMEM;
1365 
1366 	cmd = (struct wmi_peer_reorder_queue_remove_cmd *)skb->data;
1367 	cmd->tlv_header = FIELD_PREP(WMI_TLV_TAG,
1368 				     WMI_TAG_REORDER_QUEUE_REMOVE_CMD) |
1369 			  FIELD_PREP(WMI_TLV_LEN, sizeof(*cmd) - TLV_HDR_SIZE);
1370 
1371 	ether_addr_copy(cmd->peer_macaddr.addr, param->peer_macaddr);
1372 	cmd->vdev_id = param->vdev_id;
1373 	cmd->tid_mask = param->peer_tid_bitmap;
1374 
1375 	ret = ath11k_wmi_cmd_send(wmi, skb,
1376 				  WMI_PEER_REORDER_QUEUE_REMOVE_CMDID);
1377 	if (ret) {
1378 		ath11k_warn(ar->ab,
1379 			    "failed to send WMI_PEER_REORDER_QUEUE_REMOVE_CMDID");
1380 		dev_kfree_skb(skb);
1381 	}
1382 
1383 	ath11k_dbg(ar->ab, ATH11K_DBG_WMI,
1384 		   "cmd peer reorder queue remove peer_macaddr %pM vdev_id %d tid_map %d",
1385 		   param->peer_macaddr, param->vdev_id, param->peer_tid_bitmap);
1386 
1387 	return ret;
1388 }
1389 
1390 int ath11k_wmi_pdev_set_param(struct ath11k *ar, u32 param_id,
1391 			      u32 param_value, u8 pdev_id)
1392 {
1393 	struct ath11k_pdev_wmi *wmi = ar->wmi;
1394 	struct wmi_pdev_set_param_cmd *cmd;
1395 	struct sk_buff *skb;
1396 	int ret;
1397 
1398 	skb = ath11k_wmi_alloc_skb(wmi->wmi_ab, sizeof(*cmd));
1399 	if (!skb)
1400 		return -ENOMEM;
1401 
1402 	cmd = (struct wmi_pdev_set_param_cmd *)skb->data;
1403 	cmd->tlv_header = FIELD_PREP(WMI_TLV_TAG, WMI_TAG_PDEV_SET_PARAM_CMD) |
1404 			  FIELD_PREP(WMI_TLV_LEN, sizeof(*cmd) - TLV_HDR_SIZE);
1405 	cmd->pdev_id = pdev_id;
1406 	cmd->param_id = param_id;
1407 	cmd->param_value = param_value;
1408 
1409 	ret = ath11k_wmi_cmd_send(wmi, skb, WMI_PDEV_SET_PARAM_CMDID);
1410 	if (ret) {
1411 		ath11k_warn(ar->ab, "failed to send WMI_PDEV_SET_PARAM cmd\n");
1412 		dev_kfree_skb(skb);
1413 	}
1414 
1415 	ath11k_dbg(ar->ab, ATH11K_DBG_WMI,
1416 		   "cmd pdev set param %d pdev id %d value %d\n",
1417 		   param_id, pdev_id, param_value);
1418 
1419 	return ret;
1420 }
1421 
1422 int ath11k_wmi_pdev_set_ps_mode(struct ath11k *ar, int vdev_id,
1423 				enum wmi_sta_ps_mode psmode)
1424 {
1425 	struct ath11k_pdev_wmi *wmi = ar->wmi;
1426 	struct wmi_pdev_set_ps_mode_cmd *cmd;
1427 	struct sk_buff *skb;
1428 	int ret;
1429 
1430 	skb = ath11k_wmi_alloc_skb(wmi->wmi_ab, sizeof(*cmd));
1431 	if (!skb)
1432 		return -ENOMEM;
1433 
1434 	cmd = (struct wmi_pdev_set_ps_mode_cmd *)skb->data;
1435 	cmd->tlv_header = FIELD_PREP(WMI_TLV_TAG, WMI_TAG_STA_POWERSAVE_MODE_CMD) |
1436 			  FIELD_PREP(WMI_TLV_LEN, sizeof(*cmd) - TLV_HDR_SIZE);
1437 	cmd->vdev_id = vdev_id;
1438 	cmd->sta_ps_mode = psmode;
1439 
1440 	ret = ath11k_wmi_cmd_send(wmi, skb, WMI_STA_POWERSAVE_MODE_CMDID);
1441 	if (ret) {
1442 		ath11k_warn(ar->ab, "failed to send WMI_PDEV_SET_PARAM cmd\n");
1443 		dev_kfree_skb(skb);
1444 	}
1445 
1446 	ath11k_dbg(ar->ab, ATH11K_DBG_WMI,
1447 		   "cmd sta powersave mode psmode %d vdev id %d\n",
1448 		   psmode, vdev_id);
1449 
1450 	return ret;
1451 }
1452 
1453 int ath11k_wmi_pdev_suspend(struct ath11k *ar, u32 suspend_opt,
1454 			    u32 pdev_id)
1455 {
1456 	struct ath11k_pdev_wmi *wmi = ar->wmi;
1457 	struct wmi_pdev_suspend_cmd *cmd;
1458 	struct sk_buff *skb;
1459 	int ret;
1460 
1461 	skb = ath11k_wmi_alloc_skb(wmi->wmi_ab, sizeof(*cmd));
1462 	if (!skb)
1463 		return -ENOMEM;
1464 
1465 	cmd = (struct wmi_pdev_suspend_cmd *)skb->data;
1466 
1467 	cmd->tlv_header = FIELD_PREP(WMI_TLV_TAG, WMI_TAG_PDEV_SUSPEND_CMD) |
1468 			  FIELD_PREP(WMI_TLV_LEN, sizeof(*cmd) - TLV_HDR_SIZE);
1469 
1470 	cmd->suspend_opt = suspend_opt;
1471 	cmd->pdev_id = pdev_id;
1472 
1473 	ret = ath11k_wmi_cmd_send(wmi, skb, WMI_PDEV_SUSPEND_CMDID);
1474 	if (ret) {
1475 		ath11k_warn(ar->ab, "failed to send WMI_PDEV_SUSPEND cmd\n");
1476 		dev_kfree_skb(skb);
1477 	}
1478 
1479 	ath11k_dbg(ar->ab, ATH11K_DBG_WMI,
1480 		   "cmd pdev suspend pdev_id %d\n", pdev_id);
1481 
1482 	return ret;
1483 }
1484 
1485 int ath11k_wmi_pdev_resume(struct ath11k *ar, u32 pdev_id)
1486 {
1487 	struct ath11k_pdev_wmi *wmi = ar->wmi;
1488 	struct wmi_pdev_resume_cmd *cmd;
1489 	struct sk_buff *skb;
1490 	int ret;
1491 
1492 	skb = ath11k_wmi_alloc_skb(wmi->wmi_ab, sizeof(*cmd));
1493 	if (!skb)
1494 		return -ENOMEM;
1495 
1496 	cmd = (struct wmi_pdev_resume_cmd *)skb->data;
1497 
1498 	cmd->tlv_header = FIELD_PREP(WMI_TLV_TAG, WMI_TAG_PDEV_RESUME_CMD) |
1499 			  FIELD_PREP(WMI_TLV_LEN, sizeof(*cmd) - TLV_HDR_SIZE);
1500 	cmd->pdev_id = pdev_id;
1501 
1502 	ret = ath11k_wmi_cmd_send(wmi, skb, WMI_PDEV_RESUME_CMDID);
1503 	if (ret) {
1504 		ath11k_warn(ar->ab, "failed to send WMI_PDEV_RESUME cmd\n");
1505 		dev_kfree_skb(skb);
1506 	}
1507 
1508 	ath11k_dbg(ar->ab, ATH11K_DBG_WMI,
1509 		   "cmd pdev resume pdev id %d\n", pdev_id);
1510 
1511 	return ret;
1512 }
1513 
1514 /* TODO FW Support for the cmd is not available yet.
1515  * Can be tested once the command and corresponding
1516  * event is implemented in FW
1517  */
1518 int ath11k_wmi_pdev_bss_chan_info_request(struct ath11k *ar,
1519 					  enum wmi_bss_chan_info_req_type type)
1520 {
1521 	struct ath11k_pdev_wmi *wmi = ar->wmi;
1522 	struct wmi_pdev_bss_chan_info_req_cmd *cmd;
1523 	struct sk_buff *skb;
1524 	int ret;
1525 
1526 	skb = ath11k_wmi_alloc_skb(wmi->wmi_ab, sizeof(*cmd));
1527 	if (!skb)
1528 		return -ENOMEM;
1529 
1530 	cmd = (struct wmi_pdev_bss_chan_info_req_cmd *)skb->data;
1531 
1532 	cmd->tlv_header = FIELD_PREP(WMI_TLV_TAG,
1533 				     WMI_TAG_PDEV_BSS_CHAN_INFO_REQUEST) |
1534 			  FIELD_PREP(WMI_TLV_LEN, sizeof(*cmd) - TLV_HDR_SIZE);
1535 	cmd->req_type = type;
1536 	cmd->pdev_id = ar->pdev->pdev_id;
1537 
1538 	ret = ath11k_wmi_cmd_send(wmi, skb,
1539 				  WMI_PDEV_BSS_CHAN_INFO_REQUEST_CMDID);
1540 	if (ret) {
1541 		ath11k_warn(ar->ab,
1542 			    "failed to send WMI_PDEV_BSS_CHAN_INFO_REQUEST cmd\n");
1543 		dev_kfree_skb(skb);
1544 	}
1545 
1546 	ath11k_dbg(ar->ab, ATH11K_DBG_WMI,
1547 		   "cmd pdev bss chan info request type %d\n", type);
1548 
1549 	return ret;
1550 }
1551 
1552 int ath11k_wmi_send_set_ap_ps_param_cmd(struct ath11k *ar, u8 *peer_addr,
1553 					struct ap_ps_params *param)
1554 {
1555 	struct ath11k_pdev_wmi *wmi = ar->wmi;
1556 	struct wmi_ap_ps_peer_cmd *cmd;
1557 	struct sk_buff *skb;
1558 	int ret;
1559 
1560 	skb = ath11k_wmi_alloc_skb(wmi->wmi_ab, sizeof(*cmd));
1561 	if (!skb)
1562 		return -ENOMEM;
1563 
1564 	cmd = (struct wmi_ap_ps_peer_cmd *)skb->data;
1565 	cmd->tlv_header = FIELD_PREP(WMI_TLV_TAG, WMI_TAG_AP_PS_PEER_CMD) |
1566 			  FIELD_PREP(WMI_TLV_LEN, sizeof(*cmd) - TLV_HDR_SIZE);
1567 
1568 	cmd->vdev_id = param->vdev_id;
1569 	ether_addr_copy(cmd->peer_macaddr.addr, peer_addr);
1570 	cmd->param = param->param;
1571 	cmd->value = param->value;
1572 
1573 	ret = ath11k_wmi_cmd_send(wmi, skb, WMI_AP_PS_PEER_PARAM_CMDID);
1574 	if (ret) {
1575 		ath11k_warn(ar->ab,
1576 			    "failed to send WMI_AP_PS_PEER_PARAM_CMDID\n");
1577 		dev_kfree_skb(skb);
1578 	}
1579 
1580 	ath11k_dbg(ar->ab, ATH11K_DBG_WMI,
1581 		   "cmd ap ps peer param vdev id %d peer %pM param %d value %d\n",
1582 		   param->vdev_id, peer_addr, param->param, param->value);
1583 
1584 	return ret;
1585 }
1586 
1587 int ath11k_wmi_set_sta_ps_param(struct ath11k *ar, u32 vdev_id,
1588 				u32 param, u32 param_value)
1589 {
1590 	struct ath11k_pdev_wmi *wmi = ar->wmi;
1591 	struct wmi_sta_powersave_param_cmd *cmd;
1592 	struct sk_buff *skb;
1593 	int ret;
1594 
1595 	skb = ath11k_wmi_alloc_skb(wmi->wmi_ab, sizeof(*cmd));
1596 	if (!skb)
1597 		return -ENOMEM;
1598 
1599 	cmd = (struct wmi_sta_powersave_param_cmd *)skb->data;
1600 	cmd->tlv_header = FIELD_PREP(WMI_TLV_TAG,
1601 				     WMI_TAG_STA_POWERSAVE_PARAM_CMD) |
1602 			  FIELD_PREP(WMI_TLV_LEN, sizeof(*cmd) - TLV_HDR_SIZE);
1603 
1604 	cmd->vdev_id = vdev_id;
1605 	cmd->param = param;
1606 	cmd->value = param_value;
1607 
1608 	ret = ath11k_wmi_cmd_send(wmi, skb, WMI_STA_POWERSAVE_PARAM_CMDID);
1609 	if (ret) {
1610 		ath11k_warn(ar->ab, "failed to send WMI_STA_POWERSAVE_PARAM_CMDID");
1611 		dev_kfree_skb(skb);
1612 	}
1613 
1614 	ath11k_dbg(ar->ab, ATH11K_DBG_WMI,
1615 		   "cmd set powersave param vdev_id %d param %d value %d\n",
1616 		   vdev_id, param, param_value);
1617 
1618 	return ret;
1619 }
1620 
1621 int ath11k_wmi_force_fw_hang_cmd(struct ath11k *ar, u32 type, u32 delay_time_ms)
1622 {
1623 	struct ath11k_pdev_wmi *wmi = ar->wmi;
1624 	struct wmi_force_fw_hang_cmd *cmd;
1625 	struct sk_buff *skb;
1626 	int ret, len;
1627 
1628 	len = sizeof(*cmd);
1629 
1630 	skb = ath11k_wmi_alloc_skb(wmi->wmi_ab, len);
1631 	if (!skb)
1632 		return -ENOMEM;
1633 
1634 	cmd = (struct wmi_force_fw_hang_cmd *)skb->data;
1635 	cmd->tlv_header = FIELD_PREP(WMI_TLV_TAG, WMI_TAG_FORCE_FW_HANG_CMD) |
1636 			  FIELD_PREP(WMI_TLV_LEN, len - TLV_HDR_SIZE);
1637 
1638 	cmd->type = type;
1639 	cmd->delay_time_ms = delay_time_ms;
1640 
1641 	ret = ath11k_wmi_cmd_send(wmi, skb, WMI_FORCE_FW_HANG_CMDID);
1642 
1643 	if (ret) {
1644 		ath11k_warn(ar->ab, "Failed to send WMI_FORCE_FW_HANG_CMDID");
1645 		dev_kfree_skb(skb);
1646 	}
1647 
1648 	ath11k_dbg(ar->ab, ATH11K_DBG_WMI, "cmd force fw hang");
1649 
1650 	return ret;
1651 }
1652 
1653 int ath11k_wmi_vdev_set_param_cmd(struct ath11k *ar, u32 vdev_id,
1654 				  u32 param_id, u32 param_value)
1655 {
1656 	struct ath11k_pdev_wmi *wmi = ar->wmi;
1657 	struct wmi_vdev_set_param_cmd *cmd;
1658 	struct sk_buff *skb;
1659 	int ret;
1660 
1661 	skb = ath11k_wmi_alloc_skb(wmi->wmi_ab, sizeof(*cmd));
1662 	if (!skb)
1663 		return -ENOMEM;
1664 
1665 	cmd = (struct wmi_vdev_set_param_cmd *)skb->data;
1666 	cmd->tlv_header = FIELD_PREP(WMI_TLV_TAG, WMI_TAG_VDEV_SET_PARAM_CMD) |
1667 			  FIELD_PREP(WMI_TLV_LEN, sizeof(*cmd) - TLV_HDR_SIZE);
1668 
1669 	cmd->vdev_id = vdev_id;
1670 	cmd->param_id = param_id;
1671 	cmd->param_value = param_value;
1672 
1673 	ret = ath11k_wmi_cmd_send(wmi, skb, WMI_VDEV_SET_PARAM_CMDID);
1674 	if (ret) {
1675 		ath11k_warn(ar->ab,
1676 			    "failed to send WMI_VDEV_SET_PARAM_CMDID\n");
1677 		dev_kfree_skb(skb);
1678 	}
1679 
1680 	ath11k_dbg(ar->ab, ATH11K_DBG_WMI,
1681 		   "cmd vdev set param vdev 0x%x param %d value %d\n",
1682 		   vdev_id, param_id, param_value);
1683 
1684 	return ret;
1685 }
1686 
1687 int ath11k_wmi_send_stats_request_cmd(struct ath11k *ar,
1688 				      struct stats_request_params *param)
1689 {
1690 	struct ath11k_pdev_wmi *wmi = ar->wmi;
1691 	struct wmi_request_stats_cmd *cmd;
1692 	struct sk_buff *skb;
1693 	int ret;
1694 
1695 	skb = ath11k_wmi_alloc_skb(wmi->wmi_ab, sizeof(*cmd));
1696 	if (!skb)
1697 		return -ENOMEM;
1698 
1699 	cmd = (struct wmi_request_stats_cmd *)skb->data;
1700 	cmd->tlv_header = FIELD_PREP(WMI_TLV_TAG, WMI_TAG_REQUEST_STATS_CMD) |
1701 			  FIELD_PREP(WMI_TLV_LEN, sizeof(*cmd) - TLV_HDR_SIZE);
1702 
1703 	cmd->stats_id = param->stats_id;
1704 	cmd->vdev_id = param->vdev_id;
1705 	cmd->pdev_id = param->pdev_id;
1706 
1707 	ret = ath11k_wmi_cmd_send(wmi, skb, WMI_REQUEST_STATS_CMDID);
1708 	if (ret) {
1709 		ath11k_warn(ar->ab, "failed to send WMI_REQUEST_STATS cmd\n");
1710 		dev_kfree_skb(skb);
1711 	}
1712 
1713 	ath11k_dbg(ar->ab, ATH11K_DBG_WMI,
1714 		   "cmd request stats 0x%x vdev id %d pdev id %d\n",
1715 		   param->stats_id, param->vdev_id, param->pdev_id);
1716 
1717 	return ret;
1718 }
1719 
1720 int ath11k_wmi_send_pdev_temperature_cmd(struct ath11k *ar)
1721 {
1722 	struct ath11k_pdev_wmi *wmi = ar->wmi;
1723 	struct wmi_get_pdev_temperature_cmd *cmd;
1724 	struct sk_buff *skb;
1725 	int ret;
1726 
1727 	skb = ath11k_wmi_alloc_skb(wmi->wmi_ab, sizeof(*cmd));
1728 	if (!skb)
1729 		return -ENOMEM;
1730 
1731 	cmd = (struct wmi_get_pdev_temperature_cmd *)skb->data;
1732 	cmd->tlv_header = FIELD_PREP(WMI_TLV_TAG, WMI_TAG_PDEV_GET_TEMPERATURE_CMD) |
1733 			  FIELD_PREP(WMI_TLV_LEN, sizeof(*cmd) - TLV_HDR_SIZE);
1734 	cmd->pdev_id = ar->pdev->pdev_id;
1735 
1736 	ret = ath11k_wmi_cmd_send(wmi, skb, WMI_PDEV_GET_TEMPERATURE_CMDID);
1737 	if (ret) {
1738 		ath11k_warn(ar->ab, "failed to send WMI_PDEV_GET_TEMPERATURE cmd\n");
1739 		dev_kfree_skb(skb);
1740 	}
1741 
1742 	ath11k_dbg(ar->ab, ATH11K_DBG_WMI,
1743 		   "cmd pdev get temperature for pdev_id %d\n", ar->pdev->pdev_id);
1744 
1745 	return ret;
1746 }
1747 
1748 int ath11k_wmi_send_bcn_offload_control_cmd(struct ath11k *ar,
1749 					    u32 vdev_id, u32 bcn_ctrl_op)
1750 {
1751 	struct ath11k_pdev_wmi *wmi = ar->wmi;
1752 	struct wmi_bcn_offload_ctrl_cmd *cmd;
1753 	struct sk_buff *skb;
1754 	int ret;
1755 
1756 	skb = ath11k_wmi_alloc_skb(wmi->wmi_ab, sizeof(*cmd));
1757 	if (!skb)
1758 		return -ENOMEM;
1759 
1760 	cmd = (struct wmi_bcn_offload_ctrl_cmd *)skb->data;
1761 	cmd->tlv_header = FIELD_PREP(WMI_TLV_TAG,
1762 				     WMI_TAG_BCN_OFFLOAD_CTRL_CMD) |
1763 			  FIELD_PREP(WMI_TLV_LEN, sizeof(*cmd) - TLV_HDR_SIZE);
1764 
1765 	cmd->vdev_id = vdev_id;
1766 	cmd->bcn_ctrl_op = bcn_ctrl_op;
1767 
1768 	ret = ath11k_wmi_cmd_send(wmi, skb, WMI_BCN_OFFLOAD_CTRL_CMDID);
1769 	if (ret) {
1770 		ath11k_warn(ar->ab,
1771 			    "failed to send WMI_BCN_OFFLOAD_CTRL_CMDID\n");
1772 		dev_kfree_skb(skb);
1773 	}
1774 
1775 	ath11k_dbg(ar->ab, ATH11K_DBG_WMI,
1776 		   "cmd bcn offload ctrl vdev id %d ctrl_op %d\n",
1777 		   vdev_id, bcn_ctrl_op);
1778 
1779 	ath11k_dbg(ar->ab, ATH11K_DBG_WMI, "cmd bcn tmpl");
1780 
1781 	return ret;
1782 }
1783 
1784 int ath11k_wmi_bcn_tmpl(struct ath11k *ar, u32 vdev_id,
1785 			struct ieee80211_mutable_offsets *offs,
1786 			struct sk_buff *bcn, u32 ema_params)
1787 {
1788 	struct ath11k_pdev_wmi *wmi = ar->wmi;
1789 	struct wmi_bcn_tmpl_cmd *cmd;
1790 	struct wmi_bcn_prb_info *bcn_prb_info;
1791 	struct wmi_tlv *tlv;
1792 	struct sk_buff *skb;
1793 #if defined(__linux__)
1794 	void *ptr;
1795 #elif defined(__FreeBSD__)
1796 	u8 *ptr;
1797 #endif
1798 	int ret, len;
1799 	size_t aligned_len = roundup(bcn->len, 4);
1800 	struct ieee80211_vif *vif;
1801 	struct ath11k_vif *arvif = ath11k_mac_get_arvif(ar, vdev_id);
1802 
1803 	if (!arvif) {
1804 		ath11k_warn(ar->ab, "failed to find arvif with vdev id %d\n", vdev_id);
1805 		return -EINVAL;
1806 	}
1807 
1808 	vif = arvif->vif;
1809 
1810 	len = sizeof(*cmd) + sizeof(*bcn_prb_info) + TLV_HDR_SIZE + aligned_len;
1811 
1812 	skb = ath11k_wmi_alloc_skb(wmi->wmi_ab, len);
1813 	if (!skb)
1814 		return -ENOMEM;
1815 
1816 	cmd = (struct wmi_bcn_tmpl_cmd *)skb->data;
1817 	cmd->tlv_header = FIELD_PREP(WMI_TLV_TAG, WMI_TAG_BCN_TMPL_CMD) |
1818 			  FIELD_PREP(WMI_TLV_LEN, sizeof(*cmd) - TLV_HDR_SIZE);
1819 	cmd->vdev_id = vdev_id;
1820 	cmd->tim_ie_offset = offs->tim_offset;
1821 
1822 	if (vif->bss_conf.csa_active) {
1823 		cmd->csa_switch_count_offset = offs->cntdwn_counter_offs[0];
1824 		cmd->ext_csa_switch_count_offset = offs->cntdwn_counter_offs[1];
1825 	}
1826 
1827 	cmd->buf_len = bcn->len;
1828 	cmd->mbssid_ie_offset = offs->mbssid_off;
1829 	cmd->ema_params = ema_params;
1830 
1831 	ptr = skb->data + sizeof(*cmd);
1832 
1833 #if defined(__linux__)
1834 	bcn_prb_info = ptr;
1835 #elif defined(__FreeBSD__)
1836 	bcn_prb_info = (void *)ptr;
1837 #endif
1838 	len = sizeof(*bcn_prb_info);
1839 	bcn_prb_info->tlv_header = FIELD_PREP(WMI_TLV_TAG,
1840 					      WMI_TAG_BCN_PRB_INFO) |
1841 				   FIELD_PREP(WMI_TLV_LEN, len - TLV_HDR_SIZE);
1842 	bcn_prb_info->caps = 0;
1843 	bcn_prb_info->erp = 0;
1844 
1845 	ptr += sizeof(*bcn_prb_info);
1846 
1847 #if defined(__linux__)
1848 	tlv = ptr;
1849 #elif defined(__FreeBSD__)
1850 	tlv = (void *)ptr;
1851 #endif
1852 	tlv->header = FIELD_PREP(WMI_TLV_TAG, WMI_TAG_ARRAY_BYTE) |
1853 		      FIELD_PREP(WMI_TLV_LEN, aligned_len);
1854 	memcpy(tlv->value, bcn->data, bcn->len);
1855 
1856 	ret = ath11k_wmi_cmd_send(wmi, skb, WMI_BCN_TMPL_CMDID);
1857 	if (ret) {
1858 		ath11k_warn(ar->ab, "failed to send WMI_BCN_TMPL_CMDID\n");
1859 		dev_kfree_skb(skb);
1860 	}
1861 
1862 	return ret;
1863 }
1864 
1865 int ath11k_wmi_vdev_install_key(struct ath11k *ar,
1866 				struct wmi_vdev_install_key_arg *arg)
1867 {
1868 	struct ath11k_pdev_wmi *wmi = ar->wmi;
1869 	struct wmi_vdev_install_key_cmd *cmd;
1870 	struct wmi_tlv *tlv;
1871 	struct sk_buff *skb;
1872 	int ret, len;
1873 	int key_len_aligned = roundup(arg->key_len, sizeof(uint32_t));
1874 
1875 	len = sizeof(*cmd) + TLV_HDR_SIZE + key_len_aligned;
1876 
1877 	skb = ath11k_wmi_alloc_skb(wmi->wmi_ab, len);
1878 	if (!skb)
1879 		return -ENOMEM;
1880 
1881 	cmd = (struct wmi_vdev_install_key_cmd *)skb->data;
1882 	cmd->tlv_header = FIELD_PREP(WMI_TLV_TAG, WMI_TAG_VDEV_INSTALL_KEY_CMD) |
1883 			  FIELD_PREP(WMI_TLV_LEN, sizeof(*cmd) - TLV_HDR_SIZE);
1884 	cmd->vdev_id = arg->vdev_id;
1885 	ether_addr_copy(cmd->peer_macaddr.addr, arg->macaddr);
1886 	cmd->key_idx = arg->key_idx;
1887 	cmd->key_flags = arg->key_flags;
1888 	cmd->key_cipher = arg->key_cipher;
1889 	cmd->key_len = arg->key_len;
1890 	cmd->key_txmic_len = arg->key_txmic_len;
1891 	cmd->key_rxmic_len = arg->key_rxmic_len;
1892 
1893 	if (arg->key_rsc_counter)
1894 		memcpy(&cmd->key_rsc_counter, &arg->key_rsc_counter,
1895 		       sizeof(struct wmi_key_seq_counter));
1896 
1897 	tlv = (struct wmi_tlv *)(skb->data + sizeof(*cmd));
1898 	tlv->header = FIELD_PREP(WMI_TLV_TAG, WMI_TAG_ARRAY_BYTE) |
1899 		      FIELD_PREP(WMI_TLV_LEN, key_len_aligned);
1900 	if (arg->key_data)
1901 #if defined(__linux__)
1902 		memcpy(tlv->value, (u8 *)arg->key_data, key_len_aligned);
1903 #elif defined(__FreeBSD__)
1904 		memcpy(tlv->value, arg->key_data, key_len_aligned);
1905 #endif
1906 
1907 	ret = ath11k_wmi_cmd_send(wmi, skb, WMI_VDEV_INSTALL_KEY_CMDID);
1908 	if (ret) {
1909 		ath11k_warn(ar->ab,
1910 			    "failed to send WMI_VDEV_INSTALL_KEY cmd\n");
1911 		dev_kfree_skb(skb);
1912 	}
1913 
1914 	ath11k_dbg(ar->ab, ATH11K_DBG_WMI,
1915 		   "cmd vdev install key idx %d cipher %d len %d\n",
1916 		   arg->key_idx, arg->key_cipher, arg->key_len);
1917 
1918 	return ret;
1919 }
1920 
1921 static inline void
1922 ath11k_wmi_copy_peer_flags(struct wmi_peer_assoc_complete_cmd *cmd,
1923 			   struct peer_assoc_params *param,
1924 			   bool hw_crypto_disabled)
1925 {
1926 	cmd->peer_flags = 0;
1927 
1928 	if (param->is_wme_set) {
1929 		if (param->qos_flag)
1930 			cmd->peer_flags |= WMI_PEER_QOS;
1931 		if (param->apsd_flag)
1932 			cmd->peer_flags |= WMI_PEER_APSD;
1933 		if (param->ht_flag)
1934 			cmd->peer_flags |= WMI_PEER_HT;
1935 		if (param->bw_40)
1936 			cmd->peer_flags |= WMI_PEER_40MHZ;
1937 		if (param->bw_80)
1938 			cmd->peer_flags |= WMI_PEER_80MHZ;
1939 		if (param->bw_160)
1940 			cmd->peer_flags |= WMI_PEER_160MHZ;
1941 
1942 		/* Typically if STBC is enabled for VHT it should be enabled
1943 		 * for HT as well
1944 		 **/
1945 		if (param->stbc_flag)
1946 			cmd->peer_flags |= WMI_PEER_STBC;
1947 
1948 		/* Typically if LDPC is enabled for VHT it should be enabled
1949 		 * for HT as well
1950 		 **/
1951 		if (param->ldpc_flag)
1952 			cmd->peer_flags |= WMI_PEER_LDPC;
1953 
1954 		if (param->static_mimops_flag)
1955 			cmd->peer_flags |= WMI_PEER_STATIC_MIMOPS;
1956 		if (param->dynamic_mimops_flag)
1957 			cmd->peer_flags |= WMI_PEER_DYN_MIMOPS;
1958 		if (param->spatial_mux_flag)
1959 			cmd->peer_flags |= WMI_PEER_SPATIAL_MUX;
1960 		if (param->vht_flag)
1961 			cmd->peer_flags |= WMI_PEER_VHT;
1962 		if (param->he_flag)
1963 			cmd->peer_flags |= WMI_PEER_HE;
1964 		if (param->twt_requester)
1965 			cmd->peer_flags |= WMI_PEER_TWT_REQ;
1966 		if (param->twt_responder)
1967 			cmd->peer_flags |= WMI_PEER_TWT_RESP;
1968 	}
1969 
1970 	/* Suppress authorization for all AUTH modes that need 4-way handshake
1971 	 * (during re-association).
1972 	 * Authorization will be done for these modes on key installation.
1973 	 */
1974 	if (param->auth_flag)
1975 		cmd->peer_flags |= WMI_PEER_AUTH;
1976 	if (param->need_ptk_4_way) {
1977 		cmd->peer_flags |= WMI_PEER_NEED_PTK_4_WAY;
1978 		if (!hw_crypto_disabled && param->is_assoc)
1979 			cmd->peer_flags &= ~WMI_PEER_AUTH;
1980 	}
1981 	if (param->need_gtk_2_way)
1982 		cmd->peer_flags |= WMI_PEER_NEED_GTK_2_WAY;
1983 	/* safe mode bypass the 4-way handshake */
1984 	if (param->safe_mode_enabled)
1985 		cmd->peer_flags &= ~(WMI_PEER_NEED_PTK_4_WAY |
1986 				     WMI_PEER_NEED_GTK_2_WAY);
1987 
1988 	if (param->is_pmf_enabled)
1989 		cmd->peer_flags |= WMI_PEER_PMF;
1990 
1991 	/* Disable AMSDU for station transmit, if user configures it */
1992 	/* Disable AMSDU for AP transmit to 11n Stations, if user configures
1993 	 * it
1994 	 * if (param->amsdu_disable) Add after FW support
1995 	 **/
1996 
1997 	/* Target asserts if node is marked HT and all MCS is set to 0.
1998 	 * Mark the node as non-HT if all the mcs rates are disabled through
1999 	 * iwpriv
2000 	 **/
2001 	if (param->peer_ht_rates.num_rates == 0)
2002 		cmd->peer_flags &= ~WMI_PEER_HT;
2003 }
2004 
2005 int ath11k_wmi_send_peer_assoc_cmd(struct ath11k *ar,
2006 				   struct peer_assoc_params *param)
2007 {
2008 	struct ath11k_pdev_wmi *wmi = ar->wmi;
2009 	struct wmi_peer_assoc_complete_cmd *cmd;
2010 	struct wmi_vht_rate_set *mcs;
2011 	struct wmi_he_rate_set *he_mcs;
2012 	struct sk_buff *skb;
2013 	struct wmi_tlv *tlv;
2014 #if defined(__linux__)
2015 	void *ptr;
2016 #elif defined(__FreeBSD__)
2017 	u8 *ptr;
2018 #endif
2019 	u32 peer_legacy_rates_align;
2020 	u32 peer_ht_rates_align;
2021 	int i, ret, len;
2022 
2023 	peer_legacy_rates_align = roundup(param->peer_legacy_rates.num_rates,
2024 					  sizeof(u32));
2025 	peer_ht_rates_align = roundup(param->peer_ht_rates.num_rates,
2026 				      sizeof(u32));
2027 
2028 	len = sizeof(*cmd) +
2029 	      TLV_HDR_SIZE + (peer_legacy_rates_align * sizeof(u8)) +
2030 	      TLV_HDR_SIZE + (peer_ht_rates_align * sizeof(u8)) +
2031 	      sizeof(*mcs) + TLV_HDR_SIZE +
2032 	      (sizeof(*he_mcs) * param->peer_he_mcs_count);
2033 
2034 	skb = ath11k_wmi_alloc_skb(wmi->wmi_ab, len);
2035 	if (!skb)
2036 		return -ENOMEM;
2037 
2038 	ptr = skb->data;
2039 
2040 #if defined(__linux__)
2041 	cmd = ptr;
2042 #elif defined(__FreeBSD__)
2043 	cmd = (void *)ptr;
2044 #endif
2045 	cmd->tlv_header = FIELD_PREP(WMI_TLV_TAG,
2046 				     WMI_TAG_PEER_ASSOC_COMPLETE_CMD) |
2047 			  FIELD_PREP(WMI_TLV_LEN, sizeof(*cmd) - TLV_HDR_SIZE);
2048 
2049 	cmd->vdev_id = param->vdev_id;
2050 
2051 	cmd->peer_new_assoc = param->peer_new_assoc;
2052 	cmd->peer_associd = param->peer_associd;
2053 
2054 	ath11k_wmi_copy_peer_flags(cmd, param,
2055 				   test_bit(ATH11K_FLAG_HW_CRYPTO_DISABLED,
2056 					    &ar->ab->dev_flags));
2057 
2058 	ether_addr_copy(cmd->peer_macaddr.addr, param->peer_mac);
2059 
2060 	cmd->peer_rate_caps = param->peer_rate_caps;
2061 	cmd->peer_caps = param->peer_caps;
2062 	cmd->peer_listen_intval = param->peer_listen_intval;
2063 	cmd->peer_ht_caps = param->peer_ht_caps;
2064 	cmd->peer_max_mpdu = param->peer_max_mpdu;
2065 	cmd->peer_mpdu_density = param->peer_mpdu_density;
2066 	cmd->peer_vht_caps = param->peer_vht_caps;
2067 	cmd->peer_phymode = param->peer_phymode;
2068 
2069 	/* Update 11ax capabilities */
2070 	cmd->peer_he_cap_info = param->peer_he_cap_macinfo[0];
2071 	cmd->peer_he_cap_info_ext = param->peer_he_cap_macinfo[1];
2072 	cmd->peer_he_cap_info_internal = param->peer_he_cap_macinfo_internal;
2073 	cmd->peer_he_caps_6ghz = param->peer_he_caps_6ghz;
2074 	cmd->peer_he_ops = param->peer_he_ops;
2075 	memcpy(&cmd->peer_he_cap_phy, &param->peer_he_cap_phyinfo,
2076 	       sizeof(param->peer_he_cap_phyinfo));
2077 	memcpy(&cmd->peer_ppet, &param->peer_ppet,
2078 	       sizeof(param->peer_ppet));
2079 
2080 	/* Update peer legacy rate information */
2081 	ptr += sizeof(*cmd);
2082 
2083 #if defined(__linux__)
2084 	tlv = ptr;
2085 #elif defined(__FreeBSD__)
2086 	tlv = (void *)ptr;
2087 #endif
2088 	tlv->header = FIELD_PREP(WMI_TLV_TAG, WMI_TAG_ARRAY_BYTE) |
2089 		      FIELD_PREP(WMI_TLV_LEN, peer_legacy_rates_align);
2090 
2091 	ptr += TLV_HDR_SIZE;
2092 
2093 	cmd->num_peer_legacy_rates = param->peer_legacy_rates.num_rates;
2094 	memcpy(ptr, param->peer_legacy_rates.rates,
2095 	       param->peer_legacy_rates.num_rates);
2096 
2097 	/* Update peer HT rate information */
2098 	ptr += peer_legacy_rates_align;
2099 
2100 #if defined(__linux__)
2101 	tlv = ptr;
2102 #elif defined(__FreeBSD__)
2103 	tlv = (void *)ptr;
2104 #endif
2105 	tlv->header = FIELD_PREP(WMI_TLV_TAG, WMI_TAG_ARRAY_BYTE) |
2106 		      FIELD_PREP(WMI_TLV_LEN, peer_ht_rates_align);
2107 	ptr += TLV_HDR_SIZE;
2108 	cmd->num_peer_ht_rates = param->peer_ht_rates.num_rates;
2109 	memcpy(ptr, param->peer_ht_rates.rates,
2110 	       param->peer_ht_rates.num_rates);
2111 
2112 	/* VHT Rates */
2113 	ptr += peer_ht_rates_align;
2114 
2115 #if defined(__linux__)
2116 	mcs = ptr;
2117 #elif defined(__FreeBSD__)
2118 	mcs = (void *)ptr;
2119 #endif
2120 
2121 	mcs->tlv_header = FIELD_PREP(WMI_TLV_TAG, WMI_TAG_VHT_RATE_SET) |
2122 			  FIELD_PREP(WMI_TLV_LEN, sizeof(*mcs) - TLV_HDR_SIZE);
2123 
2124 	cmd->peer_nss = param->peer_nss;
2125 
2126 	/* Update bandwidth-NSS mapping */
2127 	cmd->peer_bw_rxnss_override = 0;
2128 	cmd->peer_bw_rxnss_override |= param->peer_bw_rxnss_override;
2129 
2130 	if (param->vht_capable) {
2131 		mcs->rx_max_rate = param->rx_max_rate;
2132 		mcs->rx_mcs_set = param->rx_mcs_set;
2133 		mcs->tx_max_rate = param->tx_max_rate;
2134 		mcs->tx_mcs_set = param->tx_mcs_set;
2135 	}
2136 
2137 	/* HE Rates */
2138 	cmd->peer_he_mcs = param->peer_he_mcs_count;
2139 	cmd->min_data_rate = param->min_data_rate;
2140 
2141 	ptr += sizeof(*mcs);
2142 
2143 	len = param->peer_he_mcs_count * sizeof(*he_mcs);
2144 
2145 #if defined(__linux__)
2146 	tlv = ptr;
2147 #elif defined(__FreeBSD__)
2148 	tlv = (void *)ptr;
2149 #endif
2150 	tlv->header = FIELD_PREP(WMI_TLV_TAG, WMI_TAG_ARRAY_STRUCT) |
2151 		      FIELD_PREP(WMI_TLV_LEN, len);
2152 	ptr += TLV_HDR_SIZE;
2153 
2154 	/* Loop through the HE rate set */
2155 	for (i = 0; i < param->peer_he_mcs_count; i++) {
2156 #if defined(__linux__)
2157 		he_mcs = ptr;
2158 #elif defined(__FreeBSD__)
2159 		he_mcs = (void *)ptr;
2160 #endif
2161 		he_mcs->tlv_header = FIELD_PREP(WMI_TLV_TAG,
2162 						WMI_TAG_HE_RATE_SET) |
2163 				     FIELD_PREP(WMI_TLV_LEN,
2164 						sizeof(*he_mcs) - TLV_HDR_SIZE);
2165 
2166 		he_mcs->rx_mcs_set = param->peer_he_tx_mcs_set[i];
2167 		he_mcs->tx_mcs_set = param->peer_he_rx_mcs_set[i];
2168 		ptr += sizeof(*he_mcs);
2169 	}
2170 
2171 	ret = ath11k_wmi_cmd_send(wmi, skb, WMI_PEER_ASSOC_CMDID);
2172 	if (ret) {
2173 		ath11k_warn(ar->ab,
2174 			    "failed to send WMI_PEER_ASSOC_CMDID\n");
2175 		dev_kfree_skb(skb);
2176 	}
2177 
2178 	ath11k_dbg(ar->ab, ATH11K_DBG_WMI,
2179 		   "cmd peer assoc vdev id %d assoc id %d peer mac %pM peer_flags %x rate_caps %x peer_caps %x listen_intval %d ht_caps %x max_mpdu %d nss %d phymode %d peer_mpdu_density %d vht_caps %x he cap_info %x he ops %x he cap_info_ext %x he phy %x %x %x peer_bw_rxnss_override %x\n",
2180 		   cmd->vdev_id, cmd->peer_associd, param->peer_mac,
2181 		   cmd->peer_flags, cmd->peer_rate_caps, cmd->peer_caps,
2182 		   cmd->peer_listen_intval, cmd->peer_ht_caps,
2183 		   cmd->peer_max_mpdu, cmd->peer_nss, cmd->peer_phymode,
2184 		   cmd->peer_mpdu_density,
2185 		   cmd->peer_vht_caps, cmd->peer_he_cap_info,
2186 		   cmd->peer_he_ops, cmd->peer_he_cap_info_ext,
2187 		   cmd->peer_he_cap_phy[0], cmd->peer_he_cap_phy[1],
2188 		   cmd->peer_he_cap_phy[2],
2189 		   cmd->peer_bw_rxnss_override);
2190 
2191 	return ret;
2192 }
2193 
2194 void ath11k_wmi_start_scan_init(struct ath11k *ar,
2195 				struct scan_req_params *arg)
2196 {
2197 	/* setup commonly used values */
2198 	arg->scan_req_id = 1;
2199 	if (ar->state_11d == ATH11K_11D_PREPARING)
2200 		arg->scan_priority = WMI_SCAN_PRIORITY_MEDIUM;
2201 	else
2202 		arg->scan_priority = WMI_SCAN_PRIORITY_LOW;
2203 	arg->dwell_time_active = 50;
2204 	arg->dwell_time_active_2g = 0;
2205 	arg->dwell_time_passive = 150;
2206 	arg->dwell_time_active_6g = 40;
2207 	arg->dwell_time_passive_6g = 30;
2208 	arg->min_rest_time = 50;
2209 	arg->max_rest_time = 500;
2210 	arg->repeat_probe_time = 0;
2211 	arg->probe_spacing_time = 0;
2212 	arg->idle_time = 0;
2213 	arg->max_scan_time = 20000;
2214 	arg->probe_delay = 5;
2215 	arg->notify_scan_events = WMI_SCAN_EVENT_STARTED |
2216 				  WMI_SCAN_EVENT_COMPLETED |
2217 				  WMI_SCAN_EVENT_BSS_CHANNEL |
2218 				  WMI_SCAN_EVENT_FOREIGN_CHAN |
2219 				  WMI_SCAN_EVENT_DEQUEUED;
2220 	arg->scan_flags |= WMI_SCAN_CHAN_STAT_EVENT;
2221 
2222 	if (test_bit(WMI_TLV_SERVICE_PASSIVE_SCAN_START_TIME_ENHANCE,
2223 		     ar->ab->wmi_ab.svc_map))
2224 		arg->scan_ctrl_flags_ext |=
2225 			WMI_SCAN_FLAG_EXT_PASSIVE_SCAN_START_TIME_ENHANCE;
2226 
2227 	arg->num_bssid = 1;
2228 
2229 	/* fill bssid_list[0] with 0xff, otherwise bssid and RA will be
2230 	 * ZEROs in probe request
2231 	 */
2232 	eth_broadcast_addr(arg->bssid_list[0].addr);
2233 }
2234 
2235 static inline void
2236 ath11k_wmi_copy_scan_event_cntrl_flags(struct wmi_start_scan_cmd *cmd,
2237 				       struct scan_req_params *param)
2238 {
2239 	/* Scan events subscription */
2240 	if (param->scan_ev_started)
2241 		cmd->notify_scan_events |=  WMI_SCAN_EVENT_STARTED;
2242 	if (param->scan_ev_completed)
2243 		cmd->notify_scan_events |=  WMI_SCAN_EVENT_COMPLETED;
2244 	if (param->scan_ev_bss_chan)
2245 		cmd->notify_scan_events |=  WMI_SCAN_EVENT_BSS_CHANNEL;
2246 	if (param->scan_ev_foreign_chan)
2247 		cmd->notify_scan_events |=  WMI_SCAN_EVENT_FOREIGN_CHAN;
2248 	if (param->scan_ev_dequeued)
2249 		cmd->notify_scan_events |=  WMI_SCAN_EVENT_DEQUEUED;
2250 	if (param->scan_ev_preempted)
2251 		cmd->notify_scan_events |=  WMI_SCAN_EVENT_PREEMPTED;
2252 	if (param->scan_ev_start_failed)
2253 		cmd->notify_scan_events |=  WMI_SCAN_EVENT_START_FAILED;
2254 	if (param->scan_ev_restarted)
2255 		cmd->notify_scan_events |=  WMI_SCAN_EVENT_RESTARTED;
2256 	if (param->scan_ev_foreign_chn_exit)
2257 		cmd->notify_scan_events |=  WMI_SCAN_EVENT_FOREIGN_CHAN_EXIT;
2258 	if (param->scan_ev_suspended)
2259 		cmd->notify_scan_events |=  WMI_SCAN_EVENT_SUSPENDED;
2260 	if (param->scan_ev_resumed)
2261 		cmd->notify_scan_events |=  WMI_SCAN_EVENT_RESUMED;
2262 
2263 	/** Set scan control flags */
2264 	cmd->scan_ctrl_flags = 0;
2265 	if (param->scan_f_passive)
2266 		cmd->scan_ctrl_flags |=  WMI_SCAN_FLAG_PASSIVE;
2267 	if (param->scan_f_strict_passive_pch)
2268 		cmd->scan_ctrl_flags |=  WMI_SCAN_FLAG_STRICT_PASSIVE_ON_PCHN;
2269 	if (param->scan_f_promisc_mode)
2270 		cmd->scan_ctrl_flags |=  WMI_SCAN_FILTER_PROMISCUOS;
2271 	if (param->scan_f_capture_phy_err)
2272 		cmd->scan_ctrl_flags |=  WMI_SCAN_CAPTURE_PHY_ERROR;
2273 	if (param->scan_f_half_rate)
2274 		cmd->scan_ctrl_flags |=  WMI_SCAN_FLAG_HALF_RATE_SUPPORT;
2275 	if (param->scan_f_quarter_rate)
2276 		cmd->scan_ctrl_flags |=  WMI_SCAN_FLAG_QUARTER_RATE_SUPPORT;
2277 	if (param->scan_f_cck_rates)
2278 		cmd->scan_ctrl_flags |=  WMI_SCAN_ADD_CCK_RATES;
2279 	if (param->scan_f_ofdm_rates)
2280 		cmd->scan_ctrl_flags |=  WMI_SCAN_ADD_OFDM_RATES;
2281 	if (param->scan_f_chan_stat_evnt)
2282 		cmd->scan_ctrl_flags |=  WMI_SCAN_CHAN_STAT_EVENT;
2283 	if (param->scan_f_filter_prb_req)
2284 		cmd->scan_ctrl_flags |=  WMI_SCAN_FILTER_PROBE_REQ;
2285 	if (param->scan_f_bcast_probe)
2286 		cmd->scan_ctrl_flags |=  WMI_SCAN_ADD_BCAST_PROBE_REQ;
2287 	if (param->scan_f_offchan_mgmt_tx)
2288 		cmd->scan_ctrl_flags |=  WMI_SCAN_OFFCHAN_MGMT_TX;
2289 	if (param->scan_f_offchan_data_tx)
2290 		cmd->scan_ctrl_flags |=  WMI_SCAN_OFFCHAN_DATA_TX;
2291 	if (param->scan_f_force_active_dfs_chn)
2292 		cmd->scan_ctrl_flags |=  WMI_SCAN_FLAG_FORCE_ACTIVE_ON_DFS;
2293 	if (param->scan_f_add_tpc_ie_in_probe)
2294 		cmd->scan_ctrl_flags |=  WMI_SCAN_ADD_TPC_IE_IN_PROBE_REQ;
2295 	if (param->scan_f_add_ds_ie_in_probe)
2296 		cmd->scan_ctrl_flags |=  WMI_SCAN_ADD_DS_IE_IN_PROBE_REQ;
2297 	if (param->scan_f_add_spoofed_mac_in_probe)
2298 		cmd->scan_ctrl_flags |=  WMI_SCAN_ADD_SPOOF_MAC_IN_PROBE_REQ;
2299 	if (param->scan_f_add_rand_seq_in_probe)
2300 		cmd->scan_ctrl_flags |=  WMI_SCAN_RANDOM_SEQ_NO_IN_PROBE_REQ;
2301 	if (param->scan_f_en_ie_whitelist_in_probe)
2302 		cmd->scan_ctrl_flags |=
2303 			 WMI_SCAN_ENABLE_IE_WHTELIST_IN_PROBE_REQ;
2304 
2305 	/* for adaptive scan mode using 3 bits (21 - 23 bits) */
2306 	WMI_SCAN_SET_DWELL_MODE(cmd->scan_ctrl_flags,
2307 				param->adaptive_dwell_time_mode);
2308 
2309 	cmd->scan_ctrl_flags_ext = param->scan_ctrl_flags_ext;
2310 }
2311 
2312 int ath11k_wmi_send_scan_start_cmd(struct ath11k *ar,
2313 				   struct scan_req_params *params)
2314 {
2315 	struct ath11k_pdev_wmi *wmi = ar->wmi;
2316 	struct wmi_start_scan_cmd *cmd;
2317 	struct wmi_ssid *ssid = NULL;
2318 	struct wmi_mac_addr *bssid;
2319 	struct sk_buff *skb;
2320 	struct wmi_tlv *tlv;
2321 #if defined(__linux__)
2322 	void *ptr;
2323 #elif defined(__FreeBSD__)
2324 	u8 *ptr;
2325 #endif
2326 	int i, ret, len;
2327 	u32 *tmp_ptr;
2328 	u16 extraie_len_with_pad = 0;
2329 	struct hint_short_ssid *s_ssid = NULL;
2330 	struct hint_bssid *hint_bssid = NULL;
2331 
2332 	len = sizeof(*cmd);
2333 
2334 	len += TLV_HDR_SIZE;
2335 	if (params->num_chan)
2336 		len += params->num_chan * sizeof(u32);
2337 
2338 	len += TLV_HDR_SIZE;
2339 	if (params->num_ssids)
2340 		len += params->num_ssids * sizeof(*ssid);
2341 
2342 	len += TLV_HDR_SIZE;
2343 	if (params->num_bssid)
2344 		len += sizeof(*bssid) * params->num_bssid;
2345 
2346 	len += TLV_HDR_SIZE;
2347 	if (params->extraie.len && params->extraie.len <= 0xFFFF)
2348 		extraie_len_with_pad =
2349 			roundup(params->extraie.len, sizeof(u32));
2350 	len += extraie_len_with_pad;
2351 
2352 	if (params->num_hint_bssid)
2353 		len += TLV_HDR_SIZE +
2354 		       params->num_hint_bssid * sizeof(struct hint_bssid);
2355 
2356 	if (params->num_hint_s_ssid)
2357 		len += TLV_HDR_SIZE +
2358 		       params->num_hint_s_ssid * sizeof(struct hint_short_ssid);
2359 
2360 	skb = ath11k_wmi_alloc_skb(wmi->wmi_ab, len);
2361 	if (!skb)
2362 		return -ENOMEM;
2363 
2364 	ptr = skb->data;
2365 
2366 #if defined(__linux__)
2367 	cmd = ptr;
2368 #elif defined(__FreeBSD__)
2369 	cmd = (void *)ptr;
2370 #endif
2371 	cmd->tlv_header = FIELD_PREP(WMI_TLV_TAG, WMI_TAG_START_SCAN_CMD) |
2372 			  FIELD_PREP(WMI_TLV_LEN, sizeof(*cmd) - TLV_HDR_SIZE);
2373 
2374 	cmd->scan_id = params->scan_id;
2375 	cmd->scan_req_id = params->scan_req_id;
2376 	cmd->vdev_id = params->vdev_id;
2377 	cmd->scan_priority = params->scan_priority;
2378 	cmd->notify_scan_events = params->notify_scan_events;
2379 
2380 	ath11k_wmi_copy_scan_event_cntrl_flags(cmd, params);
2381 
2382 	cmd->dwell_time_active = params->dwell_time_active;
2383 	cmd->dwell_time_active_2g = params->dwell_time_active_2g;
2384 	cmd->dwell_time_passive = params->dwell_time_passive;
2385 	cmd->dwell_time_active_6g = params->dwell_time_active_6g;
2386 	cmd->dwell_time_passive_6g = params->dwell_time_passive_6g;
2387 	cmd->min_rest_time = params->min_rest_time;
2388 	cmd->max_rest_time = params->max_rest_time;
2389 	cmd->repeat_probe_time = params->repeat_probe_time;
2390 	cmd->probe_spacing_time = params->probe_spacing_time;
2391 	cmd->idle_time = params->idle_time;
2392 	cmd->max_scan_time = params->max_scan_time;
2393 	cmd->probe_delay = params->probe_delay;
2394 	cmd->burst_duration = params->burst_duration;
2395 	cmd->num_chan = params->num_chan;
2396 	cmd->num_bssid = params->num_bssid;
2397 	cmd->num_ssids = params->num_ssids;
2398 	cmd->ie_len = params->extraie.len;
2399 	cmd->n_probes = params->n_probes;
2400 	ether_addr_copy(cmd->mac_addr.addr, params->mac_addr.addr);
2401 	ether_addr_copy(cmd->mac_mask.addr, params->mac_mask.addr);
2402 
2403 	ptr += sizeof(*cmd);
2404 
2405 	len = params->num_chan * sizeof(u32);
2406 
2407 #if defined(__linux__)
2408 	tlv = ptr;
2409 #elif defined(__FreeBSD__)
2410 	tlv = (void *)ptr;
2411 #endif
2412 	tlv->header = FIELD_PREP(WMI_TLV_TAG, WMI_TAG_ARRAY_UINT32) |
2413 		      FIELD_PREP(WMI_TLV_LEN, len);
2414 	ptr += TLV_HDR_SIZE;
2415 	tmp_ptr = (u32 *)ptr;
2416 
2417 	for (i = 0; i < params->num_chan; ++i)
2418 		tmp_ptr[i] = params->chan_list[i];
2419 
2420 	ptr += len;
2421 
2422 	len = params->num_ssids * sizeof(*ssid);
2423 #if defined(__linux__)
2424 	tlv = ptr;
2425 #elif defined(__FreeBSD__)
2426 	tlv = (void *)ptr;
2427 #endif
2428 	tlv->header = FIELD_PREP(WMI_TLV_TAG, WMI_TAG_ARRAY_FIXED_STRUCT) |
2429 		      FIELD_PREP(WMI_TLV_LEN, len);
2430 
2431 	ptr += TLV_HDR_SIZE;
2432 
2433 	if (params->num_ssids) {
2434 #if defined(__linux__)
2435 		ssid = ptr;
2436 #elif defined(__FreeBSD__)
2437 		ssid = (void *)ptr;
2438 #endif
2439 		for (i = 0; i < params->num_ssids; ++i) {
2440 			ssid->ssid_len = params->ssid[i].length;
2441 			memcpy(ssid->ssid, params->ssid[i].ssid,
2442 			       params->ssid[i].length);
2443 			ssid++;
2444 		}
2445 	}
2446 
2447 	ptr += (params->num_ssids * sizeof(*ssid));
2448 	len = params->num_bssid * sizeof(*bssid);
2449 #if defined(__linux__)
2450 	tlv = ptr;
2451 #elif defined(__FreeBSD__)
2452 	tlv = (void *)ptr;
2453 #endif
2454 	tlv->header = FIELD_PREP(WMI_TLV_TAG, WMI_TAG_ARRAY_FIXED_STRUCT) |
2455 		      FIELD_PREP(WMI_TLV_LEN, len);
2456 
2457 	ptr += TLV_HDR_SIZE;
2458 #if defined(__linux__)
2459 	bssid = ptr;
2460 #elif defined(__FreeBSD__)
2461 	bssid = (void *)ptr;
2462 #endif
2463 
2464 	if (params->num_bssid) {
2465 		for (i = 0; i < params->num_bssid; ++i) {
2466 			ether_addr_copy(bssid->addr,
2467 					params->bssid_list[i].addr);
2468 			bssid++;
2469 		}
2470 	}
2471 
2472 	ptr += params->num_bssid * sizeof(*bssid);
2473 
2474 	len = extraie_len_with_pad;
2475 #if defined(__linux__)
2476 	tlv = ptr;
2477 #elif defined(__FreeBSD__)
2478 	tlv = (void *)ptr;
2479 #endif
2480 	tlv->header = FIELD_PREP(WMI_TLV_TAG, WMI_TAG_ARRAY_BYTE) |
2481 		      FIELD_PREP(WMI_TLV_LEN, len);
2482 	ptr += TLV_HDR_SIZE;
2483 
2484 	if (extraie_len_with_pad)
2485 		memcpy(ptr, params->extraie.ptr,
2486 		       params->extraie.len);
2487 
2488 	ptr += extraie_len_with_pad;
2489 
2490 	if (params->num_hint_s_ssid) {
2491 		len = params->num_hint_s_ssid * sizeof(struct hint_short_ssid);
2492 #if defined(__linux__)
2493 		tlv = ptr;
2494 #elif defined(__FreeBSD__)
2495 		tlv = (void *)ptr;
2496 #endif
2497 		tlv->header = FIELD_PREP(WMI_TLV_TAG, WMI_TAG_ARRAY_FIXED_STRUCT) |
2498 			      FIELD_PREP(WMI_TLV_LEN, len);
2499 		ptr += TLV_HDR_SIZE;
2500 #if defined(__linux__)
2501 		s_ssid = ptr;
2502 #elif defined(__FreeBSD__)
2503 		s_ssid = (void *)ptr;
2504 #endif
2505 		for (i = 0; i < params->num_hint_s_ssid; ++i) {
2506 			s_ssid->freq_flags = params->hint_s_ssid[i].freq_flags;
2507 			s_ssid->short_ssid = params->hint_s_ssid[i].short_ssid;
2508 			s_ssid++;
2509 		}
2510 		ptr += len;
2511 	}
2512 
2513 	if (params->num_hint_bssid) {
2514 		len = params->num_hint_bssid * sizeof(struct hint_bssid);
2515 #if defined(__linux__)
2516 		tlv = ptr;
2517 #elif defined(__FreeBSD__)
2518 		tlv = (void *)ptr;
2519 #endif
2520 		tlv->header = FIELD_PREP(WMI_TLV_TAG, WMI_TAG_ARRAY_FIXED_STRUCT) |
2521 			      FIELD_PREP(WMI_TLV_LEN, len);
2522 		ptr += TLV_HDR_SIZE;
2523 #if defined(__linux__)
2524 		hint_bssid = ptr;
2525 #elif defined(__FreeBSD__)
2526 		hint_bssid = (void *)ptr;
2527 #endif
2528 		for (i = 0; i < params->num_hint_bssid; ++i) {
2529 			hint_bssid->freq_flags =
2530 				params->hint_bssid[i].freq_flags;
2531 			ether_addr_copy(&params->hint_bssid[i].bssid.addr[0],
2532 					&hint_bssid->bssid.addr[0]);
2533 			hint_bssid++;
2534 		}
2535 	}
2536 
2537 	ret = ath11k_wmi_cmd_send(wmi, skb,
2538 				  WMI_START_SCAN_CMDID);
2539 	if (ret) {
2540 		ath11k_warn(ar->ab, "failed to send WMI_START_SCAN_CMDID\n");
2541 		dev_kfree_skb(skb);
2542 	}
2543 
2544 	ath11k_dbg(ar->ab, ATH11K_DBG_WMI, "cmd start scan");
2545 
2546 	return ret;
2547 }
2548 
2549 int ath11k_wmi_send_scan_stop_cmd(struct ath11k *ar,
2550 				  struct scan_cancel_param *param)
2551 {
2552 	struct ath11k_pdev_wmi *wmi = ar->wmi;
2553 	struct wmi_stop_scan_cmd *cmd;
2554 	struct sk_buff *skb;
2555 	int ret;
2556 
2557 	skb = ath11k_wmi_alloc_skb(wmi->wmi_ab, sizeof(*cmd));
2558 	if (!skb)
2559 		return -ENOMEM;
2560 
2561 	cmd = (struct wmi_stop_scan_cmd *)skb->data;
2562 
2563 	cmd->tlv_header = FIELD_PREP(WMI_TLV_TAG, WMI_TAG_STOP_SCAN_CMD) |
2564 			  FIELD_PREP(WMI_TLV_LEN, sizeof(*cmd) - TLV_HDR_SIZE);
2565 
2566 	cmd->vdev_id = param->vdev_id;
2567 	cmd->requestor = param->requester;
2568 	cmd->scan_id = param->scan_id;
2569 	cmd->pdev_id = param->pdev_id;
2570 	/* stop the scan with the corresponding scan_id */
2571 	if (param->req_type == WLAN_SCAN_CANCEL_PDEV_ALL) {
2572 		/* Cancelling all scans */
2573 		cmd->req_type =  WMI_SCAN_STOP_ALL;
2574 	} else if (param->req_type == WLAN_SCAN_CANCEL_VDEV_ALL) {
2575 		/* Cancelling VAP scans */
2576 		cmd->req_type =  WMI_SCN_STOP_VAP_ALL;
2577 	} else if (param->req_type == WLAN_SCAN_CANCEL_SINGLE) {
2578 		/* Cancelling specific scan */
2579 		cmd->req_type =  WMI_SCAN_STOP_ONE;
2580 	} else {
2581 		ath11k_warn(ar->ab, "invalid scan cancel param %d",
2582 			    param->req_type);
2583 		dev_kfree_skb(skb);
2584 		return -EINVAL;
2585 	}
2586 
2587 	ret = ath11k_wmi_cmd_send(wmi, skb,
2588 				  WMI_STOP_SCAN_CMDID);
2589 	if (ret) {
2590 		ath11k_warn(ar->ab, "failed to send WMI_STOP_SCAN_CMDID\n");
2591 		dev_kfree_skb(skb);
2592 	}
2593 
2594 	ath11k_dbg(ar->ab, ATH11K_DBG_WMI, "cmd stop scan");
2595 
2596 	return ret;
2597 }
2598 
2599 int ath11k_wmi_send_scan_chan_list_cmd(struct ath11k *ar,
2600 				       struct scan_chan_list_params *chan_list)
2601 {
2602 	struct ath11k_pdev_wmi *wmi = ar->wmi;
2603 	struct wmi_scan_chan_list_cmd *cmd;
2604 	struct sk_buff *skb;
2605 	struct wmi_channel *chan_info;
2606 	struct channel_param *tchan_info;
2607 	struct wmi_tlv *tlv;
2608 #if defined(__linux__)
2609 	void *ptr;
2610 #elif defined(__FreeBSD__)
2611 	u8 *ptr;
2612 #endif
2613 	int i, ret, len;
2614 	u16 num_send_chans, num_sends = 0, max_chan_limit = 0;
2615 	u32 *reg1, *reg2;
2616 
2617 	tchan_info = chan_list->ch_param;
2618 	while (chan_list->nallchans) {
2619 		len = sizeof(*cmd) + TLV_HDR_SIZE;
2620 		max_chan_limit = (wmi->wmi_ab->max_msg_len[ar->pdev_idx] - len) /
2621 			sizeof(*chan_info);
2622 
2623 		if (chan_list->nallchans > max_chan_limit)
2624 			num_send_chans = max_chan_limit;
2625 		else
2626 			num_send_chans = chan_list->nallchans;
2627 
2628 		chan_list->nallchans -= num_send_chans;
2629 		len += sizeof(*chan_info) * num_send_chans;
2630 
2631 		skb = ath11k_wmi_alloc_skb(wmi->wmi_ab, len);
2632 		if (!skb)
2633 			return -ENOMEM;
2634 
2635 		cmd = (struct wmi_scan_chan_list_cmd *)skb->data;
2636 		cmd->tlv_header = FIELD_PREP(WMI_TLV_TAG, WMI_TAG_SCAN_CHAN_LIST_CMD) |
2637 			FIELD_PREP(WMI_TLV_LEN, sizeof(*cmd) - TLV_HDR_SIZE);
2638 		cmd->pdev_id = chan_list->pdev_id;
2639 		cmd->num_scan_chans = num_send_chans;
2640 		if (num_sends)
2641 			cmd->flags |= WMI_APPEND_TO_EXISTING_CHAN_LIST_FLAG;
2642 
2643 		ath11k_dbg(ar->ab, ATH11K_DBG_WMI,
2644 			   "no.of chan = %d len = %d pdev_id = %d num_sends = %d\n",
2645 			   num_send_chans, len, cmd->pdev_id, num_sends);
2646 
2647 		ptr = skb->data + sizeof(*cmd);
2648 
2649 		len = sizeof(*chan_info) * num_send_chans;
2650 #if defined(__linux__)
2651 		tlv = ptr;
2652 #elif defined(__FreeBSD__)
2653 		tlv = (void *)ptr;
2654 #endif
2655 		tlv->header = FIELD_PREP(WMI_TLV_TAG, WMI_TAG_ARRAY_STRUCT) |
2656 			      FIELD_PREP(WMI_TLV_LEN, len - TLV_HDR_SIZE);
2657 		ptr += TLV_HDR_SIZE;
2658 
2659 		for (i = 0; i < num_send_chans; ++i) {
2660 #if defined(__linux__)
2661 			chan_info = ptr;
2662 #elif defined(__FreeBSD__)
2663 			chan_info = (void *)ptr;
2664 #endif
2665 			memset(chan_info, 0, sizeof(*chan_info));
2666 			len = sizeof(*chan_info);
2667 			chan_info->tlv_header = FIELD_PREP(WMI_TLV_TAG,
2668 							   WMI_TAG_CHANNEL) |
2669 						FIELD_PREP(WMI_TLV_LEN,
2670 							   len - TLV_HDR_SIZE);
2671 
2672 			reg1 = &chan_info->reg_info_1;
2673 			reg2 = &chan_info->reg_info_2;
2674 			chan_info->mhz = tchan_info->mhz;
2675 			chan_info->band_center_freq1 = tchan_info->cfreq1;
2676 			chan_info->band_center_freq2 = tchan_info->cfreq2;
2677 
2678 			if (tchan_info->is_chan_passive)
2679 				chan_info->info |= WMI_CHAN_INFO_PASSIVE;
2680 			if (tchan_info->allow_he)
2681 				chan_info->info |= WMI_CHAN_INFO_ALLOW_HE;
2682 			else if (tchan_info->allow_vht)
2683 				chan_info->info |= WMI_CHAN_INFO_ALLOW_VHT;
2684 			else if (tchan_info->allow_ht)
2685 				chan_info->info |= WMI_CHAN_INFO_ALLOW_HT;
2686 			if (tchan_info->half_rate)
2687 				chan_info->info |= WMI_CHAN_INFO_HALF_RATE;
2688 			if (tchan_info->quarter_rate)
2689 				chan_info->info |= WMI_CHAN_INFO_QUARTER_RATE;
2690 			if (tchan_info->psc_channel)
2691 				chan_info->info |= WMI_CHAN_INFO_PSC;
2692 			if (tchan_info->dfs_set)
2693 				chan_info->info |= WMI_CHAN_INFO_DFS;
2694 
2695 			chan_info->info |= FIELD_PREP(WMI_CHAN_INFO_MODE,
2696 						      tchan_info->phy_mode);
2697 			*reg1 |= FIELD_PREP(WMI_CHAN_REG_INFO1_MIN_PWR,
2698 					    tchan_info->minpower);
2699 			*reg1 |= FIELD_PREP(WMI_CHAN_REG_INFO1_MAX_PWR,
2700 					    tchan_info->maxpower);
2701 			*reg1 |= FIELD_PREP(WMI_CHAN_REG_INFO1_MAX_REG_PWR,
2702 					    tchan_info->maxregpower);
2703 			*reg1 |= FIELD_PREP(WMI_CHAN_REG_INFO1_REG_CLS,
2704 					    tchan_info->reg_class_id);
2705 			*reg2 |= FIELD_PREP(WMI_CHAN_REG_INFO2_ANT_MAX,
2706 					    tchan_info->antennamax);
2707 			*reg2 |= FIELD_PREP(WMI_CHAN_REG_INFO2_MAX_TX_PWR,
2708 					    tchan_info->maxregpower);
2709 
2710 			ath11k_dbg(ar->ab, ATH11K_DBG_WMI,
2711 				   "chan scan list chan[%d] = %u, chan_info->info %8x\n",
2712 				   i, chan_info->mhz, chan_info->info);
2713 
2714 			ptr += sizeof(*chan_info);
2715 
2716 			tchan_info++;
2717 		}
2718 
2719 		ret = ath11k_wmi_cmd_send(wmi, skb, WMI_SCAN_CHAN_LIST_CMDID);
2720 		if (ret) {
2721 			ath11k_warn(ar->ab, "failed to send WMI_SCAN_CHAN_LIST cmd\n");
2722 			dev_kfree_skb(skb);
2723 			return ret;
2724 		}
2725 
2726 		ath11k_dbg(ar->ab, ATH11K_DBG_WMI, "cmd scan chan list channels %d",
2727 			   num_send_chans);
2728 
2729 		num_sends++;
2730 	}
2731 
2732 	return 0;
2733 }
2734 
2735 int ath11k_wmi_send_wmm_update_cmd_tlv(struct ath11k *ar, u32 vdev_id,
2736 				       struct wmi_wmm_params_all_arg *param)
2737 {
2738 	struct ath11k_pdev_wmi *wmi = ar->wmi;
2739 	struct wmi_vdev_set_wmm_params_cmd *cmd;
2740 	struct wmi_wmm_params *wmm_param;
2741 	struct wmi_wmm_params_arg *wmi_wmm_arg;
2742 	struct sk_buff *skb;
2743 	int ret, ac;
2744 
2745 	skb = ath11k_wmi_alloc_skb(wmi->wmi_ab, sizeof(*cmd));
2746 	if (!skb)
2747 		return -ENOMEM;
2748 
2749 	cmd = (struct wmi_vdev_set_wmm_params_cmd *)skb->data;
2750 	cmd->tlv_header = FIELD_PREP(WMI_TLV_TAG,
2751 				     WMI_TAG_VDEV_SET_WMM_PARAMS_CMD) |
2752 			  FIELD_PREP(WMI_TLV_LEN, sizeof(*cmd) - TLV_HDR_SIZE);
2753 
2754 	cmd->vdev_id = vdev_id;
2755 	cmd->wmm_param_type = 0;
2756 
2757 	for (ac = 0; ac < WME_NUM_AC; ac++) {
2758 		switch (ac) {
2759 		case WME_AC_BE:
2760 			wmi_wmm_arg = &param->ac_be;
2761 			break;
2762 		case WME_AC_BK:
2763 			wmi_wmm_arg = &param->ac_bk;
2764 			break;
2765 		case WME_AC_VI:
2766 			wmi_wmm_arg = &param->ac_vi;
2767 			break;
2768 		case WME_AC_VO:
2769 			wmi_wmm_arg = &param->ac_vo;
2770 			break;
2771 		}
2772 
2773 		wmm_param = (struct wmi_wmm_params *)&cmd->wmm_params[ac];
2774 		wmm_param->tlv_header =
2775 				FIELD_PREP(WMI_TLV_TAG,
2776 					   WMI_TAG_VDEV_SET_WMM_PARAMS_CMD) |
2777 				FIELD_PREP(WMI_TLV_LEN,
2778 					   sizeof(*wmm_param) - TLV_HDR_SIZE);
2779 
2780 		wmm_param->aifs = wmi_wmm_arg->aifs;
2781 		wmm_param->cwmin = wmi_wmm_arg->cwmin;
2782 		wmm_param->cwmax = wmi_wmm_arg->cwmax;
2783 		wmm_param->txoplimit = wmi_wmm_arg->txop;
2784 		wmm_param->acm = wmi_wmm_arg->acm;
2785 		wmm_param->no_ack = wmi_wmm_arg->no_ack;
2786 
2787 		ath11k_dbg(ar->ab, ATH11K_DBG_WMI,
2788 			   "wmm set ac %d aifs %d cwmin %d cwmax %d txop %d acm %d no_ack %d\n",
2789 			   ac, wmm_param->aifs, wmm_param->cwmin,
2790 			   wmm_param->cwmax, wmm_param->txoplimit,
2791 			   wmm_param->acm, wmm_param->no_ack);
2792 	}
2793 	ret = ath11k_wmi_cmd_send(wmi, skb,
2794 				  WMI_VDEV_SET_WMM_PARAMS_CMDID);
2795 	if (ret) {
2796 		ath11k_warn(ar->ab,
2797 			    "failed to send WMI_VDEV_SET_WMM_PARAMS_CMDID");
2798 		dev_kfree_skb(skb);
2799 	}
2800 
2801 	ath11k_dbg(ar->ab, ATH11K_DBG_WMI, "cmd vdev set wmm params");
2802 
2803 	return ret;
2804 }
2805 
2806 int ath11k_wmi_send_dfs_phyerr_offload_enable_cmd(struct ath11k *ar,
2807 						  u32 pdev_id)
2808 {
2809 	struct ath11k_pdev_wmi *wmi = ar->wmi;
2810 	struct wmi_dfs_phyerr_offload_cmd *cmd;
2811 	struct sk_buff *skb;
2812 	int ret;
2813 
2814 	skb = ath11k_wmi_alloc_skb(wmi->wmi_ab, sizeof(*cmd));
2815 	if (!skb)
2816 		return -ENOMEM;
2817 
2818 	cmd = (struct wmi_dfs_phyerr_offload_cmd *)skb->data;
2819 	cmd->tlv_header =
2820 		FIELD_PREP(WMI_TLV_TAG,
2821 			   WMI_TAG_PDEV_DFS_PHYERR_OFFLOAD_ENABLE_CMD) |
2822 		FIELD_PREP(WMI_TLV_LEN, sizeof(*cmd) - TLV_HDR_SIZE);
2823 
2824 	cmd->pdev_id = pdev_id;
2825 
2826 	ret = ath11k_wmi_cmd_send(wmi, skb,
2827 				  WMI_PDEV_DFS_PHYERR_OFFLOAD_ENABLE_CMDID);
2828 	if (ret) {
2829 		ath11k_warn(ar->ab,
2830 			    "failed to send WMI_PDEV_DFS_PHYERR_OFFLOAD_ENABLE cmd\n");
2831 		dev_kfree_skb(skb);
2832 	}
2833 
2834 	ath11k_dbg(ar->ab, ATH11K_DBG_WMI,
2835 		   "cmd pdev dfs phyerr offload enable pdev id %d\n", pdev_id);
2836 
2837 	return ret;
2838 }
2839 
2840 int ath11k_wmi_delba_send(struct ath11k *ar, u32 vdev_id, const u8 *mac,
2841 			  u32 tid, u32 initiator, u32 reason)
2842 {
2843 	struct ath11k_pdev_wmi *wmi = ar->wmi;
2844 	struct wmi_delba_send_cmd *cmd;
2845 	struct sk_buff *skb;
2846 	int ret;
2847 
2848 	skb = ath11k_wmi_alloc_skb(wmi->wmi_ab, sizeof(*cmd));
2849 	if (!skb)
2850 		return -ENOMEM;
2851 
2852 	cmd = (struct wmi_delba_send_cmd *)skb->data;
2853 	cmd->tlv_header = FIELD_PREP(WMI_TLV_TAG, WMI_TAG_DELBA_SEND_CMD) |
2854 			FIELD_PREP(WMI_TLV_LEN, sizeof(*cmd) - TLV_HDR_SIZE);
2855 	cmd->vdev_id = vdev_id;
2856 	ether_addr_copy(cmd->peer_macaddr.addr, mac);
2857 	cmd->tid = tid;
2858 	cmd->initiator = initiator;
2859 	cmd->reasoncode = reason;
2860 
2861 	ret = ath11k_wmi_cmd_send(wmi, skb, WMI_DELBA_SEND_CMDID);
2862 
2863 	if (ret) {
2864 		ath11k_warn(ar->ab,
2865 			    "failed to send WMI_DELBA_SEND_CMDID cmd\n");
2866 		dev_kfree_skb(skb);
2867 	}
2868 
2869 	ath11k_dbg(ar->ab, ATH11K_DBG_WMI,
2870 		   "cmd delba send vdev_id 0x%X mac_addr %pM tid %u initiator %u reason %u\n",
2871 		   vdev_id, mac, tid, initiator, reason);
2872 
2873 	return ret;
2874 }
2875 
2876 int ath11k_wmi_addba_set_resp(struct ath11k *ar, u32 vdev_id, const u8 *mac,
2877 			      u32 tid, u32 status)
2878 {
2879 	struct ath11k_pdev_wmi *wmi = ar->wmi;
2880 	struct wmi_addba_setresponse_cmd *cmd;
2881 	struct sk_buff *skb;
2882 	int ret;
2883 
2884 	skb = ath11k_wmi_alloc_skb(wmi->wmi_ab, sizeof(*cmd));
2885 	if (!skb)
2886 		return -ENOMEM;
2887 
2888 	cmd = (struct wmi_addba_setresponse_cmd *)skb->data;
2889 	cmd->tlv_header =
2890 		FIELD_PREP(WMI_TLV_TAG, WMI_TAG_ADDBA_SETRESPONSE_CMD) |
2891 		FIELD_PREP(WMI_TLV_LEN, sizeof(*cmd) - TLV_HDR_SIZE);
2892 	cmd->vdev_id = vdev_id;
2893 	ether_addr_copy(cmd->peer_macaddr.addr, mac);
2894 	cmd->tid = tid;
2895 	cmd->statuscode = status;
2896 
2897 	ret = ath11k_wmi_cmd_send(wmi, skb, WMI_ADDBA_SET_RESP_CMDID);
2898 
2899 	if (ret) {
2900 		ath11k_warn(ar->ab,
2901 			    "failed to send WMI_ADDBA_SET_RESP_CMDID cmd\n");
2902 		dev_kfree_skb(skb);
2903 	}
2904 
2905 	ath11k_dbg(ar->ab, ATH11K_DBG_WMI,
2906 		   "cmd addba set resp vdev_id 0x%X mac_addr %pM tid %u status %u\n",
2907 		   vdev_id, mac, tid, status);
2908 
2909 	return ret;
2910 }
2911 
2912 int ath11k_wmi_addba_send(struct ath11k *ar, u32 vdev_id, const u8 *mac,
2913 			  u32 tid, u32 buf_size)
2914 {
2915 	struct ath11k_pdev_wmi *wmi = ar->wmi;
2916 	struct wmi_addba_send_cmd *cmd;
2917 	struct sk_buff *skb;
2918 	int ret;
2919 
2920 	skb = ath11k_wmi_alloc_skb(wmi->wmi_ab, sizeof(*cmd));
2921 	if (!skb)
2922 		return -ENOMEM;
2923 
2924 	cmd = (struct wmi_addba_send_cmd *)skb->data;
2925 	cmd->tlv_header = FIELD_PREP(WMI_TLV_TAG, WMI_TAG_ADDBA_SEND_CMD) |
2926 		FIELD_PREP(WMI_TLV_LEN, sizeof(*cmd) - TLV_HDR_SIZE);
2927 	cmd->vdev_id = vdev_id;
2928 	ether_addr_copy(cmd->peer_macaddr.addr, mac);
2929 	cmd->tid = tid;
2930 	cmd->buffersize = buf_size;
2931 
2932 	ret = ath11k_wmi_cmd_send(wmi, skb, WMI_ADDBA_SEND_CMDID);
2933 
2934 	if (ret) {
2935 		ath11k_warn(ar->ab,
2936 			    "failed to send WMI_ADDBA_SEND_CMDID cmd\n");
2937 		dev_kfree_skb(skb);
2938 	}
2939 
2940 	ath11k_dbg(ar->ab, ATH11K_DBG_WMI,
2941 		   "cmd addba send vdev_id 0x%X mac_addr %pM tid %u bufsize %u\n",
2942 		   vdev_id, mac, tid, buf_size);
2943 
2944 	return ret;
2945 }
2946 
2947 int ath11k_wmi_addba_clear_resp(struct ath11k *ar, u32 vdev_id, const u8 *mac)
2948 {
2949 	struct ath11k_pdev_wmi *wmi = ar->wmi;
2950 	struct wmi_addba_clear_resp_cmd *cmd;
2951 	struct sk_buff *skb;
2952 	int ret;
2953 
2954 	skb = ath11k_wmi_alloc_skb(wmi->wmi_ab, sizeof(*cmd));
2955 	if (!skb)
2956 		return -ENOMEM;
2957 
2958 	cmd = (struct wmi_addba_clear_resp_cmd *)skb->data;
2959 	cmd->tlv_header =
2960 		FIELD_PREP(WMI_TLV_TAG, WMI_TAG_ADDBA_CLEAR_RESP_CMD) |
2961 		FIELD_PREP(WMI_TLV_LEN, sizeof(*cmd) - TLV_HDR_SIZE);
2962 	cmd->vdev_id = vdev_id;
2963 	ether_addr_copy(cmd->peer_macaddr.addr, mac);
2964 
2965 	ret = ath11k_wmi_cmd_send(wmi, skb, WMI_ADDBA_CLEAR_RESP_CMDID);
2966 
2967 	if (ret) {
2968 		ath11k_warn(ar->ab,
2969 			    "failed to send WMI_ADDBA_CLEAR_RESP_CMDID cmd\n");
2970 		dev_kfree_skb(skb);
2971 	}
2972 
2973 	ath11k_dbg(ar->ab, ATH11K_DBG_WMI,
2974 		   "cmd addba clear resp vdev_id 0x%X mac_addr %pM\n",
2975 		   vdev_id, mac);
2976 
2977 	return ret;
2978 }
2979 
2980 int ath11k_wmi_pdev_peer_pktlog_filter(struct ath11k *ar, u8 *addr, u8 enable)
2981 {
2982 	struct ath11k_pdev_wmi *wmi = ar->wmi;
2983 	struct wmi_pdev_pktlog_filter_cmd *cmd;
2984 	struct wmi_pdev_pktlog_filter_info *info;
2985 	struct sk_buff *skb;
2986 	struct wmi_tlv *tlv;
2987 #if defined(__linux__)
2988 	void *ptr;
2989 #elif defined(__FreeBSD__)
2990 	u8 *ptr;
2991 #endif
2992 	int ret, len;
2993 
2994 	len = sizeof(*cmd) + sizeof(*info) + TLV_HDR_SIZE;
2995 	skb = ath11k_wmi_alloc_skb(wmi->wmi_ab, len);
2996 	if (!skb)
2997 		return -ENOMEM;
2998 
2999 	cmd = (struct wmi_pdev_pktlog_filter_cmd *)skb->data;
3000 
3001 	cmd->tlv_header = FIELD_PREP(WMI_TLV_TAG, WMI_TAG_PDEV_PEER_PKTLOG_FILTER_CMD) |
3002 			  FIELD_PREP(WMI_TLV_LEN, sizeof(*cmd) - TLV_HDR_SIZE);
3003 
3004 	cmd->pdev_id = DP_HW2SW_MACID(ar->pdev->pdev_id);
3005 	cmd->num_mac = 1;
3006 	cmd->enable = enable;
3007 
3008 	ptr = skb->data + sizeof(*cmd);
3009 
3010 #if defined(__linux__)
3011 	tlv = ptr;
3012 #elif defined(__FreeBSD__)
3013 	tlv = (void *)ptr;
3014 #endif
3015 	tlv->header = FIELD_PREP(WMI_TLV_TAG, WMI_TAG_ARRAY_STRUCT) |
3016 		      FIELD_PREP(WMI_TLV_LEN, sizeof(*info));
3017 
3018 	ptr += TLV_HDR_SIZE;
3019 #if defined(__linux__)
3020 	info = ptr;
3021 #elif defined(__FreeBSD__)
3022 	info = (void *)ptr;
3023 #endif
3024 
3025 	ether_addr_copy(info->peer_macaddr.addr, addr);
3026 	info->tlv_header = FIELD_PREP(WMI_TLV_TAG, WMI_TAG_PDEV_PEER_PKTLOG_FILTER_INFO) |
3027 			   FIELD_PREP(WMI_TLV_LEN,
3028 				      sizeof(*info) - TLV_HDR_SIZE);
3029 
3030 	ret = ath11k_wmi_cmd_send(wmi, skb,
3031 				  WMI_PDEV_PKTLOG_FILTER_CMDID);
3032 	if (ret) {
3033 		ath11k_warn(ar->ab, "failed to send WMI_PDEV_PKTLOG_ENABLE_CMDID\n");
3034 		dev_kfree_skb(skb);
3035 	}
3036 
3037 	ath11k_dbg(ar->ab, ATH11K_DBG_WMI, "cmd pdev pktlog filter");
3038 
3039 	return ret;
3040 }
3041 
3042 int
3043 ath11k_wmi_send_init_country_cmd(struct ath11k *ar,
3044 				 struct wmi_init_country_params init_cc_params)
3045 {
3046 	struct ath11k_pdev_wmi *wmi = ar->wmi;
3047 	struct wmi_init_country_cmd *cmd;
3048 	struct sk_buff *skb;
3049 	int ret;
3050 
3051 	skb = ath11k_wmi_alloc_skb(wmi->wmi_ab, sizeof(*cmd));
3052 	if (!skb)
3053 		return -ENOMEM;
3054 
3055 	cmd = (struct wmi_init_country_cmd *)skb->data;
3056 	cmd->tlv_header =
3057 		FIELD_PREP(WMI_TLV_TAG,
3058 			   WMI_TAG_SET_INIT_COUNTRY_CMD) |
3059 		FIELD_PREP(WMI_TLV_LEN, sizeof(*cmd) - TLV_HDR_SIZE);
3060 
3061 	cmd->pdev_id = ar->pdev->pdev_id;
3062 
3063 	switch (init_cc_params.flags) {
3064 	case ALPHA_IS_SET:
3065 		cmd->init_cc_type = WMI_COUNTRY_INFO_TYPE_ALPHA;
3066 		memcpy((u8 *)&cmd->cc_info.alpha2,
3067 		       init_cc_params.cc_info.alpha2, 3);
3068 		break;
3069 	case CC_IS_SET:
3070 		cmd->init_cc_type = WMI_COUNTRY_INFO_TYPE_COUNTRY_CODE;
3071 		cmd->cc_info.country_code = init_cc_params.cc_info.country_code;
3072 		break;
3073 	case REGDMN_IS_SET:
3074 		cmd->init_cc_type = WMI_COUNTRY_INFO_TYPE_REGDOMAIN;
3075 		cmd->cc_info.regdom_id = init_cc_params.cc_info.regdom_id;
3076 		break;
3077 	default:
3078 		ath11k_warn(ar->ab, "unknown cc params flags: 0x%x",
3079 			    init_cc_params.flags);
3080 		ret = -EINVAL;
3081 		goto err;
3082 	}
3083 
3084 	ret = ath11k_wmi_cmd_send(wmi, skb,
3085 				  WMI_SET_INIT_COUNTRY_CMDID);
3086 	if (ret) {
3087 		ath11k_warn(ar->ab,
3088 			    "failed to send WMI_SET_INIT_COUNTRY CMD :%d\n",
3089 			    ret);
3090 		goto err;
3091 	}
3092 
3093 	ath11k_dbg(ar->ab, ATH11K_DBG_WMI, "cmd set init country");
3094 
3095 	return 0;
3096 
3097 err:
3098 	dev_kfree_skb(skb);
3099 	return ret;
3100 }
3101 
3102 int ath11k_wmi_send_set_current_country_cmd(struct ath11k *ar,
3103 					    struct wmi_set_current_country_params *param)
3104 {
3105 	struct ath11k_pdev_wmi *wmi = ar->wmi;
3106 	struct wmi_set_current_country_cmd *cmd;
3107 	struct sk_buff *skb;
3108 	int ret;
3109 
3110 	skb = ath11k_wmi_alloc_skb(wmi->wmi_ab, sizeof(*cmd));
3111 	if (!skb)
3112 		return -ENOMEM;
3113 
3114 	cmd = (struct wmi_set_current_country_cmd *)skb->data;
3115 	cmd->tlv_header =
3116 		FIELD_PREP(WMI_TLV_TAG, WMI_TAG_SET_CURRENT_COUNTRY_CMD) |
3117 		FIELD_PREP(WMI_TLV_LEN, sizeof(*cmd) - TLV_HDR_SIZE);
3118 
3119 	cmd->pdev_id = ar->pdev->pdev_id;
3120 	memcpy(&cmd->new_alpha2, &param->alpha2, 3);
3121 
3122 	ret = ath11k_wmi_cmd_send(wmi, skb, WMI_SET_CURRENT_COUNTRY_CMDID);
3123 	if (ret) {
3124 		ath11k_warn(ar->ab,
3125 			    "failed to send WMI_SET_CURRENT_COUNTRY_CMDID: %d\n", ret);
3126 		dev_kfree_skb(skb);
3127 	}
3128 
3129 	ath11k_dbg(ar->ab, ATH11K_DBG_WMI,
3130 		   "cmd set current country pdev id %d alpha2 %c%c\n",
3131 		   ar->pdev->pdev_id,
3132 		   param->alpha2[0],
3133 		   param->alpha2[1]);
3134 
3135 	return ret;
3136 }
3137 
3138 int
3139 ath11k_wmi_send_thermal_mitigation_param_cmd(struct ath11k *ar,
3140 					     struct thermal_mitigation_params *param)
3141 {
3142 	struct ath11k_pdev_wmi *wmi = ar->wmi;
3143 	struct wmi_therm_throt_config_request_cmd *cmd;
3144 	struct wmi_therm_throt_level_config_info *lvl_conf;
3145 	struct wmi_tlv *tlv;
3146 	struct sk_buff *skb;
3147 	int i, ret, len;
3148 
3149 	len = sizeof(*cmd) + TLV_HDR_SIZE +
3150 	      THERMAL_LEVELS * sizeof(struct wmi_therm_throt_level_config_info);
3151 
3152 	skb = ath11k_wmi_alloc_skb(wmi->wmi_ab, len);
3153 	if (!skb)
3154 		return -ENOMEM;
3155 
3156 	cmd = (struct wmi_therm_throt_config_request_cmd *)skb->data;
3157 
3158 	cmd->tlv_header = FIELD_PREP(WMI_TLV_TAG, WMI_TAG_THERM_THROT_CONFIG_REQUEST) |
3159 			  FIELD_PREP(WMI_TLV_LEN, sizeof(*cmd) - TLV_HDR_SIZE);
3160 
3161 	cmd->pdev_id = ar->pdev->pdev_id;
3162 	cmd->enable = param->enable;
3163 	cmd->dc = param->dc;
3164 	cmd->dc_per_event = param->dc_per_event;
3165 	cmd->therm_throt_levels = THERMAL_LEVELS;
3166 
3167 	tlv = (struct wmi_tlv *)(skb->data + sizeof(*cmd));
3168 	tlv->header = FIELD_PREP(WMI_TLV_TAG, WMI_TAG_ARRAY_STRUCT) |
3169 		      FIELD_PREP(WMI_TLV_LEN,
3170 				 (THERMAL_LEVELS *
3171 				  sizeof(struct wmi_therm_throt_level_config_info)));
3172 
3173 	lvl_conf = (struct wmi_therm_throt_level_config_info *)(skb->data +
3174 								sizeof(*cmd) +
3175 								TLV_HDR_SIZE);
3176 	for (i = 0; i < THERMAL_LEVELS; i++) {
3177 		lvl_conf->tlv_header =
3178 			FIELD_PREP(WMI_TLV_TAG, WMI_TAG_THERM_THROT_LEVEL_CONFIG_INFO) |
3179 			FIELD_PREP(WMI_TLV_LEN, sizeof(*lvl_conf) - TLV_HDR_SIZE);
3180 
3181 		lvl_conf->temp_lwm = param->levelconf[i].tmplwm;
3182 		lvl_conf->temp_hwm = param->levelconf[i].tmphwm;
3183 		lvl_conf->dc_off_percent = param->levelconf[i].dcoffpercent;
3184 		lvl_conf->prio = param->levelconf[i].priority;
3185 		lvl_conf++;
3186 	}
3187 
3188 	ret = ath11k_wmi_cmd_send(wmi, skb, WMI_THERM_THROT_SET_CONF_CMDID);
3189 	if (ret) {
3190 		ath11k_warn(ar->ab, "failed to send THERM_THROT_SET_CONF cmd\n");
3191 		dev_kfree_skb(skb);
3192 	}
3193 
3194 	ath11k_dbg(ar->ab, ATH11K_DBG_WMI,
3195 		   "cmd therm throt set conf pdev_id %d enable %d dc %d dc_per_event %x levels %d\n",
3196 		   ar->pdev->pdev_id, param->enable, param->dc,
3197 		   param->dc_per_event, THERMAL_LEVELS);
3198 
3199 	return ret;
3200 }
3201 
3202 int ath11k_wmi_send_11d_scan_start_cmd(struct ath11k *ar,
3203 				       struct wmi_11d_scan_start_params *param)
3204 {
3205 	struct ath11k_pdev_wmi *wmi = ar->wmi;
3206 	struct wmi_11d_scan_start_cmd *cmd;
3207 	struct sk_buff *skb;
3208 	int ret;
3209 
3210 	skb = ath11k_wmi_alloc_skb(wmi->wmi_ab, sizeof(*cmd));
3211 	if (!skb)
3212 		return -ENOMEM;
3213 
3214 	cmd = (struct wmi_11d_scan_start_cmd *)skb->data;
3215 	cmd->tlv_header =
3216 		FIELD_PREP(WMI_TLV_TAG, WMI_TAG_11D_SCAN_START_CMD) |
3217 		FIELD_PREP(WMI_TLV_LEN, sizeof(*cmd) - TLV_HDR_SIZE);
3218 
3219 	cmd->vdev_id = param->vdev_id;
3220 	cmd->scan_period_msec = param->scan_period_msec;
3221 	cmd->start_interval_msec = param->start_interval_msec;
3222 
3223 	ret = ath11k_wmi_cmd_send(wmi, skb, WMI_11D_SCAN_START_CMDID);
3224 	if (ret) {
3225 		ath11k_warn(ar->ab,
3226 			    "failed to send WMI_11D_SCAN_START_CMDID: %d\n", ret);
3227 		dev_kfree_skb(skb);
3228 	}
3229 
3230 	ath11k_dbg(ar->ab, ATH11K_DBG_WMI,
3231 		   "cmd 11d scan start vdev id %d period %d ms internal %d ms\n",
3232 		   cmd->vdev_id,
3233 		   cmd->scan_period_msec,
3234 		   cmd->start_interval_msec);
3235 
3236 	return ret;
3237 }
3238 
3239 int ath11k_wmi_send_11d_scan_stop_cmd(struct ath11k *ar, u32 vdev_id)
3240 {
3241 	struct ath11k_pdev_wmi *wmi = ar->wmi;
3242 	struct wmi_11d_scan_stop_cmd *cmd;
3243 	struct sk_buff *skb;
3244 	int ret;
3245 
3246 	skb = ath11k_wmi_alloc_skb(wmi->wmi_ab, sizeof(*cmd));
3247 	if (!skb)
3248 		return -ENOMEM;
3249 
3250 	cmd = (struct wmi_11d_scan_stop_cmd *)skb->data;
3251 	cmd->tlv_header =
3252 		FIELD_PREP(WMI_TLV_TAG, WMI_TAG_11D_SCAN_STOP_CMD) |
3253 		FIELD_PREP(WMI_TLV_LEN, sizeof(*cmd) - TLV_HDR_SIZE);
3254 
3255 	cmd->vdev_id = vdev_id;
3256 
3257 	ret = ath11k_wmi_cmd_send(wmi, skb, WMI_11D_SCAN_STOP_CMDID);
3258 	if (ret) {
3259 		ath11k_warn(ar->ab,
3260 			    "failed to send WMI_11D_SCAN_STOP_CMDID: %d\n", ret);
3261 		dev_kfree_skb(skb);
3262 	}
3263 
3264 	ath11k_dbg(ar->ab, ATH11K_DBG_WMI,
3265 		   "cmd 11d scan stop vdev id %d\n",
3266 		   cmd->vdev_id);
3267 
3268 	return ret;
3269 }
3270 
3271 int ath11k_wmi_pdev_pktlog_enable(struct ath11k *ar, u32 pktlog_filter)
3272 {
3273 	struct ath11k_pdev_wmi *wmi = ar->wmi;
3274 	struct wmi_pktlog_enable_cmd *cmd;
3275 	struct sk_buff *skb;
3276 	int ret;
3277 
3278 	skb = ath11k_wmi_alloc_skb(wmi->wmi_ab, sizeof(*cmd));
3279 	if (!skb)
3280 		return -ENOMEM;
3281 
3282 	cmd = (struct wmi_pktlog_enable_cmd *)skb->data;
3283 
3284 	cmd->tlv_header = FIELD_PREP(WMI_TLV_TAG, WMI_TAG_PDEV_PKTLOG_ENABLE_CMD) |
3285 			  FIELD_PREP(WMI_TLV_LEN, sizeof(*cmd) - TLV_HDR_SIZE);
3286 
3287 	cmd->pdev_id = DP_HW2SW_MACID(ar->pdev->pdev_id);
3288 	cmd->evlist = pktlog_filter;
3289 	cmd->enable = ATH11K_WMI_PKTLOG_ENABLE_FORCE;
3290 
3291 	ret = ath11k_wmi_cmd_send(wmi, skb,
3292 				  WMI_PDEV_PKTLOG_ENABLE_CMDID);
3293 	if (ret) {
3294 		ath11k_warn(ar->ab, "failed to send WMI_PDEV_PKTLOG_ENABLE_CMDID\n");
3295 		dev_kfree_skb(skb);
3296 	}
3297 
3298 	ath11k_dbg(ar->ab, ATH11K_DBG_WMI, "cmd pdev pktlog enable");
3299 
3300 	return ret;
3301 }
3302 
3303 int ath11k_wmi_pdev_pktlog_disable(struct ath11k *ar)
3304 {
3305 	struct ath11k_pdev_wmi *wmi = ar->wmi;
3306 	struct wmi_pktlog_disable_cmd *cmd;
3307 	struct sk_buff *skb;
3308 	int ret;
3309 
3310 	skb = ath11k_wmi_alloc_skb(wmi->wmi_ab, sizeof(*cmd));
3311 	if (!skb)
3312 		return -ENOMEM;
3313 
3314 	cmd = (struct wmi_pktlog_disable_cmd *)skb->data;
3315 
3316 	cmd->tlv_header = FIELD_PREP(WMI_TLV_TAG, WMI_TAG_PDEV_PKTLOG_DISABLE_CMD) |
3317 			  FIELD_PREP(WMI_TLV_LEN, sizeof(*cmd) - TLV_HDR_SIZE);
3318 
3319 	cmd->pdev_id = DP_HW2SW_MACID(ar->pdev->pdev_id);
3320 
3321 	ret = ath11k_wmi_cmd_send(wmi, skb,
3322 				  WMI_PDEV_PKTLOG_DISABLE_CMDID);
3323 	if (ret) {
3324 		ath11k_warn(ar->ab, "failed to send WMI_PDEV_PKTLOG_ENABLE_CMDID\n");
3325 		dev_kfree_skb(skb);
3326 	}
3327 
3328 	ath11k_dbg(ar->ab, ATH11K_DBG_WMI, "cmd pdev pktlog disable");
3329 
3330 	return ret;
3331 }
3332 
3333 void ath11k_wmi_fill_default_twt_params(struct wmi_twt_enable_params *twt_params)
3334 {
3335 	twt_params->sta_cong_timer_ms = ATH11K_TWT_DEF_STA_CONG_TIMER_MS;
3336 	twt_params->default_slot_size = ATH11K_TWT_DEF_DEFAULT_SLOT_SIZE;
3337 	twt_params->congestion_thresh_setup = ATH11K_TWT_DEF_CONGESTION_THRESH_SETUP;
3338 	twt_params->congestion_thresh_teardown =
3339 		ATH11K_TWT_DEF_CONGESTION_THRESH_TEARDOWN;
3340 	twt_params->congestion_thresh_critical =
3341 		ATH11K_TWT_DEF_CONGESTION_THRESH_CRITICAL;
3342 	twt_params->interference_thresh_teardown =
3343 		ATH11K_TWT_DEF_INTERFERENCE_THRESH_TEARDOWN;
3344 	twt_params->interference_thresh_setup =
3345 		ATH11K_TWT_DEF_INTERFERENCE_THRESH_SETUP;
3346 	twt_params->min_no_sta_setup = ATH11K_TWT_DEF_MIN_NO_STA_SETUP;
3347 	twt_params->min_no_sta_teardown = ATH11K_TWT_DEF_MIN_NO_STA_TEARDOWN;
3348 	twt_params->no_of_bcast_mcast_slots = ATH11K_TWT_DEF_NO_OF_BCAST_MCAST_SLOTS;
3349 	twt_params->min_no_twt_slots = ATH11K_TWT_DEF_MIN_NO_TWT_SLOTS;
3350 	twt_params->max_no_sta_twt = ATH11K_TWT_DEF_MAX_NO_STA_TWT;
3351 	twt_params->mode_check_interval = ATH11K_TWT_DEF_MODE_CHECK_INTERVAL;
3352 	twt_params->add_sta_slot_interval = ATH11K_TWT_DEF_ADD_STA_SLOT_INTERVAL;
3353 	twt_params->remove_sta_slot_interval =
3354 		ATH11K_TWT_DEF_REMOVE_STA_SLOT_INTERVAL;
3355 	/* TODO add MBSSID support */
3356 	twt_params->mbss_support = 0;
3357 }
3358 
3359 int ath11k_wmi_send_twt_enable_cmd(struct ath11k *ar, u32 pdev_id,
3360 				   struct wmi_twt_enable_params *params)
3361 {
3362 	struct ath11k_pdev_wmi *wmi = ar->wmi;
3363 	struct ath11k_base *ab = wmi->wmi_ab->ab;
3364 	struct wmi_twt_enable_params_cmd *cmd;
3365 	struct sk_buff *skb;
3366 	int ret, len;
3367 
3368 	len = sizeof(*cmd);
3369 
3370 	skb = ath11k_wmi_alloc_skb(wmi->wmi_ab, len);
3371 	if (!skb)
3372 		return -ENOMEM;
3373 
3374 	cmd = (struct wmi_twt_enable_params_cmd *)skb->data;
3375 	cmd->tlv_header = FIELD_PREP(WMI_TLV_TAG, WMI_TAG_TWT_ENABLE_CMD) |
3376 			  FIELD_PREP(WMI_TLV_LEN, len - TLV_HDR_SIZE);
3377 	cmd->pdev_id = pdev_id;
3378 	cmd->sta_cong_timer_ms = params->sta_cong_timer_ms;
3379 	cmd->default_slot_size = params->default_slot_size;
3380 	cmd->congestion_thresh_setup = params->congestion_thresh_setup;
3381 	cmd->congestion_thresh_teardown = params->congestion_thresh_teardown;
3382 	cmd->congestion_thresh_critical = params->congestion_thresh_critical;
3383 	cmd->interference_thresh_teardown = params->interference_thresh_teardown;
3384 	cmd->interference_thresh_setup = params->interference_thresh_setup;
3385 	cmd->min_no_sta_setup = params->min_no_sta_setup;
3386 	cmd->min_no_sta_teardown = params->min_no_sta_teardown;
3387 	cmd->no_of_bcast_mcast_slots = params->no_of_bcast_mcast_slots;
3388 	cmd->min_no_twt_slots = params->min_no_twt_slots;
3389 	cmd->max_no_sta_twt = params->max_no_sta_twt;
3390 	cmd->mode_check_interval = params->mode_check_interval;
3391 	cmd->add_sta_slot_interval = params->add_sta_slot_interval;
3392 	cmd->remove_sta_slot_interval = params->remove_sta_slot_interval;
3393 	cmd->mbss_support = params->mbss_support;
3394 
3395 	ret = ath11k_wmi_cmd_send(wmi, skb, WMI_TWT_ENABLE_CMDID);
3396 	if (ret) {
3397 		ath11k_warn(ab, "Failed to send WMI_TWT_ENABLE_CMDID");
3398 		dev_kfree_skb(skb);
3399 		return ret;
3400 	}
3401 
3402 	ar->twt_enabled = 1;
3403 
3404 	ath11k_dbg(ab, ATH11K_DBG_WMI, "cmd twt enable");
3405 
3406 	return 0;
3407 }
3408 
3409 int
3410 ath11k_wmi_send_twt_disable_cmd(struct ath11k *ar, u32 pdev_id)
3411 {
3412 	struct ath11k_pdev_wmi *wmi = ar->wmi;
3413 	struct ath11k_base *ab = wmi->wmi_ab->ab;
3414 	struct wmi_twt_disable_params_cmd *cmd;
3415 	struct sk_buff *skb;
3416 	int ret, len;
3417 
3418 	len = sizeof(*cmd);
3419 
3420 	skb = ath11k_wmi_alloc_skb(wmi->wmi_ab, len);
3421 	if (!skb)
3422 		return -ENOMEM;
3423 
3424 	cmd = (struct wmi_twt_disable_params_cmd *)skb->data;
3425 	cmd->tlv_header = FIELD_PREP(WMI_TLV_TAG, WMI_TAG_TWT_DISABLE_CMD) |
3426 			  FIELD_PREP(WMI_TLV_LEN, len - TLV_HDR_SIZE);
3427 	cmd->pdev_id = pdev_id;
3428 
3429 	ret = ath11k_wmi_cmd_send(wmi, skb, WMI_TWT_DISABLE_CMDID);
3430 	if (ret) {
3431 		ath11k_warn(ab, "Failed to send WMI_TWT_DISABLE_CMDID");
3432 		dev_kfree_skb(skb);
3433 		return ret;
3434 	}
3435 
3436 	ath11k_dbg(ab, ATH11K_DBG_WMI, "cmd twt disable");
3437 
3438 	ar->twt_enabled = 0;
3439 
3440 	return 0;
3441 }
3442 
3443 int ath11k_wmi_send_twt_add_dialog_cmd(struct ath11k *ar,
3444 				       struct wmi_twt_add_dialog_params *params)
3445 {
3446 	struct ath11k_pdev_wmi *wmi = ar->wmi;
3447 	struct ath11k_base *ab = wmi->wmi_ab->ab;
3448 	struct wmi_twt_add_dialog_params_cmd *cmd;
3449 	struct sk_buff *skb;
3450 	int ret, len;
3451 
3452 	len = sizeof(*cmd);
3453 
3454 	skb = ath11k_wmi_alloc_skb(wmi->wmi_ab, len);
3455 	if (!skb)
3456 		return -ENOMEM;
3457 
3458 	cmd = (struct wmi_twt_add_dialog_params_cmd *)skb->data;
3459 	cmd->tlv_header = FIELD_PREP(WMI_TLV_TAG, WMI_TAG_TWT_ADD_DIALOG_CMD) |
3460 			  FIELD_PREP(WMI_TLV_LEN, len - TLV_HDR_SIZE);
3461 
3462 	cmd->vdev_id = params->vdev_id;
3463 	ether_addr_copy(cmd->peer_macaddr.addr, params->peer_macaddr);
3464 	cmd->dialog_id = params->dialog_id;
3465 	cmd->wake_intvl_us = params->wake_intvl_us;
3466 	cmd->wake_intvl_mantis = params->wake_intvl_mantis;
3467 	cmd->wake_dura_us = params->wake_dura_us;
3468 	cmd->sp_offset_us = params->sp_offset_us;
3469 	cmd->flags = params->twt_cmd;
3470 	if (params->flag_bcast)
3471 		cmd->flags |= WMI_TWT_ADD_DIALOG_FLAG_BCAST;
3472 	if (params->flag_trigger)
3473 		cmd->flags |= WMI_TWT_ADD_DIALOG_FLAG_TRIGGER;
3474 	if (params->flag_flow_type)
3475 		cmd->flags |= WMI_TWT_ADD_DIALOG_FLAG_FLOW_TYPE;
3476 	if (params->flag_protection)
3477 		cmd->flags |= WMI_TWT_ADD_DIALOG_FLAG_PROTECTION;
3478 
3479 	ret = ath11k_wmi_cmd_send(wmi, skb, WMI_TWT_ADD_DIALOG_CMDID);
3480 	if (ret) {
3481 		ath11k_warn(ab,
3482 			    "failed to send wmi command to add twt dialog: %d",
3483 			    ret);
3484 		dev_kfree_skb(skb);
3485 		return ret;
3486 	}
3487 
3488 	ath11k_dbg(ar->ab, ATH11K_DBG_WMI,
3489 		   "cmd twt add dialog vdev %u dialog id %u wake interval %u mantissa %u wake duration %u service period offset %u flags 0x%x\n",
3490 		   cmd->vdev_id, cmd->dialog_id, cmd->wake_intvl_us,
3491 		   cmd->wake_intvl_mantis, cmd->wake_dura_us, cmd->sp_offset_us,
3492 		   cmd->flags);
3493 
3494 	return 0;
3495 }
3496 
3497 int ath11k_wmi_send_twt_del_dialog_cmd(struct ath11k *ar,
3498 				       struct wmi_twt_del_dialog_params *params)
3499 {
3500 	struct ath11k_pdev_wmi *wmi = ar->wmi;
3501 	struct ath11k_base *ab = wmi->wmi_ab->ab;
3502 	struct wmi_twt_del_dialog_params_cmd *cmd;
3503 	struct sk_buff *skb;
3504 	int ret, len;
3505 
3506 	len = sizeof(*cmd);
3507 
3508 	skb = ath11k_wmi_alloc_skb(wmi->wmi_ab, len);
3509 	if (!skb)
3510 		return -ENOMEM;
3511 
3512 	cmd = (struct wmi_twt_del_dialog_params_cmd *)skb->data;
3513 	cmd->tlv_header = FIELD_PREP(WMI_TLV_TAG, WMI_TAG_TWT_DEL_DIALOG_CMD) |
3514 			  FIELD_PREP(WMI_TLV_LEN, len - TLV_HDR_SIZE);
3515 
3516 	cmd->vdev_id = params->vdev_id;
3517 	ether_addr_copy(cmd->peer_macaddr.addr, params->peer_macaddr);
3518 	cmd->dialog_id = params->dialog_id;
3519 
3520 	ret = ath11k_wmi_cmd_send(wmi, skb, WMI_TWT_DEL_DIALOG_CMDID);
3521 	if (ret) {
3522 		ath11k_warn(ab,
3523 			    "failed to send wmi command to delete twt dialog: %d",
3524 			    ret);
3525 		dev_kfree_skb(skb);
3526 		return ret;
3527 	}
3528 
3529 	ath11k_dbg(ar->ab, ATH11K_DBG_WMI,
3530 		   "cmd twt del dialog vdev %u dialog id %u\n",
3531 		   cmd->vdev_id, cmd->dialog_id);
3532 
3533 	return 0;
3534 }
3535 
3536 int ath11k_wmi_send_twt_pause_dialog_cmd(struct ath11k *ar,
3537 					 struct wmi_twt_pause_dialog_params *params)
3538 {
3539 	struct ath11k_pdev_wmi *wmi = ar->wmi;
3540 	struct ath11k_base *ab = wmi->wmi_ab->ab;
3541 	struct wmi_twt_pause_dialog_params_cmd *cmd;
3542 	struct sk_buff *skb;
3543 	int ret, len;
3544 
3545 	len = sizeof(*cmd);
3546 
3547 	skb = ath11k_wmi_alloc_skb(wmi->wmi_ab, len);
3548 	if (!skb)
3549 		return -ENOMEM;
3550 
3551 	cmd = (struct wmi_twt_pause_dialog_params_cmd *)skb->data;
3552 	cmd->tlv_header = FIELD_PREP(WMI_TLV_TAG,
3553 				     WMI_TAG_TWT_PAUSE_DIALOG_CMD) |
3554 			  FIELD_PREP(WMI_TLV_LEN, len - TLV_HDR_SIZE);
3555 
3556 	cmd->vdev_id = params->vdev_id;
3557 	ether_addr_copy(cmd->peer_macaddr.addr, params->peer_macaddr);
3558 	cmd->dialog_id = params->dialog_id;
3559 
3560 	ret = ath11k_wmi_cmd_send(wmi, skb, WMI_TWT_PAUSE_DIALOG_CMDID);
3561 	if (ret) {
3562 		ath11k_warn(ab,
3563 			    "failed to send wmi command to pause twt dialog: %d",
3564 			    ret);
3565 		dev_kfree_skb(skb);
3566 		return ret;
3567 	}
3568 
3569 	ath11k_dbg(ar->ab, ATH11K_DBG_WMI,
3570 		   "cmd twt pause dialog vdev %u dialog id %u\n",
3571 		   cmd->vdev_id, cmd->dialog_id);
3572 
3573 	return 0;
3574 }
3575 
3576 int ath11k_wmi_send_twt_resume_dialog_cmd(struct ath11k *ar,
3577 					  struct wmi_twt_resume_dialog_params *params)
3578 {
3579 	struct ath11k_pdev_wmi *wmi = ar->wmi;
3580 	struct ath11k_base *ab = wmi->wmi_ab->ab;
3581 	struct wmi_twt_resume_dialog_params_cmd *cmd;
3582 	struct sk_buff *skb;
3583 	int ret, len;
3584 
3585 	len = sizeof(*cmd);
3586 
3587 	skb = ath11k_wmi_alloc_skb(wmi->wmi_ab, len);
3588 	if (!skb)
3589 		return -ENOMEM;
3590 
3591 	cmd = (struct wmi_twt_resume_dialog_params_cmd *)skb->data;
3592 	cmd->tlv_header = FIELD_PREP(WMI_TLV_TAG,
3593 				     WMI_TAG_TWT_RESUME_DIALOG_CMD) |
3594 			  FIELD_PREP(WMI_TLV_LEN, len - TLV_HDR_SIZE);
3595 
3596 	cmd->vdev_id = params->vdev_id;
3597 	ether_addr_copy(cmd->peer_macaddr.addr, params->peer_macaddr);
3598 	cmd->dialog_id = params->dialog_id;
3599 	cmd->sp_offset_us = params->sp_offset_us;
3600 	cmd->next_twt_size = params->next_twt_size;
3601 
3602 	ret = ath11k_wmi_cmd_send(wmi, skb, WMI_TWT_RESUME_DIALOG_CMDID);
3603 	if (ret) {
3604 		ath11k_warn(ab,
3605 			    "failed to send wmi command to resume twt dialog: %d",
3606 			    ret);
3607 		dev_kfree_skb(skb);
3608 		return ret;
3609 	}
3610 
3611 	ath11k_dbg(ar->ab, ATH11K_DBG_WMI,
3612 		   "cmd twt resume dialog vdev %u dialog id %u service period offset %u next twt subfield size %u\n",
3613 		   cmd->vdev_id, cmd->dialog_id, cmd->sp_offset_us,
3614 		   cmd->next_twt_size);
3615 
3616 	return 0;
3617 }
3618 
3619 int
3620 ath11k_wmi_send_obss_spr_cmd(struct ath11k *ar, u32 vdev_id,
3621 			     struct ieee80211_he_obss_pd *he_obss_pd)
3622 {
3623 	struct ath11k_pdev_wmi *wmi = ar->wmi;
3624 	struct ath11k_base *ab = wmi->wmi_ab->ab;
3625 	struct wmi_obss_spatial_reuse_params_cmd *cmd;
3626 	struct sk_buff *skb;
3627 	int ret, len;
3628 
3629 	len = sizeof(*cmd);
3630 
3631 	skb = ath11k_wmi_alloc_skb(wmi->wmi_ab, len);
3632 	if (!skb)
3633 		return -ENOMEM;
3634 
3635 	cmd = (struct wmi_obss_spatial_reuse_params_cmd *)skb->data;
3636 	cmd->tlv_header = FIELD_PREP(WMI_TLV_TAG,
3637 				     WMI_TAG_OBSS_SPATIAL_REUSE_SET_CMD) |
3638 			  FIELD_PREP(WMI_TLV_LEN, len - TLV_HDR_SIZE);
3639 	cmd->vdev_id = vdev_id;
3640 	cmd->enable = he_obss_pd->enable;
3641 	cmd->obss_min = he_obss_pd->min_offset;
3642 	cmd->obss_max = he_obss_pd->max_offset;
3643 
3644 	ret = ath11k_wmi_cmd_send(wmi, skb,
3645 				  WMI_PDEV_OBSS_PD_SPATIAL_REUSE_CMDID);
3646 	if (ret) {
3647 		ath11k_warn(ab,
3648 			    "Failed to send WMI_PDEV_OBSS_PD_SPATIAL_REUSE_CMDID");
3649 		dev_kfree_skb(skb);
3650 		return ret;
3651 	}
3652 
3653 	ath11k_dbg(ab, ATH11K_DBG_WMI, "cmd pdev obss pd spatial reuse");
3654 
3655 	return 0;
3656 }
3657 
3658 int
3659 ath11k_wmi_pdev_set_srg_bss_color_bitmap(struct ath11k *ar, u32 *bitmap)
3660 {
3661 	struct ath11k_pdev_wmi *wmi = ar->wmi;
3662 	struct ath11k_base *ab = wmi->wmi_ab->ab;
3663 	struct wmi_pdev_obss_pd_bitmap_cmd *cmd;
3664 	struct sk_buff *skb;
3665 	int ret, len;
3666 
3667 	len = sizeof(*cmd);
3668 
3669 	skb = ath11k_wmi_alloc_skb(wmi->wmi_ab, len);
3670 	if (!skb)
3671 		return -ENOMEM;
3672 
3673 	cmd = (struct wmi_pdev_obss_pd_bitmap_cmd *)skb->data;
3674 	cmd->tlv_header = FIELD_PREP(WMI_TLV_TAG,
3675 				     WMI_TAG_PDEV_SRG_BSS_COLOR_BITMAP_CMD) |
3676 			  FIELD_PREP(WMI_TLV_LEN, len - TLV_HDR_SIZE);
3677 	cmd->pdev_id = ar->pdev->pdev_id;
3678 	memcpy(cmd->bitmap, bitmap, sizeof(cmd->bitmap));
3679 
3680 	ret = ath11k_wmi_cmd_send(wmi, skb,
3681 				  WMI_PDEV_SET_SRG_BSS_COLOR_BITMAP_CMDID);
3682 	if (ret) {
3683 		ath11k_warn(ab,
3684 			    "failed to send WMI_PDEV_SET_SRG_BSS_COLOR_BITMAP_CMDID");
3685 		dev_kfree_skb(skb);
3686 		return ret;
3687 	}
3688 
3689 	ath11k_dbg(ar->ab, ATH11K_DBG_WMI,
3690 		   "cmd pdev set srg bss color bitmap pdev_id %d bss color bitmap %08x %08x\n",
3691 		   cmd->pdev_id, cmd->bitmap[0], cmd->bitmap[1]);
3692 
3693 	return 0;
3694 }
3695 
3696 int
3697 ath11k_wmi_pdev_set_srg_patial_bssid_bitmap(struct ath11k *ar, u32 *bitmap)
3698 {
3699 	struct ath11k_pdev_wmi *wmi = ar->wmi;
3700 	struct ath11k_base *ab = wmi->wmi_ab->ab;
3701 	struct wmi_pdev_obss_pd_bitmap_cmd *cmd;
3702 	struct sk_buff *skb;
3703 	int ret, len;
3704 
3705 	len = sizeof(*cmd);
3706 
3707 	skb = ath11k_wmi_alloc_skb(wmi->wmi_ab, len);
3708 	if (!skb)
3709 		return -ENOMEM;
3710 
3711 	cmd = (struct wmi_pdev_obss_pd_bitmap_cmd *)skb->data;
3712 	cmd->tlv_header =
3713 		FIELD_PREP(WMI_TLV_TAG,
3714 			   WMI_TAG_PDEV_SRG_PARTIAL_BSSID_BITMAP_CMD) |
3715 		FIELD_PREP(WMI_TLV_LEN, len - TLV_HDR_SIZE);
3716 	cmd->pdev_id = ar->pdev->pdev_id;
3717 	memcpy(cmd->bitmap, bitmap, sizeof(cmd->bitmap));
3718 
3719 	ret = ath11k_wmi_cmd_send(wmi, skb,
3720 				  WMI_PDEV_SET_SRG_PARTIAL_BSSID_BITMAP_CMDID);
3721 	if (ret) {
3722 		ath11k_warn(ab,
3723 			    "failed to send WMI_PDEV_SET_SRG_PARTIAL_BSSID_BITMAP_CMDID");
3724 		dev_kfree_skb(skb);
3725 		return ret;
3726 	}
3727 
3728 	ath11k_dbg(ar->ab, ATH11K_DBG_WMI,
3729 		   "cmd pdev set srg partial bssid bitmap pdev_id %d partial bssid bitmap %08x %08x\n",
3730 		   cmd->pdev_id, cmd->bitmap[0], cmd->bitmap[1]);
3731 
3732 	return 0;
3733 }
3734 
3735 int
3736 ath11k_wmi_pdev_srg_obss_color_enable_bitmap(struct ath11k *ar, u32 *bitmap)
3737 {
3738 	struct ath11k_pdev_wmi *wmi = ar->wmi;
3739 	struct ath11k_base *ab = wmi->wmi_ab->ab;
3740 	struct wmi_pdev_obss_pd_bitmap_cmd *cmd;
3741 	struct sk_buff *skb;
3742 	int ret, len;
3743 
3744 	len = sizeof(*cmd);
3745 
3746 	skb = ath11k_wmi_alloc_skb(wmi->wmi_ab, len);
3747 	if (!skb)
3748 		return -ENOMEM;
3749 
3750 	cmd = (struct wmi_pdev_obss_pd_bitmap_cmd *)skb->data;
3751 	cmd->tlv_header =
3752 		FIELD_PREP(WMI_TLV_TAG,
3753 			   WMI_TAG_PDEV_SRG_OBSS_COLOR_ENABLE_BITMAP_CMD) |
3754 		FIELD_PREP(WMI_TLV_LEN, len - TLV_HDR_SIZE);
3755 	cmd->pdev_id = ar->pdev->pdev_id;
3756 	memcpy(cmd->bitmap, bitmap, sizeof(cmd->bitmap));
3757 
3758 	ret = ath11k_wmi_cmd_send(wmi, skb,
3759 				  WMI_PDEV_SET_SRG_OBSS_COLOR_ENABLE_BITMAP_CMDID);
3760 	if (ret) {
3761 		ath11k_warn(ab,
3762 			    "failed to send WMI_PDEV_SET_SRG_OBSS_COLOR_ENABLE_BITMAP_CMDID");
3763 		dev_kfree_skb(skb);
3764 		return ret;
3765 	}
3766 
3767 	ath11k_dbg(ar->ab, ATH11K_DBG_WMI,
3768 		   "cmd pdev set srg obsscolor enable pdev_id %d bss color enable bitmap %08x %08x\n",
3769 		   cmd->pdev_id, cmd->bitmap[0], cmd->bitmap[1]);
3770 
3771 	return 0;
3772 }
3773 
3774 int
3775 ath11k_wmi_pdev_srg_obss_bssid_enable_bitmap(struct ath11k *ar, u32 *bitmap)
3776 {
3777 	struct ath11k_pdev_wmi *wmi = ar->wmi;
3778 	struct ath11k_base *ab = wmi->wmi_ab->ab;
3779 	struct wmi_pdev_obss_pd_bitmap_cmd *cmd;
3780 	struct sk_buff *skb;
3781 	int ret, len;
3782 
3783 	len = sizeof(*cmd);
3784 
3785 	skb = ath11k_wmi_alloc_skb(wmi->wmi_ab, len);
3786 	if (!skb)
3787 		return -ENOMEM;
3788 
3789 	cmd = (struct wmi_pdev_obss_pd_bitmap_cmd *)skb->data;
3790 	cmd->tlv_header =
3791 		FIELD_PREP(WMI_TLV_TAG,
3792 			   WMI_TAG_PDEV_SRG_OBSS_BSSID_ENABLE_BITMAP_CMD) |
3793 		FIELD_PREP(WMI_TLV_LEN, len - TLV_HDR_SIZE);
3794 	cmd->pdev_id = ar->pdev->pdev_id;
3795 	memcpy(cmd->bitmap, bitmap, sizeof(cmd->bitmap));
3796 
3797 	ret = ath11k_wmi_cmd_send(wmi, skb,
3798 				  WMI_PDEV_SET_SRG_OBSS_BSSID_ENABLE_BITMAP_CMDID);
3799 	if (ret) {
3800 		ath11k_warn(ab,
3801 			    "failed to send WMI_PDEV_SET_SRG_OBSS_BSSID_ENABLE_BITMAP_CMDID");
3802 		dev_kfree_skb(skb);
3803 		return ret;
3804 	}
3805 
3806 	ath11k_dbg(ar->ab, ATH11K_DBG_WMI,
3807 		   "cmd pdev set srg obss bssid enable bitmap pdev_id %d bssid enable bitmap %08x %08x\n",
3808 		   cmd->pdev_id, cmd->bitmap[0], cmd->bitmap[1]);
3809 
3810 	return 0;
3811 }
3812 
3813 int
3814 ath11k_wmi_pdev_non_srg_obss_color_enable_bitmap(struct ath11k *ar, u32 *bitmap)
3815 {
3816 	struct ath11k_pdev_wmi *wmi = ar->wmi;
3817 	struct ath11k_base *ab = wmi->wmi_ab->ab;
3818 	struct wmi_pdev_obss_pd_bitmap_cmd *cmd;
3819 	struct sk_buff *skb;
3820 	int ret, len;
3821 
3822 	len = sizeof(*cmd);
3823 
3824 	skb = ath11k_wmi_alloc_skb(wmi->wmi_ab, len);
3825 	if (!skb)
3826 		return -ENOMEM;
3827 
3828 	cmd = (struct wmi_pdev_obss_pd_bitmap_cmd *)skb->data;
3829 	cmd->tlv_header =
3830 		FIELD_PREP(WMI_TLV_TAG,
3831 			   WMI_TAG_PDEV_NON_SRG_OBSS_COLOR_ENABLE_BITMAP_CMD) |
3832 		FIELD_PREP(WMI_TLV_LEN, len - TLV_HDR_SIZE);
3833 	cmd->pdev_id = ar->pdev->pdev_id;
3834 	memcpy(cmd->bitmap, bitmap, sizeof(cmd->bitmap));
3835 
3836 	ret = ath11k_wmi_cmd_send(wmi, skb,
3837 				  WMI_PDEV_SET_NON_SRG_OBSS_COLOR_ENABLE_BITMAP_CMDID);
3838 	if (ret) {
3839 		ath11k_warn(ab,
3840 			    "failed to send WMI_PDEV_SET_NON_SRG_OBSS_COLOR_ENABLE_BITMAP_CMDID");
3841 		dev_kfree_skb(skb);
3842 		return ret;
3843 	}
3844 
3845 	ath11k_dbg(ar->ab, ATH11K_DBG_WMI,
3846 		   "cmd pdev set non srg obss color enable bitmap pdev_id %d bss color enable bitmap %08x %08x\n",
3847 		   cmd->pdev_id, cmd->bitmap[0], cmd->bitmap[1]);
3848 
3849 	return 0;
3850 }
3851 
3852 int
3853 ath11k_wmi_pdev_non_srg_obss_bssid_enable_bitmap(struct ath11k *ar, u32 *bitmap)
3854 {
3855 	struct ath11k_pdev_wmi *wmi = ar->wmi;
3856 	struct ath11k_base *ab = wmi->wmi_ab->ab;
3857 	struct wmi_pdev_obss_pd_bitmap_cmd *cmd;
3858 	struct sk_buff *skb;
3859 	int ret, len;
3860 
3861 	len = sizeof(*cmd);
3862 
3863 	skb = ath11k_wmi_alloc_skb(wmi->wmi_ab, len);
3864 	if (!skb)
3865 		return -ENOMEM;
3866 
3867 	cmd = (struct wmi_pdev_obss_pd_bitmap_cmd *)skb->data;
3868 	cmd->tlv_header =
3869 		FIELD_PREP(WMI_TLV_TAG,
3870 			   WMI_TAG_PDEV_NON_SRG_OBSS_BSSID_ENABLE_BITMAP_CMD) |
3871 		FIELD_PREP(WMI_TLV_LEN, len - TLV_HDR_SIZE);
3872 	cmd->pdev_id = ar->pdev->pdev_id;
3873 	memcpy(cmd->bitmap, bitmap, sizeof(cmd->bitmap));
3874 
3875 	ret = ath11k_wmi_cmd_send(wmi, skb,
3876 				  WMI_PDEV_SET_NON_SRG_OBSS_BSSID_ENABLE_BITMAP_CMDID);
3877 	if (ret) {
3878 		ath11k_warn(ab,
3879 			    "failed to send WMI_PDEV_SET_NON_SRG_OBSS_BSSID_ENABLE_BITMAP_CMDID");
3880 		dev_kfree_skb(skb);
3881 		return ret;
3882 	}
3883 
3884 	ath11k_dbg(ar->ab, ATH11K_DBG_WMI,
3885 		   "cmd pdev set non srg obss bssid enable bitmap pdev_id %d bssid enable bitmap %08x %08x\n",
3886 		   cmd->pdev_id, cmd->bitmap[0], cmd->bitmap[1]);
3887 
3888 	return 0;
3889 }
3890 
3891 int
3892 ath11k_wmi_send_obss_color_collision_cfg_cmd(struct ath11k *ar, u32 vdev_id,
3893 					     u8 bss_color, u32 period,
3894 					     bool enable)
3895 {
3896 	struct ath11k_pdev_wmi *wmi = ar->wmi;
3897 	struct ath11k_base *ab = wmi->wmi_ab->ab;
3898 	struct wmi_obss_color_collision_cfg_params_cmd *cmd;
3899 	struct sk_buff *skb;
3900 	int ret, len;
3901 
3902 	len = sizeof(*cmd);
3903 
3904 	skb = ath11k_wmi_alloc_skb(wmi->wmi_ab, len);
3905 	if (!skb)
3906 		return -ENOMEM;
3907 
3908 	cmd = (struct wmi_obss_color_collision_cfg_params_cmd *)skb->data;
3909 	cmd->tlv_header = FIELD_PREP(WMI_TLV_TAG,
3910 				     WMI_TAG_OBSS_COLOR_COLLISION_DET_CONFIG) |
3911 			  FIELD_PREP(WMI_TLV_LEN, len - TLV_HDR_SIZE);
3912 	cmd->vdev_id = vdev_id;
3913 	cmd->evt_type = enable ? ATH11K_OBSS_COLOR_COLLISION_DETECTION :
3914 				 ATH11K_OBSS_COLOR_COLLISION_DETECTION_DISABLE;
3915 	cmd->current_bss_color = bss_color;
3916 	cmd->detection_period_ms = period;
3917 	cmd->scan_period_ms = ATH11K_BSS_COLOR_COLLISION_SCAN_PERIOD_MS;
3918 	cmd->free_slot_expiry_time_ms = 0;
3919 	cmd->flags = 0;
3920 
3921 	ret = ath11k_wmi_cmd_send(wmi, skb,
3922 				  WMI_OBSS_COLOR_COLLISION_DET_CONFIG_CMDID);
3923 	if (ret) {
3924 		ath11k_warn(ab, "Failed to send WMI_OBSS_COLOR_COLLISION_DET_CONFIG_CMDID");
3925 		dev_kfree_skb(skb);
3926 		return ret;
3927 	}
3928 
3929 	ath11k_dbg(ar->ab, ATH11K_DBG_WMI,
3930 		   "cmd obss color collision det config id %d type %d bss_color %d detect_period %d scan_period %d\n",
3931 		   cmd->vdev_id, cmd->evt_type, cmd->current_bss_color,
3932 		   cmd->detection_period_ms, cmd->scan_period_ms);
3933 
3934 	return 0;
3935 }
3936 
3937 int ath11k_wmi_send_bss_color_change_enable_cmd(struct ath11k *ar, u32 vdev_id,
3938 						bool enable)
3939 {
3940 	struct ath11k_pdev_wmi *wmi = ar->wmi;
3941 	struct ath11k_base *ab = wmi->wmi_ab->ab;
3942 	struct wmi_bss_color_change_enable_params_cmd *cmd;
3943 	struct sk_buff *skb;
3944 	int ret, len;
3945 
3946 	len = sizeof(*cmd);
3947 
3948 	skb = ath11k_wmi_alloc_skb(wmi->wmi_ab, len);
3949 	if (!skb)
3950 		return -ENOMEM;
3951 
3952 	cmd = (struct wmi_bss_color_change_enable_params_cmd *)skb->data;
3953 	cmd->tlv_header = FIELD_PREP(WMI_TLV_TAG, WMI_TAG_BSS_COLOR_CHANGE_ENABLE) |
3954 			  FIELD_PREP(WMI_TLV_LEN, len - TLV_HDR_SIZE);
3955 	cmd->vdev_id = vdev_id;
3956 	cmd->enable = enable ? 1 : 0;
3957 
3958 	ret = ath11k_wmi_cmd_send(wmi, skb,
3959 				  WMI_BSS_COLOR_CHANGE_ENABLE_CMDID);
3960 	if (ret) {
3961 		ath11k_warn(ab, "Failed to send WMI_BSS_COLOR_CHANGE_ENABLE_CMDID");
3962 		dev_kfree_skb(skb);
3963 		return ret;
3964 	}
3965 
3966 	ath11k_dbg(ar->ab, ATH11K_DBG_WMI,
3967 		   "cmd bss color change enable id %d enable %d\n",
3968 		   cmd->vdev_id, cmd->enable);
3969 
3970 	return 0;
3971 }
3972 
3973 int ath11k_wmi_fils_discovery_tmpl(struct ath11k *ar, u32 vdev_id,
3974 				   struct sk_buff *tmpl)
3975 {
3976 	struct wmi_tlv *tlv;
3977 	struct sk_buff *skb;
3978 	void *ptr;
3979 	int ret, len;
3980 	size_t aligned_len;
3981 	struct wmi_fils_discovery_tmpl_cmd *cmd;
3982 
3983 	aligned_len = roundup(tmpl->len, 4);
3984 	len = sizeof(*cmd) + TLV_HDR_SIZE + aligned_len;
3985 
3986 	ath11k_dbg(ar->ab, ATH11K_DBG_WMI,
3987 		   "vdev %i set FILS discovery template\n", vdev_id);
3988 
3989 	skb = ath11k_wmi_alloc_skb(ar->wmi->wmi_ab, len);
3990 	if (!skb)
3991 		return -ENOMEM;
3992 
3993 	cmd = (struct wmi_fils_discovery_tmpl_cmd *)skb->data;
3994 	cmd->tlv_header = FIELD_PREP(WMI_TLV_TAG,
3995 				     WMI_TAG_FILS_DISCOVERY_TMPL_CMD) |
3996 			  FIELD_PREP(WMI_TLV_LEN, sizeof(*cmd) - TLV_HDR_SIZE);
3997 	cmd->vdev_id = vdev_id;
3998 	cmd->buf_len = tmpl->len;
3999 	ptr = skb->data + sizeof(*cmd);
4000 
4001 	tlv = ptr;
4002 	tlv->header = FIELD_PREP(WMI_TLV_TAG, WMI_TAG_ARRAY_BYTE) |
4003 		      FIELD_PREP(WMI_TLV_LEN, aligned_len);
4004 	memcpy(tlv->value, tmpl->data, tmpl->len);
4005 
4006 	ret = ath11k_wmi_cmd_send(ar->wmi, skb, WMI_FILS_DISCOVERY_TMPL_CMDID);
4007 	if (ret) {
4008 		ath11k_warn(ar->ab,
4009 			    "WMI vdev %i failed to send FILS discovery template command\n",
4010 			    vdev_id);
4011 		dev_kfree_skb(skb);
4012 		return ret;
4013 	}
4014 
4015 	ath11k_dbg(ar->ab, ATH11K_DBG_WMI, "cmd fils discovery tmpl");
4016 
4017 	return 0;
4018 }
4019 
4020 int ath11k_wmi_probe_resp_tmpl(struct ath11k *ar, u32 vdev_id,
4021 			       struct sk_buff *tmpl)
4022 {
4023 	struct wmi_probe_tmpl_cmd *cmd;
4024 	struct wmi_bcn_prb_info *probe_info;
4025 	struct wmi_tlv *tlv;
4026 	struct sk_buff *skb;
4027 #if defined(__linux__)
4028 	void *ptr;
4029 #elif defined(__FreeBSD__)
4030 	u8 *ptr;
4031 #endif
4032 	int ret, len;
4033 	size_t aligned_len = roundup(tmpl->len, 4);
4034 
4035 	ath11k_dbg(ar->ab, ATH11K_DBG_WMI,
4036 		   "vdev %i set probe response template\n", vdev_id);
4037 
4038 	len = sizeof(*cmd) + sizeof(*probe_info) + TLV_HDR_SIZE + aligned_len;
4039 
4040 	skb = ath11k_wmi_alloc_skb(ar->wmi->wmi_ab, len);
4041 	if (!skb)
4042 		return -ENOMEM;
4043 
4044 	cmd = (struct wmi_probe_tmpl_cmd *)skb->data;
4045 	cmd->tlv_header = FIELD_PREP(WMI_TLV_TAG, WMI_TAG_PRB_TMPL_CMD) |
4046 			  FIELD_PREP(WMI_TLV_LEN, sizeof(*cmd) - TLV_HDR_SIZE);
4047 	cmd->vdev_id = vdev_id;
4048 	cmd->buf_len = tmpl->len;
4049 
4050 	ptr = skb->data + sizeof(*cmd);
4051 
4052 #if defined(__linux__)
4053 	probe_info = ptr;
4054 #elif defined(__FreeBSD__)
4055 	probe_info = (void *)ptr;
4056 #endif
4057 	len = sizeof(*probe_info);
4058 	probe_info->tlv_header = FIELD_PREP(WMI_TLV_TAG,
4059 					    WMI_TAG_BCN_PRB_INFO) |
4060 				 FIELD_PREP(WMI_TLV_LEN, len - TLV_HDR_SIZE);
4061 	probe_info->caps = 0;
4062 	probe_info->erp = 0;
4063 
4064 	ptr += sizeof(*probe_info);
4065 
4066 #if defined(__linux__)
4067 	tlv = ptr;
4068 #elif defined(__FreeBSD__)
4069 	tlv = (void *)ptr;
4070 #endif
4071 	tlv->header = FIELD_PREP(WMI_TLV_TAG, WMI_TAG_ARRAY_BYTE) |
4072 		      FIELD_PREP(WMI_TLV_LEN, aligned_len);
4073 	memcpy(tlv->value, tmpl->data, tmpl->len);
4074 
4075 	ret = ath11k_wmi_cmd_send(ar->wmi, skb, WMI_PRB_TMPL_CMDID);
4076 	if (ret) {
4077 		ath11k_warn(ar->ab,
4078 			    "WMI vdev %i failed to send probe response template command\n",
4079 			    vdev_id);
4080 		dev_kfree_skb(skb);
4081 		return ret;
4082 	}
4083 
4084 	ath11k_dbg(ar->ab, ATH11K_DBG_WMI, "cmd ");
4085 
4086 	return 0;
4087 }
4088 
4089 int ath11k_wmi_fils_discovery(struct ath11k *ar, u32 vdev_id, u32 interval,
4090 			      bool unsol_bcast_probe_resp_enabled)
4091 {
4092 	struct sk_buff *skb;
4093 	int ret, len;
4094 	struct wmi_fils_discovery_cmd *cmd;
4095 
4096 	ath11k_dbg(ar->ab, ATH11K_DBG_WMI,
4097 		   "vdev %i set %s interval to %u TU\n",
4098 		   vdev_id, unsol_bcast_probe_resp_enabled ?
4099 		   "unsolicited broadcast probe response" : "FILS discovery",
4100 		   interval);
4101 
4102 	len = sizeof(*cmd);
4103 	skb = ath11k_wmi_alloc_skb(ar->wmi->wmi_ab, len);
4104 	if (!skb)
4105 		return -ENOMEM;
4106 
4107 	cmd = (struct wmi_fils_discovery_cmd *)skb->data;
4108 	cmd->tlv_header = FIELD_PREP(WMI_TLV_TAG, WMI_TAG_ENABLE_FILS_CMD) |
4109 			  FIELD_PREP(WMI_TLV_LEN, len - TLV_HDR_SIZE);
4110 	cmd->vdev_id = vdev_id;
4111 	cmd->interval = interval;
4112 	cmd->config = unsol_bcast_probe_resp_enabled;
4113 
4114 	ret = ath11k_wmi_cmd_send(ar->wmi, skb, WMI_ENABLE_FILS_CMDID);
4115 	if (ret) {
4116 		ath11k_warn(ar->ab,
4117 			    "WMI vdev %i failed to send FILS discovery enable/disable command\n",
4118 			    vdev_id);
4119 		dev_kfree_skb(skb);
4120 		return ret;
4121 	}
4122 
4123 	ath11k_dbg(ar->ab, ATH11K_DBG_WMI, "cmd enable fils");
4124 
4125 	return 0;
4126 }
4127 
4128 static void
4129 ath11k_wmi_obss_color_collision_event(struct ath11k_base *ab, struct sk_buff *skb)
4130 {
4131 	const void **tb;
4132 	const struct wmi_obss_color_collision_event *ev;
4133 	struct ath11k_vif *arvif;
4134 	int ret;
4135 
4136 	tb = ath11k_wmi_tlv_parse_alloc(ab, skb->data, skb->len, GFP_ATOMIC);
4137 	if (IS_ERR(tb)) {
4138 		ret = PTR_ERR(tb);
4139 		ath11k_warn(ab, "failed to parse tlv: %d\n", ret);
4140 		return;
4141 	}
4142 
4143 	ath11k_dbg(ab, ATH11K_DBG_WMI, "event obss color collision");
4144 
4145 	rcu_read_lock();
4146 
4147 	ev = tb[WMI_TAG_OBSS_COLOR_COLLISION_EVT];
4148 	if (!ev) {
4149 		ath11k_warn(ab, "failed to fetch obss color collision ev");
4150 		goto exit;
4151 	}
4152 
4153 	arvif = ath11k_mac_get_arvif_by_vdev_id(ab, ev->vdev_id);
4154 	if (!arvif) {
4155 		ath11k_warn(ab, "failed to find arvif with vedv id %d in obss_color_collision_event\n",
4156 			    ev->vdev_id);
4157 		goto exit;
4158 	}
4159 
4160 	switch (ev->evt_type) {
4161 	case WMI_BSS_COLOR_COLLISION_DETECTION:
4162 		ieee80211_obss_color_collision_notify(arvif->vif, ev->obss_color_bitmap,
4163 						      GFP_KERNEL);
4164 		ath11k_dbg(ab, ATH11K_DBG_WMI,
4165 #if defined(__linux__)
4166 			   "OBSS color collision detected vdev:%d, event:%d, bitmap:%08llx\n",
4167 			   ev->vdev_id, ev->evt_type, ev->obss_color_bitmap);
4168 #elif defined(__FreeBSD__)
4169 			   "OBSS color collision detected vdev:%d, event:%d, bitmap:%08jx\n",
4170 			   ev->vdev_id, ev->evt_type, (uintmax_t)ev->obss_color_bitmap);
4171 #endif
4172 		break;
4173 	case WMI_BSS_COLOR_COLLISION_DISABLE:
4174 	case WMI_BSS_COLOR_FREE_SLOT_TIMER_EXPIRY:
4175 	case WMI_BSS_COLOR_FREE_SLOT_AVAILABLE:
4176 		break;
4177 	default:
4178 		ath11k_warn(ab, "received unknown obss color collision detection event\n");
4179 	}
4180 
4181 exit:
4182 	kfree(tb);
4183 	rcu_read_unlock();
4184 }
4185 
4186 static void
4187 ath11k_fill_band_to_mac_param(struct ath11k_base  *soc,
4188 			      struct wmi_host_pdev_band_to_mac *band_to_mac)
4189 {
4190 	u8 i;
4191 	struct ath11k_hal_reg_capabilities_ext *hal_reg_cap;
4192 	struct ath11k_pdev *pdev;
4193 
4194 	for (i = 0; i < soc->num_radios; i++) {
4195 		pdev = &soc->pdevs[i];
4196 		hal_reg_cap = &soc->hal_reg_cap[i];
4197 		band_to_mac[i].pdev_id = pdev->pdev_id;
4198 
4199 		switch (pdev->cap.supported_bands) {
4200 		case WMI_HOST_WLAN_2G_5G_CAP:
4201 			band_to_mac[i].start_freq = hal_reg_cap->low_2ghz_chan;
4202 			band_to_mac[i].end_freq = hal_reg_cap->high_5ghz_chan;
4203 			break;
4204 		case WMI_HOST_WLAN_2G_CAP:
4205 			band_to_mac[i].start_freq = hal_reg_cap->low_2ghz_chan;
4206 			band_to_mac[i].end_freq = hal_reg_cap->high_2ghz_chan;
4207 			break;
4208 		case WMI_HOST_WLAN_5G_CAP:
4209 			band_to_mac[i].start_freq = hal_reg_cap->low_5ghz_chan;
4210 			band_to_mac[i].end_freq = hal_reg_cap->high_5ghz_chan;
4211 			break;
4212 		default:
4213 			break;
4214 		}
4215 	}
4216 }
4217 
4218 static void
4219 ath11k_wmi_copy_resource_config(struct wmi_resource_config *wmi_cfg,
4220 				struct target_resource_config *tg_cfg)
4221 {
4222 	wmi_cfg->num_vdevs = tg_cfg->num_vdevs;
4223 	wmi_cfg->num_peers = tg_cfg->num_peers;
4224 	wmi_cfg->num_offload_peers = tg_cfg->num_offload_peers;
4225 	wmi_cfg->num_offload_reorder_buffs = tg_cfg->num_offload_reorder_buffs;
4226 	wmi_cfg->num_peer_keys = tg_cfg->num_peer_keys;
4227 	wmi_cfg->num_tids = tg_cfg->num_tids;
4228 	wmi_cfg->ast_skid_limit = tg_cfg->ast_skid_limit;
4229 	wmi_cfg->tx_chain_mask = tg_cfg->tx_chain_mask;
4230 	wmi_cfg->rx_chain_mask = tg_cfg->rx_chain_mask;
4231 	wmi_cfg->rx_timeout_pri[0] = tg_cfg->rx_timeout_pri[0];
4232 	wmi_cfg->rx_timeout_pri[1] = tg_cfg->rx_timeout_pri[1];
4233 	wmi_cfg->rx_timeout_pri[2] = tg_cfg->rx_timeout_pri[2];
4234 	wmi_cfg->rx_timeout_pri[3] = tg_cfg->rx_timeout_pri[3];
4235 	wmi_cfg->rx_decap_mode = tg_cfg->rx_decap_mode;
4236 	wmi_cfg->scan_max_pending_req = tg_cfg->scan_max_pending_req;
4237 	wmi_cfg->bmiss_offload_max_vdev = tg_cfg->bmiss_offload_max_vdev;
4238 	wmi_cfg->roam_offload_max_vdev = tg_cfg->roam_offload_max_vdev;
4239 	wmi_cfg->roam_offload_max_ap_profiles =
4240 		tg_cfg->roam_offload_max_ap_profiles;
4241 	wmi_cfg->num_mcast_groups = tg_cfg->num_mcast_groups;
4242 	wmi_cfg->num_mcast_table_elems = tg_cfg->num_mcast_table_elems;
4243 	wmi_cfg->mcast2ucast_mode = tg_cfg->mcast2ucast_mode;
4244 	wmi_cfg->tx_dbg_log_size = tg_cfg->tx_dbg_log_size;
4245 	wmi_cfg->num_wds_entries = tg_cfg->num_wds_entries;
4246 	wmi_cfg->dma_burst_size = tg_cfg->dma_burst_size;
4247 	wmi_cfg->mac_aggr_delim = tg_cfg->mac_aggr_delim;
4248 	wmi_cfg->rx_skip_defrag_timeout_dup_detection_check =
4249 		tg_cfg->rx_skip_defrag_timeout_dup_detection_check;
4250 	wmi_cfg->vow_config = tg_cfg->vow_config;
4251 	wmi_cfg->gtk_offload_max_vdev = tg_cfg->gtk_offload_max_vdev;
4252 	wmi_cfg->num_msdu_desc = tg_cfg->num_msdu_desc;
4253 	wmi_cfg->max_frag_entries = tg_cfg->max_frag_entries;
4254 	wmi_cfg->num_tdls_vdevs = tg_cfg->num_tdls_vdevs;
4255 	wmi_cfg->num_tdls_conn_table_entries =
4256 		tg_cfg->num_tdls_conn_table_entries;
4257 	wmi_cfg->beacon_tx_offload_max_vdev =
4258 		tg_cfg->beacon_tx_offload_max_vdev;
4259 	wmi_cfg->num_multicast_filter_entries =
4260 		tg_cfg->num_multicast_filter_entries;
4261 	wmi_cfg->num_wow_filters = tg_cfg->num_wow_filters;
4262 	wmi_cfg->num_keep_alive_pattern = tg_cfg->num_keep_alive_pattern;
4263 	wmi_cfg->keep_alive_pattern_size = tg_cfg->keep_alive_pattern_size;
4264 	wmi_cfg->max_tdls_concurrent_sleep_sta =
4265 		tg_cfg->max_tdls_concurrent_sleep_sta;
4266 	wmi_cfg->max_tdls_concurrent_buffer_sta =
4267 		tg_cfg->max_tdls_concurrent_buffer_sta;
4268 	wmi_cfg->wmi_send_separate = tg_cfg->wmi_send_separate;
4269 	wmi_cfg->num_ocb_vdevs = tg_cfg->num_ocb_vdevs;
4270 	wmi_cfg->num_ocb_channels = tg_cfg->num_ocb_channels;
4271 	wmi_cfg->num_ocb_schedules = tg_cfg->num_ocb_schedules;
4272 	wmi_cfg->bpf_instruction_size = tg_cfg->bpf_instruction_size;
4273 	wmi_cfg->max_bssid_rx_filters = tg_cfg->max_bssid_rx_filters;
4274 	wmi_cfg->use_pdev_id = tg_cfg->use_pdev_id;
4275 	wmi_cfg->flag1 = tg_cfg->flag1;
4276 	wmi_cfg->peer_map_unmap_v2_support = tg_cfg->peer_map_unmap_v2_support;
4277 	wmi_cfg->sched_params = tg_cfg->sched_params;
4278 	wmi_cfg->twt_ap_pdev_count = tg_cfg->twt_ap_pdev_count;
4279 	wmi_cfg->twt_ap_sta_count = tg_cfg->twt_ap_sta_count;
4280 	wmi_cfg->host_service_flags &=
4281 		~(1 << WMI_CFG_HOST_SERVICE_FLAG_REG_CC_EXT);
4282 	wmi_cfg->host_service_flags |= (tg_cfg->is_reg_cc_ext_event_supported <<
4283 					WMI_CFG_HOST_SERVICE_FLAG_REG_CC_EXT);
4284 	wmi_cfg->flags2 = WMI_RSRC_CFG_FLAG2_CALC_NEXT_DTIM_COUNT_SET;
4285 	wmi_cfg->ema_max_vap_cnt = tg_cfg->ema_max_vap_cnt;
4286 	wmi_cfg->ema_max_profile_period = tg_cfg->ema_max_profile_period;
4287 }
4288 
4289 static int ath11k_init_cmd_send(struct ath11k_pdev_wmi *wmi,
4290 				struct wmi_init_cmd_param *param)
4291 {
4292 	struct ath11k_base *ab = wmi->wmi_ab->ab;
4293 	struct sk_buff *skb;
4294 	struct wmi_init_cmd *cmd;
4295 	struct wmi_resource_config *cfg;
4296 	struct wmi_pdev_set_hw_mode_cmd_param *hw_mode;
4297 	struct wmi_pdev_band_to_mac *band_to_mac;
4298 	struct wlan_host_mem_chunk *host_mem_chunks;
4299 	struct wmi_tlv *tlv;
4300 	size_t ret, len;
4301 #if defined(__linux__)
4302 	void *ptr;
4303 #elif defined(__FreeBSD__)
4304 	u8 *ptr;
4305 #endif
4306 	u32 hw_mode_len = 0;
4307 	u16 idx;
4308 
4309 	if (param->hw_mode_id != WMI_HOST_HW_MODE_MAX)
4310 		hw_mode_len = sizeof(*hw_mode) + TLV_HDR_SIZE +
4311 			      (param->num_band_to_mac * sizeof(*band_to_mac));
4312 
4313 	len = sizeof(*cmd) + TLV_HDR_SIZE + sizeof(*cfg) + hw_mode_len +
4314 	      (param->num_mem_chunks ? (sizeof(*host_mem_chunks) * WMI_MAX_MEM_REQS) : 0);
4315 
4316 	skb = ath11k_wmi_alloc_skb(wmi->wmi_ab, len);
4317 	if (!skb)
4318 		return -ENOMEM;
4319 
4320 	cmd = (struct wmi_init_cmd *)skb->data;
4321 
4322 	cmd->tlv_header = FIELD_PREP(WMI_TLV_TAG, WMI_TAG_INIT_CMD) |
4323 			  FIELD_PREP(WMI_TLV_LEN, sizeof(*cmd) - TLV_HDR_SIZE);
4324 
4325 	ptr = skb->data + sizeof(*cmd);
4326 #if defined(__linux__)
4327 	cfg = ptr;
4328 #elif defined(__FreeBSD__)
4329 	cfg = (void *)ptr;
4330 #endif
4331 
4332 	ath11k_wmi_copy_resource_config(cfg, param->res_cfg);
4333 
4334 	cfg->tlv_header = FIELD_PREP(WMI_TLV_TAG, WMI_TAG_RESOURCE_CONFIG) |
4335 			  FIELD_PREP(WMI_TLV_LEN, sizeof(*cfg) - TLV_HDR_SIZE);
4336 
4337 	ptr += sizeof(*cfg);
4338 #if defined(__linux__)
4339 	host_mem_chunks = ptr + TLV_HDR_SIZE;
4340 #elif defined(__FreeBSD__)
4341 	host_mem_chunks = (void *)(ptr + TLV_HDR_SIZE);
4342 #endif
4343 	len = sizeof(struct wlan_host_mem_chunk);
4344 
4345 	for (idx = 0; idx < param->num_mem_chunks; ++idx) {
4346 		host_mem_chunks[idx].tlv_header =
4347 				FIELD_PREP(WMI_TLV_TAG,
4348 					   WMI_TAG_WLAN_HOST_MEMORY_CHUNK) |
4349 				FIELD_PREP(WMI_TLV_LEN, len);
4350 
4351 		host_mem_chunks[idx].ptr = param->mem_chunks[idx].paddr;
4352 		host_mem_chunks[idx].size = param->mem_chunks[idx].len;
4353 		host_mem_chunks[idx].req_id = param->mem_chunks[idx].req_id;
4354 
4355 		ath11k_dbg(ab, ATH11K_DBG_WMI,
4356 #if defined(__linux__)
4357 			   "host mem chunk req_id %d paddr 0x%llx len %d\n",
4358 			   param->mem_chunks[idx].req_id,
4359 			   (u64)param->mem_chunks[idx].paddr,
4360 #elif defined(__FreeBSD__)
4361 			   "host mem chunk req_id %d paddr 0x%jx len %d\n",
4362 			   param->mem_chunks[idx].req_id,
4363 			   (uintmax_t)param->mem_chunks[idx].paddr,
4364 #endif
4365 			   param->mem_chunks[idx].len);
4366 	}
4367 	cmd->num_host_mem_chunks = param->num_mem_chunks;
4368 	len = sizeof(struct wlan_host_mem_chunk) * param->num_mem_chunks;
4369 
4370 	/* num_mem_chunks is zero */
4371 #if defined(__linux__)
4372 	tlv = ptr;
4373 #elif defined(__FreeBSD__)
4374 	tlv = (void *)ptr;
4375 #endif
4376 	tlv->header = FIELD_PREP(WMI_TLV_TAG, WMI_TAG_ARRAY_STRUCT) |
4377 		      FIELD_PREP(WMI_TLV_LEN, len);
4378 	ptr += TLV_HDR_SIZE + len;
4379 
4380 	if (param->hw_mode_id != WMI_HOST_HW_MODE_MAX) {
4381 		hw_mode = (struct wmi_pdev_set_hw_mode_cmd_param *)ptr;
4382 		hw_mode->tlv_header = FIELD_PREP(WMI_TLV_TAG,
4383 						 WMI_TAG_PDEV_SET_HW_MODE_CMD) |
4384 				      FIELD_PREP(WMI_TLV_LEN,
4385 						 sizeof(*hw_mode) - TLV_HDR_SIZE);
4386 
4387 		hw_mode->hw_mode_index = param->hw_mode_id;
4388 		hw_mode->num_band_to_mac = param->num_band_to_mac;
4389 
4390 		ptr += sizeof(*hw_mode);
4391 
4392 		len = param->num_band_to_mac * sizeof(*band_to_mac);
4393 #if defined(__linux__)
4394 		tlv = ptr;
4395 #elif defined(__FreeBSD__)
4396 		tlv = (void *)ptr;
4397 #endif
4398 		tlv->header = FIELD_PREP(WMI_TLV_TAG, WMI_TAG_ARRAY_STRUCT) |
4399 			      FIELD_PREP(WMI_TLV_LEN, len);
4400 
4401 		ptr += TLV_HDR_SIZE;
4402 		len = sizeof(*band_to_mac);
4403 
4404 		for (idx = 0; idx < param->num_band_to_mac; idx++) {
4405 			band_to_mac = (void *)ptr;
4406 
4407 			band_to_mac->tlv_header = FIELD_PREP(WMI_TLV_TAG,
4408 							     WMI_TAG_PDEV_BAND_TO_MAC) |
4409 						  FIELD_PREP(WMI_TLV_LEN,
4410 							     len - TLV_HDR_SIZE);
4411 			band_to_mac->pdev_id = param->band_to_mac[idx].pdev_id;
4412 			band_to_mac->start_freq =
4413 				param->band_to_mac[idx].start_freq;
4414 			band_to_mac->end_freq =
4415 				param->band_to_mac[idx].end_freq;
4416 			ptr += sizeof(*band_to_mac);
4417 		}
4418 	}
4419 
4420 	ret = ath11k_wmi_cmd_send(wmi, skb, WMI_INIT_CMDID);
4421 	if (ret) {
4422 		ath11k_warn(ab, "failed to send WMI_INIT_CMDID\n");
4423 		dev_kfree_skb(skb);
4424 		return ret;
4425 	}
4426 
4427 	ath11k_dbg(ab, ATH11K_DBG_WMI, "cmd wmi init");
4428 
4429 	return 0;
4430 }
4431 
4432 int ath11k_wmi_pdev_lro_cfg(struct ath11k *ar,
4433 			    int pdev_id)
4434 {
4435 	struct ath11k_wmi_pdev_lro_config_cmd *cmd;
4436 	struct sk_buff *skb;
4437 	int ret;
4438 
4439 	skb = ath11k_wmi_alloc_skb(ar->wmi->wmi_ab, sizeof(*cmd));
4440 	if (!skb)
4441 		return -ENOMEM;
4442 
4443 	cmd = (struct ath11k_wmi_pdev_lro_config_cmd *)skb->data;
4444 	cmd->tlv_header = FIELD_PREP(WMI_TLV_TAG, WMI_TAG_LRO_INFO_CMD) |
4445 			  FIELD_PREP(WMI_TLV_LEN, sizeof(*cmd) - TLV_HDR_SIZE);
4446 
4447 	get_random_bytes(cmd->th_4, sizeof(uint32_t) * ATH11K_IPV4_TH_SEED_SIZE);
4448 	get_random_bytes(cmd->th_6, sizeof(uint32_t) * ATH11K_IPV6_TH_SEED_SIZE);
4449 
4450 	cmd->pdev_id = pdev_id;
4451 
4452 	ret = ath11k_wmi_cmd_send(ar->wmi, skb, WMI_LRO_CONFIG_CMDID);
4453 	if (ret) {
4454 		ath11k_warn(ar->ab,
4455 			    "failed to send lro cfg req wmi cmd\n");
4456 		goto err;
4457 	}
4458 
4459 	ath11k_dbg(ar->ab, ATH11K_DBG_WMI,
4460 		   "cmd lro config pdev_id 0x%x\n", pdev_id);
4461 	return 0;
4462 err:
4463 	dev_kfree_skb(skb);
4464 	return ret;
4465 }
4466 
4467 int ath11k_wmi_wait_for_service_ready(struct ath11k_base *ab)
4468 {
4469 	unsigned long time_left;
4470 
4471 	time_left = wait_for_completion_timeout(&ab->wmi_ab.service_ready,
4472 						WMI_SERVICE_READY_TIMEOUT_HZ);
4473 	if (!time_left)
4474 		return -ETIMEDOUT;
4475 
4476 	return 0;
4477 }
4478 
4479 int ath11k_wmi_wait_for_unified_ready(struct ath11k_base *ab)
4480 {
4481 	unsigned long time_left;
4482 
4483 	time_left = wait_for_completion_timeout(&ab->wmi_ab.unified_ready,
4484 						WMI_SERVICE_READY_TIMEOUT_HZ);
4485 	if (!time_left)
4486 		return -ETIMEDOUT;
4487 
4488 	return 0;
4489 }
4490 
4491 int ath11k_wmi_set_hw_mode(struct ath11k_base *ab,
4492 			   enum wmi_host_hw_mode_config_type mode)
4493 {
4494 	struct wmi_pdev_set_hw_mode_cmd_param *cmd;
4495 	struct sk_buff *skb;
4496 	struct ath11k_wmi_base *wmi_ab = &ab->wmi_ab;
4497 	int len;
4498 	int ret;
4499 
4500 	len = sizeof(*cmd);
4501 
4502 	skb = ath11k_wmi_alloc_skb(wmi_ab, len);
4503 	if (!skb)
4504 		return -ENOMEM;
4505 
4506 	cmd = (struct wmi_pdev_set_hw_mode_cmd_param *)skb->data;
4507 
4508 	cmd->tlv_header = FIELD_PREP(WMI_TLV_TAG, WMI_TAG_PDEV_SET_HW_MODE_CMD) |
4509 			  FIELD_PREP(WMI_TLV_LEN, sizeof(*cmd) - TLV_HDR_SIZE);
4510 
4511 	cmd->pdev_id = WMI_PDEV_ID_SOC;
4512 	cmd->hw_mode_index = mode;
4513 
4514 	ret = ath11k_wmi_cmd_send(&wmi_ab->wmi[0], skb, WMI_PDEV_SET_HW_MODE_CMDID);
4515 	if (ret) {
4516 		ath11k_warn(ab, "failed to send WMI_PDEV_SET_HW_MODE_CMDID\n");
4517 		dev_kfree_skb(skb);
4518 		return ret;
4519 	}
4520 
4521 	ath11k_dbg(ab, ATH11K_DBG_WMI, "cmd pdev set hw mode %d", cmd->hw_mode_index);
4522 
4523 	return 0;
4524 }
4525 
4526 int ath11k_wmi_cmd_init(struct ath11k_base *ab)
4527 {
4528 	struct ath11k_wmi_base *wmi_sc = &ab->wmi_ab;
4529 	struct wmi_init_cmd_param init_param;
4530 	struct target_resource_config  config;
4531 
4532 	memset(&init_param, 0, sizeof(init_param));
4533 	memset(&config, 0, sizeof(config));
4534 
4535 	ab->hw_params.hw_ops->wmi_init_config(ab, &config);
4536 
4537 	if (test_bit(WMI_TLV_SERVICE_REG_CC_EXT_EVENT_SUPPORT,
4538 		     ab->wmi_ab.svc_map))
4539 		config.is_reg_cc_ext_event_supported = 1;
4540 
4541 	memcpy(&wmi_sc->wlan_resource_config, &config, sizeof(config));
4542 
4543 	init_param.res_cfg = &wmi_sc->wlan_resource_config;
4544 	init_param.num_mem_chunks = wmi_sc->num_mem_chunks;
4545 	init_param.hw_mode_id = wmi_sc->preferred_hw_mode;
4546 	init_param.mem_chunks = wmi_sc->mem_chunks;
4547 
4548 	if (ab->hw_params.single_pdev_only)
4549 		init_param.hw_mode_id = WMI_HOST_HW_MODE_MAX;
4550 
4551 	init_param.num_band_to_mac = ab->num_radios;
4552 	ath11k_fill_band_to_mac_param(ab, init_param.band_to_mac);
4553 
4554 	return ath11k_init_cmd_send(&wmi_sc->wmi[0], &init_param);
4555 }
4556 
4557 int ath11k_wmi_vdev_spectral_conf(struct ath11k *ar,
4558 				  struct ath11k_wmi_vdev_spectral_conf_param *param)
4559 {
4560 	struct ath11k_wmi_vdev_spectral_conf_cmd *cmd;
4561 	struct sk_buff *skb;
4562 	int ret;
4563 
4564 	skb = ath11k_wmi_alloc_skb(ar->wmi->wmi_ab, sizeof(*cmd));
4565 	if (!skb)
4566 		return -ENOMEM;
4567 
4568 	cmd = (struct ath11k_wmi_vdev_spectral_conf_cmd *)skb->data;
4569 	cmd->tlv_header = FIELD_PREP(WMI_TLV_TAG,
4570 				     WMI_TAG_VDEV_SPECTRAL_CONFIGURE_CMD) |
4571 			  FIELD_PREP(WMI_TLV_LEN, sizeof(*cmd) - TLV_HDR_SIZE);
4572 
4573 	memcpy(&cmd->param, param, sizeof(*param));
4574 
4575 	ret = ath11k_wmi_cmd_send(ar->wmi, skb,
4576 				  WMI_VDEV_SPECTRAL_SCAN_CONFIGURE_CMDID);
4577 	if (ret) {
4578 		ath11k_warn(ar->ab,
4579 			    "failed to send spectral scan config wmi cmd\n");
4580 		goto err;
4581 	}
4582 
4583 	ath11k_dbg(ar->ab, ATH11K_DBG_WMI,
4584 		   "cmd vdev spectral scan configure vdev_id 0x%x\n",
4585 		   param->vdev_id);
4586 
4587 	return 0;
4588 err:
4589 	dev_kfree_skb(skb);
4590 	return ret;
4591 }
4592 
4593 int ath11k_wmi_vdev_spectral_enable(struct ath11k *ar, u32 vdev_id,
4594 				    u32 trigger, u32 enable)
4595 {
4596 	struct ath11k_wmi_vdev_spectral_enable_cmd *cmd;
4597 	struct sk_buff *skb;
4598 	int ret;
4599 
4600 	skb = ath11k_wmi_alloc_skb(ar->wmi->wmi_ab, sizeof(*cmd));
4601 	if (!skb)
4602 		return -ENOMEM;
4603 
4604 	cmd = (struct ath11k_wmi_vdev_spectral_enable_cmd *)skb->data;
4605 	cmd->tlv_header = FIELD_PREP(WMI_TLV_TAG,
4606 				     WMI_TAG_VDEV_SPECTRAL_ENABLE_CMD) |
4607 			  FIELD_PREP(WMI_TLV_LEN, sizeof(*cmd) - TLV_HDR_SIZE);
4608 
4609 	cmd->vdev_id = vdev_id;
4610 	cmd->trigger_cmd = trigger;
4611 	cmd->enable_cmd = enable;
4612 
4613 	ret = ath11k_wmi_cmd_send(ar->wmi, skb,
4614 				  WMI_VDEV_SPECTRAL_SCAN_ENABLE_CMDID);
4615 	if (ret) {
4616 		ath11k_warn(ar->ab,
4617 			    "failed to send spectral enable wmi cmd\n");
4618 		goto err;
4619 	}
4620 
4621 	ath11k_dbg(ar->ab, ATH11K_DBG_WMI,
4622 		   "cmd vdev spectral scan enable vdev id 0x%x\n",
4623 		   vdev_id);
4624 
4625 	return 0;
4626 err:
4627 	dev_kfree_skb(skb);
4628 	return ret;
4629 }
4630 
4631 int ath11k_wmi_pdev_dma_ring_cfg(struct ath11k *ar,
4632 				 struct ath11k_wmi_pdev_dma_ring_cfg_req_cmd *param)
4633 {
4634 	struct ath11k_wmi_pdev_dma_ring_cfg_req_cmd *cmd;
4635 	struct sk_buff *skb;
4636 	int ret;
4637 
4638 	skb = ath11k_wmi_alloc_skb(ar->wmi->wmi_ab, sizeof(*cmd));
4639 	if (!skb)
4640 		return -ENOMEM;
4641 
4642 	cmd = (struct ath11k_wmi_pdev_dma_ring_cfg_req_cmd *)skb->data;
4643 	cmd->tlv_header = FIELD_PREP(WMI_TLV_TAG, WMI_TAG_DMA_RING_CFG_REQ) |
4644 			  FIELD_PREP(WMI_TLV_LEN, sizeof(*cmd) - TLV_HDR_SIZE);
4645 
4646 	cmd->pdev_id		= param->pdev_id;
4647 	cmd->module_id		= param->module_id;
4648 	cmd->base_paddr_lo	= param->base_paddr_lo;
4649 	cmd->base_paddr_hi	= param->base_paddr_hi;
4650 	cmd->head_idx_paddr_lo	= param->head_idx_paddr_lo;
4651 	cmd->head_idx_paddr_hi	= param->head_idx_paddr_hi;
4652 	cmd->tail_idx_paddr_lo	= param->tail_idx_paddr_lo;
4653 	cmd->tail_idx_paddr_hi	= param->tail_idx_paddr_hi;
4654 	cmd->num_elems		= param->num_elems;
4655 	cmd->buf_size		= param->buf_size;
4656 	cmd->num_resp_per_event	= param->num_resp_per_event;
4657 	cmd->event_timeout_ms	= param->event_timeout_ms;
4658 
4659 	ret = ath11k_wmi_cmd_send(ar->wmi, skb,
4660 				  WMI_PDEV_DMA_RING_CFG_REQ_CMDID);
4661 	if (ret) {
4662 		ath11k_warn(ar->ab,
4663 			    "failed to send dma ring cfg req wmi cmd\n");
4664 		goto err;
4665 	}
4666 
4667 	ath11k_dbg(ar->ab, ATH11K_DBG_WMI,
4668 		   "cmd pdev dma ring cfg req pdev_id 0x%x\n",
4669 		   param->pdev_id);
4670 
4671 	return 0;
4672 err:
4673 	dev_kfree_skb(skb);
4674 	return ret;
4675 }
4676 
4677 static int ath11k_wmi_tlv_dma_buf_entry_parse(struct ath11k_base *soc,
4678 					      u16 tag, u16 len,
4679 					      const void *ptr, void *data)
4680 {
4681 	struct wmi_tlv_dma_buf_release_parse *parse = data;
4682 
4683 	if (tag != WMI_TAG_DMA_BUF_RELEASE_ENTRY)
4684 		return -EPROTO;
4685 
4686 	if (parse->num_buf_entry >= parse->fixed.num_buf_release_entry)
4687 		return -ENOBUFS;
4688 
4689 	parse->num_buf_entry++;
4690 	return 0;
4691 }
4692 
4693 static int ath11k_wmi_tlv_dma_buf_meta_parse(struct ath11k_base *soc,
4694 					     u16 tag, u16 len,
4695 					     const void *ptr, void *data)
4696 {
4697 	struct wmi_tlv_dma_buf_release_parse *parse = data;
4698 
4699 	if (tag != WMI_TAG_DMA_BUF_RELEASE_SPECTRAL_META_DATA)
4700 		return -EPROTO;
4701 
4702 	if (parse->num_meta >= parse->fixed.num_meta_data_entry)
4703 		return -ENOBUFS;
4704 
4705 	parse->num_meta++;
4706 	return 0;
4707 }
4708 
4709 static int ath11k_wmi_tlv_dma_buf_parse(struct ath11k_base *ab,
4710 					u16 tag, u16 len,
4711 					const void *ptr, void *data)
4712 {
4713 	struct wmi_tlv_dma_buf_release_parse *parse = data;
4714 	int ret;
4715 
4716 	switch (tag) {
4717 	case WMI_TAG_DMA_BUF_RELEASE:
4718 		memcpy(&parse->fixed, ptr,
4719 		       sizeof(struct ath11k_wmi_dma_buf_release_fixed_param));
4720 		parse->fixed.pdev_id = DP_HW2SW_MACID(parse->fixed.pdev_id);
4721 		break;
4722 	case WMI_TAG_ARRAY_STRUCT:
4723 		if (!parse->buf_entry_done) {
4724 			parse->num_buf_entry = 0;
4725 #if defined(__linux__)
4726 			parse->buf_entry = (struct wmi_dma_buf_release_entry *)ptr;
4727 #elif defined(__FreeBSD__)
4728 			parse->buf_entry = ptr;
4729 #endif
4730 
4731 			ret = ath11k_wmi_tlv_iter(ab, ptr, len,
4732 						  ath11k_wmi_tlv_dma_buf_entry_parse,
4733 						  parse);
4734 			if (ret) {
4735 				ath11k_warn(ab, "failed to parse dma buf entry tlv %d\n",
4736 					    ret);
4737 				return ret;
4738 			}
4739 
4740 			parse->buf_entry_done = true;
4741 		} else if (!parse->meta_data_done) {
4742 			parse->num_meta = 0;
4743 #if defined(__linux__)
4744 			parse->meta_data = (struct wmi_dma_buf_release_meta_data *)ptr;
4745 #elif defined(__FreeBSD__)
4746 			parse->meta_data = ptr;
4747 #endif
4748 
4749 			ret = ath11k_wmi_tlv_iter(ab, ptr, len,
4750 						  ath11k_wmi_tlv_dma_buf_meta_parse,
4751 						  parse);
4752 			if (ret) {
4753 				ath11k_warn(ab, "failed to parse dma buf meta tlv %d\n",
4754 					    ret);
4755 				return ret;
4756 			}
4757 
4758 			parse->meta_data_done = true;
4759 		}
4760 		break;
4761 	default:
4762 		break;
4763 	}
4764 	return 0;
4765 }
4766 
4767 static void ath11k_wmi_pdev_dma_ring_buf_release_event(struct ath11k_base *ab,
4768 						       struct sk_buff *skb)
4769 {
4770 	struct wmi_tlv_dma_buf_release_parse parse = { };
4771 	struct ath11k_dbring_buf_release_event param;
4772 	int ret;
4773 
4774 	ret = ath11k_wmi_tlv_iter(ab, skb->data, skb->len,
4775 				  ath11k_wmi_tlv_dma_buf_parse,
4776 				  &parse);
4777 	if (ret) {
4778 		ath11k_warn(ab, "failed to parse dma buf release tlv %d\n", ret);
4779 		return;
4780 	}
4781 
4782 	ath11k_dbg(ab, ATH11K_DBG_WMI, "event pdev dma ring buf release");
4783 
4784 	param.fixed		= parse.fixed;
4785 	param.buf_entry		= parse.buf_entry;
4786 	param.num_buf_entry	= parse.num_buf_entry;
4787 	param.meta_data		= parse.meta_data;
4788 	param.num_meta		= parse.num_meta;
4789 
4790 	ret = ath11k_dbring_buffer_release_event(ab, &param);
4791 	if (ret) {
4792 		ath11k_warn(ab, "failed to handle dma buf release event %d\n", ret);
4793 		return;
4794 	}
4795 }
4796 
4797 static int ath11k_wmi_tlv_hw_mode_caps_parse(struct ath11k_base *soc,
4798 					     u16 tag, u16 len,
4799 					     const void *ptr, void *data)
4800 {
4801 	struct wmi_tlv_svc_rdy_ext_parse *svc_rdy_ext = data;
4802 	struct wmi_hw_mode_capabilities *hw_mode_cap;
4803 	u32 phy_map = 0;
4804 
4805 	if (tag != WMI_TAG_HW_MODE_CAPABILITIES)
4806 		return -EPROTO;
4807 
4808 	if (svc_rdy_ext->n_hw_mode_caps >= svc_rdy_ext->param.num_hw_modes)
4809 		return -ENOBUFS;
4810 
4811 	hw_mode_cap = container_of(ptr, struct wmi_hw_mode_capabilities,
4812 				   hw_mode_id);
4813 	svc_rdy_ext->n_hw_mode_caps++;
4814 
4815 	phy_map = hw_mode_cap->phy_id_map;
4816 	while (phy_map) {
4817 		svc_rdy_ext->tot_phy_id++;
4818 		phy_map = phy_map >> 1;
4819 	}
4820 
4821 	return 0;
4822 }
4823 
4824 static int ath11k_wmi_tlv_hw_mode_caps(struct ath11k_base *soc,
4825 				       u16 len, const void *ptr, void *data)
4826 {
4827 	struct wmi_tlv_svc_rdy_ext_parse *svc_rdy_ext = data;
4828 #if defined(__linux__)
4829 	struct wmi_hw_mode_capabilities *hw_mode_caps;
4830 #elif defined(__FreeBSD__)
4831 	const struct wmi_hw_mode_capabilities *hw_mode_caps;
4832 #endif
4833 	enum wmi_host_hw_mode_config_type mode, pref;
4834 	u32 i;
4835 	int ret;
4836 
4837 	svc_rdy_ext->n_hw_mode_caps = 0;
4838 #if defined(__linux__)
4839 	svc_rdy_ext->hw_mode_caps = (struct wmi_hw_mode_capabilities *)ptr;
4840 #elif defined(__FreeBSD__)
4841 	svc_rdy_ext->hw_mode_caps = ptr;
4842 #endif
4843 
4844 	ret = ath11k_wmi_tlv_iter(soc, ptr, len,
4845 				  ath11k_wmi_tlv_hw_mode_caps_parse,
4846 				  svc_rdy_ext);
4847 	if (ret) {
4848 		ath11k_warn(soc, "failed to parse tlv %d\n", ret);
4849 		return ret;
4850 	}
4851 
4852 	i = 0;
4853 	while (i < svc_rdy_ext->n_hw_mode_caps) {
4854 		hw_mode_caps = &svc_rdy_ext->hw_mode_caps[i];
4855 		mode = hw_mode_caps->hw_mode_id;
4856 		pref = soc->wmi_ab.preferred_hw_mode;
4857 
4858 		if (ath11k_hw_mode_pri_map[mode] < ath11k_hw_mode_pri_map[pref]) {
4859 			svc_rdy_ext->pref_hw_mode_caps = *hw_mode_caps;
4860 			soc->wmi_ab.preferred_hw_mode = mode;
4861 		}
4862 		i++;
4863 	}
4864 
4865 	ath11k_dbg(soc, ATH11K_DBG_WMI, "preferred_hw_mode:%d\n",
4866 		   soc->wmi_ab.preferred_hw_mode);
4867 	if (soc->wmi_ab.preferred_hw_mode == WMI_HOST_HW_MODE_MAX)
4868 		return -EINVAL;
4869 
4870 	return 0;
4871 }
4872 
4873 static int ath11k_wmi_tlv_mac_phy_caps_parse(struct ath11k_base *soc,
4874 					     u16 tag, u16 len,
4875 					     const void *ptr, void *data)
4876 {
4877 	struct wmi_tlv_svc_rdy_ext_parse *svc_rdy_ext = data;
4878 
4879 	if (tag != WMI_TAG_MAC_PHY_CAPABILITIES)
4880 		return -EPROTO;
4881 
4882 	if (svc_rdy_ext->n_mac_phy_caps >= svc_rdy_ext->tot_phy_id)
4883 		return -ENOBUFS;
4884 
4885 	len = min_t(u16, len, sizeof(struct wmi_mac_phy_capabilities));
4886 	if (!svc_rdy_ext->n_mac_phy_caps) {
4887 		svc_rdy_ext->mac_phy_caps = kcalloc(svc_rdy_ext->tot_phy_id,
4888 						    len, GFP_ATOMIC);
4889 		if (!svc_rdy_ext->mac_phy_caps)
4890 			return -ENOMEM;
4891 	}
4892 
4893 	memcpy(svc_rdy_ext->mac_phy_caps + svc_rdy_ext->n_mac_phy_caps, ptr, len);
4894 	svc_rdy_ext->n_mac_phy_caps++;
4895 	return 0;
4896 }
4897 
4898 static int ath11k_wmi_tlv_ext_hal_reg_caps_parse(struct ath11k_base *soc,
4899 						 u16 tag, u16 len,
4900 						 const void *ptr, void *data)
4901 {
4902 	struct wmi_tlv_svc_rdy_ext_parse *svc_rdy_ext = data;
4903 
4904 	if (tag != WMI_TAG_HAL_REG_CAPABILITIES_EXT)
4905 		return -EPROTO;
4906 
4907 	if (svc_rdy_ext->n_ext_hal_reg_caps >= svc_rdy_ext->param.num_phy)
4908 		return -ENOBUFS;
4909 
4910 	svc_rdy_ext->n_ext_hal_reg_caps++;
4911 	return 0;
4912 }
4913 
4914 static int ath11k_wmi_tlv_ext_hal_reg_caps(struct ath11k_base *soc,
4915 					   u16 len, const void *ptr, void *data)
4916 {
4917 	struct ath11k_pdev_wmi *wmi_handle = &soc->wmi_ab.wmi[0];
4918 	struct wmi_tlv_svc_rdy_ext_parse *svc_rdy_ext = data;
4919 	struct ath11k_hal_reg_capabilities_ext reg_cap;
4920 	int ret;
4921 	u32 i;
4922 
4923 	svc_rdy_ext->n_ext_hal_reg_caps = 0;
4924 #if defined(__linux__)
4925 	svc_rdy_ext->ext_hal_reg_caps = (struct wmi_hal_reg_capabilities_ext *)ptr;
4926 #elif defined(__FreeBSD__)
4927 	svc_rdy_ext->ext_hal_reg_caps = (const struct wmi_hal_reg_capabilities_ext *)ptr;
4928 #endif
4929 	ret = ath11k_wmi_tlv_iter(soc, ptr, len,
4930 				  ath11k_wmi_tlv_ext_hal_reg_caps_parse,
4931 				  svc_rdy_ext);
4932 	if (ret) {
4933 		ath11k_warn(soc, "failed to parse tlv %d\n", ret);
4934 		return ret;
4935 	}
4936 
4937 	for (i = 0; i < svc_rdy_ext->param.num_phy; i++) {
4938 		ret = ath11k_pull_reg_cap_svc_rdy_ext(wmi_handle,
4939 						      svc_rdy_ext->soc_hal_reg_caps,
4940 						      svc_rdy_ext->ext_hal_reg_caps, i,
4941 						      &reg_cap);
4942 		if (ret) {
4943 			ath11k_warn(soc, "failed to extract reg cap %d\n", i);
4944 			return ret;
4945 		}
4946 
4947 		memcpy(&soc->hal_reg_cap[reg_cap.phy_id],
4948 		       &reg_cap, sizeof(reg_cap));
4949 	}
4950 	return 0;
4951 }
4952 
4953 static int ath11k_wmi_tlv_ext_soc_hal_reg_caps_parse(struct ath11k_base *soc,
4954 						     u16 len, const void *ptr,
4955 						     void *data)
4956 {
4957 	struct ath11k_pdev_wmi *wmi_handle = &soc->wmi_ab.wmi[0];
4958 	struct wmi_tlv_svc_rdy_ext_parse *svc_rdy_ext = data;
4959 	u8 hw_mode_id = svc_rdy_ext->pref_hw_mode_caps.hw_mode_id;
4960 	u32 phy_id_map;
4961 	int pdev_index = 0;
4962 	int ret;
4963 
4964 #if defined(__linux__)
4965 	svc_rdy_ext->soc_hal_reg_caps = (struct wmi_soc_hal_reg_capabilities *)ptr;
4966 #elif defined(__FreeBSD__)
4967 	svc_rdy_ext->soc_hal_reg_caps = (const struct wmi_soc_hal_reg_capabilities *)ptr;
4968 #endif
4969 	svc_rdy_ext->param.num_phy = svc_rdy_ext->soc_hal_reg_caps->num_phy;
4970 
4971 	soc->num_radios = 0;
4972 	soc->target_pdev_count = 0;
4973 	phy_id_map = svc_rdy_ext->pref_hw_mode_caps.phy_id_map;
4974 
4975 	while (phy_id_map && soc->num_radios < MAX_RADIOS) {
4976 		ret = ath11k_pull_mac_phy_cap_svc_ready_ext(wmi_handle,
4977 							    svc_rdy_ext->hw_caps,
4978 							    svc_rdy_ext->hw_mode_caps,
4979 							    svc_rdy_ext->soc_hal_reg_caps,
4980 							    svc_rdy_ext->mac_phy_caps,
4981 							    hw_mode_id, soc->num_radios,
4982 							    &soc->pdevs[pdev_index]);
4983 		if (ret) {
4984 			ath11k_warn(soc, "failed to extract mac caps, idx :%d\n",
4985 				    soc->num_radios);
4986 			return ret;
4987 		}
4988 
4989 		soc->num_radios++;
4990 
4991 		/* For QCA6390, save mac_phy capability in the same pdev */
4992 		if (soc->hw_params.single_pdev_only)
4993 			pdev_index = 0;
4994 		else
4995 			pdev_index = soc->num_radios;
4996 
4997 		/* TODO: mac_phy_cap prints */
4998 		phy_id_map >>= 1;
4999 	}
5000 
5001 	/* For QCA6390, set num_radios to 1 because host manages
5002 	 * both 2G and 5G radio in one pdev.
5003 	 * Set pdev_id = 0 and 0 means soc level.
5004 	 */
5005 	if (soc->hw_params.single_pdev_only) {
5006 		soc->num_radios = 1;
5007 		soc->pdevs[0].pdev_id = 0;
5008 	}
5009 
5010 	return 0;
5011 }
5012 
5013 static int ath11k_wmi_tlv_dma_ring_caps_parse(struct ath11k_base *soc,
5014 					      u16 tag, u16 len,
5015 					      const void *ptr, void *data)
5016 {
5017 	struct wmi_tlv_dma_ring_caps_parse *parse = data;
5018 
5019 	if (tag != WMI_TAG_DMA_RING_CAPABILITIES)
5020 		return -EPROTO;
5021 
5022 	parse->n_dma_ring_caps++;
5023 	return 0;
5024 }
5025 
5026 static int ath11k_wmi_alloc_dbring_caps(struct ath11k_base *ab,
5027 					u32 num_cap)
5028 {
5029 	size_t sz;
5030 	void *ptr;
5031 
5032 	sz = num_cap * sizeof(struct ath11k_dbring_cap);
5033 	ptr = kzalloc(sz, GFP_ATOMIC);
5034 	if (!ptr)
5035 		return -ENOMEM;
5036 
5037 	ab->db_caps = ptr;
5038 	ab->num_db_cap = num_cap;
5039 
5040 	return 0;
5041 }
5042 
5043 static void ath11k_wmi_free_dbring_caps(struct ath11k_base *ab)
5044 {
5045 	kfree(ab->db_caps);
5046 	ab->db_caps = NULL;
5047 }
5048 
5049 static int ath11k_wmi_tlv_dma_ring_caps(struct ath11k_base *ab,
5050 					u16 len, const void *ptr, void *data)
5051 {
5052 	struct wmi_tlv_dma_ring_caps_parse *dma_caps_parse = data;
5053 #if defined(__linux__)
5054 	struct wmi_dma_ring_capabilities *dma_caps;
5055 #elif defined(__FreeBSD__)
5056 	const struct wmi_dma_ring_capabilities *dma_caps;
5057 #endif
5058 	struct ath11k_dbring_cap *dir_buff_caps;
5059 	int ret;
5060 	u32 i;
5061 
5062 	dma_caps_parse->n_dma_ring_caps = 0;
5063 #if defined(__linux__)
5064 	dma_caps = (struct wmi_dma_ring_capabilities *)ptr;
5065 #elif defined(__FreeBSD__)
5066 	dma_caps = (const struct wmi_dma_ring_capabilities *)ptr;
5067 #endif
5068 	ret = ath11k_wmi_tlv_iter(ab, ptr, len,
5069 				  ath11k_wmi_tlv_dma_ring_caps_parse,
5070 				  dma_caps_parse);
5071 	if (ret) {
5072 		ath11k_warn(ab, "failed to parse dma ring caps tlv %d\n", ret);
5073 		return ret;
5074 	}
5075 
5076 	if (!dma_caps_parse->n_dma_ring_caps)
5077 		return 0;
5078 
5079 	if (ab->num_db_cap) {
5080 		ath11k_warn(ab, "Already processed, so ignoring dma ring caps\n");
5081 		return 0;
5082 	}
5083 
5084 	ret = ath11k_wmi_alloc_dbring_caps(ab, dma_caps_parse->n_dma_ring_caps);
5085 	if (ret)
5086 		return ret;
5087 
5088 	dir_buff_caps = ab->db_caps;
5089 	for (i = 0; i < dma_caps_parse->n_dma_ring_caps; i++) {
5090 		if (dma_caps[i].module_id >= WMI_DIRECT_BUF_MAX) {
5091 			ath11k_warn(ab, "Invalid module id %d\n", dma_caps[i].module_id);
5092 			ret = -EINVAL;
5093 			goto free_dir_buff;
5094 		}
5095 
5096 		dir_buff_caps[i].id = dma_caps[i].module_id;
5097 		dir_buff_caps[i].pdev_id = DP_HW2SW_MACID(dma_caps[i].pdev_id);
5098 		dir_buff_caps[i].min_elem = dma_caps[i].min_elem;
5099 		dir_buff_caps[i].min_buf_sz = dma_caps[i].min_buf_sz;
5100 		dir_buff_caps[i].min_buf_align = dma_caps[i].min_buf_align;
5101 	}
5102 
5103 	return 0;
5104 
5105 free_dir_buff:
5106 	ath11k_wmi_free_dbring_caps(ab);
5107 	return ret;
5108 }
5109 
5110 static int ath11k_wmi_tlv_svc_rdy_ext_parse(struct ath11k_base *ab,
5111 					    u16 tag, u16 len,
5112 					    const void *ptr, void *data)
5113 {
5114 	struct ath11k_pdev_wmi *wmi_handle = &ab->wmi_ab.wmi[0];
5115 	struct wmi_tlv_svc_rdy_ext_parse *svc_rdy_ext = data;
5116 	int ret;
5117 
5118 	switch (tag) {
5119 	case WMI_TAG_SERVICE_READY_EXT_EVENT:
5120 		ret = ath11k_pull_svc_ready_ext(wmi_handle, ptr,
5121 						&svc_rdy_ext->param);
5122 		if (ret) {
5123 			ath11k_warn(ab, "unable to extract ext params\n");
5124 			return ret;
5125 		}
5126 		break;
5127 
5128 	case WMI_TAG_SOC_MAC_PHY_HW_MODE_CAPS:
5129 #if defined(__linux__)
5130 		svc_rdy_ext->hw_caps = (struct wmi_soc_mac_phy_hw_mode_caps *)ptr;
5131 #elif defined(__FreeBSD__)
5132 		svc_rdy_ext->hw_caps = (const struct wmi_soc_mac_phy_hw_mode_caps *)ptr;
5133 #endif
5134 		svc_rdy_ext->param.num_hw_modes = svc_rdy_ext->hw_caps->num_hw_modes;
5135 		break;
5136 
5137 	case WMI_TAG_SOC_HAL_REG_CAPABILITIES:
5138 		ret = ath11k_wmi_tlv_ext_soc_hal_reg_caps_parse(ab, len, ptr,
5139 								svc_rdy_ext);
5140 		if (ret)
5141 			return ret;
5142 		break;
5143 
5144 	case WMI_TAG_ARRAY_STRUCT:
5145 		if (!svc_rdy_ext->hw_mode_done) {
5146 			ret = ath11k_wmi_tlv_hw_mode_caps(ab, len, ptr,
5147 							  svc_rdy_ext);
5148 			if (ret)
5149 				return ret;
5150 
5151 			svc_rdy_ext->hw_mode_done = true;
5152 		} else if (!svc_rdy_ext->mac_phy_done) {
5153 			svc_rdy_ext->n_mac_phy_caps = 0;
5154 			ret = ath11k_wmi_tlv_iter(ab, ptr, len,
5155 						  ath11k_wmi_tlv_mac_phy_caps_parse,
5156 						  svc_rdy_ext);
5157 			if (ret) {
5158 				ath11k_warn(ab, "failed to parse tlv %d\n", ret);
5159 				return ret;
5160 			}
5161 
5162 			svc_rdy_ext->mac_phy_done = true;
5163 		} else if (!svc_rdy_ext->ext_hal_reg_done) {
5164 			ret = ath11k_wmi_tlv_ext_hal_reg_caps(ab, len, ptr,
5165 							      svc_rdy_ext);
5166 			if (ret)
5167 				return ret;
5168 
5169 			svc_rdy_ext->ext_hal_reg_done = true;
5170 		} else if (!svc_rdy_ext->mac_phy_chainmask_combo_done) {
5171 			svc_rdy_ext->mac_phy_chainmask_combo_done = true;
5172 		} else if (!svc_rdy_ext->mac_phy_chainmask_cap_done) {
5173 			svc_rdy_ext->mac_phy_chainmask_cap_done = true;
5174 		} else if (!svc_rdy_ext->oem_dma_ring_cap_done) {
5175 			svc_rdy_ext->oem_dma_ring_cap_done = true;
5176 		} else if (!svc_rdy_ext->dma_ring_cap_done) {
5177 			ret = ath11k_wmi_tlv_dma_ring_caps(ab, len, ptr,
5178 							   &svc_rdy_ext->dma_caps_parse);
5179 			if (ret)
5180 				return ret;
5181 
5182 			svc_rdy_ext->dma_ring_cap_done = true;
5183 		}
5184 		break;
5185 
5186 	default:
5187 		break;
5188 	}
5189 	return 0;
5190 }
5191 
5192 static int ath11k_service_ready_ext_event(struct ath11k_base *ab,
5193 					  struct sk_buff *skb)
5194 {
5195 	struct wmi_tlv_svc_rdy_ext_parse svc_rdy_ext = { };
5196 	int ret;
5197 
5198 	ret = ath11k_wmi_tlv_iter(ab, skb->data, skb->len,
5199 				  ath11k_wmi_tlv_svc_rdy_ext_parse,
5200 				  &svc_rdy_ext);
5201 	if (ret) {
5202 		ath11k_warn(ab, "failed to parse tlv %d\n", ret);
5203 		goto err;
5204 	}
5205 
5206 	ath11k_dbg(ab, ATH11K_DBG_WMI, "event service ready ext");
5207 
5208 	if (!test_bit(WMI_TLV_SERVICE_EXT2_MSG, ab->wmi_ab.svc_map))
5209 		complete(&ab->wmi_ab.service_ready);
5210 
5211 	kfree(svc_rdy_ext.mac_phy_caps);
5212 	return 0;
5213 
5214 err:
5215 	ath11k_wmi_free_dbring_caps(ab);
5216 	return ret;
5217 }
5218 
5219 static int ath11k_wmi_tlv_svc_rdy_ext2_parse(struct ath11k_base *ab,
5220 					     u16 tag, u16 len,
5221 					     const void *ptr, void *data)
5222 {
5223 	struct wmi_tlv_svc_rdy_ext2_parse *parse = data;
5224 	int ret;
5225 
5226 	switch (tag) {
5227 	case WMI_TAG_ARRAY_STRUCT:
5228 		if (!parse->dma_ring_cap_done) {
5229 			ret = ath11k_wmi_tlv_dma_ring_caps(ab, len, ptr,
5230 							   &parse->dma_caps_parse);
5231 			if (ret)
5232 				return ret;
5233 
5234 			parse->dma_ring_cap_done = true;
5235 		}
5236 		break;
5237 	default:
5238 		break;
5239 	}
5240 
5241 	return 0;
5242 }
5243 
5244 static int ath11k_service_ready_ext2_event(struct ath11k_base *ab,
5245 					   struct sk_buff *skb)
5246 {
5247 	struct wmi_tlv_svc_rdy_ext2_parse svc_rdy_ext2 = { };
5248 	int ret;
5249 
5250 	ret = ath11k_wmi_tlv_iter(ab, skb->data, skb->len,
5251 				  ath11k_wmi_tlv_svc_rdy_ext2_parse,
5252 				  &svc_rdy_ext2);
5253 	if (ret) {
5254 		ath11k_warn(ab, "failed to parse ext2 event tlv %d\n", ret);
5255 		goto err;
5256 	}
5257 
5258 	ath11k_dbg(ab, ATH11K_DBG_WMI, "event service ready ext2");
5259 
5260 	complete(&ab->wmi_ab.service_ready);
5261 
5262 	return 0;
5263 
5264 err:
5265 	ath11k_wmi_free_dbring_caps(ab);
5266 	return ret;
5267 }
5268 
5269 static int ath11k_pull_vdev_start_resp_tlv(struct ath11k_base *ab, struct sk_buff *skb,
5270 					   struct wmi_vdev_start_resp_event *vdev_rsp)
5271 {
5272 	const void **tb;
5273 	const struct wmi_vdev_start_resp_event *ev;
5274 	int ret;
5275 
5276 	tb = ath11k_wmi_tlv_parse_alloc(ab, skb->data, skb->len, GFP_ATOMIC);
5277 	if (IS_ERR(tb)) {
5278 		ret = PTR_ERR(tb);
5279 		ath11k_warn(ab, "failed to parse tlv: %d\n", ret);
5280 		return ret;
5281 	}
5282 
5283 	ev = tb[WMI_TAG_VDEV_START_RESPONSE_EVENT];
5284 	if (!ev) {
5285 		ath11k_warn(ab, "failed to fetch vdev start resp ev");
5286 		kfree(tb);
5287 		return -EPROTO;
5288 	}
5289 
5290 	memset(vdev_rsp, 0, sizeof(*vdev_rsp));
5291 
5292 	vdev_rsp->vdev_id = ev->vdev_id;
5293 	vdev_rsp->requestor_id = ev->requestor_id;
5294 	vdev_rsp->resp_type = ev->resp_type;
5295 	vdev_rsp->status = ev->status;
5296 	vdev_rsp->chain_mask = ev->chain_mask;
5297 	vdev_rsp->smps_mode = ev->smps_mode;
5298 	vdev_rsp->mac_id = ev->mac_id;
5299 	vdev_rsp->cfgd_tx_streams = ev->cfgd_tx_streams;
5300 	vdev_rsp->cfgd_rx_streams = ev->cfgd_rx_streams;
5301 
5302 	kfree(tb);
5303 	return 0;
5304 }
5305 
5306 static void ath11k_print_reg_rule(struct ath11k_base *ab, const char *band,
5307 				  u32 num_reg_rules,
5308 				  struct cur_reg_rule *reg_rule_ptr)
5309 {
5310 	struct cur_reg_rule *reg_rule = reg_rule_ptr;
5311 	u32 count;
5312 
5313 	ath11k_dbg(ab, ATH11K_DBG_WMI, "number of reg rules in %s band: %d\n",
5314 		   band, num_reg_rules);
5315 
5316 	for (count = 0; count < num_reg_rules; count++) {
5317 		ath11k_dbg(ab, ATH11K_DBG_WMI,
5318 			   "reg rule %d: (%d - %d @ %d) (%d, %d) (FLAGS %d)\n",
5319 			   count + 1, reg_rule->start_freq, reg_rule->end_freq,
5320 			   reg_rule->max_bw, reg_rule->ant_gain,
5321 			   reg_rule->reg_power, reg_rule->flags);
5322 		reg_rule++;
5323 	}
5324 }
5325 
5326 static struct cur_reg_rule
5327 *create_reg_rules_from_wmi(u32 num_reg_rules,
5328 #if defined(__linux__)
5329 			   struct wmi_regulatory_rule_struct *wmi_reg_rule)
5330 #elif defined(__FreeBSD__)
5331 			   const struct wmi_regulatory_rule_struct *wmi_reg_rule)
5332 #endif
5333 {
5334 	struct cur_reg_rule *reg_rule_ptr;
5335 	u32 count;
5336 
5337 	reg_rule_ptr = kcalloc(num_reg_rules, sizeof(*reg_rule_ptr),
5338 			       GFP_ATOMIC);
5339 
5340 	if (!reg_rule_ptr)
5341 		return NULL;
5342 
5343 	for (count = 0; count < num_reg_rules; count++) {
5344 		reg_rule_ptr[count].start_freq =
5345 			FIELD_GET(REG_RULE_START_FREQ,
5346 				  wmi_reg_rule[count].freq_info);
5347 		reg_rule_ptr[count].end_freq =
5348 			FIELD_GET(REG_RULE_END_FREQ,
5349 				  wmi_reg_rule[count].freq_info);
5350 		reg_rule_ptr[count].max_bw =
5351 			FIELD_GET(REG_RULE_MAX_BW,
5352 				  wmi_reg_rule[count].bw_pwr_info);
5353 		reg_rule_ptr[count].reg_power =
5354 			FIELD_GET(REG_RULE_REG_PWR,
5355 				  wmi_reg_rule[count].bw_pwr_info);
5356 		reg_rule_ptr[count].ant_gain =
5357 			FIELD_GET(REG_RULE_ANT_GAIN,
5358 				  wmi_reg_rule[count].bw_pwr_info);
5359 		reg_rule_ptr[count].flags =
5360 			FIELD_GET(REG_RULE_FLAGS,
5361 				  wmi_reg_rule[count].flag_info);
5362 	}
5363 
5364 	return reg_rule_ptr;
5365 }
5366 
5367 static int ath11k_pull_reg_chan_list_update_ev(struct ath11k_base *ab,
5368 					       struct sk_buff *skb,
5369 					       struct cur_regulatory_info *reg_info)
5370 {
5371 	const void **tb;
5372 	const struct wmi_reg_chan_list_cc_event *chan_list_event_hdr;
5373 #if defined(__linux__)
5374 	struct wmi_regulatory_rule_struct *wmi_reg_rule;
5375 #elif defined(__FreeBSD__)
5376 	const struct wmi_regulatory_rule_struct *wmi_reg_rule;
5377 #endif
5378 	u32 num_2ghz_reg_rules, num_5ghz_reg_rules;
5379 	int ret;
5380 
5381 	ath11k_dbg(ab, ATH11K_DBG_WMI, "processing regulatory channel list\n");
5382 
5383 	tb = ath11k_wmi_tlv_parse_alloc(ab, skb->data, skb->len, GFP_ATOMIC);
5384 	if (IS_ERR(tb)) {
5385 		ret = PTR_ERR(tb);
5386 		ath11k_warn(ab, "failed to parse tlv: %d\n", ret);
5387 		return ret;
5388 	}
5389 
5390 	chan_list_event_hdr = tb[WMI_TAG_REG_CHAN_LIST_CC_EVENT];
5391 	if (!chan_list_event_hdr) {
5392 		ath11k_warn(ab, "failed to fetch reg chan list update ev\n");
5393 		kfree(tb);
5394 		return -EPROTO;
5395 	}
5396 
5397 	reg_info->num_2ghz_reg_rules = chan_list_event_hdr->num_2ghz_reg_rules;
5398 	reg_info->num_5ghz_reg_rules = chan_list_event_hdr->num_5ghz_reg_rules;
5399 
5400 	if (!(reg_info->num_2ghz_reg_rules + reg_info->num_5ghz_reg_rules)) {
5401 		ath11k_warn(ab, "No regulatory rules available in the event info\n");
5402 		kfree(tb);
5403 		return -EINVAL;
5404 	}
5405 
5406 	memcpy(reg_info->alpha2, &chan_list_event_hdr->alpha2,
5407 	       REG_ALPHA2_LEN);
5408 	reg_info->dfs_region = chan_list_event_hdr->dfs_region;
5409 	reg_info->phybitmap = chan_list_event_hdr->phybitmap;
5410 	reg_info->num_phy = chan_list_event_hdr->num_phy;
5411 	reg_info->phy_id = chan_list_event_hdr->phy_id;
5412 	reg_info->ctry_code = chan_list_event_hdr->country_id;
5413 	reg_info->reg_dmn_pair = chan_list_event_hdr->domain_code;
5414 
5415 	ath11k_dbg(ab, ATH11K_DBG_WMI,
5416 		   "status_code %s",
5417 		   ath11k_cc_status_to_str(reg_info->status_code));
5418 
5419 	reg_info->status_code =
5420 		ath11k_wmi_cc_setting_code_to_reg(chan_list_event_hdr->status_code);
5421 
5422 	reg_info->is_ext_reg_event = false;
5423 
5424 	reg_info->min_bw_2ghz = chan_list_event_hdr->min_bw_2ghz;
5425 	reg_info->max_bw_2ghz = chan_list_event_hdr->max_bw_2ghz;
5426 	reg_info->min_bw_5ghz = chan_list_event_hdr->min_bw_5ghz;
5427 	reg_info->max_bw_5ghz = chan_list_event_hdr->max_bw_5ghz;
5428 
5429 	num_2ghz_reg_rules = reg_info->num_2ghz_reg_rules;
5430 	num_5ghz_reg_rules = reg_info->num_5ghz_reg_rules;
5431 
5432 	ath11k_dbg(ab, ATH11K_DBG_WMI,
5433 		   "cc %s dsf %d BW: min_2ghz %d max_2ghz %d min_5ghz %d max_5ghz %d",
5434 		   reg_info->alpha2, reg_info->dfs_region,
5435 		   reg_info->min_bw_2ghz, reg_info->max_bw_2ghz,
5436 		   reg_info->min_bw_5ghz, reg_info->max_bw_5ghz);
5437 
5438 	ath11k_dbg(ab, ATH11K_DBG_WMI,
5439 		   "num_2ghz_reg_rules %d num_5ghz_reg_rules %d",
5440 		   num_2ghz_reg_rules, num_5ghz_reg_rules);
5441 
5442 	wmi_reg_rule =
5443 #if defined(__linux__)
5444 		(struct wmi_regulatory_rule_struct *)((u8 *)chan_list_event_hdr
5445 #elif defined(__FreeBSD__)
5446 		(const struct wmi_regulatory_rule_struct *)((const u8 *)chan_list_event_hdr
5447 #endif
5448 						+ sizeof(*chan_list_event_hdr)
5449 						+ sizeof(struct wmi_tlv));
5450 
5451 	if (num_2ghz_reg_rules) {
5452 		reg_info->reg_rules_2ghz_ptr =
5453 				create_reg_rules_from_wmi(num_2ghz_reg_rules,
5454 							  wmi_reg_rule);
5455 		if (!reg_info->reg_rules_2ghz_ptr) {
5456 			kfree(tb);
5457 			ath11k_warn(ab, "Unable to Allocate memory for 2 GHz rules\n");
5458 			return -ENOMEM;
5459 		}
5460 
5461 		ath11k_print_reg_rule(ab, "2 GHz",
5462 				      num_2ghz_reg_rules,
5463 				      reg_info->reg_rules_2ghz_ptr);
5464 	}
5465 
5466 	if (num_5ghz_reg_rules) {
5467 		wmi_reg_rule += num_2ghz_reg_rules;
5468 		reg_info->reg_rules_5ghz_ptr =
5469 				create_reg_rules_from_wmi(num_5ghz_reg_rules,
5470 							  wmi_reg_rule);
5471 		if (!reg_info->reg_rules_5ghz_ptr) {
5472 			kfree(tb);
5473 			ath11k_warn(ab, "Unable to Allocate memory for 5 GHz rules\n");
5474 			return -ENOMEM;
5475 		}
5476 
5477 		ath11k_print_reg_rule(ab, "5 GHz",
5478 				      num_5ghz_reg_rules,
5479 				      reg_info->reg_rules_5ghz_ptr);
5480 	}
5481 
5482 	ath11k_dbg(ab, ATH11K_DBG_WMI, "processed regulatory channel list\n");
5483 
5484 	kfree(tb);
5485 	return 0;
5486 }
5487 
5488 static struct cur_reg_rule
5489 *create_ext_reg_rules_from_wmi(u32 num_reg_rules,
5490 #if defined(__linux__)
5491 			       struct wmi_regulatory_ext_rule *wmi_reg_rule)
5492 #elif defined(__FreeBSD__)
5493 			       const struct wmi_regulatory_ext_rule *wmi_reg_rule)
5494 #endif
5495 {
5496 	struct cur_reg_rule *reg_rule_ptr;
5497 	u32 count;
5498 
5499 	reg_rule_ptr =  kcalloc(num_reg_rules, sizeof(*reg_rule_ptr), GFP_ATOMIC);
5500 
5501 	if (!reg_rule_ptr)
5502 		return NULL;
5503 
5504 	for (count = 0; count < num_reg_rules; count++) {
5505 		reg_rule_ptr[count].start_freq =
5506 			u32_get_bits(wmi_reg_rule[count].freq_info,
5507 				     REG_RULE_START_FREQ);
5508 		reg_rule_ptr[count].end_freq =
5509 			u32_get_bits(wmi_reg_rule[count].freq_info,
5510 				     REG_RULE_END_FREQ);
5511 		reg_rule_ptr[count].max_bw =
5512 			u32_get_bits(wmi_reg_rule[count].bw_pwr_info,
5513 				     REG_RULE_MAX_BW);
5514 		reg_rule_ptr[count].reg_power =
5515 			u32_get_bits(wmi_reg_rule[count].bw_pwr_info,
5516 				     REG_RULE_REG_PWR);
5517 		reg_rule_ptr[count].ant_gain =
5518 			u32_get_bits(wmi_reg_rule[count].bw_pwr_info,
5519 				     REG_RULE_ANT_GAIN);
5520 		reg_rule_ptr[count].flags =
5521 			u32_get_bits(wmi_reg_rule[count].flag_info,
5522 				     REG_RULE_FLAGS);
5523 		reg_rule_ptr[count].psd_flag =
5524 			u32_get_bits(wmi_reg_rule[count].psd_power_info,
5525 				     REG_RULE_PSD_INFO);
5526 		reg_rule_ptr[count].psd_eirp =
5527 			u32_get_bits(wmi_reg_rule[count].psd_power_info,
5528 				     REG_RULE_PSD_EIRP);
5529 	}
5530 
5531 	return reg_rule_ptr;
5532 }
5533 
5534 static u8
5535 ath11k_invalid_5ghz_reg_ext_rules_from_wmi(u32 num_reg_rules,
5536 					   const struct wmi_regulatory_ext_rule *rule)
5537 {
5538 	u8 num_invalid_5ghz_rules = 0;
5539 	u32 count, start_freq;
5540 
5541 	for (count = 0; count < num_reg_rules; count++) {
5542 		start_freq = u32_get_bits(rule[count].freq_info,
5543 					  REG_RULE_START_FREQ);
5544 
5545 		if (start_freq >= ATH11K_MIN_6G_FREQ)
5546 			num_invalid_5ghz_rules++;
5547 	}
5548 
5549 	return num_invalid_5ghz_rules;
5550 }
5551 
5552 static int ath11k_pull_reg_chan_list_ext_update_ev(struct ath11k_base *ab,
5553 						   struct sk_buff *skb,
5554 						   struct cur_regulatory_info *reg_info)
5555 {
5556 	const void **tb;
5557 	const struct wmi_reg_chan_list_cc_ext_event *ev;
5558 #if defined(__linux__)
5559 	struct wmi_regulatory_ext_rule *ext_wmi_reg_rule;
5560 #elif defined(__FreeBSD__)
5561 	const struct wmi_regulatory_ext_rule *ext_wmi_reg_rule;
5562 #endif
5563 	u32 num_2ghz_reg_rules, num_5ghz_reg_rules;
5564 	u32 num_6ghz_reg_rules_ap[WMI_REG_CURRENT_MAX_AP_TYPE];
5565 	u32 num_6ghz_client[WMI_REG_CURRENT_MAX_AP_TYPE][WMI_REG_MAX_CLIENT_TYPE];
5566 	u32 total_reg_rules = 0;
5567 	int ret, i, j, num_invalid_5ghz_ext_rules = 0;
5568 
5569 	ath11k_dbg(ab, ATH11K_DBG_WMI, "processing regulatory ext channel list\n");
5570 
5571 	tb = ath11k_wmi_tlv_parse_alloc(ab, skb->data, skb->len, GFP_ATOMIC);
5572 	if (IS_ERR(tb)) {
5573 		ret = PTR_ERR(tb);
5574 		ath11k_warn(ab, "failed to parse tlv: %d\n", ret);
5575 		return ret;
5576 	}
5577 
5578 	ev = tb[WMI_TAG_REG_CHAN_LIST_CC_EXT_EVENT];
5579 	if (!ev) {
5580 		ath11k_warn(ab, "failed to fetch reg chan list ext update ev\n");
5581 		kfree(tb);
5582 		return -EPROTO;
5583 	}
5584 
5585 	reg_info->num_2ghz_reg_rules = ev->num_2ghz_reg_rules;
5586 	reg_info->num_5ghz_reg_rules = ev->num_5ghz_reg_rules;
5587 	reg_info->num_6ghz_rules_ap[WMI_REG_INDOOR_AP] =
5588 			ev->num_6ghz_reg_rules_ap_lpi;
5589 	reg_info->num_6ghz_rules_ap[WMI_REG_STANDARD_POWER_AP] =
5590 			ev->num_6ghz_reg_rules_ap_sp;
5591 	reg_info->num_6ghz_rules_ap[WMI_REG_VERY_LOW_POWER_AP] =
5592 			ev->num_6ghz_reg_rules_ap_vlp;
5593 
5594 	for (i = 0; i < WMI_REG_MAX_CLIENT_TYPE; i++) {
5595 		reg_info->num_6ghz_rules_client[WMI_REG_INDOOR_AP][i] =
5596 			ev->num_6ghz_reg_rules_client_lpi[i];
5597 		reg_info->num_6ghz_rules_client[WMI_REG_STANDARD_POWER_AP][i] =
5598 			ev->num_6ghz_reg_rules_client_sp[i];
5599 		reg_info->num_6ghz_rules_client[WMI_REG_VERY_LOW_POWER_AP][i] =
5600 			ev->num_6ghz_reg_rules_client_vlp[i];
5601 	}
5602 
5603 	num_2ghz_reg_rules = reg_info->num_2ghz_reg_rules;
5604 	num_5ghz_reg_rules = reg_info->num_5ghz_reg_rules;
5605 
5606 	total_reg_rules += num_2ghz_reg_rules;
5607 	total_reg_rules += num_5ghz_reg_rules;
5608 
5609 	if ((num_2ghz_reg_rules > MAX_REG_RULES) ||
5610 	    (num_5ghz_reg_rules > MAX_REG_RULES)) {
5611 		ath11k_warn(ab, "Num reg rules for 2.4 GHz/5 GHz exceeds max limit (num_2ghz_reg_rules: %d num_5ghz_reg_rules: %d max_rules: %d)\n",
5612 			    num_2ghz_reg_rules, num_5ghz_reg_rules, MAX_REG_RULES);
5613 		kfree(tb);
5614 		return -EINVAL;
5615 	}
5616 
5617 	for (i = 0; i < WMI_REG_CURRENT_MAX_AP_TYPE; i++) {
5618 		num_6ghz_reg_rules_ap[i] = reg_info->num_6ghz_rules_ap[i];
5619 
5620 		if (num_6ghz_reg_rules_ap[i] > MAX_6GHZ_REG_RULES) {
5621 			ath11k_warn(ab, "Num 6 GHz reg rules for AP mode(%d) exceeds max limit (num_6ghz_reg_rules_ap: %d, max_rules: %d)\n",
5622 				    i, num_6ghz_reg_rules_ap[i], MAX_6GHZ_REG_RULES);
5623 			kfree(tb);
5624 			return -EINVAL;
5625 		}
5626 
5627 		total_reg_rules += num_6ghz_reg_rules_ap[i];
5628 	}
5629 
5630 	for (i = 0; i < WMI_REG_MAX_CLIENT_TYPE; i++) {
5631 		num_6ghz_client[WMI_REG_INDOOR_AP][i] =
5632 			reg_info->num_6ghz_rules_client[WMI_REG_INDOOR_AP][i];
5633 		total_reg_rules += num_6ghz_client[WMI_REG_INDOOR_AP][i];
5634 
5635 		num_6ghz_client[WMI_REG_STANDARD_POWER_AP][i] =
5636 			reg_info->num_6ghz_rules_client[WMI_REG_STANDARD_POWER_AP][i];
5637 		total_reg_rules += num_6ghz_client[WMI_REG_STANDARD_POWER_AP][i];
5638 
5639 		num_6ghz_client[WMI_REG_VERY_LOW_POWER_AP][i] =
5640 			reg_info->num_6ghz_rules_client[WMI_REG_VERY_LOW_POWER_AP][i];
5641 		total_reg_rules += num_6ghz_client[WMI_REG_VERY_LOW_POWER_AP][i];
5642 
5643 		if ((num_6ghz_client[WMI_REG_INDOOR_AP][i] > MAX_6GHZ_REG_RULES) ||
5644 		    (num_6ghz_client[WMI_REG_STANDARD_POWER_AP][i] >
5645 							     MAX_6GHZ_REG_RULES) ||
5646 		    (num_6ghz_client[WMI_REG_VERY_LOW_POWER_AP][i] >
5647 							     MAX_6GHZ_REG_RULES)) {
5648 			ath11k_warn(ab,
5649 				    "Num 6 GHz client reg rules exceeds max limit, for client(type: %d)\n",
5650 				    i);
5651 			kfree(tb);
5652 			return -EINVAL;
5653 		}
5654 	}
5655 
5656 	if (!total_reg_rules) {
5657 		ath11k_warn(ab, "No reg rules available\n");
5658 		kfree(tb);
5659 		return -EINVAL;
5660 	}
5661 
5662 	memcpy(reg_info->alpha2, &ev->alpha2, REG_ALPHA2_LEN);
5663 
5664 	reg_info->dfs_region = ev->dfs_region;
5665 	reg_info->phybitmap = ev->phybitmap;
5666 	reg_info->num_phy = ev->num_phy;
5667 	reg_info->phy_id = ev->phy_id;
5668 	reg_info->ctry_code = ev->country_id;
5669 	reg_info->reg_dmn_pair = ev->domain_code;
5670 
5671 	ath11k_dbg(ab, ATH11K_DBG_WMI,
5672 		   "status_code %s",
5673 		   ath11k_cc_status_to_str(reg_info->status_code));
5674 
5675 	reg_info->status_code =
5676 		ath11k_wmi_cc_setting_code_to_reg(ev->status_code);
5677 
5678 	reg_info->is_ext_reg_event = true;
5679 
5680 	reg_info->min_bw_2ghz = ev->min_bw_2ghz;
5681 	reg_info->max_bw_2ghz = ev->max_bw_2ghz;
5682 	reg_info->min_bw_5ghz = ev->min_bw_5ghz;
5683 	reg_info->max_bw_5ghz = ev->max_bw_5ghz;
5684 
5685 	reg_info->min_bw_6ghz_ap[WMI_REG_INDOOR_AP] =
5686 			ev->min_bw_6ghz_ap_lpi;
5687 	reg_info->max_bw_6ghz_ap[WMI_REG_INDOOR_AP] =
5688 			ev->max_bw_6ghz_ap_lpi;
5689 	reg_info->min_bw_6ghz_ap[WMI_REG_STANDARD_POWER_AP] =
5690 			ev->min_bw_6ghz_ap_sp;
5691 	reg_info->max_bw_6ghz_ap[WMI_REG_STANDARD_POWER_AP] =
5692 			ev->max_bw_6ghz_ap_sp;
5693 	reg_info->min_bw_6ghz_ap[WMI_REG_VERY_LOW_POWER_AP] =
5694 			ev->min_bw_6ghz_ap_vlp;
5695 	reg_info->max_bw_6ghz_ap[WMI_REG_VERY_LOW_POWER_AP] =
5696 			ev->max_bw_6ghz_ap_vlp;
5697 
5698 	ath11k_dbg(ab, ATH11K_DBG_WMI,
5699 		   "6 GHz AP BW: LPI (%d - %d), SP (%d - %d), VLP (%d - %d)\n",
5700 		   reg_info->min_bw_6ghz_ap[WMI_REG_INDOOR_AP],
5701 		   reg_info->max_bw_6ghz_ap[WMI_REG_INDOOR_AP],
5702 		   reg_info->min_bw_6ghz_ap[WMI_REG_STANDARD_POWER_AP],
5703 		   reg_info->max_bw_6ghz_ap[WMI_REG_STANDARD_POWER_AP],
5704 		   reg_info->min_bw_6ghz_ap[WMI_REG_VERY_LOW_POWER_AP],
5705 		   reg_info->max_bw_6ghz_ap[WMI_REG_VERY_LOW_POWER_AP]);
5706 
5707 	for (i = 0; i < WMI_REG_MAX_CLIENT_TYPE; i++) {
5708 		reg_info->min_bw_6ghz_client[WMI_REG_INDOOR_AP][i] =
5709 				ev->min_bw_6ghz_client_lpi[i];
5710 		reg_info->max_bw_6ghz_client[WMI_REG_INDOOR_AP][i] =
5711 				ev->max_bw_6ghz_client_lpi[i];
5712 		reg_info->min_bw_6ghz_client[WMI_REG_STANDARD_POWER_AP][i] =
5713 				ev->min_bw_6ghz_client_sp[i];
5714 		reg_info->max_bw_6ghz_client[WMI_REG_STANDARD_POWER_AP][i] =
5715 				ev->max_bw_6ghz_client_sp[i];
5716 		reg_info->min_bw_6ghz_client[WMI_REG_VERY_LOW_POWER_AP][i] =
5717 				ev->min_bw_6ghz_client_vlp[i];
5718 		reg_info->max_bw_6ghz_client[WMI_REG_VERY_LOW_POWER_AP][i] =
5719 				ev->max_bw_6ghz_client_vlp[i];
5720 
5721 		ath11k_dbg(ab, ATH11K_DBG_WMI,
5722 			   "6 GHz %s BW: LPI (%d - %d), SP (%d - %d), VLP (%d - %d)\n",
5723 			   ath11k_6ghz_client_type_to_str(i),
5724 			   reg_info->min_bw_6ghz_client[WMI_REG_INDOOR_AP][i],
5725 			   reg_info->max_bw_6ghz_client[WMI_REG_INDOOR_AP][i],
5726 			   reg_info->min_bw_6ghz_client[WMI_REG_STANDARD_POWER_AP][i],
5727 			   reg_info->max_bw_6ghz_client[WMI_REG_STANDARD_POWER_AP][i],
5728 			   reg_info->min_bw_6ghz_client[WMI_REG_VERY_LOW_POWER_AP][i],
5729 			   reg_info->max_bw_6ghz_client[WMI_REG_VERY_LOW_POWER_AP][i]);
5730 	}
5731 
5732 	ath11k_dbg(ab, ATH11K_DBG_WMI,
5733 		   "cc_ext %s dsf %d BW: min_2ghz %d max_2ghz %d min_5ghz %d max_5ghz %d",
5734 		   reg_info->alpha2, reg_info->dfs_region,
5735 		   reg_info->min_bw_2ghz, reg_info->max_bw_2ghz,
5736 		   reg_info->min_bw_5ghz, reg_info->max_bw_5ghz);
5737 
5738 	ath11k_dbg(ab, ATH11K_DBG_WMI,
5739 		   "num_2ghz_reg_rules %d num_5ghz_reg_rules %d",
5740 		   num_2ghz_reg_rules, num_5ghz_reg_rules);
5741 
5742 	ath11k_dbg(ab, ATH11K_DBG_WMI,
5743 		   "num_6ghz_reg_rules_ap_lpi: %d num_6ghz_reg_rules_ap_sp: %d num_6ghz_reg_rules_ap_vlp: %d",
5744 		   num_6ghz_reg_rules_ap[WMI_REG_INDOOR_AP],
5745 		   num_6ghz_reg_rules_ap[WMI_REG_STANDARD_POWER_AP],
5746 		   num_6ghz_reg_rules_ap[WMI_REG_VERY_LOW_POWER_AP]);
5747 
5748 	j = WMI_REG_DEFAULT_CLIENT;
5749 	ath11k_dbg(ab, ATH11K_DBG_WMI,
5750 		   "6 GHz Regular client: num_6ghz_reg_rules_lpi: %d num_6ghz_reg_rules_sp: %d num_6ghz_reg_rules_vlp: %d",
5751 		   num_6ghz_client[WMI_REG_INDOOR_AP][j],
5752 		   num_6ghz_client[WMI_REG_STANDARD_POWER_AP][j],
5753 		   num_6ghz_client[WMI_REG_VERY_LOW_POWER_AP][j]);
5754 
5755 	j = WMI_REG_SUBORDINATE_CLIENT;
5756 	ath11k_dbg(ab, ATH11K_DBG_WMI,
5757 		   "6 GHz Subordinate client: num_6ghz_reg_rules_lpi: %d num_6ghz_reg_rules_sp: %d num_6ghz_reg_rules_vlp: %d",
5758 		   num_6ghz_client[WMI_REG_INDOOR_AP][j],
5759 		   num_6ghz_client[WMI_REG_STANDARD_POWER_AP][j],
5760 		   num_6ghz_client[WMI_REG_VERY_LOW_POWER_AP][j]);
5761 
5762 	ext_wmi_reg_rule =
5763 #if defined(__linux__)
5764 		(struct wmi_regulatory_ext_rule *)((u8 *)ev + sizeof(*ev) +
5765 #elif defined(__FreeBSD__)
5766 		(const struct wmi_regulatory_ext_rule *)((const u8 *)ev + sizeof(*ev) +
5767 #endif
5768 						   sizeof(struct wmi_tlv));
5769 	if (num_2ghz_reg_rules) {
5770 		reg_info->reg_rules_2ghz_ptr =
5771 			create_ext_reg_rules_from_wmi(num_2ghz_reg_rules,
5772 						      ext_wmi_reg_rule);
5773 
5774 		if (!reg_info->reg_rules_2ghz_ptr) {
5775 			kfree(tb);
5776 			ath11k_warn(ab, "Unable to Allocate memory for 2 GHz rules\n");
5777 			return -ENOMEM;
5778 		}
5779 
5780 		ath11k_print_reg_rule(ab, "2 GHz",
5781 				      num_2ghz_reg_rules,
5782 				      reg_info->reg_rules_2ghz_ptr);
5783 	}
5784 
5785 	ext_wmi_reg_rule += num_2ghz_reg_rules;
5786 
5787 	/* Firmware might include 6 GHz reg rule in 5 GHz rule list
5788 	 * for few countries along with separate 6 GHz rule.
5789 	 * Having same 6 GHz reg rule in 5 GHz and 6 GHz rules list
5790 	 * causes intersect check to be true, and same rules will be
5791 	 * shown multiple times in iw cmd.
5792 	 * Hence, avoid parsing 6 GHz rule from 5 GHz reg rule list
5793 	 */
5794 	num_invalid_5ghz_ext_rules =
5795 		ath11k_invalid_5ghz_reg_ext_rules_from_wmi(num_5ghz_reg_rules,
5796 							   ext_wmi_reg_rule);
5797 
5798 	if (num_invalid_5ghz_ext_rules) {
5799 		ath11k_dbg(ab, ATH11K_DBG_WMI,
5800 			   "CC: %s 5 GHz reg rules number %d from fw, %d number of invalid 5 GHz rules",
5801 			   reg_info->alpha2, reg_info->num_5ghz_reg_rules,
5802 			   num_invalid_5ghz_ext_rules);
5803 
5804 		num_5ghz_reg_rules = num_5ghz_reg_rules - num_invalid_5ghz_ext_rules;
5805 		reg_info->num_5ghz_reg_rules = num_5ghz_reg_rules;
5806 	}
5807 
5808 	if (num_5ghz_reg_rules) {
5809 		reg_info->reg_rules_5ghz_ptr =
5810 			create_ext_reg_rules_from_wmi(num_5ghz_reg_rules,
5811 						      ext_wmi_reg_rule);
5812 
5813 		if (!reg_info->reg_rules_5ghz_ptr) {
5814 			kfree(tb);
5815 			ath11k_warn(ab, "Unable to Allocate memory for 5 GHz rules\n");
5816 			return -ENOMEM;
5817 		}
5818 
5819 		ath11k_print_reg_rule(ab, "5 GHz",
5820 				      num_5ghz_reg_rules,
5821 				      reg_info->reg_rules_5ghz_ptr);
5822 	}
5823 
5824 	/* We have adjusted the number of 5 GHz reg rules above. But still those
5825 	 * many rules needs to be adjusted in ext_wmi_reg_rule.
5826 	 *
5827 	 * NOTE: num_invalid_5ghz_ext_rules will be 0 for rest other cases.
5828 	 */
5829 	ext_wmi_reg_rule += (num_5ghz_reg_rules + num_invalid_5ghz_ext_rules);
5830 
5831 	for (i = 0; i < WMI_REG_CURRENT_MAX_AP_TYPE; i++) {
5832 		reg_info->reg_rules_6ghz_ap_ptr[i] =
5833 			create_ext_reg_rules_from_wmi(num_6ghz_reg_rules_ap[i],
5834 						      ext_wmi_reg_rule);
5835 
5836 		if (!reg_info->reg_rules_6ghz_ap_ptr[i]) {
5837 			kfree(tb);
5838 			ath11k_warn(ab, "Unable to Allocate memory for 6 GHz AP rules\n");
5839 			return -ENOMEM;
5840 		}
5841 
5842 		ath11k_print_reg_rule(ab, ath11k_6ghz_ap_type_to_str(i),
5843 				      num_6ghz_reg_rules_ap[i],
5844 				      reg_info->reg_rules_6ghz_ap_ptr[i]);
5845 
5846 		ext_wmi_reg_rule += num_6ghz_reg_rules_ap[i];
5847 	}
5848 
5849 	for (j = 0; j < WMI_REG_CURRENT_MAX_AP_TYPE; j++) {
5850 		ath11k_dbg(ab, ATH11K_DBG_WMI,
5851 			   "6 GHz AP type %s", ath11k_6ghz_ap_type_to_str(j));
5852 
5853 		for (i = 0; i < WMI_REG_MAX_CLIENT_TYPE; i++) {
5854 			reg_info->reg_rules_6ghz_client_ptr[j][i] =
5855 				create_ext_reg_rules_from_wmi(num_6ghz_client[j][i],
5856 							      ext_wmi_reg_rule);
5857 
5858 			if (!reg_info->reg_rules_6ghz_client_ptr[j][i]) {
5859 				kfree(tb);
5860 				ath11k_warn(ab, "Unable to Allocate memory for 6 GHz client rules\n");
5861 				return -ENOMEM;
5862 			}
5863 
5864 			ath11k_print_reg_rule(ab,
5865 					      ath11k_6ghz_client_type_to_str(i),
5866 					      num_6ghz_client[j][i],
5867 					      reg_info->reg_rules_6ghz_client_ptr[j][i]);
5868 
5869 			ext_wmi_reg_rule += num_6ghz_client[j][i];
5870 		}
5871 	}
5872 
5873 	reg_info->client_type = ev->client_type;
5874 	reg_info->rnr_tpe_usable = ev->rnr_tpe_usable;
5875 	reg_info->unspecified_ap_usable =
5876 			ev->unspecified_ap_usable;
5877 	reg_info->domain_code_6ghz_ap[WMI_REG_INDOOR_AP] =
5878 			ev->domain_code_6ghz_ap_lpi;
5879 	reg_info->domain_code_6ghz_ap[WMI_REG_STANDARD_POWER_AP] =
5880 			ev->domain_code_6ghz_ap_sp;
5881 	reg_info->domain_code_6ghz_ap[WMI_REG_VERY_LOW_POWER_AP] =
5882 			ev->domain_code_6ghz_ap_vlp;
5883 
5884 	ath11k_dbg(ab, ATH11K_DBG_WMI,
5885 		   "6 GHz reg info client type %s rnr_tpe_usable %d unspecified_ap_usable %d AP sub domain: lpi %s, sp %s, vlp %s\n",
5886 		   ath11k_6ghz_client_type_to_str(reg_info->client_type),
5887 		   reg_info->rnr_tpe_usable,
5888 		   reg_info->unspecified_ap_usable,
5889 		   ath11k_sub_reg_6ghz_to_str(ev->domain_code_6ghz_ap_lpi),
5890 		   ath11k_sub_reg_6ghz_to_str(ev->domain_code_6ghz_ap_sp),
5891 		   ath11k_sub_reg_6ghz_to_str(ev->domain_code_6ghz_ap_vlp));
5892 
5893 	for (i = 0; i < WMI_REG_MAX_CLIENT_TYPE; i++) {
5894 		reg_info->domain_code_6ghz_client[WMI_REG_INDOOR_AP][i] =
5895 				ev->domain_code_6ghz_client_lpi[i];
5896 		reg_info->domain_code_6ghz_client[WMI_REG_STANDARD_POWER_AP][i] =
5897 				ev->domain_code_6ghz_client_sp[i];
5898 		reg_info->domain_code_6ghz_client[WMI_REG_VERY_LOW_POWER_AP][i] =
5899 				ev->domain_code_6ghz_client_vlp[i];
5900 
5901 		ath11k_dbg(ab, ATH11K_DBG_WMI,
5902 			   "6 GHz client type %s client sub domain: lpi %s, sp %s, vlp %s\n",
5903 			   ath11k_6ghz_client_type_to_str(i),
5904 			   ath11k_sub_reg_6ghz_to_str(ev->domain_code_6ghz_client_lpi[i]),
5905 			   ath11k_sub_reg_6ghz_to_str(ev->domain_code_6ghz_client_sp[i]),
5906 			   ath11k_sub_reg_6ghz_to_str(ev->domain_code_6ghz_client_vlp[i])
5907 			  );
5908 	}
5909 
5910 	reg_info->domain_code_6ghz_super_id = ev->domain_code_6ghz_super_id;
5911 
5912 	ath11k_dbg(ab, ATH11K_DBG_WMI,
5913 		   "6 GHz client_type %s 6 GHz super domain %s",
5914 		   ath11k_6ghz_client_type_to_str(reg_info->client_type),
5915 		   ath11k_super_reg_6ghz_to_str(reg_info->domain_code_6ghz_super_id));
5916 
5917 	ath11k_dbg(ab, ATH11K_DBG_WMI, "processed regulatory ext channel list\n");
5918 
5919 	kfree(tb);
5920 	return 0;
5921 }
5922 
5923 static int ath11k_pull_peer_del_resp_ev(struct ath11k_base *ab, struct sk_buff *skb,
5924 					struct wmi_peer_delete_resp_event *peer_del_resp)
5925 {
5926 	const void **tb;
5927 	const struct wmi_peer_delete_resp_event *ev;
5928 	int ret;
5929 
5930 	tb = ath11k_wmi_tlv_parse_alloc(ab, skb->data, skb->len, GFP_ATOMIC);
5931 	if (IS_ERR(tb)) {
5932 		ret = PTR_ERR(tb);
5933 		ath11k_warn(ab, "failed to parse tlv: %d\n", ret);
5934 		return ret;
5935 	}
5936 
5937 	ev = tb[WMI_TAG_PEER_DELETE_RESP_EVENT];
5938 	if (!ev) {
5939 		ath11k_warn(ab, "failed to fetch peer delete resp ev");
5940 		kfree(tb);
5941 		return -EPROTO;
5942 	}
5943 
5944 	memset(peer_del_resp, 0, sizeof(*peer_del_resp));
5945 
5946 	peer_del_resp->vdev_id = ev->vdev_id;
5947 	ether_addr_copy(peer_del_resp->peer_macaddr.addr,
5948 			ev->peer_macaddr.addr);
5949 
5950 	kfree(tb);
5951 	return 0;
5952 }
5953 
5954 static int ath11k_pull_vdev_del_resp_ev(struct ath11k_base *ab,
5955 					struct sk_buff *skb,
5956 					u32 *vdev_id)
5957 {
5958 	const void **tb;
5959 	const struct wmi_vdev_delete_resp_event *ev;
5960 	int ret;
5961 
5962 	tb = ath11k_wmi_tlv_parse_alloc(ab, skb->data, skb->len, GFP_ATOMIC);
5963 	if (IS_ERR(tb)) {
5964 		ret = PTR_ERR(tb);
5965 		ath11k_warn(ab, "failed to parse tlv: %d\n", ret);
5966 		return ret;
5967 	}
5968 
5969 	ev = tb[WMI_TAG_VDEV_DELETE_RESP_EVENT];
5970 	if (!ev) {
5971 		ath11k_warn(ab, "failed to fetch vdev delete resp ev");
5972 		kfree(tb);
5973 		return -EPROTO;
5974 	}
5975 
5976 	*vdev_id = ev->vdev_id;
5977 
5978 	kfree(tb);
5979 	return 0;
5980 }
5981 
5982 static int ath11k_pull_bcn_tx_status_ev(struct ath11k_base *ab, void *evt_buf,
5983 					u32 len, u32 *vdev_id,
5984 					u32 *tx_status)
5985 {
5986 	const void **tb;
5987 	const struct wmi_bcn_tx_status_event *ev;
5988 	int ret;
5989 
5990 	tb = ath11k_wmi_tlv_parse_alloc(ab, evt_buf, len, GFP_ATOMIC);
5991 	if (IS_ERR(tb)) {
5992 		ret = PTR_ERR(tb);
5993 		ath11k_warn(ab, "failed to parse tlv: %d\n", ret);
5994 		return ret;
5995 	}
5996 
5997 	ev = tb[WMI_TAG_OFFLOAD_BCN_TX_STATUS_EVENT];
5998 	if (!ev) {
5999 		ath11k_warn(ab, "failed to fetch bcn tx status ev");
6000 		kfree(tb);
6001 		return -EPROTO;
6002 	}
6003 
6004 	*vdev_id   = ev->vdev_id;
6005 	*tx_status = ev->tx_status;
6006 
6007 	kfree(tb);
6008 	return 0;
6009 }
6010 
6011 static int ath11k_pull_vdev_stopped_param_tlv(struct ath11k_base *ab, struct sk_buff *skb,
6012 					      u32 *vdev_id)
6013 {
6014 	const void **tb;
6015 	const struct wmi_vdev_stopped_event *ev;
6016 	int ret;
6017 
6018 	tb = ath11k_wmi_tlv_parse_alloc(ab, skb->data, skb->len, GFP_ATOMIC);
6019 	if (IS_ERR(tb)) {
6020 		ret = PTR_ERR(tb);
6021 		ath11k_warn(ab, "failed to parse tlv: %d\n", ret);
6022 		return ret;
6023 	}
6024 
6025 	ev = tb[WMI_TAG_VDEV_STOPPED_EVENT];
6026 	if (!ev) {
6027 		ath11k_warn(ab, "failed to fetch vdev stop ev");
6028 		kfree(tb);
6029 		return -EPROTO;
6030 	}
6031 
6032 	*vdev_id =  ev->vdev_id;
6033 
6034 	kfree(tb);
6035 	return 0;
6036 }
6037 
6038 static int ath11k_wmi_tlv_mgmt_rx_parse(struct ath11k_base *ab,
6039 					u16 tag, u16 len,
6040 					const void *ptr, void *data)
6041 {
6042 	struct wmi_tlv_mgmt_rx_parse *parse = data;
6043 
6044 	switch (tag) {
6045 	case WMI_TAG_MGMT_RX_HDR:
6046 		parse->fixed = ptr;
6047 		break;
6048 	case WMI_TAG_ARRAY_BYTE:
6049 		if (!parse->frame_buf_done) {
6050 			parse->frame_buf = ptr;
6051 			parse->frame_buf_done = true;
6052 		}
6053 		break;
6054 	}
6055 	return 0;
6056 }
6057 
6058 static int ath11k_pull_mgmt_rx_params_tlv(struct ath11k_base *ab,
6059 					  struct sk_buff *skb,
6060 					  struct mgmt_rx_event_params *hdr)
6061 {
6062 	struct wmi_tlv_mgmt_rx_parse parse = { };
6063 	const struct wmi_mgmt_rx_hdr *ev;
6064 	const u8 *frame;
6065 	int ret;
6066 
6067 	ret = ath11k_wmi_tlv_iter(ab, skb->data, skb->len,
6068 				  ath11k_wmi_tlv_mgmt_rx_parse,
6069 				  &parse);
6070 	if (ret) {
6071 		ath11k_warn(ab, "failed to parse mgmt rx tlv %d\n",
6072 			    ret);
6073 		return ret;
6074 	}
6075 
6076 	ev = parse.fixed;
6077 	frame = parse.frame_buf;
6078 
6079 	if (!ev || !frame) {
6080 		ath11k_warn(ab, "failed to fetch mgmt rx hdr");
6081 		return -EPROTO;
6082 	}
6083 
6084 	hdr->pdev_id =  ev->pdev_id;
6085 	hdr->chan_freq = ev->chan_freq;
6086 	hdr->channel =  ev->channel;
6087 	hdr->snr =  ev->snr;
6088 	hdr->rate =  ev->rate;
6089 	hdr->phy_mode =  ev->phy_mode;
6090 	hdr->buf_len =  ev->buf_len;
6091 	hdr->status =  ev->status;
6092 	hdr->flags =  ev->flags;
6093 	hdr->rssi =  ev->rssi;
6094 	hdr->tsf_delta =  ev->tsf_delta;
6095 	memcpy(hdr->rssi_ctl, ev->rssi_ctl, sizeof(hdr->rssi_ctl));
6096 
6097 	if (skb->len < (frame - skb->data) + hdr->buf_len) {
6098 		ath11k_warn(ab, "invalid length in mgmt rx hdr ev");
6099 		return -EPROTO;
6100 	}
6101 
6102 	/* shift the sk_buff to point to `frame` */
6103 	skb_trim(skb, 0);
6104 	skb_put(skb, frame - skb->data);
6105 	skb_pull(skb, frame - skb->data);
6106 	skb_put(skb, hdr->buf_len);
6107 
6108 	ath11k_ce_byte_swap(skb->data, hdr->buf_len);
6109 
6110 	return 0;
6111 }
6112 
6113 static int wmi_process_mgmt_tx_comp(struct ath11k *ar,
6114 				    struct wmi_mgmt_tx_compl_event *tx_compl_param)
6115 {
6116 	struct sk_buff *msdu;
6117 	struct ieee80211_tx_info *info;
6118 	struct ath11k_skb_cb *skb_cb;
6119 	int num_mgmt;
6120 
6121 	spin_lock_bh(&ar->txmgmt_idr_lock);
6122 	msdu = idr_find(&ar->txmgmt_idr, tx_compl_param->desc_id);
6123 
6124 	if (!msdu) {
6125 		ath11k_warn(ar->ab, "received mgmt tx compl for invalid msdu_id: %d\n",
6126 			    tx_compl_param->desc_id);
6127 		spin_unlock_bh(&ar->txmgmt_idr_lock);
6128 		return -ENOENT;
6129 	}
6130 
6131 	idr_remove(&ar->txmgmt_idr, tx_compl_param->desc_id);
6132 	spin_unlock_bh(&ar->txmgmt_idr_lock);
6133 
6134 	skb_cb = ATH11K_SKB_CB(msdu);
6135 	dma_unmap_single(ar->ab->dev, skb_cb->paddr, msdu->len, DMA_TO_DEVICE);
6136 
6137 	info = IEEE80211_SKB_CB(msdu);
6138 	if ((!(info->flags & IEEE80211_TX_CTL_NO_ACK)) &&
6139 	    !tx_compl_param->status) {
6140 		info->flags |= IEEE80211_TX_STAT_ACK;
6141 		if (test_bit(WMI_TLV_SERVICE_TX_DATA_MGMT_ACK_RSSI,
6142 			     ar->ab->wmi_ab.svc_map))
6143 			info->status.ack_signal = tx_compl_param->ack_rssi;
6144 	}
6145 
6146 	ieee80211_tx_status_irqsafe(ar->hw, msdu);
6147 
6148 	num_mgmt = atomic_dec_if_positive(&ar->num_pending_mgmt_tx);
6149 
6150 	/* WARN when we received this event without doing any mgmt tx */
6151 	if (num_mgmt < 0)
6152 		WARN_ON_ONCE(1);
6153 
6154 	ath11k_dbg(ar->ab, ATH11K_DBG_WMI,
6155 		   "mgmt tx comp pending %d desc id %d\n",
6156 		   num_mgmt, tx_compl_param->desc_id);
6157 
6158 	if (!num_mgmt)
6159 		wake_up(&ar->txmgmt_empty_waitq);
6160 
6161 	return 0;
6162 }
6163 
6164 static int ath11k_pull_mgmt_tx_compl_param_tlv(struct ath11k_base *ab,
6165 					       struct sk_buff *skb,
6166 					       struct wmi_mgmt_tx_compl_event *param)
6167 {
6168 	const void **tb;
6169 	const struct wmi_mgmt_tx_compl_event *ev;
6170 	int ret;
6171 
6172 	tb = ath11k_wmi_tlv_parse_alloc(ab, skb->data, skb->len, GFP_ATOMIC);
6173 	if (IS_ERR(tb)) {
6174 		ret = PTR_ERR(tb);
6175 		ath11k_warn(ab, "failed to parse tlv: %d\n", ret);
6176 		return ret;
6177 	}
6178 
6179 	ev = tb[WMI_TAG_MGMT_TX_COMPL_EVENT];
6180 	if (!ev) {
6181 		ath11k_warn(ab, "failed to fetch mgmt tx compl ev");
6182 		kfree(tb);
6183 		return -EPROTO;
6184 	}
6185 
6186 	param->pdev_id = ev->pdev_id;
6187 	param->desc_id = ev->desc_id;
6188 	param->status = ev->status;
6189 	param->ack_rssi = ev->ack_rssi;
6190 
6191 	kfree(tb);
6192 	return 0;
6193 }
6194 
6195 static void ath11k_wmi_event_scan_started(struct ath11k *ar)
6196 {
6197 	lockdep_assert_held(&ar->data_lock);
6198 
6199 	switch (ar->scan.state) {
6200 	case ATH11K_SCAN_IDLE:
6201 	case ATH11K_SCAN_RUNNING:
6202 	case ATH11K_SCAN_ABORTING:
6203 		ath11k_warn(ar->ab, "received scan started event in an invalid scan state: %s (%d)\n",
6204 			    ath11k_scan_state_str(ar->scan.state),
6205 			    ar->scan.state);
6206 		break;
6207 	case ATH11K_SCAN_STARTING:
6208 		ar->scan.state = ATH11K_SCAN_RUNNING;
6209 		if (ar->scan.is_roc)
6210 			ieee80211_ready_on_channel(ar->hw);
6211 		complete(&ar->scan.started);
6212 		break;
6213 	}
6214 }
6215 
6216 static void ath11k_wmi_event_scan_start_failed(struct ath11k *ar)
6217 {
6218 	lockdep_assert_held(&ar->data_lock);
6219 
6220 	switch (ar->scan.state) {
6221 	case ATH11K_SCAN_IDLE:
6222 	case ATH11K_SCAN_RUNNING:
6223 	case ATH11K_SCAN_ABORTING:
6224 		ath11k_warn(ar->ab, "received scan start failed event in an invalid scan state: %s (%d)\n",
6225 			    ath11k_scan_state_str(ar->scan.state),
6226 			    ar->scan.state);
6227 		break;
6228 	case ATH11K_SCAN_STARTING:
6229 		complete(&ar->scan.started);
6230 		__ath11k_mac_scan_finish(ar);
6231 		break;
6232 	}
6233 }
6234 
6235 static void ath11k_wmi_event_scan_completed(struct ath11k *ar)
6236 {
6237 	lockdep_assert_held(&ar->data_lock);
6238 
6239 	switch (ar->scan.state) {
6240 	case ATH11K_SCAN_IDLE:
6241 	case ATH11K_SCAN_STARTING:
6242 		/* One suspected reason scan can be completed while starting is
6243 		 * if firmware fails to deliver all scan events to the host,
6244 		 * e.g. when transport pipe is full. This has been observed
6245 		 * with spectral scan phyerr events starving wmi transport
6246 		 * pipe. In such case the "scan completed" event should be (and
6247 		 * is) ignored by the host as it may be just firmware's scan
6248 		 * state machine recovering.
6249 		 */
6250 		ath11k_warn(ar->ab, "received scan completed event in an invalid scan state: %s (%d)\n",
6251 			    ath11k_scan_state_str(ar->scan.state),
6252 			    ar->scan.state);
6253 		break;
6254 	case ATH11K_SCAN_RUNNING:
6255 	case ATH11K_SCAN_ABORTING:
6256 		__ath11k_mac_scan_finish(ar);
6257 		break;
6258 	}
6259 }
6260 
6261 static void ath11k_wmi_event_scan_bss_chan(struct ath11k *ar)
6262 {
6263 	lockdep_assert_held(&ar->data_lock);
6264 
6265 	switch (ar->scan.state) {
6266 	case ATH11K_SCAN_IDLE:
6267 	case ATH11K_SCAN_STARTING:
6268 		ath11k_warn(ar->ab, "received scan bss chan event in an invalid scan state: %s (%d)\n",
6269 			    ath11k_scan_state_str(ar->scan.state),
6270 			    ar->scan.state);
6271 		break;
6272 	case ATH11K_SCAN_RUNNING:
6273 	case ATH11K_SCAN_ABORTING:
6274 		ar->scan_channel = NULL;
6275 		break;
6276 	}
6277 }
6278 
6279 static void ath11k_wmi_event_scan_foreign_chan(struct ath11k *ar, u32 freq)
6280 {
6281 	lockdep_assert_held(&ar->data_lock);
6282 
6283 	switch (ar->scan.state) {
6284 	case ATH11K_SCAN_IDLE:
6285 	case ATH11K_SCAN_STARTING:
6286 		ath11k_warn(ar->ab, "received scan foreign chan event in an invalid scan state: %s (%d)\n",
6287 			    ath11k_scan_state_str(ar->scan.state),
6288 			    ar->scan.state);
6289 		break;
6290 	case ATH11K_SCAN_RUNNING:
6291 	case ATH11K_SCAN_ABORTING:
6292 		ar->scan_channel = ieee80211_get_channel(ar->hw->wiphy, freq);
6293 		if (ar->scan.is_roc && ar->scan.roc_freq == freq)
6294 			complete(&ar->scan.on_channel);
6295 		break;
6296 	}
6297 }
6298 
6299 static const char *
6300 ath11k_wmi_event_scan_type_str(enum wmi_scan_event_type type,
6301 			       enum wmi_scan_completion_reason reason)
6302 {
6303 	switch (type) {
6304 	case WMI_SCAN_EVENT_STARTED:
6305 		return "started";
6306 	case WMI_SCAN_EVENT_COMPLETED:
6307 		switch (reason) {
6308 		case WMI_SCAN_REASON_COMPLETED:
6309 			return "completed";
6310 		case WMI_SCAN_REASON_CANCELLED:
6311 			return "completed [cancelled]";
6312 		case WMI_SCAN_REASON_PREEMPTED:
6313 			return "completed [preempted]";
6314 		case WMI_SCAN_REASON_TIMEDOUT:
6315 			return "completed [timedout]";
6316 		case WMI_SCAN_REASON_INTERNAL_FAILURE:
6317 			return "completed [internal err]";
6318 		case WMI_SCAN_REASON_MAX:
6319 			break;
6320 		}
6321 		return "completed [unknown]";
6322 	case WMI_SCAN_EVENT_BSS_CHANNEL:
6323 		return "bss channel";
6324 	case WMI_SCAN_EVENT_FOREIGN_CHAN:
6325 		return "foreign channel";
6326 	case WMI_SCAN_EVENT_DEQUEUED:
6327 		return "dequeued";
6328 	case WMI_SCAN_EVENT_PREEMPTED:
6329 		return "preempted";
6330 	case WMI_SCAN_EVENT_START_FAILED:
6331 		return "start failed";
6332 	case WMI_SCAN_EVENT_RESTARTED:
6333 		return "restarted";
6334 	case WMI_SCAN_EVENT_FOREIGN_CHAN_EXIT:
6335 		return "foreign channel exit";
6336 	default:
6337 		return "unknown";
6338 	}
6339 }
6340 
6341 static int ath11k_pull_scan_ev(struct ath11k_base *ab, struct sk_buff *skb,
6342 			       struct wmi_scan_event *scan_evt_param)
6343 {
6344 	const void **tb;
6345 	const struct wmi_scan_event *ev;
6346 	int ret;
6347 
6348 	tb = ath11k_wmi_tlv_parse_alloc(ab, skb->data, skb->len, GFP_ATOMIC);
6349 	if (IS_ERR(tb)) {
6350 		ret = PTR_ERR(tb);
6351 		ath11k_warn(ab, "failed to parse tlv: %d\n", ret);
6352 		return ret;
6353 	}
6354 
6355 	ev = tb[WMI_TAG_SCAN_EVENT];
6356 	if (!ev) {
6357 		ath11k_warn(ab, "failed to fetch scan ev");
6358 		kfree(tb);
6359 		return -EPROTO;
6360 	}
6361 
6362 	scan_evt_param->event_type = ev->event_type;
6363 	scan_evt_param->reason = ev->reason;
6364 	scan_evt_param->channel_freq = ev->channel_freq;
6365 	scan_evt_param->scan_req_id = ev->scan_req_id;
6366 	scan_evt_param->scan_id = ev->scan_id;
6367 	scan_evt_param->vdev_id = ev->vdev_id;
6368 	scan_evt_param->tsf_timestamp = ev->tsf_timestamp;
6369 
6370 	kfree(tb);
6371 	return 0;
6372 }
6373 
6374 static int ath11k_pull_peer_sta_kickout_ev(struct ath11k_base *ab, struct sk_buff *skb,
6375 					   struct wmi_peer_sta_kickout_arg *arg)
6376 {
6377 	const void **tb;
6378 	const struct wmi_peer_sta_kickout_event *ev;
6379 	int ret;
6380 
6381 	tb = ath11k_wmi_tlv_parse_alloc(ab, skb->data, skb->len, GFP_ATOMIC);
6382 	if (IS_ERR(tb)) {
6383 		ret = PTR_ERR(tb);
6384 		ath11k_warn(ab, "failed to parse tlv: %d\n", ret);
6385 		return ret;
6386 	}
6387 
6388 	ev = tb[WMI_TAG_PEER_STA_KICKOUT_EVENT];
6389 	if (!ev) {
6390 		ath11k_warn(ab, "failed to fetch peer sta kickout ev");
6391 		kfree(tb);
6392 		return -EPROTO;
6393 	}
6394 
6395 	arg->mac_addr = ev->peer_macaddr.addr;
6396 
6397 	kfree(tb);
6398 	return 0;
6399 }
6400 
6401 static int ath11k_pull_roam_ev(struct ath11k_base *ab, struct sk_buff *skb,
6402 			       struct wmi_roam_event *roam_ev)
6403 {
6404 	const void **tb;
6405 	const struct wmi_roam_event *ev;
6406 	int ret;
6407 
6408 	tb = ath11k_wmi_tlv_parse_alloc(ab, skb->data, skb->len, GFP_ATOMIC);
6409 	if (IS_ERR(tb)) {
6410 		ret = PTR_ERR(tb);
6411 		ath11k_warn(ab, "failed to parse tlv: %d\n", ret);
6412 		return ret;
6413 	}
6414 
6415 	ev = tb[WMI_TAG_ROAM_EVENT];
6416 	if (!ev) {
6417 		ath11k_warn(ab, "failed to fetch roam ev");
6418 		kfree(tb);
6419 		return -EPROTO;
6420 	}
6421 
6422 	roam_ev->vdev_id = ev->vdev_id;
6423 	roam_ev->reason = ev->reason;
6424 	roam_ev->rssi = ev->rssi;
6425 
6426 	kfree(tb);
6427 	return 0;
6428 }
6429 
6430 static int freq_to_idx(struct ath11k *ar, int freq)
6431 {
6432 	struct ieee80211_supported_band *sband;
6433 	int band, ch, idx = 0;
6434 
6435 	for (band = NL80211_BAND_2GHZ; band < NUM_NL80211_BANDS; band++) {
6436 		sband = ar->hw->wiphy->bands[band];
6437 		if (!sband)
6438 			continue;
6439 
6440 		for (ch = 0; ch < sband->n_channels; ch++, idx++)
6441 			if (sband->channels[ch].center_freq == freq)
6442 				goto exit;
6443 	}
6444 
6445 exit:
6446 	return idx;
6447 }
6448 
6449 static int ath11k_pull_chan_info_ev(struct ath11k_base *ab, u8 *evt_buf,
6450 				    u32 len, struct wmi_chan_info_event *ch_info_ev)
6451 {
6452 	const void **tb;
6453 	const struct wmi_chan_info_event *ev;
6454 	int ret;
6455 
6456 	tb = ath11k_wmi_tlv_parse_alloc(ab, evt_buf, len, GFP_ATOMIC);
6457 	if (IS_ERR(tb)) {
6458 		ret = PTR_ERR(tb);
6459 		ath11k_warn(ab, "failed to parse tlv: %d\n", ret);
6460 		return ret;
6461 	}
6462 
6463 	ev = tb[WMI_TAG_CHAN_INFO_EVENT];
6464 	if (!ev) {
6465 		ath11k_warn(ab, "failed to fetch chan info ev");
6466 		kfree(tb);
6467 		return -EPROTO;
6468 	}
6469 
6470 	ch_info_ev->err_code = ev->err_code;
6471 	ch_info_ev->freq = ev->freq;
6472 	ch_info_ev->cmd_flags = ev->cmd_flags;
6473 	ch_info_ev->noise_floor = ev->noise_floor;
6474 	ch_info_ev->rx_clear_count = ev->rx_clear_count;
6475 	ch_info_ev->cycle_count = ev->cycle_count;
6476 	ch_info_ev->chan_tx_pwr_range = ev->chan_tx_pwr_range;
6477 	ch_info_ev->chan_tx_pwr_tp = ev->chan_tx_pwr_tp;
6478 	ch_info_ev->rx_frame_count = ev->rx_frame_count;
6479 	ch_info_ev->tx_frame_cnt = ev->tx_frame_cnt;
6480 	ch_info_ev->mac_clk_mhz = ev->mac_clk_mhz;
6481 	ch_info_ev->vdev_id = ev->vdev_id;
6482 
6483 	kfree(tb);
6484 	return 0;
6485 }
6486 
6487 static int
6488 ath11k_pull_pdev_bss_chan_info_ev(struct ath11k_base *ab, struct sk_buff *skb,
6489 				  struct wmi_pdev_bss_chan_info_event *bss_ch_info_ev)
6490 {
6491 	const void **tb;
6492 	const struct wmi_pdev_bss_chan_info_event *ev;
6493 	int ret;
6494 
6495 	tb = ath11k_wmi_tlv_parse_alloc(ab, skb->data, skb->len, GFP_ATOMIC);
6496 	if (IS_ERR(tb)) {
6497 		ret = PTR_ERR(tb);
6498 		ath11k_warn(ab, "failed to parse tlv: %d\n", ret);
6499 		return ret;
6500 	}
6501 
6502 	ev = tb[WMI_TAG_PDEV_BSS_CHAN_INFO_EVENT];
6503 	if (!ev) {
6504 		ath11k_warn(ab, "failed to fetch pdev bss chan info ev");
6505 		kfree(tb);
6506 		return -EPROTO;
6507 	}
6508 
6509 	bss_ch_info_ev->pdev_id = ev->pdev_id;
6510 	bss_ch_info_ev->freq = ev->freq;
6511 	bss_ch_info_ev->noise_floor = ev->noise_floor;
6512 	bss_ch_info_ev->rx_clear_count_low = ev->rx_clear_count_low;
6513 	bss_ch_info_ev->rx_clear_count_high = ev->rx_clear_count_high;
6514 	bss_ch_info_ev->cycle_count_low = ev->cycle_count_low;
6515 	bss_ch_info_ev->cycle_count_high = ev->cycle_count_high;
6516 	bss_ch_info_ev->tx_cycle_count_low = ev->tx_cycle_count_low;
6517 	bss_ch_info_ev->tx_cycle_count_high = ev->tx_cycle_count_high;
6518 	bss_ch_info_ev->rx_cycle_count_low = ev->rx_cycle_count_low;
6519 	bss_ch_info_ev->rx_cycle_count_high = ev->rx_cycle_count_high;
6520 	bss_ch_info_ev->rx_bss_cycle_count_low = ev->rx_bss_cycle_count_low;
6521 	bss_ch_info_ev->rx_bss_cycle_count_high = ev->rx_bss_cycle_count_high;
6522 
6523 	kfree(tb);
6524 	return 0;
6525 }
6526 
6527 static int
6528 ath11k_pull_vdev_install_key_compl_ev(struct ath11k_base *ab, struct sk_buff *skb,
6529 				      struct wmi_vdev_install_key_complete_arg *arg)
6530 {
6531 	const void **tb;
6532 	const struct wmi_vdev_install_key_compl_event *ev;
6533 	int ret;
6534 
6535 	tb = ath11k_wmi_tlv_parse_alloc(ab, skb->data, skb->len, GFP_ATOMIC);
6536 	if (IS_ERR(tb)) {
6537 		ret = PTR_ERR(tb);
6538 		ath11k_warn(ab, "failed to parse tlv: %d\n", ret);
6539 		return ret;
6540 	}
6541 
6542 	ev = tb[WMI_TAG_VDEV_INSTALL_KEY_COMPLETE_EVENT];
6543 	if (!ev) {
6544 		ath11k_warn(ab, "failed to fetch vdev install key compl ev");
6545 		kfree(tb);
6546 		return -EPROTO;
6547 	}
6548 
6549 	arg->vdev_id = ev->vdev_id;
6550 	arg->macaddr = ev->peer_macaddr.addr;
6551 	arg->key_idx = ev->key_idx;
6552 	arg->key_flags = ev->key_flags;
6553 	arg->status = ev->status;
6554 
6555 	kfree(tb);
6556 	return 0;
6557 }
6558 
6559 static int ath11k_pull_peer_assoc_conf_ev(struct ath11k_base *ab, struct sk_buff *skb,
6560 					  struct wmi_peer_assoc_conf_arg *peer_assoc_conf)
6561 {
6562 	const void **tb;
6563 	const struct wmi_peer_assoc_conf_event *ev;
6564 	int ret;
6565 
6566 	tb = ath11k_wmi_tlv_parse_alloc(ab, skb->data, skb->len, GFP_ATOMIC);
6567 	if (IS_ERR(tb)) {
6568 		ret = PTR_ERR(tb);
6569 		ath11k_warn(ab, "failed to parse tlv: %d\n", ret);
6570 		return ret;
6571 	}
6572 
6573 	ev = tb[WMI_TAG_PEER_ASSOC_CONF_EVENT];
6574 	if (!ev) {
6575 		ath11k_warn(ab, "failed to fetch peer assoc conf ev");
6576 		kfree(tb);
6577 		return -EPROTO;
6578 	}
6579 
6580 	peer_assoc_conf->vdev_id = ev->vdev_id;
6581 	peer_assoc_conf->macaddr = ev->peer_macaddr.addr;
6582 
6583 	kfree(tb);
6584 	return 0;
6585 }
6586 
6587 static void ath11k_wmi_pull_pdev_stats_base(const struct wmi_pdev_stats_base *src,
6588 					    struct ath11k_fw_stats_pdev *dst)
6589 {
6590 	dst->ch_noise_floor = src->chan_nf;
6591 	dst->tx_frame_count = src->tx_frame_count;
6592 	dst->rx_frame_count = src->rx_frame_count;
6593 	dst->rx_clear_count = src->rx_clear_count;
6594 	dst->cycle_count = src->cycle_count;
6595 	dst->phy_err_count = src->phy_err_count;
6596 	dst->chan_tx_power = src->chan_tx_pwr;
6597 }
6598 
6599 static void
6600 ath11k_wmi_pull_pdev_stats_tx(const struct wmi_pdev_stats_tx *src,
6601 			      struct ath11k_fw_stats_pdev *dst)
6602 {
6603 	dst->comp_queued = src->comp_queued;
6604 	dst->comp_delivered = src->comp_delivered;
6605 	dst->msdu_enqued = src->msdu_enqued;
6606 	dst->mpdu_enqued = src->mpdu_enqued;
6607 	dst->wmm_drop = src->wmm_drop;
6608 	dst->local_enqued = src->local_enqued;
6609 	dst->local_freed = src->local_freed;
6610 	dst->hw_queued = src->hw_queued;
6611 	dst->hw_reaped = src->hw_reaped;
6612 	dst->underrun = src->underrun;
6613 	dst->hw_paused = src->hw_paused;
6614 	dst->tx_abort = src->tx_abort;
6615 	dst->mpdus_requeued = src->mpdus_requeued;
6616 	dst->tx_ko = src->tx_ko;
6617 	dst->tx_xretry = src->tx_xretry;
6618 	dst->data_rc = src->data_rc;
6619 	dst->self_triggers = src->self_triggers;
6620 	dst->sw_retry_failure = src->sw_retry_failure;
6621 	dst->illgl_rate_phy_err = src->illgl_rate_phy_err;
6622 	dst->pdev_cont_xretry = src->pdev_cont_xretry;
6623 	dst->pdev_tx_timeout = src->pdev_tx_timeout;
6624 	dst->pdev_resets = src->pdev_resets;
6625 	dst->stateless_tid_alloc_failure = src->stateless_tid_alloc_failure;
6626 	dst->phy_underrun = src->phy_underrun;
6627 	dst->txop_ovf = src->txop_ovf;
6628 	dst->seq_posted = src->seq_posted;
6629 	dst->seq_failed_queueing = src->seq_failed_queueing;
6630 	dst->seq_completed = src->seq_completed;
6631 	dst->seq_restarted = src->seq_restarted;
6632 	dst->mu_seq_posted = src->mu_seq_posted;
6633 	dst->mpdus_sw_flush = src->mpdus_sw_flush;
6634 	dst->mpdus_hw_filter = src->mpdus_hw_filter;
6635 	dst->mpdus_truncated = src->mpdus_truncated;
6636 	dst->mpdus_ack_failed = src->mpdus_ack_failed;
6637 	dst->mpdus_expired = src->mpdus_expired;
6638 }
6639 
6640 static void ath11k_wmi_pull_pdev_stats_rx(const struct wmi_pdev_stats_rx *src,
6641 					  struct ath11k_fw_stats_pdev *dst)
6642 {
6643 	dst->mid_ppdu_route_change = src->mid_ppdu_route_change;
6644 	dst->status_rcvd = src->status_rcvd;
6645 	dst->r0_frags = src->r0_frags;
6646 	dst->r1_frags = src->r1_frags;
6647 	dst->r2_frags = src->r2_frags;
6648 	dst->r3_frags = src->r3_frags;
6649 	dst->htt_msdus = src->htt_msdus;
6650 	dst->htt_mpdus = src->htt_mpdus;
6651 	dst->loc_msdus = src->loc_msdus;
6652 	dst->loc_mpdus = src->loc_mpdus;
6653 	dst->oversize_amsdu = src->oversize_amsdu;
6654 	dst->phy_errs = src->phy_errs;
6655 	dst->phy_err_drop = src->phy_err_drop;
6656 	dst->mpdu_errs = src->mpdu_errs;
6657 	dst->rx_ovfl_errs = src->rx_ovfl_errs;
6658 }
6659 
6660 static void
6661 ath11k_wmi_pull_vdev_stats(const struct wmi_vdev_stats *src,
6662 			   struct ath11k_fw_stats_vdev *dst)
6663 {
6664 	int i;
6665 
6666 	dst->vdev_id = src->vdev_id;
6667 	dst->beacon_snr = src->beacon_snr;
6668 	dst->data_snr = src->data_snr;
6669 	dst->num_rx_frames = src->num_rx_frames;
6670 	dst->num_rts_fail = src->num_rts_fail;
6671 	dst->num_rts_success = src->num_rts_success;
6672 	dst->num_rx_err = src->num_rx_err;
6673 	dst->num_rx_discard = src->num_rx_discard;
6674 	dst->num_tx_not_acked = src->num_tx_not_acked;
6675 
6676 	for (i = 0; i < ARRAY_SIZE(src->num_tx_frames); i++)
6677 		dst->num_tx_frames[i] = src->num_tx_frames[i];
6678 
6679 	for (i = 0; i < ARRAY_SIZE(src->num_tx_frames_retries); i++)
6680 		dst->num_tx_frames_retries[i] = src->num_tx_frames_retries[i];
6681 
6682 	for (i = 0; i < ARRAY_SIZE(src->num_tx_frames_failures); i++)
6683 		dst->num_tx_frames_failures[i] = src->num_tx_frames_failures[i];
6684 
6685 	for (i = 0; i < ARRAY_SIZE(src->tx_rate_history); i++)
6686 		dst->tx_rate_history[i] = src->tx_rate_history[i];
6687 
6688 	for (i = 0; i < ARRAY_SIZE(src->beacon_rssi_history); i++)
6689 		dst->beacon_rssi_history[i] = src->beacon_rssi_history[i];
6690 }
6691 
6692 static void
6693 ath11k_wmi_pull_bcn_stats(const struct wmi_bcn_stats *src,
6694 			  struct ath11k_fw_stats_bcn *dst)
6695 {
6696 	dst->vdev_id = src->vdev_id;
6697 	dst->tx_bcn_succ_cnt = src->tx_bcn_succ_cnt;
6698 	dst->tx_bcn_outage_cnt = src->tx_bcn_outage_cnt;
6699 }
6700 
6701 static int ath11k_wmi_tlv_rssi_chain_parse(struct ath11k_base *ab,
6702 					   u16 tag, u16 len,
6703 					   const void *ptr, void *data)
6704 {
6705 	struct wmi_tlv_fw_stats_parse *parse = data;
6706 	const struct wmi_stats_event *ev = parse->ev;
6707 	struct ath11k_fw_stats *stats = parse->stats;
6708 	struct ath11k *ar;
6709 	struct ath11k_vif *arvif;
6710 	struct ieee80211_sta *sta;
6711 	struct ath11k_sta *arsta;
6712 	const struct wmi_rssi_stats *stats_rssi = (const struct wmi_rssi_stats *)ptr;
6713 	int j, ret = 0;
6714 
6715 	if (tag != WMI_TAG_RSSI_STATS)
6716 		return -EPROTO;
6717 
6718 	rcu_read_lock();
6719 
6720 	ar = ath11k_mac_get_ar_by_pdev_id(ab, ev->pdev_id);
6721 	stats->stats_id = WMI_REQUEST_RSSI_PER_CHAIN_STAT;
6722 
6723 	ath11k_dbg(ab, ATH11K_DBG_WMI,
6724 		   "stats vdev id %d mac %pM\n",
6725 		   stats_rssi->vdev_id, stats_rssi->peer_macaddr.addr);
6726 
6727 	arvif = ath11k_mac_get_arvif(ar, stats_rssi->vdev_id);
6728 	if (!arvif) {
6729 		ath11k_warn(ab, "not found vif for vdev id %d\n",
6730 			    stats_rssi->vdev_id);
6731 		ret = -EPROTO;
6732 		goto exit;
6733 	}
6734 
6735 	ath11k_dbg(ab, ATH11K_DBG_WMI,
6736 		   "stats bssid %pM vif %p\n",
6737 		   arvif->bssid, arvif->vif);
6738 
6739 	sta = ieee80211_find_sta_by_ifaddr(ar->hw,
6740 					   arvif->bssid,
6741 					   NULL);
6742 	if (!sta) {
6743 		ath11k_dbg(ab, ATH11K_DBG_WMI,
6744 			   "not found station of bssid %pM for rssi chain\n",
6745 			   arvif->bssid);
6746 		goto exit;
6747 	}
6748 
6749 	arsta = (struct ath11k_sta *)sta->drv_priv;
6750 
6751 	BUILD_BUG_ON(ARRAY_SIZE(arsta->chain_signal) >
6752 		     ARRAY_SIZE(stats_rssi->rssi_avg_beacon));
6753 
6754 	for (j = 0; j < ARRAY_SIZE(arsta->chain_signal); j++) {
6755 		arsta->chain_signal[j] = stats_rssi->rssi_avg_beacon[j];
6756 		ath11k_dbg(ab, ATH11K_DBG_WMI,
6757 			   "stats beacon rssi[%d] %d data rssi[%d] %d\n",
6758 			   j,
6759 			   stats_rssi->rssi_avg_beacon[j],
6760 			   j,
6761 			   stats_rssi->rssi_avg_data[j]);
6762 	}
6763 
6764 exit:
6765 	rcu_read_unlock();
6766 	return ret;
6767 }
6768 
6769 static int ath11k_wmi_tlv_fw_stats_data_parse(struct ath11k_base *ab,
6770 					      struct wmi_tlv_fw_stats_parse *parse,
6771 					      const void *ptr,
6772 					      u16 len)
6773 {
6774 	struct ath11k_fw_stats *stats = parse->stats;
6775 	const struct wmi_stats_event *ev = parse->ev;
6776 	struct ath11k *ar;
6777 	struct ath11k_vif *arvif;
6778 	struct ieee80211_sta *sta;
6779 	struct ath11k_sta *arsta;
6780 	int i, ret = 0;
6781 #if defined(__linux__)
6782 	const void *data = ptr;
6783 #elif defined(__FreeBSD__)
6784 	const u8 *data = ptr;
6785 #endif
6786 
6787 	if (!ev) {
6788 		ath11k_warn(ab, "failed to fetch update stats ev");
6789 		return -EPROTO;
6790 	}
6791 
6792 	stats->stats_id = 0;
6793 
6794 	rcu_read_lock();
6795 
6796 	ar = ath11k_mac_get_ar_by_pdev_id(ab, ev->pdev_id);
6797 
6798 	for (i = 0; i < ev->num_pdev_stats; i++) {
6799 		const struct wmi_pdev_stats *src;
6800 		struct ath11k_fw_stats_pdev *dst;
6801 
6802 #if defined(__linux__)
6803 		src = data;
6804 #elif defined(__FreeBSD__)
6805 		src = (const void *)data;
6806 #endif
6807 		if (len < sizeof(*src)) {
6808 			ret = -EPROTO;
6809 			goto exit;
6810 		}
6811 
6812 		stats->stats_id = WMI_REQUEST_PDEV_STAT;
6813 
6814 		data += sizeof(*src);
6815 		len -= sizeof(*src);
6816 
6817 		dst = kzalloc(sizeof(*dst), GFP_ATOMIC);
6818 		if (!dst)
6819 			continue;
6820 
6821 		ath11k_wmi_pull_pdev_stats_base(&src->base, dst);
6822 		ath11k_wmi_pull_pdev_stats_tx(&src->tx, dst);
6823 		ath11k_wmi_pull_pdev_stats_rx(&src->rx, dst);
6824 		list_add_tail(&dst->list, &stats->pdevs);
6825 	}
6826 
6827 	for (i = 0; i < ev->num_vdev_stats; i++) {
6828 		const struct wmi_vdev_stats *src;
6829 		struct ath11k_fw_stats_vdev *dst;
6830 
6831 #if defined(__linux__)
6832 		src = data;
6833 #elif defined(__FreeBSD__)
6834 		src = (const void *)data;
6835 #endif
6836 		if (len < sizeof(*src)) {
6837 			ret = -EPROTO;
6838 			goto exit;
6839 		}
6840 
6841 		stats->stats_id = WMI_REQUEST_VDEV_STAT;
6842 
6843 		arvif = ath11k_mac_get_arvif(ar, src->vdev_id);
6844 		if (arvif) {
6845 			sta = ieee80211_find_sta_by_ifaddr(ar->hw,
6846 							   arvif->bssid,
6847 							   NULL);
6848 			if (sta) {
6849 				arsta = (struct ath11k_sta *)sta->drv_priv;
6850 				arsta->rssi_beacon = src->beacon_snr;
6851 				ath11k_dbg(ab, ATH11K_DBG_WMI,
6852 					   "stats vdev id %d snr %d\n",
6853 					   src->vdev_id, src->beacon_snr);
6854 			} else {
6855 				ath11k_dbg(ab, ATH11K_DBG_WMI,
6856 					   "not found station of bssid %pM for vdev stat\n",
6857 					   arvif->bssid);
6858 			}
6859 		}
6860 
6861 		data += sizeof(*src);
6862 		len -= sizeof(*src);
6863 
6864 		dst = kzalloc(sizeof(*dst), GFP_ATOMIC);
6865 		if (!dst)
6866 			continue;
6867 
6868 		ath11k_wmi_pull_vdev_stats(src, dst);
6869 		list_add_tail(&dst->list, &stats->vdevs);
6870 	}
6871 
6872 	for (i = 0; i < ev->num_bcn_stats; i++) {
6873 		const struct wmi_bcn_stats *src;
6874 		struct ath11k_fw_stats_bcn *dst;
6875 
6876 #if defined(__linux__)
6877 		src = data;
6878 #elif defined(__FreeBSD__)
6879 		src = (const void *)data;
6880 #endif
6881 		if (len < sizeof(*src)) {
6882 			ret = -EPROTO;
6883 			goto exit;
6884 		}
6885 
6886 		stats->stats_id = WMI_REQUEST_BCN_STAT;
6887 
6888 		data += sizeof(*src);
6889 		len -= sizeof(*src);
6890 
6891 		dst = kzalloc(sizeof(*dst), GFP_ATOMIC);
6892 		if (!dst)
6893 			continue;
6894 
6895 		ath11k_wmi_pull_bcn_stats(src, dst);
6896 		list_add_tail(&dst->list, &stats->bcn);
6897 	}
6898 
6899 exit:
6900 	rcu_read_unlock();
6901 	return ret;
6902 }
6903 
6904 static int ath11k_wmi_tlv_fw_stats_parse(struct ath11k_base *ab,
6905 					 u16 tag, u16 len,
6906 					 const void *ptr, void *data)
6907 {
6908 	struct wmi_tlv_fw_stats_parse *parse = data;
6909 	int ret = 0;
6910 
6911 	switch (tag) {
6912 	case WMI_TAG_STATS_EVENT:
6913 #if defined(__linux__)
6914 		parse->ev = (struct wmi_stats_event *)ptr;
6915 #elif defined(__FreeBSD__)
6916 		parse->ev = (const struct wmi_stats_event *)ptr;
6917 #endif
6918 		parse->stats->pdev_id = parse->ev->pdev_id;
6919 		break;
6920 	case WMI_TAG_ARRAY_BYTE:
6921 		ret = ath11k_wmi_tlv_fw_stats_data_parse(ab, parse, ptr, len);
6922 		break;
6923 	case WMI_TAG_PER_CHAIN_RSSI_STATS:
6924 #if defined(__linux__)
6925 		parse->rssi = (struct wmi_per_chain_rssi_stats *)ptr;
6926 #elif defined(__FreeBSD__)
6927 		parse->rssi = (const struct wmi_per_chain_rssi_stats *)ptr;
6928 #endif
6929 
6930 		if (parse->ev->stats_id & WMI_REQUEST_RSSI_PER_CHAIN_STAT)
6931 			parse->rssi_num = parse->rssi->num_per_chain_rssi_stats;
6932 
6933 		ath11k_dbg(ab, ATH11K_DBG_WMI,
6934 			   "stats id 0x%x num chain %d\n",
6935 			   parse->ev->stats_id,
6936 			   parse->rssi_num);
6937 		break;
6938 	case WMI_TAG_ARRAY_STRUCT:
6939 		if (parse->rssi_num && !parse->chain_rssi_done) {
6940 			ret = ath11k_wmi_tlv_iter(ab, ptr, len,
6941 						  ath11k_wmi_tlv_rssi_chain_parse,
6942 						  parse);
6943 			if (ret) {
6944 				ath11k_warn(ab, "failed to parse rssi chain %d\n",
6945 					    ret);
6946 				return ret;
6947 			}
6948 			parse->chain_rssi_done = true;
6949 		}
6950 		break;
6951 	default:
6952 		break;
6953 	}
6954 	return ret;
6955 }
6956 
6957 int ath11k_wmi_pull_fw_stats(struct ath11k_base *ab, struct sk_buff *skb,
6958 			     struct ath11k_fw_stats *stats)
6959 {
6960 	struct wmi_tlv_fw_stats_parse parse = { };
6961 
6962 	stats->stats_id = 0;
6963 	parse.stats = stats;
6964 
6965 	return ath11k_wmi_tlv_iter(ab, skb->data, skb->len,
6966 				   ath11k_wmi_tlv_fw_stats_parse,
6967 				   &parse);
6968 }
6969 
6970 static void
6971 ath11k_wmi_fw_pdev_base_stats_fill(const struct ath11k_fw_stats_pdev *pdev,
6972 				   char *buf, u32 *length)
6973 {
6974 	u32 len = *length;
6975 	u32 buf_len = ATH11K_FW_STATS_BUF_SIZE;
6976 
6977 	len += scnprintf(buf + len, buf_len - len, "\n");
6978 	len += scnprintf(buf + len, buf_len - len, "%30s\n",
6979 			"ath11k PDEV stats");
6980 	len += scnprintf(buf + len, buf_len - len, "%30s\n\n",
6981 			"=================");
6982 
6983 	len += scnprintf(buf + len, buf_len - len, "%30s %10d\n",
6984 			"Channel noise floor", pdev->ch_noise_floor);
6985 	len += scnprintf(buf + len, buf_len - len, "%30s %10u\n",
6986 			"Channel TX power", pdev->chan_tx_power);
6987 	len += scnprintf(buf + len, buf_len - len, "%30s %10u\n",
6988 			"TX frame count", pdev->tx_frame_count);
6989 	len += scnprintf(buf + len, buf_len - len, "%30s %10u\n",
6990 			"RX frame count", pdev->rx_frame_count);
6991 	len += scnprintf(buf + len, buf_len - len, "%30s %10u\n",
6992 			"RX clear count", pdev->rx_clear_count);
6993 	len += scnprintf(buf + len, buf_len - len, "%30s %10u\n",
6994 			"Cycle count", pdev->cycle_count);
6995 	len += scnprintf(buf + len, buf_len - len, "%30s %10u\n",
6996 			"PHY error count", pdev->phy_err_count);
6997 
6998 	*length = len;
6999 }
7000 
7001 static void
7002 ath11k_wmi_fw_pdev_tx_stats_fill(const struct ath11k_fw_stats_pdev *pdev,
7003 				 char *buf, u32 *length)
7004 {
7005 	u32 len = *length;
7006 	u32 buf_len = ATH11K_FW_STATS_BUF_SIZE;
7007 
7008 	len += scnprintf(buf + len, buf_len - len, "\n%30s\n",
7009 			 "ath11k PDEV TX stats");
7010 	len += scnprintf(buf + len, buf_len - len, "%30s\n\n",
7011 			 "====================");
7012 
7013 	len += scnprintf(buf + len, buf_len - len, "%30s %10d\n",
7014 			 "HTT cookies queued", pdev->comp_queued);
7015 	len += scnprintf(buf + len, buf_len - len, "%30s %10d\n",
7016 			 "HTT cookies disp.", pdev->comp_delivered);
7017 	len += scnprintf(buf + len, buf_len - len, "%30s %10d\n",
7018 			 "MSDU queued", pdev->msdu_enqued);
7019 	len += scnprintf(buf + len, buf_len - len, "%30s %10d\n",
7020 			 "MPDU queued", pdev->mpdu_enqued);
7021 	len += scnprintf(buf + len, buf_len - len, "%30s %10d\n",
7022 			 "MSDUs dropped", pdev->wmm_drop);
7023 	len += scnprintf(buf + len, buf_len - len, "%30s %10d\n",
7024 			 "Local enqued", pdev->local_enqued);
7025 	len += scnprintf(buf + len, buf_len - len, "%30s %10d\n",
7026 			 "Local freed", pdev->local_freed);
7027 	len += scnprintf(buf + len, buf_len - len, "%30s %10d\n",
7028 			 "HW queued", pdev->hw_queued);
7029 	len += scnprintf(buf + len, buf_len - len, "%30s %10d\n",
7030 			 "PPDUs reaped", pdev->hw_reaped);
7031 	len += scnprintf(buf + len, buf_len - len, "%30s %10d\n",
7032 			 "Num underruns", pdev->underrun);
7033 	len += scnprintf(buf + len, buf_len - len, "%30s %10d\n",
7034 			 "Num HW Paused", pdev->hw_paused);
7035 	len += scnprintf(buf + len, buf_len - len, "%30s %10d\n",
7036 			 "PPDUs cleaned", pdev->tx_abort);
7037 	len += scnprintf(buf + len, buf_len - len, "%30s %10d\n",
7038 			 "MPDUs requeued", pdev->mpdus_requeued);
7039 	len += scnprintf(buf + len, buf_len - len, "%30s %10u\n",
7040 			 "PPDU OK", pdev->tx_ko);
7041 	len += scnprintf(buf + len, buf_len - len, "%30s %10u\n",
7042 			 "Excessive retries", pdev->tx_xretry);
7043 	len += scnprintf(buf + len, buf_len - len, "%30s %10u\n",
7044 			 "HW rate", pdev->data_rc);
7045 	len += scnprintf(buf + len, buf_len - len, "%30s %10u\n",
7046 			 "Sched self triggers", pdev->self_triggers);
7047 	len += scnprintf(buf + len, buf_len - len, "%30s %10u\n",
7048 			 "Dropped due to SW retries",
7049 			 pdev->sw_retry_failure);
7050 	len += scnprintf(buf + len, buf_len - len, "%30s %10u\n",
7051 			 "Illegal rate phy errors",
7052 			 pdev->illgl_rate_phy_err);
7053 	len += scnprintf(buf + len, buf_len - len, "%30s %10u\n",
7054 			 "PDEV continuous xretry", pdev->pdev_cont_xretry);
7055 	len += scnprintf(buf + len, buf_len - len, "%30s %10u\n",
7056 			 "TX timeout", pdev->pdev_tx_timeout);
7057 	len += scnprintf(buf + len, buf_len - len, "%30s %10u\n",
7058 			 "PDEV resets", pdev->pdev_resets);
7059 	len += scnprintf(buf + len, buf_len - len, "%30s %10u\n",
7060 			 "Stateless TIDs alloc failures",
7061 			 pdev->stateless_tid_alloc_failure);
7062 	len += scnprintf(buf + len, buf_len - len, "%30s %10u\n",
7063 			 "PHY underrun", pdev->phy_underrun);
7064 	len += scnprintf(buf + len, buf_len - len, "%30s %10u\n",
7065 			 "MPDU is more than txop limit", pdev->txop_ovf);
7066 	len += scnprintf(buf + len, buf_len - len, "%30s %10u\n",
7067 			 "Num sequences posted", pdev->seq_posted);
7068 	len += scnprintf(buf + len, buf_len - len, "%30s %10u\n",
7069 			 "Num seq failed queueing ", pdev->seq_failed_queueing);
7070 	len += scnprintf(buf + len, buf_len - len, "%30s %10u\n",
7071 			 "Num sequences completed ", pdev->seq_completed);
7072 	len += scnprintf(buf + len, buf_len - len, "%30s %10u\n",
7073 			 "Num sequences restarted ", pdev->seq_restarted);
7074 	len += scnprintf(buf + len, buf_len - len, "%30s %10u\n",
7075 			 "Num of MU sequences posted ", pdev->mu_seq_posted);
7076 	len += scnprintf(buf + len, buf_len - len, "%30s %10u\n",
7077 			 "Num of MPDUS SW flushed ", pdev->mpdus_sw_flush);
7078 	len += scnprintf(buf + len, buf_len - len, "%30s %10u\n",
7079 			 "Num of MPDUS HW filtered ", pdev->mpdus_hw_filter);
7080 	len += scnprintf(buf + len, buf_len - len, "%30s %10u\n",
7081 			 "Num of MPDUS truncated ", pdev->mpdus_truncated);
7082 	len += scnprintf(buf + len, buf_len - len, "%30s %10u\n",
7083 			 "Num of MPDUS ACK failed ", pdev->mpdus_ack_failed);
7084 	len += scnprintf(buf + len, buf_len - len, "%30s %10u\n",
7085 			 "Num of MPDUS expired ", pdev->mpdus_expired);
7086 	*length = len;
7087 }
7088 
7089 static void
7090 ath11k_wmi_fw_pdev_rx_stats_fill(const struct ath11k_fw_stats_pdev *pdev,
7091 				 char *buf, u32 *length)
7092 {
7093 	u32 len = *length;
7094 	u32 buf_len = ATH11K_FW_STATS_BUF_SIZE;
7095 
7096 	len += scnprintf(buf + len, buf_len - len, "\n%30s\n",
7097 			 "ath11k PDEV RX stats");
7098 	len += scnprintf(buf + len, buf_len - len, "%30s\n\n",
7099 			 "====================");
7100 
7101 	len += scnprintf(buf + len, buf_len - len, "%30s %10d\n",
7102 			 "Mid PPDU route change",
7103 			 pdev->mid_ppdu_route_change);
7104 	len += scnprintf(buf + len, buf_len - len, "%30s %10d\n",
7105 			 "Tot. number of statuses", pdev->status_rcvd);
7106 	len += scnprintf(buf + len, buf_len - len, "%30s %10d\n",
7107 			 "Extra frags on rings 0", pdev->r0_frags);
7108 	len += scnprintf(buf + len, buf_len - len, "%30s %10d\n",
7109 			 "Extra frags on rings 1", pdev->r1_frags);
7110 	len += scnprintf(buf + len, buf_len - len, "%30s %10d\n",
7111 			 "Extra frags on rings 2", pdev->r2_frags);
7112 	len += scnprintf(buf + len, buf_len - len, "%30s %10d\n",
7113 			 "Extra frags on rings 3", pdev->r3_frags);
7114 	len += scnprintf(buf + len, buf_len - len, "%30s %10d\n",
7115 			 "MSDUs delivered to HTT", pdev->htt_msdus);
7116 	len += scnprintf(buf + len, buf_len - len, "%30s %10d\n",
7117 			 "MPDUs delivered to HTT", pdev->htt_mpdus);
7118 	len += scnprintf(buf + len, buf_len - len, "%30s %10d\n",
7119 			 "MSDUs delivered to stack", pdev->loc_msdus);
7120 	len += scnprintf(buf + len, buf_len - len, "%30s %10d\n",
7121 			 "MPDUs delivered to stack", pdev->loc_mpdus);
7122 	len += scnprintf(buf + len, buf_len - len, "%30s %10d\n",
7123 			 "Oversized AMSUs", pdev->oversize_amsdu);
7124 	len += scnprintf(buf + len, buf_len - len, "%30s %10d\n",
7125 			 "PHY errors", pdev->phy_errs);
7126 	len += scnprintf(buf + len, buf_len - len, "%30s %10d\n",
7127 			 "PHY errors drops", pdev->phy_err_drop);
7128 	len += scnprintf(buf + len, buf_len - len, "%30s %10d\n",
7129 			 "MPDU errors (FCS, MIC, ENC)", pdev->mpdu_errs);
7130 	len += scnprintf(buf + len, buf_len - len, "%30s %10d\n",
7131 			 "Overflow errors", pdev->rx_ovfl_errs);
7132 	*length = len;
7133 }
7134 
7135 static void
7136 ath11k_wmi_fw_vdev_stats_fill(struct ath11k *ar,
7137 			      const struct ath11k_fw_stats_vdev *vdev,
7138 			      char *buf, u32 *length)
7139 {
7140 	u32 len = *length;
7141 	u32 buf_len = ATH11K_FW_STATS_BUF_SIZE;
7142 	struct ath11k_vif *arvif = ath11k_mac_get_arvif(ar, vdev->vdev_id);
7143 	u8 *vif_macaddr;
7144 	int i;
7145 
7146 	/* VDEV stats has all the active VDEVs of other PDEVs as well,
7147 	 * ignoring those not part of requested PDEV
7148 	 */
7149 	if (!arvif)
7150 		return;
7151 
7152 	vif_macaddr = arvif->vif->addr;
7153 
7154 	len += scnprintf(buf + len, buf_len - len, "%30s %u\n",
7155 			 "VDEV ID", vdev->vdev_id);
7156 	len += scnprintf(buf + len, buf_len - len, "%30s %pM\n",
7157 			 "VDEV MAC address", vif_macaddr);
7158 	len += scnprintf(buf + len, buf_len - len, "%30s %u\n",
7159 			 "beacon snr", vdev->beacon_snr);
7160 	len += scnprintf(buf + len, buf_len - len, "%30s %u\n",
7161 			 "data snr", vdev->data_snr);
7162 	len += scnprintf(buf + len, buf_len - len, "%30s %u\n",
7163 			 "num rx frames", vdev->num_rx_frames);
7164 	len += scnprintf(buf + len, buf_len - len, "%30s %u\n",
7165 			 "num rts fail", vdev->num_rts_fail);
7166 	len += scnprintf(buf + len, buf_len - len, "%30s %u\n",
7167 			 "num rts success", vdev->num_rts_success);
7168 	len += scnprintf(buf + len, buf_len - len, "%30s %u\n",
7169 			 "num rx err", vdev->num_rx_err);
7170 	len += scnprintf(buf + len, buf_len - len, "%30s %u\n",
7171 			 "num rx discard", vdev->num_rx_discard);
7172 	len += scnprintf(buf + len, buf_len - len, "%30s %u\n",
7173 			 "num tx not acked", vdev->num_tx_not_acked);
7174 
7175 	for (i = 0 ; i < ARRAY_SIZE(vdev->num_tx_frames); i++)
7176 		len += scnprintf(buf + len, buf_len - len,
7177 				"%25s [%02d] %u\n",
7178 				"num tx frames", i,
7179 				vdev->num_tx_frames[i]);
7180 
7181 	for (i = 0 ; i < ARRAY_SIZE(vdev->num_tx_frames_retries); i++)
7182 		len += scnprintf(buf + len, buf_len - len,
7183 				"%25s [%02d] %u\n",
7184 				"num tx frames retries", i,
7185 				vdev->num_tx_frames_retries[i]);
7186 
7187 	for (i = 0 ; i < ARRAY_SIZE(vdev->num_tx_frames_failures); i++)
7188 		len += scnprintf(buf + len, buf_len - len,
7189 				"%25s [%02d] %u\n",
7190 				"num tx frames failures", i,
7191 				vdev->num_tx_frames_failures[i]);
7192 
7193 	for (i = 0 ; i < ARRAY_SIZE(vdev->tx_rate_history); i++)
7194 		len += scnprintf(buf + len, buf_len - len,
7195 				"%25s [%02d] 0x%08x\n",
7196 				"tx rate history", i,
7197 				vdev->tx_rate_history[i]);
7198 
7199 	for (i = 0 ; i < ARRAY_SIZE(vdev->beacon_rssi_history); i++)
7200 		len += scnprintf(buf + len, buf_len - len,
7201 				"%25s [%02d] %u\n",
7202 				"beacon rssi history", i,
7203 				vdev->beacon_rssi_history[i]);
7204 
7205 	len += scnprintf(buf + len, buf_len - len, "\n");
7206 	*length = len;
7207 }
7208 
7209 static void
7210 ath11k_wmi_fw_bcn_stats_fill(struct ath11k *ar,
7211 			     const struct ath11k_fw_stats_bcn *bcn,
7212 			     char *buf, u32 *length)
7213 {
7214 	u32 len = *length;
7215 	u32 buf_len = ATH11K_FW_STATS_BUF_SIZE;
7216 	struct ath11k_vif *arvif = ath11k_mac_get_arvif(ar, bcn->vdev_id);
7217 	u8 *vdev_macaddr;
7218 
7219 	if (!arvif) {
7220 		ath11k_warn(ar->ab, "invalid vdev id %d in bcn stats",
7221 			    bcn->vdev_id);
7222 		return;
7223 	}
7224 
7225 	vdev_macaddr = arvif->vif->addr;
7226 
7227 	len += scnprintf(buf + len, buf_len - len, "%30s %u\n",
7228 			 "VDEV ID", bcn->vdev_id);
7229 	len += scnprintf(buf + len, buf_len - len, "%30s %pM\n",
7230 			 "VDEV MAC address", vdev_macaddr);
7231 	len += scnprintf(buf + len, buf_len - len, "%30s\n\n",
7232 			 "================");
7233 	len += scnprintf(buf + len, buf_len - len, "%30s %u\n",
7234 			 "Num of beacon tx success", bcn->tx_bcn_succ_cnt);
7235 	len += scnprintf(buf + len, buf_len - len, "%30s %u\n",
7236 			 "Num of beacon tx failures", bcn->tx_bcn_outage_cnt);
7237 
7238 	len += scnprintf(buf + len, buf_len - len, "\n");
7239 	*length = len;
7240 }
7241 
7242 void ath11k_wmi_fw_stats_fill(struct ath11k *ar,
7243 			      struct ath11k_fw_stats *fw_stats,
7244 			      u32 stats_id, char *buf)
7245 {
7246 	u32 len = 0;
7247 	u32 buf_len = ATH11K_FW_STATS_BUF_SIZE;
7248 	const struct ath11k_fw_stats_pdev *pdev;
7249 	const struct ath11k_fw_stats_vdev *vdev;
7250 	const struct ath11k_fw_stats_bcn *bcn;
7251 	size_t num_bcn;
7252 
7253 	spin_lock_bh(&ar->data_lock);
7254 
7255 	if (stats_id == WMI_REQUEST_PDEV_STAT) {
7256 		pdev = list_first_entry_or_null(&fw_stats->pdevs,
7257 						struct ath11k_fw_stats_pdev, list);
7258 		if (!pdev) {
7259 			ath11k_warn(ar->ab, "failed to get pdev stats\n");
7260 			goto unlock;
7261 		}
7262 
7263 		ath11k_wmi_fw_pdev_base_stats_fill(pdev, buf, &len);
7264 		ath11k_wmi_fw_pdev_tx_stats_fill(pdev, buf, &len);
7265 		ath11k_wmi_fw_pdev_rx_stats_fill(pdev, buf, &len);
7266 	}
7267 
7268 	if (stats_id == WMI_REQUEST_VDEV_STAT) {
7269 		len += scnprintf(buf + len, buf_len - len, "\n");
7270 		len += scnprintf(buf + len, buf_len - len, "%30s\n",
7271 				 "ath11k VDEV stats");
7272 		len += scnprintf(buf + len, buf_len - len, "%30s\n\n",
7273 				 "=================");
7274 
7275 		list_for_each_entry(vdev, &fw_stats->vdevs, list)
7276 			ath11k_wmi_fw_vdev_stats_fill(ar, vdev, buf, &len);
7277 	}
7278 
7279 	if (stats_id == WMI_REQUEST_BCN_STAT) {
7280 		num_bcn = list_count_nodes(&fw_stats->bcn);
7281 
7282 		len += scnprintf(buf + len, buf_len - len, "\n");
7283 		len += scnprintf(buf + len, buf_len - len, "%30s (%zu)\n",
7284 				 "ath11k Beacon stats", num_bcn);
7285 		len += scnprintf(buf + len, buf_len - len, "%30s\n\n",
7286 				 "===================");
7287 
7288 		list_for_each_entry(bcn, &fw_stats->bcn, list)
7289 			ath11k_wmi_fw_bcn_stats_fill(ar, bcn, buf, &len);
7290 	}
7291 
7292 unlock:
7293 	spin_unlock_bh(&ar->data_lock);
7294 
7295 	if (len >= buf_len)
7296 		buf[len - 1] = 0;
7297 	else
7298 		buf[len] = 0;
7299 }
7300 
7301 static void ath11k_wmi_op_ep_tx_credits(struct ath11k_base *ab)
7302 {
7303 	/* try to send pending beacons first. they take priority */
7304 	wake_up(&ab->wmi_ab.tx_credits_wq);
7305 }
7306 
7307 static int ath11k_reg_11d_new_cc_event(struct ath11k_base *ab, struct sk_buff *skb)
7308 {
7309 	const struct wmi_11d_new_cc_ev *ev;
7310 	struct ath11k *ar;
7311 	struct ath11k_pdev *pdev;
7312 	const void **tb;
7313 	int ret, i;
7314 
7315 	tb = ath11k_wmi_tlv_parse_alloc(ab, skb->data, skb->len, GFP_ATOMIC);
7316 	if (IS_ERR(tb)) {
7317 		ret = PTR_ERR(tb);
7318 		ath11k_warn(ab, "failed to parse tlv: %d\n", ret);
7319 		return ret;
7320 	}
7321 
7322 	ev = tb[WMI_TAG_11D_NEW_COUNTRY_EVENT];
7323 	if (!ev) {
7324 		kfree(tb);
7325 		ath11k_warn(ab, "failed to fetch 11d new cc ev");
7326 		return -EPROTO;
7327 	}
7328 
7329 	spin_lock_bh(&ab->base_lock);
7330 	memcpy(&ab->new_alpha2, &ev->new_alpha2, 2);
7331 	spin_unlock_bh(&ab->base_lock);
7332 
7333 	ath11k_dbg(ab, ATH11K_DBG_WMI, "event 11d new cc %c%c\n",
7334 		   ab->new_alpha2[0],
7335 		   ab->new_alpha2[1]);
7336 
7337 	kfree(tb);
7338 
7339 	for (i = 0; i < ab->num_radios; i++) {
7340 		pdev = &ab->pdevs[i];
7341 		ar = pdev->ar;
7342 		ar->state_11d = ATH11K_11D_IDLE;
7343 		complete(&ar->completed_11d_scan);
7344 	}
7345 
7346 	queue_work(ab->workqueue, &ab->update_11d_work);
7347 
7348 	return 0;
7349 }
7350 
7351 static void ath11k_wmi_htc_tx_complete(struct ath11k_base *ab,
7352 				       struct sk_buff *skb)
7353 {
7354 	struct ath11k_pdev_wmi *wmi = NULL;
7355 	u32 i;
7356 	u8 wmi_ep_count;
7357 	u8 eid;
7358 
7359 	eid = ATH11K_SKB_CB(skb)->eid;
7360 	dev_kfree_skb(skb);
7361 
7362 	if (eid >= ATH11K_HTC_EP_COUNT)
7363 		return;
7364 
7365 	wmi_ep_count = ab->htc.wmi_ep_count;
7366 	if (wmi_ep_count > ab->hw_params.max_radios)
7367 		return;
7368 
7369 	for (i = 0; i < ab->htc.wmi_ep_count; i++) {
7370 		if (ab->wmi_ab.wmi[i].eid == eid) {
7371 			wmi = &ab->wmi_ab.wmi[i];
7372 			break;
7373 		}
7374 	}
7375 
7376 	if (wmi)
7377 		wake_up(&wmi->tx_ce_desc_wq);
7378 }
7379 
7380 static bool ath11k_reg_is_world_alpha(char *alpha)
7381 {
7382 	if (alpha[0] == '0' && alpha[1] == '0')
7383 		return true;
7384 
7385 	if (alpha[0] == 'n' && alpha[1] == 'a')
7386 		return true;
7387 
7388 	return false;
7389 }
7390 
7391 static int ath11k_reg_chan_list_event(struct ath11k_base *ab,
7392 				      struct sk_buff *skb,
7393 				      enum wmi_reg_chan_list_cmd_type id)
7394 {
7395 	struct cur_regulatory_info *reg_info = NULL;
7396 	struct ieee80211_regdomain *regd = NULL;
7397 	bool intersect = false;
7398 	int ret = 0, pdev_idx, i, j;
7399 	struct ath11k *ar;
7400 
7401 	reg_info = kzalloc(sizeof(*reg_info), GFP_ATOMIC);
7402 	if (!reg_info) {
7403 		ret = -ENOMEM;
7404 		goto fallback;
7405 	}
7406 
7407 	if (id == WMI_REG_CHAN_LIST_CC_ID)
7408 		ret = ath11k_pull_reg_chan_list_update_ev(ab, skb, reg_info);
7409 	else
7410 		ret = ath11k_pull_reg_chan_list_ext_update_ev(ab, skb, reg_info);
7411 
7412 	if (ret) {
7413 		ath11k_warn(ab, "failed to extract regulatory info from received event\n");
7414 		goto fallback;
7415 	}
7416 
7417 	ath11k_dbg(ab, ATH11K_DBG_WMI, "event reg chan list id %d", id);
7418 
7419 	if (reg_info->status_code != REG_SET_CC_STATUS_PASS) {
7420 		/* In case of failure to set the requested ctry,
7421 		 * fw retains the current regd. We print a failure info
7422 		 * and return from here.
7423 		 */
7424 		ath11k_warn(ab, "Failed to set the requested Country regulatory setting\n");
7425 		goto mem_free;
7426 	}
7427 
7428 	pdev_idx = reg_info->phy_id;
7429 
7430 	/* Avoid default reg rule updates sent during FW recovery if
7431 	 * it is already available
7432 	 */
7433 	spin_lock(&ab->base_lock);
7434 	if (test_bit(ATH11K_FLAG_RECOVERY, &ab->dev_flags) &&
7435 	    ab->default_regd[pdev_idx]) {
7436 		spin_unlock(&ab->base_lock);
7437 		goto mem_free;
7438 	}
7439 	spin_unlock(&ab->base_lock);
7440 
7441 	if (pdev_idx >= ab->num_radios) {
7442 		/* Process the event for phy0 only if single_pdev_only
7443 		 * is true. If pdev_idx is valid but not 0, discard the
7444 		 * event. Otherwise, it goes to fallback.
7445 		 */
7446 		if (ab->hw_params.single_pdev_only &&
7447 		    pdev_idx < ab->hw_params.num_rxmda_per_pdev)
7448 			goto mem_free;
7449 		else
7450 			goto fallback;
7451 	}
7452 
7453 	/* Avoid multiple overwrites to default regd, during core
7454 	 * stop-start after mac registration.
7455 	 */
7456 	if (ab->default_regd[pdev_idx] && !ab->new_regd[pdev_idx] &&
7457 	    !memcmp((char *)ab->default_regd[pdev_idx]->alpha2,
7458 		    (char *)reg_info->alpha2, 2))
7459 		goto mem_free;
7460 
7461 	/* Intersect new rules with default regd if a new country setting was
7462 	 * requested, i.e a default regd was already set during initialization
7463 	 * and the regd coming from this event has a valid country info.
7464 	 */
7465 	if (ab->default_regd[pdev_idx] &&
7466 	    !ath11k_reg_is_world_alpha((char *)
7467 		ab->default_regd[pdev_idx]->alpha2) &&
7468 	    !ath11k_reg_is_world_alpha((char *)reg_info->alpha2))
7469 		intersect = true;
7470 
7471 	regd = ath11k_reg_build_regd(ab, reg_info, intersect);
7472 	if (!regd) {
7473 		ath11k_warn(ab, "failed to build regd from reg_info\n");
7474 		goto fallback;
7475 	}
7476 
7477 	spin_lock(&ab->base_lock);
7478 	if (ab->default_regd[pdev_idx]) {
7479 		/* The initial rules from FW after WMI Init is to build
7480 		 * the default regd. From then on, any rules updated for
7481 		 * the pdev could be due to user reg changes.
7482 		 * Free previously built regd before assigning the newly
7483 		 * generated regd to ar. NULL pointer handling will be
7484 		 * taken care by kfree itself.
7485 		 */
7486 		ar = ab->pdevs[pdev_idx].ar;
7487 		kfree(ab->new_regd[pdev_idx]);
7488 		ab->new_regd[pdev_idx] = regd;
7489 		queue_work(ab->workqueue, &ar->regd_update_work);
7490 	} else {
7491 		/* This regd would be applied during mac registration and is
7492 		 * held constant throughout for regd intersection purpose
7493 		 */
7494 		ab->default_regd[pdev_idx] = regd;
7495 	}
7496 	ab->dfs_region = reg_info->dfs_region;
7497 	spin_unlock(&ab->base_lock);
7498 
7499 	goto mem_free;
7500 
7501 fallback:
7502 	/* Fallback to older reg (by sending previous country setting
7503 	 * again if fw has succeeded and we failed to process here.
7504 	 * The Regdomain should be uniform across driver and fw. Since the
7505 	 * FW has processed the command and sent a success status, we expect
7506 	 * this function to succeed as well. If it doesn't, CTRY needs to be
7507 	 * reverted at the fw and the old SCAN_CHAN_LIST cmd needs to be sent.
7508 	 */
7509 	/* TODO: This is rare, but still should also be handled */
7510 	WARN_ON(1);
7511 mem_free:
7512 	if (reg_info) {
7513 		kfree(reg_info->reg_rules_2ghz_ptr);
7514 		kfree(reg_info->reg_rules_5ghz_ptr);
7515 		if (reg_info->is_ext_reg_event) {
7516 			for (i = 0; i < WMI_REG_CURRENT_MAX_AP_TYPE; i++)
7517 				kfree(reg_info->reg_rules_6ghz_ap_ptr[i]);
7518 
7519 			for (j = 0; j < WMI_REG_CURRENT_MAX_AP_TYPE; j++)
7520 				for (i = 0; i < WMI_REG_MAX_CLIENT_TYPE; i++)
7521 					kfree(reg_info->reg_rules_6ghz_client_ptr[j][i]);
7522 		}
7523 		kfree(reg_info);
7524 	}
7525 	return ret;
7526 }
7527 
7528 static int ath11k_wmi_tlv_rdy_parse(struct ath11k_base *ab, u16 tag, u16 len,
7529 				    const void *ptr, void *data)
7530 {
7531 	struct wmi_tlv_rdy_parse *rdy_parse = data;
7532 	struct wmi_ready_event fixed_param;
7533 #if defined(__linux__)
7534 	struct wmi_mac_addr *addr_list;
7535 #elif defined(__FreeBSD__)
7536 	const struct wmi_mac_addr *addr_list;
7537 #endif
7538 	struct ath11k_pdev *pdev;
7539 	u32 num_mac_addr;
7540 	int i;
7541 
7542 	switch (tag) {
7543 	case WMI_TAG_READY_EVENT:
7544 		memset(&fixed_param, 0, sizeof(fixed_param));
7545 #if defined(__linux__)
7546 		memcpy(&fixed_param, (struct wmi_ready_event *)ptr,
7547 #elif defined(__FreeBSD__)
7548 		memcpy(&fixed_param, ptr,
7549 #endif
7550 		       min_t(u16, sizeof(fixed_param), len));
7551 		ab->wlan_init_status = fixed_param.ready_event_min.status;
7552 		rdy_parse->num_extra_mac_addr =
7553 			fixed_param.ready_event_min.num_extra_mac_addr;
7554 
7555 		ether_addr_copy(ab->mac_addr,
7556 				fixed_param.ready_event_min.mac_addr.addr);
7557 		ab->pktlog_defs_checksum = fixed_param.pktlog_defs_checksum;
7558 		ab->wmi_ready = true;
7559 		break;
7560 	case WMI_TAG_ARRAY_FIXED_STRUCT:
7561 #if defined(__linux__)
7562 		addr_list = (struct wmi_mac_addr *)ptr;
7563 #elif defined(__FreeBSD__)
7564 		addr_list = (const struct wmi_mac_addr *)ptr;
7565 #endif
7566 		num_mac_addr = rdy_parse->num_extra_mac_addr;
7567 
7568 		if (!(ab->num_radios > 1 && num_mac_addr >= ab->num_radios))
7569 			break;
7570 
7571 		for (i = 0; i < ab->num_radios; i++) {
7572 			pdev = &ab->pdevs[i];
7573 			ether_addr_copy(pdev->mac_addr, addr_list[i].addr);
7574 		}
7575 		ab->pdevs_macaddr_valid = true;
7576 		break;
7577 	default:
7578 		break;
7579 	}
7580 
7581 	return 0;
7582 }
7583 
7584 static int ath11k_ready_event(struct ath11k_base *ab, struct sk_buff *skb)
7585 {
7586 	struct wmi_tlv_rdy_parse rdy_parse = { };
7587 	int ret;
7588 
7589 	ret = ath11k_wmi_tlv_iter(ab, skb->data, skb->len,
7590 				  ath11k_wmi_tlv_rdy_parse, &rdy_parse);
7591 	if (ret) {
7592 		ath11k_warn(ab, "failed to parse tlv %d\n", ret);
7593 		return ret;
7594 	}
7595 
7596 	ath11k_dbg(ab, ATH11K_DBG_WMI, "event ready");
7597 
7598 	complete(&ab->wmi_ab.unified_ready);
7599 	return 0;
7600 }
7601 
7602 static void ath11k_peer_delete_resp_event(struct ath11k_base *ab, struct sk_buff *skb)
7603 {
7604 	struct wmi_peer_delete_resp_event peer_del_resp;
7605 	struct ath11k *ar;
7606 
7607 	if (ath11k_pull_peer_del_resp_ev(ab, skb, &peer_del_resp) != 0) {
7608 		ath11k_warn(ab, "failed to extract peer delete resp");
7609 		return;
7610 	}
7611 
7612 	ath11k_dbg(ab, ATH11K_DBG_WMI, "event peer delete resp");
7613 
7614 	rcu_read_lock();
7615 	ar = ath11k_mac_get_ar_by_vdev_id(ab, peer_del_resp.vdev_id);
7616 	if (!ar) {
7617 		ath11k_warn(ab, "invalid vdev id in peer delete resp ev %d",
7618 			    peer_del_resp.vdev_id);
7619 		rcu_read_unlock();
7620 		return;
7621 	}
7622 
7623 	complete(&ar->peer_delete_done);
7624 	rcu_read_unlock();
7625 	ath11k_dbg(ab, ATH11K_DBG_WMI, "peer delete resp for vdev id %d addr %pM\n",
7626 		   peer_del_resp.vdev_id, peer_del_resp.peer_macaddr.addr);
7627 }
7628 
7629 static void ath11k_vdev_delete_resp_event(struct ath11k_base *ab,
7630 					  struct sk_buff *skb)
7631 {
7632 	struct ath11k *ar;
7633 	u32 vdev_id = 0;
7634 
7635 	if (ath11k_pull_vdev_del_resp_ev(ab, skb, &vdev_id) != 0) {
7636 		ath11k_warn(ab, "failed to extract vdev delete resp");
7637 		return;
7638 	}
7639 
7640 	rcu_read_lock();
7641 	ar = ath11k_mac_get_ar_by_vdev_id(ab, vdev_id);
7642 	if (!ar) {
7643 		ath11k_warn(ab, "invalid vdev id in vdev delete resp ev %d",
7644 			    vdev_id);
7645 		rcu_read_unlock();
7646 		return;
7647 	}
7648 
7649 	complete(&ar->vdev_delete_done);
7650 
7651 	rcu_read_unlock();
7652 
7653 	ath11k_dbg(ab, ATH11K_DBG_WMI, "event vdev delete resp for vdev id %d\n",
7654 		   vdev_id);
7655 }
7656 
7657 static inline const char *ath11k_wmi_vdev_resp_print(u32 vdev_resp_status)
7658 {
7659 	switch (vdev_resp_status) {
7660 	case WMI_VDEV_START_RESPONSE_INVALID_VDEVID:
7661 		return "invalid vdev id";
7662 	case WMI_VDEV_START_RESPONSE_NOT_SUPPORTED:
7663 		return "not supported";
7664 	case WMI_VDEV_START_RESPONSE_DFS_VIOLATION:
7665 		return "dfs violation";
7666 	case WMI_VDEV_START_RESPONSE_INVALID_REGDOMAIN:
7667 		return "invalid regdomain";
7668 	default:
7669 		return "unknown";
7670 	}
7671 }
7672 
7673 static void ath11k_vdev_start_resp_event(struct ath11k_base *ab, struct sk_buff *skb)
7674 {
7675 	struct wmi_vdev_start_resp_event vdev_start_resp;
7676 	struct ath11k *ar;
7677 	u32 status;
7678 
7679 	if (ath11k_pull_vdev_start_resp_tlv(ab, skb, &vdev_start_resp) != 0) {
7680 		ath11k_warn(ab, "failed to extract vdev start resp");
7681 		return;
7682 	}
7683 
7684 	ath11k_dbg(ab, ATH11K_DBG_WMI, "event start resp event");
7685 
7686 	rcu_read_lock();
7687 	ar = ath11k_mac_get_ar_by_vdev_id(ab, vdev_start_resp.vdev_id);
7688 	if (!ar) {
7689 		ath11k_warn(ab, "invalid vdev id in vdev start resp ev %d",
7690 			    vdev_start_resp.vdev_id);
7691 		rcu_read_unlock();
7692 		return;
7693 	}
7694 
7695 	ar->last_wmi_vdev_start_status = 0;
7696 
7697 	status = vdev_start_resp.status;
7698 
7699 	if (WARN_ON_ONCE(status)) {
7700 		ath11k_warn(ab, "vdev start resp error status %d (%s)\n",
7701 			    status, ath11k_wmi_vdev_resp_print(status));
7702 		ar->last_wmi_vdev_start_status = status;
7703 	}
7704 
7705 	complete(&ar->vdev_setup_done);
7706 
7707 	rcu_read_unlock();
7708 
7709 	ath11k_dbg(ab, ATH11K_DBG_WMI, "vdev start resp for vdev id %d",
7710 		   vdev_start_resp.vdev_id);
7711 }
7712 
7713 static void ath11k_bcn_tx_status_event(struct ath11k_base *ab, struct sk_buff *skb)
7714 {
7715 	struct ath11k_vif *arvif;
7716 	u32 vdev_id, tx_status;
7717 
7718 	if (ath11k_pull_bcn_tx_status_ev(ab, skb->data, skb->len,
7719 					 &vdev_id, &tx_status) != 0) {
7720 		ath11k_warn(ab, "failed to extract bcn tx status");
7721 		return;
7722 	}
7723 
7724 	ath11k_dbg(ab, ATH11K_DBG_WMI, "event offload bcn tx status");
7725 
7726 	rcu_read_lock();
7727 	arvif = ath11k_mac_get_arvif_by_vdev_id(ab, vdev_id);
7728 	if (!arvif) {
7729 		ath11k_warn(ab, "invalid vdev id %d in bcn_tx_status",
7730 			    vdev_id);
7731 		rcu_read_unlock();
7732 		return;
7733 	}
7734 	ath11k_mac_bcn_tx_event(arvif);
7735 	rcu_read_unlock();
7736 }
7737 
7738 static void ath11k_wmi_event_peer_sta_ps_state_chg(struct ath11k_base *ab,
7739 						   struct sk_buff *skb)
7740 {
7741 	const struct wmi_peer_sta_ps_state_chg_event *ev;
7742 	struct ieee80211_sta *sta;
7743 	struct ath11k_peer *peer;
7744 	struct ath11k *ar;
7745 	struct ath11k_sta *arsta;
7746 	const void **tb;
7747 	enum ath11k_wmi_peer_ps_state peer_previous_ps_state;
7748 	int ret;
7749 
7750 	tb = ath11k_wmi_tlv_parse_alloc(ab, skb->data, skb->len, GFP_ATOMIC);
7751 	if (IS_ERR(tb)) {
7752 		ret = PTR_ERR(tb);
7753 		ath11k_warn(ab, "failed to parse tlv: %d\n", ret);
7754 		return;
7755 	}
7756 
7757 	ev = tb[WMI_TAG_PEER_STA_PS_STATECHANGE_EVENT];
7758 	if (!ev) {
7759 		ath11k_warn(ab, "failed to fetch sta ps change ev");
7760 		kfree(tb);
7761 		return;
7762 	}
7763 
7764 	ath11k_dbg(ab, ATH11K_DBG_WMI,
7765 		   "event peer sta ps change ev addr %pM state %u sup_bitmap %x ps_valid %u ts %u\n",
7766 		   ev->peer_macaddr.addr, ev->peer_ps_state,
7767 		   ev->ps_supported_bitmap, ev->peer_ps_valid,
7768 		   ev->peer_ps_timestamp);
7769 
7770 	rcu_read_lock();
7771 
7772 	spin_lock_bh(&ab->base_lock);
7773 
7774 	peer = ath11k_peer_find_by_addr(ab, ev->peer_macaddr.addr);
7775 
7776 	if (!peer) {
7777 		spin_unlock_bh(&ab->base_lock);
7778 		ath11k_warn(ab, "peer not found %pM\n", ev->peer_macaddr.addr);
7779 		goto exit;
7780 	}
7781 
7782 	ar = ath11k_mac_get_ar_by_vdev_id(ab, peer->vdev_id);
7783 
7784 	if (!ar) {
7785 		spin_unlock_bh(&ab->base_lock);
7786 		ath11k_warn(ab, "invalid vdev id in peer sta ps state change ev %d",
7787 			    peer->vdev_id);
7788 
7789 		goto exit;
7790 	}
7791 
7792 	sta = peer->sta;
7793 
7794 	spin_unlock_bh(&ab->base_lock);
7795 
7796 	if (!sta) {
7797 		ath11k_warn(ab, "failed to find station entry %pM\n",
7798 			    ev->peer_macaddr.addr);
7799 		goto exit;
7800 	}
7801 
7802 	arsta = (struct ath11k_sta *)sta->drv_priv;
7803 
7804 	spin_lock_bh(&ar->data_lock);
7805 
7806 	peer_previous_ps_state = arsta->peer_ps_state;
7807 	arsta->peer_ps_state = ev->peer_ps_state;
7808 	arsta->peer_current_ps_valid = !!ev->peer_ps_valid;
7809 
7810 	if (test_bit(WMI_TLV_SERVICE_PEER_POWER_SAVE_DURATION_SUPPORT,
7811 		     ar->ab->wmi_ab.svc_map)) {
7812 		if (!(ev->ps_supported_bitmap & WMI_PEER_PS_VALID) ||
7813 		    !(ev->ps_supported_bitmap & WMI_PEER_PS_STATE_TIMESTAMP) ||
7814 		    !ev->peer_ps_valid)
7815 			goto out;
7816 
7817 		if (arsta->peer_ps_state == WMI_PEER_PS_STATE_ON) {
7818 			arsta->ps_start_time = ev->peer_ps_timestamp;
7819 			arsta->ps_start_jiffies = jiffies;
7820 		} else if (arsta->peer_ps_state == WMI_PEER_PS_STATE_OFF &&
7821 			   peer_previous_ps_state == WMI_PEER_PS_STATE_ON) {
7822 			arsta->ps_total_duration = arsta->ps_total_duration +
7823 					(ev->peer_ps_timestamp - arsta->ps_start_time);
7824 		}
7825 
7826 		if (ar->ps_timekeeper_enable)
7827 			trace_ath11k_ps_timekeeper(ar, ev->peer_macaddr.addr,
7828 						   ev->peer_ps_timestamp,
7829 						   arsta->peer_ps_state);
7830 	}
7831 
7832 out:
7833 	spin_unlock_bh(&ar->data_lock);
7834 exit:
7835 	rcu_read_unlock();
7836 	kfree(tb);
7837 }
7838 
7839 static void ath11k_vdev_stopped_event(struct ath11k_base *ab, struct sk_buff *skb)
7840 {
7841 	struct ath11k *ar;
7842 	u32 vdev_id = 0;
7843 
7844 	if (ath11k_pull_vdev_stopped_param_tlv(ab, skb, &vdev_id) != 0) {
7845 		ath11k_warn(ab, "failed to extract vdev stopped event");
7846 		return;
7847 	}
7848 
7849 	ath11k_dbg(ab, ATH11K_DBG_WMI, "event vdev stopped");
7850 
7851 	rcu_read_lock();
7852 	ar = ath11k_mac_get_ar_by_vdev_id(ab, vdev_id);
7853 	if (!ar) {
7854 		ath11k_warn(ab, "invalid vdev id in vdev stopped ev %d",
7855 			    vdev_id);
7856 		rcu_read_unlock();
7857 		return;
7858 	}
7859 
7860 	complete(&ar->vdev_setup_done);
7861 
7862 	rcu_read_unlock();
7863 
7864 	ath11k_dbg(ab, ATH11K_DBG_WMI, "vdev stopped for vdev id %d", vdev_id);
7865 }
7866 
7867 static void ath11k_mgmt_rx_event(struct ath11k_base *ab, struct sk_buff *skb)
7868 {
7869 	struct mgmt_rx_event_params rx_ev = {0};
7870 	struct ath11k *ar;
7871 	struct ieee80211_rx_status *status = IEEE80211_SKB_RXCB(skb);
7872 	struct ieee80211_hdr *hdr;
7873 	u16 fc;
7874 	struct ieee80211_supported_band *sband;
7875 
7876 	if (ath11k_pull_mgmt_rx_params_tlv(ab, skb, &rx_ev) != 0) {
7877 		ath11k_warn(ab, "failed to extract mgmt rx event");
7878 		dev_kfree_skb(skb);
7879 		return;
7880 	}
7881 
7882 	memset(status, 0, sizeof(*status));
7883 
7884 	ath11k_dbg(ab, ATH11K_DBG_MGMT, "event mgmt rx status %08x\n",
7885 		   rx_ev.status);
7886 
7887 	rcu_read_lock();
7888 	ar = ath11k_mac_get_ar_by_pdev_id(ab, rx_ev.pdev_id);
7889 
7890 	if (!ar) {
7891 		ath11k_warn(ab, "invalid pdev_id %d in mgmt_rx_event\n",
7892 			    rx_ev.pdev_id);
7893 		dev_kfree_skb(skb);
7894 		goto exit;
7895 	}
7896 
7897 	if ((test_bit(ATH11K_CAC_RUNNING, &ar->dev_flags)) ||
7898 	    (rx_ev.status & (WMI_RX_STATUS_ERR_DECRYPT |
7899 	    WMI_RX_STATUS_ERR_KEY_CACHE_MISS | WMI_RX_STATUS_ERR_CRC))) {
7900 		dev_kfree_skb(skb);
7901 		goto exit;
7902 	}
7903 
7904 	if (rx_ev.status & WMI_RX_STATUS_ERR_MIC)
7905 		status->flag |= RX_FLAG_MMIC_ERROR;
7906 
7907 	if (rx_ev.chan_freq >= ATH11K_MIN_6G_FREQ &&
7908 	    rx_ev.chan_freq <= ATH11K_MAX_6G_FREQ) {
7909 		status->band = NL80211_BAND_6GHZ;
7910 		status->freq = rx_ev.chan_freq;
7911 	} else if (rx_ev.channel >= 1 && rx_ev.channel <= 14) {
7912 		status->band = NL80211_BAND_2GHZ;
7913 	} else if (rx_ev.channel >= 36 && rx_ev.channel <= ATH11K_MAX_5G_CHAN) {
7914 		status->band = NL80211_BAND_5GHZ;
7915 	} else {
7916 		/* Shouldn't happen unless list of advertised channels to
7917 		 * mac80211 has been changed.
7918 		 */
7919 		WARN_ON_ONCE(1);
7920 		dev_kfree_skb(skb);
7921 		goto exit;
7922 	}
7923 
7924 	if (rx_ev.phy_mode == MODE_11B &&
7925 	    (status->band == NL80211_BAND_5GHZ || status->band == NL80211_BAND_6GHZ))
7926 		ath11k_dbg(ab, ATH11K_DBG_WMI,
7927 			   "mgmt rx 11b (CCK) on 5/6GHz, band = %d\n", status->band);
7928 
7929 	sband = &ar->mac.sbands[status->band];
7930 
7931 	if (status->band != NL80211_BAND_6GHZ)
7932 		status->freq = ieee80211_channel_to_frequency(rx_ev.channel,
7933 							      status->band);
7934 
7935 	status->signal = rx_ev.snr + ATH11K_DEFAULT_NOISE_FLOOR;
7936 	status->rate_idx = ath11k_mac_bitrate_to_idx(sband, rx_ev.rate / 100);
7937 
7938 	hdr = (struct ieee80211_hdr *)skb->data;
7939 	fc = le16_to_cpu(hdr->frame_control);
7940 
7941 	/* Firmware is guaranteed to report all essential management frames via
7942 	 * WMI while it can deliver some extra via HTT. Since there can be
7943 	 * duplicates split the reporting wrt monitor/sniffing.
7944 	 */
7945 	status->flag |= RX_FLAG_SKIP_MONITOR;
7946 
7947 	/* In case of PMF, FW delivers decrypted frames with Protected Bit set.
7948 	 * Don't clear that. Also, FW delivers broadcast management frames
7949 	 * (ex: group privacy action frames in mesh) as encrypted payload.
7950 	 */
7951 	if (ieee80211_has_protected(hdr->frame_control) &&
7952 	    !is_multicast_ether_addr(ieee80211_get_DA(hdr))) {
7953 		status->flag |= RX_FLAG_DECRYPTED;
7954 
7955 		if (!ieee80211_is_robust_mgmt_frame(skb)) {
7956 			status->flag |= RX_FLAG_IV_STRIPPED |
7957 					RX_FLAG_MMIC_STRIPPED;
7958 			hdr->frame_control = __cpu_to_le16(fc &
7959 					     ~IEEE80211_FCTL_PROTECTED);
7960 		}
7961 	}
7962 
7963 	if (ieee80211_is_beacon(hdr->frame_control))
7964 		ath11k_mac_handle_beacon(ar, skb);
7965 
7966 	ath11k_dbg(ab, ATH11K_DBG_MGMT,
7967 		   "event mgmt rx skb %p len %d ftype %02x stype %02x\n",
7968 		   skb, skb->len,
7969 		   fc & IEEE80211_FCTL_FTYPE, fc & IEEE80211_FCTL_STYPE);
7970 
7971 	ath11k_dbg(ab, ATH11K_DBG_MGMT,
7972 		   "event mgmt rx freq %d band %d snr %d, rate_idx %d\n",
7973 		   status->freq, status->band, status->signal,
7974 		   status->rate_idx);
7975 
7976 	ieee80211_rx_ni(ar->hw, skb);
7977 
7978 exit:
7979 	rcu_read_unlock();
7980 }
7981 
7982 static void ath11k_mgmt_tx_compl_event(struct ath11k_base *ab, struct sk_buff *skb)
7983 {
7984 	struct wmi_mgmt_tx_compl_event tx_compl_param = {0};
7985 	struct ath11k *ar;
7986 
7987 	if (ath11k_pull_mgmt_tx_compl_param_tlv(ab, skb, &tx_compl_param) != 0) {
7988 		ath11k_warn(ab, "failed to extract mgmt tx compl event");
7989 		return;
7990 	}
7991 
7992 	rcu_read_lock();
7993 	ar = ath11k_mac_get_ar_by_pdev_id(ab, tx_compl_param.pdev_id);
7994 	if (!ar) {
7995 		ath11k_warn(ab, "invalid pdev id %d in mgmt_tx_compl_event\n",
7996 			    tx_compl_param.pdev_id);
7997 		goto exit;
7998 	}
7999 
8000 	wmi_process_mgmt_tx_comp(ar, &tx_compl_param);
8001 
8002 	ath11k_dbg(ab, ATH11K_DBG_MGMT,
8003 		   "event mgmt tx compl ev pdev_id %d, desc_id %d, status %d ack_rssi %d",
8004 		   tx_compl_param.pdev_id, tx_compl_param.desc_id,
8005 		   tx_compl_param.status, tx_compl_param.ack_rssi);
8006 
8007 exit:
8008 	rcu_read_unlock();
8009 }
8010 
8011 static struct ath11k *ath11k_get_ar_on_scan_state(struct ath11k_base *ab,
8012 						  u32 vdev_id,
8013 						  enum ath11k_scan_state state)
8014 {
8015 	int i;
8016 	struct ath11k_pdev *pdev;
8017 	struct ath11k *ar;
8018 
8019 	for (i = 0; i < ab->num_radios; i++) {
8020 		pdev = rcu_dereference(ab->pdevs_active[i]);
8021 		if (pdev && pdev->ar) {
8022 			ar = pdev->ar;
8023 
8024 			spin_lock_bh(&ar->data_lock);
8025 			if (ar->scan.state == state &&
8026 			    ar->scan.vdev_id == vdev_id) {
8027 				spin_unlock_bh(&ar->data_lock);
8028 				return ar;
8029 			}
8030 			spin_unlock_bh(&ar->data_lock);
8031 		}
8032 	}
8033 	return NULL;
8034 }
8035 
8036 static void ath11k_scan_event(struct ath11k_base *ab, struct sk_buff *skb)
8037 {
8038 	struct ath11k *ar;
8039 	struct wmi_scan_event scan_ev = {0};
8040 
8041 	if (ath11k_pull_scan_ev(ab, skb, &scan_ev) != 0) {
8042 		ath11k_warn(ab, "failed to extract scan event");
8043 		return;
8044 	}
8045 
8046 	rcu_read_lock();
8047 
8048 	/* In case the scan was cancelled, ex. during interface teardown,
8049 	 * the interface will not be found in active interfaces.
8050 	 * Rather, in such scenarios, iterate over the active pdev's to
8051 	 * search 'ar' if the corresponding 'ar' scan is ABORTING and the
8052 	 * aborting scan's vdev id matches this event info.
8053 	 */
8054 	if (scan_ev.event_type == WMI_SCAN_EVENT_COMPLETED &&
8055 	    scan_ev.reason == WMI_SCAN_REASON_CANCELLED) {
8056 		ar = ath11k_get_ar_on_scan_state(ab, scan_ev.vdev_id,
8057 						 ATH11K_SCAN_ABORTING);
8058 		if (!ar)
8059 			ar = ath11k_get_ar_on_scan_state(ab, scan_ev.vdev_id,
8060 							 ATH11K_SCAN_RUNNING);
8061 	} else {
8062 		ar = ath11k_mac_get_ar_by_vdev_id(ab, scan_ev.vdev_id);
8063 	}
8064 
8065 	if (!ar) {
8066 		ath11k_warn(ab, "Received scan event for unknown vdev");
8067 		rcu_read_unlock();
8068 		return;
8069 	}
8070 
8071 	spin_lock_bh(&ar->data_lock);
8072 
8073 	ath11k_dbg(ab, ATH11K_DBG_WMI,
8074 		   "event scan %s type %d reason %d freq %d req_id %d scan_id %d vdev_id %d state %s (%d)\n",
8075 		   ath11k_wmi_event_scan_type_str(scan_ev.event_type, scan_ev.reason),
8076 		   scan_ev.event_type, scan_ev.reason, scan_ev.channel_freq,
8077 		   scan_ev.scan_req_id, scan_ev.scan_id, scan_ev.vdev_id,
8078 		   ath11k_scan_state_str(ar->scan.state), ar->scan.state);
8079 
8080 	switch (scan_ev.event_type) {
8081 	case WMI_SCAN_EVENT_STARTED:
8082 		ath11k_wmi_event_scan_started(ar);
8083 		break;
8084 	case WMI_SCAN_EVENT_COMPLETED:
8085 		ath11k_wmi_event_scan_completed(ar);
8086 		break;
8087 	case WMI_SCAN_EVENT_BSS_CHANNEL:
8088 		ath11k_wmi_event_scan_bss_chan(ar);
8089 		break;
8090 	case WMI_SCAN_EVENT_FOREIGN_CHAN:
8091 		ath11k_wmi_event_scan_foreign_chan(ar, scan_ev.channel_freq);
8092 		break;
8093 	case WMI_SCAN_EVENT_START_FAILED:
8094 		ath11k_warn(ab, "received scan start failure event\n");
8095 		ath11k_wmi_event_scan_start_failed(ar);
8096 		break;
8097 	case WMI_SCAN_EVENT_DEQUEUED:
8098 		__ath11k_mac_scan_finish(ar);
8099 		break;
8100 	case WMI_SCAN_EVENT_PREEMPTED:
8101 	case WMI_SCAN_EVENT_RESTARTED:
8102 	case WMI_SCAN_EVENT_FOREIGN_CHAN_EXIT:
8103 	default:
8104 		break;
8105 	}
8106 
8107 	spin_unlock_bh(&ar->data_lock);
8108 
8109 	rcu_read_unlock();
8110 }
8111 
8112 static void ath11k_peer_sta_kickout_event(struct ath11k_base *ab, struct sk_buff *skb)
8113 {
8114 	struct wmi_peer_sta_kickout_arg arg = {};
8115 	struct ieee80211_sta *sta;
8116 	struct ath11k_peer *peer;
8117 	struct ath11k *ar;
8118 	u32 vdev_id;
8119 
8120 	if (ath11k_pull_peer_sta_kickout_ev(ab, skb, &arg) != 0) {
8121 		ath11k_warn(ab, "failed to extract peer sta kickout event");
8122 		return;
8123 	}
8124 
8125 	rcu_read_lock();
8126 
8127 	spin_lock_bh(&ab->base_lock);
8128 
8129 	peer = ath11k_peer_find_by_addr(ab, arg.mac_addr);
8130 
8131 	if (!peer) {
8132 		ath11k_warn(ab, "peer not found %pM\n",
8133 			    arg.mac_addr);
8134 		spin_unlock_bh(&ab->base_lock);
8135 		goto exit;
8136 	}
8137 
8138 	vdev_id = peer->vdev_id;
8139 
8140 	spin_unlock_bh(&ab->base_lock);
8141 
8142 	ar = ath11k_mac_get_ar_by_vdev_id(ab, vdev_id);
8143 	if (!ar) {
8144 		ath11k_warn(ab, "invalid vdev id in peer sta kickout ev %d",
8145 			    peer->vdev_id);
8146 		goto exit;
8147 	}
8148 
8149 	sta = ieee80211_find_sta_by_ifaddr(ar->hw,
8150 					   arg.mac_addr, NULL);
8151 	if (!sta) {
8152 		ath11k_warn(ab, "Spurious quick kickout for STA %pM\n",
8153 			    arg.mac_addr);
8154 		goto exit;
8155 	}
8156 
8157 	ath11k_dbg(ab, ATH11K_DBG_WMI, "event peer sta kickout %pM",
8158 		   arg.mac_addr);
8159 
8160 	ieee80211_report_low_ack(sta, 10);
8161 
8162 exit:
8163 	rcu_read_unlock();
8164 }
8165 
8166 static void ath11k_roam_event(struct ath11k_base *ab, struct sk_buff *skb)
8167 {
8168 	struct wmi_roam_event roam_ev = {};
8169 	struct ath11k *ar;
8170 
8171 	if (ath11k_pull_roam_ev(ab, skb, &roam_ev) != 0) {
8172 		ath11k_warn(ab, "failed to extract roam event");
8173 		return;
8174 	}
8175 
8176 	ath11k_dbg(ab, ATH11K_DBG_WMI,
8177 		   "event roam vdev %u reason 0x%08x rssi %d\n",
8178 		   roam_ev.vdev_id, roam_ev.reason, roam_ev.rssi);
8179 
8180 	rcu_read_lock();
8181 	ar = ath11k_mac_get_ar_by_vdev_id(ab, roam_ev.vdev_id);
8182 	if (!ar) {
8183 		ath11k_warn(ab, "invalid vdev id in roam ev %d",
8184 			    roam_ev.vdev_id);
8185 		rcu_read_unlock();
8186 		return;
8187 	}
8188 
8189 	if (roam_ev.reason >= WMI_ROAM_REASON_MAX)
8190 		ath11k_warn(ab, "ignoring unknown roam event reason %d on vdev %i\n",
8191 			    roam_ev.reason, roam_ev.vdev_id);
8192 
8193 	switch (roam_ev.reason) {
8194 	case WMI_ROAM_REASON_BEACON_MISS:
8195 		ath11k_mac_handle_beacon_miss(ar, roam_ev.vdev_id);
8196 		break;
8197 	case WMI_ROAM_REASON_BETTER_AP:
8198 	case WMI_ROAM_REASON_LOW_RSSI:
8199 	case WMI_ROAM_REASON_SUITABLE_AP_FOUND:
8200 	case WMI_ROAM_REASON_HO_FAILED:
8201 		ath11k_warn(ab, "ignoring not implemented roam event reason %d on vdev %i\n",
8202 			    roam_ev.reason, roam_ev.vdev_id);
8203 		break;
8204 	}
8205 
8206 	rcu_read_unlock();
8207 }
8208 
8209 static void ath11k_chan_info_event(struct ath11k_base *ab, struct sk_buff *skb)
8210 {
8211 	struct wmi_chan_info_event ch_info_ev = {0};
8212 	struct ath11k *ar;
8213 	struct survey_info *survey;
8214 	int idx;
8215 	/* HW channel counters frequency value in hertz */
8216 	u32 cc_freq_hz = ab->cc_freq_hz;
8217 
8218 	if (ath11k_pull_chan_info_ev(ab, skb->data, skb->len, &ch_info_ev) != 0) {
8219 		ath11k_warn(ab, "failed to extract chan info event");
8220 		return;
8221 	}
8222 
8223 	ath11k_dbg(ab, ATH11K_DBG_WMI,
8224 		   "event chan info vdev_id %d err_code %d freq %d cmd_flags %d noise_floor %d rx_clear_count %d cycle_count %d mac_clk_mhz %d\n",
8225 		   ch_info_ev.vdev_id, ch_info_ev.err_code, ch_info_ev.freq,
8226 		   ch_info_ev.cmd_flags, ch_info_ev.noise_floor,
8227 		   ch_info_ev.rx_clear_count, ch_info_ev.cycle_count,
8228 		   ch_info_ev.mac_clk_mhz);
8229 
8230 	if (ch_info_ev.cmd_flags == WMI_CHAN_INFO_END_RESP) {
8231 		ath11k_dbg(ab, ATH11K_DBG_WMI, "chan info report completed\n");
8232 		return;
8233 	}
8234 
8235 	rcu_read_lock();
8236 	ar = ath11k_mac_get_ar_by_vdev_id(ab, ch_info_ev.vdev_id);
8237 	if (!ar) {
8238 		ath11k_warn(ab, "invalid vdev id in chan info ev %d",
8239 			    ch_info_ev.vdev_id);
8240 		rcu_read_unlock();
8241 		return;
8242 	}
8243 	spin_lock_bh(&ar->data_lock);
8244 
8245 	switch (ar->scan.state) {
8246 	case ATH11K_SCAN_IDLE:
8247 	case ATH11K_SCAN_STARTING:
8248 		ath11k_warn(ab, "received chan info event without a scan request, ignoring\n");
8249 		goto exit;
8250 	case ATH11K_SCAN_RUNNING:
8251 	case ATH11K_SCAN_ABORTING:
8252 		break;
8253 	}
8254 
8255 	idx = freq_to_idx(ar, ch_info_ev.freq);
8256 	if (idx >= ARRAY_SIZE(ar->survey)) {
8257 		ath11k_warn(ab, "chan info: invalid frequency %d (idx %d out of bounds)\n",
8258 			    ch_info_ev.freq, idx);
8259 		goto exit;
8260 	}
8261 
8262 	/* If FW provides MAC clock frequency in Mhz, overriding the initialized
8263 	 * HW channel counters frequency value
8264 	 */
8265 	if (ch_info_ev.mac_clk_mhz)
8266 		cc_freq_hz = (ch_info_ev.mac_clk_mhz * 1000);
8267 
8268 	if (ch_info_ev.cmd_flags == WMI_CHAN_INFO_START_RESP) {
8269 		survey = &ar->survey[idx];
8270 		memset(survey, 0, sizeof(*survey));
8271 		survey->noise = ch_info_ev.noise_floor;
8272 		survey->filled = SURVEY_INFO_NOISE_DBM | SURVEY_INFO_TIME |
8273 				 SURVEY_INFO_TIME_BUSY;
8274 		survey->time = div_u64(ch_info_ev.cycle_count, cc_freq_hz);
8275 		survey->time_busy = div_u64(ch_info_ev.rx_clear_count, cc_freq_hz);
8276 	}
8277 exit:
8278 	spin_unlock_bh(&ar->data_lock);
8279 	rcu_read_unlock();
8280 }
8281 
8282 static void
8283 ath11k_pdev_bss_chan_info_event(struct ath11k_base *ab, struct sk_buff *skb)
8284 {
8285 	struct wmi_pdev_bss_chan_info_event bss_ch_info_ev = {};
8286 	struct survey_info *survey;
8287 	struct ath11k *ar;
8288 	u32 cc_freq_hz = ab->cc_freq_hz;
8289 	u64 busy, total, tx, rx, rx_bss;
8290 	int idx;
8291 
8292 	if (ath11k_pull_pdev_bss_chan_info_ev(ab, skb, &bss_ch_info_ev) != 0) {
8293 		ath11k_warn(ab, "failed to extract pdev bss chan info event");
8294 		return;
8295 	}
8296 
8297 	busy = (u64)(bss_ch_info_ev.rx_clear_count_high) << 32 |
8298 			bss_ch_info_ev.rx_clear_count_low;
8299 
8300 	total = (u64)(bss_ch_info_ev.cycle_count_high) << 32 |
8301 			bss_ch_info_ev.cycle_count_low;
8302 
8303 	tx = (u64)(bss_ch_info_ev.tx_cycle_count_high) << 32 |
8304 			bss_ch_info_ev.tx_cycle_count_low;
8305 
8306 	rx = (u64)(bss_ch_info_ev.rx_cycle_count_high) << 32 |
8307 			bss_ch_info_ev.rx_cycle_count_low;
8308 
8309 	rx_bss = (u64)(bss_ch_info_ev.rx_bss_cycle_count_high) << 32 |
8310 			bss_ch_info_ev.rx_bss_cycle_count_low;
8311 
8312 	ath11k_dbg(ab, ATH11K_DBG_WMI,
8313 #if defined(__linux__)
8314 		   "event pdev bss chan info:\n pdev_id: %d freq: %d noise: %d cycle: busy %llu total %llu tx %llu rx %llu rx_bss %llu\n",
8315 		   bss_ch_info_ev.pdev_id, bss_ch_info_ev.freq,
8316 		   bss_ch_info_ev.noise_floor, busy, total,
8317 		   tx, rx, rx_bss);
8318 #elif defined(__FreeBSD__)
8319 		   "event pdev bss chan info:\n pdev_id: %d freq: %d noise: %d cycle: busy %ju total %ju tx %ju rx %ju rx_bss %ju\n",
8320 		   bss_ch_info_ev.pdev_id, bss_ch_info_ev.freq,
8321 		   bss_ch_info_ev.noise_floor, (uintmax_t)busy, (uintmax_t)total,
8322 		   (uintmax_t)tx, (uintmax_t)rx, (uintmax_t)rx_bss);
8323 #endif
8324 
8325 	rcu_read_lock();
8326 	ar = ath11k_mac_get_ar_by_pdev_id(ab, bss_ch_info_ev.pdev_id);
8327 
8328 	if (!ar) {
8329 		ath11k_warn(ab, "invalid pdev id %d in bss_chan_info event\n",
8330 			    bss_ch_info_ev.pdev_id);
8331 		rcu_read_unlock();
8332 		return;
8333 	}
8334 
8335 	spin_lock_bh(&ar->data_lock);
8336 	idx = freq_to_idx(ar, bss_ch_info_ev.freq);
8337 	if (idx >= ARRAY_SIZE(ar->survey)) {
8338 		ath11k_warn(ab, "bss chan info: invalid frequency %d (idx %d out of bounds)\n",
8339 			    bss_ch_info_ev.freq, idx);
8340 		goto exit;
8341 	}
8342 
8343 	survey = &ar->survey[idx];
8344 
8345 	survey->noise     = bss_ch_info_ev.noise_floor;
8346 	survey->time      = div_u64(total, cc_freq_hz);
8347 	survey->time_busy = div_u64(busy, cc_freq_hz);
8348 	survey->time_rx   = div_u64(rx_bss, cc_freq_hz);
8349 	survey->time_tx   = div_u64(tx, cc_freq_hz);
8350 	survey->filled   |= (SURVEY_INFO_NOISE_DBM |
8351 			     SURVEY_INFO_TIME |
8352 			     SURVEY_INFO_TIME_BUSY |
8353 			     SURVEY_INFO_TIME_RX |
8354 			     SURVEY_INFO_TIME_TX);
8355 exit:
8356 	spin_unlock_bh(&ar->data_lock);
8357 	complete(&ar->bss_survey_done);
8358 
8359 	rcu_read_unlock();
8360 }
8361 
8362 static void ath11k_vdev_install_key_compl_event(struct ath11k_base *ab,
8363 						struct sk_buff *skb)
8364 {
8365 	struct wmi_vdev_install_key_complete_arg install_key_compl = {0};
8366 	struct ath11k *ar;
8367 
8368 	if (ath11k_pull_vdev_install_key_compl_ev(ab, skb, &install_key_compl) != 0) {
8369 		ath11k_warn(ab, "failed to extract install key compl event");
8370 		return;
8371 	}
8372 
8373 	ath11k_dbg(ab, ATH11K_DBG_WMI,
8374 		   "event vdev install key ev idx %d flags %08x macaddr %pM status %d\n",
8375 		   install_key_compl.key_idx, install_key_compl.key_flags,
8376 		   install_key_compl.macaddr, install_key_compl.status);
8377 
8378 	rcu_read_lock();
8379 	ar = ath11k_mac_get_ar_by_vdev_id(ab, install_key_compl.vdev_id);
8380 	if (!ar) {
8381 		ath11k_warn(ab, "invalid vdev id in install key compl ev %d",
8382 			    install_key_compl.vdev_id);
8383 		rcu_read_unlock();
8384 		return;
8385 	}
8386 
8387 	ar->install_key_status = 0;
8388 
8389 	if (install_key_compl.status != WMI_VDEV_INSTALL_KEY_COMPL_STATUS_SUCCESS) {
8390 		ath11k_warn(ab, "install key failed for %pM status %d\n",
8391 			    install_key_compl.macaddr, install_key_compl.status);
8392 		ar->install_key_status = install_key_compl.status;
8393 	}
8394 
8395 	complete(&ar->install_key_done);
8396 	rcu_read_unlock();
8397 }
8398 
8399 static int  ath11k_wmi_tlv_services_parser(struct ath11k_base *ab,
8400 					   u16 tag, u16 len,
8401 					   const void *ptr, void *data)
8402 {
8403 	const struct wmi_service_available_event *ev;
8404 #if defined(__linux__)
8405 	u32 *wmi_ext2_service_bitmap;
8406 #elif defined(__FreeBSD__)
8407 	const u32 *wmi_ext2_service_bitmap;
8408 #endif
8409 	int i, j;
8410 
8411 	switch (tag) {
8412 	case WMI_TAG_SERVICE_AVAILABLE_EVENT:
8413 #if defined(__linux__)
8414 		ev = (struct wmi_service_available_event *)ptr;
8415 #elif defined(__FreeBSD__)
8416 		ev = (const struct wmi_service_available_event *)ptr;
8417 #endif
8418 		for (i = 0, j = WMI_MAX_SERVICE;
8419 			i < WMI_SERVICE_SEGMENT_BM_SIZE32 && j < WMI_MAX_EXT_SERVICE;
8420 			i++) {
8421 			do {
8422 				if (ev->wmi_service_segment_bitmap[i] &
8423 				    BIT(j % WMI_AVAIL_SERVICE_BITS_IN_SIZE32))
8424 					set_bit(j, ab->wmi_ab.svc_map);
8425 			} while (++j % WMI_AVAIL_SERVICE_BITS_IN_SIZE32);
8426 		}
8427 
8428 		ath11k_dbg(ab, ATH11K_DBG_WMI,
8429 			   "wmi_ext_service_bitmap 0:0x%04x, 1:0x%04x, 2:0x%04x, 3:0x%04x",
8430 			   ev->wmi_service_segment_bitmap[0],
8431 			   ev->wmi_service_segment_bitmap[1],
8432 			   ev->wmi_service_segment_bitmap[2],
8433 			   ev->wmi_service_segment_bitmap[3]);
8434 		break;
8435 	case WMI_TAG_ARRAY_UINT32:
8436 #if defined(__linux__)
8437 		wmi_ext2_service_bitmap = (u32 *)ptr;
8438 #elif defined(__FreeBSD__)
8439 		wmi_ext2_service_bitmap = (const u32 *)ptr;
8440 #endif
8441 		for (i = 0, j = WMI_MAX_EXT_SERVICE;
8442 			i < WMI_SERVICE_SEGMENT_BM_SIZE32 && j < WMI_MAX_EXT2_SERVICE;
8443 			i++) {
8444 			do {
8445 				if (wmi_ext2_service_bitmap[i] &
8446 				    BIT(j % WMI_AVAIL_SERVICE_BITS_IN_SIZE32))
8447 					set_bit(j, ab->wmi_ab.svc_map);
8448 			} while (++j % WMI_AVAIL_SERVICE_BITS_IN_SIZE32);
8449 		}
8450 
8451 		ath11k_dbg(ab, ATH11K_DBG_WMI,
8452 			   "wmi_ext2_service__bitmap  0:0x%04x, 1:0x%04x, 2:0x%04x, 3:0x%04x",
8453 			   wmi_ext2_service_bitmap[0], wmi_ext2_service_bitmap[1],
8454 			   wmi_ext2_service_bitmap[2], wmi_ext2_service_bitmap[3]);
8455 		break;
8456 	}
8457 	return 0;
8458 }
8459 
8460 static void ath11k_service_available_event(struct ath11k_base *ab, struct sk_buff *skb)
8461 {
8462 	int ret;
8463 
8464 	ret = ath11k_wmi_tlv_iter(ab, skb->data, skb->len,
8465 				  ath11k_wmi_tlv_services_parser,
8466 				  NULL);
8467 	if (ret)
8468 		ath11k_warn(ab, "failed to parse services available tlv %d\n", ret);
8469 
8470 	ath11k_dbg(ab, ATH11K_DBG_WMI, "event service available");
8471 }
8472 
8473 static void ath11k_peer_assoc_conf_event(struct ath11k_base *ab, struct sk_buff *skb)
8474 {
8475 	struct wmi_peer_assoc_conf_arg peer_assoc_conf = {0};
8476 	struct ath11k *ar;
8477 
8478 	if (ath11k_pull_peer_assoc_conf_ev(ab, skb, &peer_assoc_conf) != 0) {
8479 		ath11k_warn(ab, "failed to extract peer assoc conf event");
8480 		return;
8481 	}
8482 
8483 	ath11k_dbg(ab, ATH11K_DBG_WMI,
8484 		   "event peer assoc conf ev vdev id %d macaddr %pM\n",
8485 		   peer_assoc_conf.vdev_id, peer_assoc_conf.macaddr);
8486 
8487 	rcu_read_lock();
8488 	ar = ath11k_mac_get_ar_by_vdev_id(ab, peer_assoc_conf.vdev_id);
8489 
8490 	if (!ar) {
8491 		ath11k_warn(ab, "invalid vdev id in peer assoc conf ev %d",
8492 			    peer_assoc_conf.vdev_id);
8493 		rcu_read_unlock();
8494 		return;
8495 	}
8496 
8497 	complete(&ar->peer_assoc_done);
8498 	rcu_read_unlock();
8499 }
8500 
8501 static void ath11k_update_stats_event(struct ath11k_base *ab, struct sk_buff *skb)
8502 {
8503 	struct ath11k_fw_stats stats = {};
8504 	struct ath11k *ar;
8505 	int ret;
8506 
8507 	INIT_LIST_HEAD(&stats.pdevs);
8508 	INIT_LIST_HEAD(&stats.vdevs);
8509 	INIT_LIST_HEAD(&stats.bcn);
8510 
8511 	ret = ath11k_wmi_pull_fw_stats(ab, skb, &stats);
8512 	if (ret) {
8513 		ath11k_warn(ab, "failed to pull fw stats: %d\n", ret);
8514 		goto free;
8515 	}
8516 
8517 	ath11k_dbg(ab, ATH11K_DBG_WMI, "event update stats");
8518 
8519 	rcu_read_lock();
8520 	ar = ath11k_mac_get_ar_by_pdev_id(ab, stats.pdev_id);
8521 	if (!ar) {
8522 		rcu_read_unlock();
8523 		ath11k_warn(ab, "failed to get ar for pdev_id %d: %d\n",
8524 			    stats.pdev_id, ret);
8525 		goto free;
8526 	}
8527 
8528 	spin_lock_bh(&ar->data_lock);
8529 
8530 	/* WMI_REQUEST_PDEV_STAT can be requested via .get_txpower mac ops or via
8531 	 * debugfs fw stats. Therefore, processing it separately.
8532 	 */
8533 	if (stats.stats_id == WMI_REQUEST_PDEV_STAT) {
8534 		list_splice_tail_init(&stats.pdevs, &ar->fw_stats.pdevs);
8535 		ar->fw_stats_done = true;
8536 		goto complete;
8537 	}
8538 
8539 	/* WMI_REQUEST_VDEV_STAT, WMI_REQUEST_BCN_STAT and WMI_REQUEST_RSSI_PER_CHAIN_STAT
8540 	 * are currently requested only via debugfs fw stats. Hence, processing these
8541 	 * in debugfs context
8542 	 */
8543 	ath11k_debugfs_fw_stats_process(ar, &stats);
8544 
8545 complete:
8546 	complete(&ar->fw_stats_complete);
8547 	rcu_read_unlock();
8548 	spin_unlock_bh(&ar->data_lock);
8549 
8550 	/* Since the stats's pdev, vdev and beacon list are spliced and reinitialised
8551 	 * at this point, no need to free the individual list.
8552 	 */
8553 	return;
8554 
8555 free:
8556 	ath11k_fw_stats_free(&stats);
8557 }
8558 
8559 /* PDEV_CTL_FAILSAFE_CHECK_EVENT is received from FW when the frequency scanned
8560  * is not part of BDF CTL(Conformance test limits) table entries.
8561  */
8562 static void ath11k_pdev_ctl_failsafe_check_event(struct ath11k_base *ab,
8563 						 struct sk_buff *skb)
8564 {
8565 	const void **tb;
8566 	const struct wmi_pdev_ctl_failsafe_chk_event *ev;
8567 	int ret;
8568 
8569 	tb = ath11k_wmi_tlv_parse_alloc(ab, skb->data, skb->len, GFP_ATOMIC);
8570 	if (IS_ERR(tb)) {
8571 		ret = PTR_ERR(tb);
8572 		ath11k_warn(ab, "failed to parse tlv: %d\n", ret);
8573 		return;
8574 	}
8575 
8576 	ev = tb[WMI_TAG_PDEV_CTL_FAILSAFE_CHECK_EVENT];
8577 	if (!ev) {
8578 		ath11k_warn(ab, "failed to fetch pdev ctl failsafe check ev");
8579 		kfree(tb);
8580 		return;
8581 	}
8582 
8583 	ath11k_dbg(ab, ATH11K_DBG_WMI,
8584 		   "event pdev ctl failsafe check status %d\n",
8585 		   ev->ctl_failsafe_status);
8586 
8587 	/* If ctl_failsafe_status is set to 1 FW will max out the Transmit power
8588 	 * to 10 dBm else the CTL power entry in the BDF would be picked up.
8589 	 */
8590 	if (ev->ctl_failsafe_status != 0)
8591 		ath11k_warn(ab, "pdev ctl failsafe failure status %d",
8592 			    ev->ctl_failsafe_status);
8593 
8594 	kfree(tb);
8595 }
8596 
8597 static void
8598 ath11k_wmi_process_csa_switch_count_event(struct ath11k_base *ab,
8599 					  const struct wmi_pdev_csa_switch_ev *ev,
8600 					  const u32 *vdev_ids)
8601 {
8602 	int i;
8603 	struct ath11k_vif *arvif;
8604 
8605 	/* Finish CSA once the switch count becomes NULL */
8606 	if (ev->current_switch_count)
8607 		return;
8608 
8609 	rcu_read_lock();
8610 	for (i = 0; i < ev->num_vdevs; i++) {
8611 		arvif = ath11k_mac_get_arvif_by_vdev_id(ab, vdev_ids[i]);
8612 
8613 		if (!arvif) {
8614 			ath11k_warn(ab, "Recvd csa status for unknown vdev %d",
8615 				    vdev_ids[i]);
8616 			continue;
8617 		}
8618 
8619 		if (arvif->is_up && arvif->vif->bss_conf.csa_active)
8620 			ieee80211_csa_finish(arvif->vif);
8621 	}
8622 	rcu_read_unlock();
8623 }
8624 
8625 static void
8626 ath11k_wmi_pdev_csa_switch_count_status_event(struct ath11k_base *ab,
8627 					      struct sk_buff *skb)
8628 {
8629 	const void **tb;
8630 	const struct wmi_pdev_csa_switch_ev *ev;
8631 	const u32 *vdev_ids;
8632 	int ret;
8633 
8634 	tb = ath11k_wmi_tlv_parse_alloc(ab, skb->data, skb->len, GFP_ATOMIC);
8635 	if (IS_ERR(tb)) {
8636 		ret = PTR_ERR(tb);
8637 		ath11k_warn(ab, "failed to parse tlv: %d\n", ret);
8638 		return;
8639 	}
8640 
8641 	ev = tb[WMI_TAG_PDEV_CSA_SWITCH_COUNT_STATUS_EVENT];
8642 	vdev_ids = tb[WMI_TAG_ARRAY_UINT32];
8643 
8644 	if (!ev || !vdev_ids) {
8645 		ath11k_warn(ab, "failed to fetch pdev csa switch count ev");
8646 		kfree(tb);
8647 		return;
8648 	}
8649 
8650 	ath11k_dbg(ab, ATH11K_DBG_WMI,
8651 		   "event pdev csa switch count %d for pdev %d, num_vdevs %d",
8652 		   ev->current_switch_count, ev->pdev_id,
8653 		   ev->num_vdevs);
8654 
8655 	ath11k_wmi_process_csa_switch_count_event(ab, ev, vdev_ids);
8656 
8657 	kfree(tb);
8658 }
8659 
8660 static void
8661 ath11k_wmi_pdev_dfs_radar_detected_event(struct ath11k_base *ab, struct sk_buff *skb)
8662 {
8663 	const void **tb;
8664 	const struct wmi_pdev_radar_ev *ev;
8665 	struct ath11k *ar;
8666 	int ret;
8667 
8668 	tb = ath11k_wmi_tlv_parse_alloc(ab, skb->data, skb->len, GFP_ATOMIC);
8669 	if (IS_ERR(tb)) {
8670 		ret = PTR_ERR(tb);
8671 		ath11k_warn(ab, "failed to parse tlv: %d\n", ret);
8672 		return;
8673 	}
8674 
8675 	ev = tb[WMI_TAG_PDEV_DFS_RADAR_DETECTION_EVENT];
8676 
8677 	if (!ev) {
8678 		ath11k_warn(ab, "failed to fetch pdev dfs radar detected ev");
8679 		kfree(tb);
8680 		return;
8681 	}
8682 
8683 	ath11k_dbg(ab, ATH11K_DBG_WMI,
8684 		   "event pdev dfs radar detected on pdev %d, detection mode %d, chan freq %d, chan_width %d, detector id %d, seg id %d, timestamp %d, chirp %d, freq offset %d, sidx %d",
8685 		   ev->pdev_id, ev->detection_mode, ev->chan_freq, ev->chan_width,
8686 		   ev->detector_id, ev->segment_id, ev->timestamp, ev->is_chirp,
8687 		   ev->freq_offset, ev->sidx);
8688 
8689 	ar = ath11k_mac_get_ar_by_pdev_id(ab, ev->pdev_id);
8690 
8691 	if (!ar) {
8692 		ath11k_warn(ab, "radar detected in invalid pdev %d\n",
8693 			    ev->pdev_id);
8694 		goto exit;
8695 	}
8696 
8697 	ath11k_dbg(ar->ab, ATH11K_DBG_REG, "DFS Radar Detected in pdev %d\n",
8698 		   ev->pdev_id);
8699 
8700 	if (ar->dfs_block_radar_events)
8701 		ath11k_info(ab, "DFS Radar detected, but ignored as requested\n");
8702 	else
8703 		ieee80211_radar_detected(ar->hw);
8704 
8705 exit:
8706 	kfree(tb);
8707 }
8708 
8709 static void
8710 ath11k_wmi_pdev_temperature_event(struct ath11k_base *ab,
8711 				  struct sk_buff *skb)
8712 {
8713 	struct ath11k *ar;
8714 	const void **tb;
8715 	const struct wmi_pdev_temperature_event *ev;
8716 	int ret;
8717 
8718 	tb = ath11k_wmi_tlv_parse_alloc(ab, skb->data, skb->len, GFP_ATOMIC);
8719 	if (IS_ERR(tb)) {
8720 		ret = PTR_ERR(tb);
8721 		ath11k_warn(ab, "failed to parse tlv: %d\n", ret);
8722 		return;
8723 	}
8724 
8725 	ev = tb[WMI_TAG_PDEV_TEMPERATURE_EVENT];
8726 	if (!ev) {
8727 		ath11k_warn(ab, "failed to fetch pdev temp ev");
8728 		kfree(tb);
8729 		return;
8730 	}
8731 
8732 	ath11k_dbg(ab, ATH11K_DBG_WMI, "event pdev temperature ev temp %d pdev_id %d\n",
8733 		   ev->temp, ev->pdev_id);
8734 
8735 	ar = ath11k_mac_get_ar_by_pdev_id(ab, ev->pdev_id);
8736 	if (!ar) {
8737 		ath11k_warn(ab, "invalid pdev id in pdev temperature ev %d", ev->pdev_id);
8738 		kfree(tb);
8739 		return;
8740 	}
8741 
8742 	ath11k_thermal_event_temperature(ar, ev->temp);
8743 
8744 	kfree(tb);
8745 }
8746 
8747 static void ath11k_fils_discovery_event(struct ath11k_base *ab,
8748 					struct sk_buff *skb)
8749 {
8750 	const void **tb;
8751 	const struct wmi_fils_discovery_event *ev;
8752 	int ret;
8753 
8754 	tb = ath11k_wmi_tlv_parse_alloc(ab, skb->data, skb->len, GFP_ATOMIC);
8755 	if (IS_ERR(tb)) {
8756 		ret = PTR_ERR(tb);
8757 		ath11k_warn(ab,
8758 			    "failed to parse FILS discovery event tlv %d\n",
8759 			    ret);
8760 		return;
8761 	}
8762 
8763 	ath11k_dbg(ab, ATH11K_DBG_WMI, "event fils discovery");
8764 
8765 	ev = tb[WMI_TAG_HOST_SWFDA_EVENT];
8766 	if (!ev) {
8767 		ath11k_warn(ab, "failed to fetch FILS discovery event\n");
8768 		kfree(tb);
8769 		return;
8770 	}
8771 
8772 	ath11k_warn(ab,
8773 		    "FILS discovery frame expected from host for vdev_id: %u, transmission scheduled at %u, next TBTT: %u\n",
8774 		    ev->vdev_id, ev->fils_tt, ev->tbtt);
8775 
8776 	kfree(tb);
8777 }
8778 
8779 static void ath11k_probe_resp_tx_status_event(struct ath11k_base *ab,
8780 					      struct sk_buff *skb)
8781 {
8782 	const void **tb;
8783 	const struct wmi_probe_resp_tx_status_event *ev;
8784 	int ret;
8785 
8786 	tb = ath11k_wmi_tlv_parse_alloc(ab, skb->data, skb->len, GFP_ATOMIC);
8787 	if (IS_ERR(tb)) {
8788 		ret = PTR_ERR(tb);
8789 		ath11k_warn(ab,
8790 			    "failed to parse probe response transmission status event tlv: %d\n",
8791 			    ret);
8792 		return;
8793 	}
8794 
8795 	ath11k_dbg(ab, ATH11K_DBG_WMI, "event probe resp tx status");
8796 
8797 	ev = tb[WMI_TAG_OFFLOAD_PRB_RSP_TX_STATUS_EVENT];
8798 	if (!ev) {
8799 		ath11k_warn(ab,
8800 			    "failed to fetch probe response transmission status event");
8801 		kfree(tb);
8802 		return;
8803 	}
8804 
8805 	if (ev->tx_status)
8806 		ath11k_warn(ab,
8807 			    "Probe response transmission failed for vdev_id %u, status %u\n",
8808 			    ev->vdev_id, ev->tx_status);
8809 
8810 	kfree(tb);
8811 }
8812 
8813 static int ath11k_wmi_tlv_wow_wakeup_host_parse(struct ath11k_base *ab,
8814 						u16 tag, u16 len,
8815 						const void *ptr, void *data)
8816 {
8817 	struct wmi_wow_ev_arg *ev = data;
8818 	const char *wow_pg_fault;
8819 	int wow_pg_len;
8820 
8821 	switch (tag) {
8822 	case WMI_TAG_WOW_EVENT_INFO:
8823 		memcpy(ev, ptr, sizeof(*ev));
8824 		ath11k_dbg(ab, ATH11K_DBG_WMI, "wow wakeup host reason %d %s\n",
8825 			   ev->wake_reason, wow_reason(ev->wake_reason));
8826 		break;
8827 
8828 	case WMI_TAG_ARRAY_BYTE:
8829 		if (ev && ev->wake_reason == WOW_REASON_PAGE_FAULT) {
8830 			wow_pg_fault = ptr;
8831 			/* the first 4 bytes are length */
8832 #if defined(__linux__)
8833 			wow_pg_len = *(int *)wow_pg_fault;
8834 #elif defined(__FreeBSD__)
8835 			memcpy(&wow_pg_len, wow_pg_fault, sizeof(wow_pg_len));
8836 #endif
8837 			wow_pg_fault += sizeof(int);
8838 			ath11k_dbg(ab, ATH11K_DBG_WMI, "wow data_len = %d\n",
8839 				   wow_pg_len);
8840 			ath11k_dbg_dump(ab, ATH11K_DBG_WMI,
8841 					"wow_event_info_type packet present",
8842 					"wow_pg_fault ",
8843 					wow_pg_fault,
8844 					wow_pg_len);
8845 		}
8846 		break;
8847 	default:
8848 		break;
8849 	}
8850 
8851 	return 0;
8852 }
8853 
8854 static void ath11k_wmi_event_wow_wakeup_host(struct ath11k_base *ab, struct sk_buff *skb)
8855 {
8856 	struct wmi_wow_ev_arg ev = { };
8857 	int ret;
8858 
8859 	ret = ath11k_wmi_tlv_iter(ab, skb->data, skb->len,
8860 				  ath11k_wmi_tlv_wow_wakeup_host_parse,
8861 				  &ev);
8862 	if (ret) {
8863 		ath11k_warn(ab, "failed to parse wmi wow tlv: %d\n", ret);
8864 		return;
8865 	}
8866 
8867 	ath11k_dbg(ab, ATH11K_DBG_WMI, "event wow wakeup host");
8868 
8869 	complete(&ab->wow.wakeup_completed);
8870 }
8871 
8872 static void
8873 ath11k_wmi_diag_event(struct ath11k_base *ab,
8874 		      struct sk_buff *skb)
8875 {
8876 	ath11k_dbg(ab, ATH11K_DBG_WMI, "event diag");
8877 
8878 	trace_ath11k_wmi_diag(ab, skb->data, skb->len);
8879 }
8880 
8881 static const char *ath11k_wmi_twt_add_dialog_event_status(u32 status)
8882 {
8883 	switch (status) {
8884 	case WMI_ADD_TWT_STATUS_OK:
8885 		return "ok";
8886 	case WMI_ADD_TWT_STATUS_TWT_NOT_ENABLED:
8887 		return "twt disabled";
8888 	case WMI_ADD_TWT_STATUS_USED_DIALOG_ID:
8889 		return "dialog id in use";
8890 	case WMI_ADD_TWT_STATUS_INVALID_PARAM:
8891 		return "invalid parameters";
8892 	case WMI_ADD_TWT_STATUS_NOT_READY:
8893 		return "not ready";
8894 	case WMI_ADD_TWT_STATUS_NO_RESOURCE:
8895 		return "resource unavailable";
8896 	case WMI_ADD_TWT_STATUS_NO_ACK:
8897 		return "no ack";
8898 	case WMI_ADD_TWT_STATUS_NO_RESPONSE:
8899 		return "no response";
8900 	case WMI_ADD_TWT_STATUS_DENIED:
8901 		return "denied";
8902 	case WMI_ADD_TWT_STATUS_UNKNOWN_ERROR:
8903 		fallthrough;
8904 	default:
8905 		return "unknown error";
8906 	}
8907 }
8908 
8909 static void ath11k_wmi_twt_add_dialog_event(struct ath11k_base *ab,
8910 					    struct sk_buff *skb)
8911 {
8912 	const void **tb;
8913 	const struct wmi_twt_add_dialog_event *ev;
8914 	int ret;
8915 
8916 	tb = ath11k_wmi_tlv_parse_alloc(ab, skb->data, skb->len, GFP_ATOMIC);
8917 	if (IS_ERR(tb)) {
8918 		ret = PTR_ERR(tb);
8919 		ath11k_warn(ab,
8920 			    "failed to parse wmi twt add dialog status event tlv: %d\n",
8921 			    ret);
8922 		return;
8923 	}
8924 
8925 	ath11k_dbg(ab, ATH11K_DBG_WMI, "event twt add dialog");
8926 
8927 	ev = tb[WMI_TAG_TWT_ADD_DIALOG_COMPLETE_EVENT];
8928 	if (!ev) {
8929 		ath11k_warn(ab, "failed to fetch twt add dialog wmi event\n");
8930 		goto exit;
8931 	}
8932 
8933 	if (ev->status)
8934 		ath11k_warn(ab,
8935 			    "wmi add twt dialog event vdev %d dialog id %d status %s\n",
8936 			    ev->vdev_id, ev->dialog_id,
8937 			    ath11k_wmi_twt_add_dialog_event_status(ev->status));
8938 
8939 exit:
8940 	kfree(tb);
8941 }
8942 
8943 static void ath11k_wmi_gtk_offload_status_event(struct ath11k_base *ab,
8944 						struct sk_buff *skb)
8945 {
8946 	const void **tb;
8947 	const struct wmi_gtk_offload_status_event *ev;
8948 	struct ath11k_vif *arvif;
8949 	__be64 replay_ctr_be;
8950 	u64    replay_ctr;
8951 	int ret;
8952 
8953 	tb = ath11k_wmi_tlv_parse_alloc(ab, skb->data, skb->len, GFP_ATOMIC);
8954 	if (IS_ERR(tb)) {
8955 		ret = PTR_ERR(tb);
8956 		ath11k_warn(ab, "failed to parse tlv: %d\n", ret);
8957 		return;
8958 	}
8959 
8960 	ev = tb[WMI_TAG_GTK_OFFLOAD_STATUS_EVENT];
8961 	if (!ev) {
8962 		ath11k_warn(ab, "failed to fetch gtk offload status ev");
8963 		kfree(tb);
8964 		return;
8965 	}
8966 
8967 	arvif = ath11k_mac_get_arvif_by_vdev_id(ab, ev->vdev_id);
8968 	if (!arvif) {
8969 		ath11k_warn(ab, "failed to get arvif for vdev_id:%d\n",
8970 			    ev->vdev_id);
8971 		kfree(tb);
8972 		return;
8973 	}
8974 
8975 	ath11k_dbg(ab, ATH11K_DBG_WMI, "event gtk offload refresh_cnt %d\n",
8976 		   ev->refresh_cnt);
8977 	ath11k_dbg_dump(ab, ATH11K_DBG_WMI, "replay_cnt",
8978 			NULL, ev->replay_ctr.counter, GTK_REPLAY_COUNTER_BYTES);
8979 
8980 	replay_ctr =  ev->replay_ctr.word1;
8981 	replay_ctr = (replay_ctr << 32) | ev->replay_ctr.word0;
8982 	arvif->rekey_data.replay_ctr = replay_ctr;
8983 
8984 	/* supplicant expects big-endian replay counter */
8985 	replay_ctr_be = cpu_to_be64(replay_ctr);
8986 
8987 	ieee80211_gtk_rekey_notify(arvif->vif, arvif->bssid,
8988 				   (void *)&replay_ctr_be, GFP_ATOMIC);
8989 
8990 	kfree(tb);
8991 }
8992 
8993 static void ath11k_wmi_tlv_op_rx(struct ath11k_base *ab, struct sk_buff *skb)
8994 {
8995 	struct wmi_cmd_hdr *cmd_hdr;
8996 	enum wmi_tlv_event_id id;
8997 
8998 	cmd_hdr = (struct wmi_cmd_hdr *)skb->data;
8999 	id = FIELD_GET(WMI_CMD_HDR_CMD_ID, (cmd_hdr->cmd_id));
9000 
9001 	trace_ath11k_wmi_event(ab, id, skb->data, skb->len);
9002 
9003 	if (skb_pull(skb, sizeof(struct wmi_cmd_hdr)) == NULL)
9004 		goto out;
9005 
9006 	switch (id) {
9007 		/* Process all the WMI events here */
9008 	case WMI_SERVICE_READY_EVENTID:
9009 		ath11k_service_ready_event(ab, skb);
9010 		break;
9011 	case WMI_SERVICE_READY_EXT_EVENTID:
9012 		ath11k_service_ready_ext_event(ab, skb);
9013 		break;
9014 	case WMI_SERVICE_READY_EXT2_EVENTID:
9015 		ath11k_service_ready_ext2_event(ab, skb);
9016 		break;
9017 	case WMI_REG_CHAN_LIST_CC_EVENTID:
9018 		ath11k_reg_chan_list_event(ab, skb, WMI_REG_CHAN_LIST_CC_ID);
9019 		break;
9020 	case WMI_REG_CHAN_LIST_CC_EXT_EVENTID:
9021 		ath11k_reg_chan_list_event(ab, skb, WMI_REG_CHAN_LIST_CC_EXT_ID);
9022 		break;
9023 	case WMI_READY_EVENTID:
9024 		ath11k_ready_event(ab, skb);
9025 		break;
9026 	case WMI_PEER_DELETE_RESP_EVENTID:
9027 		ath11k_peer_delete_resp_event(ab, skb);
9028 		break;
9029 	case WMI_VDEV_START_RESP_EVENTID:
9030 		ath11k_vdev_start_resp_event(ab, skb);
9031 		break;
9032 	case WMI_OFFLOAD_BCN_TX_STATUS_EVENTID:
9033 		ath11k_bcn_tx_status_event(ab, skb);
9034 		break;
9035 	case WMI_VDEV_STOPPED_EVENTID:
9036 		ath11k_vdev_stopped_event(ab, skb);
9037 		break;
9038 	case WMI_MGMT_RX_EVENTID:
9039 		ath11k_mgmt_rx_event(ab, skb);
9040 		/* mgmt_rx_event() owns the skb now! */
9041 		return;
9042 	case WMI_MGMT_TX_COMPLETION_EVENTID:
9043 		ath11k_mgmt_tx_compl_event(ab, skb);
9044 		break;
9045 	case WMI_SCAN_EVENTID:
9046 		ath11k_scan_event(ab, skb);
9047 		break;
9048 	case WMI_PEER_STA_KICKOUT_EVENTID:
9049 		ath11k_peer_sta_kickout_event(ab, skb);
9050 		break;
9051 	case WMI_ROAM_EVENTID:
9052 		ath11k_roam_event(ab, skb);
9053 		break;
9054 	case WMI_CHAN_INFO_EVENTID:
9055 		ath11k_chan_info_event(ab, skb);
9056 		break;
9057 	case WMI_PDEV_BSS_CHAN_INFO_EVENTID:
9058 		ath11k_pdev_bss_chan_info_event(ab, skb);
9059 		break;
9060 	case WMI_VDEV_INSTALL_KEY_COMPLETE_EVENTID:
9061 		ath11k_vdev_install_key_compl_event(ab, skb);
9062 		break;
9063 	case WMI_SERVICE_AVAILABLE_EVENTID:
9064 		ath11k_service_available_event(ab, skb);
9065 		break;
9066 	case WMI_PEER_ASSOC_CONF_EVENTID:
9067 		ath11k_peer_assoc_conf_event(ab, skb);
9068 		break;
9069 	case WMI_UPDATE_STATS_EVENTID:
9070 		ath11k_update_stats_event(ab, skb);
9071 		break;
9072 	case WMI_PDEV_CTL_FAILSAFE_CHECK_EVENTID:
9073 		ath11k_pdev_ctl_failsafe_check_event(ab, skb);
9074 		break;
9075 	case WMI_PDEV_CSA_SWITCH_COUNT_STATUS_EVENTID:
9076 		ath11k_wmi_pdev_csa_switch_count_status_event(ab, skb);
9077 		break;
9078 	case WMI_PDEV_UTF_EVENTID:
9079 		ath11k_tm_wmi_event(ab, id, skb);
9080 		break;
9081 	case WMI_PDEV_TEMPERATURE_EVENTID:
9082 		ath11k_wmi_pdev_temperature_event(ab, skb);
9083 		break;
9084 	case WMI_PDEV_DMA_RING_BUF_RELEASE_EVENTID:
9085 		ath11k_wmi_pdev_dma_ring_buf_release_event(ab, skb);
9086 		break;
9087 	case WMI_HOST_FILS_DISCOVERY_EVENTID:
9088 		ath11k_fils_discovery_event(ab, skb);
9089 		break;
9090 	case WMI_OFFLOAD_PROB_RESP_TX_STATUS_EVENTID:
9091 		ath11k_probe_resp_tx_status_event(ab, skb);
9092 		break;
9093 	case WMI_OBSS_COLOR_COLLISION_DETECTION_EVENTID:
9094 		ath11k_wmi_obss_color_collision_event(ab, skb);
9095 		break;
9096 	case WMI_TWT_ADD_DIALOG_EVENTID:
9097 		ath11k_wmi_twt_add_dialog_event(ab, skb);
9098 		break;
9099 	case WMI_PDEV_DFS_RADAR_DETECTION_EVENTID:
9100 		ath11k_wmi_pdev_dfs_radar_detected_event(ab, skb);
9101 		break;
9102 	case WMI_VDEV_DELETE_RESP_EVENTID:
9103 		ath11k_vdev_delete_resp_event(ab, skb);
9104 		break;
9105 	case WMI_WOW_WAKEUP_HOST_EVENTID:
9106 		ath11k_wmi_event_wow_wakeup_host(ab, skb);
9107 		break;
9108 	case WMI_11D_NEW_COUNTRY_EVENTID:
9109 		ath11k_reg_11d_new_cc_event(ab, skb);
9110 		break;
9111 	case WMI_DIAG_EVENTID:
9112 		ath11k_wmi_diag_event(ab, skb);
9113 		break;
9114 	case WMI_PEER_STA_PS_STATECHG_EVENTID:
9115 		ath11k_wmi_event_peer_sta_ps_state_chg(ab, skb);
9116 		break;
9117 	case WMI_GTK_OFFLOAD_STATUS_EVENTID:
9118 		ath11k_wmi_gtk_offload_status_event(ab, skb);
9119 		break;
9120 	default:
9121 		ath11k_dbg(ab, ATH11K_DBG_WMI, "unsupported event id 0x%x\n", id);
9122 		break;
9123 	}
9124 
9125 out:
9126 	dev_kfree_skb(skb);
9127 }
9128 
9129 static int ath11k_connect_pdev_htc_service(struct ath11k_base *ab,
9130 					   u32 pdev_idx)
9131 {
9132 	int status;
9133 	u32 svc_id[] = { ATH11K_HTC_SVC_ID_WMI_CONTROL,
9134 			 ATH11K_HTC_SVC_ID_WMI_CONTROL_MAC1,
9135 			 ATH11K_HTC_SVC_ID_WMI_CONTROL_MAC2 };
9136 
9137 	struct ath11k_htc_svc_conn_req conn_req;
9138 	struct ath11k_htc_svc_conn_resp conn_resp;
9139 
9140 	memset(&conn_req, 0, sizeof(conn_req));
9141 	memset(&conn_resp, 0, sizeof(conn_resp));
9142 
9143 	/* these fields are the same for all service endpoints */
9144 	conn_req.ep_ops.ep_tx_complete = ath11k_wmi_htc_tx_complete;
9145 	conn_req.ep_ops.ep_rx_complete = ath11k_wmi_tlv_op_rx;
9146 	conn_req.ep_ops.ep_tx_credits = ath11k_wmi_op_ep_tx_credits;
9147 
9148 	/* connect to control service */
9149 	conn_req.service_id = svc_id[pdev_idx];
9150 
9151 	status = ath11k_htc_connect_service(&ab->htc, &conn_req, &conn_resp);
9152 	if (status) {
9153 		ath11k_warn(ab, "failed to connect to WMI CONTROL service status: %d\n",
9154 			    status);
9155 		return status;
9156 	}
9157 
9158 	ab->wmi_ab.wmi_endpoint_id[pdev_idx] = conn_resp.eid;
9159 	ab->wmi_ab.wmi[pdev_idx].eid = conn_resp.eid;
9160 	ab->wmi_ab.max_msg_len[pdev_idx] = conn_resp.max_msg_len;
9161 	init_waitqueue_head(&ab->wmi_ab.wmi[pdev_idx].tx_ce_desc_wq);
9162 
9163 	return 0;
9164 }
9165 
9166 static int
9167 ath11k_wmi_send_unit_test_cmd(struct ath11k *ar,
9168 			      struct wmi_unit_test_cmd ut_cmd,
9169 			      u32 *test_args)
9170 {
9171 	struct ath11k_pdev_wmi *wmi = ar->wmi;
9172 	struct wmi_unit_test_cmd *cmd;
9173 	struct sk_buff *skb;
9174 	struct wmi_tlv *tlv;
9175 #if defined(__linux__)
9176 	void *ptr;
9177 #elif defined(__FreeBSD__)
9178 	u8 *ptr;
9179 #endif
9180 	u32 *ut_cmd_args;
9181 	int buf_len, arg_len;
9182 	int ret;
9183 	int i;
9184 
9185 	arg_len = sizeof(u32) * ut_cmd.num_args;
9186 	buf_len = sizeof(ut_cmd) + arg_len + TLV_HDR_SIZE;
9187 
9188 	skb = ath11k_wmi_alloc_skb(wmi->wmi_ab, buf_len);
9189 	if (!skb)
9190 		return -ENOMEM;
9191 
9192 	cmd = (struct wmi_unit_test_cmd *)skb->data;
9193 	cmd->tlv_header = FIELD_PREP(WMI_TLV_TAG, WMI_TAG_UNIT_TEST_CMD) |
9194 			  FIELD_PREP(WMI_TLV_LEN, sizeof(ut_cmd) - TLV_HDR_SIZE);
9195 
9196 	cmd->vdev_id = ut_cmd.vdev_id;
9197 	cmd->module_id = ut_cmd.module_id;
9198 	cmd->num_args = ut_cmd.num_args;
9199 	cmd->diag_token = ut_cmd.diag_token;
9200 
9201 	ptr = skb->data + sizeof(ut_cmd);
9202 
9203 #if defined(__linux__)
9204 	tlv = ptr;
9205 #elif defined(__FreeBSD__)
9206 	tlv = (void *)ptr;
9207 #endif
9208 	tlv->header = FIELD_PREP(WMI_TLV_TAG, WMI_TAG_ARRAY_UINT32) |
9209 		      FIELD_PREP(WMI_TLV_LEN, arg_len);
9210 
9211 	ptr += TLV_HDR_SIZE;
9212 
9213 #if defined(__linux__)
9214 	ut_cmd_args = ptr;
9215 #elif defined(__FreeBSD__)
9216 	ut_cmd_args = (void *)ptr;
9217 #endif
9218 	for (i = 0; i < ut_cmd.num_args; i++)
9219 		ut_cmd_args[i] = test_args[i];
9220 
9221 	ret = ath11k_wmi_cmd_send(wmi, skb, WMI_UNIT_TEST_CMDID);
9222 
9223 	if (ret) {
9224 		ath11k_warn(ar->ab, "failed to send WMI_UNIT_TEST CMD :%d\n",
9225 			    ret);
9226 		dev_kfree_skb(skb);
9227 	}
9228 
9229 	ath11k_dbg(ar->ab, ATH11K_DBG_WMI,
9230 		   "cmd unit test module %d vdev %d n_args %d token %d\n",
9231 		   cmd->module_id, cmd->vdev_id, cmd->num_args,
9232 		   cmd->diag_token);
9233 
9234 	return ret;
9235 }
9236 
9237 int ath11k_wmi_simulate_radar(struct ath11k *ar)
9238 {
9239 	struct ath11k_vif *arvif;
9240 	u32 dfs_args[DFS_MAX_TEST_ARGS];
9241 	struct wmi_unit_test_cmd wmi_ut;
9242 	bool arvif_found = false;
9243 
9244 	list_for_each_entry(arvif, &ar->arvifs, list) {
9245 		if (arvif->is_started && arvif->vdev_type == WMI_VDEV_TYPE_AP) {
9246 			arvif_found = true;
9247 			break;
9248 		}
9249 	}
9250 
9251 	if (!arvif_found)
9252 		return -EINVAL;
9253 
9254 	dfs_args[DFS_TEST_CMDID] = 0;
9255 	dfs_args[DFS_TEST_PDEV_ID] = ar->pdev->pdev_id;
9256 	/* Currently we could pass segment_id(b0 - b1), chirp(b2)
9257 	 * freq offset (b3 - b10) to unit test. For simulation
9258 	 * purpose this can be set to 0 which is valid.
9259 	 */
9260 	dfs_args[DFS_TEST_RADAR_PARAM] = 0;
9261 
9262 	wmi_ut.vdev_id = arvif->vdev_id;
9263 	wmi_ut.module_id = DFS_UNIT_TEST_MODULE;
9264 	wmi_ut.num_args = DFS_MAX_TEST_ARGS;
9265 	wmi_ut.diag_token = DFS_UNIT_TEST_TOKEN;
9266 
9267 	ath11k_dbg(ar->ab, ATH11K_DBG_REG, "Triggering Radar Simulation\n");
9268 
9269 	return ath11k_wmi_send_unit_test_cmd(ar, wmi_ut, dfs_args);
9270 }
9271 
9272 int ath11k_wmi_fw_dbglog_cfg(struct ath11k *ar, u32 *module_id_bitmap,
9273 			     struct ath11k_fw_dbglog *dbglog)
9274 {
9275 	struct ath11k_pdev_wmi *wmi = ar->wmi;
9276 	struct wmi_debug_log_config_cmd_fixed_param *cmd;
9277 	struct sk_buff *skb;
9278 	struct wmi_tlv *tlv;
9279 	int ret, len;
9280 
9281 	len = sizeof(*cmd) + TLV_HDR_SIZE + (MAX_MODULE_ID_BITMAP_WORDS * sizeof(u32));
9282 	skb = ath11k_wmi_alloc_skb(wmi->wmi_ab, len);
9283 	if (!skb)
9284 		return -ENOMEM;
9285 
9286 	cmd = (struct wmi_debug_log_config_cmd_fixed_param *)skb->data;
9287 	cmd->tlv_header = FIELD_PREP(WMI_TLV_TAG, WMI_TAG_DEBUG_LOG_CONFIG_CMD) |
9288 			  FIELD_PREP(WMI_TLV_LEN, sizeof(*cmd) - TLV_HDR_SIZE);
9289 	cmd->dbg_log_param = dbglog->param;
9290 
9291 	tlv = (struct wmi_tlv *)((u8 *)cmd + sizeof(*cmd));
9292 	tlv->header = FIELD_PREP(WMI_TLV_TAG, WMI_TAG_ARRAY_UINT32) |
9293 		      FIELD_PREP(WMI_TLV_LEN, MAX_MODULE_ID_BITMAP_WORDS * sizeof(u32));
9294 
9295 	switch (dbglog->param) {
9296 	case WMI_DEBUG_LOG_PARAM_LOG_LEVEL:
9297 	case WMI_DEBUG_LOG_PARAM_VDEV_ENABLE:
9298 	case WMI_DEBUG_LOG_PARAM_VDEV_DISABLE:
9299 	case WMI_DEBUG_LOG_PARAM_VDEV_ENABLE_BITMAP:
9300 		cmd->value = dbglog->value;
9301 		break;
9302 	case WMI_DEBUG_LOG_PARAM_MOD_ENABLE_BITMAP:
9303 	case WMI_DEBUG_LOG_PARAM_WOW_MOD_ENABLE_BITMAP:
9304 		cmd->value = dbglog->value;
9305 		memcpy(tlv->value, module_id_bitmap,
9306 		       MAX_MODULE_ID_BITMAP_WORDS * sizeof(u32));
9307 		/* clear current config to be used for next user config */
9308 		memset(module_id_bitmap, 0,
9309 		       MAX_MODULE_ID_BITMAP_WORDS * sizeof(u32));
9310 		break;
9311 	default:
9312 		dev_kfree_skb(skb);
9313 		return -EINVAL;
9314 	}
9315 
9316 	ret = ath11k_wmi_cmd_send(wmi, skb, WMI_DBGLOG_CFG_CMDID);
9317 	if (ret) {
9318 		ath11k_warn(ar->ab,
9319 			    "failed to send WMI_DBGLOG_CFG_CMDID\n");
9320 		dev_kfree_skb(skb);
9321 	}
9322 
9323 	ath11k_dbg(ar->ab, ATH11K_DBG_WMI, "cmd dbglog cfg");
9324 
9325 	return ret;
9326 }
9327 
9328 int ath11k_wmi_connect(struct ath11k_base *ab)
9329 {
9330 	u32 i;
9331 	u8 wmi_ep_count;
9332 
9333 	wmi_ep_count = ab->htc.wmi_ep_count;
9334 	if (wmi_ep_count > ab->hw_params.max_radios)
9335 		return -1;
9336 
9337 	for (i = 0; i < wmi_ep_count; i++)
9338 		ath11k_connect_pdev_htc_service(ab, i);
9339 
9340 	return 0;
9341 }
9342 
9343 static void ath11k_wmi_pdev_detach(struct ath11k_base *ab, u8 pdev_id)
9344 {
9345 	if (WARN_ON(pdev_id >= MAX_RADIOS))
9346 		return;
9347 
9348 	/* TODO: Deinit any pdev specific wmi resource */
9349 }
9350 
9351 int ath11k_wmi_pdev_attach(struct ath11k_base *ab,
9352 			   u8 pdev_id)
9353 {
9354 	struct ath11k_pdev_wmi *wmi_handle;
9355 
9356 	if (pdev_id >= ab->hw_params.max_radios)
9357 		return -EINVAL;
9358 
9359 	wmi_handle = &ab->wmi_ab.wmi[pdev_id];
9360 
9361 	wmi_handle->wmi_ab = &ab->wmi_ab;
9362 
9363 	ab->wmi_ab.ab = ab;
9364 	/* TODO: Init remaining resource specific to pdev */
9365 
9366 	return 0;
9367 }
9368 
9369 int ath11k_wmi_attach(struct ath11k_base *ab)
9370 {
9371 	int ret;
9372 
9373 	ret = ath11k_wmi_pdev_attach(ab, 0);
9374 	if (ret)
9375 		return ret;
9376 
9377 	ab->wmi_ab.ab = ab;
9378 	ab->wmi_ab.preferred_hw_mode = WMI_HOST_HW_MODE_MAX;
9379 
9380 	/* It's overwritten when service_ext_ready is handled */
9381 	if (ab->hw_params.single_pdev_only && ab->hw_params.num_rxmda_per_pdev > 1)
9382 		ab->wmi_ab.preferred_hw_mode = WMI_HOST_HW_MODE_SINGLE;
9383 
9384 	/* TODO: Init remaining wmi soc resources required */
9385 	init_completion(&ab->wmi_ab.service_ready);
9386 	init_completion(&ab->wmi_ab.unified_ready);
9387 
9388 	return 0;
9389 }
9390 
9391 void ath11k_wmi_detach(struct ath11k_base *ab)
9392 {
9393 	int i;
9394 
9395 	/* TODO: Deinit wmi resource specific to SOC as required */
9396 
9397 	for (i = 0; i < ab->htc.wmi_ep_count; i++)
9398 		ath11k_wmi_pdev_detach(ab, i);
9399 
9400 	ath11k_wmi_free_dbring_caps(ab);
9401 }
9402 
9403 int ath11k_wmi_hw_data_filter_cmd(struct ath11k *ar, u32 vdev_id,
9404 				  u32 filter_bitmap, bool enable)
9405 {
9406 	struct wmi_hw_data_filter_cmd *cmd;
9407 	struct sk_buff *skb;
9408 	int len;
9409 
9410 	len = sizeof(*cmd);
9411 	skb = ath11k_wmi_alloc_skb(ar->wmi->wmi_ab, len);
9412 
9413 	if (!skb)
9414 		return -ENOMEM;
9415 
9416 	cmd = (struct wmi_hw_data_filter_cmd *)skb->data;
9417 	cmd->tlv_header = FIELD_PREP(WMI_TLV_TAG, WMI_TAG_HW_DATA_FILTER_CMD) |
9418 			  FIELD_PREP(WMI_TLV_LEN, sizeof(*cmd) - TLV_HDR_SIZE);
9419 
9420 	cmd->vdev_id = vdev_id;
9421 	cmd->enable = enable;
9422 
9423 	/* Set all modes in case of disable */
9424 	if (cmd->enable)
9425 		cmd->hw_filter_bitmap = filter_bitmap;
9426 	else
9427 		cmd->hw_filter_bitmap = ((u32)~0U);
9428 
9429 	ath11k_dbg(ar->ab, ATH11K_DBG_WMI,
9430 		   "hw data filter enable %d filter_bitmap 0x%x\n",
9431 		   enable, filter_bitmap);
9432 
9433 	return ath11k_wmi_cmd_send(ar->wmi, skb, WMI_HW_DATA_FILTER_CMDID);
9434 }
9435 
9436 int ath11k_wmi_wow_host_wakeup_ind(struct ath11k *ar)
9437 {
9438 	struct wmi_wow_host_wakeup_ind *cmd;
9439 	struct sk_buff *skb;
9440 	size_t len;
9441 
9442 	len = sizeof(*cmd);
9443 	skb = ath11k_wmi_alloc_skb(ar->wmi->wmi_ab, len);
9444 	if (!skb)
9445 		return -ENOMEM;
9446 
9447 	cmd = (struct wmi_wow_host_wakeup_ind *)skb->data;
9448 	cmd->tlv_header = FIELD_PREP(WMI_TLV_TAG,
9449 				     WMI_TAG_WOW_HOSTWAKEUP_FROM_SLEEP_CMD) |
9450 			  FIELD_PREP(WMI_TLV_LEN, sizeof(*cmd) - TLV_HDR_SIZE);
9451 
9452 	ath11k_dbg(ar->ab, ATH11K_DBG_WMI, "tlv wow host wakeup ind\n");
9453 
9454 	return ath11k_wmi_cmd_send(ar->wmi, skb, WMI_WOW_HOSTWAKEUP_FROM_SLEEP_CMDID);
9455 }
9456 
9457 int ath11k_wmi_wow_enable(struct ath11k *ar)
9458 {
9459 	struct wmi_wow_enable_cmd *cmd;
9460 	struct sk_buff *skb;
9461 	int len;
9462 
9463 	len = sizeof(*cmd);
9464 	skb = ath11k_wmi_alloc_skb(ar->wmi->wmi_ab, len);
9465 	if (!skb)
9466 		return -ENOMEM;
9467 
9468 	cmd = (struct wmi_wow_enable_cmd *)skb->data;
9469 	cmd->tlv_header = FIELD_PREP(WMI_TLV_TAG, WMI_TAG_WOW_ENABLE_CMD) |
9470 			  FIELD_PREP(WMI_TLV_LEN, sizeof(*cmd) - TLV_HDR_SIZE);
9471 
9472 	cmd->enable = 1;
9473 	cmd->pause_iface_config = WOW_IFACE_PAUSE_ENABLED;
9474 	ath11k_dbg(ar->ab, ATH11K_DBG_WMI, "tlv wow enable\n");
9475 
9476 	return ath11k_wmi_cmd_send(ar->wmi, skb, WMI_WOW_ENABLE_CMDID);
9477 }
9478 
9479 int ath11k_wmi_scan_prob_req_oui(struct ath11k *ar,
9480 				 const u8 mac_addr[ETH_ALEN])
9481 {
9482 	struct sk_buff *skb;
9483 	struct wmi_scan_prob_req_oui_cmd *cmd;
9484 	u32 prob_req_oui;
9485 	int len;
9486 
9487 	prob_req_oui = (((u32)mac_addr[0]) << 16) |
9488 		       (((u32)mac_addr[1]) << 8) | mac_addr[2];
9489 
9490 	len = sizeof(*cmd);
9491 	skb = ath11k_wmi_alloc_skb(ar->wmi->wmi_ab, len);
9492 	if (!skb)
9493 		return -ENOMEM;
9494 
9495 	cmd = (struct wmi_scan_prob_req_oui_cmd *)skb->data;
9496 	cmd->tlv_header = FIELD_PREP(WMI_TLV_TAG,
9497 				     WMI_TAG_SCAN_PROB_REQ_OUI_CMD) |
9498 			  FIELD_PREP(WMI_TLV_LEN, sizeof(*cmd) - TLV_HDR_SIZE);
9499 	cmd->prob_req_oui = prob_req_oui;
9500 
9501 	ath11k_dbg(ar->ab, ATH11K_DBG_WMI, "scan prob req oui %d\n",
9502 		   prob_req_oui);
9503 
9504 	return ath11k_wmi_cmd_send(ar->wmi, skb, WMI_SCAN_PROB_REQ_OUI_CMDID);
9505 }
9506 
9507 int ath11k_wmi_wow_add_wakeup_event(struct ath11k *ar, u32 vdev_id,
9508 				    enum wmi_wow_wakeup_event event,
9509 				u32 enable)
9510 {
9511 	struct wmi_wow_add_del_event_cmd *cmd;
9512 	struct sk_buff *skb;
9513 	size_t len;
9514 
9515 	len = sizeof(*cmd);
9516 	skb = ath11k_wmi_alloc_skb(ar->wmi->wmi_ab, len);
9517 	if (!skb)
9518 		return -ENOMEM;
9519 
9520 	cmd = (struct wmi_wow_add_del_event_cmd *)skb->data;
9521 	cmd->tlv_header = FIELD_PREP(WMI_TLV_TAG, WMI_TAG_WOW_ADD_DEL_EVT_CMD) |
9522 			  FIELD_PREP(WMI_TLV_LEN, sizeof(*cmd) - TLV_HDR_SIZE);
9523 
9524 	cmd->vdev_id = vdev_id;
9525 	cmd->is_add = enable;
9526 	cmd->event_bitmap = (1 << event);
9527 
9528 	ath11k_dbg(ar->ab, ATH11K_DBG_WMI, "tlv wow add wakeup event %s enable %d vdev_id %d\n",
9529 		   wow_wakeup_event(event), enable, vdev_id);
9530 
9531 	return ath11k_wmi_cmd_send(ar->wmi, skb, WMI_WOW_ENABLE_DISABLE_WAKE_EVENT_CMDID);
9532 }
9533 
9534 int ath11k_wmi_wow_add_pattern(struct ath11k *ar, u32 vdev_id, u32 pattern_id,
9535 			       const u8 *pattern, const u8 *mask,
9536 			   int pattern_len, int pattern_offset)
9537 {
9538 	struct wmi_wow_add_pattern_cmd *cmd;
9539 	struct wmi_wow_bitmap_pattern *bitmap;
9540 	struct wmi_tlv *tlv;
9541 	struct sk_buff *skb;
9542 	u8 *ptr;
9543 	size_t len;
9544 
9545 	len = sizeof(*cmd) +
9546 	      sizeof(*tlv) +			/* array struct */
9547 	      sizeof(*bitmap) +			/* bitmap */
9548 	      sizeof(*tlv) +			/* empty ipv4 sync */
9549 	      sizeof(*tlv) +			/* empty ipv6 sync */
9550 	      sizeof(*tlv) +			/* empty magic */
9551 	      sizeof(*tlv) +			/* empty info timeout */
9552 	      sizeof(*tlv) + sizeof(u32);	/* ratelimit interval */
9553 
9554 	skb = ath11k_wmi_alloc_skb(ar->wmi->wmi_ab, len);
9555 	if (!skb)
9556 		return -ENOMEM;
9557 
9558 	/* cmd */
9559 	ptr = (u8 *)skb->data;
9560 	cmd = (struct wmi_wow_add_pattern_cmd *)ptr;
9561 	cmd->tlv_header = FIELD_PREP(WMI_TLV_TAG,
9562 				     WMI_TAG_WOW_ADD_PATTERN_CMD) |
9563 			  FIELD_PREP(WMI_TLV_LEN, sizeof(*cmd) - TLV_HDR_SIZE);
9564 
9565 	cmd->vdev_id = vdev_id;
9566 	cmd->pattern_id = pattern_id;
9567 	cmd->pattern_type = WOW_BITMAP_PATTERN;
9568 
9569 	ptr += sizeof(*cmd);
9570 
9571 	/* bitmap */
9572 	tlv = (struct wmi_tlv *)ptr;
9573 	tlv->header = FIELD_PREP(WMI_TLV_TAG,
9574 				 WMI_TAG_ARRAY_STRUCT) |
9575 		      FIELD_PREP(WMI_TLV_LEN, sizeof(*bitmap));
9576 
9577 	ptr += sizeof(*tlv);
9578 
9579 	bitmap = (struct wmi_wow_bitmap_pattern *)ptr;
9580 	bitmap->tlv_header = FIELD_PREP(WMI_TLV_TAG,
9581 					WMI_TAG_WOW_BITMAP_PATTERN_T) |
9582 			     FIELD_PREP(WMI_TLV_LEN, sizeof(*bitmap) - TLV_HDR_SIZE);
9583 
9584 	memcpy(bitmap->patternbuf, pattern, pattern_len);
9585 	ath11k_ce_byte_swap(bitmap->patternbuf, roundup(pattern_len, 4));
9586 	memcpy(bitmap->bitmaskbuf, mask, pattern_len);
9587 	ath11k_ce_byte_swap(bitmap->bitmaskbuf, roundup(pattern_len, 4));
9588 	bitmap->pattern_offset = pattern_offset;
9589 	bitmap->pattern_len = pattern_len;
9590 	bitmap->bitmask_len = pattern_len;
9591 	bitmap->pattern_id = pattern_id;
9592 
9593 	ptr += sizeof(*bitmap);
9594 
9595 	/* ipv4 sync */
9596 	tlv = (struct wmi_tlv *)ptr;
9597 	tlv->header = FIELD_PREP(WMI_TLV_TAG,
9598 				 WMI_TAG_ARRAY_STRUCT) |
9599 		      FIELD_PREP(WMI_TLV_LEN, 0);
9600 
9601 	ptr += sizeof(*tlv);
9602 
9603 	/* ipv6 sync */
9604 	tlv = (struct wmi_tlv *)ptr;
9605 	tlv->header = FIELD_PREP(WMI_TLV_TAG,
9606 				 WMI_TAG_ARRAY_STRUCT) |
9607 		      FIELD_PREP(WMI_TLV_LEN, 0);
9608 
9609 	ptr += sizeof(*tlv);
9610 
9611 	/* magic */
9612 	tlv = (struct wmi_tlv *)ptr;
9613 	tlv->header = FIELD_PREP(WMI_TLV_TAG,
9614 				 WMI_TAG_ARRAY_STRUCT) |
9615 		      FIELD_PREP(WMI_TLV_LEN, 0);
9616 
9617 	ptr += sizeof(*tlv);
9618 
9619 	/* pattern info timeout */
9620 	tlv = (struct wmi_tlv *)ptr;
9621 	tlv->header = FIELD_PREP(WMI_TLV_TAG,
9622 				 WMI_TAG_ARRAY_UINT32) |
9623 		      FIELD_PREP(WMI_TLV_LEN, 0);
9624 
9625 	ptr += sizeof(*tlv);
9626 
9627 	/* ratelimit interval */
9628 	tlv = (struct wmi_tlv *)ptr;
9629 	tlv->header = FIELD_PREP(WMI_TLV_TAG,
9630 				 WMI_TAG_ARRAY_UINT32) |
9631 		      FIELD_PREP(WMI_TLV_LEN, sizeof(u32));
9632 
9633 	ath11k_dbg(ar->ab, ATH11K_DBG_WMI, "tlv wow add pattern vdev_id %d pattern_id %d pattern_offset %d\n",
9634 		   vdev_id, pattern_id, pattern_offset);
9635 
9636 	return ath11k_wmi_cmd_send(ar->wmi, skb, WMI_WOW_ADD_WAKE_PATTERN_CMDID);
9637 }
9638 
9639 int ath11k_wmi_wow_del_pattern(struct ath11k *ar, u32 vdev_id, u32 pattern_id)
9640 {
9641 	struct wmi_wow_del_pattern_cmd *cmd;
9642 	struct sk_buff *skb;
9643 	size_t len;
9644 
9645 	len = sizeof(*cmd);
9646 	skb = ath11k_wmi_alloc_skb(ar->wmi->wmi_ab, len);
9647 	if (!skb)
9648 		return -ENOMEM;
9649 
9650 	cmd = (struct wmi_wow_del_pattern_cmd *)skb->data;
9651 	cmd->tlv_header = FIELD_PREP(WMI_TLV_TAG,
9652 				     WMI_TAG_WOW_DEL_PATTERN_CMD) |
9653 			  FIELD_PREP(WMI_TLV_LEN, sizeof(*cmd) - TLV_HDR_SIZE);
9654 
9655 	cmd->vdev_id = vdev_id;
9656 	cmd->pattern_id = pattern_id;
9657 	cmd->pattern_type = WOW_BITMAP_PATTERN;
9658 
9659 	ath11k_dbg(ar->ab, ATH11K_DBG_WMI, "tlv wow del pattern vdev_id %d pattern_id %d\n",
9660 		   vdev_id, pattern_id);
9661 
9662 	return ath11k_wmi_cmd_send(ar->wmi, skb, WMI_WOW_DEL_WAKE_PATTERN_CMDID);
9663 }
9664 
9665 static struct sk_buff *
9666 ath11k_wmi_op_gen_config_pno_start(struct ath11k *ar,
9667 				   u32 vdev_id,
9668 				       struct wmi_pno_scan_req *pno)
9669 {
9670 	struct nlo_configured_parameters *nlo_list;
9671 	struct wmi_wow_nlo_config_cmd *cmd;
9672 	struct wmi_tlv *tlv;
9673 	struct sk_buff *skb;
9674 	u32 *channel_list;
9675 	size_t len, nlo_list_len, channel_list_len;
9676 	u8 *ptr;
9677 	u32 i;
9678 
9679 	len = sizeof(*cmd) +
9680 	      sizeof(*tlv) +
9681 	      /* TLV place holder for array of structures
9682 	       * nlo_configured_parameters(nlo_list)
9683 	       */
9684 	      sizeof(*tlv);
9685 	      /* TLV place holder for array of uint32 channel_list */
9686 
9687 	channel_list_len = sizeof(u32) * pno->a_networks[0].channel_count;
9688 	len += channel_list_len;
9689 
9690 	nlo_list_len = sizeof(*nlo_list) * pno->uc_networks_count;
9691 	len += nlo_list_len;
9692 
9693 	skb = ath11k_wmi_alloc_skb(ar->wmi->wmi_ab, len);
9694 	if (!skb)
9695 		return ERR_PTR(-ENOMEM);
9696 
9697 	ptr = (u8 *)skb->data;
9698 	cmd = (struct wmi_wow_nlo_config_cmd *)ptr;
9699 	cmd->tlv_header = FIELD_PREP(WMI_TLV_TAG, WMI_TAG_NLO_CONFIG_CMD) |
9700 			  FIELD_PREP(WMI_TLV_LEN, sizeof(*cmd) - TLV_HDR_SIZE);
9701 
9702 	cmd->vdev_id = pno->vdev_id;
9703 	cmd->flags = WMI_NLO_CONFIG_START | WMI_NLO_CONFIG_SSID_HIDE_EN;
9704 
9705 	/* current FW does not support min-max range for dwell time */
9706 	cmd->active_dwell_time = pno->active_max_time;
9707 	cmd->passive_dwell_time = pno->passive_max_time;
9708 
9709 	if (pno->do_passive_scan)
9710 		cmd->flags |= WMI_NLO_CONFIG_SCAN_PASSIVE;
9711 
9712 	cmd->fast_scan_period = pno->fast_scan_period;
9713 	cmd->slow_scan_period = pno->slow_scan_period;
9714 	cmd->fast_scan_max_cycles = pno->fast_scan_max_cycles;
9715 	cmd->delay_start_time = pno->delay_start_time;
9716 
9717 	if (pno->enable_pno_scan_randomization) {
9718 		cmd->flags |= WMI_NLO_CONFIG_SPOOFED_MAC_IN_PROBE_REQ |
9719 				WMI_NLO_CONFIG_RANDOM_SEQ_NO_IN_PROBE_REQ;
9720 		ether_addr_copy(cmd->mac_addr.addr, pno->mac_addr);
9721 		ether_addr_copy(cmd->mac_mask.addr, pno->mac_addr_mask);
9722 		ath11k_ce_byte_swap(cmd->mac_addr.addr, 8);
9723 		ath11k_ce_byte_swap(cmd->mac_mask.addr, 8);
9724 	}
9725 
9726 	ptr += sizeof(*cmd);
9727 
9728 	/* nlo_configured_parameters(nlo_list) */
9729 	cmd->no_of_ssids = pno->uc_networks_count;
9730 	tlv = (struct wmi_tlv *)ptr;
9731 	tlv->header = FIELD_PREP(WMI_TLV_TAG,
9732 				 WMI_TAG_ARRAY_STRUCT) |
9733 		      FIELD_PREP(WMI_TLV_LEN, nlo_list_len);
9734 
9735 	ptr += sizeof(*tlv);
9736 	nlo_list = (struct nlo_configured_parameters *)ptr;
9737 	for (i = 0; i < cmd->no_of_ssids; i++) {
9738 		tlv = (struct wmi_tlv *)(&nlo_list[i].tlv_header);
9739 		tlv->header = FIELD_PREP(WMI_TLV_TAG, WMI_TAG_ARRAY_BYTE) |
9740 			      FIELD_PREP(WMI_TLV_LEN, sizeof(*nlo_list) - sizeof(*tlv));
9741 
9742 		nlo_list[i].ssid.valid = true;
9743 		nlo_list[i].ssid.ssid.ssid_len = pno->a_networks[i].ssid.ssid_len;
9744 		memcpy(nlo_list[i].ssid.ssid.ssid,
9745 		       pno->a_networks[i].ssid.ssid,
9746 		       nlo_list[i].ssid.ssid.ssid_len);
9747 		ath11k_ce_byte_swap(nlo_list[i].ssid.ssid.ssid,
9748 				    roundup(nlo_list[i].ssid.ssid.ssid_len, 4));
9749 
9750 		if (pno->a_networks[i].rssi_threshold &&
9751 		    pno->a_networks[i].rssi_threshold > -300) {
9752 			nlo_list[i].rssi_cond.valid = true;
9753 			nlo_list[i].rssi_cond.rssi =
9754 				pno->a_networks[i].rssi_threshold;
9755 		}
9756 
9757 		nlo_list[i].bcast_nw_type.valid = true;
9758 		nlo_list[i].bcast_nw_type.bcast_nw_type =
9759 			pno->a_networks[i].bcast_nw_type;
9760 	}
9761 
9762 	ptr += nlo_list_len;
9763 	cmd->num_of_channels = pno->a_networks[0].channel_count;
9764 	tlv = (struct wmi_tlv *)ptr;
9765 	tlv->header =  FIELD_PREP(WMI_TLV_TAG, WMI_TAG_ARRAY_UINT32) |
9766 		       FIELD_PREP(WMI_TLV_LEN, channel_list_len);
9767 	ptr += sizeof(*tlv);
9768 	channel_list = (u32 *)ptr;
9769 	for (i = 0; i < cmd->num_of_channels; i++)
9770 		channel_list[i] = pno->a_networks[0].channels[i];
9771 
9772 	ath11k_dbg(ar->ab, ATH11K_DBG_WMI, "tlv start pno config vdev_id %d\n",
9773 		   vdev_id);
9774 
9775 	return skb;
9776 }
9777 
9778 static struct sk_buff *ath11k_wmi_op_gen_config_pno_stop(struct ath11k *ar,
9779 							 u32 vdev_id)
9780 {
9781 	struct wmi_wow_nlo_config_cmd *cmd;
9782 	struct sk_buff *skb;
9783 	size_t len;
9784 
9785 	len = sizeof(*cmd);
9786 	skb = ath11k_wmi_alloc_skb(ar->wmi->wmi_ab, len);
9787 	if (!skb)
9788 		return ERR_PTR(-ENOMEM);
9789 
9790 	cmd = (struct wmi_wow_nlo_config_cmd *)skb->data;
9791 	cmd->tlv_header = FIELD_PREP(WMI_TLV_TAG, WMI_TAG_NLO_CONFIG_CMD) |
9792 			  FIELD_PREP(WMI_TLV_LEN, len - TLV_HDR_SIZE);
9793 
9794 	cmd->vdev_id = vdev_id;
9795 	cmd->flags = WMI_NLO_CONFIG_STOP;
9796 
9797 	ath11k_dbg(ar->ab, ATH11K_DBG_WMI,
9798 		   "tlv stop pno config vdev_id %d\n", vdev_id);
9799 	return skb;
9800 }
9801 
9802 int ath11k_wmi_wow_config_pno(struct ath11k *ar, u32 vdev_id,
9803 			      struct wmi_pno_scan_req  *pno_scan)
9804 {
9805 	struct sk_buff *skb;
9806 
9807 	if (pno_scan->enable)
9808 		skb = ath11k_wmi_op_gen_config_pno_start(ar, vdev_id, pno_scan);
9809 	else
9810 		skb = ath11k_wmi_op_gen_config_pno_stop(ar, vdev_id);
9811 
9812 	if (IS_ERR_OR_NULL(skb))
9813 		return -ENOMEM;
9814 
9815 	return ath11k_wmi_cmd_send(ar->wmi, skb, WMI_NETWORK_LIST_OFFLOAD_CONFIG_CMDID);
9816 }
9817 
9818 static void ath11k_wmi_fill_ns_offload(struct ath11k *ar,
9819 				       struct ath11k_arp_ns_offload *offload,
9820 				       u8 **ptr,
9821 				       bool enable,
9822 				       bool ext)
9823 {
9824 	struct wmi_ns_offload_tuple *ns;
9825 	struct wmi_tlv *tlv;
9826 	u8 *buf_ptr = *ptr;
9827 	u32 ns_cnt, ns_ext_tuples;
9828 	int i, max_offloads;
9829 
9830 	ns_cnt = offload->ipv6_count;
9831 
9832 	tlv  = (struct wmi_tlv *)buf_ptr;
9833 
9834 	if (ext) {
9835 		ns_ext_tuples = offload->ipv6_count - WMI_MAX_NS_OFFLOADS;
9836 		tlv->header = FIELD_PREP(WMI_TLV_TAG, WMI_TAG_ARRAY_STRUCT) |
9837 			      FIELD_PREP(WMI_TLV_LEN, ns_ext_tuples * sizeof(*ns));
9838 		i = WMI_MAX_NS_OFFLOADS;
9839 		max_offloads = offload->ipv6_count;
9840 	} else {
9841 		tlv->header = FIELD_PREP(WMI_TLV_TAG, WMI_TAG_ARRAY_STRUCT) |
9842 			      FIELD_PREP(WMI_TLV_LEN, WMI_MAX_NS_OFFLOADS * sizeof(*ns));
9843 		i = 0;
9844 		max_offloads = WMI_MAX_NS_OFFLOADS;
9845 	}
9846 
9847 	buf_ptr += sizeof(*tlv);
9848 
9849 	for (; i < max_offloads; i++) {
9850 		ns = (struct wmi_ns_offload_tuple *)buf_ptr;
9851 		ns->tlv_header = FIELD_PREP(WMI_TLV_TAG, WMI_TAG_NS_OFFLOAD_TUPLE) |
9852 				 FIELD_PREP(WMI_TLV_LEN, sizeof(*ns) - TLV_HDR_SIZE);
9853 
9854 		if (enable) {
9855 			if (i < ns_cnt)
9856 				ns->flags |= WMI_NSOL_FLAGS_VALID;
9857 
9858 			memcpy(ns->target_ipaddr[0], offload->ipv6_addr[i], 16);
9859 			memcpy(ns->solicitation_ipaddr, offload->self_ipv6_addr[i], 16);
9860 			ath11k_ce_byte_swap(ns->target_ipaddr[0], 16);
9861 			ath11k_ce_byte_swap(ns->solicitation_ipaddr, 16);
9862 
9863 			if (offload->ipv6_type[i])
9864 				ns->flags |= WMI_NSOL_FLAGS_IS_IPV6_ANYCAST;
9865 
9866 			memcpy(ns->target_mac.addr, offload->mac_addr, ETH_ALEN);
9867 			ath11k_ce_byte_swap(ns->target_mac.addr, 8);
9868 
9869 			if (ns->target_mac.word0 != 0 ||
9870 			    ns->target_mac.word1 != 0) {
9871 				ns->flags |= WMI_NSOL_FLAGS_MAC_VALID;
9872 			}
9873 
9874 			ath11k_dbg(ar->ab, ATH11K_DBG_WMI,
9875 				   "index %d ns_solicited %pI6 target %pI6",
9876 				   i, ns->solicitation_ipaddr,
9877 				   ns->target_ipaddr[0]);
9878 		}
9879 
9880 		buf_ptr += sizeof(*ns);
9881 	}
9882 
9883 	*ptr = buf_ptr;
9884 }
9885 
9886 static void ath11k_wmi_fill_arp_offload(struct ath11k *ar,
9887 					struct ath11k_arp_ns_offload *offload,
9888 					u8 **ptr,
9889 					bool enable)
9890 {
9891 	struct wmi_arp_offload_tuple *arp;
9892 	struct wmi_tlv *tlv;
9893 	u8 *buf_ptr = *ptr;
9894 	int i;
9895 
9896 	/* fill arp tuple */
9897 	tlv = (struct wmi_tlv *)buf_ptr;
9898 	tlv->header = FIELD_PREP(WMI_TLV_TAG, WMI_TAG_ARRAY_STRUCT) |
9899 		      FIELD_PREP(WMI_TLV_LEN, WMI_MAX_ARP_OFFLOADS * sizeof(*arp));
9900 	buf_ptr += sizeof(*tlv);
9901 
9902 	for (i = 0; i < WMI_MAX_ARP_OFFLOADS; i++) {
9903 		arp = (struct wmi_arp_offload_tuple *)buf_ptr;
9904 		arp->tlv_header = FIELD_PREP(WMI_TLV_TAG, WMI_TAG_ARP_OFFLOAD_TUPLE) |
9905 				  FIELD_PREP(WMI_TLV_LEN, sizeof(*arp) - TLV_HDR_SIZE);
9906 
9907 		if (enable && i < offload->ipv4_count) {
9908 			/* Copy the target ip addr and flags */
9909 			arp->flags = WMI_ARPOL_FLAGS_VALID;
9910 			memcpy(arp->target_ipaddr, offload->ipv4_addr[i], 4);
9911 			ath11k_ce_byte_swap(arp->target_ipaddr, 4);
9912 
9913 			ath11k_dbg(ar->ab, ATH11K_DBG_WMI, "arp offload address %pI4",
9914 				   arp->target_ipaddr);
9915 		}
9916 
9917 		buf_ptr += sizeof(*arp);
9918 	}
9919 
9920 	*ptr = buf_ptr;
9921 }
9922 
9923 int ath11k_wmi_arp_ns_offload(struct ath11k *ar,
9924 			      struct ath11k_vif *arvif, bool enable)
9925 {
9926 	struct ath11k_arp_ns_offload *offload;
9927 	struct wmi_set_arp_ns_offload_cmd *cmd;
9928 	struct wmi_tlv *tlv;
9929 	struct sk_buff *skb;
9930 	u8 *buf_ptr;
9931 	size_t len;
9932 	u8 ns_cnt, ns_ext_tuples = 0;
9933 
9934 	offload = &arvif->arp_ns_offload;
9935 	ns_cnt = offload->ipv6_count;
9936 
9937 	len = sizeof(*cmd) +
9938 	      sizeof(*tlv) +
9939 	      WMI_MAX_NS_OFFLOADS * sizeof(struct wmi_ns_offload_tuple) +
9940 	      sizeof(*tlv) +
9941 	      WMI_MAX_ARP_OFFLOADS * sizeof(struct wmi_arp_offload_tuple);
9942 
9943 	if (ns_cnt > WMI_MAX_NS_OFFLOADS) {
9944 		ns_ext_tuples = ns_cnt - WMI_MAX_NS_OFFLOADS;
9945 		len += sizeof(*tlv) +
9946 		       ns_ext_tuples * sizeof(struct wmi_ns_offload_tuple);
9947 	}
9948 
9949 	skb = ath11k_wmi_alloc_skb(ar->wmi->wmi_ab, len);
9950 	if (!skb)
9951 		return -ENOMEM;
9952 
9953 	buf_ptr = skb->data;
9954 	cmd = (struct wmi_set_arp_ns_offload_cmd *)buf_ptr;
9955 	cmd->tlv_header = FIELD_PREP(WMI_TLV_TAG,
9956 				     WMI_TAG_SET_ARP_NS_OFFLOAD_CMD) |
9957 			  FIELD_PREP(WMI_TLV_LEN, sizeof(*cmd) - TLV_HDR_SIZE);
9958 
9959 	cmd->flags = 0;
9960 	cmd->vdev_id = arvif->vdev_id;
9961 	cmd->num_ns_ext_tuples = ns_ext_tuples;
9962 
9963 	buf_ptr += sizeof(*cmd);
9964 
9965 	ath11k_wmi_fill_ns_offload(ar, offload, &buf_ptr, enable, 0);
9966 	ath11k_wmi_fill_arp_offload(ar, offload, &buf_ptr, enable);
9967 
9968 	if (ns_ext_tuples)
9969 		ath11k_wmi_fill_ns_offload(ar, offload, &buf_ptr, enable, 1);
9970 
9971 	return ath11k_wmi_cmd_send(ar->wmi, skb, WMI_SET_ARP_NS_OFFLOAD_CMDID);
9972 }
9973 
9974 int ath11k_wmi_gtk_rekey_offload(struct ath11k *ar,
9975 				 struct ath11k_vif *arvif, bool enable)
9976 {
9977 	struct wmi_gtk_rekey_offload_cmd *cmd;
9978 	struct ath11k_rekey_data *rekey_data = &arvif->rekey_data;
9979 	int len;
9980 	struct sk_buff *skb;
9981 	__le64 replay_ctr;
9982 
9983 	len = sizeof(*cmd);
9984 	skb =  ath11k_wmi_alloc_skb(ar->wmi->wmi_ab, len);
9985 	if (!skb)
9986 		return -ENOMEM;
9987 
9988 	cmd = (struct wmi_gtk_rekey_offload_cmd *)skb->data;
9989 	cmd->tlv_header = FIELD_PREP(WMI_TLV_TAG, WMI_TAG_GTK_OFFLOAD_CMD) |
9990 			  FIELD_PREP(WMI_TLV_LEN, sizeof(*cmd) - TLV_HDR_SIZE);
9991 
9992 	cmd->vdev_id = arvif->vdev_id;
9993 
9994 	if (enable) {
9995 		cmd->flags = GTK_OFFLOAD_ENABLE_OPCODE;
9996 
9997 		/* the length in rekey_data and cmd is equal */
9998 		memcpy(cmd->kck, rekey_data->kck, sizeof(cmd->kck));
9999 		ath11k_ce_byte_swap(cmd->kck, GTK_OFFLOAD_KEK_BYTES);
10000 		memcpy(cmd->kek, rekey_data->kek, sizeof(cmd->kek));
10001 		ath11k_ce_byte_swap(cmd->kek, GTK_OFFLOAD_KEK_BYTES);
10002 
10003 		replay_ctr = cpu_to_le64(rekey_data->replay_ctr);
10004 		memcpy(cmd->replay_ctr, &replay_ctr,
10005 		       sizeof(replay_ctr));
10006 		ath11k_ce_byte_swap(cmd->replay_ctr, GTK_REPLAY_COUNTER_BYTES);
10007 	} else {
10008 		cmd->flags = GTK_OFFLOAD_DISABLE_OPCODE;
10009 	}
10010 
10011 	ath11k_dbg(ar->ab, ATH11K_DBG_WMI, "offload gtk rekey vdev: %d %d\n",
10012 		   arvif->vdev_id, enable);
10013 	return ath11k_wmi_cmd_send(ar->wmi, skb, WMI_GTK_OFFLOAD_CMDID);
10014 }
10015 
10016 int ath11k_wmi_gtk_rekey_getinfo(struct ath11k *ar,
10017 				 struct ath11k_vif *arvif)
10018 {
10019 	struct wmi_gtk_rekey_offload_cmd *cmd;
10020 	int len;
10021 	struct sk_buff *skb;
10022 
10023 	len = sizeof(*cmd);
10024 	skb =  ath11k_wmi_alloc_skb(ar->wmi->wmi_ab, len);
10025 	if (!skb)
10026 		return -ENOMEM;
10027 
10028 	cmd = (struct wmi_gtk_rekey_offload_cmd *)skb->data;
10029 	cmd->tlv_header = FIELD_PREP(WMI_TLV_TAG, WMI_TAG_GTK_OFFLOAD_CMD) |
10030 			  FIELD_PREP(WMI_TLV_LEN, sizeof(*cmd) - TLV_HDR_SIZE);
10031 
10032 	cmd->vdev_id = arvif->vdev_id;
10033 	cmd->flags = GTK_OFFLOAD_REQUEST_STATUS_OPCODE;
10034 
10035 	ath11k_dbg(ar->ab, ATH11K_DBG_WMI, "get gtk rekey vdev_id: %d\n",
10036 		   arvif->vdev_id);
10037 	return ath11k_wmi_cmd_send(ar->wmi, skb, WMI_GTK_OFFLOAD_CMDID);
10038 }
10039 
10040 int ath11k_wmi_pdev_set_bios_sar_table_param(struct ath11k *ar, const u8 *sar_val)
10041 {	struct ath11k_pdev_wmi *wmi = ar->wmi;
10042 	struct wmi_pdev_set_sar_table_cmd *cmd;
10043 	struct wmi_tlv *tlv;
10044 	struct sk_buff *skb;
10045 	u8 *buf_ptr;
10046 	u32 len, sar_len_aligned, rsvd_len_aligned;
10047 
10048 	sar_len_aligned = roundup(BIOS_SAR_TABLE_LEN, sizeof(u32));
10049 	rsvd_len_aligned = roundup(BIOS_SAR_RSVD1_LEN, sizeof(u32));
10050 	len = sizeof(*cmd) +
10051 	      TLV_HDR_SIZE + sar_len_aligned +
10052 	      TLV_HDR_SIZE + rsvd_len_aligned;
10053 
10054 	skb = ath11k_wmi_alloc_skb(wmi->wmi_ab, len);
10055 	if (!skb)
10056 		return -ENOMEM;
10057 
10058 	cmd = (struct wmi_pdev_set_sar_table_cmd *)skb->data;
10059 	cmd->tlv_header = FIELD_PREP(WMI_TLV_TAG, WMI_TAG_PDEV_SET_BIOS_SAR_TABLE_CMD) |
10060 			  FIELD_PREP(WMI_TLV_LEN, sizeof(*cmd) - TLV_HDR_SIZE);
10061 	cmd->pdev_id = ar->pdev->pdev_id;
10062 	cmd->sar_len = BIOS_SAR_TABLE_LEN;
10063 	cmd->rsvd_len = BIOS_SAR_RSVD1_LEN;
10064 
10065 	buf_ptr = skb->data + sizeof(*cmd);
10066 	tlv = (struct wmi_tlv *)buf_ptr;
10067 	tlv->header = FIELD_PREP(WMI_TLV_TAG, WMI_TAG_ARRAY_BYTE) |
10068 		      FIELD_PREP(WMI_TLV_LEN, sar_len_aligned);
10069 	buf_ptr += TLV_HDR_SIZE;
10070 	memcpy(buf_ptr, sar_val, BIOS_SAR_TABLE_LEN);
10071 
10072 	buf_ptr += sar_len_aligned;
10073 	tlv = (struct wmi_tlv *)buf_ptr;
10074 	tlv->header = FIELD_PREP(WMI_TLV_TAG, WMI_TAG_ARRAY_BYTE) |
10075 		      FIELD_PREP(WMI_TLV_LEN, rsvd_len_aligned);
10076 
10077 	return ath11k_wmi_cmd_send(wmi, skb, WMI_PDEV_SET_BIOS_SAR_TABLE_CMDID);
10078 }
10079 
10080 int ath11k_wmi_pdev_set_bios_geo_table_param(struct ath11k *ar)
10081 {
10082 	struct ath11k_pdev_wmi *wmi = ar->wmi;
10083 	struct wmi_pdev_set_geo_table_cmd *cmd;
10084 	struct wmi_tlv *tlv;
10085 	struct sk_buff *skb;
10086 	u8 *buf_ptr;
10087 	u32 len, rsvd_len_aligned;
10088 
10089 	rsvd_len_aligned = roundup(BIOS_SAR_RSVD2_LEN, sizeof(u32));
10090 	len = sizeof(*cmd) + TLV_HDR_SIZE + rsvd_len_aligned;
10091 
10092 	skb = ath11k_wmi_alloc_skb(wmi->wmi_ab, len);
10093 	if (!skb)
10094 		return -ENOMEM;
10095 
10096 	cmd = (struct wmi_pdev_set_geo_table_cmd *)skb->data;
10097 	cmd->tlv_header = FIELD_PREP(WMI_TLV_TAG, WMI_TAG_PDEV_SET_BIOS_GEO_TABLE_CMD) |
10098 			  FIELD_PREP(WMI_TLV_LEN, sizeof(*cmd) - TLV_HDR_SIZE);
10099 	cmd->pdev_id = ar->pdev->pdev_id;
10100 	cmd->rsvd_len = BIOS_SAR_RSVD2_LEN;
10101 
10102 	buf_ptr = skb->data + sizeof(*cmd);
10103 	tlv = (struct wmi_tlv *)buf_ptr;
10104 	tlv->header = FIELD_PREP(WMI_TLV_TAG, WMI_TAG_ARRAY_BYTE) |
10105 		      FIELD_PREP(WMI_TLV_LEN, rsvd_len_aligned);
10106 
10107 	return ath11k_wmi_cmd_send(wmi, skb, WMI_PDEV_SET_BIOS_GEO_TABLE_CMDID);
10108 }
10109 
10110 int ath11k_wmi_sta_keepalive(struct ath11k *ar,
10111 			     const struct wmi_sta_keepalive_arg *arg)
10112 {
10113 	struct ath11k_pdev_wmi *wmi = ar->wmi;
10114 	struct wmi_sta_keepalive_cmd *cmd;
10115 	struct wmi_sta_keepalive_arp_resp *arp;
10116 	struct sk_buff *skb;
10117 	size_t len;
10118 
10119 	len = sizeof(*cmd) + sizeof(*arp);
10120 	skb = ath11k_wmi_alloc_skb(wmi->wmi_ab, len);
10121 	if (!skb)
10122 		return -ENOMEM;
10123 
10124 	cmd = (struct wmi_sta_keepalive_cmd *)skb->data;
10125 	cmd->tlv_header = FIELD_PREP(WMI_TLV_TAG,
10126 				     WMI_TAG_STA_KEEPALIVE_CMD) |
10127 				     FIELD_PREP(WMI_TLV_LEN, sizeof(*cmd) - TLV_HDR_SIZE);
10128 	cmd->vdev_id = arg->vdev_id;
10129 	cmd->enabled = arg->enabled;
10130 	cmd->interval = arg->interval;
10131 	cmd->method = arg->method;
10132 
10133 	arp = (struct wmi_sta_keepalive_arp_resp *)(cmd + 1);
10134 	arp->tlv_header = FIELD_PREP(WMI_TLV_TAG,
10135 				     WMI_TAG_STA_KEEPALIVE_ARP_RESPONSE) |
10136 			 FIELD_PREP(WMI_TLV_LEN, sizeof(*arp) - TLV_HDR_SIZE);
10137 
10138 	if (arg->method == WMI_STA_KEEPALIVE_METHOD_UNSOLICITED_ARP_RESPONSE ||
10139 	    arg->method == WMI_STA_KEEPALIVE_METHOD_GRATUITOUS_ARP_REQUEST) {
10140 		arp->src_ip4_addr = arg->src_ip4_addr;
10141 		arp->dest_ip4_addr = arg->dest_ip4_addr;
10142 		ether_addr_copy(arp->dest_mac_addr.addr, arg->dest_mac_addr);
10143 	}
10144 
10145 	ath11k_dbg(ar->ab, ATH11K_DBG_WMI,
10146 		   "sta keepalive vdev %d enabled %d method %d interval %d\n",
10147 		   arg->vdev_id, arg->enabled, arg->method, arg->interval);
10148 
10149 	return ath11k_wmi_cmd_send(wmi, skb, WMI_STA_KEEPALIVE_CMDID);
10150 }
10151