xref: /freebsd/sys/contrib/dev/rtw89/wow.c (revision 7ab1a32cd43cbae61ad4dd435d6a482bbf61cb52)
1 // SPDX-License-Identifier: GPL-2.0 OR BSD-3-Clause
2 /* Copyright(c) 2019-2022  Realtek Corporation
3  */
4 #include "cam.h"
5 #include "core.h"
6 #include "debug.h"
7 #include "fw.h"
8 #include "mac.h"
9 #include "phy.h"
10 #include "ps.h"
11 #include "reg.h"
12 #include "util.h"
13 #include "wow.h"
14 
15 void rtw89_wow_parse_akm(struct rtw89_dev *rtwdev, struct sk_buff *skb)
16 {
17 	struct ieee80211_mgmt *mgmt = (struct ieee80211_mgmt *)skb->data;
18 	struct rtw89_wow_param *rtw_wow = &rtwdev->wow;
19 	const u8 *rsn, *ies = mgmt->u.assoc_req.variable;
20 	struct rtw89_rsn_ie *rsn_ie;
21 
22 	rsn = cfg80211_find_ie(WLAN_EID_RSN, ies, skb->len);
23 	if (!rsn)
24 		return;
25 
26 	rsn_ie = (struct rtw89_rsn_ie *)rsn;
27 	rtw_wow->akm = rsn_ie->akm_cipher_suite.type;
28 }
29 
30 #define RTW89_CIPHER_INFO_DEF(cipher) \
31 	{WLAN_CIPHER_SUITE_ ## cipher, .fw_alg = RTW89_WOW_FW_ALG_ ## cipher, \
32 	 .len = WLAN_KEY_LEN_ ## cipher}
33 
34 static const struct rtw89_cipher_info rtw89_cipher_info_defs[] = {
35 	RTW89_CIPHER_INFO_DEF(WEP40),
36 	RTW89_CIPHER_INFO_DEF(WEP104),
37 	RTW89_CIPHER_INFO_DEF(TKIP),
38 	RTW89_CIPHER_INFO_DEF(CCMP),
39 	RTW89_CIPHER_INFO_DEF(GCMP),
40 	RTW89_CIPHER_INFO_DEF(CCMP_256),
41 	RTW89_CIPHER_INFO_DEF(GCMP_256),
42 	RTW89_CIPHER_INFO_DEF(AES_CMAC),
43 };
44 
45 #undef RTW89_CIPHER_INFO_DEF
46 
47 static const
48 struct rtw89_cipher_info *rtw89_cipher_alg_recognize(u32 cipher)
49 {
50 	const struct rtw89_cipher_info *cipher_info_defs;
51 	int i;
52 
53 	for (i = 0; i < ARRAY_SIZE(rtw89_cipher_info_defs); i++) {
54 		cipher_info_defs = &rtw89_cipher_info_defs[i];
55 		if (cipher_info_defs->cipher == cipher)
56 			return cipher_info_defs;
57 	}
58 
59 	return NULL;
60 }
61 
62 static int _pn_to_iv(struct rtw89_dev *rtwdev, struct ieee80211_key_conf *key,
63 		     u8 *iv, u64 pn, u8 key_idx)
64 {
65 	switch (key->cipher) {
66 	case WLAN_CIPHER_SUITE_TKIP:
67 		iv[0] = u64_get_bits(pn, RTW89_KEY_PN_1);
68 		iv[1] = (u64_get_bits(pn, RTW89_KEY_PN_1) | 0x20) & 0x7f;
69 		iv[2] = u64_get_bits(pn, RTW89_KEY_PN_0);
70 		break;
71 	case WLAN_CIPHER_SUITE_CCMP:
72 	case WLAN_CIPHER_SUITE_GCMP:
73 	case WLAN_CIPHER_SUITE_CCMP_256:
74 	case WLAN_CIPHER_SUITE_GCMP_256:
75 		iv[0] = u64_get_bits(pn, RTW89_KEY_PN_0);
76 		iv[1] = u64_get_bits(pn, RTW89_KEY_PN_1);
77 		iv[2] = 0;
78 		break;
79 	default:
80 		return -EINVAL;
81 	}
82 
83 	iv[3] = BIT(5) | ((key_idx & 0x3) << 6);
84 	iv[4] = u64_get_bits(pn, RTW89_KEY_PN_2);
85 	iv[5] = u64_get_bits(pn, RTW89_KEY_PN_3);
86 	iv[6] = u64_get_bits(pn, RTW89_KEY_PN_4);
87 	iv[7] = u64_get_bits(pn, RTW89_KEY_PN_5);
88 
89 	return 0;
90 }
91 
92 static int rtw89_rx_pn_to_iv(struct rtw89_dev *rtwdev,
93 			     struct ieee80211_key_conf *key,
94 			     u8 *iv)
95 {
96 	struct ieee80211_key_seq seq;
97 	int err;
98 	u64 pn;
99 
100 	ieee80211_get_key_rx_seq(key, 0, &seq);
101 
102 	/* seq.ccmp.pn[] is BE order array */
103 	pn = u64_encode_bits(seq.ccmp.pn[0], RTW89_KEY_PN_5) |
104 	     u64_encode_bits(seq.ccmp.pn[1], RTW89_KEY_PN_4) |
105 	     u64_encode_bits(seq.ccmp.pn[2], RTW89_KEY_PN_3) |
106 	     u64_encode_bits(seq.ccmp.pn[3], RTW89_KEY_PN_2) |
107 	     u64_encode_bits(seq.ccmp.pn[4], RTW89_KEY_PN_1) |
108 	     u64_encode_bits(seq.ccmp.pn[5], RTW89_KEY_PN_0);
109 
110 	err = _pn_to_iv(rtwdev, key, iv, pn, key->keyidx);
111 	if (err)
112 		return err;
113 
114 	rtw89_debug(rtwdev, RTW89_DBG_WOW, "%s key %d pn-%llx to iv-%*ph\n",
115 		    __func__, key->keyidx, pn, 8, iv);
116 
117 	return 0;
118 }
119 
120 static int rtw89_tx_pn_to_iv(struct rtw89_dev *rtwdev,
121 			     struct ieee80211_key_conf *key,
122 			     u8 *iv)
123 {
124 	int err;
125 	u64 pn;
126 
127 	pn = atomic64_inc_return(&key->tx_pn);
128 	err = _pn_to_iv(rtwdev, key, iv, pn, key->keyidx);
129 	if (err)
130 		return err;
131 
132 	rtw89_debug(rtwdev, RTW89_DBG_WOW, "%s key %d pn-%llx to iv-%*ph\n",
133 		    __func__, key->keyidx, pn, 8, iv);
134 
135 	return 0;
136 }
137 
138 static int _iv_to_pn(struct rtw89_dev *rtwdev, u8 *iv, u64 *pn, u8 *key_id,
139 		     struct ieee80211_key_conf *key)
140 {
141 	switch (key->cipher) {
142 	case WLAN_CIPHER_SUITE_TKIP:
143 		*pn = u64_encode_bits(iv[2], RTW89_KEY_PN_0) |
144 		      u64_encode_bits(iv[0], RTW89_KEY_PN_1);
145 		break;
146 	case WLAN_CIPHER_SUITE_CCMP:
147 	case WLAN_CIPHER_SUITE_GCMP:
148 	case WLAN_CIPHER_SUITE_CCMP_256:
149 	case WLAN_CIPHER_SUITE_GCMP_256:
150 		*pn = u64_encode_bits(iv[0], RTW89_KEY_PN_0) |
151 		      u64_encode_bits(iv[1], RTW89_KEY_PN_1);
152 		break;
153 	default:
154 		return -EINVAL;
155 	}
156 
157 	*pn |= u64_encode_bits(iv[4], RTW89_KEY_PN_2) |
158 	       u64_encode_bits(iv[5], RTW89_KEY_PN_3) |
159 	       u64_encode_bits(iv[6], RTW89_KEY_PN_4) |
160 	       u64_encode_bits(iv[7], RTW89_KEY_PN_5);
161 
162 	if (key_id)
163 		*key_id = *(iv + 3) >> 6;
164 
165 	return 0;
166 }
167 
168 static int rtw89_rx_iv_to_pn(struct rtw89_dev *rtwdev,
169 			     struct ieee80211_key_conf *key,
170 			     u8 *iv)
171 {
172 	struct ieee80211_key_seq seq;
173 	int err;
174 	u64 pn;
175 
176 	err = _iv_to_pn(rtwdev, iv, &pn, NULL, key);
177 	if (err)
178 		return err;
179 
180 	/* seq.ccmp.pn[] is BE order array */
181 	seq.ccmp.pn[0] = u64_get_bits(pn, RTW89_KEY_PN_5);
182 	seq.ccmp.pn[1] = u64_get_bits(pn, RTW89_KEY_PN_4);
183 	seq.ccmp.pn[2] = u64_get_bits(pn, RTW89_KEY_PN_3);
184 	seq.ccmp.pn[3] = u64_get_bits(pn, RTW89_KEY_PN_2);
185 	seq.ccmp.pn[4] = u64_get_bits(pn, RTW89_KEY_PN_1);
186 	seq.ccmp.pn[5] = u64_get_bits(pn, RTW89_KEY_PN_0);
187 
188 	ieee80211_set_key_rx_seq(key, 0, &seq);
189 	rtw89_debug(rtwdev, RTW89_DBG_WOW, "%s key %d iv-%*ph to pn-%*ph\n",
190 		    __func__, key->keyidx, 8, iv, 6, seq.ccmp.pn);
191 
192 	return 0;
193 }
194 
195 static int rtw89_tx_iv_to_pn(struct rtw89_dev *rtwdev,
196 			     struct ieee80211_key_conf *key,
197 			     u8 *iv)
198 {
199 	int err;
200 	u64 pn;
201 
202 	err = _iv_to_pn(rtwdev, iv, &pn, NULL, key);
203 	if (err)
204 		return err;
205 
206 	atomic64_set(&key->tx_pn, pn);
207 	rtw89_debug(rtwdev, RTW89_DBG_WOW, "%s key %d iv-%*ph to pn-%llx\n",
208 		    __func__, key->keyidx, 8, iv, pn);
209 
210 	return 0;
211 }
212 
213 static int rtw89_rx_pn_get_pmf(struct rtw89_dev *rtwdev,
214 			       struct ieee80211_key_conf *key,
215 			       struct rtw89_wow_gtk_info *gtk_info)
216 {
217 	struct ieee80211_key_seq seq;
218 	u64 pn;
219 
220 	if (key->keyidx == 4)
221 		memcpy(gtk_info->igtk[0], key->key, key->keylen);
222 	else if (key->keyidx == 5)
223 		memcpy(gtk_info->igtk[1], key->key, key->keylen);
224 	else
225 		return -EINVAL;
226 
227 	ieee80211_get_key_rx_seq(key, 0, &seq);
228 
229 	/* seq.ccmp.pn[] is BE order array */
230 	pn = u64_encode_bits(seq.ccmp.pn[0], RTW89_KEY_PN_5) |
231 	     u64_encode_bits(seq.ccmp.pn[1], RTW89_KEY_PN_4) |
232 	     u64_encode_bits(seq.ccmp.pn[2], RTW89_KEY_PN_3) |
233 	     u64_encode_bits(seq.ccmp.pn[3], RTW89_KEY_PN_2) |
234 	     u64_encode_bits(seq.ccmp.pn[4], RTW89_KEY_PN_1) |
235 	     u64_encode_bits(seq.ccmp.pn[5], RTW89_KEY_PN_0);
236 	gtk_info->ipn = cpu_to_le64(pn);
237 	gtk_info->igtk_keyid = cpu_to_le32(key->keyidx);
238 	rtw89_debug(rtwdev, RTW89_DBG_WOW, "%s key %d pn-%llx\n",
239 		    __func__, key->keyidx, pn);
240 
241 	return 0;
242 }
243 
244 static int rtw89_rx_pn_set_pmf(struct rtw89_dev *rtwdev,
245 			       struct ieee80211_key_conf *key,
246 			       u64 pn)
247 {
248 	struct rtw89_wow_param *rtw_wow = &rtwdev->wow;
249 	struct rtw89_wow_aoac_report *aoac_rpt = &rtw_wow->aoac_rpt;
250 	struct ieee80211_key_seq seq;
251 
252 	if (key->keyidx != aoac_rpt->igtk_key_id)
253 		return 0;
254 
255 	/* seq.ccmp.pn[] is BE order array */
256 	seq.ccmp.pn[0] = u64_get_bits(pn, RTW89_KEY_PN_5);
257 	seq.ccmp.pn[1] = u64_get_bits(pn, RTW89_KEY_PN_4);
258 	seq.ccmp.pn[2] = u64_get_bits(pn, RTW89_KEY_PN_3);
259 	seq.ccmp.pn[3] = u64_get_bits(pn, RTW89_KEY_PN_2);
260 	seq.ccmp.pn[4] = u64_get_bits(pn, RTW89_KEY_PN_1);
261 	seq.ccmp.pn[5] = u64_get_bits(pn, RTW89_KEY_PN_0);
262 
263 	ieee80211_set_key_rx_seq(key, 0, &seq);
264 	rtw89_debug(rtwdev, RTW89_DBG_WOW, "%s key %d pn-%*ph\n",
265 		    __func__, key->keyidx, 6, seq.ccmp.pn);
266 
267 	return 0;
268 }
269 
270 static void rtw89_wow_get_key_info_iter(struct ieee80211_hw *hw,
271 					struct ieee80211_vif *vif,
272 					struct ieee80211_sta *sta,
273 					struct ieee80211_key_conf *key,
274 					void *data)
275 {
276 	struct rtw89_dev *rtwdev = hw->priv;
277 	struct rtw89_wow_param *rtw_wow = &rtwdev->wow;
278 	struct rtw89_wow_key_info *key_info = &rtw_wow->key_info;
279 	struct rtw89_wow_gtk_info *gtk_info = &rtw_wow->gtk_info;
280 	const struct rtw89_cipher_info *cipher_info;
281 	bool *err = data;
282 	int ret;
283 
284 	cipher_info = rtw89_cipher_alg_recognize(key->cipher);
285 
286 	switch (key->cipher) {
287 	case WLAN_CIPHER_SUITE_TKIP:
288 	case WLAN_CIPHER_SUITE_CCMP:
289 	case WLAN_CIPHER_SUITE_GCMP:
290 	case WLAN_CIPHER_SUITE_CCMP_256:
291 	case WLAN_CIPHER_SUITE_GCMP_256:
292 		if (sta) {
293 			ret = rtw89_tx_pn_to_iv(rtwdev, key,
294 						key_info->ptk_tx_iv);
295 			if (ret)
296 				goto err;
297 			ret = rtw89_rx_pn_to_iv(rtwdev, key,
298 						key_info->ptk_rx_iv);
299 			if (ret)
300 				goto err;
301 
302 			rtw_wow->ptk_alg = cipher_info->fw_alg;
303 			rtw_wow->ptk_keyidx = key->keyidx;
304 		} else {
305 			ret = rtw89_rx_pn_to_iv(rtwdev, key,
306 						key_info->gtk_rx_iv[key->keyidx]);
307 			if (ret)
308 				goto err;
309 
310 			rtw_wow->gtk_alg = cipher_info->fw_alg;
311 			key_info->gtk_keyidx = key->keyidx;
312 		}
313 		break;
314 	case WLAN_CIPHER_SUITE_AES_CMAC:
315 		ret = rtw89_rx_pn_get_pmf(rtwdev, key, gtk_info);
316 		if (ret)
317 			goto err;
318 		break;
319 	case WLAN_CIPHER_SUITE_WEP40:
320 	case WLAN_CIPHER_SUITE_WEP104:
321 		/* WEP only set group key in mac80211, but fw need to set
322 		 * both of pairwise key and group key.
323 		 */
324 		rtw_wow->ptk_alg = cipher_info->fw_alg;
325 		rtw_wow->ptk_keyidx = key->keyidx;
326 		rtw_wow->gtk_alg = cipher_info->fw_alg;
327 		key_info->gtk_keyidx = key->keyidx;
328 		break;
329 	default:
330 		rtw89_debug(rtwdev, RTW89_DBG_WOW, "unsupport cipher %x\n",
331 			    key->cipher);
332 		goto err;
333 	}
334 
335 	return;
336 err:
337 	*err = true;
338 }
339 
340 static void rtw89_wow_set_key_info_iter(struct ieee80211_hw *hw,
341 					struct ieee80211_vif *vif,
342 					struct ieee80211_sta *sta,
343 					struct ieee80211_key_conf *key,
344 					void *data)
345 {
346 	struct rtw89_dev *rtwdev = hw->priv;
347 	struct rtw89_wow_param *rtw_wow = &rtwdev->wow;
348 	struct rtw89_wow_aoac_report *aoac_rpt = &rtw_wow->aoac_rpt;
349 	struct rtw89_set_key_info_iter_data *iter_data = data;
350 	bool update_tx_key_info = iter_data->rx_ready;
351 	int ret;
352 
353 	switch (key->cipher) {
354 	case WLAN_CIPHER_SUITE_TKIP:
355 	case WLAN_CIPHER_SUITE_CCMP:
356 	case WLAN_CIPHER_SUITE_GCMP:
357 	case WLAN_CIPHER_SUITE_CCMP_256:
358 	case WLAN_CIPHER_SUITE_GCMP_256:
359 		if (sta && !update_tx_key_info) {
360 			ret = rtw89_rx_iv_to_pn(rtwdev, key,
361 						aoac_rpt->ptk_rx_iv);
362 			if (ret)
363 				goto err;
364 		}
365 
366 		if (sta && update_tx_key_info) {
367 			ret = rtw89_tx_iv_to_pn(rtwdev, key,
368 						aoac_rpt->ptk_tx_iv);
369 			if (ret)
370 				goto err;
371 		}
372 
373 		if (!sta && !update_tx_key_info) {
374 			ret = rtw89_rx_iv_to_pn(rtwdev, key,
375 						aoac_rpt->gtk_rx_iv[key->keyidx]);
376 			if (ret)
377 				goto err;
378 		}
379 
380 		if (!sta && update_tx_key_info && aoac_rpt->rekey_ok)
381 			iter_data->gtk_cipher = key->cipher;
382 		break;
383 	case WLAN_CIPHER_SUITE_AES_CMAC:
384 		if (update_tx_key_info) {
385 			if (aoac_rpt->rekey_ok)
386 				iter_data->igtk_cipher = key->cipher;
387 		} else {
388 			ret = rtw89_rx_pn_set_pmf(rtwdev, key,
389 						  aoac_rpt->igtk_ipn);
390 			if (ret)
391 				goto err;
392 		}
393 		break;
394 	case WLAN_CIPHER_SUITE_WEP40:
395 	case WLAN_CIPHER_SUITE_WEP104:
396 		break;
397 	default:
398 		rtw89_debug(rtwdev, RTW89_DBG_WOW, "unsupport cipher %x\n",
399 			    key->cipher);
400 		goto err;
401 	}
402 
403 	return;
404 
405 err:
406 	iter_data->error = true;
407 }
408 
409 static void rtw89_wow_key_clear(struct rtw89_dev *rtwdev)
410 {
411 	struct rtw89_wow_param *rtw_wow = &rtwdev->wow;
412 
413 	memset(&rtw_wow->aoac_rpt, 0, sizeof(rtw_wow->aoac_rpt));
414 	memset(&rtw_wow->gtk_info, 0, sizeof(rtw_wow->gtk_info));
415 	memset(&rtw_wow->key_info, 0, sizeof(rtw_wow->key_info));
416 	rtw_wow->ptk_alg = 0;
417 	rtw_wow->gtk_alg = 0;
418 }
419 
420 static void rtw89_wow_construct_key_info(struct rtw89_dev *rtwdev)
421 {
422 	struct rtw89_wow_param *rtw_wow = &rtwdev->wow;
423 	struct rtw89_wow_key_info *key_info = &rtw_wow->key_info;
424 	struct ieee80211_vif *wow_vif = rtwdev->wow.wow_vif;
425 	bool err = false;
426 
427 	rcu_read_lock();
428 	ieee80211_iter_keys_rcu(rtwdev->hw, wow_vif,
429 				rtw89_wow_get_key_info_iter, &err);
430 	rcu_read_unlock();
431 
432 	if (err) {
433 		rtw89_wow_key_clear(rtwdev);
434 		return;
435 	}
436 
437 	key_info->valid_check = RTW89_WOW_VALID_CHECK;
438 	key_info->symbol_check_en = RTW89_WOW_SYMBOL_CHK_PTK |
439 				    RTW89_WOW_SYMBOL_CHK_GTK;
440 }
441 
442 static void rtw89_wow_debug_aoac_rpt(struct rtw89_dev *rtwdev)
443 {
444 	struct rtw89_wow_param *rtw_wow = &rtwdev->wow;
445 	struct rtw89_wow_aoac_report *aoac_rpt = &rtw_wow->aoac_rpt;
446 
447 	if (!rtw89_debug_is_enabled(rtwdev, RTW89_DBG_WOW))
448 		return;
449 
450 	rtw89_debug(rtwdev, RTW89_DBG_WOW, "[aoac_rpt] rpt_ver = %d\n",
451 		    aoac_rpt->rpt_ver);
452 	rtw89_debug(rtwdev, RTW89_DBG_WOW, "[aoac_rpt] sec_type = %d\n",
453 		    aoac_rpt->sec_type);
454 	rtw89_debug(rtwdev, RTW89_DBG_WOW, "[aoac_rpt] key_idx = %d\n",
455 		    aoac_rpt->key_idx);
456 	rtw89_debug(rtwdev, RTW89_DBG_WOW, "[aoac_rpt] pattern_idx = %d\n",
457 		    aoac_rpt->pattern_idx);
458 	rtw89_debug(rtwdev, RTW89_DBG_WOW, "[aoac_rpt] rekey_ok = %d\n",
459 		    aoac_rpt->rekey_ok);
460 	rtw89_debug(rtwdev, RTW89_DBG_WOW, "[aoac_rpt] ptk_tx_iv = %*ph\n",
461 		    8, aoac_rpt->ptk_tx_iv);
462 	rtw89_debug(rtwdev, RTW89_DBG_WOW,
463 		    "[aoac_rpt] eapol_key_replay_count = %*ph\n",
464 		    8, aoac_rpt->eapol_key_replay_count);
465 	rtw89_debug(rtwdev, RTW89_DBG_WOW, "[aoac_rpt] ptk_rx_iv = %*ph\n",
466 		    8, aoac_rpt->ptk_rx_iv);
467 	rtw89_debug(rtwdev, RTW89_DBG_WOW, "[aoac_rpt] gtk_rx_iv[0] = %*ph\n",
468 		    8, aoac_rpt->gtk_rx_iv[0]);
469 	rtw89_debug(rtwdev, RTW89_DBG_WOW, "[aoac_rpt] gtk_rx_iv[1] = %*ph\n",
470 		    8, aoac_rpt->gtk_rx_iv[1]);
471 	rtw89_debug(rtwdev, RTW89_DBG_WOW, "[aoac_rpt] gtk_rx_iv[2] = %*ph\n",
472 		    8, aoac_rpt->gtk_rx_iv[2]);
473 	rtw89_debug(rtwdev, RTW89_DBG_WOW, "[aoac_rpt] gtk_rx_iv[3] = %*ph\n",
474 		    8, aoac_rpt->gtk_rx_iv[3]);
475 	rtw89_debug(rtwdev, RTW89_DBG_WOW, "[aoac_rpt] igtk_key_id = %llu\n",
476 		    aoac_rpt->igtk_key_id);
477 	rtw89_debug(rtwdev, RTW89_DBG_WOW, "[aoac_rpt] igtk_ipn = %llu\n",
478 		    aoac_rpt->igtk_ipn);
479 	rtw89_debug(rtwdev, RTW89_DBG_WOW, "[aoac_rpt] igtk = %*ph\n",
480 		    32, aoac_rpt->igtk);
481 }
482 
483 static int rtw89_wow_get_aoac_rpt_reg(struct rtw89_dev *rtwdev)
484 {
485 	struct rtw89_wow_param *rtw_wow = &rtwdev->wow;
486 	struct rtw89_wow_aoac_report *aoac_rpt = &rtw_wow->aoac_rpt;
487 	struct rtw89_mac_c2h_info c2h_info = {};
488 	struct rtw89_mac_h2c_info h2c_info = {};
489 	u8 igtk_ipn[8];
490 	u8 key_idx;
491 	int ret;
492 
493 	h2c_info.id = RTW89_FWCMD_H2CREG_FUNC_AOAC_RPT_1;
494 	h2c_info.content_len = 2;
495 	ret = rtw89_fw_msg_reg(rtwdev, &h2c_info, &c2h_info);
496 	if (ret)
497 		return ret;
498 
499 	aoac_rpt->key_idx =
500 		u32_get_bits(c2h_info.u.c2hreg[0], RTW89_C2HREG_AOAC_RPT_1_W0_KEY_IDX);
501 	key_idx = aoac_rpt->key_idx;
502 	aoac_rpt->gtk_rx_iv[key_idx][0] =
503 		u32_get_bits(c2h_info.u.c2hreg[1], RTW89_C2HREG_AOAC_RPT_1_W1_IV_0);
504 	aoac_rpt->gtk_rx_iv[key_idx][1] =
505 		u32_get_bits(c2h_info.u.c2hreg[1], RTW89_C2HREG_AOAC_RPT_1_W1_IV_1);
506 	aoac_rpt->gtk_rx_iv[key_idx][2] =
507 		u32_get_bits(c2h_info.u.c2hreg[1], RTW89_C2HREG_AOAC_RPT_1_W1_IV_2);
508 	aoac_rpt->gtk_rx_iv[key_idx][3] =
509 		u32_get_bits(c2h_info.u.c2hreg[1], RTW89_C2HREG_AOAC_RPT_1_W1_IV_3);
510 	aoac_rpt->gtk_rx_iv[key_idx][4] =
511 		u32_get_bits(c2h_info.u.c2hreg[2], RTW89_C2HREG_AOAC_RPT_1_W2_IV_4);
512 	aoac_rpt->gtk_rx_iv[key_idx][5] =
513 		u32_get_bits(c2h_info.u.c2hreg[2], RTW89_C2HREG_AOAC_RPT_1_W2_IV_5);
514 	aoac_rpt->gtk_rx_iv[key_idx][6] =
515 		u32_get_bits(c2h_info.u.c2hreg[2], RTW89_C2HREG_AOAC_RPT_1_W2_IV_6);
516 	aoac_rpt->gtk_rx_iv[key_idx][7] =
517 		u32_get_bits(c2h_info.u.c2hreg[2], RTW89_C2HREG_AOAC_RPT_1_W2_IV_7);
518 	aoac_rpt->ptk_rx_iv[0] =
519 		u32_get_bits(c2h_info.u.c2hreg[3], RTW89_C2HREG_AOAC_RPT_1_W3_PTK_IV_0);
520 	aoac_rpt->ptk_rx_iv[1] =
521 		u32_get_bits(c2h_info.u.c2hreg[3], RTW89_C2HREG_AOAC_RPT_1_W3_PTK_IV_1);
522 	aoac_rpt->ptk_rx_iv[2] =
523 		u32_get_bits(c2h_info.u.c2hreg[3], RTW89_C2HREG_AOAC_RPT_1_W3_PTK_IV_2);
524 	aoac_rpt->ptk_rx_iv[3] =
525 		u32_get_bits(c2h_info.u.c2hreg[3], RTW89_C2HREG_AOAC_RPT_1_W3_PTK_IV_3);
526 
527 	h2c_info.id = RTW89_FWCMD_H2CREG_FUNC_AOAC_RPT_2;
528 	h2c_info.content_len = 2;
529 	ret = rtw89_fw_msg_reg(rtwdev, &h2c_info, &c2h_info);
530 	if (ret)
531 		return ret;
532 
533 	aoac_rpt->ptk_rx_iv[4] =
534 		u32_get_bits(c2h_info.u.c2hreg[0], RTW89_C2HREG_AOAC_RPT_2_W0_PTK_IV_4);
535 	aoac_rpt->ptk_rx_iv[5] =
536 		u32_get_bits(c2h_info.u.c2hreg[0], RTW89_C2HREG_AOAC_RPT_2_W0_PTK_IV_5);
537 	aoac_rpt->ptk_rx_iv[6] =
538 		u32_get_bits(c2h_info.u.c2hreg[1], RTW89_C2HREG_AOAC_RPT_2_W1_PTK_IV_6);
539 	aoac_rpt->ptk_rx_iv[7] =
540 		u32_get_bits(c2h_info.u.c2hreg[1], RTW89_C2HREG_AOAC_RPT_2_W1_PTK_IV_7);
541 	igtk_ipn[0] =
542 		u32_get_bits(c2h_info.u.c2hreg[1], RTW89_C2HREG_AOAC_RPT_2_W1_IGTK_IPN_IV_0);
543 	igtk_ipn[1] =
544 		u32_get_bits(c2h_info.u.c2hreg[1], RTW89_C2HREG_AOAC_RPT_2_W1_IGTK_IPN_IV_1);
545 	igtk_ipn[2] =
546 		u32_get_bits(c2h_info.u.c2hreg[2], RTW89_C2HREG_AOAC_RPT_2_W2_IGTK_IPN_IV_2);
547 	igtk_ipn[3] =
548 		u32_get_bits(c2h_info.u.c2hreg[2], RTW89_C2HREG_AOAC_RPT_2_W2_IGTK_IPN_IV_3);
549 	igtk_ipn[4] =
550 		u32_get_bits(c2h_info.u.c2hreg[2], RTW89_C2HREG_AOAC_RPT_2_W2_IGTK_IPN_IV_4);
551 	igtk_ipn[5] =
552 		u32_get_bits(c2h_info.u.c2hreg[2], RTW89_C2HREG_AOAC_RPT_2_W2_IGTK_IPN_IV_5);
553 	igtk_ipn[6] =
554 		u32_get_bits(c2h_info.u.c2hreg[3], RTW89_C2HREG_AOAC_RPT_2_W3_IGTK_IPN_IV_6);
555 	igtk_ipn[7] =
556 		u32_get_bits(c2h_info.u.c2hreg[3], RTW89_C2HREG_AOAC_RPT_2_W3_IGTK_IPN_IV_7);
557 	aoac_rpt->igtk_ipn = u64_encode_bits(igtk_ipn[0], RTW89_IGTK_IPN_0) |
558 			     u64_encode_bits(igtk_ipn[1], RTW89_IGTK_IPN_1) |
559 			     u64_encode_bits(igtk_ipn[2], RTW89_IGTK_IPN_2) |
560 			     u64_encode_bits(igtk_ipn[3], RTW89_IGTK_IPN_3) |
561 			     u64_encode_bits(igtk_ipn[4], RTW89_IGTK_IPN_4) |
562 			     u64_encode_bits(igtk_ipn[5], RTW89_IGTK_IPN_5) |
563 			     u64_encode_bits(igtk_ipn[6], RTW89_IGTK_IPN_6) |
564 			     u64_encode_bits(igtk_ipn[7], RTW89_IGTK_IPN_7);
565 
566 	return 0;
567 }
568 
569 static int rtw89_wow_get_aoac_rpt(struct rtw89_dev *rtwdev, bool rx_ready)
570 {
571 	struct rtw89_wow_param *rtw_wow = &rtwdev->wow;
572 	int ret;
573 
574 	if (!rtw_wow->ptk_alg)
575 		return -EPERM;
576 
577 	if (!rx_ready) {
578 		ret = rtw89_wow_get_aoac_rpt_reg(rtwdev);
579 		if (ret) {
580 			rtw89_err(rtwdev, "wow: failed to get aoac rpt by reg\n");
581 			return ret;
582 		}
583 	} else {
584 		ret = rtw89_fw_h2c_wow_request_aoac(rtwdev);
585 		if (ret) {
586 			rtw89_err(rtwdev, "wow: failed to get aoac rpt by pkt\n");
587 			return ret;
588 		}
589 	}
590 
591 	rtw89_wow_debug_aoac_rpt(rtwdev);
592 
593 	return 0;
594 }
595 
596 static struct ieee80211_key_conf *rtw89_wow_gtk_rekey(struct rtw89_dev *rtwdev,
597 						      u32 cipher, u8 keyidx, u8 *gtk)
598 {
599 	struct ieee80211_vif *wow_vif = rtwdev->wow.wow_vif;
600 	const struct rtw89_cipher_info *cipher_info;
601 	struct ieee80211_key_conf *rekey_conf;
602 	struct ieee80211_key_conf *key;
603 	u8 sz;
604 
605 	cipher_info = rtw89_cipher_alg_recognize(cipher);
606 	sz = struct_size(rekey_conf, key, cipher_info->len);
607 	rekey_conf = kmalloc(sz, GFP_KERNEL);
608 	if (!rekey_conf)
609 		return NULL;
610 
611 	rekey_conf->cipher = cipher;
612 	rekey_conf->keyidx = keyidx;
613 	rekey_conf->keylen = cipher_info->len;
614 	memcpy(rekey_conf->key, gtk,
615 	       flex_array_size(rekey_conf, key, cipher_info->len));
616 
617 	/* ieee80211_gtk_rekey_add() will call set_key(), therefore we
618 	 * need to unlock mutex
619 	 */
620 	mutex_unlock(&rtwdev->mutex);
621 	key = ieee80211_gtk_rekey_add(wow_vif, rekey_conf, -1);
622 	mutex_lock(&rtwdev->mutex);
623 
624 	kfree(rekey_conf);
625 	if (IS_ERR(key)) {
626 		rtw89_err(rtwdev, "ieee80211_gtk_rekey_add failed\n");
627 		return NULL;
628 	}
629 
630 	return key;
631 }
632 
633 static void rtw89_wow_update_key_info(struct rtw89_dev *rtwdev, bool rx_ready)
634 {
635 	struct ieee80211_vif *wow_vif = rtwdev->wow.wow_vif;
636 	struct rtw89_wow_param *rtw_wow = &rtwdev->wow;
637 	struct rtw89_wow_aoac_report *aoac_rpt = &rtw_wow->aoac_rpt;
638 	struct rtw89_set_key_info_iter_data data = {.error = false,
639 						    .rx_ready = rx_ready};
640 	struct ieee80211_key_conf *key;
641 
642 	rcu_read_lock();
643 	ieee80211_iter_keys_rcu(rtwdev->hw, wow_vif,
644 				rtw89_wow_set_key_info_iter, &data);
645 	rcu_read_unlock();
646 
647 	if (data.error) {
648 		rtw89_debug(rtwdev, RTW89_DBG_WOW, "%s error\n", __func__);
649 		return;
650 	}
651 
652 	if (!data.gtk_cipher)
653 		return;
654 
655 	key = rtw89_wow_gtk_rekey(rtwdev, data.gtk_cipher, aoac_rpt->key_idx,
656 				  aoac_rpt->gtk);
657 	if (!key)
658 		return;
659 
660 	rtw89_rx_iv_to_pn(rtwdev, key,
661 			  aoac_rpt->gtk_rx_iv[key->keyidx]);
662 
663 	if (!data.igtk_cipher)
664 		return;
665 
666 	key = rtw89_wow_gtk_rekey(rtwdev, data.igtk_cipher, aoac_rpt->igtk_key_id,
667 				  aoac_rpt->igtk);
668 	if (!key)
669 		return;
670 
671 	rtw89_rx_pn_set_pmf(rtwdev, key, aoac_rpt->igtk_ipn);
672 	ieee80211_gtk_rekey_notify(wow_vif, wow_vif->bss_conf.bssid,
673 				   aoac_rpt->eapol_key_replay_count,
674 				   GFP_KERNEL);
675 }
676 
677 static void rtw89_wow_leave_deep_ps(struct rtw89_dev *rtwdev)
678 {
679 	__rtw89_leave_ps_mode(rtwdev);
680 }
681 
682 static void rtw89_wow_enter_deep_ps(struct rtw89_dev *rtwdev)
683 {
684 	struct ieee80211_vif *wow_vif = rtwdev->wow.wow_vif;
685 	struct rtw89_vif *rtwvif = (struct rtw89_vif *)wow_vif->drv_priv;
686 
687 	__rtw89_enter_ps_mode(rtwdev, rtwvif);
688 }
689 
690 static void rtw89_wow_enter_lps(struct rtw89_dev *rtwdev)
691 {
692 	struct ieee80211_vif *wow_vif = rtwdev->wow.wow_vif;
693 	struct rtw89_vif *rtwvif = (struct rtw89_vif *)wow_vif->drv_priv;
694 
695 	rtw89_enter_lps(rtwdev, rtwvif, false);
696 }
697 
698 static void rtw89_wow_leave_lps(struct rtw89_dev *rtwdev)
699 {
700 	rtw89_leave_lps(rtwdev);
701 }
702 
703 static int rtw89_wow_config_mac(struct rtw89_dev *rtwdev, bool enable_wow)
704 {
705 	const struct rtw89_mac_gen_def *mac = rtwdev->chip->mac_def;
706 
707 	return mac->wow_config_mac(rtwdev, enable_wow);
708 }
709 
710 static void rtw89_wow_set_rx_filter(struct rtw89_dev *rtwdev, bool enable)
711 {
712 	const struct rtw89_mac_gen_def *mac = rtwdev->chip->mac_def;
713 	enum rtw89_mac_fwd_target fwd_target = enable ?
714 					       RTW89_FWD_DONT_CARE :
715 					       RTW89_FWD_TO_HOST;
716 
717 	mac->typ_fltr_opt(rtwdev, RTW89_MGNT, fwd_target, RTW89_MAC_0);
718 	mac->typ_fltr_opt(rtwdev, RTW89_CTRL, fwd_target, RTW89_MAC_0);
719 	mac->typ_fltr_opt(rtwdev, RTW89_DATA, fwd_target, RTW89_MAC_0);
720 }
721 
722 static void rtw89_wow_show_wakeup_reason(struct rtw89_dev *rtwdev)
723 {
724 	struct rtw89_wow_param *rtw_wow = &rtwdev->wow;
725 	struct rtw89_wow_aoac_report *aoac_rpt = &rtw_wow->aoac_rpt;
726 	struct cfg80211_wowlan_nd_info nd_info;
727 	struct cfg80211_wowlan_wakeup wakeup = {
728 		.pattern_idx = -1,
729 	};
730 	u32 wow_reason_reg;
731 	u8 reason;
732 
733 	if (RTW89_CHK_FW_FEATURE(WOW_REASON_V1, &rtwdev->fw))
734 		wow_reason_reg = rtwdev->chip->wow_reason_reg[RTW89_WOW_REASON_V1];
735 	else
736 		wow_reason_reg = rtwdev->chip->wow_reason_reg[RTW89_WOW_REASON_V0];
737 
738 	reason = rtw89_read8(rtwdev, wow_reason_reg);
739 	switch (reason) {
740 	case RTW89_WOW_RSN_RX_DEAUTH:
741 		wakeup.disconnect = true;
742 		rtw89_debug(rtwdev, RTW89_DBG_WOW, "WOW: Rx deauth\n");
743 		break;
744 	case RTW89_WOW_RSN_DISCONNECT:
745 		wakeup.disconnect = true;
746 		rtw89_debug(rtwdev, RTW89_DBG_WOW, "WOW: AP is off\n");
747 		break;
748 	case RTW89_WOW_RSN_RX_MAGIC_PKT:
749 		wakeup.magic_pkt = true;
750 		rtw89_debug(rtwdev, RTW89_DBG_WOW, "WOW: Rx magic packet\n");
751 		break;
752 	case RTW89_WOW_RSN_RX_GTK_REKEY:
753 		wakeup.gtk_rekey_failure = true;
754 		rtw89_debug(rtwdev, RTW89_DBG_WOW, "WOW: Rx gtk rekey\n");
755 		break;
756 	case RTW89_WOW_RSN_RX_PATTERN_MATCH:
757 		wakeup.pattern_idx = aoac_rpt->pattern_idx;
758 		rtw89_debug(rtwdev, RTW89_DBG_WOW, "WOW: Rx pattern match packet\n");
759 		break;
760 	case RTW89_WOW_RSN_RX_NLO:
761 		/* Current firmware and driver don't report ssid index.
762 		 * Use 0 for n_matches based on its comment.
763 		 */
764 		nd_info.n_matches = 0;
765 		wakeup.net_detect = &nd_info;
766 		rtw89_debug(rtwdev, RTW89_DBG_WOW, "Rx NLO\n");
767 		break;
768 	default:
769 		rtw89_warn(rtwdev, "Unknown wakeup reason %x\n", reason);
770 		ieee80211_report_wowlan_wakeup(rtwdev->wow.wow_vif, NULL,
771 					       GFP_KERNEL);
772 		return;
773 	}
774 
775 	ieee80211_report_wowlan_wakeup(rtwdev->wow.wow_vif, &wakeup,
776 				       GFP_KERNEL);
777 }
778 
779 static void rtw89_wow_vif_iter(struct rtw89_dev *rtwdev, struct rtw89_vif *rtwvif)
780 {
781 	struct rtw89_wow_param *rtw_wow = &rtwdev->wow;
782 	struct ieee80211_vif *vif = rtwvif_to_vif(rtwvif);
783 
784 	/* Current wowlan function support setting of only one STATION vif.
785 	 * So when one suitable vif is found, stop the iteration.
786 	 */
787 	if (rtw_wow->wow_vif || vif->type != NL80211_IFTYPE_STATION)
788 		return;
789 
790 	switch (rtwvif->net_type) {
791 	case RTW89_NET_TYPE_INFRA:
792 		rtw_wow->wow_vif = vif;
793 		break;
794 	case RTW89_NET_TYPE_NO_LINK:
795 	default:
796 		break;
797 	}
798 }
799 
800 static u16 __rtw89_cal_crc16(u8 data, u16 crc)
801 {
802 	u8 shift_in, data_bit;
803 	u8 crc_bit4, crc_bit11, crc_bit15;
804 	u16 crc_result;
805 	int index;
806 
807 	for (index = 0; index < 8; index++) {
808 		crc_bit15 = crc & BIT(15) ? 1 : 0;
809 		data_bit = data & BIT(index) ? 1 : 0;
810 		shift_in = crc_bit15 ^ data_bit;
811 
812 		crc_result = crc << 1;
813 
814 		if (shift_in == 0)
815 			crc_result &= ~BIT(0);
816 		else
817 			crc_result |= BIT(0);
818 
819 		crc_bit11 = (crc & BIT(11) ? 1 : 0) ^ shift_in;
820 
821 		if (crc_bit11 == 0)
822 			crc_result &= ~BIT(12);
823 		else
824 			crc_result |= BIT(12);
825 
826 		crc_bit4 = (crc & BIT(4) ? 1 : 0) ^ shift_in;
827 
828 		if (crc_bit4 == 0)
829 			crc_result &= ~BIT(5);
830 		else
831 			crc_result |= BIT(5);
832 
833 		crc = crc_result;
834 	}
835 	return crc;
836 }
837 
838 static u16 rtw89_calc_crc(u8 *pdata, int length)
839 {
840 	u16 crc = 0xffff;
841 	int i;
842 
843 	for (i = 0; i < length; i++)
844 		crc = __rtw89_cal_crc16(pdata[i], crc);
845 
846 	/* get 1' complement */
847 	return ~crc;
848 }
849 
850 static int rtw89_wow_pattern_get_type(struct rtw89_vif *rtwvif,
851 				      struct rtw89_wow_cam_info *rtw_pattern,
852 				      const u8 *pattern, u8 da_mask)
853 {
854 	u8 da[ETH_ALEN];
855 
856 	ether_addr_copy_mask(da, pattern, da_mask);
857 
858 	/* Each pattern is divided into different kinds by DA address
859 	 *  a. DA is broadcast address: set bc = 0;
860 	 *  b. DA is multicast address: set mc = 0
861 	 *  c. DA is unicast address same as dev's mac address: set uc = 0
862 	 *  d. DA is unmasked. Also called wildcard type: set uc = bc = mc = 0
863 	 *  e. Others is invalid type.
864 	 */
865 
866 	if (is_broadcast_ether_addr(da))
867 		rtw_pattern->bc = true;
868 	else if (is_multicast_ether_addr(da))
869 		rtw_pattern->mc = true;
870 	else if (ether_addr_equal(da, rtwvif->mac_addr) &&
871 		 da_mask == GENMASK(5, 0))
872 		rtw_pattern->uc = true;
873 	else if (!da_mask) /*da_mask == 0 mean wildcard*/
874 		return 0;
875 	else
876 		return -EPERM;
877 
878 	return 0;
879 }
880 
881 static int rtw89_wow_pattern_generate(struct rtw89_dev *rtwdev,
882 				      struct rtw89_vif *rtwvif,
883 				      const struct cfg80211_pkt_pattern *pkt_pattern,
884 				      struct rtw89_wow_cam_info *rtw_pattern)
885 {
886 	u8 mask_hw[RTW89_MAX_PATTERN_MASK_SIZE * 4] = {0};
887 	u8 content[RTW89_MAX_PATTERN_SIZE] = {0};
888 	const u8 *mask;
889 	const u8 *pattern;
890 	u8 mask_len;
891 	u16 count;
892 	u32 len;
893 	int i, ret;
894 
895 	pattern = pkt_pattern->pattern;
896 	len = pkt_pattern->pattern_len;
897 	mask = pkt_pattern->mask;
898 	mask_len = DIV_ROUND_UP(len, 8);
899 	memset(rtw_pattern, 0, sizeof(*rtw_pattern));
900 
901 	ret = rtw89_wow_pattern_get_type(rtwvif, rtw_pattern, pattern,
902 					 mask[0] & GENMASK(5, 0));
903 	if (ret)
904 		return ret;
905 
906 	/* translate mask from os to mask for hw
907 	 * pattern from OS uses 'ethenet frame', like this:
908 	 * |    6   |    6   |   2  |     20    |  Variable  |  4  |
909 	 * |--------+--------+------+-----------+------------+-----|
910 	 * |    802.3 Mac Header    | IP Header | TCP Packet | FCS |
911 	 * |   DA   |   SA   | Type |
912 	 *
913 	 * BUT, packet catched by our HW is in '802.11 frame', begin from LLC
914 	 * |     24 or 30      |    6   |   2  |     20    |  Variable  |  4  |
915 	 * |-------------------+--------+------+-----------+------------+-----|
916 	 * | 802.11 MAC Header |       LLC     | IP Header | TCP Packet | FCS |
917 	 *		       | Others | Tpye |
918 	 *
919 	 * Therefore, we need translate mask_from_OS to mask_to_hw.
920 	 * We should left-shift mask by 6 bits, then set the new bit[0~5] = 0,
921 	 * because new mask[0~5] means 'SA', but our HW packet begins from LLC,
922 	 * bit[0~5] corresponds to first 6 Bytes in LLC, they just don't match.
923 	 */
924 
925 	/* Shift 6 bits */
926 	for (i = 0; i < mask_len - 1; i++) {
927 		mask_hw[i] = u8_get_bits(mask[i], GENMASK(7, 6)) |
928 			     u8_get_bits(mask[i + 1], GENMASK(5, 0)) << 2;
929 	}
930 	mask_hw[i] = u8_get_bits(mask[i], GENMASK(7, 6));
931 
932 	/* Set bit 0-5 to zero */
933 	mask_hw[0] &= ~GENMASK(5, 0);
934 
935 	memcpy(rtw_pattern->mask, mask_hw, sizeof(rtw_pattern->mask));
936 
937 	/* To get the wake up pattern from the mask.
938 	 * We do not count first 12 bits which means
939 	 * DA[6] and SA[6] in the pattern to match HW design.
940 	 */
941 	count = 0;
942 	for (i = 12; i < len; i++) {
943 		if ((mask[i / 8] >> (i % 8)) & 0x01) {
944 			content[count] = pattern[i];
945 			count++;
946 		}
947 	}
948 
949 	rtw_pattern->crc = rtw89_calc_crc(content, count);
950 
951 	return 0;
952 }
953 
954 static int rtw89_wow_parse_patterns(struct rtw89_dev *rtwdev,
955 				    struct rtw89_vif *rtwvif,
956 				    struct cfg80211_wowlan *wowlan)
957 {
958 	struct rtw89_wow_param *rtw_wow = &rtwdev->wow;
959 	struct rtw89_wow_cam_info *rtw_pattern = rtw_wow->patterns;
960 	int i;
961 	int ret;
962 
963 	if (!wowlan->n_patterns || !wowlan->patterns)
964 		return 0;
965 
966 	for (i = 0; i < wowlan->n_patterns; i++) {
967 		rtw_pattern = &rtw_wow->patterns[i];
968 		ret = rtw89_wow_pattern_generate(rtwdev, rtwvif,
969 						 &wowlan->patterns[i],
970 						 rtw_pattern);
971 		if (ret) {
972 			rtw89_err(rtwdev, "failed to generate pattern(%d)\n", i);
973 			rtw_wow->pattern_cnt = 0;
974 			return ret;
975 		}
976 
977 		rtw_pattern->r_w = true;
978 		rtw_pattern->idx = i;
979 		rtw_pattern->negative_pattern_match = false;
980 		rtw_pattern->skip_mac_hdr = true;
981 		rtw_pattern->valid = true;
982 	}
983 	rtw_wow->pattern_cnt = wowlan->n_patterns;
984 
985 	return 0;
986 }
987 
988 static void rtw89_wow_pattern_clear_cam(struct rtw89_dev *rtwdev)
989 {
990 	struct rtw89_wow_param *rtw_wow = &rtwdev->wow;
991 	struct rtw89_wow_cam_info *rtw_pattern = rtw_wow->patterns;
992 	int i = 0;
993 
994 	for (i = 0; i < rtw_wow->pattern_cnt; i++) {
995 		rtw_pattern = &rtw_wow->patterns[i];
996 		rtw_pattern->valid = false;
997 		rtw89_fw_wow_cam_update(rtwdev, rtw_pattern);
998 	}
999 }
1000 
1001 static void rtw89_wow_pattern_write(struct rtw89_dev *rtwdev)
1002 {
1003 	struct rtw89_wow_param *rtw_wow = &rtwdev->wow;
1004 	struct rtw89_wow_cam_info *rtw_pattern = rtw_wow->patterns;
1005 	int i;
1006 
1007 	for (i = 0; i < rtw_wow->pattern_cnt; i++)
1008 		rtw89_fw_wow_cam_update(rtwdev, rtw_pattern + i);
1009 }
1010 
1011 static void rtw89_wow_pattern_clear(struct rtw89_dev *rtwdev)
1012 {
1013 	struct rtw89_wow_param *rtw_wow = &rtwdev->wow;
1014 
1015 	rtw89_wow_pattern_clear_cam(rtwdev);
1016 
1017 	rtw_wow->pattern_cnt = 0;
1018 	memset(rtw_wow->patterns, 0, sizeof(rtw_wow->patterns));
1019 }
1020 
1021 static void rtw89_wow_clear_wakeups(struct rtw89_dev *rtwdev)
1022 {
1023 	struct rtw89_wow_param *rtw_wow = &rtwdev->wow;
1024 
1025 	rtw_wow->wow_vif = NULL;
1026 	rtw89_core_release_all_bits_map(rtw_wow->flags, RTW89_WOW_FLAG_NUM);
1027 	rtw_wow->pattern_cnt = 0;
1028 }
1029 
1030 static int rtw89_wow_set_wakeups(struct rtw89_dev *rtwdev,
1031 				 struct cfg80211_wowlan *wowlan)
1032 {
1033 	struct rtw89_wow_param *rtw_wow = &rtwdev->wow;
1034 	struct rtw89_vif *rtwvif;
1035 
1036 	if (wowlan->disconnect)
1037 		set_bit(RTW89_WOW_FLAG_EN_DISCONNECT, rtw_wow->flags);
1038 	if (wowlan->magic_pkt)
1039 		set_bit(RTW89_WOW_FLAG_EN_MAGIC_PKT, rtw_wow->flags);
1040 
1041 	rtw89_for_each_rtwvif(rtwdev, rtwvif)
1042 		rtw89_wow_vif_iter(rtwdev, rtwvif);
1043 
1044 	if (!rtw_wow->wow_vif)
1045 		return -EPERM;
1046 
1047 	rtwvif = (struct rtw89_vif *)rtw_wow->wow_vif->drv_priv;
1048 	return rtw89_wow_parse_patterns(rtwdev, rtwvif, wowlan);
1049 }
1050 
1051 static int rtw89_wow_cfg_wake(struct rtw89_dev *rtwdev, bool wow)
1052 {
1053 	struct rtw89_wow_param *rtw_wow = &rtwdev->wow;
1054 	struct ieee80211_vif *wow_vif = rtw_wow->wow_vif;
1055 	struct rtw89_vif *rtwvif = (struct rtw89_vif *)wow_vif->drv_priv;
1056 	struct ieee80211_sta *wow_sta;
1057 	struct rtw89_sta *rtwsta = NULL;
1058 	int ret;
1059 
1060 	wow_sta = ieee80211_find_sta(wow_vif, rtwvif->bssid);
1061 	if (wow_sta)
1062 		rtwsta = (struct rtw89_sta *)wow_sta->drv_priv;
1063 
1064 	if (wow) {
1065 		if (rtw_wow->pattern_cnt)
1066 			rtwvif->wowlan_pattern = true;
1067 		if (test_bit(RTW89_WOW_FLAG_EN_MAGIC_PKT, rtw_wow->flags))
1068 			rtwvif->wowlan_magic = true;
1069 	} else {
1070 		rtwvif->wowlan_pattern = false;
1071 		rtwvif->wowlan_magic = false;
1072 	}
1073 
1074 	ret = rtw89_fw_h2c_wow_wakeup_ctrl(rtwdev, rtwvif, wow);
1075 	if (ret) {
1076 		rtw89_err(rtwdev, "failed to fw wow wakeup ctrl\n");
1077 		return ret;
1078 	}
1079 
1080 	if (wow) {
1081 		ret = rtw89_chip_h2c_dctl_sec_cam(rtwdev, rtwvif, rtwsta);
1082 		if (ret) {
1083 			rtw89_err(rtwdev, "failed to update dctl cam sec entry: %d\n",
1084 				  ret);
1085 			return ret;
1086 		}
1087 	}
1088 
1089 	ret = rtw89_fw_h2c_cam(rtwdev, rtwvif, rtwsta, NULL);
1090 	if (ret) {
1091 		rtw89_warn(rtwdev, "failed to send h2c cam\n");
1092 		return ret;
1093 	}
1094 
1095 	ret = rtw89_fw_h2c_wow_global(rtwdev, rtwvif, wow);
1096 	if (ret) {
1097 		rtw89_err(rtwdev, "failed to fw wow global\n");
1098 		return ret;
1099 	}
1100 
1101 	return 0;
1102 }
1103 
1104 static int rtw89_wow_check_fw_status(struct rtw89_dev *rtwdev, bool wow_enable)
1105 {
1106 	const struct rtw89_mac_gen_def *mac = rtwdev->chip->mac_def;
1107 	u8 polling;
1108 	int ret;
1109 
1110 	ret = read_poll_timeout_atomic(rtw89_read8_mask, polling,
1111 				       wow_enable == !!polling,
1112 				       50, 50000, false, rtwdev,
1113 				       mac->wow_ctrl.addr, mac->wow_ctrl.mask);
1114 	if (ret)
1115 		rtw89_err(rtwdev, "failed to check wow status %s\n",
1116 			  wow_enable ? "enabled" : "disabled");
1117 	return ret;
1118 }
1119 
1120 static int rtw89_wow_swap_fw(struct rtw89_dev *rtwdev, bool wow)
1121 {
1122 	enum rtw89_fw_type fw_type = wow ? RTW89_FW_WOWLAN : RTW89_FW_NORMAL;
1123 	enum rtw89_chip_gen chip_gen = rtwdev->chip->chip_gen;
1124 	struct rtw89_wow_param *rtw_wow = &rtwdev->wow;
1125 	struct ieee80211_vif *wow_vif = rtw_wow->wow_vif;
1126 	struct rtw89_vif *rtwvif = (struct rtw89_vif *)wow_vif->drv_priv;
1127 	enum rtw89_core_chip_id chip_id = rtwdev->chip->chip_id;
1128 	const struct rtw89_chip_info *chip = rtwdev->chip;
1129 	bool include_bb = !!chip->bbmcu_nr;
1130 	bool disable_intr_for_dlfw = false;
1131 	struct ieee80211_sta *wow_sta;
1132 	struct rtw89_sta *rtwsta = NULL;
1133 	bool is_conn = true;
1134 	int ret;
1135 
1136 	if (chip_id == RTL8852C || chip_id == RTL8922A)
1137 		disable_intr_for_dlfw = true;
1138 
1139 	wow_sta = ieee80211_find_sta(wow_vif, rtwvif->bssid);
1140 	if (wow_sta)
1141 		rtwsta = (struct rtw89_sta *)wow_sta->drv_priv;
1142 	else
1143 		is_conn = false;
1144 
1145 	if (disable_intr_for_dlfw)
1146 		rtw89_hci_disable_intr(rtwdev);
1147 
1148 	ret = rtw89_fw_download(rtwdev, fw_type, include_bb);
1149 	if (ret) {
1150 		rtw89_warn(rtwdev, "download fw failed\n");
1151 		return ret;
1152 	}
1153 
1154 	if (disable_intr_for_dlfw)
1155 		rtw89_hci_enable_intr(rtwdev);
1156 
1157 	rtw89_phy_init_rf_reg(rtwdev, true);
1158 
1159 	ret = rtw89_fw_h2c_role_maintain(rtwdev, rtwvif, rtwsta,
1160 					 RTW89_ROLE_FW_RESTORE);
1161 	if (ret) {
1162 		rtw89_warn(rtwdev, "failed to send h2c role maintain\n");
1163 		return ret;
1164 	}
1165 
1166 	ret = rtw89_chip_h2c_assoc_cmac_tbl(rtwdev, wow_vif, wow_sta);
1167 	if (ret) {
1168 		rtw89_warn(rtwdev, "failed to send h2c assoc cmac tbl\n");
1169 		return ret;
1170 	}
1171 
1172 	if (!is_conn)
1173 		rtw89_cam_reset_keys(rtwdev);
1174 
1175 	ret = rtw89_fw_h2c_join_info(rtwdev, rtwvif, rtwsta, !is_conn);
1176 	if (ret) {
1177 		rtw89_warn(rtwdev, "failed to send h2c join info\n");
1178 		return ret;
1179 	}
1180 
1181 	ret = rtw89_fw_h2c_cam(rtwdev, rtwvif, rtwsta, NULL);
1182 	if (ret) {
1183 		rtw89_warn(rtwdev, "failed to send h2c cam\n");
1184 		return ret;
1185 	}
1186 
1187 	if (is_conn) {
1188 		ret = rtw89_fw_h2c_general_pkt(rtwdev, rtwvif, rtwsta->mac_id);
1189 		if (ret) {
1190 			rtw89_warn(rtwdev, "failed to send h2c general packet\n");
1191 			return ret;
1192 		}
1193 		rtw89_phy_ra_assoc(rtwdev, wow_sta);
1194 		rtw89_phy_set_bss_color(rtwdev, wow_vif);
1195 		rtw89_chip_cfg_txpwr_ul_tb_offset(rtwdev, wow_vif);
1196 	}
1197 
1198 	if (chip_gen == RTW89_CHIP_BE)
1199 		rtw89_phy_rfk_pre_ntfy_and_wait(rtwdev, RTW89_PHY_0, 5);
1200 
1201 	rtw89_mac_hw_mgnt_sec(rtwdev, wow);
1202 
1203 	return 0;
1204 }
1205 
1206 static int rtw89_wow_enable_trx_pre(struct rtw89_dev *rtwdev)
1207 {
1208 	int ret;
1209 
1210 	rtw89_hci_ctrl_txdma_ch(rtwdev, false);
1211 	rtw89_hci_ctrl_txdma_fw_ch(rtwdev, true);
1212 
1213 	rtw89_mac_ptk_drop_by_band_and_wait(rtwdev, RTW89_MAC_0);
1214 
1215 	ret = rtw89_hci_poll_txdma_ch_idle(rtwdev);
1216 	if (ret) {
1217 		rtw89_err(rtwdev, "txdma ch busy\n");
1218 		return ret;
1219 	}
1220 	rtw89_wow_set_rx_filter(rtwdev, true);
1221 
1222 	ret = rtw89_mac_cfg_ppdu_status(rtwdev, RTW89_MAC_0, false);
1223 	if (ret) {
1224 		rtw89_err(rtwdev, "cfg ppdu status\n");
1225 		return ret;
1226 	}
1227 
1228 	return 0;
1229 }
1230 
1231 static int rtw89_wow_enable_trx_post(struct rtw89_dev *rtwdev)
1232 {
1233 	int ret;
1234 
1235 	rtw89_hci_disable_intr(rtwdev);
1236 	rtw89_hci_ctrl_trxhci(rtwdev, false);
1237 
1238 	ret = rtw89_hci_poll_txdma_ch_idle(rtwdev);
1239 	if (ret) {
1240 		rtw89_err(rtwdev, "failed to poll txdma ch idle pcie\n");
1241 		return ret;
1242 	}
1243 
1244 	ret = rtw89_wow_config_mac(rtwdev, true);
1245 	if (ret) {
1246 		rtw89_err(rtwdev, "failed to config mac\n");
1247 		return ret;
1248 	}
1249 
1250 	rtw89_wow_set_rx_filter(rtwdev, false);
1251 	rtw89_hci_reset(rtwdev);
1252 
1253 	return 0;
1254 }
1255 
1256 static int rtw89_wow_disable_trx_pre(struct rtw89_dev *rtwdev)
1257 {
1258 	int ret;
1259 
1260 	rtw89_hci_clr_idx_all(rtwdev);
1261 
1262 	ret = rtw89_hci_rst_bdram(rtwdev);
1263 	if (ret) {
1264 		rtw89_warn(rtwdev, "reset bdram busy\n");
1265 		return ret;
1266 	}
1267 
1268 	rtw89_hci_ctrl_trxhci(rtwdev, true);
1269 	rtw89_hci_ctrl_txdma_ch(rtwdev, true);
1270 
1271 	ret = rtw89_wow_config_mac(rtwdev, false);
1272 	if (ret) {
1273 		rtw89_err(rtwdev, "failed to config mac\n");
1274 		return ret;
1275 	}
1276 
1277 	/* Before enabling interrupt, we need to get AOAC report by reg due to RX
1278 	 * not enabled yet. Also, we need to sync RX related IV from firmware to
1279 	 * mac80211 before receiving RX packets from driver.
1280 	 * After enabling interrupt, we can get AOAC report from h2c and c2h, and
1281 	 * can get TX IV and complete rekey info. We need to update TX related IV
1282 	 * and new GTK info if rekey happened.
1283 	 */
1284 	ret = rtw89_wow_get_aoac_rpt(rtwdev, false);
1285 	if (!ret)
1286 		rtw89_wow_update_key_info(rtwdev, false);
1287 
1288 	rtw89_hci_enable_intr(rtwdev);
1289 	ret = rtw89_wow_get_aoac_rpt(rtwdev, true);
1290 	if (!ret)
1291 		rtw89_wow_update_key_info(rtwdev, true);
1292 
1293 	return 0;
1294 }
1295 
1296 static int rtw89_wow_disable_trx_post(struct rtw89_dev *rtwdev)
1297 {
1298 	struct rtw89_wow_param *rtw_wow = &rtwdev->wow;
1299 	struct ieee80211_vif *vif = rtw_wow->wow_vif;
1300 	int ret;
1301 
1302 	ret = rtw89_mac_cfg_ppdu_status(rtwdev, RTW89_MAC_0, true);
1303 	if (ret)
1304 		rtw89_err(rtwdev, "cfg ppdu status\n");
1305 
1306 	rtw89_fw_h2c_set_bcn_fltr_cfg(rtwdev, vif, true);
1307 
1308 	return ret;
1309 }
1310 
1311 static int rtw89_wow_fw_start(struct rtw89_dev *rtwdev)
1312 {
1313 	struct rtw89_wow_param *rtw_wow = &rtwdev->wow;
1314 	struct rtw89_vif *rtwvif = (struct rtw89_vif *)rtw_wow->wow_vif->drv_priv;
1315 	int ret;
1316 
1317 	rtw89_wow_pattern_write(rtwdev);
1318 	rtw89_wow_construct_key_info(rtwdev);
1319 
1320 	ret = rtw89_fw_h2c_keep_alive(rtwdev, rtwvif, true);
1321 	if (ret) {
1322 		rtw89_err(rtwdev, "wow: failed to enable keep alive\n");
1323 		return ret;
1324 	}
1325 
1326 	ret = rtw89_fw_h2c_disconnect_detect(rtwdev, rtwvif, true);
1327 	if (ret) {
1328 		rtw89_err(rtwdev, "wow: failed to enable disconnect detect\n");
1329 		goto out;
1330 	}
1331 
1332 	ret = rtw89_fw_h2c_wow_gtk_ofld(rtwdev, rtwvif, true);
1333 	if (ret) {
1334 		rtw89_err(rtwdev, "wow: failed to enable GTK offload\n");
1335 		goto out;
1336 	}
1337 
1338 	ret = rtw89_fw_h2c_arp_offload(rtwdev, rtwvif, true);
1339 	if (ret)
1340 		rtw89_warn(rtwdev, "wow: failed to enable arp offload\n");
1341 
1342 	ret = rtw89_wow_cfg_wake(rtwdev, true);
1343 	if (ret) {
1344 		rtw89_err(rtwdev, "wow: failed to config wake\n");
1345 		goto out;
1346 	}
1347 
1348 	ret = rtw89_wow_check_fw_status(rtwdev, true);
1349 	if (ret) {
1350 		rtw89_err(rtwdev, "wow: failed to check enable fw ready\n");
1351 		goto out;
1352 	}
1353 
1354 out:
1355 	return ret;
1356 }
1357 
1358 static int rtw89_wow_fw_stop(struct rtw89_dev *rtwdev)
1359 {
1360 	struct rtw89_wow_param *rtw_wow = &rtwdev->wow;
1361 	struct rtw89_vif *rtwvif = (struct rtw89_vif *)rtw_wow->wow_vif->drv_priv;
1362 	int ret;
1363 
1364 	rtw89_wow_pattern_clear(rtwdev);
1365 
1366 	ret = rtw89_fw_h2c_keep_alive(rtwdev, rtwvif, false);
1367 	if (ret) {
1368 		rtw89_err(rtwdev, "wow: failed to disable keep alive\n");
1369 		goto out;
1370 	}
1371 
1372 	ret = rtw89_fw_h2c_disconnect_detect(rtwdev, rtwvif, false);
1373 	if (ret) {
1374 		rtw89_err(rtwdev, "wow: failed to disable disconnect detect\n");
1375 		goto out;
1376 	}
1377 
1378 	ret = rtw89_fw_h2c_wow_gtk_ofld(rtwdev, rtwvif, false);
1379 	if (ret) {
1380 		rtw89_err(rtwdev, "wow: failed to disable GTK offload\n");
1381 		goto out;
1382 	}
1383 
1384 	ret = rtw89_fw_h2c_arp_offload(rtwdev, rtwvif, false);
1385 	if (ret)
1386 		rtw89_warn(rtwdev, "wow: failed to disable arp offload\n");
1387 
1388 	rtw89_wow_key_clear(rtwdev);
1389 	rtw89_fw_release_general_pkt_list(rtwdev, true);
1390 
1391 	ret = rtw89_wow_cfg_wake(rtwdev, false);
1392 	if (ret) {
1393 		rtw89_err(rtwdev, "wow: failed to disable config wake\n");
1394 		goto out;
1395 	}
1396 
1397 	ret = rtw89_wow_check_fw_status(rtwdev, false);
1398 	if (ret) {
1399 		rtw89_err(rtwdev, "wow: failed to check disable fw ready\n");
1400 		goto out;
1401 	}
1402 
1403 out:
1404 	return ret;
1405 }
1406 
1407 static int rtw89_wow_enable(struct rtw89_dev *rtwdev)
1408 {
1409 	int ret;
1410 
1411 	set_bit(RTW89_FLAG_WOWLAN, rtwdev->flags);
1412 
1413 	ret = rtw89_wow_enable_trx_pre(rtwdev);
1414 	if (ret) {
1415 		rtw89_err(rtwdev, "wow: failed to enable trx_pre\n");
1416 		goto out;
1417 	}
1418 
1419 	rtw89_fw_release_general_pkt_list(rtwdev, true);
1420 
1421 	ret = rtw89_wow_swap_fw(rtwdev, true);
1422 	if (ret) {
1423 		rtw89_err(rtwdev, "wow: failed to swap to wow fw\n");
1424 		goto out;
1425 	}
1426 
1427 	ret = rtw89_wow_fw_start(rtwdev);
1428 	if (ret) {
1429 		rtw89_err(rtwdev, "wow: failed to let wow fw start\n");
1430 		goto out;
1431 	}
1432 
1433 	rtw89_wow_enter_lps(rtwdev);
1434 
1435 	ret = rtw89_wow_enable_trx_post(rtwdev);
1436 	if (ret) {
1437 		rtw89_err(rtwdev, "wow: failed to enable trx_post\n");
1438 		goto out;
1439 	}
1440 
1441 	return 0;
1442 
1443 out:
1444 	clear_bit(RTW89_FLAG_WOWLAN, rtwdev->flags);
1445 	return ret;
1446 }
1447 
1448 static int rtw89_wow_disable(struct rtw89_dev *rtwdev)
1449 {
1450 	int ret;
1451 
1452 	ret = rtw89_wow_disable_trx_pre(rtwdev);
1453 	if (ret) {
1454 		rtw89_err(rtwdev, "wow: failed to disable trx_pre\n");
1455 		goto out;
1456 	}
1457 
1458 	rtw89_wow_leave_lps(rtwdev);
1459 
1460 	ret = rtw89_wow_fw_stop(rtwdev);
1461 	if (ret) {
1462 		rtw89_err(rtwdev, "wow: failed to swap to normal fw\n");
1463 		goto out;
1464 	}
1465 
1466 	ret = rtw89_wow_swap_fw(rtwdev, false);
1467 	if (ret) {
1468 		rtw89_err(rtwdev, "wow: failed to disable trx_post\n");
1469 		goto out;
1470 	}
1471 
1472 	ret = rtw89_wow_disable_trx_post(rtwdev);
1473 	if (ret) {
1474 		rtw89_err(rtwdev, "wow: failed to disable trx_pre\n");
1475 		goto out;
1476 	}
1477 
1478 out:
1479 	clear_bit(RTW89_FLAG_WOWLAN, rtwdev->flags);
1480 	return ret;
1481 }
1482 
1483 int rtw89_wow_resume(struct rtw89_dev *rtwdev)
1484 {
1485 	int ret;
1486 
1487 	if (!test_bit(RTW89_FLAG_WOWLAN, rtwdev->flags)) {
1488 		rtw89_err(rtwdev, "wow is not enabled\n");
1489 		ret = -EPERM;
1490 		goto out;
1491 	}
1492 
1493 	if (!rtw89_mac_get_power_state(rtwdev)) {
1494 		rtw89_err(rtwdev, "chip is no power when resume\n");
1495 		ret = -EPERM;
1496 		goto out;
1497 	}
1498 
1499 	rtw89_wow_leave_deep_ps(rtwdev);
1500 
1501 	rtw89_wow_show_wakeup_reason(rtwdev);
1502 
1503 	ret = rtw89_wow_disable(rtwdev);
1504 	if (ret)
1505 		rtw89_err(rtwdev, "failed to disable wow\n");
1506 
1507 out:
1508 	rtw89_wow_clear_wakeups(rtwdev);
1509 	return ret;
1510 }
1511 
1512 int rtw89_wow_suspend(struct rtw89_dev *rtwdev, struct cfg80211_wowlan *wowlan)
1513 {
1514 	int ret;
1515 
1516 	ret = rtw89_wow_set_wakeups(rtwdev, wowlan);
1517 	if (ret) {
1518 		rtw89_err(rtwdev, "failed to set wakeup event\n");
1519 		return ret;
1520 	}
1521 
1522 	rtw89_wow_leave_lps(rtwdev);
1523 
1524 	ret = rtw89_wow_enable(rtwdev);
1525 	if (ret) {
1526 		rtw89_err(rtwdev, "failed to enable wow\n");
1527 		return ret;
1528 	}
1529 
1530 	rtw89_wow_enter_deep_ps(rtwdev);
1531 
1532 	return 0;
1533 }
1534