xref: /linux/drivers/net/wireless/intel/iwlwifi/dvm/lib.c (revision 0883c2c06fb5bcf5b9e008270827e63c09a88c1e)
1 /******************************************************************************
2  *
3  * GPL LICENSE SUMMARY
4  *
5  * Copyright(c) 2008 - 2014 Intel Corporation. All rights reserved.
6  *
7  * This program is free software; you can redistribute it and/or modify
8  * it under the terms of version 2 of the GNU General Public License as
9  * published by the Free Software Foundation.
10  *
11  * This program is distributed in the hope that it will be useful, but
12  * WITHOUT ANY WARRANTY; without even the implied warranty of
13  * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU
14  * General Public License for more details.
15  *
16  * You should have received a copy of the GNU General Public License
17  * along with this program; if not, write to the Free Software
18  * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110,
19  * USA
20  *
21  * The full GNU General Public License is included in this distribution
22  * in the file called COPYING.
23  *
24  * Contact Information:
25  *  Intel Linux Wireless <linuxwifi@intel.com>
26  * Intel Corporation, 5200 N.E. Elam Young Parkway, Hillsboro, OR 97124-6497
27  *
28  *****************************************************************************/
29 #include <linux/etherdevice.h>
30 #include <linux/kernel.h>
31 #include <linux/module.h>
32 #include <linux/sched.h>
33 #include <net/mac80211.h>
34 
35 #include "iwl-io.h"
36 #include "iwl-agn-hw.h"
37 #include "iwl-trans.h"
38 #include "iwl-modparams.h"
39 
40 #include "dev.h"
41 #include "agn.h"
42 
43 int iwlagn_hw_valid_rtc_data_addr(u32 addr)
44 {
45 	return (addr >= IWLAGN_RTC_DATA_LOWER_BOUND) &&
46 		(addr < IWLAGN_RTC_DATA_UPPER_BOUND);
47 }
48 
49 int iwlagn_send_tx_power(struct iwl_priv *priv)
50 {
51 	struct iwlagn_tx_power_dbm_cmd tx_power_cmd;
52 	u8 tx_ant_cfg_cmd;
53 
54 	if (WARN_ONCE(test_bit(STATUS_SCAN_HW, &priv->status),
55 		      "TX Power requested while scanning!\n"))
56 		return -EAGAIN;
57 
58 	/* half dBm need to multiply */
59 	tx_power_cmd.global_lmt = (s8)(2 * priv->tx_power_user_lmt);
60 
61 	if (tx_power_cmd.global_lmt > priv->nvm_data->max_tx_pwr_half_dbm) {
62 		/*
63 		 * For the newer devices which using enhanced/extend tx power
64 		 * table in EEPROM, the format is in half dBm. driver need to
65 		 * convert to dBm format before report to mac80211.
66 		 * By doing so, there is a possibility of 1/2 dBm resolution
67 		 * lost. driver will perform "round-up" operation before
68 		 * reporting, but it will cause 1/2 dBm tx power over the
69 		 * regulatory limit. Perform the checking here, if the
70 		 * "tx_power_user_lmt" is higher than EEPROM value (in
71 		 * half-dBm format), lower the tx power based on EEPROM
72 		 */
73 		tx_power_cmd.global_lmt =
74 			priv->nvm_data->max_tx_pwr_half_dbm;
75 	}
76 	tx_power_cmd.flags = IWLAGN_TX_POWER_NO_CLOSED;
77 	tx_power_cmd.srv_chan_lmt = IWLAGN_TX_POWER_AUTO;
78 
79 	if (IWL_UCODE_API(priv->fw->ucode_ver) == 1)
80 		tx_ant_cfg_cmd = REPLY_TX_POWER_DBM_CMD_V1;
81 	else
82 		tx_ant_cfg_cmd = REPLY_TX_POWER_DBM_CMD;
83 
84 	return iwl_dvm_send_cmd_pdu(priv, tx_ant_cfg_cmd, 0,
85 			sizeof(tx_power_cmd), &tx_power_cmd);
86 }
87 
88 void iwlagn_temperature(struct iwl_priv *priv)
89 {
90 	lockdep_assert_held(&priv->statistics.lock);
91 
92 	/* store temperature from correct statistics (in Celsius) */
93 	priv->temperature = le32_to_cpu(priv->statistics.common.temperature);
94 	iwl_tt_handler(priv);
95 }
96 
97 int iwlagn_hwrate_to_mac80211_idx(u32 rate_n_flags, enum nl80211_band band)
98 {
99 	int idx = 0;
100 	int band_offset = 0;
101 
102 	/* HT rate format: mac80211 wants an MCS number, which is just LSB */
103 	if (rate_n_flags & RATE_MCS_HT_MSK) {
104 		idx = (rate_n_flags & 0xff);
105 		return idx;
106 	/* Legacy rate format, search for match in table */
107 	} else {
108 		if (band == NL80211_BAND_5GHZ)
109 			band_offset = IWL_FIRST_OFDM_RATE;
110 		for (idx = band_offset; idx < IWL_RATE_COUNT_LEGACY; idx++)
111 			if (iwl_rates[idx].plcp == (rate_n_flags & 0xFF))
112 				return idx - band_offset;
113 	}
114 
115 	return -1;
116 }
117 
118 int iwlagn_manage_ibss_station(struct iwl_priv *priv,
119 			       struct ieee80211_vif *vif, bool add)
120 {
121 	struct iwl_vif_priv *vif_priv = (void *)vif->drv_priv;
122 
123 	if (add)
124 		return iwlagn_add_bssid_station(priv, vif_priv->ctx,
125 						vif->bss_conf.bssid,
126 						&vif_priv->ibss_bssid_sta_id);
127 	return iwl_remove_station(priv, vif_priv->ibss_bssid_sta_id,
128 				  vif->bss_conf.bssid);
129 }
130 
131 /**
132  * iwlagn_txfifo_flush: send REPLY_TXFIFO_FLUSH command to uCode
133  *
134  * pre-requirements:
135  *  1. acquire mutex before calling
136  *  2. make sure rf is on and not in exit state
137  */
138 int iwlagn_txfifo_flush(struct iwl_priv *priv, u32 scd_q_msk)
139 {
140 	struct iwl_txfifo_flush_cmd_v3 flush_cmd_v3 = {
141 		.flush_control = cpu_to_le16(IWL_DROP_ALL),
142 	};
143 	struct iwl_txfifo_flush_cmd_v2 flush_cmd_v2 = {
144 		.flush_control = cpu_to_le16(IWL_DROP_ALL),
145 	};
146 
147 	u32 queue_control = IWL_SCD_VO_MSK | IWL_SCD_VI_MSK |
148 			    IWL_SCD_BE_MSK | IWL_SCD_BK_MSK | IWL_SCD_MGMT_MSK;
149 
150 	if ((priv->valid_contexts != BIT(IWL_RXON_CTX_BSS)))
151 		queue_control |= IWL_PAN_SCD_VO_MSK | IWL_PAN_SCD_VI_MSK |
152 				 IWL_PAN_SCD_BE_MSK | IWL_PAN_SCD_BK_MSK |
153 				 IWL_PAN_SCD_MGMT_MSK |
154 				 IWL_PAN_SCD_MULTICAST_MSK;
155 
156 	if (priv->nvm_data->sku_cap_11n_enable)
157 		queue_control |= IWL_AGG_TX_QUEUE_MSK;
158 
159 	if (scd_q_msk)
160 		queue_control = scd_q_msk;
161 
162 	IWL_DEBUG_INFO(priv, "queue control: 0x%x\n", queue_control);
163 	flush_cmd_v3.queue_control = cpu_to_le32(queue_control);
164 	flush_cmd_v2.queue_control = cpu_to_le16((u16)queue_control);
165 
166 	if (IWL_UCODE_API(priv->fw->ucode_ver) > 2)
167 		return iwl_dvm_send_cmd_pdu(priv, REPLY_TXFIFO_FLUSH, 0,
168 					    sizeof(flush_cmd_v3),
169 					    &flush_cmd_v3);
170 	return iwl_dvm_send_cmd_pdu(priv, REPLY_TXFIFO_FLUSH, 0,
171 				    sizeof(flush_cmd_v2), &flush_cmd_v2);
172 }
173 
174 void iwlagn_dev_txfifo_flush(struct iwl_priv *priv)
175 {
176 	mutex_lock(&priv->mutex);
177 	ieee80211_stop_queues(priv->hw);
178 	if (iwlagn_txfifo_flush(priv, 0)) {
179 		IWL_ERR(priv, "flush request fail\n");
180 		goto done;
181 	}
182 	IWL_DEBUG_INFO(priv, "wait transmit/flush all frames\n");
183 	iwl_trans_wait_tx_queue_empty(priv->trans, 0xffffffff);
184 done:
185 	ieee80211_wake_queues(priv->hw);
186 	mutex_unlock(&priv->mutex);
187 }
188 
189 /*
190  * BT coex
191  */
192 /* Notmal TDM */
193 static const __le32 iwlagn_def_3w_lookup[IWLAGN_BT_DECISION_LUT_SIZE] = {
194 	cpu_to_le32(0xaaaaaaaa),
195 	cpu_to_le32(0xaaaaaaaa),
196 	cpu_to_le32(0xaeaaaaaa),
197 	cpu_to_le32(0xaaaaaaaa),
198 	cpu_to_le32(0xcc00ff28),
199 	cpu_to_le32(0x0000aaaa),
200 	cpu_to_le32(0xcc00aaaa),
201 	cpu_to_le32(0x0000aaaa),
202 	cpu_to_le32(0xc0004000),
203 	cpu_to_le32(0x00004000),
204 	cpu_to_le32(0xf0005000),
205 	cpu_to_le32(0xf0005000),
206 };
207 
208 
209 /* Loose Coex */
210 static const __le32 iwlagn_loose_lookup[IWLAGN_BT_DECISION_LUT_SIZE] = {
211 	cpu_to_le32(0xaaaaaaaa),
212 	cpu_to_le32(0xaaaaaaaa),
213 	cpu_to_le32(0xaeaaaaaa),
214 	cpu_to_le32(0xaaaaaaaa),
215 	cpu_to_le32(0xcc00ff28),
216 	cpu_to_le32(0x0000aaaa),
217 	cpu_to_le32(0xcc00aaaa),
218 	cpu_to_le32(0x0000aaaa),
219 	cpu_to_le32(0x00000000),
220 	cpu_to_le32(0x00000000),
221 	cpu_to_le32(0xf0005000),
222 	cpu_to_le32(0xf0005000),
223 };
224 
225 /* Full concurrency */
226 static const __le32 iwlagn_concurrent_lookup[IWLAGN_BT_DECISION_LUT_SIZE] = {
227 	cpu_to_le32(0xaaaaaaaa),
228 	cpu_to_le32(0xaaaaaaaa),
229 	cpu_to_le32(0xaaaaaaaa),
230 	cpu_to_le32(0xaaaaaaaa),
231 	cpu_to_le32(0xaaaaaaaa),
232 	cpu_to_le32(0xaaaaaaaa),
233 	cpu_to_le32(0xaaaaaaaa),
234 	cpu_to_le32(0xaaaaaaaa),
235 	cpu_to_le32(0x00000000),
236 	cpu_to_le32(0x00000000),
237 	cpu_to_le32(0x00000000),
238 	cpu_to_le32(0x00000000),
239 };
240 
241 void iwlagn_send_advance_bt_config(struct iwl_priv *priv)
242 {
243 	struct iwl_basic_bt_cmd basic = {
244 		.max_kill = IWLAGN_BT_MAX_KILL_DEFAULT,
245 		.bt3_timer_t7_value = IWLAGN_BT3_T7_DEFAULT,
246 		.bt3_prio_sample_time = IWLAGN_BT3_PRIO_SAMPLE_DEFAULT,
247 		.bt3_timer_t2_value = IWLAGN_BT3_T2_DEFAULT,
248 	};
249 	struct iwl_bt_cmd_v1 bt_cmd_v1;
250 	struct iwl_bt_cmd_v2 bt_cmd_v2;
251 	int ret;
252 
253 	BUILD_BUG_ON(sizeof(iwlagn_def_3w_lookup) !=
254 			sizeof(basic.bt3_lookup_table));
255 
256 	if (priv->lib->bt_params) {
257 		/*
258 		 * newer generation of devices (2000 series and newer)
259 		 * use the version 2 of the bt command
260 		 * we need to make sure sending the host command
261 		 * with correct data structure to avoid uCode assert
262 		 */
263 		if (priv->lib->bt_params->bt_session_2) {
264 			bt_cmd_v2.prio_boost = cpu_to_le32(
265 				priv->lib->bt_params->bt_prio_boost);
266 			bt_cmd_v2.tx_prio_boost = 0;
267 			bt_cmd_v2.rx_prio_boost = 0;
268 		} else {
269 			/* older version only has 8 bits */
270 			WARN_ON(priv->lib->bt_params->bt_prio_boost & ~0xFF);
271 			bt_cmd_v1.prio_boost =
272 				priv->lib->bt_params->bt_prio_boost;
273 			bt_cmd_v1.tx_prio_boost = 0;
274 			bt_cmd_v1.rx_prio_boost = 0;
275 		}
276 	} else {
277 		IWL_ERR(priv, "failed to construct BT Coex Config\n");
278 		return;
279 	}
280 
281 	/*
282 	 * Possible situations when BT needs to take over for receive,
283 	 * at the same time where STA needs to response to AP's frame(s),
284 	 * reduce the tx power of the required response frames, by that,
285 	 * allow the concurrent BT receive & WiFi transmit
286 	 * (BT - ANT A, WiFi -ANT B), without interference to one another
287 	 *
288 	 * Reduced tx power apply to control frames only (ACK/Back/CTS)
289 	 * when indicated by the BT config command
290 	 */
291 	basic.kill_ack_mask = priv->kill_ack_mask;
292 	basic.kill_cts_mask = priv->kill_cts_mask;
293 	if (priv->reduced_txpower)
294 		basic.reduce_txpower = IWLAGN_BT_REDUCED_TX_PWR;
295 	basic.valid = priv->bt_valid;
296 
297 	/*
298 	 * Configure BT coex mode to "no coexistence" when the
299 	 * user disabled BT coexistence, we have no interface
300 	 * (might be in monitor mode), or the interface is in
301 	 * IBSS mode (no proper uCode support for coex then).
302 	 */
303 	if (!iwlwifi_mod_params.bt_coex_active ||
304 	    priv->iw_mode == NL80211_IFTYPE_ADHOC) {
305 		basic.flags = IWLAGN_BT_FLAG_COEX_MODE_DISABLED;
306 	} else {
307 		basic.flags = IWLAGN_BT_FLAG_COEX_MODE_3W <<
308 					IWLAGN_BT_FLAG_COEX_MODE_SHIFT;
309 
310 		if (!priv->bt_enable_pspoll)
311 			basic.flags |= IWLAGN_BT_FLAG_SYNC_2_BT_DISABLE;
312 		else
313 			basic.flags &= ~IWLAGN_BT_FLAG_SYNC_2_BT_DISABLE;
314 
315 		if (priv->bt_ch_announce)
316 			basic.flags |= IWLAGN_BT_FLAG_CHANNEL_INHIBITION;
317 		IWL_DEBUG_COEX(priv, "BT coex flag: 0X%x\n", basic.flags);
318 	}
319 	priv->bt_enable_flag = basic.flags;
320 	if (priv->bt_full_concurrent)
321 		memcpy(basic.bt3_lookup_table, iwlagn_concurrent_lookup,
322 			sizeof(iwlagn_concurrent_lookup));
323 	else
324 		memcpy(basic.bt3_lookup_table, iwlagn_def_3w_lookup,
325 			sizeof(iwlagn_def_3w_lookup));
326 
327 	IWL_DEBUG_COEX(priv, "BT coex %s in %s mode\n",
328 		       basic.flags ? "active" : "disabled",
329 		       priv->bt_full_concurrent ?
330 		       "full concurrency" : "3-wire");
331 
332 	if (priv->lib->bt_params->bt_session_2) {
333 		memcpy(&bt_cmd_v2.basic, &basic,
334 			sizeof(basic));
335 		ret = iwl_dvm_send_cmd_pdu(priv, REPLY_BT_CONFIG,
336 			0, sizeof(bt_cmd_v2), &bt_cmd_v2);
337 	} else {
338 		memcpy(&bt_cmd_v1.basic, &basic,
339 			sizeof(basic));
340 		ret = iwl_dvm_send_cmd_pdu(priv, REPLY_BT_CONFIG,
341 			0, sizeof(bt_cmd_v1), &bt_cmd_v1);
342 	}
343 	if (ret)
344 		IWL_ERR(priv, "failed to send BT Coex Config\n");
345 
346 }
347 
348 void iwlagn_bt_adjust_rssi_monitor(struct iwl_priv *priv, bool rssi_ena)
349 {
350 	struct iwl_rxon_context *ctx, *found_ctx = NULL;
351 	bool found_ap = false;
352 
353 	lockdep_assert_held(&priv->mutex);
354 
355 	/* Check whether AP or GO mode is active. */
356 	if (rssi_ena) {
357 		for_each_context(priv, ctx) {
358 			if (ctx->vif && ctx->vif->type == NL80211_IFTYPE_AP &&
359 			    iwl_is_associated_ctx(ctx)) {
360 				found_ap = true;
361 				break;
362 			}
363 		}
364 	}
365 
366 	/*
367 	 * If disable was received or If GO/AP mode, disable RSSI
368 	 * measurements.
369 	 */
370 	if (!rssi_ena || found_ap) {
371 		if (priv->cur_rssi_ctx) {
372 			ctx = priv->cur_rssi_ctx;
373 			ieee80211_disable_rssi_reports(ctx->vif);
374 			priv->cur_rssi_ctx = NULL;
375 		}
376 		return;
377 	}
378 
379 	/*
380 	 * If rssi measurements need to be enabled, consider all cases now.
381 	 * Figure out how many contexts are active.
382 	 */
383 	for_each_context(priv, ctx) {
384 		if (ctx->vif && ctx->vif->type == NL80211_IFTYPE_STATION &&
385 		    iwl_is_associated_ctx(ctx)) {
386 			found_ctx = ctx;
387 			break;
388 		}
389 	}
390 
391 	/*
392 	 * rssi monitor already enabled for the correct interface...nothing
393 	 * to do.
394 	 */
395 	if (found_ctx == priv->cur_rssi_ctx)
396 		return;
397 
398 	/*
399 	 * Figure out if rssi monitor is currently enabled, and needs
400 	 * to be changed. If rssi monitor is already enabled, disable
401 	 * it first else just enable rssi measurements on the
402 	 * interface found above.
403 	 */
404 	if (priv->cur_rssi_ctx) {
405 		ctx = priv->cur_rssi_ctx;
406 		if (ctx->vif)
407 			ieee80211_disable_rssi_reports(ctx->vif);
408 	}
409 
410 	priv->cur_rssi_ctx = found_ctx;
411 
412 	if (!found_ctx)
413 		return;
414 
415 	ieee80211_enable_rssi_reports(found_ctx->vif,
416 			IWLAGN_BT_PSP_MIN_RSSI_THRESHOLD,
417 			IWLAGN_BT_PSP_MAX_RSSI_THRESHOLD);
418 }
419 
420 static bool iwlagn_bt_traffic_is_sco(struct iwl_bt_uart_msg *uart_msg)
421 {
422 	return (BT_UART_MSG_FRAME3SCOESCO_MSK & uart_msg->frame3) >>
423 		BT_UART_MSG_FRAME3SCOESCO_POS;
424 }
425 
426 static void iwlagn_bt_traffic_change_work(struct work_struct *work)
427 {
428 	struct iwl_priv *priv =
429 		container_of(work, struct iwl_priv, bt_traffic_change_work);
430 	struct iwl_rxon_context *ctx;
431 	int smps_request = -1;
432 
433 	if (priv->bt_enable_flag == IWLAGN_BT_FLAG_COEX_MODE_DISABLED) {
434 		/* bt coex disabled */
435 		return;
436 	}
437 
438 	/*
439 	 * Note: bt_traffic_load can be overridden by scan complete and
440 	 * coex profile notifications. Ignore that since only bad consequence
441 	 * can be not matching debug print with actual state.
442 	 */
443 	IWL_DEBUG_COEX(priv, "BT traffic load changes: %d\n",
444 		       priv->bt_traffic_load);
445 
446 	switch (priv->bt_traffic_load) {
447 	case IWL_BT_COEX_TRAFFIC_LOAD_NONE:
448 		if (priv->bt_status)
449 			smps_request = IEEE80211_SMPS_DYNAMIC;
450 		else
451 			smps_request = IEEE80211_SMPS_AUTOMATIC;
452 		break;
453 	case IWL_BT_COEX_TRAFFIC_LOAD_LOW:
454 		smps_request = IEEE80211_SMPS_DYNAMIC;
455 		break;
456 	case IWL_BT_COEX_TRAFFIC_LOAD_HIGH:
457 	case IWL_BT_COEX_TRAFFIC_LOAD_CONTINUOUS:
458 		smps_request = IEEE80211_SMPS_STATIC;
459 		break;
460 	default:
461 		IWL_ERR(priv, "Invalid BT traffic load: %d\n",
462 			priv->bt_traffic_load);
463 		break;
464 	}
465 
466 	mutex_lock(&priv->mutex);
467 
468 	/*
469 	 * We can not send command to firmware while scanning. When the scan
470 	 * complete we will schedule this work again. We do check with mutex
471 	 * locked to prevent new scan request to arrive. We do not check
472 	 * STATUS_SCANNING to avoid race when queue_work two times from
473 	 * different notifications, but quit and not perform any work at all.
474 	 */
475 	if (test_bit(STATUS_SCAN_HW, &priv->status))
476 		goto out;
477 
478 	iwl_update_chain_flags(priv);
479 
480 	if (smps_request != -1) {
481 		priv->current_ht_config.smps = smps_request;
482 		for_each_context(priv, ctx) {
483 			if (ctx->vif && ctx->vif->type == NL80211_IFTYPE_STATION)
484 				ieee80211_request_smps(ctx->vif, smps_request);
485 		}
486 	}
487 
488 	/*
489 	 * Dynamic PS poll related functionality. Adjust RSSI measurements if
490 	 * necessary.
491 	 */
492 	iwlagn_bt_coex_rssi_monitor(priv);
493 out:
494 	mutex_unlock(&priv->mutex);
495 }
496 
497 /*
498  * If BT sco traffic, and RSSI monitor is enabled, move measurements to the
499  * correct interface or disable it if this is the last interface to be
500  * removed.
501  */
502 void iwlagn_bt_coex_rssi_monitor(struct iwl_priv *priv)
503 {
504 	if (priv->bt_is_sco &&
505 	    priv->bt_traffic_load == IWL_BT_COEX_TRAFFIC_LOAD_CONTINUOUS)
506 		iwlagn_bt_adjust_rssi_monitor(priv, true);
507 	else
508 		iwlagn_bt_adjust_rssi_monitor(priv, false);
509 }
510 
511 static void iwlagn_print_uartmsg(struct iwl_priv *priv,
512 				struct iwl_bt_uart_msg *uart_msg)
513 {
514 	IWL_DEBUG_COEX(priv, "Message Type = 0x%X, SSN = 0x%X, "
515 			"Update Req = 0x%X\n",
516 		(BT_UART_MSG_FRAME1MSGTYPE_MSK & uart_msg->frame1) >>
517 			BT_UART_MSG_FRAME1MSGTYPE_POS,
518 		(BT_UART_MSG_FRAME1SSN_MSK & uart_msg->frame1) >>
519 			BT_UART_MSG_FRAME1SSN_POS,
520 		(BT_UART_MSG_FRAME1UPDATEREQ_MSK & uart_msg->frame1) >>
521 			BT_UART_MSG_FRAME1UPDATEREQ_POS);
522 
523 	IWL_DEBUG_COEX(priv, "Open connections = 0x%X, Traffic load = 0x%X, "
524 			"Chl_SeqN = 0x%X, In band = 0x%X\n",
525 		(BT_UART_MSG_FRAME2OPENCONNECTIONS_MSK & uart_msg->frame2) >>
526 			BT_UART_MSG_FRAME2OPENCONNECTIONS_POS,
527 		(BT_UART_MSG_FRAME2TRAFFICLOAD_MSK & uart_msg->frame2) >>
528 			BT_UART_MSG_FRAME2TRAFFICLOAD_POS,
529 		(BT_UART_MSG_FRAME2CHLSEQN_MSK & uart_msg->frame2) >>
530 			BT_UART_MSG_FRAME2CHLSEQN_POS,
531 		(BT_UART_MSG_FRAME2INBAND_MSK & uart_msg->frame2) >>
532 			BT_UART_MSG_FRAME2INBAND_POS);
533 
534 	IWL_DEBUG_COEX(priv, "SCO/eSCO = 0x%X, Sniff = 0x%X, A2DP = 0x%X, "
535 			"ACL = 0x%X, Master = 0x%X, OBEX = 0x%X\n",
536 		(BT_UART_MSG_FRAME3SCOESCO_MSK & uart_msg->frame3) >>
537 			BT_UART_MSG_FRAME3SCOESCO_POS,
538 		(BT_UART_MSG_FRAME3SNIFF_MSK & uart_msg->frame3) >>
539 			BT_UART_MSG_FRAME3SNIFF_POS,
540 		(BT_UART_MSG_FRAME3A2DP_MSK & uart_msg->frame3) >>
541 			BT_UART_MSG_FRAME3A2DP_POS,
542 		(BT_UART_MSG_FRAME3ACL_MSK & uart_msg->frame3) >>
543 			BT_UART_MSG_FRAME3ACL_POS,
544 		(BT_UART_MSG_FRAME3MASTER_MSK & uart_msg->frame3) >>
545 			BT_UART_MSG_FRAME3MASTER_POS,
546 		(BT_UART_MSG_FRAME3OBEX_MSK & uart_msg->frame3) >>
547 			BT_UART_MSG_FRAME3OBEX_POS);
548 
549 	IWL_DEBUG_COEX(priv, "Idle duration = 0x%X\n",
550 		(BT_UART_MSG_FRAME4IDLEDURATION_MSK & uart_msg->frame4) >>
551 			BT_UART_MSG_FRAME4IDLEDURATION_POS);
552 
553 	IWL_DEBUG_COEX(priv, "Tx Activity = 0x%X, Rx Activity = 0x%X, "
554 			"eSCO Retransmissions = 0x%X\n",
555 		(BT_UART_MSG_FRAME5TXACTIVITY_MSK & uart_msg->frame5) >>
556 			BT_UART_MSG_FRAME5TXACTIVITY_POS,
557 		(BT_UART_MSG_FRAME5RXACTIVITY_MSK & uart_msg->frame5) >>
558 			BT_UART_MSG_FRAME5RXACTIVITY_POS,
559 		(BT_UART_MSG_FRAME5ESCORETRANSMIT_MSK & uart_msg->frame5) >>
560 			BT_UART_MSG_FRAME5ESCORETRANSMIT_POS);
561 
562 	IWL_DEBUG_COEX(priv, "Sniff Interval = 0x%X, Discoverable = 0x%X\n",
563 		(BT_UART_MSG_FRAME6SNIFFINTERVAL_MSK & uart_msg->frame6) >>
564 			BT_UART_MSG_FRAME6SNIFFINTERVAL_POS,
565 		(BT_UART_MSG_FRAME6DISCOVERABLE_MSK & uart_msg->frame6) >>
566 			BT_UART_MSG_FRAME6DISCOVERABLE_POS);
567 
568 	IWL_DEBUG_COEX(priv, "Sniff Activity = 0x%X, Page = "
569 			"0x%X, Inquiry = 0x%X, Connectable = 0x%X\n",
570 		(BT_UART_MSG_FRAME7SNIFFACTIVITY_MSK & uart_msg->frame7) >>
571 			BT_UART_MSG_FRAME7SNIFFACTIVITY_POS,
572 		(BT_UART_MSG_FRAME7PAGE_MSK & uart_msg->frame7) >>
573 			BT_UART_MSG_FRAME7PAGE_POS,
574 		(BT_UART_MSG_FRAME7INQUIRY_MSK & uart_msg->frame7) >>
575 			BT_UART_MSG_FRAME7INQUIRY_POS,
576 		(BT_UART_MSG_FRAME7CONNECTABLE_MSK & uart_msg->frame7) >>
577 			BT_UART_MSG_FRAME7CONNECTABLE_POS);
578 }
579 
580 static bool iwlagn_set_kill_msk(struct iwl_priv *priv,
581 				struct iwl_bt_uart_msg *uart_msg)
582 {
583 	bool need_update = false;
584 	u8 kill_msk = IWL_BT_KILL_REDUCE;
585 	static const __le32 bt_kill_ack_msg[3] = {
586 		IWLAGN_BT_KILL_ACK_MASK_DEFAULT,
587 		IWLAGN_BT_KILL_ACK_CTS_MASK_SCO,
588 		IWLAGN_BT_KILL_ACK_CTS_MASK_REDUCE};
589 	static const __le32 bt_kill_cts_msg[3] = {
590 		IWLAGN_BT_KILL_CTS_MASK_DEFAULT,
591 		IWLAGN_BT_KILL_ACK_CTS_MASK_SCO,
592 		IWLAGN_BT_KILL_ACK_CTS_MASK_REDUCE};
593 
594 	if (!priv->reduced_txpower)
595 		kill_msk = (BT_UART_MSG_FRAME3SCOESCO_MSK & uart_msg->frame3)
596 			? IWL_BT_KILL_OVERRIDE : IWL_BT_KILL_DEFAULT;
597 	if (priv->kill_ack_mask != bt_kill_ack_msg[kill_msk] ||
598 	    priv->kill_cts_mask != bt_kill_cts_msg[kill_msk]) {
599 		priv->bt_valid |= IWLAGN_BT_VALID_KILL_ACK_MASK;
600 		priv->kill_ack_mask = bt_kill_ack_msg[kill_msk];
601 		priv->bt_valid |= IWLAGN_BT_VALID_KILL_CTS_MASK;
602 		priv->kill_cts_mask = bt_kill_cts_msg[kill_msk];
603 		need_update = true;
604 	}
605 	return need_update;
606 }
607 
608 /*
609  * Upon RSSI changes, sends a bt config command with following changes
610  *  1. enable/disable "reduced control frames tx power
611  *  2. update the "kill)ack_mask" and "kill_cts_mask"
612  *
613  * If "reduced tx power" is enabled, uCode shall
614  *  1. ACK/Back/CTS rate shall reduced to 6Mbps
615  *  2. not use duplciate 20/40MHz mode
616  */
617 static bool iwlagn_fill_txpower_mode(struct iwl_priv *priv,
618 				struct iwl_bt_uart_msg *uart_msg)
619 {
620 	bool need_update = false;
621 	struct iwl_rxon_context *ctx = &priv->contexts[IWL_RXON_CTX_BSS];
622 	int ave_rssi;
623 
624 	if (!ctx->vif || (ctx->vif->type != NL80211_IFTYPE_STATION)) {
625 		IWL_DEBUG_INFO(priv, "BSS ctx not active or not in sta mode\n");
626 		return false;
627 	}
628 
629 	ave_rssi = ieee80211_ave_rssi(ctx->vif);
630 	if (!ave_rssi) {
631 		/* no rssi data, no changes to reduce tx power */
632 		IWL_DEBUG_COEX(priv, "no rssi data available\n");
633 		return need_update;
634 	}
635 	if (!priv->reduced_txpower &&
636 	    !iwl_is_associated(priv, IWL_RXON_CTX_PAN) &&
637 	    (ave_rssi > BT_ENABLE_REDUCED_TXPOWER_THRESHOLD) &&
638 	    (uart_msg->frame3 & (BT_UART_MSG_FRAME3ACL_MSK |
639 	    BT_UART_MSG_FRAME3OBEX_MSK)) &&
640 	    !(uart_msg->frame3 & (BT_UART_MSG_FRAME3SCOESCO_MSK |
641 	    BT_UART_MSG_FRAME3SNIFF_MSK | BT_UART_MSG_FRAME3A2DP_MSK))) {
642 		/* enabling reduced tx power */
643 		priv->reduced_txpower = true;
644 		priv->bt_valid |= IWLAGN_BT_VALID_REDUCED_TX_PWR;
645 		need_update = true;
646 	} else if (priv->reduced_txpower &&
647 		   (iwl_is_associated(priv, IWL_RXON_CTX_PAN) ||
648 		   (ave_rssi < BT_DISABLE_REDUCED_TXPOWER_THRESHOLD) ||
649 		   (uart_msg->frame3 & (BT_UART_MSG_FRAME3SCOESCO_MSK |
650 		   BT_UART_MSG_FRAME3SNIFF_MSK | BT_UART_MSG_FRAME3A2DP_MSK)) ||
651 		   !(uart_msg->frame3 & (BT_UART_MSG_FRAME3ACL_MSK |
652 		   BT_UART_MSG_FRAME3OBEX_MSK)))) {
653 		/* disable reduced tx power */
654 		priv->reduced_txpower = false;
655 		priv->bt_valid |= IWLAGN_BT_VALID_REDUCED_TX_PWR;
656 		need_update = true;
657 	}
658 
659 	return need_update;
660 }
661 
662 static void iwlagn_bt_coex_profile_notif(struct iwl_priv *priv,
663 					 struct iwl_rx_cmd_buffer *rxb)
664 {
665 	struct iwl_rx_packet *pkt = rxb_addr(rxb);
666 	struct iwl_bt_coex_profile_notif *coex = (void *)pkt->data;
667 	struct iwl_bt_uart_msg *uart_msg = &coex->last_bt_uart_msg;
668 
669 	if (priv->bt_enable_flag == IWLAGN_BT_FLAG_COEX_MODE_DISABLED) {
670 		/* bt coex disabled */
671 		return;
672 	}
673 
674 	IWL_DEBUG_COEX(priv, "BT Coex notification:\n");
675 	IWL_DEBUG_COEX(priv, "    status: %d\n", coex->bt_status);
676 	IWL_DEBUG_COEX(priv, "    traffic load: %d\n", coex->bt_traffic_load);
677 	IWL_DEBUG_COEX(priv, "    CI compliance: %d\n",
678 			coex->bt_ci_compliance);
679 	iwlagn_print_uartmsg(priv, uart_msg);
680 
681 	priv->last_bt_traffic_load = priv->bt_traffic_load;
682 	priv->bt_is_sco = iwlagn_bt_traffic_is_sco(uart_msg);
683 
684 	if (priv->iw_mode != NL80211_IFTYPE_ADHOC) {
685 		if (priv->bt_status != coex->bt_status ||
686 		    priv->last_bt_traffic_load != coex->bt_traffic_load) {
687 			if (coex->bt_status) {
688 				/* BT on */
689 				if (!priv->bt_ch_announce)
690 					priv->bt_traffic_load =
691 						IWL_BT_COEX_TRAFFIC_LOAD_HIGH;
692 				else
693 					priv->bt_traffic_load =
694 						coex->bt_traffic_load;
695 			} else {
696 				/* BT off */
697 				priv->bt_traffic_load =
698 					IWL_BT_COEX_TRAFFIC_LOAD_NONE;
699 			}
700 			priv->bt_status = coex->bt_status;
701 			queue_work(priv->workqueue,
702 				   &priv->bt_traffic_change_work);
703 		}
704 	}
705 
706 	/* schedule to send runtime bt_config */
707 	/* check reduce power before change ack/cts kill mask */
708 	if (iwlagn_fill_txpower_mode(priv, uart_msg) ||
709 	    iwlagn_set_kill_msk(priv, uart_msg))
710 		queue_work(priv->workqueue, &priv->bt_runtime_config);
711 
712 
713 	/* FIXME: based on notification, adjust the prio_boost */
714 
715 	priv->bt_ci_compliance = coex->bt_ci_compliance;
716 }
717 
718 void iwlagn_bt_rx_handler_setup(struct iwl_priv *priv)
719 {
720 	priv->rx_handlers[REPLY_BT_COEX_PROFILE_NOTIF] =
721 		iwlagn_bt_coex_profile_notif;
722 }
723 
724 void iwlagn_bt_setup_deferred_work(struct iwl_priv *priv)
725 {
726 	INIT_WORK(&priv->bt_traffic_change_work,
727 		  iwlagn_bt_traffic_change_work);
728 }
729 
730 void iwlagn_bt_cancel_deferred_work(struct iwl_priv *priv)
731 {
732 	cancel_work_sync(&priv->bt_traffic_change_work);
733 }
734 
735 static bool is_single_rx_stream(struct iwl_priv *priv)
736 {
737 	return priv->current_ht_config.smps == IEEE80211_SMPS_STATIC ||
738 	       priv->current_ht_config.single_chain_sufficient;
739 }
740 
741 #define IWL_NUM_RX_CHAINS_MULTIPLE	3
742 #define IWL_NUM_RX_CHAINS_SINGLE	2
743 #define IWL_NUM_IDLE_CHAINS_DUAL	2
744 #define IWL_NUM_IDLE_CHAINS_SINGLE	1
745 
746 /*
747  * Determine how many receiver/antenna chains to use.
748  *
749  * More provides better reception via diversity.  Fewer saves power
750  * at the expense of throughput, but only when not in powersave to
751  * start with.
752  *
753  * MIMO (dual stream) requires at least 2, but works better with 3.
754  * This does not determine *which* chains to use, just how many.
755  */
756 static int iwl_get_active_rx_chain_count(struct iwl_priv *priv)
757 {
758 	if (priv->lib->bt_params &&
759 	    priv->lib->bt_params->advanced_bt_coexist &&
760 	    (priv->bt_full_concurrent ||
761 	     priv->bt_traffic_load >= IWL_BT_COEX_TRAFFIC_LOAD_HIGH)) {
762 		/*
763 		 * only use chain 'A' in bt high traffic load or
764 		 * full concurrency mode
765 		 */
766 		return IWL_NUM_RX_CHAINS_SINGLE;
767 	}
768 	/* # of Rx chains to use when expecting MIMO. */
769 	if (is_single_rx_stream(priv))
770 		return IWL_NUM_RX_CHAINS_SINGLE;
771 	else
772 		return IWL_NUM_RX_CHAINS_MULTIPLE;
773 }
774 
775 /*
776  * When we are in power saving mode, unless device support spatial
777  * multiplexing power save, use the active count for rx chain count.
778  */
779 static int iwl_get_idle_rx_chain_count(struct iwl_priv *priv, int active_cnt)
780 {
781 	/* # Rx chains when idling, depending on SMPS mode */
782 	switch (priv->current_ht_config.smps) {
783 	case IEEE80211_SMPS_STATIC:
784 	case IEEE80211_SMPS_DYNAMIC:
785 		return IWL_NUM_IDLE_CHAINS_SINGLE;
786 	case IEEE80211_SMPS_AUTOMATIC:
787 	case IEEE80211_SMPS_OFF:
788 		return active_cnt;
789 	default:
790 		WARN(1, "invalid SMPS mode %d",
791 		     priv->current_ht_config.smps);
792 		return active_cnt;
793 	}
794 }
795 
796 /* up to 4 chains */
797 static u8 iwl_count_chain_bitmap(u32 chain_bitmap)
798 {
799 	u8 res;
800 	res = (chain_bitmap & BIT(0)) >> 0;
801 	res += (chain_bitmap & BIT(1)) >> 1;
802 	res += (chain_bitmap & BIT(2)) >> 2;
803 	res += (chain_bitmap & BIT(3)) >> 3;
804 	return res;
805 }
806 
807 /**
808  * iwlagn_set_rxon_chain - Set up Rx chain usage in "staging" RXON image
809  *
810  * Selects how many and which Rx receivers/antennas/chains to use.
811  * This should not be used for scan command ... it puts data in wrong place.
812  */
813 void iwlagn_set_rxon_chain(struct iwl_priv *priv, struct iwl_rxon_context *ctx)
814 {
815 	bool is_single = is_single_rx_stream(priv);
816 	bool is_cam = !test_bit(STATUS_POWER_PMI, &priv->status);
817 	u8 idle_rx_cnt, active_rx_cnt, valid_rx_cnt;
818 	u32 active_chains;
819 	u16 rx_chain;
820 
821 	/* Tell uCode which antennas are actually connected.
822 	 * Before first association, we assume all antennas are connected.
823 	 * Just after first association, iwl_chain_noise_calibration()
824 	 *    checks which antennas actually *are* connected. */
825 	if (priv->chain_noise_data.active_chains)
826 		active_chains = priv->chain_noise_data.active_chains;
827 	else
828 		active_chains = priv->nvm_data->valid_rx_ant;
829 
830 	if (priv->lib->bt_params &&
831 	    priv->lib->bt_params->advanced_bt_coexist &&
832 	    (priv->bt_full_concurrent ||
833 	     priv->bt_traffic_load >= IWL_BT_COEX_TRAFFIC_LOAD_HIGH)) {
834 		/*
835 		 * only use chain 'A' in bt high traffic load or
836 		 * full concurrency mode
837 		 */
838 		active_chains = first_antenna(active_chains);
839 	}
840 
841 	rx_chain = active_chains << RXON_RX_CHAIN_VALID_POS;
842 
843 	/* How many receivers should we use? */
844 	active_rx_cnt = iwl_get_active_rx_chain_count(priv);
845 	idle_rx_cnt = iwl_get_idle_rx_chain_count(priv, active_rx_cnt);
846 
847 
848 	/* correct rx chain count according hw settings
849 	 * and chain noise calibration
850 	 */
851 	valid_rx_cnt = iwl_count_chain_bitmap(active_chains);
852 	if (valid_rx_cnt < active_rx_cnt)
853 		active_rx_cnt = valid_rx_cnt;
854 
855 	if (valid_rx_cnt < idle_rx_cnt)
856 		idle_rx_cnt = valid_rx_cnt;
857 
858 	rx_chain |= active_rx_cnt << RXON_RX_CHAIN_MIMO_CNT_POS;
859 	rx_chain |= idle_rx_cnt  << RXON_RX_CHAIN_CNT_POS;
860 
861 	ctx->staging.rx_chain = cpu_to_le16(rx_chain);
862 
863 	if (!is_single && (active_rx_cnt >= IWL_NUM_RX_CHAINS_SINGLE) && is_cam)
864 		ctx->staging.rx_chain |= RXON_RX_CHAIN_MIMO_FORCE_MSK;
865 	else
866 		ctx->staging.rx_chain &= ~RXON_RX_CHAIN_MIMO_FORCE_MSK;
867 
868 	IWL_DEBUG_ASSOC(priv, "rx_chain=0x%X active=%d idle=%d\n",
869 			ctx->staging.rx_chain,
870 			active_rx_cnt, idle_rx_cnt);
871 
872 	WARN_ON(active_rx_cnt == 0 || idle_rx_cnt == 0 ||
873 		active_rx_cnt < idle_rx_cnt);
874 }
875 
876 u8 iwl_toggle_tx_ant(struct iwl_priv *priv, u8 ant, u8 valid)
877 {
878 	int i;
879 	u8 ind = ant;
880 
881 	if (priv->band == NL80211_BAND_2GHZ &&
882 	    priv->bt_traffic_load >= IWL_BT_COEX_TRAFFIC_LOAD_HIGH)
883 		return 0;
884 
885 	for (i = 0; i < RATE_ANT_NUM - 1; i++) {
886 		ind = (ind + 1) < RATE_ANT_NUM ?  ind + 1 : 0;
887 		if (valid & BIT(ind))
888 			return ind;
889 	}
890 	return ant;
891 }
892 
893 #ifdef CONFIG_PM_SLEEP
894 static void iwlagn_convert_p1k(u16 *p1k, __le16 *out)
895 {
896 	int i;
897 
898 	for (i = 0; i < IWLAGN_P1K_SIZE; i++)
899 		out[i] = cpu_to_le16(p1k[i]);
900 }
901 
902 struct wowlan_key_data {
903 	struct iwl_rxon_context *ctx;
904 	struct iwlagn_wowlan_rsc_tsc_params_cmd *rsc_tsc;
905 	struct iwlagn_wowlan_tkip_params_cmd *tkip;
906 	const u8 *bssid;
907 	bool error, use_rsc_tsc, use_tkip;
908 };
909 
910 
911 static void iwlagn_wowlan_program_keys(struct ieee80211_hw *hw,
912 			       struct ieee80211_vif *vif,
913 			       struct ieee80211_sta *sta,
914 			       struct ieee80211_key_conf *key,
915 			       void *_data)
916 {
917 	struct iwl_priv *priv = IWL_MAC80211_GET_DVM(hw);
918 	struct wowlan_key_data *data = _data;
919 	struct iwl_rxon_context *ctx = data->ctx;
920 	struct aes_sc *aes_sc, *aes_tx_sc = NULL;
921 	struct tkip_sc *tkip_sc, *tkip_tx_sc = NULL;
922 	struct iwlagn_p1k_cache *rx_p1ks;
923 	u8 *rx_mic_key;
924 	struct ieee80211_key_seq seq;
925 	u32 cur_rx_iv32 = 0;
926 	u16 p1k[IWLAGN_P1K_SIZE];
927 	int ret, i;
928 
929 	mutex_lock(&priv->mutex);
930 
931 	if ((key->cipher == WLAN_CIPHER_SUITE_WEP40 ||
932 	     key->cipher == WLAN_CIPHER_SUITE_WEP104) &&
933 	     !sta && !ctx->key_mapping_keys)
934 		ret = iwl_set_default_wep_key(priv, ctx, key);
935 	else
936 		ret = iwl_set_dynamic_key(priv, ctx, key, sta);
937 
938 	if (ret) {
939 		IWL_ERR(priv, "Error setting key during suspend!\n");
940 		data->error = true;
941 	}
942 
943 	switch (key->cipher) {
944 	case WLAN_CIPHER_SUITE_TKIP:
945 		if (sta) {
946 			u64 pn64;
947 
948 			tkip_sc = data->rsc_tsc->all_tsc_rsc.tkip.unicast_rsc;
949 			tkip_tx_sc = &data->rsc_tsc->all_tsc_rsc.tkip.tsc;
950 
951 			rx_p1ks = data->tkip->rx_uni;
952 
953 			pn64 = atomic64_read(&key->tx_pn);
954 			tkip_tx_sc->iv16 = cpu_to_le16(TKIP_PN_TO_IV16(pn64));
955 			tkip_tx_sc->iv32 = cpu_to_le32(TKIP_PN_TO_IV32(pn64));
956 
957 			ieee80211_get_tkip_p1k_iv(key, seq.tkip.iv32, p1k);
958 			iwlagn_convert_p1k(p1k, data->tkip->tx.p1k);
959 
960 			memcpy(data->tkip->mic_keys.tx,
961 			       &key->key[NL80211_TKIP_DATA_OFFSET_TX_MIC_KEY],
962 			       IWLAGN_MIC_KEY_SIZE);
963 
964 			rx_mic_key = data->tkip->mic_keys.rx_unicast;
965 		} else {
966 			tkip_sc =
967 				data->rsc_tsc->all_tsc_rsc.tkip.multicast_rsc;
968 			rx_p1ks = data->tkip->rx_multi;
969 			rx_mic_key = data->tkip->mic_keys.rx_mcast;
970 		}
971 
972 		/*
973 		 * For non-QoS this relies on the fact that both the uCode and
974 		 * mac80211 use TID 0 (as they need to to avoid replay attacks)
975 		 * for checking the IV in the frames.
976 		 */
977 		for (i = 0; i < IWLAGN_NUM_RSC; i++) {
978 			ieee80211_get_key_rx_seq(key, i, &seq);
979 			tkip_sc[i].iv16 = cpu_to_le16(seq.tkip.iv16);
980 			tkip_sc[i].iv32 = cpu_to_le32(seq.tkip.iv32);
981 			/* wrapping isn't allowed, AP must rekey */
982 			if (seq.tkip.iv32 > cur_rx_iv32)
983 				cur_rx_iv32 = seq.tkip.iv32;
984 		}
985 
986 		ieee80211_get_tkip_rx_p1k(key, data->bssid, cur_rx_iv32, p1k);
987 		iwlagn_convert_p1k(p1k, rx_p1ks[0].p1k);
988 		ieee80211_get_tkip_rx_p1k(key, data->bssid,
989 					  cur_rx_iv32 + 1, p1k);
990 		iwlagn_convert_p1k(p1k, rx_p1ks[1].p1k);
991 
992 		memcpy(rx_mic_key,
993 		       &key->key[NL80211_TKIP_DATA_OFFSET_RX_MIC_KEY],
994 		       IWLAGN_MIC_KEY_SIZE);
995 
996 		data->use_tkip = true;
997 		data->use_rsc_tsc = true;
998 		break;
999 	case WLAN_CIPHER_SUITE_CCMP:
1000 		if (sta) {
1001 			u64 pn64;
1002 
1003 			aes_sc = data->rsc_tsc->all_tsc_rsc.aes.unicast_rsc;
1004 			aes_tx_sc = &data->rsc_tsc->all_tsc_rsc.aes.tsc;
1005 
1006 			pn64 = atomic64_read(&key->tx_pn);
1007 			aes_tx_sc->pn = cpu_to_le64(pn64);
1008 		} else
1009 			aes_sc = data->rsc_tsc->all_tsc_rsc.aes.multicast_rsc;
1010 
1011 		/*
1012 		 * For non-QoS this relies on the fact that both the uCode and
1013 		 * mac80211 use TID 0 for checking the IV in the frames.
1014 		 */
1015 		for (i = 0; i < IWLAGN_NUM_RSC; i++) {
1016 			u8 *pn = seq.ccmp.pn;
1017 
1018 			ieee80211_get_key_rx_seq(key, i, &seq);
1019 			aes_sc[i].pn = cpu_to_le64(
1020 					(u64)pn[5] |
1021 					((u64)pn[4] << 8) |
1022 					((u64)pn[3] << 16) |
1023 					((u64)pn[2] << 24) |
1024 					((u64)pn[1] << 32) |
1025 					((u64)pn[0] << 40));
1026 		}
1027 		data->use_rsc_tsc = true;
1028 		break;
1029 	}
1030 
1031 	mutex_unlock(&priv->mutex);
1032 }
1033 
1034 int iwlagn_send_patterns(struct iwl_priv *priv,
1035 			struct cfg80211_wowlan *wowlan)
1036 {
1037 	struct iwlagn_wowlan_patterns_cmd *pattern_cmd;
1038 	struct iwl_host_cmd cmd = {
1039 		.id = REPLY_WOWLAN_PATTERNS,
1040 		.dataflags[0] = IWL_HCMD_DFL_NOCOPY,
1041 	};
1042 	int i, err;
1043 
1044 	if (!wowlan->n_patterns)
1045 		return 0;
1046 
1047 	cmd.len[0] = sizeof(*pattern_cmd) +
1048 		wowlan->n_patterns * sizeof(struct iwlagn_wowlan_pattern);
1049 
1050 	pattern_cmd = kmalloc(cmd.len[0], GFP_KERNEL);
1051 	if (!pattern_cmd)
1052 		return -ENOMEM;
1053 
1054 	pattern_cmd->n_patterns = cpu_to_le32(wowlan->n_patterns);
1055 
1056 	for (i = 0; i < wowlan->n_patterns; i++) {
1057 		int mask_len = DIV_ROUND_UP(wowlan->patterns[i].pattern_len, 8);
1058 
1059 		memcpy(&pattern_cmd->patterns[i].mask,
1060 			wowlan->patterns[i].mask, mask_len);
1061 		memcpy(&pattern_cmd->patterns[i].pattern,
1062 			wowlan->patterns[i].pattern,
1063 			wowlan->patterns[i].pattern_len);
1064 		pattern_cmd->patterns[i].mask_size = mask_len;
1065 		pattern_cmd->patterns[i].pattern_size =
1066 			wowlan->patterns[i].pattern_len;
1067 	}
1068 
1069 	cmd.data[0] = pattern_cmd;
1070 	err = iwl_dvm_send_cmd(priv, &cmd);
1071 	kfree(pattern_cmd);
1072 	return err;
1073 }
1074 
1075 int iwlagn_suspend(struct iwl_priv *priv, struct cfg80211_wowlan *wowlan)
1076 {
1077 	struct iwlagn_wowlan_wakeup_filter_cmd wakeup_filter_cmd;
1078 	struct iwl_rxon_cmd rxon;
1079 	struct iwl_rxon_context *ctx = &priv->contexts[IWL_RXON_CTX_BSS];
1080 	struct iwlagn_wowlan_kek_kck_material_cmd kek_kck_cmd;
1081 	struct iwlagn_wowlan_tkip_params_cmd tkip_cmd = {};
1082 	struct iwlagn_d3_config_cmd d3_cfg_cmd = {
1083 		/*
1084 		 * Program the minimum sleep time to 10 seconds, as many
1085 		 * platforms have issues processing a wakeup signal while
1086 		 * still being in the process of suspending.
1087 		 */
1088 		.min_sleep_time = cpu_to_le32(10 * 1000 * 1000),
1089 	};
1090 	struct wowlan_key_data key_data = {
1091 		.ctx = ctx,
1092 		.bssid = ctx->active.bssid_addr,
1093 		.use_rsc_tsc = false,
1094 		.tkip = &tkip_cmd,
1095 		.use_tkip = false,
1096 	};
1097 	int ret, i;
1098 	u16 seq;
1099 
1100 	key_data.rsc_tsc = kzalloc(sizeof(*key_data.rsc_tsc), GFP_KERNEL);
1101 	if (!key_data.rsc_tsc)
1102 		return -ENOMEM;
1103 
1104 	memset(&wakeup_filter_cmd, 0, sizeof(wakeup_filter_cmd));
1105 
1106 	/*
1107 	 * We know the last used seqno, and the uCode expects to know that
1108 	 * one, it will increment before TX.
1109 	 */
1110 	seq = le16_to_cpu(priv->last_seq_ctl) & IEEE80211_SCTL_SEQ;
1111 	wakeup_filter_cmd.non_qos_seq = cpu_to_le16(seq);
1112 
1113 	/*
1114 	 * For QoS counters, we store the one to use next, so subtract 0x10
1115 	 * since the uCode will add 0x10 before using the value.
1116 	 */
1117 	for (i = 0; i < IWL_MAX_TID_COUNT; i++) {
1118 		seq = priv->tid_data[IWL_AP_ID][i].seq_number;
1119 		seq -= 0x10;
1120 		wakeup_filter_cmd.qos_seq[i] = cpu_to_le16(seq);
1121 	}
1122 
1123 	if (wowlan->disconnect)
1124 		wakeup_filter_cmd.enabled |=
1125 			cpu_to_le32(IWLAGN_WOWLAN_WAKEUP_BEACON_MISS |
1126 				    IWLAGN_WOWLAN_WAKEUP_LINK_CHANGE);
1127 	if (wowlan->magic_pkt)
1128 		wakeup_filter_cmd.enabled |=
1129 			cpu_to_le32(IWLAGN_WOWLAN_WAKEUP_MAGIC_PACKET);
1130 	if (wowlan->gtk_rekey_failure)
1131 		wakeup_filter_cmd.enabled |=
1132 			cpu_to_le32(IWLAGN_WOWLAN_WAKEUP_GTK_REKEY_FAIL);
1133 	if (wowlan->eap_identity_req)
1134 		wakeup_filter_cmd.enabled |=
1135 			cpu_to_le32(IWLAGN_WOWLAN_WAKEUP_EAP_IDENT_REQ);
1136 	if (wowlan->four_way_handshake)
1137 		wakeup_filter_cmd.enabled |=
1138 			cpu_to_le32(IWLAGN_WOWLAN_WAKEUP_4WAY_HANDSHAKE);
1139 	if (wowlan->n_patterns)
1140 		wakeup_filter_cmd.enabled |=
1141 			cpu_to_le32(IWLAGN_WOWLAN_WAKEUP_PATTERN_MATCH);
1142 
1143 	if (wowlan->rfkill_release)
1144 		d3_cfg_cmd.wakeup_flags |=
1145 			cpu_to_le32(IWLAGN_D3_WAKEUP_RFKILL);
1146 
1147 	iwl_scan_cancel_timeout(priv, 200);
1148 
1149 	memcpy(&rxon, &ctx->active, sizeof(rxon));
1150 
1151 	priv->ucode_loaded = false;
1152 	iwl_trans_stop_device(priv->trans);
1153 	ret = iwl_trans_start_hw(priv->trans);
1154 	if (ret)
1155 		goto out;
1156 
1157 	priv->wowlan = true;
1158 
1159 	ret = iwl_load_ucode_wait_alive(priv, IWL_UCODE_WOWLAN);
1160 	if (ret)
1161 		goto out;
1162 
1163 	/* now configure WoWLAN ucode */
1164 	ret = iwl_alive_start(priv);
1165 	if (ret)
1166 		goto out;
1167 
1168 	memcpy(&ctx->staging, &rxon, sizeof(rxon));
1169 	ret = iwlagn_commit_rxon(priv, ctx);
1170 	if (ret)
1171 		goto out;
1172 
1173 	ret = iwl_power_update_mode(priv, true);
1174 	if (ret)
1175 		goto out;
1176 
1177 	if (!iwlwifi_mod_params.sw_crypto) {
1178 		/* mark all keys clear */
1179 		priv->ucode_key_table = 0;
1180 		ctx->key_mapping_keys = 0;
1181 
1182 		/*
1183 		 * This needs to be unlocked due to lock ordering
1184 		 * constraints. Since we're in the suspend path
1185 		 * that isn't really a problem though.
1186 		 */
1187 		mutex_unlock(&priv->mutex);
1188 		ieee80211_iter_keys(priv->hw, ctx->vif,
1189 				    iwlagn_wowlan_program_keys,
1190 				    &key_data);
1191 		mutex_lock(&priv->mutex);
1192 		if (key_data.error) {
1193 			ret = -EIO;
1194 			goto out;
1195 		}
1196 
1197 		if (key_data.use_rsc_tsc) {
1198 			struct iwl_host_cmd rsc_tsc_cmd = {
1199 				.id = REPLY_WOWLAN_TSC_RSC_PARAMS,
1200 				.data[0] = key_data.rsc_tsc,
1201 				.dataflags[0] = IWL_HCMD_DFL_NOCOPY,
1202 				.len[0] = sizeof(*key_data.rsc_tsc),
1203 			};
1204 
1205 			ret = iwl_dvm_send_cmd(priv, &rsc_tsc_cmd);
1206 			if (ret)
1207 				goto out;
1208 		}
1209 
1210 		if (key_data.use_tkip) {
1211 			ret = iwl_dvm_send_cmd_pdu(priv,
1212 						 REPLY_WOWLAN_TKIP_PARAMS,
1213 						 0, sizeof(tkip_cmd),
1214 						 &tkip_cmd);
1215 			if (ret)
1216 				goto out;
1217 		}
1218 
1219 		if (priv->have_rekey_data) {
1220 			memset(&kek_kck_cmd, 0, sizeof(kek_kck_cmd));
1221 			memcpy(kek_kck_cmd.kck, priv->kck, NL80211_KCK_LEN);
1222 			kek_kck_cmd.kck_len = cpu_to_le16(NL80211_KCK_LEN);
1223 			memcpy(kek_kck_cmd.kek, priv->kek, NL80211_KEK_LEN);
1224 			kek_kck_cmd.kek_len = cpu_to_le16(NL80211_KEK_LEN);
1225 			kek_kck_cmd.replay_ctr = priv->replay_ctr;
1226 
1227 			ret = iwl_dvm_send_cmd_pdu(priv,
1228 						 REPLY_WOWLAN_KEK_KCK_MATERIAL,
1229 						 0, sizeof(kek_kck_cmd),
1230 						 &kek_kck_cmd);
1231 			if (ret)
1232 				goto out;
1233 		}
1234 	}
1235 
1236 	ret = iwl_dvm_send_cmd_pdu(priv, REPLY_D3_CONFIG, 0,
1237 				     sizeof(d3_cfg_cmd), &d3_cfg_cmd);
1238 	if (ret)
1239 		goto out;
1240 
1241 	ret = iwl_dvm_send_cmd_pdu(priv, REPLY_WOWLAN_WAKEUP_FILTER,
1242 				 0, sizeof(wakeup_filter_cmd),
1243 				 &wakeup_filter_cmd);
1244 	if (ret)
1245 		goto out;
1246 
1247 	ret = iwlagn_send_patterns(priv, wowlan);
1248  out:
1249 	kfree(key_data.rsc_tsc);
1250 	return ret;
1251 }
1252 #endif
1253 
1254 int iwl_dvm_send_cmd(struct iwl_priv *priv, struct iwl_host_cmd *cmd)
1255 {
1256 	if (iwl_is_rfkill(priv) || iwl_is_ctkill(priv)) {
1257 		IWL_WARN(priv, "Not sending command - %s KILL\n",
1258 			 iwl_is_rfkill(priv) ? "RF" : "CT");
1259 		return -EIO;
1260 	}
1261 
1262 	if (test_bit(STATUS_FW_ERROR, &priv->status)) {
1263 		IWL_ERR(priv, "Command %s failed: FW Error\n",
1264 			iwl_get_cmd_string(priv->trans, cmd->id));
1265 		return -EIO;
1266 	}
1267 
1268 	/*
1269 	 * This can happen upon FW ASSERT: we clear the STATUS_FW_ERROR flag
1270 	 * in iwl_down but cancel the workers only later.
1271 	 */
1272 	if (!priv->ucode_loaded) {
1273 		IWL_ERR(priv, "Fw not loaded - dropping CMD: %x\n", cmd->id);
1274 		return -EIO;
1275 	}
1276 
1277 	/*
1278 	 * Synchronous commands from this op-mode must hold
1279 	 * the mutex, this ensures we don't try to send two
1280 	 * (or more) synchronous commands at a time.
1281 	 */
1282 	if (!(cmd->flags & CMD_ASYNC))
1283 		lockdep_assert_held(&priv->mutex);
1284 
1285 	return iwl_trans_send_cmd(priv->trans, cmd);
1286 }
1287 
1288 int iwl_dvm_send_cmd_pdu(struct iwl_priv *priv, u8 id,
1289 			 u32 flags, u16 len, const void *data)
1290 {
1291 	struct iwl_host_cmd cmd = {
1292 		.id = id,
1293 		.len = { len, },
1294 		.data = { data, },
1295 		.flags = flags,
1296 	};
1297 
1298 	return iwl_dvm_send_cmd(priv, &cmd);
1299 }
1300