1 // SPDX-License-Identifier: GPL-2.0-only 2 /* 3 * NXP Wireless LAN device driver: commands and events 4 * 5 * Copyright 2011-2020 NXP 6 */ 7 8 #include <asm/unaligned.h> 9 #include "decl.h" 10 #include "ioctl.h" 11 #include "util.h" 12 #include "fw.h" 13 #include "main.h" 14 #include "wmm.h" 15 #include "11n.h" 16 17 static void mwifiex_cancel_pending_ioctl(struct mwifiex_adapter *adapter); 18 19 /* 20 * This function initializes a command node. 21 * 22 * The actual allocation of the node is not done by this function. It only 23 * initiates a node by filling it with default parameters. Similarly, 24 * allocation of the different buffers used (IOCTL buffer, data buffer) are 25 * not done by this function either. 26 */ 27 static void 28 mwifiex_init_cmd_node(struct mwifiex_private *priv, 29 struct cmd_ctrl_node *cmd_node, 30 u32 cmd_no, void *data_buf, bool sync) 31 { 32 cmd_node->priv = priv; 33 cmd_node->cmd_no = cmd_no; 34 35 if (sync) { 36 cmd_node->wait_q_enabled = true; 37 cmd_node->cmd_wait_q_woken = false; 38 cmd_node->condition = &cmd_node->cmd_wait_q_woken; 39 } 40 cmd_node->data_buf = data_buf; 41 cmd_node->cmd_skb = cmd_node->skb; 42 } 43 44 /* 45 * This function returns a command node from the free queue depending upon 46 * availability. 47 */ 48 static struct cmd_ctrl_node * 49 mwifiex_get_cmd_node(struct mwifiex_adapter *adapter) 50 { 51 struct cmd_ctrl_node *cmd_node; 52 53 spin_lock_bh(&adapter->cmd_free_q_lock); 54 if (list_empty(&adapter->cmd_free_q)) { 55 mwifiex_dbg(adapter, ERROR, 56 "GET_CMD_NODE: cmd node not available\n"); 57 spin_unlock_bh(&adapter->cmd_free_q_lock); 58 return NULL; 59 } 60 cmd_node = list_first_entry(&adapter->cmd_free_q, 61 struct cmd_ctrl_node, list); 62 list_del(&cmd_node->list); 63 spin_unlock_bh(&adapter->cmd_free_q_lock); 64 65 return cmd_node; 66 } 67 68 /* 69 * This function cleans up a command node. 70 * 71 * The function resets the fields including the buffer pointers. 72 * This function does not try to free the buffers. They must be 73 * freed before calling this function. 74 * 75 * This function will however call the receive completion callback 76 * in case a response buffer is still available before resetting 77 * the pointer. 78 */ 79 static void 80 mwifiex_clean_cmd_node(struct mwifiex_adapter *adapter, 81 struct cmd_ctrl_node *cmd_node) 82 { 83 cmd_node->cmd_no = 0; 84 cmd_node->cmd_flag = 0; 85 cmd_node->data_buf = NULL; 86 cmd_node->wait_q_enabled = false; 87 88 if (cmd_node->cmd_skb) 89 skb_trim(cmd_node->cmd_skb, 0); 90 91 if (cmd_node->resp_skb) { 92 adapter->if_ops.cmdrsp_complete(adapter, cmd_node->resp_skb); 93 cmd_node->resp_skb = NULL; 94 } 95 } 96 97 /* 98 * This function returns a command to the command free queue. 99 * 100 * The function also calls the completion callback if required, before 101 * cleaning the command node and re-inserting it into the free queue. 102 */ 103 static void 104 mwifiex_insert_cmd_to_free_q(struct mwifiex_adapter *adapter, 105 struct cmd_ctrl_node *cmd_node) 106 { 107 if (!cmd_node) 108 return; 109 110 if (cmd_node->wait_q_enabled) 111 mwifiex_complete_cmd(adapter, cmd_node); 112 /* Clean the node */ 113 mwifiex_clean_cmd_node(adapter, cmd_node); 114 115 /* Insert node into cmd_free_q */ 116 spin_lock_bh(&adapter->cmd_free_q_lock); 117 list_add_tail(&cmd_node->list, &adapter->cmd_free_q); 118 spin_unlock_bh(&adapter->cmd_free_q_lock); 119 } 120 121 /* This function reuses a command node. */ 122 void mwifiex_recycle_cmd_node(struct mwifiex_adapter *adapter, 123 struct cmd_ctrl_node *cmd_node) 124 { 125 struct host_cmd_ds_command *host_cmd = (void *)cmd_node->cmd_skb->data; 126 127 mwifiex_insert_cmd_to_free_q(adapter, cmd_node); 128 129 atomic_dec(&adapter->cmd_pending); 130 mwifiex_dbg(adapter, CMD, 131 "cmd: FREE_CMD: cmd=%#x, cmd_pending=%d\n", 132 le16_to_cpu(host_cmd->command), 133 atomic_read(&adapter->cmd_pending)); 134 } 135 136 /* 137 * This function sends a host command to the firmware. 138 * 139 * The function copies the host command into the driver command 140 * buffer, which will be transferred to the firmware later by the 141 * main thread. 142 */ 143 static int mwifiex_cmd_host_cmd(struct mwifiex_private *priv, 144 struct host_cmd_ds_command *cmd, 145 struct mwifiex_ds_misc_cmd *pcmd_ptr) 146 { 147 /* Copy the HOST command to command buffer */ 148 memcpy(cmd, pcmd_ptr->cmd, pcmd_ptr->len); 149 mwifiex_dbg(priv->adapter, CMD, 150 "cmd: host cmd size = %d\n", pcmd_ptr->len); 151 return 0; 152 } 153 154 /* 155 * This function downloads a command to the firmware. 156 * 157 * The function performs sanity tests, sets the command sequence 158 * number and size, converts the header fields to CPU format before 159 * sending. Afterwards, it logs the command ID and action for debugging 160 * and sets up the command timeout timer. 161 */ 162 static int mwifiex_dnld_cmd_to_fw(struct mwifiex_private *priv, 163 struct cmd_ctrl_node *cmd_node) 164 { 165 166 struct mwifiex_adapter *adapter = priv->adapter; 167 int ret; 168 struct host_cmd_ds_command *host_cmd; 169 uint16_t cmd_code; 170 uint16_t cmd_size; 171 172 if (!adapter || !cmd_node) 173 return -1; 174 175 host_cmd = (struct host_cmd_ds_command *) (cmd_node->cmd_skb->data); 176 177 /* Sanity test */ 178 if (host_cmd->size == 0) { 179 mwifiex_dbg(adapter, ERROR, 180 "DNLD_CMD: host_cmd is null\t" 181 "or cmd size is 0, not sending\n"); 182 if (cmd_node->wait_q_enabled) 183 adapter->cmd_wait_q.status = -1; 184 mwifiex_recycle_cmd_node(adapter, cmd_node); 185 return -1; 186 } 187 188 cmd_code = le16_to_cpu(host_cmd->command); 189 cmd_node->cmd_no = cmd_code; 190 cmd_size = le16_to_cpu(host_cmd->size); 191 192 if (adapter->hw_status == MWIFIEX_HW_STATUS_RESET && 193 cmd_code != HostCmd_CMD_FUNC_SHUTDOWN && 194 cmd_code != HostCmd_CMD_FUNC_INIT) { 195 mwifiex_dbg(adapter, ERROR, 196 "DNLD_CMD: FW in reset state, ignore cmd %#x\n", 197 cmd_code); 198 mwifiex_recycle_cmd_node(adapter, cmd_node); 199 queue_work(adapter->workqueue, &adapter->main_work); 200 return -1; 201 } 202 203 /* Set command sequence number */ 204 adapter->seq_num++; 205 host_cmd->seq_num = cpu_to_le16(HostCmd_SET_SEQ_NO_BSS_INFO 206 (adapter->seq_num, 207 cmd_node->priv->bss_num, 208 cmd_node->priv->bss_type)); 209 210 spin_lock_bh(&adapter->mwifiex_cmd_lock); 211 adapter->curr_cmd = cmd_node; 212 spin_unlock_bh(&adapter->mwifiex_cmd_lock); 213 214 /* Adjust skb length */ 215 if (cmd_node->cmd_skb->len > cmd_size) 216 /* 217 * cmd_size is less than sizeof(struct host_cmd_ds_command). 218 * Trim off the unused portion. 219 */ 220 skb_trim(cmd_node->cmd_skb, cmd_size); 221 else if (cmd_node->cmd_skb->len < cmd_size) 222 /* 223 * cmd_size is larger than sizeof(struct host_cmd_ds_command) 224 * because we have appended custom IE TLV. Increase skb length 225 * accordingly. 226 */ 227 skb_put(cmd_node->cmd_skb, cmd_size - cmd_node->cmd_skb->len); 228 229 mwifiex_dbg(adapter, CMD, 230 "cmd: DNLD_CMD: %#x, act %#x, len %d, seqno %#x\n", 231 cmd_code, 232 get_unaligned_le16((u8 *)host_cmd + S_DS_GEN), 233 cmd_size, le16_to_cpu(host_cmd->seq_num)); 234 mwifiex_dbg_dump(adapter, CMD_D, "cmd buffer:", host_cmd, cmd_size); 235 236 if (adapter->iface_type == MWIFIEX_USB) { 237 skb_push(cmd_node->cmd_skb, MWIFIEX_TYPE_LEN); 238 put_unaligned_le32(MWIFIEX_USB_TYPE_CMD, 239 cmd_node->cmd_skb->data); 240 adapter->cmd_sent = true; 241 ret = adapter->if_ops.host_to_card(adapter, 242 MWIFIEX_USB_EP_CMD_EVENT, 243 cmd_node->cmd_skb, NULL); 244 skb_pull(cmd_node->cmd_skb, MWIFIEX_TYPE_LEN); 245 if (ret == -EBUSY) 246 cmd_node->cmd_skb = NULL; 247 } else { 248 skb_push(cmd_node->cmd_skb, adapter->intf_hdr_len); 249 ret = adapter->if_ops.host_to_card(adapter, MWIFIEX_TYPE_CMD, 250 cmd_node->cmd_skb, NULL); 251 skb_pull(cmd_node->cmd_skb, adapter->intf_hdr_len); 252 } 253 254 if (ret == -1) { 255 mwifiex_dbg(adapter, ERROR, 256 "DNLD_CMD: host to card failed\n"); 257 if (adapter->iface_type == MWIFIEX_USB) 258 adapter->cmd_sent = false; 259 if (cmd_node->wait_q_enabled) 260 adapter->cmd_wait_q.status = -1; 261 mwifiex_recycle_cmd_node(adapter, adapter->curr_cmd); 262 263 spin_lock_bh(&adapter->mwifiex_cmd_lock); 264 adapter->curr_cmd = NULL; 265 spin_unlock_bh(&adapter->mwifiex_cmd_lock); 266 267 adapter->dbg.num_cmd_host_to_card_failure++; 268 return -1; 269 } 270 271 /* Save the last command id and action to debug log */ 272 adapter->dbg.last_cmd_index = 273 (adapter->dbg.last_cmd_index + 1) % DBG_CMD_NUM; 274 adapter->dbg.last_cmd_id[adapter->dbg.last_cmd_index] = cmd_code; 275 adapter->dbg.last_cmd_act[adapter->dbg.last_cmd_index] = 276 get_unaligned_le16((u8 *)host_cmd + S_DS_GEN); 277 278 /* Setup the timer after transmit command, except that specific 279 * command might not have command response. 280 */ 281 if (cmd_code != HostCmd_CMD_FW_DUMP_EVENT) 282 mod_timer(&adapter->cmd_timer, 283 jiffies + msecs_to_jiffies(MWIFIEX_TIMER_10S)); 284 285 /* Clear BSS_NO_BITS from HostCmd */ 286 cmd_code &= HostCmd_CMD_ID_MASK; 287 288 return 0; 289 } 290 291 /* 292 * This function downloads a sleep confirm command to the firmware. 293 * 294 * The function performs sanity tests, sets the command sequence 295 * number and size, converts the header fields to CPU format before 296 * sending. 297 * 298 * No responses are needed for sleep confirm command. 299 */ 300 static int mwifiex_dnld_sleep_confirm_cmd(struct mwifiex_adapter *adapter) 301 { 302 int ret; 303 struct mwifiex_private *priv; 304 struct mwifiex_opt_sleep_confirm *sleep_cfm_buf = 305 (struct mwifiex_opt_sleep_confirm *) 306 adapter->sleep_cfm->data; 307 struct sk_buff *sleep_cfm_tmp; 308 309 priv = mwifiex_get_priv(adapter, MWIFIEX_BSS_ROLE_ANY); 310 311 adapter->seq_num++; 312 sleep_cfm_buf->seq_num = 313 cpu_to_le16(HostCmd_SET_SEQ_NO_BSS_INFO 314 (adapter->seq_num, priv->bss_num, 315 priv->bss_type)); 316 317 mwifiex_dbg(adapter, CMD, 318 "cmd: DNLD_CMD: %#x, act %#x, len %d, seqno %#x\n", 319 le16_to_cpu(sleep_cfm_buf->command), 320 le16_to_cpu(sleep_cfm_buf->action), 321 le16_to_cpu(sleep_cfm_buf->size), 322 le16_to_cpu(sleep_cfm_buf->seq_num)); 323 mwifiex_dbg_dump(adapter, CMD_D, "SLEEP_CFM buffer: ", sleep_cfm_buf, 324 le16_to_cpu(sleep_cfm_buf->size)); 325 326 if (adapter->iface_type == MWIFIEX_USB) { 327 sleep_cfm_tmp = 328 dev_alloc_skb(sizeof(struct mwifiex_opt_sleep_confirm) 329 + MWIFIEX_TYPE_LEN); 330 if (!sleep_cfm_tmp) { 331 mwifiex_dbg(adapter, ERROR, 332 "SLEEP_CFM: dev_alloc_skb failed\n"); 333 return -ENOMEM; 334 } 335 336 skb_put(sleep_cfm_tmp, sizeof(struct mwifiex_opt_sleep_confirm) 337 + MWIFIEX_TYPE_LEN); 338 put_unaligned_le32(MWIFIEX_USB_TYPE_CMD, sleep_cfm_tmp->data); 339 memcpy(sleep_cfm_tmp->data + MWIFIEX_TYPE_LEN, 340 adapter->sleep_cfm->data, 341 sizeof(struct mwifiex_opt_sleep_confirm)); 342 ret = adapter->if_ops.host_to_card(adapter, 343 MWIFIEX_USB_EP_CMD_EVENT, 344 sleep_cfm_tmp, NULL); 345 if (ret != -EBUSY) 346 dev_kfree_skb_any(sleep_cfm_tmp); 347 } else { 348 skb_push(adapter->sleep_cfm, adapter->intf_hdr_len); 349 ret = adapter->if_ops.host_to_card(adapter, MWIFIEX_TYPE_CMD, 350 adapter->sleep_cfm, NULL); 351 skb_pull(adapter->sleep_cfm, adapter->intf_hdr_len); 352 } 353 354 if (ret == -1) { 355 mwifiex_dbg(adapter, ERROR, "SLEEP_CFM: failed\n"); 356 adapter->dbg.num_cmd_sleep_cfm_host_to_card_failure++; 357 return -1; 358 } 359 360 if (!le16_to_cpu(sleep_cfm_buf->resp_ctrl)) 361 /* Response is not needed for sleep confirm command */ 362 adapter->ps_state = PS_STATE_SLEEP; 363 else 364 adapter->ps_state = PS_STATE_SLEEP_CFM; 365 366 if (!le16_to_cpu(sleep_cfm_buf->resp_ctrl) && 367 (test_bit(MWIFIEX_IS_HS_CONFIGURED, &adapter->work_flags) && 368 !adapter->sleep_period.period)) { 369 adapter->pm_wakeup_card_req = true; 370 mwifiex_hs_activated_event(mwifiex_get_priv 371 (adapter, MWIFIEX_BSS_ROLE_ANY), true); 372 } 373 374 return ret; 375 } 376 377 /* 378 * This function allocates the command buffers and links them to 379 * the command free queue. 380 * 381 * The driver uses a pre allocated number of command buffers, which 382 * are created at driver initializations and freed at driver cleanup. 383 * Every command needs to obtain a command buffer from this pool before 384 * it can be issued. The command free queue lists the command buffers 385 * currently free to use, while the command pending queue lists the 386 * command buffers already in use and awaiting handling. Command buffers 387 * are returned to the free queue after use. 388 */ 389 int mwifiex_alloc_cmd_buffer(struct mwifiex_adapter *adapter) 390 { 391 struct cmd_ctrl_node *cmd_array; 392 u32 i; 393 394 /* Allocate and initialize struct cmd_ctrl_node */ 395 cmd_array = kcalloc(MWIFIEX_NUM_OF_CMD_BUFFER, 396 sizeof(struct cmd_ctrl_node), GFP_KERNEL); 397 if (!cmd_array) 398 return -ENOMEM; 399 400 adapter->cmd_pool = cmd_array; 401 402 /* Allocate and initialize command buffers */ 403 for (i = 0; i < MWIFIEX_NUM_OF_CMD_BUFFER; i++) { 404 cmd_array[i].skb = dev_alloc_skb(MWIFIEX_SIZE_OF_CMD_BUFFER); 405 if (!cmd_array[i].skb) { 406 mwifiex_dbg(adapter, ERROR, 407 "unable to allocate command buffer\n"); 408 return -ENOMEM; 409 } 410 } 411 412 for (i = 0; i < MWIFIEX_NUM_OF_CMD_BUFFER; i++) 413 mwifiex_insert_cmd_to_free_q(adapter, &cmd_array[i]); 414 415 return 0; 416 } 417 418 /* 419 * This function frees the command buffers. 420 * 421 * The function calls the completion callback for all the command 422 * buffers that still have response buffers associated with them. 423 */ 424 void mwifiex_free_cmd_buffer(struct mwifiex_adapter *adapter) 425 { 426 struct cmd_ctrl_node *cmd_array; 427 u32 i; 428 429 /* Need to check if cmd pool is allocated or not */ 430 if (!adapter->cmd_pool) { 431 mwifiex_dbg(adapter, FATAL, 432 "info: FREE_CMD_BUF: cmd_pool is null\n"); 433 return; 434 } 435 436 cmd_array = adapter->cmd_pool; 437 438 /* Release shared memory buffers */ 439 for (i = 0; i < MWIFIEX_NUM_OF_CMD_BUFFER; i++) { 440 if (cmd_array[i].skb) { 441 mwifiex_dbg(adapter, CMD, 442 "cmd: free cmd buffer %d\n", i); 443 dev_kfree_skb_any(cmd_array[i].skb); 444 } 445 if (!cmd_array[i].resp_skb) 446 continue; 447 448 if (adapter->iface_type == MWIFIEX_USB) 449 adapter->if_ops.cmdrsp_complete(adapter, 450 cmd_array[i].resp_skb); 451 else 452 dev_kfree_skb_any(cmd_array[i].resp_skb); 453 } 454 /* Release struct cmd_ctrl_node */ 455 if (adapter->cmd_pool) { 456 mwifiex_dbg(adapter, CMD, 457 "cmd: free cmd pool\n"); 458 kfree(adapter->cmd_pool); 459 adapter->cmd_pool = NULL; 460 } 461 } 462 463 /* 464 * This function handles events generated by firmware. 465 * 466 * Event body of events received from firmware are not used (though they are 467 * saved), only the event ID is used. Some events are re-invoked by 468 * the driver, with a new event body. 469 * 470 * After processing, the function calls the completion callback 471 * for cleanup. 472 */ 473 int mwifiex_process_event(struct mwifiex_adapter *adapter) 474 { 475 int ret, i; 476 struct mwifiex_private *priv = 477 mwifiex_get_priv(adapter, MWIFIEX_BSS_ROLE_ANY); 478 struct sk_buff *skb = adapter->event_skb; 479 u32 eventcause; 480 struct mwifiex_rxinfo *rx_info; 481 482 if ((adapter->event_cause & EVENT_ID_MASK) == EVENT_RADAR_DETECTED) { 483 for (i = 0; i < adapter->priv_num; i++) { 484 priv = adapter->priv[i]; 485 if (priv && mwifiex_is_11h_active(priv)) { 486 adapter->event_cause |= 487 ((priv->bss_num & 0xff) << 16) | 488 ((priv->bss_type & 0xff) << 24); 489 break; 490 } 491 } 492 } 493 494 eventcause = adapter->event_cause; 495 496 /* Save the last event to debug log */ 497 adapter->dbg.last_event_index = 498 (adapter->dbg.last_event_index + 1) % DBG_CMD_NUM; 499 adapter->dbg.last_event[adapter->dbg.last_event_index] = 500 (u16) eventcause; 501 502 /* Get BSS number and corresponding priv */ 503 priv = mwifiex_get_priv_by_id(adapter, EVENT_GET_BSS_NUM(eventcause), 504 EVENT_GET_BSS_TYPE(eventcause)); 505 if (!priv) 506 priv = mwifiex_get_priv(adapter, MWIFIEX_BSS_ROLE_ANY); 507 508 /* Clear BSS_NO_BITS from event */ 509 eventcause &= EVENT_ID_MASK; 510 adapter->event_cause = eventcause; 511 512 if (skb) { 513 rx_info = MWIFIEX_SKB_RXCB(skb); 514 memset(rx_info, 0, sizeof(*rx_info)); 515 rx_info->bss_num = priv->bss_num; 516 rx_info->bss_type = priv->bss_type; 517 mwifiex_dbg_dump(adapter, EVT_D, "Event Buf:", 518 skb->data, skb->len); 519 } 520 521 mwifiex_dbg(adapter, EVENT, "EVENT: cause: %#x\n", eventcause); 522 523 if (priv->bss_role == MWIFIEX_BSS_ROLE_UAP) 524 ret = mwifiex_process_uap_event(priv); 525 else 526 ret = mwifiex_process_sta_event(priv); 527 528 adapter->event_cause = 0; 529 adapter->event_skb = NULL; 530 adapter->if_ops.event_complete(adapter, skb); 531 532 return ret; 533 } 534 535 /* 536 * This function prepares a command and send it to the firmware. 537 * 538 * Preparation includes - 539 * - Sanity tests to make sure the card is still present or the FW 540 * is not reset 541 * - Getting a new command node from the command free queue 542 * - Initializing the command node for default parameters 543 * - Fill up the non-default parameters and buffer pointers 544 * - Add the command to pending queue 545 */ 546 int mwifiex_send_cmd(struct mwifiex_private *priv, u16 cmd_no, 547 u16 cmd_action, u32 cmd_oid, void *data_buf, bool sync) 548 { 549 int ret; 550 struct mwifiex_adapter *adapter = priv->adapter; 551 struct cmd_ctrl_node *cmd_node; 552 struct host_cmd_ds_command *cmd_ptr; 553 554 if (!adapter) { 555 pr_err("PREP_CMD: adapter is NULL\n"); 556 return -1; 557 } 558 559 if (test_bit(MWIFIEX_IS_SUSPENDED, &adapter->work_flags)) { 560 mwifiex_dbg(adapter, ERROR, 561 "PREP_CMD: device in suspended state\n"); 562 return -1; 563 } 564 565 if (test_bit(MWIFIEX_IS_HS_ENABLING, &adapter->work_flags) && 566 cmd_no != HostCmd_CMD_802_11_HS_CFG_ENH) { 567 mwifiex_dbg(adapter, ERROR, 568 "PREP_CMD: host entering sleep state\n"); 569 return -1; 570 } 571 572 if (test_bit(MWIFIEX_SURPRISE_REMOVED, &adapter->work_flags)) { 573 mwifiex_dbg(adapter, ERROR, 574 "PREP_CMD: card is removed\n"); 575 return -1; 576 } 577 578 if (test_bit(MWIFIEX_IS_CMD_TIMEDOUT, &adapter->work_flags)) { 579 mwifiex_dbg(adapter, ERROR, 580 "PREP_CMD: FW is in bad state\n"); 581 return -1; 582 } 583 584 if (adapter->hw_status == MWIFIEX_HW_STATUS_RESET) { 585 if (cmd_no != HostCmd_CMD_FUNC_INIT) { 586 mwifiex_dbg(adapter, ERROR, 587 "PREP_CMD: FW in reset state\n"); 588 return -1; 589 } 590 } 591 /* We don't expect commands in manufacturing mode. They are cooked 592 * in application and ready to download buffer is passed to the driver 593 */ 594 if (adapter->mfg_mode && cmd_no) { 595 dev_dbg(adapter->dev, "Ignoring commands in manufacturing mode\n"); 596 return -1; 597 } 598 599 if (priv->adapter->hs_activated_manually && 600 cmd_no != HostCmd_CMD_802_11_HS_CFG_ENH) { 601 mwifiex_cancel_hs(priv, MWIFIEX_ASYNC_CMD); 602 priv->adapter->hs_activated_manually = false; 603 } 604 605 /* Get a new command node */ 606 cmd_node = mwifiex_get_cmd_node(adapter); 607 608 if (!cmd_node) { 609 mwifiex_dbg(adapter, ERROR, 610 "PREP_CMD: no free cmd node\n"); 611 return -1; 612 } 613 614 /* Initialize the command node */ 615 mwifiex_init_cmd_node(priv, cmd_node, cmd_no, data_buf, sync); 616 617 if (!cmd_node->cmd_skb) { 618 mwifiex_dbg(adapter, ERROR, 619 "PREP_CMD: no free cmd buf\n"); 620 return -1; 621 } 622 623 skb_put_zero(cmd_node->cmd_skb, sizeof(struct host_cmd_ds_command)); 624 625 cmd_ptr = (struct host_cmd_ds_command *) (cmd_node->cmd_skb->data); 626 cmd_ptr->command = cpu_to_le16(cmd_no); 627 cmd_ptr->result = 0; 628 629 /* Prepare command */ 630 if (cmd_no) { 631 switch (cmd_no) { 632 case HostCmd_CMD_UAP_SYS_CONFIG: 633 case HostCmd_CMD_UAP_BSS_START: 634 case HostCmd_CMD_UAP_BSS_STOP: 635 case HostCmd_CMD_UAP_STA_DEAUTH: 636 case HOST_CMD_APCMD_SYS_RESET: 637 case HOST_CMD_APCMD_STA_LIST: 638 ret = mwifiex_uap_prepare_cmd(priv, cmd_no, cmd_action, 639 cmd_oid, data_buf, 640 cmd_ptr); 641 break; 642 default: 643 ret = mwifiex_sta_prepare_cmd(priv, cmd_no, cmd_action, 644 cmd_oid, data_buf, 645 cmd_ptr); 646 break; 647 } 648 } else { 649 ret = mwifiex_cmd_host_cmd(priv, cmd_ptr, data_buf); 650 cmd_node->cmd_flag |= CMD_F_HOSTCMD; 651 } 652 653 /* Return error, since the command preparation failed */ 654 if (ret) { 655 mwifiex_dbg(adapter, ERROR, 656 "PREP_CMD: cmd %#x preparation failed\n", 657 cmd_no); 658 mwifiex_insert_cmd_to_free_q(adapter, cmd_node); 659 return -1; 660 } 661 662 /* Send command */ 663 if (cmd_no == HostCmd_CMD_802_11_SCAN || 664 cmd_no == HostCmd_CMD_802_11_SCAN_EXT) { 665 mwifiex_queue_scan_cmd(priv, cmd_node); 666 } else { 667 mwifiex_insert_cmd_to_pending_q(adapter, cmd_node); 668 queue_work(adapter->workqueue, &adapter->main_work); 669 if (cmd_node->wait_q_enabled) 670 ret = mwifiex_wait_queue_complete(adapter, cmd_node); 671 } 672 673 return ret; 674 } 675 676 /* 677 * This function queues a command to the command pending queue. 678 * 679 * This in effect adds the command to the command list to be executed. 680 * Exit PS command is handled specially, by placing it always to the 681 * front of the command queue. 682 */ 683 void 684 mwifiex_insert_cmd_to_pending_q(struct mwifiex_adapter *adapter, 685 struct cmd_ctrl_node *cmd_node) 686 { 687 struct host_cmd_ds_command *host_cmd = NULL; 688 u16 command; 689 bool add_tail = true; 690 691 host_cmd = (struct host_cmd_ds_command *) (cmd_node->cmd_skb->data); 692 if (!host_cmd) { 693 mwifiex_dbg(adapter, ERROR, "QUEUE_CMD: host_cmd is NULL\n"); 694 return; 695 } 696 697 command = le16_to_cpu(host_cmd->command); 698 699 /* Exit_PS command needs to be queued in the header always. */ 700 if (command == HostCmd_CMD_802_11_PS_MODE_ENH) { 701 struct host_cmd_ds_802_11_ps_mode_enh *pm = 702 &host_cmd->params.psmode_enh; 703 if ((le16_to_cpu(pm->action) == DIS_PS) || 704 (le16_to_cpu(pm->action) == DIS_AUTO_PS)) { 705 if (adapter->ps_state != PS_STATE_AWAKE) 706 add_tail = false; 707 } 708 } 709 710 /* Same with exit host sleep cmd, luckily that can't happen at the same time as EXIT_PS */ 711 if (command == HostCmd_CMD_802_11_HS_CFG_ENH) { 712 struct host_cmd_ds_802_11_hs_cfg_enh *hs_cfg = 713 &host_cmd->params.opt_hs_cfg; 714 715 if (le16_to_cpu(hs_cfg->action) == HS_ACTIVATE) 716 add_tail = false; 717 } 718 719 spin_lock_bh(&adapter->cmd_pending_q_lock); 720 if (add_tail) 721 list_add_tail(&cmd_node->list, &adapter->cmd_pending_q); 722 else 723 list_add(&cmd_node->list, &adapter->cmd_pending_q); 724 spin_unlock_bh(&adapter->cmd_pending_q_lock); 725 726 atomic_inc(&adapter->cmd_pending); 727 mwifiex_dbg(adapter, CMD, 728 "cmd: QUEUE_CMD: cmd=%#x, cmd_pending=%d\n", 729 command, atomic_read(&adapter->cmd_pending)); 730 } 731 732 /* 733 * This function executes the next command in command pending queue. 734 * 735 * This function will fail if a command is already in processing stage, 736 * otherwise it will dequeue the first command from the command pending 737 * queue and send to the firmware. 738 * 739 * If the device is currently in host sleep mode, any commands, except the 740 * host sleep configuration command will de-activate the host sleep. For PS 741 * mode, the function will put the firmware back to sleep if applicable. 742 */ 743 int mwifiex_exec_next_cmd(struct mwifiex_adapter *adapter) 744 { 745 struct mwifiex_private *priv; 746 struct cmd_ctrl_node *cmd_node; 747 int ret = 0; 748 struct host_cmd_ds_command *host_cmd; 749 750 /* Check if already in processing */ 751 if (adapter->curr_cmd) { 752 mwifiex_dbg(adapter, FATAL, 753 "EXEC_NEXT_CMD: cmd in processing\n"); 754 return -1; 755 } 756 757 spin_lock_bh(&adapter->mwifiex_cmd_lock); 758 /* Check if any command is pending */ 759 spin_lock_bh(&adapter->cmd_pending_q_lock); 760 if (list_empty(&adapter->cmd_pending_q)) { 761 spin_unlock_bh(&adapter->cmd_pending_q_lock); 762 spin_unlock_bh(&adapter->mwifiex_cmd_lock); 763 return 0; 764 } 765 cmd_node = list_first_entry(&adapter->cmd_pending_q, 766 struct cmd_ctrl_node, list); 767 768 host_cmd = (struct host_cmd_ds_command *) (cmd_node->cmd_skb->data); 769 priv = cmd_node->priv; 770 771 if (adapter->ps_state != PS_STATE_AWAKE) { 772 mwifiex_dbg(adapter, ERROR, 773 "%s: cannot send cmd in sleep state,\t" 774 "this should not happen\n", __func__); 775 spin_unlock_bh(&adapter->cmd_pending_q_lock); 776 spin_unlock_bh(&adapter->mwifiex_cmd_lock); 777 return ret; 778 } 779 780 list_del(&cmd_node->list); 781 spin_unlock_bh(&adapter->cmd_pending_q_lock); 782 783 spin_unlock_bh(&adapter->mwifiex_cmd_lock); 784 ret = mwifiex_dnld_cmd_to_fw(priv, cmd_node); 785 priv = mwifiex_get_priv(adapter, MWIFIEX_BSS_ROLE_ANY); 786 /* Any command sent to the firmware when host is in sleep 787 * mode should de-configure host sleep. We should skip the 788 * host sleep configuration command itself though 789 */ 790 if (priv && (host_cmd->command != 791 cpu_to_le16(HostCmd_CMD_802_11_HS_CFG_ENH))) { 792 if (adapter->hs_activated) { 793 clear_bit(MWIFIEX_IS_HS_CONFIGURED, 794 &adapter->work_flags); 795 mwifiex_hs_activated_event(priv, false); 796 } 797 } 798 799 return ret; 800 } 801 802 /* 803 * This function handles the command response. 804 * 805 * After processing, the function cleans the command node and puts 806 * it back to the command free queue. 807 */ 808 int mwifiex_process_cmdresp(struct mwifiex_adapter *adapter) 809 { 810 struct host_cmd_ds_command *resp; 811 struct mwifiex_private *priv = 812 mwifiex_get_priv(adapter, MWIFIEX_BSS_ROLE_ANY); 813 int ret = 0; 814 uint16_t orig_cmdresp_no; 815 uint16_t cmdresp_no; 816 uint16_t cmdresp_result; 817 818 if (!adapter->curr_cmd || !adapter->curr_cmd->resp_skb) { 819 resp = (struct host_cmd_ds_command *) adapter->upld_buf; 820 mwifiex_dbg(adapter, ERROR, 821 "CMD_RESP: NULL curr_cmd, %#x\n", 822 le16_to_cpu(resp->command)); 823 return -1; 824 } 825 826 resp = (struct host_cmd_ds_command *)adapter->curr_cmd->resp_skb->data; 827 orig_cmdresp_no = le16_to_cpu(resp->command); 828 cmdresp_no = (orig_cmdresp_no & HostCmd_CMD_ID_MASK); 829 830 if (adapter->curr_cmd->cmd_no != cmdresp_no) { 831 mwifiex_dbg(adapter, ERROR, 832 "cmdresp error: cmd=0x%x cmd_resp=0x%x\n", 833 adapter->curr_cmd->cmd_no, cmdresp_no); 834 return -1; 835 } 836 /* Now we got response from FW, cancel the command timer */ 837 del_timer_sync(&adapter->cmd_timer); 838 clear_bit(MWIFIEX_IS_CMD_TIMEDOUT, &adapter->work_flags); 839 840 if (adapter->curr_cmd->cmd_flag & CMD_F_HOSTCMD) { 841 /* Copy original response back to response buffer */ 842 struct mwifiex_ds_misc_cmd *hostcmd; 843 uint16_t size = le16_to_cpu(resp->size); 844 mwifiex_dbg(adapter, INFO, 845 "info: host cmd resp size = %d\n", size); 846 size = min_t(u16, size, MWIFIEX_SIZE_OF_CMD_BUFFER); 847 if (adapter->curr_cmd->data_buf) { 848 hostcmd = adapter->curr_cmd->data_buf; 849 hostcmd->len = size; 850 memcpy(hostcmd->cmd, resp, size); 851 } 852 } 853 854 /* Get BSS number and corresponding priv */ 855 priv = mwifiex_get_priv_by_id(adapter, 856 HostCmd_GET_BSS_NO(le16_to_cpu(resp->seq_num)), 857 HostCmd_GET_BSS_TYPE(le16_to_cpu(resp->seq_num))); 858 if (!priv) 859 priv = mwifiex_get_priv(adapter, MWIFIEX_BSS_ROLE_ANY); 860 /* Clear RET_BIT from HostCmd */ 861 resp->command = cpu_to_le16(orig_cmdresp_no & HostCmd_CMD_ID_MASK); 862 863 cmdresp_no = le16_to_cpu(resp->command); 864 cmdresp_result = le16_to_cpu(resp->result); 865 866 /* Save the last command response to debug log */ 867 adapter->dbg.last_cmd_resp_index = 868 (adapter->dbg.last_cmd_resp_index + 1) % DBG_CMD_NUM; 869 adapter->dbg.last_cmd_resp_id[adapter->dbg.last_cmd_resp_index] = 870 orig_cmdresp_no; 871 872 mwifiex_dbg(adapter, CMD, 873 "cmd: CMD_RESP: 0x%x, result %d, len %d, seqno 0x%x\n", 874 orig_cmdresp_no, cmdresp_result, 875 le16_to_cpu(resp->size), le16_to_cpu(resp->seq_num)); 876 mwifiex_dbg_dump(adapter, CMD_D, "CMD_RESP buffer:", resp, 877 le16_to_cpu(resp->size)); 878 879 if (!(orig_cmdresp_no & HostCmd_RET_BIT)) { 880 mwifiex_dbg(adapter, ERROR, "CMD_RESP: invalid cmd resp\n"); 881 if (adapter->curr_cmd->wait_q_enabled) 882 adapter->cmd_wait_q.status = -1; 883 884 mwifiex_recycle_cmd_node(adapter, adapter->curr_cmd); 885 spin_lock_bh(&adapter->mwifiex_cmd_lock); 886 adapter->curr_cmd = NULL; 887 spin_unlock_bh(&adapter->mwifiex_cmd_lock); 888 return -1; 889 } 890 891 if (adapter->curr_cmd->cmd_flag & CMD_F_HOSTCMD) { 892 adapter->curr_cmd->cmd_flag &= ~CMD_F_HOSTCMD; 893 if ((cmdresp_result == HostCmd_RESULT_OK) && 894 (cmdresp_no == HostCmd_CMD_802_11_HS_CFG_ENH)) 895 ret = mwifiex_ret_802_11_hs_cfg(priv, resp); 896 } else { 897 /* handle response */ 898 ret = mwifiex_process_sta_cmdresp(priv, cmdresp_no, resp); 899 } 900 901 /* Check init command response */ 902 if (adapter->hw_status == MWIFIEX_HW_STATUS_INITIALIZING) { 903 if (ret) { 904 mwifiex_dbg(adapter, ERROR, 905 "%s: cmd %#x failed during\t" 906 "initialization\n", __func__, cmdresp_no); 907 mwifiex_init_fw_complete(adapter); 908 return -1; 909 } else if (adapter->last_init_cmd == cmdresp_no) 910 adapter->hw_status = MWIFIEX_HW_STATUS_INIT_DONE; 911 } 912 913 if (adapter->curr_cmd) { 914 if (adapter->curr_cmd->wait_q_enabled) 915 adapter->cmd_wait_q.status = ret; 916 917 mwifiex_recycle_cmd_node(adapter, adapter->curr_cmd); 918 919 spin_lock_bh(&adapter->mwifiex_cmd_lock); 920 adapter->curr_cmd = NULL; 921 spin_unlock_bh(&adapter->mwifiex_cmd_lock); 922 } 923 924 return ret; 925 } 926 927 /* 928 * This function handles the timeout of command sending. 929 * 930 * It will re-send the same command again. 931 */ 932 void 933 mwifiex_cmd_timeout_func(struct timer_list *t) 934 { 935 struct mwifiex_adapter *adapter = from_timer(adapter, t, cmd_timer); 936 struct cmd_ctrl_node *cmd_node; 937 938 set_bit(MWIFIEX_IS_CMD_TIMEDOUT, &adapter->work_flags); 939 if (!adapter->curr_cmd) { 940 mwifiex_dbg(adapter, ERROR, 941 "cmd: empty curr_cmd\n"); 942 return; 943 } 944 cmd_node = adapter->curr_cmd; 945 if (cmd_node) { 946 adapter->dbg.timeout_cmd_id = 947 adapter->dbg.last_cmd_id[adapter->dbg.last_cmd_index]; 948 adapter->dbg.timeout_cmd_act = 949 adapter->dbg.last_cmd_act[adapter->dbg.last_cmd_index]; 950 mwifiex_dbg(adapter, MSG, 951 "%s: Timeout cmd id = %#x, act = %#x\n", __func__, 952 adapter->dbg.timeout_cmd_id, 953 adapter->dbg.timeout_cmd_act); 954 955 mwifiex_dbg(adapter, MSG, 956 "num_data_h2c_failure = %d\n", 957 adapter->dbg.num_tx_host_to_card_failure); 958 mwifiex_dbg(adapter, MSG, 959 "num_cmd_h2c_failure = %d\n", 960 adapter->dbg.num_cmd_host_to_card_failure); 961 962 mwifiex_dbg(adapter, MSG, 963 "is_cmd_timedout = %d\n", 964 test_bit(MWIFIEX_IS_CMD_TIMEDOUT, 965 &adapter->work_flags)); 966 mwifiex_dbg(adapter, MSG, 967 "num_tx_timeout = %d\n", 968 adapter->dbg.num_tx_timeout); 969 970 mwifiex_dbg(adapter, MSG, 971 "last_cmd_index = %d\n", 972 adapter->dbg.last_cmd_index); 973 mwifiex_dbg(adapter, MSG, 974 "last_cmd_id: %*ph\n", 975 (int)sizeof(adapter->dbg.last_cmd_id), 976 adapter->dbg.last_cmd_id); 977 mwifiex_dbg(adapter, MSG, 978 "last_cmd_act: %*ph\n", 979 (int)sizeof(adapter->dbg.last_cmd_act), 980 adapter->dbg.last_cmd_act); 981 982 mwifiex_dbg(adapter, MSG, 983 "last_cmd_resp_index = %d\n", 984 adapter->dbg.last_cmd_resp_index); 985 mwifiex_dbg(adapter, MSG, 986 "last_cmd_resp_id: %*ph\n", 987 (int)sizeof(adapter->dbg.last_cmd_resp_id), 988 adapter->dbg.last_cmd_resp_id); 989 990 mwifiex_dbg(adapter, MSG, 991 "last_event_index = %d\n", 992 adapter->dbg.last_event_index); 993 mwifiex_dbg(adapter, MSG, 994 "last_event: %*ph\n", 995 (int)sizeof(adapter->dbg.last_event), 996 adapter->dbg.last_event); 997 998 mwifiex_dbg(adapter, MSG, 999 "data_sent=%d cmd_sent=%d\n", 1000 adapter->data_sent, adapter->cmd_sent); 1001 1002 mwifiex_dbg(adapter, MSG, 1003 "ps_mode=%d ps_state=%d\n", 1004 adapter->ps_mode, adapter->ps_state); 1005 1006 if (cmd_node->wait_q_enabled) { 1007 adapter->cmd_wait_q.status = -ETIMEDOUT; 1008 mwifiex_cancel_pending_ioctl(adapter); 1009 } 1010 } 1011 if (adapter->hw_status == MWIFIEX_HW_STATUS_INITIALIZING) { 1012 mwifiex_init_fw_complete(adapter); 1013 return; 1014 } 1015 1016 if (adapter->if_ops.device_dump) 1017 adapter->if_ops.device_dump(adapter); 1018 1019 if (adapter->if_ops.card_reset) 1020 adapter->if_ops.card_reset(adapter); 1021 } 1022 1023 void 1024 mwifiex_cancel_pending_scan_cmd(struct mwifiex_adapter *adapter) 1025 { 1026 struct cmd_ctrl_node *cmd_node = NULL, *tmp_node; 1027 1028 /* Cancel all pending scan command */ 1029 spin_lock_bh(&adapter->scan_pending_q_lock); 1030 list_for_each_entry_safe(cmd_node, tmp_node, 1031 &adapter->scan_pending_q, list) { 1032 list_del(&cmd_node->list); 1033 cmd_node->wait_q_enabled = false; 1034 mwifiex_insert_cmd_to_free_q(adapter, cmd_node); 1035 } 1036 spin_unlock_bh(&adapter->scan_pending_q_lock); 1037 } 1038 1039 /* 1040 * This function cancels all the pending commands. 1041 * 1042 * The current command, all commands in command pending queue and all scan 1043 * commands in scan pending queue are cancelled. All the completion callbacks 1044 * are called with failure status to ensure cleanup. 1045 */ 1046 void 1047 mwifiex_cancel_all_pending_cmd(struct mwifiex_adapter *adapter) 1048 { 1049 struct cmd_ctrl_node *cmd_node = NULL, *tmp_node; 1050 1051 spin_lock_bh(&adapter->mwifiex_cmd_lock); 1052 /* Cancel current cmd */ 1053 if ((adapter->curr_cmd) && (adapter->curr_cmd->wait_q_enabled)) { 1054 adapter->cmd_wait_q.status = -1; 1055 mwifiex_complete_cmd(adapter, adapter->curr_cmd); 1056 adapter->curr_cmd->wait_q_enabled = false; 1057 /* no recycle probably wait for response */ 1058 } 1059 /* Cancel all pending command */ 1060 spin_lock_bh(&adapter->cmd_pending_q_lock); 1061 list_for_each_entry_safe(cmd_node, tmp_node, 1062 &adapter->cmd_pending_q, list) { 1063 list_del(&cmd_node->list); 1064 1065 if (cmd_node->wait_q_enabled) 1066 adapter->cmd_wait_q.status = -1; 1067 mwifiex_recycle_cmd_node(adapter, cmd_node); 1068 } 1069 spin_unlock_bh(&adapter->cmd_pending_q_lock); 1070 spin_unlock_bh(&adapter->mwifiex_cmd_lock); 1071 1072 mwifiex_cancel_scan(adapter); 1073 } 1074 1075 /* 1076 * This function cancels all pending commands that matches with 1077 * the given IOCTL request. 1078 * 1079 * Both the current command buffer and the pending command queue are 1080 * searched for matching IOCTL request. The completion callback of 1081 * the matched command is called with failure status to ensure cleanup. 1082 * In case of scan commands, all pending commands in scan pending queue 1083 * are cancelled. 1084 */ 1085 static void 1086 mwifiex_cancel_pending_ioctl(struct mwifiex_adapter *adapter) 1087 { 1088 struct cmd_ctrl_node *cmd_node = NULL; 1089 1090 if ((adapter->curr_cmd) && 1091 (adapter->curr_cmd->wait_q_enabled)) { 1092 spin_lock_bh(&adapter->mwifiex_cmd_lock); 1093 cmd_node = adapter->curr_cmd; 1094 /* setting curr_cmd to NULL is quite dangerous, because 1095 * mwifiex_process_cmdresp checks curr_cmd to be != NULL 1096 * at the beginning then relies on it and dereferences 1097 * it at will 1098 * this probably works since mwifiex_cmd_timeout_func 1099 * is the only caller of this function and responses 1100 * at that point 1101 */ 1102 adapter->curr_cmd = NULL; 1103 spin_unlock_bh(&adapter->mwifiex_cmd_lock); 1104 1105 mwifiex_recycle_cmd_node(adapter, cmd_node); 1106 } 1107 1108 mwifiex_cancel_scan(adapter); 1109 } 1110 1111 /* 1112 * This function sends the sleep confirm command to firmware, if 1113 * possible. 1114 * 1115 * The sleep confirm command cannot be issued if command response, 1116 * data response or event response is awaiting handling, or if we 1117 * are in the middle of sending a command, or expecting a command 1118 * response. 1119 */ 1120 void 1121 mwifiex_check_ps_cond(struct mwifiex_adapter *adapter) 1122 { 1123 if (!adapter->cmd_sent && !atomic_read(&adapter->tx_hw_pending) && 1124 !adapter->curr_cmd && !IS_CARD_RX_RCVD(adapter)) 1125 mwifiex_dnld_sleep_confirm_cmd(adapter); 1126 else 1127 mwifiex_dbg(adapter, CMD, 1128 "cmd: Delay Sleep Confirm (%s%s%s%s)\n", 1129 (adapter->cmd_sent) ? "D" : "", 1130 atomic_read(&adapter->tx_hw_pending) ? "T" : "", 1131 (adapter->curr_cmd) ? "C" : "", 1132 (IS_CARD_RX_RCVD(adapter)) ? "R" : ""); 1133 } 1134 1135 /* 1136 * This function sends a Host Sleep activated event to applications. 1137 * 1138 * This event is generated by the driver, with a blank event body. 1139 */ 1140 void 1141 mwifiex_hs_activated_event(struct mwifiex_private *priv, u8 activated) 1142 { 1143 if (activated) { 1144 if (test_bit(MWIFIEX_IS_HS_CONFIGURED, 1145 &priv->adapter->work_flags)) { 1146 priv->adapter->hs_activated = true; 1147 mwifiex_update_rxreor_flags(priv->adapter, 1148 RXREOR_FORCE_NO_DROP); 1149 mwifiex_dbg(priv->adapter, EVENT, 1150 "event: hs_activated\n"); 1151 priv->adapter->hs_activate_wait_q_woken = true; 1152 wake_up_interruptible( 1153 &priv->adapter->hs_activate_wait_q); 1154 } else { 1155 mwifiex_dbg(priv->adapter, EVENT, 1156 "event: HS not configured\n"); 1157 } 1158 } else { 1159 mwifiex_dbg(priv->adapter, EVENT, 1160 "event: hs_deactivated\n"); 1161 priv->adapter->hs_activated = false; 1162 } 1163 } 1164 1165 /* 1166 * This function handles the command response of a Host Sleep configuration 1167 * command. 1168 * 1169 * Handling includes changing the header fields into CPU format 1170 * and setting the current host sleep activation status in driver. 1171 * 1172 * In case host sleep status change, the function generates an event to 1173 * notify the applications. 1174 */ 1175 int mwifiex_ret_802_11_hs_cfg(struct mwifiex_private *priv, 1176 struct host_cmd_ds_command *resp) 1177 { 1178 struct mwifiex_adapter *adapter = priv->adapter; 1179 struct host_cmd_ds_802_11_hs_cfg_enh *phs_cfg = 1180 &resp->params.opt_hs_cfg; 1181 uint32_t conditions = le32_to_cpu(phs_cfg->params.hs_config.conditions); 1182 1183 if (phs_cfg->action == cpu_to_le16(HS_ACTIVATE) && 1184 adapter->iface_type != MWIFIEX_USB) { 1185 mwifiex_hs_activated_event(priv, true); 1186 return 0; 1187 } else { 1188 mwifiex_dbg(adapter, CMD, 1189 "cmd: CMD_RESP: HS_CFG cmd reply\t" 1190 " result=%#x, conditions=0x%x gpio=0x%x gap=0x%x\n", 1191 resp->result, conditions, 1192 phs_cfg->params.hs_config.gpio, 1193 phs_cfg->params.hs_config.gap); 1194 } 1195 if (conditions != HS_CFG_CANCEL) { 1196 set_bit(MWIFIEX_IS_HS_CONFIGURED, &adapter->work_flags); 1197 if (adapter->iface_type == MWIFIEX_USB) 1198 mwifiex_hs_activated_event(priv, true); 1199 } else { 1200 clear_bit(MWIFIEX_IS_HS_CONFIGURED, &adapter->work_flags); 1201 if (adapter->hs_activated) 1202 mwifiex_hs_activated_event(priv, false); 1203 } 1204 1205 return 0; 1206 } 1207 1208 /* 1209 * This function wakes up the adapter and generates a Host Sleep 1210 * cancel event on receiving the power up interrupt. 1211 */ 1212 void 1213 mwifiex_process_hs_config(struct mwifiex_adapter *adapter) 1214 { 1215 mwifiex_dbg(adapter, INFO, 1216 "info: %s: auto cancelling host sleep\t" 1217 "since there is interrupt from the firmware\n", 1218 __func__); 1219 1220 adapter->if_ops.wakeup(adapter); 1221 1222 if (adapter->hs_activated_manually) { 1223 mwifiex_cancel_hs(mwifiex_get_priv (adapter, MWIFIEX_BSS_ROLE_ANY), 1224 MWIFIEX_ASYNC_CMD); 1225 adapter->hs_activated_manually = false; 1226 } 1227 1228 adapter->hs_activated = false; 1229 clear_bit(MWIFIEX_IS_HS_CONFIGURED, &adapter->work_flags); 1230 clear_bit(MWIFIEX_IS_SUSPENDED, &adapter->work_flags); 1231 mwifiex_hs_activated_event(mwifiex_get_priv(adapter, 1232 MWIFIEX_BSS_ROLE_ANY), 1233 false); 1234 } 1235 EXPORT_SYMBOL_GPL(mwifiex_process_hs_config); 1236 1237 /* 1238 * This function handles the command response of a sleep confirm command. 1239 * 1240 * The function sets the card state to SLEEP if the response indicates success. 1241 */ 1242 void 1243 mwifiex_process_sleep_confirm_resp(struct mwifiex_adapter *adapter, 1244 u8 *pbuf, u32 upld_len) 1245 { 1246 struct host_cmd_ds_command *cmd = (struct host_cmd_ds_command *) pbuf; 1247 struct mwifiex_private *priv = 1248 mwifiex_get_priv(adapter, MWIFIEX_BSS_ROLE_ANY); 1249 uint16_t result = le16_to_cpu(cmd->result); 1250 uint16_t command = le16_to_cpu(cmd->command); 1251 uint16_t seq_num = le16_to_cpu(cmd->seq_num); 1252 1253 if (!upld_len) { 1254 mwifiex_dbg(adapter, ERROR, 1255 "%s: cmd size is 0\n", __func__); 1256 return; 1257 } 1258 1259 mwifiex_dbg(adapter, CMD, 1260 "cmd: CMD_RESP: 0x%x, result %d, len %d, seqno 0x%x\n", 1261 command, result, le16_to_cpu(cmd->size), seq_num); 1262 1263 /* Get BSS number and corresponding priv */ 1264 priv = mwifiex_get_priv_by_id(adapter, HostCmd_GET_BSS_NO(seq_num), 1265 HostCmd_GET_BSS_TYPE(seq_num)); 1266 if (!priv) 1267 priv = mwifiex_get_priv(adapter, MWIFIEX_BSS_ROLE_ANY); 1268 1269 /* Update sequence number */ 1270 seq_num = HostCmd_GET_SEQ_NO(seq_num); 1271 /* Clear RET_BIT from HostCmd */ 1272 command &= HostCmd_CMD_ID_MASK; 1273 1274 if (command != HostCmd_CMD_802_11_PS_MODE_ENH) { 1275 mwifiex_dbg(adapter, ERROR, 1276 "%s: rcvd unexpected resp for cmd %#x, result = %x\n", 1277 __func__, command, result); 1278 return; 1279 } 1280 1281 if (result) { 1282 mwifiex_dbg(adapter, ERROR, 1283 "%s: sleep confirm cmd failed\n", 1284 __func__); 1285 adapter->pm_wakeup_card_req = false; 1286 adapter->ps_state = PS_STATE_AWAKE; 1287 return; 1288 } 1289 adapter->pm_wakeup_card_req = true; 1290 if (test_bit(MWIFIEX_IS_HS_CONFIGURED, &adapter->work_flags)) 1291 mwifiex_hs_activated_event(mwifiex_get_priv 1292 (adapter, MWIFIEX_BSS_ROLE_ANY), 1293 true); 1294 adapter->ps_state = PS_STATE_SLEEP; 1295 cmd->command = cpu_to_le16(command); 1296 cmd->seq_num = cpu_to_le16(seq_num); 1297 } 1298 EXPORT_SYMBOL_GPL(mwifiex_process_sleep_confirm_resp); 1299 1300 /* 1301 * This function prepares an enhanced power mode command. 1302 * 1303 * This function can be used to disable power save or to configure 1304 * power save with auto PS or STA PS or auto deep sleep. 1305 * 1306 * Preparation includes - 1307 * - Setting command ID, action and proper size 1308 * - Setting Power Save bitmap, PS parameters TLV, PS mode TLV, 1309 * auto deep sleep TLV (as required) 1310 * - Ensuring correct endian-ness 1311 */ 1312 int mwifiex_cmd_enh_power_mode(struct mwifiex_private *priv, 1313 struct host_cmd_ds_command *cmd, 1314 u16 cmd_action, uint16_t ps_bitmap, 1315 struct mwifiex_ds_auto_ds *auto_ds) 1316 { 1317 struct host_cmd_ds_802_11_ps_mode_enh *psmode_enh = 1318 &cmd->params.psmode_enh; 1319 u8 *tlv; 1320 u16 cmd_size = 0; 1321 1322 cmd->command = cpu_to_le16(HostCmd_CMD_802_11_PS_MODE_ENH); 1323 if (cmd_action == DIS_AUTO_PS) { 1324 psmode_enh->action = cpu_to_le16(DIS_AUTO_PS); 1325 psmode_enh->params.ps_bitmap = cpu_to_le16(ps_bitmap); 1326 cmd->size = cpu_to_le16(S_DS_GEN + sizeof(psmode_enh->action) + 1327 sizeof(psmode_enh->params.ps_bitmap)); 1328 } else if (cmd_action == GET_PS) { 1329 psmode_enh->action = cpu_to_le16(GET_PS); 1330 psmode_enh->params.ps_bitmap = cpu_to_le16(ps_bitmap); 1331 cmd->size = cpu_to_le16(S_DS_GEN + sizeof(psmode_enh->action) + 1332 sizeof(psmode_enh->params.ps_bitmap)); 1333 } else if (cmd_action == EN_AUTO_PS) { 1334 psmode_enh->action = cpu_to_le16(EN_AUTO_PS); 1335 psmode_enh->params.ps_bitmap = cpu_to_le16(ps_bitmap); 1336 cmd_size = S_DS_GEN + sizeof(psmode_enh->action) + 1337 sizeof(psmode_enh->params.ps_bitmap); 1338 tlv = (u8 *) cmd + cmd_size; 1339 if (ps_bitmap & BITMAP_STA_PS) { 1340 struct mwifiex_adapter *adapter = priv->adapter; 1341 struct mwifiex_ie_types_ps_param *ps_tlv = 1342 (struct mwifiex_ie_types_ps_param *) tlv; 1343 struct mwifiex_ps_param *ps_mode = &ps_tlv->param; 1344 ps_tlv->header.type = cpu_to_le16(TLV_TYPE_PS_PARAM); 1345 ps_tlv->header.len = cpu_to_le16(sizeof(*ps_tlv) - 1346 sizeof(struct mwifiex_ie_types_header)); 1347 cmd_size += sizeof(*ps_tlv); 1348 tlv += sizeof(*ps_tlv); 1349 mwifiex_dbg(priv->adapter, CMD, 1350 "cmd: PS Command: Enter PS\n"); 1351 ps_mode->null_pkt_interval = 1352 cpu_to_le16(adapter->null_pkt_interval); 1353 ps_mode->multiple_dtims = 1354 cpu_to_le16(adapter->multiple_dtim); 1355 ps_mode->bcn_miss_timeout = 1356 cpu_to_le16(adapter->bcn_miss_time_out); 1357 ps_mode->local_listen_interval = 1358 cpu_to_le16(adapter->local_listen_interval); 1359 ps_mode->adhoc_wake_period = 1360 cpu_to_le16(adapter->adhoc_awake_period); 1361 ps_mode->delay_to_ps = 1362 cpu_to_le16(adapter->delay_to_ps); 1363 ps_mode->mode = cpu_to_le16(adapter->enhanced_ps_mode); 1364 1365 } 1366 if (ps_bitmap & BITMAP_AUTO_DS) { 1367 struct mwifiex_ie_types_auto_ds_param *auto_ds_tlv = 1368 (struct mwifiex_ie_types_auto_ds_param *) tlv; 1369 u16 idletime = 0; 1370 1371 auto_ds_tlv->header.type = 1372 cpu_to_le16(TLV_TYPE_AUTO_DS_PARAM); 1373 auto_ds_tlv->header.len = 1374 cpu_to_le16(sizeof(*auto_ds_tlv) - 1375 sizeof(struct mwifiex_ie_types_header)); 1376 cmd_size += sizeof(*auto_ds_tlv); 1377 tlv += sizeof(*auto_ds_tlv); 1378 if (auto_ds) 1379 idletime = auto_ds->idle_time; 1380 mwifiex_dbg(priv->adapter, CMD, 1381 "cmd: PS Command: Enter Auto Deep Sleep\n"); 1382 auto_ds_tlv->deep_sleep_timeout = cpu_to_le16(idletime); 1383 } 1384 cmd->size = cpu_to_le16(cmd_size); 1385 } 1386 return 0; 1387 } 1388 1389 /* 1390 * This function handles the command response of an enhanced power mode 1391 * command. 1392 * 1393 * Handling includes changing the header fields into CPU format 1394 * and setting the current enhanced power mode in driver. 1395 */ 1396 int mwifiex_ret_enh_power_mode(struct mwifiex_private *priv, 1397 struct host_cmd_ds_command *resp, 1398 struct mwifiex_ds_pm_cfg *pm_cfg) 1399 { 1400 struct mwifiex_adapter *adapter = priv->adapter; 1401 struct host_cmd_ds_802_11_ps_mode_enh *ps_mode = 1402 &resp->params.psmode_enh; 1403 uint16_t action = le16_to_cpu(ps_mode->action); 1404 uint16_t ps_bitmap = le16_to_cpu(ps_mode->params.ps_bitmap); 1405 uint16_t auto_ps_bitmap = 1406 le16_to_cpu(ps_mode->params.ps_bitmap); 1407 1408 mwifiex_dbg(adapter, INFO, 1409 "info: %s: PS_MODE cmd reply result=%#x action=%#X\n", 1410 __func__, resp->result, action); 1411 if (action == EN_AUTO_PS) { 1412 if (auto_ps_bitmap & BITMAP_AUTO_DS) { 1413 mwifiex_dbg(adapter, CMD, 1414 "cmd: Enabled auto deep sleep\n"); 1415 priv->adapter->is_deep_sleep = true; 1416 } 1417 if (auto_ps_bitmap & BITMAP_STA_PS) { 1418 mwifiex_dbg(adapter, CMD, 1419 "cmd: Enabled STA power save\n"); 1420 if (adapter->sleep_period.period) 1421 mwifiex_dbg(adapter, CMD, 1422 "cmd: set to uapsd/pps mode\n"); 1423 } 1424 } else if (action == DIS_AUTO_PS) { 1425 if (ps_bitmap & BITMAP_AUTO_DS) { 1426 priv->adapter->is_deep_sleep = false; 1427 mwifiex_dbg(adapter, CMD, 1428 "cmd: Disabled auto deep sleep\n"); 1429 } 1430 if (ps_bitmap & BITMAP_STA_PS) { 1431 mwifiex_dbg(adapter, CMD, 1432 "cmd: Disabled STA power save\n"); 1433 if (adapter->sleep_period.period) { 1434 adapter->delay_null_pkt = false; 1435 adapter->tx_lock_flag = false; 1436 adapter->pps_uapsd_mode = false; 1437 } 1438 } 1439 } else if (action == GET_PS) { 1440 if (ps_bitmap & BITMAP_STA_PS) 1441 adapter->ps_mode = MWIFIEX_802_11_POWER_MODE_PSP; 1442 else 1443 adapter->ps_mode = MWIFIEX_802_11_POWER_MODE_CAM; 1444 1445 mwifiex_dbg(adapter, CMD, 1446 "cmd: ps_bitmap=%#x\n", ps_bitmap); 1447 1448 if (pm_cfg) { 1449 /* This section is for get power save mode */ 1450 if (ps_bitmap & BITMAP_STA_PS) 1451 pm_cfg->param.ps_mode = 1; 1452 else 1453 pm_cfg->param.ps_mode = 0; 1454 } 1455 } 1456 return 0; 1457 } 1458 1459 /* 1460 * This function prepares command to get hardware specifications. 1461 * 1462 * Preparation includes - 1463 * - Setting command ID, action and proper size 1464 * - Setting permanent address parameter 1465 * - Ensuring correct endian-ness 1466 */ 1467 int mwifiex_cmd_get_hw_spec(struct mwifiex_private *priv, 1468 struct host_cmd_ds_command *cmd) 1469 { 1470 struct host_cmd_ds_get_hw_spec *hw_spec = &cmd->params.hw_spec; 1471 1472 cmd->command = cpu_to_le16(HostCmd_CMD_GET_HW_SPEC); 1473 cmd->size = 1474 cpu_to_le16(sizeof(struct host_cmd_ds_get_hw_spec) + S_DS_GEN); 1475 memcpy(hw_spec->permanent_addr, priv->curr_addr, ETH_ALEN); 1476 1477 return 0; 1478 } 1479 1480 /* 1481 * This function handles the command response of get hardware 1482 * specifications. 1483 * 1484 * Handling includes changing the header fields into CPU format 1485 * and saving/updating the following parameters in driver - 1486 * - Firmware capability information 1487 * - Firmware band settings 1488 * - Ad-hoc start band and channel 1489 * - Ad-hoc 11n activation status 1490 * - Firmware release number 1491 * - Number of antennas 1492 * - Hardware address 1493 * - Hardware interface version 1494 * - Firmware version 1495 * - Region code 1496 * - 11n capabilities 1497 * - MCS support fields 1498 * - MP end port 1499 */ 1500 int mwifiex_ret_get_hw_spec(struct mwifiex_private *priv, 1501 struct host_cmd_ds_command *resp) 1502 { 1503 struct host_cmd_ds_get_hw_spec *hw_spec = &resp->params.hw_spec; 1504 struct mwifiex_adapter *adapter = priv->adapter; 1505 struct mwifiex_ie_types_header *tlv; 1506 struct hw_spec_api_rev *api_rev; 1507 struct hw_spec_max_conn *max_conn; 1508 u16 resp_size, api_id; 1509 int i, left_len, parsed_len = 0; 1510 1511 adapter->fw_cap_info = le32_to_cpu(hw_spec->fw_cap_info); 1512 1513 if (IS_SUPPORT_MULTI_BANDS(adapter)) 1514 adapter->fw_bands = (u8) GET_FW_DEFAULT_BANDS(adapter); 1515 else 1516 adapter->fw_bands = BAND_B; 1517 1518 adapter->config_bands = adapter->fw_bands; 1519 1520 if (adapter->fw_bands & BAND_A) { 1521 if (adapter->fw_bands & BAND_GN) { 1522 adapter->config_bands |= BAND_AN; 1523 adapter->fw_bands |= BAND_AN; 1524 } 1525 if (adapter->fw_bands & BAND_AN) { 1526 adapter->adhoc_start_band = BAND_A | BAND_AN; 1527 adapter->adhoc_11n_enabled = true; 1528 } else { 1529 adapter->adhoc_start_band = BAND_A; 1530 } 1531 priv->adhoc_channel = DEFAULT_AD_HOC_CHANNEL_A; 1532 } else if (adapter->fw_bands & BAND_GN) { 1533 adapter->adhoc_start_band = BAND_G | BAND_B | BAND_GN; 1534 priv->adhoc_channel = DEFAULT_AD_HOC_CHANNEL; 1535 adapter->adhoc_11n_enabled = true; 1536 } else if (adapter->fw_bands & BAND_G) { 1537 adapter->adhoc_start_band = BAND_G | BAND_B; 1538 priv->adhoc_channel = DEFAULT_AD_HOC_CHANNEL; 1539 } else if (adapter->fw_bands & BAND_B) { 1540 adapter->adhoc_start_band = BAND_B; 1541 priv->adhoc_channel = DEFAULT_AD_HOC_CHANNEL; 1542 } 1543 1544 adapter->fw_release_number = le32_to_cpu(hw_spec->fw_release_number); 1545 adapter->fw_api_ver = (adapter->fw_release_number >> 16) & 0xff; 1546 adapter->number_of_antenna = 1547 le16_to_cpu(hw_spec->number_of_antenna) & 0xf; 1548 1549 if (le32_to_cpu(hw_spec->dot_11ac_dev_cap)) { 1550 adapter->is_hw_11ac_capable = true; 1551 1552 /* Copy 11AC cap */ 1553 adapter->hw_dot_11ac_dev_cap = 1554 le32_to_cpu(hw_spec->dot_11ac_dev_cap); 1555 adapter->usr_dot_11ac_dev_cap_bg = adapter->hw_dot_11ac_dev_cap 1556 & ~MWIFIEX_DEF_11AC_CAP_BF_RESET_MASK; 1557 adapter->usr_dot_11ac_dev_cap_a = adapter->hw_dot_11ac_dev_cap 1558 & ~MWIFIEX_DEF_11AC_CAP_BF_RESET_MASK; 1559 1560 /* Copy 11AC mcs */ 1561 adapter->hw_dot_11ac_mcs_support = 1562 le32_to_cpu(hw_spec->dot_11ac_mcs_support); 1563 adapter->usr_dot_11ac_mcs_support = 1564 adapter->hw_dot_11ac_mcs_support; 1565 } else { 1566 adapter->is_hw_11ac_capable = false; 1567 } 1568 1569 resp_size = le16_to_cpu(resp->size) - S_DS_GEN; 1570 if (resp_size > sizeof(struct host_cmd_ds_get_hw_spec)) { 1571 /* we have variable HW SPEC information */ 1572 left_len = resp_size - sizeof(struct host_cmd_ds_get_hw_spec); 1573 while (left_len > sizeof(struct mwifiex_ie_types_header)) { 1574 tlv = (void *)&hw_spec->tlvs + parsed_len; 1575 switch (le16_to_cpu(tlv->type)) { 1576 case TLV_TYPE_API_REV: 1577 api_rev = (struct hw_spec_api_rev *)tlv; 1578 api_id = le16_to_cpu(api_rev->api_id); 1579 switch (api_id) { 1580 case KEY_API_VER_ID: 1581 adapter->key_api_major_ver = 1582 api_rev->major_ver; 1583 adapter->key_api_minor_ver = 1584 api_rev->minor_ver; 1585 mwifiex_dbg(adapter, INFO, 1586 "key_api v%d.%d\n", 1587 adapter->key_api_major_ver, 1588 adapter->key_api_minor_ver); 1589 break; 1590 case FW_API_VER_ID: 1591 adapter->fw_api_ver = 1592 api_rev->major_ver; 1593 mwifiex_dbg(adapter, INFO, 1594 "Firmware api version %d.%d\n", 1595 adapter->fw_api_ver, 1596 api_rev->minor_ver); 1597 break; 1598 case UAP_FW_API_VER_ID: 1599 mwifiex_dbg(adapter, INFO, 1600 "uAP api version %d.%d\n", 1601 api_rev->major_ver, 1602 api_rev->minor_ver); 1603 break; 1604 case CHANRPT_API_VER_ID: 1605 mwifiex_dbg(adapter, INFO, 1606 "channel report api version %d.%d\n", 1607 api_rev->major_ver, 1608 api_rev->minor_ver); 1609 break; 1610 case FW_HOTFIX_VER_ID: 1611 mwifiex_dbg(adapter, INFO, 1612 "Firmware hotfix version %d\n", 1613 api_rev->major_ver); 1614 break; 1615 default: 1616 mwifiex_dbg(adapter, FATAL, 1617 "Unknown api_id: %d\n", 1618 api_id); 1619 break; 1620 } 1621 break; 1622 case TLV_TYPE_MAX_CONN: 1623 max_conn = (struct hw_spec_max_conn *)tlv; 1624 adapter->max_p2p_conn = max_conn->max_p2p_conn; 1625 adapter->max_sta_conn = max_conn->max_sta_conn; 1626 mwifiex_dbg(adapter, INFO, 1627 "max p2p connections: %u\n", 1628 adapter->max_p2p_conn); 1629 mwifiex_dbg(adapter, INFO, 1630 "max sta connections: %u\n", 1631 adapter->max_sta_conn); 1632 break; 1633 default: 1634 mwifiex_dbg(adapter, FATAL, 1635 "Unknown GET_HW_SPEC TLV type: %#x\n", 1636 le16_to_cpu(tlv->type)); 1637 break; 1638 } 1639 parsed_len += le16_to_cpu(tlv->len) + 1640 sizeof(struct mwifiex_ie_types_header); 1641 left_len -= le16_to_cpu(tlv->len) + 1642 sizeof(struct mwifiex_ie_types_header); 1643 } 1644 } 1645 1646 mwifiex_dbg(adapter, INFO, 1647 "info: GET_HW_SPEC: fw_release_number- %#x\n", 1648 adapter->fw_release_number); 1649 mwifiex_dbg(adapter, INFO, 1650 "info: GET_HW_SPEC: permanent addr: %pM\n", 1651 hw_spec->permanent_addr); 1652 mwifiex_dbg(adapter, INFO, 1653 "info: GET_HW_SPEC: hw_if_version=%#x version=%#x\n", 1654 le16_to_cpu(hw_spec->hw_if_version), 1655 le16_to_cpu(hw_spec->version)); 1656 1657 ether_addr_copy(priv->adapter->perm_addr, hw_spec->permanent_addr); 1658 adapter->region_code = le16_to_cpu(hw_spec->region_code); 1659 1660 for (i = 0; i < MWIFIEX_MAX_REGION_CODE; i++) 1661 /* Use the region code to search for the index */ 1662 if (adapter->region_code == region_code_index[i]) 1663 break; 1664 1665 /* If it's unidentified region code, use the default (world) */ 1666 if (i >= MWIFIEX_MAX_REGION_CODE) { 1667 adapter->region_code = 0x00; 1668 mwifiex_dbg(adapter, WARN, 1669 "cmd: unknown region code, use default (USA)\n"); 1670 } 1671 1672 adapter->hw_dot_11n_dev_cap = le32_to_cpu(hw_spec->dot_11n_dev_cap); 1673 adapter->hw_dev_mcs_support = hw_spec->dev_mcs_support; 1674 adapter->user_dev_mcs_support = adapter->hw_dev_mcs_support; 1675 1676 if (adapter->if_ops.update_mp_end_port) 1677 adapter->if_ops.update_mp_end_port(adapter, 1678 le16_to_cpu(hw_spec->mp_end_port)); 1679 1680 if (adapter->fw_api_ver == MWIFIEX_FW_V15) 1681 adapter->scan_chan_gap_enabled = true; 1682 1683 return 0; 1684 } 1685 1686 /* This function handles the command response of hs wakeup reason 1687 * command. 1688 */ 1689 int mwifiex_ret_wakeup_reason(struct mwifiex_private *priv, 1690 struct host_cmd_ds_command *resp, 1691 struct host_cmd_ds_wakeup_reason *wakeup_reason) 1692 { 1693 wakeup_reason->wakeup_reason = 1694 resp->params.hs_wakeup_reason.wakeup_reason; 1695 1696 return 0; 1697 } 1698