xref: /linux/drivers/net/wireless/realtek/rtw89/wow.c (revision 001821b0e79716c4e17c71d8e053a23599a7a508)
1 // SPDX-License-Identifier: GPL-2.0 OR BSD-3-Clause
2 /* Copyright(c) 2019-2022  Realtek Corporation
3  */
4 #include "cam.h"
5 #include "core.h"
6 #include "debug.h"
7 #include "fw.h"
8 #include "mac.h"
9 #include "phy.h"
10 #include "ps.h"
11 #include "reg.h"
12 #include "util.h"
13 #include "wow.h"
14 
15 void rtw89_wow_parse_akm(struct rtw89_dev *rtwdev, struct sk_buff *skb)
16 {
17 	struct ieee80211_mgmt *mgmt = (struct ieee80211_mgmt *)skb->data;
18 	struct rtw89_wow_param *rtw_wow = &rtwdev->wow;
19 	const u8 *rsn, *ies = mgmt->u.assoc_req.variable;
20 	struct rtw89_rsn_ie *rsn_ie;
21 
22 	rsn = cfg80211_find_ie(WLAN_EID_RSN, ies, skb->len);
23 	if (!rsn)
24 		return;
25 
26 	rsn_ie = (struct rtw89_rsn_ie *)rsn;
27 	rtw_wow->akm = rsn_ie->akm_cipher_suite.type;
28 }
29 
30 static const struct rtw89_cipher_info rtw89_cipher_info_defs[] = {
31 	{WLAN_CIPHER_SUITE_WEP40,	.fw_alg = 1,	.len = WLAN_KEY_LEN_WEP40,},
32 	{WLAN_CIPHER_SUITE_WEP104,	.fw_alg = 2,	.len = WLAN_KEY_LEN_WEP104,},
33 	{WLAN_CIPHER_SUITE_TKIP,	.fw_alg = 3,	.len = WLAN_KEY_LEN_TKIP,},
34 	{WLAN_CIPHER_SUITE_CCMP,	.fw_alg = 6,	.len = WLAN_KEY_LEN_CCMP,},
35 	{WLAN_CIPHER_SUITE_GCMP,	.fw_alg = 8,	.len = WLAN_KEY_LEN_GCMP,},
36 	{WLAN_CIPHER_SUITE_CCMP_256,	.fw_alg = 7,	.len = WLAN_KEY_LEN_CCMP_256,},
37 	{WLAN_CIPHER_SUITE_GCMP_256,	.fw_alg = 23,	.len = WLAN_KEY_LEN_GCMP_256,},
38 	{WLAN_CIPHER_SUITE_AES_CMAC,	.fw_alg = 32,	.len = WLAN_KEY_LEN_AES_CMAC,},
39 };
40 
41 static const
42 struct rtw89_cipher_info *rtw89_cipher_alg_recognize(u32 cipher)
43 {
44 	const struct rtw89_cipher_info *cipher_info_defs;
45 	int i;
46 
47 	for (i = 0; i < ARRAY_SIZE(rtw89_cipher_info_defs); i++) {
48 		cipher_info_defs = &rtw89_cipher_info_defs[i];
49 		if (cipher_info_defs->cipher == cipher)
50 			return cipher_info_defs;
51 	}
52 
53 	return NULL;
54 }
55 
56 static int _pn_to_iv(struct rtw89_dev *rtwdev, struct ieee80211_key_conf *key,
57 		     u8 *iv, u64 pn, u8 key_idx)
58 {
59 	switch (key->cipher) {
60 	case WLAN_CIPHER_SUITE_TKIP:
61 		iv[0] = u64_get_bits(pn, RTW89_KEY_PN_1);
62 		iv[1] = (u64_get_bits(pn, RTW89_KEY_PN_1) | 0x20) & 0x7f;
63 		iv[2] = u64_get_bits(pn, RTW89_KEY_PN_0);
64 		break;
65 	case WLAN_CIPHER_SUITE_CCMP:
66 	case WLAN_CIPHER_SUITE_GCMP:
67 	case WLAN_CIPHER_SUITE_CCMP_256:
68 	case WLAN_CIPHER_SUITE_GCMP_256:
69 		iv[0] = u64_get_bits(pn, RTW89_KEY_PN_0);
70 		iv[1] = u64_get_bits(pn, RTW89_KEY_PN_1);
71 		iv[2] = 0;
72 		break;
73 	default:
74 		return -EINVAL;
75 	}
76 
77 	iv[3] = BIT(5) | ((key_idx & 0x3) << 6);
78 	iv[4] = u64_get_bits(pn, RTW89_KEY_PN_2);
79 	iv[5] = u64_get_bits(pn, RTW89_KEY_PN_3);
80 	iv[6] = u64_get_bits(pn, RTW89_KEY_PN_4);
81 	iv[7] = u64_get_bits(pn, RTW89_KEY_PN_5);
82 
83 	return 0;
84 }
85 
86 static int rtw89_rx_pn_to_iv(struct rtw89_dev *rtwdev,
87 			     struct ieee80211_key_conf *key,
88 			     u8 *iv)
89 {
90 	struct ieee80211_key_seq seq;
91 	int err;
92 	u64 pn;
93 
94 	ieee80211_get_key_rx_seq(key, 0, &seq);
95 
96 	/* seq.ccmp.pn[] is BE order array */
97 	pn = u64_encode_bits(seq.ccmp.pn[0], RTW89_KEY_PN_5) |
98 	     u64_encode_bits(seq.ccmp.pn[1], RTW89_KEY_PN_4) |
99 	     u64_encode_bits(seq.ccmp.pn[2], RTW89_KEY_PN_3) |
100 	     u64_encode_bits(seq.ccmp.pn[3], RTW89_KEY_PN_2) |
101 	     u64_encode_bits(seq.ccmp.pn[4], RTW89_KEY_PN_1) |
102 	     u64_encode_bits(seq.ccmp.pn[5], RTW89_KEY_PN_0);
103 
104 	err = _pn_to_iv(rtwdev, key, iv, pn, key->keyidx);
105 	if (err)
106 		return err;
107 
108 	rtw89_debug(rtwdev, RTW89_DBG_WOW, "%s key %d pn-%llx to iv-%*ph\n",
109 		    __func__, key->keyidx, pn, 8, iv);
110 
111 	return 0;
112 }
113 
114 static int rtw89_tx_pn_to_iv(struct rtw89_dev *rtwdev,
115 			     struct ieee80211_key_conf *key,
116 			     u8 *iv)
117 {
118 	int err;
119 	u64 pn;
120 
121 	pn = atomic64_inc_return(&key->tx_pn);
122 	err = _pn_to_iv(rtwdev, key, iv, pn, key->keyidx);
123 	if (err)
124 		return err;
125 
126 	rtw89_debug(rtwdev, RTW89_DBG_WOW, "%s key %d pn-%llx to iv-%*ph\n",
127 		    __func__, key->keyidx, pn, 8, iv);
128 
129 	return 0;
130 }
131 
132 static int _iv_to_pn(struct rtw89_dev *rtwdev, u8 *iv, u64 *pn, u8 *key_id,
133 		     struct ieee80211_key_conf *key)
134 {
135 	switch (key->cipher) {
136 	case WLAN_CIPHER_SUITE_TKIP:
137 		*pn = u64_encode_bits(iv[2], RTW89_KEY_PN_0) |
138 		      u64_encode_bits(iv[0], RTW89_KEY_PN_1);
139 		break;
140 	case WLAN_CIPHER_SUITE_CCMP:
141 	case WLAN_CIPHER_SUITE_GCMP:
142 	case WLAN_CIPHER_SUITE_CCMP_256:
143 	case WLAN_CIPHER_SUITE_GCMP_256:
144 		*pn = u64_encode_bits(iv[0], RTW89_KEY_PN_0) |
145 		      u64_encode_bits(iv[1], RTW89_KEY_PN_1);
146 		break;
147 	default:
148 		return -EINVAL;
149 	}
150 
151 	*pn |= u64_encode_bits(iv[4], RTW89_KEY_PN_2) |
152 	       u64_encode_bits(iv[5], RTW89_KEY_PN_3) |
153 	       u64_encode_bits(iv[6], RTW89_KEY_PN_4) |
154 	       u64_encode_bits(iv[7], RTW89_KEY_PN_5);
155 
156 	if (key_id)
157 		*key_id = *(iv + 3) >> 6;
158 
159 	return 0;
160 }
161 
162 static int rtw89_rx_iv_to_pn(struct rtw89_dev *rtwdev,
163 			     struct ieee80211_key_conf *key,
164 			     u8 *iv)
165 {
166 	struct ieee80211_key_seq seq;
167 	int err;
168 	u64 pn;
169 
170 	err = _iv_to_pn(rtwdev, iv, &pn, NULL, key);
171 	if (err)
172 		return err;
173 
174 	/* seq.ccmp.pn[] is BE order array */
175 	seq.ccmp.pn[0] = u64_get_bits(pn, RTW89_KEY_PN_5);
176 	seq.ccmp.pn[1] = u64_get_bits(pn, RTW89_KEY_PN_4);
177 	seq.ccmp.pn[2] = u64_get_bits(pn, RTW89_KEY_PN_3);
178 	seq.ccmp.pn[3] = u64_get_bits(pn, RTW89_KEY_PN_2);
179 	seq.ccmp.pn[4] = u64_get_bits(pn, RTW89_KEY_PN_1);
180 	seq.ccmp.pn[5] = u64_get_bits(pn, RTW89_KEY_PN_0);
181 
182 	ieee80211_set_key_rx_seq(key, 0, &seq);
183 	rtw89_debug(rtwdev, RTW89_DBG_WOW, "%s key %d iv-%*ph to pn-%*ph\n",
184 		    __func__, key->keyidx, 8, iv, 6, seq.ccmp.pn);
185 
186 	return 0;
187 }
188 
189 static int rtw89_tx_iv_to_pn(struct rtw89_dev *rtwdev,
190 			     struct ieee80211_key_conf *key,
191 			     u8 *iv)
192 {
193 	int err;
194 	u64 pn;
195 
196 	err = _iv_to_pn(rtwdev, iv, &pn, NULL, key);
197 	if (err)
198 		return err;
199 
200 	atomic64_set(&key->tx_pn, pn);
201 	rtw89_debug(rtwdev, RTW89_DBG_WOW, "%s key %d iv-%*ph to pn-%llx\n",
202 		    __func__, key->keyidx, 8, iv, pn);
203 
204 	return 0;
205 }
206 
207 static int rtw89_rx_pn_get_pmf(struct rtw89_dev *rtwdev,
208 			       struct ieee80211_key_conf *key,
209 			       struct rtw89_wow_gtk_info *gtk_info)
210 {
211 	struct ieee80211_key_seq seq;
212 	u64 pn;
213 
214 	if (key->keyidx == 4)
215 		memcpy(gtk_info->igtk[0], key->key, key->keylen);
216 	else if (key->keyidx == 5)
217 		memcpy(gtk_info->igtk[1], key->key, key->keylen);
218 	else
219 		return -EINVAL;
220 
221 	ieee80211_get_key_rx_seq(key, 0, &seq);
222 
223 	/* seq.ccmp.pn[] is BE order array */
224 	pn = u64_encode_bits(seq.ccmp.pn[0], RTW89_KEY_PN_5) |
225 	     u64_encode_bits(seq.ccmp.pn[1], RTW89_KEY_PN_4) |
226 	     u64_encode_bits(seq.ccmp.pn[2], RTW89_KEY_PN_3) |
227 	     u64_encode_bits(seq.ccmp.pn[3], RTW89_KEY_PN_2) |
228 	     u64_encode_bits(seq.ccmp.pn[4], RTW89_KEY_PN_1) |
229 	     u64_encode_bits(seq.ccmp.pn[5], RTW89_KEY_PN_0);
230 	gtk_info->ipn = cpu_to_le64(pn);
231 	gtk_info->igtk_keyid = cpu_to_le32(key->keyidx);
232 	rtw89_debug(rtwdev, RTW89_DBG_WOW, "%s key %d pn-%llx\n",
233 		    __func__, key->keyidx, pn);
234 
235 	return 0;
236 }
237 
238 static int rtw89_rx_pn_set_pmf(struct rtw89_dev *rtwdev,
239 			       struct ieee80211_key_conf *key,
240 			       u64 pn)
241 {
242 	struct rtw89_wow_param *rtw_wow = &rtwdev->wow;
243 	struct rtw89_wow_aoac_report *aoac_rpt = &rtw_wow->aoac_rpt;
244 	struct ieee80211_key_seq seq;
245 
246 	if (key->keyidx != aoac_rpt->igtk_key_id)
247 		return 0;
248 
249 	/* seq.ccmp.pn[] is BE order array */
250 	seq.ccmp.pn[0] = u64_get_bits(pn, RTW89_KEY_PN_5);
251 	seq.ccmp.pn[1] = u64_get_bits(pn, RTW89_KEY_PN_4);
252 	seq.ccmp.pn[2] = u64_get_bits(pn, RTW89_KEY_PN_3);
253 	seq.ccmp.pn[3] = u64_get_bits(pn, RTW89_KEY_PN_2);
254 	seq.ccmp.pn[4] = u64_get_bits(pn, RTW89_KEY_PN_1);
255 	seq.ccmp.pn[5] = u64_get_bits(pn, RTW89_KEY_PN_0);
256 
257 	ieee80211_set_key_rx_seq(key, 0, &seq);
258 	rtw89_debug(rtwdev, RTW89_DBG_WOW, "%s key %d pn-%*ph\n",
259 		    __func__, key->keyidx, 6, seq.ccmp.pn);
260 
261 	return 0;
262 }
263 
264 static void rtw89_wow_get_key_info_iter(struct ieee80211_hw *hw,
265 					struct ieee80211_vif *vif,
266 					struct ieee80211_sta *sta,
267 					struct ieee80211_key_conf *key,
268 					void *data)
269 {
270 	struct rtw89_dev *rtwdev = hw->priv;
271 	struct rtw89_wow_param *rtw_wow = &rtwdev->wow;
272 	struct rtw89_wow_key_info *key_info = &rtw_wow->key_info;
273 	struct rtw89_wow_gtk_info *gtk_info = &rtw_wow->gtk_info;
274 	const struct rtw89_cipher_info *cipher_info;
275 	bool *err = data;
276 	int ret;
277 
278 	cipher_info = rtw89_cipher_alg_recognize(key->cipher);
279 
280 	switch (key->cipher) {
281 	case WLAN_CIPHER_SUITE_TKIP:
282 	case WLAN_CIPHER_SUITE_CCMP:
283 	case WLAN_CIPHER_SUITE_GCMP:
284 	case WLAN_CIPHER_SUITE_CCMP_256:
285 	case WLAN_CIPHER_SUITE_GCMP_256:
286 		if (sta) {
287 			ret = rtw89_tx_pn_to_iv(rtwdev, key,
288 						key_info->ptk_tx_iv);
289 			if (ret)
290 				goto err;
291 			ret = rtw89_rx_pn_to_iv(rtwdev, key,
292 						key_info->ptk_rx_iv);
293 			if (ret)
294 				goto err;
295 
296 			rtw_wow->ptk_alg = cipher_info->fw_alg;
297 			rtw_wow->ptk_keyidx = key->keyidx;
298 		} else {
299 			ret = rtw89_rx_pn_to_iv(rtwdev, key,
300 						key_info->gtk_rx_iv[key->keyidx]);
301 			if (ret)
302 				goto err;
303 
304 			rtw_wow->gtk_alg = cipher_info->fw_alg;
305 			key_info->gtk_keyidx = key->keyidx;
306 		}
307 		break;
308 	case WLAN_CIPHER_SUITE_AES_CMAC:
309 		ret = rtw89_rx_pn_get_pmf(rtwdev, key, gtk_info);
310 		if (ret)
311 			goto err;
312 		break;
313 	case WLAN_CIPHER_SUITE_WEP40:
314 	case WLAN_CIPHER_SUITE_WEP104:
315 		/* WEP only set group key in mac80211, but fw need to set
316 		 * both of pairwise key and group key.
317 		 */
318 		rtw_wow->ptk_alg = cipher_info->fw_alg;
319 		rtw_wow->ptk_keyidx = key->keyidx;
320 		rtw_wow->gtk_alg = cipher_info->fw_alg;
321 		key_info->gtk_keyidx = key->keyidx;
322 		break;
323 	default:
324 		rtw89_debug(rtwdev, RTW89_DBG_WOW, "unsupport cipher %x\n",
325 			    key->cipher);
326 		goto err;
327 	}
328 
329 	return;
330 err:
331 	*err = true;
332 }
333 
334 static void rtw89_wow_set_key_info_iter(struct ieee80211_hw *hw,
335 					struct ieee80211_vif *vif,
336 					struct ieee80211_sta *sta,
337 					struct ieee80211_key_conf *key,
338 					void *data)
339 {
340 	struct rtw89_dev *rtwdev = hw->priv;
341 	struct rtw89_wow_param *rtw_wow = &rtwdev->wow;
342 	struct rtw89_wow_aoac_report *aoac_rpt = &rtw_wow->aoac_rpt;
343 	struct rtw89_set_key_info_iter_data *iter_data = data;
344 	bool update_tx_key_info = iter_data->rx_ready;
345 	int ret;
346 
347 	switch (key->cipher) {
348 	case WLAN_CIPHER_SUITE_TKIP:
349 	case WLAN_CIPHER_SUITE_CCMP:
350 	case WLAN_CIPHER_SUITE_GCMP:
351 	case WLAN_CIPHER_SUITE_CCMP_256:
352 	case WLAN_CIPHER_SUITE_GCMP_256:
353 		if (sta && !update_tx_key_info) {
354 			ret = rtw89_rx_iv_to_pn(rtwdev, key,
355 						aoac_rpt->ptk_rx_iv);
356 			if (ret)
357 				goto err;
358 		}
359 
360 		if (sta && update_tx_key_info) {
361 			ret = rtw89_tx_iv_to_pn(rtwdev, key,
362 						aoac_rpt->ptk_tx_iv);
363 			if (ret)
364 				goto err;
365 		}
366 
367 		if (!sta && !update_tx_key_info) {
368 			ret = rtw89_rx_iv_to_pn(rtwdev, key,
369 						aoac_rpt->gtk_rx_iv[key->keyidx]);
370 			if (ret)
371 				goto err;
372 		}
373 
374 		if (!sta && update_tx_key_info && aoac_rpt->rekey_ok)
375 			iter_data->gtk_cipher = key->cipher;
376 		break;
377 	case WLAN_CIPHER_SUITE_AES_CMAC:
378 		if (update_tx_key_info) {
379 			if (aoac_rpt->rekey_ok)
380 				iter_data->igtk_cipher = key->cipher;
381 		} else {
382 			ret = rtw89_rx_pn_set_pmf(rtwdev, key,
383 						  aoac_rpt->igtk_ipn);
384 			if (ret)
385 				goto err;
386 		}
387 		break;
388 	case WLAN_CIPHER_SUITE_WEP40:
389 	case WLAN_CIPHER_SUITE_WEP104:
390 		break;
391 	default:
392 		rtw89_debug(rtwdev, RTW89_DBG_WOW, "unsupport cipher %x\n",
393 			    key->cipher);
394 		goto err;
395 	}
396 
397 	return;
398 
399 err:
400 	iter_data->error = true;
401 }
402 
403 static void rtw89_wow_key_clear(struct rtw89_dev *rtwdev)
404 {
405 	struct rtw89_wow_param *rtw_wow = &rtwdev->wow;
406 
407 	memset(&rtw_wow->aoac_rpt, 0, sizeof(rtw_wow->aoac_rpt));
408 	memset(&rtw_wow->gtk_info, 0, sizeof(rtw_wow->gtk_info));
409 	memset(&rtw_wow->key_info, 0, sizeof(rtw_wow->key_info));
410 	rtw_wow->ptk_alg = 0;
411 	rtw_wow->gtk_alg = 0;
412 }
413 
414 static void rtw89_wow_construct_key_info(struct rtw89_dev *rtwdev)
415 {
416 	struct rtw89_wow_param *rtw_wow = &rtwdev->wow;
417 	struct rtw89_wow_key_info *key_info = &rtw_wow->key_info;
418 	struct ieee80211_vif *wow_vif = rtwdev->wow.wow_vif;
419 	bool err = false;
420 
421 	rcu_read_lock();
422 	ieee80211_iter_keys_rcu(rtwdev->hw, wow_vif,
423 				rtw89_wow_get_key_info_iter, &err);
424 	rcu_read_unlock();
425 
426 	if (err) {
427 		rtw89_wow_key_clear(rtwdev);
428 		return;
429 	}
430 
431 	key_info->valid_check = RTW89_WOW_VALID_CHECK;
432 	key_info->symbol_check_en = RTW89_WOW_SYMBOL_CHK_PTK |
433 				    RTW89_WOW_SYMBOL_CHK_GTK;
434 }
435 
436 static void rtw89_wow_debug_aoac_rpt(struct rtw89_dev *rtwdev)
437 {
438 	struct rtw89_wow_param *rtw_wow = &rtwdev->wow;
439 	struct rtw89_wow_aoac_report *aoac_rpt = &rtw_wow->aoac_rpt;
440 
441 	if (!rtw89_debug_is_enabled(rtwdev, RTW89_DBG_WOW))
442 		return;
443 
444 	rtw89_debug(rtwdev, RTW89_DBG_WOW, "[aoac_rpt] rpt_ver = %d\n",
445 		    aoac_rpt->rpt_ver);
446 	rtw89_debug(rtwdev, RTW89_DBG_WOW, "[aoac_rpt] sec_type = %d\n",
447 		    aoac_rpt->sec_type);
448 	rtw89_debug(rtwdev, RTW89_DBG_WOW, "[aoac_rpt] key_idx = %d\n",
449 		    aoac_rpt->key_idx);
450 	rtw89_debug(rtwdev, RTW89_DBG_WOW, "[aoac_rpt] pattern_idx = %d\n",
451 		    aoac_rpt->pattern_idx);
452 	rtw89_debug(rtwdev, RTW89_DBG_WOW, "[aoac_rpt] rekey_ok = %d\n",
453 		    aoac_rpt->rekey_ok);
454 	rtw89_debug(rtwdev, RTW89_DBG_WOW, "[aoac_rpt] ptk_tx_iv = %*ph\n",
455 		    8, aoac_rpt->ptk_tx_iv);
456 	rtw89_debug(rtwdev, RTW89_DBG_WOW,
457 		    "[aoac_rpt] eapol_key_replay_count = %*ph\n",
458 		    8, aoac_rpt->eapol_key_replay_count);
459 	rtw89_debug(rtwdev, RTW89_DBG_WOW, "[aoac_rpt] ptk_rx_iv = %*ph\n",
460 		    8, aoac_rpt->ptk_rx_iv);
461 	rtw89_debug(rtwdev, RTW89_DBG_WOW, "[aoac_rpt] gtk_rx_iv[0] = %*ph\n",
462 		    8, aoac_rpt->gtk_rx_iv[0]);
463 	rtw89_debug(rtwdev, RTW89_DBG_WOW, "[aoac_rpt] gtk_rx_iv[1] = %*ph\n",
464 		    8, aoac_rpt->gtk_rx_iv[1]);
465 	rtw89_debug(rtwdev, RTW89_DBG_WOW, "[aoac_rpt] gtk_rx_iv[2] = %*ph\n",
466 		    8, aoac_rpt->gtk_rx_iv[2]);
467 	rtw89_debug(rtwdev, RTW89_DBG_WOW, "[aoac_rpt] gtk_rx_iv[3] = %*ph\n",
468 		    8, aoac_rpt->gtk_rx_iv[3]);
469 	rtw89_debug(rtwdev, RTW89_DBG_WOW, "[aoac_rpt] igtk_key_id = %llu\n",
470 		    aoac_rpt->igtk_key_id);
471 	rtw89_debug(rtwdev, RTW89_DBG_WOW, "[aoac_rpt] igtk_ipn = %llu\n",
472 		    aoac_rpt->igtk_ipn);
473 	rtw89_debug(rtwdev, RTW89_DBG_WOW, "[aoac_rpt] igtk = %*ph\n",
474 		    32, aoac_rpt->igtk);
475 }
476 
477 static int rtw89_wow_get_aoac_rpt_reg(struct rtw89_dev *rtwdev)
478 {
479 	struct rtw89_wow_param *rtw_wow = &rtwdev->wow;
480 	struct rtw89_wow_aoac_report *aoac_rpt = &rtw_wow->aoac_rpt;
481 	struct rtw89_mac_c2h_info c2h_info = {};
482 	struct rtw89_mac_h2c_info h2c_info = {};
483 	u8 igtk_ipn[8];
484 	u8 key_idx;
485 	int ret;
486 
487 	h2c_info.id = RTW89_FWCMD_H2CREG_FUNC_AOAC_RPT_1;
488 	h2c_info.content_len = 2;
489 	ret = rtw89_fw_msg_reg(rtwdev, &h2c_info, &c2h_info);
490 	if (ret)
491 		return ret;
492 
493 	aoac_rpt->key_idx =
494 		u32_get_bits(c2h_info.u.c2hreg[0], RTW89_C2HREG_AOAC_RPT_1_W0_KEY_IDX);
495 	key_idx = aoac_rpt->key_idx;
496 	aoac_rpt->gtk_rx_iv[key_idx][0] =
497 		u32_get_bits(c2h_info.u.c2hreg[1], RTW89_C2HREG_AOAC_RPT_1_W1_IV_0);
498 	aoac_rpt->gtk_rx_iv[key_idx][1] =
499 		u32_get_bits(c2h_info.u.c2hreg[1], RTW89_C2HREG_AOAC_RPT_1_W1_IV_1);
500 	aoac_rpt->gtk_rx_iv[key_idx][2] =
501 		u32_get_bits(c2h_info.u.c2hreg[1], RTW89_C2HREG_AOAC_RPT_1_W1_IV_2);
502 	aoac_rpt->gtk_rx_iv[key_idx][3] =
503 		u32_get_bits(c2h_info.u.c2hreg[1], RTW89_C2HREG_AOAC_RPT_1_W1_IV_3);
504 	aoac_rpt->gtk_rx_iv[key_idx][4] =
505 		u32_get_bits(c2h_info.u.c2hreg[2], RTW89_C2HREG_AOAC_RPT_1_W2_IV_4);
506 	aoac_rpt->gtk_rx_iv[key_idx][5] =
507 		u32_get_bits(c2h_info.u.c2hreg[2], RTW89_C2HREG_AOAC_RPT_1_W2_IV_5);
508 	aoac_rpt->gtk_rx_iv[key_idx][6] =
509 		u32_get_bits(c2h_info.u.c2hreg[2], RTW89_C2HREG_AOAC_RPT_1_W2_IV_6);
510 	aoac_rpt->gtk_rx_iv[key_idx][7] =
511 		u32_get_bits(c2h_info.u.c2hreg[2], RTW89_C2HREG_AOAC_RPT_1_W2_IV_7);
512 	aoac_rpt->ptk_rx_iv[0] =
513 		u32_get_bits(c2h_info.u.c2hreg[3], RTW89_C2HREG_AOAC_RPT_1_W3_PTK_IV_0);
514 	aoac_rpt->ptk_rx_iv[1] =
515 		u32_get_bits(c2h_info.u.c2hreg[3], RTW89_C2HREG_AOAC_RPT_1_W3_PTK_IV_1);
516 	aoac_rpt->ptk_rx_iv[2] =
517 		u32_get_bits(c2h_info.u.c2hreg[3], RTW89_C2HREG_AOAC_RPT_1_W3_PTK_IV_2);
518 	aoac_rpt->ptk_rx_iv[3] =
519 		u32_get_bits(c2h_info.u.c2hreg[3], RTW89_C2HREG_AOAC_RPT_1_W3_PTK_IV_3);
520 
521 	h2c_info.id = RTW89_FWCMD_H2CREG_FUNC_AOAC_RPT_2;
522 	h2c_info.content_len = 2;
523 	ret = rtw89_fw_msg_reg(rtwdev, &h2c_info, &c2h_info);
524 	if (ret)
525 		return ret;
526 
527 	aoac_rpt->ptk_rx_iv[4] =
528 		u32_get_bits(c2h_info.u.c2hreg[0], RTW89_C2HREG_AOAC_RPT_2_W0_PTK_IV_4);
529 	aoac_rpt->ptk_rx_iv[5] =
530 		u32_get_bits(c2h_info.u.c2hreg[0], RTW89_C2HREG_AOAC_RPT_2_W0_PTK_IV_5);
531 	aoac_rpt->ptk_rx_iv[6] =
532 		u32_get_bits(c2h_info.u.c2hreg[1], RTW89_C2HREG_AOAC_RPT_2_W1_PTK_IV_6);
533 	aoac_rpt->ptk_rx_iv[7] =
534 		u32_get_bits(c2h_info.u.c2hreg[1], RTW89_C2HREG_AOAC_RPT_2_W1_PTK_IV_7);
535 	igtk_ipn[0] =
536 		u32_get_bits(c2h_info.u.c2hreg[1], RTW89_C2HREG_AOAC_RPT_2_W1_IGTK_IPN_IV_0);
537 	igtk_ipn[1] =
538 		u32_get_bits(c2h_info.u.c2hreg[1], RTW89_C2HREG_AOAC_RPT_2_W1_IGTK_IPN_IV_1);
539 	igtk_ipn[2] =
540 		u32_get_bits(c2h_info.u.c2hreg[2], RTW89_C2HREG_AOAC_RPT_2_W2_IGTK_IPN_IV_2);
541 	igtk_ipn[3] =
542 		u32_get_bits(c2h_info.u.c2hreg[2], RTW89_C2HREG_AOAC_RPT_2_W2_IGTK_IPN_IV_3);
543 	igtk_ipn[4] =
544 		u32_get_bits(c2h_info.u.c2hreg[2], RTW89_C2HREG_AOAC_RPT_2_W2_IGTK_IPN_IV_4);
545 	igtk_ipn[5] =
546 		u32_get_bits(c2h_info.u.c2hreg[2], RTW89_C2HREG_AOAC_RPT_2_W2_IGTK_IPN_IV_5);
547 	igtk_ipn[6] =
548 		u32_get_bits(c2h_info.u.c2hreg[3], RTW89_C2HREG_AOAC_RPT_2_W3_IGTK_IPN_IV_6);
549 	igtk_ipn[7] =
550 		u32_get_bits(c2h_info.u.c2hreg[3], RTW89_C2HREG_AOAC_RPT_2_W3_IGTK_IPN_IV_7);
551 	aoac_rpt->igtk_ipn = u64_encode_bits(igtk_ipn[0], RTW89_IGTK_IPN_0) |
552 			     u64_encode_bits(igtk_ipn[1], RTW89_IGTK_IPN_1) |
553 			     u64_encode_bits(igtk_ipn[2], RTW89_IGTK_IPN_2) |
554 			     u64_encode_bits(igtk_ipn[3], RTW89_IGTK_IPN_3) |
555 			     u64_encode_bits(igtk_ipn[4], RTW89_IGTK_IPN_4) |
556 			     u64_encode_bits(igtk_ipn[5], RTW89_IGTK_IPN_5) |
557 			     u64_encode_bits(igtk_ipn[6], RTW89_IGTK_IPN_6) |
558 			     u64_encode_bits(igtk_ipn[7], RTW89_IGTK_IPN_7);
559 
560 	return 0;
561 }
562 
563 static int rtw89_wow_get_aoac_rpt(struct rtw89_dev *rtwdev, bool rx_ready)
564 {
565 	struct rtw89_wow_param *rtw_wow = &rtwdev->wow;
566 	int ret;
567 
568 	if (!rtw_wow->ptk_alg)
569 		return -EPERM;
570 
571 	if (!rx_ready) {
572 		ret = rtw89_wow_get_aoac_rpt_reg(rtwdev);
573 		if (ret) {
574 			rtw89_err(rtwdev, "wow: failed to get aoac rpt by reg\n");
575 			return ret;
576 		}
577 	} else {
578 		ret = rtw89_fw_h2c_wow_request_aoac(rtwdev);
579 		if (ret) {
580 			rtw89_err(rtwdev, "wow: failed to get aoac rpt by pkt\n");
581 			return ret;
582 		}
583 	}
584 
585 	rtw89_wow_debug_aoac_rpt(rtwdev);
586 
587 	return 0;
588 }
589 
590 static struct ieee80211_key_conf *rtw89_wow_gtk_rekey(struct rtw89_dev *rtwdev,
591 						      u32 cipher, u8 keyidx, u8 *gtk)
592 {
593 	struct ieee80211_vif *wow_vif = rtwdev->wow.wow_vif;
594 	const struct rtw89_cipher_info *cipher_info;
595 	struct ieee80211_key_conf *rekey_conf;
596 	struct ieee80211_key_conf *key;
597 	u8 sz;
598 
599 	cipher_info = rtw89_cipher_alg_recognize(cipher);
600 	sz = struct_size(rekey_conf, key, cipher_info->len);
601 	rekey_conf = kmalloc(sz, GFP_KERNEL);
602 	if (!rekey_conf)
603 		return NULL;
604 
605 	rekey_conf->cipher = cipher;
606 	rekey_conf->keyidx = keyidx;
607 	rekey_conf->keylen = cipher_info->len;
608 	memcpy(rekey_conf->key, gtk,
609 	       flex_array_size(rekey_conf, key, cipher_info->len));
610 
611 	/* ieee80211_gtk_rekey_add() will call set_key(), therefore we
612 	 * need to unlock mutex
613 	 */
614 	mutex_unlock(&rtwdev->mutex);
615 	key = ieee80211_gtk_rekey_add(wow_vif, rekey_conf, -1);
616 	mutex_lock(&rtwdev->mutex);
617 
618 	kfree(rekey_conf);
619 	if (IS_ERR(key)) {
620 		rtw89_err(rtwdev, "ieee80211_gtk_rekey_add failed\n");
621 		return NULL;
622 	}
623 
624 	return key;
625 }
626 
627 static void rtw89_wow_update_key_info(struct rtw89_dev *rtwdev, bool rx_ready)
628 {
629 	struct ieee80211_vif *wow_vif = rtwdev->wow.wow_vif;
630 	struct rtw89_wow_param *rtw_wow = &rtwdev->wow;
631 	struct rtw89_wow_aoac_report *aoac_rpt = &rtw_wow->aoac_rpt;
632 	struct rtw89_set_key_info_iter_data data = {.error = false,
633 						    .rx_ready = rx_ready};
634 	struct ieee80211_key_conf *key;
635 
636 	rcu_read_lock();
637 	ieee80211_iter_keys_rcu(rtwdev->hw, wow_vif,
638 				rtw89_wow_set_key_info_iter, &data);
639 	rcu_read_unlock();
640 
641 	if (data.error) {
642 		rtw89_debug(rtwdev, RTW89_DBG_WOW, "%s error\n", __func__);
643 		return;
644 	}
645 
646 	if (!data.gtk_cipher)
647 		return;
648 
649 	key = rtw89_wow_gtk_rekey(rtwdev, data.gtk_cipher, aoac_rpt->key_idx,
650 				  aoac_rpt->gtk);
651 	if (!key)
652 		return;
653 
654 	rtw89_rx_iv_to_pn(rtwdev, key,
655 			  aoac_rpt->gtk_rx_iv[key->keyidx]);
656 
657 	if (!data.igtk_cipher)
658 		return;
659 
660 	key = rtw89_wow_gtk_rekey(rtwdev, data.igtk_cipher, aoac_rpt->igtk_key_id,
661 				  aoac_rpt->igtk);
662 	if (!key)
663 		return;
664 
665 	rtw89_rx_pn_set_pmf(rtwdev, key, aoac_rpt->igtk_ipn);
666 	ieee80211_gtk_rekey_notify(wow_vif, wow_vif->bss_conf.bssid,
667 				   aoac_rpt->eapol_key_replay_count,
668 				   GFP_KERNEL);
669 }
670 
671 static void rtw89_wow_leave_deep_ps(struct rtw89_dev *rtwdev)
672 {
673 	__rtw89_leave_ps_mode(rtwdev);
674 }
675 
676 static void rtw89_wow_enter_deep_ps(struct rtw89_dev *rtwdev)
677 {
678 	struct ieee80211_vif *wow_vif = rtwdev->wow.wow_vif;
679 	struct rtw89_vif *rtwvif = (struct rtw89_vif *)wow_vif->drv_priv;
680 
681 	__rtw89_enter_ps_mode(rtwdev, rtwvif);
682 }
683 
684 static void rtw89_wow_enter_lps(struct rtw89_dev *rtwdev)
685 {
686 	struct ieee80211_vif *wow_vif = rtwdev->wow.wow_vif;
687 	struct rtw89_vif *rtwvif = (struct rtw89_vif *)wow_vif->drv_priv;
688 
689 	rtw89_enter_lps(rtwdev, rtwvif, false);
690 }
691 
692 static void rtw89_wow_leave_lps(struct rtw89_dev *rtwdev)
693 {
694 	rtw89_leave_lps(rtwdev);
695 }
696 
697 static int rtw89_wow_config_mac(struct rtw89_dev *rtwdev, bool enable_wow)
698 {
699 	const struct rtw89_mac_gen_def *mac = rtwdev->chip->mac_def;
700 
701 	return mac->wow_config_mac(rtwdev, enable_wow);
702 }
703 
704 static void rtw89_wow_set_rx_filter(struct rtw89_dev *rtwdev, bool enable)
705 {
706 	const struct rtw89_mac_gen_def *mac = rtwdev->chip->mac_def;
707 	enum rtw89_mac_fwd_target fwd_target = enable ?
708 					       RTW89_FWD_DONT_CARE :
709 					       RTW89_FWD_TO_HOST;
710 
711 	mac->typ_fltr_opt(rtwdev, RTW89_MGNT, fwd_target, RTW89_MAC_0);
712 	mac->typ_fltr_opt(rtwdev, RTW89_CTRL, fwd_target, RTW89_MAC_0);
713 	mac->typ_fltr_opt(rtwdev, RTW89_DATA, fwd_target, RTW89_MAC_0);
714 }
715 
716 static void rtw89_wow_show_wakeup_reason(struct rtw89_dev *rtwdev)
717 {
718 	struct rtw89_wow_param *rtw_wow = &rtwdev->wow;
719 	struct rtw89_wow_aoac_report *aoac_rpt = &rtw_wow->aoac_rpt;
720 	u32 wow_reason_reg = rtwdev->chip->wow_reason_reg;
721 	struct cfg80211_wowlan_nd_info nd_info;
722 	struct cfg80211_wowlan_wakeup wakeup = {
723 		.pattern_idx = -1,
724 	};
725 	u8 reason;
726 
727 	reason = rtw89_read8(rtwdev, wow_reason_reg);
728 	switch (reason) {
729 	case RTW89_WOW_RSN_RX_DEAUTH:
730 		wakeup.disconnect = true;
731 		rtw89_debug(rtwdev, RTW89_DBG_WOW, "WOW: Rx deauth\n");
732 		break;
733 	case RTW89_WOW_RSN_DISCONNECT:
734 		wakeup.disconnect = true;
735 		rtw89_debug(rtwdev, RTW89_DBG_WOW, "WOW: AP is off\n");
736 		break;
737 	case RTW89_WOW_RSN_RX_MAGIC_PKT:
738 		wakeup.magic_pkt = true;
739 		rtw89_debug(rtwdev, RTW89_DBG_WOW, "WOW: Rx magic packet\n");
740 		break;
741 	case RTW89_WOW_RSN_RX_GTK_REKEY:
742 		wakeup.gtk_rekey_failure = true;
743 		rtw89_debug(rtwdev, RTW89_DBG_WOW, "WOW: Rx gtk rekey\n");
744 		break;
745 	case RTW89_WOW_RSN_RX_PATTERN_MATCH:
746 		wakeup.pattern_idx = aoac_rpt->pattern_idx;
747 		rtw89_debug(rtwdev, RTW89_DBG_WOW, "WOW: Rx pattern match packet\n");
748 		break;
749 	case RTW89_WOW_RSN_RX_NLO:
750 		/* Current firmware and driver don't report ssid index.
751 		 * Use 0 for n_matches based on its comment.
752 		 */
753 		nd_info.n_matches = 0;
754 		wakeup.net_detect = &nd_info;
755 		rtw89_debug(rtwdev, RTW89_DBG_WOW, "Rx NLO\n");
756 		break;
757 	default:
758 		rtw89_warn(rtwdev, "Unknown wakeup reason %x\n", reason);
759 		ieee80211_report_wowlan_wakeup(rtwdev->wow.wow_vif, NULL,
760 					       GFP_KERNEL);
761 		return;
762 	}
763 
764 	ieee80211_report_wowlan_wakeup(rtwdev->wow.wow_vif, &wakeup,
765 				       GFP_KERNEL);
766 }
767 
768 static void rtw89_wow_vif_iter(struct rtw89_dev *rtwdev, struct rtw89_vif *rtwvif)
769 {
770 	struct rtw89_wow_param *rtw_wow = &rtwdev->wow;
771 	struct ieee80211_vif *vif = rtwvif_to_vif(rtwvif);
772 
773 	/* Current wowlan function support setting of only one STATION vif.
774 	 * So when one suitable vif is found, stop the iteration.
775 	 */
776 	if (rtw_wow->wow_vif || vif->type != NL80211_IFTYPE_STATION)
777 		return;
778 
779 	switch (rtwvif->net_type) {
780 	case RTW89_NET_TYPE_INFRA:
781 		rtw_wow->wow_vif = vif;
782 		break;
783 	case RTW89_NET_TYPE_NO_LINK:
784 	default:
785 		break;
786 	}
787 }
788 
789 static u16 __rtw89_cal_crc16(u8 data, u16 crc)
790 {
791 	u8 shift_in, data_bit;
792 	u8 crc_bit4, crc_bit11, crc_bit15;
793 	u16 crc_result;
794 	int index;
795 
796 	for (index = 0; index < 8; index++) {
797 		crc_bit15 = crc & BIT(15) ? 1 : 0;
798 		data_bit = data & BIT(index) ? 1 : 0;
799 		shift_in = crc_bit15 ^ data_bit;
800 
801 		crc_result = crc << 1;
802 
803 		if (shift_in == 0)
804 			crc_result &= ~BIT(0);
805 		else
806 			crc_result |= BIT(0);
807 
808 		crc_bit11 = (crc & BIT(11) ? 1 : 0) ^ shift_in;
809 
810 		if (crc_bit11 == 0)
811 			crc_result &= ~BIT(12);
812 		else
813 			crc_result |= BIT(12);
814 
815 		crc_bit4 = (crc & BIT(4) ? 1 : 0) ^ shift_in;
816 
817 		if (crc_bit4 == 0)
818 			crc_result &= ~BIT(5);
819 		else
820 			crc_result |= BIT(5);
821 
822 		crc = crc_result;
823 	}
824 	return crc;
825 }
826 
827 static u16 rtw89_calc_crc(u8 *pdata, int length)
828 {
829 	u16 crc = 0xffff;
830 	int i;
831 
832 	for (i = 0; i < length; i++)
833 		crc = __rtw89_cal_crc16(pdata[i], crc);
834 
835 	/* get 1' complement */
836 	return ~crc;
837 }
838 
839 static int rtw89_wow_pattern_get_type(struct rtw89_vif *rtwvif,
840 				      struct rtw89_wow_cam_info *rtw_pattern,
841 				      const u8 *pattern, u8 da_mask)
842 {
843 	u8 da[ETH_ALEN];
844 
845 	ether_addr_copy_mask(da, pattern, da_mask);
846 
847 	/* Each pattern is divided into different kinds by DA address
848 	 *  a. DA is broadcast address: set bc = 0;
849 	 *  b. DA is multicast address: set mc = 0
850 	 *  c. DA is unicast address same as dev's mac address: set uc = 0
851 	 *  d. DA is unmasked. Also called wildcard type: set uc = bc = mc = 0
852 	 *  e. Others is invalid type.
853 	 */
854 
855 	if (is_broadcast_ether_addr(da))
856 		rtw_pattern->bc = true;
857 	else if (is_multicast_ether_addr(da))
858 		rtw_pattern->mc = true;
859 	else if (ether_addr_equal(da, rtwvif->mac_addr) &&
860 		 da_mask == GENMASK(5, 0))
861 		rtw_pattern->uc = true;
862 	else if (!da_mask) /*da_mask == 0 mean wildcard*/
863 		return 0;
864 	else
865 		return -EPERM;
866 
867 	return 0;
868 }
869 
870 static int rtw89_wow_pattern_generate(struct rtw89_dev *rtwdev,
871 				      struct rtw89_vif *rtwvif,
872 				      const struct cfg80211_pkt_pattern *pkt_pattern,
873 				      struct rtw89_wow_cam_info *rtw_pattern)
874 {
875 	u8 mask_hw[RTW89_MAX_PATTERN_MASK_SIZE * 4] = {0};
876 	u8 content[RTW89_MAX_PATTERN_SIZE] = {0};
877 	const u8 *mask;
878 	const u8 *pattern;
879 	u8 mask_len;
880 	u16 count;
881 	u32 len;
882 	int i, ret;
883 
884 	pattern = pkt_pattern->pattern;
885 	len = pkt_pattern->pattern_len;
886 	mask = pkt_pattern->mask;
887 	mask_len = DIV_ROUND_UP(len, 8);
888 	memset(rtw_pattern, 0, sizeof(*rtw_pattern));
889 
890 	ret = rtw89_wow_pattern_get_type(rtwvif, rtw_pattern, pattern,
891 					 mask[0] & GENMASK(5, 0));
892 	if (ret)
893 		return ret;
894 
895 	/* translate mask from os to mask for hw
896 	 * pattern from OS uses 'ethenet frame', like this:
897 	 * |    6   |    6   |   2  |     20    |  Variable  |  4  |
898 	 * |--------+--------+------+-----------+------------+-----|
899 	 * |    802.3 Mac Header    | IP Header | TCP Packet | FCS |
900 	 * |   DA   |   SA   | Type |
901 	 *
902 	 * BUT, packet catched by our HW is in '802.11 frame', begin from LLC
903 	 * |     24 or 30      |    6   |   2  |     20    |  Variable  |  4  |
904 	 * |-------------------+--------+------+-----------+------------+-----|
905 	 * | 802.11 MAC Header |       LLC     | IP Header | TCP Packet | FCS |
906 	 *		       | Others | Tpye |
907 	 *
908 	 * Therefore, we need translate mask_from_OS to mask_to_hw.
909 	 * We should left-shift mask by 6 bits, then set the new bit[0~5] = 0,
910 	 * because new mask[0~5] means 'SA', but our HW packet begins from LLC,
911 	 * bit[0~5] corresponds to first 6 Bytes in LLC, they just don't match.
912 	 */
913 
914 	/* Shift 6 bits */
915 	for (i = 0; i < mask_len - 1; i++) {
916 		mask_hw[i] = u8_get_bits(mask[i], GENMASK(7, 6)) |
917 			     u8_get_bits(mask[i + 1], GENMASK(5, 0)) << 2;
918 	}
919 	mask_hw[i] = u8_get_bits(mask[i], GENMASK(7, 6));
920 
921 	/* Set bit 0-5 to zero */
922 	mask_hw[0] &= ~GENMASK(5, 0);
923 
924 	memcpy(rtw_pattern->mask, mask_hw, sizeof(rtw_pattern->mask));
925 
926 	/* To get the wake up pattern from the mask.
927 	 * We do not count first 12 bits which means
928 	 * DA[6] and SA[6] in the pattern to match HW design.
929 	 */
930 	count = 0;
931 	for (i = 12; i < len; i++) {
932 		if ((mask[i / 8] >> (i % 8)) & 0x01) {
933 			content[count] = pattern[i];
934 			count++;
935 		}
936 	}
937 
938 	rtw_pattern->crc = rtw89_calc_crc(content, count);
939 
940 	return 0;
941 }
942 
943 static int rtw89_wow_parse_patterns(struct rtw89_dev *rtwdev,
944 				    struct rtw89_vif *rtwvif,
945 				    struct cfg80211_wowlan *wowlan)
946 {
947 	struct rtw89_wow_param *rtw_wow = &rtwdev->wow;
948 	struct rtw89_wow_cam_info *rtw_pattern = rtw_wow->patterns;
949 	int i;
950 	int ret;
951 
952 	if (!wowlan->n_patterns || !wowlan->patterns)
953 		return 0;
954 
955 	for (i = 0; i < wowlan->n_patterns; i++) {
956 		rtw_pattern = &rtw_wow->patterns[i];
957 		ret = rtw89_wow_pattern_generate(rtwdev, rtwvif,
958 						 &wowlan->patterns[i],
959 						 rtw_pattern);
960 		if (ret) {
961 			rtw89_err(rtwdev, "failed to generate pattern(%d)\n", i);
962 			rtw_wow->pattern_cnt = 0;
963 			return ret;
964 		}
965 
966 		rtw_pattern->r_w = true;
967 		rtw_pattern->idx = i;
968 		rtw_pattern->negative_pattern_match = false;
969 		rtw_pattern->skip_mac_hdr = true;
970 		rtw_pattern->valid = true;
971 	}
972 	rtw_wow->pattern_cnt = wowlan->n_patterns;
973 
974 	return 0;
975 }
976 
977 static void rtw89_wow_pattern_clear_cam(struct rtw89_dev *rtwdev)
978 {
979 	struct rtw89_wow_param *rtw_wow = &rtwdev->wow;
980 	struct rtw89_wow_cam_info *rtw_pattern = rtw_wow->patterns;
981 	int i = 0;
982 
983 	for (i = 0; i < rtw_wow->pattern_cnt; i++) {
984 		rtw_pattern = &rtw_wow->patterns[i];
985 		rtw_pattern->valid = false;
986 		rtw89_fw_wow_cam_update(rtwdev, rtw_pattern);
987 	}
988 }
989 
990 static void rtw89_wow_pattern_write(struct rtw89_dev *rtwdev)
991 {
992 	struct rtw89_wow_param *rtw_wow = &rtwdev->wow;
993 	struct rtw89_wow_cam_info *rtw_pattern = rtw_wow->patterns;
994 	int i;
995 
996 	for (i = 0; i < rtw_wow->pattern_cnt; i++)
997 		rtw89_fw_wow_cam_update(rtwdev, rtw_pattern + i);
998 }
999 
1000 static void rtw89_wow_pattern_clear(struct rtw89_dev *rtwdev)
1001 {
1002 	struct rtw89_wow_param *rtw_wow = &rtwdev->wow;
1003 
1004 	rtw89_wow_pattern_clear_cam(rtwdev);
1005 
1006 	rtw_wow->pattern_cnt = 0;
1007 	memset(rtw_wow->patterns, 0, sizeof(rtw_wow->patterns));
1008 }
1009 
1010 static void rtw89_wow_clear_wakeups(struct rtw89_dev *rtwdev)
1011 {
1012 	struct rtw89_wow_param *rtw_wow = &rtwdev->wow;
1013 
1014 	rtw_wow->wow_vif = NULL;
1015 	rtw89_core_release_all_bits_map(rtw_wow->flags, RTW89_WOW_FLAG_NUM);
1016 	rtw_wow->pattern_cnt = 0;
1017 }
1018 
1019 static int rtw89_wow_set_wakeups(struct rtw89_dev *rtwdev,
1020 				 struct cfg80211_wowlan *wowlan)
1021 {
1022 	struct rtw89_wow_param *rtw_wow = &rtwdev->wow;
1023 	struct rtw89_vif *rtwvif;
1024 
1025 	if (wowlan->disconnect)
1026 		set_bit(RTW89_WOW_FLAG_EN_DISCONNECT, rtw_wow->flags);
1027 	if (wowlan->magic_pkt)
1028 		set_bit(RTW89_WOW_FLAG_EN_MAGIC_PKT, rtw_wow->flags);
1029 
1030 	rtw89_for_each_rtwvif(rtwdev, rtwvif)
1031 		rtw89_wow_vif_iter(rtwdev, rtwvif);
1032 
1033 	if (!rtw_wow->wow_vif)
1034 		return -EPERM;
1035 
1036 	rtwvif = (struct rtw89_vif *)rtw_wow->wow_vif->drv_priv;
1037 	return rtw89_wow_parse_patterns(rtwdev, rtwvif, wowlan);
1038 }
1039 
1040 static int rtw89_wow_cfg_wake(struct rtw89_dev *rtwdev, bool wow)
1041 {
1042 	struct rtw89_wow_param *rtw_wow = &rtwdev->wow;
1043 	struct ieee80211_vif *wow_vif = rtw_wow->wow_vif;
1044 	struct rtw89_vif *rtwvif = (struct rtw89_vif *)wow_vif->drv_priv;
1045 	struct ieee80211_sta *wow_sta;
1046 	struct rtw89_sta *rtwsta = NULL;
1047 	int ret;
1048 
1049 	wow_sta = ieee80211_find_sta(wow_vif, rtwvif->bssid);
1050 	if (wow_sta)
1051 		rtwsta = (struct rtw89_sta *)wow_sta->drv_priv;
1052 
1053 	if (wow) {
1054 		if (rtw_wow->pattern_cnt)
1055 			rtwvif->wowlan_pattern = true;
1056 		if (test_bit(RTW89_WOW_FLAG_EN_MAGIC_PKT, rtw_wow->flags))
1057 			rtwvif->wowlan_magic = true;
1058 	} else {
1059 		rtwvif->wowlan_pattern = false;
1060 		rtwvif->wowlan_magic = false;
1061 	}
1062 
1063 	ret = rtw89_fw_h2c_wow_wakeup_ctrl(rtwdev, rtwvif, wow);
1064 	if (ret) {
1065 		rtw89_err(rtwdev, "failed to fw wow wakeup ctrl\n");
1066 		return ret;
1067 	}
1068 
1069 	if (wow) {
1070 		ret = rtw89_chip_h2c_dctl_sec_cam(rtwdev, rtwvif, rtwsta);
1071 		if (ret) {
1072 			rtw89_err(rtwdev, "failed to update dctl cam sec entry: %d\n",
1073 				  ret);
1074 			return ret;
1075 		}
1076 	}
1077 
1078 	ret = rtw89_fw_h2c_cam(rtwdev, rtwvif, rtwsta, NULL);
1079 	if (ret) {
1080 		rtw89_warn(rtwdev, "failed to send h2c cam\n");
1081 		return ret;
1082 	}
1083 
1084 	ret = rtw89_fw_h2c_wow_global(rtwdev, rtwvif, wow);
1085 	if (ret) {
1086 		rtw89_err(rtwdev, "failed to fw wow global\n");
1087 		return ret;
1088 	}
1089 
1090 	return 0;
1091 }
1092 
1093 static int rtw89_wow_check_fw_status(struct rtw89_dev *rtwdev, bool wow_enable)
1094 {
1095 	const struct rtw89_mac_gen_def *mac = rtwdev->chip->mac_def;
1096 	u8 polling;
1097 	int ret;
1098 
1099 	ret = read_poll_timeout_atomic(rtw89_read8_mask, polling,
1100 				       wow_enable == !!polling,
1101 				       50, 50000, false, rtwdev,
1102 				       mac->wow_ctrl.addr, mac->wow_ctrl.mask);
1103 	if (ret)
1104 		rtw89_err(rtwdev, "failed to check wow status %s\n",
1105 			  wow_enable ? "enabled" : "disabled");
1106 	return ret;
1107 }
1108 
1109 static int rtw89_wow_swap_fw(struct rtw89_dev *rtwdev, bool wow)
1110 {
1111 	enum rtw89_fw_type fw_type = wow ? RTW89_FW_WOWLAN : RTW89_FW_NORMAL;
1112 	enum rtw89_chip_gen chip_gen = rtwdev->chip->chip_gen;
1113 	struct rtw89_wow_param *rtw_wow = &rtwdev->wow;
1114 	struct ieee80211_vif *wow_vif = rtw_wow->wow_vif;
1115 	struct rtw89_vif *rtwvif = (struct rtw89_vif *)wow_vif->drv_priv;
1116 	enum rtw89_core_chip_id chip_id = rtwdev->chip->chip_id;
1117 	const struct rtw89_chip_info *chip = rtwdev->chip;
1118 	bool include_bb = !!chip->bbmcu_nr;
1119 	bool disable_intr_for_dlfw = false;
1120 	struct ieee80211_sta *wow_sta;
1121 	struct rtw89_sta *rtwsta = NULL;
1122 	bool is_conn = true;
1123 	int ret;
1124 
1125 	if (chip_id == RTL8852C || chip_id == RTL8922A)
1126 		disable_intr_for_dlfw = true;
1127 
1128 	wow_sta = ieee80211_find_sta(wow_vif, rtwvif->bssid);
1129 	if (wow_sta)
1130 		rtwsta = (struct rtw89_sta *)wow_sta->drv_priv;
1131 	else
1132 		is_conn = false;
1133 
1134 	if (disable_intr_for_dlfw)
1135 		rtw89_hci_disable_intr(rtwdev);
1136 
1137 	ret = rtw89_fw_download(rtwdev, fw_type, include_bb);
1138 	if (ret) {
1139 		rtw89_warn(rtwdev, "download fw failed\n");
1140 		return ret;
1141 	}
1142 
1143 	if (disable_intr_for_dlfw)
1144 		rtw89_hci_enable_intr(rtwdev);
1145 
1146 	rtw89_phy_init_rf_reg(rtwdev, true);
1147 
1148 	ret = rtw89_fw_h2c_role_maintain(rtwdev, rtwvif, rtwsta,
1149 					 RTW89_ROLE_FW_RESTORE);
1150 	if (ret) {
1151 		rtw89_warn(rtwdev, "failed to send h2c role maintain\n");
1152 		return ret;
1153 	}
1154 
1155 	ret = rtw89_chip_h2c_assoc_cmac_tbl(rtwdev, wow_vif, wow_sta);
1156 	if (ret) {
1157 		rtw89_warn(rtwdev, "failed to send h2c assoc cmac tbl\n");
1158 		return ret;
1159 	}
1160 
1161 	if (!is_conn)
1162 		rtw89_cam_reset_keys(rtwdev);
1163 
1164 	ret = rtw89_fw_h2c_join_info(rtwdev, rtwvif, rtwsta, !is_conn);
1165 	if (ret) {
1166 		rtw89_warn(rtwdev, "failed to send h2c join info\n");
1167 		return ret;
1168 	}
1169 
1170 	ret = rtw89_fw_h2c_cam(rtwdev, rtwvif, rtwsta, NULL);
1171 	if (ret) {
1172 		rtw89_warn(rtwdev, "failed to send h2c cam\n");
1173 		return ret;
1174 	}
1175 
1176 	if (is_conn) {
1177 		ret = rtw89_fw_h2c_general_pkt(rtwdev, rtwvif, rtwsta->mac_id);
1178 		if (ret) {
1179 			rtw89_warn(rtwdev, "failed to send h2c general packet\n");
1180 			return ret;
1181 		}
1182 		rtw89_phy_ra_assoc(rtwdev, wow_sta);
1183 		rtw89_phy_set_bss_color(rtwdev, wow_vif);
1184 		rtw89_chip_cfg_txpwr_ul_tb_offset(rtwdev, wow_vif);
1185 	}
1186 
1187 	if (chip_gen == RTW89_CHIP_BE)
1188 		rtw89_phy_rfk_pre_ntfy_and_wait(rtwdev, RTW89_PHY_0, 5);
1189 
1190 	rtw89_mac_hw_mgnt_sec(rtwdev, wow);
1191 
1192 	return 0;
1193 }
1194 
1195 static int rtw89_wow_enable_trx_pre(struct rtw89_dev *rtwdev)
1196 {
1197 	int ret;
1198 
1199 	rtw89_hci_ctrl_txdma_ch(rtwdev, false);
1200 	rtw89_hci_ctrl_txdma_fw_ch(rtwdev, true);
1201 
1202 	rtw89_mac_ptk_drop_by_band_and_wait(rtwdev, RTW89_MAC_0);
1203 
1204 	ret = rtw89_hci_poll_txdma_ch_idle(rtwdev);
1205 	if (ret) {
1206 		rtw89_err(rtwdev, "txdma ch busy\n");
1207 		return ret;
1208 	}
1209 	rtw89_wow_set_rx_filter(rtwdev, true);
1210 
1211 	ret = rtw89_mac_cfg_ppdu_status(rtwdev, RTW89_MAC_0, false);
1212 	if (ret) {
1213 		rtw89_err(rtwdev, "cfg ppdu status\n");
1214 		return ret;
1215 	}
1216 
1217 	return 0;
1218 }
1219 
1220 static int rtw89_wow_enable_trx_post(struct rtw89_dev *rtwdev)
1221 {
1222 	int ret;
1223 
1224 	rtw89_hci_disable_intr(rtwdev);
1225 	rtw89_hci_ctrl_trxhci(rtwdev, false);
1226 
1227 	ret = rtw89_hci_poll_txdma_ch_idle(rtwdev);
1228 	if (ret) {
1229 		rtw89_err(rtwdev, "failed to poll txdma ch idle pcie\n");
1230 		return ret;
1231 	}
1232 
1233 	ret = rtw89_wow_config_mac(rtwdev, true);
1234 	if (ret) {
1235 		rtw89_err(rtwdev, "failed to config mac\n");
1236 		return ret;
1237 	}
1238 
1239 	rtw89_wow_set_rx_filter(rtwdev, false);
1240 	rtw89_hci_reset(rtwdev);
1241 
1242 	return 0;
1243 }
1244 
1245 static int rtw89_wow_disable_trx_pre(struct rtw89_dev *rtwdev)
1246 {
1247 	int ret;
1248 
1249 	rtw89_hci_clr_idx_all(rtwdev);
1250 
1251 	ret = rtw89_hci_rst_bdram(rtwdev);
1252 	if (ret) {
1253 		rtw89_warn(rtwdev, "reset bdram busy\n");
1254 		return ret;
1255 	}
1256 
1257 	rtw89_hci_ctrl_trxhci(rtwdev, true);
1258 	rtw89_hci_ctrl_txdma_ch(rtwdev, true);
1259 
1260 	ret = rtw89_wow_config_mac(rtwdev, false);
1261 	if (ret) {
1262 		rtw89_err(rtwdev, "failed to config mac\n");
1263 		return ret;
1264 	}
1265 
1266 	/* Before enabling interrupt, we need to get AOAC report by reg due to RX
1267 	 * not enabled yet. Also, we need to sync RX related IV from firmware to
1268 	 * mac80211 before receiving RX packets from driver.
1269 	 * After enabling interrupt, we can get AOAC report from h2c and c2h, and
1270 	 * can get TX IV and complete rekey info. We need to update TX related IV
1271 	 * and new GTK info if rekey happened.
1272 	 */
1273 	ret = rtw89_wow_get_aoac_rpt(rtwdev, false);
1274 	if (!ret)
1275 		rtw89_wow_update_key_info(rtwdev, false);
1276 
1277 	rtw89_hci_enable_intr(rtwdev);
1278 	ret = rtw89_wow_get_aoac_rpt(rtwdev, true);
1279 	if (!ret)
1280 		rtw89_wow_update_key_info(rtwdev, true);
1281 
1282 	return 0;
1283 }
1284 
1285 static int rtw89_wow_disable_trx_post(struct rtw89_dev *rtwdev)
1286 {
1287 	int ret;
1288 
1289 	ret = rtw89_mac_cfg_ppdu_status(rtwdev, RTW89_MAC_0, true);
1290 	if (ret)
1291 		rtw89_err(rtwdev, "cfg ppdu status\n");
1292 
1293 	return ret;
1294 }
1295 
1296 static int rtw89_wow_fw_start(struct rtw89_dev *rtwdev)
1297 {
1298 	struct rtw89_wow_param *rtw_wow = &rtwdev->wow;
1299 	struct rtw89_vif *rtwvif = (struct rtw89_vif *)rtw_wow->wow_vif->drv_priv;
1300 	int ret;
1301 
1302 	rtw89_wow_pattern_write(rtwdev);
1303 	rtw89_wow_construct_key_info(rtwdev);
1304 
1305 	ret = rtw89_fw_h2c_keep_alive(rtwdev, rtwvif, true);
1306 	if (ret) {
1307 		rtw89_err(rtwdev, "wow: failed to enable keep alive\n");
1308 		return ret;
1309 	}
1310 
1311 	ret = rtw89_fw_h2c_disconnect_detect(rtwdev, rtwvif, true);
1312 	if (ret) {
1313 		rtw89_err(rtwdev, "wow: failed to enable disconnect detect\n");
1314 		goto out;
1315 	}
1316 
1317 	ret = rtw89_fw_h2c_wow_gtk_ofld(rtwdev, rtwvif, true);
1318 	if (ret) {
1319 		rtw89_err(rtwdev, "wow: failed to enable GTK offload\n");
1320 		goto out;
1321 	}
1322 
1323 	ret = rtw89_fw_h2c_arp_offload(rtwdev, rtwvif, true);
1324 	if (ret)
1325 		rtw89_warn(rtwdev, "wow: failed to enable arp offload\n");
1326 
1327 	ret = rtw89_wow_cfg_wake(rtwdev, true);
1328 	if (ret) {
1329 		rtw89_err(rtwdev, "wow: failed to config wake\n");
1330 		goto out;
1331 	}
1332 
1333 	ret = rtw89_wow_check_fw_status(rtwdev, true);
1334 	if (ret) {
1335 		rtw89_err(rtwdev, "wow: failed to check enable fw ready\n");
1336 		goto out;
1337 	}
1338 
1339 out:
1340 	return ret;
1341 }
1342 
1343 static int rtw89_wow_fw_stop(struct rtw89_dev *rtwdev)
1344 {
1345 	struct rtw89_wow_param *rtw_wow = &rtwdev->wow;
1346 	struct rtw89_vif *rtwvif = (struct rtw89_vif *)rtw_wow->wow_vif->drv_priv;
1347 	int ret;
1348 
1349 	rtw89_wow_pattern_clear(rtwdev);
1350 
1351 	ret = rtw89_fw_h2c_keep_alive(rtwdev, rtwvif, false);
1352 	if (ret) {
1353 		rtw89_err(rtwdev, "wow: failed to disable keep alive\n");
1354 		goto out;
1355 	}
1356 
1357 	ret = rtw89_fw_h2c_disconnect_detect(rtwdev, rtwvif, false);
1358 	if (ret) {
1359 		rtw89_err(rtwdev, "wow: failed to disable disconnect detect\n");
1360 		goto out;
1361 	}
1362 
1363 	ret = rtw89_fw_h2c_wow_gtk_ofld(rtwdev, rtwvif, false);
1364 	if (ret) {
1365 		rtw89_err(rtwdev, "wow: failed to disable GTK offload\n");
1366 		goto out;
1367 	}
1368 
1369 	ret = rtw89_fw_h2c_arp_offload(rtwdev, rtwvif, false);
1370 	if (ret)
1371 		rtw89_warn(rtwdev, "wow: failed to disable arp offload\n");
1372 
1373 	rtw89_wow_key_clear(rtwdev);
1374 	rtw89_fw_release_general_pkt_list(rtwdev, true);
1375 
1376 	ret = rtw89_wow_cfg_wake(rtwdev, false);
1377 	if (ret) {
1378 		rtw89_err(rtwdev, "wow: failed to disable config wake\n");
1379 		goto out;
1380 	}
1381 
1382 	ret = rtw89_wow_check_fw_status(rtwdev, false);
1383 	if (ret) {
1384 		rtw89_err(rtwdev, "wow: failed to check disable fw ready\n");
1385 		goto out;
1386 	}
1387 
1388 out:
1389 	return ret;
1390 }
1391 
1392 static int rtw89_wow_enable(struct rtw89_dev *rtwdev)
1393 {
1394 	int ret;
1395 
1396 	set_bit(RTW89_FLAG_WOWLAN, rtwdev->flags);
1397 
1398 	ret = rtw89_wow_enable_trx_pre(rtwdev);
1399 	if (ret) {
1400 		rtw89_err(rtwdev, "wow: failed to enable trx_pre\n");
1401 		goto out;
1402 	}
1403 
1404 	rtw89_fw_release_general_pkt_list(rtwdev, true);
1405 
1406 	ret = rtw89_wow_swap_fw(rtwdev, true);
1407 	if (ret) {
1408 		rtw89_err(rtwdev, "wow: failed to swap to wow fw\n");
1409 		goto out;
1410 	}
1411 
1412 	ret = rtw89_wow_fw_start(rtwdev);
1413 	if (ret) {
1414 		rtw89_err(rtwdev, "wow: failed to let wow fw start\n");
1415 		goto out;
1416 	}
1417 
1418 	rtw89_wow_enter_lps(rtwdev);
1419 
1420 	ret = rtw89_wow_enable_trx_post(rtwdev);
1421 	if (ret) {
1422 		rtw89_err(rtwdev, "wow: failed to enable trx_post\n");
1423 		goto out;
1424 	}
1425 
1426 	return 0;
1427 
1428 out:
1429 	clear_bit(RTW89_FLAG_WOWLAN, rtwdev->flags);
1430 	return ret;
1431 }
1432 
1433 static int rtw89_wow_disable(struct rtw89_dev *rtwdev)
1434 {
1435 	int ret;
1436 
1437 	ret = rtw89_wow_disable_trx_pre(rtwdev);
1438 	if (ret) {
1439 		rtw89_err(rtwdev, "wow: failed to disable trx_pre\n");
1440 		goto out;
1441 	}
1442 
1443 	rtw89_wow_leave_lps(rtwdev);
1444 
1445 	ret = rtw89_wow_fw_stop(rtwdev);
1446 	if (ret) {
1447 		rtw89_err(rtwdev, "wow: failed to swap to normal fw\n");
1448 		goto out;
1449 	}
1450 
1451 	ret = rtw89_wow_swap_fw(rtwdev, false);
1452 	if (ret) {
1453 		rtw89_err(rtwdev, "wow: failed to disable trx_post\n");
1454 		goto out;
1455 	}
1456 
1457 	ret = rtw89_wow_disable_trx_post(rtwdev);
1458 	if (ret) {
1459 		rtw89_err(rtwdev, "wow: failed to disable trx_pre\n");
1460 		goto out;
1461 	}
1462 
1463 out:
1464 	clear_bit(RTW89_FLAG_WOWLAN, rtwdev->flags);
1465 	return ret;
1466 }
1467 
1468 int rtw89_wow_resume(struct rtw89_dev *rtwdev)
1469 {
1470 	int ret;
1471 
1472 	if (!test_bit(RTW89_FLAG_WOWLAN, rtwdev->flags)) {
1473 		rtw89_err(rtwdev, "wow is not enabled\n");
1474 		ret = -EPERM;
1475 		goto out;
1476 	}
1477 
1478 	if (!rtw89_mac_get_power_state(rtwdev)) {
1479 		rtw89_err(rtwdev, "chip is no power when resume\n");
1480 		ret = -EPERM;
1481 		goto out;
1482 	}
1483 
1484 	rtw89_wow_leave_deep_ps(rtwdev);
1485 
1486 	rtw89_wow_show_wakeup_reason(rtwdev);
1487 
1488 	ret = rtw89_wow_disable(rtwdev);
1489 	if (ret)
1490 		rtw89_err(rtwdev, "failed to disable wow\n");
1491 
1492 out:
1493 	rtw89_wow_clear_wakeups(rtwdev);
1494 	return ret;
1495 }
1496 
1497 int rtw89_wow_suspend(struct rtw89_dev *rtwdev, struct cfg80211_wowlan *wowlan)
1498 {
1499 	int ret;
1500 
1501 	ret = rtw89_wow_set_wakeups(rtwdev, wowlan);
1502 	if (ret) {
1503 		rtw89_err(rtwdev, "failed to set wakeup event\n");
1504 		return ret;
1505 	}
1506 
1507 	rtw89_wow_leave_lps(rtwdev);
1508 
1509 	ret = rtw89_wow_enable(rtwdev);
1510 	if (ret) {
1511 		rtw89_err(rtwdev, "failed to enable wow\n");
1512 		return ret;
1513 	}
1514 
1515 	rtw89_wow_enter_deep_ps(rtwdev);
1516 
1517 	return 0;
1518 }
1519