xref: /linux/drivers/net/wireless/ti/wlcore/scan.c (revision 4413e16d9d21673bb5048a2e542f1aaa00015c2e)
1 /*
2  * This file is part of wl1271
3  *
4  * Copyright (C) 2009-2010 Nokia Corporation
5  *
6  * Contact: Luciano Coelho <luciano.coelho@nokia.com>
7  *
8  * This program is free software; you can redistribute it and/or
9  * modify it under the terms of the GNU General Public License
10  * version 2 as published by the Free Software Foundation.
11  *
12  * This program is distributed in the hope that it will be useful, but
13  * WITHOUT ANY WARRANTY; without even the implied warranty of
14  * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU
15  * General Public License for more details.
16  *
17  * You should have received a copy of the GNU General Public License
18  * along with this program; if not, write to the Free Software
19  * Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA
20  * 02110-1301 USA
21  *
22  */
23 
24 #include <linux/ieee80211.h>
25 
26 #include "wlcore.h"
27 #include "debug.h"
28 #include "cmd.h"
29 #include "scan.h"
30 #include "acx.h"
31 #include "ps.h"
32 #include "tx.h"
33 
34 void wl1271_scan_complete_work(struct work_struct *work)
35 {
36 	struct delayed_work *dwork;
37 	struct wl1271 *wl;
38 	struct ieee80211_vif *vif;
39 	struct wl12xx_vif *wlvif;
40 	int ret;
41 
42 	dwork = container_of(work, struct delayed_work, work);
43 	wl = container_of(dwork, struct wl1271, scan_complete_work);
44 
45 	wl1271_debug(DEBUG_SCAN, "Scanning complete");
46 
47 	mutex_lock(&wl->mutex);
48 
49 	if (wl->state == WL1271_STATE_OFF)
50 		goto out;
51 
52 	if (wl->scan.state == WL1271_SCAN_STATE_IDLE)
53 		goto out;
54 
55 	vif = wl->scan_vif;
56 	wlvif = wl12xx_vif_to_data(vif);
57 
58 	/*
59 	 * Rearm the tx watchdog just before idling scan. This
60 	 * prevents just-finished scans from triggering the watchdog
61 	 */
62 	wl12xx_rearm_tx_watchdog_locked(wl);
63 
64 	wl->scan.state = WL1271_SCAN_STATE_IDLE;
65 	memset(wl->scan.scanned_ch, 0, sizeof(wl->scan.scanned_ch));
66 	wl->scan.req = NULL;
67 	wl->scan_vif = NULL;
68 
69 	ret = wl1271_ps_elp_wakeup(wl);
70 	if (ret < 0)
71 		goto out;
72 
73 	if (test_bit(WLVIF_FLAG_STA_ASSOCIATED, &wlvif->flags)) {
74 		/* restore hardware connection monitoring template */
75 		wl1271_cmd_build_ap_probe_req(wl, wlvif, wlvif->probereq);
76 	}
77 
78 	wl1271_ps_elp_sleep(wl);
79 
80 	if (wl->scan.failed) {
81 		wl1271_info("Scan completed due to error.");
82 		wl12xx_queue_recovery_work(wl);
83 	}
84 
85 	ieee80211_scan_completed(wl->hw, false);
86 
87 out:
88 	mutex_unlock(&wl->mutex);
89 
90 }
91 
92 
93 static int wl1271_get_scan_channels(struct wl1271 *wl,
94 				    struct cfg80211_scan_request *req,
95 				    struct basic_scan_channel_params *channels,
96 				    enum ieee80211_band band, bool passive)
97 {
98 	struct conf_scan_settings *c = &wl->conf.scan;
99 	int i, j;
100 	u32 flags;
101 
102 	for (i = 0, j = 0;
103 	     i < req->n_channels && j < WL1271_SCAN_MAX_CHANNELS;
104 	     i++) {
105 		flags = req->channels[i]->flags;
106 
107 		if (!test_bit(i, wl->scan.scanned_ch) &&
108 		    !(flags & IEEE80211_CHAN_DISABLED) &&
109 		    (req->channels[i]->band == band) &&
110 		    /*
111 		     * In passive scans, we scan all remaining
112 		     * channels, even if not marked as such.
113 		     * In active scans, we only scan channels not
114 		     * marked as passive.
115 		     */
116 		    (passive || !(flags & IEEE80211_CHAN_PASSIVE_SCAN))) {
117 			wl1271_debug(DEBUG_SCAN, "band %d, center_freq %d ",
118 				     req->channels[i]->band,
119 				     req->channels[i]->center_freq);
120 			wl1271_debug(DEBUG_SCAN, "hw_value %d, flags %X",
121 				     req->channels[i]->hw_value,
122 				     req->channels[i]->flags);
123 			wl1271_debug(DEBUG_SCAN,
124 				     "max_antenna_gain %d, max_power %d",
125 				     req->channels[i]->max_antenna_gain,
126 				     req->channels[i]->max_power);
127 			wl1271_debug(DEBUG_SCAN, "beacon_found %d",
128 				     req->channels[i]->beacon_found);
129 
130 			if (!passive) {
131 				channels[j].min_duration =
132 					cpu_to_le32(c->min_dwell_time_active);
133 				channels[j].max_duration =
134 					cpu_to_le32(c->max_dwell_time_active);
135 			} else {
136 				channels[j].min_duration =
137 					cpu_to_le32(c->min_dwell_time_passive);
138 				channels[j].max_duration =
139 					cpu_to_le32(c->max_dwell_time_passive);
140 			}
141 			channels[j].early_termination = 0;
142 			channels[j].tx_power_att = req->channels[i]->max_power;
143 			channels[j].channel = req->channels[i]->hw_value;
144 
145 			memset(&channels[j].bssid_lsb, 0xff, 4);
146 			memset(&channels[j].bssid_msb, 0xff, 2);
147 
148 			/* Mark the channels we already used */
149 			set_bit(i, wl->scan.scanned_ch);
150 
151 			j++;
152 		}
153 	}
154 
155 	return j;
156 }
157 
158 #define WL1271_NOTHING_TO_SCAN 1
159 
160 static int wl1271_scan_send(struct wl1271 *wl, struct ieee80211_vif *vif,
161 			    enum ieee80211_band band,
162 			    bool passive, u32 basic_rate)
163 {
164 	struct wl12xx_vif *wlvif = wl12xx_vif_to_data(vif);
165 	struct wl1271_cmd_scan *cmd;
166 	struct wl1271_cmd_trigger_scan_to *trigger;
167 	int ret;
168 	u16 scan_options = 0;
169 
170 	/* skip active scans if we don't have SSIDs */
171 	if (!passive && wl->scan.req->n_ssids == 0)
172 		return WL1271_NOTHING_TO_SCAN;
173 
174 	cmd = kzalloc(sizeof(*cmd), GFP_KERNEL);
175 	trigger = kzalloc(sizeof(*trigger), GFP_KERNEL);
176 	if (!cmd || !trigger) {
177 		ret = -ENOMEM;
178 		goto out;
179 	}
180 
181 	if (wl->conf.scan.split_scan_timeout)
182 		scan_options |= WL1271_SCAN_OPT_SPLIT_SCAN;
183 
184 	if (passive)
185 		scan_options |= WL1271_SCAN_OPT_PASSIVE;
186 
187 	if (wlvif->bss_type == BSS_TYPE_AP_BSS ||
188 	    test_bit(WLVIF_FLAG_STA_ASSOCIATED, &wlvif->flags))
189 		cmd->params.role_id = wlvif->role_id;
190 	else
191 		cmd->params.role_id = wlvif->dev_role_id;
192 
193 	if (WARN_ON(cmd->params.role_id == WL12XX_INVALID_ROLE_ID)) {
194 		ret = -EINVAL;
195 		goto out;
196 	}
197 
198 	cmd->params.scan_options = cpu_to_le16(scan_options);
199 
200 	cmd->params.n_ch = wl1271_get_scan_channels(wl, wl->scan.req,
201 						    cmd->channels,
202 						    band, passive);
203 	if (cmd->params.n_ch == 0) {
204 		ret = WL1271_NOTHING_TO_SCAN;
205 		goto out;
206 	}
207 
208 	cmd->params.tx_rate = cpu_to_le32(basic_rate);
209 	cmd->params.n_probe_reqs = wl->conf.scan.num_probe_reqs;
210 	cmd->params.tid_trigger = CONF_TX_AC_ANY_TID;
211 	cmd->params.scan_tag = WL1271_SCAN_DEFAULT_TAG;
212 
213 	if (band == IEEE80211_BAND_2GHZ)
214 		cmd->params.band = WL1271_SCAN_BAND_2_4_GHZ;
215 	else
216 		cmd->params.band = WL1271_SCAN_BAND_5_GHZ;
217 
218 	if (wl->scan.ssid_len && wl->scan.ssid) {
219 		cmd->params.ssid_len = wl->scan.ssid_len;
220 		memcpy(cmd->params.ssid, wl->scan.ssid, wl->scan.ssid_len);
221 	}
222 
223 	memcpy(cmd->addr, vif->addr, ETH_ALEN);
224 
225 	ret = wl12xx_cmd_build_probe_req(wl, wlvif,
226 					 cmd->params.role_id, band,
227 					 wl->scan.ssid, wl->scan.ssid_len,
228 					 wl->scan.req->ie,
229 					 wl->scan.req->ie_len, false);
230 	if (ret < 0) {
231 		wl1271_error("PROBE request template failed");
232 		goto out;
233 	}
234 
235 	trigger->timeout = cpu_to_le32(wl->conf.scan.split_scan_timeout);
236 	ret = wl1271_cmd_send(wl, CMD_TRIGGER_SCAN_TO, trigger,
237 			      sizeof(*trigger), 0);
238 	if (ret < 0) {
239 		wl1271_error("trigger scan to failed for hw scan");
240 		goto out;
241 	}
242 
243 	wl1271_dump(DEBUG_SCAN, "SCAN: ", cmd, sizeof(*cmd));
244 
245 	ret = wl1271_cmd_send(wl, CMD_SCAN, cmd, sizeof(*cmd), 0);
246 	if (ret < 0) {
247 		wl1271_error("SCAN failed");
248 		goto out;
249 	}
250 
251 out:
252 	kfree(cmd);
253 	kfree(trigger);
254 	return ret;
255 }
256 
257 void wl1271_scan_stm(struct wl1271 *wl, struct ieee80211_vif *vif)
258 {
259 	struct wl12xx_vif *wlvif = wl12xx_vif_to_data(vif);
260 	int ret = 0;
261 	enum ieee80211_band band;
262 	u32 rate, mask;
263 
264 	switch (wl->scan.state) {
265 	case WL1271_SCAN_STATE_IDLE:
266 		break;
267 
268 	case WL1271_SCAN_STATE_2GHZ_ACTIVE:
269 		band = IEEE80211_BAND_2GHZ;
270 		mask = wlvif->bitrate_masks[band];
271 		if (wl->scan.req->no_cck) {
272 			mask &= ~CONF_TX_CCK_RATES;
273 			if (!mask)
274 				mask = CONF_TX_RATE_MASK_BASIC_P2P;
275 		}
276 		rate = wl1271_tx_min_rate_get(wl, mask);
277 		ret = wl1271_scan_send(wl, vif, band, false, rate);
278 		if (ret == WL1271_NOTHING_TO_SCAN) {
279 			wl->scan.state = WL1271_SCAN_STATE_2GHZ_PASSIVE;
280 			wl1271_scan_stm(wl, vif);
281 		}
282 
283 		break;
284 
285 	case WL1271_SCAN_STATE_2GHZ_PASSIVE:
286 		band = IEEE80211_BAND_2GHZ;
287 		mask = wlvif->bitrate_masks[band];
288 		if (wl->scan.req->no_cck) {
289 			mask &= ~CONF_TX_CCK_RATES;
290 			if (!mask)
291 				mask = CONF_TX_RATE_MASK_BASIC_P2P;
292 		}
293 		rate = wl1271_tx_min_rate_get(wl, mask);
294 		ret = wl1271_scan_send(wl, vif, band, true, rate);
295 		if (ret == WL1271_NOTHING_TO_SCAN) {
296 			if (wl->enable_11a)
297 				wl->scan.state = WL1271_SCAN_STATE_5GHZ_ACTIVE;
298 			else
299 				wl->scan.state = WL1271_SCAN_STATE_DONE;
300 			wl1271_scan_stm(wl, vif);
301 		}
302 
303 		break;
304 
305 	case WL1271_SCAN_STATE_5GHZ_ACTIVE:
306 		band = IEEE80211_BAND_5GHZ;
307 		rate = wl1271_tx_min_rate_get(wl, wlvif->bitrate_masks[band]);
308 		ret = wl1271_scan_send(wl, vif, band, false, rate);
309 		if (ret == WL1271_NOTHING_TO_SCAN) {
310 			wl->scan.state = WL1271_SCAN_STATE_5GHZ_PASSIVE;
311 			wl1271_scan_stm(wl, vif);
312 		}
313 
314 		break;
315 
316 	case WL1271_SCAN_STATE_5GHZ_PASSIVE:
317 		band = IEEE80211_BAND_5GHZ;
318 		rate = wl1271_tx_min_rate_get(wl, wlvif->bitrate_masks[band]);
319 		ret = wl1271_scan_send(wl, vif, band, true, rate);
320 		if (ret == WL1271_NOTHING_TO_SCAN) {
321 			wl->scan.state = WL1271_SCAN_STATE_DONE;
322 			wl1271_scan_stm(wl, vif);
323 		}
324 
325 		break;
326 
327 	case WL1271_SCAN_STATE_DONE:
328 		wl->scan.failed = false;
329 		cancel_delayed_work(&wl->scan_complete_work);
330 		ieee80211_queue_delayed_work(wl->hw, &wl->scan_complete_work,
331 					     msecs_to_jiffies(0));
332 		break;
333 
334 	default:
335 		wl1271_error("invalid scan state");
336 		break;
337 	}
338 
339 	if (ret < 0) {
340 		cancel_delayed_work(&wl->scan_complete_work);
341 		ieee80211_queue_delayed_work(wl->hw, &wl->scan_complete_work,
342 					     msecs_to_jiffies(0));
343 	}
344 }
345 
346 int wl1271_scan(struct wl1271 *wl, struct ieee80211_vif *vif,
347 		const u8 *ssid, size_t ssid_len,
348 		struct cfg80211_scan_request *req)
349 {
350 	/*
351 	 * cfg80211 should guarantee that we don't get more channels
352 	 * than what we have registered.
353 	 */
354 	BUG_ON(req->n_channels > WL1271_MAX_CHANNELS);
355 
356 	if (wl->scan.state != WL1271_SCAN_STATE_IDLE)
357 		return -EBUSY;
358 
359 	wl->scan.state = WL1271_SCAN_STATE_2GHZ_ACTIVE;
360 
361 	if (ssid_len && ssid) {
362 		wl->scan.ssid_len = ssid_len;
363 		memcpy(wl->scan.ssid, ssid, ssid_len);
364 	} else {
365 		wl->scan.ssid_len = 0;
366 	}
367 
368 	wl->scan_vif = vif;
369 	wl->scan.req = req;
370 	memset(wl->scan.scanned_ch, 0, sizeof(wl->scan.scanned_ch));
371 
372 	/* we assume failure so that timeout scenarios are handled correctly */
373 	wl->scan.failed = true;
374 	ieee80211_queue_delayed_work(wl->hw, &wl->scan_complete_work,
375 				     msecs_to_jiffies(WL1271_SCAN_TIMEOUT));
376 
377 	wl1271_scan_stm(wl, vif);
378 
379 	return 0;
380 }
381 
382 int wl1271_scan_stop(struct wl1271 *wl)
383 {
384 	struct wl1271_cmd_header *cmd = NULL;
385 	int ret = 0;
386 
387 	if (WARN_ON(wl->scan.state == WL1271_SCAN_STATE_IDLE))
388 		return -EINVAL;
389 
390 	wl1271_debug(DEBUG_CMD, "cmd scan stop");
391 
392 	cmd = kzalloc(sizeof(*cmd), GFP_KERNEL);
393 	if (!cmd) {
394 		ret = -ENOMEM;
395 		goto out;
396 	}
397 
398 	ret = wl1271_cmd_send(wl, CMD_STOP_SCAN, cmd,
399 			      sizeof(*cmd), 0);
400 	if (ret < 0) {
401 		wl1271_error("cmd stop_scan failed");
402 		goto out;
403 	}
404 out:
405 	kfree(cmd);
406 	return ret;
407 }
408 
409 static int
410 wl1271_scan_get_sched_scan_channels(struct wl1271 *wl,
411 				    struct cfg80211_sched_scan_request *req,
412 				    struct conn_scan_ch_params *channels,
413 				    u32 band, bool radar, bool passive,
414 				    int start, int max_channels,
415 				    u8 *n_pactive_ch)
416 {
417 	struct conf_sched_scan_settings *c = &wl->conf.sched_scan;
418 	int i, j;
419 	u32 flags;
420 	bool force_passive = !req->n_ssids;
421 	u32 min_dwell_time_active, max_dwell_time_active, delta_per_probe;
422 	u32 dwell_time_passive, dwell_time_dfs;
423 
424 	if (band == IEEE80211_BAND_5GHZ)
425 		delta_per_probe = c->dwell_time_delta_per_probe_5;
426 	else
427 		delta_per_probe = c->dwell_time_delta_per_probe;
428 
429 	min_dwell_time_active = c->base_dwell_time +
430 		 req->n_ssids * c->num_probe_reqs * delta_per_probe;
431 
432 	max_dwell_time_active = min_dwell_time_active + c->max_dwell_time_delta;
433 
434 	min_dwell_time_active = DIV_ROUND_UP(min_dwell_time_active, 1000);
435 	max_dwell_time_active = DIV_ROUND_UP(max_dwell_time_active, 1000);
436 	dwell_time_passive = DIV_ROUND_UP(c->dwell_time_passive, 1000);
437 	dwell_time_dfs = DIV_ROUND_UP(c->dwell_time_dfs, 1000);
438 
439 	for (i = 0, j = start;
440 	     i < req->n_channels && j < max_channels;
441 	     i++) {
442 		flags = req->channels[i]->flags;
443 
444 		if (force_passive)
445 			flags |= IEEE80211_CHAN_PASSIVE_SCAN;
446 
447 		if ((req->channels[i]->band == band) &&
448 		    !(flags & IEEE80211_CHAN_DISABLED) &&
449 		    (!!(flags & IEEE80211_CHAN_RADAR) == radar) &&
450 		    /* if radar is set, we ignore the passive flag */
451 		    (radar ||
452 		     !!(flags & IEEE80211_CHAN_PASSIVE_SCAN) == passive)) {
453 			wl1271_debug(DEBUG_SCAN, "band %d, center_freq %d ",
454 				     req->channels[i]->band,
455 				     req->channels[i]->center_freq);
456 			wl1271_debug(DEBUG_SCAN, "hw_value %d, flags %X",
457 				     req->channels[i]->hw_value,
458 				     req->channels[i]->flags);
459 			wl1271_debug(DEBUG_SCAN, "max_power %d",
460 				     req->channels[i]->max_power);
461 			wl1271_debug(DEBUG_SCAN, "min_dwell_time %d max dwell time %d",
462 				     min_dwell_time_active,
463 				     max_dwell_time_active);
464 
465 			if (flags & IEEE80211_CHAN_RADAR) {
466 				channels[j].flags |= SCAN_CHANNEL_FLAGS_DFS;
467 
468 				channels[j].passive_duration =
469 					cpu_to_le16(dwell_time_dfs);
470 			} else {
471 				channels[j].passive_duration =
472 					cpu_to_le16(dwell_time_passive);
473 			}
474 
475 			channels[j].min_duration =
476 				cpu_to_le16(min_dwell_time_active);
477 			channels[j].max_duration =
478 				cpu_to_le16(max_dwell_time_active);
479 
480 			channels[j].tx_power_att = req->channels[i]->max_power;
481 			channels[j].channel = req->channels[i]->hw_value;
482 
483 			if ((band == IEEE80211_BAND_2GHZ) &&
484 			    (channels[j].channel >= 12) &&
485 			    (channels[j].channel <= 14) &&
486 			    (flags & IEEE80211_CHAN_PASSIVE_SCAN) &&
487 			    !force_passive) {
488 				/* pactive channels treated as DFS */
489 				channels[j].flags = SCAN_CHANNEL_FLAGS_DFS;
490 
491 				/*
492 				 * n_pactive_ch is counted down from the end of
493 				 * the passive channel list
494 				 */
495 				(*n_pactive_ch)++;
496 				wl1271_debug(DEBUG_SCAN, "n_pactive_ch = %d",
497 					     *n_pactive_ch);
498 			}
499 
500 			j++;
501 		}
502 	}
503 
504 	return j - start;
505 }
506 
507 static bool
508 wl1271_scan_sched_scan_channels(struct wl1271 *wl,
509 				struct cfg80211_sched_scan_request *req,
510 				struct wl1271_cmd_sched_scan_config *cfg)
511 {
512 	u8 n_pactive_ch = 0;
513 
514 	cfg->passive[0] =
515 		wl1271_scan_get_sched_scan_channels(wl, req, cfg->channels_2,
516 						    IEEE80211_BAND_2GHZ,
517 						    false, true, 0,
518 						    MAX_CHANNELS_2GHZ,
519 						    &n_pactive_ch);
520 	cfg->active[0] =
521 		wl1271_scan_get_sched_scan_channels(wl, req, cfg->channels_2,
522 						    IEEE80211_BAND_2GHZ,
523 						    false, false,
524 						    cfg->passive[0],
525 						    MAX_CHANNELS_2GHZ,
526 						    &n_pactive_ch);
527 	cfg->passive[1] =
528 		wl1271_scan_get_sched_scan_channels(wl, req, cfg->channels_5,
529 						    IEEE80211_BAND_5GHZ,
530 						    false, true, 0,
531 						    MAX_CHANNELS_5GHZ,
532 						    &n_pactive_ch);
533 	cfg->dfs =
534 		wl1271_scan_get_sched_scan_channels(wl, req, cfg->channels_5,
535 						    IEEE80211_BAND_5GHZ,
536 						    true, true,
537 						    cfg->passive[1],
538 						    MAX_CHANNELS_5GHZ,
539 						    &n_pactive_ch);
540 	cfg->active[1] =
541 		wl1271_scan_get_sched_scan_channels(wl, req, cfg->channels_5,
542 						    IEEE80211_BAND_5GHZ,
543 						    false, false,
544 						    cfg->passive[1] + cfg->dfs,
545 						    MAX_CHANNELS_5GHZ,
546 						    &n_pactive_ch);
547 	/* 802.11j channels are not supported yet */
548 	cfg->passive[2] = 0;
549 	cfg->active[2] = 0;
550 
551 	cfg->n_pactive_ch = n_pactive_ch;
552 
553 	wl1271_debug(DEBUG_SCAN, "    2.4GHz: active %d passive %d",
554 		     cfg->active[0], cfg->passive[0]);
555 	wl1271_debug(DEBUG_SCAN, "    5GHz: active %d passive %d",
556 		     cfg->active[1], cfg->passive[1]);
557 	wl1271_debug(DEBUG_SCAN, "    DFS: %d", cfg->dfs);
558 
559 	return  cfg->passive[0] || cfg->active[0] ||
560 		cfg->passive[1] || cfg->active[1] || cfg->dfs ||
561 		cfg->passive[2] || cfg->active[2];
562 }
563 
564 /* Returns the scan type to be used or a negative value on error */
565 static int
566 wl12xx_scan_sched_scan_ssid_list(struct wl1271 *wl,
567 				 struct wl12xx_vif *wlvif,
568 				 struct cfg80211_sched_scan_request *req)
569 {
570 	struct wl1271_cmd_sched_scan_ssid_list *cmd = NULL;
571 	struct cfg80211_match_set *sets = req->match_sets;
572 	struct cfg80211_ssid *ssids = req->ssids;
573 	int ret = 0, type, i, j, n_match_ssids = 0;
574 
575 	wl1271_debug(DEBUG_CMD, "cmd sched scan ssid list");
576 
577 	/* count the match sets that contain SSIDs */
578 	for (i = 0; i < req->n_match_sets; i++)
579 		if (sets[i].ssid.ssid_len > 0)
580 			n_match_ssids++;
581 
582 	/* No filter, no ssids or only bcast ssid */
583 	if (!n_match_ssids &&
584 	    (!req->n_ssids ||
585 	     (req->n_ssids == 1 && req->ssids[0].ssid_len == 0))) {
586 		type = SCAN_SSID_FILTER_ANY;
587 		goto out;
588 	}
589 
590 	cmd = kzalloc(sizeof(*cmd), GFP_KERNEL);
591 	if (!cmd) {
592 		ret = -ENOMEM;
593 		goto out;
594 	}
595 
596 	cmd->role_id = wlvif->dev_role_id;
597 	if (!n_match_ssids) {
598 		/* No filter, with ssids */
599 		type = SCAN_SSID_FILTER_DISABLED;
600 
601 		for (i = 0; i < req->n_ssids; i++) {
602 			cmd->ssids[cmd->n_ssids].type = (ssids[i].ssid_len) ?
603 				SCAN_SSID_TYPE_HIDDEN : SCAN_SSID_TYPE_PUBLIC;
604 			cmd->ssids[cmd->n_ssids].len = ssids[i].ssid_len;
605 			memcpy(cmd->ssids[cmd->n_ssids].ssid, ssids[i].ssid,
606 			       ssids[i].ssid_len);
607 			cmd->n_ssids++;
608 		}
609 	} else {
610 		type = SCAN_SSID_FILTER_LIST;
611 
612 		/* Add all SSIDs from the filters */
613 		for (i = 0; i < req->n_match_sets; i++) {
614 			/* ignore sets without SSIDs */
615 			if (!sets[i].ssid.ssid_len)
616 				continue;
617 
618 			cmd->ssids[cmd->n_ssids].type = SCAN_SSID_TYPE_PUBLIC;
619 			cmd->ssids[cmd->n_ssids].len = sets[i].ssid.ssid_len;
620 			memcpy(cmd->ssids[cmd->n_ssids].ssid,
621 			       sets[i].ssid.ssid, sets[i].ssid.ssid_len);
622 			cmd->n_ssids++;
623 		}
624 		if ((req->n_ssids > 1) ||
625 		    (req->n_ssids == 1 && req->ssids[0].ssid_len > 0)) {
626 			/*
627 			 * Mark all the SSIDs passed in the SSID list as HIDDEN,
628 			 * so they're used in probe requests.
629 			 */
630 			for (i = 0; i < req->n_ssids; i++) {
631 				if (!req->ssids[i].ssid_len)
632 					continue;
633 
634 				for (j = 0; j < cmd->n_ssids; j++)
635 					if ((req->ssids[i].ssid_len ==
636 					     cmd->ssids[j].len) &&
637 					    !memcmp(req->ssids[i].ssid,
638 						   cmd->ssids[j].ssid,
639 						   req->ssids[i].ssid_len)) {
640 						cmd->ssids[j].type =
641 							SCAN_SSID_TYPE_HIDDEN;
642 						break;
643 					}
644 				/* Fail if SSID isn't present in the filters */
645 				if (j == cmd->n_ssids) {
646 					ret = -EINVAL;
647 					goto out_free;
648 				}
649 			}
650 		}
651 	}
652 
653 	wl1271_dump(DEBUG_SCAN, "SSID_LIST: ", cmd, sizeof(*cmd));
654 
655 	ret = wl1271_cmd_send(wl, CMD_CONNECTION_SCAN_SSID_CFG, cmd,
656 			      sizeof(*cmd), 0);
657 	if (ret < 0) {
658 		wl1271_error("cmd sched scan ssid list failed");
659 		goto out_free;
660 	}
661 
662 out_free:
663 	kfree(cmd);
664 out:
665 	if (ret < 0)
666 		return ret;
667 	return type;
668 }
669 
670 int wl1271_scan_sched_scan_config(struct wl1271 *wl,
671 				  struct wl12xx_vif *wlvif,
672 				  struct cfg80211_sched_scan_request *req,
673 				  struct ieee80211_sched_scan_ies *ies)
674 {
675 	struct wl1271_cmd_sched_scan_config *cfg = NULL;
676 	struct conf_sched_scan_settings *c = &wl->conf.sched_scan;
677 	int i, ret;
678 	bool force_passive = !req->n_ssids;
679 
680 	wl1271_debug(DEBUG_CMD, "cmd sched_scan scan config");
681 
682 	cfg = kzalloc(sizeof(*cfg), GFP_KERNEL);
683 	if (!cfg)
684 		return -ENOMEM;
685 
686 	cfg->role_id = wlvif->dev_role_id;
687 	cfg->rssi_threshold = c->rssi_threshold;
688 	cfg->snr_threshold  = c->snr_threshold;
689 	cfg->n_probe_reqs = c->num_probe_reqs;
690 	/* cycles set to 0 it means infinite (until manually stopped) */
691 	cfg->cycles = 0;
692 	/* report APs when at least 1 is found */
693 	cfg->report_after = 1;
694 	/* don't stop scanning automatically when something is found */
695 	cfg->terminate = 0;
696 	cfg->tag = WL1271_SCAN_DEFAULT_TAG;
697 	/* don't filter on BSS type */
698 	cfg->bss_type = SCAN_BSS_TYPE_ANY;
699 	/* currently NL80211 supports only a single interval */
700 	for (i = 0; i < SCAN_MAX_CYCLE_INTERVALS; i++)
701 		cfg->intervals[i] = cpu_to_le32(req->interval);
702 
703 	cfg->ssid_len = 0;
704 	ret = wl12xx_scan_sched_scan_ssid_list(wl, wlvif, req);
705 	if (ret < 0)
706 		goto out;
707 
708 	cfg->filter_type = ret;
709 
710 	wl1271_debug(DEBUG_SCAN, "filter_type = %d", cfg->filter_type);
711 
712 	if (!wl1271_scan_sched_scan_channels(wl, req, cfg)) {
713 		wl1271_error("scan channel list is empty");
714 		ret = -EINVAL;
715 		goto out;
716 	}
717 
718 	if (!force_passive && cfg->active[0]) {
719 		u8 band = IEEE80211_BAND_2GHZ;
720 		ret = wl12xx_cmd_build_probe_req(wl, wlvif,
721 						 wlvif->dev_role_id, band,
722 						 req->ssids[0].ssid,
723 						 req->ssids[0].ssid_len,
724 						 ies->ie[band],
725 						 ies->len[band], true);
726 		if (ret < 0) {
727 			wl1271_error("2.4GHz PROBE request template failed");
728 			goto out;
729 		}
730 	}
731 
732 	if (!force_passive && cfg->active[1]) {
733 		u8 band = IEEE80211_BAND_5GHZ;
734 		ret = wl12xx_cmd_build_probe_req(wl, wlvif,
735 						 wlvif->dev_role_id, band,
736 						 req->ssids[0].ssid,
737 						 req->ssids[0].ssid_len,
738 						 ies->ie[band],
739 						 ies->len[band], true);
740 		if (ret < 0) {
741 			wl1271_error("5GHz PROBE request template failed");
742 			goto out;
743 		}
744 	}
745 
746 	wl1271_dump(DEBUG_SCAN, "SCAN_CFG: ", cfg, sizeof(*cfg));
747 
748 	ret = wl1271_cmd_send(wl, CMD_CONNECTION_SCAN_CFG, cfg,
749 			      sizeof(*cfg), 0);
750 	if (ret < 0) {
751 		wl1271_error("SCAN configuration failed");
752 		goto out;
753 	}
754 out:
755 	kfree(cfg);
756 	return ret;
757 }
758 
759 int wl1271_scan_sched_scan_start(struct wl1271 *wl, struct wl12xx_vif *wlvif)
760 {
761 	struct wl1271_cmd_sched_scan_start *start;
762 	int ret = 0;
763 
764 	wl1271_debug(DEBUG_CMD, "cmd periodic scan start");
765 
766 	if (wlvif->bss_type != BSS_TYPE_STA_BSS)
767 		return -EOPNOTSUPP;
768 
769 	if ((wl->quirks & WLCORE_QUIRK_NO_SCHED_SCAN_WHILE_CONN) &&
770 	    test_bit(WLVIF_FLAG_IN_USE, &wlvif->flags))
771 		return -EBUSY;
772 
773 	start = kzalloc(sizeof(*start), GFP_KERNEL);
774 	if (!start)
775 		return -ENOMEM;
776 
777 	start->role_id = wlvif->dev_role_id;
778 	start->tag = WL1271_SCAN_DEFAULT_TAG;
779 
780 	ret = wl1271_cmd_send(wl, CMD_START_PERIODIC_SCAN, start,
781 			      sizeof(*start), 0);
782 	if (ret < 0) {
783 		wl1271_error("failed to send scan start command");
784 		goto out_free;
785 	}
786 
787 out_free:
788 	kfree(start);
789 	return ret;
790 }
791 
792 void wl1271_scan_sched_scan_results(struct wl1271 *wl)
793 {
794 	wl1271_debug(DEBUG_SCAN, "got periodic scan results");
795 
796 	ieee80211_sched_scan_results(wl->hw);
797 }
798 
799 void wl1271_scan_sched_scan_stop(struct wl1271 *wl,  struct wl12xx_vif *wlvif)
800 {
801 	struct wl1271_cmd_sched_scan_stop *stop;
802 	int ret = 0;
803 
804 	wl1271_debug(DEBUG_CMD, "cmd periodic scan stop");
805 
806 	/* FIXME: what to do if alloc'ing to stop fails? */
807 	stop = kzalloc(sizeof(*stop), GFP_KERNEL);
808 	if (!stop) {
809 		wl1271_error("failed to alloc memory to send sched scan stop");
810 		return;
811 	}
812 
813 	stop->role_id = wlvif->dev_role_id;
814 	stop->tag = WL1271_SCAN_DEFAULT_TAG;
815 
816 	ret = wl1271_cmd_send(wl, CMD_STOP_PERIODIC_SCAN, stop,
817 			      sizeof(*stop), 0);
818 	if (ret < 0) {
819 		wl1271_error("failed to send sched scan stop command");
820 		goto out_free;
821 	}
822 
823 out_free:
824 	kfree(stop);
825 }
826