1// SPDX-License-Identifier: GPL-2.0-only 2/* 3 * NXP Wireless LAN device driver: commands and events 4 * 5 * Copyright 2011-2020 NXP 6 */ 7 8#include <asm/unaligned.h> 9#include "decl.h" 10#include "ioctl.h" 11#include "util.h" 12#include "fw.h" 13#include "main.h" 14#include "wmm.h" 15#include "11n.h" 16 17static void mwifiex_cancel_pending_ioctl(struct mwifiex_adapter *adapter); 18 19/* 20 * This function initializes a command node. 21 * 22 * The actual allocation of the node is not done by this function. It only 23 * initiates a node by filling it with default parameters. Similarly, 24 * allocation of the different buffers used (IOCTL buffer, data buffer) are 25 * not done by this function either. 26 */ 27static void 28mwifiex_init_cmd_node(struct mwifiex_private *priv, 29 struct cmd_ctrl_node *cmd_node, 30 u32 cmd_no, void *data_buf, bool sync) 31{ 32 cmd_node->priv = priv; 33 cmd_node->cmd_no = cmd_no; 34 35 if (sync) { 36 cmd_node->wait_q_enabled = true; 37 cmd_node->cmd_wait_q_woken = false; 38 cmd_node->condition = &cmd_node->cmd_wait_q_woken; 39 } 40 cmd_node->data_buf = data_buf; 41 cmd_node->cmd_skb = cmd_node->skb; 42} 43 44/* 45 * This function returns a command node from the free queue depending upon 46 * availability. 47 */ 48static struct cmd_ctrl_node * 49mwifiex_get_cmd_node(struct mwifiex_adapter *adapter) 50{ 51 struct cmd_ctrl_node *cmd_node; 52 53 spin_lock_bh(&adapter->cmd_free_q_lock); 54 if (list_empty(&adapter->cmd_free_q)) { 55 mwifiex_dbg(adapter, ERROR, 56 "GET_CMD_NODE: cmd node not available\n"); 57 spin_unlock_bh(&adapter->cmd_free_q_lock); 58 return NULL; 59 } 60 cmd_node = list_first_entry(&adapter->cmd_free_q, 61 struct cmd_ctrl_node, list); 62 list_del(&cmd_node->list); 63 spin_unlock_bh(&adapter->cmd_free_q_lock); 64 65 return cmd_node; 66} 67 68/* 69 * This function cleans up a command node. 70 * 71 * The function resets the fields including the buffer pointers. 72 * This function does not try to free the buffers. They must be 73 * freed before calling this function. 74 * 75 * This function will however call the receive completion callback 76 * in case a response buffer is still available before resetting 77 * the pointer. 78 */ 79static void 80mwifiex_clean_cmd_node(struct mwifiex_adapter *adapter, 81 struct cmd_ctrl_node *cmd_node) 82{ 83 cmd_node->cmd_no = 0; 84 cmd_node->cmd_flag = 0; 85 cmd_node->data_buf = NULL; 86 cmd_node->wait_q_enabled = false; 87 88 if (cmd_node->cmd_skb) 89 skb_trim(cmd_node->cmd_skb, 0); 90 91 if (cmd_node->resp_skb) { 92 adapter->if_ops.cmdrsp_complete(adapter, cmd_node->resp_skb); 93 cmd_node->resp_skb = NULL; 94 } 95} 96 97/* 98 * This function returns a command to the command free queue. 99 * 100 * The function also calls the completion callback if required, before 101 * cleaning the command node and re-inserting it into the free queue. 102 */ 103static void 104mwifiex_insert_cmd_to_free_q(struct mwifiex_adapter *adapter, 105 struct cmd_ctrl_node *cmd_node) 106{ 107 if (!cmd_node) 108 return; 109 110 if (cmd_node->wait_q_enabled) 111 mwifiex_complete_cmd(adapter, cmd_node); 112 /* Clean the node */ 113 mwifiex_clean_cmd_node(adapter, cmd_node); 114 115 /* Insert node into cmd_free_q */ 116 spin_lock_bh(&adapter->cmd_free_q_lock); 117 list_add_tail(&cmd_node->list, &adapter->cmd_free_q); 118 spin_unlock_bh(&adapter->cmd_free_q_lock); 119} 120 121/* This function reuses a command node. */ 122void mwifiex_recycle_cmd_node(struct mwifiex_adapter *adapter, 123 struct cmd_ctrl_node *cmd_node) 124{ 125 struct host_cmd_ds_command *host_cmd = (void *)cmd_node->cmd_skb->data; 126 127 mwifiex_insert_cmd_to_free_q(adapter, cmd_node); 128 129 atomic_dec(&adapter->cmd_pending); 130 mwifiex_dbg(adapter, CMD, 131 "cmd: FREE_CMD: cmd=%#x, cmd_pending=%d\n", 132 le16_to_cpu(host_cmd->command), 133 atomic_read(&adapter->cmd_pending)); 134} 135 136/* 137 * This function sends a host command to the firmware. 138 * 139 * The function copies the host command into the driver command 140 * buffer, which will be transferred to the firmware later by the 141 * main thread. 142 */ 143static int mwifiex_cmd_host_cmd(struct mwifiex_private *priv, 144 struct host_cmd_ds_command *cmd, 145 struct mwifiex_ds_misc_cmd *pcmd_ptr) 146{ 147 /* Copy the HOST command to command buffer */ 148 memcpy(cmd, pcmd_ptr->cmd, pcmd_ptr->len); 149 mwifiex_dbg(priv->adapter, CMD, 150 "cmd: host cmd size = %d\n", pcmd_ptr->len); 151 return 0; 152} 153 154/* 155 * This function downloads a command to the firmware. 156 * 157 * The function performs sanity tests, sets the command sequence 158 * number and size, converts the header fields to CPU format before 159 * sending. Afterwards, it logs the command ID and action for debugging 160 * and sets up the command timeout timer. 161 */ 162static int mwifiex_dnld_cmd_to_fw(struct mwifiex_private *priv, 163 struct cmd_ctrl_node *cmd_node) 164{ 165 166 struct mwifiex_adapter *adapter = priv->adapter; 167 int ret; 168 struct host_cmd_ds_command *host_cmd; 169 uint16_t cmd_code; 170 uint16_t cmd_size; 171 172 if (!adapter || !cmd_node) 173 return -1; 174 175 host_cmd = (struct host_cmd_ds_command *) (cmd_node->cmd_skb->data); 176 177 /* Sanity test */ 178 if (host_cmd->size == 0) { 179 mwifiex_dbg(adapter, ERROR, 180 "DNLD_CMD: host_cmd is null\t" 181 "or cmd size is 0, not sending\n"); 182 if (cmd_node->wait_q_enabled) 183 adapter->cmd_wait_q.status = -1; 184 mwifiex_recycle_cmd_node(adapter, cmd_node); 185 return -1; 186 } 187 188 cmd_code = le16_to_cpu(host_cmd->command); 189 cmd_node->cmd_no = cmd_code; 190 cmd_size = le16_to_cpu(host_cmd->size); 191 192 if (adapter->hw_status == MWIFIEX_HW_STATUS_RESET && 193 cmd_code != HostCmd_CMD_FUNC_SHUTDOWN && 194 cmd_code != HostCmd_CMD_FUNC_INIT) { 195 mwifiex_dbg(adapter, ERROR, 196 "DNLD_CMD: FW in reset state, ignore cmd %#x\n", 197 cmd_code); 198 mwifiex_recycle_cmd_node(adapter, cmd_node); 199 queue_work(adapter->workqueue, &adapter->main_work); 200 return -1; 201 } 202 203 /* Set command sequence number */ 204 adapter->seq_num++; 205 host_cmd->seq_num = cpu_to_le16(HostCmd_SET_SEQ_NO_BSS_INFO 206 (adapter->seq_num, 207 cmd_node->priv->bss_num, 208 cmd_node->priv->bss_type)); 209 210 spin_lock_bh(&adapter->mwifiex_cmd_lock); 211 adapter->curr_cmd = cmd_node; 212 spin_unlock_bh(&adapter->mwifiex_cmd_lock); 213 214 /* Adjust skb length */ 215 if (cmd_node->cmd_skb->len > cmd_size) 216 /* 217 * cmd_size is less than sizeof(struct host_cmd_ds_command). 218 * Trim off the unused portion. 219 */ 220 skb_trim(cmd_node->cmd_skb, cmd_size); 221 else if (cmd_node->cmd_skb->len < cmd_size) 222 /* 223 * cmd_size is larger than sizeof(struct host_cmd_ds_command) 224 * because we have appended custom IE TLV. Increase skb length 225 * accordingly. 226 */ 227 skb_put(cmd_node->cmd_skb, cmd_size - cmd_node->cmd_skb->len); 228 229 mwifiex_dbg(adapter, CMD, 230 "cmd: DNLD_CMD: %#x, act %#x, len %d, seqno %#x\n", 231 cmd_code, 232 get_unaligned_le16((u8 *)host_cmd + S_DS_GEN), 233 cmd_size, le16_to_cpu(host_cmd->seq_num)); 234 mwifiex_dbg_dump(adapter, CMD_D, "cmd buffer:", host_cmd, cmd_size); 235 236 if (adapter->iface_type == MWIFIEX_USB) { 237 skb_push(cmd_node->cmd_skb, MWIFIEX_TYPE_LEN); 238 put_unaligned_le32(MWIFIEX_USB_TYPE_CMD, 239 cmd_node->cmd_skb->data); 240 adapter->cmd_sent = true; 241 ret = adapter->if_ops.host_to_card(adapter, 242 MWIFIEX_USB_EP_CMD_EVENT, 243 cmd_node->cmd_skb, NULL); 244 skb_pull(cmd_node->cmd_skb, MWIFIEX_TYPE_LEN); 245 if (ret == -EBUSY) 246 cmd_node->cmd_skb = NULL; 247 } else { 248 skb_push(cmd_node->cmd_skb, adapter->intf_hdr_len); 249 ret = adapter->if_ops.host_to_card(adapter, MWIFIEX_TYPE_CMD, 250 cmd_node->cmd_skb, NULL); 251 skb_pull(cmd_node->cmd_skb, adapter->intf_hdr_len); 252 } 253 254 if (ret == -1) { 255 mwifiex_dbg(adapter, ERROR, 256 "DNLD_CMD: host to card failed\n"); 257 if (adapter->iface_type == MWIFIEX_USB) 258 adapter->cmd_sent = false; 259 if (cmd_node->wait_q_enabled) 260 adapter->cmd_wait_q.status = -1; 261 mwifiex_recycle_cmd_node(adapter, adapter->curr_cmd); 262 263 spin_lock_bh(&adapter->mwifiex_cmd_lock); 264 adapter->curr_cmd = NULL; 265 spin_unlock_bh(&adapter->mwifiex_cmd_lock); 266 267 adapter->dbg.num_cmd_host_to_card_failure++; 268 return -1; 269 } 270 271 /* Save the last command id and action to debug log */ 272 adapter->dbg.last_cmd_index = 273 (adapter->dbg.last_cmd_index + 1) % DBG_CMD_NUM; 274 adapter->dbg.last_cmd_id[adapter->dbg.last_cmd_index] = cmd_code; 275 adapter->dbg.last_cmd_act[adapter->dbg.last_cmd_index] = 276 get_unaligned_le16((u8 *)host_cmd + S_DS_GEN); 277 278 /* Setup the timer after transmit command, except that specific 279 * command might not have command response. 280 */ 281 if (cmd_code != HostCmd_CMD_FW_DUMP_EVENT) 282 mod_timer(&adapter->cmd_timer, 283 jiffies + msecs_to_jiffies(MWIFIEX_TIMER_10S)); 284 285 /* Clear BSS_NO_BITS from HostCmd */ 286 cmd_code &= HostCmd_CMD_ID_MASK; 287 288 return 0; 289} 290 291/* 292 * This function downloads a sleep confirm command to the firmware. 293 * 294 * The function performs sanity tests, sets the command sequence 295 * number and size, converts the header fields to CPU format before 296 * sending. 297 * 298 * No responses are needed for sleep confirm command. 299 */ 300static int mwifiex_dnld_sleep_confirm_cmd(struct mwifiex_adapter *adapter) 301{ 302 int ret; 303 struct mwifiex_private *priv; 304 struct mwifiex_opt_sleep_confirm *sleep_cfm_buf = 305 (struct mwifiex_opt_sleep_confirm *) 306 adapter->sleep_cfm->data; 307 struct sk_buff *sleep_cfm_tmp; 308 309 priv = mwifiex_get_priv(adapter, MWIFIEX_BSS_ROLE_ANY); 310 311 adapter->seq_num++; 312 sleep_cfm_buf->seq_num = 313 cpu_to_le16(HostCmd_SET_SEQ_NO_BSS_INFO 314 (adapter->seq_num, priv->bss_num, 315 priv->bss_type)); 316 317 mwifiex_dbg(adapter, CMD, 318 "cmd: DNLD_CMD: %#x, act %#x, len %d, seqno %#x\n", 319 le16_to_cpu(sleep_cfm_buf->command), 320 le16_to_cpu(sleep_cfm_buf->action), 321 le16_to_cpu(sleep_cfm_buf->size), 322 le16_to_cpu(sleep_cfm_buf->seq_num)); 323 mwifiex_dbg_dump(adapter, CMD_D, "SLEEP_CFM buffer: ", sleep_cfm_buf, 324 le16_to_cpu(sleep_cfm_buf->size)); 325 326 if (adapter->iface_type == MWIFIEX_USB) { 327 sleep_cfm_tmp = 328 dev_alloc_skb(sizeof(struct mwifiex_opt_sleep_confirm) 329 + MWIFIEX_TYPE_LEN); 330 if (!sleep_cfm_tmp) { 331 mwifiex_dbg(adapter, ERROR, 332 "SLEEP_CFM: dev_alloc_skb failed\n"); 333 return -ENOMEM; 334 } 335 336 skb_put(sleep_cfm_tmp, sizeof(struct mwifiex_opt_sleep_confirm) 337 + MWIFIEX_TYPE_LEN); 338 put_unaligned_le32(MWIFIEX_USB_TYPE_CMD, sleep_cfm_tmp->data); 339 memcpy(sleep_cfm_tmp->data + MWIFIEX_TYPE_LEN, 340 adapter->sleep_cfm->data, 341 sizeof(struct mwifiex_opt_sleep_confirm)); 342 ret = adapter->if_ops.host_to_card(adapter, 343 MWIFIEX_USB_EP_CMD_EVENT, 344 sleep_cfm_tmp, NULL); 345 if (ret != -EBUSY) 346 dev_kfree_skb_any(sleep_cfm_tmp); 347 } else { 348 skb_push(adapter->sleep_cfm, adapter->intf_hdr_len); 349 ret = adapter->if_ops.host_to_card(adapter, MWIFIEX_TYPE_CMD, 350 adapter->sleep_cfm, NULL); 351 skb_pull(adapter->sleep_cfm, adapter->intf_hdr_len); 352 } 353 354 if (ret == -1) { 355 mwifiex_dbg(adapter, ERROR, "SLEEP_CFM: failed\n"); 356 adapter->dbg.num_cmd_sleep_cfm_host_to_card_failure++; 357 return -1; 358 } 359 360 if (!le16_to_cpu(sleep_cfm_buf->resp_ctrl)) 361 /* Response is not needed for sleep confirm command */ 362 adapter->ps_state = PS_STATE_SLEEP; 363 else 364 adapter->ps_state = PS_STATE_SLEEP_CFM; 365 366 if (!le16_to_cpu(sleep_cfm_buf->resp_ctrl) && 367 (test_bit(MWIFIEX_IS_HS_CONFIGURED, &adapter->work_flags) && 368 !adapter->sleep_period.period)) { 369 adapter->pm_wakeup_card_req = true; 370 mwifiex_hs_activated_event(mwifiex_get_priv 371 (adapter, MWIFIEX_BSS_ROLE_ANY), true); 372 } 373 374 return ret; 375} 376 377/* 378 * This function allocates the command buffers and links them to 379 * the command free queue. 380 * 381 * The driver uses a pre allocated number of command buffers, which 382 * are created at driver initializations and freed at driver cleanup. 383 * Every command needs to obtain a command buffer from this pool before 384 * it can be issued. The command free queue lists the command buffers 385 * currently free to use, while the command pending queue lists the 386 * command buffers already in use and awaiting handling. Command buffers 387 * are returned to the free queue after use. 388 */ 389int mwifiex_alloc_cmd_buffer(struct mwifiex_adapter *adapter) 390{ 391 struct cmd_ctrl_node *cmd_array; 392 u32 i; 393 394 /* Allocate and initialize struct cmd_ctrl_node */ 395 cmd_array = kcalloc(MWIFIEX_NUM_OF_CMD_BUFFER, 396 sizeof(struct cmd_ctrl_node), GFP_KERNEL); 397 if (!cmd_array) 398 return -ENOMEM; 399 400 adapter->cmd_pool = cmd_array; 401 402 /* Allocate and initialize command buffers */ 403 for (i = 0; i < MWIFIEX_NUM_OF_CMD_BUFFER; i++) { 404 cmd_array[i].skb = dev_alloc_skb(MWIFIEX_SIZE_OF_CMD_BUFFER); 405 if (!cmd_array[i].skb) { 406 mwifiex_dbg(adapter, ERROR, 407 "unable to allocate command buffer\n"); 408 return -ENOMEM; 409 } 410 } 411 412 for (i = 0; i < MWIFIEX_NUM_OF_CMD_BUFFER; i++) 413 mwifiex_insert_cmd_to_free_q(adapter, &cmd_array[i]); 414 415 return 0; 416} 417 418/* 419 * This function frees the command buffers. 420 * 421 * The function calls the completion callback for all the command 422 * buffers that still have response buffers associated with them. 423 */ 424void mwifiex_free_cmd_buffer(struct mwifiex_adapter *adapter) 425{ 426 struct cmd_ctrl_node *cmd_array; 427 u32 i; 428 429 /* Need to check if cmd pool is allocated or not */ 430 if (!adapter->cmd_pool) { 431 mwifiex_dbg(adapter, FATAL, 432 "info: FREE_CMD_BUF: cmd_pool is null\n"); 433 return; 434 } 435 436 cmd_array = adapter->cmd_pool; 437 438 /* Release shared memory buffers */ 439 for (i = 0; i < MWIFIEX_NUM_OF_CMD_BUFFER; i++) { 440 if (cmd_array[i].skb) { 441 mwifiex_dbg(adapter, CMD, 442 "cmd: free cmd buffer %d\n", i); 443 dev_kfree_skb_any(cmd_array[i].skb); 444 } 445 if (!cmd_array[i].resp_skb) 446 continue; 447 448 if (adapter->iface_type == MWIFIEX_USB) 449 adapter->if_ops.cmdrsp_complete(adapter, 450 cmd_array[i].resp_skb); 451 else 452 dev_kfree_skb_any(cmd_array[i].resp_skb); 453 } 454 /* Release struct cmd_ctrl_node */ 455 if (adapter->cmd_pool) { 456 mwifiex_dbg(adapter, CMD, 457 "cmd: free cmd pool\n"); 458 kfree(adapter->cmd_pool); 459 adapter->cmd_pool = NULL; 460 } 461} 462 463/* 464 * This function handles events generated by firmware. 465 * 466 * Event body of events received from firmware are not used (though they are 467 * saved), only the event ID is used. Some events are re-invoked by 468 * the driver, with a new event body. 469 * 470 * After processing, the function calls the completion callback 471 * for cleanup. 472 */ 473int mwifiex_process_event(struct mwifiex_adapter *adapter) 474{ 475 int ret, i; 476 struct mwifiex_private *priv = 477 mwifiex_get_priv(adapter, MWIFIEX_BSS_ROLE_ANY); 478 struct sk_buff *skb = adapter->event_skb; 479 u32 eventcause; 480 struct mwifiex_rxinfo *rx_info; 481 482 if ((adapter->event_cause & EVENT_ID_MASK) == EVENT_RADAR_DETECTED) { 483 for (i = 0; i < adapter->priv_num; i++) { 484 priv = adapter->priv[i]; 485 if (priv && mwifiex_is_11h_active(priv)) { 486 adapter->event_cause |= 487 ((priv->bss_num & 0xff) << 16) | 488 ((priv->bss_type & 0xff) << 24); 489 break; 490 } 491 } 492 } 493 494 eventcause = adapter->event_cause; 495 496 /* Save the last event to debug log */ 497 adapter->dbg.last_event_index = 498 (adapter->dbg.last_event_index + 1) % DBG_CMD_NUM; 499 adapter->dbg.last_event[adapter->dbg.last_event_index] = 500 (u16) eventcause; 501 502 /* Get BSS number and corresponding priv */ 503 priv = mwifiex_get_priv_by_id(adapter, EVENT_GET_BSS_NUM(eventcause), 504 EVENT_GET_BSS_TYPE(eventcause)); 505 if (!priv) 506 priv = mwifiex_get_priv(adapter, MWIFIEX_BSS_ROLE_ANY); 507 508 /* Clear BSS_NO_BITS from event */ 509 eventcause &= EVENT_ID_MASK; 510 adapter->event_cause = eventcause; 511 512 if (skb) { 513 rx_info = MWIFIEX_SKB_RXCB(skb); 514 memset(rx_info, 0, sizeof(*rx_info)); 515 rx_info->bss_num = priv->bss_num; 516 rx_info->bss_type = priv->bss_type; 517 mwifiex_dbg_dump(adapter, EVT_D, "Event Buf:", 518 skb->data, skb->len); 519 } 520 521 mwifiex_dbg(adapter, EVENT, "EVENT: cause: %#x\n", eventcause); 522 523 if (priv->bss_role == MWIFIEX_BSS_ROLE_UAP) 524 ret = mwifiex_process_uap_event(priv); 525 else 526 ret = mwifiex_process_sta_event(priv); 527 528 adapter->event_cause = 0; 529 adapter->event_skb = NULL; 530 adapter->if_ops.event_complete(adapter, skb); 531 532 return ret; 533} 534 535/* 536 * This function prepares a command and send it to the firmware. 537 * 538 * Preparation includes - 539 * - Sanity tests to make sure the card is still present or the FW 540 * is not reset 541 * - Getting a new command node from the command free queue 542 * - Initializing the command node for default parameters 543 * - Fill up the non-default parameters and buffer pointers 544 * - Add the command to pending queue 545 */ 546int mwifiex_send_cmd(struct mwifiex_private *priv, u16 cmd_no, 547 u16 cmd_action, u32 cmd_oid, void *data_buf, bool sync) 548{ 549 int ret; 550 struct mwifiex_adapter *adapter = priv->adapter; 551 struct cmd_ctrl_node *cmd_node; 552 struct host_cmd_ds_command *cmd_ptr; 553 554 if (!adapter) { 555 pr_err("PREP_CMD: adapter is NULL\n"); 556 return -1; 557 } 558 559 if (test_bit(MWIFIEX_IS_SUSPENDED, &adapter->work_flags)) { 560 mwifiex_dbg(adapter, ERROR, 561 "PREP_CMD: device in suspended state\n"); 562 return -1; 563 } 564 565 if (test_bit(MWIFIEX_IS_HS_ENABLING, &adapter->work_flags) && 566 cmd_no != HostCmd_CMD_802_11_HS_CFG_ENH) { 567 mwifiex_dbg(adapter, ERROR, 568 "PREP_CMD: host entering sleep state\n"); 569 return -1; 570 } 571 572 if (test_bit(MWIFIEX_SURPRISE_REMOVED, &adapter->work_flags)) { 573 mwifiex_dbg(adapter, ERROR, 574 "PREP_CMD: card is removed\n"); 575 return -1; 576 } 577 578 if (test_bit(MWIFIEX_IS_CMD_TIMEDOUT, &adapter->work_flags)) { 579 mwifiex_dbg(adapter, ERROR, 580 "PREP_CMD: FW is in bad state\n"); 581 return -1; 582 } 583 584 if (adapter->hw_status == MWIFIEX_HW_STATUS_RESET) { 585 if (cmd_no != HostCmd_CMD_FUNC_INIT) { 586 mwifiex_dbg(adapter, ERROR, 587 "PREP_CMD: FW in reset state\n"); 588 return -1; 589 } 590 } 591 /* We don't expect commands in manufacturing mode. They are cooked 592 * in application and ready to download buffer is passed to the driver 593 */ 594 if (adapter->mfg_mode && cmd_no) { 595 dev_dbg(adapter->dev, "Ignoring commands in manufacturing mode\n"); 596 return -1; 597 } 598 599 if (priv->adapter->hs_activated_manually && 600 cmd_no != HostCmd_CMD_802_11_HS_CFG_ENH) { 601 mwifiex_cancel_hs(priv, MWIFIEX_ASYNC_CMD); 602 priv->adapter->hs_activated_manually = false; 603 } 604 605 /* Get a new command node */ 606 cmd_node = mwifiex_get_cmd_node(adapter); 607 608 if (!cmd_node) { 609 mwifiex_dbg(adapter, ERROR, 610 "PREP_CMD: no free cmd node\n"); 611 return -1; 612 } 613 614 /* Initialize the command node */ 615 mwifiex_init_cmd_node(priv, cmd_node, cmd_no, data_buf, sync); 616 617 if (!cmd_node->cmd_skb) { 618 mwifiex_dbg(adapter, ERROR, 619 "PREP_CMD: no free cmd buf\n"); 620 return -1; 621 } 622 623 skb_put_zero(cmd_node->cmd_skb, sizeof(struct host_cmd_ds_command)); 624 625 cmd_ptr = (struct host_cmd_ds_command *) (cmd_node->cmd_skb->data); 626 cmd_ptr->command = cpu_to_le16(cmd_no); 627 cmd_ptr->result = 0; 628 629 /* Prepare command */ 630 if (cmd_no) { 631 switch (cmd_no) { 632 case HostCmd_CMD_UAP_SYS_CONFIG: 633 case HostCmd_CMD_UAP_BSS_START: 634 case HostCmd_CMD_UAP_BSS_STOP: 635 case HostCmd_CMD_UAP_STA_DEAUTH: 636 case HOST_CMD_APCMD_SYS_RESET: 637 case HOST_CMD_APCMD_STA_LIST: 638 ret = mwifiex_uap_prepare_cmd(priv, cmd_no, cmd_action, 639 cmd_oid, data_buf, 640 cmd_ptr); 641 break; 642 default: 643 ret = mwifiex_sta_prepare_cmd(priv, cmd_no, cmd_action, 644 cmd_oid, data_buf, 645 cmd_ptr); 646 break; 647 } 648 } else { 649 ret = mwifiex_cmd_host_cmd(priv, cmd_ptr, data_buf); 650 cmd_node->cmd_flag |= CMD_F_HOSTCMD; 651 } 652 653 /* Return error, since the command preparation failed */ 654 if (ret) { 655 mwifiex_dbg(adapter, ERROR, 656 "PREP_CMD: cmd %#x preparation failed\n", 657 cmd_no); 658 mwifiex_insert_cmd_to_free_q(adapter, cmd_node); 659 return -1; 660 } 661 662 /* Send command */ 663 if (cmd_no == HostCmd_CMD_802_11_SCAN || 664 cmd_no == HostCmd_CMD_802_11_SCAN_EXT) { 665 mwifiex_queue_scan_cmd(priv, cmd_node); 666 } else { 667 mwifiex_insert_cmd_to_pending_q(adapter, cmd_node); 668 queue_work(adapter->workqueue, &adapter->main_work); 669 if (cmd_node->wait_q_enabled) 670 ret = mwifiex_wait_queue_complete(adapter, cmd_node); 671 } 672 673 return ret; 674} 675 676/* 677 * This function queues a command to the command pending queue. 678 * 679 * This in effect adds the command to the command list to be executed. 680 * Exit PS command is handled specially, by placing it always to the 681 * front of the command queue. 682 */ 683void 684mwifiex_insert_cmd_to_pending_q(struct mwifiex_adapter *adapter, 685 struct cmd_ctrl_node *cmd_node) 686{ 687 struct host_cmd_ds_command *host_cmd = NULL; 688 u16 command; 689 bool add_tail = true; 690 691 host_cmd = (struct host_cmd_ds_command *) (cmd_node->cmd_skb->data); 692 if (!host_cmd) { 693 mwifiex_dbg(adapter, ERROR, "QUEUE_CMD: host_cmd is NULL\n"); 694 return; 695 } 696 697 command = le16_to_cpu(host_cmd->command); 698 699 /* Exit_PS command needs to be queued in the header always. */ 700 if (command == HostCmd_CMD_802_11_PS_MODE_ENH) { 701 struct host_cmd_ds_802_11_ps_mode_enh *pm = 702 &host_cmd->params.psmode_enh; 703 if ((le16_to_cpu(pm->action) == DIS_PS) || 704 (le16_to_cpu(pm->action) == DIS_AUTO_PS)) { 705 if (adapter->ps_state != PS_STATE_AWAKE) 706 add_tail = false; 707 } 708 } 709 710 /* Same with exit host sleep cmd, luckily that can't happen at the same time as EXIT_PS */ 711 if (command == HostCmd_CMD_802_11_HS_CFG_ENH) { 712 struct host_cmd_ds_802_11_hs_cfg_enh *hs_cfg = 713 &host_cmd->params.opt_hs_cfg; 714 715 if (le16_to_cpu(hs_cfg->action) == HS_ACTIVATE) 716 add_tail = false; 717 } 718 719 spin_lock_bh(&adapter->cmd_pending_q_lock); 720 if (add_tail) 721 list_add_tail(&cmd_node->list, &adapter->cmd_pending_q); 722 else 723 list_add(&cmd_node->list, &adapter->cmd_pending_q); 724 spin_unlock_bh(&adapter->cmd_pending_q_lock); 725 726 atomic_inc(&adapter->cmd_pending); 727 mwifiex_dbg(adapter, CMD, 728 "cmd: QUEUE_CMD: cmd=%#x, cmd_pending=%d\n", 729 command, atomic_read(&adapter->cmd_pending)); 730} 731 732/* 733 * This function executes the next command in command pending queue. 734 * 735 * This function will fail if a command is already in processing stage, 736 * otherwise it will dequeue the first command from the command pending 737 * queue and send to the firmware. 738 * 739 * If the device is currently in host sleep mode, any commands, except the 740 * host sleep configuration command will de-activate the host sleep. For PS 741 * mode, the function will put the firmware back to sleep if applicable. 742 */ 743int mwifiex_exec_next_cmd(struct mwifiex_adapter *adapter) 744{ 745 struct mwifiex_private *priv; 746 struct cmd_ctrl_node *cmd_node; 747 int ret = 0; 748 struct host_cmd_ds_command *host_cmd; 749 750 /* Check if already in processing */ 751 if (adapter->curr_cmd) { 752 mwifiex_dbg(adapter, FATAL, 753 "EXEC_NEXT_CMD: cmd in processing\n"); 754 return -1; 755 } 756 757 spin_lock_bh(&adapter->mwifiex_cmd_lock); 758 /* Check if any command is pending */ 759 spin_lock_bh(&adapter->cmd_pending_q_lock); 760 if (list_empty(&adapter->cmd_pending_q)) { 761 spin_unlock_bh(&adapter->cmd_pending_q_lock); 762 spin_unlock_bh(&adapter->mwifiex_cmd_lock); 763 return 0; 764 } 765 cmd_node = list_first_entry(&adapter->cmd_pending_q, 766 struct cmd_ctrl_node, list); 767 768 host_cmd = (struct host_cmd_ds_command *) (cmd_node->cmd_skb->data); 769 priv = cmd_node->priv; 770 771 if (adapter->ps_state != PS_STATE_AWAKE) { 772 mwifiex_dbg(adapter, ERROR, 773 "%s: cannot send cmd in sleep state,\t" 774 "this should not happen\n", __func__); 775 spin_unlock_bh(&adapter->cmd_pending_q_lock); 776 spin_unlock_bh(&adapter->mwifiex_cmd_lock); 777 return ret; 778 } 779 780 list_del(&cmd_node->list); 781 spin_unlock_bh(&adapter->cmd_pending_q_lock); 782 783 spin_unlock_bh(&adapter->mwifiex_cmd_lock); 784 ret = mwifiex_dnld_cmd_to_fw(priv, cmd_node); 785 priv = mwifiex_get_priv(adapter, MWIFIEX_BSS_ROLE_ANY); 786 /* Any command sent to the firmware when host is in sleep 787 * mode should de-configure host sleep. We should skip the 788 * host sleep configuration command itself though 789 */ 790 if (priv && (host_cmd->command != 791 cpu_to_le16(HostCmd_CMD_802_11_HS_CFG_ENH))) { 792 if (adapter->hs_activated) { 793 clear_bit(MWIFIEX_IS_HS_CONFIGURED, 794 &adapter->work_flags); 795 mwifiex_hs_activated_event(priv, false); 796 } 797 } 798 799 return ret; 800} 801 802/* 803 * This function handles the command response. 804 * 805 * After processing, the function cleans the command node and puts 806 * it back to the command free queue. 807 */ 808int mwifiex_process_cmdresp(struct mwifiex_adapter *adapter) 809{ 810 struct host_cmd_ds_command *resp; 811 struct mwifiex_private *priv = 812 mwifiex_get_priv(adapter, MWIFIEX_BSS_ROLE_ANY); 813 int ret = 0; 814 uint16_t orig_cmdresp_no; 815 uint16_t cmdresp_no; 816 uint16_t cmdresp_result; 817 818 if (!adapter->curr_cmd || !adapter->curr_cmd->resp_skb) { 819 resp = (struct host_cmd_ds_command *) adapter->upld_buf; 820 mwifiex_dbg(adapter, ERROR, 821 "CMD_RESP: NULL curr_cmd, %#x\n", 822 le16_to_cpu(resp->command)); 823 return -1; 824 } 825 826 resp = (struct host_cmd_ds_command *)adapter->curr_cmd->resp_skb->data; 827 orig_cmdresp_no = le16_to_cpu(resp->command); 828 cmdresp_no = (orig_cmdresp_no & HostCmd_CMD_ID_MASK); 829 830 if (adapter->curr_cmd->cmd_no != cmdresp_no) { 831 mwifiex_dbg(adapter, ERROR, 832 "cmdresp error: cmd=0x%x cmd_resp=0x%x\n", 833 adapter->curr_cmd->cmd_no, cmdresp_no); 834 return -1; 835 } 836 /* Now we got response from FW, cancel the command timer */ 837 del_timer_sync(&adapter->cmd_timer); 838 clear_bit(MWIFIEX_IS_CMD_TIMEDOUT, &adapter->work_flags); 839 840 if (adapter->curr_cmd->cmd_flag & CMD_F_HOSTCMD) { 841 /* Copy original response back to response buffer */ 842 struct mwifiex_ds_misc_cmd *hostcmd; 843 uint16_t size = le16_to_cpu(resp->size); 844 mwifiex_dbg(adapter, INFO, 845 "info: host cmd resp size = %d\n", size); 846 size = min_t(u16, size, MWIFIEX_SIZE_OF_CMD_BUFFER); 847 if (adapter->curr_cmd->data_buf) { 848 hostcmd = adapter->curr_cmd->data_buf; 849 hostcmd->len = size; 850 memcpy(hostcmd->cmd, resp, size); 851 } 852 } 853 854 /* Get BSS number and corresponding priv */ 855 priv = mwifiex_get_priv_by_id(adapter, 856 HostCmd_GET_BSS_NO(le16_to_cpu(resp->seq_num)), 857 HostCmd_GET_BSS_TYPE(le16_to_cpu(resp->seq_num))); 858 if (!priv) 859 priv = mwifiex_get_priv(adapter, MWIFIEX_BSS_ROLE_ANY); 860 /* Clear RET_BIT from HostCmd */ 861 resp->command = cpu_to_le16(orig_cmdresp_no & HostCmd_CMD_ID_MASK); 862 863 cmdresp_no = le16_to_cpu(resp->command); 864 cmdresp_result = le16_to_cpu(resp->result); 865 866 /* Save the last command response to debug log */ 867 adapter->dbg.last_cmd_resp_index = 868 (adapter->dbg.last_cmd_resp_index + 1) % DBG_CMD_NUM; 869 adapter->dbg.last_cmd_resp_id[adapter->dbg.last_cmd_resp_index] = 870 orig_cmdresp_no; 871 872 mwifiex_dbg(adapter, CMD, 873 "cmd: CMD_RESP: 0x%x, result %d, len %d, seqno 0x%x\n", 874 orig_cmdresp_no, cmdresp_result, 875 le16_to_cpu(resp->size), le16_to_cpu(resp->seq_num)); 876 mwifiex_dbg_dump(adapter, CMD_D, "CMD_RESP buffer:", resp, 877 le16_to_cpu(resp->size)); 878 879 if (!(orig_cmdresp_no & HostCmd_RET_BIT)) { 880 mwifiex_dbg(adapter, ERROR, "CMD_RESP: invalid cmd resp\n"); 881 if (adapter->curr_cmd->wait_q_enabled) 882 adapter->cmd_wait_q.status = -1; 883 884 mwifiex_recycle_cmd_node(adapter, adapter->curr_cmd); 885 spin_lock_bh(&adapter->mwifiex_cmd_lock); 886 adapter->curr_cmd = NULL; 887 spin_unlock_bh(&adapter->mwifiex_cmd_lock); 888 return -1; 889 } 890 891 if (adapter->curr_cmd->cmd_flag & CMD_F_HOSTCMD) { 892 adapter->curr_cmd->cmd_flag &= ~CMD_F_HOSTCMD; 893 if ((cmdresp_result == HostCmd_RESULT_OK) && 894 (cmdresp_no == HostCmd_CMD_802_11_HS_CFG_ENH)) 895 ret = mwifiex_ret_802_11_hs_cfg(priv, resp); 896 } else { 897 /* handle response */ 898 ret = mwifiex_process_sta_cmdresp(priv, cmdresp_no, resp); 899 } 900 901 /* Check init command response */ 902 if (adapter->hw_status == MWIFIEX_HW_STATUS_INITIALIZING) { 903 if (ret) { 904 mwifiex_dbg(adapter, ERROR, 905 "%s: cmd %#x failed during\t" 906 "initialization\n", __func__, cmdresp_no); 907 mwifiex_init_fw_complete(adapter); 908 return -1; 909 } else if (adapter->last_init_cmd == cmdresp_no) 910 adapter->hw_status = MWIFIEX_HW_STATUS_INIT_DONE; 911 } 912 913 if (adapter->curr_cmd) { 914 if (adapter->curr_cmd->wait_q_enabled) 915 adapter->cmd_wait_q.status = ret; 916 917 mwifiex_recycle_cmd_node(adapter, adapter->curr_cmd); 918 919 spin_lock_bh(&adapter->mwifiex_cmd_lock); 920 adapter->curr_cmd = NULL; 921 spin_unlock_bh(&adapter->mwifiex_cmd_lock); 922 } 923 924 return ret; 925} 926 927/* 928 * This function handles the timeout of command sending. 929 * 930 * It will re-send the same command again. 931 */ 932void 933mwifiex_cmd_timeout_func(struct timer_list *t) 934{ 935 struct mwifiex_adapter *adapter = from_timer(adapter, t, cmd_timer); 936 struct cmd_ctrl_node *cmd_node; 937 938 set_bit(MWIFIEX_IS_CMD_TIMEDOUT, &adapter->work_flags); 939 if (!adapter->curr_cmd) { 940 mwifiex_dbg(adapter, ERROR, 941 "cmd: empty curr_cmd\n"); 942 return; 943 } 944 cmd_node = adapter->curr_cmd; 945 if (cmd_node) { 946 adapter->dbg.timeout_cmd_id = 947 adapter->dbg.last_cmd_id[adapter->dbg.last_cmd_index]; 948 adapter->dbg.timeout_cmd_act = 949 adapter->dbg.last_cmd_act[adapter->dbg.last_cmd_index]; 950 mwifiex_dbg(adapter, MSG, 951 "%s: Timeout cmd id = %#x, act = %#x\n", __func__, 952 adapter->dbg.timeout_cmd_id, 953 adapter->dbg.timeout_cmd_act); 954 955 mwifiex_dbg(adapter, MSG, 956 "num_data_h2c_failure = %d\n", 957 adapter->dbg.num_tx_host_to_card_failure); 958 mwifiex_dbg(adapter, MSG, 959 "num_cmd_h2c_failure = %d\n", 960 adapter->dbg.num_cmd_host_to_card_failure); 961 962 mwifiex_dbg(adapter, MSG, 963 "is_cmd_timedout = %d\n", 964 test_bit(MWIFIEX_IS_CMD_TIMEDOUT, 965 &adapter->work_flags)); 966 mwifiex_dbg(adapter, MSG, 967 "num_tx_timeout = %d\n", 968 adapter->dbg.num_tx_timeout); 969 970 mwifiex_dbg(adapter, MSG, 971 "last_cmd_index = %d\n", 972 adapter->dbg.last_cmd_index); 973 mwifiex_dbg(adapter, MSG, 974 "last_cmd_id: %*ph\n", 975 (int)sizeof(adapter->dbg.last_cmd_id), 976 adapter->dbg.last_cmd_id); 977 mwifiex_dbg(adapter, MSG, 978 "last_cmd_act: %*ph\n", 979 (int)sizeof(adapter->dbg.last_cmd_act), 980 adapter->dbg.last_cmd_act); 981 982 mwifiex_dbg(adapter, MSG, 983 "last_cmd_resp_index = %d\n", 984 adapter->dbg.last_cmd_resp_index); 985 mwifiex_dbg(adapter, MSG, 986 "last_cmd_resp_id: %*ph\n", 987 (int)sizeof(adapter->dbg.last_cmd_resp_id), 988 adapter->dbg.last_cmd_resp_id); 989 990 mwifiex_dbg(adapter, MSG, 991 "last_event_index = %d\n", 992 adapter->dbg.last_event_index); 993 mwifiex_dbg(adapter, MSG, 994 "last_event: %*ph\n", 995 (int)sizeof(adapter->dbg.last_event), 996 adapter->dbg.last_event); 997 998 mwifiex_dbg(adapter, MSG, 999 "data_sent=%d cmd_sent=%d\n", 1000 adapter->data_sent, adapter->cmd_sent); 1001 1002 mwifiex_dbg(adapter, MSG, 1003 "ps_mode=%d ps_state=%d\n", 1004 adapter->ps_mode, adapter->ps_state); 1005 1006 if (cmd_node->wait_q_enabled) { 1007 adapter->cmd_wait_q.status = -ETIMEDOUT; 1008 mwifiex_cancel_pending_ioctl(adapter); 1009 } 1010 } 1011 if (adapter->hw_status == MWIFIEX_HW_STATUS_INITIALIZING) { 1012 mwifiex_init_fw_complete(adapter); 1013 return; 1014 } 1015 1016 if (adapter->if_ops.device_dump) 1017 adapter->if_ops.device_dump(adapter); 1018 1019 if (adapter->if_ops.card_reset) 1020 adapter->if_ops.card_reset(adapter); 1021} 1022 1023void 1024mwifiex_cancel_pending_scan_cmd(struct mwifiex_adapter *adapter) 1025{ 1026 struct cmd_ctrl_node *cmd_node = NULL, *tmp_node; 1027 1028 /* Cancel all pending scan command */ 1029 spin_lock_bh(&adapter->scan_pending_q_lock); 1030 list_for_each_entry_safe(cmd_node, tmp_node, 1031 &adapter->scan_pending_q, list) { 1032 list_del(&cmd_node->list); 1033 cmd_node->wait_q_enabled = false; 1034 mwifiex_insert_cmd_to_free_q(adapter, cmd_node); 1035 } 1036 spin_unlock_bh(&adapter->scan_pending_q_lock); 1037} 1038 1039/* 1040 * This function cancels all the pending commands. 1041 * 1042 * The current command, all commands in command pending queue and all scan 1043 * commands in scan pending queue are cancelled. All the completion callbacks 1044 * are called with failure status to ensure cleanup. 1045 */ 1046void 1047mwifiex_cancel_all_pending_cmd(struct mwifiex_adapter *adapter) 1048{ 1049 struct cmd_ctrl_node *cmd_node = NULL, *tmp_node; 1050 1051 spin_lock_bh(&adapter->mwifiex_cmd_lock); 1052 /* Cancel current cmd */ 1053 if ((adapter->curr_cmd) && (adapter->curr_cmd->wait_q_enabled)) { 1054 adapter->cmd_wait_q.status = -1; 1055 mwifiex_complete_cmd(adapter, adapter->curr_cmd); 1056 adapter->curr_cmd->wait_q_enabled = false; 1057 /* no recycle probably wait for response */ 1058 } 1059 /* Cancel all pending command */ 1060 spin_lock_bh(&adapter->cmd_pending_q_lock); 1061 list_for_each_entry_safe(cmd_node, tmp_node, 1062 &adapter->cmd_pending_q, list) { 1063 list_del(&cmd_node->list); 1064 1065 if (cmd_node->wait_q_enabled) 1066 adapter->cmd_wait_q.status = -1; 1067 mwifiex_recycle_cmd_node(adapter, cmd_node); 1068 } 1069 spin_unlock_bh(&adapter->cmd_pending_q_lock); 1070 spin_unlock_bh(&adapter->mwifiex_cmd_lock); 1071 1072 mwifiex_cancel_scan(adapter); 1073} 1074 1075/* 1076 * This function cancels all pending commands that matches with 1077 * the given IOCTL request. 1078 * 1079 * Both the current command buffer and the pending command queue are 1080 * searched for matching IOCTL request. The completion callback of 1081 * the matched command is called with failure status to ensure cleanup. 1082 * In case of scan commands, all pending commands in scan pending queue 1083 * are cancelled. 1084 */ 1085static void 1086mwifiex_cancel_pending_ioctl(struct mwifiex_adapter *adapter) 1087{ 1088 struct cmd_ctrl_node *cmd_node = NULL; 1089 1090 if ((adapter->curr_cmd) && 1091 (adapter->curr_cmd->wait_q_enabled)) { 1092 spin_lock_bh(&adapter->mwifiex_cmd_lock); 1093 cmd_node = adapter->curr_cmd; 1094 /* setting curr_cmd to NULL is quite dangerous, because 1095 * mwifiex_process_cmdresp checks curr_cmd to be != NULL 1096 * at the beginning then relies on it and dereferences 1097 * it at will 1098 * this probably works since mwifiex_cmd_timeout_func 1099 * is the only caller of this function and responses 1100 * at that point 1101 */ 1102 adapter->curr_cmd = NULL; 1103 spin_unlock_bh(&adapter->mwifiex_cmd_lock); 1104 1105 mwifiex_recycle_cmd_node(adapter, cmd_node); 1106 } 1107 1108 mwifiex_cancel_scan(adapter); 1109} 1110 1111/* 1112 * This function sends the sleep confirm command to firmware, if 1113 * possible. 1114 * 1115 * The sleep confirm command cannot be issued if command response, 1116 * data response or event response is awaiting handling, or if we 1117 * are in the middle of sending a command, or expecting a command 1118 * response. 1119 */ 1120void 1121mwifiex_check_ps_cond(struct mwifiex_adapter *adapter) 1122{ 1123 if (!adapter->cmd_sent && !atomic_read(&adapter->tx_hw_pending) && 1124 !adapter->curr_cmd && !IS_CARD_RX_RCVD(adapter)) 1125 mwifiex_dnld_sleep_confirm_cmd(adapter); 1126 else 1127 mwifiex_dbg(adapter, CMD, 1128 "cmd: Delay Sleep Confirm (%s%s%s%s)\n", 1129 (adapter->cmd_sent) ? "D" : "", 1130 atomic_read(&adapter->tx_hw_pending) ? "T" : "", 1131 (adapter->curr_cmd) ? "C" : "", 1132 (IS_CARD_RX_RCVD(adapter)) ? "R" : ""); 1133} 1134 1135/* 1136 * This function sends a Host Sleep activated event to applications. 1137 * 1138 * This event is generated by the driver, with a blank event body. 1139 */ 1140void 1141mwifiex_hs_activated_event(struct mwifiex_private *priv, u8 activated) 1142{ 1143 if (activated) { 1144 if (test_bit(MWIFIEX_IS_HS_CONFIGURED, 1145 &priv->adapter->work_flags)) { 1146 priv->adapter->hs_activated = true; 1147 mwifiex_update_rxreor_flags(priv->adapter, 1148 RXREOR_FORCE_NO_DROP); 1149 mwifiex_dbg(priv->adapter, EVENT, 1150 "event: hs_activated\n"); 1151 priv->adapter->hs_activate_wait_q_woken = true; 1152 wake_up_interruptible( 1153 &priv->adapter->hs_activate_wait_q); 1154 } else { 1155 mwifiex_dbg(priv->adapter, EVENT, 1156 "event: HS not configured\n"); 1157 } 1158 } else { 1159 mwifiex_dbg(priv->adapter, EVENT, 1160 "event: hs_deactivated\n"); 1161 priv->adapter->hs_activated = false; 1162 } 1163} 1164 1165/* 1166 * This function handles the command response of a Host Sleep configuration 1167 * command. 1168 * 1169 * Handling includes changing the header fields into CPU format 1170 * and setting the current host sleep activation status in driver. 1171 * 1172 * In case host sleep status change, the function generates an event to 1173 * notify the applications. 1174 */ 1175int mwifiex_ret_802_11_hs_cfg(struct mwifiex_private *priv, 1176 struct host_cmd_ds_command *resp) 1177{ 1178 struct mwifiex_adapter *adapter = priv->adapter; 1179 struct host_cmd_ds_802_11_hs_cfg_enh *phs_cfg = 1180 &resp->params.opt_hs_cfg; 1181 uint32_t conditions = le32_to_cpu(phs_cfg->params.hs_config.conditions); 1182 1183 if (phs_cfg->action == cpu_to_le16(HS_ACTIVATE) && 1184 adapter->iface_type != MWIFIEX_USB) { 1185 mwifiex_hs_activated_event(priv, true); 1186 return 0; 1187 } else { 1188 mwifiex_dbg(adapter, CMD, 1189 "cmd: CMD_RESP: HS_CFG cmd reply\t" 1190 " result=%#x, conditions=0x%x gpio=0x%x gap=0x%x\n", 1191 resp->result, conditions, 1192 phs_cfg->params.hs_config.gpio, 1193 phs_cfg->params.hs_config.gap); 1194 } 1195 if (conditions != HS_CFG_CANCEL) { 1196 set_bit(MWIFIEX_IS_HS_CONFIGURED, &adapter->work_flags); 1197 if (adapter->iface_type == MWIFIEX_USB) 1198 mwifiex_hs_activated_event(priv, true); 1199 } else { 1200 clear_bit(MWIFIEX_IS_HS_CONFIGURED, &adapter->work_flags); 1201 if (adapter->hs_activated) 1202 mwifiex_hs_activated_event(priv, false); 1203 } 1204 1205 return 0; 1206} 1207 1208/* 1209 * This function wakes up the adapter and generates a Host Sleep 1210 * cancel event on receiving the power up interrupt. 1211 */ 1212void 1213mwifiex_process_hs_config(struct mwifiex_adapter *adapter) 1214{ 1215 mwifiex_dbg(adapter, INFO, 1216 "info: %s: auto cancelling host sleep\t" 1217 "since there is interrupt from the firmware\n", 1218 __func__); 1219 1220 adapter->if_ops.wakeup(adapter); 1221 1222 if (adapter->hs_activated_manually) { 1223 mwifiex_cancel_hs(mwifiex_get_priv (adapter, MWIFIEX_BSS_ROLE_ANY), 1224 MWIFIEX_ASYNC_CMD); 1225 adapter->hs_activated_manually = false; 1226 } 1227 1228 adapter->hs_activated = false; 1229 clear_bit(MWIFIEX_IS_HS_CONFIGURED, &adapter->work_flags); 1230 clear_bit(MWIFIEX_IS_SUSPENDED, &adapter->work_flags); 1231 mwifiex_hs_activated_event(mwifiex_get_priv(adapter, 1232 MWIFIEX_BSS_ROLE_ANY), 1233 false); 1234} 1235EXPORT_SYMBOL_GPL(mwifiex_process_hs_config); 1236 1237/* 1238 * This function handles the command response of a sleep confirm command. 1239 * 1240 * The function sets the card state to SLEEP if the response indicates success. 1241 */ 1242void 1243mwifiex_process_sleep_confirm_resp(struct mwifiex_adapter *adapter, 1244 u8 *pbuf, u32 upld_len) 1245{ 1246 struct host_cmd_ds_command *cmd = (struct host_cmd_ds_command *) pbuf; 1247 uint16_t result = le16_to_cpu(cmd->result); 1248 uint16_t command = le16_to_cpu(cmd->command); 1249 uint16_t seq_num = le16_to_cpu(cmd->seq_num); 1250 1251 if (!upld_len) { 1252 mwifiex_dbg(adapter, ERROR, 1253 "%s: cmd size is 0\n", __func__); 1254 return; 1255 } 1256 1257 mwifiex_dbg(adapter, CMD, 1258 "cmd: CMD_RESP: 0x%x, result %d, len %d, seqno 0x%x\n", 1259 command, result, le16_to_cpu(cmd->size), seq_num); 1260 1261 /* Update sequence number */ 1262 seq_num = HostCmd_GET_SEQ_NO(seq_num); 1263 /* Clear RET_BIT from HostCmd */ 1264 command &= HostCmd_CMD_ID_MASK; 1265 1266 if (command != HostCmd_CMD_802_11_PS_MODE_ENH) { 1267 mwifiex_dbg(adapter, ERROR, 1268 "%s: rcvd unexpected resp for cmd %#x, result = %x\n", 1269 __func__, command, result); 1270 return; 1271 } 1272 1273 if (result) { 1274 mwifiex_dbg(adapter, ERROR, 1275 "%s: sleep confirm cmd failed\n", 1276 __func__); 1277 adapter->pm_wakeup_card_req = false; 1278 adapter->ps_state = PS_STATE_AWAKE; 1279 return; 1280 } 1281 adapter->pm_wakeup_card_req = true; 1282 if (test_bit(MWIFIEX_IS_HS_CONFIGURED, &adapter->work_flags)) 1283 mwifiex_hs_activated_event(mwifiex_get_priv 1284 (adapter, MWIFIEX_BSS_ROLE_ANY), 1285 true); 1286 adapter->ps_state = PS_STATE_SLEEP; 1287 cmd->command = cpu_to_le16(command); 1288 cmd->seq_num = cpu_to_le16(seq_num); 1289} 1290EXPORT_SYMBOL_GPL(mwifiex_process_sleep_confirm_resp); 1291 1292/* 1293 * This function prepares an enhanced power mode command. 1294 * 1295 * This function can be used to disable power save or to configure 1296 * power save with auto PS or STA PS or auto deep sleep. 1297 * 1298 * Preparation includes - 1299 * - Setting command ID, action and proper size 1300 * - Setting Power Save bitmap, PS parameters TLV, PS mode TLV, 1301 * auto deep sleep TLV (as required) 1302 * - Ensuring correct endian-ness 1303 */ 1304int mwifiex_cmd_enh_power_mode(struct mwifiex_private *priv, 1305 struct host_cmd_ds_command *cmd, 1306 u16 cmd_action, uint16_t ps_bitmap, 1307 struct mwifiex_ds_auto_ds *auto_ds) 1308{ 1309 struct host_cmd_ds_802_11_ps_mode_enh *psmode_enh = 1310 &cmd->params.psmode_enh; 1311 u8 *tlv; 1312 u16 cmd_size = 0; 1313 1314 cmd->command = cpu_to_le16(HostCmd_CMD_802_11_PS_MODE_ENH); 1315 if (cmd_action == DIS_AUTO_PS) { 1316 psmode_enh->action = cpu_to_le16(DIS_AUTO_PS); 1317 psmode_enh->params.ps_bitmap = cpu_to_le16(ps_bitmap); 1318 cmd->size = cpu_to_le16(S_DS_GEN + sizeof(psmode_enh->action) + 1319 sizeof(psmode_enh->params.ps_bitmap)); 1320 } else if (cmd_action == GET_PS) { 1321 psmode_enh->action = cpu_to_le16(GET_PS); 1322 psmode_enh->params.ps_bitmap = cpu_to_le16(ps_bitmap); 1323 cmd->size = cpu_to_le16(S_DS_GEN + sizeof(psmode_enh->action) + 1324 sizeof(psmode_enh->params.ps_bitmap)); 1325 } else if (cmd_action == EN_AUTO_PS) { 1326 psmode_enh->action = cpu_to_le16(EN_AUTO_PS); 1327 psmode_enh->params.ps_bitmap = cpu_to_le16(ps_bitmap); 1328 cmd_size = S_DS_GEN + sizeof(psmode_enh->action) + 1329 sizeof(psmode_enh->params.ps_bitmap); 1330 tlv = (u8 *) cmd + cmd_size; 1331 if (ps_bitmap & BITMAP_STA_PS) { 1332 struct mwifiex_adapter *adapter = priv->adapter; 1333 struct mwifiex_ie_types_ps_param *ps_tlv = 1334 (struct mwifiex_ie_types_ps_param *) tlv; 1335 struct mwifiex_ps_param *ps_mode = &ps_tlv->param; 1336 ps_tlv->header.type = cpu_to_le16(TLV_TYPE_PS_PARAM); 1337 ps_tlv->header.len = cpu_to_le16(sizeof(*ps_tlv) - 1338 sizeof(struct mwifiex_ie_types_header)); 1339 cmd_size += sizeof(*ps_tlv); 1340 tlv += sizeof(*ps_tlv); 1341 mwifiex_dbg(priv->adapter, CMD, 1342 "cmd: PS Command: Enter PS\n"); 1343 ps_mode->null_pkt_interval = 1344 cpu_to_le16(adapter->null_pkt_interval); 1345 ps_mode->multiple_dtims = 1346 cpu_to_le16(adapter->multiple_dtim); 1347 ps_mode->bcn_miss_timeout = 1348 cpu_to_le16(adapter->bcn_miss_time_out); 1349 ps_mode->local_listen_interval = 1350 cpu_to_le16(adapter->local_listen_interval); 1351 ps_mode->adhoc_wake_period = 1352 cpu_to_le16(adapter->adhoc_awake_period); 1353 ps_mode->delay_to_ps = 1354 cpu_to_le16(adapter->delay_to_ps); 1355 ps_mode->mode = cpu_to_le16(adapter->enhanced_ps_mode); 1356 1357 } 1358 if (ps_bitmap & BITMAP_AUTO_DS) { 1359 struct mwifiex_ie_types_auto_ds_param *auto_ds_tlv = 1360 (struct mwifiex_ie_types_auto_ds_param *) tlv; 1361 u16 idletime = 0; 1362 1363 auto_ds_tlv->header.type = 1364 cpu_to_le16(TLV_TYPE_AUTO_DS_PARAM); 1365 auto_ds_tlv->header.len = 1366 cpu_to_le16(sizeof(*auto_ds_tlv) - 1367 sizeof(struct mwifiex_ie_types_header)); 1368 cmd_size += sizeof(*auto_ds_tlv); 1369 tlv += sizeof(*auto_ds_tlv); 1370 if (auto_ds) 1371 idletime = auto_ds->idle_time; 1372 mwifiex_dbg(priv->adapter, CMD, 1373 "cmd: PS Command: Enter Auto Deep Sleep\n"); 1374 auto_ds_tlv->deep_sleep_timeout = cpu_to_le16(idletime); 1375 } 1376 cmd->size = cpu_to_le16(cmd_size); 1377 } 1378 return 0; 1379} 1380 1381/* 1382 * This function handles the command response of an enhanced power mode 1383 * command. 1384 * 1385 * Handling includes changing the header fields into CPU format 1386 * and setting the current enhanced power mode in driver. 1387 */ 1388int mwifiex_ret_enh_power_mode(struct mwifiex_private *priv, 1389 struct host_cmd_ds_command *resp, 1390 struct mwifiex_ds_pm_cfg *pm_cfg) 1391{ 1392 struct mwifiex_adapter *adapter = priv->adapter; 1393 struct host_cmd_ds_802_11_ps_mode_enh *ps_mode = 1394 &resp->params.psmode_enh; 1395 uint16_t action = le16_to_cpu(ps_mode->action); 1396 uint16_t ps_bitmap = le16_to_cpu(ps_mode->params.ps_bitmap); 1397 uint16_t auto_ps_bitmap = 1398 le16_to_cpu(ps_mode->params.ps_bitmap); 1399 1400 mwifiex_dbg(adapter, INFO, 1401 "info: %s: PS_MODE cmd reply result=%#x action=%#X\n", 1402 __func__, resp->result, action); 1403 if (action == EN_AUTO_PS) { 1404 if (auto_ps_bitmap & BITMAP_AUTO_DS) { 1405 mwifiex_dbg(adapter, CMD, 1406 "cmd: Enabled auto deep sleep\n"); 1407 priv->adapter->is_deep_sleep = true; 1408 } 1409 if (auto_ps_bitmap & BITMAP_STA_PS) { 1410 mwifiex_dbg(adapter, CMD, 1411 "cmd: Enabled STA power save\n"); 1412 if (adapter->sleep_period.period) 1413 mwifiex_dbg(adapter, CMD, 1414 "cmd: set to uapsd/pps mode\n"); 1415 } 1416 } else if (action == DIS_AUTO_PS) { 1417 if (ps_bitmap & BITMAP_AUTO_DS) { 1418 priv->adapter->is_deep_sleep = false; 1419 mwifiex_dbg(adapter, CMD, 1420 "cmd: Disabled auto deep sleep\n"); 1421 } 1422 if (ps_bitmap & BITMAP_STA_PS) { 1423 mwifiex_dbg(adapter, CMD, 1424 "cmd: Disabled STA power save\n"); 1425 if (adapter->sleep_period.period) { 1426 adapter->delay_null_pkt = false; 1427 adapter->tx_lock_flag = false; 1428 adapter->pps_uapsd_mode = false; 1429 } 1430 } 1431 } else if (action == GET_PS) { 1432 if (ps_bitmap & BITMAP_STA_PS) 1433 adapter->ps_mode = MWIFIEX_802_11_POWER_MODE_PSP; 1434 else 1435 adapter->ps_mode = MWIFIEX_802_11_POWER_MODE_CAM; 1436 1437 mwifiex_dbg(adapter, CMD, 1438 "cmd: ps_bitmap=%#x\n", ps_bitmap); 1439 1440 if (pm_cfg) { 1441 /* This section is for get power save mode */ 1442 if (ps_bitmap & BITMAP_STA_PS) 1443 pm_cfg->param.ps_mode = 1; 1444 else 1445 pm_cfg->param.ps_mode = 0; 1446 } 1447 } 1448 return 0; 1449} 1450 1451/* 1452 * This function prepares command to get hardware specifications. 1453 * 1454 * Preparation includes - 1455 * - Setting command ID, action and proper size 1456 * - Setting permanent address parameter 1457 * - Ensuring correct endian-ness 1458 */ 1459int mwifiex_cmd_get_hw_spec(struct mwifiex_private *priv, 1460 struct host_cmd_ds_command *cmd) 1461{ 1462 struct host_cmd_ds_get_hw_spec *hw_spec = &cmd->params.hw_spec; 1463 1464 cmd->command = cpu_to_le16(HostCmd_CMD_GET_HW_SPEC); 1465 cmd->size = 1466 cpu_to_le16(sizeof(struct host_cmd_ds_get_hw_spec) + S_DS_GEN); 1467 memcpy(hw_spec->permanent_addr, priv->curr_addr, ETH_ALEN); 1468 1469 return 0; 1470} 1471 1472/* 1473 * This function handles the command response of get hardware 1474 * specifications. 1475 * 1476 * Handling includes changing the header fields into CPU format 1477 * and saving/updating the following parameters in driver - 1478 * - Firmware capability information 1479 * - Firmware band settings 1480 * - Ad-hoc start band and channel 1481 * - Ad-hoc 11n activation status 1482 * - Firmware release number 1483 * - Number of antennas 1484 * - Hardware address 1485 * - Hardware interface version 1486 * - Firmware version 1487 * - Region code 1488 * - 11n capabilities 1489 * - MCS support fields 1490 * - MP end port 1491 */ 1492int mwifiex_ret_get_hw_spec(struct mwifiex_private *priv, 1493 struct host_cmd_ds_command *resp) 1494{ 1495 struct host_cmd_ds_get_hw_spec *hw_spec = &resp->params.hw_spec; 1496 struct mwifiex_adapter *adapter = priv->adapter; 1497 struct mwifiex_ie_types_header *tlv; 1498 struct hw_spec_api_rev *api_rev; 1499 struct hw_spec_max_conn *max_conn; 1500 u16 resp_size, api_id; 1501 int i, left_len, parsed_len = 0; 1502 1503 adapter->fw_cap_info = le32_to_cpu(hw_spec->fw_cap_info); 1504 1505 if (IS_SUPPORT_MULTI_BANDS(adapter)) 1506 adapter->fw_bands = (u8) GET_FW_DEFAULT_BANDS(adapter); 1507 else 1508 adapter->fw_bands = BAND_B; 1509 1510 adapter->config_bands = adapter->fw_bands; 1511 1512 if (adapter->fw_bands & BAND_A) { 1513 if (adapter->fw_bands & BAND_GN) { 1514 adapter->config_bands |= BAND_AN; 1515 adapter->fw_bands |= BAND_AN; 1516 } 1517 if (adapter->fw_bands & BAND_AN) { 1518 adapter->adhoc_start_band = BAND_A | BAND_AN; 1519 adapter->adhoc_11n_enabled = true; 1520 } else { 1521 adapter->adhoc_start_band = BAND_A; 1522 } 1523 priv->adhoc_channel = DEFAULT_AD_HOC_CHANNEL_A; 1524 } else if (adapter->fw_bands & BAND_GN) { 1525 adapter->adhoc_start_band = BAND_G | BAND_B | BAND_GN; 1526 priv->adhoc_channel = DEFAULT_AD_HOC_CHANNEL; 1527 adapter->adhoc_11n_enabled = true; 1528 } else if (adapter->fw_bands & BAND_G) { 1529 adapter->adhoc_start_band = BAND_G | BAND_B; 1530 priv->adhoc_channel = DEFAULT_AD_HOC_CHANNEL; 1531 } else if (adapter->fw_bands & BAND_B) { 1532 adapter->adhoc_start_band = BAND_B; 1533 priv->adhoc_channel = DEFAULT_AD_HOC_CHANNEL; 1534 } 1535 1536 adapter->fw_release_number = le32_to_cpu(hw_spec->fw_release_number); 1537 adapter->fw_api_ver = (adapter->fw_release_number >> 16) & 0xff; 1538 adapter->number_of_antenna = 1539 le16_to_cpu(hw_spec->number_of_antenna) & 0xf; 1540 1541 if (le32_to_cpu(hw_spec->dot_11ac_dev_cap)) { 1542 adapter->is_hw_11ac_capable = true; 1543 1544 /* Copy 11AC cap */ 1545 adapter->hw_dot_11ac_dev_cap = 1546 le32_to_cpu(hw_spec->dot_11ac_dev_cap); 1547 adapter->usr_dot_11ac_dev_cap_bg = adapter->hw_dot_11ac_dev_cap 1548 & ~MWIFIEX_DEF_11AC_CAP_BF_RESET_MASK; 1549 adapter->usr_dot_11ac_dev_cap_a = adapter->hw_dot_11ac_dev_cap 1550 & ~MWIFIEX_DEF_11AC_CAP_BF_RESET_MASK; 1551 1552 /* Copy 11AC mcs */ 1553 adapter->hw_dot_11ac_mcs_support = 1554 le32_to_cpu(hw_spec->dot_11ac_mcs_support); 1555 adapter->usr_dot_11ac_mcs_support = 1556 adapter->hw_dot_11ac_mcs_support; 1557 } else { 1558 adapter->is_hw_11ac_capable = false; 1559 } 1560 1561 resp_size = le16_to_cpu(resp->size) - S_DS_GEN; 1562 if (resp_size > sizeof(struct host_cmd_ds_get_hw_spec)) { 1563 /* we have variable HW SPEC information */ 1564 left_len = resp_size - sizeof(struct host_cmd_ds_get_hw_spec); 1565 while (left_len > sizeof(struct mwifiex_ie_types_header)) { 1566 tlv = (void *)&hw_spec->tlvs + parsed_len; 1567 switch (le16_to_cpu(tlv->type)) { 1568 case TLV_TYPE_API_REV: 1569 api_rev = (struct hw_spec_api_rev *)tlv; 1570 api_id = le16_to_cpu(api_rev->api_id); 1571 switch (api_id) { 1572 case KEY_API_VER_ID: 1573 adapter->key_api_major_ver = 1574 api_rev->major_ver; 1575 adapter->key_api_minor_ver = 1576 api_rev->minor_ver; 1577 mwifiex_dbg(adapter, INFO, 1578 "key_api v%d.%d\n", 1579 adapter->key_api_major_ver, 1580 adapter->key_api_minor_ver); 1581 break; 1582 case FW_API_VER_ID: 1583 adapter->fw_api_ver = 1584 api_rev->major_ver; 1585 mwifiex_dbg(adapter, INFO, 1586 "Firmware api version %d.%d\n", 1587 adapter->fw_api_ver, 1588 api_rev->minor_ver); 1589 break; 1590 case UAP_FW_API_VER_ID: 1591 mwifiex_dbg(adapter, INFO, 1592 "uAP api version %d.%d\n", 1593 api_rev->major_ver, 1594 api_rev->minor_ver); 1595 break; 1596 case CHANRPT_API_VER_ID: 1597 mwifiex_dbg(adapter, INFO, 1598 "channel report api version %d.%d\n", 1599 api_rev->major_ver, 1600 api_rev->minor_ver); 1601 break; 1602 case FW_HOTFIX_VER_ID: 1603 mwifiex_dbg(adapter, INFO, 1604 "Firmware hotfix version %d\n", 1605 api_rev->major_ver); 1606 break; 1607 default: 1608 mwifiex_dbg(adapter, FATAL, 1609 "Unknown api_id: %d\n", 1610 api_id); 1611 break; 1612 } 1613 break; 1614 case TLV_TYPE_MAX_CONN: 1615 max_conn = (struct hw_spec_max_conn *)tlv; 1616 adapter->max_p2p_conn = max_conn->max_p2p_conn; 1617 adapter->max_sta_conn = max_conn->max_sta_conn; 1618 mwifiex_dbg(adapter, INFO, 1619 "max p2p connections: %u\n", 1620 adapter->max_p2p_conn); 1621 mwifiex_dbg(adapter, INFO, 1622 "max sta connections: %u\n", 1623 adapter->max_sta_conn); 1624 break; 1625 default: 1626 mwifiex_dbg(adapter, FATAL, 1627 "Unknown GET_HW_SPEC TLV type: %#x\n", 1628 le16_to_cpu(tlv->type)); 1629 break; 1630 } 1631 parsed_len += le16_to_cpu(tlv->len) + 1632 sizeof(struct mwifiex_ie_types_header); 1633 left_len -= le16_to_cpu(tlv->len) + 1634 sizeof(struct mwifiex_ie_types_header); 1635 } 1636 } 1637 1638 mwifiex_dbg(adapter, INFO, 1639 "info: GET_HW_SPEC: fw_release_number- %#x\n", 1640 adapter->fw_release_number); 1641 mwifiex_dbg(adapter, INFO, 1642 "info: GET_HW_SPEC: permanent addr: %pM\n", 1643 hw_spec->permanent_addr); 1644 mwifiex_dbg(adapter, INFO, 1645 "info: GET_HW_SPEC: hw_if_version=%#x version=%#x\n", 1646 le16_to_cpu(hw_spec->hw_if_version), 1647 le16_to_cpu(hw_spec->version)); 1648 1649 ether_addr_copy(priv->adapter->perm_addr, hw_spec->permanent_addr); 1650 adapter->region_code = le16_to_cpu(hw_spec->region_code); 1651 1652 for (i = 0; i < MWIFIEX_MAX_REGION_CODE; i++) 1653 /* Use the region code to search for the index */ 1654 if (adapter->region_code == region_code_index[i]) 1655 break; 1656 1657 /* If it's unidentified region code, use the default (world) */ 1658 if (i >= MWIFIEX_MAX_REGION_CODE) { 1659 adapter->region_code = 0x00; 1660 mwifiex_dbg(adapter, WARN, 1661 "cmd: unknown region code, use default (USA)\n"); 1662 } 1663 1664 adapter->hw_dot_11n_dev_cap = le32_to_cpu(hw_spec->dot_11n_dev_cap); 1665 adapter->hw_dev_mcs_support = hw_spec->dev_mcs_support; 1666 adapter->user_dev_mcs_support = adapter->hw_dev_mcs_support; 1667 1668 if (adapter->if_ops.update_mp_end_port) 1669 adapter->if_ops.update_mp_end_port(adapter, 1670 le16_to_cpu(hw_spec->mp_end_port)); 1671 1672 if (adapter->fw_api_ver == MWIFIEX_FW_V15) 1673 adapter->scan_chan_gap_enabled = true; 1674 1675 return 0; 1676} 1677 1678/* This function handles the command response of hs wakeup reason 1679 * command. 1680 */ 1681int mwifiex_ret_wakeup_reason(struct mwifiex_private *priv, 1682 struct host_cmd_ds_command *resp, 1683 struct host_cmd_ds_wakeup_reason *wakeup_reason) 1684{ 1685 wakeup_reason->wakeup_reason = 1686 resp->params.hs_wakeup_reason.wakeup_reason; 1687 1688 return 0; 1689} 1690