drivers/net/wireless/wl12xx/cmd.c

   1 /*
   2  * This file is part of wl1271
   3  *
   4  * Copyright (C) 2009-2010 Nokia Corporation
   5  *
   6  * Contact: Luciano Coelho <luciano.coelho@nokia.com>
   7  *
   8  * This program is free software; you can redistribute it and/or
   9  * modify it under the terms of the GNU General Public License
  10  * version 2 as published by the Free Software Foundation.
  11  *
  12  * This program is distributed in the hope that it will be useful, but
  13  * WITHOUT ANY WARRANTY; without even the implied warranty of
  14  * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU
  15  * General Public License for more details.
  16  *
  17  * You should have received a copy of the GNU General Public License
  18  * along with this program; if not, write to the Free Software
  19  * Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA
  20  * 02110-1301 USA
  21  *
  22  */
  23
  24 #include <linux/module.h>
  25 #include <linux/platform_device.h>
  26 #include <linux/spi/spi.h>
  27 #include <linux/etherdevice.h>
  28 #include <linux/ieee80211.h>
  29 #include <linux/slab.h>
  30
  31 #include "wl12xx.h"
  32 #include "debug.h"
  33 #include "reg.h"
  34 #include "io.h"
  35 #include "acx.h"
  36 #include "wl12xx_80211.h"
  37 #include "cmd.h"
  38 #include "event.h"
  39 #include "tx.h"
  40
  41 #define WL1271_CMD_FAST_POLL_COUNT       50
  42
  43 /*
  44  * send command to firmware
  45  *
  46  * @wl: wl struct
  47  * @id: command id
  48  * @buf: buffer containing the command, must work with dma
  49  * @len: length of the buffer
  50  */
  51 int wl1271_cmd_send(struct wl1271 *wl, u16 id, void *buf, size_t len,
  52                     size_t res_len)
  53 {
  54         struct wl1271_cmd_header *cmd;
  55         unsigned long timeout;
  56         u32 intr;
  57         int ret = 0;
  58         u16 status;
  59         u16 poll_count = 0;
  60
  61         cmd = buf;
  62         cmd->id = cpu_to_le16(id);
  63         cmd->status = 0;
  64
  65         WARN_ON(len % 4 != 0);
  66         WARN_ON(test_bit(WL1271_FLAG_IN_ELP, &wl->flags));
  67
  68         wl1271_write(wl, wl->cmd_box_addr, buf, len, false);
  69
  70         wl1271_write32(wl, ACX_REG_INTERRUPT_TRIG, INTR_TRIG_CMD);
  71
  72         timeout = jiffies + msecs_to_jiffies(WL1271_COMMAND_TIMEOUT);
  73
  74         intr = wl1271_read32(wl, ACX_REG_INTERRUPT_NO_CLEAR);
  75         while (!(intr & WL1271_ACX_INTR_CMD_COMPLETE)) {
  76                 if (time_after(jiffies, timeout)) {
  77                         wl1271_error("command complete timeout");
  78                         ret = -ETIMEDOUT;
  79                         goto fail;
  80                 }
  81
  82                 poll_count++;
  83                 if (poll_count < WL1271_CMD_FAST_POLL_COUNT)
  84                         udelay(10);
  85                 else
  86                         msleep(1);
  87
  88                 intr = wl1271_read32(wl, ACX_REG_INTERRUPT_NO_CLEAR);
  89         }
  90
  91         /* read back the status code of the command */
  92         if (res_len == 0)
  93                 res_len = sizeof(struct wl1271_cmd_header);
  94         wl1271_read(wl, wl->cmd_box_addr, cmd, res_len, false);
  95
  96         status = le16_to_cpu(cmd->status);
  97         if (status != CMD_STATUS_SUCCESS) {
  98                 wl1271_error("command execute failure %d", status);
  99                 ret = -EIO;
 100                 goto fail;
 101         }
 102
 103         wl1271_write32(wl, ACX_REG_INTERRUPT_ACK,
 104                        WL1271_ACX_INTR_CMD_COMPLETE);
 105         return 0;
 106
 107 fail:
 108         WARN_ON(1);
 109         wl12xx_queue_recovery_work(wl);
 110         return ret;
 111 }
 112
 113 int wl1271_cmd_general_parms(struct wl1271 *wl)
 114 {
 115         struct wl1271_general_parms_cmd *gen_parms;
 116         struct wl1271_ini_general_params *gp =
 117                 &((struct wl1271_nvs_file *)wl->nvs)->general_params;
 118         bool answer = false;
 119         int ret;
 120
 121         if (!wl->nvs)
 122                 return -ENODEV;
 123
 124         if (gp->tx_bip_fem_manufacturer >= WL1271_INI_FEM_MODULE_COUNT) {
 125                 wl1271_warning("FEM index from INI out of bounds");
 126                 return -EINVAL;
 127         }
 128
 129         gen_parms = kzalloc(sizeof(*gen_parms), GFP_KERNEL);
 130         if (!gen_parms)
 131                 return -ENOMEM;
 132
 133         gen_parms->test.id = TEST_CMD_INI_FILE_GENERAL_PARAM;
 134
 135         memcpy(&gen_parms->general_params, gp, sizeof(*gp));
 136
 137         if (gp->tx_bip_fem_auto_detect)
 138                 answer = true;
 139
 140         /* Override the REF CLK from the NVS with the one from platform data */
 141         gen_parms->general_params.ref_clock = wl->ref_clock;
 142
 143         ret = wl1271_cmd_test(wl, gen_parms, sizeof(*gen_parms), answer);
 144         if (ret < 0) {
 145                 wl1271_warning("CMD_INI_FILE_GENERAL_PARAM failed");
 146                 goto out;
 147         }
 148
 149         gp->tx_bip_fem_manufacturer =
 150                 gen_parms->general_params.tx_bip_fem_manufacturer;
 151
 152         if (gp->tx_bip_fem_manufacturer >= WL1271_INI_FEM_MODULE_COUNT) {
 153                 wl1271_warning("FEM index from FW out of bounds");
 154                 ret = -EINVAL;
 155                 goto out;
 156         }
 157
 158         wl1271_debug(DEBUG_CMD, "FEM autodetect: %s, manufacturer: %d\n",
 159                      answer ? "auto" : "manual", gp->tx_bip_fem_manufacturer);
 160
 161 out:
 162         kfree(gen_parms);
 163         return ret;
 164 }
 165
 166 int wl128x_cmd_general_parms(struct wl1271 *wl)
 167 {
 168         struct wl128x_general_parms_cmd *gen_parms;
 169         struct wl128x_ini_general_params *gp =
 170                 &((struct wl128x_nvs_file *)wl->nvs)->general_params;
 171         bool answer = false;
 172         int ret;
 173
 174         if (!wl->nvs)
 175                 return -ENODEV;
 176
 177         if (gp->tx_bip_fem_manufacturer >= WL1271_INI_FEM_MODULE_COUNT) {
 178                 wl1271_warning("FEM index from ini out of bounds");
 179                 return -EINVAL;
 180         }
 181
 182         gen_parms = kzalloc(sizeof(*gen_parms), GFP_KERNEL);
 183         if (!gen_parms)
 184                 return -ENOMEM;
 185
 186         gen_parms->test.id = TEST_CMD_INI_FILE_GENERAL_PARAM;
 187
 188         memcpy(&gen_parms->general_params, gp, sizeof(*gp));
 189
 190         if (gp->tx_bip_fem_auto_detect)
 191                 answer = true;
 192
 193         /* Replace REF and TCXO CLKs with the ones from platform data */
 194         gen_parms->general_params.ref_clock = wl->ref_clock;
 195         gen_parms->general_params.tcxo_ref_clock = wl->tcxo_clock;
 196
 197         ret = wl1271_cmd_test(wl, gen_parms, sizeof(*gen_parms), answer);
 198         if (ret < 0) {
 199                 wl1271_warning("CMD_INI_FILE_GENERAL_PARAM failed");
 200                 goto out;
 201         }
 202
 203         gp->tx_bip_fem_manufacturer =
 204                 gen_parms->general_params.tx_bip_fem_manufacturer;
 205
 206         if (gp->tx_bip_fem_manufacturer >= WL1271_INI_FEM_MODULE_COUNT) {
 207                 wl1271_warning("FEM index from FW out of bounds");
 208                 ret = -EINVAL;
 209                 goto out;
 210         }
 211
 212         wl1271_debug(DEBUG_CMD, "FEM autodetect: %s, manufacturer: %d\n",
 213                      answer ? "auto" : "manual", gp->tx_bip_fem_manufacturer);
 214
 215 out:
 216         kfree(gen_parms);
 217         return ret;
 218 }
 219
 220 int wl1271_cmd_radio_parms(struct wl1271 *wl)
 221 {
 222         struct wl1271_nvs_file *nvs = (struct wl1271_nvs_file *)wl->nvs;
 223         struct wl1271_radio_parms_cmd *radio_parms;
 224         struct wl1271_ini_general_params *gp = &nvs->general_params;
 225         int ret;
 226
 227         if (!wl->nvs)
 228                 return -ENODEV;
 229
 230         radio_parms = kzalloc(sizeof(*radio_parms), GFP_KERNEL);
 231         if (!radio_parms)
 232                 return -ENOMEM;
 233
 234         radio_parms->test.id = TEST_CMD_INI_FILE_RADIO_PARAM;
 235
 236         /* 2.4GHz parameters */
 237         memcpy(&radio_parms->static_params_2, &nvs->stat_radio_params_2,
 238                sizeof(struct wl1271_ini_band_params_2));
 239         memcpy(&radio_parms->dyn_params_2,
 240                &nvs->dyn_radio_params_2[gp->tx_bip_fem_manufacturer].params,
 241                sizeof(struct wl1271_ini_fem_params_2));
 242
 243         /* 5GHz parameters */
 244         memcpy(&radio_parms->static_params_5,
 245                &nvs->stat_radio_params_5,
 246                sizeof(struct wl1271_ini_band_params_5));
 247         memcpy(&radio_parms->dyn_params_5,
 248                &nvs->dyn_radio_params_5[gp->tx_bip_fem_manufacturer].params,
 249                sizeof(struct wl1271_ini_fem_params_5));
 250
 251         wl1271_dump(DEBUG_CMD, "TEST_CMD_INI_FILE_RADIO_PARAM: ",
 252                     radio_parms, sizeof(*radio_parms));
 253
 254         ret = wl1271_cmd_test(wl, radio_parms, sizeof(*radio_parms), 0);
 255         if (ret < 0)
 256                 wl1271_warning("CMD_INI_FILE_RADIO_PARAM failed");
 257
 258         kfree(radio_parms);
 259         return ret;
 260 }
 261
 262 int wl128x_cmd_radio_parms(struct wl1271 *wl)
 263 {
 264         struct wl128x_nvs_file *nvs = (struct wl128x_nvs_file *)wl->nvs;
 265         struct wl128x_radio_parms_cmd *radio_parms;
 266         struct wl128x_ini_general_params *gp = &nvs->general_params;
 267         int ret;
 268
 269         if (!wl->nvs)
 270                 return -ENODEV;
 271
 272         radio_parms = kzalloc(sizeof(*radio_parms), GFP_KERNEL);
 273         if (!radio_parms)
 274                 return -ENOMEM;
 275
 276         radio_parms->test.id = TEST_CMD_INI_FILE_RADIO_PARAM;
 277
 278         /* 2.4GHz parameters */
 279         memcpy(&radio_parms->static_params_2, &nvs->stat_radio_params_2,
 280                sizeof(struct wl128x_ini_band_params_2));
 281         memcpy(&radio_parms->dyn_params_2,
 282                &nvs->dyn_radio_params_2[gp->tx_bip_fem_manufacturer].params,
 283                sizeof(struct wl128x_ini_fem_params_2));
 284
 285         /* 5GHz parameters */
 286         memcpy(&radio_parms->static_params_5,
 287                &nvs->stat_radio_params_5,
 288                sizeof(struct wl128x_ini_band_params_5));
 289         memcpy(&radio_parms->dyn_params_5,
 290                &nvs->dyn_radio_params_5[gp->tx_bip_fem_manufacturer].params,
 291                sizeof(struct wl128x_ini_fem_params_5));
 292
 293         radio_parms->fem_vendor_and_options = nvs->fem_vendor_and_options;
 294
 295         wl1271_dump(DEBUG_CMD, "TEST_CMD_INI_FILE_RADIO_PARAM: ",
 296                     radio_parms, sizeof(*radio_parms));
 297
 298         ret = wl1271_cmd_test(wl, radio_parms, sizeof(*radio_parms), 0);
 299         if (ret < 0)
 300                 wl1271_warning("CMD_INI_FILE_RADIO_PARAM failed");
 301
 302         kfree(radio_parms);
 303         return ret;
 304 }
 305
 306 int wl1271_cmd_ext_radio_parms(struct wl1271 *wl)
 307 {
 308         struct wl1271_ext_radio_parms_cmd *ext_radio_parms;
 309         struct conf_rf_settings *rf = &wl->conf.rf;
 310         int ret;
 311
 312         if (!wl->nvs)
 313                 return -ENODEV;
 314
 315         ext_radio_parms = kzalloc(sizeof(*ext_radio_parms), GFP_KERNEL);
 316         if (!ext_radio_parms)
 317                 return -ENOMEM;
 318
 319         ext_radio_parms->test.id = TEST_CMD_INI_FILE_RF_EXTENDED_PARAM;
 320
 321         memcpy(ext_radio_parms->tx_per_channel_power_compensation_2,
 322                rf->tx_per_channel_power_compensation_2,
 323                CONF_TX_PWR_COMPENSATION_LEN_2);
 324         memcpy(ext_radio_parms->tx_per_channel_power_compensation_5,
 325                rf->tx_per_channel_power_compensation_5,
 326                CONF_TX_PWR_COMPENSATION_LEN_5);
 327
 328         wl1271_dump(DEBUG_CMD, "TEST_CMD_INI_FILE_EXT_RADIO_PARAM: ",
 329                     ext_radio_parms, sizeof(*ext_radio_parms));
 330
 331         ret = wl1271_cmd_test(wl, ext_radio_parms, sizeof(*ext_radio_parms), 0);
 332         if (ret < 0)
 333                 wl1271_warning("TEST_CMD_INI_FILE_RF_EXTENDED_PARAM failed");
 334
 335         kfree(ext_radio_parms);
 336         return ret;
 337 }
 338
 339 /*
 340  * Poll the mailbox event field until any of the bits in the mask is set or a
 341  * timeout occurs (WL1271_EVENT_TIMEOUT in msecs)
 342  */
 343 static int wl1271_cmd_wait_for_event_or_timeout(struct wl1271 *wl, u32 mask)
 344 {
 345         u32 events_vector, event;
 346         unsigned long timeout;
 347
 348         timeout = jiffies + msecs_to_jiffies(WL1271_EVENT_TIMEOUT);
 349
 350         do {
 351                 if (time_after(jiffies, timeout)) {
 352                         wl1271_debug(DEBUG_CMD, "timeout waiting for event %d",
 353                                      (int)mask);
 354                         return -ETIMEDOUT;
 355                 }
 356
 357                 msleep(1);
 358
 359                 /* read from both event fields */
 360                 wl1271_read(wl, wl->mbox_ptr[0], &events_vector,
 361                             sizeof(events_vector), false);
 362                 event = events_vector & mask;
 363                 wl1271_read(wl, wl->mbox_ptr[1], &events_vector,
 364                             sizeof(events_vector), false);
 365                 event |= events_vector & mask;
 366         } while (!event);
 367
 368         return 0;
 369 }
 370
 371 static int wl1271_cmd_wait_for_event(struct wl1271 *wl, u32 mask)
 372 {
 373         int ret;
 374
 375         ret = wl1271_cmd_wait_for_event_or_timeout(wl, mask);
 376         if (ret != 0) {
 377                 wl12xx_queue_recovery_work(wl);
 378                 return ret;
 379         }
 380
 381         return 0;
 382 }
 383
 384 int wl12xx_cmd_role_enable(struct wl1271 *wl, u8 *addr, u8 role_type,
 385                            u8 *role_id)
 386 {
 387         struct wl12xx_cmd_role_enable *cmd;
 388         int ret;
 389
 390         wl1271_debug(DEBUG_CMD, "cmd role enable");
 391
 392         if (WARN_ON(*role_id != WL12XX_INVALID_ROLE_ID))
 393                 return -EBUSY;
 394
 395         cmd = kzalloc(sizeof(*cmd), GFP_KERNEL);
 396         if (!cmd) {
 397                 ret = -ENOMEM;
 398                 goto out;
 399         }
 400
 401         /* get role id */
 402         cmd->role_id = find_first_zero_bit(wl->roles_map, WL12XX_MAX_ROLES);
 403         if (cmd->role_id >= WL12XX_MAX_ROLES) {
 404                 ret = -EBUSY;
 405                 goto out_free;
 406         }
 407
 408         memcpy(cmd->mac_address, addr, ETH_ALEN);
 409         cmd->role_type = role_type;
 410
 411         ret = wl1271_cmd_send(wl, CMD_ROLE_ENABLE, cmd, sizeof(*cmd), 0);
 412         if (ret < 0) {
 413                 wl1271_error("failed to initiate cmd role enable");
 414                 goto out_free;
 415         }
 416
 417         __set_bit(cmd->role_id, wl->roles_map);
 418         *role_id = cmd->role_id;
 419
 420 out_free:
 421         kfree(cmd);
 422
 423 out:
 424         return ret;
 425 }
 426
 427 int wl12xx_cmd_role_disable(struct wl1271 *wl, u8 *role_id)
 428 {
 429         struct wl12xx_cmd_role_disable *cmd;
 430         int ret;
 431
 432         wl1271_debug(DEBUG_CMD, "cmd role disable");
 433
 434         if (WARN_ON(*role_id == WL12XX_INVALID_ROLE_ID))
 435                 return -ENOENT;
 436
 437         cmd = kzalloc(sizeof(*cmd), GFP_KERNEL);
 438         if (!cmd) {
 439                 ret = -ENOMEM;
 440                 goto out;
 441         }
 442         cmd->role_id = *role_id;
 443
 444         ret = wl1271_cmd_send(wl, CMD_ROLE_DISABLE, cmd, sizeof(*cmd), 0);
 445         if (ret < 0) {
 446                 wl1271_error("failed to initiate cmd role disable");
 447                 goto out_free;
 448         }
 449
 450         __clear_bit(*role_id, wl->roles_map);
 451         *role_id = WL12XX_INVALID_ROLE_ID;
 452
 453 out_free:
 454         kfree(cmd);
 455
 456 out:
 457         return ret;
 458 }
 459
 460 int wl12xx_allocate_link(struct wl1271 *wl, struct wl12xx_vif *wlvif, u8 *hlid)
 461 {
 462         u8 link = find_first_zero_bit(wl->links_map, WL12XX_MAX_LINKS);
 463         if (link >= WL12XX_MAX_LINKS)
 464                 return -EBUSY;
 465
 466         __set_bit(link, wl->links_map);
 467         __set_bit(link, wlvif->links_map);
 468         *hlid = link;
 469         return 0;
 470 }
 471
 472 void wl12xx_free_link(struct wl1271 *wl, struct wl12xx_vif *wlvif, u8 *hlid)
 473 {
 474         if (*hlid == WL12XX_INVALID_LINK_ID)
 475                 return;
 476
 477         __clear_bit(*hlid, wl->links_map);
 478         __clear_bit(*hlid, wlvif->links_map);
 479         *hlid = WL12XX_INVALID_LINK_ID;
 480 }
 481
 482 static int wl12xx_get_new_session_id(struct wl1271 *wl,
 483                                      struct wl12xx_vif *wlvif)
 484 {
 485         if (wlvif->session_counter >= SESSION_COUNTER_MAX)
 486                 wlvif->session_counter = 0;
 487
 488         wlvif->session_counter++;
 489
 490         return wlvif->session_counter;
 491 }
 492
 493 static int wl12xx_cmd_role_start_dev(struct wl1271 *wl,
 494                                      struct wl12xx_vif *wlvif)
 495 {
 496         struct wl12xx_cmd_role_start *cmd;
 497         int ret;
 498
 499         cmd = kzalloc(sizeof(*cmd), GFP_KERNEL);
 500         if (!cmd) {
 501                 ret = -ENOMEM;
 502                 goto out;
 503         }
 504
 505         wl1271_debug(DEBUG_CMD, "cmd role start dev %d", wlvif->dev_role_id);
 506
 507         cmd->role_id = wlvif->dev_role_id;
 508         if (wlvif->band == IEEE80211_BAND_5GHZ)
 509                 cmd->band = WL12XX_BAND_5GHZ;
 510         cmd->channel = wlvif->channel;
 511
 512         if (wlvif->dev_hlid == WL12XX_INVALID_LINK_ID) {
 513                 ret = wl12xx_allocate_link(wl, wlvif, &wlvif->dev_hlid);
 514                 if (ret)
 515                         goto out_free;
 516         }
 517         cmd->device.hlid = wlvif->dev_hlid;
 518         cmd->device.session = wlvif->session_counter;
 519
 520         wl1271_debug(DEBUG_CMD, "role start: roleid=%d, hlid=%d, session=%d",
 521                      cmd->role_id, cmd->device.hlid, cmd->device.session);
 522
 523         ret = wl1271_cmd_send(wl, CMD_ROLE_START, cmd, sizeof(*cmd), 0);
 524         if (ret < 0) {
 525                 wl1271_error("failed to initiate cmd role enable");
 526                 goto err_hlid;
 527         }
 528
 529         goto out_free;
 530
 531 err_hlid:
 532         /* clear links on error */
 533         wl12xx_free_link(wl, wlvif, &wlvif->dev_hlid);
 534
 535 out_free:
 536         kfree(cmd);
 537
 538 out:
 539         return ret;
 540 }
 541
 542 static int wl12xx_cmd_role_stop_dev(struct wl1271 *wl,
 543                                     struct wl12xx_vif *wlvif)
 544 {
 545         struct wl12xx_cmd_role_stop *cmd;
 546         int ret;
 547
 548         if (WARN_ON(wlvif->dev_hlid == WL12XX_INVALID_LINK_ID))
 549                 return -EINVAL;
 550
 551         cmd = kzalloc(sizeof(*cmd), GFP_KERNEL);
 552         if (!cmd) {
 553                 ret = -ENOMEM;
 554                 goto out;
 555         }
 556
 557         wl1271_debug(DEBUG_CMD, "cmd role stop dev");
 558
 559         cmd->role_id = wlvif->dev_role_id;
 560         cmd->disc_type = DISCONNECT_IMMEDIATE;
 561         cmd->reason = cpu_to_le16(WLAN_REASON_UNSPECIFIED);
 562
 563         ret = wl1271_cmd_send(wl, CMD_ROLE_STOP, cmd, sizeof(*cmd), 0);
 564         if (ret < 0) {
 565                 wl1271_error("failed to initiate cmd role stop");
 566                 goto out_free;
 567         }
 568
 569         ret = wl1271_cmd_wait_for_event(wl, DISCONNECT_EVENT_COMPLETE_ID);
 570         if (ret < 0) {
 571                 wl1271_error("cmd role stop dev event completion error");
 572                 goto out_free;
 573         }
 574
 575         wl12xx_free_link(wl, wlvif, &wlvif->dev_hlid);
 576
 577 out_free:
 578         kfree(cmd);
 579
 580 out:
 581         return ret;
 582 }
 583
 584 int wl12xx_cmd_role_start_sta(struct wl1271 *wl, struct wl12xx_vif *wlvif)
 585 {
 586         struct ieee80211_vif *vif = wl12xx_wlvif_to_vif(wlvif);
 587         struct wl12xx_cmd_role_start *cmd;
 588         int ret;
 589
 590         cmd = kzalloc(sizeof(*cmd), GFP_KERNEL);
 591         if (!cmd) {
 592                 ret = -ENOMEM;
 593                 goto out;
 594         }
 595
 596         wl1271_debug(DEBUG_CMD, "cmd role start sta %d", wlvif->role_id);
 597
 598         cmd->role_id = wlvif->role_id;
 599         if (wlvif->band == IEEE80211_BAND_5GHZ)
 600                 cmd->band = WL12XX_BAND_5GHZ;
 601         cmd->channel = wlvif->channel;
 602         cmd->sta.basic_rate_set = cpu_to_le32(wlvif->basic_rate_set);
 603         cmd->sta.beacon_interval = cpu_to_le16(wlvif->beacon_int);
 604         cmd->sta.ssid_type = WL12XX_SSID_TYPE_ANY;
 605         cmd->sta.ssid_len = wlvif->ssid_len;
 606         memcpy(cmd->sta.ssid, wlvif->ssid, wlvif->ssid_len);
 607         memcpy(cmd->sta.bssid, vif->bss_conf.bssid, ETH_ALEN);
 608         cmd->sta.local_rates = cpu_to_le32(wlvif->rate_set);
 609
 610         if (wlvif->sta.hlid == WL12XX_INVALID_LINK_ID) {
 611                 ret = wl12xx_allocate_link(wl, wlvif, &wlvif->sta.hlid);
 612                 if (ret)
 613                         goto out_free;
 614         }
 615         cmd->sta.hlid = wlvif->sta.hlid;
 616         cmd->sta.session = wl12xx_get_new_session_id(wl, wlvif);
 617         cmd->sta.remote_rates = cpu_to_le32(wlvif->rate_set);
 618
 619         wl1271_debug(DEBUG_CMD, "role start: roleid=%d, hlid=%d, session=%d "
 620                      "basic_rate_set: 0x%x, remote_rates: 0x%x",
 621                      wlvif->role_id, cmd->sta.hlid, cmd->sta.session,
 622                      wlvif->basic_rate_set, wlvif->rate_set);
 623
 624         ret = wl1271_cmd_send(wl, CMD_ROLE_START, cmd, sizeof(*cmd), 0);
 625         if (ret < 0) {
 626                 wl1271_error("failed to initiate cmd role start sta");
 627                 goto err_hlid;
 628         }
 629
 630         goto out_free;
 631
 632 err_hlid:
 633         /* clear links on error. */
 634         wl12xx_free_link(wl, wlvif, &wlvif->sta.hlid);
 635
 636 out_free:
 637         kfree(cmd);
 638
 639 out:
 640         return ret;
 641 }
 642
 643 /* use this function to stop ibss as well */
 644 int wl12xx_cmd_role_stop_sta(struct wl1271 *wl, struct wl12xx_vif *wlvif)
 645 {
 646         struct wl12xx_cmd_role_stop *cmd;
 647         int ret;
 648
 649         if (WARN_ON(wlvif->sta.hlid == WL12XX_INVALID_LINK_ID))
 650                 return -EINVAL;
 651
 652         cmd = kzalloc(sizeof(*cmd), GFP_KERNEL);
 653         if (!cmd) {
 654                 ret = -ENOMEM;
 655                 goto out;
 656         }
 657
 658         wl1271_debug(DEBUG_CMD, "cmd role stop sta %d", wlvif->role_id);
 659
 660         cmd->role_id = wlvif->role_id;
 661         cmd->disc_type = DISCONNECT_IMMEDIATE;
 662         cmd->reason = cpu_to_le16(WLAN_REASON_UNSPECIFIED);
 663
 664         ret = wl1271_cmd_send(wl, CMD_ROLE_STOP, cmd, sizeof(*cmd), 0);
 665         if (ret < 0) {
 666                 wl1271_error("failed to initiate cmd role stop sta");
 667                 goto out_free;
 668         }
 669
 670         wl12xx_free_link(wl, wlvif, &wlvif->sta.hlid);
 671
 672 out_free:
 673         kfree(cmd);
 674
 675 out:
 676         return ret;
 677 }
 678
 679 int wl12xx_cmd_role_start_ap(struct wl1271 *wl, struct wl12xx_vif *wlvif)
 680 {
 681         struct wl12xx_cmd_role_start *cmd;
 682         struct ieee80211_vif *vif = wl12xx_wlvif_to_vif(wlvif);
 683         struct ieee80211_bss_conf *bss_conf = &vif->bss_conf;
 684         int ret;
 685
 686         wl1271_debug(DEBUG_CMD, "cmd role start ap %d", wlvif->role_id);
 687
 688         /* trying to use hidden SSID with an old hostapd version */
 689         if (wlvif->ssid_len == 0 && !bss_conf->hidden_ssid) {
 690                 wl1271_error("got a null SSID from beacon/bss");
 691                 ret = -EINVAL;
 692                 goto out;
 693         }
 694
 695         cmd = kzalloc(sizeof(*cmd), GFP_KERNEL);
 696         if (!cmd) {
 697                 ret = -ENOMEM;
 698                 goto out;
 699         }
 700
 701         ret = wl12xx_allocate_link(wl, wlvif, &wlvif->ap.global_hlid);
 702         if (ret < 0)
 703                 goto out_free;
 704
 705         ret = wl12xx_allocate_link(wl, wlvif, &wlvif->ap.bcast_hlid);
 706         if (ret < 0)
 707                 goto out_free_global;
 708
 709         cmd->role_id = wlvif->role_id;
 710         cmd->ap.aging_period = cpu_to_le16(wl->conf.tx.ap_aging_period);
 711         cmd->ap.bss_index = WL1271_AP_BSS_INDEX;
 712         cmd->ap.global_hlid = wlvif->ap.global_hlid;
 713         cmd->ap.broadcast_hlid = wlvif->ap.bcast_hlid;
 714         cmd->ap.basic_rate_set = cpu_to_le32(wlvif->basic_rate_set);
 715         cmd->ap.beacon_interval = cpu_to_le16(wlvif->beacon_int);
 716         cmd->ap.dtim_interval = bss_conf->dtim_period;
 717         cmd->ap.beacon_expiry = WL1271_AP_DEF_BEACON_EXP;
 718         cmd->channel = wlvif->channel;
 719
 720         if (!bss_conf->hidden_ssid) {
 721                 /* take the SSID from the beacon for backward compatibility */
 722                 cmd->ap.ssid_type = WL12XX_SSID_TYPE_PUBLIC;
 723                 cmd->ap.ssid_len = wlvif->ssid_len;
 724                 memcpy(cmd->ap.ssid, wlvif->ssid, wlvif->ssid_len);
 725         } else {
 726                 cmd->ap.ssid_type = WL12XX_SSID_TYPE_HIDDEN;
 727                 cmd->ap.ssid_len = bss_conf->ssid_len;
 728                 memcpy(cmd->ap.ssid, bss_conf->ssid, bss_conf->ssid_len);
 729         }
 730
 731         cmd->ap.local_rates = cpu_to_le32(0xffffffff);
 732
 733         switch (wlvif->band) {
 734         case IEEE80211_BAND_2GHZ:
 735                 cmd->band = RADIO_BAND_2_4GHZ;
 736                 break;
 737         case IEEE80211_BAND_5GHZ:
 738                 cmd->band = RADIO_BAND_5GHZ;
 739                 break;
 740         default:
 741                 wl1271_warning("ap start - unknown band: %d", (int)wlvif->band);
 742                 cmd->band = RADIO_BAND_2_4GHZ;
 743                 break;
 744         }
 745
 746         ret = wl1271_cmd_send(wl, CMD_ROLE_START, cmd, sizeof(*cmd), 0);
 747         if (ret < 0) {
 748                 wl1271_error("failed to initiate cmd role start ap");
 749                 goto out_free_bcast;
 750         }
 751
 752         goto out_free;
 753
 754 out_free_bcast:
 755         wl12xx_free_link(wl, wlvif, &wlvif->ap.bcast_hlid);
 756
 757 out_free_global:
 758         wl12xx_free_link(wl, wlvif, &wlvif->ap.global_hlid);
 759
 760 out_free:
 761         kfree(cmd);
 762
 763 out:
 764         return ret;
 765 }
 766
 767 int wl12xx_cmd_role_stop_ap(struct wl1271 *wl, struct wl12xx_vif *wlvif)
 768 {
 769         struct wl12xx_cmd_role_stop *cmd;
 770         int ret;
 771
 772         cmd = kzalloc(sizeof(*cmd), GFP_KERNEL);
 773         if (!cmd) {
 774                 ret = -ENOMEM;
 775                 goto out;
 776         }
 777
 778         wl1271_debug(DEBUG_CMD, "cmd role stop ap %d", wlvif->role_id);
 779
 780         cmd->role_id = wlvif->role_id;
 781
 782         ret = wl1271_cmd_send(wl, CMD_ROLE_STOP, cmd, sizeof(*cmd), 0);
 783         if (ret < 0) {
 784                 wl1271_error("failed to initiate cmd role stop ap");
 785                 goto out_free;
 786         }
 787
 788         wl12xx_free_link(wl, wlvif, &wlvif->ap.bcast_hlid);
 789         wl12xx_free_link(wl, wlvif, &wlvif->ap.global_hlid);
 790
 791 out_free:
 792         kfree(cmd);
 793
 794 out:
 795         return ret;
 796 }
 797
 798 int wl12xx_cmd_role_start_ibss(struct wl1271 *wl, struct wl12xx_vif *wlvif)
 799 {
 800         struct ieee80211_vif *vif = wl12xx_wlvif_to_vif(wlvif);
 801         struct wl12xx_cmd_role_start *cmd;
 802         struct ieee80211_bss_conf *bss_conf = &vif->bss_conf;
 803         int ret;
 804
 805         cmd = kzalloc(sizeof(*cmd), GFP_KERNEL);
 806         if (!cmd) {
 807                 ret = -ENOMEM;
 808                 goto out;
 809         }
 810
 811         wl1271_debug(DEBUG_CMD, "cmd role start ibss %d", wlvif->role_id);
 812
 813         cmd->role_id = wlvif->role_id;
 814         if (wlvif->band == IEEE80211_BAND_5GHZ)
 815                 cmd->band = WL12XX_BAND_5GHZ;
 816         cmd->channel = wlvif->channel;
 817         cmd->ibss.basic_rate_set = cpu_to_le32(wlvif->basic_rate_set);
 818         cmd->ibss.beacon_interval = cpu_to_le16(wlvif->beacon_int);
 819         cmd->ibss.dtim_interval = bss_conf->dtim_period;
 820         cmd->ibss.ssid_type = WL12XX_SSID_TYPE_ANY;
 821         cmd->ibss.ssid_len = wlvif->ssid_len;
 822         memcpy(cmd->ibss.ssid, wlvif->ssid, wlvif->ssid_len);
 823         memcpy(cmd->ibss.bssid, vif->bss_conf.bssid, ETH_ALEN);
 824         cmd->sta.local_rates = cpu_to_le32(wlvif->rate_set);
 825
 826         if (wlvif->sta.hlid == WL12XX_INVALID_LINK_ID) {
 827                 ret = wl12xx_allocate_link(wl, wlvif, &wlvif->sta.hlid);
 828                 if (ret)
 829                         goto out_free;
 830         }
 831         cmd->ibss.hlid = wlvif->sta.hlid;
 832         cmd->ibss.remote_rates = cpu_to_le32(wlvif->rate_set);
 833
 834         wl1271_debug(DEBUG_CMD, "role start: roleid=%d, hlid=%d, session=%d "
 835                      "basic_rate_set: 0x%x, remote_rates: 0x%x",
 836                      wlvif->role_id, cmd->sta.hlid, cmd->sta.session,
 837                      wlvif->basic_rate_set, wlvif->rate_set);
 838
 839         wl1271_debug(DEBUG_CMD, "vif->bss_conf.bssid = %pM",
 840                      vif->bss_conf.bssid);
 841
 842         ret = wl1271_cmd_send(wl, CMD_ROLE_START, cmd, sizeof(*cmd), 0);
 843         if (ret < 0) {
 844                 wl1271_error("failed to initiate cmd role enable");
 845                 goto err_hlid;
 846         }
 847
 848         goto out_free;
 849
 850 err_hlid:
 851         /* clear links on error. */
 852         wl12xx_free_link(wl, wlvif, &wlvif->sta.hlid);
 853
 854 out_free:
 855         kfree(cmd);
 856
 857 out:
 858         return ret;
 859 }
 860
 861
 862 /**
 863  * send test command to firmware
 864  *
 865  * @wl: wl struct
 866  * @buf: buffer containing the command, with all headers, must work with dma
 867  * @len: length of the buffer
 868  * @answer: is answer needed
 869  */
 870 int wl1271_cmd_test(struct wl1271 *wl, void *buf, size_t buf_len, u8 answer)
 871 {
 872         int ret;
 873         size_t res_len = 0;
 874
 875         wl1271_debug(DEBUG_CMD, "cmd test");
 876
 877         if (answer)
 878                 res_len = buf_len;
 879
 880         ret = wl1271_cmd_send(wl, CMD_TEST, buf, buf_len, res_len);
 881
 882         if (ret < 0) {
 883                 wl1271_warning("TEST command failed");
 884                 return ret;
 885         }
 886
 887         return ret;
 888 }
 889
 890 /**
 891  * read acx from firmware
 892  *
 893  * @wl: wl struct
 894  * @id: acx id
 895  * @buf: buffer for the response, including all headers, must work with dma
 896  * @len: length of buf
 897  */
 898 int wl1271_cmd_interrogate(struct wl1271 *wl, u16 id, void *buf, size_t len)
 899 {
 900         struct acx_header *acx = buf;
 901         int ret;
 902
 903         wl1271_debug(DEBUG_CMD, "cmd interrogate");
 904
 905         acx->id = cpu_to_le16(id);
 906
 907         /* payload length, does not include any headers */
 908         acx->len = cpu_to_le16(len - sizeof(*acx));
 909
 910         ret = wl1271_cmd_send(wl, CMD_INTERROGATE, acx, sizeof(*acx), len);
 911         if (ret < 0)
 912                 wl1271_error("INTERROGATE command failed");
 913
 914         return ret;
 915 }
 916
 917 /**
 918  * write acx value to firmware
 919  *
 920  * @wl: wl struct
 921  * @id: acx id
 922  * @buf: buffer containing acx, including all headers, must work with dma
 923  * @len: length of buf
 924  */
 925 int wl1271_cmd_configure(struct wl1271 *wl, u16 id, void *buf, size_t len)
 926 {
 927         struct acx_header *acx = buf;
 928         int ret;
 929
 930         wl1271_debug(DEBUG_CMD, "cmd configure (%d)", id);
 931
 932         acx->id = cpu_to_le16(id);
 933
 934         /* payload length, does not include any headers */
 935         acx->len = cpu_to_le16(len - sizeof(*acx));
 936
 937         ret = wl1271_cmd_send(wl, CMD_CONFIGURE, acx, len, 0);
 938         if (ret < 0) {
 939                 wl1271_warning("CONFIGURE command NOK");
 940                 return ret;
 941         }
 942
 943         return 0;
 944 }
 945
 946 int wl1271_cmd_data_path(struct wl1271 *wl, bool enable)
 947 {
 948         struct cmd_enabledisable_path *cmd;
 949         int ret;
 950         u16 cmd_rx, cmd_tx;
 951
 952         wl1271_debug(DEBUG_CMD, "cmd data path");
 953
 954         cmd = kzalloc(sizeof(*cmd), GFP_KERNEL);
 955         if (!cmd) {
 956                 ret = -ENOMEM;
 957                 goto out;
 958         }
 959
 960         /* the channel here is only used for calibration, so hardcoded to 1 */
 961         cmd->channel = 1;
 962
 963         if (enable) {
 964                 cmd_rx = CMD_ENABLE_RX;
 965                 cmd_tx = CMD_ENABLE_TX;
 966         } else {
 967                 cmd_rx = CMD_DISABLE_RX;
 968                 cmd_tx = CMD_DISABLE_TX;
 969         }
 970
 971         ret = wl1271_cmd_send(wl, cmd_rx, cmd, sizeof(*cmd), 0);
 972         if (ret < 0) {
 973                 wl1271_error("rx %s cmd for channel %d failed",
 974                              enable ? "start" : "stop", cmd->channel);
 975                 goto out;
 976         }
 977
 978         wl1271_debug(DEBUG_BOOT, "rx %s cmd channel %d",
 979                      enable ? "start" : "stop", cmd->channel);
 980
 981         ret = wl1271_cmd_send(wl, cmd_tx, cmd, sizeof(*cmd), 0);
 982         if (ret < 0) {
 983                 wl1271_error("tx %s cmd for channel %d failed",
 984                              enable ? "start" : "stop", cmd->channel);
 985                 goto out;
 986         }
 987
 988         wl1271_debug(DEBUG_BOOT, "tx %s cmd channel %d",
 989                      enable ? "start" : "stop", cmd->channel);
 990
 991 out:
 992         kfree(cmd);
 993         return ret;
 994 }
 995
 996 int wl1271_cmd_ps_mode(struct wl1271 *wl, struct wl12xx_vif *wlvif,
 997                        u8 ps_mode)
 998 {
 999         struct wl1271_cmd_ps_params *ps_params = NULL;
1000         int ret = 0;
1001
1002         wl1271_debug(DEBUG_CMD, "cmd set ps mode");
1003
1004         ps_params = kzalloc(sizeof(*ps_params), GFP_KERNEL);
1005         if (!ps_params) {
1006                 ret = -ENOMEM;
1007                 goto out;
1008         }
1009
1010         ps_params->role_id = wlvif->role_id;
1011         ps_params->ps_mode = ps_mode;
1012
1013         ret = wl1271_cmd_send(wl, CMD_SET_PS_MODE, ps_params,
1014                               sizeof(*ps_params), 0);
1015         if (ret < 0) {
1016                 wl1271_error("cmd set_ps_mode failed");
1017                 goto out;
1018         }
1019
1020 out:
1021         kfree(ps_params);
1022         return ret;
1023 }
1024
1025 int wl1271_cmd_template_set(struct wl1271 *wl, u16 template_id,
1026                             void *buf, size_t buf_len, int index, u32 rates)
1027 {
1028         struct wl1271_cmd_template_set *cmd;
1029         int ret = 0;
1030
1031         wl1271_debug(DEBUG_CMD, "cmd template_set %d", template_id);
1032
1033         WARN_ON(buf_len > WL1271_CMD_TEMPL_MAX_SIZE);
1034         buf_len = min_t(size_t, buf_len, WL1271_CMD_TEMPL_MAX_SIZE);
1035
1036         cmd = kzalloc(sizeof(*cmd), GFP_KERNEL);
1037         if (!cmd) {
1038                 ret = -ENOMEM;
1039                 goto out;
1040         }
1041
1042         cmd->len = cpu_to_le16(buf_len);
1043         cmd->template_type = template_id;
1044         cmd->enabled_rates = cpu_to_le32(rates);
1045         cmd->short_retry_limit = wl->conf.tx.tmpl_short_retry_limit;
1046         cmd->long_retry_limit = wl->conf.tx.tmpl_long_retry_limit;
1047         cmd->index = index;
1048
1049         if (buf)
1050                 memcpy(cmd->template_data, buf, buf_len);
1051
1052         ret = wl1271_cmd_send(wl, CMD_SET_TEMPLATE, cmd, sizeof(*cmd), 0);
1053         if (ret < 0) {
1054                 wl1271_warning("cmd set_template failed: %d", ret);
1055                 goto out_free;
1056         }
1057
1058 out_free:
1059         kfree(cmd);
1060
1061 out:
1062         return ret;
1063 }
1064
1065 int wl12xx_cmd_build_null_data(struct wl1271 *wl, struct wl12xx_vif *wlvif)
1066 {
1067         struct sk_buff *skb = NULL;
1068         int size;
1069         void *ptr;
1070         int ret = -ENOMEM;
1071
1072
1073         if (wlvif->bss_type == BSS_TYPE_IBSS) {
1074                 size = sizeof(struct wl12xx_null_data_template);
1075                 ptr = NULL;
1076         } else {
1077                 skb = ieee80211_nullfunc_get(wl->hw,
1078                                              wl12xx_wlvif_to_vif(wlvif));
1079                 if (!skb)
1080                         goto out;
1081                 size = skb->len;
1082                 ptr = skb->data;
1083         }
1084
1085         ret = wl1271_cmd_template_set(wl, CMD_TEMPL_NULL_DATA, ptr, size, 0,
1086                                       wlvif->basic_rate);
1087
1088 out:
1089         dev_kfree_skb(skb);
1090         if (ret)
1091                 wl1271_warning("cmd buld null data failed %d", ret);
1092
1093         return ret;
1094
1095 }
1096
1097 int wl12xx_cmd_build_klv_null_data(struct wl1271 *wl,
1098                                    struct wl12xx_vif *wlvif)
1099 {
1100         struct ieee80211_vif *vif = wl12xx_wlvif_to_vif(wlvif);
1101         struct sk_buff *skb = NULL;
1102         int ret = -ENOMEM;
1103
1104         skb = ieee80211_nullfunc_get(wl->hw, vif);
1105         if (!skb)
1106                 goto out;
1107
1108         ret = wl1271_cmd_template_set(wl, CMD_TEMPL_KLV,
1109                                       skb->data, skb->len,
1110                                       CMD_TEMPL_KLV_IDX_NULL_DATA,
1111                                       wlvif->basic_rate);
1112
1113 out:
1114         dev_kfree_skb(skb);
1115         if (ret)
1116                 wl1271_warning("cmd build klv null data failed %d", ret);
1117
1118         return ret;
1119
1120 }
1121
1122 int wl1271_cmd_build_ps_poll(struct wl1271 *wl, struct wl12xx_vif *wlvif,
1123                              u16 aid)
1124 {
1125         struct ieee80211_vif *vif = wl12xx_wlvif_to_vif(wlvif);
1126         struct sk_buff *skb;
1127         int ret = 0;
1128
1129         skb = ieee80211_pspoll_get(wl->hw, vif);
1130         if (!skb)
1131                 goto out;
1132
1133         ret = wl1271_cmd_template_set(wl, CMD_TEMPL_PS_POLL, skb->data,
1134                                       skb->len, 0, wlvif->basic_rate_set);
1135
1136 out:
1137         dev_kfree_skb(skb);
1138         return ret;
1139 }
1140
1141 int wl1271_cmd_build_probe_req(struct wl1271 *wl, struct wl12xx_vif *wlvif,
1142                                const u8 *ssid, size_t ssid_len,
1143                                const u8 *ie, size_t ie_len, u8 band)
1144 {
1145         struct ieee80211_vif *vif = wl12xx_wlvif_to_vif(wlvif);
1146         struct sk_buff *skb;
1147         int ret;
1148         u32 rate;
1149
1150         skb = ieee80211_probereq_get(wl->hw, vif, ssid, ssid_len,
1151                                      ie, ie_len);
1152         if (!skb) {
1153                 ret = -ENOMEM;
1154                 goto out;
1155         }
1156
1157         wl1271_dump(DEBUG_SCAN, "PROBE REQ: ", skb->data, skb->len);
1158
1159         rate = wl1271_tx_min_rate_get(wl, wlvif->bitrate_masks[band]);
1160         if (band == IEEE80211_BAND_2GHZ)
1161                 ret = wl1271_cmd_template_set(wl, CMD_TEMPL_CFG_PROBE_REQ_2_4,
1162                                               skb->data, skb->len, 0, rate);
1163         else
1164                 ret = wl1271_cmd_template_set(wl, CMD_TEMPL_CFG_PROBE_REQ_5,
1165                                               skb->data, skb->len, 0, rate);
1166
1167 out:
1168         dev_kfree_skb(skb);
1169         return ret;
1170 }
1171
1172 struct sk_buff *wl1271_cmd_build_ap_probe_req(struct wl1271 *wl,
1173                                               struct wl12xx_vif *wlvif,
1174                                               struct sk_buff *skb)
1175 {
1176         struct ieee80211_vif *vif = wl12xx_wlvif_to_vif(wlvif);
1177         int ret;
1178         u32 rate;
1179
1180         if (!skb)
1181                 skb = ieee80211_ap_probereq_get(wl->hw, vif);
1182         if (!skb)
1183                 goto out;
1184
1185         wl1271_dump(DEBUG_SCAN, "AP PROBE REQ: ", skb->data, skb->len);
1186
1187         rate = wl1271_tx_min_rate_get(wl, wlvif->bitrate_masks[wlvif->band]);
1188         if (wlvif->band == IEEE80211_BAND_2GHZ)
1189                 ret = wl1271_cmd_template_set(wl, CMD_TEMPL_CFG_PROBE_REQ_2_4,
1190                                               skb->data, skb->len, 0, rate);
1191         else
1192                 ret = wl1271_cmd_template_set(wl, CMD_TEMPL_CFG_PROBE_REQ_5,
1193                                               skb->data, skb->len, 0, rate);
1194
1195         if (ret < 0)
1196                 wl1271_error("Unable to set ap probe request template.");
1197
1198 out:
1199         return skb;
1200 }
1201
1202 int wl1271_cmd_build_arp_rsp(struct wl1271 *wl, struct wl12xx_vif *wlvif,
1203                              __be32 ip_addr)
1204 {
1205         int ret;
1206         struct ieee80211_vif *vif = wl12xx_wlvif_to_vif(wlvif);
1207         struct wl12xx_arp_rsp_template tmpl;
1208         struct ieee80211_hdr_3addr *hdr;
1209         struct arphdr *arp_hdr;
1210
1211         memset(&tmpl, 0, sizeof(tmpl));
1212
1213         /* mac80211 header */
1214         hdr = &tmpl.hdr;
1215         hdr->frame_control = cpu_to_le16(IEEE80211_FTYPE_DATA |
1216                                          IEEE80211_STYPE_DATA |
1217                                          IEEE80211_FCTL_TODS);
1218         memcpy(hdr->addr1, vif->bss_conf.bssid, ETH_ALEN);
1219         memcpy(hdr->addr2, vif->addr, ETH_ALEN);
1220         memset(hdr->addr3, 0xff, ETH_ALEN);
1221
1222         /* llc layer */
1223         memcpy(tmpl.llc_hdr, rfc1042_header, sizeof(rfc1042_header));
1224         tmpl.llc_type = cpu_to_be16(ETH_P_ARP);
1225
1226         /* arp header */
1227         arp_hdr = &tmpl.arp_hdr;
1228         arp_hdr->ar_hrd = cpu_to_be16(ARPHRD_ETHER);
1229         arp_hdr->ar_pro = cpu_to_be16(ETH_P_IP);
1230         arp_hdr->ar_hln = ETH_ALEN;
1231         arp_hdr->ar_pln = 4;
1232         arp_hdr->ar_op = cpu_to_be16(ARPOP_REPLY);
1233
1234         /* arp payload */
1235         memcpy(tmpl.sender_hw, vif->addr, ETH_ALEN);
1236         tmpl.sender_ip = ip_addr;
1237
1238         ret = wl1271_cmd_template_set(wl, CMD_TEMPL_ARP_RSP,
1239                                       &tmpl, sizeof(tmpl), 0,
1240                                       wlvif->basic_rate);
1241
1242         return ret;
1243 }
1244
1245 int wl1271_build_qos_null_data(struct wl1271 *wl, struct ieee80211_vif *vif)
1246 {
1247         struct wl12xx_vif *wlvif = wl12xx_vif_to_data(vif);
1248         struct ieee80211_qos_hdr template;
1249
1250         memset(&template, 0, sizeof(template));
1251
1252         memcpy(template.addr1, vif->bss_conf.bssid, ETH_ALEN);
1253         memcpy(template.addr2, vif->addr, ETH_ALEN);
1254         memcpy(template.addr3, vif->bss_conf.bssid, ETH_ALEN);
1255
1256         template.frame_control = cpu_to_le16(IEEE80211_FTYPE_DATA |
1257                                              IEEE80211_STYPE_QOS_NULLFUNC |
1258                                              IEEE80211_FCTL_TODS);
1259
1260         /* FIXME: not sure what priority to use here */
1261         template.qos_ctrl = cpu_to_le16(0);
1262
1263         return wl1271_cmd_template_set(wl, CMD_TEMPL_QOS_NULL_DATA, &template,
1264                                        sizeof(template), 0,
1265                                        wlvif->basic_rate);
1266 }
1267
1268 int wl12xx_cmd_set_default_wep_key(struct wl1271 *wl, u8 id, u8 hlid)
1269 {
1270         struct wl1271_cmd_set_keys *cmd;
1271         int ret = 0;
1272
1273         wl1271_debug(DEBUG_CMD, "cmd set_default_wep_key %d", id);
1274
1275         cmd = kzalloc(sizeof(*cmd), GFP_KERNEL);
1276         if (!cmd) {
1277                 ret = -ENOMEM;
1278                 goto out;
1279         }
1280
1281         cmd->hlid = hlid;
1282         cmd->key_id = id;
1283         cmd->lid_key_type = WEP_DEFAULT_LID_TYPE;
1284         cmd->key_action = cpu_to_le16(KEY_SET_ID);
1285         cmd->key_type = KEY_WEP;
1286
1287         ret = wl1271_cmd_send(wl, CMD_SET_KEYS, cmd, sizeof(*cmd), 0);
1288         if (ret < 0) {
1289                 wl1271_warning("cmd set_default_wep_key failed: %d", ret);
1290                 goto out;
1291         }
1292
1293 out:
1294         kfree(cmd);
1295
1296         return ret;
1297 }
1298
1299 int wl1271_cmd_set_sta_key(struct wl1271 *wl, struct wl12xx_vif *wlvif,
1300                        u16 action, u8 id, u8 key_type,
1301                        u8 key_size, const u8 *key, const u8 *addr,
1302                        u32 tx_seq_32, u16 tx_seq_16)
1303 {
1304         struct wl1271_cmd_set_keys *cmd;
1305         int ret = 0;
1306
1307         /* hlid might have already been deleted */
1308         if (wlvif->sta.hlid == WL12XX_INVALID_LINK_ID)
1309                 return 0;
1310
1311         cmd = kzalloc(sizeof(*cmd), GFP_KERNEL);
1312         if (!cmd) {
1313                 ret = -ENOMEM;
1314                 goto out;
1315         }
1316
1317         cmd->hlid = wlvif->sta.hlid;
1318
1319         if (key_type == KEY_WEP)
1320                 cmd->lid_key_type = WEP_DEFAULT_LID_TYPE;
1321         else if (is_broadcast_ether_addr(addr))
1322                 cmd->lid_key_type = BROADCAST_LID_TYPE;
1323         else
1324                 cmd->lid_key_type = UNICAST_LID_TYPE;
1325
1326         cmd->key_action = cpu_to_le16(action);
1327         cmd->key_size = key_size;
1328         cmd->key_type = key_type;
1329
1330         cmd->ac_seq_num16[0] = cpu_to_le16(tx_seq_16);
1331         cmd->ac_seq_num32[0] = cpu_to_le32(tx_seq_32);
1332
1333         cmd->key_id = id;
1334
1335         if (key_type == KEY_TKIP) {
1336                 /*
1337                  * We get the key in the following form:
1338                  * TKIP (16 bytes) - TX MIC (8 bytes) - RX MIC (8 bytes)
1339                  * but the target is expecting:
1340                  * TKIP - RX MIC - TX MIC
1341                  */
1342                 memcpy(cmd->key, key, 16);
1343                 memcpy(cmd->key + 16, key + 24, 8);
1344                 memcpy(cmd->key + 24, key + 16, 8);
1345
1346         } else {
1347                 memcpy(cmd->key, key, key_size);
1348         }
1349
1350         wl1271_dump(DEBUG_CRYPT, "TARGET KEY: ", cmd, sizeof(*cmd));
1351
1352         ret = wl1271_cmd_send(wl, CMD_SET_KEYS, cmd, sizeof(*cmd), 0);
1353         if (ret < 0) {
1354                 wl1271_warning("could not set keys");
1355         goto out;
1356         }
1357
1358 out:
1359         kfree(cmd);
1360
1361         return ret;
1362 }
1363
1364 /*
1365  * TODO: merge with sta/ibss into 1 set_key function.
1366  * note there are slight diffs
1367  */
1368 int wl1271_cmd_set_ap_key(struct wl1271 *wl, struct wl12xx_vif *wlvif,
1369                           u16 action, u8 id, u8 key_type,
1370                           u8 key_size, const u8 *key, u8 hlid, u32 tx_seq_32,
1371                           u16 tx_seq_16)
1372 {
1373         struct wl1271_cmd_set_keys *cmd;
1374         int ret = 0;
1375         u8 lid_type;
1376
1377         cmd = kzalloc(sizeof(*cmd), GFP_KERNEL);
1378         if (!cmd)
1379                 return -ENOMEM;
1380
1381         if (hlid == wlvif->ap.bcast_hlid) {
1382                 if (key_type == KEY_WEP)
1383                         lid_type = WEP_DEFAULT_LID_TYPE;
1384                 else
1385                         lid_type = BROADCAST_LID_TYPE;
1386         } else {
1387                 lid_type = UNICAST_LID_TYPE;
1388         }
1389
1390         wl1271_debug(DEBUG_CRYPT, "ap key action: %d id: %d lid: %d type: %d"
1391                      " hlid: %d", (int)action, (int)id, (int)lid_type,
1392                      (int)key_type, (int)hlid);
1393
1394         cmd->lid_key_type = lid_type;
1395         cmd->hlid = hlid;
1396         cmd->key_action = cpu_to_le16(action);
1397         cmd->key_size = key_size;
1398         cmd->key_type = key_type;
1399         cmd->key_id = id;
1400         cmd->ac_seq_num16[0] = cpu_to_le16(tx_seq_16);
1401         cmd->ac_seq_num32[0] = cpu_to_le32(tx_seq_32);
1402
1403         if (key_type == KEY_TKIP) {
1404                 /*
1405                  * We get the key in the following form:
1406                  * TKIP (16 bytes) - TX MIC (8 bytes) - RX MIC (8 bytes)
1407                  * but the target is expecting:
1408                  * TKIP - RX MIC - TX MIC
1409                  */
1410                 memcpy(cmd->key, key, 16);
1411                 memcpy(cmd->key + 16, key + 24, 8);
1412                 memcpy(cmd->key + 24, key + 16, 8);
1413         } else {
1414                 memcpy(cmd->key, key, key_size);
1415         }
1416
1417         wl1271_dump(DEBUG_CRYPT, "TARGET AP KEY: ", cmd, sizeof(*cmd));
1418
1419         ret = wl1271_cmd_send(wl, CMD_SET_KEYS, cmd, sizeof(*cmd), 0);
1420         if (ret < 0) {
1421                 wl1271_warning("could not set ap keys");
1422                 goto out;
1423         }
1424
1425 out:
1426         kfree(cmd);
1427         return ret;
1428 }
1429
1430 int wl12xx_cmd_set_peer_state(struct wl1271 *wl, u8 hlid)
1431 {
1432         struct wl12xx_cmd_set_peer_state *cmd;
1433         int ret = 0;
1434
1435         wl1271_debug(DEBUG_CMD, "cmd set peer state (hlid=%d)", hlid);
1436
1437         cmd = kzalloc(sizeof(*cmd), GFP_KERNEL);
1438         if (!cmd) {
1439                 ret = -ENOMEM;
1440                 goto out;
1441         }
1442
1443         cmd->hlid = hlid;
1444         cmd->state = WL1271_CMD_STA_STATE_CONNECTED;
1445
1446         ret = wl1271_cmd_send(wl, CMD_SET_PEER_STATE, cmd, sizeof(*cmd), 0);
1447         if (ret < 0) {
1448                 wl1271_error("failed to send set peer state command");
1449                 goto out_free;
1450         }
1451
1452 out_free:
1453         kfree(cmd);
1454
1455 out:
1456         return ret;
1457 }
1458
1459 int wl12xx_cmd_add_peer(struct wl1271 *wl, struct wl12xx_vif *wlvif,
1460                         struct ieee80211_sta *sta, u8 hlid)
1461 {
1462         struct wl12xx_cmd_add_peer *cmd;
1463         int i, ret;
1464         u32 sta_rates;
1465
1466         wl1271_debug(DEBUG_CMD, "cmd add peer %d", (int)hlid);
1467
1468         cmd = kzalloc(sizeof(*cmd), GFP_KERNEL);
1469         if (!cmd) {
1470                 ret = -ENOMEM;
1471                 goto out;
1472         }
1473
1474         memcpy(cmd->addr, sta->addr, ETH_ALEN);
1475         cmd->bss_index = WL1271_AP_BSS_INDEX;
1476         cmd->aid = sta->aid;
1477         cmd->hlid = hlid;
1478         cmd->sp_len = sta->max_sp;
1479         cmd->wmm = sta->wme ? 1 : 0;
1480
1481         for (i = 0; i < NUM_ACCESS_CATEGORIES_COPY; i++)
1482                 if (sta->wme && (sta->uapsd_queues & BIT(i)))
1483                         cmd->psd_type[i] = WL1271_PSD_UPSD_TRIGGER;
1484                 else
1485                         cmd->psd_type[i] = WL1271_PSD_LEGACY;
1486
1487         sta_rates = sta->supp_rates[wlvif->band];
1488         if (sta->ht_cap.ht_supported)
1489                 sta_rates |= sta->ht_cap.mcs.rx_mask[0] << HW_HT_RATES_OFFSET;
1490
1491         cmd->supported_rates =
1492                 cpu_to_le32(wl1271_tx_enabled_rates_get(wl, sta_rates,
1493                                                         wlvif->band));
1494
1495         wl1271_debug(DEBUG_CMD, "new peer rates=0x%x queues=0x%x",
1496                      cmd->supported_rates, sta->uapsd_queues);
1497
1498         ret = wl1271_cmd_send(wl, CMD_ADD_PEER, cmd, sizeof(*cmd), 0);
1499         if (ret < 0) {
1500                 wl1271_error("failed to initiate cmd add peer");
1501                 goto out_free;
1502         }
1503
1504 out_free:
1505         kfree(cmd);
1506
1507 out:
1508         return ret;
1509 }
1510
1511 int wl12xx_cmd_remove_peer(struct wl1271 *wl, u8 hlid)
1512 {
1513         struct wl12xx_cmd_remove_peer *cmd;
1514         int ret;
1515
1516         wl1271_debug(DEBUG_CMD, "cmd remove peer %d", (int)hlid);
1517
1518         cmd = kzalloc(sizeof(*cmd), GFP_KERNEL);
1519         if (!cmd) {
1520                 ret = -ENOMEM;
1521                 goto out;
1522         }
1523
1524         cmd->hlid = hlid;
1525         /* We never send a deauth, mac80211 is in charge of this */
1526         cmd->reason_opcode = 0;
1527         cmd->send_deauth_flag = 0;
1528
1529         ret = wl1271_cmd_send(wl, CMD_REMOVE_PEER, cmd, sizeof(*cmd), 0);
1530         if (ret < 0) {
1531                 wl1271_error("failed to initiate cmd remove peer");
1532                 goto out_free;
1533         }
1534
1535         /*
1536          * We are ok with a timeout here. The event is sometimes not sent
1537          * due to a firmware bug.
1538          */
1539         wl1271_cmd_wait_for_event_or_timeout(wl,
1540                                              PEER_REMOVE_COMPLETE_EVENT_ID);
1541
1542 out_free:
1543         kfree(cmd);
1544
1545 out:
1546         return ret;
1547 }
1548
1549 int wl12xx_cmd_config_fwlog(struct wl1271 *wl)
1550 {
1551         struct wl12xx_cmd_config_fwlog *cmd;
1552         int ret = 0;
1553
1554         wl1271_debug(DEBUG_CMD, "cmd config firmware logger");
1555
1556         cmd = kzalloc(sizeof(*cmd), GFP_KERNEL);
1557         if (!cmd) {
1558                 ret = -ENOMEM;
1559                 goto out;
1560         }
1561
1562         cmd->logger_mode = wl->conf.fwlog.mode;
1563         cmd->log_severity = wl->conf.fwlog.severity;
1564         cmd->timestamp = wl->conf.fwlog.timestamp;
1565         cmd->output = wl->conf.fwlog.output;
1566         cmd->threshold = wl->conf.fwlog.threshold;
1567
1568         ret = wl1271_cmd_send(wl, CMD_CONFIG_FWLOGGER, cmd, sizeof(*cmd), 0);
1569         if (ret < 0) {
1570                 wl1271_error("failed to send config firmware logger command");
1571                 goto out_free;
1572         }
1573
1574 out_free:
1575         kfree(cmd);
1576
1577 out:
1578         return ret;
1579 }
1580
1581 int wl12xx_cmd_start_fwlog(struct wl1271 *wl)
1582 {
1583         struct wl12xx_cmd_start_fwlog *cmd;
1584         int ret = 0;
1585
1586         wl1271_debug(DEBUG_CMD, "cmd start firmware logger");
1587
1588         cmd = kzalloc(sizeof(*cmd), GFP_KERNEL);
1589         if (!cmd) {
1590                 ret = -ENOMEM;
1591                 goto out;
1592         }
1593
1594         ret = wl1271_cmd_send(wl, CMD_START_FWLOGGER, cmd, sizeof(*cmd), 0);
1595         if (ret < 0) {
1596                 wl1271_error("failed to send start firmware logger command");
1597                 goto out_free;
1598         }
1599
1600 out_free:
1601         kfree(cmd);
1602
1603 out:
1604         return ret;
1605 }
1606
1607 int wl12xx_cmd_stop_fwlog(struct wl1271 *wl)
1608 {
1609         struct wl12xx_cmd_stop_fwlog *cmd;
1610         int ret = 0;
1611
1612         wl1271_debug(DEBUG_CMD, "cmd stop firmware logger");
1613
1614         cmd = kzalloc(sizeof(*cmd), GFP_KERNEL);
1615         if (!cmd) {
1616                 ret = -ENOMEM;
1617                 goto out;
1618         }
1619
1620         ret = wl1271_cmd_send(wl, CMD_STOP_FWLOGGER, cmd, sizeof(*cmd), 0);
1621         if (ret < 0) {
1622                 wl1271_error("failed to send stop firmware logger command");
1623                 goto out_free;
1624         }
1625
1626 out_free:
1627         kfree(cmd);
1628
1629 out:
1630         return ret;
1631 }
1632
1633 static int wl12xx_cmd_roc(struct wl1271 *wl, struct wl12xx_vif *wlvif,
1634                           u8 role_id)
1635 {
1636         struct wl12xx_cmd_roc *cmd;
1637         int ret = 0;
1638
1639         wl1271_debug(DEBUG_CMD, "cmd roc %d (%d)", wlvif->channel, role_id);
1640
1641         if (WARN_ON(role_id == WL12XX_INVALID_ROLE_ID))
1642                 return -EINVAL;
1643
1644         cmd = kzalloc(sizeof(*cmd), GFP_KERNEL);
1645         if (!cmd) {
1646                 ret = -ENOMEM;
1647                 goto out;
1648         }
1649
1650         cmd->role_id = role_id;
1651         cmd->channel = wlvif->channel;
1652         switch (wlvif->band) {
1653         case IEEE80211_BAND_2GHZ:
1654                 cmd->band = RADIO_BAND_2_4GHZ;
1655                 break;
1656         case IEEE80211_BAND_5GHZ:
1657                 cmd->band = RADIO_BAND_5GHZ;
1658                 break;
1659         default:
1660                 wl1271_error("roc - unknown band: %d", (int)wlvif->band);
1661                 ret = -EINVAL;
1662                 goto out_free;
1663         }
1664
1665
1666         ret = wl1271_cmd_send(wl, CMD_REMAIN_ON_CHANNEL, cmd, sizeof(*cmd), 0);
1667         if (ret < 0) {
1668                 wl1271_error("failed to send ROC command");
1669                 goto out_free;
1670         }
1671
1672 out_free:
1673         kfree(cmd);
1674
1675 out:
1676         return ret;
1677 }
1678
1679 static int wl12xx_cmd_croc(struct wl1271 *wl, u8 role_id)
1680 {
1681         struct wl12xx_cmd_croc *cmd;
1682         int ret = 0;
1683
1684         wl1271_debug(DEBUG_CMD, "cmd croc (%d)", role_id);
1685
1686         cmd = kzalloc(sizeof(*cmd), GFP_KERNEL);
1687         if (!cmd) {
1688                 ret = -ENOMEM;
1689                 goto out;
1690         }
1691         cmd->role_id = role_id;
1692
1693         ret = wl1271_cmd_send(wl, CMD_CANCEL_REMAIN_ON_CHANNEL, cmd,
1694                               sizeof(*cmd), 0);
1695         if (ret < 0) {
1696                 wl1271_error("failed to send ROC command");
1697                 goto out_free;
1698         }
1699
1700 out_free:
1701         kfree(cmd);
1702
1703 out:
1704         return ret;
1705 }
1706
1707 int wl12xx_roc(struct wl1271 *wl, struct wl12xx_vif *wlvif, u8 role_id)
1708 {
1709         int ret = 0;
1710
1711         if (WARN_ON(test_bit(role_id, wl->roc_map)))
1712                 return 0;
1713
1714         ret = wl12xx_cmd_roc(wl, wlvif, role_id);
1715         if (ret < 0)
1716                 goto out;
1717
1718         ret = wl1271_cmd_wait_for_event(wl,
1719                                         REMAIN_ON_CHANNEL_COMPLETE_EVENT_ID);
1720         if (ret < 0) {
1721                 wl1271_error("cmd roc event completion error");
1722                 goto out;
1723         }
1724
1725         __set_bit(role_id, wl->roc_map);
1726 out:
1727         return ret;
1728 }
1729
1730 int wl12xx_croc(struct wl1271 *wl, u8 role_id)
1731 {
1732         int ret = 0;
1733
1734         if (WARN_ON(!test_bit(role_id, wl->roc_map)))
1735                 return 0;
1736
1737         ret = wl12xx_cmd_croc(wl, role_id);
1738         if (ret < 0)
1739                 goto out;
1740
1741         __clear_bit(role_id, wl->roc_map);
1742 out:
1743         return ret;
1744 }
1745
1746 int wl12xx_cmd_channel_switch(struct wl1271 *wl,
1747                               struct ieee80211_channel_switch *ch_switch)
1748 {
1749         struct wl12xx_cmd_channel_switch *cmd;
1750         int ret;
1751
1752         wl1271_debug(DEBUG_ACX, "cmd channel switch");
1753
1754         cmd = kzalloc(sizeof(*cmd), GFP_KERNEL);
1755         if (!cmd) {
1756                 ret = -ENOMEM;
1757                 goto out;
1758         }
1759
1760         cmd->channel = ch_switch->channel->hw_value;
1761         cmd->switch_time = ch_switch->count;
1762         cmd->tx_suspend = ch_switch->block_tx;
1763         cmd->flush = 0; /* this value is ignored by the FW */
1764
1765         ret = wl1271_cmd_send(wl, CMD_CHANNEL_SWITCH, cmd, sizeof(*cmd), 0);
1766         if (ret < 0) {
1767                 wl1271_error("failed to send channel switch command");
1768                 goto out_free;
1769         }
1770
1771 out_free:
1772         kfree(cmd);
1773
1774 out:
1775         return ret;
1776 }
1777
1778 int wl12xx_cmd_stop_channel_switch(struct wl1271 *wl)
1779 {
1780         struct wl12xx_cmd_stop_channel_switch *cmd;
1781         int ret;
1782
1783         wl1271_debug(DEBUG_ACX, "cmd stop channel switch");
1784
1785         cmd = kzalloc(sizeof(*cmd), GFP_KERNEL);
1786         if (!cmd) {
1787                 ret = -ENOMEM;
1788                 goto out;
1789         }
1790
1791         ret = wl1271_cmd_send(wl, CMD_STOP_CHANNEL_SWICTH, cmd, sizeof(*cmd), 0);
1792         if (ret < 0) {
1793                 wl1271_error("failed to stop channel switch command");
1794                 goto out_free;
1795         }
1796
1797 out_free:
1798         kfree(cmd);
1799
1800 out:
1801         return ret;
1802 }
1803
1804 /* start dev role and roc on its channel */
1805 int wl12xx_start_dev(struct wl1271 *wl, struct wl12xx_vif *wlvif)
1806 {
1807         int ret;
1808
1809         if (WARN_ON(!(wlvif->bss_type == BSS_TYPE_STA_BSS ||
1810                       wlvif->bss_type == BSS_TYPE_IBSS)))
1811                 return -EINVAL;
1812
1813         ret = wl12xx_cmd_role_start_dev(wl, wlvif);
1814         if (ret < 0)
1815                 goto out;
1816
1817         ret = wl12xx_roc(wl, wlvif, wlvif->dev_role_id);
1818         if (ret < 0)
1819                 goto out_stop;
1820
1821         return 0;
1822
1823 out_stop:
1824         wl12xx_cmd_role_stop_dev(wl, wlvif);
1825 out:
1826         return ret;
1827 }
1828
1829 /* croc dev hlid, and stop the role */
1830 int wl12xx_stop_dev(struct wl1271 *wl, struct wl12xx_vif *wlvif)
1831 {
1832         int ret;
1833
1834         if (WARN_ON(!(wlvif->bss_type == BSS_TYPE_STA_BSS ||
1835                       wlvif->bss_type == BSS_TYPE_IBSS)))
1836                 return -EINVAL;
1837
1838         /* flush all pending packets */
1839         wl1271_tx_work_locked(wl);
1840
1841         if (test_bit(wlvif->dev_role_id, wl->roc_map)) {
1842                 ret = wl12xx_croc(wl, wlvif->dev_role_id);
1843                 if (ret < 0)
1844                         goto out;
1845         }
1846
1847         ret = wl12xx_cmd_role_stop_dev(wl, wlvif);
1848         if (ret < 0)
1849                 goto out;
1850 out:
1851         return ret;
1852 }