projects / deliverable / linux.git / blame
? search:
summary | shortlog | log | commit | commitdiff | tree
blob | blame (incremental) | history | HEAD
rsi: Potential null pointer derefernce issue fixed.
[deliverable/linux.git] / drivers / net / wireless / rsi / rsi_91x_mgmt.c
CommitLineData
dad0d04f
FF		 1/**
2 * Copyright (c) 2014 Redpine Signals Inc.
3 *
4 * Permission to use, copy, modify, and/or distribute this software for any
5 * purpose with or without fee is hereby granted, provided that the above
6 * copyright notice and this permission notice appear in all copies.
7 *
8 * THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES
9 * WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF
10 * MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR
11 * ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES
12 * WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN
13 * ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF
14 * OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE.
15 */
16
17#include <linux/etherdevice.h>
18#include "rsi_mgmt.h"
19#include "rsi_common.h"
20
21static struct bootup_params boot_params_20 = {
22 .magic_number = cpu_to_le16(0x5aa5),
23 .crystal_good_time = 0x0,
24 .valid = cpu_to_le32(VALID_20),
25 .reserved_for_valids = 0x0,
26 .bootup_mode_info = 0x0,
27 .digital_loop_back_params = 0x0,
28 .rtls_timestamp_en = 0x0,
29 .host_spi_intr_cfg = 0x0,
30 .device_clk_info = {{
31 .pll_config_g = {
32 .tapll_info_g = {
33 .pll_reg_1 = cpu_to_le16((TA_PLL_N_VAL_20 << 8)|
34 (TA_PLL_M_VAL_20)),
35 .pll_reg_2 = cpu_to_le16(TA_PLL_P_VAL_20),
36 },
37 .pll960_info_g = {
38 .pll_reg_1 = cpu_to_le16((PLL960_P_VAL_20 << 8)|
39 (PLL960_N_VAL_20)),
40 .pll_reg_2 = cpu_to_le16(PLL960_M_VAL_20),
41 .pll_reg_3 = 0x0,
42 },
43 .afepll_info_g = {
44 .pll_reg = cpu_to_le16(0x9f0),
45 }
46 },
47 .switch_clk_g = {
48 .switch_clk_info = cpu_to_le16(BIT(3)),
49 .bbp_lmac_clk_reg_val = cpu_to_le16(0x121),
50 .umac_clock_reg_config = 0x0,
51 .qspi_uart_clock_reg_config = 0x0
52 }
53 },
54 {
55 .pll_config_g = {
56 .tapll_info_g = {
57 .pll_reg_1 = cpu_to_le16((TA_PLL_N_VAL_20 << 8)|
58 (TA_PLL_M_VAL_20)),
59 .pll_reg_2 = cpu_to_le16(TA_PLL_P_VAL_20),
60 },
61 .pll960_info_g = {
62 .pll_reg_1 = cpu_to_le16((PLL960_P_VAL_20 << 8)|
63 (PLL960_N_VAL_20)),
64 .pll_reg_2 = cpu_to_le16(PLL960_M_VAL_20),
65 .pll_reg_3 = 0x0,
66 },
67 .afepll_info_g = {
68 .pll_reg = cpu_to_le16(0x9f0),
69 }
70 },
71 .switch_clk_g = {
72 .switch_clk_info = 0x0,
73 .bbp_lmac_clk_reg_val = 0x0,
74 .umac_clock_reg_config = 0x0,
75 .qspi_uart_clock_reg_config = 0x0
76 }
77 },
78 {
79 .pll_config_g = {
80 .tapll_info_g = {
81 .pll_reg_1 = cpu_to_le16((TA_PLL_N_VAL_20 << 8)|
82 (TA_PLL_M_VAL_20)),
83 .pll_reg_2 = cpu_to_le16(TA_PLL_P_VAL_20),
84 },
85 .pll960_info_g = {
86 .pll_reg_1 = cpu_to_le16((PLL960_P_VAL_20 << 8)|
87 (PLL960_N_VAL_20)),
88 .pll_reg_2 = cpu_to_le16(PLL960_M_VAL_20),
89 .pll_reg_3 = 0x0,
90 },
91 .afepll_info_g = {
92 .pll_reg = cpu_to_le16(0x9f0),
93 }
94 },
95 .switch_clk_g = {
96 .switch_clk_info = 0x0,
97 .bbp_lmac_clk_reg_val = 0x0,
98 .umac_clock_reg_config = 0x0,
99 .qspi_uart_clock_reg_config = 0x0
100 }
101 } },
102 .buckboost_wakeup_cnt = 0x0,
103 .pmu_wakeup_wait = 0x0,
104 .shutdown_wait_time = 0x0,
105 .pmu_slp_clkout_sel = 0x0,
106 .wdt_prog_value = 0x0,
107 .wdt_soc_rst_delay = 0x0,
108 .dcdc_operation_mode = 0x0,
109 .soc_reset_wait_cnt = 0x0
110};
111
112static struct bootup_params boot_params_40 = {
113 .magic_number = cpu_to_le16(0x5aa5),
114 .crystal_good_time = 0x0,
115 .valid = cpu_to_le32(VALID_40),
116 .reserved_for_valids = 0x0,
117 .bootup_mode_info = 0x0,
118 .digital_loop_back_params = 0x0,
119 .rtls_timestamp_en = 0x0,
120 .host_spi_intr_cfg = 0x0,
121 .device_clk_info = {{
122 .pll_config_g = {
123 .tapll_info_g = {
124 .pll_reg_1 = cpu_to_le16((TA_PLL_N_VAL_40 << 8)|
125 (TA_PLL_M_VAL_40)),
126 .pll_reg_2 = cpu_to_le16(TA_PLL_P_VAL_40),
127 },
128 .pll960_info_g = {
129 .pll_reg_1 = cpu_to_le16((PLL960_P_VAL_40 << 8)|
130 (PLL960_N_VAL_40)),
131 .pll_reg_2 = cpu_to_le16(PLL960_M_VAL_40),
132 .pll_reg_3 = 0x0,
133 },
134 .afepll_info_g = {
135 .pll_reg = cpu_to_le16(0x9f0),
136 }
137 },
138 .switch_clk_g = {
139 .switch_clk_info = cpu_to_le16(0x09),
140 .bbp_lmac_clk_reg_val = cpu_to_le16(0x1121),
141 .umac_clock_reg_config = cpu_to_le16(0x48),
142 .qspi_uart_clock_reg_config = 0x0
143 }
144 },
145 {
146 .pll_config_g = {
147 .tapll_info_g = {
148 .pll_reg_1 = cpu_to_le16((TA_PLL_N_VAL_40 << 8)|
149 (TA_PLL_M_VAL_40)),
150 .pll_reg_2 = cpu_to_le16(TA_PLL_P_VAL_40),
151 },
152 .pll960_info_g = {
153 .pll_reg_1 = cpu_to_le16((PLL960_P_VAL_40 << 8)|
154 (PLL960_N_VAL_40)),
155 .pll_reg_2 = cpu_to_le16(PLL960_M_VAL_40),
156 .pll_reg_3 = 0x0,
157 },
158 .afepll_info_g = {
159 .pll_reg = cpu_to_le16(0x9f0),
160 }
161 },
162 .switch_clk_g = {
163 .switch_clk_info = 0x0,
164 .bbp_lmac_clk_reg_val = 0x0,
165 .umac_clock_reg_config = 0x0,
166 .qspi_uart_clock_reg_config = 0x0
167 }
168 },
169 {
170 .pll_config_g = {
171 .tapll_info_g = {
172 .pll_reg_1 = cpu_to_le16((TA_PLL_N_VAL_40 << 8)|
173 (TA_PLL_M_VAL_40)),
174 .pll_reg_2 = cpu_to_le16(TA_PLL_P_VAL_40),
175 },
176 .pll960_info_g = {
177 .pll_reg_1 = cpu_to_le16((PLL960_P_VAL_40 << 8)|
178 (PLL960_N_VAL_40)),
179 .pll_reg_2 = cpu_to_le16(PLL960_M_VAL_40),
180 .pll_reg_3 = 0x0,
181 },
182 .afepll_info_g = {
183 .pll_reg = cpu_to_le16(0x9f0),
184 }
185 },
186 .switch_clk_g = {
187 .switch_clk_info = 0x0,
188 .bbp_lmac_clk_reg_val = 0x0,
189 .umac_clock_reg_config = 0x0,
190 .qspi_uart_clock_reg_config = 0x0
191 }
192 } },
193 .buckboost_wakeup_cnt = 0x0,
194 .pmu_wakeup_wait = 0x0,
195 .shutdown_wait_time = 0x0,
196 .pmu_slp_clkout_sel = 0x0,
197 .wdt_prog_value = 0x0,
198 .wdt_soc_rst_delay = 0x0,
199 .dcdc_operation_mode = 0x0,
200 .soc_reset_wait_cnt = 0x0
201};
202
203static u16 mcs[] = {13, 26, 39, 52, 78, 104, 117, 130};
204
205/**
206 * rsi_set_default_parameters() - This function sets default parameters.
207 * @common: Pointer to the driver private structure.
208 *
209 * Return: none
210 */
211static void rsi_set_default_parameters(struct rsi_common *common)
212{
213 common->band = IEEE80211_BAND_2GHZ;
214 common->channel_width = BW_20MHZ;
215 common->rts_threshold = IEEE80211_MAX_RTS_THRESHOLD;
216 common->channel = 1;
217 common->min_rate = 0xffff;
218 common->fsm_state = FSM_CARD_NOT_READY;
219 common->iface_down = true;
220}
221
222/**
223 * rsi_set_contention_vals() - This function sets the contention values for the
224 * backoff procedure.
225 * @common: Pointer to the driver private structure.
226 *
227 * Return: None.
228 */
229static void rsi_set_contention_vals(struct rsi_common *common)
230{
231 u8 ii = 0;
232
233 for (; ii < NUM_EDCA_QUEUES; ii++) {
234 common->tx_qinfo[ii].wme_params =
235 (((common->edca_params[ii].cw_min / 2) +
236 (common->edca_params[ii].aifs)) *
237 WMM_SHORT_SLOT_TIME + SIFS_DURATION);
238 common->tx_qinfo[ii].weight = common->tx_qinfo[ii].wme_params;
239 common->tx_qinfo[ii].pkt_contended = 0;
240 }
241}
242
243/**
244 * rsi_send_internal_mgmt_frame() - This function sends management frames to
245 * firmware.Also schedules packet to queue
246 * for transmission.
247 * @common: Pointer to the driver private structure.
248 * @skb: Pointer to the socket buffer structure.
249 *
250 * Return: 0 on success, -1 on failure.
251 */
252static int rsi_send_internal_mgmt_frame(struct rsi_common *common,
253 struct sk_buff *skb)
254{
255 struct skb_info *tx_params;
256
257 if (skb == NULL) {
258 rsi_dbg(ERR_ZONE, "%s: Unable to allocate skb\n", __func__);
259 return -ENOMEM;
260 }
261 tx_params = (struct skb_info *)&IEEE80211_SKB_CB(skb)->driver_data;
262 tx_params->flags |= INTERNAL_MGMT_PKT;
263 skb_queue_tail(&common->tx_queue[MGMT_SOFT_Q], skb);
264 rsi_set_event(&common->tx_thread.event);
265 return 0;
266}
267
268/**
269 * rsi_load_radio_caps() - This function is used to send radio capabilities
270 * values to firmware.
271 * @common: Pointer to the driver private structure.
272 *
273 * Return: 0 on success, corresponding negative error code on failure.
274 */
275static int rsi_load_radio_caps(struct rsi_common *common)
276{
277 struct rsi_radio_caps *radio_caps;
278 struct rsi_hw *adapter = common->priv;
279 struct ieee80211_hw *hw = adapter->hw;
280 u16 inx = 0;
281 u8 ii;
282 u8 radio_id = 0;
283 u16 gc[20] = {0xf0, 0xf0, 0xf0, 0xf0,
284 0xf0, 0xf0, 0xf0, 0xf0,
285 0xf0, 0xf0, 0xf0, 0xf0,
286 0xf0, 0xf0, 0xf0, 0xf0,
287 0xf0, 0xf0, 0xf0, 0xf0};
288 struct ieee80211_conf *conf = &hw->conf;
289 struct sk_buff *skb;
290
291 rsi_dbg(INFO_ZONE, "%s: Sending rate symbol req frame\n", __func__);
292
293 skb = dev_alloc_skb(sizeof(struct rsi_radio_caps));
294
295 if (!skb) {
296 rsi_dbg(ERR_ZONE, "%s: Failed in allocation of skb\n",
297 __func__);
298 return -ENOMEM;
299 }
300
301 memset(skb->data, 0, sizeof(struct rsi_radio_caps));
302 radio_caps = (struct rsi_radio_caps *)skb->data;
303
304 radio_caps->desc_word[1] = cpu_to_le16(RADIO_CAPABILITIES);
305 radio_caps->desc_word[4] = cpu_to_le16(RSI_RF_TYPE << 8);
306
307 if (common->channel_width == BW_40MHZ) {
308 radio_caps->desc_word[7] |= cpu_to_le16(RSI_LMAC_CLOCK_80MHZ);
309 radio_caps->desc_word[7] |= cpu_to_le16(RSI_ENABLE_40MHZ);
310 if (common->channel_width) {
311 radio_caps->desc_word[5] =
312 cpu_to_le16(common->channel_width << 12);
313 radio_caps->desc_word[5] |= cpu_to_le16(FULL40M_ENABLE);
314 }
315
316 if (conf_is_ht40_minus(conf)) {
317 radio_caps->desc_word[5] = 0;
318 radio_caps->desc_word[5] |=
319 cpu_to_le16(LOWER_20_ENABLE);
320 radio_caps->desc_word[5] |=
321 cpu_to_le16(LOWER_20_ENABLE >> 12);
322 }
323
324 if (conf_is_ht40_plus(conf)) {
325 radio_caps->desc_word[5] = 0;
326 radio_caps->desc_word[5] |=
327 cpu_to_le16(UPPER_20_ENABLE);
328 radio_caps->desc_word[5] |=
329 cpu_to_le16(UPPER_20_ENABLE >> 12);
330 }
331 }
332
333 radio_caps->desc_word[7] |= cpu_to_le16(radio_id << 8);
334
335 for (ii = 0; ii < MAX_HW_QUEUES; ii++) {
336 radio_caps->qos_params[ii].cont_win_min_q = cpu_to_le16(3);
337 radio_caps->qos_params[ii].cont_win_max_q = cpu_to_le16(0x3f);
338 radio_caps->qos_params[ii].aifsn_val_q = cpu_to_le16(2);
339 radio_caps->qos_params[ii].txop_q = 0;
340 }
341
342 for (ii = 0; ii < MAX_HW_QUEUES - 4; ii++) {
343 radio_caps->qos_params[ii].cont_win_min_q =
344 cpu_to_le16(common->edca_params[ii].cw_min);
345 radio_caps->qos_params[ii].cont_win_max_q =
346 cpu_to_le16(common->edca_params[ii].cw_max);
347 radio_caps->qos_params[ii].aifsn_val_q =
348 cpu_to_le16((common->edca_params[ii].aifs) << 8);
349 radio_caps->qos_params[ii].txop_q =
350 cpu_to_le16(common->edca_params[ii].txop);
351 }
352
353 memcpy(&common->rate_pwr[0], &gc[0], 40);
354 for (ii = 0; ii < 20; ii++)
355 radio_caps->gcpd_per_rate[inx++] =
356 cpu_to_le16(common->rate_pwr[ii] & 0x00FF);
357
358 radio_caps->desc_word[0] = cpu_to_le16((sizeof(struct rsi_radio_caps) -
359 FRAME_DESC_SZ) |
360 (RSI_WIFI_MGMT_Q << 12));
361
362
363 skb_put(skb, (sizeof(struct rsi_radio_caps)));
364
365 return rsi_send_internal_mgmt_frame(common, skb);
366}
367
368/**
369 * rsi_mgmt_pkt_to_core() - This function is the entry point for Mgmt module.
370 * @common: Pointer to the driver private structure.
371 * @msg: Pointer to received packet.
372 * @msg_len: Length of the recieved packet.
373 * @type: Type of recieved packet.
374 *
375 * Return: 0 on success, -1 on failure.
376 */
377static int rsi_mgmt_pkt_to_core(struct rsi_common *common,
378 u8 *msg,
379 s32 msg_len,
380 u8 type)
381{
382 struct rsi_hw *adapter = common->priv;
383 struct ieee80211_tx_info *info;
384 struct skb_info *rx_params;
385 u8 pad_bytes = msg[4];
386 u8 pkt_recv;
387 struct sk_buff *skb;
388 char *buffer;
389
390 if (type == RX_DOT11_MGMT) {
391 if (!adapter->sc_nvifs)
392 return -ENOLINK;
393
394 msg_len -= pad_bytes;
395 if ((msg_len <= 0) || (!msg)) {
5fe1b76a
JP		 396 rsi_dbg(MGMT_RX_ZONE,
397 "%s: Invalid rx msg of len = %d\n",
dad0d04f
FF		 398 __func__, msg_len);
399 return -EINVAL;
400 }
401
402 skb = dev_alloc_skb(msg_len);
403 if (!skb) {
404 rsi_dbg(ERR_ZONE, "%s: Failed to allocate skb\n",
405 __func__);
406 return -ENOMEM;
407 }
408
409 buffer = skb_put(skb, msg_len);
410
411 memcpy(buffer,
412 (u8 *)(msg + FRAME_DESC_SZ + pad_bytes),
413 msg_len);
414
415 pkt_recv = buffer[0];
416
417 info = IEEE80211_SKB_CB(skb);
418 rx_params = (struct skb_info *)info->driver_data;
419 rx_params->rssi = rsi_get_rssi(msg);
420 rx_params->channel = rsi_get_channel(msg);
421 rsi_indicate_pkt_to_os(common, skb);
422 } else {
423 rsi_dbg(MGMT_TX_ZONE, "%s: Internal Packet\n", __func__);
424 }
425
426 return 0;
427}
428
429/**
430 * rsi_hal_send_sta_notify_frame() - This function sends the station notify
431 * frame to firmware.
432 * @common: Pointer to the driver private structure.
433 * @opmode: Operating mode of device.
434 * @notify_event: Notification about station connection.
435 * @bssid: bssid.
436 * @qos_enable: Qos is enabled.
437 * @aid: Aid (unique for all STA).
438 *
439 * Return: status: 0 on success, corresponding negative error code on failure.
440 */
441static int rsi_hal_send_sta_notify_frame(struct rsi_common *common,
442 u8 opmode,
443 u8 notify_event,
444 const unsigned char *bssid,
445 u8 qos_enable,
446 u16 aid)
447{
448 struct sk_buff *skb = NULL;
449 struct rsi_peer_notify *peer_notify;
450 u16 vap_id = 0;
451 int status;
452
453 rsi_dbg(MGMT_TX_ZONE, "%s: Sending sta notify frame\n", __func__);
454
455 skb = dev_alloc_skb(sizeof(struct rsi_peer_notify));
456
457 if (!skb) {
458 rsi_dbg(ERR_ZONE, "%s: Failed in allocation of skb\n",
459 __func__);
460 return -ENOMEM;
461 }
462
463 memset(skb->data, 0, sizeof(struct rsi_peer_notify));
464 peer_notify = (struct rsi_peer_notify *)skb->data;
465
466 peer_notify->command = cpu_to_le16(opmode << 1);
467
468 switch (notify_event) {
469 case STA_CONNECTED:
470 peer_notify->command |= cpu_to_le16(RSI_ADD_PEER);
471 break;
472 case STA_DISCONNECTED:
473 peer_notify->command |= cpu_to_le16(RSI_DELETE_PEER);
474 break;
475 default:
476 break;
477 }
478
479 peer_notify->command |= cpu_to_le16((aid & 0xfff) << 4);
480 ether_addr_copy(peer_notify->mac_addr, bssid);
481
482 peer_notify->sta_flags = cpu_to_le32((qos_enable) ? 1 : 0);
483
484 peer_notify->desc_word[0] =
485 cpu_to_le16((sizeof(struct rsi_peer_notify) - FRAME_DESC_SZ) |
486 (RSI_WIFI_MGMT_Q << 12));
487 peer_notify->desc_word[1] = cpu_to_le16(PEER_NOTIFY);
488 peer_notify->desc_word[7] |= cpu_to_le16(vap_id << 8);
489
490 skb_put(skb, sizeof(struct rsi_peer_notify));
491
492 status = rsi_send_internal_mgmt_frame(common, skb);
493
494 if (!status && qos_enable) {
495 rsi_set_contention_vals(common);
496 status = rsi_load_radio_caps(common);
497 }
498 return status;
499}
500
501/**
502 * rsi_send_aggregation_params_frame() - This function sends the ampdu
503 * indication frame to firmware.
504 * @common: Pointer to the driver private structure.
505 * @tid: traffic identifier.
506 * @ssn: ssn.
507 * @buf_size: buffer size.
508 * @event: notification about station connection.
509 *
510 * Return: 0 on success, corresponding negative error code on failure.
511 */
512int rsi_send_aggregation_params_frame(struct rsi_common *common,
513 u16 tid,
514 u16 ssn,
515 u8 buf_size,
516 u8 event)
517{
518 struct sk_buff *skb = NULL;
519 struct rsi_mac_frame *mgmt_frame;
520 u8 peer_id = 0;
521
522 skb = dev_alloc_skb(FRAME_DESC_SZ);
523
524 if (!skb) {
525 rsi_dbg(ERR_ZONE, "%s: Failed in allocation of skb\n",
526 __func__);
527 return -ENOMEM;
528 }
529
530 memset(skb->data, 0, FRAME_DESC_SZ);
531 mgmt_frame = (struct rsi_mac_frame *)skb->data;
532
533 rsi_dbg(MGMT_TX_ZONE, "%s: Sending AMPDU indication frame\n", __func__);
534
535 mgmt_frame->desc_word[0] = cpu_to_le16(RSI_WIFI_MGMT_Q << 12);
536 mgmt_frame->desc_word[1] = cpu_to_le16(AMPDU_IND);
537
538 if (event == STA_TX_ADDBA_DONE) {
539 mgmt_frame->desc_word[4] = cpu_to_le16(ssn);
540 mgmt_frame->desc_word[5] = cpu_to_le16(buf_size);
541 mgmt_frame->desc_word[7] =
542 cpu_to_le16((tid | (START_AMPDU_AGGR << 4) | (peer_id << 8)));
543 } else if (event == STA_RX_ADDBA_DONE) {
544 mgmt_frame->desc_word[4] = cpu_to_le16(ssn);
545 mgmt_frame->desc_word[7] = cpu_to_le16(tid |
546 (START_AMPDU_AGGR << 4) |
547 (RX_BA_INDICATION << 5) |
548 (peer_id << 8));
549 } else if (event == STA_TX_DELBA) {
550 mgmt_frame->desc_word[7] = cpu_to_le16(tid |
551 (STOP_AMPDU_AGGR << 4) |
552 (peer_id << 8));
553 } else if (event == STA_RX_DELBA) {
554 mgmt_frame->desc_word[7] = cpu_to_le16(tid |
555 (STOP_AMPDU_AGGR << 4) |
556 (RX_BA_INDICATION << 5) |
557 (peer_id << 8));
558 }
559
560 skb_put(skb, FRAME_DESC_SZ);
561
562 return rsi_send_internal_mgmt_frame(common, skb);
563}
564
565/**
566 * rsi_program_bb_rf() - This function starts base band and RF programming.
567 * This is called after initial configurations are done.
568 * @common: Pointer to the driver private structure.
569 *
570 * Return: 0 on success, corresponding negative error code on failure.
571 */
572static int rsi_program_bb_rf(struct rsi_common *common)
573{
574 struct sk_buff *skb;
575 struct rsi_mac_frame *mgmt_frame;
576
577 rsi_dbg(MGMT_TX_ZONE, "%s: Sending program BB/RF frame\n", __func__);
578
579 skb = dev_alloc_skb(FRAME_DESC_SZ);
580 if (!skb) {
581 rsi_dbg(ERR_ZONE, "%s: Failed in allocation of skb\n",
582 __func__);
583 return -ENOMEM;
584 }
585
586 memset(skb->data, 0, FRAME_DESC_SZ);
587 mgmt_frame = (struct rsi_mac_frame *)skb->data;
588
589 mgmt_frame->desc_word[0] = cpu_to_le16(RSI_WIFI_MGMT_Q << 12);
590 mgmt_frame->desc_word[1] = cpu_to_le16(BBP_PROG_IN_TA);
591 mgmt_frame->desc_word[4] = cpu_to_le16(common->endpoint << 8);
592
593 if (common->rf_reset) {
594 mgmt_frame->desc_word[7] = cpu_to_le16(RF_RESET_ENABLE);
595 rsi_dbg(MGMT_TX_ZONE, "%s: ===> RF RESET REQUEST SENT <===\n",
596 __func__);
597 common->rf_reset = 0;
598 }
599 common->bb_rf_prog_count = 1;
600 mgmt_frame->desc_word[7] |= cpu_to_le16(PUT_BBP_RESET |
601 BBP_REG_WRITE | (RSI_RF_TYPE << 4));
602 skb_put(skb, FRAME_DESC_SZ);
603
604 return rsi_send_internal_mgmt_frame(common, skb);
605}
606
607/**
608 * rsi_set_vap_capabilities() - This function send vap capability to firmware.
609 * @common: Pointer to the driver private structure.
610 * @opmode: Operating mode of device.
611 *
612 * Return: 0 on success, corresponding negative error code on failure.
613 */
614int rsi_set_vap_capabilities(struct rsi_common *common, enum opmode mode)
615{
616 struct sk_buff *skb = NULL;
617 struct rsi_vap_caps *vap_caps;
618 u16 vap_id = 0;
619
620 rsi_dbg(MGMT_TX_ZONE, "%s: Sending VAP capabilities frame\n", __func__);
621
622 skb = dev_alloc_skb(sizeof(struct rsi_vap_caps));
623 if (!skb) {
624 rsi_dbg(ERR_ZONE, "%s: Failed in allocation of skb\n",
625 __func__);
626 return -ENOMEM;
627 }
628
629 memset(skb->data, 0, sizeof(struct rsi_vap_caps));
630 vap_caps = (struct rsi_vap_caps *)skb->data;
631
632 vap_caps->desc_word[0] = cpu_to_le16((sizeof(struct rsi_vap_caps) -
633 FRAME_DESC_SZ) |
634 (RSI_WIFI_MGMT_Q << 12));
635 vap_caps->desc_word[1] = cpu_to_le16(VAP_CAPABILITIES);
636 vap_caps->desc_word[4] = cpu_to_le16(mode |
637 (common->channel_width << 8));
638 vap_caps->desc_word[7] = cpu_to_le16((vap_id << 8) |
639 (common->mac_id << 4) |
640 common->radio_id);
641
642 memcpy(vap_caps->mac_addr, common->mac_addr, IEEE80211_ADDR_LEN);
643 vap_caps->keep_alive_period = cpu_to_le16(90);
644 vap_caps->frag_threshold = cpu_to_le16(IEEE80211_MAX_FRAG_THRESHOLD);
645
646 vap_caps->rts_threshold = cpu_to_le16(common->rts_threshold);
647 vap_caps->default_mgmt_rate = 0;
648 if (conf_is_ht40(&common->priv->hw->conf)) {
649 vap_caps->default_ctrl_rate =
650 cpu_to_le32(RSI_RATE_6 | FULL40M_ENABLE << 16);
651 } else {
652 vap_caps->default_ctrl_rate = cpu_to_le32(RSI_RATE_6);
653 }
654 vap_caps->default_data_rate = 0;
655 vap_caps->beacon_interval = cpu_to_le16(200);
656 vap_caps->dtim_period = cpu_to_le16(4);
657
658 skb_put(skb, sizeof(*vap_caps));
659
660 return rsi_send_internal_mgmt_frame(common, skb);
661}
662
663/**
664 * rsi_hal_load_key() - This function is used to load keys within the firmware.
665 * @common: Pointer to the driver private structure.
666 * @data: Pointer to the key data.
667 * @key_len: Key length to be loaded.
668 * @key_type: Type of key: GROUP/PAIRWISE.
669 * @key_id: Key index.
670 * @cipher: Type of cipher used.
671 *
672 * Return: 0 on success, -1 on failure.
673 */
674int rsi_hal_load_key(struct rsi_common *common,
675 u8 *data,
676 u16 key_len,
677 u8 key_type,
678 u8 key_id,
679 u32 cipher)
680{
681 struct sk_buff *skb = NULL;
682 struct rsi_set_key *set_key;
683 u16 key_descriptor = 0;
684
685 rsi_dbg(MGMT_TX_ZONE, "%s: Sending load key frame\n", __func__);
686
687 skb = dev_alloc_skb(sizeof(struct rsi_set_key));
688 if (!skb) {
689 rsi_dbg(ERR_ZONE, "%s: Failed in allocation of skb\n",
690 __func__);
691 return -ENOMEM;
692 }
693
694 memset(skb->data, 0, sizeof(struct rsi_set_key));
695 set_key = (struct rsi_set_key *)skb->data;
696
697 if ((cipher == WLAN_CIPHER_SUITE_WEP40) ||
698 (cipher == WLAN_CIPHER_SUITE_WEP104)) {
699 key_len += 1;
700 key_descriptor |= BIT(2);
701 if (key_len >= 13)
702 key_descriptor |= BIT(3);
703 } else if (cipher != KEY_TYPE_CLEAR) {
704 key_descriptor |= BIT(4);
705 if (key_type == RSI_PAIRWISE_KEY)
706 key_id = 0;
707 if (cipher == WLAN_CIPHER_SUITE_TKIP)
708 key_descriptor |= BIT(5);
709 }
710 key_descriptor |= (key_type | BIT(13) | (key_id << 14));
711
712 set_key->desc_word[0] = cpu_to_le16((sizeof(struct rsi_set_key) -
713 FRAME_DESC_SZ) |
714 (RSI_WIFI_MGMT_Q << 12));
715 set_key->desc_word[1] = cpu_to_le16(SET_KEY_REQ);
716 set_key->desc_word[4] = cpu_to_le16(key_descriptor);
717
718 if ((cipher == WLAN_CIPHER_SUITE_WEP40) ||
719 (cipher == WLAN_CIPHER_SUITE_WEP104)) {
720 memcpy(&set_key->key[key_id][1],
721 data,
722 key_len * 2);
723 } else {
724 memcpy(&set_key->key[0][0], data, key_len);
725 }
726
727 memcpy(set_key->tx_mic_key, &data[16], 8);
728 memcpy(set_key->rx_mic_key, &data[24], 8);
729
730 skb_put(skb, sizeof(struct rsi_set_key));
731
732 return rsi_send_internal_mgmt_frame(common, skb);
733}
734
735/*
736 * rsi_load_bootup_params() - This function send bootup params to the firmware.
737 * @common: Pointer to the driver private structure.
738 *
739 * Return: 0 on success, corresponding error code on failure.
740 */
741static u8 rsi_load_bootup_params(struct rsi_common *common)
742{
743 struct sk_buff *skb;
744 struct rsi_boot_params *boot_params;
745
746 rsi_dbg(MGMT_TX_ZONE, "%s: Sending boot params frame\n", __func__);
747 skb = dev_alloc_skb(sizeof(struct rsi_boot_params));
748 if (!skb) {
749 rsi_dbg(ERR_ZONE, "%s: Failed in allocation of skb\n",
750 __func__);
751 return -ENOMEM;
752 }
753
754 memset(skb->data, 0, sizeof(struct rsi_boot_params));
755 boot_params = (struct rsi_boot_params *)skb->data;
756
757 rsi_dbg(MGMT_TX_ZONE, "%s:\n", __func__);
758
759 if (common->channel_width == BW_40MHZ) {
760 memcpy(&boot_params->bootup_params,
761 &boot_params_40,
762 sizeof(struct bootup_params));
763 rsi_dbg(MGMT_TX_ZONE, "%s: Packet 40MHZ <=== %d\n", __func__,
764 UMAC_CLK_40BW);
765 boot_params->desc_word[7] = cpu_to_le16(UMAC_CLK_40BW);
766 } else {
767 memcpy(&boot_params->bootup_params,
768 &boot_params_20,
769 sizeof(struct bootup_params));
770 if (boot_params_20.valid != cpu_to_le32(VALID_20)) {
771 boot_params->desc_word[7] = cpu_to_le16(UMAC_CLK_20BW);
772 rsi_dbg(MGMT_TX_ZONE,
773 "%s: Packet 20MHZ <=== %d\n", __func__,
774 UMAC_CLK_20BW);
775 } else {
776 boot_params->desc_word[7] = cpu_to_le16(UMAC_CLK_40MHZ);
777 rsi_dbg(MGMT_TX_ZONE,
778 "%s: Packet 20MHZ <=== %d\n", __func__,
779 UMAC_CLK_40MHZ);
780 }
781 }
782
783 /**
784 * Bit{0:11} indicates length of the Packet
785 * Bit{12:15} indicates host queue number
786 */
787 boot_params->desc_word[0] = cpu_to_le16(sizeof(struct bootup_params) |
788 (RSI_WIFI_MGMT_Q << 12));
789 boot_params->desc_word[1] = cpu_to_le16(BOOTUP_PARAMS_REQUEST);
790
791 skb_put(skb, sizeof(struct rsi_boot_params));
792
793 return rsi_send_internal_mgmt_frame(common, skb);
794}
795
796/**
797 * rsi_send_reset_mac() - This function prepares reset MAC request and sends an
798 * internal management frame to indicate it to firmware.
799 * @common: Pointer to the driver private structure.
800 *
801 * Return: 0 on success, corresponding error code on failure.
802 */
803static int rsi_send_reset_mac(struct rsi_common *common)
804{
805 struct sk_buff *skb;
806 struct rsi_mac_frame *mgmt_frame;
807
808 rsi_dbg(MGMT_TX_ZONE, "%s: Sending reset MAC frame\n", __func__);
809
810 skb = dev_alloc_skb(FRAME_DESC_SZ);
811 if (!skb) {
812 rsi_dbg(ERR_ZONE, "%s: Failed in allocation of skb\n",
813 __func__);
814 return -ENOMEM;
815 }
816
817 memset(skb->data, 0, FRAME_DESC_SZ);
818 mgmt_frame = (struct rsi_mac_frame *)skb->data;
819
820 mgmt_frame->desc_word[0] = cpu_to_le16(RSI_WIFI_MGMT_Q << 12);
821 mgmt_frame->desc_word[1] = cpu_to_le16(RESET_MAC_REQ);
822 mgmt_frame->desc_word[4] = cpu_to_le16(RETRY_COUNT << 8);
823
824 skb_put(skb, FRAME_DESC_SZ);
825
826 return rsi_send_internal_mgmt_frame(common, skb);
827}
828
829/**
830 * rsi_set_channel() - This function programs the channel.
831 * @common: Pointer to the driver private structure.
832 * @channel: Channel value to be set.
833 *
834 * Return: 0 on success, corresponding error code on failure.
835 */
836int rsi_set_channel(struct rsi_common *common, u16 channel)
837{
838 struct sk_buff *skb = NULL;
839 struct rsi_mac_frame *mgmt_frame;
840
841 rsi_dbg(MGMT_TX_ZONE,
842 "%s: Sending scan req frame\n", __func__);
843
844 skb = dev_alloc_skb(FRAME_DESC_SZ);
845 if (!skb) {
846 rsi_dbg(ERR_ZONE, "%s: Failed in allocation of skb\n",
847 __func__);
848 return -ENOMEM;
849 }
850
851 memset(skb->data, 0, FRAME_DESC_SZ);
852 mgmt_frame = (struct rsi_mac_frame *)skb->data;
853
854 if (common->band == IEEE80211_BAND_5GHZ) {
855 if ((channel >= 36) && (channel <= 64))
856 channel = ((channel - 32) / 4);
857 else if ((channel > 64) && (channel <= 140))
858 channel = ((channel - 102) / 4) + 8;
859 else if (channel >= 149)
860 channel = ((channel - 151) / 4) + 18;
861 else
862 return -EINVAL;
863 } else {
864 if (channel > 14) {
865 rsi_dbg(ERR_ZONE, "%s: Invalid chno %d, band = %d\n",
866 __func__, channel, common->band);
867 return -EINVAL;
868 }
869 }
870
871 mgmt_frame->desc_word[0] = cpu_to_le16(RSI_WIFI_MGMT_Q << 12);
872 mgmt_frame->desc_word[1] = cpu_to_le16(SCAN_REQUEST);
873 mgmt_frame->desc_word[4] = cpu_to_le16(channel);
874
875 mgmt_frame->desc_word[7] = cpu_to_le16(PUT_BBP_RESET |
876 BBP_REG_WRITE |
877 (RSI_RF_TYPE << 4));
878
879 mgmt_frame->desc_word[5] = cpu_to_le16(0x01);
880
881 if (common->channel_width == BW_40MHZ)
882 mgmt_frame->desc_word[5] |= cpu_to_le16(0x1 << 8);
883
884 common->channel = channel;
885
886 skb_put(skb, FRAME_DESC_SZ);
887
888 return rsi_send_internal_mgmt_frame(common, skb);
889}
890
891/**
892 * rsi_compare() - This function is used to compare two integers
893 * @a: pointer to the first integer
894 * @b: pointer to the second integer
895 *
896 * Return: 0 if both are equal, -1 if the first is smaller, else 1
897 */
898static int rsi_compare(const void *a, const void *b)
899{
900 u16 _a = *(const u16 *)(a);
901 u16 _b = *(const u16 *)(b);
902
903 if (_a > _b)
904 return -1;
905
906 if (_a < _b)
907 return 1;
908
909 return 0;
910}
911
912/**
913 * rsi_map_rates() - This function is used to map selected rates to hw rates.
914 * @rate: The standard rate to be mapped.
915 * @offset: Offset that will be returned.
916 *
917 * Return: 0 if it is a mcs rate, else 1
918 */
919static bool rsi_map_rates(u16 rate, int *offset)
920{
921 int kk;
922 for (kk = 0; kk < ARRAY_SIZE(rsi_mcsrates); kk++) {
923 if (rate == mcs[kk]) {
924 *offset = kk;
925 return false;
926 }
927 }
928
929 for (kk = 0; kk < ARRAY_SIZE(rsi_rates); kk++) {
930 if (rate == rsi_rates[kk].bitrate / 5) {
931 *offset = kk;
932 break;
933 }
934 }
935 return true;
936}
937
938/**
939 * rsi_send_auto_rate_request() - This function is to set rates for connection
940 * and send autorate request to firmware.
941 * @common: Pointer to the driver private structure.
942 *
943 * Return: 0 on success, corresponding error code on failure.
944 */
945static int rsi_send_auto_rate_request(struct rsi_common *common)
946{
947 struct sk_buff *skb;
948 struct rsi_auto_rate *auto_rate;
949 int ii = 0, jj = 0, kk = 0;
950 struct ieee80211_hw *hw = common->priv->hw;
951 u8 band = hw->conf.chandef.chan->band;
952 u8 num_supported_rates = 0;
953 u8 rate_offset = 0;
954 u32 rate_bitmap = common->bitrate_mask[band];
955
956 u16 *selected_rates, min_rate;
957
958 skb = dev_alloc_skb(sizeof(struct rsi_auto_rate));
959 if (!skb) {
960 rsi_dbg(ERR_ZONE, "%s: Failed in allocation of skb\n",
961 __func__);
962 return -ENOMEM;
963 }
964
965 selected_rates = kmalloc(2 * RSI_TBL_SZ, GFP_KERNEL);
966 if (!selected_rates) {
967 rsi_dbg(ERR_ZONE, "%s: Failed in allocation of mem\n",
968 __func__);
969 return -ENOMEM;
970 }
971
972 memset(skb->data, 0, sizeof(struct rsi_auto_rate));
973 memset(selected_rates, 0, 2 * RSI_TBL_SZ);
974
975 auto_rate = (struct rsi_auto_rate *)skb->data;
976
977 auto_rate->aarf_rssi = cpu_to_le16(((u16)3 << 6) | (u16)(18 & 0x3f));
978 auto_rate->collision_tolerance = cpu_to_le16(3);
979 auto_rate->failure_limit = cpu_to_le16(3);
980 auto_rate->initial_boundary = cpu_to_le16(3);
981 auto_rate->max_threshold_limt = cpu_to_le16(27);
982
983 auto_rate->desc_word[1] = cpu_to_le16(AUTO_RATE_IND);
984
985 if (common->channel_width == BW_40MHZ)
986 auto_rate->desc_word[7] |= cpu_to_le16(1);
987
988 if (band == IEEE80211_BAND_2GHZ)
989 min_rate = STD_RATE_01;
990 else
991 min_rate = STD_RATE_06;
992
993 for (ii = 0, jj = 0; ii < ARRAY_SIZE(rsi_rates); ii++) {
994 if (rate_bitmap & BIT(ii)) {
995 selected_rates[jj++] = (rsi_rates[ii].bitrate / 5);
996 rate_offset++;
997 }
998 }
999 num_supported_rates = jj;
1000
1001 if (common->vif_info[0].is_ht) {
1002 for (ii = 0; ii < ARRAY_SIZE(mcs); ii++)
1003 selected_rates[jj++] = mcs[ii];
1004 num_supported_rates += ARRAY_SIZE(mcs);
1005 rate_offset += ARRAY_SIZE(mcs);
1006 }
1007
1008 if (rate_offset < (RSI_TBL_SZ / 2) - 1) {
1009 for (ii = jj; ii < (RSI_TBL_SZ / 2); ii++) {
1010 selected_rates[jj++] = min_rate;
1011 rate_offset++;
1012 }
1013 }
1014
1015 sort(selected_rates, jj, sizeof(u16), &rsi_compare, NULL);
1016
1017 /* mapping the rates to RSI rates */
1018 for (ii = 0; ii < jj; ii++) {
1019 if (rsi_map_rates(selected_rates[ii], &kk)) {
1020 auto_rate->supported_rates[ii] =
1021 cpu_to_le16(rsi_rates[kk].hw_value);
1022 } else {
1023 auto_rate->supported_rates[ii] =
1024 cpu_to_le16(rsi_mcsrates[kk]);
1025 }
1026 }
1027
1028 /* loading HT rates in the bottom half of the auto rate table */
1029 if (common->vif_info[0].is_ht) {
1030 if (common->vif_info[0].sgi)
1031 auto_rate->supported_rates[rate_offset++] =
1032 cpu_to_le16(RSI_RATE_MCS7_SG);
1033
1034 for (ii = rate_offset, kk = ARRAY_SIZE(rsi_mcsrates) - 1;
1035 ii < rate_offset + 2 * ARRAY_SIZE(rsi_mcsrates); ii++) {
1036 if (common->vif_info[0].sgi)
1037 auto_rate->supported_rates[ii++] =
1038 cpu_to_le16(rsi_mcsrates[kk] | BIT(9));
1039 auto_rate->supported_rates[ii] =
1040 cpu_to_le16(rsi_mcsrates[kk--]);
1041 }
1042
1043 for (; ii < RSI_TBL_SZ; ii++) {
1044 auto_rate->supported_rates[ii] =
1045 cpu_to_le16(rsi_mcsrates[0]);
1046 }
1047 }
1048
1049 auto_rate->num_supported_rates = cpu_to_le16(num_supported_rates * 2);
1050 auto_rate->moderate_rate_inx = cpu_to_le16(num_supported_rates / 2);
1051 auto_rate->desc_word[7] |= cpu_to_le16(0 << 8);
1052 num_supported_rates *= 2;
1053
1054 auto_rate->desc_word[0] = cpu_to_le16((sizeof(*auto_rate) -
1055 FRAME_DESC_SZ) |
1056 (RSI_WIFI_MGMT_Q << 12));
1057
1058 skb_put(skb,
1059 sizeof(struct rsi_auto_rate));
1060 kfree(selected_rates);
1061
1062 return rsi_send_internal_mgmt_frame(common, skb);
1063}
1064
1065/**
1066 * rsi_inform_bss_status() - This function informs about bss status with the
1067 * help of sta notify params by sending an internal
1068 * management frame to firmware.
1069 * @common: Pointer to the driver private structure.
1070 * @status: Bss status type.
1071 * @bssid: Bssid.
1072 * @qos_enable: Qos is enabled.
1073 * @aid: Aid (unique for all STAs).
1074 *
1075 * Return: None.
1076 */
1077void rsi_inform_bss_status(struct rsi_common *common,
1078 u8 status,
1079 const unsigned char *bssid,
1080 u8 qos_enable,
1081 u16 aid)
1082{
1083 if (status) {
1084 rsi_hal_send_sta_notify_frame(common,
1085 NL80211_IFTYPE_STATION,
1086 STA_CONNECTED,
1087 bssid,
1088 qos_enable,
1089 aid);
1090 if (common->min_rate == 0xffff)
1091 rsi_send_auto_rate_request(common);
1092 } else {
1093 rsi_hal_send_sta_notify_frame(common,
1094 NL80211_IFTYPE_STATION,
1095 STA_DISCONNECTED,
1096 bssid,
1097 qos_enable,
1098 aid);
1099 }
1100}
1101
1102/**
1103 * rsi_eeprom_read() - This function sends a frame to read the mac address
1104 * from the eeprom.
1105 * @common: Pointer to the driver private structure.
1106 *
1107 * Return: 0 on success, -1 on failure.
1108 */
1109static int rsi_eeprom_read(struct rsi_common *common)
1110{
1111 struct rsi_mac_frame *mgmt_frame;
1112 struct sk_buff *skb;
1113
1114 rsi_dbg(MGMT_TX_ZONE, "%s: Sending EEPROM read req frame\n", __func__);
1115
1116 skb = dev_alloc_skb(FRAME_DESC_SZ);
1117 if (!skb) {
1118 rsi_dbg(ERR_ZONE, "%s: Failed in allocation of skb\n",
1119 __func__);
1120 return -ENOMEM;
1121 }
1122
1123 memset(skb->data, 0, FRAME_DESC_SZ);
1124 mgmt_frame = (struct rsi_mac_frame *)skb->data;
1125
1126 /* FrameType */
1127 mgmt_frame->desc_word[1] = cpu_to_le16(EEPROM_READ_TYPE);
1128 mgmt_frame->desc_word[0] = cpu_to_le16(RSI_WIFI_MGMT_Q << 12);
1129 /* Number of bytes to read */
1130 mgmt_frame->desc_word[3] = cpu_to_le16(ETH_ALEN +
1131 WLAN_MAC_MAGIC_WORD_LEN +
1132 WLAN_HOST_MODE_LEN +
1133 WLAN_FW_VERSION_LEN);
1134 /* Address to read */
1135 mgmt_frame->desc_word[4] = cpu_to_le16(WLAN_MAC_EEPROM_ADDR);
1136
1137 skb_put(skb, FRAME_DESC_SZ);
1138
1139 return rsi_send_internal_mgmt_frame(common, skb);
1140}
1141
1142/**
1143 * rsi_handle_ta_confirm_type() - This function handles the confirm frames.
1144 * @common: Pointer to the driver private structure.
1145 * @msg: Pointer to received packet.
1146 *
1147 * Return: 0 on success, -1 on failure.
1148 */
1149static int rsi_handle_ta_confirm_type(struct rsi_common *common,
1150 u8 *msg)
1151{
1152 u8 sub_type = (msg[15] & 0xff);
1153
1154 switch (sub_type) {
1155 case BOOTUP_PARAMS_REQUEST:
1156 rsi_dbg(FSM_ZONE, "%s: Boot up params confirm received\n",
1157 __func__);
1158 if (common->fsm_state == FSM_BOOT_PARAMS_SENT) {
1159 if (rsi_eeprom_read(common)) {
1160 common->fsm_state = FSM_CARD_NOT_READY;
1161 goto out;
1162 } else {
1163 common->fsm_state = FSM_EEPROM_READ_MAC_ADDR;
1164 }
1165 } else {
1166 rsi_dbg(ERR_ZONE,
1167 "%s: Received bootup params cfm in %d state\n",
1168 __func__, common->fsm_state);
1169 return 0;
1170 }
1171 break;
1172
1173 case EEPROM_READ_TYPE:
1174 if (common->fsm_state == FSM_EEPROM_READ_MAC_ADDR) {
1175 if (msg[16] == MAGIC_WORD) {
1176 u8 offset = (FRAME_DESC_SZ + WLAN_HOST_MODE_LEN
1177 + WLAN_MAC_MAGIC_WORD_LEN);
1178 memcpy(common->mac_addr,
1179 &msg[offset],
1180 ETH_ALEN);
1181 memcpy(&common->fw_ver,
1182 &msg[offset + ETH_ALEN],
1183 sizeof(struct version_info));
1184
1185 } else {
1186 common->fsm_state = FSM_CARD_NOT_READY;
1187 break;
1188 }
1189 if (rsi_send_reset_mac(common))
1190 goto out;
1191 else
1192 common->fsm_state = FSM_RESET_MAC_SENT;
1193 } else {
1194 rsi_dbg(ERR_ZONE,
1195 "%s: Received eeprom mac addr in %d state\n",
1196 __func__, common->fsm_state);
1197 return 0;
1198 }
1199 break;
1200
1201 case RESET_MAC_REQ:
1202 if (common->fsm_state == FSM_RESET_MAC_SENT) {
1203 rsi_dbg(FSM_ZONE, "%s: Reset MAC cfm received\n",
1204 __func__);
1205
1206 if (rsi_load_radio_caps(common))
1207 goto out;
1208 else
1209 common->fsm_state = FSM_RADIO_CAPS_SENT;
1210 } else {
1211 rsi_dbg(ERR_ZONE,
1212 "%s: Received reset mac cfm in %d state\n",
1213 __func__, common->fsm_state);
1214 return 0;
1215 }
1216 break;
1217
1218 case RADIO_CAPABILITIES:
1219 if (common->fsm_state == FSM_RADIO_CAPS_SENT) {
1220 common->rf_reset = 1;
1221 if (rsi_program_bb_rf(common)) {
1222 goto out;
1223 } else {
1224 common->fsm_state = FSM_BB_RF_PROG_SENT;
1225 rsi_dbg(FSM_ZONE, "%s: Radio cap cfm received\n",
1226 __func__);
1227 }
1228 } else {
1229 rsi_dbg(ERR_ZONE,
1230 "%s: Received radio caps cfm in %d state\n",
1231 __func__, common->fsm_state);
1232 return 0;
1233 }
1234 break;
1235
1236 case BB_PROG_VALUES_REQUEST:
1237 case RF_PROG_VALUES_REQUEST:
1238 case BBP_PROG_IN_TA:
1239 rsi_dbg(FSM_ZONE, "%s: BB/RF cfm received\n", __func__);
1240 if (common->fsm_state == FSM_BB_RF_PROG_SENT) {
1241 common->bb_rf_prog_count--;
1242 if (!common->bb_rf_prog_count) {
1243 common->fsm_state = FSM_MAC_INIT_DONE;
1244 return rsi_mac80211_attach(common);
1245 }
1246 } else {
1247 goto out;
1248 }
1249 break;
1250
1251 default:
1252 rsi_dbg(INFO_ZONE, "%s: Invalid TA confirm pkt received\n",
1253 __func__);
1254 break;
1255 }
1256 return 0;
1257out:
1258 rsi_dbg(ERR_ZONE, "%s: Unable to send pkt/Invalid frame received\n",
1259 __func__);
1260 return -EINVAL;
1261}
1262
1263/**
1264 * rsi_mgmt_pkt_recv() - This function processes the management packets
1265 * recieved from the hardware.
1266 * @common: Pointer to the driver private structure.
1267 * @msg: Pointer to the received packet.
1268 *
1269 * Return: 0 on success, -1 on failure.
1270 */
1271int rsi_mgmt_pkt_recv(struct rsi_common *common, u8 *msg)
1272{
1273 s32 msg_len = (le16_to_cpu(*(__le16 *)&msg[0]) & 0x0fff);
1274 u16 msg_type = (msg[2]);
1275
1276 rsi_dbg(FSM_ZONE, "%s: Msg Len: %d, Msg Type: %4x\n",
1277 __func__, msg_len, msg_type);
1278
1279 if (msg_type == TA_CONFIRM_TYPE) {
1280 return rsi_handle_ta_confirm_type(common, msg);
1281 } else if (msg_type == CARD_READY_IND) {
1282 rsi_dbg(FSM_ZONE, "%s: Card ready indication received\n",
1283 __func__);
1284 if (common->fsm_state == FSM_CARD_NOT_READY) {
1285 rsi_set_default_parameters(common);
1286
1287 if (rsi_load_bootup_params(common))
1288 return -ENOMEM;
1289 else
1290 common->fsm_state = FSM_BOOT_PARAMS_SENT;
1291 } else {
1292 return -EINVAL;
1293 }
1294 } else if (msg_type == TX_STATUS_IND) {
3f3aa2fb 1295 if (msg[15] == PROBEREQ_CONFIRM) {
dad0d04f
FF		 1296 common->mgmt_q_block = false;
1297 rsi_dbg(FSM_ZONE, "%s: Probe confirm received\n",
1298 __func__);
3f3aa2fb 1299 }
dad0d04f
FF		 1300 } else {
1301 return rsi_mgmt_pkt_to_core(common, msg, msg_len, msg_type);
1302 }
1303 return 0;
1304}
Linux kernel - Deliverables
This page took 0.125288 seconds and 5 git commands to generate.