2 * This file contains the handling of command.
3 * It prepares command and sends it to firmware when it is ready.
6 #include <net/iw_handler.h>
7 #include <net/lib80211.h>
8 #include <linux/kfifo.h>
18 static struct cmd_ctrl_node *lbs_get_cmd_ctrl_node(struct lbs_private *priv);
21 * @brief Simple callback that copies response back into command
23 * @param priv A pointer to struct lbs_private structure
24 * @param extra A pointer to the original command structure for which
25 * 'resp' is a response
26 * @param resp A pointer to the command response
28 * @return 0 on success, error on failure
30 int lbs_cmd_copyback(struct lbs_private *priv, unsigned long extra,
31 struct cmd_header *resp)
33 struct cmd_header *buf = (void *)extra;
36 copy_len = min(le16_to_cpu(buf->size), le16_to_cpu(resp->size));
37 memcpy(buf, resp, copy_len);
40 EXPORT_SYMBOL_GPL(lbs_cmd_copyback);
43 * @brief Simple callback that ignores the result. Use this if
44 * you just want to send a command to the hardware, but don't
45 * care for the result.
48 * @param extra ignored
51 * @return 0 for success
53 static int lbs_cmd_async_callback(struct lbs_private *priv, unsigned long extra,
54 struct cmd_header *resp)
61 * @brief Checks whether a command is allowed in Power Save mode
63 * @param command the command ID
64 * @return 1 if allowed, 0 if not allowed
66 static u8 is_command_allowed_in_ps(u16 cmd)
78 * @brief Updates the hardware details like MAC address and regulatory region
80 * @param priv A pointer to struct lbs_private structure
82 * @return 0 on success, error on failure
84 int lbs_update_hw_spec(struct lbs_private *priv)
86 struct cmd_ds_get_hw_spec cmd;
90 lbs_deb_enter(LBS_DEB_CMD);
92 memset(&cmd, 0, sizeof(cmd));
93 cmd.hdr.size = cpu_to_le16(sizeof(cmd));
94 memcpy(cmd.permanentaddr, priv->current_addr, ETH_ALEN);
95 ret = lbs_cmd_with_response(priv, CMD_GET_HW_SPEC, &cmd);
99 priv->fwcapinfo = le32_to_cpu(cmd.fwcapinfo);
101 /* The firmware release is in an interesting format: the patch
102 * level is in the most significant nibble ... so fix that: */
103 priv->fwrelease = le32_to_cpu(cmd.fwrelease);
104 priv->fwrelease = (priv->fwrelease << 8) |
105 (priv->fwrelease >> 24 & 0xff);
107 /* Some firmware capabilities:
108 * CF card firmware 5.0.16p0: cap 0x00000303
109 * USB dongle firmware 5.110.17p2: cap 0x00000303
111 lbs_pr_info("%pM, fw %u.%u.%up%u, cap 0x%08x\n",
113 priv->fwrelease >> 24 & 0xff,
114 priv->fwrelease >> 16 & 0xff,
115 priv->fwrelease >> 8 & 0xff,
116 priv->fwrelease & 0xff,
118 lbs_deb_cmd("GET_HW_SPEC: hardware interface 0x%x, hardware spec 0x%04x\n",
119 cmd.hwifversion, cmd.version);
121 /* Determine mesh_fw_ver from fwrelease and fwcapinfo */
122 /* 5.0.16p0 9.0.0.p0 is known to NOT support any mesh */
123 /* 5.110.22 have mesh command with 0xa3 command id */
124 /* 10.0.0.p0 FW brings in mesh config command with different id */
125 /* Check FW version MSB and initialize mesh_fw_ver */
126 if (MRVL_FW_MAJOR_REV(priv->fwrelease) == MRVL_FW_V5)
127 priv->mesh_fw_ver = MESH_FW_OLD;
128 else if ((MRVL_FW_MAJOR_REV(priv->fwrelease) >= MRVL_FW_V10) &&
129 (priv->fwcapinfo & MESH_CAPINFO_ENABLE_MASK))
130 priv->mesh_fw_ver = MESH_FW_NEW;
132 priv->mesh_fw_ver = MESH_NONE;
134 /* Clamp region code to 8-bit since FW spec indicates that it should
135 * only ever be 8-bit, even though the field size is 16-bit. Some firmware
136 * returns non-zero high 8 bits here.
138 * Firmware version 4.0.102 used in CF8381 has region code shifted. We
139 * need to check for this problem and handle it properly.
141 if (MRVL_FW_MAJOR_REV(priv->fwrelease) == MRVL_FW_V4)
142 priv->regioncode = (le16_to_cpu(cmd.regioncode) >> 8) & 0xFF;
144 priv->regioncode = le16_to_cpu(cmd.regioncode) & 0xFF;
146 for (i = 0; i < MRVDRV_MAX_REGION_CODE; i++) {
147 /* use the region code to search for the index */
148 if (priv->regioncode == lbs_region_code_to_index[i])
152 /* if it's unidentified region code, use the default (USA) */
153 if (i >= MRVDRV_MAX_REGION_CODE) {
154 priv->regioncode = 0x10;
155 lbs_pr_info("unidentified region code; using the default (USA)\n");
158 if (priv->current_addr[0] == 0xff)
159 memmove(priv->current_addr, cmd.permanentaddr, ETH_ALEN);
161 memcpy(priv->dev->dev_addr, priv->current_addr, ETH_ALEN);
163 memcpy(priv->mesh_dev->dev_addr, priv->current_addr, ETH_ALEN);
165 if (lbs_set_regiontable(priv, priv->regioncode, 0)) {
170 if (lbs_set_universaltable(priv, 0)) {
176 lbs_deb_leave(LBS_DEB_CMD);
180 int lbs_host_sleep_cfg(struct lbs_private *priv, uint32_t criteria,
181 struct wol_config *p_wol_config)
183 struct cmd_ds_host_sleep cmd_config;
186 cmd_config.hdr.size = cpu_to_le16(sizeof(cmd_config));
187 cmd_config.criteria = cpu_to_le32(criteria);
188 cmd_config.gpio = priv->wol_gpio;
189 cmd_config.gap = priv->wol_gap;
191 if (p_wol_config != NULL)
192 memcpy((uint8_t *)&cmd_config.wol_conf, (uint8_t *)p_wol_config,
193 sizeof(struct wol_config));
195 cmd_config.wol_conf.action = CMD_ACT_ACTION_NONE;
197 ret = lbs_cmd_with_response(priv, CMD_802_11_HOST_SLEEP_CFG, &cmd_config);
200 lbs_deb_cmd("Set WOL criteria to %x\n", criteria);
201 priv->wol_criteria = criteria;
203 memcpy((uint8_t *) p_wol_config,
204 (uint8_t *)&cmd_config.wol_conf,
205 sizeof(struct wol_config));
207 lbs_pr_info("HOST_SLEEP_CFG failed %d\n", ret);
212 EXPORT_SYMBOL_GPL(lbs_host_sleep_cfg);
214 static int lbs_cmd_802_11_ps_mode(struct cmd_ds_command *cmd,
217 struct cmd_ds_802_11_ps_mode *psm = &cmd->params.psmode;
219 lbs_deb_enter(LBS_DEB_CMD);
221 cmd->command = cpu_to_le16(CMD_802_11_PS_MODE);
222 cmd->size = cpu_to_le16(sizeof(struct cmd_ds_802_11_ps_mode) +
224 psm->action = cpu_to_le16(cmd_action);
225 psm->multipledtim = 0;
226 switch (cmd_action) {
227 case CMD_SUBCMD_ENTER_PS:
228 lbs_deb_cmd("PS command:" "SubCode- Enter PS\n");
230 psm->locallisteninterval = 0;
231 psm->nullpktinterval = 0;
233 cpu_to_le16(MRVDRV_DEFAULT_MULTIPLE_DTIM);
236 case CMD_SUBCMD_EXIT_PS:
237 lbs_deb_cmd("PS command:" "SubCode- Exit PS\n");
240 case CMD_SUBCMD_SLEEP_CONFIRMED:
241 lbs_deb_cmd("PS command: SubCode- sleep confirm\n");
248 lbs_deb_leave(LBS_DEB_CMD);
252 int lbs_cmd_802_11_inactivity_timeout(struct lbs_private *priv,
253 uint16_t cmd_action, uint16_t *timeout)
255 struct cmd_ds_802_11_inactivity_timeout cmd;
258 lbs_deb_enter(LBS_DEB_CMD);
260 cmd.hdr.command = cpu_to_le16(CMD_802_11_INACTIVITY_TIMEOUT);
261 cmd.hdr.size = cpu_to_le16(sizeof(cmd));
263 cmd.action = cpu_to_le16(cmd_action);
265 if (cmd_action == CMD_ACT_SET)
266 cmd.timeout = cpu_to_le16(*timeout);
270 ret = lbs_cmd_with_response(priv, CMD_802_11_INACTIVITY_TIMEOUT, &cmd);
273 *timeout = le16_to_cpu(cmd.timeout);
275 lbs_deb_leave_args(LBS_DEB_CMD, "ret %d", ret);
279 int lbs_cmd_802_11_sleep_params(struct lbs_private *priv, uint16_t cmd_action,
280 struct sleep_params *sp)
282 struct cmd_ds_802_11_sleep_params cmd;
285 lbs_deb_enter(LBS_DEB_CMD);
287 if (cmd_action == CMD_ACT_GET) {
288 memset(&cmd, 0, sizeof(cmd));
290 cmd.error = cpu_to_le16(sp->sp_error);
291 cmd.offset = cpu_to_le16(sp->sp_offset);
292 cmd.stabletime = cpu_to_le16(sp->sp_stabletime);
293 cmd.calcontrol = sp->sp_calcontrol;
294 cmd.externalsleepclk = sp->sp_extsleepclk;
295 cmd.reserved = cpu_to_le16(sp->sp_reserved);
297 cmd.hdr.size = cpu_to_le16(sizeof(cmd));
298 cmd.action = cpu_to_le16(cmd_action);
300 ret = lbs_cmd_with_response(priv, CMD_802_11_SLEEP_PARAMS, &cmd);
303 lbs_deb_cmd("error 0x%x, offset 0x%x, stabletime 0x%x, "
304 "calcontrol 0x%x extsleepclk 0x%x\n",
305 le16_to_cpu(cmd.error), le16_to_cpu(cmd.offset),
306 le16_to_cpu(cmd.stabletime), cmd.calcontrol,
307 cmd.externalsleepclk);
309 sp->sp_error = le16_to_cpu(cmd.error);
310 sp->sp_offset = le16_to_cpu(cmd.offset);
311 sp->sp_stabletime = le16_to_cpu(cmd.stabletime);
312 sp->sp_calcontrol = cmd.calcontrol;
313 sp->sp_extsleepclk = cmd.externalsleepclk;
314 sp->sp_reserved = le16_to_cpu(cmd.reserved);
317 lbs_deb_leave_args(LBS_DEB_CMD, "ret %d", ret);
321 static int lbs_wait_for_ds_awake(struct lbs_private *priv)
325 lbs_deb_enter(LBS_DEB_CMD);
327 if (priv->is_deep_sleep) {
328 if (!wait_event_interruptible_timeout(priv->ds_awake_q,
329 !priv->is_deep_sleep, (10 * HZ))) {
330 lbs_pr_err("ds_awake_q: timer expired\n");
335 lbs_deb_leave_args(LBS_DEB_CMD, "ret %d", ret);
339 int lbs_set_deep_sleep(struct lbs_private *priv, int deep_sleep)
343 lbs_deb_enter(LBS_DEB_CMD);
346 if (priv->is_deep_sleep != 1) {
347 lbs_deb_cmd("deep sleep: sleep\n");
348 BUG_ON(!priv->enter_deep_sleep);
349 ret = priv->enter_deep_sleep(priv);
351 netif_stop_queue(priv->dev);
352 netif_carrier_off(priv->dev);
355 lbs_pr_err("deep sleep: already enabled\n");
358 if (priv->is_deep_sleep) {
359 lbs_deb_cmd("deep sleep: wakeup\n");
360 BUG_ON(!priv->exit_deep_sleep);
361 ret = priv->exit_deep_sleep(priv);
363 ret = lbs_wait_for_ds_awake(priv);
365 lbs_pr_err("deep sleep: wakeup"
371 lbs_deb_leave_args(LBS_DEB_CMD, "ret %d", ret);
375 int lbs_cmd_802_11_set_wep(struct lbs_private *priv, uint16_t cmd_action,
376 struct assoc_request *assoc)
378 struct cmd_ds_802_11_set_wep cmd;
381 lbs_deb_enter(LBS_DEB_CMD);
383 memset(&cmd, 0, sizeof(cmd));
384 cmd.hdr.command = cpu_to_le16(CMD_802_11_SET_WEP);
385 cmd.hdr.size = cpu_to_le16(sizeof(cmd));
387 cmd.action = cpu_to_le16(cmd_action);
389 if (cmd_action == CMD_ACT_ADD) {
392 /* default tx key index */
393 cmd.keyindex = cpu_to_le16(assoc->wep_tx_keyidx &
394 CMD_WEP_KEY_INDEX_MASK);
396 /* Copy key types and material to host command structure */
397 for (i = 0; i < 4; i++) {
398 struct enc_key *pkey = &assoc->wep_keys[i];
402 cmd.keytype[i] = CMD_TYPE_WEP_40_BIT;
403 memmove(cmd.keymaterial[i], pkey->key, pkey->len);
404 lbs_deb_cmd("SET_WEP: add key %d (40 bit)\n", i);
406 case KEY_LEN_WEP_104:
407 cmd.keytype[i] = CMD_TYPE_WEP_104_BIT;
408 memmove(cmd.keymaterial[i], pkey->key, pkey->len);
409 lbs_deb_cmd("SET_WEP: add key %d (104 bit)\n", i);
414 lbs_deb_cmd("SET_WEP: invalid key %d, length %d\n",
421 } else if (cmd_action == CMD_ACT_REMOVE) {
422 /* ACT_REMOVE clears _all_ WEP keys */
424 /* default tx key index */
425 cmd.keyindex = cpu_to_le16(priv->wep_tx_keyidx &
426 CMD_WEP_KEY_INDEX_MASK);
427 lbs_deb_cmd("SET_WEP: remove key %d\n", priv->wep_tx_keyidx);
430 ret = lbs_cmd_with_response(priv, CMD_802_11_SET_WEP, &cmd);
432 lbs_deb_leave_args(LBS_DEB_CMD, "ret %d", ret);
436 int lbs_cmd_802_11_enable_rsn(struct lbs_private *priv, uint16_t cmd_action,
439 struct cmd_ds_802_11_enable_rsn cmd;
442 lbs_deb_enter(LBS_DEB_CMD);
444 cmd.hdr.size = cpu_to_le16(sizeof(cmd));
445 cmd.action = cpu_to_le16(cmd_action);
447 if (cmd_action == CMD_ACT_GET)
451 cmd.enable = cpu_to_le16(CMD_ENABLE_RSN);
453 cmd.enable = cpu_to_le16(CMD_DISABLE_RSN);
454 lbs_deb_cmd("ENABLE_RSN: %d\n", *enable);
457 ret = lbs_cmd_with_response(priv, CMD_802_11_ENABLE_RSN, &cmd);
458 if (!ret && cmd_action == CMD_ACT_GET)
459 *enable = le16_to_cpu(cmd.enable);
461 lbs_deb_leave_args(LBS_DEB_CMD, "ret %d", ret);
465 static void set_one_wpa_key(struct MrvlIEtype_keyParamSet *keyparam,
468 lbs_deb_enter(LBS_DEB_CMD);
470 if (key->flags & KEY_INFO_WPA_ENABLED)
471 keyparam->keyinfo |= cpu_to_le16(KEY_INFO_WPA_ENABLED);
472 if (key->flags & KEY_INFO_WPA_UNICAST)
473 keyparam->keyinfo |= cpu_to_le16(KEY_INFO_WPA_UNICAST);
474 if (key->flags & KEY_INFO_WPA_MCAST)
475 keyparam->keyinfo |= cpu_to_le16(KEY_INFO_WPA_MCAST);
477 keyparam->type = cpu_to_le16(TLV_TYPE_KEY_MATERIAL);
478 keyparam->keytypeid = cpu_to_le16(key->type);
479 keyparam->keylen = cpu_to_le16(key->len);
480 memcpy(keyparam->key, key->key, key->len);
482 /* Length field doesn't include the {type,length} header */
483 keyparam->length = cpu_to_le16(sizeof(*keyparam) - 4);
484 lbs_deb_leave(LBS_DEB_CMD);
487 int lbs_cmd_802_11_key_material(struct lbs_private *priv, uint16_t cmd_action,
488 struct assoc_request *assoc)
490 struct cmd_ds_802_11_key_material cmd;
494 lbs_deb_enter(LBS_DEB_CMD);
496 cmd.action = cpu_to_le16(cmd_action);
497 cmd.hdr.size = cpu_to_le16(sizeof(cmd));
499 if (cmd_action == CMD_ACT_GET) {
500 cmd.hdr.size = cpu_to_le16(S_DS_GEN + 2);
502 memset(cmd.keyParamSet, 0, sizeof(cmd.keyParamSet));
504 if (test_bit(ASSOC_FLAG_WPA_UCAST_KEY, &assoc->flags)) {
505 set_one_wpa_key(&cmd.keyParamSet[index],
506 &assoc->wpa_unicast_key);
510 if (test_bit(ASSOC_FLAG_WPA_MCAST_KEY, &assoc->flags)) {
511 set_one_wpa_key(&cmd.keyParamSet[index],
512 &assoc->wpa_mcast_key);
516 /* The common header and as many keys as we included */
517 cmd.hdr.size = cpu_to_le16(offsetof(typeof(cmd),
518 keyParamSet[index]));
520 ret = lbs_cmd_with_response(priv, CMD_802_11_KEY_MATERIAL, &cmd);
521 /* Copy the returned key to driver private data */
522 if (!ret && cmd_action == CMD_ACT_GET) {
523 void *buf_ptr = cmd.keyParamSet;
524 void *resp_end = &(&cmd)[1];
526 while (buf_ptr < resp_end) {
527 struct MrvlIEtype_keyParamSet *keyparam = buf_ptr;
529 uint16_t param_set_len = le16_to_cpu(keyparam->length);
530 uint16_t key_len = le16_to_cpu(keyparam->keylen);
531 uint16_t key_flags = le16_to_cpu(keyparam->keyinfo);
532 uint16_t key_type = le16_to_cpu(keyparam->keytypeid);
535 end = (void *)keyparam + sizeof(keyparam->type)
536 + sizeof(keyparam->length) + param_set_len;
538 /* Make sure we don't access past the end of the IEs */
542 if (key_flags & KEY_INFO_WPA_UNICAST)
543 key = &priv->wpa_unicast_key;
544 else if (key_flags & KEY_INFO_WPA_MCAST)
545 key = &priv->wpa_mcast_key;
549 /* Copy returned key into driver */
550 memset(key, 0, sizeof(struct enc_key));
551 if (key_len > sizeof(key->key))
553 key->type = key_type;
554 key->flags = key_flags;
556 memcpy(key->key, keyparam->key, key->len);
562 lbs_deb_leave_args(LBS_DEB_CMD, "ret %d", ret);
567 * @brief Set an SNMP MIB value
569 * @param priv A pointer to struct lbs_private structure
570 * @param oid The OID to set in the firmware
571 * @param val Value to set the OID to
573 * @return 0 on success, error on failure
575 int lbs_set_snmp_mib(struct lbs_private *priv, u32 oid, u16 val)
577 struct cmd_ds_802_11_snmp_mib cmd;
580 lbs_deb_enter(LBS_DEB_CMD);
582 memset(&cmd, 0, sizeof (cmd));
583 cmd.hdr.size = cpu_to_le16(sizeof(cmd));
584 cmd.action = cpu_to_le16(CMD_ACT_SET);
585 cmd.oid = cpu_to_le16((u16) oid);
588 case SNMP_MIB_OID_BSS_TYPE:
589 cmd.bufsize = cpu_to_le16(sizeof(u8));
590 cmd.value[0] = (val == IW_MODE_ADHOC) ? 2 : 1;
592 case SNMP_MIB_OID_11D_ENABLE:
593 case SNMP_MIB_OID_FRAG_THRESHOLD:
594 case SNMP_MIB_OID_RTS_THRESHOLD:
595 case SNMP_MIB_OID_SHORT_RETRY_LIMIT:
596 case SNMP_MIB_OID_LONG_RETRY_LIMIT:
597 cmd.bufsize = cpu_to_le16(sizeof(u16));
598 *((__le16 *)(&cmd.value)) = cpu_to_le16(val);
601 lbs_deb_cmd("SNMP_CMD: (set) unhandled OID 0x%x\n", oid);
606 lbs_deb_cmd("SNMP_CMD: (set) oid 0x%x, oid size 0x%x, value 0x%x\n",
607 le16_to_cpu(cmd.oid), le16_to_cpu(cmd.bufsize), val);
609 ret = lbs_cmd_with_response(priv, CMD_802_11_SNMP_MIB, &cmd);
612 lbs_deb_leave_args(LBS_DEB_CMD, "ret %d", ret);
617 * @brief Get an SNMP MIB value
619 * @param priv A pointer to struct lbs_private structure
620 * @param oid The OID to retrieve from the firmware
621 * @param out_val Location for the returned value
623 * @return 0 on success, error on failure
625 int lbs_get_snmp_mib(struct lbs_private *priv, u32 oid, u16 *out_val)
627 struct cmd_ds_802_11_snmp_mib cmd;
630 lbs_deb_enter(LBS_DEB_CMD);
632 memset(&cmd, 0, sizeof (cmd));
633 cmd.hdr.size = cpu_to_le16(sizeof(cmd));
634 cmd.action = cpu_to_le16(CMD_ACT_GET);
635 cmd.oid = cpu_to_le16(oid);
637 ret = lbs_cmd_with_response(priv, CMD_802_11_SNMP_MIB, &cmd);
641 switch (le16_to_cpu(cmd.bufsize)) {
643 if (oid == SNMP_MIB_OID_BSS_TYPE) {
644 if (cmd.value[0] == 2)
645 *out_val = IW_MODE_ADHOC;
647 *out_val = IW_MODE_INFRA;
649 *out_val = cmd.value[0];
652 *out_val = le16_to_cpu(*((__le16 *)(&cmd.value)));
655 lbs_deb_cmd("SNMP_CMD: (get) unhandled OID 0x%x size %d\n",
656 oid, le16_to_cpu(cmd.bufsize));
661 lbs_deb_leave_args(LBS_DEB_CMD, "ret %d", ret);
666 * @brief Get the min, max, and current TX power
668 * @param priv A pointer to struct lbs_private structure
669 * @param curlevel Current power level in dBm
670 * @param minlevel Minimum supported power level in dBm (optional)
671 * @param maxlevel Maximum supported power level in dBm (optional)
673 * @return 0 on success, error on failure
675 int lbs_get_tx_power(struct lbs_private *priv, s16 *curlevel, s16 *minlevel,
678 struct cmd_ds_802_11_rf_tx_power cmd;
681 lbs_deb_enter(LBS_DEB_CMD);
683 memset(&cmd, 0, sizeof(cmd));
684 cmd.hdr.size = cpu_to_le16(sizeof(cmd));
685 cmd.action = cpu_to_le16(CMD_ACT_GET);
687 ret = lbs_cmd_with_response(priv, CMD_802_11_RF_TX_POWER, &cmd);
689 *curlevel = le16_to_cpu(cmd.curlevel);
691 *minlevel = cmd.minlevel;
693 *maxlevel = cmd.maxlevel;
696 lbs_deb_leave(LBS_DEB_CMD);
701 * @brief Set the TX power
703 * @param priv A pointer to struct lbs_private structure
704 * @param dbm The desired power level in dBm
706 * @return 0 on success, error on failure
708 int lbs_set_tx_power(struct lbs_private *priv, s16 dbm)
710 struct cmd_ds_802_11_rf_tx_power cmd;
713 lbs_deb_enter(LBS_DEB_CMD);
715 memset(&cmd, 0, sizeof(cmd));
716 cmd.hdr.size = cpu_to_le16(sizeof(cmd));
717 cmd.action = cpu_to_le16(CMD_ACT_SET);
718 cmd.curlevel = cpu_to_le16(dbm);
720 lbs_deb_cmd("SET_RF_TX_POWER: %d dBm\n", dbm);
722 ret = lbs_cmd_with_response(priv, CMD_802_11_RF_TX_POWER, &cmd);
724 lbs_deb_leave(LBS_DEB_CMD);
728 static int lbs_cmd_802_11_monitor_mode(struct cmd_ds_command *cmd,
729 u16 cmd_action, void *pdata_buf)
731 struct cmd_ds_802_11_monitor_mode *monitor = &cmd->params.monitor;
733 cmd->command = cpu_to_le16(CMD_802_11_MONITOR_MODE);
735 cpu_to_le16(sizeof(struct cmd_ds_802_11_monitor_mode) +
738 monitor->action = cpu_to_le16(cmd_action);
739 if (cmd_action == CMD_ACT_SET) {
741 cpu_to_le16((u16) (*(u32 *) pdata_buf));
747 static __le16 lbs_rate_to_fw_bitmap(int rate, int lower_rates_ok)
767 int i = lbs_data_rate_to_fw_index(rate);
769 ratemask = (0x1fef >> (12 - i));
772 return cpu_to_le16(ratemask);
775 int lbs_cmd_802_11_rate_adapt_rateset(struct lbs_private *priv,
778 struct cmd_ds_802_11_rate_adapt_rateset cmd;
781 lbs_deb_enter(LBS_DEB_CMD);
783 if (!priv->cur_rate && !priv->enablehwauto)
786 cmd.hdr.size = cpu_to_le16(sizeof(cmd));
788 cmd.action = cpu_to_le16(cmd_action);
789 cmd.enablehwauto = cpu_to_le16(priv->enablehwauto);
790 cmd.bitmap = lbs_rate_to_fw_bitmap(priv->cur_rate, priv->enablehwauto);
791 ret = lbs_cmd_with_response(priv, CMD_802_11_RATE_ADAPT_RATESET, &cmd);
792 if (!ret && cmd_action == CMD_ACT_GET) {
793 priv->ratebitmap = le16_to_cpu(cmd.bitmap);
794 priv->enablehwauto = le16_to_cpu(cmd.enablehwauto);
797 lbs_deb_leave_args(LBS_DEB_CMD, "ret %d", ret);
800 EXPORT_SYMBOL_GPL(lbs_cmd_802_11_rate_adapt_rateset);
803 * @brief Set the data rate
805 * @param priv A pointer to struct lbs_private structure
806 * @param rate The desired data rate, or 0 to clear a locked rate
808 * @return 0 on success, error on failure
810 int lbs_set_data_rate(struct lbs_private *priv, u8 rate)
812 struct cmd_ds_802_11_data_rate cmd;
815 lbs_deb_enter(LBS_DEB_CMD);
817 memset(&cmd, 0, sizeof(cmd));
818 cmd.hdr.size = cpu_to_le16(sizeof(cmd));
821 cmd.action = cpu_to_le16(CMD_ACT_SET_TX_FIX_RATE);
822 cmd.rates[0] = lbs_data_rate_to_fw_index(rate);
823 if (cmd.rates[0] == 0) {
824 lbs_deb_cmd("DATA_RATE: invalid requested rate of"
829 lbs_deb_cmd("DATA_RATE: set fixed 0x%02X\n", cmd.rates[0]);
831 cmd.action = cpu_to_le16(CMD_ACT_SET_TX_AUTO);
832 lbs_deb_cmd("DATA_RATE: setting auto\n");
835 ret = lbs_cmd_with_response(priv, CMD_802_11_DATA_RATE, &cmd);
839 lbs_deb_hex(LBS_DEB_CMD, "DATA_RATE_RESP", (u8 *) &cmd, sizeof (cmd));
841 /* FIXME: get actual rates FW can do if this command actually returns
842 * all data rates supported.
844 priv->cur_rate = lbs_fw_index_to_data_rate(cmd.rates[0]);
845 lbs_deb_cmd("DATA_RATE: current rate is 0x%02x\n", priv->cur_rate);
848 lbs_deb_leave_args(LBS_DEB_CMD, "ret %d", ret);
853 * @brief Get the radio channel
855 * @param priv A pointer to struct lbs_private structure
857 * @return The channel on success, error on failure
859 int lbs_get_channel(struct lbs_private *priv)
861 struct cmd_ds_802_11_rf_channel cmd;
864 lbs_deb_enter(LBS_DEB_CMD);
866 memset(&cmd, 0, sizeof(cmd));
867 cmd.hdr.size = cpu_to_le16(sizeof(cmd));
868 cmd.action = cpu_to_le16(CMD_OPT_802_11_RF_CHANNEL_GET);
870 ret = lbs_cmd_with_response(priv, CMD_802_11_RF_CHANNEL, &cmd);
874 ret = le16_to_cpu(cmd.channel);
875 lbs_deb_cmd("current radio channel is %d\n", ret);
878 lbs_deb_leave_args(LBS_DEB_CMD, "ret %d", ret);
882 int lbs_update_channel(struct lbs_private *priv)
886 /* the channel in f/w could be out of sync; get the current channel */
887 lbs_deb_enter(LBS_DEB_ASSOC);
889 ret = lbs_get_channel(priv);
891 priv->curbssparams.channel = ret;
894 lbs_deb_leave_args(LBS_DEB_ASSOC, "ret %d", ret);
899 * @brief Set the radio channel
901 * @param priv A pointer to struct lbs_private structure
902 * @param channel The desired channel, or 0 to clear a locked channel
904 * @return 0 on success, error on failure
906 int lbs_set_channel(struct lbs_private *priv, u8 channel)
908 struct cmd_ds_802_11_rf_channel cmd;
910 u8 old_channel = priv->curbssparams.channel;
914 lbs_deb_enter(LBS_DEB_CMD);
916 memset(&cmd, 0, sizeof(cmd));
917 cmd.hdr.size = cpu_to_le16(sizeof(cmd));
918 cmd.action = cpu_to_le16(CMD_OPT_802_11_RF_CHANNEL_SET);
919 cmd.channel = cpu_to_le16(channel);
921 ret = lbs_cmd_with_response(priv, CMD_802_11_RF_CHANNEL, &cmd);
925 priv->curbssparams.channel = (uint8_t) le16_to_cpu(cmd.channel);
926 lbs_deb_cmd("channel switch from %d to %d\n", old_channel,
927 priv->curbssparams.channel);
930 lbs_deb_leave_args(LBS_DEB_CMD, "ret %d", ret);
934 static int lbs_cmd_802_11_rssi(struct lbs_private *priv,
935 struct cmd_ds_command *cmd)
938 lbs_deb_enter(LBS_DEB_CMD);
939 cmd->command = cpu_to_le16(CMD_802_11_RSSI);
940 cmd->size = cpu_to_le16(sizeof(struct cmd_ds_802_11_rssi) + S_DS_GEN);
941 cmd->params.rssi.N = cpu_to_le16(DEFAULT_BCN_AVG_FACTOR);
943 /* reset Beacon SNR/NF/RSSI values */
944 priv->SNR[TYPE_BEACON][TYPE_NOAVG] = 0;
945 priv->SNR[TYPE_BEACON][TYPE_AVG] = 0;
946 priv->NF[TYPE_BEACON][TYPE_NOAVG] = 0;
947 priv->NF[TYPE_BEACON][TYPE_AVG] = 0;
948 priv->RSSI[TYPE_BEACON][TYPE_NOAVG] = 0;
949 priv->RSSI[TYPE_BEACON][TYPE_AVG] = 0;
951 lbs_deb_leave(LBS_DEB_CMD);
955 static int lbs_cmd_reg_access(struct cmd_ds_command *cmdptr,
956 u8 cmd_action, void *pdata_buf)
958 struct lbs_offset_value *offval;
960 lbs_deb_enter(LBS_DEB_CMD);
962 offval = (struct lbs_offset_value *)pdata_buf;
964 switch (le16_to_cpu(cmdptr->command)) {
965 case CMD_MAC_REG_ACCESS:
967 struct cmd_ds_mac_reg_access *macreg;
970 cpu_to_le16(sizeof (struct cmd_ds_mac_reg_access)
973 (struct cmd_ds_mac_reg_access *)&cmdptr->params.
976 macreg->action = cpu_to_le16(cmd_action);
977 macreg->offset = cpu_to_le16((u16) offval->offset);
978 macreg->value = cpu_to_le32(offval->value);
983 case CMD_BBP_REG_ACCESS:
985 struct cmd_ds_bbp_reg_access *bbpreg;
989 (struct cmd_ds_bbp_reg_access)
992 (struct cmd_ds_bbp_reg_access *)&cmdptr->params.
995 bbpreg->action = cpu_to_le16(cmd_action);
996 bbpreg->offset = cpu_to_le16((u16) offval->offset);
997 bbpreg->value = (u8) offval->value;
1002 case CMD_RF_REG_ACCESS:
1004 struct cmd_ds_rf_reg_access *rfreg;
1008 (struct cmd_ds_rf_reg_access) +
1011 (struct cmd_ds_rf_reg_access *)&cmdptr->params.
1014 rfreg->action = cpu_to_le16(cmd_action);
1015 rfreg->offset = cpu_to_le16((u16) offval->offset);
1016 rfreg->value = (u8) offval->value;
1025 lbs_deb_leave(LBS_DEB_CMD);
1029 static int lbs_cmd_bt_access(struct cmd_ds_command *cmd,
1030 u16 cmd_action, void *pdata_buf)
1032 struct cmd_ds_bt_access *bt_access = &cmd->params.bt;
1033 lbs_deb_enter_args(LBS_DEB_CMD, "action %d", cmd_action);
1035 cmd->command = cpu_to_le16(CMD_BT_ACCESS);
1036 cmd->size = cpu_to_le16(sizeof(struct cmd_ds_bt_access) + S_DS_GEN);
1038 bt_access->action = cpu_to_le16(cmd_action);
1040 switch (cmd_action) {
1041 case CMD_ACT_BT_ACCESS_ADD:
1042 memcpy(bt_access->addr1, pdata_buf, 2 * ETH_ALEN);
1043 lbs_deb_hex(LBS_DEB_MESH, "BT_ADD: blinded MAC addr", bt_access->addr1, 6);
1045 case CMD_ACT_BT_ACCESS_DEL:
1046 memcpy(bt_access->addr1, pdata_buf, 1 * ETH_ALEN);
1047 lbs_deb_hex(LBS_DEB_MESH, "BT_DEL: blinded MAC addr", bt_access->addr1, 6);
1049 case CMD_ACT_BT_ACCESS_LIST:
1050 bt_access->id = cpu_to_le32(*(u32 *) pdata_buf);
1052 case CMD_ACT_BT_ACCESS_RESET:
1054 case CMD_ACT_BT_ACCESS_SET_INVERT:
1055 bt_access->id = cpu_to_le32(*(u32 *) pdata_buf);
1057 case CMD_ACT_BT_ACCESS_GET_INVERT:
1062 lbs_deb_leave(LBS_DEB_CMD);
1066 static int lbs_cmd_fwt_access(struct cmd_ds_command *cmd,
1067 u16 cmd_action, void *pdata_buf)
1069 struct cmd_ds_fwt_access *fwt_access = &cmd->params.fwt;
1070 lbs_deb_enter_args(LBS_DEB_CMD, "action %d", cmd_action);
1072 cmd->command = cpu_to_le16(CMD_FWT_ACCESS);
1073 cmd->size = cpu_to_le16(sizeof(struct cmd_ds_fwt_access) + S_DS_GEN);
1077 memcpy(fwt_access, pdata_buf, sizeof(*fwt_access));
1079 memset(fwt_access, 0, sizeof(*fwt_access));
1081 fwt_access->action = cpu_to_le16(cmd_action);
1083 lbs_deb_leave(LBS_DEB_CMD);
1087 int lbs_mesh_access(struct lbs_private *priv, uint16_t cmd_action,
1088 struct cmd_ds_mesh_access *cmd)
1092 lbs_deb_enter_args(LBS_DEB_CMD, "action %d", cmd_action);
1094 cmd->hdr.command = cpu_to_le16(CMD_MESH_ACCESS);
1095 cmd->hdr.size = cpu_to_le16(sizeof(*cmd));
1096 cmd->hdr.result = 0;
1098 cmd->action = cpu_to_le16(cmd_action);
1100 ret = lbs_cmd_with_response(priv, CMD_MESH_ACCESS, cmd);
1102 lbs_deb_leave(LBS_DEB_CMD);
1106 static int __lbs_mesh_config_send(struct lbs_private *priv,
1107 struct cmd_ds_mesh_config *cmd,
1108 uint16_t action, uint16_t type)
1111 u16 command = CMD_MESH_CONFIG_OLD;
1113 lbs_deb_enter(LBS_DEB_CMD);
1116 * Command id is 0xac for v10 FW along with mesh interface
1117 * id in bits 14-13-12.
1119 if (priv->mesh_fw_ver == MESH_FW_NEW)
1120 command = CMD_MESH_CONFIG |
1121 (MESH_IFACE_ID << MESH_IFACE_BIT_OFFSET);
1123 cmd->hdr.command = cpu_to_le16(command);
1124 cmd->hdr.size = cpu_to_le16(sizeof(struct cmd_ds_mesh_config));
1125 cmd->hdr.result = 0;
1127 cmd->type = cpu_to_le16(type);
1128 cmd->action = cpu_to_le16(action);
1130 ret = lbs_cmd_with_response(priv, command, cmd);
1132 lbs_deb_leave(LBS_DEB_CMD);
1136 int lbs_mesh_config_send(struct lbs_private *priv,
1137 struct cmd_ds_mesh_config *cmd,
1138 uint16_t action, uint16_t type)
1142 if (!(priv->fwcapinfo & FW_CAPINFO_PERSISTENT_CONFIG))
1145 ret = __lbs_mesh_config_send(priv, cmd, action, type);
1149 /* This function is the CMD_MESH_CONFIG legacy function. It only handles the
1150 * START and STOP actions. The extended actions supported by CMD_MESH_CONFIG
1151 * are all handled by preparing a struct cmd_ds_mesh_config and passing it to
1152 * lbs_mesh_config_send.
1154 int lbs_mesh_config(struct lbs_private *priv, uint16_t action, uint16_t chan)
1156 struct cmd_ds_mesh_config cmd;
1157 struct mrvl_meshie *ie;
1158 DECLARE_SSID_BUF(ssid);
1160 memset(&cmd, 0, sizeof(cmd));
1161 cmd.channel = cpu_to_le16(chan);
1162 ie = (struct mrvl_meshie *)cmd.data;
1165 case CMD_ACT_MESH_CONFIG_START:
1166 ie->id = WLAN_EID_GENERIC;
1167 ie->val.oui[0] = 0x00;
1168 ie->val.oui[1] = 0x50;
1169 ie->val.oui[2] = 0x43;
1170 ie->val.type = MARVELL_MESH_IE_TYPE;
1171 ie->val.subtype = MARVELL_MESH_IE_SUBTYPE;
1172 ie->val.version = MARVELL_MESH_IE_VERSION;
1173 ie->val.active_protocol_id = MARVELL_MESH_PROTO_ID_HWMP;
1174 ie->val.active_metric_id = MARVELL_MESH_METRIC_ID;
1175 ie->val.mesh_capability = MARVELL_MESH_CAPABILITY;
1176 ie->val.mesh_id_len = priv->mesh_ssid_len;
1177 memcpy(ie->val.mesh_id, priv->mesh_ssid, priv->mesh_ssid_len);
1178 ie->len = sizeof(struct mrvl_meshie_val) -
1179 IW_ESSID_MAX_SIZE + priv->mesh_ssid_len;
1180 cmd.length = cpu_to_le16(sizeof(struct mrvl_meshie_val));
1182 case CMD_ACT_MESH_CONFIG_STOP:
1187 lbs_deb_cmd("mesh config action %d type %x channel %d SSID %s\n",
1188 action, priv->mesh_tlv, chan,
1189 print_ssid(ssid, priv->mesh_ssid, priv->mesh_ssid_len));
1191 return __lbs_mesh_config_send(priv, &cmd, action, priv->mesh_tlv);
1194 static int lbs_cmd_bcn_ctrl(struct lbs_private * priv,
1195 struct cmd_ds_command *cmd,
1198 struct cmd_ds_802_11_beacon_control
1199 *bcn_ctrl = &cmd->params.bcn_ctrl;
1201 lbs_deb_enter(LBS_DEB_CMD);
1203 cpu_to_le16(sizeof(struct cmd_ds_802_11_beacon_control)
1205 cmd->command = cpu_to_le16(CMD_802_11_BEACON_CTRL);
1207 bcn_ctrl->action = cpu_to_le16(cmd_action);
1208 bcn_ctrl->beacon_enable = cpu_to_le16(priv->beacon_enable);
1209 bcn_ctrl->beacon_period = cpu_to_le16(priv->beacon_period);
1211 lbs_deb_leave(LBS_DEB_CMD);
1215 static void lbs_queue_cmd(struct lbs_private *priv,
1216 struct cmd_ctrl_node *cmdnode)
1218 unsigned long flags;
1221 lbs_deb_enter(LBS_DEB_HOST);
1224 lbs_deb_host("QUEUE_CMD: cmdnode is NULL\n");
1227 if (!cmdnode->cmdbuf->size) {
1228 lbs_deb_host("DNLD_CMD: cmd size is zero\n");
1231 cmdnode->result = 0;
1233 /* Exit_PS command needs to be queued in the header always. */
1234 if (le16_to_cpu(cmdnode->cmdbuf->command) == CMD_802_11_PS_MODE) {
1235 struct cmd_ds_802_11_ps_mode *psm = (void *) &cmdnode->cmdbuf[1];
1237 if (psm->action == cpu_to_le16(CMD_SUBCMD_EXIT_PS)) {
1238 if (priv->psstate != PS_STATE_FULL_POWER)
1243 spin_lock_irqsave(&priv->driver_lock, flags);
1246 list_add_tail(&cmdnode->list, &priv->cmdpendingq);
1248 list_add(&cmdnode->list, &priv->cmdpendingq);
1250 spin_unlock_irqrestore(&priv->driver_lock, flags);
1252 lbs_deb_host("QUEUE_CMD: inserted command 0x%04x into cmdpendingq\n",
1253 le16_to_cpu(cmdnode->cmdbuf->command));
1256 lbs_deb_leave(LBS_DEB_HOST);
1259 static void lbs_submit_command(struct lbs_private *priv,
1260 struct cmd_ctrl_node *cmdnode)
1262 unsigned long flags;
1263 struct cmd_header *cmd;
1269 lbs_deb_enter(LBS_DEB_HOST);
1271 cmd = cmdnode->cmdbuf;
1273 spin_lock_irqsave(&priv->driver_lock, flags);
1274 priv->cur_cmd = cmdnode;
1275 priv->cur_cmd_retcode = 0;
1276 spin_unlock_irqrestore(&priv->driver_lock, flags);
1278 cmdsize = le16_to_cpu(cmd->size);
1279 command = le16_to_cpu(cmd->command);
1281 /* These commands take longer */
1282 if (command == CMD_802_11_SCAN || command == CMD_802_11_ASSOCIATE)
1285 lbs_deb_cmd("DNLD_CMD: command 0x%04x, seq %d, size %d\n",
1286 command, le16_to_cpu(cmd->seqnum), cmdsize);
1287 lbs_deb_hex(LBS_DEB_CMD, "DNLD_CMD", (void *) cmdnode->cmdbuf, cmdsize);
1289 ret = priv->hw_host_to_card(priv, MVMS_CMD, (u8 *) cmd, cmdsize);
1292 lbs_pr_info("DNLD_CMD: hw_host_to_card failed: %d\n", ret);
1293 /* Let the timer kick in and retry, and potentially reset
1294 the whole thing if the condition persists */
1298 if (command == CMD_802_11_DEEP_SLEEP) {
1299 if (priv->is_auto_deep_sleep_enabled) {
1300 priv->wakeup_dev_required = 1;
1301 priv->dnld_sent = 0;
1303 priv->is_deep_sleep = 1;
1304 lbs_complete_command(priv, cmdnode, 0);
1306 /* Setup the timer after transmit command */
1307 mod_timer(&priv->command_timer, jiffies + timeo);
1310 lbs_deb_leave(LBS_DEB_HOST);
1314 * This function inserts command node to cmdfreeq
1315 * after cleans it. Requires priv->driver_lock held.
1317 static void __lbs_cleanup_and_insert_cmd(struct lbs_private *priv,
1318 struct cmd_ctrl_node *cmdnode)
1320 lbs_deb_enter(LBS_DEB_HOST);
1325 cmdnode->callback = NULL;
1326 cmdnode->callback_arg = 0;
1328 memset(cmdnode->cmdbuf, 0, LBS_CMD_BUFFER_SIZE);
1330 list_add_tail(&cmdnode->list, &priv->cmdfreeq);
1332 lbs_deb_leave(LBS_DEB_HOST);
1335 static void lbs_cleanup_and_insert_cmd(struct lbs_private *priv,
1336 struct cmd_ctrl_node *ptempcmd)
1338 unsigned long flags;
1340 spin_lock_irqsave(&priv->driver_lock, flags);
1341 __lbs_cleanup_and_insert_cmd(priv, ptempcmd);
1342 spin_unlock_irqrestore(&priv->driver_lock, flags);
1345 void lbs_complete_command(struct lbs_private *priv, struct cmd_ctrl_node *cmd,
1348 if (cmd == priv->cur_cmd)
1349 priv->cur_cmd_retcode = result;
1351 cmd->result = result;
1352 cmd->cmdwaitqwoken = 1;
1353 wake_up_interruptible(&cmd->cmdwait_q);
1355 if (!cmd->callback || cmd->callback == lbs_cmd_async_callback)
1356 __lbs_cleanup_and_insert_cmd(priv, cmd);
1357 priv->cur_cmd = NULL;
1360 int lbs_set_radio(struct lbs_private *priv, u8 preamble, u8 radio_on)
1362 struct cmd_ds_802_11_radio_control cmd;
1365 lbs_deb_enter(LBS_DEB_CMD);
1367 cmd.hdr.size = cpu_to_le16(sizeof(cmd));
1368 cmd.action = cpu_to_le16(CMD_ACT_SET);
1370 /* Only v8 and below support setting the preamble */
1371 if (priv->fwrelease < 0x09000000) {
1373 case RADIO_PREAMBLE_SHORT:
1374 if (!(priv->capability & WLAN_CAPABILITY_SHORT_PREAMBLE))
1377 case RADIO_PREAMBLE_AUTO:
1378 case RADIO_PREAMBLE_LONG:
1379 cmd.control = cpu_to_le16(preamble);
1387 cmd.control |= cpu_to_le16(0x1);
1389 cmd.control &= cpu_to_le16(~0x1);
1390 priv->txpower_cur = 0;
1393 lbs_deb_cmd("RADIO_CONTROL: radio %s, preamble %d\n",
1394 radio_on ? "ON" : "OFF", preamble);
1396 priv->radio_on = radio_on;
1398 ret = lbs_cmd_with_response(priv, CMD_802_11_RADIO_CONTROL, &cmd);
1401 lbs_deb_leave_args(LBS_DEB_CMD, "ret %d", ret);
1405 void lbs_set_mac_control(struct lbs_private *priv)
1407 struct cmd_ds_mac_control cmd;
1409 lbs_deb_enter(LBS_DEB_CMD);
1411 cmd.hdr.size = cpu_to_le16(sizeof(cmd));
1412 cmd.action = cpu_to_le16(priv->mac_control);
1415 lbs_cmd_async(priv, CMD_MAC_CONTROL, &cmd.hdr, sizeof(cmd));
1417 lbs_deb_leave(LBS_DEB_CMD);
1421 * @brief This function prepare the command before send to firmware.
1423 * @param priv A pointer to struct lbs_private structure
1424 * @param cmd_no command number
1425 * @param cmd_action command action: GET or SET
1426 * @param wait_option wait option: wait response or not
1427 * @param cmd_oid cmd oid: treated as sub command
1428 * @param pdata_buf A pointer to informaion buffer
1431 int lbs_prepare_and_send_command(struct lbs_private *priv,
1434 u16 wait_option, u32 cmd_oid, void *pdata_buf)
1437 struct cmd_ctrl_node *cmdnode;
1438 struct cmd_ds_command *cmdptr;
1439 unsigned long flags;
1441 lbs_deb_enter(LBS_DEB_HOST);
1444 lbs_deb_host("PREP_CMD: priv is NULL\n");
1449 if (priv->surpriseremoved) {
1450 lbs_deb_host("PREP_CMD: card removed\n");
1455 cmdnode = lbs_get_cmd_ctrl_node(priv);
1457 if (cmdnode == NULL) {
1458 lbs_deb_host("PREP_CMD: cmdnode is NULL\n");
1460 /* Wake up main thread to execute next command */
1461 wake_up_interruptible(&priv->waitq);
1466 cmdnode->callback = NULL;
1467 cmdnode->callback_arg = (unsigned long)pdata_buf;
1469 cmdptr = (struct cmd_ds_command *)cmdnode->cmdbuf;
1471 lbs_deb_host("PREP_CMD: command 0x%04x\n", cmd_no);
1473 /* Set sequence number, command and INT option */
1475 cmdptr->seqnum = cpu_to_le16(priv->seqnum);
1477 cmdptr->command = cpu_to_le16(cmd_no);
1481 case CMD_802_11_PS_MODE:
1482 ret = lbs_cmd_802_11_ps_mode(cmdptr, cmd_action);
1485 case CMD_MAC_REG_ACCESS:
1486 case CMD_BBP_REG_ACCESS:
1487 case CMD_RF_REG_ACCESS:
1488 ret = lbs_cmd_reg_access(cmdptr, cmd_action, pdata_buf);
1491 case CMD_802_11_MONITOR_MODE:
1492 ret = lbs_cmd_802_11_monitor_mode(cmdptr,
1493 cmd_action, pdata_buf);
1496 case CMD_802_11_RSSI:
1497 ret = lbs_cmd_802_11_rssi(priv, cmdptr);
1500 case CMD_802_11_SET_AFC:
1501 case CMD_802_11_GET_AFC:
1503 cmdptr->command = cpu_to_le16(cmd_no);
1504 cmdptr->size = cpu_to_le16(sizeof(struct cmd_ds_802_11_afc) +
1507 memmove(&cmdptr->params.afc,
1508 pdata_buf, sizeof(struct cmd_ds_802_11_afc));
1513 case CMD_802_11D_DOMAIN_INFO:
1514 ret = lbs_cmd_802_11d_domain_info(priv, cmdptr,
1515 cmd_no, cmd_action);
1518 case CMD_802_11_TPC_CFG:
1519 cmdptr->command = cpu_to_le16(CMD_802_11_TPC_CFG);
1521 cpu_to_le16(sizeof(struct cmd_ds_802_11_tpc_cfg) +
1524 memmove(&cmdptr->params.tpccfg,
1525 pdata_buf, sizeof(struct cmd_ds_802_11_tpc_cfg));
1529 case CMD_802_11_LED_GPIO_CTRL:
1531 struct mrvl_ie_ledgpio *gpio =
1532 (struct mrvl_ie_ledgpio*)
1533 cmdptr->params.ledgpio.data;
1535 memmove(&cmdptr->params.ledgpio,
1537 sizeof(struct cmd_ds_802_11_led_ctrl));
1540 cpu_to_le16(CMD_802_11_LED_GPIO_CTRL);
1542 #define ACTION_NUMLED_TLVTYPE_LEN_FIELDS_LEN 8
1544 cpu_to_le16(le16_to_cpu(gpio->header.len)
1546 + ACTION_NUMLED_TLVTYPE_LEN_FIELDS_LEN);
1547 gpio->header.len = gpio->header.len;
1554 ret = lbs_cmd_bt_access(cmdptr, cmd_action, pdata_buf);
1557 case CMD_FWT_ACCESS:
1558 ret = lbs_cmd_fwt_access(cmdptr, cmd_action, pdata_buf);
1562 cmdptr->command = cpu_to_le16(CMD_GET_TSF);
1563 cmdptr->size = cpu_to_le16(sizeof(struct cmd_ds_get_tsf) +
1567 case CMD_802_11_BEACON_CTRL:
1568 ret = lbs_cmd_bcn_ctrl(priv, cmdptr, cmd_action);
1570 case CMD_802_11_DEEP_SLEEP:
1571 cmdptr->command = cpu_to_le16(CMD_802_11_DEEP_SLEEP);
1572 cmdptr->size = cpu_to_le16(S_DS_GEN);
1575 lbs_pr_err("PREP_CMD: unknown command 0x%04x\n", cmd_no);
1580 /* return error, since the command preparation failed */
1582 lbs_deb_host("PREP_CMD: command preparation failed\n");
1583 lbs_cleanup_and_insert_cmd(priv, cmdnode);
1588 cmdnode->cmdwaitqwoken = 0;
1590 lbs_queue_cmd(priv, cmdnode);
1591 wake_up_interruptible(&priv->waitq);
1593 if (wait_option & CMD_OPTION_WAITFORRSP) {
1594 lbs_deb_host("PREP_CMD: wait for response\n");
1596 wait_event_interruptible(cmdnode->cmdwait_q,
1597 cmdnode->cmdwaitqwoken);
1600 spin_lock_irqsave(&priv->driver_lock, flags);
1601 if (priv->cur_cmd_retcode) {
1602 lbs_deb_host("PREP_CMD: command failed with return code %d\n",
1603 priv->cur_cmd_retcode);
1604 priv->cur_cmd_retcode = 0;
1607 spin_unlock_irqrestore(&priv->driver_lock, flags);
1610 lbs_deb_leave_args(LBS_DEB_HOST, "ret %d", ret);
1615 * @brief This function allocates the command buffer and link
1616 * it to command free queue.
1618 * @param priv A pointer to struct lbs_private structure
1621 int lbs_allocate_cmd_buffer(struct lbs_private *priv)
1626 struct cmd_ctrl_node *cmdarray;
1628 lbs_deb_enter(LBS_DEB_HOST);
1630 /* Allocate and initialize the command array */
1631 bufsize = sizeof(struct cmd_ctrl_node) * LBS_NUM_CMD_BUFFERS;
1632 if (!(cmdarray = kzalloc(bufsize, GFP_KERNEL))) {
1633 lbs_deb_host("ALLOC_CMD_BUF: tempcmd_array is NULL\n");
1637 priv->cmd_array = cmdarray;
1639 /* Allocate and initialize each command buffer in the command array */
1640 for (i = 0; i < LBS_NUM_CMD_BUFFERS; i++) {
1641 cmdarray[i].cmdbuf = kzalloc(LBS_CMD_BUFFER_SIZE, GFP_KERNEL);
1642 if (!cmdarray[i].cmdbuf) {
1643 lbs_deb_host("ALLOC_CMD_BUF: ptempvirtualaddr is NULL\n");
1649 for (i = 0; i < LBS_NUM_CMD_BUFFERS; i++) {
1650 init_waitqueue_head(&cmdarray[i].cmdwait_q);
1651 lbs_cleanup_and_insert_cmd(priv, &cmdarray[i]);
1656 lbs_deb_leave_args(LBS_DEB_HOST, "ret %d", ret);
1661 * @brief This function frees the command buffer.
1663 * @param priv A pointer to struct lbs_private structure
1666 int lbs_free_cmd_buffer(struct lbs_private *priv)
1668 struct cmd_ctrl_node *cmdarray;
1671 lbs_deb_enter(LBS_DEB_HOST);
1673 /* need to check if cmd array is allocated or not */
1674 if (priv->cmd_array == NULL) {
1675 lbs_deb_host("FREE_CMD_BUF: cmd_array is NULL\n");
1679 cmdarray = priv->cmd_array;
1681 /* Release shared memory buffers */
1682 for (i = 0; i < LBS_NUM_CMD_BUFFERS; i++) {
1683 if (cmdarray[i].cmdbuf) {
1684 kfree(cmdarray[i].cmdbuf);
1685 cmdarray[i].cmdbuf = NULL;
1689 /* Release cmd_ctrl_node */
1690 if (priv->cmd_array) {
1691 kfree(priv->cmd_array);
1692 priv->cmd_array = NULL;
1696 lbs_deb_leave(LBS_DEB_HOST);
1701 * @brief This function gets a free command node if available in
1702 * command free queue.
1704 * @param priv A pointer to struct lbs_private structure
1705 * @return cmd_ctrl_node A pointer to cmd_ctrl_node structure or NULL
1707 static struct cmd_ctrl_node *lbs_get_cmd_ctrl_node(struct lbs_private *priv)
1709 struct cmd_ctrl_node *tempnode;
1710 unsigned long flags;
1712 lbs_deb_enter(LBS_DEB_HOST);
1717 spin_lock_irqsave(&priv->driver_lock, flags);
1719 if (!list_empty(&priv->cmdfreeq)) {
1720 tempnode = list_first_entry(&priv->cmdfreeq,
1721 struct cmd_ctrl_node, list);
1722 list_del(&tempnode->list);
1724 lbs_deb_host("GET_CMD_NODE: cmd_ctrl_node is not available\n");
1728 spin_unlock_irqrestore(&priv->driver_lock, flags);
1730 lbs_deb_leave(LBS_DEB_HOST);
1735 * @brief This function executes next command in command
1736 * pending queue. It will put firmware back to PS mode
1739 * @param priv A pointer to struct lbs_private structure
1742 int lbs_execute_next_command(struct lbs_private *priv)
1744 struct cmd_ctrl_node *cmdnode = NULL;
1745 struct cmd_header *cmd;
1746 unsigned long flags;
1749 /* Debug group is LBS_DEB_THREAD and not LBS_DEB_HOST, because the
1750 * only caller to us is lbs_thread() and we get even when a
1751 * data packet is received */
1752 lbs_deb_enter(LBS_DEB_THREAD);
1754 spin_lock_irqsave(&priv->driver_lock, flags);
1756 if (priv->cur_cmd) {
1757 lbs_pr_alert( "EXEC_NEXT_CMD: already processing command!\n");
1758 spin_unlock_irqrestore(&priv->driver_lock, flags);
1763 if (!list_empty(&priv->cmdpendingq)) {
1764 cmdnode = list_first_entry(&priv->cmdpendingq,
1765 struct cmd_ctrl_node, list);
1768 spin_unlock_irqrestore(&priv->driver_lock, flags);
1771 cmd = cmdnode->cmdbuf;
1773 if (is_command_allowed_in_ps(le16_to_cpu(cmd->command))) {
1774 if ((priv->psstate == PS_STATE_SLEEP) ||
1775 (priv->psstate == PS_STATE_PRE_SLEEP)) {
1777 "EXEC_NEXT_CMD: cannot send cmd 0x%04x in psstate %d\n",
1778 le16_to_cpu(cmd->command),
1783 lbs_deb_host("EXEC_NEXT_CMD: OK to send command "
1784 "0x%04x in psstate %d\n",
1785 le16_to_cpu(cmd->command), priv->psstate);
1786 } else if (priv->psstate != PS_STATE_FULL_POWER) {
1788 * 1. Non-PS command:
1789 * Queue it. set needtowakeup to TRUE if current state
1790 * is SLEEP, otherwise call lbs_ps_wakeup to send Exit_PS.
1791 * 2. PS command but not Exit_PS:
1793 * 3. PS command Exit_PS:
1794 * Set needtowakeup to TRUE if current state is SLEEP,
1795 * otherwise send this command down to firmware
1798 if (cmd->command != cpu_to_le16(CMD_802_11_PS_MODE)) {
1799 /* Prepare to send Exit PS,
1800 * this non PS command will be sent later */
1801 if ((priv->psstate == PS_STATE_SLEEP)
1802 || (priv->psstate == PS_STATE_PRE_SLEEP)
1804 /* w/ new scheme, it will not reach here.
1805 since it is blocked in main_thread. */
1806 priv->needtowakeup = 1;
1808 lbs_ps_wakeup(priv, 0);
1814 * PS command. Ignore it if it is not Exit_PS.
1815 * otherwise send it down immediately.
1817 struct cmd_ds_802_11_ps_mode *psm = (void *)&cmd[1];
1820 "EXEC_NEXT_CMD: PS cmd, action 0x%02x\n",
1823 cpu_to_le16(CMD_SUBCMD_EXIT_PS)) {
1825 "EXEC_NEXT_CMD: ignore ENTER_PS cmd\n");
1826 list_del(&cmdnode->list);
1827 spin_lock_irqsave(&priv->driver_lock, flags);
1828 lbs_complete_command(priv, cmdnode, 0);
1829 spin_unlock_irqrestore(&priv->driver_lock, flags);
1835 if ((priv->psstate == PS_STATE_SLEEP) ||
1836 (priv->psstate == PS_STATE_PRE_SLEEP)) {
1838 "EXEC_NEXT_CMD: ignore EXIT_PS cmd in sleep\n");
1839 list_del(&cmdnode->list);
1840 spin_lock_irqsave(&priv->driver_lock, flags);
1841 lbs_complete_command(priv, cmdnode, 0);
1842 spin_unlock_irqrestore(&priv->driver_lock, flags);
1843 priv->needtowakeup = 1;
1850 "EXEC_NEXT_CMD: sending EXIT_PS\n");
1853 list_del(&cmdnode->list);
1854 lbs_deb_host("EXEC_NEXT_CMD: sending command 0x%04x\n",
1855 le16_to_cpu(cmd->command));
1856 lbs_submit_command(priv, cmdnode);
1859 * check if in power save mode, if yes, put the device back
1862 if ((priv->psmode != LBS802_11POWERMODECAM) &&
1863 (priv->psstate == PS_STATE_FULL_POWER) &&
1864 ((priv->connect_status == LBS_CONNECTED) ||
1865 (priv->mesh_connect_status == LBS_CONNECTED))) {
1866 if (priv->secinfo.WPAenabled ||
1867 priv->secinfo.WPA2enabled) {
1868 /* check for valid WPA group keys */
1869 if (priv->wpa_mcast_key.len ||
1870 priv->wpa_unicast_key.len) {
1872 "EXEC_NEXT_CMD: WPA enabled and GTK_SET"
1873 " go back to PS_SLEEP");
1874 lbs_ps_sleep(priv, 0);
1878 "EXEC_NEXT_CMD: cmdpendingq empty, "
1879 "go back to PS_SLEEP");
1880 lbs_ps_sleep(priv, 0);
1887 lbs_deb_leave(LBS_DEB_THREAD);
1891 void lbs_send_iwevcustom_event(struct lbs_private *priv, s8 *str)
1893 union iwreq_data iwrq;
1896 lbs_deb_enter(LBS_DEB_WEXT);
1898 memset(&iwrq, 0, sizeof(union iwreq_data));
1899 memset(buf, 0, sizeof(buf));
1901 snprintf(buf, sizeof(buf) - 1, "%s", str);
1903 iwrq.data.length = strlen(buf) + 1 + IW_EV_LCP_LEN;
1905 /* Send Event to upper layer */
1906 lbs_deb_wext("event indication string %s\n", (char *)buf);
1907 lbs_deb_wext("event indication length %d\n", iwrq.data.length);
1908 lbs_deb_wext("sending wireless event IWEVCUSTOM for %s\n", str);
1910 wireless_send_event(priv->dev, IWEVCUSTOM, &iwrq, buf);
1912 lbs_deb_leave(LBS_DEB_WEXT);
1915 static void lbs_send_confirmsleep(struct lbs_private *priv)
1917 unsigned long flags;
1920 lbs_deb_enter(LBS_DEB_HOST);
1921 lbs_deb_hex(LBS_DEB_HOST, "sleep confirm", (u8 *) &confirm_sleep,
1922 sizeof(confirm_sleep));
1924 ret = priv->hw_host_to_card(priv, MVMS_CMD, (u8 *) &confirm_sleep,
1925 sizeof(confirm_sleep));
1927 lbs_pr_alert("confirm_sleep failed\n");
1931 spin_lock_irqsave(&priv->driver_lock, flags);
1933 /* We don't get a response on the sleep-confirmation */
1934 priv->dnld_sent = DNLD_RES_RECEIVED;
1936 /* If nothing to do, go back to sleep (?) */
1937 if (!__kfifo_len(priv->event_fifo) && !priv->resp_len[priv->resp_idx])
1938 priv->psstate = PS_STATE_SLEEP;
1940 spin_unlock_irqrestore(&priv->driver_lock, flags);
1943 lbs_deb_leave(LBS_DEB_HOST);
1946 void lbs_ps_sleep(struct lbs_private *priv, int wait_option)
1948 lbs_deb_enter(LBS_DEB_HOST);
1951 * PS is currently supported only in Infrastructure mode
1952 * Remove this check if it is to be supported in IBSS mode also
1955 lbs_prepare_and_send_command(priv, CMD_802_11_PS_MODE,
1956 CMD_SUBCMD_ENTER_PS, wait_option, 0, NULL);
1958 lbs_deb_leave(LBS_DEB_HOST);
1962 * @brief This function sends Exit_PS command to firmware.
1964 * @param priv A pointer to struct lbs_private structure
1965 * @param wait_option wait response or not
1968 void lbs_ps_wakeup(struct lbs_private *priv, int wait_option)
1972 lbs_deb_enter(LBS_DEB_HOST);
1974 Localpsmode = cpu_to_le32(LBS802_11POWERMODECAM);
1976 lbs_prepare_and_send_command(priv, CMD_802_11_PS_MODE,
1978 wait_option, 0, &Localpsmode);
1980 lbs_deb_leave(LBS_DEB_HOST);
1984 * @brief This function checks condition and prepares to
1985 * send sleep confirm command to firmware if ok.
1987 * @param priv A pointer to struct lbs_private structure
1988 * @param psmode Power Saving mode
1991 void lbs_ps_confirm_sleep(struct lbs_private *priv)
1993 unsigned long flags =0;
1996 lbs_deb_enter(LBS_DEB_HOST);
1998 spin_lock_irqsave(&priv->driver_lock, flags);
1999 if (priv->dnld_sent) {
2001 lbs_deb_host("dnld_sent was set\n");
2004 /* In-progress command? */
2005 if (priv->cur_cmd) {
2007 lbs_deb_host("cur_cmd was set\n");
2010 /* Pending events or command responses? */
2011 if (__kfifo_len(priv->event_fifo) || priv->resp_len[priv->resp_idx]) {
2013 lbs_deb_host("pending events or command responses\n");
2015 spin_unlock_irqrestore(&priv->driver_lock, flags);
2018 lbs_deb_host("sending lbs_ps_confirm_sleep\n");
2019 lbs_send_confirmsleep(priv);
2021 lbs_deb_host("sleep confirm has been delayed\n");
2024 lbs_deb_leave(LBS_DEB_HOST);
2029 * @brief Configures the transmission power control functionality.
2031 * @param priv A pointer to struct lbs_private structure
2032 * @param enable Transmission power control enable
2033 * @param p0 Power level when link quality is good (dBm).
2034 * @param p1 Power level when link quality is fair (dBm).
2035 * @param p2 Power level when link quality is poor (dBm).
2036 * @param usesnr Use Signal to Noise Ratio in TPC
2038 * @return 0 on success
2040 int lbs_set_tpc_cfg(struct lbs_private *priv, int enable, int8_t p0, int8_t p1,
2041 int8_t p2, int usesnr)
2043 struct cmd_ds_802_11_tpc_cfg cmd;
2046 memset(&cmd, 0, sizeof(cmd));
2047 cmd.hdr.size = cpu_to_le16(sizeof(cmd));
2048 cmd.action = cpu_to_le16(CMD_ACT_SET);
2049 cmd.enable = !!enable;
2050 cmd.usesnr = !!usesnr;
2055 ret = lbs_cmd_with_response(priv, CMD_802_11_TPC_CFG, &cmd);
2061 * @brief Configures the power adaptation settings.
2063 * @param priv A pointer to struct lbs_private structure
2064 * @param enable Power adaptation enable
2065 * @param p0 Power level for 1, 2, 5.5 and 11 Mbps (dBm).
2066 * @param p1 Power level for 6, 9, 12, 18, 22, 24 and 36 Mbps (dBm).
2067 * @param p2 Power level for 48 and 54 Mbps (dBm).
2069 * @return 0 on Success
2072 int lbs_set_power_adapt_cfg(struct lbs_private *priv, int enable, int8_t p0,
2073 int8_t p1, int8_t p2)
2075 struct cmd_ds_802_11_pa_cfg cmd;
2078 memset(&cmd, 0, sizeof(cmd));
2079 cmd.hdr.size = cpu_to_le16(sizeof(cmd));
2080 cmd.action = cpu_to_le16(CMD_ACT_SET);
2081 cmd.enable = !!enable;
2086 ret = lbs_cmd_with_response(priv, CMD_802_11_PA_CFG , &cmd);
2092 static struct cmd_ctrl_node *__lbs_cmd_async(struct lbs_private *priv,
2093 uint16_t command, struct cmd_header *in_cmd, int in_cmd_size,
2094 int (*callback)(struct lbs_private *, unsigned long, struct cmd_header *),
2095 unsigned long callback_arg)
2097 struct cmd_ctrl_node *cmdnode;
2099 lbs_deb_enter(LBS_DEB_HOST);
2101 if (priv->surpriseremoved) {
2102 lbs_deb_host("PREP_CMD: card removed\n");
2103 cmdnode = ERR_PTR(-ENOENT);
2107 cmdnode = lbs_get_cmd_ctrl_node(priv);
2108 if (cmdnode == NULL) {
2109 lbs_deb_host("PREP_CMD: cmdnode is NULL\n");
2111 /* Wake up main thread to execute next command */
2112 wake_up_interruptible(&priv->waitq);
2113 cmdnode = ERR_PTR(-ENOBUFS);
2117 cmdnode->callback = callback;
2118 cmdnode->callback_arg = callback_arg;
2120 /* Copy the incoming command to the buffer */
2121 memcpy(cmdnode->cmdbuf, in_cmd, in_cmd_size);
2123 /* Set sequence number, clean result, move to buffer */
2125 cmdnode->cmdbuf->command = cpu_to_le16(command);
2126 cmdnode->cmdbuf->size = cpu_to_le16(in_cmd_size);
2127 cmdnode->cmdbuf->seqnum = cpu_to_le16(priv->seqnum);
2128 cmdnode->cmdbuf->result = 0;
2130 lbs_deb_host("PREP_CMD: command 0x%04x\n", command);
2132 cmdnode->cmdwaitqwoken = 0;
2133 lbs_queue_cmd(priv, cmdnode);
2134 wake_up_interruptible(&priv->waitq);
2137 lbs_deb_leave_args(LBS_DEB_HOST, "ret %p", cmdnode);
2141 void lbs_cmd_async(struct lbs_private *priv, uint16_t command,
2142 struct cmd_header *in_cmd, int in_cmd_size)
2144 lbs_deb_enter(LBS_DEB_CMD);
2145 __lbs_cmd_async(priv, command, in_cmd, in_cmd_size,
2146 lbs_cmd_async_callback, 0);
2147 lbs_deb_leave(LBS_DEB_CMD);
2150 int __lbs_cmd(struct lbs_private *priv, uint16_t command,
2151 struct cmd_header *in_cmd, int in_cmd_size,
2152 int (*callback)(struct lbs_private *, unsigned long, struct cmd_header *),
2153 unsigned long callback_arg)
2155 struct cmd_ctrl_node *cmdnode;
2156 unsigned long flags;
2159 lbs_deb_enter(LBS_DEB_HOST);
2161 cmdnode = __lbs_cmd_async(priv, command, in_cmd, in_cmd_size,
2162 callback, callback_arg);
2163 if (IS_ERR(cmdnode)) {
2164 ret = PTR_ERR(cmdnode);
2169 wait_event_interruptible(cmdnode->cmdwait_q, cmdnode->cmdwaitqwoken);
2171 spin_lock_irqsave(&priv->driver_lock, flags);
2172 ret = cmdnode->result;
2174 lbs_pr_info("PREP_CMD: command 0x%04x failed: %d\n",
2177 __lbs_cleanup_and_insert_cmd(priv, cmdnode);
2178 spin_unlock_irqrestore(&priv->driver_lock, flags);
2181 lbs_deb_leave_args(LBS_DEB_HOST, "ret %d", ret);
2184 EXPORT_SYMBOL_GPL(__lbs_cmd);
git://ftp.safe.ca / safe / jmp / linux-2.6 / blob