1// SPDX-License-Identifier: GPL-2.0-only
   2/*
   3 * NXP Wireless LAN device driver: commands and events
   4 *
   5 * Copyright 2011-2020 NXP
   6 */
   7
   8#include <asm/unaligned.h>
   9#include "decl.h"
  10#include "ioctl.h"
  11#include "util.h"
  12#include "fw.h"
  13#include "main.h"
  14#include "wmm.h"
  15#include "11n.h"
  16
  17static void mwifiex_cancel_pending_ioctl(struct mwifiex_adapter *adapter);
  18
  19/*
  20 * This function initializes a command node.
  21 *
  22 * The actual allocation of the node is not done by this function. It only
  23 * initiates a node by filling it with default parameters. Similarly,
  24 * allocation of the different buffers used (IOCTL buffer, data buffer) are
  25 * not done by this function either.
  26 */
  27static void
  28mwifiex_init_cmd_node(struct mwifiex_private *priv,
  29		      struct cmd_ctrl_node *cmd_node,
  30		      u32 cmd_no, void *data_buf, bool sync)
  31{
  32	cmd_node->priv = priv;
  33	cmd_node->cmd_no = cmd_no;
  34
  35	if (sync) {
  36		cmd_node->wait_q_enabled = true;
  37		cmd_node->cmd_wait_q_woken = false;
  38		cmd_node->condition = &cmd_node->cmd_wait_q_woken;
  39	}
  40	cmd_node->data_buf = data_buf;
  41	cmd_node->cmd_skb = cmd_node->skb;
  42}
  43
  44/*
  45 * This function returns a command node from the free queue depending upon
  46 * availability.
  47 */
  48static struct cmd_ctrl_node *
  49mwifiex_get_cmd_node(struct mwifiex_adapter *adapter)
  50{
  51	struct cmd_ctrl_node *cmd_node;
  52
  53	spin_lock_bh(&adapter->cmd_free_q_lock);
  54	if (list_empty(&adapter->cmd_free_q)) {
  55		mwifiex_dbg(adapter, ERROR,
  56			    "GET_CMD_NODE: cmd node not available\n");
  57		spin_unlock_bh(&adapter->cmd_free_q_lock);
  58		return NULL;
  59	}
  60	cmd_node = list_first_entry(&adapter->cmd_free_q,
  61				    struct cmd_ctrl_node, list);
  62	list_del(&cmd_node->list);
  63	spin_unlock_bh(&adapter->cmd_free_q_lock);
  64
  65	return cmd_node;
  66}
  67
  68/*
  69 * This function cleans up a command node.
  70 *
  71 * The function resets the fields including the buffer pointers.
  72 * This function does not try to free the buffers. They must be
  73 * freed before calling this function.
  74 *
  75 * This function will however call the receive completion callback
  76 * in case a response buffer is still available before resetting
  77 * the pointer.
  78 */
  79static void
  80mwifiex_clean_cmd_node(struct mwifiex_adapter *adapter,
  81		       struct cmd_ctrl_node *cmd_node)
  82{
  83	cmd_node->cmd_no = 0;
  84	cmd_node->cmd_flag = 0;
  85	cmd_node->data_buf = NULL;
  86	cmd_node->wait_q_enabled = false;
  87
  88	if (cmd_node->cmd_skb)
  89		skb_trim(cmd_node->cmd_skb, 0);
  90
  91	if (cmd_node->resp_skb) {
  92		adapter->if_ops.cmdrsp_complete(adapter, cmd_node->resp_skb);
  93		cmd_node->resp_skb = NULL;
  94	}
  95}
  96
  97/*
  98 * This function returns a command to the command free queue.
  99 *
 100 * The function also calls the completion callback if required, before
 101 * cleaning the command node and re-inserting it into the free queue.
 102 */
 103static void
 104mwifiex_insert_cmd_to_free_q(struct mwifiex_adapter *adapter,
 105			     struct cmd_ctrl_node *cmd_node)
 106{
 107	if (!cmd_node)
 108		return;
 109
 110	if (cmd_node->wait_q_enabled)
 111		mwifiex_complete_cmd(adapter, cmd_node);
 112	/* Clean the node */
 113	mwifiex_clean_cmd_node(adapter, cmd_node);
 114
 115	/* Insert node into cmd_free_q */
 116	spin_lock_bh(&adapter->cmd_free_q_lock);
 117	list_add_tail(&cmd_node->list, &adapter->cmd_free_q);
 118	spin_unlock_bh(&adapter->cmd_free_q_lock);
 119}
 120
 121/* This function reuses a command node. */
 122void mwifiex_recycle_cmd_node(struct mwifiex_adapter *adapter,
 123			      struct cmd_ctrl_node *cmd_node)
 124{
 125	struct host_cmd_ds_command *host_cmd = (void *)cmd_node->cmd_skb->data;
 126
 127	mwifiex_insert_cmd_to_free_q(adapter, cmd_node);
 128
 129	atomic_dec(&adapter->cmd_pending);
 130	mwifiex_dbg(adapter, CMD,
 131		    "cmd: FREE_CMD: cmd=%#x, cmd_pending=%d\n",
 132		le16_to_cpu(host_cmd->command),
 133		atomic_read(&adapter->cmd_pending));
 134}
 135
 136/*
 137 * This function sends a host command to the firmware.
 138 *
 139 * The function copies the host command into the driver command
 140 * buffer, which will be transferred to the firmware later by the
 141 * main thread.
 142 */
 143static int mwifiex_cmd_host_cmd(struct mwifiex_private *priv,
 144				struct host_cmd_ds_command *cmd,
 145				struct mwifiex_ds_misc_cmd *pcmd_ptr)
 146{
 147	/* Copy the HOST command to command buffer */
 148	memcpy(cmd, pcmd_ptr->cmd, pcmd_ptr->len);
 149	mwifiex_dbg(priv->adapter, CMD,
 150		    "cmd: host cmd size = %d\n", pcmd_ptr->len);
 151	return 0;
 152}
 153
 154/*
 155 * This function downloads a command to the firmware.
 156 *
 157 * The function performs sanity tests, sets the command sequence
 158 * number and size, converts the header fields to CPU format before
 159 * sending. Afterwards, it logs the command ID and action for debugging
 160 * and sets up the command timeout timer.
 161 */
 162static int mwifiex_dnld_cmd_to_fw(struct mwifiex_private *priv,
 163				  struct cmd_ctrl_node *cmd_node)
 164{
 165
 166	struct mwifiex_adapter *adapter = priv->adapter;
 167	int ret;
 168	struct host_cmd_ds_command *host_cmd;
 169	uint16_t cmd_code;
 170	uint16_t cmd_size;
 171
 172	if (!adapter || !cmd_node)
 173		return -1;
 174
 175	host_cmd = (struct host_cmd_ds_command *) (cmd_node->cmd_skb->data);
 176
 177	/* Sanity test */
 178	if (host_cmd->size == 0) {
 179		mwifiex_dbg(adapter, ERROR,
 180			    "DNLD_CMD: host_cmd is null\t"
 181			    "or cmd size is 0, not sending\n");
 182		if (cmd_node->wait_q_enabled)
 183			adapter->cmd_wait_q.status = -1;
 184		mwifiex_recycle_cmd_node(adapter, cmd_node);
 185		return -1;
 186	}
 187
 188	cmd_code = le16_to_cpu(host_cmd->command);
 189	cmd_node->cmd_no = cmd_code;
 190	cmd_size = le16_to_cpu(host_cmd->size);
 191
 192	if (adapter->hw_status == MWIFIEX_HW_STATUS_RESET &&
 193	    cmd_code != HostCmd_CMD_FUNC_SHUTDOWN &&
 194	    cmd_code != HostCmd_CMD_FUNC_INIT) {
 195		mwifiex_dbg(adapter, ERROR,
 196			    "DNLD_CMD: FW in reset state, ignore cmd %#x\n",
 197			cmd_code);
 198		mwifiex_recycle_cmd_node(adapter, cmd_node);
 199		queue_work(adapter->workqueue, &adapter->main_work);
 200		return -1;
 201	}
 202
 203	/* Set command sequence number */
 204	adapter->seq_num++;
 205	host_cmd->seq_num = cpu_to_le16(HostCmd_SET_SEQ_NO_BSS_INFO
 206					(adapter->seq_num,
 207					 cmd_node->priv->bss_num,
 208					 cmd_node->priv->bss_type));
 209
 210	spin_lock_bh(&adapter->mwifiex_cmd_lock);
 211	adapter->curr_cmd = cmd_node;
 212	spin_unlock_bh(&adapter->mwifiex_cmd_lock);
 213
 214	/* Adjust skb length */
 215	if (cmd_node->cmd_skb->len > cmd_size)
 216		/*
 217		 * cmd_size is less than sizeof(struct host_cmd_ds_command).
 218		 * Trim off the unused portion.
 219		 */
 220		skb_trim(cmd_node->cmd_skb, cmd_size);
 221	else if (cmd_node->cmd_skb->len < cmd_size)
 222		/*
 223		 * cmd_size is larger than sizeof(struct host_cmd_ds_command)
 224		 * because we have appended custom IE TLV. Increase skb length
 225		 * accordingly.
 226		 */
 227		skb_put(cmd_node->cmd_skb, cmd_size - cmd_node->cmd_skb->len);
 228
 229	mwifiex_dbg(adapter, CMD,
 230		    "cmd: DNLD_CMD: %#x, act %#x, len %d, seqno %#x\n",
 231		    cmd_code,
 232		    get_unaligned_le16((u8 *)host_cmd + S_DS_GEN),
 233		    cmd_size, le16_to_cpu(host_cmd->seq_num));
 234	mwifiex_dbg_dump(adapter, CMD_D, "cmd buffer:", host_cmd, cmd_size);
 235
 236	if (adapter->iface_type == MWIFIEX_USB) {
 237		skb_push(cmd_node->cmd_skb, MWIFIEX_TYPE_LEN);
 238		put_unaligned_le32(MWIFIEX_USB_TYPE_CMD,
 239				   cmd_node->cmd_skb->data);
 240		adapter->cmd_sent = true;
 241		ret = adapter->if_ops.host_to_card(adapter,
 242						   MWIFIEX_USB_EP_CMD_EVENT,
 243						   cmd_node->cmd_skb, NULL);
 244		skb_pull(cmd_node->cmd_skb, MWIFIEX_TYPE_LEN);
 245		if (ret == -EBUSY)
 246			cmd_node->cmd_skb = NULL;
 247	} else {
 248		skb_push(cmd_node->cmd_skb, adapter->intf_hdr_len);
 249		ret = adapter->if_ops.host_to_card(adapter, MWIFIEX_TYPE_CMD,
 250						   cmd_node->cmd_skb, NULL);
 251		skb_pull(cmd_node->cmd_skb, adapter->intf_hdr_len);
 252	}
 253
 254	if (ret == -1) {
 255		mwifiex_dbg(adapter, ERROR,
 256			    "DNLD_CMD: host to card failed\n");
 257		if (adapter->iface_type == MWIFIEX_USB)
 258			adapter->cmd_sent = false;
 259		if (cmd_node->wait_q_enabled)
 260			adapter->cmd_wait_q.status = -1;
 261		mwifiex_recycle_cmd_node(adapter, adapter->curr_cmd);
 262
 263		spin_lock_bh(&adapter->mwifiex_cmd_lock);
 264		adapter->curr_cmd = NULL;
 265		spin_unlock_bh(&adapter->mwifiex_cmd_lock);
 266
 267		adapter->dbg.num_cmd_host_to_card_failure++;
 268		return -1;
 269	}
 270
 271	/* Save the last command id and action to debug log */
 272	adapter->dbg.last_cmd_index =
 273			(adapter->dbg.last_cmd_index + 1) % DBG_CMD_NUM;
 274	adapter->dbg.last_cmd_id[adapter->dbg.last_cmd_index] = cmd_code;
 275	adapter->dbg.last_cmd_act[adapter->dbg.last_cmd_index] =
 276			get_unaligned_le16((u8 *)host_cmd + S_DS_GEN);
 277
 278	/* Setup the timer after transmit command, except that specific
 279	 * command might not have command response.
 280	 */
 281	if (cmd_code != HostCmd_CMD_FW_DUMP_EVENT)
 282		mod_timer(&adapter->cmd_timer,
 283			  jiffies + msecs_to_jiffies(MWIFIEX_TIMER_10S));
 284
 285	/* Clear BSS_NO_BITS from HostCmd */
 286	cmd_code &= HostCmd_CMD_ID_MASK;
 287
 288	return 0;
 289}
 290
 291/*
 292 * This function downloads a sleep confirm command to the firmware.
 293 *
 294 * The function performs sanity tests, sets the command sequence
 295 * number and size, converts the header fields to CPU format before
 296 * sending.
 297 *
 298 * No responses are needed for sleep confirm command.
 299 */
 300static int mwifiex_dnld_sleep_confirm_cmd(struct mwifiex_adapter *adapter)
 301{
 302	int ret;
 303	struct mwifiex_private *priv;
 304	struct mwifiex_opt_sleep_confirm *sleep_cfm_buf =
 305				(struct mwifiex_opt_sleep_confirm *)
 306						adapter->sleep_cfm->data;
 307	struct sk_buff *sleep_cfm_tmp;
 308
 309	priv = mwifiex_get_priv(adapter, MWIFIEX_BSS_ROLE_ANY);
 310
 311	adapter->seq_num++;
 312	sleep_cfm_buf->seq_num =
 313		cpu_to_le16(HostCmd_SET_SEQ_NO_BSS_INFO
 314					(adapter->seq_num, priv->bss_num,
 315					 priv->bss_type));
 316
 317	mwifiex_dbg(adapter, CMD,
 318		    "cmd: DNLD_CMD: %#x, act %#x, len %d, seqno %#x\n",
 319		le16_to_cpu(sleep_cfm_buf->command),
 320		le16_to_cpu(sleep_cfm_buf->action),
 321		le16_to_cpu(sleep_cfm_buf->size),
 322		le16_to_cpu(sleep_cfm_buf->seq_num));
 323	mwifiex_dbg_dump(adapter, CMD_D, "SLEEP_CFM buffer: ", sleep_cfm_buf,
 324			 le16_to_cpu(sleep_cfm_buf->size));
 325
 326	if (adapter->iface_type == MWIFIEX_USB) {
 327		sleep_cfm_tmp =
 328			dev_alloc_skb(sizeof(struct mwifiex_opt_sleep_confirm)
 329				      + MWIFIEX_TYPE_LEN);
 330		if (!sleep_cfm_tmp) {
 331			mwifiex_dbg(adapter, ERROR,
 332				    "SLEEP_CFM: dev_alloc_skb failed\n");
 333			return -ENOMEM;
 334		}
 335
 336		skb_put(sleep_cfm_tmp, sizeof(struct mwifiex_opt_sleep_confirm)
 337			+ MWIFIEX_TYPE_LEN);
 338		put_unaligned_le32(MWIFIEX_USB_TYPE_CMD, sleep_cfm_tmp->data);
 339		memcpy(sleep_cfm_tmp->data + MWIFIEX_TYPE_LEN,
 340		       adapter->sleep_cfm->data,
 341		       sizeof(struct mwifiex_opt_sleep_confirm));
 342		ret = adapter->if_ops.host_to_card(adapter,
 343						   MWIFIEX_USB_EP_CMD_EVENT,
 344						   sleep_cfm_tmp, NULL);
 345		if (ret != -EBUSY)
 346			dev_kfree_skb_any(sleep_cfm_tmp);
 347	} else {
 348		skb_push(adapter->sleep_cfm, adapter->intf_hdr_len);
 349		ret = adapter->if_ops.host_to_card(adapter, MWIFIEX_TYPE_CMD,
 350						   adapter->sleep_cfm, NULL);
 351		skb_pull(adapter->sleep_cfm, adapter->intf_hdr_len);
 352	}
 353
 354	if (ret == -1) {
 355		mwifiex_dbg(adapter, ERROR, "SLEEP_CFM: failed\n");
 356		adapter->dbg.num_cmd_sleep_cfm_host_to_card_failure++;
 357		return -1;
 358	}
 359
 360	if (!le16_to_cpu(sleep_cfm_buf->resp_ctrl))
 361		/* Response is not needed for sleep confirm command */
 362		adapter->ps_state = PS_STATE_SLEEP;
 363	else
 364		adapter->ps_state = PS_STATE_SLEEP_CFM;
 365
 366	if (!le16_to_cpu(sleep_cfm_buf->resp_ctrl) &&
 367	    (test_bit(MWIFIEX_IS_HS_CONFIGURED, &adapter->work_flags) &&
 368	     !adapter->sleep_period.period)) {
 369		adapter->pm_wakeup_card_req = true;
 370		mwifiex_hs_activated_event(mwifiex_get_priv
 371				(adapter, MWIFIEX_BSS_ROLE_ANY), true);
 372	}
 373
 374	return ret;
 375}
 376
 377/*
 378 * This function allocates the command buffers and links them to
 379 * the command free queue.
 380 *
 381 * The driver uses a pre allocated number of command buffers, which
 382 * are created at driver initializations and freed at driver cleanup.
 383 * Every command needs to obtain a command buffer from this pool before
 384 * it can be issued. The command free queue lists the command buffers
 385 * currently free to use, while the command pending queue lists the
 386 * command buffers already in use and awaiting handling. Command buffers
 387 * are returned to the free queue after use.
 388 */
 389int mwifiex_alloc_cmd_buffer(struct mwifiex_adapter *adapter)
 390{
 391	struct cmd_ctrl_node *cmd_array;
 392	u32 i;
 393
 394	/* Allocate and initialize struct cmd_ctrl_node */
 395	cmd_array = kcalloc(MWIFIEX_NUM_OF_CMD_BUFFER,
 396			    sizeof(struct cmd_ctrl_node), GFP_KERNEL);
 397	if (!cmd_array)
 398		return -ENOMEM;
 399
 400	adapter->cmd_pool = cmd_array;
 401
 402	/* Allocate and initialize command buffers */
 403	for (i = 0; i < MWIFIEX_NUM_OF_CMD_BUFFER; i++) {
 404		cmd_array[i].skb = dev_alloc_skb(MWIFIEX_SIZE_OF_CMD_BUFFER);
 405		if (!cmd_array[i].skb) {
 406			mwifiex_dbg(adapter, ERROR,
 407				    "unable to allocate command buffer\n");
 408			return -ENOMEM;
 409		}
 410	}
 411
 412	for (i = 0; i < MWIFIEX_NUM_OF_CMD_BUFFER; i++)
 413		mwifiex_insert_cmd_to_free_q(adapter, &cmd_array[i]);
 414
 415	return 0;
 416}
 417
 418/*
 419 * This function frees the command buffers.
 420 *
 421 * The function calls the completion callback for all the command
 422 * buffers that still have response buffers associated with them.
 423 */
 424void mwifiex_free_cmd_buffer(struct mwifiex_adapter *adapter)
 425{
 426	struct cmd_ctrl_node *cmd_array;
 427	u32 i;
 428
 429	/* Need to check if cmd pool is allocated or not */
 430	if (!adapter->cmd_pool) {
 431		mwifiex_dbg(adapter, FATAL,
 432			    "info: FREE_CMD_BUF: cmd_pool is null\n");
 433		return;
 434	}
 435
 436	cmd_array = adapter->cmd_pool;
 437
 438	/* Release shared memory buffers */
 439	for (i = 0; i < MWIFIEX_NUM_OF_CMD_BUFFER; i++) {
 440		if (cmd_array[i].skb) {
 441			mwifiex_dbg(adapter, CMD,
 442				    "cmd: free cmd buffer %d\n", i);
 443			dev_kfree_skb_any(cmd_array[i].skb);
 444		}
 445		if (!cmd_array[i].resp_skb)
 446			continue;
 447
 448		if (adapter->iface_type == MWIFIEX_USB)
 449			adapter->if_ops.cmdrsp_complete(adapter,
 450							cmd_array[i].resp_skb);
 451		else
 452			dev_kfree_skb_any(cmd_array[i].resp_skb);
 453	}
 454	/* Release struct cmd_ctrl_node */
 455	if (adapter->cmd_pool) {
 456		mwifiex_dbg(adapter, CMD,
 457			    "cmd: free cmd pool\n");
 458		kfree(adapter->cmd_pool);
 459		adapter->cmd_pool = NULL;
 460	}
 461}
 462
 463/*
 464 * This function handles events generated by firmware.
 465 *
 466 * Event body of events received from firmware are not used (though they are
 467 * saved), only the event ID is used. Some events are re-invoked by
 468 * the driver, with a new event body.
 469 *
 470 * After processing, the function calls the completion callback
 471 * for cleanup.
 472 */
 473int mwifiex_process_event(struct mwifiex_adapter *adapter)
 474{
 475	int ret, i;
 476	struct mwifiex_private *priv =
 477		mwifiex_get_priv(adapter, MWIFIEX_BSS_ROLE_ANY);
 478	struct sk_buff *skb = adapter->event_skb;
 479	u32 eventcause;
 480	struct mwifiex_rxinfo *rx_info;
 481
 482	if ((adapter->event_cause & EVENT_ID_MASK) == EVENT_RADAR_DETECTED) {
 483		for (i = 0; i < adapter->priv_num; i++) {
 484			priv = adapter->priv[i];
 485			if (priv && mwifiex_is_11h_active(priv)) {
 486				adapter->event_cause |=
 487					((priv->bss_num & 0xff) << 16) |
 488					((priv->bss_type & 0xff) << 24);
 489				break;
 490			}
 491		}
 492	}
 493
 494	eventcause = adapter->event_cause;
 495
 496	/* Save the last event to debug log */
 497	adapter->dbg.last_event_index =
 498			(adapter->dbg.last_event_index + 1) % DBG_CMD_NUM;
 499	adapter->dbg.last_event[adapter->dbg.last_event_index] =
 500							(u16) eventcause;
 501
 502	/* Get BSS number and corresponding priv */
 503	priv = mwifiex_get_priv_by_id(adapter, EVENT_GET_BSS_NUM(eventcause),
 504				      EVENT_GET_BSS_TYPE(eventcause));
 505	if (!priv)
 506		priv = mwifiex_get_priv(adapter, MWIFIEX_BSS_ROLE_ANY);
 507
 508	/* Clear BSS_NO_BITS from event */
 509	eventcause &= EVENT_ID_MASK;
 510	adapter->event_cause = eventcause;
 511
 512	if (skb) {
 513		rx_info = MWIFIEX_SKB_RXCB(skb);
 514		memset(rx_info, 0, sizeof(*rx_info));
 515		rx_info->bss_num = priv->bss_num;
 516		rx_info->bss_type = priv->bss_type;
 517		mwifiex_dbg_dump(adapter, EVT_D, "Event Buf:",
 518				 skb->data, skb->len);
 519	}
 520
 521	mwifiex_dbg(adapter, EVENT, "EVENT: cause: %#x\n", eventcause);
 522
 523	if (priv->bss_role == MWIFIEX_BSS_ROLE_UAP)
 524		ret = mwifiex_process_uap_event(priv);
 525	else
 526		ret = mwifiex_process_sta_event(priv);
 527
 528	adapter->event_cause = 0;
 529	adapter->event_skb = NULL;
 530	adapter->if_ops.event_complete(adapter, skb);
 531
 532	return ret;
 533}
 534
 535/*
 536 * This function prepares a command and send it to the firmware.
 537 *
 538 * Preparation includes -
 539 *      - Sanity tests to make sure the card is still present or the FW
 540 *        is not reset
 541 *      - Getting a new command node from the command free queue
 542 *      - Initializing the command node for default parameters
 543 *      - Fill up the non-default parameters and buffer pointers
 544 *      - Add the command to pending queue
 545 */
 546int mwifiex_send_cmd(struct mwifiex_private *priv, u16 cmd_no,
 547		     u16 cmd_action, u32 cmd_oid, void *data_buf, bool sync)
 548{
 549	int ret;
 550	struct mwifiex_adapter *adapter = priv->adapter;
 551	struct cmd_ctrl_node *cmd_node;
 552	struct host_cmd_ds_command *cmd_ptr;
 553
 554	if (!adapter) {
 555		pr_err("PREP_CMD: adapter is NULL\n");
 556		return -1;
 557	}
 558
 559	if (test_bit(MWIFIEX_IS_SUSPENDED, &adapter->work_flags)) {
 560		mwifiex_dbg(adapter, ERROR,
 561			    "PREP_CMD: device in suspended state\n");
 562		return -1;
 563	}
 564
 565	if (test_bit(MWIFIEX_IS_HS_ENABLING, &adapter->work_flags) &&
 566	    cmd_no != HostCmd_CMD_802_11_HS_CFG_ENH) {
 567		mwifiex_dbg(adapter, ERROR,
 568			    "PREP_CMD: host entering sleep state\n");
 569		return -1;
 570	}
 571
 572	if (test_bit(MWIFIEX_SURPRISE_REMOVED, &adapter->work_flags)) {
 573		mwifiex_dbg(adapter, ERROR,
 574			    "PREP_CMD: card is removed\n");
 575		return -1;
 576	}
 577
 578	if (test_bit(MWIFIEX_IS_CMD_TIMEDOUT, &adapter->work_flags)) {
 579		mwifiex_dbg(adapter, ERROR,
 580			    "PREP_CMD: FW is in bad state\n");
 581		return -1;
 582	}
 583
 584	if (adapter->hw_status == MWIFIEX_HW_STATUS_RESET) {
 585		if (cmd_no != HostCmd_CMD_FUNC_INIT) {
 586			mwifiex_dbg(adapter, ERROR,
 587				    "PREP_CMD: FW in reset state\n");
 588			return -1;
 589		}
 590	}
 591	/* We don't expect commands in manufacturing mode. They are cooked
 592	 * in application and ready to download buffer is passed to the driver
 593	 */
 594	if (adapter->mfg_mode && cmd_no) {
 595		dev_dbg(adapter->dev, "Ignoring commands in manufacturing mode\n");
 596		return -1;
 597	}
 598
 599	if (priv->adapter->hs_activated_manually &&
 600	    cmd_no != HostCmd_CMD_802_11_HS_CFG_ENH) {
 601		mwifiex_cancel_hs(priv, MWIFIEX_ASYNC_CMD);
 602		priv->adapter->hs_activated_manually = false;
 603	}
 604
 605	/* Get a new command node */
 606	cmd_node = mwifiex_get_cmd_node(adapter);
 607
 608	if (!cmd_node) {
 609		mwifiex_dbg(adapter, ERROR,
 610			    "PREP_CMD: no free cmd node\n");
 611		return -1;
 612	}
 613
 614	/* Initialize the command node */
 615	mwifiex_init_cmd_node(priv, cmd_node, cmd_no, data_buf, sync);
 616
 617	if (!cmd_node->cmd_skb) {
 618		mwifiex_dbg(adapter, ERROR,
 619			    "PREP_CMD: no free cmd buf\n");
 620		return -1;
 621	}
 622
 623	skb_put_zero(cmd_node->cmd_skb, sizeof(struct host_cmd_ds_command));
 624
 625	cmd_ptr = (struct host_cmd_ds_command *) (cmd_node->cmd_skb->data);
 626	cmd_ptr->command = cpu_to_le16(cmd_no);
 627	cmd_ptr->result = 0;
 628
 629	/* Prepare command */
 630	if (cmd_no) {
 631		switch (cmd_no) {
 632		case HostCmd_CMD_UAP_SYS_CONFIG:
 633		case HostCmd_CMD_UAP_BSS_START:
 634		case HostCmd_CMD_UAP_BSS_STOP:
 635		case HostCmd_CMD_UAP_STA_DEAUTH:
 636		case HOST_CMD_APCMD_SYS_RESET:
 637		case HOST_CMD_APCMD_STA_LIST:
 638			ret = mwifiex_uap_prepare_cmd(priv, cmd_no, cmd_action,
 639						      cmd_oid, data_buf,
 640						      cmd_ptr);
 641			break;
 642		default:
 643			ret = mwifiex_sta_prepare_cmd(priv, cmd_no, cmd_action,
 644						      cmd_oid, data_buf,
 645						      cmd_ptr);
 646			break;
 647		}
 648	} else {
 649		ret = mwifiex_cmd_host_cmd(priv, cmd_ptr, data_buf);
 650		cmd_node->cmd_flag |= CMD_F_HOSTCMD;
 651	}
 652
 653	/* Return error, since the command preparation failed */
 654	if (ret) {
 655		mwifiex_dbg(adapter, ERROR,
 656			    "PREP_CMD: cmd %#x preparation failed\n",
 657			cmd_no);
 658		mwifiex_insert_cmd_to_free_q(adapter, cmd_node);
 659		return -1;
 660	}
 661
 662	/* Send command */
 663	if (cmd_no == HostCmd_CMD_802_11_SCAN ||
 664	    cmd_no == HostCmd_CMD_802_11_SCAN_EXT) {
 665		mwifiex_queue_scan_cmd(priv, cmd_node);
 666	} else {
 667		mwifiex_insert_cmd_to_pending_q(adapter, cmd_node);
 668		queue_work(adapter->workqueue, &adapter->main_work);
 669		if (cmd_node->wait_q_enabled)
 670			ret = mwifiex_wait_queue_complete(adapter, cmd_node);
 671	}
 672
 673	return ret;
 674}
 675
 676/*
 677 * This function queues a command to the command pending queue.
 678 *
 679 * This in effect adds the command to the command list to be executed.
 680 * Exit PS command is handled specially, by placing it always to the
 681 * front of the command queue.
 682 */
 683void
 684mwifiex_insert_cmd_to_pending_q(struct mwifiex_adapter *adapter,
 685				struct cmd_ctrl_node *cmd_node)
 686{
 687	struct host_cmd_ds_command *host_cmd = NULL;
 688	u16 command;
 689	bool add_tail = true;
 690
 691	host_cmd = (struct host_cmd_ds_command *) (cmd_node->cmd_skb->data);
 692	if (!host_cmd) {
 693		mwifiex_dbg(adapter, ERROR, "QUEUE_CMD: host_cmd is NULL\n");
 694		return;
 695	}
 696
 697	command = le16_to_cpu(host_cmd->command);
 698
 699	/* Exit_PS command needs to be queued in the header always. */
 700	if (command == HostCmd_CMD_802_11_PS_MODE_ENH) {
 701		struct host_cmd_ds_802_11_ps_mode_enh *pm =
 702						&host_cmd->params.psmode_enh;
 703		if ((le16_to_cpu(pm->action) == DIS_PS) ||
 704		    (le16_to_cpu(pm->action) == DIS_AUTO_PS)) {
 705			if (adapter->ps_state != PS_STATE_AWAKE)
 706				add_tail = false;
 707		}
 708	}
 709
 710	/* Same with exit host sleep cmd, luckily that can't happen at the same time as EXIT_PS */
 711	if (command == HostCmd_CMD_802_11_HS_CFG_ENH) {
 712		struct host_cmd_ds_802_11_hs_cfg_enh *hs_cfg =
 713			&host_cmd->params.opt_hs_cfg;
 714
 715		if (le16_to_cpu(hs_cfg->action) == HS_ACTIVATE)
 716				add_tail = false;
 717	}
 718
 719	spin_lock_bh(&adapter->cmd_pending_q_lock);
 720	if (add_tail)
 721		list_add_tail(&cmd_node->list, &adapter->cmd_pending_q);
 722	else
 723		list_add(&cmd_node->list, &adapter->cmd_pending_q);
 724	spin_unlock_bh(&adapter->cmd_pending_q_lock);
 725
 726	atomic_inc(&adapter->cmd_pending);
 727	mwifiex_dbg(adapter, CMD,
 728		    "cmd: QUEUE_CMD: cmd=%#x, cmd_pending=%d\n",
 729		command, atomic_read(&adapter->cmd_pending));
 730}
 731
 732/*
 733 * This function executes the next command in command pending queue.
 734 *
 735 * This function will fail if a command is already in processing stage,
 736 * otherwise it will dequeue the first command from the command pending
 737 * queue and send to the firmware.
 738 *
 739 * If the device is currently in host sleep mode, any commands, except the
 740 * host sleep configuration command will de-activate the host sleep. For PS
 741 * mode, the function will put the firmware back to sleep if applicable.
 742 */
 743int mwifiex_exec_next_cmd(struct mwifiex_adapter *adapter)
 744{
 745	struct mwifiex_private *priv;
 746	struct cmd_ctrl_node *cmd_node;
 747	int ret = 0;
 748	struct host_cmd_ds_command *host_cmd;
 749
 750	/* Check if already in processing */
 751	if (adapter->curr_cmd) {
 752		mwifiex_dbg(adapter, FATAL,
 753			    "EXEC_NEXT_CMD: cmd in processing\n");
 754		return -1;
 755	}
 756
 757	spin_lock_bh(&adapter->mwifiex_cmd_lock);
 758	/* Check if any command is pending */
 759	spin_lock_bh(&adapter->cmd_pending_q_lock);
 760	if (list_empty(&adapter->cmd_pending_q)) {
 761		spin_unlock_bh(&adapter->cmd_pending_q_lock);
 762		spin_unlock_bh(&adapter->mwifiex_cmd_lock);
 763		return 0;
 764	}
 765	cmd_node = list_first_entry(&adapter->cmd_pending_q,
 766				    struct cmd_ctrl_node, list);
 767
 768	host_cmd = (struct host_cmd_ds_command *) (cmd_node->cmd_skb->data);
 769	priv = cmd_node->priv;
 770
 771	if (adapter->ps_state != PS_STATE_AWAKE) {
 772		mwifiex_dbg(adapter, ERROR,
 773			    "%s: cannot send cmd in sleep state,\t"
 774			    "this should not happen\n", __func__);
 775		spin_unlock_bh(&adapter->cmd_pending_q_lock);
 776		spin_unlock_bh(&adapter->mwifiex_cmd_lock);
 777		return ret;
 778	}
 779
 780	list_del(&cmd_node->list);
 781	spin_unlock_bh(&adapter->cmd_pending_q_lock);
 782
 783	spin_unlock_bh(&adapter->mwifiex_cmd_lock);
 784	ret = mwifiex_dnld_cmd_to_fw(priv, cmd_node);
 785	priv = mwifiex_get_priv(adapter, MWIFIEX_BSS_ROLE_ANY);
 786	/* Any command sent to the firmware when host is in sleep
 787	 * mode should de-configure host sleep. We should skip the
 788	 * host sleep configuration command itself though
 789	 */
 790	if (priv && (host_cmd->command !=
 791	     cpu_to_le16(HostCmd_CMD_802_11_HS_CFG_ENH))) {
 792		if (adapter->hs_activated) {
 793			clear_bit(MWIFIEX_IS_HS_CONFIGURED,
 794				  &adapter->work_flags);
 795			mwifiex_hs_activated_event(priv, false);
 796		}
 797	}
 798
 799	return ret;
 800}
 801
 802/*
 803 * This function handles the command response.
 804 *
 805 * After processing, the function cleans the command node and puts
 806 * it back to the command free queue.
 807 */
 808int mwifiex_process_cmdresp(struct mwifiex_adapter *adapter)
 809{
 810	struct host_cmd_ds_command *resp;
 811	struct mwifiex_private *priv =
 812		mwifiex_get_priv(adapter, MWIFIEX_BSS_ROLE_ANY);
 813	int ret = 0;
 814	uint16_t orig_cmdresp_no;
 815	uint16_t cmdresp_no;
 816	uint16_t cmdresp_result;
 817
 818	if (!adapter->curr_cmd || !adapter->curr_cmd->resp_skb) {
 819		resp = (struct host_cmd_ds_command *) adapter->upld_buf;
 820		mwifiex_dbg(adapter, ERROR,
 821			    "CMD_RESP: NULL curr_cmd, %#x\n",
 822			    le16_to_cpu(resp->command));
 823		return -1;
 824	}
 825
 826	resp = (struct host_cmd_ds_command *)adapter->curr_cmd->resp_skb->data;
 827	orig_cmdresp_no = le16_to_cpu(resp->command);
 828	cmdresp_no = (orig_cmdresp_no & HostCmd_CMD_ID_MASK);
 829
 830	if (adapter->curr_cmd->cmd_no != cmdresp_no) {
 831		mwifiex_dbg(adapter, ERROR,
 832			    "cmdresp error: cmd=0x%x cmd_resp=0x%x\n",
 833			    adapter->curr_cmd->cmd_no, cmdresp_no);
 834		return -1;
 835	}
 836	/* Now we got response from FW, cancel the command timer */
 837	del_timer_sync(&adapter->cmd_timer);
 838	clear_bit(MWIFIEX_IS_CMD_TIMEDOUT, &adapter->work_flags);
 839
 840	if (adapter->curr_cmd->cmd_flag & CMD_F_HOSTCMD) {
 841		/* Copy original response back to response buffer */
 842		struct mwifiex_ds_misc_cmd *hostcmd;
 843		uint16_t size = le16_to_cpu(resp->size);
 844		mwifiex_dbg(adapter, INFO,
 845			    "info: host cmd resp size = %d\n", size);
 846		size = min_t(u16, size, MWIFIEX_SIZE_OF_CMD_BUFFER);
 847		if (adapter->curr_cmd->data_buf) {
 848			hostcmd = adapter->curr_cmd->data_buf;
 849			hostcmd->len = size;
 850			memcpy(hostcmd->cmd, resp, size);
 851		}
 852	}
 853
 854	/* Get BSS number and corresponding priv */
 855	priv = mwifiex_get_priv_by_id(adapter,
 856			     HostCmd_GET_BSS_NO(le16_to_cpu(resp->seq_num)),
 857			     HostCmd_GET_BSS_TYPE(le16_to_cpu(resp->seq_num)));
 858	if (!priv)
 859		priv = mwifiex_get_priv(adapter, MWIFIEX_BSS_ROLE_ANY);
 860	/* Clear RET_BIT from HostCmd */
 861	resp->command = cpu_to_le16(orig_cmdresp_no & HostCmd_CMD_ID_MASK);
 862
 863	cmdresp_no = le16_to_cpu(resp->command);
 864	cmdresp_result = le16_to_cpu(resp->result);
 865
 866	/* Save the last command response to debug log */
 867	adapter->dbg.last_cmd_resp_index =
 868			(adapter->dbg.last_cmd_resp_index + 1) % DBG_CMD_NUM;
 869	adapter->dbg.last_cmd_resp_id[adapter->dbg.last_cmd_resp_index] =
 870								orig_cmdresp_no;
 871
 872	mwifiex_dbg(adapter, CMD,
 873		    "cmd: CMD_RESP: 0x%x, result %d, len %d, seqno 0x%x\n",
 874		    orig_cmdresp_no, cmdresp_result,
 875		    le16_to_cpu(resp->size), le16_to_cpu(resp->seq_num));
 876	mwifiex_dbg_dump(adapter, CMD_D, "CMD_RESP buffer:", resp,
 877			 le16_to_cpu(resp->size));
 878
 879	if (!(orig_cmdresp_no & HostCmd_RET_BIT)) {
 880		mwifiex_dbg(adapter, ERROR, "CMD_RESP: invalid cmd resp\n");
 881		if (adapter->curr_cmd->wait_q_enabled)
 882			adapter->cmd_wait_q.status = -1;
 883
 884		mwifiex_recycle_cmd_node(adapter, adapter->curr_cmd);
 885		spin_lock_bh(&adapter->mwifiex_cmd_lock);
 886		adapter->curr_cmd = NULL;
 887		spin_unlock_bh(&adapter->mwifiex_cmd_lock);
 888		return -1;
 889	}
 890
 891	if (adapter->curr_cmd->cmd_flag & CMD_F_HOSTCMD) {
 892		adapter->curr_cmd->cmd_flag &= ~CMD_F_HOSTCMD;
 893		if ((cmdresp_result == HostCmd_RESULT_OK) &&
 894		    (cmdresp_no == HostCmd_CMD_802_11_HS_CFG_ENH))
 895			ret = mwifiex_ret_802_11_hs_cfg(priv, resp);
 896	} else {
 897		/* handle response */
 898		ret = mwifiex_process_sta_cmdresp(priv, cmdresp_no, resp);
 899	}
 900
 901	/* Check init command response */
 902	if (adapter->hw_status == MWIFIEX_HW_STATUS_INITIALIZING) {
 903		if (ret) {
 904			mwifiex_dbg(adapter, ERROR,
 905				    "%s: cmd %#x failed during\t"
 906				    "initialization\n", __func__, cmdresp_no);
 907			mwifiex_init_fw_complete(adapter);
 908			return -1;
 909		} else if (adapter->last_init_cmd == cmdresp_no)
 910			adapter->hw_status = MWIFIEX_HW_STATUS_INIT_DONE;
 911	}
 912
 913	if (adapter->curr_cmd) {
 914		if (adapter->curr_cmd->wait_q_enabled)
 915			adapter->cmd_wait_q.status = ret;
 916
 917		mwifiex_recycle_cmd_node(adapter, adapter->curr_cmd);
 918
 919		spin_lock_bh(&adapter->mwifiex_cmd_lock);
 920		adapter->curr_cmd = NULL;
 921		spin_unlock_bh(&adapter->mwifiex_cmd_lock);
 922	}
 923
 924	return ret;
 925}
 926
 927/*
 928 * This function handles the timeout of command sending.
 929 *
 930 * It will re-send the same command again.
 931 */
 932void
 933mwifiex_cmd_timeout_func(struct timer_list *t)
 934{
 935	struct mwifiex_adapter *adapter = from_timer(adapter, t, cmd_timer);
 936	struct cmd_ctrl_node *cmd_node;
 937
 938	set_bit(MWIFIEX_IS_CMD_TIMEDOUT, &adapter->work_flags);
 939	if (!adapter->curr_cmd) {
 940		mwifiex_dbg(adapter, ERROR,
 941			    "cmd: empty curr_cmd\n");
 942		return;
 943	}
 944	cmd_node = adapter->curr_cmd;
 945	if (cmd_node) {
 946		adapter->dbg.timeout_cmd_id =
 947			adapter->dbg.last_cmd_id[adapter->dbg.last_cmd_index];
 948		adapter->dbg.timeout_cmd_act =
 949			adapter->dbg.last_cmd_act[adapter->dbg.last_cmd_index];
 950		mwifiex_dbg(adapter, MSG,
 951			    "%s: Timeout cmd id = %#x, act = %#x\n", __func__,
 952			    adapter->dbg.timeout_cmd_id,
 953			    adapter->dbg.timeout_cmd_act);
 954
 955		mwifiex_dbg(adapter, MSG,
 956			    "num_data_h2c_failure = %d\n",
 957			    adapter->dbg.num_tx_host_to_card_failure);
 958		mwifiex_dbg(adapter, MSG,
 959			    "num_cmd_h2c_failure = %d\n",
 960			    adapter->dbg.num_cmd_host_to_card_failure);
 961
 962		mwifiex_dbg(adapter, MSG,
 963			    "is_cmd_timedout = %d\n",
 964			    test_bit(MWIFIEX_IS_CMD_TIMEDOUT,
 965				     &adapter->work_flags));
 966		mwifiex_dbg(adapter, MSG,
 967			    "num_tx_timeout = %d\n",
 968			    adapter->dbg.num_tx_timeout);
 969
 970		mwifiex_dbg(adapter, MSG,
 971			    "last_cmd_index = %d\n",
 972			    adapter->dbg.last_cmd_index);
 973		mwifiex_dbg(adapter, MSG,
 974			    "last_cmd_id: %*ph\n",
 975			    (int)sizeof(adapter->dbg.last_cmd_id),
 976			    adapter->dbg.last_cmd_id);
 977		mwifiex_dbg(adapter, MSG,
 978			    "last_cmd_act: %*ph\n",
 979			    (int)sizeof(adapter->dbg.last_cmd_act),
 980			    adapter->dbg.last_cmd_act);
 981
 982		mwifiex_dbg(adapter, MSG,
 983			    "last_cmd_resp_index = %d\n",
 984			    adapter->dbg.last_cmd_resp_index);
 985		mwifiex_dbg(adapter, MSG,
 986			    "last_cmd_resp_id: %*ph\n",
 987			    (int)sizeof(adapter->dbg.last_cmd_resp_id),
 988			    adapter->dbg.last_cmd_resp_id);
 989
 990		mwifiex_dbg(adapter, MSG,
 991			    "last_event_index = %d\n",
 992			    adapter->dbg.last_event_index);
 993		mwifiex_dbg(adapter, MSG,
 994			    "last_event: %*ph\n",
 995			    (int)sizeof(adapter->dbg.last_event),
 996			    adapter->dbg.last_event);
 997
 998		mwifiex_dbg(adapter, MSG,
 999			    "data_sent=%d cmd_sent=%d\n",
1000			    adapter->data_sent, adapter->cmd_sent);
1001
1002		mwifiex_dbg(adapter, MSG,
1003			    "ps_mode=%d ps_state=%d\n",
1004			    adapter->ps_mode, adapter->ps_state);
1005
1006		if (cmd_node->wait_q_enabled) {
1007			adapter->cmd_wait_q.status = -ETIMEDOUT;
1008			mwifiex_cancel_pending_ioctl(adapter);
1009		}
1010	}
1011	if (adapter->hw_status == MWIFIEX_HW_STATUS_INITIALIZING) {
1012		mwifiex_init_fw_complete(adapter);
1013		return;
1014	}
1015
1016	if (adapter->if_ops.device_dump)
1017		adapter->if_ops.device_dump(adapter);
1018
1019	if (adapter->if_ops.card_reset)
1020		adapter->if_ops.card_reset(adapter);
1021}
1022
1023void
1024mwifiex_cancel_pending_scan_cmd(struct mwifiex_adapter *adapter)
1025{
1026	struct cmd_ctrl_node *cmd_node = NULL, *tmp_node;
1027
1028	/* Cancel all pending scan command */
1029	spin_lock_bh(&adapter->scan_pending_q_lock);
1030	list_for_each_entry_safe(cmd_node, tmp_node,
1031				 &adapter->scan_pending_q, list) {
1032		list_del(&cmd_node->list);
1033		cmd_node->wait_q_enabled = false;
1034		mwifiex_insert_cmd_to_free_q(adapter, cmd_node);
1035	}
1036	spin_unlock_bh(&adapter->scan_pending_q_lock);
1037}
1038
1039/*
1040 * This function cancels all the pending commands.
1041 *
1042 * The current command, all commands in command pending queue and all scan
1043 * commands in scan pending queue are cancelled. All the completion callbacks
1044 * are called with failure status to ensure cleanup.
1045 */
1046void
1047mwifiex_cancel_all_pending_cmd(struct mwifiex_adapter *adapter)
1048{
1049	struct cmd_ctrl_node *cmd_node = NULL, *tmp_node;
1050
1051	spin_lock_bh(&adapter->mwifiex_cmd_lock);
1052	/* Cancel current cmd */
1053	if ((adapter->curr_cmd) && (adapter->curr_cmd->wait_q_enabled)) {
1054		adapter->cmd_wait_q.status = -1;
1055		mwifiex_complete_cmd(adapter, adapter->curr_cmd);
1056		adapter->curr_cmd->wait_q_enabled = false;
1057		/* no recycle probably wait for response */
1058	}
1059	/* Cancel all pending command */
1060	spin_lock_bh(&adapter->cmd_pending_q_lock);
1061	list_for_each_entry_safe(cmd_node, tmp_node,
1062				 &adapter->cmd_pending_q, list) {
1063		list_del(&cmd_node->list);
1064
1065		if (cmd_node->wait_q_enabled)
1066			adapter->cmd_wait_q.status = -1;
1067		mwifiex_recycle_cmd_node(adapter, cmd_node);
1068	}
1069	spin_unlock_bh(&adapter->cmd_pending_q_lock);
1070	spin_unlock_bh(&adapter->mwifiex_cmd_lock);
1071
1072	mwifiex_cancel_scan(adapter);
1073}
1074
1075/*
1076 * This function cancels all pending commands that matches with
1077 * the given IOCTL request.
1078 *
1079 * Both the current command buffer and the pending command queue are
1080 * searched for matching IOCTL request. The completion callback of
1081 * the matched command is called with failure status to ensure cleanup.
1082 * In case of scan commands, all pending commands in scan pending queue
1083 * are cancelled.
1084 */
1085static void
1086mwifiex_cancel_pending_ioctl(struct mwifiex_adapter *adapter)
1087{
1088	struct cmd_ctrl_node *cmd_node = NULL;
1089
1090	if ((adapter->curr_cmd) &&
1091	    (adapter->curr_cmd->wait_q_enabled)) {
1092		spin_lock_bh(&adapter->mwifiex_cmd_lock);
1093		cmd_node = adapter->curr_cmd;
1094		/* setting curr_cmd to NULL is quite dangerous, because
1095		 * mwifiex_process_cmdresp checks curr_cmd to be != NULL
1096		 * at the beginning then relies on it and dereferences
1097		 * it at will
1098		 * this probably works since mwifiex_cmd_timeout_func
1099		 * is the only caller of this function and responses
1100		 * at that point
1101		 */
1102		adapter->curr_cmd = NULL;
1103		spin_unlock_bh(&adapter->mwifiex_cmd_lock);
1104
1105		mwifiex_recycle_cmd_node(adapter, cmd_node);
1106	}
1107
1108	mwifiex_cancel_scan(adapter);
1109}
1110
1111/*
1112 * This function sends the sleep confirm command to firmware, if
1113 * possible.
1114 *
1115 * The sleep confirm command cannot be issued if command response,
1116 * data response or event response is awaiting handling, or if we
1117 * are in the middle of sending a command, or expecting a command
1118 * response.
1119 */
1120void
1121mwifiex_check_ps_cond(struct mwifiex_adapter *adapter)
1122{
1123	if (!adapter->cmd_sent && !atomic_read(&adapter->tx_hw_pending) &&
1124	    !adapter->curr_cmd && !IS_CARD_RX_RCVD(adapter))
1125		mwifiex_dnld_sleep_confirm_cmd(adapter);
1126	else
1127		mwifiex_dbg(adapter, CMD,
1128			    "cmd: Delay Sleep Confirm (%s%s%s%s)\n",
1129			    (adapter->cmd_sent) ? "D" : "",
1130			    atomic_read(&adapter->tx_hw_pending) ? "T" : "",
1131			    (adapter->curr_cmd) ? "C" : "",
1132			    (IS_CARD_RX_RCVD(adapter)) ? "R" : "");
1133}
1134
1135/*
1136 * This function sends a Host Sleep activated event to applications.
1137 *
1138 * This event is generated by the driver, with a blank event body.
1139 */
1140void
1141mwifiex_hs_activated_event(struct mwifiex_private *priv, u8 activated)
1142{
1143	if (activated) {
1144		if (test_bit(MWIFIEX_IS_HS_CONFIGURED,
1145			     &priv->adapter->work_flags)) {
1146			priv->adapter->hs_activated = true;
1147			mwifiex_update_rxreor_flags(priv->adapter,
1148						    RXREOR_FORCE_NO_DROP);
1149			mwifiex_dbg(priv->adapter, EVENT,
1150				    "event: hs_activated\n");
1151			priv->adapter->hs_activate_wait_q_woken = true;
1152			wake_up_interruptible(
1153				&priv->adapter->hs_activate_wait_q);
1154		} else {
1155			mwifiex_dbg(priv->adapter, EVENT,
1156				    "event: HS not configured\n");
1157		}
1158	} else {
1159		mwifiex_dbg(priv->adapter, EVENT,
1160			    "event: hs_deactivated\n");
1161		priv->adapter->hs_activated = false;
1162	}
1163}
1164
1165/*
1166 * This function handles the command response of a Host Sleep configuration
1167 * command.
1168 *
1169 * Handling includes changing the header fields into CPU format
1170 * and setting the current host sleep activation status in driver.
1171 *
1172 * In case host sleep status change, the function generates an event to
1173 * notify the applications.
1174 */
1175int mwifiex_ret_802_11_hs_cfg(struct mwifiex_private *priv,
1176			      struct host_cmd_ds_command *resp)
1177{
1178	struct mwifiex_adapter *adapter = priv->adapter;
1179	struct host_cmd_ds_802_11_hs_cfg_enh *phs_cfg =
1180		&resp->params.opt_hs_cfg;
1181	uint32_t conditions = le32_to_cpu(phs_cfg->params.hs_config.conditions);
1182
1183	if (phs_cfg->action == cpu_to_le16(HS_ACTIVATE) &&
1184	    adapter->iface_type != MWIFIEX_USB) {
1185		mwifiex_hs_activated_event(priv, true);
1186		return 0;
1187	} else {
1188		mwifiex_dbg(adapter, CMD,
1189			    "cmd: CMD_RESP: HS_CFG cmd reply\t"
1190			    " result=%#x, conditions=0x%x gpio=0x%x gap=0x%x\n",
1191			    resp->result, conditions,
1192			    phs_cfg->params.hs_config.gpio,
1193			    phs_cfg->params.hs_config.gap);
1194	}
1195	if (conditions != HS_CFG_CANCEL) {
1196		set_bit(MWIFIEX_IS_HS_CONFIGURED, &adapter->work_flags);
1197		if (adapter->iface_type == MWIFIEX_USB)
1198			mwifiex_hs_activated_event(priv, true);
1199	} else {
1200		clear_bit(MWIFIEX_IS_HS_CONFIGURED, &adapter->work_flags);
1201		if (adapter->hs_activated)
1202			mwifiex_hs_activated_event(priv, false);
1203	}
1204
1205	return 0;
1206}
1207
1208/*
1209 * This function wakes up the adapter and generates a Host Sleep
1210 * cancel event on receiving the power up interrupt.
1211 */
1212void
1213mwifiex_process_hs_config(struct mwifiex_adapter *adapter)
1214{
1215	mwifiex_dbg(adapter, INFO,
1216		    "info: %s: auto cancelling host sleep\t"
1217		    "since there is interrupt from the firmware\n",
1218		    __func__);
1219
1220	adapter->if_ops.wakeup(adapter);
1221
1222	if (adapter->hs_activated_manually) {
1223		mwifiex_cancel_hs(mwifiex_get_priv (adapter, MWIFIEX_BSS_ROLE_ANY),
1224				  MWIFIEX_ASYNC_CMD);
1225		adapter->hs_activated_manually = false;
1226	}
1227
1228	adapter->hs_activated = false;
1229	clear_bit(MWIFIEX_IS_HS_CONFIGURED, &adapter->work_flags);
1230	clear_bit(MWIFIEX_IS_SUSPENDED, &adapter->work_flags);
1231	mwifiex_hs_activated_event(mwifiex_get_priv(adapter,
1232						    MWIFIEX_BSS_ROLE_ANY),
1233				   false);
1234}
1235EXPORT_SYMBOL_GPL(mwifiex_process_hs_config);
1236
1237/*
1238 * This function handles the command response of a sleep confirm command.
1239 *
1240 * The function sets the card state to SLEEP if the response indicates success.
1241 */
1242void
1243mwifiex_process_sleep_confirm_resp(struct mwifiex_adapter *adapter,
1244				   u8 *pbuf, u32 upld_len)
1245{
1246	struct host_cmd_ds_command *cmd = (struct host_cmd_ds_command *) pbuf;
 
 
1247	uint16_t result = le16_to_cpu(cmd->result);
1248	uint16_t command = le16_to_cpu(cmd->command);
1249	uint16_t seq_num = le16_to_cpu(cmd->seq_num);
1250
1251	if (!upld_len) {
1252		mwifiex_dbg(adapter, ERROR,
1253			    "%s: cmd size is 0\n", __func__);
1254		return;
1255	}
1256
1257	mwifiex_dbg(adapter, CMD,
1258		    "cmd: CMD_RESP: 0x%x, result %d, len %d, seqno 0x%x\n",
1259		    command, result, le16_to_cpu(cmd->size), seq_num);
1260
 
 
 
 
 
 
1261	/* Update sequence number */
1262	seq_num = HostCmd_GET_SEQ_NO(seq_num);
1263	/* Clear RET_BIT from HostCmd */
1264	command &= HostCmd_CMD_ID_MASK;
1265
1266	if (command != HostCmd_CMD_802_11_PS_MODE_ENH) {
1267		mwifiex_dbg(adapter, ERROR,
1268			    "%s: rcvd unexpected resp for cmd %#x, result = %x\n",
1269			    __func__, command, result);
1270		return;
1271	}
1272
1273	if (result) {
1274		mwifiex_dbg(adapter, ERROR,
1275			    "%s: sleep confirm cmd failed\n",
1276			    __func__);
1277		adapter->pm_wakeup_card_req = false;
1278		adapter->ps_state = PS_STATE_AWAKE;
1279		return;
1280	}
1281	adapter->pm_wakeup_card_req = true;
1282	if (test_bit(MWIFIEX_IS_HS_CONFIGURED, &adapter->work_flags))
1283		mwifiex_hs_activated_event(mwifiex_get_priv
1284						(adapter, MWIFIEX_BSS_ROLE_ANY),
1285					   true);
1286	adapter->ps_state = PS_STATE_SLEEP;
1287	cmd->command = cpu_to_le16(command);
1288	cmd->seq_num = cpu_to_le16(seq_num);
1289}
1290EXPORT_SYMBOL_GPL(mwifiex_process_sleep_confirm_resp);
1291
1292/*
1293 * This function prepares an enhanced power mode command.
1294 *
1295 * This function can be used to disable power save or to configure
1296 * power save with auto PS or STA PS or auto deep sleep.
1297 *
1298 * Preparation includes -
1299 *      - Setting command ID, action and proper size
1300 *      - Setting Power Save bitmap, PS parameters TLV, PS mode TLV,
1301 *        auto deep sleep TLV (as required)
1302 *      - Ensuring correct endian-ness
1303 */
1304int mwifiex_cmd_enh_power_mode(struct mwifiex_private *priv,
1305			       struct host_cmd_ds_command *cmd,
1306			       u16 cmd_action, uint16_t ps_bitmap,
1307			       struct mwifiex_ds_auto_ds *auto_ds)
1308{
1309	struct host_cmd_ds_802_11_ps_mode_enh *psmode_enh =
1310		&cmd->params.psmode_enh;
1311	u8 *tlv;
1312	u16 cmd_size = 0;
1313
1314	cmd->command = cpu_to_le16(HostCmd_CMD_802_11_PS_MODE_ENH);
1315	if (cmd_action == DIS_AUTO_PS) {
1316		psmode_enh->action = cpu_to_le16(DIS_AUTO_PS);
1317		psmode_enh->params.ps_bitmap = cpu_to_le16(ps_bitmap);
1318		cmd->size = cpu_to_le16(S_DS_GEN + sizeof(psmode_enh->action) +
1319					sizeof(psmode_enh->params.ps_bitmap));
1320	} else if (cmd_action == GET_PS) {
1321		psmode_enh->action = cpu_to_le16(GET_PS);
1322		psmode_enh->params.ps_bitmap = cpu_to_le16(ps_bitmap);
1323		cmd->size = cpu_to_le16(S_DS_GEN + sizeof(psmode_enh->action) +
1324					sizeof(psmode_enh->params.ps_bitmap));
1325	} else if (cmd_action == EN_AUTO_PS) {
1326		psmode_enh->action = cpu_to_le16(EN_AUTO_PS);
1327		psmode_enh->params.ps_bitmap = cpu_to_le16(ps_bitmap);
1328		cmd_size = S_DS_GEN + sizeof(psmode_enh->action) +
1329					sizeof(psmode_enh->params.ps_bitmap);
1330		tlv = (u8 *) cmd + cmd_size;
1331		if (ps_bitmap & BITMAP_STA_PS) {
1332			struct mwifiex_adapter *adapter = priv->adapter;
1333			struct mwifiex_ie_types_ps_param *ps_tlv =
1334				(struct mwifiex_ie_types_ps_param *) tlv;
1335			struct mwifiex_ps_param *ps_mode = &ps_tlv->param;
1336			ps_tlv->header.type = cpu_to_le16(TLV_TYPE_PS_PARAM);
1337			ps_tlv->header.len = cpu_to_le16(sizeof(*ps_tlv) -
1338					sizeof(struct mwifiex_ie_types_header));
1339			cmd_size += sizeof(*ps_tlv);
1340			tlv += sizeof(*ps_tlv);
1341			mwifiex_dbg(priv->adapter, CMD,
1342				    "cmd: PS Command: Enter PS\n");
1343			ps_mode->null_pkt_interval =
1344					cpu_to_le16(adapter->null_pkt_interval);
1345			ps_mode->multiple_dtims =
1346					cpu_to_le16(adapter->multiple_dtim);
1347			ps_mode->bcn_miss_timeout =
1348					cpu_to_le16(adapter->bcn_miss_time_out);
1349			ps_mode->local_listen_interval =
1350				cpu_to_le16(adapter->local_listen_interval);
1351			ps_mode->adhoc_wake_period =
1352				cpu_to_le16(adapter->adhoc_awake_period);
1353			ps_mode->delay_to_ps =
1354					cpu_to_le16(adapter->delay_to_ps);
1355			ps_mode->mode = cpu_to_le16(adapter->enhanced_ps_mode);
1356
1357		}
1358		if (ps_bitmap & BITMAP_AUTO_DS) {
1359			struct mwifiex_ie_types_auto_ds_param *auto_ds_tlv =
1360				(struct mwifiex_ie_types_auto_ds_param *) tlv;
1361			u16 idletime = 0;
1362
1363			auto_ds_tlv->header.type =
1364				cpu_to_le16(TLV_TYPE_AUTO_DS_PARAM);
1365			auto_ds_tlv->header.len =
1366				cpu_to_le16(sizeof(*auto_ds_tlv) -
1367					sizeof(struct mwifiex_ie_types_header));
1368			cmd_size += sizeof(*auto_ds_tlv);
1369			tlv += sizeof(*auto_ds_tlv);
1370			if (auto_ds)
1371				idletime = auto_ds->idle_time;
1372			mwifiex_dbg(priv->adapter, CMD,
1373				    "cmd: PS Command: Enter Auto Deep Sleep\n");
1374			auto_ds_tlv->deep_sleep_timeout = cpu_to_le16(idletime);
1375		}
1376		cmd->size = cpu_to_le16(cmd_size);
1377	}
1378	return 0;
1379}
1380
1381/*
1382 * This function handles the command response of an enhanced power mode
1383 * command.
1384 *
1385 * Handling includes changing the header fields into CPU format
1386 * and setting the current enhanced power mode in driver.
1387 */
1388int mwifiex_ret_enh_power_mode(struct mwifiex_private *priv,
1389			       struct host_cmd_ds_command *resp,
1390			       struct mwifiex_ds_pm_cfg *pm_cfg)
1391{
1392	struct mwifiex_adapter *adapter = priv->adapter;
1393	struct host_cmd_ds_802_11_ps_mode_enh *ps_mode =
1394		&resp->params.psmode_enh;
1395	uint16_t action = le16_to_cpu(ps_mode->action);
1396	uint16_t ps_bitmap = le16_to_cpu(ps_mode->params.ps_bitmap);
1397	uint16_t auto_ps_bitmap =
1398		le16_to_cpu(ps_mode->params.ps_bitmap);
1399
1400	mwifiex_dbg(adapter, INFO,
1401		    "info: %s: PS_MODE cmd reply result=%#x action=%#X\n",
1402		    __func__, resp->result, action);
1403	if (action == EN_AUTO_PS) {
1404		if (auto_ps_bitmap & BITMAP_AUTO_DS) {
1405			mwifiex_dbg(adapter, CMD,
1406				    "cmd: Enabled auto deep sleep\n");
1407			priv->adapter->is_deep_sleep = true;
1408		}
1409		if (auto_ps_bitmap & BITMAP_STA_PS) {
1410			mwifiex_dbg(adapter, CMD,
1411				    "cmd: Enabled STA power save\n");
1412			if (adapter->sleep_period.period)
1413				mwifiex_dbg(adapter, CMD,
1414					    "cmd: set to uapsd/pps mode\n");
1415		}
1416	} else if (action == DIS_AUTO_PS) {
1417		if (ps_bitmap & BITMAP_AUTO_DS) {
1418			priv->adapter->is_deep_sleep = false;
1419			mwifiex_dbg(adapter, CMD,
1420				    "cmd: Disabled auto deep sleep\n");
1421		}
1422		if (ps_bitmap & BITMAP_STA_PS) {
1423			mwifiex_dbg(adapter, CMD,
1424				    "cmd: Disabled STA power save\n");
1425			if (adapter->sleep_period.period) {
1426				adapter->delay_null_pkt = false;
1427				adapter->tx_lock_flag = false;
1428				adapter->pps_uapsd_mode = false;
1429			}
1430		}
1431	} else if (action == GET_PS) {
1432		if (ps_bitmap & BITMAP_STA_PS)
1433			adapter->ps_mode = MWIFIEX_802_11_POWER_MODE_PSP;
1434		else
1435			adapter->ps_mode = MWIFIEX_802_11_POWER_MODE_CAM;
1436
1437		mwifiex_dbg(adapter, CMD,
1438			    "cmd: ps_bitmap=%#x\n", ps_bitmap);
1439
1440		if (pm_cfg) {
1441			/* This section is for get power save mode */
1442			if (ps_bitmap & BITMAP_STA_PS)
1443				pm_cfg->param.ps_mode = 1;
1444			else
1445				pm_cfg->param.ps_mode = 0;
1446		}
1447	}
1448	return 0;
1449}
1450
1451/*
1452 * This function prepares command to get hardware specifications.
1453 *
1454 * Preparation includes -
1455 *      - Setting command ID, action and proper size
1456 *      - Setting permanent address parameter
1457 *      - Ensuring correct endian-ness
1458 */
1459int mwifiex_cmd_get_hw_spec(struct mwifiex_private *priv,
1460			    struct host_cmd_ds_command *cmd)
1461{
1462	struct host_cmd_ds_get_hw_spec *hw_spec = &cmd->params.hw_spec;
1463
1464	cmd->command = cpu_to_le16(HostCmd_CMD_GET_HW_SPEC);
1465	cmd->size =
1466		cpu_to_le16(sizeof(struct host_cmd_ds_get_hw_spec) + S_DS_GEN);
1467	memcpy(hw_spec->permanent_addr, priv->curr_addr, ETH_ALEN);
1468
1469	return 0;
1470}
1471
1472/*
1473 * This function handles the command response of get hardware
1474 * specifications.
1475 *
1476 * Handling includes changing the header fields into CPU format
1477 * and saving/updating the following parameters in driver -
1478 *      - Firmware capability information
1479 *      - Firmware band settings
1480 *      - Ad-hoc start band and channel
1481 *      - Ad-hoc 11n activation status
1482 *      - Firmware release number
1483 *      - Number of antennas
1484 *      - Hardware address
1485 *      - Hardware interface version
1486 *      - Firmware version
1487 *      - Region code
1488 *      - 11n capabilities
1489 *      - MCS support fields
1490 *      - MP end port
1491 */
1492int mwifiex_ret_get_hw_spec(struct mwifiex_private *priv,
1493			    struct host_cmd_ds_command *resp)
1494{
1495	struct host_cmd_ds_get_hw_spec *hw_spec = &resp->params.hw_spec;
1496	struct mwifiex_adapter *adapter = priv->adapter;
1497	struct mwifiex_ie_types_header *tlv;
1498	struct hw_spec_api_rev *api_rev;
1499	struct hw_spec_max_conn *max_conn;
1500	u16 resp_size, api_id;
1501	int i, left_len, parsed_len = 0;
1502
1503	adapter->fw_cap_info = le32_to_cpu(hw_spec->fw_cap_info);
1504
1505	if (IS_SUPPORT_MULTI_BANDS(adapter))
1506		adapter->fw_bands = (u8) GET_FW_DEFAULT_BANDS(adapter);
1507	else
1508		adapter->fw_bands = BAND_B;
1509
1510	adapter->config_bands = adapter->fw_bands;
1511
1512	if (adapter->fw_bands & BAND_A) {
1513		if (adapter->fw_bands & BAND_GN) {
1514			adapter->config_bands |= BAND_AN;
1515			adapter->fw_bands |= BAND_AN;
1516		}
1517		if (adapter->fw_bands & BAND_AN) {
1518			adapter->adhoc_start_band = BAND_A | BAND_AN;
1519			adapter->adhoc_11n_enabled = true;
1520		} else {
1521			adapter->adhoc_start_band = BAND_A;
1522		}
1523		priv->adhoc_channel = DEFAULT_AD_HOC_CHANNEL_A;
1524	} else if (adapter->fw_bands & BAND_GN) {
1525		adapter->adhoc_start_band = BAND_G | BAND_B | BAND_GN;
1526		priv->adhoc_channel = DEFAULT_AD_HOC_CHANNEL;
1527		adapter->adhoc_11n_enabled = true;
1528	} else if (adapter->fw_bands & BAND_G) {
1529		adapter->adhoc_start_band = BAND_G | BAND_B;
1530		priv->adhoc_channel = DEFAULT_AD_HOC_CHANNEL;
1531	} else if (adapter->fw_bands & BAND_B) {
1532		adapter->adhoc_start_band = BAND_B;
1533		priv->adhoc_channel = DEFAULT_AD_HOC_CHANNEL;
1534	}
1535
1536	adapter->fw_release_number = le32_to_cpu(hw_spec->fw_release_number);
1537	adapter->fw_api_ver = (adapter->fw_release_number >> 16) & 0xff;
1538	adapter->number_of_antenna =
1539			le16_to_cpu(hw_spec->number_of_antenna) & 0xf;
1540
1541	if (le32_to_cpu(hw_spec->dot_11ac_dev_cap)) {
1542		adapter->is_hw_11ac_capable = true;
1543
1544		/* Copy 11AC cap */
1545		adapter->hw_dot_11ac_dev_cap =
1546					le32_to_cpu(hw_spec->dot_11ac_dev_cap);
1547		adapter->usr_dot_11ac_dev_cap_bg = adapter->hw_dot_11ac_dev_cap
1548					& ~MWIFIEX_DEF_11AC_CAP_BF_RESET_MASK;
1549		adapter->usr_dot_11ac_dev_cap_a = adapter->hw_dot_11ac_dev_cap
1550					& ~MWIFIEX_DEF_11AC_CAP_BF_RESET_MASK;
1551
1552		/* Copy 11AC mcs */
1553		adapter->hw_dot_11ac_mcs_support =
1554				le32_to_cpu(hw_spec->dot_11ac_mcs_support);
1555		adapter->usr_dot_11ac_mcs_support =
1556					adapter->hw_dot_11ac_mcs_support;
1557	} else {
1558		adapter->is_hw_11ac_capable = false;
1559	}
1560
1561	resp_size = le16_to_cpu(resp->size) - S_DS_GEN;
1562	if (resp_size > sizeof(struct host_cmd_ds_get_hw_spec)) {
1563		/* we have variable HW SPEC information */
1564		left_len = resp_size - sizeof(struct host_cmd_ds_get_hw_spec);
1565		while (left_len > sizeof(struct mwifiex_ie_types_header)) {
1566			tlv = (void *)&hw_spec->tlvs + parsed_len;
1567			switch (le16_to_cpu(tlv->type)) {
1568			case TLV_TYPE_API_REV:
1569				api_rev = (struct hw_spec_api_rev *)tlv;
1570				api_id = le16_to_cpu(api_rev->api_id);
1571				switch (api_id) {
1572				case KEY_API_VER_ID:
1573					adapter->key_api_major_ver =
1574							api_rev->major_ver;
1575					adapter->key_api_minor_ver =
1576							api_rev->minor_ver;
1577					mwifiex_dbg(adapter, INFO,
1578						    "key_api v%d.%d\n",
1579						    adapter->key_api_major_ver,
1580						    adapter->key_api_minor_ver);
1581					break;
1582				case FW_API_VER_ID:
1583					adapter->fw_api_ver =
1584							api_rev->major_ver;
1585					mwifiex_dbg(adapter, INFO,
1586						    "Firmware api version %d.%d\n",
1587						    adapter->fw_api_ver,
1588						    api_rev->minor_ver);
1589					break;
1590				case UAP_FW_API_VER_ID:
1591					mwifiex_dbg(adapter, INFO,
1592						    "uAP api version %d.%d\n",
1593						    api_rev->major_ver,
1594						    api_rev->minor_ver);
1595					break;
1596				case CHANRPT_API_VER_ID:
1597					mwifiex_dbg(adapter, INFO,
1598						    "channel report api version %d.%d\n",
1599						    api_rev->major_ver,
1600						    api_rev->minor_ver);
1601					break;
1602				case FW_HOTFIX_VER_ID:
1603					mwifiex_dbg(adapter, INFO,
1604						    "Firmware hotfix version %d\n",
1605						    api_rev->major_ver);
1606					break;
1607				default:
1608					mwifiex_dbg(adapter, FATAL,
1609						    "Unknown api_id: %d\n",
1610						    api_id);
1611					break;
1612				}
1613				break;
1614			case TLV_TYPE_MAX_CONN:
1615				max_conn = (struct hw_spec_max_conn *)tlv;
1616				adapter->max_p2p_conn = max_conn->max_p2p_conn;
1617				adapter->max_sta_conn = max_conn->max_sta_conn;
1618				mwifiex_dbg(adapter, INFO,
1619					    "max p2p connections: %u\n",
1620					    adapter->max_p2p_conn);
1621				mwifiex_dbg(adapter, INFO,
1622					    "max sta connections: %u\n",
1623					    adapter->max_sta_conn);
1624				break;
1625			default:
1626				mwifiex_dbg(adapter, FATAL,
1627					    "Unknown GET_HW_SPEC TLV type: %#x\n",
1628					    le16_to_cpu(tlv->type));
1629				break;
1630			}
1631			parsed_len += le16_to_cpu(tlv->len) +
1632				      sizeof(struct mwifiex_ie_types_header);
1633			left_len -= le16_to_cpu(tlv->len) +
1634				      sizeof(struct mwifiex_ie_types_header);
1635		}
1636	}
1637
1638	mwifiex_dbg(adapter, INFO,
1639		    "info: GET_HW_SPEC: fw_release_number- %#x\n",
1640		    adapter->fw_release_number);
1641	mwifiex_dbg(adapter, INFO,
1642		    "info: GET_HW_SPEC: permanent addr: %pM\n",
1643		    hw_spec->permanent_addr);
1644	mwifiex_dbg(adapter, INFO,
1645		    "info: GET_HW_SPEC: hw_if_version=%#x version=%#x\n",
1646		    le16_to_cpu(hw_spec->hw_if_version),
1647		    le16_to_cpu(hw_spec->version));
1648
1649	ether_addr_copy(priv->adapter->perm_addr, hw_spec->permanent_addr);
1650	adapter->region_code = le16_to_cpu(hw_spec->region_code);
1651
1652	for (i = 0; i < MWIFIEX_MAX_REGION_CODE; i++)
1653		/* Use the region code to search for the index */
1654		if (adapter->region_code == region_code_index[i])
1655			break;
1656
1657	/* If it's unidentified region code, use the default (world) */
1658	if (i >= MWIFIEX_MAX_REGION_CODE) {
1659		adapter->region_code = 0x00;
1660		mwifiex_dbg(adapter, WARN,
1661			    "cmd: unknown region code, use default (USA)\n");
1662	}
1663
1664	adapter->hw_dot_11n_dev_cap = le32_to_cpu(hw_spec->dot_11n_dev_cap);
1665	adapter->hw_dev_mcs_support = hw_spec->dev_mcs_support;
1666	adapter->user_dev_mcs_support = adapter->hw_dev_mcs_support;
1667
1668	if (adapter->if_ops.update_mp_end_port)
1669		adapter->if_ops.update_mp_end_port(adapter,
1670					le16_to_cpu(hw_spec->mp_end_port));
1671
1672	if (adapter->fw_api_ver == MWIFIEX_FW_V15)
1673		adapter->scan_chan_gap_enabled = true;
1674
1675	return 0;
1676}
1677
1678/* This function handles the command response of hs wakeup reason
1679 * command.
1680 */
1681int mwifiex_ret_wakeup_reason(struct mwifiex_private *priv,
1682			      struct host_cmd_ds_command *resp,
1683			      struct host_cmd_ds_wakeup_reason *wakeup_reason)
1684{
1685	wakeup_reason->wakeup_reason =
1686		resp->params.hs_wakeup_reason.wakeup_reason;
1687
1688	return 0;
1689}