brcm80211/brcmfmac/p2p.c

0001 // SPDX-License-Identifier: ISC
0002 /*
0003  * Copyright (c) 2012 Broadcom Corporation
0004  */
0005 #include <linux/slab.h>
0006 #include <linux/netdevice.h>
0007 #include <linux/etherdevice.h>
0008 #include <linux/rtnetlink.h>
0009 #include <net/cfg80211.h>
0010
0011 #include <brcmu_wifi.h>
0012 #include <brcmu_utils.h>
0013 #include <defs.h>
0014 #include "core.h"
0015 #include "debug.h"
0016 #include "fwil.h"
0017 #include "fwil_types.h"
0018 #include "p2p.h"
0019 #include "cfg80211.h"
0020 #include "feature.h"
0021
0022 /* parameters used for p2p escan */
0023 #define P2PAPI_SCAN_NPROBES 1
0024 #define P2PAPI_SCAN_DWELL_TIME_MS 80
0025 #define P2PAPI_SCAN_SOCIAL_DWELL_TIME_MS 40
0026 #define P2PAPI_SCAN_HOME_TIME_MS 60
0027 #define P2PAPI_SCAN_NPROBS_TIME_MS 30
0028 #define P2PAPI_SCAN_AF_SEARCH_DWELL_TIME_MS 100
0029 #define WL_SCAN_CONNECT_DWELL_TIME_MS 200
0030 #define WL_SCAN_JOIN_PROBE_INTERVAL_MS 20
0031
0032 #define BRCMF_P2P_WILDCARD_SSID     "DIRECT-"
0033 #define BRCMF_P2P_WILDCARD_SSID_LEN (sizeof(BRCMF_P2P_WILDCARD_SSID) - 1)
0034
0035 #define SOCIAL_CHAN_1       1
0036 #define SOCIAL_CHAN_2       6
0037 #define SOCIAL_CHAN_3       11
0038 #define IS_P2P_SOCIAL_CHANNEL(channel) ((channel == SOCIAL_CHAN_1) || \
0039                      (channel == SOCIAL_CHAN_2) || \
0040                      (channel == SOCIAL_CHAN_3))
0041 #define BRCMF_P2P_TEMP_CHAN SOCIAL_CHAN_3
0042 #define SOCIAL_CHAN_CNT     3
0043 #define AF_PEER_SEARCH_CNT  2
0044
0045 #define BRCMF_SCB_TIMEOUT_VALUE 20
0046
0047 #define P2P_VER         9   /* P2P version: 9=WiFi P2P v1.0 */
0048 #define P2P_PUB_AF_CATEGORY 0x04
0049 #define P2P_PUB_AF_ACTION   0x09
0050 #define P2P_AF_CATEGORY     0x7f
0051 #define P2P_OUI         "\x50\x6F\x9A"  /* P2P OUI */
0052 #define P2P_OUI_LEN     3       /* P2P OUI length */
0053
0054 /* Action Frame Constants */
0055 #define DOT11_ACTION_HDR_LEN    2   /* action frame category + action */
0056 #define DOT11_ACTION_CAT_OFF    0   /* category offset */
0057 #define DOT11_ACTION_ACT_OFF    1   /* action offset */
0058
0059 #define P2P_AF_DWELL_TIME       200
0060 #define P2P_AF_MIN_DWELL_TIME       100
0061 #define P2P_AF_MED_DWELL_TIME       400
0062 #define P2P_AF_LONG_DWELL_TIME      1000
0063 #define P2P_AF_TX_MAX_RETRY     5
0064 #define P2P_AF_MAX_WAIT_TIME        msecs_to_jiffies(2000)
0065 #define P2P_INVALID_CHANNEL     -1
0066 #define P2P_CHANNEL_SYNC_RETRY      5
0067 #define P2P_AF_FRM_SCAN_MAX_WAIT    msecs_to_jiffies(450)
0068 #define P2P_DEFAULT_SLEEP_TIME_VSDB 200
0069 #define P2P_AF_RETRY_DELAY_TIME     40
0070
0071 /* WiFi P2P Public Action Frame OUI Subtypes */
0072 #define P2P_PAF_GON_REQ     0   /* Group Owner Negotiation Req */
0073 #define P2P_PAF_GON_RSP     1   /* Group Owner Negotiation Rsp */
0074 #define P2P_PAF_GON_CONF    2   /* Group Owner Negotiation Confirm */
0075 #define P2P_PAF_INVITE_REQ  3   /* P2P Invitation Request */
0076 #define P2P_PAF_INVITE_RSP  4   /* P2P Invitation Response */
0077 #define P2P_PAF_DEVDIS_REQ  5   /* Device Discoverability Request */
0078 #define P2P_PAF_DEVDIS_RSP  6   /* Device Discoverability Response */
0079 #define P2P_PAF_PROVDIS_REQ 7   /* Provision Discovery Request */
0080 #define P2P_PAF_PROVDIS_RSP 8   /* Provision Discovery Response */
0081 #define P2P_PAF_SUBTYPE_INVALID 255 /* Invalid Subtype */
0082
0083 /* WiFi P2P Action Frame OUI Subtypes */
0084 #define P2P_AF_NOTICE_OF_ABSENCE    0   /* Notice of Absence */
0085 #define P2P_AF_PRESENCE_REQ     1   /* P2P Presence Request */
0086 #define P2P_AF_PRESENCE_RSP     2   /* P2P Presence Response */
0087 #define P2P_AF_GO_DISC_REQ      3   /* GO Discoverability Request */
0088
0089 /* P2P Service Discovery related */
0090 #define P2PSD_ACTION_CATEGORY       0x04    /* Public action frame */
0091 #define P2PSD_ACTION_ID_GAS_IREQ    0x0a    /* GAS Initial Request AF */
0092 #define P2PSD_ACTION_ID_GAS_IRESP   0x0b    /* GAS Initial Response AF */
0093 #define P2PSD_ACTION_ID_GAS_CREQ    0x0c    /* GAS Comeback Request AF */
0094 #define P2PSD_ACTION_ID_GAS_CRESP   0x0d    /* GAS Comeback Response AF */
0095
0096 #define BRCMF_P2P_DISABLE_TIMEOUT   msecs_to_jiffies(500)
0097
0098 /* Mask for retry counter of custom dwell time */
0099 #define CUSTOM_RETRY_MASK 0xff000000
0100 /**
0101  * struct brcmf_p2p_disc_st_le - set discovery state in firmware.
0102  *
0103  * @state: requested discovery state (see enum brcmf_p2p_disc_state).
0104  * @chspec: channel parameter for %WL_P2P_DISC_ST_LISTEN state.
0105  * @dwell: dwell time in ms for %WL_P2P_DISC_ST_LISTEN state.
0106  */
0107 struct brcmf_p2p_disc_st_le {
0108     u8 state;
0109     __le16 chspec;
0110     __le16 dwell;
0111 };
0112
0113 /**
0114  * enum brcmf_p2p_disc_state - P2P discovery state values
0115  *
0116  * @WL_P2P_DISC_ST_SCAN: P2P discovery with wildcard SSID and P2P IE.
0117  * @WL_P2P_DISC_ST_LISTEN: P2P discovery off-channel for specified time.
0118  * @WL_P2P_DISC_ST_SEARCH: P2P discovery with P2P wildcard SSID and P2P IE.
0119  */
0120 enum brcmf_p2p_disc_state {
0121     WL_P2P_DISC_ST_SCAN,
0122     WL_P2P_DISC_ST_LISTEN,
0123     WL_P2P_DISC_ST_SEARCH
0124 };
0125
0126 /**
0127  * struct brcmf_p2p_scan_le - P2P specific scan request.
0128  *
0129  * @type: type of scan method requested (values: 'E' or 'S').
0130  * @reserved: reserved (ignored).
0131  * @eparams: parameters used for type 'E'.
0132  * @sparams: parameters used for type 'S'.
0133  */
0134 struct brcmf_p2p_scan_le {
0135     u8 type;
0136     u8 reserved[3];
0137     union {
0138         struct brcmf_escan_params_le eparams;
0139         struct brcmf_scan_params_le sparams;
0140     };
0141 };
0142
0143 /**
0144  * struct brcmf_p2p_pub_act_frame - WiFi P2P Public Action Frame
0145  *
0146  * @category: P2P_PUB_AF_CATEGORY
0147  * @action: P2P_PUB_AF_ACTION
0148  * @oui: P2P_OUI
0149  * @oui_type: OUI type - P2P_VER
0150  * @subtype: OUI subtype - P2P_TYPE_*
0151  * @dialog_token: nonzero, identifies req/rsp transaction
0152  * @elts: Variable length information elements.
0153  */
0154 struct brcmf_p2p_pub_act_frame {
0155     u8  category;
0156     u8  action;
0157     u8  oui[3];
0158     u8  oui_type;
0159     u8  subtype;
0160     u8  dialog_token;
0161     u8  elts[];
0162 };
0163
0164 /**
0165  * struct brcmf_p2p_action_frame - WiFi P2P Action Frame
0166  *
0167  * @category: P2P_AF_CATEGORY
0168  * @oui: OUI - P2P_OUI
0169  * @type: OUI Type - P2P_VER
0170  * @subtype: OUI Subtype - P2P_AF_*
0171  * @dialog_token: nonzero, identifies req/resp tranaction
0172  * @elts: Variable length information elements.
0173  */
0174 struct brcmf_p2p_action_frame {
0175     u8  category;
0176     u8  oui[3];
0177     u8  type;
0178     u8  subtype;
0179     u8  dialog_token;
0180     u8  elts[];
0181 };
0182
0183 /**
0184  * struct brcmf_p2psd_gas_pub_act_frame - Wi-Fi GAS Public Action Frame
0185  *
0186  * @category: 0x04 Public Action Frame
0187  * @action: 0x6c Advertisement Protocol
0188  * @dialog_token: nonzero, identifies req/rsp transaction
0189  * @query_data: Query Data. SD gas ireq SD gas iresp
0190  */
0191 struct brcmf_p2psd_gas_pub_act_frame {
0192     u8  category;
0193     u8  action;
0194     u8  dialog_token;
0195     u8  query_data[];
0196 };
0197
0198 /**
0199  * struct brcmf_config_af_params - Action Frame Parameters for tx.
0200  *
0201  * @mpc_onoff: To make sure to send successfully action frame, we have to
0202  *             turn off mpc  0: off, 1: on,  (-1): do nothing
0203  * @search_channel: 1: search peer's channel to send af
0204  * @extra_listen: keep the dwell time to get af response frame.
0205  */
0206 struct brcmf_config_af_params {
0207     s32 mpc_onoff;
0208     bool search_channel;
0209     bool extra_listen;
0210 };
0211
0212 /**
0213  * brcmf_p2p_is_pub_action() - true if p2p public type frame.
0214  *
0215  * @frame: action frame data.
0216  * @frame_len: length of action frame data.
0217  *
0218  * Determine if action frame is p2p public action type
0219  */
0220 static bool brcmf_p2p_is_pub_action(void *frame, u32 frame_len)
0221 {
0222     struct brcmf_p2p_pub_act_frame *pact_frm;
0223
0224     if (frame == NULL)
0225         return false;
0226
0227     pact_frm = (struct brcmf_p2p_pub_act_frame *)frame;
0228     if (frame_len < sizeof(*pact_frm))
0229         return false;
0230
0231     if (pact_frm->category == P2P_PUB_AF_CATEGORY &&
0232         pact_frm->action == P2P_PUB_AF_ACTION &&
0233         pact_frm->oui_type == P2P_VER &&
0234         memcmp(pact_frm->oui, P2P_OUI, P2P_OUI_LEN) == 0)
0235         return true;
0236
0237     return false;
0238 }
0239
0240 /**
0241  * brcmf_p2p_is_p2p_action() - true if p2p action type frame.
0242  *
0243  * @frame: action frame data.
0244  * @frame_len: length of action frame data.
0245  *
0246  * Determine if action frame is p2p action type
0247  */
0248 static bool brcmf_p2p_is_p2p_action(void *frame, u32 frame_len)
0249 {
0250     struct brcmf_p2p_action_frame *act_frm;
0251
0252     if (frame == NULL)
0253         return false;
0254
0255     act_frm = (struct brcmf_p2p_action_frame *)frame;
0256     if (frame_len < sizeof(*act_frm))
0257         return false;
0258
0259     if (act_frm->category == P2P_AF_CATEGORY &&
0260         act_frm->type  == P2P_VER &&
0261         memcmp(act_frm->oui, P2P_OUI, P2P_OUI_LEN) == 0)
0262         return true;
0263
0264     return false;
0265 }
0266
0267 /**
0268  * brcmf_p2p_is_gas_action() - true if p2p gas action type frame.
0269  *
0270  * @frame: action frame data.
0271  * @frame_len: length of action frame data.
0272  *
0273  * Determine if action frame is p2p gas action type
0274  */
0275 static bool brcmf_p2p_is_gas_action(void *frame, u32 frame_len)
0276 {
0277     struct brcmf_p2psd_gas_pub_act_frame *sd_act_frm;
0278
0279     if (frame == NULL)
0280         return false;
0281
0282     sd_act_frm = (struct brcmf_p2psd_gas_pub_act_frame *)frame;
0283     if (frame_len < sizeof(*sd_act_frm))
0284         return false;
0285
0286     if (sd_act_frm->category != P2PSD_ACTION_CATEGORY)
0287         return false;
0288
0289     if (sd_act_frm->action == P2PSD_ACTION_ID_GAS_IREQ ||
0290         sd_act_frm->action == P2PSD_ACTION_ID_GAS_IRESP ||
0291         sd_act_frm->action == P2PSD_ACTION_ID_GAS_CREQ ||
0292         sd_act_frm->action == P2PSD_ACTION_ID_GAS_CRESP)
0293         return true;
0294
0295     return false;
0296 }
0297
0298 /**
0299  * brcmf_p2p_print_actframe() - debug print routine.
0300  *
0301  * @tx: Received or to be transmitted
0302  * @frame: action frame data.
0303  * @frame_len: length of action frame data.
0304  *
0305  * Print information about the p2p action frame
0306  */
0307
0308 #ifdef DEBUG
0309
0310 static void brcmf_p2p_print_actframe(bool tx, void *frame, u32 frame_len)
0311 {
0312     struct brcmf_p2p_pub_act_frame *pact_frm;
0313     struct brcmf_p2p_action_frame *act_frm;
0314     struct brcmf_p2psd_gas_pub_act_frame *sd_act_frm;
0315
0316     if (!frame || frame_len <= 2)
0317         return;
0318
0319     if (brcmf_p2p_is_pub_action(frame, frame_len)) {
0320         pact_frm = (struct brcmf_p2p_pub_act_frame *)frame;
0321         switch (pact_frm->subtype) {
0322         case P2P_PAF_GON_REQ:
0323             brcmf_dbg(TRACE, "%s P2P Group Owner Negotiation Req Frame\n",
0324                   (tx) ? "TX" : "RX");
0325             break;
0326         case P2P_PAF_GON_RSP:
0327             brcmf_dbg(TRACE, "%s P2P Group Owner Negotiation Rsp Frame\n",
0328                   (tx) ? "TX" : "RX");
0329             break;
0330         case P2P_PAF_GON_CONF:
0331             brcmf_dbg(TRACE, "%s P2P Group Owner Negotiation Confirm Frame\n",
0332                   (tx) ? "TX" : "RX");
0333             break;
0334         case P2P_PAF_INVITE_REQ:
0335             brcmf_dbg(TRACE, "%s P2P Invitation Request  Frame\n",
0336                   (tx) ? "TX" : "RX");
0337             break;
0338         case P2P_PAF_INVITE_RSP:
0339             brcmf_dbg(TRACE, "%s P2P Invitation Response Frame\n",
0340                   (tx) ? "TX" : "RX");
0341             break;
0342         case P2P_PAF_DEVDIS_REQ:
0343             brcmf_dbg(TRACE, "%s P2P Device Discoverability Request Frame\n",
0344                   (tx) ? "TX" : "RX");
0345             break;
0346         case P2P_PAF_DEVDIS_RSP:
0347             brcmf_dbg(TRACE, "%s P2P Device Discoverability Response Frame\n",
0348                   (tx) ? "TX" : "RX");
0349             break;
0350         case P2P_PAF_PROVDIS_REQ:
0351             brcmf_dbg(TRACE, "%s P2P Provision Discovery Request Frame\n",
0352                   (tx) ? "TX" : "RX");
0353             break;
0354         case P2P_PAF_PROVDIS_RSP:
0355             brcmf_dbg(TRACE, "%s P2P Provision Discovery Response Frame\n",
0356                   (tx) ? "TX" : "RX");
0357             break;
0358         default:
0359             brcmf_dbg(TRACE, "%s Unknown P2P Public Action Frame\n",
0360                   (tx) ? "TX" : "RX");
0361             break;
0362         }
0363     } else if (brcmf_p2p_is_p2p_action(frame, frame_len)) {
0364         act_frm = (struct brcmf_p2p_action_frame *)frame;
0365         switch (act_frm->subtype) {
0366         case P2P_AF_NOTICE_OF_ABSENCE:
0367             brcmf_dbg(TRACE, "%s P2P Notice of Absence Frame\n",
0368                   (tx) ? "TX" : "RX");
0369             break;
0370         case P2P_AF_PRESENCE_REQ:
0371             brcmf_dbg(TRACE, "%s P2P Presence Request Frame\n",
0372                   (tx) ? "TX" : "RX");
0373             break;
0374         case P2P_AF_PRESENCE_RSP:
0375             brcmf_dbg(TRACE, "%s P2P Presence Response Frame\n",
0376                   (tx) ? "TX" : "RX");
0377             break;
0378         case P2P_AF_GO_DISC_REQ:
0379             brcmf_dbg(TRACE, "%s P2P Discoverability Request Frame\n",
0380                   (tx) ? "TX" : "RX");
0381             break;
0382         default:
0383             brcmf_dbg(TRACE, "%s Unknown P2P Action Frame\n",
0384                   (tx) ? "TX" : "RX");
0385         }
0386
0387     } else if (brcmf_p2p_is_gas_action(frame, frame_len)) {
0388         sd_act_frm = (struct brcmf_p2psd_gas_pub_act_frame *)frame;
0389         switch (sd_act_frm->action) {
0390         case P2PSD_ACTION_ID_GAS_IREQ:
0391             brcmf_dbg(TRACE, "%s P2P GAS Initial Request\n",
0392                   (tx) ? "TX" : "RX");
0393             break;
0394         case P2PSD_ACTION_ID_GAS_IRESP:
0395             brcmf_dbg(TRACE, "%s P2P GAS Initial Response\n",
0396                   (tx) ? "TX" : "RX");
0397             break;
0398         case P2PSD_ACTION_ID_GAS_CREQ:
0399             brcmf_dbg(TRACE, "%s P2P GAS Comeback Request\n",
0400                   (tx) ? "TX" : "RX");
0401             break;
0402         case P2PSD_ACTION_ID_GAS_CRESP:
0403             brcmf_dbg(TRACE, "%s P2P GAS Comeback Response\n",
0404                   (tx) ? "TX" : "RX");
0405             break;
0406         default:
0407             brcmf_dbg(TRACE, "%s Unknown P2P GAS Frame\n",
0408                   (tx) ? "TX" : "RX");
0409             break;
0410         }
0411     }
0412 }
0413
0414 #else
0415
0416 static void brcmf_p2p_print_actframe(bool tx, void *frame, u32 frame_len)
0417 {
0418 }
0419
0420 #endif
0421
0422
0423 /**
0424  * brcmf_p2p_set_firmware() - prepare firmware for peer-to-peer operation.
0425  *
0426  * @ifp: ifp to use for iovars (primary).
0427  * @p2p_mac: mac address to configure for p2p_da_override
0428  */
0429 static int brcmf_p2p_set_firmware(struct brcmf_if *ifp, u8 *p2p_mac)
0430 {
0431     struct brcmf_pub *drvr = ifp->drvr;
0432     s32 ret = 0;
0433
0434     brcmf_fil_cmd_int_set(ifp, BRCMF_C_DOWN, 1);
0435     brcmf_fil_iovar_int_set(ifp, "apsta", 1);
0436     brcmf_fil_cmd_int_set(ifp, BRCMF_C_UP, 1);
0437
0438     /* In case of COB type, firmware has default mac address
0439      * After Initializing firmware, we have to set current mac address to
0440      * firmware for P2P device address. This must be done with discovery
0441      * disabled.
0442      */
0443     brcmf_fil_iovar_int_set(ifp, "p2p_disc", 0);
0444
0445     ret = brcmf_fil_iovar_data_set(ifp, "p2p_da_override", p2p_mac,
0446                        ETH_ALEN);
0447     if (ret)
0448         bphy_err(drvr, "failed to update device address ret %d\n", ret);
0449
0450     return ret;
0451 }
0452
0453 /**
0454  * brcmf_p2p_generate_bss_mac() - derive mac addresses for P2P.
0455  *
0456  * @p2p: P2P specific data.
0457  * @dev_addr: optional device address.
0458  *
0459  * P2P needs mac addresses for P2P device and interface. If no device
0460  * address it specified, these are derived from a random ethernet
0461  * address.
0462  */
0463 static void brcmf_p2p_generate_bss_mac(struct brcmf_p2p_info *p2p, u8 *dev_addr)
0464 {
0465     struct brcmf_if *pri_ifp = p2p->bss_idx[P2PAPI_BSSCFG_PRIMARY].vif->ifp;
0466     bool random_addr = false;
0467     bool local_admin = false;
0468
0469     if (!dev_addr || is_zero_ether_addr(dev_addr)) {
0470         /* If the primary interface address is already locally
0471          * administered, create a new random address.
0472          */
0473         if (pri_ifp->mac_addr[0] & 0x02) {
0474             random_addr = true;
0475         } else {
0476             dev_addr = pri_ifp->mac_addr;
0477             local_admin = true;
0478         }
0479     }
0480
0481     /* Generate the P2P Device Address obtaining a random ethernet
0482      * address with the locally administered bit set.
0483      */
0484     if (random_addr)
0485         eth_random_addr(p2p->dev_addr);
0486     else
0487         memcpy(p2p->dev_addr, dev_addr, ETH_ALEN);
0488
0489     if (local_admin)
0490         p2p->dev_addr[0] |= 0x02;
0491
0492     /* Generate the P2P Interface Address.  If the discovery and connection
0493      * BSSCFGs need to simultaneously co-exist, then this address must be
0494      * different from the P2P Device Address, but also locally administered.
0495      */
0496     memcpy(p2p->conn_int_addr, p2p->dev_addr, ETH_ALEN);
0497     p2p->conn_int_addr[0] |= 0x02;
0498     p2p->conn_int_addr[4] ^= 0x80;
0499
0500     memcpy(p2p->conn2_int_addr, p2p->dev_addr, ETH_ALEN);
0501     p2p->conn2_int_addr[0] |= 0x02;
0502     p2p->conn2_int_addr[4] ^= 0x90;
0503 }
0504
0505 /**
0506  * brcmf_p2p_scan_is_p2p_request() - is cfg80211 scan request a P2P scan.
0507  *
0508  * @request: the scan request as received from cfg80211.
0509  *
0510  * returns true if one of the ssids in the request matches the
0511  * P2P wildcard ssid; otherwise returns false.
0512  */
0513 static bool brcmf_p2p_scan_is_p2p_request(struct cfg80211_scan_request *request)
0514 {
0515     struct cfg80211_ssid *ssids = request->ssids;
0516     int i;
0517
0518     for (i = 0; i < request->n_ssids; i++) {
0519         if (ssids[i].ssid_len != BRCMF_P2P_WILDCARD_SSID_LEN)
0520             continue;
0521
0522         brcmf_dbg(INFO, "comparing ssid \"%s\"", ssids[i].ssid);
0523         if (!memcmp(BRCMF_P2P_WILDCARD_SSID, ssids[i].ssid,
0524                 BRCMF_P2P_WILDCARD_SSID_LEN))
0525             return true;
0526     }
0527     return false;
0528 }
0529
0530 /**
0531  * brcmf_p2p_set_discover_state - set discover state in firmware.
0532  *
0533  * @ifp: low-level interface object.
0534  * @state: discover state to set.
0535  * @chanspec: channel parameters (for state @WL_P2P_DISC_ST_LISTEN only).
0536  * @listen_ms: duration to listen (for state @WL_P2P_DISC_ST_LISTEN only).
0537  */
0538 static s32 brcmf_p2p_set_discover_state(struct brcmf_if *ifp, u8 state,
0539                     u16 chanspec, u16 listen_ms)
0540 {
0541     struct brcmf_p2p_disc_st_le discover_state;
0542     s32 ret = 0;
0543     brcmf_dbg(TRACE, "enter\n");
0544
0545     discover_state.state = state;
0546     discover_state.chspec = cpu_to_le16(chanspec);
0547     discover_state.dwell = cpu_to_le16(listen_ms);
0548     ret = brcmf_fil_bsscfg_data_set(ifp, "p2p_state", &discover_state,
0549                     sizeof(discover_state));
0550     return ret;
0551 }
0552
0553 /**
0554  * brcmf_p2p_deinit_discovery() - disable P2P device discovery.
0555  *
0556  * @p2p: P2P specific data.
0557  *
0558  * Resets the discovery state and disables it in firmware.
0559  */
0560 static s32 brcmf_p2p_deinit_discovery(struct brcmf_p2p_info *p2p)
0561 {
0562     struct brcmf_cfg80211_vif *vif;
0563
0564     brcmf_dbg(TRACE, "enter\n");
0565
0566     /* Set the discovery state to SCAN */
0567     vif = p2p->bss_idx[P2PAPI_BSSCFG_DEVICE].vif;
0568     (void)brcmf_p2p_set_discover_state(vif->ifp, WL_P2P_DISC_ST_SCAN, 0, 0);
0569
0570     /* Disable P2P discovery in the firmware */
0571     vif = p2p->bss_idx[P2PAPI_BSSCFG_PRIMARY].vif;
0572     (void)brcmf_fil_iovar_int_set(vif->ifp, "p2p_disc", 0);
0573
0574     return 0;
0575 }
0576
0577 /**
0578  * brcmf_p2p_enable_discovery() - initialize and configure discovery.
0579  *
0580  * @p2p: P2P specific data.
0581  *
0582  * Initializes the discovery device and configure the virtual interface.
0583  */
0584 static int brcmf_p2p_enable_discovery(struct brcmf_p2p_info *p2p)
0585 {
0586     struct brcmf_pub *drvr = p2p->cfg->pub;
0587     struct brcmf_cfg80211_vif *vif;
0588     s32 ret = 0;
0589
0590     brcmf_dbg(TRACE, "enter\n");
0591     vif = p2p->bss_idx[P2PAPI_BSSCFG_DEVICE].vif;
0592     if (!vif) {
0593         bphy_err(drvr, "P2P config device not available\n");
0594         ret = -EPERM;
0595         goto exit;
0596     }
0597
0598     if (test_bit(BRCMF_P2P_STATUS_ENABLED, &p2p->status)) {
0599         brcmf_dbg(INFO, "P2P config device already configured\n");
0600         goto exit;
0601     }
0602
0603     /* Re-initialize P2P Discovery in the firmware */
0604     vif = p2p->bss_idx[P2PAPI_BSSCFG_PRIMARY].vif;
0605     ret = brcmf_fil_iovar_int_set(vif->ifp, "p2p_disc", 1);
0606     if (ret < 0) {
0607         bphy_err(drvr, "set p2p_disc error\n");
0608         goto exit;
0609     }
0610     vif = p2p->bss_idx[P2PAPI_BSSCFG_DEVICE].vif;
0611     ret = brcmf_p2p_set_discover_state(vif->ifp, WL_P2P_DISC_ST_SCAN, 0, 0);
0612     if (ret < 0) {
0613         bphy_err(drvr, "unable to set WL_P2P_DISC_ST_SCAN\n");
0614         goto exit;
0615     }
0616
0617     /*
0618      * Set wsec to any non-zero value in the discovery bsscfg
0619      * to ensure our P2P probe responses have the privacy bit
0620      * set in the 802.11 WPA IE. Some peer devices may not
0621      * initiate WPS with us if this bit is not set.
0622      */
0623     ret = brcmf_fil_bsscfg_int_set(vif->ifp, "wsec", AES_ENABLED);
0624     if (ret < 0) {
0625         bphy_err(drvr, "wsec error %d\n", ret);
0626         goto exit;
0627     }
0628
0629     set_bit(BRCMF_P2P_STATUS_ENABLED, &p2p->status);
0630 exit:
0631     return ret;
0632 }
0633
0634 /**
0635  * brcmf_p2p_escan() - initiate a P2P scan.
0636  *
0637  * @p2p: P2P specific data.
0638  * @num_chans: number of channels to scan.
0639  * @chanspecs: channel parameters for @num_chans channels.
0640  * @search_state: P2P discover state to use.
0641  * @bss_type: type of P2P bss.
0642  */
0643 static s32 brcmf_p2p_escan(struct brcmf_p2p_info *p2p, u32 num_chans,
0644                u16 chanspecs[], s32 search_state,
0645                enum p2p_bss_type bss_type)
0646 {
0647     struct brcmf_pub *drvr = p2p->cfg->pub;
0648     s32 ret = 0;
0649     s32 memsize = offsetof(struct brcmf_p2p_scan_le,
0650                    eparams.params_le.channel_list);
0651     s32 nprobes;
0652     s32 active;
0653     u32 i;
0654     u8 *memblk;
0655     struct brcmf_cfg80211_vif *vif;
0656     struct brcmf_p2p_scan_le *p2p_params;
0657     struct brcmf_scan_params_le *sparams;
0658
0659     memsize += num_chans * sizeof(__le16);
0660     memblk = kzalloc(memsize, GFP_KERNEL);
0661     if (!memblk)
0662         return -ENOMEM;
0663
0664     vif = p2p->bss_idx[bss_type].vif;
0665     if (vif == NULL) {
0666         bphy_err(drvr, "no vif for bss type %d\n", bss_type);
0667         ret = -EINVAL;
0668         goto exit;
0669     }
0670     p2p_params = (struct brcmf_p2p_scan_le *)memblk;
0671     sparams = &p2p_params->eparams.params_le;
0672
0673     switch (search_state) {
0674     case WL_P2P_DISC_ST_SEARCH:
0675         /*
0676          * If we in SEARCH STATE, we don't need to set SSID explictly
0677          * because dongle use P2P WILDCARD internally by default, use
0678          * null ssid, which it is already due to kzalloc.
0679          */
0680         break;
0681     case WL_P2P_DISC_ST_SCAN:
0682         /*
0683          * wpa_supplicant has p2p_find command with type social or
0684          * progressive. For progressive, we need to set the ssid to
0685          * P2P WILDCARD because we just do broadcast scan unless
0686          * setting SSID.
0687          */
0688         sparams->ssid_le.SSID_len =
0689                 cpu_to_le32(BRCMF_P2P_WILDCARD_SSID_LEN);
0690         memcpy(sparams->ssid_le.SSID, BRCMF_P2P_WILDCARD_SSID,
0691                BRCMF_P2P_WILDCARD_SSID_LEN);
0692         break;
0693     default:
0694         bphy_err(drvr, " invalid search state %d\n", search_state);
0695         ret = -EINVAL;
0696         goto exit;
0697     }
0698
0699     brcmf_p2p_set_discover_state(vif->ifp, search_state, 0, 0);
0700
0701     /*
0702      * set p2p scan parameters.
0703      */
0704     p2p_params->type = 'E';
0705
0706     /* determine the scan engine parameters */
0707     sparams->bss_type = DOT11_BSSTYPE_ANY;
0708     sparams->scan_type = BRCMF_SCANTYPE_ACTIVE;
0709
0710     eth_broadcast_addr(sparams->bssid);
0711     sparams->home_time = cpu_to_le32(P2PAPI_SCAN_HOME_TIME_MS);
0712
0713     /*
0714      * SOCIAL_CHAN_CNT + 1 takes care of the Progressive scan
0715      * supported by the supplicant.
0716      */
0717     if (num_chans == SOCIAL_CHAN_CNT || num_chans == (SOCIAL_CHAN_CNT + 1))
0718         active = P2PAPI_SCAN_SOCIAL_DWELL_TIME_MS;
0719     else if (num_chans == AF_PEER_SEARCH_CNT)
0720         active = P2PAPI_SCAN_AF_SEARCH_DWELL_TIME_MS;
0721     else if (brcmf_get_vif_state_any(p2p->cfg, BRCMF_VIF_STATUS_CONNECTED))
0722         active = -1;
0723     else
0724         active = P2PAPI_SCAN_DWELL_TIME_MS;
0725
0726     /* Override scan params to find a peer for a connection */
0727     if (num_chans == 1) {
0728         active = WL_SCAN_CONNECT_DWELL_TIME_MS;
0729         /* WAR to sync with presence period of VSDB GO.
0730          * send probe request more frequently
0731          */
0732         nprobes = active / WL_SCAN_JOIN_PROBE_INTERVAL_MS;
0733     } else {
0734         nprobes = active / P2PAPI_SCAN_NPROBS_TIME_MS;
0735     }
0736
0737     if (nprobes <= 0)
0738         nprobes = 1;
0739
0740     brcmf_dbg(INFO, "nprobes # %d, active_time %d\n", nprobes, active);
0741     sparams->active_time = cpu_to_le32(active);
0742     sparams->nprobes = cpu_to_le32(nprobes);
0743     sparams->passive_time = cpu_to_le32(-1);
0744     sparams->channel_num = cpu_to_le32(num_chans &
0745                        BRCMF_SCAN_PARAMS_COUNT_MASK);
0746     for (i = 0; i < num_chans; i++)
0747         sparams->channel_list[i] = cpu_to_le16(chanspecs[i]);
0748
0749     /* set the escan specific parameters */
0750     p2p_params->eparams.version = cpu_to_le32(BRCMF_ESCAN_REQ_VERSION);
0751     p2p_params->eparams.action =  cpu_to_le16(WL_ESCAN_ACTION_START);
0752     p2p_params->eparams.sync_id = cpu_to_le16(0x1234);
0753     /* perform p2p scan on primary device */
0754     ret = brcmf_fil_bsscfg_data_set(vif->ifp, "p2p_scan", memblk, memsize);
0755     if (!ret)
0756         set_bit(BRCMF_SCAN_STATUS_BUSY, &p2p->cfg->scan_status);
0757 exit:
0758     kfree(memblk);
0759     return ret;
0760 }
0761
0762 /**
0763  * brcmf_p2p_run_escan() - escan callback for peer-to-peer.
0764  *
0765  * @cfg: driver private data for cfg80211 interface.
0766  * @ifp: interface control.
0767  * @request: scan request from cfg80211.
0768  *
0769  * Determines the P2P discovery state based to scan request parameters and
0770  * validates the channels in the request.
0771  */
0772 static s32 brcmf_p2p_run_escan(struct brcmf_cfg80211_info *cfg,
0773                    struct brcmf_if *ifp,
0774                    struct cfg80211_scan_request *request)
0775 {
0776     struct brcmf_p2p_info *p2p = &cfg->p2p;
0777     struct brcmf_pub *drvr = cfg->pub;
0778     s32 err = 0;
0779     s32 search_state = WL_P2P_DISC_ST_SCAN;
0780     struct brcmf_cfg80211_vif *vif;
0781     struct net_device *dev = NULL;
0782     int i, num_nodfs = 0;
0783     u16 *chanspecs;
0784
0785     brcmf_dbg(TRACE, "enter\n");
0786
0787     if (!request) {
0788         err = -EINVAL;
0789         goto exit;
0790     }
0791
0792     if (request->n_channels) {
0793         chanspecs = kcalloc(request->n_channels, sizeof(*chanspecs),
0794                     GFP_KERNEL);
0795         if (!chanspecs) {
0796             err = -ENOMEM;
0797             goto exit;
0798         }
0799         vif = p2p->bss_idx[P2PAPI_BSSCFG_CONNECTION].vif;
0800         if (vif)
0801             dev = vif->wdev.netdev;
0802         if (request->n_channels == 3 &&
0803             request->channels[0]->hw_value == SOCIAL_CHAN_1 &&
0804             request->channels[1]->hw_value == SOCIAL_CHAN_2 &&
0805             request->channels[2]->hw_value == SOCIAL_CHAN_3) {
0806             /* SOCIAL CHANNELS 1, 6, 11 */
0807             search_state = WL_P2P_DISC_ST_SEARCH;
0808             brcmf_dbg(INFO, "P2P SEARCH PHASE START\n");
0809         } else if (dev != NULL &&
0810                vif->wdev.iftype == NL80211_IFTYPE_P2P_GO) {
0811             /* If you are already a GO, then do SEARCH only */
0812             brcmf_dbg(INFO, "Already a GO. Do SEARCH Only\n");
0813             search_state = WL_P2P_DISC_ST_SEARCH;
0814         } else {
0815             brcmf_dbg(INFO, "P2P SCAN STATE START\n");
0816         }
0817
0818         /*
0819          * no P2P scanning on passive or DFS channels.
0820          */
0821         for (i = 0; i < request->n_channels; i++) {
0822             struct ieee80211_channel *chan = request->channels[i];
0823
0824             if (chan->flags & (IEEE80211_CHAN_RADAR |
0825                        IEEE80211_CHAN_NO_IR))
0826                 continue;
0827
0828             chanspecs[i] = channel_to_chanspec(&p2p->cfg->d11inf,
0829                                chan);
0830             brcmf_dbg(INFO, "%d: chan=%d, channel spec=%x\n",
0831                   num_nodfs, chan->hw_value, chanspecs[i]);
0832             num_nodfs++;
0833         }
0834         err = brcmf_p2p_escan(p2p, num_nodfs, chanspecs, search_state,
0835                       P2PAPI_BSSCFG_DEVICE);
0836         kfree(chanspecs);
0837     }
0838 exit:
0839     if (err)
0840         bphy_err(drvr, "error (%d)\n", err);
0841     return err;
0842 }
0843
0844
0845 /**
0846  * brcmf_p2p_find_listen_channel() - find listen channel in ie string.
0847  *
0848  * @ie: string of information elements.
0849  * @ie_len: length of string.
0850  *
0851  * Scan ie for p2p ie and look for attribute 6 channel. If available determine
0852  * channel and return it.
0853  */
0854 static s32 brcmf_p2p_find_listen_channel(const u8 *ie, u32 ie_len)
0855 {
0856     u8 channel_ie[5];
0857     s32 listen_channel;
0858     s32 err;
0859
0860     err = cfg80211_get_p2p_attr(ie, ie_len,
0861                     IEEE80211_P2P_ATTR_LISTEN_CHANNEL,
0862                     channel_ie, sizeof(channel_ie));
0863     if (err < 0)
0864         return err;
0865
0866     /* listen channel subel length format:     */
0867     /* 3(country) + 1(op. class) + 1(chan num) */
0868     listen_channel = (s32)channel_ie[3 + 1];
0869
0870     if (listen_channel == SOCIAL_CHAN_1 ||
0871         listen_channel == SOCIAL_CHAN_2 ||
0872         listen_channel == SOCIAL_CHAN_3) {
0873         brcmf_dbg(INFO, "Found my Listen Channel %d\n", listen_channel);
0874         return listen_channel;
0875     }
0876
0877     return -EPERM;
0878 }
0879
0880
0881 /**
0882  * brcmf_p2p_scan_prep() - prepare scan based on request.
0883  *
0884  * @wiphy: wiphy device.
0885  * @request: scan request from cfg80211.
0886  * @vif: vif on which scan request is to be executed.
0887  *
0888  * Prepare the scan appropriately for type of scan requested. Overrides the
0889  * escan .run() callback for peer-to-peer scanning.
0890  */
0891 int brcmf_p2p_scan_prep(struct wiphy *wiphy,
0892             struct cfg80211_scan_request *request,
0893             struct brcmf_cfg80211_vif *vif)
0894 {
0895     struct brcmf_cfg80211_info *cfg = wiphy_to_cfg(wiphy);
0896     struct brcmf_p2p_info *p2p = &cfg->p2p;
0897     int err;
0898
0899     if (brcmf_p2p_scan_is_p2p_request(request)) {
0900         /* find my listen channel */
0901         err = brcmf_p2p_find_listen_channel(request->ie,
0902                             request->ie_len);
0903         if (err < 0)
0904             return err;
0905
0906         p2p->afx_hdl.my_listen_chan = err;
0907
0908         clear_bit(BRCMF_P2P_STATUS_GO_NEG_PHASE, &p2p->status);
0909         brcmf_dbg(INFO, "P2P: GO_NEG_PHASE status cleared\n");
0910
0911         err = brcmf_p2p_enable_discovery(p2p);
0912         if (err)
0913             return err;
0914
0915         /* override .run_escan() callback. */
0916         cfg->escan_info.run = brcmf_p2p_run_escan;
0917     }
0918     return 0;
0919 }
0920
0921
0922 /**
0923  * brcmf_p2p_discover_listen() - set firmware to discover listen state.
0924  *
0925  * @p2p: p2p device.
0926  * @channel: channel nr for discover listen.
0927  * @duration: time in ms to stay on channel.
0928  *
0929  */
0930 static s32
0931 brcmf_p2p_discover_listen(struct brcmf_p2p_info *p2p, u16 channel, u32 duration)
0932 {
0933     struct brcmf_pub *drvr = p2p->cfg->pub;
0934     struct brcmf_cfg80211_vif *vif;
0935     struct brcmu_chan ch;
0936     s32 err = 0;
0937
0938     vif = p2p->bss_idx[P2PAPI_BSSCFG_DEVICE].vif;
0939     if (!vif) {
0940         bphy_err(drvr, "Discovery is not set, so we have nothing to do\n");
0941         err = -EPERM;
0942         goto exit;
0943     }
0944
0945     if (test_bit(BRCMF_P2P_STATUS_DISCOVER_LISTEN, &p2p->status)) {
0946         bphy_err(drvr, "Previous LISTEN is not completed yet\n");
0947         /* WAR: prevent cookie mismatch in wpa_supplicant return OK */
0948         goto exit;
0949     }
0950
0951     ch.chnum = channel;
0952     ch.bw = BRCMU_CHAN_BW_20;
0953     p2p->cfg->d11inf.encchspec(&ch);
0954     err = brcmf_p2p_set_discover_state(vif->ifp, WL_P2P_DISC_ST_LISTEN,
0955                        ch.chspec, (u16)duration);
0956     if (!err) {
0957         set_bit(BRCMF_P2P_STATUS_DISCOVER_LISTEN, &p2p->status);
0958         p2p->remain_on_channel_cookie++;
0959     }
0960 exit:
0961     return err;
0962 }
0963
0964
0965 /**
0966  * brcmf_p2p_remain_on_channel() - put device on channel and stay there.
0967  *
0968  * @wiphy: wiphy device.
0969  * @wdev: wireless device.
0970  * @channel: channel to stay on.
0971  * @duration: time in ms to remain on channel.
0972  * @cookie: cookie.
0973  */
0974 int brcmf_p2p_remain_on_channel(struct wiphy *wiphy, struct wireless_dev *wdev,
0975                 struct ieee80211_channel *channel,
0976                 unsigned int duration, u64 *cookie)
0977 {
0978     struct brcmf_cfg80211_info *cfg = wiphy_to_cfg(wiphy);
0979     struct brcmf_p2p_info *p2p = &cfg->p2p;
0980     s32 err;
0981     u16 channel_nr;
0982
0983     channel_nr = ieee80211_frequency_to_channel(channel->center_freq);
0984     brcmf_dbg(TRACE, "Enter, channel: %d, duration ms (%d)\n", channel_nr,
0985           duration);
0986
0987     err = brcmf_p2p_enable_discovery(p2p);
0988     if (err)
0989         goto exit;
0990     err = brcmf_p2p_discover_listen(p2p, channel_nr, duration);
0991     if (err)
0992         goto exit;
0993
0994     memcpy(&p2p->remain_on_channel, channel, sizeof(*channel));
0995     *cookie = p2p->remain_on_channel_cookie;
0996     cfg80211_ready_on_channel(wdev, *cookie, channel, duration, GFP_KERNEL);
0997
0998 exit:
0999     return err;
1000 }
1001
1002
1003 /**
1004  * brcmf_p2p_notify_listen_complete() - p2p listen has completed.
1005  *
1006  * @ifp: interfac control.
1007  * @e: event message. Not used, to make it usable for fweh event dispatcher.
1008  * @data: payload of message. Not used.
1009  *
1010  */
1011 int brcmf_p2p_notify_listen_complete(struct brcmf_if *ifp,
1012                      const struct brcmf_event_msg *e,
1013                      void *data)
1014 {
1015     struct brcmf_cfg80211_info *cfg = ifp->drvr->config;
1016     struct brcmf_p2p_info *p2p = &cfg->p2p;
1017
1018     brcmf_dbg(TRACE, "Enter\n");
1019     if (test_and_clear_bit(BRCMF_P2P_STATUS_DISCOVER_LISTEN,
1020                    &p2p->status)) {
1021         if (test_and_clear_bit(BRCMF_P2P_STATUS_WAITING_NEXT_AF_LISTEN,
1022                        &p2p->status)) {
1023             clear_bit(BRCMF_P2P_STATUS_WAITING_NEXT_ACT_FRAME,
1024                   &p2p->status);
1025             brcmf_dbg(INFO, "Listen DONE, wake up wait_next_af\n");
1026             complete(&p2p->wait_next_af);
1027         }
1028
1029         cfg80211_remain_on_channel_expired(&ifp->vif->wdev,
1030                            p2p->remain_on_channel_cookie,
1031                            &p2p->remain_on_channel,
1032                            GFP_KERNEL);
1033     }
1034     return 0;
1035 }
1036
1037
1038 /**
1039  * brcmf_p2p_cancel_remain_on_channel() - cancel p2p listen state.
1040  *
1041  * @ifp: interfac control.
1042  *
1043  */
1044 void brcmf_p2p_cancel_remain_on_channel(struct brcmf_if *ifp)
1045 {
1046     if (!ifp)
1047         return;
1048     brcmf_p2p_set_discover_state(ifp, WL_P2P_DISC_ST_SCAN, 0, 0);
1049     brcmf_p2p_notify_listen_complete(ifp, NULL, NULL);
1050 }
1051
1052
1053 /**
1054  * brcmf_p2p_act_frm_search() - search function for action frame.
1055  *
1056  * @p2p: p2p device.
1057  * @channel: channel on which action frame is to be trasmitted.
1058  *
1059  * search function to reach at common channel to send action frame. When
1060  * channel is 0 then all social channels will be used to send af
1061  */
1062 static s32 brcmf_p2p_act_frm_search(struct brcmf_p2p_info *p2p, u16 channel)
1063 {
1064     struct brcmf_pub *drvr = p2p->cfg->pub;
1065     s32 err;
1066     u32 channel_cnt;
1067     u16 *default_chan_list;
1068     u32 i;
1069     struct brcmu_chan ch;
1070
1071     brcmf_dbg(TRACE, "Enter\n");
1072
1073     if (channel)
1074         channel_cnt = AF_PEER_SEARCH_CNT;
1075     else
1076         channel_cnt = SOCIAL_CHAN_CNT;
1077     default_chan_list = kcalloc(channel_cnt, sizeof(*default_chan_list),
1078                     GFP_KERNEL);
1079     if (default_chan_list == NULL) {
1080         bphy_err(drvr, "channel list allocation failed\n");
1081         err = -ENOMEM;
1082         goto exit;
1083     }
1084     ch.bw = BRCMU_CHAN_BW_20;
1085     if (channel) {
1086         ch.chnum = channel;
1087         p2p->cfg->d11inf.encchspec(&ch);
1088         /* insert same channel to the chan_list */
1089         for (i = 0; i < channel_cnt; i++)
1090             default_chan_list[i] = ch.chspec;
1091     } else {
1092         ch.chnum = SOCIAL_CHAN_1;
1093         p2p->cfg->d11inf.encchspec(&ch);
1094         default_chan_list[0] = ch.chspec;
1095         ch.chnum = SOCIAL_CHAN_2;
1096         p2p->cfg->d11inf.encchspec(&ch);
1097         default_chan_list[1] = ch.chspec;
1098         ch.chnum = SOCIAL_CHAN_3;
1099         p2p->cfg->d11inf.encchspec(&ch);
1100         default_chan_list[2] = ch.chspec;
1101     }
1102     err = brcmf_p2p_escan(p2p, channel_cnt, default_chan_list,
1103                   WL_P2P_DISC_ST_SEARCH, P2PAPI_BSSCFG_DEVICE);
1104     kfree(default_chan_list);
1105 exit:
1106     return err;
1107 }
1108
1109
1110 /**
1111  * brcmf_p2p_afx_handler() - afx worker thread.
1112  *
1113  * @work:
1114  *
1115  */
1116 static void brcmf_p2p_afx_handler(struct work_struct *work)
1117 {
1118     struct afx_hdl *afx_hdl = container_of(work, struct afx_hdl, afx_work);
1119     struct brcmf_p2p_info *p2p = container_of(afx_hdl,
1120                           struct brcmf_p2p_info,
1121                           afx_hdl);
1122     struct brcmf_pub *drvr = p2p->cfg->pub;
1123     s32 err;
1124
1125     if (!afx_hdl->is_active)
1126         return;
1127
1128     if (afx_hdl->is_listen && afx_hdl->my_listen_chan)
1129         /* 100ms ~ 300ms */
1130         err = brcmf_p2p_discover_listen(p2p, afx_hdl->my_listen_chan,
1131                         100 * (1 + prandom_u32() % 3));
1132     else
1133         err = brcmf_p2p_act_frm_search(p2p, afx_hdl->peer_listen_chan);
1134
1135     if (err) {
1136         bphy_err(drvr, "ERROR occurred! value is (%d)\n", err);
1137         if (test_bit(BRCMF_P2P_STATUS_FINDING_COMMON_CHANNEL,
1138                  &p2p->status))
1139             complete(&afx_hdl->act_frm_scan);
1140     }
1141 }
1142
1143
1144 /**
1145  * brcmf_p2p_af_searching_channel() - search channel.
1146  *
1147  * @p2p: p2p device info struct.
1148  *
1149  */
1150 static s32 brcmf_p2p_af_searching_channel(struct brcmf_p2p_info *p2p)
1151 {
1152     struct afx_hdl *afx_hdl = &p2p->afx_hdl;
1153     struct brcmf_cfg80211_vif *pri_vif;
1154     s32 retry;
1155
1156     brcmf_dbg(TRACE, "Enter\n");
1157
1158     pri_vif = p2p->bss_idx[P2PAPI_BSSCFG_PRIMARY].vif;
1159
1160     reinit_completion(&afx_hdl->act_frm_scan);
1161     set_bit(BRCMF_P2P_STATUS_FINDING_COMMON_CHANNEL, &p2p->status);
1162     afx_hdl->is_active = true;
1163     afx_hdl->peer_chan = P2P_INVALID_CHANNEL;
1164
1165     /* Loop to wait until we find a peer's channel or the
1166      * pending action frame tx is cancelled.
1167      */
1168     retry = 0;
1169     while ((retry < P2P_CHANNEL_SYNC_RETRY) &&
1170            (afx_hdl->peer_chan == P2P_INVALID_CHANNEL)) {
1171         afx_hdl->is_listen = false;
1172         brcmf_dbg(TRACE, "Scheduling action frame for sending.. (%d)\n",
1173               retry);
1174         /* search peer on peer's listen channel */
1175         schedule_work(&afx_hdl->afx_work);
1176         wait_for_completion_timeout(&afx_hdl->act_frm_scan,
1177                         P2P_AF_FRM_SCAN_MAX_WAIT);
1178         if ((afx_hdl->peer_chan != P2P_INVALID_CHANNEL) ||
1179             (!test_bit(BRCMF_P2P_STATUS_FINDING_COMMON_CHANNEL,
1180                    &p2p->status)))
1181             break;
1182
1183         if (afx_hdl->my_listen_chan) {
1184             brcmf_dbg(TRACE, "Scheduling listen peer, channel=%d\n",
1185                   afx_hdl->my_listen_chan);
1186             /* listen on my listen channel */
1187             afx_hdl->is_listen = true;
1188             schedule_work(&afx_hdl->afx_work);
1189             wait_for_completion_timeout(&afx_hdl->act_frm_scan,
1190                             P2P_AF_FRM_SCAN_MAX_WAIT);
1191         }
1192         if ((afx_hdl->peer_chan != P2P_INVALID_CHANNEL) ||
1193             (!test_bit(BRCMF_P2P_STATUS_FINDING_COMMON_CHANNEL,
1194                    &p2p->status)))
1195             break;
1196         retry++;
1197
1198         /* if sta is connected or connecting, sleep for a while before
1199          * retry af tx or finding a peer
1200          */
1201         if (test_bit(BRCMF_VIF_STATUS_CONNECTED, &pri_vif->sme_state) ||
1202             test_bit(BRCMF_VIF_STATUS_CONNECTING, &pri_vif->sme_state))
1203             msleep(P2P_DEFAULT_SLEEP_TIME_VSDB);
1204     }
1205
1206     brcmf_dbg(TRACE, "Completed search/listen peer_chan=%d\n",
1207           afx_hdl->peer_chan);
1208     afx_hdl->is_active = false;
1209
1210     clear_bit(BRCMF_P2P_STATUS_FINDING_COMMON_CHANNEL, &p2p->status);
1211
1212     return afx_hdl->peer_chan;
1213 }
1214
1215
1216 /**
1217  * brcmf_p2p_scan_finding_common_channel() - was escan used for finding channel
1218  *
1219  * @cfg: common configuration struct.
1220  * @bi: bss info struct, result from scan.
1221  *
1222  */
1223 bool brcmf_p2p_scan_finding_common_channel(struct brcmf_cfg80211_info *cfg,
1224                        struct brcmf_bss_info_le *bi)
1225
1226 {
1227     struct brcmf_p2p_info *p2p = &cfg->p2p;
1228     struct afx_hdl *afx_hdl = &p2p->afx_hdl;
1229     struct brcmu_chan ch;
1230     u8 *ie;
1231     s32 err;
1232     u8 p2p_dev_addr[ETH_ALEN];
1233
1234     if (!test_bit(BRCMF_P2P_STATUS_FINDING_COMMON_CHANNEL, &p2p->status))
1235         return false;
1236
1237     if (bi == NULL) {
1238         brcmf_dbg(TRACE, "ACTION FRAME SCAN Done\n");
1239         if (afx_hdl->peer_chan == P2P_INVALID_CHANNEL)
1240             complete(&afx_hdl->act_frm_scan);
1241         return true;
1242     }
1243
1244     ie = ((u8 *)bi) + le16_to_cpu(bi->ie_offset);
1245     memset(p2p_dev_addr, 0, sizeof(p2p_dev_addr));
1246     err = cfg80211_get_p2p_attr(ie, le32_to_cpu(bi->ie_length),
1247                     IEEE80211_P2P_ATTR_DEVICE_INFO,
1248                     p2p_dev_addr, sizeof(p2p_dev_addr));
1249     if (err < 0)
1250         err = cfg80211_get_p2p_attr(ie, le32_to_cpu(bi->ie_length),
1251                         IEEE80211_P2P_ATTR_DEVICE_ID,
1252                         p2p_dev_addr, sizeof(p2p_dev_addr));
1253     if ((err >= 0) &&
1254         (ether_addr_equal(p2p_dev_addr, afx_hdl->tx_dst_addr))) {
1255         if (!bi->ctl_ch) {
1256             ch.chspec = le16_to_cpu(bi->chanspec);
1257             cfg->d11inf.decchspec(&ch);
1258             bi->ctl_ch = ch.control_ch_num;
1259         }
1260         afx_hdl->peer_chan = bi->ctl_ch;
1261         brcmf_dbg(TRACE, "ACTION FRAME SCAN : Peer %pM found, channel : %d\n",
1262               afx_hdl->tx_dst_addr, afx_hdl->peer_chan);
1263         complete(&afx_hdl->act_frm_scan);
1264     }
1265     return true;
1266 }
1267
1268 /**
1269  * brcmf_p2p_abort_action_frame() - abort action frame.
1270  *
1271  * @cfg: common configuration struct.
1272  *
1273  */
1274 static s32 brcmf_p2p_abort_action_frame(struct brcmf_cfg80211_info *cfg)
1275 {
1276     struct brcmf_p2p_info *p2p = &cfg->p2p;
1277     struct brcmf_cfg80211_vif *vif;
1278     s32 err;
1279     s32 int_val = 1;
1280
1281     brcmf_dbg(TRACE, "Enter\n");
1282
1283     vif = p2p->bss_idx[P2PAPI_BSSCFG_DEVICE].vif;
1284     err = brcmf_fil_bsscfg_data_set(vif->ifp, "actframe_abort", &int_val,
1285                     sizeof(s32));
1286     if (err)
1287         brcmf_err(" aborting action frame has failed (%d)\n", err);
1288
1289     return err;
1290 }
1291
1292 /**
1293  * brcmf_p2p_stop_wait_next_action_frame() - finish scan if af tx complete.
1294  *
1295  * @cfg: common configuration struct.
1296  *
1297  */
1298 static void
1299 brcmf_p2p_stop_wait_next_action_frame(struct brcmf_cfg80211_info *cfg)
1300 {
1301     struct brcmf_p2p_info *p2p = &cfg->p2p;
1302     struct brcmf_if *ifp = p2p->bss_idx[P2PAPI_BSSCFG_PRIMARY].vif->ifp;
1303     s32 err;
1304
1305     if (test_bit(BRCMF_P2P_STATUS_SENDING_ACT_FRAME, &p2p->status) &&
1306         (test_bit(BRCMF_P2P_STATUS_ACTION_TX_COMPLETED, &p2p->status) ||
1307          test_bit(BRCMF_P2P_STATUS_ACTION_TX_NOACK, &p2p->status))) {
1308         brcmf_dbg(TRACE, "*** Wake UP ** abort actframe iovar\n");
1309         /* if channel is not zero, "actfame" uses off channel scan.
1310          * So abort scan for off channel completion.
1311          */
1312         if (p2p->af_sent_channel) {
1313             /* abort actframe using actframe_abort or abort scan */
1314             err = brcmf_p2p_abort_action_frame(cfg);
1315             if (err)
1316                 brcmf_notify_escan_complete(cfg, ifp, true,
1317                                 true);
1318         }
1319     } else if (test_bit(BRCMF_P2P_STATUS_WAITING_NEXT_AF_LISTEN,
1320                 &p2p->status)) {
1321         brcmf_dbg(TRACE, "*** Wake UP ** abort listen for next af frame\n");
1322         /* So abort scan to cancel listen */
1323         brcmf_notify_escan_complete(cfg, ifp, true, true);
1324     }
1325 }
1326
1327
1328 /**
1329  * brcmf_p2p_gon_req_collision() - Check if go negotiaton collission
1330  *
1331  * @p2p: p2p device info struct.
1332  * @mac: MAC address.
1333  *
1334  * return true if recevied action frame is to be dropped.
1335  */
1336 static bool
1337 brcmf_p2p_gon_req_collision(struct brcmf_p2p_info *p2p, u8 *mac)
1338 {
1339     struct brcmf_cfg80211_info *cfg = p2p->cfg;
1340     struct brcmf_if *ifp;
1341
1342     brcmf_dbg(TRACE, "Enter\n");
1343
1344     if (!test_bit(BRCMF_P2P_STATUS_WAITING_NEXT_ACT_FRAME, &p2p->status) ||
1345         !p2p->gon_req_action)
1346         return false;
1347
1348     brcmf_dbg(TRACE, "GO Negotiation Request COLLISION !!!\n");
1349     /* if sa(peer) addr is less than da(my) addr, then this device
1350      * process peer's gon request and block to send gon req.
1351      * if not (sa addr > da addr),
1352      * this device will process gon request and drop gon req of peer.
1353      */
1354     ifp = p2p->bss_idx[P2PAPI_BSSCFG_DEVICE].vif->ifp;
1355     if (memcmp(mac, ifp->mac_addr, ETH_ALEN) < 0) {
1356         brcmf_dbg(INFO, "Block transmit gon req !!!\n");
1357         p2p->block_gon_req_tx = true;
1358         /* if we are finding a common channel for sending af,
1359          * do not scan more to block to send current gon req
1360          */
1361         if (test_and_clear_bit(BRCMF_P2P_STATUS_FINDING_COMMON_CHANNEL,
1362                        &p2p->status))
1363             complete(&p2p->afx_hdl.act_frm_scan);
1364         if (test_and_clear_bit(BRCMF_P2P_STATUS_WAITING_NEXT_ACT_FRAME,
1365                        &p2p->status))
1366             brcmf_p2p_stop_wait_next_action_frame(cfg);
1367         return false;
1368     }
1369
1370     /* drop gon request of peer to process gon request by this device. */
1371     brcmf_dbg(INFO, "Drop received gon req !!!\n");
1372
1373     return true;
1374 }
1375
1376
1377 /**
1378  * brcmf_p2p_notify_action_frame_rx() - received action frame.
1379  *
1380  * @ifp: interfac control.
1381  * @e: event message. Not used, to make it usable for fweh event dispatcher.
1382  * @data: payload of message, containing action frame data.
1383  *
1384  */
1385 int brcmf_p2p_notify_action_frame_rx(struct brcmf_if *ifp,
1386                      const struct brcmf_event_msg *e,
1387                      void *data)
1388 {
1389     struct brcmf_pub *drvr = ifp->drvr;
1390     struct brcmf_cfg80211_info *cfg = drvr->config;
1391     struct brcmf_p2p_info *p2p = &cfg->p2p;
1392     struct afx_hdl *afx_hdl = &p2p->afx_hdl;
1393     struct wireless_dev *wdev;
1394     u32 mgmt_frame_len = e->datalen - sizeof(struct brcmf_rx_mgmt_data);
1395     struct brcmf_rx_mgmt_data *rxframe = (struct brcmf_rx_mgmt_data *)data;
1396     u8 *frame = (u8 *)(rxframe + 1);
1397     struct brcmf_p2p_pub_act_frame *act_frm;
1398     struct brcmf_p2psd_gas_pub_act_frame *sd_act_frm;
1399     struct brcmu_chan ch;
1400     struct ieee80211_mgmt *mgmt_frame;
1401     s32 freq;
1402     u16 mgmt_type;
1403     u8 action;
1404
1405     if (e->datalen < sizeof(*rxframe)) {
1406         brcmf_dbg(SCAN, "Event data to small. Ignore\n");
1407         return 0;
1408     }
1409
1410     ch.chspec = be16_to_cpu(rxframe->chanspec);
1411     cfg->d11inf.decchspec(&ch);
1412     /* Check if wpa_supplicant has registered for this frame */
1413     brcmf_dbg(INFO, "ifp->vif->mgmt_rx_reg %04x\n", ifp->vif->mgmt_rx_reg);
1414     mgmt_type = (IEEE80211_STYPE_ACTION & IEEE80211_FCTL_STYPE) >> 4;
1415     if ((ifp->vif->mgmt_rx_reg & BIT(mgmt_type)) == 0)
1416         return 0;
1417
1418     brcmf_p2p_print_actframe(false, frame, mgmt_frame_len);
1419
1420     action = P2P_PAF_SUBTYPE_INVALID;
1421     if (brcmf_p2p_is_pub_action(frame, mgmt_frame_len)) {
1422         act_frm = (struct brcmf_p2p_pub_act_frame *)frame;
1423         action = act_frm->subtype;
1424         if ((action == P2P_PAF_GON_REQ) &&
1425             (brcmf_p2p_gon_req_collision(p2p, (u8 *)e->addr))) {
1426             if (test_bit(BRCMF_P2P_STATUS_FINDING_COMMON_CHANNEL,
1427                      &p2p->status) &&
1428                 (ether_addr_equal(afx_hdl->tx_dst_addr, e->addr))) {
1429                 afx_hdl->peer_chan = ch.control_ch_num;
1430                 brcmf_dbg(INFO, "GON request: Peer found, channel=%d\n",
1431                       afx_hdl->peer_chan);
1432                 complete(&afx_hdl->act_frm_scan);
1433             }
1434             return 0;
1435         }
1436         /* After complete GO Negotiation, roll back to mpc mode */
1437         if ((action == P2P_PAF_GON_CONF) ||
1438             (action == P2P_PAF_PROVDIS_RSP))
1439             brcmf_set_mpc(ifp, 1);
1440         if (action == P2P_PAF_GON_CONF) {
1441             brcmf_dbg(TRACE, "P2P: GO_NEG_PHASE status cleared\n");
1442             clear_bit(BRCMF_P2P_STATUS_GO_NEG_PHASE, &p2p->status);
1443         }
1444     } else if (brcmf_p2p_is_gas_action(frame, mgmt_frame_len)) {
1445         sd_act_frm = (struct brcmf_p2psd_gas_pub_act_frame *)frame;
1446         action = sd_act_frm->action;
1447     }
1448
1449     if (test_bit(BRCMF_P2P_STATUS_WAITING_NEXT_ACT_FRAME, &p2p->status) &&
1450         (p2p->next_af_subtype == action)) {
1451         brcmf_dbg(TRACE, "We got a right next frame! (%d)\n", action);
1452         clear_bit(BRCMF_P2P_STATUS_WAITING_NEXT_ACT_FRAME,
1453               &p2p->status);
1454         /* Stop waiting for next AF. */
1455         brcmf_p2p_stop_wait_next_action_frame(cfg);
1456     }
1457
1458     mgmt_frame = kzalloc(offsetof(struct ieee80211_mgmt, u) +
1459                  mgmt_frame_len, GFP_KERNEL);
1460     if (!mgmt_frame) {
1461         bphy_err(drvr, "No memory available for action frame\n");
1462         return -ENOMEM;
1463     }
1464     memcpy(mgmt_frame->da, ifp->mac_addr, ETH_ALEN);
1465     brcmf_fil_cmd_data_get(ifp, BRCMF_C_GET_BSSID, mgmt_frame->bssid,
1466                    ETH_ALEN);
1467     memcpy(mgmt_frame->sa, e->addr, ETH_ALEN);
1468     mgmt_frame->frame_control = cpu_to_le16(IEEE80211_STYPE_ACTION);
1469     memcpy(&mgmt_frame->u, frame, mgmt_frame_len);
1470     mgmt_frame_len += offsetof(struct ieee80211_mgmt, u);
1471
1472     freq = ieee80211_channel_to_frequency(ch.control_ch_num,
1473                           ch.band == BRCMU_CHAN_BAND_2G ?
1474                           NL80211_BAND_2GHZ :
1475                           NL80211_BAND_5GHZ);
1476
1477     wdev = &ifp->vif->wdev;
1478     cfg80211_rx_mgmt(wdev, freq, 0, (u8 *)mgmt_frame, mgmt_frame_len, 0);
1479
1480     kfree(mgmt_frame);
1481     return 0;
1482 }
1483
1484
1485 /**
1486  * brcmf_p2p_notify_action_tx_complete() - transmit action frame complete
1487  *
1488  * @ifp: interfac control.
1489  * @e: event message. Not used, to make it usable for fweh event dispatcher.
1490  * @data: not used.
1491  *
1492  */
1493 int brcmf_p2p_notify_action_tx_complete(struct brcmf_if *ifp,
1494                     const struct brcmf_event_msg *e,
1495                     void *data)
1496 {
1497     struct brcmf_cfg80211_info *cfg = ifp->drvr->config;
1498     struct brcmf_p2p_info *p2p = &cfg->p2p;
1499
1500     brcmf_dbg(INFO, "Enter: event %s, status=%d\n",
1501           e->event_code == BRCMF_E_ACTION_FRAME_OFF_CHAN_COMPLETE ?
1502           "ACTION_FRAME_OFF_CHAN_COMPLETE" : "ACTION_FRAME_COMPLETE",
1503           e->status);
1504
1505     if (!test_bit(BRCMF_P2P_STATUS_SENDING_ACT_FRAME, &p2p->status))
1506         return 0;
1507
1508     if (e->event_code == BRCMF_E_ACTION_FRAME_COMPLETE) {
1509         if (e->status == BRCMF_E_STATUS_SUCCESS) {
1510             set_bit(BRCMF_P2P_STATUS_ACTION_TX_COMPLETED,
1511                 &p2p->status);
1512             if (!p2p->wait_for_offchan_complete)
1513                 complete(&p2p->send_af_done);
1514         } else {
1515             set_bit(BRCMF_P2P_STATUS_ACTION_TX_NOACK, &p2p->status);
1516             /* If there is no ack, we don't need to wait for
1517              * WLC_E_ACTION_FRAME_OFFCHAN_COMPLETE event
1518              */
1519             brcmf_p2p_stop_wait_next_action_frame(cfg);
1520         }
1521
1522     } else {
1523         complete(&p2p->send_af_done);
1524     }
1525     return 0;
1526 }
1527
1528
1529 /**
1530  * brcmf_p2p_tx_action_frame() - send action frame over fil.
1531  *
1532  * @p2p: p2p info struct for vif.
1533  * @af_params: action frame data/info.
1534  *
1535  * Send an action frame immediately without doing channel synchronization.
1536  *
1537  * This function waits for a completion event before returning.
1538  * The WLC_E_ACTION_FRAME_COMPLETE event will be received when the action
1539  * frame is transmitted.
1540  */
1541 static s32 brcmf_p2p_tx_action_frame(struct brcmf_p2p_info *p2p,
1542                      struct brcmf_fil_af_params_le *af_params)
1543 {
1544     struct brcmf_pub *drvr = p2p->cfg->pub;
1545     struct brcmf_cfg80211_vif *vif;
1546     struct brcmf_p2p_action_frame *p2p_af;
1547     s32 err = 0;
1548
1549     brcmf_dbg(TRACE, "Enter\n");
1550
1551     reinit_completion(&p2p->send_af_done);
1552     clear_bit(BRCMF_P2P_STATUS_ACTION_TX_COMPLETED, &p2p->status);
1553     clear_bit(BRCMF_P2P_STATUS_ACTION_TX_NOACK, &p2p->status);
1554
1555     /* check if it is a p2p_presence response */
1556     p2p_af = (struct brcmf_p2p_action_frame *)af_params->action_frame.data;
1557     if (p2p_af->subtype == P2P_AF_PRESENCE_RSP)
1558         vif = p2p->bss_idx[P2PAPI_BSSCFG_CONNECTION].vif;
1559     else
1560         vif = p2p->bss_idx[P2PAPI_BSSCFG_DEVICE].vif;
1561
1562     err = brcmf_fil_bsscfg_data_set(vif->ifp, "actframe", af_params,
1563                     sizeof(*af_params));
1564     if (err) {
1565         bphy_err(drvr, " sending action frame has failed\n");
1566         goto exit;
1567     }
1568
1569     p2p->af_sent_channel = le32_to_cpu(af_params->channel);
1570     p2p->af_tx_sent_jiffies = jiffies;
1571
1572     if (test_bit(BRCMF_P2P_STATUS_DISCOVER_LISTEN, &p2p->status) &&
1573         p2p->af_sent_channel ==
1574         ieee80211_frequency_to_channel(p2p->remain_on_channel.center_freq))
1575         p2p->wait_for_offchan_complete = false;
1576     else
1577         p2p->wait_for_offchan_complete = true;
1578
1579     brcmf_dbg(TRACE, "Waiting for %s tx completion event\n",
1580           (p2p->wait_for_offchan_complete) ?
1581            "off-channel" : "on-channel");
1582
1583     wait_for_completion_timeout(&p2p->send_af_done, P2P_AF_MAX_WAIT_TIME);
1584
1585     if (test_bit(BRCMF_P2P_STATUS_ACTION_TX_COMPLETED, &p2p->status)) {
1586         brcmf_dbg(TRACE, "TX action frame operation is success\n");
1587     } else {
1588         err = -EIO;
1589         brcmf_dbg(TRACE, "TX action frame operation has failed\n");
1590     }
1591     /* clear status bit for action tx */
1592     clear_bit(BRCMF_P2P_STATUS_ACTION_TX_COMPLETED, &p2p->status);
1593     clear_bit(BRCMF_P2P_STATUS_ACTION_TX_NOACK, &p2p->status);
1594
1595 exit:
1596     return err;
1597 }
1598
1599
1600 /**
1601  * brcmf_p2p_pub_af_tx() - public action frame tx routine.
1602  *
1603  * @cfg: driver private data for cfg80211 interface.
1604  * @af_params: action frame data/info.
1605  * @config_af_params: configuration data for action frame.
1606  *
1607  * routine which transmits ation frame public type.
1608  */
1609 static s32 brcmf_p2p_pub_af_tx(struct brcmf_cfg80211_info *cfg,
1610                    struct brcmf_fil_af_params_le *af_params,
1611                    struct brcmf_config_af_params *config_af_params)
1612 {
1613     struct brcmf_p2p_info *p2p = &cfg->p2p;
1614     struct brcmf_pub *drvr = cfg->pub;
1615     struct brcmf_fil_action_frame_le *action_frame;
1616     struct brcmf_p2p_pub_act_frame *act_frm;
1617     s32 err = 0;
1618     u16 ie_len;
1619
1620     action_frame = &af_params->action_frame;
1621     act_frm = (struct brcmf_p2p_pub_act_frame *)(action_frame->data);
1622
1623     config_af_params->extra_listen = true;
1624
1625     switch (act_frm->subtype) {
1626     case P2P_PAF_GON_REQ:
1627         brcmf_dbg(TRACE, "P2P: GO_NEG_PHASE status set\n");
1628         set_bit(BRCMF_P2P_STATUS_GO_NEG_PHASE, &p2p->status);
1629         config_af_params->mpc_onoff = 0;
1630         config_af_params->search_channel = true;
1631         p2p->next_af_subtype = act_frm->subtype + 1;
1632         p2p->gon_req_action = true;
1633         /* increase dwell time to wait for RESP frame */
1634         af_params->dwell_time = cpu_to_le32(P2P_AF_MED_DWELL_TIME);
1635         break;
1636     case P2P_PAF_GON_RSP:
1637         p2p->next_af_subtype = act_frm->subtype + 1;
1638         /* increase dwell time to wait for CONF frame */
1639         af_params->dwell_time = cpu_to_le32(P2P_AF_MED_DWELL_TIME);
1640         break;
1641     case P2P_PAF_GON_CONF:
1642         /* If we reached till GO Neg confirmation reset the filter */
1643         brcmf_dbg(TRACE, "P2P: GO_NEG_PHASE status cleared\n");
1644         clear_bit(BRCMF_P2P_STATUS_GO_NEG_PHASE, &p2p->status);
1645         /* turn on mpc again if go nego is done */
1646         config_af_params->mpc_onoff = 1;
1647         /* minimize dwell time */
1648         af_params->dwell_time = cpu_to_le32(P2P_AF_MIN_DWELL_TIME);
1649         config_af_params->extra_listen = false;
1650         break;
1651     case P2P_PAF_INVITE_REQ:
1652         config_af_params->search_channel = true;
1653         p2p->next_af_subtype = act_frm->subtype + 1;
1654         /* increase dwell time */
1655         af_params->dwell_time = cpu_to_le32(P2P_AF_MED_DWELL_TIME);
1656         break;
1657     case P2P_PAF_INVITE_RSP:
1658         /* minimize dwell time */
1659         af_params->dwell_time = cpu_to_le32(P2P_AF_MIN_DWELL_TIME);
1660         config_af_params->extra_listen = false;
1661         break;
1662     case P2P_PAF_DEVDIS_REQ:
1663         config_af_params->search_channel = true;
1664         p2p->next_af_subtype = act_frm->subtype + 1;
1665         /* maximize dwell time to wait for RESP frame */
1666         af_params->dwell_time = cpu_to_le32(P2P_AF_LONG_DWELL_TIME);
1667         break;
1668     case P2P_PAF_DEVDIS_RSP:
1669         /* minimize dwell time */
1670         af_params->dwell_time = cpu_to_le32(P2P_AF_MIN_DWELL_TIME);
1671         config_af_params->extra_listen = false;
1672         break;
1673     case P2P_PAF_PROVDIS_REQ:
1674         ie_len = le16_to_cpu(action_frame->len) -
1675              offsetof(struct brcmf_p2p_pub_act_frame, elts);
1676         if (cfg80211_get_p2p_attr(&act_frm->elts[0], ie_len,
1677                       IEEE80211_P2P_ATTR_GROUP_ID,
1678                       NULL, 0) < 0)
1679             config_af_params->search_channel = true;
1680         config_af_params->mpc_onoff = 0;
1681         p2p->next_af_subtype = act_frm->subtype + 1;
1682         /* increase dwell time to wait for RESP frame */
1683         af_params->dwell_time = cpu_to_le32(P2P_AF_MED_DWELL_TIME);
1684         break;
1685     case P2P_PAF_PROVDIS_RSP:
1686         /* wpa_supplicant send go nego req right after prov disc */
1687         p2p->next_af_subtype = P2P_PAF_GON_REQ;
1688         /* increase dwell time to MED level */
1689         af_params->dwell_time = cpu_to_le32(P2P_AF_MED_DWELL_TIME);
1690         config_af_params->extra_listen = false;
1691         break;
1692     default:
1693         bphy_err(drvr, "Unknown p2p pub act frame subtype: %d\n",
1694              act_frm->subtype);
1695         err = -EINVAL;
1696     }
1697     return err;
1698 }
1699
1700 static bool brcmf_p2p_check_dwell_overflow(u32 requested_dwell,
1701                        unsigned long dwell_jiffies)
1702 {
1703     if ((requested_dwell & CUSTOM_RETRY_MASK) &&
1704         (jiffies_to_msecs(jiffies - dwell_jiffies) >
1705         (requested_dwell & ~CUSTOM_RETRY_MASK))) {
1706         brcmf_err("Action frame TX retry time over dwell time!\n");
1707         return true;
1708     }
1709     return false;
1710 }
1711 /**
1712  * brcmf_p2p_send_action_frame() - send action frame .
1713  *
1714  * @cfg: driver private data for cfg80211 interface.
1715  * @ndev: net device to transmit on.
1716  * @af_params: configuration data for action frame.
1717  */
1718 bool brcmf_p2p_send_action_frame(struct brcmf_cfg80211_info *cfg,
1719                  struct net_device *ndev,
1720                  struct brcmf_fil_af_params_le *af_params)
1721 {
1722     struct brcmf_p2p_info *p2p = &cfg->p2p;
1723     struct brcmf_if *ifp = netdev_priv(ndev);
1724     struct brcmf_fil_action_frame_le *action_frame;
1725     struct brcmf_config_af_params config_af_params;
1726     struct afx_hdl *afx_hdl = &p2p->afx_hdl;
1727     struct brcmf_pub *drvr = cfg->pub;
1728     u16 action_frame_len;
1729     bool ack = false;
1730     u8 category;
1731     u8 action;
1732     s32 tx_retry;
1733     s32 extra_listen_time;
1734     uint delta_ms;
1735     unsigned long dwell_jiffies = 0;
1736     bool dwell_overflow = false;
1737
1738     u32 requested_dwell = le32_to_cpu(af_params->dwell_time);
1739     action_frame = &af_params->action_frame;
1740     action_frame_len = le16_to_cpu(action_frame->len);
1741
1742     brcmf_p2p_print_actframe(true, action_frame->data, action_frame_len);
1743
1744     /* Add the default dwell time. Dwell time to stay off-channel */
1745     /* to wait for a response action frame after transmitting an  */
1746     /* GO Negotiation action frame                                */
1747     af_params->dwell_time = cpu_to_le32(P2P_AF_DWELL_TIME);
1748
1749     category = action_frame->data[DOT11_ACTION_CAT_OFF];
1750     action = action_frame->data[DOT11_ACTION_ACT_OFF];
1751
1752     /* initialize variables */
1753     p2p->next_af_subtype = P2P_PAF_SUBTYPE_INVALID;
1754     p2p->gon_req_action = false;
1755
1756     /* config parameters */
1757     config_af_params.mpc_onoff = -1;
1758     config_af_params.search_channel = false;
1759     config_af_params.extra_listen = false;
1760
1761     if (brcmf_p2p_is_pub_action(action_frame->data, action_frame_len)) {
1762         /* p2p public action frame process */
1763         if (brcmf_p2p_pub_af_tx(cfg, af_params, &config_af_params)) {
1764             /* Just send unknown subtype frame with */
1765             /* default parameters.                  */
1766             bphy_err(drvr, "P2P Public action frame, unknown subtype.\n");
1767         }
1768     } else if (brcmf_p2p_is_gas_action(action_frame->data,
1769                        action_frame_len)) {
1770         /* service discovery process */
1771         if (action == P2PSD_ACTION_ID_GAS_IREQ ||
1772             action == P2PSD_ACTION_ID_GAS_CREQ) {
1773             /* configure service discovery query frame */
1774             config_af_params.search_channel = true;
1775
1776             /* save next af suptype to cancel */
1777             /* remaining dwell time           */
1778             p2p->next_af_subtype = action + 1;
1779
1780             af_params->dwell_time =
1781                 cpu_to_le32(P2P_AF_MED_DWELL_TIME);
1782         } else if (action == P2PSD_ACTION_ID_GAS_IRESP ||
1783                action == P2PSD_ACTION_ID_GAS_CRESP) {
1784             /* configure service discovery response frame */
1785             af_params->dwell_time =
1786                 cpu_to_le32(P2P_AF_MIN_DWELL_TIME);
1787         } else {
1788             bphy_err(drvr, "Unknown action type: %d\n", action);
1789             goto exit;
1790         }
1791     } else if (brcmf_p2p_is_p2p_action(action_frame->data,
1792                        action_frame_len)) {
1793         /* do not configure anything. it will be */
1794         /* sent with a default configuration     */
1795     } else {
1796         bphy_err(drvr, "Unknown Frame: category 0x%x, action 0x%x\n",
1797              category, action);
1798         return false;
1799     }
1800
1801     /* if connecting on primary iface, sleep for a while before sending
1802      * af tx for VSDB
1803      */
1804     if (test_bit(BRCMF_VIF_STATUS_CONNECTING,
1805              &p2p->bss_idx[P2PAPI_BSSCFG_PRIMARY].vif->sme_state))
1806         msleep(50);
1807
1808     /* if scan is ongoing, abort current scan. */
1809     if (test_bit(BRCMF_SCAN_STATUS_BUSY, &cfg->scan_status))
1810         brcmf_abort_scanning(cfg);
1811
1812     memcpy(afx_hdl->tx_dst_addr, action_frame->da, ETH_ALEN);
1813
1814     /* To make sure to send successfully action frame, turn off mpc */
1815     if (config_af_params.mpc_onoff == 0)
1816         brcmf_set_mpc(ifp, 0);
1817
1818     /* set status and destination address before sending af */
1819     if (p2p->next_af_subtype != P2P_PAF_SUBTYPE_INVALID) {
1820         /* set status to cancel the remained dwell time in rx process */
1821         set_bit(BRCMF_P2P_STATUS_WAITING_NEXT_ACT_FRAME, &p2p->status);
1822     }
1823
1824     p2p->af_sent_channel = 0;
1825     set_bit(BRCMF_P2P_STATUS_SENDING_ACT_FRAME, &p2p->status);
1826     /* validate channel and p2p ies */
1827     if (config_af_params.search_channel &&
1828         IS_P2P_SOCIAL_CHANNEL(le32_to_cpu(af_params->channel)) &&
1829         p2p->bss_idx[P2PAPI_BSSCFG_DEVICE].vif->saved_ie.probe_req_ie_len) {
1830         afx_hdl = &p2p->afx_hdl;
1831         afx_hdl->peer_listen_chan = le32_to_cpu(af_params->channel);
1832
1833         if (brcmf_p2p_af_searching_channel(p2p) ==
1834                             P2P_INVALID_CHANNEL) {
1835             bphy_err(drvr, "Couldn't find peer's channel.\n");
1836             goto exit;
1837         }
1838
1839         /* Abort scan even for VSDB scenarios. Scan gets aborted in
1840          * firmware but after the check of piggyback algorithm. To take
1841          * care of current piggback algo, lets abort the scan here
1842          * itself.
1843          */
1844         brcmf_notify_escan_complete(cfg, ifp, true, true);
1845
1846         /* update channel */
1847         af_params->channel = cpu_to_le32(afx_hdl->peer_chan);
1848     }
1849     dwell_jiffies = jiffies;
1850     dwell_overflow = brcmf_p2p_check_dwell_overflow(requested_dwell,
1851                             dwell_jiffies);
1852
1853     tx_retry = 0;
1854     while (!p2p->block_gon_req_tx &&
1855            (!ack) && (tx_retry < P2P_AF_TX_MAX_RETRY) &&
1856         !dwell_overflow) {
1857         if (af_params->channel)
1858             msleep(P2P_AF_RETRY_DELAY_TIME);
1859
1860         ack = !brcmf_p2p_tx_action_frame(p2p, af_params);
1861         tx_retry++;
1862         dwell_overflow = brcmf_p2p_check_dwell_overflow(requested_dwell,
1863                                 dwell_jiffies);
1864     }
1865     if (!ack) {
1866         bphy_err(drvr, "Failed to send Action Frame(retry %d)\n",
1867              tx_retry);
1868         clear_bit(BRCMF_P2P_STATUS_GO_NEG_PHASE, &p2p->status);
1869     }
1870
1871 exit:
1872     clear_bit(BRCMF_P2P_STATUS_SENDING_ACT_FRAME, &p2p->status);
1873
1874     /* WAR: sometimes dongle does not keep the dwell time of 'actframe'.
1875      * if we coundn't get the next action response frame and dongle does
1876      * not keep the dwell time, go to listen state again to get next action
1877      * response frame.
1878      */
1879     if (ack && config_af_params.extra_listen && !p2p->block_gon_req_tx &&
1880         test_bit(BRCMF_P2P_STATUS_WAITING_NEXT_ACT_FRAME, &p2p->status) &&
1881         p2p->af_sent_channel == afx_hdl->my_listen_chan) {
1882         delta_ms = jiffies_to_msecs(jiffies - p2p->af_tx_sent_jiffies);
1883         if (le32_to_cpu(af_params->dwell_time) > delta_ms)
1884             extra_listen_time = le32_to_cpu(af_params->dwell_time) -
1885                         delta_ms;
1886         else
1887             extra_listen_time = 0;
1888         if (extra_listen_time > 50) {
1889             set_bit(BRCMF_P2P_STATUS_WAITING_NEXT_AF_LISTEN,
1890                 &p2p->status);
1891             brcmf_dbg(INFO, "Wait more time! actual af time:%d, calculated extra listen:%d\n",
1892                   le32_to_cpu(af_params->dwell_time),
1893                   extra_listen_time);
1894             extra_listen_time += 100;
1895             if (!brcmf_p2p_discover_listen(p2p,
1896                                p2p->af_sent_channel,
1897                                extra_listen_time)) {
1898                 unsigned long duration;
1899
1900                 extra_listen_time += 100;
1901                 duration = msecs_to_jiffies(extra_listen_time);
1902                 wait_for_completion_timeout(&p2p->wait_next_af,
1903                                 duration);
1904             }
1905             clear_bit(BRCMF_P2P_STATUS_WAITING_NEXT_AF_LISTEN,
1906                   &p2p->status);
1907         }
1908     }
1909
1910     if (p2p->block_gon_req_tx) {
1911         /* if ack is true, supplicant will wait more time(100ms).
1912          * so we will return it as a success to get more time .
1913          */
1914         p2p->block_gon_req_tx = false;
1915         ack = true;
1916     }
1917
1918     clear_bit(BRCMF_P2P_STATUS_WAITING_NEXT_ACT_FRAME, &p2p->status);
1919     /* if all done, turn mpc on again */
1920     if (config_af_params.mpc_onoff == 1)
1921         brcmf_set_mpc(ifp, 1);
1922
1923     return ack;
1924 }
1925
1926 /**
1927  * brcmf_p2p_notify_rx_mgmt_p2p_probereq() - Event handler for p2p probe req.
1928  *
1929  * @ifp: interface pointer for which event was received.
1930  * @e: even message.
1931  * @data: payload of event message (probe request).
1932  */
1933 s32 brcmf_p2p_notify_rx_mgmt_p2p_probereq(struct brcmf_if *ifp,
1934                       const struct brcmf_event_msg *e,
1935                       void *data)
1936 {
1937     struct brcmf_cfg80211_info *cfg = ifp->drvr->config;
1938     struct brcmf_p2p_info *p2p = &cfg->p2p;
1939     struct afx_hdl *afx_hdl = &p2p->afx_hdl;
1940     struct brcmf_cfg80211_vif *vif = ifp->vif;
1941     struct brcmf_rx_mgmt_data *rxframe = (struct brcmf_rx_mgmt_data *)data;
1942     struct brcmu_chan ch;
1943     u8 *mgmt_frame;
1944     u32 mgmt_frame_len;
1945     s32 freq;
1946     u16 mgmt_type;
1947
1948     brcmf_dbg(INFO, "Enter: event %d reason %d\n", e->event_code,
1949           e->reason);
1950
1951     if (e->datalen < sizeof(*rxframe)) {
1952         brcmf_dbg(SCAN, "Event data to small. Ignore\n");
1953         return 0;
1954     }
1955
1956     ch.chspec = be16_to_cpu(rxframe->chanspec);
1957     cfg->d11inf.decchspec(&ch);
1958
1959     if (test_bit(BRCMF_P2P_STATUS_FINDING_COMMON_CHANNEL, &p2p->status) &&
1960         (ether_addr_equal(afx_hdl->tx_dst_addr, e->addr))) {
1961         afx_hdl->peer_chan = ch.control_ch_num;
1962         brcmf_dbg(INFO, "PROBE REQUEST: Peer found, channel=%d\n",
1963               afx_hdl->peer_chan);
1964         complete(&afx_hdl->act_frm_scan);
1965     }
1966
1967     /* Firmware sends us two proberesponses for each idx one. At the */
1968     /* moment anything but bsscfgidx 0 is passed up to supplicant    */
1969     if (e->bsscfgidx == 0)
1970         return 0;
1971
1972     /* Filter any P2P probe reqs arriving during the GO-NEG Phase */
1973     if (test_bit(BRCMF_P2P_STATUS_GO_NEG_PHASE, &p2p->status)) {
1974         brcmf_dbg(INFO, "Filtering P2P probe_req in GO-NEG phase\n");
1975         return 0;
1976     }
1977
1978     /* Check if wpa_supplicant has registered for this frame */
1979     brcmf_dbg(INFO, "vif->mgmt_rx_reg %04x\n", vif->mgmt_rx_reg);
1980     mgmt_type = (IEEE80211_STYPE_PROBE_REQ & IEEE80211_FCTL_STYPE) >> 4;
1981     if ((vif->mgmt_rx_reg & BIT(mgmt_type)) == 0)
1982         return 0;
1983
1984     mgmt_frame = (u8 *)(rxframe + 1);
1985     mgmt_frame_len = e->datalen - sizeof(*rxframe);
1986     freq = ieee80211_channel_to_frequency(ch.control_ch_num,
1987                           ch.band == BRCMU_CHAN_BAND_2G ?
1988                           NL80211_BAND_2GHZ :
1989                           NL80211_BAND_5GHZ);
1990
1991     cfg80211_rx_mgmt(&vif->wdev, freq, 0, mgmt_frame, mgmt_frame_len, 0);
1992
1993     brcmf_dbg(INFO, "mgmt_frame_len (%d) , e->datalen (%d), chanspec (%04x), freq (%d)\n",
1994           mgmt_frame_len, e->datalen, ch.chspec, freq);
1995
1996     return 0;
1997 }
1998
1999
2000 /**
2001  * brcmf_p2p_get_current_chanspec() - Get current operation channel.
2002  *
2003  * @p2p: P2P specific data.
2004  * @chanspec: chanspec to be returned.
2005  */
2006 static void brcmf_p2p_get_current_chanspec(struct brcmf_p2p_info *p2p,
2007                        u16 *chanspec)
2008 {
2009     struct brcmf_if *ifp;
2010     u8 mac_addr[ETH_ALEN];
2011     struct brcmu_chan ch;
2012     struct brcmf_bss_info_le *bi;
2013     u8 *buf;
2014
2015     ifp = p2p->bss_idx[P2PAPI_BSSCFG_PRIMARY].vif->ifp;
2016
2017     if (brcmf_fil_cmd_data_get(ifp, BRCMF_C_GET_BSSID, mac_addr,
2018                    ETH_ALEN) == 0) {
2019         buf = kzalloc(WL_BSS_INFO_MAX, GFP_KERNEL);
2020         if (buf != NULL) {
2021             *(__le32 *)buf = cpu_to_le32(WL_BSS_INFO_MAX);
2022             if (brcmf_fil_cmd_data_get(ifp, BRCMF_C_GET_BSS_INFO,
2023                            buf, WL_BSS_INFO_MAX) == 0) {
2024                 bi = (struct brcmf_bss_info_le *)(buf + 4);
2025                 *chanspec = le16_to_cpu(bi->chanspec);
2026                 kfree(buf);
2027                 return;
2028             }
2029             kfree(buf);
2030         }
2031     }
2032     /* Use default channel for P2P */
2033     ch.chnum = BRCMF_P2P_TEMP_CHAN;
2034     ch.bw = BRCMU_CHAN_BW_20;
2035     p2p->cfg->d11inf.encchspec(&ch);
2036     *chanspec = ch.chspec;
2037 }
2038
2039 /**
2040  * brcmf_p2p_ifchange - Change a P2P Role.
2041  * @cfg: driver private data for cfg80211 interface.
2042  * @if_type: interface type.
2043  * Returns 0 if success.
2044  */
2045 int brcmf_p2p_ifchange(struct brcmf_cfg80211_info *cfg,
2046                enum brcmf_fil_p2p_if_types if_type)
2047 {
2048     struct brcmf_p2p_info *p2p = &cfg->p2p;
2049     struct brcmf_pub *drvr = cfg->pub;
2050     struct brcmf_cfg80211_vif *vif;
2051     struct brcmf_fil_p2p_if_le if_request;
2052     s32 err;
2053     u16 chanspec;
2054
2055     brcmf_dbg(TRACE, "Enter\n");
2056
2057     vif = p2p->bss_idx[P2PAPI_BSSCFG_PRIMARY].vif;
2058     if (!vif) {
2059         bphy_err(drvr, "vif for P2PAPI_BSSCFG_PRIMARY does not exist\n");
2060         return -EPERM;
2061     }
2062     brcmf_notify_escan_complete(cfg, vif->ifp, true, true);
2063     vif = p2p->bss_idx[P2PAPI_BSSCFG_CONNECTION].vif;
2064     if (!vif) {
2065         bphy_err(drvr, "vif for P2PAPI_BSSCFG_CONNECTION does not exist\n");
2066         return -EPERM;
2067     }
2068     brcmf_set_mpc(vif->ifp, 0);
2069
2070     /* In concurrency case, STA may be already associated in a particular */
2071     /* channel. so retrieve the current channel of primary interface and  */
2072     /* then start the virtual interface on that.                          */
2073     brcmf_p2p_get_current_chanspec(p2p, &chanspec);
2074
2075     if_request.type = cpu_to_le16((u16)if_type);
2076     if_request.chspec = cpu_to_le16(chanspec);
2077     memcpy(if_request.addr, p2p->conn_int_addr, sizeof(if_request.addr));
2078
2079     brcmf_cfg80211_arm_vif_event(cfg, vif);
2080     err = brcmf_fil_iovar_data_set(vif->ifp, "p2p_ifupd", &if_request,
2081                        sizeof(if_request));
2082     if (err) {
2083         bphy_err(drvr, "p2p_ifupd FAILED, err=%d\n", err);
2084         brcmf_cfg80211_arm_vif_event(cfg, NULL);
2085         return err;
2086     }
2087     err = brcmf_cfg80211_wait_vif_event(cfg, BRCMF_E_IF_CHANGE,
2088                         BRCMF_VIF_EVENT_TIMEOUT);
2089     brcmf_cfg80211_arm_vif_event(cfg, NULL);
2090     if (!err)  {
2091         bphy_err(drvr, "No BRCMF_E_IF_CHANGE event received\n");
2092         return -EIO;
2093     }
2094
2095     err = brcmf_fil_cmd_int_set(vif->ifp, BRCMF_C_SET_SCB_TIMEOUT,
2096                     BRCMF_SCB_TIMEOUT_VALUE);
2097
2098     return err;
2099 }
2100
2101 static int brcmf_p2p_request_p2p_if(struct brcmf_p2p_info *p2p,
2102                     struct brcmf_if *ifp, u8 ea[ETH_ALEN],
2103                     enum brcmf_fil_p2p_if_types iftype)
2104 {
2105     struct brcmf_fil_p2p_if_le if_request;
2106     int err;
2107     u16 chanspec;
2108
2109     /* we need a default channel */
2110     brcmf_p2p_get_current_chanspec(p2p, &chanspec);
2111
2112     /* fill the firmware request */
2113     memcpy(if_request.addr, ea, ETH_ALEN);
2114     if_request.type = cpu_to_le16((u16)iftype);
2115     if_request.chspec = cpu_to_le16(chanspec);
2116
2117     err = brcmf_fil_iovar_data_set(ifp, "p2p_ifadd", &if_request,
2118                        sizeof(if_request));
2119
2120     return err;
2121 }
2122
2123 static int brcmf_p2p_disable_p2p_if(struct brcmf_cfg80211_vif *vif)
2124 {
2125     struct brcmf_cfg80211_info *cfg = wdev_to_cfg(&vif->wdev);
2126     struct net_device *pri_ndev = cfg_to_ndev(cfg);
2127     struct brcmf_if *ifp = netdev_priv(pri_ndev);
2128     const u8 *addr = vif->wdev.netdev->dev_addr;
2129
2130     return brcmf_fil_iovar_data_set(ifp, "p2p_ifdis", addr, ETH_ALEN);
2131 }
2132
2133 static int brcmf_p2p_release_p2p_if(struct brcmf_cfg80211_vif *vif)
2134 {
2135     struct brcmf_cfg80211_info *cfg = wdev_to_cfg(&vif->wdev);
2136     struct net_device *pri_ndev = cfg_to_ndev(cfg);
2137     struct brcmf_if *ifp = netdev_priv(pri_ndev);
2138     const u8 *addr = vif->wdev.netdev->dev_addr;
2139
2140     return brcmf_fil_iovar_data_set(ifp, "p2p_ifdel", addr, ETH_ALEN);
2141 }
2142
2143 /**
2144  * brcmf_p2p_create_p2pdev() - create a P2P_DEVICE virtual interface.
2145  *
2146  * @p2p: P2P specific data.
2147  * @wiphy: wiphy device of new interface.
2148  * @addr: mac address for this new interface.
2149  */
2150 static struct wireless_dev *brcmf_p2p_create_p2pdev(struct brcmf_p2p_info *p2p,
2151                             struct wiphy *wiphy,
2152                             u8 *addr)
2153 {
2154     struct brcmf_pub *drvr = p2p->cfg->pub;
2155     struct brcmf_cfg80211_vif *p2p_vif;
2156     struct brcmf_if *p2p_ifp;
2157     struct brcmf_if *pri_ifp;
2158     int err;
2159     u32 bsscfgidx;
2160
2161     if (p2p->bss_idx[P2PAPI_BSSCFG_DEVICE].vif)
2162         return ERR_PTR(-ENOSPC);
2163
2164     p2p_vif = brcmf_alloc_vif(p2p->cfg, NL80211_IFTYPE_P2P_DEVICE);
2165     if (IS_ERR(p2p_vif)) {
2166         bphy_err(drvr, "could not create discovery vif\n");
2167         return (struct wireless_dev *)p2p_vif;
2168     }
2169
2170     pri_ifp = p2p->bss_idx[P2PAPI_BSSCFG_PRIMARY].vif->ifp;
2171
2172     /* firmware requires unique mac address for p2pdev interface */
2173     if (addr && ether_addr_equal(addr, pri_ifp->mac_addr)) {
2174         bphy_err(drvr, "discovery vif must be different from primary interface\n");
2175         err = -EINVAL;
2176         goto fail;
2177     }
2178
2179     brcmf_p2p_generate_bss_mac(p2p, addr);
2180     brcmf_p2p_set_firmware(pri_ifp, p2p->dev_addr);
2181
2182     brcmf_cfg80211_arm_vif_event(p2p->cfg, p2p_vif);
2183     brcmf_fweh_p2pdev_setup(pri_ifp, true);
2184
2185     /* Initialize P2P Discovery in the firmware */
2186     err = brcmf_fil_iovar_int_set(pri_ifp, "p2p_disc", 1);
2187     if (err < 0) {
2188         bphy_err(drvr, "set p2p_disc error\n");
2189         brcmf_fweh_p2pdev_setup(pri_ifp, false);
2190         brcmf_cfg80211_arm_vif_event(p2p->cfg, NULL);
2191         goto fail;
2192     }
2193
2194     /* wait for firmware event */
2195     err = brcmf_cfg80211_wait_vif_event(p2p->cfg, BRCMF_E_IF_ADD,
2196                         BRCMF_VIF_EVENT_TIMEOUT);
2197     brcmf_cfg80211_arm_vif_event(p2p->cfg, NULL);
2198     brcmf_fweh_p2pdev_setup(pri_ifp, false);
2199     if (!err) {
2200         bphy_err(drvr, "timeout occurred\n");
2201         err = -EIO;
2202         goto fail;
2203     }
2204
2205     /* discovery interface created */
2206     p2p_ifp = p2p_vif->ifp;
2207     p2p->bss_idx[P2PAPI_BSSCFG_DEVICE].vif = p2p_vif;
2208     memcpy(p2p_ifp->mac_addr, p2p->dev_addr, ETH_ALEN);
2209     memcpy(&p2p_vif->wdev.address, p2p->dev_addr, sizeof(p2p->dev_addr));
2210
2211     /* verify bsscfg index for P2P discovery */
2212     err = brcmf_fil_iovar_int_get(pri_ifp, "p2p_dev", &bsscfgidx);
2213     if (err < 0) {
2214         bphy_err(drvr, "retrieving discover bsscfg index failed\n");
2215         goto fail;
2216     }
2217
2218     WARN_ON(p2p_ifp->bsscfgidx != bsscfgidx);
2219
2220     init_completion(&p2p->send_af_done);
2221     INIT_WORK(&p2p->afx_hdl.afx_work, brcmf_p2p_afx_handler);
2222     init_completion(&p2p->afx_hdl.act_frm_scan);
2223     init_completion(&p2p->wait_next_af);
2224
2225     return &p2p_vif->wdev;
2226
2227 fail:
2228     brcmf_free_vif(p2p_vif);
2229     return ERR_PTR(err);
2230 }
2231
2232 static int brcmf_p2p_get_conn_idx(struct brcmf_cfg80211_info *cfg)
2233 {
2234     int i;
2235     struct brcmf_if *ifp = netdev_priv(cfg_to_ndev(cfg));
2236
2237     if (!ifp)
2238         return -ENODEV;
2239
2240     for (i = P2PAPI_BSSCFG_CONNECTION; i < P2PAPI_BSSCFG_MAX; i++) {
2241         if (!cfg->p2p.bss_idx[i].vif) {
2242             if (i == P2PAPI_BSSCFG_CONNECTION2 &&
2243                 !(brcmf_feat_is_enabled(ifp, BRCMF_FEAT_RSDB))) {
2244                 brcmf_err("Multi p2p not supported");
2245                 return -EIO;
2246             }
2247             return i;
2248         }
2249     }
2250     return -EIO;
2251 }
2252
2253 /**
2254  * brcmf_p2p_add_vif() - create a new P2P virtual interface.
2255  *
2256  * @wiphy: wiphy device of new interface.
2257  * @name: name of the new interface.
2258  * @name_assign_type: origin of the interface name
2259  * @type: nl80211 interface type.
2260  * @params: contains mac address for P2P device.
2261  */
2262 struct wireless_dev *brcmf_p2p_add_vif(struct wiphy *wiphy, const char *name,
2263                        unsigned char name_assign_type,
2264                        enum nl80211_iftype type,
2265                        struct vif_params *params)
2266 {
2267     struct brcmf_cfg80211_info *cfg = wiphy_to_cfg(wiphy);
2268     struct brcmf_if *ifp = netdev_priv(cfg_to_ndev(cfg));
2269     struct brcmf_pub *drvr = cfg->pub;
2270     struct brcmf_cfg80211_vif *vif;
2271     enum brcmf_fil_p2p_if_types iftype;
2272     int err = 0;
2273     int connidx;
2274     u8 *p2p_intf_addr;
2275
2276     if (brcmf_cfg80211_vif_event_armed(cfg))
2277         return ERR_PTR(-EBUSY);
2278
2279     brcmf_dbg(INFO, "adding vif \"%s\" (type=%d)\n", name, type);
2280
2281     switch (type) {
2282     case NL80211_IFTYPE_P2P_CLIENT:
2283         iftype = BRCMF_FIL_P2P_IF_CLIENT;
2284         break;
2285     case NL80211_IFTYPE_P2P_GO:
2286         iftype = BRCMF_FIL_P2P_IF_GO;
2287         break;
2288     case NL80211_IFTYPE_P2P_DEVICE:
2289         return brcmf_p2p_create_p2pdev(&cfg->p2p, wiphy,
2290                            params->macaddr);
2291     default:
2292         return ERR_PTR(-EOPNOTSUPP);
2293     }
2294
2295     vif = brcmf_alloc_vif(cfg, type);
2296     if (IS_ERR(vif))
2297         return (struct wireless_dev *)vif;
2298     brcmf_cfg80211_arm_vif_event(cfg, vif);
2299
2300     connidx = brcmf_p2p_get_conn_idx(cfg);
2301
2302     if (connidx == P2PAPI_BSSCFG_CONNECTION)
2303         p2p_intf_addr = cfg->p2p.conn_int_addr;
2304     else if (connidx == P2PAPI_BSSCFG_CONNECTION2)
2305         p2p_intf_addr = cfg->p2p.conn2_int_addr;
2306     else
2307         err = -EINVAL;
2308
2309     if (!err)
2310         err =  brcmf_p2p_request_p2p_if(&cfg->p2p, ifp,
2311                         p2p_intf_addr, iftype);
2312
2313     if (err) {
2314         brcmf_err("request p2p interface failed\n");
2315         brcmf_cfg80211_arm_vif_event(cfg, NULL);
2316         goto fail;
2317     }
2318
2319     /* wait for firmware event */
2320     err = brcmf_cfg80211_wait_vif_event(cfg, BRCMF_E_IF_ADD,
2321                         BRCMF_VIF_EVENT_TIMEOUT);
2322     brcmf_cfg80211_arm_vif_event(cfg, NULL);
2323     if (!err) {
2324         bphy_err(drvr, "timeout occurred\n");
2325         err = -EIO;
2326         goto fail;
2327     }
2328
2329     /* interface created in firmware */
2330     ifp = vif->ifp;
2331     if (!ifp) {
2332         bphy_err(drvr, "no if pointer provided\n");
2333         err = -ENOENT;
2334         goto fail;
2335     }
2336
2337     strncpy(ifp->ndev->name, name, sizeof(ifp->ndev->name) - 1);
2338     ifp->ndev->name_assign_type = name_assign_type;
2339     err = brcmf_net_attach(ifp, true);
2340     if (err) {
2341         bphy_err(drvr, "Registering netdevice failed\n");
2342         free_netdev(ifp->ndev);
2343         goto fail;
2344     }
2345
2346     cfg->p2p.bss_idx[connidx].vif = vif;
2347     /* Disable firmware roaming for P2P interface  */
2348     brcmf_fil_iovar_int_set(ifp, "roam_off", 1);
2349     if (iftype == BRCMF_FIL_P2P_IF_GO) {
2350         /* set station timeout for p2p */
2351         brcmf_fil_cmd_int_set(ifp, BRCMF_C_SET_SCB_TIMEOUT,
2352                       BRCMF_SCB_TIMEOUT_VALUE);
2353     }
2354     return &ifp->vif->wdev;
2355
2356 fail:
2357     brcmf_free_vif(vif);
2358     return ERR_PTR(err);
2359 }
2360
2361 /**
2362  * brcmf_p2p_del_vif() - delete a P2P virtual interface.
2363  *
2364  * @wiphy: wiphy device of interface.
2365  * @wdev: wireless device of interface.
2366  */
2367 int brcmf_p2p_del_vif(struct wiphy *wiphy, struct wireless_dev *wdev)
2368 {
2369     struct brcmf_cfg80211_info *cfg = wiphy_to_cfg(wiphy);
2370     struct brcmf_p2p_info *p2p = &cfg->p2p;
2371     struct brcmf_cfg80211_vif *vif;
2372     enum nl80211_iftype iftype;
2373     bool wait_for_disable = false;
2374     int err;
2375
2376     brcmf_dbg(TRACE, "delete P2P vif\n");
2377     vif = container_of(wdev, struct brcmf_cfg80211_vif, wdev);
2378
2379     iftype = vif->wdev.iftype;
2380     brcmf_cfg80211_arm_vif_event(cfg, vif);
2381     switch (iftype) {
2382     case NL80211_IFTYPE_P2P_CLIENT:
2383         if (test_bit(BRCMF_VIF_STATUS_DISCONNECTING, &vif->sme_state))
2384             wait_for_disable = true;
2385         break;
2386
2387     case NL80211_IFTYPE_P2P_GO:
2388         if (!brcmf_p2p_disable_p2p_if(vif))
2389             wait_for_disable = true;
2390         break;
2391
2392     case NL80211_IFTYPE_P2P_DEVICE:
2393         if (!p2p->bss_idx[P2PAPI_BSSCFG_DEVICE].vif)
2394             return 0;
2395         brcmf_p2p_cancel_remain_on_channel(vif->ifp);
2396         brcmf_p2p_deinit_discovery(p2p);
2397         break;
2398
2399     default:
2400         return -ENOTSUPP;
2401     }
2402
2403     clear_bit(BRCMF_P2P_STATUS_GO_NEG_PHASE, &p2p->status);
2404     brcmf_dbg(INFO, "P2P: GO_NEG_PHASE status cleared\n");
2405
2406     if (wait_for_disable)
2407         wait_for_completion_timeout(&cfg->vif_disabled,
2408                         BRCMF_P2P_DISABLE_TIMEOUT);
2409
2410     err = 0;
2411     if (iftype != NL80211_IFTYPE_P2P_DEVICE) {
2412         brcmf_vif_clear_mgmt_ies(vif);
2413         err = brcmf_p2p_release_p2p_if(vif);
2414     }
2415     if (!err) {
2416         /* wait for firmware event */
2417         err = brcmf_cfg80211_wait_vif_event(cfg, BRCMF_E_IF_DEL,
2418                             BRCMF_VIF_EVENT_TIMEOUT);
2419         if (!err)
2420             err = -EIO;
2421         else
2422             err = 0;
2423     }
2424     brcmf_remove_interface(vif->ifp, true);
2425
2426     brcmf_cfg80211_arm_vif_event(cfg, NULL);
2427     if (iftype != NL80211_IFTYPE_P2P_DEVICE)
2428         p2p->bss_idx[P2PAPI_BSSCFG_CONNECTION].vif = NULL;
2429
2430     return err;
2431 }
2432
2433 void brcmf_p2p_ifp_removed(struct brcmf_if *ifp, bool locked)
2434 {
2435     struct brcmf_cfg80211_info *cfg;
2436     struct brcmf_cfg80211_vif *vif;
2437
2438     brcmf_dbg(INFO, "P2P: device interface removed\n");
2439     vif = ifp->vif;
2440     cfg = wdev_to_cfg(&vif->wdev);
2441     cfg->p2p.bss_idx[P2PAPI_BSSCFG_DEVICE].vif = NULL;
2442     if (!locked) {
2443         rtnl_lock();
2444         wiphy_lock(cfg->wiphy);
2445         cfg80211_unregister_wdev(&vif->wdev);
2446         wiphy_unlock(cfg->wiphy);
2447         rtnl_unlock();
2448     } else {
2449         cfg80211_unregister_wdev(&vif->wdev);
2450     }
2451     brcmf_free_vif(vif);
2452 }
2453
2454 int brcmf_p2p_start_device(struct wiphy *wiphy, struct wireless_dev *wdev)
2455 {
2456     struct brcmf_cfg80211_info *cfg = wiphy_to_cfg(wiphy);
2457     struct brcmf_p2p_info *p2p = &cfg->p2p;
2458     struct brcmf_cfg80211_vif *vif;
2459     int err;
2460
2461     vif = container_of(wdev, struct brcmf_cfg80211_vif, wdev);
2462     mutex_lock(&cfg->usr_sync);
2463     err = brcmf_p2p_enable_discovery(p2p);
2464     if (!err)
2465         set_bit(BRCMF_VIF_STATUS_READY, &vif->sme_state);
2466     mutex_unlock(&cfg->usr_sync);
2467     return err;
2468 }
2469
2470 void brcmf_p2p_stop_device(struct wiphy *wiphy, struct wireless_dev *wdev)
2471 {
2472     struct brcmf_cfg80211_info *cfg = wiphy_to_cfg(wiphy);
2473     struct brcmf_p2p_info *p2p = &cfg->p2p;
2474     struct brcmf_cfg80211_vif *vif;
2475
2476     vif = container_of(wdev, struct brcmf_cfg80211_vif, wdev);
2477     /* This call can be result of the unregister_wdev call. In that case
2478      * we dont want to do anything anymore. Just return. The config vif
2479      * will have been cleared at this point.
2480      */
2481     if (p2p->bss_idx[P2PAPI_BSSCFG_DEVICE].vif == vif) {
2482         mutex_lock(&cfg->usr_sync);
2483         /* Set the discovery state to SCAN */
2484         (void)brcmf_p2p_set_discover_state(vif->ifp,
2485                            WL_P2P_DISC_ST_SCAN, 0, 0);
2486         brcmf_abort_scanning(cfg);
2487         clear_bit(BRCMF_VIF_STATUS_READY, &vif->sme_state);
2488         mutex_unlock(&cfg->usr_sync);
2489     }
2490 }
2491
2492 /**
2493  * brcmf_p2p_attach() - attach for P2P.
2494  *
2495  * @cfg: driver private data for cfg80211 interface.
2496  * @p2pdev_forced: create p2p device interface at attach.
2497  */
2498 s32 brcmf_p2p_attach(struct brcmf_cfg80211_info *cfg, bool p2pdev_forced)
2499 {
2500     struct brcmf_pub *drvr = cfg->pub;
2501     struct brcmf_p2p_info *p2p;
2502     struct brcmf_if *pri_ifp;
2503     s32 err = 0;
2504     void *err_ptr;
2505
2506     p2p = &cfg->p2p;
2507     p2p->cfg = cfg;
2508
2509     pri_ifp = brcmf_get_ifp(cfg->pub, 0);
2510     p2p->bss_idx[P2PAPI_BSSCFG_PRIMARY].vif = pri_ifp->vif;
2511
2512     if (p2pdev_forced) {
2513         err_ptr = brcmf_p2p_create_p2pdev(p2p, NULL, NULL);
2514         if (IS_ERR(err_ptr)) {
2515             bphy_err(drvr, "P2P device creation failed.\n");
2516             err = PTR_ERR(err_ptr);
2517         }
2518     } else {
2519         p2p->p2pdev_dynamically = true;
2520     }
2521     return err;
2522 }
2523
2524 /**
2525  * brcmf_p2p_detach() - detach P2P.
2526  *
2527  * @p2p: P2P specific data.
2528  */
2529 void brcmf_p2p_detach(struct brcmf_p2p_info *p2p)
2530 {
2531     struct brcmf_cfg80211_vif *vif;
2532
2533     vif = p2p->bss_idx[P2PAPI_BSSCFG_DEVICE].vif;
2534     if (vif != NULL) {
2535         brcmf_p2p_cancel_remain_on_channel(vif->ifp);
2536         brcmf_p2p_deinit_discovery(p2p);
2537         brcmf_remove_interface(vif->ifp, false);
2538     }
2539     /* just set it all to zero */
2540     memset(p2p, 0, sizeof(*p2p));
2541 }
2542