1/*
2 * Copyright (c) 2010 Broadcom Corporation
3 *
4 * Permission to use, copy, modify, and/or distribute this software for any
5 * purpose with or without fee is hereby granted, provided that the above
6 * copyright notice and this permission notice appear in all copies.
7 *
8 * THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES
9 * WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF
10 * MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR ANY
11 * SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES
12 * WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN ACTION
13 * OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF OR IN
14 * CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE.
15 */
16
17#ifndef BRCMFMAC_CFG80211_H
18#define BRCMFMAC_CFG80211_H
19
20/* for brcmu_d11inf */
21#include <brcmu_d11.h>
22
23#define WL_NUM_SCAN_MAX			10
24#define WL_NUM_PMKIDS_MAX		MAXPMKID
25#define WL_TLV_INFO_MAX			1024
26#define WL_BSS_INFO_MAX			2048
27#define WL_ASSOC_INFO_MAX		512	/* assoc related fil max buf */
28#define WL_EXTRA_BUF_MAX		2048
29#define WL_ROAM_TRIGGER_LEVEL		-75
30#define WL_ROAM_DELTA			20
31#define WL_BEACON_TIMEOUT		3
32
33#define WL_SCAN_CHANNEL_TIME		40
34#define WL_SCAN_UNASSOC_TIME		40
35#define WL_SCAN_PASSIVE_TIME		120
36
37#define WL_ESCAN_BUF_SIZE		(1024 * 64)
38#define WL_ESCAN_TIMER_INTERVAL_MS	10000 /* E-Scan timeout */
39
40#define WL_ESCAN_ACTION_START		1
41#define WL_ESCAN_ACTION_CONTINUE	2
42#define WL_ESCAN_ACTION_ABORT		3
43
44#define WL_AUTH_SHARED_KEY		1	/* d11 shared authentication */
45#define IE_MAX_LEN			512
46
47/* IE TLV processing */
48#define TLV_LEN_OFF			1	/* length offset */
49#define TLV_HDR_LEN			2	/* header length */
50#define TLV_BODY_OFF			2	/* body offset */
51#define TLV_OUI_LEN			3	/* oui id length */
52
53/* 802.11 Mgmt Packet flags */
54#define BRCMF_VNDR_IE_BEACON_FLAG	0x1
55#define BRCMF_VNDR_IE_PRBRSP_FLAG	0x2
56#define BRCMF_VNDR_IE_ASSOCRSP_FLAG	0x4
57#define BRCMF_VNDR_IE_AUTHRSP_FLAG	0x8
58#define BRCMF_VNDR_IE_PRBREQ_FLAG	0x10
59#define BRCMF_VNDR_IE_ASSOCREQ_FLAG	0x20
60/* vendor IE in IW advertisement protocol ID field */
61#define BRCMF_VNDR_IE_IWAPID_FLAG	0x40
62/* allow custom IE id */
63#define BRCMF_VNDR_IE_CUSTOM_FLAG	0x100
64
65/* P2P Action Frames flags (spec ordered) */
66#define BRCMF_VNDR_IE_GONREQ_FLAG     0x001000
67#define BRCMF_VNDR_IE_GONRSP_FLAG     0x002000
68#define BRCMF_VNDR_IE_GONCFM_FLAG     0x004000
69#define BRCMF_VNDR_IE_INVREQ_FLAG     0x008000
70#define BRCMF_VNDR_IE_INVRSP_FLAG     0x010000
71#define BRCMF_VNDR_IE_DISREQ_FLAG     0x020000
72#define BRCMF_VNDR_IE_DISRSP_FLAG     0x040000
73#define BRCMF_VNDR_IE_PRDREQ_FLAG     0x080000
74#define BRCMF_VNDR_IE_PRDRSP_FLAG     0x100000
75
76#define BRCMF_VNDR_IE_P2PAF_SHIFT	12
77
78#define BRCMF_MAX_DEFAULT_KEYS		4
79
80
81/**
82 * enum brcmf_scan_status - scan engine status
83 *
84 * @BRCMF_SCAN_STATUS_BUSY: scanning in progress on dongle.
85 * @BRCMF_SCAN_STATUS_ABORT: scan being aborted on dongle.
86 * @BRCMF_SCAN_STATUS_SUPPRESS: scanning is suppressed in driver.
87 */
88enum brcmf_scan_status {
89	BRCMF_SCAN_STATUS_BUSY,
90	BRCMF_SCAN_STATUS_ABORT,
91	BRCMF_SCAN_STATUS_SUPPRESS,
92};
93
94/* dongle configuration */
95struct brcmf_cfg80211_conf {
96	u32 frag_threshold;
97	u32 rts_threshold;
98	u32 retry_short;
99	u32 retry_long;
100	s32 tx_power;
101	struct ieee80211_channel channel;
102};
103
104/* basic structure of scan request */
105struct brcmf_cfg80211_scan_req {
106	struct brcmf_ssid_le ssid_le;
107};
108
109/* basic structure of information element */
110struct brcmf_cfg80211_ie {
111	u16 offset;
112	u8 buf[WL_TLV_INFO_MAX];
113};
114
115/* security information with currently associated ap */
116struct brcmf_cfg80211_security {
117	u32 wpa_versions;
118	u32 auth_type;
119	u32 cipher_pairwise;
120	u32 cipher_group;
121	u32 wpa_auth;
122};
123
124/**
125 * struct brcmf_cfg80211_profile - profile information.
126 *
127 * @ssid: ssid of associated/associating ap.
128 * @bssid: bssid of joined/joining ibss.
129 * @sec: security information.
130 * @key: key information
131 */
132struct brcmf_cfg80211_profile {
133	struct brcmf_ssid ssid;
134	u8 bssid[ETH_ALEN];
135	struct brcmf_cfg80211_security sec;
136	struct brcmf_wsec_key key[BRCMF_MAX_DEFAULT_KEYS];
137};
138
139/**
140 * enum brcmf_vif_status - bit indices for vif status.
141 *
142 * @BRCMF_VIF_STATUS_READY: ready for operation.
143 * @BRCMF_VIF_STATUS_CONNECTING: connect/join in progress.
144 * @BRCMF_VIF_STATUS_CONNECTED: connected/joined succesfully.
145 * @BRCMF_VIF_STATUS_DISCONNECTING: disconnect/disable in progress.
146 * @BRCMF_VIF_STATUS_AP_CREATING: interface configured for AP operation.
147 * @BRCMF_VIF_STATUS_AP_CREATED: AP operation started.
148 */
149enum brcmf_vif_status {
150	BRCMF_VIF_STATUS_READY,
151	BRCMF_VIF_STATUS_CONNECTING,
152	BRCMF_VIF_STATUS_CONNECTED,
153	BRCMF_VIF_STATUS_DISCONNECTING,
154	BRCMF_VIF_STATUS_AP_CREATING,
155	BRCMF_VIF_STATUS_AP_CREATED
156};
157
158/**
159 * struct vif_saved_ie - holds saved IEs for a virtual interface.
160 *
161 * @probe_req_ie: IE info for probe request.
162 * @probe_res_ie: IE info for probe response.
163 * @beacon_ie: IE info for beacon frame.
164 * @probe_req_ie_len: IE info length for probe request.
165 * @probe_res_ie_len: IE info length for probe response.
166 * @beacon_ie_len: IE info length for beacon frame.
167 */
168struct vif_saved_ie {
169	u8  probe_req_ie[IE_MAX_LEN];
170	u8  probe_res_ie[IE_MAX_LEN];
171	u8  beacon_ie[IE_MAX_LEN];
172	u8  assoc_req_ie[IE_MAX_LEN];
173	u32 probe_req_ie_len;
174	u32 probe_res_ie_len;
175	u32 beacon_ie_len;
176	u32 assoc_req_ie_len;
177};
178
179/**
180 * struct brcmf_cfg80211_vif - virtual interface specific information.
181 *
182 * @ifp: lower layer interface pointer
183 * @wdev: wireless device.
184 * @profile: profile information.
185 * @roam_off: roaming state.
186 * @sme_state: SME state using enum brcmf_vif_status bits.
187 * @pm_block: power-management blocked.
188 * @list: linked list.
189 * @mgmt_rx_reg: registered rx mgmt frame types.
190 * @mbss: Multiple BSS type, set if not first AP (not relevant for P2P).
191 */
192struct brcmf_cfg80211_vif {
193	struct brcmf_if *ifp;
194	struct wireless_dev wdev;
195	struct brcmf_cfg80211_profile profile;
196	s32 roam_off;
197	unsigned long sme_state;
198	bool pm_block;
199	struct vif_saved_ie saved_ie;
200	struct list_head list;
201	u16 mgmt_rx_reg;
202	bool mbss;
203	int is_11d;
204};
205
206/* association inform */
207struct brcmf_cfg80211_connect_info {
208	u8 *req_ie;
209	s32 req_ie_len;
210	u8 *resp_ie;
211	s32 resp_ie_len;
212};
213
214/* assoc ie length */
215struct brcmf_cfg80211_assoc_ielen_le {
216	__le32 req_len;
217	__le32 resp_len;
218};
219
220/* wpa2 pmk list */
221struct brcmf_cfg80211_pmk_list {
222	struct pmkid_list pmkids;
223	struct pmkid foo[MAXPMKID - 1];
224};
225
226/* dongle escan state */
227enum wl_escan_state {
228	WL_ESCAN_STATE_IDLE,
229	WL_ESCAN_STATE_SCANNING
230};
231
232struct escan_info {
233	u32 escan_state;
234	u8 escan_buf[WL_ESCAN_BUF_SIZE];
235	struct wiphy *wiphy;
236	struct brcmf_if *ifp;
237	s32 (*run)(struct brcmf_cfg80211_info *cfg, struct brcmf_if *ifp,
238		   struct cfg80211_scan_request *request, u16 action);
239};
240
241/**
242 * struct brcmf_pno_param_le - PNO scan configuration parameters
243 *
244 * @version: PNO parameters version.
245 * @scan_freq: scan frequency.
246 * @lost_network_timeout: #sec. to declare discovered network as lost.
247 * @flags: Bit field to control features of PFN such as sort criteria auto
248 *	enable switch and background scan.
249 * @rssi_margin: Margin to avoid jitter for choosing a PFN based on RSSI sort
250 *	criteria.
251 * @bestn: number of best networks in each scan.
252 * @mscan: number of scans recorded.
253 * @repeat: minimum number of scan intervals before scan frequency changes
254 *	in adaptive scan.
255 * @exp: exponent of 2 for maximum scan interval.
256 * @slow_freq: slow scan period.
257 */
258struct brcmf_pno_param_le {
259	__le32 version;
260	__le32 scan_freq;
261	__le32 lost_network_timeout;
262	__le16 flags;
263	__le16 rssi_margin;
264	u8 bestn;
265	u8 mscan;
266	u8 repeat;
267	u8 exp;
268	__le32 slow_freq;
269};
270
271/**
272 * struct brcmf_pno_net_param_le - scan parameters per preferred network.
273 *
274 * @ssid: ssid name and its length.
275 * @flags: bit2: hidden.
276 * @infra: BSS vs IBSS.
277 * @auth: Open vs Closed.
278 * @wpa_auth: WPA type.
279 * @wsec: wsec value.
280 */
281struct brcmf_pno_net_param_le {
282	struct brcmf_ssid_le ssid;
283	__le32 flags;
284	__le32 infra;
285	__le32 auth;
286	__le32 wpa_auth;
287	__le32 wsec;
288};
289
290/**
291 * struct brcmf_pno_net_info_le - information per found network.
292 *
293 * @bssid: BSS network identifier.
294 * @channel: channel number only.
295 * @SSID_len: length of ssid.
296 * @SSID: ssid characters.
297 * @RSSI: receive signal strength (in dBm).
298 * @timestamp: age in seconds.
299 */
300struct brcmf_pno_net_info_le {
301	u8 bssid[ETH_ALEN];
302	u8 channel;
303	u8 SSID_len;
304	u8 SSID[32];
305	__le16	RSSI;
306	__le16	timestamp;
307};
308
309/**
310 * struct brcmf_pno_scanresults_le - result returned in PNO NET FOUND event.
311 *
312 * @version: PNO version identifier.
313 * @status: indicates completion status of PNO scan.
314 * @count: amount of brcmf_pno_net_info_le entries appended.
315 */
316struct brcmf_pno_scanresults_le {
317	__le32 version;
318	__le32 status;
319	__le32 count;
320};
321
322/**
323 * struct brcmf_cfg80211_vif_event - virtual interface event information.
324 *
325 * @vif_wq: waitqueue awaiting interface event from firmware.
326 * @vif_event_lock: protects other members in this structure.
327 * @vif_complete: completion for net attach.
328 * @action: either add, change, or delete.
329 * @vif: virtual interface object related to the event.
330 */
331struct brcmf_cfg80211_vif_event {
332	wait_queue_head_t vif_wq;
333	struct mutex vif_event_lock;
334	u8 action;
335	struct brcmf_cfg80211_vif *vif;
336};
337
338/**
339 * struct brcmf_cfg80211_info - dongle private data of cfg80211 interface
340 *
341 * @wiphy: wiphy object for cfg80211 interface.
342 * @conf: dongle configuration.
343 * @p2p: peer-to-peer specific information.
344 * @btcoex: Bluetooth coexistence information.
345 * @scan_request: cfg80211 scan request object.
346 * @usr_sync: mainly for dongle up/down synchronization.
347 * @bss_list: bss_list holding scanned ap information.
348 * @scan_req_int: internal scan request object.
349 * @bss_info: bss information for cfg80211 layer.
350 * @ie: information element object for internal purpose.
351 * @conn_info: association info.
352 * @pmk_list: wpa2 pmk list.
353 * @scan_status: scan activity on the dongle.
354 * @pub: common driver information.
355 * @channel: current channel.
356 * @active_scan: current scan mode.
357 * @sched_escan: e-scan for scheduled scan support running.
358 * @ibss_starter: indicates this sta is ibss starter.
359 * @pwr_save: indicate whether dongle to support power save mode.
360 * @dongle_up: indicate whether dongle up or not.
361 * @roam_on: on/off switch for dongle self-roaming.
362 * @scan_tried: indicates if first scan attempted.
363 * @dcmd_buf: dcmd buffer.
364 * @extra_buf: mainly to grab assoc information.
365 * @debugfsdir: debugfs folder for this device.
366 * @escan_info: escan information.
367 * @escan_timeout: Timer for catch scan timeout.
368 * @escan_timeout_work: scan timeout worker.
369 * @escan_ioctl_buf: dongle command buffer for escan commands.
370 * @vif_list: linked list of vif instances.
371 * @vif_cnt: number of vif instances.
372 * @vif_event: vif event signalling.
373 * @wowl_enabled; set during suspend, is wowl used.
374 * @pre_wowl_pmmode: intermediate storage of pm mode during wowl.
375 */
376struct brcmf_cfg80211_info {
377	struct wiphy *wiphy;
378	struct brcmf_cfg80211_conf *conf;
379	struct brcmf_p2p_info p2p;
380	struct brcmf_btcoex_info *btcoex;
381	struct cfg80211_scan_request *scan_request;
382	struct mutex usr_sync;
383	struct brcmf_cfg80211_scan_req scan_req_int;
384	struct wl_cfg80211_bss_info *bss_info;
385	struct brcmf_cfg80211_ie ie;
386	struct brcmf_cfg80211_connect_info conn_info;
387	struct brcmf_cfg80211_pmk_list *pmk_list;
388	unsigned long scan_status;
389	struct brcmf_pub *pub;
390	u32 channel;
391	bool active_scan;
392	bool sched_escan;
393	bool ibss_starter;
394	bool pwr_save;
395	bool dongle_up;
396	bool scan_tried;
397	u8 *dcmd_buf;
398	u8 *extra_buf;
399	struct dentry *debugfsdir;
400	struct escan_info escan_info;
401	struct timer_list escan_timeout;
402	struct work_struct escan_timeout_work;
403	u8 *escan_ioctl_buf;
404	struct list_head vif_list;
405	struct brcmf_cfg80211_vif_event vif_event;
406	struct completion vif_disabled;
407	struct brcmu_d11inf d11inf;
408	bool wowl_enabled;
409	u32 pre_wowl_pmmode;
410};
411
412/**
413 * struct brcmf_tlv - tag_ID/length/value_buffer tuple.
414 *
415 * @id: tag identifier.
416 * @len: number of bytes in value buffer.
417 * @data: value buffer.
418 */
419struct brcmf_tlv {
420	u8 id;
421	u8 len;
422	u8 data[1];
423};
424
425static inline struct wiphy *cfg_to_wiphy(struct brcmf_cfg80211_info *cfg)
426{
427	return cfg->wiphy;
428}
429
430static inline struct brcmf_cfg80211_info *wiphy_to_cfg(struct wiphy *w)
431{
432	return (struct brcmf_cfg80211_info *)(wiphy_priv(w));
433}
434
435static inline struct brcmf_cfg80211_info *wdev_to_cfg(struct wireless_dev *wd)
436{
437	return (struct brcmf_cfg80211_info *)(wdev_priv(wd));
438}
439
440static inline
441struct net_device *cfg_to_ndev(struct brcmf_cfg80211_info *cfg)
442{
443	struct brcmf_cfg80211_vif *vif;
444	vif = list_first_entry(&cfg->vif_list, struct brcmf_cfg80211_vif, list);
445	return vif->wdev.netdev;
446}
447
448static inline struct brcmf_cfg80211_info *ndev_to_cfg(struct net_device *ndev)
449{
450	return wdev_to_cfg(ndev->ieee80211_ptr);
451}
452
453static inline struct brcmf_cfg80211_profile *ndev_to_prof(struct net_device *nd)
454{
455	struct brcmf_if *ifp = netdev_priv(nd);
456	return &ifp->vif->profile;
457}
458
459static inline struct brcmf_cfg80211_vif *ndev_to_vif(struct net_device *ndev)
460{
461	struct brcmf_if *ifp = netdev_priv(ndev);
462	return ifp->vif;
463}
464
465static inline struct
466brcmf_cfg80211_connect_info *cfg_to_conn(struct brcmf_cfg80211_info *cfg)
467{
468	return &cfg->conn_info;
469}
470
471struct brcmf_cfg80211_info *brcmf_cfg80211_attach(struct brcmf_pub *drvr,
472						  struct device *busdev);
473void brcmf_cfg80211_detach(struct brcmf_cfg80211_info *cfg);
474s32 brcmf_cfg80211_up(struct net_device *ndev);
475s32 brcmf_cfg80211_down(struct net_device *ndev);
476enum nl80211_iftype brcmf_cfg80211_get_iftype(struct brcmf_if *ifp);
477
478struct brcmf_cfg80211_vif *brcmf_alloc_vif(struct brcmf_cfg80211_info *cfg,
479					   enum nl80211_iftype type,
480					   bool pm_block);
481void brcmf_free_vif(struct brcmf_cfg80211_vif *vif);
482
483s32 brcmf_vif_set_mgmt_ie(struct brcmf_cfg80211_vif *vif, s32 pktflag,
484			  const u8 *vndr_ie_buf, u32 vndr_ie_len);
485s32 brcmf_vif_clear_mgmt_ies(struct brcmf_cfg80211_vif *vif);
486const struct brcmf_tlv *
487brcmf_parse_tlvs(const void *buf, int buflen, uint key);
488u16 channel_to_chanspec(struct brcmu_d11inf *d11inf,
489			struct ieee80211_channel *ch);
490bool brcmf_get_vif_state_any(struct brcmf_cfg80211_info *cfg,
491			     unsigned long state);
492void brcmf_cfg80211_arm_vif_event(struct brcmf_cfg80211_info *cfg,
493				  struct brcmf_cfg80211_vif *vif);
494bool brcmf_cfg80211_vif_event_armed(struct brcmf_cfg80211_info *cfg);
495int brcmf_cfg80211_wait_vif_event_timeout(struct brcmf_cfg80211_info *cfg,
496					  u8 action, ulong timeout);
497s32 brcmf_notify_escan_complete(struct brcmf_cfg80211_info *cfg,
498				struct brcmf_if *ifp, bool aborted,
499				bool fw_abort);
500void brcmf_set_mpc(struct brcmf_if *ndev, int mpc);
501void brcmf_abort_scanning(struct brcmf_cfg80211_info *cfg);
502void brcmf_cfg80211_free_netdev(struct net_device *ndev);
503
504#endif /* BRCMFMAC_CFG80211_H */
505