1 /*
2  * Copyright (c) 2013-2021 The Linux Foundation. All rights reserved.
3  * Copyright (c) 2022-2023 Qualcomm Innovation Center, Inc. All rights reserved.
4  *
5  * Permission to use, copy, modify, and/or distribute this software for
6  * any purpose with or without fee is hereby granted, provided that the
7  * above copyright notice and this permission notice appear in all
8  * copies.
9  *
10  * THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL
11  * WARRANTIES WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED
12  * WARRANTIES OF MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE
13  * AUTHOR BE LIABLE FOR ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL
14  * DAMAGES OR ANY DAMAGES WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR
15  * PROFITS, WHETHER IN AN ACTION OF CONTRACT, NEGLIGENCE OR OTHER
16  * TORTIOUS ACTION, ARISING OUT OF OR IN CONNECTION WITH THE USE OR
17  * PERFORMANCE OF THIS SOFTWARE.
18  */
19 
20 #include <osdep.h>
21 #include <wmi.h>
22 #include <wmi_unified_priv.h>
23 #include <nan_public_structs.h>
24 #include <wmi_unified_nan_api.h>
25 #include <wlan_nan_msg_common_v2.h>
26 
27 static QDF_STATUS
extract_nan_event_rsp_tlv(wmi_unified_t wmi_handle,void * evt_buf,struct nan_event_params * evt_params,uint8_t ** msg_buf)28 extract_nan_event_rsp_tlv(wmi_unified_t wmi_handle, void *evt_buf,
29 			  struct nan_event_params *evt_params,
30 			  uint8_t **msg_buf)
31 {
32 	WMI_NAN_EVENTID_param_tlvs *event;
33 	wmi_nan_event_hdr *nan_rsp_event_hdr;
34 	nan_msg_header_t *nan_msg_hdr;
35 	wmi_nan_event_info *nan_evt_info;
36 
37 	/*
38 	 * This is how received evt looks like
39 	 *
40 	 * <-------------------- evt_buf ----------------------------------->
41 	 *
42 	 * <--wmi_nan_event_hdr--><---WMI_TLV_HDR_SIZE---><----- data -------->
43 	 *
44 	 * +-----------+---------+-----------------------+--------------------+-
45 	 * | tlv_header| data_len| WMITLV_TAG_ARRAY_BYTE | nan_rsp_event_data |
46 	 * +-----------+---------+-----------------------+--------------------+-
47 	 *
48 	 * (Only for NAN Enable Resp)
49 	 * <--wmi_nan_event_info-->
50 	 * +-----------+-----------+
51 	 * | tlv_header| event_info|
52 	 * +-----------+-----------+
53 	 *
54 	 */
55 
56 	event = (WMI_NAN_EVENTID_param_tlvs *)evt_buf;
57 	nan_rsp_event_hdr = event->fixed_param;
58 
59 	/* Actual data may include some padding, so data_len <= num_data */
60 	if (nan_rsp_event_hdr->data_len > event->num_data) {
61 		wmi_err("Provided NAN event length(%d) exceeding actual length(%d)!",
62 			 nan_rsp_event_hdr->data_len,
63 			 event->num_data);
64 		return QDF_STATUS_E_INVAL;
65 	}
66 	evt_params->buf_len = nan_rsp_event_hdr->data_len;
67 	*msg_buf = event->data;
68 
69 	if (nan_rsp_event_hdr->data_len < sizeof(nan_msg_header_t) ||
70 	    nan_rsp_event_hdr->data_len > (WMI_SVC_MSG_MAX_SIZE -
71 							    WMI_TLV_HDR_SIZE)) {
72 		wmi_err("Invalid NAN event data length(%d)!",
73 			 nan_rsp_event_hdr->data_len);
74 		return QDF_STATUS_E_INVAL;
75 	}
76 	nan_msg_hdr = (nan_msg_header_t *)event->data;
77 
78 	switch (nan_msg_hdr->msg_id) {
79 	case NAN_MSG_ID_ENABLE_RSP:
80 		nan_evt_info = event->event_info;
81 		if (!nan_evt_info) {
82 			if (!wmi_service_enabled(wmi_handle,
83 						 wmi_service_nan_dbs_support) &&
84 			    !wmi_service_enabled(wmi_handle,
85 						 wmi_service_nan_disable_support
86 						 )) {
87 				evt_params->evt_type = nan_event_id_generic_rsp;
88 				break;
89 			} else {
90 				wmi_err("Fail: NAN enable rsp event info Null");
91 				return QDF_STATUS_E_INVAL;
92 			}
93 		}
94 		evt_params->evt_type = nan_event_id_enable_rsp;
95 		evt_params->mac_id = nan_evt_info->mac_id;
96 		evt_params->is_nan_enable_success = (nan_evt_info->status == 0);
97 		evt_params->vdev_id = nan_evt_info->vdev_id;
98 		break;
99 	case NAN_MSG_ID_DISABLE_IND:
100 		evt_params->evt_type = nan_event_id_disable_ind;
101 		break;
102 	case NAN_MSG_ID_ERROR_RSP:
103 		evt_params->evt_type = nan_event_id_error_rsp;
104 		break;
105 	default:
106 		evt_params->evt_type = nan_event_id_generic_rsp;
107 		break;
108 	}
109 
110 	return QDF_STATUS_SUCCESS;
111 }
112 
113 /**
114  * send_nan_disable_req_cmd_tlv() - to send nan disable request to target
115  * @wmi_handle: wmi handle
116  * @nan_msg: request data which will be non-null
117  *
118  * Return: QDF status
119  */
send_nan_disable_req_cmd_tlv(wmi_unified_t wmi_handle,struct nan_disable_req * nan_msg)120 static QDF_STATUS send_nan_disable_req_cmd_tlv(wmi_unified_t wmi_handle,
121 					       struct nan_disable_req *nan_msg)
122 {
123 	QDF_STATUS ret;
124 	wmi_nan_cmd_param *cmd;
125 	wmi_nan_host_config_param *cfg;
126 	wmi_buf_t buf;
127 	/* Initialize with minimum length required, which is Scenario 2*/
128 	uint16_t len = sizeof(*cmd) + sizeof(*cfg) + 2 * WMI_TLV_HDR_SIZE;
129 	uint16_t nan_data_len, nan_data_len_aligned = 0;
130 	uint8_t *buf_ptr;
131 
132 	/*
133 	 *  Scenario 1: NAN Disable with NAN msg data from upper layers
134 	 *
135 	 *    <-----nan cmd param-----><-- WMI_TLV_HDR_SIZE --><--- data ---->
136 	 *    +------------+----------+-----------------------+--------------+
137 	 *    | tlv_header | data_len | WMITLV_TAG_ARRAY_BYTE | nan_msg_data |
138 	 *    +------------+----------+-----------------------+--------------+
139 	 *
140 	 *    <-- WMI_TLV_HDR_SIZE --><------nan host config params----->
141 	 *   -+-----------------------+---------------------------------+
142 	 *    | WMITLV_TAG_ARRAY_STRUC| tlv_header | 2g/5g disable flags|
143 	 *   -+-----------------------+---------------------------------+
144 	 *
145 	 * Scenario 2: NAN Disable without any NAN msg data from upper layers
146 	 *
147 	 *    <------nan cmd param------><--WMI_TLV_HDR_SIZE--><--WMI_TLV_HDR_SI
148 	 *    +------------+------------+----------------------+----------------
149 	 *    | tlv_header | data_len=0 | WMITLV_TAG_ARRAY_BYTE| WMITLV_TAG_ARRA
150 	 *    +------------+------------+----------------------+----------------
151 	 *
152 	 *    ZE----><------nan host config params----->
153 	 *    -------+---------------------------------+
154 	 *    Y_STRUC| tlv_header | 2g/5g disable flags|
155 	 *    -------+---------------------------------+
156 	 */
157 
158 	if (!nan_msg) {
159 		wmi_err("nan req is not valid");
160 		return QDF_STATUS_E_FAILURE;
161 	}
162 
163 	nan_data_len = nan_msg->params.request_data_len;
164 
165 	if (nan_data_len) {
166 		nan_data_len_aligned = roundup(nan_data_len, sizeof(uint32_t));
167 		if (nan_data_len_aligned < nan_data_len) {
168 			wmi_err("Int overflow while rounding up data_len");
169 			return QDF_STATUS_E_FAILURE;
170 		}
171 
172 		if (nan_data_len_aligned > WMI_SVC_MSG_MAX_SIZE
173 							- WMI_TLV_HDR_SIZE) {
174 			wmi_err("nan_data_len exceeding wmi_max_msg_size");
175 			return QDF_STATUS_E_FAILURE;
176 		}
177 
178 		len += nan_data_len_aligned;
179 	}
180 
181 	buf = wmi_buf_alloc(wmi_handle, len);
182 	if (!buf)
183 		return QDF_STATUS_E_NOMEM;
184 
185 	buf_ptr = (uint8_t *)wmi_buf_data(buf);
186 	cmd = (wmi_nan_cmd_param *)buf_ptr;
187 	WMITLV_SET_HDR(&cmd->tlv_header,
188 		       WMITLV_TAG_STRUC_wmi_nan_cmd_param,
189 		       WMITLV_GET_STRUCT_TLVLEN(wmi_nan_cmd_param));
190 
191 	cmd->data_len = nan_data_len;
192 	wmi_debug("nan data len value is %u", nan_data_len);
193 	buf_ptr += sizeof(wmi_nan_cmd_param);
194 
195 	WMITLV_SET_HDR(buf_ptr, WMITLV_TAG_ARRAY_BYTE, nan_data_len_aligned);
196 	buf_ptr += WMI_TLV_HDR_SIZE;
197 
198 	if (nan_data_len) {
199 		qdf_mem_copy(buf_ptr, nan_msg->params.request_data,
200 			     cmd->data_len);
201 		buf_ptr += nan_data_len_aligned;
202 	}
203 
204 	WMITLV_SET_HDR(buf_ptr, WMITLV_TAG_ARRAY_STRUC,
205 		       sizeof(wmi_nan_host_config_param));
206 	buf_ptr += WMI_TLV_HDR_SIZE;
207 
208 	cfg = (wmi_nan_host_config_param *)buf_ptr;
209 	WMITLV_SET_HDR(&cfg->tlv_header,
210 		       WMITLV_TAG_STRUC_wmi_nan_host_config_param,
211 		       WMITLV_GET_STRUCT_TLVLEN(wmi_nan_host_config_param));
212 	cfg->nan_2g_disc_disable = nan_msg->disable_2g_discovery;
213 	cfg->nan_5g_disc_disable = nan_msg->disable_5g_discovery;
214 
215 	wmi_mtrace(WMI_NAN_CMDID, NO_SESSION, 0);
216 	ret = wmi_unified_cmd_send(wmi_handle, buf, len,
217 				   WMI_NAN_CMDID);
218 	if (QDF_IS_STATUS_ERROR(ret)) {
219 		wmi_err("Failed to send set param command ret = %d", ret);
220 		wmi_buf_free(buf);
221 	}
222 
223 	return ret;
224 }
225 
226 /**
227  * send_nan_req_cmd_tlv() - to send nan request to target
228  * @wmi_handle: wmi handle
229  * @nan_msg: request data which will be non-null
230  *
231  * Return: QDF status
232  */
send_nan_req_cmd_tlv(wmi_unified_t wmi_handle,struct nan_msg_params * nan_msg)233 static QDF_STATUS send_nan_req_cmd_tlv(wmi_unified_t wmi_handle,
234 				       struct nan_msg_params *nan_msg)
235 {
236 	QDF_STATUS ret;
237 	wmi_nan_cmd_param *cmd;
238 	wmi_buf_t buf;
239 	wmi_nan_host_config_param *cfg;
240 	uint16_t len = sizeof(*cmd) + sizeof(*cfg) + 2 * WMI_TLV_HDR_SIZE;
241 	uint16_t nan_data_len, nan_data_len_aligned;
242 	uint8_t *buf_ptr;
243 
244 	/*
245 	 *    <----- cmd ------------><-- WMI_TLV_HDR_SIZE --><--- data ---->
246 	 *    +------------+----------+-----------------------+--------------+
247 	 *    | tlv_header | data_len | WMITLV_TAG_ARRAY_BYTE | nan_msg_data |
248 	 *    +------------+----------+-----------------------+--------------+
249 	 *
250 	 *    <-- WMI_TLV_HDR_SIZE --><------nan host config params-------->
251 	 *    +-----------------------+------------------------------------+
252 	 *    | WMITLV_TAG_ARRAY_STRUC| tlv_header | disable flags | flags |
253 	 *    +-----------------------+------------------------------------+
254 	 */
255 	if (!nan_msg) {
256 		wmi_err("nan req is not valid");
257 		return QDF_STATUS_E_FAILURE;
258 	}
259 	nan_data_len = nan_msg->request_data_len;
260 	nan_data_len_aligned = roundup(nan_msg->request_data_len,
261 				       sizeof(uint32_t));
262 	if (nan_data_len_aligned < nan_msg->request_data_len) {
263 		wmi_err("integer overflow while rounding up data_len");
264 		return QDF_STATUS_E_FAILURE;
265 	}
266 
267 	if (nan_data_len_aligned > WMI_SVC_MSG_MAX_SIZE - WMI_TLV_HDR_SIZE) {
268 		wmi_err("wmi_max_msg_size overflow for given datalen");
269 		return QDF_STATUS_E_FAILURE;
270 	}
271 
272 	len += nan_data_len_aligned;
273 	buf = wmi_buf_alloc(wmi_handle, len);
274 	if (!buf)
275 		return QDF_STATUS_E_NOMEM;
276 
277 	buf_ptr = (uint8_t *)wmi_buf_data(buf);
278 	cmd = (wmi_nan_cmd_param *)buf_ptr;
279 	WMITLV_SET_HDR(&cmd->tlv_header,
280 		       WMITLV_TAG_STRUC_wmi_nan_cmd_param,
281 		       WMITLV_GET_STRUCT_TLVLEN(wmi_nan_cmd_param));
282 	cmd->data_len = nan_msg->request_data_len;
283 	buf_ptr += sizeof(wmi_nan_cmd_param);
284 	WMITLV_SET_HDR(buf_ptr, WMITLV_TAG_ARRAY_BYTE, nan_data_len_aligned);
285 	buf_ptr += WMI_TLV_HDR_SIZE;
286 	qdf_mem_copy(buf_ptr, nan_msg->request_data, cmd->data_len);
287 	buf_ptr += nan_data_len_aligned;
288 
289 	WMITLV_SET_HDR(buf_ptr, WMITLV_TAG_ARRAY_STRUC,
290 		       sizeof(wmi_nan_host_config_param));
291 	buf_ptr += WMI_TLV_HDR_SIZE;
292 
293 	cfg = (wmi_nan_host_config_param *)buf_ptr;
294 	WMITLV_SET_HDR(&cfg->tlv_header,
295 		       WMITLV_TAG_STRUC_wmi_nan_host_config_param,
296 		       WMITLV_GET_STRUCT_TLVLEN(wmi_nan_host_config_param));
297 
298 	WMI_NAN_SET_RANGING_INITIATOR_ROLE(cfg->flags, !!(nan_msg->rtt_cap &
299 					   WMI_FW_NAN_RTT_INITR));
300 	WMI_NAN_SET_RANGING_RESPONDER_ROLE(cfg->flags, !!(nan_msg->rtt_cap &
301 					   WMI_FW_NAN_RTT_RESPR));
302 	WMI_NAN_SET_NAN_6G_DISABLE(cfg->flags, nan_msg->disable_6g_nan);
303 
304 	wmi_mtrace(WMI_NAN_CMDID, NO_SESSION, 0);
305 	ret = wmi_unified_cmd_send(wmi_handle, buf, len, WMI_NAN_CMDID);
306 	if (QDF_IS_STATUS_ERROR(ret)) {
307 		wmi_err("Failed to send NAN req command ret = %d", ret);
308 		wmi_buf_free(buf);
309 	}
310 
311 	return ret;
312 }
313 
314 /**
315  * send_terminate_all_ndps_cmd_tlv() - send NDP Terminate for all NDP's
316  * associated with the given vdev id
317  * @wmi_handle: wmi handle
318  * @vdev_id: vdev id
319  *
320  * Return: QDF status
321  */
send_terminate_all_ndps_cmd_tlv(wmi_unified_t wmi_handle,uint32_t vdev_id)322 static QDF_STATUS send_terminate_all_ndps_cmd_tlv(wmi_unified_t wmi_handle,
323 						  uint32_t vdev_id)
324 {
325 	wmi_ndp_cmd_param *cmd;
326 	wmi_buf_t wmi_buf;
327 	uint32_t len;
328 	QDF_STATUS status;
329 
330 	wmi_debug("Enter");
331 
332 	len = sizeof(*cmd);
333 	wmi_buf = wmi_buf_alloc(wmi_handle, len);
334 	if (!wmi_buf)
335 		return QDF_STATUS_E_NOMEM;
336 
337 	cmd = (wmi_ndp_cmd_param *)wmi_buf_data(wmi_buf);
338 
339 	WMITLV_SET_HDR(&cmd->tlv_header, WMITLV_TAG_STRUC_wmi_ndp_cmd_param,
340 		       WMITLV_GET_STRUCT_TLVLEN(wmi_ndp_cmd_param));
341 
342 	cmd->vdev_id = vdev_id;
343 	cmd->ndp_disable = 1;
344 
345 	wmi_mtrace(WMI_NDP_CMDID, NO_SESSION, 0);
346 	status = wmi_unified_cmd_send(wmi_handle, wmi_buf, len, WMI_NDP_CMDID);
347 	if (QDF_IS_STATUS_ERROR(status)) {
348 		wmi_err("Failed to send NDP Terminate cmd: %d", status);
349 		wmi_buf_free(wmi_buf);
350 	}
351 
352 	return status;
353 }
354 
nan_ndp_initiator_req_tlv(wmi_unified_t wmi_handle,struct nan_datapath_initiator_req * ndp_req)355 static QDF_STATUS nan_ndp_initiator_req_tlv(wmi_unified_t wmi_handle,
356 				struct nan_datapath_initiator_req *ndp_req)
357 {
358 	uint16_t len;
359 	wmi_buf_t buf;
360 	uint8_t *tlv_ptr;
361 	QDF_STATUS status;
362 	wmi_channel *ch_tlv;
363 	wmi_ndp_initiator_req_fixed_param *cmd;
364 	uint32_t passphrase_len, service_name_len;
365 	uint32_t ndp_cfg_len, ndp_app_info_len, pmk_len;
366 	wmi_ndp_transport_ip_param *tcp_ip_param;
367 
368 	/*
369 	 * WMI command expects 4 byte aligned len:
370 	 * round up ndp_cfg_len and ndp_app_info_len to 4 bytes
371 	 */
372 	ndp_cfg_len = qdf_roundup(ndp_req->ndp_config.ndp_cfg_len, 4);
373 	ndp_app_info_len = qdf_roundup(ndp_req->ndp_info.ndp_app_info_len, 4);
374 	pmk_len = qdf_roundup(ndp_req->pmk.pmk_len, 4);
375 	passphrase_len = qdf_roundup(ndp_req->passphrase.passphrase_len, 4);
376 	service_name_len =
377 		   qdf_roundup(ndp_req->service_name.service_name_len, 4);
378 	/* allocated memory for fixed params as well as variable size data */
379 	len = sizeof(*cmd) + sizeof(*ch_tlv) + (5 * WMI_TLV_HDR_SIZE)
380 		+ ndp_cfg_len + ndp_app_info_len + pmk_len
381 		+ passphrase_len + service_name_len;
382 
383 	if (ndp_req->is_ipv6_addr_present)
384 		len += sizeof(*tcp_ip_param);
385 
386 	buf = wmi_buf_alloc(wmi_handle, len);
387 	if (!buf) {
388 		return QDF_STATUS_E_NOMEM;
389 	}
390 
391 	cmd = (wmi_ndp_initiator_req_fixed_param *) wmi_buf_data(buf);
392 	WMITLV_SET_HDR(&cmd->tlv_header,
393 		       WMITLV_TAG_STRUC_wmi_ndp_initiator_req_fixed_param,
394 		       WMITLV_GET_STRUCT_TLVLEN(
395 				wmi_ndp_initiator_req_fixed_param));
396 	cmd->vdev_id = wlan_vdev_get_id(ndp_req->vdev);
397 	cmd->transaction_id = ndp_req->transaction_id;
398 	cmd->service_instance_id = ndp_req->service_instance_id;
399 	WMI_CHAR_ARRAY_TO_MAC_ADDR(ndp_req->peer_discovery_mac_addr.bytes,
400 				   &cmd->peer_discovery_mac_addr);
401 
402 	cmd->ndp_cfg_len = ndp_req->ndp_config.ndp_cfg_len;
403 	cmd->ndp_app_info_len = ndp_req->ndp_info.ndp_app_info_len;
404 	cmd->ndp_channel_cfg = ndp_req->channel_cfg;
405 	cmd->nan_pmk_len = ndp_req->pmk.pmk_len;
406 	cmd->nan_csid = ndp_req->ncs_sk_type;
407 	cmd->nan_passphrase_len = ndp_req->passphrase.passphrase_len;
408 	cmd->nan_servicename_len = ndp_req->service_name.service_name_len;
409 	cmd->nan_csid_cap = ndp_req->ndp_add_params.csid_cap;
410 	cmd->nan_gtk_required = ndp_req->ndp_add_params.gtk;
411 
412 	ch_tlv = (wmi_channel *)&cmd[1];
413 	WMITLV_SET_HDR(ch_tlv, WMITLV_TAG_STRUC_wmi_channel,
414 		       WMITLV_GET_STRUCT_TLVLEN(wmi_channel));
415 	ch_tlv->mhz = ndp_req->channel;
416 	tlv_ptr = (uint8_t *)&ch_tlv[1];
417 
418 	WMITLV_SET_HDR(tlv_ptr, WMITLV_TAG_ARRAY_BYTE, ndp_cfg_len);
419 	qdf_mem_copy(&tlv_ptr[WMI_TLV_HDR_SIZE],
420 		     ndp_req->ndp_config.ndp_cfg, cmd->ndp_cfg_len);
421 	tlv_ptr = tlv_ptr + WMI_TLV_HDR_SIZE + ndp_cfg_len;
422 
423 	WMITLV_SET_HDR(tlv_ptr, WMITLV_TAG_ARRAY_BYTE, ndp_app_info_len);
424 	qdf_mem_copy(&tlv_ptr[WMI_TLV_HDR_SIZE],
425 		     ndp_req->ndp_info.ndp_app_info, cmd->ndp_app_info_len);
426 	tlv_ptr = tlv_ptr + WMI_TLV_HDR_SIZE + ndp_app_info_len;
427 
428 	WMITLV_SET_HDR(tlv_ptr, WMITLV_TAG_ARRAY_BYTE, pmk_len);
429 	qdf_mem_copy(&tlv_ptr[WMI_TLV_HDR_SIZE], ndp_req->pmk.pmk,
430 		     cmd->nan_pmk_len);
431 	tlv_ptr = tlv_ptr + WMI_TLV_HDR_SIZE + pmk_len;
432 
433 	WMITLV_SET_HDR(tlv_ptr, WMITLV_TAG_ARRAY_BYTE, passphrase_len);
434 	qdf_mem_copy(&tlv_ptr[WMI_TLV_HDR_SIZE], ndp_req->passphrase.passphrase,
435 		     cmd->nan_passphrase_len);
436 	tlv_ptr = tlv_ptr + WMI_TLV_HDR_SIZE + passphrase_len;
437 
438 	WMITLV_SET_HDR(tlv_ptr, WMITLV_TAG_ARRAY_BYTE, service_name_len);
439 	qdf_mem_copy(&tlv_ptr[WMI_TLV_HDR_SIZE],
440 		     ndp_req->service_name.service_name,
441 		     cmd->nan_servicename_len);
442 	tlv_ptr = tlv_ptr + WMI_TLV_HDR_SIZE + service_name_len;
443 
444 	if (ndp_req->is_ipv6_addr_present) {
445 		tcp_ip_param = (wmi_ndp_transport_ip_param *)tlv_ptr;
446 		WMITLV_SET_HDR(tcp_ip_param,
447 			       WMITLV_TAG_STRUC_wmi_ndp_transport_ip_param,
448 			       WMITLV_GET_STRUCT_TLVLEN(
449 						wmi_ndp_transport_ip_param));
450 		tcp_ip_param->ipv6_addr_present = true;
451 		qdf_mem_copy(tcp_ip_param->ipv6_intf_addr,
452 			     ndp_req->ipv6_addr, WMI_NDP_IPV6_INTF_ADDR_LEN);
453 	}
454 	wmi_debug("IPv6 addr present: %d, addr: %pI6",
455 		 ndp_req->is_ipv6_addr_present, ndp_req->ipv6_addr);
456 
457 	wmi_debug("vdev_id = %d, transaction_id: %d, service_instance_id: %d, ch: %d, ch_cfg: %d, csid: %d peer mac addr: mac_addr31to0: 0x%x, mac_addr47to32: 0x%x",
458 		 cmd->vdev_id, cmd->transaction_id, cmd->service_instance_id,
459 		 ch_tlv->mhz, cmd->ndp_channel_cfg, cmd->nan_csid,
460 		 cmd->peer_discovery_mac_addr.mac_addr31to0,
461 		 cmd->peer_discovery_mac_addr.mac_addr47to32);
462 
463 	wmi_debug("ndp_config len: %d ndp_app_info len: %d pmk len: %d pass phrase len: %d service name len: %d",
464 		 cmd->ndp_cfg_len, cmd->ndp_app_info_len, cmd->nan_pmk_len,
465 		 cmd->nan_passphrase_len, cmd->nan_servicename_len);
466 
467 	wmi_debug("ndp_csid_cap %d, ndp_gtk_required %d", cmd->nan_csid_cap,
468 		  cmd->nan_gtk_required);
469 
470 	wmi_mtrace(WMI_NDP_INITIATOR_REQ_CMDID, cmd->vdev_id, 0);
471 	status = wmi_unified_cmd_send(wmi_handle, buf, len,
472 				      WMI_NDP_INITIATOR_REQ_CMDID);
473 	if (QDF_IS_STATUS_ERROR(status)) {
474 		wmi_err("WMI_NDP_INITIATOR_REQ_CMDID failed, ret: %d", status);
475 		wmi_buf_free(buf);
476 	}
477 
478 	return status;
479 }
480 
nan_ndp_responder_req_tlv(wmi_unified_t wmi_handle,struct nan_datapath_responder_req * req)481 static QDF_STATUS nan_ndp_responder_req_tlv(wmi_unified_t wmi_handle,
482 					struct nan_datapath_responder_req *req)
483 {
484 	uint16_t len;
485 	wmi_buf_t buf;
486 	uint8_t *tlv_ptr;
487 	QDF_STATUS status;
488 	wmi_ndp_responder_req_fixed_param *cmd;
489 	wmi_ndp_transport_ip_param *tcp_ip_param;
490 	uint32_t passphrase_len, service_name_len;
491 	uint32_t vdev_id = 0, ndp_cfg_len, ndp_app_info_len, pmk_len;
492 
493 	vdev_id = wlan_vdev_get_id(req->vdev);
494 	wmi_debug("vdev_id: %d, transaction_id: %d, ndp_rsp %d, ndp_instance_id: %d, ndp_app_info_len: %d",
495 		 vdev_id, req->transaction_id,
496 		 req->ndp_rsp,
497 		 req->ndp_instance_id,
498 		 req->ndp_info.ndp_app_info_len);
499 
500 	/*
501 	 * WMI command expects 4 byte aligned len:
502 	 * round up ndp_cfg_len and ndp_app_info_len to 4 bytes
503 	 */
504 	ndp_cfg_len = qdf_roundup(req->ndp_config.ndp_cfg_len, 4);
505 	ndp_app_info_len = qdf_roundup(req->ndp_info.ndp_app_info_len, 4);
506 	pmk_len = qdf_roundup(req->pmk.pmk_len, 4);
507 	passphrase_len = qdf_roundup(req->passphrase.passphrase_len, 4);
508 	service_name_len =
509 		qdf_roundup(req->service_name.service_name_len, 4);
510 
511 	/* allocated memory for fixed params as well as variable size data */
512 	len = sizeof(*cmd) + 5*WMI_TLV_HDR_SIZE + ndp_cfg_len + ndp_app_info_len
513 		+ pmk_len + passphrase_len + service_name_len;
514 
515 	if (req->is_ipv6_addr_present || req->is_port_present ||
516 	    req->is_protocol_present)
517 		len += sizeof(*tcp_ip_param);
518 
519 	buf = wmi_buf_alloc(wmi_handle, len);
520 	if (!buf) {
521 		return QDF_STATUS_E_NOMEM;
522 	}
523 	cmd = (wmi_ndp_responder_req_fixed_param *) wmi_buf_data(buf);
524 	WMITLV_SET_HDR(&cmd->tlv_header,
525 		       WMITLV_TAG_STRUC_wmi_ndp_responder_req_fixed_param,
526 		       WMITLV_GET_STRUCT_TLVLEN(
527 				wmi_ndp_responder_req_fixed_param));
528 	cmd->vdev_id = vdev_id;
529 	cmd->transaction_id = req->transaction_id;
530 	cmd->ndp_instance_id = req->ndp_instance_id;
531 	cmd->rsp_code = req->ndp_rsp;
532 	cmd->ndp_cfg_len = req->ndp_config.ndp_cfg_len;
533 	cmd->ndp_app_info_len = req->ndp_info.ndp_app_info_len;
534 	cmd->nan_pmk_len = req->pmk.pmk_len;
535 	cmd->nan_csid = req->ncs_sk_type;
536 	cmd->nan_passphrase_len = req->passphrase.passphrase_len;
537 	cmd->nan_servicename_len = req->service_name.service_name_len;
538 	cmd->nan_csid_cap = req->ndp_add_params.csid_cap;
539 	cmd->nan_gtk_required = req->ndp_add_params.gtk;
540 
541 	tlv_ptr = (uint8_t *)&cmd[1];
542 	WMITLV_SET_HDR(tlv_ptr, WMITLV_TAG_ARRAY_BYTE, ndp_cfg_len);
543 	qdf_mem_copy(&tlv_ptr[WMI_TLV_HDR_SIZE],
544 		     req->ndp_config.ndp_cfg, cmd->ndp_cfg_len);
545 
546 	tlv_ptr = tlv_ptr + WMI_TLV_HDR_SIZE + ndp_cfg_len;
547 	WMITLV_SET_HDR(tlv_ptr, WMITLV_TAG_ARRAY_BYTE, ndp_app_info_len);
548 	qdf_mem_copy(&tlv_ptr[WMI_TLV_HDR_SIZE],
549 		     req->ndp_info.ndp_app_info,
550 		     req->ndp_info.ndp_app_info_len);
551 
552 	tlv_ptr = tlv_ptr + WMI_TLV_HDR_SIZE + ndp_app_info_len;
553 	WMITLV_SET_HDR(tlv_ptr, WMITLV_TAG_ARRAY_BYTE, pmk_len);
554 	qdf_mem_copy(&tlv_ptr[WMI_TLV_HDR_SIZE], req->pmk.pmk,
555 		     cmd->nan_pmk_len);
556 
557 	tlv_ptr = tlv_ptr + WMI_TLV_HDR_SIZE + pmk_len;
558 	WMITLV_SET_HDR(tlv_ptr, WMITLV_TAG_ARRAY_BYTE, passphrase_len);
559 	qdf_mem_copy(&tlv_ptr[WMI_TLV_HDR_SIZE],
560 		     req->passphrase.passphrase,
561 		     cmd->nan_passphrase_len);
562 	tlv_ptr = tlv_ptr + WMI_TLV_HDR_SIZE + passphrase_len;
563 
564 	WMITLV_SET_HDR(tlv_ptr, WMITLV_TAG_ARRAY_BYTE, service_name_len);
565 	qdf_mem_copy(&tlv_ptr[WMI_TLV_HDR_SIZE],
566 		     req->service_name.service_name,
567 		     cmd->nan_servicename_len);
568 
569 	tlv_ptr = tlv_ptr + WMI_TLV_HDR_SIZE + service_name_len;
570 
571 	if (req->is_ipv6_addr_present || req->is_port_present ||
572 	    req->is_protocol_present) {
573 		tcp_ip_param = (wmi_ndp_transport_ip_param *)tlv_ptr;
574 		WMITLV_SET_HDR(tcp_ip_param,
575 			       WMITLV_TAG_STRUC_wmi_ndp_transport_ip_param,
576 			       WMITLV_GET_STRUCT_TLVLEN(
577 						wmi_ndp_transport_ip_param));
578 		tcp_ip_param->ipv6_addr_present = req->is_ipv6_addr_present;
579 		qdf_mem_copy(tcp_ip_param->ipv6_intf_addr,
580 			     req->ipv6_addr, WMI_NDP_IPV6_INTF_ADDR_LEN);
581 
582 		tcp_ip_param->trans_port_present = req->is_port_present;
583 		tcp_ip_param->transport_port = req->port;
584 
585 		tcp_ip_param->trans_proto_present = req->is_protocol_present;
586 		tcp_ip_param->transport_protocol = req->protocol;
587 	}
588 
589 	wmi_debug("ndp_config len: %d ndp_app_info len: %d pmk len: %d pass phrase len: %d service name len: %d",
590 		 req->ndp_config.ndp_cfg_len, req->ndp_info.ndp_app_info_len,
591 		 cmd->nan_pmk_len, cmd->nan_passphrase_len,
592 		 cmd->nan_servicename_len);
593 
594 	wmi_debug("ndp_csid_cap %d, ndp_gtk_required %d", cmd->nan_csid_cap,
595 		  cmd->nan_gtk_required);
596 
597 	wmi_mtrace(WMI_NDP_RESPONDER_REQ_CMDID, cmd->vdev_id, 0);
598 	status = wmi_unified_cmd_send(wmi_handle, buf, len,
599 				      WMI_NDP_RESPONDER_REQ_CMDID);
600 	if (QDF_IS_STATUS_ERROR(status)) {
601 		wmi_err("WMI_NDP_RESPONDER_REQ_CMDID failed, ret: %d", status);
602 		wmi_buf_free(buf);
603 	}
604 	return status;
605 }
606 
nan_ndp_end_req_tlv(wmi_unified_t wmi_handle,struct nan_datapath_end_req * req)607 static QDF_STATUS nan_ndp_end_req_tlv(wmi_unified_t wmi_handle,
608 				      struct nan_datapath_end_req *req)
609 {
610 	uint16_t len;
611 	wmi_buf_t buf;
612 	QDF_STATUS status;
613 	uint32_t ndp_end_req_len, i;
614 	wmi_ndp_end_req *ndp_end_req_lst;
615 	wmi_ndp_end_req_fixed_param *cmd;
616 
617 	/* len of tlv following fixed param  */
618 	ndp_end_req_len = sizeof(wmi_ndp_end_req) * req->num_ndp_instances;
619 	/* above comes out to 4 byte aligned already, no need of padding */
620 	len = sizeof(*cmd) + ndp_end_req_len + WMI_TLV_HDR_SIZE;
621 	buf = wmi_buf_alloc(wmi_handle, len);
622 	if (!buf) {
623 		return QDF_STATUS_E_NOMEM;
624 	}
625 
626 	cmd = (wmi_ndp_end_req_fixed_param *) wmi_buf_data(buf);
627 	WMITLV_SET_HDR(&cmd->tlv_header,
628 		       WMITLV_TAG_STRUC_wmi_ndp_end_req_fixed_param,
629 		       WMITLV_GET_STRUCT_TLVLEN(wmi_ndp_end_req_fixed_param));
630 
631 	cmd->transaction_id = req->transaction_id;
632 
633 	/* set tlv pointer to end of fixed param */
634 	WMITLV_SET_HDR((uint8_t *)&cmd[1], WMITLV_TAG_ARRAY_STRUC,
635 			ndp_end_req_len);
636 
637 	ndp_end_req_lst = (wmi_ndp_end_req *)((uint8_t *)&cmd[1] +
638 						WMI_TLV_HDR_SIZE);
639 	for (i = 0; i < req->num_ndp_instances; i++) {
640 		WMITLV_SET_HDR(&ndp_end_req_lst[i],
641 			       WMITLV_TAG_ARRAY_FIXED_STRUC,
642 			       (sizeof(*ndp_end_req_lst) - WMI_TLV_HDR_SIZE));
643 
644 		ndp_end_req_lst[i].ndp_instance_id = req->ndp_ids[i];
645 
646 		/*
647 		 * vdev_id is added in NDP END TLV to facilitate fw to give it
648 		 * back in the NDP END indication.
649 		 */
650 		if (req->vdev) {
651 			ndp_end_req_lst[i].vdev_id =
652 						wlan_vdev_get_id(req->vdev);
653 			ndp_end_req_lst[i].vdev_id_valid = 1;
654 		}
655 	}
656 
657 	wmi_mtrace(WMI_NDP_END_REQ_CMDID, NO_SESSION, 0);
658 	status = wmi_unified_cmd_send(wmi_handle, buf, len,
659 				      WMI_NDP_END_REQ_CMDID);
660 	if (QDF_IS_STATUS_ERROR(status)) {
661 		wmi_err("WMI_NDP_END_REQ_CMDID failed, ret: %d", status);
662 		wmi_buf_free(buf);
663 	}
664 
665 	return status;
666 }
667 
668 static QDF_STATUS
extract_ndp_host_event_tlv(wmi_unified_t wmi_handle,uint8_t * data,struct nan_datapath_host_event * evt)669 extract_ndp_host_event_tlv(wmi_unified_t wmi_handle, uint8_t *data,
670 			   struct nan_datapath_host_event *evt)
671 {
672 	WMI_NDP_EVENTID_param_tlvs *event;
673 	wmi_ndp_event_param *fixed_params;
674 
675 	event = (WMI_NDP_EVENTID_param_tlvs *)data;
676 	fixed_params = event->fixed_param;
677 
678 	evt->vdev =
679 		wlan_objmgr_get_vdev_by_id_from_psoc(wmi_handle->soc->wmi_psoc,
680 						     fixed_params->vdev_id,
681 						     WLAN_NAN_ID);
682 	if (!evt->vdev) {
683 		wmi_err("vdev is null");
684 		return QDF_STATUS_E_INVAL;
685 	}
686 
687 	evt->ndp_termination_in_progress =
688 		       fixed_params->ndp_termination_in_progress ? true : false;
689 
690 	return QDF_STATUS_SUCCESS;
691 }
692 
extract_ndp_initiator_rsp_tlv(wmi_unified_t wmi_handle,uint8_t * data,struct nan_datapath_initiator_rsp * rsp)693 static QDF_STATUS extract_ndp_initiator_rsp_tlv(wmi_unified_t wmi_handle,
694 			uint8_t *data, struct nan_datapath_initiator_rsp *rsp)
695 {
696 	WMI_NDP_INITIATOR_RSP_EVENTID_param_tlvs *event;
697 	wmi_ndp_initiator_rsp_event_fixed_param  *fixed_params;
698 
699 	event = (WMI_NDP_INITIATOR_RSP_EVENTID_param_tlvs *)data;
700 	fixed_params = event->fixed_param;
701 
702 	rsp->vdev =
703 		wlan_objmgr_get_vdev_by_id_from_psoc(wmi_handle->soc->wmi_psoc,
704 						     fixed_params->vdev_id,
705 						     WLAN_NAN_ID);
706 	if (!rsp->vdev) {
707 		wmi_err("vdev is null");
708 		return QDF_STATUS_E_INVAL;
709 	}
710 
711 	rsp->transaction_id = fixed_params->transaction_id;
712 	rsp->ndp_instance_id = fixed_params->ndp_instance_id;
713 	rsp->status = fixed_params->rsp_status;
714 	rsp->reason = fixed_params->reason_code;
715 
716 	return QDF_STATUS_SUCCESS;
717 }
718 
719 #define MAX_NAN_MSG_LEN                 400
720 
extract_nan_msg_tlv(uint8_t * data,struct nan_dump_msg * msg)721 static QDF_STATUS extract_nan_msg_tlv(uint8_t *data,
722 				      struct nan_dump_msg *msg)
723 {
724 	WMI_NAN_DMESG_EVENTID_param_tlvs *event;
725 	wmi_nan_dmesg_event_fixed_param *fixed_params;
726 
727 	event = (WMI_NAN_DMESG_EVENTID_param_tlvs *)data;
728 	fixed_params = (wmi_nan_dmesg_event_fixed_param *)event->fixed_param;
729 	if (!fixed_params->msg_len ||
730 	    fixed_params->msg_len > MAX_NAN_MSG_LEN ||
731 	    fixed_params->msg_len > event->num_msg)
732 		return QDF_STATUS_E_FAILURE;
733 
734 	msg->data_len = fixed_params->msg_len;
735 	msg->msg = event->msg;
736 
737 	msg->msg[fixed_params->msg_len - 1] = (uint8_t)'\0';
738 
739 	return QDF_STATUS_SUCCESS;
740 }
741 
extract_ndp_ind_tlv(wmi_unified_t wmi_handle,uint8_t * data,struct nan_datapath_indication_event * rsp)742 static QDF_STATUS extract_ndp_ind_tlv(wmi_unified_t wmi_handle,
743 		uint8_t *data, struct nan_datapath_indication_event *rsp)
744 {
745 	WMI_NDP_INDICATION_EVENTID_param_tlvs *event;
746 	wmi_ndp_indication_event_fixed_param *fixed_params;
747 	size_t total_array_len;
748 
749 	event = (WMI_NDP_INDICATION_EVENTID_param_tlvs *)data;
750 	fixed_params =
751 		(wmi_ndp_indication_event_fixed_param *)event->fixed_param;
752 
753 	if (fixed_params->ndp_cfg_len > event->num_ndp_cfg) {
754 		wmi_err("FW message ndp cfg length %d larger than TLV hdr %d",
755 			 fixed_params->ndp_cfg_len, event->num_ndp_cfg);
756 		return QDF_STATUS_E_INVAL;
757 	}
758 
759 	if (fixed_params->ndp_app_info_len > event->num_ndp_app_info) {
760 		wmi_err("FW message ndp app info length %d more than TLV hdr %d",
761 			 fixed_params->ndp_app_info_len,
762 			 event->num_ndp_app_info);
763 		return QDF_STATUS_E_INVAL;
764 	}
765 
766 	if (fixed_params->nan_scid_len > event->num_ndp_scid) {
767 		wmi_err("FW msg ndp scid info len %d more than TLV hdr %d",
768 			 fixed_params->nan_scid_len,
769 			 event->num_ndp_scid);
770 		return QDF_STATUS_E_INVAL;
771 	}
772 
773 	if (fixed_params->service_id_len > event->num_service_id) {
774 		wmi_err("FW msg service id len %d more than TLV hdr %d",
775 			fixed_params->service_id_len,
776 			event->num_service_id);
777 		return QDF_STATUS_E_INVAL;
778 	}
779 
780 	if (fixed_params->ndp_cfg_len >
781 		(WMI_SVC_MSG_MAX_SIZE - sizeof(*fixed_params))) {
782 		wmi_err("excess wmi buffer: ndp_cfg_len %d",
783 			fixed_params->ndp_cfg_len);
784 		return QDF_STATUS_E_INVAL;
785 	}
786 
787 	total_array_len = fixed_params->ndp_cfg_len +
788 					sizeof(*fixed_params);
789 
790 	if (fixed_params->ndp_app_info_len >
791 		(WMI_SVC_MSG_MAX_SIZE - total_array_len)) {
792 		wmi_err("excess wmi buffer: ndp_cfg_len %d",
793 			fixed_params->ndp_app_info_len);
794 		return QDF_STATUS_E_INVAL;
795 	}
796 	total_array_len += fixed_params->ndp_app_info_len;
797 
798 	if (fixed_params->nan_scid_len >
799 		(WMI_SVC_MSG_MAX_SIZE - total_array_len)) {
800 		wmi_err("excess wmi buffer: ndp_cfg_len %d",
801 			fixed_params->nan_scid_len);
802 		return QDF_STATUS_E_INVAL;
803 	}
804 
805 	total_array_len += fixed_params->nan_scid_len;
806 
807 	if (fixed_params->service_id_len >
808 	    (WMI_SVC_MSG_MAX_SIZE - total_array_len)) {
809 		wmi_err("excess wmi buffer: service_cfg_len %d",
810 			fixed_params->service_id_len);
811 		return QDF_STATUS_E_INVAL;
812 	}
813 
814 	rsp->vdev =
815 		wlan_objmgr_get_vdev_by_id_from_psoc(wmi_handle->soc->wmi_psoc,
816 						     fixed_params->vdev_id,
817 						     WLAN_NAN_ID);
818 	if (!rsp->vdev) {
819 		wmi_err("vdev is null");
820 		return QDF_STATUS_E_INVAL;
821 	}
822 	rsp->service_instance_id = fixed_params->service_instance_id;
823 	rsp->ndp_instance_id = fixed_params->ndp_instance_id;
824 	rsp->role = fixed_params->self_ndp_role;
825 	rsp->policy = fixed_params->accept_policy;
826 	rsp->ndp_add_params.csid_cap = fixed_params->nan_csid_cap;
827 	rsp->ndp_add_params.gtk = fixed_params->nan_gtk_required;
828 
829 	WMI_MAC_ADDR_TO_CHAR_ARRAY(&fixed_params->peer_ndi_mac_addr,
830 				rsp->peer_mac_addr.bytes);
831 	WMI_MAC_ADDR_TO_CHAR_ARRAY(&fixed_params->peer_discovery_mac_addr,
832 				rsp->peer_discovery_mac_addr.bytes);
833 
834 	wmi_debug("WMI_NDP_INDICATION_EVENTID(0x%X) received. vdev %d service_instance %d, ndp_instance %d, role %d, policy %d csid: %d, scid_len: %d, peer_addr: "QDF_MAC_ADDR_FMT", peer_disc_addr: "QDF_MAC_ADDR_FMT" ndp_cfg - %d bytes ndp_app_info - %d bytes ndp_csid_caps %d, ndp_gtk_required %d",
835 		 WMI_NDP_INDICATION_EVENTID, fixed_params->vdev_id,
836 		 fixed_params->service_instance_id,
837 		 fixed_params->ndp_instance_id, fixed_params->self_ndp_role,
838 		 fixed_params->accept_policy, fixed_params->nan_csid,
839 		 fixed_params->nan_scid_len,
840 		 QDF_MAC_ADDR_REF(rsp->peer_mac_addr.bytes),
841 		 QDF_MAC_ADDR_REF(rsp->peer_discovery_mac_addr.bytes),
842 		 fixed_params->ndp_cfg_len,
843 		 fixed_params->ndp_app_info_len, rsp->ndp_add_params.csid_cap,
844 		 rsp->ndp_add_params.gtk);
845 
846 	rsp->ncs_sk_type = fixed_params->nan_csid;
847 	if (event->ndp_cfg) {
848 		rsp->ndp_config.ndp_cfg_len = fixed_params->ndp_cfg_len;
849 		if (rsp->ndp_config.ndp_cfg_len > NDP_QOS_INFO_LEN)
850 			rsp->ndp_config.ndp_cfg_len = NDP_QOS_INFO_LEN;
851 		qdf_mem_copy(rsp->ndp_config.ndp_cfg, event->ndp_cfg,
852 			     rsp->ndp_config.ndp_cfg_len);
853 	}
854 
855 	if (event->ndp_app_info) {
856 		rsp->ndp_info.ndp_app_info_len = fixed_params->ndp_app_info_len;
857 		if (rsp->ndp_info.ndp_app_info_len > NDP_APP_INFO_LEN)
858 			rsp->ndp_info.ndp_app_info_len = NDP_APP_INFO_LEN;
859 		qdf_mem_copy(rsp->ndp_info.ndp_app_info, event->ndp_app_info,
860 			     rsp->ndp_info.ndp_app_info_len);
861 	}
862 
863 	if (event->ndp_scid) {
864 		rsp->scid.scid_len = fixed_params->nan_scid_len;
865 		if (rsp->scid.scid_len > NDP_SCID_BUF_LEN)
866 			rsp->scid.scid_len = NDP_SCID_BUF_LEN;
867 		qdf_mem_copy(rsp->scid.scid, event->ndp_scid,
868 			     rsp->scid.scid_len);
869 	}
870 
871 	if (event->ndp_transport_ip_param &&
872 	    event->num_ndp_transport_ip_param) {
873 		if (event->ndp_transport_ip_param->ipv6_addr_present) {
874 			rsp->is_ipv6_addr_present = true;
875 			qdf_mem_copy(rsp->ipv6_addr,
876 				event->ndp_transport_ip_param->ipv6_intf_addr,
877 				WMI_NDP_IPV6_INTF_ADDR_LEN);
878 		}
879 	}
880 	wmi_debug("IPv6 addr present: %d, addr: %pI6",
881 		 rsp->is_ipv6_addr_present, rsp->ipv6_addr);
882 
883 	rsp->is_service_id_present = false;
884 	if (fixed_params->service_id_len && event->service_id) {
885 		if (fixed_params->service_id_len < NDP_SERVICE_ID_LEN) {
886 			wmi_err("Invalid service id length %d",
887 				event->num_service_id);
888 			return QDF_STATUS_E_INVAL;
889 		}
890 		rsp->is_service_id_present = true;
891 		qdf_mem_copy(rsp->service_id, event->service_id,
892 			     NDP_SERVICE_ID_LEN);
893 	}
894 
895 	return QDF_STATUS_SUCCESS;
896 }
897 
extract_ndp_confirm_tlv(wmi_unified_t wmi_handle,uint8_t * data,struct nan_datapath_confirm_event * rsp)898 static QDF_STATUS extract_ndp_confirm_tlv(wmi_unified_t wmi_handle,
899 			uint8_t *data, struct nan_datapath_confirm_event *rsp)
900 {
901 	uint8_t i;
902 	WMI_HOST_WLAN_PHY_MODE ch_mode;
903 	WMI_NDP_CONFIRM_EVENTID_param_tlvs *event;
904 	wmi_ndp_confirm_event_fixed_param *fixed_params;
905 	size_t total_array_len;
906 	bool ndi_dbs = wmi_service_enabled(wmi_handle,
907 					   wmi_service_ndi_dbs_support);
908 
909 	event = (WMI_NDP_CONFIRM_EVENTID_param_tlvs *) data;
910 	fixed_params = (wmi_ndp_confirm_event_fixed_param *)event->fixed_param;
911 	wmi_debug("WMI_NDP_CONFIRM_EVENTID(0x%X) received. vdev %d, ndp_instance %d, rsp_code %d, reason_code: %d, num_active_ndps_on_peer: %d num_ch: %d",
912 		 WMI_NDP_CONFIRM_EVENTID, fixed_params->vdev_id,
913 		 fixed_params->ndp_instance_id, fixed_params->rsp_code,
914 		 fixed_params->reason_code,
915 		 fixed_params->num_active_ndps_on_peer,
916 		 fixed_params->num_ndp_channels);
917 
918 	if (fixed_params->ndp_cfg_len > event->num_ndp_cfg) {
919 		wmi_err("FW message ndp cfg length %d larger than TLV hdr %d",
920 			 fixed_params->ndp_cfg_len, event->num_ndp_cfg);
921 		return QDF_STATUS_E_INVAL;
922 	}
923 
924 	if (fixed_params->ndp_app_info_len > event->num_ndp_app_info) {
925 		wmi_err("FW message ndp app info length %d more than TLV hdr %d",
926 			 fixed_params->ndp_app_info_len,
927 			 event->num_ndp_app_info);
928 		return QDF_STATUS_E_INVAL;
929 	}
930 
931 	wmi_debug("ndp_cfg - %d bytes, ndp_app_info - %d bytes",
932 		 fixed_params->ndp_cfg_len, fixed_params->ndp_app_info_len);
933 
934 	if (fixed_params->ndp_cfg_len >
935 			(WMI_SVC_MSG_MAX_SIZE - sizeof(*fixed_params))) {
936 		wmi_err("excess wmi buffer: ndp_cfg_len %d",
937 			fixed_params->ndp_cfg_len);
938 		return QDF_STATUS_E_INVAL;
939 	}
940 
941 	total_array_len = fixed_params->ndp_cfg_len +
942 				sizeof(*fixed_params);
943 
944 	if (fixed_params->ndp_app_info_len >
945 		(WMI_SVC_MSG_MAX_SIZE - total_array_len)) {
946 		wmi_err("excess wmi buffer: ndp_cfg_len %d",
947 			fixed_params->ndp_app_info_len);
948 		return QDF_STATUS_E_INVAL;
949 	}
950 
951 	if (fixed_params->num_ndp_channels > event->num_ndp_channel_list ||
952 	    fixed_params->num_ndp_channels > event->num_nss_list) {
953 		wmi_err("NDP Ch count %d greater than NDP Ch TLV len(%d) or NSS TLV len(%d)",
954 			 fixed_params->num_ndp_channels,
955 			 event->num_ndp_channel_list,
956 			 event->num_nss_list);
957 		return QDF_STATUS_E_INVAL;
958 	}
959 
960 	if (ndi_dbs &&
961 	    fixed_params->num_ndp_channels > event->num_ndp_channel_info) {
962 		wmi_err("NDP Ch count %d greater than NDP Ch info(%d)",
963 			 fixed_params->num_ndp_channels,
964 			 event->num_ndp_channel_info);
965 		return QDF_STATUS_E_INVAL;
966 	}
967 
968 	rsp->vdev =
969 		wlan_objmgr_get_vdev_by_id_from_psoc(wmi_handle->soc->wmi_psoc,
970 						     fixed_params->vdev_id,
971 						     WLAN_NAN_ID);
972 	if (!rsp->vdev) {
973 		wmi_err("vdev is null");
974 		return QDF_STATUS_E_INVAL;
975 	}
976 	rsp->ndp_instance_id = fixed_params->ndp_instance_id;
977 	rsp->rsp_code = fixed_params->rsp_code;
978 	rsp->reason_code = fixed_params->reason_code;
979 	rsp->num_active_ndps_on_peer = fixed_params->num_active_ndps_on_peer;
980 	rsp->num_channels = fixed_params->num_ndp_channels;
981 	WMI_MAC_ADDR_TO_CHAR_ARRAY(&fixed_params->peer_ndi_mac_addr,
982 				   rsp->peer_ndi_mac_addr.bytes);
983 	rsp->ndp_info.ndp_app_info_len = fixed_params->ndp_app_info_len;
984 
985 	if (rsp->ndp_info.ndp_app_info_len > NDP_APP_INFO_LEN)
986 		rsp->ndp_info.ndp_app_info_len = NDP_APP_INFO_LEN;
987 
988 	qdf_mem_copy(rsp->ndp_info.ndp_app_info, event->ndp_app_info,
989 		     rsp->ndp_info.ndp_app_info_len);
990 
991 	if (rsp->num_channels > NAN_CH_INFO_MAX_CHANNELS) {
992 		wmi_err("too many channels");
993 		rsp->num_channels = NAN_CH_INFO_MAX_CHANNELS;
994 	}
995 
996 	for (i = 0; i < rsp->num_channels; i++) {
997 		rsp->ch[i].freq = event->ndp_channel_list[i].mhz;
998 		rsp->ch[i].nss = event->nss_list[i];
999 		ch_mode = WMI_GET_CHANNEL_MODE(&event->ndp_channel_list[i]);
1000 		rsp->ch[i].ch_width = wmi_get_ch_width_from_phy_mode(wmi_handle,
1001 								     ch_mode);
1002 		if (ndi_dbs) {
1003 			rsp->ch[i].mac_id = event->ndp_channel_info[i].mac_id;
1004 			wmi_debug("Freq: %d, ch_mode: %d, nss: %d mac_id: %d",
1005 				 rsp->ch[i].freq, rsp->ch[i].ch_width,
1006 				 rsp->ch[i].nss, rsp->ch[i].mac_id);
1007 		} else {
1008 			wmi_debug("Freq: %d, ch_mode: %d, nss: %d",
1009 				 rsp->ch[i].freq, rsp->ch[i].ch_width,
1010 				 rsp->ch[i].nss);
1011 		}
1012 	}
1013 
1014 	if (event->ndp_transport_ip_param &&
1015 	    event->num_ndp_transport_ip_param) {
1016 		if (event->ndp_transport_ip_param->ipv6_addr_present) {
1017 			rsp->is_ipv6_addr_present = true;
1018 			qdf_mem_copy(rsp->ipv6_addr,
1019 				event->ndp_transport_ip_param->ipv6_intf_addr,
1020 				WMI_NDP_IPV6_INTF_ADDR_LEN);
1021 		}
1022 
1023 		if (event->ndp_transport_ip_param->trans_port_present) {
1024 			rsp->is_port_present = true;
1025 			rsp->port =
1026 			    event->ndp_transport_ip_param->transport_port;
1027 		}
1028 
1029 		if (event->ndp_transport_ip_param->trans_proto_present) {
1030 			rsp->is_protocol_present = true;
1031 			rsp->protocol =
1032 			    event->ndp_transport_ip_param->transport_protocol;
1033 		}
1034 	}
1035 	wmi_debug("IPv6 addr present: %d, addr: %pI6 port: %d present: %d protocol: %d present: %d",
1036 		 rsp->is_ipv6_addr_present, rsp->ipv6_addr, rsp->port,
1037 		 rsp->is_port_present, rsp->protocol, rsp->is_protocol_present);
1038 
1039 	return QDF_STATUS_SUCCESS;
1040 }
1041 
extract_ndp_responder_rsp_tlv(wmi_unified_t wmi_handle,uint8_t * data,struct nan_datapath_responder_rsp * rsp)1042 static QDF_STATUS extract_ndp_responder_rsp_tlv(wmi_unified_t wmi_handle,
1043 			uint8_t *data, struct nan_datapath_responder_rsp *rsp)
1044 {
1045 	WMI_NDP_RESPONDER_RSP_EVENTID_param_tlvs *event;
1046 	wmi_ndp_responder_rsp_event_fixed_param  *fixed_params;
1047 
1048 	event = (WMI_NDP_RESPONDER_RSP_EVENTID_param_tlvs *)data;
1049 	fixed_params = event->fixed_param;
1050 
1051 	rsp->vdev =
1052 		wlan_objmgr_get_vdev_by_id_from_psoc(wmi_handle->soc->wmi_psoc,
1053 						     fixed_params->vdev_id,
1054 						     WLAN_NAN_ID);
1055 	if (!rsp->vdev) {
1056 		wmi_err("vdev is null");
1057 		return QDF_STATUS_E_INVAL;
1058 	}
1059 	rsp->transaction_id = fixed_params->transaction_id;
1060 	rsp->reason = fixed_params->reason_code;
1061 	rsp->status = fixed_params->rsp_status;
1062 	rsp->create_peer = fixed_params->create_peer;
1063 	WMI_MAC_ADDR_TO_CHAR_ARRAY(&fixed_params->peer_ndi_mac_addr,
1064 				   rsp->peer_mac_addr.bytes);
1065 	wmi_debug("WMI_NDP_RESPONDER_RSP_EVENTID(0x%X) received. vdev_id: %d, peer_mac_addr: "QDF_MAC_ADDR_FMT",transaction_id: %d, status_code %d, reason_code: %d, create_peer: %d",
1066 		 WMI_NDP_RESPONDER_RSP_EVENTID, fixed_params->vdev_id,
1067 		 QDF_MAC_ADDR_REF(rsp->peer_mac_addr.bytes),
1068 		 rsp->transaction_id,
1069 		 rsp->status, rsp->reason, rsp->create_peer);
1070 
1071 	return QDF_STATUS_SUCCESS;
1072 }
1073 
extract_ndp_end_rsp_tlv(wmi_unified_t wmi_handle,uint8_t * data,struct nan_datapath_end_rsp_event * rsp)1074 static QDF_STATUS extract_ndp_end_rsp_tlv(wmi_unified_t wmi_handle,
1075 			uint8_t *data, struct nan_datapath_end_rsp_event *rsp)
1076 {
1077 	WMI_NDP_END_RSP_EVENTID_param_tlvs *event;
1078 	wmi_ndp_end_rsp_event_fixed_param *fixed_params = NULL;
1079 
1080 	event = (WMI_NDP_END_RSP_EVENTID_param_tlvs *) data;
1081 	fixed_params = (wmi_ndp_end_rsp_event_fixed_param *)event->fixed_param;
1082 	wmi_debug("WMI_NDP_END_RSP_EVENTID(0x%X) received. transaction_id: %d, rsp_status: %d, reason_code: %d",
1083 		 WMI_NDP_END_RSP_EVENTID, fixed_params->transaction_id,
1084 		 fixed_params->rsp_status, fixed_params->reason_code);
1085 
1086 	rsp->vdev = wlan_objmgr_get_vdev_by_opmode_from_psoc(
1087 			wmi_handle->soc->wmi_psoc, QDF_NDI_MODE, WLAN_NAN_ID);
1088 	if (!rsp->vdev) {
1089 		wmi_err("vdev is null");
1090 		return QDF_STATUS_E_INVAL;
1091 	}
1092 	rsp->transaction_id = fixed_params->transaction_id;
1093 	rsp->reason = fixed_params->reason_code;
1094 	rsp->status = fixed_params->rsp_status;
1095 
1096 	return QDF_STATUS_SUCCESS;
1097 }
1098 
extract_ndp_end_ind_tlv(wmi_unified_t wmi_handle,uint8_t * data,struct nan_datapath_end_indication_event ** rsp)1099 static QDF_STATUS extract_ndp_end_ind_tlv(wmi_unified_t wmi_handle,
1100 		uint8_t *data, struct nan_datapath_end_indication_event **rsp)
1101 {
1102 	uint32_t i, buf_size;
1103 	wmi_ndp_end_indication *ind;
1104 	struct qdf_mac_addr peer_addr;
1105 	WMI_NDP_END_INDICATION_EVENTID_param_tlvs *event;
1106 
1107 	event = (WMI_NDP_END_INDICATION_EVENTID_param_tlvs *) data;
1108 	ind = event->ndp_end_indication_list;
1109 
1110 	if (event->num_ndp_end_indication_list == 0) {
1111 		wmi_err("Error: Event ignored, 0 ndp instances");
1112 		return QDF_STATUS_E_INVAL;
1113 	}
1114 
1115 	wmi_debug("number of ndp instances = %d",
1116 		 event->num_ndp_end_indication_list);
1117 
1118 	if (event->num_ndp_end_indication_list > ((UINT_MAX - sizeof(**rsp))/
1119 						sizeof((*rsp)->ndp_map[0]))) {
1120 		wmi_err("num_ndp_end_ind_list %d too large",
1121 			 event->num_ndp_end_indication_list);
1122 		return QDF_STATUS_E_INVAL;
1123 	}
1124 
1125 	buf_size = sizeof(**rsp) + event->num_ndp_end_indication_list *
1126 			sizeof((*rsp)->ndp_map[0]);
1127 	*rsp = qdf_mem_malloc(buf_size);
1128 	if (!(*rsp))
1129 		return QDF_STATUS_E_NOMEM;
1130 
1131 	(*rsp)->num_ndp_ids = event->num_ndp_end_indication_list;
1132 	for (i = 0; i < (*rsp)->num_ndp_ids; i++) {
1133 		WMI_MAC_ADDR_TO_CHAR_ARRAY(&ind[i].peer_ndi_mac_addr,
1134 					   peer_addr.bytes);
1135 		wmi_debug("ind[%d]: type %d, reason_code %d, instance_id %d num_active %d ",
1136 			 i, ind[i].type, ind[i].reason_code,
1137 			 ind[i].ndp_instance_id,
1138 			 ind[i].num_active_ndps_on_peer);
1139 		/* Add each instance entry to the list */
1140 		(*rsp)->ndp_map[i].ndp_instance_id = ind[i].ndp_instance_id;
1141 		(*rsp)->ndp_map[i].vdev_id = ind[i].vdev_id;
1142 		WMI_MAC_ADDR_TO_CHAR_ARRAY(&ind[i].peer_ndi_mac_addr,
1143 			(*rsp)->ndp_map[i].peer_ndi_mac_addr.bytes);
1144 		(*rsp)->ndp_map[i].num_active_ndp_sessions =
1145 			ind[i].num_active_ndps_on_peer;
1146 		(*rsp)->ndp_map[i].type = ind[i].type;
1147 		(*rsp)->ndp_map[i].reason_code = ind[i].reason_code;
1148 	}
1149 
1150 	return QDF_STATUS_SUCCESS;
1151 }
1152 
extract_ndp_sch_update_tlv(wmi_unified_t wmi_handle,uint8_t * data,struct nan_datapath_sch_update_event * ind)1153 static QDF_STATUS extract_ndp_sch_update_tlv(wmi_unified_t wmi_handle,
1154 		uint8_t *data, struct nan_datapath_sch_update_event *ind)
1155 {
1156 	uint8_t i;
1157 	WMI_HOST_WLAN_PHY_MODE ch_mode;
1158 	WMI_NDL_SCHEDULE_UPDATE_EVENTID_param_tlvs *event;
1159 	wmi_ndl_schedule_update_fixed_param *fixed_params;
1160 	bool ndi_dbs = wmi_service_enabled(wmi_handle,
1161 					   wmi_service_ndi_dbs_support);
1162 
1163 	event = (WMI_NDL_SCHEDULE_UPDATE_EVENTID_param_tlvs *)data;
1164 	fixed_params = event->fixed_param;
1165 
1166 	wmi_debug("flags: %d, num_ch: %d, num_ndp_instances: %d",
1167 		 fixed_params->flags, fixed_params->num_channels,
1168 		 fixed_params->num_ndp_instances);
1169 
1170 	if (fixed_params->num_channels > event->num_ndl_channel_list ||
1171 	    fixed_params->num_channels > event->num_nss_list) {
1172 		wmi_err("Channel count %d greater than NDP Ch list TLV len(%d) or NSS list TLV len(%d)",
1173 			 fixed_params->num_channels,
1174 			 event->num_ndl_channel_list,
1175 			 event->num_nss_list);
1176 		return QDF_STATUS_E_INVAL;
1177 	}
1178 
1179 	if (ndi_dbs &&
1180 	    fixed_params->num_channels > event->num_ndp_channel_info) {
1181 		wmi_err("Channel count %d greater than NDP Ch info(%d)",
1182 			 fixed_params->num_channels,
1183 			 event->num_ndp_channel_info);
1184 		return QDF_STATUS_E_INVAL;
1185 	}
1186 
1187 	if (fixed_params->num_ndp_instances > event->num_ndp_instance_list) {
1188 		wmi_err("NDP Instance count %d greater than NDP Instancei TLV len %d",
1189 			 fixed_params->num_ndp_instances,
1190 			 event->num_ndp_instance_list);
1191 		return QDF_STATUS_E_INVAL;
1192 	}
1193 
1194 	ind->vdev =
1195 		wlan_objmgr_get_vdev_by_id_from_psoc(wmi_handle->soc->wmi_psoc,
1196 						     fixed_params->vdev_id,
1197 						     WLAN_NAN_ID);
1198 	if (!ind->vdev) {
1199 		wmi_err("vdev is null");
1200 		return QDF_STATUS_E_INVAL;
1201 	}
1202 
1203 	ind->flags = fixed_params->flags;
1204 	ind->num_channels = fixed_params->num_channels;
1205 	ind->num_ndp_instances = fixed_params->num_ndp_instances;
1206 	WMI_MAC_ADDR_TO_CHAR_ARRAY(&fixed_params->peer_macaddr,
1207 				   ind->peer_addr.bytes);
1208 
1209 	if (ind->num_ndp_instances > NDP_NUM_INSTANCE_ID) {
1210 		wmi_err("uint32 overflow");
1211 		wlan_objmgr_vdev_release_ref(ind->vdev, WLAN_NAN_ID);
1212 		return QDF_STATUS_E_INVAL;
1213 	}
1214 
1215 	qdf_mem_copy(ind->ndp_instances, event->ndp_instance_list,
1216 		     sizeof(uint32_t) * ind->num_ndp_instances);
1217 
1218 	if (ind->num_channels > NAN_CH_INFO_MAX_CHANNELS) {
1219 		wmi_err("too many channels");
1220 		ind->num_channels = NAN_CH_INFO_MAX_CHANNELS;
1221 	}
1222 
1223 	for (i = 0; i < ind->num_channels; i++) {
1224 		ind->ch[i].freq = event->ndl_channel_list[i].mhz;
1225 		ind->ch[i].nss = event->nss_list[i];
1226 		ch_mode = WMI_GET_CHANNEL_MODE(&event->ndl_channel_list[i]);
1227 		ind->ch[i].ch_width = wmi_get_ch_width_from_phy_mode(wmi_handle,
1228 								     ch_mode);
1229 		if (ndi_dbs) {
1230 			ind->ch[i].mac_id = event->ndp_channel_info[i].mac_id;
1231 			wmi_debug("Freq: %d, ch_mode: %d, nss: %d mac_id: %d",
1232 				 ind->ch[i].freq, ind->ch[i].ch_width,
1233 				 ind->ch[i].nss, ind->ch[i].mac_id);
1234 		} else {
1235 			wmi_debug("Freq: %d, ch_mode: %d, nss: %d",
1236 				 ind->ch[i].freq, ind->ch[i].ch_width,
1237 				 ind->ch[i].nss);
1238 		}
1239 	}
1240 
1241 	for (i = 0; i < fixed_params->num_ndp_instances; i++)
1242 		wmi_debug("instance_id[%d]: %d",
1243 			 i, event->ndp_instance_list[i]);
1244 
1245 	return QDF_STATUS_SUCCESS;
1246 }
1247 
wmi_nan_attach_tlv(wmi_unified_t wmi_handle)1248 void wmi_nan_attach_tlv(wmi_unified_t wmi_handle)
1249 {
1250 	struct wmi_ops *ops = wmi_handle->ops;
1251 
1252 	ops->send_nan_req_cmd = send_nan_req_cmd_tlv;
1253 	ops->send_nan_disable_req_cmd = send_nan_disable_req_cmd_tlv;
1254 	ops->extract_nan_event_rsp = extract_nan_event_rsp_tlv;
1255 	ops->send_terminate_all_ndps_req_cmd = send_terminate_all_ndps_cmd_tlv;
1256 	ops->send_ndp_initiator_req_cmd = nan_ndp_initiator_req_tlv;
1257 	ops->send_ndp_responder_req_cmd = nan_ndp_responder_req_tlv;
1258 	ops->send_ndp_end_req_cmd = nan_ndp_end_req_tlv;
1259 	ops->extract_ndp_initiator_rsp = extract_ndp_initiator_rsp_tlv;
1260 	ops->extract_ndp_ind = extract_ndp_ind_tlv;
1261 	ops->extract_nan_msg = extract_nan_msg_tlv,
1262 	ops->extract_ndp_confirm = extract_ndp_confirm_tlv;
1263 	ops->extract_ndp_responder_rsp = extract_ndp_responder_rsp_tlv;
1264 	ops->extract_ndp_end_rsp = extract_ndp_end_rsp_tlv;
1265 	ops->extract_ndp_end_ind = extract_ndp_end_ind_tlv;
1266 	ops->extract_ndp_sch_update = extract_ndp_sch_update_tlv;
1267 	ops->extract_ndp_host_event = extract_ndp_host_event_tlv;
1268 }
1269