bes2600: enable CONFIG_BES2600_TESTMODE by default + fix bit-rotted testmode plumbing

The driver implements a mac80211 testmode_cmd operation that dispatches
to a set of vendor commands (GET_TX_POWER_LEVEL, GET_TX_POWER_RANGE,
SET_SNAP_FRAME, TSM_STATS, GET_ROAM_DELAY, GET_STREAM, etc) plus the
BES2600 RF-test path (bes2600_vendor_rf_cmd → firmware
patch_wifi_testMode). The testmode handlers and the .testmode_cmd
binding in struct ieee80211_ops are conditionally compiled under
CONFIG_BES2600_TESTMODE, which previously defaulted to n.

Flip the Makefile default from n to y so wifi_testmode_cmd.o is
included in the build and the .testmode_cmd op is populated. On the
PineTab2 target kernel (linux-pinetab2 6.19.10-danctnix1, built with
CONFIG_NL80211_TESTMODE=y) this exposes the BES2600 RF-test surface
through the standard nl80211 testmode interface ('iw phy0 ...').

This also makes visible two classes of bit-rot that had accumulated
while nobody was building with CONFIG_BES2600_TESTMODE=y:

1. sta.c contains ~41 calls to bes2600_info() / bes2600_err() /
   bes2600_warn() / bes2600_dbg() / bes2600_err_with_cond() - a
   legacy log-macro family carrying a BES2600_DBG_* subsystem-id
   first argument. Neither the macros nor any of the BES2600_DBG_*
   constants are defined anywhere in the tree. The same call pattern
   appears under #if defined(BES2600_DETECTION_LOGIC) in hwio.c and
   under CONFIG_BES2600_ITP in itp.c, both normally disabled.

   Add minimal shim macros to bes_log.h that rewire the calls onto
   the existing bes_info() / bes_err() / bes_warn() / bes_devel()
   family (ignoring the subsystem id). Define BES2600_DBG_SBUS,
   BES2600_DBG_DOWNLOAD, BES2600_DBG_ITP and BES2600_DBG_TEST_MODE
   as 0 constants for documentation / grep.

2. bes2600_start_stop_tsm(), bes2600_get_tsm_params(), and
   bes2600_get_roam_delay() are declared in sta.c with external
   linkage but have no prototype in any header. All callers live in
   sta.c (inside bes2600_testmode_cmd). With CONFIG_BES2600_TESTMODE
   off the compiler never sees them; with it on gcc
   -Werror=missing-prototypes breaks the build.

   Mark the three functions static. (Keeping them file-local also
   matches their actual usage.)

Both changes are strictly scoped to make CONFIG_BES2600_TESTMODE=y
buildable; no behavioural change when the flag is off.

Tested-on: PineTab2 (BES2600WM + RK3566) running linux-pinetab2
6.19.10-danctnix1-1 with CONFIG_NL80211_TESTMODE=y. Module builds
cleanly, nl80211 testmode interface reachable via 'iw phy0 ...' from
userspace.

Signed-off-by: Markus Fritsche <fritsche.markus@gmail.com>

bes2600/Makefile

@@ -2,7 +2,7 @@ KERN_DIR = /lib/modules/$(KERNELRELEASE)/build
 # feature option
 BES2600                                 ?= m
 
-CONFIG_BES2600_TESTMODE                 ?= n
+CONFIG_BES2600_TESTMODE                 ?= y
 
 CONFIG_BES2600_ENABLE_DEVEL_LOGS        ?= n
 

bes2600/bes2600.h

@@ -596,11 +596,6 @@ struct bes2600_vif {
         unsigned long           rx_timestamp;
         u32                     cipherType;
 
-	/* Decrypt-storm fast-recover (Trigger B). See txrx.c. */
-	unsigned long			decrypt_storm_window_start;
-	unsigned int			decrypt_storm_count;
-	unsigned int			decrypt_storm_recoveries;
-	struct work_struct		decrypt_storm_recover_work;
 
 	/* AP powersave */
 	u32			link_id_map;
@@ -861,8 +856,4 @@ int bes2600_btusb_setup_pipes(struct sbus_priv *sbus_priv);
 void bes2600_btusb_uninit(struct usb_interface *interface);
 #endif
 
-/* Decrypt-storm fast-recover helpers — see txrx.c. */
-void bes2600_decrypt_storm_init(struct bes2600_vif *priv);
-void bes2600_decrypt_storm_account(struct bes2600_vif *priv);
-
 #endif /* BES2600_H */

bes2600/bes_log.h

@@ -8,3 +8,26 @@ extern struct device *global_dev;
 #define bes_info(fmt, ...) dev_info(global_dev, fmt, ##__VA_ARGS__)
 #define bes_warn(fmt, ...) dev_warn(global_dev, fmt, ##__VA_ARGS__)
 #define bes_err(fmt, ...) dev_err(global_dev, fmt, ##__VA_ARGS__)
+
+/*
+ * Legacy debug-subsystem-tagged log macros. The per-subsystem filtering
+ * was never implemented in-tree; these shims let code paths gated by
+ * CONFIG_BES2600_TESTMODE / CONFIG_BES2600_ITP / BES2600_DETECTION_LOGIC
+ * build when their conditions are enabled. The first argument is
+ * currently unused; pick one of the BES2600_DBG_* constants below for
+ * documentation.
+ */
+#define BES2600_DBG_SBUS       0
+#define BES2600_DBG_DOWNLOAD   0
+#define BES2600_DBG_ITP        0
+#define BES2600_DBG_TEST_MODE  0
+
+#define bes2600_info(_dbg, fmt, ...) bes_info(fmt, ##__VA_ARGS__)
+#define bes2600_err(_dbg, fmt, ...) bes_err(fmt, ##__VA_ARGS__)
+#define bes2600_warn(_dbg, fmt, ...) bes_warn(fmt, ##__VA_ARGS__)
+#define bes2600_dbg(_dbg, fmt, ...) bes_devel(fmt, ##__VA_ARGS__)
+#define bes2600_err_with_cond(_cond, _dbg, fmt, ...)		\
+	do {							\
+		if (_cond)					\
+			bes_err(fmt, ##__VA_ARGS__);		\
+	} while (0)

bes2600/debug.c

@@ -542,8 +542,6 @@ static int bes2600_status_show_priv(struct seq_file *seq, void *v)
 		priv->listening ? " (listening)" : "");
 	seq_printf(seq, "Assoc:      %s\n",
 		bes2600_debug_join_status[priv->join_status]);
-	seq_printf(seq, "DecryptStormRecoveries: %u\n",
-		   priv->decrypt_storm_recoveries);
 	if (priv->rx_filter.promiscuous)
 		seq_puts(seq,   "Filter:     promisc\n");
 	else if (priv->rx_filter.fcs)

bes2600/sta.c

@@ -448,7 +448,6 @@ void bes2600_remove_interface(struct ieee80211_hw *dev,
 	cancel_delayed_work_sync(&priv->join_timeout);
 	cancel_delayed_work_sync(&priv->set_cts_work);
 	cancel_delayed_work_sync(&priv->pending_offchanneltx_work);
-	cancel_work_sync(&priv->decrypt_storm_recover_work);
 
 	del_timer_sync(&priv->mcast_timeout);
 	/* TODO:COMBO: May be reset of these variables "delayed_link_loss and
@@ -2620,7 +2619,6 @@ int bes2600_vif_setup(struct bes2600_vif *priv)
 
 	/* Setup per vif workitems and locks */
 	spin_lock_init(&priv->vif_lock);
-	bes2600_decrypt_storm_init(priv);
 	INIT_WORK(&priv->join_work, bes2600_join_work);
 	INIT_DELAYED_WORK(&priv->join_timeout, bes2600_join_timeout);
 	INIT_WORK(&priv->unjoin_work, bes2600_unjoin_work);
@@ -3635,7 +3633,7 @@ static int bes2600_set_power_save(struct ieee80211_hw *hw,
  *
  * Returns: 0 on success or non zero value on failure
  */
-int bes2600_start_stop_tsm(struct ieee80211_hw *hw, void *data)
+static int bes2600_start_stop_tsm(struct ieee80211_hw *hw, void *data)
 {
 	struct bes_msg_start_stop_tsm *start_stop_tsm =
 		(struct bes_msg_start_stop_tsm *) data;
@@ -3665,7 +3663,7 @@ int bes2600_start_stop_tsm(struct ieee80211_hw *hw, void *data)
  *
  * Returns: TSM parameters collected
  */
-int bes2600_get_tsm_params(struct ieee80211_hw *hw)
+static int bes2600_get_tsm_params(struct ieee80211_hw *hw)
 {
 	struct bes2600_common *hw_priv = hw->priv;
 	struct bes_tsm_stats tsm_stats;
@@ -3705,7 +3703,7 @@ int bes2600_get_tsm_params(struct ieee80211_hw *hw)
  *
  * Returns: Returns the last measured roam delay
  */
-int bes2600_get_roam_delay(struct ieee80211_hw *hw)
+static int bes2600_get_roam_delay(struct ieee80211_hw *hw)
 {
 	struct bes2600_common *hw_priv = hw->priv;
 	u16 roam_delay = hw_priv->tsm_info.roam_delay / 1000;

bes2600/txrx.c

@@ -25,78 +25,6 @@
 
 #define BES2600_INVALID_RATE_ID (0xFF)
 
-/*
- * Decrypt-storm fast-recover (Trigger B).
- *
- * When the BES2600 firmware reports WSM_STATUS_DECRYPTFAILURE for a
- * burst of received frames (typically because the host's PTK or GTK
- * has fallen out of sync with the AP), the AP eventually concludes that
- * the STA is not authenticated and emits an unprotected deauth-reason-6
- * ("Class 2 frame received from non-authenticated station"). On the
- * deployed pinetab2 + bes2600 stack this AP-initiated deauth has been
- * observed to leave the link blackholed for up to 109 s before
- * userspace finds a different SSID/channel to recover on. (Receipts at
- * https://git.reauktion.de/marfrit/besser, notes/phase5-2026-05-06.md.)
- *
- * Recovery here pre-empts the AP: when we see THRESHOLD decrypt
- * failures within WINDOW, we ask mac80211 for a clean reassoc via
- * ieee80211_connection_loss(), which causes immediate disassociation
- * and lets userspace auto-reconnect with fresh keys.
- *
- * mac80211 contract: ieee80211_connection_loss() may be called
- * regardless of IEEE80211_HW_CONNECTION_MONITOR; it causes immediate
- * disassociation without driver-side recovery attempts. See
- * include/net/mac80211.h for the canonical doc-comment.
- *
- * The threshold is set well above the steady-state per-vif
- * decrypt-fail rate observed in measurement (~1/min even under
- * sustained 1 MB/s load), so a true storm is required to trip it.
- */
-#define BES2600_DECRYPT_STORM_THRESHOLD	5
-#define BES2600_DECRYPT_STORM_WINDOW_MS	5000
-
-static void bes2600_decrypt_storm_recover_work(struct work_struct *work)
-{
-	struct bes2600_vif *priv = container_of(work, struct bes2600_vif,
-						decrypt_storm_recover_work);
-
-	if (!priv->vif)
-		return;
-
-	bes_warn("[bes2600] decrypt-storm fast-recover: forcing reassoc\n");
-	ieee80211_connection_loss(priv->vif);
-	priv->decrypt_storm_recoveries++;
-}
-
-void bes2600_decrypt_storm_init(struct bes2600_vif *priv)
-{
-	INIT_WORK(&priv->decrypt_storm_recover_work,
-		  bes2600_decrypt_storm_recover_work);
-	priv->decrypt_storm_window_start = 0;
-	priv->decrypt_storm_count = 0;
-	priv->decrypt_storm_recoveries = 0;
-}
-
-void bes2600_decrypt_storm_account(struct bes2600_vif *priv)
-{
-	unsigned long now = jiffies;
-	unsigned long window = msecs_to_jiffies(BES2600_DECRYPT_STORM_WINDOW_MS);
-
-	if (priv->decrypt_storm_window_start == 0 ||
-	    time_after(now, priv->decrypt_storm_window_start + window)) {
-		priv->decrypt_storm_window_start = now;
-		priv->decrypt_storm_count = 1;
-		return;
-	}
-
-	if (++priv->decrypt_storm_count >= BES2600_DECRYPT_STORM_THRESHOLD) {
-		priv->decrypt_storm_count = 0;
-		/* Skew the window so we don't re-fire on the same storm. */
-		priv->decrypt_storm_window_start = now + window;
-		schedule_work(&priv->decrypt_storm_recover_work);
-	}
-}
-
 #ifdef CONFIG_BES2600_TESTMODE
 #include "bes_nl80211_testmode_msg.h"
 #endif /* CONFIG_BES2600_TESTMODE */
@@ -1744,8 +1672,6 @@ void bes2600_rx_cb(struct bes2600_vif *priv,
 			goto drop;
 		} else {
 			bes_warn("[RX] Receive failure: %d.\n", arg->status);
-			if (arg->status == WSM_STATUS_DECRYPTFAILURE)
-				bes2600_decrypt_storm_account(priv);
 			goto drop;
 		}
 	}