1 // SPDX-License-Identifier: ISC
2 /*
3 * Copyright (C) 2022 MediaTek Inc.
4 */
5
6 #include <linux/etherdevice.h>
7 #include <linux/timekeeping.h>
8 #include "coredump.h"
9 #include "mt7996.h"
10 #include "../dma.h"
11 #include "mac.h"
12 #include "mcu.h"
13 #if defined(__FreeBSD__)
14 #include <linux/delay.h>
15 #endif
16
17 #define to_rssi(field, rcpi) ((FIELD_GET(field, rcpi) - 220) / 2)
18
19 static const struct mt7996_dfs_radar_spec etsi_radar_specs = {
20 .pulse_th = { 110, -10, -80, 40, 5200, 128, 5200 },
21 .radar_pattern = {
22 [5] = { 1, 0, 6, 32, 28, 0, 990, 5010, 17, 1, 1 },
23 [6] = { 1, 0, 9, 32, 28, 0, 615, 5010, 27, 1, 1 },
24 [7] = { 1, 0, 15, 32, 28, 0, 240, 445, 27, 1, 1 },
25 [8] = { 1, 0, 12, 32, 28, 0, 240, 510, 42, 1, 1 },
26 [9] = { 1, 1, 0, 0, 0, 0, 2490, 3343, 14, 0, 0, 12, 32, 28, { }, 126 },
27 [10] = { 1, 1, 0, 0, 0, 0, 2490, 3343, 14, 0, 0, 15, 32, 24, { }, 126 },
28 [11] = { 1, 1, 0, 0, 0, 0, 823, 2510, 14, 0, 0, 18, 32, 28, { }, 54 },
29 [12] = { 1, 1, 0, 0, 0, 0, 823, 2510, 14, 0, 0, 27, 32, 24, { }, 54 },
30 },
31 };
32
33 static const struct mt7996_dfs_radar_spec fcc_radar_specs = {
34 .pulse_th = { 110, -10, -80, 40, 5200, 128, 5200 },
35 .radar_pattern = {
36 [0] = { 1, 0, 8, 32, 28, 0, 508, 3076, 13, 1, 1 },
37 [1] = { 1, 0, 12, 32, 28, 0, 140, 240, 17, 1, 1 },
38 [2] = { 1, 0, 8, 32, 28, 0, 190, 510, 22, 1, 1 },
39 [3] = { 1, 0, 6, 32, 28, 0, 190, 510, 32, 1, 1 },
40 [4] = { 1, 0, 9, 255, 28, 0, 323, 343, 13, 1, 32 },
41 },
42 };
43
44 static const struct mt7996_dfs_radar_spec jp_radar_specs = {
45 .pulse_th = { 110, -10, -80, 40, 5200, 128, 5200 },
46 .radar_pattern = {
47 [0] = { 1, 0, 8, 32, 28, 0, 508, 3076, 13, 1, 1 },
48 [1] = { 1, 0, 12, 32, 28, 0, 140, 240, 17, 1, 1 },
49 [2] = { 1, 0, 8, 32, 28, 0, 190, 510, 22, 1, 1 },
50 [3] = { 1, 0, 6, 32, 28, 0, 190, 510, 32, 1, 1 },
51 [4] = { 1, 0, 9, 255, 28, 0, 323, 343, 13, 1, 32 },
52 [13] = { 1, 0, 7, 32, 28, 0, 3836, 3856, 14, 1, 1 },
53 [14] = { 1, 0, 6, 32, 28, 0, 615, 5010, 110, 1, 1 },
54 [15] = { 1, 1, 0, 0, 0, 0, 15, 5010, 110, 0, 0, 12, 32, 28 },
55 },
56 };
57
mt7996_rx_get_wcid(struct mt7996_dev * dev,u16 idx,u8 band_idx)58 static struct mt76_wcid *mt7996_rx_get_wcid(struct mt7996_dev *dev,
59 u16 idx, u8 band_idx)
60 {
61 struct mt7996_sta_link *msta_link;
62 struct mt7996_sta *msta;
63 struct mt7996_vif *mvif;
64 struct mt76_wcid *wcid;
65 int i;
66
67 wcid = mt76_wcid_ptr(dev, idx);
68 if (!wcid || !wcid->sta)
69 return NULL;
70
71 if (!mt7996_band_valid(dev, band_idx))
72 return NULL;
73
74 if (wcid->phy_idx == band_idx)
75 return wcid;
76
77 msta_link = container_of(wcid, struct mt7996_sta_link, wcid);
78 msta = msta_link->sta;
79 if (!msta || !msta->vif)
80 return NULL;
81
82 mvif = msta->vif;
83 for (i = 0; i < ARRAY_SIZE(mvif->mt76.link); i++) {
84 struct mt76_vif_link *mlink;
85
86 mlink = rcu_dereference(mvif->mt76.link[i]);
87 if (!mlink)
88 continue;
89
90 if (mlink->band_idx != band_idx)
91 continue;
92
93 msta_link = rcu_dereference(msta->link[i]);
94 break;
95 }
96
97 return &msta_link->wcid;
98 }
99
mt7996_mac_wtbl_update(struct mt7996_dev * dev,int idx,u32 mask)100 bool mt7996_mac_wtbl_update(struct mt7996_dev *dev, int idx, u32 mask)
101 {
102 mt76_rmw(dev, MT_WTBL_UPDATE, MT_WTBL_UPDATE_WLAN_IDX,
103 FIELD_PREP(MT_WTBL_UPDATE_WLAN_IDX, idx) | mask);
104
105 return mt76_poll(dev, MT_WTBL_UPDATE, MT_WTBL_UPDATE_BUSY,
106 0, 5000);
107 }
108
mt7996_mac_wtbl_lmac_addr(struct mt7996_dev * dev,u16 wcid,u8 dw)109 u32 mt7996_mac_wtbl_lmac_addr(struct mt7996_dev *dev, u16 wcid, u8 dw)
110 {
111 mt76_wr(dev, MT_WTBLON_TOP_WDUCR,
112 FIELD_PREP(MT_WTBLON_TOP_WDUCR_GROUP, (wcid >> 7)));
113
114 return MT_WTBL_LMAC_OFFS(wcid, dw);
115 }
116
mt7996_mac_sta_poll(struct mt7996_dev * dev)117 static void mt7996_mac_sta_poll(struct mt7996_dev *dev)
118 {
119 static const u8 ac_to_tid[] = {
120 [IEEE80211_AC_BE] = 0,
121 [IEEE80211_AC_BK] = 1,
122 [IEEE80211_AC_VI] = 4,
123 [IEEE80211_AC_VO] = 6
124 };
125 struct mt7996_sta_link *msta_link;
126 struct mt76_vif_link *mlink;
127 struct ieee80211_sta *sta;
128 struct mt7996_sta *msta;
129 u32 tx_time[IEEE80211_NUM_ACS], rx_time[IEEE80211_NUM_ACS];
130 LIST_HEAD(sta_poll_list);
131 struct mt76_wcid *wcid;
132 int i;
133
134 spin_lock_bh(&dev->mt76.sta_poll_lock);
135 list_splice_init(&dev->mt76.sta_poll_list, &sta_poll_list);
136 spin_unlock_bh(&dev->mt76.sta_poll_lock);
137
138 rcu_read_lock();
139
140 while (true) {
141 bool clear = false;
142 u32 addr, val;
143 u16 idx;
144 s8 rssi[4];
145
146 spin_lock_bh(&dev->mt76.sta_poll_lock);
147 if (list_empty(&sta_poll_list)) {
148 spin_unlock_bh(&dev->mt76.sta_poll_lock);
149 break;
150 }
151 msta_link = list_first_entry(&sta_poll_list,
152 struct mt7996_sta_link,
153 wcid.poll_list);
154 msta = msta_link->sta;
155 wcid = &msta_link->wcid;
156 list_del_init(&wcid->poll_list);
157 spin_unlock_bh(&dev->mt76.sta_poll_lock);
158
159 idx = wcid->idx;
160
161 /* refresh peer's airtime reporting */
162 addr = mt7996_mac_wtbl_lmac_addr(dev, idx, 20);
163
164 for (i = 0; i < IEEE80211_NUM_ACS; i++) {
165 u32 tx_last = msta_link->airtime_ac[i];
166 u32 rx_last = msta_link->airtime_ac[i + 4];
167
168 msta_link->airtime_ac[i] = mt76_rr(dev, addr);
169 msta_link->airtime_ac[i + 4] = mt76_rr(dev, addr + 4);
170
171 tx_time[i] = msta_link->airtime_ac[i] - tx_last;
172 rx_time[i] = msta_link->airtime_ac[i + 4] - rx_last;
173
174 if ((tx_last | rx_last) & BIT(30))
175 clear = true;
176
177 addr += 8;
178 }
179
180 if (clear) {
181 mt7996_mac_wtbl_update(dev, idx,
182 MT_WTBL_UPDATE_ADM_COUNT_CLEAR);
183 memset(msta_link->airtime_ac, 0,
184 sizeof(msta_link->airtime_ac));
185 }
186
187 if (!wcid->sta)
188 continue;
189
190 sta = container_of((void *)msta, struct ieee80211_sta,
191 drv_priv);
192 for (i = 0; i < IEEE80211_NUM_ACS; i++) {
193 u8 q = mt76_connac_lmac_mapping(i);
194 u32 tx_cur = tx_time[q];
195 u32 rx_cur = rx_time[q];
196 u8 tid = ac_to_tid[i];
197
198 if (!tx_cur && !rx_cur)
199 continue;
200
201 ieee80211_sta_register_airtime(sta, tid, tx_cur, rx_cur);
202 }
203
204 /* get signal strength of resp frames (CTS/BA/ACK) */
205 addr = mt7996_mac_wtbl_lmac_addr(dev, idx, 34);
206 val = mt76_rr(dev, addr);
207
208 rssi[0] = to_rssi(GENMASK(7, 0), val);
209 rssi[1] = to_rssi(GENMASK(15, 8), val);
210 rssi[2] = to_rssi(GENMASK(23, 16), val);
211 rssi[3] = to_rssi(GENMASK(31, 14), val);
212
213 mlink = rcu_dereference(msta->vif->mt76.link[wcid->link_id]);
214 if (mlink) {
215 struct mt76_phy *mphy = mt76_vif_link_phy(mlink);
216
217 if (mphy)
218 msta_link->ack_signal =
219 mt76_rx_signal(mphy->antenna_mask,
220 rssi);
221 }
222
223 ewma_avg_signal_add(&msta_link->avg_ack_signal,
224 -msta_link->ack_signal);
225 }
226
227 rcu_read_unlock();
228 }
229
230 /* The HW does not translate the mac header to 802.3 for mesh point */
mt7996_reverse_frag0_hdr_trans(struct sk_buff * skb,u16 hdr_gap)231 static int mt7996_reverse_frag0_hdr_trans(struct sk_buff *skb, u16 hdr_gap)
232 {
233 struct mt76_rx_status *status = (struct mt76_rx_status *)skb->cb;
234 struct ethhdr *eth_hdr = (struct ethhdr *)(skb->data + hdr_gap);
235 struct mt7996_sta *msta = (struct mt7996_sta *)status->wcid;
236 __le32 *rxd = (__le32 *)skb->data;
237 struct ieee80211_sta *sta;
238 struct ieee80211_vif *vif;
239 struct ieee80211_hdr hdr;
240 u16 frame_control;
241
242 if (le32_get_bits(rxd[3], MT_RXD3_NORMAL_ADDR_TYPE) !=
243 MT_RXD3_NORMAL_U2M)
244 return -EINVAL;
245
246 if (!(le32_to_cpu(rxd[1]) & MT_RXD1_NORMAL_GROUP_4))
247 return -EINVAL;
248
249 if (!msta || !msta->vif)
250 return -EINVAL;
251
252 sta = container_of((void *)msta, struct ieee80211_sta, drv_priv);
253 vif = container_of((void *)msta->vif, struct ieee80211_vif, drv_priv);
254
255 /* store the info from RXD and ethhdr to avoid being overridden */
256 frame_control = le32_get_bits(rxd[8], MT_RXD8_FRAME_CONTROL);
257 hdr.frame_control = cpu_to_le16(frame_control);
258 hdr.seq_ctrl = cpu_to_le16(le32_get_bits(rxd[10], MT_RXD10_SEQ_CTRL));
259 hdr.duration_id = 0;
260
261 ether_addr_copy(hdr.addr1, vif->addr);
262 ether_addr_copy(hdr.addr2, sta->addr);
263 switch (frame_control & (IEEE80211_FCTL_TODS |
264 IEEE80211_FCTL_FROMDS)) {
265 case 0:
266 ether_addr_copy(hdr.addr3, vif->bss_conf.bssid);
267 break;
268 case IEEE80211_FCTL_FROMDS:
269 ether_addr_copy(hdr.addr3, eth_hdr->h_source);
270 break;
271 case IEEE80211_FCTL_TODS:
272 ether_addr_copy(hdr.addr3, eth_hdr->h_dest);
273 break;
274 case IEEE80211_FCTL_TODS | IEEE80211_FCTL_FROMDS:
275 ether_addr_copy(hdr.addr3, eth_hdr->h_dest);
276 ether_addr_copy(hdr.addr4, eth_hdr->h_source);
277 break;
278 default:
279 return -EINVAL;
280 }
281
282 skb_pull(skb, hdr_gap + sizeof(struct ethhdr) - 2);
283 if (eth_hdr->h_proto == cpu_to_be16(ETH_P_AARP) ||
284 eth_hdr->h_proto == cpu_to_be16(ETH_P_IPX))
285 ether_addr_copy(skb_push(skb, ETH_ALEN), bridge_tunnel_header);
286 else if (be16_to_cpu(eth_hdr->h_proto) >= ETH_P_802_3_MIN)
287 ether_addr_copy(skb_push(skb, ETH_ALEN), rfc1042_header);
288 else
289 skb_pull(skb, 2);
290
291 if (ieee80211_has_order(hdr.frame_control))
292 memcpy(skb_push(skb, IEEE80211_HT_CTL_LEN), &rxd[11],
293 IEEE80211_HT_CTL_LEN);
294 if (ieee80211_is_data_qos(hdr.frame_control)) {
295 __le16 qos_ctrl;
296
297 qos_ctrl = cpu_to_le16(le32_get_bits(rxd[10], MT_RXD10_QOS_CTL));
298 memcpy(skb_push(skb, IEEE80211_QOS_CTL_LEN), &qos_ctrl,
299 IEEE80211_QOS_CTL_LEN);
300 }
301
302 if (ieee80211_has_a4(hdr.frame_control))
303 memcpy(skb_push(skb, sizeof(hdr)), &hdr, sizeof(hdr));
304 else
305 memcpy(skb_push(skb, sizeof(hdr) - 6), &hdr, sizeof(hdr) - 6);
306
307 return 0;
308 }
309
310 static int
mt7996_mac_fill_rx_rate(struct mt7996_dev * dev,struct mt76_rx_status * status,struct ieee80211_supported_band * sband,__le32 * rxv,u8 * mode)311 mt7996_mac_fill_rx_rate(struct mt7996_dev *dev,
312 struct mt76_rx_status *status,
313 struct ieee80211_supported_band *sband,
314 __le32 *rxv, u8 *mode)
315 {
316 u32 v0, v2;
317 u8 stbc, gi, bw, dcm, nss;
318 int i, idx;
319 bool cck = false;
320
321 v0 = le32_to_cpu(rxv[0]);
322 v2 = le32_to_cpu(rxv[2]);
323
324 idx = FIELD_GET(MT_PRXV_TX_RATE, v0);
325 i = idx;
326 nss = FIELD_GET(MT_PRXV_NSTS, v0) + 1;
327
328 stbc = FIELD_GET(MT_PRXV_HT_STBC, v2);
329 gi = FIELD_GET(MT_PRXV_HT_SHORT_GI, v2);
330 *mode = FIELD_GET(MT_PRXV_TX_MODE, v2);
331 dcm = FIELD_GET(MT_PRXV_DCM, v2);
332 bw = FIELD_GET(MT_PRXV_FRAME_MODE, v2);
333
334 switch (*mode) {
335 case MT_PHY_TYPE_CCK:
336 cck = true;
337 fallthrough;
338 case MT_PHY_TYPE_OFDM:
339 i = mt76_get_rate(&dev->mt76, sband, i, cck);
340 break;
341 case MT_PHY_TYPE_HT_GF:
342 case MT_PHY_TYPE_HT:
343 status->encoding = RX_ENC_HT;
344 if (gi)
345 status->enc_flags |= RX_ENC_FLAG_SHORT_GI;
346 if (i > 31)
347 return -EINVAL;
348 break;
349 case MT_PHY_TYPE_VHT:
350 status->nss = nss;
351 status->encoding = RX_ENC_VHT;
352 if (gi)
353 status->enc_flags |= RX_ENC_FLAG_SHORT_GI;
354 if (i > 11)
355 return -EINVAL;
356 break;
357 case MT_PHY_TYPE_HE_MU:
358 case MT_PHY_TYPE_HE_SU:
359 case MT_PHY_TYPE_HE_EXT_SU:
360 case MT_PHY_TYPE_HE_TB:
361 status->nss = nss;
362 status->encoding = RX_ENC_HE;
363 i &= GENMASK(3, 0);
364
365 if (gi <= NL80211_RATE_INFO_HE_GI_3_2)
366 status->he_gi = gi;
367
368 status->he_dcm = dcm;
369 break;
370 case MT_PHY_TYPE_EHT_SU:
371 case MT_PHY_TYPE_EHT_TRIG:
372 case MT_PHY_TYPE_EHT_MU:
373 status->nss = nss;
374 status->encoding = RX_ENC_EHT;
375 i &= GENMASK(3, 0);
376
377 if (gi <= NL80211_RATE_INFO_EHT_GI_3_2)
378 status->eht.gi = gi;
379 break;
380 default:
381 return -EINVAL;
382 }
383 status->rate_idx = i;
384
385 switch (bw) {
386 case IEEE80211_STA_RX_BW_20:
387 break;
388 case IEEE80211_STA_RX_BW_40:
389 if (*mode & MT_PHY_TYPE_HE_EXT_SU &&
390 (idx & MT_PRXV_TX_ER_SU_106T)) {
391 status->bw = RATE_INFO_BW_HE_RU;
392 status->he_ru =
393 NL80211_RATE_INFO_HE_RU_ALLOC_106;
394 } else {
395 status->bw = RATE_INFO_BW_40;
396 }
397 break;
398 case IEEE80211_STA_RX_BW_80:
399 status->bw = RATE_INFO_BW_80;
400 break;
401 case IEEE80211_STA_RX_BW_160:
402 status->bw = RATE_INFO_BW_160;
403 break;
404 /* rxv reports bw 320-1 and 320-2 separately */
405 case IEEE80211_STA_RX_BW_320:
406 case IEEE80211_STA_RX_BW_320 + 1:
407 status->bw = RATE_INFO_BW_320;
408 break;
409 default:
410 return -EINVAL;
411 }
412
413 status->enc_flags |= RX_ENC_FLAG_STBC_MASK * stbc;
414 if (*mode < MT_PHY_TYPE_HE_SU && gi)
415 status->enc_flags |= RX_ENC_FLAG_SHORT_GI;
416
417 return 0;
418 }
419
420 static void
mt7996_wed_check_ppe(struct mt7996_dev * dev,struct mt76_queue * q,struct mt7996_sta * msta,struct sk_buff * skb,u32 info)421 mt7996_wed_check_ppe(struct mt7996_dev *dev, struct mt76_queue *q,
422 struct mt7996_sta *msta, struct sk_buff *skb,
423 u32 info)
424 {
425 struct ieee80211_vif *vif;
426 struct wireless_dev *wdev;
427
428 if (!msta || !msta->vif)
429 return;
430
431 if (!mt76_queue_is_wed_rx(q))
432 return;
433
434 if (!(info & MT_DMA_INFO_PPE_VLD))
435 return;
436
437 vif = container_of((void *)msta->vif, struct ieee80211_vif,
438 drv_priv);
439 wdev = ieee80211_vif_to_wdev(vif);
440 skb->dev = wdev->netdev;
441
442 mtk_wed_device_ppe_check(&dev->mt76.mmio.wed, skb,
443 FIELD_GET(MT_DMA_PPE_CPU_REASON, info),
444 FIELD_GET(MT_DMA_PPE_ENTRY, info));
445 }
446
447 static int
mt7996_mac_fill_rx(struct mt7996_dev * dev,enum mt76_rxq_id q,struct sk_buff * skb,u32 * info)448 mt7996_mac_fill_rx(struct mt7996_dev *dev, enum mt76_rxq_id q,
449 struct sk_buff *skb, u32 *info)
450 {
451 struct mt76_rx_status *status = (struct mt76_rx_status *)skb->cb;
452 struct mt76_phy *mphy = &dev->mt76.phy;
453 struct mt7996_phy *phy = &dev->phy;
454 struct ieee80211_supported_band *sband;
455 __le32 *rxd = (__le32 *)skb->data;
456 __le32 *rxv = NULL;
457 u32 rxd0 = le32_to_cpu(rxd[0]);
458 u32 rxd1 = le32_to_cpu(rxd[1]);
459 u32 rxd2 = le32_to_cpu(rxd[2]);
460 u32 rxd3 = le32_to_cpu(rxd[3]);
461 u32 rxd4 = le32_to_cpu(rxd[4]);
462 u32 csum_mask = MT_RXD3_NORMAL_IP_SUM | MT_RXD3_NORMAL_UDP_TCP_SUM;
463 u32 csum_status = *(u32 *)skb->cb;
464 u32 mesh_mask = MT_RXD0_MESH | MT_RXD0_MHCP;
465 bool is_mesh = (rxd0 & mesh_mask) == mesh_mask;
466 bool unicast, insert_ccmp_hdr = false;
467 u8 remove_pad, amsdu_info, band_idx;
468 u8 mode = 0, qos_ctl = 0;
469 bool hdr_trans;
470 u16 hdr_gap;
471 u16 seq_ctrl = 0;
472 __le16 fc = 0;
473 int idx;
474 u8 hw_aggr = false;
475 struct mt7996_sta *msta = NULL;
476
477 hw_aggr = status->aggr;
478 memset(status, 0, sizeof(*status));
479
480 band_idx = FIELD_GET(MT_RXD1_NORMAL_BAND_IDX, rxd1);
481 mphy = dev->mt76.phys[band_idx];
482 phy = mphy->priv;
483 status->phy_idx = mphy->band_idx;
484
485 if (!test_bit(MT76_STATE_RUNNING, &mphy->state))
486 return -EINVAL;
487
488 if (rxd2 & MT_RXD2_NORMAL_AMSDU_ERR)
489 return -EINVAL;
490
491 hdr_trans = rxd2 & MT_RXD2_NORMAL_HDR_TRANS;
492 if (hdr_trans && (rxd1 & MT_RXD1_NORMAL_CM))
493 return -EINVAL;
494
495 /* ICV error or CCMP/BIP/WPI MIC error */
496 if (rxd1 & MT_RXD1_NORMAL_ICV_ERR)
497 status->flag |= RX_FLAG_ONLY_MONITOR;
498
499 unicast = FIELD_GET(MT_RXD3_NORMAL_ADDR_TYPE, rxd3) == MT_RXD3_NORMAL_U2M;
500 idx = FIELD_GET(MT_RXD1_NORMAL_WLAN_IDX, rxd1);
501 status->wcid = mt7996_rx_get_wcid(dev, idx, band_idx);
502
503 if (status->wcid) {
504 struct mt7996_sta_link *msta_link;
505
506 msta_link = container_of(status->wcid, struct mt7996_sta_link,
507 wcid);
508 msta = msta_link->sta;
509 mt76_wcid_add_poll(&dev->mt76, &msta_link->wcid);
510 }
511
512 status->freq = mphy->chandef.chan->center_freq;
513 status->band = mphy->chandef.chan->band;
514 if (status->band == NL80211_BAND_5GHZ)
515 sband = &mphy->sband_5g.sband;
516 else if (status->band == NL80211_BAND_6GHZ)
517 sband = &mphy->sband_6g.sband;
518 else
519 sband = &mphy->sband_2g.sband;
520
521 if (!sband->channels)
522 return -EINVAL;
523
524 if ((rxd3 & csum_mask) == csum_mask &&
525 !(csum_status & (BIT(0) | BIT(2) | BIT(3))))
526 skb->ip_summed = CHECKSUM_UNNECESSARY;
527
528 if (rxd1 & MT_RXD3_NORMAL_FCS_ERR)
529 status->flag |= RX_FLAG_FAILED_FCS_CRC;
530
531 if (rxd1 & MT_RXD1_NORMAL_TKIP_MIC_ERR)
532 status->flag |= RX_FLAG_MMIC_ERROR;
533
534 if (FIELD_GET(MT_RXD2_NORMAL_SEC_MODE, rxd2) != 0 &&
535 !(rxd1 & (MT_RXD1_NORMAL_CLM | MT_RXD1_NORMAL_CM))) {
536 status->flag |= RX_FLAG_DECRYPTED;
537 status->flag |= RX_FLAG_IV_STRIPPED;
538 status->flag |= RX_FLAG_MMIC_STRIPPED | RX_FLAG_MIC_STRIPPED;
539 }
540
541 remove_pad = FIELD_GET(MT_RXD2_NORMAL_HDR_OFFSET, rxd2);
542
543 if (rxd2 & MT_RXD2_NORMAL_MAX_LEN_ERROR)
544 return -EINVAL;
545
546 rxd += 8;
547 if (rxd1 & MT_RXD1_NORMAL_GROUP_4) {
548 u32 v0 = le32_to_cpu(rxd[0]);
549 u32 v2 = le32_to_cpu(rxd[2]);
550
551 fc = cpu_to_le16(FIELD_GET(MT_RXD8_FRAME_CONTROL, v0));
552 qos_ctl = FIELD_GET(MT_RXD10_QOS_CTL, v2);
553 seq_ctrl = FIELD_GET(MT_RXD10_SEQ_CTRL, v2);
554
555 rxd += 4;
556 if ((u8 *)rxd - skb->data >= skb->len)
557 return -EINVAL;
558 }
559
560 if (rxd1 & MT_RXD1_NORMAL_GROUP_1) {
561 u8 *data = (u8 *)rxd;
562
563 if (status->flag & RX_FLAG_DECRYPTED) {
564 switch (FIELD_GET(MT_RXD2_NORMAL_SEC_MODE, rxd2)) {
565 case MT_CIPHER_AES_CCMP:
566 case MT_CIPHER_CCMP_CCX:
567 case MT_CIPHER_CCMP_256:
568 insert_ccmp_hdr =
569 FIELD_GET(MT_RXD2_NORMAL_FRAG, rxd2);
570 fallthrough;
571 case MT_CIPHER_TKIP:
572 case MT_CIPHER_TKIP_NO_MIC:
573 case MT_CIPHER_GCMP:
574 case MT_CIPHER_GCMP_256:
575 status->iv[0] = data[5];
576 status->iv[1] = data[4];
577 status->iv[2] = data[3];
578 status->iv[3] = data[2];
579 status->iv[4] = data[1];
580 status->iv[5] = data[0];
581 break;
582 default:
583 break;
584 }
585 }
586 rxd += 4;
587 if ((u8 *)rxd - skb->data >= skb->len)
588 return -EINVAL;
589 }
590
591 if (rxd1 & MT_RXD1_NORMAL_GROUP_2) {
592 status->timestamp = le32_to_cpu(rxd[0]);
593 status->flag |= RX_FLAG_MACTIME_START;
594
595 if (!(rxd2 & MT_RXD2_NORMAL_NON_AMPDU)) {
596 status->flag |= RX_FLAG_AMPDU_DETAILS;
597
598 /* all subframes of an A-MPDU have the same timestamp */
599 if (phy->rx_ampdu_ts != status->timestamp) {
600 if (!++phy->ampdu_ref)
601 phy->ampdu_ref++;
602 }
603 phy->rx_ampdu_ts = status->timestamp;
604
605 status->ampdu_ref = phy->ampdu_ref;
606 }
607
608 rxd += 4;
609 if ((u8 *)rxd - skb->data >= skb->len)
610 return -EINVAL;
611 }
612
613 /* RXD Group 3 - P-RXV */
614 if (rxd1 & MT_RXD1_NORMAL_GROUP_3) {
615 u32 v3;
616 int ret;
617
618 rxv = rxd;
619 rxd += 4;
620 if ((u8 *)rxd - skb->data >= skb->len)
621 return -EINVAL;
622
623 v3 = le32_to_cpu(rxv[3]);
624
625 status->chains = mphy->antenna_mask;
626 status->chain_signal[0] = to_rssi(MT_PRXV_RCPI0, v3);
627 status->chain_signal[1] = to_rssi(MT_PRXV_RCPI1, v3);
628 status->chain_signal[2] = to_rssi(MT_PRXV_RCPI2, v3);
629 status->chain_signal[3] = to_rssi(MT_PRXV_RCPI3, v3);
630
631 /* RXD Group 5 - C-RXV */
632 if (rxd1 & MT_RXD1_NORMAL_GROUP_5) {
633 rxd += 24;
634 if ((u8 *)rxd - skb->data >= skb->len)
635 return -EINVAL;
636 }
637
638 ret = mt7996_mac_fill_rx_rate(dev, status, sband, rxv, &mode);
639 if (ret < 0)
640 return ret;
641 }
642
643 amsdu_info = FIELD_GET(MT_RXD4_NORMAL_PAYLOAD_FORMAT, rxd4);
644 status->amsdu = !!amsdu_info;
645 if (status->amsdu) {
646 status->first_amsdu = amsdu_info == MT_RXD4_FIRST_AMSDU_FRAME;
647 status->last_amsdu = amsdu_info == MT_RXD4_LAST_AMSDU_FRAME;
648 }
649
650 /* IEEE 802.11 fragmentation can only be applied to unicast frames.
651 * Hence, drop fragments with multicast/broadcast RA.
652 * This check fixes vulnerabilities, like CVE-2020-26145.
653 */
654 if ((ieee80211_has_morefrags(fc) || seq_ctrl & IEEE80211_SCTL_FRAG) &&
655 FIELD_GET(MT_RXD3_NORMAL_ADDR_TYPE, rxd3) != MT_RXD3_NORMAL_U2M)
656 return -EINVAL;
657
658 hdr_gap = (u8 *)rxd - skb->data + 2 * remove_pad;
659 if (hdr_trans && ieee80211_has_morefrags(fc)) {
660 if (mt7996_reverse_frag0_hdr_trans(skb, hdr_gap))
661 return -EINVAL;
662 hdr_trans = false;
663 } else {
664 int pad_start = 0;
665
666 skb_pull(skb, hdr_gap);
667 if (!hdr_trans && status->amsdu && !(ieee80211_has_a4(fc) && is_mesh)) {
668 pad_start = ieee80211_get_hdrlen_from_skb(skb);
669 } else if (hdr_trans && (rxd2 & MT_RXD2_NORMAL_HDR_TRANS_ERROR)) {
670 /* When header translation failure is indicated,
671 * the hardware will insert an extra 2-byte field
672 * containing the data length after the protocol
673 * type field. This happens either when the LLC-SNAP
674 * pattern did not match, or if a VLAN header was
675 * detected.
676 */
677 pad_start = 12;
678 if (get_unaligned_be16(skb->data + pad_start) == ETH_P_8021Q)
679 pad_start += 4;
680 else
681 pad_start = 0;
682 }
683
684 if (pad_start) {
685 memmove(skb->data + 2, skb->data, pad_start);
686 skb_pull(skb, 2);
687 }
688 }
689
690 if (!hdr_trans) {
691 struct ieee80211_hdr *hdr;
692
693 if (insert_ccmp_hdr) {
694 u8 key_id = FIELD_GET(MT_RXD1_NORMAL_KEY_ID, rxd1);
695
696 mt76_insert_ccmp_hdr(skb, key_id);
697 }
698
699 hdr = mt76_skb_get_hdr(skb);
700 fc = hdr->frame_control;
701 if (ieee80211_is_data_qos(fc)) {
702 u8 *qos = ieee80211_get_qos_ctl(hdr);
703
704 seq_ctrl = le16_to_cpu(hdr->seq_ctrl);
705 qos_ctl = *qos;
706
707 /* Mesh DA/SA/Length will be stripped after hardware
708 * de-amsdu, so here needs to clear amsdu present bit
709 * to mark it as a normal mesh frame.
710 */
711 if (ieee80211_has_a4(fc) && is_mesh && status->amsdu)
712 *qos &= ~IEEE80211_QOS_CTL_A_MSDU_PRESENT;
713 }
714 skb_set_mac_header(skb, (unsigned char *)hdr - skb->data);
715 } else {
716 status->flag |= RX_FLAG_8023;
717 mt7996_wed_check_ppe(dev, &dev->mt76.q_rx[q], msta, skb,
718 *info);
719 }
720
721 if (rxv && !(status->flag & RX_FLAG_8023)) {
722 switch (status->encoding) {
723 case RX_ENC_EHT:
724 mt76_connac3_mac_decode_eht_radiotap(skb, rxv, mode);
725 break;
726 case RX_ENC_HE:
727 mt76_connac3_mac_decode_he_radiotap(skb, rxv, mode);
728 break;
729 default:
730 break;
731 }
732 }
733
734 if (!status->wcid || !ieee80211_is_data_qos(fc) || hw_aggr)
735 return 0;
736
737 status->aggr = unicast &&
738 !ieee80211_is_qos_nullfunc(fc);
739 status->qos_ctl = qos_ctl;
740 status->seqno = IEEE80211_SEQ_TO_SN(seq_ctrl);
741
742 return 0;
743 }
744
745 static void
mt7996_mac_write_txwi_8023(struct mt7996_dev * dev,__le32 * txwi,struct sk_buff * skb,struct mt76_wcid * wcid)746 mt7996_mac_write_txwi_8023(struct mt7996_dev *dev, __le32 *txwi,
747 struct sk_buff *skb, struct mt76_wcid *wcid)
748 {
749 u8 tid = skb->priority & IEEE80211_QOS_CTL_TID_MASK;
750 u8 fc_type, fc_stype;
751 u16 ethertype;
752 bool wmm = false;
753 u32 val;
754
755 if (wcid->sta) {
756 struct ieee80211_sta *sta = wcid_to_sta(wcid);
757
758 wmm = sta->wme;
759 }
760
761 val = FIELD_PREP(MT_TXD1_HDR_FORMAT, MT_HDR_FORMAT_802_3) |
762 FIELD_PREP(MT_TXD1_TID, tid);
763
764 ethertype = get_unaligned_be16(&skb->data[12]);
765 if (ethertype >= ETH_P_802_3_MIN)
766 val |= MT_TXD1_ETH_802_3;
767
768 txwi[1] |= cpu_to_le32(val);
769
770 fc_type = IEEE80211_FTYPE_DATA >> 2;
771 fc_stype = wmm ? IEEE80211_STYPE_QOS_DATA >> 4 : 0;
772
773 val = FIELD_PREP(MT_TXD2_FRAME_TYPE, fc_type) |
774 FIELD_PREP(MT_TXD2_SUB_TYPE, fc_stype);
775
776 txwi[2] |= cpu_to_le32(val);
777
778 if (wcid->amsdu)
779 txwi[3] |= cpu_to_le32(MT_TXD3_HW_AMSDU);
780 }
781
782 static void
mt7996_mac_write_txwi_80211(struct mt7996_dev * dev,__le32 * txwi,struct sk_buff * skb,struct ieee80211_key_conf * key,struct mt76_wcid * wcid)783 mt7996_mac_write_txwi_80211(struct mt7996_dev *dev, __le32 *txwi,
784 struct sk_buff *skb,
785 struct ieee80211_key_conf *key,
786 struct mt76_wcid *wcid)
787 {
788 struct ieee80211_hdr *hdr = (struct ieee80211_hdr *)skb->data;
789 struct ieee80211_mgmt *mgmt = (struct ieee80211_mgmt *)skb->data;
790 struct ieee80211_tx_info *info = IEEE80211_SKB_CB(skb);
791 bool multicast = is_multicast_ether_addr(hdr->addr1);
792 u8 tid = skb->priority & IEEE80211_QOS_CTL_TID_MASK;
793 __le16 fc = hdr->frame_control, sc = hdr->seq_ctrl;
794 u16 seqno = le16_to_cpu(sc);
795 u8 fc_type, fc_stype;
796 u32 val;
797
798 if (ieee80211_is_action(fc) &&
799 mgmt->u.action.category == WLAN_CATEGORY_BACK &&
800 mgmt->u.action.u.addba_req.action_code == WLAN_ACTION_ADDBA_REQ) {
801 if (is_mt7990(&dev->mt76))
802 txwi[6] |= cpu_to_le32(FIELD_PREP(MT_TXD6_TID_ADDBA, tid));
803 tid = MT_TX_ADDBA;
804 } else if (ieee80211_is_mgmt(hdr->frame_control)) {
805 tid = MT_TX_NORMAL;
806 }
807
808 val = FIELD_PREP(MT_TXD1_HDR_FORMAT, MT_HDR_FORMAT_802_11) |
809 FIELD_PREP(MT_TXD1_HDR_INFO,
810 ieee80211_get_hdrlen_from_skb(skb) / 2) |
811 FIELD_PREP(MT_TXD1_TID, tid);
812
813 if (!ieee80211_is_data(fc) || multicast ||
814 info->flags & IEEE80211_TX_CTL_USE_MINRATE)
815 val |= MT_TXD1_FIXED_RATE;
816
817 if (key && multicast && ieee80211_is_robust_mgmt_frame(skb)) {
818 val |= MT_TXD1_BIP;
819 txwi[3] &= ~cpu_to_le32(MT_TXD3_PROTECT_FRAME);
820 }
821
822 txwi[1] |= cpu_to_le32(val);
823
824 fc_type = (le16_to_cpu(fc) & IEEE80211_FCTL_FTYPE) >> 2;
825 fc_stype = (le16_to_cpu(fc) & IEEE80211_FCTL_STYPE) >> 4;
826
827 val = FIELD_PREP(MT_TXD2_FRAME_TYPE, fc_type) |
828 FIELD_PREP(MT_TXD2_SUB_TYPE, fc_stype);
829
830 if (ieee80211_has_morefrags(fc) && ieee80211_is_first_frag(sc))
831 val |= FIELD_PREP(MT_TXD2_FRAG, MT_TX_FRAG_FIRST);
832 else if (ieee80211_has_morefrags(fc) && !ieee80211_is_first_frag(sc))
833 val |= FIELD_PREP(MT_TXD2_FRAG, MT_TX_FRAG_MID);
834 else if (!ieee80211_has_morefrags(fc) && !ieee80211_is_first_frag(sc))
835 val |= FIELD_PREP(MT_TXD2_FRAG, MT_TX_FRAG_LAST);
836 else
837 val |= FIELD_PREP(MT_TXD2_FRAG, MT_TX_FRAG_NONE);
838
839 txwi[2] |= cpu_to_le32(val);
840
841 txwi[3] |= cpu_to_le32(FIELD_PREP(MT_TXD3_BCM, multicast));
842 if (ieee80211_is_beacon(fc)) {
843 txwi[3] &= ~cpu_to_le32(MT_TXD3_SW_POWER_MGMT);
844 txwi[3] |= cpu_to_le32(MT_TXD3_REM_TX_COUNT);
845 }
846
847 if (multicast && ieee80211_vif_is_mld(info->control.vif)) {
848 val = MT_TXD3_SN_VALID |
849 FIELD_PREP(MT_TXD3_SEQ, IEEE80211_SEQ_TO_SN(seqno));
850 txwi[3] |= cpu_to_le32(val);
851 }
852
853 if (info->flags & IEEE80211_TX_CTL_INJECTED) {
854 if (ieee80211_is_back_req(hdr->frame_control)) {
855 struct ieee80211_bar *bar;
856
857 bar = (struct ieee80211_bar *)skb->data;
858 seqno = le16_to_cpu(bar->start_seq_num);
859 }
860
861 val = MT_TXD3_SN_VALID |
862 FIELD_PREP(MT_TXD3_SEQ, IEEE80211_SEQ_TO_SN(seqno));
863 txwi[3] |= cpu_to_le32(val);
864 txwi[3] &= ~cpu_to_le32(MT_TXD3_HW_AMSDU);
865 }
866
867 if (ieee80211_vif_is_mld(info->control.vif) &&
868 (multicast || unlikely(skb->protocol == cpu_to_be16(ETH_P_PAE))))
869 txwi[5] |= cpu_to_le32(MT_TXD5_FL);
870
871 if (ieee80211_is_nullfunc(fc) && ieee80211_has_a4(fc) &&
872 ieee80211_vif_is_mld(info->control.vif)) {
873 txwi[5] |= cpu_to_le32(MT_TXD5_FL);
874 txwi[6] |= cpu_to_le32(MT_TXD6_DIS_MAT);
875 }
876
877 if (!wcid->sta && ieee80211_is_mgmt(fc))
878 txwi[6] |= cpu_to_le32(MT_TXD6_DIS_MAT);
879 }
880
mt7996_mac_write_txwi(struct mt7996_dev * dev,__le32 * txwi,struct sk_buff * skb,struct mt76_wcid * wcid,struct ieee80211_key_conf * key,int pid,enum mt76_txq_id qid,u32 changed)881 void mt7996_mac_write_txwi(struct mt7996_dev *dev, __le32 *txwi,
882 struct sk_buff *skb, struct mt76_wcid *wcid,
883 struct ieee80211_key_conf *key, int pid,
884 enum mt76_txq_id qid, u32 changed)
885 {
886 struct ieee80211_hdr *hdr = (struct ieee80211_hdr *)skb->data;
887 struct ieee80211_tx_info *info = IEEE80211_SKB_CB(skb);
888 struct ieee80211_vif *vif = info->control.vif;
889 u8 band_idx = (info->hw_queue & MT_TX_HW_QUEUE_PHY) >> 2;
890 u8 p_fmt, q_idx, omac_idx = 0, wmm_idx = 0;
891 bool is_8023 = info->flags & IEEE80211_TX_CTL_HW_80211_ENCAP;
892 struct mt76_vif_link *mlink = NULL;
893 struct mt7996_vif *mvif;
894 unsigned int link_id;
895 u16 tx_count = 15;
896 u32 val;
897 bool inband_disc = !!(changed & (BSS_CHANGED_UNSOL_BCAST_PROBE_RESP |
898 BSS_CHANGED_FILS_DISCOVERY));
899 bool beacon = !!(changed & (BSS_CHANGED_BEACON |
900 BSS_CHANGED_BEACON_ENABLED)) && (!inband_disc);
901
902 if (wcid != &dev->mt76.global_wcid)
903 link_id = wcid->link_id;
904 else
905 link_id = u32_get_bits(info->control.flags,
906 IEEE80211_TX_CTRL_MLO_LINK);
907
908 mvif = vif ? (struct mt7996_vif *)vif->drv_priv : NULL;
909 if (mvif) {
910 if (wcid->offchannel)
911 mlink = rcu_dereference(mvif->mt76.offchannel_link);
912 if (!mlink)
913 mlink = rcu_dereference(mvif->mt76.link[link_id]);
914 }
915
916 if (mlink) {
917 omac_idx = mlink->omac_idx;
918 wmm_idx = mlink->wmm_idx;
919 band_idx = mlink->band_idx;
920 }
921
922 if (inband_disc) {
923 p_fmt = MT_TX_TYPE_FW;
924 q_idx = MT_LMAC_ALTX0;
925 } else if (beacon) {
926 p_fmt = MT_TX_TYPE_FW;
927 q_idx = MT_LMAC_BCN0;
928 } else if (qid >= MT_TXQ_PSD) {
929 p_fmt = MT_TX_TYPE_CT;
930 q_idx = MT_LMAC_ALTX0;
931 } else {
932 p_fmt = MT_TX_TYPE_CT;
933 q_idx = wmm_idx * MT7996_MAX_WMM_SETS +
934 mt76_connac_lmac_mapping(skb_get_queue_mapping(skb));
935 }
936
937 val = FIELD_PREP(MT_TXD0_TX_BYTES, skb->len + MT_TXD_SIZE) |
938 FIELD_PREP(MT_TXD0_PKT_FMT, p_fmt) |
939 FIELD_PREP(MT_TXD0_Q_IDX, q_idx);
940 txwi[0] = cpu_to_le32(val);
941
942 val = FIELD_PREP(MT_TXD1_WLAN_IDX, wcid->idx) |
943 FIELD_PREP(MT_TXD1_OWN_MAC, omac_idx);
944
945 if (band_idx)
946 val |= FIELD_PREP(MT_TXD1_TGID, band_idx);
947
948 txwi[1] = cpu_to_le32(val);
949 txwi[2] = 0;
950
951 val = MT_TXD3_SW_POWER_MGMT |
952 FIELD_PREP(MT_TXD3_REM_TX_COUNT, tx_count);
953 if (key)
954 val |= MT_TXD3_PROTECT_FRAME;
955 if (info->flags & IEEE80211_TX_CTL_NO_ACK)
956 val |= MT_TXD3_NO_ACK;
957
958 txwi[3] = cpu_to_le32(val);
959 txwi[4] = 0;
960
961 val = FIELD_PREP(MT_TXD5_PID, pid);
962 if (pid >= MT_PACKET_ID_FIRST)
963 val |= MT_TXD5_TX_STATUS_HOST;
964 txwi[5] = cpu_to_le32(val);
965
966 val = MT_TXD6_DAS;
967 if (q_idx >= MT_LMAC_ALTX0 && q_idx <= MT_LMAC_BCN0)
968 val |= MT_TXD6_DIS_MAT;
969
970 if (is_mt7996(&dev->mt76))
971 val |= FIELD_PREP(MT_TXD6_MSDU_CNT, 1);
972 else if (is_8023 || !ieee80211_is_mgmt(hdr->frame_control))
973 val |= FIELD_PREP(MT_TXD6_MSDU_CNT_V2, 1);
974
975 txwi[6] = cpu_to_le32(val);
976 txwi[7] = 0;
977
978 if (is_8023)
979 mt7996_mac_write_txwi_8023(dev, txwi, skb, wcid);
980 else
981 mt7996_mac_write_txwi_80211(dev, txwi, skb, key, wcid);
982
983 if (txwi[1] & cpu_to_le32(MT_TXD1_FIXED_RATE)) {
984 bool mcast = ieee80211_is_data(hdr->frame_control) &&
985 is_multicast_ether_addr(hdr->addr1);
986 u8 idx = MT7996_BASIC_RATES_TBL;
987
988 if (mlink) {
989 if (mcast && mlink->mcast_rates_idx)
990 idx = mlink->mcast_rates_idx;
991 else if (beacon && mlink->beacon_rates_idx)
992 idx = mlink->beacon_rates_idx;
993 else
994 idx = mlink->basic_rates_idx;
995 }
996
997 val = FIELD_PREP(MT_TXD6_TX_RATE, idx) | MT_TXD6_FIXED_BW;
998 if (mcast)
999 val |= MT_TXD6_DIS_MAT;
1000 txwi[6] |= cpu_to_le32(val);
1001 txwi[3] |= cpu_to_le32(MT_TXD3_BA_DISABLE);
1002 }
1003 }
1004
1005 static bool
mt7996_tx_use_mgmt(struct mt7996_dev * dev,struct sk_buff * skb)1006 mt7996_tx_use_mgmt(struct mt7996_dev *dev, struct sk_buff *skb)
1007 {
1008 struct ieee80211_hdr *hdr = (struct ieee80211_hdr *)skb->data;
1009
1010 if (ieee80211_is_mgmt(hdr->frame_control))
1011 return true;
1012
1013 /* for SDO to bypass specific data frame */
1014 if (!mt7996_has_wa(dev)) {
1015 if (unlikely(skb->protocol == cpu_to_be16(ETH_P_PAE)))
1016 return true;
1017
1018 if (ieee80211_has_a4(hdr->frame_control) &&
1019 !ieee80211_is_data_present(hdr->frame_control))
1020 return true;
1021 }
1022
1023 return false;
1024 }
1025
mt7996_tx_prepare_skb(struct mt76_dev * mdev,void * txwi_ptr,enum mt76_txq_id qid,struct mt76_wcid * wcid,struct ieee80211_sta * sta,struct mt76_tx_info * tx_info)1026 int mt7996_tx_prepare_skb(struct mt76_dev *mdev, void *txwi_ptr,
1027 enum mt76_txq_id qid, struct mt76_wcid *wcid,
1028 struct ieee80211_sta *sta,
1029 struct mt76_tx_info *tx_info)
1030 {
1031 struct mt7996_dev *dev = container_of(mdev, struct mt7996_dev, mt76);
1032 struct ieee80211_tx_info *info = IEEE80211_SKB_CB(tx_info->skb);
1033 struct ieee80211_key_conf *key = info->control.hw_key;
1034 struct ieee80211_vif *vif = info->control.vif;
1035 struct mt76_connac_txp_common *txp;
1036 struct mt76_txwi_cache *t;
1037 int id, i, pid, nbuf = tx_info->nbuf - 1;
1038 bool is_8023 = info->flags & IEEE80211_TX_CTL_HW_80211_ENCAP;
1039 u8 *txwi = (u8 *)txwi_ptr;
1040
1041 if (unlikely(tx_info->skb->len <= ETH_HLEN))
1042 return -EINVAL;
1043
1044 if (!wcid)
1045 wcid = &dev->mt76.global_wcid;
1046
1047 t = (struct mt76_txwi_cache *)(txwi + mdev->drv->txwi_size);
1048 t->skb = tx_info->skb;
1049
1050 id = mt76_token_consume(mdev, &t);
1051 if (id < 0)
1052 return id;
1053
1054 pid = mt76_tx_status_skb_add(mdev, wcid, tx_info->skb);
1055 memset(txwi_ptr, 0, MT_TXD_SIZE);
1056 /* Transmit non qos data by 802.11 header and need to fill txd by host*/
1057 if (!is_8023 || pid >= MT_PACKET_ID_FIRST)
1058 mt7996_mac_write_txwi(dev, txwi_ptr, tx_info->skb, wcid, key,
1059 pid, qid, 0);
1060
1061 txp = (struct mt76_connac_txp_common *)(txwi + MT_TXD_SIZE);
1062 for (i = 0; i < nbuf; i++) {
1063 u16 len;
1064
1065 len = FIELD_PREP(MT_TXP_BUF_LEN, tx_info->buf[i + 1].len);
1066 #ifdef CONFIG_ARCH_DMA_ADDR_T_64BIT
1067 len |= FIELD_PREP(MT_TXP_DMA_ADDR_H,
1068 tx_info->buf[i + 1].addr >> 32);
1069 #endif
1070
1071 txp->fw.buf[i] = cpu_to_le32(tx_info->buf[i + 1].addr);
1072 txp->fw.len[i] = cpu_to_le16(len);
1073 }
1074 txp->fw.nbuf = nbuf;
1075
1076 txp->fw.flags = cpu_to_le16(MT_CT_INFO_FROM_HOST);
1077
1078 if (!is_8023 || pid >= MT_PACKET_ID_FIRST)
1079 txp->fw.flags |= cpu_to_le16(MT_CT_INFO_APPLY_TXD);
1080
1081 if (!key)
1082 txp->fw.flags |= cpu_to_le16(MT_CT_INFO_NONE_CIPHER_FRAME);
1083
1084 if (!is_8023 && mt7996_tx_use_mgmt(dev, tx_info->skb))
1085 txp->fw.flags |= cpu_to_le16(MT_CT_INFO_MGMT_FRAME);
1086
1087 if (vif) {
1088 struct mt7996_vif *mvif = (struct mt7996_vif *)vif->drv_priv;
1089 struct mt76_vif_link *mlink = NULL;
1090
1091 if (wcid->offchannel)
1092 mlink = rcu_dereference(mvif->mt76.offchannel_link);
1093 if (!mlink)
1094 mlink = rcu_dereference(mvif->mt76.link[wcid->link_id]);
1095
1096 txp->fw.bss_idx = mlink ? mlink->idx : mvif->deflink.mt76.idx;
1097 }
1098
1099 txp->fw.token = cpu_to_le16(id);
1100 txp->fw.rept_wds_wcid = cpu_to_le16(sta ? wcid->idx : 0xfff);
1101
1102 tx_info->skb = NULL;
1103
1104 /* pass partial skb header to fw */
1105 tx_info->buf[1].len = MT_CT_PARSE_LEN;
1106 tx_info->buf[1].skip_unmap = true;
1107 tx_info->nbuf = MT_CT_DMA_BUF_NUM;
1108
1109 return 0;
1110 }
1111
mt7996_wed_init_buf(void * ptr,dma_addr_t phys,int token_id)1112 u32 mt7996_wed_init_buf(void *ptr, dma_addr_t phys, int token_id)
1113 {
1114 #if defined(__linux__)
1115 struct mt76_connac_fw_txp *txp = ptr + MT_TXD_SIZE;
1116 #elif defined(__FreeBSD__)
1117 struct mt76_connac_fw_txp *txp = (void *)((u8 *)ptr + MT_TXD_SIZE);
1118 #endif
1119 __le32 *txwi = ptr;
1120 u32 val;
1121
1122 memset(ptr, 0, MT_TXD_SIZE + sizeof(*txp));
1123
1124 val = FIELD_PREP(MT_TXD0_TX_BYTES, MT_TXD_SIZE) |
1125 FIELD_PREP(MT_TXD0_PKT_FMT, MT_TX_TYPE_CT);
1126 txwi[0] = cpu_to_le32(val);
1127
1128 val = BIT(31) |
1129 FIELD_PREP(MT_TXD1_HDR_FORMAT, MT_HDR_FORMAT_802_3);
1130 txwi[1] = cpu_to_le32(val);
1131
1132 txp->token = cpu_to_le16(token_id);
1133 txp->nbuf = 1;
1134 txp->buf[0] = cpu_to_le32(phys + MT_TXD_SIZE + sizeof(*txp));
1135
1136 return MT_TXD_SIZE + sizeof(*txp);
1137 }
1138
1139 static void
mt7996_tx_check_aggr(struct ieee80211_link_sta * link_sta,struct mt76_wcid * wcid,struct sk_buff * skb)1140 mt7996_tx_check_aggr(struct ieee80211_link_sta *link_sta,
1141 struct mt76_wcid *wcid, struct sk_buff *skb)
1142 {
1143 struct ieee80211_tx_info *info = IEEE80211_SKB_CB(skb);
1144 bool is_8023 = info->flags & IEEE80211_TX_CTL_HW_80211_ENCAP;
1145 u16 fc, tid;
1146
1147 if (!(link_sta->ht_cap.ht_supported || link_sta->he_cap.has_he))
1148 return;
1149
1150 tid = skb->priority & IEEE80211_QOS_CTL_TID_MASK;
1151 if (tid >= 6) /* skip VO queue */
1152 return;
1153
1154 if (is_8023) {
1155 fc = IEEE80211_FTYPE_DATA |
1156 (link_sta->sta->wme ? IEEE80211_STYPE_QOS_DATA
1157 : IEEE80211_STYPE_DATA);
1158 } else {
1159 /* No need to get precise TID for Action/Management Frame,
1160 * since it will not meet the following Frame Control
1161 * condition anyway.
1162 */
1163
1164 struct ieee80211_hdr *hdr = (struct ieee80211_hdr *)skb->data;
1165
1166 fc = le16_to_cpu(hdr->frame_control) &
1167 (IEEE80211_FCTL_FTYPE | IEEE80211_FCTL_STYPE);
1168 }
1169
1170 if (unlikely(fc != (IEEE80211_FTYPE_DATA | IEEE80211_STYPE_QOS_DATA)))
1171 return;
1172
1173 if (!test_and_set_bit(tid, &wcid->ampdu_state))
1174 ieee80211_start_tx_ba_session(link_sta->sta, tid, 0);
1175 }
1176
1177 static void
mt7996_txwi_free(struct mt7996_dev * dev,struct mt76_txwi_cache * t,struct ieee80211_link_sta * link_sta,struct mt76_wcid * wcid,struct list_head * free_list)1178 mt7996_txwi_free(struct mt7996_dev *dev, struct mt76_txwi_cache *t,
1179 struct ieee80211_link_sta *link_sta,
1180 struct mt76_wcid *wcid, struct list_head *free_list)
1181 {
1182 struct mt76_dev *mdev = &dev->mt76;
1183 __le32 *txwi;
1184 u16 wcid_idx;
1185
1186 mt76_connac_txp_skb_unmap(mdev, t);
1187 if (!t->skb)
1188 goto out;
1189
1190 txwi = (__le32 *)mt76_get_txwi_ptr(mdev, t);
1191 if (link_sta) {
1192 wcid_idx = wcid->idx;
1193 if (likely(t->skb->protocol != cpu_to_be16(ETH_P_PAE)))
1194 mt7996_tx_check_aggr(link_sta, wcid, t->skb);
1195 } else {
1196 wcid_idx = le32_get_bits(txwi[9], MT_TXD9_WLAN_IDX);
1197 }
1198
1199 __mt76_tx_complete_skb(mdev, wcid_idx, t->skb, free_list);
1200
1201 out:
1202 t->skb = NULL;
1203 mt76_put_txwi(mdev, t);
1204 }
1205
1206 static void
mt7996_mac_tx_free(struct mt7996_dev * dev,void * data,int len)1207 mt7996_mac_tx_free(struct mt7996_dev *dev, void *data, int len)
1208 {
1209 __le32 *tx_free = (__le32 *)data, *cur_info;
1210 struct mt76_dev *mdev = &dev->mt76;
1211 struct mt76_phy *phy2 = mdev->phys[MT_BAND1];
1212 struct mt76_phy *phy3 = mdev->phys[MT_BAND2];
1213 struct ieee80211_link_sta *link_sta = NULL;
1214 struct mt76_txwi_cache *txwi;
1215 struct mt76_wcid *wcid = NULL;
1216 LIST_HEAD(free_list);
1217 struct sk_buff *skb, *tmp;
1218 #if defined(__linux__)
1219 void *end = data + len;
1220 #elif defined(__FreeBSD__)
1221 void *end = (u8 *)data + len;
1222 #endif
1223 bool wake = false;
1224 u16 total, count = 0;
1225 u8 ver;
1226
1227 /* clean DMA queues and unmap buffers first */
1228 mt76_queue_tx_cleanup(dev, dev->mphy.q_tx[MT_TXQ_PSD], false);
1229 mt76_queue_tx_cleanup(dev, dev->mphy.q_tx[MT_TXQ_BE], false);
1230 if (phy2) {
1231 mt76_queue_tx_cleanup(dev, phy2->q_tx[MT_TXQ_PSD], false);
1232 mt76_queue_tx_cleanup(dev, phy2->q_tx[MT_TXQ_BE], false);
1233 }
1234 if (phy3) {
1235 mt76_queue_tx_cleanup(dev, phy3->q_tx[MT_TXQ_PSD], false);
1236 mt76_queue_tx_cleanup(dev, phy3->q_tx[MT_TXQ_BE], false);
1237 }
1238
1239 ver = le32_get_bits(tx_free[1], MT_TXFREE1_VER);
1240 if (WARN_ON_ONCE(ver < 5))
1241 return;
1242
1243 total = le32_get_bits(tx_free[0], MT_TXFREE0_MSDU_CNT);
1244 for (cur_info = &tx_free[2]; count < total; cur_info++) {
1245 u32 msdu, info;
1246 u8 i;
1247
1248 if (WARN_ON_ONCE((void *)cur_info >= end))
1249 return;
1250 /* 1'b1: new wcid pair.
1251 * 1'b0: msdu_id with the same 'wcid pair' as above.
1252 */
1253 info = le32_to_cpu(*cur_info);
1254 if (info & MT_TXFREE_INFO_PAIR) {
1255 struct ieee80211_sta *sta;
1256 u16 idx;
1257
1258 idx = FIELD_GET(MT_TXFREE_INFO_WLAN_ID, info);
1259 wcid = mt76_wcid_ptr(dev, idx);
1260 sta = wcid_to_sta(wcid);
1261 if (!sta) {
1262 link_sta = NULL;
1263 goto next;
1264 }
1265
1266 link_sta = rcu_dereference(sta->link[wcid->link_id]);
1267 if (!link_sta)
1268 goto next;
1269
1270 mt76_wcid_add_poll(&dev->mt76, wcid);
1271 next:
1272 /* ver 7 has a new DW with pair = 1, skip it */
1273 if (ver == 7 && ((void *)(cur_info + 1) < end) &&
1274 (le32_to_cpu(*(cur_info + 1)) & MT_TXFREE_INFO_PAIR))
1275 cur_info++;
1276 continue;
1277 } else if (info & MT_TXFREE_INFO_HEADER) {
1278 u32 tx_retries = 0, tx_failed = 0;
1279
1280 if (!wcid)
1281 continue;
1282
1283 tx_retries =
1284 FIELD_GET(MT_TXFREE_INFO_COUNT, info) - 1;
1285 tx_failed = tx_retries +
1286 !!FIELD_GET(MT_TXFREE_INFO_STAT, info);
1287
1288 wcid->stats.tx_retries += tx_retries;
1289 wcid->stats.tx_failed += tx_failed;
1290 continue;
1291 }
1292
1293 for (i = 0; i < 2; i++) {
1294 msdu = (info >> (15 * i)) & MT_TXFREE_INFO_MSDU_ID;
1295 if (msdu == MT_TXFREE_INFO_MSDU_ID)
1296 continue;
1297
1298 count++;
1299 txwi = mt76_token_release(mdev, msdu, &wake);
1300 if (!txwi)
1301 continue;
1302
1303 mt7996_txwi_free(dev, txwi, link_sta, wcid,
1304 &free_list);
1305 }
1306 }
1307
1308 mt7996_mac_sta_poll(dev);
1309
1310 if (wake)
1311 mt76_set_tx_blocked(&dev->mt76, false);
1312
1313 mt76_worker_schedule(&dev->mt76.tx_worker);
1314
1315 list_for_each_entry_safe(skb, tmp, &free_list, list) {
1316 skb_list_del_init(skb);
1317 napi_consume_skb(skb, 1);
1318 }
1319 }
1320
1321 static bool
mt7996_mac_add_txs_skb(struct mt7996_dev * dev,struct mt76_wcid * wcid,int pid,__le32 * txs_data)1322 mt7996_mac_add_txs_skb(struct mt7996_dev *dev, struct mt76_wcid *wcid,
1323 int pid, __le32 *txs_data)
1324 {
1325 struct mt76_sta_stats *stats = &wcid->stats;
1326 struct ieee80211_supported_band *sband;
1327 struct mt76_dev *mdev = &dev->mt76;
1328 struct mt76_phy *mphy;
1329 struct ieee80211_tx_info *info;
1330 struct sk_buff_head list;
1331 struct rate_info rate = {};
1332 struct sk_buff *skb = NULL;
1333 bool cck = false;
1334 u32 txrate, txs, mode, stbc;
1335
1336 txs = le32_to_cpu(txs_data[0]);
1337
1338 mt76_tx_status_lock(mdev, &list);
1339
1340 /* only report MPDU TXS */
1341 if (le32_get_bits(txs_data[0], MT_TXS0_TXS_FORMAT) == 0) {
1342 skb = mt76_tx_status_skb_get(mdev, wcid, pid, &list);
1343 if (skb) {
1344 info = IEEE80211_SKB_CB(skb);
1345 if (!(txs & MT_TXS0_ACK_ERROR_MASK))
1346 info->flags |= IEEE80211_TX_STAT_ACK;
1347
1348 info->status.ampdu_len = 1;
1349 info->status.ampdu_ack_len =
1350 !!(info->flags & IEEE80211_TX_STAT_ACK);
1351
1352 info->status.rates[0].idx = -1;
1353 }
1354 }
1355
1356 if (mtk_wed_device_active(&dev->mt76.mmio.wed) && wcid->sta) {
1357 struct ieee80211_sta *sta;
1358 u8 tid;
1359
1360 sta = wcid_to_sta(wcid);
1361 tid = FIELD_GET(MT_TXS0_TID, txs);
1362 ieee80211_refresh_tx_agg_session_timer(sta, tid);
1363 }
1364
1365 txrate = FIELD_GET(MT_TXS0_TX_RATE, txs);
1366
1367 rate.mcs = FIELD_GET(MT_TX_RATE_IDX, txrate);
1368 rate.nss = FIELD_GET(MT_TX_RATE_NSS, txrate) + 1;
1369 stbc = le32_get_bits(txs_data[3], MT_TXS3_RATE_STBC);
1370
1371 if (stbc && rate.nss > 1)
1372 rate.nss >>= 1;
1373
1374 if (rate.nss - 1 < ARRAY_SIZE(stats->tx_nss))
1375 stats->tx_nss[rate.nss - 1]++;
1376 if (rate.mcs < ARRAY_SIZE(stats->tx_mcs))
1377 stats->tx_mcs[rate.mcs]++;
1378
1379 mode = FIELD_GET(MT_TX_RATE_MODE, txrate);
1380 switch (mode) {
1381 case MT_PHY_TYPE_CCK:
1382 cck = true;
1383 fallthrough;
1384 case MT_PHY_TYPE_OFDM:
1385 mphy = mt76_dev_phy(mdev, wcid->phy_idx);
1386
1387 if (mphy->chandef.chan->band == NL80211_BAND_5GHZ)
1388 sband = &mphy->sband_5g.sband;
1389 else if (mphy->chandef.chan->band == NL80211_BAND_6GHZ)
1390 sband = &mphy->sband_6g.sband;
1391 else
1392 sband = &mphy->sband_2g.sband;
1393
1394 rate.mcs = mt76_get_rate(mphy->dev, sband, rate.mcs, cck);
1395 rate.legacy = sband->bitrates[rate.mcs].bitrate;
1396 break;
1397 case MT_PHY_TYPE_HT:
1398 case MT_PHY_TYPE_HT_GF:
1399 if (rate.mcs > 31)
1400 goto out;
1401
1402 rate.flags = RATE_INFO_FLAGS_MCS;
1403 if (wcid->rate.flags & RATE_INFO_FLAGS_SHORT_GI)
1404 rate.flags |= RATE_INFO_FLAGS_SHORT_GI;
1405 break;
1406 case MT_PHY_TYPE_VHT:
1407 if (rate.mcs > 9)
1408 goto out;
1409
1410 rate.flags = RATE_INFO_FLAGS_VHT_MCS;
1411 if (wcid->rate.flags & RATE_INFO_FLAGS_SHORT_GI)
1412 rate.flags |= RATE_INFO_FLAGS_SHORT_GI;
1413 break;
1414 case MT_PHY_TYPE_HE_SU:
1415 case MT_PHY_TYPE_HE_EXT_SU:
1416 case MT_PHY_TYPE_HE_TB:
1417 case MT_PHY_TYPE_HE_MU:
1418 if (rate.mcs > 11)
1419 goto out;
1420
1421 rate.he_gi = wcid->rate.he_gi;
1422 rate.he_dcm = FIELD_GET(MT_TX_RATE_DCM, txrate);
1423 rate.flags = RATE_INFO_FLAGS_HE_MCS;
1424 break;
1425 case MT_PHY_TYPE_EHT_SU:
1426 case MT_PHY_TYPE_EHT_TRIG:
1427 case MT_PHY_TYPE_EHT_MU:
1428 if (rate.mcs > 13)
1429 goto out;
1430
1431 rate.eht_gi = wcid->rate.eht_gi;
1432 rate.flags = RATE_INFO_FLAGS_EHT_MCS;
1433 break;
1434 default:
1435 goto out;
1436 }
1437
1438 stats->tx_mode[mode]++;
1439
1440 switch (FIELD_GET(MT_TXS0_BW, txs)) {
1441 case IEEE80211_STA_RX_BW_320:
1442 rate.bw = RATE_INFO_BW_320;
1443 stats->tx_bw[4]++;
1444 break;
1445 case IEEE80211_STA_RX_BW_160:
1446 rate.bw = RATE_INFO_BW_160;
1447 stats->tx_bw[3]++;
1448 break;
1449 case IEEE80211_STA_RX_BW_80:
1450 rate.bw = RATE_INFO_BW_80;
1451 stats->tx_bw[2]++;
1452 break;
1453 case IEEE80211_STA_RX_BW_40:
1454 rate.bw = RATE_INFO_BW_40;
1455 stats->tx_bw[1]++;
1456 break;
1457 default:
1458 rate.bw = RATE_INFO_BW_20;
1459 stats->tx_bw[0]++;
1460 break;
1461 }
1462 wcid->rate = rate;
1463
1464 out:
1465 if (skb)
1466 mt76_tx_status_skb_done(mdev, skb, &list);
1467 mt76_tx_status_unlock(mdev, &list);
1468
1469 return !!skb;
1470 }
1471
mt7996_mac_add_txs(struct mt7996_dev * dev,void * data)1472 static void mt7996_mac_add_txs(struct mt7996_dev *dev, void *data)
1473 {
1474 struct mt7996_sta_link *msta_link;
1475 struct mt76_wcid *wcid;
1476 __le32 *txs_data = data;
1477 u16 wcidx;
1478 u8 pid;
1479
1480 wcidx = le32_get_bits(txs_data[2], MT_TXS2_WCID);
1481 pid = le32_get_bits(txs_data[3], MT_TXS3_PID);
1482
1483 if (pid < MT_PACKET_ID_NO_SKB)
1484 return;
1485
1486 rcu_read_lock();
1487
1488 wcid = mt76_wcid_ptr(dev, wcidx);
1489 if (!wcid)
1490 goto out;
1491
1492 mt7996_mac_add_txs_skb(dev, wcid, pid, txs_data);
1493
1494 if (!wcid->sta)
1495 goto out;
1496
1497 msta_link = container_of(wcid, struct mt7996_sta_link, wcid);
1498 mt76_wcid_add_poll(&dev->mt76, &msta_link->wcid);
1499
1500 out:
1501 rcu_read_unlock();
1502 }
1503
mt7996_rx_check(struct mt76_dev * mdev,void * data,int len)1504 bool mt7996_rx_check(struct mt76_dev *mdev, void *data, int len)
1505 {
1506 struct mt7996_dev *dev = container_of(mdev, struct mt7996_dev, mt76);
1507 __le32 *rxd = (__le32 *)data;
1508 __le32 *end = (__le32 *)&rxd[len / 4];
1509 enum rx_pkt_type type;
1510
1511 type = le32_get_bits(rxd[0], MT_RXD0_PKT_TYPE);
1512 if (type != PKT_TYPE_NORMAL) {
1513 u32 sw_type = le32_get_bits(rxd[0], MT_RXD0_SW_PKT_TYPE_MASK);
1514
1515 if (unlikely((sw_type & MT_RXD0_SW_PKT_TYPE_MAP) ==
1516 MT_RXD0_SW_PKT_TYPE_FRAME))
1517 return true;
1518 }
1519
1520 switch (type) {
1521 case PKT_TYPE_TXRX_NOTIFY:
1522 mt7996_mac_tx_free(dev, data, len);
1523 return false;
1524 case PKT_TYPE_TXS:
1525 for (rxd += MT_TXS_HDR_SIZE; rxd + MT_TXS_SIZE <= end; rxd += MT_TXS_SIZE)
1526 mt7996_mac_add_txs(dev, rxd);
1527 return false;
1528 case PKT_TYPE_RX_FW_MONITOR:
1529 #if defined(CONFIG_MT7996_DEBUGFS)
1530 mt7996_debugfs_rx_fw_monitor(dev, data, len);
1531 #endif
1532 return false;
1533 default:
1534 return true;
1535 }
1536 }
1537
mt7996_queue_rx_skb(struct mt76_dev * mdev,enum mt76_rxq_id q,struct sk_buff * skb,u32 * info)1538 void mt7996_queue_rx_skb(struct mt76_dev *mdev, enum mt76_rxq_id q,
1539 struct sk_buff *skb, u32 *info)
1540 {
1541 struct mt7996_dev *dev = container_of(mdev, struct mt7996_dev, mt76);
1542 __le32 *rxd = (__le32 *)skb->data;
1543 __le32 *end = (__le32 *)&skb->data[skb->len];
1544 enum rx_pkt_type type;
1545
1546 type = le32_get_bits(rxd[0], MT_RXD0_PKT_TYPE);
1547 if (type != PKT_TYPE_NORMAL) {
1548 u32 sw_type = le32_get_bits(rxd[0], MT_RXD0_SW_PKT_TYPE_MASK);
1549
1550 if (unlikely((sw_type & MT_RXD0_SW_PKT_TYPE_MAP) ==
1551 MT_RXD0_SW_PKT_TYPE_FRAME))
1552 type = PKT_TYPE_NORMAL;
1553 }
1554
1555 switch (type) {
1556 case PKT_TYPE_TXRX_NOTIFY:
1557 if (mtk_wed_device_active(&dev->mt76.mmio.wed_hif2) &&
1558 q == MT_RXQ_TXFREE_BAND2) {
1559 dev_kfree_skb(skb);
1560 break;
1561 }
1562
1563 mt7996_mac_tx_free(dev, skb->data, skb->len);
1564 napi_consume_skb(skb, 1);
1565 break;
1566 case PKT_TYPE_RX_EVENT:
1567 mt7996_mcu_rx_event(dev, skb);
1568 break;
1569 case PKT_TYPE_TXS:
1570 for (rxd += MT_TXS_HDR_SIZE; rxd + MT_TXS_SIZE <= end; rxd += MT_TXS_SIZE)
1571 mt7996_mac_add_txs(dev, rxd);
1572 dev_kfree_skb(skb);
1573 break;
1574 case PKT_TYPE_RX_FW_MONITOR:
1575 #if defined(CONFIG_MT7996_DEBUGFS)
1576 mt7996_debugfs_rx_fw_monitor(dev, skb->data, skb->len);
1577 #endif
1578 dev_kfree_skb(skb);
1579 break;
1580 case PKT_TYPE_NORMAL:
1581 if (!mt7996_mac_fill_rx(dev, q, skb, info)) {
1582 mt76_rx(&dev->mt76, q, skb);
1583 return;
1584 }
1585 fallthrough;
1586 default:
1587 dev_kfree_skb(skb);
1588 break;
1589 }
1590 }
1591
mt7996_mac_cca_stats_reset(struct mt7996_phy * phy)1592 void mt7996_mac_cca_stats_reset(struct mt7996_phy *phy)
1593 {
1594 struct mt7996_dev *dev = phy->dev;
1595 u32 reg = MT_WF_PHYRX_BAND_RX_CTRL1(phy->mt76->band_idx);
1596
1597 mt76_clear(dev, reg, MT_WF_PHYRX_BAND_RX_CTRL1_STSCNT_EN);
1598 mt76_set(dev, reg, BIT(11) | BIT(9));
1599 }
1600
mt7996_mac_reset_counters(struct mt7996_phy * phy)1601 void mt7996_mac_reset_counters(struct mt7996_phy *phy)
1602 {
1603 struct mt7996_dev *dev = phy->dev;
1604 u8 band_idx = phy->mt76->band_idx;
1605 int i;
1606
1607 for (i = 0; i < 16; i++)
1608 mt76_rr(dev, MT_TX_AGG_CNT(band_idx, i));
1609
1610 phy->mt76->survey_time = ktime_get_boottime();
1611
1612 memset(phy->mt76->aggr_stats, 0, sizeof(phy->mt76->aggr_stats));
1613
1614 /* reset airtime counters */
1615 mt76_set(dev, MT_WF_RMAC_MIB_AIRTIME0(band_idx),
1616 MT_WF_RMAC_MIB_RXTIME_CLR);
1617
1618 mt7996_mcu_get_chan_mib_info(phy, true);
1619 }
1620
mt7996_mac_set_coverage_class(struct mt7996_phy * phy)1621 void mt7996_mac_set_coverage_class(struct mt7996_phy *phy)
1622 {
1623 s16 coverage_class = phy->coverage_class;
1624 struct mt7996_dev *dev = phy->dev;
1625 struct mt7996_phy *phy2 = mt7996_phy2(dev);
1626 struct mt7996_phy *phy3 = mt7996_phy3(dev);
1627 u32 reg_offset;
1628 u32 cck = FIELD_PREP(MT_TIMEOUT_VAL_PLCP, 231) |
1629 FIELD_PREP(MT_TIMEOUT_VAL_CCA, 48);
1630 u32 ofdm = FIELD_PREP(MT_TIMEOUT_VAL_PLCP, 60) |
1631 FIELD_PREP(MT_TIMEOUT_VAL_CCA, 28);
1632 u8 band_idx = phy->mt76->band_idx;
1633 int offset;
1634
1635 if (!test_bit(MT76_STATE_RUNNING, &phy->mt76->state))
1636 return;
1637
1638 if (phy2)
1639 coverage_class = max_t(s16, dev->phy.coverage_class,
1640 phy2->coverage_class);
1641
1642 if (phy3)
1643 coverage_class = max_t(s16, coverage_class,
1644 phy3->coverage_class);
1645
1646 offset = 3 * coverage_class;
1647 reg_offset = FIELD_PREP(MT_TIMEOUT_VAL_PLCP, offset) |
1648 FIELD_PREP(MT_TIMEOUT_VAL_CCA, offset);
1649
1650 mt76_wr(dev, MT_TMAC_CDTR(band_idx), cck + reg_offset);
1651 mt76_wr(dev, MT_TMAC_ODTR(band_idx), ofdm + reg_offset);
1652 }
1653
mt7996_mac_enable_nf(struct mt7996_dev * dev,u8 band)1654 void mt7996_mac_enable_nf(struct mt7996_dev *dev, u8 band)
1655 {
1656 mt76_set(dev, MT_WF_PHYRX_CSD_BAND_RXTD12(band),
1657 MT_WF_PHYRX_CSD_BAND_RXTD12_IRPI_SW_CLR_ONLY |
1658 MT_WF_PHYRX_CSD_BAND_RXTD12_IRPI_SW_CLR);
1659
1660 mt76_set(dev, MT_WF_PHYRX_BAND_RX_CTRL1(band),
1661 FIELD_PREP(MT_WF_PHYRX_BAND_RX_CTRL1_IPI_EN, 0x5));
1662 }
1663
1664 static u8
mt7996_phy_get_nf(struct mt7996_phy * phy,u8 band_idx)1665 mt7996_phy_get_nf(struct mt7996_phy *phy, u8 band_idx)
1666 {
1667 static const u8 nf_power[] = { 92, 89, 86, 83, 80, 75, 70, 65, 60, 55, 52 };
1668 struct mt7996_dev *dev = phy->dev;
1669 u32 val, sum = 0, n = 0;
1670 int ant, i;
1671
1672 for (ant = 0; ant < hweight8(phy->mt76->antenna_mask); ant++) {
1673 u32 reg = MT_WF_PHYRX_CSD_IRPI(band_idx, ant);
1674
1675 for (i = 0; i < ARRAY_SIZE(nf_power); i++, reg += 4) {
1676 val = mt76_rr(dev, reg);
1677 sum += val * nf_power[i];
1678 n += val;
1679 }
1680 }
1681
1682 return n ? sum / n : 0;
1683 }
1684
mt7996_update_channel(struct mt76_phy * mphy)1685 void mt7996_update_channel(struct mt76_phy *mphy)
1686 {
1687 struct mt7996_phy *phy = mphy->priv;
1688 struct mt76_channel_state *state = mphy->chan_state;
1689 int nf;
1690
1691 mt7996_mcu_get_chan_mib_info(phy, false);
1692
1693 nf = mt7996_phy_get_nf(phy, mphy->band_idx);
1694 if (!phy->noise)
1695 phy->noise = nf << 4;
1696 else if (nf)
1697 phy->noise += nf - (phy->noise >> 4);
1698
1699 state->noise = -(phy->noise >> 4);
1700 }
1701
1702 static bool
mt7996_wait_reset_state(struct mt7996_dev * dev,u32 state)1703 mt7996_wait_reset_state(struct mt7996_dev *dev, u32 state)
1704 {
1705 bool ret;
1706
1707 ret = wait_event_timeout(dev->reset_wait,
1708 (READ_ONCE(dev->recovery.state) & state),
1709 MT7996_RESET_TIMEOUT);
1710
1711 WARN(!ret, "Timeout waiting for MCU reset state %x\n", state);
1712 return ret;
1713 }
1714
1715 static void
mt7996_update_vif_beacon(void * priv,u8 * mac,struct ieee80211_vif * vif)1716 mt7996_update_vif_beacon(void *priv, u8 *mac, struct ieee80211_vif *vif)
1717 {
1718 struct ieee80211_bss_conf *link_conf;
1719 struct mt7996_phy *phy = priv;
1720 struct mt7996_dev *dev = phy->dev;
1721 unsigned int link_id;
1722
1723
1724 switch (vif->type) {
1725 case NL80211_IFTYPE_MESH_POINT:
1726 case NL80211_IFTYPE_ADHOC:
1727 case NL80211_IFTYPE_AP:
1728 break;
1729 default:
1730 return;
1731 }
1732
1733 for_each_vif_active_link(vif, link_conf, link_id) {
1734 struct mt7996_vif_link *link;
1735
1736 link = mt7996_vif_link(dev, vif, link_id);
1737 if (!link || link->phy != phy)
1738 continue;
1739
1740 mt7996_mcu_add_beacon(dev->mt76.hw, vif, link_conf);
1741 }
1742 }
1743
mt7996_mac_update_beacons(struct mt7996_phy * phy)1744 void mt7996_mac_update_beacons(struct mt7996_phy *phy)
1745 {
1746 ieee80211_iterate_active_interfaces(phy->mt76->hw,
1747 IEEE80211_IFACE_ITER_RESUME_ALL,
1748 mt7996_update_vif_beacon, phy);
1749 }
1750
1751 static void
mt7996_update_beacons(struct mt7996_dev * dev)1752 mt7996_update_beacons(struct mt7996_dev *dev)
1753 {
1754 struct mt76_phy *phy2, *phy3;
1755
1756 mt7996_mac_update_beacons(&dev->phy);
1757
1758 phy2 = dev->mt76.phys[MT_BAND1];
1759 if (phy2)
1760 mt7996_mac_update_beacons(phy2->priv);
1761
1762 phy3 = dev->mt76.phys[MT_BAND2];
1763 if (phy3)
1764 mt7996_mac_update_beacons(phy3->priv);
1765 }
1766
mt7996_tx_token_put(struct mt7996_dev * dev)1767 void mt7996_tx_token_put(struct mt7996_dev *dev)
1768 {
1769 struct mt76_txwi_cache *txwi;
1770 int id;
1771
1772 spin_lock_bh(&dev->mt76.token_lock);
1773 idr_for_each_entry(&dev->mt76.token, txwi, id) {
1774 mt7996_txwi_free(dev, txwi, NULL, NULL, NULL);
1775 dev->mt76.token_count--;
1776 }
1777 spin_unlock_bh(&dev->mt76.token_lock);
1778 idr_destroy(&dev->mt76.token);
1779 }
1780
1781 static int
mt7996_mac_restart(struct mt7996_dev * dev)1782 mt7996_mac_restart(struct mt7996_dev *dev)
1783 {
1784 struct mt7996_phy *phy2, *phy3;
1785 struct mt76_dev *mdev = &dev->mt76;
1786 int i, ret;
1787
1788 phy2 = mt7996_phy2(dev);
1789 phy3 = mt7996_phy3(dev);
1790
1791 if (dev->hif2) {
1792 mt76_wr(dev, MT_INT1_MASK_CSR, 0x0);
1793 mt76_wr(dev, MT_INT1_SOURCE_CSR, ~0);
1794 }
1795
1796 if (dev_is_pci(mdev->dev)) {
1797 mt76_wr(dev, MT_PCIE_MAC_INT_ENABLE, 0x0);
1798 if (dev->hif2)
1799 mt76_wr(dev, MT_PCIE1_MAC_INT_ENABLE, 0x0);
1800 }
1801
1802 set_bit(MT76_RESET, &dev->mphy.state);
1803 set_bit(MT76_MCU_RESET, &dev->mphy.state);
1804 wake_up(&dev->mt76.mcu.wait);
1805 if (phy2)
1806 set_bit(MT76_RESET, &phy2->mt76->state);
1807 if (phy3)
1808 set_bit(MT76_RESET, &phy3->mt76->state);
1809
1810 /* lock/unlock all queues to ensure that no tx is pending */
1811 mt76_txq_schedule_all(&dev->mphy);
1812 if (phy2)
1813 mt76_txq_schedule_all(phy2->mt76);
1814 if (phy3)
1815 mt76_txq_schedule_all(phy3->mt76);
1816
1817 /* disable all tx/rx napi */
1818 mt76_worker_disable(&dev->mt76.tx_worker);
1819 mt76_for_each_q_rx(mdev, i) {
1820 if (mtk_wed_device_active(&dev->mt76.mmio.wed) &&
1821 mt76_queue_is_wed_rro(&mdev->q_rx[i]))
1822 continue;
1823
1824 if (mdev->q_rx[i].ndesc)
1825 napi_disable(&dev->mt76.napi[i]);
1826 }
1827 napi_disable(&dev->mt76.tx_napi);
1828
1829 /* token reinit */
1830 mt7996_tx_token_put(dev);
1831 idr_init(&dev->mt76.token);
1832
1833 mt7996_dma_reset(dev, true);
1834
1835 mt76_for_each_q_rx(mdev, i) {
1836 if (mtk_wed_device_active(&dev->mt76.mmio.wed) &&
1837 mt76_queue_is_wed_rro(&mdev->q_rx[i]))
1838 continue;
1839
1840 if (mdev->q_rx[i].ndesc) {
1841 napi_enable(&dev->mt76.napi[i]);
1842 local_bh_disable();
1843 napi_schedule(&dev->mt76.napi[i]);
1844 local_bh_enable();
1845 }
1846 }
1847 clear_bit(MT76_MCU_RESET, &dev->mphy.state);
1848 clear_bit(MT76_STATE_MCU_RUNNING, &dev->mphy.state);
1849
1850 mt76_wr(dev, MT_INT_MASK_CSR, dev->mt76.mmio.irqmask);
1851 mt76_wr(dev, MT_INT_SOURCE_CSR, ~0);
1852 if (dev->hif2) {
1853 mt76_wr(dev, MT_INT1_MASK_CSR, dev->mt76.mmio.irqmask);
1854 mt76_wr(dev, MT_INT1_SOURCE_CSR, ~0);
1855 }
1856 if (dev_is_pci(mdev->dev)) {
1857 mt76_wr(dev, MT_PCIE_MAC_INT_ENABLE, 0xff);
1858 if (dev->hif2)
1859 mt76_wr(dev, MT_PCIE1_MAC_INT_ENABLE, 0xff);
1860 }
1861
1862 /* load firmware */
1863 ret = mt7996_mcu_init_firmware(dev);
1864 if (ret)
1865 goto out;
1866
1867 /* set the necessary init items */
1868 ret = mt7996_mcu_set_eeprom(dev);
1869 if (ret)
1870 goto out;
1871
1872 mt7996_mac_init(dev);
1873 mt7996_init_txpower(&dev->phy);
1874 mt7996_init_txpower(phy2);
1875 mt7996_init_txpower(phy3);
1876 ret = mt7996_txbf_init(dev);
1877
1878 if (test_bit(MT76_STATE_RUNNING, &dev->mphy.state)) {
1879 ret = mt7996_run(&dev->phy);
1880 if (ret)
1881 goto out;
1882 }
1883
1884 if (phy2 && test_bit(MT76_STATE_RUNNING, &phy2->mt76->state)) {
1885 ret = mt7996_run(phy2);
1886 if (ret)
1887 goto out;
1888 }
1889
1890 if (phy3 && test_bit(MT76_STATE_RUNNING, &phy3->mt76->state)) {
1891 ret = mt7996_run(phy3);
1892 if (ret)
1893 goto out;
1894 }
1895
1896 out:
1897 /* reset done */
1898 clear_bit(MT76_RESET, &dev->mphy.state);
1899 if (phy2)
1900 clear_bit(MT76_RESET, &phy2->mt76->state);
1901 if (phy3)
1902 clear_bit(MT76_RESET, &phy3->mt76->state);
1903
1904 napi_enable(&dev->mt76.tx_napi);
1905 local_bh_disable();
1906 napi_schedule(&dev->mt76.tx_napi);
1907 local_bh_enable();
1908
1909 mt76_worker_enable(&dev->mt76.tx_worker);
1910 return ret;
1911 }
1912
1913 static void
mt7996_mac_full_reset(struct mt7996_dev * dev)1914 mt7996_mac_full_reset(struct mt7996_dev *dev)
1915 {
1916 struct mt7996_phy *phy2, *phy3;
1917 int i;
1918
1919 phy2 = mt7996_phy2(dev);
1920 phy3 = mt7996_phy3(dev);
1921 dev->recovery.hw_full_reset = true;
1922
1923 wake_up(&dev->mt76.mcu.wait);
1924 ieee80211_stop_queues(mt76_hw(dev));
1925 if (phy2)
1926 ieee80211_stop_queues(phy2->mt76->hw);
1927 if (phy3)
1928 ieee80211_stop_queues(phy3->mt76->hw);
1929
1930 cancel_work_sync(&dev->wed_rro.work);
1931 cancel_delayed_work_sync(&dev->mphy.mac_work);
1932 if (phy2)
1933 cancel_delayed_work_sync(&phy2->mt76->mac_work);
1934 if (phy3)
1935 cancel_delayed_work_sync(&phy3->mt76->mac_work);
1936
1937 mutex_lock(&dev->mt76.mutex);
1938 for (i = 0; i < 10; i++) {
1939 if (!mt7996_mac_restart(dev))
1940 break;
1941 }
1942 mutex_unlock(&dev->mt76.mutex);
1943
1944 if (i == 10)
1945 dev_err(dev->mt76.dev, "chip full reset failed\n");
1946
1947 ieee80211_restart_hw(mt76_hw(dev));
1948 if (phy2)
1949 ieee80211_restart_hw(phy2->mt76->hw);
1950 if (phy3)
1951 ieee80211_restart_hw(phy3->mt76->hw);
1952
1953 ieee80211_wake_queues(mt76_hw(dev));
1954 if (phy2)
1955 ieee80211_wake_queues(phy2->mt76->hw);
1956 if (phy3)
1957 ieee80211_wake_queues(phy3->mt76->hw);
1958
1959 dev->recovery.hw_full_reset = false;
1960 ieee80211_queue_delayed_work(mt76_hw(dev),
1961 &dev->mphy.mac_work,
1962 MT7996_WATCHDOG_TIME);
1963 if (phy2)
1964 ieee80211_queue_delayed_work(phy2->mt76->hw,
1965 &phy2->mt76->mac_work,
1966 MT7996_WATCHDOG_TIME);
1967 if (phy3)
1968 ieee80211_queue_delayed_work(phy3->mt76->hw,
1969 &phy3->mt76->mac_work,
1970 MT7996_WATCHDOG_TIME);
1971 }
1972
mt7996_mac_reset_work(struct work_struct * work)1973 void mt7996_mac_reset_work(struct work_struct *work)
1974 {
1975 struct mt7996_phy *phy2, *phy3;
1976 struct mt7996_dev *dev;
1977 int i;
1978
1979 dev = container_of(work, struct mt7996_dev, reset_work);
1980 phy2 = mt7996_phy2(dev);
1981 phy3 = mt7996_phy3(dev);
1982
1983 /* chip full reset */
1984 if (dev->recovery.restart) {
1985 /* disable WA/WM WDT */
1986 mt76_clear(dev, MT_WFDMA0_MCU_HOST_INT_ENA,
1987 MT_MCU_CMD_WDT_MASK);
1988
1989 if (READ_ONCE(dev->recovery.state) & MT_MCU_CMD_WA_WDT)
1990 dev->recovery.wa_reset_count++;
1991 else
1992 dev->recovery.wm_reset_count++;
1993
1994 mt7996_mac_full_reset(dev);
1995
1996 /* enable mcu irq */
1997 mt7996_irq_enable(dev, MT_INT_MCU_CMD);
1998 mt7996_irq_disable(dev, 0);
1999
2000 /* enable WA/WM WDT */
2001 mt76_set(dev, MT_WFDMA0_MCU_HOST_INT_ENA, MT_MCU_CMD_WDT_MASK);
2002
2003 dev->recovery.state = MT_MCU_CMD_NORMAL_STATE;
2004 dev->recovery.restart = false;
2005 return;
2006 }
2007
2008 if (!(READ_ONCE(dev->recovery.state) & MT_MCU_CMD_STOP_DMA))
2009 return;
2010
2011 dev_info(dev->mt76.dev,"\n%s L1 SER recovery start.",
2012 wiphy_name(dev->mt76.hw->wiphy));
2013
2014 if (mtk_wed_device_active(&dev->mt76.mmio.wed_hif2))
2015 mtk_wed_device_stop(&dev->mt76.mmio.wed_hif2);
2016
2017 if (mtk_wed_device_active(&dev->mt76.mmio.wed))
2018 mtk_wed_device_stop(&dev->mt76.mmio.wed);
2019
2020 ieee80211_stop_queues(mt76_hw(dev));
2021 if (phy2)
2022 ieee80211_stop_queues(phy2->mt76->hw);
2023 if (phy3)
2024 ieee80211_stop_queues(phy3->mt76->hw);
2025
2026 set_bit(MT76_RESET, &dev->mphy.state);
2027 set_bit(MT76_MCU_RESET, &dev->mphy.state);
2028 wake_up(&dev->mt76.mcu.wait);
2029
2030 cancel_work_sync(&dev->wed_rro.work);
2031 cancel_delayed_work_sync(&dev->mphy.mac_work);
2032 if (phy2) {
2033 set_bit(MT76_RESET, &phy2->mt76->state);
2034 cancel_delayed_work_sync(&phy2->mt76->mac_work);
2035 }
2036 if (phy3) {
2037 set_bit(MT76_RESET, &phy3->mt76->state);
2038 cancel_delayed_work_sync(&phy3->mt76->mac_work);
2039 }
2040 mt76_worker_disable(&dev->mt76.tx_worker);
2041 mt76_for_each_q_rx(&dev->mt76, i) {
2042 if (mtk_wed_device_active(&dev->mt76.mmio.wed) &&
2043 mt76_queue_is_wed_rro(&dev->mt76.q_rx[i]))
2044 continue;
2045
2046 napi_disable(&dev->mt76.napi[i]);
2047 }
2048 napi_disable(&dev->mt76.tx_napi);
2049
2050 mutex_lock(&dev->mt76.mutex);
2051
2052 mt76_wr(dev, MT_MCU_INT_EVENT, MT_MCU_INT_EVENT_DMA_STOPPED);
2053
2054 if (mt7996_wait_reset_state(dev, MT_MCU_CMD_RESET_DONE)) {
2055 mt7996_dma_reset(dev, false);
2056
2057 mt7996_tx_token_put(dev);
2058 idr_init(&dev->mt76.token);
2059
2060 mt76_wr(dev, MT_MCU_INT_EVENT, MT_MCU_INT_EVENT_DMA_INIT);
2061 mt7996_wait_reset_state(dev, MT_MCU_CMD_RECOVERY_DONE);
2062 }
2063
2064 mt76_wr(dev, MT_MCU_INT_EVENT, MT_MCU_INT_EVENT_RESET_DONE);
2065 mt7996_wait_reset_state(dev, MT_MCU_CMD_NORMAL_STATE);
2066
2067 /* enable DMA Tx/Tx and interrupt */
2068 mt7996_dma_start(dev, false, false);
2069
2070 if (mtk_wed_device_active(&dev->mt76.mmio.wed)) {
2071 u32 wed_irq_mask = MT_INT_RRO_RX_DONE | MT_INT_TX_DONE_BAND2 |
2072 dev->mt76.mmio.irqmask;
2073
2074 if (mtk_wed_get_rx_capa(&dev->mt76.mmio.wed))
2075 wed_irq_mask &= ~MT_INT_RX_DONE_RRO_IND;
2076
2077 mt76_wr(dev, MT_INT_MASK_CSR, wed_irq_mask);
2078
2079 mtk_wed_device_start_hw_rro(&dev->mt76.mmio.wed, wed_irq_mask,
2080 true);
2081 mt7996_irq_enable(dev, wed_irq_mask);
2082 mt7996_irq_disable(dev, 0);
2083 }
2084
2085 if (mtk_wed_device_active(&dev->mt76.mmio.wed_hif2)) {
2086 mt76_wr(dev, MT_INT_PCIE1_MASK_CSR, MT_INT_TX_RX_DONE_EXT);
2087 mtk_wed_device_start(&dev->mt76.mmio.wed_hif2,
2088 MT_INT_TX_RX_DONE_EXT);
2089 }
2090
2091 clear_bit(MT76_MCU_RESET, &dev->mphy.state);
2092 clear_bit(MT76_RESET, &dev->mphy.state);
2093 if (phy2)
2094 clear_bit(MT76_RESET, &phy2->mt76->state);
2095 if (phy3)
2096 clear_bit(MT76_RESET, &phy3->mt76->state);
2097
2098 mt76_for_each_q_rx(&dev->mt76, i) {
2099 if (mtk_wed_device_active(&dev->mt76.mmio.wed) &&
2100 mt76_queue_is_wed_rro(&dev->mt76.q_rx[i]))
2101 continue;
2102
2103 napi_enable(&dev->mt76.napi[i]);
2104 local_bh_disable();
2105 napi_schedule(&dev->mt76.napi[i]);
2106 local_bh_enable();
2107 }
2108
2109 tasklet_schedule(&dev->mt76.irq_tasklet);
2110
2111 mt76_worker_enable(&dev->mt76.tx_worker);
2112
2113 napi_enable(&dev->mt76.tx_napi);
2114 local_bh_disable();
2115 napi_schedule(&dev->mt76.tx_napi);
2116 local_bh_enable();
2117
2118 ieee80211_wake_queues(mt76_hw(dev));
2119 if (phy2)
2120 ieee80211_wake_queues(phy2->mt76->hw);
2121 if (phy3)
2122 ieee80211_wake_queues(phy3->mt76->hw);
2123
2124 mutex_unlock(&dev->mt76.mutex);
2125
2126 mt7996_update_beacons(dev);
2127
2128 ieee80211_queue_delayed_work(mt76_hw(dev), &dev->mphy.mac_work,
2129 MT7996_WATCHDOG_TIME);
2130 if (phy2)
2131 ieee80211_queue_delayed_work(phy2->mt76->hw,
2132 &phy2->mt76->mac_work,
2133 MT7996_WATCHDOG_TIME);
2134 if (phy3)
2135 ieee80211_queue_delayed_work(phy3->mt76->hw,
2136 &phy3->mt76->mac_work,
2137 MT7996_WATCHDOG_TIME);
2138 dev_info(dev->mt76.dev,"\n%s L1 SER recovery completed.",
2139 wiphy_name(dev->mt76.hw->wiphy));
2140 }
2141
2142 /* firmware coredump */
mt7996_mac_dump_work(struct work_struct * work)2143 void mt7996_mac_dump_work(struct work_struct *work)
2144 {
2145 const struct mt7996_mem_region *mem_region;
2146 struct mt7996_crash_data *crash_data;
2147 struct mt7996_dev *dev;
2148 struct mt7996_mem_hdr *hdr;
2149 size_t buf_len;
2150 int i;
2151 u32 num;
2152 u8 *buf;
2153
2154 dev = container_of(work, struct mt7996_dev, dump_work);
2155
2156 mutex_lock(&dev->dump_mutex);
2157
2158 crash_data = mt7996_coredump_new(dev);
2159 if (!crash_data) {
2160 mutex_unlock(&dev->dump_mutex);
2161 goto skip_coredump;
2162 }
2163
2164 mem_region = mt7996_coredump_get_mem_layout(dev, &num);
2165 if (!mem_region || !crash_data->memdump_buf_len) {
2166 mutex_unlock(&dev->dump_mutex);
2167 goto skip_memdump;
2168 }
2169
2170 buf = crash_data->memdump_buf;
2171 buf_len = crash_data->memdump_buf_len;
2172
2173 /* dumping memory content... */
2174 memset(buf, 0, buf_len);
2175 for (i = 0; i < num; i++) {
2176 if (mem_region->len > buf_len) {
2177 dev_warn(dev->mt76.dev, "%s len %zu is too large\n",
2178 mem_region->name, mem_region->len);
2179 break;
2180 }
2181
2182 /* reserve space for the header */
2183 hdr = (void *)buf;
2184 buf += sizeof(*hdr);
2185 buf_len -= sizeof(*hdr);
2186
2187 mt7996_memcpy_fromio(dev, buf, mem_region->start,
2188 mem_region->len);
2189
2190 hdr->start = mem_region->start;
2191 hdr->len = mem_region->len;
2192
2193 if (!mem_region->len)
2194 /* note: the header remains, just with zero length */
2195 break;
2196
2197 buf += mem_region->len;
2198 buf_len -= mem_region->len;
2199
2200 mem_region++;
2201 }
2202
2203 mutex_unlock(&dev->dump_mutex);
2204
2205 skip_memdump:
2206 mt7996_coredump_submit(dev);
2207 skip_coredump:
2208 queue_work(dev->mt76.wq, &dev->reset_work);
2209 }
2210
mt7996_reset(struct mt7996_dev * dev)2211 void mt7996_reset(struct mt7996_dev *dev)
2212 {
2213 if (!dev->recovery.hw_init_done)
2214 return;
2215
2216 if (dev->recovery.hw_full_reset)
2217 return;
2218
2219 /* wm/wa exception: do full recovery */
2220 if (READ_ONCE(dev->recovery.state) & MT_MCU_CMD_WDT_MASK) {
2221 dev->recovery.restart = true;
2222 dev_info(dev->mt76.dev,
2223 "%s indicated firmware crash, attempting recovery\n",
2224 wiphy_name(dev->mt76.hw->wiphy));
2225
2226 mt7996_irq_disable(dev, MT_INT_MCU_CMD);
2227 queue_work(dev->mt76.wq, &dev->dump_work);
2228 return;
2229 }
2230
2231 queue_work(dev->mt76.wq, &dev->reset_work);
2232 wake_up(&dev->reset_wait);
2233 }
2234
mt7996_mac_update_stats(struct mt7996_phy * phy)2235 void mt7996_mac_update_stats(struct mt7996_phy *phy)
2236 {
2237 struct mt76_mib_stats *mib = &phy->mib;
2238 struct mt7996_dev *dev = phy->dev;
2239 u8 band_idx = phy->mt76->band_idx;
2240 u32 cnt;
2241 int i;
2242
2243 cnt = mt76_rr(dev, MT_MIB_RSCR1(band_idx));
2244 mib->fcs_err_cnt += cnt;
2245
2246 cnt = mt76_rr(dev, MT_MIB_RSCR33(band_idx));
2247 mib->rx_fifo_full_cnt += cnt;
2248
2249 cnt = mt76_rr(dev, MT_MIB_RSCR31(band_idx));
2250 mib->rx_mpdu_cnt += cnt;
2251
2252 cnt = mt76_rr(dev, MT_MIB_SDR6(band_idx));
2253 mib->channel_idle_cnt += FIELD_GET(MT_MIB_SDR6_CHANNEL_IDL_CNT_MASK, cnt);
2254
2255 cnt = mt76_rr(dev, MT_MIB_RVSR0(band_idx));
2256 mib->rx_vector_mismatch_cnt += cnt;
2257
2258 cnt = mt76_rr(dev, MT_MIB_RSCR35(band_idx));
2259 mib->rx_delimiter_fail_cnt += cnt;
2260
2261 cnt = mt76_rr(dev, MT_MIB_RSCR36(band_idx));
2262 mib->rx_len_mismatch_cnt += cnt;
2263
2264 cnt = mt76_rr(dev, MT_MIB_TSCR0(band_idx));
2265 mib->tx_ampdu_cnt += cnt;
2266
2267 cnt = mt76_rr(dev, MT_MIB_TSCR2(band_idx));
2268 mib->tx_stop_q_empty_cnt += cnt;
2269
2270 cnt = mt76_rr(dev, MT_MIB_TSCR3(band_idx));
2271 mib->tx_mpdu_attempts_cnt += cnt;
2272
2273 cnt = mt76_rr(dev, MT_MIB_TSCR4(band_idx));
2274 mib->tx_mpdu_success_cnt += cnt;
2275
2276 cnt = mt76_rr(dev, MT_MIB_RSCR27(band_idx));
2277 mib->rx_ampdu_cnt += cnt;
2278
2279 cnt = mt76_rr(dev, MT_MIB_RSCR28(band_idx));
2280 mib->rx_ampdu_bytes_cnt += cnt;
2281
2282 cnt = mt76_rr(dev, MT_MIB_RSCR29(band_idx));
2283 mib->rx_ampdu_valid_subframe_cnt += cnt;
2284
2285 cnt = mt76_rr(dev, MT_MIB_RSCR30(band_idx));
2286 mib->rx_ampdu_valid_subframe_bytes_cnt += cnt;
2287
2288 cnt = mt76_rr(dev, MT_MIB_SDR27(band_idx));
2289 mib->tx_rwp_fail_cnt += FIELD_GET(MT_MIB_SDR27_TX_RWP_FAIL_CNT, cnt);
2290
2291 cnt = mt76_rr(dev, MT_MIB_SDR28(band_idx));
2292 mib->tx_rwp_need_cnt += FIELD_GET(MT_MIB_SDR28_TX_RWP_NEED_CNT, cnt);
2293
2294 cnt = mt76_rr(dev, MT_UMIB_RPDCR(band_idx));
2295 mib->rx_pfdrop_cnt += cnt;
2296
2297 cnt = mt76_rr(dev, MT_MIB_RVSR1(band_idx));
2298 mib->rx_vec_queue_overflow_drop_cnt += cnt;
2299
2300 cnt = mt76_rr(dev, MT_MIB_TSCR1(band_idx));
2301 mib->rx_ba_cnt += cnt;
2302
2303 cnt = mt76_rr(dev, MT_MIB_BSCR0(band_idx));
2304 mib->tx_bf_ebf_ppdu_cnt += cnt;
2305
2306 cnt = mt76_rr(dev, MT_MIB_BSCR1(band_idx));
2307 mib->tx_bf_ibf_ppdu_cnt += cnt;
2308
2309 cnt = mt76_rr(dev, MT_MIB_BSCR2(band_idx));
2310 mib->tx_mu_bf_cnt += cnt;
2311
2312 cnt = mt76_rr(dev, MT_MIB_TSCR5(band_idx));
2313 mib->tx_mu_mpdu_cnt += cnt;
2314
2315 cnt = mt76_rr(dev, MT_MIB_TSCR6(band_idx));
2316 mib->tx_mu_acked_mpdu_cnt += cnt;
2317
2318 cnt = mt76_rr(dev, MT_MIB_TSCR7(band_idx));
2319 mib->tx_su_acked_mpdu_cnt += cnt;
2320
2321 cnt = mt76_rr(dev, MT_MIB_BSCR3(band_idx));
2322 mib->tx_bf_rx_fb_ht_cnt += cnt;
2323 mib->tx_bf_rx_fb_all_cnt += cnt;
2324
2325 cnt = mt76_rr(dev, MT_MIB_BSCR4(band_idx));
2326 mib->tx_bf_rx_fb_vht_cnt += cnt;
2327 mib->tx_bf_rx_fb_all_cnt += cnt;
2328
2329 cnt = mt76_rr(dev, MT_MIB_BSCR5(band_idx));
2330 mib->tx_bf_rx_fb_he_cnt += cnt;
2331 mib->tx_bf_rx_fb_all_cnt += cnt;
2332
2333 cnt = mt76_rr(dev, MT_MIB_BSCR6(band_idx));
2334 mib->tx_bf_rx_fb_eht_cnt += cnt;
2335 mib->tx_bf_rx_fb_all_cnt += cnt;
2336
2337 cnt = mt76_rr(dev, MT_ETBF_RX_FB_CONT(band_idx));
2338 mib->tx_bf_rx_fb_bw = FIELD_GET(MT_ETBF_RX_FB_BW, cnt);
2339 mib->tx_bf_rx_fb_nc_cnt += FIELD_GET(MT_ETBF_RX_FB_NC, cnt);
2340 mib->tx_bf_rx_fb_nr_cnt += FIELD_GET(MT_ETBF_RX_FB_NR, cnt);
2341
2342 cnt = mt76_rr(dev, MT_MIB_BSCR7(band_idx));
2343 mib->tx_bf_fb_trig_cnt += cnt;
2344
2345 cnt = mt76_rr(dev, MT_MIB_BSCR17(band_idx));
2346 mib->tx_bf_fb_cpl_cnt += cnt;
2347
2348 for (i = 0; i < ARRAY_SIZE(mib->tx_amsdu); i++) {
2349 cnt = mt76_rr(dev, MT_PLE_AMSDU_PACK_MSDU_CNT(i));
2350 mib->tx_amsdu[i] += cnt;
2351 mib->tx_amsdu_cnt += cnt;
2352 }
2353
2354 /* rts count */
2355 cnt = mt76_rr(dev, MT_MIB_BTSCR5(band_idx));
2356 mib->rts_cnt += cnt;
2357
2358 /* rts retry count */
2359 cnt = mt76_rr(dev, MT_MIB_BTSCR6(band_idx));
2360 mib->rts_retries_cnt += cnt;
2361
2362 /* ba miss count */
2363 cnt = mt76_rr(dev, MT_MIB_BTSCR0(band_idx));
2364 mib->ba_miss_cnt += cnt;
2365
2366 /* ack fail count */
2367 cnt = mt76_rr(dev, MT_MIB_BFTFCR(band_idx));
2368 mib->ack_fail_cnt += cnt;
2369
2370 for (i = 0; i < 16; i++) {
2371 cnt = mt76_rr(dev, MT_TX_AGG_CNT(band_idx, i));
2372 phy->mt76->aggr_stats[i] += cnt;
2373 }
2374 }
2375
mt7996_mac_sta_rc_work(struct work_struct * work)2376 void mt7996_mac_sta_rc_work(struct work_struct *work)
2377 {
2378 struct mt7996_dev *dev = container_of(work, struct mt7996_dev, rc_work);
2379 struct mt7996_sta_link *msta_link;
2380 struct ieee80211_vif *vif;
2381 struct mt7996_vif *mvif;
2382 LIST_HEAD(list);
2383 u32 changed;
2384
2385 spin_lock_bh(&dev->mt76.sta_poll_lock);
2386 list_splice_init(&dev->sta_rc_list, &list);
2387
2388 while (!list_empty(&list)) {
2389 msta_link = list_first_entry(&list, struct mt7996_sta_link,
2390 rc_list);
2391 list_del_init(&msta_link->rc_list);
2392
2393 changed = msta_link->changed;
2394 msta_link->changed = 0;
2395 mvif = msta_link->sta->vif;
2396 vif = container_of((void *)mvif, struct ieee80211_vif,
2397 drv_priv);
2398
2399 spin_unlock_bh(&dev->mt76.sta_poll_lock);
2400
2401 if (changed & (IEEE80211_RC_SUPP_RATES_CHANGED |
2402 IEEE80211_RC_NSS_CHANGED |
2403 IEEE80211_RC_BW_CHANGED))
2404 mt7996_mcu_add_rate_ctrl(dev, msta_link->sta, vif,
2405 msta_link->wcid.link_id,
2406 true);
2407
2408 if (changed & IEEE80211_RC_SMPS_CHANGED)
2409 mt7996_mcu_set_fixed_field(dev, msta_link->sta, NULL,
2410 msta_link->wcid.link_id,
2411 RATE_PARAM_MMPS_UPDATE);
2412
2413 spin_lock_bh(&dev->mt76.sta_poll_lock);
2414 }
2415
2416 spin_unlock_bh(&dev->mt76.sta_poll_lock);
2417 }
2418
mt7996_mac_work(struct work_struct * work)2419 void mt7996_mac_work(struct work_struct *work)
2420 {
2421 struct mt7996_phy *phy;
2422 struct mt76_phy *mphy;
2423
2424 mphy = (struct mt76_phy *)container_of(work, struct mt76_phy,
2425 mac_work.work);
2426 phy = mphy->priv;
2427
2428 mutex_lock(&mphy->dev->mutex);
2429
2430 mt76_update_survey(mphy);
2431 if (++mphy->mac_work_count == 5) {
2432 mphy->mac_work_count = 0;
2433
2434 mt7996_mac_update_stats(phy);
2435
2436 mt7996_mcu_get_all_sta_info(phy, UNI_ALL_STA_TXRX_RATE);
2437 if (mtk_wed_device_active(&phy->dev->mt76.mmio.wed)) {
2438 mt7996_mcu_get_all_sta_info(phy, UNI_ALL_STA_TXRX_ADM_STAT);
2439 mt7996_mcu_get_all_sta_info(phy, UNI_ALL_STA_TXRX_MSDU_COUNT);
2440 }
2441 }
2442
2443 mutex_unlock(&mphy->dev->mutex);
2444
2445 mt76_tx_status_check(mphy->dev, false);
2446
2447 ieee80211_queue_delayed_work(mphy->hw, &mphy->mac_work,
2448 MT7996_WATCHDOG_TIME);
2449 }
2450
mt7996_dfs_stop_radar_detector(struct mt7996_phy * phy)2451 static void mt7996_dfs_stop_radar_detector(struct mt7996_phy *phy)
2452 {
2453 struct mt7996_dev *dev = phy->dev;
2454 int rdd_idx = mt7996_get_rdd_idx(phy, false);
2455
2456 if (rdd_idx < 0)
2457 return;
2458
2459 mt7996_mcu_rdd_cmd(dev, RDD_STOP, rdd_idx, 0);
2460 }
2461
mt7996_dfs_start_rdd(struct mt7996_dev * dev,int rdd_idx)2462 static int mt7996_dfs_start_rdd(struct mt7996_dev *dev, int rdd_idx)
2463 {
2464 int err, region;
2465
2466 switch (dev->mt76.region) {
2467 case NL80211_DFS_ETSI:
2468 region = 0;
2469 break;
2470 case NL80211_DFS_JP:
2471 region = 2;
2472 break;
2473 case NL80211_DFS_FCC:
2474 default:
2475 region = 1;
2476 break;
2477 }
2478
2479 err = mt7996_mcu_rdd_cmd(dev, RDD_START, rdd_idx, region);
2480 if (err < 0)
2481 return err;
2482
2483 return mt7996_mcu_rdd_cmd(dev, RDD_DET_MODE, rdd_idx, 1);
2484 }
2485
mt7996_dfs_start_radar_detector(struct mt7996_phy * phy)2486 static int mt7996_dfs_start_radar_detector(struct mt7996_phy *phy)
2487 {
2488 struct mt7996_dev *dev = phy->dev;
2489 int err, rdd_idx;
2490
2491 rdd_idx = mt7996_get_rdd_idx(phy, false);
2492 if (rdd_idx < 0)
2493 return -EINVAL;
2494
2495 /* start CAC */
2496 err = mt7996_mcu_rdd_cmd(dev, RDD_CAC_START, rdd_idx, 0);
2497 if (err < 0)
2498 return err;
2499
2500 err = mt7996_dfs_start_rdd(dev, rdd_idx);
2501
2502 return err;
2503 }
2504
2505 static int
mt7996_dfs_init_radar_specs(struct mt7996_phy * phy)2506 mt7996_dfs_init_radar_specs(struct mt7996_phy *phy)
2507 {
2508 const struct mt7996_dfs_radar_spec *radar_specs;
2509 struct mt7996_dev *dev = phy->dev;
2510 int err, i;
2511
2512 switch (dev->mt76.region) {
2513 case NL80211_DFS_FCC:
2514 radar_specs = &fcc_radar_specs;
2515 err = mt7996_mcu_set_fcc5_lpn(dev, 8);
2516 if (err < 0)
2517 return err;
2518 break;
2519 case NL80211_DFS_ETSI:
2520 radar_specs = &etsi_radar_specs;
2521 break;
2522 case NL80211_DFS_JP:
2523 radar_specs = &jp_radar_specs;
2524 break;
2525 default:
2526 return -EINVAL;
2527 }
2528
2529 for (i = 0; i < ARRAY_SIZE(radar_specs->radar_pattern); i++) {
2530 err = mt7996_mcu_set_radar_th(dev, i,
2531 &radar_specs->radar_pattern[i]);
2532 if (err < 0)
2533 return err;
2534 }
2535
2536 return mt7996_mcu_set_pulse_th(dev, &radar_specs->pulse_th);
2537 }
2538
mt7996_dfs_init_radar_detector(struct mt7996_phy * phy)2539 int mt7996_dfs_init_radar_detector(struct mt7996_phy *phy)
2540 {
2541 struct mt7996_dev *dev = phy->dev;
2542 enum mt76_dfs_state dfs_state, prev_state;
2543 int err, rdd_idx = mt7996_get_rdd_idx(phy, false);
2544
2545 prev_state = phy->mt76->dfs_state;
2546 dfs_state = mt76_phy_dfs_state(phy->mt76);
2547
2548 if (prev_state == dfs_state || rdd_idx < 0)
2549 return 0;
2550
2551 if (prev_state == MT_DFS_STATE_UNKNOWN)
2552 mt7996_dfs_stop_radar_detector(phy);
2553
2554 if (dfs_state == MT_DFS_STATE_DISABLED)
2555 goto stop;
2556
2557 if (prev_state <= MT_DFS_STATE_DISABLED) {
2558 err = mt7996_dfs_init_radar_specs(phy);
2559 if (err < 0)
2560 return err;
2561
2562 err = mt7996_dfs_start_radar_detector(phy);
2563 if (err < 0)
2564 return err;
2565
2566 phy->mt76->dfs_state = MT_DFS_STATE_CAC;
2567 }
2568
2569 if (dfs_state == MT_DFS_STATE_CAC)
2570 return 0;
2571
2572 err = mt7996_mcu_rdd_cmd(dev, RDD_CAC_END, rdd_idx, 0);
2573 if (err < 0) {
2574 phy->mt76->dfs_state = MT_DFS_STATE_UNKNOWN;
2575 return err;
2576 }
2577
2578 phy->mt76->dfs_state = MT_DFS_STATE_ACTIVE;
2579 return 0;
2580
2581 stop:
2582 err = mt7996_mcu_rdd_cmd(dev, RDD_NORMAL_START, rdd_idx, 0);
2583 if (err < 0)
2584 return err;
2585
2586 mt7996_dfs_stop_radar_detector(phy);
2587 phy->mt76->dfs_state = MT_DFS_STATE_DISABLED;
2588
2589 return 0;
2590 }
2591
2592 static int
mt7996_mac_twt_duration_align(int duration)2593 mt7996_mac_twt_duration_align(int duration)
2594 {
2595 return duration << 8;
2596 }
2597
2598 static u64
mt7996_mac_twt_sched_list_add(struct mt7996_dev * dev,struct mt7996_twt_flow * flow)2599 mt7996_mac_twt_sched_list_add(struct mt7996_dev *dev,
2600 struct mt7996_twt_flow *flow)
2601 {
2602 struct mt7996_twt_flow *iter, *iter_next;
2603 u32 duration = flow->duration << 8;
2604 u64 start_tsf;
2605
2606 iter = list_first_entry_or_null(&dev->twt_list,
2607 struct mt7996_twt_flow, list);
2608 if (!iter || !iter->sched || iter->start_tsf > duration) {
2609 /* add flow as first entry in the list */
2610 list_add(&flow->list, &dev->twt_list);
2611 return 0;
2612 }
2613
2614 list_for_each_entry_safe(iter, iter_next, &dev->twt_list, list) {
2615 start_tsf = iter->start_tsf +
2616 mt7996_mac_twt_duration_align(iter->duration);
2617 if (list_is_last(&iter->list, &dev->twt_list))
2618 break;
2619
2620 if (!iter_next->sched ||
2621 iter_next->start_tsf > start_tsf + duration) {
2622 list_add(&flow->list, &iter->list);
2623 goto out;
2624 }
2625 }
2626
2627 /* add flow as last entry in the list */
2628 list_add_tail(&flow->list, &dev->twt_list);
2629 out:
2630 return start_tsf;
2631 }
2632
mt7996_mac_check_twt_req(struct ieee80211_twt_setup * twt)2633 static int mt7996_mac_check_twt_req(struct ieee80211_twt_setup *twt)
2634 {
2635 struct ieee80211_twt_params *twt_agrt;
2636 u64 interval, duration;
2637 u16 mantissa;
2638 u8 exp;
2639
2640 /* only individual agreement supported */
2641 if (twt->control & IEEE80211_TWT_CONTROL_NEG_TYPE_BROADCAST)
2642 return -EOPNOTSUPP;
2643
2644 /* only 256us unit supported */
2645 if (twt->control & IEEE80211_TWT_CONTROL_WAKE_DUR_UNIT)
2646 return -EOPNOTSUPP;
2647
2648 twt_agrt = (struct ieee80211_twt_params *)twt->params;
2649
2650 /* explicit agreement not supported */
2651 if (!(twt_agrt->req_type & cpu_to_le16(IEEE80211_TWT_REQTYPE_IMPLICIT)))
2652 return -EOPNOTSUPP;
2653
2654 exp = FIELD_GET(IEEE80211_TWT_REQTYPE_WAKE_INT_EXP,
2655 le16_to_cpu(twt_agrt->req_type));
2656 mantissa = le16_to_cpu(twt_agrt->mantissa);
2657 duration = twt_agrt->min_twt_dur << 8;
2658
2659 interval = (u64)mantissa << exp;
2660 if (interval < duration)
2661 return -EOPNOTSUPP;
2662
2663 return 0;
2664 }
2665
2666 static bool
mt7996_mac_twt_param_equal(struct mt7996_sta_link * msta_link,struct ieee80211_twt_params * twt_agrt)2667 mt7996_mac_twt_param_equal(struct mt7996_sta_link *msta_link,
2668 struct ieee80211_twt_params *twt_agrt)
2669 {
2670 u16 type = le16_to_cpu(twt_agrt->req_type);
2671 u8 exp;
2672 int i;
2673
2674 exp = FIELD_GET(IEEE80211_TWT_REQTYPE_WAKE_INT_EXP, type);
2675 for (i = 0; i < MT7996_MAX_STA_TWT_AGRT; i++) {
2676 struct mt7996_twt_flow *f;
2677
2678 if (!(msta_link->twt.flowid_mask & BIT(i)))
2679 continue;
2680
2681 f = &msta_link->twt.flow[i];
2682 if (f->duration == twt_agrt->min_twt_dur &&
2683 f->mantissa == twt_agrt->mantissa &&
2684 f->exp == exp &&
2685 f->protection == !!(type & IEEE80211_TWT_REQTYPE_PROTECTION) &&
2686 f->flowtype == !!(type & IEEE80211_TWT_REQTYPE_FLOWTYPE) &&
2687 f->trigger == !!(type & IEEE80211_TWT_REQTYPE_TRIGGER))
2688 return true;
2689 }
2690
2691 return false;
2692 }
2693
mt7996_mac_add_twt_setup(struct ieee80211_hw * hw,struct ieee80211_sta * sta,struct ieee80211_twt_setup * twt)2694 void mt7996_mac_add_twt_setup(struct ieee80211_hw *hw,
2695 struct ieee80211_sta *sta,
2696 struct ieee80211_twt_setup *twt)
2697 {
2698 enum ieee80211_twt_setup_cmd setup_cmd = TWT_SETUP_CMD_REJECT;
2699 struct mt7996_sta *msta = (struct mt7996_sta *)sta->drv_priv;
2700 struct ieee80211_twt_params *twt_agrt = (void *)twt->params;
2701 struct mt7996_sta_link *msta_link = &msta->deflink;
2702 u16 req_type = le16_to_cpu(twt_agrt->req_type);
2703 enum ieee80211_twt_setup_cmd sta_setup_cmd;
2704 struct mt7996_dev *dev = mt7996_hw_dev(hw);
2705 struct mt7996_twt_flow *flow;
2706 u8 flowid, table_id, exp;
2707
2708 if (mt7996_mac_check_twt_req(twt))
2709 goto out;
2710
2711 mutex_lock(&dev->mt76.mutex);
2712
2713 if (dev->twt.n_agrt == MT7996_MAX_TWT_AGRT)
2714 goto unlock;
2715
2716 if (hweight8(msta_link->twt.flowid_mask) ==
2717 ARRAY_SIZE(msta_link->twt.flow))
2718 goto unlock;
2719
2720 if (twt_agrt->min_twt_dur < MT7996_MIN_TWT_DUR) {
2721 setup_cmd = TWT_SETUP_CMD_DICTATE;
2722 twt_agrt->min_twt_dur = MT7996_MIN_TWT_DUR;
2723 goto unlock;
2724 }
2725
2726 if (mt7996_mac_twt_param_equal(msta_link, twt_agrt))
2727 goto unlock;
2728
2729 flowid = ffs(~msta_link->twt.flowid_mask) - 1;
2730 twt_agrt->req_type &= ~cpu_to_le16(IEEE80211_TWT_REQTYPE_FLOWID);
2731 twt_agrt->req_type |= le16_encode_bits(flowid,
2732 IEEE80211_TWT_REQTYPE_FLOWID);
2733
2734 table_id = ffs(~dev->twt.table_mask) - 1;
2735 exp = FIELD_GET(IEEE80211_TWT_REQTYPE_WAKE_INT_EXP, req_type);
2736 sta_setup_cmd = FIELD_GET(IEEE80211_TWT_REQTYPE_SETUP_CMD, req_type);
2737
2738 flow = &msta_link->twt.flow[flowid];
2739 memset(flow, 0, sizeof(*flow));
2740 INIT_LIST_HEAD(&flow->list);
2741 flow->wcid = msta_link->wcid.idx;
2742 flow->table_id = table_id;
2743 flow->id = flowid;
2744 flow->duration = twt_agrt->min_twt_dur;
2745 flow->mantissa = twt_agrt->mantissa;
2746 flow->exp = exp;
2747 flow->protection = !!(req_type & IEEE80211_TWT_REQTYPE_PROTECTION);
2748 flow->flowtype = !!(req_type & IEEE80211_TWT_REQTYPE_FLOWTYPE);
2749 flow->trigger = !!(req_type & IEEE80211_TWT_REQTYPE_TRIGGER);
2750
2751 if (sta_setup_cmd == TWT_SETUP_CMD_REQUEST ||
2752 sta_setup_cmd == TWT_SETUP_CMD_SUGGEST) {
2753 u64 interval = (u64)le16_to_cpu(twt_agrt->mantissa) << exp;
2754 u64 flow_tsf, curr_tsf;
2755 u32 rem;
2756
2757 flow->sched = true;
2758 flow->start_tsf = mt7996_mac_twt_sched_list_add(dev, flow);
2759 curr_tsf = __mt7996_get_tsf(hw, &msta->vif->deflink);
2760 div_u64_rem(curr_tsf - flow->start_tsf, interval, &rem);
2761 flow_tsf = curr_tsf + interval - rem;
2762 twt_agrt->twt = cpu_to_le64(flow_tsf);
2763 } else {
2764 list_add_tail(&flow->list, &dev->twt_list);
2765 }
2766 flow->tsf = le64_to_cpu(twt_agrt->twt);
2767
2768 if (mt7996_mcu_twt_agrt_update(dev, &msta->vif->deflink, flow,
2769 MCU_TWT_AGRT_ADD))
2770 goto unlock;
2771
2772 setup_cmd = TWT_SETUP_CMD_ACCEPT;
2773 dev->twt.table_mask |= BIT(table_id);
2774 msta_link->twt.flowid_mask |= BIT(flowid);
2775 dev->twt.n_agrt++;
2776
2777 unlock:
2778 mutex_unlock(&dev->mt76.mutex);
2779 out:
2780 twt_agrt->req_type &= ~cpu_to_le16(IEEE80211_TWT_REQTYPE_SETUP_CMD);
2781 twt_agrt->req_type |=
2782 le16_encode_bits(setup_cmd, IEEE80211_TWT_REQTYPE_SETUP_CMD);
2783 twt->control = twt->control & IEEE80211_TWT_CONTROL_RX_DISABLED;
2784 }
2785
mt7996_mac_twt_teardown_flow(struct mt7996_dev * dev,struct mt7996_vif_link * link,struct mt7996_sta_link * msta_link,u8 flowid)2786 void mt7996_mac_twt_teardown_flow(struct mt7996_dev *dev,
2787 struct mt7996_vif_link *link,
2788 struct mt7996_sta_link *msta_link,
2789 u8 flowid)
2790 {
2791 struct mt7996_twt_flow *flow;
2792
2793 lockdep_assert_held(&dev->mt76.mutex);
2794
2795 if (flowid >= ARRAY_SIZE(msta_link->twt.flow))
2796 return;
2797
2798 if (!(msta_link->twt.flowid_mask & BIT(flowid)))
2799 return;
2800
2801 flow = &msta_link->twt.flow[flowid];
2802 if (mt7996_mcu_twt_agrt_update(dev, link, flow, MCU_TWT_AGRT_DELETE))
2803 return;
2804
2805 list_del_init(&flow->list);
2806 msta_link->twt.flowid_mask &= ~BIT(flowid);
2807 dev->twt.table_mask &= ~BIT(flow->table_id);
2808 dev->twt.n_agrt--;
2809 }
2810