1 // SPDX-License-Identifier: ISC
2 /*
3 * Copyright (C) 2022 MediaTek Inc.
4 */
5
6 #include <linux/firmware.h>
7 #include <linux/fs.h>
8 #include "mt7996.h"
9 #include "mcu.h"
10 #include "mac.h"
11 #include "eeprom.h"
12
13 #define fw_name(_dev, name, ...) ({ \
14 char *_fw; \
15 switch (mt76_chip(&(_dev)->mt76)) { \
16 case 0x7992: \
17 switch ((_dev)->var.type) { \
18 case MT7992_VAR_TYPE_23: \
19 _fw = MT7992_##name##_23; \
20 break; \
21 default: \
22 _fw = MT7992_##name; \
23 } \
24 break; \
25 case 0x7990: \
26 default: \
27 switch ((_dev)->var.type) { \
28 case MT7996_VAR_TYPE_233: \
29 _fw = MT7996_##name##_233; \
30 break; \
31 default: \
32 _fw = MT7996_##name; \
33 } \
34 break; \
35 } \
36 _fw; \
37 })
38
39 struct mt7996_patch_hdr {
40 char build_date[16];
41 char platform[4];
42 __be32 hw_sw_ver;
43 __be32 patch_ver;
44 __be16 checksum;
45 u16 reserved;
46 struct {
47 __be32 patch_ver;
48 __be32 subsys;
49 __be32 feature;
50 __be32 n_region;
51 __be32 crc;
52 u32 reserved[11];
53 } desc;
54 } __packed;
55
56 struct mt7996_patch_sec {
57 __be32 type;
58 __be32 offs;
59 __be32 size;
60 union {
61 __be32 spec[13];
62 struct {
63 __be32 addr;
64 __be32 len;
65 __be32 sec_key_idx;
66 __be32 align_len;
67 u32 reserved[9];
68 } info;
69 };
70 } __packed;
71
72 struct mt7996_fw_trailer {
73 u8 chip_id;
74 u8 eco_code;
75 u8 n_region;
76 u8 format_ver;
77 u8 format_flag;
78 u8 reserved[2];
79 char fw_ver[10];
80 char build_date[15];
81 u32 crc;
82 } __packed;
83
84 struct mt7996_fw_region {
85 __le32 decomp_crc;
86 __le32 decomp_len;
87 __le32 decomp_blk_sz;
88 u8 reserved[4];
89 __le32 addr;
90 __le32 len;
91 u8 feature_set;
92 u8 reserved1[15];
93 } __packed;
94
95 #define MCU_PATCH_ADDRESS 0x200000
96
97 #define HE_PHY(p, c) u8_get_bits(c, IEEE80211_HE_PHY_##p)
98 #define HE_MAC(m, c) u8_get_bits(c, IEEE80211_HE_MAC_##m)
99 #define EHT_PHY(p, c) u8_get_bits(c, IEEE80211_EHT_PHY_##p)
100
101 static bool sr_scene_detect = true;
102 module_param(sr_scene_detect, bool, 0644);
103 MODULE_PARM_DESC(sr_scene_detect, "Enable firmware scene detection algorithm");
104
105 static u8
mt7996_mcu_get_sta_nss(u16 mcs_map)106 mt7996_mcu_get_sta_nss(u16 mcs_map)
107 {
108 u8 nss;
109
110 for (nss = 8; nss > 0; nss--) {
111 u8 nss_mcs = (mcs_map >> (2 * (nss - 1))) & 3;
112
113 if (nss_mcs != IEEE80211_VHT_MCS_NOT_SUPPORTED)
114 break;
115 }
116
117 return nss - 1;
118 }
119
120 static void
mt7996_mcu_set_sta_he_mcs(struct ieee80211_link_sta * link_sta,struct mt7996_vif_link * link,__le16 * he_mcs,u16 mcs_map)121 mt7996_mcu_set_sta_he_mcs(struct ieee80211_link_sta *link_sta,
122 struct mt7996_vif_link *link,
123 __le16 *he_mcs, u16 mcs_map)
124 {
125 int nss, max_nss = link_sta->rx_nss > 3 ? 4 : link_sta->rx_nss;
126 enum nl80211_band band = link->phy->mt76->chandef.chan->band;
127 const u16 *mask = link->bitrate_mask.control[band].he_mcs;
128
129 for (nss = 0; nss < max_nss; nss++) {
130 int mcs;
131
132 switch ((mcs_map >> (2 * nss)) & 0x3) {
133 case IEEE80211_HE_MCS_SUPPORT_0_11:
134 mcs = GENMASK(11, 0);
135 break;
136 case IEEE80211_HE_MCS_SUPPORT_0_9:
137 mcs = GENMASK(9, 0);
138 break;
139 case IEEE80211_HE_MCS_SUPPORT_0_7:
140 mcs = GENMASK(7, 0);
141 break;
142 default:
143 mcs = 0;
144 }
145
146 mcs = mcs ? fls(mcs & mask[nss]) - 1 : -1;
147
148 switch (mcs) {
149 case 0 ... 7:
150 mcs = IEEE80211_HE_MCS_SUPPORT_0_7;
151 break;
152 case 8 ... 9:
153 mcs = IEEE80211_HE_MCS_SUPPORT_0_9;
154 break;
155 case 10 ... 11:
156 mcs = IEEE80211_HE_MCS_SUPPORT_0_11;
157 break;
158 default:
159 mcs = IEEE80211_HE_MCS_NOT_SUPPORTED;
160 break;
161 }
162 mcs_map &= ~(0x3 << (nss * 2));
163 mcs_map |= mcs << (nss * 2);
164 }
165
166 *he_mcs = cpu_to_le16(mcs_map);
167 }
168
169 static void
mt7996_mcu_set_sta_vht_mcs(struct ieee80211_link_sta * link_sta,__le16 * vht_mcs,const u16 * mask)170 mt7996_mcu_set_sta_vht_mcs(struct ieee80211_link_sta *link_sta,
171 __le16 *vht_mcs, const u16 *mask)
172 {
173 u16 mcs, mcs_map = le16_to_cpu(link_sta->vht_cap.vht_mcs.rx_mcs_map);
174 int nss, max_nss = link_sta->rx_nss > 3 ? 4 : link_sta->rx_nss;
175
176 for (nss = 0; nss < max_nss; nss++, mcs_map >>= 2) {
177 switch (mcs_map & 0x3) {
178 case IEEE80211_VHT_MCS_SUPPORT_0_9:
179 mcs = GENMASK(9, 0);
180 break;
181 case IEEE80211_VHT_MCS_SUPPORT_0_8:
182 mcs = GENMASK(8, 0);
183 break;
184 case IEEE80211_VHT_MCS_SUPPORT_0_7:
185 mcs = GENMASK(7, 0);
186 break;
187 default:
188 mcs = 0;
189 }
190
191 vht_mcs[nss] = cpu_to_le16(mcs & mask[nss]);
192 }
193 }
194
195 static void
mt7996_mcu_set_sta_ht_mcs(struct ieee80211_link_sta * link_sta,u8 * ht_mcs,const u8 * mask)196 mt7996_mcu_set_sta_ht_mcs(struct ieee80211_link_sta *link_sta,
197 u8 *ht_mcs, const u8 *mask)
198 {
199 int nss, max_nss = link_sta->rx_nss > 3 ? 4 : link_sta->rx_nss;
200
201 for (nss = 0; nss < max_nss; nss++)
202 ht_mcs[nss] = link_sta->ht_cap.mcs.rx_mask[nss] & mask[nss];
203 }
204
205 static int
mt7996_mcu_parse_response(struct mt76_dev * mdev,int cmd,struct sk_buff * skb,int seq)206 mt7996_mcu_parse_response(struct mt76_dev *mdev, int cmd,
207 struct sk_buff *skb, int seq)
208 {
209 struct mt7996_mcu_rxd *rxd;
210 struct mt7996_mcu_uni_event *event;
211 int mcu_cmd = FIELD_GET(__MCU_CMD_FIELD_ID, cmd);
212 int ret = 0;
213
214 if (!skb) {
215 dev_err(mdev->dev, "Message %08x (seq %d) timeout\n",
216 cmd, seq);
217 return -ETIMEDOUT;
218 }
219
220 rxd = (struct mt7996_mcu_rxd *)skb->data;
221 if (seq != rxd->seq)
222 return -EAGAIN;
223
224 if (cmd == MCU_CMD(PATCH_SEM_CONTROL)) {
225 skb_pull(skb, sizeof(*rxd) - 4);
226 ret = *skb->data;
227 } else if ((rxd->option & MCU_UNI_CMD_EVENT) &&
228 rxd->eid == MCU_UNI_EVENT_RESULT) {
229 skb_pull(skb, sizeof(*rxd));
230 event = (struct mt7996_mcu_uni_event *)skb->data;
231 ret = le32_to_cpu(event->status);
232 /* skip invalid event */
233 if (mcu_cmd != event->cid)
234 ret = -EAGAIN;
235 } else {
236 skb_pull(skb, sizeof(struct mt7996_mcu_rxd));
237 }
238
239 return ret;
240 }
241
242 static int
mt7996_mcu_send_message(struct mt76_dev * mdev,struct sk_buff * skb,int cmd,int * wait_seq)243 mt7996_mcu_send_message(struct mt76_dev *mdev, struct sk_buff *skb,
244 int cmd, int *wait_seq)
245 {
246 struct mt7996_dev *dev = container_of(mdev, struct mt7996_dev, mt76);
247 int txd_len, mcu_cmd = FIELD_GET(__MCU_CMD_FIELD_ID, cmd);
248 struct mt76_connac2_mcu_uni_txd *uni_txd;
249 struct mt76_connac2_mcu_txd *mcu_txd;
250 enum mt76_mcuq_id qid;
251 __le32 *txd;
252 u32 val;
253 u8 seq;
254
255 mdev->mcu.timeout = 20 * HZ;
256
257 seq = ++dev->mt76.mcu.msg_seq & 0xf;
258 if (!seq)
259 seq = ++dev->mt76.mcu.msg_seq & 0xf;
260
261 if (cmd == MCU_CMD(FW_SCATTER)) {
262 qid = MT_MCUQ_FWDL;
263 goto exit;
264 }
265
266 txd_len = cmd & __MCU_CMD_FIELD_UNI ? sizeof(*uni_txd) : sizeof(*mcu_txd);
267 txd = (__le32 *)skb_push(skb, txd_len);
268 if (test_bit(MT76_STATE_MCU_RUNNING, &dev->mphy.state))
269 qid = MT_MCUQ_WA;
270 else
271 qid = MT_MCUQ_WM;
272
273 val = FIELD_PREP(MT_TXD0_TX_BYTES, skb->len) |
274 FIELD_PREP(MT_TXD0_PKT_FMT, MT_TX_TYPE_CMD) |
275 FIELD_PREP(MT_TXD0_Q_IDX, MT_TX_MCU_PORT_RX_Q0);
276 txd[0] = cpu_to_le32(val);
277
278 val = FIELD_PREP(MT_TXD1_HDR_FORMAT, MT_HDR_FORMAT_CMD);
279 txd[1] = cpu_to_le32(val);
280
281 if (cmd & __MCU_CMD_FIELD_UNI) {
282 uni_txd = (struct mt76_connac2_mcu_uni_txd *)txd;
283 uni_txd->len = cpu_to_le16(skb->len - sizeof(uni_txd->txd));
284 uni_txd->cid = cpu_to_le16(mcu_cmd);
285 uni_txd->s2d_index = MCU_S2D_H2CN;
286 uni_txd->pkt_type = MCU_PKT_ID;
287 uni_txd->seq = seq;
288
289 if (cmd & __MCU_CMD_FIELD_QUERY)
290 uni_txd->option = MCU_CMD_UNI_QUERY_ACK;
291 else
292 uni_txd->option = MCU_CMD_UNI_EXT_ACK;
293
294 if ((cmd & __MCU_CMD_FIELD_WA) && (cmd & __MCU_CMD_FIELD_WM))
295 uni_txd->s2d_index = MCU_S2D_H2CN;
296 else if (cmd & __MCU_CMD_FIELD_WA)
297 uni_txd->s2d_index = MCU_S2D_H2C;
298 else if (cmd & __MCU_CMD_FIELD_WM)
299 uni_txd->s2d_index = MCU_S2D_H2N;
300
301 goto exit;
302 }
303
304 mcu_txd = (struct mt76_connac2_mcu_txd *)txd;
305 mcu_txd->len = cpu_to_le16(skb->len - sizeof(mcu_txd->txd));
306 mcu_txd->pq_id = cpu_to_le16(MCU_PQ_ID(MT_TX_PORT_IDX_MCU,
307 MT_TX_MCU_PORT_RX_Q0));
308 mcu_txd->pkt_type = MCU_PKT_ID;
309 mcu_txd->seq = seq;
310
311 mcu_txd->cid = FIELD_GET(__MCU_CMD_FIELD_ID, cmd);
312 mcu_txd->set_query = MCU_Q_NA;
313 mcu_txd->ext_cid = FIELD_GET(__MCU_CMD_FIELD_EXT_ID, cmd);
314 if (mcu_txd->ext_cid) {
315 mcu_txd->ext_cid_ack = 1;
316
317 if (cmd & __MCU_CMD_FIELD_QUERY)
318 mcu_txd->set_query = MCU_Q_QUERY;
319 else
320 mcu_txd->set_query = MCU_Q_SET;
321 }
322
323 if (cmd & __MCU_CMD_FIELD_WA)
324 mcu_txd->s2d_index = MCU_S2D_H2C;
325 else
326 mcu_txd->s2d_index = MCU_S2D_H2N;
327
328 exit:
329 if (wait_seq)
330 *wait_seq = seq;
331
332 return mt76_tx_queue_skb_raw(dev, mdev->q_mcu[qid], skb, 0);
333 }
334
mt7996_mcu_wa_cmd(struct mt7996_dev * dev,int cmd,u32 a1,u32 a2,u32 a3)335 int mt7996_mcu_wa_cmd(struct mt7996_dev *dev, int cmd, u32 a1, u32 a2, u32 a3)
336 {
337 struct {
338 __le32 args[3];
339 } req = {
340 .args = {
341 cpu_to_le32(a1),
342 cpu_to_le32(a2),
343 cpu_to_le32(a3),
344 },
345 };
346
347 return mt76_mcu_send_msg(&dev->mt76, cmd, &req, sizeof(req), false);
348 }
349
350 static void
mt7996_mcu_csa_finish(void * priv,u8 * mac,struct ieee80211_vif * vif)351 mt7996_mcu_csa_finish(void *priv, u8 *mac, struct ieee80211_vif *vif)
352 {
353 if (!vif->bss_conf.csa_active || vif->type == NL80211_IFTYPE_STATION)
354 return;
355
356 ieee80211_csa_finish(vif, 0);
357 }
358
359 static void
mt7996_mcu_rx_radar_detected(struct mt7996_dev * dev,struct sk_buff * skb)360 mt7996_mcu_rx_radar_detected(struct mt7996_dev *dev, struct sk_buff *skb)
361 {
362 struct mt76_phy *mphy = &dev->mt76.phy;
363 struct mt7996_mcu_rdd_report *r;
364
365 r = (struct mt7996_mcu_rdd_report *)skb->data;
366
367 if (r->band_idx >= ARRAY_SIZE(dev->mt76.phys))
368 return;
369
370 if (r->band_idx == MT_RX_SEL2 && !dev->rdd2_phy)
371 return;
372
373 if (r->band_idx == MT_RX_SEL2)
374 mphy = dev->rdd2_phy->mt76;
375 else
376 mphy = dev->mt76.phys[r->band_idx];
377
378 if (!mphy)
379 return;
380
381 if (r->band_idx == MT_RX_SEL2)
382 cfg80211_background_radar_event(mphy->hw->wiphy,
383 &dev->rdd2_chandef,
384 GFP_ATOMIC);
385 else
386 ieee80211_radar_detected(mphy->hw, NULL);
387 dev->hw_pattern++;
388 }
389
390 static void
mt7996_mcu_rx_log_message(struct mt7996_dev * dev,struct sk_buff * skb)391 mt7996_mcu_rx_log_message(struct mt7996_dev *dev, struct sk_buff *skb)
392 {
393 #define UNI_EVENT_FW_LOG_FORMAT 0
394 struct mt7996_mcu_rxd *rxd = (struct mt7996_mcu_rxd *)skb->data;
395 const char *data = (char *)&rxd[1] + 4, *type;
396 struct tlv *tlv = (struct tlv *)data;
397 int len;
398
399 if (!(rxd->option & MCU_UNI_CMD_EVENT)) {
400 len = skb->len - sizeof(*rxd);
401 data = (char *)&rxd[1];
402 goto out;
403 }
404
405 if (le16_to_cpu(tlv->tag) != UNI_EVENT_FW_LOG_FORMAT)
406 return;
407
408 data += sizeof(*tlv) + 4;
409 len = le16_to_cpu(tlv->len) - sizeof(*tlv) - 4;
410
411 out:
412 switch (rxd->s2d_index) {
413 case 0:
414 if (mt7996_debugfs_rx_log(dev, data, len))
415 return;
416
417 type = "WM";
418 break;
419 case 2:
420 type = "WA";
421 break;
422 default:
423 type = "unknown";
424 break;
425 }
426
427 wiphy_info(mt76_hw(dev)->wiphy, "%s: %.*s", type, len, data);
428 }
429
430 static void
mt7996_mcu_cca_finish(void * priv,u8 * mac,struct ieee80211_vif * vif)431 mt7996_mcu_cca_finish(void *priv, u8 *mac, struct ieee80211_vif *vif)
432 {
433 if (!vif->bss_conf.color_change_active || vif->type == NL80211_IFTYPE_STATION)
434 return;
435
436 ieee80211_color_change_finish(vif, 0);
437 }
438
439 static void
mt7996_mcu_ie_countdown(struct mt7996_dev * dev,struct sk_buff * skb)440 mt7996_mcu_ie_countdown(struct mt7996_dev *dev, struct sk_buff *skb)
441 {
442 #define UNI_EVENT_IE_COUNTDOWN_CSA 0
443 #define UNI_EVENT_IE_COUNTDOWN_BCC 1
444 struct header {
445 u8 band;
446 u8 rsv[3];
447 };
448 struct mt76_phy *mphy = &dev->mt76.phy;
449 struct mt7996_mcu_rxd *rxd = (struct mt7996_mcu_rxd *)skb->data;
450 const char *data = (char *)&rxd[1], *tail;
451 struct header *hdr = (struct header *)data;
452 struct tlv *tlv = (struct tlv *)(data + 4);
453
454 if (hdr->band >= ARRAY_SIZE(dev->mt76.phys))
455 return;
456
457 if (hdr->band && dev->mt76.phys[hdr->band])
458 mphy = dev->mt76.phys[hdr->band];
459
460 tail = skb->data + skb->len;
461 data += sizeof(struct header);
462 while (data + sizeof(struct tlv) < tail && le16_to_cpu(tlv->len)) {
463 switch (le16_to_cpu(tlv->tag)) {
464 case UNI_EVENT_IE_COUNTDOWN_CSA:
465 ieee80211_iterate_active_interfaces_atomic(mphy->hw,
466 IEEE80211_IFACE_ITER_RESUME_ALL,
467 mt7996_mcu_csa_finish, mphy->hw);
468 break;
469 case UNI_EVENT_IE_COUNTDOWN_BCC:
470 ieee80211_iterate_active_interfaces_atomic(mphy->hw,
471 IEEE80211_IFACE_ITER_RESUME_ALL,
472 mt7996_mcu_cca_finish, mphy->hw);
473 break;
474 }
475
476 data += le16_to_cpu(tlv->len);
477 tlv = (struct tlv *)data;
478 }
479 }
480
481 static int
mt7996_mcu_update_tx_gi(struct rate_info * rate,struct all_sta_trx_rate * mcu_rate)482 mt7996_mcu_update_tx_gi(struct rate_info *rate, struct all_sta_trx_rate *mcu_rate)
483 {
484 switch (mcu_rate->tx_mode) {
485 case MT_PHY_TYPE_CCK:
486 case MT_PHY_TYPE_OFDM:
487 break;
488 case MT_PHY_TYPE_HT:
489 case MT_PHY_TYPE_HT_GF:
490 case MT_PHY_TYPE_VHT:
491 if (mcu_rate->tx_gi)
492 rate->flags |= RATE_INFO_FLAGS_SHORT_GI;
493 else
494 rate->flags &= ~RATE_INFO_FLAGS_SHORT_GI;
495 break;
496 case MT_PHY_TYPE_HE_SU:
497 case MT_PHY_TYPE_HE_EXT_SU:
498 case MT_PHY_TYPE_HE_TB:
499 case MT_PHY_TYPE_HE_MU:
500 if (mcu_rate->tx_gi > NL80211_RATE_INFO_HE_GI_3_2)
501 return -EINVAL;
502 rate->he_gi = mcu_rate->tx_gi;
503 break;
504 case MT_PHY_TYPE_EHT_SU:
505 case MT_PHY_TYPE_EHT_TRIG:
506 case MT_PHY_TYPE_EHT_MU:
507 if (mcu_rate->tx_gi > NL80211_RATE_INFO_EHT_GI_3_2)
508 return -EINVAL;
509 rate->eht_gi = mcu_rate->tx_gi;
510 break;
511 default:
512 return -EINVAL;
513 }
514
515 return 0;
516 }
517
518 static void
mt7996_mcu_rx_all_sta_info_event(struct mt7996_dev * dev,struct sk_buff * skb)519 mt7996_mcu_rx_all_sta_info_event(struct mt7996_dev *dev, struct sk_buff *skb)
520 {
521 struct mt7996_mcu_all_sta_info_event *res;
522 u16 i;
523
524 skb_pull(skb, sizeof(struct mt7996_mcu_rxd));
525
526 res = (struct mt7996_mcu_all_sta_info_event *)skb->data;
527
528 for (i = 0; i < le16_to_cpu(res->sta_num); i++) {
529 u8 ac;
530 u16 wlan_idx;
531 struct mt76_wcid *wcid;
532
533 switch (le16_to_cpu(res->tag)) {
534 case UNI_ALL_STA_TXRX_RATE:
535 wlan_idx = le16_to_cpu(res->rate[i].wlan_idx);
536 wcid = rcu_dereference(dev->mt76.wcid[wlan_idx]);
537
538 if (!wcid)
539 break;
540
541 if (mt7996_mcu_update_tx_gi(&wcid->rate, &res->rate[i]))
542 dev_err(dev->mt76.dev, "Failed to update TX GI\n");
543 break;
544 case UNI_ALL_STA_TXRX_ADM_STAT:
545 wlan_idx = le16_to_cpu(res->adm_stat[i].wlan_idx);
546 wcid = rcu_dereference(dev->mt76.wcid[wlan_idx]);
547
548 if (!wcid)
549 break;
550
551 for (ac = 0; ac < IEEE80211_NUM_ACS; ac++) {
552 wcid->stats.tx_bytes +=
553 le32_to_cpu(res->adm_stat[i].tx_bytes[ac]);
554 wcid->stats.rx_bytes +=
555 le32_to_cpu(res->adm_stat[i].rx_bytes[ac]);
556 }
557 break;
558 case UNI_ALL_STA_TXRX_MSDU_COUNT:
559 wlan_idx = le16_to_cpu(res->msdu_cnt[i].wlan_idx);
560 wcid = rcu_dereference(dev->mt76.wcid[wlan_idx]);
561
562 if (!wcid)
563 break;
564
565 wcid->stats.tx_packets +=
566 le32_to_cpu(res->msdu_cnt[i].tx_msdu_cnt);
567 wcid->stats.rx_packets +=
568 le32_to_cpu(res->msdu_cnt[i].rx_msdu_cnt);
569 break;
570 default:
571 break;
572 }
573 }
574 }
575
576 static void
mt7996_mcu_rx_thermal_notify(struct mt7996_dev * dev,struct sk_buff * skb)577 mt7996_mcu_rx_thermal_notify(struct mt7996_dev *dev, struct sk_buff *skb)
578 {
579 #define THERMAL_NOTIFY_TAG 0x4
580 #define THERMAL_NOTIFY 0x2
581 struct mt76_phy *mphy = &dev->mt76.phy;
582 struct mt7996_mcu_thermal_notify *n;
583 struct mt7996_phy *phy;
584
585 n = (struct mt7996_mcu_thermal_notify *)skb->data;
586
587 if (le16_to_cpu(n->tag) != THERMAL_NOTIFY_TAG)
588 return;
589
590 if (n->event_id != THERMAL_NOTIFY)
591 return;
592
593 if (n->band_idx > MT_BAND2)
594 return;
595
596 mphy = dev->mt76.phys[n->band_idx];
597 if (!mphy)
598 return;
599
600 phy = (struct mt7996_phy *)mphy->priv;
601 phy->throttle_state = n->duty_percent;
602 }
603
604 static void
mt7996_mcu_rx_ext_event(struct mt7996_dev * dev,struct sk_buff * skb)605 mt7996_mcu_rx_ext_event(struct mt7996_dev *dev, struct sk_buff *skb)
606 {
607 struct mt7996_mcu_rxd *rxd = (struct mt7996_mcu_rxd *)skb->data;
608
609 switch (rxd->ext_eid) {
610 case MCU_EXT_EVENT_FW_LOG_2_HOST:
611 mt7996_mcu_rx_log_message(dev, skb);
612 break;
613 default:
614 break;
615 }
616 }
617
618 static void
mt7996_mcu_rx_unsolicited_event(struct mt7996_dev * dev,struct sk_buff * skb)619 mt7996_mcu_rx_unsolicited_event(struct mt7996_dev *dev, struct sk_buff *skb)
620 {
621 struct mt7996_mcu_rxd *rxd = (struct mt7996_mcu_rxd *)skb->data;
622
623 switch (rxd->eid) {
624 case MCU_EVENT_EXT:
625 mt7996_mcu_rx_ext_event(dev, skb);
626 break;
627 case MCU_UNI_EVENT_THERMAL:
628 mt7996_mcu_rx_thermal_notify(dev, skb);
629 break;
630 default:
631 break;
632 }
633 dev_kfree_skb(skb);
634 }
635
636 static void
mt7996_mcu_wed_rro_event(struct mt7996_dev * dev,struct sk_buff * skb)637 mt7996_mcu_wed_rro_event(struct mt7996_dev *dev, struct sk_buff *skb)
638 {
639 struct mt7996_mcu_wed_rro_event *event = (void *)skb->data;
640
641 if (!dev->has_rro)
642 return;
643
644 skb_pull(skb, sizeof(struct mt7996_mcu_rxd) + 4);
645
646 switch (le16_to_cpu(event->tag)) {
647 case UNI_WED_RRO_BA_SESSION_STATUS: {
648 struct mt7996_mcu_wed_rro_ba_event *e;
649
650 while (skb->len >= sizeof(*e)) {
651 struct mt76_rx_tid *tid;
652 struct mt76_wcid *wcid;
653 u16 idx;
654
655 e = (void *)skb->data;
656 idx = le16_to_cpu(e->wlan_id);
657 if (idx >= ARRAY_SIZE(dev->mt76.wcid))
658 break;
659
660 wcid = rcu_dereference(dev->mt76.wcid[idx]);
661 if (!wcid || !wcid->sta)
662 break;
663
664 if (e->tid >= ARRAY_SIZE(wcid->aggr))
665 break;
666
667 tid = rcu_dereference(wcid->aggr[e->tid]);
668 if (!tid)
669 break;
670
671 tid->id = le16_to_cpu(e->id);
672 skb_pull(skb, sizeof(*e));
673 }
674 break;
675 }
676 case UNI_WED_RRO_BA_SESSION_DELETE: {
677 struct mt7996_mcu_wed_rro_ba_delete_event *e;
678
679 while (skb->len >= sizeof(*e)) {
680 struct mt7996_wed_rro_session_id *session;
681
682 e = (void *)skb->data;
683 session = kzalloc(sizeof(*session), GFP_ATOMIC);
684 if (!session)
685 break;
686
687 session->id = le16_to_cpu(e->session_id);
688
689 spin_lock_bh(&dev->wed_rro.lock);
690 list_add_tail(&session->list, &dev->wed_rro.poll_list);
691 spin_unlock_bh(&dev->wed_rro.lock);
692
693 ieee80211_queue_work(mt76_hw(dev), &dev->wed_rro.work);
694 skb_pull(skb, sizeof(*e));
695 }
696 break;
697 }
698 default:
699 break;
700 }
701 }
702
703 static void
mt7996_mcu_uni_rx_unsolicited_event(struct mt7996_dev * dev,struct sk_buff * skb)704 mt7996_mcu_uni_rx_unsolicited_event(struct mt7996_dev *dev, struct sk_buff *skb)
705 {
706 struct mt7996_mcu_rxd *rxd = (struct mt7996_mcu_rxd *)skb->data;
707
708 switch (rxd->eid) {
709 case MCU_UNI_EVENT_FW_LOG_2_HOST:
710 mt7996_mcu_rx_log_message(dev, skb);
711 break;
712 case MCU_UNI_EVENT_IE_COUNTDOWN:
713 mt7996_mcu_ie_countdown(dev, skb);
714 break;
715 case MCU_UNI_EVENT_RDD_REPORT:
716 mt7996_mcu_rx_radar_detected(dev, skb);
717 break;
718 case MCU_UNI_EVENT_ALL_STA_INFO:
719 mt7996_mcu_rx_all_sta_info_event(dev, skb);
720 break;
721 case MCU_UNI_EVENT_WED_RRO:
722 mt7996_mcu_wed_rro_event(dev, skb);
723 break;
724 default:
725 break;
726 }
727 dev_kfree_skb(skb);
728 }
729
mt7996_mcu_rx_event(struct mt7996_dev * dev,struct sk_buff * skb)730 void mt7996_mcu_rx_event(struct mt7996_dev *dev, struct sk_buff *skb)
731 {
732 struct mt7996_mcu_rxd *rxd = (struct mt7996_mcu_rxd *)skb->data;
733
734 if (rxd->option & MCU_UNI_CMD_UNSOLICITED_EVENT) {
735 mt7996_mcu_uni_rx_unsolicited_event(dev, skb);
736 return;
737 }
738
739 /* WA still uses legacy event*/
740 if (rxd->ext_eid == MCU_EXT_EVENT_FW_LOG_2_HOST ||
741 !rxd->seq)
742 mt7996_mcu_rx_unsolicited_event(dev, skb);
743 else
744 mt76_mcu_rx_event(&dev->mt76, skb);
745 }
746
747 static struct tlv *
mt7996_mcu_add_uni_tlv(struct sk_buff * skb,u16 tag,u16 len)748 mt7996_mcu_add_uni_tlv(struct sk_buff *skb, u16 tag, u16 len)
749 {
750 struct tlv *ptlv = skb_put_zero(skb, len);
751
752 ptlv->tag = cpu_to_le16(tag);
753 ptlv->len = cpu_to_le16(len);
754
755 return ptlv;
756 }
757
758 static void
mt7996_mcu_bss_rfch_tlv(struct sk_buff * skb,struct mt7996_phy * phy)759 mt7996_mcu_bss_rfch_tlv(struct sk_buff *skb, struct mt7996_phy *phy)
760 {
761 static const u8 rlm_ch_band[] = {
762 [NL80211_BAND_2GHZ] = 1,
763 [NL80211_BAND_5GHZ] = 2,
764 [NL80211_BAND_6GHZ] = 3,
765 };
766 struct cfg80211_chan_def *chandef = &phy->mt76->chandef;
767 struct bss_rlm_tlv *ch;
768 struct tlv *tlv;
769 int freq1 = chandef->center_freq1;
770
771 tlv = mt7996_mcu_add_uni_tlv(skb, UNI_BSS_INFO_RLM, sizeof(*ch));
772
773 ch = (struct bss_rlm_tlv *)tlv;
774 ch->control_channel = chandef->chan->hw_value;
775 ch->center_chan = ieee80211_frequency_to_channel(freq1);
776 ch->bw = mt76_connac_chan_bw(chandef);
777 ch->tx_streams = hweight8(phy->mt76->antenna_mask);
778 ch->rx_streams = hweight8(phy->mt76->antenna_mask);
779 ch->band = rlm_ch_band[chandef->chan->band];
780
781 if (chandef->width == NL80211_CHAN_WIDTH_80P80) {
782 int freq2 = chandef->center_freq2;
783
784 ch->center_chan2 = ieee80211_frequency_to_channel(freq2);
785 }
786 }
787
788 static void
mt7996_mcu_bss_ra_tlv(struct sk_buff * skb,struct mt7996_phy * phy)789 mt7996_mcu_bss_ra_tlv(struct sk_buff *skb, struct mt7996_phy *phy)
790 {
791 struct bss_ra_tlv *ra;
792 struct tlv *tlv;
793
794 tlv = mt7996_mcu_add_uni_tlv(skb, UNI_BSS_INFO_RA, sizeof(*ra));
795
796 ra = (struct bss_ra_tlv *)tlv;
797 ra->short_preamble = true;
798 }
799
800 static void
mt7996_mcu_bss_he_tlv(struct sk_buff * skb,struct ieee80211_vif * vif,struct ieee80211_bss_conf * link_conf,struct mt7996_phy * phy)801 mt7996_mcu_bss_he_tlv(struct sk_buff *skb, struct ieee80211_vif *vif,
802 struct ieee80211_bss_conf *link_conf,
803 struct mt7996_phy *phy)
804 {
805 #define DEFAULT_HE_PE_DURATION 4
806 #define DEFAULT_HE_DURATION_RTS_THRES 1023
807 const struct ieee80211_sta_he_cap *cap;
808 struct bss_info_uni_he *he;
809 struct tlv *tlv;
810
811 cap = mt76_connac_get_he_phy_cap(phy->mt76, vif);
812
813 tlv = mt7996_mcu_add_uni_tlv(skb, UNI_BSS_INFO_HE_BASIC, sizeof(*he));
814
815 he = (struct bss_info_uni_he *)tlv;
816 he->he_pe_duration = link_conf->htc_trig_based_pkt_ext;
817 if (!he->he_pe_duration)
818 he->he_pe_duration = DEFAULT_HE_PE_DURATION;
819
820 he->he_rts_thres = cpu_to_le16(link_conf->frame_time_rts_th);
821 if (!he->he_rts_thres)
822 he->he_rts_thres = cpu_to_le16(DEFAULT_HE_DURATION_RTS_THRES);
823
824 he->max_nss_mcs[CMD_HE_MCS_BW80] = cap->he_mcs_nss_supp.tx_mcs_80;
825 he->max_nss_mcs[CMD_HE_MCS_BW160] = cap->he_mcs_nss_supp.tx_mcs_160;
826 he->max_nss_mcs[CMD_HE_MCS_BW8080] = cap->he_mcs_nss_supp.tx_mcs_80p80;
827 }
828
829 static void
mt7996_mcu_bss_mbssid_tlv(struct sk_buff * skb,struct ieee80211_bss_conf * link_conf,bool enable)830 mt7996_mcu_bss_mbssid_tlv(struct sk_buff *skb, struct ieee80211_bss_conf *link_conf,
831 bool enable)
832 {
833 struct bss_info_uni_mbssid *mbssid;
834 struct tlv *tlv;
835
836 if (!link_conf->bssid_indicator && enable)
837 return;
838
839 tlv = mt7996_mcu_add_uni_tlv(skb, UNI_BSS_INFO_11V_MBSSID, sizeof(*mbssid));
840
841 mbssid = (struct bss_info_uni_mbssid *)tlv;
842
843 if (enable) {
844 mbssid->max_indicator = link_conf->bssid_indicator;
845 mbssid->mbss_idx = link_conf->bssid_index;
846 mbssid->tx_bss_omac_idx = 0;
847 }
848 }
849
850 static void
mt7996_mcu_bss_bmc_tlv(struct sk_buff * skb,struct mt76_vif_link * mlink,struct mt7996_phy * phy)851 mt7996_mcu_bss_bmc_tlv(struct sk_buff *skb, struct mt76_vif_link *mlink,
852 struct mt7996_phy *phy)
853 {
854 struct bss_rate_tlv *bmc;
855 struct cfg80211_chan_def *chandef = &phy->mt76->chandef;
856 enum nl80211_band band = chandef->chan->band;
857 struct tlv *tlv;
858 u8 idx = mlink->mcast_rates_idx ?
859 mlink->mcast_rates_idx : mlink->basic_rates_idx;
860
861 tlv = mt7996_mcu_add_uni_tlv(skb, UNI_BSS_INFO_RATE, sizeof(*bmc));
862
863 bmc = (struct bss_rate_tlv *)tlv;
864
865 bmc->short_preamble = (band == NL80211_BAND_2GHZ);
866 bmc->bc_fixed_rate = idx;
867 bmc->mc_fixed_rate = idx;
868 }
869
870 static void
mt7996_mcu_bss_txcmd_tlv(struct sk_buff * skb,bool en)871 mt7996_mcu_bss_txcmd_tlv(struct sk_buff *skb, bool en)
872 {
873 struct bss_txcmd_tlv *txcmd;
874 struct tlv *tlv;
875
876 tlv = mt7996_mcu_add_uni_tlv(skb, UNI_BSS_INFO_TXCMD, sizeof(*txcmd));
877
878 txcmd = (struct bss_txcmd_tlv *)tlv;
879 txcmd->txcmd_mode = en;
880 }
881
882 static void
mt7996_mcu_bss_mld_tlv(struct sk_buff * skb,struct mt76_vif_link * mlink)883 mt7996_mcu_bss_mld_tlv(struct sk_buff *skb, struct mt76_vif_link *mlink)
884 {
885 struct bss_mld_tlv *mld;
886 struct tlv *tlv;
887
888 tlv = mt7996_mcu_add_uni_tlv(skb, UNI_BSS_INFO_MLD, sizeof(*mld));
889
890 mld = (struct bss_mld_tlv *)tlv;
891 mld->group_mld_id = 0xff;
892 mld->own_mld_id = mlink->idx;
893 mld->remap_idx = 0xff;
894 }
895
896 static void
mt7996_mcu_bss_sec_tlv(struct sk_buff * skb,struct mt76_vif_link * mlink)897 mt7996_mcu_bss_sec_tlv(struct sk_buff *skb, struct mt76_vif_link *mlink)
898 {
899 struct bss_sec_tlv *sec;
900 struct tlv *tlv;
901
902 tlv = mt7996_mcu_add_uni_tlv(skb, UNI_BSS_INFO_SEC, sizeof(*sec));
903
904 sec = (struct bss_sec_tlv *)tlv;
905 sec->cipher = mlink->cipher;
906 }
907
908 static int
mt7996_mcu_muar_config(struct mt7996_dev * dev,struct mt76_vif_link * mlink,const u8 * addr,bool bssid,bool enable)909 mt7996_mcu_muar_config(struct mt7996_dev *dev, struct mt76_vif_link *mlink,
910 const u8 *addr, bool bssid, bool enable)
911 {
912 #define UNI_MUAR_ENTRY 2
913 u32 idx = mlink->omac_idx - REPEATER_BSSID_START;
914 struct {
915 struct {
916 u8 band;
917 u8 __rsv[3];
918 } hdr;
919
920 __le16 tag;
921 __le16 len;
922
923 bool smesh;
924 u8 bssid;
925 u8 index;
926 u8 entry_add;
927 u8 addr[ETH_ALEN];
928 u8 __rsv[2];
929 } __packed req = {
930 .hdr.band = mlink->band_idx,
931 .tag = cpu_to_le16(UNI_MUAR_ENTRY),
932 .len = cpu_to_le16(sizeof(req) - sizeof(req.hdr)),
933 .smesh = false,
934 .index = idx * 2 + bssid,
935 .entry_add = true,
936 };
937
938 if (enable)
939 memcpy(req.addr, addr, ETH_ALEN);
940
941 return mt76_mcu_send_msg(&dev->mt76, MCU_WM_UNI_CMD(REPT_MUAR), &req,
942 sizeof(req), true);
943 }
944
945 static void
mt7996_mcu_bss_ifs_timing_tlv(struct sk_buff * skb,struct mt7996_phy * phy)946 mt7996_mcu_bss_ifs_timing_tlv(struct sk_buff *skb, struct mt7996_phy *phy)
947 {
948 struct bss_ifs_time_tlv *ifs_time;
949 struct tlv *tlv;
950 bool is_2ghz = phy->mt76->chandef.chan->band == NL80211_BAND_2GHZ;
951
952 tlv = mt7996_mcu_add_uni_tlv(skb, UNI_BSS_INFO_IFS_TIME, sizeof(*ifs_time));
953
954 ifs_time = (struct bss_ifs_time_tlv *)tlv;
955 ifs_time->slot_valid = true;
956 ifs_time->sifs_valid = true;
957 ifs_time->rifs_valid = true;
958 ifs_time->eifs_valid = true;
959
960 ifs_time->slot_time = cpu_to_le16(phy->slottime);
961 ifs_time->sifs_time = cpu_to_le16(10);
962 ifs_time->rifs_time = cpu_to_le16(2);
963 ifs_time->eifs_time = cpu_to_le16(is_2ghz ? 78 : 84);
964
965 if (is_2ghz) {
966 ifs_time->eifs_cck_valid = true;
967 ifs_time->eifs_cck_time = cpu_to_le16(314);
968 }
969 }
970
971 static int
mt7996_mcu_bss_basic_tlv(struct sk_buff * skb,struct ieee80211_vif * vif,struct ieee80211_bss_conf * link_conf,struct mt76_vif_link * mvif,struct mt76_phy * phy,u16 wlan_idx,bool enable)972 mt7996_mcu_bss_basic_tlv(struct sk_buff *skb,
973 struct ieee80211_vif *vif,
974 struct ieee80211_bss_conf *link_conf,
975 struct mt76_vif_link *mvif,
976 struct mt76_phy *phy, u16 wlan_idx,
977 bool enable)
978 {
979 struct cfg80211_chan_def *chandef = &phy->chandef;
980 struct mt76_connac_bss_basic_tlv *bss;
981 u32 type = CONNECTION_INFRA_AP;
982 u16 sta_wlan_idx = wlan_idx;
983 struct ieee80211_sta *sta;
984 struct tlv *tlv;
985 int idx;
986
987 switch (vif->type) {
988 case NL80211_IFTYPE_MESH_POINT:
989 case NL80211_IFTYPE_AP:
990 case NL80211_IFTYPE_MONITOR:
991 break;
992 case NL80211_IFTYPE_STATION:
993 if (enable) {
994 rcu_read_lock();
995 sta = ieee80211_find_sta(vif, vif->bss_conf.bssid);
996 /* TODO: enable BSS_INFO_UAPSD & BSS_INFO_PM */
997 if (sta) {
998 struct mt76_wcid *wcid;
999
1000 wcid = (struct mt76_wcid *)sta->drv_priv;
1001 sta_wlan_idx = wcid->idx;
1002 }
1003 rcu_read_unlock();
1004 }
1005 type = CONNECTION_INFRA_STA;
1006 break;
1007 case NL80211_IFTYPE_ADHOC:
1008 type = CONNECTION_IBSS_ADHOC;
1009 break;
1010 default:
1011 WARN_ON(1);
1012 break;
1013 }
1014
1015 tlv = mt7996_mcu_add_uni_tlv(skb, UNI_BSS_INFO_BASIC, sizeof(*bss));
1016
1017 bss = (struct mt76_connac_bss_basic_tlv *)tlv;
1018 bss->bcn_interval = cpu_to_le16(link_conf->beacon_int);
1019 bss->dtim_period = link_conf->dtim_period;
1020 bss->bmc_tx_wlan_idx = cpu_to_le16(wlan_idx);
1021 bss->sta_idx = cpu_to_le16(sta_wlan_idx);
1022 bss->conn_type = cpu_to_le32(type);
1023 bss->omac_idx = mvif->omac_idx;
1024 bss->band_idx = mvif->band_idx;
1025 bss->wmm_idx = mvif->wmm_idx;
1026 bss->conn_state = !enable;
1027 bss->active = enable;
1028
1029 idx = mvif->omac_idx > EXT_BSSID_START ? HW_BSSID_0 : mvif->omac_idx;
1030 bss->hw_bss_idx = idx;
1031
1032 if (vif->type == NL80211_IFTYPE_MONITOR) {
1033 memcpy(bss->bssid, phy->macaddr, ETH_ALEN);
1034 return 0;
1035 }
1036
1037 memcpy(bss->bssid, link_conf->bssid, ETH_ALEN);
1038 bss->bcn_interval = cpu_to_le16(link_conf->beacon_int);
1039 bss->dtim_period = vif->bss_conf.dtim_period;
1040 bss->phymode = mt76_connac_get_phy_mode(phy, vif,
1041 chandef->chan->band, NULL);
1042 bss->phymode_ext = mt76_connac_get_phy_mode_ext(phy, &vif->bss_conf,
1043 chandef->chan->band);
1044
1045 return 0;
1046 }
1047
1048 static struct sk_buff *
__mt7996_mcu_alloc_bss_req(struct mt76_dev * dev,struct mt76_vif_link * mvif,int len)1049 __mt7996_mcu_alloc_bss_req(struct mt76_dev *dev, struct mt76_vif_link *mvif, int len)
1050 {
1051 struct bss_req_hdr hdr = {
1052 .bss_idx = mvif->idx,
1053 };
1054 struct sk_buff *skb;
1055
1056 skb = mt76_mcu_msg_alloc(dev, NULL, len);
1057 if (!skb)
1058 return ERR_PTR(-ENOMEM);
1059
1060 skb_put_data(skb, &hdr, sizeof(hdr));
1061
1062 return skb;
1063 }
1064
mt7996_mcu_add_bss_info(struct mt7996_phy * phy,struct ieee80211_vif * vif,struct ieee80211_bss_conf * link_conf,struct mt76_vif_link * mlink,struct mt7996_sta_link * msta_link,int enable)1065 int mt7996_mcu_add_bss_info(struct mt7996_phy *phy, struct ieee80211_vif *vif,
1066 struct ieee80211_bss_conf *link_conf,
1067 struct mt76_vif_link *mlink,
1068 struct mt7996_sta_link *msta_link, int enable)
1069 {
1070 struct mt7996_dev *dev = phy->dev;
1071 struct sk_buff *skb;
1072
1073 if (mlink->omac_idx >= REPEATER_BSSID_START) {
1074 mt7996_mcu_muar_config(dev, mlink, link_conf->addr, false, enable);
1075 mt7996_mcu_muar_config(dev, mlink, link_conf->bssid, true, enable);
1076 }
1077
1078 skb = __mt7996_mcu_alloc_bss_req(&dev->mt76, mlink,
1079 MT7996_BSS_UPDATE_MAX_SIZE);
1080 if (IS_ERR(skb))
1081 return PTR_ERR(skb);
1082
1083 /* bss_basic must be first */
1084 mt7996_mcu_bss_basic_tlv(skb, vif, link_conf, mlink, phy->mt76,
1085 msta_link->wcid.idx, enable);
1086 mt7996_mcu_bss_sec_tlv(skb, mlink);
1087
1088 if (vif->type == NL80211_IFTYPE_MONITOR)
1089 goto out;
1090
1091 if (enable) {
1092 mt7996_mcu_bss_rfch_tlv(skb, phy);
1093 mt7996_mcu_bss_bmc_tlv(skb, mlink, phy);
1094 mt7996_mcu_bss_ra_tlv(skb, phy);
1095 mt7996_mcu_bss_txcmd_tlv(skb, true);
1096 mt7996_mcu_bss_ifs_timing_tlv(skb, phy);
1097
1098 if (vif->bss_conf.he_support)
1099 mt7996_mcu_bss_he_tlv(skb, vif, link_conf, phy);
1100
1101 /* this tag is necessary no matter if the vif is MLD */
1102 mt7996_mcu_bss_mld_tlv(skb, mlink);
1103 }
1104
1105 mt7996_mcu_bss_mbssid_tlv(skb, link_conf, enable);
1106
1107 out:
1108 return mt76_mcu_skb_send_msg(&dev->mt76, skb,
1109 MCU_WMWA_UNI_CMD(BSS_INFO_UPDATE), true);
1110 }
1111
mt7996_mcu_set_timing(struct mt7996_phy * phy,struct ieee80211_vif * vif,struct ieee80211_bss_conf * link_conf)1112 int mt7996_mcu_set_timing(struct mt7996_phy *phy, struct ieee80211_vif *vif,
1113 struct ieee80211_bss_conf *link_conf)
1114 {
1115 struct mt7996_dev *dev = phy->dev;
1116 struct mt76_vif_link *mlink = mt76_vif_conf_link(&dev->mt76, vif, link_conf);
1117 struct sk_buff *skb;
1118
1119 skb = __mt7996_mcu_alloc_bss_req(&dev->mt76, mlink,
1120 MT7996_BSS_UPDATE_MAX_SIZE);
1121 if (IS_ERR(skb))
1122 return PTR_ERR(skb);
1123
1124 mt7996_mcu_bss_ifs_timing_tlv(skb, phy);
1125
1126 return mt76_mcu_skb_send_msg(&dev->mt76, skb,
1127 MCU_WMWA_UNI_CMD(BSS_INFO_UPDATE), true);
1128 }
1129
1130 static int
mt7996_mcu_sta_ba(struct mt7996_dev * dev,struct mt76_vif_link * mvif,struct ieee80211_ampdu_params * params,bool enable,bool tx)1131 mt7996_mcu_sta_ba(struct mt7996_dev *dev, struct mt76_vif_link *mvif,
1132 struct ieee80211_ampdu_params *params,
1133 bool enable, bool tx)
1134 {
1135 struct mt76_wcid *wcid = (struct mt76_wcid *)params->sta->drv_priv;
1136 struct sta_rec_ba_uni *ba;
1137 struct sk_buff *skb;
1138 struct tlv *tlv;
1139
1140 skb = __mt76_connac_mcu_alloc_sta_req(&dev->mt76, mvif, wcid,
1141 MT7996_STA_UPDATE_MAX_SIZE);
1142 if (IS_ERR(skb))
1143 return PTR_ERR(skb);
1144
1145 tlv = mt76_connac_mcu_add_tlv(skb, STA_REC_BA, sizeof(*ba));
1146
1147 ba = (struct sta_rec_ba_uni *)tlv;
1148 ba->ba_type = tx ? MT_BA_TYPE_ORIGINATOR : MT_BA_TYPE_RECIPIENT;
1149 ba->winsize = cpu_to_le16(params->buf_size);
1150 ba->ssn = cpu_to_le16(params->ssn);
1151 ba->ba_en = enable << params->tid;
1152 ba->amsdu = params->amsdu;
1153 ba->tid = params->tid;
1154 ba->ba_rdd_rro = !tx && enable && dev->has_rro;
1155
1156 return mt76_mcu_skb_send_msg(&dev->mt76, skb,
1157 MCU_WMWA_UNI_CMD(STA_REC_UPDATE), true);
1158 }
1159
1160 /** starec & wtbl **/
mt7996_mcu_add_tx_ba(struct mt7996_dev * dev,struct ieee80211_ampdu_params * params,struct mt7996_vif_link * link,struct mt7996_sta_link * msta_link,bool enable)1161 int mt7996_mcu_add_tx_ba(struct mt7996_dev *dev,
1162 struct ieee80211_ampdu_params *params,
1163 struct mt7996_vif_link *link,
1164 struct mt7996_sta_link *msta_link, bool enable)
1165 {
1166 if (enable && !params->amsdu)
1167 msta_link->wcid.amsdu = false;
1168
1169 return mt7996_mcu_sta_ba(dev, &link->mt76, params, enable, true);
1170 }
1171
mt7996_mcu_add_rx_ba(struct mt7996_dev * dev,struct ieee80211_ampdu_params * params,struct mt7996_vif_link * link,bool enable)1172 int mt7996_mcu_add_rx_ba(struct mt7996_dev *dev,
1173 struct ieee80211_ampdu_params *params,
1174 struct mt7996_vif_link *link, bool enable)
1175 {
1176 return mt7996_mcu_sta_ba(dev, &link->mt76, params, enable, false);
1177 }
1178
1179 static void
mt7996_mcu_sta_he_tlv(struct sk_buff * skb,struct ieee80211_link_sta * link_sta,struct mt7996_vif_link * link)1180 mt7996_mcu_sta_he_tlv(struct sk_buff *skb,
1181 struct ieee80211_link_sta *link_sta,
1182 struct mt7996_vif_link *link)
1183 {
1184 struct ieee80211_he_cap_elem *elem = &link_sta->he_cap.he_cap_elem;
1185 struct ieee80211_he_mcs_nss_supp mcs_map;
1186 struct sta_rec_he_v2 *he;
1187 struct tlv *tlv;
1188 int i = 0;
1189
1190 if (!link_sta->he_cap.has_he)
1191 return;
1192
1193 tlv = mt76_connac_mcu_add_tlv(skb, STA_REC_HE_V2, sizeof(*he));
1194
1195 he = (struct sta_rec_he_v2 *)tlv;
1196 for (i = 0; i < 11; i++) {
1197 if (i < 6)
1198 he->he_mac_cap[i] = elem->mac_cap_info[i];
1199 he->he_phy_cap[i] = elem->phy_cap_info[i];
1200 }
1201
1202 mcs_map = link_sta->he_cap.he_mcs_nss_supp;
1203 switch (link_sta->bandwidth) {
1204 case IEEE80211_STA_RX_BW_160:
1205 if (elem->phy_cap_info[0] &
1206 IEEE80211_HE_PHY_CAP0_CHANNEL_WIDTH_SET_80PLUS80_MHZ_IN_5G)
1207 mt7996_mcu_set_sta_he_mcs(link_sta, link,
1208 &he->max_nss_mcs[CMD_HE_MCS_BW8080],
1209 le16_to_cpu(mcs_map.rx_mcs_80p80));
1210
1211 mt7996_mcu_set_sta_he_mcs(link_sta, link,
1212 &he->max_nss_mcs[CMD_HE_MCS_BW160],
1213 le16_to_cpu(mcs_map.rx_mcs_160));
1214 fallthrough;
1215 default:
1216 mt7996_mcu_set_sta_he_mcs(link_sta, link,
1217 &he->max_nss_mcs[CMD_HE_MCS_BW80],
1218 le16_to_cpu(mcs_map.rx_mcs_80));
1219 break;
1220 }
1221
1222 he->pkt_ext = 2;
1223 }
1224
1225 static void
mt7996_mcu_sta_he_6g_tlv(struct sk_buff * skb,struct ieee80211_link_sta * link_sta)1226 mt7996_mcu_sta_he_6g_tlv(struct sk_buff *skb,
1227 struct ieee80211_link_sta *link_sta)
1228 {
1229 struct sta_rec_he_6g_capa *he_6g;
1230 struct tlv *tlv;
1231
1232 if (!link_sta->he_6ghz_capa.capa)
1233 return;
1234
1235 tlv = mt76_connac_mcu_add_tlv(skb, STA_REC_HE_6G, sizeof(*he_6g));
1236
1237 he_6g = (struct sta_rec_he_6g_capa *)tlv;
1238 he_6g->capa = link_sta->he_6ghz_capa.capa;
1239 }
1240
1241 static void
mt7996_mcu_sta_eht_tlv(struct sk_buff * skb,struct ieee80211_link_sta * link_sta)1242 mt7996_mcu_sta_eht_tlv(struct sk_buff *skb,
1243 struct ieee80211_link_sta *link_sta)
1244 {
1245 struct mt7996_sta *msta = (struct mt7996_sta *)link_sta->sta->drv_priv;
1246 struct ieee80211_vif *vif = container_of((void *)msta->vif,
1247 struct ieee80211_vif, drv_priv);
1248 struct ieee80211_eht_mcs_nss_supp *mcs_map;
1249 struct ieee80211_eht_cap_elem_fixed *elem;
1250 struct sta_rec_eht *eht;
1251 struct tlv *tlv;
1252
1253 if (!link_sta->eht_cap.has_eht)
1254 return;
1255
1256 mcs_map = &link_sta->eht_cap.eht_mcs_nss_supp;
1257 elem = &link_sta->eht_cap.eht_cap_elem;
1258
1259 tlv = mt76_connac_mcu_add_tlv(skb, STA_REC_EHT, sizeof(*eht));
1260
1261 eht = (struct sta_rec_eht *)tlv;
1262 eht->tid_bitmap = 0xff;
1263 eht->mac_cap = cpu_to_le16(*(u16 *)elem->mac_cap_info);
1264 eht->phy_cap = cpu_to_le64(*(u64 *)elem->phy_cap_info);
1265 eht->phy_cap_ext = cpu_to_le64(elem->phy_cap_info[8]);
1266
1267 if (vif->type != NL80211_IFTYPE_STATION &&
1268 (link_sta->he_cap.he_cap_elem.phy_cap_info[0] &
1269 (IEEE80211_HE_PHY_CAP0_CHANNEL_WIDTH_SET_40MHZ_IN_2G |
1270 IEEE80211_HE_PHY_CAP0_CHANNEL_WIDTH_SET_40MHZ_80MHZ_IN_5G |
1271 IEEE80211_HE_PHY_CAP0_CHANNEL_WIDTH_SET_160MHZ_IN_5G |
1272 IEEE80211_HE_PHY_CAP0_CHANNEL_WIDTH_SET_80PLUS80_MHZ_IN_5G)) == 0) {
1273 memcpy(eht->mcs_map_bw20, &mcs_map->only_20mhz,
1274 sizeof(eht->mcs_map_bw20));
1275 return;
1276 }
1277
1278 memcpy(eht->mcs_map_bw80, &mcs_map->bw._80, sizeof(eht->mcs_map_bw80));
1279 memcpy(eht->mcs_map_bw160, &mcs_map->bw._160, sizeof(eht->mcs_map_bw160));
1280 memcpy(eht->mcs_map_bw320, &mcs_map->bw._320, sizeof(eht->mcs_map_bw320));
1281 }
1282
1283 static void
mt7996_mcu_sta_ht_tlv(struct sk_buff * skb,struct ieee80211_link_sta * link_sta)1284 mt7996_mcu_sta_ht_tlv(struct sk_buff *skb, struct ieee80211_link_sta *link_sta)
1285 {
1286 struct sta_rec_ht_uni *ht;
1287 struct tlv *tlv;
1288
1289 if (!link_sta->ht_cap.ht_supported)
1290 return;
1291
1292 tlv = mt76_connac_mcu_add_tlv(skb, STA_REC_HT, sizeof(*ht));
1293
1294 ht = (struct sta_rec_ht_uni *)tlv;
1295 ht->ht_cap = cpu_to_le16(link_sta->ht_cap.cap);
1296 ht->ampdu_param = u8_encode_bits(link_sta->ht_cap.ampdu_factor,
1297 IEEE80211_HT_AMPDU_PARM_FACTOR) |
1298 u8_encode_bits(link_sta->ht_cap.ampdu_density,
1299 IEEE80211_HT_AMPDU_PARM_DENSITY);
1300 }
1301
1302 static void
mt7996_mcu_sta_vht_tlv(struct sk_buff * skb,struct ieee80211_link_sta * link_sta)1303 mt7996_mcu_sta_vht_tlv(struct sk_buff *skb, struct ieee80211_link_sta *link_sta)
1304 {
1305 struct sta_rec_vht *vht;
1306 struct tlv *tlv;
1307
1308 /* For 6G band, this tlv is necessary to let hw work normally */
1309 if (!link_sta->he_6ghz_capa.capa && !link_sta->vht_cap.vht_supported)
1310 return;
1311
1312 tlv = mt76_connac_mcu_add_tlv(skb, STA_REC_VHT, sizeof(*vht));
1313
1314 vht = (struct sta_rec_vht *)tlv;
1315 vht->vht_cap = cpu_to_le32(link_sta->vht_cap.cap);
1316 vht->vht_rx_mcs_map = link_sta->vht_cap.vht_mcs.rx_mcs_map;
1317 vht->vht_tx_mcs_map = link_sta->vht_cap.vht_mcs.tx_mcs_map;
1318 }
1319
1320 static void
mt7996_mcu_sta_amsdu_tlv(struct mt7996_dev * dev,struct sk_buff * skb,struct ieee80211_vif * vif,struct ieee80211_link_sta * link_sta,struct mt7996_sta_link * msta_link)1321 mt7996_mcu_sta_amsdu_tlv(struct mt7996_dev *dev, struct sk_buff *skb,
1322 struct ieee80211_vif *vif,
1323 struct ieee80211_link_sta *link_sta,
1324 struct mt7996_sta_link *msta_link)
1325 {
1326 struct sta_rec_amsdu *amsdu;
1327 struct tlv *tlv;
1328
1329 if (vif->type != NL80211_IFTYPE_STATION &&
1330 vif->type != NL80211_IFTYPE_MESH_POINT &&
1331 vif->type != NL80211_IFTYPE_AP)
1332 return;
1333
1334 if (!link_sta->agg.max_amsdu_len)
1335 return;
1336
1337 tlv = mt76_connac_mcu_add_tlv(skb, STA_REC_HW_AMSDU, sizeof(*amsdu));
1338 amsdu = (struct sta_rec_amsdu *)tlv;
1339 amsdu->max_amsdu_num = 8;
1340 amsdu->amsdu_en = true;
1341 msta_link->wcid.amsdu = true;
1342
1343 switch (link_sta->agg.max_amsdu_len) {
1344 case IEEE80211_MAX_MPDU_LEN_VHT_11454:
1345 amsdu->max_mpdu_size =
1346 IEEE80211_VHT_CAP_MAX_MPDU_LENGTH_11454;
1347 return;
1348 case IEEE80211_MAX_MPDU_LEN_HT_7935:
1349 case IEEE80211_MAX_MPDU_LEN_VHT_7991:
1350 amsdu->max_mpdu_size = IEEE80211_VHT_CAP_MAX_MPDU_LENGTH_7991;
1351 return;
1352 default:
1353 amsdu->max_mpdu_size = IEEE80211_VHT_CAP_MAX_MPDU_LENGTH_3895;
1354 return;
1355 }
1356 }
1357
1358 static void
mt7996_mcu_sta_muru_tlv(struct mt7996_dev * dev,struct sk_buff * skb,struct ieee80211_bss_conf * link_conf,struct ieee80211_link_sta * link_sta)1359 mt7996_mcu_sta_muru_tlv(struct mt7996_dev *dev, struct sk_buff *skb,
1360 struct ieee80211_bss_conf *link_conf,
1361 struct ieee80211_link_sta *link_sta)
1362 {
1363 struct ieee80211_he_cap_elem *elem = &link_sta->he_cap.he_cap_elem;
1364 struct sta_rec_muru *muru;
1365 struct tlv *tlv;
1366
1367 if (link_conf->vif->type != NL80211_IFTYPE_STATION &&
1368 link_conf->vif->type != NL80211_IFTYPE_AP)
1369 return;
1370
1371 tlv = mt76_connac_mcu_add_tlv(skb, STA_REC_MURU, sizeof(*muru));
1372
1373 muru = (struct sta_rec_muru *)tlv;
1374 muru->cfg.mimo_dl_en = link_conf->eht_mu_beamformer ||
1375 link_conf->he_mu_beamformer ||
1376 link_conf->vht_mu_beamformer ||
1377 link_conf->vht_mu_beamformee;
1378 muru->cfg.ofdma_dl_en = true;
1379
1380 if (link_sta->vht_cap.vht_supported)
1381 muru->mimo_dl.vht_mu_bfee =
1382 !!(link_sta->vht_cap.cap & IEEE80211_VHT_CAP_MU_BEAMFORMEE_CAPABLE);
1383
1384 if (!link_sta->he_cap.has_he)
1385 return;
1386
1387 muru->mimo_dl.partial_bw_dl_mimo =
1388 HE_PHY(CAP6_PARTIAL_BANDWIDTH_DL_MUMIMO, elem->phy_cap_info[6]);
1389
1390 muru->mimo_ul.full_ul_mimo =
1391 HE_PHY(CAP2_UL_MU_FULL_MU_MIMO, elem->phy_cap_info[2]);
1392 muru->mimo_ul.partial_ul_mimo =
1393 HE_PHY(CAP2_UL_MU_PARTIAL_MU_MIMO, elem->phy_cap_info[2]);
1394
1395 muru->ofdma_dl.punc_pream_rx =
1396 HE_PHY(CAP1_PREAMBLE_PUNC_RX_MASK, elem->phy_cap_info[1]);
1397 muru->ofdma_dl.he_20m_in_40m_2g =
1398 HE_PHY(CAP8_20MHZ_IN_40MHZ_HE_PPDU_IN_2G, elem->phy_cap_info[8]);
1399 muru->ofdma_dl.he_20m_in_160m =
1400 HE_PHY(CAP8_20MHZ_IN_160MHZ_HE_PPDU, elem->phy_cap_info[8]);
1401 muru->ofdma_dl.he_80m_in_160m =
1402 HE_PHY(CAP8_80MHZ_IN_160MHZ_HE_PPDU, elem->phy_cap_info[8]);
1403
1404 muru->ofdma_ul.t_frame_dur =
1405 HE_MAC(CAP1_TF_MAC_PAD_DUR_MASK, elem->mac_cap_info[1]);
1406 muru->ofdma_ul.mu_cascading =
1407 HE_MAC(CAP2_MU_CASCADING, elem->mac_cap_info[2]);
1408 muru->ofdma_ul.uo_ra =
1409 HE_MAC(CAP3_OFDMA_RA, elem->mac_cap_info[3]);
1410 muru->ofdma_ul.rx_ctrl_frame_to_mbss =
1411 HE_MAC(CAP3_RX_CTRL_FRAME_TO_MULTIBSS, elem->mac_cap_info[3]);
1412 }
1413
1414 static inline bool
mt7996_is_ebf_supported(struct mt7996_phy * phy,struct ieee80211_bss_conf * link_conf,struct ieee80211_link_sta * link_sta,bool bfee)1415 mt7996_is_ebf_supported(struct mt7996_phy *phy,
1416 struct ieee80211_bss_conf *link_conf,
1417 struct ieee80211_link_sta *link_sta, bool bfee)
1418 {
1419 int sts = hweight16(phy->mt76->chainmask);
1420
1421 if (link_conf->vif->type != NL80211_IFTYPE_STATION &&
1422 link_conf->vif->type != NL80211_IFTYPE_AP)
1423 return false;
1424
1425 if (!bfee && sts < 2)
1426 return false;
1427
1428 if (link_sta->eht_cap.has_eht) {
1429 struct ieee80211_sta_eht_cap *pc = &link_sta->eht_cap;
1430 struct ieee80211_eht_cap_elem_fixed *pe = &pc->eht_cap_elem;
1431
1432 if (bfee)
1433 return link_conf->eht_su_beamformee &&
1434 EHT_PHY(CAP0_SU_BEAMFORMER, pe->phy_cap_info[0]);
1435 else
1436 return link_conf->eht_su_beamformer &&
1437 EHT_PHY(CAP0_SU_BEAMFORMEE, pe->phy_cap_info[0]);
1438 }
1439
1440 if (link_sta->he_cap.has_he) {
1441 struct ieee80211_he_cap_elem *pe = &link_sta->he_cap.he_cap_elem;
1442
1443 if (bfee)
1444 return link_conf->he_su_beamformee &&
1445 HE_PHY(CAP3_SU_BEAMFORMER, pe->phy_cap_info[3]);
1446 else
1447 return link_conf->he_su_beamformer &&
1448 HE_PHY(CAP4_SU_BEAMFORMEE, pe->phy_cap_info[4]);
1449 }
1450
1451 if (link_sta->vht_cap.vht_supported) {
1452 u32 cap = link_sta->vht_cap.cap;
1453
1454 if (bfee)
1455 return link_conf->vht_su_beamformee &&
1456 (cap & IEEE80211_VHT_CAP_SU_BEAMFORMER_CAPABLE);
1457 else
1458 return link_conf->vht_su_beamformer &&
1459 (cap & IEEE80211_VHT_CAP_SU_BEAMFORMEE_CAPABLE);
1460 }
1461
1462 return false;
1463 }
1464
1465 static void
mt7996_mcu_sta_sounding_rate(struct sta_rec_bf * bf,struct mt7996_phy * phy)1466 mt7996_mcu_sta_sounding_rate(struct sta_rec_bf *bf, struct mt7996_phy *phy)
1467 {
1468 bf->sounding_phy = MT_PHY_TYPE_OFDM;
1469 bf->ndp_rate = 0; /* mcs0 */
1470 if (is_mt7996(phy->mt76->dev))
1471 bf->ndpa_rate = MT7996_CFEND_RATE_DEFAULT; /* ofdm 24m */
1472 else
1473 bf->ndpa_rate = MT7992_CFEND_RATE_DEFAULT; /* ofdm 6m */
1474
1475 bf->rept_poll_rate = MT7996_CFEND_RATE_DEFAULT; /* ofdm 24m */
1476 }
1477
1478 static void
mt7996_mcu_sta_bfer_ht(struct ieee80211_link_sta * link_sta,struct mt7996_phy * phy,struct sta_rec_bf * bf,bool explicit)1479 mt7996_mcu_sta_bfer_ht(struct ieee80211_link_sta *link_sta,
1480 struct mt7996_phy *phy, struct sta_rec_bf *bf,
1481 bool explicit)
1482 {
1483 struct ieee80211_mcs_info *mcs = &link_sta->ht_cap.mcs;
1484 u8 n = 0;
1485
1486 bf->tx_mode = MT_PHY_TYPE_HT;
1487
1488 if ((mcs->tx_params & IEEE80211_HT_MCS_TX_RX_DIFF) &&
1489 (mcs->tx_params & IEEE80211_HT_MCS_TX_DEFINED))
1490 n = FIELD_GET(IEEE80211_HT_MCS_TX_MAX_STREAMS_MASK,
1491 mcs->tx_params);
1492 else if (mcs->rx_mask[3])
1493 n = 3;
1494 else if (mcs->rx_mask[2])
1495 n = 2;
1496 else if (mcs->rx_mask[1])
1497 n = 1;
1498
1499 bf->nrow = hweight8(phy->mt76->antenna_mask) - 1;
1500 bf->ncol = min_t(u8, bf->nrow, n);
1501 bf->ibf_ncol = explicit ? min_t(u8, MT7996_IBF_MAX_NC, bf->ncol) :
1502 min_t(u8, MT7996_IBF_MAX_NC, n);
1503 }
1504
1505 static void
mt7996_mcu_sta_bfer_vht(struct ieee80211_link_sta * link_sta,struct mt7996_phy * phy,struct sta_rec_bf * bf,bool explicit)1506 mt7996_mcu_sta_bfer_vht(struct ieee80211_link_sta *link_sta,
1507 struct mt7996_phy *phy, struct sta_rec_bf *bf,
1508 bool explicit)
1509 {
1510 struct ieee80211_sta_vht_cap *pc = &link_sta->vht_cap;
1511 struct ieee80211_sta_vht_cap *vc = &phy->mt76->sband_5g.sband.vht_cap;
1512 u16 mcs_map = le16_to_cpu(pc->vht_mcs.rx_mcs_map);
1513 u8 nss_mcs = mt7996_mcu_get_sta_nss(mcs_map);
1514 u8 tx_ant = hweight8(phy->mt76->antenna_mask) - 1;
1515
1516 bf->tx_mode = MT_PHY_TYPE_VHT;
1517
1518 if (explicit) {
1519 u8 sts, snd_dim;
1520
1521 mt7996_mcu_sta_sounding_rate(bf, phy);
1522
1523 sts = FIELD_GET(IEEE80211_VHT_CAP_BEAMFORMEE_STS_MASK,
1524 pc->cap);
1525 snd_dim = FIELD_GET(IEEE80211_VHT_CAP_SOUNDING_DIMENSIONS_MASK,
1526 vc->cap);
1527 bf->nrow = min_t(u8, min_t(u8, snd_dim, sts), tx_ant);
1528 bf->ncol = min_t(u8, nss_mcs, bf->nrow);
1529 bf->ibf_ncol = min_t(u8, MT7996_IBF_MAX_NC, bf->ncol);
1530
1531 if (link_sta->bandwidth == IEEE80211_STA_RX_BW_160)
1532 bf->nrow = 1;
1533 } else {
1534 bf->nrow = tx_ant;
1535 bf->ncol = min_t(u8, nss_mcs, bf->nrow);
1536 bf->ibf_ncol = min_t(u8, MT7996_IBF_MAX_NC, nss_mcs);
1537
1538 if (link_sta->bandwidth == IEEE80211_STA_RX_BW_160)
1539 bf->ibf_nrow = 1;
1540 }
1541 }
1542
1543 static void
mt7996_mcu_sta_bfer_he(struct ieee80211_link_sta * link_sta,struct ieee80211_vif * vif,struct mt7996_phy * phy,struct sta_rec_bf * bf,bool explicit)1544 mt7996_mcu_sta_bfer_he(struct ieee80211_link_sta *link_sta,
1545 struct ieee80211_vif *vif, struct mt7996_phy *phy,
1546 struct sta_rec_bf *bf, bool explicit)
1547 {
1548 struct ieee80211_sta_he_cap *pc = &link_sta->he_cap;
1549 struct ieee80211_he_cap_elem *pe = &pc->he_cap_elem;
1550 const struct ieee80211_sta_he_cap *vc =
1551 mt76_connac_get_he_phy_cap(phy->mt76, vif);
1552 const struct ieee80211_he_cap_elem *ve = &vc->he_cap_elem;
1553 u16 mcs_map = le16_to_cpu(pc->he_mcs_nss_supp.rx_mcs_80);
1554 u8 nss_mcs = mt7996_mcu_get_sta_nss(mcs_map);
1555 u8 snd_dim, sts;
1556
1557 if (!vc)
1558 return;
1559
1560 bf->tx_mode = MT_PHY_TYPE_HE_SU;
1561
1562 mt7996_mcu_sta_sounding_rate(bf, phy);
1563
1564 bf->trigger_su = HE_PHY(CAP6_TRIG_SU_BEAMFORMING_FB,
1565 pe->phy_cap_info[6]);
1566 bf->trigger_mu = HE_PHY(CAP6_TRIG_MU_BEAMFORMING_PARTIAL_BW_FB,
1567 pe->phy_cap_info[6]);
1568 snd_dim = HE_PHY(CAP5_BEAMFORMEE_NUM_SND_DIM_UNDER_80MHZ_MASK,
1569 ve->phy_cap_info[5]);
1570 sts = HE_PHY(CAP4_BEAMFORMEE_MAX_STS_UNDER_80MHZ_MASK,
1571 pe->phy_cap_info[4]);
1572 bf->nrow = min_t(u8, snd_dim, sts);
1573 bf->ncol = min_t(u8, nss_mcs, bf->nrow);
1574 bf->ibf_ncol = explicit ? min_t(u8, MT7996_IBF_MAX_NC, bf->ncol) :
1575 min_t(u8, MT7996_IBF_MAX_NC, nss_mcs);
1576
1577 if (link_sta->bandwidth != IEEE80211_STA_RX_BW_160)
1578 return;
1579
1580 /* go over for 160MHz and 80p80 */
1581 if (pe->phy_cap_info[0] &
1582 IEEE80211_HE_PHY_CAP0_CHANNEL_WIDTH_SET_160MHZ_IN_5G) {
1583 mcs_map = le16_to_cpu(pc->he_mcs_nss_supp.rx_mcs_160);
1584 nss_mcs = mt7996_mcu_get_sta_nss(mcs_map);
1585
1586 bf->ncol_gt_bw80 = nss_mcs;
1587 }
1588
1589 if (pe->phy_cap_info[0] &
1590 IEEE80211_HE_PHY_CAP0_CHANNEL_WIDTH_SET_80PLUS80_MHZ_IN_5G) {
1591 mcs_map = le16_to_cpu(pc->he_mcs_nss_supp.rx_mcs_80p80);
1592 nss_mcs = mt7996_mcu_get_sta_nss(mcs_map);
1593
1594 if (bf->ncol_gt_bw80)
1595 bf->ncol_gt_bw80 = min_t(u8, bf->ncol_gt_bw80, nss_mcs);
1596 else
1597 bf->ncol_gt_bw80 = nss_mcs;
1598 }
1599
1600 snd_dim = HE_PHY(CAP5_BEAMFORMEE_NUM_SND_DIM_ABOVE_80MHZ_MASK,
1601 ve->phy_cap_info[5]);
1602 sts = HE_PHY(CAP4_BEAMFORMEE_MAX_STS_ABOVE_80MHZ_MASK,
1603 pe->phy_cap_info[4]);
1604
1605 bf->nrow_gt_bw80 = min_t(int, snd_dim, sts);
1606 }
1607
1608 static void
mt7996_mcu_sta_bfer_eht(struct ieee80211_link_sta * link_sta,struct ieee80211_vif * vif,struct mt7996_phy * phy,struct sta_rec_bf * bf,bool explicit)1609 mt7996_mcu_sta_bfer_eht(struct ieee80211_link_sta *link_sta,
1610 struct ieee80211_vif *vif, struct mt7996_phy *phy,
1611 struct sta_rec_bf *bf, bool explicit)
1612 {
1613 struct ieee80211_sta_eht_cap *pc = &link_sta->eht_cap;
1614 struct ieee80211_eht_cap_elem_fixed *pe = &pc->eht_cap_elem;
1615 struct ieee80211_eht_mcs_nss_supp *eht_nss = &pc->eht_mcs_nss_supp;
1616 const struct ieee80211_sta_eht_cap *vc =
1617 mt76_connac_get_eht_phy_cap(phy->mt76, vif);
1618 const struct ieee80211_eht_cap_elem_fixed *ve = &vc->eht_cap_elem;
1619 u8 nss_mcs = u8_get_bits(eht_nss->bw._80.rx_tx_mcs9_max_nss,
1620 IEEE80211_EHT_MCS_NSS_RX) - 1;
1621 u8 snd_dim, sts;
1622
1623 bf->tx_mode = MT_PHY_TYPE_EHT_MU;
1624
1625 mt7996_mcu_sta_sounding_rate(bf, phy);
1626
1627 bf->trigger_su = EHT_PHY(CAP3_TRIG_SU_BF_FDBK, pe->phy_cap_info[3]);
1628 bf->trigger_mu = EHT_PHY(CAP3_TRIG_MU_BF_PART_BW_FDBK, pe->phy_cap_info[3]);
1629 snd_dim = EHT_PHY(CAP2_SOUNDING_DIM_80MHZ_MASK, ve->phy_cap_info[2]);
1630 sts = EHT_PHY(CAP0_BEAMFORMEE_SS_80MHZ_MASK, pe->phy_cap_info[0]) +
1631 (EHT_PHY(CAP1_BEAMFORMEE_SS_80MHZ_MASK, pe->phy_cap_info[1]) << 1);
1632 bf->nrow = min_t(u8, snd_dim, sts);
1633 bf->ncol = min_t(u8, nss_mcs, bf->nrow);
1634 bf->ibf_ncol = explicit ? min_t(u8, MT7996_IBF_MAX_NC, bf->ncol) :
1635 min_t(u8, MT7996_IBF_MAX_NC, nss_mcs);
1636
1637 if (link_sta->bandwidth < IEEE80211_STA_RX_BW_160)
1638 return;
1639
1640 switch (link_sta->bandwidth) {
1641 case IEEE80211_STA_RX_BW_160:
1642 snd_dim = EHT_PHY(CAP2_SOUNDING_DIM_160MHZ_MASK, ve->phy_cap_info[2]);
1643 sts = EHT_PHY(CAP1_BEAMFORMEE_SS_160MHZ_MASK, pe->phy_cap_info[1]);
1644 nss_mcs = u8_get_bits(eht_nss->bw._160.rx_tx_mcs9_max_nss,
1645 IEEE80211_EHT_MCS_NSS_RX) - 1;
1646
1647 bf->nrow_gt_bw80 = min_t(u8, snd_dim, sts);
1648 bf->ncol_gt_bw80 = nss_mcs;
1649 break;
1650 case IEEE80211_STA_RX_BW_320:
1651 snd_dim = EHT_PHY(CAP2_SOUNDING_DIM_320MHZ_MASK, ve->phy_cap_info[2]) +
1652 (EHT_PHY(CAP3_SOUNDING_DIM_320MHZ_MASK,
1653 ve->phy_cap_info[3]) << 1);
1654 sts = EHT_PHY(CAP1_BEAMFORMEE_SS_320MHZ_MASK, pe->phy_cap_info[1]);
1655 nss_mcs = u8_get_bits(eht_nss->bw._320.rx_tx_mcs9_max_nss,
1656 IEEE80211_EHT_MCS_NSS_RX) - 1;
1657
1658 bf->nrow_gt_bw80 = min_t(u8, snd_dim, sts) << 4;
1659 bf->ncol_gt_bw80 = nss_mcs << 4;
1660 break;
1661 default:
1662 break;
1663 }
1664 }
1665
1666 static void
mt7996_mcu_sta_bfer_tlv(struct mt7996_dev * dev,struct sk_buff * skb,struct ieee80211_bss_conf * link_conf,struct ieee80211_link_sta * link_sta,struct mt7996_vif_link * link)1667 mt7996_mcu_sta_bfer_tlv(struct mt7996_dev *dev, struct sk_buff *skb,
1668 struct ieee80211_bss_conf *link_conf,
1669 struct ieee80211_link_sta *link_sta,
1670 struct mt7996_vif_link *link)
1671 {
1672 #define EBF_MODE BIT(0)
1673 #define IBF_MODE BIT(1)
1674 #define BF_MAT_ORDER 4
1675 struct ieee80211_vif *vif = link_conf->vif;
1676 struct mt7996_phy *phy = link->phy;
1677 int tx_ant = hweight16(phy->mt76->chainmask) - 1;
1678 struct sta_rec_bf *bf;
1679 struct tlv *tlv;
1680 static const u8 matrix[BF_MAT_ORDER][BF_MAT_ORDER] = {
1681 {0, 0, 0, 0},
1682 {1, 1, 0, 0}, /* 2x1, 2x2, 2x3, 2x4 */
1683 {2, 4, 4, 0}, /* 3x1, 3x2, 3x3, 3x4 */
1684 {3, 5, 6, 0} /* 4x1, 4x2, 4x3, 4x4 */
1685 };
1686 bool ebf;
1687
1688 if (!(link_sta->ht_cap.ht_supported || link_sta->he_cap.has_he))
1689 return;
1690
1691 ebf = mt7996_is_ebf_supported(phy, link_conf, link_sta, false);
1692 if (!ebf && !dev->ibf)
1693 return;
1694
1695 tlv = mt76_connac_mcu_add_tlv(skb, STA_REC_BF, sizeof(*bf));
1696 bf = (struct sta_rec_bf *)tlv;
1697
1698 /* he/eht: eBF only, except mt7992 that has 5T on 5GHz also supports iBF
1699 * vht: support eBF and iBF
1700 * ht: iBF only, since mac80211 lacks of eBF support
1701 */
1702 if (link_sta->eht_cap.has_eht)
1703 mt7996_mcu_sta_bfer_eht(link_sta, vif, link->phy, bf, ebf);
1704 else if (link_sta->he_cap.has_he)
1705 mt7996_mcu_sta_bfer_he(link_sta, vif, link->phy, bf, ebf);
1706 else if (link_sta->vht_cap.vht_supported)
1707 mt7996_mcu_sta_bfer_vht(link_sta, link->phy, bf, ebf);
1708 else if (link_sta->ht_cap.ht_supported)
1709 mt7996_mcu_sta_bfer_ht(link_sta, link->phy, bf, ebf);
1710 else
1711 return;
1712
1713 bf->bf_cap = ebf ? EBF_MODE : (dev->ibf ? IBF_MODE : 0);
1714 if (is_mt7992(&dev->mt76) && tx_ant == 4)
1715 bf->bf_cap |= IBF_MODE;
1716
1717 bf->bw = link_sta->bandwidth;
1718 bf->ibf_dbw = link_sta->bandwidth;
1719 bf->ibf_nrow = tx_ant;
1720
1721 if (link_sta->eht_cap.has_eht || link_sta->he_cap.has_he)
1722 bf->ibf_timeout = is_mt7996(&dev->mt76) ? MT7996_IBF_TIMEOUT :
1723 MT7992_IBF_TIMEOUT;
1724 else if (!ebf && link_sta->bandwidth <= IEEE80211_STA_RX_BW_40 && !bf->ncol)
1725 bf->ibf_timeout = MT7996_IBF_TIMEOUT_LEGACY;
1726 else
1727 bf->ibf_timeout = MT7996_IBF_TIMEOUT;
1728
1729 if (bf->ncol < BF_MAT_ORDER) {
1730 if (ebf)
1731 bf->mem_20m = tx_ant < BF_MAT_ORDER ?
1732 matrix[tx_ant][bf->ncol] : 0;
1733 else
1734 bf->mem_20m = bf->nrow < BF_MAT_ORDER ?
1735 matrix[bf->nrow][bf->ncol] : 0;
1736 }
1737
1738 switch (link_sta->bandwidth) {
1739 case IEEE80211_STA_RX_BW_160:
1740 case IEEE80211_STA_RX_BW_80:
1741 bf->mem_total = bf->mem_20m * 2;
1742 break;
1743 case IEEE80211_STA_RX_BW_40:
1744 bf->mem_total = bf->mem_20m;
1745 break;
1746 case IEEE80211_STA_RX_BW_20:
1747 default:
1748 break;
1749 }
1750 }
1751
1752 static void
mt7996_mcu_sta_bfee_tlv(struct mt7996_dev * dev,struct sk_buff * skb,struct ieee80211_bss_conf * link_conf,struct ieee80211_link_sta * link_sta,struct mt7996_vif_link * link)1753 mt7996_mcu_sta_bfee_tlv(struct mt7996_dev *dev, struct sk_buff *skb,
1754 struct ieee80211_bss_conf *link_conf,
1755 struct ieee80211_link_sta *link_sta,
1756 struct mt7996_vif_link *link)
1757 {
1758 struct mt7996_phy *phy = link->phy;
1759 int tx_ant = hweight8(phy->mt76->antenna_mask) - 1;
1760 struct sta_rec_bfee *bfee;
1761 struct tlv *tlv;
1762 u8 nrow = 0;
1763
1764 if (!(link_sta->vht_cap.vht_supported || link_sta->he_cap.has_he))
1765 return;
1766
1767 if (!mt7996_is_ebf_supported(phy, link_conf, link_sta, true))
1768 return;
1769
1770 tlv = mt76_connac_mcu_add_tlv(skb, STA_REC_BFEE, sizeof(*bfee));
1771 bfee = (struct sta_rec_bfee *)tlv;
1772
1773 if (link_sta->he_cap.has_he) {
1774 struct ieee80211_he_cap_elem *pe = &link_sta->he_cap.he_cap_elem;
1775
1776 nrow = HE_PHY(CAP5_BEAMFORMEE_NUM_SND_DIM_UNDER_80MHZ_MASK,
1777 pe->phy_cap_info[5]);
1778 } else if (link_sta->vht_cap.vht_supported) {
1779 struct ieee80211_sta_vht_cap *pc = &link_sta->vht_cap;
1780
1781 nrow = FIELD_GET(IEEE80211_VHT_CAP_SOUNDING_DIMENSIONS_MASK,
1782 pc->cap);
1783 }
1784
1785 /* reply with identity matrix to avoid 2x2 BF negative gain */
1786 bfee->fb_identity_matrix = (nrow == 1 && tx_ant == 2);
1787 }
1788
1789 static void
mt7996_mcu_sta_tx_proc_tlv(struct sk_buff * skb)1790 mt7996_mcu_sta_tx_proc_tlv(struct sk_buff *skb)
1791 {
1792 struct sta_rec_tx_proc *tx_proc;
1793 struct tlv *tlv;
1794
1795 tlv = mt76_connac_mcu_add_tlv(skb, STA_REC_TX_PROC, sizeof(*tx_proc));
1796
1797 tx_proc = (struct sta_rec_tx_proc *)tlv;
1798 tx_proc->flag = cpu_to_le32(0);
1799 }
1800
1801 static void
mt7996_mcu_sta_hdrt_tlv(struct mt7996_dev * dev,struct sk_buff * skb)1802 mt7996_mcu_sta_hdrt_tlv(struct mt7996_dev *dev, struct sk_buff *skb)
1803 {
1804 struct sta_rec_hdrt *hdrt;
1805 struct tlv *tlv;
1806
1807 tlv = mt76_connac_mcu_add_tlv(skb, STA_REC_HDRT, sizeof(*hdrt));
1808
1809 hdrt = (struct sta_rec_hdrt *)tlv;
1810 hdrt->hdrt_mode = 1;
1811 }
1812
1813 static void
mt7996_mcu_sta_hdr_trans_tlv(struct mt7996_dev * dev,struct sk_buff * skb,struct ieee80211_vif * vif,struct mt76_wcid * wcid)1814 mt7996_mcu_sta_hdr_trans_tlv(struct mt7996_dev *dev, struct sk_buff *skb,
1815 struct ieee80211_vif *vif, struct mt76_wcid *wcid)
1816 {
1817 struct sta_rec_hdr_trans *hdr_trans;
1818 struct tlv *tlv;
1819
1820 tlv = mt76_connac_mcu_add_tlv(skb, STA_REC_HDR_TRANS, sizeof(*hdr_trans));
1821 hdr_trans = (struct sta_rec_hdr_trans *)tlv;
1822 hdr_trans->dis_rx_hdr_tran = true;
1823
1824 if (vif->type == NL80211_IFTYPE_STATION)
1825 hdr_trans->to_ds = true;
1826 else
1827 hdr_trans->from_ds = true;
1828
1829 if (!wcid)
1830 return;
1831
1832 hdr_trans->dis_rx_hdr_tran = !test_bit(MT_WCID_FLAG_HDR_TRANS, &wcid->flags);
1833 if (test_bit(MT_WCID_FLAG_4ADDR, &wcid->flags)) {
1834 hdr_trans->to_ds = true;
1835 hdr_trans->from_ds = true;
1836 }
1837
1838 if (vif->type == NL80211_IFTYPE_MESH_POINT) {
1839 hdr_trans->to_ds = true;
1840 hdr_trans->from_ds = true;
1841 hdr_trans->mesh = true;
1842 }
1843 }
1844
1845 static enum mcu_mmps_mode
mt7996_mcu_get_mmps_mode(enum ieee80211_smps_mode smps)1846 mt7996_mcu_get_mmps_mode(enum ieee80211_smps_mode smps)
1847 {
1848 switch (smps) {
1849 case IEEE80211_SMPS_OFF:
1850 return MCU_MMPS_DISABLE;
1851 case IEEE80211_SMPS_STATIC:
1852 return MCU_MMPS_STATIC;
1853 case IEEE80211_SMPS_DYNAMIC:
1854 return MCU_MMPS_DYNAMIC;
1855 default:
1856 return MCU_MMPS_DISABLE;
1857 }
1858 }
1859
mt7996_mcu_set_fixed_rate_ctrl(struct mt7996_dev * dev,void * data,u16 version)1860 int mt7996_mcu_set_fixed_rate_ctrl(struct mt7996_dev *dev,
1861 void *data, u16 version)
1862 {
1863 struct ra_fixed_rate *req;
1864 struct uni_header hdr;
1865 struct sk_buff *skb;
1866 struct tlv *tlv;
1867 int len;
1868
1869 len = sizeof(hdr) + sizeof(*req);
1870
1871 skb = mt76_mcu_msg_alloc(&dev->mt76, NULL, len);
1872 if (!skb)
1873 return -ENOMEM;
1874
1875 skb_put_data(skb, &hdr, sizeof(hdr));
1876
1877 tlv = mt7996_mcu_add_uni_tlv(skb, UNI_RA_FIXED_RATE, sizeof(*req));
1878 req = (struct ra_fixed_rate *)tlv;
1879 req->version = cpu_to_le16(version);
1880 memcpy(&req->rate, data, sizeof(req->rate));
1881
1882 return mt76_mcu_skb_send_msg(&dev->mt76, skb,
1883 MCU_WM_UNI_CMD(RA), true);
1884 }
1885
mt7996_mcu_set_fixed_field(struct mt7996_dev * dev,struct ieee80211_link_sta * link_sta,struct mt7996_vif_link * link,struct mt7996_sta_link * msta_link,void * data,u32 field)1886 int mt7996_mcu_set_fixed_field(struct mt7996_dev *dev,
1887 struct ieee80211_link_sta *link_sta,
1888 struct mt7996_vif_link *link,
1889 struct mt7996_sta_link *msta_link,
1890 void *data, u32 field)
1891 {
1892 struct sta_phy_uni *phy = data;
1893 struct sta_rec_ra_fixed_uni *ra;
1894 struct sk_buff *skb;
1895 struct tlv *tlv;
1896
1897 skb = __mt76_connac_mcu_alloc_sta_req(&dev->mt76, &link->mt76,
1898 &msta_link->wcid,
1899 MT7996_STA_UPDATE_MAX_SIZE);
1900 if (IS_ERR(skb))
1901 return PTR_ERR(skb);
1902
1903 tlv = mt76_connac_mcu_add_tlv(skb, STA_REC_RA_UPDATE, sizeof(*ra));
1904 ra = (struct sta_rec_ra_fixed_uni *)tlv;
1905
1906 switch (field) {
1907 case RATE_PARAM_AUTO:
1908 break;
1909 case RATE_PARAM_FIXED:
1910 case RATE_PARAM_FIXED_MCS:
1911 case RATE_PARAM_FIXED_GI:
1912 case RATE_PARAM_FIXED_HE_LTF:
1913 if (phy)
1914 ra->phy = *phy;
1915 break;
1916 case RATE_PARAM_MMPS_UPDATE:
1917 ra->mmps_mode = mt7996_mcu_get_mmps_mode(link_sta->smps_mode);
1918 break;
1919 default:
1920 break;
1921 }
1922 ra->field = cpu_to_le32(field);
1923
1924 return mt76_mcu_skb_send_msg(&dev->mt76, skb,
1925 MCU_WMWA_UNI_CMD(STA_REC_UPDATE), true);
1926 }
1927
1928 static int
mt7996_mcu_add_rate_ctrl_fixed(struct mt7996_dev * dev,struct ieee80211_link_sta * link_sta,struct mt7996_vif_link * link,struct mt7996_sta_link * msta_link)1929 mt7996_mcu_add_rate_ctrl_fixed(struct mt7996_dev *dev,
1930 struct ieee80211_link_sta *link_sta,
1931 struct mt7996_vif_link *link,
1932 struct mt7996_sta_link *msta_link)
1933 {
1934 struct cfg80211_chan_def *chandef = &link->phy->mt76->chandef;
1935 struct cfg80211_bitrate_mask *mask = &link->bitrate_mask;
1936 enum nl80211_band band = chandef->chan->band;
1937 struct sta_phy_uni phy = {};
1938 int ret, nrates = 0;
1939
1940 #define __sta_phy_bitrate_mask_check(_mcs, _gi, _ht, _he) \
1941 do { \
1942 u8 i, gi = mask->control[band]._gi; \
1943 gi = (_he) ? gi : gi == NL80211_TXRATE_FORCE_SGI; \
1944 phy.sgi = gi; \
1945 phy.he_ltf = mask->control[band].he_ltf; \
1946 for (i = 0; i < ARRAY_SIZE(mask->control[band]._mcs); i++) { \
1947 if (!mask->control[band]._mcs[i]) \
1948 continue; \
1949 nrates += hweight16(mask->control[band]._mcs[i]); \
1950 phy.mcs = ffs(mask->control[band]._mcs[i]) - 1; \
1951 if (_ht) \
1952 phy.mcs += 8 * i; \
1953 } \
1954 } while (0)
1955
1956 if (link_sta->he_cap.has_he) {
1957 __sta_phy_bitrate_mask_check(he_mcs, he_gi, 0, 1);
1958 } else if (link_sta->vht_cap.vht_supported) {
1959 __sta_phy_bitrate_mask_check(vht_mcs, gi, 0, 0);
1960 } else if (link_sta->ht_cap.ht_supported) {
1961 __sta_phy_bitrate_mask_check(ht_mcs, gi, 1, 0);
1962 } else {
1963 nrates = hweight32(mask->control[band].legacy);
1964 phy.mcs = ffs(mask->control[band].legacy) - 1;
1965 }
1966 #undef __sta_phy_bitrate_mask_check
1967
1968 /* fall back to auto rate control */
1969 if (mask->control[band].gi == NL80211_TXRATE_DEFAULT_GI &&
1970 mask->control[band].he_gi == GENMASK(7, 0) &&
1971 mask->control[band].he_ltf == GENMASK(7, 0) &&
1972 nrates != 1)
1973 return 0;
1974
1975 /* fixed single rate */
1976 if (nrates == 1) {
1977 ret = mt7996_mcu_set_fixed_field(dev, link_sta, link,
1978 msta_link, &phy,
1979 RATE_PARAM_FIXED_MCS);
1980 if (ret)
1981 return ret;
1982 }
1983
1984 /* fixed GI */
1985 if (mask->control[band].gi != NL80211_TXRATE_DEFAULT_GI ||
1986 mask->control[band].he_gi != GENMASK(7, 0)) {
1987 u32 addr;
1988
1989 /* firmware updates only TXCMD but doesn't take WTBL into
1990 * account, so driver should update here to reflect the
1991 * actual txrate hardware sends out.
1992 */
1993 addr = mt7996_mac_wtbl_lmac_addr(dev, msta_link->wcid.idx, 7);
1994 if (link_sta->he_cap.has_he)
1995 mt76_rmw_field(dev, addr, GENMASK(31, 24), phy.sgi);
1996 else
1997 mt76_rmw_field(dev, addr, GENMASK(15, 12), phy.sgi);
1998
1999 ret = mt7996_mcu_set_fixed_field(dev, link_sta, link,
2000 msta_link, &phy,
2001 RATE_PARAM_FIXED_GI);
2002 if (ret)
2003 return ret;
2004 }
2005
2006 /* fixed HE_LTF */
2007 if (mask->control[band].he_ltf != GENMASK(7, 0)) {
2008 ret = mt7996_mcu_set_fixed_field(dev, link_sta, link,
2009 msta_link, &phy,
2010 RATE_PARAM_FIXED_HE_LTF);
2011 if (ret)
2012 return ret;
2013 }
2014
2015 return 0;
2016 }
2017
2018 static void
mt7996_mcu_sta_rate_ctrl_tlv(struct sk_buff * skb,struct mt7996_dev * dev,struct ieee80211_vif * vif,struct ieee80211_bss_conf * link_conf,struct ieee80211_link_sta * link_sta,struct mt7996_vif_link * link)2019 mt7996_mcu_sta_rate_ctrl_tlv(struct sk_buff *skb, struct mt7996_dev *dev,
2020 struct ieee80211_vif *vif,
2021 struct ieee80211_bss_conf *link_conf,
2022 struct ieee80211_link_sta *link_sta,
2023 struct mt7996_vif_link *link)
2024 {
2025 #define INIT_RCPI 180
2026 struct mt76_phy *mphy = link->phy->mt76;
2027 struct cfg80211_chan_def *chandef = &mphy->chandef;
2028 struct cfg80211_bitrate_mask *mask = &link->bitrate_mask;
2029 u32 cap = link_sta->sta->wme ? STA_CAP_WMM : 0;
2030 enum nl80211_band band = chandef->chan->band;
2031 struct sta_rec_ra_uni *ra;
2032 struct tlv *tlv;
2033 u32 supp_rate = link_sta->supp_rates[band];
2034
2035 tlv = mt76_connac_mcu_add_tlv(skb, STA_REC_RA, sizeof(*ra));
2036 ra = (struct sta_rec_ra_uni *)tlv;
2037
2038 ra->valid = true;
2039 ra->auto_rate = true;
2040 ra->phy_mode = mt76_connac_get_phy_mode(mphy, vif, band, link_sta);
2041 ra->channel = chandef->chan->hw_value;
2042 ra->bw = (link_sta->bandwidth == IEEE80211_STA_RX_BW_320) ?
2043 CMD_CBW_320MHZ : link_sta->bandwidth;
2044 ra->phy.bw = ra->bw;
2045 ra->mmps_mode = mt7996_mcu_get_mmps_mode(link_sta->smps_mode);
2046
2047 if (supp_rate) {
2048 supp_rate &= mask->control[band].legacy;
2049 ra->rate_len = hweight32(supp_rate);
2050
2051 if (band == NL80211_BAND_2GHZ) {
2052 ra->supp_mode = MODE_CCK;
2053 ra->supp_cck_rate = supp_rate & GENMASK(3, 0);
2054
2055 if (ra->rate_len > 4) {
2056 ra->supp_mode |= MODE_OFDM;
2057 ra->supp_ofdm_rate = supp_rate >> 4;
2058 }
2059 } else {
2060 ra->supp_mode = MODE_OFDM;
2061 ra->supp_ofdm_rate = supp_rate;
2062 }
2063 }
2064
2065 if (link_sta->ht_cap.ht_supported) {
2066 ra->supp_mode |= MODE_HT;
2067 ra->af = link_sta->ht_cap.ampdu_factor;
2068 ra->ht_gf = !!(link_sta->ht_cap.cap & IEEE80211_HT_CAP_GRN_FLD);
2069
2070 cap |= STA_CAP_HT;
2071 if (link_sta->ht_cap.cap & IEEE80211_HT_CAP_SGI_20)
2072 cap |= STA_CAP_SGI_20;
2073 if (link_sta->ht_cap.cap & IEEE80211_HT_CAP_SGI_40)
2074 cap |= STA_CAP_SGI_40;
2075 if (link_sta->ht_cap.cap & IEEE80211_HT_CAP_TX_STBC)
2076 cap |= STA_CAP_TX_STBC;
2077 if (link_sta->ht_cap.cap & IEEE80211_HT_CAP_RX_STBC)
2078 cap |= STA_CAP_RX_STBC;
2079 if (link_conf->ht_ldpc &&
2080 (link_sta->ht_cap.cap & IEEE80211_HT_CAP_LDPC_CODING))
2081 cap |= STA_CAP_LDPC;
2082
2083 mt7996_mcu_set_sta_ht_mcs(link_sta, ra->ht_mcs,
2084 mask->control[band].ht_mcs);
2085 ra->supp_ht_mcs = *(__le32 *)ra->ht_mcs;
2086 }
2087
2088 if (link_sta->vht_cap.vht_supported) {
2089 u8 af;
2090
2091 ra->supp_mode |= MODE_VHT;
2092 af = FIELD_GET(IEEE80211_VHT_CAP_MAX_A_MPDU_LENGTH_EXPONENT_MASK,
2093 link_sta->vht_cap.cap);
2094 ra->af = max_t(u8, ra->af, af);
2095
2096 cap |= STA_CAP_VHT;
2097 if (link_sta->vht_cap.cap & IEEE80211_VHT_CAP_SHORT_GI_80)
2098 cap |= STA_CAP_VHT_SGI_80;
2099 if (link_sta->vht_cap.cap & IEEE80211_VHT_CAP_SHORT_GI_160)
2100 cap |= STA_CAP_VHT_SGI_160;
2101 if (link_sta->vht_cap.cap & IEEE80211_VHT_CAP_TXSTBC)
2102 cap |= STA_CAP_VHT_TX_STBC;
2103 if (link_sta->vht_cap.cap & IEEE80211_VHT_CAP_RXSTBC_1)
2104 cap |= STA_CAP_VHT_RX_STBC;
2105 if ((vif->type != NL80211_IFTYPE_AP || link_conf->vht_ldpc) &&
2106 (link_sta->vht_cap.cap & IEEE80211_VHT_CAP_RXLDPC))
2107 cap |= STA_CAP_VHT_LDPC;
2108
2109 mt7996_mcu_set_sta_vht_mcs(link_sta, ra->supp_vht_mcs,
2110 mask->control[band].vht_mcs);
2111 }
2112
2113 if (link_sta->he_cap.has_he) {
2114 ra->supp_mode |= MODE_HE;
2115 cap |= STA_CAP_HE;
2116
2117 if (link_sta->he_6ghz_capa.capa)
2118 ra->af = le16_get_bits(link_sta->he_6ghz_capa.capa,
2119 IEEE80211_HE_6GHZ_CAP_MAX_AMPDU_LEN_EXP);
2120 }
2121 ra->sta_cap = cpu_to_le32(cap);
2122
2123 memset(ra->rx_rcpi, INIT_RCPI, sizeof(ra->rx_rcpi));
2124 }
2125
mt7996_mcu_add_rate_ctrl(struct mt7996_dev * dev,struct ieee80211_vif * vif,struct ieee80211_bss_conf * link_conf,struct ieee80211_link_sta * link_sta,struct mt7996_vif_link * link,struct mt7996_sta_link * msta_link,bool changed)2126 int mt7996_mcu_add_rate_ctrl(struct mt7996_dev *dev,
2127 struct ieee80211_vif *vif,
2128 struct ieee80211_bss_conf *link_conf,
2129 struct ieee80211_link_sta *link_sta,
2130 struct mt7996_vif_link *link,
2131 struct mt7996_sta_link *msta_link, bool changed)
2132 {
2133 struct sk_buff *skb;
2134 int ret;
2135
2136 skb = __mt76_connac_mcu_alloc_sta_req(&dev->mt76, &link->mt76,
2137 &msta_link->wcid,
2138 MT7996_STA_UPDATE_MAX_SIZE);
2139 if (IS_ERR(skb))
2140 return PTR_ERR(skb);
2141
2142 /* firmware rc algorithm refers to sta_rec_he for HE control.
2143 * once dev->rc_work changes the settings driver should also
2144 * update sta_rec_he here.
2145 */
2146 if (changed)
2147 mt7996_mcu_sta_he_tlv(skb, link_sta, link);
2148
2149 /* sta_rec_ra accommodates BW, NSS and only MCS range format
2150 * i.e 0-{7,8,9} for VHT.
2151 */
2152 mt7996_mcu_sta_rate_ctrl_tlv(skb, dev, vif, link_conf, link_sta, link);
2153
2154 ret = mt76_mcu_skb_send_msg(&dev->mt76, skb,
2155 MCU_WMWA_UNI_CMD(STA_REC_UPDATE), true);
2156 if (ret)
2157 return ret;
2158
2159 return mt7996_mcu_add_rate_ctrl_fixed(dev, link_sta, link, msta_link);
2160 }
2161
2162 static int
mt7996_mcu_add_group(struct mt7996_dev * dev,struct ieee80211_vif * vif,struct ieee80211_sta * sta)2163 mt7996_mcu_add_group(struct mt7996_dev *dev, struct ieee80211_vif *vif,
2164 struct ieee80211_sta *sta)
2165 {
2166 #define MT_STA_BSS_GROUP 1
2167 struct mt7996_vif *mvif = (struct mt7996_vif *)vif->drv_priv;
2168 struct mt7996_sta_link *msta_link;
2169 struct mt7996_sta *msta;
2170 struct {
2171 u8 __rsv1[4];
2172
2173 __le16 tag;
2174 __le16 len;
2175 __le16 wlan_idx;
2176 u8 __rsv2[2];
2177 __le32 action;
2178 __le32 val;
2179 u8 __rsv3[8];
2180 } __packed req = {
2181 .tag = cpu_to_le16(UNI_VOW_DRR_CTRL),
2182 .len = cpu_to_le16(sizeof(req) - 4),
2183 .action = cpu_to_le32(MT_STA_BSS_GROUP),
2184 .val = cpu_to_le32(mvif->deflink.mt76.idx % 16),
2185 };
2186
2187 msta = sta ? (struct mt7996_sta *)sta->drv_priv : NULL;
2188 msta_link = msta ? &msta->deflink : &mvif->deflink.msta_link;
2189 req.wlan_idx = cpu_to_le16(msta_link->wcid.idx);
2190
2191 return mt76_mcu_send_msg(&dev->mt76, MCU_WM_UNI_CMD(VOW), &req,
2192 sizeof(req), true);
2193 }
2194
2195 static void
mt7996_mcu_sta_mld_setup_tlv(struct mt7996_dev * dev,struct sk_buff * skb,struct ieee80211_sta * sta)2196 mt7996_mcu_sta_mld_setup_tlv(struct mt7996_dev *dev, struct sk_buff *skb,
2197 struct ieee80211_sta *sta)
2198 {
2199 struct mt7996_sta *msta = (struct mt7996_sta *)sta->drv_priv;
2200 unsigned long links = sta->valid_links;
2201 unsigned int nlinks = hweight16(links);
2202 struct mld_setup_link *mld_setup_link;
2203 struct sta_rec_mld_setup *mld_setup;
2204 struct mt7996_sta_link *msta_link;
2205 struct ieee80211_vif *vif;
2206 unsigned int link_id;
2207 struct tlv *tlv;
2208
2209 msta_link = mt76_dereference(msta->link[msta->deflink_id], &dev->mt76);
2210 if (!msta_link)
2211 return;
2212
2213 tlv = mt76_connac_mcu_add_tlv(skb, STA_REC_MLD,
2214 sizeof(struct sta_rec_mld_setup) +
2215 sizeof(struct mld_setup_link) * nlinks);
2216
2217 mld_setup = (struct sta_rec_mld_setup *)tlv;
2218 memcpy(mld_setup->mld_addr, sta->addr, ETH_ALEN);
2219 mld_setup->setup_wcid = cpu_to_le16(msta_link->wcid.idx);
2220 mld_setup->primary_id = cpu_to_le16(msta_link->wcid.idx);
2221
2222 if (nlinks > 1) {
2223 link_id = __ffs(links & ~BIT(msta->deflink_id));
2224 msta_link = mt76_dereference(msta->link[msta->deflink_id],
2225 &dev->mt76);
2226 if (!msta_link)
2227 return;
2228 }
2229 mld_setup->seconed_id = cpu_to_le16(msta_link->wcid.idx);
2230 mld_setup->link_num = nlinks;
2231
2232 vif = container_of((void *)msta->vif, struct ieee80211_vif, drv_priv);
2233 mld_setup_link = (struct mld_setup_link *)mld_setup->link_info;
2234 for_each_set_bit(link_id, &links, IEEE80211_MLD_MAX_NUM_LINKS) {
2235 struct mt7996_vif_link *link;
2236
2237 msta_link = mt76_dereference(msta->link[link_id], &dev->mt76);
2238 if (!msta_link)
2239 continue;
2240
2241 link = mt7996_vif_link(dev, vif, link_id);
2242 if (!link)
2243 continue;
2244
2245 if (!msta_link)
2246 continue;
2247
2248 mld_setup_link->wcid = cpu_to_le16(msta_link->wcid.idx);
2249 mld_setup_link->bss_idx = link->mt76.idx;
2250 mld_setup_link++;
2251 }
2252 }
2253
2254 static void
mt7996_mcu_sta_eht_mld_tlv(struct mt7996_dev * dev,struct sk_buff * skb,struct ieee80211_sta * sta)2255 mt7996_mcu_sta_eht_mld_tlv(struct mt7996_dev *dev, struct sk_buff *skb,
2256 struct ieee80211_sta *sta)
2257 {
2258 struct sta_rec_eht_mld *eht_mld;
2259 struct tlv *tlv;
2260 int i;
2261
2262 tlv = mt76_connac_mcu_add_tlv(skb, STA_REC_EHT_MLD, sizeof(*eht_mld));
2263 eht_mld = (struct sta_rec_eht_mld *)tlv;
2264
2265 for (i = 0; i < ARRAY_SIZE(eht_mld->str_cap); i++)
2266 eht_mld->str_cap[i] = 0x7;
2267 }
2268
mt7996_mcu_add_sta(struct mt7996_dev * dev,struct ieee80211_bss_conf * link_conf,struct ieee80211_link_sta * link_sta,struct mt7996_vif_link * link,struct mt7996_sta_link * msta_link,int conn_state,bool newly)2269 int mt7996_mcu_add_sta(struct mt7996_dev *dev,
2270 struct ieee80211_bss_conf *link_conf,
2271 struct ieee80211_link_sta *link_sta,
2272 struct mt7996_vif_link *link,
2273 struct mt7996_sta_link *msta_link,
2274 int conn_state, bool newly)
2275 {
2276 struct mt76_wcid *wcid = msta_link ? &msta_link->wcid : link->mt76.wcid;
2277 struct ieee80211_sta *sta = link_sta ? link_sta->sta : NULL;
2278 struct sk_buff *skb;
2279 int ret;
2280
2281 skb = __mt76_connac_mcu_alloc_sta_req(&dev->mt76, &link->mt76, wcid,
2282 MT7996_STA_UPDATE_MAX_SIZE);
2283 if (IS_ERR(skb))
2284 return PTR_ERR(skb);
2285
2286 /* starec basic */
2287 mt76_connac_mcu_sta_basic_tlv(&dev->mt76, skb, link_conf, link_sta,
2288 conn_state, newly);
2289
2290 if (conn_state == CONN_STATE_DISCONNECT)
2291 goto out;
2292
2293 /* starec hdr trans */
2294 mt7996_mcu_sta_hdr_trans_tlv(dev, skb, link_conf->vif, wcid);
2295 /* starec tx proc */
2296 mt7996_mcu_sta_tx_proc_tlv(skb);
2297
2298 /* tag order is in accordance with firmware dependency. */
2299 if (link_sta) {
2300 /* starec hdrt mode */
2301 mt7996_mcu_sta_hdrt_tlv(dev, skb);
2302 if (conn_state == CONN_STATE_CONNECT) {
2303 /* starec bfer */
2304 mt7996_mcu_sta_bfer_tlv(dev, skb, link_conf, link_sta,
2305 link);
2306 /* starec bfee */
2307 mt7996_mcu_sta_bfee_tlv(dev, skb, link_conf, link_sta,
2308 link);
2309 }
2310 /* starec ht */
2311 mt7996_mcu_sta_ht_tlv(skb, link_sta);
2312 /* starec vht */
2313 mt7996_mcu_sta_vht_tlv(skb, link_sta);
2314 /* starec uapsd */
2315 mt76_connac_mcu_sta_uapsd(skb, link_conf->vif, sta);
2316 /* starec amsdu */
2317 mt7996_mcu_sta_amsdu_tlv(dev, skb, link_conf->vif, link_sta,
2318 msta_link);
2319 /* starec he */
2320 mt7996_mcu_sta_he_tlv(skb, link_sta, link);
2321 /* starec he 6g*/
2322 mt7996_mcu_sta_he_6g_tlv(skb, link_sta);
2323 /* starec eht */
2324 mt7996_mcu_sta_eht_tlv(skb, link_sta);
2325 /* starec muru */
2326 mt7996_mcu_sta_muru_tlv(dev, skb, link_conf, link_sta);
2327
2328 if (sta->mlo) {
2329 mt7996_mcu_sta_mld_setup_tlv(dev, skb, sta);
2330 mt7996_mcu_sta_eht_mld_tlv(dev, skb, sta);
2331 }
2332 }
2333
2334 ret = mt7996_mcu_add_group(dev, link_conf->vif, sta);
2335 if (ret) {
2336 dev_kfree_skb(skb);
2337 return ret;
2338 }
2339 out:
2340 return mt76_mcu_skb_send_msg(&dev->mt76, skb,
2341 MCU_WMWA_UNI_CMD(STA_REC_UPDATE), true);
2342 }
2343
mt7996_mcu_teardown_mld_sta(struct mt7996_dev * dev,struct mt7996_vif_link * link,struct mt7996_sta_link * msta_link)2344 int mt7996_mcu_teardown_mld_sta(struct mt7996_dev *dev,
2345 struct mt7996_vif_link *link,
2346 struct mt7996_sta_link *msta_link)
2347 {
2348 struct sk_buff *skb;
2349
2350 skb = __mt76_connac_mcu_alloc_sta_req(&dev->mt76, &link->mt76,
2351 &msta_link->wcid,
2352 MT7996_STA_UPDATE_MAX_SIZE);
2353 if (IS_ERR(skb))
2354 return PTR_ERR(skb);
2355
2356 mt76_connac_mcu_add_tlv(skb, STA_REC_MLD_OFF, sizeof(struct tlv));
2357
2358 return mt76_mcu_skb_send_msg(&dev->mt76, skb,
2359 MCU_WMWA_UNI_CMD(STA_REC_UPDATE), true);
2360 }
2361
2362 static int
mt7996_mcu_sta_key_tlv(struct mt76_wcid * wcid,struct sk_buff * skb,struct ieee80211_key_conf * key,enum set_key_cmd cmd)2363 mt7996_mcu_sta_key_tlv(struct mt76_wcid *wcid,
2364 struct sk_buff *skb,
2365 struct ieee80211_key_conf *key,
2366 enum set_key_cmd cmd)
2367 {
2368 struct sta_rec_sec_uni *sec;
2369 struct tlv *tlv;
2370
2371 tlv = mt76_connac_mcu_add_tlv(skb, STA_REC_KEY_V2, sizeof(*sec));
2372 sec = (struct sta_rec_sec_uni *)tlv;
2373 sec->add = cmd;
2374
2375 if (cmd == SET_KEY) {
2376 struct sec_key_uni *sec_key;
2377 u8 cipher;
2378
2379 cipher = mt76_connac_mcu_get_cipher(key->cipher);
2380 if (cipher == MCU_CIPHER_NONE)
2381 return -EOPNOTSUPP;
2382
2383 sec_key = &sec->key[0];
2384 sec_key->wlan_idx = cpu_to_le16(wcid->idx);
2385 sec_key->mgmt_prot = 0;
2386 sec_key->cipher_id = cipher;
2387 sec_key->cipher_len = sizeof(*sec_key);
2388 sec_key->key_id = key->keyidx;
2389 sec_key->key_len = key->keylen;
2390 sec_key->need_resp = 0;
2391 memcpy(sec_key->key, key->key, key->keylen);
2392
2393 if (cipher == MCU_CIPHER_TKIP) {
2394 /* Rx/Tx MIC keys are swapped */
2395 memcpy(sec_key->key + 16, key->key + 24, 8);
2396 memcpy(sec_key->key + 24, key->key + 16, 8);
2397 }
2398
2399 sec->n_cipher = 1;
2400 } else {
2401 sec->n_cipher = 0;
2402 }
2403
2404 return 0;
2405 }
2406
mt7996_mcu_add_key(struct mt76_dev * dev,struct ieee80211_vif * vif,struct ieee80211_key_conf * key,int mcu_cmd,struct mt76_wcid * wcid,enum set_key_cmd cmd)2407 int mt7996_mcu_add_key(struct mt76_dev *dev, struct ieee80211_vif *vif,
2408 struct ieee80211_key_conf *key, int mcu_cmd,
2409 struct mt76_wcid *wcid, enum set_key_cmd cmd)
2410 {
2411 struct mt76_vif_link *mvif = (struct mt76_vif_link *)vif->drv_priv;
2412 struct sk_buff *skb;
2413 int ret;
2414
2415 skb = __mt76_connac_mcu_alloc_sta_req(dev, mvif, wcid,
2416 MT7996_STA_UPDATE_MAX_SIZE);
2417 if (IS_ERR(skb))
2418 return PTR_ERR(skb);
2419
2420 ret = mt7996_mcu_sta_key_tlv(wcid, skb, key, cmd);
2421 if (ret)
2422 return ret;
2423
2424 return mt76_mcu_skb_send_msg(dev, skb, mcu_cmd, true);
2425 }
2426
mt7996_mcu_get_pn(struct mt7996_dev * dev,struct mt7996_vif_link * link,struct mt7996_sta_link * msta_link,u8 * pn)2427 static int mt7996_mcu_get_pn(struct mt7996_dev *dev,
2428 struct mt7996_vif_link *link,
2429 struct mt7996_sta_link *msta_link, u8 *pn)
2430 {
2431 #define TSC_TYPE_BIGTK_PN 2
2432 struct sta_rec_pn_info *pn_info;
2433 struct sk_buff *skb, *rskb;
2434 struct tlv *tlv;
2435 int ret;
2436
2437 skb = mt76_connac_mcu_alloc_sta_req(&dev->mt76, &link->mt76,
2438 &msta_link->wcid);
2439 if (IS_ERR(skb))
2440 return PTR_ERR(skb);
2441
2442 tlv = mt76_connac_mcu_add_tlv(skb, STA_REC_PN_INFO, sizeof(*pn_info));
2443 pn_info = (struct sta_rec_pn_info *)tlv;
2444
2445 pn_info->tsc_type = TSC_TYPE_BIGTK_PN;
2446 ret = mt76_mcu_skb_send_and_get_msg(&dev->mt76, skb,
2447 MCU_WM_UNI_CMD_QUERY(STA_REC_UPDATE),
2448 true, &rskb);
2449 if (ret)
2450 return ret;
2451
2452 skb_pull(rskb, 4);
2453
2454 pn_info = (struct sta_rec_pn_info *)rskb->data;
2455 if (le16_to_cpu(pn_info->tag) == STA_REC_PN_INFO)
2456 memcpy(pn, pn_info->pn, 6);
2457
2458 dev_kfree_skb(rskb);
2459 return 0;
2460 }
2461
mt7996_mcu_bcn_prot_enable(struct mt7996_dev * dev,struct mt7996_vif_link * link,struct mt7996_sta_link * msta_link,struct ieee80211_key_conf * key)2462 int mt7996_mcu_bcn_prot_enable(struct mt7996_dev *dev,
2463 struct mt7996_vif_link *link,
2464 struct mt7996_sta_link *msta_link,
2465 struct ieee80211_key_conf *key)
2466 {
2467 struct mt7996_mcu_bcn_prot_tlv *bcn_prot;
2468 struct sk_buff *skb;
2469 struct tlv *tlv;
2470 u8 pn[6] = {};
2471 int len = sizeof(struct bss_req_hdr) +
2472 sizeof(struct mt7996_mcu_bcn_prot_tlv);
2473 int ret;
2474
2475 skb = __mt7996_mcu_alloc_bss_req(&dev->mt76, &link->mt76, len);
2476 if (IS_ERR(skb))
2477 return PTR_ERR(skb);
2478
2479 tlv = mt76_connac_mcu_add_tlv(skb, UNI_BSS_INFO_BCN_PROT, sizeof(*bcn_prot));
2480
2481 bcn_prot = (struct mt7996_mcu_bcn_prot_tlv *)tlv;
2482
2483 ret = mt7996_mcu_get_pn(dev, link, msta_link, pn);
2484 if (ret) {
2485 dev_kfree_skb(skb);
2486 return ret;
2487 }
2488
2489 switch (key->cipher) {
2490 case WLAN_CIPHER_SUITE_AES_CMAC:
2491 bcn_prot->cipher_id = MCU_CIPHER_BCN_PROT_CMAC_128;
2492 break;
2493 case WLAN_CIPHER_SUITE_BIP_GMAC_128:
2494 bcn_prot->cipher_id = MCU_CIPHER_BCN_PROT_GMAC_128;
2495 break;
2496 case WLAN_CIPHER_SUITE_BIP_GMAC_256:
2497 bcn_prot->cipher_id = MCU_CIPHER_BCN_PROT_GMAC_256;
2498 break;
2499 case WLAN_CIPHER_SUITE_BIP_CMAC_256:
2500 default:
2501 dev_err(dev->mt76.dev, "Not supported Bigtk Cipher\n");
2502 dev_kfree_skb(skb);
2503 return -EOPNOTSUPP;
2504 }
2505
2506 pn[0]++;
2507 memcpy(bcn_prot->pn, pn, 6);
2508 bcn_prot->enable = BP_SW_MODE;
2509 memcpy(bcn_prot->key, key->key, WLAN_MAX_KEY_LEN);
2510 bcn_prot->key_id = key->keyidx;
2511
2512 return mt76_mcu_skb_send_msg(&dev->mt76, skb,
2513 MCU_WMWA_UNI_CMD(BSS_INFO_UPDATE), true);
2514 }
2515
mt7996_mcu_add_dev_info(struct mt7996_phy * phy,struct ieee80211_vif * vif,struct ieee80211_bss_conf * link_conf,struct mt76_vif_link * mlink,bool enable)2516 int mt7996_mcu_add_dev_info(struct mt7996_phy *phy, struct ieee80211_vif *vif,
2517 struct ieee80211_bss_conf *link_conf,
2518 struct mt76_vif_link *mlink, bool enable)
2519 {
2520 struct mt7996_dev *dev = phy->dev;
2521 struct {
2522 struct req_hdr {
2523 u8 omac_idx;
2524 u8 band_idx;
2525 u8 __rsv[2];
2526 } __packed hdr;
2527 struct req_tlv {
2528 __le16 tag;
2529 __le16 len;
2530 u8 active;
2531 u8 __rsv;
2532 u8 omac_addr[ETH_ALEN];
2533 } __packed tlv;
2534 } data = {
2535 .hdr = {
2536 .omac_idx = mlink->omac_idx,
2537 .band_idx = mlink->band_idx,
2538 },
2539 .tlv = {
2540 .tag = cpu_to_le16(DEV_INFO_ACTIVE),
2541 .len = cpu_to_le16(sizeof(struct req_tlv)),
2542 .active = enable,
2543 },
2544 };
2545
2546 if (mlink->omac_idx >= REPEATER_BSSID_START)
2547 return mt7996_mcu_muar_config(dev, mlink, link_conf->addr, false, enable);
2548
2549 memcpy(data.tlv.omac_addr, link_conf->addr, ETH_ALEN);
2550 return mt76_mcu_send_msg(&dev->mt76, MCU_WMWA_UNI_CMD(DEV_INFO_UPDATE),
2551 &data, sizeof(data), true);
2552 }
2553
2554 static void
mt7996_mcu_beacon_cntdwn(struct sk_buff * rskb,struct sk_buff * skb,struct ieee80211_mutable_offsets * offs,bool csa)2555 mt7996_mcu_beacon_cntdwn(struct sk_buff *rskb, struct sk_buff *skb,
2556 struct ieee80211_mutable_offsets *offs,
2557 bool csa)
2558 {
2559 struct bss_bcn_cntdwn_tlv *info;
2560 struct tlv *tlv;
2561 u16 tag;
2562
2563 if (!offs->cntdwn_counter_offs[0])
2564 return;
2565
2566 tag = csa ? UNI_BSS_INFO_BCN_CSA : UNI_BSS_INFO_BCN_BCC;
2567
2568 tlv = mt7996_mcu_add_uni_tlv(rskb, tag, sizeof(*info));
2569
2570 info = (struct bss_bcn_cntdwn_tlv *)tlv;
2571 info->cnt = skb->data[offs->cntdwn_counter_offs[0]];
2572 }
2573
2574 static void
mt7996_mcu_beacon_mbss(struct sk_buff * rskb,struct sk_buff * skb,struct bss_bcn_content_tlv * bcn,struct ieee80211_mutable_offsets * offs)2575 mt7996_mcu_beacon_mbss(struct sk_buff *rskb, struct sk_buff *skb,
2576 struct bss_bcn_content_tlv *bcn,
2577 struct ieee80211_mutable_offsets *offs)
2578 {
2579 struct bss_bcn_mbss_tlv *mbss;
2580 const struct element *elem;
2581 struct tlv *tlv;
2582
2583 tlv = mt7996_mcu_add_uni_tlv(rskb, UNI_BSS_INFO_BCN_MBSSID, sizeof(*mbss));
2584
2585 mbss = (struct bss_bcn_mbss_tlv *)tlv;
2586 mbss->offset[0] = cpu_to_le16(offs->tim_offset);
2587 mbss->bitmap = cpu_to_le32(1);
2588
2589 for_each_element_id(elem, WLAN_EID_MULTIPLE_BSSID,
2590 &skb->data[offs->mbssid_off],
2591 skb->len - offs->mbssid_off) {
2592 const struct element *sub_elem;
2593
2594 if (elem->datalen < 2)
2595 continue;
2596
2597 for_each_element(sub_elem, elem->data + 1, elem->datalen - 1) {
2598 const struct ieee80211_bssid_index *idx;
2599 const u8 *idx_ie;
2600
2601 /* not a valid BSS profile */
2602 if (sub_elem->id || sub_elem->datalen < 4)
2603 continue;
2604
2605 /* Find WLAN_EID_MULTI_BSSID_IDX
2606 * in the merged nontransmitted profile
2607 */
2608 idx_ie = cfg80211_find_ie(WLAN_EID_MULTI_BSSID_IDX,
2609 sub_elem->data, sub_elem->datalen);
2610 if (!idx_ie || idx_ie[1] < sizeof(*idx))
2611 continue;
2612
2613 idx = (void *)(idx_ie + 2);
2614 if (!idx->bssid_index || idx->bssid_index > 31)
2615 continue;
2616
2617 mbss->offset[idx->bssid_index] = cpu_to_le16(idx_ie -
2618 skb->data);
2619 mbss->bitmap |= cpu_to_le32(BIT(idx->bssid_index));
2620 }
2621 }
2622 }
2623
2624 static void
mt7996_mcu_beacon_cont(struct mt7996_dev * dev,struct ieee80211_bss_conf * link_conf,struct sk_buff * rskb,struct sk_buff * skb,struct bss_bcn_content_tlv * bcn,struct ieee80211_mutable_offsets * offs)2625 mt7996_mcu_beacon_cont(struct mt7996_dev *dev,
2626 struct ieee80211_bss_conf *link_conf,
2627 struct sk_buff *rskb, struct sk_buff *skb,
2628 struct bss_bcn_content_tlv *bcn,
2629 struct ieee80211_mutable_offsets *offs)
2630 {
2631 struct mt76_wcid *wcid = &dev->mt76.global_wcid;
2632 u8 *buf;
2633
2634 bcn->pkt_len = cpu_to_le16(MT_TXD_SIZE + skb->len);
2635 bcn->tim_ie_pos = cpu_to_le16(offs->tim_offset);
2636
2637 if (offs->cntdwn_counter_offs[0]) {
2638 u16 offset = offs->cntdwn_counter_offs[0];
2639
2640 if (link_conf->csa_active)
2641 bcn->csa_ie_pos = cpu_to_le16(offset - 4);
2642 if (link_conf->color_change_active)
2643 bcn->bcc_ie_pos = cpu_to_le16(offset - 3);
2644 }
2645
2646 buf = (u8 *)bcn + sizeof(*bcn);
2647 mt7996_mac_write_txwi(dev, (__le32 *)buf, skb, wcid, NULL, 0, 0,
2648 BSS_CHANGED_BEACON);
2649
2650 memcpy(buf + MT_TXD_SIZE, skb->data, skb->len);
2651 }
2652
mt7996_mcu_add_beacon(struct ieee80211_hw * hw,struct ieee80211_vif * vif,struct ieee80211_bss_conf * link_conf)2653 int mt7996_mcu_add_beacon(struct ieee80211_hw *hw, struct ieee80211_vif *vif,
2654 struct ieee80211_bss_conf *link_conf)
2655 {
2656 struct mt7996_dev *dev = mt7996_hw_dev(hw);
2657 struct mt76_vif_link *mlink = mt76_vif_conf_link(&dev->mt76, vif, link_conf);
2658 struct ieee80211_mutable_offsets offs;
2659 struct ieee80211_tx_info *info;
2660 struct sk_buff *skb, *rskb;
2661 struct tlv *tlv;
2662 struct bss_bcn_content_tlv *bcn;
2663 int len, extra_len = 0;
2664
2665 if (link_conf->nontransmitted)
2666 return 0;
2667
2668 if (!mlink)
2669 return -EINVAL;
2670
2671 rskb = __mt7996_mcu_alloc_bss_req(&dev->mt76, mlink,
2672 MT7996_MAX_BSS_OFFLOAD_SIZE);
2673 if (IS_ERR(rskb))
2674 return PTR_ERR(rskb);
2675
2676 skb = ieee80211_beacon_get_template(hw, vif, &offs, link_conf->link_id);
2677 if (link_conf->enable_beacon && !skb) {
2678 dev_kfree_skb(rskb);
2679 return -EINVAL;
2680 }
2681
2682 if (skb) {
2683 if (skb->len > MT7996_MAX_BEACON_SIZE) {
2684 dev_err(dev->mt76.dev, "Bcn size limit exceed\n");
2685 dev_kfree_skb(rskb);
2686 dev_kfree_skb(skb);
2687 return -EINVAL;
2688 }
2689
2690 extra_len = skb->len;
2691 }
2692
2693 len = ALIGN(sizeof(*bcn) + MT_TXD_SIZE + extra_len, 4);
2694 tlv = mt7996_mcu_add_uni_tlv(rskb, UNI_BSS_INFO_BCN_CONTENT, len);
2695 bcn = (struct bss_bcn_content_tlv *)tlv;
2696 bcn->enable = link_conf->enable_beacon;
2697 if (!bcn->enable)
2698 goto out;
2699
2700 info = IEEE80211_SKB_CB(skb);
2701 info->hw_queue |= FIELD_PREP(MT_TX_HW_QUEUE_PHY, mlink->band_idx);
2702
2703 mt7996_mcu_beacon_cont(dev, link_conf, rskb, skb, bcn, &offs);
2704 if (link_conf->bssid_indicator)
2705 mt7996_mcu_beacon_mbss(rskb, skb, bcn, &offs);
2706 mt7996_mcu_beacon_cntdwn(rskb, skb, &offs, link_conf->csa_active);
2707 out:
2708 dev_kfree_skb(skb);
2709 return mt76_mcu_skb_send_msg(&dev->mt76, rskb,
2710 MCU_WMWA_UNI_CMD(BSS_INFO_UPDATE), true);
2711 }
2712
mt7996_mcu_beacon_inband_discov(struct mt7996_dev * dev,struct ieee80211_bss_conf * link_conf,struct mt7996_vif_link * link,u32 changed)2713 int mt7996_mcu_beacon_inband_discov(struct mt7996_dev *dev,
2714 struct ieee80211_bss_conf *link_conf,
2715 struct mt7996_vif_link *link, u32 changed)
2716 {
2717 #define OFFLOAD_TX_MODE_SU BIT(0)
2718 #define OFFLOAD_TX_MODE_MU BIT(1)
2719 struct ieee80211_vif *vif = link_conf->vif;
2720 struct ieee80211_hw *hw = mt76_hw(dev);
2721 struct mt7996_phy *phy = link->phy;
2722 struct mt76_wcid *wcid = &dev->mt76.global_wcid;
2723 struct bss_inband_discovery_tlv *discov;
2724 struct ieee80211_tx_info *info;
2725 struct sk_buff *rskb, *skb = NULL;
2726 struct cfg80211_chan_def *chandef;
2727 enum nl80211_band band;
2728 struct tlv *tlv;
2729 u8 *buf, interval;
2730 int len;
2731
2732 if (!phy)
2733 return -EINVAL;
2734
2735 chandef = &phy->mt76->chandef;
2736 band = chandef->chan->band;
2737
2738 if (link_conf->nontransmitted)
2739 return 0;
2740
2741 rskb = __mt7996_mcu_alloc_bss_req(&dev->mt76, &link->mt76,
2742 MT7996_MAX_BSS_OFFLOAD_SIZE);
2743 if (IS_ERR(rskb))
2744 return PTR_ERR(rskb);
2745
2746 if (changed & BSS_CHANGED_FILS_DISCOVERY &&
2747 link_conf->fils_discovery.max_interval) {
2748 interval = link_conf->fils_discovery.max_interval;
2749 skb = ieee80211_get_fils_discovery_tmpl(hw, vif);
2750 } else if (changed & BSS_CHANGED_UNSOL_BCAST_PROBE_RESP &&
2751 link_conf->unsol_bcast_probe_resp_interval) {
2752 interval = link_conf->unsol_bcast_probe_resp_interval;
2753 skb = ieee80211_get_unsol_bcast_probe_resp_tmpl(hw, vif);
2754 }
2755
2756 if (!skb) {
2757 dev_kfree_skb(rskb);
2758 return -EINVAL;
2759 }
2760
2761 if (skb->len > MT7996_MAX_BEACON_SIZE) {
2762 dev_err(dev->mt76.dev, "inband discovery size limit exceed\n");
2763 dev_kfree_skb(rskb);
2764 dev_kfree_skb(skb);
2765 return -EINVAL;
2766 }
2767
2768 info = IEEE80211_SKB_CB(skb);
2769 info->control.vif = vif;
2770 info->band = band;
2771 info->hw_queue |= FIELD_PREP(MT_TX_HW_QUEUE_PHY, phy->mt76->band_idx);
2772
2773 len = ALIGN(sizeof(*discov) + MT_TXD_SIZE + skb->len, 4);
2774 tlv = mt7996_mcu_add_uni_tlv(rskb, UNI_BSS_INFO_OFFLOAD, len);
2775
2776 discov = (struct bss_inband_discovery_tlv *)tlv;
2777 discov->tx_mode = OFFLOAD_TX_MODE_SU;
2778 /* 0: UNSOL PROBE RESP, 1: FILS DISCOV */
2779 discov->tx_type = !!(changed & BSS_CHANGED_FILS_DISCOVERY);
2780 discov->tx_interval = interval;
2781 discov->prob_rsp_len = cpu_to_le16(MT_TXD_SIZE + skb->len);
2782 discov->enable = true;
2783 discov->wcid = cpu_to_le16(MT7996_WTBL_RESERVED);
2784
2785 buf = (u8 *)tlv + sizeof(*discov);
2786
2787 mt7996_mac_write_txwi(dev, (__le32 *)buf, skb, wcid, NULL, 0, 0, changed);
2788
2789 memcpy(buf + MT_TXD_SIZE, skb->data, skb->len);
2790
2791 dev_kfree_skb(skb);
2792
2793 return mt76_mcu_skb_send_msg(&dev->mt76, rskb,
2794 MCU_WMWA_UNI_CMD(BSS_INFO_UPDATE), true);
2795 }
2796
mt7996_driver_own(struct mt7996_dev * dev,u8 band)2797 static int mt7996_driver_own(struct mt7996_dev *dev, u8 band)
2798 {
2799 mt76_wr(dev, MT_TOP_LPCR_HOST_BAND(band), MT_TOP_LPCR_HOST_DRV_OWN);
2800 if (!mt76_poll_msec(dev, MT_TOP_LPCR_HOST_BAND(band),
2801 MT_TOP_LPCR_HOST_FW_OWN_STAT, 0, 500)) {
2802 dev_err(dev->mt76.dev, "Timeout for driver own\n");
2803 return -EIO;
2804 }
2805
2806 /* clear irq when the driver own success */
2807 mt76_wr(dev, MT_TOP_LPCR_HOST_BAND_IRQ_STAT(band),
2808 MT_TOP_LPCR_HOST_BAND_STAT);
2809
2810 return 0;
2811 }
2812
mt7996_patch_sec_mode(u32 key_info)2813 static u32 mt7996_patch_sec_mode(u32 key_info)
2814 {
2815 u32 sec = u32_get_bits(key_info, MT7996_PATCH_SEC), key = 0;
2816
2817 if (key_info == GENMASK(31, 0) || sec == MT7996_SEC_MODE_PLAIN)
2818 return 0;
2819
2820 if (sec == MT7996_SEC_MODE_AES)
2821 key = u32_get_bits(key_info, MT7996_PATCH_AES_KEY);
2822 else
2823 key = u32_get_bits(key_info, MT7996_PATCH_SCRAMBLE_KEY);
2824
2825 return MT7996_SEC_ENCRYPT | MT7996_SEC_IV |
2826 u32_encode_bits(key, MT7996_SEC_KEY_IDX);
2827 }
2828
mt7996_load_patch(struct mt7996_dev * dev)2829 static int mt7996_load_patch(struct mt7996_dev *dev)
2830 {
2831 const struct mt7996_patch_hdr *hdr;
2832 const struct firmware *fw = NULL;
2833 int i, ret, sem;
2834
2835 sem = mt76_connac_mcu_patch_sem_ctrl(&dev->mt76, 1);
2836 switch (sem) {
2837 case PATCH_IS_DL:
2838 return 0;
2839 case PATCH_NOT_DL_SEM_SUCCESS:
2840 break;
2841 default:
2842 dev_err(dev->mt76.dev, "Failed to get patch semaphore\n");
2843 return -EAGAIN;
2844 }
2845
2846 ret = request_firmware(&fw, fw_name(dev, ROM_PATCH), dev->mt76.dev);
2847 if (ret)
2848 goto out;
2849
2850 if (!fw || !fw->data || fw->size < sizeof(*hdr)) {
2851 dev_err(dev->mt76.dev, "Invalid firmware\n");
2852 ret = -EINVAL;
2853 goto out;
2854 }
2855
2856 hdr = (const struct mt7996_patch_hdr *)(fw->data);
2857
2858 dev_info(dev->mt76.dev, "HW/SW Version: 0x%x, Build Time: %.16s\n",
2859 be32_to_cpu(hdr->hw_sw_ver), hdr->build_date);
2860
2861 for (i = 0; i < be32_to_cpu(hdr->desc.n_region); i++) {
2862 struct mt7996_patch_sec *sec;
2863 const u8 *dl;
2864 u32 len, addr, sec_key_idx, mode = DL_MODE_NEED_RSP;
2865
2866 sec = (struct mt7996_patch_sec *)(fw->data + sizeof(*hdr) +
2867 i * sizeof(*sec));
2868 if ((be32_to_cpu(sec->type) & PATCH_SEC_TYPE_MASK) !=
2869 PATCH_SEC_TYPE_INFO) {
2870 ret = -EINVAL;
2871 goto out;
2872 }
2873
2874 addr = be32_to_cpu(sec->info.addr);
2875 len = be32_to_cpu(sec->info.len);
2876 sec_key_idx = be32_to_cpu(sec->info.sec_key_idx);
2877 dl = fw->data + be32_to_cpu(sec->offs);
2878
2879 mode |= mt7996_patch_sec_mode(sec_key_idx);
2880
2881 ret = mt76_connac_mcu_init_download(&dev->mt76, addr, len,
2882 mode);
2883 if (ret) {
2884 dev_err(dev->mt76.dev, "Download request failed\n");
2885 goto out;
2886 }
2887
2888 ret = __mt76_mcu_send_firmware(&dev->mt76, MCU_CMD(FW_SCATTER),
2889 dl, len, 4096);
2890 if (ret) {
2891 dev_err(dev->mt76.dev, "Failed to send patch\n");
2892 goto out;
2893 }
2894 }
2895
2896 ret = mt76_connac_mcu_start_patch(&dev->mt76);
2897 if (ret)
2898 dev_err(dev->mt76.dev, "Failed to start patch\n");
2899
2900 out:
2901 sem = mt76_connac_mcu_patch_sem_ctrl(&dev->mt76, 0);
2902 switch (sem) {
2903 case PATCH_REL_SEM_SUCCESS:
2904 break;
2905 default:
2906 ret = -EAGAIN;
2907 dev_err(dev->mt76.dev, "Failed to release patch semaphore\n");
2908 break;
2909 }
2910 release_firmware(fw);
2911
2912 return ret;
2913 }
2914
2915 static int
mt7996_mcu_send_ram_firmware(struct mt7996_dev * dev,const struct mt7996_fw_trailer * hdr,const u8 * data,enum mt7996_ram_type type)2916 mt7996_mcu_send_ram_firmware(struct mt7996_dev *dev,
2917 const struct mt7996_fw_trailer *hdr,
2918 const u8 *data, enum mt7996_ram_type type)
2919 {
2920 int i, offset = 0;
2921 u32 override = 0, option = 0;
2922
2923 for (i = 0; i < hdr->n_region; i++) {
2924 const struct mt7996_fw_region *region;
2925 int err;
2926 u32 len, addr, mode;
2927
2928 region = (const struct mt7996_fw_region *)((const u8 *)hdr -
2929 (hdr->n_region - i) * sizeof(*region));
2930 /* DSP and WA use same mode */
2931 mode = mt76_connac_mcu_gen_dl_mode(&dev->mt76,
2932 region->feature_set,
2933 type != MT7996_RAM_TYPE_WM);
2934 len = le32_to_cpu(region->len);
2935 addr = le32_to_cpu(region->addr);
2936
2937 if (region->feature_set & FW_FEATURE_OVERRIDE_ADDR)
2938 override = addr;
2939
2940 err = mt76_connac_mcu_init_download(&dev->mt76, addr, len,
2941 mode);
2942 if (err) {
2943 dev_err(dev->mt76.dev, "Download request failed\n");
2944 return err;
2945 }
2946
2947 err = __mt76_mcu_send_firmware(&dev->mt76, MCU_CMD(FW_SCATTER),
2948 data + offset, len, 4096);
2949 if (err) {
2950 dev_err(dev->mt76.dev, "Failed to send firmware.\n");
2951 return err;
2952 }
2953
2954 offset += len;
2955 }
2956
2957 if (override)
2958 option |= FW_START_OVERRIDE;
2959
2960 if (type == MT7996_RAM_TYPE_WA)
2961 option |= FW_START_WORKING_PDA_CR4;
2962 else if (type == MT7996_RAM_TYPE_DSP)
2963 option |= FW_START_WORKING_PDA_DSP;
2964
2965 return mt76_connac_mcu_start_firmware(&dev->mt76, override, option);
2966 }
2967
__mt7996_load_ram(struct mt7996_dev * dev,const char * fw_type,const char * fw_file,enum mt7996_ram_type ram_type)2968 static int __mt7996_load_ram(struct mt7996_dev *dev, const char *fw_type,
2969 const char *fw_file, enum mt7996_ram_type ram_type)
2970 {
2971 const struct mt7996_fw_trailer *hdr;
2972 const struct firmware *fw;
2973 int ret;
2974
2975 ret = request_firmware(&fw, fw_file, dev->mt76.dev);
2976 if (ret)
2977 return ret;
2978
2979 if (!fw || !fw->data || fw->size < sizeof(*hdr)) {
2980 dev_err(dev->mt76.dev, "Invalid firmware\n");
2981 ret = -EINVAL;
2982 goto out;
2983 }
2984
2985 hdr = (const void *)(fw->data + fw->size - sizeof(*hdr));
2986 dev_info(dev->mt76.dev, "%s Firmware Version: %.10s, Build Time: %.15s\n",
2987 fw_type, hdr->fw_ver, hdr->build_date);
2988
2989 ret = mt7996_mcu_send_ram_firmware(dev, hdr, fw->data, ram_type);
2990 if (ret) {
2991 dev_err(dev->mt76.dev, "Failed to start %s firmware\n", fw_type);
2992 goto out;
2993 }
2994
2995 snprintf(dev->mt76.hw->wiphy->fw_version,
2996 sizeof(dev->mt76.hw->wiphy->fw_version),
2997 "%.10s-%.15s", hdr->fw_ver, hdr->build_date);
2998
2999 out:
3000 release_firmware(fw);
3001
3002 return ret;
3003 }
3004
mt7996_load_ram(struct mt7996_dev * dev)3005 static int mt7996_load_ram(struct mt7996_dev *dev)
3006 {
3007 int ret;
3008
3009 ret = __mt7996_load_ram(dev, "WM", fw_name(dev, FIRMWARE_WM),
3010 MT7996_RAM_TYPE_WM);
3011 if (ret)
3012 return ret;
3013
3014 ret = __mt7996_load_ram(dev, "DSP", fw_name(dev, FIRMWARE_DSP),
3015 MT7996_RAM_TYPE_DSP);
3016 if (ret)
3017 return ret;
3018
3019 return __mt7996_load_ram(dev, "WA", fw_name(dev, FIRMWARE_WA),
3020 MT7996_RAM_TYPE_WA);
3021 }
3022
3023 static int
mt7996_firmware_state(struct mt7996_dev * dev,bool wa)3024 mt7996_firmware_state(struct mt7996_dev *dev, bool wa)
3025 {
3026 u32 state = FIELD_PREP(MT_TOP_MISC_FW_STATE,
3027 wa ? FW_STATE_RDY : FW_STATE_FW_DOWNLOAD);
3028
3029 if (!mt76_poll_msec(dev, MT_TOP_MISC, MT_TOP_MISC_FW_STATE,
3030 state, 1000)) {
3031 dev_err(dev->mt76.dev, "Timeout for initializing firmware\n");
3032 return -EIO;
3033 }
3034 return 0;
3035 }
3036
3037 static int
mt7996_mcu_restart(struct mt76_dev * dev)3038 mt7996_mcu_restart(struct mt76_dev *dev)
3039 {
3040 struct {
3041 u8 __rsv1[4];
3042
3043 __le16 tag;
3044 __le16 len;
3045 u8 power_mode;
3046 u8 __rsv2[3];
3047 } __packed req = {
3048 .tag = cpu_to_le16(UNI_POWER_OFF),
3049 .len = cpu_to_le16(sizeof(req) - 4),
3050 .power_mode = 1,
3051 };
3052
3053 return mt76_mcu_send_msg(dev, MCU_WM_UNI_CMD(POWER_CTRL), &req,
3054 sizeof(req), false);
3055 }
3056
mt7996_load_firmware(struct mt7996_dev * dev)3057 static int mt7996_load_firmware(struct mt7996_dev *dev)
3058 {
3059 int ret;
3060
3061 /* make sure fw is download state */
3062 if (mt7996_firmware_state(dev, false)) {
3063 /* restart firmware once */
3064 mt7996_mcu_restart(&dev->mt76);
3065 ret = mt7996_firmware_state(dev, false);
3066 if (ret) {
3067 dev_err(dev->mt76.dev,
3068 "Firmware is not ready for download\n");
3069 return ret;
3070 }
3071 }
3072
3073 ret = mt7996_load_patch(dev);
3074 if (ret)
3075 return ret;
3076
3077 ret = mt7996_load_ram(dev);
3078 if (ret)
3079 return ret;
3080
3081 ret = mt7996_firmware_state(dev, true);
3082 if (ret)
3083 return ret;
3084
3085 mt76_queue_tx_cleanup(dev, dev->mt76.q_mcu[MT_MCUQ_FWDL], false);
3086
3087 dev_dbg(dev->mt76.dev, "Firmware init done\n");
3088
3089 return 0;
3090 }
3091
mt7996_mcu_fw_log_2_host(struct mt7996_dev * dev,u8 type,u8 ctrl)3092 int mt7996_mcu_fw_log_2_host(struct mt7996_dev *dev, u8 type, u8 ctrl)
3093 {
3094 struct {
3095 u8 _rsv[4];
3096
3097 __le16 tag;
3098 __le16 len;
3099 u8 ctrl;
3100 u8 interval;
3101 u8 _rsv2[2];
3102 } __packed data = {
3103 .tag = cpu_to_le16(UNI_WSYS_CONFIG_FW_LOG_CTRL),
3104 .len = cpu_to_le16(sizeof(data) - 4),
3105 .ctrl = ctrl,
3106 };
3107
3108 if (type == MCU_FW_LOG_WA)
3109 return mt76_mcu_send_msg(&dev->mt76, MCU_WA_UNI_CMD(WSYS_CONFIG),
3110 &data, sizeof(data), true);
3111
3112 return mt76_mcu_send_msg(&dev->mt76, MCU_WM_UNI_CMD(WSYS_CONFIG), &data,
3113 sizeof(data), true);
3114 }
3115
mt7996_mcu_fw_dbg_ctrl(struct mt7996_dev * dev,u32 module,u8 level)3116 int mt7996_mcu_fw_dbg_ctrl(struct mt7996_dev *dev, u32 module, u8 level)
3117 {
3118 struct {
3119 u8 _rsv[4];
3120
3121 __le16 tag;
3122 __le16 len;
3123 __le32 module_idx;
3124 u8 level;
3125 u8 _rsv2[3];
3126 } data = {
3127 .tag = cpu_to_le16(UNI_WSYS_CONFIG_FW_DBG_CTRL),
3128 .len = cpu_to_le16(sizeof(data) - 4),
3129 .module_idx = cpu_to_le32(module),
3130 .level = level,
3131 };
3132
3133 return mt76_mcu_send_msg(&dev->mt76, MCU_WM_UNI_CMD(WSYS_CONFIG), &data,
3134 sizeof(data), false);
3135 }
3136
mt7996_mcu_set_mwds(struct mt7996_dev * dev,bool enabled)3137 static int mt7996_mcu_set_mwds(struct mt7996_dev *dev, bool enabled)
3138 {
3139 struct {
3140 u8 enable;
3141 u8 _rsv[3];
3142 } __packed req = {
3143 .enable = enabled
3144 };
3145
3146 return mt76_mcu_send_msg(&dev->mt76, MCU_WA_EXT_CMD(MWDS_SUPPORT), &req,
3147 sizeof(req), false);
3148 }
3149
mt7996_add_rx_airtime_tlv(struct sk_buff * skb,u8 band_idx)3150 static void mt7996_add_rx_airtime_tlv(struct sk_buff *skb, u8 band_idx)
3151 {
3152 struct vow_rx_airtime *req;
3153 struct tlv *tlv;
3154
3155 tlv = mt7996_mcu_add_uni_tlv(skb, UNI_VOW_RX_AT_AIRTIME_CLR_EN, sizeof(*req));
3156 req = (struct vow_rx_airtime *)tlv;
3157 req->enable = true;
3158 req->band = band_idx;
3159
3160 tlv = mt7996_mcu_add_uni_tlv(skb, UNI_VOW_RX_AT_AIRTIME_EN, sizeof(*req));
3161 req = (struct vow_rx_airtime *)tlv;
3162 req->enable = true;
3163 req->band = band_idx;
3164 }
3165
3166 static int
mt7996_mcu_init_rx_airtime(struct mt7996_dev * dev)3167 mt7996_mcu_init_rx_airtime(struct mt7996_dev *dev)
3168 {
3169 struct uni_header hdr = {};
3170 struct sk_buff *skb;
3171 int len, num, i;
3172
3173 num = 2 + 2 * (mt7996_band_valid(dev, MT_BAND1) +
3174 mt7996_band_valid(dev, MT_BAND2));
3175 len = sizeof(hdr) + num * sizeof(struct vow_rx_airtime);
3176 skb = mt76_mcu_msg_alloc(&dev->mt76, NULL, len);
3177 if (!skb)
3178 return -ENOMEM;
3179
3180 skb_put_data(skb, &hdr, sizeof(hdr));
3181
3182 for (i = 0; i < __MT_MAX_BAND; i++) {
3183 if (mt7996_band_valid(dev, i))
3184 mt7996_add_rx_airtime_tlv(skb, i);
3185 }
3186
3187 return mt76_mcu_skb_send_msg(&dev->mt76, skb,
3188 MCU_WM_UNI_CMD(VOW), true);
3189 }
3190
mt7996_mcu_init_firmware(struct mt7996_dev * dev)3191 int mt7996_mcu_init_firmware(struct mt7996_dev *dev)
3192 {
3193 int ret;
3194
3195 /* force firmware operation mode into normal state,
3196 * which should be set before firmware download stage.
3197 */
3198 mt76_wr(dev, MT_SWDEF_MODE, MT_SWDEF_NORMAL_MODE);
3199
3200 ret = mt7996_driver_own(dev, 0);
3201 if (ret)
3202 return ret;
3203 /* set driver own for band1 when two hif exist */
3204 if (dev->hif2) {
3205 ret = mt7996_driver_own(dev, 1);
3206 if (ret)
3207 return ret;
3208 }
3209
3210 ret = mt7996_load_firmware(dev);
3211 if (ret)
3212 return ret;
3213
3214 set_bit(MT76_STATE_MCU_RUNNING, &dev->mphy.state);
3215 ret = mt7996_mcu_fw_log_2_host(dev, MCU_FW_LOG_WM, 0);
3216 if (ret)
3217 return ret;
3218
3219 ret = mt7996_mcu_fw_log_2_host(dev, MCU_FW_LOG_WA, 0);
3220 if (ret)
3221 return ret;
3222
3223 ret = mt7996_mcu_set_mwds(dev, 1);
3224 if (ret)
3225 return ret;
3226
3227 ret = mt7996_mcu_init_rx_airtime(dev);
3228 if (ret)
3229 return ret;
3230
3231 return mt7996_mcu_wa_cmd(dev, MCU_WA_PARAM_CMD(SET),
3232 MCU_WA_PARAM_RED, 0, 0);
3233 }
3234
mt7996_mcu_init(struct mt7996_dev * dev)3235 int mt7996_mcu_init(struct mt7996_dev *dev)
3236 {
3237 static const struct mt76_mcu_ops mt7996_mcu_ops = {
3238 .headroom = sizeof(struct mt76_connac2_mcu_txd), /* reuse */
3239 .mcu_skb_send_msg = mt7996_mcu_send_message,
3240 .mcu_parse_response = mt7996_mcu_parse_response,
3241 };
3242
3243 dev->mt76.mcu_ops = &mt7996_mcu_ops;
3244
3245 return mt7996_mcu_init_firmware(dev);
3246 }
3247
mt7996_mcu_exit(struct mt7996_dev * dev)3248 void mt7996_mcu_exit(struct mt7996_dev *dev)
3249 {
3250 mt7996_mcu_restart(&dev->mt76);
3251 if (mt7996_firmware_state(dev, false)) {
3252 dev_err(dev->mt76.dev, "Failed to exit mcu\n");
3253 goto out;
3254 }
3255
3256 mt76_wr(dev, MT_TOP_LPCR_HOST_BAND(0), MT_TOP_LPCR_HOST_FW_OWN);
3257 if (dev->hif2)
3258 mt76_wr(dev, MT_TOP_LPCR_HOST_BAND(1),
3259 MT_TOP_LPCR_HOST_FW_OWN);
3260 out:
3261 skb_queue_purge(&dev->mt76.mcu.res_q);
3262 }
3263
mt7996_mcu_set_hdr_trans(struct mt7996_dev * dev,bool hdr_trans)3264 int mt7996_mcu_set_hdr_trans(struct mt7996_dev *dev, bool hdr_trans)
3265 {
3266 struct {
3267 u8 __rsv[4];
3268 } __packed hdr;
3269 struct hdr_trans_blacklist *req_blacklist;
3270 struct hdr_trans_en *req_en;
3271 struct sk_buff *skb;
3272 struct tlv *tlv;
3273 int len = MT7996_HDR_TRANS_MAX_SIZE + sizeof(hdr);
3274
3275 skb = mt76_mcu_msg_alloc(&dev->mt76, NULL, len);
3276 if (!skb)
3277 return -ENOMEM;
3278
3279 skb_put_data(skb, &hdr, sizeof(hdr));
3280
3281 tlv = mt7996_mcu_add_uni_tlv(skb, UNI_HDR_TRANS_EN, sizeof(*req_en));
3282 req_en = (struct hdr_trans_en *)tlv;
3283 req_en->enable = hdr_trans;
3284
3285 tlv = mt7996_mcu_add_uni_tlv(skb, UNI_HDR_TRANS_VLAN,
3286 sizeof(struct hdr_trans_vlan));
3287
3288 if (hdr_trans) {
3289 tlv = mt7996_mcu_add_uni_tlv(skb, UNI_HDR_TRANS_BLACKLIST,
3290 sizeof(*req_blacklist));
3291 req_blacklist = (struct hdr_trans_blacklist *)tlv;
3292 req_blacklist->enable = 1;
3293 req_blacklist->type = cpu_to_le16(ETH_P_PAE);
3294 }
3295
3296 return mt76_mcu_skb_send_msg(&dev->mt76, skb,
3297 MCU_WM_UNI_CMD(RX_HDR_TRANS), true);
3298 }
3299
mt7996_mcu_set_tx(struct mt7996_dev * dev,struct ieee80211_vif * vif,struct ieee80211_bss_conf * link_conf)3300 int mt7996_mcu_set_tx(struct mt7996_dev *dev, struct ieee80211_vif *vif,
3301 struct ieee80211_bss_conf *link_conf)
3302 {
3303 #define MCU_EDCA_AC_PARAM 0
3304 #define WMM_AIFS_SET BIT(0)
3305 #define WMM_CW_MIN_SET BIT(1)
3306 #define WMM_CW_MAX_SET BIT(2)
3307 #define WMM_TXOP_SET BIT(3)
3308 #define WMM_PARAM_SET (WMM_AIFS_SET | WMM_CW_MIN_SET | \
3309 WMM_CW_MAX_SET | WMM_TXOP_SET)
3310 struct mt7996_vif_link *link = mt7996_vif_conf_link(dev, vif, link_conf);
3311 struct {
3312 u8 bss_idx;
3313 u8 __rsv[3];
3314 } __packed hdr = {
3315 .bss_idx = link->mt76.idx,
3316 };
3317 struct sk_buff *skb;
3318 int len = sizeof(hdr) + IEEE80211_NUM_ACS * sizeof(struct edca);
3319 int ac;
3320
3321 skb = mt76_mcu_msg_alloc(&dev->mt76, NULL, len);
3322 if (!skb)
3323 return -ENOMEM;
3324
3325 skb_put_data(skb, &hdr, sizeof(hdr));
3326
3327 for (ac = 0; ac < IEEE80211_NUM_ACS; ac++) {
3328 struct ieee80211_tx_queue_params *q = &link->queue_params[ac];
3329 struct edca *e;
3330 struct tlv *tlv;
3331
3332 tlv = mt7996_mcu_add_uni_tlv(skb, MCU_EDCA_AC_PARAM, sizeof(*e));
3333
3334 e = (struct edca *)tlv;
3335 e->set = WMM_PARAM_SET;
3336 e->queue = ac;
3337 e->aifs = q->aifs;
3338 e->txop = cpu_to_le16(q->txop);
3339
3340 if (q->cw_min)
3341 e->cw_min = fls(q->cw_min);
3342 else
3343 e->cw_min = 5;
3344
3345 if (q->cw_max)
3346 e->cw_max = fls(q->cw_max);
3347 else
3348 e->cw_max = 10;
3349 }
3350
3351 return mt76_mcu_skb_send_msg(&dev->mt76, skb,
3352 MCU_WM_UNI_CMD(EDCA_UPDATE), true);
3353 }
3354
mt7996_mcu_set_fcc5_lpn(struct mt7996_dev * dev,int val)3355 int mt7996_mcu_set_fcc5_lpn(struct mt7996_dev *dev, int val)
3356 {
3357 struct {
3358 u8 _rsv[4];
3359
3360 __le16 tag;
3361 __le16 len;
3362
3363 __le32 ctrl;
3364 __le16 min_lpn;
3365 u8 rsv[2];
3366 } __packed req = {
3367 .tag = cpu_to_le16(UNI_RDD_CTRL_SET_TH),
3368 .len = cpu_to_le16(sizeof(req) - 4),
3369
3370 .ctrl = cpu_to_le32(0x1),
3371 .min_lpn = cpu_to_le16(val),
3372 };
3373
3374 return mt76_mcu_send_msg(&dev->mt76, MCU_WM_UNI_CMD(RDD_CTRL),
3375 &req, sizeof(req), true);
3376 }
3377
mt7996_mcu_set_pulse_th(struct mt7996_dev * dev,const struct mt7996_dfs_pulse * pulse)3378 int mt7996_mcu_set_pulse_th(struct mt7996_dev *dev,
3379 const struct mt7996_dfs_pulse *pulse)
3380 {
3381 struct {
3382 u8 _rsv[4];
3383
3384 __le16 tag;
3385 __le16 len;
3386
3387 __le32 ctrl;
3388
3389 __le32 max_width; /* us */
3390 __le32 max_pwr; /* dbm */
3391 __le32 min_pwr; /* dbm */
3392 __le32 min_stgr_pri; /* us */
3393 __le32 max_stgr_pri; /* us */
3394 __le32 min_cr_pri; /* us */
3395 __le32 max_cr_pri; /* us */
3396 } __packed req = {
3397 .tag = cpu_to_le16(UNI_RDD_CTRL_SET_TH),
3398 .len = cpu_to_le16(sizeof(req) - 4),
3399
3400 .ctrl = cpu_to_le32(0x3),
3401
3402 #define __req_field(field) .field = cpu_to_le32(pulse->field)
3403 __req_field(max_width),
3404 __req_field(max_pwr),
3405 __req_field(min_pwr),
3406 __req_field(min_stgr_pri),
3407 __req_field(max_stgr_pri),
3408 __req_field(min_cr_pri),
3409 __req_field(max_cr_pri),
3410 #undef __req_field
3411 };
3412
3413 return mt76_mcu_send_msg(&dev->mt76, MCU_WM_UNI_CMD(RDD_CTRL),
3414 &req, sizeof(req), true);
3415 }
3416
mt7996_mcu_set_radar_th(struct mt7996_dev * dev,int index,const struct mt7996_dfs_pattern * pattern)3417 int mt7996_mcu_set_radar_th(struct mt7996_dev *dev, int index,
3418 const struct mt7996_dfs_pattern *pattern)
3419 {
3420 struct {
3421 u8 _rsv[4];
3422
3423 __le16 tag;
3424 __le16 len;
3425
3426 __le32 ctrl;
3427 __le16 radar_type;
3428
3429 u8 enb;
3430 u8 stgr;
3431 u8 min_crpn;
3432 u8 max_crpn;
3433 u8 min_crpr;
3434 u8 min_pw;
3435 __le32 min_pri;
3436 __le32 max_pri;
3437 u8 max_pw;
3438 u8 min_crbn;
3439 u8 max_crbn;
3440 u8 min_stgpn;
3441 u8 max_stgpn;
3442 u8 min_stgpr;
3443 u8 rsv[2];
3444 __le32 min_stgpr_diff;
3445 } __packed req = {
3446 .tag = cpu_to_le16(UNI_RDD_CTRL_SET_TH),
3447 .len = cpu_to_le16(sizeof(req) - 4),
3448
3449 .ctrl = cpu_to_le32(0x2),
3450 .radar_type = cpu_to_le16(index),
3451
3452 #define __req_field_u8(field) .field = pattern->field
3453 #define __req_field_u32(field) .field = cpu_to_le32(pattern->field)
3454 __req_field_u8(enb),
3455 __req_field_u8(stgr),
3456 __req_field_u8(min_crpn),
3457 __req_field_u8(max_crpn),
3458 __req_field_u8(min_crpr),
3459 __req_field_u8(min_pw),
3460 __req_field_u32(min_pri),
3461 __req_field_u32(max_pri),
3462 __req_field_u8(max_pw),
3463 __req_field_u8(min_crbn),
3464 __req_field_u8(max_crbn),
3465 __req_field_u8(min_stgpn),
3466 __req_field_u8(max_stgpn),
3467 __req_field_u8(min_stgpr),
3468 __req_field_u32(min_stgpr_diff),
3469 #undef __req_field_u8
3470 #undef __req_field_u32
3471 };
3472
3473 return mt76_mcu_send_msg(&dev->mt76, MCU_WM_UNI_CMD(RDD_CTRL),
3474 &req, sizeof(req), true);
3475 }
3476
3477 static int
mt7996_mcu_background_chain_ctrl(struct mt7996_phy * phy,struct cfg80211_chan_def * chandef,int cmd)3478 mt7996_mcu_background_chain_ctrl(struct mt7996_phy *phy,
3479 struct cfg80211_chan_def *chandef,
3480 int cmd)
3481 {
3482 struct mt7996_dev *dev = phy->dev;
3483 struct mt76_phy *mphy = phy->mt76;
3484 struct ieee80211_channel *chan = mphy->chandef.chan;
3485 int freq = mphy->chandef.center_freq1;
3486 struct mt7996_mcu_background_chain_ctrl req = {
3487 .tag = cpu_to_le16(0),
3488 .len = cpu_to_le16(sizeof(req) - 4),
3489 .monitor_scan_type = 2, /* simple rx */
3490 };
3491
3492 if (!chandef && cmd != CH_SWITCH_BACKGROUND_SCAN_STOP)
3493 return -EINVAL;
3494
3495 if (!cfg80211_chandef_valid(&mphy->chandef))
3496 return -EINVAL;
3497
3498 switch (cmd) {
3499 case CH_SWITCH_BACKGROUND_SCAN_START: {
3500 req.chan = chan->hw_value;
3501 req.central_chan = ieee80211_frequency_to_channel(freq);
3502 req.bw = mt76_connac_chan_bw(&mphy->chandef);
3503 req.monitor_chan = chandef->chan->hw_value;
3504 req.monitor_central_chan =
3505 ieee80211_frequency_to_channel(chandef->center_freq1);
3506 req.monitor_bw = mt76_connac_chan_bw(chandef);
3507 req.band_idx = phy->mt76->band_idx;
3508 req.scan_mode = 1;
3509 break;
3510 }
3511 case CH_SWITCH_BACKGROUND_SCAN_RUNNING:
3512 req.monitor_chan = chandef->chan->hw_value;
3513 req.monitor_central_chan =
3514 ieee80211_frequency_to_channel(chandef->center_freq1);
3515 req.band_idx = phy->mt76->band_idx;
3516 req.scan_mode = 2;
3517 break;
3518 case CH_SWITCH_BACKGROUND_SCAN_STOP:
3519 req.chan = chan->hw_value;
3520 req.central_chan = ieee80211_frequency_to_channel(freq);
3521 req.bw = mt76_connac_chan_bw(&mphy->chandef);
3522 req.tx_stream = hweight8(mphy->antenna_mask);
3523 req.rx_stream = mphy->antenna_mask;
3524 break;
3525 default:
3526 return -EINVAL;
3527 }
3528 req.band = chandef ? chandef->chan->band == NL80211_BAND_5GHZ : 1;
3529
3530 return mt76_mcu_send_msg(&dev->mt76, MCU_WM_UNI_CMD(OFFCH_SCAN_CTRL),
3531 &req, sizeof(req), false);
3532 }
3533
mt7996_mcu_rdd_background_enable(struct mt7996_phy * phy,struct cfg80211_chan_def * chandef)3534 int mt7996_mcu_rdd_background_enable(struct mt7996_phy *phy,
3535 struct cfg80211_chan_def *chandef)
3536 {
3537 struct mt7996_dev *dev = phy->dev;
3538 int err, region;
3539
3540 if (!chandef) { /* disable offchain */
3541 err = mt7996_mcu_rdd_cmd(dev, RDD_STOP, MT_RX_SEL2,
3542 0, 0);
3543 if (err)
3544 return err;
3545
3546 return mt7996_mcu_background_chain_ctrl(phy, NULL,
3547 CH_SWITCH_BACKGROUND_SCAN_STOP);
3548 }
3549
3550 err = mt7996_mcu_background_chain_ctrl(phy, chandef,
3551 CH_SWITCH_BACKGROUND_SCAN_START);
3552 if (err)
3553 return err;
3554
3555 switch (dev->mt76.region) {
3556 case NL80211_DFS_ETSI:
3557 region = 0;
3558 break;
3559 case NL80211_DFS_JP:
3560 region = 2;
3561 break;
3562 case NL80211_DFS_FCC:
3563 default:
3564 region = 1;
3565 break;
3566 }
3567
3568 return mt7996_mcu_rdd_cmd(dev, RDD_START, MT_RX_SEL2,
3569 0, region);
3570 }
3571
mt7996_mcu_set_chan_info(struct mt7996_phy * phy,u16 tag)3572 int mt7996_mcu_set_chan_info(struct mt7996_phy *phy, u16 tag)
3573 {
3574 static const u8 ch_band[] = {
3575 [NL80211_BAND_2GHZ] = 0,
3576 [NL80211_BAND_5GHZ] = 1,
3577 [NL80211_BAND_6GHZ] = 2,
3578 };
3579 struct mt7996_dev *dev = phy->dev;
3580 struct cfg80211_chan_def *chandef = &phy->mt76->chandef;
3581 int freq1 = chandef->center_freq1;
3582 u8 band_idx = phy->mt76->band_idx;
3583 struct {
3584 /* fixed field */
3585 u8 __rsv[4];
3586
3587 __le16 tag;
3588 __le16 len;
3589 u8 control_ch;
3590 u8 center_ch;
3591 u8 bw;
3592 u8 tx_path_num;
3593 u8 rx_path; /* mask or num */
3594 u8 switch_reason;
3595 u8 band_idx;
3596 u8 center_ch2; /* for 80+80 only */
3597 __le16 cac_case;
3598 u8 channel_band;
3599 u8 rsv0;
3600 __le32 outband_freq;
3601 u8 txpower_drop;
3602 u8 ap_bw;
3603 u8 ap_center_ch;
3604 u8 rsv1[53];
3605 } __packed req = {
3606 .tag = cpu_to_le16(tag),
3607 .len = cpu_to_le16(sizeof(req) - 4),
3608 .control_ch = chandef->chan->hw_value,
3609 .center_ch = ieee80211_frequency_to_channel(freq1),
3610 .bw = mt76_connac_chan_bw(chandef),
3611 .tx_path_num = hweight16(phy->mt76->chainmask),
3612 .rx_path = mt7996_rx_chainmask(phy) >> dev->chainshift[band_idx],
3613 .band_idx = band_idx,
3614 .channel_band = ch_band[chandef->chan->band],
3615 };
3616
3617 if (phy->mt76->hw->conf.flags & IEEE80211_CONF_MONITOR)
3618 req.switch_reason = CH_SWITCH_NORMAL;
3619 else if (phy->mt76->offchannel ||
3620 phy->mt76->hw->conf.flags & IEEE80211_CONF_IDLE)
3621 req.switch_reason = CH_SWITCH_SCAN_BYPASS_DPD;
3622 else if (!cfg80211_reg_can_beacon(phy->mt76->hw->wiphy, chandef,
3623 NL80211_IFTYPE_AP))
3624 req.switch_reason = CH_SWITCH_DFS;
3625 else
3626 req.switch_reason = CH_SWITCH_NORMAL;
3627
3628 if (tag == UNI_CHANNEL_SWITCH)
3629 req.rx_path = hweight8(req.rx_path);
3630
3631 if (chandef->width == NL80211_CHAN_WIDTH_80P80) {
3632 int freq2 = chandef->center_freq2;
3633
3634 req.center_ch2 = ieee80211_frequency_to_channel(freq2);
3635 }
3636
3637 return mt76_mcu_send_msg(&dev->mt76, MCU_WMWA_UNI_CMD(CHANNEL_SWITCH),
3638 &req, sizeof(req), true);
3639 }
3640
mt7996_mcu_set_eeprom_flash(struct mt7996_dev * dev)3641 static int mt7996_mcu_set_eeprom_flash(struct mt7996_dev *dev)
3642 {
3643 #define MAX_PAGE_IDX_MASK GENMASK(7, 5)
3644 #define PAGE_IDX_MASK GENMASK(4, 2)
3645 #define PER_PAGE_SIZE 0x400
3646 struct mt7996_mcu_eeprom req = {
3647 .tag = cpu_to_le16(UNI_EFUSE_BUFFER_MODE),
3648 .buffer_mode = EE_MODE_BUFFER
3649 };
3650 u16 eeprom_size = MT7996_EEPROM_SIZE;
3651 u8 total = DIV_ROUND_UP(eeprom_size, PER_PAGE_SIZE);
3652 u8 *eep = (u8 *)dev->mt76.eeprom.data;
3653 int eep_len, i;
3654
3655 for (i = 0; i < total; i++, eep += eep_len) {
3656 struct sk_buff *skb;
3657 int ret, msg_len;
3658
3659 if (i == total - 1 && !!(eeprom_size % PER_PAGE_SIZE))
3660 eep_len = eeprom_size % PER_PAGE_SIZE;
3661 else
3662 eep_len = PER_PAGE_SIZE;
3663
3664 msg_len = sizeof(req) + eep_len;
3665 skb = mt76_mcu_msg_alloc(&dev->mt76, NULL, msg_len);
3666 if (!skb)
3667 return -ENOMEM;
3668
3669 req.len = cpu_to_le16(msg_len - 4);
3670 req.format = FIELD_PREP(MAX_PAGE_IDX_MASK, total - 1) |
3671 FIELD_PREP(PAGE_IDX_MASK, i) | EE_FORMAT_WHOLE;
3672 req.buf_len = cpu_to_le16(eep_len);
3673
3674 skb_put_data(skb, &req, sizeof(req));
3675 skb_put_data(skb, eep, eep_len);
3676
3677 ret = mt76_mcu_skb_send_msg(&dev->mt76, skb,
3678 MCU_WM_UNI_CMD(EFUSE_CTRL), true);
3679 if (ret)
3680 return ret;
3681 }
3682
3683 return 0;
3684 }
3685
mt7996_mcu_set_eeprom(struct mt7996_dev * dev)3686 int mt7996_mcu_set_eeprom(struct mt7996_dev *dev)
3687 {
3688 struct mt7996_mcu_eeprom req = {
3689 .tag = cpu_to_le16(UNI_EFUSE_BUFFER_MODE),
3690 .len = cpu_to_le16(sizeof(req) - 4),
3691 .buffer_mode = EE_MODE_EFUSE,
3692 .format = EE_FORMAT_WHOLE
3693 };
3694
3695 if (dev->flash_mode)
3696 return mt7996_mcu_set_eeprom_flash(dev);
3697
3698 return mt76_mcu_send_msg(&dev->mt76, MCU_WM_UNI_CMD(EFUSE_CTRL),
3699 &req, sizeof(req), true);
3700 }
3701
mt7996_mcu_get_eeprom(struct mt7996_dev * dev,u32 offset,u8 * buf,u32 buf_len)3702 int mt7996_mcu_get_eeprom(struct mt7996_dev *dev, u32 offset, u8 *buf, u32 buf_len)
3703 {
3704 struct {
3705 u8 _rsv[4];
3706
3707 __le16 tag;
3708 __le16 len;
3709 __le32 addr;
3710 __le32 valid;
3711 u8 data[16];
3712 } __packed req = {
3713 .tag = cpu_to_le16(UNI_EFUSE_ACCESS),
3714 .len = cpu_to_le16(sizeof(req) - 4),
3715 .addr = cpu_to_le32(round_down(offset,
3716 MT7996_EEPROM_BLOCK_SIZE)),
3717 };
3718 struct sk_buff *skb;
3719 bool valid;
3720 int ret;
3721
3722 ret = mt76_mcu_send_and_get_msg(&dev->mt76,
3723 MCU_WM_UNI_CMD_QUERY(EFUSE_CTRL),
3724 &req, sizeof(req), true, &skb);
3725 if (ret)
3726 return ret;
3727
3728 valid = le32_to_cpu(*(__le32 *)(skb->data + 16));
3729 if (valid) {
3730 u32 addr = le32_to_cpu(*(__le32 *)(skb->data + 12));
3731
3732 if (!buf)
3733 buf = (u8 *)dev->mt76.eeprom.data + addr;
3734 if (!buf_len || buf_len > MT7996_EEPROM_BLOCK_SIZE)
3735 buf_len = MT7996_EEPROM_BLOCK_SIZE;
3736
3737 skb_pull(skb, 48);
3738 memcpy(buf, skb->data, buf_len);
3739 } else {
3740 ret = -EINVAL;
3741 }
3742
3743 dev_kfree_skb(skb);
3744
3745 return ret;
3746 }
3747
mt7996_mcu_get_eeprom_free_block(struct mt7996_dev * dev,u8 * block_num)3748 int mt7996_mcu_get_eeprom_free_block(struct mt7996_dev *dev, u8 *block_num)
3749 {
3750 struct {
3751 u8 _rsv[4];
3752
3753 __le16 tag;
3754 __le16 len;
3755 u8 num;
3756 u8 version;
3757 u8 die_idx;
3758 u8 _rsv2;
3759 } __packed req = {
3760 .tag = cpu_to_le16(UNI_EFUSE_FREE_BLOCK),
3761 .len = cpu_to_le16(sizeof(req) - 4),
3762 .version = 2,
3763 };
3764 struct sk_buff *skb;
3765 int ret;
3766
3767 ret = mt76_mcu_send_and_get_msg(&dev->mt76, MCU_WM_UNI_CMD_QUERY(EFUSE_CTRL), &req,
3768 sizeof(req), true, &skb);
3769 if (ret)
3770 return ret;
3771
3772 *block_num = *(u8 *)(skb->data + 8);
3773 dev_kfree_skb(skb);
3774
3775 return 0;
3776 }
3777
mt7996_mcu_get_chip_config(struct mt7996_dev * dev,u32 * cap)3778 int mt7996_mcu_get_chip_config(struct mt7996_dev *dev, u32 *cap)
3779 {
3780 #define NIC_CAP 3
3781 #define UNI_EVENT_CHIP_CONFIG_EFUSE_VERSION 0x21
3782 struct {
3783 u8 _rsv[4];
3784
3785 __le16 tag;
3786 __le16 len;
3787 } __packed req = {
3788 .tag = cpu_to_le16(NIC_CAP),
3789 .len = cpu_to_le16(sizeof(req) - 4),
3790 };
3791 struct sk_buff *skb;
3792 u8 *buf;
3793 int ret;
3794
3795 ret = mt76_mcu_send_and_get_msg(&dev->mt76,
3796 MCU_WM_UNI_CMD_QUERY(CHIP_CONFIG), &req,
3797 sizeof(req), true, &skb);
3798 if (ret)
3799 return ret;
3800
3801 /* fixed field */
3802 skb_pull(skb, 4);
3803
3804 buf = skb->data;
3805 while (buf - skb->data < skb->len) {
3806 struct tlv *tlv = (struct tlv *)buf;
3807
3808 switch (le16_to_cpu(tlv->tag)) {
3809 case UNI_EVENT_CHIP_CONFIG_EFUSE_VERSION:
3810 *cap = le32_to_cpu(*(__le32 *)(buf + sizeof(*tlv)));
3811 break;
3812 default:
3813 break;
3814 }
3815
3816 buf += le16_to_cpu(tlv->len);
3817 }
3818
3819 dev_kfree_skb(skb);
3820
3821 return 0;
3822 }
3823
mt7996_mcu_get_chan_mib_info(struct mt7996_phy * phy,bool chan_switch)3824 int mt7996_mcu_get_chan_mib_info(struct mt7996_phy *phy, bool chan_switch)
3825 {
3826 enum {
3827 IDX_TX_TIME,
3828 IDX_RX_TIME,
3829 IDX_OBSS_AIRTIME,
3830 IDX_NON_WIFI_TIME,
3831 IDX_NUM
3832 };
3833 struct {
3834 struct {
3835 u8 band;
3836 u8 __rsv[3];
3837 } hdr;
3838 struct {
3839 __le16 tag;
3840 __le16 len;
3841 __le32 offs;
3842 } data[IDX_NUM];
3843 } __packed req = {
3844 .hdr.band = phy->mt76->band_idx,
3845 };
3846 static const u32 offs[] = {
3847 [IDX_TX_TIME] = UNI_MIB_TX_TIME,
3848 [IDX_RX_TIME] = UNI_MIB_RX_TIME,
3849 [IDX_OBSS_AIRTIME] = UNI_MIB_OBSS_AIRTIME,
3850 [IDX_NON_WIFI_TIME] = UNI_MIB_NON_WIFI_TIME,
3851 };
3852 struct mt76_channel_state *state = phy->mt76->chan_state;
3853 struct mt76_channel_state *state_ts = &phy->state_ts;
3854 struct mt7996_dev *dev = phy->dev;
3855 struct mt7996_mcu_mib *res;
3856 struct sk_buff *skb;
3857 int i, ret;
3858
3859 for (i = 0; i < IDX_NUM; i++) {
3860 req.data[i].tag = cpu_to_le16(UNI_CMD_MIB_DATA);
3861 req.data[i].len = cpu_to_le16(sizeof(req.data[i]));
3862 req.data[i].offs = cpu_to_le32(offs[i]);
3863 }
3864
3865 ret = mt76_mcu_send_and_get_msg(&dev->mt76, MCU_WM_UNI_CMD_QUERY(GET_MIB_INFO),
3866 &req, sizeof(req), true, &skb);
3867 if (ret)
3868 return ret;
3869
3870 skb_pull(skb, sizeof(req.hdr));
3871
3872 res = (struct mt7996_mcu_mib *)(skb->data);
3873
3874 if (chan_switch)
3875 goto out;
3876
3877 #define __res_u64(s) le64_to_cpu(res[s].data)
3878 state->cc_tx += __res_u64(IDX_TX_TIME) - state_ts->cc_tx;
3879 state->cc_bss_rx += __res_u64(IDX_RX_TIME) - state_ts->cc_bss_rx;
3880 state->cc_rx += __res_u64(IDX_RX_TIME) +
3881 __res_u64(IDX_OBSS_AIRTIME) -
3882 state_ts->cc_rx;
3883 state->cc_busy += __res_u64(IDX_TX_TIME) +
3884 __res_u64(IDX_RX_TIME) +
3885 __res_u64(IDX_OBSS_AIRTIME) +
3886 __res_u64(IDX_NON_WIFI_TIME) -
3887 state_ts->cc_busy;
3888 out:
3889 state_ts->cc_tx = __res_u64(IDX_TX_TIME);
3890 state_ts->cc_bss_rx = __res_u64(IDX_RX_TIME);
3891 state_ts->cc_rx = __res_u64(IDX_RX_TIME) + __res_u64(IDX_OBSS_AIRTIME);
3892 state_ts->cc_busy = __res_u64(IDX_TX_TIME) +
3893 __res_u64(IDX_RX_TIME) +
3894 __res_u64(IDX_OBSS_AIRTIME) +
3895 __res_u64(IDX_NON_WIFI_TIME);
3896 #undef __res_u64
3897
3898 dev_kfree_skb(skb);
3899
3900 return 0;
3901 }
3902
mt7996_mcu_get_temperature(struct mt7996_phy * phy)3903 int mt7996_mcu_get_temperature(struct mt7996_phy *phy)
3904 {
3905 #define TEMPERATURE_QUERY 0
3906 #define GET_TEMPERATURE 0
3907 struct {
3908 u8 _rsv[4];
3909
3910 __le16 tag;
3911 __le16 len;
3912
3913 u8 rsv1;
3914 u8 action;
3915 u8 band_idx;
3916 u8 rsv2;
3917 } req = {
3918 .tag = cpu_to_le16(TEMPERATURE_QUERY),
3919 .len = cpu_to_le16(sizeof(req) - 4),
3920 .action = GET_TEMPERATURE,
3921 .band_idx = phy->mt76->band_idx,
3922 };
3923 struct mt7996_mcu_thermal {
3924 u8 _rsv[4];
3925
3926 __le16 tag;
3927 __le16 len;
3928
3929 __le32 rsv;
3930 __le32 temperature;
3931 } __packed * res;
3932 struct sk_buff *skb;
3933 int ret;
3934 u32 temp;
3935
3936 ret = mt76_mcu_send_and_get_msg(&phy->dev->mt76, MCU_WM_UNI_CMD(THERMAL),
3937 &req, sizeof(req), true, &skb);
3938 if (ret)
3939 return ret;
3940
3941 res = (void *)skb->data;
3942 temp = le32_to_cpu(res->temperature);
3943 dev_kfree_skb(skb);
3944
3945 return temp;
3946 }
3947
mt7996_mcu_set_thermal_throttling(struct mt7996_phy * phy,u8 state)3948 int mt7996_mcu_set_thermal_throttling(struct mt7996_phy *phy, u8 state)
3949 {
3950 struct {
3951 u8 _rsv[4];
3952
3953 __le16 tag;
3954 __le16 len;
3955
3956 struct mt7996_mcu_thermal_ctrl ctrl;
3957 } __packed req = {
3958 .tag = cpu_to_le16(UNI_CMD_THERMAL_PROTECT_DUTY_CONFIG),
3959 .len = cpu_to_le16(sizeof(req) - 4),
3960 .ctrl = {
3961 .band_idx = phy->mt76->band_idx,
3962 },
3963 };
3964 int level, ret;
3965
3966 /* set duty cycle and level */
3967 for (level = 0; level < 4; level++) {
3968 req.ctrl.duty.duty_level = level;
3969 req.ctrl.duty.duty_cycle = state;
3970 state /= 2;
3971
3972 ret = mt76_mcu_send_msg(&phy->dev->mt76, MCU_WM_UNI_CMD(THERMAL),
3973 &req, sizeof(req), false);
3974 if (ret)
3975 return ret;
3976 }
3977
3978 return 0;
3979 }
3980
mt7996_mcu_set_thermal_protect(struct mt7996_phy * phy,bool enable)3981 int mt7996_mcu_set_thermal_protect(struct mt7996_phy *phy, bool enable)
3982 {
3983 #define SUSTAIN_PERIOD 10
3984 struct {
3985 u8 _rsv[4];
3986
3987 __le16 tag;
3988 __le16 len;
3989
3990 struct mt7996_mcu_thermal_ctrl ctrl;
3991 struct mt7996_mcu_thermal_enable enable;
3992 } __packed req = {
3993 .len = cpu_to_le16(sizeof(req) - 4 - sizeof(req.enable)),
3994 .ctrl = {
3995 .band_idx = phy->mt76->band_idx,
3996 .type.protect_type = 1,
3997 .type.trigger_type = 1,
3998 },
3999 };
4000 int ret;
4001
4002 req.tag = cpu_to_le16(UNI_CMD_THERMAL_PROTECT_DISABLE);
4003
4004 ret = mt76_mcu_send_msg(&phy->dev->mt76, MCU_WM_UNI_CMD(THERMAL),
4005 &req, sizeof(req) - sizeof(req.enable), false);
4006 if (ret || !enable)
4007 return ret;
4008
4009 /* set high-temperature trigger threshold */
4010 req.tag = cpu_to_le16(UNI_CMD_THERMAL_PROTECT_ENABLE);
4011 req.enable.restore_temp = cpu_to_le32(phy->throttle_temp[0]);
4012 req.enable.trigger_temp = cpu_to_le32(phy->throttle_temp[1]);
4013 req.enable.sustain_time = cpu_to_le16(SUSTAIN_PERIOD);
4014
4015 req.len = cpu_to_le16(sizeof(req) - 4);
4016
4017 return mt76_mcu_send_msg(&phy->dev->mt76, MCU_WM_UNI_CMD(THERMAL),
4018 &req, sizeof(req), false);
4019 }
4020
mt7996_mcu_set_ser(struct mt7996_dev * dev,u8 action,u8 val,u8 band)4021 int mt7996_mcu_set_ser(struct mt7996_dev *dev, u8 action, u8 val, u8 band)
4022 {
4023 struct {
4024 u8 rsv[4];
4025
4026 __le16 tag;
4027 __le16 len;
4028
4029 union {
4030 struct {
4031 __le32 mask;
4032 } __packed set;
4033
4034 struct {
4035 u8 method;
4036 u8 band;
4037 u8 rsv2[2];
4038 } __packed trigger;
4039 };
4040 } __packed req = {
4041 .tag = cpu_to_le16(action),
4042 .len = cpu_to_le16(sizeof(req) - 4),
4043 };
4044
4045 switch (action) {
4046 case UNI_CMD_SER_SET:
4047 req.set.mask = cpu_to_le32(val);
4048 break;
4049 case UNI_CMD_SER_TRIGGER:
4050 req.trigger.method = val;
4051 req.trigger.band = band;
4052 break;
4053 default:
4054 return -EINVAL;
4055 }
4056
4057 return mt76_mcu_send_msg(&dev->mt76, MCU_WM_UNI_CMD(SER),
4058 &req, sizeof(req), false);
4059 }
4060
mt7996_mcu_set_txbf(struct mt7996_dev * dev,u8 action)4061 int mt7996_mcu_set_txbf(struct mt7996_dev *dev, u8 action)
4062 {
4063 #define MT7996_BF_MAX_SIZE sizeof(union bf_tag_tlv)
4064 #define BF_PROCESSING 4
4065 struct uni_header hdr;
4066 struct sk_buff *skb;
4067 struct tlv *tlv;
4068 int len = sizeof(hdr) + MT7996_BF_MAX_SIZE;
4069
4070 memset(&hdr, 0, sizeof(hdr));
4071
4072 skb = mt76_mcu_msg_alloc(&dev->mt76, NULL, len);
4073 if (!skb)
4074 return -ENOMEM;
4075
4076 skb_put_data(skb, &hdr, sizeof(hdr));
4077
4078 switch (action) {
4079 case BF_SOUNDING_ON: {
4080 struct bf_sounding_on *req_snd_on;
4081
4082 tlv = mt7996_mcu_add_uni_tlv(skb, action, sizeof(*req_snd_on));
4083 req_snd_on = (struct bf_sounding_on *)tlv;
4084 req_snd_on->snd_mode = BF_PROCESSING;
4085 break;
4086 }
4087 case BF_HW_EN_UPDATE: {
4088 struct bf_hw_en_status_update *req_hw_en;
4089
4090 tlv = mt7996_mcu_add_uni_tlv(skb, action, sizeof(*req_hw_en));
4091 req_hw_en = (struct bf_hw_en_status_update *)tlv;
4092 req_hw_en->ebf = true;
4093 req_hw_en->ibf = dev->ibf;
4094 break;
4095 }
4096 case BF_MOD_EN_CTRL: {
4097 struct bf_mod_en_ctrl *req_mod_en;
4098
4099 tlv = mt7996_mcu_add_uni_tlv(skb, action, sizeof(*req_mod_en));
4100 req_mod_en = (struct bf_mod_en_ctrl *)tlv;
4101 req_mod_en->bf_num = mt7996_band_valid(dev, MT_BAND2) ? 3 : 2;
4102 req_mod_en->bf_bitmap = mt7996_band_valid(dev, MT_BAND2) ?
4103 GENMASK(2, 0) : GENMASK(1, 0);
4104 break;
4105 }
4106 default:
4107 return -EINVAL;
4108 }
4109
4110 return mt76_mcu_skb_send_msg(&dev->mt76, skb, MCU_WM_UNI_CMD(BF), true);
4111 }
4112
4113 static int
mt7996_mcu_enable_obss_spr(struct mt7996_phy * phy,u16 action,u8 val)4114 mt7996_mcu_enable_obss_spr(struct mt7996_phy *phy, u16 action, u8 val)
4115 {
4116 struct mt7996_dev *dev = phy->dev;
4117 struct {
4118 u8 band_idx;
4119 u8 __rsv[3];
4120
4121 __le16 tag;
4122 __le16 len;
4123
4124 __le32 val;
4125 } __packed req = {
4126 .band_idx = phy->mt76->band_idx,
4127 .tag = cpu_to_le16(action),
4128 .len = cpu_to_le16(sizeof(req) - 4),
4129 .val = cpu_to_le32(val),
4130 };
4131
4132 return mt76_mcu_send_msg(&dev->mt76, MCU_WM_UNI_CMD(SR),
4133 &req, sizeof(req), true);
4134 }
4135
4136 static int
mt7996_mcu_set_obss_spr_pd(struct mt7996_phy * phy,struct ieee80211_he_obss_pd * he_obss_pd)4137 mt7996_mcu_set_obss_spr_pd(struct mt7996_phy *phy,
4138 struct ieee80211_he_obss_pd *he_obss_pd)
4139 {
4140 struct mt7996_dev *dev = phy->dev;
4141 u8 max_th = 82, non_srg_max_th = 62;
4142 struct {
4143 u8 band_idx;
4144 u8 __rsv[3];
4145
4146 __le16 tag;
4147 __le16 len;
4148
4149 u8 pd_th_non_srg;
4150 u8 pd_th_srg;
4151 u8 period_offs;
4152 u8 rcpi_src;
4153 __le16 obss_pd_min;
4154 __le16 obss_pd_min_srg;
4155 u8 resp_txpwr_mode;
4156 u8 txpwr_restrict_mode;
4157 u8 txpwr_ref;
4158 u8 __rsv2[3];
4159 } __packed req = {
4160 .band_idx = phy->mt76->band_idx,
4161 .tag = cpu_to_le16(UNI_CMD_SR_SET_PARAM),
4162 .len = cpu_to_le16(sizeof(req) - 4),
4163 .obss_pd_min = cpu_to_le16(max_th),
4164 .obss_pd_min_srg = cpu_to_le16(max_th),
4165 .txpwr_restrict_mode = 2,
4166 .txpwr_ref = 21
4167 };
4168 int ret;
4169
4170 /* disable firmware dynamical PD asjustment */
4171 ret = mt7996_mcu_enable_obss_spr(phy, UNI_CMD_SR_ENABLE_DPD, false);
4172 if (ret)
4173 return ret;
4174
4175 if (he_obss_pd->sr_ctrl &
4176 IEEE80211_HE_SPR_NON_SRG_OBSS_PD_SR_DISALLOWED)
4177 req.pd_th_non_srg = max_th;
4178 else if (he_obss_pd->sr_ctrl & IEEE80211_HE_SPR_NON_SRG_OFFSET_PRESENT)
4179 req.pd_th_non_srg = max_th - he_obss_pd->non_srg_max_offset;
4180 else
4181 req.pd_th_non_srg = non_srg_max_th;
4182
4183 if (he_obss_pd->sr_ctrl & IEEE80211_HE_SPR_SRG_INFORMATION_PRESENT)
4184 req.pd_th_srg = max_th - he_obss_pd->max_offset;
4185
4186 return mt76_mcu_send_msg(&dev->mt76, MCU_WM_UNI_CMD(SR),
4187 &req, sizeof(req), true);
4188 }
4189
4190 static int
mt7996_mcu_set_obss_spr_siga(struct mt7996_phy * phy,struct mt7996_vif_link * link,struct ieee80211_he_obss_pd * he_obss_pd)4191 mt7996_mcu_set_obss_spr_siga(struct mt7996_phy *phy,
4192 struct mt7996_vif_link *link,
4193 struct ieee80211_he_obss_pd *he_obss_pd)
4194 {
4195 struct mt7996_dev *dev = phy->dev;
4196 u8 omac = link->mt76.omac_idx;
4197 struct {
4198 u8 band_idx;
4199 u8 __rsv[3];
4200
4201 __le16 tag;
4202 __le16 len;
4203
4204 u8 omac;
4205 u8 __rsv2[3];
4206 u8 flag[20];
4207 } __packed req = {
4208 .band_idx = phy->mt76->band_idx,
4209 .tag = cpu_to_le16(UNI_CMD_SR_SET_SIGA),
4210 .len = cpu_to_le16(sizeof(req) - 4),
4211 .omac = omac > HW_BSSID_MAX ? omac - 12 : omac,
4212 };
4213 int ret;
4214
4215 if (he_obss_pd->sr_ctrl & IEEE80211_HE_SPR_HESIGA_SR_VAL15_ALLOWED)
4216 req.flag[req.omac] = 0xf;
4217 else
4218 return 0;
4219
4220 /* switch to normal AP mode */
4221 ret = mt7996_mcu_enable_obss_spr(phy, UNI_CMD_SR_ENABLE_MODE, 0);
4222 if (ret)
4223 return ret;
4224
4225 return mt76_mcu_send_msg(&dev->mt76, MCU_WM_UNI_CMD(SR),
4226 &req, sizeof(req), true);
4227 }
4228
4229 static int
mt7996_mcu_set_obss_spr_bitmap(struct mt7996_phy * phy,struct ieee80211_he_obss_pd * he_obss_pd)4230 mt7996_mcu_set_obss_spr_bitmap(struct mt7996_phy *phy,
4231 struct ieee80211_he_obss_pd *he_obss_pd)
4232 {
4233 struct mt7996_dev *dev = phy->dev;
4234 struct {
4235 u8 band_idx;
4236 u8 __rsv[3];
4237
4238 __le16 tag;
4239 __le16 len;
4240
4241 __le32 color_l[2];
4242 __le32 color_h[2];
4243 __le32 bssid_l[2];
4244 __le32 bssid_h[2];
4245 } __packed req = {
4246 .band_idx = phy->mt76->band_idx,
4247 .tag = cpu_to_le16(UNI_CMD_SR_SET_SRG_BITMAP),
4248 .len = cpu_to_le16(sizeof(req) - 4),
4249 };
4250 u32 bitmap;
4251
4252 memcpy(&bitmap, he_obss_pd->bss_color_bitmap, sizeof(bitmap));
4253 req.color_l[req.band_idx] = cpu_to_le32(bitmap);
4254
4255 memcpy(&bitmap, he_obss_pd->bss_color_bitmap + 4, sizeof(bitmap));
4256 req.color_h[req.band_idx] = cpu_to_le32(bitmap);
4257
4258 memcpy(&bitmap, he_obss_pd->partial_bssid_bitmap, sizeof(bitmap));
4259 req.bssid_l[req.band_idx] = cpu_to_le32(bitmap);
4260
4261 memcpy(&bitmap, he_obss_pd->partial_bssid_bitmap + 4, sizeof(bitmap));
4262 req.bssid_h[req.band_idx] = cpu_to_le32(bitmap);
4263
4264 return mt76_mcu_send_msg(&dev->mt76, MCU_WM_UNI_CMD(SR), &req,
4265 sizeof(req), true);
4266 }
4267
mt7996_mcu_add_obss_spr(struct mt7996_phy * phy,struct mt7996_vif_link * link,struct ieee80211_he_obss_pd * he_obss_pd)4268 int mt7996_mcu_add_obss_spr(struct mt7996_phy *phy,
4269 struct mt7996_vif_link *link,
4270 struct ieee80211_he_obss_pd *he_obss_pd)
4271 {
4272 int ret;
4273
4274 /* enable firmware scene detection algorithms */
4275 ret = mt7996_mcu_enable_obss_spr(phy, UNI_CMD_SR_ENABLE_SD,
4276 sr_scene_detect);
4277 if (ret)
4278 return ret;
4279
4280 /* firmware dynamically adjusts PD threshold so skip manual control */
4281 if (sr_scene_detect && !he_obss_pd->enable)
4282 return 0;
4283
4284 /* enable spatial reuse */
4285 ret = mt7996_mcu_enable_obss_spr(phy, UNI_CMD_SR_ENABLE,
4286 he_obss_pd->enable);
4287 if (ret)
4288 return ret;
4289
4290 if (sr_scene_detect || !he_obss_pd->enable)
4291 return 0;
4292
4293 ret = mt7996_mcu_enable_obss_spr(phy, UNI_CMD_SR_ENABLE_TX, true);
4294 if (ret)
4295 return ret;
4296
4297 /* set SRG/non-SRG OBSS PD threshold */
4298 ret = mt7996_mcu_set_obss_spr_pd(phy, he_obss_pd);
4299 if (ret)
4300 return ret;
4301
4302 /* Set SR prohibit */
4303 ret = mt7996_mcu_set_obss_spr_siga(phy, link, he_obss_pd);
4304 if (ret)
4305 return ret;
4306
4307 /* set SRG BSS color/BSSID bitmap */
4308 return mt7996_mcu_set_obss_spr_bitmap(phy, he_obss_pd);
4309 }
4310
mt7996_mcu_update_bss_color(struct mt7996_dev * dev,struct mt76_vif_link * mlink,struct cfg80211_he_bss_color * he_bss_color)4311 int mt7996_mcu_update_bss_color(struct mt7996_dev *dev,
4312 struct mt76_vif_link *mlink,
4313 struct cfg80211_he_bss_color *he_bss_color)
4314 {
4315 int len = sizeof(struct bss_req_hdr) + sizeof(struct bss_color_tlv);
4316 struct bss_color_tlv *bss_color;
4317 struct sk_buff *skb;
4318 struct tlv *tlv;
4319
4320 skb = __mt7996_mcu_alloc_bss_req(&dev->mt76, mlink, len);
4321 if (IS_ERR(skb))
4322 return PTR_ERR(skb);
4323
4324 tlv = mt76_connac_mcu_add_tlv(skb, UNI_BSS_INFO_BSS_COLOR,
4325 sizeof(*bss_color));
4326 bss_color = (struct bss_color_tlv *)tlv;
4327 bss_color->enable = he_bss_color->enabled;
4328 bss_color->color = he_bss_color->color;
4329
4330 return mt76_mcu_skb_send_msg(&dev->mt76, skb,
4331 MCU_WMWA_UNI_CMD(BSS_INFO_UPDATE), true);
4332 }
4333
4334 #define TWT_AGRT_TRIGGER BIT(0)
4335 #define TWT_AGRT_ANNOUNCE BIT(1)
4336 #define TWT_AGRT_PROTECT BIT(2)
4337
mt7996_mcu_twt_agrt_update(struct mt7996_dev * dev,struct mt7996_vif_link * link,struct mt7996_twt_flow * flow,int cmd)4338 int mt7996_mcu_twt_agrt_update(struct mt7996_dev *dev,
4339 struct mt7996_vif_link *link,
4340 struct mt7996_twt_flow *flow,
4341 int cmd)
4342 {
4343 struct {
4344 /* fixed field */
4345 u8 bss;
4346 u8 _rsv[3];
4347
4348 __le16 tag;
4349 __le16 len;
4350 u8 tbl_idx;
4351 u8 cmd;
4352 u8 own_mac_idx;
4353 u8 flowid; /* 0xff for group id */
4354 __le16 peer_id; /* specify the peer_id (msb=0)
4355 * or group_id (msb=1)
4356 */
4357 u8 duration; /* 256 us */
4358 u8 bss_idx;
4359 __le64 start_tsf;
4360 __le16 mantissa;
4361 u8 exponent;
4362 u8 is_ap;
4363 u8 agrt_params;
4364 u8 __rsv2[23];
4365 } __packed req = {
4366 .tag = cpu_to_le16(UNI_CMD_TWT_ARGT_UPDATE),
4367 .len = cpu_to_le16(sizeof(req) - 4),
4368 .tbl_idx = flow->table_id,
4369 .cmd = cmd,
4370 .own_mac_idx = link->mt76.omac_idx,
4371 .flowid = flow->id,
4372 .peer_id = cpu_to_le16(flow->wcid),
4373 .duration = flow->duration,
4374 .bss = link->mt76.idx,
4375 .bss_idx = link->mt76.idx,
4376 .start_tsf = cpu_to_le64(flow->tsf),
4377 .mantissa = flow->mantissa,
4378 .exponent = flow->exp,
4379 .is_ap = true,
4380 };
4381
4382 if (flow->protection)
4383 req.agrt_params |= TWT_AGRT_PROTECT;
4384 if (!flow->flowtype)
4385 req.agrt_params |= TWT_AGRT_ANNOUNCE;
4386 if (flow->trigger)
4387 req.agrt_params |= TWT_AGRT_TRIGGER;
4388
4389 return mt76_mcu_send_msg(&dev->mt76, MCU_WM_UNI_CMD(TWT),
4390 &req, sizeof(req), true);
4391 }
4392
mt7996_mcu_set_rts_thresh(struct mt7996_phy * phy,u32 val)4393 int mt7996_mcu_set_rts_thresh(struct mt7996_phy *phy, u32 val)
4394 {
4395 struct {
4396 u8 band_idx;
4397 u8 _rsv[3];
4398
4399 __le16 tag;
4400 __le16 len;
4401 __le32 len_thresh;
4402 __le32 pkt_thresh;
4403 } __packed req = {
4404 .band_idx = phy->mt76->band_idx,
4405 .tag = cpu_to_le16(UNI_BAND_CONFIG_RTS_THRESHOLD),
4406 .len = cpu_to_le16(sizeof(req) - 4),
4407 .len_thresh = cpu_to_le32(val),
4408 .pkt_thresh = cpu_to_le32(0x2),
4409 };
4410
4411 return mt76_mcu_send_msg(&phy->dev->mt76, MCU_WM_UNI_CMD(BAND_CONFIG),
4412 &req, sizeof(req), true);
4413 }
4414
mt7996_mcu_set_radio_en(struct mt7996_phy * phy,bool enable)4415 int mt7996_mcu_set_radio_en(struct mt7996_phy *phy, bool enable)
4416 {
4417 struct {
4418 u8 band_idx;
4419 u8 _rsv[3];
4420
4421 __le16 tag;
4422 __le16 len;
4423 u8 enable;
4424 u8 _rsv2[3];
4425 } __packed req = {
4426 .band_idx = phy->mt76->band_idx,
4427 .tag = cpu_to_le16(UNI_BAND_CONFIG_RADIO_ENABLE),
4428 .len = cpu_to_le16(sizeof(req) - 4),
4429 .enable = enable,
4430 };
4431
4432 return mt76_mcu_send_msg(&phy->dev->mt76, MCU_WM_UNI_CMD(BAND_CONFIG),
4433 &req, sizeof(req), true);
4434 }
4435
mt7996_mcu_rdd_cmd(struct mt7996_dev * dev,int cmd,u8 index,u8 rx_sel,u8 val)4436 int mt7996_mcu_rdd_cmd(struct mt7996_dev *dev, int cmd, u8 index,
4437 u8 rx_sel, u8 val)
4438 {
4439 struct {
4440 u8 _rsv[4];
4441
4442 __le16 tag;
4443 __le16 len;
4444
4445 u8 ctrl;
4446 u8 rdd_idx;
4447 u8 rdd_rx_sel;
4448 u8 val;
4449 u8 rsv[4];
4450 } __packed req = {
4451 .tag = cpu_to_le16(UNI_RDD_CTRL_PARM),
4452 .len = cpu_to_le16(sizeof(req) - 4),
4453 .ctrl = cmd,
4454 .rdd_idx = index,
4455 .rdd_rx_sel = rx_sel,
4456 .val = val,
4457 };
4458
4459 return mt76_mcu_send_msg(&dev->mt76, MCU_WM_UNI_CMD(RDD_CTRL),
4460 &req, sizeof(req), true);
4461 }
4462
mt7996_mcu_wtbl_update_hdr_trans(struct mt7996_dev * dev,struct ieee80211_vif * vif,struct mt7996_vif_link * link,struct mt7996_sta_link * msta_link)4463 int mt7996_mcu_wtbl_update_hdr_trans(struct mt7996_dev *dev,
4464 struct ieee80211_vif *vif,
4465 struct mt7996_vif_link *link,
4466 struct mt7996_sta_link *msta_link)
4467 {
4468 struct sk_buff *skb;
4469
4470 skb = __mt76_connac_mcu_alloc_sta_req(&dev->mt76, &link->mt76,
4471 &msta_link->wcid,
4472 MT7996_STA_UPDATE_MAX_SIZE);
4473 if (IS_ERR(skb))
4474 return PTR_ERR(skb);
4475
4476 /* starec hdr trans */
4477 mt7996_mcu_sta_hdr_trans_tlv(dev, skb, vif, &msta_link->wcid);
4478 return mt76_mcu_skb_send_msg(&dev->mt76, skb,
4479 MCU_WMWA_UNI_CMD(STA_REC_UPDATE), true);
4480 }
4481
mt7996_mcu_set_fixed_rate_table(struct mt7996_phy * phy,u8 table_idx,u16 rate_idx,bool beacon)4482 int mt7996_mcu_set_fixed_rate_table(struct mt7996_phy *phy, u8 table_idx,
4483 u16 rate_idx, bool beacon)
4484 {
4485 #define UNI_FIXED_RATE_TABLE_SET 0
4486 #define SPE_IXD_SELECT_TXD 0
4487 #define SPE_IXD_SELECT_BMC_WTBL 1
4488 struct mt7996_dev *dev = phy->dev;
4489 struct fixed_rate_table_ctrl req = {
4490 .tag = cpu_to_le16(UNI_FIXED_RATE_TABLE_SET),
4491 .len = cpu_to_le16(sizeof(req) - 4),
4492 .table_idx = table_idx,
4493 .rate_idx = cpu_to_le16(rate_idx),
4494 .gi = 1,
4495 .he_ltf = 1,
4496 };
4497 u8 band_idx = phy->mt76->band_idx;
4498
4499 if (beacon) {
4500 req.spe_idx_sel = SPE_IXD_SELECT_TXD;
4501 req.spe_idx = 24 + band_idx;
4502 phy->beacon_rate = rate_idx;
4503 } else {
4504 req.spe_idx_sel = SPE_IXD_SELECT_BMC_WTBL;
4505 }
4506
4507 return mt76_mcu_send_msg(&dev->mt76, MCU_WM_UNI_CMD(FIXED_RATE_TABLE),
4508 &req, sizeof(req), false);
4509 }
4510
mt7996_mcu_rf_regval(struct mt7996_dev * dev,u32 regidx,u32 * val,bool set)4511 int mt7996_mcu_rf_regval(struct mt7996_dev *dev, u32 regidx, u32 *val, bool set)
4512 {
4513 struct {
4514 u8 __rsv1[4];
4515
4516 __le16 tag;
4517 __le16 len;
4518 __le16 idx;
4519 u8 __rsv2[2];
4520 __le32 ofs;
4521 __le32 data;
4522 } __packed *res, req = {
4523 .tag = cpu_to_le16(UNI_CMD_ACCESS_RF_REG_BASIC),
4524 .len = cpu_to_le16(sizeof(req) - 4),
4525
4526 .idx = cpu_to_le16(u32_get_bits(regidx, GENMASK(31, 24))),
4527 .ofs = cpu_to_le32(u32_get_bits(regidx, GENMASK(23, 0))),
4528 .data = set ? cpu_to_le32(*val) : 0,
4529 };
4530 struct sk_buff *skb;
4531 int ret;
4532
4533 if (set)
4534 return mt76_mcu_send_msg(&dev->mt76, MCU_WM_UNI_CMD(REG_ACCESS),
4535 &req, sizeof(req), true);
4536
4537 ret = mt76_mcu_send_and_get_msg(&dev->mt76,
4538 MCU_WM_UNI_CMD_QUERY(REG_ACCESS),
4539 &req, sizeof(req), true, &skb);
4540 if (ret)
4541 return ret;
4542
4543 res = (void *)skb->data;
4544 *val = le32_to_cpu(res->data);
4545 dev_kfree_skb(skb);
4546
4547 return 0;
4548 }
4549
mt7996_mcu_trigger_assert(struct mt7996_dev * dev)4550 int mt7996_mcu_trigger_assert(struct mt7996_dev *dev)
4551 {
4552 struct {
4553 __le16 tag;
4554 __le16 len;
4555 u8 enable;
4556 u8 rsv[3];
4557 } __packed req = {
4558 .len = cpu_to_le16(sizeof(req) - 4),
4559 .enable = true,
4560 };
4561
4562 return mt76_mcu_send_msg(&dev->mt76, MCU_WM_UNI_CMD(ASSERT_DUMP),
4563 &req, sizeof(req), false);
4564 }
4565
mt7996_mcu_set_rro(struct mt7996_dev * dev,u16 tag,u16 val)4566 int mt7996_mcu_set_rro(struct mt7996_dev *dev, u16 tag, u16 val)
4567 {
4568 struct {
4569 u8 __rsv1[4];
4570 __le16 tag;
4571 __le16 len;
4572 union {
4573 struct {
4574 u8 type;
4575 u8 __rsv2[3];
4576 } __packed platform_type;
4577 struct {
4578 u8 type;
4579 u8 dest;
4580 u8 __rsv2[2];
4581 } __packed bypass_mode;
4582 struct {
4583 u8 path;
4584 u8 __rsv2[3];
4585 } __packed txfree_path;
4586 struct {
4587 __le16 flush_one;
4588 __le16 flush_all;
4589 u8 __rsv2[4];
4590 } __packed timeout;
4591 };
4592 } __packed req = {
4593 .tag = cpu_to_le16(tag),
4594 .len = cpu_to_le16(sizeof(req) - 4),
4595 };
4596
4597 switch (tag) {
4598 case UNI_RRO_SET_PLATFORM_TYPE:
4599 req.platform_type.type = val;
4600 break;
4601 case UNI_RRO_SET_BYPASS_MODE:
4602 req.bypass_mode.type = val;
4603 break;
4604 case UNI_RRO_SET_TXFREE_PATH:
4605 req.txfree_path.path = val;
4606 break;
4607 case UNI_RRO_SET_FLUSH_TIMEOUT:
4608 req.timeout.flush_one = cpu_to_le16(val);
4609 req.timeout.flush_all = cpu_to_le16(2 * val);
4610 break;
4611 default:
4612 return -EINVAL;
4613 }
4614
4615 return mt76_mcu_send_msg(&dev->mt76, MCU_WM_UNI_CMD(RRO), &req,
4616 sizeof(req), true);
4617 }
4618
mt7996_mcu_get_all_sta_info(struct mt7996_phy * phy,u16 tag)4619 int mt7996_mcu_get_all_sta_info(struct mt7996_phy *phy, u16 tag)
4620 {
4621 struct mt7996_dev *dev = phy->dev;
4622 struct {
4623 u8 _rsv[4];
4624
4625 __le16 tag;
4626 __le16 len;
4627 } __packed req = {
4628 .tag = cpu_to_le16(tag),
4629 .len = cpu_to_le16(sizeof(req) - 4),
4630 };
4631
4632 return mt76_mcu_send_msg(&dev->mt76, MCU_WM_UNI_CMD(ALL_STA_INFO),
4633 &req, sizeof(req), false);
4634 }
4635
mt7996_mcu_wed_rro_reset_sessions(struct mt7996_dev * dev,u16 id)4636 int mt7996_mcu_wed_rro_reset_sessions(struct mt7996_dev *dev, u16 id)
4637 {
4638 struct {
4639 u8 __rsv[4];
4640
4641 __le16 tag;
4642 __le16 len;
4643 __le16 session_id;
4644 u8 pad[4];
4645 } __packed req = {
4646 .tag = cpu_to_le16(UNI_RRO_DEL_BA_SESSION),
4647 .len = cpu_to_le16(sizeof(req) - 4),
4648 .session_id = cpu_to_le16(id),
4649 };
4650
4651 return mt76_mcu_send_msg(&dev->mt76, MCU_WM_UNI_CMD(RRO), &req,
4652 sizeof(req), true);
4653 }
4654
mt7996_mcu_set_sniffer_mode(struct mt7996_phy * phy,bool enabled)4655 int mt7996_mcu_set_sniffer_mode(struct mt7996_phy *phy, bool enabled)
4656 {
4657 struct mt7996_dev *dev = phy->dev;
4658 struct {
4659 u8 band_idx;
4660 u8 _rsv[3];
4661 __le16 tag;
4662 __le16 len;
4663 u8 enable;
4664 u8 _pad[3];
4665 } __packed req = {
4666 .band_idx = phy->mt76->band_idx,
4667 .tag = 0,
4668 .len = cpu_to_le16(sizeof(req) - 4),
4669 .enable = enabled,
4670 };
4671
4672 return mt76_mcu_send_msg(&dev->mt76, MCU_WM_UNI_CMD(SNIFFER), &req,
4673 sizeof(req), true);
4674 }
4675
mt7996_mcu_set_txpower_sku(struct mt7996_phy * phy)4676 int mt7996_mcu_set_txpower_sku(struct mt7996_phy *phy)
4677 {
4678 #define TX_POWER_LIMIT_TABLE_RATE 0
4679 struct mt7996_dev *dev = phy->dev;
4680 struct mt76_phy *mphy = phy->mt76;
4681 struct tx_power_limit_table_ctrl {
4682 u8 __rsv1[4];
4683
4684 __le16 tag;
4685 __le16 len;
4686 u8 power_ctrl_id;
4687 u8 power_limit_type;
4688 u8 band_idx;
4689 } __packed req = {
4690 .tag = cpu_to_le16(UNI_TXPOWER_POWER_LIMIT_TABLE_CTRL),
4691 .len = cpu_to_le16(sizeof(req) + MT7996_SKU_PATH_NUM - 4),
4692 .power_ctrl_id = UNI_TXPOWER_POWER_LIMIT_TABLE_CTRL,
4693 .power_limit_type = TX_POWER_LIMIT_TABLE_RATE,
4694 .band_idx = phy->mt76->band_idx,
4695 };
4696 struct mt76_power_limits la = {};
4697 struct sk_buff *skb;
4698 int i, tx_power;
4699
4700 tx_power = mt76_get_power_bound(mphy, phy->txpower);
4701 tx_power = mt76_get_rate_power_limits(mphy, mphy->chandef.chan,
4702 &la, tx_power);
4703 mphy->txpower_cur = tx_power;
4704
4705 skb = mt76_mcu_msg_alloc(&dev->mt76, NULL,
4706 sizeof(req) + MT7996_SKU_PATH_NUM);
4707 if (!skb)
4708 return -ENOMEM;
4709
4710 skb_put_data(skb, &req, sizeof(req));
4711 /* cck and ofdm */
4712 skb_put_data(skb, &la.cck, sizeof(la.cck));
4713 skb_put_data(skb, &la.ofdm, sizeof(la.ofdm));
4714 /* ht20 */
4715 skb_put_data(skb, &la.mcs[0], 8);
4716 /* ht40 */
4717 skb_put_data(skb, &la.mcs[1], 9);
4718
4719 /* vht */
4720 for (i = 0; i < 4; i++) {
4721 skb_put_data(skb, &la.mcs[i], sizeof(la.mcs[i]));
4722 skb_put_zero(skb, 2); /* padding */
4723 }
4724
4725 /* he */
4726 skb_put_data(skb, &la.ru[0], sizeof(la.ru));
4727 /* eht */
4728 skb_put_data(skb, &la.eht[0], sizeof(la.eht));
4729
4730 /* padding */
4731 skb_put_zero(skb, MT7996_SKU_PATH_NUM - MT7996_SKU_RATE_NUM);
4732
4733 return mt76_mcu_skb_send_msg(&dev->mt76, skb,
4734 MCU_WM_UNI_CMD(TXPOWER), true);
4735 }
4736
mt7996_mcu_cp_support(struct mt7996_dev * dev,u8 mode)4737 int mt7996_mcu_cp_support(struct mt7996_dev *dev, u8 mode)
4738 {
4739 __le32 cp_mode;
4740
4741 if (mode < mt76_connac_lmac_mapping(IEEE80211_AC_BE) ||
4742 mode > mt76_connac_lmac_mapping(IEEE80211_AC_VO))
4743 return -EINVAL;
4744
4745 cp_mode = cpu_to_le32(mode);
4746 return mt76_mcu_send_msg(&dev->mt76, MCU_WA_EXT_CMD(CP_SUPPORT),
4747 &cp_mode, sizeof(cp_mode), true);
4748 }
4749