1 // SPDX-License-Identifier: ISC
2 /*
3 * Copyright (C) 2022 MediaTek Inc.
4 */
5
6 #include <linux/etherdevice.h>
7 #include <linux/timekeeping.h>
8 #include "coredump.h"
9 #include "mt7996.h"
10 #include "../dma.h"
11 #include "mac.h"
12 #include "mcu.h"
13
14 #define to_rssi(field, rcpi) ((FIELD_GET(field, rcpi) - 220) / 2)
15
16 static const struct mt7996_dfs_radar_spec etsi_radar_specs = {
17 .pulse_th = { 110, -10, -80, 40, 5200, 128, 5200 },
18 .radar_pattern = {
19 [5] = { 1, 0, 6, 32, 28, 0, 990, 5010, 17, 1, 1 },
20 [6] = { 1, 0, 9, 32, 28, 0, 615, 5010, 27, 1, 1 },
21 [7] = { 1, 0, 15, 32, 28, 0, 240, 445, 27, 1, 1 },
22 [8] = { 1, 0, 12, 32, 28, 0, 240, 510, 42, 1, 1 },
23 [9] = { 1, 1, 0, 0, 0, 0, 2490, 3343, 14, 0, 0, 12, 32, 28, { }, 126 },
24 [10] = { 1, 1, 0, 0, 0, 0, 2490, 3343, 14, 0, 0, 15, 32, 24, { }, 126 },
25 [11] = { 1, 1, 0, 0, 0, 0, 823, 2510, 14, 0, 0, 18, 32, 28, { }, 54 },
26 [12] = { 1, 1, 0, 0, 0, 0, 823, 2510, 14, 0, 0, 27, 32, 24, { }, 54 },
27 },
28 };
29
30 static const struct mt7996_dfs_radar_spec fcc_radar_specs = {
31 .pulse_th = { 110, -10, -80, 40, 5200, 128, 5200 },
32 .radar_pattern = {
33 [0] = { 1, 0, 8, 32, 28, 0, 508, 3076, 13, 1, 1 },
34 [1] = { 1, 0, 12, 32, 28, 0, 140, 240, 17, 1, 1 },
35 [2] = { 1, 0, 8, 32, 28, 0, 190, 510, 22, 1, 1 },
36 [3] = { 1, 0, 6, 32, 28, 0, 190, 510, 32, 1, 1 },
37 [4] = { 1, 0, 9, 255, 28, 0, 323, 343, 13, 1, 32 },
38 },
39 };
40
41 static const struct mt7996_dfs_radar_spec jp_radar_specs = {
42 .pulse_th = { 110, -10, -80, 40, 5200, 128, 5200 },
43 .radar_pattern = {
44 [0] = { 1, 0, 8, 32, 28, 0, 508, 3076, 13, 1, 1 },
45 [1] = { 1, 0, 12, 32, 28, 0, 140, 240, 17, 1, 1 },
46 [2] = { 1, 0, 8, 32, 28, 0, 190, 510, 22, 1, 1 },
47 [3] = { 1, 0, 6, 32, 28, 0, 190, 510, 32, 1, 1 },
48 [4] = { 1, 0, 9, 255, 28, 0, 323, 343, 13, 1, 32 },
49 [13] = { 1, 0, 7, 32, 28, 0, 3836, 3856, 14, 1, 1 },
50 [14] = { 1, 0, 6, 32, 28, 0, 615, 5010, 110, 1, 1 },
51 [15] = { 1, 1, 0, 0, 0, 0, 15, 5010, 110, 0, 0, 12, 32, 28 },
52 },
53 };
54
mt7996_rx_get_wcid(struct mt7996_dev * dev,u16 idx,bool unicast)55 static struct mt76_wcid *mt7996_rx_get_wcid(struct mt7996_dev *dev,
56 u16 idx, bool unicast)
57 {
58 struct mt7996_sta *sta;
59 struct mt76_wcid *wcid;
60
61 if (idx >= ARRAY_SIZE(dev->mt76.wcid))
62 return NULL;
63
64 wcid = rcu_dereference(dev->mt76.wcid[idx]);
65 if (unicast || !wcid)
66 return wcid;
67
68 if (!wcid->sta)
69 return NULL;
70
71 sta = container_of(wcid, struct mt7996_sta, wcid);
72 if (!sta->vif)
73 return NULL;
74
75 return &sta->vif->deflink.sta.wcid;
76 }
77
mt7996_mac_wtbl_update(struct mt7996_dev * dev,int idx,u32 mask)78 bool mt7996_mac_wtbl_update(struct mt7996_dev *dev, int idx, u32 mask)
79 {
80 mt76_rmw(dev, MT_WTBL_UPDATE, MT_WTBL_UPDATE_WLAN_IDX,
81 FIELD_PREP(MT_WTBL_UPDATE_WLAN_IDX, idx) | mask);
82
83 return mt76_poll(dev, MT_WTBL_UPDATE, MT_WTBL_UPDATE_BUSY,
84 0, 5000);
85 }
86
mt7996_mac_wtbl_lmac_addr(struct mt7996_dev * dev,u16 wcid,u8 dw)87 u32 mt7996_mac_wtbl_lmac_addr(struct mt7996_dev *dev, u16 wcid, u8 dw)
88 {
89 mt76_wr(dev, MT_WTBLON_TOP_WDUCR,
90 FIELD_PREP(MT_WTBLON_TOP_WDUCR_GROUP, (wcid >> 7)));
91
92 return MT_WTBL_LMAC_OFFS(wcid, dw);
93 }
94
mt7996_mac_sta_poll(struct mt7996_dev * dev)95 static void mt7996_mac_sta_poll(struct mt7996_dev *dev)
96 {
97 static const u8 ac_to_tid[] = {
98 [IEEE80211_AC_BE] = 0,
99 [IEEE80211_AC_BK] = 1,
100 [IEEE80211_AC_VI] = 4,
101 [IEEE80211_AC_VO] = 6
102 };
103 struct ieee80211_sta *sta;
104 struct mt7996_sta *msta;
105 u32 tx_time[IEEE80211_NUM_ACS], rx_time[IEEE80211_NUM_ACS];
106 LIST_HEAD(sta_poll_list);
107 int i;
108
109 spin_lock_bh(&dev->mt76.sta_poll_lock);
110 list_splice_init(&dev->mt76.sta_poll_list, &sta_poll_list);
111 spin_unlock_bh(&dev->mt76.sta_poll_lock);
112
113 rcu_read_lock();
114
115 while (true) {
116 bool clear = false;
117 u32 addr, val;
118 u16 idx;
119 s8 rssi[4];
120
121 spin_lock_bh(&dev->mt76.sta_poll_lock);
122 if (list_empty(&sta_poll_list)) {
123 spin_unlock_bh(&dev->mt76.sta_poll_lock);
124 break;
125 }
126 msta = list_first_entry(&sta_poll_list,
127 struct mt7996_sta, wcid.poll_list);
128 list_del_init(&msta->wcid.poll_list);
129 spin_unlock_bh(&dev->mt76.sta_poll_lock);
130
131 idx = msta->wcid.idx;
132
133 /* refresh peer's airtime reporting */
134 addr = mt7996_mac_wtbl_lmac_addr(dev, idx, 20);
135
136 for (i = 0; i < IEEE80211_NUM_ACS; i++) {
137 u32 tx_last = msta->airtime_ac[i];
138 u32 rx_last = msta->airtime_ac[i + 4];
139
140 msta->airtime_ac[i] = mt76_rr(dev, addr);
141 msta->airtime_ac[i + 4] = mt76_rr(dev, addr + 4);
142
143 tx_time[i] = msta->airtime_ac[i] - tx_last;
144 rx_time[i] = msta->airtime_ac[i + 4] - rx_last;
145
146 if ((tx_last | rx_last) & BIT(30))
147 clear = true;
148
149 addr += 8;
150 }
151
152 if (clear) {
153 mt7996_mac_wtbl_update(dev, idx,
154 MT_WTBL_UPDATE_ADM_COUNT_CLEAR);
155 memset(msta->airtime_ac, 0, sizeof(msta->airtime_ac));
156 }
157
158 if (!msta->wcid.sta)
159 continue;
160
161 sta = container_of((void *)msta, struct ieee80211_sta,
162 drv_priv);
163 for (i = 0; i < IEEE80211_NUM_ACS; i++) {
164 u8 q = mt76_connac_lmac_mapping(i);
165 u32 tx_cur = tx_time[q];
166 u32 rx_cur = rx_time[q];
167 u8 tid = ac_to_tid[i];
168
169 if (!tx_cur && !rx_cur)
170 continue;
171
172 ieee80211_sta_register_airtime(sta, tid, tx_cur, rx_cur);
173 }
174
175 /* get signal strength of resp frames (CTS/BA/ACK) */
176 addr = mt7996_mac_wtbl_lmac_addr(dev, idx, 34);
177 val = mt76_rr(dev, addr);
178
179 rssi[0] = to_rssi(GENMASK(7, 0), val);
180 rssi[1] = to_rssi(GENMASK(15, 8), val);
181 rssi[2] = to_rssi(GENMASK(23, 16), val);
182 rssi[3] = to_rssi(GENMASK(31, 14), val);
183
184 msta->ack_signal =
185 mt76_rx_signal(msta->vif->deflink.phy->mt76->antenna_mask, rssi);
186
187 ewma_avg_signal_add(&msta->avg_ack_signal, -msta->ack_signal);
188 }
189
190 rcu_read_unlock();
191 }
192
mt7996_mac_enable_rtscts(struct mt7996_dev * dev,struct ieee80211_vif * vif,bool enable)193 void mt7996_mac_enable_rtscts(struct mt7996_dev *dev,
194 struct ieee80211_vif *vif, bool enable)
195 {
196 struct mt7996_vif *mvif = (struct mt7996_vif *)vif->drv_priv;
197 u32 addr;
198
199 addr = mt7996_mac_wtbl_lmac_addr(dev, mvif->deflink.sta.wcid.idx, 5);
200 if (enable)
201 mt76_set(dev, addr, BIT(5));
202 else
203 mt76_clear(dev, addr, BIT(5));
204 }
205
206 /* The HW does not translate the mac header to 802.3 for mesh point */
mt7996_reverse_frag0_hdr_trans(struct sk_buff * skb,u16 hdr_gap)207 static int mt7996_reverse_frag0_hdr_trans(struct sk_buff *skb, u16 hdr_gap)
208 {
209 struct mt76_rx_status *status = (struct mt76_rx_status *)skb->cb;
210 struct ethhdr *eth_hdr = (struct ethhdr *)(skb->data + hdr_gap);
211 struct mt7996_sta *msta = (struct mt7996_sta *)status->wcid;
212 __le32 *rxd = (__le32 *)skb->data;
213 struct ieee80211_sta *sta;
214 struct ieee80211_vif *vif;
215 struct ieee80211_hdr hdr;
216 u16 frame_control;
217
218 if (le32_get_bits(rxd[3], MT_RXD3_NORMAL_ADDR_TYPE) !=
219 MT_RXD3_NORMAL_U2M)
220 return -EINVAL;
221
222 if (!(le32_to_cpu(rxd[1]) & MT_RXD1_NORMAL_GROUP_4))
223 return -EINVAL;
224
225 if (!msta || !msta->vif)
226 return -EINVAL;
227
228 sta = container_of((void *)msta, struct ieee80211_sta, drv_priv);
229 vif = container_of((void *)msta->vif, struct ieee80211_vif, drv_priv);
230
231 /* store the info from RXD and ethhdr to avoid being overridden */
232 frame_control = le32_get_bits(rxd[8], MT_RXD8_FRAME_CONTROL);
233 hdr.frame_control = cpu_to_le16(frame_control);
234 hdr.seq_ctrl = cpu_to_le16(le32_get_bits(rxd[10], MT_RXD10_SEQ_CTRL));
235 hdr.duration_id = 0;
236
237 ether_addr_copy(hdr.addr1, vif->addr);
238 ether_addr_copy(hdr.addr2, sta->addr);
239 switch (frame_control & (IEEE80211_FCTL_TODS |
240 IEEE80211_FCTL_FROMDS)) {
241 case 0:
242 ether_addr_copy(hdr.addr3, vif->bss_conf.bssid);
243 break;
244 case IEEE80211_FCTL_FROMDS:
245 ether_addr_copy(hdr.addr3, eth_hdr->h_source);
246 break;
247 case IEEE80211_FCTL_TODS:
248 ether_addr_copy(hdr.addr3, eth_hdr->h_dest);
249 break;
250 case IEEE80211_FCTL_TODS | IEEE80211_FCTL_FROMDS:
251 ether_addr_copy(hdr.addr3, eth_hdr->h_dest);
252 ether_addr_copy(hdr.addr4, eth_hdr->h_source);
253 break;
254 default:
255 return -EINVAL;
256 }
257
258 skb_pull(skb, hdr_gap + sizeof(struct ethhdr) - 2);
259 if (eth_hdr->h_proto == cpu_to_be16(ETH_P_AARP) ||
260 eth_hdr->h_proto == cpu_to_be16(ETH_P_IPX))
261 ether_addr_copy(skb_push(skb, ETH_ALEN), bridge_tunnel_header);
262 else if (be16_to_cpu(eth_hdr->h_proto) >= ETH_P_802_3_MIN)
263 ether_addr_copy(skb_push(skb, ETH_ALEN), rfc1042_header);
264 else
265 skb_pull(skb, 2);
266
267 if (ieee80211_has_order(hdr.frame_control))
268 memcpy(skb_push(skb, IEEE80211_HT_CTL_LEN), &rxd[11],
269 IEEE80211_HT_CTL_LEN);
270 if (ieee80211_is_data_qos(hdr.frame_control)) {
271 __le16 qos_ctrl;
272
273 qos_ctrl = cpu_to_le16(le32_get_bits(rxd[10], MT_RXD10_QOS_CTL));
274 memcpy(skb_push(skb, IEEE80211_QOS_CTL_LEN), &qos_ctrl,
275 IEEE80211_QOS_CTL_LEN);
276 }
277
278 if (ieee80211_has_a4(hdr.frame_control))
279 memcpy(skb_push(skb, sizeof(hdr)), &hdr, sizeof(hdr));
280 else
281 memcpy(skb_push(skb, sizeof(hdr) - 6), &hdr, sizeof(hdr) - 6);
282
283 return 0;
284 }
285
286 static int
mt7996_mac_fill_rx_rate(struct mt7996_dev * dev,struct mt76_rx_status * status,struct ieee80211_supported_band * sband,__le32 * rxv,u8 * mode)287 mt7996_mac_fill_rx_rate(struct mt7996_dev *dev,
288 struct mt76_rx_status *status,
289 struct ieee80211_supported_band *sband,
290 __le32 *rxv, u8 *mode)
291 {
292 u32 v0, v2;
293 u8 stbc, gi, bw, dcm, nss;
294 int i, idx;
295 bool cck = false;
296
297 v0 = le32_to_cpu(rxv[0]);
298 v2 = le32_to_cpu(rxv[2]);
299
300 idx = FIELD_GET(MT_PRXV_TX_RATE, v0);
301 i = idx;
302 nss = FIELD_GET(MT_PRXV_NSTS, v0) + 1;
303
304 stbc = FIELD_GET(MT_PRXV_HT_STBC, v2);
305 gi = FIELD_GET(MT_PRXV_HT_SHORT_GI, v2);
306 *mode = FIELD_GET(MT_PRXV_TX_MODE, v2);
307 dcm = FIELD_GET(MT_PRXV_DCM, v2);
308 bw = FIELD_GET(MT_PRXV_FRAME_MODE, v2);
309
310 switch (*mode) {
311 case MT_PHY_TYPE_CCK:
312 cck = true;
313 fallthrough;
314 case MT_PHY_TYPE_OFDM:
315 i = mt76_get_rate(&dev->mt76, sband, i, cck);
316 break;
317 case MT_PHY_TYPE_HT_GF:
318 case MT_PHY_TYPE_HT:
319 status->encoding = RX_ENC_HT;
320 if (gi)
321 status->enc_flags |= RX_ENC_FLAG_SHORT_GI;
322 if (i > 31)
323 return -EINVAL;
324 break;
325 case MT_PHY_TYPE_VHT:
326 status->nss = nss;
327 status->encoding = RX_ENC_VHT;
328 if (gi)
329 status->enc_flags |= RX_ENC_FLAG_SHORT_GI;
330 if (i > 11)
331 return -EINVAL;
332 break;
333 case MT_PHY_TYPE_HE_MU:
334 case MT_PHY_TYPE_HE_SU:
335 case MT_PHY_TYPE_HE_EXT_SU:
336 case MT_PHY_TYPE_HE_TB:
337 status->nss = nss;
338 status->encoding = RX_ENC_HE;
339 i &= GENMASK(3, 0);
340
341 if (gi <= NL80211_RATE_INFO_HE_GI_3_2)
342 status->he_gi = gi;
343
344 status->he_dcm = dcm;
345 break;
346 case MT_PHY_TYPE_EHT_SU:
347 case MT_PHY_TYPE_EHT_TRIG:
348 case MT_PHY_TYPE_EHT_MU:
349 status->nss = nss;
350 status->encoding = RX_ENC_EHT;
351 i &= GENMASK(3, 0);
352
353 if (gi <= NL80211_RATE_INFO_EHT_GI_3_2)
354 status->eht.gi = gi;
355 break;
356 default:
357 return -EINVAL;
358 }
359 status->rate_idx = i;
360
361 switch (bw) {
362 case IEEE80211_STA_RX_BW_20:
363 break;
364 case IEEE80211_STA_RX_BW_40:
365 if (*mode & MT_PHY_TYPE_HE_EXT_SU &&
366 (idx & MT_PRXV_TX_ER_SU_106T)) {
367 status->bw = RATE_INFO_BW_HE_RU;
368 status->he_ru =
369 NL80211_RATE_INFO_HE_RU_ALLOC_106;
370 } else {
371 status->bw = RATE_INFO_BW_40;
372 }
373 break;
374 case IEEE80211_STA_RX_BW_80:
375 status->bw = RATE_INFO_BW_80;
376 break;
377 case IEEE80211_STA_RX_BW_160:
378 status->bw = RATE_INFO_BW_160;
379 break;
380 /* rxv reports bw 320-1 and 320-2 separately */
381 case IEEE80211_STA_RX_BW_320:
382 case IEEE80211_STA_RX_BW_320 + 1:
383 status->bw = RATE_INFO_BW_320;
384 break;
385 default:
386 return -EINVAL;
387 }
388
389 status->enc_flags |= RX_ENC_FLAG_STBC_MASK * stbc;
390 if (*mode < MT_PHY_TYPE_HE_SU && gi)
391 status->enc_flags |= RX_ENC_FLAG_SHORT_GI;
392
393 return 0;
394 }
395
396 static void
mt7996_wed_check_ppe(struct mt7996_dev * dev,struct mt76_queue * q,struct mt7996_sta * msta,struct sk_buff * skb,u32 info)397 mt7996_wed_check_ppe(struct mt7996_dev *dev, struct mt76_queue *q,
398 struct mt7996_sta *msta, struct sk_buff *skb,
399 u32 info)
400 {
401 struct ieee80211_vif *vif;
402 struct wireless_dev *wdev;
403
404 if (!msta || !msta->vif)
405 return;
406
407 if (!mt76_queue_is_wed_rx(q))
408 return;
409
410 if (!(info & MT_DMA_INFO_PPE_VLD))
411 return;
412
413 vif = container_of((void *)msta->vif, struct ieee80211_vif,
414 drv_priv);
415 wdev = ieee80211_vif_to_wdev(vif);
416 skb->dev = wdev->netdev;
417
418 mtk_wed_device_ppe_check(&dev->mt76.mmio.wed, skb,
419 FIELD_GET(MT_DMA_PPE_CPU_REASON, info),
420 FIELD_GET(MT_DMA_PPE_ENTRY, info));
421 }
422
423 static int
mt7996_mac_fill_rx(struct mt7996_dev * dev,enum mt76_rxq_id q,struct sk_buff * skb,u32 * info)424 mt7996_mac_fill_rx(struct mt7996_dev *dev, enum mt76_rxq_id q,
425 struct sk_buff *skb, u32 *info)
426 {
427 struct mt76_rx_status *status = (struct mt76_rx_status *)skb->cb;
428 struct mt76_phy *mphy = &dev->mt76.phy;
429 struct mt7996_phy *phy = &dev->phy;
430 struct ieee80211_supported_band *sband;
431 __le32 *rxd = (__le32 *)skb->data;
432 __le32 *rxv = NULL;
433 u32 rxd0 = le32_to_cpu(rxd[0]);
434 u32 rxd1 = le32_to_cpu(rxd[1]);
435 u32 rxd2 = le32_to_cpu(rxd[2]);
436 u32 rxd3 = le32_to_cpu(rxd[3]);
437 u32 rxd4 = le32_to_cpu(rxd[4]);
438 u32 csum_mask = MT_RXD3_NORMAL_IP_SUM | MT_RXD3_NORMAL_UDP_TCP_SUM;
439 u32 csum_status = *(u32 *)skb->cb;
440 u32 mesh_mask = MT_RXD0_MESH | MT_RXD0_MHCP;
441 bool is_mesh = (rxd0 & mesh_mask) == mesh_mask;
442 bool unicast, insert_ccmp_hdr = false;
443 u8 remove_pad, amsdu_info, band_idx;
444 u8 mode = 0, qos_ctl = 0;
445 bool hdr_trans;
446 u16 hdr_gap;
447 u16 seq_ctrl = 0;
448 __le16 fc = 0;
449 int idx;
450 u8 hw_aggr = false;
451 struct mt7996_sta *msta = NULL;
452
453 hw_aggr = status->aggr;
454 memset(status, 0, sizeof(*status));
455
456 band_idx = FIELD_GET(MT_RXD1_NORMAL_BAND_IDX, rxd1);
457 mphy = dev->mt76.phys[band_idx];
458 phy = mphy->priv;
459 status->phy_idx = mphy->band_idx;
460
461 if (!test_bit(MT76_STATE_RUNNING, &mphy->state))
462 return -EINVAL;
463
464 if (rxd2 & MT_RXD2_NORMAL_AMSDU_ERR)
465 return -EINVAL;
466
467 hdr_trans = rxd2 & MT_RXD2_NORMAL_HDR_TRANS;
468 if (hdr_trans && (rxd1 & MT_RXD1_NORMAL_CM))
469 return -EINVAL;
470
471 /* ICV error or CCMP/BIP/WPI MIC error */
472 if (rxd1 & MT_RXD1_NORMAL_ICV_ERR)
473 status->flag |= RX_FLAG_ONLY_MONITOR;
474
475 unicast = FIELD_GET(MT_RXD3_NORMAL_ADDR_TYPE, rxd3) == MT_RXD3_NORMAL_U2M;
476 idx = FIELD_GET(MT_RXD1_NORMAL_WLAN_IDX, rxd1);
477 status->wcid = mt7996_rx_get_wcid(dev, idx, unicast);
478
479 if (status->wcid) {
480 msta = container_of(status->wcid, struct mt7996_sta, wcid);
481 mt76_wcid_add_poll(&dev->mt76, &msta->wcid);
482 }
483
484 status->freq = mphy->chandef.chan->center_freq;
485 status->band = mphy->chandef.chan->band;
486 if (status->band == NL80211_BAND_5GHZ)
487 sband = &mphy->sband_5g.sband;
488 else if (status->band == NL80211_BAND_6GHZ)
489 sband = &mphy->sband_6g.sband;
490 else
491 sband = &mphy->sband_2g.sband;
492
493 if (!sband->channels)
494 return -EINVAL;
495
496 if ((rxd3 & csum_mask) == csum_mask &&
497 !(csum_status & (BIT(0) | BIT(2) | BIT(3))))
498 skb->ip_summed = CHECKSUM_UNNECESSARY;
499
500 if (rxd1 & MT_RXD3_NORMAL_FCS_ERR)
501 status->flag |= RX_FLAG_FAILED_FCS_CRC;
502
503 if (rxd1 & MT_RXD1_NORMAL_TKIP_MIC_ERR)
504 status->flag |= RX_FLAG_MMIC_ERROR;
505
506 if (FIELD_GET(MT_RXD2_NORMAL_SEC_MODE, rxd2) != 0 &&
507 !(rxd1 & (MT_RXD1_NORMAL_CLM | MT_RXD1_NORMAL_CM))) {
508 status->flag |= RX_FLAG_DECRYPTED;
509 status->flag |= RX_FLAG_IV_STRIPPED;
510 status->flag |= RX_FLAG_MMIC_STRIPPED | RX_FLAG_MIC_STRIPPED;
511 }
512
513 remove_pad = FIELD_GET(MT_RXD2_NORMAL_HDR_OFFSET, rxd2);
514
515 if (rxd2 & MT_RXD2_NORMAL_MAX_LEN_ERROR)
516 return -EINVAL;
517
518 rxd += 8;
519 if (rxd1 & MT_RXD1_NORMAL_GROUP_4) {
520 u32 v0 = le32_to_cpu(rxd[0]);
521 u32 v2 = le32_to_cpu(rxd[2]);
522
523 fc = cpu_to_le16(FIELD_GET(MT_RXD8_FRAME_CONTROL, v0));
524 qos_ctl = FIELD_GET(MT_RXD10_QOS_CTL, v2);
525 seq_ctrl = FIELD_GET(MT_RXD10_SEQ_CTRL, v2);
526
527 rxd += 4;
528 if ((u8 *)rxd - skb->data >= skb->len)
529 return -EINVAL;
530 }
531
532 if (rxd1 & MT_RXD1_NORMAL_GROUP_1) {
533 u8 *data = (u8 *)rxd;
534
535 if (status->flag & RX_FLAG_DECRYPTED) {
536 switch (FIELD_GET(MT_RXD2_NORMAL_SEC_MODE, rxd2)) {
537 case MT_CIPHER_AES_CCMP:
538 case MT_CIPHER_CCMP_CCX:
539 case MT_CIPHER_CCMP_256:
540 insert_ccmp_hdr =
541 FIELD_GET(MT_RXD2_NORMAL_FRAG, rxd2);
542 fallthrough;
543 case MT_CIPHER_TKIP:
544 case MT_CIPHER_TKIP_NO_MIC:
545 case MT_CIPHER_GCMP:
546 case MT_CIPHER_GCMP_256:
547 status->iv[0] = data[5];
548 status->iv[1] = data[4];
549 status->iv[2] = data[3];
550 status->iv[3] = data[2];
551 status->iv[4] = data[1];
552 status->iv[5] = data[0];
553 break;
554 default:
555 break;
556 }
557 }
558 rxd += 4;
559 if ((u8 *)rxd - skb->data >= skb->len)
560 return -EINVAL;
561 }
562
563 if (rxd1 & MT_RXD1_NORMAL_GROUP_2) {
564 status->timestamp = le32_to_cpu(rxd[0]);
565 status->flag |= RX_FLAG_MACTIME_START;
566
567 if (!(rxd2 & MT_RXD2_NORMAL_NON_AMPDU)) {
568 status->flag |= RX_FLAG_AMPDU_DETAILS;
569
570 /* all subframes of an A-MPDU have the same timestamp */
571 if (phy->rx_ampdu_ts != status->timestamp) {
572 if (!++phy->ampdu_ref)
573 phy->ampdu_ref++;
574 }
575 phy->rx_ampdu_ts = status->timestamp;
576
577 status->ampdu_ref = phy->ampdu_ref;
578 }
579
580 rxd += 4;
581 if ((u8 *)rxd - skb->data >= skb->len)
582 return -EINVAL;
583 }
584
585 /* RXD Group 3 - P-RXV */
586 if (rxd1 & MT_RXD1_NORMAL_GROUP_3) {
587 u32 v3;
588 int ret;
589
590 rxv = rxd;
591 rxd += 4;
592 if ((u8 *)rxd - skb->data >= skb->len)
593 return -EINVAL;
594
595 v3 = le32_to_cpu(rxv[3]);
596
597 status->chains = mphy->antenna_mask;
598 status->chain_signal[0] = to_rssi(MT_PRXV_RCPI0, v3);
599 status->chain_signal[1] = to_rssi(MT_PRXV_RCPI1, v3);
600 status->chain_signal[2] = to_rssi(MT_PRXV_RCPI2, v3);
601 status->chain_signal[3] = to_rssi(MT_PRXV_RCPI3, v3);
602
603 /* RXD Group 5 - C-RXV */
604 if (rxd1 & MT_RXD1_NORMAL_GROUP_5) {
605 rxd += 24;
606 if ((u8 *)rxd - skb->data >= skb->len)
607 return -EINVAL;
608 }
609
610 ret = mt7996_mac_fill_rx_rate(dev, status, sband, rxv, &mode);
611 if (ret < 0)
612 return ret;
613 }
614
615 amsdu_info = FIELD_GET(MT_RXD4_NORMAL_PAYLOAD_FORMAT, rxd4);
616 status->amsdu = !!amsdu_info;
617 if (status->amsdu) {
618 status->first_amsdu = amsdu_info == MT_RXD4_FIRST_AMSDU_FRAME;
619 status->last_amsdu = amsdu_info == MT_RXD4_LAST_AMSDU_FRAME;
620 }
621
622 hdr_gap = (u8 *)rxd - skb->data + 2 * remove_pad;
623 if (hdr_trans && ieee80211_has_morefrags(fc)) {
624 if (mt7996_reverse_frag0_hdr_trans(skb, hdr_gap))
625 return -EINVAL;
626 hdr_trans = false;
627 } else {
628 int pad_start = 0;
629
630 skb_pull(skb, hdr_gap);
631 if (!hdr_trans && status->amsdu && !(ieee80211_has_a4(fc) && is_mesh)) {
632 pad_start = ieee80211_get_hdrlen_from_skb(skb);
633 } else if (hdr_trans && (rxd2 & MT_RXD2_NORMAL_HDR_TRANS_ERROR)) {
634 /* When header translation failure is indicated,
635 * the hardware will insert an extra 2-byte field
636 * containing the data length after the protocol
637 * type field. This happens either when the LLC-SNAP
638 * pattern did not match, or if a VLAN header was
639 * detected.
640 */
641 pad_start = 12;
642 if (get_unaligned_be16(skb->data + pad_start) == ETH_P_8021Q)
643 pad_start += 4;
644 else
645 pad_start = 0;
646 }
647
648 if (pad_start) {
649 memmove(skb->data + 2, skb->data, pad_start);
650 skb_pull(skb, 2);
651 }
652 }
653
654 if (!hdr_trans) {
655 struct ieee80211_hdr *hdr;
656
657 if (insert_ccmp_hdr) {
658 u8 key_id = FIELD_GET(MT_RXD1_NORMAL_KEY_ID, rxd1);
659
660 mt76_insert_ccmp_hdr(skb, key_id);
661 }
662
663 hdr = mt76_skb_get_hdr(skb);
664 fc = hdr->frame_control;
665 if (ieee80211_is_data_qos(fc)) {
666 u8 *qos = ieee80211_get_qos_ctl(hdr);
667
668 seq_ctrl = le16_to_cpu(hdr->seq_ctrl);
669 qos_ctl = *qos;
670
671 /* Mesh DA/SA/Length will be stripped after hardware
672 * de-amsdu, so here needs to clear amsdu present bit
673 * to mark it as a normal mesh frame.
674 */
675 if (ieee80211_has_a4(fc) && is_mesh && status->amsdu)
676 *qos &= ~IEEE80211_QOS_CTL_A_MSDU_PRESENT;
677 }
678 skb_set_mac_header(skb, (unsigned char *)hdr - skb->data);
679 } else {
680 status->flag |= RX_FLAG_8023;
681 mt7996_wed_check_ppe(dev, &dev->mt76.q_rx[q], msta, skb,
682 *info);
683 }
684
685 if (rxv && !(status->flag & RX_FLAG_8023)) {
686 switch (status->encoding) {
687 case RX_ENC_EHT:
688 mt76_connac3_mac_decode_eht_radiotap(skb, rxv, mode);
689 break;
690 case RX_ENC_HE:
691 mt76_connac3_mac_decode_he_radiotap(skb, rxv, mode);
692 break;
693 default:
694 break;
695 }
696 }
697
698 if (!status->wcid || !ieee80211_is_data_qos(fc) || hw_aggr)
699 return 0;
700
701 status->aggr = unicast &&
702 !ieee80211_is_qos_nullfunc(fc);
703 status->qos_ctl = qos_ctl;
704 status->seqno = IEEE80211_SEQ_TO_SN(seq_ctrl);
705
706 return 0;
707 }
708
709 static void
mt7996_mac_write_txwi_8023(struct mt7996_dev * dev,__le32 * txwi,struct sk_buff * skb,struct mt76_wcid * wcid)710 mt7996_mac_write_txwi_8023(struct mt7996_dev *dev, __le32 *txwi,
711 struct sk_buff *skb, struct mt76_wcid *wcid)
712 {
713 u8 tid = skb->priority & IEEE80211_QOS_CTL_TID_MASK;
714 u8 fc_type, fc_stype;
715 u16 ethertype;
716 bool wmm = false;
717 u32 val;
718
719 if (wcid->sta) {
720 struct ieee80211_sta *sta;
721
722 sta = container_of((void *)wcid, struct ieee80211_sta, drv_priv);
723 wmm = sta->wme;
724 }
725
726 val = FIELD_PREP(MT_TXD1_HDR_FORMAT, MT_HDR_FORMAT_802_3) |
727 FIELD_PREP(MT_TXD1_TID, tid);
728
729 ethertype = get_unaligned_be16(&skb->data[12]);
730 if (ethertype >= ETH_P_802_3_MIN)
731 val |= MT_TXD1_ETH_802_3;
732
733 txwi[1] |= cpu_to_le32(val);
734
735 fc_type = IEEE80211_FTYPE_DATA >> 2;
736 fc_stype = wmm ? IEEE80211_STYPE_QOS_DATA >> 4 : 0;
737
738 val = FIELD_PREP(MT_TXD2_FRAME_TYPE, fc_type) |
739 FIELD_PREP(MT_TXD2_SUB_TYPE, fc_stype);
740
741 txwi[2] |= cpu_to_le32(val);
742
743 if (wcid->amsdu)
744 txwi[3] |= cpu_to_le32(MT_TXD3_HW_AMSDU);
745 }
746
747 static void
mt7996_mac_write_txwi_80211(struct mt7996_dev * dev,__le32 * txwi,struct sk_buff * skb,struct ieee80211_key_conf * key)748 mt7996_mac_write_txwi_80211(struct mt7996_dev *dev, __le32 *txwi,
749 struct sk_buff *skb, struct ieee80211_key_conf *key)
750 {
751 struct ieee80211_hdr *hdr = (struct ieee80211_hdr *)skb->data;
752 struct ieee80211_mgmt *mgmt = (struct ieee80211_mgmt *)skb->data;
753 struct ieee80211_tx_info *info = IEEE80211_SKB_CB(skb);
754 bool multicast = is_multicast_ether_addr(hdr->addr1);
755 u8 tid = skb->priority & IEEE80211_QOS_CTL_TID_MASK;
756 __le16 fc = hdr->frame_control, sc = hdr->seq_ctrl;
757 u8 fc_type, fc_stype;
758 u32 val;
759
760 if (ieee80211_is_action(fc) &&
761 mgmt->u.action.category == WLAN_CATEGORY_BACK &&
762 mgmt->u.action.u.addba_req.action_code == WLAN_ACTION_ADDBA_REQ)
763 tid = MT_TX_ADDBA;
764 else if (ieee80211_is_mgmt(hdr->frame_control))
765 tid = MT_TX_NORMAL;
766
767 val = FIELD_PREP(MT_TXD1_HDR_FORMAT, MT_HDR_FORMAT_802_11) |
768 FIELD_PREP(MT_TXD1_HDR_INFO,
769 ieee80211_get_hdrlen_from_skb(skb) / 2) |
770 FIELD_PREP(MT_TXD1_TID, tid);
771
772 if (!ieee80211_is_data(fc) || multicast ||
773 info->flags & IEEE80211_TX_CTL_USE_MINRATE)
774 val |= MT_TXD1_FIXED_RATE;
775
776 if (key && multicast && ieee80211_is_robust_mgmt_frame(skb) &&
777 key->cipher == WLAN_CIPHER_SUITE_AES_CMAC) {
778 val |= MT_TXD1_BIP;
779 txwi[3] &= ~cpu_to_le32(MT_TXD3_PROTECT_FRAME);
780 }
781
782 txwi[1] |= cpu_to_le32(val);
783
784 fc_type = (le16_to_cpu(fc) & IEEE80211_FCTL_FTYPE) >> 2;
785 fc_stype = (le16_to_cpu(fc) & IEEE80211_FCTL_STYPE) >> 4;
786
787 val = FIELD_PREP(MT_TXD2_FRAME_TYPE, fc_type) |
788 FIELD_PREP(MT_TXD2_SUB_TYPE, fc_stype);
789
790 if (ieee80211_has_morefrags(fc) && ieee80211_is_first_frag(sc))
791 val |= FIELD_PREP(MT_TXD2_FRAG, MT_TX_FRAG_FIRST);
792 else if (ieee80211_has_morefrags(fc) && !ieee80211_is_first_frag(sc))
793 val |= FIELD_PREP(MT_TXD2_FRAG, MT_TX_FRAG_MID);
794 else if (!ieee80211_has_morefrags(fc) && !ieee80211_is_first_frag(sc))
795 val |= FIELD_PREP(MT_TXD2_FRAG, MT_TX_FRAG_LAST);
796 else
797 val |= FIELD_PREP(MT_TXD2_FRAG, MT_TX_FRAG_NONE);
798
799 txwi[2] |= cpu_to_le32(val);
800
801 txwi[3] |= cpu_to_le32(FIELD_PREP(MT_TXD3_BCM, multicast));
802 if (ieee80211_is_beacon(fc)) {
803 txwi[3] &= ~cpu_to_le32(MT_TXD3_SW_POWER_MGMT);
804 txwi[3] |= cpu_to_le32(MT_TXD3_REM_TX_COUNT);
805 }
806
807 if (info->flags & IEEE80211_TX_CTL_INJECTED) {
808 u16 seqno = le16_to_cpu(sc);
809
810 if (ieee80211_is_back_req(hdr->frame_control)) {
811 struct ieee80211_bar *bar;
812
813 bar = (struct ieee80211_bar *)skb->data;
814 seqno = le16_to_cpu(bar->start_seq_num);
815 }
816
817 val = MT_TXD3_SN_VALID |
818 FIELD_PREP(MT_TXD3_SEQ, IEEE80211_SEQ_TO_SN(seqno));
819 txwi[3] |= cpu_to_le32(val);
820 txwi[3] &= ~cpu_to_le32(MT_TXD3_HW_AMSDU);
821 }
822 }
823
mt7996_mac_write_txwi(struct mt7996_dev * dev,__le32 * txwi,struct sk_buff * skb,struct mt76_wcid * wcid,struct ieee80211_key_conf * key,int pid,enum mt76_txq_id qid,u32 changed)824 void mt7996_mac_write_txwi(struct mt7996_dev *dev, __le32 *txwi,
825 struct sk_buff *skb, struct mt76_wcid *wcid,
826 struct ieee80211_key_conf *key, int pid,
827 enum mt76_txq_id qid, u32 changed)
828 {
829 struct ieee80211_hdr *hdr = (struct ieee80211_hdr *)skb->data;
830 struct ieee80211_tx_info *info = IEEE80211_SKB_CB(skb);
831 struct ieee80211_vif *vif = info->control.vif;
832 u8 band_idx = (info->hw_queue & MT_TX_HW_QUEUE_PHY) >> 2;
833 u8 p_fmt, q_idx, omac_idx = 0, wmm_idx = 0;
834 bool is_8023 = info->flags & IEEE80211_TX_CTL_HW_80211_ENCAP;
835 struct mt76_vif_link *mvif;
836 u16 tx_count = 15;
837 u32 val;
838 bool inband_disc = !!(changed & (BSS_CHANGED_UNSOL_BCAST_PROBE_RESP |
839 BSS_CHANGED_FILS_DISCOVERY));
840 bool beacon = !!(changed & (BSS_CHANGED_BEACON |
841 BSS_CHANGED_BEACON_ENABLED)) && (!inband_disc);
842
843 mvif = vif ? (struct mt76_vif_link *)vif->drv_priv : NULL;
844 if (mvif) {
845 omac_idx = mvif->omac_idx;
846 wmm_idx = mvif->wmm_idx;
847 band_idx = mvif->band_idx;
848 }
849
850 if (inband_disc) {
851 p_fmt = MT_TX_TYPE_FW;
852 q_idx = MT_LMAC_ALTX0;
853 } else if (beacon) {
854 p_fmt = MT_TX_TYPE_FW;
855 q_idx = MT_LMAC_BCN0;
856 } else if (qid >= MT_TXQ_PSD) {
857 p_fmt = MT_TX_TYPE_CT;
858 q_idx = MT_LMAC_ALTX0;
859 } else {
860 p_fmt = MT_TX_TYPE_CT;
861 q_idx = wmm_idx * MT7996_MAX_WMM_SETS +
862 mt76_connac_lmac_mapping(skb_get_queue_mapping(skb));
863 }
864
865 val = FIELD_PREP(MT_TXD0_TX_BYTES, skb->len + MT_TXD_SIZE) |
866 FIELD_PREP(MT_TXD0_PKT_FMT, p_fmt) |
867 FIELD_PREP(MT_TXD0_Q_IDX, q_idx);
868 txwi[0] = cpu_to_le32(val);
869
870 val = FIELD_PREP(MT_TXD1_WLAN_IDX, wcid->idx) |
871 FIELD_PREP(MT_TXD1_OWN_MAC, omac_idx);
872
873 if (band_idx)
874 val |= FIELD_PREP(MT_TXD1_TGID, band_idx);
875
876 txwi[1] = cpu_to_le32(val);
877 txwi[2] = 0;
878
879 val = MT_TXD3_SW_POWER_MGMT |
880 FIELD_PREP(MT_TXD3_REM_TX_COUNT, tx_count);
881 if (key)
882 val |= MT_TXD3_PROTECT_FRAME;
883 if (info->flags & IEEE80211_TX_CTL_NO_ACK)
884 val |= MT_TXD3_NO_ACK;
885
886 txwi[3] = cpu_to_le32(val);
887 txwi[4] = 0;
888
889 val = FIELD_PREP(MT_TXD5_PID, pid);
890 if (pid >= MT_PACKET_ID_FIRST)
891 val |= MT_TXD5_TX_STATUS_HOST;
892 txwi[5] = cpu_to_le32(val);
893
894 val = MT_TXD6_DIS_MAT | MT_TXD6_DAS;
895 if (is_mt7996(&dev->mt76))
896 val |= FIELD_PREP(MT_TXD6_MSDU_CNT, 1);
897 else if (is_8023 || !ieee80211_is_mgmt(hdr->frame_control))
898 val |= FIELD_PREP(MT_TXD6_MSDU_CNT_V2, 1);
899
900 txwi[6] = cpu_to_le32(val);
901 txwi[7] = 0;
902
903 if (is_8023)
904 mt7996_mac_write_txwi_8023(dev, txwi, skb, wcid);
905 else
906 mt7996_mac_write_txwi_80211(dev, txwi, skb, key);
907
908 if (txwi[1] & cpu_to_le32(MT_TXD1_FIXED_RATE)) {
909 bool mcast = ieee80211_is_data(hdr->frame_control) &&
910 is_multicast_ether_addr(hdr->addr1);
911 u8 idx = MT7996_BASIC_RATES_TBL;
912
913 if (mvif) {
914 if (mcast && mvif->mcast_rates_idx)
915 idx = mvif->mcast_rates_idx;
916 else if (beacon && mvif->beacon_rates_idx)
917 idx = mvif->beacon_rates_idx;
918 else
919 idx = mvif->basic_rates_idx;
920 }
921
922 val = FIELD_PREP(MT_TXD6_TX_RATE, idx) | MT_TXD6_FIXED_BW;
923 txwi[6] |= cpu_to_le32(val);
924 txwi[3] |= cpu_to_le32(MT_TXD3_BA_DISABLE);
925 }
926 }
927
mt7996_tx_prepare_skb(struct mt76_dev * mdev,void * txwi_ptr,enum mt76_txq_id qid,struct mt76_wcid * wcid,struct ieee80211_sta * sta,struct mt76_tx_info * tx_info)928 int mt7996_tx_prepare_skb(struct mt76_dev *mdev, void *txwi_ptr,
929 enum mt76_txq_id qid, struct mt76_wcid *wcid,
930 struct ieee80211_sta *sta,
931 struct mt76_tx_info *tx_info)
932 {
933 struct ieee80211_hdr *hdr = (struct ieee80211_hdr *)tx_info->skb->data;
934 struct mt7996_dev *dev = container_of(mdev, struct mt7996_dev, mt76);
935 struct ieee80211_tx_info *info = IEEE80211_SKB_CB(tx_info->skb);
936 struct ieee80211_key_conf *key = info->control.hw_key;
937 struct ieee80211_vif *vif = info->control.vif;
938 struct mt76_connac_txp_common *txp;
939 struct mt76_txwi_cache *t;
940 int id, i, pid, nbuf = tx_info->nbuf - 1;
941 bool is_8023 = info->flags & IEEE80211_TX_CTL_HW_80211_ENCAP;
942 u8 *txwi = (u8 *)txwi_ptr;
943
944 if (unlikely(tx_info->skb->len <= ETH_HLEN))
945 return -EINVAL;
946
947 if (!wcid)
948 wcid = &dev->mt76.global_wcid;
949
950 t = (struct mt76_txwi_cache *)(txwi + mdev->drv->txwi_size);
951 t->skb = tx_info->skb;
952
953 id = mt76_token_consume(mdev, &t);
954 if (id < 0)
955 return id;
956
957 pid = mt76_tx_status_skb_add(mdev, wcid, tx_info->skb);
958 mt7996_mac_write_txwi(dev, txwi_ptr, tx_info->skb, wcid, key,
959 pid, qid, 0);
960
961 txp = (struct mt76_connac_txp_common *)(txwi + MT_TXD_SIZE);
962 for (i = 0; i < nbuf; i++) {
963 u16 len;
964
965 len = FIELD_PREP(MT_TXP_BUF_LEN, tx_info->buf[i + 1].len);
966 #ifdef CONFIG_ARCH_DMA_ADDR_T_64BIT
967 len |= FIELD_PREP(MT_TXP_DMA_ADDR_H,
968 tx_info->buf[i + 1].addr >> 32);
969 #endif
970
971 txp->fw.buf[i] = cpu_to_le32(tx_info->buf[i + 1].addr);
972 txp->fw.len[i] = cpu_to_le16(len);
973 }
974 txp->fw.nbuf = nbuf;
975
976 txp->fw.flags =
977 cpu_to_le16(MT_CT_INFO_FROM_HOST | MT_CT_INFO_APPLY_TXD);
978
979 if (!key)
980 txp->fw.flags |= cpu_to_le16(MT_CT_INFO_NONE_CIPHER_FRAME);
981
982 if (!is_8023 && ieee80211_is_mgmt(hdr->frame_control))
983 txp->fw.flags |= cpu_to_le16(MT_CT_INFO_MGMT_FRAME);
984
985 if (vif) {
986 struct mt7996_vif *mvif = (struct mt7996_vif *)vif->drv_priv;
987
988 txp->fw.bss_idx = mvif->deflink.mt76.idx;
989 }
990
991 txp->fw.token = cpu_to_le16(id);
992 txp->fw.rept_wds_wcid = cpu_to_le16(sta ? wcid->idx : 0xfff);
993
994 tx_info->skb = NULL;
995
996 /* pass partial skb header to fw */
997 tx_info->buf[1].len = MT_CT_PARSE_LEN;
998 tx_info->buf[1].skip_unmap = true;
999 tx_info->nbuf = MT_CT_DMA_BUF_NUM;
1000
1001 return 0;
1002 }
1003
mt7996_wed_init_buf(void * ptr,dma_addr_t phys,int token_id)1004 u32 mt7996_wed_init_buf(void *ptr, dma_addr_t phys, int token_id)
1005 {
1006 struct mt76_connac_fw_txp *txp = ptr + MT_TXD_SIZE;
1007 __le32 *txwi = ptr;
1008 u32 val;
1009
1010 memset(ptr, 0, MT_TXD_SIZE + sizeof(*txp));
1011
1012 val = FIELD_PREP(MT_TXD0_TX_BYTES, MT_TXD_SIZE) |
1013 FIELD_PREP(MT_TXD0_PKT_FMT, MT_TX_TYPE_CT);
1014 txwi[0] = cpu_to_le32(val);
1015
1016 val = BIT(31) |
1017 FIELD_PREP(MT_TXD1_HDR_FORMAT, MT_HDR_FORMAT_802_3);
1018 txwi[1] = cpu_to_le32(val);
1019
1020 txp->token = cpu_to_le16(token_id);
1021 txp->nbuf = 1;
1022 txp->buf[0] = cpu_to_le32(phys + MT_TXD_SIZE + sizeof(*txp));
1023
1024 return MT_TXD_SIZE + sizeof(*txp);
1025 }
1026
1027 static void
mt7996_tx_check_aggr(struct ieee80211_sta * sta,struct sk_buff * skb)1028 mt7996_tx_check_aggr(struct ieee80211_sta *sta, struct sk_buff *skb)
1029 {
1030 struct mt7996_sta *msta;
1031 struct ieee80211_tx_info *info = IEEE80211_SKB_CB(skb);
1032 bool is_8023 = info->flags & IEEE80211_TX_CTL_HW_80211_ENCAP;
1033 u16 fc, tid;
1034
1035 if (!sta || !(sta->deflink.ht_cap.ht_supported || sta->deflink.he_cap.has_he))
1036 return;
1037
1038 tid = skb->priority & IEEE80211_QOS_CTL_TID_MASK;
1039 if (tid >= 6) /* skip VO queue */
1040 return;
1041
1042 if (is_8023) {
1043 fc = IEEE80211_FTYPE_DATA |
1044 (sta->wme ? IEEE80211_STYPE_QOS_DATA : IEEE80211_STYPE_DATA);
1045 } else {
1046 /* No need to get precise TID for Action/Management Frame,
1047 * since it will not meet the following Frame Control
1048 * condition anyway.
1049 */
1050
1051 struct ieee80211_hdr *hdr = (struct ieee80211_hdr *)skb->data;
1052
1053 fc = le16_to_cpu(hdr->frame_control) &
1054 (IEEE80211_FCTL_FTYPE | IEEE80211_FCTL_STYPE);
1055 }
1056
1057 if (unlikely(fc != (IEEE80211_FTYPE_DATA | IEEE80211_STYPE_QOS_DATA)))
1058 return;
1059
1060 msta = (struct mt7996_sta *)sta->drv_priv;
1061 if (!test_and_set_bit(tid, &msta->wcid.ampdu_state))
1062 ieee80211_start_tx_ba_session(sta, tid, 0);
1063 }
1064
1065 static void
mt7996_txwi_free(struct mt7996_dev * dev,struct mt76_txwi_cache * t,struct ieee80211_sta * sta,struct list_head * free_list)1066 mt7996_txwi_free(struct mt7996_dev *dev, struct mt76_txwi_cache *t,
1067 struct ieee80211_sta *sta, struct list_head *free_list)
1068 {
1069 struct mt76_dev *mdev = &dev->mt76;
1070 struct mt76_wcid *wcid;
1071 __le32 *txwi;
1072 u16 wcid_idx;
1073
1074 mt76_connac_txp_skb_unmap(mdev, t);
1075 if (!t->skb)
1076 goto out;
1077
1078 txwi = (__le32 *)mt76_get_txwi_ptr(mdev, t);
1079 if (sta) {
1080 wcid = (struct mt76_wcid *)sta->drv_priv;
1081 wcid_idx = wcid->idx;
1082
1083 if (likely(t->skb->protocol != cpu_to_be16(ETH_P_PAE)))
1084 mt7996_tx_check_aggr(sta, t->skb);
1085 } else {
1086 wcid_idx = le32_get_bits(txwi[9], MT_TXD9_WLAN_IDX);
1087 }
1088
1089 __mt76_tx_complete_skb(mdev, wcid_idx, t->skb, free_list);
1090
1091 out:
1092 t->skb = NULL;
1093 mt76_put_txwi(mdev, t);
1094 }
1095
1096 static void
mt7996_mac_tx_free(struct mt7996_dev * dev,void * data,int len)1097 mt7996_mac_tx_free(struct mt7996_dev *dev, void *data, int len)
1098 {
1099 __le32 *tx_free = (__le32 *)data, *cur_info;
1100 struct mt76_dev *mdev = &dev->mt76;
1101 struct mt76_phy *phy2 = mdev->phys[MT_BAND1];
1102 struct mt76_phy *phy3 = mdev->phys[MT_BAND2];
1103 struct mt76_txwi_cache *txwi;
1104 struct ieee80211_sta *sta = NULL;
1105 struct mt76_wcid *wcid = NULL;
1106 LIST_HEAD(free_list);
1107 struct sk_buff *skb, *tmp;
1108 void *end = data + len;
1109 bool wake = false;
1110 u16 total, count = 0;
1111
1112 /* clean DMA queues and unmap buffers first */
1113 mt76_queue_tx_cleanup(dev, dev->mphy.q_tx[MT_TXQ_PSD], false);
1114 mt76_queue_tx_cleanup(dev, dev->mphy.q_tx[MT_TXQ_BE], false);
1115 if (phy2) {
1116 mt76_queue_tx_cleanup(dev, phy2->q_tx[MT_TXQ_PSD], false);
1117 mt76_queue_tx_cleanup(dev, phy2->q_tx[MT_TXQ_BE], false);
1118 }
1119 if (phy3) {
1120 mt76_queue_tx_cleanup(dev, phy3->q_tx[MT_TXQ_PSD], false);
1121 mt76_queue_tx_cleanup(dev, phy3->q_tx[MT_TXQ_BE], false);
1122 }
1123
1124 if (WARN_ON_ONCE(le32_get_bits(tx_free[1], MT_TXFREE1_VER) < 5))
1125 return;
1126
1127 total = le32_get_bits(tx_free[0], MT_TXFREE0_MSDU_CNT);
1128 for (cur_info = &tx_free[2]; count < total; cur_info++) {
1129 u32 msdu, info;
1130 u8 i;
1131
1132 if (WARN_ON_ONCE((void *)cur_info >= end))
1133 return;
1134 /* 1'b1: new wcid pair.
1135 * 1'b0: msdu_id with the same 'wcid pair' as above.
1136 */
1137 info = le32_to_cpu(*cur_info);
1138 if (info & MT_TXFREE_INFO_PAIR) {
1139 struct mt7996_sta *msta;
1140 u16 idx;
1141
1142 idx = FIELD_GET(MT_TXFREE_INFO_WLAN_ID, info);
1143 wcid = rcu_dereference(dev->mt76.wcid[idx]);
1144 sta = wcid_to_sta(wcid);
1145 if (!sta)
1146 continue;
1147
1148 msta = container_of(wcid, struct mt7996_sta, wcid);
1149 mt76_wcid_add_poll(&dev->mt76, &msta->wcid);
1150 continue;
1151 } else if (info & MT_TXFREE_INFO_HEADER) {
1152 u32 tx_retries = 0, tx_failed = 0;
1153
1154 if (!wcid)
1155 continue;
1156
1157 tx_retries =
1158 FIELD_GET(MT_TXFREE_INFO_COUNT, info) - 1;
1159 tx_failed = tx_retries +
1160 !!FIELD_GET(MT_TXFREE_INFO_STAT, info);
1161
1162 wcid->stats.tx_retries += tx_retries;
1163 wcid->stats.tx_failed += tx_failed;
1164 continue;
1165 }
1166
1167 for (i = 0; i < 2; i++) {
1168 msdu = (info >> (15 * i)) & MT_TXFREE_INFO_MSDU_ID;
1169 if (msdu == MT_TXFREE_INFO_MSDU_ID)
1170 continue;
1171
1172 count++;
1173 txwi = mt76_token_release(mdev, msdu, &wake);
1174 if (!txwi)
1175 continue;
1176
1177 mt7996_txwi_free(dev, txwi, sta, &free_list);
1178 }
1179 }
1180
1181 mt7996_mac_sta_poll(dev);
1182
1183 if (wake)
1184 mt76_set_tx_blocked(&dev->mt76, false);
1185
1186 mt76_worker_schedule(&dev->mt76.tx_worker);
1187
1188 list_for_each_entry_safe(skb, tmp, &free_list, list) {
1189 skb_list_del_init(skb);
1190 napi_consume_skb(skb, 1);
1191 }
1192 }
1193
1194 static bool
mt7996_mac_add_txs_skb(struct mt7996_dev * dev,struct mt76_wcid * wcid,int pid,__le32 * txs_data)1195 mt7996_mac_add_txs_skb(struct mt7996_dev *dev, struct mt76_wcid *wcid,
1196 int pid, __le32 *txs_data)
1197 {
1198 struct mt76_sta_stats *stats = &wcid->stats;
1199 struct ieee80211_supported_band *sband;
1200 struct mt76_dev *mdev = &dev->mt76;
1201 struct mt76_phy *mphy;
1202 struct ieee80211_tx_info *info;
1203 struct sk_buff_head list;
1204 struct rate_info rate = {};
1205 struct sk_buff *skb = NULL;
1206 bool cck = false;
1207 u32 txrate, txs, mode, stbc;
1208
1209 txs = le32_to_cpu(txs_data[0]);
1210
1211 mt76_tx_status_lock(mdev, &list);
1212
1213 /* only report MPDU TXS */
1214 if (le32_get_bits(txs_data[0], MT_TXS0_TXS_FORMAT) == 0) {
1215 skb = mt76_tx_status_skb_get(mdev, wcid, pid, &list);
1216 if (skb) {
1217 info = IEEE80211_SKB_CB(skb);
1218 if (!(txs & MT_TXS0_ACK_ERROR_MASK))
1219 info->flags |= IEEE80211_TX_STAT_ACK;
1220
1221 info->status.ampdu_len = 1;
1222 info->status.ampdu_ack_len =
1223 !!(info->flags & IEEE80211_TX_STAT_ACK);
1224
1225 info->status.rates[0].idx = -1;
1226 }
1227 }
1228
1229 if (mtk_wed_device_active(&dev->mt76.mmio.wed) && wcid->sta) {
1230 struct ieee80211_sta *sta;
1231 u8 tid;
1232
1233 sta = container_of((void *)wcid, struct ieee80211_sta, drv_priv);
1234 tid = FIELD_GET(MT_TXS0_TID, txs);
1235 ieee80211_refresh_tx_agg_session_timer(sta, tid);
1236 }
1237
1238 txrate = FIELD_GET(MT_TXS0_TX_RATE, txs);
1239
1240 rate.mcs = FIELD_GET(MT_TX_RATE_IDX, txrate);
1241 rate.nss = FIELD_GET(MT_TX_RATE_NSS, txrate) + 1;
1242 stbc = le32_get_bits(txs_data[3], MT_TXS3_RATE_STBC);
1243
1244 if (stbc && rate.nss > 1)
1245 rate.nss >>= 1;
1246
1247 if (rate.nss - 1 < ARRAY_SIZE(stats->tx_nss))
1248 stats->tx_nss[rate.nss - 1]++;
1249 if (rate.mcs < ARRAY_SIZE(stats->tx_mcs))
1250 stats->tx_mcs[rate.mcs]++;
1251
1252 mode = FIELD_GET(MT_TX_RATE_MODE, txrate);
1253 switch (mode) {
1254 case MT_PHY_TYPE_CCK:
1255 cck = true;
1256 fallthrough;
1257 case MT_PHY_TYPE_OFDM:
1258 mphy = mt76_dev_phy(mdev, wcid->phy_idx);
1259
1260 if (mphy->chandef.chan->band == NL80211_BAND_5GHZ)
1261 sband = &mphy->sband_5g.sband;
1262 else if (mphy->chandef.chan->band == NL80211_BAND_6GHZ)
1263 sband = &mphy->sband_6g.sband;
1264 else
1265 sband = &mphy->sband_2g.sband;
1266
1267 rate.mcs = mt76_get_rate(mphy->dev, sband, rate.mcs, cck);
1268 rate.legacy = sband->bitrates[rate.mcs].bitrate;
1269 break;
1270 case MT_PHY_TYPE_HT:
1271 case MT_PHY_TYPE_HT_GF:
1272 if (rate.mcs > 31)
1273 goto out;
1274
1275 rate.flags = RATE_INFO_FLAGS_MCS;
1276 if (wcid->rate.flags & RATE_INFO_FLAGS_SHORT_GI)
1277 rate.flags |= RATE_INFO_FLAGS_SHORT_GI;
1278 break;
1279 case MT_PHY_TYPE_VHT:
1280 if (rate.mcs > 9)
1281 goto out;
1282
1283 rate.flags = RATE_INFO_FLAGS_VHT_MCS;
1284 if (wcid->rate.flags & RATE_INFO_FLAGS_SHORT_GI)
1285 rate.flags |= RATE_INFO_FLAGS_SHORT_GI;
1286 break;
1287 case MT_PHY_TYPE_HE_SU:
1288 case MT_PHY_TYPE_HE_EXT_SU:
1289 case MT_PHY_TYPE_HE_TB:
1290 case MT_PHY_TYPE_HE_MU:
1291 if (rate.mcs > 11)
1292 goto out;
1293
1294 rate.he_gi = wcid->rate.he_gi;
1295 rate.he_dcm = FIELD_GET(MT_TX_RATE_DCM, txrate);
1296 rate.flags = RATE_INFO_FLAGS_HE_MCS;
1297 break;
1298 case MT_PHY_TYPE_EHT_SU:
1299 case MT_PHY_TYPE_EHT_TRIG:
1300 case MT_PHY_TYPE_EHT_MU:
1301 if (rate.mcs > 13)
1302 goto out;
1303
1304 rate.eht_gi = wcid->rate.eht_gi;
1305 rate.flags = RATE_INFO_FLAGS_EHT_MCS;
1306 break;
1307 default:
1308 goto out;
1309 }
1310
1311 stats->tx_mode[mode]++;
1312
1313 switch (FIELD_GET(MT_TXS0_BW, txs)) {
1314 case IEEE80211_STA_RX_BW_320:
1315 rate.bw = RATE_INFO_BW_320;
1316 stats->tx_bw[4]++;
1317 break;
1318 case IEEE80211_STA_RX_BW_160:
1319 rate.bw = RATE_INFO_BW_160;
1320 stats->tx_bw[3]++;
1321 break;
1322 case IEEE80211_STA_RX_BW_80:
1323 rate.bw = RATE_INFO_BW_80;
1324 stats->tx_bw[2]++;
1325 break;
1326 case IEEE80211_STA_RX_BW_40:
1327 rate.bw = RATE_INFO_BW_40;
1328 stats->tx_bw[1]++;
1329 break;
1330 default:
1331 rate.bw = RATE_INFO_BW_20;
1332 stats->tx_bw[0]++;
1333 break;
1334 }
1335 wcid->rate = rate;
1336
1337 out:
1338 if (skb)
1339 mt76_tx_status_skb_done(mdev, skb, &list);
1340 mt76_tx_status_unlock(mdev, &list);
1341
1342 return !!skb;
1343 }
1344
mt7996_mac_add_txs(struct mt7996_dev * dev,void * data)1345 static void mt7996_mac_add_txs(struct mt7996_dev *dev, void *data)
1346 {
1347 struct mt7996_sta *msta = NULL;
1348 struct mt76_wcid *wcid;
1349 __le32 *txs_data = data;
1350 u16 wcidx;
1351 u8 pid;
1352
1353 wcidx = le32_get_bits(txs_data[2], MT_TXS2_WCID);
1354 pid = le32_get_bits(txs_data[3], MT_TXS3_PID);
1355
1356 if (pid < MT_PACKET_ID_NO_SKB)
1357 return;
1358
1359 if (wcidx >= mt7996_wtbl_size(dev))
1360 return;
1361
1362 rcu_read_lock();
1363
1364 wcid = rcu_dereference(dev->mt76.wcid[wcidx]);
1365 if (!wcid)
1366 goto out;
1367
1368 msta = container_of(wcid, struct mt7996_sta, wcid);
1369
1370 mt7996_mac_add_txs_skb(dev, wcid, pid, txs_data);
1371
1372 if (!wcid->sta)
1373 goto out;
1374
1375 mt76_wcid_add_poll(&dev->mt76, &msta->wcid);
1376
1377 out:
1378 rcu_read_unlock();
1379 }
1380
mt7996_rx_check(struct mt76_dev * mdev,void * data,int len)1381 bool mt7996_rx_check(struct mt76_dev *mdev, void *data, int len)
1382 {
1383 struct mt7996_dev *dev = container_of(mdev, struct mt7996_dev, mt76);
1384 __le32 *rxd = (__le32 *)data;
1385 __le32 *end = (__le32 *)&rxd[len / 4];
1386 enum rx_pkt_type type;
1387
1388 type = le32_get_bits(rxd[0], MT_RXD0_PKT_TYPE);
1389 if (type != PKT_TYPE_NORMAL) {
1390 u32 sw_type = le32_get_bits(rxd[0], MT_RXD0_SW_PKT_TYPE_MASK);
1391
1392 if (unlikely((sw_type & MT_RXD0_SW_PKT_TYPE_MAP) ==
1393 MT_RXD0_SW_PKT_TYPE_FRAME))
1394 return true;
1395 }
1396
1397 switch (type) {
1398 case PKT_TYPE_TXRX_NOTIFY:
1399 mt7996_mac_tx_free(dev, data, len);
1400 return false;
1401 case PKT_TYPE_TXS:
1402 for (rxd += 4; rxd + 8 <= end; rxd += 8)
1403 mt7996_mac_add_txs(dev, rxd);
1404 return false;
1405 case PKT_TYPE_RX_FW_MONITOR:
1406 mt7996_debugfs_rx_fw_monitor(dev, data, len);
1407 return false;
1408 default:
1409 return true;
1410 }
1411 }
1412
mt7996_queue_rx_skb(struct mt76_dev * mdev,enum mt76_rxq_id q,struct sk_buff * skb,u32 * info)1413 void mt7996_queue_rx_skb(struct mt76_dev *mdev, enum mt76_rxq_id q,
1414 struct sk_buff *skb, u32 *info)
1415 {
1416 struct mt7996_dev *dev = container_of(mdev, struct mt7996_dev, mt76);
1417 __le32 *rxd = (__le32 *)skb->data;
1418 __le32 *end = (__le32 *)&skb->data[skb->len];
1419 enum rx_pkt_type type;
1420
1421 type = le32_get_bits(rxd[0], MT_RXD0_PKT_TYPE);
1422 if (type != PKT_TYPE_NORMAL) {
1423 u32 sw_type = le32_get_bits(rxd[0], MT_RXD0_SW_PKT_TYPE_MASK);
1424
1425 if (unlikely((sw_type & MT_RXD0_SW_PKT_TYPE_MAP) ==
1426 MT_RXD0_SW_PKT_TYPE_FRAME))
1427 type = PKT_TYPE_NORMAL;
1428 }
1429
1430 switch (type) {
1431 case PKT_TYPE_TXRX_NOTIFY:
1432 if (mtk_wed_device_active(&dev->mt76.mmio.wed_hif2) &&
1433 q == MT_RXQ_TXFREE_BAND2) {
1434 dev_kfree_skb(skb);
1435 break;
1436 }
1437
1438 mt7996_mac_tx_free(dev, skb->data, skb->len);
1439 napi_consume_skb(skb, 1);
1440 break;
1441 case PKT_TYPE_RX_EVENT:
1442 mt7996_mcu_rx_event(dev, skb);
1443 break;
1444 case PKT_TYPE_TXS:
1445 for (rxd += 4; rxd + 8 <= end; rxd += 8)
1446 mt7996_mac_add_txs(dev, rxd);
1447 dev_kfree_skb(skb);
1448 break;
1449 case PKT_TYPE_RX_FW_MONITOR:
1450 mt7996_debugfs_rx_fw_monitor(dev, skb->data, skb->len);
1451 dev_kfree_skb(skb);
1452 break;
1453 case PKT_TYPE_NORMAL:
1454 if (!mt7996_mac_fill_rx(dev, q, skb, info)) {
1455 mt76_rx(&dev->mt76, q, skb);
1456 return;
1457 }
1458 fallthrough;
1459 default:
1460 dev_kfree_skb(skb);
1461 break;
1462 }
1463 }
1464
mt7996_mac_cca_stats_reset(struct mt7996_phy * phy)1465 void mt7996_mac_cca_stats_reset(struct mt7996_phy *phy)
1466 {
1467 struct mt7996_dev *dev = phy->dev;
1468 u32 reg = MT_WF_PHYRX_BAND_RX_CTRL1(phy->mt76->band_idx);
1469
1470 mt76_clear(dev, reg, MT_WF_PHYRX_BAND_RX_CTRL1_STSCNT_EN);
1471 mt76_set(dev, reg, BIT(11) | BIT(9));
1472 }
1473
mt7996_mac_reset_counters(struct mt7996_phy * phy)1474 void mt7996_mac_reset_counters(struct mt7996_phy *phy)
1475 {
1476 struct mt7996_dev *dev = phy->dev;
1477 u8 band_idx = phy->mt76->band_idx;
1478 int i;
1479
1480 for (i = 0; i < 16; i++)
1481 mt76_rr(dev, MT_TX_AGG_CNT(band_idx, i));
1482
1483 phy->mt76->survey_time = ktime_get_boottime();
1484
1485 memset(phy->mt76->aggr_stats, 0, sizeof(phy->mt76->aggr_stats));
1486
1487 /* reset airtime counters */
1488 mt76_set(dev, MT_WF_RMAC_MIB_AIRTIME0(band_idx),
1489 MT_WF_RMAC_MIB_RXTIME_CLR);
1490
1491 mt7996_mcu_get_chan_mib_info(phy, true);
1492 }
1493
mt7996_mac_set_coverage_class(struct mt7996_phy * phy)1494 void mt7996_mac_set_coverage_class(struct mt7996_phy *phy)
1495 {
1496 s16 coverage_class = phy->coverage_class;
1497 struct mt7996_dev *dev = phy->dev;
1498 struct mt7996_phy *phy2 = mt7996_phy2(dev);
1499 struct mt7996_phy *phy3 = mt7996_phy3(dev);
1500 u32 reg_offset;
1501 u32 cck = FIELD_PREP(MT_TIMEOUT_VAL_PLCP, 231) |
1502 FIELD_PREP(MT_TIMEOUT_VAL_CCA, 48);
1503 u32 ofdm = FIELD_PREP(MT_TIMEOUT_VAL_PLCP, 60) |
1504 FIELD_PREP(MT_TIMEOUT_VAL_CCA, 28);
1505 u8 band_idx = phy->mt76->band_idx;
1506 int offset;
1507
1508 if (!test_bit(MT76_STATE_RUNNING, &phy->mt76->state))
1509 return;
1510
1511 if (phy2)
1512 coverage_class = max_t(s16, dev->phy.coverage_class,
1513 phy2->coverage_class);
1514
1515 if (phy3)
1516 coverage_class = max_t(s16, coverage_class,
1517 phy3->coverage_class);
1518
1519 offset = 3 * coverage_class;
1520 reg_offset = FIELD_PREP(MT_TIMEOUT_VAL_PLCP, offset) |
1521 FIELD_PREP(MT_TIMEOUT_VAL_CCA, offset);
1522
1523 mt76_wr(dev, MT_TMAC_CDTR(band_idx), cck + reg_offset);
1524 mt76_wr(dev, MT_TMAC_ODTR(band_idx), ofdm + reg_offset);
1525 }
1526
mt7996_mac_enable_nf(struct mt7996_dev * dev,u8 band)1527 void mt7996_mac_enable_nf(struct mt7996_dev *dev, u8 band)
1528 {
1529 mt76_set(dev, MT_WF_PHYRX_CSD_BAND_RXTD12(band),
1530 MT_WF_PHYRX_CSD_BAND_RXTD12_IRPI_SW_CLR_ONLY |
1531 MT_WF_PHYRX_CSD_BAND_RXTD12_IRPI_SW_CLR);
1532
1533 mt76_set(dev, MT_WF_PHYRX_BAND_RX_CTRL1(band),
1534 FIELD_PREP(MT_WF_PHYRX_BAND_RX_CTRL1_IPI_EN, 0x5));
1535 }
1536
1537 static u8
mt7996_phy_get_nf(struct mt7996_phy * phy,u8 band_idx)1538 mt7996_phy_get_nf(struct mt7996_phy *phy, u8 band_idx)
1539 {
1540 static const u8 nf_power[] = { 92, 89, 86, 83, 80, 75, 70, 65, 60, 55, 52 };
1541 struct mt7996_dev *dev = phy->dev;
1542 u32 val, sum = 0, n = 0;
1543 int ant, i;
1544
1545 for (ant = 0; ant < hweight8(phy->mt76->antenna_mask); ant++) {
1546 u32 reg = MT_WF_PHYRX_CSD_IRPI(band_idx, ant);
1547
1548 for (i = 0; i < ARRAY_SIZE(nf_power); i++, reg += 4) {
1549 val = mt76_rr(dev, reg);
1550 sum += val * nf_power[i];
1551 n += val;
1552 }
1553 }
1554
1555 return n ? sum / n : 0;
1556 }
1557
mt7996_update_channel(struct mt76_phy * mphy)1558 void mt7996_update_channel(struct mt76_phy *mphy)
1559 {
1560 struct mt7996_phy *phy = mphy->priv;
1561 struct mt76_channel_state *state = mphy->chan_state;
1562 int nf;
1563
1564 mt7996_mcu_get_chan_mib_info(phy, false);
1565
1566 nf = mt7996_phy_get_nf(phy, mphy->band_idx);
1567 if (!phy->noise)
1568 phy->noise = nf << 4;
1569 else if (nf)
1570 phy->noise += nf - (phy->noise >> 4);
1571
1572 state->noise = -(phy->noise >> 4);
1573 }
1574
1575 static bool
mt7996_wait_reset_state(struct mt7996_dev * dev,u32 state)1576 mt7996_wait_reset_state(struct mt7996_dev *dev, u32 state)
1577 {
1578 bool ret;
1579
1580 ret = wait_event_timeout(dev->reset_wait,
1581 (READ_ONCE(dev->recovery.state) & state),
1582 MT7996_RESET_TIMEOUT);
1583
1584 WARN(!ret, "Timeout waiting for MCU reset state %x\n", state);
1585 return ret;
1586 }
1587
1588 static void
mt7996_update_vif_beacon(void * priv,u8 * mac,struct ieee80211_vif * vif)1589 mt7996_update_vif_beacon(void *priv, u8 *mac, struct ieee80211_vif *vif)
1590 {
1591 struct ieee80211_hw *hw = priv;
1592
1593 switch (vif->type) {
1594 case NL80211_IFTYPE_MESH_POINT:
1595 case NL80211_IFTYPE_ADHOC:
1596 case NL80211_IFTYPE_AP:
1597 mt7996_mcu_add_beacon(hw, vif, &vif->bss_conf);
1598 break;
1599 default:
1600 break;
1601 }
1602 }
1603
1604 static void
mt7996_update_beacons(struct mt7996_dev * dev)1605 mt7996_update_beacons(struct mt7996_dev *dev)
1606 {
1607 struct mt76_phy *phy2, *phy3;
1608
1609 ieee80211_iterate_active_interfaces(dev->mt76.hw,
1610 IEEE80211_IFACE_ITER_RESUME_ALL,
1611 mt7996_update_vif_beacon, dev->mt76.hw);
1612
1613 phy2 = dev->mt76.phys[MT_BAND1];
1614 if (!phy2)
1615 return;
1616
1617 ieee80211_iterate_active_interfaces(phy2->hw,
1618 IEEE80211_IFACE_ITER_RESUME_ALL,
1619 mt7996_update_vif_beacon, phy2->hw);
1620
1621 phy3 = dev->mt76.phys[MT_BAND2];
1622 if (!phy3)
1623 return;
1624
1625 ieee80211_iterate_active_interfaces(phy3->hw,
1626 IEEE80211_IFACE_ITER_RESUME_ALL,
1627 mt7996_update_vif_beacon, phy3->hw);
1628 }
1629
mt7996_tx_token_put(struct mt7996_dev * dev)1630 void mt7996_tx_token_put(struct mt7996_dev *dev)
1631 {
1632 struct mt76_txwi_cache *txwi;
1633 int id;
1634
1635 spin_lock_bh(&dev->mt76.token_lock);
1636 idr_for_each_entry(&dev->mt76.token, txwi, id) {
1637 mt7996_txwi_free(dev, txwi, NULL, NULL);
1638 dev->mt76.token_count--;
1639 }
1640 spin_unlock_bh(&dev->mt76.token_lock);
1641 idr_destroy(&dev->mt76.token);
1642 }
1643
1644 static int
mt7996_mac_restart(struct mt7996_dev * dev)1645 mt7996_mac_restart(struct mt7996_dev *dev)
1646 {
1647 struct mt7996_phy *phy2, *phy3;
1648 struct mt76_dev *mdev = &dev->mt76;
1649 int i, ret;
1650
1651 phy2 = mt7996_phy2(dev);
1652 phy3 = mt7996_phy3(dev);
1653
1654 if (dev->hif2) {
1655 mt76_wr(dev, MT_INT1_MASK_CSR, 0x0);
1656 mt76_wr(dev, MT_INT1_SOURCE_CSR, ~0);
1657 }
1658
1659 if (dev_is_pci(mdev->dev)) {
1660 mt76_wr(dev, MT_PCIE_MAC_INT_ENABLE, 0x0);
1661 if (dev->hif2)
1662 mt76_wr(dev, MT_PCIE1_MAC_INT_ENABLE, 0x0);
1663 }
1664
1665 set_bit(MT76_RESET, &dev->mphy.state);
1666 set_bit(MT76_MCU_RESET, &dev->mphy.state);
1667 wake_up(&dev->mt76.mcu.wait);
1668 if (phy2)
1669 set_bit(MT76_RESET, &phy2->mt76->state);
1670 if (phy3)
1671 set_bit(MT76_RESET, &phy3->mt76->state);
1672
1673 /* lock/unlock all queues to ensure that no tx is pending */
1674 mt76_txq_schedule_all(&dev->mphy);
1675 if (phy2)
1676 mt76_txq_schedule_all(phy2->mt76);
1677 if (phy3)
1678 mt76_txq_schedule_all(phy3->mt76);
1679
1680 /* disable all tx/rx napi */
1681 mt76_worker_disable(&dev->mt76.tx_worker);
1682 mt76_for_each_q_rx(mdev, i) {
1683 if (mtk_wed_device_active(&dev->mt76.mmio.wed) &&
1684 mt76_queue_is_wed_rro(&mdev->q_rx[i]))
1685 continue;
1686
1687 if (mdev->q_rx[i].ndesc)
1688 napi_disable(&dev->mt76.napi[i]);
1689 }
1690 napi_disable(&dev->mt76.tx_napi);
1691
1692 /* token reinit */
1693 mt7996_tx_token_put(dev);
1694 idr_init(&dev->mt76.token);
1695
1696 mt7996_dma_reset(dev, true);
1697
1698 mt76_for_each_q_rx(mdev, i) {
1699 if (mtk_wed_device_active(&dev->mt76.mmio.wed) &&
1700 mt76_queue_is_wed_rro(&mdev->q_rx[i]))
1701 continue;
1702
1703 if (mdev->q_rx[i].ndesc) {
1704 napi_enable(&dev->mt76.napi[i]);
1705 local_bh_disable();
1706 napi_schedule(&dev->mt76.napi[i]);
1707 local_bh_enable();
1708 }
1709 }
1710 clear_bit(MT76_MCU_RESET, &dev->mphy.state);
1711 clear_bit(MT76_STATE_MCU_RUNNING, &dev->mphy.state);
1712
1713 mt76_wr(dev, MT_INT_MASK_CSR, dev->mt76.mmio.irqmask);
1714 mt76_wr(dev, MT_INT_SOURCE_CSR, ~0);
1715 if (dev->hif2) {
1716 mt76_wr(dev, MT_INT1_MASK_CSR, dev->mt76.mmio.irqmask);
1717 mt76_wr(dev, MT_INT1_SOURCE_CSR, ~0);
1718 }
1719 if (dev_is_pci(mdev->dev)) {
1720 mt76_wr(dev, MT_PCIE_MAC_INT_ENABLE, 0xff);
1721 if (dev->hif2)
1722 mt76_wr(dev, MT_PCIE1_MAC_INT_ENABLE, 0xff);
1723 }
1724
1725 /* load firmware */
1726 ret = mt7996_mcu_init_firmware(dev);
1727 if (ret)
1728 goto out;
1729
1730 /* set the necessary init items */
1731 ret = mt7996_mcu_set_eeprom(dev);
1732 if (ret)
1733 goto out;
1734
1735 mt7996_mac_init(dev);
1736 mt7996_init_txpower(&dev->phy);
1737 mt7996_init_txpower(phy2);
1738 mt7996_init_txpower(phy3);
1739 ret = mt7996_txbf_init(dev);
1740
1741 if (test_bit(MT76_STATE_RUNNING, &dev->mphy.state)) {
1742 ret = mt7996_run(&dev->phy);
1743 if (ret)
1744 goto out;
1745 }
1746
1747 if (phy2 && test_bit(MT76_STATE_RUNNING, &phy2->mt76->state)) {
1748 ret = mt7996_run(phy2);
1749 if (ret)
1750 goto out;
1751 }
1752
1753 if (phy3 && test_bit(MT76_STATE_RUNNING, &phy3->mt76->state)) {
1754 ret = mt7996_run(phy3);
1755 if (ret)
1756 goto out;
1757 }
1758
1759 out:
1760 /* reset done */
1761 clear_bit(MT76_RESET, &dev->mphy.state);
1762 if (phy2)
1763 clear_bit(MT76_RESET, &phy2->mt76->state);
1764 if (phy3)
1765 clear_bit(MT76_RESET, &phy3->mt76->state);
1766
1767 napi_enable(&dev->mt76.tx_napi);
1768 local_bh_disable();
1769 napi_schedule(&dev->mt76.tx_napi);
1770 local_bh_enable();
1771
1772 mt76_worker_enable(&dev->mt76.tx_worker);
1773 return ret;
1774 }
1775
1776 static void
mt7996_mac_full_reset(struct mt7996_dev * dev)1777 mt7996_mac_full_reset(struct mt7996_dev *dev)
1778 {
1779 struct mt7996_phy *phy2, *phy3;
1780 int i;
1781
1782 phy2 = mt7996_phy2(dev);
1783 phy3 = mt7996_phy3(dev);
1784 dev->recovery.hw_full_reset = true;
1785
1786 wake_up(&dev->mt76.mcu.wait);
1787 ieee80211_stop_queues(mt76_hw(dev));
1788 if (phy2)
1789 ieee80211_stop_queues(phy2->mt76->hw);
1790 if (phy3)
1791 ieee80211_stop_queues(phy3->mt76->hw);
1792
1793 cancel_work_sync(&dev->wed_rro.work);
1794 cancel_delayed_work_sync(&dev->mphy.mac_work);
1795 if (phy2)
1796 cancel_delayed_work_sync(&phy2->mt76->mac_work);
1797 if (phy3)
1798 cancel_delayed_work_sync(&phy3->mt76->mac_work);
1799
1800 mutex_lock(&dev->mt76.mutex);
1801 for (i = 0; i < 10; i++) {
1802 if (!mt7996_mac_restart(dev))
1803 break;
1804 }
1805 mutex_unlock(&dev->mt76.mutex);
1806
1807 if (i == 10)
1808 dev_err(dev->mt76.dev, "chip full reset failed\n");
1809
1810 ieee80211_restart_hw(mt76_hw(dev));
1811 if (phy2)
1812 ieee80211_restart_hw(phy2->mt76->hw);
1813 if (phy3)
1814 ieee80211_restart_hw(phy3->mt76->hw);
1815
1816 ieee80211_wake_queues(mt76_hw(dev));
1817 if (phy2)
1818 ieee80211_wake_queues(phy2->mt76->hw);
1819 if (phy3)
1820 ieee80211_wake_queues(phy3->mt76->hw);
1821
1822 dev->recovery.hw_full_reset = false;
1823 ieee80211_queue_delayed_work(mt76_hw(dev),
1824 &dev->mphy.mac_work,
1825 MT7996_WATCHDOG_TIME);
1826 if (phy2)
1827 ieee80211_queue_delayed_work(phy2->mt76->hw,
1828 &phy2->mt76->mac_work,
1829 MT7996_WATCHDOG_TIME);
1830 if (phy3)
1831 ieee80211_queue_delayed_work(phy3->mt76->hw,
1832 &phy3->mt76->mac_work,
1833 MT7996_WATCHDOG_TIME);
1834 }
1835
mt7996_mac_reset_work(struct work_struct * work)1836 void mt7996_mac_reset_work(struct work_struct *work)
1837 {
1838 struct mt7996_phy *phy2, *phy3;
1839 struct mt7996_dev *dev;
1840 int i;
1841
1842 dev = container_of(work, struct mt7996_dev, reset_work);
1843 phy2 = mt7996_phy2(dev);
1844 phy3 = mt7996_phy3(dev);
1845
1846 /* chip full reset */
1847 if (dev->recovery.restart) {
1848 /* disable WA/WM WDT */
1849 mt76_clear(dev, MT_WFDMA0_MCU_HOST_INT_ENA,
1850 MT_MCU_CMD_WDT_MASK);
1851
1852 if (READ_ONCE(dev->recovery.state) & MT_MCU_CMD_WA_WDT)
1853 dev->recovery.wa_reset_count++;
1854 else
1855 dev->recovery.wm_reset_count++;
1856
1857 mt7996_mac_full_reset(dev);
1858
1859 /* enable mcu irq */
1860 mt7996_irq_enable(dev, MT_INT_MCU_CMD);
1861 mt7996_irq_disable(dev, 0);
1862
1863 /* enable WA/WM WDT */
1864 mt76_set(dev, MT_WFDMA0_MCU_HOST_INT_ENA, MT_MCU_CMD_WDT_MASK);
1865
1866 dev->recovery.state = MT_MCU_CMD_NORMAL_STATE;
1867 dev->recovery.restart = false;
1868 return;
1869 }
1870
1871 if (!(READ_ONCE(dev->recovery.state) & MT_MCU_CMD_STOP_DMA))
1872 return;
1873
1874 dev_info(dev->mt76.dev,"\n%s L1 SER recovery start.",
1875 wiphy_name(dev->mt76.hw->wiphy));
1876
1877 if (mtk_wed_device_active(&dev->mt76.mmio.wed_hif2))
1878 mtk_wed_device_stop(&dev->mt76.mmio.wed_hif2);
1879
1880 if (mtk_wed_device_active(&dev->mt76.mmio.wed))
1881 mtk_wed_device_stop(&dev->mt76.mmio.wed);
1882
1883 ieee80211_stop_queues(mt76_hw(dev));
1884 if (phy2)
1885 ieee80211_stop_queues(phy2->mt76->hw);
1886 if (phy3)
1887 ieee80211_stop_queues(phy3->mt76->hw);
1888
1889 set_bit(MT76_RESET, &dev->mphy.state);
1890 set_bit(MT76_MCU_RESET, &dev->mphy.state);
1891 wake_up(&dev->mt76.mcu.wait);
1892
1893 cancel_work_sync(&dev->wed_rro.work);
1894 cancel_delayed_work_sync(&dev->mphy.mac_work);
1895 if (phy2) {
1896 set_bit(MT76_RESET, &phy2->mt76->state);
1897 cancel_delayed_work_sync(&phy2->mt76->mac_work);
1898 }
1899 if (phy3) {
1900 set_bit(MT76_RESET, &phy3->mt76->state);
1901 cancel_delayed_work_sync(&phy3->mt76->mac_work);
1902 }
1903 mt76_worker_disable(&dev->mt76.tx_worker);
1904 mt76_for_each_q_rx(&dev->mt76, i) {
1905 if (mtk_wed_device_active(&dev->mt76.mmio.wed) &&
1906 mt76_queue_is_wed_rro(&dev->mt76.q_rx[i]))
1907 continue;
1908
1909 napi_disable(&dev->mt76.napi[i]);
1910 }
1911 napi_disable(&dev->mt76.tx_napi);
1912
1913 mutex_lock(&dev->mt76.mutex);
1914
1915 mt76_wr(dev, MT_MCU_INT_EVENT, MT_MCU_INT_EVENT_DMA_STOPPED);
1916
1917 if (mt7996_wait_reset_state(dev, MT_MCU_CMD_RESET_DONE)) {
1918 mt7996_dma_reset(dev, false);
1919
1920 mt7996_tx_token_put(dev);
1921 idr_init(&dev->mt76.token);
1922
1923 mt76_wr(dev, MT_MCU_INT_EVENT, MT_MCU_INT_EVENT_DMA_INIT);
1924 mt7996_wait_reset_state(dev, MT_MCU_CMD_RECOVERY_DONE);
1925 }
1926
1927 mt76_wr(dev, MT_MCU_INT_EVENT, MT_MCU_INT_EVENT_RESET_DONE);
1928 mt7996_wait_reset_state(dev, MT_MCU_CMD_NORMAL_STATE);
1929
1930 /* enable DMA Tx/Tx and interrupt */
1931 mt7996_dma_start(dev, false, false);
1932
1933 if (mtk_wed_device_active(&dev->mt76.mmio.wed)) {
1934 u32 wed_irq_mask = MT_INT_RRO_RX_DONE | MT_INT_TX_DONE_BAND2 |
1935 dev->mt76.mmio.irqmask;
1936
1937 if (mtk_wed_get_rx_capa(&dev->mt76.mmio.wed))
1938 wed_irq_mask &= ~MT_INT_RX_DONE_RRO_IND;
1939
1940 mt76_wr(dev, MT_INT_MASK_CSR, wed_irq_mask);
1941
1942 mtk_wed_device_start_hw_rro(&dev->mt76.mmio.wed, wed_irq_mask,
1943 true);
1944 mt7996_irq_enable(dev, wed_irq_mask);
1945 mt7996_irq_disable(dev, 0);
1946 }
1947
1948 if (mtk_wed_device_active(&dev->mt76.mmio.wed_hif2)) {
1949 mt76_wr(dev, MT_INT_PCIE1_MASK_CSR, MT_INT_TX_RX_DONE_EXT);
1950 mtk_wed_device_start(&dev->mt76.mmio.wed_hif2,
1951 MT_INT_TX_RX_DONE_EXT);
1952 }
1953
1954 clear_bit(MT76_MCU_RESET, &dev->mphy.state);
1955 clear_bit(MT76_RESET, &dev->mphy.state);
1956 if (phy2)
1957 clear_bit(MT76_RESET, &phy2->mt76->state);
1958 if (phy3)
1959 clear_bit(MT76_RESET, &phy3->mt76->state);
1960
1961 mt76_for_each_q_rx(&dev->mt76, i) {
1962 if (mtk_wed_device_active(&dev->mt76.mmio.wed) &&
1963 mt76_queue_is_wed_rro(&dev->mt76.q_rx[i]))
1964 continue;
1965
1966 napi_enable(&dev->mt76.napi[i]);
1967 local_bh_disable();
1968 napi_schedule(&dev->mt76.napi[i]);
1969 local_bh_enable();
1970 }
1971
1972 tasklet_schedule(&dev->mt76.irq_tasklet);
1973
1974 mt76_worker_enable(&dev->mt76.tx_worker);
1975
1976 napi_enable(&dev->mt76.tx_napi);
1977 local_bh_disable();
1978 napi_schedule(&dev->mt76.tx_napi);
1979 local_bh_enable();
1980
1981 ieee80211_wake_queues(mt76_hw(dev));
1982 if (phy2)
1983 ieee80211_wake_queues(phy2->mt76->hw);
1984 if (phy3)
1985 ieee80211_wake_queues(phy3->mt76->hw);
1986
1987 mutex_unlock(&dev->mt76.mutex);
1988
1989 mt7996_update_beacons(dev);
1990
1991 ieee80211_queue_delayed_work(mt76_hw(dev), &dev->mphy.mac_work,
1992 MT7996_WATCHDOG_TIME);
1993 if (phy2)
1994 ieee80211_queue_delayed_work(phy2->mt76->hw,
1995 &phy2->mt76->mac_work,
1996 MT7996_WATCHDOG_TIME);
1997 if (phy3)
1998 ieee80211_queue_delayed_work(phy3->mt76->hw,
1999 &phy3->mt76->mac_work,
2000 MT7996_WATCHDOG_TIME);
2001 dev_info(dev->mt76.dev,"\n%s L1 SER recovery completed.",
2002 wiphy_name(dev->mt76.hw->wiphy));
2003 }
2004
2005 /* firmware coredump */
mt7996_mac_dump_work(struct work_struct * work)2006 void mt7996_mac_dump_work(struct work_struct *work)
2007 {
2008 const struct mt7996_mem_region *mem_region;
2009 struct mt7996_crash_data *crash_data;
2010 struct mt7996_dev *dev;
2011 struct mt7996_mem_hdr *hdr;
2012 size_t buf_len;
2013 int i;
2014 u32 num;
2015 u8 *buf;
2016
2017 dev = container_of(work, struct mt7996_dev, dump_work);
2018
2019 mutex_lock(&dev->dump_mutex);
2020
2021 crash_data = mt7996_coredump_new(dev);
2022 if (!crash_data) {
2023 mutex_unlock(&dev->dump_mutex);
2024 goto skip_coredump;
2025 }
2026
2027 mem_region = mt7996_coredump_get_mem_layout(dev, &num);
2028 if (!mem_region || !crash_data->memdump_buf_len) {
2029 mutex_unlock(&dev->dump_mutex);
2030 goto skip_memdump;
2031 }
2032
2033 buf = crash_data->memdump_buf;
2034 buf_len = crash_data->memdump_buf_len;
2035
2036 /* dumping memory content... */
2037 memset(buf, 0, buf_len);
2038 for (i = 0; i < num; i++) {
2039 if (mem_region->len > buf_len) {
2040 dev_warn(dev->mt76.dev, "%s len %zu is too large\n",
2041 mem_region->name, mem_region->len);
2042 break;
2043 }
2044
2045 /* reserve space for the header */
2046 hdr = (void *)buf;
2047 buf += sizeof(*hdr);
2048 buf_len -= sizeof(*hdr);
2049
2050 mt7996_memcpy_fromio(dev, buf, mem_region->start,
2051 mem_region->len);
2052
2053 hdr->start = mem_region->start;
2054 hdr->len = mem_region->len;
2055
2056 if (!mem_region->len)
2057 /* note: the header remains, just with zero length */
2058 break;
2059
2060 buf += mem_region->len;
2061 buf_len -= mem_region->len;
2062
2063 mem_region++;
2064 }
2065
2066 mutex_unlock(&dev->dump_mutex);
2067
2068 skip_memdump:
2069 mt7996_coredump_submit(dev);
2070 skip_coredump:
2071 queue_work(dev->mt76.wq, &dev->reset_work);
2072 }
2073
mt7996_reset(struct mt7996_dev * dev)2074 void mt7996_reset(struct mt7996_dev *dev)
2075 {
2076 if (!dev->recovery.hw_init_done)
2077 return;
2078
2079 if (dev->recovery.hw_full_reset)
2080 return;
2081
2082 /* wm/wa exception: do full recovery */
2083 if (READ_ONCE(dev->recovery.state) & MT_MCU_CMD_WDT_MASK) {
2084 dev->recovery.restart = true;
2085 dev_info(dev->mt76.dev,
2086 "%s indicated firmware crash, attempting recovery\n",
2087 wiphy_name(dev->mt76.hw->wiphy));
2088
2089 mt7996_irq_disable(dev, MT_INT_MCU_CMD);
2090 queue_work(dev->mt76.wq, &dev->dump_work);
2091 return;
2092 }
2093
2094 queue_work(dev->mt76.wq, &dev->reset_work);
2095 wake_up(&dev->reset_wait);
2096 }
2097
mt7996_mac_update_stats(struct mt7996_phy * phy)2098 void mt7996_mac_update_stats(struct mt7996_phy *phy)
2099 {
2100 struct mt76_mib_stats *mib = &phy->mib;
2101 struct mt7996_dev *dev = phy->dev;
2102 u8 band_idx = phy->mt76->band_idx;
2103 u32 cnt;
2104 int i;
2105
2106 cnt = mt76_rr(dev, MT_MIB_RSCR1(band_idx));
2107 mib->fcs_err_cnt += cnt;
2108
2109 cnt = mt76_rr(dev, MT_MIB_RSCR33(band_idx));
2110 mib->rx_fifo_full_cnt += cnt;
2111
2112 cnt = mt76_rr(dev, MT_MIB_RSCR31(band_idx));
2113 mib->rx_mpdu_cnt += cnt;
2114
2115 cnt = mt76_rr(dev, MT_MIB_SDR6(band_idx));
2116 mib->channel_idle_cnt += FIELD_GET(MT_MIB_SDR6_CHANNEL_IDL_CNT_MASK, cnt);
2117
2118 cnt = mt76_rr(dev, MT_MIB_RVSR0(band_idx));
2119 mib->rx_vector_mismatch_cnt += cnt;
2120
2121 cnt = mt76_rr(dev, MT_MIB_RSCR35(band_idx));
2122 mib->rx_delimiter_fail_cnt += cnt;
2123
2124 cnt = mt76_rr(dev, MT_MIB_RSCR36(band_idx));
2125 mib->rx_len_mismatch_cnt += cnt;
2126
2127 cnt = mt76_rr(dev, MT_MIB_TSCR0(band_idx));
2128 mib->tx_ampdu_cnt += cnt;
2129
2130 cnt = mt76_rr(dev, MT_MIB_TSCR2(band_idx));
2131 mib->tx_stop_q_empty_cnt += cnt;
2132
2133 cnt = mt76_rr(dev, MT_MIB_TSCR3(band_idx));
2134 mib->tx_mpdu_attempts_cnt += cnt;
2135
2136 cnt = mt76_rr(dev, MT_MIB_TSCR4(band_idx));
2137 mib->tx_mpdu_success_cnt += cnt;
2138
2139 cnt = mt76_rr(dev, MT_MIB_RSCR27(band_idx));
2140 mib->rx_ampdu_cnt += cnt;
2141
2142 cnt = mt76_rr(dev, MT_MIB_RSCR28(band_idx));
2143 mib->rx_ampdu_bytes_cnt += cnt;
2144
2145 cnt = mt76_rr(dev, MT_MIB_RSCR29(band_idx));
2146 mib->rx_ampdu_valid_subframe_cnt += cnt;
2147
2148 cnt = mt76_rr(dev, MT_MIB_RSCR30(band_idx));
2149 mib->rx_ampdu_valid_subframe_bytes_cnt += cnt;
2150
2151 cnt = mt76_rr(dev, MT_MIB_SDR27(band_idx));
2152 mib->tx_rwp_fail_cnt += FIELD_GET(MT_MIB_SDR27_TX_RWP_FAIL_CNT, cnt);
2153
2154 cnt = mt76_rr(dev, MT_MIB_SDR28(band_idx));
2155 mib->tx_rwp_need_cnt += FIELD_GET(MT_MIB_SDR28_TX_RWP_NEED_CNT, cnt);
2156
2157 cnt = mt76_rr(dev, MT_UMIB_RPDCR(band_idx));
2158 mib->rx_pfdrop_cnt += cnt;
2159
2160 cnt = mt76_rr(dev, MT_MIB_RVSR1(band_idx));
2161 mib->rx_vec_queue_overflow_drop_cnt += cnt;
2162
2163 cnt = mt76_rr(dev, MT_MIB_TSCR1(band_idx));
2164 mib->rx_ba_cnt += cnt;
2165
2166 cnt = mt76_rr(dev, MT_MIB_BSCR0(band_idx));
2167 mib->tx_bf_ebf_ppdu_cnt += cnt;
2168
2169 cnt = mt76_rr(dev, MT_MIB_BSCR1(band_idx));
2170 mib->tx_bf_ibf_ppdu_cnt += cnt;
2171
2172 cnt = mt76_rr(dev, MT_MIB_BSCR2(band_idx));
2173 mib->tx_mu_bf_cnt += cnt;
2174
2175 cnt = mt76_rr(dev, MT_MIB_TSCR5(band_idx));
2176 mib->tx_mu_mpdu_cnt += cnt;
2177
2178 cnt = mt76_rr(dev, MT_MIB_TSCR6(band_idx));
2179 mib->tx_mu_acked_mpdu_cnt += cnt;
2180
2181 cnt = mt76_rr(dev, MT_MIB_TSCR7(band_idx));
2182 mib->tx_su_acked_mpdu_cnt += cnt;
2183
2184 cnt = mt76_rr(dev, MT_MIB_BSCR3(band_idx));
2185 mib->tx_bf_rx_fb_ht_cnt += cnt;
2186 mib->tx_bf_rx_fb_all_cnt += cnt;
2187
2188 cnt = mt76_rr(dev, MT_MIB_BSCR4(band_idx));
2189 mib->tx_bf_rx_fb_vht_cnt += cnt;
2190 mib->tx_bf_rx_fb_all_cnt += cnt;
2191
2192 cnt = mt76_rr(dev, MT_MIB_BSCR5(band_idx));
2193 mib->tx_bf_rx_fb_he_cnt += cnt;
2194 mib->tx_bf_rx_fb_all_cnt += cnt;
2195
2196 cnt = mt76_rr(dev, MT_MIB_BSCR6(band_idx));
2197 mib->tx_bf_rx_fb_eht_cnt += cnt;
2198 mib->tx_bf_rx_fb_all_cnt += cnt;
2199
2200 cnt = mt76_rr(dev, MT_ETBF_RX_FB_CONT(band_idx));
2201 mib->tx_bf_rx_fb_bw = FIELD_GET(MT_ETBF_RX_FB_BW, cnt);
2202 mib->tx_bf_rx_fb_nc_cnt += FIELD_GET(MT_ETBF_RX_FB_NC, cnt);
2203 mib->tx_bf_rx_fb_nr_cnt += FIELD_GET(MT_ETBF_RX_FB_NR, cnt);
2204
2205 cnt = mt76_rr(dev, MT_MIB_BSCR7(band_idx));
2206 mib->tx_bf_fb_trig_cnt += cnt;
2207
2208 cnt = mt76_rr(dev, MT_MIB_BSCR17(band_idx));
2209 mib->tx_bf_fb_cpl_cnt += cnt;
2210
2211 for (i = 0; i < ARRAY_SIZE(mib->tx_amsdu); i++) {
2212 cnt = mt76_rr(dev, MT_PLE_AMSDU_PACK_MSDU_CNT(i));
2213 mib->tx_amsdu[i] += cnt;
2214 mib->tx_amsdu_cnt += cnt;
2215 }
2216
2217 /* rts count */
2218 cnt = mt76_rr(dev, MT_MIB_BTSCR5(band_idx));
2219 mib->rts_cnt += cnt;
2220
2221 /* rts retry count */
2222 cnt = mt76_rr(dev, MT_MIB_BTSCR6(band_idx));
2223 mib->rts_retries_cnt += cnt;
2224
2225 /* ba miss count */
2226 cnt = mt76_rr(dev, MT_MIB_BTSCR0(band_idx));
2227 mib->ba_miss_cnt += cnt;
2228
2229 /* ack fail count */
2230 cnt = mt76_rr(dev, MT_MIB_BFTFCR(band_idx));
2231 mib->ack_fail_cnt += cnt;
2232
2233 for (i = 0; i < 16; i++) {
2234 cnt = mt76_rr(dev, MT_TX_AGG_CNT(band_idx, i));
2235 phy->mt76->aggr_stats[i] += cnt;
2236 }
2237 }
2238
mt7996_mac_sta_rc_work(struct work_struct * work)2239 void mt7996_mac_sta_rc_work(struct work_struct *work)
2240 {
2241 struct mt7996_dev *dev = container_of(work, struct mt7996_dev, rc_work);
2242 struct ieee80211_sta *sta;
2243 struct ieee80211_vif *vif;
2244 struct mt7996_sta *msta;
2245 u32 changed;
2246 LIST_HEAD(list);
2247
2248 spin_lock_bh(&dev->mt76.sta_poll_lock);
2249 list_splice_init(&dev->sta_rc_list, &list);
2250
2251 while (!list_empty(&list)) {
2252 msta = list_first_entry(&list, struct mt7996_sta, rc_list);
2253 list_del_init(&msta->rc_list);
2254 changed = msta->changed;
2255 msta->changed = 0;
2256 spin_unlock_bh(&dev->mt76.sta_poll_lock);
2257
2258 sta = container_of((void *)msta, struct ieee80211_sta, drv_priv);
2259 vif = container_of((void *)msta->vif, struct ieee80211_vif, drv_priv);
2260
2261 if (changed & (IEEE80211_RC_SUPP_RATES_CHANGED |
2262 IEEE80211_RC_NSS_CHANGED |
2263 IEEE80211_RC_BW_CHANGED))
2264 mt7996_mcu_add_rate_ctrl(dev, vif, sta, true);
2265
2266 if (changed & IEEE80211_RC_SMPS_CHANGED)
2267 mt7996_mcu_set_fixed_field(dev, vif, sta, NULL,
2268 RATE_PARAM_MMPS_UPDATE);
2269
2270 spin_lock_bh(&dev->mt76.sta_poll_lock);
2271 }
2272
2273 spin_unlock_bh(&dev->mt76.sta_poll_lock);
2274 }
2275
mt7996_mac_work(struct work_struct * work)2276 void mt7996_mac_work(struct work_struct *work)
2277 {
2278 struct mt7996_phy *phy;
2279 struct mt76_phy *mphy;
2280
2281 mphy = (struct mt76_phy *)container_of(work, struct mt76_phy,
2282 mac_work.work);
2283 phy = mphy->priv;
2284
2285 mutex_lock(&mphy->dev->mutex);
2286
2287 mt76_update_survey(mphy);
2288 if (++mphy->mac_work_count == 5) {
2289 mphy->mac_work_count = 0;
2290
2291 mt7996_mac_update_stats(phy);
2292
2293 mt7996_mcu_get_all_sta_info(phy, UNI_ALL_STA_TXRX_RATE);
2294 if (mtk_wed_device_active(&phy->dev->mt76.mmio.wed)) {
2295 mt7996_mcu_get_all_sta_info(phy, UNI_ALL_STA_TXRX_ADM_STAT);
2296 mt7996_mcu_get_all_sta_info(phy, UNI_ALL_STA_TXRX_MSDU_COUNT);
2297 }
2298 }
2299
2300 mutex_unlock(&mphy->dev->mutex);
2301
2302 mt76_tx_status_check(mphy->dev, false);
2303
2304 ieee80211_queue_delayed_work(mphy->hw, &mphy->mac_work,
2305 MT7996_WATCHDOG_TIME);
2306 }
2307
mt7996_dfs_stop_radar_detector(struct mt7996_phy * phy)2308 static void mt7996_dfs_stop_radar_detector(struct mt7996_phy *phy)
2309 {
2310 struct mt7996_dev *dev = phy->dev;
2311
2312 if (phy->rdd_state & BIT(0))
2313 mt7996_mcu_rdd_cmd(dev, RDD_STOP, 0,
2314 MT_RX_SEL0, 0);
2315 if (phy->rdd_state & BIT(1))
2316 mt7996_mcu_rdd_cmd(dev, RDD_STOP, 1,
2317 MT_RX_SEL0, 0);
2318 }
2319
mt7996_dfs_start_rdd(struct mt7996_dev * dev,int chain)2320 static int mt7996_dfs_start_rdd(struct mt7996_dev *dev, int chain)
2321 {
2322 int err, region;
2323
2324 switch (dev->mt76.region) {
2325 case NL80211_DFS_ETSI:
2326 region = 0;
2327 break;
2328 case NL80211_DFS_JP:
2329 region = 2;
2330 break;
2331 case NL80211_DFS_FCC:
2332 default:
2333 region = 1;
2334 break;
2335 }
2336
2337 err = mt7996_mcu_rdd_cmd(dev, RDD_START, chain,
2338 MT_RX_SEL0, region);
2339 if (err < 0)
2340 return err;
2341
2342 return mt7996_mcu_rdd_cmd(dev, RDD_DET_MODE, chain,
2343 MT_RX_SEL0, 1);
2344 }
2345
mt7996_dfs_start_radar_detector(struct mt7996_phy * phy)2346 static int mt7996_dfs_start_radar_detector(struct mt7996_phy *phy)
2347 {
2348 struct cfg80211_chan_def *chandef = &phy->mt76->chandef;
2349 struct mt7996_dev *dev = phy->dev;
2350 u8 band_idx = phy->mt76->band_idx;
2351 int err;
2352
2353 /* start CAC */
2354 err = mt7996_mcu_rdd_cmd(dev, RDD_CAC_START, band_idx,
2355 MT_RX_SEL0, 0);
2356 if (err < 0)
2357 return err;
2358
2359 err = mt7996_dfs_start_rdd(dev, band_idx);
2360 if (err < 0)
2361 return err;
2362
2363 phy->rdd_state |= BIT(band_idx);
2364
2365 if (chandef->width == NL80211_CHAN_WIDTH_160 ||
2366 chandef->width == NL80211_CHAN_WIDTH_80P80) {
2367 err = mt7996_dfs_start_rdd(dev, 1);
2368 if (err < 0)
2369 return err;
2370
2371 phy->rdd_state |= BIT(1);
2372 }
2373
2374 return 0;
2375 }
2376
2377 static int
mt7996_dfs_init_radar_specs(struct mt7996_phy * phy)2378 mt7996_dfs_init_radar_specs(struct mt7996_phy *phy)
2379 {
2380 const struct mt7996_dfs_radar_spec *radar_specs;
2381 struct mt7996_dev *dev = phy->dev;
2382 int err, i;
2383
2384 switch (dev->mt76.region) {
2385 case NL80211_DFS_FCC:
2386 radar_specs = &fcc_radar_specs;
2387 err = mt7996_mcu_set_fcc5_lpn(dev, 8);
2388 if (err < 0)
2389 return err;
2390 break;
2391 case NL80211_DFS_ETSI:
2392 radar_specs = &etsi_radar_specs;
2393 break;
2394 case NL80211_DFS_JP:
2395 radar_specs = &jp_radar_specs;
2396 break;
2397 default:
2398 return -EINVAL;
2399 }
2400
2401 for (i = 0; i < ARRAY_SIZE(radar_specs->radar_pattern); i++) {
2402 err = mt7996_mcu_set_radar_th(dev, i,
2403 &radar_specs->radar_pattern[i]);
2404 if (err < 0)
2405 return err;
2406 }
2407
2408 return mt7996_mcu_set_pulse_th(dev, &radar_specs->pulse_th);
2409 }
2410
mt7996_dfs_init_radar_detector(struct mt7996_phy * phy)2411 int mt7996_dfs_init_radar_detector(struct mt7996_phy *phy)
2412 {
2413 struct mt7996_dev *dev = phy->dev;
2414 enum mt76_dfs_state dfs_state, prev_state;
2415 int err;
2416
2417 prev_state = phy->mt76->dfs_state;
2418 dfs_state = mt76_phy_dfs_state(phy->mt76);
2419
2420 if (prev_state == dfs_state)
2421 return 0;
2422
2423 if (prev_state == MT_DFS_STATE_UNKNOWN)
2424 mt7996_dfs_stop_radar_detector(phy);
2425
2426 if (dfs_state == MT_DFS_STATE_DISABLED)
2427 goto stop;
2428
2429 if (prev_state <= MT_DFS_STATE_DISABLED) {
2430 err = mt7996_dfs_init_radar_specs(phy);
2431 if (err < 0)
2432 return err;
2433
2434 err = mt7996_dfs_start_radar_detector(phy);
2435 if (err < 0)
2436 return err;
2437
2438 phy->mt76->dfs_state = MT_DFS_STATE_CAC;
2439 }
2440
2441 if (dfs_state == MT_DFS_STATE_CAC)
2442 return 0;
2443
2444 err = mt7996_mcu_rdd_cmd(dev, RDD_CAC_END,
2445 phy->mt76->band_idx, MT_RX_SEL0, 0);
2446 if (err < 0) {
2447 phy->mt76->dfs_state = MT_DFS_STATE_UNKNOWN;
2448 return err;
2449 }
2450
2451 phy->mt76->dfs_state = MT_DFS_STATE_ACTIVE;
2452 return 0;
2453
2454 stop:
2455 err = mt7996_mcu_rdd_cmd(dev, RDD_NORMAL_START,
2456 phy->mt76->band_idx, MT_RX_SEL0, 0);
2457 if (err < 0)
2458 return err;
2459
2460 mt7996_dfs_stop_radar_detector(phy);
2461 phy->mt76->dfs_state = MT_DFS_STATE_DISABLED;
2462
2463 return 0;
2464 }
2465
2466 static int
mt7996_mac_twt_duration_align(int duration)2467 mt7996_mac_twt_duration_align(int duration)
2468 {
2469 return duration << 8;
2470 }
2471
2472 static u64
mt7996_mac_twt_sched_list_add(struct mt7996_dev * dev,struct mt7996_twt_flow * flow)2473 mt7996_mac_twt_sched_list_add(struct mt7996_dev *dev,
2474 struct mt7996_twt_flow *flow)
2475 {
2476 struct mt7996_twt_flow *iter, *iter_next;
2477 u32 duration = flow->duration << 8;
2478 u64 start_tsf;
2479
2480 iter = list_first_entry_or_null(&dev->twt_list,
2481 struct mt7996_twt_flow, list);
2482 if (!iter || !iter->sched || iter->start_tsf > duration) {
2483 /* add flow as first entry in the list */
2484 list_add(&flow->list, &dev->twt_list);
2485 return 0;
2486 }
2487
2488 list_for_each_entry_safe(iter, iter_next, &dev->twt_list, list) {
2489 start_tsf = iter->start_tsf +
2490 mt7996_mac_twt_duration_align(iter->duration);
2491 if (list_is_last(&iter->list, &dev->twt_list))
2492 break;
2493
2494 if (!iter_next->sched ||
2495 iter_next->start_tsf > start_tsf + duration) {
2496 list_add(&flow->list, &iter->list);
2497 goto out;
2498 }
2499 }
2500
2501 /* add flow as last entry in the list */
2502 list_add_tail(&flow->list, &dev->twt_list);
2503 out:
2504 return start_tsf;
2505 }
2506
mt7996_mac_check_twt_req(struct ieee80211_twt_setup * twt)2507 static int mt7996_mac_check_twt_req(struct ieee80211_twt_setup *twt)
2508 {
2509 struct ieee80211_twt_params *twt_agrt;
2510 u64 interval, duration;
2511 u16 mantissa;
2512 u8 exp;
2513
2514 /* only individual agreement supported */
2515 if (twt->control & IEEE80211_TWT_CONTROL_NEG_TYPE_BROADCAST)
2516 return -EOPNOTSUPP;
2517
2518 /* only 256us unit supported */
2519 if (twt->control & IEEE80211_TWT_CONTROL_WAKE_DUR_UNIT)
2520 return -EOPNOTSUPP;
2521
2522 twt_agrt = (struct ieee80211_twt_params *)twt->params;
2523
2524 /* explicit agreement not supported */
2525 if (!(twt_agrt->req_type & cpu_to_le16(IEEE80211_TWT_REQTYPE_IMPLICIT)))
2526 return -EOPNOTSUPP;
2527
2528 exp = FIELD_GET(IEEE80211_TWT_REQTYPE_WAKE_INT_EXP,
2529 le16_to_cpu(twt_agrt->req_type));
2530 mantissa = le16_to_cpu(twt_agrt->mantissa);
2531 duration = twt_agrt->min_twt_dur << 8;
2532
2533 interval = (u64)mantissa << exp;
2534 if (interval < duration)
2535 return -EOPNOTSUPP;
2536
2537 return 0;
2538 }
2539
2540 static bool
mt7996_mac_twt_param_equal(struct mt7996_sta * msta,struct ieee80211_twt_params * twt_agrt)2541 mt7996_mac_twt_param_equal(struct mt7996_sta *msta,
2542 struct ieee80211_twt_params *twt_agrt)
2543 {
2544 u16 type = le16_to_cpu(twt_agrt->req_type);
2545 u8 exp;
2546 int i;
2547
2548 exp = FIELD_GET(IEEE80211_TWT_REQTYPE_WAKE_INT_EXP, type);
2549 for (i = 0; i < MT7996_MAX_STA_TWT_AGRT; i++) {
2550 struct mt7996_twt_flow *f;
2551
2552 if (!(msta->twt.flowid_mask & BIT(i)))
2553 continue;
2554
2555 f = &msta->twt.flow[i];
2556 if (f->duration == twt_agrt->min_twt_dur &&
2557 f->mantissa == twt_agrt->mantissa &&
2558 f->exp == exp &&
2559 f->protection == !!(type & IEEE80211_TWT_REQTYPE_PROTECTION) &&
2560 f->flowtype == !!(type & IEEE80211_TWT_REQTYPE_FLOWTYPE) &&
2561 f->trigger == !!(type & IEEE80211_TWT_REQTYPE_TRIGGER))
2562 return true;
2563 }
2564
2565 return false;
2566 }
2567
mt7996_mac_add_twt_setup(struct ieee80211_hw * hw,struct ieee80211_sta * sta,struct ieee80211_twt_setup * twt)2568 void mt7996_mac_add_twt_setup(struct ieee80211_hw *hw,
2569 struct ieee80211_sta *sta,
2570 struct ieee80211_twt_setup *twt)
2571 {
2572 enum ieee80211_twt_setup_cmd setup_cmd = TWT_SETUP_CMD_REJECT;
2573 struct mt7996_sta *msta = (struct mt7996_sta *)sta->drv_priv;
2574 struct ieee80211_twt_params *twt_agrt = (void *)twt->params;
2575 u16 req_type = le16_to_cpu(twt_agrt->req_type);
2576 enum ieee80211_twt_setup_cmd sta_setup_cmd;
2577 struct mt7996_dev *dev = mt7996_hw_dev(hw);
2578 struct mt7996_twt_flow *flow;
2579 u8 flowid, table_id, exp;
2580
2581 if (mt7996_mac_check_twt_req(twt))
2582 goto out;
2583
2584 mutex_lock(&dev->mt76.mutex);
2585
2586 if (dev->twt.n_agrt == MT7996_MAX_TWT_AGRT)
2587 goto unlock;
2588
2589 if (hweight8(msta->twt.flowid_mask) == ARRAY_SIZE(msta->twt.flow))
2590 goto unlock;
2591
2592 if (twt_agrt->min_twt_dur < MT7996_MIN_TWT_DUR) {
2593 setup_cmd = TWT_SETUP_CMD_DICTATE;
2594 twt_agrt->min_twt_dur = MT7996_MIN_TWT_DUR;
2595 goto unlock;
2596 }
2597
2598 if (mt7996_mac_twt_param_equal(msta, twt_agrt))
2599 goto unlock;
2600
2601 flowid = ffs(~msta->twt.flowid_mask) - 1;
2602 twt_agrt->req_type &= ~cpu_to_le16(IEEE80211_TWT_REQTYPE_FLOWID);
2603 twt_agrt->req_type |= le16_encode_bits(flowid,
2604 IEEE80211_TWT_REQTYPE_FLOWID);
2605
2606 table_id = ffs(~dev->twt.table_mask) - 1;
2607 exp = FIELD_GET(IEEE80211_TWT_REQTYPE_WAKE_INT_EXP, req_type);
2608 sta_setup_cmd = FIELD_GET(IEEE80211_TWT_REQTYPE_SETUP_CMD, req_type);
2609
2610 flow = &msta->twt.flow[flowid];
2611 memset(flow, 0, sizeof(*flow));
2612 INIT_LIST_HEAD(&flow->list);
2613 flow->wcid = msta->wcid.idx;
2614 flow->table_id = table_id;
2615 flow->id = flowid;
2616 flow->duration = twt_agrt->min_twt_dur;
2617 flow->mantissa = twt_agrt->mantissa;
2618 flow->exp = exp;
2619 flow->protection = !!(req_type & IEEE80211_TWT_REQTYPE_PROTECTION);
2620 flow->flowtype = !!(req_type & IEEE80211_TWT_REQTYPE_FLOWTYPE);
2621 flow->trigger = !!(req_type & IEEE80211_TWT_REQTYPE_TRIGGER);
2622
2623 if (sta_setup_cmd == TWT_SETUP_CMD_REQUEST ||
2624 sta_setup_cmd == TWT_SETUP_CMD_SUGGEST) {
2625 u64 interval = (u64)le16_to_cpu(twt_agrt->mantissa) << exp;
2626 u64 flow_tsf, curr_tsf;
2627 u32 rem;
2628
2629 flow->sched = true;
2630 flow->start_tsf = mt7996_mac_twt_sched_list_add(dev, flow);
2631 curr_tsf = __mt7996_get_tsf(hw, msta->vif);
2632 div_u64_rem(curr_tsf - flow->start_tsf, interval, &rem);
2633 flow_tsf = curr_tsf + interval - rem;
2634 twt_agrt->twt = cpu_to_le64(flow_tsf);
2635 } else {
2636 list_add_tail(&flow->list, &dev->twt_list);
2637 }
2638 flow->tsf = le64_to_cpu(twt_agrt->twt);
2639
2640 if (mt7996_mcu_twt_agrt_update(dev, msta->vif, flow, MCU_TWT_AGRT_ADD))
2641 goto unlock;
2642
2643 setup_cmd = TWT_SETUP_CMD_ACCEPT;
2644 dev->twt.table_mask |= BIT(table_id);
2645 msta->twt.flowid_mask |= BIT(flowid);
2646 dev->twt.n_agrt++;
2647
2648 unlock:
2649 mutex_unlock(&dev->mt76.mutex);
2650 out:
2651 twt_agrt->req_type &= ~cpu_to_le16(IEEE80211_TWT_REQTYPE_SETUP_CMD);
2652 twt_agrt->req_type |=
2653 le16_encode_bits(setup_cmd, IEEE80211_TWT_REQTYPE_SETUP_CMD);
2654 twt->control = twt->control & IEEE80211_TWT_CONTROL_RX_DISABLED;
2655 }
2656
mt7996_mac_twt_teardown_flow(struct mt7996_dev * dev,struct mt7996_sta * msta,u8 flowid)2657 void mt7996_mac_twt_teardown_flow(struct mt7996_dev *dev,
2658 struct mt7996_sta *msta,
2659 u8 flowid)
2660 {
2661 struct mt7996_twt_flow *flow;
2662
2663 lockdep_assert_held(&dev->mt76.mutex);
2664
2665 if (flowid >= ARRAY_SIZE(msta->twt.flow))
2666 return;
2667
2668 if (!(msta->twt.flowid_mask & BIT(flowid)))
2669 return;
2670
2671 flow = &msta->twt.flow[flowid];
2672 if (mt7996_mcu_twt_agrt_update(dev, msta->vif, flow,
2673 MCU_TWT_AGRT_DELETE))
2674 return;
2675
2676 list_del_init(&flow->list);
2677 msta->twt.flowid_mask &= ~BIT(flowid);
2678 dev->twt.table_mask &= ~BIT(flow->table_id);
2679 dev->twt.n_agrt--;
2680 }
2681