xref: /freebsd/sys/contrib/dev/mediatek/mt76/mac80211.c (revision e64fe029e9d3ce476e77a478318e0c3cd201ff08)
1 // SPDX-License-Identifier: ISC
2 /*
3  * Copyright (C) 2016 Felix Fietkau <nbd@nbd.name>
4  */
5 #include <linux/sched.h>
6 #if defined(CONFIG_OF)
7 #include <linux/of.h>
8 #endif
9 #if defined(__FreeBSD__)
10 #include <linux/math64.h>
11 #endif
12 #include "mt76.h"
13 
14 #define CHAN2G(_idx, _freq) {			\
15 	.band = NL80211_BAND_2GHZ,		\
16 	.center_freq = (_freq),			\
17 	.hw_value = (_idx),			\
18 	.max_power = 30,			\
19 }
20 
21 #define CHAN5G(_idx, _freq) {			\
22 	.band = NL80211_BAND_5GHZ,		\
23 	.center_freq = (_freq),			\
24 	.hw_value = (_idx),			\
25 	.max_power = 30,			\
26 }
27 
28 #define CHAN6G(_idx, _freq) {			\
29 	.band = NL80211_BAND_6GHZ,		\
30 	.center_freq = (_freq),			\
31 	.hw_value = (_idx),			\
32 	.max_power = 30,			\
33 }
34 
35 static const struct ieee80211_channel mt76_channels_2ghz[] = {
36 	CHAN2G(1, 2412),
37 	CHAN2G(2, 2417),
38 	CHAN2G(3, 2422),
39 	CHAN2G(4, 2427),
40 	CHAN2G(5, 2432),
41 	CHAN2G(6, 2437),
42 	CHAN2G(7, 2442),
43 	CHAN2G(8, 2447),
44 	CHAN2G(9, 2452),
45 	CHAN2G(10, 2457),
46 	CHAN2G(11, 2462),
47 	CHAN2G(12, 2467),
48 	CHAN2G(13, 2472),
49 	CHAN2G(14, 2484),
50 };
51 
52 static const struct ieee80211_channel mt76_channels_5ghz[] = {
53 	CHAN5G(36, 5180),
54 	CHAN5G(40, 5200),
55 	CHAN5G(44, 5220),
56 	CHAN5G(48, 5240),
57 
58 	CHAN5G(52, 5260),
59 	CHAN5G(56, 5280),
60 	CHAN5G(60, 5300),
61 	CHAN5G(64, 5320),
62 
63 	CHAN5G(100, 5500),
64 	CHAN5G(104, 5520),
65 	CHAN5G(108, 5540),
66 	CHAN5G(112, 5560),
67 	CHAN5G(116, 5580),
68 	CHAN5G(120, 5600),
69 	CHAN5G(124, 5620),
70 	CHAN5G(128, 5640),
71 	CHAN5G(132, 5660),
72 	CHAN5G(136, 5680),
73 	CHAN5G(140, 5700),
74 	CHAN5G(144, 5720),
75 
76 	CHAN5G(149, 5745),
77 	CHAN5G(153, 5765),
78 	CHAN5G(157, 5785),
79 	CHAN5G(161, 5805),
80 	CHAN5G(165, 5825),
81 	CHAN5G(169, 5845),
82 	CHAN5G(173, 5865),
83 };
84 
85 static const struct ieee80211_channel mt76_channels_6ghz[] = {
86 	/* UNII-5 */
87 	CHAN6G(1, 5955),
88 	CHAN6G(5, 5975),
89 	CHAN6G(9, 5995),
90 	CHAN6G(13, 6015),
91 	CHAN6G(17, 6035),
92 	CHAN6G(21, 6055),
93 	CHAN6G(25, 6075),
94 	CHAN6G(29, 6095),
95 	CHAN6G(33, 6115),
96 	CHAN6G(37, 6135),
97 	CHAN6G(41, 6155),
98 	CHAN6G(45, 6175),
99 	CHAN6G(49, 6195),
100 	CHAN6G(53, 6215),
101 	CHAN6G(57, 6235),
102 	CHAN6G(61, 6255),
103 	CHAN6G(65, 6275),
104 	CHAN6G(69, 6295),
105 	CHAN6G(73, 6315),
106 	CHAN6G(77, 6335),
107 	CHAN6G(81, 6355),
108 	CHAN6G(85, 6375),
109 	CHAN6G(89, 6395),
110 	CHAN6G(93, 6415),
111 	/* UNII-6 */
112 	CHAN6G(97, 6435),
113 	CHAN6G(101, 6455),
114 	CHAN6G(105, 6475),
115 	CHAN6G(109, 6495),
116 	CHAN6G(113, 6515),
117 	CHAN6G(117, 6535),
118 	/* UNII-7 */
119 	CHAN6G(121, 6555),
120 	CHAN6G(125, 6575),
121 	CHAN6G(129, 6595),
122 	CHAN6G(133, 6615),
123 	CHAN6G(137, 6635),
124 	CHAN6G(141, 6655),
125 	CHAN6G(145, 6675),
126 	CHAN6G(149, 6695),
127 	CHAN6G(153, 6715),
128 	CHAN6G(157, 6735),
129 	CHAN6G(161, 6755),
130 	CHAN6G(165, 6775),
131 	CHAN6G(169, 6795),
132 	CHAN6G(173, 6815),
133 	CHAN6G(177, 6835),
134 	CHAN6G(181, 6855),
135 	CHAN6G(185, 6875),
136 	/* UNII-8 */
137 	CHAN6G(189, 6895),
138 	CHAN6G(193, 6915),
139 	CHAN6G(197, 6935),
140 	CHAN6G(201, 6955),
141 	CHAN6G(205, 6975),
142 	CHAN6G(209, 6995),
143 	CHAN6G(213, 7015),
144 	CHAN6G(217, 7035),
145 	CHAN6G(221, 7055),
146 	CHAN6G(225, 7075),
147 	CHAN6G(229, 7095),
148 	CHAN6G(233, 7115),
149 };
150 
151 #if defined(CONFIG_MT76_LEDS)
152 static const struct ieee80211_tpt_blink mt76_tpt_blink[] = {
153 	{ .throughput =   0 * 1024, .blink_time = 334 },
154 	{ .throughput =   1 * 1024, .blink_time = 260 },
155 	{ .throughput =   5 * 1024, .blink_time = 220 },
156 	{ .throughput =  10 * 1024, .blink_time = 190 },
157 	{ .throughput =  20 * 1024, .blink_time = 170 },
158 	{ .throughput =  50 * 1024, .blink_time = 150 },
159 	{ .throughput =  70 * 1024, .blink_time = 130 },
160 	{ .throughput = 100 * 1024, .blink_time = 110 },
161 	{ .throughput = 200 * 1024, .blink_time =  80 },
162 	{ .throughput = 300 * 1024, .blink_time =  50 },
163 };
164 #endif
165 
166 struct ieee80211_rate mt76_rates[] = {
167 	CCK_RATE(0, 10),
168 	CCK_RATE(1, 20),
169 	CCK_RATE(2, 55),
170 	CCK_RATE(3, 110),
171 	OFDM_RATE(11, 60),
172 	OFDM_RATE(15, 90),
173 	OFDM_RATE(10, 120),
174 	OFDM_RATE(14, 180),
175 	OFDM_RATE(9,  240),
176 	OFDM_RATE(13, 360),
177 	OFDM_RATE(8,  480),
178 	OFDM_RATE(12, 540),
179 };
180 EXPORT_SYMBOL_GPL(mt76_rates);
181 
182 static const struct cfg80211_sar_freq_ranges mt76_sar_freq_ranges[] = {
183 	{ .start_freq = 2402, .end_freq = 2494, },
184 	{ .start_freq = 5150, .end_freq = 5350, },
185 	{ .start_freq = 5350, .end_freq = 5470, },
186 	{ .start_freq = 5470, .end_freq = 5725, },
187 	{ .start_freq = 5725, .end_freq = 5950, },
188 	{ .start_freq = 5945, .end_freq = 6165, },
189 	{ .start_freq = 6165, .end_freq = 6405, },
190 	{ .start_freq = 6405, .end_freq = 6525, },
191 	{ .start_freq = 6525, .end_freq = 6705, },
192 	{ .start_freq = 6705, .end_freq = 6865, },
193 	{ .start_freq = 6865, .end_freq = 7125, },
194 };
195 
196 static const struct cfg80211_sar_capa mt76_sar_capa = {
197 	.type = NL80211_SAR_TYPE_POWER,
198 	.num_freq_ranges = ARRAY_SIZE(mt76_sar_freq_ranges),
199 	.freq_ranges = &mt76_sar_freq_ranges[0],
200 };
201 
202 #if defined(CONFIG_MT76_LEDS)
203 static int mt76_led_init(struct mt76_dev *dev)
204 {
205 #if defined(CONFIG_OF)
206 	struct device_node *np = dev->dev->of_node;
207 #endif
208 	struct ieee80211_hw *hw = dev->hw;
209 #if defined(CONFIG_OF)
210 	int led_pin;
211 #endif
212 
213 	if (!dev->led_cdev.brightness_set && !dev->led_cdev.blink_set)
214 		return 0;
215 
216 	snprintf(dev->led_name, sizeof(dev->led_name),
217 		 "mt76-%s", wiphy_name(hw->wiphy));
218 
219 	dev->led_cdev.name = dev->led_name;
220 	dev->led_cdev.default_trigger =
221 		ieee80211_create_tpt_led_trigger(hw,
222 					IEEE80211_TPT_LEDTRIG_FL_RADIO,
223 					mt76_tpt_blink,
224 					ARRAY_SIZE(mt76_tpt_blink));
225 
226 #if defined(CONFIG_OF)
227 	np = of_get_child_by_name(np, "led");
228 	if (np) {
229 		if (!of_property_read_u32(np, "led-sources", &led_pin))
230 			dev->led_pin = led_pin;
231 		dev->led_al = of_property_read_bool(np, "led-active-low");
232 		of_node_put(np);
233 	}
234 #endif
235 
236 	return led_classdev_register(dev->dev, &dev->led_cdev);
237 }
238 
239 static void mt76_led_cleanup(struct mt76_dev *dev)
240 {
241 	if (!dev->led_cdev.brightness_set && !dev->led_cdev.blink_set)
242 		return;
243 
244 	led_classdev_unregister(&dev->led_cdev);
245 }
246 #endif
247 
248 static void mt76_init_stream_cap(struct mt76_phy *phy,
249 				 struct ieee80211_supported_band *sband,
250 				 bool vht)
251 {
252 	struct ieee80211_sta_ht_cap *ht_cap = &sband->ht_cap;
253 	int i, nstream = hweight8(phy->antenna_mask);
254 	struct ieee80211_sta_vht_cap *vht_cap;
255 	u16 mcs_map = 0;
256 
257 	if (nstream > 1)
258 		ht_cap->cap |= IEEE80211_HT_CAP_TX_STBC;
259 	else
260 		ht_cap->cap &= ~IEEE80211_HT_CAP_TX_STBC;
261 
262 	for (i = 0; i < IEEE80211_HT_MCS_MASK_LEN; i++)
263 		ht_cap->mcs.rx_mask[i] = i < nstream ? 0xff : 0;
264 
265 	if (!vht)
266 		return;
267 
268 	vht_cap = &sband->vht_cap;
269 	if (nstream > 1)
270 		vht_cap->cap |= IEEE80211_VHT_CAP_TXSTBC;
271 	else
272 		vht_cap->cap &= ~IEEE80211_VHT_CAP_TXSTBC;
273 	vht_cap->cap |= IEEE80211_VHT_CAP_TX_ANTENNA_PATTERN |
274 			IEEE80211_VHT_CAP_RX_ANTENNA_PATTERN;
275 
276 	for (i = 0; i < 8; i++) {
277 		if (i < nstream)
278 			mcs_map |= (IEEE80211_VHT_MCS_SUPPORT_0_9 << (i * 2));
279 		else
280 			mcs_map |=
281 				(IEEE80211_VHT_MCS_NOT_SUPPORTED << (i * 2));
282 	}
283 	vht_cap->vht_mcs.rx_mcs_map = cpu_to_le16(mcs_map);
284 	vht_cap->vht_mcs.tx_mcs_map = cpu_to_le16(mcs_map);
285 	if (ieee80211_hw_check(phy->hw, SUPPORTS_VHT_EXT_NSS_BW))
286 		vht_cap->vht_mcs.tx_highest |=
287 				cpu_to_le16(IEEE80211_VHT_EXT_NSS_BW_CAPABLE);
288 }
289 
290 void mt76_set_stream_caps(struct mt76_phy *phy, bool vht)
291 {
292 	if (phy->cap.has_2ghz)
293 		mt76_init_stream_cap(phy, &phy->sband_2g.sband, false);
294 	if (phy->cap.has_5ghz)
295 		mt76_init_stream_cap(phy, &phy->sband_5g.sband, vht);
296 	if (phy->cap.has_6ghz)
297 		mt76_init_stream_cap(phy, &phy->sband_6g.sband, vht);
298 }
299 EXPORT_SYMBOL_GPL(mt76_set_stream_caps);
300 
301 static int
302 mt76_init_sband(struct mt76_phy *phy, struct mt76_sband *msband,
303 		const struct ieee80211_channel *chan, int n_chan,
304 		struct ieee80211_rate *rates, int n_rates,
305 		bool ht, bool vht)
306 {
307 	struct ieee80211_supported_band *sband = &msband->sband;
308 	struct ieee80211_sta_vht_cap *vht_cap;
309 	struct ieee80211_sta_ht_cap *ht_cap;
310 	struct mt76_dev *dev = phy->dev;
311 	void *chanlist;
312 	int size;
313 
314 	size = n_chan * sizeof(*chan);
315 	chanlist = devm_kmemdup(dev->dev, chan, size, GFP_KERNEL);
316 	if (!chanlist)
317 		return -ENOMEM;
318 
319 	msband->chan = devm_kcalloc(dev->dev, n_chan, sizeof(*msband->chan),
320 				    GFP_KERNEL);
321 	if (!msband->chan)
322 		return -ENOMEM;
323 
324 	sband->channels = chanlist;
325 	sband->n_channels = n_chan;
326 	sband->bitrates = rates;
327 	sband->n_bitrates = n_rates;
328 
329 	if (!ht)
330 		return 0;
331 
332 	ht_cap = &sband->ht_cap;
333 	ht_cap->ht_supported = true;
334 	ht_cap->cap |= IEEE80211_HT_CAP_SUP_WIDTH_20_40 |
335 		       IEEE80211_HT_CAP_GRN_FLD |
336 		       IEEE80211_HT_CAP_SGI_20 |
337 		       IEEE80211_HT_CAP_SGI_40 |
338 		       (1 << IEEE80211_HT_CAP_RX_STBC_SHIFT);
339 
340 	ht_cap->mcs.tx_params = IEEE80211_HT_MCS_TX_DEFINED;
341 	ht_cap->ampdu_factor = IEEE80211_HT_MAX_AMPDU_64K;
342 
343 	mt76_init_stream_cap(phy, sband, vht);
344 
345 	if (!vht)
346 		return 0;
347 
348 	vht_cap = &sband->vht_cap;
349 	vht_cap->vht_supported = true;
350 	vht_cap->cap |= IEEE80211_VHT_CAP_RXLDPC |
351 			IEEE80211_VHT_CAP_RXSTBC_1 |
352 			IEEE80211_VHT_CAP_SHORT_GI_80 |
353 			(3 << IEEE80211_VHT_CAP_MAX_A_MPDU_LENGTH_EXPONENT_SHIFT);
354 
355 	return 0;
356 }
357 
358 static int
359 mt76_init_sband_2g(struct mt76_phy *phy, struct ieee80211_rate *rates,
360 		   int n_rates)
361 {
362 	phy->hw->wiphy->bands[NL80211_BAND_2GHZ] = &phy->sband_2g.sband;
363 
364 	return mt76_init_sband(phy, &phy->sband_2g, mt76_channels_2ghz,
365 			       ARRAY_SIZE(mt76_channels_2ghz), rates,
366 			       n_rates, true, false);
367 }
368 
369 static int
370 mt76_init_sband_5g(struct mt76_phy *phy, struct ieee80211_rate *rates,
371 		   int n_rates, bool vht)
372 {
373 	phy->hw->wiphy->bands[NL80211_BAND_5GHZ] = &phy->sband_5g.sband;
374 
375 	return mt76_init_sband(phy, &phy->sband_5g, mt76_channels_5ghz,
376 			       ARRAY_SIZE(mt76_channels_5ghz), rates,
377 			       n_rates, true, vht);
378 }
379 
380 static int
381 mt76_init_sband_6g(struct mt76_phy *phy, struct ieee80211_rate *rates,
382 		   int n_rates)
383 {
384 	phy->hw->wiphy->bands[NL80211_BAND_6GHZ] = &phy->sband_6g.sband;
385 
386 	return mt76_init_sband(phy, &phy->sband_6g, mt76_channels_6ghz,
387 			       ARRAY_SIZE(mt76_channels_6ghz), rates,
388 			       n_rates, false, false);
389 }
390 
391 static void
392 mt76_check_sband(struct mt76_phy *phy, struct mt76_sband *msband,
393 		 enum nl80211_band band)
394 {
395 	struct ieee80211_supported_band *sband = &msband->sband;
396 	bool found = false;
397 	int i;
398 
399 	if (!sband)
400 		return;
401 
402 	for (i = 0; i < sband->n_channels; i++) {
403 		if (sband->channels[i].flags & IEEE80211_CHAN_DISABLED)
404 			continue;
405 
406 		found = true;
407 		break;
408 	}
409 
410 	if (found) {
411 		phy->chandef.chan = &sband->channels[0];
412 		phy->chan_state = &msband->chan[0];
413 		return;
414 	}
415 
416 	sband->n_channels = 0;
417 	phy->hw->wiphy->bands[band] = NULL;
418 }
419 
420 static int
421 mt76_phy_init(struct mt76_phy *phy, struct ieee80211_hw *hw)
422 {
423 	struct mt76_dev *dev = phy->dev;
424 	struct wiphy *wiphy = hw->wiphy;
425 
426 	SET_IEEE80211_DEV(hw, dev->dev);
427 	SET_IEEE80211_PERM_ADDR(hw, phy->macaddr);
428 
429 	wiphy->features |= NL80211_FEATURE_ACTIVE_MONITOR;
430 	wiphy->flags |= WIPHY_FLAG_HAS_CHANNEL_SWITCH |
431 			WIPHY_FLAG_SUPPORTS_TDLS |
432 			WIPHY_FLAG_AP_UAPSD;
433 
434 	wiphy_ext_feature_set(wiphy, NL80211_EXT_FEATURE_CQM_RSSI_LIST);
435 	wiphy_ext_feature_set(wiphy, NL80211_EXT_FEATURE_AIRTIME_FAIRNESS);
436 	wiphy_ext_feature_set(wiphy, NL80211_EXT_FEATURE_AQL);
437 
438 	wiphy->available_antennas_tx = phy->antenna_mask;
439 	wiphy->available_antennas_rx = phy->antenna_mask;
440 
441 	wiphy->sar_capa = &mt76_sar_capa;
442 	phy->frp = devm_kcalloc(dev->dev, wiphy->sar_capa->num_freq_ranges,
443 				sizeof(struct mt76_freq_range_power),
444 				GFP_KERNEL);
445 	if (!phy->frp)
446 		return -ENOMEM;
447 
448 	hw->txq_data_size = sizeof(struct mt76_txq);
449 	hw->uapsd_max_sp_len = IEEE80211_WMM_IE_STA_QOSINFO_SP_ALL;
450 
451 	if (!hw->max_tx_fragments)
452 		hw->max_tx_fragments = 16;
453 
454 	ieee80211_hw_set(hw, SIGNAL_DBM);
455 	ieee80211_hw_set(hw, AMPDU_AGGREGATION);
456 	ieee80211_hw_set(hw, SUPPORTS_RC_TABLE);
457 	ieee80211_hw_set(hw, SUPPORT_FAST_XMIT);
458 	ieee80211_hw_set(hw, SUPPORTS_CLONED_SKBS);
459 	ieee80211_hw_set(hw, SUPPORTS_AMSDU_IN_AMPDU);
460 	ieee80211_hw_set(hw, SUPPORTS_REORDERING_BUFFER);
461 	ieee80211_hw_set(hw, TX_AMSDU);
462 	ieee80211_hw_set(hw, TX_FRAG_LIST);
463 	ieee80211_hw_set(hw, MFP_CAPABLE);
464 	ieee80211_hw_set(hw, AP_LINK_PS);
465 	ieee80211_hw_set(hw, REPORTS_TX_ACK_STATUS);
466 
467 	return 0;
468 }
469 
470 struct mt76_phy *
471 mt76_alloc_phy(struct mt76_dev *dev, unsigned int size,
472 	       const struct ieee80211_ops *ops, u8 band_idx)
473 {
474 	struct ieee80211_hw *hw;
475 	unsigned int phy_size;
476 	struct mt76_phy *phy;
477 
478 	phy_size = ALIGN(sizeof(*phy), 8);
479 	hw = ieee80211_alloc_hw(size + phy_size, ops);
480 	if (!hw)
481 		return NULL;
482 
483 	phy = hw->priv;
484 	phy->dev = dev;
485 	phy->hw = hw;
486 #if defined(__linux__)
487 	phy->priv = hw->priv + phy_size;
488 #elif defined(__FreeBSD__)
489 	phy->priv = (u8 *)hw->priv + phy_size;
490 #endif
491 	phy->band_idx = band_idx;
492 
493 	hw->wiphy->flags |= WIPHY_FLAG_IBSS_RSN;
494 	hw->wiphy->interface_modes =
495 		BIT(NL80211_IFTYPE_STATION) |
496 		BIT(NL80211_IFTYPE_AP) |
497 #ifdef CONFIG_MAC80211_MESH
498 		BIT(NL80211_IFTYPE_MESH_POINT) |
499 #endif
500 		BIT(NL80211_IFTYPE_P2P_CLIENT) |
501 		BIT(NL80211_IFTYPE_P2P_GO) |
502 		BIT(NL80211_IFTYPE_ADHOC);
503 
504 	return phy;
505 }
506 EXPORT_SYMBOL_GPL(mt76_alloc_phy);
507 
508 int mt76_register_phy(struct mt76_phy *phy, bool vht,
509 		      struct ieee80211_rate *rates, int n_rates)
510 {
511 	int ret;
512 
513 	ret = mt76_phy_init(phy, phy->hw);
514 	if (ret)
515 		return ret;
516 
517 	if (phy->cap.has_2ghz) {
518 		ret = mt76_init_sband_2g(phy, rates, n_rates);
519 		if (ret)
520 			return ret;
521 	}
522 
523 	if (phy->cap.has_5ghz) {
524 		ret = mt76_init_sband_5g(phy, rates + 4, n_rates - 4, vht);
525 		if (ret)
526 			return ret;
527 	}
528 
529 	if (phy->cap.has_6ghz) {
530 		ret = mt76_init_sband_6g(phy, rates + 4, n_rates - 4);
531 		if (ret)
532 			return ret;
533 	}
534 
535 	wiphy_read_of_freq_limits(phy->hw->wiphy);
536 	mt76_check_sband(phy, &phy->sband_2g, NL80211_BAND_2GHZ);
537 	mt76_check_sband(phy, &phy->sband_5g, NL80211_BAND_5GHZ);
538 	mt76_check_sband(phy, &phy->sband_6g, NL80211_BAND_6GHZ);
539 
540 	ret = ieee80211_register_hw(phy->hw);
541 	if (ret)
542 		return ret;
543 
544 	phy->dev->phys[phy->band_idx] = phy;
545 
546 	return 0;
547 }
548 EXPORT_SYMBOL_GPL(mt76_register_phy);
549 
550 void mt76_unregister_phy(struct mt76_phy *phy)
551 {
552 	struct mt76_dev *dev = phy->dev;
553 
554 	mt76_tx_status_check(dev, true);
555 	ieee80211_unregister_hw(phy->hw);
556 	dev->phys[phy->band_idx] = NULL;
557 }
558 EXPORT_SYMBOL_GPL(mt76_unregister_phy);
559 
560 struct mt76_dev *
561 mt76_alloc_device(struct device *pdev, unsigned int size,
562 		  const struct ieee80211_ops *ops,
563 		  const struct mt76_driver_ops *drv_ops)
564 {
565 	struct ieee80211_hw *hw;
566 	struct mt76_phy *phy;
567 	struct mt76_dev *dev;
568 	int i;
569 
570 	hw = ieee80211_alloc_hw(size, ops);
571 	if (!hw)
572 		return NULL;
573 
574 	dev = hw->priv;
575 	dev->hw = hw;
576 	dev->dev = pdev;
577 	dev->drv = drv_ops;
578 	dev->dma_dev = pdev;
579 
580 	phy = &dev->phy;
581 	phy->dev = dev;
582 	phy->hw = hw;
583 	phy->band_idx = MT_BAND0;
584 	dev->phys[phy->band_idx] = phy;
585 
586 	spin_lock_init(&dev->rx_lock);
587 	spin_lock_init(&dev->lock);
588 	spin_lock_init(&dev->cc_lock);
589 	spin_lock_init(&dev->status_lock);
590 	mutex_init(&dev->mutex);
591 	init_waitqueue_head(&dev->tx_wait);
592 
593 	skb_queue_head_init(&dev->mcu.res_q);
594 	init_waitqueue_head(&dev->mcu.wait);
595 	mutex_init(&dev->mcu.mutex);
596 	dev->tx_worker.fn = mt76_tx_worker;
597 
598 	hw->wiphy->flags |= WIPHY_FLAG_IBSS_RSN;
599 	hw->wiphy->interface_modes =
600 		BIT(NL80211_IFTYPE_STATION) |
601 		BIT(NL80211_IFTYPE_AP) |
602 #ifdef CONFIG_MAC80211_MESH
603 		BIT(NL80211_IFTYPE_MESH_POINT) |
604 #endif
605 		BIT(NL80211_IFTYPE_P2P_CLIENT) |
606 		BIT(NL80211_IFTYPE_P2P_GO) |
607 		BIT(NL80211_IFTYPE_ADHOC);
608 
609 	spin_lock_init(&dev->token_lock);
610 	idr_init(&dev->token);
611 
612 	INIT_LIST_HEAD(&dev->wcid_list);
613 
614 	INIT_LIST_HEAD(&dev->txwi_cache);
615 	dev->token_size = dev->drv->token_size;
616 
617 	for (i = 0; i < ARRAY_SIZE(dev->q_rx); i++)
618 		skb_queue_head_init(&dev->rx_skb[i]);
619 
620 	dev->wq = alloc_ordered_workqueue("mt76", 0);
621 	if (!dev->wq) {
622 		ieee80211_free_hw(hw);
623 		return NULL;
624 	}
625 
626 	return dev;
627 }
628 EXPORT_SYMBOL_GPL(mt76_alloc_device);
629 
630 int mt76_register_device(struct mt76_dev *dev, bool vht,
631 			 struct ieee80211_rate *rates, int n_rates)
632 {
633 	struct ieee80211_hw *hw = dev->hw;
634 	struct mt76_phy *phy = &dev->phy;
635 	int ret;
636 
637 	dev_set_drvdata(dev->dev, dev);
638 	ret = mt76_phy_init(phy, hw);
639 	if (ret)
640 		return ret;
641 
642 	if (phy->cap.has_2ghz) {
643 		ret = mt76_init_sband_2g(phy, rates, n_rates);
644 		if (ret)
645 			return ret;
646 	}
647 
648 	if (phy->cap.has_5ghz) {
649 		ret = mt76_init_sband_5g(phy, rates + 4, n_rates - 4, vht);
650 		if (ret)
651 			return ret;
652 	}
653 
654 	if (phy->cap.has_6ghz) {
655 		ret = mt76_init_sband_6g(phy, rates + 4, n_rates - 4);
656 		if (ret)
657 			return ret;
658 	}
659 
660 	wiphy_read_of_freq_limits(hw->wiphy);
661 	mt76_check_sband(&dev->phy, &phy->sband_2g, NL80211_BAND_2GHZ);
662 	mt76_check_sband(&dev->phy, &phy->sband_5g, NL80211_BAND_5GHZ);
663 	mt76_check_sband(&dev->phy, &phy->sband_6g, NL80211_BAND_6GHZ);
664 
665 #if defined(CONFIG_MT76_LEDS)
666 	if (IS_ENABLED(CONFIG_MT76_LEDS)) {
667 		ret = mt76_led_init(dev);
668 		if (ret)
669 			return ret;
670 	}
671 #endif
672 
673 	ret = ieee80211_register_hw(hw);
674 	if (ret)
675 		return ret;
676 
677 	WARN_ON(mt76_worker_setup(hw, &dev->tx_worker, NULL, "tx"));
678 	sched_set_fifo_low(dev->tx_worker.task);
679 
680 	return 0;
681 }
682 EXPORT_SYMBOL_GPL(mt76_register_device);
683 
684 void mt76_unregister_device(struct mt76_dev *dev)
685 {
686 	struct ieee80211_hw *hw = dev->hw;
687 
688 #if defined(CONFIG_MT76_LEDS)
689 	if (IS_ENABLED(CONFIG_MT76_LEDS))
690 		mt76_led_cleanup(dev);
691 #endif
692 	mt76_tx_status_check(dev, true);
693 	ieee80211_unregister_hw(hw);
694 }
695 EXPORT_SYMBOL_GPL(mt76_unregister_device);
696 
697 void mt76_free_device(struct mt76_dev *dev)
698 {
699 	mt76_worker_teardown(&dev->tx_worker);
700 	if (dev->wq) {
701 		destroy_workqueue(dev->wq);
702 		dev->wq = NULL;
703 	}
704 	ieee80211_free_hw(dev->hw);
705 }
706 EXPORT_SYMBOL_GPL(mt76_free_device);
707 
708 static void mt76_rx_release_amsdu(struct mt76_phy *phy, enum mt76_rxq_id q)
709 {
710 	struct sk_buff *skb = phy->rx_amsdu[q].head;
711 	struct mt76_rx_status *status = (struct mt76_rx_status *)skb->cb;
712 	struct mt76_dev *dev = phy->dev;
713 
714 	phy->rx_amsdu[q].head = NULL;
715 	phy->rx_amsdu[q].tail = NULL;
716 
717 	/*
718 	 * Validate if the amsdu has a proper first subframe.
719 	 * A single MSDU can be parsed as A-MSDU when the unauthenticated A-MSDU
720 	 * flag of the QoS header gets flipped. In such cases, the first
721 	 * subframe has a LLC/SNAP header in the location of the destination
722 	 * address.
723 	 */
724 	if (skb_shinfo(skb)->frag_list) {
725 		int offset = 0;
726 
727 		if (!(status->flag & RX_FLAG_8023)) {
728 			offset = ieee80211_get_hdrlen_from_skb(skb);
729 
730 			if ((status->flag &
731 			     (RX_FLAG_DECRYPTED | RX_FLAG_IV_STRIPPED)) ==
732 			    RX_FLAG_DECRYPTED)
733 				offset += 8;
734 		}
735 
736 		if (ether_addr_equal(skb->data + offset, rfc1042_header)) {
737 			dev_kfree_skb(skb);
738 			return;
739 		}
740 	}
741 	__skb_queue_tail(&dev->rx_skb[q], skb);
742 }
743 
744 static void mt76_rx_release_burst(struct mt76_phy *phy, enum mt76_rxq_id q,
745 				  struct sk_buff *skb)
746 {
747 	struct mt76_rx_status *status = (struct mt76_rx_status *)skb->cb;
748 
749 	if (phy->rx_amsdu[q].head &&
750 	    (!status->amsdu || status->first_amsdu ||
751 	     status->seqno != phy->rx_amsdu[q].seqno))
752 		mt76_rx_release_amsdu(phy, q);
753 
754 	if (!phy->rx_amsdu[q].head) {
755 		phy->rx_amsdu[q].tail = &skb_shinfo(skb)->frag_list;
756 		phy->rx_amsdu[q].seqno = status->seqno;
757 		phy->rx_amsdu[q].head = skb;
758 	} else {
759 		*phy->rx_amsdu[q].tail = skb;
760 		phy->rx_amsdu[q].tail = &skb->next;
761 	}
762 
763 	if (!status->amsdu || status->last_amsdu)
764 		mt76_rx_release_amsdu(phy, q);
765 }
766 
767 void mt76_rx(struct mt76_dev *dev, enum mt76_rxq_id q, struct sk_buff *skb)
768 {
769 	struct mt76_rx_status *status = (struct mt76_rx_status *)skb->cb;
770 	struct mt76_phy *phy = mt76_dev_phy(dev, status->phy_idx);
771 
772 	if (!test_bit(MT76_STATE_RUNNING, &phy->state)) {
773 		dev_kfree_skb(skb);
774 		return;
775 	}
776 
777 #ifdef CONFIG_NL80211_TESTMODE
778 	if (phy->test.state == MT76_TM_STATE_RX_FRAMES) {
779 		phy->test.rx_stats.packets[q]++;
780 		if (status->flag & RX_FLAG_FAILED_FCS_CRC)
781 			phy->test.rx_stats.fcs_error[q]++;
782 	}
783 #endif
784 
785 	mt76_rx_release_burst(phy, q, skb);
786 }
787 EXPORT_SYMBOL_GPL(mt76_rx);
788 
789 bool mt76_has_tx_pending(struct mt76_phy *phy)
790 {
791 	struct mt76_queue *q;
792 	int i;
793 
794 	for (i = 0; i < __MT_TXQ_MAX; i++) {
795 		q = phy->q_tx[i];
796 		if (q && q->queued)
797 			return true;
798 	}
799 
800 	return false;
801 }
802 EXPORT_SYMBOL_GPL(mt76_has_tx_pending);
803 
804 static struct mt76_channel_state *
805 mt76_channel_state(struct mt76_phy *phy, struct ieee80211_channel *c)
806 {
807 	struct mt76_sband *msband;
808 	int idx;
809 
810 	if (c->band == NL80211_BAND_2GHZ)
811 		msband = &phy->sband_2g;
812 	else if (c->band == NL80211_BAND_6GHZ)
813 		msband = &phy->sband_6g;
814 	else
815 		msband = &phy->sband_5g;
816 
817 	idx = c - &msband->sband.channels[0];
818 	return &msband->chan[idx];
819 }
820 
821 void mt76_update_survey_active_time(struct mt76_phy *phy, ktime_t time)
822 {
823 	struct mt76_channel_state *state = phy->chan_state;
824 
825 	state->cc_active += ktime_to_us(ktime_sub(time,
826 						  phy->survey_time));
827 	phy->survey_time = time;
828 }
829 EXPORT_SYMBOL_GPL(mt76_update_survey_active_time);
830 
831 void mt76_update_survey(struct mt76_phy *phy)
832 {
833 	struct mt76_dev *dev = phy->dev;
834 	ktime_t cur_time;
835 
836 	if (dev->drv->update_survey)
837 		dev->drv->update_survey(phy);
838 
839 	cur_time = ktime_get_boottime();
840 	mt76_update_survey_active_time(phy, cur_time);
841 
842 	if (dev->drv->drv_flags & MT_DRV_SW_RX_AIRTIME) {
843 		struct mt76_channel_state *state = phy->chan_state;
844 
845 		spin_lock_bh(&dev->cc_lock);
846 		state->cc_bss_rx += dev->cur_cc_bss_rx;
847 		dev->cur_cc_bss_rx = 0;
848 		spin_unlock_bh(&dev->cc_lock);
849 	}
850 }
851 EXPORT_SYMBOL_GPL(mt76_update_survey);
852 
853 void mt76_set_channel(struct mt76_phy *phy)
854 {
855 	struct mt76_dev *dev = phy->dev;
856 	struct ieee80211_hw *hw = phy->hw;
857 	struct cfg80211_chan_def *chandef = &hw->conf.chandef;
858 	bool offchannel = hw->conf.flags & IEEE80211_CONF_OFFCHANNEL;
859 	int timeout = HZ / 5;
860 
861 	wait_event_timeout(dev->tx_wait, !mt76_has_tx_pending(phy), timeout);
862 	mt76_update_survey(phy);
863 
864 	if (phy->chandef.chan->center_freq != chandef->chan->center_freq ||
865 	    phy->chandef.width != chandef->width)
866 		phy->dfs_state = MT_DFS_STATE_UNKNOWN;
867 
868 	phy->chandef = *chandef;
869 	phy->chan_state = mt76_channel_state(phy, chandef->chan);
870 
871 	if (!offchannel)
872 		phy->main_chan = chandef->chan;
873 
874 	if (chandef->chan != phy->main_chan)
875 		memset(phy->chan_state, 0, sizeof(*phy->chan_state));
876 }
877 EXPORT_SYMBOL_GPL(mt76_set_channel);
878 
879 int mt76_get_survey(struct ieee80211_hw *hw, int idx,
880 		    struct survey_info *survey)
881 {
882 	struct mt76_phy *phy = hw->priv;
883 	struct mt76_dev *dev = phy->dev;
884 	struct mt76_sband *sband;
885 	struct ieee80211_channel *chan;
886 	struct mt76_channel_state *state;
887 	int ret = 0;
888 
889 	mutex_lock(&dev->mutex);
890 	if (idx == 0 && dev->drv->update_survey)
891 		mt76_update_survey(phy);
892 
893 	if (idx >= phy->sband_2g.sband.n_channels +
894 		   phy->sband_5g.sband.n_channels) {
895 		idx -= (phy->sband_2g.sband.n_channels +
896 			phy->sband_5g.sband.n_channels);
897 		sband = &phy->sband_6g;
898 	} else if (idx >= phy->sband_2g.sband.n_channels) {
899 		idx -= phy->sband_2g.sband.n_channels;
900 		sband = &phy->sband_5g;
901 	} else {
902 		sband = &phy->sband_2g;
903 	}
904 
905 	if (idx >= sband->sband.n_channels) {
906 		ret = -ENOENT;
907 		goto out;
908 	}
909 
910 	chan = &sband->sband.channels[idx];
911 	state = mt76_channel_state(phy, chan);
912 
913 	memset(survey, 0, sizeof(*survey));
914 	survey->channel = chan;
915 	survey->filled = SURVEY_INFO_TIME | SURVEY_INFO_TIME_BUSY;
916 	survey->filled |= dev->drv->survey_flags;
917 	if (state->noise)
918 		survey->filled |= SURVEY_INFO_NOISE_DBM;
919 
920 	if (chan == phy->main_chan) {
921 		survey->filled |= SURVEY_INFO_IN_USE;
922 
923 		if (dev->drv->drv_flags & MT_DRV_SW_RX_AIRTIME)
924 			survey->filled |= SURVEY_INFO_TIME_BSS_RX;
925 	}
926 
927 	survey->time_busy = div_u64(state->cc_busy, 1000);
928 	survey->time_rx = div_u64(state->cc_rx, 1000);
929 	survey->time = div_u64(state->cc_active, 1000);
930 	survey->noise = state->noise;
931 
932 	spin_lock_bh(&dev->cc_lock);
933 	survey->time_bss_rx = div_u64(state->cc_bss_rx, 1000);
934 	survey->time_tx = div_u64(state->cc_tx, 1000);
935 	spin_unlock_bh(&dev->cc_lock);
936 
937 out:
938 	mutex_unlock(&dev->mutex);
939 
940 	return ret;
941 }
942 EXPORT_SYMBOL_GPL(mt76_get_survey);
943 
944 void mt76_wcid_key_setup(struct mt76_dev *dev, struct mt76_wcid *wcid,
945 			 struct ieee80211_key_conf *key)
946 {
947 	struct ieee80211_key_seq seq;
948 	int i;
949 
950 	wcid->rx_check_pn = false;
951 
952 	if (!key)
953 		return;
954 
955 	if (key->cipher != WLAN_CIPHER_SUITE_CCMP)
956 		return;
957 
958 	wcid->rx_check_pn = true;
959 
960 	/* data frame */
961 	for (i = 0; i < IEEE80211_NUM_TIDS; i++) {
962 		ieee80211_get_key_rx_seq(key, i, &seq);
963 		memcpy(wcid->rx_key_pn[i], seq.ccmp.pn, sizeof(seq.ccmp.pn));
964 	}
965 
966 	/* robust management frame */
967 	ieee80211_get_key_rx_seq(key, -1, &seq);
968 	memcpy(wcid->rx_key_pn[i], seq.ccmp.pn, sizeof(seq.ccmp.pn));
969 
970 }
971 EXPORT_SYMBOL(mt76_wcid_key_setup);
972 
973 static int
974 mt76_rx_signal(struct mt76_rx_status *status)
975 {
976 	s8 *chain_signal = status->chain_signal;
977 	int signal = -128;
978 	u8 chains;
979 
980 	for (chains = status->chains; chains; chains >>= 1, chain_signal++) {
981 		int cur, diff;
982 
983 		cur = *chain_signal;
984 		if (!(chains & BIT(0)) ||
985 		    cur > 0)
986 			continue;
987 
988 		if (cur > signal)
989 			swap(cur, signal);
990 
991 		diff = signal - cur;
992 		if (diff == 0)
993 			signal += 3;
994 		else if (diff <= 2)
995 			signal += 2;
996 		else if (diff <= 6)
997 			signal += 1;
998 	}
999 
1000 	return signal;
1001 }
1002 
1003 static void
1004 mt76_rx_convert(struct mt76_dev *dev, struct sk_buff *skb,
1005 		struct ieee80211_hw **hw,
1006 		struct ieee80211_sta **sta)
1007 {
1008 	struct ieee80211_rx_status *status = IEEE80211_SKB_RXCB(skb);
1009 	struct ieee80211_hdr *hdr = mt76_skb_get_hdr(skb);
1010 	struct mt76_rx_status mstat;
1011 
1012 	mstat = *((struct mt76_rx_status *)skb->cb);
1013 	memset(status, 0, sizeof(*status));
1014 
1015 	status->flag = mstat.flag;
1016 	status->freq = mstat.freq;
1017 	status->enc_flags = mstat.enc_flags;
1018 	status->encoding = mstat.encoding;
1019 	status->bw = mstat.bw;
1020 	status->he_ru = mstat.he_ru;
1021 	status->he_gi = mstat.he_gi;
1022 	status->he_dcm = mstat.he_dcm;
1023 	status->rate_idx = mstat.rate_idx;
1024 	status->nss = mstat.nss;
1025 	status->band = mstat.band;
1026 	status->signal = mstat.signal;
1027 	status->chains = mstat.chains;
1028 	status->ampdu_reference = mstat.ampdu_ref;
1029 	status->device_timestamp = mstat.timestamp;
1030 	status->mactime = mstat.timestamp;
1031 	status->signal = mt76_rx_signal(&mstat);
1032 	if (status->signal <= -128)
1033 		status->flag |= RX_FLAG_NO_SIGNAL_VAL;
1034 
1035 	if (ieee80211_is_beacon(hdr->frame_control) ||
1036 	    ieee80211_is_probe_resp(hdr->frame_control))
1037 		status->boottime_ns = ktime_get_boottime_ns();
1038 
1039 	BUILD_BUG_ON(sizeof(mstat) > sizeof(skb->cb));
1040 	BUILD_BUG_ON(sizeof(status->chain_signal) !=
1041 		     sizeof(mstat.chain_signal));
1042 	memcpy(status->chain_signal, mstat.chain_signal,
1043 	       sizeof(mstat.chain_signal));
1044 
1045 	*sta = wcid_to_sta(mstat.wcid);
1046 	*hw = mt76_phy_hw(dev, mstat.phy_idx);
1047 }
1048 
1049 static void
1050 mt76_check_ccmp_pn(struct sk_buff *skb)
1051 {
1052 	struct mt76_rx_status *status = (struct mt76_rx_status *)skb->cb;
1053 	struct mt76_wcid *wcid = status->wcid;
1054 	struct ieee80211_hdr *hdr;
1055 	int security_idx;
1056 	int ret;
1057 
1058 	if (!(status->flag & RX_FLAG_DECRYPTED))
1059 		return;
1060 
1061 	if (status->flag & RX_FLAG_ONLY_MONITOR)
1062 		return;
1063 
1064 	if (!wcid || !wcid->rx_check_pn)
1065 		return;
1066 
1067 	security_idx = status->qos_ctl & IEEE80211_QOS_CTL_TID_MASK;
1068 	if (status->flag & RX_FLAG_8023)
1069 		goto skip_hdr_check;
1070 
1071 	hdr = mt76_skb_get_hdr(skb);
1072 	if (!(status->flag & RX_FLAG_IV_STRIPPED)) {
1073 		/*
1074 		 * Validate the first fragment both here and in mac80211
1075 		 * All further fragments will be validated by mac80211 only.
1076 		 */
1077 		if (ieee80211_is_frag(hdr) &&
1078 		    !ieee80211_is_first_frag(hdr->frame_control))
1079 			return;
1080 	}
1081 
1082 	/* IEEE 802.11-2020, 12.5.3.4.4 "PN and replay detection" c):
1083 	 *
1084 	 * the recipient shall maintain a single replay counter for received
1085 	 * individually addressed robust Management frames that are received
1086 	 * with the To DS subfield equal to 0, [...]
1087 	 */
1088 	if (ieee80211_is_mgmt(hdr->frame_control) &&
1089 	    !ieee80211_has_tods(hdr->frame_control))
1090 		security_idx = IEEE80211_NUM_TIDS;
1091 
1092 skip_hdr_check:
1093 	BUILD_BUG_ON(sizeof(status->iv) != sizeof(wcid->rx_key_pn[0]));
1094 	ret = memcmp(status->iv, wcid->rx_key_pn[security_idx],
1095 		     sizeof(status->iv));
1096 	if (ret <= 0) {
1097 		status->flag |= RX_FLAG_ONLY_MONITOR;
1098 		return;
1099 	}
1100 
1101 	memcpy(wcid->rx_key_pn[security_idx], status->iv, sizeof(status->iv));
1102 
1103 	if (status->flag & RX_FLAG_IV_STRIPPED)
1104 		status->flag |= RX_FLAG_PN_VALIDATED;
1105 }
1106 
1107 static void
1108 mt76_airtime_report(struct mt76_dev *dev, struct mt76_rx_status *status,
1109 		    int len)
1110 {
1111 	struct mt76_wcid *wcid = status->wcid;
1112 	struct ieee80211_rx_status info = {
1113 		.enc_flags = status->enc_flags,
1114 		.rate_idx = status->rate_idx,
1115 		.encoding = status->encoding,
1116 		.band = status->band,
1117 		.nss = status->nss,
1118 		.bw = status->bw,
1119 	};
1120 	struct ieee80211_sta *sta;
1121 	u32 airtime;
1122 	u8 tidno = status->qos_ctl & IEEE80211_QOS_CTL_TID_MASK;
1123 
1124 	airtime = ieee80211_calc_rx_airtime(dev->hw, &info, len);
1125 	spin_lock(&dev->cc_lock);
1126 	dev->cur_cc_bss_rx += airtime;
1127 	spin_unlock(&dev->cc_lock);
1128 
1129 	if (!wcid || !wcid->sta)
1130 		return;
1131 
1132 	sta = container_of((void *)wcid, struct ieee80211_sta, drv_priv);
1133 	ieee80211_sta_register_airtime(sta, tidno, 0, airtime);
1134 }
1135 
1136 static void
1137 mt76_airtime_flush_ampdu(struct mt76_dev *dev)
1138 {
1139 	struct mt76_wcid *wcid;
1140 	int wcid_idx;
1141 
1142 	if (!dev->rx_ampdu_len)
1143 		return;
1144 
1145 	wcid_idx = dev->rx_ampdu_status.wcid_idx;
1146 	if (wcid_idx < ARRAY_SIZE(dev->wcid))
1147 		wcid = rcu_dereference(dev->wcid[wcid_idx]);
1148 	else
1149 		wcid = NULL;
1150 	dev->rx_ampdu_status.wcid = wcid;
1151 
1152 	mt76_airtime_report(dev, &dev->rx_ampdu_status, dev->rx_ampdu_len);
1153 
1154 	dev->rx_ampdu_len = 0;
1155 	dev->rx_ampdu_ref = 0;
1156 }
1157 
1158 static void
1159 mt76_airtime_check(struct mt76_dev *dev, struct sk_buff *skb)
1160 {
1161 	struct mt76_rx_status *status = (struct mt76_rx_status *)skb->cb;
1162 	struct mt76_wcid *wcid = status->wcid;
1163 
1164 	if (!(dev->drv->drv_flags & MT_DRV_SW_RX_AIRTIME))
1165 		return;
1166 
1167 	if (!wcid || !wcid->sta) {
1168 		struct ieee80211_hdr *hdr = mt76_skb_get_hdr(skb);
1169 
1170 		if (status->flag & RX_FLAG_8023)
1171 			return;
1172 
1173 		if (!ether_addr_equal(hdr->addr1, dev->phy.macaddr))
1174 			return;
1175 
1176 		wcid = NULL;
1177 	}
1178 
1179 	if (!(status->flag & RX_FLAG_AMPDU_DETAILS) ||
1180 	    status->ampdu_ref != dev->rx_ampdu_ref)
1181 		mt76_airtime_flush_ampdu(dev);
1182 
1183 	if (status->flag & RX_FLAG_AMPDU_DETAILS) {
1184 		if (!dev->rx_ampdu_len ||
1185 		    status->ampdu_ref != dev->rx_ampdu_ref) {
1186 			dev->rx_ampdu_status = *status;
1187 			dev->rx_ampdu_status.wcid_idx = wcid ? wcid->idx : 0xff;
1188 			dev->rx_ampdu_ref = status->ampdu_ref;
1189 		}
1190 
1191 		dev->rx_ampdu_len += skb->len;
1192 		return;
1193 	}
1194 
1195 	mt76_airtime_report(dev, status, skb->len);
1196 }
1197 
1198 static void
1199 mt76_check_sta(struct mt76_dev *dev, struct sk_buff *skb)
1200 {
1201 	struct mt76_rx_status *status = (struct mt76_rx_status *)skb->cb;
1202 	struct ieee80211_hdr *hdr = mt76_skb_get_hdr(skb);
1203 	struct ieee80211_sta *sta;
1204 	struct ieee80211_hw *hw;
1205 	struct mt76_wcid *wcid = status->wcid;
1206 	u8 tidno = status->qos_ctl & IEEE80211_QOS_CTL_TID_MASK;
1207 	bool ps;
1208 
1209 	hw = mt76_phy_hw(dev, status->phy_idx);
1210 	if (ieee80211_is_pspoll(hdr->frame_control) && !wcid &&
1211 	    !(status->flag & RX_FLAG_8023)) {
1212 		sta = ieee80211_find_sta_by_ifaddr(hw, hdr->addr2, NULL);
1213 		if (sta)
1214 			wcid = status->wcid = (struct mt76_wcid *)sta->drv_priv;
1215 	}
1216 
1217 	mt76_airtime_check(dev, skb);
1218 
1219 	if (!wcid || !wcid->sta)
1220 		return;
1221 
1222 	sta = container_of((void *)wcid, struct ieee80211_sta, drv_priv);
1223 
1224 	if (status->signal <= 0)
1225 		ewma_signal_add(&wcid->rssi, -status->signal);
1226 
1227 	wcid->inactive_count = 0;
1228 
1229 	if (status->flag & RX_FLAG_8023)
1230 		return;
1231 
1232 	if (!test_bit(MT_WCID_FLAG_CHECK_PS, &wcid->flags))
1233 		return;
1234 
1235 	if (ieee80211_is_pspoll(hdr->frame_control)) {
1236 		ieee80211_sta_pspoll(sta);
1237 		return;
1238 	}
1239 
1240 	if (ieee80211_has_morefrags(hdr->frame_control) ||
1241 	    !(ieee80211_is_mgmt(hdr->frame_control) ||
1242 	      ieee80211_is_data(hdr->frame_control)))
1243 		return;
1244 
1245 	ps = ieee80211_has_pm(hdr->frame_control);
1246 
1247 	if (ps && (ieee80211_is_data_qos(hdr->frame_control) ||
1248 		   ieee80211_is_qos_nullfunc(hdr->frame_control)))
1249 		ieee80211_sta_uapsd_trigger(sta, tidno);
1250 
1251 	if (!!test_bit(MT_WCID_FLAG_PS, &wcid->flags) == ps)
1252 		return;
1253 
1254 	if (ps)
1255 		set_bit(MT_WCID_FLAG_PS, &wcid->flags);
1256 
1257 	dev->drv->sta_ps(dev, sta, ps);
1258 
1259 	if (!ps)
1260 		clear_bit(MT_WCID_FLAG_PS, &wcid->flags);
1261 
1262 	ieee80211_sta_ps_transition(sta, ps);
1263 }
1264 
1265 void mt76_rx_complete(struct mt76_dev *dev, struct sk_buff_head *frames,
1266 		      struct napi_struct *napi)
1267 {
1268 	struct ieee80211_sta *sta;
1269 	struct ieee80211_hw *hw;
1270 	struct sk_buff *skb, *tmp;
1271 #if defined(__linux__)
1272 	LIST_HEAD(list);
1273 #elif defined(__FreeBSD__)
1274 	LINUX_LIST_HEAD(list);
1275 #endif
1276 
1277 	spin_lock(&dev->rx_lock);
1278 	while ((skb = __skb_dequeue(frames)) != NULL) {
1279 		struct sk_buff *nskb = skb_shinfo(skb)->frag_list;
1280 
1281 		mt76_check_ccmp_pn(skb);
1282 		skb_shinfo(skb)->frag_list = NULL;
1283 		mt76_rx_convert(dev, skb, &hw, &sta);
1284 		ieee80211_rx_list(hw, sta, skb, &list);
1285 
1286 		/* subsequent amsdu frames */
1287 		while (nskb) {
1288 			skb = nskb;
1289 			nskb = nskb->next;
1290 			skb->next = NULL;
1291 
1292 			mt76_rx_convert(dev, skb, &hw, &sta);
1293 			ieee80211_rx_list(hw, sta, skb, &list);
1294 		}
1295 	}
1296 	spin_unlock(&dev->rx_lock);
1297 
1298 	if (!napi) {
1299 		netif_receive_skb_list(&list);
1300 		return;
1301 	}
1302 
1303 	list_for_each_entry_safe(skb, tmp, &list, list) {
1304 		skb_list_del_init(skb);
1305 		napi_gro_receive(napi, skb);
1306 	}
1307 }
1308 
1309 void mt76_rx_poll_complete(struct mt76_dev *dev, enum mt76_rxq_id q,
1310 			   struct napi_struct *napi)
1311 {
1312 	struct sk_buff_head frames;
1313 	struct sk_buff *skb;
1314 
1315 	__skb_queue_head_init(&frames);
1316 
1317 	while ((skb = __skb_dequeue(&dev->rx_skb[q])) != NULL) {
1318 		mt76_check_sta(dev, skb);
1319 		mt76_rx_aggr_reorder(skb, &frames);
1320 	}
1321 
1322 	mt76_rx_complete(dev, &frames, napi);
1323 }
1324 EXPORT_SYMBOL_GPL(mt76_rx_poll_complete);
1325 
1326 static int
1327 mt76_sta_add(struct mt76_phy *phy, struct ieee80211_vif *vif,
1328 	     struct ieee80211_sta *sta)
1329 {
1330 	struct mt76_wcid *wcid = (struct mt76_wcid *)sta->drv_priv;
1331 	struct mt76_dev *dev = phy->dev;
1332 	int ret;
1333 	int i;
1334 
1335 	mutex_lock(&dev->mutex);
1336 
1337 	ret = dev->drv->sta_add(dev, vif, sta);
1338 	if (ret)
1339 		goto out;
1340 
1341 	for (i = 0; i < ARRAY_SIZE(sta->txq); i++) {
1342 		struct mt76_txq *mtxq;
1343 
1344 		if (!sta->txq[i])
1345 			continue;
1346 
1347 		mtxq = (struct mt76_txq *)sta->txq[i]->drv_priv;
1348 		mtxq->wcid = wcid->idx;
1349 	}
1350 
1351 	ewma_signal_init(&wcid->rssi);
1352 	if (phy->band_idx == MT_BAND1)
1353 		mt76_wcid_mask_set(dev->wcid_phy_mask, wcid->idx);
1354 	wcid->phy_idx = phy->band_idx;
1355 	rcu_assign_pointer(dev->wcid[wcid->idx], wcid);
1356 
1357 	mt76_packet_id_init(wcid);
1358 out:
1359 	mutex_unlock(&dev->mutex);
1360 
1361 	return ret;
1362 }
1363 
1364 void __mt76_sta_remove(struct mt76_dev *dev, struct ieee80211_vif *vif,
1365 		       struct ieee80211_sta *sta)
1366 {
1367 	struct mt76_wcid *wcid = (struct mt76_wcid *)sta->drv_priv;
1368 	int i, idx = wcid->idx;
1369 
1370 	for (i = 0; i < ARRAY_SIZE(wcid->aggr); i++)
1371 		mt76_rx_aggr_stop(dev, wcid, i);
1372 
1373 	if (dev->drv->sta_remove)
1374 		dev->drv->sta_remove(dev, vif, sta);
1375 
1376 	mt76_packet_id_flush(dev, wcid);
1377 
1378 	mt76_wcid_mask_clear(dev->wcid_mask, idx);
1379 	mt76_wcid_mask_clear(dev->wcid_phy_mask, idx);
1380 }
1381 EXPORT_SYMBOL_GPL(__mt76_sta_remove);
1382 
1383 static void
1384 mt76_sta_remove(struct mt76_dev *dev, struct ieee80211_vif *vif,
1385 		struct ieee80211_sta *sta)
1386 {
1387 	mutex_lock(&dev->mutex);
1388 	__mt76_sta_remove(dev, vif, sta);
1389 	mutex_unlock(&dev->mutex);
1390 }
1391 
1392 int mt76_sta_state(struct ieee80211_hw *hw, struct ieee80211_vif *vif,
1393 		   struct ieee80211_sta *sta,
1394 		   enum ieee80211_sta_state old_state,
1395 		   enum ieee80211_sta_state new_state)
1396 {
1397 	struct mt76_phy *phy = hw->priv;
1398 	struct mt76_dev *dev = phy->dev;
1399 
1400 	if (old_state == IEEE80211_STA_NOTEXIST &&
1401 	    new_state == IEEE80211_STA_NONE)
1402 		return mt76_sta_add(phy, vif, sta);
1403 
1404 	if (old_state == IEEE80211_STA_AUTH &&
1405 	    new_state == IEEE80211_STA_ASSOC &&
1406 	    dev->drv->sta_assoc)
1407 		dev->drv->sta_assoc(dev, vif, sta);
1408 
1409 	if (old_state == IEEE80211_STA_NONE &&
1410 	    new_state == IEEE80211_STA_NOTEXIST)
1411 		mt76_sta_remove(dev, vif, sta);
1412 
1413 	return 0;
1414 }
1415 EXPORT_SYMBOL_GPL(mt76_sta_state);
1416 
1417 void mt76_sta_pre_rcu_remove(struct ieee80211_hw *hw, struct ieee80211_vif *vif,
1418 			     struct ieee80211_sta *sta)
1419 {
1420 	struct mt76_phy *phy = hw->priv;
1421 	struct mt76_dev *dev = phy->dev;
1422 	struct mt76_wcid *wcid = (struct mt76_wcid *)sta->drv_priv;
1423 
1424 	mutex_lock(&dev->mutex);
1425 	spin_lock_bh(&dev->status_lock);
1426 	rcu_assign_pointer(dev->wcid[wcid->idx], NULL);
1427 	spin_unlock_bh(&dev->status_lock);
1428 	mutex_unlock(&dev->mutex);
1429 }
1430 EXPORT_SYMBOL_GPL(mt76_sta_pre_rcu_remove);
1431 
1432 int mt76_get_txpower(struct ieee80211_hw *hw, struct ieee80211_vif *vif,
1433 		     int *dbm)
1434 {
1435 	struct mt76_phy *phy = hw->priv;
1436 	int n_chains = hweight8(phy->antenna_mask);
1437 	int delta = mt76_tx_power_nss_delta(n_chains);
1438 
1439 	*dbm = DIV_ROUND_UP(phy->txpower_cur + delta, 2);
1440 
1441 	return 0;
1442 }
1443 EXPORT_SYMBOL_GPL(mt76_get_txpower);
1444 
1445 int mt76_init_sar_power(struct ieee80211_hw *hw,
1446 			const struct cfg80211_sar_specs *sar)
1447 {
1448 	struct mt76_phy *phy = hw->priv;
1449 	const struct cfg80211_sar_capa *capa = hw->wiphy->sar_capa;
1450 	int i;
1451 
1452 	if (sar->type != NL80211_SAR_TYPE_POWER || !sar->num_sub_specs)
1453 		return -EINVAL;
1454 
1455 	for (i = 0; i < sar->num_sub_specs; i++) {
1456 		u32 index = sar->sub_specs[i].freq_range_index;
1457 		/* SAR specifies power limitaton in 0.25dbm */
1458 		s32 power = sar->sub_specs[i].power >> 1;
1459 
1460 		if (power > 127 || power < -127)
1461 			power = 127;
1462 
1463 		phy->frp[index].range = &capa->freq_ranges[index];
1464 		phy->frp[index].power = power;
1465 	}
1466 
1467 	return 0;
1468 }
1469 EXPORT_SYMBOL_GPL(mt76_init_sar_power);
1470 
1471 int mt76_get_sar_power(struct mt76_phy *phy,
1472 		       struct ieee80211_channel *chan,
1473 		       int power)
1474 {
1475 	const struct cfg80211_sar_capa *capa = phy->hw->wiphy->sar_capa;
1476 	int freq, i;
1477 
1478 	if (!capa || !phy->frp)
1479 		return power;
1480 
1481 	if (power > 127 || power < -127)
1482 		power = 127;
1483 
1484 	freq = ieee80211_channel_to_frequency(chan->hw_value, chan->band);
1485 	for (i = 0 ; i < capa->num_freq_ranges; i++) {
1486 		if (phy->frp[i].range &&
1487 		    freq >= phy->frp[i].range->start_freq &&
1488 		    freq < phy->frp[i].range->end_freq) {
1489 			power = min_t(int, phy->frp[i].power, power);
1490 			break;
1491 		}
1492 	}
1493 
1494 	return power;
1495 }
1496 EXPORT_SYMBOL_GPL(mt76_get_sar_power);
1497 
1498 static void
1499 __mt76_csa_finish(void *priv, u8 *mac, struct ieee80211_vif *vif)
1500 {
1501 	if (vif->bss_conf.csa_active && ieee80211_beacon_cntdwn_is_complete(vif))
1502 		ieee80211_csa_finish(vif);
1503 }
1504 
1505 void mt76_csa_finish(struct mt76_dev *dev)
1506 {
1507 	if (!dev->csa_complete)
1508 		return;
1509 
1510 	ieee80211_iterate_active_interfaces_atomic(dev->hw,
1511 		IEEE80211_IFACE_ITER_RESUME_ALL,
1512 		__mt76_csa_finish, dev);
1513 
1514 	dev->csa_complete = 0;
1515 }
1516 EXPORT_SYMBOL_GPL(mt76_csa_finish);
1517 
1518 static void
1519 __mt76_csa_check(void *priv, u8 *mac, struct ieee80211_vif *vif)
1520 {
1521 	struct mt76_dev *dev = priv;
1522 
1523 	if (!vif->bss_conf.csa_active)
1524 		return;
1525 
1526 	dev->csa_complete |= ieee80211_beacon_cntdwn_is_complete(vif);
1527 }
1528 
1529 void mt76_csa_check(struct mt76_dev *dev)
1530 {
1531 	ieee80211_iterate_active_interfaces_atomic(dev->hw,
1532 		IEEE80211_IFACE_ITER_RESUME_ALL,
1533 		__mt76_csa_check, dev);
1534 }
1535 EXPORT_SYMBOL_GPL(mt76_csa_check);
1536 
1537 int
1538 mt76_set_tim(struct ieee80211_hw *hw, struct ieee80211_sta *sta, bool set)
1539 {
1540 	return 0;
1541 }
1542 EXPORT_SYMBOL_GPL(mt76_set_tim);
1543 
1544 void mt76_insert_ccmp_hdr(struct sk_buff *skb, u8 key_id)
1545 {
1546 	struct mt76_rx_status *status = (struct mt76_rx_status *)skb->cb;
1547 	int hdr_len = ieee80211_get_hdrlen_from_skb(skb);
1548 	u8 *hdr, *pn = status->iv;
1549 
1550 	__skb_push(skb, 8);
1551 	memmove(skb->data, skb->data + 8, hdr_len);
1552 	hdr = skb->data + hdr_len;
1553 
1554 	hdr[0] = pn[5];
1555 	hdr[1] = pn[4];
1556 	hdr[2] = 0;
1557 	hdr[3] = 0x20 | (key_id << 6);
1558 	hdr[4] = pn[3];
1559 	hdr[5] = pn[2];
1560 	hdr[6] = pn[1];
1561 	hdr[7] = pn[0];
1562 
1563 	status->flag &= ~RX_FLAG_IV_STRIPPED;
1564 }
1565 EXPORT_SYMBOL_GPL(mt76_insert_ccmp_hdr);
1566 
1567 int mt76_get_rate(struct mt76_dev *dev,
1568 		  struct ieee80211_supported_band *sband,
1569 		  int idx, bool cck)
1570 {
1571 	int i, offset = 0, len = sband->n_bitrates;
1572 
1573 	if (cck) {
1574 		if (sband != &dev->phy.sband_2g.sband)
1575 			return 0;
1576 
1577 		idx &= ~BIT(2); /* short preamble */
1578 	} else if (sband == &dev->phy.sband_2g.sband) {
1579 		offset = 4;
1580 	}
1581 
1582 	for (i = offset; i < len; i++) {
1583 		if ((sband->bitrates[i].hw_value & GENMASK(7, 0)) == idx)
1584 			return i;
1585 	}
1586 
1587 	return 0;
1588 }
1589 EXPORT_SYMBOL_GPL(mt76_get_rate);
1590 
1591 void mt76_sw_scan(struct ieee80211_hw *hw, struct ieee80211_vif *vif,
1592 		  const u8 *mac)
1593 {
1594 	struct mt76_phy *phy = hw->priv;
1595 
1596 	set_bit(MT76_SCANNING, &phy->state);
1597 }
1598 EXPORT_SYMBOL_GPL(mt76_sw_scan);
1599 
1600 void mt76_sw_scan_complete(struct ieee80211_hw *hw, struct ieee80211_vif *vif)
1601 {
1602 	struct mt76_phy *phy = hw->priv;
1603 
1604 	clear_bit(MT76_SCANNING, &phy->state);
1605 }
1606 EXPORT_SYMBOL_GPL(mt76_sw_scan_complete);
1607 
1608 int mt76_get_antenna(struct ieee80211_hw *hw, u32 *tx_ant, u32 *rx_ant)
1609 {
1610 	struct mt76_phy *phy = hw->priv;
1611 	struct mt76_dev *dev = phy->dev;
1612 
1613 	mutex_lock(&dev->mutex);
1614 	*tx_ant = phy->antenna_mask;
1615 	*rx_ant = phy->antenna_mask;
1616 	mutex_unlock(&dev->mutex);
1617 
1618 	return 0;
1619 }
1620 EXPORT_SYMBOL_GPL(mt76_get_antenna);
1621 
1622 struct mt76_queue *
1623 mt76_init_queue(struct mt76_dev *dev, int qid, int idx, int n_desc,
1624 		int ring_base, u32 flags)
1625 {
1626 	struct mt76_queue *hwq;
1627 	int err;
1628 
1629 	hwq = devm_kzalloc(dev->dev, sizeof(*hwq), GFP_KERNEL);
1630 	if (!hwq)
1631 		return ERR_PTR(-ENOMEM);
1632 
1633 	hwq->flags = flags;
1634 
1635 	err = dev->queue_ops->alloc(dev, hwq, idx, n_desc, 0, ring_base);
1636 	if (err < 0)
1637 		return ERR_PTR(err);
1638 
1639 	return hwq;
1640 }
1641 EXPORT_SYMBOL_GPL(mt76_init_queue);
1642 
1643 u16 mt76_calculate_default_rate(struct mt76_phy *phy, int rateidx)
1644 {
1645 	int offset = 0;
1646 
1647 	if (phy->chandef.chan->band != NL80211_BAND_2GHZ)
1648 		offset = 4;
1649 
1650 	/* pick the lowest rate for hidden nodes */
1651 	if (rateidx < 0)
1652 		rateidx = 0;
1653 
1654 	rateidx += offset;
1655 	if (rateidx >= ARRAY_SIZE(mt76_rates))
1656 		rateidx = offset;
1657 
1658 	return mt76_rates[rateidx].hw_value;
1659 }
1660 EXPORT_SYMBOL_GPL(mt76_calculate_default_rate);
1661 
1662 void mt76_ethtool_worker(struct mt76_ethtool_worker_info *wi,
1663 			 struct mt76_sta_stats *stats)
1664 {
1665 	int i, ei = wi->initial_stat_idx;
1666 	u64 *data = wi->data;
1667 
1668 	wi->sta_count++;
1669 
1670 	data[ei++] += stats->tx_mode[MT_PHY_TYPE_CCK];
1671 	data[ei++] += stats->tx_mode[MT_PHY_TYPE_OFDM];
1672 	data[ei++] += stats->tx_mode[MT_PHY_TYPE_HT];
1673 	data[ei++] += stats->tx_mode[MT_PHY_TYPE_HT_GF];
1674 	data[ei++] += stats->tx_mode[MT_PHY_TYPE_VHT];
1675 	data[ei++] += stats->tx_mode[MT_PHY_TYPE_HE_SU];
1676 	data[ei++] += stats->tx_mode[MT_PHY_TYPE_HE_EXT_SU];
1677 	data[ei++] += stats->tx_mode[MT_PHY_TYPE_HE_TB];
1678 	data[ei++] += stats->tx_mode[MT_PHY_TYPE_HE_MU];
1679 
1680 	for (i = 0; i < ARRAY_SIZE(stats->tx_bw); i++)
1681 		data[ei++] += stats->tx_bw[i];
1682 
1683 	for (i = 0; i < 12; i++)
1684 		data[ei++] += stats->tx_mcs[i];
1685 
1686 	wi->worker_stat_count = ei - wi->initial_stat_idx;
1687 }
1688 EXPORT_SYMBOL_GPL(mt76_ethtool_worker);
1689 
1690 enum mt76_dfs_state mt76_phy_dfs_state(struct mt76_phy *phy)
1691 {
1692 	struct ieee80211_hw *hw = phy->hw;
1693 	struct mt76_dev *dev = phy->dev;
1694 
1695 	if (dev->region == NL80211_DFS_UNSET ||
1696 	    test_bit(MT76_SCANNING, &phy->state))
1697 		return MT_DFS_STATE_DISABLED;
1698 
1699 	if (!hw->conf.radar_enabled) {
1700 		if ((hw->conf.flags & IEEE80211_CONF_MONITOR) &&
1701 		    (phy->chandef.chan->flags & IEEE80211_CHAN_RADAR))
1702 			return MT_DFS_STATE_ACTIVE;
1703 
1704 		return MT_DFS_STATE_DISABLED;
1705 	}
1706 
1707 	if (!cfg80211_reg_can_beacon(hw->wiphy, &phy->chandef, NL80211_IFTYPE_AP))
1708 		return MT_DFS_STATE_CAC;
1709 
1710 	return MT_DFS_STATE_ACTIVE;
1711 }
1712 EXPORT_SYMBOL_GPL(mt76_phy_dfs_state);
1713