xref: /linux/drivers/net/wireless/ath/ath11k/mac.c (revision 2aceb896ee18ae35b21b14c978d8c2ef8c7b439d)
1 // SPDX-License-Identifier: BSD-3-Clause-Clear
2 /*
3  * Copyright (c) 2018-2019 The Linux Foundation. All rights reserved.
4  * Copyright (c) 2021-2023 Qualcomm Innovation Center, Inc. All rights reserved.
5  */
6 
7 #include <net/mac80211.h>
8 #include <net/cfg80211.h>
9 #include <linux/etherdevice.h>
10 #include <linux/bitfield.h>
11 #include <linux/inetdevice.h>
12 #include <net/if_inet6.h>
13 #include <net/ipv6.h>
14 
15 #include "mac.h"
16 #include "core.h"
17 #include "debug.h"
18 #include "wmi.h"
19 #include "hw.h"
20 #include "dp_tx.h"
21 #include "dp_rx.h"
22 #include "testmode.h"
23 #include "peer.h"
24 #include "debugfs_sta.h"
25 #include "hif.h"
26 #include "wow.h"
27 
28 #define CHAN2G(_channel, _freq, _flags) { \
29 	.band                   = NL80211_BAND_2GHZ, \
30 	.hw_value               = (_channel), \
31 	.center_freq            = (_freq), \
32 	.flags                  = (_flags), \
33 	.max_antenna_gain       = 0, \
34 	.max_power              = 30, \
35 }
36 
37 #define CHAN5G(_channel, _freq, _flags) { \
38 	.band                   = NL80211_BAND_5GHZ, \
39 	.hw_value               = (_channel), \
40 	.center_freq            = (_freq), \
41 	.flags                  = (_flags), \
42 	.max_antenna_gain       = 0, \
43 	.max_power              = 30, \
44 }
45 
46 #define CHAN6G(_channel, _freq, _flags) { \
47 	.band                   = NL80211_BAND_6GHZ, \
48 	.hw_value               = (_channel), \
49 	.center_freq            = (_freq), \
50 	.flags                  = (_flags), \
51 	.max_antenna_gain       = 0, \
52 	.max_power              = 30, \
53 }
54 
55 static const struct ieee80211_channel ath11k_2ghz_channels[] = {
56 	CHAN2G(1, 2412, 0),
57 	CHAN2G(2, 2417, 0),
58 	CHAN2G(3, 2422, 0),
59 	CHAN2G(4, 2427, 0),
60 	CHAN2G(5, 2432, 0),
61 	CHAN2G(6, 2437, 0),
62 	CHAN2G(7, 2442, 0),
63 	CHAN2G(8, 2447, 0),
64 	CHAN2G(9, 2452, 0),
65 	CHAN2G(10, 2457, 0),
66 	CHAN2G(11, 2462, 0),
67 	CHAN2G(12, 2467, 0),
68 	CHAN2G(13, 2472, 0),
69 	CHAN2G(14, 2484, 0),
70 };
71 
72 static const struct ieee80211_channel ath11k_5ghz_channels[] = {
73 	CHAN5G(36, 5180, 0),
74 	CHAN5G(40, 5200, 0),
75 	CHAN5G(44, 5220, 0),
76 	CHAN5G(48, 5240, 0),
77 	CHAN5G(52, 5260, 0),
78 	CHAN5G(56, 5280, 0),
79 	CHAN5G(60, 5300, 0),
80 	CHAN5G(64, 5320, 0),
81 	CHAN5G(100, 5500, 0),
82 	CHAN5G(104, 5520, 0),
83 	CHAN5G(108, 5540, 0),
84 	CHAN5G(112, 5560, 0),
85 	CHAN5G(116, 5580, 0),
86 	CHAN5G(120, 5600, 0),
87 	CHAN5G(124, 5620, 0),
88 	CHAN5G(128, 5640, 0),
89 	CHAN5G(132, 5660, 0),
90 	CHAN5G(136, 5680, 0),
91 	CHAN5G(140, 5700, 0),
92 	CHAN5G(144, 5720, 0),
93 	CHAN5G(149, 5745, 0),
94 	CHAN5G(153, 5765, 0),
95 	CHAN5G(157, 5785, 0),
96 	CHAN5G(161, 5805, 0),
97 	CHAN5G(165, 5825, 0),
98 	CHAN5G(169, 5845, 0),
99 	CHAN5G(173, 5865, 0),
100 	CHAN5G(177, 5885, 0),
101 };
102 
103 static const struct ieee80211_channel ath11k_6ghz_channels[] = {
104 	CHAN6G(1, 5955, 0),
105 	CHAN6G(5, 5975, 0),
106 	CHAN6G(9, 5995, 0),
107 	CHAN6G(13, 6015, 0),
108 	CHAN6G(17, 6035, 0),
109 	CHAN6G(21, 6055, 0),
110 	CHAN6G(25, 6075, 0),
111 	CHAN6G(29, 6095, 0),
112 	CHAN6G(33, 6115, 0),
113 	CHAN6G(37, 6135, 0),
114 	CHAN6G(41, 6155, 0),
115 	CHAN6G(45, 6175, 0),
116 	CHAN6G(49, 6195, 0),
117 	CHAN6G(53, 6215, 0),
118 	CHAN6G(57, 6235, 0),
119 	CHAN6G(61, 6255, 0),
120 	CHAN6G(65, 6275, 0),
121 	CHAN6G(69, 6295, 0),
122 	CHAN6G(73, 6315, 0),
123 	CHAN6G(77, 6335, 0),
124 	CHAN6G(81, 6355, 0),
125 	CHAN6G(85, 6375, 0),
126 	CHAN6G(89, 6395, 0),
127 	CHAN6G(93, 6415, 0),
128 	CHAN6G(97, 6435, 0),
129 	CHAN6G(101, 6455, 0),
130 	CHAN6G(105, 6475, 0),
131 	CHAN6G(109, 6495, 0),
132 	CHAN6G(113, 6515, 0),
133 	CHAN6G(117, 6535, 0),
134 	CHAN6G(121, 6555, 0),
135 	CHAN6G(125, 6575, 0),
136 	CHAN6G(129, 6595, 0),
137 	CHAN6G(133, 6615, 0),
138 	CHAN6G(137, 6635, 0),
139 	CHAN6G(141, 6655, 0),
140 	CHAN6G(145, 6675, 0),
141 	CHAN6G(149, 6695, 0),
142 	CHAN6G(153, 6715, 0),
143 	CHAN6G(157, 6735, 0),
144 	CHAN6G(161, 6755, 0),
145 	CHAN6G(165, 6775, 0),
146 	CHAN6G(169, 6795, 0),
147 	CHAN6G(173, 6815, 0),
148 	CHAN6G(177, 6835, 0),
149 	CHAN6G(181, 6855, 0),
150 	CHAN6G(185, 6875, 0),
151 	CHAN6G(189, 6895, 0),
152 	CHAN6G(193, 6915, 0),
153 	CHAN6G(197, 6935, 0),
154 	CHAN6G(201, 6955, 0),
155 	CHAN6G(205, 6975, 0),
156 	CHAN6G(209, 6995, 0),
157 	CHAN6G(213, 7015, 0),
158 	CHAN6G(217, 7035, 0),
159 	CHAN6G(221, 7055, 0),
160 	CHAN6G(225, 7075, 0),
161 	CHAN6G(229, 7095, 0),
162 	CHAN6G(233, 7115, 0),
163 
164 	/* new addition in IEEE Std 802.11ax-2021 */
165 	CHAN6G(2, 5935, 0),
166 };
167 
168 static struct ieee80211_rate ath11k_legacy_rates[] = {
169 	{ .bitrate = 10,
170 	  .hw_value = ATH11K_HW_RATE_CCK_LP_1M },
171 	{ .bitrate = 20,
172 	  .hw_value = ATH11K_HW_RATE_CCK_LP_2M,
173 	  .hw_value_short = ATH11K_HW_RATE_CCK_SP_2M,
174 	  .flags = IEEE80211_RATE_SHORT_PREAMBLE },
175 	{ .bitrate = 55,
176 	  .hw_value = ATH11K_HW_RATE_CCK_LP_5_5M,
177 	  .hw_value_short = ATH11K_HW_RATE_CCK_SP_5_5M,
178 	  .flags = IEEE80211_RATE_SHORT_PREAMBLE },
179 	{ .bitrate = 110,
180 	  .hw_value = ATH11K_HW_RATE_CCK_LP_11M,
181 	  .hw_value_short = ATH11K_HW_RATE_CCK_SP_11M,
182 	  .flags = IEEE80211_RATE_SHORT_PREAMBLE },
183 
184 	{ .bitrate = 60, .hw_value = ATH11K_HW_RATE_OFDM_6M },
185 	{ .bitrate = 90, .hw_value = ATH11K_HW_RATE_OFDM_9M },
186 	{ .bitrate = 120, .hw_value = ATH11K_HW_RATE_OFDM_12M },
187 	{ .bitrate = 180, .hw_value = ATH11K_HW_RATE_OFDM_18M },
188 	{ .bitrate = 240, .hw_value = ATH11K_HW_RATE_OFDM_24M },
189 	{ .bitrate = 360, .hw_value = ATH11K_HW_RATE_OFDM_36M },
190 	{ .bitrate = 480, .hw_value = ATH11K_HW_RATE_OFDM_48M },
191 	{ .bitrate = 540, .hw_value = ATH11K_HW_RATE_OFDM_54M },
192 };
193 
194 static const int
195 ath11k_phymodes[NUM_NL80211_BANDS][ATH11K_CHAN_WIDTH_NUM] = {
196 	[NL80211_BAND_2GHZ] = {
197 			[NL80211_CHAN_WIDTH_5] = MODE_UNKNOWN,
198 			[NL80211_CHAN_WIDTH_10] = MODE_UNKNOWN,
199 			[NL80211_CHAN_WIDTH_20_NOHT] = MODE_11AX_HE20_2G,
200 			[NL80211_CHAN_WIDTH_20] = MODE_11AX_HE20_2G,
201 			[NL80211_CHAN_WIDTH_40] = MODE_11AX_HE40_2G,
202 			[NL80211_CHAN_WIDTH_80] = MODE_11AX_HE80_2G,
203 			[NL80211_CHAN_WIDTH_80P80] = MODE_UNKNOWN,
204 			[NL80211_CHAN_WIDTH_160] = MODE_UNKNOWN,
205 	},
206 	[NL80211_BAND_5GHZ] = {
207 			[NL80211_CHAN_WIDTH_5] = MODE_UNKNOWN,
208 			[NL80211_CHAN_WIDTH_10] = MODE_UNKNOWN,
209 			[NL80211_CHAN_WIDTH_20_NOHT] = MODE_11AX_HE20,
210 			[NL80211_CHAN_WIDTH_20] = MODE_11AX_HE20,
211 			[NL80211_CHAN_WIDTH_40] = MODE_11AX_HE40,
212 			[NL80211_CHAN_WIDTH_80] = MODE_11AX_HE80,
213 			[NL80211_CHAN_WIDTH_160] = MODE_11AX_HE160,
214 			[NL80211_CHAN_WIDTH_80P80] = MODE_11AX_HE80_80,
215 	},
216 	[NL80211_BAND_6GHZ] = {
217 			[NL80211_CHAN_WIDTH_5] = MODE_UNKNOWN,
218 			[NL80211_CHAN_WIDTH_10] = MODE_UNKNOWN,
219 			[NL80211_CHAN_WIDTH_20_NOHT] = MODE_11AX_HE20,
220 			[NL80211_CHAN_WIDTH_20] = MODE_11AX_HE20,
221 			[NL80211_CHAN_WIDTH_40] = MODE_11AX_HE40,
222 			[NL80211_CHAN_WIDTH_80] = MODE_11AX_HE80,
223 			[NL80211_CHAN_WIDTH_160] = MODE_11AX_HE160,
224 			[NL80211_CHAN_WIDTH_80P80] = MODE_11AX_HE80_80,
225 	},
226 
227 };
228 
229 const struct htt_rx_ring_tlv_filter ath11k_mac_mon_status_filter_default = {
230 	.rx_filter = HTT_RX_FILTER_TLV_FLAGS_MPDU_START |
231 		     HTT_RX_FILTER_TLV_FLAGS_PPDU_END |
232 		     HTT_RX_FILTER_TLV_FLAGS_PPDU_END_STATUS_DONE,
233 	.pkt_filter_flags0 = HTT_RX_FP_MGMT_FILTER_FLAGS0,
234 	.pkt_filter_flags1 = HTT_RX_FP_MGMT_FILTER_FLAGS1,
235 	.pkt_filter_flags2 = HTT_RX_FP_CTRL_FILTER_FLASG2,
236 	.pkt_filter_flags3 = HTT_RX_FP_DATA_FILTER_FLASG3 |
237 			     HTT_RX_FP_CTRL_FILTER_FLASG3
238 };
239 
240 #define ATH11K_MAC_FIRST_OFDM_RATE_IDX 4
241 #define ath11k_g_rates ath11k_legacy_rates
242 #define ath11k_g_rates_size (ARRAY_SIZE(ath11k_legacy_rates))
243 #define ath11k_a_rates (ath11k_legacy_rates + 4)
244 #define ath11k_a_rates_size (ARRAY_SIZE(ath11k_legacy_rates) - 4)
245 
246 #define ATH11K_MAC_SCAN_CMD_EVT_OVERHEAD		200 /* in msecs */
247 
248 /* Overhead due to the processing of channel switch events from FW */
249 #define ATH11K_SCAN_CHANNEL_SWITCH_WMI_EVT_OVERHEAD	10 /* in msecs */
250 
251 static const u32 ath11k_smps_map[] = {
252 	[WLAN_HT_CAP_SM_PS_STATIC] = WMI_PEER_SMPS_STATIC,
253 	[WLAN_HT_CAP_SM_PS_DYNAMIC] = WMI_PEER_SMPS_DYNAMIC,
254 	[WLAN_HT_CAP_SM_PS_INVALID] = WMI_PEER_SMPS_PS_NONE,
255 	[WLAN_HT_CAP_SM_PS_DISABLED] = WMI_PEER_SMPS_PS_NONE,
256 };
257 
258 static int ath11k_start_vdev_delay(struct ieee80211_hw *hw,
259 				   struct ieee80211_vif *vif);
260 
261 enum nl80211_he_ru_alloc ath11k_mac_phy_he_ru_to_nl80211_he_ru_alloc(u16 ru_phy)
262 {
263 	enum nl80211_he_ru_alloc ret;
264 
265 	switch (ru_phy) {
266 	case RU_26:
267 		ret = NL80211_RATE_INFO_HE_RU_ALLOC_26;
268 		break;
269 	case RU_52:
270 		ret = NL80211_RATE_INFO_HE_RU_ALLOC_52;
271 		break;
272 	case RU_106:
273 		ret = NL80211_RATE_INFO_HE_RU_ALLOC_106;
274 		break;
275 	case RU_242:
276 		ret = NL80211_RATE_INFO_HE_RU_ALLOC_242;
277 		break;
278 	case RU_484:
279 		ret = NL80211_RATE_INFO_HE_RU_ALLOC_484;
280 		break;
281 	case RU_996:
282 		ret = NL80211_RATE_INFO_HE_RU_ALLOC_996;
283 		break;
284 	default:
285 		ret = NL80211_RATE_INFO_HE_RU_ALLOC_26;
286 		break;
287 	}
288 
289 	return ret;
290 }
291 
292 enum nl80211_he_ru_alloc ath11k_mac_he_ru_tones_to_nl80211_he_ru_alloc(u16 ru_tones)
293 {
294 	enum nl80211_he_ru_alloc ret;
295 
296 	switch (ru_tones) {
297 	case 26:
298 		ret = NL80211_RATE_INFO_HE_RU_ALLOC_26;
299 		break;
300 	case 52:
301 		ret = NL80211_RATE_INFO_HE_RU_ALLOC_52;
302 		break;
303 	case 106:
304 		ret = NL80211_RATE_INFO_HE_RU_ALLOC_106;
305 		break;
306 	case 242:
307 		ret = NL80211_RATE_INFO_HE_RU_ALLOC_242;
308 		break;
309 	case 484:
310 		ret = NL80211_RATE_INFO_HE_RU_ALLOC_484;
311 		break;
312 	case 996:
313 		ret = NL80211_RATE_INFO_HE_RU_ALLOC_996;
314 		break;
315 	case (996 * 2):
316 		ret = NL80211_RATE_INFO_HE_RU_ALLOC_2x996;
317 		break;
318 	default:
319 		ret = NL80211_RATE_INFO_HE_RU_ALLOC_26;
320 		break;
321 	}
322 
323 	return ret;
324 }
325 
326 enum nl80211_he_gi ath11k_mac_he_gi_to_nl80211_he_gi(u8 sgi)
327 {
328 	enum nl80211_he_gi ret;
329 
330 	switch (sgi) {
331 	case RX_MSDU_START_SGI_0_8_US:
332 		ret = NL80211_RATE_INFO_HE_GI_0_8;
333 		break;
334 	case RX_MSDU_START_SGI_1_6_US:
335 		ret = NL80211_RATE_INFO_HE_GI_1_6;
336 		break;
337 	case RX_MSDU_START_SGI_3_2_US:
338 		ret = NL80211_RATE_INFO_HE_GI_3_2;
339 		break;
340 	default:
341 		ret = NL80211_RATE_INFO_HE_GI_0_8;
342 		break;
343 	}
344 
345 	return ret;
346 }
347 
348 u8 ath11k_mac_bw_to_mac80211_bw(u8 bw)
349 {
350 	u8 ret = 0;
351 
352 	switch (bw) {
353 	case ATH11K_BW_20:
354 		ret = RATE_INFO_BW_20;
355 		break;
356 	case ATH11K_BW_40:
357 		ret = RATE_INFO_BW_40;
358 		break;
359 	case ATH11K_BW_80:
360 		ret = RATE_INFO_BW_80;
361 		break;
362 	case ATH11K_BW_160:
363 		ret = RATE_INFO_BW_160;
364 		break;
365 	}
366 
367 	return ret;
368 }
369 
370 enum ath11k_supported_bw ath11k_mac_mac80211_bw_to_ath11k_bw(enum rate_info_bw bw)
371 {
372 	switch (bw) {
373 	case RATE_INFO_BW_20:
374 		return ATH11K_BW_20;
375 	case RATE_INFO_BW_40:
376 		return ATH11K_BW_40;
377 	case RATE_INFO_BW_80:
378 		return ATH11K_BW_80;
379 	case RATE_INFO_BW_160:
380 		return ATH11K_BW_160;
381 	default:
382 		return ATH11K_BW_20;
383 	}
384 }
385 
386 int ath11k_mac_hw_ratecode_to_legacy_rate(u8 hw_rc, u8 preamble, u8 *rateidx,
387 					  u16 *rate)
388 {
389 	/* As default, it is OFDM rates */
390 	int i = ATH11K_MAC_FIRST_OFDM_RATE_IDX;
391 	int max_rates_idx = ath11k_g_rates_size;
392 
393 	if (preamble == WMI_RATE_PREAMBLE_CCK) {
394 		hw_rc &= ~ATH11k_HW_RATECODE_CCK_SHORT_PREAM_MASK;
395 		i = 0;
396 		max_rates_idx = ATH11K_MAC_FIRST_OFDM_RATE_IDX;
397 	}
398 
399 	while (i < max_rates_idx) {
400 		if (hw_rc == ath11k_legacy_rates[i].hw_value) {
401 			*rateidx = i;
402 			*rate = ath11k_legacy_rates[i].bitrate;
403 			return 0;
404 		}
405 		i++;
406 	}
407 
408 	return -EINVAL;
409 }
410 
411 static int get_num_chains(u32 mask)
412 {
413 	int num_chains = 0;
414 
415 	while (mask) {
416 		if (mask & BIT(0))
417 			num_chains++;
418 		mask >>= 1;
419 	}
420 
421 	return num_chains;
422 }
423 
424 u8 ath11k_mac_bitrate_to_idx(const struct ieee80211_supported_band *sband,
425 			     u32 bitrate)
426 {
427 	int i;
428 
429 	for (i = 0; i < sband->n_bitrates; i++)
430 		if (sband->bitrates[i].bitrate == bitrate)
431 			return i;
432 
433 	return 0;
434 }
435 
436 static u32
437 ath11k_mac_max_ht_nss(const u8 *ht_mcs_mask)
438 {
439 	int nss;
440 
441 	for (nss = IEEE80211_HT_MCS_MASK_LEN - 1; nss >= 0; nss--)
442 		if (ht_mcs_mask[nss])
443 			return nss + 1;
444 
445 	return 1;
446 }
447 
448 static u32
449 ath11k_mac_max_vht_nss(const u16 *vht_mcs_mask)
450 {
451 	int nss;
452 
453 	for (nss = NL80211_VHT_NSS_MAX - 1; nss >= 0; nss--)
454 		if (vht_mcs_mask[nss])
455 			return nss + 1;
456 
457 	return 1;
458 }
459 
460 static u32
461 ath11k_mac_max_he_nss(const u16 *he_mcs_mask)
462 {
463 	int nss;
464 
465 	for (nss = NL80211_HE_NSS_MAX - 1; nss >= 0; nss--)
466 		if (he_mcs_mask[nss])
467 			return nss + 1;
468 
469 	return 1;
470 }
471 
472 static u8 ath11k_parse_mpdudensity(u8 mpdudensity)
473 {
474 /* 802.11n D2.0 defined values for "Minimum MPDU Start Spacing":
475  *   0 for no restriction
476  *   1 for 1/4 us
477  *   2 for 1/2 us
478  *   3 for 1 us
479  *   4 for 2 us
480  *   5 for 4 us
481  *   6 for 8 us
482  *   7 for 16 us
483  */
484 	switch (mpdudensity) {
485 	case 0:
486 		return 0;
487 	case 1:
488 	case 2:
489 	case 3:
490 	/* Our lower layer calculations limit our precision to
491 	 * 1 microsecond
492 	 */
493 		return 1;
494 	case 4:
495 		return 2;
496 	case 5:
497 		return 4;
498 	case 6:
499 		return 8;
500 	case 7:
501 		return 16;
502 	default:
503 		return 0;
504 	}
505 }
506 
507 static int ath11k_mac_vif_chan(struct ieee80211_vif *vif,
508 			       struct cfg80211_chan_def *def)
509 {
510 	struct ieee80211_chanctx_conf *conf;
511 
512 	rcu_read_lock();
513 	conf = rcu_dereference(vif->bss_conf.chanctx_conf);
514 	if (!conf) {
515 		rcu_read_unlock();
516 		return -ENOENT;
517 	}
518 
519 	*def = conf->def;
520 	rcu_read_unlock();
521 
522 	return 0;
523 }
524 
525 static bool ath11k_mac_bitrate_is_cck(int bitrate)
526 {
527 	switch (bitrate) {
528 	case 10:
529 	case 20:
530 	case 55:
531 	case 110:
532 		return true;
533 	}
534 
535 	return false;
536 }
537 
538 u8 ath11k_mac_hw_rate_to_idx(const struct ieee80211_supported_band *sband,
539 			     u8 hw_rate, bool cck)
540 {
541 	const struct ieee80211_rate *rate;
542 	int i;
543 
544 	for (i = 0; i < sband->n_bitrates; i++) {
545 		rate = &sband->bitrates[i];
546 
547 		if (ath11k_mac_bitrate_is_cck(rate->bitrate) != cck)
548 			continue;
549 
550 		if (rate->hw_value == hw_rate)
551 			return i;
552 		else if (rate->flags & IEEE80211_RATE_SHORT_PREAMBLE &&
553 			 rate->hw_value_short == hw_rate)
554 			return i;
555 	}
556 
557 	return 0;
558 }
559 
560 static u8 ath11k_mac_bitrate_to_rate(int bitrate)
561 {
562 	return DIV_ROUND_UP(bitrate, 5) |
563 	       (ath11k_mac_bitrate_is_cck(bitrate) ? BIT(7) : 0);
564 }
565 
566 static void ath11k_get_arvif_iter(void *data, u8 *mac,
567 				  struct ieee80211_vif *vif)
568 {
569 	struct ath11k_vif_iter *arvif_iter = data;
570 	struct ath11k_vif *arvif = ath11k_vif_to_arvif(vif);
571 
572 	if (arvif->vdev_id == arvif_iter->vdev_id)
573 		arvif_iter->arvif = arvif;
574 }
575 
576 struct ath11k_vif *ath11k_mac_get_arvif(struct ath11k *ar, u32 vdev_id)
577 {
578 	struct ath11k_vif_iter arvif_iter;
579 	u32 flags;
580 
581 	memset(&arvif_iter, 0, sizeof(struct ath11k_vif_iter));
582 	arvif_iter.vdev_id = vdev_id;
583 
584 	flags = IEEE80211_IFACE_ITER_RESUME_ALL;
585 	ieee80211_iterate_active_interfaces_atomic(ar->hw,
586 						   flags,
587 						   ath11k_get_arvif_iter,
588 						   &arvif_iter);
589 	if (!arvif_iter.arvif) {
590 		ath11k_warn(ar->ab, "No VIF found for vdev %d\n", vdev_id);
591 		return NULL;
592 	}
593 
594 	return arvif_iter.arvif;
595 }
596 
597 struct ath11k_vif *ath11k_mac_get_arvif_by_vdev_id(struct ath11k_base *ab,
598 						   u32 vdev_id)
599 {
600 	int i;
601 	struct ath11k_pdev *pdev;
602 	struct ath11k_vif *arvif;
603 
604 	for (i = 0; i < ab->num_radios; i++) {
605 		pdev = rcu_dereference(ab->pdevs_active[i]);
606 		if (pdev && pdev->ar &&
607 		    (pdev->ar->allocated_vdev_map & (1LL << vdev_id))) {
608 			arvif = ath11k_mac_get_arvif(pdev->ar, vdev_id);
609 			if (arvif)
610 				return arvif;
611 		}
612 	}
613 
614 	return NULL;
615 }
616 
617 struct ath11k *ath11k_mac_get_ar_by_vdev_id(struct ath11k_base *ab, u32 vdev_id)
618 {
619 	int i;
620 	struct ath11k_pdev *pdev;
621 
622 	for (i = 0; i < ab->num_radios; i++) {
623 		pdev = rcu_dereference(ab->pdevs_active[i]);
624 		if (pdev && pdev->ar) {
625 			if (pdev->ar->allocated_vdev_map & (1LL << vdev_id))
626 				return pdev->ar;
627 		}
628 	}
629 
630 	return NULL;
631 }
632 
633 struct ath11k *ath11k_mac_get_ar_by_pdev_id(struct ath11k_base *ab, u32 pdev_id)
634 {
635 	int i;
636 	struct ath11k_pdev *pdev;
637 
638 	if (ab->hw_params.single_pdev_only) {
639 		pdev = rcu_dereference(ab->pdevs_active[0]);
640 		return pdev ? pdev->ar : NULL;
641 	}
642 
643 	if (WARN_ON(pdev_id > ab->num_radios))
644 		return NULL;
645 
646 	for (i = 0; i < ab->num_radios; i++) {
647 		if (ab->fw_mode == ATH11K_FIRMWARE_MODE_FTM)
648 			pdev = &ab->pdevs[i];
649 		else
650 			pdev = rcu_dereference(ab->pdevs_active[i]);
651 
652 		if (pdev && pdev->pdev_id == pdev_id)
653 			return (pdev->ar ? pdev->ar : NULL);
654 	}
655 
656 	return NULL;
657 }
658 
659 struct ath11k_vif *ath11k_mac_get_vif_up(struct ath11k_base *ab)
660 {
661 	struct ath11k *ar;
662 	struct ath11k_pdev *pdev;
663 	struct ath11k_vif *arvif;
664 	int i;
665 
666 	for (i = 0; i < ab->num_radios; i++) {
667 		pdev = &ab->pdevs[i];
668 		ar = pdev->ar;
669 		list_for_each_entry(arvif, &ar->arvifs, list) {
670 			if (arvif->is_up)
671 				return arvif;
672 		}
673 	}
674 
675 	return NULL;
676 }
677 
678 static bool ath11k_mac_band_match(enum nl80211_band band1, enum WMI_HOST_WLAN_BAND band2)
679 {
680 	return (((band1 == NL80211_BAND_2GHZ) && (band2 & WMI_HOST_WLAN_2G_CAP)) ||
681 		(((band1 == NL80211_BAND_5GHZ) || (band1 == NL80211_BAND_6GHZ)) &&
682 		   (band2 & WMI_HOST_WLAN_5G_CAP)));
683 }
684 
685 u8 ath11k_mac_get_target_pdev_id_from_vif(struct ath11k_vif *arvif)
686 {
687 	struct ath11k *ar = arvif->ar;
688 	struct ath11k_base *ab = ar->ab;
689 	struct ieee80211_vif *vif = arvif->vif;
690 	struct cfg80211_chan_def def;
691 	enum nl80211_band band;
692 	u8 pdev_id = ab->target_pdev_ids[0].pdev_id;
693 	int i;
694 
695 	if (WARN_ON(ath11k_mac_vif_chan(vif, &def)))
696 		return pdev_id;
697 
698 	band = def.chan->band;
699 
700 	for (i = 0; i < ab->target_pdev_count; i++) {
701 		if (ath11k_mac_band_match(band, ab->target_pdev_ids[i].supported_bands))
702 			return ab->target_pdev_ids[i].pdev_id;
703 	}
704 
705 	return pdev_id;
706 }
707 
708 u8 ath11k_mac_get_target_pdev_id(struct ath11k *ar)
709 {
710 	struct ath11k_vif *arvif;
711 
712 	arvif = ath11k_mac_get_vif_up(ar->ab);
713 
714 	if (arvif)
715 		return ath11k_mac_get_target_pdev_id_from_vif(arvif);
716 	else
717 		return ar->ab->target_pdev_ids[0].pdev_id;
718 }
719 
720 static void ath11k_pdev_caps_update(struct ath11k *ar)
721 {
722 	struct ath11k_base *ab = ar->ab;
723 
724 	ar->max_tx_power = ab->target_caps.hw_max_tx_power;
725 
726 	/* FIXME Set min_tx_power to ab->target_caps.hw_min_tx_power.
727 	 * But since the received value in svcrdy is same as hw_max_tx_power,
728 	 * we can set ar->min_tx_power to 0 currently until
729 	 * this is fixed in firmware
730 	 */
731 	ar->min_tx_power = 0;
732 
733 	ar->txpower_limit_2g = ar->max_tx_power;
734 	ar->txpower_limit_5g = ar->max_tx_power;
735 	ar->txpower_scale = WMI_HOST_TP_SCALE_MAX;
736 }
737 
738 static int ath11k_mac_txpower_recalc(struct ath11k *ar)
739 {
740 	struct ath11k_pdev *pdev = ar->pdev;
741 	struct ath11k_vif *arvif;
742 	int ret, txpower = -1;
743 	u32 param;
744 
745 	lockdep_assert_held(&ar->conf_mutex);
746 
747 	list_for_each_entry(arvif, &ar->arvifs, list) {
748 		if (arvif->txpower <= 0)
749 			continue;
750 
751 		if (txpower == -1)
752 			txpower = arvif->txpower;
753 		else
754 			txpower = min(txpower, arvif->txpower);
755 	}
756 
757 	if (txpower == -1)
758 		return 0;
759 
760 	/* txpwr is set as 2 units per dBm in FW*/
761 	txpower = min_t(u32, max_t(u32, ar->min_tx_power, txpower),
762 			ar->max_tx_power) * 2;
763 
764 	ath11k_dbg(ar->ab, ATH11K_DBG_MAC, "txpower to set in hw %d\n",
765 		   txpower / 2);
766 
767 	if ((pdev->cap.supported_bands & WMI_HOST_WLAN_2G_CAP) &&
768 	    ar->txpower_limit_2g != txpower) {
769 		param = WMI_PDEV_PARAM_TXPOWER_LIMIT2G;
770 		ret = ath11k_wmi_pdev_set_param(ar, param,
771 						txpower, ar->pdev->pdev_id);
772 		if (ret)
773 			goto fail;
774 		ar->txpower_limit_2g = txpower;
775 	}
776 
777 	if ((pdev->cap.supported_bands & WMI_HOST_WLAN_5G_CAP) &&
778 	    ar->txpower_limit_5g != txpower) {
779 		param = WMI_PDEV_PARAM_TXPOWER_LIMIT5G;
780 		ret = ath11k_wmi_pdev_set_param(ar, param,
781 						txpower, ar->pdev->pdev_id);
782 		if (ret)
783 			goto fail;
784 		ar->txpower_limit_5g = txpower;
785 	}
786 
787 	return 0;
788 
789 fail:
790 	ath11k_warn(ar->ab, "failed to recalc txpower limit %d using pdev param %d: %d\n",
791 		    txpower / 2, param, ret);
792 	return ret;
793 }
794 
795 static int ath11k_recalc_rtscts_prot(struct ath11k_vif *arvif)
796 {
797 	struct ath11k *ar = arvif->ar;
798 	u32 vdev_param, rts_cts = 0;
799 	int ret;
800 
801 	lockdep_assert_held(&ar->conf_mutex);
802 
803 	vdev_param = WMI_VDEV_PARAM_ENABLE_RTSCTS;
804 
805 	/* Enable RTS/CTS protection for sw retries (when legacy stations
806 	 * are in BSS) or by default only for second rate series.
807 	 * TODO: Check if we need to enable CTS 2 Self in any case
808 	 */
809 	rts_cts = WMI_USE_RTS_CTS;
810 
811 	if (arvif->num_legacy_stations > 0)
812 		rts_cts |= WMI_RTSCTS_ACROSS_SW_RETRIES << 4;
813 	else
814 		rts_cts |= WMI_RTSCTS_FOR_SECOND_RATESERIES << 4;
815 
816 	/* Need not send duplicate param value to firmware */
817 	if (arvif->rtscts_prot_mode == rts_cts)
818 		return 0;
819 
820 	arvif->rtscts_prot_mode = rts_cts;
821 
822 	ath11k_dbg(ar->ab, ATH11K_DBG_MAC, "vdev %d recalc rts/cts prot %d\n",
823 		   arvif->vdev_id, rts_cts);
824 
825 	ret =  ath11k_wmi_vdev_set_param_cmd(ar, arvif->vdev_id,
826 					     vdev_param, rts_cts);
827 	if (ret)
828 		ath11k_warn(ar->ab, "failed to recalculate rts/cts prot for vdev %d: %d\n",
829 			    arvif->vdev_id, ret);
830 
831 	return ret;
832 }
833 
834 static int ath11k_mac_set_kickout(struct ath11k_vif *arvif)
835 {
836 	struct ath11k *ar = arvif->ar;
837 	u32 param;
838 	int ret;
839 
840 	ret = ath11k_wmi_pdev_set_param(ar, WMI_PDEV_PARAM_STA_KICKOUT_TH,
841 					ATH11K_KICKOUT_THRESHOLD,
842 					ar->pdev->pdev_id);
843 	if (ret) {
844 		ath11k_warn(ar->ab, "failed to set kickout threshold on vdev %i: %d\n",
845 			    arvif->vdev_id, ret);
846 		return ret;
847 	}
848 
849 	param = WMI_VDEV_PARAM_AP_KEEPALIVE_MIN_IDLE_INACTIVE_TIME_SECS;
850 	ret = ath11k_wmi_vdev_set_param_cmd(ar, arvif->vdev_id, param,
851 					    ATH11K_KEEPALIVE_MIN_IDLE);
852 	if (ret) {
853 		ath11k_warn(ar->ab, "failed to set keepalive minimum idle time on vdev %i: %d\n",
854 			    arvif->vdev_id, ret);
855 		return ret;
856 	}
857 
858 	param = WMI_VDEV_PARAM_AP_KEEPALIVE_MAX_IDLE_INACTIVE_TIME_SECS;
859 	ret = ath11k_wmi_vdev_set_param_cmd(ar, arvif->vdev_id, param,
860 					    ATH11K_KEEPALIVE_MAX_IDLE);
861 	if (ret) {
862 		ath11k_warn(ar->ab, "failed to set keepalive maximum idle time on vdev %i: %d\n",
863 			    arvif->vdev_id, ret);
864 		return ret;
865 	}
866 
867 	param = WMI_VDEV_PARAM_AP_KEEPALIVE_MAX_UNRESPONSIVE_TIME_SECS;
868 	ret = ath11k_wmi_vdev_set_param_cmd(ar, arvif->vdev_id, param,
869 					    ATH11K_KEEPALIVE_MAX_UNRESPONSIVE);
870 	if (ret) {
871 		ath11k_warn(ar->ab, "failed to set keepalive maximum unresponsive time on vdev %i: %d\n",
872 			    arvif->vdev_id, ret);
873 		return ret;
874 	}
875 
876 	return 0;
877 }
878 
879 void ath11k_mac_peer_cleanup_all(struct ath11k *ar)
880 {
881 	struct ath11k_peer *peer, *tmp;
882 	struct ath11k_base *ab = ar->ab;
883 
884 	lockdep_assert_held(&ar->conf_mutex);
885 
886 	mutex_lock(&ab->tbl_mtx_lock);
887 	spin_lock_bh(&ab->base_lock);
888 	list_for_each_entry_safe(peer, tmp, &ab->peers, list) {
889 		ath11k_peer_rx_tid_cleanup(ar, peer);
890 		ath11k_peer_rhash_delete(ab, peer);
891 		list_del(&peer->list);
892 		kfree(peer);
893 	}
894 	spin_unlock_bh(&ab->base_lock);
895 	mutex_unlock(&ab->tbl_mtx_lock);
896 
897 	ar->num_peers = 0;
898 	ar->num_stations = 0;
899 }
900 
901 static inline int ath11k_mac_vdev_setup_sync(struct ath11k *ar)
902 {
903 	lockdep_assert_held(&ar->conf_mutex);
904 
905 	if (test_bit(ATH11K_FLAG_CRASH_FLUSH, &ar->ab->dev_flags))
906 		return -ESHUTDOWN;
907 
908 	if (!wait_for_completion_timeout(&ar->vdev_setup_done,
909 					 ATH11K_VDEV_SETUP_TIMEOUT_HZ))
910 		return -ETIMEDOUT;
911 
912 	return ar->last_wmi_vdev_start_status ? -EINVAL : 0;
913 }
914 
915 static void
916 ath11k_mac_get_any_chandef_iter(struct ieee80211_hw *hw,
917 				struct ieee80211_chanctx_conf *conf,
918 				void *data)
919 {
920 	struct cfg80211_chan_def **def = data;
921 
922 	*def = &conf->def;
923 }
924 
925 static int ath11k_mac_monitor_vdev_start(struct ath11k *ar, int vdev_id,
926 					 struct cfg80211_chan_def *chandef)
927 {
928 	struct ieee80211_channel *channel;
929 	struct wmi_vdev_start_req_arg arg = {};
930 	int ret;
931 
932 	lockdep_assert_held(&ar->conf_mutex);
933 
934 	channel = chandef->chan;
935 
936 	arg.vdev_id = vdev_id;
937 	arg.channel.freq = channel->center_freq;
938 	arg.channel.band_center_freq1 = chandef->center_freq1;
939 	arg.channel.band_center_freq2 = chandef->center_freq2;
940 
941 	arg.channel.mode = ath11k_phymodes[chandef->chan->band][chandef->width];
942 	arg.channel.chan_radar = !!(channel->flags & IEEE80211_CHAN_RADAR);
943 
944 	arg.channel.min_power = 0;
945 	arg.channel.max_power = channel->max_power;
946 	arg.channel.max_reg_power = channel->max_reg_power;
947 	arg.channel.max_antenna_gain = channel->max_antenna_gain;
948 
949 	arg.pref_tx_streams = ar->num_tx_chains;
950 	arg.pref_rx_streams = ar->num_rx_chains;
951 
952 	arg.channel.passive = !!(chandef->chan->flags & IEEE80211_CHAN_NO_IR);
953 
954 	reinit_completion(&ar->vdev_setup_done);
955 	reinit_completion(&ar->vdev_delete_done);
956 
957 	ret = ath11k_wmi_vdev_start(ar, &arg, false);
958 	if (ret) {
959 		ath11k_warn(ar->ab, "failed to request monitor vdev %i start: %d\n",
960 			    vdev_id, ret);
961 		return ret;
962 	}
963 
964 	ret = ath11k_mac_vdev_setup_sync(ar);
965 	if (ret) {
966 		ath11k_warn(ar->ab, "failed to synchronize setup for monitor vdev %i start: %d\n",
967 			    vdev_id, ret);
968 		return ret;
969 	}
970 
971 	ret = ath11k_wmi_vdev_up(ar, vdev_id, 0, ar->mac_addr, NULL, 0, 0);
972 	if (ret) {
973 		ath11k_warn(ar->ab, "failed to put up monitor vdev %i: %d\n",
974 			    vdev_id, ret);
975 		goto vdev_stop;
976 	}
977 
978 	ath11k_dbg(ar->ab, ATH11K_DBG_MAC, "monitor vdev %i started\n",
979 		   vdev_id);
980 
981 	return 0;
982 
983 vdev_stop:
984 	reinit_completion(&ar->vdev_setup_done);
985 
986 	ret = ath11k_wmi_vdev_stop(ar, vdev_id);
987 	if (ret) {
988 		ath11k_warn(ar->ab, "failed to stop monitor vdev %i after start failure: %d\n",
989 			    vdev_id, ret);
990 		return ret;
991 	}
992 
993 	ret = ath11k_mac_vdev_setup_sync(ar);
994 	if (ret) {
995 		ath11k_warn(ar->ab, "failed to synchronize setup for vdev %i stop: %d\n",
996 			    vdev_id, ret);
997 		return ret;
998 	}
999 
1000 	return -EIO;
1001 }
1002 
1003 static int ath11k_mac_monitor_vdev_stop(struct ath11k *ar)
1004 {
1005 	int ret;
1006 
1007 	lockdep_assert_held(&ar->conf_mutex);
1008 
1009 	reinit_completion(&ar->vdev_setup_done);
1010 
1011 	ret = ath11k_wmi_vdev_stop(ar, ar->monitor_vdev_id);
1012 	if (ret) {
1013 		ath11k_warn(ar->ab, "failed to request monitor vdev %i stop: %d\n",
1014 			    ar->monitor_vdev_id, ret);
1015 		return ret;
1016 	}
1017 
1018 	ret = ath11k_mac_vdev_setup_sync(ar);
1019 	if (ret) {
1020 		ath11k_warn(ar->ab, "failed to synchronize monitor vdev %i stop: %d\n",
1021 			    ar->monitor_vdev_id, ret);
1022 		return ret;
1023 	}
1024 
1025 	ret = ath11k_wmi_vdev_down(ar, ar->monitor_vdev_id);
1026 	if (ret) {
1027 		ath11k_warn(ar->ab, "failed to put down monitor vdev %i: %d\n",
1028 			    ar->monitor_vdev_id, ret);
1029 		return ret;
1030 	}
1031 
1032 	ath11k_dbg(ar->ab, ATH11K_DBG_MAC, "monitor vdev %i stopped\n",
1033 		   ar->monitor_vdev_id);
1034 
1035 	return 0;
1036 }
1037 
1038 static int ath11k_mac_monitor_vdev_create(struct ath11k *ar)
1039 {
1040 	struct ath11k_pdev *pdev = ar->pdev;
1041 	struct vdev_create_params param = {};
1042 	int bit, ret;
1043 	u8 tmp_addr[6] = {0};
1044 	u16 nss;
1045 
1046 	lockdep_assert_held(&ar->conf_mutex);
1047 
1048 	if (test_bit(ATH11K_FLAG_MONITOR_VDEV_CREATED, &ar->monitor_flags))
1049 		return 0;
1050 
1051 	if (ar->ab->free_vdev_map == 0) {
1052 		ath11k_warn(ar->ab, "failed to find free vdev id for monitor vdev\n");
1053 		return -ENOMEM;
1054 	}
1055 
1056 	bit = __ffs64(ar->ab->free_vdev_map);
1057 
1058 	ar->monitor_vdev_id = bit;
1059 
1060 	param.if_id = ar->monitor_vdev_id;
1061 	param.type = WMI_VDEV_TYPE_MONITOR;
1062 	param.subtype = WMI_VDEV_SUBTYPE_NONE;
1063 	param.pdev_id = pdev->pdev_id;
1064 
1065 	if (pdev->cap.supported_bands & WMI_HOST_WLAN_2G_CAP) {
1066 		param.chains[NL80211_BAND_2GHZ].tx = ar->num_tx_chains;
1067 		param.chains[NL80211_BAND_2GHZ].rx = ar->num_rx_chains;
1068 	}
1069 	if (pdev->cap.supported_bands & WMI_HOST_WLAN_5G_CAP) {
1070 		param.chains[NL80211_BAND_5GHZ].tx = ar->num_tx_chains;
1071 		param.chains[NL80211_BAND_5GHZ].rx = ar->num_rx_chains;
1072 	}
1073 
1074 	ret = ath11k_wmi_vdev_create(ar, tmp_addr, &param);
1075 	if (ret) {
1076 		ath11k_warn(ar->ab, "failed to request monitor vdev %i creation: %d\n",
1077 			    ar->monitor_vdev_id, ret);
1078 		ar->monitor_vdev_id = -1;
1079 		return ret;
1080 	}
1081 
1082 	nss = get_num_chains(ar->cfg_tx_chainmask) ? : 1;
1083 	ret = ath11k_wmi_vdev_set_param_cmd(ar, ar->monitor_vdev_id,
1084 					    WMI_VDEV_PARAM_NSS, nss);
1085 	if (ret) {
1086 		ath11k_warn(ar->ab, "failed to set vdev %d chainmask 0x%x, nss %d :%d\n",
1087 			    ar->monitor_vdev_id, ar->cfg_tx_chainmask, nss, ret);
1088 		goto err_vdev_del;
1089 	}
1090 
1091 	ret = ath11k_mac_txpower_recalc(ar);
1092 	if (ret) {
1093 		ath11k_warn(ar->ab, "failed to recalc txpower for monitor vdev %d: %d\n",
1094 			    ar->monitor_vdev_id, ret);
1095 		goto err_vdev_del;
1096 	}
1097 
1098 	ar->allocated_vdev_map |= 1LL << ar->monitor_vdev_id;
1099 	ar->ab->free_vdev_map &= ~(1LL << ar->monitor_vdev_id);
1100 	ar->num_created_vdevs++;
1101 	set_bit(ATH11K_FLAG_MONITOR_VDEV_CREATED, &ar->monitor_flags);
1102 
1103 	ath11k_dbg(ar->ab, ATH11K_DBG_MAC, "monitor vdev %d created\n",
1104 		   ar->monitor_vdev_id);
1105 
1106 	return 0;
1107 
1108 err_vdev_del:
1109 	ath11k_wmi_vdev_delete(ar, ar->monitor_vdev_id);
1110 	ar->monitor_vdev_id = -1;
1111 	return ret;
1112 }
1113 
1114 static int ath11k_mac_monitor_vdev_delete(struct ath11k *ar)
1115 {
1116 	int ret;
1117 	unsigned long time_left;
1118 
1119 	lockdep_assert_held(&ar->conf_mutex);
1120 
1121 	if (!test_bit(ATH11K_FLAG_MONITOR_VDEV_CREATED, &ar->monitor_flags))
1122 		return 0;
1123 
1124 	reinit_completion(&ar->vdev_delete_done);
1125 
1126 	ret = ath11k_wmi_vdev_delete(ar, ar->monitor_vdev_id);
1127 	if (ret) {
1128 		ath11k_warn(ar->ab, "failed to request wmi monitor vdev %i removal: %d\n",
1129 			    ar->monitor_vdev_id, ret);
1130 		return ret;
1131 	}
1132 
1133 	time_left = wait_for_completion_timeout(&ar->vdev_delete_done,
1134 						ATH11K_VDEV_DELETE_TIMEOUT_HZ);
1135 	if (time_left == 0) {
1136 		ath11k_warn(ar->ab, "Timeout in receiving vdev delete response\n");
1137 	} else {
1138 		ath11k_dbg(ar->ab, ATH11K_DBG_MAC, "monitor vdev %d deleted\n",
1139 			   ar->monitor_vdev_id);
1140 
1141 		ar->allocated_vdev_map &= ~(1LL << ar->monitor_vdev_id);
1142 		ar->ab->free_vdev_map |= 1LL << (ar->monitor_vdev_id);
1143 		ar->num_created_vdevs--;
1144 		ar->monitor_vdev_id = -1;
1145 		clear_bit(ATH11K_FLAG_MONITOR_VDEV_CREATED, &ar->monitor_flags);
1146 	}
1147 
1148 	return ret;
1149 }
1150 
1151 static int ath11k_mac_monitor_start(struct ath11k *ar)
1152 {
1153 	struct cfg80211_chan_def *chandef = NULL;
1154 	int ret;
1155 
1156 	lockdep_assert_held(&ar->conf_mutex);
1157 
1158 	if (test_bit(ATH11K_FLAG_MONITOR_STARTED, &ar->monitor_flags))
1159 		return 0;
1160 
1161 	ieee80211_iter_chan_contexts_atomic(ar->hw,
1162 					    ath11k_mac_get_any_chandef_iter,
1163 					    &chandef);
1164 	if (!chandef)
1165 		return 0;
1166 
1167 	ret = ath11k_mac_monitor_vdev_start(ar, ar->monitor_vdev_id, chandef);
1168 	if (ret) {
1169 		ath11k_warn(ar->ab, "failed to start monitor vdev: %d\n", ret);
1170 		ath11k_mac_monitor_vdev_delete(ar);
1171 		return ret;
1172 	}
1173 
1174 	set_bit(ATH11K_FLAG_MONITOR_STARTED, &ar->monitor_flags);
1175 
1176 	ar->num_started_vdevs++;
1177 	ret = ath11k_dp_tx_htt_monitor_mode_ring_config(ar, false);
1178 	if (ret) {
1179 		ath11k_warn(ar->ab, "failed to configure htt monitor mode ring during start: %d",
1180 			    ret);
1181 		return ret;
1182 	}
1183 
1184 	ath11k_dbg(ar->ab, ATH11K_DBG_MAC, "monitor started\n");
1185 
1186 	return 0;
1187 }
1188 
1189 static int ath11k_mac_monitor_stop(struct ath11k *ar)
1190 {
1191 	int ret;
1192 
1193 	lockdep_assert_held(&ar->conf_mutex);
1194 
1195 	if (!test_bit(ATH11K_FLAG_MONITOR_STARTED, &ar->monitor_flags))
1196 		return 0;
1197 
1198 	ret = ath11k_mac_monitor_vdev_stop(ar);
1199 	if (ret) {
1200 		ath11k_warn(ar->ab, "failed to stop monitor vdev: %d\n", ret);
1201 		return ret;
1202 	}
1203 
1204 	clear_bit(ATH11K_FLAG_MONITOR_STARTED, &ar->monitor_flags);
1205 	ar->num_started_vdevs--;
1206 
1207 	ret = ath11k_dp_tx_htt_monitor_mode_ring_config(ar, true);
1208 	if (ret) {
1209 		ath11k_warn(ar->ab, "failed to configure htt monitor mode ring during stop: %d",
1210 			    ret);
1211 		return ret;
1212 	}
1213 
1214 	ath11k_dbg(ar->ab, ATH11K_DBG_MAC, "monitor stopped ret %d\n", ret);
1215 
1216 	return 0;
1217 }
1218 
1219 static int ath11k_mac_vif_setup_ps(struct ath11k_vif *arvif)
1220 {
1221 	struct ath11k *ar = arvif->ar;
1222 	struct ieee80211_vif *vif = arvif->vif;
1223 	struct ieee80211_conf *conf = &ar->hw->conf;
1224 	enum wmi_sta_powersave_param param;
1225 	enum wmi_sta_ps_mode psmode;
1226 	int ret;
1227 	int timeout;
1228 	bool enable_ps;
1229 
1230 	lockdep_assert_held(&arvif->ar->conf_mutex);
1231 
1232 	if (arvif->vif->type != NL80211_IFTYPE_STATION)
1233 		return 0;
1234 
1235 	enable_ps = arvif->ps;
1236 
1237 	if (!arvif->is_started) {
1238 		/* mac80211 can update vif powersave state while disconnected.
1239 		 * Firmware doesn't behave nicely and consumes more power than
1240 		 * necessary if PS is disabled on a non-started vdev. Hence
1241 		 * force-enable PS for non-running vdevs.
1242 		 */
1243 		psmode = WMI_STA_PS_MODE_ENABLED;
1244 	} else if (enable_ps) {
1245 		psmode = WMI_STA_PS_MODE_ENABLED;
1246 		param = WMI_STA_PS_PARAM_INACTIVITY_TIME;
1247 
1248 		timeout = conf->dynamic_ps_timeout;
1249 		if (timeout == 0) {
1250 			/* firmware doesn't like 0 */
1251 			timeout = ieee80211_tu_to_usec(vif->bss_conf.beacon_int) / 1000;
1252 		}
1253 
1254 		ret = ath11k_wmi_set_sta_ps_param(ar, arvif->vdev_id, param,
1255 						  timeout);
1256 		if (ret) {
1257 			ath11k_warn(ar->ab, "failed to set inactivity time for vdev %d: %i\n",
1258 				    arvif->vdev_id, ret);
1259 			return ret;
1260 		}
1261 	} else {
1262 		psmode = WMI_STA_PS_MODE_DISABLED;
1263 	}
1264 
1265 	ath11k_dbg(ar->ab, ATH11K_DBG_MAC, "vdev %d psmode %s\n",
1266 		   arvif->vdev_id, psmode ? "enable" : "disable");
1267 
1268 	ret = ath11k_wmi_pdev_set_ps_mode(ar, arvif->vdev_id, psmode);
1269 	if (ret) {
1270 		ath11k_warn(ar->ab, "failed to set sta power save mode %d for vdev %d: %d\n",
1271 			    psmode, arvif->vdev_id, ret);
1272 		return ret;
1273 	}
1274 
1275 	return 0;
1276 }
1277 
1278 static int ath11k_mac_config_ps(struct ath11k *ar)
1279 {
1280 	struct ath11k_vif *arvif;
1281 	int ret = 0;
1282 
1283 	lockdep_assert_held(&ar->conf_mutex);
1284 
1285 	list_for_each_entry(arvif, &ar->arvifs, list) {
1286 		ret = ath11k_mac_vif_setup_ps(arvif);
1287 		if (ret) {
1288 			ath11k_warn(ar->ab, "failed to setup powersave: %d\n", ret);
1289 			break;
1290 		}
1291 	}
1292 
1293 	return ret;
1294 }
1295 
1296 static int ath11k_mac_op_config(struct ieee80211_hw *hw, u32 changed)
1297 {
1298 	struct ath11k *ar = hw->priv;
1299 	struct ieee80211_conf *conf = &hw->conf;
1300 	int ret = 0;
1301 
1302 	mutex_lock(&ar->conf_mutex);
1303 
1304 	if (changed & IEEE80211_CONF_CHANGE_MONITOR) {
1305 		if (conf->flags & IEEE80211_CONF_MONITOR) {
1306 			set_bit(ATH11K_FLAG_MONITOR_CONF_ENABLED, &ar->monitor_flags);
1307 
1308 			if (test_bit(ATH11K_FLAG_MONITOR_VDEV_CREATED,
1309 				     &ar->monitor_flags))
1310 				goto out;
1311 
1312 			ret = ath11k_mac_monitor_vdev_create(ar);
1313 			if (ret) {
1314 				ath11k_warn(ar->ab, "failed to create monitor vdev: %d",
1315 					    ret);
1316 				goto out;
1317 			}
1318 
1319 			ret = ath11k_mac_monitor_start(ar);
1320 			if (ret) {
1321 				ath11k_warn(ar->ab, "failed to start monitor: %d",
1322 					    ret);
1323 				goto err_mon_del;
1324 			}
1325 		} else {
1326 			clear_bit(ATH11K_FLAG_MONITOR_CONF_ENABLED, &ar->monitor_flags);
1327 
1328 			if (!test_bit(ATH11K_FLAG_MONITOR_VDEV_CREATED,
1329 				      &ar->monitor_flags))
1330 				goto out;
1331 
1332 			ret = ath11k_mac_monitor_stop(ar);
1333 			if (ret) {
1334 				ath11k_warn(ar->ab, "failed to stop monitor: %d",
1335 					    ret);
1336 				goto out;
1337 			}
1338 
1339 			ret = ath11k_mac_monitor_vdev_delete(ar);
1340 			if (ret) {
1341 				ath11k_warn(ar->ab, "failed to delete monitor vdev: %d",
1342 					    ret);
1343 				goto out;
1344 			}
1345 		}
1346 	}
1347 
1348 out:
1349 	mutex_unlock(&ar->conf_mutex);
1350 	return ret;
1351 
1352 err_mon_del:
1353 	ath11k_mac_monitor_vdev_delete(ar);
1354 	mutex_unlock(&ar->conf_mutex);
1355 	return ret;
1356 }
1357 
1358 static void ath11k_mac_setup_nontx_vif_rsnie(struct ath11k_vif *arvif,
1359 					     bool tx_arvif_rsnie_present,
1360 					     const u8 *profile, u8 profile_len)
1361 {
1362 	if (cfg80211_find_ie(WLAN_EID_RSN, profile, profile_len)) {
1363 		arvif->rsnie_present = true;
1364 	} else if (tx_arvif_rsnie_present) {
1365 		int i;
1366 		u8 nie_len;
1367 		const u8 *nie = cfg80211_find_ext_ie(WLAN_EID_EXT_NON_INHERITANCE,
1368 						     profile, profile_len);
1369 		if (!nie)
1370 			return;
1371 
1372 		nie_len = nie[1];
1373 		nie += 2;
1374 		for (i = 0; i < nie_len; i++) {
1375 			if (nie[i] == WLAN_EID_RSN) {
1376 				arvif->rsnie_present = false;
1377 				break;
1378 			}
1379 		}
1380 	}
1381 }
1382 
1383 static bool ath11k_mac_set_nontx_vif_params(struct ath11k_vif *tx_arvif,
1384 					    struct ath11k_vif *arvif,
1385 					    struct sk_buff *bcn)
1386 {
1387 	struct ieee80211_mgmt *mgmt;
1388 	const u8 *ies, *profile, *next_profile;
1389 	int ies_len;
1390 
1391 	ies = bcn->data + ieee80211_get_hdrlen_from_skb(bcn);
1392 	mgmt = (struct ieee80211_mgmt *)bcn->data;
1393 	ies += sizeof(mgmt->u.beacon);
1394 	ies_len = skb_tail_pointer(bcn) - ies;
1395 
1396 	ies = cfg80211_find_ie(WLAN_EID_MULTIPLE_BSSID, ies, ies_len);
1397 	arvif->rsnie_present = tx_arvif->rsnie_present;
1398 
1399 	while (ies) {
1400 		u8 mbssid_len;
1401 
1402 		ies_len -= (2 + ies[1]);
1403 		mbssid_len = ies[1] - 1;
1404 		profile = &ies[3];
1405 
1406 		while (mbssid_len) {
1407 			u8 profile_len;
1408 
1409 			profile_len = profile[1];
1410 			next_profile = profile + (2 + profile_len);
1411 			mbssid_len -= (2 + profile_len);
1412 
1413 			profile += 2;
1414 			profile_len -= (2 + profile[1]);
1415 			profile += (2 + profile[1]); /* nontx capabilities */
1416 			profile_len -= (2 + profile[1]);
1417 			profile += (2 + profile[1]); /* SSID */
1418 			if (profile[2] == arvif->vif->bss_conf.bssid_index) {
1419 				profile_len -= 5;
1420 				profile = profile + 5;
1421 				ath11k_mac_setup_nontx_vif_rsnie(arvif,
1422 								 tx_arvif->rsnie_present,
1423 								 profile,
1424 								 profile_len);
1425 				return true;
1426 			}
1427 			profile = next_profile;
1428 		}
1429 		ies = cfg80211_find_ie(WLAN_EID_MULTIPLE_BSSID, profile,
1430 				       ies_len);
1431 	}
1432 
1433 	return false;
1434 }
1435 
1436 static void ath11k_mac_set_vif_params(struct ath11k_vif *arvif,
1437 				      struct sk_buff *bcn)
1438 {
1439 	struct ieee80211_mgmt *mgmt;
1440 	u8 *ies;
1441 
1442 	ies = bcn->data + ieee80211_get_hdrlen_from_skb(bcn);
1443 	mgmt = (struct ieee80211_mgmt *)bcn->data;
1444 	ies += sizeof(mgmt->u.beacon);
1445 
1446 	if (cfg80211_find_ie(WLAN_EID_RSN, ies, (skb_tail_pointer(bcn) - ies)))
1447 		arvif->rsnie_present = true;
1448 	else
1449 		arvif->rsnie_present = false;
1450 
1451 	if (cfg80211_find_vendor_ie(WLAN_OUI_MICROSOFT,
1452 				    WLAN_OUI_TYPE_MICROSOFT_WPA,
1453 				    ies, (skb_tail_pointer(bcn) - ies)))
1454 		arvif->wpaie_present = true;
1455 	else
1456 		arvif->wpaie_present = false;
1457 }
1458 
1459 static int ath11k_mac_setup_bcn_tmpl_ema(struct ath11k_vif *arvif)
1460 {
1461 	struct ath11k_vif *tx_arvif;
1462 	struct ieee80211_ema_beacons *beacons;
1463 	int ret = 0;
1464 	bool nontx_vif_params_set = false;
1465 	u32 params = 0;
1466 	u8 i = 0;
1467 
1468 	tx_arvif = ath11k_vif_to_arvif(arvif->vif->mbssid_tx_vif);
1469 
1470 	beacons = ieee80211_beacon_get_template_ema_list(tx_arvif->ar->hw,
1471 							 tx_arvif->vif, 0);
1472 	if (!beacons || !beacons->cnt) {
1473 		ath11k_warn(arvif->ar->ab,
1474 			    "failed to get ema beacon templates from mac80211\n");
1475 		return -EPERM;
1476 	}
1477 
1478 	if (tx_arvif == arvif)
1479 		ath11k_mac_set_vif_params(tx_arvif, beacons->bcn[0].skb);
1480 	else
1481 		arvif->wpaie_present = tx_arvif->wpaie_present;
1482 
1483 	for (i = 0; i < beacons->cnt; i++) {
1484 		if (tx_arvif != arvif && !nontx_vif_params_set)
1485 			nontx_vif_params_set =
1486 				ath11k_mac_set_nontx_vif_params(tx_arvif, arvif,
1487 								beacons->bcn[i].skb);
1488 
1489 		params = beacons->cnt;
1490 		params |= (i << WMI_EMA_TMPL_IDX_SHIFT);
1491 		params |= ((!i ? 1 : 0) << WMI_EMA_FIRST_TMPL_SHIFT);
1492 		params |= ((i + 1 == beacons->cnt ? 1 : 0) << WMI_EMA_LAST_TMPL_SHIFT);
1493 
1494 		ret = ath11k_wmi_bcn_tmpl(tx_arvif->ar, tx_arvif->vdev_id,
1495 					  &beacons->bcn[i].offs,
1496 					  beacons->bcn[i].skb, params);
1497 		if (ret) {
1498 			ath11k_warn(tx_arvif->ar->ab,
1499 				    "failed to set ema beacon template id %i error %d\n",
1500 				    i, ret);
1501 			break;
1502 		}
1503 	}
1504 
1505 	ieee80211_beacon_free_ema_list(beacons);
1506 
1507 	if (tx_arvif != arvif && !nontx_vif_params_set)
1508 		return -EINVAL; /* Profile not found in the beacons */
1509 
1510 	return ret;
1511 }
1512 
1513 static int ath11k_mac_setup_bcn_tmpl_mbssid(struct ath11k_vif *arvif)
1514 {
1515 	struct ath11k *ar = arvif->ar;
1516 	struct ath11k_base *ab = ar->ab;
1517 	struct ath11k_vif *tx_arvif = arvif;
1518 	struct ieee80211_hw *hw = ar->hw;
1519 	struct ieee80211_vif *vif = arvif->vif;
1520 	struct ieee80211_mutable_offsets offs = {};
1521 	struct sk_buff *bcn;
1522 	int ret;
1523 
1524 	if (vif->mbssid_tx_vif) {
1525 		tx_arvif = ath11k_vif_to_arvif(vif->mbssid_tx_vif);
1526 		if (tx_arvif != arvif) {
1527 			ar = tx_arvif->ar;
1528 			ab = ar->ab;
1529 			hw = ar->hw;
1530 			vif = tx_arvif->vif;
1531 		}
1532 	}
1533 
1534 	bcn = ieee80211_beacon_get_template(hw, vif, &offs, 0);
1535 	if (!bcn) {
1536 		ath11k_warn(ab, "failed to get beacon template from mac80211\n");
1537 		return -EPERM;
1538 	}
1539 
1540 	if (tx_arvif == arvif)
1541 		ath11k_mac_set_vif_params(tx_arvif, bcn);
1542 	else if (!ath11k_mac_set_nontx_vif_params(tx_arvif, arvif, bcn))
1543 		return -EINVAL;
1544 
1545 	ret = ath11k_wmi_bcn_tmpl(ar, arvif->vdev_id, &offs, bcn, 0);
1546 	kfree_skb(bcn);
1547 
1548 	if (ret)
1549 		ath11k_warn(ab, "failed to submit beacon template command: %d\n",
1550 			    ret);
1551 
1552 	return ret;
1553 }
1554 
1555 static int ath11k_mac_setup_bcn_tmpl(struct ath11k_vif *arvif)
1556 {
1557 	struct ieee80211_vif *vif = arvif->vif;
1558 
1559 	if (arvif->vdev_type != WMI_VDEV_TYPE_AP)
1560 		return 0;
1561 
1562 	/* Target does not expect beacon templates for the already up
1563 	 * non-transmitting interfaces, and results in a crash if sent.
1564 	 */
1565 	if (vif->mbssid_tx_vif &&
1566 	    arvif != ath11k_vif_to_arvif(vif->mbssid_tx_vif) && arvif->is_up)
1567 		return 0;
1568 
1569 	if (vif->bss_conf.ema_ap && vif->mbssid_tx_vif)
1570 		return ath11k_mac_setup_bcn_tmpl_ema(arvif);
1571 
1572 	return ath11k_mac_setup_bcn_tmpl_mbssid(arvif);
1573 }
1574 
1575 void ath11k_mac_bcn_tx_event(struct ath11k_vif *arvif)
1576 {
1577 	struct ieee80211_vif *vif = arvif->vif;
1578 
1579 	if (!vif->bss_conf.color_change_active && !arvif->bcca_zero_sent)
1580 		return;
1581 
1582 	if (vif->bss_conf.color_change_active &&
1583 	    ieee80211_beacon_cntdwn_is_complete(vif)) {
1584 		arvif->bcca_zero_sent = true;
1585 		ieee80211_color_change_finish(vif);
1586 		return;
1587 	}
1588 
1589 	arvif->bcca_zero_sent = false;
1590 
1591 	if (vif->bss_conf.color_change_active)
1592 		ieee80211_beacon_update_cntdwn(vif);
1593 	ath11k_mac_setup_bcn_tmpl(arvif);
1594 }
1595 
1596 static void ath11k_control_beaconing(struct ath11k_vif *arvif,
1597 				     struct ieee80211_bss_conf *info)
1598 {
1599 	struct ath11k *ar = arvif->ar;
1600 	struct ath11k_vif *tx_arvif = NULL;
1601 	int ret = 0;
1602 
1603 	lockdep_assert_held(&arvif->ar->conf_mutex);
1604 
1605 	if (!info->enable_beacon) {
1606 		ret = ath11k_wmi_vdev_down(ar, arvif->vdev_id);
1607 		if (ret)
1608 			ath11k_warn(ar->ab, "failed to down vdev_id %i: %d\n",
1609 				    arvif->vdev_id, ret);
1610 
1611 		arvif->is_up = false;
1612 		return;
1613 	}
1614 
1615 	/* Install the beacon template to the FW */
1616 	ret = ath11k_mac_setup_bcn_tmpl(arvif);
1617 	if (ret) {
1618 		ath11k_warn(ar->ab, "failed to update bcn tmpl during vdev up: %d\n",
1619 			    ret);
1620 		return;
1621 	}
1622 
1623 	arvif->tx_seq_no = 0x1000;
1624 
1625 	arvif->aid = 0;
1626 
1627 	ether_addr_copy(arvif->bssid, info->bssid);
1628 
1629 	if (arvif->vif->mbssid_tx_vif)
1630 		tx_arvif = ath11k_vif_to_arvif(arvif->vif->mbssid_tx_vif);
1631 
1632 	ret = ath11k_wmi_vdev_up(arvif->ar, arvif->vdev_id, arvif->aid,
1633 				 arvif->bssid,
1634 				 tx_arvif ? tx_arvif->bssid : NULL,
1635 				 info->bssid_index,
1636 				 1 << info->bssid_indicator);
1637 	if (ret) {
1638 		ath11k_warn(ar->ab, "failed to bring up vdev %d: %i\n",
1639 			    arvif->vdev_id, ret);
1640 		return;
1641 	}
1642 
1643 	arvif->is_up = true;
1644 
1645 	ath11k_dbg(ar->ab, ATH11K_DBG_MAC, "vdev %d up\n", arvif->vdev_id);
1646 }
1647 
1648 static void ath11k_mac_handle_beacon_iter(void *data, u8 *mac,
1649 					  struct ieee80211_vif *vif)
1650 {
1651 	struct sk_buff *skb = data;
1652 	struct ieee80211_mgmt *mgmt = (void *)skb->data;
1653 	struct ath11k_vif *arvif = ath11k_vif_to_arvif(vif);
1654 
1655 	if (vif->type != NL80211_IFTYPE_STATION)
1656 		return;
1657 
1658 	if (!ether_addr_equal(mgmt->bssid, vif->bss_conf.bssid))
1659 		return;
1660 
1661 	cancel_delayed_work(&arvif->connection_loss_work);
1662 }
1663 
1664 void ath11k_mac_handle_beacon(struct ath11k *ar, struct sk_buff *skb)
1665 {
1666 	ieee80211_iterate_active_interfaces_atomic(ar->hw,
1667 						   IEEE80211_IFACE_ITER_NORMAL,
1668 						   ath11k_mac_handle_beacon_iter,
1669 						   skb);
1670 }
1671 
1672 static void ath11k_mac_handle_beacon_miss_iter(void *data, u8 *mac,
1673 					       struct ieee80211_vif *vif)
1674 {
1675 	u32 *vdev_id = data;
1676 	struct ath11k_vif *arvif = ath11k_vif_to_arvif(vif);
1677 	struct ath11k *ar = arvif->ar;
1678 	struct ieee80211_hw *hw = ar->hw;
1679 
1680 	if (arvif->vdev_id != *vdev_id)
1681 		return;
1682 
1683 	if (!arvif->is_up)
1684 		return;
1685 
1686 	ieee80211_beacon_loss(vif);
1687 
1688 	/* Firmware doesn't report beacon loss events repeatedly. If AP probe
1689 	 * (done by mac80211) succeeds but beacons do not resume then it
1690 	 * doesn't make sense to continue operation. Queue connection loss work
1691 	 * which can be cancelled when beacon is received.
1692 	 */
1693 	ieee80211_queue_delayed_work(hw, &arvif->connection_loss_work,
1694 				     ATH11K_CONNECTION_LOSS_HZ);
1695 }
1696 
1697 void ath11k_mac_handle_beacon_miss(struct ath11k *ar, u32 vdev_id)
1698 {
1699 	ieee80211_iterate_active_interfaces_atomic(ar->hw,
1700 						   IEEE80211_IFACE_ITER_NORMAL,
1701 						   ath11k_mac_handle_beacon_miss_iter,
1702 						   &vdev_id);
1703 }
1704 
1705 static void ath11k_mac_vif_sta_connection_loss_work(struct work_struct *work)
1706 {
1707 	struct ath11k_vif *arvif = container_of(work, struct ath11k_vif,
1708 						connection_loss_work.work);
1709 	struct ieee80211_vif *vif = arvif->vif;
1710 
1711 	if (!arvif->is_up)
1712 		return;
1713 
1714 	ieee80211_connection_loss(vif);
1715 }
1716 
1717 static void ath11k_peer_assoc_h_basic(struct ath11k *ar,
1718 				      struct ieee80211_vif *vif,
1719 				      struct ieee80211_sta *sta,
1720 				      struct peer_assoc_params *arg)
1721 {
1722 	struct ath11k_vif *arvif = ath11k_vif_to_arvif(vif);
1723 	u32 aid;
1724 
1725 	lockdep_assert_held(&ar->conf_mutex);
1726 
1727 	if (vif->type == NL80211_IFTYPE_STATION)
1728 		aid = vif->cfg.aid;
1729 	else
1730 		aid = sta->aid;
1731 
1732 	ether_addr_copy(arg->peer_mac, sta->addr);
1733 	arg->vdev_id = arvif->vdev_id;
1734 	arg->peer_associd = aid;
1735 	arg->auth_flag = true;
1736 	/* TODO: STA WAR in ath10k for listen interval required? */
1737 	arg->peer_listen_intval = ar->hw->conf.listen_interval;
1738 	arg->peer_nss = 1;
1739 	arg->peer_caps = vif->bss_conf.assoc_capability;
1740 }
1741 
1742 static void ath11k_peer_assoc_h_crypto(struct ath11k *ar,
1743 				       struct ieee80211_vif *vif,
1744 				       struct ieee80211_sta *sta,
1745 				       struct peer_assoc_params *arg)
1746 {
1747 	struct ieee80211_bss_conf *info = &vif->bss_conf;
1748 	struct cfg80211_chan_def def;
1749 	struct cfg80211_bss *bss;
1750 	struct ath11k_vif *arvif = ath11k_vif_to_arvif(vif);
1751 	const u8 *rsnie = NULL;
1752 	const u8 *wpaie = NULL;
1753 
1754 	lockdep_assert_held(&ar->conf_mutex);
1755 
1756 	if (WARN_ON(ath11k_mac_vif_chan(vif, &def)))
1757 		return;
1758 
1759 	bss = cfg80211_get_bss(ar->hw->wiphy, def.chan, info->bssid, NULL, 0,
1760 			       IEEE80211_BSS_TYPE_ANY, IEEE80211_PRIVACY_ANY);
1761 
1762 	if (arvif->rsnie_present || arvif->wpaie_present) {
1763 		arg->need_ptk_4_way = true;
1764 		if (arvif->wpaie_present)
1765 			arg->need_gtk_2_way = true;
1766 	} else if (bss) {
1767 		const struct cfg80211_bss_ies *ies;
1768 
1769 		rcu_read_lock();
1770 		rsnie = ieee80211_bss_get_ie(bss, WLAN_EID_RSN);
1771 
1772 		ies = rcu_dereference(bss->ies);
1773 
1774 		wpaie = cfg80211_find_vendor_ie(WLAN_OUI_MICROSOFT,
1775 						WLAN_OUI_TYPE_MICROSOFT_WPA,
1776 						ies->data,
1777 						ies->len);
1778 		rcu_read_unlock();
1779 		cfg80211_put_bss(ar->hw->wiphy, bss);
1780 	}
1781 
1782 	/* FIXME: base on RSN IE/WPA IE is a correct idea? */
1783 	if (rsnie || wpaie) {
1784 		ath11k_dbg(ar->ab, ATH11K_DBG_WMI,
1785 			   "%s: rsn ie found\n", __func__);
1786 		arg->need_ptk_4_way = true;
1787 	}
1788 
1789 	if (wpaie) {
1790 		ath11k_dbg(ar->ab, ATH11K_DBG_WMI,
1791 			   "%s: wpa ie found\n", __func__);
1792 		arg->need_gtk_2_way = true;
1793 	}
1794 
1795 	if (sta->mfp) {
1796 		/* TODO: Need to check if FW supports PMF? */
1797 		arg->is_pmf_enabled = true;
1798 	}
1799 
1800 	/* TODO: safe_mode_enabled (bypass 4-way handshake) flag req? */
1801 }
1802 
1803 static void ath11k_peer_assoc_h_rates(struct ath11k *ar,
1804 				      struct ieee80211_vif *vif,
1805 				      struct ieee80211_sta *sta,
1806 				      struct peer_assoc_params *arg)
1807 {
1808 	struct ath11k_vif *arvif = ath11k_vif_to_arvif(vif);
1809 	struct wmi_rate_set_arg *rateset = &arg->peer_legacy_rates;
1810 	struct cfg80211_chan_def def;
1811 	const struct ieee80211_supported_band *sband;
1812 	const struct ieee80211_rate *rates;
1813 	enum nl80211_band band;
1814 	u32 ratemask;
1815 	u8 rate;
1816 	int i;
1817 
1818 	lockdep_assert_held(&ar->conf_mutex);
1819 
1820 	if (WARN_ON(ath11k_mac_vif_chan(vif, &def)))
1821 		return;
1822 
1823 	band = def.chan->band;
1824 	sband = ar->hw->wiphy->bands[band];
1825 	ratemask = sta->deflink.supp_rates[band];
1826 	ratemask &= arvif->bitrate_mask.control[band].legacy;
1827 	rates = sband->bitrates;
1828 
1829 	rateset->num_rates = 0;
1830 
1831 	for (i = 0; i < 32; i++, ratemask >>= 1, rates++) {
1832 		if (!(ratemask & 1))
1833 			continue;
1834 
1835 		rate = ath11k_mac_bitrate_to_rate(rates->bitrate);
1836 		rateset->rates[rateset->num_rates] = rate;
1837 		rateset->num_rates++;
1838 	}
1839 }
1840 
1841 static bool
1842 ath11k_peer_assoc_h_ht_masked(const u8 *ht_mcs_mask)
1843 {
1844 	int nss;
1845 
1846 	for (nss = 0; nss < IEEE80211_HT_MCS_MASK_LEN; nss++)
1847 		if (ht_mcs_mask[nss])
1848 			return false;
1849 
1850 	return true;
1851 }
1852 
1853 static bool
1854 ath11k_peer_assoc_h_vht_masked(const u16 *vht_mcs_mask)
1855 {
1856 	int nss;
1857 
1858 	for (nss = 0; nss < NL80211_VHT_NSS_MAX; nss++)
1859 		if (vht_mcs_mask[nss])
1860 			return false;
1861 
1862 	return true;
1863 }
1864 
1865 static void ath11k_peer_assoc_h_ht(struct ath11k *ar,
1866 				   struct ieee80211_vif *vif,
1867 				   struct ieee80211_sta *sta,
1868 				   struct peer_assoc_params *arg)
1869 {
1870 	const struct ieee80211_sta_ht_cap *ht_cap = &sta->deflink.ht_cap;
1871 	struct ath11k_vif *arvif = ath11k_vif_to_arvif(vif);
1872 	struct cfg80211_chan_def def;
1873 	enum nl80211_band band;
1874 	const u8 *ht_mcs_mask;
1875 	int i, n;
1876 	u8 max_nss;
1877 	u32 stbc;
1878 
1879 	lockdep_assert_held(&ar->conf_mutex);
1880 
1881 	if (WARN_ON(ath11k_mac_vif_chan(vif, &def)))
1882 		return;
1883 
1884 	if (!ht_cap->ht_supported)
1885 		return;
1886 
1887 	band = def.chan->band;
1888 	ht_mcs_mask = arvif->bitrate_mask.control[band].ht_mcs;
1889 
1890 	if (ath11k_peer_assoc_h_ht_masked(ht_mcs_mask))
1891 		return;
1892 
1893 	arg->ht_flag = true;
1894 
1895 	arg->peer_max_mpdu = (1 << (IEEE80211_HT_MAX_AMPDU_FACTOR +
1896 				    ht_cap->ampdu_factor)) - 1;
1897 
1898 	arg->peer_mpdu_density =
1899 		ath11k_parse_mpdudensity(ht_cap->ampdu_density);
1900 
1901 	arg->peer_ht_caps = ht_cap->cap;
1902 	arg->peer_rate_caps |= WMI_HOST_RC_HT_FLAG;
1903 
1904 	if (ht_cap->cap & IEEE80211_HT_CAP_LDPC_CODING)
1905 		arg->ldpc_flag = true;
1906 
1907 	if (sta->deflink.bandwidth >= IEEE80211_STA_RX_BW_40) {
1908 		arg->bw_40 = true;
1909 		arg->peer_rate_caps |= WMI_HOST_RC_CW40_FLAG;
1910 	}
1911 
1912 	/* As firmware handles this two flags (IEEE80211_HT_CAP_SGI_20
1913 	 * and IEEE80211_HT_CAP_SGI_40) for enabling SGI, we reset
1914 	 * both flags if guard interval is Default GI
1915 	 */
1916 	if (arvif->bitrate_mask.control[band].gi == NL80211_TXRATE_DEFAULT_GI)
1917 		arg->peer_ht_caps &= ~(IEEE80211_HT_CAP_SGI_20 |
1918 				IEEE80211_HT_CAP_SGI_40);
1919 
1920 	if (arvif->bitrate_mask.control[band].gi != NL80211_TXRATE_FORCE_LGI) {
1921 		if (ht_cap->cap & (IEEE80211_HT_CAP_SGI_20 |
1922 		    IEEE80211_HT_CAP_SGI_40))
1923 			arg->peer_rate_caps |= WMI_HOST_RC_SGI_FLAG;
1924 	}
1925 
1926 	if (ht_cap->cap & IEEE80211_HT_CAP_TX_STBC) {
1927 		arg->peer_rate_caps |= WMI_HOST_RC_TX_STBC_FLAG;
1928 		arg->stbc_flag = true;
1929 	}
1930 
1931 	if (ht_cap->cap & IEEE80211_HT_CAP_RX_STBC) {
1932 		stbc = ht_cap->cap & IEEE80211_HT_CAP_RX_STBC;
1933 		stbc = stbc >> IEEE80211_HT_CAP_RX_STBC_SHIFT;
1934 		stbc = stbc << WMI_HOST_RC_RX_STBC_FLAG_S;
1935 		arg->peer_rate_caps |= stbc;
1936 		arg->stbc_flag = true;
1937 	}
1938 
1939 	if (ht_cap->mcs.rx_mask[1] && ht_cap->mcs.rx_mask[2])
1940 		arg->peer_rate_caps |= WMI_HOST_RC_TS_FLAG;
1941 	else if (ht_cap->mcs.rx_mask[1])
1942 		arg->peer_rate_caps |= WMI_HOST_RC_DS_FLAG;
1943 
1944 	for (i = 0, n = 0, max_nss = 0; i < IEEE80211_HT_MCS_MASK_LEN * 8; i++)
1945 		if ((ht_cap->mcs.rx_mask[i / 8] & BIT(i % 8)) &&
1946 		    (ht_mcs_mask[i / 8] & BIT(i % 8))) {
1947 			max_nss = (i / 8) + 1;
1948 			arg->peer_ht_rates.rates[n++] = i;
1949 		}
1950 
1951 	/* This is a workaround for HT-enabled STAs which break the spec
1952 	 * and have no HT capabilities RX mask (no HT RX MCS map).
1953 	 *
1954 	 * As per spec, in section 20.3.5 Modulation and coding scheme (MCS),
1955 	 * MCS 0 through 7 are mandatory in 20MHz with 800 ns GI at all STAs.
1956 	 *
1957 	 * Firmware asserts if such situation occurs.
1958 	 */
1959 	if (n == 0) {
1960 		arg->peer_ht_rates.num_rates = 8;
1961 		for (i = 0; i < arg->peer_ht_rates.num_rates; i++)
1962 			arg->peer_ht_rates.rates[i] = i;
1963 	} else {
1964 		arg->peer_ht_rates.num_rates = n;
1965 		arg->peer_nss = min(sta->deflink.rx_nss, max_nss);
1966 	}
1967 
1968 	ath11k_dbg(ar->ab, ATH11K_DBG_MAC, "ht peer %pM mcs cnt %d nss %d\n",
1969 		   arg->peer_mac,
1970 		   arg->peer_ht_rates.num_rates,
1971 		   arg->peer_nss);
1972 }
1973 
1974 static int ath11k_mac_get_max_vht_mcs_map(u16 mcs_map, int nss)
1975 {
1976 	switch ((mcs_map >> (2 * nss)) & 0x3) {
1977 	case IEEE80211_VHT_MCS_SUPPORT_0_7: return BIT(8) - 1;
1978 	case IEEE80211_VHT_MCS_SUPPORT_0_8: return BIT(9) - 1;
1979 	case IEEE80211_VHT_MCS_SUPPORT_0_9: return BIT(10) - 1;
1980 	}
1981 	return 0;
1982 }
1983 
1984 static u16
1985 ath11k_peer_assoc_h_vht_limit(u16 tx_mcs_set,
1986 			      const u16 vht_mcs_limit[NL80211_VHT_NSS_MAX])
1987 {
1988 	int idx_limit;
1989 	int nss;
1990 	u16 mcs_map;
1991 	u16 mcs;
1992 
1993 	for (nss = 0; nss < NL80211_VHT_NSS_MAX; nss++) {
1994 		mcs_map = ath11k_mac_get_max_vht_mcs_map(tx_mcs_set, nss) &
1995 			  vht_mcs_limit[nss];
1996 
1997 		if (mcs_map)
1998 			idx_limit = fls(mcs_map) - 1;
1999 		else
2000 			idx_limit = -1;
2001 
2002 		switch (idx_limit) {
2003 		case 0:
2004 		case 1:
2005 		case 2:
2006 		case 3:
2007 		case 4:
2008 		case 5:
2009 		case 6:
2010 		case 7:
2011 			mcs = IEEE80211_VHT_MCS_SUPPORT_0_7;
2012 			break;
2013 		case 8:
2014 			mcs = IEEE80211_VHT_MCS_SUPPORT_0_8;
2015 			break;
2016 		case 9:
2017 			mcs = IEEE80211_VHT_MCS_SUPPORT_0_9;
2018 			break;
2019 		default:
2020 			WARN_ON(1);
2021 			fallthrough;
2022 		case -1:
2023 			mcs = IEEE80211_VHT_MCS_NOT_SUPPORTED;
2024 			break;
2025 		}
2026 
2027 		tx_mcs_set &= ~(0x3 << (nss * 2));
2028 		tx_mcs_set |= mcs << (nss * 2);
2029 	}
2030 
2031 	return tx_mcs_set;
2032 }
2033 
2034 static u8 ath11k_get_nss_160mhz(struct ath11k *ar,
2035 				u8 max_nss)
2036 {
2037 	u8 nss_ratio_info = ar->pdev->cap.nss_ratio_info;
2038 	u8 max_sup_nss = 0;
2039 
2040 	switch (nss_ratio_info) {
2041 	case WMI_NSS_RATIO_1BY2_NSS:
2042 		max_sup_nss = max_nss >> 1;
2043 		break;
2044 	case WMI_NSS_RATIO_3BY4_NSS:
2045 		ath11k_warn(ar->ab, "WMI_NSS_RATIO_3BY4_NSS not supported\n");
2046 		break;
2047 	case WMI_NSS_RATIO_1_NSS:
2048 		max_sup_nss = max_nss;
2049 		break;
2050 	case WMI_NSS_RATIO_2_NSS:
2051 		ath11k_warn(ar->ab, "WMI_NSS_RATIO_2_NSS not supported\n");
2052 		break;
2053 	default:
2054 		ath11k_warn(ar->ab, "invalid nss ratio received from firmware: %d\n",
2055 			    nss_ratio_info);
2056 		break;
2057 	}
2058 
2059 	return max_sup_nss;
2060 }
2061 
2062 static void ath11k_peer_assoc_h_vht(struct ath11k *ar,
2063 				    struct ieee80211_vif *vif,
2064 				    struct ieee80211_sta *sta,
2065 				    struct peer_assoc_params *arg)
2066 {
2067 	const struct ieee80211_sta_vht_cap *vht_cap = &sta->deflink.vht_cap;
2068 	struct ath11k_vif *arvif = ath11k_vif_to_arvif(vif);
2069 	struct cfg80211_chan_def def;
2070 	enum nl80211_band band;
2071 	u16 *vht_mcs_mask;
2072 	u8 ampdu_factor;
2073 	u8 max_nss, vht_mcs;
2074 	int i, vht_nss, nss_idx;
2075 	bool user_rate_valid = true;
2076 	u32 rx_nss, tx_nss, nss_160;
2077 
2078 	if (WARN_ON(ath11k_mac_vif_chan(vif, &def)))
2079 		return;
2080 
2081 	if (!vht_cap->vht_supported)
2082 		return;
2083 
2084 	band = def.chan->band;
2085 	vht_mcs_mask = arvif->bitrate_mask.control[band].vht_mcs;
2086 
2087 	if (ath11k_peer_assoc_h_vht_masked(vht_mcs_mask))
2088 		return;
2089 
2090 	arg->vht_flag = true;
2091 
2092 	/* TODO: similar flags required? */
2093 	arg->vht_capable = true;
2094 
2095 	if (def.chan->band == NL80211_BAND_2GHZ)
2096 		arg->vht_ng_flag = true;
2097 
2098 	arg->peer_vht_caps = vht_cap->cap;
2099 
2100 	ampdu_factor = (vht_cap->cap &
2101 			IEEE80211_VHT_CAP_MAX_A_MPDU_LENGTH_EXPONENT_MASK) >>
2102 		       IEEE80211_VHT_CAP_MAX_A_MPDU_LENGTH_EXPONENT_SHIFT;
2103 
2104 	/* Workaround: Some Netgear/Linksys 11ac APs set Rx A-MPDU factor to
2105 	 * zero in VHT IE. Using it would result in degraded throughput.
2106 	 * arg->peer_max_mpdu at this point contains HT max_mpdu so keep
2107 	 * it if VHT max_mpdu is smaller.
2108 	 */
2109 	arg->peer_max_mpdu = max(arg->peer_max_mpdu,
2110 				 (1U << (IEEE80211_HT_MAX_AMPDU_FACTOR +
2111 					ampdu_factor)) - 1);
2112 
2113 	if (sta->deflink.bandwidth == IEEE80211_STA_RX_BW_80)
2114 		arg->bw_80 = true;
2115 
2116 	if (sta->deflink.bandwidth == IEEE80211_STA_RX_BW_160)
2117 		arg->bw_160 = true;
2118 
2119 	vht_nss =  ath11k_mac_max_vht_nss(vht_mcs_mask);
2120 
2121 	if (vht_nss > sta->deflink.rx_nss) {
2122 		user_rate_valid = false;
2123 		for (nss_idx = sta->deflink.rx_nss - 1; nss_idx >= 0; nss_idx--) {
2124 			if (vht_mcs_mask[nss_idx]) {
2125 				user_rate_valid = true;
2126 				break;
2127 			}
2128 		}
2129 	}
2130 
2131 	if (!user_rate_valid) {
2132 		ath11k_dbg(ar->ab, ATH11K_DBG_MAC, "setting vht range mcs value to peer supported nss %d for peer %pM\n",
2133 			   sta->deflink.rx_nss, sta->addr);
2134 		vht_mcs_mask[sta->deflink.rx_nss - 1] = vht_mcs_mask[vht_nss - 1];
2135 	}
2136 
2137 	/* Calculate peer NSS capability from VHT capabilities if STA
2138 	 * supports VHT.
2139 	 */
2140 	for (i = 0, max_nss = 0; i < NL80211_VHT_NSS_MAX; i++) {
2141 		vht_mcs = __le16_to_cpu(vht_cap->vht_mcs.rx_mcs_map) >>
2142 			  (2 * i) & 3;
2143 
2144 		if (vht_mcs != IEEE80211_VHT_MCS_NOT_SUPPORTED &&
2145 		    vht_mcs_mask[i])
2146 			max_nss = i + 1;
2147 	}
2148 	arg->peer_nss = min(sta->deflink.rx_nss, max_nss);
2149 	arg->rx_max_rate = __le16_to_cpu(vht_cap->vht_mcs.rx_highest);
2150 	arg->rx_mcs_set = __le16_to_cpu(vht_cap->vht_mcs.rx_mcs_map);
2151 	arg->tx_max_rate = __le16_to_cpu(vht_cap->vht_mcs.tx_highest);
2152 	arg->tx_mcs_set = ath11k_peer_assoc_h_vht_limit(
2153 		__le16_to_cpu(vht_cap->vht_mcs.tx_mcs_map), vht_mcs_mask);
2154 
2155 	/* In IPQ8074 platform, VHT mcs rate 10 and 11 is enabled by default.
2156 	 * VHT mcs rate 10 and 11 is not suppoerted in 11ac standard.
2157 	 * so explicitly disable the VHT MCS rate 10 and 11 in 11ac mode.
2158 	 */
2159 	arg->tx_mcs_set &= ~IEEE80211_VHT_MCS_SUPPORT_0_11_MASK;
2160 	arg->tx_mcs_set |= IEEE80211_DISABLE_VHT_MCS_SUPPORT_0_11;
2161 
2162 	if ((arg->tx_mcs_set & IEEE80211_VHT_MCS_NOT_SUPPORTED) ==
2163 			IEEE80211_VHT_MCS_NOT_SUPPORTED)
2164 		arg->peer_vht_caps &= ~IEEE80211_VHT_CAP_MU_BEAMFORMEE_CAPABLE;
2165 
2166 	/* TODO:  Check */
2167 	arg->tx_max_mcs_nss = 0xFF;
2168 
2169 	if (arg->peer_phymode == MODE_11AC_VHT160 ||
2170 	    arg->peer_phymode == MODE_11AC_VHT80_80) {
2171 		tx_nss = ath11k_get_nss_160mhz(ar, max_nss);
2172 		rx_nss = min(arg->peer_nss, tx_nss);
2173 		arg->peer_bw_rxnss_override = ATH11K_BW_NSS_MAP_ENABLE;
2174 
2175 		if (!rx_nss) {
2176 			ath11k_warn(ar->ab, "invalid max_nss\n");
2177 			return;
2178 		}
2179 
2180 		if (arg->peer_phymode == MODE_11AC_VHT160)
2181 			nss_160 = FIELD_PREP(ATH11K_PEER_RX_NSS_160MHZ, rx_nss - 1);
2182 		else
2183 			nss_160 = FIELD_PREP(ATH11K_PEER_RX_NSS_80_80MHZ, rx_nss - 1);
2184 
2185 		arg->peer_bw_rxnss_override |= nss_160;
2186 	}
2187 
2188 	ath11k_dbg(ar->ab, ATH11K_DBG_MAC,
2189 		   "vht peer %pM max_mpdu %d flags 0x%x nss_override 0x%x\n",
2190 		   sta->addr, arg->peer_max_mpdu, arg->peer_flags,
2191 		   arg->peer_bw_rxnss_override);
2192 }
2193 
2194 static int ath11k_mac_get_max_he_mcs_map(u16 mcs_map, int nss)
2195 {
2196 	switch ((mcs_map >> (2 * nss)) & 0x3) {
2197 	case IEEE80211_HE_MCS_SUPPORT_0_7: return BIT(8) - 1;
2198 	case IEEE80211_HE_MCS_SUPPORT_0_9: return BIT(10) - 1;
2199 	case IEEE80211_HE_MCS_SUPPORT_0_11: return BIT(12) - 1;
2200 	}
2201 	return 0;
2202 }
2203 
2204 static u16 ath11k_peer_assoc_h_he_limit(u16 tx_mcs_set,
2205 					const u16 he_mcs_limit[NL80211_HE_NSS_MAX])
2206 {
2207 	int idx_limit;
2208 	int nss;
2209 	u16 mcs_map;
2210 	u16 mcs;
2211 
2212 	for (nss = 0; nss < NL80211_HE_NSS_MAX; nss++) {
2213 		mcs_map = ath11k_mac_get_max_he_mcs_map(tx_mcs_set, nss) &
2214 			he_mcs_limit[nss];
2215 
2216 		if (mcs_map)
2217 			idx_limit = fls(mcs_map) - 1;
2218 		else
2219 			idx_limit = -1;
2220 
2221 		switch (idx_limit) {
2222 		case 0 ... 7:
2223 			mcs = IEEE80211_HE_MCS_SUPPORT_0_7;
2224 			break;
2225 		case 8:
2226 		case 9:
2227 			mcs = IEEE80211_HE_MCS_SUPPORT_0_9;
2228 			break;
2229 		case 10:
2230 		case 11:
2231 			mcs = IEEE80211_HE_MCS_SUPPORT_0_11;
2232 			break;
2233 		default:
2234 			WARN_ON(1);
2235 			fallthrough;
2236 		case -1:
2237 			mcs = IEEE80211_HE_MCS_NOT_SUPPORTED;
2238 			break;
2239 		}
2240 
2241 		tx_mcs_set &= ~(0x3 << (nss * 2));
2242 		tx_mcs_set |= mcs << (nss * 2);
2243 	}
2244 
2245 	return tx_mcs_set;
2246 }
2247 
2248 static bool
2249 ath11k_peer_assoc_h_he_masked(const u16 *he_mcs_mask)
2250 {
2251 	int nss;
2252 
2253 	for (nss = 0; nss < NL80211_HE_NSS_MAX; nss++)
2254 		if (he_mcs_mask[nss])
2255 			return false;
2256 
2257 	return true;
2258 }
2259 
2260 static void ath11k_peer_assoc_h_he(struct ath11k *ar,
2261 				   struct ieee80211_vif *vif,
2262 				   struct ieee80211_sta *sta,
2263 				   struct peer_assoc_params *arg)
2264 {
2265 	struct ath11k_vif *arvif = ath11k_vif_to_arvif(vif);
2266 	struct cfg80211_chan_def def;
2267 	const struct ieee80211_sta_he_cap *he_cap = &sta->deflink.he_cap;
2268 	enum nl80211_band band;
2269 	u16 he_mcs_mask[NL80211_HE_NSS_MAX];
2270 	u8 max_nss, he_mcs;
2271 	u16 he_tx_mcs = 0, v = 0;
2272 	int i, he_nss, nss_idx;
2273 	bool user_rate_valid = true;
2274 	u32 rx_nss, tx_nss, nss_160;
2275 	u8 ampdu_factor, rx_mcs_80, rx_mcs_160;
2276 	u16 mcs_160_map, mcs_80_map;
2277 	bool support_160;
2278 
2279 	if (WARN_ON(ath11k_mac_vif_chan(vif, &def)))
2280 		return;
2281 
2282 	if (!he_cap->has_he)
2283 		return;
2284 
2285 	band = def.chan->band;
2286 	memcpy(he_mcs_mask, arvif->bitrate_mask.control[band].he_mcs,
2287 	       sizeof(he_mcs_mask));
2288 
2289 	if (ath11k_peer_assoc_h_he_masked(he_mcs_mask))
2290 		return;
2291 
2292 	arg->he_flag = true;
2293 	support_160 = !!(he_cap->he_cap_elem.phy_cap_info[0] &
2294 		  IEEE80211_HE_PHY_CAP0_CHANNEL_WIDTH_SET_160MHZ_IN_5G);
2295 
2296 	/* Supported HE-MCS and NSS Set of peer he_cap is intersection with self he_cp */
2297 	mcs_160_map = le16_to_cpu(he_cap->he_mcs_nss_supp.rx_mcs_160);
2298 	mcs_80_map = le16_to_cpu(he_cap->he_mcs_nss_supp.rx_mcs_80);
2299 
2300 	if (support_160) {
2301 		for (i = 7; i >= 0; i--) {
2302 			u8 mcs_160 = (mcs_160_map >> (2 * i)) & 3;
2303 
2304 			if (mcs_160 != IEEE80211_VHT_MCS_NOT_SUPPORTED) {
2305 				rx_mcs_160 = i + 1;
2306 				break;
2307 			}
2308 		}
2309 	}
2310 
2311 	for (i = 7; i >= 0; i--) {
2312 		u8 mcs_80 = (mcs_80_map >> (2 * i)) & 3;
2313 
2314 		if (mcs_80 != IEEE80211_VHT_MCS_NOT_SUPPORTED) {
2315 			rx_mcs_80 = i + 1;
2316 			break;
2317 		}
2318 	}
2319 
2320 	if (support_160)
2321 		max_nss = min(rx_mcs_80, rx_mcs_160);
2322 	else
2323 		max_nss = rx_mcs_80;
2324 
2325 	arg->peer_nss = min(sta->deflink.rx_nss, max_nss);
2326 
2327 	memcpy_and_pad(&arg->peer_he_cap_macinfo,
2328 		       sizeof(arg->peer_he_cap_macinfo),
2329 		       he_cap->he_cap_elem.mac_cap_info,
2330 		       sizeof(he_cap->he_cap_elem.mac_cap_info),
2331 		       0);
2332 	memcpy_and_pad(&arg->peer_he_cap_phyinfo,
2333 		       sizeof(arg->peer_he_cap_phyinfo),
2334 		       he_cap->he_cap_elem.phy_cap_info,
2335 		       sizeof(he_cap->he_cap_elem.phy_cap_info),
2336 		       0);
2337 	arg->peer_he_ops = vif->bss_conf.he_oper.params;
2338 
2339 	/* the top most byte is used to indicate BSS color info */
2340 	arg->peer_he_ops &= 0xffffff;
2341 
2342 	/* As per section 26.6.1 11ax Draft5.0, if the Max AMPDU Exponent Extension
2343 	 * in HE cap is zero, use the arg->peer_max_mpdu as calculated while parsing
2344 	 * VHT caps(if VHT caps is present) or HT caps (if VHT caps is not present).
2345 	 *
2346 	 * For non-zero value of Max AMPDU Extponent Extension in HE MAC caps,
2347 	 * if a HE STA sends VHT cap and HE cap IE in assoc request then, use
2348 	 * MAX_AMPDU_LEN_FACTOR as 20 to calculate max_ampdu length.
2349 	 * If a HE STA that does not send VHT cap, but HE and HT cap in assoc
2350 	 * request, then use MAX_AMPDU_LEN_FACTOR as 16 to calculate max_ampdu
2351 	 * length.
2352 	 */
2353 	ampdu_factor = u8_get_bits(he_cap->he_cap_elem.mac_cap_info[3],
2354 				   IEEE80211_HE_MAC_CAP3_MAX_AMPDU_LEN_EXP_MASK);
2355 
2356 	if (ampdu_factor) {
2357 		if (sta->deflink.vht_cap.vht_supported)
2358 			arg->peer_max_mpdu = (1 << (IEEE80211_HE_VHT_MAX_AMPDU_FACTOR +
2359 						    ampdu_factor)) - 1;
2360 		else if (sta->deflink.ht_cap.ht_supported)
2361 			arg->peer_max_mpdu = (1 << (IEEE80211_HE_HT_MAX_AMPDU_FACTOR +
2362 						    ampdu_factor)) - 1;
2363 	}
2364 
2365 	if (he_cap->he_cap_elem.phy_cap_info[6] &
2366 	    IEEE80211_HE_PHY_CAP6_PPE_THRESHOLD_PRESENT) {
2367 		int bit = 7;
2368 		int nss, ru;
2369 
2370 		arg->peer_ppet.numss_m1 = he_cap->ppe_thres[0] &
2371 					  IEEE80211_PPE_THRES_NSS_MASK;
2372 		arg->peer_ppet.ru_bit_mask =
2373 			(he_cap->ppe_thres[0] &
2374 			 IEEE80211_PPE_THRES_RU_INDEX_BITMASK_MASK) >>
2375 			IEEE80211_PPE_THRES_RU_INDEX_BITMASK_POS;
2376 
2377 		for (nss = 0; nss <= arg->peer_ppet.numss_m1; nss++) {
2378 			for (ru = 0; ru < 4; ru++) {
2379 				u32 val = 0;
2380 				int i;
2381 
2382 				if ((arg->peer_ppet.ru_bit_mask & BIT(ru)) == 0)
2383 					continue;
2384 				for (i = 0; i < 6; i++) {
2385 					val >>= 1;
2386 					val |= ((he_cap->ppe_thres[bit / 8] >>
2387 						 (bit % 8)) & 0x1) << 5;
2388 					bit++;
2389 				}
2390 				arg->peer_ppet.ppet16_ppet8_ru3_ru0[nss] |=
2391 								val << (ru * 6);
2392 			}
2393 		}
2394 	}
2395 
2396 	if (he_cap->he_cap_elem.mac_cap_info[0] & IEEE80211_HE_MAC_CAP0_TWT_RES)
2397 		arg->twt_responder = true;
2398 	if (he_cap->he_cap_elem.mac_cap_info[0] & IEEE80211_HE_MAC_CAP0_TWT_REQ)
2399 		arg->twt_requester = true;
2400 
2401 	he_nss =  ath11k_mac_max_he_nss(he_mcs_mask);
2402 
2403 	if (he_nss > sta->deflink.rx_nss) {
2404 		user_rate_valid = false;
2405 		for (nss_idx = sta->deflink.rx_nss - 1; nss_idx >= 0; nss_idx--) {
2406 			if (he_mcs_mask[nss_idx]) {
2407 				user_rate_valid = true;
2408 				break;
2409 			}
2410 		}
2411 	}
2412 
2413 	if (!user_rate_valid) {
2414 		ath11k_dbg(ar->ab, ATH11K_DBG_MAC, "setting he range mcs value to peer supported nss %d for peer %pM\n",
2415 			   sta->deflink.rx_nss, sta->addr);
2416 		he_mcs_mask[sta->deflink.rx_nss - 1] = he_mcs_mask[he_nss - 1];
2417 	}
2418 
2419 	switch (sta->deflink.bandwidth) {
2420 	case IEEE80211_STA_RX_BW_160:
2421 		if (he_cap->he_cap_elem.phy_cap_info[0] &
2422 		    IEEE80211_HE_PHY_CAP0_CHANNEL_WIDTH_SET_80PLUS80_MHZ_IN_5G) {
2423 			v = le16_to_cpu(he_cap->he_mcs_nss_supp.rx_mcs_80p80);
2424 			v = ath11k_peer_assoc_h_he_limit(v, he_mcs_mask);
2425 			arg->peer_he_rx_mcs_set[WMI_HECAP_TXRX_MCS_NSS_IDX_80_80] = v;
2426 
2427 			v = le16_to_cpu(he_cap->he_mcs_nss_supp.tx_mcs_80p80);
2428 			arg->peer_he_tx_mcs_set[WMI_HECAP_TXRX_MCS_NSS_IDX_80_80] = v;
2429 
2430 			arg->peer_he_mcs_count++;
2431 			he_tx_mcs = v;
2432 		}
2433 		v = le16_to_cpu(he_cap->he_mcs_nss_supp.rx_mcs_160);
2434 		arg->peer_he_rx_mcs_set[WMI_HECAP_TXRX_MCS_NSS_IDX_160] = v;
2435 
2436 		v = le16_to_cpu(he_cap->he_mcs_nss_supp.tx_mcs_160);
2437 		v = ath11k_peer_assoc_h_he_limit(v, he_mcs_mask);
2438 		arg->peer_he_tx_mcs_set[WMI_HECAP_TXRX_MCS_NSS_IDX_160] = v;
2439 
2440 		arg->peer_he_mcs_count++;
2441 		if (!he_tx_mcs)
2442 			he_tx_mcs = v;
2443 		fallthrough;
2444 
2445 	default:
2446 		v = le16_to_cpu(he_cap->he_mcs_nss_supp.rx_mcs_80);
2447 		arg->peer_he_rx_mcs_set[WMI_HECAP_TXRX_MCS_NSS_IDX_80] = v;
2448 
2449 		v = le16_to_cpu(he_cap->he_mcs_nss_supp.tx_mcs_80);
2450 		v = ath11k_peer_assoc_h_he_limit(v, he_mcs_mask);
2451 		arg->peer_he_tx_mcs_set[WMI_HECAP_TXRX_MCS_NSS_IDX_80] = v;
2452 
2453 		arg->peer_he_mcs_count++;
2454 		if (!he_tx_mcs)
2455 			he_tx_mcs = v;
2456 		break;
2457 	}
2458 
2459 	/* Calculate peer NSS capability from HE capabilities if STA
2460 	 * supports HE.
2461 	 */
2462 	for (i = 0, max_nss = 0; i < NL80211_HE_NSS_MAX; i++) {
2463 		he_mcs = he_tx_mcs >> (2 * i) & 3;
2464 
2465 		/* In case of fixed rates, MCS Range in he_tx_mcs might have
2466 		 * unsupported range, with he_mcs_mask set, so check either of them
2467 		 * to find nss.
2468 		 */
2469 		if (he_mcs != IEEE80211_HE_MCS_NOT_SUPPORTED ||
2470 		    he_mcs_mask[i])
2471 			max_nss = i + 1;
2472 	}
2473 	arg->peer_nss = min(sta->deflink.rx_nss, max_nss);
2474 
2475 	if (arg->peer_phymode == MODE_11AX_HE160 ||
2476 	    arg->peer_phymode == MODE_11AX_HE80_80) {
2477 		tx_nss = ath11k_get_nss_160mhz(ar, max_nss);
2478 		rx_nss = min(arg->peer_nss, tx_nss);
2479 		arg->peer_bw_rxnss_override = ATH11K_BW_NSS_MAP_ENABLE;
2480 
2481 		if (!rx_nss) {
2482 			ath11k_warn(ar->ab, "invalid max_nss\n");
2483 			return;
2484 		}
2485 
2486 		if (arg->peer_phymode == MODE_11AX_HE160)
2487 			nss_160 = FIELD_PREP(ATH11K_PEER_RX_NSS_160MHZ, rx_nss - 1);
2488 		else
2489 			nss_160 = FIELD_PREP(ATH11K_PEER_RX_NSS_80_80MHZ, rx_nss - 1);
2490 
2491 		arg->peer_bw_rxnss_override |= nss_160;
2492 	}
2493 
2494 	ath11k_dbg(ar->ab, ATH11K_DBG_MAC,
2495 		   "he peer %pM nss %d mcs cnt %d nss_override 0x%x\n",
2496 		   sta->addr, arg->peer_nss,
2497 		   arg->peer_he_mcs_count,
2498 		   arg->peer_bw_rxnss_override);
2499 }
2500 
2501 static void ath11k_peer_assoc_h_he_6ghz(struct ath11k *ar,
2502 					struct ieee80211_vif *vif,
2503 					struct ieee80211_sta *sta,
2504 					struct peer_assoc_params *arg)
2505 {
2506 	const struct ieee80211_sta_he_cap *he_cap = &sta->deflink.he_cap;
2507 	struct cfg80211_chan_def def;
2508 	enum nl80211_band band;
2509 	u8  ampdu_factor;
2510 
2511 	if (WARN_ON(ath11k_mac_vif_chan(vif, &def)))
2512 		return;
2513 
2514 	band = def.chan->band;
2515 
2516 	if (!arg->he_flag || band != NL80211_BAND_6GHZ || !sta->deflink.he_6ghz_capa.capa)
2517 		return;
2518 
2519 	if (sta->deflink.bandwidth == IEEE80211_STA_RX_BW_40)
2520 		arg->bw_40 = true;
2521 
2522 	if (sta->deflink.bandwidth == IEEE80211_STA_RX_BW_80)
2523 		arg->bw_80 = true;
2524 
2525 	if (sta->deflink.bandwidth == IEEE80211_STA_RX_BW_160)
2526 		arg->bw_160 = true;
2527 
2528 	arg->peer_he_caps_6ghz = le16_to_cpu(sta->deflink.he_6ghz_capa.capa);
2529 	arg->peer_mpdu_density =
2530 		ath11k_parse_mpdudensity(FIELD_GET(IEEE80211_HE_6GHZ_CAP_MIN_MPDU_START,
2531 						   arg->peer_he_caps_6ghz));
2532 
2533 	/* From IEEE Std 802.11ax-2021 - Section 10.12.2: An HE STA shall be capable of
2534 	 * receiving A-MPDU where the A-MPDU pre-EOF padding length is up to the value
2535 	 * indicated by the Maximum A-MPDU Length Exponent Extension field in the HE
2536 	 * Capabilities element and the Maximum A-MPDU Length Exponent field in HE 6 GHz
2537 	 * Band Capabilities element in the 6 GHz band.
2538 	 *
2539 	 * Here, we are extracting the Max A-MPDU Exponent Extension from HE caps and
2540 	 * factor is the Maximum A-MPDU Length Exponent from HE 6 GHZ Band capability.
2541 	 */
2542 	ampdu_factor = FIELD_GET(IEEE80211_HE_MAC_CAP3_MAX_AMPDU_LEN_EXP_MASK,
2543 				 he_cap->he_cap_elem.mac_cap_info[3]) +
2544 			FIELD_GET(IEEE80211_HE_6GHZ_CAP_MAX_AMPDU_LEN_EXP,
2545 				  arg->peer_he_caps_6ghz);
2546 
2547 	arg->peer_max_mpdu = (1u << (IEEE80211_HE_6GHZ_MAX_AMPDU_FACTOR +
2548 				     ampdu_factor)) - 1;
2549 }
2550 
2551 static void ath11k_peer_assoc_h_smps(struct ieee80211_sta *sta,
2552 				     struct peer_assoc_params *arg)
2553 {
2554 	const struct ieee80211_sta_ht_cap *ht_cap = &sta->deflink.ht_cap;
2555 	int smps;
2556 
2557 	if (!ht_cap->ht_supported && !sta->deflink.he_6ghz_capa.capa)
2558 		return;
2559 
2560 	if (ht_cap->ht_supported) {
2561 		smps = ht_cap->cap & IEEE80211_HT_CAP_SM_PS;
2562 		smps >>= IEEE80211_HT_CAP_SM_PS_SHIFT;
2563 	} else {
2564 		smps = le16_get_bits(sta->deflink.he_6ghz_capa.capa,
2565 				     IEEE80211_HE_6GHZ_CAP_SM_PS);
2566 	}
2567 
2568 	switch (smps) {
2569 	case WLAN_HT_CAP_SM_PS_STATIC:
2570 		arg->static_mimops_flag = true;
2571 		break;
2572 	case WLAN_HT_CAP_SM_PS_DYNAMIC:
2573 		arg->dynamic_mimops_flag = true;
2574 		break;
2575 	case WLAN_HT_CAP_SM_PS_DISABLED:
2576 		arg->spatial_mux_flag = true;
2577 		break;
2578 	default:
2579 		break;
2580 	}
2581 }
2582 
2583 static void ath11k_peer_assoc_h_qos(struct ath11k *ar,
2584 				    struct ieee80211_vif *vif,
2585 				    struct ieee80211_sta *sta,
2586 				    struct peer_assoc_params *arg)
2587 {
2588 	struct ath11k_vif *arvif = ath11k_vif_to_arvif(vif);
2589 
2590 	switch (arvif->vdev_type) {
2591 	case WMI_VDEV_TYPE_AP:
2592 		if (sta->wme) {
2593 			/* TODO: Check WME vs QoS */
2594 			arg->is_wme_set = true;
2595 			arg->qos_flag = true;
2596 		}
2597 
2598 		if (sta->wme && sta->uapsd_queues) {
2599 			/* TODO: Check WME vs QoS */
2600 			arg->is_wme_set = true;
2601 			arg->apsd_flag = true;
2602 			arg->peer_rate_caps |= WMI_HOST_RC_UAPSD_FLAG;
2603 		}
2604 		break;
2605 	case WMI_VDEV_TYPE_STA:
2606 		if (sta->wme) {
2607 			arg->is_wme_set = true;
2608 			arg->qos_flag = true;
2609 		}
2610 		break;
2611 	default:
2612 		break;
2613 	}
2614 
2615 	ath11k_dbg(ar->ab, ATH11K_DBG_MAC, "peer %pM qos %d\n",
2616 		   sta->addr, arg->qos_flag);
2617 }
2618 
2619 static int ath11k_peer_assoc_qos_ap(struct ath11k *ar,
2620 				    struct ath11k_vif *arvif,
2621 				    struct ieee80211_sta *sta)
2622 {
2623 	struct ap_ps_params params;
2624 	u32 max_sp;
2625 	u32 uapsd;
2626 	int ret;
2627 
2628 	lockdep_assert_held(&ar->conf_mutex);
2629 
2630 	params.vdev_id = arvif->vdev_id;
2631 
2632 	ath11k_dbg(ar->ab, ATH11K_DBG_MAC, "uapsd_queues 0x%x max_sp %d\n",
2633 		   sta->uapsd_queues, sta->max_sp);
2634 
2635 	uapsd = 0;
2636 	if (sta->uapsd_queues & IEEE80211_WMM_IE_STA_QOSINFO_AC_VO)
2637 		uapsd |= WMI_AP_PS_UAPSD_AC3_DELIVERY_EN |
2638 			 WMI_AP_PS_UAPSD_AC3_TRIGGER_EN;
2639 	if (sta->uapsd_queues & IEEE80211_WMM_IE_STA_QOSINFO_AC_VI)
2640 		uapsd |= WMI_AP_PS_UAPSD_AC2_DELIVERY_EN |
2641 			 WMI_AP_PS_UAPSD_AC2_TRIGGER_EN;
2642 	if (sta->uapsd_queues & IEEE80211_WMM_IE_STA_QOSINFO_AC_BK)
2643 		uapsd |= WMI_AP_PS_UAPSD_AC1_DELIVERY_EN |
2644 			 WMI_AP_PS_UAPSD_AC1_TRIGGER_EN;
2645 	if (sta->uapsd_queues & IEEE80211_WMM_IE_STA_QOSINFO_AC_BE)
2646 		uapsd |= WMI_AP_PS_UAPSD_AC0_DELIVERY_EN |
2647 			 WMI_AP_PS_UAPSD_AC0_TRIGGER_EN;
2648 
2649 	max_sp = 0;
2650 	if (sta->max_sp < MAX_WMI_AP_PS_PEER_PARAM_MAX_SP)
2651 		max_sp = sta->max_sp;
2652 
2653 	params.param = WMI_AP_PS_PEER_PARAM_UAPSD;
2654 	params.value = uapsd;
2655 	ret = ath11k_wmi_send_set_ap_ps_param_cmd(ar, sta->addr, &params);
2656 	if (ret)
2657 		goto err;
2658 
2659 	params.param = WMI_AP_PS_PEER_PARAM_MAX_SP;
2660 	params.value = max_sp;
2661 	ret = ath11k_wmi_send_set_ap_ps_param_cmd(ar, sta->addr, &params);
2662 	if (ret)
2663 		goto err;
2664 
2665 	/* TODO revisit during testing */
2666 	params.param = WMI_AP_PS_PEER_PARAM_SIFS_RESP_FRMTYPE;
2667 	params.value = DISABLE_SIFS_RESPONSE_TRIGGER;
2668 	ret = ath11k_wmi_send_set_ap_ps_param_cmd(ar, sta->addr, &params);
2669 	if (ret)
2670 		goto err;
2671 
2672 	params.param = WMI_AP_PS_PEER_PARAM_SIFS_RESP_UAPSD;
2673 	params.value = DISABLE_SIFS_RESPONSE_TRIGGER;
2674 	ret = ath11k_wmi_send_set_ap_ps_param_cmd(ar, sta->addr, &params);
2675 	if (ret)
2676 		goto err;
2677 
2678 	return 0;
2679 
2680 err:
2681 	ath11k_warn(ar->ab, "failed to set ap ps peer param %d for vdev %i: %d\n",
2682 		    params.param, arvif->vdev_id, ret);
2683 	return ret;
2684 }
2685 
2686 static bool ath11k_mac_sta_has_ofdm_only(struct ieee80211_sta *sta)
2687 {
2688 	return sta->deflink.supp_rates[NL80211_BAND_2GHZ] >>
2689 	       ATH11K_MAC_FIRST_OFDM_RATE_IDX;
2690 }
2691 
2692 static enum wmi_phy_mode ath11k_mac_get_phymode_vht(struct ath11k *ar,
2693 						    struct ieee80211_sta *sta)
2694 {
2695 	if (sta->deflink.bandwidth == IEEE80211_STA_RX_BW_160) {
2696 		switch (sta->deflink.vht_cap.cap &
2697 			IEEE80211_VHT_CAP_SUPP_CHAN_WIDTH_MASK) {
2698 		case IEEE80211_VHT_CAP_SUPP_CHAN_WIDTH_160MHZ:
2699 			return MODE_11AC_VHT160;
2700 		case IEEE80211_VHT_CAP_SUPP_CHAN_WIDTH_160_80PLUS80MHZ:
2701 			return MODE_11AC_VHT80_80;
2702 		default:
2703 			/* not sure if this is a valid case? */
2704 			return MODE_11AC_VHT160;
2705 		}
2706 	}
2707 
2708 	if (sta->deflink.bandwidth == IEEE80211_STA_RX_BW_80)
2709 		return MODE_11AC_VHT80;
2710 
2711 	if (sta->deflink.bandwidth == IEEE80211_STA_RX_BW_40)
2712 		return MODE_11AC_VHT40;
2713 
2714 	if (sta->deflink.bandwidth == IEEE80211_STA_RX_BW_20)
2715 		return MODE_11AC_VHT20;
2716 
2717 	return MODE_UNKNOWN;
2718 }
2719 
2720 static enum wmi_phy_mode ath11k_mac_get_phymode_he(struct ath11k *ar,
2721 						   struct ieee80211_sta *sta)
2722 {
2723 	if (sta->deflink.bandwidth == IEEE80211_STA_RX_BW_160) {
2724 		if (sta->deflink.he_cap.he_cap_elem.phy_cap_info[0] &
2725 		     IEEE80211_HE_PHY_CAP0_CHANNEL_WIDTH_SET_160MHZ_IN_5G)
2726 			return MODE_11AX_HE160;
2727 		else if (sta->deflink.he_cap.he_cap_elem.phy_cap_info[0] &
2728 			 IEEE80211_HE_PHY_CAP0_CHANNEL_WIDTH_SET_80PLUS80_MHZ_IN_5G)
2729 			return MODE_11AX_HE80_80;
2730 		/* not sure if this is a valid case? */
2731 		return MODE_11AX_HE160;
2732 	}
2733 
2734 	if (sta->deflink.bandwidth == IEEE80211_STA_RX_BW_80)
2735 		return MODE_11AX_HE80;
2736 
2737 	if (sta->deflink.bandwidth == IEEE80211_STA_RX_BW_40)
2738 		return MODE_11AX_HE40;
2739 
2740 	if (sta->deflink.bandwidth == IEEE80211_STA_RX_BW_20)
2741 		return MODE_11AX_HE20;
2742 
2743 	return MODE_UNKNOWN;
2744 }
2745 
2746 static void ath11k_peer_assoc_h_phymode(struct ath11k *ar,
2747 					struct ieee80211_vif *vif,
2748 					struct ieee80211_sta *sta,
2749 					struct peer_assoc_params *arg)
2750 {
2751 	struct ath11k_vif *arvif = ath11k_vif_to_arvif(vif);
2752 	struct cfg80211_chan_def def;
2753 	enum nl80211_band band;
2754 	const u8 *ht_mcs_mask;
2755 	const u16 *vht_mcs_mask;
2756 	const u16 *he_mcs_mask;
2757 	enum wmi_phy_mode phymode = MODE_UNKNOWN;
2758 
2759 	if (WARN_ON(ath11k_mac_vif_chan(vif, &def)))
2760 		return;
2761 
2762 	band = def.chan->band;
2763 	ht_mcs_mask = arvif->bitrate_mask.control[band].ht_mcs;
2764 	vht_mcs_mask = arvif->bitrate_mask.control[band].vht_mcs;
2765 	he_mcs_mask = arvif->bitrate_mask.control[band].he_mcs;
2766 
2767 	switch (band) {
2768 	case NL80211_BAND_2GHZ:
2769 		if (sta->deflink.he_cap.has_he &&
2770 		    !ath11k_peer_assoc_h_he_masked(he_mcs_mask)) {
2771 			if (sta->deflink.bandwidth == IEEE80211_STA_RX_BW_80)
2772 				phymode = MODE_11AX_HE80_2G;
2773 			else if (sta->deflink.bandwidth == IEEE80211_STA_RX_BW_40)
2774 				phymode = MODE_11AX_HE40_2G;
2775 			else
2776 				phymode = MODE_11AX_HE20_2G;
2777 		} else if (sta->deflink.vht_cap.vht_supported &&
2778 			   !ath11k_peer_assoc_h_vht_masked(vht_mcs_mask)) {
2779 			if (sta->deflink.bandwidth == IEEE80211_STA_RX_BW_40)
2780 				phymode = MODE_11AC_VHT40;
2781 			else
2782 				phymode = MODE_11AC_VHT20;
2783 		} else if (sta->deflink.ht_cap.ht_supported &&
2784 			   !ath11k_peer_assoc_h_ht_masked(ht_mcs_mask)) {
2785 			if (sta->deflink.bandwidth == IEEE80211_STA_RX_BW_40)
2786 				phymode = MODE_11NG_HT40;
2787 			else
2788 				phymode = MODE_11NG_HT20;
2789 		} else if (ath11k_mac_sta_has_ofdm_only(sta)) {
2790 			phymode = MODE_11G;
2791 		} else {
2792 			phymode = MODE_11B;
2793 		}
2794 		break;
2795 	case NL80211_BAND_5GHZ:
2796 	case NL80211_BAND_6GHZ:
2797 		/* Check HE first */
2798 		if (sta->deflink.he_cap.has_he &&
2799 		    !ath11k_peer_assoc_h_he_masked(he_mcs_mask)) {
2800 			phymode = ath11k_mac_get_phymode_he(ar, sta);
2801 		} else if (sta->deflink.vht_cap.vht_supported &&
2802 			   !ath11k_peer_assoc_h_vht_masked(vht_mcs_mask)) {
2803 			phymode = ath11k_mac_get_phymode_vht(ar, sta);
2804 		} else if (sta->deflink.ht_cap.ht_supported &&
2805 			   !ath11k_peer_assoc_h_ht_masked(ht_mcs_mask)) {
2806 			if (sta->deflink.bandwidth >= IEEE80211_STA_RX_BW_40)
2807 				phymode = MODE_11NA_HT40;
2808 			else
2809 				phymode = MODE_11NA_HT20;
2810 		} else {
2811 			phymode = MODE_11A;
2812 		}
2813 		break;
2814 	default:
2815 		break;
2816 	}
2817 
2818 	ath11k_dbg(ar->ab, ATH11K_DBG_MAC, "peer %pM phymode %s\n",
2819 		   sta->addr, ath11k_wmi_phymode_str(phymode));
2820 
2821 	arg->peer_phymode = phymode;
2822 	WARN_ON(phymode == MODE_UNKNOWN);
2823 }
2824 
2825 static void ath11k_peer_assoc_prepare(struct ath11k *ar,
2826 				      struct ieee80211_vif *vif,
2827 				      struct ieee80211_sta *sta,
2828 				      struct peer_assoc_params *arg,
2829 				      bool reassoc)
2830 {
2831 	struct ath11k_sta *arsta;
2832 
2833 	lockdep_assert_held(&ar->conf_mutex);
2834 
2835 	arsta = (struct ath11k_sta *)sta->drv_priv;
2836 
2837 	memset(arg, 0, sizeof(*arg));
2838 
2839 	reinit_completion(&ar->peer_assoc_done);
2840 
2841 	arg->peer_new_assoc = !reassoc;
2842 	ath11k_peer_assoc_h_basic(ar, vif, sta, arg);
2843 	ath11k_peer_assoc_h_crypto(ar, vif, sta, arg);
2844 	ath11k_peer_assoc_h_rates(ar, vif, sta, arg);
2845 	ath11k_peer_assoc_h_phymode(ar, vif, sta, arg);
2846 	ath11k_peer_assoc_h_ht(ar, vif, sta, arg);
2847 	ath11k_peer_assoc_h_vht(ar, vif, sta, arg);
2848 	ath11k_peer_assoc_h_he(ar, vif, sta, arg);
2849 	ath11k_peer_assoc_h_he_6ghz(ar, vif, sta, arg);
2850 	ath11k_peer_assoc_h_qos(ar, vif, sta, arg);
2851 	ath11k_peer_assoc_h_smps(sta, arg);
2852 
2853 	arsta->peer_nss = arg->peer_nss;
2854 
2855 	/* TODO: amsdu_disable req? */
2856 }
2857 
2858 static int ath11k_setup_peer_smps(struct ath11k *ar, struct ath11k_vif *arvif,
2859 				  const u8 *addr,
2860 				  const struct ieee80211_sta_ht_cap *ht_cap,
2861 				  u16 he_6ghz_capa)
2862 {
2863 	int smps;
2864 
2865 	if (!ht_cap->ht_supported && !he_6ghz_capa)
2866 		return 0;
2867 
2868 	if (ht_cap->ht_supported) {
2869 		smps = ht_cap->cap & IEEE80211_HT_CAP_SM_PS;
2870 		smps >>= IEEE80211_HT_CAP_SM_PS_SHIFT;
2871 	} else {
2872 		smps = FIELD_GET(IEEE80211_HE_6GHZ_CAP_SM_PS, he_6ghz_capa);
2873 	}
2874 
2875 	if (smps >= ARRAY_SIZE(ath11k_smps_map))
2876 		return -EINVAL;
2877 
2878 	return ath11k_wmi_set_peer_param(ar, addr, arvif->vdev_id,
2879 					 WMI_PEER_MIMO_PS_STATE,
2880 					 ath11k_smps_map[smps]);
2881 }
2882 
2883 static bool ath11k_mac_set_he_txbf_conf(struct ath11k_vif *arvif)
2884 {
2885 	struct ath11k *ar = arvif->ar;
2886 	u32 param, value;
2887 	int ret;
2888 
2889 	if (!arvif->vif->bss_conf.he_support)
2890 		return true;
2891 
2892 	param = WMI_VDEV_PARAM_SET_HEMU_MODE;
2893 	value = 0;
2894 	if (arvif->vif->bss_conf.he_su_beamformer) {
2895 		value |= FIELD_PREP(HE_MODE_SU_TX_BFER, HE_SU_BFER_ENABLE);
2896 		if (arvif->vif->bss_conf.he_mu_beamformer &&
2897 		    arvif->vdev_type == WMI_VDEV_TYPE_AP)
2898 			value |= FIELD_PREP(HE_MODE_MU_TX_BFER, HE_MU_BFER_ENABLE);
2899 	}
2900 
2901 	if (arvif->vif->type != NL80211_IFTYPE_MESH_POINT) {
2902 		value |= FIELD_PREP(HE_MODE_DL_OFDMA, HE_DL_MUOFDMA_ENABLE) |
2903 			 FIELD_PREP(HE_MODE_UL_OFDMA, HE_UL_MUOFDMA_ENABLE);
2904 
2905 		if (arvif->vif->bss_conf.he_full_ul_mumimo)
2906 			value |= FIELD_PREP(HE_MODE_UL_MUMIMO, HE_UL_MUMIMO_ENABLE);
2907 
2908 		if (arvif->vif->bss_conf.he_su_beamformee)
2909 			value |= FIELD_PREP(HE_MODE_SU_TX_BFEE, HE_SU_BFEE_ENABLE);
2910 	}
2911 
2912 	ret = ath11k_wmi_vdev_set_param_cmd(ar, arvif->vdev_id, param, value);
2913 	if (ret) {
2914 		ath11k_warn(ar->ab, "failed to set vdev %d HE MU mode: %d\n",
2915 			    arvif->vdev_id, ret);
2916 		return false;
2917 	}
2918 
2919 	param = WMI_VDEV_PARAM_SET_HE_SOUNDING_MODE;
2920 	value =	FIELD_PREP(HE_VHT_SOUNDING_MODE, HE_VHT_SOUNDING_MODE_ENABLE) |
2921 		FIELD_PREP(HE_TRIG_NONTRIG_SOUNDING_MODE,
2922 			   HE_TRIG_NONTRIG_SOUNDING_MODE_ENABLE);
2923 	ret = ath11k_wmi_vdev_set_param_cmd(ar, arvif->vdev_id,
2924 					    param, value);
2925 	if (ret) {
2926 		ath11k_warn(ar->ab, "failed to set vdev %d sounding mode: %d\n",
2927 			    arvif->vdev_id, ret);
2928 		return false;
2929 	}
2930 	return true;
2931 }
2932 
2933 static bool ath11k_mac_vif_recalc_sta_he_txbf(struct ath11k *ar,
2934 					      struct ieee80211_vif *vif,
2935 					      struct ieee80211_sta_he_cap *he_cap)
2936 {
2937 	struct ath11k_vif *arvif = ath11k_vif_to_arvif(vif);
2938 	struct ieee80211_he_cap_elem he_cap_elem = {0};
2939 	struct ieee80211_sta_he_cap *cap_band = NULL;
2940 	struct cfg80211_chan_def def;
2941 	u32 param = WMI_VDEV_PARAM_SET_HEMU_MODE;
2942 	u32 hemode = 0;
2943 	int ret;
2944 
2945 	if (!vif->bss_conf.he_support)
2946 		return true;
2947 
2948 	if (vif->type != NL80211_IFTYPE_STATION)
2949 		return false;
2950 
2951 	if (WARN_ON(ath11k_mac_vif_chan(vif, &def)))
2952 		return false;
2953 
2954 	if (def.chan->band == NL80211_BAND_2GHZ)
2955 		cap_band = &ar->mac.iftype[NL80211_BAND_2GHZ][vif->type].he_cap;
2956 	else
2957 		cap_band = &ar->mac.iftype[NL80211_BAND_5GHZ][vif->type].he_cap;
2958 
2959 	memcpy(&he_cap_elem, &cap_band->he_cap_elem, sizeof(he_cap_elem));
2960 
2961 	if (HECAP_PHY_SUBFME_GET(he_cap_elem.phy_cap_info)) {
2962 		if (HECAP_PHY_SUBFMR_GET(he_cap->he_cap_elem.phy_cap_info))
2963 			hemode |= FIELD_PREP(HE_MODE_SU_TX_BFEE, HE_SU_BFEE_ENABLE);
2964 		if (HECAP_PHY_MUBFMR_GET(he_cap->he_cap_elem.phy_cap_info))
2965 			hemode |= FIELD_PREP(HE_MODE_MU_TX_BFEE, HE_MU_BFEE_ENABLE);
2966 	}
2967 
2968 	if (vif->type != NL80211_IFTYPE_MESH_POINT) {
2969 		hemode |= FIELD_PREP(HE_MODE_DL_OFDMA, HE_DL_MUOFDMA_ENABLE) |
2970 			  FIELD_PREP(HE_MODE_UL_OFDMA, HE_UL_MUOFDMA_ENABLE);
2971 
2972 		if (HECAP_PHY_ULMUMIMO_GET(he_cap_elem.phy_cap_info))
2973 			if (HECAP_PHY_ULMUMIMO_GET(he_cap->he_cap_elem.phy_cap_info))
2974 				hemode |= FIELD_PREP(HE_MODE_UL_MUMIMO,
2975 						     HE_UL_MUMIMO_ENABLE);
2976 
2977 		if (FIELD_GET(HE_MODE_MU_TX_BFEE, hemode))
2978 			hemode |= FIELD_PREP(HE_MODE_SU_TX_BFEE, HE_SU_BFEE_ENABLE);
2979 
2980 		if (FIELD_GET(HE_MODE_MU_TX_BFER, hemode))
2981 			hemode |= FIELD_PREP(HE_MODE_SU_TX_BFER, HE_SU_BFER_ENABLE);
2982 	}
2983 
2984 	ret = ath11k_wmi_vdev_set_param_cmd(ar, arvif->vdev_id, param, hemode);
2985 	if (ret) {
2986 		ath11k_warn(ar->ab, "failed to submit vdev param txbf 0x%x: %d\n",
2987 			    hemode, ret);
2988 		return false;
2989 	}
2990 
2991 	return true;
2992 }
2993 
2994 static void ath11k_bss_assoc(struct ieee80211_hw *hw,
2995 			     struct ieee80211_vif *vif,
2996 			     struct ieee80211_bss_conf *bss_conf)
2997 {
2998 	struct ath11k *ar = hw->priv;
2999 	struct ath11k_vif *arvif = ath11k_vif_to_arvif(vif);
3000 	struct peer_assoc_params peer_arg;
3001 	struct ieee80211_sta *ap_sta;
3002 	struct ath11k_peer *peer;
3003 	bool is_auth = false;
3004 	struct ieee80211_sta_he_cap  he_cap;
3005 	int ret;
3006 
3007 	lockdep_assert_held(&ar->conf_mutex);
3008 
3009 	ath11k_dbg(ar->ab, ATH11K_DBG_MAC, "vdev %i assoc bssid %pM aid %d\n",
3010 		   arvif->vdev_id, arvif->bssid, arvif->aid);
3011 
3012 	rcu_read_lock();
3013 
3014 	ap_sta = ieee80211_find_sta(vif, bss_conf->bssid);
3015 	if (!ap_sta) {
3016 		ath11k_warn(ar->ab, "failed to find station entry for bss %pM vdev %i\n",
3017 			    bss_conf->bssid, arvif->vdev_id);
3018 		rcu_read_unlock();
3019 		return;
3020 	}
3021 
3022 	/* he_cap here is updated at assoc success for sta mode only */
3023 	he_cap  = ap_sta->deflink.he_cap;
3024 
3025 	ath11k_peer_assoc_prepare(ar, vif, ap_sta, &peer_arg, false);
3026 
3027 	rcu_read_unlock();
3028 
3029 	peer_arg.is_assoc = true;
3030 	ret = ath11k_wmi_send_peer_assoc_cmd(ar, &peer_arg);
3031 	if (ret) {
3032 		ath11k_warn(ar->ab, "failed to run peer assoc for %pM vdev %i: %d\n",
3033 			    bss_conf->bssid, arvif->vdev_id, ret);
3034 		return;
3035 	}
3036 
3037 	if (!wait_for_completion_timeout(&ar->peer_assoc_done, 1 * HZ)) {
3038 		ath11k_warn(ar->ab, "failed to get peer assoc conf event for %pM vdev %i\n",
3039 			    bss_conf->bssid, arvif->vdev_id);
3040 		return;
3041 	}
3042 
3043 	ret = ath11k_setup_peer_smps(ar, arvif, bss_conf->bssid,
3044 				     &ap_sta->deflink.ht_cap,
3045 				     le16_to_cpu(ap_sta->deflink.he_6ghz_capa.capa));
3046 	if (ret) {
3047 		ath11k_warn(ar->ab, "failed to setup peer SMPS for vdev %d: %d\n",
3048 			    arvif->vdev_id, ret);
3049 		return;
3050 	}
3051 
3052 	if (!ath11k_mac_vif_recalc_sta_he_txbf(ar, vif, &he_cap)) {
3053 		ath11k_warn(ar->ab, "failed to recalc he txbf for vdev %i on bss %pM\n",
3054 			    arvif->vdev_id, bss_conf->bssid);
3055 		return;
3056 	}
3057 
3058 	WARN_ON(arvif->is_up);
3059 
3060 	arvif->aid = vif->cfg.aid;
3061 	ether_addr_copy(arvif->bssid, bss_conf->bssid);
3062 
3063 	ret = ath11k_wmi_vdev_up(ar, arvif->vdev_id, arvif->aid, arvif->bssid,
3064 				 NULL, 0, 0);
3065 	if (ret) {
3066 		ath11k_warn(ar->ab, "failed to set vdev %d up: %d\n",
3067 			    arvif->vdev_id, ret);
3068 		return;
3069 	}
3070 
3071 	arvif->is_up = true;
3072 	arvif->rekey_data.enable_offload = false;
3073 
3074 	ath11k_dbg(ar->ab, ATH11K_DBG_MAC,
3075 		   "vdev %d up (associated) bssid %pM aid %d\n",
3076 		   arvif->vdev_id, bss_conf->bssid, vif->cfg.aid);
3077 
3078 	spin_lock_bh(&ar->ab->base_lock);
3079 
3080 	peer = ath11k_peer_find(ar->ab, arvif->vdev_id, arvif->bssid);
3081 	if (peer && peer->is_authorized)
3082 		is_auth = true;
3083 
3084 	spin_unlock_bh(&ar->ab->base_lock);
3085 
3086 	if (is_auth) {
3087 		ret = ath11k_wmi_set_peer_param(ar, arvif->bssid,
3088 						arvif->vdev_id,
3089 						WMI_PEER_AUTHORIZE,
3090 						1);
3091 		if (ret)
3092 			ath11k_warn(ar->ab, "Unable to authorize BSS peer: %d\n", ret);
3093 	}
3094 
3095 	ret = ath11k_wmi_send_obss_spr_cmd(ar, arvif->vdev_id,
3096 					   &bss_conf->he_obss_pd);
3097 	if (ret)
3098 		ath11k_warn(ar->ab, "failed to set vdev %i OBSS PD parameters: %d\n",
3099 			    arvif->vdev_id, ret);
3100 
3101 	ret = ath11k_wmi_vdev_set_param_cmd(ar, arvif->vdev_id,
3102 					    WMI_VDEV_PARAM_DTIM_POLICY,
3103 					    WMI_DTIM_POLICY_STICK);
3104 	if (ret)
3105 		ath11k_warn(ar->ab, "failed to set vdev %d dtim policy: %d\n",
3106 			    arvif->vdev_id, ret);
3107 
3108 	ath11k_mac_11d_scan_stop_all(ar->ab);
3109 }
3110 
3111 static void ath11k_bss_disassoc(struct ieee80211_hw *hw,
3112 				struct ieee80211_vif *vif)
3113 {
3114 	struct ath11k *ar = hw->priv;
3115 	struct ath11k_vif *arvif = ath11k_vif_to_arvif(vif);
3116 	int ret;
3117 
3118 	lockdep_assert_held(&ar->conf_mutex);
3119 
3120 	ath11k_dbg(ar->ab, ATH11K_DBG_MAC, "vdev %i disassoc bssid %pM\n",
3121 		   arvif->vdev_id, arvif->bssid);
3122 
3123 	ret = ath11k_wmi_vdev_down(ar, arvif->vdev_id);
3124 	if (ret)
3125 		ath11k_warn(ar->ab, "failed to down vdev %i: %d\n",
3126 			    arvif->vdev_id, ret);
3127 
3128 	arvif->is_up = false;
3129 
3130 	memset(&arvif->rekey_data, 0, sizeof(arvif->rekey_data));
3131 
3132 	cancel_delayed_work_sync(&arvif->connection_loss_work);
3133 }
3134 
3135 static u32 ath11k_mac_get_rate_hw_value(int bitrate)
3136 {
3137 	u32 preamble;
3138 	u16 hw_value;
3139 	int rate;
3140 	size_t i;
3141 
3142 	if (ath11k_mac_bitrate_is_cck(bitrate))
3143 		preamble = WMI_RATE_PREAMBLE_CCK;
3144 	else
3145 		preamble = WMI_RATE_PREAMBLE_OFDM;
3146 
3147 	for (i = 0; i < ARRAY_SIZE(ath11k_legacy_rates); i++) {
3148 		if (ath11k_legacy_rates[i].bitrate != bitrate)
3149 			continue;
3150 
3151 		hw_value = ath11k_legacy_rates[i].hw_value;
3152 		rate = ATH11K_HW_RATE_CODE(hw_value, 0, preamble);
3153 
3154 		return rate;
3155 	}
3156 
3157 	return -EINVAL;
3158 }
3159 
3160 static void ath11k_recalculate_mgmt_rate(struct ath11k *ar,
3161 					 struct ieee80211_vif *vif,
3162 					 struct cfg80211_chan_def *def)
3163 {
3164 	struct ath11k_vif *arvif = ath11k_vif_to_arvif(vif);
3165 	const struct ieee80211_supported_band *sband;
3166 	u8 basic_rate_idx;
3167 	int hw_rate_code;
3168 	u32 vdev_param;
3169 	u16 bitrate;
3170 	int ret;
3171 
3172 	lockdep_assert_held(&ar->conf_mutex);
3173 
3174 	sband = ar->hw->wiphy->bands[def->chan->band];
3175 	basic_rate_idx = ffs(vif->bss_conf.basic_rates) - 1;
3176 	bitrate = sband->bitrates[basic_rate_idx].bitrate;
3177 
3178 	hw_rate_code = ath11k_mac_get_rate_hw_value(bitrate);
3179 	if (hw_rate_code < 0) {
3180 		ath11k_warn(ar->ab, "bitrate not supported %d\n", bitrate);
3181 		return;
3182 	}
3183 
3184 	vdev_param = WMI_VDEV_PARAM_MGMT_RATE;
3185 	ret = ath11k_wmi_vdev_set_param_cmd(ar, arvif->vdev_id, vdev_param,
3186 					    hw_rate_code);
3187 	if (ret)
3188 		ath11k_warn(ar->ab, "failed to set mgmt tx rate %d\n", ret);
3189 
3190 	/* For WCN6855, firmware will clear this param when vdev starts, hence
3191 	 * cache it here so that we can reconfigure it once vdev starts.
3192 	 */
3193 	ar->hw_rate_code = hw_rate_code;
3194 
3195 	vdev_param = WMI_VDEV_PARAM_BEACON_RATE;
3196 	ret = ath11k_wmi_vdev_set_param_cmd(ar, arvif->vdev_id, vdev_param,
3197 					    hw_rate_code);
3198 	if (ret)
3199 		ath11k_warn(ar->ab, "failed to set beacon tx rate %d\n", ret);
3200 }
3201 
3202 static int ath11k_mac_fils_discovery(struct ath11k_vif *arvif,
3203 				     struct ieee80211_bss_conf *info)
3204 {
3205 	struct ath11k *ar = arvif->ar;
3206 	struct sk_buff *tmpl;
3207 	int ret;
3208 	u32 interval;
3209 	bool unsol_bcast_probe_resp_enabled = false;
3210 
3211 	if (info->fils_discovery.max_interval) {
3212 		interval = info->fils_discovery.max_interval;
3213 
3214 		tmpl = ieee80211_get_fils_discovery_tmpl(ar->hw, arvif->vif);
3215 		if (tmpl)
3216 			ret = ath11k_wmi_fils_discovery_tmpl(ar, arvif->vdev_id,
3217 							     tmpl);
3218 	} else if (info->unsol_bcast_probe_resp_interval) {
3219 		unsol_bcast_probe_resp_enabled = 1;
3220 		interval = info->unsol_bcast_probe_resp_interval;
3221 
3222 		tmpl = ieee80211_get_unsol_bcast_probe_resp_tmpl(ar->hw,
3223 								 arvif->vif);
3224 		if (tmpl)
3225 			ret = ath11k_wmi_probe_resp_tmpl(ar, arvif->vdev_id,
3226 							 tmpl);
3227 	} else { /* Disable */
3228 		return ath11k_wmi_fils_discovery(ar, arvif->vdev_id, 0, false);
3229 	}
3230 
3231 	if (!tmpl) {
3232 		ath11k_warn(ar->ab,
3233 			    "mac vdev %i failed to retrieve %s template\n",
3234 			    arvif->vdev_id, (unsol_bcast_probe_resp_enabled ?
3235 			    "unsolicited broadcast probe response" :
3236 			    "FILS discovery"));
3237 		return -EPERM;
3238 	}
3239 	kfree_skb(tmpl);
3240 
3241 	if (!ret)
3242 		ret = ath11k_wmi_fils_discovery(ar, arvif->vdev_id, interval,
3243 						unsol_bcast_probe_resp_enabled);
3244 
3245 	return ret;
3246 }
3247 
3248 static int ath11k_mac_config_obss_pd(struct ath11k *ar,
3249 				     struct ieee80211_he_obss_pd *he_obss_pd)
3250 {
3251 	u32 bitmap[2], param_id, param_val, pdev_id;
3252 	int ret;
3253 	s8 non_srg_th = 0, srg_th = 0;
3254 
3255 	pdev_id = ar->pdev->pdev_id;
3256 
3257 	/* Set and enable SRG/non-SRG OBSS PD Threshold */
3258 	param_id = WMI_PDEV_PARAM_SET_CMD_OBSS_PD_THRESHOLD;
3259 	if (test_bit(ATH11K_FLAG_MONITOR_STARTED, &ar->monitor_flags)) {
3260 		ret = ath11k_wmi_pdev_set_param(ar, param_id, 0, pdev_id);
3261 		if (ret)
3262 			ath11k_warn(ar->ab,
3263 				    "failed to set obss_pd_threshold for pdev: %u\n",
3264 				    pdev_id);
3265 		return ret;
3266 	}
3267 
3268 	ath11k_dbg(ar->ab, ATH11K_DBG_MAC,
3269 		   "obss pd sr_ctrl %x non_srg_thres %u srg_max %u\n",
3270 		   he_obss_pd->sr_ctrl, he_obss_pd->non_srg_max_offset,
3271 		   he_obss_pd->max_offset);
3272 
3273 	param_val = 0;
3274 
3275 	if (he_obss_pd->sr_ctrl &
3276 	    IEEE80211_HE_SPR_NON_SRG_OBSS_PD_SR_DISALLOWED) {
3277 		non_srg_th = ATH11K_OBSS_PD_MAX_THRESHOLD;
3278 	} else {
3279 		if (he_obss_pd->sr_ctrl & IEEE80211_HE_SPR_NON_SRG_OFFSET_PRESENT)
3280 			non_srg_th = (ATH11K_OBSS_PD_MAX_THRESHOLD +
3281 				      he_obss_pd->non_srg_max_offset);
3282 		else
3283 			non_srg_th = ATH11K_OBSS_PD_NON_SRG_MAX_THRESHOLD;
3284 
3285 		param_val |= ATH11K_OBSS_PD_NON_SRG_EN;
3286 	}
3287 
3288 	if (he_obss_pd->sr_ctrl & IEEE80211_HE_SPR_SRG_INFORMATION_PRESENT) {
3289 		srg_th = ATH11K_OBSS_PD_MAX_THRESHOLD + he_obss_pd->max_offset;
3290 		param_val |= ATH11K_OBSS_PD_SRG_EN;
3291 	}
3292 
3293 	if (test_bit(WMI_TLV_SERVICE_SRG_SRP_SPATIAL_REUSE_SUPPORT,
3294 		     ar->ab->wmi_ab.svc_map)) {
3295 		param_val |= ATH11K_OBSS_PD_THRESHOLD_IN_DBM;
3296 		param_val |= FIELD_PREP(GENMASK(15, 8), srg_th);
3297 	} else {
3298 		non_srg_th -= ATH11K_DEFAULT_NOISE_FLOOR;
3299 		/* SRG not supported and threshold in dB */
3300 		param_val &= ~(ATH11K_OBSS_PD_SRG_EN |
3301 			       ATH11K_OBSS_PD_THRESHOLD_IN_DBM);
3302 	}
3303 
3304 	param_val |= (non_srg_th & GENMASK(7, 0));
3305 	ret = ath11k_wmi_pdev_set_param(ar, param_id, param_val, pdev_id);
3306 	if (ret) {
3307 		ath11k_warn(ar->ab,
3308 			    "failed to set obss_pd_threshold for pdev: %u\n",
3309 			    pdev_id);
3310 		return ret;
3311 	}
3312 
3313 	/* Enable OBSS PD for all access category */
3314 	param_id  = WMI_PDEV_PARAM_SET_CMD_OBSS_PD_PER_AC;
3315 	param_val = 0xf;
3316 	ret = ath11k_wmi_pdev_set_param(ar, param_id, param_val, pdev_id);
3317 	if (ret) {
3318 		ath11k_warn(ar->ab,
3319 			    "failed to set obss_pd_per_ac for pdev: %u\n",
3320 			    pdev_id);
3321 		return ret;
3322 	}
3323 
3324 	/* Set SR Prohibit */
3325 	param_id  = WMI_PDEV_PARAM_ENABLE_SR_PROHIBIT;
3326 	param_val = !!(he_obss_pd->sr_ctrl &
3327 		       IEEE80211_HE_SPR_HESIGA_SR_VAL15_ALLOWED);
3328 	ret = ath11k_wmi_pdev_set_param(ar, param_id, param_val, pdev_id);
3329 	if (ret) {
3330 		ath11k_warn(ar->ab, "failed to set sr_prohibit for pdev: %u\n",
3331 			    pdev_id);
3332 		return ret;
3333 	}
3334 
3335 	if (!test_bit(WMI_TLV_SERVICE_SRG_SRP_SPATIAL_REUSE_SUPPORT,
3336 		      ar->ab->wmi_ab.svc_map))
3337 		return 0;
3338 
3339 	/* Set SRG BSS Color Bitmap */
3340 	memcpy(bitmap, he_obss_pd->bss_color_bitmap, sizeof(bitmap));
3341 	ret = ath11k_wmi_pdev_set_srg_bss_color_bitmap(ar, bitmap);
3342 	if (ret) {
3343 		ath11k_warn(ar->ab,
3344 			    "failed to set bss_color_bitmap for pdev: %u\n",
3345 			    pdev_id);
3346 		return ret;
3347 	}
3348 
3349 	/* Set SRG Partial BSSID Bitmap */
3350 	memcpy(bitmap, he_obss_pd->partial_bssid_bitmap, sizeof(bitmap));
3351 	ret = ath11k_wmi_pdev_set_srg_patial_bssid_bitmap(ar, bitmap);
3352 	if (ret) {
3353 		ath11k_warn(ar->ab,
3354 			    "failed to set partial_bssid_bitmap for pdev: %u\n",
3355 			    pdev_id);
3356 		return ret;
3357 	}
3358 
3359 	memset(bitmap, 0xff, sizeof(bitmap));
3360 
3361 	/* Enable all BSS Colors for SRG */
3362 	ret = ath11k_wmi_pdev_srg_obss_color_enable_bitmap(ar, bitmap);
3363 	if (ret) {
3364 		ath11k_warn(ar->ab,
3365 			    "failed to set srg_color_en_bitmap pdev: %u\n",
3366 			    pdev_id);
3367 		return ret;
3368 	}
3369 
3370 	/* Enable all partial BSSID mask for SRG */
3371 	ret = ath11k_wmi_pdev_srg_obss_bssid_enable_bitmap(ar, bitmap);
3372 	if (ret) {
3373 		ath11k_warn(ar->ab,
3374 			    "failed to set srg_bssid_en_bitmap pdev: %u\n",
3375 			    pdev_id);
3376 		return ret;
3377 	}
3378 
3379 	/* Enable all BSS Colors for non-SRG */
3380 	ret = ath11k_wmi_pdev_non_srg_obss_color_enable_bitmap(ar, bitmap);
3381 	if (ret) {
3382 		ath11k_warn(ar->ab,
3383 			    "failed to set non_srg_color_en_bitmap pdev: %u\n",
3384 			    pdev_id);
3385 		return ret;
3386 	}
3387 
3388 	/* Enable all partial BSSID mask for non-SRG */
3389 	ret = ath11k_wmi_pdev_non_srg_obss_bssid_enable_bitmap(ar, bitmap);
3390 	if (ret) {
3391 		ath11k_warn(ar->ab,
3392 			    "failed to set non_srg_bssid_en_bitmap pdev: %u\n",
3393 			    pdev_id);
3394 		return ret;
3395 	}
3396 
3397 	return 0;
3398 }
3399 
3400 static void ath11k_mac_op_bss_info_changed(struct ieee80211_hw *hw,
3401 					   struct ieee80211_vif *vif,
3402 					   struct ieee80211_bss_conf *info,
3403 					   u64 changed)
3404 {
3405 	struct ath11k *ar = hw->priv;
3406 	struct ath11k_vif *arvif = ath11k_vif_to_arvif(vif);
3407 	struct cfg80211_chan_def def;
3408 	u32 param_id, param_value;
3409 	enum nl80211_band band;
3410 	u32 vdev_param;
3411 	int mcast_rate;
3412 	u32 preamble;
3413 	u16 hw_value;
3414 	u16 bitrate;
3415 	int ret = 0;
3416 	u8 rateidx;
3417 	u32 rate, param;
3418 	u32 ipv4_cnt;
3419 
3420 	mutex_lock(&ar->conf_mutex);
3421 
3422 	if (changed & BSS_CHANGED_BEACON_INT) {
3423 		arvif->beacon_interval = info->beacon_int;
3424 
3425 		param_id = WMI_VDEV_PARAM_BEACON_INTERVAL;
3426 		ret = ath11k_wmi_vdev_set_param_cmd(ar, arvif->vdev_id,
3427 						    param_id,
3428 						    arvif->beacon_interval);
3429 		if (ret)
3430 			ath11k_warn(ar->ab, "Failed to set beacon interval for VDEV: %d\n",
3431 				    arvif->vdev_id);
3432 		else
3433 			ath11k_dbg(ar->ab, ATH11K_DBG_MAC,
3434 				   "Beacon interval: %d set for VDEV: %d\n",
3435 				   arvif->beacon_interval, arvif->vdev_id);
3436 	}
3437 
3438 	if (changed & BSS_CHANGED_BEACON) {
3439 		param_id = WMI_PDEV_PARAM_BEACON_TX_MODE;
3440 		param_value = WMI_BEACON_STAGGERED_MODE;
3441 		ret = ath11k_wmi_pdev_set_param(ar, param_id,
3442 						param_value, ar->pdev->pdev_id);
3443 		if (ret)
3444 			ath11k_warn(ar->ab, "Failed to set beacon mode for VDEV: %d\n",
3445 				    arvif->vdev_id);
3446 		else
3447 			ath11k_dbg(ar->ab, ATH11K_DBG_MAC,
3448 				   "Set staggered beacon mode for VDEV: %d\n",
3449 				   arvif->vdev_id);
3450 
3451 		if (!arvif->do_not_send_tmpl || !arvif->bcca_zero_sent) {
3452 			ret = ath11k_mac_setup_bcn_tmpl(arvif);
3453 			if (ret)
3454 				ath11k_warn(ar->ab, "failed to update bcn template: %d\n",
3455 					    ret);
3456 		}
3457 
3458 		if (arvif->bcca_zero_sent)
3459 			arvif->do_not_send_tmpl = true;
3460 		else
3461 			arvif->do_not_send_tmpl = false;
3462 
3463 		if (vif->bss_conf.he_support) {
3464 			ret = ath11k_wmi_vdev_set_param_cmd(ar, arvif->vdev_id,
3465 							    WMI_VDEV_PARAM_BA_MODE,
3466 							    WMI_BA_MODE_BUFFER_SIZE_256);
3467 			if (ret)
3468 				ath11k_warn(ar->ab,
3469 					    "failed to set BA BUFFER SIZE 256 for vdev: %d\n",
3470 					    arvif->vdev_id);
3471 			else
3472 				ath11k_dbg(ar->ab, ATH11K_DBG_MAC,
3473 					   "Set BA BUFFER SIZE 256 for VDEV: %d\n",
3474 					   arvif->vdev_id);
3475 		}
3476 	}
3477 
3478 	if (changed & (BSS_CHANGED_BEACON_INFO | BSS_CHANGED_BEACON)) {
3479 		arvif->dtim_period = info->dtim_period;
3480 
3481 		param_id = WMI_VDEV_PARAM_DTIM_PERIOD;
3482 		ret = ath11k_wmi_vdev_set_param_cmd(ar, arvif->vdev_id,
3483 						    param_id,
3484 						    arvif->dtim_period);
3485 
3486 		if (ret)
3487 			ath11k_warn(ar->ab, "Failed to set dtim period for VDEV %d: %i\n",
3488 				    arvif->vdev_id, ret);
3489 		else
3490 			ath11k_dbg(ar->ab, ATH11K_DBG_MAC,
3491 				   "DTIM period: %d set for VDEV: %d\n",
3492 				   arvif->dtim_period, arvif->vdev_id);
3493 	}
3494 
3495 	if (changed & BSS_CHANGED_SSID &&
3496 	    vif->type == NL80211_IFTYPE_AP) {
3497 		arvif->u.ap.ssid_len = vif->cfg.ssid_len;
3498 		if (vif->cfg.ssid_len)
3499 			memcpy(arvif->u.ap.ssid, vif->cfg.ssid,
3500 			       vif->cfg.ssid_len);
3501 		arvif->u.ap.hidden_ssid = info->hidden_ssid;
3502 	}
3503 
3504 	if (changed & BSS_CHANGED_BSSID && !is_zero_ether_addr(info->bssid))
3505 		ether_addr_copy(arvif->bssid, info->bssid);
3506 
3507 	if (changed & BSS_CHANGED_BEACON_ENABLED) {
3508 		if (info->enable_beacon)
3509 			ath11k_mac_set_he_txbf_conf(arvif);
3510 		ath11k_control_beaconing(arvif, info);
3511 
3512 		if (arvif->is_up && vif->bss_conf.he_support &&
3513 		    vif->bss_conf.he_oper.params) {
3514 			param_id = WMI_VDEV_PARAM_HEOPS_0_31;
3515 			param_value = vif->bss_conf.he_oper.params;
3516 			ret = ath11k_wmi_vdev_set_param_cmd(ar, arvif->vdev_id,
3517 							    param_id, param_value);
3518 			ath11k_dbg(ar->ab, ATH11K_DBG_MAC,
3519 				   "he oper param: %x set for VDEV: %d\n",
3520 				   param_value, arvif->vdev_id);
3521 
3522 			if (ret)
3523 				ath11k_warn(ar->ab, "Failed to set he oper params %x for VDEV %d: %i\n",
3524 					    param_value, arvif->vdev_id, ret);
3525 		}
3526 	}
3527 
3528 	if (changed & BSS_CHANGED_ERP_CTS_PROT) {
3529 		u32 cts_prot;
3530 
3531 		cts_prot = !!(info->use_cts_prot);
3532 		param_id = WMI_VDEV_PARAM_PROTECTION_MODE;
3533 
3534 		if (arvif->is_started) {
3535 			ret = ath11k_wmi_vdev_set_param_cmd(ar, arvif->vdev_id,
3536 							    param_id, cts_prot);
3537 			if (ret)
3538 				ath11k_warn(ar->ab, "Failed to set CTS prot for VDEV: %d\n",
3539 					    arvif->vdev_id);
3540 			else
3541 				ath11k_dbg(ar->ab, ATH11K_DBG_MAC, "Set CTS prot: %d for VDEV: %d\n",
3542 					   cts_prot, arvif->vdev_id);
3543 		} else {
3544 			ath11k_dbg(ar->ab, ATH11K_DBG_MAC, "defer protection mode setup, vdev is not ready yet\n");
3545 		}
3546 	}
3547 
3548 	if (changed & BSS_CHANGED_ERP_SLOT) {
3549 		u32 slottime;
3550 
3551 		if (info->use_short_slot)
3552 			slottime = WMI_VDEV_SLOT_TIME_SHORT; /* 9us */
3553 
3554 		else
3555 			slottime = WMI_VDEV_SLOT_TIME_LONG; /* 20us */
3556 
3557 		param_id = WMI_VDEV_PARAM_SLOT_TIME;
3558 		ret = ath11k_wmi_vdev_set_param_cmd(ar, arvif->vdev_id,
3559 						    param_id, slottime);
3560 		if (ret)
3561 			ath11k_warn(ar->ab, "Failed to set erp slot for VDEV: %d\n",
3562 				    arvif->vdev_id);
3563 		else
3564 			ath11k_dbg(ar->ab, ATH11K_DBG_MAC,
3565 				   "Set slottime: %d for VDEV: %d\n",
3566 				   slottime, arvif->vdev_id);
3567 	}
3568 
3569 	if (changed & BSS_CHANGED_ERP_PREAMBLE) {
3570 		u32 preamble;
3571 
3572 		if (info->use_short_preamble)
3573 			preamble = WMI_VDEV_PREAMBLE_SHORT;
3574 		else
3575 			preamble = WMI_VDEV_PREAMBLE_LONG;
3576 
3577 		param_id = WMI_VDEV_PARAM_PREAMBLE;
3578 		ret = ath11k_wmi_vdev_set_param_cmd(ar, arvif->vdev_id,
3579 						    param_id, preamble);
3580 		if (ret)
3581 			ath11k_warn(ar->ab, "Failed to set preamble for VDEV: %d\n",
3582 				    arvif->vdev_id);
3583 		else
3584 			ath11k_dbg(ar->ab, ATH11K_DBG_MAC,
3585 				   "Set preamble: %d for VDEV: %d\n",
3586 				   preamble, arvif->vdev_id);
3587 	}
3588 
3589 	if (changed & BSS_CHANGED_ASSOC) {
3590 		if (vif->cfg.assoc)
3591 			ath11k_bss_assoc(hw, vif, info);
3592 		else
3593 			ath11k_bss_disassoc(hw, vif);
3594 	}
3595 
3596 	if (changed & BSS_CHANGED_TXPOWER) {
3597 		ath11k_dbg(ar->ab, ATH11K_DBG_MAC, "vdev_id %i txpower %d\n",
3598 			   arvif->vdev_id, info->txpower);
3599 
3600 		arvif->txpower = info->txpower;
3601 		ath11k_mac_txpower_recalc(ar);
3602 	}
3603 
3604 	if (changed & BSS_CHANGED_PS &&
3605 	    ar->ab->hw_params.supports_sta_ps) {
3606 		arvif->ps = vif->cfg.ps;
3607 
3608 		ret = ath11k_mac_config_ps(ar);
3609 		if (ret)
3610 			ath11k_warn(ar->ab, "failed to setup ps on vdev %i: %d\n",
3611 				    arvif->vdev_id, ret);
3612 	}
3613 
3614 	if (changed & BSS_CHANGED_MCAST_RATE &&
3615 	    !ath11k_mac_vif_chan(arvif->vif, &def)) {
3616 		band = def.chan->band;
3617 		mcast_rate = vif->bss_conf.mcast_rate[band];
3618 
3619 		if (mcast_rate > 0)
3620 			rateidx = mcast_rate - 1;
3621 		else
3622 			rateidx = ffs(vif->bss_conf.basic_rates) - 1;
3623 
3624 		if (ar->pdev->cap.supported_bands & WMI_HOST_WLAN_5G_CAP)
3625 			rateidx += ATH11K_MAC_FIRST_OFDM_RATE_IDX;
3626 
3627 		bitrate = ath11k_legacy_rates[rateidx].bitrate;
3628 		hw_value = ath11k_legacy_rates[rateidx].hw_value;
3629 
3630 		if (ath11k_mac_bitrate_is_cck(bitrate))
3631 			preamble = WMI_RATE_PREAMBLE_CCK;
3632 		else
3633 			preamble = WMI_RATE_PREAMBLE_OFDM;
3634 
3635 		rate = ATH11K_HW_RATE_CODE(hw_value, 0, preamble);
3636 
3637 		ath11k_dbg(ar->ab, ATH11K_DBG_MAC,
3638 			   "vdev %d mcast_rate %x\n",
3639 			   arvif->vdev_id, rate);
3640 
3641 		vdev_param = WMI_VDEV_PARAM_MCAST_DATA_RATE;
3642 		ret = ath11k_wmi_vdev_set_param_cmd(ar, arvif->vdev_id,
3643 						    vdev_param, rate);
3644 		if (ret)
3645 			ath11k_warn(ar->ab,
3646 				    "failed to set mcast rate on vdev %i: %d\n",
3647 				    arvif->vdev_id,  ret);
3648 
3649 		vdev_param = WMI_VDEV_PARAM_BCAST_DATA_RATE;
3650 		ret = ath11k_wmi_vdev_set_param_cmd(ar, arvif->vdev_id,
3651 						    vdev_param, rate);
3652 		if (ret)
3653 			ath11k_warn(ar->ab,
3654 				    "failed to set bcast rate on vdev %i: %d\n",
3655 				    arvif->vdev_id,  ret);
3656 	}
3657 
3658 	if (changed & BSS_CHANGED_BASIC_RATES &&
3659 	    !ath11k_mac_vif_chan(arvif->vif, &def))
3660 		ath11k_recalculate_mgmt_rate(ar, vif, &def);
3661 
3662 	if (changed & BSS_CHANGED_TWT) {
3663 		struct wmi_twt_enable_params twt_params = {0};
3664 
3665 		if (info->twt_requester || info->twt_responder) {
3666 			ath11k_wmi_fill_default_twt_params(&twt_params);
3667 			ath11k_wmi_send_twt_enable_cmd(ar, ar->pdev->pdev_id,
3668 						       &twt_params);
3669 		} else {
3670 			ath11k_wmi_send_twt_disable_cmd(ar, ar->pdev->pdev_id);
3671 		}
3672 	}
3673 
3674 	if (changed & BSS_CHANGED_HE_OBSS_PD)
3675 		ath11k_mac_config_obss_pd(ar, &info->he_obss_pd);
3676 
3677 	if (changed & BSS_CHANGED_HE_BSS_COLOR) {
3678 		if (vif->type == NL80211_IFTYPE_AP) {
3679 			ret = ath11k_wmi_send_obss_color_collision_cfg_cmd(
3680 				ar, arvif->vdev_id, info->he_bss_color.color,
3681 				ATH11K_BSS_COLOR_COLLISION_DETECTION_AP_PERIOD_MS,
3682 				info->he_bss_color.enabled);
3683 			if (ret)
3684 				ath11k_warn(ar->ab, "failed to set bss color collision on vdev %i: %d\n",
3685 					    arvif->vdev_id,  ret);
3686 
3687 			param_id = WMI_VDEV_PARAM_BSS_COLOR;
3688 			if (info->he_bss_color.enabled)
3689 				param_value = info->he_bss_color.color <<
3690 						IEEE80211_HE_OPERATION_BSS_COLOR_OFFSET;
3691 			else
3692 				param_value = IEEE80211_HE_OPERATION_BSS_COLOR_DISABLED;
3693 
3694 			ret = ath11k_wmi_vdev_set_param_cmd(ar, arvif->vdev_id,
3695 							    param_id,
3696 							    param_value);
3697 			if (ret)
3698 				ath11k_warn(ar->ab,
3699 					    "failed to set bss color param on vdev %i: %d\n",
3700 					    arvif->vdev_id,  ret);
3701 
3702 			ath11k_dbg(ar->ab, ATH11K_DBG_MAC,
3703 				   "bss color param 0x%x set on vdev %i\n",
3704 				   param_value, arvif->vdev_id);
3705 		} else if (vif->type == NL80211_IFTYPE_STATION) {
3706 			ret = ath11k_wmi_send_bss_color_change_enable_cmd(ar,
3707 									  arvif->vdev_id,
3708 									  1);
3709 			if (ret)
3710 				ath11k_warn(ar->ab, "failed to enable bss color change on vdev %i: %d\n",
3711 					    arvif->vdev_id,  ret);
3712 			ret = ath11k_wmi_send_obss_color_collision_cfg_cmd(
3713 				ar, arvif->vdev_id, 0,
3714 				ATH11K_BSS_COLOR_COLLISION_DETECTION_STA_PERIOD_MS, 1);
3715 			if (ret)
3716 				ath11k_warn(ar->ab, "failed to set bss color collision on vdev %i: %d\n",
3717 					    arvif->vdev_id,  ret);
3718 		}
3719 	}
3720 
3721 	if (changed & BSS_CHANGED_FTM_RESPONDER &&
3722 	    arvif->ftm_responder != info->ftm_responder &&
3723 	    test_bit(WMI_TLV_SERVICE_RTT, ar->ab->wmi_ab.svc_map) &&
3724 	    (vif->type == NL80211_IFTYPE_AP ||
3725 	     vif->type == NL80211_IFTYPE_MESH_POINT)) {
3726 		arvif->ftm_responder = info->ftm_responder;
3727 		param = WMI_VDEV_PARAM_ENABLE_DISABLE_RTT_RESPONDER_ROLE;
3728 		ret = ath11k_wmi_vdev_set_param_cmd(ar, arvif->vdev_id, param,
3729 						    arvif->ftm_responder);
3730 		if (ret)
3731 			ath11k_warn(ar->ab, "Failed to set ftm responder %i: %d\n",
3732 				    arvif->vdev_id, ret);
3733 	}
3734 
3735 	if (changed & BSS_CHANGED_FILS_DISCOVERY ||
3736 	    changed & BSS_CHANGED_UNSOL_BCAST_PROBE_RESP)
3737 		ath11k_mac_fils_discovery(arvif, info);
3738 
3739 	if (changed & BSS_CHANGED_ARP_FILTER) {
3740 		ipv4_cnt = min(vif->cfg.arp_addr_cnt, ATH11K_IPV4_MAX_COUNT);
3741 		memcpy(arvif->arp_ns_offload.ipv4_addr,
3742 		       vif->cfg.arp_addr_list,
3743 		       ipv4_cnt * sizeof(u32));
3744 		memcpy(arvif->arp_ns_offload.mac_addr, vif->addr, ETH_ALEN);
3745 		arvif->arp_ns_offload.ipv4_count = ipv4_cnt;
3746 
3747 		ath11k_dbg(ar->ab, ATH11K_DBG_MAC, "arp_addr_cnt %d vif->addr %pM, offload_addr %pI4\n",
3748 			   vif->cfg.arp_addr_cnt,
3749 			   vif->addr, arvif->arp_ns_offload.ipv4_addr);
3750 	}
3751 
3752 	mutex_unlock(&ar->conf_mutex);
3753 }
3754 
3755 void __ath11k_mac_scan_finish(struct ath11k *ar)
3756 {
3757 	lockdep_assert_held(&ar->data_lock);
3758 
3759 	switch (ar->scan.state) {
3760 	case ATH11K_SCAN_IDLE:
3761 		break;
3762 	case ATH11K_SCAN_RUNNING:
3763 	case ATH11K_SCAN_ABORTING:
3764 		if (ar->scan.is_roc && ar->scan.roc_notify)
3765 			ieee80211_remain_on_channel_expired(ar->hw);
3766 		fallthrough;
3767 	case ATH11K_SCAN_STARTING:
3768 		if (!ar->scan.is_roc) {
3769 			struct cfg80211_scan_info info = {
3770 				.aborted = ((ar->scan.state ==
3771 					    ATH11K_SCAN_ABORTING) ||
3772 					    (ar->scan.state ==
3773 					    ATH11K_SCAN_STARTING)),
3774 			};
3775 
3776 			ieee80211_scan_completed(ar->hw, &info);
3777 		}
3778 
3779 		ar->scan.state = ATH11K_SCAN_IDLE;
3780 		ar->scan_channel = NULL;
3781 		ar->scan.roc_freq = 0;
3782 		cancel_delayed_work(&ar->scan.timeout);
3783 		complete_all(&ar->scan.completed);
3784 		break;
3785 	}
3786 }
3787 
3788 void ath11k_mac_scan_finish(struct ath11k *ar)
3789 {
3790 	spin_lock_bh(&ar->data_lock);
3791 	__ath11k_mac_scan_finish(ar);
3792 	spin_unlock_bh(&ar->data_lock);
3793 }
3794 
3795 static int ath11k_scan_stop(struct ath11k *ar)
3796 {
3797 	struct scan_cancel_param arg = {
3798 		.req_type = WLAN_SCAN_CANCEL_SINGLE,
3799 		.scan_id = ATH11K_SCAN_ID,
3800 	};
3801 	int ret;
3802 
3803 	lockdep_assert_held(&ar->conf_mutex);
3804 
3805 	/* TODO: Fill other STOP Params */
3806 	arg.pdev_id = ar->pdev->pdev_id;
3807 
3808 	ret = ath11k_wmi_send_scan_stop_cmd(ar, &arg);
3809 	if (ret) {
3810 		ath11k_warn(ar->ab, "failed to stop wmi scan: %d\n", ret);
3811 		goto out;
3812 	}
3813 
3814 	ret = wait_for_completion_timeout(&ar->scan.completed, 3 * HZ);
3815 	if (ret == 0) {
3816 		ath11k_warn(ar->ab,
3817 			    "failed to receive scan abort comple: timed out\n");
3818 		ret = -ETIMEDOUT;
3819 	} else if (ret > 0) {
3820 		ret = 0;
3821 	}
3822 
3823 out:
3824 	/* Scan state should be updated upon scan completion but in case
3825 	 * firmware fails to deliver the event (for whatever reason) it is
3826 	 * desired to clean up scan state anyway. Firmware may have just
3827 	 * dropped the scan completion event delivery due to transport pipe
3828 	 * being overflown with data and/or it can recover on its own before
3829 	 * next scan request is submitted.
3830 	 */
3831 	spin_lock_bh(&ar->data_lock);
3832 	if (ar->scan.state != ATH11K_SCAN_IDLE)
3833 		__ath11k_mac_scan_finish(ar);
3834 	spin_unlock_bh(&ar->data_lock);
3835 
3836 	return ret;
3837 }
3838 
3839 static void ath11k_scan_abort(struct ath11k *ar)
3840 {
3841 	int ret;
3842 
3843 	lockdep_assert_held(&ar->conf_mutex);
3844 
3845 	spin_lock_bh(&ar->data_lock);
3846 
3847 	switch (ar->scan.state) {
3848 	case ATH11K_SCAN_IDLE:
3849 		/* This can happen if timeout worker kicked in and called
3850 		 * abortion while scan completion was being processed.
3851 		 */
3852 		break;
3853 	case ATH11K_SCAN_STARTING:
3854 	case ATH11K_SCAN_ABORTING:
3855 		ath11k_warn(ar->ab, "refusing scan abortion due to invalid scan state: %d\n",
3856 			    ar->scan.state);
3857 		break;
3858 	case ATH11K_SCAN_RUNNING:
3859 		ar->scan.state = ATH11K_SCAN_ABORTING;
3860 		spin_unlock_bh(&ar->data_lock);
3861 
3862 		ret = ath11k_scan_stop(ar);
3863 		if (ret)
3864 			ath11k_warn(ar->ab, "failed to abort scan: %d\n", ret);
3865 
3866 		spin_lock_bh(&ar->data_lock);
3867 		break;
3868 	}
3869 
3870 	spin_unlock_bh(&ar->data_lock);
3871 }
3872 
3873 static void ath11k_scan_timeout_work(struct work_struct *work)
3874 {
3875 	struct ath11k *ar = container_of(work, struct ath11k,
3876 					 scan.timeout.work);
3877 
3878 	mutex_lock(&ar->conf_mutex);
3879 	ath11k_scan_abort(ar);
3880 	mutex_unlock(&ar->conf_mutex);
3881 }
3882 
3883 static int ath11k_start_scan(struct ath11k *ar,
3884 			     struct scan_req_params *arg)
3885 {
3886 	int ret;
3887 	unsigned long timeout = 1 * HZ;
3888 
3889 	lockdep_assert_held(&ar->conf_mutex);
3890 
3891 	if (ath11k_spectral_get_mode(ar) == ATH11K_SPECTRAL_BACKGROUND)
3892 		ath11k_spectral_reset_buffer(ar);
3893 
3894 	ret = ath11k_wmi_send_scan_start_cmd(ar, arg);
3895 	if (ret)
3896 		return ret;
3897 
3898 	if (test_bit(WMI_TLV_SERVICE_11D_OFFLOAD, ar->ab->wmi_ab.svc_map)) {
3899 		timeout = 5 * HZ;
3900 
3901 		if (ar->supports_6ghz)
3902 			timeout += 5 * HZ;
3903 	}
3904 
3905 	ret = wait_for_completion_timeout(&ar->scan.started, timeout);
3906 	if (ret == 0) {
3907 		ret = ath11k_scan_stop(ar);
3908 		if (ret)
3909 			ath11k_warn(ar->ab, "failed to stop scan: %d\n", ret);
3910 
3911 		return -ETIMEDOUT;
3912 	}
3913 
3914 	/* If we failed to start the scan, return error code at
3915 	 * this point.  This is probably due to some issue in the
3916 	 * firmware, but no need to wedge the driver due to that...
3917 	 */
3918 	spin_lock_bh(&ar->data_lock);
3919 	if (ar->scan.state == ATH11K_SCAN_IDLE) {
3920 		spin_unlock_bh(&ar->data_lock);
3921 		return -EINVAL;
3922 	}
3923 	spin_unlock_bh(&ar->data_lock);
3924 
3925 	return 0;
3926 }
3927 
3928 static int ath11k_mac_op_hw_scan(struct ieee80211_hw *hw,
3929 				 struct ieee80211_vif *vif,
3930 				 struct ieee80211_scan_request *hw_req)
3931 {
3932 	struct ath11k *ar = hw->priv;
3933 	struct ath11k_vif *arvif = ath11k_vif_to_arvif(vif);
3934 	struct cfg80211_scan_request *req = &hw_req->req;
3935 	struct scan_req_params *arg = NULL;
3936 	int ret = 0;
3937 	int i;
3938 	u32 scan_timeout;
3939 
3940 	/* Firmwares advertising the support of triggering 11D algorithm
3941 	 * on the scan results of a regular scan expects driver to send
3942 	 * WMI_11D_SCAN_START_CMDID before sending WMI_START_SCAN_CMDID.
3943 	 * With this feature, separate 11D scan can be avoided since
3944 	 * regdomain can be determined with the scan results of the
3945 	 * regular scan.
3946 	 */
3947 	if (ar->state_11d == ATH11K_11D_PREPARING &&
3948 	    test_bit(WMI_TLV_SERVICE_SUPPORT_11D_FOR_HOST_SCAN,
3949 		     ar->ab->wmi_ab.svc_map))
3950 		ath11k_mac_11d_scan_start(ar, arvif->vdev_id);
3951 
3952 	mutex_lock(&ar->conf_mutex);
3953 
3954 	spin_lock_bh(&ar->data_lock);
3955 	switch (ar->scan.state) {
3956 	case ATH11K_SCAN_IDLE:
3957 		reinit_completion(&ar->scan.started);
3958 		reinit_completion(&ar->scan.completed);
3959 		ar->scan.state = ATH11K_SCAN_STARTING;
3960 		ar->scan.is_roc = false;
3961 		ar->scan.vdev_id = arvif->vdev_id;
3962 		ret = 0;
3963 		break;
3964 	case ATH11K_SCAN_STARTING:
3965 	case ATH11K_SCAN_RUNNING:
3966 	case ATH11K_SCAN_ABORTING:
3967 		ret = -EBUSY;
3968 		break;
3969 	}
3970 	spin_unlock_bh(&ar->data_lock);
3971 
3972 	if (ret)
3973 		goto exit;
3974 
3975 	arg = kzalloc(sizeof(*arg), GFP_KERNEL);
3976 
3977 	if (!arg) {
3978 		ret = -ENOMEM;
3979 		goto exit;
3980 	}
3981 
3982 	ath11k_wmi_start_scan_init(ar, arg);
3983 	arg->vdev_id = arvif->vdev_id;
3984 	arg->scan_id = ATH11K_SCAN_ID;
3985 
3986 	if (req->ie_len) {
3987 		arg->extraie.ptr = kmemdup(req->ie, req->ie_len, GFP_KERNEL);
3988 		if (!arg->extraie.ptr) {
3989 			ret = -ENOMEM;
3990 			goto exit;
3991 		}
3992 		arg->extraie.len = req->ie_len;
3993 	}
3994 
3995 	if (req->n_ssids) {
3996 		arg->num_ssids = req->n_ssids;
3997 		for (i = 0; i < arg->num_ssids; i++) {
3998 			arg->ssid[i].length  = req->ssids[i].ssid_len;
3999 			memcpy(&arg->ssid[i].ssid, req->ssids[i].ssid,
4000 			       req->ssids[i].ssid_len);
4001 		}
4002 	} else {
4003 		arg->scan_flags |= WMI_SCAN_FLAG_PASSIVE;
4004 	}
4005 
4006 	if (req->n_channels) {
4007 		arg->num_chan = req->n_channels;
4008 		arg->chan_list = kcalloc(arg->num_chan, sizeof(*arg->chan_list),
4009 					 GFP_KERNEL);
4010 
4011 		if (!arg->chan_list) {
4012 			ret = -ENOMEM;
4013 			goto exit;
4014 		}
4015 
4016 		for (i = 0; i < arg->num_chan; i++) {
4017 			if (test_bit(WMI_TLV_SERVICE_SCAN_CONFIG_PER_CHANNEL,
4018 				     ar->ab->wmi_ab.svc_map)) {
4019 				arg->chan_list[i] =
4020 					u32_encode_bits(req->channels[i]->center_freq,
4021 							WMI_SCAN_CONFIG_PER_CHANNEL_MASK);
4022 
4023 				/* If NL80211_SCAN_FLAG_COLOCATED_6GHZ is set in scan
4024 				 * flags, then scan all PSC channels in 6 GHz band and
4025 				 * those non-PSC channels where RNR IE is found during
4026 				 * the legacy 2.4/5 GHz scan.
4027 				 * If NL80211_SCAN_FLAG_COLOCATED_6GHZ is not set,
4028 				 * then all channels in 6 GHz will be scanned.
4029 				 */
4030 				if (req->channels[i]->band == NL80211_BAND_6GHZ &&
4031 				    req->flags & NL80211_SCAN_FLAG_COLOCATED_6GHZ &&
4032 				    !cfg80211_channel_is_psc(req->channels[i]))
4033 					arg->chan_list[i] |=
4034 						WMI_SCAN_CH_FLAG_SCAN_ONLY_IF_RNR_FOUND;
4035 			} else {
4036 				arg->chan_list[i] = req->channels[i]->center_freq;
4037 			}
4038 		}
4039 	}
4040 
4041 	if (req->flags & NL80211_SCAN_FLAG_RANDOM_ADDR) {
4042 		arg->scan_f_add_spoofed_mac_in_probe = 1;
4043 		ether_addr_copy(arg->mac_addr.addr, req->mac_addr);
4044 		ether_addr_copy(arg->mac_mask.addr, req->mac_addr_mask);
4045 	}
4046 
4047 	/* if duration is set, default dwell times will be overwritten */
4048 	if (req->duration) {
4049 		arg->dwell_time_active = req->duration;
4050 		arg->dwell_time_active_2g = req->duration;
4051 		arg->dwell_time_active_6g = req->duration;
4052 		arg->dwell_time_passive = req->duration;
4053 		arg->dwell_time_passive_6g = req->duration;
4054 		arg->burst_duration = req->duration;
4055 
4056 		scan_timeout = min_t(u32, arg->max_rest_time *
4057 				(arg->num_chan - 1) + (req->duration +
4058 				ATH11K_SCAN_CHANNEL_SWITCH_WMI_EVT_OVERHEAD) *
4059 				arg->num_chan, arg->max_scan_time);
4060 	} else {
4061 		scan_timeout = arg->max_scan_time;
4062 	}
4063 
4064 	/* Add a margin to account for event/command processing */
4065 	scan_timeout += ATH11K_MAC_SCAN_CMD_EVT_OVERHEAD;
4066 
4067 	ret = ath11k_start_scan(ar, arg);
4068 	if (ret) {
4069 		ath11k_warn(ar->ab, "failed to start hw scan: %d\n", ret);
4070 		spin_lock_bh(&ar->data_lock);
4071 		ar->scan.state = ATH11K_SCAN_IDLE;
4072 		spin_unlock_bh(&ar->data_lock);
4073 	}
4074 
4075 	ieee80211_queue_delayed_work(ar->hw, &ar->scan.timeout,
4076 				     msecs_to_jiffies(scan_timeout));
4077 
4078 exit:
4079 	if (arg) {
4080 		kfree(arg->chan_list);
4081 		kfree(arg->extraie.ptr);
4082 		kfree(arg);
4083 	}
4084 
4085 	mutex_unlock(&ar->conf_mutex);
4086 
4087 	if (ar->state_11d == ATH11K_11D_PREPARING)
4088 		ath11k_mac_11d_scan_start(ar, arvif->vdev_id);
4089 
4090 	return ret;
4091 }
4092 
4093 static void ath11k_mac_op_cancel_hw_scan(struct ieee80211_hw *hw,
4094 					 struct ieee80211_vif *vif)
4095 {
4096 	struct ath11k *ar = hw->priv;
4097 
4098 	mutex_lock(&ar->conf_mutex);
4099 	ath11k_scan_abort(ar);
4100 	mutex_unlock(&ar->conf_mutex);
4101 
4102 	cancel_delayed_work_sync(&ar->scan.timeout);
4103 }
4104 
4105 static int ath11k_install_key(struct ath11k_vif *arvif,
4106 			      struct ieee80211_key_conf *key,
4107 			      enum set_key_cmd cmd,
4108 			      const u8 *macaddr, u32 flags)
4109 {
4110 	int ret;
4111 	struct ath11k *ar = arvif->ar;
4112 	struct wmi_vdev_install_key_arg arg = {
4113 		.vdev_id = arvif->vdev_id,
4114 		.key_idx = key->keyidx,
4115 		.key_len = key->keylen,
4116 		.key_data = key->key,
4117 		.key_flags = flags,
4118 		.macaddr = macaddr,
4119 	};
4120 
4121 	lockdep_assert_held(&arvif->ar->conf_mutex);
4122 
4123 	reinit_completion(&ar->install_key_done);
4124 
4125 	if (test_bit(ATH11K_FLAG_HW_CRYPTO_DISABLED, &ar->ab->dev_flags))
4126 		return 0;
4127 
4128 	if (cmd == DISABLE_KEY) {
4129 		arg.key_cipher = WMI_CIPHER_NONE;
4130 		arg.key_data = NULL;
4131 		goto install;
4132 	}
4133 
4134 	switch (key->cipher) {
4135 	case WLAN_CIPHER_SUITE_CCMP:
4136 		arg.key_cipher = WMI_CIPHER_AES_CCM;
4137 		/* TODO: Re-check if flag is valid */
4138 		key->flags |= IEEE80211_KEY_FLAG_GENERATE_IV_MGMT;
4139 		break;
4140 	case WLAN_CIPHER_SUITE_TKIP:
4141 		arg.key_cipher = WMI_CIPHER_TKIP;
4142 		arg.key_txmic_len = 8;
4143 		arg.key_rxmic_len = 8;
4144 		break;
4145 	case WLAN_CIPHER_SUITE_CCMP_256:
4146 		arg.key_cipher = WMI_CIPHER_AES_CCM;
4147 		break;
4148 	case WLAN_CIPHER_SUITE_GCMP:
4149 	case WLAN_CIPHER_SUITE_GCMP_256:
4150 		arg.key_cipher = WMI_CIPHER_AES_GCM;
4151 		break;
4152 	default:
4153 		ath11k_warn(ar->ab, "cipher %d is not supported\n", key->cipher);
4154 		return -EOPNOTSUPP;
4155 	}
4156 
4157 	if (test_bit(ATH11K_FLAG_RAW_MODE, &ar->ab->dev_flags))
4158 		key->flags |= IEEE80211_KEY_FLAG_GENERATE_IV |
4159 			      IEEE80211_KEY_FLAG_RESERVE_TAILROOM;
4160 
4161 install:
4162 	ret = ath11k_wmi_vdev_install_key(arvif->ar, &arg);
4163 
4164 	if (ret)
4165 		return ret;
4166 
4167 	if (!wait_for_completion_timeout(&ar->install_key_done, 1 * HZ))
4168 		return -ETIMEDOUT;
4169 
4170 	return ar->install_key_status ? -EINVAL : 0;
4171 }
4172 
4173 static int ath11k_clear_peer_keys(struct ath11k_vif *arvif,
4174 				  const u8 *addr)
4175 {
4176 	struct ath11k *ar = arvif->ar;
4177 	struct ath11k_base *ab = ar->ab;
4178 	struct ath11k_peer *peer;
4179 	int first_errno = 0;
4180 	int ret;
4181 	int i;
4182 	u32 flags = 0;
4183 
4184 	lockdep_assert_held(&ar->conf_mutex);
4185 
4186 	spin_lock_bh(&ab->base_lock);
4187 	peer = ath11k_peer_find(ab, arvif->vdev_id, addr);
4188 	spin_unlock_bh(&ab->base_lock);
4189 
4190 	if (!peer)
4191 		return -ENOENT;
4192 
4193 	for (i = 0; i < ARRAY_SIZE(peer->keys); i++) {
4194 		if (!peer->keys[i])
4195 			continue;
4196 
4197 		/* key flags are not required to delete the key */
4198 		ret = ath11k_install_key(arvif, peer->keys[i],
4199 					 DISABLE_KEY, addr, flags);
4200 		if (ret < 0 && first_errno == 0)
4201 			first_errno = ret;
4202 
4203 		if (ret < 0)
4204 			ath11k_warn(ab, "failed to remove peer key %d: %d\n",
4205 				    i, ret);
4206 
4207 		spin_lock_bh(&ab->base_lock);
4208 		peer->keys[i] = NULL;
4209 		spin_unlock_bh(&ab->base_lock);
4210 	}
4211 
4212 	return first_errno;
4213 }
4214 
4215 static int ath11k_mac_op_set_key(struct ieee80211_hw *hw, enum set_key_cmd cmd,
4216 				 struct ieee80211_vif *vif, struct ieee80211_sta *sta,
4217 				 struct ieee80211_key_conf *key)
4218 {
4219 	struct ath11k *ar = hw->priv;
4220 	struct ath11k_base *ab = ar->ab;
4221 	struct ath11k_vif *arvif = ath11k_vif_to_arvif(vif);
4222 	struct ath11k_peer *peer;
4223 	struct ath11k_sta *arsta;
4224 	const u8 *peer_addr;
4225 	int ret = 0;
4226 	u32 flags = 0;
4227 
4228 	/* BIP needs to be done in software */
4229 	if (key->cipher == WLAN_CIPHER_SUITE_AES_CMAC ||
4230 	    key->cipher == WLAN_CIPHER_SUITE_BIP_GMAC_128 ||
4231 	    key->cipher == WLAN_CIPHER_SUITE_BIP_GMAC_256 ||
4232 	    key->cipher == WLAN_CIPHER_SUITE_BIP_CMAC_256)
4233 		return 1;
4234 
4235 	if (test_bit(ATH11K_FLAG_HW_CRYPTO_DISABLED, &ar->ab->dev_flags))
4236 		return 1;
4237 
4238 	if (key->keyidx > WMI_MAX_KEY_INDEX)
4239 		return -ENOSPC;
4240 
4241 	mutex_lock(&ar->conf_mutex);
4242 
4243 	if (sta)
4244 		peer_addr = sta->addr;
4245 	else if (arvif->vdev_type == WMI_VDEV_TYPE_STA)
4246 		peer_addr = vif->bss_conf.bssid;
4247 	else
4248 		peer_addr = vif->addr;
4249 
4250 	key->hw_key_idx = key->keyidx;
4251 
4252 	/* the peer should not disappear in mid-way (unless FW goes awry) since
4253 	 * we already hold conf_mutex. we just make sure its there now.
4254 	 */
4255 	spin_lock_bh(&ab->base_lock);
4256 	peer = ath11k_peer_find(ab, arvif->vdev_id, peer_addr);
4257 
4258 	/* flush the fragments cache during key (re)install to
4259 	 * ensure all frags in the new frag list belong to the same key.
4260 	 */
4261 	if (peer && sta && cmd == SET_KEY)
4262 		ath11k_peer_frags_flush(ar, peer);
4263 	spin_unlock_bh(&ab->base_lock);
4264 
4265 	if (!peer) {
4266 		if (cmd == SET_KEY) {
4267 			ath11k_warn(ab, "cannot install key for non-existent peer %pM\n",
4268 				    peer_addr);
4269 			ret = -EOPNOTSUPP;
4270 			goto exit;
4271 		} else {
4272 			/* if the peer doesn't exist there is no key to disable
4273 			 * anymore
4274 			 */
4275 			goto exit;
4276 		}
4277 	}
4278 
4279 	if (key->flags & IEEE80211_KEY_FLAG_PAIRWISE)
4280 		flags |= WMI_KEY_PAIRWISE;
4281 	else
4282 		flags |= WMI_KEY_GROUP;
4283 
4284 	ret = ath11k_install_key(arvif, key, cmd, peer_addr, flags);
4285 	if (ret) {
4286 		ath11k_warn(ab, "ath11k_install_key failed (%d)\n", ret);
4287 		goto exit;
4288 	}
4289 
4290 	ret = ath11k_dp_peer_rx_pn_replay_config(arvif, peer_addr, cmd, key);
4291 	if (ret) {
4292 		ath11k_warn(ab, "failed to offload PN replay detection %d\n", ret);
4293 		goto exit;
4294 	}
4295 
4296 	spin_lock_bh(&ab->base_lock);
4297 	peer = ath11k_peer_find(ab, arvif->vdev_id, peer_addr);
4298 	if (peer && cmd == SET_KEY) {
4299 		peer->keys[key->keyidx] = key;
4300 		if (key->flags & IEEE80211_KEY_FLAG_PAIRWISE) {
4301 			peer->ucast_keyidx = key->keyidx;
4302 			peer->sec_type = ath11k_dp_tx_get_encrypt_type(key->cipher);
4303 		} else {
4304 			peer->mcast_keyidx = key->keyidx;
4305 			peer->sec_type_grp = ath11k_dp_tx_get_encrypt_type(key->cipher);
4306 		}
4307 	} else if (peer && cmd == DISABLE_KEY) {
4308 		peer->keys[key->keyidx] = NULL;
4309 		if (key->flags & IEEE80211_KEY_FLAG_PAIRWISE)
4310 			peer->ucast_keyidx = 0;
4311 		else
4312 			peer->mcast_keyidx = 0;
4313 	} else if (!peer)
4314 		/* impossible unless FW goes crazy */
4315 		ath11k_warn(ab, "peer %pM disappeared!\n", peer_addr);
4316 
4317 	if (sta) {
4318 		arsta = (struct ath11k_sta *)sta->drv_priv;
4319 
4320 		switch (key->cipher) {
4321 		case WLAN_CIPHER_SUITE_TKIP:
4322 		case WLAN_CIPHER_SUITE_CCMP:
4323 		case WLAN_CIPHER_SUITE_CCMP_256:
4324 		case WLAN_CIPHER_SUITE_GCMP:
4325 		case WLAN_CIPHER_SUITE_GCMP_256:
4326 			if (cmd == SET_KEY)
4327 				arsta->pn_type = HAL_PN_TYPE_WPA;
4328 			else
4329 				arsta->pn_type = HAL_PN_TYPE_NONE;
4330 			break;
4331 		default:
4332 			arsta->pn_type = HAL_PN_TYPE_NONE;
4333 			break;
4334 		}
4335 	}
4336 
4337 	spin_unlock_bh(&ab->base_lock);
4338 
4339 exit:
4340 	mutex_unlock(&ar->conf_mutex);
4341 	return ret;
4342 }
4343 
4344 static int
4345 ath11k_mac_bitrate_mask_num_ht_rates(struct ath11k *ar,
4346 				     enum nl80211_band band,
4347 				     const struct cfg80211_bitrate_mask *mask)
4348 {
4349 	int num_rates = 0;
4350 	int i;
4351 
4352 	for (i = 0; i < ARRAY_SIZE(mask->control[band].ht_mcs); i++)
4353 		num_rates += hweight8(mask->control[band].ht_mcs[i]);
4354 
4355 	return num_rates;
4356 }
4357 
4358 static int
4359 ath11k_mac_bitrate_mask_num_vht_rates(struct ath11k *ar,
4360 				      enum nl80211_band band,
4361 				      const struct cfg80211_bitrate_mask *mask)
4362 {
4363 	int num_rates = 0;
4364 	int i;
4365 
4366 	for (i = 0; i < ARRAY_SIZE(mask->control[band].vht_mcs); i++)
4367 		num_rates += hweight16(mask->control[band].vht_mcs[i]);
4368 
4369 	return num_rates;
4370 }
4371 
4372 static int
4373 ath11k_mac_bitrate_mask_num_he_rates(struct ath11k *ar,
4374 				     enum nl80211_band band,
4375 				     const struct cfg80211_bitrate_mask *mask)
4376 {
4377 	int num_rates = 0;
4378 	int i;
4379 
4380 	for (i = 0; i < ARRAY_SIZE(mask->control[band].he_mcs); i++)
4381 		num_rates += hweight16(mask->control[band].he_mcs[i]);
4382 
4383 	return num_rates;
4384 }
4385 
4386 static int
4387 ath11k_mac_set_peer_vht_fixed_rate(struct ath11k_vif *arvif,
4388 				   struct ieee80211_sta *sta,
4389 				   const struct cfg80211_bitrate_mask *mask,
4390 				   enum nl80211_band band)
4391 {
4392 	struct ath11k *ar = arvif->ar;
4393 	u8 vht_rate, nss;
4394 	u32 rate_code;
4395 	int ret, i;
4396 
4397 	lockdep_assert_held(&ar->conf_mutex);
4398 
4399 	nss = 0;
4400 
4401 	for (i = 0; i < ARRAY_SIZE(mask->control[band].vht_mcs); i++) {
4402 		if (hweight16(mask->control[band].vht_mcs[i]) == 1) {
4403 			nss = i + 1;
4404 			vht_rate = ffs(mask->control[band].vht_mcs[i]) - 1;
4405 		}
4406 	}
4407 
4408 	if (!nss) {
4409 		ath11k_warn(ar->ab, "No single VHT Fixed rate found to set for %pM",
4410 			    sta->addr);
4411 		return -EINVAL;
4412 	}
4413 
4414 	/* Avoid updating invalid nss as fixed rate*/
4415 	if (nss > sta->deflink.rx_nss)
4416 		return -EINVAL;
4417 
4418 	ath11k_dbg(ar->ab, ATH11K_DBG_MAC,
4419 		   "Setting Fixed VHT Rate for peer %pM. Device will not switch to any other selected rates",
4420 		   sta->addr);
4421 
4422 	rate_code = ATH11K_HW_RATE_CODE(vht_rate, nss - 1,
4423 					WMI_RATE_PREAMBLE_VHT);
4424 	ret = ath11k_wmi_set_peer_param(ar, sta->addr,
4425 					arvif->vdev_id,
4426 					WMI_PEER_PARAM_FIXED_RATE,
4427 					rate_code);
4428 	if (ret)
4429 		ath11k_warn(ar->ab,
4430 			    "failed to update STA %pM Fixed Rate %d: %d\n",
4431 			     sta->addr, rate_code, ret);
4432 
4433 	return ret;
4434 }
4435 
4436 static int
4437 ath11k_mac_set_peer_he_fixed_rate(struct ath11k_vif *arvif,
4438 				  struct ieee80211_sta *sta,
4439 				  const struct cfg80211_bitrate_mask *mask,
4440 				  enum nl80211_band band)
4441 {
4442 	struct ath11k *ar = arvif->ar;
4443 	u8 he_rate, nss;
4444 	u32 rate_code;
4445 	int ret, i;
4446 
4447 	lockdep_assert_held(&ar->conf_mutex);
4448 
4449 	nss = 0;
4450 
4451 	for (i = 0; i < ARRAY_SIZE(mask->control[band].he_mcs); i++) {
4452 		if (hweight16(mask->control[band].he_mcs[i]) == 1) {
4453 			nss = i + 1;
4454 			he_rate = ffs(mask->control[band].he_mcs[i]) - 1;
4455 		}
4456 	}
4457 
4458 	if (!nss) {
4459 		ath11k_warn(ar->ab, "No single he fixed rate found to set for %pM",
4460 			    sta->addr);
4461 		return -EINVAL;
4462 	}
4463 
4464 	/* Avoid updating invalid nss as fixed rate */
4465 	if (nss > sta->deflink.rx_nss)
4466 		return -EINVAL;
4467 
4468 	ath11k_dbg(ar->ab, ATH11K_DBG_MAC,
4469 		   "setting fixed he rate for peer %pM, device will not switch to any other selected rates",
4470 		   sta->addr);
4471 
4472 	rate_code = ATH11K_HW_RATE_CODE(he_rate, nss - 1,
4473 					WMI_RATE_PREAMBLE_HE);
4474 
4475 	ret = ath11k_wmi_set_peer_param(ar, sta->addr,
4476 					arvif->vdev_id,
4477 					WMI_PEER_PARAM_FIXED_RATE,
4478 					rate_code);
4479 	if (ret)
4480 		ath11k_warn(ar->ab,
4481 			    "failed to update sta %pM fixed rate %d: %d\n",
4482 			    sta->addr, rate_code, ret);
4483 
4484 	return ret;
4485 }
4486 
4487 static int
4488 ath11k_mac_set_peer_ht_fixed_rate(struct ath11k_vif *arvif,
4489 				  struct ieee80211_sta *sta,
4490 				  const struct cfg80211_bitrate_mask *mask,
4491 				  enum nl80211_band band)
4492 {
4493 	struct ath11k *ar = arvif->ar;
4494 	u8 ht_rate, nss = 0;
4495 	u32 rate_code;
4496 	int ret, i;
4497 
4498 	lockdep_assert_held(&ar->conf_mutex);
4499 
4500 	for (i = 0; i < ARRAY_SIZE(mask->control[band].ht_mcs); i++) {
4501 		if (hweight8(mask->control[band].ht_mcs[i]) == 1) {
4502 			nss = i + 1;
4503 			ht_rate = ffs(mask->control[band].ht_mcs[i]) - 1;
4504 		}
4505 	}
4506 
4507 	if (!nss) {
4508 		ath11k_warn(ar->ab, "No single HT Fixed rate found to set for %pM",
4509 			    sta->addr);
4510 		return -EINVAL;
4511 	}
4512 
4513 	/* Avoid updating invalid nss as fixed rate*/
4514 	if (nss > sta->deflink.rx_nss)
4515 		return -EINVAL;
4516 
4517 	ath11k_dbg(ar->ab, ATH11K_DBG_MAC,
4518 		   "Setting Fixed HT Rate for peer %pM. Device will not switch to any other selected rates",
4519 		   sta->addr);
4520 
4521 	rate_code = ATH11K_HW_RATE_CODE(ht_rate, nss - 1,
4522 					WMI_RATE_PREAMBLE_HT);
4523 	ret = ath11k_wmi_set_peer_param(ar, sta->addr,
4524 					arvif->vdev_id,
4525 					WMI_PEER_PARAM_FIXED_RATE,
4526 					rate_code);
4527 	if (ret)
4528 		ath11k_warn(ar->ab,
4529 			    "failed to update STA %pM HT Fixed Rate %d: %d\n",
4530 			    sta->addr, rate_code, ret);
4531 
4532 	return ret;
4533 }
4534 
4535 static int ath11k_station_assoc(struct ath11k *ar,
4536 				struct ieee80211_vif *vif,
4537 				struct ieee80211_sta *sta,
4538 				bool reassoc)
4539 {
4540 	struct ath11k_vif *arvif = ath11k_vif_to_arvif(vif);
4541 	struct peer_assoc_params peer_arg;
4542 	int ret = 0;
4543 	struct cfg80211_chan_def def;
4544 	enum nl80211_band band;
4545 	struct cfg80211_bitrate_mask *mask;
4546 	u8 num_ht_rates, num_vht_rates, num_he_rates;
4547 
4548 	lockdep_assert_held(&ar->conf_mutex);
4549 
4550 	if (WARN_ON(ath11k_mac_vif_chan(vif, &def)))
4551 		return -EPERM;
4552 
4553 	band = def.chan->band;
4554 	mask = &arvif->bitrate_mask;
4555 
4556 	ath11k_peer_assoc_prepare(ar, vif, sta, &peer_arg, reassoc);
4557 
4558 	peer_arg.is_assoc = true;
4559 	ret = ath11k_wmi_send_peer_assoc_cmd(ar, &peer_arg);
4560 	if (ret) {
4561 		ath11k_warn(ar->ab, "failed to run peer assoc for STA %pM vdev %i: %d\n",
4562 			    sta->addr, arvif->vdev_id, ret);
4563 		return ret;
4564 	}
4565 
4566 	if (!wait_for_completion_timeout(&ar->peer_assoc_done, 1 * HZ)) {
4567 		ath11k_warn(ar->ab, "failed to get peer assoc conf event for %pM vdev %i\n",
4568 			    sta->addr, arvif->vdev_id);
4569 		return -ETIMEDOUT;
4570 	}
4571 
4572 	num_vht_rates = ath11k_mac_bitrate_mask_num_vht_rates(ar, band, mask);
4573 	num_he_rates = ath11k_mac_bitrate_mask_num_he_rates(ar, band, mask);
4574 	num_ht_rates = ath11k_mac_bitrate_mask_num_ht_rates(ar, band, mask);
4575 
4576 	/* If single VHT/HE rate is configured (by set_bitrate_mask()),
4577 	 * peer_assoc will disable VHT/HE. This is now enabled by a peer specific
4578 	 * fixed param.
4579 	 * Note that all other rates and NSS will be disabled for this peer.
4580 	 */
4581 	if (sta->deflink.vht_cap.vht_supported && num_vht_rates == 1) {
4582 		ret = ath11k_mac_set_peer_vht_fixed_rate(arvif, sta, mask,
4583 							 band);
4584 		if (ret)
4585 			return ret;
4586 	} else if (sta->deflink.he_cap.has_he && num_he_rates == 1) {
4587 		ret = ath11k_mac_set_peer_he_fixed_rate(arvif, sta, mask,
4588 							band);
4589 		if (ret)
4590 			return ret;
4591 	} else if (sta->deflink.ht_cap.ht_supported && num_ht_rates == 1) {
4592 		ret = ath11k_mac_set_peer_ht_fixed_rate(arvif, sta, mask,
4593 							band);
4594 		if (ret)
4595 			return ret;
4596 	}
4597 
4598 	/* Re-assoc is run only to update supported rates for given station. It
4599 	 * doesn't make much sense to reconfigure the peer completely.
4600 	 */
4601 	if (reassoc)
4602 		return 0;
4603 
4604 	ret = ath11k_setup_peer_smps(ar, arvif, sta->addr,
4605 				     &sta->deflink.ht_cap,
4606 				     le16_to_cpu(sta->deflink.he_6ghz_capa.capa));
4607 	if (ret) {
4608 		ath11k_warn(ar->ab, "failed to setup peer SMPS for vdev %d: %d\n",
4609 			    arvif->vdev_id, ret);
4610 		return ret;
4611 	}
4612 
4613 	if (!sta->wme) {
4614 		arvif->num_legacy_stations++;
4615 		ret = ath11k_recalc_rtscts_prot(arvif);
4616 		if (ret)
4617 			return ret;
4618 	}
4619 
4620 	if (sta->wme && sta->uapsd_queues) {
4621 		ret = ath11k_peer_assoc_qos_ap(ar, arvif, sta);
4622 		if (ret) {
4623 			ath11k_warn(ar->ab, "failed to set qos params for STA %pM for vdev %i: %d\n",
4624 				    sta->addr, arvif->vdev_id, ret);
4625 			return ret;
4626 		}
4627 	}
4628 
4629 	return 0;
4630 }
4631 
4632 static int ath11k_station_disassoc(struct ath11k *ar,
4633 				   struct ieee80211_vif *vif,
4634 				   struct ieee80211_sta *sta)
4635 {
4636 	struct ath11k_vif *arvif = ath11k_vif_to_arvif(vif);
4637 	int ret = 0;
4638 
4639 	lockdep_assert_held(&ar->conf_mutex);
4640 
4641 	if (!sta->wme) {
4642 		arvif->num_legacy_stations--;
4643 		ret = ath11k_recalc_rtscts_prot(arvif);
4644 		if (ret)
4645 			return ret;
4646 	}
4647 
4648 	ret = ath11k_clear_peer_keys(arvif, sta->addr);
4649 	if (ret) {
4650 		ath11k_warn(ar->ab, "failed to clear all peer keys for vdev %i: %d\n",
4651 			    arvif->vdev_id, ret);
4652 		return ret;
4653 	}
4654 	return 0;
4655 }
4656 
4657 static void ath11k_sta_rc_update_wk(struct work_struct *wk)
4658 {
4659 	struct ath11k *ar;
4660 	struct ath11k_vif *arvif;
4661 	struct ath11k_sta *arsta;
4662 	struct ieee80211_sta *sta;
4663 	struct cfg80211_chan_def def;
4664 	enum nl80211_band band;
4665 	const u8 *ht_mcs_mask;
4666 	const u16 *vht_mcs_mask;
4667 	const u16 *he_mcs_mask;
4668 	u32 changed, bw, nss, smps, bw_prev;
4669 	int err, num_ht_rates, num_vht_rates, num_he_rates;
4670 	const struct cfg80211_bitrate_mask *mask;
4671 	struct peer_assoc_params peer_arg;
4672 	enum wmi_phy_mode peer_phymode;
4673 
4674 	arsta = container_of(wk, struct ath11k_sta, update_wk);
4675 	sta = container_of((void *)arsta, struct ieee80211_sta, drv_priv);
4676 	arvif = arsta->arvif;
4677 	ar = arvif->ar;
4678 
4679 	if (WARN_ON(ath11k_mac_vif_chan(arvif->vif, &def)))
4680 		return;
4681 
4682 	band = def.chan->band;
4683 	ht_mcs_mask = arvif->bitrate_mask.control[band].ht_mcs;
4684 	vht_mcs_mask = arvif->bitrate_mask.control[band].vht_mcs;
4685 	he_mcs_mask = arvif->bitrate_mask.control[band].he_mcs;
4686 
4687 	spin_lock_bh(&ar->data_lock);
4688 
4689 	changed = arsta->changed;
4690 	arsta->changed = 0;
4691 
4692 	bw = arsta->bw;
4693 	bw_prev = arsta->bw_prev;
4694 	nss = arsta->nss;
4695 	smps = arsta->smps;
4696 
4697 	spin_unlock_bh(&ar->data_lock);
4698 
4699 	mutex_lock(&ar->conf_mutex);
4700 
4701 	nss = max_t(u32, 1, nss);
4702 	nss = min(nss, max(max(ath11k_mac_max_ht_nss(ht_mcs_mask),
4703 			       ath11k_mac_max_vht_nss(vht_mcs_mask)),
4704 			   ath11k_mac_max_he_nss(he_mcs_mask)));
4705 
4706 	if (changed & IEEE80211_RC_BW_CHANGED) {
4707 		/* Get the peer phymode */
4708 		ath11k_peer_assoc_h_phymode(ar, arvif->vif, sta, &peer_arg);
4709 		peer_phymode = peer_arg.peer_phymode;
4710 
4711 		ath11k_dbg(ar->ab, ATH11K_DBG_MAC, "update sta %pM peer bw %d phymode %d\n",
4712 			   sta->addr, bw, peer_phymode);
4713 
4714 		if (bw > bw_prev) {
4715 			/* BW is upgraded. In this case we send WMI_PEER_PHYMODE
4716 			 * followed by WMI_PEER_CHWIDTH
4717 			 */
4718 			ath11k_dbg(ar->ab, ATH11K_DBG_MAC, "BW upgrade for sta %pM new BW %d, old BW %d\n",
4719 				   sta->addr, bw, bw_prev);
4720 
4721 			err = ath11k_wmi_set_peer_param(ar, sta->addr, arvif->vdev_id,
4722 							WMI_PEER_PHYMODE, peer_phymode);
4723 
4724 			if (err) {
4725 				ath11k_warn(ar->ab, "failed to update STA %pM peer phymode %d: %d\n",
4726 					    sta->addr, peer_phymode, err);
4727 				goto err_rc_bw_changed;
4728 			}
4729 
4730 			err = ath11k_wmi_set_peer_param(ar, sta->addr, arvif->vdev_id,
4731 							WMI_PEER_CHWIDTH, bw);
4732 
4733 			if (err)
4734 				ath11k_warn(ar->ab, "failed to update STA %pM peer bw %d: %d\n",
4735 					    sta->addr, bw, err);
4736 		} else {
4737 			/* BW is downgraded. In this case we send WMI_PEER_CHWIDTH
4738 			 * followed by WMI_PEER_PHYMODE
4739 			 */
4740 			ath11k_dbg(ar->ab, ATH11K_DBG_MAC, "BW downgrade for sta %pM new BW %d,old BW %d\n",
4741 				   sta->addr, bw, bw_prev);
4742 
4743 			err = ath11k_wmi_set_peer_param(ar, sta->addr, arvif->vdev_id,
4744 							WMI_PEER_CHWIDTH, bw);
4745 
4746 			if (err) {
4747 				ath11k_warn(ar->ab, "failed to update STA %pM peer bw %d: %d\n",
4748 					    sta->addr, bw, err);
4749 				goto err_rc_bw_changed;
4750 			}
4751 
4752 			err = ath11k_wmi_set_peer_param(ar, sta->addr, arvif->vdev_id,
4753 							WMI_PEER_PHYMODE, peer_phymode);
4754 
4755 			if (err)
4756 				ath11k_warn(ar->ab, "failed to update STA %pM peer phymode %d: %d\n",
4757 					    sta->addr, peer_phymode, err);
4758 		}
4759 	}
4760 
4761 	if (changed & IEEE80211_RC_NSS_CHANGED) {
4762 		ath11k_dbg(ar->ab, ATH11K_DBG_MAC, "update sta %pM nss %d\n",
4763 			   sta->addr, nss);
4764 
4765 		err = ath11k_wmi_set_peer_param(ar, sta->addr, arvif->vdev_id,
4766 						WMI_PEER_NSS, nss);
4767 		if (err)
4768 			ath11k_warn(ar->ab, "failed to update STA %pM nss %d: %d\n",
4769 				    sta->addr, nss, err);
4770 	}
4771 
4772 	if (changed & IEEE80211_RC_SMPS_CHANGED) {
4773 		ath11k_dbg(ar->ab, ATH11K_DBG_MAC, "update sta %pM smps %d\n",
4774 			   sta->addr, smps);
4775 
4776 		err = ath11k_wmi_set_peer_param(ar, sta->addr, arvif->vdev_id,
4777 						WMI_PEER_MIMO_PS_STATE, smps);
4778 		if (err)
4779 			ath11k_warn(ar->ab, "failed to update STA %pM smps %d: %d\n",
4780 				    sta->addr, smps, err);
4781 	}
4782 
4783 	if (changed & IEEE80211_RC_SUPP_RATES_CHANGED) {
4784 		mask = &arvif->bitrate_mask;
4785 		num_ht_rates = ath11k_mac_bitrate_mask_num_ht_rates(ar, band,
4786 								    mask);
4787 		num_vht_rates = ath11k_mac_bitrate_mask_num_vht_rates(ar, band,
4788 								      mask);
4789 		num_he_rates = ath11k_mac_bitrate_mask_num_he_rates(ar, band,
4790 								    mask);
4791 
4792 		/* Peer_assoc_prepare will reject vht rates in
4793 		 * bitrate_mask if its not available in range format and
4794 		 * sets vht tx_rateset as unsupported. So multiple VHT MCS
4795 		 * setting(eg. MCS 4,5,6) per peer is not supported here.
4796 		 * But, Single rate in VHT mask can be set as per-peer
4797 		 * fixed rate. But even if any HT rates are configured in
4798 		 * the bitrate mask, device will not switch to those rates
4799 		 * when per-peer Fixed rate is set.
4800 		 * TODO: Check RATEMASK_CMDID to support auto rates selection
4801 		 * across HT/VHT and for multiple VHT MCS support.
4802 		 */
4803 		if (sta->deflink.vht_cap.vht_supported && num_vht_rates == 1) {
4804 			ath11k_mac_set_peer_vht_fixed_rate(arvif, sta, mask,
4805 							   band);
4806 		} else if (sta->deflink.he_cap.has_he && num_he_rates == 1) {
4807 			ath11k_mac_set_peer_he_fixed_rate(arvif, sta, mask,
4808 							  band);
4809 		} else if (sta->deflink.ht_cap.ht_supported && num_ht_rates == 1) {
4810 			ath11k_mac_set_peer_ht_fixed_rate(arvif, sta, mask,
4811 							  band);
4812 		} else {
4813 			/* If the peer is non-VHT/HE or no fixed VHT/HE rate
4814 			 * is provided in the new bitrate mask we set the
4815 			 * other rates using peer_assoc command. Also clear
4816 			 * the peer fixed rate settings as it has higher proprity
4817 			 * than peer assoc
4818 			 */
4819 			err = ath11k_wmi_set_peer_param(ar, sta->addr,
4820 							arvif->vdev_id,
4821 							WMI_PEER_PARAM_FIXED_RATE,
4822 							WMI_FIXED_RATE_NONE);
4823 			if (err)
4824 				ath11k_warn(ar->ab,
4825 					    "failed to disable peer fixed rate for sta %pM: %d\n",
4826 					    sta->addr, err);
4827 
4828 			ath11k_peer_assoc_prepare(ar, arvif->vif, sta,
4829 						  &peer_arg, true);
4830 
4831 			peer_arg.is_assoc = false;
4832 			err = ath11k_wmi_send_peer_assoc_cmd(ar, &peer_arg);
4833 			if (err)
4834 				ath11k_warn(ar->ab, "failed to run peer assoc for STA %pM vdev %i: %d\n",
4835 					    sta->addr, arvif->vdev_id, err);
4836 
4837 			if (!wait_for_completion_timeout(&ar->peer_assoc_done, 1 * HZ))
4838 				ath11k_warn(ar->ab, "failed to get peer assoc conf event for %pM vdev %i\n",
4839 					    sta->addr, arvif->vdev_id);
4840 		}
4841 	}
4842 
4843 err_rc_bw_changed:
4844 	mutex_unlock(&ar->conf_mutex);
4845 }
4846 
4847 static void ath11k_sta_set_4addr_wk(struct work_struct *wk)
4848 {
4849 	struct ath11k *ar;
4850 	struct ath11k_vif *arvif;
4851 	struct ath11k_sta *arsta;
4852 	struct ieee80211_sta *sta;
4853 	int ret = 0;
4854 
4855 	arsta = container_of(wk, struct ath11k_sta, set_4addr_wk);
4856 	sta = container_of((void *)arsta, struct ieee80211_sta, drv_priv);
4857 	arvif = arsta->arvif;
4858 	ar = arvif->ar;
4859 
4860 	ath11k_dbg(ar->ab, ATH11K_DBG_MAC,
4861 		   "setting USE_4ADDR for peer %pM\n", sta->addr);
4862 
4863 	ret = ath11k_wmi_set_peer_param(ar, sta->addr,
4864 					arvif->vdev_id,
4865 					WMI_PEER_USE_4ADDR, 1);
4866 
4867 	if (ret)
4868 		ath11k_warn(ar->ab, "failed to set peer %pM 4addr capability: %d\n",
4869 			    sta->addr, ret);
4870 }
4871 
4872 static int ath11k_mac_inc_num_stations(struct ath11k_vif *arvif,
4873 				       struct ieee80211_sta *sta)
4874 {
4875 	struct ath11k *ar = arvif->ar;
4876 
4877 	lockdep_assert_held(&ar->conf_mutex);
4878 
4879 	if (arvif->vdev_type == WMI_VDEV_TYPE_STA && !sta->tdls)
4880 		return 0;
4881 
4882 	if (ar->num_stations >= ar->max_num_stations)
4883 		return -ENOBUFS;
4884 
4885 	ar->num_stations++;
4886 
4887 	return 0;
4888 }
4889 
4890 static void ath11k_mac_dec_num_stations(struct ath11k_vif *arvif,
4891 					struct ieee80211_sta *sta)
4892 {
4893 	struct ath11k *ar = arvif->ar;
4894 
4895 	lockdep_assert_held(&ar->conf_mutex);
4896 
4897 	if (arvif->vdev_type == WMI_VDEV_TYPE_STA && !sta->tdls)
4898 		return;
4899 
4900 	ar->num_stations--;
4901 }
4902 
4903 static int ath11k_mac_station_add(struct ath11k *ar,
4904 				  struct ieee80211_vif *vif,
4905 				  struct ieee80211_sta *sta)
4906 {
4907 	struct ath11k_base *ab = ar->ab;
4908 	struct ath11k_vif *arvif = ath11k_vif_to_arvif(vif);
4909 	struct ath11k_sta *arsta = (struct ath11k_sta *)sta->drv_priv;
4910 	struct peer_create_params peer_param;
4911 	int ret;
4912 
4913 	lockdep_assert_held(&ar->conf_mutex);
4914 
4915 	ret = ath11k_mac_inc_num_stations(arvif, sta);
4916 	if (ret) {
4917 		ath11k_warn(ab, "refusing to associate station: too many connected already (%d)\n",
4918 			    ar->max_num_stations);
4919 		goto exit;
4920 	}
4921 
4922 	arsta->rx_stats = kzalloc(sizeof(*arsta->rx_stats), GFP_KERNEL);
4923 	if (!arsta->rx_stats) {
4924 		ret = -ENOMEM;
4925 		goto dec_num_station;
4926 	}
4927 
4928 	peer_param.vdev_id = arvif->vdev_id;
4929 	peer_param.peer_addr = sta->addr;
4930 	peer_param.peer_type = WMI_PEER_TYPE_DEFAULT;
4931 
4932 	ret = ath11k_peer_create(ar, arvif, sta, &peer_param);
4933 	if (ret) {
4934 		ath11k_warn(ab, "Failed to add peer: %pM for VDEV: %d\n",
4935 			    sta->addr, arvif->vdev_id);
4936 		goto free_rx_stats;
4937 	}
4938 
4939 	ath11k_dbg(ab, ATH11K_DBG_MAC, "Added peer: %pM for VDEV: %d\n",
4940 		   sta->addr, arvif->vdev_id);
4941 
4942 	if (ath11k_debugfs_is_extd_tx_stats_enabled(ar)) {
4943 		arsta->tx_stats = kzalloc(sizeof(*arsta->tx_stats), GFP_KERNEL);
4944 		if (!arsta->tx_stats) {
4945 			ret = -ENOMEM;
4946 			goto free_peer;
4947 		}
4948 	}
4949 
4950 	if (ieee80211_vif_is_mesh(vif)) {
4951 		ath11k_dbg(ab, ATH11K_DBG_MAC,
4952 			   "setting USE_4ADDR for mesh STA %pM\n", sta->addr);
4953 		ret = ath11k_wmi_set_peer_param(ar, sta->addr,
4954 						arvif->vdev_id,
4955 						WMI_PEER_USE_4ADDR, 1);
4956 		if (ret) {
4957 			ath11k_warn(ab, "failed to set mesh STA %pM 4addr capability: %d\n",
4958 				    sta->addr, ret);
4959 			goto free_tx_stats;
4960 		}
4961 	}
4962 
4963 	ret = ath11k_dp_peer_setup(ar, arvif->vdev_id, sta->addr);
4964 	if (ret) {
4965 		ath11k_warn(ab, "failed to setup dp for peer %pM on vdev %i (%d)\n",
4966 			    sta->addr, arvif->vdev_id, ret);
4967 		goto free_tx_stats;
4968 	}
4969 
4970 	if (ab->hw_params.vdev_start_delay &&
4971 	    !arvif->is_started &&
4972 	    arvif->vdev_type != WMI_VDEV_TYPE_AP) {
4973 		ret = ath11k_start_vdev_delay(ar->hw, vif);
4974 		if (ret) {
4975 			ath11k_warn(ab, "failed to delay vdev start: %d\n", ret);
4976 			goto free_tx_stats;
4977 		}
4978 	}
4979 
4980 	ewma_avg_rssi_init(&arsta->avg_rssi);
4981 	return 0;
4982 
4983 free_tx_stats:
4984 	kfree(arsta->tx_stats);
4985 	arsta->tx_stats = NULL;
4986 free_peer:
4987 	ath11k_peer_delete(ar, arvif->vdev_id, sta->addr);
4988 free_rx_stats:
4989 	kfree(arsta->rx_stats);
4990 	arsta->rx_stats = NULL;
4991 dec_num_station:
4992 	ath11k_mac_dec_num_stations(arvif, sta);
4993 exit:
4994 	return ret;
4995 }
4996 
4997 static u32 ath11k_mac_ieee80211_sta_bw_to_wmi(struct ath11k *ar,
4998 					      struct ieee80211_sta *sta)
4999 {
5000 	u32 bw = WMI_PEER_CHWIDTH_20MHZ;
5001 
5002 	switch (sta->deflink.bandwidth) {
5003 	case IEEE80211_STA_RX_BW_20:
5004 		bw = WMI_PEER_CHWIDTH_20MHZ;
5005 		break;
5006 	case IEEE80211_STA_RX_BW_40:
5007 		bw = WMI_PEER_CHWIDTH_40MHZ;
5008 		break;
5009 	case IEEE80211_STA_RX_BW_80:
5010 		bw = WMI_PEER_CHWIDTH_80MHZ;
5011 		break;
5012 	case IEEE80211_STA_RX_BW_160:
5013 		bw = WMI_PEER_CHWIDTH_160MHZ;
5014 		break;
5015 	default:
5016 		ath11k_warn(ar->ab, "Invalid bandwidth %d for %pM\n",
5017 			    sta->deflink.bandwidth, sta->addr);
5018 		bw = WMI_PEER_CHWIDTH_20MHZ;
5019 		break;
5020 	}
5021 
5022 	return bw;
5023 }
5024 
5025 static int ath11k_mac_op_sta_state(struct ieee80211_hw *hw,
5026 				   struct ieee80211_vif *vif,
5027 				   struct ieee80211_sta *sta,
5028 				   enum ieee80211_sta_state old_state,
5029 				   enum ieee80211_sta_state new_state)
5030 {
5031 	struct ath11k *ar = hw->priv;
5032 	struct ath11k_vif *arvif = ath11k_vif_to_arvif(vif);
5033 	struct ath11k_sta *arsta = (struct ath11k_sta *)sta->drv_priv;
5034 	struct ath11k_peer *peer;
5035 	int ret = 0;
5036 
5037 	/* cancel must be done outside the mutex to avoid deadlock */
5038 	if ((old_state == IEEE80211_STA_NONE &&
5039 	     new_state == IEEE80211_STA_NOTEXIST)) {
5040 		cancel_work_sync(&arsta->update_wk);
5041 		cancel_work_sync(&arsta->set_4addr_wk);
5042 	}
5043 
5044 	mutex_lock(&ar->conf_mutex);
5045 
5046 	if (old_state == IEEE80211_STA_NOTEXIST &&
5047 	    new_state == IEEE80211_STA_NONE) {
5048 		memset(arsta, 0, sizeof(*arsta));
5049 		arsta->arvif = arvif;
5050 		arsta->peer_ps_state = WMI_PEER_PS_STATE_DISABLED;
5051 		INIT_WORK(&arsta->update_wk, ath11k_sta_rc_update_wk);
5052 		INIT_WORK(&arsta->set_4addr_wk, ath11k_sta_set_4addr_wk);
5053 
5054 		ret = ath11k_mac_station_add(ar, vif, sta);
5055 		if (ret)
5056 			ath11k_warn(ar->ab, "Failed to add station: %pM for VDEV: %d\n",
5057 				    sta->addr, arvif->vdev_id);
5058 	} else if ((old_state == IEEE80211_STA_NONE &&
5059 		    new_state == IEEE80211_STA_NOTEXIST)) {
5060 		bool skip_peer_delete = ar->ab->hw_params.vdev_start_delay &&
5061 			vif->type == NL80211_IFTYPE_STATION;
5062 
5063 		ath11k_dp_peer_cleanup(ar, arvif->vdev_id, sta->addr);
5064 
5065 		if (!skip_peer_delete) {
5066 			ret = ath11k_peer_delete(ar, arvif->vdev_id, sta->addr);
5067 			if (ret)
5068 				ath11k_warn(ar->ab,
5069 					    "Failed to delete peer: %pM for VDEV: %d\n",
5070 					    sta->addr, arvif->vdev_id);
5071 			else
5072 				ath11k_dbg(ar->ab,
5073 					   ATH11K_DBG_MAC,
5074 					   "Removed peer: %pM for VDEV: %d\n",
5075 					   sta->addr, arvif->vdev_id);
5076 		}
5077 
5078 		ath11k_mac_dec_num_stations(arvif, sta);
5079 		mutex_lock(&ar->ab->tbl_mtx_lock);
5080 		spin_lock_bh(&ar->ab->base_lock);
5081 		peer = ath11k_peer_find(ar->ab, arvif->vdev_id, sta->addr);
5082 		if (skip_peer_delete && peer) {
5083 			peer->sta = NULL;
5084 		} else if (peer && peer->sta == sta) {
5085 			ath11k_warn(ar->ab, "Found peer entry %pM n vdev %i after it was supposedly removed\n",
5086 				    vif->addr, arvif->vdev_id);
5087 			ath11k_peer_rhash_delete(ar->ab, peer);
5088 			peer->sta = NULL;
5089 			list_del(&peer->list);
5090 			kfree(peer);
5091 			ar->num_peers--;
5092 		}
5093 		spin_unlock_bh(&ar->ab->base_lock);
5094 		mutex_unlock(&ar->ab->tbl_mtx_lock);
5095 
5096 		kfree(arsta->tx_stats);
5097 		arsta->tx_stats = NULL;
5098 
5099 		kfree(arsta->rx_stats);
5100 		arsta->rx_stats = NULL;
5101 	} else if (old_state == IEEE80211_STA_AUTH &&
5102 		   new_state == IEEE80211_STA_ASSOC &&
5103 		   (vif->type == NL80211_IFTYPE_AP ||
5104 		    vif->type == NL80211_IFTYPE_MESH_POINT ||
5105 		    vif->type == NL80211_IFTYPE_ADHOC)) {
5106 		ret = ath11k_station_assoc(ar, vif, sta, false);
5107 		if (ret)
5108 			ath11k_warn(ar->ab, "Failed to associate station: %pM\n",
5109 				    sta->addr);
5110 
5111 		spin_lock_bh(&ar->data_lock);
5112 		/* Set arsta bw and prev bw */
5113 		arsta->bw = ath11k_mac_ieee80211_sta_bw_to_wmi(ar, sta);
5114 		arsta->bw_prev = arsta->bw;
5115 		spin_unlock_bh(&ar->data_lock);
5116 	} else if (old_state == IEEE80211_STA_ASSOC &&
5117 		   new_state == IEEE80211_STA_AUTHORIZED) {
5118 		spin_lock_bh(&ar->ab->base_lock);
5119 
5120 		peer = ath11k_peer_find(ar->ab, arvif->vdev_id, sta->addr);
5121 		if (peer)
5122 			peer->is_authorized = true;
5123 
5124 		spin_unlock_bh(&ar->ab->base_lock);
5125 
5126 		if (vif->type == NL80211_IFTYPE_STATION && arvif->is_up) {
5127 			ret = ath11k_wmi_set_peer_param(ar, sta->addr,
5128 							arvif->vdev_id,
5129 							WMI_PEER_AUTHORIZE,
5130 							1);
5131 			if (ret)
5132 				ath11k_warn(ar->ab, "Unable to authorize peer %pM vdev %d: %d\n",
5133 					    sta->addr, arvif->vdev_id, ret);
5134 		}
5135 	} else if (old_state == IEEE80211_STA_AUTHORIZED &&
5136 		   new_state == IEEE80211_STA_ASSOC) {
5137 		spin_lock_bh(&ar->ab->base_lock);
5138 
5139 		peer = ath11k_peer_find(ar->ab, arvif->vdev_id, sta->addr);
5140 		if (peer)
5141 			peer->is_authorized = false;
5142 
5143 		spin_unlock_bh(&ar->ab->base_lock);
5144 	} else if (old_state == IEEE80211_STA_ASSOC &&
5145 		   new_state == IEEE80211_STA_AUTH &&
5146 		   (vif->type == NL80211_IFTYPE_AP ||
5147 		    vif->type == NL80211_IFTYPE_MESH_POINT ||
5148 		    vif->type == NL80211_IFTYPE_ADHOC)) {
5149 		ret = ath11k_station_disassoc(ar, vif, sta);
5150 		if (ret)
5151 			ath11k_warn(ar->ab, "Failed to disassociate station: %pM\n",
5152 				    sta->addr);
5153 	}
5154 
5155 	mutex_unlock(&ar->conf_mutex);
5156 	return ret;
5157 }
5158 
5159 static int ath11k_mac_op_sta_set_txpwr(struct ieee80211_hw *hw,
5160 				       struct ieee80211_vif *vif,
5161 				       struct ieee80211_sta *sta)
5162 {
5163 	struct ath11k *ar = hw->priv;
5164 	struct ath11k_vif *arvif = ath11k_vif_to_arvif(vif);
5165 	int ret = 0;
5166 	s16 txpwr;
5167 
5168 	if (sta->deflink.txpwr.type == NL80211_TX_POWER_AUTOMATIC) {
5169 		txpwr = 0;
5170 	} else {
5171 		txpwr = sta->deflink.txpwr.power;
5172 		if (!txpwr)
5173 			return -EINVAL;
5174 	}
5175 
5176 	if (txpwr > ATH11K_TX_POWER_MAX_VAL || txpwr < ATH11K_TX_POWER_MIN_VAL)
5177 		return -EINVAL;
5178 
5179 	mutex_lock(&ar->conf_mutex);
5180 
5181 	ret = ath11k_wmi_set_peer_param(ar, sta->addr, arvif->vdev_id,
5182 					WMI_PEER_USE_FIXED_PWR, txpwr);
5183 	if (ret) {
5184 		ath11k_warn(ar->ab, "failed to set tx power for station ret: %d\n",
5185 			    ret);
5186 		goto out;
5187 	}
5188 
5189 out:
5190 	mutex_unlock(&ar->conf_mutex);
5191 	return ret;
5192 }
5193 
5194 static void ath11k_mac_op_sta_set_4addr(struct ieee80211_hw *hw,
5195 					struct ieee80211_vif *vif,
5196 					struct ieee80211_sta *sta, bool enabled)
5197 {
5198 	struct ath11k *ar = hw->priv;
5199 	struct ath11k_sta *arsta = (struct ath11k_sta *)sta->drv_priv;
5200 
5201 	if (enabled && !arsta->use_4addr_set) {
5202 		ieee80211_queue_work(ar->hw, &arsta->set_4addr_wk);
5203 		arsta->use_4addr_set = true;
5204 	}
5205 }
5206 
5207 static void ath11k_mac_op_sta_rc_update(struct ieee80211_hw *hw,
5208 					struct ieee80211_vif *vif,
5209 					struct ieee80211_sta *sta,
5210 					u32 changed)
5211 {
5212 	struct ath11k *ar = hw->priv;
5213 	struct ath11k_sta *arsta = (struct ath11k_sta *)sta->drv_priv;
5214 	struct ath11k_vif *arvif = ath11k_vif_to_arvif(vif);
5215 	struct ath11k_peer *peer;
5216 	u32 bw, smps;
5217 
5218 	spin_lock_bh(&ar->ab->base_lock);
5219 
5220 	peer = ath11k_peer_find(ar->ab, arvif->vdev_id, sta->addr);
5221 	if (!peer) {
5222 		spin_unlock_bh(&ar->ab->base_lock);
5223 		ath11k_warn(ar->ab, "mac sta rc update failed to find peer %pM on vdev %i\n",
5224 			    sta->addr, arvif->vdev_id);
5225 		return;
5226 	}
5227 
5228 	spin_unlock_bh(&ar->ab->base_lock);
5229 
5230 	ath11k_dbg(ar->ab, ATH11K_DBG_MAC,
5231 		   "sta rc update for %pM changed %08x bw %d nss %d smps %d\n",
5232 		   sta->addr, changed, sta->deflink.bandwidth,
5233 		   sta->deflink.rx_nss,
5234 		   sta->deflink.smps_mode);
5235 
5236 	spin_lock_bh(&ar->data_lock);
5237 
5238 	if (changed & IEEE80211_RC_BW_CHANGED) {
5239 		bw = ath11k_mac_ieee80211_sta_bw_to_wmi(ar, sta);
5240 		arsta->bw_prev = arsta->bw;
5241 		arsta->bw = bw;
5242 	}
5243 
5244 	if (changed & IEEE80211_RC_NSS_CHANGED)
5245 		arsta->nss = sta->deflink.rx_nss;
5246 
5247 	if (changed & IEEE80211_RC_SMPS_CHANGED) {
5248 		smps = WMI_PEER_SMPS_PS_NONE;
5249 
5250 		switch (sta->deflink.smps_mode) {
5251 		case IEEE80211_SMPS_AUTOMATIC:
5252 		case IEEE80211_SMPS_OFF:
5253 			smps = WMI_PEER_SMPS_PS_NONE;
5254 			break;
5255 		case IEEE80211_SMPS_STATIC:
5256 			smps = WMI_PEER_SMPS_STATIC;
5257 			break;
5258 		case IEEE80211_SMPS_DYNAMIC:
5259 			smps = WMI_PEER_SMPS_DYNAMIC;
5260 			break;
5261 		default:
5262 			ath11k_warn(ar->ab, "Invalid smps %d in sta rc update for %pM\n",
5263 				    sta->deflink.smps_mode, sta->addr);
5264 			smps = WMI_PEER_SMPS_PS_NONE;
5265 			break;
5266 		}
5267 
5268 		arsta->smps = smps;
5269 	}
5270 
5271 	arsta->changed |= changed;
5272 
5273 	spin_unlock_bh(&ar->data_lock);
5274 
5275 	ieee80211_queue_work(hw, &arsta->update_wk);
5276 }
5277 
5278 static int ath11k_conf_tx_uapsd(struct ath11k *ar, struct ieee80211_vif *vif,
5279 				u16 ac, bool enable)
5280 {
5281 	struct ath11k_vif *arvif = ath11k_vif_to_arvif(vif);
5282 	u32 value = 0;
5283 	int ret = 0;
5284 
5285 	if (arvif->vdev_type != WMI_VDEV_TYPE_STA)
5286 		return 0;
5287 
5288 	switch (ac) {
5289 	case IEEE80211_AC_VO:
5290 		value = WMI_STA_PS_UAPSD_AC3_DELIVERY_EN |
5291 			WMI_STA_PS_UAPSD_AC3_TRIGGER_EN;
5292 		break;
5293 	case IEEE80211_AC_VI:
5294 		value = WMI_STA_PS_UAPSD_AC2_DELIVERY_EN |
5295 			WMI_STA_PS_UAPSD_AC2_TRIGGER_EN;
5296 		break;
5297 	case IEEE80211_AC_BE:
5298 		value = WMI_STA_PS_UAPSD_AC1_DELIVERY_EN |
5299 			WMI_STA_PS_UAPSD_AC1_TRIGGER_EN;
5300 		break;
5301 	case IEEE80211_AC_BK:
5302 		value = WMI_STA_PS_UAPSD_AC0_DELIVERY_EN |
5303 			WMI_STA_PS_UAPSD_AC0_TRIGGER_EN;
5304 		break;
5305 	}
5306 
5307 	if (enable)
5308 		arvif->u.sta.uapsd |= value;
5309 	else
5310 		arvif->u.sta.uapsd &= ~value;
5311 
5312 	ret = ath11k_wmi_set_sta_ps_param(ar, arvif->vdev_id,
5313 					  WMI_STA_PS_PARAM_UAPSD,
5314 					  arvif->u.sta.uapsd);
5315 	if (ret) {
5316 		ath11k_warn(ar->ab, "could not set uapsd params %d\n", ret);
5317 		goto exit;
5318 	}
5319 
5320 	if (arvif->u.sta.uapsd)
5321 		value = WMI_STA_PS_RX_WAKE_POLICY_POLL_UAPSD;
5322 	else
5323 		value = WMI_STA_PS_RX_WAKE_POLICY_WAKE;
5324 
5325 	ret = ath11k_wmi_set_sta_ps_param(ar, arvif->vdev_id,
5326 					  WMI_STA_PS_PARAM_RX_WAKE_POLICY,
5327 					  value);
5328 	if (ret)
5329 		ath11k_warn(ar->ab, "could not set rx wake param %d\n", ret);
5330 
5331 exit:
5332 	return ret;
5333 }
5334 
5335 static int ath11k_mac_op_conf_tx(struct ieee80211_hw *hw,
5336 				 struct ieee80211_vif *vif,
5337 				 unsigned int link_id, u16 ac,
5338 				 const struct ieee80211_tx_queue_params *params)
5339 {
5340 	struct ath11k *ar = hw->priv;
5341 	struct ath11k_vif *arvif = ath11k_vif_to_arvif(vif);
5342 	struct wmi_wmm_params_arg *p = NULL;
5343 	int ret;
5344 
5345 	mutex_lock(&ar->conf_mutex);
5346 
5347 	switch (ac) {
5348 	case IEEE80211_AC_VO:
5349 		p = &arvif->wmm_params.ac_vo;
5350 		break;
5351 	case IEEE80211_AC_VI:
5352 		p = &arvif->wmm_params.ac_vi;
5353 		break;
5354 	case IEEE80211_AC_BE:
5355 		p = &arvif->wmm_params.ac_be;
5356 		break;
5357 	case IEEE80211_AC_BK:
5358 		p = &arvif->wmm_params.ac_bk;
5359 		break;
5360 	}
5361 
5362 	if (WARN_ON(!p)) {
5363 		ret = -EINVAL;
5364 		goto exit;
5365 	}
5366 
5367 	p->cwmin = params->cw_min;
5368 	p->cwmax = params->cw_max;
5369 	p->aifs = params->aifs;
5370 	p->txop = params->txop;
5371 
5372 	ret = ath11k_wmi_send_wmm_update_cmd_tlv(ar, arvif->vdev_id,
5373 						 &arvif->wmm_params);
5374 	if (ret) {
5375 		ath11k_warn(ar->ab, "failed to set wmm params: %d\n", ret);
5376 		goto exit;
5377 	}
5378 
5379 	ret = ath11k_conf_tx_uapsd(ar, vif, ac, params->uapsd);
5380 
5381 	if (ret)
5382 		ath11k_warn(ar->ab, "failed to set sta uapsd: %d\n", ret);
5383 
5384 exit:
5385 	mutex_unlock(&ar->conf_mutex);
5386 	return ret;
5387 }
5388 
5389 static struct ieee80211_sta_ht_cap
5390 ath11k_create_ht_cap(struct ath11k *ar, u32 ar_ht_cap, u32 rate_cap_rx_chainmask)
5391 {
5392 	int i;
5393 	struct ieee80211_sta_ht_cap ht_cap = {0};
5394 	u32 ar_vht_cap = ar->pdev->cap.vht_cap;
5395 
5396 	if (!(ar_ht_cap & WMI_HT_CAP_ENABLED))
5397 		return ht_cap;
5398 
5399 	ht_cap.ht_supported = 1;
5400 	ht_cap.ampdu_factor = IEEE80211_HT_MAX_AMPDU_64K;
5401 	ht_cap.ampdu_density = IEEE80211_HT_MPDU_DENSITY_NONE;
5402 	ht_cap.cap |= IEEE80211_HT_CAP_SUP_WIDTH_20_40;
5403 	ht_cap.cap |= IEEE80211_HT_CAP_DSSSCCK40;
5404 	ht_cap.cap |= WLAN_HT_CAP_SM_PS_STATIC << IEEE80211_HT_CAP_SM_PS_SHIFT;
5405 
5406 	if (ar_ht_cap & WMI_HT_CAP_HT20_SGI)
5407 		ht_cap.cap |= IEEE80211_HT_CAP_SGI_20;
5408 
5409 	if (ar_ht_cap & WMI_HT_CAP_HT40_SGI)
5410 		ht_cap.cap |= IEEE80211_HT_CAP_SGI_40;
5411 
5412 	if (ar_ht_cap & WMI_HT_CAP_DYNAMIC_SMPS) {
5413 		u32 smps;
5414 
5415 		smps   = WLAN_HT_CAP_SM_PS_DYNAMIC;
5416 		smps <<= IEEE80211_HT_CAP_SM_PS_SHIFT;
5417 
5418 		ht_cap.cap |= smps;
5419 	}
5420 
5421 	if (ar_ht_cap & WMI_HT_CAP_TX_STBC)
5422 		ht_cap.cap |= IEEE80211_HT_CAP_TX_STBC;
5423 
5424 	if (ar_ht_cap & WMI_HT_CAP_RX_STBC) {
5425 		u32 stbc;
5426 
5427 		stbc   = ar_ht_cap;
5428 		stbc  &= WMI_HT_CAP_RX_STBC;
5429 		stbc >>= WMI_HT_CAP_RX_STBC_MASK_SHIFT;
5430 		stbc <<= IEEE80211_HT_CAP_RX_STBC_SHIFT;
5431 		stbc  &= IEEE80211_HT_CAP_RX_STBC;
5432 
5433 		ht_cap.cap |= stbc;
5434 	}
5435 
5436 	if (ar_ht_cap & WMI_HT_CAP_RX_LDPC)
5437 		ht_cap.cap |= IEEE80211_HT_CAP_LDPC_CODING;
5438 
5439 	if (ar_ht_cap & WMI_HT_CAP_L_SIG_TXOP_PROT)
5440 		ht_cap.cap |= IEEE80211_HT_CAP_LSIG_TXOP_PROT;
5441 
5442 	if (ar_vht_cap & WMI_VHT_CAP_MAX_MPDU_LEN_MASK)
5443 		ht_cap.cap |= IEEE80211_HT_CAP_MAX_AMSDU;
5444 
5445 	for (i = 0; i < ar->num_rx_chains; i++) {
5446 		if (rate_cap_rx_chainmask & BIT(i))
5447 			ht_cap.mcs.rx_mask[i] = 0xFF;
5448 	}
5449 
5450 	ht_cap.mcs.tx_params |= IEEE80211_HT_MCS_TX_DEFINED;
5451 
5452 	return ht_cap;
5453 }
5454 
5455 static int ath11k_mac_set_txbf_conf(struct ath11k_vif *arvif)
5456 {
5457 	u32 value = 0;
5458 	struct ath11k *ar = arvif->ar;
5459 	int nsts;
5460 	int sound_dim;
5461 	u32 vht_cap = ar->pdev->cap.vht_cap;
5462 	u32 vdev_param = WMI_VDEV_PARAM_TXBF;
5463 
5464 	if (vht_cap & (IEEE80211_VHT_CAP_SU_BEAMFORMEE_CAPABLE)) {
5465 		nsts = vht_cap & IEEE80211_VHT_CAP_BEAMFORMEE_STS_MASK;
5466 		nsts >>= IEEE80211_VHT_CAP_BEAMFORMEE_STS_SHIFT;
5467 		if (nsts > (ar->num_rx_chains - 1))
5468 			nsts = ar->num_rx_chains - 1;
5469 		value |= SM(nsts, WMI_TXBF_STS_CAP_OFFSET);
5470 	}
5471 
5472 	if (vht_cap & (IEEE80211_VHT_CAP_SU_BEAMFORMER_CAPABLE)) {
5473 		sound_dim = vht_cap &
5474 			    IEEE80211_VHT_CAP_SOUNDING_DIMENSIONS_MASK;
5475 		sound_dim >>= IEEE80211_VHT_CAP_SOUNDING_DIMENSIONS_SHIFT;
5476 		if (sound_dim > (ar->num_tx_chains - 1))
5477 			sound_dim = ar->num_tx_chains - 1;
5478 		value |= SM(sound_dim, WMI_BF_SOUND_DIM_OFFSET);
5479 	}
5480 
5481 	if (!value)
5482 		return 0;
5483 
5484 	if (vht_cap & IEEE80211_VHT_CAP_SU_BEAMFORMER_CAPABLE) {
5485 		value |= WMI_VDEV_PARAM_TXBF_SU_TX_BFER;
5486 
5487 		if ((vht_cap & IEEE80211_VHT_CAP_MU_BEAMFORMER_CAPABLE) &&
5488 		    arvif->vdev_type == WMI_VDEV_TYPE_AP)
5489 			value |= WMI_VDEV_PARAM_TXBF_MU_TX_BFER;
5490 	}
5491 
5492 	/* TODO: SUBFEE not validated in HK, disable here until validated? */
5493 
5494 	if (vht_cap & IEEE80211_VHT_CAP_SU_BEAMFORMEE_CAPABLE) {
5495 		value |= WMI_VDEV_PARAM_TXBF_SU_TX_BFEE;
5496 
5497 		if ((vht_cap & IEEE80211_VHT_CAP_MU_BEAMFORMEE_CAPABLE) &&
5498 		    arvif->vdev_type == WMI_VDEV_TYPE_STA)
5499 			value |= WMI_VDEV_PARAM_TXBF_MU_TX_BFEE;
5500 	}
5501 
5502 	return ath11k_wmi_vdev_set_param_cmd(ar, arvif->vdev_id,
5503 					     vdev_param, value);
5504 }
5505 
5506 static void ath11k_set_vht_txbf_cap(struct ath11k *ar, u32 *vht_cap)
5507 {
5508 	bool subfer, subfee;
5509 	int sound_dim = 0, nsts = 0;
5510 
5511 	subfer = !!(*vht_cap & (IEEE80211_VHT_CAP_SU_BEAMFORMER_CAPABLE));
5512 	subfee = !!(*vht_cap & (IEEE80211_VHT_CAP_SU_BEAMFORMEE_CAPABLE));
5513 
5514 	if (ar->num_tx_chains < 2) {
5515 		*vht_cap &= ~(IEEE80211_VHT_CAP_SU_BEAMFORMER_CAPABLE);
5516 		subfer = false;
5517 	}
5518 
5519 	if (ar->num_rx_chains < 2) {
5520 		*vht_cap &= ~(IEEE80211_VHT_CAP_SU_BEAMFORMEE_CAPABLE);
5521 		subfee = false;
5522 	}
5523 
5524 	/* If SU Beaformer is not set, then disable MU Beamformer Capability */
5525 	if (!subfer)
5526 		*vht_cap &= ~(IEEE80211_VHT_CAP_MU_BEAMFORMER_CAPABLE);
5527 
5528 	/* If SU Beaformee is not set, then disable MU Beamformee Capability */
5529 	if (!subfee)
5530 		*vht_cap &= ~(IEEE80211_VHT_CAP_MU_BEAMFORMEE_CAPABLE);
5531 
5532 	sound_dim = (*vht_cap & IEEE80211_VHT_CAP_SOUNDING_DIMENSIONS_MASK);
5533 	sound_dim >>= IEEE80211_VHT_CAP_SOUNDING_DIMENSIONS_SHIFT;
5534 	*vht_cap &= ~IEEE80211_VHT_CAP_SOUNDING_DIMENSIONS_MASK;
5535 
5536 	nsts = (*vht_cap & IEEE80211_VHT_CAP_BEAMFORMEE_STS_MASK);
5537 	nsts >>= IEEE80211_VHT_CAP_BEAMFORMEE_STS_SHIFT;
5538 	*vht_cap &= ~IEEE80211_VHT_CAP_BEAMFORMEE_STS_MASK;
5539 
5540 	/* Enable Sounding Dimension Field only if SU BF is enabled */
5541 	if (subfer) {
5542 		if (sound_dim > (ar->num_tx_chains - 1))
5543 			sound_dim = ar->num_tx_chains - 1;
5544 
5545 		sound_dim <<= IEEE80211_VHT_CAP_SOUNDING_DIMENSIONS_SHIFT;
5546 		sound_dim &=  IEEE80211_VHT_CAP_SOUNDING_DIMENSIONS_MASK;
5547 		*vht_cap |= sound_dim;
5548 	}
5549 
5550 	/* Enable Beamformee STS Field only if SU BF is enabled */
5551 	if (subfee) {
5552 		if (nsts > (ar->num_rx_chains - 1))
5553 			nsts = ar->num_rx_chains - 1;
5554 
5555 		nsts <<= IEEE80211_VHT_CAP_BEAMFORMEE_STS_SHIFT;
5556 		nsts &=  IEEE80211_VHT_CAP_BEAMFORMEE_STS_MASK;
5557 		*vht_cap |= nsts;
5558 	}
5559 }
5560 
5561 static struct ieee80211_sta_vht_cap
5562 ath11k_create_vht_cap(struct ath11k *ar, u32 rate_cap_tx_chainmask,
5563 		      u32 rate_cap_rx_chainmask)
5564 {
5565 	struct ieee80211_sta_vht_cap vht_cap = {0};
5566 	u16 txmcs_map, rxmcs_map;
5567 	int i;
5568 
5569 	vht_cap.vht_supported = 1;
5570 	vht_cap.cap = ar->pdev->cap.vht_cap;
5571 
5572 	if (ar->pdev->cap.nss_ratio_enabled)
5573 		vht_cap.vht_mcs.tx_highest |=
5574 			cpu_to_le16(IEEE80211_VHT_EXT_NSS_BW_CAPABLE);
5575 
5576 	ath11k_set_vht_txbf_cap(ar, &vht_cap.cap);
5577 
5578 	rxmcs_map = 0;
5579 	txmcs_map = 0;
5580 	for (i = 0; i < 8; i++) {
5581 		if (i < ar->num_tx_chains && rate_cap_tx_chainmask & BIT(i))
5582 			txmcs_map |= IEEE80211_VHT_MCS_SUPPORT_0_9 << (i * 2);
5583 		else
5584 			txmcs_map |= IEEE80211_VHT_MCS_NOT_SUPPORTED << (i * 2);
5585 
5586 		if (i < ar->num_rx_chains && rate_cap_rx_chainmask & BIT(i))
5587 			rxmcs_map |= IEEE80211_VHT_MCS_SUPPORT_0_9 << (i * 2);
5588 		else
5589 			rxmcs_map |= IEEE80211_VHT_MCS_NOT_SUPPORTED << (i * 2);
5590 	}
5591 
5592 	if (rate_cap_tx_chainmask <= 1)
5593 		vht_cap.cap &= ~IEEE80211_VHT_CAP_TXSTBC;
5594 
5595 	vht_cap.vht_mcs.rx_mcs_map = cpu_to_le16(rxmcs_map);
5596 	vht_cap.vht_mcs.tx_mcs_map = cpu_to_le16(txmcs_map);
5597 
5598 	return vht_cap;
5599 }
5600 
5601 static void ath11k_mac_setup_ht_vht_cap(struct ath11k *ar,
5602 					struct ath11k_pdev_cap *cap,
5603 					u32 *ht_cap_info)
5604 {
5605 	struct ieee80211_supported_band *band;
5606 	u32 rate_cap_tx_chainmask;
5607 	u32 rate_cap_rx_chainmask;
5608 	u32 ht_cap;
5609 
5610 	rate_cap_tx_chainmask = ar->cfg_tx_chainmask >> cap->tx_chain_mask_shift;
5611 	rate_cap_rx_chainmask = ar->cfg_rx_chainmask >> cap->rx_chain_mask_shift;
5612 
5613 	if (cap->supported_bands & WMI_HOST_WLAN_2G_CAP) {
5614 		band = &ar->mac.sbands[NL80211_BAND_2GHZ];
5615 		ht_cap = cap->band[NL80211_BAND_2GHZ].ht_cap_info;
5616 		if (ht_cap_info)
5617 			*ht_cap_info = ht_cap;
5618 		band->ht_cap = ath11k_create_ht_cap(ar, ht_cap,
5619 						    rate_cap_rx_chainmask);
5620 	}
5621 
5622 	if (cap->supported_bands & WMI_HOST_WLAN_5G_CAP &&
5623 	    (ar->ab->hw_params.single_pdev_only ||
5624 	     !ar->supports_6ghz)) {
5625 		band = &ar->mac.sbands[NL80211_BAND_5GHZ];
5626 		ht_cap = cap->band[NL80211_BAND_5GHZ].ht_cap_info;
5627 		if (ht_cap_info)
5628 			*ht_cap_info = ht_cap;
5629 		band->ht_cap = ath11k_create_ht_cap(ar, ht_cap,
5630 						    rate_cap_rx_chainmask);
5631 		band->vht_cap = ath11k_create_vht_cap(ar, rate_cap_tx_chainmask,
5632 						      rate_cap_rx_chainmask);
5633 	}
5634 }
5635 
5636 static int ath11k_check_chain_mask(struct ath11k *ar, u32 ant, bool is_tx_ant)
5637 {
5638 	/* TODO: Check the request chainmask against the supported
5639 	 * chainmask table which is advertised in extented_service_ready event
5640 	 */
5641 
5642 	return 0;
5643 }
5644 
5645 static void ath11k_gen_ppe_thresh(struct ath11k_ppe_threshold *fw_ppet,
5646 				  u8 *he_ppet)
5647 {
5648 	int nss, ru;
5649 	u8 bit = 7;
5650 
5651 	he_ppet[0] = fw_ppet->numss_m1 & IEEE80211_PPE_THRES_NSS_MASK;
5652 	he_ppet[0] |= (fw_ppet->ru_bit_mask <<
5653 		       IEEE80211_PPE_THRES_RU_INDEX_BITMASK_POS) &
5654 		      IEEE80211_PPE_THRES_RU_INDEX_BITMASK_MASK;
5655 	for (nss = 0; nss <= fw_ppet->numss_m1; nss++) {
5656 		for (ru = 0; ru < 4; ru++) {
5657 			u8 val;
5658 			int i;
5659 
5660 			if ((fw_ppet->ru_bit_mask & BIT(ru)) == 0)
5661 				continue;
5662 			val = (fw_ppet->ppet16_ppet8_ru3_ru0[nss] >> (ru * 6)) &
5663 			       0x3f;
5664 			val = ((val >> 3) & 0x7) | ((val & 0x7) << 3);
5665 			for (i = 5; i >= 0; i--) {
5666 				he_ppet[bit / 8] |=
5667 					((val >> i) & 0x1) << ((bit % 8));
5668 				bit++;
5669 			}
5670 		}
5671 	}
5672 }
5673 
5674 static void
5675 ath11k_mac_filter_he_cap_mesh(struct ieee80211_he_cap_elem *he_cap_elem)
5676 {
5677 	u8 m;
5678 
5679 	m = IEEE80211_HE_MAC_CAP0_TWT_RES |
5680 	    IEEE80211_HE_MAC_CAP0_TWT_REQ;
5681 	he_cap_elem->mac_cap_info[0] &= ~m;
5682 
5683 	m = IEEE80211_HE_MAC_CAP2_TRS |
5684 	    IEEE80211_HE_MAC_CAP2_BCAST_TWT |
5685 	    IEEE80211_HE_MAC_CAP2_MU_CASCADING;
5686 	he_cap_elem->mac_cap_info[2] &= ~m;
5687 
5688 	m = IEEE80211_HE_MAC_CAP3_FLEX_TWT_SCHED |
5689 	    IEEE80211_HE_MAC_CAP2_BCAST_TWT |
5690 	    IEEE80211_HE_MAC_CAP2_MU_CASCADING;
5691 	he_cap_elem->mac_cap_info[3] &= ~m;
5692 
5693 	m = IEEE80211_HE_MAC_CAP4_BSRP_BQRP_A_MPDU_AGG |
5694 	    IEEE80211_HE_MAC_CAP4_BQR;
5695 	he_cap_elem->mac_cap_info[4] &= ~m;
5696 
5697 	m = IEEE80211_HE_MAC_CAP5_SUBCHAN_SELECTIVE_TRANSMISSION |
5698 	    IEEE80211_HE_MAC_CAP5_UL_2x996_TONE_RU |
5699 	    IEEE80211_HE_MAC_CAP5_PUNCTURED_SOUNDING |
5700 	    IEEE80211_HE_MAC_CAP5_HT_VHT_TRIG_FRAME_RX;
5701 	he_cap_elem->mac_cap_info[5] &= ~m;
5702 
5703 	m = IEEE80211_HE_PHY_CAP2_UL_MU_FULL_MU_MIMO |
5704 	    IEEE80211_HE_PHY_CAP2_UL_MU_PARTIAL_MU_MIMO;
5705 	he_cap_elem->phy_cap_info[2] &= ~m;
5706 
5707 	m = IEEE80211_HE_PHY_CAP3_RX_PARTIAL_BW_SU_IN_20MHZ_MU |
5708 	    IEEE80211_HE_PHY_CAP3_DCM_MAX_CONST_TX_MASK |
5709 	    IEEE80211_HE_PHY_CAP3_DCM_MAX_CONST_RX_MASK;
5710 	he_cap_elem->phy_cap_info[3] &= ~m;
5711 
5712 	m = IEEE80211_HE_PHY_CAP4_MU_BEAMFORMER;
5713 	he_cap_elem->phy_cap_info[4] &= ~m;
5714 
5715 	m = IEEE80211_HE_PHY_CAP5_NG16_MU_FEEDBACK;
5716 	he_cap_elem->phy_cap_info[5] &= ~m;
5717 
5718 	m = IEEE80211_HE_PHY_CAP6_CODEBOOK_SIZE_75_MU |
5719 	    IEEE80211_HE_PHY_CAP6_TRIG_MU_BEAMFORMING_PARTIAL_BW_FB |
5720 	    IEEE80211_HE_PHY_CAP6_TRIG_CQI_FB |
5721 	    IEEE80211_HE_PHY_CAP6_PARTIAL_BANDWIDTH_DL_MUMIMO;
5722 	he_cap_elem->phy_cap_info[6] &= ~m;
5723 
5724 	m = IEEE80211_HE_PHY_CAP7_PSR_BASED_SR |
5725 	    IEEE80211_HE_PHY_CAP7_POWER_BOOST_FACTOR_SUPP |
5726 	    IEEE80211_HE_PHY_CAP7_STBC_TX_ABOVE_80MHZ |
5727 	    IEEE80211_HE_PHY_CAP7_STBC_RX_ABOVE_80MHZ;
5728 	he_cap_elem->phy_cap_info[7] &= ~m;
5729 
5730 	m = IEEE80211_HE_PHY_CAP8_HE_ER_SU_PPDU_4XLTF_AND_08_US_GI |
5731 	    IEEE80211_HE_PHY_CAP8_20MHZ_IN_40MHZ_HE_PPDU_IN_2G |
5732 	    IEEE80211_HE_PHY_CAP8_20MHZ_IN_160MHZ_HE_PPDU |
5733 	    IEEE80211_HE_PHY_CAP8_80MHZ_IN_160MHZ_HE_PPDU;
5734 	he_cap_elem->phy_cap_info[8] &= ~m;
5735 
5736 	m = IEEE80211_HE_PHY_CAP9_LONGER_THAN_16_SIGB_OFDM_SYM |
5737 	    IEEE80211_HE_PHY_CAP9_NON_TRIGGERED_CQI_FEEDBACK |
5738 	    IEEE80211_HE_PHY_CAP9_RX_1024_QAM_LESS_THAN_242_TONE_RU |
5739 	    IEEE80211_HE_PHY_CAP9_TX_1024_QAM_LESS_THAN_242_TONE_RU |
5740 	    IEEE80211_HE_PHY_CAP9_RX_FULL_BW_SU_USING_MU_WITH_COMP_SIGB |
5741 	    IEEE80211_HE_PHY_CAP9_RX_FULL_BW_SU_USING_MU_WITH_NON_COMP_SIGB;
5742 	he_cap_elem->phy_cap_info[9] &= ~m;
5743 }
5744 
5745 static __le16 ath11k_mac_setup_he_6ghz_cap(struct ath11k_pdev_cap *pcap,
5746 					   struct ath11k_band_cap *bcap)
5747 {
5748 	u8 val;
5749 
5750 	bcap->he_6ghz_capa = IEEE80211_HT_MPDU_DENSITY_NONE;
5751 	if (bcap->ht_cap_info & WMI_HT_CAP_DYNAMIC_SMPS)
5752 		bcap->he_6ghz_capa |=
5753 			FIELD_PREP(IEEE80211_HE_6GHZ_CAP_SM_PS,
5754 				   WLAN_HT_CAP_SM_PS_DYNAMIC);
5755 	else
5756 		bcap->he_6ghz_capa |=
5757 			FIELD_PREP(IEEE80211_HE_6GHZ_CAP_SM_PS,
5758 				   WLAN_HT_CAP_SM_PS_DISABLED);
5759 	val = FIELD_GET(IEEE80211_VHT_CAP_MAX_A_MPDU_LENGTH_EXPONENT_MASK,
5760 			pcap->vht_cap);
5761 	bcap->he_6ghz_capa |=
5762 		FIELD_PREP(IEEE80211_HE_6GHZ_CAP_MAX_AMPDU_LEN_EXP, val);
5763 	val = FIELD_GET(IEEE80211_VHT_CAP_MAX_MPDU_MASK, pcap->vht_cap);
5764 	bcap->he_6ghz_capa |=
5765 		FIELD_PREP(IEEE80211_HE_6GHZ_CAP_MAX_MPDU_LEN, val);
5766 	if (pcap->vht_cap & IEEE80211_VHT_CAP_RX_ANTENNA_PATTERN)
5767 		bcap->he_6ghz_capa |= IEEE80211_HE_6GHZ_CAP_RX_ANTPAT_CONS;
5768 	if (pcap->vht_cap & IEEE80211_VHT_CAP_TX_ANTENNA_PATTERN)
5769 		bcap->he_6ghz_capa |= IEEE80211_HE_6GHZ_CAP_TX_ANTPAT_CONS;
5770 
5771 	return cpu_to_le16(bcap->he_6ghz_capa);
5772 }
5773 
5774 static void ath11k_mac_set_hemcsmap(struct ath11k *ar,
5775 				    struct ath11k_pdev_cap *cap,
5776 				    struct ieee80211_sta_he_cap *he_cap,
5777 				    int band)
5778 {
5779 	u16 txmcs_map, rxmcs_map;
5780 	u32 i;
5781 
5782 	rxmcs_map = 0;
5783 	txmcs_map = 0;
5784 	for (i = 0; i < 8; i++) {
5785 		if (i < ar->num_tx_chains &&
5786 		    (ar->cfg_tx_chainmask >> cap->tx_chain_mask_shift) & BIT(i))
5787 			txmcs_map |= IEEE80211_HE_MCS_SUPPORT_0_11 << (i * 2);
5788 		else
5789 			txmcs_map |= IEEE80211_HE_MCS_NOT_SUPPORTED << (i * 2);
5790 
5791 		if (i < ar->num_rx_chains &&
5792 		    (ar->cfg_rx_chainmask >> cap->tx_chain_mask_shift) & BIT(i))
5793 			rxmcs_map |= IEEE80211_HE_MCS_SUPPORT_0_11 << (i * 2);
5794 		else
5795 			rxmcs_map |= IEEE80211_HE_MCS_NOT_SUPPORTED << (i * 2);
5796 	}
5797 	he_cap->he_mcs_nss_supp.rx_mcs_80 =
5798 		cpu_to_le16(rxmcs_map & 0xffff);
5799 	he_cap->he_mcs_nss_supp.tx_mcs_80 =
5800 		cpu_to_le16(txmcs_map & 0xffff);
5801 	he_cap->he_mcs_nss_supp.rx_mcs_160 =
5802 		cpu_to_le16(rxmcs_map & 0xffff);
5803 	he_cap->he_mcs_nss_supp.tx_mcs_160 =
5804 		cpu_to_le16(txmcs_map & 0xffff);
5805 	he_cap->he_mcs_nss_supp.rx_mcs_80p80 =
5806 		cpu_to_le16(rxmcs_map & 0xffff);
5807 	he_cap->he_mcs_nss_supp.tx_mcs_80p80 =
5808 		cpu_to_le16(txmcs_map & 0xffff);
5809 }
5810 
5811 static int ath11k_mac_copy_he_cap(struct ath11k *ar,
5812 				  struct ath11k_pdev_cap *cap,
5813 				  struct ieee80211_sband_iftype_data *data,
5814 				  int band)
5815 {
5816 	int i, idx = 0;
5817 
5818 	for (i = 0; i < NUM_NL80211_IFTYPES; i++) {
5819 		struct ieee80211_sta_he_cap *he_cap = &data[idx].he_cap;
5820 		struct ath11k_band_cap *band_cap = &cap->band[band];
5821 		struct ieee80211_he_cap_elem *he_cap_elem =
5822 				&he_cap->he_cap_elem;
5823 
5824 		switch (i) {
5825 		case NL80211_IFTYPE_STATION:
5826 		case NL80211_IFTYPE_AP:
5827 		case NL80211_IFTYPE_MESH_POINT:
5828 			break;
5829 
5830 		default:
5831 			continue;
5832 		}
5833 
5834 		data[idx].types_mask = BIT(i);
5835 		he_cap->has_he = true;
5836 		memcpy(he_cap_elem->mac_cap_info, band_cap->he_cap_info,
5837 		       sizeof(he_cap_elem->mac_cap_info));
5838 		memcpy(he_cap_elem->phy_cap_info, band_cap->he_cap_phy_info,
5839 		       sizeof(he_cap_elem->phy_cap_info));
5840 
5841 		he_cap_elem->mac_cap_info[1] &=
5842 			IEEE80211_HE_MAC_CAP1_TF_MAC_PAD_DUR_MASK;
5843 
5844 		he_cap_elem->phy_cap_info[5] &=
5845 			~IEEE80211_HE_PHY_CAP5_BEAMFORMEE_NUM_SND_DIM_UNDER_80MHZ_MASK;
5846 		he_cap_elem->phy_cap_info[5] |= ar->num_tx_chains - 1;
5847 
5848 		switch (i) {
5849 		case NL80211_IFTYPE_AP:
5850 			he_cap_elem->phy_cap_info[3] &=
5851 				~IEEE80211_HE_PHY_CAP3_DCM_MAX_CONST_TX_MASK;
5852 			he_cap_elem->phy_cap_info[9] |=
5853 				IEEE80211_HE_PHY_CAP9_RX_1024_QAM_LESS_THAN_242_TONE_RU;
5854 			break;
5855 		case NL80211_IFTYPE_STATION:
5856 			he_cap_elem->mac_cap_info[0] &=
5857 				~IEEE80211_HE_MAC_CAP0_TWT_RES;
5858 			he_cap_elem->mac_cap_info[0] |=
5859 				IEEE80211_HE_MAC_CAP0_TWT_REQ;
5860 			he_cap_elem->phy_cap_info[9] |=
5861 				IEEE80211_HE_PHY_CAP9_TX_1024_QAM_LESS_THAN_242_TONE_RU;
5862 			break;
5863 		case NL80211_IFTYPE_MESH_POINT:
5864 			ath11k_mac_filter_he_cap_mesh(he_cap_elem);
5865 			break;
5866 		}
5867 
5868 		ath11k_mac_set_hemcsmap(ar, cap, he_cap, band);
5869 
5870 		memset(he_cap->ppe_thres, 0, sizeof(he_cap->ppe_thres));
5871 		if (he_cap_elem->phy_cap_info[6] &
5872 		    IEEE80211_HE_PHY_CAP6_PPE_THRESHOLD_PRESENT)
5873 			ath11k_gen_ppe_thresh(&band_cap->he_ppet,
5874 					      he_cap->ppe_thres);
5875 
5876 		if (band == NL80211_BAND_6GHZ) {
5877 			data[idx].he_6ghz_capa.capa =
5878 				ath11k_mac_setup_he_6ghz_cap(cap, band_cap);
5879 		}
5880 		idx++;
5881 	}
5882 
5883 	return idx;
5884 }
5885 
5886 static void ath11k_mac_setup_he_cap(struct ath11k *ar,
5887 				    struct ath11k_pdev_cap *cap)
5888 {
5889 	struct ieee80211_supported_band *band;
5890 	int count;
5891 
5892 	if (cap->supported_bands & WMI_HOST_WLAN_2G_CAP) {
5893 		count = ath11k_mac_copy_he_cap(ar, cap,
5894 					       ar->mac.iftype[NL80211_BAND_2GHZ],
5895 					       NL80211_BAND_2GHZ);
5896 		band = &ar->mac.sbands[NL80211_BAND_2GHZ];
5897 		_ieee80211_set_sband_iftype_data(band,
5898 						 ar->mac.iftype[NL80211_BAND_2GHZ],
5899 						 count);
5900 	}
5901 
5902 	if (cap->supported_bands & WMI_HOST_WLAN_5G_CAP) {
5903 		count = ath11k_mac_copy_he_cap(ar, cap,
5904 					       ar->mac.iftype[NL80211_BAND_5GHZ],
5905 					       NL80211_BAND_5GHZ);
5906 		band = &ar->mac.sbands[NL80211_BAND_5GHZ];
5907 		_ieee80211_set_sband_iftype_data(band,
5908 						 ar->mac.iftype[NL80211_BAND_5GHZ],
5909 						 count);
5910 	}
5911 
5912 	if (cap->supported_bands & WMI_HOST_WLAN_5G_CAP &&
5913 	    ar->supports_6ghz) {
5914 		count = ath11k_mac_copy_he_cap(ar, cap,
5915 					       ar->mac.iftype[NL80211_BAND_6GHZ],
5916 					       NL80211_BAND_6GHZ);
5917 		band = &ar->mac.sbands[NL80211_BAND_6GHZ];
5918 		_ieee80211_set_sband_iftype_data(band,
5919 						 ar->mac.iftype[NL80211_BAND_6GHZ],
5920 						 count);
5921 	}
5922 }
5923 
5924 static int __ath11k_set_antenna(struct ath11k *ar, u32 tx_ant, u32 rx_ant)
5925 {
5926 	int ret;
5927 
5928 	lockdep_assert_held(&ar->conf_mutex);
5929 
5930 	if (ath11k_check_chain_mask(ar, tx_ant, true))
5931 		return -EINVAL;
5932 
5933 	if (ath11k_check_chain_mask(ar, rx_ant, false))
5934 		return -EINVAL;
5935 
5936 	ar->cfg_tx_chainmask = tx_ant;
5937 	ar->cfg_rx_chainmask = rx_ant;
5938 
5939 	if (ar->state != ATH11K_STATE_ON &&
5940 	    ar->state != ATH11K_STATE_RESTARTED)
5941 		return 0;
5942 
5943 	ret = ath11k_wmi_pdev_set_param(ar, WMI_PDEV_PARAM_TX_CHAIN_MASK,
5944 					tx_ant, ar->pdev->pdev_id);
5945 	if (ret) {
5946 		ath11k_warn(ar->ab, "failed to set tx-chainmask: %d, req 0x%x\n",
5947 			    ret, tx_ant);
5948 		return ret;
5949 	}
5950 
5951 	ar->num_tx_chains = get_num_chains(tx_ant);
5952 
5953 	ret = ath11k_wmi_pdev_set_param(ar, WMI_PDEV_PARAM_RX_CHAIN_MASK,
5954 					rx_ant, ar->pdev->pdev_id);
5955 	if (ret) {
5956 		ath11k_warn(ar->ab, "failed to set rx-chainmask: %d, req 0x%x\n",
5957 			    ret, rx_ant);
5958 		return ret;
5959 	}
5960 
5961 	ar->num_rx_chains = get_num_chains(rx_ant);
5962 
5963 	/* Reload HT/VHT/HE capability */
5964 	ath11k_mac_setup_ht_vht_cap(ar, &ar->pdev->cap, NULL);
5965 	ath11k_mac_setup_he_cap(ar, &ar->pdev->cap);
5966 
5967 	return 0;
5968 }
5969 
5970 static void ath11k_mgmt_over_wmi_tx_drop(struct ath11k *ar, struct sk_buff *skb)
5971 {
5972 	int num_mgmt;
5973 
5974 	ieee80211_free_txskb(ar->hw, skb);
5975 
5976 	num_mgmt = atomic_dec_if_positive(&ar->num_pending_mgmt_tx);
5977 
5978 	if (num_mgmt < 0)
5979 		WARN_ON_ONCE(1);
5980 
5981 	if (!num_mgmt)
5982 		wake_up(&ar->txmgmt_empty_waitq);
5983 }
5984 
5985 static void ath11k_mac_tx_mgmt_free(struct ath11k *ar, int buf_id)
5986 {
5987 	struct sk_buff *msdu;
5988 	struct ieee80211_tx_info *info;
5989 
5990 	spin_lock_bh(&ar->txmgmt_idr_lock);
5991 	msdu = idr_remove(&ar->txmgmt_idr, buf_id);
5992 	spin_unlock_bh(&ar->txmgmt_idr_lock);
5993 
5994 	if (!msdu)
5995 		return;
5996 
5997 	dma_unmap_single(ar->ab->dev, ATH11K_SKB_CB(msdu)->paddr, msdu->len,
5998 			 DMA_TO_DEVICE);
5999 
6000 	info = IEEE80211_SKB_CB(msdu);
6001 	memset(&info->status, 0, sizeof(info->status));
6002 
6003 	ath11k_mgmt_over_wmi_tx_drop(ar, msdu);
6004 }
6005 
6006 int ath11k_mac_tx_mgmt_pending_free(int buf_id, void *skb, void *ctx)
6007 {
6008 	struct ath11k *ar = ctx;
6009 
6010 	ath11k_mac_tx_mgmt_free(ar, buf_id);
6011 
6012 	return 0;
6013 }
6014 
6015 static int ath11k_mac_vif_txmgmt_idr_remove(int buf_id, void *skb, void *ctx)
6016 {
6017 	struct ieee80211_vif *vif = ctx;
6018 	struct ath11k_skb_cb *skb_cb = ATH11K_SKB_CB((struct sk_buff *)skb);
6019 	struct ath11k *ar = skb_cb->ar;
6020 
6021 	if (skb_cb->vif == vif)
6022 		ath11k_mac_tx_mgmt_free(ar, buf_id);
6023 
6024 	return 0;
6025 }
6026 
6027 static int ath11k_mac_mgmt_tx_wmi(struct ath11k *ar, struct ath11k_vif *arvif,
6028 				  struct sk_buff *skb)
6029 {
6030 	struct ath11k_base *ab = ar->ab;
6031 	struct ieee80211_hdr *hdr = (struct ieee80211_hdr *)skb->data;
6032 	struct ieee80211_tx_info *info;
6033 	dma_addr_t paddr;
6034 	int buf_id;
6035 	int ret;
6036 
6037 	ATH11K_SKB_CB(skb)->ar = ar;
6038 
6039 	spin_lock_bh(&ar->txmgmt_idr_lock);
6040 	buf_id = idr_alloc(&ar->txmgmt_idr, skb, 0,
6041 			   ATH11K_TX_MGMT_NUM_PENDING_MAX, GFP_ATOMIC);
6042 	spin_unlock_bh(&ar->txmgmt_idr_lock);
6043 
6044 	ath11k_dbg(ar->ab, ATH11K_DBG_MAC,
6045 		   "tx mgmt frame, buf id %d\n", buf_id);
6046 
6047 	if (buf_id < 0)
6048 		return -ENOSPC;
6049 
6050 	info = IEEE80211_SKB_CB(skb);
6051 	if (!(info->flags & IEEE80211_TX_CTL_HW_80211_ENCAP)) {
6052 		if ((ieee80211_is_action(hdr->frame_control) ||
6053 		     ieee80211_is_deauth(hdr->frame_control) ||
6054 		     ieee80211_is_disassoc(hdr->frame_control)) &&
6055 		     ieee80211_has_protected(hdr->frame_control)) {
6056 			skb_put(skb, IEEE80211_CCMP_MIC_LEN);
6057 		}
6058 	}
6059 
6060 	paddr = dma_map_single(ab->dev, skb->data, skb->len, DMA_TO_DEVICE);
6061 	if (dma_mapping_error(ab->dev, paddr)) {
6062 		ath11k_warn(ab, "failed to DMA map mgmt Tx buffer\n");
6063 		ret = -EIO;
6064 		goto err_free_idr;
6065 	}
6066 
6067 	ATH11K_SKB_CB(skb)->paddr = paddr;
6068 
6069 	ret = ath11k_wmi_mgmt_send(ar, arvif->vdev_id, buf_id, skb);
6070 	if (ret) {
6071 		ath11k_warn(ar->ab, "failed to send mgmt frame: %d\n", ret);
6072 		goto err_unmap_buf;
6073 	}
6074 
6075 	return 0;
6076 
6077 err_unmap_buf:
6078 	dma_unmap_single(ab->dev, ATH11K_SKB_CB(skb)->paddr,
6079 			 skb->len, DMA_TO_DEVICE);
6080 err_free_idr:
6081 	spin_lock_bh(&ar->txmgmt_idr_lock);
6082 	idr_remove(&ar->txmgmt_idr, buf_id);
6083 	spin_unlock_bh(&ar->txmgmt_idr_lock);
6084 
6085 	return ret;
6086 }
6087 
6088 static void ath11k_mgmt_over_wmi_tx_purge(struct ath11k *ar)
6089 {
6090 	struct sk_buff *skb;
6091 
6092 	while ((skb = skb_dequeue(&ar->wmi_mgmt_tx_queue)) != NULL)
6093 		ath11k_mgmt_over_wmi_tx_drop(ar, skb);
6094 }
6095 
6096 static void ath11k_mgmt_over_wmi_tx_work(struct work_struct *work)
6097 {
6098 	struct ath11k *ar = container_of(work, struct ath11k, wmi_mgmt_tx_work);
6099 	struct ath11k_skb_cb *skb_cb;
6100 	struct ath11k_vif *arvif;
6101 	struct sk_buff *skb;
6102 	int ret;
6103 
6104 	while ((skb = skb_dequeue(&ar->wmi_mgmt_tx_queue)) != NULL) {
6105 		skb_cb = ATH11K_SKB_CB(skb);
6106 		if (!skb_cb->vif) {
6107 			ath11k_warn(ar->ab, "no vif found for mgmt frame\n");
6108 			ath11k_mgmt_over_wmi_tx_drop(ar, skb);
6109 			continue;
6110 		}
6111 
6112 		arvif = ath11k_vif_to_arvif(skb_cb->vif);
6113 		mutex_lock(&ar->conf_mutex);
6114 		if (ar->allocated_vdev_map & (1LL << arvif->vdev_id)) {
6115 			ret = ath11k_mac_mgmt_tx_wmi(ar, arvif, skb);
6116 			if (ret) {
6117 				ath11k_warn(ar->ab, "failed to tx mgmt frame, vdev_id %d :%d\n",
6118 					    arvif->vdev_id, ret);
6119 				ath11k_mgmt_over_wmi_tx_drop(ar, skb);
6120 			} else {
6121 				ath11k_dbg(ar->ab, ATH11K_DBG_MAC,
6122 					   "tx mgmt frame, vdev_id %d\n",
6123 					   arvif->vdev_id);
6124 			}
6125 		} else {
6126 			ath11k_warn(ar->ab,
6127 				    "dropping mgmt frame for vdev %d, is_started %d\n",
6128 				    arvif->vdev_id,
6129 				    arvif->is_started);
6130 			ath11k_mgmt_over_wmi_tx_drop(ar, skb);
6131 		}
6132 		mutex_unlock(&ar->conf_mutex);
6133 	}
6134 }
6135 
6136 static int ath11k_mac_mgmt_tx(struct ath11k *ar, struct sk_buff *skb,
6137 			      bool is_prb_rsp)
6138 {
6139 	struct sk_buff_head *q = &ar->wmi_mgmt_tx_queue;
6140 
6141 	if (test_bit(ATH11K_FLAG_CRASH_FLUSH, &ar->ab->dev_flags))
6142 		return -ESHUTDOWN;
6143 
6144 	/* Drop probe response packets when the pending management tx
6145 	 * count has reached a certain threshold, so as to prioritize
6146 	 * other mgmt packets like auth and assoc to be sent on time
6147 	 * for establishing successful connections.
6148 	 */
6149 	if (is_prb_rsp &&
6150 	    atomic_read(&ar->num_pending_mgmt_tx) > ATH11K_PRB_RSP_DROP_THRESHOLD) {
6151 		ath11k_warn(ar->ab,
6152 			    "dropping probe response as pending queue is almost full\n");
6153 		return -ENOSPC;
6154 	}
6155 
6156 	if (skb_queue_len_lockless(q) >= ATH11K_TX_MGMT_NUM_PENDING_MAX) {
6157 		ath11k_warn(ar->ab, "mgmt tx queue is full\n");
6158 		return -ENOSPC;
6159 	}
6160 
6161 	skb_queue_tail(q, skb);
6162 	atomic_inc(&ar->num_pending_mgmt_tx);
6163 	queue_work(ar->ab->workqueue_aux, &ar->wmi_mgmt_tx_work);
6164 
6165 	return 0;
6166 }
6167 
6168 static void ath11k_mac_op_tx(struct ieee80211_hw *hw,
6169 			     struct ieee80211_tx_control *control,
6170 			     struct sk_buff *skb)
6171 {
6172 	struct ath11k_skb_cb *skb_cb = ATH11K_SKB_CB(skb);
6173 	struct ath11k *ar = hw->priv;
6174 	struct ieee80211_tx_info *info = IEEE80211_SKB_CB(skb);
6175 	struct ieee80211_vif *vif = info->control.vif;
6176 	struct ath11k_vif *arvif = ath11k_vif_to_arvif(vif);
6177 	struct ieee80211_hdr *hdr = (struct ieee80211_hdr *)skb->data;
6178 	struct ieee80211_key_conf *key = info->control.hw_key;
6179 	struct ath11k_sta *arsta = NULL;
6180 	u32 info_flags = info->flags;
6181 	bool is_prb_rsp;
6182 	int ret;
6183 
6184 	memset(skb_cb, 0, sizeof(*skb_cb));
6185 	skb_cb->vif = vif;
6186 
6187 	if (key) {
6188 		skb_cb->cipher = key->cipher;
6189 		skb_cb->flags |= ATH11K_SKB_CIPHER_SET;
6190 	}
6191 
6192 	if (info_flags & IEEE80211_TX_CTL_HW_80211_ENCAP) {
6193 		skb_cb->flags |= ATH11K_SKB_HW_80211_ENCAP;
6194 	} else if (ieee80211_is_mgmt(hdr->frame_control)) {
6195 		is_prb_rsp = ieee80211_is_probe_resp(hdr->frame_control);
6196 		ret = ath11k_mac_mgmt_tx(ar, skb, is_prb_rsp);
6197 		if (ret) {
6198 			ath11k_warn(ar->ab, "failed to queue management frame %d\n",
6199 				    ret);
6200 			ieee80211_free_txskb(ar->hw, skb);
6201 		}
6202 		return;
6203 	}
6204 
6205 	if (control->sta)
6206 		arsta = (struct ath11k_sta *)control->sta->drv_priv;
6207 
6208 	ret = ath11k_dp_tx(ar, arvif, arsta, skb);
6209 	if (unlikely(ret)) {
6210 		ath11k_warn(ar->ab, "failed to transmit frame %d\n", ret);
6211 		ieee80211_free_txskb(ar->hw, skb);
6212 	}
6213 }
6214 
6215 void ath11k_mac_drain_tx(struct ath11k *ar)
6216 {
6217 	/* make sure rcu-protected mac80211 tx path itself is drained */
6218 	synchronize_net();
6219 
6220 	cancel_work_sync(&ar->wmi_mgmt_tx_work);
6221 	ath11k_mgmt_over_wmi_tx_purge(ar);
6222 }
6223 
6224 static int ath11k_mac_config_mon_status_default(struct ath11k *ar, bool enable)
6225 {
6226 	struct htt_rx_ring_tlv_filter tlv_filter = {0};
6227 	struct ath11k_base *ab = ar->ab;
6228 	int i, ret = 0;
6229 	u32 ring_id;
6230 
6231 	if (enable) {
6232 		tlv_filter = ath11k_mac_mon_status_filter_default;
6233 		if (ath11k_debugfs_rx_filter(ar))
6234 			tlv_filter.rx_filter = ath11k_debugfs_rx_filter(ar);
6235 	}
6236 
6237 	for (i = 0; i < ab->hw_params.num_rxmda_per_pdev; i++) {
6238 		ring_id = ar->dp.rx_mon_status_refill_ring[i].refill_buf_ring.ring_id;
6239 		ret = ath11k_dp_tx_htt_rx_filter_setup(ar->ab, ring_id,
6240 						       ar->dp.mac_id + i,
6241 						       HAL_RXDMA_MONITOR_STATUS,
6242 						       DP_RX_BUFFER_SIZE,
6243 						       &tlv_filter);
6244 	}
6245 
6246 	if (enable && !ar->ab->hw_params.rxdma1_enable)
6247 		mod_timer(&ar->ab->mon_reap_timer, jiffies +
6248 			  msecs_to_jiffies(ATH11K_MON_TIMER_INTERVAL));
6249 
6250 	return ret;
6251 }
6252 
6253 static void ath11k_mac_wait_reconfigure(struct ath11k_base *ab)
6254 {
6255 	int recovery_start_count;
6256 
6257 	if (!ab->is_reset)
6258 		return;
6259 
6260 	recovery_start_count = atomic_inc_return(&ab->recovery_start_count);
6261 	ath11k_dbg(ab, ATH11K_DBG_MAC, "recovery start count %d\n", recovery_start_count);
6262 
6263 	if (recovery_start_count == ab->num_radios) {
6264 		complete(&ab->recovery_start);
6265 		ath11k_dbg(ab, ATH11K_DBG_MAC, "recovery started success\n");
6266 	}
6267 
6268 	ath11k_dbg(ab, ATH11K_DBG_MAC, "waiting reconfigure...\n");
6269 
6270 	wait_for_completion_timeout(&ab->reconfigure_complete,
6271 				    ATH11K_RECONFIGURE_TIMEOUT_HZ);
6272 }
6273 
6274 static int ath11k_mac_op_start(struct ieee80211_hw *hw)
6275 {
6276 	struct ath11k *ar = hw->priv;
6277 	struct ath11k_base *ab = ar->ab;
6278 	struct ath11k_pdev *pdev = ar->pdev;
6279 	int ret;
6280 
6281 	if (ath11k_ftm_mode) {
6282 		ath11k_warn(ab, "mac operations not supported in factory test mode\n");
6283 		return -EOPNOTSUPP;
6284 	}
6285 
6286 	ath11k_mac_drain_tx(ar);
6287 	mutex_lock(&ar->conf_mutex);
6288 
6289 	switch (ar->state) {
6290 	case ATH11K_STATE_OFF:
6291 		ar->state = ATH11K_STATE_ON;
6292 		break;
6293 	case ATH11K_STATE_RESTARTING:
6294 		ar->state = ATH11K_STATE_RESTARTED;
6295 		ath11k_mac_wait_reconfigure(ab);
6296 		break;
6297 	case ATH11K_STATE_RESTARTED:
6298 	case ATH11K_STATE_WEDGED:
6299 	case ATH11K_STATE_ON:
6300 	case ATH11K_STATE_FTM:
6301 		WARN_ON(1);
6302 		ret = -EINVAL;
6303 		goto err;
6304 	}
6305 
6306 	ret = ath11k_wmi_pdev_set_param(ar, WMI_PDEV_PARAM_PMF_QOS,
6307 					1, pdev->pdev_id);
6308 
6309 	if (ret) {
6310 		ath11k_err(ar->ab, "failed to enable PMF QOS: (%d\n", ret);
6311 		goto err;
6312 	}
6313 
6314 	ret = ath11k_wmi_pdev_set_param(ar, WMI_PDEV_PARAM_DYNAMIC_BW, 1,
6315 					pdev->pdev_id);
6316 	if (ret) {
6317 		ath11k_err(ar->ab, "failed to enable dynamic bw: %d\n", ret);
6318 		goto err;
6319 	}
6320 
6321 	if (test_bit(WMI_TLV_SERVICE_SPOOF_MAC_SUPPORT, ar->wmi->wmi_ab->svc_map)) {
6322 		ret = ath11k_wmi_scan_prob_req_oui(ar, ar->mac_addr);
6323 		if (ret) {
6324 			ath11k_err(ab, "failed to set prob req oui: %i\n", ret);
6325 			goto err;
6326 		}
6327 	}
6328 
6329 	ret = ath11k_wmi_pdev_set_param(ar, WMI_PDEV_PARAM_ARP_AC_OVERRIDE,
6330 					0, pdev->pdev_id);
6331 	if (ret) {
6332 		ath11k_err(ab, "failed to set ac override for ARP: %d\n",
6333 			   ret);
6334 		goto err;
6335 	}
6336 
6337 	ret = ath11k_wmi_send_dfs_phyerr_offload_enable_cmd(ar, pdev->pdev_id);
6338 	if (ret) {
6339 		ath11k_err(ab, "failed to offload radar detection: %d\n",
6340 			   ret);
6341 		goto err;
6342 	}
6343 
6344 	ret = ath11k_dp_tx_htt_h2t_ppdu_stats_req(ar,
6345 						  HTT_PPDU_STATS_TAG_DEFAULT);
6346 	if (ret) {
6347 		ath11k_err(ab, "failed to req ppdu stats: %d\n", ret);
6348 		goto err;
6349 	}
6350 
6351 	ret = ath11k_wmi_pdev_set_param(ar, WMI_PDEV_PARAM_MESH_MCAST_ENABLE,
6352 					1, pdev->pdev_id);
6353 
6354 	if (ret) {
6355 		ath11k_err(ar->ab, "failed to enable MESH MCAST ENABLE: (%d\n", ret);
6356 		goto err;
6357 	}
6358 
6359 	__ath11k_set_antenna(ar, ar->cfg_tx_chainmask, ar->cfg_rx_chainmask);
6360 
6361 	/* TODO: Do we need to enable ANI? */
6362 
6363 	ath11k_reg_update_chan_list(ar, false);
6364 
6365 	ar->num_started_vdevs = 0;
6366 	ar->num_created_vdevs = 0;
6367 	ar->num_peers = 0;
6368 	ar->allocated_vdev_map = 0;
6369 
6370 	/* Configure monitor status ring with default rx_filter to get rx status
6371 	 * such as rssi, rx_duration.
6372 	 */
6373 	ret = ath11k_mac_config_mon_status_default(ar, true);
6374 	if (ret) {
6375 		ath11k_err(ab, "failed to configure monitor status ring with default rx_filter: (%d)\n",
6376 			   ret);
6377 		goto err;
6378 	}
6379 
6380 	/* Configure the hash seed for hash based reo dest ring selection */
6381 	ath11k_wmi_pdev_lro_cfg(ar, ar->pdev->pdev_id);
6382 
6383 	/* allow device to enter IMPS */
6384 	if (ab->hw_params.idle_ps) {
6385 		ret = ath11k_wmi_pdev_set_param(ar, WMI_PDEV_PARAM_IDLE_PS_CONFIG,
6386 						1, pdev->pdev_id);
6387 		if (ret) {
6388 			ath11k_err(ab, "failed to enable idle ps: %d\n", ret);
6389 			goto err;
6390 		}
6391 	}
6392 
6393 	mutex_unlock(&ar->conf_mutex);
6394 
6395 	rcu_assign_pointer(ab->pdevs_active[ar->pdev_idx],
6396 			   &ab->pdevs[ar->pdev_idx]);
6397 
6398 	return 0;
6399 
6400 err:
6401 	ar->state = ATH11K_STATE_OFF;
6402 	mutex_unlock(&ar->conf_mutex);
6403 
6404 	return ret;
6405 }
6406 
6407 static void ath11k_mac_op_stop(struct ieee80211_hw *hw)
6408 {
6409 	struct ath11k *ar = hw->priv;
6410 	struct htt_ppdu_stats_info *ppdu_stats, *tmp;
6411 	int ret;
6412 
6413 	ath11k_mac_drain_tx(ar);
6414 
6415 	mutex_lock(&ar->conf_mutex);
6416 	ret = ath11k_mac_config_mon_status_default(ar, false);
6417 	if (ret)
6418 		ath11k_err(ar->ab, "failed to clear rx_filter for monitor status ring: (%d)\n",
6419 			   ret);
6420 
6421 	clear_bit(ATH11K_CAC_RUNNING, &ar->dev_flags);
6422 	ar->state = ATH11K_STATE_OFF;
6423 	mutex_unlock(&ar->conf_mutex);
6424 
6425 	cancel_delayed_work_sync(&ar->scan.timeout);
6426 	cancel_work_sync(&ar->regd_update_work);
6427 	cancel_work_sync(&ar->ab->update_11d_work);
6428 
6429 	if (ar->state_11d == ATH11K_11D_PREPARING) {
6430 		ar->state_11d = ATH11K_11D_IDLE;
6431 		complete(&ar->completed_11d_scan);
6432 	}
6433 
6434 	spin_lock_bh(&ar->data_lock);
6435 	list_for_each_entry_safe(ppdu_stats, tmp, &ar->ppdu_stats_info, list) {
6436 		list_del(&ppdu_stats->list);
6437 		kfree(ppdu_stats);
6438 	}
6439 	spin_unlock_bh(&ar->data_lock);
6440 
6441 	rcu_assign_pointer(ar->ab->pdevs_active[ar->pdev_idx], NULL);
6442 
6443 	synchronize_rcu();
6444 
6445 	atomic_set(&ar->num_pending_mgmt_tx, 0);
6446 }
6447 
6448 static int ath11k_mac_setup_vdev_params_mbssid(struct ath11k_vif *arvif,
6449 					       u32 *flags, u32 *tx_vdev_id)
6450 {
6451 	struct ath11k *ar = arvif->ar;
6452 	struct ath11k_vif *tx_arvif;
6453 	struct ieee80211_vif *tx_vif;
6454 
6455 	*tx_vdev_id = 0;
6456 	tx_vif = arvif->vif->mbssid_tx_vif;
6457 	if (!tx_vif) {
6458 		*flags = WMI_HOST_VDEV_FLAGS_NON_MBSSID_AP;
6459 		return 0;
6460 	}
6461 
6462 	tx_arvif = ath11k_vif_to_arvif(tx_vif);
6463 
6464 	if (arvif->vif->bss_conf.nontransmitted) {
6465 		if (ar->hw->wiphy != ieee80211_vif_to_wdev(tx_vif)->wiphy)
6466 			return -EINVAL;
6467 
6468 		*flags = WMI_HOST_VDEV_FLAGS_NON_TRANSMIT_AP;
6469 		*tx_vdev_id = ath11k_vif_to_arvif(tx_vif)->vdev_id;
6470 	} else if (tx_arvif == arvif) {
6471 		*flags = WMI_HOST_VDEV_FLAGS_TRANSMIT_AP;
6472 	} else {
6473 		return -EINVAL;
6474 	}
6475 
6476 	if (arvif->vif->bss_conf.ema_ap)
6477 		*flags |= WMI_HOST_VDEV_FLAGS_EMA_MODE;
6478 
6479 	return 0;
6480 }
6481 
6482 static int ath11k_mac_setup_vdev_create_params(struct ath11k_vif *arvif,
6483 					       struct vdev_create_params *params)
6484 {
6485 	struct ath11k *ar = arvif->ar;
6486 	struct ath11k_pdev *pdev = ar->pdev;
6487 	int ret;
6488 
6489 	params->if_id = arvif->vdev_id;
6490 	params->type = arvif->vdev_type;
6491 	params->subtype = arvif->vdev_subtype;
6492 	params->pdev_id = pdev->pdev_id;
6493 	params->mbssid_flags = 0;
6494 	params->mbssid_tx_vdev_id = 0;
6495 
6496 	if (!test_bit(WMI_TLV_SERVICE_MBSS_PARAM_IN_VDEV_START_SUPPORT,
6497 		      ar->ab->wmi_ab.svc_map)) {
6498 		ret = ath11k_mac_setup_vdev_params_mbssid(arvif,
6499 							  &params->mbssid_flags,
6500 							  &params->mbssid_tx_vdev_id);
6501 		if (ret)
6502 			return ret;
6503 	}
6504 
6505 	if (pdev->cap.supported_bands & WMI_HOST_WLAN_2G_CAP) {
6506 		params->chains[NL80211_BAND_2GHZ].tx = ar->num_tx_chains;
6507 		params->chains[NL80211_BAND_2GHZ].rx = ar->num_rx_chains;
6508 	}
6509 	if (pdev->cap.supported_bands & WMI_HOST_WLAN_5G_CAP) {
6510 		params->chains[NL80211_BAND_5GHZ].tx = ar->num_tx_chains;
6511 		params->chains[NL80211_BAND_5GHZ].rx = ar->num_rx_chains;
6512 	}
6513 	if (pdev->cap.supported_bands & WMI_HOST_WLAN_5G_CAP &&
6514 	    ar->supports_6ghz) {
6515 		params->chains[NL80211_BAND_6GHZ].tx = ar->num_tx_chains;
6516 		params->chains[NL80211_BAND_6GHZ].rx = ar->num_rx_chains;
6517 	}
6518 	return 0;
6519 }
6520 
6521 static void ath11k_mac_op_update_vif_offload(struct ieee80211_hw *hw,
6522 					     struct ieee80211_vif *vif)
6523 {
6524 	struct ath11k *ar = hw->priv;
6525 	struct ath11k_base *ab = ar->ab;
6526 	struct ath11k_vif *arvif = ath11k_vif_to_arvif(vif);
6527 	u32 param_id, param_value;
6528 	int ret;
6529 
6530 	param_id = WMI_VDEV_PARAM_TX_ENCAP_TYPE;
6531 	if (ath11k_frame_mode != ATH11K_HW_TXRX_ETHERNET ||
6532 	    (vif->type != NL80211_IFTYPE_STATION &&
6533 	     vif->type != NL80211_IFTYPE_AP))
6534 		vif->offload_flags &= ~(IEEE80211_OFFLOAD_ENCAP_ENABLED |
6535 					IEEE80211_OFFLOAD_DECAP_ENABLED);
6536 
6537 	if (vif->offload_flags & IEEE80211_OFFLOAD_ENCAP_ENABLED)
6538 		param_value = ATH11K_HW_TXRX_ETHERNET;
6539 	else if (test_bit(ATH11K_FLAG_RAW_MODE, &ab->dev_flags))
6540 		param_value = ATH11K_HW_TXRX_RAW;
6541 	else
6542 		param_value = ATH11K_HW_TXRX_NATIVE_WIFI;
6543 
6544 	ret = ath11k_wmi_vdev_set_param_cmd(ar, arvif->vdev_id,
6545 					    param_id, param_value);
6546 	if (ret) {
6547 		ath11k_warn(ab, "failed to set vdev %d tx encap mode: %d\n",
6548 			    arvif->vdev_id, ret);
6549 		vif->offload_flags &= ~IEEE80211_OFFLOAD_ENCAP_ENABLED;
6550 	}
6551 
6552 	param_id = WMI_VDEV_PARAM_RX_DECAP_TYPE;
6553 	if (vif->offload_flags & IEEE80211_OFFLOAD_DECAP_ENABLED)
6554 		param_value = ATH11K_HW_TXRX_ETHERNET;
6555 	else if (test_bit(ATH11K_FLAG_RAW_MODE, &ab->dev_flags))
6556 		param_value = ATH11K_HW_TXRX_RAW;
6557 	else
6558 		param_value = ATH11K_HW_TXRX_NATIVE_WIFI;
6559 
6560 	ret = ath11k_wmi_vdev_set_param_cmd(ar, arvif->vdev_id,
6561 					    param_id, param_value);
6562 	if (ret) {
6563 		ath11k_warn(ab, "failed to set vdev %d rx decap mode: %d\n",
6564 			    arvif->vdev_id, ret);
6565 		vif->offload_flags &= ~IEEE80211_OFFLOAD_DECAP_ENABLED;
6566 	}
6567 }
6568 
6569 static bool ath11k_mac_vif_ap_active_any(struct ath11k_base *ab)
6570 {
6571 	struct ath11k *ar;
6572 	struct ath11k_pdev *pdev;
6573 	struct ath11k_vif *arvif;
6574 	int i;
6575 
6576 	for (i = 0; i < ab->num_radios; i++) {
6577 		pdev = &ab->pdevs[i];
6578 		ar = pdev->ar;
6579 		list_for_each_entry(arvif, &ar->arvifs, list) {
6580 			if (arvif->is_up && arvif->vdev_type == WMI_VDEV_TYPE_AP)
6581 				return true;
6582 		}
6583 	}
6584 	return false;
6585 }
6586 
6587 void ath11k_mac_11d_scan_start(struct ath11k *ar, u32 vdev_id)
6588 {
6589 	struct wmi_11d_scan_start_params param;
6590 	int ret;
6591 
6592 	mutex_lock(&ar->ab->vdev_id_11d_lock);
6593 
6594 	ath11k_dbg(ar->ab, ATH11K_DBG_MAC, "vdev id for 11d scan %d\n",
6595 		   ar->vdev_id_11d_scan);
6596 
6597 	if (ar->regdom_set_by_user)
6598 		goto fin;
6599 
6600 	if (ar->vdev_id_11d_scan != ATH11K_11D_INVALID_VDEV_ID)
6601 		goto fin;
6602 
6603 	if (!test_bit(WMI_TLV_SERVICE_11D_OFFLOAD, ar->ab->wmi_ab.svc_map))
6604 		goto fin;
6605 
6606 	if (ath11k_mac_vif_ap_active_any(ar->ab))
6607 		goto fin;
6608 
6609 	param.vdev_id = vdev_id;
6610 	param.start_interval_msec = 0;
6611 	param.scan_period_msec = ATH11K_SCAN_11D_INTERVAL;
6612 
6613 	ath11k_dbg(ar->ab, ATH11K_DBG_MAC, "start 11d scan\n");
6614 
6615 	ret = ath11k_wmi_send_11d_scan_start_cmd(ar, &param);
6616 	if (ret) {
6617 		ath11k_warn(ar->ab, "failed to start 11d scan vdev %d ret: %d\n",
6618 			    vdev_id, ret);
6619 	} else {
6620 		ar->vdev_id_11d_scan = vdev_id;
6621 		if (ar->state_11d == ATH11K_11D_PREPARING)
6622 			ar->state_11d = ATH11K_11D_RUNNING;
6623 	}
6624 
6625 fin:
6626 	if (ar->state_11d == ATH11K_11D_PREPARING) {
6627 		ar->state_11d = ATH11K_11D_IDLE;
6628 		complete(&ar->completed_11d_scan);
6629 	}
6630 
6631 	mutex_unlock(&ar->ab->vdev_id_11d_lock);
6632 }
6633 
6634 void ath11k_mac_11d_scan_stop(struct ath11k *ar)
6635 {
6636 	int ret;
6637 	u32 vdev_id;
6638 
6639 	if (!test_bit(WMI_TLV_SERVICE_11D_OFFLOAD, ar->ab->wmi_ab.svc_map))
6640 		return;
6641 
6642 	ath11k_dbg(ar->ab, ATH11K_DBG_MAC, "stop 11d scan\n");
6643 
6644 	mutex_lock(&ar->ab->vdev_id_11d_lock);
6645 
6646 	ath11k_dbg(ar->ab, ATH11K_DBG_MAC, "stop 11d vdev id %d\n",
6647 		   ar->vdev_id_11d_scan);
6648 
6649 	if (ar->state_11d == ATH11K_11D_PREPARING) {
6650 		ar->state_11d = ATH11K_11D_IDLE;
6651 		complete(&ar->completed_11d_scan);
6652 	}
6653 
6654 	if (ar->vdev_id_11d_scan != ATH11K_11D_INVALID_VDEV_ID) {
6655 		vdev_id = ar->vdev_id_11d_scan;
6656 
6657 		ret = ath11k_wmi_send_11d_scan_stop_cmd(ar, vdev_id);
6658 		if (ret) {
6659 			ath11k_warn(ar->ab,
6660 				    "failed to stopt 11d scan vdev %d ret: %d\n",
6661 				    vdev_id, ret);
6662 		} else {
6663 			ar->vdev_id_11d_scan = ATH11K_11D_INVALID_VDEV_ID;
6664 			ar->state_11d = ATH11K_11D_IDLE;
6665 			complete(&ar->completed_11d_scan);
6666 		}
6667 	}
6668 	mutex_unlock(&ar->ab->vdev_id_11d_lock);
6669 }
6670 
6671 void ath11k_mac_11d_scan_stop_all(struct ath11k_base *ab)
6672 {
6673 	struct ath11k *ar;
6674 	struct ath11k_pdev *pdev;
6675 	int i;
6676 
6677 	ath11k_dbg(ab, ATH11K_DBG_MAC, "stop soc 11d scan\n");
6678 
6679 	for (i = 0; i < ab->num_radios; i++) {
6680 		pdev = &ab->pdevs[i];
6681 		ar = pdev->ar;
6682 
6683 		ath11k_mac_11d_scan_stop(ar);
6684 	}
6685 }
6686 
6687 static int ath11k_mac_vdev_delete(struct ath11k *ar, struct ath11k_vif *arvif)
6688 {
6689 	unsigned long time_left;
6690 	struct ieee80211_vif *vif = arvif->vif;
6691 	int ret = 0;
6692 
6693 	lockdep_assert_held(&ar->conf_mutex);
6694 
6695 	reinit_completion(&ar->vdev_delete_done);
6696 
6697 	ret = ath11k_wmi_vdev_delete(ar, arvif->vdev_id);
6698 	if (ret) {
6699 		ath11k_warn(ar->ab, "failed to delete WMI vdev %d: %d\n",
6700 			    arvif->vdev_id, ret);
6701 		return ret;
6702 	}
6703 
6704 	time_left = wait_for_completion_timeout(&ar->vdev_delete_done,
6705 						ATH11K_VDEV_DELETE_TIMEOUT_HZ);
6706 	if (time_left == 0) {
6707 		ath11k_warn(ar->ab, "Timeout in receiving vdev delete response\n");
6708 		return -ETIMEDOUT;
6709 	}
6710 
6711 	ar->ab->free_vdev_map |= 1LL << (arvif->vdev_id);
6712 	ar->allocated_vdev_map &= ~(1LL << arvif->vdev_id);
6713 	ar->num_created_vdevs--;
6714 
6715 	ath11k_dbg(ar->ab, ATH11K_DBG_MAC, "vdev %pM deleted, vdev_id %d\n",
6716 		   vif->addr, arvif->vdev_id);
6717 
6718 	return ret;
6719 }
6720 
6721 static int ath11k_mac_op_add_interface(struct ieee80211_hw *hw,
6722 				       struct ieee80211_vif *vif)
6723 {
6724 	struct ath11k *ar = hw->priv;
6725 	struct ath11k_base *ab = ar->ab;
6726 	struct ath11k_vif *arvif = ath11k_vif_to_arvif(vif);
6727 	struct vdev_create_params vdev_param = {0};
6728 	struct peer_create_params peer_param;
6729 	u32 param_id, param_value;
6730 	u16 nss;
6731 	int i;
6732 	int ret, fbret;
6733 	int bit;
6734 
6735 	vif->driver_flags |= IEEE80211_VIF_SUPPORTS_UAPSD;
6736 
6737 	mutex_lock(&ar->conf_mutex);
6738 
6739 	if (vif->type == NL80211_IFTYPE_AP &&
6740 	    ar->num_peers > (ar->max_num_peers - 1)) {
6741 		ath11k_warn(ab, "failed to create vdev due to insufficient peer entry resource in firmware\n");
6742 		ret = -ENOBUFS;
6743 		goto err;
6744 	}
6745 
6746 	if (ar->num_created_vdevs > (TARGET_NUM_VDEVS(ab) - 1)) {
6747 		ath11k_warn(ab, "failed to create vdev %u, reached max vdev limit %d\n",
6748 			    ar->num_created_vdevs, TARGET_NUM_VDEVS(ab));
6749 		ret = -EBUSY;
6750 		goto err;
6751 	}
6752 
6753 	/* In the case of hardware recovery, debugfs files are
6754 	 * not deleted since ieee80211_ops.remove_interface() is
6755 	 * not invoked. In such cases, try to delete the files.
6756 	 * These will be re-created later.
6757 	 */
6758 	ath11k_debugfs_remove_interface(arvif);
6759 
6760 	memset(arvif, 0, sizeof(*arvif));
6761 
6762 	arvif->ar = ar;
6763 	arvif->vif = vif;
6764 
6765 	INIT_LIST_HEAD(&arvif->list);
6766 	INIT_DELAYED_WORK(&arvif->connection_loss_work,
6767 			  ath11k_mac_vif_sta_connection_loss_work);
6768 
6769 	for (i = 0; i < ARRAY_SIZE(arvif->bitrate_mask.control); i++) {
6770 		arvif->bitrate_mask.control[i].legacy = 0xffffffff;
6771 		arvif->bitrate_mask.control[i].gi = NL80211_TXRATE_FORCE_SGI;
6772 		memset(arvif->bitrate_mask.control[i].ht_mcs, 0xff,
6773 		       sizeof(arvif->bitrate_mask.control[i].ht_mcs));
6774 		memset(arvif->bitrate_mask.control[i].vht_mcs, 0xff,
6775 		       sizeof(arvif->bitrate_mask.control[i].vht_mcs));
6776 		memset(arvif->bitrate_mask.control[i].he_mcs, 0xff,
6777 		       sizeof(arvif->bitrate_mask.control[i].he_mcs));
6778 	}
6779 
6780 	bit = __ffs64(ab->free_vdev_map);
6781 
6782 	arvif->vdev_id = bit;
6783 	arvif->vdev_subtype = WMI_VDEV_SUBTYPE_NONE;
6784 
6785 	switch (vif->type) {
6786 	case NL80211_IFTYPE_UNSPECIFIED:
6787 	case NL80211_IFTYPE_STATION:
6788 		arvif->vdev_type = WMI_VDEV_TYPE_STA;
6789 		break;
6790 	case NL80211_IFTYPE_MESH_POINT:
6791 		arvif->vdev_subtype = WMI_VDEV_SUBTYPE_MESH_11S;
6792 		fallthrough;
6793 	case NL80211_IFTYPE_AP:
6794 		arvif->vdev_type = WMI_VDEV_TYPE_AP;
6795 		break;
6796 	case NL80211_IFTYPE_MONITOR:
6797 		arvif->vdev_type = WMI_VDEV_TYPE_MONITOR;
6798 		ar->monitor_vdev_id = bit;
6799 		break;
6800 	default:
6801 		WARN_ON(1);
6802 		break;
6803 	}
6804 
6805 	ath11k_dbg(ar->ab, ATH11K_DBG_MAC, "add interface id %d type %d subtype %d map %llx\n",
6806 		   arvif->vdev_id, arvif->vdev_type, arvif->vdev_subtype,
6807 		   ab->free_vdev_map);
6808 
6809 	vif->cab_queue = arvif->vdev_id % (ATH11K_HW_MAX_QUEUES - 1);
6810 	for (i = 0; i < ARRAY_SIZE(vif->hw_queue); i++)
6811 		vif->hw_queue[i] = i % (ATH11K_HW_MAX_QUEUES - 1);
6812 
6813 	ret = ath11k_mac_setup_vdev_create_params(arvif, &vdev_param);
6814 	if (ret) {
6815 		ath11k_warn(ab, "failed to create vdev parameters %d: %d\n",
6816 			    arvif->vdev_id, ret);
6817 		goto err;
6818 	}
6819 
6820 	ret = ath11k_wmi_vdev_create(ar, vif->addr, &vdev_param);
6821 	if (ret) {
6822 		ath11k_warn(ab, "failed to create WMI vdev %d: %d\n",
6823 			    arvif->vdev_id, ret);
6824 		goto err;
6825 	}
6826 
6827 	ar->num_created_vdevs++;
6828 	ath11k_dbg(ab, ATH11K_DBG_MAC, "vdev %pM created, vdev_id %d\n",
6829 		   vif->addr, arvif->vdev_id);
6830 	ar->allocated_vdev_map |= 1LL << arvif->vdev_id;
6831 	ab->free_vdev_map &= ~(1LL << arvif->vdev_id);
6832 
6833 	spin_lock_bh(&ar->data_lock);
6834 	list_add(&arvif->list, &ar->arvifs);
6835 	spin_unlock_bh(&ar->data_lock);
6836 
6837 	ath11k_mac_op_update_vif_offload(hw, vif);
6838 
6839 	nss = get_num_chains(ar->cfg_tx_chainmask) ? : 1;
6840 	ret = ath11k_wmi_vdev_set_param_cmd(ar, arvif->vdev_id,
6841 					    WMI_VDEV_PARAM_NSS, nss);
6842 	if (ret) {
6843 		ath11k_warn(ab, "failed to set vdev %d chainmask 0x%x, nss %d :%d\n",
6844 			    arvif->vdev_id, ar->cfg_tx_chainmask, nss, ret);
6845 		goto err_vdev_del;
6846 	}
6847 
6848 	switch (arvif->vdev_type) {
6849 	case WMI_VDEV_TYPE_AP:
6850 		peer_param.vdev_id = arvif->vdev_id;
6851 		peer_param.peer_addr = vif->addr;
6852 		peer_param.peer_type = WMI_PEER_TYPE_DEFAULT;
6853 		ret = ath11k_peer_create(ar, arvif, NULL, &peer_param);
6854 		if (ret) {
6855 			ath11k_warn(ab, "failed to vdev %d create peer for AP: %d\n",
6856 				    arvif->vdev_id, ret);
6857 			goto err_vdev_del;
6858 		}
6859 
6860 		ret = ath11k_mac_set_kickout(arvif);
6861 		if (ret) {
6862 			ath11k_warn(ar->ab, "failed to set vdev %i kickout parameters: %d\n",
6863 				    arvif->vdev_id, ret);
6864 			goto err_peer_del;
6865 		}
6866 
6867 		ath11k_mac_11d_scan_stop_all(ar->ab);
6868 		break;
6869 	case WMI_VDEV_TYPE_STA:
6870 		param_id = WMI_STA_PS_PARAM_RX_WAKE_POLICY;
6871 		param_value = WMI_STA_PS_RX_WAKE_POLICY_WAKE;
6872 		ret = ath11k_wmi_set_sta_ps_param(ar, arvif->vdev_id,
6873 						  param_id, param_value);
6874 		if (ret) {
6875 			ath11k_warn(ar->ab, "failed to set vdev %d RX wake policy: %d\n",
6876 				    arvif->vdev_id, ret);
6877 			goto err_peer_del;
6878 		}
6879 
6880 		param_id = WMI_STA_PS_PARAM_TX_WAKE_THRESHOLD;
6881 		param_value = WMI_STA_PS_TX_WAKE_THRESHOLD_ALWAYS;
6882 		ret = ath11k_wmi_set_sta_ps_param(ar, arvif->vdev_id,
6883 						  param_id, param_value);
6884 		if (ret) {
6885 			ath11k_warn(ar->ab, "failed to set vdev %d TX wake threshold: %d\n",
6886 				    arvif->vdev_id, ret);
6887 			goto err_peer_del;
6888 		}
6889 
6890 		param_id = WMI_STA_PS_PARAM_PSPOLL_COUNT;
6891 		param_value = WMI_STA_PS_PSPOLL_COUNT_NO_MAX;
6892 		ret = ath11k_wmi_set_sta_ps_param(ar, arvif->vdev_id,
6893 						  param_id, param_value);
6894 		if (ret) {
6895 			ath11k_warn(ar->ab, "failed to set vdev %d pspoll count: %d\n",
6896 				    arvif->vdev_id, ret);
6897 			goto err_peer_del;
6898 		}
6899 
6900 		ret = ath11k_wmi_pdev_set_ps_mode(ar, arvif->vdev_id,
6901 						  WMI_STA_PS_MODE_DISABLED);
6902 		if (ret) {
6903 			ath11k_warn(ar->ab, "failed to disable vdev %d ps mode: %d\n",
6904 				    arvif->vdev_id, ret);
6905 			goto err_peer_del;
6906 		}
6907 
6908 		if (test_bit(WMI_TLV_SERVICE_11D_OFFLOAD, ab->wmi_ab.svc_map)) {
6909 			reinit_completion(&ar->completed_11d_scan);
6910 			ar->state_11d = ATH11K_11D_PREPARING;
6911 		}
6912 		break;
6913 	case WMI_VDEV_TYPE_MONITOR:
6914 		set_bit(ATH11K_FLAG_MONITOR_VDEV_CREATED, &ar->monitor_flags);
6915 		break;
6916 	default:
6917 		break;
6918 	}
6919 
6920 	arvif->txpower = vif->bss_conf.txpower;
6921 	ret = ath11k_mac_txpower_recalc(ar);
6922 	if (ret)
6923 		goto err_peer_del;
6924 
6925 	param_id = WMI_VDEV_PARAM_RTS_THRESHOLD;
6926 	param_value = ar->hw->wiphy->rts_threshold;
6927 	ret = ath11k_wmi_vdev_set_param_cmd(ar, arvif->vdev_id,
6928 					    param_id, param_value);
6929 	if (ret) {
6930 		ath11k_warn(ar->ab, "failed to set rts threshold for vdev %d: %d\n",
6931 			    arvif->vdev_id, ret);
6932 	}
6933 
6934 	ath11k_dp_vdev_tx_attach(ar, arvif);
6935 
6936 	ath11k_debugfs_add_interface(arvif);
6937 
6938 	if (vif->type != NL80211_IFTYPE_MONITOR &&
6939 	    test_bit(ATH11K_FLAG_MONITOR_CONF_ENABLED, &ar->monitor_flags)) {
6940 		ret = ath11k_mac_monitor_vdev_create(ar);
6941 		if (ret)
6942 			ath11k_warn(ar->ab, "failed to create monitor vdev during add interface: %d",
6943 				    ret);
6944 	}
6945 
6946 	mutex_unlock(&ar->conf_mutex);
6947 
6948 	return 0;
6949 
6950 err_peer_del:
6951 	if (arvif->vdev_type == WMI_VDEV_TYPE_AP) {
6952 		fbret = ath11k_peer_delete(ar, arvif->vdev_id, vif->addr);
6953 		if (fbret) {
6954 			ath11k_warn(ar->ab, "fallback fail to delete peer addr %pM vdev_id %d ret %d\n",
6955 				    vif->addr, arvif->vdev_id, fbret);
6956 			goto err;
6957 		}
6958 	}
6959 
6960 err_vdev_del:
6961 	ath11k_mac_vdev_delete(ar, arvif);
6962 	spin_lock_bh(&ar->data_lock);
6963 	list_del(&arvif->list);
6964 	spin_unlock_bh(&ar->data_lock);
6965 
6966 err:
6967 	mutex_unlock(&ar->conf_mutex);
6968 
6969 	return ret;
6970 }
6971 
6972 static int ath11k_mac_vif_unref(int buf_id, void *skb, void *ctx)
6973 {
6974 	struct ieee80211_vif *vif = ctx;
6975 	struct ath11k_skb_cb *skb_cb = ATH11K_SKB_CB(skb);
6976 
6977 	if (skb_cb->vif == vif)
6978 		skb_cb->vif = NULL;
6979 
6980 	return 0;
6981 }
6982 
6983 static void ath11k_mac_op_remove_interface(struct ieee80211_hw *hw,
6984 					   struct ieee80211_vif *vif)
6985 {
6986 	struct ath11k *ar = hw->priv;
6987 	struct ath11k_vif *arvif = ath11k_vif_to_arvif(vif);
6988 	struct ath11k_base *ab = ar->ab;
6989 	int ret;
6990 	int i;
6991 
6992 	cancel_delayed_work_sync(&arvif->connection_loss_work);
6993 
6994 	mutex_lock(&ar->conf_mutex);
6995 
6996 	ath11k_dbg(ab, ATH11K_DBG_MAC, "remove interface (vdev %d)\n",
6997 		   arvif->vdev_id);
6998 
6999 	ret = ath11k_spectral_vif_stop(arvif);
7000 	if (ret)
7001 		ath11k_warn(ab, "failed to stop spectral for vdev %i: %d\n",
7002 			    arvif->vdev_id, ret);
7003 
7004 	if (arvif->vdev_type == WMI_VDEV_TYPE_STA)
7005 		ath11k_mac_11d_scan_stop(ar);
7006 
7007 	if (arvif->vdev_type == WMI_VDEV_TYPE_AP) {
7008 		ret = ath11k_peer_delete(ar, arvif->vdev_id, vif->addr);
7009 		if (ret)
7010 			ath11k_warn(ab, "failed to submit AP self-peer removal on vdev %d: %d\n",
7011 				    arvif->vdev_id, ret);
7012 	}
7013 
7014 	ret = ath11k_mac_vdev_delete(ar, arvif);
7015 	if (ret) {
7016 		ath11k_warn(ab, "failed to delete vdev %d: %d\n",
7017 			    arvif->vdev_id, ret);
7018 		goto err_vdev_del;
7019 	}
7020 
7021 	if (arvif->vdev_type == WMI_VDEV_TYPE_MONITOR) {
7022 		clear_bit(ATH11K_FLAG_MONITOR_VDEV_CREATED, &ar->monitor_flags);
7023 		ar->monitor_vdev_id = -1;
7024 	} else if (test_bit(ATH11K_FLAG_MONITOR_VDEV_CREATED, &ar->monitor_flags) &&
7025 		   !test_bit(ATH11K_FLAG_MONITOR_STARTED, &ar->monitor_flags)) {
7026 		ret = ath11k_mac_monitor_vdev_delete(ar);
7027 		if (ret)
7028 			/* continue even if there's an error */
7029 			ath11k_warn(ar->ab, "failed to delete vdev monitor during remove interface: %d",
7030 				    ret);
7031 	}
7032 
7033 err_vdev_del:
7034 	spin_lock_bh(&ar->data_lock);
7035 	list_del(&arvif->list);
7036 	spin_unlock_bh(&ar->data_lock);
7037 
7038 	ath11k_peer_cleanup(ar, arvif->vdev_id);
7039 
7040 	idr_for_each(&ar->txmgmt_idr,
7041 		     ath11k_mac_vif_txmgmt_idr_remove, vif);
7042 
7043 	for (i = 0; i < ab->hw_params.max_tx_ring; i++) {
7044 		spin_lock_bh(&ab->dp.tx_ring[i].tx_idr_lock);
7045 		idr_for_each(&ab->dp.tx_ring[i].txbuf_idr,
7046 			     ath11k_mac_vif_unref, vif);
7047 		spin_unlock_bh(&ab->dp.tx_ring[i].tx_idr_lock);
7048 	}
7049 
7050 	/* Recalc txpower for remaining vdev */
7051 	ath11k_mac_txpower_recalc(ar);
7052 
7053 	ath11k_debugfs_remove_interface(arvif);
7054 
7055 	/* TODO: recal traffic pause state based on the available vdevs */
7056 
7057 	mutex_unlock(&ar->conf_mutex);
7058 }
7059 
7060 /* FIXME: Has to be verified. */
7061 #define SUPPORTED_FILTERS			\
7062 	(FIF_ALLMULTI |				\
7063 	FIF_CONTROL |				\
7064 	FIF_PSPOLL |				\
7065 	FIF_OTHER_BSS |				\
7066 	FIF_BCN_PRBRESP_PROMISC |		\
7067 	FIF_PROBE_REQ |				\
7068 	FIF_FCSFAIL)
7069 
7070 static void ath11k_mac_op_configure_filter(struct ieee80211_hw *hw,
7071 					   unsigned int changed_flags,
7072 					   unsigned int *total_flags,
7073 					   u64 multicast)
7074 {
7075 	struct ath11k *ar = hw->priv;
7076 
7077 	mutex_lock(&ar->conf_mutex);
7078 
7079 	*total_flags &= SUPPORTED_FILTERS;
7080 	ar->filter_flags = *total_flags;
7081 
7082 	mutex_unlock(&ar->conf_mutex);
7083 }
7084 
7085 static int ath11k_mac_op_get_antenna(struct ieee80211_hw *hw, u32 *tx_ant, u32 *rx_ant)
7086 {
7087 	struct ath11k *ar = hw->priv;
7088 
7089 	mutex_lock(&ar->conf_mutex);
7090 
7091 	*tx_ant = ar->cfg_tx_chainmask;
7092 	*rx_ant = ar->cfg_rx_chainmask;
7093 
7094 	mutex_unlock(&ar->conf_mutex);
7095 
7096 	return 0;
7097 }
7098 
7099 static int ath11k_mac_op_set_antenna(struct ieee80211_hw *hw, u32 tx_ant, u32 rx_ant)
7100 {
7101 	struct ath11k *ar = hw->priv;
7102 	int ret;
7103 
7104 	mutex_lock(&ar->conf_mutex);
7105 	ret = __ath11k_set_antenna(ar, tx_ant, rx_ant);
7106 	mutex_unlock(&ar->conf_mutex);
7107 
7108 	return ret;
7109 }
7110 
7111 static int ath11k_mac_op_ampdu_action(struct ieee80211_hw *hw,
7112 				      struct ieee80211_vif *vif,
7113 				      struct ieee80211_ampdu_params *params)
7114 {
7115 	struct ath11k *ar = hw->priv;
7116 	int ret = -EINVAL;
7117 
7118 	mutex_lock(&ar->conf_mutex);
7119 
7120 	switch (params->action) {
7121 	case IEEE80211_AMPDU_RX_START:
7122 		ret = ath11k_dp_rx_ampdu_start(ar, params);
7123 		break;
7124 	case IEEE80211_AMPDU_RX_STOP:
7125 		ret = ath11k_dp_rx_ampdu_stop(ar, params);
7126 		break;
7127 	case IEEE80211_AMPDU_TX_START:
7128 	case IEEE80211_AMPDU_TX_STOP_CONT:
7129 	case IEEE80211_AMPDU_TX_STOP_FLUSH:
7130 	case IEEE80211_AMPDU_TX_STOP_FLUSH_CONT:
7131 	case IEEE80211_AMPDU_TX_OPERATIONAL:
7132 		/* Tx A-MPDU aggregation offloaded to hw/fw so deny mac80211
7133 		 * Tx aggregation requests.
7134 		 */
7135 		ret = -EOPNOTSUPP;
7136 		break;
7137 	}
7138 
7139 	mutex_unlock(&ar->conf_mutex);
7140 
7141 	return ret;
7142 }
7143 
7144 static int ath11k_mac_op_add_chanctx(struct ieee80211_hw *hw,
7145 				     struct ieee80211_chanctx_conf *ctx)
7146 {
7147 	struct ath11k *ar = hw->priv;
7148 	struct ath11k_base *ab = ar->ab;
7149 
7150 	ath11k_dbg(ab, ATH11K_DBG_MAC,
7151 		   "chanctx add freq %u width %d ptr %p\n",
7152 		   ctx->def.chan->center_freq, ctx->def.width, ctx);
7153 
7154 	mutex_lock(&ar->conf_mutex);
7155 
7156 	spin_lock_bh(&ar->data_lock);
7157 	/* TODO: In case of multiple channel context, populate rx_channel from
7158 	 * Rx PPDU desc information.
7159 	 */
7160 	ar->rx_channel = ctx->def.chan;
7161 	spin_unlock_bh(&ar->data_lock);
7162 
7163 	mutex_unlock(&ar->conf_mutex);
7164 
7165 	return 0;
7166 }
7167 
7168 static void ath11k_mac_op_remove_chanctx(struct ieee80211_hw *hw,
7169 					 struct ieee80211_chanctx_conf *ctx)
7170 {
7171 	struct ath11k *ar = hw->priv;
7172 	struct ath11k_base *ab = ar->ab;
7173 
7174 	ath11k_dbg(ab, ATH11K_DBG_MAC,
7175 		   "chanctx remove freq %u width %d ptr %p\n",
7176 		   ctx->def.chan->center_freq, ctx->def.width, ctx);
7177 
7178 	mutex_lock(&ar->conf_mutex);
7179 
7180 	spin_lock_bh(&ar->data_lock);
7181 	/* TODO: In case of there is one more channel context left, populate
7182 	 * rx_channel with the channel of that remaining channel context.
7183 	 */
7184 	ar->rx_channel = NULL;
7185 	spin_unlock_bh(&ar->data_lock);
7186 
7187 	mutex_unlock(&ar->conf_mutex);
7188 }
7189 
7190 static int
7191 ath11k_mac_vdev_start_restart(struct ath11k_vif *arvif,
7192 			      struct ieee80211_chanctx_conf *ctx,
7193 			      bool restart)
7194 {
7195 	struct ath11k *ar = arvif->ar;
7196 	struct ath11k_base *ab = ar->ab;
7197 	struct wmi_vdev_start_req_arg arg = {};
7198 	const struct cfg80211_chan_def *chandef = &ctx->def;
7199 	int ret = 0;
7200 	unsigned int dfs_cac_time;
7201 
7202 	lockdep_assert_held(&ar->conf_mutex);
7203 
7204 	reinit_completion(&ar->vdev_setup_done);
7205 
7206 	arg.vdev_id = arvif->vdev_id;
7207 	arg.dtim_period = arvif->dtim_period;
7208 	arg.bcn_intval = arvif->beacon_interval;
7209 
7210 	arg.channel.freq = chandef->chan->center_freq;
7211 	arg.channel.band_center_freq1 = chandef->center_freq1;
7212 	arg.channel.band_center_freq2 = chandef->center_freq2;
7213 	arg.channel.mode =
7214 		ath11k_phymodes[chandef->chan->band][chandef->width];
7215 
7216 	arg.channel.min_power = 0;
7217 	arg.channel.max_power = chandef->chan->max_power;
7218 	arg.channel.max_reg_power = chandef->chan->max_reg_power;
7219 	arg.channel.max_antenna_gain = chandef->chan->max_antenna_gain;
7220 
7221 	arg.pref_tx_streams = ar->num_tx_chains;
7222 	arg.pref_rx_streams = ar->num_rx_chains;
7223 
7224 	arg.mbssid_flags = 0;
7225 	arg.mbssid_tx_vdev_id = 0;
7226 	if (test_bit(WMI_TLV_SERVICE_MBSS_PARAM_IN_VDEV_START_SUPPORT,
7227 		     ar->ab->wmi_ab.svc_map)) {
7228 		ret = ath11k_mac_setup_vdev_params_mbssid(arvif,
7229 							  &arg.mbssid_flags,
7230 							  &arg.mbssid_tx_vdev_id);
7231 		if (ret)
7232 			return ret;
7233 	}
7234 
7235 	if (arvif->vdev_type == WMI_VDEV_TYPE_AP) {
7236 		arg.ssid = arvif->u.ap.ssid;
7237 		arg.ssid_len = arvif->u.ap.ssid_len;
7238 		arg.hidden_ssid = arvif->u.ap.hidden_ssid;
7239 
7240 		/* For now allow DFS for AP mode */
7241 		arg.channel.chan_radar =
7242 			!!(chandef->chan->flags & IEEE80211_CHAN_RADAR);
7243 
7244 		arg.channel.freq2_radar = ctx->radar_enabled;
7245 
7246 		arg.channel.passive = arg.channel.chan_radar;
7247 
7248 		spin_lock_bh(&ab->base_lock);
7249 		arg.regdomain = ar->ab->dfs_region;
7250 		spin_unlock_bh(&ab->base_lock);
7251 	}
7252 
7253 	arg.channel.passive |= !!(chandef->chan->flags & IEEE80211_CHAN_NO_IR);
7254 
7255 	ath11k_dbg(ab, ATH11K_DBG_MAC,
7256 		   "vdev %d start center_freq %d phymode %s\n",
7257 		   arg.vdev_id, arg.channel.freq,
7258 		   ath11k_wmi_phymode_str(arg.channel.mode));
7259 
7260 	ret = ath11k_wmi_vdev_start(ar, &arg, restart);
7261 	if (ret) {
7262 		ath11k_warn(ar->ab, "failed to %s WMI vdev %i\n",
7263 			    restart ? "restart" : "start", arg.vdev_id);
7264 		return ret;
7265 	}
7266 
7267 	ret = ath11k_mac_vdev_setup_sync(ar);
7268 	if (ret) {
7269 		ath11k_warn(ab, "failed to synchronize setup for vdev %i %s: %d\n",
7270 			    arg.vdev_id, restart ? "restart" : "start", ret);
7271 		return ret;
7272 	}
7273 
7274 	if (!restart)
7275 		ar->num_started_vdevs++;
7276 
7277 	ath11k_dbg(ab, ATH11K_DBG_MAC,  "vdev %pM started, vdev_id %d\n",
7278 		   arvif->vif->addr, arvif->vdev_id);
7279 
7280 	/* Enable CAC Flag in the driver by checking the all sub-channel's DFS
7281 	 * state as NL80211_DFS_USABLE which indicates CAC needs to be
7282 	 * done before channel usage. This flags is used to drop rx packets.
7283 	 * during CAC.
7284 	 */
7285 	/* TODO Set the flag for other interface types as required */
7286 	if (arvif->vdev_type == WMI_VDEV_TYPE_AP && ctx->radar_enabled &&
7287 	    cfg80211_chandef_dfs_usable(ar->hw->wiphy, chandef)) {
7288 		set_bit(ATH11K_CAC_RUNNING, &ar->dev_flags);
7289 		dfs_cac_time = cfg80211_chandef_dfs_cac_time(ar->hw->wiphy,
7290 							     chandef);
7291 		ath11k_dbg(ab, ATH11K_DBG_MAC,
7292 			   "cac started dfs_cac_time %u center_freq %d center_freq1 %d for vdev %d\n",
7293 			   dfs_cac_time, arg.channel.freq, chandef->center_freq1,
7294 			   arg.vdev_id);
7295 	}
7296 
7297 	ret = ath11k_mac_set_txbf_conf(arvif);
7298 	if (ret)
7299 		ath11k_warn(ab, "failed to set txbf conf for vdev %d: %d\n",
7300 			    arvif->vdev_id, ret);
7301 
7302 	return 0;
7303 }
7304 
7305 static int ath11k_mac_vdev_stop(struct ath11k_vif *arvif)
7306 {
7307 	struct ath11k *ar = arvif->ar;
7308 	int ret;
7309 
7310 	lockdep_assert_held(&ar->conf_mutex);
7311 
7312 	reinit_completion(&ar->vdev_setup_done);
7313 
7314 	ret = ath11k_wmi_vdev_stop(ar, arvif->vdev_id);
7315 	if (ret) {
7316 		ath11k_warn(ar->ab, "failed to stop WMI vdev %i: %d\n",
7317 			    arvif->vdev_id, ret);
7318 		goto err;
7319 	}
7320 
7321 	ret = ath11k_mac_vdev_setup_sync(ar);
7322 	if (ret) {
7323 		ath11k_warn(ar->ab, "failed to synchronize setup for vdev %i: %d\n",
7324 			    arvif->vdev_id, ret);
7325 		goto err;
7326 	}
7327 
7328 	WARN_ON(ar->num_started_vdevs == 0);
7329 
7330 	ar->num_started_vdevs--;
7331 	ath11k_dbg(ar->ab, ATH11K_DBG_MAC, "vdev %pM stopped, vdev_id %d\n",
7332 		   arvif->vif->addr, arvif->vdev_id);
7333 
7334 	if (test_bit(ATH11K_CAC_RUNNING, &ar->dev_flags)) {
7335 		clear_bit(ATH11K_CAC_RUNNING, &ar->dev_flags);
7336 		ath11k_dbg(ar->ab, ATH11K_DBG_MAC, "CAC Stopped for vdev %d\n",
7337 			   arvif->vdev_id);
7338 	}
7339 
7340 	return 0;
7341 err:
7342 	return ret;
7343 }
7344 
7345 static int ath11k_mac_vdev_start(struct ath11k_vif *arvif,
7346 				 struct ieee80211_chanctx_conf *ctx)
7347 {
7348 	return ath11k_mac_vdev_start_restart(arvif, ctx, false);
7349 }
7350 
7351 static int ath11k_mac_vdev_restart(struct ath11k_vif *arvif,
7352 				   struct ieee80211_chanctx_conf *ctx)
7353 {
7354 	return ath11k_mac_vdev_start_restart(arvif, ctx, true);
7355 }
7356 
7357 struct ath11k_mac_change_chanctx_arg {
7358 	struct ieee80211_chanctx_conf *ctx;
7359 	struct ieee80211_vif_chanctx_switch *vifs;
7360 	int n_vifs;
7361 	int next_vif;
7362 };
7363 
7364 static void
7365 ath11k_mac_change_chanctx_cnt_iter(void *data, u8 *mac,
7366 				   struct ieee80211_vif *vif)
7367 {
7368 	struct ath11k_mac_change_chanctx_arg *arg = data;
7369 
7370 	if (rcu_access_pointer(vif->bss_conf.chanctx_conf) != arg->ctx)
7371 		return;
7372 
7373 	arg->n_vifs++;
7374 }
7375 
7376 static void
7377 ath11k_mac_change_chanctx_fill_iter(void *data, u8 *mac,
7378 				    struct ieee80211_vif *vif)
7379 {
7380 	struct ath11k_mac_change_chanctx_arg *arg = data;
7381 	struct ieee80211_chanctx_conf *ctx;
7382 
7383 	ctx = rcu_access_pointer(vif->bss_conf.chanctx_conf);
7384 	if (ctx != arg->ctx)
7385 		return;
7386 
7387 	if (WARN_ON(arg->next_vif == arg->n_vifs))
7388 		return;
7389 
7390 	arg->vifs[arg->next_vif].vif = vif;
7391 	arg->vifs[arg->next_vif].old_ctx = ctx;
7392 	arg->vifs[arg->next_vif].new_ctx = ctx;
7393 	arg->next_vif++;
7394 }
7395 
7396 static void
7397 ath11k_mac_update_vif_chan(struct ath11k *ar,
7398 			   struct ieee80211_vif_chanctx_switch *vifs,
7399 			   int n_vifs)
7400 {
7401 	struct ath11k_base *ab = ar->ab;
7402 	struct ath11k_vif *arvif, *tx_arvif = NULL;
7403 	struct ieee80211_vif *mbssid_tx_vif;
7404 	int ret;
7405 	int i;
7406 	bool monitor_vif = false;
7407 
7408 	lockdep_assert_held(&ar->conf_mutex);
7409 
7410 	/* Associated channel resources of all relevant vdevs
7411 	 * should be available for the channel switch now.
7412 	 */
7413 
7414 	/* TODO: Update ar->rx_channel */
7415 
7416 	for (i = 0; i < n_vifs; i++) {
7417 		arvif = ath11k_vif_to_arvif(vifs[i].vif);
7418 
7419 		if (WARN_ON(!arvif->is_started))
7420 			continue;
7421 
7422 		/* change_chanctx can be called even before vdev_up from
7423 		 * ieee80211_start_ap->ieee80211_vif_use_channel->
7424 		 * ieee80211_recalc_radar_chanctx.
7425 		 *
7426 		 * Firmware expect vdev_restart only if vdev is up.
7427 		 * If vdev is down then it expect vdev_stop->vdev_start.
7428 		 */
7429 		if (arvif->is_up) {
7430 			ret = ath11k_mac_vdev_restart(arvif, vifs[i].new_ctx);
7431 			if (ret) {
7432 				ath11k_warn(ab, "failed to restart vdev %d: %d\n",
7433 					    arvif->vdev_id, ret);
7434 				continue;
7435 			}
7436 		} else {
7437 			ret = ath11k_mac_vdev_stop(arvif);
7438 			if (ret) {
7439 				ath11k_warn(ab, "failed to stop vdev %d: %d\n",
7440 					    arvif->vdev_id, ret);
7441 				continue;
7442 			}
7443 
7444 			ret = ath11k_mac_vdev_start(arvif, vifs[i].new_ctx);
7445 			if (ret)
7446 				ath11k_warn(ab, "failed to start vdev %d: %d\n",
7447 					    arvif->vdev_id, ret);
7448 
7449 			continue;
7450 		}
7451 
7452 		ret = ath11k_mac_setup_bcn_tmpl(arvif);
7453 		if (ret)
7454 			ath11k_warn(ab, "failed to update bcn tmpl during csa: %d\n",
7455 				    ret);
7456 
7457 		mbssid_tx_vif = arvif->vif->mbssid_tx_vif;
7458 		if (mbssid_tx_vif)
7459 			tx_arvif = ath11k_vif_to_arvif(mbssid_tx_vif);
7460 
7461 		ret = ath11k_wmi_vdev_up(arvif->ar, arvif->vdev_id, arvif->aid,
7462 					 arvif->bssid,
7463 					 tx_arvif ? tx_arvif->bssid : NULL,
7464 					 arvif->vif->bss_conf.bssid_index,
7465 					 1 << arvif->vif->bss_conf.bssid_indicator);
7466 		if (ret) {
7467 			ath11k_warn(ab, "failed to bring vdev up %d: %d\n",
7468 				    arvif->vdev_id, ret);
7469 			continue;
7470 		}
7471 	}
7472 
7473 	/* Restart the internal monitor vdev on new channel */
7474 	if (!monitor_vif &&
7475 	    test_bit(ATH11K_FLAG_MONITOR_VDEV_CREATED, &ar->monitor_flags)) {
7476 		ret = ath11k_mac_monitor_stop(ar);
7477 		if (ret) {
7478 			ath11k_warn(ar->ab, "failed to stop monitor during vif channel update: %d",
7479 				    ret);
7480 			return;
7481 		}
7482 
7483 		ret = ath11k_mac_monitor_start(ar);
7484 		if (ret) {
7485 			ath11k_warn(ar->ab, "failed to start monitor during vif channel update: %d",
7486 				    ret);
7487 			return;
7488 		}
7489 	}
7490 }
7491 
7492 static void
7493 ath11k_mac_update_active_vif_chan(struct ath11k *ar,
7494 				  struct ieee80211_chanctx_conf *ctx)
7495 {
7496 	struct ath11k_mac_change_chanctx_arg arg = { .ctx = ctx };
7497 
7498 	lockdep_assert_held(&ar->conf_mutex);
7499 
7500 	ieee80211_iterate_active_interfaces_atomic(ar->hw,
7501 						   IEEE80211_IFACE_ITER_NORMAL,
7502 						   ath11k_mac_change_chanctx_cnt_iter,
7503 						   &arg);
7504 	if (arg.n_vifs == 0)
7505 		return;
7506 
7507 	arg.vifs = kcalloc(arg.n_vifs, sizeof(arg.vifs[0]), GFP_KERNEL);
7508 	if (!arg.vifs)
7509 		return;
7510 
7511 	ieee80211_iterate_active_interfaces_atomic(ar->hw,
7512 						   IEEE80211_IFACE_ITER_NORMAL,
7513 						   ath11k_mac_change_chanctx_fill_iter,
7514 						   &arg);
7515 
7516 	ath11k_mac_update_vif_chan(ar, arg.vifs, arg.n_vifs);
7517 
7518 	kfree(arg.vifs);
7519 }
7520 
7521 static void ath11k_mac_op_change_chanctx(struct ieee80211_hw *hw,
7522 					 struct ieee80211_chanctx_conf *ctx,
7523 					 u32 changed)
7524 {
7525 	struct ath11k *ar = hw->priv;
7526 	struct ath11k_base *ab = ar->ab;
7527 
7528 	mutex_lock(&ar->conf_mutex);
7529 
7530 	ath11k_dbg(ab, ATH11K_DBG_MAC,
7531 		   "chanctx change freq %u width %d ptr %p changed %x\n",
7532 		   ctx->def.chan->center_freq, ctx->def.width, ctx, changed);
7533 
7534 	/* This shouldn't really happen because channel switching should use
7535 	 * switch_vif_chanctx().
7536 	 */
7537 	if (WARN_ON(changed & IEEE80211_CHANCTX_CHANGE_CHANNEL))
7538 		goto unlock;
7539 
7540 	if (changed & IEEE80211_CHANCTX_CHANGE_WIDTH ||
7541 	    changed & IEEE80211_CHANCTX_CHANGE_RADAR)
7542 		ath11k_mac_update_active_vif_chan(ar, ctx);
7543 
7544 	/* TODO: Recalc radar detection */
7545 
7546 unlock:
7547 	mutex_unlock(&ar->conf_mutex);
7548 }
7549 
7550 static int ath11k_start_vdev_delay(struct ieee80211_hw *hw,
7551 				   struct ieee80211_vif *vif)
7552 {
7553 	struct ath11k *ar = hw->priv;
7554 	struct ath11k_base *ab = ar->ab;
7555 	struct ath11k_vif *arvif = ath11k_vif_to_arvif(vif);
7556 	int ret;
7557 
7558 	if (WARN_ON(arvif->is_started))
7559 		return -EBUSY;
7560 
7561 	ret = ath11k_mac_vdev_start(arvif, &arvif->chanctx);
7562 	if (ret) {
7563 		ath11k_warn(ab, "failed to start vdev %i addr %pM on freq %d: %d\n",
7564 			    arvif->vdev_id, vif->addr,
7565 			    arvif->chanctx.def.chan->center_freq, ret);
7566 		return ret;
7567 	}
7568 
7569 	/* Reconfigure hardware rate code since it is cleared by firmware.
7570 	 */
7571 	if (ar->hw_rate_code > 0) {
7572 		u32 vdev_param = WMI_VDEV_PARAM_MGMT_RATE;
7573 
7574 		ret = ath11k_wmi_vdev_set_param_cmd(ar, arvif->vdev_id, vdev_param,
7575 						    ar->hw_rate_code);
7576 		if (ret) {
7577 			ath11k_warn(ar->ab, "failed to set mgmt tx rate %d\n", ret);
7578 			return ret;
7579 		}
7580 	}
7581 
7582 	if (arvif->vdev_type == WMI_VDEV_TYPE_MONITOR) {
7583 		ret = ath11k_wmi_vdev_up(ar, arvif->vdev_id, 0, ar->mac_addr,
7584 					 NULL, 0, 0);
7585 		if (ret) {
7586 			ath11k_warn(ab, "failed put monitor up: %d\n", ret);
7587 			return ret;
7588 		}
7589 	}
7590 
7591 	arvif->is_started = true;
7592 
7593 	/* TODO: Setup ps and cts/rts protection */
7594 	return 0;
7595 }
7596 
7597 static int
7598 ath11k_mac_op_assign_vif_chanctx(struct ieee80211_hw *hw,
7599 				 struct ieee80211_vif *vif,
7600 				 struct ieee80211_bss_conf *link_conf,
7601 				 struct ieee80211_chanctx_conf *ctx)
7602 {
7603 	struct ath11k *ar = hw->priv;
7604 	struct ath11k_base *ab = ar->ab;
7605 	struct ath11k_vif *arvif = ath11k_vif_to_arvif(vif);
7606 	int ret;
7607 	struct peer_create_params param;
7608 
7609 	mutex_lock(&ar->conf_mutex);
7610 
7611 	ath11k_dbg(ab, ATH11K_DBG_MAC,
7612 		   "chanctx assign ptr %p vdev_id %i\n",
7613 		   ctx, arvif->vdev_id);
7614 
7615 	/* for QCA6390 bss peer must be created before vdev_start */
7616 	if (ab->hw_params.vdev_start_delay &&
7617 	    arvif->vdev_type != WMI_VDEV_TYPE_AP &&
7618 	    arvif->vdev_type != WMI_VDEV_TYPE_MONITOR &&
7619 	    !ath11k_peer_find_by_vdev_id(ab, arvif->vdev_id)) {
7620 		memcpy(&arvif->chanctx, ctx, sizeof(*ctx));
7621 		ret = 0;
7622 		goto out;
7623 	}
7624 
7625 	if (WARN_ON(arvif->is_started)) {
7626 		ret = -EBUSY;
7627 		goto out;
7628 	}
7629 
7630 	if (ab->hw_params.vdev_start_delay &&
7631 	    arvif->vdev_type != WMI_VDEV_TYPE_AP &&
7632 	    arvif->vdev_type != WMI_VDEV_TYPE_MONITOR) {
7633 		param.vdev_id = arvif->vdev_id;
7634 		param.peer_type = WMI_PEER_TYPE_DEFAULT;
7635 		param.peer_addr = ar->mac_addr;
7636 
7637 		ret = ath11k_peer_create(ar, arvif, NULL, &param);
7638 		if (ret) {
7639 			ath11k_warn(ab, "failed to create peer after vdev start delay: %d",
7640 				    ret);
7641 			goto out;
7642 		}
7643 	}
7644 
7645 	if (arvif->vdev_type == WMI_VDEV_TYPE_MONITOR) {
7646 		ret = ath11k_mac_monitor_start(ar);
7647 		if (ret) {
7648 			ath11k_warn(ar->ab, "failed to start monitor during vif channel context assignment: %d",
7649 				    ret);
7650 			goto out;
7651 		}
7652 
7653 		arvif->is_started = true;
7654 		goto out;
7655 	}
7656 
7657 	ret = ath11k_mac_vdev_start(arvif, ctx);
7658 	if (ret) {
7659 		ath11k_warn(ab, "failed to start vdev %i addr %pM on freq %d: %d\n",
7660 			    arvif->vdev_id, vif->addr,
7661 			    ctx->def.chan->center_freq, ret);
7662 		goto out;
7663 	}
7664 
7665 	arvif->is_started = true;
7666 
7667 	if (arvif->vdev_type != WMI_VDEV_TYPE_MONITOR &&
7668 	    test_bit(ATH11K_FLAG_MONITOR_VDEV_CREATED, &ar->monitor_flags)) {
7669 		ret = ath11k_mac_monitor_start(ar);
7670 		if (ret) {
7671 			ath11k_warn(ar->ab, "failed to start monitor during vif channel context assignment: %d",
7672 				    ret);
7673 			goto out;
7674 		}
7675 	}
7676 
7677 	/* TODO: Setup ps and cts/rts protection */
7678 
7679 	ret = 0;
7680 
7681 out:
7682 	mutex_unlock(&ar->conf_mutex);
7683 
7684 	return ret;
7685 }
7686 
7687 static void
7688 ath11k_mac_op_unassign_vif_chanctx(struct ieee80211_hw *hw,
7689 				   struct ieee80211_vif *vif,
7690 				   struct ieee80211_bss_conf *link_conf,
7691 				   struct ieee80211_chanctx_conf *ctx)
7692 {
7693 	struct ath11k *ar = hw->priv;
7694 	struct ath11k_base *ab = ar->ab;
7695 	struct ath11k_vif *arvif = ath11k_vif_to_arvif(vif);
7696 	struct ath11k_peer *peer;
7697 	int ret;
7698 
7699 	mutex_lock(&ar->conf_mutex);
7700 
7701 	ath11k_dbg(ab, ATH11K_DBG_MAC,
7702 		   "chanctx unassign ptr %p vdev_id %i\n",
7703 		   ctx, arvif->vdev_id);
7704 
7705 	WARN_ON(!arvif->is_started);
7706 
7707 	if (ab->hw_params.vdev_start_delay &&
7708 	    arvif->vdev_type == WMI_VDEV_TYPE_MONITOR) {
7709 		spin_lock_bh(&ab->base_lock);
7710 		peer = ath11k_peer_find_by_addr(ab, ar->mac_addr);
7711 		spin_unlock_bh(&ab->base_lock);
7712 		if (peer)
7713 			ath11k_peer_delete(ar, arvif->vdev_id, ar->mac_addr);
7714 	}
7715 
7716 	if (arvif->vdev_type == WMI_VDEV_TYPE_MONITOR) {
7717 		ret = ath11k_mac_monitor_stop(ar);
7718 		if (ret) {
7719 			ath11k_warn(ar->ab, "failed to stop monitor during vif channel context unassignment: %d",
7720 				    ret);
7721 			mutex_unlock(&ar->conf_mutex);
7722 			return;
7723 		}
7724 
7725 		arvif->is_started = false;
7726 		mutex_unlock(&ar->conf_mutex);
7727 		return;
7728 	}
7729 
7730 	ret = ath11k_mac_vdev_stop(arvif);
7731 	if (ret)
7732 		ath11k_warn(ab, "failed to stop vdev %i: %d\n",
7733 			    arvif->vdev_id, ret);
7734 
7735 	arvif->is_started = false;
7736 
7737 	if (ab->hw_params.vdev_start_delay &&
7738 	    arvif->vdev_type == WMI_VDEV_TYPE_STA) {
7739 		ret = ath11k_peer_delete(ar, arvif->vdev_id, arvif->bssid);
7740 		if (ret)
7741 			ath11k_warn(ar->ab,
7742 				    "failed to delete peer %pM for vdev %d: %d\n",
7743 				    arvif->bssid, arvif->vdev_id, ret);
7744 		else
7745 			ath11k_dbg(ar->ab, ATH11K_DBG_MAC,
7746 				   "removed peer %pM  vdev %d after vdev stop\n",
7747 				   arvif->bssid, arvif->vdev_id);
7748 	}
7749 
7750 	if (ab->hw_params.vdev_start_delay &&
7751 	    arvif->vdev_type == WMI_VDEV_TYPE_MONITOR)
7752 		ath11k_wmi_vdev_down(ar, arvif->vdev_id);
7753 
7754 	if (arvif->vdev_type != WMI_VDEV_TYPE_MONITOR &&
7755 	    ar->num_started_vdevs == 1 &&
7756 	    test_bit(ATH11K_FLAG_MONITOR_VDEV_CREATED, &ar->monitor_flags)) {
7757 		ret = ath11k_mac_monitor_stop(ar);
7758 		if (ret)
7759 			/* continue even if there's an error */
7760 			ath11k_warn(ar->ab, "failed to stop monitor during vif channel context unassignment: %d",
7761 				    ret);
7762 	}
7763 
7764 	if (arvif->vdev_type == WMI_VDEV_TYPE_STA)
7765 		ath11k_mac_11d_scan_start(ar, arvif->vdev_id);
7766 
7767 	mutex_unlock(&ar->conf_mutex);
7768 }
7769 
7770 static int
7771 ath11k_mac_op_switch_vif_chanctx(struct ieee80211_hw *hw,
7772 				 struct ieee80211_vif_chanctx_switch *vifs,
7773 				 int n_vifs,
7774 				 enum ieee80211_chanctx_switch_mode mode)
7775 {
7776 	struct ath11k *ar = hw->priv;
7777 
7778 	mutex_lock(&ar->conf_mutex);
7779 
7780 	ath11k_dbg(ar->ab, ATH11K_DBG_MAC,
7781 		   "chanctx switch n_vifs %d mode %d\n",
7782 		   n_vifs, mode);
7783 	ath11k_mac_update_vif_chan(ar, vifs, n_vifs);
7784 
7785 	mutex_unlock(&ar->conf_mutex);
7786 
7787 	return 0;
7788 }
7789 
7790 static int
7791 ath11k_set_vdev_param_to_all_vifs(struct ath11k *ar, int param, u32 value)
7792 {
7793 	struct ath11k_vif *arvif;
7794 	int ret = 0;
7795 
7796 	mutex_lock(&ar->conf_mutex);
7797 	list_for_each_entry(arvif, &ar->arvifs, list) {
7798 		ath11k_dbg(ar->ab, ATH11K_DBG_MAC, "setting mac vdev %d param %d value %d\n",
7799 			   param, arvif->vdev_id, value);
7800 
7801 		ret = ath11k_wmi_vdev_set_param_cmd(ar, arvif->vdev_id,
7802 						    param, value);
7803 		if (ret) {
7804 			ath11k_warn(ar->ab, "failed to set param %d for vdev %d: %d\n",
7805 				    param, arvif->vdev_id, ret);
7806 			break;
7807 		}
7808 	}
7809 	mutex_unlock(&ar->conf_mutex);
7810 	return ret;
7811 }
7812 
7813 /* mac80211 stores device specific RTS/Fragmentation threshold value,
7814  * this is set interface specific to firmware from ath11k driver
7815  */
7816 static int ath11k_mac_op_set_rts_threshold(struct ieee80211_hw *hw, u32 value)
7817 {
7818 	struct ath11k *ar = hw->priv;
7819 	int param_id = WMI_VDEV_PARAM_RTS_THRESHOLD;
7820 
7821 	return ath11k_set_vdev_param_to_all_vifs(ar, param_id, value);
7822 }
7823 
7824 static int ath11k_mac_op_set_frag_threshold(struct ieee80211_hw *hw, u32 value)
7825 {
7826 	/* Even though there's a WMI vdev param for fragmentation threshold no
7827 	 * known firmware actually implements it. Moreover it is not possible to
7828 	 * rely frame fragmentation to mac80211 because firmware clears the
7829 	 * "more fragments" bit in frame control making it impossible for remote
7830 	 * devices to reassemble frames.
7831 	 *
7832 	 * Hence implement a dummy callback just to say fragmentation isn't
7833 	 * supported. This effectively prevents mac80211 from doing frame
7834 	 * fragmentation in software.
7835 	 */
7836 	return -EOPNOTSUPP;
7837 }
7838 
7839 static int ath11k_mac_flush_tx_complete(struct ath11k *ar)
7840 {
7841 	long time_left;
7842 	int ret = 0;
7843 
7844 	time_left = wait_event_timeout(ar->dp.tx_empty_waitq,
7845 				       (atomic_read(&ar->dp.num_tx_pending) == 0),
7846 				       ATH11K_FLUSH_TIMEOUT);
7847 	if (time_left == 0) {
7848 		ath11k_warn(ar->ab, "failed to flush transmit queue, data pkts pending %d\n",
7849 			    atomic_read(&ar->dp.num_tx_pending));
7850 		ret = -ETIMEDOUT;
7851 	}
7852 
7853 	time_left = wait_event_timeout(ar->txmgmt_empty_waitq,
7854 				       (atomic_read(&ar->num_pending_mgmt_tx) == 0),
7855 				       ATH11K_FLUSH_TIMEOUT);
7856 	if (time_left == 0) {
7857 		ath11k_warn(ar->ab, "failed to flush mgmt transmit queue, mgmt pkts pending %d\n",
7858 			    atomic_read(&ar->num_pending_mgmt_tx));
7859 		ret = -ETIMEDOUT;
7860 	}
7861 
7862 	return ret;
7863 }
7864 
7865 int ath11k_mac_wait_tx_complete(struct ath11k *ar)
7866 {
7867 	ath11k_mac_drain_tx(ar);
7868 	return ath11k_mac_flush_tx_complete(ar);
7869 }
7870 
7871 static void ath11k_mac_op_flush(struct ieee80211_hw *hw, struct ieee80211_vif *vif,
7872 				u32 queues, bool drop)
7873 {
7874 	struct ath11k *ar = hw->priv;
7875 
7876 	if (drop)
7877 		return;
7878 
7879 	ath11k_mac_flush_tx_complete(ar);
7880 }
7881 
7882 static bool
7883 ath11k_mac_has_single_legacy_rate(struct ath11k *ar,
7884 				  enum nl80211_band band,
7885 				  const struct cfg80211_bitrate_mask *mask)
7886 {
7887 	int num_rates = 0;
7888 
7889 	num_rates = hweight32(mask->control[band].legacy);
7890 
7891 	if (ath11k_mac_bitrate_mask_num_ht_rates(ar, band, mask))
7892 		return false;
7893 
7894 	if (ath11k_mac_bitrate_mask_num_vht_rates(ar, band, mask))
7895 		return false;
7896 
7897 	if (ath11k_mac_bitrate_mask_num_he_rates(ar, band, mask))
7898 		return false;
7899 
7900 	return num_rates == 1;
7901 }
7902 
7903 static __le16
7904 ath11k_mac_get_tx_mcs_map(const struct ieee80211_sta_he_cap *he_cap)
7905 {
7906 	if (he_cap->he_cap_elem.phy_cap_info[0] &
7907 	    IEEE80211_HE_PHY_CAP0_CHANNEL_WIDTH_SET_80PLUS80_MHZ_IN_5G)
7908 		return he_cap->he_mcs_nss_supp.tx_mcs_80p80;
7909 
7910 	if (he_cap->he_cap_elem.phy_cap_info[0] &
7911 	    IEEE80211_HE_PHY_CAP0_CHANNEL_WIDTH_SET_160MHZ_IN_5G)
7912 		return he_cap->he_mcs_nss_supp.tx_mcs_160;
7913 
7914 	return he_cap->he_mcs_nss_supp.tx_mcs_80;
7915 }
7916 
7917 static bool
7918 ath11k_mac_bitrate_mask_get_single_nss(struct ath11k *ar,
7919 				       struct ath11k_vif *arvif,
7920 				       enum nl80211_band band,
7921 				       const struct cfg80211_bitrate_mask *mask,
7922 				       int *nss)
7923 {
7924 	struct ieee80211_supported_band *sband = &ar->mac.sbands[band];
7925 	u16 vht_mcs_map = le16_to_cpu(sband->vht_cap.vht_mcs.tx_mcs_map);
7926 	const struct ieee80211_sta_he_cap *he_cap;
7927 	u16 he_mcs_map = 0;
7928 	u8 ht_nss_mask = 0;
7929 	u8 vht_nss_mask = 0;
7930 	u8 he_nss_mask = 0;
7931 	int i;
7932 
7933 	/* No need to consider legacy here. Basic rates are always present
7934 	 * in bitrate mask
7935 	 */
7936 
7937 	for (i = 0; i < ARRAY_SIZE(mask->control[band].ht_mcs); i++) {
7938 		if (mask->control[band].ht_mcs[i] == 0)
7939 			continue;
7940 		else if (mask->control[band].ht_mcs[i] ==
7941 			 sband->ht_cap.mcs.rx_mask[i])
7942 			ht_nss_mask |= BIT(i);
7943 		else
7944 			return false;
7945 	}
7946 
7947 	for (i = 0; i < ARRAY_SIZE(mask->control[band].vht_mcs); i++) {
7948 		if (mask->control[band].vht_mcs[i] == 0)
7949 			continue;
7950 		else if (mask->control[band].vht_mcs[i] ==
7951 			 ath11k_mac_get_max_vht_mcs_map(vht_mcs_map, i))
7952 			vht_nss_mask |= BIT(i);
7953 		else
7954 			return false;
7955 	}
7956 
7957 	he_cap = ieee80211_get_he_iftype_cap_vif(sband, arvif->vif);
7958 	if (!he_cap)
7959 		return false;
7960 
7961 	he_mcs_map = le16_to_cpu(ath11k_mac_get_tx_mcs_map(he_cap));
7962 
7963 	for (i = 0; i < ARRAY_SIZE(mask->control[band].he_mcs); i++) {
7964 		if (mask->control[band].he_mcs[i] == 0)
7965 			continue;
7966 
7967 		if (mask->control[band].he_mcs[i] ==
7968 		    ath11k_mac_get_max_he_mcs_map(he_mcs_map, i))
7969 			he_nss_mask |= BIT(i);
7970 		else
7971 			return false;
7972 	}
7973 
7974 	if (ht_nss_mask != vht_nss_mask || ht_nss_mask != he_nss_mask)
7975 		return false;
7976 
7977 	if (ht_nss_mask == 0)
7978 		return false;
7979 
7980 	if (BIT(fls(ht_nss_mask)) - 1 != ht_nss_mask)
7981 		return false;
7982 
7983 	*nss = fls(ht_nss_mask);
7984 
7985 	return true;
7986 }
7987 
7988 static int
7989 ath11k_mac_get_single_legacy_rate(struct ath11k *ar,
7990 				  enum nl80211_band band,
7991 				  const struct cfg80211_bitrate_mask *mask,
7992 				  u32 *rate, u8 *nss)
7993 {
7994 	int rate_idx;
7995 	u16 bitrate;
7996 	u8 preamble;
7997 	u8 hw_rate;
7998 
7999 	if (hweight32(mask->control[band].legacy) != 1)
8000 		return -EINVAL;
8001 
8002 	rate_idx = ffs(mask->control[band].legacy) - 1;
8003 
8004 	if (band == NL80211_BAND_5GHZ || band == NL80211_BAND_6GHZ)
8005 		rate_idx += ATH11K_MAC_FIRST_OFDM_RATE_IDX;
8006 
8007 	hw_rate = ath11k_legacy_rates[rate_idx].hw_value;
8008 	bitrate = ath11k_legacy_rates[rate_idx].bitrate;
8009 
8010 	if (ath11k_mac_bitrate_is_cck(bitrate))
8011 		preamble = WMI_RATE_PREAMBLE_CCK;
8012 	else
8013 		preamble = WMI_RATE_PREAMBLE_OFDM;
8014 
8015 	*nss = 1;
8016 	*rate = ATH11K_HW_RATE_CODE(hw_rate, 0, preamble);
8017 
8018 	return 0;
8019 }
8020 
8021 static int
8022 ath11k_mac_set_fixed_rate_gi_ltf(struct ath11k_vif *arvif, u8 he_gi, u8 he_ltf)
8023 {
8024 	struct ath11k *ar = arvif->ar;
8025 	int ret;
8026 
8027 	/* 0.8 = 0, 1.6 = 2 and 3.2 = 3. */
8028 	if (he_gi && he_gi != 0xFF)
8029 		he_gi += 1;
8030 
8031 	ret = ath11k_wmi_vdev_set_param_cmd(ar, arvif->vdev_id,
8032 					    WMI_VDEV_PARAM_SGI, he_gi);
8033 	if (ret) {
8034 		ath11k_warn(ar->ab, "failed to set he gi %d: %d\n",
8035 			    he_gi, ret);
8036 		return ret;
8037 	}
8038 	/* start from 1 */
8039 	if (he_ltf != 0xFF)
8040 		he_ltf += 1;
8041 
8042 	ret = ath11k_wmi_vdev_set_param_cmd(ar, arvif->vdev_id,
8043 					    WMI_VDEV_PARAM_HE_LTF, he_ltf);
8044 	if (ret) {
8045 		ath11k_warn(ar->ab, "failed to set he ltf %d: %d\n",
8046 			    he_ltf, ret);
8047 		return ret;
8048 	}
8049 
8050 	return 0;
8051 }
8052 
8053 static int
8054 ath11k_mac_set_auto_rate_gi_ltf(struct ath11k_vif *arvif, u16 he_gi, u8 he_ltf)
8055 {
8056 	struct ath11k *ar = arvif->ar;
8057 	int ret;
8058 	u32 he_ar_gi_ltf;
8059 
8060 	if (he_gi != 0xFF) {
8061 		switch (he_gi) {
8062 		case NL80211_RATE_INFO_HE_GI_0_8:
8063 			he_gi = WMI_AUTORATE_800NS_GI;
8064 			break;
8065 		case NL80211_RATE_INFO_HE_GI_1_6:
8066 			he_gi = WMI_AUTORATE_1600NS_GI;
8067 			break;
8068 		case NL80211_RATE_INFO_HE_GI_3_2:
8069 			he_gi = WMI_AUTORATE_3200NS_GI;
8070 			break;
8071 		default:
8072 			ath11k_warn(ar->ab, "invalid he gi: %d\n", he_gi);
8073 			return -EINVAL;
8074 		}
8075 	}
8076 
8077 	if (he_ltf != 0xFF) {
8078 		switch (he_ltf) {
8079 		case NL80211_RATE_INFO_HE_1XLTF:
8080 			he_ltf = WMI_HE_AUTORATE_LTF_1X;
8081 			break;
8082 		case NL80211_RATE_INFO_HE_2XLTF:
8083 			he_ltf = WMI_HE_AUTORATE_LTF_2X;
8084 			break;
8085 		case NL80211_RATE_INFO_HE_4XLTF:
8086 			he_ltf = WMI_HE_AUTORATE_LTF_4X;
8087 			break;
8088 		default:
8089 			ath11k_warn(ar->ab, "invalid he ltf: %d\n", he_ltf);
8090 			return -EINVAL;
8091 		}
8092 	}
8093 
8094 	he_ar_gi_ltf = he_gi | he_ltf;
8095 	ret = ath11k_wmi_vdev_set_param_cmd(ar, arvif->vdev_id,
8096 					    WMI_VDEV_PARAM_AUTORATE_MISC_CFG,
8097 					    he_ar_gi_ltf);
8098 	if (ret) {
8099 		ath11k_warn(ar->ab,
8100 			    "failed to set he autorate gi %u ltf %u: %d\n",
8101 			    he_gi, he_ltf, ret);
8102 		return ret;
8103 	}
8104 
8105 	return 0;
8106 }
8107 
8108 static int ath11k_mac_set_rate_params(struct ath11k_vif *arvif,
8109 				      u32 rate, u8 nss, u8 sgi, u8 ldpc,
8110 				      u8 he_gi, u8 he_ltf, bool he_fixed_rate)
8111 {
8112 	struct ath11k *ar = arvif->ar;
8113 	u32 vdev_param;
8114 	int ret;
8115 
8116 	lockdep_assert_held(&ar->conf_mutex);
8117 
8118 	ath11k_dbg(ar->ab, ATH11K_DBG_MAC,
8119 		   "set rate params vdev %i rate 0x%02x nss 0x%02x sgi 0x%02x ldpc 0x%02x he_gi 0x%02x he_ltf 0x%02x he_fixed_rate %d\n",
8120 		   arvif->vdev_id, rate, nss, sgi, ldpc, he_gi,
8121 		   he_ltf, he_fixed_rate);
8122 
8123 	if (!arvif->vif->bss_conf.he_support) {
8124 		vdev_param = WMI_VDEV_PARAM_FIXED_RATE;
8125 		ret = ath11k_wmi_vdev_set_param_cmd(ar, arvif->vdev_id,
8126 						    vdev_param, rate);
8127 		if (ret) {
8128 			ath11k_warn(ar->ab, "failed to set fixed rate param 0x%02x: %d\n",
8129 				    rate, ret);
8130 			return ret;
8131 		}
8132 	}
8133 
8134 	vdev_param = WMI_VDEV_PARAM_NSS;
8135 	ret = ath11k_wmi_vdev_set_param_cmd(ar, arvif->vdev_id,
8136 					    vdev_param, nss);
8137 	if (ret) {
8138 		ath11k_warn(ar->ab, "failed to set nss param %d: %d\n",
8139 			    nss, ret);
8140 		return ret;
8141 	}
8142 
8143 	vdev_param = WMI_VDEV_PARAM_LDPC;
8144 	ret = ath11k_wmi_vdev_set_param_cmd(ar, arvif->vdev_id,
8145 					    vdev_param, ldpc);
8146 	if (ret) {
8147 		ath11k_warn(ar->ab, "failed to set ldpc param %d: %d\n",
8148 			    ldpc, ret);
8149 		return ret;
8150 	}
8151 
8152 	if (arvif->vif->bss_conf.he_support) {
8153 		if (he_fixed_rate) {
8154 			ret = ath11k_mac_set_fixed_rate_gi_ltf(arvif, he_gi,
8155 							       he_ltf);
8156 			if (ret) {
8157 				ath11k_warn(ar->ab, "failed to set fixed rate gi ltf: %d\n",
8158 					    ret);
8159 				return ret;
8160 			}
8161 		} else {
8162 			ret = ath11k_mac_set_auto_rate_gi_ltf(arvif, he_gi,
8163 							      he_ltf);
8164 			if (ret) {
8165 				ath11k_warn(ar->ab, "failed to set auto rate gi ltf: %d\n",
8166 					    ret);
8167 				return ret;
8168 			}
8169 		}
8170 	} else {
8171 		vdev_param = WMI_VDEV_PARAM_SGI;
8172 		ret = ath11k_wmi_vdev_set_param_cmd(ar, arvif->vdev_id,
8173 						    vdev_param, sgi);
8174 		if (ret) {
8175 			ath11k_warn(ar->ab, "failed to set sgi param %d: %d\n",
8176 				    sgi, ret);
8177 			return ret;
8178 		}
8179 	}
8180 
8181 	return 0;
8182 }
8183 
8184 static bool
8185 ath11k_mac_vht_mcs_range_present(struct ath11k *ar,
8186 				 enum nl80211_band band,
8187 				 const struct cfg80211_bitrate_mask *mask)
8188 {
8189 	int i;
8190 	u16 vht_mcs;
8191 
8192 	for (i = 0; i < NL80211_VHT_NSS_MAX; i++) {
8193 		vht_mcs = mask->control[band].vht_mcs[i];
8194 
8195 		switch (vht_mcs) {
8196 		case 0:
8197 		case BIT(8) - 1:
8198 		case BIT(9) - 1:
8199 		case BIT(10) - 1:
8200 			break;
8201 		default:
8202 			return false;
8203 		}
8204 	}
8205 
8206 	return true;
8207 }
8208 
8209 static bool
8210 ath11k_mac_he_mcs_range_present(struct ath11k *ar,
8211 				enum nl80211_band band,
8212 				const struct cfg80211_bitrate_mask *mask)
8213 {
8214 	int i;
8215 	u16 he_mcs;
8216 
8217 	for (i = 0; i < NL80211_HE_NSS_MAX; i++) {
8218 		he_mcs = mask->control[band].he_mcs[i];
8219 
8220 		switch (he_mcs) {
8221 		case 0:
8222 		case BIT(8) - 1:
8223 		case BIT(10) - 1:
8224 		case BIT(12) - 1:
8225 			break;
8226 		default:
8227 			return false;
8228 		}
8229 	}
8230 
8231 	return true;
8232 }
8233 
8234 static void ath11k_mac_set_bitrate_mask_iter(void *data,
8235 					     struct ieee80211_sta *sta)
8236 {
8237 	struct ath11k_vif *arvif = data;
8238 	struct ath11k_sta *arsta = (struct ath11k_sta *)sta->drv_priv;
8239 	struct ath11k *ar = arvif->ar;
8240 
8241 	spin_lock_bh(&ar->data_lock);
8242 	arsta->changed |= IEEE80211_RC_SUPP_RATES_CHANGED;
8243 	spin_unlock_bh(&ar->data_lock);
8244 
8245 	ieee80211_queue_work(ar->hw, &arsta->update_wk);
8246 }
8247 
8248 static void ath11k_mac_disable_peer_fixed_rate(void *data,
8249 					       struct ieee80211_sta *sta)
8250 {
8251 	struct ath11k_vif *arvif = data;
8252 	struct ath11k *ar = arvif->ar;
8253 	int ret;
8254 
8255 	ret = ath11k_wmi_set_peer_param(ar, sta->addr,
8256 					arvif->vdev_id,
8257 					WMI_PEER_PARAM_FIXED_RATE,
8258 					WMI_FIXED_RATE_NONE);
8259 	if (ret)
8260 		ath11k_warn(ar->ab,
8261 			    "failed to disable peer fixed rate for STA %pM ret %d\n",
8262 			    sta->addr, ret);
8263 }
8264 
8265 static bool
8266 ath11k_mac_validate_vht_he_fixed_rate_settings(struct ath11k *ar, enum nl80211_band band,
8267 					       const struct cfg80211_bitrate_mask *mask)
8268 {
8269 	bool he_fixed_rate = false, vht_fixed_rate = false;
8270 	struct ath11k_peer *peer;
8271 	const u16 *vht_mcs_mask, *he_mcs_mask;
8272 	struct ieee80211_link_sta *deflink;
8273 	u8 vht_nss, he_nss;
8274 	bool ret = true;
8275 
8276 	vht_mcs_mask = mask->control[band].vht_mcs;
8277 	he_mcs_mask = mask->control[band].he_mcs;
8278 
8279 	if (ath11k_mac_bitrate_mask_num_vht_rates(ar, band, mask) == 1)
8280 		vht_fixed_rate = true;
8281 
8282 	if (ath11k_mac_bitrate_mask_num_he_rates(ar, band, mask) == 1)
8283 		he_fixed_rate = true;
8284 
8285 	if (!vht_fixed_rate && !he_fixed_rate)
8286 		return true;
8287 
8288 	vht_nss = ath11k_mac_max_vht_nss(vht_mcs_mask);
8289 	he_nss =  ath11k_mac_max_he_nss(he_mcs_mask);
8290 
8291 	rcu_read_lock();
8292 	spin_lock_bh(&ar->ab->base_lock);
8293 	list_for_each_entry(peer, &ar->ab->peers, list) {
8294 		if (peer->sta) {
8295 			deflink = &peer->sta->deflink;
8296 
8297 			if (vht_fixed_rate && (!deflink->vht_cap.vht_supported ||
8298 					       deflink->rx_nss < vht_nss)) {
8299 				ret = false;
8300 				goto out;
8301 			}
8302 
8303 			if (he_fixed_rate && (!deflink->he_cap.has_he ||
8304 					      deflink->rx_nss < he_nss)) {
8305 				ret = false;
8306 				goto out;
8307 			}
8308 		}
8309 	}
8310 
8311 out:
8312 	spin_unlock_bh(&ar->ab->base_lock);
8313 	rcu_read_unlock();
8314 	return ret;
8315 }
8316 
8317 static int
8318 ath11k_mac_op_set_bitrate_mask(struct ieee80211_hw *hw,
8319 			       struct ieee80211_vif *vif,
8320 			       const struct cfg80211_bitrate_mask *mask)
8321 {
8322 	struct ath11k_vif *arvif = ath11k_vif_to_arvif(vif);
8323 	struct cfg80211_chan_def def;
8324 	struct ath11k_pdev_cap *cap;
8325 	struct ath11k *ar = arvif->ar;
8326 	enum nl80211_band band;
8327 	const u8 *ht_mcs_mask;
8328 	const u16 *vht_mcs_mask;
8329 	const u16 *he_mcs_mask;
8330 	u8 he_ltf = 0;
8331 	u8 he_gi = 0;
8332 	u32 rate;
8333 	u8 nss;
8334 	u8 sgi;
8335 	u8 ldpc;
8336 	int single_nss;
8337 	int ret;
8338 	int num_rates;
8339 	bool he_fixed_rate = false;
8340 
8341 	if (ath11k_mac_vif_chan(vif, &def))
8342 		return -EPERM;
8343 
8344 	band = def.chan->band;
8345 	cap = &ar->pdev->cap;
8346 	ht_mcs_mask = mask->control[band].ht_mcs;
8347 	vht_mcs_mask = mask->control[band].vht_mcs;
8348 	he_mcs_mask = mask->control[band].he_mcs;
8349 	ldpc = !!(cap->band[band].ht_cap_info & WMI_HT_CAP_TX_LDPC);
8350 
8351 	sgi = mask->control[band].gi;
8352 	if (sgi == NL80211_TXRATE_FORCE_LGI)
8353 		return -EINVAL;
8354 
8355 	he_gi = mask->control[band].he_gi;
8356 	he_ltf = mask->control[band].he_ltf;
8357 
8358 	/* mac80211 doesn't support sending a fixed HT/VHT MCS alone, rather it
8359 	 * requires passing at least one of used basic rates along with them.
8360 	 * Fixed rate setting across different preambles(legacy, HT, VHT) is
8361 	 * not supported by the FW. Hence use of FIXED_RATE vdev param is not
8362 	 * suitable for setting single HT/VHT rates.
8363 	 * But, there could be a single basic rate passed from userspace which
8364 	 * can be done through the FIXED_RATE param.
8365 	 */
8366 	if (ath11k_mac_has_single_legacy_rate(ar, band, mask)) {
8367 		ret = ath11k_mac_get_single_legacy_rate(ar, band, mask, &rate,
8368 							&nss);
8369 		if (ret) {
8370 			ath11k_warn(ar->ab, "failed to get single legacy rate for vdev %i: %d\n",
8371 				    arvif->vdev_id, ret);
8372 			return ret;
8373 		}
8374 		ieee80211_iterate_stations_atomic(ar->hw,
8375 						  ath11k_mac_disable_peer_fixed_rate,
8376 						  arvif);
8377 	} else if (ath11k_mac_bitrate_mask_get_single_nss(ar, arvif, band, mask,
8378 							  &single_nss)) {
8379 		rate = WMI_FIXED_RATE_NONE;
8380 		nss = single_nss;
8381 		mutex_lock(&ar->conf_mutex);
8382 		arvif->bitrate_mask = *mask;
8383 		ieee80211_iterate_stations_atomic(ar->hw,
8384 						  ath11k_mac_set_bitrate_mask_iter,
8385 						  arvif);
8386 		mutex_unlock(&ar->conf_mutex);
8387 	} else {
8388 		rate = WMI_FIXED_RATE_NONE;
8389 
8390 		if (!ath11k_mac_validate_vht_he_fixed_rate_settings(ar, band, mask))
8391 			ath11k_warn(ar->ab,
8392 				    "could not update fixed rate settings to all peers due to mcs/nss incompatibility\n");
8393 		nss = min_t(u32, ar->num_tx_chains,
8394 			    max(max(ath11k_mac_max_ht_nss(ht_mcs_mask),
8395 				    ath11k_mac_max_vht_nss(vht_mcs_mask)),
8396 				ath11k_mac_max_he_nss(he_mcs_mask)));
8397 
8398 		/* If multiple rates across different preambles are given
8399 		 * we can reconfigure this info with all peers using PEER_ASSOC
8400 		 * command with the below exception cases.
8401 		 * - Single VHT Rate : peer_assoc command accommodates only MCS
8402 		 * range values i.e 0-7, 0-8, 0-9 for VHT. Though mac80211
8403 		 * mandates passing basic rates along with HT/VHT rates, FW
8404 		 * doesn't allow switching from VHT to Legacy. Hence instead of
8405 		 * setting legacy and VHT rates using RATEMASK_CMD vdev cmd,
8406 		 * we could set this VHT rate as peer fixed rate param, which
8407 		 * will override FIXED rate and FW rate control algorithm.
8408 		 * If single VHT rate is passed along with HT rates, we select
8409 		 * the VHT rate as fixed rate for vht peers.
8410 		 * - Multiple VHT Rates : When Multiple VHT rates are given,this
8411 		 * can be set using RATEMASK CMD which uses FW rate-ctl alg.
8412 		 * TODO: Setting multiple VHT MCS and replacing peer_assoc with
8413 		 * RATEMASK_CMDID can cover all use cases of setting rates
8414 		 * across multiple preambles and rates within same type.
8415 		 * But requires more validation of the command at this point.
8416 		 */
8417 
8418 		num_rates = ath11k_mac_bitrate_mask_num_vht_rates(ar, band,
8419 								  mask);
8420 
8421 		if (!ath11k_mac_vht_mcs_range_present(ar, band, mask) &&
8422 		    num_rates > 1) {
8423 			/* TODO: Handle multiple VHT MCS values setting using
8424 			 * RATEMASK CMD
8425 			 */
8426 			ath11k_warn(ar->ab,
8427 				    "setting %d mcs values in bitrate mask not supported\n",
8428 				num_rates);
8429 			return -EINVAL;
8430 		}
8431 
8432 		num_rates = ath11k_mac_bitrate_mask_num_he_rates(ar, band,
8433 								 mask);
8434 		if (num_rates == 1)
8435 			he_fixed_rate = true;
8436 
8437 		if (!ath11k_mac_he_mcs_range_present(ar, band, mask) &&
8438 		    num_rates > 1) {
8439 			ath11k_warn(ar->ab,
8440 				    "Setting more than one HE MCS Value in bitrate mask not supported\n");
8441 			return -EINVAL;
8442 		}
8443 
8444 		mutex_lock(&ar->conf_mutex);
8445 		ieee80211_iterate_stations_atomic(ar->hw,
8446 						  ath11k_mac_disable_peer_fixed_rate,
8447 						  arvif);
8448 
8449 		arvif->bitrate_mask = *mask;
8450 		ieee80211_iterate_stations_atomic(ar->hw,
8451 						  ath11k_mac_set_bitrate_mask_iter,
8452 						  arvif);
8453 
8454 		mutex_unlock(&ar->conf_mutex);
8455 	}
8456 
8457 	mutex_lock(&ar->conf_mutex);
8458 
8459 	ret = ath11k_mac_set_rate_params(arvif, rate, nss, sgi, ldpc, he_gi,
8460 					 he_ltf, he_fixed_rate);
8461 	if (ret) {
8462 		ath11k_warn(ar->ab, "failed to set rate params on vdev %i: %d\n",
8463 			    arvif->vdev_id, ret);
8464 	}
8465 
8466 	mutex_unlock(&ar->conf_mutex);
8467 
8468 	return ret;
8469 }
8470 
8471 static void
8472 ath11k_mac_op_reconfig_complete(struct ieee80211_hw *hw,
8473 				enum ieee80211_reconfig_type reconfig_type)
8474 {
8475 	struct ath11k *ar = hw->priv;
8476 	struct ath11k_base *ab = ar->ab;
8477 	int recovery_count;
8478 	struct ath11k_vif *arvif;
8479 
8480 	if (reconfig_type != IEEE80211_RECONFIG_TYPE_RESTART)
8481 		return;
8482 
8483 	mutex_lock(&ar->conf_mutex);
8484 
8485 	if (ar->state == ATH11K_STATE_RESTARTED) {
8486 		ath11k_warn(ar->ab, "pdev %d successfully recovered\n",
8487 			    ar->pdev->pdev_id);
8488 		ar->state = ATH11K_STATE_ON;
8489 		ieee80211_wake_queues(ar->hw);
8490 
8491 		if (ar->ab->hw_params.current_cc_support &&
8492 		    ar->alpha2[0] != 0 && ar->alpha2[1] != 0) {
8493 			struct wmi_set_current_country_params set_current_param = {};
8494 
8495 			memcpy(&set_current_param.alpha2, ar->alpha2, 2);
8496 			ath11k_wmi_send_set_current_country_cmd(ar, &set_current_param);
8497 		}
8498 
8499 		if (ab->is_reset) {
8500 			recovery_count = atomic_inc_return(&ab->recovery_count);
8501 			ath11k_dbg(ab, ATH11K_DBG_BOOT,
8502 				   "recovery count %d\n", recovery_count);
8503 			/* When there are multiple radios in an SOC,
8504 			 * the recovery has to be done for each radio
8505 			 */
8506 			if (recovery_count == ab->num_radios) {
8507 				atomic_dec(&ab->reset_count);
8508 				complete(&ab->reset_complete);
8509 				ab->is_reset = false;
8510 				atomic_set(&ab->fail_cont_count, 0);
8511 				ath11k_dbg(ab, ATH11K_DBG_BOOT, "reset success\n");
8512 			}
8513 		}
8514 		if (ar->ab->hw_params.support_fw_mac_sequence) {
8515 			list_for_each_entry(arvif, &ar->arvifs, list) {
8516 				if (arvif->is_up && arvif->vdev_type == WMI_VDEV_TYPE_STA)
8517 					ieee80211_hw_restart_disconnect(arvif->vif);
8518 			}
8519 		}
8520 	}
8521 
8522 	mutex_unlock(&ar->conf_mutex);
8523 }
8524 
8525 static void
8526 ath11k_mac_update_bss_chan_survey(struct ath11k *ar,
8527 				  struct ieee80211_channel *channel)
8528 {
8529 	int ret;
8530 	enum wmi_bss_chan_info_req_type type = WMI_BSS_SURVEY_REQ_TYPE_READ;
8531 
8532 	lockdep_assert_held(&ar->conf_mutex);
8533 
8534 	if (!test_bit(WMI_TLV_SERVICE_BSS_CHANNEL_INFO_64, ar->ab->wmi_ab.svc_map) ||
8535 	    ar->rx_channel != channel)
8536 		return;
8537 
8538 	if (ar->scan.state != ATH11K_SCAN_IDLE) {
8539 		ath11k_dbg(ar->ab, ATH11K_DBG_MAC,
8540 			   "ignoring bss chan info req while scanning..\n");
8541 		return;
8542 	}
8543 
8544 	reinit_completion(&ar->bss_survey_done);
8545 
8546 	ret = ath11k_wmi_pdev_bss_chan_info_request(ar, type);
8547 	if (ret) {
8548 		ath11k_warn(ar->ab, "failed to send pdev bss chan info request\n");
8549 		return;
8550 	}
8551 
8552 	ret = wait_for_completion_timeout(&ar->bss_survey_done, 3 * HZ);
8553 	if (ret == 0)
8554 		ath11k_warn(ar->ab, "bss channel survey timed out\n");
8555 }
8556 
8557 static int ath11k_mac_op_get_survey(struct ieee80211_hw *hw, int idx,
8558 				    struct survey_info *survey)
8559 {
8560 	struct ath11k *ar = hw->priv;
8561 	struct ieee80211_supported_band *sband;
8562 	struct survey_info *ar_survey;
8563 	int ret = 0;
8564 
8565 	if (idx >= ATH11K_NUM_CHANS)
8566 		return -ENOENT;
8567 
8568 	ar_survey = &ar->survey[idx];
8569 
8570 	mutex_lock(&ar->conf_mutex);
8571 
8572 	sband = hw->wiphy->bands[NL80211_BAND_2GHZ];
8573 	if (sband && idx >= sband->n_channels) {
8574 		idx -= sband->n_channels;
8575 		sband = NULL;
8576 	}
8577 
8578 	if (!sband)
8579 		sband = hw->wiphy->bands[NL80211_BAND_5GHZ];
8580 	if (sband && idx >= sband->n_channels) {
8581 		idx -= sband->n_channels;
8582 		sband = NULL;
8583 	}
8584 
8585 	if (!sband)
8586 		sband = hw->wiphy->bands[NL80211_BAND_6GHZ];
8587 	if (!sband || idx >= sband->n_channels) {
8588 		ret = -ENOENT;
8589 		goto exit;
8590 	}
8591 
8592 	ath11k_mac_update_bss_chan_survey(ar, &sband->channels[idx]);
8593 
8594 	spin_lock_bh(&ar->data_lock);
8595 	memcpy(survey, ar_survey, sizeof(*survey));
8596 	spin_unlock_bh(&ar->data_lock);
8597 
8598 	survey->channel = &sband->channels[idx];
8599 
8600 	if (ar->rx_channel == survey->channel)
8601 		survey->filled |= SURVEY_INFO_IN_USE;
8602 
8603 exit:
8604 	mutex_unlock(&ar->conf_mutex);
8605 	return ret;
8606 }
8607 
8608 static void ath11k_mac_put_chain_rssi(struct station_info *sinfo,
8609 				      struct ath11k_sta *arsta,
8610 				      char *pre,
8611 				      bool clear)
8612 {
8613 	struct ath11k *ar = arsta->arvif->ar;
8614 	int i;
8615 	s8 rssi;
8616 
8617 	for (i = 0; i < ARRAY_SIZE(sinfo->chain_signal); i++) {
8618 		sinfo->chains &= ~BIT(i);
8619 		rssi = arsta->chain_signal[i];
8620 		if (clear)
8621 			arsta->chain_signal[i] = ATH11K_INVALID_RSSI_FULL;
8622 
8623 		ath11k_dbg(ar->ab, ATH11K_DBG_MAC,
8624 			   "sta statistics %s rssi[%d] %d\n", pre, i, rssi);
8625 
8626 		if (rssi != ATH11K_DEFAULT_NOISE_FLOOR &&
8627 		    rssi != ATH11K_INVALID_RSSI_FULL &&
8628 		    rssi != ATH11K_INVALID_RSSI_EMPTY &&
8629 		    rssi != 0) {
8630 			sinfo->chain_signal[i] = rssi;
8631 			sinfo->chains |= BIT(i);
8632 			sinfo->filled |= BIT_ULL(NL80211_STA_INFO_CHAIN_SIGNAL);
8633 		}
8634 	}
8635 }
8636 
8637 static void ath11k_mac_op_sta_statistics(struct ieee80211_hw *hw,
8638 					 struct ieee80211_vif *vif,
8639 					 struct ieee80211_sta *sta,
8640 					 struct station_info *sinfo)
8641 {
8642 	struct ath11k_sta *arsta = (struct ath11k_sta *)sta->drv_priv;
8643 	struct ath11k *ar = arsta->arvif->ar;
8644 	s8 signal;
8645 	bool db2dbm = test_bit(WMI_TLV_SERVICE_HW_DB2DBM_CONVERSION_SUPPORT,
8646 			       ar->ab->wmi_ab.svc_map);
8647 
8648 	sinfo->rx_duration = arsta->rx_duration;
8649 	sinfo->filled |= BIT_ULL(NL80211_STA_INFO_RX_DURATION);
8650 
8651 	sinfo->tx_duration = arsta->tx_duration;
8652 	sinfo->filled |= BIT_ULL(NL80211_STA_INFO_TX_DURATION);
8653 
8654 	if (arsta->txrate.legacy || arsta->txrate.nss) {
8655 		if (arsta->txrate.legacy) {
8656 			sinfo->txrate.legacy = arsta->txrate.legacy;
8657 		} else {
8658 			sinfo->txrate.mcs = arsta->txrate.mcs;
8659 			sinfo->txrate.nss = arsta->txrate.nss;
8660 			sinfo->txrate.bw = arsta->txrate.bw;
8661 			sinfo->txrate.he_gi = arsta->txrate.he_gi;
8662 			sinfo->txrate.he_dcm = arsta->txrate.he_dcm;
8663 			sinfo->txrate.he_ru_alloc = arsta->txrate.he_ru_alloc;
8664 		}
8665 		sinfo->txrate.flags = arsta->txrate.flags;
8666 		sinfo->filled |= BIT_ULL(NL80211_STA_INFO_TX_BITRATE);
8667 	}
8668 
8669 	ath11k_mac_put_chain_rssi(sinfo, arsta, "ppdu", false);
8670 
8671 	if (!(sinfo->filled & BIT_ULL(NL80211_STA_INFO_CHAIN_SIGNAL)) &&
8672 	    arsta->arvif->vdev_type == WMI_VDEV_TYPE_STA &&
8673 	    ar->ab->hw_params.supports_rssi_stats &&
8674 	    !ath11k_debugfs_get_fw_stats(ar, ar->pdev->pdev_id, 0,
8675 					 WMI_REQUEST_RSSI_PER_CHAIN_STAT)) {
8676 		ath11k_mac_put_chain_rssi(sinfo, arsta, "fw stats", true);
8677 	}
8678 
8679 	signal = arsta->rssi_comb;
8680 	if (!signal &&
8681 	    arsta->arvif->vdev_type == WMI_VDEV_TYPE_STA &&
8682 	    ar->ab->hw_params.supports_rssi_stats &&
8683 	    !(ath11k_debugfs_get_fw_stats(ar, ar->pdev->pdev_id, 0,
8684 					WMI_REQUEST_VDEV_STAT)))
8685 		signal = arsta->rssi_beacon;
8686 
8687 	ath11k_dbg(ar->ab, ATH11K_DBG_MAC,
8688 		   "sta statistics db2dbm %u rssi comb %d rssi beacon %d\n",
8689 		   db2dbm, arsta->rssi_comb, arsta->rssi_beacon);
8690 
8691 	if (signal) {
8692 		sinfo->signal = db2dbm ? signal : signal + ATH11K_DEFAULT_NOISE_FLOOR;
8693 		sinfo->filled |= BIT_ULL(NL80211_STA_INFO_SIGNAL);
8694 	}
8695 
8696 	sinfo->signal_avg = ewma_avg_rssi_read(&arsta->avg_rssi) +
8697 		ATH11K_DEFAULT_NOISE_FLOOR;
8698 	sinfo->filled |= BIT_ULL(NL80211_STA_INFO_SIGNAL_AVG);
8699 }
8700 
8701 #if IS_ENABLED(CONFIG_IPV6)
8702 static void ath11k_generate_ns_mc_addr(struct ath11k *ar,
8703 				       struct ath11k_arp_ns_offload *offload)
8704 {
8705 	int i;
8706 
8707 	for (i = 0; i < offload->ipv6_count; i++) {
8708 		offload->self_ipv6_addr[i][0] = 0xff;
8709 		offload->self_ipv6_addr[i][1] = 0x02;
8710 		offload->self_ipv6_addr[i][11] = 0x01;
8711 		offload->self_ipv6_addr[i][12] = 0xff;
8712 		offload->self_ipv6_addr[i][13] =
8713 					offload->ipv6_addr[i][13];
8714 		offload->self_ipv6_addr[i][14] =
8715 					offload->ipv6_addr[i][14];
8716 		offload->self_ipv6_addr[i][15] =
8717 					offload->ipv6_addr[i][15];
8718 		ath11k_dbg(ar->ab, ATH11K_DBG_MAC, "NS solicited addr %pI6\n",
8719 			   offload->self_ipv6_addr[i]);
8720 	}
8721 }
8722 
8723 static void ath11k_mac_op_ipv6_changed(struct ieee80211_hw *hw,
8724 				       struct ieee80211_vif *vif,
8725 				       struct inet6_dev *idev)
8726 {
8727 	struct ath11k *ar = hw->priv;
8728 	struct ath11k_arp_ns_offload *offload;
8729 	struct ath11k_vif *arvif = ath11k_vif_to_arvif(vif);
8730 	struct inet6_ifaddr *ifa6;
8731 	struct ifacaddr6 *ifaca6;
8732 	struct list_head *p;
8733 	u32 count, scope;
8734 
8735 	ath11k_dbg(ar->ab, ATH11K_DBG_MAC, "op ipv6 changed\n");
8736 
8737 	offload = &arvif->arp_ns_offload;
8738 	count = 0;
8739 
8740 	read_lock_bh(&idev->lock);
8741 
8742 	memset(offload->ipv6_addr, 0, sizeof(offload->ipv6_addr));
8743 	memset(offload->self_ipv6_addr, 0, sizeof(offload->self_ipv6_addr));
8744 	memcpy(offload->mac_addr, vif->addr, ETH_ALEN);
8745 
8746 	/* get unicast address */
8747 	list_for_each(p, &idev->addr_list) {
8748 		if (count >= ATH11K_IPV6_MAX_COUNT)
8749 			goto generate;
8750 
8751 		ifa6 = list_entry(p, struct inet6_ifaddr, if_list);
8752 		if (ifa6->flags & IFA_F_DADFAILED)
8753 			continue;
8754 		scope = ipv6_addr_src_scope(&ifa6->addr);
8755 		if (scope == IPV6_ADDR_SCOPE_LINKLOCAL ||
8756 		    scope == IPV6_ADDR_SCOPE_GLOBAL) {
8757 			memcpy(offload->ipv6_addr[count], &ifa6->addr.s6_addr,
8758 			       sizeof(ifa6->addr.s6_addr));
8759 			offload->ipv6_type[count] = ATH11K_IPV6_UC_TYPE;
8760 			ath11k_dbg(ar->ab, ATH11K_DBG_MAC, "count %d ipv6 uc %pI6 scope %d\n",
8761 				   count, offload->ipv6_addr[count],
8762 				   scope);
8763 			count++;
8764 		} else {
8765 			ath11k_warn(ar->ab, "Unsupported ipv6 scope: %d\n", scope);
8766 		}
8767 	}
8768 
8769 	/* get anycast address */
8770 	for (ifaca6 = idev->ac_list; ifaca6; ifaca6 = ifaca6->aca_next) {
8771 		if (count >= ATH11K_IPV6_MAX_COUNT)
8772 			goto generate;
8773 
8774 		scope = ipv6_addr_src_scope(&ifaca6->aca_addr);
8775 		if (scope == IPV6_ADDR_SCOPE_LINKLOCAL ||
8776 		    scope == IPV6_ADDR_SCOPE_GLOBAL) {
8777 			memcpy(offload->ipv6_addr[count], &ifaca6->aca_addr,
8778 			       sizeof(ifaca6->aca_addr));
8779 			offload->ipv6_type[count] = ATH11K_IPV6_AC_TYPE;
8780 			ath11k_dbg(ar->ab, ATH11K_DBG_MAC, "count %d ipv6 ac %pI6 scope %d\n",
8781 				   count, offload->ipv6_addr[count],
8782 				   scope);
8783 			count++;
8784 		} else {
8785 			ath11k_warn(ar->ab, "Unsupported ipv scope: %d\n", scope);
8786 		}
8787 	}
8788 
8789 generate:
8790 	offload->ipv6_count = count;
8791 	read_unlock_bh(&idev->lock);
8792 
8793 	/* generate ns multicast address */
8794 	ath11k_generate_ns_mc_addr(ar, offload);
8795 }
8796 #endif
8797 
8798 static void ath11k_mac_op_set_rekey_data(struct ieee80211_hw *hw,
8799 					 struct ieee80211_vif *vif,
8800 					 struct cfg80211_gtk_rekey_data *data)
8801 {
8802 	struct ath11k *ar = hw->priv;
8803 	struct ath11k_vif *arvif = ath11k_vif_to_arvif(vif);
8804 	struct ath11k_rekey_data *rekey_data = &arvif->rekey_data;
8805 
8806 	ath11k_dbg(ar->ab, ATH11K_DBG_MAC, "set rekey data vdev %d\n",
8807 		   arvif->vdev_id);
8808 
8809 	mutex_lock(&ar->conf_mutex);
8810 
8811 	memcpy(rekey_data->kck, data->kck, NL80211_KCK_LEN);
8812 	memcpy(rekey_data->kek, data->kek, NL80211_KEK_LEN);
8813 
8814 	/* The supplicant works on big-endian, the firmware expects it on
8815 	 * little endian.
8816 	 */
8817 	rekey_data->replay_ctr = get_unaligned_be64(data->replay_ctr);
8818 
8819 	arvif->rekey_data.enable_offload = true;
8820 
8821 	ath11k_dbg_dump(ar->ab, ATH11K_DBG_MAC, "kck", NULL,
8822 			rekey_data->kck, NL80211_KCK_LEN);
8823 	ath11k_dbg_dump(ar->ab, ATH11K_DBG_MAC, "kek", NULL,
8824 			rekey_data->kck, NL80211_KEK_LEN);
8825 	ath11k_dbg_dump(ar->ab, ATH11K_DBG_MAC, "replay ctr", NULL,
8826 			&rekey_data->replay_ctr, sizeof(rekey_data->replay_ctr));
8827 
8828 	mutex_unlock(&ar->conf_mutex);
8829 }
8830 
8831 static int ath11k_mac_op_set_bios_sar_specs(struct ieee80211_hw *hw,
8832 					    const struct cfg80211_sar_specs *sar)
8833 {
8834 	struct ath11k *ar = hw->priv;
8835 	const struct cfg80211_sar_sub_specs *sspec;
8836 	int ret, index;
8837 	u8 *sar_tbl;
8838 	u32 i;
8839 
8840 	if (!sar || sar->type != NL80211_SAR_TYPE_POWER ||
8841 	    sar->num_sub_specs == 0)
8842 		return -EINVAL;
8843 
8844 	mutex_lock(&ar->conf_mutex);
8845 
8846 	if (!test_bit(WMI_TLV_SERVICE_BIOS_SAR_SUPPORT, ar->ab->wmi_ab.svc_map) ||
8847 	    !ar->ab->hw_params.bios_sar_capa) {
8848 		ret = -EOPNOTSUPP;
8849 		goto exit;
8850 	}
8851 
8852 	ret = ath11k_wmi_pdev_set_bios_geo_table_param(ar);
8853 	if (ret) {
8854 		ath11k_warn(ar->ab, "failed to set geo table: %d\n", ret);
8855 		goto exit;
8856 	}
8857 
8858 	sar_tbl = kzalloc(BIOS_SAR_TABLE_LEN, GFP_KERNEL);
8859 	if (!sar_tbl) {
8860 		ret = -ENOMEM;
8861 		goto exit;
8862 	}
8863 
8864 	sspec = sar->sub_specs;
8865 	for (i = 0; i < sar->num_sub_specs; i++) {
8866 		if (sspec->freq_range_index >= (BIOS_SAR_TABLE_LEN >> 1)) {
8867 			ath11k_warn(ar->ab, "Ignore bad frequency index %u, max allowed %u\n",
8868 				    sspec->freq_range_index, BIOS_SAR_TABLE_LEN >> 1);
8869 			continue;
8870 		}
8871 
8872 		/* chain0 and chain1 share same power setting */
8873 		sar_tbl[sspec->freq_range_index] = sspec->power;
8874 		index = sspec->freq_range_index + (BIOS_SAR_TABLE_LEN >> 1);
8875 		sar_tbl[index] = sspec->power;
8876 		ath11k_dbg(ar->ab, ATH11K_DBG_MAC, "sar tbl[%d] = %d\n",
8877 			   sspec->freq_range_index, sar_tbl[sspec->freq_range_index]);
8878 		sspec++;
8879 	}
8880 
8881 	ret = ath11k_wmi_pdev_set_bios_sar_table_param(ar, sar_tbl);
8882 	if (ret)
8883 		ath11k_warn(ar->ab, "failed to set sar power: %d", ret);
8884 
8885 	kfree(sar_tbl);
8886 exit:
8887 	mutex_unlock(&ar->conf_mutex);
8888 
8889 	return ret;
8890 }
8891 
8892 static int ath11k_mac_op_cancel_remain_on_channel(struct ieee80211_hw *hw,
8893 						  struct ieee80211_vif *vif)
8894 {
8895 	struct ath11k *ar = hw->priv;
8896 
8897 	mutex_lock(&ar->conf_mutex);
8898 
8899 	spin_lock_bh(&ar->data_lock);
8900 	ar->scan.roc_notify = false;
8901 	spin_unlock_bh(&ar->data_lock);
8902 
8903 	ath11k_scan_abort(ar);
8904 
8905 	mutex_unlock(&ar->conf_mutex);
8906 
8907 	cancel_delayed_work_sync(&ar->scan.timeout);
8908 
8909 	return 0;
8910 }
8911 
8912 static int ath11k_mac_op_remain_on_channel(struct ieee80211_hw *hw,
8913 					   struct ieee80211_vif *vif,
8914 					   struct ieee80211_channel *chan,
8915 					   int duration,
8916 					   enum ieee80211_roc_type type)
8917 {
8918 	struct ath11k *ar = hw->priv;
8919 	struct ath11k_vif *arvif = ath11k_vif_to_arvif(vif);
8920 	struct scan_req_params *arg;
8921 	int ret;
8922 	u32 scan_time_msec;
8923 
8924 	mutex_lock(&ar->conf_mutex);
8925 
8926 	spin_lock_bh(&ar->data_lock);
8927 	switch (ar->scan.state) {
8928 	case ATH11K_SCAN_IDLE:
8929 		reinit_completion(&ar->scan.started);
8930 		reinit_completion(&ar->scan.completed);
8931 		reinit_completion(&ar->scan.on_channel);
8932 		ar->scan.state = ATH11K_SCAN_STARTING;
8933 		ar->scan.is_roc = true;
8934 		ar->scan.vdev_id = arvif->vdev_id;
8935 		ar->scan.roc_freq = chan->center_freq;
8936 		ar->scan.roc_notify = true;
8937 		ret = 0;
8938 		break;
8939 	case ATH11K_SCAN_STARTING:
8940 	case ATH11K_SCAN_RUNNING:
8941 	case ATH11K_SCAN_ABORTING:
8942 		ret = -EBUSY;
8943 		break;
8944 	}
8945 	spin_unlock_bh(&ar->data_lock);
8946 
8947 	if (ret)
8948 		goto exit;
8949 
8950 	scan_time_msec = ar->hw->wiphy->max_remain_on_channel_duration * 2;
8951 
8952 	arg = kzalloc(sizeof(*arg), GFP_KERNEL);
8953 	if (!arg) {
8954 		ret = -ENOMEM;
8955 		goto exit;
8956 	}
8957 	ath11k_wmi_start_scan_init(ar, arg);
8958 	arg->num_chan = 1;
8959 	arg->chan_list = kcalloc(arg->num_chan, sizeof(*arg->chan_list),
8960 				 GFP_KERNEL);
8961 	if (!arg->chan_list) {
8962 		ret = -ENOMEM;
8963 		goto free_arg;
8964 	}
8965 
8966 	arg->vdev_id = arvif->vdev_id;
8967 	arg->scan_id = ATH11K_SCAN_ID;
8968 	arg->chan_list[0] = chan->center_freq;
8969 	arg->dwell_time_active = scan_time_msec;
8970 	arg->dwell_time_passive = scan_time_msec;
8971 	arg->max_scan_time = scan_time_msec;
8972 	arg->scan_flags |= WMI_SCAN_FLAG_PASSIVE;
8973 	arg->scan_flags |= WMI_SCAN_FILTER_PROBE_REQ;
8974 	arg->burst_duration = duration;
8975 
8976 	ret = ath11k_start_scan(ar, arg);
8977 	if (ret) {
8978 		ath11k_warn(ar->ab, "failed to start roc scan: %d\n", ret);
8979 
8980 		spin_lock_bh(&ar->data_lock);
8981 		ar->scan.state = ATH11K_SCAN_IDLE;
8982 		spin_unlock_bh(&ar->data_lock);
8983 		goto free_chan_list;
8984 	}
8985 
8986 	ret = wait_for_completion_timeout(&ar->scan.on_channel, 3 * HZ);
8987 	if (ret == 0) {
8988 		ath11k_warn(ar->ab, "failed to switch to channel for roc scan\n");
8989 		ret = ath11k_scan_stop(ar);
8990 		if (ret)
8991 			ath11k_warn(ar->ab, "failed to stop scan: %d\n", ret);
8992 		ret = -ETIMEDOUT;
8993 		goto free_chan_list;
8994 	}
8995 
8996 	ieee80211_queue_delayed_work(ar->hw, &ar->scan.timeout,
8997 				     msecs_to_jiffies(duration));
8998 
8999 	ret = 0;
9000 
9001 free_chan_list:
9002 	kfree(arg->chan_list);
9003 free_arg:
9004 	kfree(arg);
9005 exit:
9006 	mutex_unlock(&ar->conf_mutex);
9007 	return ret;
9008 }
9009 
9010 static int ath11k_fw_stats_request(struct ath11k *ar,
9011 				   struct stats_request_params *req_param)
9012 {
9013 	struct ath11k_base *ab = ar->ab;
9014 	unsigned long time_left;
9015 	int ret;
9016 
9017 	lockdep_assert_held(&ar->conf_mutex);
9018 
9019 	spin_lock_bh(&ar->data_lock);
9020 	ar->fw_stats_done = false;
9021 	ath11k_fw_stats_pdevs_free(&ar->fw_stats.pdevs);
9022 	spin_unlock_bh(&ar->data_lock);
9023 
9024 	reinit_completion(&ar->fw_stats_complete);
9025 
9026 	ret = ath11k_wmi_send_stats_request_cmd(ar, req_param);
9027 	if (ret) {
9028 		ath11k_warn(ab, "could not request fw stats (%d)\n",
9029 			    ret);
9030 		return ret;
9031 	}
9032 
9033 	time_left = wait_for_completion_timeout(&ar->fw_stats_complete,
9034 						1 * HZ);
9035 
9036 	if (!time_left)
9037 		return -ETIMEDOUT;
9038 
9039 	return 0;
9040 }
9041 
9042 static int ath11k_mac_op_get_txpower(struct ieee80211_hw *hw,
9043 				     struct ieee80211_vif *vif,
9044 				     int *dbm)
9045 {
9046 	struct ath11k *ar = hw->priv;
9047 	struct ath11k_base *ab = ar->ab;
9048 	struct stats_request_params req_param = {0};
9049 	struct ath11k_fw_stats_pdev *pdev;
9050 	int ret;
9051 
9052 	/* Final Tx power is minimum of Target Power, CTL power, Regulatory
9053 	 * Power, PSD EIRP Power. We just know the Regulatory power from the
9054 	 * regulatory rules obtained. FW knows all these power and sets the min
9055 	 * of these. Hence, we request the FW pdev stats in which FW reports
9056 	 * the minimum of all vdev's channel Tx power.
9057 	 */
9058 	mutex_lock(&ar->conf_mutex);
9059 
9060 	if (ar->state != ATH11K_STATE_ON)
9061 		goto err_fallback;
9062 
9063 	/* Firmware doesn't provide Tx power during CAC hence no need to fetch
9064 	 * the stats.
9065 	 */
9066 	if (test_bit(ATH11K_CAC_RUNNING, &ar->dev_flags)) {
9067 		mutex_unlock(&ar->conf_mutex);
9068 		return -EAGAIN;
9069 	}
9070 
9071 	req_param.pdev_id = ar->pdev->pdev_id;
9072 	req_param.stats_id = WMI_REQUEST_PDEV_STAT;
9073 
9074 	ret = ath11k_fw_stats_request(ar, &req_param);
9075 	if (ret) {
9076 		ath11k_warn(ab, "failed to request fw pdev stats: %d\n", ret);
9077 		goto err_fallback;
9078 	}
9079 
9080 	spin_lock_bh(&ar->data_lock);
9081 	pdev = list_first_entry_or_null(&ar->fw_stats.pdevs,
9082 					struct ath11k_fw_stats_pdev, list);
9083 	if (!pdev) {
9084 		spin_unlock_bh(&ar->data_lock);
9085 		goto err_fallback;
9086 	}
9087 
9088 	/* tx power is set as 2 units per dBm in FW. */
9089 	*dbm = pdev->chan_tx_power / 2;
9090 
9091 	spin_unlock_bh(&ar->data_lock);
9092 	mutex_unlock(&ar->conf_mutex);
9093 
9094 	ath11k_dbg(ar->ab, ATH11K_DBG_MAC, "txpower from firmware %d, reported %d dBm\n",
9095 		   pdev->chan_tx_power, *dbm);
9096 	return 0;
9097 
9098 err_fallback:
9099 	mutex_unlock(&ar->conf_mutex);
9100 	/* We didn't get txpower from FW. Hence, relying on vif->bss_conf.txpower */
9101 	*dbm = vif->bss_conf.txpower;
9102 	ath11k_dbg(ar->ab, ATH11K_DBG_MAC, "txpower from firmware NaN, reported %d dBm\n",
9103 		   *dbm);
9104 	return 0;
9105 }
9106 
9107 static const struct ieee80211_ops ath11k_ops = {
9108 	.tx				= ath11k_mac_op_tx,
9109 	.wake_tx_queue			= ieee80211_handle_wake_tx_queue,
9110 	.start                          = ath11k_mac_op_start,
9111 	.stop                           = ath11k_mac_op_stop,
9112 	.reconfig_complete              = ath11k_mac_op_reconfig_complete,
9113 	.add_interface                  = ath11k_mac_op_add_interface,
9114 	.remove_interface		= ath11k_mac_op_remove_interface,
9115 	.update_vif_offload		= ath11k_mac_op_update_vif_offload,
9116 	.config                         = ath11k_mac_op_config,
9117 	.bss_info_changed               = ath11k_mac_op_bss_info_changed,
9118 	.configure_filter		= ath11k_mac_op_configure_filter,
9119 	.hw_scan                        = ath11k_mac_op_hw_scan,
9120 	.cancel_hw_scan                 = ath11k_mac_op_cancel_hw_scan,
9121 	.set_key                        = ath11k_mac_op_set_key,
9122 	.set_rekey_data	                = ath11k_mac_op_set_rekey_data,
9123 	.sta_state                      = ath11k_mac_op_sta_state,
9124 	.sta_set_4addr                  = ath11k_mac_op_sta_set_4addr,
9125 	.sta_set_txpwr			= ath11k_mac_op_sta_set_txpwr,
9126 	.sta_rc_update			= ath11k_mac_op_sta_rc_update,
9127 	.conf_tx                        = ath11k_mac_op_conf_tx,
9128 	.set_antenna			= ath11k_mac_op_set_antenna,
9129 	.get_antenna			= ath11k_mac_op_get_antenna,
9130 	.ampdu_action			= ath11k_mac_op_ampdu_action,
9131 	.add_chanctx			= ath11k_mac_op_add_chanctx,
9132 	.remove_chanctx			= ath11k_mac_op_remove_chanctx,
9133 	.change_chanctx			= ath11k_mac_op_change_chanctx,
9134 	.assign_vif_chanctx		= ath11k_mac_op_assign_vif_chanctx,
9135 	.unassign_vif_chanctx		= ath11k_mac_op_unassign_vif_chanctx,
9136 	.switch_vif_chanctx		= ath11k_mac_op_switch_vif_chanctx,
9137 	.set_rts_threshold		= ath11k_mac_op_set_rts_threshold,
9138 	.set_frag_threshold		= ath11k_mac_op_set_frag_threshold,
9139 	.set_bitrate_mask		= ath11k_mac_op_set_bitrate_mask,
9140 	.get_survey			= ath11k_mac_op_get_survey,
9141 	.flush				= ath11k_mac_op_flush,
9142 	.sta_statistics			= ath11k_mac_op_sta_statistics,
9143 	CFG80211_TESTMODE_CMD(ath11k_tm_cmd)
9144 
9145 #ifdef CONFIG_PM
9146 	.suspend			= ath11k_wow_op_suspend,
9147 	.resume				= ath11k_wow_op_resume,
9148 	.set_wakeup			= ath11k_wow_op_set_wakeup,
9149 #endif
9150 
9151 #ifdef CONFIG_ATH11K_DEBUGFS
9152 	.sta_add_debugfs		= ath11k_debugfs_sta_op_add,
9153 #endif
9154 
9155 #if IS_ENABLED(CONFIG_IPV6)
9156 	.ipv6_addr_change = ath11k_mac_op_ipv6_changed,
9157 #endif
9158 	.get_txpower                    = ath11k_mac_op_get_txpower,
9159 
9160 	.set_sar_specs			= ath11k_mac_op_set_bios_sar_specs,
9161 	.remain_on_channel		= ath11k_mac_op_remain_on_channel,
9162 	.cancel_remain_on_channel	= ath11k_mac_op_cancel_remain_on_channel,
9163 };
9164 
9165 static void ath11k_mac_update_ch_list(struct ath11k *ar,
9166 				      struct ieee80211_supported_band *band,
9167 				      u32 freq_low, u32 freq_high)
9168 {
9169 	int i;
9170 
9171 	if (!(freq_low && freq_high))
9172 		return;
9173 
9174 	for (i = 0; i < band->n_channels; i++) {
9175 		if (band->channels[i].center_freq < freq_low ||
9176 		    band->channels[i].center_freq > freq_high)
9177 			band->channels[i].flags |= IEEE80211_CHAN_DISABLED;
9178 	}
9179 }
9180 
9181 static u32 ath11k_get_phy_id(struct ath11k *ar, u32 band)
9182 {
9183 	struct ath11k_pdev *pdev = ar->pdev;
9184 	struct ath11k_pdev_cap *pdev_cap = &pdev->cap;
9185 
9186 	if (band == WMI_HOST_WLAN_2G_CAP)
9187 		return pdev_cap->band[NL80211_BAND_2GHZ].phy_id;
9188 
9189 	if (band == WMI_HOST_WLAN_5G_CAP)
9190 		return pdev_cap->band[NL80211_BAND_5GHZ].phy_id;
9191 
9192 	ath11k_warn(ar->ab, "unsupported phy cap:%d\n", band);
9193 
9194 	return 0;
9195 }
9196 
9197 static int ath11k_mac_setup_channels_rates(struct ath11k *ar,
9198 					   u32 supported_bands)
9199 {
9200 	struct ieee80211_supported_band *band;
9201 	struct ath11k_hal_reg_capabilities_ext *reg_cap, *temp_reg_cap;
9202 	void *channels;
9203 	u32 phy_id;
9204 
9205 	BUILD_BUG_ON((ARRAY_SIZE(ath11k_2ghz_channels) +
9206 		      ARRAY_SIZE(ath11k_5ghz_channels) +
9207 		      ARRAY_SIZE(ath11k_6ghz_channels)) !=
9208 		     ATH11K_NUM_CHANS);
9209 
9210 	reg_cap = &ar->ab->hal_reg_cap[ar->pdev_idx];
9211 	temp_reg_cap = reg_cap;
9212 
9213 	if (supported_bands & WMI_HOST_WLAN_2G_CAP) {
9214 		channels = kmemdup(ath11k_2ghz_channels,
9215 				   sizeof(ath11k_2ghz_channels),
9216 				   GFP_KERNEL);
9217 		if (!channels)
9218 			return -ENOMEM;
9219 
9220 		band = &ar->mac.sbands[NL80211_BAND_2GHZ];
9221 		band->band = NL80211_BAND_2GHZ;
9222 		band->n_channels = ARRAY_SIZE(ath11k_2ghz_channels);
9223 		band->channels = channels;
9224 		band->n_bitrates = ath11k_g_rates_size;
9225 		band->bitrates = ath11k_g_rates;
9226 		ar->hw->wiphy->bands[NL80211_BAND_2GHZ] = band;
9227 
9228 		if (ar->ab->hw_params.single_pdev_only) {
9229 			phy_id = ath11k_get_phy_id(ar, WMI_HOST_WLAN_2G_CAP);
9230 			temp_reg_cap = &ar->ab->hal_reg_cap[phy_id];
9231 		}
9232 		ath11k_mac_update_ch_list(ar, band,
9233 					  temp_reg_cap->low_2ghz_chan,
9234 					  temp_reg_cap->high_2ghz_chan);
9235 	}
9236 
9237 	if (supported_bands & WMI_HOST_WLAN_5G_CAP) {
9238 		if (reg_cap->high_5ghz_chan >= ATH11K_MIN_6G_FREQ) {
9239 			channels = kmemdup(ath11k_6ghz_channels,
9240 					   sizeof(ath11k_6ghz_channels), GFP_KERNEL);
9241 			if (!channels) {
9242 				kfree(ar->mac.sbands[NL80211_BAND_2GHZ].channels);
9243 				return -ENOMEM;
9244 			}
9245 
9246 			ar->supports_6ghz = true;
9247 			band = &ar->mac.sbands[NL80211_BAND_6GHZ];
9248 			band->band = NL80211_BAND_6GHZ;
9249 			band->n_channels = ARRAY_SIZE(ath11k_6ghz_channels);
9250 			band->channels = channels;
9251 			band->n_bitrates = ath11k_a_rates_size;
9252 			band->bitrates = ath11k_a_rates;
9253 			ar->hw->wiphy->bands[NL80211_BAND_6GHZ] = band;
9254 
9255 			if (ar->ab->hw_params.single_pdev_only) {
9256 				phy_id = ath11k_get_phy_id(ar, WMI_HOST_WLAN_5G_CAP);
9257 				temp_reg_cap = &ar->ab->hal_reg_cap[phy_id];
9258 			}
9259 
9260 			ath11k_mac_update_ch_list(ar, band,
9261 						  temp_reg_cap->low_5ghz_chan,
9262 						  temp_reg_cap->high_5ghz_chan);
9263 		}
9264 
9265 		if (reg_cap->low_5ghz_chan < ATH11K_MIN_6G_FREQ) {
9266 			channels = kmemdup(ath11k_5ghz_channels,
9267 					   sizeof(ath11k_5ghz_channels),
9268 					   GFP_KERNEL);
9269 			if (!channels) {
9270 				kfree(ar->mac.sbands[NL80211_BAND_2GHZ].channels);
9271 				kfree(ar->mac.sbands[NL80211_BAND_6GHZ].channels);
9272 				return -ENOMEM;
9273 			}
9274 
9275 			band = &ar->mac.sbands[NL80211_BAND_5GHZ];
9276 			band->band = NL80211_BAND_5GHZ;
9277 			band->n_channels = ARRAY_SIZE(ath11k_5ghz_channels);
9278 			band->channels = channels;
9279 			band->n_bitrates = ath11k_a_rates_size;
9280 			band->bitrates = ath11k_a_rates;
9281 			ar->hw->wiphy->bands[NL80211_BAND_5GHZ] = band;
9282 
9283 			if (ar->ab->hw_params.single_pdev_only) {
9284 				phy_id = ath11k_get_phy_id(ar, WMI_HOST_WLAN_5G_CAP);
9285 				temp_reg_cap = &ar->ab->hal_reg_cap[phy_id];
9286 			}
9287 
9288 			ath11k_mac_update_ch_list(ar, band,
9289 						  temp_reg_cap->low_5ghz_chan,
9290 						  temp_reg_cap->high_5ghz_chan);
9291 		}
9292 	}
9293 
9294 	return 0;
9295 }
9296 
9297 static int ath11k_mac_setup_iface_combinations(struct ath11k *ar)
9298 {
9299 	struct ath11k_base *ab = ar->ab;
9300 	struct ieee80211_iface_combination *combinations;
9301 	struct ieee80211_iface_limit *limits;
9302 	int n_limits;
9303 
9304 	combinations = kzalloc(sizeof(*combinations), GFP_KERNEL);
9305 	if (!combinations)
9306 		return -ENOMEM;
9307 
9308 	n_limits = 2;
9309 
9310 	limits = kcalloc(n_limits, sizeof(*limits), GFP_KERNEL);
9311 	if (!limits) {
9312 		kfree(combinations);
9313 		return -ENOMEM;
9314 	}
9315 
9316 	limits[0].max = 1;
9317 	limits[0].types |= BIT(NL80211_IFTYPE_STATION);
9318 
9319 	limits[1].max = 16;
9320 	limits[1].types |= BIT(NL80211_IFTYPE_AP);
9321 
9322 	if (IS_ENABLED(CONFIG_MAC80211_MESH) &&
9323 	    ab->hw_params.interface_modes & BIT(NL80211_IFTYPE_MESH_POINT))
9324 		limits[1].types |= BIT(NL80211_IFTYPE_MESH_POINT);
9325 
9326 	combinations[0].limits = limits;
9327 	combinations[0].n_limits = n_limits;
9328 	combinations[0].max_interfaces = 16;
9329 	combinations[0].num_different_channels = 1;
9330 	combinations[0].beacon_int_infra_match = true;
9331 	combinations[0].beacon_int_min_gcd = 100;
9332 	combinations[0].radar_detect_widths = BIT(NL80211_CHAN_WIDTH_20_NOHT) |
9333 						BIT(NL80211_CHAN_WIDTH_20) |
9334 						BIT(NL80211_CHAN_WIDTH_40) |
9335 						BIT(NL80211_CHAN_WIDTH_80) |
9336 						BIT(NL80211_CHAN_WIDTH_80P80) |
9337 						BIT(NL80211_CHAN_WIDTH_160);
9338 
9339 	ar->hw->wiphy->iface_combinations = combinations;
9340 	ar->hw->wiphy->n_iface_combinations = 1;
9341 
9342 	return 0;
9343 }
9344 
9345 static const u8 ath11k_if_types_ext_capa[] = {
9346 	[0] = WLAN_EXT_CAPA1_EXT_CHANNEL_SWITCHING,
9347 	[2] = WLAN_EXT_CAPA3_MULTI_BSSID_SUPPORT,
9348 	[7] = WLAN_EXT_CAPA8_OPMODE_NOTIF,
9349 };
9350 
9351 static const u8 ath11k_if_types_ext_capa_sta[] = {
9352 	[0] = WLAN_EXT_CAPA1_EXT_CHANNEL_SWITCHING,
9353 	[2] = WLAN_EXT_CAPA3_MULTI_BSSID_SUPPORT,
9354 	[7] = WLAN_EXT_CAPA8_OPMODE_NOTIF,
9355 	[9] = WLAN_EXT_CAPA10_TWT_REQUESTER_SUPPORT,
9356 };
9357 
9358 static const u8 ath11k_if_types_ext_capa_ap[] = {
9359 	[0] = WLAN_EXT_CAPA1_EXT_CHANNEL_SWITCHING,
9360 	[2] = WLAN_EXT_CAPA3_MULTI_BSSID_SUPPORT,
9361 	[7] = WLAN_EXT_CAPA8_OPMODE_NOTIF,
9362 	[9] = WLAN_EXT_CAPA10_TWT_RESPONDER_SUPPORT,
9363 	[10] = WLAN_EXT_CAPA11_EMA_SUPPORT,
9364 };
9365 
9366 static const struct wiphy_iftype_ext_capab ath11k_iftypes_ext_capa[] = {
9367 	{
9368 		.extended_capabilities = ath11k_if_types_ext_capa,
9369 		.extended_capabilities_mask = ath11k_if_types_ext_capa,
9370 		.extended_capabilities_len = sizeof(ath11k_if_types_ext_capa),
9371 	}, {
9372 		.iftype = NL80211_IFTYPE_STATION,
9373 		.extended_capabilities = ath11k_if_types_ext_capa_sta,
9374 		.extended_capabilities_mask = ath11k_if_types_ext_capa_sta,
9375 		.extended_capabilities_len =
9376 				sizeof(ath11k_if_types_ext_capa_sta),
9377 	}, {
9378 		.iftype = NL80211_IFTYPE_AP,
9379 		.extended_capabilities = ath11k_if_types_ext_capa_ap,
9380 		.extended_capabilities_mask = ath11k_if_types_ext_capa_ap,
9381 		.extended_capabilities_len =
9382 				sizeof(ath11k_if_types_ext_capa_ap),
9383 	},
9384 };
9385 
9386 static void __ath11k_mac_unregister(struct ath11k *ar)
9387 {
9388 	cancel_work_sync(&ar->regd_update_work);
9389 
9390 	ieee80211_unregister_hw(ar->hw);
9391 
9392 	idr_for_each(&ar->txmgmt_idr, ath11k_mac_tx_mgmt_pending_free, ar);
9393 	idr_destroy(&ar->txmgmt_idr);
9394 
9395 	kfree(ar->mac.sbands[NL80211_BAND_2GHZ].channels);
9396 	kfree(ar->mac.sbands[NL80211_BAND_5GHZ].channels);
9397 	kfree(ar->mac.sbands[NL80211_BAND_6GHZ].channels);
9398 
9399 	kfree(ar->hw->wiphy->iface_combinations[0].limits);
9400 	kfree(ar->hw->wiphy->iface_combinations);
9401 
9402 	SET_IEEE80211_DEV(ar->hw, NULL);
9403 }
9404 
9405 void ath11k_mac_unregister(struct ath11k_base *ab)
9406 {
9407 	struct ath11k *ar;
9408 	struct ath11k_pdev *pdev;
9409 	int i;
9410 
9411 	for (i = 0; i < ab->num_radios; i++) {
9412 		pdev = &ab->pdevs[i];
9413 		ar = pdev->ar;
9414 		if (!ar)
9415 			continue;
9416 
9417 		__ath11k_mac_unregister(ar);
9418 	}
9419 
9420 	ath11k_peer_rhash_tbl_destroy(ab);
9421 }
9422 
9423 static int __ath11k_mac_register(struct ath11k *ar)
9424 {
9425 	struct ath11k_base *ab = ar->ab;
9426 	struct ath11k_pdev_cap *cap = &ar->pdev->cap;
9427 	static const u32 cipher_suites[] = {
9428 		WLAN_CIPHER_SUITE_TKIP,
9429 		WLAN_CIPHER_SUITE_CCMP,
9430 		WLAN_CIPHER_SUITE_AES_CMAC,
9431 		WLAN_CIPHER_SUITE_BIP_CMAC_256,
9432 		WLAN_CIPHER_SUITE_BIP_GMAC_128,
9433 		WLAN_CIPHER_SUITE_BIP_GMAC_256,
9434 		WLAN_CIPHER_SUITE_GCMP,
9435 		WLAN_CIPHER_SUITE_GCMP_256,
9436 		WLAN_CIPHER_SUITE_CCMP_256,
9437 	};
9438 	int ret;
9439 	u32 ht_cap = 0;
9440 
9441 	ath11k_pdev_caps_update(ar);
9442 
9443 	SET_IEEE80211_PERM_ADDR(ar->hw, ar->mac_addr);
9444 
9445 	SET_IEEE80211_DEV(ar->hw, ab->dev);
9446 
9447 	ret = ath11k_mac_setup_channels_rates(ar,
9448 					      cap->supported_bands);
9449 	if (ret)
9450 		goto err;
9451 
9452 	ath11k_mac_setup_ht_vht_cap(ar, cap, &ht_cap);
9453 	ath11k_mac_setup_he_cap(ar, cap);
9454 
9455 	ret = ath11k_mac_setup_iface_combinations(ar);
9456 	if (ret) {
9457 		ath11k_err(ar->ab, "failed to setup interface combinations: %d\n", ret);
9458 		goto err_free_channels;
9459 	}
9460 
9461 	ar->hw->wiphy->available_antennas_rx = cap->rx_chain_mask;
9462 	ar->hw->wiphy->available_antennas_tx = cap->tx_chain_mask;
9463 
9464 	ar->hw->wiphy->interface_modes = ab->hw_params.interface_modes;
9465 
9466 	if (ab->hw_params.single_pdev_only && ar->supports_6ghz)
9467 		ieee80211_hw_set(ar->hw, SINGLE_SCAN_ON_ALL_BANDS);
9468 
9469 	if (ab->hw_params.supports_multi_bssid) {
9470 		ieee80211_hw_set(ar->hw, SUPPORTS_MULTI_BSSID);
9471 		ieee80211_hw_set(ar->hw, SUPPORTS_ONLY_HE_MULTI_BSSID);
9472 	}
9473 
9474 	ieee80211_hw_set(ar->hw, SIGNAL_DBM);
9475 	ieee80211_hw_set(ar->hw, SUPPORTS_PS);
9476 	ieee80211_hw_set(ar->hw, SUPPORTS_DYNAMIC_PS);
9477 	ieee80211_hw_set(ar->hw, MFP_CAPABLE);
9478 	ieee80211_hw_set(ar->hw, REPORTS_TX_ACK_STATUS);
9479 	ieee80211_hw_set(ar->hw, HAS_RATE_CONTROL);
9480 	ieee80211_hw_set(ar->hw, AP_LINK_PS);
9481 	ieee80211_hw_set(ar->hw, SPECTRUM_MGMT);
9482 	ieee80211_hw_set(ar->hw, CONNECTION_MONITOR);
9483 	ieee80211_hw_set(ar->hw, SUPPORTS_PER_STA_GTK);
9484 	ieee80211_hw_set(ar->hw, WANT_MONITOR_VIF);
9485 	ieee80211_hw_set(ar->hw, CHANCTX_STA_CSA);
9486 	ieee80211_hw_set(ar->hw, QUEUE_CONTROL);
9487 	ieee80211_hw_set(ar->hw, SUPPORTS_TX_FRAG);
9488 	ieee80211_hw_set(ar->hw, REPORTS_LOW_ACK);
9489 
9490 	if (ath11k_frame_mode == ATH11K_HW_TXRX_ETHERNET) {
9491 		ieee80211_hw_set(ar->hw, SUPPORTS_TX_ENCAP_OFFLOAD);
9492 		ieee80211_hw_set(ar->hw, SUPPORTS_RX_DECAP_OFFLOAD);
9493 	}
9494 
9495 	if (cap->nss_ratio_enabled)
9496 		ieee80211_hw_set(ar->hw, SUPPORTS_VHT_EXT_NSS_BW);
9497 
9498 	if ((ht_cap & WMI_HT_CAP_ENABLED) || ar->supports_6ghz) {
9499 		ieee80211_hw_set(ar->hw, AMPDU_AGGREGATION);
9500 		ieee80211_hw_set(ar->hw, TX_AMPDU_SETUP_IN_HW);
9501 		ieee80211_hw_set(ar->hw, SUPPORTS_REORDERING_BUFFER);
9502 		ieee80211_hw_set(ar->hw, SUPPORTS_AMSDU_IN_AMPDU);
9503 		ieee80211_hw_set(ar->hw, USES_RSS);
9504 	}
9505 
9506 	ar->hw->wiphy->features |= NL80211_FEATURE_STATIC_SMPS;
9507 	ar->hw->wiphy->flags |= WIPHY_FLAG_IBSS_RSN;
9508 
9509 	/* TODO: Check if HT capability advertised from firmware is different
9510 	 * for each band for a dual band capable radio. It will be tricky to
9511 	 * handle it when the ht capability different for each band.
9512 	 */
9513 	if (ht_cap & WMI_HT_CAP_DYNAMIC_SMPS ||
9514 	    (ar->supports_6ghz && ab->hw_params.supports_dynamic_smps_6ghz))
9515 		ar->hw->wiphy->features |= NL80211_FEATURE_DYNAMIC_SMPS;
9516 
9517 	ar->hw->wiphy->max_scan_ssids = WLAN_SCAN_PARAMS_MAX_SSID;
9518 	ar->hw->wiphy->max_scan_ie_len = WLAN_SCAN_PARAMS_MAX_IE_LEN;
9519 
9520 	ar->hw->max_listen_interval = ATH11K_MAX_HW_LISTEN_INTERVAL;
9521 
9522 	ar->hw->wiphy->flags |= WIPHY_FLAG_HAS_REMAIN_ON_CHANNEL;
9523 	ar->hw->wiphy->flags |= WIPHY_FLAG_HAS_CHANNEL_SWITCH;
9524 	ar->hw->wiphy->max_remain_on_channel_duration = 5000;
9525 
9526 	ar->hw->wiphy->flags |= WIPHY_FLAG_AP_UAPSD;
9527 	ar->hw->wiphy->features |= NL80211_FEATURE_AP_MODE_CHAN_WIDTH_CHANGE |
9528 				   NL80211_FEATURE_AP_SCAN;
9529 
9530 	ar->max_num_stations = TARGET_NUM_STATIONS(ab);
9531 	ar->max_num_peers = TARGET_NUM_PEERS_PDEV(ab);
9532 
9533 	ar->hw->wiphy->max_ap_assoc_sta = ar->max_num_stations;
9534 
9535 	if (test_bit(WMI_TLV_SERVICE_SPOOF_MAC_SUPPORT, ar->wmi->wmi_ab->svc_map)) {
9536 		ar->hw->wiphy->features |=
9537 			NL80211_FEATURE_SCAN_RANDOM_MAC_ADDR;
9538 	}
9539 
9540 	if (test_bit(WMI_TLV_SERVICE_NLO, ar->wmi->wmi_ab->svc_map)) {
9541 		ar->hw->wiphy->max_sched_scan_ssids = WMI_PNO_MAX_SUPP_NETWORKS;
9542 		ar->hw->wiphy->max_match_sets = WMI_PNO_MAX_SUPP_NETWORKS;
9543 		ar->hw->wiphy->max_sched_scan_ie_len = WMI_PNO_MAX_IE_LENGTH;
9544 		ar->hw->wiphy->max_sched_scan_plans = WMI_PNO_MAX_SCHED_SCAN_PLANS;
9545 		ar->hw->wiphy->max_sched_scan_plan_interval =
9546 			WMI_PNO_MAX_SCHED_SCAN_PLAN_INT;
9547 		ar->hw->wiphy->max_sched_scan_plan_iterations =
9548 			WMI_PNO_MAX_SCHED_SCAN_PLAN_ITRNS;
9549 		ar->hw->wiphy->features |= NL80211_FEATURE_ND_RANDOM_MAC_ADDR;
9550 	}
9551 
9552 	ret = ath11k_wow_init(ar);
9553 	if (ret) {
9554 		ath11k_warn(ar->ab, "failed to init wow: %d\n", ret);
9555 		goto err_free_if_combs;
9556 	}
9557 
9558 	if (test_bit(WMI_TLV_SERVICE_TX_DATA_MGMT_ACK_RSSI,
9559 		     ar->ab->wmi_ab.svc_map))
9560 		wiphy_ext_feature_set(ar->hw->wiphy,
9561 				      NL80211_EXT_FEATURE_ACK_SIGNAL_SUPPORT);
9562 
9563 	ar->hw->queues = ATH11K_HW_MAX_QUEUES;
9564 	ar->hw->wiphy->tx_queue_len = ATH11K_QUEUE_LEN;
9565 	ar->hw->offchannel_tx_hw_queue = ATH11K_HW_MAX_QUEUES - 1;
9566 	ar->hw->max_rx_aggregation_subframes = IEEE80211_MAX_AMPDU_BUF_HE;
9567 
9568 	ar->hw->vif_data_size = sizeof(struct ath11k_vif);
9569 	ar->hw->sta_data_size = sizeof(struct ath11k_sta);
9570 
9571 	wiphy_ext_feature_set(ar->hw->wiphy, NL80211_EXT_FEATURE_CQM_RSSI_LIST);
9572 	wiphy_ext_feature_set(ar->hw->wiphy, NL80211_EXT_FEATURE_STA_TX_PWR);
9573 	if (test_bit(WMI_TLV_SERVICE_BSS_COLOR_OFFLOAD,
9574 		     ar->ab->wmi_ab.svc_map)) {
9575 		wiphy_ext_feature_set(ar->hw->wiphy,
9576 				      NL80211_EXT_FEATURE_BSS_COLOR);
9577 		ieee80211_hw_set(ar->hw, DETECTS_COLOR_COLLISION);
9578 	}
9579 
9580 	ar->hw->wiphy->cipher_suites = cipher_suites;
9581 	ar->hw->wiphy->n_cipher_suites = ARRAY_SIZE(cipher_suites);
9582 
9583 	ar->hw->wiphy->iftype_ext_capab = ath11k_iftypes_ext_capa;
9584 	ar->hw->wiphy->num_iftype_ext_capab =
9585 		ARRAY_SIZE(ath11k_iftypes_ext_capa);
9586 
9587 	if (ar->supports_6ghz) {
9588 		wiphy_ext_feature_set(ar->hw->wiphy,
9589 				      NL80211_EXT_FEATURE_FILS_DISCOVERY);
9590 		wiphy_ext_feature_set(ar->hw->wiphy,
9591 				      NL80211_EXT_FEATURE_UNSOL_BCAST_PROBE_RESP);
9592 	}
9593 
9594 	wiphy_ext_feature_set(ar->hw->wiphy,
9595 			      NL80211_EXT_FEATURE_SET_SCAN_DWELL);
9596 
9597 	if (test_bit(WMI_TLV_SERVICE_RTT, ar->ab->wmi_ab.svc_map))
9598 		wiphy_ext_feature_set(ar->hw->wiphy,
9599 				      NL80211_EXT_FEATURE_ENABLE_FTM_RESPONDER);
9600 
9601 	ar->hw->wiphy->mbssid_max_interfaces = TARGET_NUM_VDEVS(ab);
9602 	ar->hw->wiphy->ema_max_profile_periodicity = TARGET_EMA_MAX_PROFILE_PERIOD;
9603 
9604 	ath11k_reg_init(ar);
9605 
9606 	if (!test_bit(ATH11K_FLAG_RAW_MODE, &ab->dev_flags)) {
9607 		ar->hw->netdev_features = NETIF_F_HW_CSUM;
9608 		ieee80211_hw_set(ar->hw, SW_CRYPTO_CONTROL);
9609 		ieee80211_hw_set(ar->hw, SUPPORT_FAST_XMIT);
9610 	}
9611 
9612 	if (test_bit(WMI_TLV_SERVICE_BIOS_SAR_SUPPORT, ar->ab->wmi_ab.svc_map) &&
9613 	    ab->hw_params.bios_sar_capa)
9614 		ar->hw->wiphy->sar_capa = ab->hw_params.bios_sar_capa;
9615 
9616 	ret = ieee80211_register_hw(ar->hw);
9617 	if (ret) {
9618 		ath11k_err(ar->ab, "ieee80211 registration failed: %d\n", ret);
9619 		goto err_free_if_combs;
9620 	}
9621 
9622 	if (!ab->hw_params.supports_monitor)
9623 		/* There's a race between calling ieee80211_register_hw()
9624 		 * and here where the monitor mode is enabled for a little
9625 		 * while. But that time is so short and in practise it make
9626 		 * a difference in real life.
9627 		 */
9628 		ar->hw->wiphy->interface_modes &= ~BIT(NL80211_IFTYPE_MONITOR);
9629 
9630 	/* Apply the regd received during initialization */
9631 	ret = ath11k_regd_update(ar);
9632 	if (ret) {
9633 		ath11k_err(ar->ab, "ath11k regd update failed: %d\n", ret);
9634 		goto err_unregister_hw;
9635 	}
9636 
9637 	if (ab->hw_params.current_cc_support && ab->new_alpha2[0]) {
9638 		struct wmi_set_current_country_params set_current_param = {};
9639 
9640 		memcpy(&set_current_param.alpha2, ab->new_alpha2, 2);
9641 		memcpy(&ar->alpha2, ab->new_alpha2, 2);
9642 		ret = ath11k_wmi_send_set_current_country_cmd(ar, &set_current_param);
9643 		if (ret)
9644 			ath11k_warn(ar->ab,
9645 				    "failed set cc code for mac register: %d\n", ret);
9646 	}
9647 
9648 	ret = ath11k_debugfs_register(ar);
9649 	if (ret) {
9650 		ath11k_err(ar->ab, "debugfs registration failed: %d\n", ret);
9651 		goto err_unregister_hw;
9652 	}
9653 
9654 	return 0;
9655 
9656 err_unregister_hw:
9657 	ieee80211_unregister_hw(ar->hw);
9658 
9659 err_free_if_combs:
9660 	kfree(ar->hw->wiphy->iface_combinations[0].limits);
9661 	kfree(ar->hw->wiphy->iface_combinations);
9662 
9663 err_free_channels:
9664 	kfree(ar->mac.sbands[NL80211_BAND_2GHZ].channels);
9665 	kfree(ar->mac.sbands[NL80211_BAND_5GHZ].channels);
9666 	kfree(ar->mac.sbands[NL80211_BAND_6GHZ].channels);
9667 
9668 err:
9669 	SET_IEEE80211_DEV(ar->hw, NULL);
9670 	return ret;
9671 }
9672 
9673 int ath11k_mac_register(struct ath11k_base *ab)
9674 {
9675 	struct ath11k *ar;
9676 	struct ath11k_pdev *pdev;
9677 	int i;
9678 	int ret;
9679 	u8 mac_addr[ETH_ALEN] = {0};
9680 
9681 	if (test_bit(ATH11K_FLAG_REGISTERED, &ab->dev_flags))
9682 		return 0;
9683 
9684 	/* Initialize channel counters frequency value in hertz */
9685 	ab->cc_freq_hz = IPQ8074_CC_FREQ_HERTZ;
9686 	ab->free_vdev_map = (1LL << (ab->num_radios * TARGET_NUM_VDEVS(ab))) - 1;
9687 
9688 	ret = ath11k_peer_rhash_tbl_init(ab);
9689 	if (ret)
9690 		return ret;
9691 
9692 	device_get_mac_address(ab->dev, mac_addr);
9693 
9694 	for (i = 0; i < ab->num_radios; i++) {
9695 		pdev = &ab->pdevs[i];
9696 		ar = pdev->ar;
9697 		if (ab->pdevs_macaddr_valid) {
9698 			ether_addr_copy(ar->mac_addr, pdev->mac_addr);
9699 		} else {
9700 			if (is_zero_ether_addr(mac_addr))
9701 				ether_addr_copy(ar->mac_addr, ab->mac_addr);
9702 			else
9703 				ether_addr_copy(ar->mac_addr, mac_addr);
9704 			ar->mac_addr[4] += i;
9705 		}
9706 
9707 		idr_init(&ar->txmgmt_idr);
9708 		spin_lock_init(&ar->txmgmt_idr_lock);
9709 
9710 		ret = __ath11k_mac_register(ar);
9711 		if (ret)
9712 			goto err_cleanup;
9713 
9714 		init_waitqueue_head(&ar->txmgmt_empty_waitq);
9715 	}
9716 
9717 	return 0;
9718 
9719 err_cleanup:
9720 	for (i = i - 1; i >= 0; i--) {
9721 		pdev = &ab->pdevs[i];
9722 		ar = pdev->ar;
9723 		__ath11k_mac_unregister(ar);
9724 	}
9725 
9726 	ath11k_peer_rhash_tbl_destroy(ab);
9727 
9728 	return ret;
9729 }
9730 
9731 int ath11k_mac_allocate(struct ath11k_base *ab)
9732 {
9733 	struct ieee80211_hw *hw;
9734 	struct ath11k *ar;
9735 	struct ath11k_pdev *pdev;
9736 	int ret;
9737 	int i;
9738 
9739 	if (test_bit(ATH11K_FLAG_REGISTERED, &ab->dev_flags))
9740 		return 0;
9741 
9742 	for (i = 0; i < ab->num_radios; i++) {
9743 		pdev = &ab->pdevs[i];
9744 		hw = ieee80211_alloc_hw(sizeof(struct ath11k), &ath11k_ops);
9745 		if (!hw) {
9746 			ath11k_warn(ab, "failed to allocate mac80211 hw device\n");
9747 			ret = -ENOMEM;
9748 			goto err_free_mac;
9749 		}
9750 
9751 		ar = hw->priv;
9752 		ar->hw = hw;
9753 		ar->ab = ab;
9754 		ar->pdev = pdev;
9755 		ar->pdev_idx = i;
9756 		ar->lmac_id = ath11k_hw_get_mac_from_pdev_id(&ab->hw_params, i);
9757 
9758 		ar->wmi = &ab->wmi_ab.wmi[i];
9759 		/* FIXME wmi[0] is already initialized during attach,
9760 		 * Should we do this again?
9761 		 */
9762 		ath11k_wmi_pdev_attach(ab, i);
9763 
9764 		ar->cfg_tx_chainmask = pdev->cap.tx_chain_mask;
9765 		ar->cfg_rx_chainmask = pdev->cap.rx_chain_mask;
9766 		ar->num_tx_chains = get_num_chains(pdev->cap.tx_chain_mask);
9767 		ar->num_rx_chains = get_num_chains(pdev->cap.rx_chain_mask);
9768 
9769 		pdev->ar = ar;
9770 		spin_lock_init(&ar->data_lock);
9771 		INIT_LIST_HEAD(&ar->arvifs);
9772 		INIT_LIST_HEAD(&ar->ppdu_stats_info);
9773 		mutex_init(&ar->conf_mutex);
9774 		init_completion(&ar->vdev_setup_done);
9775 		init_completion(&ar->vdev_delete_done);
9776 		init_completion(&ar->peer_assoc_done);
9777 		init_completion(&ar->peer_delete_done);
9778 		init_completion(&ar->install_key_done);
9779 		init_completion(&ar->bss_survey_done);
9780 		init_completion(&ar->scan.started);
9781 		init_completion(&ar->scan.completed);
9782 		init_completion(&ar->scan.on_channel);
9783 		init_completion(&ar->thermal.wmi_sync);
9784 
9785 		INIT_DELAYED_WORK(&ar->scan.timeout, ath11k_scan_timeout_work);
9786 		INIT_WORK(&ar->regd_update_work, ath11k_regd_update_work);
9787 
9788 		INIT_WORK(&ar->wmi_mgmt_tx_work, ath11k_mgmt_over_wmi_tx_work);
9789 		skb_queue_head_init(&ar->wmi_mgmt_tx_queue);
9790 
9791 		clear_bit(ATH11K_FLAG_MONITOR_STARTED, &ar->monitor_flags);
9792 
9793 		ar->monitor_vdev_id = -1;
9794 		clear_bit(ATH11K_FLAG_MONITOR_VDEV_CREATED, &ar->monitor_flags);
9795 		ar->vdev_id_11d_scan = ATH11K_11D_INVALID_VDEV_ID;
9796 		init_completion(&ar->completed_11d_scan);
9797 
9798 		ath11k_fw_stats_init(ar);
9799 	}
9800 
9801 	return 0;
9802 
9803 err_free_mac:
9804 	ath11k_mac_destroy(ab);
9805 
9806 	return ret;
9807 }
9808 
9809 void ath11k_mac_destroy(struct ath11k_base *ab)
9810 {
9811 	struct ath11k *ar;
9812 	struct ath11k_pdev *pdev;
9813 	int i;
9814 
9815 	for (i = 0; i < ab->num_radios; i++) {
9816 		pdev = &ab->pdevs[i];
9817 		ar = pdev->ar;
9818 		if (!ar)
9819 			continue;
9820 
9821 		ath11k_fw_stats_free(&ar->fw_stats);
9822 		ieee80211_free_hw(ar->hw);
9823 		pdev->ar = NULL;
9824 	}
9825 }
9826 
9827 int ath11k_mac_vif_set_keepalive(struct ath11k_vif *arvif,
9828 				 enum wmi_sta_keepalive_method method,
9829 				 u32 interval)
9830 {
9831 	struct ath11k *ar = arvif->ar;
9832 	struct wmi_sta_keepalive_arg arg = {};
9833 	int ret;
9834 
9835 	lockdep_assert_held(&ar->conf_mutex);
9836 
9837 	if (arvif->vdev_type != WMI_VDEV_TYPE_STA)
9838 		return 0;
9839 
9840 	if (!test_bit(WMI_TLV_SERVICE_STA_KEEP_ALIVE, ar->ab->wmi_ab.svc_map))
9841 		return 0;
9842 
9843 	arg.vdev_id = arvif->vdev_id;
9844 	arg.enabled = 1;
9845 	arg.method = method;
9846 	arg.interval = interval;
9847 
9848 	ret = ath11k_wmi_sta_keepalive(ar, &arg);
9849 	if (ret) {
9850 		ath11k_warn(ar->ab, "failed to set keepalive on vdev %i: %d\n",
9851 			    arvif->vdev_id, ret);
9852 		return ret;
9853 	}
9854 
9855 	return 0;
9856 }
9857