xref: /linux/drivers/net/wireless/mediatek/mt76/mt76_connac_mcu.c (revision 2532f41607c4308733239dd43278f8a5540f3ec7)
1 // SPDX-License-Identifier: ISC
2 /* Copyright (C) 2020 MediaTek Inc. */
3 
4 #include <linux/firmware.h>
5 #include "mt76_connac2_mac.h"
6 #include "mt76_connac_mcu.h"
7 
8 int mt76_connac_mcu_start_firmware(struct mt76_dev *dev, u32 addr, u32 option)
9 {
10 	struct {
11 		__le32 option;
12 		__le32 addr;
13 	} req = {
14 		.option = cpu_to_le32(option),
15 		.addr = cpu_to_le32(addr),
16 	};
17 
18 	return mt76_mcu_send_msg(dev, MCU_CMD(FW_START_REQ), &req,
19 				 sizeof(req), true);
20 }
21 EXPORT_SYMBOL_GPL(mt76_connac_mcu_start_firmware);
22 
23 int mt76_connac_mcu_patch_sem_ctrl(struct mt76_dev *dev, bool get)
24 {
25 	u32 op = get ? PATCH_SEM_GET : PATCH_SEM_RELEASE;
26 	struct {
27 		__le32 op;
28 	} req = {
29 		.op = cpu_to_le32(op),
30 	};
31 
32 	return mt76_mcu_send_msg(dev, MCU_CMD(PATCH_SEM_CONTROL),
33 				 &req, sizeof(req), true);
34 }
35 EXPORT_SYMBOL_GPL(mt76_connac_mcu_patch_sem_ctrl);
36 
37 int mt76_connac_mcu_start_patch(struct mt76_dev *dev)
38 {
39 	struct {
40 		u8 check_crc;
41 		u8 reserved[3];
42 	} req = {
43 		.check_crc = 0,
44 	};
45 
46 	return mt76_mcu_send_msg(dev, MCU_CMD(PATCH_FINISH_REQ),
47 				 &req, sizeof(req), true);
48 }
49 EXPORT_SYMBOL_GPL(mt76_connac_mcu_start_patch);
50 
51 #define MCU_PATCH_ADDRESS	0x200000
52 
53 int mt76_connac_mcu_init_download(struct mt76_dev *dev, u32 addr, u32 len,
54 				  u32 mode)
55 {
56 	struct {
57 		__le32 addr;
58 		__le32 len;
59 		__le32 mode;
60 	} req = {
61 		.addr = cpu_to_le32(addr),
62 		.len = cpu_to_le32(len),
63 		.mode = cpu_to_le32(mode),
64 	};
65 	int cmd;
66 
67 	if ((!is_connac_v1(dev) && addr == MCU_PATCH_ADDRESS) ||
68 	    (is_mt7921(dev) && addr == 0x900000) ||
69 	    (is_mt7996(dev) && addr == 0x900000))
70 		cmd = MCU_CMD(PATCH_START_REQ);
71 	else
72 		cmd = MCU_CMD(TARGET_ADDRESS_LEN_REQ);
73 
74 	return mt76_mcu_send_msg(dev, cmd, &req, sizeof(req), true);
75 }
76 EXPORT_SYMBOL_GPL(mt76_connac_mcu_init_download);
77 
78 int mt76_connac_mcu_set_channel_domain(struct mt76_phy *phy)
79 {
80 	int len, i, n_max_channels, n_2ch = 0, n_5ch = 0, n_6ch = 0;
81 	struct mt76_connac_mcu_channel_domain {
82 		u8 alpha2[4]; /* regulatory_request.alpha2 */
83 		u8 bw_2g; /* BW_20_40M		0
84 			   * BW_20M		1
85 			   * BW_20_40_80M	2
86 			   * BW_20_40_80_160M	3
87 			   * BW_20_40_80_8080M	4
88 			   */
89 		u8 bw_5g;
90 		u8 bw_6g;
91 		u8 pad;
92 		u8 n_2ch;
93 		u8 n_5ch;
94 		u8 n_6ch;
95 		u8 pad2;
96 	} __packed hdr = {
97 		.bw_2g = 0,
98 		.bw_5g = 3, /* BW_20_40_80_160M */
99 		.bw_6g = 3,
100 	};
101 	struct mt76_connac_mcu_chan {
102 		__le16 hw_value;
103 		__le16 pad;
104 		__le32 flags;
105 	} __packed channel;
106 	struct mt76_dev *dev = phy->dev;
107 	struct ieee80211_channel *chan;
108 	struct sk_buff *skb;
109 
110 	n_max_channels = phy->sband_2g.sband.n_channels +
111 			 phy->sband_5g.sband.n_channels +
112 			 phy->sband_6g.sband.n_channels;
113 	len = sizeof(hdr) + n_max_channels * sizeof(channel);
114 
115 	skb = mt76_mcu_msg_alloc(dev, NULL, len);
116 	if (!skb)
117 		return -ENOMEM;
118 
119 	skb_reserve(skb, sizeof(hdr));
120 
121 	for (i = 0; i < phy->sband_2g.sband.n_channels; i++) {
122 		chan = &phy->sband_2g.sband.channels[i];
123 		if (chan->flags & IEEE80211_CHAN_DISABLED)
124 			continue;
125 
126 		channel.hw_value = cpu_to_le16(chan->hw_value);
127 		channel.flags = cpu_to_le32(chan->flags);
128 		channel.pad = 0;
129 
130 		skb_put_data(skb, &channel, sizeof(channel));
131 		n_2ch++;
132 	}
133 	for (i = 0; i < phy->sband_5g.sband.n_channels; i++) {
134 		chan = &phy->sband_5g.sband.channels[i];
135 		if (chan->flags & IEEE80211_CHAN_DISABLED)
136 			continue;
137 
138 		channel.hw_value = cpu_to_le16(chan->hw_value);
139 		channel.flags = cpu_to_le32(chan->flags);
140 		channel.pad = 0;
141 
142 		skb_put_data(skb, &channel, sizeof(channel));
143 		n_5ch++;
144 	}
145 	for (i = 0; i < phy->sband_6g.sband.n_channels; i++) {
146 		chan = &phy->sband_6g.sband.channels[i];
147 		if (chan->flags & IEEE80211_CHAN_DISABLED)
148 			continue;
149 
150 		channel.hw_value = cpu_to_le16(chan->hw_value);
151 		channel.flags = cpu_to_le32(chan->flags);
152 		channel.pad = 0;
153 
154 		skb_put_data(skb, &channel, sizeof(channel));
155 		n_6ch++;
156 	}
157 
158 	BUILD_BUG_ON(sizeof(dev->alpha2) > sizeof(hdr.alpha2));
159 	memcpy(hdr.alpha2, dev->alpha2, sizeof(dev->alpha2));
160 	hdr.n_2ch = n_2ch;
161 	hdr.n_5ch = n_5ch;
162 	hdr.n_6ch = n_6ch;
163 
164 	memcpy(__skb_push(skb, sizeof(hdr)), &hdr, sizeof(hdr));
165 
166 	return mt76_mcu_skb_send_msg(dev, skb, MCU_CE_CMD(SET_CHAN_DOMAIN),
167 				     false);
168 }
169 EXPORT_SYMBOL_GPL(mt76_connac_mcu_set_channel_domain);
170 
171 int mt76_connac_mcu_set_mac_enable(struct mt76_dev *dev, int band, bool enable,
172 				   bool hdr_trans)
173 {
174 	struct {
175 		u8 enable;
176 		u8 band;
177 		u8 rsv[2];
178 	} __packed req_mac = {
179 		.enable = enable,
180 		.band = band,
181 	};
182 
183 	return mt76_mcu_send_msg(dev, MCU_EXT_CMD(MAC_INIT_CTRL), &req_mac,
184 				 sizeof(req_mac), true);
185 }
186 EXPORT_SYMBOL_GPL(mt76_connac_mcu_set_mac_enable);
187 
188 int mt76_connac_mcu_set_vif_ps(struct mt76_dev *dev, struct ieee80211_vif *vif)
189 {
190 	struct mt76_vif *mvif = (struct mt76_vif *)vif->drv_priv;
191 	struct {
192 		u8 bss_idx;
193 		u8 ps_state; /* 0: device awake
194 			      * 1: static power save
195 			      * 2: dynamic power saving
196 			      */
197 	} req = {
198 		.bss_idx = mvif->idx,
199 		.ps_state = vif->cfg.ps ? 2 : 0,
200 	};
201 
202 	if (vif->type != NL80211_IFTYPE_STATION)
203 		return -EOPNOTSUPP;
204 
205 	return mt76_mcu_send_msg(dev, MCU_CE_CMD(SET_PS_PROFILE),
206 				 &req, sizeof(req), false);
207 }
208 EXPORT_SYMBOL_GPL(mt76_connac_mcu_set_vif_ps);
209 
210 int mt76_connac_mcu_set_rts_thresh(struct mt76_dev *dev, u32 val, u8 band)
211 {
212 	struct {
213 		u8 prot_idx;
214 		u8 band;
215 		u8 rsv[2];
216 		__le32 len_thresh;
217 		__le32 pkt_thresh;
218 	} __packed req = {
219 		.prot_idx = 1,
220 		.band = band,
221 		.len_thresh = cpu_to_le32(val),
222 		.pkt_thresh = cpu_to_le32(0x2),
223 	};
224 
225 	return mt76_mcu_send_msg(dev, MCU_EXT_CMD(PROTECT_CTRL), &req,
226 				 sizeof(req), true);
227 }
228 EXPORT_SYMBOL_GPL(mt76_connac_mcu_set_rts_thresh);
229 
230 void mt76_connac_mcu_beacon_loss_iter(void *priv, u8 *mac,
231 				      struct ieee80211_vif *vif)
232 {
233 	struct mt76_vif *mvif = (struct mt76_vif *)vif->drv_priv;
234 	struct mt76_connac_beacon_loss_event *event = priv;
235 
236 	if (mvif->idx != event->bss_idx)
237 		return;
238 
239 	if (!(vif->driver_flags & IEEE80211_VIF_BEACON_FILTER))
240 		return;
241 
242 	ieee80211_beacon_loss(vif);
243 }
244 EXPORT_SYMBOL_GPL(mt76_connac_mcu_beacon_loss_iter);
245 
246 struct tlv *
247 mt76_connac_mcu_add_nested_tlv(struct sk_buff *skb, int tag, int len,
248 			       void *sta_ntlv, void *sta_wtbl)
249 {
250 	struct sta_ntlv_hdr *ntlv_hdr = sta_ntlv;
251 	struct tlv *sta_hdr = sta_wtbl;
252 	struct tlv *ptlv, tlv = {
253 		.tag = cpu_to_le16(tag),
254 		.len = cpu_to_le16(len),
255 	};
256 	u16 ntlv;
257 
258 	ptlv = skb_put(skb, len);
259 	memcpy(ptlv, &tlv, sizeof(tlv));
260 
261 	ntlv = le16_to_cpu(ntlv_hdr->tlv_num);
262 	ntlv_hdr->tlv_num = cpu_to_le16(ntlv + 1);
263 
264 	if (sta_hdr) {
265 		len += le16_to_cpu(sta_hdr->len);
266 		sta_hdr->len = cpu_to_le16(len);
267 	}
268 
269 	return ptlv;
270 }
271 EXPORT_SYMBOL_GPL(mt76_connac_mcu_add_nested_tlv);
272 
273 struct sk_buff *
274 __mt76_connac_mcu_alloc_sta_req(struct mt76_dev *dev, struct mt76_vif *mvif,
275 				struct mt76_wcid *wcid, int len)
276 {
277 	struct sta_req_hdr hdr = {
278 		.bss_idx = mvif->idx,
279 		.muar_idx = wcid ? mvif->omac_idx : 0,
280 		.is_tlv_append = 1,
281 	};
282 	struct sk_buff *skb;
283 
284 	mt76_connac_mcu_get_wlan_idx(dev, wcid, &hdr.wlan_idx_lo,
285 				     &hdr.wlan_idx_hi);
286 	skb = mt76_mcu_msg_alloc(dev, NULL, len);
287 	if (!skb)
288 		return ERR_PTR(-ENOMEM);
289 
290 	skb_put_data(skb, &hdr, sizeof(hdr));
291 
292 	return skb;
293 }
294 EXPORT_SYMBOL_GPL(__mt76_connac_mcu_alloc_sta_req);
295 
296 struct wtbl_req_hdr *
297 mt76_connac_mcu_alloc_wtbl_req(struct mt76_dev *dev, struct mt76_wcid *wcid,
298 			       int cmd, void *sta_wtbl, struct sk_buff **skb)
299 {
300 	struct tlv *sta_hdr = sta_wtbl;
301 	struct wtbl_req_hdr hdr = {
302 		.operation = cmd,
303 	};
304 	struct sk_buff *nskb = *skb;
305 
306 	mt76_connac_mcu_get_wlan_idx(dev, wcid, &hdr.wlan_idx_lo,
307 				     &hdr.wlan_idx_hi);
308 	if (!nskb) {
309 		nskb = mt76_mcu_msg_alloc(dev, NULL,
310 					  MT76_CONNAC_WTBL_UPDATE_MAX_SIZE);
311 		if (!nskb)
312 			return ERR_PTR(-ENOMEM);
313 
314 		*skb = nskb;
315 	}
316 
317 	if (sta_hdr)
318 		le16_add_cpu(&sta_hdr->len, sizeof(hdr));
319 
320 	return skb_put_data(nskb, &hdr, sizeof(hdr));
321 }
322 EXPORT_SYMBOL_GPL(mt76_connac_mcu_alloc_wtbl_req);
323 
324 void mt76_connac_mcu_bss_omac_tlv(struct sk_buff *skb,
325 				  struct ieee80211_vif *vif)
326 {
327 	struct mt76_vif *mvif = (struct mt76_vif *)vif->drv_priv;
328 	u8 omac_idx = mvif->omac_idx;
329 	struct bss_info_omac *omac;
330 	struct tlv *tlv;
331 	u32 type = 0;
332 
333 	switch (vif->type) {
334 	case NL80211_IFTYPE_MONITOR:
335 	case NL80211_IFTYPE_MESH_POINT:
336 	case NL80211_IFTYPE_AP:
337 		if (vif->p2p)
338 			type = CONNECTION_P2P_GO;
339 		else
340 			type = CONNECTION_INFRA_AP;
341 		break;
342 	case NL80211_IFTYPE_STATION:
343 		if (vif->p2p)
344 			type = CONNECTION_P2P_GC;
345 		else
346 			type = CONNECTION_INFRA_STA;
347 		break;
348 	case NL80211_IFTYPE_ADHOC:
349 		type = CONNECTION_IBSS_ADHOC;
350 		break;
351 	default:
352 		WARN_ON(1);
353 		break;
354 	}
355 
356 	tlv = mt76_connac_mcu_add_tlv(skb, BSS_INFO_OMAC, sizeof(*omac));
357 
358 	omac = (struct bss_info_omac *)tlv;
359 	omac->conn_type = cpu_to_le32(type);
360 	omac->omac_idx = mvif->omac_idx;
361 	omac->band_idx = mvif->band_idx;
362 	omac->hw_bss_idx = omac_idx > EXT_BSSID_START ? HW_BSSID_0 : omac_idx;
363 }
364 EXPORT_SYMBOL_GPL(mt76_connac_mcu_bss_omac_tlv);
365 
366 void mt76_connac_mcu_sta_basic_tlv(struct mt76_dev *dev, struct sk_buff *skb,
367 				   struct ieee80211_vif *vif,
368 				   struct ieee80211_sta *sta,
369 				   bool enable, bool newly)
370 {
371 	struct sta_rec_basic *basic;
372 	struct tlv *tlv;
373 	int conn_type;
374 
375 	tlv = mt76_connac_mcu_add_tlv(skb, STA_REC_BASIC, sizeof(*basic));
376 
377 	basic = (struct sta_rec_basic *)tlv;
378 	basic->extra_info = cpu_to_le16(EXTRA_INFO_VER);
379 
380 	if (enable) {
381 		if (newly)
382 			basic->extra_info |= cpu_to_le16(EXTRA_INFO_NEW);
383 		basic->conn_state = CONN_STATE_PORT_SECURE;
384 	} else {
385 		basic->conn_state = CONN_STATE_DISCONNECT;
386 	}
387 
388 	if (!sta) {
389 		basic->conn_type = cpu_to_le32(CONNECTION_INFRA_BC);
390 		eth_broadcast_addr(basic->peer_addr);
391 		return;
392 	}
393 
394 	switch (vif->type) {
395 	case NL80211_IFTYPE_MESH_POINT:
396 	case NL80211_IFTYPE_AP:
397 		if (vif->p2p && !is_mt7921(dev))
398 			conn_type = CONNECTION_P2P_GC;
399 		else
400 			conn_type = CONNECTION_INFRA_STA;
401 		basic->conn_type = cpu_to_le32(conn_type);
402 		basic->aid = cpu_to_le16(sta->aid);
403 		break;
404 	case NL80211_IFTYPE_STATION:
405 		if (vif->p2p && !is_mt7921(dev))
406 			conn_type = CONNECTION_P2P_GO;
407 		else
408 			conn_type = CONNECTION_INFRA_AP;
409 		basic->conn_type = cpu_to_le32(conn_type);
410 		basic->aid = cpu_to_le16(vif->cfg.aid);
411 		break;
412 	case NL80211_IFTYPE_ADHOC:
413 		basic->conn_type = cpu_to_le32(CONNECTION_IBSS_ADHOC);
414 		basic->aid = cpu_to_le16(sta->aid);
415 		break;
416 	default:
417 		WARN_ON(1);
418 		break;
419 	}
420 
421 	memcpy(basic->peer_addr, sta->addr, ETH_ALEN);
422 	basic->qos = sta->wme;
423 }
424 EXPORT_SYMBOL_GPL(mt76_connac_mcu_sta_basic_tlv);
425 
426 void mt76_connac_mcu_sta_uapsd(struct sk_buff *skb, struct ieee80211_vif *vif,
427 			       struct ieee80211_sta *sta)
428 {
429 	struct sta_rec_uapsd *uapsd;
430 	struct tlv *tlv;
431 
432 	if (vif->type != NL80211_IFTYPE_AP || !sta->wme)
433 		return;
434 
435 	tlv = mt76_connac_mcu_add_tlv(skb, STA_REC_APPS, sizeof(*uapsd));
436 	uapsd = (struct sta_rec_uapsd *)tlv;
437 
438 	if (sta->uapsd_queues & IEEE80211_WMM_IE_STA_QOSINFO_AC_VO) {
439 		uapsd->dac_map |= BIT(3);
440 		uapsd->tac_map |= BIT(3);
441 	}
442 	if (sta->uapsd_queues & IEEE80211_WMM_IE_STA_QOSINFO_AC_VI) {
443 		uapsd->dac_map |= BIT(2);
444 		uapsd->tac_map |= BIT(2);
445 	}
446 	if (sta->uapsd_queues & IEEE80211_WMM_IE_STA_QOSINFO_AC_BE) {
447 		uapsd->dac_map |= BIT(1);
448 		uapsd->tac_map |= BIT(1);
449 	}
450 	if (sta->uapsd_queues & IEEE80211_WMM_IE_STA_QOSINFO_AC_BK) {
451 		uapsd->dac_map |= BIT(0);
452 		uapsd->tac_map |= BIT(0);
453 	}
454 	uapsd->max_sp = sta->max_sp;
455 }
456 EXPORT_SYMBOL_GPL(mt76_connac_mcu_sta_uapsd);
457 
458 void mt76_connac_mcu_wtbl_hdr_trans_tlv(struct sk_buff *skb,
459 					struct ieee80211_vif *vif,
460 					struct mt76_wcid *wcid,
461 					void *sta_wtbl, void *wtbl_tlv)
462 {
463 	struct wtbl_hdr_trans *htr;
464 	struct tlv *tlv;
465 
466 	tlv = mt76_connac_mcu_add_nested_tlv(skb, WTBL_HDR_TRANS,
467 					     sizeof(*htr),
468 					     wtbl_tlv, sta_wtbl);
469 	htr = (struct wtbl_hdr_trans *)tlv;
470 	htr->no_rx_trans = true;
471 
472 	if (vif->type == NL80211_IFTYPE_STATION)
473 		htr->to_ds = true;
474 	else
475 		htr->from_ds = true;
476 
477 	if (!wcid)
478 		return;
479 
480 	htr->no_rx_trans = !test_bit(MT_WCID_FLAG_HDR_TRANS, &wcid->flags);
481 	if (test_bit(MT_WCID_FLAG_4ADDR, &wcid->flags)) {
482 		htr->to_ds = true;
483 		htr->from_ds = true;
484 	}
485 }
486 EXPORT_SYMBOL_GPL(mt76_connac_mcu_wtbl_hdr_trans_tlv);
487 
488 int mt76_connac_mcu_sta_update_hdr_trans(struct mt76_dev *dev,
489 					 struct ieee80211_vif *vif,
490 					 struct mt76_wcid *wcid, int cmd)
491 {
492 	struct mt76_vif *mvif = (struct mt76_vif *)vif->drv_priv;
493 	struct wtbl_req_hdr *wtbl_hdr;
494 	struct tlv *sta_wtbl;
495 	struct sk_buff *skb;
496 
497 	skb = mt76_connac_mcu_alloc_sta_req(dev, mvif, wcid);
498 	if (IS_ERR(skb))
499 		return PTR_ERR(skb);
500 
501 	sta_wtbl = mt76_connac_mcu_add_tlv(skb, STA_REC_WTBL,
502 					   sizeof(struct tlv));
503 
504 	wtbl_hdr = mt76_connac_mcu_alloc_wtbl_req(dev, wcid, WTBL_SET,
505 						  sta_wtbl, &skb);
506 	if (IS_ERR(wtbl_hdr))
507 		return PTR_ERR(wtbl_hdr);
508 
509 	mt76_connac_mcu_wtbl_hdr_trans_tlv(skb, vif, wcid, sta_wtbl, wtbl_hdr);
510 
511 	return mt76_mcu_skb_send_msg(dev, skb, cmd, true);
512 }
513 EXPORT_SYMBOL_GPL(mt76_connac_mcu_sta_update_hdr_trans);
514 
515 int mt76_connac_mcu_wtbl_update_hdr_trans(struct mt76_dev *dev,
516 					  struct ieee80211_vif *vif,
517 					  struct ieee80211_sta *sta)
518 {
519 	struct mt76_wcid *wcid = (struct mt76_wcid *)sta->drv_priv;
520 	struct wtbl_req_hdr *wtbl_hdr;
521 	struct sk_buff *skb = NULL;
522 
523 	wtbl_hdr = mt76_connac_mcu_alloc_wtbl_req(dev, wcid, WTBL_SET, NULL,
524 						  &skb);
525 	if (IS_ERR(wtbl_hdr))
526 		return PTR_ERR(wtbl_hdr);
527 
528 	mt76_connac_mcu_wtbl_hdr_trans_tlv(skb, vif, wcid, NULL, wtbl_hdr);
529 
530 	return mt76_mcu_skb_send_msg(dev, skb, MCU_EXT_CMD(WTBL_UPDATE), true);
531 }
532 EXPORT_SYMBOL_GPL(mt76_connac_mcu_wtbl_update_hdr_trans);
533 
534 void mt76_connac_mcu_wtbl_generic_tlv(struct mt76_dev *dev,
535 				      struct sk_buff *skb,
536 				      struct ieee80211_vif *vif,
537 				      struct ieee80211_sta *sta,
538 				      void *sta_wtbl, void *wtbl_tlv)
539 {
540 	struct mt76_vif *mvif = (struct mt76_vif *)vif->drv_priv;
541 	struct wtbl_generic *generic;
542 	struct wtbl_rx *rx;
543 	struct wtbl_spe *spe;
544 	struct tlv *tlv;
545 
546 	tlv = mt76_connac_mcu_add_nested_tlv(skb, WTBL_GENERIC,
547 					     sizeof(*generic),
548 					     wtbl_tlv, sta_wtbl);
549 
550 	generic = (struct wtbl_generic *)tlv;
551 
552 	if (sta) {
553 		if (vif->type == NL80211_IFTYPE_STATION)
554 			generic->partial_aid = cpu_to_le16(vif->cfg.aid);
555 		else
556 			generic->partial_aid = cpu_to_le16(sta->aid);
557 		memcpy(generic->peer_addr, sta->addr, ETH_ALEN);
558 		generic->muar_idx = mvif->omac_idx;
559 		generic->qos = sta->wme;
560 	} else {
561 		if (!is_connac_v1(dev) && vif->type == NL80211_IFTYPE_STATION)
562 			memcpy(generic->peer_addr, vif->bss_conf.bssid,
563 			       ETH_ALEN);
564 		else
565 			eth_broadcast_addr(generic->peer_addr);
566 
567 		generic->muar_idx = 0xe;
568 	}
569 
570 	tlv = mt76_connac_mcu_add_nested_tlv(skb, WTBL_RX, sizeof(*rx),
571 					     wtbl_tlv, sta_wtbl);
572 
573 	rx = (struct wtbl_rx *)tlv;
574 	rx->rca1 = sta ? vif->type != NL80211_IFTYPE_AP : 1;
575 	rx->rca2 = 1;
576 	rx->rv = 1;
577 
578 	if (!is_connac_v1(dev))
579 		return;
580 
581 	tlv = mt76_connac_mcu_add_nested_tlv(skb, WTBL_SPE, sizeof(*spe),
582 					     wtbl_tlv, sta_wtbl);
583 	spe = (struct wtbl_spe *)tlv;
584 	spe->spe_idx = 24;
585 }
586 EXPORT_SYMBOL_GPL(mt76_connac_mcu_wtbl_generic_tlv);
587 
588 static void
589 mt76_connac_mcu_sta_amsdu_tlv(struct sk_buff *skb, struct ieee80211_sta *sta,
590 			      struct ieee80211_vif *vif)
591 {
592 	struct mt76_wcid *wcid = (struct mt76_wcid *)sta->drv_priv;
593 	struct sta_rec_amsdu *amsdu;
594 	struct tlv *tlv;
595 
596 	if (vif->type != NL80211_IFTYPE_AP &&
597 	    vif->type != NL80211_IFTYPE_STATION)
598 		return;
599 
600 	if (!sta->deflink.agg.max_amsdu_len)
601 		return;
602 
603 	tlv = mt76_connac_mcu_add_tlv(skb, STA_REC_HW_AMSDU, sizeof(*amsdu));
604 	amsdu = (struct sta_rec_amsdu *)tlv;
605 	amsdu->max_amsdu_num = 8;
606 	amsdu->amsdu_en = true;
607 	amsdu->max_mpdu_size = sta->deflink.agg.max_amsdu_len >=
608 			       IEEE80211_MAX_MPDU_LEN_VHT_7991;
609 
610 	wcid->amsdu = true;
611 }
612 
613 #define HE_PHY(p, c)	u8_get_bits(c, IEEE80211_HE_PHY_##p)
614 #define HE_MAC(m, c)	u8_get_bits(c, IEEE80211_HE_MAC_##m)
615 static void
616 mt76_connac_mcu_sta_he_tlv(struct sk_buff *skb, struct ieee80211_sta *sta)
617 {
618 	struct ieee80211_sta_he_cap *he_cap = &sta->deflink.he_cap;
619 	struct ieee80211_he_cap_elem *elem = &he_cap->he_cap_elem;
620 	struct sta_rec_he *he;
621 	struct tlv *tlv;
622 	u32 cap = 0;
623 
624 	tlv = mt76_connac_mcu_add_tlv(skb, STA_REC_HE, sizeof(*he));
625 
626 	he = (struct sta_rec_he *)tlv;
627 
628 	if (elem->mac_cap_info[0] & IEEE80211_HE_MAC_CAP0_HTC_HE)
629 		cap |= STA_REC_HE_CAP_HTC;
630 
631 	if (elem->mac_cap_info[2] & IEEE80211_HE_MAC_CAP2_BSR)
632 		cap |= STA_REC_HE_CAP_BSR;
633 
634 	if (elem->mac_cap_info[3] & IEEE80211_HE_MAC_CAP3_OMI_CONTROL)
635 		cap |= STA_REC_HE_CAP_OM;
636 
637 	if (elem->mac_cap_info[4] & IEEE80211_HE_MAC_CAP4_AMSDU_IN_AMPDU)
638 		cap |= STA_REC_HE_CAP_AMSDU_IN_AMPDU;
639 
640 	if (elem->mac_cap_info[4] & IEEE80211_HE_MAC_CAP4_BQR)
641 		cap |= STA_REC_HE_CAP_BQR;
642 
643 	if (elem->phy_cap_info[0] &
644 	    (IEEE80211_HE_PHY_CAP0_CHANNEL_WIDTH_SET_RU_MAPPING_IN_2G |
645 	     IEEE80211_HE_PHY_CAP0_CHANNEL_WIDTH_SET_RU_MAPPING_IN_5G))
646 		cap |= STA_REC_HE_CAP_BW20_RU242_SUPPORT;
647 
648 	if (elem->phy_cap_info[1] &
649 	    IEEE80211_HE_PHY_CAP1_LDPC_CODING_IN_PAYLOAD)
650 		cap |= STA_REC_HE_CAP_LDPC;
651 
652 	if (elem->phy_cap_info[1] &
653 	    IEEE80211_HE_PHY_CAP1_HE_LTF_AND_GI_FOR_HE_PPDUS_0_8US)
654 		cap |= STA_REC_HE_CAP_SU_PPDU_1LTF_8US_GI;
655 
656 	if (elem->phy_cap_info[2] &
657 	    IEEE80211_HE_PHY_CAP2_NDP_4x_LTF_AND_3_2US)
658 		cap |= STA_REC_HE_CAP_NDP_4LTF_3DOT2MS_GI;
659 
660 	if (elem->phy_cap_info[2] &
661 	    IEEE80211_HE_PHY_CAP2_STBC_TX_UNDER_80MHZ)
662 		cap |= STA_REC_HE_CAP_LE_EQ_80M_TX_STBC;
663 
664 	if (elem->phy_cap_info[2] &
665 	    IEEE80211_HE_PHY_CAP2_STBC_RX_UNDER_80MHZ)
666 		cap |= STA_REC_HE_CAP_LE_EQ_80M_RX_STBC;
667 
668 	if (elem->phy_cap_info[6] &
669 	    IEEE80211_HE_PHY_CAP6_PARTIAL_BW_EXT_RANGE)
670 		cap |= STA_REC_HE_CAP_PARTIAL_BW_EXT_RANGE;
671 
672 	if (elem->phy_cap_info[7] &
673 	    IEEE80211_HE_PHY_CAP7_HE_SU_MU_PPDU_4XLTF_AND_08_US_GI)
674 		cap |= STA_REC_HE_CAP_SU_MU_PPDU_4LTF_8US_GI;
675 
676 	if (elem->phy_cap_info[7] &
677 	    IEEE80211_HE_PHY_CAP7_STBC_TX_ABOVE_80MHZ)
678 		cap |= STA_REC_HE_CAP_GT_80M_TX_STBC;
679 
680 	if (elem->phy_cap_info[7] &
681 	    IEEE80211_HE_PHY_CAP7_STBC_RX_ABOVE_80MHZ)
682 		cap |= STA_REC_HE_CAP_GT_80M_RX_STBC;
683 
684 	if (elem->phy_cap_info[8] &
685 	    IEEE80211_HE_PHY_CAP8_HE_ER_SU_PPDU_4XLTF_AND_08_US_GI)
686 		cap |= STA_REC_HE_CAP_ER_SU_PPDU_4LTF_8US_GI;
687 
688 	if (elem->phy_cap_info[8] &
689 	    IEEE80211_HE_PHY_CAP8_HE_ER_SU_1XLTF_AND_08_US_GI)
690 		cap |= STA_REC_HE_CAP_ER_SU_PPDU_1LTF_8US_GI;
691 
692 	if (elem->phy_cap_info[9] &
693 	    IEEE80211_HE_PHY_CAP9_NON_TRIGGERED_CQI_FEEDBACK)
694 		cap |= STA_REC_HE_CAP_TRIG_CQI_FK;
695 
696 	if (elem->phy_cap_info[9] &
697 	    IEEE80211_HE_PHY_CAP9_TX_1024_QAM_LESS_THAN_242_TONE_RU)
698 		cap |= STA_REC_HE_CAP_TX_1024QAM_UNDER_RU242;
699 
700 	if (elem->phy_cap_info[9] &
701 	    IEEE80211_HE_PHY_CAP9_RX_1024_QAM_LESS_THAN_242_TONE_RU)
702 		cap |= STA_REC_HE_CAP_RX_1024QAM_UNDER_RU242;
703 
704 	he->he_cap = cpu_to_le32(cap);
705 
706 	switch (sta->deflink.bandwidth) {
707 	case IEEE80211_STA_RX_BW_160:
708 		if (elem->phy_cap_info[0] &
709 		    IEEE80211_HE_PHY_CAP0_CHANNEL_WIDTH_SET_80PLUS80_MHZ_IN_5G)
710 			he->max_nss_mcs[CMD_HE_MCS_BW8080] =
711 				he_cap->he_mcs_nss_supp.rx_mcs_80p80;
712 
713 		he->max_nss_mcs[CMD_HE_MCS_BW160] =
714 				he_cap->he_mcs_nss_supp.rx_mcs_160;
715 		fallthrough;
716 	default:
717 		he->max_nss_mcs[CMD_HE_MCS_BW80] =
718 				he_cap->he_mcs_nss_supp.rx_mcs_80;
719 		break;
720 	}
721 
722 	he->t_frame_dur =
723 		HE_MAC(CAP1_TF_MAC_PAD_DUR_MASK, elem->mac_cap_info[1]);
724 	he->max_ampdu_exp =
725 		HE_MAC(CAP3_MAX_AMPDU_LEN_EXP_MASK, elem->mac_cap_info[3]);
726 
727 	he->bw_set =
728 		HE_PHY(CAP0_CHANNEL_WIDTH_SET_MASK, elem->phy_cap_info[0]);
729 	he->device_class =
730 		HE_PHY(CAP1_DEVICE_CLASS_A, elem->phy_cap_info[1]);
731 	he->punc_pream_rx =
732 		HE_PHY(CAP1_PREAMBLE_PUNC_RX_MASK, elem->phy_cap_info[1]);
733 
734 	he->dcm_tx_mode =
735 		HE_PHY(CAP3_DCM_MAX_CONST_TX_MASK, elem->phy_cap_info[3]);
736 	he->dcm_tx_max_nss =
737 		HE_PHY(CAP3_DCM_MAX_TX_NSS_2, elem->phy_cap_info[3]);
738 	he->dcm_rx_mode =
739 		HE_PHY(CAP3_DCM_MAX_CONST_RX_MASK, elem->phy_cap_info[3]);
740 	he->dcm_rx_max_nss =
741 		HE_PHY(CAP3_DCM_MAX_RX_NSS_2, elem->phy_cap_info[3]);
742 	he->dcm_rx_max_nss =
743 		HE_PHY(CAP8_DCM_MAX_RU_MASK, elem->phy_cap_info[8]);
744 
745 	he->pkt_ext = 2;
746 }
747 
748 static void
749 mt76_connac_mcu_sta_he_tlv_v2(struct sk_buff *skb, struct ieee80211_sta *sta)
750 {
751 	struct ieee80211_sta_he_cap *he_cap = &sta->deflink.he_cap;
752 	struct ieee80211_he_cap_elem *elem = &he_cap->he_cap_elem;
753 	struct sta_rec_he_v2 *he;
754 	struct tlv *tlv;
755 
756 	tlv = mt76_connac_mcu_add_tlv(skb, STA_REC_HE_V2, sizeof(*he));
757 
758 	he = (struct sta_rec_he_v2 *)tlv;
759 	memcpy(he->he_phy_cap, elem->phy_cap_info, sizeof(he->he_phy_cap));
760 	memcpy(he->he_mac_cap, elem->mac_cap_info, sizeof(he->he_mac_cap));
761 
762 	switch (sta->deflink.bandwidth) {
763 	case IEEE80211_STA_RX_BW_160:
764 		if (elem->phy_cap_info[0] &
765 		    IEEE80211_HE_PHY_CAP0_CHANNEL_WIDTH_SET_80PLUS80_MHZ_IN_5G)
766 			he->max_nss_mcs[CMD_HE_MCS_BW8080] =
767 				he_cap->he_mcs_nss_supp.rx_mcs_80p80;
768 
769 		he->max_nss_mcs[CMD_HE_MCS_BW160] =
770 				he_cap->he_mcs_nss_supp.rx_mcs_160;
771 		fallthrough;
772 	default:
773 		he->max_nss_mcs[CMD_HE_MCS_BW80] =
774 				he_cap->he_mcs_nss_supp.rx_mcs_80;
775 		break;
776 	}
777 
778 	he->pkt_ext = IEEE80211_HE_PHY_CAP9_NOMINAL_PKT_PADDING_16US;
779 }
780 
781 static u8
782 mt76_connac_get_phy_mode_v2(struct mt76_phy *mphy, struct ieee80211_vif *vif,
783 			    enum nl80211_band band, struct ieee80211_sta *sta)
784 {
785 	struct ieee80211_sta_ht_cap *ht_cap;
786 	struct ieee80211_sta_vht_cap *vht_cap;
787 	const struct ieee80211_sta_he_cap *he_cap;
788 	u8 mode = 0;
789 
790 	if (sta) {
791 		ht_cap = &sta->deflink.ht_cap;
792 		vht_cap = &sta->deflink.vht_cap;
793 		he_cap = &sta->deflink.he_cap;
794 	} else {
795 		struct ieee80211_supported_band *sband;
796 
797 		sband = mphy->hw->wiphy->bands[band];
798 		ht_cap = &sband->ht_cap;
799 		vht_cap = &sband->vht_cap;
800 		he_cap = ieee80211_get_he_iftype_cap(sband, vif->type);
801 	}
802 
803 	if (band == NL80211_BAND_2GHZ) {
804 		mode |= PHY_TYPE_BIT_HR_DSSS | PHY_TYPE_BIT_ERP;
805 
806 		if (ht_cap->ht_supported)
807 			mode |= PHY_TYPE_BIT_HT;
808 
809 		if (he_cap && he_cap->has_he)
810 			mode |= PHY_TYPE_BIT_HE;
811 	} else if (band == NL80211_BAND_5GHZ || band == NL80211_BAND_6GHZ) {
812 		mode |= PHY_TYPE_BIT_OFDM;
813 
814 		if (ht_cap->ht_supported)
815 			mode |= PHY_TYPE_BIT_HT;
816 
817 		if (vht_cap->vht_supported)
818 			mode |= PHY_TYPE_BIT_VHT;
819 
820 		if (he_cap && he_cap->has_he)
821 			mode |= PHY_TYPE_BIT_HE;
822 	}
823 
824 	return mode;
825 }
826 
827 void mt76_connac_mcu_sta_tlv(struct mt76_phy *mphy, struct sk_buff *skb,
828 			     struct ieee80211_sta *sta,
829 			     struct ieee80211_vif *vif,
830 			     u8 rcpi, u8 sta_state)
831 {
832 	struct cfg80211_chan_def *chandef = &mphy->chandef;
833 	enum nl80211_band band = chandef->chan->band;
834 	struct mt76_dev *dev = mphy->dev;
835 	struct sta_rec_ra_info *ra_info;
836 	struct sta_rec_state *state;
837 	struct sta_rec_phy *phy;
838 	struct tlv *tlv;
839 	u16 supp_rates;
840 
841 	/* starec ht */
842 	if (sta->deflink.ht_cap.ht_supported) {
843 		struct sta_rec_ht *ht;
844 
845 		tlv = mt76_connac_mcu_add_tlv(skb, STA_REC_HT, sizeof(*ht));
846 		ht = (struct sta_rec_ht *)tlv;
847 		ht->ht_cap = cpu_to_le16(sta->deflink.ht_cap.cap);
848 	}
849 
850 	/* starec vht */
851 	if (sta->deflink.vht_cap.vht_supported) {
852 		struct sta_rec_vht *vht;
853 		int len;
854 
855 		len = is_mt7921(dev) ? sizeof(*vht) : sizeof(*vht) - 4;
856 		tlv = mt76_connac_mcu_add_tlv(skb, STA_REC_VHT, len);
857 		vht = (struct sta_rec_vht *)tlv;
858 		vht->vht_cap = cpu_to_le32(sta->deflink.vht_cap.cap);
859 		vht->vht_rx_mcs_map = sta->deflink.vht_cap.vht_mcs.rx_mcs_map;
860 		vht->vht_tx_mcs_map = sta->deflink.vht_cap.vht_mcs.tx_mcs_map;
861 	}
862 
863 	/* starec uapsd */
864 	mt76_connac_mcu_sta_uapsd(skb, vif, sta);
865 
866 	if (!is_mt7921(dev))
867 		return;
868 
869 	if (sta->deflink.ht_cap.ht_supported || sta->deflink.he_cap.has_he)
870 		mt76_connac_mcu_sta_amsdu_tlv(skb, sta, vif);
871 
872 	/* starec he */
873 	if (sta->deflink.he_cap.has_he) {
874 		mt76_connac_mcu_sta_he_tlv(skb, sta);
875 		mt76_connac_mcu_sta_he_tlv_v2(skb, sta);
876 		if (band == NL80211_BAND_6GHZ &&
877 		    sta_state == MT76_STA_INFO_STATE_ASSOC) {
878 			struct sta_rec_he_6g_capa *he_6g_capa;
879 
880 			tlv = mt76_connac_mcu_add_tlv(skb, STA_REC_HE_6G,
881 						      sizeof(*he_6g_capa));
882 			he_6g_capa = (struct sta_rec_he_6g_capa *)tlv;
883 			he_6g_capa->capa = sta->deflink.he_6ghz_capa.capa;
884 		}
885 	}
886 
887 	tlv = mt76_connac_mcu_add_tlv(skb, STA_REC_PHY, sizeof(*phy));
888 	phy = (struct sta_rec_phy *)tlv;
889 	phy->phy_type = mt76_connac_get_phy_mode_v2(mphy, vif, band, sta);
890 	phy->basic_rate = cpu_to_le16((u16)vif->bss_conf.basic_rates);
891 	phy->rcpi = rcpi;
892 	phy->ampdu = FIELD_PREP(IEEE80211_HT_AMPDU_PARM_FACTOR,
893 				sta->deflink.ht_cap.ampdu_factor) |
894 		     FIELD_PREP(IEEE80211_HT_AMPDU_PARM_DENSITY,
895 				sta->deflink.ht_cap.ampdu_density);
896 
897 	tlv = mt76_connac_mcu_add_tlv(skb, STA_REC_RA, sizeof(*ra_info));
898 	ra_info = (struct sta_rec_ra_info *)tlv;
899 
900 	supp_rates = sta->deflink.supp_rates[band];
901 	if (band == NL80211_BAND_2GHZ)
902 		supp_rates = FIELD_PREP(RA_LEGACY_OFDM, supp_rates >> 4) |
903 			     FIELD_PREP(RA_LEGACY_CCK, supp_rates & 0xf);
904 	else
905 		supp_rates = FIELD_PREP(RA_LEGACY_OFDM, supp_rates);
906 
907 	ra_info->legacy = cpu_to_le16(supp_rates);
908 
909 	if (sta->deflink.ht_cap.ht_supported)
910 		memcpy(ra_info->rx_mcs_bitmask,
911 		       sta->deflink.ht_cap.mcs.rx_mask,
912 		       HT_MCS_MASK_NUM);
913 
914 	tlv = mt76_connac_mcu_add_tlv(skb, STA_REC_STATE, sizeof(*state));
915 	state = (struct sta_rec_state *)tlv;
916 	state->state = sta_state;
917 
918 	if (sta->deflink.vht_cap.vht_supported) {
919 		state->vht_opmode = sta->deflink.bandwidth;
920 		state->vht_opmode |= (sta->deflink.rx_nss - 1) <<
921 			IEEE80211_OPMODE_NOTIF_RX_NSS_SHIFT;
922 	}
923 }
924 EXPORT_SYMBOL_GPL(mt76_connac_mcu_sta_tlv);
925 
926 void mt76_connac_mcu_wtbl_smps_tlv(struct sk_buff *skb,
927 				   struct ieee80211_sta *sta,
928 				   void *sta_wtbl, void *wtbl_tlv)
929 {
930 	struct wtbl_smps *smps;
931 	struct tlv *tlv;
932 
933 	tlv = mt76_connac_mcu_add_nested_tlv(skb, WTBL_SMPS, sizeof(*smps),
934 					     wtbl_tlv, sta_wtbl);
935 	smps = (struct wtbl_smps *)tlv;
936 	smps->smps = (sta->deflink.smps_mode == IEEE80211_SMPS_DYNAMIC);
937 }
938 EXPORT_SYMBOL_GPL(mt76_connac_mcu_wtbl_smps_tlv);
939 
940 void mt76_connac_mcu_wtbl_ht_tlv(struct mt76_dev *dev, struct sk_buff *skb,
941 				 struct ieee80211_sta *sta, void *sta_wtbl,
942 				 void *wtbl_tlv, bool ht_ldpc, bool vht_ldpc)
943 {
944 	struct wtbl_ht *ht = NULL;
945 	struct tlv *tlv;
946 	u32 flags = 0;
947 
948 	if (sta->deflink.ht_cap.ht_supported || sta->deflink.he_6ghz_capa.capa) {
949 		tlv = mt76_connac_mcu_add_nested_tlv(skb, WTBL_HT, sizeof(*ht),
950 						     wtbl_tlv, sta_wtbl);
951 		ht = (struct wtbl_ht *)tlv;
952 		ht->ldpc = ht_ldpc &&
953 			   !!(sta->deflink.ht_cap.cap & IEEE80211_HT_CAP_LDPC_CODING);
954 
955 		if (sta->deflink.ht_cap.ht_supported) {
956 			ht->af = sta->deflink.ht_cap.ampdu_factor;
957 			ht->mm = sta->deflink.ht_cap.ampdu_density;
958 		} else {
959 			ht->af = le16_get_bits(sta->deflink.he_6ghz_capa.capa,
960 					       IEEE80211_HE_6GHZ_CAP_MAX_AMPDU_LEN_EXP);
961 			ht->mm = le16_get_bits(sta->deflink.he_6ghz_capa.capa,
962 					       IEEE80211_HE_6GHZ_CAP_MIN_MPDU_START);
963 		}
964 
965 		ht->ht = true;
966 	}
967 
968 	if (sta->deflink.vht_cap.vht_supported || sta->deflink.he_6ghz_capa.capa) {
969 		struct wtbl_vht *vht;
970 		u8 af;
971 
972 		tlv = mt76_connac_mcu_add_nested_tlv(skb, WTBL_VHT,
973 						     sizeof(*vht), wtbl_tlv,
974 						     sta_wtbl);
975 		vht = (struct wtbl_vht *)tlv;
976 		vht->ldpc = vht_ldpc &&
977 			    !!(sta->deflink.vht_cap.cap & IEEE80211_VHT_CAP_RXLDPC);
978 		vht->vht = true;
979 
980 		af = FIELD_GET(IEEE80211_VHT_CAP_MAX_A_MPDU_LENGTH_EXPONENT_MASK,
981 			       sta->deflink.vht_cap.cap);
982 		if (ht)
983 			ht->af = max(ht->af, af);
984 	}
985 
986 	mt76_connac_mcu_wtbl_smps_tlv(skb, sta, sta_wtbl, wtbl_tlv);
987 
988 	if (is_connac_v1(dev) && sta->deflink.ht_cap.ht_supported) {
989 		/* sgi */
990 		u32 msk = MT_WTBL_W5_SHORT_GI_20 | MT_WTBL_W5_SHORT_GI_40 |
991 			  MT_WTBL_W5_SHORT_GI_80 | MT_WTBL_W5_SHORT_GI_160;
992 		struct wtbl_raw *raw;
993 
994 		tlv = mt76_connac_mcu_add_nested_tlv(skb, WTBL_RAW_DATA,
995 						     sizeof(*raw), wtbl_tlv,
996 						     sta_wtbl);
997 
998 		if (sta->deflink.ht_cap.cap & IEEE80211_HT_CAP_SGI_20)
999 			flags |= MT_WTBL_W5_SHORT_GI_20;
1000 		if (sta->deflink.ht_cap.cap & IEEE80211_HT_CAP_SGI_40)
1001 			flags |= MT_WTBL_W5_SHORT_GI_40;
1002 
1003 		if (sta->deflink.vht_cap.vht_supported) {
1004 			if (sta->deflink.vht_cap.cap & IEEE80211_VHT_CAP_SHORT_GI_80)
1005 				flags |= MT_WTBL_W5_SHORT_GI_80;
1006 			if (sta->deflink.vht_cap.cap & IEEE80211_VHT_CAP_SHORT_GI_160)
1007 				flags |= MT_WTBL_W5_SHORT_GI_160;
1008 		}
1009 		raw = (struct wtbl_raw *)tlv;
1010 		raw->val = cpu_to_le32(flags);
1011 		raw->msk = cpu_to_le32(~msk);
1012 		raw->wtbl_idx = 1;
1013 		raw->dw = 5;
1014 	}
1015 }
1016 EXPORT_SYMBOL_GPL(mt76_connac_mcu_wtbl_ht_tlv);
1017 
1018 int mt76_connac_mcu_sta_cmd(struct mt76_phy *phy,
1019 			    struct mt76_sta_cmd_info *info)
1020 {
1021 	struct mt76_vif *mvif = (struct mt76_vif *)info->vif->drv_priv;
1022 	struct mt76_dev *dev = phy->dev;
1023 	struct wtbl_req_hdr *wtbl_hdr;
1024 	struct tlv *sta_wtbl;
1025 	struct sk_buff *skb;
1026 
1027 	skb = mt76_connac_mcu_alloc_sta_req(dev, mvif, info->wcid);
1028 	if (IS_ERR(skb))
1029 		return PTR_ERR(skb);
1030 
1031 	if (info->sta || !info->offload_fw)
1032 		mt76_connac_mcu_sta_basic_tlv(dev, skb, info->vif, info->sta,
1033 					      info->enable, info->newly);
1034 	if (info->sta && info->enable)
1035 		mt76_connac_mcu_sta_tlv(phy, skb, info->sta,
1036 					info->vif, info->rcpi,
1037 					info->state);
1038 
1039 	sta_wtbl = mt76_connac_mcu_add_tlv(skb, STA_REC_WTBL,
1040 					   sizeof(struct tlv));
1041 
1042 	wtbl_hdr = mt76_connac_mcu_alloc_wtbl_req(dev, info->wcid,
1043 						  WTBL_RESET_AND_SET,
1044 						  sta_wtbl, &skb);
1045 	if (IS_ERR(wtbl_hdr))
1046 		return PTR_ERR(wtbl_hdr);
1047 
1048 	if (info->enable) {
1049 		mt76_connac_mcu_wtbl_generic_tlv(dev, skb, info->vif,
1050 						 info->sta, sta_wtbl,
1051 						 wtbl_hdr);
1052 		mt76_connac_mcu_wtbl_hdr_trans_tlv(skb, info->vif, info->wcid,
1053 						   sta_wtbl, wtbl_hdr);
1054 		if (info->sta)
1055 			mt76_connac_mcu_wtbl_ht_tlv(dev, skb, info->sta,
1056 						    sta_wtbl, wtbl_hdr,
1057 						    true, true);
1058 	}
1059 
1060 	return mt76_mcu_skb_send_msg(dev, skb, info->cmd, true);
1061 }
1062 EXPORT_SYMBOL_GPL(mt76_connac_mcu_sta_cmd);
1063 
1064 void mt76_connac_mcu_wtbl_ba_tlv(struct mt76_dev *dev, struct sk_buff *skb,
1065 				 struct ieee80211_ampdu_params *params,
1066 				 bool enable, bool tx, void *sta_wtbl,
1067 				 void *wtbl_tlv)
1068 {
1069 	struct wtbl_ba *ba;
1070 	struct tlv *tlv;
1071 
1072 	tlv = mt76_connac_mcu_add_nested_tlv(skb, WTBL_BA, sizeof(*ba),
1073 					     wtbl_tlv, sta_wtbl);
1074 
1075 	ba = (struct wtbl_ba *)tlv;
1076 	ba->tid = params->tid;
1077 
1078 	if (tx) {
1079 		ba->ba_type = MT_BA_TYPE_ORIGINATOR;
1080 		ba->sn = enable ? cpu_to_le16(params->ssn) : 0;
1081 		ba->ba_winsize = enable ? cpu_to_le16(params->buf_size) : 0;
1082 		ba->ba_en = enable;
1083 	} else {
1084 		memcpy(ba->peer_addr, params->sta->addr, ETH_ALEN);
1085 		ba->ba_type = MT_BA_TYPE_RECIPIENT;
1086 		ba->rst_ba_tid = params->tid;
1087 		ba->rst_ba_sel = RST_BA_MAC_TID_MATCH;
1088 		ba->rst_ba_sb = 1;
1089 	}
1090 
1091 	if (!is_connac_v1(dev)) {
1092 		ba->ba_winsize = enable ? cpu_to_le16(params->buf_size) : 0;
1093 		return;
1094 	}
1095 
1096 	if (enable && tx) {
1097 		static const u8 ba_range[] = { 4, 8, 12, 24, 36, 48, 54, 64 };
1098 		int i;
1099 
1100 		for (i = 7; i > 0; i--) {
1101 			if (params->buf_size >= ba_range[i])
1102 				break;
1103 		}
1104 		ba->ba_winsize_idx = i;
1105 	}
1106 }
1107 EXPORT_SYMBOL_GPL(mt76_connac_mcu_wtbl_ba_tlv);
1108 
1109 int mt76_connac_mcu_uni_add_dev(struct mt76_phy *phy,
1110 				struct ieee80211_vif *vif,
1111 				struct mt76_wcid *wcid,
1112 				bool enable)
1113 {
1114 	struct mt76_vif *mvif = (struct mt76_vif *)vif->drv_priv;
1115 	struct mt76_dev *dev = phy->dev;
1116 	struct {
1117 		struct {
1118 			u8 omac_idx;
1119 			u8 band_idx;
1120 			__le16 pad;
1121 		} __packed hdr;
1122 		struct req_tlv {
1123 			__le16 tag;
1124 			__le16 len;
1125 			u8 active;
1126 			u8 pad;
1127 			u8 omac_addr[ETH_ALEN];
1128 		} __packed tlv;
1129 	} dev_req = {
1130 		.hdr = {
1131 			.omac_idx = mvif->omac_idx,
1132 			.band_idx = mvif->band_idx,
1133 		},
1134 		.tlv = {
1135 			.tag = cpu_to_le16(DEV_INFO_ACTIVE),
1136 			.len = cpu_to_le16(sizeof(struct req_tlv)),
1137 			.active = enable,
1138 		},
1139 	};
1140 	struct {
1141 		struct {
1142 			u8 bss_idx;
1143 			u8 pad[3];
1144 		} __packed hdr;
1145 		struct mt76_connac_bss_basic_tlv basic;
1146 	} basic_req = {
1147 		.hdr = {
1148 			.bss_idx = mvif->idx,
1149 		},
1150 		.basic = {
1151 			.tag = cpu_to_le16(UNI_BSS_INFO_BASIC),
1152 			.len = cpu_to_le16(sizeof(struct mt76_connac_bss_basic_tlv)),
1153 			.omac_idx = mvif->omac_idx,
1154 			.band_idx = mvif->band_idx,
1155 			.wmm_idx = mvif->wmm_idx,
1156 			.active = enable,
1157 			.bmc_tx_wlan_idx = cpu_to_le16(wcid->idx),
1158 			.sta_idx = cpu_to_le16(wcid->idx),
1159 			.conn_state = 1,
1160 		},
1161 	};
1162 	int err, idx, cmd, len;
1163 	void *data;
1164 
1165 	switch (vif->type) {
1166 	case NL80211_IFTYPE_MESH_POINT:
1167 	case NL80211_IFTYPE_MONITOR:
1168 	case NL80211_IFTYPE_AP:
1169 		basic_req.basic.conn_type = cpu_to_le32(CONNECTION_INFRA_AP);
1170 		break;
1171 	case NL80211_IFTYPE_STATION:
1172 		basic_req.basic.conn_type = cpu_to_le32(CONNECTION_INFRA_STA);
1173 		break;
1174 	case NL80211_IFTYPE_ADHOC:
1175 		basic_req.basic.conn_type = cpu_to_le32(CONNECTION_IBSS_ADHOC);
1176 		break;
1177 	default:
1178 		WARN_ON(1);
1179 		break;
1180 	}
1181 
1182 	idx = mvif->omac_idx > EXT_BSSID_START ? HW_BSSID_0 : mvif->omac_idx;
1183 	basic_req.basic.hw_bss_idx = idx;
1184 
1185 	memcpy(dev_req.tlv.omac_addr, vif->addr, ETH_ALEN);
1186 
1187 	cmd = enable ? MCU_UNI_CMD(DEV_INFO_UPDATE) : MCU_UNI_CMD(BSS_INFO_UPDATE);
1188 	data = enable ? (void *)&dev_req : (void *)&basic_req;
1189 	len = enable ? sizeof(dev_req) : sizeof(basic_req);
1190 
1191 	err = mt76_mcu_send_msg(dev, cmd, data, len, true);
1192 	if (err < 0)
1193 		return err;
1194 
1195 	cmd = enable ? MCU_UNI_CMD(BSS_INFO_UPDATE) : MCU_UNI_CMD(DEV_INFO_UPDATE);
1196 	data = enable ? (void *)&basic_req : (void *)&dev_req;
1197 	len = enable ? sizeof(basic_req) : sizeof(dev_req);
1198 
1199 	return mt76_mcu_send_msg(dev, cmd, data, len, true);
1200 }
1201 EXPORT_SYMBOL_GPL(mt76_connac_mcu_uni_add_dev);
1202 
1203 void mt76_connac_mcu_sta_ba_tlv(struct sk_buff *skb,
1204 				struct ieee80211_ampdu_params *params,
1205 				bool enable, bool tx)
1206 {
1207 	struct sta_rec_ba *ba;
1208 	struct tlv *tlv;
1209 
1210 	tlv = mt76_connac_mcu_add_tlv(skb, STA_REC_BA, sizeof(*ba));
1211 
1212 	ba = (struct sta_rec_ba *)tlv;
1213 	ba->ba_type = tx ? MT_BA_TYPE_ORIGINATOR : MT_BA_TYPE_RECIPIENT;
1214 	ba->winsize = cpu_to_le16(params->buf_size);
1215 	ba->ssn = cpu_to_le16(params->ssn);
1216 	ba->ba_en = enable << params->tid;
1217 	ba->amsdu = params->amsdu;
1218 	ba->tid = params->tid;
1219 }
1220 EXPORT_SYMBOL_GPL(mt76_connac_mcu_sta_ba_tlv);
1221 
1222 int mt76_connac_mcu_sta_wed_update(struct mt76_dev *dev, struct sk_buff *skb)
1223 {
1224 	if (!mt76_is_mmio(dev))
1225 		return 0;
1226 
1227 	if (!mtk_wed_device_active(&dev->mmio.wed))
1228 		return 0;
1229 
1230 	return mtk_wed_device_update_msg(&dev->mmio.wed, WED_WO_STA_REC,
1231 					 skb->data, skb->len);
1232 }
1233 EXPORT_SYMBOL_GPL(mt76_connac_mcu_sta_wed_update);
1234 
1235 int mt76_connac_mcu_sta_ba(struct mt76_dev *dev, struct mt76_vif *mvif,
1236 			   struct ieee80211_ampdu_params *params,
1237 			   int cmd, bool enable, bool tx)
1238 {
1239 	struct mt76_wcid *wcid = (struct mt76_wcid *)params->sta->drv_priv;
1240 	struct wtbl_req_hdr *wtbl_hdr;
1241 	struct tlv *sta_wtbl;
1242 	struct sk_buff *skb;
1243 	int ret;
1244 
1245 	skb = mt76_connac_mcu_alloc_sta_req(dev, mvif, wcid);
1246 	if (IS_ERR(skb))
1247 		return PTR_ERR(skb);
1248 
1249 	sta_wtbl = mt76_connac_mcu_add_tlv(skb, STA_REC_WTBL,
1250 					   sizeof(struct tlv));
1251 
1252 	wtbl_hdr = mt76_connac_mcu_alloc_wtbl_req(dev, wcid, WTBL_SET,
1253 						  sta_wtbl, &skb);
1254 	if (IS_ERR(wtbl_hdr))
1255 		return PTR_ERR(wtbl_hdr);
1256 
1257 	mt76_connac_mcu_wtbl_ba_tlv(dev, skb, params, enable, tx, sta_wtbl,
1258 				    wtbl_hdr);
1259 
1260 	ret = mt76_connac_mcu_sta_wed_update(dev, skb);
1261 	if (ret)
1262 		return ret;
1263 
1264 	ret = mt76_mcu_skb_send_msg(dev, skb, cmd, true);
1265 	if (ret)
1266 		return ret;
1267 
1268 	skb = mt76_connac_mcu_alloc_sta_req(dev, mvif, wcid);
1269 	if (IS_ERR(skb))
1270 		return PTR_ERR(skb);
1271 
1272 	mt76_connac_mcu_sta_ba_tlv(skb, params, enable, tx);
1273 
1274 	ret = mt76_connac_mcu_sta_wed_update(dev, skb);
1275 	if (ret)
1276 		return ret;
1277 
1278 	return mt76_mcu_skb_send_msg(dev, skb, cmd, true);
1279 }
1280 EXPORT_SYMBOL_GPL(mt76_connac_mcu_sta_ba);
1281 
1282 u8 mt76_connac_get_phy_mode(struct mt76_phy *phy, struct ieee80211_vif *vif,
1283 			    enum nl80211_band band, struct ieee80211_sta *sta)
1284 {
1285 	struct mt76_dev *dev = phy->dev;
1286 	const struct ieee80211_sta_he_cap *he_cap;
1287 	struct ieee80211_sta_vht_cap *vht_cap;
1288 	struct ieee80211_sta_ht_cap *ht_cap;
1289 	u8 mode = 0;
1290 
1291 	if (is_connac_v1(dev))
1292 		return 0x38;
1293 
1294 	if (sta) {
1295 		ht_cap = &sta->deflink.ht_cap;
1296 		vht_cap = &sta->deflink.vht_cap;
1297 		he_cap = &sta->deflink.he_cap;
1298 	} else {
1299 		struct ieee80211_supported_band *sband;
1300 
1301 		sband = phy->hw->wiphy->bands[band];
1302 		ht_cap = &sband->ht_cap;
1303 		vht_cap = &sband->vht_cap;
1304 		he_cap = ieee80211_get_he_iftype_cap(sband, vif->type);
1305 	}
1306 
1307 	if (band == NL80211_BAND_2GHZ) {
1308 		mode |= PHY_MODE_B | PHY_MODE_G;
1309 
1310 		if (ht_cap->ht_supported)
1311 			mode |= PHY_MODE_GN;
1312 
1313 		if (he_cap && he_cap->has_he)
1314 			mode |= PHY_MODE_AX_24G;
1315 	} else if (band == NL80211_BAND_5GHZ) {
1316 		mode |= PHY_MODE_A;
1317 
1318 		if (ht_cap->ht_supported)
1319 			mode |= PHY_MODE_AN;
1320 
1321 		if (vht_cap->vht_supported)
1322 			mode |= PHY_MODE_AC;
1323 
1324 		if (he_cap && he_cap->has_he)
1325 			mode |= PHY_MODE_AX_5G;
1326 	} else if (band == NL80211_BAND_6GHZ) {
1327 		mode |= PHY_MODE_A | PHY_MODE_AN |
1328 			PHY_MODE_AC | PHY_MODE_AX_5G;
1329 	}
1330 
1331 	return mode;
1332 }
1333 EXPORT_SYMBOL_GPL(mt76_connac_get_phy_mode);
1334 
1335 u8 mt76_connac_get_phy_mode_ext(struct mt76_phy *phy, struct ieee80211_vif *vif,
1336 				enum nl80211_band band)
1337 {
1338 	const struct ieee80211_sta_eht_cap *eht_cap;
1339 	struct ieee80211_supported_band *sband;
1340 	u8 mode = 0;
1341 
1342 	if (band == NL80211_BAND_6GHZ)
1343 		mode |= PHY_MODE_AX_6G;
1344 
1345 	sband = phy->hw->wiphy->bands[band];
1346 	eht_cap = ieee80211_get_eht_iftype_cap(sband, vif->type);
1347 
1348 	if (!eht_cap || !eht_cap->has_eht)
1349 		return mode;
1350 
1351 	switch (band) {
1352 	case NL80211_BAND_6GHZ:
1353 		mode |= PHY_MODE_BE_6G;
1354 		break;
1355 	case NL80211_BAND_5GHZ:
1356 		mode |= PHY_MODE_BE_5G;
1357 		break;
1358 	case NL80211_BAND_2GHZ:
1359 		mode |= PHY_MODE_BE_24G;
1360 		break;
1361 	default:
1362 		break;
1363 	}
1364 
1365 	return mode;
1366 }
1367 EXPORT_SYMBOL_GPL(mt76_connac_get_phy_mode_ext);
1368 
1369 const struct ieee80211_sta_he_cap *
1370 mt76_connac_get_he_phy_cap(struct mt76_phy *phy, struct ieee80211_vif *vif)
1371 {
1372 	enum nl80211_band band = phy->chandef.chan->band;
1373 	struct ieee80211_supported_band *sband;
1374 
1375 	sband = phy->hw->wiphy->bands[band];
1376 
1377 	return ieee80211_get_he_iftype_cap(sband, vif->type);
1378 }
1379 EXPORT_SYMBOL_GPL(mt76_connac_get_he_phy_cap);
1380 
1381 const struct ieee80211_sta_eht_cap *
1382 mt76_connac_get_eht_phy_cap(struct mt76_phy *phy, struct ieee80211_vif *vif)
1383 {
1384 	enum nl80211_band band = phy->chandef.chan->band;
1385 	struct ieee80211_supported_band *sband;
1386 
1387 	sband = phy->hw->wiphy->bands[band];
1388 
1389 	return ieee80211_get_eht_iftype_cap(sband, vif->type);
1390 }
1391 EXPORT_SYMBOL_GPL(mt76_connac_get_eht_phy_cap);
1392 
1393 #define DEFAULT_HE_PE_DURATION		4
1394 #define DEFAULT_HE_DURATION_RTS_THRES	1023
1395 static void
1396 mt76_connac_mcu_uni_bss_he_tlv(struct mt76_phy *phy, struct ieee80211_vif *vif,
1397 			       struct tlv *tlv)
1398 {
1399 	const struct ieee80211_sta_he_cap *cap;
1400 	struct bss_info_uni_he *he;
1401 
1402 	cap = mt76_connac_get_he_phy_cap(phy, vif);
1403 
1404 	he = (struct bss_info_uni_he *)tlv;
1405 	he->he_pe_duration = vif->bss_conf.htc_trig_based_pkt_ext;
1406 	if (!he->he_pe_duration)
1407 		he->he_pe_duration = DEFAULT_HE_PE_DURATION;
1408 
1409 	he->he_rts_thres = cpu_to_le16(vif->bss_conf.frame_time_rts_th);
1410 	if (!he->he_rts_thres)
1411 		he->he_rts_thres = cpu_to_le16(DEFAULT_HE_DURATION_RTS_THRES);
1412 
1413 	he->max_nss_mcs[CMD_HE_MCS_BW80] = cap->he_mcs_nss_supp.tx_mcs_80;
1414 	he->max_nss_mcs[CMD_HE_MCS_BW160] = cap->he_mcs_nss_supp.tx_mcs_160;
1415 	he->max_nss_mcs[CMD_HE_MCS_BW8080] = cap->he_mcs_nss_supp.tx_mcs_80p80;
1416 }
1417 
1418 int mt76_connac_mcu_uni_set_chctx(struct mt76_phy *phy, struct mt76_vif *mvif,
1419 				  struct ieee80211_chanctx_conf *ctx)
1420 {
1421 	struct cfg80211_chan_def *chandef = ctx ? &ctx->def : &phy->chandef;
1422 	int freq1 = chandef->center_freq1, freq2 = chandef->center_freq2;
1423 	enum nl80211_band band = chandef->chan->band;
1424 	struct mt76_dev *mdev = phy->dev;
1425 	struct {
1426 		struct {
1427 			u8 bss_idx;
1428 			u8 pad[3];
1429 		} __packed hdr;
1430 		struct rlm_tlv {
1431 			__le16 tag;
1432 			__le16 len;
1433 			u8 control_channel;
1434 			u8 center_chan;
1435 			u8 center_chan2;
1436 			u8 bw;
1437 			u8 tx_streams;
1438 			u8 rx_streams;
1439 			u8 short_st;
1440 			u8 ht_op_info;
1441 			u8 sco;
1442 			u8 band;
1443 			u8 pad[2];
1444 		} __packed rlm;
1445 	} __packed rlm_req = {
1446 		.hdr = {
1447 			.bss_idx = mvif->idx,
1448 		},
1449 		.rlm = {
1450 			.tag = cpu_to_le16(UNI_BSS_INFO_RLM),
1451 			.len = cpu_to_le16(sizeof(struct rlm_tlv)),
1452 			.control_channel = chandef->chan->hw_value,
1453 			.center_chan = ieee80211_frequency_to_channel(freq1),
1454 			.center_chan2 = ieee80211_frequency_to_channel(freq2),
1455 			.tx_streams = hweight8(phy->antenna_mask),
1456 			.ht_op_info = 4, /* set HT 40M allowed */
1457 			.rx_streams = phy->chainmask,
1458 			.short_st = true,
1459 			.band = band,
1460 		},
1461 	};
1462 
1463 	switch (chandef->width) {
1464 	case NL80211_CHAN_WIDTH_40:
1465 		rlm_req.rlm.bw = CMD_CBW_40MHZ;
1466 		break;
1467 	case NL80211_CHAN_WIDTH_80:
1468 		rlm_req.rlm.bw = CMD_CBW_80MHZ;
1469 		break;
1470 	case NL80211_CHAN_WIDTH_80P80:
1471 		rlm_req.rlm.bw = CMD_CBW_8080MHZ;
1472 		break;
1473 	case NL80211_CHAN_WIDTH_160:
1474 		rlm_req.rlm.bw = CMD_CBW_160MHZ;
1475 		break;
1476 	case NL80211_CHAN_WIDTH_5:
1477 		rlm_req.rlm.bw = CMD_CBW_5MHZ;
1478 		break;
1479 	case NL80211_CHAN_WIDTH_10:
1480 		rlm_req.rlm.bw = CMD_CBW_10MHZ;
1481 		break;
1482 	case NL80211_CHAN_WIDTH_20_NOHT:
1483 	case NL80211_CHAN_WIDTH_20:
1484 	default:
1485 		rlm_req.rlm.bw = CMD_CBW_20MHZ;
1486 		rlm_req.rlm.ht_op_info = 0;
1487 		break;
1488 	}
1489 
1490 	if (rlm_req.rlm.control_channel < rlm_req.rlm.center_chan)
1491 		rlm_req.rlm.sco = 1; /* SCA */
1492 	else if (rlm_req.rlm.control_channel > rlm_req.rlm.center_chan)
1493 		rlm_req.rlm.sco = 3; /* SCB */
1494 
1495 	return mt76_mcu_send_msg(mdev, MCU_UNI_CMD(BSS_INFO_UPDATE), &rlm_req,
1496 				 sizeof(rlm_req), true);
1497 }
1498 EXPORT_SYMBOL_GPL(mt76_connac_mcu_uni_set_chctx);
1499 
1500 int mt76_connac_mcu_uni_add_bss(struct mt76_phy *phy,
1501 				struct ieee80211_vif *vif,
1502 				struct mt76_wcid *wcid,
1503 				bool enable,
1504 				struct ieee80211_chanctx_conf *ctx)
1505 {
1506 	struct mt76_vif *mvif = (struct mt76_vif *)vif->drv_priv;
1507 	struct cfg80211_chan_def *chandef = ctx ? &ctx->def : &phy->chandef;
1508 	enum nl80211_band band = chandef->chan->band;
1509 	struct mt76_dev *mdev = phy->dev;
1510 	struct {
1511 		struct {
1512 			u8 bss_idx;
1513 			u8 pad[3];
1514 		} __packed hdr;
1515 		struct mt76_connac_bss_basic_tlv basic;
1516 		struct mt76_connac_bss_qos_tlv qos;
1517 	} basic_req = {
1518 		.hdr = {
1519 			.bss_idx = mvif->idx,
1520 		},
1521 		.basic = {
1522 			.tag = cpu_to_le16(UNI_BSS_INFO_BASIC),
1523 			.len = cpu_to_le16(sizeof(struct mt76_connac_bss_basic_tlv)),
1524 			.bcn_interval = cpu_to_le16(vif->bss_conf.beacon_int),
1525 			.dtim_period = vif->bss_conf.dtim_period,
1526 			.omac_idx = mvif->omac_idx,
1527 			.band_idx = mvif->band_idx,
1528 			.wmm_idx = mvif->wmm_idx,
1529 			.active = true, /* keep bss deactivated */
1530 			.phymode = mt76_connac_get_phy_mode(phy, vif, band, NULL),
1531 		},
1532 		.qos = {
1533 			.tag = cpu_to_le16(UNI_BSS_INFO_QBSS),
1534 			.len = cpu_to_le16(sizeof(struct mt76_connac_bss_qos_tlv)),
1535 			.qos = vif->bss_conf.qos,
1536 		},
1537 	};
1538 	int err, conn_type;
1539 	u8 idx, basic_phy;
1540 
1541 	idx = mvif->omac_idx > EXT_BSSID_START ? HW_BSSID_0 : mvif->omac_idx;
1542 	basic_req.basic.hw_bss_idx = idx;
1543 	if (band == NL80211_BAND_6GHZ)
1544 		basic_req.basic.phymode_ext = PHY_MODE_AX_6G;
1545 
1546 	basic_phy = mt76_connac_get_phy_mode_v2(phy, vif, band, NULL);
1547 	basic_req.basic.nonht_basic_phy = cpu_to_le16(basic_phy);
1548 
1549 	switch (vif->type) {
1550 	case NL80211_IFTYPE_MESH_POINT:
1551 	case NL80211_IFTYPE_AP:
1552 		if (vif->p2p)
1553 			conn_type = CONNECTION_P2P_GO;
1554 		else
1555 			conn_type = CONNECTION_INFRA_AP;
1556 		basic_req.basic.conn_type = cpu_to_le32(conn_type);
1557 		/* Fully active/deactivate BSS network in AP mode only */
1558 		basic_req.basic.active = enable;
1559 		break;
1560 	case NL80211_IFTYPE_STATION:
1561 		if (vif->p2p)
1562 			conn_type = CONNECTION_P2P_GC;
1563 		else
1564 			conn_type = CONNECTION_INFRA_STA;
1565 		basic_req.basic.conn_type = cpu_to_le32(conn_type);
1566 		break;
1567 	case NL80211_IFTYPE_ADHOC:
1568 		basic_req.basic.conn_type = cpu_to_le32(CONNECTION_IBSS_ADHOC);
1569 		break;
1570 	default:
1571 		WARN_ON(1);
1572 		break;
1573 	}
1574 
1575 	memcpy(basic_req.basic.bssid, vif->bss_conf.bssid, ETH_ALEN);
1576 	basic_req.basic.bmc_tx_wlan_idx = cpu_to_le16(wcid->idx);
1577 	basic_req.basic.sta_idx = cpu_to_le16(wcid->idx);
1578 	basic_req.basic.conn_state = !enable;
1579 
1580 	err = mt76_mcu_send_msg(mdev, MCU_UNI_CMD(BSS_INFO_UPDATE), &basic_req,
1581 				sizeof(basic_req), true);
1582 	if (err < 0)
1583 		return err;
1584 
1585 	if (vif->bss_conf.he_support) {
1586 		struct {
1587 			struct {
1588 				u8 bss_idx;
1589 				u8 pad[3];
1590 			} __packed hdr;
1591 			struct bss_info_uni_he he;
1592 			struct bss_info_uni_bss_color bss_color;
1593 		} he_req = {
1594 			.hdr = {
1595 				.bss_idx = mvif->idx,
1596 			},
1597 			.he = {
1598 				.tag = cpu_to_le16(UNI_BSS_INFO_HE_BASIC),
1599 				.len = cpu_to_le16(sizeof(struct bss_info_uni_he)),
1600 			},
1601 			.bss_color = {
1602 				.tag = cpu_to_le16(UNI_BSS_INFO_BSS_COLOR),
1603 				.len = cpu_to_le16(sizeof(struct bss_info_uni_bss_color)),
1604 				.enable = 0,
1605 				.bss_color = 0,
1606 			},
1607 		};
1608 
1609 		if (enable) {
1610 			he_req.bss_color.enable =
1611 				vif->bss_conf.he_bss_color.enabled;
1612 			he_req.bss_color.bss_color =
1613 				vif->bss_conf.he_bss_color.color;
1614 		}
1615 
1616 		mt76_connac_mcu_uni_bss_he_tlv(phy, vif,
1617 					       (struct tlv *)&he_req.he);
1618 		err = mt76_mcu_send_msg(mdev, MCU_UNI_CMD(BSS_INFO_UPDATE),
1619 					&he_req, sizeof(he_req), true);
1620 		if (err < 0)
1621 			return err;
1622 	}
1623 
1624 	return mt76_connac_mcu_uni_set_chctx(phy, mvif, ctx);
1625 }
1626 EXPORT_SYMBOL_GPL(mt76_connac_mcu_uni_add_bss);
1627 
1628 #define MT76_CONNAC_SCAN_CHANNEL_TIME		60
1629 int mt76_connac_mcu_hw_scan(struct mt76_phy *phy, struct ieee80211_vif *vif,
1630 			    struct ieee80211_scan_request *scan_req)
1631 {
1632 	struct mt76_vif *mvif = (struct mt76_vif *)vif->drv_priv;
1633 	struct cfg80211_scan_request *sreq = &scan_req->req;
1634 	int n_ssids = 0, err, i, duration;
1635 	int ext_channels_num = max_t(int, sreq->n_channels - 32, 0);
1636 	struct ieee80211_channel **scan_list = sreq->channels;
1637 	struct mt76_dev *mdev = phy->dev;
1638 	struct mt76_connac_mcu_scan_channel *chan;
1639 	struct mt76_connac_hw_scan_req *req;
1640 	struct sk_buff *skb;
1641 
1642 	if (test_bit(MT76_HW_SCANNING, &phy->state))
1643 		return -EBUSY;
1644 
1645 	skb = mt76_mcu_msg_alloc(mdev, NULL, sizeof(*req));
1646 	if (!skb)
1647 		return -ENOMEM;
1648 
1649 	set_bit(MT76_HW_SCANNING, &phy->state);
1650 	mvif->scan_seq_num = (mvif->scan_seq_num + 1) & 0x7f;
1651 
1652 	req = (struct mt76_connac_hw_scan_req *)skb_put(skb, sizeof(*req));
1653 
1654 	req->seq_num = mvif->scan_seq_num | mvif->band_idx << 7;
1655 	req->bss_idx = mvif->idx;
1656 	req->scan_type = sreq->n_ssids ? 1 : 0;
1657 	req->probe_req_num = sreq->n_ssids ? 2 : 0;
1658 	req->version = 1;
1659 
1660 	for (i = 0; i < sreq->n_ssids; i++) {
1661 		if (!sreq->ssids[i].ssid_len)
1662 			continue;
1663 
1664 		req->ssids[i].ssid_len = cpu_to_le32(sreq->ssids[i].ssid_len);
1665 		memcpy(req->ssids[i].ssid, sreq->ssids[i].ssid,
1666 		       sreq->ssids[i].ssid_len);
1667 		n_ssids++;
1668 	}
1669 	req->ssid_type = n_ssids ? BIT(2) : BIT(0);
1670 	req->ssid_type_ext = n_ssids ? BIT(0) : 0;
1671 	req->ssids_num = n_ssids;
1672 
1673 	duration = is_mt7921(phy->dev) ? 0 : MT76_CONNAC_SCAN_CHANNEL_TIME;
1674 	/* increase channel time for passive scan */
1675 	if (!sreq->n_ssids)
1676 		duration *= 2;
1677 	req->timeout_value = cpu_to_le16(sreq->n_channels * duration);
1678 	req->channel_min_dwell_time = cpu_to_le16(duration);
1679 	req->channel_dwell_time = cpu_to_le16(duration);
1680 
1681 	if (sreq->n_channels == 0 || sreq->n_channels > 64) {
1682 		req->channel_type = 0;
1683 		req->channels_num = 0;
1684 		req->ext_channels_num = 0;
1685 	} else {
1686 		req->channel_type = 4;
1687 		req->channels_num = min_t(u8, sreq->n_channels, 32);
1688 		req->ext_channels_num = min_t(u8, ext_channels_num, 32);
1689 	}
1690 
1691 	for (i = 0; i < req->channels_num + req->ext_channels_num; i++) {
1692 		if (i >= 32)
1693 			chan = &req->ext_channels[i - 32];
1694 		else
1695 			chan = &req->channels[i];
1696 
1697 		switch (scan_list[i]->band) {
1698 		case NL80211_BAND_2GHZ:
1699 			chan->band = 1;
1700 			break;
1701 		case NL80211_BAND_6GHZ:
1702 			chan->band = 3;
1703 			break;
1704 		default:
1705 			chan->band = 2;
1706 			break;
1707 		}
1708 		chan->channel_num = scan_list[i]->hw_value;
1709 	}
1710 
1711 	if (sreq->ie_len > 0) {
1712 		memcpy(req->ies, sreq->ie, sreq->ie_len);
1713 		req->ies_len = cpu_to_le16(sreq->ie_len);
1714 	}
1715 
1716 	if (is_mt7921(phy->dev))
1717 		req->scan_func |= SCAN_FUNC_SPLIT_SCAN;
1718 
1719 	memcpy(req->bssid, sreq->bssid, ETH_ALEN);
1720 	if (sreq->flags & NL80211_SCAN_FLAG_RANDOM_ADDR) {
1721 		get_random_mask_addr(req->random_mac, sreq->mac_addr,
1722 				     sreq->mac_addr_mask);
1723 		req->scan_func |= SCAN_FUNC_RANDOM_MAC;
1724 	}
1725 
1726 	err = mt76_mcu_skb_send_msg(mdev, skb, MCU_CE_CMD(START_HW_SCAN),
1727 				    false);
1728 	if (err < 0)
1729 		clear_bit(MT76_HW_SCANNING, &phy->state);
1730 
1731 	return err;
1732 }
1733 EXPORT_SYMBOL_GPL(mt76_connac_mcu_hw_scan);
1734 
1735 int mt76_connac_mcu_cancel_hw_scan(struct mt76_phy *phy,
1736 				   struct ieee80211_vif *vif)
1737 {
1738 	struct mt76_vif *mvif = (struct mt76_vif *)vif->drv_priv;
1739 	struct {
1740 		u8 seq_num;
1741 		u8 is_ext_channel;
1742 		u8 rsv[2];
1743 	} __packed req = {
1744 		.seq_num = mvif->scan_seq_num,
1745 	};
1746 
1747 	if (test_and_clear_bit(MT76_HW_SCANNING, &phy->state)) {
1748 		struct cfg80211_scan_info info = {
1749 			.aborted = true,
1750 		};
1751 
1752 		ieee80211_scan_completed(phy->hw, &info);
1753 	}
1754 
1755 	return mt76_mcu_send_msg(phy->dev, MCU_CE_CMD(CANCEL_HW_SCAN),
1756 				 &req, sizeof(req), false);
1757 }
1758 EXPORT_SYMBOL_GPL(mt76_connac_mcu_cancel_hw_scan);
1759 
1760 int mt76_connac_mcu_sched_scan_req(struct mt76_phy *phy,
1761 				   struct ieee80211_vif *vif,
1762 				   struct cfg80211_sched_scan_request *sreq)
1763 {
1764 	struct mt76_vif *mvif = (struct mt76_vif *)vif->drv_priv;
1765 	struct ieee80211_channel **scan_list = sreq->channels;
1766 	struct mt76_connac_mcu_scan_channel *chan;
1767 	struct mt76_connac_sched_scan_req *req;
1768 	struct mt76_dev *mdev = phy->dev;
1769 	struct cfg80211_match_set *match;
1770 	struct cfg80211_ssid *ssid;
1771 	struct sk_buff *skb;
1772 	int i;
1773 
1774 	skb = mt76_mcu_msg_alloc(mdev, NULL, sizeof(*req) + sreq->ie_len);
1775 	if (!skb)
1776 		return -ENOMEM;
1777 
1778 	mvif->scan_seq_num = (mvif->scan_seq_num + 1) & 0x7f;
1779 
1780 	req = (struct mt76_connac_sched_scan_req *)skb_put(skb, sizeof(*req));
1781 	req->version = 1;
1782 	req->seq_num = mvif->scan_seq_num | mvif->band_idx << 7;
1783 
1784 	if (sreq->flags & NL80211_SCAN_FLAG_RANDOM_ADDR) {
1785 		u8 *addr = is_mt7663(phy->dev) ? req->mt7663.random_mac
1786 					       : req->mt7921.random_mac;
1787 
1788 		req->scan_func = 1;
1789 		get_random_mask_addr(addr, sreq->mac_addr,
1790 				     sreq->mac_addr_mask);
1791 	}
1792 	if (is_mt7921(phy->dev)) {
1793 		req->mt7921.bss_idx = mvif->idx;
1794 		req->mt7921.delay = cpu_to_le32(sreq->delay);
1795 	}
1796 
1797 	req->ssids_num = sreq->n_ssids;
1798 	for (i = 0; i < req->ssids_num; i++) {
1799 		ssid = &sreq->ssids[i];
1800 		memcpy(req->ssids[i].ssid, ssid->ssid, ssid->ssid_len);
1801 		req->ssids[i].ssid_len = cpu_to_le32(ssid->ssid_len);
1802 	}
1803 
1804 	req->match_num = sreq->n_match_sets;
1805 	for (i = 0; i < req->match_num; i++) {
1806 		match = &sreq->match_sets[i];
1807 		memcpy(req->match[i].ssid, match->ssid.ssid,
1808 		       match->ssid.ssid_len);
1809 		req->match[i].rssi_th = cpu_to_le32(match->rssi_thold);
1810 		req->match[i].ssid_len = match->ssid.ssid_len;
1811 	}
1812 
1813 	req->channel_type = sreq->n_channels ? 4 : 0;
1814 	req->channels_num = min_t(u8, sreq->n_channels, 64);
1815 	for (i = 0; i < req->channels_num; i++) {
1816 		chan = &req->channels[i];
1817 
1818 		switch (scan_list[i]->band) {
1819 		case NL80211_BAND_2GHZ:
1820 			chan->band = 1;
1821 			break;
1822 		case NL80211_BAND_6GHZ:
1823 			chan->band = 3;
1824 			break;
1825 		default:
1826 			chan->band = 2;
1827 			break;
1828 		}
1829 		chan->channel_num = scan_list[i]->hw_value;
1830 	}
1831 
1832 	req->intervals_num = sreq->n_scan_plans;
1833 	for (i = 0; i < req->intervals_num; i++)
1834 		req->intervals[i] = cpu_to_le16(sreq->scan_plans[i].interval);
1835 
1836 	if (sreq->ie_len > 0) {
1837 		req->ie_len = cpu_to_le16(sreq->ie_len);
1838 		memcpy(skb_put(skb, sreq->ie_len), sreq->ie, sreq->ie_len);
1839 	}
1840 
1841 	return mt76_mcu_skb_send_msg(mdev, skb, MCU_CE_CMD(SCHED_SCAN_REQ),
1842 				     false);
1843 }
1844 EXPORT_SYMBOL_GPL(mt76_connac_mcu_sched_scan_req);
1845 
1846 int mt76_connac_mcu_sched_scan_enable(struct mt76_phy *phy,
1847 				      struct ieee80211_vif *vif,
1848 				      bool enable)
1849 {
1850 	struct {
1851 		u8 active; /* 0: enabled 1: disabled */
1852 		u8 rsv[3];
1853 	} __packed req = {
1854 		.active = !enable,
1855 	};
1856 
1857 	if (enable)
1858 		set_bit(MT76_HW_SCHED_SCANNING, &phy->state);
1859 	else
1860 		clear_bit(MT76_HW_SCHED_SCANNING, &phy->state);
1861 
1862 	return mt76_mcu_send_msg(phy->dev, MCU_CE_CMD(SCHED_SCAN_ENABLE),
1863 				 &req, sizeof(req), false);
1864 }
1865 EXPORT_SYMBOL_GPL(mt76_connac_mcu_sched_scan_enable);
1866 
1867 int mt76_connac_mcu_chip_config(struct mt76_dev *dev)
1868 {
1869 	struct mt76_connac_config req = {
1870 		.resp_type = 0,
1871 	};
1872 
1873 	memcpy(req.data, "assert", 7);
1874 
1875 	return mt76_mcu_send_msg(dev, MCU_CE_CMD(CHIP_CONFIG),
1876 				 &req, sizeof(req), false);
1877 }
1878 EXPORT_SYMBOL_GPL(mt76_connac_mcu_chip_config);
1879 
1880 int mt76_connac_mcu_set_deep_sleep(struct mt76_dev *dev, bool enable)
1881 {
1882 	struct mt76_connac_config req = {
1883 		.resp_type = 0,
1884 	};
1885 
1886 	snprintf(req.data, sizeof(req.data), "KeepFullPwr %d", !enable);
1887 
1888 	return mt76_mcu_send_msg(dev, MCU_CE_CMD(CHIP_CONFIG),
1889 				 &req, sizeof(req), false);
1890 }
1891 EXPORT_SYMBOL_GPL(mt76_connac_mcu_set_deep_sleep);
1892 
1893 int mt76_connac_sta_state_dp(struct mt76_dev *dev,
1894 			     enum ieee80211_sta_state old_state,
1895 			     enum ieee80211_sta_state new_state)
1896 {
1897 	if ((old_state == IEEE80211_STA_ASSOC &&
1898 	     new_state == IEEE80211_STA_AUTHORIZED) ||
1899 	    (old_state == IEEE80211_STA_NONE &&
1900 	     new_state == IEEE80211_STA_NOTEXIST))
1901 		mt76_connac_mcu_set_deep_sleep(dev, true);
1902 
1903 	if ((old_state == IEEE80211_STA_NOTEXIST &&
1904 	     new_state == IEEE80211_STA_NONE) ||
1905 	    (old_state == IEEE80211_STA_AUTHORIZED &&
1906 	     new_state == IEEE80211_STA_ASSOC))
1907 		mt76_connac_mcu_set_deep_sleep(dev, false);
1908 
1909 	return 0;
1910 }
1911 EXPORT_SYMBOL_GPL(mt76_connac_sta_state_dp);
1912 
1913 void mt76_connac_mcu_coredump_event(struct mt76_dev *dev, struct sk_buff *skb,
1914 				    struct mt76_connac_coredump *coredump)
1915 {
1916 	spin_lock_bh(&dev->lock);
1917 	__skb_queue_tail(&coredump->msg_list, skb);
1918 	spin_unlock_bh(&dev->lock);
1919 
1920 	coredump->last_activity = jiffies;
1921 
1922 	queue_delayed_work(dev->wq, &coredump->work,
1923 			   MT76_CONNAC_COREDUMP_TIMEOUT);
1924 }
1925 EXPORT_SYMBOL_GPL(mt76_connac_mcu_coredump_event);
1926 
1927 static void mt76_connac_mcu_parse_tx_resource(struct mt76_dev *dev,
1928 					      struct sk_buff *skb)
1929 {
1930 	struct mt76_sdio *sdio = &dev->sdio;
1931 	struct mt76_connac_tx_resource {
1932 		__le32 version;
1933 		__le32 pse_data_quota;
1934 		__le32 pse_mcu_quota;
1935 		__le32 ple_data_quota;
1936 		__le32 ple_mcu_quota;
1937 		__le16 pse_page_size;
1938 		__le16 ple_page_size;
1939 		u8 pp_padding;
1940 		u8 pad[3];
1941 	} __packed * tx_res;
1942 
1943 	tx_res = (struct mt76_connac_tx_resource *)skb->data;
1944 	sdio->sched.pse_data_quota = le32_to_cpu(tx_res->pse_data_quota);
1945 	sdio->sched.pse_mcu_quota = le32_to_cpu(tx_res->pse_mcu_quota);
1946 	sdio->sched.ple_data_quota = le32_to_cpu(tx_res->ple_data_quota);
1947 	sdio->sched.pse_page_size = le16_to_cpu(tx_res->pse_page_size);
1948 	sdio->sched.deficit = tx_res->pp_padding;
1949 }
1950 
1951 static void mt76_connac_mcu_parse_phy_cap(struct mt76_dev *dev,
1952 					  struct sk_buff *skb)
1953 {
1954 	struct mt76_connac_phy_cap {
1955 		u8 ht;
1956 		u8 vht;
1957 		u8 _5g;
1958 		u8 max_bw;
1959 		u8 nss;
1960 		u8 dbdc;
1961 		u8 tx_ldpc;
1962 		u8 rx_ldpc;
1963 		u8 tx_stbc;
1964 		u8 rx_stbc;
1965 		u8 hw_path;
1966 		u8 he;
1967 	} __packed * cap;
1968 
1969 	enum {
1970 		WF0_24G,
1971 		WF0_5G
1972 	};
1973 
1974 	cap = (struct mt76_connac_phy_cap *)skb->data;
1975 
1976 	dev->phy.antenna_mask = BIT(cap->nss) - 1;
1977 	dev->phy.chainmask = dev->phy.antenna_mask;
1978 	dev->phy.cap.has_2ghz = cap->hw_path & BIT(WF0_24G);
1979 	dev->phy.cap.has_5ghz = cap->hw_path & BIT(WF0_5G);
1980 }
1981 
1982 int mt76_connac_mcu_get_nic_capability(struct mt76_phy *phy)
1983 {
1984 	struct mt76_connac_cap_hdr {
1985 		__le16 n_element;
1986 		u8 rsv[2];
1987 	} __packed * hdr;
1988 	struct sk_buff *skb;
1989 	int ret, i;
1990 
1991 	ret = mt76_mcu_send_and_get_msg(phy->dev, MCU_CE_CMD(GET_NIC_CAPAB),
1992 					NULL, 0, true, &skb);
1993 	if (ret)
1994 		return ret;
1995 
1996 	hdr = (struct mt76_connac_cap_hdr *)skb->data;
1997 	if (skb->len < sizeof(*hdr)) {
1998 		ret = -EINVAL;
1999 		goto out;
2000 	}
2001 
2002 	skb_pull(skb, sizeof(*hdr));
2003 
2004 	for (i = 0; i < le16_to_cpu(hdr->n_element); i++) {
2005 		struct tlv_hdr {
2006 			__le32 type;
2007 			__le32 len;
2008 		} __packed * tlv = (struct tlv_hdr *)skb->data;
2009 		int len;
2010 
2011 		if (skb->len < sizeof(*tlv))
2012 			break;
2013 
2014 		skb_pull(skb, sizeof(*tlv));
2015 
2016 		len = le32_to_cpu(tlv->len);
2017 		if (skb->len < len)
2018 			break;
2019 
2020 		switch (le32_to_cpu(tlv->type)) {
2021 		case MT_NIC_CAP_6G:
2022 			phy->cap.has_6ghz = skb->data[0];
2023 			break;
2024 		case MT_NIC_CAP_MAC_ADDR:
2025 			memcpy(phy->macaddr, (void *)skb->data, ETH_ALEN);
2026 			break;
2027 		case MT_NIC_CAP_PHY:
2028 			mt76_connac_mcu_parse_phy_cap(phy->dev, skb);
2029 			break;
2030 		case MT_NIC_CAP_TX_RESOURCE:
2031 			if (mt76_is_sdio(phy->dev))
2032 				mt76_connac_mcu_parse_tx_resource(phy->dev,
2033 								  skb);
2034 			break;
2035 		default:
2036 			break;
2037 		}
2038 		skb_pull(skb, len);
2039 	}
2040 out:
2041 	dev_kfree_skb(skb);
2042 
2043 	return ret;
2044 }
2045 EXPORT_SYMBOL_GPL(mt76_connac_mcu_get_nic_capability);
2046 
2047 static void
2048 mt76_connac_mcu_build_sku(struct mt76_dev *dev, s8 *sku,
2049 			  struct mt76_power_limits *limits,
2050 			  enum nl80211_band band)
2051 {
2052 	int max_power = is_mt7921(dev) ? 127 : 63;
2053 	int i, offset = sizeof(limits->cck);
2054 
2055 	memset(sku, max_power, MT_SKU_POWER_LIMIT);
2056 
2057 	if (band == NL80211_BAND_2GHZ) {
2058 		/* cck */
2059 		memcpy(sku, limits->cck, sizeof(limits->cck));
2060 	}
2061 
2062 	/* ofdm */
2063 	memcpy(&sku[offset], limits->ofdm, sizeof(limits->ofdm));
2064 	offset += sizeof(limits->ofdm);
2065 
2066 	/* ht */
2067 	for (i = 0; i < 2; i++) {
2068 		memcpy(&sku[offset], limits->mcs[i], 8);
2069 		offset += 8;
2070 	}
2071 	sku[offset++] = limits->mcs[0][0];
2072 
2073 	/* vht */
2074 	for (i = 0; i < ARRAY_SIZE(limits->mcs); i++) {
2075 		memcpy(&sku[offset], limits->mcs[i],
2076 		       ARRAY_SIZE(limits->mcs[i]));
2077 		offset += 12;
2078 	}
2079 
2080 	if (!is_mt7921(dev))
2081 		return;
2082 
2083 	/* he */
2084 	for (i = 0; i < ARRAY_SIZE(limits->ru); i++) {
2085 		memcpy(&sku[offset], limits->ru[i], ARRAY_SIZE(limits->ru[i]));
2086 		offset += ARRAY_SIZE(limits->ru[i]);
2087 	}
2088 }
2089 
2090 static s8 mt76_connac_get_ch_power(struct mt76_phy *phy,
2091 				   struct ieee80211_channel *chan,
2092 				   s8 target_power)
2093 {
2094 	struct mt76_dev *dev = phy->dev;
2095 	struct ieee80211_supported_band *sband;
2096 	int i;
2097 
2098 	switch (chan->band) {
2099 	case NL80211_BAND_2GHZ:
2100 		sband = &phy->sband_2g.sband;
2101 		break;
2102 	case NL80211_BAND_5GHZ:
2103 		sband = &phy->sband_5g.sband;
2104 		break;
2105 	case NL80211_BAND_6GHZ:
2106 		sband = &phy->sband_6g.sband;
2107 		break;
2108 	default:
2109 		return target_power;
2110 	}
2111 
2112 	for (i = 0; i < sband->n_channels; i++) {
2113 		struct ieee80211_channel *ch = &sband->channels[i];
2114 
2115 		if (ch->hw_value == chan->hw_value) {
2116 			if (!(ch->flags & IEEE80211_CHAN_DISABLED)) {
2117 				int power = 2 * ch->max_reg_power;
2118 
2119 				if (is_mt7663(dev) && (power > 63 || power < -64))
2120 					power = 63;
2121 				target_power = min_t(s8, power, target_power);
2122 			}
2123 			break;
2124 		}
2125 	}
2126 
2127 	return target_power;
2128 }
2129 
2130 static int
2131 mt76_connac_mcu_rate_txpower_band(struct mt76_phy *phy,
2132 				  enum nl80211_band band)
2133 {
2134 	struct mt76_dev *dev = phy->dev;
2135 	int sku_len, batch_len = is_mt7921(dev) ? 8 : 16;
2136 	static const u8 chan_list_2ghz[] = {
2137 		1, 2,  3,  4,  5,  6,  7,
2138 		8, 9, 10, 11, 12, 13, 14
2139 	};
2140 	static const u8 chan_list_5ghz[] = {
2141 		 36,  38,  40,  42,  44,  46,  48,
2142 		 50,  52,  54,  56,  58,  60,  62,
2143 		 64, 100, 102, 104, 106, 108, 110,
2144 		112, 114, 116, 118, 120, 122, 124,
2145 		126, 128, 132, 134, 136, 138, 140,
2146 		142, 144, 149, 151, 153, 155, 157,
2147 		159, 161, 165
2148 	};
2149 	static const u8 chan_list_6ghz[] = {
2150 		  1,   3,   5,   7,   9,  11,  13,
2151 		 15,  17,  19,  21,  23,  25,  27,
2152 		 29,  33,  35,  37,  39,  41,  43,
2153 		 45,  47,  49,  51,  53,  55,  57,
2154 		 59,  61,  65,  67,  69,  71,  73,
2155 		 75,  77,  79,  81,  83,  85,  87,
2156 		 89,  91,  93,  97,  99, 101, 103,
2157 		105, 107, 109, 111, 113, 115, 117,
2158 		119, 121, 123, 125, 129, 131, 133,
2159 		135, 137, 139, 141, 143, 145, 147,
2160 		149, 151, 153, 155, 157, 161, 163,
2161 		165, 167, 169, 171, 173, 175, 177,
2162 		179, 181, 183, 185, 187, 189, 193,
2163 		195, 197, 199, 201, 203, 205, 207,
2164 		209, 211, 213, 215, 217, 219, 221,
2165 		225, 227, 229, 233
2166 	};
2167 	int i, n_chan, batch_size, idx = 0, tx_power, last_ch;
2168 	struct mt76_connac_sku_tlv sku_tlbv;
2169 	struct mt76_power_limits limits;
2170 	const u8 *ch_list;
2171 
2172 	sku_len = is_mt7921(dev) ? sizeof(sku_tlbv) : sizeof(sku_tlbv) - 92;
2173 	tx_power = 2 * phy->hw->conf.power_level;
2174 	if (!tx_power)
2175 		tx_power = 127;
2176 
2177 	if (band == NL80211_BAND_2GHZ) {
2178 		n_chan = ARRAY_SIZE(chan_list_2ghz);
2179 		ch_list = chan_list_2ghz;
2180 	} else if (band == NL80211_BAND_6GHZ) {
2181 		n_chan = ARRAY_SIZE(chan_list_6ghz);
2182 		ch_list = chan_list_6ghz;
2183 	} else {
2184 		n_chan = ARRAY_SIZE(chan_list_5ghz);
2185 		ch_list = chan_list_5ghz;
2186 	}
2187 	batch_size = DIV_ROUND_UP(n_chan, batch_len);
2188 
2189 	if (phy->cap.has_6ghz)
2190 		last_ch = chan_list_6ghz[ARRAY_SIZE(chan_list_6ghz) - 1];
2191 	else if (phy->cap.has_5ghz)
2192 		last_ch = chan_list_5ghz[ARRAY_SIZE(chan_list_5ghz) - 1];
2193 	else
2194 		last_ch = chan_list_2ghz[ARRAY_SIZE(chan_list_2ghz) - 1];
2195 
2196 	for (i = 0; i < batch_size; i++) {
2197 		struct mt76_connac_tx_power_limit_tlv tx_power_tlv = {};
2198 		int j, err, msg_len, num_ch;
2199 		struct sk_buff *skb;
2200 
2201 		num_ch = i == batch_size - 1 ? n_chan % batch_len : batch_len;
2202 		msg_len = sizeof(tx_power_tlv) + num_ch * sizeof(sku_tlbv);
2203 		skb = mt76_mcu_msg_alloc(dev, NULL, msg_len);
2204 		if (!skb)
2205 			return -ENOMEM;
2206 
2207 		skb_reserve(skb, sizeof(tx_power_tlv));
2208 
2209 		BUILD_BUG_ON(sizeof(dev->alpha2) > sizeof(tx_power_tlv.alpha2));
2210 		memcpy(tx_power_tlv.alpha2, dev->alpha2, sizeof(dev->alpha2));
2211 		tx_power_tlv.n_chan = num_ch;
2212 
2213 		switch (band) {
2214 		case NL80211_BAND_2GHZ:
2215 			tx_power_tlv.band = 1;
2216 			break;
2217 		case NL80211_BAND_6GHZ:
2218 			tx_power_tlv.band = 3;
2219 			break;
2220 		default:
2221 			tx_power_tlv.band = 2;
2222 			break;
2223 		}
2224 
2225 		for (j = 0; j < num_ch; j++, idx++) {
2226 			struct ieee80211_channel chan = {
2227 				.hw_value = ch_list[idx],
2228 				.band = band,
2229 			};
2230 			s8 reg_power, sar_power;
2231 
2232 			reg_power = mt76_connac_get_ch_power(phy, &chan,
2233 							     tx_power);
2234 			sar_power = mt76_get_sar_power(phy, &chan, reg_power);
2235 
2236 			mt76_get_rate_power_limits(phy, &chan, &limits,
2237 						   sar_power);
2238 
2239 			tx_power_tlv.last_msg = ch_list[idx] == last_ch;
2240 			sku_tlbv.channel = ch_list[idx];
2241 
2242 			mt76_connac_mcu_build_sku(dev, sku_tlbv.pwr_limit,
2243 						  &limits, band);
2244 			skb_put_data(skb, &sku_tlbv, sku_len);
2245 		}
2246 		__skb_push(skb, sizeof(tx_power_tlv));
2247 		memcpy(skb->data, &tx_power_tlv, sizeof(tx_power_tlv));
2248 
2249 		err = mt76_mcu_skb_send_msg(dev, skb,
2250 					    MCU_CE_CMD(SET_RATE_TX_POWER),
2251 					    false);
2252 		if (err < 0)
2253 			return err;
2254 	}
2255 
2256 	return 0;
2257 }
2258 
2259 int mt76_connac_mcu_set_rate_txpower(struct mt76_phy *phy)
2260 {
2261 	int err;
2262 
2263 	if (phy->cap.has_2ghz) {
2264 		err = mt76_connac_mcu_rate_txpower_band(phy,
2265 							NL80211_BAND_2GHZ);
2266 		if (err < 0)
2267 			return err;
2268 	}
2269 	if (phy->cap.has_5ghz) {
2270 		err = mt76_connac_mcu_rate_txpower_band(phy,
2271 							NL80211_BAND_5GHZ);
2272 		if (err < 0)
2273 			return err;
2274 	}
2275 	if (phy->cap.has_6ghz) {
2276 		err = mt76_connac_mcu_rate_txpower_band(phy,
2277 							NL80211_BAND_6GHZ);
2278 		if (err < 0)
2279 			return err;
2280 	}
2281 
2282 	return 0;
2283 }
2284 EXPORT_SYMBOL_GPL(mt76_connac_mcu_set_rate_txpower);
2285 
2286 int mt76_connac_mcu_update_arp_filter(struct mt76_dev *dev,
2287 				      struct mt76_vif *vif,
2288 				      struct ieee80211_bss_conf *info)
2289 {
2290 	struct ieee80211_vif *mvif = container_of(info, struct ieee80211_vif,
2291 						  bss_conf);
2292 	struct sk_buff *skb;
2293 	int i, len = min_t(int, mvif->cfg.arp_addr_cnt,
2294 			   IEEE80211_BSS_ARP_ADDR_LIST_LEN);
2295 	struct {
2296 		struct {
2297 			u8 bss_idx;
2298 			u8 pad[3];
2299 		} __packed hdr;
2300 		struct mt76_connac_arpns_tlv arp;
2301 	} req_hdr = {
2302 		.hdr = {
2303 			.bss_idx = vif->idx,
2304 		},
2305 		.arp = {
2306 			.tag = cpu_to_le16(UNI_OFFLOAD_OFFLOAD_ARP),
2307 			.len = cpu_to_le16(sizeof(struct mt76_connac_arpns_tlv)),
2308 			.ips_num = len,
2309 			.mode = 2,  /* update */
2310 			.option = 1,
2311 		},
2312 	};
2313 
2314 	skb = mt76_mcu_msg_alloc(dev, NULL,
2315 				 sizeof(req_hdr) + len * sizeof(__be32));
2316 	if (!skb)
2317 		return -ENOMEM;
2318 
2319 	skb_put_data(skb, &req_hdr, sizeof(req_hdr));
2320 	for (i = 0; i < len; i++)
2321 		skb_put_data(skb, &mvif->cfg.arp_addr_list[i], sizeof(__be32));
2322 
2323 	return mt76_mcu_skb_send_msg(dev, skb, MCU_UNI_CMD(OFFLOAD), true);
2324 }
2325 EXPORT_SYMBOL_GPL(mt76_connac_mcu_update_arp_filter);
2326 
2327 int mt76_connac_mcu_set_p2p_oppps(struct ieee80211_hw *hw,
2328 				  struct ieee80211_vif *vif)
2329 {
2330 	struct mt76_vif *mvif = (struct mt76_vif *)vif->drv_priv;
2331 	int ct_window = vif->bss_conf.p2p_noa_attr.oppps_ctwindow;
2332 	struct mt76_phy *phy = hw->priv;
2333 	struct {
2334 		__le32 ct_win;
2335 		u8 bss_idx;
2336 		u8 rsv[3];
2337 	} __packed req = {
2338 		.ct_win = cpu_to_le32(ct_window),
2339 		.bss_idx = mvif->idx,
2340 	};
2341 
2342 	return mt76_mcu_send_msg(phy->dev, MCU_CE_CMD(SET_P2P_OPPPS),
2343 				 &req, sizeof(req), false);
2344 }
2345 EXPORT_SYMBOL_GPL(mt76_connac_mcu_set_p2p_oppps);
2346 
2347 #ifdef CONFIG_PM
2348 
2349 const struct wiphy_wowlan_support mt76_connac_wowlan_support = {
2350 	.flags = WIPHY_WOWLAN_MAGIC_PKT | WIPHY_WOWLAN_DISCONNECT |
2351 		 WIPHY_WOWLAN_SUPPORTS_GTK_REKEY | WIPHY_WOWLAN_NET_DETECT,
2352 	.n_patterns = 1,
2353 	.pattern_min_len = 1,
2354 	.pattern_max_len = MT76_CONNAC_WOW_PATTEN_MAX_LEN,
2355 	.max_nd_match_sets = 10,
2356 };
2357 EXPORT_SYMBOL_GPL(mt76_connac_wowlan_support);
2358 
2359 static void
2360 mt76_connac_mcu_key_iter(struct ieee80211_hw *hw,
2361 			 struct ieee80211_vif *vif,
2362 			 struct ieee80211_sta *sta,
2363 			 struct ieee80211_key_conf *key,
2364 			 void *data)
2365 {
2366 	struct mt76_connac_gtk_rekey_tlv *gtk_tlv = data;
2367 	u32 cipher;
2368 
2369 	if (key->cipher != WLAN_CIPHER_SUITE_AES_CMAC &&
2370 	    key->cipher != WLAN_CIPHER_SUITE_CCMP &&
2371 	    key->cipher != WLAN_CIPHER_SUITE_TKIP)
2372 		return;
2373 
2374 	if (key->cipher == WLAN_CIPHER_SUITE_TKIP)
2375 		cipher = BIT(3);
2376 	else
2377 		cipher = BIT(4);
2378 
2379 	/* we are assuming here to have a single pairwise key */
2380 	if (key->flags & IEEE80211_KEY_FLAG_PAIRWISE) {
2381 		if (key->cipher == WLAN_CIPHER_SUITE_TKIP)
2382 			gtk_tlv->proto = cpu_to_le32(NL80211_WPA_VERSION_1);
2383 		else
2384 			gtk_tlv->proto = cpu_to_le32(NL80211_WPA_VERSION_2);
2385 
2386 		gtk_tlv->pairwise_cipher = cpu_to_le32(cipher);
2387 		gtk_tlv->keyid = key->keyidx;
2388 	} else {
2389 		gtk_tlv->group_cipher = cpu_to_le32(cipher);
2390 	}
2391 }
2392 
2393 int mt76_connac_mcu_update_gtk_rekey(struct ieee80211_hw *hw,
2394 				     struct ieee80211_vif *vif,
2395 				     struct cfg80211_gtk_rekey_data *key)
2396 {
2397 	struct mt76_vif *mvif = (struct mt76_vif *)vif->drv_priv;
2398 	struct mt76_connac_gtk_rekey_tlv *gtk_tlv;
2399 	struct mt76_phy *phy = hw->priv;
2400 	struct sk_buff *skb;
2401 	struct {
2402 		u8 bss_idx;
2403 		u8 pad[3];
2404 	} __packed hdr = {
2405 		.bss_idx = mvif->idx,
2406 	};
2407 
2408 	skb = mt76_mcu_msg_alloc(phy->dev, NULL,
2409 				 sizeof(hdr) + sizeof(*gtk_tlv));
2410 	if (!skb)
2411 		return -ENOMEM;
2412 
2413 	skb_put_data(skb, &hdr, sizeof(hdr));
2414 	gtk_tlv = (struct mt76_connac_gtk_rekey_tlv *)skb_put(skb,
2415 							 sizeof(*gtk_tlv));
2416 	gtk_tlv->tag = cpu_to_le16(UNI_OFFLOAD_OFFLOAD_GTK_REKEY);
2417 	gtk_tlv->len = cpu_to_le16(sizeof(*gtk_tlv));
2418 	gtk_tlv->rekey_mode = 2;
2419 	gtk_tlv->option = 1;
2420 
2421 	rcu_read_lock();
2422 	ieee80211_iter_keys_rcu(hw, vif, mt76_connac_mcu_key_iter, gtk_tlv);
2423 	rcu_read_unlock();
2424 
2425 	memcpy(gtk_tlv->kek, key->kek, NL80211_KEK_LEN);
2426 	memcpy(gtk_tlv->kck, key->kck, NL80211_KCK_LEN);
2427 	memcpy(gtk_tlv->replay_ctr, key->replay_ctr, NL80211_REPLAY_CTR_LEN);
2428 
2429 	return mt76_mcu_skb_send_msg(phy->dev, skb,
2430 				     MCU_UNI_CMD(OFFLOAD), true);
2431 }
2432 EXPORT_SYMBOL_GPL(mt76_connac_mcu_update_gtk_rekey);
2433 
2434 static int
2435 mt76_connac_mcu_set_arp_filter(struct mt76_dev *dev, struct ieee80211_vif *vif,
2436 			       bool suspend)
2437 {
2438 	struct mt76_vif *mvif = (struct mt76_vif *)vif->drv_priv;
2439 	struct {
2440 		struct {
2441 			u8 bss_idx;
2442 			u8 pad[3];
2443 		} __packed hdr;
2444 		struct mt76_connac_arpns_tlv arpns;
2445 	} req = {
2446 		.hdr = {
2447 			.bss_idx = mvif->idx,
2448 		},
2449 		.arpns = {
2450 			.tag = cpu_to_le16(UNI_OFFLOAD_OFFLOAD_ARP),
2451 			.len = cpu_to_le16(sizeof(struct mt76_connac_arpns_tlv)),
2452 			.mode = suspend,
2453 		},
2454 	};
2455 
2456 	return mt76_mcu_send_msg(dev, MCU_UNI_CMD(OFFLOAD), &req,
2457 				 sizeof(req), true);
2458 }
2459 
2460 static int
2461 mt76_connac_mcu_set_gtk_rekey(struct mt76_dev *dev, struct ieee80211_vif *vif,
2462 			      bool suspend)
2463 {
2464 	struct mt76_vif *mvif = (struct mt76_vif *)vif->drv_priv;
2465 	struct {
2466 		struct {
2467 			u8 bss_idx;
2468 			u8 pad[3];
2469 		} __packed hdr;
2470 		struct mt76_connac_gtk_rekey_tlv gtk_tlv;
2471 	} __packed req = {
2472 		.hdr = {
2473 			.bss_idx = mvif->idx,
2474 		},
2475 		.gtk_tlv = {
2476 			.tag = cpu_to_le16(UNI_OFFLOAD_OFFLOAD_GTK_REKEY),
2477 			.len = cpu_to_le16(sizeof(struct mt76_connac_gtk_rekey_tlv)),
2478 			.rekey_mode = !suspend,
2479 		},
2480 	};
2481 
2482 	return mt76_mcu_send_msg(dev, MCU_UNI_CMD(OFFLOAD), &req,
2483 				 sizeof(req), true);
2484 }
2485 
2486 static int
2487 mt76_connac_mcu_set_suspend_mode(struct mt76_dev *dev,
2488 				 struct ieee80211_vif *vif,
2489 				 bool enable, u8 mdtim,
2490 				 bool wow_suspend)
2491 {
2492 	struct mt76_vif *mvif = (struct mt76_vif *)vif->drv_priv;
2493 	struct {
2494 		struct {
2495 			u8 bss_idx;
2496 			u8 pad[3];
2497 		} __packed hdr;
2498 		struct mt76_connac_suspend_tlv suspend_tlv;
2499 	} req = {
2500 		.hdr = {
2501 			.bss_idx = mvif->idx,
2502 		},
2503 		.suspend_tlv = {
2504 			.tag = cpu_to_le16(UNI_SUSPEND_MODE_SETTING),
2505 			.len = cpu_to_le16(sizeof(struct mt76_connac_suspend_tlv)),
2506 			.enable = enable,
2507 			.mdtim = mdtim,
2508 			.wow_suspend = wow_suspend,
2509 		},
2510 	};
2511 
2512 	return mt76_mcu_send_msg(dev, MCU_UNI_CMD(SUSPEND), &req,
2513 				 sizeof(req), true);
2514 }
2515 
2516 static int
2517 mt76_connac_mcu_set_wow_pattern(struct mt76_dev *dev,
2518 				struct ieee80211_vif *vif,
2519 				u8 index, bool enable,
2520 				struct cfg80211_pkt_pattern *pattern)
2521 {
2522 	struct mt76_vif *mvif = (struct mt76_vif *)vif->drv_priv;
2523 	struct mt76_connac_wow_pattern_tlv *ptlv;
2524 	struct sk_buff *skb;
2525 	struct req_hdr {
2526 		u8 bss_idx;
2527 		u8 pad[3];
2528 	} __packed hdr = {
2529 		.bss_idx = mvif->idx,
2530 	};
2531 
2532 	skb = mt76_mcu_msg_alloc(dev, NULL, sizeof(hdr) + sizeof(*ptlv));
2533 	if (!skb)
2534 		return -ENOMEM;
2535 
2536 	skb_put_data(skb, &hdr, sizeof(hdr));
2537 	ptlv = (struct mt76_connac_wow_pattern_tlv *)skb_put(skb, sizeof(*ptlv));
2538 	ptlv->tag = cpu_to_le16(UNI_SUSPEND_WOW_PATTERN);
2539 	ptlv->len = cpu_to_le16(sizeof(*ptlv));
2540 	ptlv->data_len = pattern->pattern_len;
2541 	ptlv->enable = enable;
2542 	ptlv->index = index;
2543 
2544 	memcpy(ptlv->pattern, pattern->pattern, pattern->pattern_len);
2545 	memcpy(ptlv->mask, pattern->mask, DIV_ROUND_UP(pattern->pattern_len, 8));
2546 
2547 	return mt76_mcu_skb_send_msg(dev, skb, MCU_UNI_CMD(SUSPEND), true);
2548 }
2549 
2550 static int
2551 mt76_connac_mcu_set_wow_ctrl(struct mt76_phy *phy, struct ieee80211_vif *vif,
2552 			     bool suspend, struct cfg80211_wowlan *wowlan)
2553 {
2554 	struct mt76_vif *mvif = (struct mt76_vif *)vif->drv_priv;
2555 	struct mt76_dev *dev = phy->dev;
2556 	struct {
2557 		struct {
2558 			u8 bss_idx;
2559 			u8 pad[3];
2560 		} __packed hdr;
2561 		struct mt76_connac_wow_ctrl_tlv wow_ctrl_tlv;
2562 		struct mt76_connac_wow_gpio_param_tlv gpio_tlv;
2563 	} req = {
2564 		.hdr = {
2565 			.bss_idx = mvif->idx,
2566 		},
2567 		.wow_ctrl_tlv = {
2568 			.tag = cpu_to_le16(UNI_SUSPEND_WOW_CTRL),
2569 			.len = cpu_to_le16(sizeof(struct mt76_connac_wow_ctrl_tlv)),
2570 			.cmd = suspend ? 1 : 2,
2571 		},
2572 		.gpio_tlv = {
2573 			.tag = cpu_to_le16(UNI_SUSPEND_WOW_GPIO_PARAM),
2574 			.len = cpu_to_le16(sizeof(struct mt76_connac_wow_gpio_param_tlv)),
2575 			.gpio_pin = 0xff, /* follow fw about GPIO pin */
2576 		},
2577 	};
2578 
2579 	if (wowlan->magic_pkt)
2580 		req.wow_ctrl_tlv.trigger |= UNI_WOW_DETECT_TYPE_MAGIC;
2581 	if (wowlan->disconnect)
2582 		req.wow_ctrl_tlv.trigger |= (UNI_WOW_DETECT_TYPE_DISCONNECT |
2583 					     UNI_WOW_DETECT_TYPE_BCN_LOST);
2584 	if (wowlan->nd_config) {
2585 		mt76_connac_mcu_sched_scan_req(phy, vif, wowlan->nd_config);
2586 		req.wow_ctrl_tlv.trigger |= UNI_WOW_DETECT_TYPE_SCH_SCAN_HIT;
2587 		mt76_connac_mcu_sched_scan_enable(phy, vif, suspend);
2588 	}
2589 	if (wowlan->n_patterns)
2590 		req.wow_ctrl_tlv.trigger |= UNI_WOW_DETECT_TYPE_BITMAP;
2591 
2592 	if (mt76_is_mmio(dev))
2593 		req.wow_ctrl_tlv.wakeup_hif = WOW_PCIE;
2594 	else if (mt76_is_usb(dev))
2595 		req.wow_ctrl_tlv.wakeup_hif = WOW_USB;
2596 	else if (mt76_is_sdio(dev))
2597 		req.wow_ctrl_tlv.wakeup_hif = WOW_GPIO;
2598 
2599 	return mt76_mcu_send_msg(dev, MCU_UNI_CMD(SUSPEND), &req,
2600 				 sizeof(req), true);
2601 }
2602 
2603 int mt76_connac_mcu_set_hif_suspend(struct mt76_dev *dev, bool suspend)
2604 {
2605 	struct {
2606 		struct {
2607 			u8 hif_type; /* 0x0: HIF_SDIO
2608 				      * 0x1: HIF_USB
2609 				      * 0x2: HIF_PCIE
2610 				      */
2611 			u8 pad[3];
2612 		} __packed hdr;
2613 		struct hif_suspend_tlv {
2614 			__le16 tag;
2615 			__le16 len;
2616 			u8 suspend;
2617 		} __packed hif_suspend;
2618 	} req = {
2619 		.hif_suspend = {
2620 			.tag = cpu_to_le16(0), /* 0: UNI_HIF_CTRL_BASIC */
2621 			.len = cpu_to_le16(sizeof(struct hif_suspend_tlv)),
2622 			.suspend = suspend,
2623 		},
2624 	};
2625 
2626 	if (mt76_is_mmio(dev))
2627 		req.hdr.hif_type = 2;
2628 	else if (mt76_is_usb(dev))
2629 		req.hdr.hif_type = 1;
2630 	else if (mt76_is_sdio(dev))
2631 		req.hdr.hif_type = 0;
2632 
2633 	return mt76_mcu_send_msg(dev, MCU_UNI_CMD(HIF_CTRL), &req,
2634 				 sizeof(req), true);
2635 }
2636 EXPORT_SYMBOL_GPL(mt76_connac_mcu_set_hif_suspend);
2637 
2638 void mt76_connac_mcu_set_suspend_iter(void *priv, u8 *mac,
2639 				      struct ieee80211_vif *vif)
2640 {
2641 	struct mt76_phy *phy = priv;
2642 	bool suspend = !test_bit(MT76_STATE_RUNNING, &phy->state);
2643 	struct ieee80211_hw *hw = phy->hw;
2644 	struct cfg80211_wowlan *wowlan = hw->wiphy->wowlan_config;
2645 	int i;
2646 
2647 	mt76_connac_mcu_set_gtk_rekey(phy->dev, vif, suspend);
2648 	mt76_connac_mcu_set_arp_filter(phy->dev, vif, suspend);
2649 
2650 	mt76_connac_mcu_set_suspend_mode(phy->dev, vif, suspend, 1, true);
2651 
2652 	for (i = 0; i < wowlan->n_patterns; i++)
2653 		mt76_connac_mcu_set_wow_pattern(phy->dev, vif, i, suspend,
2654 						&wowlan->patterns[i]);
2655 	mt76_connac_mcu_set_wow_ctrl(phy, vif, suspend, wowlan);
2656 }
2657 EXPORT_SYMBOL_GPL(mt76_connac_mcu_set_suspend_iter);
2658 #endif /* CONFIG_PM */
2659 
2660 u32 mt76_connac_mcu_reg_rr(struct mt76_dev *dev, u32 offset)
2661 {
2662 	struct {
2663 		__le32 addr;
2664 		__le32 val;
2665 	} __packed req = {
2666 		.addr = cpu_to_le32(offset),
2667 	};
2668 
2669 	return mt76_mcu_send_msg(dev, MCU_CE_QUERY(REG_READ), &req,
2670 				 sizeof(req), true);
2671 }
2672 EXPORT_SYMBOL_GPL(mt76_connac_mcu_reg_rr);
2673 
2674 void mt76_connac_mcu_reg_wr(struct mt76_dev *dev, u32 offset, u32 val)
2675 {
2676 	struct {
2677 		__le32 addr;
2678 		__le32 val;
2679 	} __packed req = {
2680 		.addr = cpu_to_le32(offset),
2681 		.val = cpu_to_le32(val),
2682 	};
2683 
2684 	mt76_mcu_send_msg(dev, MCU_CE_CMD(REG_WRITE), &req,
2685 			  sizeof(req), false);
2686 }
2687 EXPORT_SYMBOL_GPL(mt76_connac_mcu_reg_wr);
2688 
2689 static int
2690 mt76_connac_mcu_sta_key_tlv(struct mt76_connac_sta_key_conf *sta_key_conf,
2691 			    struct sk_buff *skb,
2692 			    struct ieee80211_key_conf *key,
2693 			    enum set_key_cmd cmd)
2694 {
2695 	struct sta_rec_sec *sec;
2696 	u32 len = sizeof(*sec);
2697 	struct tlv *tlv;
2698 
2699 	tlv = mt76_connac_mcu_add_tlv(skb, STA_REC_KEY_V2, sizeof(*sec));
2700 	sec = (struct sta_rec_sec *)tlv;
2701 	sec->add = cmd;
2702 
2703 	if (cmd == SET_KEY) {
2704 		struct sec_key *sec_key;
2705 		u8 cipher;
2706 
2707 		cipher = mt76_connac_mcu_get_cipher(key->cipher);
2708 		if (cipher == MCU_CIPHER_NONE)
2709 			return -EOPNOTSUPP;
2710 
2711 		sec_key = &sec->key[0];
2712 		sec_key->cipher_len = sizeof(*sec_key);
2713 
2714 		if (cipher == MCU_CIPHER_BIP_CMAC_128) {
2715 			sec_key->cipher_id = MCU_CIPHER_AES_CCMP;
2716 			sec_key->key_id = sta_key_conf->keyidx;
2717 			sec_key->key_len = 16;
2718 			memcpy(sec_key->key, sta_key_conf->key, 16);
2719 
2720 			sec_key = &sec->key[1];
2721 			sec_key->cipher_id = MCU_CIPHER_BIP_CMAC_128;
2722 			sec_key->cipher_len = sizeof(*sec_key);
2723 			sec_key->key_len = 16;
2724 			memcpy(sec_key->key, key->key, 16);
2725 			sec->n_cipher = 2;
2726 		} else {
2727 			sec_key->cipher_id = cipher;
2728 			sec_key->key_id = key->keyidx;
2729 			sec_key->key_len = key->keylen;
2730 			memcpy(sec_key->key, key->key, key->keylen);
2731 
2732 			if (cipher == MCU_CIPHER_TKIP) {
2733 				/* Rx/Tx MIC keys are swapped */
2734 				memcpy(sec_key->key + 16, key->key + 24, 8);
2735 				memcpy(sec_key->key + 24, key->key + 16, 8);
2736 			}
2737 
2738 			/* store key_conf for BIP batch update */
2739 			if (cipher == MCU_CIPHER_AES_CCMP) {
2740 				memcpy(sta_key_conf->key, key->key, key->keylen);
2741 				sta_key_conf->keyidx = key->keyidx;
2742 			}
2743 
2744 			len -= sizeof(*sec_key);
2745 			sec->n_cipher = 1;
2746 		}
2747 	} else {
2748 		len -= sizeof(sec->key);
2749 		sec->n_cipher = 0;
2750 	}
2751 	sec->len = cpu_to_le16(len);
2752 
2753 	return 0;
2754 }
2755 
2756 int mt76_connac_mcu_add_key(struct mt76_dev *dev, struct ieee80211_vif *vif,
2757 			    struct mt76_connac_sta_key_conf *sta_key_conf,
2758 			    struct ieee80211_key_conf *key, int mcu_cmd,
2759 			    struct mt76_wcid *wcid, enum set_key_cmd cmd)
2760 {
2761 	struct mt76_vif *mvif = (struct mt76_vif *)vif->drv_priv;
2762 	struct sk_buff *skb;
2763 	int ret;
2764 
2765 	skb = mt76_connac_mcu_alloc_sta_req(dev, mvif, wcid);
2766 	if (IS_ERR(skb))
2767 		return PTR_ERR(skb);
2768 
2769 	ret = mt76_connac_mcu_sta_key_tlv(sta_key_conf, skb, key, cmd);
2770 	if (ret)
2771 		return ret;
2772 
2773 	ret = mt76_connac_mcu_sta_wed_update(dev, skb);
2774 	if (ret)
2775 		return ret;
2776 
2777 	return mt76_mcu_skb_send_msg(dev, skb, mcu_cmd, true);
2778 }
2779 EXPORT_SYMBOL_GPL(mt76_connac_mcu_add_key);
2780 
2781 /* SIFS 20us + 512 byte beacon transmitted by 1Mbps (3906us) */
2782 #define BCN_TX_ESTIMATE_TIME (4096 + 20)
2783 void mt76_connac_mcu_bss_ext_tlv(struct sk_buff *skb, struct mt76_vif *mvif)
2784 {
2785 	struct bss_info_ext_bss *ext;
2786 	int ext_bss_idx, tsf_offset;
2787 	struct tlv *tlv;
2788 
2789 	ext_bss_idx = mvif->omac_idx - EXT_BSSID_START;
2790 	if (ext_bss_idx < 0)
2791 		return;
2792 
2793 	tlv = mt76_connac_mcu_add_tlv(skb, BSS_INFO_EXT_BSS, sizeof(*ext));
2794 
2795 	ext = (struct bss_info_ext_bss *)tlv;
2796 	tsf_offset = ext_bss_idx * BCN_TX_ESTIMATE_TIME;
2797 	ext->mbss_tsf_offset = cpu_to_le32(tsf_offset);
2798 }
2799 EXPORT_SYMBOL_GPL(mt76_connac_mcu_bss_ext_tlv);
2800 
2801 int mt76_connac_mcu_bss_basic_tlv(struct sk_buff *skb,
2802 				  struct ieee80211_vif *vif,
2803 				  struct ieee80211_sta *sta,
2804 				  struct mt76_phy *phy, u16 wlan_idx,
2805 				  bool enable)
2806 {
2807 	struct mt76_vif *mvif = (struct mt76_vif *)vif->drv_priv;
2808 	u32 type = vif->p2p ? NETWORK_P2P : NETWORK_INFRA;
2809 	struct bss_info_basic *bss;
2810 	struct tlv *tlv;
2811 
2812 	tlv = mt76_connac_mcu_add_tlv(skb, BSS_INFO_BASIC, sizeof(*bss));
2813 	bss = (struct bss_info_basic *)tlv;
2814 
2815 	switch (vif->type) {
2816 	case NL80211_IFTYPE_MESH_POINT:
2817 	case NL80211_IFTYPE_MONITOR:
2818 		break;
2819 	case NL80211_IFTYPE_AP:
2820 		if (ieee80211_hw_check(phy->hw, SUPPORTS_MULTI_BSSID)) {
2821 			u8 bssid_id = vif->bss_conf.bssid_indicator;
2822 			struct wiphy *wiphy = phy->hw->wiphy;
2823 
2824 			if (bssid_id > ilog2(wiphy->mbssid_max_interfaces))
2825 				return -EINVAL;
2826 
2827 			bss->non_tx_bssid = vif->bss_conf.bssid_index;
2828 			bss->max_bssid = bssid_id;
2829 		}
2830 		break;
2831 	case NL80211_IFTYPE_STATION:
2832 		if (enable) {
2833 			rcu_read_lock();
2834 			if (!sta)
2835 				sta = ieee80211_find_sta(vif,
2836 							 vif->bss_conf.bssid);
2837 			/* TODO: enable BSS_INFO_UAPSD & BSS_INFO_PM */
2838 			if (sta) {
2839 				struct mt76_wcid *wcid;
2840 
2841 				wcid = (struct mt76_wcid *)sta->drv_priv;
2842 				wlan_idx = wcid->idx;
2843 			}
2844 			rcu_read_unlock();
2845 		}
2846 		break;
2847 	case NL80211_IFTYPE_ADHOC:
2848 		type = NETWORK_IBSS;
2849 		break;
2850 	default:
2851 		WARN_ON(1);
2852 		break;
2853 	}
2854 
2855 	bss->network_type = cpu_to_le32(type);
2856 	bss->bmc_wcid_lo = to_wcid_lo(wlan_idx);
2857 	bss->bmc_wcid_hi = to_wcid_hi(wlan_idx);
2858 	bss->wmm_idx = mvif->wmm_idx;
2859 	bss->active = enable;
2860 	bss->cipher = mvif->cipher;
2861 
2862 	if (vif->type != NL80211_IFTYPE_MONITOR) {
2863 		struct cfg80211_chan_def *chandef = &phy->chandef;
2864 
2865 		memcpy(bss->bssid, vif->bss_conf.bssid, ETH_ALEN);
2866 		bss->bcn_interval = cpu_to_le16(vif->bss_conf.beacon_int);
2867 		bss->dtim_period = vif->bss_conf.dtim_period;
2868 		bss->phy_mode = mt76_connac_get_phy_mode(phy, vif,
2869 							 chandef->chan->band, NULL);
2870 	} else {
2871 		memcpy(bss->bssid, phy->macaddr, ETH_ALEN);
2872 	}
2873 
2874 	return 0;
2875 }
2876 EXPORT_SYMBOL_GPL(mt76_connac_mcu_bss_basic_tlv);
2877 
2878 #define ENTER_PM_STATE		1
2879 #define EXIT_PM_STATE		2
2880 int mt76_connac_mcu_set_pm(struct mt76_dev *dev, int band, int enter)
2881 {
2882 	struct {
2883 		u8 pm_number;
2884 		u8 pm_state;
2885 		u8 bssid[ETH_ALEN];
2886 		u8 dtim_period;
2887 		u8 wlan_idx_lo;
2888 		__le16 bcn_interval;
2889 		__le32 aid;
2890 		__le32 rx_filter;
2891 		u8 band_idx;
2892 		u8 wlan_idx_hi;
2893 		u8 rsv[2];
2894 		__le32 feature;
2895 		u8 omac_idx;
2896 		u8 wmm_idx;
2897 		u8 bcn_loss_cnt;
2898 		u8 bcn_sp_duration;
2899 	} __packed req = {
2900 		.pm_number = 5,
2901 		.pm_state = enter ? ENTER_PM_STATE : EXIT_PM_STATE,
2902 		.band_idx = band,
2903 	};
2904 
2905 	return mt76_mcu_send_msg(dev, MCU_EXT_CMD(PM_STATE_CTRL), &req,
2906 				 sizeof(req), true);
2907 }
2908 EXPORT_SYMBOL_GPL(mt76_connac_mcu_set_pm);
2909 
2910 int mt76_connac_mcu_restart(struct mt76_dev *dev)
2911 {
2912 	struct {
2913 		u8 power_mode;
2914 		u8 rsv[3];
2915 	} req = {
2916 		.power_mode = 1,
2917 	};
2918 
2919 	return mt76_mcu_send_msg(dev, MCU_CMD(NIC_POWER_CTRL), &req,
2920 				 sizeof(req), false);
2921 }
2922 EXPORT_SYMBOL_GPL(mt76_connac_mcu_restart);
2923 
2924 int mt76_connac_mcu_rdd_cmd(struct mt76_dev *dev, int cmd, u8 index,
2925 			    u8 rx_sel, u8 val)
2926 {
2927 	struct {
2928 		u8 ctrl;
2929 		u8 rdd_idx;
2930 		u8 rdd_rx_sel;
2931 		u8 val;
2932 		u8 rsv[4];
2933 	} __packed req = {
2934 		.ctrl = cmd,
2935 		.rdd_idx = index,
2936 		.rdd_rx_sel = rx_sel,
2937 		.val = val,
2938 	};
2939 
2940 	return mt76_mcu_send_msg(dev, MCU_EXT_CMD(SET_RDD_CTRL), &req,
2941 				 sizeof(req), true);
2942 }
2943 EXPORT_SYMBOL_GPL(mt76_connac_mcu_rdd_cmd);
2944 
2945 static int
2946 mt76_connac_mcu_send_ram_firmware(struct mt76_dev *dev,
2947 				  const struct mt76_connac2_fw_trailer *hdr,
2948 				  const u8 *data, bool is_wa)
2949 {
2950 	int i, offset = 0, max_len = mt76_is_sdio(dev) ? 2048 : 4096;
2951 	u32 override = 0, option = 0;
2952 
2953 	for (i = 0; i < hdr->n_region; i++) {
2954 		const struct mt76_connac2_fw_region *region;
2955 		u32 len, addr, mode;
2956 		int err;
2957 
2958 		region = (const void *)((const u8 *)hdr -
2959 					(hdr->n_region - i) * sizeof(*region));
2960 		mode = mt76_connac_mcu_gen_dl_mode(dev, region->feature_set,
2961 						   is_wa);
2962 		len = le32_to_cpu(region->len);
2963 		addr = le32_to_cpu(region->addr);
2964 
2965 		if (region->feature_set & FW_FEATURE_NON_DL)
2966 			goto next;
2967 
2968 		if (region->feature_set & FW_FEATURE_OVERRIDE_ADDR)
2969 			override = addr;
2970 
2971 		err = mt76_connac_mcu_init_download(dev, addr, len, mode);
2972 		if (err) {
2973 			dev_err(dev->dev, "Download request failed\n");
2974 			return err;
2975 		}
2976 
2977 		err = __mt76_mcu_send_firmware(dev, MCU_CMD(FW_SCATTER),
2978 					       data + offset, len, max_len);
2979 		if (err) {
2980 			dev_err(dev->dev, "Failed to send firmware.\n");
2981 			return err;
2982 		}
2983 
2984 next:
2985 		offset += len;
2986 	}
2987 
2988 	if (override)
2989 		option |= FW_START_OVERRIDE;
2990 	if (is_wa)
2991 		option |= FW_START_WORKING_PDA_CR4;
2992 
2993 	return mt76_connac_mcu_start_firmware(dev, override, option);
2994 }
2995 
2996 int mt76_connac2_load_ram(struct mt76_dev *dev, const char *fw_wm,
2997 			  const char *fw_wa)
2998 {
2999 	const struct mt76_connac2_fw_trailer *hdr;
3000 	const struct firmware *fw;
3001 	int ret;
3002 
3003 	ret = request_firmware(&fw, fw_wm, dev->dev);
3004 	if (ret)
3005 		return ret;
3006 
3007 	if (!fw || !fw->data || fw->size < sizeof(*hdr)) {
3008 		dev_err(dev->dev, "Invalid firmware\n");
3009 		ret = -EINVAL;
3010 		goto out;
3011 	}
3012 
3013 	hdr = (const void *)(fw->data + fw->size - sizeof(*hdr));
3014 	dev_info(dev->dev, "WM Firmware Version: %.10s, Build Time: %.15s\n",
3015 		 hdr->fw_ver, hdr->build_date);
3016 
3017 	ret = mt76_connac_mcu_send_ram_firmware(dev, hdr, fw->data, false);
3018 	if (ret) {
3019 		dev_err(dev->dev, "Failed to start WM firmware\n");
3020 		goto out;
3021 	}
3022 
3023 	snprintf(dev->hw->wiphy->fw_version,
3024 		 sizeof(dev->hw->wiphy->fw_version),
3025 		 "%.10s-%.15s", hdr->fw_ver, hdr->build_date);
3026 
3027 	release_firmware(fw);
3028 
3029 	if (!fw_wa)
3030 		return 0;
3031 
3032 	ret = request_firmware(&fw, fw_wa, dev->dev);
3033 	if (ret)
3034 		return ret;
3035 
3036 	if (!fw || !fw->data || fw->size < sizeof(*hdr)) {
3037 		dev_err(dev->dev, "Invalid firmware\n");
3038 		ret = -EINVAL;
3039 		goto out;
3040 	}
3041 
3042 	hdr = (const void *)(fw->data + fw->size - sizeof(*hdr));
3043 	dev_info(dev->dev, "WA Firmware Version: %.10s, Build Time: %.15s\n",
3044 		 hdr->fw_ver, hdr->build_date);
3045 
3046 	ret = mt76_connac_mcu_send_ram_firmware(dev, hdr, fw->data, true);
3047 	if (ret) {
3048 		dev_err(dev->dev, "Failed to start WA firmware\n");
3049 		goto out;
3050 	}
3051 
3052 	snprintf(dev->hw->wiphy->fw_version,
3053 		 sizeof(dev->hw->wiphy->fw_version),
3054 		 "%.10s-%.15s", hdr->fw_ver, hdr->build_date);
3055 
3056 out:
3057 	release_firmware(fw);
3058 
3059 	return ret;
3060 }
3061 EXPORT_SYMBOL_GPL(mt76_connac2_load_ram);
3062 
3063 static u32 mt76_connac2_get_data_mode(struct mt76_dev *dev, u32 info)
3064 {
3065 	u32 mode = DL_MODE_NEED_RSP;
3066 
3067 	if (!is_mt7921(dev) || info == PATCH_SEC_NOT_SUPPORT)
3068 		return mode;
3069 
3070 	switch (FIELD_GET(PATCH_SEC_ENC_TYPE_MASK, info)) {
3071 	case PATCH_SEC_ENC_TYPE_PLAIN:
3072 		break;
3073 	case PATCH_SEC_ENC_TYPE_AES:
3074 		mode |= DL_MODE_ENCRYPT;
3075 		mode |= FIELD_PREP(DL_MODE_KEY_IDX,
3076 				(info & PATCH_SEC_ENC_AES_KEY_MASK)) & DL_MODE_KEY_IDX;
3077 		mode |= DL_MODE_RESET_SEC_IV;
3078 		break;
3079 	case PATCH_SEC_ENC_TYPE_SCRAMBLE:
3080 		mode |= DL_MODE_ENCRYPT;
3081 		mode |= DL_CONFIG_ENCRY_MODE_SEL;
3082 		mode |= DL_MODE_RESET_SEC_IV;
3083 		break;
3084 	default:
3085 		dev_err(dev->dev, "Encryption type not support!\n");
3086 	}
3087 
3088 	return mode;
3089 }
3090 
3091 int mt76_connac2_load_patch(struct mt76_dev *dev, const char *fw_name)
3092 {
3093 	int i, ret, sem, max_len = mt76_is_sdio(dev) ? 2048 : 4096;
3094 	const struct mt76_connac2_patch_hdr *hdr;
3095 	const struct firmware *fw = NULL;
3096 
3097 	sem = mt76_connac_mcu_patch_sem_ctrl(dev, true);
3098 	switch (sem) {
3099 	case PATCH_IS_DL:
3100 		return 0;
3101 	case PATCH_NOT_DL_SEM_SUCCESS:
3102 		break;
3103 	default:
3104 		dev_err(dev->dev, "Failed to get patch semaphore\n");
3105 		return -EAGAIN;
3106 	}
3107 
3108 	ret = request_firmware(&fw, fw_name, dev->dev);
3109 	if (ret)
3110 		goto out;
3111 
3112 	if (!fw || !fw->data || fw->size < sizeof(*hdr)) {
3113 		dev_err(dev->dev, "Invalid firmware\n");
3114 		ret = -EINVAL;
3115 		goto out;
3116 	}
3117 
3118 	hdr = (const void *)fw->data;
3119 	dev_info(dev->dev, "HW/SW Version: 0x%x, Build Time: %.16s\n",
3120 		 be32_to_cpu(hdr->hw_sw_ver), hdr->build_date);
3121 
3122 	for (i = 0; i < be32_to_cpu(hdr->desc.n_region); i++) {
3123 		struct mt76_connac2_patch_sec *sec;
3124 		u32 len, addr, mode;
3125 		const u8 *dl;
3126 		u32 sec_info;
3127 
3128 		sec = (void *)(fw->data + sizeof(*hdr) + i * sizeof(*sec));
3129 		if ((be32_to_cpu(sec->type) & PATCH_SEC_TYPE_MASK) !=
3130 		    PATCH_SEC_TYPE_INFO) {
3131 			ret = -EINVAL;
3132 			goto out;
3133 		}
3134 
3135 		addr = be32_to_cpu(sec->info.addr);
3136 		len = be32_to_cpu(sec->info.len);
3137 		dl = fw->data + be32_to_cpu(sec->offs);
3138 		sec_info = be32_to_cpu(sec->info.sec_key_idx);
3139 		mode = mt76_connac2_get_data_mode(dev, sec_info);
3140 
3141 		ret = mt76_connac_mcu_init_download(dev, addr, len, mode);
3142 		if (ret) {
3143 			dev_err(dev->dev, "Download request failed\n");
3144 			goto out;
3145 		}
3146 
3147 		ret = __mt76_mcu_send_firmware(dev, MCU_CMD(FW_SCATTER),
3148 					       dl, len, max_len);
3149 		if (ret) {
3150 			dev_err(dev->dev, "Failed to send patch\n");
3151 			goto out;
3152 		}
3153 	}
3154 
3155 	ret = mt76_connac_mcu_start_patch(dev);
3156 	if (ret)
3157 		dev_err(dev->dev, "Failed to start patch\n");
3158 
3159 out:
3160 	sem = mt76_connac_mcu_patch_sem_ctrl(dev, false);
3161 	switch (sem) {
3162 	case PATCH_REL_SEM_SUCCESS:
3163 		break;
3164 	default:
3165 		ret = -EAGAIN;
3166 		dev_err(dev->dev, "Failed to release patch semaphore\n");
3167 		break;
3168 	}
3169 
3170 	release_firmware(fw);
3171 
3172 	return ret;
3173 }
3174 EXPORT_SYMBOL_GPL(mt76_connac2_load_patch);
3175 
3176 int mt76_connac2_mcu_fill_message(struct mt76_dev *dev, struct sk_buff *skb,
3177 				  int cmd, int *wait_seq)
3178 {
3179 	int txd_len, mcu_cmd = FIELD_GET(__MCU_CMD_FIELD_ID, cmd);
3180 	struct mt76_connac2_mcu_uni_txd *uni_txd;
3181 	struct mt76_connac2_mcu_txd *mcu_txd;
3182 	__le32 *txd;
3183 	u32 val;
3184 	u8 seq;
3185 
3186 	/* TODO: make dynamic based on msg type */
3187 	dev->mcu.timeout = 20 * HZ;
3188 
3189 	seq = ++dev->mcu.msg_seq & 0xf;
3190 	if (!seq)
3191 		seq = ++dev->mcu.msg_seq & 0xf;
3192 
3193 	if (cmd == MCU_CMD(FW_SCATTER))
3194 		goto exit;
3195 
3196 	txd_len = cmd & __MCU_CMD_FIELD_UNI ? sizeof(*uni_txd) : sizeof(*mcu_txd);
3197 	txd = (__le32 *)skb_push(skb, txd_len);
3198 
3199 	val = FIELD_PREP(MT_TXD0_TX_BYTES, skb->len) |
3200 	      FIELD_PREP(MT_TXD0_PKT_FMT, MT_TX_TYPE_CMD) |
3201 	      FIELD_PREP(MT_TXD0_Q_IDX, MT_TX_MCU_PORT_RX_Q0);
3202 	txd[0] = cpu_to_le32(val);
3203 
3204 	val = MT_TXD1_LONG_FORMAT |
3205 	      FIELD_PREP(MT_TXD1_HDR_FORMAT, MT_HDR_FORMAT_CMD);
3206 	txd[1] = cpu_to_le32(val);
3207 
3208 	if (cmd & __MCU_CMD_FIELD_UNI) {
3209 		uni_txd = (struct mt76_connac2_mcu_uni_txd *)txd;
3210 		uni_txd->len = cpu_to_le16(skb->len - sizeof(uni_txd->txd));
3211 		uni_txd->option = MCU_CMD_UNI_EXT_ACK;
3212 		uni_txd->cid = cpu_to_le16(mcu_cmd);
3213 		uni_txd->s2d_index = MCU_S2D_H2N;
3214 		uni_txd->pkt_type = MCU_PKT_ID;
3215 		uni_txd->seq = seq;
3216 
3217 		goto exit;
3218 	}
3219 
3220 	mcu_txd = (struct mt76_connac2_mcu_txd *)txd;
3221 	mcu_txd->len = cpu_to_le16(skb->len - sizeof(mcu_txd->txd));
3222 	mcu_txd->pq_id = cpu_to_le16(MCU_PQ_ID(MT_TX_PORT_IDX_MCU,
3223 					       MT_TX_MCU_PORT_RX_Q0));
3224 	mcu_txd->pkt_type = MCU_PKT_ID;
3225 	mcu_txd->seq = seq;
3226 	mcu_txd->cid = mcu_cmd;
3227 	mcu_txd->ext_cid = FIELD_GET(__MCU_CMD_FIELD_EXT_ID, cmd);
3228 
3229 	if (mcu_txd->ext_cid || (cmd & __MCU_CMD_FIELD_CE)) {
3230 		if (cmd & __MCU_CMD_FIELD_QUERY)
3231 			mcu_txd->set_query = MCU_Q_QUERY;
3232 		else
3233 			mcu_txd->set_query = MCU_Q_SET;
3234 		mcu_txd->ext_cid_ack = !!mcu_txd->ext_cid;
3235 	} else {
3236 		mcu_txd->set_query = MCU_Q_NA;
3237 	}
3238 
3239 	if (cmd & __MCU_CMD_FIELD_WA)
3240 		mcu_txd->s2d_index = MCU_S2D_H2C;
3241 	else
3242 		mcu_txd->s2d_index = MCU_S2D_H2N;
3243 
3244 exit:
3245 	if (wait_seq)
3246 		*wait_seq = seq;
3247 
3248 	return 0;
3249 }
3250 EXPORT_SYMBOL_GPL(mt76_connac2_mcu_fill_message);
3251 
3252 MODULE_AUTHOR("Lorenzo Bianconi <lorenzo@kernel.org>");
3253 MODULE_LICENSE("Dual BSD/GPL");
3254