xref: /linux/drivers/net/wireless/mediatek/mt76/mt76_connac_mcu.c (revision d7bf4786b5250b0e490a937d1f8a16ee3a54adbe)
1 // SPDX-License-Identifier: ISC
2 /* Copyright (C) 2020 MediaTek Inc. */
3 
4 #include <linux/firmware.h>
5 #include "mt76_connac2_mac.h"
6 #include "mt76_connac_mcu.h"
7 
8 int mt76_connac_mcu_start_firmware(struct mt76_dev *dev, u32 addr, u32 option)
9 {
10 	struct {
11 		__le32 option;
12 		__le32 addr;
13 	} req = {
14 		.option = cpu_to_le32(option),
15 		.addr = cpu_to_le32(addr),
16 	};
17 
18 	return mt76_mcu_send_msg(dev, MCU_CMD(FW_START_REQ), &req,
19 				 sizeof(req), true);
20 }
21 EXPORT_SYMBOL_GPL(mt76_connac_mcu_start_firmware);
22 
23 int mt76_connac_mcu_patch_sem_ctrl(struct mt76_dev *dev, bool get)
24 {
25 	u32 op = get ? PATCH_SEM_GET : PATCH_SEM_RELEASE;
26 	struct {
27 		__le32 op;
28 	} req = {
29 		.op = cpu_to_le32(op),
30 	};
31 
32 	return mt76_mcu_send_msg(dev, MCU_CMD(PATCH_SEM_CONTROL),
33 				 &req, sizeof(req), true);
34 }
35 EXPORT_SYMBOL_GPL(mt76_connac_mcu_patch_sem_ctrl);
36 
37 int mt76_connac_mcu_start_patch(struct mt76_dev *dev)
38 {
39 	struct {
40 		u8 check_crc;
41 		u8 reserved[3];
42 	} req = {
43 		.check_crc = 0,
44 	};
45 
46 	return mt76_mcu_send_msg(dev, MCU_CMD(PATCH_FINISH_REQ),
47 				 &req, sizeof(req), true);
48 }
49 EXPORT_SYMBOL_GPL(mt76_connac_mcu_start_patch);
50 
51 #define MCU_PATCH_ADDRESS	0x200000
52 
53 int mt76_connac_mcu_init_download(struct mt76_dev *dev, u32 addr, u32 len,
54 				  u32 mode)
55 {
56 	struct {
57 		__le32 addr;
58 		__le32 len;
59 		__le32 mode;
60 	} req = {
61 		.addr = cpu_to_le32(addr),
62 		.len = cpu_to_le32(len),
63 		.mode = cpu_to_le32(mode),
64 	};
65 	int cmd;
66 
67 	if ((!is_connac_v1(dev) && addr == MCU_PATCH_ADDRESS) ||
68 	    (is_mt7921(dev) && addr == 0x900000) ||
69 	    (is_mt7925(dev) && (addr == 0x900000 || addr == 0xe0002800)) ||
70 	    (is_mt7996(dev) && addr == 0x900000) ||
71 	    (is_mt7992(dev) && addr == 0x900000))
72 		cmd = MCU_CMD(PATCH_START_REQ);
73 	else
74 		cmd = MCU_CMD(TARGET_ADDRESS_LEN_REQ);
75 
76 	return mt76_mcu_send_msg(dev, cmd, &req, sizeof(req), true);
77 }
78 EXPORT_SYMBOL_GPL(mt76_connac_mcu_init_download);
79 
80 int mt76_connac_mcu_set_channel_domain(struct mt76_phy *phy)
81 {
82 	int len, i, n_max_channels, n_2ch = 0, n_5ch = 0, n_6ch = 0;
83 	struct mt76_connac_mcu_channel_domain {
84 		u8 alpha2[4]; /* regulatory_request.alpha2 */
85 		u8 bw_2g; /* BW_20_40M		0
86 			   * BW_20M		1
87 			   * BW_20_40_80M	2
88 			   * BW_20_40_80_160M	3
89 			   * BW_20_40_80_8080M	4
90 			   */
91 		u8 bw_5g;
92 		u8 bw_6g;
93 		u8 pad;
94 		u8 n_2ch;
95 		u8 n_5ch;
96 		u8 n_6ch;
97 		u8 pad2;
98 	} __packed hdr = {
99 		.bw_2g = 0,
100 		.bw_5g = 3, /* BW_20_40_80_160M */
101 		.bw_6g = 3,
102 	};
103 	struct mt76_connac_mcu_chan {
104 		__le16 hw_value;
105 		__le16 pad;
106 		__le32 flags;
107 	} __packed channel;
108 	struct mt76_dev *dev = phy->dev;
109 	struct ieee80211_channel *chan;
110 	struct sk_buff *skb;
111 
112 	n_max_channels = phy->sband_2g.sband.n_channels +
113 			 phy->sband_5g.sband.n_channels +
114 			 phy->sband_6g.sband.n_channels;
115 	len = sizeof(hdr) + n_max_channels * sizeof(channel);
116 
117 	skb = mt76_mcu_msg_alloc(dev, NULL, len);
118 	if (!skb)
119 		return -ENOMEM;
120 
121 	skb_reserve(skb, sizeof(hdr));
122 
123 	for (i = 0; i < phy->sband_2g.sband.n_channels; i++) {
124 		chan = &phy->sband_2g.sband.channels[i];
125 		if (chan->flags & IEEE80211_CHAN_DISABLED)
126 			continue;
127 
128 		channel.hw_value = cpu_to_le16(chan->hw_value);
129 		channel.flags = cpu_to_le32(chan->flags);
130 		channel.pad = 0;
131 
132 		skb_put_data(skb, &channel, sizeof(channel));
133 		n_2ch++;
134 	}
135 	for (i = 0; i < phy->sband_5g.sband.n_channels; i++) {
136 		chan = &phy->sband_5g.sband.channels[i];
137 		if (chan->flags & IEEE80211_CHAN_DISABLED)
138 			continue;
139 
140 		channel.hw_value = cpu_to_le16(chan->hw_value);
141 		channel.flags = cpu_to_le32(chan->flags);
142 		channel.pad = 0;
143 
144 		skb_put_data(skb, &channel, sizeof(channel));
145 		n_5ch++;
146 	}
147 	for (i = 0; i < phy->sband_6g.sband.n_channels; i++) {
148 		chan = &phy->sband_6g.sband.channels[i];
149 		if (chan->flags & IEEE80211_CHAN_DISABLED)
150 			continue;
151 
152 		channel.hw_value = cpu_to_le16(chan->hw_value);
153 		channel.flags = cpu_to_le32(chan->flags);
154 		channel.pad = 0;
155 
156 		skb_put_data(skb, &channel, sizeof(channel));
157 		n_6ch++;
158 	}
159 
160 	BUILD_BUG_ON(sizeof(dev->alpha2) > sizeof(hdr.alpha2));
161 	memcpy(hdr.alpha2, dev->alpha2, sizeof(dev->alpha2));
162 	hdr.n_2ch = n_2ch;
163 	hdr.n_5ch = n_5ch;
164 	hdr.n_6ch = n_6ch;
165 
166 	memcpy(__skb_push(skb, sizeof(hdr)), &hdr, sizeof(hdr));
167 
168 	return mt76_mcu_skb_send_msg(dev, skb, MCU_CE_CMD(SET_CHAN_DOMAIN),
169 				     false);
170 }
171 EXPORT_SYMBOL_GPL(mt76_connac_mcu_set_channel_domain);
172 
173 int mt76_connac_mcu_set_mac_enable(struct mt76_dev *dev, int band, bool enable,
174 				   bool hdr_trans)
175 {
176 	struct {
177 		u8 enable;
178 		u8 band;
179 		u8 rsv[2];
180 	} __packed req_mac = {
181 		.enable = enable,
182 		.band = band,
183 	};
184 
185 	return mt76_mcu_send_msg(dev, MCU_EXT_CMD(MAC_INIT_CTRL), &req_mac,
186 				 sizeof(req_mac), true);
187 }
188 EXPORT_SYMBOL_GPL(mt76_connac_mcu_set_mac_enable);
189 
190 int mt76_connac_mcu_set_vif_ps(struct mt76_dev *dev, struct ieee80211_vif *vif)
191 {
192 	struct mt76_vif_link *mvif = (struct mt76_vif_link *)vif->drv_priv;
193 	struct {
194 		u8 bss_idx;
195 		u8 ps_state; /* 0: device awake
196 			      * 1: static power save
197 			      * 2: dynamic power saving
198 			      */
199 	} req = {
200 		.bss_idx = mvif->idx,
201 		.ps_state = vif->cfg.ps ? 2 : 0,
202 	};
203 
204 	if (vif->type != NL80211_IFTYPE_STATION)
205 		return -EOPNOTSUPP;
206 
207 	return mt76_mcu_send_msg(dev, MCU_CE_CMD(SET_PS_PROFILE),
208 				 &req, sizeof(req), false);
209 }
210 EXPORT_SYMBOL_GPL(mt76_connac_mcu_set_vif_ps);
211 
212 int mt76_connac_mcu_set_rts_thresh(struct mt76_dev *dev, u32 val, u8 band)
213 {
214 	struct {
215 		u8 prot_idx;
216 		u8 band;
217 		u8 rsv[2];
218 		__le32 len_thresh;
219 		__le32 pkt_thresh;
220 	} __packed req = {
221 		.prot_idx = 1,
222 		.band = band,
223 		.len_thresh = cpu_to_le32(val),
224 		.pkt_thresh = cpu_to_le32(0x2),
225 	};
226 
227 	return mt76_mcu_send_msg(dev, MCU_EXT_CMD(PROTECT_CTRL), &req,
228 				 sizeof(req), true);
229 }
230 EXPORT_SYMBOL_GPL(mt76_connac_mcu_set_rts_thresh);
231 
232 void mt76_connac_mcu_beacon_loss_iter(void *priv, u8 *mac,
233 				      struct ieee80211_vif *vif)
234 {
235 	struct mt76_vif_link *mvif = (struct mt76_vif_link *)vif->drv_priv;
236 	struct mt76_connac_beacon_loss_event *event = priv;
237 
238 	if (mvif->idx != event->bss_idx)
239 		return;
240 
241 	if (!(vif->driver_flags & IEEE80211_VIF_BEACON_FILTER))
242 		return;
243 
244 	ieee80211_beacon_loss(vif);
245 }
246 EXPORT_SYMBOL_GPL(mt76_connac_mcu_beacon_loss_iter);
247 
248 struct tlv *
249 mt76_connac_mcu_add_nested_tlv(struct sk_buff *skb, int tag, int len,
250 			       void *sta_ntlv, void *sta_wtbl)
251 {
252 	struct sta_ntlv_hdr *ntlv_hdr = sta_ntlv;
253 	struct tlv *sta_hdr = sta_wtbl;
254 	struct tlv *ptlv, tlv = {
255 		.tag = cpu_to_le16(tag),
256 		.len = cpu_to_le16(len),
257 	};
258 	u16 ntlv;
259 
260 	ptlv = skb_put_zero(skb, len);
261 	memcpy(ptlv, &tlv, sizeof(tlv));
262 
263 	ntlv = le16_to_cpu(ntlv_hdr->tlv_num);
264 	ntlv_hdr->tlv_num = cpu_to_le16(ntlv + 1);
265 
266 	if (sta_hdr) {
267 		len += le16_to_cpu(sta_hdr->len);
268 		sta_hdr->len = cpu_to_le16(len);
269 	}
270 
271 	return ptlv;
272 }
273 EXPORT_SYMBOL_GPL(mt76_connac_mcu_add_nested_tlv);
274 
275 struct sk_buff *
276 __mt76_connac_mcu_alloc_sta_req(struct mt76_dev *dev, struct mt76_vif_link *mvif,
277 				struct mt76_wcid *wcid, int len)
278 {
279 	struct sta_req_hdr hdr = {
280 		.bss_idx = mvif->idx,
281 		.muar_idx = wcid ? mvif->omac_idx : 0,
282 		.is_tlv_append = 1,
283 	};
284 	struct sk_buff *skb;
285 
286 	if (wcid && !wcid->sta && !wcid->sta_disabled)
287 		hdr.muar_idx = 0xe;
288 
289 	mt76_connac_mcu_get_wlan_idx(dev, wcid, &hdr.wlan_idx_lo,
290 				     &hdr.wlan_idx_hi);
291 	skb = mt76_mcu_msg_alloc(dev, NULL, len);
292 	if (!skb)
293 		return ERR_PTR(-ENOMEM);
294 
295 	skb_put_data(skb, &hdr, sizeof(hdr));
296 
297 	return skb;
298 }
299 EXPORT_SYMBOL_GPL(__mt76_connac_mcu_alloc_sta_req);
300 
301 struct wtbl_req_hdr *
302 mt76_connac_mcu_alloc_wtbl_req(struct mt76_dev *dev, struct mt76_wcid *wcid,
303 			       int cmd, void *sta_wtbl, struct sk_buff **skb)
304 {
305 	struct tlv *sta_hdr = sta_wtbl;
306 	struct wtbl_req_hdr hdr = {
307 		.operation = cmd,
308 	};
309 	struct sk_buff *nskb = *skb;
310 
311 	mt76_connac_mcu_get_wlan_idx(dev, wcid, &hdr.wlan_idx_lo,
312 				     &hdr.wlan_idx_hi);
313 	if (!nskb) {
314 		nskb = mt76_mcu_msg_alloc(dev, NULL,
315 					  MT76_CONNAC_WTBL_UPDATE_MAX_SIZE);
316 		if (!nskb)
317 			return ERR_PTR(-ENOMEM);
318 
319 		*skb = nskb;
320 	}
321 
322 	if (sta_hdr)
323 		le16_add_cpu(&sta_hdr->len, sizeof(hdr));
324 
325 	return skb_put_data(nskb, &hdr, sizeof(hdr));
326 }
327 EXPORT_SYMBOL_GPL(mt76_connac_mcu_alloc_wtbl_req);
328 
329 void mt76_connac_mcu_bss_omac_tlv(struct sk_buff *skb,
330 				  struct ieee80211_vif *vif)
331 {
332 	struct mt76_vif_link *mvif = (struct mt76_vif_link *)vif->drv_priv;
333 	u8 omac_idx = mvif->omac_idx;
334 	struct bss_info_omac *omac;
335 	struct tlv *tlv;
336 	u32 type = 0;
337 
338 	switch (vif->type) {
339 	case NL80211_IFTYPE_MONITOR:
340 	case NL80211_IFTYPE_MESH_POINT:
341 	case NL80211_IFTYPE_AP:
342 		if (vif->p2p)
343 			type = CONNECTION_P2P_GO;
344 		else
345 			type = CONNECTION_INFRA_AP;
346 		break;
347 	case NL80211_IFTYPE_STATION:
348 		if (vif->p2p)
349 			type = CONNECTION_P2P_GC;
350 		else
351 			type = CONNECTION_INFRA_STA;
352 		break;
353 	case NL80211_IFTYPE_ADHOC:
354 		type = CONNECTION_IBSS_ADHOC;
355 		break;
356 	default:
357 		WARN_ON(1);
358 		break;
359 	}
360 
361 	tlv = mt76_connac_mcu_add_tlv(skb, BSS_INFO_OMAC, sizeof(*omac));
362 
363 	omac = (struct bss_info_omac *)tlv;
364 	omac->conn_type = cpu_to_le32(type);
365 	omac->omac_idx = mvif->omac_idx;
366 	omac->band_idx = mvif->band_idx;
367 	omac->hw_bss_idx = omac_idx > EXT_BSSID_START ? HW_BSSID_0 : omac_idx;
368 }
369 EXPORT_SYMBOL_GPL(mt76_connac_mcu_bss_omac_tlv);
370 
371 void mt76_connac_mcu_sta_basic_tlv(struct mt76_dev *dev, struct sk_buff *skb,
372 				   struct ieee80211_bss_conf *link_conf,
373 				   struct ieee80211_link_sta *link_sta,
374 				   int conn_state, bool newly)
375 {
376 	struct ieee80211_vif *vif = link_conf->vif;
377 	struct sta_rec_basic *basic;
378 	struct tlv *tlv;
379 	int conn_type;
380 
381 	tlv = mt76_connac_mcu_add_tlv(skb, STA_REC_BASIC, sizeof(*basic));
382 
383 	basic = (struct sta_rec_basic *)tlv;
384 	basic->extra_info = cpu_to_le16(EXTRA_INFO_VER);
385 
386 	if (newly && conn_state != CONN_STATE_DISCONNECT)
387 		basic->extra_info |= cpu_to_le16(EXTRA_INFO_NEW);
388 	basic->conn_state = conn_state;
389 
390 	if (!link_sta) {
391 		basic->conn_type = cpu_to_le32(CONNECTION_INFRA_BC);
392 
393 		if (vif->type == NL80211_IFTYPE_STATION &&
394 		    !is_zero_ether_addr(link_conf->bssid)) {
395 			memcpy(basic->peer_addr, link_conf->bssid, ETH_ALEN);
396 			basic->aid = cpu_to_le16(vif->cfg.aid);
397 		} else {
398 			eth_broadcast_addr(basic->peer_addr);
399 		}
400 		return;
401 	}
402 
403 	switch (vif->type) {
404 	case NL80211_IFTYPE_MESH_POINT:
405 	case NL80211_IFTYPE_AP:
406 		if (vif->p2p && !is_mt7921(dev))
407 			conn_type = CONNECTION_P2P_GC;
408 		else
409 			conn_type = CONNECTION_INFRA_STA;
410 		basic->conn_type = cpu_to_le32(conn_type);
411 		basic->aid = cpu_to_le16(link_sta->sta->aid);
412 		break;
413 	case NL80211_IFTYPE_STATION:
414 		if (vif->p2p && !is_mt7921(dev))
415 			conn_type = CONNECTION_P2P_GO;
416 		else
417 			conn_type = CONNECTION_INFRA_AP;
418 		basic->conn_type = cpu_to_le32(conn_type);
419 		basic->aid = cpu_to_le16(vif->cfg.aid);
420 		break;
421 	case NL80211_IFTYPE_ADHOC:
422 		basic->conn_type = cpu_to_le32(CONNECTION_IBSS_ADHOC);
423 		basic->aid = cpu_to_le16(link_sta->sta->aid);
424 		break;
425 	default:
426 		WARN_ON(1);
427 		break;
428 	}
429 
430 	memcpy(basic->peer_addr, link_sta->addr, ETH_ALEN);
431 	basic->qos = link_sta->sta->wme;
432 }
433 EXPORT_SYMBOL_GPL(mt76_connac_mcu_sta_basic_tlv);
434 
435 void mt76_connac_mcu_sta_uapsd(struct sk_buff *skb, struct ieee80211_vif *vif,
436 			       struct ieee80211_sta *sta)
437 {
438 	struct sta_rec_uapsd *uapsd;
439 	struct tlv *tlv;
440 
441 	if (vif->type != NL80211_IFTYPE_AP || !sta->wme)
442 		return;
443 
444 	tlv = mt76_connac_mcu_add_tlv(skb, STA_REC_APPS, sizeof(*uapsd));
445 	uapsd = (struct sta_rec_uapsd *)tlv;
446 
447 	if (sta->uapsd_queues & IEEE80211_WMM_IE_STA_QOSINFO_AC_VO) {
448 		uapsd->dac_map |= BIT(3);
449 		uapsd->tac_map |= BIT(3);
450 	}
451 	if (sta->uapsd_queues & IEEE80211_WMM_IE_STA_QOSINFO_AC_VI) {
452 		uapsd->dac_map |= BIT(2);
453 		uapsd->tac_map |= BIT(2);
454 	}
455 	if (sta->uapsd_queues & IEEE80211_WMM_IE_STA_QOSINFO_AC_BE) {
456 		uapsd->dac_map |= BIT(1);
457 		uapsd->tac_map |= BIT(1);
458 	}
459 	if (sta->uapsd_queues & IEEE80211_WMM_IE_STA_QOSINFO_AC_BK) {
460 		uapsd->dac_map |= BIT(0);
461 		uapsd->tac_map |= BIT(0);
462 	}
463 	uapsd->max_sp = sta->max_sp;
464 }
465 EXPORT_SYMBOL_GPL(mt76_connac_mcu_sta_uapsd);
466 
467 void mt76_connac_mcu_wtbl_hdr_trans_tlv(struct sk_buff *skb,
468 					struct ieee80211_vif *vif,
469 					struct mt76_wcid *wcid,
470 					void *sta_wtbl, void *wtbl_tlv)
471 {
472 	struct wtbl_hdr_trans *htr;
473 	struct tlv *tlv;
474 
475 	tlv = mt76_connac_mcu_add_nested_tlv(skb, WTBL_HDR_TRANS,
476 					     sizeof(*htr),
477 					     wtbl_tlv, sta_wtbl);
478 	htr = (struct wtbl_hdr_trans *)tlv;
479 	htr->no_rx_trans = true;
480 
481 	if (vif->type == NL80211_IFTYPE_STATION)
482 		htr->to_ds = true;
483 	else
484 		htr->from_ds = true;
485 
486 	if (!wcid)
487 		return;
488 
489 	htr->no_rx_trans = !test_bit(MT_WCID_FLAG_HDR_TRANS, &wcid->flags);
490 	if (test_bit(MT_WCID_FLAG_4ADDR, &wcid->flags)) {
491 		htr->to_ds = true;
492 		htr->from_ds = true;
493 	}
494 }
495 EXPORT_SYMBOL_GPL(mt76_connac_mcu_wtbl_hdr_trans_tlv);
496 
497 int mt76_connac_mcu_sta_update_hdr_trans(struct mt76_dev *dev,
498 					 struct ieee80211_vif *vif,
499 					 struct mt76_wcid *wcid, int cmd)
500 {
501 	struct mt76_vif_link *mvif = (struct mt76_vif_link *)vif->drv_priv;
502 	struct wtbl_req_hdr *wtbl_hdr;
503 	struct tlv *sta_wtbl;
504 	struct sk_buff *skb;
505 
506 	skb = mt76_connac_mcu_alloc_sta_req(dev, mvif, wcid);
507 	if (IS_ERR(skb))
508 		return PTR_ERR(skb);
509 
510 	sta_wtbl = mt76_connac_mcu_add_tlv(skb, STA_REC_WTBL,
511 					   sizeof(struct tlv));
512 
513 	wtbl_hdr = mt76_connac_mcu_alloc_wtbl_req(dev, wcid, WTBL_SET,
514 						  sta_wtbl, &skb);
515 	if (IS_ERR(wtbl_hdr))
516 		return PTR_ERR(wtbl_hdr);
517 
518 	mt76_connac_mcu_wtbl_hdr_trans_tlv(skb, vif, wcid, sta_wtbl, wtbl_hdr);
519 
520 	return mt76_mcu_skb_send_msg(dev, skb, cmd, true);
521 }
522 EXPORT_SYMBOL_GPL(mt76_connac_mcu_sta_update_hdr_trans);
523 
524 int mt76_connac_mcu_wtbl_update_hdr_trans(struct mt76_dev *dev,
525 					  struct ieee80211_vif *vif,
526 					  struct ieee80211_sta *sta)
527 {
528 	struct mt76_wcid *wcid = (struct mt76_wcid *)sta->drv_priv;
529 	struct wtbl_req_hdr *wtbl_hdr;
530 	struct sk_buff *skb = NULL;
531 
532 	wtbl_hdr = mt76_connac_mcu_alloc_wtbl_req(dev, wcid, WTBL_SET, NULL,
533 						  &skb);
534 	if (IS_ERR(wtbl_hdr))
535 		return PTR_ERR(wtbl_hdr);
536 
537 	mt76_connac_mcu_wtbl_hdr_trans_tlv(skb, vif, wcid, NULL, wtbl_hdr);
538 
539 	return mt76_mcu_skb_send_msg(dev, skb, MCU_EXT_CMD(WTBL_UPDATE), true);
540 }
541 EXPORT_SYMBOL_GPL(mt76_connac_mcu_wtbl_update_hdr_trans);
542 
543 void mt76_connac_mcu_wtbl_generic_tlv(struct mt76_dev *dev,
544 				      struct sk_buff *skb,
545 				      struct ieee80211_vif *vif,
546 				      struct ieee80211_sta *sta,
547 				      void *sta_wtbl, void *wtbl_tlv)
548 {
549 	struct mt76_vif_link *mvif = (struct mt76_vif_link *)vif->drv_priv;
550 	struct wtbl_generic *generic;
551 	struct wtbl_rx *rx;
552 	struct wtbl_spe *spe;
553 	struct tlv *tlv;
554 
555 	tlv = mt76_connac_mcu_add_nested_tlv(skb, WTBL_GENERIC,
556 					     sizeof(*generic),
557 					     wtbl_tlv, sta_wtbl);
558 
559 	generic = (struct wtbl_generic *)tlv;
560 
561 	if (sta) {
562 		if (vif->type == NL80211_IFTYPE_STATION)
563 			generic->partial_aid = cpu_to_le16(vif->cfg.aid);
564 		else
565 			generic->partial_aid = cpu_to_le16(sta->aid);
566 		memcpy(generic->peer_addr, sta->addr, ETH_ALEN);
567 		generic->muar_idx = mvif->omac_idx;
568 		generic->qos = sta->wme;
569 	} else {
570 		if (!is_connac_v1(dev) && vif->type == NL80211_IFTYPE_STATION)
571 			memcpy(generic->peer_addr, vif->bss_conf.bssid,
572 			       ETH_ALEN);
573 		else
574 			eth_broadcast_addr(generic->peer_addr);
575 
576 		generic->muar_idx = 0xe;
577 	}
578 
579 	tlv = mt76_connac_mcu_add_nested_tlv(skb, WTBL_RX, sizeof(*rx),
580 					     wtbl_tlv, sta_wtbl);
581 
582 	rx = (struct wtbl_rx *)tlv;
583 	rx->rca1 = sta ? vif->type != NL80211_IFTYPE_AP : 1;
584 	rx->rca2 = 1;
585 	rx->rv = 1;
586 
587 	if (!is_connac_v1(dev))
588 		return;
589 
590 	tlv = mt76_connac_mcu_add_nested_tlv(skb, WTBL_SPE, sizeof(*spe),
591 					     wtbl_tlv, sta_wtbl);
592 	spe = (struct wtbl_spe *)tlv;
593 	spe->spe_idx = 24;
594 }
595 EXPORT_SYMBOL_GPL(mt76_connac_mcu_wtbl_generic_tlv);
596 
597 static void
598 mt76_connac_mcu_sta_amsdu_tlv(struct sk_buff *skb, struct ieee80211_sta *sta,
599 			      struct ieee80211_vif *vif)
600 {
601 	struct mt76_wcid *wcid = (struct mt76_wcid *)sta->drv_priv;
602 	struct sta_rec_amsdu *amsdu;
603 	struct tlv *tlv;
604 
605 	if (vif->type != NL80211_IFTYPE_AP &&
606 	    vif->type != NL80211_IFTYPE_STATION)
607 		return;
608 
609 	if (!sta->deflink.agg.max_amsdu_len)
610 		return;
611 
612 	tlv = mt76_connac_mcu_add_tlv(skb, STA_REC_HW_AMSDU, sizeof(*amsdu));
613 	amsdu = (struct sta_rec_amsdu *)tlv;
614 	amsdu->max_amsdu_num = 8;
615 	amsdu->amsdu_en = true;
616 	amsdu->max_mpdu_size = sta->deflink.agg.max_amsdu_len >=
617 			       IEEE80211_MAX_MPDU_LEN_VHT_7991;
618 
619 	wcid->amsdu = true;
620 }
621 
622 #define HE_PHY(p, c)	u8_get_bits(c, IEEE80211_HE_PHY_##p)
623 #define HE_MAC(m, c)	u8_get_bits(c, IEEE80211_HE_MAC_##m)
624 static void
625 mt76_connac_mcu_sta_he_tlv(struct sk_buff *skb, struct ieee80211_sta *sta)
626 {
627 	struct ieee80211_sta_he_cap *he_cap = &sta->deflink.he_cap;
628 	struct ieee80211_he_cap_elem *elem = &he_cap->he_cap_elem;
629 	struct sta_rec_he *he;
630 	struct tlv *tlv;
631 	u32 cap = 0;
632 
633 	tlv = mt76_connac_mcu_add_tlv(skb, STA_REC_HE, sizeof(*he));
634 
635 	he = (struct sta_rec_he *)tlv;
636 
637 	if (elem->mac_cap_info[0] & IEEE80211_HE_MAC_CAP0_HTC_HE)
638 		cap |= STA_REC_HE_CAP_HTC;
639 
640 	if (elem->mac_cap_info[2] & IEEE80211_HE_MAC_CAP2_BSR)
641 		cap |= STA_REC_HE_CAP_BSR;
642 
643 	if (elem->mac_cap_info[3] & IEEE80211_HE_MAC_CAP3_OMI_CONTROL)
644 		cap |= STA_REC_HE_CAP_OM;
645 
646 	if (elem->mac_cap_info[4] & IEEE80211_HE_MAC_CAP4_AMSDU_IN_AMPDU)
647 		cap |= STA_REC_HE_CAP_AMSDU_IN_AMPDU;
648 
649 	if (elem->mac_cap_info[4] & IEEE80211_HE_MAC_CAP4_BQR)
650 		cap |= STA_REC_HE_CAP_BQR;
651 
652 	if (elem->phy_cap_info[0] &
653 	    (IEEE80211_HE_PHY_CAP0_CHANNEL_WIDTH_SET_RU_MAPPING_IN_2G |
654 	     IEEE80211_HE_PHY_CAP0_CHANNEL_WIDTH_SET_RU_MAPPING_IN_5G))
655 		cap |= STA_REC_HE_CAP_BW20_RU242_SUPPORT;
656 
657 	if (elem->phy_cap_info[1] &
658 	    IEEE80211_HE_PHY_CAP1_LDPC_CODING_IN_PAYLOAD)
659 		cap |= STA_REC_HE_CAP_LDPC;
660 
661 	if (elem->phy_cap_info[1] &
662 	    IEEE80211_HE_PHY_CAP1_HE_LTF_AND_GI_FOR_HE_PPDUS_0_8US)
663 		cap |= STA_REC_HE_CAP_SU_PPDU_1LTF_8US_GI;
664 
665 	if (elem->phy_cap_info[2] &
666 	    IEEE80211_HE_PHY_CAP2_NDP_4x_LTF_AND_3_2US)
667 		cap |= STA_REC_HE_CAP_NDP_4LTF_3DOT2MS_GI;
668 
669 	if (elem->phy_cap_info[2] &
670 	    IEEE80211_HE_PHY_CAP2_STBC_TX_UNDER_80MHZ)
671 		cap |= STA_REC_HE_CAP_LE_EQ_80M_TX_STBC;
672 
673 	if (elem->phy_cap_info[2] &
674 	    IEEE80211_HE_PHY_CAP2_STBC_RX_UNDER_80MHZ)
675 		cap |= STA_REC_HE_CAP_LE_EQ_80M_RX_STBC;
676 
677 	if (elem->phy_cap_info[6] &
678 	    IEEE80211_HE_PHY_CAP6_PARTIAL_BW_EXT_RANGE)
679 		cap |= STA_REC_HE_CAP_PARTIAL_BW_EXT_RANGE;
680 
681 	if (elem->phy_cap_info[7] &
682 	    IEEE80211_HE_PHY_CAP7_HE_SU_MU_PPDU_4XLTF_AND_08_US_GI)
683 		cap |= STA_REC_HE_CAP_SU_MU_PPDU_4LTF_8US_GI;
684 
685 	if (elem->phy_cap_info[7] &
686 	    IEEE80211_HE_PHY_CAP7_STBC_TX_ABOVE_80MHZ)
687 		cap |= STA_REC_HE_CAP_GT_80M_TX_STBC;
688 
689 	if (elem->phy_cap_info[7] &
690 	    IEEE80211_HE_PHY_CAP7_STBC_RX_ABOVE_80MHZ)
691 		cap |= STA_REC_HE_CAP_GT_80M_RX_STBC;
692 
693 	if (elem->phy_cap_info[8] &
694 	    IEEE80211_HE_PHY_CAP8_HE_ER_SU_PPDU_4XLTF_AND_08_US_GI)
695 		cap |= STA_REC_HE_CAP_ER_SU_PPDU_4LTF_8US_GI;
696 
697 	if (elem->phy_cap_info[8] &
698 	    IEEE80211_HE_PHY_CAP8_HE_ER_SU_1XLTF_AND_08_US_GI)
699 		cap |= STA_REC_HE_CAP_ER_SU_PPDU_1LTF_8US_GI;
700 
701 	if (elem->phy_cap_info[9] &
702 	    IEEE80211_HE_PHY_CAP9_NON_TRIGGERED_CQI_FEEDBACK)
703 		cap |= STA_REC_HE_CAP_TRIG_CQI_FK;
704 
705 	if (elem->phy_cap_info[9] &
706 	    IEEE80211_HE_PHY_CAP9_TX_1024_QAM_LESS_THAN_242_TONE_RU)
707 		cap |= STA_REC_HE_CAP_TX_1024QAM_UNDER_RU242;
708 
709 	if (elem->phy_cap_info[9] &
710 	    IEEE80211_HE_PHY_CAP9_RX_1024_QAM_LESS_THAN_242_TONE_RU)
711 		cap |= STA_REC_HE_CAP_RX_1024QAM_UNDER_RU242;
712 
713 	he->he_cap = cpu_to_le32(cap);
714 
715 	switch (sta->deflink.bandwidth) {
716 	case IEEE80211_STA_RX_BW_160:
717 		if (elem->phy_cap_info[0] &
718 		    IEEE80211_HE_PHY_CAP0_CHANNEL_WIDTH_SET_80PLUS80_MHZ_IN_5G)
719 			he->max_nss_mcs[CMD_HE_MCS_BW8080] =
720 				he_cap->he_mcs_nss_supp.rx_mcs_80p80;
721 
722 		he->max_nss_mcs[CMD_HE_MCS_BW160] =
723 				he_cap->he_mcs_nss_supp.rx_mcs_160;
724 		fallthrough;
725 	default:
726 		he->max_nss_mcs[CMD_HE_MCS_BW80] =
727 				he_cap->he_mcs_nss_supp.rx_mcs_80;
728 		break;
729 	}
730 
731 	he->t_frame_dur =
732 		HE_MAC(CAP1_TF_MAC_PAD_DUR_MASK, elem->mac_cap_info[1]);
733 	he->max_ampdu_exp =
734 		HE_MAC(CAP3_MAX_AMPDU_LEN_EXP_MASK, elem->mac_cap_info[3]);
735 
736 	he->bw_set =
737 		HE_PHY(CAP0_CHANNEL_WIDTH_SET_MASK, elem->phy_cap_info[0]);
738 	he->device_class =
739 		HE_PHY(CAP1_DEVICE_CLASS_A, elem->phy_cap_info[1]);
740 	he->punc_pream_rx =
741 		HE_PHY(CAP1_PREAMBLE_PUNC_RX_MASK, elem->phy_cap_info[1]);
742 
743 	he->dcm_tx_mode =
744 		HE_PHY(CAP3_DCM_MAX_CONST_TX_MASK, elem->phy_cap_info[3]);
745 	he->dcm_tx_max_nss =
746 		HE_PHY(CAP3_DCM_MAX_TX_NSS_2, elem->phy_cap_info[3]);
747 	he->dcm_rx_mode =
748 		HE_PHY(CAP3_DCM_MAX_CONST_RX_MASK, elem->phy_cap_info[3]);
749 	he->dcm_rx_max_nss =
750 		HE_PHY(CAP3_DCM_MAX_RX_NSS_2, elem->phy_cap_info[3]);
751 	he->dcm_rx_max_nss =
752 		HE_PHY(CAP8_DCM_MAX_RU_MASK, elem->phy_cap_info[8]);
753 
754 	he->pkt_ext = 2;
755 }
756 
757 void
758 mt76_connac_mcu_sta_he_tlv_v2(struct sk_buff *skb, struct ieee80211_sta *sta)
759 {
760 	struct ieee80211_sta_he_cap *he_cap = &sta->deflink.he_cap;
761 	struct ieee80211_he_cap_elem *elem = &he_cap->he_cap_elem;
762 	struct sta_rec_he_v2 *he;
763 	struct tlv *tlv;
764 
765 	tlv = mt76_connac_mcu_add_tlv(skb, STA_REC_HE_V2, sizeof(*he));
766 
767 	he = (struct sta_rec_he_v2 *)tlv;
768 	memcpy(he->he_phy_cap, elem->phy_cap_info, sizeof(he->he_phy_cap));
769 	memcpy(he->he_mac_cap, elem->mac_cap_info, sizeof(he->he_mac_cap));
770 
771 	switch (sta->deflink.bandwidth) {
772 	case IEEE80211_STA_RX_BW_160:
773 		if (elem->phy_cap_info[0] &
774 		    IEEE80211_HE_PHY_CAP0_CHANNEL_WIDTH_SET_80PLUS80_MHZ_IN_5G)
775 			he->max_nss_mcs[CMD_HE_MCS_BW8080] =
776 				he_cap->he_mcs_nss_supp.rx_mcs_80p80;
777 
778 		he->max_nss_mcs[CMD_HE_MCS_BW160] =
779 				he_cap->he_mcs_nss_supp.rx_mcs_160;
780 		fallthrough;
781 	default:
782 		he->max_nss_mcs[CMD_HE_MCS_BW80] =
783 				he_cap->he_mcs_nss_supp.rx_mcs_80;
784 		break;
785 	}
786 
787 	he->pkt_ext = IEEE80211_HE_PHY_CAP9_NOMINAL_PKT_PADDING_16US;
788 }
789 EXPORT_SYMBOL_GPL(mt76_connac_mcu_sta_he_tlv_v2);
790 
791 u8
792 mt76_connac_get_phy_mode_v2(struct mt76_phy *mphy, struct ieee80211_vif *vif,
793 			    enum nl80211_band band,
794 			    struct ieee80211_link_sta *link_sta)
795 {
796 	struct ieee80211_sta_ht_cap *ht_cap;
797 	struct ieee80211_sta_vht_cap *vht_cap;
798 	const struct ieee80211_sta_he_cap *he_cap;
799 	const struct ieee80211_sta_eht_cap *eht_cap;
800 	u8 mode = 0;
801 
802 	if (link_sta) {
803 		ht_cap = &link_sta->ht_cap;
804 		vht_cap = &link_sta->vht_cap;
805 		he_cap = &link_sta->he_cap;
806 		eht_cap = &link_sta->eht_cap;
807 	} else {
808 		struct ieee80211_supported_band *sband;
809 
810 		sband = mphy->hw->wiphy->bands[band];
811 		ht_cap = &sband->ht_cap;
812 		vht_cap = &sband->vht_cap;
813 		he_cap = ieee80211_get_he_iftype_cap(sband, vif->type);
814 		eht_cap = ieee80211_get_eht_iftype_cap(sband, vif->type);
815 	}
816 
817 	if (band == NL80211_BAND_2GHZ) {
818 		mode |= PHY_TYPE_BIT_HR_DSSS | PHY_TYPE_BIT_ERP;
819 
820 		if (ht_cap->ht_supported)
821 			mode |= PHY_TYPE_BIT_HT;
822 
823 		if (he_cap && he_cap->has_he)
824 			mode |= PHY_TYPE_BIT_HE;
825 
826 		if (eht_cap && eht_cap->has_eht)
827 			mode |= PHY_TYPE_BIT_BE;
828 	} else if (band == NL80211_BAND_5GHZ || band == NL80211_BAND_6GHZ) {
829 		mode |= PHY_TYPE_BIT_OFDM;
830 
831 		if (ht_cap->ht_supported)
832 			mode |= PHY_TYPE_BIT_HT;
833 
834 		if (vht_cap->vht_supported)
835 			mode |= PHY_TYPE_BIT_VHT;
836 
837 		if (he_cap && he_cap->has_he)
838 			mode |= PHY_TYPE_BIT_HE;
839 
840 		if (eht_cap && eht_cap->has_eht)
841 			mode |= PHY_TYPE_BIT_BE;
842 	}
843 
844 	return mode;
845 }
846 EXPORT_SYMBOL_GPL(mt76_connac_get_phy_mode_v2);
847 
848 void mt76_connac_mcu_sta_tlv(struct mt76_phy *mphy, struct sk_buff *skb,
849 			     struct ieee80211_sta *sta,
850 			     struct ieee80211_vif *vif,
851 			     u8 rcpi, u8 sta_state)
852 {
853 	struct mt76_vif_link *mvif = (struct mt76_vif_link *)vif->drv_priv;
854 	struct cfg80211_chan_def *chandef = mvif->ctx ?
855 					    &mvif->ctx->def : &mphy->chandef;
856 	enum nl80211_band band = chandef->chan->band;
857 	struct mt76_dev *dev = mphy->dev;
858 	struct sta_rec_ra_info *ra_info;
859 	struct sta_rec_state *state;
860 	struct sta_rec_phy *phy;
861 	struct tlv *tlv;
862 	u16 supp_rates;
863 
864 	/* starec ht */
865 	if (sta->deflink.ht_cap.ht_supported) {
866 		struct sta_rec_ht *ht;
867 
868 		tlv = mt76_connac_mcu_add_tlv(skb, STA_REC_HT, sizeof(*ht));
869 		ht = (struct sta_rec_ht *)tlv;
870 		ht->ht_cap = cpu_to_le16(sta->deflink.ht_cap.cap);
871 	}
872 
873 	/* starec vht */
874 	if (sta->deflink.vht_cap.vht_supported) {
875 		struct sta_rec_vht *vht;
876 		int len;
877 
878 		len = is_mt7921(dev) ? sizeof(*vht) : sizeof(*vht) - 4;
879 		tlv = mt76_connac_mcu_add_tlv(skb, STA_REC_VHT, len);
880 		vht = (struct sta_rec_vht *)tlv;
881 		vht->vht_cap = cpu_to_le32(sta->deflink.vht_cap.cap);
882 		vht->vht_rx_mcs_map = sta->deflink.vht_cap.vht_mcs.rx_mcs_map;
883 		vht->vht_tx_mcs_map = sta->deflink.vht_cap.vht_mcs.tx_mcs_map;
884 	}
885 
886 	/* starec uapsd */
887 	mt76_connac_mcu_sta_uapsd(skb, vif, sta);
888 
889 	if (!is_mt7921(dev))
890 		return;
891 
892 	if (sta->deflink.ht_cap.ht_supported || sta->deflink.he_cap.has_he)
893 		mt76_connac_mcu_sta_amsdu_tlv(skb, sta, vif);
894 
895 	/* starec he */
896 	if (sta->deflink.he_cap.has_he) {
897 		mt76_connac_mcu_sta_he_tlv(skb, sta);
898 		mt76_connac_mcu_sta_he_tlv_v2(skb, sta);
899 		if (band == NL80211_BAND_6GHZ &&
900 		    sta_state == MT76_STA_INFO_STATE_ASSOC) {
901 			struct sta_rec_he_6g_capa *he_6g_capa;
902 
903 			tlv = mt76_connac_mcu_add_tlv(skb, STA_REC_HE_6G,
904 						      sizeof(*he_6g_capa));
905 			he_6g_capa = (struct sta_rec_he_6g_capa *)tlv;
906 			he_6g_capa->capa = sta->deflink.he_6ghz_capa.capa;
907 		}
908 	}
909 
910 	tlv = mt76_connac_mcu_add_tlv(skb, STA_REC_PHY, sizeof(*phy));
911 	phy = (struct sta_rec_phy *)tlv;
912 	phy->phy_type = mt76_connac_get_phy_mode_v2(mphy, vif, band,
913 						    &sta->deflink);
914 	phy->basic_rate = cpu_to_le16((u16)vif->bss_conf.basic_rates);
915 	phy->rcpi = rcpi;
916 	phy->ampdu = FIELD_PREP(IEEE80211_HT_AMPDU_PARM_FACTOR,
917 				sta->deflink.ht_cap.ampdu_factor) |
918 		     FIELD_PREP(IEEE80211_HT_AMPDU_PARM_DENSITY,
919 				sta->deflink.ht_cap.ampdu_density);
920 
921 	tlv = mt76_connac_mcu_add_tlv(skb, STA_REC_RA, sizeof(*ra_info));
922 	ra_info = (struct sta_rec_ra_info *)tlv;
923 
924 	supp_rates = sta->deflink.supp_rates[band];
925 	if (band == NL80211_BAND_2GHZ)
926 		supp_rates = FIELD_PREP(RA_LEGACY_OFDM, supp_rates >> 4) |
927 			     FIELD_PREP(RA_LEGACY_CCK, supp_rates & 0xf);
928 	else
929 		supp_rates = FIELD_PREP(RA_LEGACY_OFDM, supp_rates);
930 
931 	ra_info->legacy = cpu_to_le16(supp_rates);
932 
933 	if (sta->deflink.ht_cap.ht_supported)
934 		memcpy(ra_info->rx_mcs_bitmask,
935 		       sta->deflink.ht_cap.mcs.rx_mask,
936 		       HT_MCS_MASK_NUM);
937 
938 	tlv = mt76_connac_mcu_add_tlv(skb, STA_REC_STATE, sizeof(*state));
939 	state = (struct sta_rec_state *)tlv;
940 	state->state = sta_state;
941 
942 	if (sta->deflink.vht_cap.vht_supported) {
943 		state->vht_opmode = sta->deflink.bandwidth;
944 		state->vht_opmode |= (sta->deflink.rx_nss - 1) <<
945 			IEEE80211_OPMODE_NOTIF_RX_NSS_SHIFT;
946 	}
947 }
948 EXPORT_SYMBOL_GPL(mt76_connac_mcu_sta_tlv);
949 
950 void mt76_connac_mcu_wtbl_smps_tlv(struct sk_buff *skb,
951 				   struct ieee80211_sta *sta,
952 				   void *sta_wtbl, void *wtbl_tlv)
953 {
954 	struct wtbl_smps *smps;
955 	struct tlv *tlv;
956 
957 	tlv = mt76_connac_mcu_add_nested_tlv(skb, WTBL_SMPS, sizeof(*smps),
958 					     wtbl_tlv, sta_wtbl);
959 	smps = (struct wtbl_smps *)tlv;
960 	smps->smps = (sta->deflink.smps_mode == IEEE80211_SMPS_DYNAMIC);
961 }
962 EXPORT_SYMBOL_GPL(mt76_connac_mcu_wtbl_smps_tlv);
963 
964 void mt76_connac_mcu_wtbl_ht_tlv(struct mt76_dev *dev, struct sk_buff *skb,
965 				 struct ieee80211_sta *sta, void *sta_wtbl,
966 				 void *wtbl_tlv, bool ht_ldpc, bool vht_ldpc)
967 {
968 	struct wtbl_ht *ht = NULL;
969 	struct tlv *tlv;
970 	u32 flags = 0;
971 
972 	if (sta->deflink.ht_cap.ht_supported || sta->deflink.he_6ghz_capa.capa) {
973 		tlv = mt76_connac_mcu_add_nested_tlv(skb, WTBL_HT, sizeof(*ht),
974 						     wtbl_tlv, sta_wtbl);
975 		ht = (struct wtbl_ht *)tlv;
976 		ht->ldpc = ht_ldpc &&
977 			   !!(sta->deflink.ht_cap.cap & IEEE80211_HT_CAP_LDPC_CODING);
978 
979 		if (sta->deflink.ht_cap.ht_supported) {
980 			ht->af = sta->deflink.ht_cap.ampdu_factor;
981 			ht->mm = sta->deflink.ht_cap.ampdu_density;
982 		} else {
983 			ht->af = le16_get_bits(sta->deflink.he_6ghz_capa.capa,
984 					       IEEE80211_HE_6GHZ_CAP_MAX_AMPDU_LEN_EXP);
985 			ht->mm = le16_get_bits(sta->deflink.he_6ghz_capa.capa,
986 					       IEEE80211_HE_6GHZ_CAP_MIN_MPDU_START);
987 		}
988 
989 		ht->ht = true;
990 	}
991 
992 	if (sta->deflink.vht_cap.vht_supported || sta->deflink.he_6ghz_capa.capa) {
993 		struct wtbl_vht *vht;
994 		u8 af;
995 
996 		tlv = mt76_connac_mcu_add_nested_tlv(skb, WTBL_VHT,
997 						     sizeof(*vht), wtbl_tlv,
998 						     sta_wtbl);
999 		vht = (struct wtbl_vht *)tlv;
1000 		vht->ldpc = vht_ldpc &&
1001 			    !!(sta->deflink.vht_cap.cap & IEEE80211_VHT_CAP_RXLDPC);
1002 		vht->vht = true;
1003 
1004 		af = FIELD_GET(IEEE80211_VHT_CAP_MAX_A_MPDU_LENGTH_EXPONENT_MASK,
1005 			       sta->deflink.vht_cap.cap);
1006 		if (ht)
1007 			ht->af = max(ht->af, af);
1008 	}
1009 
1010 	mt76_connac_mcu_wtbl_smps_tlv(skb, sta, sta_wtbl, wtbl_tlv);
1011 
1012 	if (is_connac_v1(dev) && sta->deflink.ht_cap.ht_supported) {
1013 		/* sgi */
1014 		u32 msk = MT_WTBL_W5_SHORT_GI_20 | MT_WTBL_W5_SHORT_GI_40 |
1015 			  MT_WTBL_W5_SHORT_GI_80 | MT_WTBL_W5_SHORT_GI_160;
1016 		struct wtbl_raw *raw;
1017 
1018 		tlv = mt76_connac_mcu_add_nested_tlv(skb, WTBL_RAW_DATA,
1019 						     sizeof(*raw), wtbl_tlv,
1020 						     sta_wtbl);
1021 
1022 		if (sta->deflink.ht_cap.cap & IEEE80211_HT_CAP_SGI_20)
1023 			flags |= MT_WTBL_W5_SHORT_GI_20;
1024 		if (sta->deflink.ht_cap.cap & IEEE80211_HT_CAP_SGI_40)
1025 			flags |= MT_WTBL_W5_SHORT_GI_40;
1026 
1027 		if (sta->deflink.vht_cap.vht_supported) {
1028 			if (sta->deflink.vht_cap.cap & IEEE80211_VHT_CAP_SHORT_GI_80)
1029 				flags |= MT_WTBL_W5_SHORT_GI_80;
1030 			if (sta->deflink.vht_cap.cap & IEEE80211_VHT_CAP_SHORT_GI_160)
1031 				flags |= MT_WTBL_W5_SHORT_GI_160;
1032 		}
1033 		raw = (struct wtbl_raw *)tlv;
1034 		raw->val = cpu_to_le32(flags);
1035 		raw->msk = cpu_to_le32(~msk);
1036 		raw->wtbl_idx = 1;
1037 		raw->dw = 5;
1038 	}
1039 }
1040 EXPORT_SYMBOL_GPL(mt76_connac_mcu_wtbl_ht_tlv);
1041 
1042 int mt76_connac_mcu_sta_cmd(struct mt76_phy *phy,
1043 			    struct mt76_sta_cmd_info *info)
1044 {
1045 	struct mt76_vif_link *mvif = (struct mt76_vif_link *)info->vif->drv_priv;
1046 	struct ieee80211_link_sta *link_sta;
1047 	struct mt76_dev *dev = phy->dev;
1048 	struct wtbl_req_hdr *wtbl_hdr;
1049 	struct tlv *sta_wtbl;
1050 	struct sk_buff *skb;
1051 	int conn_state;
1052 
1053 	if (!info->link_conf)
1054 		info->link_conf = &info->vif->bss_conf;
1055 
1056 	skb = mt76_connac_mcu_alloc_sta_req(dev, mvif, info->wcid);
1057 	if (IS_ERR(skb))
1058 		return PTR_ERR(skb);
1059 
1060 	conn_state = info->enable ? CONN_STATE_PORT_SECURE :
1061 				    CONN_STATE_DISCONNECT;
1062 	link_sta = info->sta ? &info->sta->deflink : NULL;
1063 	if (info->sta || !info->offload_fw)
1064 		mt76_connac_mcu_sta_basic_tlv(dev, skb, info->link_conf,
1065 					      link_sta, conn_state,
1066 					      info->newly);
1067 	if (info->sta && info->enable)
1068 		mt76_connac_mcu_sta_tlv(phy, skb, info->sta,
1069 					info->vif, info->rcpi,
1070 					info->state);
1071 
1072 	sta_wtbl = mt76_connac_mcu_add_tlv(skb, STA_REC_WTBL,
1073 					   sizeof(struct tlv));
1074 
1075 	wtbl_hdr = mt76_connac_mcu_alloc_wtbl_req(dev, info->wcid,
1076 						  WTBL_RESET_AND_SET,
1077 						  sta_wtbl, &skb);
1078 	if (IS_ERR(wtbl_hdr))
1079 		return PTR_ERR(wtbl_hdr);
1080 
1081 	if (info->enable) {
1082 		mt76_connac_mcu_wtbl_generic_tlv(dev, skb, info->vif,
1083 						 info->sta, sta_wtbl,
1084 						 wtbl_hdr);
1085 		mt76_connac_mcu_wtbl_hdr_trans_tlv(skb, info->vif, info->wcid,
1086 						   sta_wtbl, wtbl_hdr);
1087 		if (info->sta)
1088 			mt76_connac_mcu_wtbl_ht_tlv(dev, skb, info->sta,
1089 						    sta_wtbl, wtbl_hdr,
1090 						    true, true);
1091 	}
1092 
1093 	return mt76_mcu_skb_send_msg(dev, skb, info->cmd, true);
1094 }
1095 EXPORT_SYMBOL_GPL(mt76_connac_mcu_sta_cmd);
1096 
1097 void mt76_connac_mcu_wtbl_ba_tlv(struct mt76_dev *dev, struct sk_buff *skb,
1098 				 struct ieee80211_ampdu_params *params,
1099 				 bool enable, bool tx, void *sta_wtbl,
1100 				 void *wtbl_tlv)
1101 {
1102 	struct wtbl_ba *ba;
1103 	struct tlv *tlv;
1104 
1105 	tlv = mt76_connac_mcu_add_nested_tlv(skb, WTBL_BA, sizeof(*ba),
1106 					     wtbl_tlv, sta_wtbl);
1107 
1108 	ba = (struct wtbl_ba *)tlv;
1109 	ba->tid = params->tid;
1110 
1111 	if (tx) {
1112 		ba->ba_type = MT_BA_TYPE_ORIGINATOR;
1113 		ba->sn = enable ? cpu_to_le16(params->ssn) : 0;
1114 		ba->ba_winsize = enable ? cpu_to_le16(params->buf_size) : 0;
1115 		ba->ba_en = enable;
1116 	} else {
1117 		memcpy(ba->peer_addr, params->sta->addr, ETH_ALEN);
1118 		ba->ba_type = MT_BA_TYPE_RECIPIENT;
1119 		ba->rst_ba_tid = params->tid;
1120 		ba->rst_ba_sel = RST_BA_MAC_TID_MATCH;
1121 		ba->rst_ba_sb = 1;
1122 	}
1123 
1124 	if (!is_connac_v1(dev)) {
1125 		ba->ba_winsize = enable ? cpu_to_le16(params->buf_size) : 0;
1126 		return;
1127 	}
1128 
1129 	if (enable && tx) {
1130 		static const u8 ba_range[] = { 4, 8, 12, 24, 36, 48, 54, 64 };
1131 		int i;
1132 
1133 		for (i = 7; i > 0; i--) {
1134 			if (params->buf_size >= ba_range[i])
1135 				break;
1136 		}
1137 		ba->ba_winsize_idx = i;
1138 	}
1139 }
1140 EXPORT_SYMBOL_GPL(mt76_connac_mcu_wtbl_ba_tlv);
1141 
1142 int mt76_connac_mcu_uni_add_dev(struct mt76_phy *phy,
1143 				struct ieee80211_bss_conf *bss_conf,
1144 				struct mt76_vif_link *mvif,
1145 				struct mt76_wcid *wcid,
1146 				bool enable)
1147 {
1148 	struct mt76_dev *dev = phy->dev;
1149 	struct {
1150 		struct {
1151 			u8 omac_idx;
1152 			u8 band_idx;
1153 			__le16 pad;
1154 		} __packed hdr;
1155 		struct req_tlv {
1156 			__le16 tag;
1157 			__le16 len;
1158 			u8 active;
1159 			u8 link_idx; /* not link_id */
1160 			u8 omac_addr[ETH_ALEN];
1161 		} __packed tlv;
1162 	} dev_req = {
1163 		.hdr = {
1164 			.omac_idx = mvif->omac_idx,
1165 			.band_idx = mvif->band_idx,
1166 		},
1167 		.tlv = {
1168 			.tag = cpu_to_le16(DEV_INFO_ACTIVE),
1169 			.len = cpu_to_le16(sizeof(struct req_tlv)),
1170 			.active = enable,
1171 			.link_idx = mvif->idx,
1172 		},
1173 	};
1174 	struct {
1175 		struct {
1176 			u8 bss_idx;
1177 			u8 pad[3];
1178 		} __packed hdr;
1179 		struct mt76_connac_bss_basic_tlv basic;
1180 	} basic_req = {
1181 		.hdr = {
1182 			.bss_idx = mvif->idx,
1183 		},
1184 		.basic = {
1185 			.tag = cpu_to_le16(UNI_BSS_INFO_BASIC),
1186 			.len = cpu_to_le16(sizeof(struct mt76_connac_bss_basic_tlv)),
1187 			.omac_idx = mvif->omac_idx,
1188 			.band_idx = mvif->band_idx,
1189 			.wmm_idx = mvif->wmm_idx,
1190 			.active = enable,
1191 			.bmc_tx_wlan_idx = cpu_to_le16(wcid->idx),
1192 			.sta_idx = cpu_to_le16(wcid->idx),
1193 			.conn_state = 1,
1194 			.link_idx = mvif->idx,
1195 		},
1196 	};
1197 	int err, idx, cmd, len;
1198 	void *data;
1199 
1200 	switch (bss_conf->vif->type) {
1201 	case NL80211_IFTYPE_MESH_POINT:
1202 	case NL80211_IFTYPE_MONITOR:
1203 	case NL80211_IFTYPE_AP:
1204 		basic_req.basic.conn_type = cpu_to_le32(CONNECTION_INFRA_AP);
1205 		break;
1206 	case NL80211_IFTYPE_STATION:
1207 		basic_req.basic.conn_type = cpu_to_le32(CONNECTION_INFRA_STA);
1208 		break;
1209 	case NL80211_IFTYPE_P2P_DEVICE:
1210 		basic_req.basic.conn_type = cpu_to_le32(CONNECTION_P2P_GO);
1211 		break;
1212 	case NL80211_IFTYPE_ADHOC:
1213 		basic_req.basic.conn_type = cpu_to_le32(CONNECTION_IBSS_ADHOC);
1214 		break;
1215 	default:
1216 		WARN_ON(1);
1217 		break;
1218 	}
1219 
1220 	idx = mvif->omac_idx > EXT_BSSID_START ? HW_BSSID_0 : mvif->omac_idx;
1221 	basic_req.basic.hw_bss_idx = idx;
1222 
1223 	memcpy(dev_req.tlv.omac_addr, bss_conf->addr, ETH_ALEN);
1224 
1225 	cmd = enable ? MCU_UNI_CMD(DEV_INFO_UPDATE) : MCU_UNI_CMD(BSS_INFO_UPDATE);
1226 	data = enable ? (void *)&dev_req : (void *)&basic_req;
1227 	len = enable ? sizeof(dev_req) : sizeof(basic_req);
1228 
1229 	err = mt76_mcu_send_msg(dev, cmd, data, len, true);
1230 	if (err < 0)
1231 		return err;
1232 
1233 	cmd = enable ? MCU_UNI_CMD(BSS_INFO_UPDATE) : MCU_UNI_CMD(DEV_INFO_UPDATE);
1234 	data = enable ? (void *)&basic_req : (void *)&dev_req;
1235 	len = enable ? sizeof(basic_req) : sizeof(dev_req);
1236 
1237 	return mt76_mcu_send_msg(dev, cmd, data, len, true);
1238 }
1239 EXPORT_SYMBOL_GPL(mt76_connac_mcu_uni_add_dev);
1240 
1241 void mt76_connac_mcu_sta_ba_tlv(struct sk_buff *skb,
1242 				struct ieee80211_ampdu_params *params,
1243 				bool enable, bool tx)
1244 {
1245 	struct sta_rec_ba *ba;
1246 	struct tlv *tlv;
1247 
1248 	tlv = mt76_connac_mcu_add_tlv(skb, STA_REC_BA, sizeof(*ba));
1249 
1250 	ba = (struct sta_rec_ba *)tlv;
1251 	ba->ba_type = tx ? MT_BA_TYPE_ORIGINATOR : MT_BA_TYPE_RECIPIENT;
1252 	ba->winsize = cpu_to_le16(params->buf_size);
1253 	ba->ssn = cpu_to_le16(params->ssn);
1254 	ba->ba_en = enable << params->tid;
1255 	ba->amsdu = params->amsdu;
1256 	ba->tid = params->tid;
1257 }
1258 EXPORT_SYMBOL_GPL(mt76_connac_mcu_sta_ba_tlv);
1259 
1260 int mt76_connac_mcu_sta_wed_update(struct mt76_dev *dev, struct sk_buff *skb)
1261 {
1262 	if (!mt76_is_mmio(dev))
1263 		return 0;
1264 
1265 	if (!mtk_wed_device_active(&dev->mmio.wed))
1266 		return 0;
1267 
1268 	return mtk_wed_device_update_msg(&dev->mmio.wed, WED_WO_STA_REC,
1269 					 skb->data, skb->len);
1270 }
1271 EXPORT_SYMBOL_GPL(mt76_connac_mcu_sta_wed_update);
1272 
1273 int mt76_connac_mcu_sta_ba(struct mt76_dev *dev, struct mt76_vif_link *mvif,
1274 			   struct ieee80211_ampdu_params *params,
1275 			   int cmd, bool enable, bool tx)
1276 {
1277 	struct mt76_wcid *wcid = (struct mt76_wcid *)params->sta->drv_priv;
1278 	struct wtbl_req_hdr *wtbl_hdr;
1279 	struct tlv *sta_wtbl;
1280 	struct sk_buff *skb;
1281 	int ret;
1282 
1283 	skb = mt76_connac_mcu_alloc_sta_req(dev, mvif, wcid);
1284 	if (IS_ERR(skb))
1285 		return PTR_ERR(skb);
1286 
1287 	sta_wtbl = mt76_connac_mcu_add_tlv(skb, STA_REC_WTBL,
1288 					   sizeof(struct tlv));
1289 
1290 	wtbl_hdr = mt76_connac_mcu_alloc_wtbl_req(dev, wcid, WTBL_SET,
1291 						  sta_wtbl, &skb);
1292 	if (IS_ERR(wtbl_hdr))
1293 		return PTR_ERR(wtbl_hdr);
1294 
1295 	mt76_connac_mcu_wtbl_ba_tlv(dev, skb, params, enable, tx, sta_wtbl,
1296 				    wtbl_hdr);
1297 
1298 	ret = mt76_connac_mcu_sta_wed_update(dev, skb);
1299 	if (ret)
1300 		return ret;
1301 
1302 	ret = mt76_mcu_skb_send_msg(dev, skb, cmd, true);
1303 	if (ret)
1304 		return ret;
1305 
1306 	skb = mt76_connac_mcu_alloc_sta_req(dev, mvif, wcid);
1307 	if (IS_ERR(skb))
1308 		return PTR_ERR(skb);
1309 
1310 	mt76_connac_mcu_sta_ba_tlv(skb, params, enable, tx);
1311 
1312 	ret = mt76_connac_mcu_sta_wed_update(dev, skb);
1313 	if (ret)
1314 		return ret;
1315 
1316 	return mt76_mcu_skb_send_msg(dev, skb, cmd, true);
1317 }
1318 EXPORT_SYMBOL_GPL(mt76_connac_mcu_sta_ba);
1319 
1320 u8 mt76_connac_get_phy_mode(struct mt76_phy *phy, struct ieee80211_vif *vif,
1321 			    enum nl80211_band band,
1322 			    struct ieee80211_link_sta *link_sta)
1323 {
1324 	struct mt76_dev *dev = phy->dev;
1325 	const struct ieee80211_sta_he_cap *he_cap;
1326 	struct ieee80211_sta_vht_cap *vht_cap;
1327 	struct ieee80211_sta_ht_cap *ht_cap;
1328 	u8 mode = 0;
1329 
1330 	if (is_connac_v1(dev))
1331 		return 0x38;
1332 
1333 	if (link_sta) {
1334 		ht_cap = &link_sta->ht_cap;
1335 		vht_cap = &link_sta->vht_cap;
1336 		he_cap = &link_sta->he_cap;
1337 	} else {
1338 		struct ieee80211_supported_band *sband;
1339 
1340 		sband = phy->hw->wiphy->bands[band];
1341 		ht_cap = &sband->ht_cap;
1342 		vht_cap = &sband->vht_cap;
1343 		he_cap = ieee80211_get_he_iftype_cap(sband, vif->type);
1344 	}
1345 
1346 	if (band == NL80211_BAND_2GHZ) {
1347 		mode |= PHY_MODE_B | PHY_MODE_G;
1348 
1349 		if (ht_cap->ht_supported)
1350 			mode |= PHY_MODE_GN;
1351 
1352 		if (he_cap && he_cap->has_he)
1353 			mode |= PHY_MODE_AX_24G;
1354 	} else if (band == NL80211_BAND_5GHZ) {
1355 		mode |= PHY_MODE_A;
1356 
1357 		if (ht_cap->ht_supported)
1358 			mode |= PHY_MODE_AN;
1359 
1360 		if (vht_cap->vht_supported)
1361 			mode |= PHY_MODE_AC;
1362 
1363 		if (he_cap && he_cap->has_he)
1364 			mode |= PHY_MODE_AX_5G;
1365 	} else if (band == NL80211_BAND_6GHZ) {
1366 		mode |= PHY_MODE_A | PHY_MODE_AN |
1367 			PHY_MODE_AC | PHY_MODE_AX_5G;
1368 	}
1369 
1370 	return mode;
1371 }
1372 EXPORT_SYMBOL_GPL(mt76_connac_get_phy_mode);
1373 
1374 u8 mt76_connac_get_phy_mode_ext(struct mt76_phy *phy, struct ieee80211_bss_conf *conf,
1375 				enum nl80211_band band)
1376 {
1377 	const struct ieee80211_sta_eht_cap *eht_cap;
1378 	struct ieee80211_supported_band *sband;
1379 	u8 mode = 0;
1380 
1381 	if (band == NL80211_BAND_6GHZ)
1382 		mode |= PHY_MODE_AX_6G;
1383 
1384 	sband = phy->hw->wiphy->bands[band];
1385 	eht_cap = ieee80211_get_eht_iftype_cap(sband, conf->vif->type);
1386 
1387 	if (!eht_cap || !eht_cap->has_eht || !conf->eht_support)
1388 		return mode;
1389 
1390 	switch (band) {
1391 	case NL80211_BAND_6GHZ:
1392 		mode |= PHY_MODE_BE_6G;
1393 		break;
1394 	case NL80211_BAND_5GHZ:
1395 		mode |= PHY_MODE_BE_5G;
1396 		break;
1397 	case NL80211_BAND_2GHZ:
1398 		mode |= PHY_MODE_BE_24G;
1399 		break;
1400 	default:
1401 		break;
1402 	}
1403 
1404 	return mode;
1405 }
1406 EXPORT_SYMBOL_GPL(mt76_connac_get_phy_mode_ext);
1407 
1408 const struct ieee80211_sta_he_cap *
1409 mt76_connac_get_he_phy_cap(struct mt76_phy *phy, struct ieee80211_vif *vif)
1410 {
1411 	struct mt76_vif_link *mvif = (struct mt76_vif_link *)vif->drv_priv;
1412 	struct cfg80211_chan_def *chandef = mvif->ctx ?
1413 					    &mvif->ctx->def : &phy->chandef;
1414 	enum nl80211_band band = chandef->chan->band;
1415 	struct ieee80211_supported_band *sband;
1416 
1417 	sband = phy->hw->wiphy->bands[band];
1418 
1419 	return ieee80211_get_he_iftype_cap(sband, vif->type);
1420 }
1421 EXPORT_SYMBOL_GPL(mt76_connac_get_he_phy_cap);
1422 
1423 const struct ieee80211_sta_eht_cap *
1424 mt76_connac_get_eht_phy_cap(struct mt76_phy *phy, struct ieee80211_vif *vif)
1425 {
1426 	enum nl80211_band band = phy->chandef.chan->band;
1427 	struct ieee80211_supported_band *sband;
1428 
1429 	sband = phy->hw->wiphy->bands[band];
1430 
1431 	return ieee80211_get_eht_iftype_cap(sband, vif->type);
1432 }
1433 EXPORT_SYMBOL_GPL(mt76_connac_get_eht_phy_cap);
1434 
1435 #define DEFAULT_HE_PE_DURATION		4
1436 #define DEFAULT_HE_DURATION_RTS_THRES	1023
1437 static void
1438 mt76_connac_mcu_uni_bss_he_tlv(struct mt76_phy *phy, struct ieee80211_vif *vif,
1439 			       struct tlv *tlv)
1440 {
1441 	const struct ieee80211_sta_he_cap *cap;
1442 	struct bss_info_uni_he *he;
1443 
1444 	cap = mt76_connac_get_he_phy_cap(phy, vif);
1445 
1446 	he = (struct bss_info_uni_he *)tlv;
1447 	he->he_pe_duration = vif->bss_conf.htc_trig_based_pkt_ext;
1448 	if (!he->he_pe_duration)
1449 		he->he_pe_duration = DEFAULT_HE_PE_DURATION;
1450 
1451 	he->he_rts_thres = cpu_to_le16(vif->bss_conf.frame_time_rts_th);
1452 	if (!he->he_rts_thres)
1453 		he->he_rts_thres = cpu_to_le16(DEFAULT_HE_DURATION_RTS_THRES);
1454 
1455 	he->max_nss_mcs[CMD_HE_MCS_BW80] = cap->he_mcs_nss_supp.tx_mcs_80;
1456 	he->max_nss_mcs[CMD_HE_MCS_BW160] = cap->he_mcs_nss_supp.tx_mcs_160;
1457 	he->max_nss_mcs[CMD_HE_MCS_BW8080] = cap->he_mcs_nss_supp.tx_mcs_80p80;
1458 }
1459 
1460 int mt76_connac_mcu_uni_set_chctx(struct mt76_phy *phy, struct mt76_vif_link *mvif,
1461 				  struct ieee80211_chanctx_conf *ctx)
1462 {
1463 	struct cfg80211_chan_def *chandef = ctx ? &ctx->def : &phy->chandef;
1464 	int freq1 = chandef->center_freq1, freq2 = chandef->center_freq2;
1465 	enum nl80211_band band = chandef->chan->band;
1466 	struct mt76_dev *mdev = phy->dev;
1467 	struct {
1468 		struct {
1469 			u8 bss_idx;
1470 			u8 pad[3];
1471 		} __packed hdr;
1472 		struct rlm_tlv {
1473 			__le16 tag;
1474 			__le16 len;
1475 			u8 control_channel;
1476 			u8 center_chan;
1477 			u8 center_chan2;
1478 			u8 bw;
1479 			u8 tx_streams;
1480 			u8 rx_streams;
1481 			u8 short_st;
1482 			u8 ht_op_info;
1483 			u8 sco;
1484 			u8 band;
1485 			u8 pad[2];
1486 		} __packed rlm;
1487 	} __packed rlm_req = {
1488 		.hdr = {
1489 			.bss_idx = mvif->idx,
1490 		},
1491 		.rlm = {
1492 			.tag = cpu_to_le16(UNI_BSS_INFO_RLM),
1493 			.len = cpu_to_le16(sizeof(struct rlm_tlv)),
1494 			.control_channel = chandef->chan->hw_value,
1495 			.center_chan = ieee80211_frequency_to_channel(freq1),
1496 			.center_chan2 = ieee80211_frequency_to_channel(freq2),
1497 			.tx_streams = hweight8(phy->antenna_mask),
1498 			.ht_op_info = 4, /* set HT 40M allowed */
1499 			.rx_streams = phy->chainmask,
1500 			.short_st = true,
1501 			.band = band,
1502 		},
1503 	};
1504 
1505 	switch (chandef->width) {
1506 	case NL80211_CHAN_WIDTH_40:
1507 		rlm_req.rlm.bw = CMD_CBW_40MHZ;
1508 		break;
1509 	case NL80211_CHAN_WIDTH_80:
1510 		rlm_req.rlm.bw = CMD_CBW_80MHZ;
1511 		break;
1512 	case NL80211_CHAN_WIDTH_80P80:
1513 		rlm_req.rlm.bw = CMD_CBW_8080MHZ;
1514 		break;
1515 	case NL80211_CHAN_WIDTH_160:
1516 		rlm_req.rlm.bw = CMD_CBW_160MHZ;
1517 		break;
1518 	case NL80211_CHAN_WIDTH_5:
1519 		rlm_req.rlm.bw = CMD_CBW_5MHZ;
1520 		break;
1521 	case NL80211_CHAN_WIDTH_10:
1522 		rlm_req.rlm.bw = CMD_CBW_10MHZ;
1523 		break;
1524 	case NL80211_CHAN_WIDTH_20_NOHT:
1525 	case NL80211_CHAN_WIDTH_20:
1526 	default:
1527 		rlm_req.rlm.bw = CMD_CBW_20MHZ;
1528 		rlm_req.rlm.ht_op_info = 0;
1529 		break;
1530 	}
1531 
1532 	if (rlm_req.rlm.control_channel < rlm_req.rlm.center_chan)
1533 		rlm_req.rlm.sco = 1; /* SCA */
1534 	else if (rlm_req.rlm.control_channel > rlm_req.rlm.center_chan)
1535 		rlm_req.rlm.sco = 3; /* SCB */
1536 
1537 	return mt76_mcu_send_msg(mdev, MCU_UNI_CMD(BSS_INFO_UPDATE), &rlm_req,
1538 				 sizeof(rlm_req), true);
1539 }
1540 EXPORT_SYMBOL_GPL(mt76_connac_mcu_uni_set_chctx);
1541 
1542 int mt76_connac_mcu_uni_add_bss(struct mt76_phy *phy,
1543 				struct ieee80211_vif *vif,
1544 				struct mt76_wcid *wcid,
1545 				bool enable,
1546 				struct ieee80211_chanctx_conf *ctx)
1547 {
1548 	struct mt76_vif_link *mvif = (struct mt76_vif_link *)vif->drv_priv;
1549 	struct cfg80211_chan_def *chandef = ctx ? &ctx->def : &phy->chandef;
1550 	enum nl80211_band band = chandef->chan->band;
1551 	struct mt76_dev *mdev = phy->dev;
1552 	struct {
1553 		struct {
1554 			u8 bss_idx;
1555 			u8 pad[3];
1556 		} __packed hdr;
1557 		struct mt76_connac_bss_basic_tlv basic;
1558 		struct mt76_connac_bss_qos_tlv qos;
1559 	} basic_req = {
1560 		.hdr = {
1561 			.bss_idx = mvif->idx,
1562 		},
1563 		.basic = {
1564 			.tag = cpu_to_le16(UNI_BSS_INFO_BASIC),
1565 			.len = cpu_to_le16(sizeof(struct mt76_connac_bss_basic_tlv)),
1566 			.bcn_interval = cpu_to_le16(vif->bss_conf.beacon_int),
1567 			.dtim_period = vif->bss_conf.dtim_period,
1568 			.omac_idx = mvif->omac_idx,
1569 			.band_idx = mvif->band_idx,
1570 			.wmm_idx = mvif->wmm_idx,
1571 			.active = true, /* keep bss deactivated */
1572 			.phymode = mt76_connac_get_phy_mode(phy, vif, band, NULL),
1573 		},
1574 		.qos = {
1575 			.tag = cpu_to_le16(UNI_BSS_INFO_QBSS),
1576 			.len = cpu_to_le16(sizeof(struct mt76_connac_bss_qos_tlv)),
1577 			.qos = vif->bss_conf.qos,
1578 		},
1579 	};
1580 	int err, conn_type;
1581 	u8 idx, basic_phy;
1582 
1583 	idx = mvif->omac_idx > EXT_BSSID_START ? HW_BSSID_0 : mvif->omac_idx;
1584 	basic_req.basic.hw_bss_idx = idx;
1585 	if (band == NL80211_BAND_6GHZ)
1586 		basic_req.basic.phymode_ext = PHY_MODE_AX_6G;
1587 
1588 	basic_phy = mt76_connac_get_phy_mode_v2(phy, vif, band, NULL);
1589 	basic_req.basic.nonht_basic_phy = cpu_to_le16(basic_phy);
1590 
1591 	switch (vif->type) {
1592 	case NL80211_IFTYPE_MESH_POINT:
1593 	case NL80211_IFTYPE_AP:
1594 		if (vif->p2p)
1595 			conn_type = CONNECTION_P2P_GO;
1596 		else
1597 			conn_type = CONNECTION_INFRA_AP;
1598 		basic_req.basic.conn_type = cpu_to_le32(conn_type);
1599 		/* Fully active/deactivate BSS network in AP mode only */
1600 		basic_req.basic.active = enable;
1601 		break;
1602 	case NL80211_IFTYPE_STATION:
1603 		if (vif->p2p)
1604 			conn_type = CONNECTION_P2P_GC;
1605 		else
1606 			conn_type = CONNECTION_INFRA_STA;
1607 		basic_req.basic.conn_type = cpu_to_le32(conn_type);
1608 		break;
1609 	case NL80211_IFTYPE_ADHOC:
1610 		basic_req.basic.conn_type = cpu_to_le32(CONNECTION_IBSS_ADHOC);
1611 		break;
1612 	default:
1613 		WARN_ON(1);
1614 		break;
1615 	}
1616 
1617 	memcpy(basic_req.basic.bssid, vif->bss_conf.bssid, ETH_ALEN);
1618 	basic_req.basic.bmc_tx_wlan_idx = cpu_to_le16(wcid->idx);
1619 	basic_req.basic.sta_idx = cpu_to_le16(wcid->idx);
1620 	basic_req.basic.conn_state = !enable;
1621 
1622 	err = mt76_mcu_send_msg(mdev, MCU_UNI_CMD(BSS_INFO_UPDATE), &basic_req,
1623 				sizeof(basic_req), true);
1624 	if (err < 0)
1625 		return err;
1626 
1627 	if (vif->bss_conf.he_support) {
1628 		struct {
1629 			struct {
1630 				u8 bss_idx;
1631 				u8 pad[3];
1632 			} __packed hdr;
1633 			struct bss_info_uni_he he;
1634 			struct bss_info_uni_bss_color bss_color;
1635 		} he_req = {
1636 			.hdr = {
1637 				.bss_idx = mvif->idx,
1638 			},
1639 			.he = {
1640 				.tag = cpu_to_le16(UNI_BSS_INFO_HE_BASIC),
1641 				.len = cpu_to_le16(sizeof(struct bss_info_uni_he)),
1642 			},
1643 			.bss_color = {
1644 				.tag = cpu_to_le16(UNI_BSS_INFO_BSS_COLOR),
1645 				.len = cpu_to_le16(sizeof(struct bss_info_uni_bss_color)),
1646 				.enable = 0,
1647 				.bss_color = 0,
1648 			},
1649 		};
1650 
1651 		if (enable) {
1652 			he_req.bss_color.enable =
1653 				vif->bss_conf.he_bss_color.enabled;
1654 			he_req.bss_color.bss_color =
1655 				vif->bss_conf.he_bss_color.color;
1656 		}
1657 
1658 		mt76_connac_mcu_uni_bss_he_tlv(phy, vif,
1659 					       (struct tlv *)&he_req.he);
1660 		err = mt76_mcu_send_msg(mdev, MCU_UNI_CMD(BSS_INFO_UPDATE),
1661 					&he_req, sizeof(he_req), true);
1662 		if (err < 0)
1663 			return err;
1664 	}
1665 
1666 	return mt76_connac_mcu_uni_set_chctx(phy, mvif, ctx);
1667 }
1668 EXPORT_SYMBOL_GPL(mt76_connac_mcu_uni_add_bss);
1669 
1670 #define MT76_CONNAC_SCAN_CHANNEL_TIME		60
1671 int mt76_connac_mcu_hw_scan(struct mt76_phy *phy, struct ieee80211_vif *vif,
1672 			    struct ieee80211_scan_request *scan_req)
1673 {
1674 	struct mt76_vif_link *mvif = (struct mt76_vif_link *)vif->drv_priv;
1675 	struct cfg80211_scan_request *sreq = &scan_req->req;
1676 	int n_ssids = 0, err, i, duration;
1677 	int ext_channels_num = max_t(int, sreq->n_channels - 32, 0);
1678 	struct ieee80211_channel **scan_list = sreq->channels;
1679 	struct mt76_dev *mdev = phy->dev;
1680 	struct mt76_connac_mcu_scan_channel *chan;
1681 	struct mt76_connac_hw_scan_req *req;
1682 	struct sk_buff *skb;
1683 
1684 	if (test_bit(MT76_HW_SCANNING, &phy->state))
1685 		return -EBUSY;
1686 
1687 	skb = mt76_mcu_msg_alloc(mdev, NULL, sizeof(*req));
1688 	if (!skb)
1689 		return -ENOMEM;
1690 
1691 	set_bit(MT76_HW_SCANNING, &phy->state);
1692 	mvif->scan_seq_num = (mvif->scan_seq_num + 1) & 0x7f;
1693 
1694 	req = (struct mt76_connac_hw_scan_req *)skb_put_zero(skb, sizeof(*req));
1695 
1696 	req->seq_num = mvif->scan_seq_num | mvif->band_idx << 7;
1697 	req->bss_idx = mvif->idx;
1698 	req->scan_type = sreq->n_ssids ? 1 : 0;
1699 	req->probe_req_num = sreq->n_ssids ? 2 : 0;
1700 	req->version = 1;
1701 
1702 	for (i = 0; i < sreq->n_ssids; i++) {
1703 		if (!sreq->ssids[i].ssid_len)
1704 			continue;
1705 
1706 		req->ssids[i].ssid_len = cpu_to_le32(sreq->ssids[i].ssid_len);
1707 		memcpy(req->ssids[i].ssid, sreq->ssids[i].ssid,
1708 		       sreq->ssids[i].ssid_len);
1709 		n_ssids++;
1710 	}
1711 	req->ssid_type = n_ssids ? BIT(2) : BIT(0);
1712 	req->ssid_type_ext = n_ssids ? BIT(0) : 0;
1713 	req->ssids_num = n_ssids;
1714 
1715 	duration = is_mt7921(phy->dev) ? 0 : MT76_CONNAC_SCAN_CHANNEL_TIME;
1716 	/* increase channel time for passive scan */
1717 	if (!sreq->n_ssids)
1718 		duration *= 2;
1719 	req->timeout_value = cpu_to_le16(sreq->n_channels * duration);
1720 	req->channel_min_dwell_time = cpu_to_le16(duration);
1721 	req->channel_dwell_time = cpu_to_le16(duration);
1722 
1723 	if (sreq->n_channels == 0 || sreq->n_channels > 64) {
1724 		req->channel_type = 0;
1725 		req->channels_num = 0;
1726 		req->ext_channels_num = 0;
1727 	} else {
1728 		req->channel_type = 4;
1729 		req->channels_num = min_t(u8, sreq->n_channels, 32);
1730 		req->ext_channels_num = min_t(u8, ext_channels_num, 32);
1731 	}
1732 
1733 	for (i = 0; i < req->channels_num + req->ext_channels_num; i++) {
1734 		if (i >= 32)
1735 			chan = &req->ext_channels[i - 32];
1736 		else
1737 			chan = &req->channels[i];
1738 
1739 		switch (scan_list[i]->band) {
1740 		case NL80211_BAND_2GHZ:
1741 			chan->band = 1;
1742 			break;
1743 		case NL80211_BAND_6GHZ:
1744 			chan->band = 3;
1745 			break;
1746 		default:
1747 			chan->band = 2;
1748 			break;
1749 		}
1750 		chan->channel_num = scan_list[i]->hw_value;
1751 	}
1752 
1753 	if (sreq->ie_len > 0) {
1754 		memcpy(req->ies, sreq->ie, sreq->ie_len);
1755 		req->ies_len = cpu_to_le16(sreq->ie_len);
1756 	}
1757 
1758 	if (is_mt7921(phy->dev))
1759 		req->scan_func |= SCAN_FUNC_SPLIT_SCAN;
1760 
1761 	memcpy(req->bssid, sreq->bssid, ETH_ALEN);
1762 	if (sreq->flags & NL80211_SCAN_FLAG_RANDOM_ADDR) {
1763 		get_random_mask_addr(req->random_mac, sreq->mac_addr,
1764 				     sreq->mac_addr_mask);
1765 		req->scan_func |= SCAN_FUNC_RANDOM_MAC;
1766 	}
1767 
1768 	err = mt76_mcu_skb_send_msg(mdev, skb, MCU_CE_CMD(START_HW_SCAN),
1769 				    false);
1770 	if (err < 0)
1771 		clear_bit(MT76_HW_SCANNING, &phy->state);
1772 
1773 	return err;
1774 }
1775 EXPORT_SYMBOL_GPL(mt76_connac_mcu_hw_scan);
1776 
1777 int mt76_connac_mcu_cancel_hw_scan(struct mt76_phy *phy,
1778 				   struct ieee80211_vif *vif)
1779 {
1780 	struct mt76_vif_link *mvif = (struct mt76_vif_link *)vif->drv_priv;
1781 	struct {
1782 		u8 seq_num;
1783 		u8 is_ext_channel;
1784 		u8 rsv[2];
1785 	} __packed req = {
1786 		.seq_num = mvif->scan_seq_num,
1787 	};
1788 
1789 	if (test_and_clear_bit(MT76_HW_SCANNING, &phy->state)) {
1790 		struct cfg80211_scan_info info = {
1791 			.aborted = true,
1792 		};
1793 
1794 		ieee80211_scan_completed(phy->hw, &info);
1795 	}
1796 
1797 	return mt76_mcu_send_msg(phy->dev, MCU_CE_CMD(CANCEL_HW_SCAN),
1798 				 &req, sizeof(req), false);
1799 }
1800 EXPORT_SYMBOL_GPL(mt76_connac_mcu_cancel_hw_scan);
1801 
1802 int mt76_connac_mcu_sched_scan_req(struct mt76_phy *phy,
1803 				   struct ieee80211_vif *vif,
1804 				   struct cfg80211_sched_scan_request *sreq)
1805 {
1806 	struct mt76_vif_link *mvif = (struct mt76_vif_link *)vif->drv_priv;
1807 	struct ieee80211_channel **scan_list = sreq->channels;
1808 	struct mt76_connac_mcu_scan_channel *chan;
1809 	struct mt76_connac_sched_scan_req *req;
1810 	struct mt76_dev *mdev = phy->dev;
1811 	struct cfg80211_match_set *match;
1812 	struct cfg80211_ssid *ssid;
1813 	struct sk_buff *skb;
1814 	int i;
1815 
1816 	skb = mt76_mcu_msg_alloc(mdev, NULL, sizeof(*req) + sreq->ie_len);
1817 	if (!skb)
1818 		return -ENOMEM;
1819 
1820 	mvif->scan_seq_num = (mvif->scan_seq_num + 1) & 0x7f;
1821 
1822 	req = (struct mt76_connac_sched_scan_req *)skb_put_zero(skb, sizeof(*req));
1823 	req->version = 1;
1824 	req->seq_num = mvif->scan_seq_num | mvif->band_idx << 7;
1825 
1826 	if (sreq->flags & NL80211_SCAN_FLAG_RANDOM_ADDR) {
1827 		u8 *addr = is_mt7663(phy->dev) ? req->mt7663.random_mac
1828 					       : req->mt7921.random_mac;
1829 
1830 		req->scan_func = 1;
1831 		get_random_mask_addr(addr, sreq->mac_addr,
1832 				     sreq->mac_addr_mask);
1833 	}
1834 	if (is_mt7921(phy->dev)) {
1835 		req->mt7921.bss_idx = mvif->idx;
1836 		req->mt7921.delay = cpu_to_le32(sreq->delay);
1837 	}
1838 
1839 	req->ssids_num = sreq->n_ssids;
1840 	for (i = 0; i < req->ssids_num; i++) {
1841 		ssid = &sreq->ssids[i];
1842 		memcpy(req->ssids[i].ssid, ssid->ssid, ssid->ssid_len);
1843 		req->ssids[i].ssid_len = cpu_to_le32(ssid->ssid_len);
1844 	}
1845 
1846 	req->match_num = sreq->n_match_sets;
1847 	for (i = 0; i < req->match_num; i++) {
1848 		match = &sreq->match_sets[i];
1849 		memcpy(req->match[i].ssid, match->ssid.ssid,
1850 		       match->ssid.ssid_len);
1851 		req->match[i].rssi_th = cpu_to_le32(match->rssi_thold);
1852 		req->match[i].ssid_len = match->ssid.ssid_len;
1853 	}
1854 
1855 	req->channel_type = sreq->n_channels ? 4 : 0;
1856 	req->channels_num = min_t(u8, sreq->n_channels, 64);
1857 	for (i = 0; i < req->channels_num; i++) {
1858 		chan = &req->channels[i];
1859 
1860 		switch (scan_list[i]->band) {
1861 		case NL80211_BAND_2GHZ:
1862 			chan->band = 1;
1863 			break;
1864 		case NL80211_BAND_6GHZ:
1865 			chan->band = 3;
1866 			break;
1867 		default:
1868 			chan->band = 2;
1869 			break;
1870 		}
1871 		chan->channel_num = scan_list[i]->hw_value;
1872 	}
1873 
1874 	req->intervals_num = sreq->n_scan_plans;
1875 	for (i = 0; i < req->intervals_num; i++)
1876 		req->intervals[i] = cpu_to_le16(sreq->scan_plans[i].interval);
1877 
1878 	if (sreq->ie_len > 0) {
1879 		req->ie_len = cpu_to_le16(sreq->ie_len);
1880 		memcpy(skb_put(skb, sreq->ie_len), sreq->ie, sreq->ie_len);
1881 	}
1882 
1883 	return mt76_mcu_skb_send_msg(mdev, skb, MCU_CE_CMD(SCHED_SCAN_REQ),
1884 				     false);
1885 }
1886 EXPORT_SYMBOL_GPL(mt76_connac_mcu_sched_scan_req);
1887 
1888 int mt76_connac_mcu_sched_scan_enable(struct mt76_phy *phy,
1889 				      struct ieee80211_vif *vif,
1890 				      bool enable)
1891 {
1892 	struct {
1893 		u8 active; /* 0: enabled 1: disabled */
1894 		u8 rsv[3];
1895 	} __packed req = {
1896 		.active = !enable,
1897 	};
1898 
1899 	if (enable)
1900 		set_bit(MT76_HW_SCHED_SCANNING, &phy->state);
1901 	else
1902 		clear_bit(MT76_HW_SCHED_SCANNING, &phy->state);
1903 
1904 	return mt76_mcu_send_msg(phy->dev, MCU_CE_CMD(SCHED_SCAN_ENABLE),
1905 				 &req, sizeof(req), false);
1906 }
1907 EXPORT_SYMBOL_GPL(mt76_connac_mcu_sched_scan_enable);
1908 
1909 int mt76_connac_mcu_chip_config(struct mt76_dev *dev)
1910 {
1911 	struct mt76_connac_config req = {
1912 		.resp_type = 0,
1913 	};
1914 
1915 	memcpy(req.data, "assert", 7);
1916 
1917 	return mt76_mcu_send_msg(dev, MCU_CE_CMD(CHIP_CONFIG),
1918 				 &req, sizeof(req), false);
1919 }
1920 EXPORT_SYMBOL_GPL(mt76_connac_mcu_chip_config);
1921 
1922 int mt76_connac_mcu_set_deep_sleep(struct mt76_dev *dev, bool enable)
1923 {
1924 	struct mt76_connac_config req = {
1925 		.resp_type = 0,
1926 	};
1927 
1928 	snprintf(req.data, sizeof(req.data), "KeepFullPwr %d", !enable);
1929 
1930 	return mt76_mcu_send_msg(dev, MCU_CE_CMD(CHIP_CONFIG),
1931 				 &req, sizeof(req), false);
1932 }
1933 EXPORT_SYMBOL_GPL(mt76_connac_mcu_set_deep_sleep);
1934 
1935 int mt76_connac_sta_state_dp(struct mt76_dev *dev,
1936 			     enum ieee80211_sta_state old_state,
1937 			     enum ieee80211_sta_state new_state)
1938 {
1939 	if ((old_state == IEEE80211_STA_ASSOC &&
1940 	     new_state == IEEE80211_STA_AUTHORIZED) ||
1941 	    (old_state == IEEE80211_STA_NONE &&
1942 	     new_state == IEEE80211_STA_NOTEXIST))
1943 		mt76_connac_mcu_set_deep_sleep(dev, true);
1944 
1945 	if ((old_state == IEEE80211_STA_NOTEXIST &&
1946 	     new_state == IEEE80211_STA_NONE) ||
1947 	    (old_state == IEEE80211_STA_AUTHORIZED &&
1948 	     new_state == IEEE80211_STA_ASSOC))
1949 		mt76_connac_mcu_set_deep_sleep(dev, false);
1950 
1951 	return 0;
1952 }
1953 EXPORT_SYMBOL_GPL(mt76_connac_sta_state_dp);
1954 
1955 void mt76_connac_mcu_coredump_event(struct mt76_dev *dev, struct sk_buff *skb,
1956 				    struct mt76_connac_coredump *coredump)
1957 {
1958 	spin_lock_bh(&dev->lock);
1959 	__skb_queue_tail(&coredump->msg_list, skb);
1960 	spin_unlock_bh(&dev->lock);
1961 
1962 	coredump->last_activity = jiffies;
1963 
1964 	queue_delayed_work(dev->wq, &coredump->work,
1965 			   MT76_CONNAC_COREDUMP_TIMEOUT);
1966 }
1967 EXPORT_SYMBOL_GPL(mt76_connac_mcu_coredump_event);
1968 
1969 static void
1970 mt76_connac_mcu_build_sku(struct mt76_dev *dev, s8 *sku,
1971 			  struct mt76_power_limits *limits,
1972 			  enum nl80211_band band)
1973 {
1974 	int max_power = is_mt7921(dev) ? 127 : 63;
1975 	int i, offset = sizeof(limits->cck);
1976 
1977 	memset(sku, max_power, MT_SKU_POWER_LIMIT);
1978 
1979 	if (band == NL80211_BAND_2GHZ) {
1980 		/* cck */
1981 		memcpy(sku, limits->cck, sizeof(limits->cck));
1982 	}
1983 
1984 	/* ofdm */
1985 	memcpy(&sku[offset], limits->ofdm, sizeof(limits->ofdm));
1986 	offset += sizeof(limits->ofdm);
1987 
1988 	/* ht */
1989 	for (i = 0; i < 2; i++) {
1990 		memcpy(&sku[offset], limits->mcs[i], 8);
1991 		offset += 8;
1992 	}
1993 	sku[offset++] = limits->mcs[0][0];
1994 
1995 	/* vht */
1996 	for (i = 0; i < ARRAY_SIZE(limits->mcs); i++) {
1997 		memcpy(&sku[offset], limits->mcs[i],
1998 		       ARRAY_SIZE(limits->mcs[i]));
1999 		offset += 12;
2000 	}
2001 
2002 	if (!is_mt7921(dev))
2003 		return;
2004 
2005 	/* he */
2006 	for (i = 0; i < ARRAY_SIZE(limits->ru); i++) {
2007 		memcpy(&sku[offset], limits->ru[i], ARRAY_SIZE(limits->ru[i]));
2008 		offset += ARRAY_SIZE(limits->ru[i]);
2009 	}
2010 }
2011 
2012 s8 mt76_connac_get_ch_power(struct mt76_phy *phy,
2013 			    struct ieee80211_channel *chan,
2014 			    s8 target_power)
2015 {
2016 	struct mt76_dev *dev = phy->dev;
2017 	struct ieee80211_supported_band *sband;
2018 	int i;
2019 
2020 	switch (chan->band) {
2021 	case NL80211_BAND_2GHZ:
2022 		sband = &phy->sband_2g.sband;
2023 		break;
2024 	case NL80211_BAND_5GHZ:
2025 		sband = &phy->sband_5g.sband;
2026 		break;
2027 	case NL80211_BAND_6GHZ:
2028 		sband = &phy->sband_6g.sband;
2029 		break;
2030 	default:
2031 		return target_power;
2032 	}
2033 
2034 	for (i = 0; i < sband->n_channels; i++) {
2035 		struct ieee80211_channel *ch = &sband->channels[i];
2036 
2037 		if (ch->hw_value == chan->hw_value) {
2038 			if (!(ch->flags & IEEE80211_CHAN_DISABLED)) {
2039 				int power = 2 * ch->max_reg_power;
2040 
2041 				if (is_mt7663(dev) && (power > 63 || power < -64))
2042 					power = 63;
2043 				target_power = min_t(s8, power, target_power);
2044 			}
2045 			break;
2046 		}
2047 	}
2048 
2049 	return target_power;
2050 }
2051 EXPORT_SYMBOL_GPL(mt76_connac_get_ch_power);
2052 
2053 static int
2054 mt76_connac_mcu_rate_txpower_band(struct mt76_phy *phy,
2055 				  enum nl80211_band band)
2056 {
2057 	struct mt76_dev *dev = phy->dev;
2058 	int sku_len, batch_len = is_mt7921(dev) ? 8 : 16;
2059 	static const u8 chan_list_2ghz[] = {
2060 		1, 2,  3,  4,  5,  6,  7,
2061 		8, 9, 10, 11, 12, 13, 14
2062 	};
2063 	static const u8 chan_list_5ghz[] = {
2064 		 36,  38,  40,  42,  44,  46,  48,
2065 		 50,  52,  54,  56,  58,  60,  62,
2066 		 64, 100, 102, 104, 106, 108, 110,
2067 		112, 114, 116, 118, 120, 122, 124,
2068 		126, 128, 132, 134, 136, 138, 140,
2069 		142, 144, 149, 151, 153, 155, 157,
2070 		159, 161, 165, 169, 173, 177
2071 	};
2072 	static const u8 chan_list_6ghz[] = {
2073 		  1,   3,   5,   7,   9,  11,  13,
2074 		 15,  17,  19,  21,  23,  25,  27,
2075 		 29,  33,  35,  37,  39,  41,  43,
2076 		 45,  47,  49,  51,  53,  55,  57,
2077 		 59,  61,  65,  67,  69,  71,  73,
2078 		 75,  77,  79,  81,  83,  85,  87,
2079 		 89,  91,  93,  97,  99, 101, 103,
2080 		105, 107, 109, 111, 113, 115, 117,
2081 		119, 121, 123, 125, 129, 131, 133,
2082 		135, 137, 139, 141, 143, 145, 147,
2083 		149, 151, 153, 155, 157, 161, 163,
2084 		165, 167, 169, 171, 173, 175, 177,
2085 		179, 181, 183, 185, 187, 189, 193,
2086 		195, 197, 199, 201, 203, 205, 207,
2087 		209, 211, 213, 215, 217, 219, 221,
2088 		225, 227, 229, 233
2089 	};
2090 	int i, n_chan, batch_size, idx = 0, tx_power, last_ch, err = 0;
2091 	struct mt76_connac_sku_tlv sku_tlbv;
2092 	struct mt76_power_limits *limits;
2093 	const u8 *ch_list;
2094 
2095 	limits = devm_kmalloc(dev->dev, sizeof(*limits), GFP_KERNEL);
2096 	if (!limits)
2097 		return -ENOMEM;
2098 
2099 	sku_len = is_mt7921(dev) ? sizeof(sku_tlbv) : sizeof(sku_tlbv) - 92;
2100 	tx_power = 2 * phy->hw->conf.power_level;
2101 	if (!tx_power)
2102 		tx_power = 127;
2103 
2104 	if (band == NL80211_BAND_2GHZ) {
2105 		n_chan = ARRAY_SIZE(chan_list_2ghz);
2106 		ch_list = chan_list_2ghz;
2107 	} else if (band == NL80211_BAND_6GHZ) {
2108 		n_chan = ARRAY_SIZE(chan_list_6ghz);
2109 		ch_list = chan_list_6ghz;
2110 	} else {
2111 		n_chan = ARRAY_SIZE(chan_list_5ghz);
2112 		ch_list = chan_list_5ghz;
2113 	}
2114 	batch_size = DIV_ROUND_UP(n_chan, batch_len);
2115 
2116 	if (phy->cap.has_6ghz)
2117 		last_ch = chan_list_6ghz[ARRAY_SIZE(chan_list_6ghz) - 1];
2118 	else if (phy->cap.has_5ghz)
2119 		last_ch = chan_list_5ghz[ARRAY_SIZE(chan_list_5ghz) - 1];
2120 	else
2121 		last_ch = chan_list_2ghz[ARRAY_SIZE(chan_list_2ghz) - 1];
2122 
2123 	for (i = 0; i < batch_size; i++) {
2124 		struct mt76_connac_tx_power_limit_tlv tx_power_tlv = {};
2125 		int j, msg_len, num_ch;
2126 		struct sk_buff *skb;
2127 
2128 		num_ch = i == batch_size - 1 ? n_chan - i * batch_len : batch_len;
2129 		msg_len = sizeof(tx_power_tlv) + num_ch * sizeof(sku_tlbv);
2130 		skb = mt76_mcu_msg_alloc(dev, NULL, msg_len);
2131 		if (!skb) {
2132 			err = -ENOMEM;
2133 			goto out;
2134 		}
2135 
2136 		skb_reserve(skb, sizeof(tx_power_tlv));
2137 
2138 		BUILD_BUG_ON(sizeof(dev->alpha2) > sizeof(tx_power_tlv.alpha2));
2139 		memcpy(tx_power_tlv.alpha2, dev->alpha2, sizeof(dev->alpha2));
2140 		tx_power_tlv.n_chan = num_ch;
2141 
2142 		switch (band) {
2143 		case NL80211_BAND_2GHZ:
2144 			tx_power_tlv.band = 1;
2145 			break;
2146 		case NL80211_BAND_6GHZ:
2147 			tx_power_tlv.band = 3;
2148 			break;
2149 		default:
2150 			tx_power_tlv.band = 2;
2151 			break;
2152 		}
2153 
2154 		for (j = 0; j < num_ch; j++, idx++) {
2155 			struct ieee80211_channel chan = {
2156 				.hw_value = ch_list[idx],
2157 				.band = band,
2158 			};
2159 			s8 reg_power, sar_power;
2160 
2161 			reg_power = mt76_connac_get_ch_power(phy, &chan,
2162 							     tx_power);
2163 			sar_power = mt76_get_sar_power(phy, &chan, reg_power);
2164 
2165 			mt76_get_rate_power_limits(phy, &chan, limits,
2166 						   sar_power);
2167 
2168 			tx_power_tlv.last_msg = ch_list[idx] == last_ch;
2169 			sku_tlbv.channel = ch_list[idx];
2170 
2171 			mt76_connac_mcu_build_sku(dev, sku_tlbv.pwr_limit,
2172 						  limits, band);
2173 			skb_put_data(skb, &sku_tlbv, sku_len);
2174 		}
2175 		__skb_push(skb, sizeof(tx_power_tlv));
2176 		memcpy(skb->data, &tx_power_tlv, sizeof(tx_power_tlv));
2177 
2178 		err = mt76_mcu_skb_send_msg(dev, skb,
2179 					    MCU_CE_CMD(SET_RATE_TX_POWER),
2180 					    false);
2181 		if (err < 0)
2182 			goto out;
2183 	}
2184 
2185 out:
2186 	devm_kfree(dev->dev, limits);
2187 	return err;
2188 }
2189 
2190 int mt76_connac_mcu_set_rate_txpower(struct mt76_phy *phy)
2191 {
2192 	int err;
2193 
2194 	if (phy->cap.has_2ghz) {
2195 		err = mt76_connac_mcu_rate_txpower_band(phy,
2196 							NL80211_BAND_2GHZ);
2197 		if (err < 0)
2198 			return err;
2199 	}
2200 	if (phy->cap.has_5ghz) {
2201 		err = mt76_connac_mcu_rate_txpower_band(phy,
2202 							NL80211_BAND_5GHZ);
2203 		if (err < 0)
2204 			return err;
2205 	}
2206 	if (phy->cap.has_6ghz) {
2207 		err = mt76_connac_mcu_rate_txpower_band(phy,
2208 							NL80211_BAND_6GHZ);
2209 		if (err < 0)
2210 			return err;
2211 	}
2212 
2213 	return 0;
2214 }
2215 EXPORT_SYMBOL_GPL(mt76_connac_mcu_set_rate_txpower);
2216 
2217 int mt76_connac_mcu_update_arp_filter(struct mt76_dev *dev,
2218 				      struct mt76_vif_link *vif,
2219 				      struct ieee80211_bss_conf *info)
2220 {
2221 	struct ieee80211_vif *mvif = container_of(info, struct ieee80211_vif,
2222 						  bss_conf);
2223 	struct sk_buff *skb;
2224 	int i, len = min_t(int, mvif->cfg.arp_addr_cnt,
2225 			   IEEE80211_BSS_ARP_ADDR_LIST_LEN);
2226 	struct {
2227 		struct {
2228 			u8 bss_idx;
2229 			u8 pad[3];
2230 		} __packed hdr;
2231 		struct mt76_connac_arpns_tlv arp;
2232 	} req_hdr = {
2233 		.hdr = {
2234 			.bss_idx = vif->idx,
2235 		},
2236 		.arp = {
2237 			.tag = cpu_to_le16(UNI_OFFLOAD_OFFLOAD_ARP),
2238 			.len = cpu_to_le16(sizeof(struct mt76_connac_arpns_tlv)),
2239 			.ips_num = len,
2240 			.mode = 2,  /* update */
2241 			.option = 1,
2242 		},
2243 	};
2244 
2245 	skb = mt76_mcu_msg_alloc(dev, NULL,
2246 				 sizeof(req_hdr) + len * sizeof(__be32));
2247 	if (!skb)
2248 		return -ENOMEM;
2249 
2250 	skb_put_data(skb, &req_hdr, sizeof(req_hdr));
2251 	for (i = 0; i < len; i++)
2252 		skb_put_data(skb, &mvif->cfg.arp_addr_list[i], sizeof(__be32));
2253 
2254 	return mt76_mcu_skb_send_msg(dev, skb, MCU_UNI_CMD(OFFLOAD), true);
2255 }
2256 EXPORT_SYMBOL_GPL(mt76_connac_mcu_update_arp_filter);
2257 
2258 int mt76_connac_mcu_set_p2p_oppps(struct ieee80211_hw *hw,
2259 				  struct ieee80211_vif *vif)
2260 {
2261 	struct mt76_vif_link *mvif = (struct mt76_vif_link *)vif->drv_priv;
2262 	int ct_window = vif->bss_conf.p2p_noa_attr.oppps_ctwindow;
2263 	struct mt76_phy *phy = hw->priv;
2264 	struct {
2265 		__le32 ct_win;
2266 		u8 bss_idx;
2267 		u8 rsv[3];
2268 	} __packed req = {
2269 		.ct_win = cpu_to_le32(ct_window),
2270 		.bss_idx = mvif->idx,
2271 	};
2272 
2273 	return mt76_mcu_send_msg(phy->dev, MCU_CE_CMD(SET_P2P_OPPPS),
2274 				 &req, sizeof(req), false);
2275 }
2276 EXPORT_SYMBOL_GPL(mt76_connac_mcu_set_p2p_oppps);
2277 
2278 #ifdef CONFIG_PM
2279 
2280 const struct wiphy_wowlan_support mt76_connac_wowlan_support = {
2281 	.flags = WIPHY_WOWLAN_MAGIC_PKT | WIPHY_WOWLAN_DISCONNECT |
2282 		 WIPHY_WOWLAN_SUPPORTS_GTK_REKEY | WIPHY_WOWLAN_NET_DETECT,
2283 	.n_patterns = 1,
2284 	.pattern_min_len = 1,
2285 	.pattern_max_len = MT76_CONNAC_WOW_PATTEN_MAX_LEN,
2286 	.max_nd_match_sets = 10,
2287 };
2288 EXPORT_SYMBOL_GPL(mt76_connac_wowlan_support);
2289 
2290 static void
2291 mt76_connac_mcu_key_iter(struct ieee80211_hw *hw,
2292 			 struct ieee80211_vif *vif,
2293 			 struct ieee80211_sta *sta,
2294 			 struct ieee80211_key_conf *key,
2295 			 void *data)
2296 {
2297 	struct mt76_connac_gtk_rekey_tlv *gtk_tlv = data;
2298 	u32 cipher;
2299 
2300 	if (key->cipher != WLAN_CIPHER_SUITE_AES_CMAC &&
2301 	    key->cipher != WLAN_CIPHER_SUITE_CCMP &&
2302 	    key->cipher != WLAN_CIPHER_SUITE_TKIP)
2303 		return;
2304 
2305 	if (key->cipher == WLAN_CIPHER_SUITE_TKIP)
2306 		cipher = BIT(3);
2307 	else
2308 		cipher = BIT(4);
2309 
2310 	/* we are assuming here to have a single pairwise key */
2311 	if (key->flags & IEEE80211_KEY_FLAG_PAIRWISE) {
2312 		if (key->cipher == WLAN_CIPHER_SUITE_TKIP)
2313 			gtk_tlv->proto = cpu_to_le32(NL80211_WPA_VERSION_1);
2314 		else
2315 			gtk_tlv->proto = cpu_to_le32(NL80211_WPA_VERSION_2);
2316 
2317 		gtk_tlv->pairwise_cipher = cpu_to_le32(cipher);
2318 		gtk_tlv->keyid = key->keyidx;
2319 	} else {
2320 		gtk_tlv->group_cipher = cpu_to_le32(cipher);
2321 	}
2322 }
2323 
2324 int mt76_connac_mcu_update_gtk_rekey(struct ieee80211_hw *hw,
2325 				     struct ieee80211_vif *vif,
2326 				     struct cfg80211_gtk_rekey_data *key)
2327 {
2328 	struct mt76_vif_link *mvif = (struct mt76_vif_link *)vif->drv_priv;
2329 	struct mt76_connac_gtk_rekey_tlv *gtk_tlv;
2330 	struct mt76_phy *phy = hw->priv;
2331 	struct sk_buff *skb;
2332 	struct {
2333 		u8 bss_idx;
2334 		u8 pad[3];
2335 	} __packed hdr = {
2336 		.bss_idx = mvif->idx,
2337 	};
2338 
2339 	skb = mt76_mcu_msg_alloc(phy->dev, NULL,
2340 				 sizeof(hdr) + sizeof(*gtk_tlv));
2341 	if (!skb)
2342 		return -ENOMEM;
2343 
2344 	skb_put_data(skb, &hdr, sizeof(hdr));
2345 	gtk_tlv = (struct mt76_connac_gtk_rekey_tlv *)skb_put_zero(skb,
2346 							 sizeof(*gtk_tlv));
2347 	gtk_tlv->tag = cpu_to_le16(UNI_OFFLOAD_OFFLOAD_GTK_REKEY);
2348 	gtk_tlv->len = cpu_to_le16(sizeof(*gtk_tlv));
2349 	gtk_tlv->rekey_mode = 2;
2350 	gtk_tlv->option = 1;
2351 
2352 	rcu_read_lock();
2353 	ieee80211_iter_keys_rcu(hw, vif, mt76_connac_mcu_key_iter, gtk_tlv);
2354 	rcu_read_unlock();
2355 
2356 	memcpy(gtk_tlv->kek, key->kek, NL80211_KEK_LEN);
2357 	memcpy(gtk_tlv->kck, key->kck, NL80211_KCK_LEN);
2358 	memcpy(gtk_tlv->replay_ctr, key->replay_ctr, NL80211_REPLAY_CTR_LEN);
2359 
2360 	return mt76_mcu_skb_send_msg(phy->dev, skb,
2361 				     MCU_UNI_CMD(OFFLOAD), true);
2362 }
2363 EXPORT_SYMBOL_GPL(mt76_connac_mcu_update_gtk_rekey);
2364 
2365 static int
2366 mt76_connac_mcu_set_arp_filter(struct mt76_dev *dev, struct ieee80211_vif *vif,
2367 			       bool suspend)
2368 {
2369 	struct mt76_vif_link *mvif = (struct mt76_vif_link *)vif->drv_priv;
2370 	struct {
2371 		struct {
2372 			u8 bss_idx;
2373 			u8 pad[3];
2374 		} __packed hdr;
2375 		struct mt76_connac_arpns_tlv arpns;
2376 	} req = {
2377 		.hdr = {
2378 			.bss_idx = mvif->idx,
2379 		},
2380 		.arpns = {
2381 			.tag = cpu_to_le16(UNI_OFFLOAD_OFFLOAD_ARP),
2382 			.len = cpu_to_le16(sizeof(struct mt76_connac_arpns_tlv)),
2383 			.mode = suspend,
2384 		},
2385 	};
2386 
2387 	return mt76_mcu_send_msg(dev, MCU_UNI_CMD(OFFLOAD), &req,
2388 				 sizeof(req), true);
2389 }
2390 
2391 int
2392 mt76_connac_mcu_set_gtk_rekey(struct mt76_dev *dev, struct ieee80211_vif *vif,
2393 			      bool suspend)
2394 {
2395 	struct mt76_vif_link *mvif = (struct mt76_vif_link *)vif->drv_priv;
2396 	struct {
2397 		struct {
2398 			u8 bss_idx;
2399 			u8 pad[3];
2400 		} __packed hdr;
2401 		struct mt76_connac_gtk_rekey_tlv gtk_tlv;
2402 	} __packed req = {
2403 		.hdr = {
2404 			.bss_idx = mvif->idx,
2405 		},
2406 		.gtk_tlv = {
2407 			.tag = cpu_to_le16(UNI_OFFLOAD_OFFLOAD_GTK_REKEY),
2408 			.len = cpu_to_le16(sizeof(struct mt76_connac_gtk_rekey_tlv)),
2409 			.rekey_mode = !suspend,
2410 		},
2411 	};
2412 
2413 	return mt76_mcu_send_msg(dev, MCU_UNI_CMD(OFFLOAD), &req,
2414 				 sizeof(req), true);
2415 }
2416 EXPORT_SYMBOL_GPL(mt76_connac_mcu_set_gtk_rekey);
2417 
2418 int
2419 mt76_connac_mcu_set_suspend_mode(struct mt76_dev *dev,
2420 				 struct ieee80211_vif *vif,
2421 				 bool enable, u8 mdtim,
2422 				 bool wow_suspend)
2423 {
2424 	struct mt76_vif_link *mvif = (struct mt76_vif_link *)vif->drv_priv;
2425 	struct {
2426 		struct {
2427 			u8 bss_idx;
2428 			u8 pad[3];
2429 		} __packed hdr;
2430 		struct mt76_connac_suspend_tlv suspend_tlv;
2431 	} req = {
2432 		.hdr = {
2433 			.bss_idx = mvif->idx,
2434 		},
2435 		.suspend_tlv = {
2436 			.tag = cpu_to_le16(UNI_SUSPEND_MODE_SETTING),
2437 			.len = cpu_to_le16(sizeof(struct mt76_connac_suspend_tlv)),
2438 			.enable = enable,
2439 			.mdtim = mdtim,
2440 			.wow_suspend = wow_suspend,
2441 		},
2442 	};
2443 
2444 	return mt76_mcu_send_msg(dev, MCU_UNI_CMD(SUSPEND), &req,
2445 				 sizeof(req), true);
2446 }
2447 EXPORT_SYMBOL_GPL(mt76_connac_mcu_set_suspend_mode);
2448 
2449 static int
2450 mt76_connac_mcu_set_wow_pattern(struct mt76_dev *dev,
2451 				struct ieee80211_vif *vif,
2452 				u8 index, bool enable,
2453 				struct cfg80211_pkt_pattern *pattern)
2454 {
2455 	struct mt76_vif_link *mvif = (struct mt76_vif_link *)vif->drv_priv;
2456 	struct mt76_connac_wow_pattern_tlv *ptlv;
2457 	struct sk_buff *skb;
2458 	struct req_hdr {
2459 		u8 bss_idx;
2460 		u8 pad[3];
2461 	} __packed hdr = {
2462 		.bss_idx = mvif->idx,
2463 	};
2464 
2465 	skb = mt76_mcu_msg_alloc(dev, NULL, sizeof(hdr) + sizeof(*ptlv));
2466 	if (!skb)
2467 		return -ENOMEM;
2468 
2469 	skb_put_data(skb, &hdr, sizeof(hdr));
2470 	ptlv = (struct mt76_connac_wow_pattern_tlv *)skb_put_zero(skb, sizeof(*ptlv));
2471 	ptlv->tag = cpu_to_le16(UNI_SUSPEND_WOW_PATTERN);
2472 	ptlv->len = cpu_to_le16(sizeof(*ptlv));
2473 	ptlv->data_len = pattern->pattern_len;
2474 	ptlv->enable = enable;
2475 	ptlv->index = index;
2476 
2477 	memcpy(ptlv->pattern, pattern->pattern, pattern->pattern_len);
2478 	memcpy(ptlv->mask, pattern->mask, DIV_ROUND_UP(pattern->pattern_len, 8));
2479 
2480 	return mt76_mcu_skb_send_msg(dev, skb, MCU_UNI_CMD(SUSPEND), true);
2481 }
2482 
2483 int
2484 mt76_connac_mcu_set_wow_ctrl(struct mt76_phy *phy, struct ieee80211_vif *vif,
2485 			     bool suspend, struct cfg80211_wowlan *wowlan)
2486 {
2487 	struct mt76_vif_link *mvif = (struct mt76_vif_link *)vif->drv_priv;
2488 	struct mt76_dev *dev = phy->dev;
2489 	struct {
2490 		struct {
2491 			u8 bss_idx;
2492 			u8 pad[3];
2493 		} __packed hdr;
2494 		struct mt76_connac_wow_ctrl_tlv wow_ctrl_tlv;
2495 		struct mt76_connac_wow_gpio_param_tlv gpio_tlv;
2496 	} req = {
2497 		.hdr = {
2498 			.bss_idx = mvif->idx,
2499 		},
2500 		.wow_ctrl_tlv = {
2501 			.tag = cpu_to_le16(UNI_SUSPEND_WOW_CTRL),
2502 			.len = cpu_to_le16(sizeof(struct mt76_connac_wow_ctrl_tlv)),
2503 			.cmd = suspend ? 1 : 2,
2504 		},
2505 		.gpio_tlv = {
2506 			.tag = cpu_to_le16(UNI_SUSPEND_WOW_GPIO_PARAM),
2507 			.len = cpu_to_le16(sizeof(struct mt76_connac_wow_gpio_param_tlv)),
2508 			.gpio_pin = 0xff, /* follow fw about GPIO pin */
2509 		},
2510 	};
2511 
2512 	if (wowlan->magic_pkt)
2513 		req.wow_ctrl_tlv.trigger |= UNI_WOW_DETECT_TYPE_MAGIC;
2514 	if (wowlan->disconnect)
2515 		req.wow_ctrl_tlv.trigger |= (UNI_WOW_DETECT_TYPE_DISCONNECT |
2516 					     UNI_WOW_DETECT_TYPE_BCN_LOST);
2517 	if (wowlan->nd_config) {
2518 		mt76_connac_mcu_sched_scan_req(phy, vif, wowlan->nd_config);
2519 		req.wow_ctrl_tlv.trigger |= UNI_WOW_DETECT_TYPE_SCH_SCAN_HIT;
2520 		mt76_connac_mcu_sched_scan_enable(phy, vif, suspend);
2521 	}
2522 	if (wowlan->n_patterns)
2523 		req.wow_ctrl_tlv.trigger |= UNI_WOW_DETECT_TYPE_BITMAP;
2524 
2525 	if (mt76_is_mmio(dev))
2526 		req.wow_ctrl_tlv.wakeup_hif = WOW_PCIE;
2527 	else if (mt76_is_usb(dev))
2528 		req.wow_ctrl_tlv.wakeup_hif = WOW_USB;
2529 	else if (mt76_is_sdio(dev))
2530 		req.wow_ctrl_tlv.wakeup_hif = WOW_GPIO;
2531 
2532 	return mt76_mcu_send_msg(dev, MCU_UNI_CMD(SUSPEND), &req,
2533 				 sizeof(req), true);
2534 }
2535 EXPORT_SYMBOL_GPL(mt76_connac_mcu_set_wow_ctrl);
2536 
2537 int mt76_connac_mcu_set_hif_suspend(struct mt76_dev *dev, bool suspend, bool wait_resp)
2538 {
2539 	struct {
2540 		struct {
2541 			u8 hif_type; /* 0x0: HIF_SDIO
2542 				      * 0x1: HIF_USB
2543 				      * 0x2: HIF_PCIE
2544 				      */
2545 			u8 pad[3];
2546 		} __packed hdr;
2547 		struct hif_suspend_tlv {
2548 			__le16 tag;
2549 			__le16 len;
2550 			u8 suspend;
2551 			u8 pad[7];
2552 		} __packed hif_suspend;
2553 	} req = {
2554 		.hif_suspend = {
2555 			.tag = cpu_to_le16(0), /* 0: UNI_HIF_CTRL_BASIC */
2556 			.len = cpu_to_le16(sizeof(struct hif_suspend_tlv)),
2557 			.suspend = suspend,
2558 		},
2559 	};
2560 
2561 	if (mt76_is_mmio(dev))
2562 		req.hdr.hif_type = 2;
2563 	else if (mt76_is_usb(dev))
2564 		req.hdr.hif_type = 1;
2565 	else if (mt76_is_sdio(dev))
2566 		req.hdr.hif_type = 0;
2567 
2568 	return mt76_mcu_send_msg(dev, MCU_UNI_CMD(HIF_CTRL), &req,
2569 				 sizeof(req), wait_resp);
2570 }
2571 EXPORT_SYMBOL_GPL(mt76_connac_mcu_set_hif_suspend);
2572 
2573 void mt76_connac_mcu_set_suspend_iter(void *priv, u8 *mac,
2574 				      struct ieee80211_vif *vif)
2575 {
2576 	struct mt76_phy *phy = priv;
2577 	bool suspend = !test_bit(MT76_STATE_RUNNING, &phy->state);
2578 	struct ieee80211_hw *hw = phy->hw;
2579 	struct cfg80211_wowlan *wowlan = hw->wiphy->wowlan_config;
2580 	int i;
2581 
2582 	mt76_connac_mcu_set_gtk_rekey(phy->dev, vif, suspend);
2583 	mt76_connac_mcu_set_arp_filter(phy->dev, vif, suspend);
2584 
2585 	mt76_connac_mcu_set_suspend_mode(phy->dev, vif, suspend, 1, true);
2586 
2587 	for (i = 0; i < wowlan->n_patterns; i++)
2588 		mt76_connac_mcu_set_wow_pattern(phy->dev, vif, i, suspend,
2589 						&wowlan->patterns[i]);
2590 	mt76_connac_mcu_set_wow_ctrl(phy, vif, suspend, wowlan);
2591 }
2592 EXPORT_SYMBOL_GPL(mt76_connac_mcu_set_suspend_iter);
2593 #endif /* CONFIG_PM */
2594 
2595 u32 mt76_connac_mcu_reg_rr(struct mt76_dev *dev, u32 offset)
2596 {
2597 	struct {
2598 		__le32 addr;
2599 		__le32 val;
2600 	} __packed req = {
2601 		.addr = cpu_to_le32(offset),
2602 	};
2603 
2604 	return mt76_mcu_send_msg(dev, MCU_CE_QUERY(REG_READ), &req,
2605 				 sizeof(req), true);
2606 }
2607 EXPORT_SYMBOL_GPL(mt76_connac_mcu_reg_rr);
2608 
2609 void mt76_connac_mcu_reg_wr(struct mt76_dev *dev, u32 offset, u32 val)
2610 {
2611 	struct {
2612 		__le32 addr;
2613 		__le32 val;
2614 	} __packed req = {
2615 		.addr = cpu_to_le32(offset),
2616 		.val = cpu_to_le32(val),
2617 	};
2618 
2619 	mt76_mcu_send_msg(dev, MCU_CE_CMD(REG_WRITE), &req,
2620 			  sizeof(req), false);
2621 }
2622 EXPORT_SYMBOL_GPL(mt76_connac_mcu_reg_wr);
2623 
2624 static int
2625 mt76_connac_mcu_sta_key_tlv(struct mt76_connac_sta_key_conf *sta_key_conf,
2626 			    struct sk_buff *skb,
2627 			    struct ieee80211_key_conf *key,
2628 			    enum set_key_cmd cmd)
2629 {
2630 	struct sta_rec_sec *sec;
2631 	u32 len = sizeof(*sec);
2632 	struct tlv *tlv;
2633 
2634 	tlv = mt76_connac_mcu_add_tlv(skb, STA_REC_KEY_V2, sizeof(*sec));
2635 	sec = (struct sta_rec_sec *)tlv;
2636 	sec->add = cmd;
2637 
2638 	if (cmd == SET_KEY) {
2639 		struct sec_key *sec_key;
2640 		u8 cipher;
2641 
2642 		cipher = mt76_connac_mcu_get_cipher(key->cipher);
2643 		if (cipher == MCU_CIPHER_NONE)
2644 			return -EOPNOTSUPP;
2645 
2646 		sec_key = &sec->key[0];
2647 		sec_key->cipher_len = sizeof(*sec_key);
2648 
2649 		if (cipher == MCU_CIPHER_BIP_CMAC_128) {
2650 			sec_key->cipher_id = MCU_CIPHER_AES_CCMP;
2651 			sec_key->key_id = sta_key_conf->keyidx;
2652 			sec_key->key_len = 16;
2653 			memcpy(sec_key->key, sta_key_conf->key, 16);
2654 
2655 			sec_key = &sec->key[1];
2656 			sec_key->cipher_id = MCU_CIPHER_BIP_CMAC_128;
2657 			sec_key->cipher_len = sizeof(*sec_key);
2658 			sec_key->key_len = 16;
2659 			memcpy(sec_key->key, key->key, 16);
2660 			sec->n_cipher = 2;
2661 		} else {
2662 			sec_key->cipher_id = cipher;
2663 			sec_key->key_id = key->keyidx;
2664 			sec_key->key_len = key->keylen;
2665 			memcpy(sec_key->key, key->key, key->keylen);
2666 
2667 			if (cipher == MCU_CIPHER_TKIP) {
2668 				/* Rx/Tx MIC keys are swapped */
2669 				memcpy(sec_key->key + 16, key->key + 24, 8);
2670 				memcpy(sec_key->key + 24, key->key + 16, 8);
2671 			}
2672 
2673 			/* store key_conf for BIP batch update */
2674 			if (cipher == MCU_CIPHER_AES_CCMP) {
2675 				memcpy(sta_key_conf->key, key->key, key->keylen);
2676 				sta_key_conf->keyidx = key->keyidx;
2677 			}
2678 
2679 			len -= sizeof(*sec_key);
2680 			sec->n_cipher = 1;
2681 		}
2682 	} else {
2683 		len -= sizeof(sec->key);
2684 		sec->n_cipher = 0;
2685 	}
2686 	sec->len = cpu_to_le16(len);
2687 
2688 	return 0;
2689 }
2690 
2691 int mt76_connac_mcu_add_key(struct mt76_dev *dev, struct ieee80211_vif *vif,
2692 			    struct mt76_connac_sta_key_conf *sta_key_conf,
2693 			    struct ieee80211_key_conf *key, int mcu_cmd,
2694 			    struct mt76_wcid *wcid, enum set_key_cmd cmd)
2695 {
2696 	struct mt76_vif_link *mvif = (struct mt76_vif_link *)vif->drv_priv;
2697 	struct sk_buff *skb;
2698 	int ret;
2699 
2700 	skb = mt76_connac_mcu_alloc_sta_req(dev, mvif, wcid);
2701 	if (IS_ERR(skb))
2702 		return PTR_ERR(skb);
2703 
2704 	ret = mt76_connac_mcu_sta_key_tlv(sta_key_conf, skb, key, cmd);
2705 	if (ret)
2706 		return ret;
2707 
2708 	ret = mt76_connac_mcu_sta_wed_update(dev, skb);
2709 	if (ret)
2710 		return ret;
2711 
2712 	return mt76_mcu_skb_send_msg(dev, skb, mcu_cmd, true);
2713 }
2714 EXPORT_SYMBOL_GPL(mt76_connac_mcu_add_key);
2715 
2716 /* SIFS 20us + 512 byte beacon transmitted by 1Mbps (3906us) */
2717 #define BCN_TX_ESTIMATE_TIME (4096 + 20)
2718 void mt76_connac_mcu_bss_ext_tlv(struct sk_buff *skb, struct mt76_vif_link *mvif)
2719 {
2720 	struct bss_info_ext_bss *ext;
2721 	int ext_bss_idx, tsf_offset;
2722 	struct tlv *tlv;
2723 
2724 	ext_bss_idx = mvif->omac_idx - EXT_BSSID_START;
2725 	if (ext_bss_idx < 0)
2726 		return;
2727 
2728 	tlv = mt76_connac_mcu_add_tlv(skb, BSS_INFO_EXT_BSS, sizeof(*ext));
2729 
2730 	ext = (struct bss_info_ext_bss *)tlv;
2731 	tsf_offset = ext_bss_idx * BCN_TX_ESTIMATE_TIME;
2732 	ext->mbss_tsf_offset = cpu_to_le32(tsf_offset);
2733 }
2734 EXPORT_SYMBOL_GPL(mt76_connac_mcu_bss_ext_tlv);
2735 
2736 int mt76_connac_mcu_bss_basic_tlv(struct sk_buff *skb,
2737 				  struct ieee80211_vif *vif,
2738 				  struct ieee80211_sta *sta,
2739 				  struct mt76_phy *phy, u16 wlan_idx,
2740 				  bool enable)
2741 {
2742 	struct mt76_vif_link *mvif = (struct mt76_vif_link *)vif->drv_priv;
2743 	u32 type = vif->p2p ? NETWORK_P2P : NETWORK_INFRA;
2744 	struct bss_info_basic *bss;
2745 	struct tlv *tlv;
2746 
2747 	tlv = mt76_connac_mcu_add_tlv(skb, BSS_INFO_BASIC, sizeof(*bss));
2748 	bss = (struct bss_info_basic *)tlv;
2749 
2750 	switch (vif->type) {
2751 	case NL80211_IFTYPE_MESH_POINT:
2752 	case NL80211_IFTYPE_MONITOR:
2753 		break;
2754 	case NL80211_IFTYPE_AP:
2755 		if (ieee80211_hw_check(phy->hw, SUPPORTS_MULTI_BSSID)) {
2756 			u8 bssid_id = vif->bss_conf.bssid_indicator;
2757 			struct wiphy *wiphy = phy->hw->wiphy;
2758 
2759 			if (bssid_id > ilog2(wiphy->mbssid_max_interfaces))
2760 				return -EINVAL;
2761 
2762 			bss->non_tx_bssid = vif->bss_conf.bssid_index;
2763 			bss->max_bssid = bssid_id;
2764 		}
2765 		break;
2766 	case NL80211_IFTYPE_STATION:
2767 		if (enable) {
2768 			rcu_read_lock();
2769 			if (!sta)
2770 				sta = ieee80211_find_sta(vif,
2771 							 vif->bss_conf.bssid);
2772 			/* TODO: enable BSS_INFO_UAPSD & BSS_INFO_PM */
2773 			if (sta) {
2774 				struct mt76_wcid *wcid;
2775 
2776 				wcid = (struct mt76_wcid *)sta->drv_priv;
2777 				wlan_idx = wcid->idx;
2778 			}
2779 			rcu_read_unlock();
2780 		}
2781 		break;
2782 	case NL80211_IFTYPE_ADHOC:
2783 		type = NETWORK_IBSS;
2784 		break;
2785 	default:
2786 		WARN_ON(1);
2787 		break;
2788 	}
2789 
2790 	bss->network_type = cpu_to_le32(type);
2791 	bss->bmc_wcid_lo = to_wcid_lo(wlan_idx);
2792 	bss->bmc_wcid_hi = to_wcid_hi(wlan_idx);
2793 	bss->wmm_idx = mvif->wmm_idx;
2794 	bss->active = enable;
2795 	bss->cipher = mvif->cipher;
2796 
2797 	if (vif->type != NL80211_IFTYPE_MONITOR) {
2798 		struct cfg80211_chan_def *chandef = &phy->chandef;
2799 
2800 		memcpy(bss->bssid, vif->bss_conf.bssid, ETH_ALEN);
2801 		bss->bcn_interval = cpu_to_le16(vif->bss_conf.beacon_int);
2802 		bss->dtim_period = vif->bss_conf.dtim_period;
2803 		bss->phy_mode = mt76_connac_get_phy_mode(phy, vif,
2804 							 chandef->chan->band, NULL);
2805 	} else {
2806 		memcpy(bss->bssid, phy->macaddr, ETH_ALEN);
2807 	}
2808 
2809 	return 0;
2810 }
2811 EXPORT_SYMBOL_GPL(mt76_connac_mcu_bss_basic_tlv);
2812 
2813 #define ENTER_PM_STATE		1
2814 #define EXIT_PM_STATE		2
2815 int mt76_connac_mcu_set_pm(struct mt76_dev *dev, int band, int enter)
2816 {
2817 	struct {
2818 		u8 pm_number;
2819 		u8 pm_state;
2820 		u8 bssid[ETH_ALEN];
2821 		u8 dtim_period;
2822 		u8 wlan_idx_lo;
2823 		__le16 bcn_interval;
2824 		__le32 aid;
2825 		__le32 rx_filter;
2826 		u8 band_idx;
2827 		u8 wlan_idx_hi;
2828 		u8 rsv[2];
2829 		__le32 feature;
2830 		u8 omac_idx;
2831 		u8 wmm_idx;
2832 		u8 bcn_loss_cnt;
2833 		u8 bcn_sp_duration;
2834 	} __packed req = {
2835 		.pm_number = 5,
2836 		.pm_state = enter ? ENTER_PM_STATE : EXIT_PM_STATE,
2837 		.band_idx = band,
2838 	};
2839 
2840 	return mt76_mcu_send_msg(dev, MCU_EXT_CMD(PM_STATE_CTRL), &req,
2841 				 sizeof(req), true);
2842 }
2843 EXPORT_SYMBOL_GPL(mt76_connac_mcu_set_pm);
2844 
2845 int mt76_connac_mcu_restart(struct mt76_dev *dev)
2846 {
2847 	struct {
2848 		u8 power_mode;
2849 		u8 rsv[3];
2850 	} req = {
2851 		.power_mode = 1,
2852 	};
2853 
2854 	return mt76_mcu_send_msg(dev, MCU_CMD(NIC_POWER_CTRL), &req,
2855 				 sizeof(req), false);
2856 }
2857 EXPORT_SYMBOL_GPL(mt76_connac_mcu_restart);
2858 
2859 int mt76_connac_mcu_del_wtbl_all(struct mt76_dev *dev)
2860 {
2861 	struct wtbl_req_hdr req = {
2862 		.operation = WTBL_RESET_ALL,
2863 	};
2864 
2865 	return mt76_mcu_send_msg(dev, MCU_EXT_CMD(WTBL_UPDATE),
2866 				 &req, sizeof(req), true);
2867 }
2868 EXPORT_SYMBOL_GPL(mt76_connac_mcu_del_wtbl_all);
2869 
2870 int mt76_connac_mcu_rdd_cmd(struct mt76_dev *dev, int cmd, u8 index,
2871 			    u8 rx_sel, u8 val)
2872 {
2873 	struct {
2874 		u8 ctrl;
2875 		u8 rdd_idx;
2876 		u8 rdd_rx_sel;
2877 		u8 val;
2878 		u8 rsv[4];
2879 	} __packed req = {
2880 		.ctrl = cmd,
2881 		.rdd_idx = index,
2882 		.rdd_rx_sel = rx_sel,
2883 		.val = val,
2884 	};
2885 
2886 	return mt76_mcu_send_msg(dev, MCU_EXT_CMD(SET_RDD_CTRL), &req,
2887 				 sizeof(req), true);
2888 }
2889 EXPORT_SYMBOL_GPL(mt76_connac_mcu_rdd_cmd);
2890 
2891 static int
2892 mt76_connac_mcu_send_ram_firmware(struct mt76_dev *dev,
2893 				  const struct mt76_connac2_fw_trailer *hdr,
2894 				  const u8 *data, bool is_wa)
2895 {
2896 	int i, offset = 0, max_len = mt76_is_sdio(dev) ? 2048 : 4096;
2897 	u32 override = 0, option = 0;
2898 
2899 	for (i = 0; i < hdr->n_region; i++) {
2900 		const struct mt76_connac2_fw_region *region;
2901 		u32 len, addr, mode;
2902 		int err;
2903 
2904 		region = (const void *)((const u8 *)hdr -
2905 					(hdr->n_region - i) * sizeof(*region));
2906 		mode = mt76_connac_mcu_gen_dl_mode(dev, region->feature_set,
2907 						   is_wa);
2908 		len = le32_to_cpu(region->len);
2909 		addr = le32_to_cpu(region->addr);
2910 
2911 		if (region->feature_set & FW_FEATURE_NON_DL)
2912 			goto next;
2913 
2914 		if (region->feature_set & FW_FEATURE_OVERRIDE_ADDR)
2915 			override = addr;
2916 
2917 		err = mt76_connac_mcu_init_download(dev, addr, len, mode);
2918 		if (err) {
2919 			dev_err(dev->dev, "Download request failed\n");
2920 			return err;
2921 		}
2922 
2923 		err = __mt76_mcu_send_firmware(dev, MCU_CMD(FW_SCATTER),
2924 					       data + offset, len, max_len);
2925 		if (err) {
2926 			dev_err(dev->dev, "Failed to send firmware.\n");
2927 			return err;
2928 		}
2929 
2930 next:
2931 		offset += len;
2932 	}
2933 
2934 	if (override)
2935 		option |= FW_START_OVERRIDE;
2936 	if (is_wa)
2937 		option |= FW_START_WORKING_PDA_CR4;
2938 
2939 	return mt76_connac_mcu_start_firmware(dev, override, option);
2940 }
2941 
2942 int mt76_connac2_load_ram(struct mt76_dev *dev, const char *fw_wm,
2943 			  const char *fw_wa)
2944 {
2945 	const struct mt76_connac2_fw_trailer *hdr;
2946 	const struct firmware *fw;
2947 	int ret;
2948 
2949 	ret = request_firmware(&fw, fw_wm, dev->dev);
2950 	if (ret)
2951 		return ret;
2952 
2953 	if (!fw || !fw->data || fw->size < sizeof(*hdr)) {
2954 		dev_err(dev->dev, "Invalid firmware\n");
2955 		ret = -EINVAL;
2956 		goto out;
2957 	}
2958 
2959 	hdr = (const void *)(fw->data + fw->size - sizeof(*hdr));
2960 	dev_info(dev->dev, "WM Firmware Version: %.10s, Build Time: %.15s\n",
2961 		 hdr->fw_ver, hdr->build_date);
2962 
2963 	ret = mt76_connac_mcu_send_ram_firmware(dev, hdr, fw->data, false);
2964 	if (ret) {
2965 		dev_err(dev->dev, "Failed to start WM firmware\n");
2966 		goto out;
2967 	}
2968 
2969 	snprintf(dev->hw->wiphy->fw_version,
2970 		 sizeof(dev->hw->wiphy->fw_version),
2971 		 "%.10s-%.15s", hdr->fw_ver, hdr->build_date);
2972 
2973 	release_firmware(fw);
2974 
2975 	if (!fw_wa)
2976 		return 0;
2977 
2978 	ret = request_firmware(&fw, fw_wa, dev->dev);
2979 	if (ret)
2980 		return ret;
2981 
2982 	if (!fw || !fw->data || fw->size < sizeof(*hdr)) {
2983 		dev_err(dev->dev, "Invalid firmware\n");
2984 		ret = -EINVAL;
2985 		goto out;
2986 	}
2987 
2988 	hdr = (const void *)(fw->data + fw->size - sizeof(*hdr));
2989 	dev_info(dev->dev, "WA Firmware Version: %.10s, Build Time: %.15s\n",
2990 		 hdr->fw_ver, hdr->build_date);
2991 
2992 	ret = mt76_connac_mcu_send_ram_firmware(dev, hdr, fw->data, true);
2993 	if (ret) {
2994 		dev_err(dev->dev, "Failed to start WA firmware\n");
2995 		goto out;
2996 	}
2997 
2998 	snprintf(dev->hw->wiphy->fw_version,
2999 		 sizeof(dev->hw->wiphy->fw_version),
3000 		 "%.10s-%.15s", hdr->fw_ver, hdr->build_date);
3001 
3002 out:
3003 	release_firmware(fw);
3004 
3005 	return ret;
3006 }
3007 EXPORT_SYMBOL_GPL(mt76_connac2_load_ram);
3008 
3009 static u32 mt76_connac2_get_data_mode(struct mt76_dev *dev, u32 info)
3010 {
3011 	u32 mode = DL_MODE_NEED_RSP;
3012 
3013 	if ((!is_mt7921(dev) && !is_mt7925(dev)) || info == PATCH_SEC_NOT_SUPPORT)
3014 		return mode;
3015 
3016 	switch (FIELD_GET(PATCH_SEC_ENC_TYPE_MASK, info)) {
3017 	case PATCH_SEC_ENC_TYPE_PLAIN:
3018 		break;
3019 	case PATCH_SEC_ENC_TYPE_AES:
3020 		mode |= DL_MODE_ENCRYPT;
3021 		mode |= FIELD_PREP(DL_MODE_KEY_IDX,
3022 				(info & PATCH_SEC_ENC_AES_KEY_MASK)) & DL_MODE_KEY_IDX;
3023 		mode |= DL_MODE_RESET_SEC_IV;
3024 		break;
3025 	case PATCH_SEC_ENC_TYPE_SCRAMBLE:
3026 		mode |= DL_MODE_ENCRYPT;
3027 		mode |= DL_CONFIG_ENCRY_MODE_SEL;
3028 		mode |= DL_MODE_RESET_SEC_IV;
3029 		break;
3030 	default:
3031 		dev_err(dev->dev, "Encryption type not support!\n");
3032 	}
3033 
3034 	return mode;
3035 }
3036 
3037 int mt76_connac2_load_patch(struct mt76_dev *dev, const char *fw_name)
3038 {
3039 	int i, ret, sem, max_len = mt76_is_sdio(dev) ? 2048 : 4096;
3040 	const struct mt76_connac2_patch_hdr *hdr;
3041 	const struct firmware *fw = NULL;
3042 
3043 	sem = mt76_connac_mcu_patch_sem_ctrl(dev, true);
3044 	switch (sem) {
3045 	case PATCH_IS_DL:
3046 		return 0;
3047 	case PATCH_NOT_DL_SEM_SUCCESS:
3048 		break;
3049 	default:
3050 		dev_err(dev->dev, "Failed to get patch semaphore\n");
3051 		return -EAGAIN;
3052 	}
3053 
3054 	ret = request_firmware(&fw, fw_name, dev->dev);
3055 	if (ret)
3056 		goto out;
3057 
3058 	if (!fw || !fw->data || fw->size < sizeof(*hdr)) {
3059 		dev_err(dev->dev, "Invalid firmware\n");
3060 		ret = -EINVAL;
3061 		goto out;
3062 	}
3063 
3064 	hdr = (const void *)fw->data;
3065 	dev_info(dev->dev, "HW/SW Version: 0x%x, Build Time: %.16s\n",
3066 		 be32_to_cpu(hdr->hw_sw_ver), hdr->build_date);
3067 
3068 	for (i = 0; i < be32_to_cpu(hdr->desc.n_region); i++) {
3069 		struct mt76_connac2_patch_sec *sec;
3070 		u32 len, addr, mode;
3071 		const u8 *dl;
3072 		u32 sec_info;
3073 
3074 		sec = (void *)(fw->data + sizeof(*hdr) + i * sizeof(*sec));
3075 		if ((be32_to_cpu(sec->type) & PATCH_SEC_TYPE_MASK) !=
3076 		    PATCH_SEC_TYPE_INFO) {
3077 			ret = -EINVAL;
3078 			goto out;
3079 		}
3080 
3081 		addr = be32_to_cpu(sec->info.addr);
3082 		len = be32_to_cpu(sec->info.len);
3083 		dl = fw->data + be32_to_cpu(sec->offs);
3084 		sec_info = be32_to_cpu(sec->info.sec_key_idx);
3085 		mode = mt76_connac2_get_data_mode(dev, sec_info);
3086 
3087 		ret = mt76_connac_mcu_init_download(dev, addr, len, mode);
3088 		if (ret) {
3089 			dev_err(dev->dev, "Download request failed\n");
3090 			goto out;
3091 		}
3092 
3093 		ret = __mt76_mcu_send_firmware(dev, MCU_CMD(FW_SCATTER),
3094 					       dl, len, max_len);
3095 		if (ret) {
3096 			dev_err(dev->dev, "Failed to send patch\n");
3097 			goto out;
3098 		}
3099 	}
3100 
3101 	ret = mt76_connac_mcu_start_patch(dev);
3102 	if (ret)
3103 		dev_err(dev->dev, "Failed to start patch\n");
3104 
3105 out:
3106 	sem = mt76_connac_mcu_patch_sem_ctrl(dev, false);
3107 	switch (sem) {
3108 	case PATCH_REL_SEM_SUCCESS:
3109 		break;
3110 	default:
3111 		ret = -EAGAIN;
3112 		dev_err(dev->dev, "Failed to release patch semaphore\n");
3113 		break;
3114 	}
3115 
3116 	release_firmware(fw);
3117 
3118 	return ret;
3119 }
3120 EXPORT_SYMBOL_GPL(mt76_connac2_load_patch);
3121 
3122 int mt76_connac2_mcu_fill_message(struct mt76_dev *dev, struct sk_buff *skb,
3123 				  int cmd, int *wait_seq)
3124 {
3125 	int txd_len, mcu_cmd = FIELD_GET(__MCU_CMD_FIELD_ID, cmd);
3126 	struct mt76_connac2_mcu_uni_txd *uni_txd;
3127 	struct mt76_connac2_mcu_txd *mcu_txd;
3128 	__le32 *txd;
3129 	u32 val;
3130 	u8 seq;
3131 
3132 	/* TODO: make dynamic based on msg type */
3133 	dev->mcu.timeout = 20 * HZ;
3134 
3135 	seq = ++dev->mcu.msg_seq & 0xf;
3136 	if (!seq)
3137 		seq = ++dev->mcu.msg_seq & 0xf;
3138 
3139 	if (cmd == MCU_CMD(FW_SCATTER))
3140 		goto exit;
3141 
3142 	txd_len = cmd & __MCU_CMD_FIELD_UNI ? sizeof(*uni_txd) : sizeof(*mcu_txd);
3143 	txd = (__le32 *)skb_push(skb, txd_len);
3144 
3145 	val = FIELD_PREP(MT_TXD0_TX_BYTES, skb->len) |
3146 	      FIELD_PREP(MT_TXD0_PKT_FMT, MT_TX_TYPE_CMD) |
3147 	      FIELD_PREP(MT_TXD0_Q_IDX, MT_TX_MCU_PORT_RX_Q0);
3148 	txd[0] = cpu_to_le32(val);
3149 
3150 	val = MT_TXD1_LONG_FORMAT |
3151 	      FIELD_PREP(MT_TXD1_HDR_FORMAT, MT_HDR_FORMAT_CMD);
3152 	txd[1] = cpu_to_le32(val);
3153 
3154 	if (cmd & __MCU_CMD_FIELD_UNI) {
3155 		uni_txd = (struct mt76_connac2_mcu_uni_txd *)txd;
3156 		uni_txd->len = cpu_to_le16(skb->len - sizeof(uni_txd->txd));
3157 		uni_txd->option = MCU_CMD_UNI_EXT_ACK;
3158 		uni_txd->cid = cpu_to_le16(mcu_cmd);
3159 		uni_txd->s2d_index = MCU_S2D_H2N;
3160 		uni_txd->pkt_type = MCU_PKT_ID;
3161 		uni_txd->seq = seq;
3162 
3163 		goto exit;
3164 	}
3165 
3166 	mcu_txd = (struct mt76_connac2_mcu_txd *)txd;
3167 	mcu_txd->len = cpu_to_le16(skb->len - sizeof(mcu_txd->txd));
3168 	mcu_txd->pq_id = cpu_to_le16(MCU_PQ_ID(MT_TX_PORT_IDX_MCU,
3169 					       MT_TX_MCU_PORT_RX_Q0));
3170 	mcu_txd->pkt_type = MCU_PKT_ID;
3171 	mcu_txd->seq = seq;
3172 	mcu_txd->cid = mcu_cmd;
3173 	mcu_txd->ext_cid = FIELD_GET(__MCU_CMD_FIELD_EXT_ID, cmd);
3174 
3175 	if (mcu_txd->ext_cid || (cmd & __MCU_CMD_FIELD_CE)) {
3176 		if (cmd & __MCU_CMD_FIELD_QUERY)
3177 			mcu_txd->set_query = MCU_Q_QUERY;
3178 		else
3179 			mcu_txd->set_query = MCU_Q_SET;
3180 		mcu_txd->ext_cid_ack = !!mcu_txd->ext_cid;
3181 	} else {
3182 		mcu_txd->set_query = MCU_Q_NA;
3183 	}
3184 
3185 	if (cmd & __MCU_CMD_FIELD_WA)
3186 		mcu_txd->s2d_index = MCU_S2D_H2C;
3187 	else
3188 		mcu_txd->s2d_index = MCU_S2D_H2N;
3189 
3190 exit:
3191 	if (wait_seq)
3192 		*wait_seq = seq;
3193 
3194 	return 0;
3195 }
3196 EXPORT_SYMBOL_GPL(mt76_connac2_mcu_fill_message);
3197 
3198 MODULE_AUTHOR("Lorenzo Bianconi <lorenzo@kernel.org>");
3199 MODULE_DESCRIPTION("MediaTek MT76x connac layer helpers");
3200 MODULE_LICENSE("Dual BSD/GPL");
3201