xref: /linux/drivers/net/wireless/realtek/rtw89/core.c (revision 06b9cce42634a50f2840777a66553b02320db5ef) 
1 // SPDX-License-Identifier: GPL-2.0 OR BSD-3-Clause
2 /* Copyright(c) 2019-2020  Realtek Corporation
3  */
4 #include <linux/ip.h>
5 #include <linux/udp.h>
6 
7 #include "cam.h"
8 #include "coex.h"
9 #include "core.h"
10 #include "efuse.h"
11 #include "fw.h"
12 #include "mac.h"
13 #include "phy.h"
14 #include "ps.h"
15 #include "reg.h"
16 #include "sar.h"
17 #include "ser.h"
18 #include "txrx.h"
19 #include "util.h"
20 
21 static bool rtw89_disable_ps_mode;
22 module_param_named(disable_ps_mode, rtw89_disable_ps_mode, bool, 0644);
23 MODULE_PARM_DESC(disable_ps_mode, "Set Y to disable low power mode");
24 
25 #define RTW89_DEF_CHAN(_freq, _hw_val, _flags, _band)	\
26 	{ .center_freq = _freq, .hw_value = _hw_val, .flags = _flags, .band = _band, }
27 #define RTW89_DEF_CHAN_2G(_freq, _hw_val)	\
28 	RTW89_DEF_CHAN(_freq, _hw_val, 0, NL80211_BAND_2GHZ)
29 #define RTW89_DEF_CHAN_5G(_freq, _hw_val)	\
30 	RTW89_DEF_CHAN(_freq, _hw_val, 0, NL80211_BAND_5GHZ)
31 #define RTW89_DEF_CHAN_5G_NO_HT40MINUS(_freq, _hw_val)	\
32 	RTW89_DEF_CHAN(_freq, _hw_val, IEEE80211_CHAN_NO_HT40MINUS, NL80211_BAND_5GHZ)
33 #define RTW89_DEF_CHAN_6G(_freq, _hw_val)	\
34 	RTW89_DEF_CHAN(_freq, _hw_val, 0, NL80211_BAND_6GHZ)
35 
36 static struct ieee80211_channel rtw89_channels_2ghz[] = {
37 	RTW89_DEF_CHAN_2G(2412, 1),
38 	RTW89_DEF_CHAN_2G(2417, 2),
39 	RTW89_DEF_CHAN_2G(2422, 3),
40 	RTW89_DEF_CHAN_2G(2427, 4),
41 	RTW89_DEF_CHAN_2G(2432, 5),
42 	RTW89_DEF_CHAN_2G(2437, 6),
43 	RTW89_DEF_CHAN_2G(2442, 7),
44 	RTW89_DEF_CHAN_2G(2447, 8),
45 	RTW89_DEF_CHAN_2G(2452, 9),
46 	RTW89_DEF_CHAN_2G(2457, 10),
47 	RTW89_DEF_CHAN_2G(2462, 11),
48 	RTW89_DEF_CHAN_2G(2467, 12),
49 	RTW89_DEF_CHAN_2G(2472, 13),
50 	RTW89_DEF_CHAN_2G(2484, 14),
51 };
52 
53 static struct ieee80211_channel rtw89_channels_5ghz[] = {
54 	RTW89_DEF_CHAN_5G(5180, 36),
55 	RTW89_DEF_CHAN_5G(5200, 40),
56 	RTW89_DEF_CHAN_5G(5220, 44),
57 	RTW89_DEF_CHAN_5G(5240, 48),
58 	RTW89_DEF_CHAN_5G(5260, 52),
59 	RTW89_DEF_CHAN_5G(5280, 56),
60 	RTW89_DEF_CHAN_5G(5300, 60),
61 	RTW89_DEF_CHAN_5G(5320, 64),
62 	RTW89_DEF_CHAN_5G(5500, 100),
63 	RTW89_DEF_CHAN_5G(5520, 104),
64 	RTW89_DEF_CHAN_5G(5540, 108),
65 	RTW89_DEF_CHAN_5G(5560, 112),
66 	RTW89_DEF_CHAN_5G(5580, 116),
67 	RTW89_DEF_CHAN_5G(5600, 120),
68 	RTW89_DEF_CHAN_5G(5620, 124),
69 	RTW89_DEF_CHAN_5G(5640, 128),
70 	RTW89_DEF_CHAN_5G(5660, 132),
71 	RTW89_DEF_CHAN_5G(5680, 136),
72 	RTW89_DEF_CHAN_5G(5700, 140),
73 	RTW89_DEF_CHAN_5G(5720, 144),
74 	RTW89_DEF_CHAN_5G(5745, 149),
75 	RTW89_DEF_CHAN_5G(5765, 153),
76 	RTW89_DEF_CHAN_5G(5785, 157),
77 	RTW89_DEF_CHAN_5G(5805, 161),
78 	RTW89_DEF_CHAN_5G_NO_HT40MINUS(5825, 165),
79 };
80 
81 static struct ieee80211_channel rtw89_channels_6ghz[] = {
82 	RTW89_DEF_CHAN_6G(5955, 1),
83 	RTW89_DEF_CHAN_6G(5975, 5),
84 	RTW89_DEF_CHAN_6G(5995, 9),
85 	RTW89_DEF_CHAN_6G(6015, 13),
86 	RTW89_DEF_CHAN_6G(6035, 17),
87 	RTW89_DEF_CHAN_6G(6055, 21),
88 	RTW89_DEF_CHAN_6G(6075, 25),
89 	RTW89_DEF_CHAN_6G(6095, 29),
90 	RTW89_DEF_CHAN_6G(6115, 33),
91 	RTW89_DEF_CHAN_6G(6135, 37),
92 	RTW89_DEF_CHAN_6G(6155, 41),
93 	RTW89_DEF_CHAN_6G(6175, 45),
94 	RTW89_DEF_CHAN_6G(6195, 49),
95 	RTW89_DEF_CHAN_6G(6215, 53),
96 	RTW89_DEF_CHAN_6G(6235, 57),
97 	RTW89_DEF_CHAN_6G(6255, 61),
98 	RTW89_DEF_CHAN_6G(6275, 65),
99 	RTW89_DEF_CHAN_6G(6295, 69),
100 	RTW89_DEF_CHAN_6G(6315, 73),
101 	RTW89_DEF_CHAN_6G(6335, 77),
102 	RTW89_DEF_CHAN_6G(6355, 81),
103 	RTW89_DEF_CHAN_6G(6375, 85),
104 	RTW89_DEF_CHAN_6G(6395, 89),
105 	RTW89_DEF_CHAN_6G(6415, 93),
106 	RTW89_DEF_CHAN_6G(6435, 97),
107 	RTW89_DEF_CHAN_6G(6455, 101),
108 	RTW89_DEF_CHAN_6G(6475, 105),
109 	RTW89_DEF_CHAN_6G(6495, 109),
110 	RTW89_DEF_CHAN_6G(6515, 113),
111 	RTW89_DEF_CHAN_6G(6535, 117),
112 	RTW89_DEF_CHAN_6G(6555, 121),
113 	RTW89_DEF_CHAN_6G(6575, 125),
114 	RTW89_DEF_CHAN_6G(6595, 129),
115 	RTW89_DEF_CHAN_6G(6615, 133),
116 	RTW89_DEF_CHAN_6G(6635, 137),
117 	RTW89_DEF_CHAN_6G(6655, 141),
118 	RTW89_DEF_CHAN_6G(6675, 145),
119 	RTW89_DEF_CHAN_6G(6695, 149),
120 	RTW89_DEF_CHAN_6G(6715, 153),
121 	RTW89_DEF_CHAN_6G(6735, 157),
122 	RTW89_DEF_CHAN_6G(6755, 161),
123 	RTW89_DEF_CHAN_6G(6775, 165),
124 	RTW89_DEF_CHAN_6G(6795, 169),
125 	RTW89_DEF_CHAN_6G(6815, 173),
126 	RTW89_DEF_CHAN_6G(6835, 177),
127 	RTW89_DEF_CHAN_6G(6855, 181),
128 	RTW89_DEF_CHAN_6G(6875, 185),
129 	RTW89_DEF_CHAN_6G(6895, 189),
130 	RTW89_DEF_CHAN_6G(6915, 193),
131 	RTW89_DEF_CHAN_6G(6935, 197),
132 	RTW89_DEF_CHAN_6G(6955, 201),
133 	RTW89_DEF_CHAN_6G(6975, 205),
134 	RTW89_DEF_CHAN_6G(6995, 209),
135 	RTW89_DEF_CHAN_6G(7015, 213),
136 	RTW89_DEF_CHAN_6G(7035, 217),
137 	RTW89_DEF_CHAN_6G(7055, 221),
138 	RTW89_DEF_CHAN_6G(7075, 225),
139 	RTW89_DEF_CHAN_6G(7095, 229),
140 	RTW89_DEF_CHAN_6G(7115, 233),
141 };
142 
143 static struct ieee80211_rate rtw89_bitrates[] = {
144 	{ .bitrate = 10,  .hw_value = 0x00, },
145 	{ .bitrate = 20,  .hw_value = 0x01, },
146 	{ .bitrate = 55,  .hw_value = 0x02, },
147 	{ .bitrate = 110, .hw_value = 0x03, },
148 	{ .bitrate = 60,  .hw_value = 0x04, },
149 	{ .bitrate = 90,  .hw_value = 0x05, },
150 	{ .bitrate = 120, .hw_value = 0x06, },
151 	{ .bitrate = 180, .hw_value = 0x07, },
152 	{ .bitrate = 240, .hw_value = 0x08, },
153 	{ .bitrate = 360, .hw_value = 0x09, },
154 	{ .bitrate = 480, .hw_value = 0x0a, },
155 	{ .bitrate = 540, .hw_value = 0x0b, },
156 };
157 
158 u16 rtw89_ra_report_to_bitrate(struct rtw89_dev *rtwdev, u8 rpt_rate)
159 {
160 	struct ieee80211_rate rate;
161 
162 	if (unlikely(rpt_rate >= ARRAY_SIZE(rtw89_bitrates))) {
163 		rtw89_info(rtwdev, "invalid rpt rate %d\n", rpt_rate);
164 		return 0;
165 	}
166 
167 	rate = rtw89_bitrates[rpt_rate];
168 
169 	return rate.bitrate;
170 }
171 
172 static struct ieee80211_supported_band rtw89_sband_2ghz = {
173 	.band		= NL80211_BAND_2GHZ,
174 	.channels	= rtw89_channels_2ghz,
175 	.n_channels	= ARRAY_SIZE(rtw89_channels_2ghz),
176 	.bitrates	= rtw89_bitrates,
177 	.n_bitrates	= ARRAY_SIZE(rtw89_bitrates),
178 	.ht_cap		= {0},
179 	.vht_cap	= {0},
180 };
181 
182 static struct ieee80211_supported_band rtw89_sband_5ghz = {
183 	.band		= NL80211_BAND_5GHZ,
184 	.channels	= rtw89_channels_5ghz,
185 	.n_channels	= ARRAY_SIZE(rtw89_channels_5ghz),
186 
187 	/* 5G has no CCK rates, 1M/2M/5.5M/11M */
188 	.bitrates	= rtw89_bitrates + 4,
189 	.n_bitrates	= ARRAY_SIZE(rtw89_bitrates) - 4,
190 	.ht_cap		= {0},
191 	.vht_cap	= {0},
192 };
193 
194 static struct ieee80211_supported_band rtw89_sband_6ghz = {
195 	.band		= NL80211_BAND_6GHZ,
196 	.channels	= rtw89_channels_6ghz,
197 	.n_channels	= ARRAY_SIZE(rtw89_channels_6ghz),
198 
199 	/* 6G has no CCK rates, 1M/2M/5.5M/11M */
200 	.bitrates	= rtw89_bitrates + 4,
201 	.n_bitrates	= ARRAY_SIZE(rtw89_bitrates) - 4,
202 };
203 
204 static void rtw89_traffic_stats_accu(struct rtw89_dev *rtwdev,
205 				     struct rtw89_traffic_stats *stats,
206 				     struct sk_buff *skb, bool tx)
207 {
208 	struct ieee80211_hdr *hdr = (struct ieee80211_hdr *)skb->data;
209 
210 	if (!ieee80211_is_data(hdr->frame_control))
211 		return;
212 
213 	if (is_broadcast_ether_addr(hdr->addr1) ||
214 	    is_multicast_ether_addr(hdr->addr1))
215 		return;
216 
217 	if (tx) {
218 		stats->tx_cnt++;
219 		stats->tx_unicast += skb->len;
220 	} else {
221 		stats->rx_cnt++;
222 		stats->rx_unicast += skb->len;
223 	}
224 }
225 
226 static void rtw89_get_channel_params(struct cfg80211_chan_def *chandef,
227 				     struct rtw89_channel_params *chan_param)
228 {
229 	struct ieee80211_channel *channel = chandef->chan;
230 	enum nl80211_chan_width width = chandef->width;
231 	u32 primary_freq, center_freq;
232 	u8 center_chan;
233 	u8 bandwidth = RTW89_CHANNEL_WIDTH_20;
234 	u8 primary_chan_idx = 0;
235 	u8 band;
236 	u8 subband;
237 
238 	center_chan = channel->hw_value;
239 	primary_freq = channel->center_freq;
240 	center_freq = chandef->center_freq1;
241 
242 	switch (width) {
243 	case NL80211_CHAN_WIDTH_20_NOHT:
244 	case NL80211_CHAN_WIDTH_20:
245 		bandwidth = RTW89_CHANNEL_WIDTH_20;
246 		primary_chan_idx = RTW89_SC_DONT_CARE;
247 		break;
248 	case NL80211_CHAN_WIDTH_40:
249 		bandwidth = RTW89_CHANNEL_WIDTH_40;
250 		if (primary_freq > center_freq) {
251 			primary_chan_idx = RTW89_SC_20_UPPER;
252 			center_chan -= 2;
253 		} else {
254 			primary_chan_idx = RTW89_SC_20_LOWER;
255 			center_chan += 2;
256 		}
257 		break;
258 	case NL80211_CHAN_WIDTH_80:
259 		bandwidth = RTW89_CHANNEL_WIDTH_80;
260 		if (primary_freq > center_freq) {
261 			if (primary_freq - center_freq == 10) {
262 				primary_chan_idx = RTW89_SC_20_UPPER;
263 				center_chan -= 2;
264 			} else {
265 				primary_chan_idx = RTW89_SC_20_UPMOST;
266 				center_chan -= 6;
267 			}
268 		} else {
269 			if (center_freq - primary_freq == 10) {
270 				primary_chan_idx = RTW89_SC_20_LOWER;
271 				center_chan += 2;
272 			} else {
273 				primary_chan_idx = RTW89_SC_20_LOWEST;
274 				center_chan += 6;
275 			}
276 		}
277 		break;
278 	default:
279 		center_chan = 0;
280 		break;
281 	}
282 
283 	switch (channel->band) {
284 	default:
285 	case NL80211_BAND_2GHZ:
286 		band = RTW89_BAND_2G;
287 		break;
288 	case NL80211_BAND_5GHZ:
289 		band = RTW89_BAND_5G;
290 		break;
291 	case NL80211_BAND_6GHZ:
292 		band = RTW89_BAND_6G;
293 		break;
294 	}
295 
296 	switch (center_chan) {
297 	default:
298 	case 1 ... 14:
299 		subband = RTW89_CH_2G;
300 		break;
301 	case 36 ... 64:
302 		subband = RTW89_CH_5G_BAND_1;
303 		break;
304 	case 100 ... 144:
305 		subband = RTW89_CH_5G_BAND_3;
306 		break;
307 	case 149 ... 177:
308 		subband = RTW89_CH_5G_BAND_4;
309 		break;
310 	}
311 
312 	chan_param->center_chan = center_chan;
313 	chan_param->primary_chan = channel->hw_value;
314 	chan_param->bandwidth = bandwidth;
315 	chan_param->pri_ch_idx = primary_chan_idx;
316 	chan_param->band_type = band;
317 	chan_param->subband_type = subband;
318 }
319 
320 void rtw89_set_channel(struct rtw89_dev *rtwdev)
321 {
322 	struct ieee80211_hw *hw = rtwdev->hw;
323 	const struct rtw89_chip_info *chip = rtwdev->chip;
324 	struct rtw89_hal *hal = &rtwdev->hal;
325 	struct rtw89_channel_params ch_param;
326 	struct rtw89_channel_help_params bak;
327 	u8 center_chan, bandwidth;
328 	bool band_changed;
329 
330 	rtw89_get_channel_params(&hw->conf.chandef, &ch_param);
331 	if (WARN(ch_param.center_chan == 0, "Invalid channel\n"))
332 		return;
333 
334 	center_chan = ch_param.center_chan;
335 	bandwidth = ch_param.bandwidth;
336 	band_changed = hal->current_band_type != ch_param.band_type ||
337 		       hal->current_channel == 0;
338 
339 	hal->current_band_width = bandwidth;
340 	hal->current_channel = center_chan;
341 	hal->prev_primary_channel = hal->current_primary_channel;
342 	hal->current_primary_channel = ch_param.primary_chan;
343 	hal->current_band_type = ch_param.band_type;
344 	hal->current_subband = ch_param.subband_type;
345 
346 	rtw89_chip_set_channel_prepare(rtwdev, &bak);
347 
348 	chip->ops->set_channel(rtwdev, &ch_param);
349 
350 	rtw89_chip_set_txpwr(rtwdev);
351 
352 	rtw89_chip_set_channel_done(rtwdev, &bak);
353 
354 	if (band_changed) {
355 		rtw89_btc_ntfy_switch_band(rtwdev, RTW89_PHY_0, hal->current_band_type);
356 		rtw89_chip_rfk_band_changed(rtwdev);
357 	}
358 }
359 
360 static enum rtw89_core_tx_type
361 rtw89_core_get_tx_type(struct rtw89_dev *rtwdev,
362 		       struct sk_buff *skb)
363 {
364 	struct ieee80211_hdr *hdr = (void *)skb->data;
365 	__le16 fc = hdr->frame_control;
366 
367 	if (ieee80211_is_mgmt(fc) || ieee80211_is_nullfunc(fc))
368 		return RTW89_CORE_TX_TYPE_MGMT;
369 
370 	return RTW89_CORE_TX_TYPE_DATA;
371 }
372 
373 static void
374 rtw89_core_tx_update_ampdu_info(struct rtw89_dev *rtwdev,
375 				struct rtw89_core_tx_request *tx_req, u8 tid)
376 {
377 	struct ieee80211_sta *sta = tx_req->sta;
378 	struct rtw89_tx_desc_info *desc_info = &tx_req->desc_info;
379 	struct rtw89_sta *rtwsta;
380 	u8 ampdu_num;
381 
382 	if (!sta) {
383 		rtw89_warn(rtwdev, "cannot set ampdu info without sta\n");
384 		return;
385 	}
386 
387 	rtwsta = (struct rtw89_sta *)sta->drv_priv;
388 
389 	ampdu_num = (u8)((rtwsta->ampdu_params[tid].agg_num ?
390 			  rtwsta->ampdu_params[tid].agg_num :
391 			  4 << sta->ht_cap.ampdu_factor) - 1);
392 
393 	desc_info->agg_en = true;
394 	desc_info->ampdu_density = sta->ht_cap.ampdu_density;
395 	desc_info->ampdu_num = ampdu_num;
396 }
397 
398 static void
399 rtw89_core_tx_update_sec_key(struct rtw89_dev *rtwdev,
400 			     struct rtw89_core_tx_request *tx_req)
401 {
402 	struct ieee80211_vif *vif = tx_req->vif;
403 	struct ieee80211_sta *sta = tx_req->sta;
404 	struct ieee80211_tx_info *info;
405 	struct ieee80211_key_conf *key;
406 	struct rtw89_vif *rtwvif;
407 	struct rtw89_sta *rtwsta = sta_to_rtwsta_safe(sta);
408 	struct rtw89_addr_cam_entry *addr_cam;
409 	struct rtw89_sec_cam_entry *sec_cam;
410 	struct rtw89_tx_desc_info *desc_info = &tx_req->desc_info;
411 	struct sk_buff *skb = tx_req->skb;
412 	u8 sec_type = RTW89_SEC_KEY_TYPE_NONE;
413 
414 	if (!vif) {
415 		rtw89_warn(rtwdev, "cannot set sec key without vif\n");
416 		return;
417 	}
418 
419 	rtwvif = (struct rtw89_vif *)vif->drv_priv;
420 	addr_cam = rtw89_get_addr_cam_of(rtwvif, rtwsta);
421 
422 	info = IEEE80211_SKB_CB(skb);
423 	key = info->control.hw_key;
424 	sec_cam = addr_cam->sec_entries[key->hw_key_idx];
425 	if (!sec_cam) {
426 		rtw89_warn(rtwdev, "sec cam entry is empty\n");
427 		return;
428 	}
429 
430 	switch (key->cipher) {
431 	case WLAN_CIPHER_SUITE_WEP40:
432 		sec_type = RTW89_SEC_KEY_TYPE_WEP40;
433 		break;
434 	case WLAN_CIPHER_SUITE_WEP104:
435 		sec_type = RTW89_SEC_KEY_TYPE_WEP104;
436 		break;
437 	case WLAN_CIPHER_SUITE_TKIP:
438 		sec_type = RTW89_SEC_KEY_TYPE_TKIP;
439 		break;
440 	case WLAN_CIPHER_SUITE_CCMP:
441 		sec_type = RTW89_SEC_KEY_TYPE_CCMP128;
442 		break;
443 	case WLAN_CIPHER_SUITE_CCMP_256:
444 		sec_type = RTW89_SEC_KEY_TYPE_CCMP256;
445 		break;
446 	case WLAN_CIPHER_SUITE_GCMP:
447 		sec_type = RTW89_SEC_KEY_TYPE_GCMP128;
448 		break;
449 	case WLAN_CIPHER_SUITE_GCMP_256:
450 		sec_type = RTW89_SEC_KEY_TYPE_GCMP256;
451 		break;
452 	default:
453 		rtw89_warn(rtwdev, "key cipher not supported %d\n", key->cipher);
454 		return;
455 	}
456 
457 	desc_info->sec_en = true;
458 	desc_info->sec_type = sec_type;
459 	desc_info->sec_cam_idx = sec_cam->sec_cam_idx;
460 }
461 
462 static u16 rtw89_core_get_mgmt_rate(struct rtw89_dev *rtwdev,
463 				    struct rtw89_core_tx_request *tx_req)
464 {
465 	struct sk_buff *skb = tx_req->skb;
466 	struct ieee80211_tx_info *tx_info = IEEE80211_SKB_CB(skb);
467 	struct ieee80211_vif *vif = tx_info->control.vif;
468 	struct rtw89_hal *hal = &rtwdev->hal;
469 	u16 lowest_rate = hal->current_band_type == RTW89_BAND_2G ?
470 			  RTW89_HW_RATE_CCK1 : RTW89_HW_RATE_OFDM6;
471 
472 	if (!vif || !vif->bss_conf.basic_rates || !tx_req->sta)
473 		return lowest_rate;
474 
475 	return __ffs(vif->bss_conf.basic_rates) + lowest_rate;
476 }
477 
478 static void
479 rtw89_core_tx_update_mgmt_info(struct rtw89_dev *rtwdev,
480 			       struct rtw89_core_tx_request *tx_req)
481 {
482 	struct ieee80211_vif *vif = tx_req->vif;
483 	struct rtw89_vif *rtwvif = (struct rtw89_vif *)vif->drv_priv;
484 	struct rtw89_tx_desc_info *desc_info = &tx_req->desc_info;
485 	u8 qsel, ch_dma;
486 
487 	qsel = desc_info->hiq ? RTW89_TX_QSEL_B0_HI : RTW89_TX_QSEL_B0_MGMT;
488 	ch_dma = rtw89_core_get_ch_dma(rtwdev, qsel);
489 
490 	desc_info->qsel = qsel;
491 	desc_info->ch_dma = ch_dma;
492 	desc_info->port = desc_info->hiq ? rtwvif->port : 0;
493 	desc_info->hw_ssn_sel = RTW89_MGMT_HW_SSN_SEL;
494 	desc_info->hw_seq_mode = RTW89_MGMT_HW_SEQ_MODE;
495 
496 	/* fixed data rate for mgmt frames */
497 	desc_info->en_wd_info = true;
498 	desc_info->use_rate = true;
499 	desc_info->dis_data_fb = true;
500 	desc_info->data_rate = rtw89_core_get_mgmt_rate(rtwdev, tx_req);
501 
502 	rtw89_debug(rtwdev, RTW89_DBG_TXRX,
503 		    "tx mgmt frame with rate 0x%x on channel %d (bw %d)\n",
504 		    desc_info->data_rate, rtwdev->hal.current_channel,
505 		    rtwdev->hal.current_band_width);
506 }
507 
508 static void
509 rtw89_core_tx_update_h2c_info(struct rtw89_dev *rtwdev,
510 			      struct rtw89_core_tx_request *tx_req)
511 {
512 	struct rtw89_tx_desc_info *desc_info = &tx_req->desc_info;
513 
514 	desc_info->is_bmc = false;
515 	desc_info->wd_page = false;
516 	desc_info->ch_dma = RTW89_DMA_H2C;
517 }
518 
519 static void rtw89_core_get_no_ul_ofdma_htc(struct rtw89_dev *rtwdev, __le32 *htc)
520 {
521 	static const u8 rtw89_bandwidth_to_om[] = {
522 		[RTW89_CHANNEL_WIDTH_20] = HTC_OM_CHANNEL_WIDTH_20,
523 		[RTW89_CHANNEL_WIDTH_40] = HTC_OM_CHANNEL_WIDTH_40,
524 		[RTW89_CHANNEL_WIDTH_80] = HTC_OM_CHANNEL_WIDTH_80,
525 		[RTW89_CHANNEL_WIDTH_160] = HTC_OM_CHANNEL_WIDTH_160_OR_80_80,
526 		[RTW89_CHANNEL_WIDTH_80_80] = HTC_OM_CHANNEL_WIDTH_160_OR_80_80,
527 	};
528 	const struct rtw89_chip_info *chip = rtwdev->chip;
529 	struct rtw89_hal *hal = &rtwdev->hal;
530 	u8 om_bandwidth;
531 
532 	if (!chip->dis_2g_40m_ul_ofdma ||
533 	    hal->current_band_type != RTW89_BAND_2G ||
534 	    hal->current_band_width != RTW89_CHANNEL_WIDTH_40)
535 		return;
536 
537 	om_bandwidth = hal->current_band_width < ARRAY_SIZE(rtw89_bandwidth_to_om) ?
538 		       rtw89_bandwidth_to_om[hal->current_band_width] : 0;
539 	*htc = le32_encode_bits(RTW89_HTC_VARIANT_HE, RTW89_HTC_MASK_VARIANT) |
540 	       le32_encode_bits(RTW89_HTC_VARIANT_HE_CID_OM, RTW89_HTC_MASK_CTL_ID) |
541 	       le32_encode_bits(hal->rx_nss - 1, RTW89_HTC_MASK_HTC_OM_RX_NSS) |
542 	       le32_encode_bits(om_bandwidth, RTW89_HTC_MASK_HTC_OM_CH_WIDTH) |
543 	       le32_encode_bits(1, RTW89_HTC_MASK_HTC_OM_UL_MU_DIS) |
544 	       le32_encode_bits(hal->tx_nss - 1, RTW89_HTC_MASK_HTC_OM_TX_NSTS) |
545 	       le32_encode_bits(0, RTW89_HTC_MASK_HTC_OM_ER_SU_DIS) |
546 	       le32_encode_bits(0, RTW89_HTC_MASK_HTC_OM_DL_MU_MIMO_RR) |
547 	       le32_encode_bits(0, RTW89_HTC_MASK_HTC_OM_UL_MU_DATA_DIS);
548 }
549 
550 static bool
551 __rtw89_core_tx_check_he_qos_htc(struct rtw89_dev *rtwdev,
552 				 struct rtw89_core_tx_request *tx_req,
553 				 enum btc_pkt_type pkt_type)
554 {
555 	struct ieee80211_sta *sta = tx_req->sta;
556 	struct sk_buff *skb = tx_req->skb;
557 	struct ieee80211_hdr *hdr = (void *)skb->data;
558 	__le16 fc = hdr->frame_control;
559 
560 	/* AP IOT issue with EAPoL, ARP and DHCP */
561 	if (pkt_type < PACKET_MAX)
562 		return false;
563 
564 	if (!sta || !sta->he_cap.has_he)
565 		return false;
566 
567 	if (!ieee80211_is_data_qos(fc))
568 		return false;
569 
570 	if (skb_headroom(skb) < IEEE80211_HT_CTL_LEN)
571 		return false;
572 
573 	return true;
574 }
575 
576 static void
577 __rtw89_core_tx_adjust_he_qos_htc(struct rtw89_dev *rtwdev,
578 				  struct rtw89_core_tx_request *tx_req)
579 {
580 	struct ieee80211_sta *sta = tx_req->sta;
581 	struct rtw89_sta *rtwsta = (struct rtw89_sta *)sta->drv_priv;
582 	struct sk_buff *skb = tx_req->skb;
583 	struct ieee80211_hdr *hdr = (void *)skb->data;
584 	__le16 fc = hdr->frame_control;
585 	void *data;
586 	__le32 *htc;
587 	u8 *qc;
588 	int hdr_len;
589 
590 	hdr_len = ieee80211_has_a4(fc) ? 32 : 26;
591 	data = skb_push(skb, IEEE80211_HT_CTL_LEN);
592 	memmove(data, data + IEEE80211_HT_CTL_LEN, hdr_len);
593 
594 	hdr = data;
595 	htc = data + hdr_len;
596 	hdr->frame_control |= cpu_to_le16(IEEE80211_FCTL_ORDER);
597 	*htc = rtwsta->htc_template ? rtwsta->htc_template :
598 	       le32_encode_bits(RTW89_HTC_VARIANT_HE, RTW89_HTC_MASK_VARIANT) |
599 	       le32_encode_bits(RTW89_HTC_VARIANT_HE_CID_CAS, RTW89_HTC_MASK_CTL_ID);
600 
601 	qc = data + hdr_len - IEEE80211_QOS_CTL_LEN;
602 	qc[0] |= IEEE80211_QOS_CTL_EOSP;
603 }
604 
605 static void
606 rtw89_core_tx_update_he_qos_htc(struct rtw89_dev *rtwdev,
607 				struct rtw89_core_tx_request *tx_req,
608 				enum btc_pkt_type pkt_type)
609 {
610 	struct rtw89_tx_desc_info *desc_info = &tx_req->desc_info;
611 	struct ieee80211_vif *vif = tx_req->vif;
612 	struct rtw89_vif *rtwvif = (struct rtw89_vif *)vif->drv_priv;
613 
614 	if (!__rtw89_core_tx_check_he_qos_htc(rtwdev, tx_req, pkt_type))
615 		goto desc_bk;
616 
617 	__rtw89_core_tx_adjust_he_qos_htc(rtwdev, tx_req);
618 
619 	desc_info->pkt_size += IEEE80211_HT_CTL_LEN;
620 	desc_info->a_ctrl_bsr = true;
621 
622 desc_bk:
623 	if (!rtwvif || rtwvif->last_a_ctrl == desc_info->a_ctrl_bsr)
624 		return;
625 
626 	rtwvif->last_a_ctrl = desc_info->a_ctrl_bsr;
627 	desc_info->bk = true;
628 }
629 
630 static u8 rtw89_core_tx_get_mac_id(struct rtw89_dev *rtwdev,
631 				   struct rtw89_core_tx_request *tx_req)
632 {
633 	struct ieee80211_vif *vif = tx_req->vif;
634 	struct rtw89_vif *rtwvif = (struct rtw89_vif *)vif->drv_priv;
635 	struct ieee80211_sta *sta = tx_req->sta;
636 	struct rtw89_sta *rtwsta;
637 
638 	if (!sta)
639 		return rtwvif->mac_id;
640 
641 	rtwsta = (struct rtw89_sta *)sta->drv_priv;
642 	return rtwsta->mac_id;
643 }
644 
645 static void
646 rtw89_core_tx_update_data_info(struct rtw89_dev *rtwdev,
647 			       struct rtw89_core_tx_request *tx_req)
648 {
649 	struct ieee80211_vif *vif = tx_req->vif;
650 	struct rtw89_vif *rtwvif = (struct rtw89_vif *)vif->drv_priv;
651 	struct rtw89_phy_rate_pattern *rate_pattern = &rtwvif->rate_pattern;
652 	struct rtw89_hal *hal = &rtwdev->hal;
653 	struct rtw89_tx_desc_info *desc_info = &tx_req->desc_info;
654 	struct sk_buff *skb = tx_req->skb;
655 	u8 tid, tid_indicate;
656 	u8 qsel, ch_dma;
657 
658 	tid = skb->priority & IEEE80211_QOS_CTL_TAG1D_MASK;
659 	tid_indicate = rtw89_core_get_tid_indicate(rtwdev, tid);
660 	qsel = desc_info->hiq ? RTW89_TX_QSEL_B0_HI : rtw89_core_get_qsel(rtwdev, tid);
661 	ch_dma = rtw89_core_get_ch_dma(rtwdev, qsel);
662 
663 	desc_info->ch_dma = ch_dma;
664 	desc_info->tid_indicate = tid_indicate;
665 	desc_info->qsel = qsel;
666 	desc_info->mac_id = rtw89_core_tx_get_mac_id(rtwdev, tx_req);
667 	desc_info->port = desc_info->hiq ? rtwvif->port : 0;
668 
669 	/* enable wd_info for AMPDU */
670 	desc_info->en_wd_info = true;
671 
672 	if (IEEE80211_SKB_CB(skb)->flags & IEEE80211_TX_CTL_AMPDU)
673 		rtw89_core_tx_update_ampdu_info(rtwdev, tx_req, tid);
674 	if (IEEE80211_SKB_CB(skb)->control.hw_key)
675 		rtw89_core_tx_update_sec_key(rtwdev, tx_req);
676 
677 	if (rate_pattern->enable)
678 		desc_info->data_retry_lowest_rate = rate_pattern->rate;
679 	else if (hal->current_band_type == RTW89_BAND_2G)
680 		desc_info->data_retry_lowest_rate = RTW89_HW_RATE_CCK1;
681 	else
682 		desc_info->data_retry_lowest_rate = RTW89_HW_RATE_OFDM6;
683 }
684 
685 static enum btc_pkt_type
686 rtw89_core_tx_btc_spec_pkt_notify(struct rtw89_dev *rtwdev,
687 				  struct rtw89_core_tx_request *tx_req)
688 {
689 	struct sk_buff *skb = tx_req->skb;
690 	struct udphdr *udphdr;
691 
692 	if (IEEE80211_SKB_CB(skb)->control.flags & IEEE80211_TX_CTRL_PORT_CTRL_PROTO) {
693 		ieee80211_queue_work(rtwdev->hw, &rtwdev->btc.eapol_notify_work);
694 		return PACKET_EAPOL;
695 	}
696 
697 	if (skb->protocol == htons(ETH_P_ARP)) {
698 		ieee80211_queue_work(rtwdev->hw, &rtwdev->btc.arp_notify_work);
699 		return PACKET_ARP;
700 	}
701 
702 	if (skb->protocol == htons(ETH_P_IP) &&
703 	    ip_hdr(skb)->protocol == IPPROTO_UDP) {
704 		udphdr = udp_hdr(skb);
705 		if (((udphdr->source == htons(67) && udphdr->dest == htons(68)) ||
706 		     (udphdr->source == htons(68) && udphdr->dest == htons(67))) &&
707 		    skb->len > 282) {
708 			ieee80211_queue_work(rtwdev->hw, &rtwdev->btc.dhcp_notify_work);
709 			return PACKET_DHCP;
710 		}
711 	}
712 
713 	if (skb->protocol == htons(ETH_P_IP) &&
714 	    ip_hdr(skb)->protocol == IPPROTO_ICMP) {
715 		ieee80211_queue_work(rtwdev->hw, &rtwdev->btc.icmp_notify_work);
716 		return PACKET_ICMP;
717 	}
718 
719 	return PACKET_MAX;
720 }
721 
722 static void
723 rtw89_core_tx_update_desc_info(struct rtw89_dev *rtwdev,
724 			       struct rtw89_core_tx_request *tx_req)
725 {
726 	struct rtw89_tx_desc_info *desc_info = &tx_req->desc_info;
727 	struct sk_buff *skb = tx_req->skb;
728 	struct ieee80211_tx_info *info = IEEE80211_SKB_CB(skb);
729 	struct ieee80211_hdr *hdr = (void *)skb->data;
730 	enum rtw89_core_tx_type tx_type;
731 	enum btc_pkt_type pkt_type;
732 	bool is_bmc;
733 	u16 seq;
734 
735 	seq = (le16_to_cpu(hdr->seq_ctrl) & IEEE80211_SCTL_SEQ) >> 4;
736 	if (tx_req->tx_type != RTW89_CORE_TX_TYPE_FWCMD) {
737 		tx_type = rtw89_core_get_tx_type(rtwdev, skb);
738 		tx_req->tx_type = tx_type;
739 	}
740 	is_bmc = (is_broadcast_ether_addr(hdr->addr1) ||
741 		  is_multicast_ether_addr(hdr->addr1));
742 
743 	desc_info->seq = seq;
744 	desc_info->pkt_size = skb->len;
745 	desc_info->is_bmc = is_bmc;
746 	desc_info->wd_page = true;
747 	desc_info->hiq = info->flags & IEEE80211_TX_CTL_SEND_AFTER_DTIM;
748 
749 	switch (tx_req->tx_type) {
750 	case RTW89_CORE_TX_TYPE_MGMT:
751 		rtw89_core_tx_update_mgmt_info(rtwdev, tx_req);
752 		break;
753 	case RTW89_CORE_TX_TYPE_DATA:
754 		rtw89_core_tx_update_data_info(rtwdev, tx_req);
755 		pkt_type = rtw89_core_tx_btc_spec_pkt_notify(rtwdev, tx_req);
756 		rtw89_core_tx_update_he_qos_htc(rtwdev, tx_req, pkt_type);
757 		break;
758 	case RTW89_CORE_TX_TYPE_FWCMD:
759 		rtw89_core_tx_update_h2c_info(rtwdev, tx_req);
760 		break;
761 	}
762 }
763 
764 void rtw89_core_tx_kick_off(struct rtw89_dev *rtwdev, u8 qsel)
765 {
766 	u8 ch_dma;
767 
768 	ch_dma = rtw89_core_get_ch_dma(rtwdev, qsel);
769 
770 	rtw89_hci_tx_kick_off(rtwdev, ch_dma);
771 }
772 
773 int rtw89_h2c_tx(struct rtw89_dev *rtwdev,
774 		 struct sk_buff *skb, bool fwdl)
775 {
776 	struct rtw89_core_tx_request tx_req = {0};
777 	u32 cnt;
778 	int ret;
779 
780 	tx_req.skb = skb;
781 	tx_req.tx_type = RTW89_CORE_TX_TYPE_FWCMD;
782 	if (fwdl)
783 		tx_req.desc_info.fw_dl = true;
784 
785 	rtw89_core_tx_update_desc_info(rtwdev, &tx_req);
786 
787 	if (!fwdl)
788 		rtw89_hex_dump(rtwdev, RTW89_DBG_FW, "H2C: ", skb->data, skb->len);
789 
790 	cnt = rtw89_hci_check_and_reclaim_tx_resource(rtwdev, RTW89_TXCH_CH12);
791 	if (cnt == 0) {
792 		rtw89_err(rtwdev, "no tx fwcmd resource\n");
793 		return -ENOSPC;
794 	}
795 
796 	ret = rtw89_hci_tx_write(rtwdev, &tx_req);
797 	if (ret) {
798 		rtw89_err(rtwdev, "failed to transmit skb to HCI\n");
799 		return ret;
800 	}
801 	rtw89_hci_tx_kick_off(rtwdev, RTW89_TXCH_CH12);
802 
803 	return 0;
804 }
805 
806 int rtw89_core_tx_write(struct rtw89_dev *rtwdev, struct ieee80211_vif *vif,
807 			struct ieee80211_sta *sta, struct sk_buff *skb, int *qsel)
808 {
809 	struct rtw89_core_tx_request tx_req = {0};
810 	struct rtw89_vif *rtwvif = (struct rtw89_vif *)vif->drv_priv;
811 	int ret;
812 
813 	tx_req.skb = skb;
814 	tx_req.sta = sta;
815 	tx_req.vif = vif;
816 
817 	rtw89_traffic_stats_accu(rtwdev, &rtwdev->stats, skb, true);
818 	rtw89_traffic_stats_accu(rtwdev, &rtwvif->stats, skb, true);
819 	rtw89_core_tx_update_desc_info(rtwdev, &tx_req);
820 	ret = rtw89_hci_tx_write(rtwdev, &tx_req);
821 	if (ret) {
822 		rtw89_err(rtwdev, "failed to transmit skb to HCI\n");
823 		return ret;
824 	}
825 
826 	if (qsel)
827 		*qsel = tx_req.desc_info.qsel;
828 
829 	return 0;
830 }
831 
832 static __le32 rtw89_build_txwd_body0(struct rtw89_tx_desc_info *desc_info)
833 {
834 	u32 dword = FIELD_PREP(RTW89_TXWD_BODY0_WP_OFFSET, desc_info->wp_offset) |
835 		    FIELD_PREP(RTW89_TXWD_BODY0_WD_INFO_EN, desc_info->en_wd_info) |
836 		    FIELD_PREP(RTW89_TXWD_BODY0_CHANNEL_DMA, desc_info->ch_dma) |
837 		    FIELD_PREP(RTW89_TXWD_BODY0_HDR_LLC_LEN, desc_info->hdr_llc_len) |
838 		    FIELD_PREP(RTW89_TXWD_BODY0_WD_PAGE, desc_info->wd_page) |
839 		    FIELD_PREP(RTW89_TXWD_BODY0_FW_DL, desc_info->fw_dl) |
840 		    FIELD_PREP(RTW89_TXWD_BODY0_HW_SSN_SEL, desc_info->hw_ssn_sel) |
841 		    FIELD_PREP(RTW89_TXWD_BODY0_HW_SSN_MODE, desc_info->hw_seq_mode);
842 
843 	return cpu_to_le32(dword);
844 }
845 
846 static __le32 rtw89_build_txwd_body2(struct rtw89_tx_desc_info *desc_info)
847 {
848 	u32 dword = FIELD_PREP(RTW89_TXWD_BODY2_TID_INDICATE, desc_info->tid_indicate) |
849 		    FIELD_PREP(RTW89_TXWD_BODY2_QSEL, desc_info->qsel) |
850 		    FIELD_PREP(RTW89_TXWD_BODY2_TXPKT_SIZE, desc_info->pkt_size) |
851 		    FIELD_PREP(RTW89_TXWD_BODY2_MACID, desc_info->mac_id);
852 
853 	return cpu_to_le32(dword);
854 }
855 
856 static __le32 rtw89_build_txwd_body3(struct rtw89_tx_desc_info *desc_info)
857 {
858 	u32 dword = FIELD_PREP(RTW89_TXWD_BODY3_SW_SEQ, desc_info->seq) |
859 		    FIELD_PREP(RTW89_TXWD_BODY3_AGG_EN, desc_info->agg_en) |
860 		    FIELD_PREP(RTW89_TXWD_BODY3_BK, desc_info->bk);
861 
862 	return cpu_to_le32(dword);
863 }
864 
865 static __le32 rtw89_build_txwd_info0(struct rtw89_tx_desc_info *desc_info)
866 {
867 	u32 dword = FIELD_PREP(RTW89_TXWD_INFO0_USE_RATE, desc_info->use_rate) |
868 		    FIELD_PREP(RTW89_TXWD_INFO0_DATA_RATE, desc_info->data_rate) |
869 		    FIELD_PREP(RTW89_TXWD_INFO0_DISDATAFB, desc_info->dis_data_fb) |
870 		    FIELD_PREP(RTW89_TXWD_INFO0_MULTIPORT_ID, desc_info->port);
871 
872 	return cpu_to_le32(dword);
873 }
874 
875 static __le32 rtw89_build_txwd_info1(struct rtw89_tx_desc_info *desc_info)
876 {
877 	u32 dword = FIELD_PREP(RTW89_TXWD_INFO1_MAX_AGGNUM, desc_info->ampdu_num) |
878 		    FIELD_PREP(RTW89_TXWD_INFO1_A_CTRL_BSR, desc_info->a_ctrl_bsr) |
879 		    FIELD_PREP(RTW89_TXWD_INFO1_DATA_RTY_LOWEST_RATE,
880 			       desc_info->data_retry_lowest_rate);
881 
882 	return cpu_to_le32(dword);
883 }
884 
885 static __le32 rtw89_build_txwd_info2(struct rtw89_tx_desc_info *desc_info)
886 {
887 	u32 dword = FIELD_PREP(RTW89_TXWD_INFO2_AMPDU_DENSITY, desc_info->ampdu_density) |
888 		    FIELD_PREP(RTW89_TXWD_INFO2_SEC_TYPE, desc_info->sec_type) |
889 		    FIELD_PREP(RTW89_TXWD_INFO2_SEC_HW_ENC, desc_info->sec_en) |
890 		    FIELD_PREP(RTW89_TXWD_INFO2_SEC_CAM_IDX, desc_info->sec_cam_idx);
891 
892 	return cpu_to_le32(dword);
893 }
894 
895 static __le32 rtw89_build_txwd_info4(struct rtw89_tx_desc_info *desc_info)
896 {
897 	u32 dword = FIELD_PREP(RTW89_TXWD_INFO4_RTS_EN, 1) |
898 		    FIELD_PREP(RTW89_TXWD_INFO4_HW_RTS_EN, 1);
899 
900 	return cpu_to_le32(dword);
901 }
902 
903 void rtw89_core_fill_txdesc(struct rtw89_dev *rtwdev,
904 			    struct rtw89_tx_desc_info *desc_info,
905 			    void *txdesc)
906 {
907 	struct rtw89_txwd_body *txwd_body = (struct rtw89_txwd_body *)txdesc;
908 	struct rtw89_txwd_info *txwd_info;
909 
910 	txwd_body->dword0 = rtw89_build_txwd_body0(desc_info);
911 	txwd_body->dword2 = rtw89_build_txwd_body2(desc_info);
912 	txwd_body->dword3 = rtw89_build_txwd_body3(desc_info);
913 
914 	if (!desc_info->en_wd_info)
915 		return;
916 
917 	txwd_info = (struct rtw89_txwd_info *)(txwd_body + 1);
918 	txwd_info->dword0 = rtw89_build_txwd_info0(desc_info);
919 	txwd_info->dword1 = rtw89_build_txwd_info1(desc_info);
920 	txwd_info->dword2 = rtw89_build_txwd_info2(desc_info);
921 	txwd_info->dword4 = rtw89_build_txwd_info4(desc_info);
922 
923 }
924 EXPORT_SYMBOL(rtw89_core_fill_txdesc);
925 
926 static int rtw89_core_rx_process_mac_ppdu(struct rtw89_dev *rtwdev,
927 					  struct sk_buff *skb,
928 					  struct rtw89_rx_phy_ppdu *phy_ppdu)
929 {
930 	bool rx_cnt_valid = false;
931 	u8 plcp_size = 0;
932 	u8 usr_num = 0;
933 	u8 *phy_sts;
934 
935 	rx_cnt_valid = RTW89_GET_RXINFO_RX_CNT_VLD(skb->data);
936 	plcp_size = RTW89_GET_RXINFO_PLCP_LEN(skb->data) << 3;
937 	usr_num = RTW89_GET_RXINFO_USR_NUM(skb->data);
938 	if (usr_num > RTW89_PPDU_MAX_USR) {
939 		rtw89_warn(rtwdev, "Invalid user number in mac info\n");
940 		return -EINVAL;
941 	}
942 
943 	phy_sts = skb->data + RTW89_PPDU_MAC_INFO_SIZE;
944 	phy_sts += usr_num * RTW89_PPDU_MAC_INFO_USR_SIZE;
945 	/* 8-byte alignment */
946 	if (usr_num & BIT(0))
947 		phy_sts += RTW89_PPDU_MAC_INFO_USR_SIZE;
948 	if (rx_cnt_valid)
949 		phy_sts += RTW89_PPDU_MAC_RX_CNT_SIZE;
950 	phy_sts += plcp_size;
951 
952 	phy_ppdu->buf = phy_sts;
953 	phy_ppdu->len = skb->data + skb->len - phy_sts;
954 
955 	return 0;
956 }
957 
958 static void rtw89_core_rx_process_phy_ppdu_iter(void *data,
959 						struct ieee80211_sta *sta)
960 {
961 	struct rtw89_sta *rtwsta = (struct rtw89_sta *)sta->drv_priv;
962 	struct rtw89_rx_phy_ppdu *phy_ppdu = (struct rtw89_rx_phy_ppdu *)data;
963 
964 	if (rtwsta->mac_id == phy_ppdu->mac_id && phy_ppdu->to_self)
965 		ewma_rssi_add(&rtwsta->avg_rssi, phy_ppdu->rssi_avg);
966 }
967 
968 #define VAR_LEN 0xff
969 #define VAR_LEN_UNIT 8
970 static u16 rtw89_core_get_phy_status_ie_len(struct rtw89_dev *rtwdev, u8 *addr)
971 {
972 	static const u8 physts_ie_len_tab[32] = {
973 		16, 32, 24, 24, 8, 8, 8, 8, VAR_LEN, 8, VAR_LEN, 176, VAR_LEN,
974 		VAR_LEN, VAR_LEN, VAR_LEN, VAR_LEN, VAR_LEN, 16, 24, VAR_LEN,
975 		VAR_LEN, VAR_LEN, 0, 24, 24, 24, 24, 32, 32, 32, 32
976 	};
977 	u16 ie_len;
978 	u8 ie;
979 
980 	ie = RTW89_GET_PHY_STS_IE_TYPE(addr);
981 	if (physts_ie_len_tab[ie] != VAR_LEN)
982 		ie_len = physts_ie_len_tab[ie];
983 	else
984 		ie_len = RTW89_GET_PHY_STS_IE_LEN(addr) * VAR_LEN_UNIT;
985 
986 	return ie_len;
987 }
988 
989 static void rtw89_core_parse_phy_status_ie01(struct rtw89_dev *rtwdev, u8 *addr,
990 					     struct rtw89_rx_phy_ppdu *phy_ppdu)
991 {
992 	s16 cfo;
993 
994 	phy_ppdu->chan_idx = RTW89_GET_PHY_STS_IE01_CH_IDX(addr);
995 	if (phy_ppdu->rate < RTW89_HW_RATE_OFDM6)
996 		return;
997 	/* sign conversion for S(12,2) */
998 	cfo = sign_extend32(RTW89_GET_PHY_STS_IE01_CFO(addr), 11);
999 	rtw89_phy_cfo_parse(rtwdev, cfo, phy_ppdu);
1000 }
1001 
1002 static int rtw89_core_process_phy_status_ie(struct rtw89_dev *rtwdev, u8 *addr,
1003 					    struct rtw89_rx_phy_ppdu *phy_ppdu)
1004 {
1005 	u8 ie;
1006 
1007 	ie = RTW89_GET_PHY_STS_IE_TYPE(addr);
1008 	switch (ie) {
1009 	case RTW89_PHYSTS_IE01_CMN_OFDM:
1010 		rtw89_core_parse_phy_status_ie01(rtwdev, addr, phy_ppdu);
1011 		break;
1012 	default:
1013 		break;
1014 	}
1015 
1016 	return 0;
1017 }
1018 
1019 static void rtw89_core_update_phy_ppdu(struct rtw89_rx_phy_ppdu *phy_ppdu)
1020 {
1021 	s8 *rssi = phy_ppdu->rssi;
1022 	u8 *buf = phy_ppdu->buf;
1023 
1024 	phy_ppdu->ie = RTW89_GET_PHY_STS_IE_MAP(buf);
1025 	phy_ppdu->rssi_avg = RTW89_GET_PHY_STS_RSSI_AVG(buf);
1026 	rssi[RF_PATH_A] = RTW89_RSSI_RAW_TO_DBM(RTW89_GET_PHY_STS_RSSI_A(buf));
1027 	rssi[RF_PATH_B] = RTW89_RSSI_RAW_TO_DBM(RTW89_GET_PHY_STS_RSSI_B(buf));
1028 	rssi[RF_PATH_C] = RTW89_RSSI_RAW_TO_DBM(RTW89_GET_PHY_STS_RSSI_C(buf));
1029 	rssi[RF_PATH_D] = RTW89_RSSI_RAW_TO_DBM(RTW89_GET_PHY_STS_RSSI_D(buf));
1030 }
1031 
1032 static int rtw89_core_rx_process_phy_ppdu(struct rtw89_dev *rtwdev,
1033 					  struct rtw89_rx_phy_ppdu *phy_ppdu)
1034 {
1035 	if (RTW89_GET_PHY_STS_LEN(phy_ppdu->buf) << 3 != phy_ppdu->len) {
1036 		rtw89_warn(rtwdev, "phy ppdu len mismatch\n");
1037 		return -EINVAL;
1038 	}
1039 	rtw89_core_update_phy_ppdu(phy_ppdu);
1040 	ieee80211_iterate_stations_atomic(rtwdev->hw,
1041 					  rtw89_core_rx_process_phy_ppdu_iter,
1042 					  phy_ppdu);
1043 
1044 	return 0;
1045 }
1046 
1047 static int rtw89_core_rx_parse_phy_sts(struct rtw89_dev *rtwdev,
1048 				       struct rtw89_rx_phy_ppdu *phy_ppdu)
1049 {
1050 	u16 ie_len;
1051 	u8 *pos, *end;
1052 
1053 	/* mark invalid reports and bypass them */
1054 	if (phy_ppdu->ie < RTW89_CCK_PKT)
1055 		return -EINVAL;
1056 
1057 	pos = (u8 *)phy_ppdu->buf + PHY_STS_HDR_LEN;
1058 	end = (u8 *)phy_ppdu->buf + phy_ppdu->len;
1059 	while (pos < end) {
1060 		ie_len = rtw89_core_get_phy_status_ie_len(rtwdev, pos);
1061 		rtw89_core_process_phy_status_ie(rtwdev, pos, phy_ppdu);
1062 		pos += ie_len;
1063 		if (pos > end || ie_len == 0) {
1064 			rtw89_debug(rtwdev, RTW89_DBG_TXRX,
1065 				    "phy status parse failed\n");
1066 			return -EINVAL;
1067 		}
1068 	}
1069 
1070 	return 0;
1071 }
1072 
1073 static void rtw89_core_rx_process_phy_sts(struct rtw89_dev *rtwdev,
1074 					  struct rtw89_rx_phy_ppdu *phy_ppdu)
1075 {
1076 	int ret;
1077 
1078 	ret = rtw89_core_rx_parse_phy_sts(rtwdev, phy_ppdu);
1079 	if (ret)
1080 		rtw89_debug(rtwdev, RTW89_DBG_TXRX, "parse phy sts failed\n");
1081 	else
1082 		phy_ppdu->valid = true;
1083 }
1084 
1085 static u8 rtw89_rxdesc_to_nl_he_gi(struct rtw89_dev *rtwdev,
1086 				   const struct rtw89_rx_desc_info *desc_info,
1087 				   bool rx_status)
1088 {
1089 	switch (desc_info->gi_ltf) {
1090 	case RTW89_GILTF_SGI_4XHE08:
1091 	case RTW89_GILTF_2XHE08:
1092 	case RTW89_GILTF_1XHE08:
1093 		return NL80211_RATE_INFO_HE_GI_0_8;
1094 	case RTW89_GILTF_2XHE16:
1095 	case RTW89_GILTF_1XHE16:
1096 		return NL80211_RATE_INFO_HE_GI_1_6;
1097 	case RTW89_GILTF_LGI_4XHE32:
1098 		return NL80211_RATE_INFO_HE_GI_3_2;
1099 	default:
1100 		rtw89_warn(rtwdev, "invalid gi_ltf=%d", desc_info->gi_ltf);
1101 		return rx_status ? NL80211_RATE_INFO_HE_GI_3_2 : U8_MAX;
1102 	}
1103 }
1104 
1105 static bool rtw89_core_rx_ppdu_match(struct rtw89_dev *rtwdev,
1106 				     struct rtw89_rx_desc_info *desc_info,
1107 				     struct ieee80211_rx_status *status)
1108 {
1109 	u8 band = desc_info->bb_sel ? RTW89_PHY_1 : RTW89_PHY_0;
1110 	u8 data_rate_mode, bw, rate_idx = MASKBYTE0, gi_ltf;
1111 	u16 data_rate;
1112 	bool ret;
1113 
1114 	data_rate = desc_info->data_rate;
1115 	data_rate_mode = GET_DATA_RATE_MODE(data_rate);
1116 	if (data_rate_mode == DATA_RATE_MODE_NON_HT) {
1117 		rate_idx = GET_DATA_RATE_NOT_HT_IDX(data_rate);
1118 		/* rate_idx is still hardware value here */
1119 	} else if (data_rate_mode == DATA_RATE_MODE_HT) {
1120 		rate_idx = GET_DATA_RATE_HT_IDX(data_rate);
1121 	} else if (data_rate_mode == DATA_RATE_MODE_VHT) {
1122 		rate_idx = GET_DATA_RATE_VHT_HE_IDX(data_rate);
1123 	} else if (data_rate_mode == DATA_RATE_MODE_HE) {
1124 		rate_idx = GET_DATA_RATE_VHT_HE_IDX(data_rate);
1125 	} else {
1126 		rtw89_warn(rtwdev, "invalid RX rate mode %d\n", data_rate_mode);
1127 	}
1128 
1129 	if (desc_info->bw == RTW89_CHANNEL_WIDTH_80)
1130 		bw = RATE_INFO_BW_80;
1131 	else if (desc_info->bw == RTW89_CHANNEL_WIDTH_40)
1132 		bw = RATE_INFO_BW_40;
1133 	else
1134 		bw = RATE_INFO_BW_20;
1135 
1136 	gi_ltf = rtw89_rxdesc_to_nl_he_gi(rtwdev, desc_info, false);
1137 	ret = rtwdev->ppdu_sts.curr_rx_ppdu_cnt[band] == desc_info->ppdu_cnt &&
1138 	      status->rate_idx == rate_idx &&
1139 	      status->he_gi == gi_ltf &&
1140 	      status->bw == bw;
1141 
1142 	return ret;
1143 }
1144 
1145 struct rtw89_vif_rx_stats_iter_data {
1146 	struct rtw89_dev *rtwdev;
1147 	struct rtw89_rx_phy_ppdu *phy_ppdu;
1148 	struct rtw89_rx_desc_info *desc_info;
1149 	struct sk_buff *skb;
1150 	const u8 *bssid;
1151 };
1152 
1153 static void rtw89_vif_rx_stats_iter(void *data, u8 *mac,
1154 				    struct ieee80211_vif *vif)
1155 {
1156 	struct rtw89_vif *rtwvif = (struct rtw89_vif *)vif->drv_priv;
1157 	struct rtw89_vif_rx_stats_iter_data *iter_data = data;
1158 	struct rtw89_dev *rtwdev = iter_data->rtwdev;
1159 	struct rtw89_pkt_stat *pkt_stat = &rtwdev->phystat.cur_pkt_stat;
1160 	struct rtw89_rx_desc_info *desc_info = iter_data->desc_info;
1161 	struct sk_buff *skb = iter_data->skb;
1162 	struct ieee80211_hdr *hdr = (struct ieee80211_hdr *)skb->data;
1163 	const u8 *bssid = iter_data->bssid;
1164 
1165 	if (!ether_addr_equal(vif->bss_conf.bssid, bssid))
1166 		return;
1167 
1168 	if (ieee80211_is_beacon(hdr->frame_control))
1169 		pkt_stat->beacon_nr++;
1170 
1171 	if (!ether_addr_equal(vif->addr, hdr->addr1))
1172 		return;
1173 
1174 	if (desc_info->data_rate < RTW89_HW_RATE_NR)
1175 		pkt_stat->rx_rate_cnt[desc_info->data_rate]++;
1176 
1177 	rtw89_traffic_stats_accu(rtwdev, &rtwvif->stats, skb, false);
1178 }
1179 
1180 static void rtw89_core_rx_stats(struct rtw89_dev *rtwdev,
1181 				struct rtw89_rx_phy_ppdu *phy_ppdu,
1182 				struct rtw89_rx_desc_info *desc_info,
1183 				struct sk_buff *skb)
1184 {
1185 	struct rtw89_vif_rx_stats_iter_data iter_data;
1186 
1187 	rtw89_traffic_stats_accu(rtwdev, &rtwdev->stats, skb, false);
1188 
1189 	iter_data.rtwdev = rtwdev;
1190 	iter_data.phy_ppdu = phy_ppdu;
1191 	iter_data.desc_info = desc_info;
1192 	iter_data.skb = skb;
1193 	iter_data.bssid = get_hdr_bssid((struct ieee80211_hdr *)skb->data);
1194 	rtw89_iterate_vifs_bh(rtwdev, rtw89_vif_rx_stats_iter, &iter_data);
1195 }
1196 
1197 static void rtw89_correct_cck_chan(struct rtw89_dev *rtwdev,
1198 				   struct ieee80211_rx_status *status)
1199 {
1200 	u16 chan = rtwdev->hal.prev_primary_channel;
1201 	u8 band = chan <= 14 ? NL80211_BAND_2GHZ : NL80211_BAND_5GHZ;
1202 
1203 	if (status->band != NL80211_BAND_2GHZ &&
1204 	    status->encoding == RX_ENC_LEGACY &&
1205 	    status->rate_idx < RTW89_HW_RATE_OFDM6) {
1206 		status->freq = ieee80211_channel_to_frequency(chan, band);
1207 		status->band = band;
1208 	}
1209 }
1210 
1211 static void rtw89_core_hw_to_sband_rate(struct ieee80211_rx_status *rx_status)
1212 {
1213 	if (rx_status->band == NL80211_BAND_2GHZ ||
1214 	    rx_status->encoding != RX_ENC_LEGACY)
1215 		return;
1216 	/* No 4 CCK rates for non-2G */
1217 	rx_status->rate_idx -= 4;
1218 }
1219 
1220 static void rtw89_core_rx_to_mac80211(struct rtw89_dev *rtwdev,
1221 				      struct rtw89_rx_phy_ppdu *phy_ppdu,
1222 				      struct rtw89_rx_desc_info *desc_info,
1223 				      struct sk_buff *skb_ppdu,
1224 				      struct ieee80211_rx_status *rx_status)
1225 {
1226 	rtw89_core_hw_to_sband_rate(rx_status);
1227 	rtw89_core_rx_stats(rtwdev, phy_ppdu, desc_info, skb_ppdu);
1228 	ieee80211_rx_napi(rtwdev->hw, NULL, skb_ppdu, &rtwdev->napi);
1229 	rtwdev->napi_budget_countdown--;
1230 }
1231 
1232 static void rtw89_core_rx_pending_skb(struct rtw89_dev *rtwdev,
1233 				      struct rtw89_rx_phy_ppdu *phy_ppdu,
1234 				      struct rtw89_rx_desc_info *desc_info,
1235 				      struct sk_buff *skb)
1236 {
1237 	u8 band = desc_info->bb_sel ? RTW89_PHY_1 : RTW89_PHY_0;
1238 	int curr = rtwdev->ppdu_sts.curr_rx_ppdu_cnt[band];
1239 	struct sk_buff *skb_ppdu = NULL, *tmp;
1240 	struct ieee80211_rx_status *rx_status;
1241 
1242 	if (curr > RTW89_MAX_PPDU_CNT)
1243 		return;
1244 
1245 	skb_queue_walk_safe(&rtwdev->ppdu_sts.rx_queue[band], skb_ppdu, tmp) {
1246 		skb_unlink(skb_ppdu, &rtwdev->ppdu_sts.rx_queue[band]);
1247 		rx_status = IEEE80211_SKB_RXCB(skb_ppdu);
1248 		if (rtw89_core_rx_ppdu_match(rtwdev, desc_info, rx_status))
1249 			rtw89_chip_query_ppdu(rtwdev, phy_ppdu, rx_status);
1250 		rtw89_correct_cck_chan(rtwdev, rx_status);
1251 		rtw89_core_rx_to_mac80211(rtwdev, phy_ppdu, desc_info, skb_ppdu, rx_status);
1252 	}
1253 }
1254 
1255 static void rtw89_core_rx_process_ppdu_sts(struct rtw89_dev *rtwdev,
1256 					   struct rtw89_rx_desc_info *desc_info,
1257 					   struct sk_buff *skb)
1258 {
1259 	struct rtw89_rx_phy_ppdu phy_ppdu = {.buf = skb->data, .valid = false,
1260 					     .len = skb->len,
1261 					     .to_self = desc_info->addr1_match,
1262 					     .rate = desc_info->data_rate,
1263 					     .mac_id = desc_info->mac_id};
1264 	int ret;
1265 
1266 	if (desc_info->mac_info_valid)
1267 		rtw89_core_rx_process_mac_ppdu(rtwdev, skb, &phy_ppdu);
1268 	ret = rtw89_core_rx_process_phy_ppdu(rtwdev, &phy_ppdu);
1269 	if (ret)
1270 		rtw89_debug(rtwdev, RTW89_DBG_TXRX, "process ppdu failed\n");
1271 
1272 	rtw89_core_rx_process_phy_sts(rtwdev, &phy_ppdu);
1273 	rtw89_core_rx_pending_skb(rtwdev, &phy_ppdu, desc_info, skb);
1274 	dev_kfree_skb_any(skb);
1275 }
1276 
1277 static void rtw89_core_rx_process_report(struct rtw89_dev *rtwdev,
1278 					 struct rtw89_rx_desc_info *desc_info,
1279 					 struct sk_buff *skb)
1280 {
1281 	switch (desc_info->pkt_type) {
1282 	case RTW89_CORE_RX_TYPE_C2H:
1283 		rtw89_fw_c2h_irqsafe(rtwdev, skb);
1284 		break;
1285 	case RTW89_CORE_RX_TYPE_PPDU_STAT:
1286 		rtw89_core_rx_process_ppdu_sts(rtwdev, desc_info, skb);
1287 		break;
1288 	default:
1289 		rtw89_debug(rtwdev, RTW89_DBG_TXRX, "unhandled pkt_type=%d\n",
1290 			    desc_info->pkt_type);
1291 		dev_kfree_skb_any(skb);
1292 		break;
1293 	}
1294 }
1295 
1296 void rtw89_core_query_rxdesc(struct rtw89_dev *rtwdev,
1297 			     struct rtw89_rx_desc_info *desc_info,
1298 			     u8 *data, u32 data_offset)
1299 {
1300 	struct rtw89_rxdesc_short *rxd_s;
1301 	struct rtw89_rxdesc_long *rxd_l;
1302 	u8 shift_len, drv_info_len;
1303 
1304 	rxd_s = (struct rtw89_rxdesc_short *)(data + data_offset);
1305 	desc_info->pkt_size = RTW89_GET_RXWD_PKT_SIZE(rxd_s);
1306 	desc_info->drv_info_size = RTW89_GET_RXWD_DRV_INFO_SIZE(rxd_s);
1307 	desc_info->long_rxdesc = RTW89_GET_RXWD_LONG_RXD(rxd_s);
1308 	desc_info->pkt_type = RTW89_GET_RXWD_RPKT_TYPE(rxd_s);
1309 	desc_info->mac_info_valid = RTW89_GET_RXWD_MAC_INFO_VALID(rxd_s);
1310 	desc_info->bw = RTW89_GET_RXWD_BW(rxd_s);
1311 	desc_info->data_rate = RTW89_GET_RXWD_DATA_RATE(rxd_s);
1312 	desc_info->gi_ltf = RTW89_GET_RXWD_GI_LTF(rxd_s);
1313 	desc_info->user_id = RTW89_GET_RXWD_USER_ID(rxd_s);
1314 	desc_info->sr_en = RTW89_GET_RXWD_SR_EN(rxd_s);
1315 	desc_info->ppdu_cnt = RTW89_GET_RXWD_PPDU_CNT(rxd_s);
1316 	desc_info->ppdu_type = RTW89_GET_RXWD_PPDU_TYPE(rxd_s);
1317 	desc_info->free_run_cnt = RTW89_GET_RXWD_FREE_RUN_CNT(rxd_s);
1318 	desc_info->icv_err = RTW89_GET_RXWD_ICV_ERR(rxd_s);
1319 	desc_info->crc32_err = RTW89_GET_RXWD_CRC32_ERR(rxd_s);
1320 	desc_info->hw_dec = RTW89_GET_RXWD_HW_DEC(rxd_s);
1321 	desc_info->sw_dec = RTW89_GET_RXWD_SW_DEC(rxd_s);
1322 	desc_info->addr1_match = RTW89_GET_RXWD_A1_MATCH(rxd_s);
1323 
1324 	shift_len = desc_info->shift << 1; /* 2-byte unit */
1325 	drv_info_len = desc_info->drv_info_size << 3; /* 8-byte unit */
1326 	desc_info->offset = data_offset + shift_len + drv_info_len;
1327 	desc_info->ready = true;
1328 
1329 	if (!desc_info->long_rxdesc)
1330 		return;
1331 
1332 	rxd_l = (struct rtw89_rxdesc_long *)(data + data_offset);
1333 	desc_info->frame_type = RTW89_GET_RXWD_TYPE(rxd_l);
1334 	desc_info->addr_cam_valid = RTW89_GET_RXWD_ADDR_CAM_VLD(rxd_l);
1335 	desc_info->addr_cam_id = RTW89_GET_RXWD_ADDR_CAM_ID(rxd_l);
1336 	desc_info->sec_cam_id = RTW89_GET_RXWD_SEC_CAM_ID(rxd_l);
1337 	desc_info->mac_id = RTW89_GET_RXWD_MAC_ID(rxd_l);
1338 	desc_info->rx_pl_id = RTW89_GET_RXWD_RX_PL_ID(rxd_l);
1339 }
1340 EXPORT_SYMBOL(rtw89_core_query_rxdesc);
1341 
1342 struct rtw89_core_iter_rx_status {
1343 	struct rtw89_dev *rtwdev;
1344 	struct ieee80211_rx_status *rx_status;
1345 	struct rtw89_rx_desc_info *desc_info;
1346 	u8 mac_id;
1347 };
1348 
1349 static
1350 void rtw89_core_stats_sta_rx_status_iter(void *data, struct ieee80211_sta *sta)
1351 {
1352 	struct rtw89_core_iter_rx_status *iter_data =
1353 				(struct rtw89_core_iter_rx_status *)data;
1354 	struct ieee80211_rx_status *rx_status = iter_data->rx_status;
1355 	struct rtw89_sta *rtwsta = (struct rtw89_sta *)sta->drv_priv;
1356 	struct rtw89_rx_desc_info *desc_info = iter_data->desc_info;
1357 	u8 mac_id = iter_data->mac_id;
1358 
1359 	if (mac_id != rtwsta->mac_id)
1360 		return;
1361 
1362 	rtwsta->rx_status = *rx_status;
1363 	rtwsta->rx_hw_rate = desc_info->data_rate;
1364 }
1365 
1366 static void rtw89_core_stats_sta_rx_status(struct rtw89_dev *rtwdev,
1367 					   struct rtw89_rx_desc_info *desc_info,
1368 					   struct ieee80211_rx_status *rx_status)
1369 {
1370 	struct rtw89_core_iter_rx_status iter_data;
1371 
1372 	if (!desc_info->addr1_match || !desc_info->long_rxdesc)
1373 		return;
1374 
1375 	if (desc_info->frame_type != RTW89_RX_TYPE_DATA)
1376 		return;
1377 
1378 	iter_data.rtwdev = rtwdev;
1379 	iter_data.rx_status = rx_status;
1380 	iter_data.desc_info = desc_info;
1381 	iter_data.mac_id = desc_info->mac_id;
1382 	ieee80211_iterate_stations_atomic(rtwdev->hw,
1383 					  rtw89_core_stats_sta_rx_status_iter,
1384 					  &iter_data);
1385 }
1386 
1387 static void rtw89_core_update_rx_status(struct rtw89_dev *rtwdev,
1388 					struct rtw89_rx_desc_info *desc_info,
1389 					struct ieee80211_rx_status *rx_status)
1390 {
1391 	struct ieee80211_hw *hw = rtwdev->hw;
1392 	u16 data_rate;
1393 	u8 data_rate_mode;
1394 
1395 	/* currently using single PHY */
1396 	rx_status->freq = hw->conf.chandef.chan->center_freq;
1397 	rx_status->band = hw->conf.chandef.chan->band;
1398 
1399 	if (desc_info->icv_err || desc_info->crc32_err)
1400 		rx_status->flag |= RX_FLAG_FAILED_FCS_CRC;
1401 
1402 	if (desc_info->hw_dec &&
1403 	    !(desc_info->sw_dec || desc_info->icv_err))
1404 		rx_status->flag |= RX_FLAG_DECRYPTED;
1405 
1406 	if (desc_info->bw == RTW89_CHANNEL_WIDTH_80)
1407 		rx_status->bw = RATE_INFO_BW_80;
1408 	else if (desc_info->bw == RTW89_CHANNEL_WIDTH_40)
1409 		rx_status->bw = RATE_INFO_BW_40;
1410 	else
1411 		rx_status->bw = RATE_INFO_BW_20;
1412 
1413 	data_rate = desc_info->data_rate;
1414 	data_rate_mode = GET_DATA_RATE_MODE(data_rate);
1415 	if (data_rate_mode == DATA_RATE_MODE_NON_HT) {
1416 		rx_status->encoding = RX_ENC_LEGACY;
1417 		rx_status->rate_idx = GET_DATA_RATE_NOT_HT_IDX(data_rate);
1418 		/* convert rate_idx after we get the correct band */
1419 	} else if (data_rate_mode == DATA_RATE_MODE_HT) {
1420 		rx_status->encoding = RX_ENC_HT;
1421 		rx_status->rate_idx = GET_DATA_RATE_HT_IDX(data_rate);
1422 		if (desc_info->gi_ltf)
1423 			rx_status->enc_flags |= RX_ENC_FLAG_SHORT_GI;
1424 	} else if (data_rate_mode == DATA_RATE_MODE_VHT) {
1425 		rx_status->encoding = RX_ENC_VHT;
1426 		rx_status->rate_idx = GET_DATA_RATE_VHT_HE_IDX(data_rate);
1427 		rx_status->nss = GET_DATA_RATE_NSS(data_rate) + 1;
1428 		if (desc_info->gi_ltf)
1429 			rx_status->enc_flags |= RX_ENC_FLAG_SHORT_GI;
1430 	} else if (data_rate_mode == DATA_RATE_MODE_HE) {
1431 		rx_status->encoding = RX_ENC_HE;
1432 		rx_status->rate_idx = GET_DATA_RATE_VHT_HE_IDX(data_rate);
1433 		rx_status->nss = GET_DATA_RATE_NSS(data_rate) + 1;
1434 	} else {
1435 		rtw89_warn(rtwdev, "invalid RX rate mode %d\n", data_rate_mode);
1436 	}
1437 
1438 	/* he_gi is used to match ppdu, so we always fill it. */
1439 	rx_status->he_gi = rtw89_rxdesc_to_nl_he_gi(rtwdev, desc_info, true);
1440 	rx_status->flag |= RX_FLAG_MACTIME_START;
1441 	rx_status->mactime = desc_info->free_run_cnt;
1442 
1443 	rtw89_core_stats_sta_rx_status(rtwdev, desc_info, rx_status);
1444 }
1445 
1446 static enum rtw89_ps_mode rtw89_update_ps_mode(struct rtw89_dev *rtwdev)
1447 {
1448 	const struct rtw89_chip_info *chip = rtwdev->chip;
1449 
1450 	if (rtw89_disable_ps_mode || !chip->ps_mode_supported)
1451 		return RTW89_PS_MODE_NONE;
1452 
1453 	if (chip->ps_mode_supported & BIT(RTW89_PS_MODE_PWR_GATED))
1454 		return RTW89_PS_MODE_PWR_GATED;
1455 
1456 	if (chip->ps_mode_supported & BIT(RTW89_PS_MODE_CLK_GATED))
1457 		return RTW89_PS_MODE_CLK_GATED;
1458 
1459 	if (chip->ps_mode_supported & BIT(RTW89_PS_MODE_RFOFF))
1460 		return RTW89_PS_MODE_RFOFF;
1461 
1462 	return RTW89_PS_MODE_NONE;
1463 }
1464 
1465 static void rtw89_core_flush_ppdu_rx_queue(struct rtw89_dev *rtwdev,
1466 					   struct rtw89_rx_desc_info *desc_info)
1467 {
1468 	struct rtw89_ppdu_sts_info *ppdu_sts = &rtwdev->ppdu_sts;
1469 	u8 band = desc_info->bb_sel ? RTW89_PHY_1 : RTW89_PHY_0;
1470 	struct ieee80211_rx_status *rx_status;
1471 	struct sk_buff *skb_ppdu, *tmp;
1472 
1473 	skb_queue_walk_safe(&ppdu_sts->rx_queue[band], skb_ppdu, tmp) {
1474 		skb_unlink(skb_ppdu, &ppdu_sts->rx_queue[band]);
1475 		rx_status = IEEE80211_SKB_RXCB(skb_ppdu);
1476 		rtw89_core_rx_to_mac80211(rtwdev, NULL, desc_info, skb_ppdu, rx_status);
1477 	}
1478 }
1479 
1480 void rtw89_core_rx(struct rtw89_dev *rtwdev,
1481 		   struct rtw89_rx_desc_info *desc_info,
1482 		   struct sk_buff *skb)
1483 {
1484 	struct ieee80211_rx_status *rx_status;
1485 	struct rtw89_ppdu_sts_info *ppdu_sts = &rtwdev->ppdu_sts;
1486 	u8 ppdu_cnt = desc_info->ppdu_cnt;
1487 	u8 band = desc_info->bb_sel ? RTW89_PHY_1 : RTW89_PHY_0;
1488 
1489 	if (desc_info->pkt_type != RTW89_CORE_RX_TYPE_WIFI) {
1490 		rtw89_core_rx_process_report(rtwdev, desc_info, skb);
1491 		return;
1492 	}
1493 
1494 	if (ppdu_sts->curr_rx_ppdu_cnt[band] != ppdu_cnt) {
1495 		rtw89_core_flush_ppdu_rx_queue(rtwdev, desc_info);
1496 		ppdu_sts->curr_rx_ppdu_cnt[band] = ppdu_cnt;
1497 	}
1498 
1499 	rx_status = IEEE80211_SKB_RXCB(skb);
1500 	memset(rx_status, 0, sizeof(*rx_status));
1501 	rtw89_core_update_rx_status(rtwdev, desc_info, rx_status);
1502 	if (desc_info->long_rxdesc &&
1503 	    BIT(desc_info->frame_type) & PPDU_FILTER_BITMAP)
1504 		skb_queue_tail(&ppdu_sts->rx_queue[band], skb);
1505 	else
1506 		rtw89_core_rx_to_mac80211(rtwdev, NULL, desc_info, skb, rx_status);
1507 }
1508 EXPORT_SYMBOL(rtw89_core_rx);
1509 
1510 void rtw89_core_napi_start(struct rtw89_dev *rtwdev)
1511 {
1512 	if (test_and_set_bit(RTW89_FLAG_NAPI_RUNNING, rtwdev->flags))
1513 		return;
1514 
1515 	napi_enable(&rtwdev->napi);
1516 }
1517 EXPORT_SYMBOL(rtw89_core_napi_start);
1518 
1519 void rtw89_core_napi_stop(struct rtw89_dev *rtwdev)
1520 {
1521 	if (!test_and_clear_bit(RTW89_FLAG_NAPI_RUNNING, rtwdev->flags))
1522 		return;
1523 
1524 	napi_synchronize(&rtwdev->napi);
1525 	napi_disable(&rtwdev->napi);
1526 }
1527 EXPORT_SYMBOL(rtw89_core_napi_stop);
1528 
1529 void rtw89_core_napi_init(struct rtw89_dev *rtwdev)
1530 {
1531 	init_dummy_netdev(&rtwdev->netdev);
1532 	netif_napi_add(&rtwdev->netdev, &rtwdev->napi,
1533 		       rtwdev->hci.ops->napi_poll, NAPI_POLL_WEIGHT);
1534 }
1535 EXPORT_SYMBOL(rtw89_core_napi_init);
1536 
1537 void rtw89_core_napi_deinit(struct rtw89_dev *rtwdev)
1538 {
1539 	rtw89_core_napi_stop(rtwdev);
1540 	netif_napi_del(&rtwdev->napi);
1541 }
1542 EXPORT_SYMBOL(rtw89_core_napi_deinit);
1543 
1544 static void rtw89_core_ba_work(struct work_struct *work)
1545 {
1546 	struct rtw89_dev *rtwdev =
1547 		container_of(work, struct rtw89_dev, ba_work);
1548 	struct rtw89_txq *rtwtxq, *tmp;
1549 	int ret;
1550 
1551 	spin_lock_bh(&rtwdev->ba_lock);
1552 	list_for_each_entry_safe(rtwtxq, tmp, &rtwdev->ba_list, list) {
1553 		struct ieee80211_txq *txq = rtw89_txq_to_txq(rtwtxq);
1554 		struct ieee80211_sta *sta = txq->sta;
1555 		struct rtw89_sta *rtwsta = sta ? (struct rtw89_sta *)sta->drv_priv : NULL;
1556 		u8 tid = txq->tid;
1557 
1558 		if (!sta) {
1559 			rtw89_warn(rtwdev, "cannot start BA without sta\n");
1560 			goto skip_ba_work;
1561 		}
1562 
1563 		if (rtwsta->disassoc) {
1564 			rtw89_debug(rtwdev, RTW89_DBG_TXRX,
1565 				    "cannot start BA with disassoc sta\n");
1566 			goto skip_ba_work;
1567 		}
1568 
1569 		ret = ieee80211_start_tx_ba_session(sta, tid, 0);
1570 		if (ret) {
1571 			rtw89_debug(rtwdev, RTW89_DBG_TXRX,
1572 				    "failed to setup BA session for %pM:%2d: %d\n",
1573 				    sta->addr, tid, ret);
1574 			if (ret == -EINVAL)
1575 				set_bit(RTW89_TXQ_F_BLOCK_BA, &rtwtxq->flags);
1576 		}
1577 skip_ba_work:
1578 		list_del_init(&rtwtxq->list);
1579 	}
1580 	spin_unlock_bh(&rtwdev->ba_lock);
1581 }
1582 
1583 static void rtw89_core_free_sta_pending_ba(struct rtw89_dev *rtwdev,
1584 					   struct ieee80211_sta *sta)
1585 {
1586 	struct rtw89_txq *rtwtxq, *tmp;
1587 
1588 	spin_lock_bh(&rtwdev->ba_lock);
1589 	list_for_each_entry_safe(rtwtxq, tmp, &rtwdev->ba_list, list) {
1590 		struct ieee80211_txq *txq = rtw89_txq_to_txq(rtwtxq);
1591 
1592 		if (sta == txq->sta)
1593 			list_del_init(&rtwtxq->list);
1594 	}
1595 	spin_unlock_bh(&rtwdev->ba_lock);
1596 }
1597 
1598 static void rtw89_core_txq_check_agg(struct rtw89_dev *rtwdev,
1599 				     struct rtw89_txq *rtwtxq,
1600 				     struct sk_buff *skb)
1601 {
1602 	struct ieee80211_hw *hw = rtwdev->hw;
1603 	struct ieee80211_txq *txq = rtw89_txq_to_txq(rtwtxq);
1604 	struct ieee80211_sta *sta = txq->sta;
1605 	struct rtw89_sta *rtwsta = sta ? (struct rtw89_sta *)sta->drv_priv : NULL;
1606 
1607 	if (unlikely(skb_get_queue_mapping(skb) == IEEE80211_AC_VO))
1608 		return;
1609 
1610 	if (unlikely(skb->protocol == cpu_to_be16(ETH_P_PAE)))
1611 		return;
1612 
1613 	if (unlikely(!sta))
1614 		return;
1615 
1616 	if (unlikely(test_bit(RTW89_TXQ_F_BLOCK_BA, &rtwtxq->flags)))
1617 		return;
1618 
1619 	if (test_bit(RTW89_TXQ_F_AMPDU, &rtwtxq->flags)) {
1620 		IEEE80211_SKB_CB(skb)->flags |= IEEE80211_TX_CTL_AMPDU;
1621 		return;
1622 	}
1623 
1624 	spin_lock_bh(&rtwdev->ba_lock);
1625 	if (!rtwsta->disassoc && list_empty(&rtwtxq->list)) {
1626 		list_add_tail(&rtwtxq->list, &rtwdev->ba_list);
1627 		ieee80211_queue_work(hw, &rtwdev->ba_work);
1628 	}
1629 	spin_unlock_bh(&rtwdev->ba_lock);
1630 }
1631 
1632 static void rtw89_core_txq_push(struct rtw89_dev *rtwdev,
1633 				struct rtw89_txq *rtwtxq,
1634 				unsigned long frame_cnt,
1635 				unsigned long byte_cnt)
1636 {
1637 	struct ieee80211_txq *txq = rtw89_txq_to_txq(rtwtxq);
1638 	struct ieee80211_vif *vif = txq->vif;
1639 	struct ieee80211_sta *sta = txq->sta;
1640 	struct sk_buff *skb;
1641 	unsigned long i;
1642 	int ret;
1643 
1644 	for (i = 0; i < frame_cnt; i++) {
1645 		skb = ieee80211_tx_dequeue_ni(rtwdev->hw, txq);
1646 		if (!skb) {
1647 			rtw89_debug(rtwdev, RTW89_DBG_TXRX, "dequeue a NULL skb\n");
1648 			return;
1649 		}
1650 		rtw89_core_txq_check_agg(rtwdev, rtwtxq, skb);
1651 		ret = rtw89_core_tx_write(rtwdev, vif, sta, skb, NULL);
1652 		if (ret) {
1653 			rtw89_err(rtwdev, "failed to push txq: %d\n", ret);
1654 			ieee80211_free_txskb(rtwdev->hw, skb);
1655 			break;
1656 		}
1657 	}
1658 }
1659 
1660 static u32 rtw89_check_and_reclaim_tx_resource(struct rtw89_dev *rtwdev, u8 tid)
1661 {
1662 	u8 qsel, ch_dma;
1663 
1664 	qsel = rtw89_core_get_qsel(rtwdev, tid);
1665 	ch_dma = rtw89_core_get_ch_dma(rtwdev, qsel);
1666 
1667 	return rtw89_hci_check_and_reclaim_tx_resource(rtwdev, ch_dma);
1668 }
1669 
1670 static bool rtw89_core_txq_agg_wait(struct rtw89_dev *rtwdev,
1671 				    struct ieee80211_txq *txq,
1672 				    unsigned long *frame_cnt,
1673 				    bool *sched_txq, bool *reinvoke)
1674 {
1675 	struct rtw89_txq *rtwtxq = (struct rtw89_txq *)txq->drv_priv;
1676 	struct ieee80211_sta *sta = txq->sta;
1677 	struct rtw89_sta *rtwsta = sta ? (struct rtw89_sta *)sta->drv_priv : NULL;
1678 
1679 	if (!sta || rtwsta->max_agg_wait <= 0)
1680 		return false;
1681 
1682 	if (rtwdev->stats.tx_tfc_lv <= RTW89_TFC_MID)
1683 		return false;
1684 
1685 	if (*frame_cnt > 1) {
1686 		*frame_cnt -= 1;
1687 		*sched_txq = true;
1688 		*reinvoke = true;
1689 		rtwtxq->wait_cnt = 1;
1690 		return false;
1691 	}
1692 
1693 	if (*frame_cnt == 1 && rtwtxq->wait_cnt < rtwsta->max_agg_wait) {
1694 		*reinvoke = true;
1695 		rtwtxq->wait_cnt++;
1696 		return true;
1697 	}
1698 
1699 	rtwtxq->wait_cnt = 0;
1700 	return false;
1701 }
1702 
1703 static void rtw89_core_txq_schedule(struct rtw89_dev *rtwdev, u8 ac, bool *reinvoke)
1704 {
1705 	struct ieee80211_hw *hw = rtwdev->hw;
1706 	struct ieee80211_txq *txq;
1707 	struct rtw89_txq *rtwtxq;
1708 	unsigned long frame_cnt;
1709 	unsigned long byte_cnt;
1710 	u32 tx_resource;
1711 	bool sched_txq;
1712 
1713 	ieee80211_txq_schedule_start(hw, ac);
1714 	while ((txq = ieee80211_next_txq(hw, ac))) {
1715 		rtwtxq = (struct rtw89_txq *)txq->drv_priv;
1716 		tx_resource = rtw89_check_and_reclaim_tx_resource(rtwdev, txq->tid);
1717 		sched_txq = false;
1718 
1719 		ieee80211_txq_get_depth(txq, &frame_cnt, &byte_cnt);
1720 		if (rtw89_core_txq_agg_wait(rtwdev, txq, &frame_cnt, &sched_txq, reinvoke)) {
1721 			ieee80211_return_txq(hw, txq, true);
1722 			continue;
1723 		}
1724 		frame_cnt = min_t(unsigned long, frame_cnt, tx_resource);
1725 		rtw89_core_txq_push(rtwdev, rtwtxq, frame_cnt, byte_cnt);
1726 		ieee80211_return_txq(hw, txq, sched_txq);
1727 		if (frame_cnt != 0)
1728 			rtw89_core_tx_kick_off(rtwdev, rtw89_core_get_qsel(rtwdev, txq->tid));
1729 	}
1730 	ieee80211_txq_schedule_end(hw, ac);
1731 }
1732 
1733 static void rtw89_core_txq_work(struct work_struct *w)
1734 {
1735 	struct rtw89_dev *rtwdev = container_of(w, struct rtw89_dev, txq_work);
1736 	bool reinvoke = false;
1737 	u8 ac;
1738 
1739 	for (ac = 0; ac < IEEE80211_NUM_ACS; ac++)
1740 		rtw89_core_txq_schedule(rtwdev, ac, &reinvoke);
1741 
1742 	if (reinvoke) {
1743 		/* reinvoke to process the last frame */
1744 		mod_delayed_work(rtwdev->txq_wq, &rtwdev->txq_reinvoke_work, 1);
1745 	}
1746 }
1747 
1748 static void rtw89_core_txq_reinvoke_work(struct work_struct *w)
1749 {
1750 	struct rtw89_dev *rtwdev = container_of(w, struct rtw89_dev,
1751 						txq_reinvoke_work.work);
1752 
1753 	queue_work(rtwdev->txq_wq, &rtwdev->txq_work);
1754 }
1755 
1756 static enum rtw89_tfc_lv rtw89_get_traffic_level(struct rtw89_dev *rtwdev,
1757 						 u32 throughput, u64 cnt)
1758 {
1759 	if (cnt < 100)
1760 		return RTW89_TFC_IDLE;
1761 	if (throughput > 50)
1762 		return RTW89_TFC_HIGH;
1763 	if (throughput > 10)
1764 		return RTW89_TFC_MID;
1765 	if (throughput > 2)
1766 		return RTW89_TFC_LOW;
1767 	return RTW89_TFC_ULTRA_LOW;
1768 }
1769 
1770 static bool rtw89_traffic_stats_calc(struct rtw89_dev *rtwdev,
1771 				     struct rtw89_traffic_stats *stats)
1772 {
1773 	enum rtw89_tfc_lv tx_tfc_lv = stats->tx_tfc_lv;
1774 	enum rtw89_tfc_lv rx_tfc_lv = stats->rx_tfc_lv;
1775 
1776 	stats->tx_throughput_raw = (u32)(stats->tx_unicast >> RTW89_TP_SHIFT);
1777 	stats->rx_throughput_raw = (u32)(stats->rx_unicast >> RTW89_TP_SHIFT);
1778 
1779 	ewma_tp_add(&stats->tx_ewma_tp, stats->tx_throughput_raw);
1780 	ewma_tp_add(&stats->rx_ewma_tp, stats->rx_throughput_raw);
1781 
1782 	stats->tx_throughput = ewma_tp_read(&stats->tx_ewma_tp);
1783 	stats->rx_throughput = ewma_tp_read(&stats->rx_ewma_tp);
1784 	stats->tx_tfc_lv = rtw89_get_traffic_level(rtwdev, stats->tx_throughput,
1785 						   stats->tx_cnt);
1786 	stats->rx_tfc_lv = rtw89_get_traffic_level(rtwdev, stats->rx_throughput,
1787 						   stats->rx_cnt);
1788 	stats->tx_avg_len = stats->tx_cnt ?
1789 			    DIV_ROUND_DOWN_ULL(stats->tx_unicast, stats->tx_cnt) : 0;
1790 	stats->rx_avg_len = stats->rx_cnt ?
1791 			    DIV_ROUND_DOWN_ULL(stats->rx_unicast, stats->rx_cnt) : 0;
1792 
1793 	stats->tx_unicast = 0;
1794 	stats->rx_unicast = 0;
1795 	stats->tx_cnt = 0;
1796 	stats->rx_cnt = 0;
1797 
1798 	if (tx_tfc_lv != stats->tx_tfc_lv || rx_tfc_lv != stats->rx_tfc_lv)
1799 		return true;
1800 
1801 	return false;
1802 }
1803 
1804 static bool rtw89_traffic_stats_track(struct rtw89_dev *rtwdev)
1805 {
1806 	struct rtw89_vif *rtwvif;
1807 	bool tfc_changed;
1808 
1809 	tfc_changed = rtw89_traffic_stats_calc(rtwdev, &rtwdev->stats);
1810 	rtw89_for_each_rtwvif(rtwdev, rtwvif)
1811 		rtw89_traffic_stats_calc(rtwdev, &rtwvif->stats);
1812 
1813 	return tfc_changed;
1814 }
1815 
1816 static void rtw89_vif_enter_lps(struct rtw89_dev *rtwdev, struct rtw89_vif *rtwvif)
1817 {
1818 	if (rtwvif->wifi_role != RTW89_WIFI_ROLE_STATION)
1819 		return;
1820 
1821 	if (rtwvif->stats.tx_tfc_lv == RTW89_TFC_IDLE &&
1822 	    rtwvif->stats.rx_tfc_lv == RTW89_TFC_IDLE)
1823 		rtw89_enter_lps(rtwdev, rtwvif->mac_id);
1824 }
1825 
1826 static void rtw89_enter_lps_track(struct rtw89_dev *rtwdev)
1827 {
1828 	struct rtw89_vif *rtwvif;
1829 
1830 	rtw89_for_each_rtwvif(rtwdev, rtwvif)
1831 		rtw89_vif_enter_lps(rtwdev, rtwvif);
1832 }
1833 
1834 void rtw89_traffic_stats_init(struct rtw89_dev *rtwdev,
1835 			      struct rtw89_traffic_stats *stats)
1836 {
1837 	stats->tx_unicast = 0;
1838 	stats->rx_unicast = 0;
1839 	stats->tx_cnt = 0;
1840 	stats->rx_cnt = 0;
1841 	ewma_tp_init(&stats->tx_ewma_tp);
1842 	ewma_tp_init(&stats->rx_ewma_tp);
1843 }
1844 
1845 static void rtw89_track_work(struct work_struct *work)
1846 {
1847 	struct rtw89_dev *rtwdev = container_of(work, struct rtw89_dev,
1848 						track_work.work);
1849 	bool tfc_changed;
1850 
1851 	mutex_lock(&rtwdev->mutex);
1852 
1853 	if (!test_bit(RTW89_FLAG_RUNNING, rtwdev->flags))
1854 		goto out;
1855 
1856 	ieee80211_queue_delayed_work(rtwdev->hw, &rtwdev->track_work,
1857 				     RTW89_TRACK_WORK_PERIOD);
1858 
1859 	tfc_changed = rtw89_traffic_stats_track(rtwdev);
1860 	if (rtwdev->scanning)
1861 		goto out;
1862 
1863 	rtw89_leave_lps(rtwdev);
1864 
1865 	if (tfc_changed) {
1866 		rtw89_hci_recalc_int_mit(rtwdev);
1867 		rtw89_btc_ntfy_wl_sta(rtwdev);
1868 	}
1869 	rtw89_mac_bf_monitor_track(rtwdev);
1870 	rtw89_phy_stat_track(rtwdev);
1871 	rtw89_phy_env_monitor_track(rtwdev);
1872 	rtw89_phy_dig(rtwdev);
1873 	rtw89_chip_rfk_track(rtwdev);
1874 	rtw89_phy_ra_update(rtwdev);
1875 	rtw89_phy_cfo_track(rtwdev);
1876 
1877 	if (rtwdev->lps_enabled && !rtwdev->btc.lps)
1878 		rtw89_enter_lps_track(rtwdev);
1879 
1880 out:
1881 	mutex_unlock(&rtwdev->mutex);
1882 }
1883 
1884 u8 rtw89_core_acquire_bit_map(unsigned long *addr, unsigned long size)
1885 {
1886 	unsigned long bit;
1887 
1888 	bit = find_first_zero_bit(addr, size);
1889 	if (bit < size)
1890 		set_bit(bit, addr);
1891 
1892 	return bit;
1893 }
1894 
1895 void rtw89_core_release_bit_map(unsigned long *addr, u8 bit)
1896 {
1897 	clear_bit(bit, addr);
1898 }
1899 
1900 void rtw89_core_release_all_bits_map(unsigned long *addr, unsigned int nbits)
1901 {
1902 	bitmap_zero(addr, nbits);
1903 }
1904 
1905 int rtw89_core_acquire_sta_ba_entry(struct rtw89_sta *rtwsta, u8 tid, u8 *cam_idx)
1906 {
1907 	struct rtw89_ba_cam_entry *entry;
1908 	u8 idx;
1909 
1910 	idx = rtw89_core_acquire_bit_map(rtwsta->ba_cam_map, RTW89_BA_CAM_NUM);
1911 	if (idx == RTW89_BA_CAM_NUM) {
1912 		/* allocate a static BA CAM to tid=0, so replace the existing
1913 		 * one if BA CAM is full. Hardware will process the original tid
1914 		 * automatically.
1915 		 */
1916 		if (tid != 0)
1917 			return -ENOSPC;
1918 
1919 		idx = 0;
1920 	}
1921 
1922 	entry = &rtwsta->ba_cam_entry[idx];
1923 	entry->tid = tid;
1924 	*cam_idx = idx;
1925 
1926 	return 0;
1927 }
1928 
1929 int rtw89_core_release_sta_ba_entry(struct rtw89_sta *rtwsta, u8 tid, u8 *cam_idx)
1930 {
1931 	struct rtw89_ba_cam_entry *entry;
1932 	int i;
1933 
1934 	for (i = 0; i < RTW89_BA_CAM_NUM; i++) {
1935 		if (!test_bit(i, rtwsta->ba_cam_map))
1936 			continue;
1937 
1938 		entry = &rtwsta->ba_cam_entry[i];
1939 		if (entry->tid != tid)
1940 			continue;
1941 
1942 		rtw89_core_release_bit_map(rtwsta->ba_cam_map, i);
1943 		*cam_idx = i;
1944 		return 0;
1945 	}
1946 
1947 	return -ENOENT;
1948 }
1949 
1950 #define RTW89_TYPE_MAPPING(_type)	\
1951 	case NL80211_IFTYPE_ ## _type:	\
1952 		rtwvif->wifi_role = RTW89_WIFI_ROLE_ ## _type;	\
1953 		break
1954 void rtw89_vif_type_mapping(struct ieee80211_vif *vif, bool assoc)
1955 {
1956 	struct rtw89_vif *rtwvif = (struct rtw89_vif *)vif->drv_priv;
1957 
1958 	switch (vif->type) {
1959 	RTW89_TYPE_MAPPING(ADHOC);
1960 	RTW89_TYPE_MAPPING(STATION);
1961 	RTW89_TYPE_MAPPING(AP);
1962 	RTW89_TYPE_MAPPING(MONITOR);
1963 	RTW89_TYPE_MAPPING(MESH_POINT);
1964 	default:
1965 		WARN_ON(1);
1966 		break;
1967 	}
1968 
1969 	switch (vif->type) {
1970 	case NL80211_IFTYPE_AP:
1971 	case NL80211_IFTYPE_MESH_POINT:
1972 		rtwvif->net_type = RTW89_NET_TYPE_AP_MODE;
1973 		rtwvif->self_role = RTW89_SELF_ROLE_AP;
1974 		break;
1975 	case NL80211_IFTYPE_ADHOC:
1976 		rtwvif->net_type = RTW89_NET_TYPE_AD_HOC;
1977 		rtwvif->self_role = RTW89_SELF_ROLE_CLIENT;
1978 		break;
1979 	case NL80211_IFTYPE_STATION:
1980 		if (assoc) {
1981 			rtwvif->net_type = RTW89_NET_TYPE_INFRA;
1982 			rtwvif->trigger = vif->bss_conf.he_support;
1983 		} else {
1984 			rtwvif->net_type = RTW89_NET_TYPE_NO_LINK;
1985 			rtwvif->trigger = false;
1986 		}
1987 		rtwvif->self_role = RTW89_SELF_ROLE_CLIENT;
1988 		rtwvif->addr_cam.sec_ent_mode = RTW89_ADDR_CAM_SEC_NORMAL;
1989 		break;
1990 	default:
1991 		WARN_ON(1);
1992 		break;
1993 	}
1994 }
1995 
1996 int rtw89_core_sta_add(struct rtw89_dev *rtwdev,
1997 		       struct ieee80211_vif *vif,
1998 		       struct ieee80211_sta *sta)
1999 {
2000 	struct rtw89_vif *rtwvif = (struct rtw89_vif *)vif->drv_priv;
2001 	struct rtw89_sta *rtwsta = (struct rtw89_sta *)sta->drv_priv;
2002 	int i;
2003 
2004 	rtwsta->rtwvif = rtwvif;
2005 	rtwsta->prev_rssi = 0;
2006 
2007 	for (i = 0; i < ARRAY_SIZE(sta->txq); i++)
2008 		rtw89_core_txq_init(rtwdev, sta->txq[i]);
2009 
2010 	ewma_rssi_init(&rtwsta->avg_rssi);
2011 
2012 	if (vif->type == NL80211_IFTYPE_STATION) {
2013 		/* for station mode, assign the mac_id from itself */
2014 		rtwsta->mac_id = rtwvif->mac_id;
2015 		rtw89_btc_ntfy_role_info(rtwdev, rtwvif, rtwsta,
2016 					 BTC_ROLE_MSTS_STA_CONN_START);
2017 		rtw89_chip_rfk_channel(rtwdev);
2018 	} else if (vif->type == NL80211_IFTYPE_AP) {
2019 		rtwsta->mac_id = rtw89_core_acquire_bit_map(rtwdev->mac_id_map,
2020 							    RTW89_MAX_MAC_ID_NUM);
2021 	}
2022 
2023 	return 0;
2024 }
2025 
2026 int rtw89_core_sta_disassoc(struct rtw89_dev *rtwdev,
2027 			    struct ieee80211_vif *vif,
2028 			    struct ieee80211_sta *sta)
2029 {
2030 	struct rtw89_sta *rtwsta = (struct rtw89_sta *)sta->drv_priv;
2031 
2032 	rtwdev->total_sta_assoc--;
2033 	rtwsta->disassoc = true;
2034 
2035 	return 0;
2036 }
2037 
2038 int rtw89_core_sta_disconnect(struct rtw89_dev *rtwdev,
2039 			      struct ieee80211_vif *vif,
2040 			      struct ieee80211_sta *sta)
2041 {
2042 	struct rtw89_vif *rtwvif = (struct rtw89_vif *)vif->drv_priv;
2043 	struct rtw89_sta *rtwsta = (struct rtw89_sta *)sta->drv_priv;
2044 	int ret;
2045 
2046 	rtw89_mac_bf_monitor_calc(rtwdev, sta, true);
2047 	rtw89_mac_bf_disassoc(rtwdev, vif, sta);
2048 	rtw89_core_free_sta_pending_ba(rtwdev, sta);
2049 	if (vif->type == NL80211_IFTYPE_AP)
2050 		rtw89_cam_deinit_addr_cam(rtwdev, &rtwsta->addr_cam);
2051 
2052 	if (vif->type == NL80211_IFTYPE_STATION)
2053 		rtw89_vif_type_mapping(vif, false);
2054 
2055 	ret = rtw89_fw_h2c_assoc_cmac_tbl(rtwdev, vif, sta);
2056 	if (ret) {
2057 		rtw89_warn(rtwdev, "failed to send h2c cmac table\n");
2058 		return ret;
2059 	}
2060 
2061 	ret = rtw89_fw_h2c_join_info(rtwdev, rtwvif, rtwsta, true);
2062 	if (ret) {
2063 		rtw89_warn(rtwdev, "failed to send h2c join info\n");
2064 		return ret;
2065 	}
2066 
2067 	if (vif->type == NL80211_IFTYPE_AP) {
2068 		ret = rtw89_fw_h2c_role_maintain(rtwdev, rtwvif, rtwsta, RTW89_ROLE_REMOVE);
2069 		if (ret) {
2070 			rtw89_warn(rtwdev, "failed to send h2c role info\n");
2071 			return ret;
2072 		}
2073 	}
2074 
2075 	/* update cam aid mac_id net_type */
2076 	ret = rtw89_fw_h2c_cam(rtwdev, rtwvif, rtwsta, NULL);
2077 	if (ret) {
2078 		rtw89_warn(rtwdev, "failed to send h2c cam\n");
2079 		return ret;
2080 	}
2081 
2082 	return ret;
2083 }
2084 
2085 int rtw89_core_sta_assoc(struct rtw89_dev *rtwdev,
2086 			 struct ieee80211_vif *vif,
2087 			 struct ieee80211_sta *sta)
2088 {
2089 	struct rtw89_vif *rtwvif = (struct rtw89_vif *)vif->drv_priv;
2090 	struct rtw89_sta *rtwsta = (struct rtw89_sta *)sta->drv_priv;
2091 	int ret;
2092 
2093 	if (vif->type == NL80211_IFTYPE_AP) {
2094 		ret = rtw89_mac_set_macid_pause(rtwdev, rtwsta->mac_id, false);
2095 		if (ret) {
2096 			rtw89_warn(rtwdev, "failed to send h2c macid pause\n");
2097 			return ret;
2098 		}
2099 
2100 		ret = rtw89_fw_h2c_role_maintain(rtwdev, rtwvif, rtwsta, RTW89_ROLE_CREATE);
2101 		if (ret) {
2102 			rtw89_warn(rtwdev, "failed to send h2c role info\n");
2103 			return ret;
2104 		}
2105 
2106 		ret = rtw89_cam_init_addr_cam(rtwdev, &rtwsta->addr_cam, &rtwvif->bssid_cam);
2107 		if (ret) {
2108 			rtw89_warn(rtwdev, "failed to send h2c init addr cam\n");
2109 			return ret;
2110 		}
2111 	}
2112 
2113 	ret = rtw89_fw_h2c_assoc_cmac_tbl(rtwdev, vif, sta);
2114 	if (ret) {
2115 		rtw89_warn(rtwdev, "failed to send h2c cmac table\n");
2116 		return ret;
2117 	}
2118 
2119 	ret = rtw89_fw_h2c_join_info(rtwdev, rtwvif, rtwsta, false);
2120 	if (ret) {
2121 		rtw89_warn(rtwdev, "failed to send h2c join info\n");
2122 		return ret;
2123 	}
2124 
2125 	/* update cam aid mac_id net_type */
2126 	rtw89_fw_h2c_cam(rtwdev, rtwvif, rtwsta, NULL);
2127 	if (ret) {
2128 		rtw89_warn(rtwdev, "failed to send h2c cam\n");
2129 		return ret;
2130 	}
2131 
2132 	ret = rtw89_fw_h2c_general_pkt(rtwdev, rtwsta->mac_id);
2133 	if (ret) {
2134 		rtw89_warn(rtwdev, "failed to send h2c general packet\n");
2135 		return ret;
2136 	}
2137 
2138 	rtwdev->total_sta_assoc++;
2139 	rtw89_phy_ra_assoc(rtwdev, sta);
2140 	rtw89_mac_bf_assoc(rtwdev, vif, sta);
2141 	rtw89_mac_bf_monitor_calc(rtwdev, sta, false);
2142 
2143 	if (vif->type == NL80211_IFTYPE_STATION) {
2144 		rtw89_btc_ntfy_role_info(rtwdev, rtwvif, rtwsta,
2145 					 BTC_ROLE_MSTS_STA_CONN_END);
2146 		rtw89_core_get_no_ul_ofdma_htc(rtwdev, &rtwsta->htc_template);
2147 	}
2148 
2149 	return ret;
2150 }
2151 
2152 int rtw89_core_sta_remove(struct rtw89_dev *rtwdev,
2153 			  struct ieee80211_vif *vif,
2154 			  struct ieee80211_sta *sta)
2155 {
2156 	struct rtw89_vif *rtwvif = (struct rtw89_vif *)vif->drv_priv;
2157 	struct rtw89_sta *rtwsta = (struct rtw89_sta *)sta->drv_priv;
2158 
2159 	if (vif->type == NL80211_IFTYPE_STATION)
2160 		rtw89_btc_ntfy_role_info(rtwdev, rtwvif, rtwsta,
2161 					 BTC_ROLE_MSTS_STA_DIS_CONN);
2162 	else if (vif->type == NL80211_IFTYPE_AP)
2163 		rtw89_core_release_bit_map(rtwdev->mac_id_map, rtwsta->mac_id);
2164 
2165 	return 0;
2166 }
2167 
2168 static void rtw89_init_ht_cap(struct rtw89_dev *rtwdev,
2169 			      struct ieee80211_sta_ht_cap *ht_cap)
2170 {
2171 	static const __le16 highest[RF_PATH_MAX] = {
2172 		cpu_to_le16(150), cpu_to_le16(300), cpu_to_le16(450), cpu_to_le16(600),
2173 	};
2174 	struct rtw89_hal *hal = &rtwdev->hal;
2175 	u8 nss = hal->rx_nss;
2176 	int i;
2177 
2178 	ht_cap->ht_supported = true;
2179 	ht_cap->cap = 0;
2180 	ht_cap->cap |= IEEE80211_HT_CAP_SGI_20 |
2181 		       IEEE80211_HT_CAP_MAX_AMSDU |
2182 		       IEEE80211_HT_CAP_TX_STBC |
2183 		       (1 << IEEE80211_HT_CAP_RX_STBC_SHIFT);
2184 	ht_cap->cap |= IEEE80211_HT_CAP_LDPC_CODING;
2185 	ht_cap->cap |= IEEE80211_HT_CAP_SUP_WIDTH_20_40 |
2186 		       IEEE80211_HT_CAP_DSSSCCK40 |
2187 		       IEEE80211_HT_CAP_SGI_40;
2188 	ht_cap->ampdu_factor = IEEE80211_HT_MAX_AMPDU_64K;
2189 	ht_cap->ampdu_density = IEEE80211_HT_MPDU_DENSITY_NONE;
2190 	ht_cap->mcs.tx_params = IEEE80211_HT_MCS_TX_DEFINED;
2191 	for (i = 0; i < nss; i++)
2192 		ht_cap->mcs.rx_mask[i] = 0xFF;
2193 	ht_cap->mcs.rx_mask[4] = 0x01;
2194 	ht_cap->mcs.rx_highest = highest[nss - 1];
2195 }
2196 
2197 static void rtw89_init_vht_cap(struct rtw89_dev *rtwdev,
2198 			       struct ieee80211_sta_vht_cap *vht_cap)
2199 {
2200 	static const __le16 highest[RF_PATH_MAX] = {
2201 		cpu_to_le16(433), cpu_to_le16(867), cpu_to_le16(1300), cpu_to_le16(1733),
2202 	};
2203 	struct rtw89_hal *hal = &rtwdev->hal;
2204 	u16 tx_mcs_map = 0, rx_mcs_map = 0;
2205 	u8 sts_cap = 3;
2206 	int i;
2207 
2208 	for (i = 0; i < 8; i++) {
2209 		if (i < hal->tx_nss)
2210 			tx_mcs_map |= IEEE80211_VHT_MCS_SUPPORT_0_9 << (i * 2);
2211 		else
2212 			tx_mcs_map |= IEEE80211_VHT_MCS_NOT_SUPPORTED << (i * 2);
2213 		if (i < hal->rx_nss)
2214 			rx_mcs_map |= IEEE80211_VHT_MCS_SUPPORT_0_9 << (i * 2);
2215 		else
2216 			rx_mcs_map |= IEEE80211_VHT_MCS_NOT_SUPPORTED << (i * 2);
2217 	}
2218 
2219 	vht_cap->vht_supported = true;
2220 	vht_cap->cap = IEEE80211_VHT_CAP_MAX_MPDU_LENGTH_11454 |
2221 		       IEEE80211_VHT_CAP_SHORT_GI_80 |
2222 		       IEEE80211_VHT_CAP_RXSTBC_1 |
2223 		       IEEE80211_VHT_CAP_HTC_VHT |
2224 		       IEEE80211_VHT_CAP_MAX_A_MPDU_LENGTH_EXPONENT_MASK |
2225 		       0;
2226 	vht_cap->cap |= IEEE80211_VHT_CAP_TXSTBC;
2227 	vht_cap->cap |= IEEE80211_VHT_CAP_RXLDPC;
2228 	vht_cap->cap |= IEEE80211_VHT_CAP_MU_BEAMFORMEE_CAPABLE |
2229 			IEEE80211_VHT_CAP_SU_BEAMFORMEE_CAPABLE;
2230 	vht_cap->cap |= sts_cap << IEEE80211_VHT_CAP_BEAMFORMEE_STS_SHIFT;
2231 	vht_cap->vht_mcs.rx_mcs_map = cpu_to_le16(rx_mcs_map);
2232 	vht_cap->vht_mcs.tx_mcs_map = cpu_to_le16(tx_mcs_map);
2233 	vht_cap->vht_mcs.rx_highest = highest[hal->rx_nss - 1];
2234 	vht_cap->vht_mcs.tx_highest = highest[hal->tx_nss - 1];
2235 }
2236 
2237 #define RTW89_SBAND_IFTYPES_NR 2
2238 
2239 static void rtw89_init_he_cap(struct rtw89_dev *rtwdev,
2240 			      enum nl80211_band band,
2241 			      struct ieee80211_supported_band *sband)
2242 {
2243 	const struct rtw89_chip_info *chip = rtwdev->chip;
2244 	struct rtw89_hal *hal = &rtwdev->hal;
2245 	struct ieee80211_sband_iftype_data *iftype_data;
2246 	bool no_ng16 = (chip->chip_id == RTL8852A && hal->cv == CHIP_CBV) ||
2247 		       (chip->chip_id == RTL8852B && hal->cv == CHIP_CAV);
2248 	u16 mcs_map = 0;
2249 	int i;
2250 	int nss = hal->rx_nss;
2251 	int idx = 0;
2252 
2253 	iftype_data = kcalloc(RTW89_SBAND_IFTYPES_NR, sizeof(*iftype_data), GFP_KERNEL);
2254 	if (!iftype_data)
2255 		return;
2256 
2257 	for (i = 0; i < 8; i++) {
2258 		if (i < nss)
2259 			mcs_map |= IEEE80211_HE_MCS_SUPPORT_0_11 << (i * 2);
2260 		else
2261 			mcs_map |= IEEE80211_HE_MCS_NOT_SUPPORTED << (i * 2);
2262 	}
2263 
2264 	for (i = 0; i < NUM_NL80211_IFTYPES; i++) {
2265 		struct ieee80211_sta_he_cap *he_cap;
2266 		u8 *mac_cap_info;
2267 		u8 *phy_cap_info;
2268 
2269 		switch (i) {
2270 		case NL80211_IFTYPE_STATION:
2271 		case NL80211_IFTYPE_AP:
2272 			break;
2273 		default:
2274 			continue;
2275 		}
2276 
2277 		if (idx >= RTW89_SBAND_IFTYPES_NR) {
2278 			rtw89_warn(rtwdev, "run out of iftype_data\n");
2279 			break;
2280 		}
2281 
2282 		iftype_data[idx].types_mask = BIT(i);
2283 		he_cap = &iftype_data[idx].he_cap;
2284 		mac_cap_info = he_cap->he_cap_elem.mac_cap_info;
2285 		phy_cap_info = he_cap->he_cap_elem.phy_cap_info;
2286 
2287 		he_cap->has_he = true;
2288 		if (i == NL80211_IFTYPE_AP)
2289 			mac_cap_info[0] = IEEE80211_HE_MAC_CAP0_HTC_HE;
2290 		if (i == NL80211_IFTYPE_STATION)
2291 			mac_cap_info[1] = IEEE80211_HE_MAC_CAP1_TF_MAC_PAD_DUR_16US;
2292 		mac_cap_info[2] = IEEE80211_HE_MAC_CAP2_ALL_ACK |
2293 				  IEEE80211_HE_MAC_CAP2_BSR;
2294 		mac_cap_info[3] = IEEE80211_HE_MAC_CAP3_MAX_AMPDU_LEN_EXP_EXT_2;
2295 		if (i == NL80211_IFTYPE_AP)
2296 			mac_cap_info[3] |= IEEE80211_HE_MAC_CAP3_OMI_CONTROL;
2297 		mac_cap_info[4] = IEEE80211_HE_MAC_CAP4_OPS |
2298 				  IEEE80211_HE_MAC_CAP4_AMSDU_IN_AMPDU;
2299 		if (i == NL80211_IFTYPE_STATION)
2300 			mac_cap_info[5] = IEEE80211_HE_MAC_CAP5_HT_VHT_TRIG_FRAME_RX;
2301 		phy_cap_info[0] = IEEE80211_HE_PHY_CAP0_CHANNEL_WIDTH_SET_40MHZ_IN_2G |
2302 				  IEEE80211_HE_PHY_CAP0_CHANNEL_WIDTH_SET_40MHZ_80MHZ_IN_5G;
2303 		phy_cap_info[1] = IEEE80211_HE_PHY_CAP1_DEVICE_CLASS_A |
2304 				  IEEE80211_HE_PHY_CAP1_LDPC_CODING_IN_PAYLOAD |
2305 				  IEEE80211_HE_PHY_CAP1_HE_LTF_AND_GI_FOR_HE_PPDUS_0_8US;
2306 		phy_cap_info[2] = IEEE80211_HE_PHY_CAP2_NDP_4x_LTF_AND_3_2US |
2307 				  IEEE80211_HE_PHY_CAP2_STBC_TX_UNDER_80MHZ |
2308 				  IEEE80211_HE_PHY_CAP2_STBC_RX_UNDER_80MHZ |
2309 				  IEEE80211_HE_PHY_CAP2_DOPPLER_TX;
2310 		phy_cap_info[3] = IEEE80211_HE_PHY_CAP3_DCM_MAX_CONST_RX_16_QAM;
2311 		if (i == NL80211_IFTYPE_STATION)
2312 			phy_cap_info[3] |= IEEE80211_HE_PHY_CAP3_DCM_MAX_CONST_TX_16_QAM |
2313 					   IEEE80211_HE_PHY_CAP3_DCM_MAX_TX_NSS_2;
2314 		if (i == NL80211_IFTYPE_AP)
2315 			phy_cap_info[3] |= IEEE80211_HE_PHY_CAP3_RX_PARTIAL_BW_SU_IN_20MHZ_MU;
2316 		phy_cap_info[4] = IEEE80211_HE_PHY_CAP4_SU_BEAMFORMEE |
2317 				  IEEE80211_HE_PHY_CAP4_BEAMFORMEE_MAX_STS_UNDER_80MHZ_4;
2318 		phy_cap_info[5] = no_ng16 ? 0 :
2319 				  IEEE80211_HE_PHY_CAP5_NG16_SU_FEEDBACK |
2320 				  IEEE80211_HE_PHY_CAP5_NG16_MU_FEEDBACK;
2321 		phy_cap_info[6] = IEEE80211_HE_PHY_CAP6_CODEBOOK_SIZE_42_SU |
2322 				  IEEE80211_HE_PHY_CAP6_CODEBOOK_SIZE_75_MU |
2323 				  IEEE80211_HE_PHY_CAP6_TRIG_SU_BEAMFORMING_FB |
2324 				  IEEE80211_HE_PHY_CAP6_PARTIAL_BW_EXT_RANGE;
2325 		phy_cap_info[7] = IEEE80211_HE_PHY_CAP7_POWER_BOOST_FACTOR_SUPP |
2326 				  IEEE80211_HE_PHY_CAP7_HE_SU_MU_PPDU_4XLTF_AND_08_US_GI |
2327 				  IEEE80211_HE_PHY_CAP7_MAX_NC_1;
2328 		phy_cap_info[8] = IEEE80211_HE_PHY_CAP8_HE_ER_SU_PPDU_4XLTF_AND_08_US_GI |
2329 				  IEEE80211_HE_PHY_CAP8_HE_ER_SU_1XLTF_AND_08_US_GI |
2330 				  IEEE80211_HE_PHY_CAP8_DCM_MAX_RU_996;
2331 		phy_cap_info[9] = IEEE80211_HE_PHY_CAP9_LONGER_THAN_16_SIGB_OFDM_SYM |
2332 				  IEEE80211_HE_PHY_CAP9_RX_1024_QAM_LESS_THAN_242_TONE_RU |
2333 				  IEEE80211_HE_PHY_CAP9_RX_FULL_BW_SU_USING_MU_WITH_COMP_SIGB |
2334 				  IEEE80211_HE_PHY_CAP9_RX_FULL_BW_SU_USING_MU_WITH_NON_COMP_SIGB |
2335 				  u8_encode_bits(IEEE80211_HE_PHY_CAP9_NOMINAL_PKT_PADDING_16US,
2336 						 IEEE80211_HE_PHY_CAP9_NOMINAL_PKT_PADDING_MASK);
2337 		if (i == NL80211_IFTYPE_STATION)
2338 			phy_cap_info[9] |= IEEE80211_HE_PHY_CAP9_TX_1024_QAM_LESS_THAN_242_TONE_RU;
2339 		he_cap->he_mcs_nss_supp.rx_mcs_80 = cpu_to_le16(mcs_map);
2340 		he_cap->he_mcs_nss_supp.tx_mcs_80 = cpu_to_le16(mcs_map);
2341 
2342 		idx++;
2343 	}
2344 
2345 	sband->iftype_data = iftype_data;
2346 	sband->n_iftype_data = idx;
2347 }
2348 
2349 static int rtw89_core_set_supported_band(struct rtw89_dev *rtwdev)
2350 {
2351 	struct ieee80211_hw *hw = rtwdev->hw;
2352 	struct ieee80211_supported_band *sband_2ghz = NULL, *sband_5ghz = NULL;
2353 	struct ieee80211_supported_band *sband_6ghz = NULL;
2354 	u32 size = sizeof(struct ieee80211_supported_band);
2355 	u8 support_bands = rtwdev->chip->support_bands;
2356 
2357 	if (support_bands & BIT(NL80211_BAND_2GHZ)) {
2358 		sband_2ghz = kmemdup(&rtw89_sband_2ghz, size, GFP_KERNEL);
2359 		if (!sband_2ghz)
2360 			goto err;
2361 		rtw89_init_ht_cap(rtwdev, &sband_2ghz->ht_cap);
2362 		rtw89_init_he_cap(rtwdev, NL80211_BAND_2GHZ, sband_2ghz);
2363 		hw->wiphy->bands[NL80211_BAND_2GHZ] = sband_2ghz;
2364 	}
2365 
2366 	if (support_bands & BIT(NL80211_BAND_5GHZ)) {
2367 		sband_5ghz = kmemdup(&rtw89_sband_5ghz, size, GFP_KERNEL);
2368 		if (!sband_5ghz)
2369 			goto err;
2370 		rtw89_init_ht_cap(rtwdev, &sband_5ghz->ht_cap);
2371 		rtw89_init_vht_cap(rtwdev, &sband_5ghz->vht_cap);
2372 		rtw89_init_he_cap(rtwdev, NL80211_BAND_5GHZ, sband_5ghz);
2373 		hw->wiphy->bands[NL80211_BAND_5GHZ] = sband_5ghz;
2374 	}
2375 
2376 	if (support_bands & BIT(NL80211_BAND_6GHZ)) {
2377 		sband_6ghz = kmemdup(&rtw89_sband_6ghz, size, GFP_KERNEL);
2378 		if (!sband_6ghz)
2379 			goto err;
2380 		rtw89_init_he_cap(rtwdev, NL80211_BAND_6GHZ, sband_6ghz);
2381 		hw->wiphy->bands[NL80211_BAND_6GHZ] = sband_6ghz;
2382 	}
2383 
2384 	return 0;
2385 
2386 err:
2387 	hw->wiphy->bands[NL80211_BAND_2GHZ] = NULL;
2388 	hw->wiphy->bands[NL80211_BAND_5GHZ] = NULL;
2389 	hw->wiphy->bands[NL80211_BAND_6GHZ] = NULL;
2390 	if (sband_2ghz)
2391 		kfree(sband_2ghz->iftype_data);
2392 	if (sband_5ghz)
2393 		kfree(sband_5ghz->iftype_data);
2394 	if (sband_6ghz)
2395 		kfree(sband_6ghz->iftype_data);
2396 	kfree(sband_2ghz);
2397 	kfree(sband_5ghz);
2398 	kfree(sband_6ghz);
2399 	return -ENOMEM;
2400 }
2401 
2402 static void rtw89_core_clr_supported_band(struct rtw89_dev *rtwdev)
2403 {
2404 	struct ieee80211_hw *hw = rtwdev->hw;
2405 
2406 	kfree(hw->wiphy->bands[NL80211_BAND_2GHZ]->iftype_data);
2407 	kfree(hw->wiphy->bands[NL80211_BAND_5GHZ]->iftype_data);
2408 	if (hw->wiphy->bands[NL80211_BAND_6GHZ])
2409 		kfree(hw->wiphy->bands[NL80211_BAND_6GHZ]->iftype_data);
2410 	kfree(hw->wiphy->bands[NL80211_BAND_2GHZ]);
2411 	kfree(hw->wiphy->bands[NL80211_BAND_5GHZ]);
2412 	kfree(hw->wiphy->bands[NL80211_BAND_6GHZ]);
2413 	hw->wiphy->bands[NL80211_BAND_2GHZ] = NULL;
2414 	hw->wiphy->bands[NL80211_BAND_5GHZ] = NULL;
2415 	hw->wiphy->bands[NL80211_BAND_6GHZ] = NULL;
2416 }
2417 
2418 static void rtw89_core_ppdu_sts_init(struct rtw89_dev *rtwdev)
2419 {
2420 	int i;
2421 
2422 	for (i = 0; i < RTW89_PHY_MAX; i++)
2423 		skb_queue_head_init(&rtwdev->ppdu_sts.rx_queue[i]);
2424 	for (i = 0; i < RTW89_PHY_MAX; i++)
2425 		rtwdev->ppdu_sts.curr_rx_ppdu_cnt[i] = U8_MAX;
2426 }
2427 
2428 void rtw89_core_update_beacon_work(struct work_struct *work)
2429 {
2430 	struct rtw89_dev *rtwdev;
2431 	struct rtw89_vif *rtwvif = container_of(work, struct rtw89_vif,
2432 						update_beacon_work);
2433 
2434 	if (rtwvif->net_type != RTW89_NET_TYPE_AP_MODE)
2435 		return;
2436 
2437 	rtwdev = rtwvif->rtwdev;
2438 	mutex_lock(&rtwdev->mutex);
2439 	rtw89_fw_h2c_update_beacon(rtwdev, rtwvif);
2440 	mutex_unlock(&rtwdev->mutex);
2441 }
2442 
2443 int rtw89_core_start(struct rtw89_dev *rtwdev)
2444 {
2445 	int ret;
2446 
2447 	rtwdev->mac.qta_mode = RTW89_QTA_SCC;
2448 	ret = rtw89_mac_init(rtwdev);
2449 	if (ret) {
2450 		rtw89_err(rtwdev, "mac init fail, ret:%d\n", ret);
2451 		return ret;
2452 	}
2453 
2454 	rtw89_btc_ntfy_poweron(rtwdev);
2455 
2456 	/* efuse process */
2457 
2458 	/* pre-config BB/RF, BB reset/RFC reset */
2459 	rtw89_mac_disable_bb_rf(rtwdev);
2460 	rtw89_mac_enable_bb_rf(rtwdev);
2461 	rtw89_phy_init_bb_reg(rtwdev);
2462 	rtw89_phy_init_rf_reg(rtwdev);
2463 
2464 	rtw89_btc_ntfy_init(rtwdev, BTC_MODE_NORMAL);
2465 
2466 	rtw89_phy_dm_init(rtwdev);
2467 
2468 	rtw89_mac_cfg_ppdu_status(rtwdev, RTW89_MAC_0, true);
2469 	rtw89_mac_update_rts_threshold(rtwdev, RTW89_MAC_0);
2470 
2471 	ret = rtw89_hci_start(rtwdev);
2472 	if (ret) {
2473 		rtw89_err(rtwdev, "failed to start hci\n");
2474 		return ret;
2475 	}
2476 
2477 	ieee80211_queue_delayed_work(rtwdev->hw, &rtwdev->track_work,
2478 				     RTW89_TRACK_WORK_PERIOD);
2479 
2480 	set_bit(RTW89_FLAG_RUNNING, rtwdev->flags);
2481 
2482 	rtw89_btc_ntfy_radio_state(rtwdev, BTC_RFCTRL_WL_ON);
2483 	rtw89_fw_h2c_fw_log(rtwdev, rtwdev->fw.fw_log_enable);
2484 
2485 	return 0;
2486 }
2487 
2488 void rtw89_core_stop(struct rtw89_dev *rtwdev)
2489 {
2490 	struct rtw89_btc *btc = &rtwdev->btc;
2491 
2492 	/* Prvent to stop twice; enter_ips and ops_stop */
2493 	if (!test_bit(RTW89_FLAG_RUNNING, rtwdev->flags))
2494 		return;
2495 
2496 	rtw89_btc_ntfy_radio_state(rtwdev, BTC_RFCTRL_WL_OFF);
2497 
2498 	clear_bit(RTW89_FLAG_RUNNING, rtwdev->flags);
2499 
2500 	mutex_unlock(&rtwdev->mutex);
2501 
2502 	cancel_work_sync(&rtwdev->c2h_work);
2503 	cancel_work_sync(&btc->eapol_notify_work);
2504 	cancel_work_sync(&btc->arp_notify_work);
2505 	cancel_work_sync(&btc->dhcp_notify_work);
2506 	cancel_work_sync(&btc->icmp_notify_work);
2507 	cancel_delayed_work_sync(&rtwdev->txq_reinvoke_work);
2508 	cancel_delayed_work_sync(&rtwdev->track_work);
2509 	cancel_delayed_work_sync(&rtwdev->coex_act1_work);
2510 	cancel_delayed_work_sync(&rtwdev->coex_bt_devinfo_work);
2511 	cancel_delayed_work_sync(&rtwdev->coex_rfk_chk_work);
2512 	cancel_delayed_work_sync(&rtwdev->cfo_track_work);
2513 
2514 	mutex_lock(&rtwdev->mutex);
2515 
2516 	rtw89_btc_ntfy_poweroff(rtwdev);
2517 	rtw89_hci_flush_queues(rtwdev, BIT(rtwdev->hw->queues) - 1, true);
2518 	rtw89_mac_flush_txq(rtwdev, BIT(rtwdev->hw->queues) - 1, true);
2519 	rtw89_hci_stop(rtwdev);
2520 	rtw89_hci_deinit(rtwdev);
2521 	rtw89_mac_pwr_off(rtwdev);
2522 	rtw89_hci_reset(rtwdev);
2523 }
2524 
2525 int rtw89_core_init(struct rtw89_dev *rtwdev)
2526 {
2527 	struct rtw89_btc *btc = &rtwdev->btc;
2528 	int ret;
2529 
2530 	INIT_LIST_HEAD(&rtwdev->ba_list);
2531 	INIT_LIST_HEAD(&rtwdev->rtwvifs_list);
2532 	INIT_LIST_HEAD(&rtwdev->early_h2c_list);
2533 	INIT_WORK(&rtwdev->ba_work, rtw89_core_ba_work);
2534 	INIT_WORK(&rtwdev->txq_work, rtw89_core_txq_work);
2535 	INIT_DELAYED_WORK(&rtwdev->txq_reinvoke_work, rtw89_core_txq_reinvoke_work);
2536 	INIT_DELAYED_WORK(&rtwdev->track_work, rtw89_track_work);
2537 	INIT_DELAYED_WORK(&rtwdev->coex_act1_work, rtw89_coex_act1_work);
2538 	INIT_DELAYED_WORK(&rtwdev->coex_bt_devinfo_work, rtw89_coex_bt_devinfo_work);
2539 	INIT_DELAYED_WORK(&rtwdev->coex_rfk_chk_work, rtw89_coex_rfk_chk_work);
2540 	INIT_DELAYED_WORK(&rtwdev->cfo_track_work, rtw89_phy_cfo_track_work);
2541 	rtwdev->txq_wq = alloc_workqueue("rtw89_tx_wq", WQ_UNBOUND | WQ_HIGHPRI, 0);
2542 	spin_lock_init(&rtwdev->ba_lock);
2543 	mutex_init(&rtwdev->mutex);
2544 	mutex_init(&rtwdev->rf_mutex);
2545 	rtwdev->total_sta_assoc = 0;
2546 
2547 	INIT_WORK(&rtwdev->c2h_work, rtw89_fw_c2h_work);
2548 	skb_queue_head_init(&rtwdev->c2h_queue);
2549 	rtw89_core_ppdu_sts_init(rtwdev);
2550 	rtw89_traffic_stats_init(rtwdev, &rtwdev->stats);
2551 
2552 	rtwdev->ps_mode = rtw89_update_ps_mode(rtwdev);
2553 	rtwdev->hal.rx_fltr = DEFAULT_AX_RX_FLTR;
2554 
2555 	INIT_WORK(&btc->eapol_notify_work, rtw89_btc_ntfy_eapol_packet_work);
2556 	INIT_WORK(&btc->arp_notify_work, rtw89_btc_ntfy_arp_packet_work);
2557 	INIT_WORK(&btc->dhcp_notify_work, rtw89_btc_ntfy_dhcp_packet_work);
2558 	INIT_WORK(&btc->icmp_notify_work, rtw89_btc_ntfy_icmp_packet_work);
2559 
2560 	ret = rtw89_load_firmware(rtwdev);
2561 	if (ret) {
2562 		rtw89_warn(rtwdev, "no firmware loaded\n");
2563 		return ret;
2564 	}
2565 	rtw89_ser_init(rtwdev);
2566 
2567 	return 0;
2568 }
2569 EXPORT_SYMBOL(rtw89_core_init);
2570 
2571 void rtw89_core_deinit(struct rtw89_dev *rtwdev)
2572 {
2573 	rtw89_ser_deinit(rtwdev);
2574 	rtw89_unload_firmware(rtwdev);
2575 	rtw89_fw_free_all_early_h2c(rtwdev);
2576 
2577 	destroy_workqueue(rtwdev->txq_wq);
2578 	mutex_destroy(&rtwdev->rf_mutex);
2579 	mutex_destroy(&rtwdev->mutex);
2580 }
2581 EXPORT_SYMBOL(rtw89_core_deinit);
2582 
2583 static void rtw89_read_chip_ver(struct rtw89_dev *rtwdev)
2584 {
2585 	u8 cv;
2586 
2587 	cv = rtw89_read32_mask(rtwdev, R_AX_SYS_CFG1, B_AX_CHIP_VER_MASK);
2588 	if (cv <= CHIP_CBV) {
2589 		if (rtw89_read32(rtwdev, R_AX_GPIO0_7_FUNC_SEL) == RTW89_R32_DEAD)
2590 			cv = CHIP_CAV;
2591 		else
2592 			cv = CHIP_CBV;
2593 	}
2594 
2595 	rtwdev->hal.cv = cv;
2596 }
2597 
2598 static void rtw89_core_setup_phycap(struct rtw89_dev *rtwdev)
2599 {
2600 	rtwdev->hal.support_cckpd =
2601 		!(rtwdev->chip->chip_id == RTL8852A && rtwdev->hal.cv <= CHIP_CBV) &&
2602 		!(rtwdev->chip->chip_id == RTL8852B && rtwdev->hal.cv <= CHIP_CAV);
2603 }
2604 
2605 static int rtw89_chip_efuse_info_setup(struct rtw89_dev *rtwdev)
2606 {
2607 	int ret;
2608 
2609 	ret = rtw89_mac_partial_init(rtwdev);
2610 	if (ret)
2611 		return ret;
2612 
2613 	ret = rtw89_parse_efuse_map(rtwdev);
2614 	if (ret)
2615 		return ret;
2616 
2617 	ret = rtw89_parse_phycap_map(rtwdev);
2618 	if (ret)
2619 		return ret;
2620 
2621 	ret = rtw89_mac_setup_phycap(rtwdev);
2622 	if (ret)
2623 		return ret;
2624 
2625 	rtw89_core_setup_phycap(rtwdev);
2626 
2627 	rtw89_mac_pwr_off(rtwdev);
2628 
2629 	return 0;
2630 }
2631 
2632 static int rtw89_chip_board_info_setup(struct rtw89_dev *rtwdev)
2633 {
2634 	rtw89_chip_fem_setup(rtwdev);
2635 
2636 	return 0;
2637 }
2638 
2639 int rtw89_chip_info_setup(struct rtw89_dev *rtwdev)
2640 {
2641 	int ret;
2642 
2643 	rtw89_read_chip_ver(rtwdev);
2644 
2645 	ret = rtw89_wait_firmware_completion(rtwdev);
2646 	if (ret) {
2647 		rtw89_err(rtwdev, "failed to wait firmware completion\n");
2648 		return ret;
2649 	}
2650 
2651 	ret = rtw89_fw_recognize(rtwdev);
2652 	if (ret) {
2653 		rtw89_err(rtwdev, "failed to recognize firmware\n");
2654 		return ret;
2655 	}
2656 
2657 	ret = rtw89_chip_efuse_info_setup(rtwdev);
2658 	if (ret)
2659 		return ret;
2660 
2661 	ret = rtw89_chip_board_info_setup(rtwdev);
2662 	if (ret)
2663 		return ret;
2664 
2665 	return 0;
2666 }
2667 EXPORT_SYMBOL(rtw89_chip_info_setup);
2668 
2669 static int rtw89_core_register_hw(struct rtw89_dev *rtwdev)
2670 {
2671 	struct ieee80211_hw *hw = rtwdev->hw;
2672 	struct rtw89_efuse *efuse = &rtwdev->efuse;
2673 	int ret;
2674 	int tx_headroom = IEEE80211_HT_CTL_LEN;
2675 
2676 	hw->vif_data_size = sizeof(struct rtw89_vif);
2677 	hw->sta_data_size = sizeof(struct rtw89_sta);
2678 	hw->txq_data_size = sizeof(struct rtw89_txq);
2679 
2680 	SET_IEEE80211_PERM_ADDR(hw, efuse->addr);
2681 
2682 	hw->extra_tx_headroom = tx_headroom;
2683 	hw->queues = IEEE80211_NUM_ACS;
2684 	hw->max_rx_aggregation_subframes = RTW89_MAX_RX_AGG_NUM;
2685 	hw->max_tx_aggregation_subframes = RTW89_MAX_TX_AGG_NUM;
2686 
2687 	ieee80211_hw_set(hw, SIGNAL_DBM);
2688 	ieee80211_hw_set(hw, HAS_RATE_CONTROL);
2689 	ieee80211_hw_set(hw, MFP_CAPABLE);
2690 	ieee80211_hw_set(hw, REPORTS_TX_ACK_STATUS);
2691 	ieee80211_hw_set(hw, AMPDU_AGGREGATION);
2692 	ieee80211_hw_set(hw, RX_INCLUDES_FCS);
2693 	ieee80211_hw_set(hw, TX_AMSDU);
2694 	ieee80211_hw_set(hw, SUPPORT_FAST_XMIT);
2695 	ieee80211_hw_set(hw, SUPPORTS_AMSDU_IN_AMPDU);
2696 	ieee80211_hw_set(hw, SUPPORTS_PS);
2697 	ieee80211_hw_set(hw, SUPPORTS_DYNAMIC_PS);
2698 
2699 	hw->wiphy->interface_modes = BIT(NL80211_IFTYPE_STATION) |
2700 				     BIT(NL80211_IFTYPE_AP);
2701 	hw->wiphy->available_antennas_tx = BIT(rtwdev->chip->rf_path_num) - 1;
2702 	hw->wiphy->available_antennas_rx = BIT(rtwdev->chip->rf_path_num) - 1;
2703 
2704 	hw->wiphy->features |= NL80211_FEATURE_SCAN_RANDOM_MAC_ADDR;
2705 
2706 	wiphy_ext_feature_set(hw->wiphy, NL80211_EXT_FEATURE_CAN_REPLACE_PTK0);
2707 
2708 	ret = rtw89_core_set_supported_band(rtwdev);
2709 	if (ret) {
2710 		rtw89_err(rtwdev, "failed to set supported band\n");
2711 		return ret;
2712 	}
2713 
2714 	hw->wiphy->reg_notifier = rtw89_regd_notifier;
2715 	hw->wiphy->sar_capa = &rtw89_sar_capa;
2716 
2717 	ret = ieee80211_register_hw(hw);
2718 	if (ret) {
2719 		rtw89_err(rtwdev, "failed to register hw\n");
2720 		goto err;
2721 	}
2722 
2723 	ret = rtw89_regd_init(rtwdev, rtw89_regd_notifier);
2724 	if (ret) {
2725 		rtw89_err(rtwdev, "failed to init regd\n");
2726 		goto err;
2727 	}
2728 
2729 	return 0;
2730 
2731 err:
2732 	return ret;
2733 }
2734 
2735 static void rtw89_core_unregister_hw(struct rtw89_dev *rtwdev)
2736 {
2737 	struct ieee80211_hw *hw = rtwdev->hw;
2738 
2739 	ieee80211_unregister_hw(hw);
2740 	rtw89_core_clr_supported_band(rtwdev);
2741 }
2742 
2743 int rtw89_core_register(struct rtw89_dev *rtwdev)
2744 {
2745 	int ret;
2746 
2747 	ret = rtw89_core_register_hw(rtwdev);
2748 	if (ret) {
2749 		rtw89_err(rtwdev, "failed to register core hw\n");
2750 		return ret;
2751 	}
2752 
2753 	rtw89_debugfs_init(rtwdev);
2754 
2755 	return 0;
2756 }
2757 EXPORT_SYMBOL(rtw89_core_register);
2758 
2759 void rtw89_core_unregister(struct rtw89_dev *rtwdev)
2760 {
2761 	rtw89_core_unregister_hw(rtwdev);
2762 }
2763 EXPORT_SYMBOL(rtw89_core_unregister);
2764 
2765 MODULE_AUTHOR("Realtek Corporation");
2766 MODULE_DESCRIPTION("Realtek 802.11ax wireless core module");
2767 MODULE_LICENSE("Dual BSD/GPL");
2768