Loading...
Note: File does not exist in v3.1.
1// SPDX-License-Identifier: ISC
2/*
3 * Copyright (C) 2022 MediaTek Inc.
4 */
5
6#include <linux/firmware.h>
7#include <linux/fs.h>
8#include "mt7996.h"
9#include "mcu.h"
10#include "mac.h"
11#include "eeprom.h"
12
13struct mt7996_patch_hdr {
14 char build_date[16];
15 char platform[4];
16 __be32 hw_sw_ver;
17 __be32 patch_ver;
18 __be16 checksum;
19 u16 reserved;
20 struct {
21 __be32 patch_ver;
22 __be32 subsys;
23 __be32 feature;
24 __be32 n_region;
25 __be32 crc;
26 u32 reserved[11];
27 } desc;
28} __packed;
29
30struct mt7996_patch_sec {
31 __be32 type;
32 __be32 offs;
33 __be32 size;
34 union {
35 __be32 spec[13];
36 struct {
37 __be32 addr;
38 __be32 len;
39 __be32 sec_key_idx;
40 __be32 align_len;
41 u32 reserved[9];
42 } info;
43 };
44} __packed;
45
46struct mt7996_fw_trailer {
47 u8 chip_id;
48 u8 eco_code;
49 u8 n_region;
50 u8 format_ver;
51 u8 format_flag;
52 u8 reserved[2];
53 char fw_ver[10];
54 char build_date[15];
55 u32 crc;
56} __packed;
57
58struct mt7996_fw_region {
59 __le32 decomp_crc;
60 __le32 decomp_len;
61 __le32 decomp_blk_sz;
62 u8 reserved[4];
63 __le32 addr;
64 __le32 len;
65 u8 feature_set;
66 u8 reserved1[15];
67} __packed;
68
69#define MCU_PATCH_ADDRESS 0x200000
70
71#define HE_PHY(p, c) u8_get_bits(c, IEEE80211_HE_PHY_##p)
72#define HE_MAC(m, c) u8_get_bits(c, IEEE80211_HE_MAC_##m)
73
74static bool sr_scene_detect = true;
75module_param(sr_scene_detect, bool, 0644);
76MODULE_PARM_DESC(sr_scene_detect, "Enable firmware scene detection algorithm");
77
78static u8
79mt7996_mcu_get_sta_nss(u16 mcs_map)
80{
81 u8 nss;
82
83 for (nss = 8; nss > 0; nss--) {
84 u8 nss_mcs = (mcs_map >> (2 * (nss - 1))) & 3;
85
86 if (nss_mcs != IEEE80211_VHT_MCS_NOT_SUPPORTED)
87 break;
88 }
89
90 return nss - 1;
91}
92
93static void
94mt7996_mcu_set_sta_he_mcs(struct ieee80211_sta *sta, __le16 *he_mcs,
95 u16 mcs_map)
96{
97 struct mt7996_sta *msta = (struct mt7996_sta *)sta->drv_priv;
98 enum nl80211_band band = msta->vif->phy->mt76->chandef.chan->band;
99 const u16 *mask = msta->vif->bitrate_mask.control[band].he_mcs;
100 int nss, max_nss = sta->deflink.rx_nss > 3 ? 4 : sta->deflink.rx_nss;
101
102 for (nss = 0; nss < max_nss; nss++) {
103 int mcs;
104
105 switch ((mcs_map >> (2 * nss)) & 0x3) {
106 case IEEE80211_HE_MCS_SUPPORT_0_11:
107 mcs = GENMASK(11, 0);
108 break;
109 case IEEE80211_HE_MCS_SUPPORT_0_9:
110 mcs = GENMASK(9, 0);
111 break;
112 case IEEE80211_HE_MCS_SUPPORT_0_7:
113 mcs = GENMASK(7, 0);
114 break;
115 default:
116 mcs = 0;
117 }
118
119 mcs = mcs ? fls(mcs & mask[nss]) - 1 : -1;
120
121 switch (mcs) {
122 case 0 ... 7:
123 mcs = IEEE80211_HE_MCS_SUPPORT_0_7;
124 break;
125 case 8 ... 9:
126 mcs = IEEE80211_HE_MCS_SUPPORT_0_9;
127 break;
128 case 10 ... 11:
129 mcs = IEEE80211_HE_MCS_SUPPORT_0_11;
130 break;
131 default:
132 mcs = IEEE80211_HE_MCS_NOT_SUPPORTED;
133 break;
134 }
135 mcs_map &= ~(0x3 << (nss * 2));
136 mcs_map |= mcs << (nss * 2);
137 }
138
139 *he_mcs = cpu_to_le16(mcs_map);
140}
141
142static void
143mt7996_mcu_set_sta_vht_mcs(struct ieee80211_sta *sta, __le16 *vht_mcs,
144 const u16 *mask)
145{
146 u16 mcs, mcs_map = le16_to_cpu(sta->deflink.vht_cap.vht_mcs.rx_mcs_map);
147 int nss, max_nss = sta->deflink.rx_nss > 3 ? 4 : sta->deflink.rx_nss;
148
149 for (nss = 0; nss < max_nss; nss++, mcs_map >>= 2) {
150 switch (mcs_map & 0x3) {
151 case IEEE80211_VHT_MCS_SUPPORT_0_9:
152 mcs = GENMASK(9, 0);
153 break;
154 case IEEE80211_VHT_MCS_SUPPORT_0_8:
155 mcs = GENMASK(8, 0);
156 break;
157 case IEEE80211_VHT_MCS_SUPPORT_0_7:
158 mcs = GENMASK(7, 0);
159 break;
160 default:
161 mcs = 0;
162 }
163
164 vht_mcs[nss] = cpu_to_le16(mcs & mask[nss]);
165 }
166}
167
168static void
169mt7996_mcu_set_sta_ht_mcs(struct ieee80211_sta *sta, u8 *ht_mcs,
170 const u8 *mask)
171{
172 int nss, max_nss = sta->deflink.rx_nss > 3 ? 4 : sta->deflink.rx_nss;
173
174 for (nss = 0; nss < max_nss; nss++)
175 ht_mcs[nss] = sta->deflink.ht_cap.mcs.rx_mask[nss] & mask[nss];
176}
177
178static int
179mt7996_mcu_parse_response(struct mt76_dev *mdev, int cmd,
180 struct sk_buff *skb, int seq)
181{
182 struct mt7996_mcu_rxd *rxd;
183 struct mt7996_mcu_uni_event *event;
184 int mcu_cmd = FIELD_GET(__MCU_CMD_FIELD_ID, cmd);
185 int ret = 0;
186
187 if (!skb) {
188 dev_err(mdev->dev, "Message %08x (seq %d) timeout\n",
189 cmd, seq);
190 return -ETIMEDOUT;
191 }
192
193 rxd = (struct mt7996_mcu_rxd *)skb->data;
194 if (seq != rxd->seq)
195 return -EAGAIN;
196
197 if (cmd == MCU_CMD(PATCH_SEM_CONTROL)) {
198 skb_pull(skb, sizeof(*rxd) - 4);
199 ret = *skb->data;
200 } else if ((rxd->option & MCU_UNI_CMD_EVENT) &&
201 rxd->eid == MCU_UNI_EVENT_RESULT) {
202 skb_pull(skb, sizeof(*rxd));
203 event = (struct mt7996_mcu_uni_event *)skb->data;
204 ret = le32_to_cpu(event->status);
205 /* skip invalid event */
206 if (mcu_cmd != event->cid)
207 ret = -EAGAIN;
208 } else {
209 skb_pull(skb, sizeof(struct mt7996_mcu_rxd));
210 }
211
212 return ret;
213}
214
215static int
216mt7996_mcu_send_message(struct mt76_dev *mdev, struct sk_buff *skb,
217 int cmd, int *wait_seq)
218{
219 struct mt7996_dev *dev = container_of(mdev, struct mt7996_dev, mt76);
220 int txd_len, mcu_cmd = FIELD_GET(__MCU_CMD_FIELD_ID, cmd);
221 struct mt76_connac2_mcu_uni_txd *uni_txd;
222 struct mt76_connac2_mcu_txd *mcu_txd;
223 enum mt76_mcuq_id qid;
224 __le32 *txd;
225 u32 val;
226 u8 seq;
227
228 mdev->mcu.timeout = 20 * HZ;
229
230 seq = ++dev->mt76.mcu.msg_seq & 0xf;
231 if (!seq)
232 seq = ++dev->mt76.mcu.msg_seq & 0xf;
233
234 if (cmd == MCU_CMD(FW_SCATTER)) {
235 qid = MT_MCUQ_FWDL;
236 goto exit;
237 }
238
239 txd_len = cmd & __MCU_CMD_FIELD_UNI ? sizeof(*uni_txd) : sizeof(*mcu_txd);
240 txd = (__le32 *)skb_push(skb, txd_len);
241 if (test_bit(MT76_STATE_MCU_RUNNING, &dev->mphy.state))
242 qid = MT_MCUQ_WA;
243 else
244 qid = MT_MCUQ_WM;
245
246 val = FIELD_PREP(MT_TXD0_TX_BYTES, skb->len) |
247 FIELD_PREP(MT_TXD0_PKT_FMT, MT_TX_TYPE_CMD) |
248 FIELD_PREP(MT_TXD0_Q_IDX, MT_TX_MCU_PORT_RX_Q0);
249 txd[0] = cpu_to_le32(val);
250
251 val = FIELD_PREP(MT_TXD1_HDR_FORMAT, MT_HDR_FORMAT_CMD);
252 txd[1] = cpu_to_le32(val);
253
254 if (cmd & __MCU_CMD_FIELD_UNI) {
255 uni_txd = (struct mt76_connac2_mcu_uni_txd *)txd;
256 uni_txd->len = cpu_to_le16(skb->len - sizeof(uni_txd->txd));
257 uni_txd->cid = cpu_to_le16(mcu_cmd);
258 uni_txd->s2d_index = MCU_S2D_H2CN;
259 uni_txd->pkt_type = MCU_PKT_ID;
260 uni_txd->seq = seq;
261
262 if (cmd & __MCU_CMD_FIELD_QUERY)
263 uni_txd->option = MCU_CMD_UNI_QUERY_ACK;
264 else
265 uni_txd->option = MCU_CMD_UNI_EXT_ACK;
266
267 if ((cmd & __MCU_CMD_FIELD_WA) && (cmd & __MCU_CMD_FIELD_WM))
268 uni_txd->s2d_index = MCU_S2D_H2CN;
269 else if (cmd & __MCU_CMD_FIELD_WA)
270 uni_txd->s2d_index = MCU_S2D_H2C;
271 else if (cmd & __MCU_CMD_FIELD_WM)
272 uni_txd->s2d_index = MCU_S2D_H2N;
273
274 goto exit;
275 }
276
277 mcu_txd = (struct mt76_connac2_mcu_txd *)txd;
278 mcu_txd->len = cpu_to_le16(skb->len - sizeof(mcu_txd->txd));
279 mcu_txd->pq_id = cpu_to_le16(MCU_PQ_ID(MT_TX_PORT_IDX_MCU,
280 MT_TX_MCU_PORT_RX_Q0));
281 mcu_txd->pkt_type = MCU_PKT_ID;
282 mcu_txd->seq = seq;
283
284 mcu_txd->cid = FIELD_GET(__MCU_CMD_FIELD_ID, cmd);
285 mcu_txd->set_query = MCU_Q_NA;
286 mcu_txd->ext_cid = FIELD_GET(__MCU_CMD_FIELD_EXT_ID, cmd);
287 if (mcu_txd->ext_cid) {
288 mcu_txd->ext_cid_ack = 1;
289
290 if (cmd & __MCU_CMD_FIELD_QUERY)
291 mcu_txd->set_query = MCU_Q_QUERY;
292 else
293 mcu_txd->set_query = MCU_Q_SET;
294 }
295
296 if (cmd & __MCU_CMD_FIELD_WA)
297 mcu_txd->s2d_index = MCU_S2D_H2C;
298 else
299 mcu_txd->s2d_index = MCU_S2D_H2N;
300
301exit:
302 if (wait_seq)
303 *wait_seq = seq;
304
305 return mt76_tx_queue_skb_raw(dev, mdev->q_mcu[qid], skb, 0);
306}
307
308int mt7996_mcu_wa_cmd(struct mt7996_dev *dev, int cmd, u32 a1, u32 a2, u32 a3)
309{
310 struct {
311 __le32 args[3];
312 } req = {
313 .args = {
314 cpu_to_le32(a1),
315 cpu_to_le32(a2),
316 cpu_to_le32(a3),
317 },
318 };
319
320 return mt76_mcu_send_msg(&dev->mt76, cmd, &req, sizeof(req), false);
321}
322
323static void
324mt7996_mcu_csa_finish(void *priv, u8 *mac, struct ieee80211_vif *vif)
325{
326 if (vif->bss_conf.csa_active)
327 ieee80211_csa_finish(vif);
328}
329
330static void
331mt7996_mcu_rx_radar_detected(struct mt7996_dev *dev, struct sk_buff *skb)
332{
333 struct mt76_phy *mphy = &dev->mt76.phy;
334 struct mt7996_mcu_rdd_report *r;
335
336 r = (struct mt7996_mcu_rdd_report *)skb->data;
337
338 mphy = dev->mt76.phys[r->band_idx];
339 if (!mphy)
340 return;
341
342 if (r->band_idx == MT_RX_SEL2)
343 cfg80211_background_radar_event(mphy->hw->wiphy,
344 &dev->rdd2_chandef,
345 GFP_ATOMIC);
346 else
347 ieee80211_radar_detected(mphy->hw);
348 dev->hw_pattern++;
349}
350
351static void
352mt7996_mcu_rx_log_message(struct mt7996_dev *dev, struct sk_buff *skb)
353{
354#define UNI_EVENT_FW_LOG_FORMAT 0
355 struct mt7996_mcu_rxd *rxd = (struct mt7996_mcu_rxd *)skb->data;
356 const char *data = (char *)&rxd[1] + 4, *type;
357 struct tlv *tlv = (struct tlv *)data;
358 int len;
359
360 if (!(rxd->option & MCU_UNI_CMD_EVENT)) {
361 len = skb->len - sizeof(*rxd);
362 data = (char *)&rxd[1];
363 goto out;
364 }
365
366 if (le16_to_cpu(tlv->tag) != UNI_EVENT_FW_LOG_FORMAT)
367 return;
368
369 data += sizeof(*tlv) + 4;
370 len = le16_to_cpu(tlv->len) - sizeof(*tlv) - 4;
371
372out:
373 switch (rxd->s2d_index) {
374 case 0:
375 if (mt7996_debugfs_rx_log(dev, data, len))
376 return;
377
378 type = "WM";
379 break;
380 case 2:
381 type = "WA";
382 break;
383 default:
384 type = "unknown";
385 break;
386 }
387
388 wiphy_info(mt76_hw(dev)->wiphy, "%s: %.*s", type, len, data);
389}
390
391static void
392mt7996_mcu_cca_finish(void *priv, u8 *mac, struct ieee80211_vif *vif)
393{
394 if (!vif->bss_conf.color_change_active)
395 return;
396
397 ieee80211_color_change_finish(vif);
398}
399
400static void
401mt7996_mcu_ie_countdown(struct mt7996_dev *dev, struct sk_buff *skb)
402{
403#define UNI_EVENT_IE_COUNTDOWN_CSA 0
404#define UNI_EVENT_IE_COUNTDOWN_BCC 1
405 struct header {
406 u8 band;
407 u8 rsv[3];
408 };
409 struct mt76_phy *mphy = &dev->mt76.phy;
410 struct mt7996_mcu_rxd *rxd = (struct mt7996_mcu_rxd *)skb->data;
411 const char *data = (char *)&rxd[1], *tail;
412 struct header *hdr = (struct header *)data;
413 struct tlv *tlv = (struct tlv *)(data + 4);
414
415 if (hdr->band && dev->mt76.phys[hdr->band])
416 mphy = dev->mt76.phys[hdr->band];
417
418 tail = skb->data + le16_to_cpu(rxd->len);
419 while (data + sizeof(struct tlv) < tail && le16_to_cpu(tlv->len)) {
420 switch (le16_to_cpu(tlv->tag)) {
421 case UNI_EVENT_IE_COUNTDOWN_CSA:
422 ieee80211_iterate_active_interfaces_atomic(mphy->hw,
423 IEEE80211_IFACE_ITER_RESUME_ALL,
424 mt7996_mcu_csa_finish, mphy->hw);
425 break;
426 case UNI_EVENT_IE_COUNTDOWN_BCC:
427 ieee80211_iterate_active_interfaces_atomic(mphy->hw,
428 IEEE80211_IFACE_ITER_RESUME_ALL,
429 mt7996_mcu_cca_finish, mphy->hw);
430 break;
431 }
432
433 data += le16_to_cpu(tlv->len);
434 tlv = (struct tlv *)data;
435 }
436}
437
438static void
439mt7996_mcu_rx_ext_event(struct mt7996_dev *dev, struct sk_buff *skb)
440{
441 struct mt7996_mcu_rxd *rxd = (struct mt7996_mcu_rxd *)skb->data;
442
443 switch (rxd->ext_eid) {
444 case MCU_EXT_EVENT_FW_LOG_2_HOST:
445 mt7996_mcu_rx_log_message(dev, skb);
446 break;
447 default:
448 break;
449 }
450}
451
452static void
453mt7996_mcu_rx_unsolicited_event(struct mt7996_dev *dev, struct sk_buff *skb)
454{
455 struct mt7996_mcu_rxd *rxd = (struct mt7996_mcu_rxd *)skb->data;
456
457 switch (rxd->eid) {
458 case MCU_EVENT_EXT:
459 mt7996_mcu_rx_ext_event(dev, skb);
460 break;
461 default:
462 break;
463 }
464 dev_kfree_skb(skb);
465}
466
467static void
468mt7996_mcu_uni_rx_unsolicited_event(struct mt7996_dev *dev, struct sk_buff *skb)
469{
470 struct mt7996_mcu_rxd *rxd = (struct mt7996_mcu_rxd *)skb->data;
471
472 switch (rxd->eid) {
473 case MCU_UNI_EVENT_FW_LOG_2_HOST:
474 mt7996_mcu_rx_log_message(dev, skb);
475 break;
476 case MCU_UNI_EVENT_IE_COUNTDOWN:
477 mt7996_mcu_ie_countdown(dev, skb);
478 break;
479 case MCU_UNI_EVENT_RDD_REPORT:
480 mt7996_mcu_rx_radar_detected(dev, skb);
481 break;
482 default:
483 break;
484 }
485 dev_kfree_skb(skb);
486}
487
488void mt7996_mcu_rx_event(struct mt7996_dev *dev, struct sk_buff *skb)
489{
490 struct mt7996_mcu_rxd *rxd = (struct mt7996_mcu_rxd *)skb->data;
491
492 if (rxd->option & MCU_UNI_CMD_UNSOLICITED_EVENT) {
493 mt7996_mcu_uni_rx_unsolicited_event(dev, skb);
494 return;
495 }
496
497 /* WA still uses legacy event*/
498 if (rxd->ext_eid == MCU_EXT_EVENT_FW_LOG_2_HOST ||
499 !rxd->seq)
500 mt7996_mcu_rx_unsolicited_event(dev, skb);
501 else
502 mt76_mcu_rx_event(&dev->mt76, skb);
503}
504
505static struct tlv *
506mt7996_mcu_add_uni_tlv(struct sk_buff *skb, u16 tag, u16 len)
507{
508 struct tlv *ptlv, tlv = {
509 .tag = cpu_to_le16(tag),
510 .len = cpu_to_le16(len),
511 };
512
513 ptlv = skb_put(skb, len);
514 memcpy(ptlv, &tlv, sizeof(tlv));
515
516 return ptlv;
517}
518
519static void
520mt7996_mcu_bss_rfch_tlv(struct sk_buff *skb, struct ieee80211_vif *vif,
521 struct mt7996_phy *phy)
522{
523 static const u8 rlm_ch_band[] = {
524 [NL80211_BAND_2GHZ] = 1,
525 [NL80211_BAND_5GHZ] = 2,
526 [NL80211_BAND_6GHZ] = 3,
527 };
528 struct cfg80211_chan_def *chandef = &phy->mt76->chandef;
529 struct bss_rlm_tlv *ch;
530 struct tlv *tlv;
531 int freq1 = chandef->center_freq1;
532
533 tlv = mt7996_mcu_add_uni_tlv(skb, UNI_BSS_INFO_RLM, sizeof(*ch));
534
535 ch = (struct bss_rlm_tlv *)tlv;
536 ch->control_channel = chandef->chan->hw_value;
537 ch->center_chan = ieee80211_frequency_to_channel(freq1);
538 ch->bw = mt76_connac_chan_bw(chandef);
539 ch->tx_streams = hweight8(phy->mt76->antenna_mask);
540 ch->rx_streams = hweight8(phy->mt76->antenna_mask);
541 ch->band = rlm_ch_band[chandef->chan->band];
542
543 if (chandef->width == NL80211_CHAN_WIDTH_80P80) {
544 int freq2 = chandef->center_freq2;
545
546 ch->center_chan2 = ieee80211_frequency_to_channel(freq2);
547 }
548}
549
550static void
551mt7996_mcu_bss_ra_tlv(struct sk_buff *skb, struct ieee80211_vif *vif,
552 struct mt7996_phy *phy)
553{
554 struct bss_ra_tlv *ra;
555 struct tlv *tlv;
556
557 tlv = mt7996_mcu_add_uni_tlv(skb, UNI_BSS_INFO_RA, sizeof(*ra));
558
559 ra = (struct bss_ra_tlv *)tlv;
560 ra->short_preamble = true;
561}
562
563static void
564mt7996_mcu_bss_he_tlv(struct sk_buff *skb, struct ieee80211_vif *vif,
565 struct mt7996_phy *phy)
566{
567#define DEFAULT_HE_PE_DURATION 4
568#define DEFAULT_HE_DURATION_RTS_THRES 1023
569 const struct ieee80211_sta_he_cap *cap;
570 struct bss_info_uni_he *he;
571 struct tlv *tlv;
572
573 cap = mt76_connac_get_he_phy_cap(phy->mt76, vif);
574
575 tlv = mt7996_mcu_add_uni_tlv(skb, UNI_BSS_INFO_HE_BASIC, sizeof(*he));
576
577 he = (struct bss_info_uni_he *)tlv;
578 he->he_pe_duration = vif->bss_conf.htc_trig_based_pkt_ext;
579 if (!he->he_pe_duration)
580 he->he_pe_duration = DEFAULT_HE_PE_DURATION;
581
582 he->he_rts_thres = cpu_to_le16(vif->bss_conf.frame_time_rts_th);
583 if (!he->he_rts_thres)
584 he->he_rts_thres = cpu_to_le16(DEFAULT_HE_DURATION_RTS_THRES);
585
586 he->max_nss_mcs[CMD_HE_MCS_BW80] = cap->he_mcs_nss_supp.tx_mcs_80;
587 he->max_nss_mcs[CMD_HE_MCS_BW160] = cap->he_mcs_nss_supp.tx_mcs_160;
588 he->max_nss_mcs[CMD_HE_MCS_BW8080] = cap->he_mcs_nss_supp.tx_mcs_80p80;
589}
590
591static void
592mt7996_mcu_bss_bmc_tlv(struct sk_buff *skb, struct mt7996_phy *phy)
593{
594 struct bss_rate_tlv *bmc;
595 struct cfg80211_chan_def *chandef = &phy->mt76->chandef;
596 enum nl80211_band band = chandef->chan->band;
597 struct tlv *tlv;
598
599 tlv = mt7996_mcu_add_uni_tlv(skb, UNI_BSS_INFO_RATE, sizeof(*bmc));
600
601 bmc = (struct bss_rate_tlv *)tlv;
602 if (band == NL80211_BAND_2GHZ) {
603 bmc->short_preamble = true;
604 } else {
605 bmc->bc_trans = cpu_to_le16(0x8080);
606 bmc->mc_trans = cpu_to_le16(0x8080);
607 bmc->bc_fixed_rate = 1;
608 bmc->mc_fixed_rate = 1;
609 bmc->short_preamble = 1;
610 }
611}
612
613static void
614mt7996_mcu_bss_txcmd_tlv(struct sk_buff *skb, bool en)
615{
616 struct bss_txcmd_tlv *txcmd;
617 struct tlv *tlv;
618
619 tlv = mt7996_mcu_add_uni_tlv(skb, UNI_BSS_INFO_TXCMD, sizeof(*txcmd));
620
621 txcmd = (struct bss_txcmd_tlv *)tlv;
622 txcmd->txcmd_mode = en;
623}
624
625static void
626mt7996_mcu_bss_mld_tlv(struct sk_buff *skb, struct ieee80211_vif *vif)
627{
628 struct mt7996_vif *mvif = (struct mt7996_vif *)vif->drv_priv;
629 struct bss_mld_tlv *mld;
630 struct tlv *tlv;
631
632 tlv = mt7996_mcu_add_uni_tlv(skb, UNI_BSS_INFO_MLD, sizeof(*mld));
633
634 mld = (struct bss_mld_tlv *)tlv;
635 mld->group_mld_id = 0xff;
636 mld->own_mld_id = mvif->mt76.idx;
637 mld->remap_idx = 0xff;
638}
639
640static void
641mt7996_mcu_bss_sec_tlv(struct sk_buff *skb, struct ieee80211_vif *vif)
642{
643 struct mt76_vif *mvif = (struct mt76_vif *)vif->drv_priv;
644 struct bss_sec_tlv *sec;
645 struct tlv *tlv;
646
647 tlv = mt7996_mcu_add_uni_tlv(skb, UNI_BSS_INFO_SEC, sizeof(*sec));
648
649 sec = (struct bss_sec_tlv *)tlv;
650 sec->cipher = mvif->cipher;
651}
652
653static int
654mt7996_mcu_muar_config(struct mt7996_phy *phy, struct ieee80211_vif *vif,
655 bool bssid, bool enable)
656{
657#define UNI_MUAR_ENTRY 2
658 struct mt7996_dev *dev = phy->dev;
659 struct mt7996_vif *mvif = (struct mt7996_vif *)vif->drv_priv;
660 u32 idx = mvif->mt76.omac_idx - REPEATER_BSSID_START;
661 const u8 *addr = vif->addr;
662
663 struct {
664 struct {
665 u8 band;
666 u8 __rsv[3];
667 } hdr;
668
669 __le16 tag;
670 __le16 len;
671
672 bool smesh;
673 u8 bssid;
674 u8 index;
675 u8 entry_add;
676 u8 addr[ETH_ALEN];
677 u8 __rsv[2];
678 } __packed req = {
679 .hdr.band = phy->mt76->band_idx,
680 .tag = cpu_to_le16(UNI_MUAR_ENTRY),
681 .len = cpu_to_le16(sizeof(req) - sizeof(req.hdr)),
682 .smesh = false,
683 .index = idx * 2 + bssid,
684 .entry_add = true,
685 };
686
687 if (bssid)
688 addr = vif->bss_conf.bssid;
689
690 if (enable)
691 memcpy(req.addr, addr, ETH_ALEN);
692
693 return mt76_mcu_send_msg(&dev->mt76, MCU_WM_UNI_CMD(REPT_MUAR), &req,
694 sizeof(req), true);
695}
696
697static int
698mt7996_mcu_bss_basic_tlv(struct sk_buff *skb,
699 struct ieee80211_vif *vif,
700 struct ieee80211_sta *sta,
701 struct mt76_phy *phy, u16 wlan_idx,
702 bool enable)
703{
704 struct mt76_vif *mvif = (struct mt76_vif *)vif->drv_priv;
705 struct cfg80211_chan_def *chandef = &phy->chandef;
706 struct mt76_connac_bss_basic_tlv *bss;
707 u32 type = CONNECTION_INFRA_AP;
708 struct tlv *tlv;
709 int idx;
710
711 switch (vif->type) {
712 case NL80211_IFTYPE_MESH_POINT:
713 case NL80211_IFTYPE_AP:
714 case NL80211_IFTYPE_MONITOR:
715 break;
716 case NL80211_IFTYPE_STATION:
717 if (enable) {
718 rcu_read_lock();
719 if (!sta)
720 sta = ieee80211_find_sta(vif,
721 vif->bss_conf.bssid);
722 /* TODO: enable BSS_INFO_UAPSD & BSS_INFO_PM */
723 if (sta) {
724 struct mt76_wcid *wcid;
725
726 wcid = (struct mt76_wcid *)sta->drv_priv;
727 wlan_idx = wcid->idx;
728 }
729 rcu_read_unlock();
730 }
731 type = CONNECTION_INFRA_STA;
732 break;
733 case NL80211_IFTYPE_ADHOC:
734 type = CONNECTION_IBSS_ADHOC;
735 break;
736 default:
737 WARN_ON(1);
738 break;
739 }
740
741 tlv = mt7996_mcu_add_uni_tlv(skb, UNI_BSS_INFO_BASIC, sizeof(*bss));
742
743 bss = (struct mt76_connac_bss_basic_tlv *)tlv;
744 bss->bcn_interval = cpu_to_le16(vif->bss_conf.beacon_int);
745 bss->dtim_period = vif->bss_conf.dtim_period;
746 bss->bmc_tx_wlan_idx = cpu_to_le16(wlan_idx);
747 bss->sta_idx = cpu_to_le16(wlan_idx);
748 bss->conn_type = cpu_to_le32(type);
749 bss->omac_idx = mvif->omac_idx;
750 bss->band_idx = mvif->band_idx;
751 bss->wmm_idx = mvif->wmm_idx;
752 bss->conn_state = !enable;
753 bss->active = enable;
754
755 idx = mvif->omac_idx > EXT_BSSID_START ? HW_BSSID_0 : mvif->omac_idx;
756 bss->hw_bss_idx = idx;
757
758 if (vif->type == NL80211_IFTYPE_MONITOR) {
759 memcpy(bss->bssid, phy->macaddr, ETH_ALEN);
760 return 0;
761 }
762
763 memcpy(bss->bssid, vif->bss_conf.bssid, ETH_ALEN);
764 bss->bcn_interval = cpu_to_le16(vif->bss_conf.beacon_int);
765 bss->dtim_period = vif->bss_conf.dtim_period;
766 bss->phymode = mt76_connac_get_phy_mode(phy, vif,
767 chandef->chan->band, NULL);
768
769 if (chandef->chan->band == NL80211_BAND_6GHZ)
770 bss->phymode_ext |= PHY_MODE_AX_6G;
771
772 return 0;
773}
774
775static struct sk_buff *
776__mt7996_mcu_alloc_bss_req(struct mt76_dev *dev, struct mt76_vif *mvif, int len)
777{
778 struct bss_req_hdr hdr = {
779 .bss_idx = mvif->idx,
780 };
781 struct sk_buff *skb;
782
783 skb = mt76_mcu_msg_alloc(dev, NULL, len);
784 if (!skb)
785 return ERR_PTR(-ENOMEM);
786
787 skb_put_data(skb, &hdr, sizeof(hdr));
788
789 return skb;
790}
791
792int mt7996_mcu_add_bss_info(struct mt7996_phy *phy,
793 struct ieee80211_vif *vif, int enable)
794{
795 struct mt7996_vif *mvif = (struct mt7996_vif *)vif->drv_priv;
796 struct mt7996_dev *dev = phy->dev;
797 struct sk_buff *skb;
798
799 if (mvif->mt76.omac_idx >= REPEATER_BSSID_START) {
800 mt7996_mcu_muar_config(phy, vif, false, enable);
801 mt7996_mcu_muar_config(phy, vif, true, enable);
802 }
803
804 skb = __mt7996_mcu_alloc_bss_req(&dev->mt76, &mvif->mt76,
805 MT7996_BSS_UPDATE_MAX_SIZE);
806 if (IS_ERR(skb))
807 return PTR_ERR(skb);
808
809 /* bss_basic must be first */
810 mt7996_mcu_bss_basic_tlv(skb, vif, NULL, phy->mt76,
811 mvif->sta.wcid.idx, enable);
812 mt7996_mcu_bss_sec_tlv(skb, vif);
813
814 if (vif->type == NL80211_IFTYPE_MONITOR)
815 goto out;
816
817 if (enable) {
818 mt7996_mcu_bss_rfch_tlv(skb, vif, phy);
819 mt7996_mcu_bss_bmc_tlv(skb, phy);
820 mt7996_mcu_bss_ra_tlv(skb, vif, phy);
821 mt7996_mcu_bss_txcmd_tlv(skb, true);
822
823 if (vif->bss_conf.he_support)
824 mt7996_mcu_bss_he_tlv(skb, vif, phy);
825
826 /* this tag is necessary no matter if the vif is MLD */
827 mt7996_mcu_bss_mld_tlv(skb, vif);
828 }
829out:
830 return mt76_mcu_skb_send_msg(&dev->mt76, skb,
831 MCU_WMWA_UNI_CMD(BSS_INFO_UPDATE), true);
832}
833
834static int
835mt7996_mcu_sta_ba(struct mt76_dev *dev, struct mt76_vif *mvif,
836 struct ieee80211_ampdu_params *params,
837 bool enable, bool tx)
838{
839 struct mt76_wcid *wcid = (struct mt76_wcid *)params->sta->drv_priv;
840 struct sta_rec_ba_uni *ba;
841 struct sk_buff *skb;
842 struct tlv *tlv;
843
844 skb = __mt76_connac_mcu_alloc_sta_req(dev, mvif, wcid,
845 MT7996_STA_UPDATE_MAX_SIZE);
846 if (IS_ERR(skb))
847 return PTR_ERR(skb);
848
849 tlv = mt76_connac_mcu_add_tlv(skb, STA_REC_BA, sizeof(*ba));
850
851 ba = (struct sta_rec_ba_uni *)tlv;
852 ba->ba_type = tx ? MT_BA_TYPE_ORIGINATOR : MT_BA_TYPE_RECIPIENT;
853 ba->winsize = cpu_to_le16(params->buf_size);
854 ba->ssn = cpu_to_le16(params->ssn);
855 ba->ba_en = enable << params->tid;
856 ba->amsdu = params->amsdu;
857 ba->tid = params->tid;
858
859 return mt76_mcu_skb_send_msg(dev, skb,
860 MCU_WMWA_UNI_CMD(STA_REC_UPDATE), true);
861}
862
863/** starec & wtbl **/
864int mt7996_mcu_add_tx_ba(struct mt7996_dev *dev,
865 struct ieee80211_ampdu_params *params,
866 bool enable)
867{
868 struct mt7996_sta *msta = (struct mt7996_sta *)params->sta->drv_priv;
869 struct mt7996_vif *mvif = msta->vif;
870
871 if (enable && !params->amsdu)
872 msta->wcid.amsdu = false;
873
874 return mt7996_mcu_sta_ba(&dev->mt76, &mvif->mt76, params,
875 enable, true);
876}
877
878int mt7996_mcu_add_rx_ba(struct mt7996_dev *dev,
879 struct ieee80211_ampdu_params *params,
880 bool enable)
881{
882 struct mt7996_sta *msta = (struct mt7996_sta *)params->sta->drv_priv;
883 struct mt7996_vif *mvif = msta->vif;
884
885 return mt7996_mcu_sta_ba(&dev->mt76, &mvif->mt76, params,
886 enable, false);
887}
888
889static void
890mt7996_mcu_sta_he_tlv(struct sk_buff *skb, struct ieee80211_sta *sta)
891{
892 struct ieee80211_he_cap_elem *elem = &sta->deflink.he_cap.he_cap_elem;
893 struct ieee80211_he_mcs_nss_supp mcs_map;
894 struct sta_rec_he_v2 *he;
895 struct tlv *tlv;
896 int i = 0;
897
898 if (!sta->deflink.he_cap.has_he)
899 return;
900
901 tlv = mt76_connac_mcu_add_tlv(skb, STA_REC_HE_V2, sizeof(*he));
902
903 he = (struct sta_rec_he_v2 *)tlv;
904 for (i = 0; i < 11; i++) {
905 if (i < 6)
906 he->he_mac_cap[i] = cpu_to_le16(elem->mac_cap_info[i]);
907 he->he_phy_cap[i] = cpu_to_le16(elem->phy_cap_info[i]);
908 }
909
910 mcs_map = sta->deflink.he_cap.he_mcs_nss_supp;
911 switch (sta->deflink.bandwidth) {
912 case IEEE80211_STA_RX_BW_160:
913 if (elem->phy_cap_info[0] &
914 IEEE80211_HE_PHY_CAP0_CHANNEL_WIDTH_SET_80PLUS80_MHZ_IN_5G)
915 mt7996_mcu_set_sta_he_mcs(sta,
916 &he->max_nss_mcs[CMD_HE_MCS_BW8080],
917 le16_to_cpu(mcs_map.rx_mcs_80p80));
918
919 mt7996_mcu_set_sta_he_mcs(sta,
920 &he->max_nss_mcs[CMD_HE_MCS_BW160],
921 le16_to_cpu(mcs_map.rx_mcs_160));
922 fallthrough;
923 default:
924 mt7996_mcu_set_sta_he_mcs(sta,
925 &he->max_nss_mcs[CMD_HE_MCS_BW80],
926 le16_to_cpu(mcs_map.rx_mcs_80));
927 break;
928 }
929
930 he->pkt_ext = 2;
931}
932
933static void
934mt7996_mcu_sta_he_6g_tlv(struct sk_buff *skb, struct ieee80211_sta *sta)
935{
936 struct sta_rec_he_6g_capa *he_6g;
937 struct tlv *tlv;
938
939 if (!sta->deflink.he_6ghz_capa.capa)
940 return;
941
942 tlv = mt76_connac_mcu_add_tlv(skb, STA_REC_HE_6G, sizeof(*he_6g));
943
944 he_6g = (struct sta_rec_he_6g_capa *)tlv;
945 he_6g->capa = sta->deflink.he_6ghz_capa.capa;
946}
947
948static void
949mt7996_mcu_sta_ht_tlv(struct sk_buff *skb, struct ieee80211_sta *sta)
950{
951 struct sta_rec_ht *ht;
952 struct tlv *tlv;
953
954 if (!sta->deflink.ht_cap.ht_supported)
955 return;
956
957 tlv = mt76_connac_mcu_add_tlv(skb, STA_REC_HT, sizeof(*ht));
958
959 ht = (struct sta_rec_ht *)tlv;
960 ht->ht_cap = cpu_to_le16(sta->deflink.ht_cap.cap);
961}
962
963static void
964mt7996_mcu_sta_vht_tlv(struct sk_buff *skb, struct ieee80211_sta *sta)
965{
966 struct sta_rec_vht *vht;
967 struct tlv *tlv;
968
969 /* For 6G band, this tlv is necessary to let hw work normally */
970 if (!sta->deflink.he_6ghz_capa.capa && !sta->deflink.vht_cap.vht_supported)
971 return;
972
973 tlv = mt76_connac_mcu_add_tlv(skb, STA_REC_VHT, sizeof(*vht));
974
975 vht = (struct sta_rec_vht *)tlv;
976 vht->vht_cap = cpu_to_le32(sta->deflink.vht_cap.cap);
977 vht->vht_rx_mcs_map = sta->deflink.vht_cap.vht_mcs.rx_mcs_map;
978 vht->vht_tx_mcs_map = sta->deflink.vht_cap.vht_mcs.tx_mcs_map;
979}
980
981static void
982mt7996_mcu_sta_amsdu_tlv(struct mt7996_dev *dev, struct sk_buff *skb,
983 struct ieee80211_vif *vif, struct ieee80211_sta *sta)
984{
985 struct mt7996_sta *msta = (struct mt7996_sta *)sta->drv_priv;
986 struct sta_rec_amsdu *amsdu;
987 struct tlv *tlv;
988
989 if (vif->type != NL80211_IFTYPE_STATION &&
990 vif->type != NL80211_IFTYPE_AP)
991 return;
992
993 if (!sta->deflink.agg.max_amsdu_len)
994 return;
995
996 tlv = mt76_connac_mcu_add_tlv(skb, STA_REC_HW_AMSDU, sizeof(*amsdu));
997 amsdu = (struct sta_rec_amsdu *)tlv;
998 amsdu->max_amsdu_num = 8;
999 amsdu->amsdu_en = true;
1000 msta->wcid.amsdu = true;
1001
1002 switch (sta->deflink.agg.max_amsdu_len) {
1003 case IEEE80211_MAX_MPDU_LEN_VHT_11454:
1004 amsdu->max_mpdu_size =
1005 IEEE80211_VHT_CAP_MAX_MPDU_LENGTH_11454;
1006 return;
1007 case IEEE80211_MAX_MPDU_LEN_HT_7935:
1008 case IEEE80211_MAX_MPDU_LEN_VHT_7991:
1009 amsdu->max_mpdu_size = IEEE80211_VHT_CAP_MAX_MPDU_LENGTH_7991;
1010 return;
1011 default:
1012 amsdu->max_mpdu_size = IEEE80211_VHT_CAP_MAX_MPDU_LENGTH_3895;
1013 return;
1014 }
1015}
1016
1017static inline bool
1018mt7996_is_ebf_supported(struct mt7996_phy *phy, struct ieee80211_vif *vif,
1019 struct ieee80211_sta *sta, bool bfee)
1020{
1021 struct mt7996_vif *mvif = (struct mt7996_vif *)vif->drv_priv;
1022 int tx_ant = hweight8(phy->mt76->antenna_mask) - 1;
1023
1024 if (vif->type != NL80211_IFTYPE_STATION &&
1025 vif->type != NL80211_IFTYPE_AP)
1026 return false;
1027
1028 if (!bfee && tx_ant < 2)
1029 return false;
1030
1031 if (sta->deflink.he_cap.has_he) {
1032 struct ieee80211_he_cap_elem *pe = &sta->deflink.he_cap.he_cap_elem;
1033
1034 if (bfee)
1035 return mvif->cap.he_su_ebfee &&
1036 HE_PHY(CAP3_SU_BEAMFORMER, pe->phy_cap_info[3]);
1037 else
1038 return mvif->cap.he_su_ebfer &&
1039 HE_PHY(CAP4_SU_BEAMFORMEE, pe->phy_cap_info[4]);
1040 }
1041
1042 if (sta->deflink.vht_cap.vht_supported) {
1043 u32 cap = sta->deflink.vht_cap.cap;
1044
1045 if (bfee)
1046 return mvif->cap.vht_su_ebfee &&
1047 (cap & IEEE80211_VHT_CAP_SU_BEAMFORMER_CAPABLE);
1048 else
1049 return mvif->cap.vht_su_ebfer &&
1050 (cap & IEEE80211_VHT_CAP_SU_BEAMFORMEE_CAPABLE);
1051 }
1052
1053 return false;
1054}
1055
1056static void
1057mt7996_mcu_sta_sounding_rate(struct sta_rec_bf *bf)
1058{
1059 bf->sounding_phy = MT_PHY_TYPE_OFDM;
1060 bf->ndp_rate = 0; /* mcs0 */
1061 bf->ndpa_rate = MT7996_CFEND_RATE_DEFAULT; /* ofdm 24m */
1062 bf->rept_poll_rate = MT7996_CFEND_RATE_DEFAULT; /* ofdm 24m */
1063}
1064
1065static void
1066mt7996_mcu_sta_bfer_ht(struct ieee80211_sta *sta, struct mt7996_phy *phy,
1067 struct sta_rec_bf *bf)
1068{
1069 struct ieee80211_mcs_info *mcs = &sta->deflink.ht_cap.mcs;
1070 u8 n = 0;
1071
1072 bf->tx_mode = MT_PHY_TYPE_HT;
1073
1074 if ((mcs->tx_params & IEEE80211_HT_MCS_TX_RX_DIFF) &&
1075 (mcs->tx_params & IEEE80211_HT_MCS_TX_DEFINED))
1076 n = FIELD_GET(IEEE80211_HT_MCS_TX_MAX_STREAMS_MASK,
1077 mcs->tx_params);
1078 else if (mcs->rx_mask[3])
1079 n = 3;
1080 else if (mcs->rx_mask[2])
1081 n = 2;
1082 else if (mcs->rx_mask[1])
1083 n = 1;
1084
1085 bf->nrow = hweight8(phy->mt76->antenna_mask) - 1;
1086 bf->ncol = min_t(u8, bf->nrow, n);
1087 bf->ibf_ncol = n;
1088}
1089
1090static void
1091mt7996_mcu_sta_bfer_vht(struct ieee80211_sta *sta, struct mt7996_phy *phy,
1092 struct sta_rec_bf *bf, bool explicit)
1093{
1094 struct ieee80211_sta_vht_cap *pc = &sta->deflink.vht_cap;
1095 struct ieee80211_sta_vht_cap *vc = &phy->mt76->sband_5g.sband.vht_cap;
1096 u16 mcs_map = le16_to_cpu(pc->vht_mcs.rx_mcs_map);
1097 u8 nss_mcs = mt7996_mcu_get_sta_nss(mcs_map);
1098 u8 tx_ant = hweight8(phy->mt76->antenna_mask) - 1;
1099
1100 bf->tx_mode = MT_PHY_TYPE_VHT;
1101
1102 if (explicit) {
1103 u8 sts, snd_dim;
1104
1105 mt7996_mcu_sta_sounding_rate(bf);
1106
1107 sts = FIELD_GET(IEEE80211_VHT_CAP_BEAMFORMEE_STS_MASK,
1108 pc->cap);
1109 snd_dim = FIELD_GET(IEEE80211_VHT_CAP_SOUNDING_DIMENSIONS_MASK,
1110 vc->cap);
1111 bf->nrow = min_t(u8, min_t(u8, snd_dim, sts), tx_ant);
1112 bf->ncol = min_t(u8, nss_mcs, bf->nrow);
1113 bf->ibf_ncol = bf->ncol;
1114
1115 if (sta->deflink.bandwidth == IEEE80211_STA_RX_BW_160)
1116 bf->nrow = 1;
1117 } else {
1118 bf->nrow = tx_ant;
1119 bf->ncol = min_t(u8, nss_mcs, bf->nrow);
1120 bf->ibf_ncol = nss_mcs;
1121
1122 if (sta->deflink.bandwidth == IEEE80211_STA_RX_BW_160)
1123 bf->ibf_nrow = 1;
1124 }
1125}
1126
1127static void
1128mt7996_mcu_sta_bfer_he(struct ieee80211_sta *sta, struct ieee80211_vif *vif,
1129 struct mt7996_phy *phy, struct sta_rec_bf *bf)
1130{
1131 struct ieee80211_sta_he_cap *pc = &sta->deflink.he_cap;
1132 struct ieee80211_he_cap_elem *pe = &pc->he_cap_elem;
1133 const struct ieee80211_sta_he_cap *vc =
1134 mt76_connac_get_he_phy_cap(phy->mt76, vif);
1135 const struct ieee80211_he_cap_elem *ve = &vc->he_cap_elem;
1136 u16 mcs_map = le16_to_cpu(pc->he_mcs_nss_supp.rx_mcs_80);
1137 u8 nss_mcs = mt7996_mcu_get_sta_nss(mcs_map);
1138 u8 snd_dim, sts;
1139
1140 bf->tx_mode = MT_PHY_TYPE_HE_SU;
1141
1142 mt7996_mcu_sta_sounding_rate(bf);
1143
1144 bf->trigger_su = HE_PHY(CAP6_TRIG_SU_BEAMFORMING_FB,
1145 pe->phy_cap_info[6]);
1146 bf->trigger_mu = HE_PHY(CAP6_TRIG_MU_BEAMFORMING_PARTIAL_BW_FB,
1147 pe->phy_cap_info[6]);
1148 snd_dim = HE_PHY(CAP5_BEAMFORMEE_NUM_SND_DIM_UNDER_80MHZ_MASK,
1149 ve->phy_cap_info[5]);
1150 sts = HE_PHY(CAP4_BEAMFORMEE_MAX_STS_UNDER_80MHZ_MASK,
1151 pe->phy_cap_info[4]);
1152 bf->nrow = min_t(u8, snd_dim, sts);
1153 bf->ncol = min_t(u8, nss_mcs, bf->nrow);
1154 bf->ibf_ncol = bf->ncol;
1155
1156 if (sta->deflink.bandwidth != IEEE80211_STA_RX_BW_160)
1157 return;
1158
1159 /* go over for 160MHz and 80p80 */
1160 if (pe->phy_cap_info[0] &
1161 IEEE80211_HE_PHY_CAP0_CHANNEL_WIDTH_SET_160MHZ_IN_5G) {
1162 mcs_map = le16_to_cpu(pc->he_mcs_nss_supp.rx_mcs_160);
1163 nss_mcs = mt7996_mcu_get_sta_nss(mcs_map);
1164
1165 bf->ncol_gt_bw80 = nss_mcs;
1166 }
1167
1168 if (pe->phy_cap_info[0] &
1169 IEEE80211_HE_PHY_CAP0_CHANNEL_WIDTH_SET_80PLUS80_MHZ_IN_5G) {
1170 mcs_map = le16_to_cpu(pc->he_mcs_nss_supp.rx_mcs_80p80);
1171 nss_mcs = mt7996_mcu_get_sta_nss(mcs_map);
1172
1173 if (bf->ncol_gt_bw80)
1174 bf->ncol_gt_bw80 = min_t(u8, bf->ncol_gt_bw80, nss_mcs);
1175 else
1176 bf->ncol_gt_bw80 = nss_mcs;
1177 }
1178
1179 snd_dim = HE_PHY(CAP5_BEAMFORMEE_NUM_SND_DIM_ABOVE_80MHZ_MASK,
1180 ve->phy_cap_info[5]);
1181 sts = HE_PHY(CAP4_BEAMFORMEE_MAX_STS_ABOVE_80MHZ_MASK,
1182 pe->phy_cap_info[4]);
1183
1184 bf->nrow_gt_bw80 = min_t(int, snd_dim, sts);
1185}
1186
1187static void
1188mt7996_mcu_sta_bfer_tlv(struct mt7996_dev *dev, struct sk_buff *skb,
1189 struct ieee80211_vif *vif, struct ieee80211_sta *sta)
1190{
1191 struct mt7996_vif *mvif = (struct mt7996_vif *)vif->drv_priv;
1192 struct mt7996_phy *phy = mvif->phy;
1193 int tx_ant = hweight8(phy->mt76->antenna_mask) - 1;
1194 struct sta_rec_bf *bf;
1195 struct tlv *tlv;
1196 const u8 matrix[4][4] = {
1197 {0, 0, 0, 0},
1198 {1, 1, 0, 0}, /* 2x1, 2x2, 2x3, 2x4 */
1199 {2, 4, 4, 0}, /* 3x1, 3x2, 3x3, 3x4 */
1200 {3, 5, 6, 0} /* 4x1, 4x2, 4x3, 4x4 */
1201 };
1202 bool ebf;
1203
1204 if (!(sta->deflink.ht_cap.ht_supported || sta->deflink.he_cap.has_he))
1205 return;
1206
1207 ebf = mt7996_is_ebf_supported(phy, vif, sta, false);
1208 if (!ebf && !dev->ibf)
1209 return;
1210
1211 tlv = mt76_connac_mcu_add_tlv(skb, STA_REC_BF, sizeof(*bf));
1212 bf = (struct sta_rec_bf *)tlv;
1213
1214 /* he: eBF only, in accordance with spec
1215 * vht: support eBF and iBF
1216 * ht: iBF only, since mac80211 lacks of eBF support
1217 */
1218 if (sta->deflink.he_cap.has_he && ebf)
1219 mt7996_mcu_sta_bfer_he(sta, vif, phy, bf);
1220 else if (sta->deflink.vht_cap.vht_supported)
1221 mt7996_mcu_sta_bfer_vht(sta, phy, bf, ebf);
1222 else if (sta->deflink.ht_cap.ht_supported)
1223 mt7996_mcu_sta_bfer_ht(sta, phy, bf);
1224 else
1225 return;
1226
1227 bf->bf_cap = ebf ? ebf : dev->ibf << 1;
1228 bf->bw = sta->deflink.bandwidth;
1229 bf->ibf_dbw = sta->deflink.bandwidth;
1230 bf->ibf_nrow = tx_ant;
1231
1232 if (!ebf && sta->deflink.bandwidth <= IEEE80211_STA_RX_BW_40 && !bf->ncol)
1233 bf->ibf_timeout = 0x48;
1234 else
1235 bf->ibf_timeout = 0x18;
1236
1237 if (ebf && bf->nrow != tx_ant)
1238 bf->mem_20m = matrix[tx_ant][bf->ncol];
1239 else
1240 bf->mem_20m = matrix[bf->nrow][bf->ncol];
1241
1242 switch (sta->deflink.bandwidth) {
1243 case IEEE80211_STA_RX_BW_160:
1244 case IEEE80211_STA_RX_BW_80:
1245 bf->mem_total = bf->mem_20m * 2;
1246 break;
1247 case IEEE80211_STA_RX_BW_40:
1248 bf->mem_total = bf->mem_20m;
1249 break;
1250 case IEEE80211_STA_RX_BW_20:
1251 default:
1252 break;
1253 }
1254}
1255
1256static void
1257mt7996_mcu_sta_bfee_tlv(struct mt7996_dev *dev, struct sk_buff *skb,
1258 struct ieee80211_vif *vif, struct ieee80211_sta *sta)
1259{
1260 struct mt7996_vif *mvif = (struct mt7996_vif *)vif->drv_priv;
1261 struct mt7996_phy *phy = mvif->phy;
1262 int tx_ant = hweight8(phy->mt76->antenna_mask) - 1;
1263 struct sta_rec_bfee *bfee;
1264 struct tlv *tlv;
1265 u8 nrow = 0;
1266
1267 if (!(sta->deflink.vht_cap.vht_supported || sta->deflink.he_cap.has_he))
1268 return;
1269
1270 if (!mt7996_is_ebf_supported(phy, vif, sta, true))
1271 return;
1272
1273 tlv = mt76_connac_mcu_add_tlv(skb, STA_REC_BFEE, sizeof(*bfee));
1274 bfee = (struct sta_rec_bfee *)tlv;
1275
1276 if (sta->deflink.he_cap.has_he) {
1277 struct ieee80211_he_cap_elem *pe = &sta->deflink.he_cap.he_cap_elem;
1278
1279 nrow = HE_PHY(CAP5_BEAMFORMEE_NUM_SND_DIM_UNDER_80MHZ_MASK,
1280 pe->phy_cap_info[5]);
1281 } else if (sta->deflink.vht_cap.vht_supported) {
1282 struct ieee80211_sta_vht_cap *pc = &sta->deflink.vht_cap;
1283
1284 nrow = FIELD_GET(IEEE80211_VHT_CAP_SOUNDING_DIMENSIONS_MASK,
1285 pc->cap);
1286 }
1287
1288 /* reply with identity matrix to avoid 2x2 BF negative gain */
1289 bfee->fb_identity_matrix = (nrow == 1 && tx_ant == 2);
1290}
1291
1292static void
1293mt7996_mcu_sta_phy_tlv(struct mt7996_dev *dev, struct sk_buff *skb,
1294 struct ieee80211_vif *vif, struct ieee80211_sta *sta)
1295{
1296 struct sta_rec_phy *phy;
1297 struct tlv *tlv;
1298 u8 af = 0, mm = 0;
1299
1300 if (!sta->deflink.ht_cap.ht_supported && !sta->deflink.he_6ghz_capa.capa)
1301 return;
1302
1303 tlv = mt76_connac_mcu_add_tlv(skb, STA_REC_PHY, sizeof(*phy));
1304
1305 phy = (struct sta_rec_phy *)tlv;
1306 if (sta->deflink.ht_cap.ht_supported) {
1307 af = sta->deflink.ht_cap.ampdu_factor;
1308 mm = sta->deflink.ht_cap.ampdu_density;
1309 }
1310
1311 if (sta->deflink.vht_cap.vht_supported) {
1312 u8 vht_af = FIELD_GET(IEEE80211_VHT_CAP_MAX_A_MPDU_LENGTH_EXPONENT_MASK,
1313 sta->deflink.vht_cap.cap);
1314
1315 af = max_t(u8, af, vht_af);
1316 }
1317
1318 if (sta->deflink.he_6ghz_capa.capa) {
1319 af = le16_get_bits(sta->deflink.he_6ghz_capa.capa,
1320 IEEE80211_HE_6GHZ_CAP_MAX_AMPDU_LEN_EXP);
1321 mm = le16_get_bits(sta->deflink.he_6ghz_capa.capa,
1322 IEEE80211_HE_6GHZ_CAP_MIN_MPDU_START);
1323 }
1324
1325 phy->ampdu = FIELD_PREP(IEEE80211_HT_AMPDU_PARM_FACTOR, af) |
1326 FIELD_PREP(IEEE80211_HT_AMPDU_PARM_DENSITY, mm);
1327 phy->max_ampdu_len = af;
1328}
1329
1330static void
1331mt7996_mcu_sta_hdrt_tlv(struct mt7996_dev *dev, struct sk_buff *skb)
1332{
1333 struct sta_rec_hdrt *hdrt;
1334 struct tlv *tlv;
1335
1336 tlv = mt76_connac_mcu_add_tlv(skb, STA_REC_HDRT, sizeof(*hdrt));
1337
1338 hdrt = (struct sta_rec_hdrt *)tlv;
1339 hdrt->hdrt_mode = 1;
1340}
1341
1342static void
1343mt7996_mcu_sta_hdr_trans_tlv(struct mt7996_dev *dev, struct sk_buff *skb,
1344 struct ieee80211_vif *vif,
1345 struct ieee80211_sta *sta)
1346{
1347 struct sta_rec_hdr_trans *hdr_trans;
1348 struct mt76_wcid *wcid;
1349 struct tlv *tlv;
1350
1351 tlv = mt76_connac_mcu_add_tlv(skb, STA_REC_HDR_TRANS, sizeof(*hdr_trans));
1352 hdr_trans = (struct sta_rec_hdr_trans *)tlv;
1353 hdr_trans->dis_rx_hdr_tran = true;
1354
1355 if (vif->type == NL80211_IFTYPE_STATION)
1356 hdr_trans->to_ds = true;
1357 else
1358 hdr_trans->from_ds = true;
1359
1360 wcid = (struct mt76_wcid *)sta->drv_priv;
1361 if (!wcid)
1362 return;
1363
1364 hdr_trans->dis_rx_hdr_tran = !test_bit(MT_WCID_FLAG_HDR_TRANS, &wcid->flags);
1365 if (test_bit(MT_WCID_FLAG_4ADDR, &wcid->flags)) {
1366 hdr_trans->to_ds = true;
1367 hdr_trans->from_ds = true;
1368 }
1369}
1370
1371static enum mcu_mmps_mode
1372mt7996_mcu_get_mmps_mode(enum ieee80211_smps_mode smps)
1373{
1374 switch (smps) {
1375 case IEEE80211_SMPS_OFF:
1376 return MCU_MMPS_DISABLE;
1377 case IEEE80211_SMPS_STATIC:
1378 return MCU_MMPS_STATIC;
1379 case IEEE80211_SMPS_DYNAMIC:
1380 return MCU_MMPS_DYNAMIC;
1381 default:
1382 return MCU_MMPS_DISABLE;
1383 }
1384}
1385
1386int mt7996_mcu_set_fixed_rate_ctrl(struct mt7996_dev *dev,
1387 void *data, u16 version)
1388{
1389 struct ra_fixed_rate *req;
1390 struct uni_header hdr;
1391 struct sk_buff *skb;
1392 struct tlv *tlv;
1393 int len;
1394
1395 len = sizeof(hdr) + sizeof(*req);
1396
1397 skb = mt76_mcu_msg_alloc(&dev->mt76, NULL, len);
1398 if (!skb)
1399 return -ENOMEM;
1400
1401 skb_put_data(skb, &hdr, sizeof(hdr));
1402
1403 tlv = mt7996_mcu_add_uni_tlv(skb, UNI_RA_FIXED_RATE, sizeof(*req));
1404 req = (struct ra_fixed_rate *)tlv;
1405 req->version = cpu_to_le16(version);
1406 memcpy(&req->rate, data, sizeof(req->rate));
1407
1408 return mt76_mcu_skb_send_msg(&dev->mt76, skb,
1409 MCU_WM_UNI_CMD(RA), true);
1410}
1411
1412static void
1413mt7996_mcu_sta_rate_ctrl_tlv(struct sk_buff *skb, struct mt7996_dev *dev,
1414 struct ieee80211_vif *vif, struct ieee80211_sta *sta)
1415{
1416 struct mt7996_vif *mvif = (struct mt7996_vif *)vif->drv_priv;
1417 struct mt76_phy *mphy = mvif->phy->mt76;
1418 struct cfg80211_chan_def *chandef = &mphy->chandef;
1419 struct cfg80211_bitrate_mask *mask = &mvif->bitrate_mask;
1420 enum nl80211_band band = chandef->chan->band;
1421 struct sta_rec_ra *ra;
1422 struct tlv *tlv;
1423 u32 supp_rate = sta->deflink.supp_rates[band];
1424 u32 cap = sta->wme ? STA_CAP_WMM : 0;
1425
1426 tlv = mt76_connac_mcu_add_tlv(skb, STA_REC_RA, sizeof(*ra));
1427 ra = (struct sta_rec_ra *)tlv;
1428
1429 ra->valid = true;
1430 ra->auto_rate = true;
1431 ra->phy_mode = mt76_connac_get_phy_mode(mphy, vif, band, sta);
1432 ra->channel = chandef->chan->hw_value;
1433 ra->bw = sta->deflink.bandwidth;
1434 ra->phy.bw = sta->deflink.bandwidth;
1435 ra->mmps_mode = mt7996_mcu_get_mmps_mode(sta->deflink.smps_mode);
1436
1437 if (supp_rate) {
1438 supp_rate &= mask->control[band].legacy;
1439 ra->rate_len = hweight32(supp_rate);
1440
1441 if (band == NL80211_BAND_2GHZ) {
1442 ra->supp_mode = MODE_CCK;
1443 ra->supp_cck_rate = supp_rate & GENMASK(3, 0);
1444
1445 if (ra->rate_len > 4) {
1446 ra->supp_mode |= MODE_OFDM;
1447 ra->supp_ofdm_rate = supp_rate >> 4;
1448 }
1449 } else {
1450 ra->supp_mode = MODE_OFDM;
1451 ra->supp_ofdm_rate = supp_rate;
1452 }
1453 }
1454
1455 if (sta->deflink.ht_cap.ht_supported) {
1456 ra->supp_mode |= MODE_HT;
1457 ra->af = sta->deflink.ht_cap.ampdu_factor;
1458 ra->ht_gf = !!(sta->deflink.ht_cap.cap & IEEE80211_HT_CAP_GRN_FLD);
1459
1460 cap |= STA_CAP_HT;
1461 if (sta->deflink.ht_cap.cap & IEEE80211_HT_CAP_SGI_20)
1462 cap |= STA_CAP_SGI_20;
1463 if (sta->deflink.ht_cap.cap & IEEE80211_HT_CAP_SGI_40)
1464 cap |= STA_CAP_SGI_40;
1465 if (sta->deflink.ht_cap.cap & IEEE80211_HT_CAP_TX_STBC)
1466 cap |= STA_CAP_TX_STBC;
1467 if (sta->deflink.ht_cap.cap & IEEE80211_HT_CAP_RX_STBC)
1468 cap |= STA_CAP_RX_STBC;
1469 if (mvif->cap.ht_ldpc &&
1470 (sta->deflink.ht_cap.cap & IEEE80211_HT_CAP_LDPC_CODING))
1471 cap |= STA_CAP_LDPC;
1472
1473 mt7996_mcu_set_sta_ht_mcs(sta, ra->ht_mcs,
1474 mask->control[band].ht_mcs);
1475 ra->supp_ht_mcs = *(__le32 *)ra->ht_mcs;
1476 }
1477
1478 if (sta->deflink.vht_cap.vht_supported) {
1479 u8 af;
1480
1481 ra->supp_mode |= MODE_VHT;
1482 af = FIELD_GET(IEEE80211_VHT_CAP_MAX_A_MPDU_LENGTH_EXPONENT_MASK,
1483 sta->deflink.vht_cap.cap);
1484 ra->af = max_t(u8, ra->af, af);
1485
1486 cap |= STA_CAP_VHT;
1487 if (sta->deflink.vht_cap.cap & IEEE80211_VHT_CAP_SHORT_GI_80)
1488 cap |= STA_CAP_VHT_SGI_80;
1489 if (sta->deflink.vht_cap.cap & IEEE80211_VHT_CAP_SHORT_GI_160)
1490 cap |= STA_CAP_VHT_SGI_160;
1491 if (sta->deflink.vht_cap.cap & IEEE80211_VHT_CAP_TXSTBC)
1492 cap |= STA_CAP_VHT_TX_STBC;
1493 if (sta->deflink.vht_cap.cap & IEEE80211_VHT_CAP_RXSTBC_1)
1494 cap |= STA_CAP_VHT_RX_STBC;
1495 if (mvif->cap.vht_ldpc &&
1496 (sta->deflink.vht_cap.cap & IEEE80211_VHT_CAP_RXLDPC))
1497 cap |= STA_CAP_VHT_LDPC;
1498
1499 mt7996_mcu_set_sta_vht_mcs(sta, ra->supp_vht_mcs,
1500 mask->control[band].vht_mcs);
1501 }
1502
1503 if (sta->deflink.he_cap.has_he) {
1504 ra->supp_mode |= MODE_HE;
1505 cap |= STA_CAP_HE;
1506
1507 if (sta->deflink.he_6ghz_capa.capa)
1508 ra->af = le16_get_bits(sta->deflink.he_6ghz_capa.capa,
1509 IEEE80211_HE_6GHZ_CAP_MAX_AMPDU_LEN_EXP);
1510 }
1511 ra->sta_cap = cpu_to_le32(cap);
1512}
1513
1514int mt7996_mcu_add_rate_ctrl(struct mt7996_dev *dev, struct ieee80211_vif *vif,
1515 struct ieee80211_sta *sta, bool changed)
1516{
1517 struct mt7996_vif *mvif = (struct mt7996_vif *)vif->drv_priv;
1518 struct mt7996_sta *msta = (struct mt7996_sta *)sta->drv_priv;
1519 struct sk_buff *skb;
1520
1521 skb = __mt76_connac_mcu_alloc_sta_req(&dev->mt76, &mvif->mt76,
1522 &msta->wcid,
1523 MT7996_STA_UPDATE_MAX_SIZE);
1524 if (IS_ERR(skb))
1525 return PTR_ERR(skb);
1526
1527 /* firmware rc algorithm refers to sta_rec_he for HE control.
1528 * once dev->rc_work changes the settings driver should also
1529 * update sta_rec_he here.
1530 */
1531 if (changed)
1532 mt7996_mcu_sta_he_tlv(skb, sta);
1533
1534 /* sta_rec_ra accommodates BW, NSS and only MCS range format
1535 * i.e 0-{7,8,9} for VHT.
1536 */
1537 mt7996_mcu_sta_rate_ctrl_tlv(skb, dev, vif, sta);
1538
1539 return mt76_mcu_skb_send_msg(&dev->mt76, skb,
1540 MCU_WMWA_UNI_CMD(STA_REC_UPDATE), true);
1541}
1542
1543static int
1544mt7996_mcu_add_group(struct mt7996_dev *dev, struct ieee80211_vif *vif,
1545 struct ieee80211_sta *sta)
1546{
1547#define MT_STA_BSS_GROUP 1
1548 struct mt7996_vif *mvif = (struct mt7996_vif *)vif->drv_priv;
1549 struct mt7996_sta *msta;
1550 struct {
1551 u8 __rsv1[4];
1552
1553 __le16 tag;
1554 __le16 len;
1555 __le16 wlan_idx;
1556 u8 __rsv2[2];
1557 __le32 action;
1558 __le32 val;
1559 u8 __rsv3[8];
1560 } __packed req = {
1561 .tag = cpu_to_le16(UNI_VOW_DRR_CTRL),
1562 .len = cpu_to_le16(sizeof(req) - 4),
1563 .action = cpu_to_le32(MT_STA_BSS_GROUP),
1564 .val = cpu_to_le32(mvif->mt76.idx % 16),
1565 };
1566
1567 msta = sta ? (struct mt7996_sta *)sta->drv_priv : &mvif->sta;
1568 req.wlan_idx = cpu_to_le16(msta->wcid.idx);
1569
1570 return mt76_mcu_send_msg(&dev->mt76, MCU_WM_UNI_CMD(VOW), &req,
1571 sizeof(req), true);
1572}
1573
1574int mt7996_mcu_add_sta(struct mt7996_dev *dev, struct ieee80211_vif *vif,
1575 struct ieee80211_sta *sta, bool enable)
1576{
1577 struct mt7996_vif *mvif = (struct mt7996_vif *)vif->drv_priv;
1578 struct mt7996_sta *msta;
1579 struct sk_buff *skb;
1580 int ret;
1581
1582 msta = sta ? (struct mt7996_sta *)sta->drv_priv : &mvif->sta;
1583
1584 skb = __mt76_connac_mcu_alloc_sta_req(&dev->mt76, &mvif->mt76,
1585 &msta->wcid,
1586 MT7996_STA_UPDATE_MAX_SIZE);
1587 if (IS_ERR(skb))
1588 return PTR_ERR(skb);
1589
1590 /* starec basic */
1591 mt76_connac_mcu_sta_basic_tlv(skb, vif, sta, enable,
1592 !rcu_access_pointer(dev->mt76.wcid[msta->wcid.idx]));
1593 if (!enable)
1594 goto out;
1595
1596 /* tag order is in accordance with firmware dependency. */
1597 if (sta) {
1598 /* starec phy */
1599 mt7996_mcu_sta_phy_tlv(dev, skb, vif, sta);
1600 /* starec hdrt mode */
1601 mt7996_mcu_sta_hdrt_tlv(dev, skb);
1602 /* starec bfer */
1603 mt7996_mcu_sta_bfer_tlv(dev, skb, vif, sta);
1604 /* starec ht */
1605 mt7996_mcu_sta_ht_tlv(skb, sta);
1606 /* starec vht */
1607 mt7996_mcu_sta_vht_tlv(skb, sta);
1608 /* starec uapsd */
1609 mt76_connac_mcu_sta_uapsd(skb, vif, sta);
1610 /* starec amsdu */
1611 mt7996_mcu_sta_amsdu_tlv(dev, skb, vif, sta);
1612 /* starec he */
1613 mt7996_mcu_sta_he_tlv(skb, sta);
1614 /* starec he 6g*/
1615 mt7996_mcu_sta_he_6g_tlv(skb, sta);
1616 /* TODO: starec muru */
1617 /* starec bfee */
1618 mt7996_mcu_sta_bfee_tlv(dev, skb, vif, sta);
1619 /* starec hdr trans */
1620 mt7996_mcu_sta_hdr_trans_tlv(dev, skb, vif, sta);
1621 }
1622
1623 ret = mt7996_mcu_add_group(dev, vif, sta);
1624 if (ret) {
1625 dev_kfree_skb(skb);
1626 return ret;
1627 }
1628out:
1629 return mt76_mcu_skb_send_msg(&dev->mt76, skb,
1630 MCU_WMWA_UNI_CMD(STA_REC_UPDATE), true);
1631}
1632
1633static int
1634mt7996_mcu_sta_key_tlv(struct mt76_wcid *wcid,
1635 struct mt76_connac_sta_key_conf *sta_key_conf,
1636 struct sk_buff *skb,
1637 struct ieee80211_key_conf *key,
1638 enum set_key_cmd cmd)
1639{
1640 struct sta_rec_sec_uni *sec;
1641 struct tlv *tlv;
1642
1643 tlv = mt76_connac_mcu_add_tlv(skb, STA_REC_KEY_V2, sizeof(*sec));
1644 sec = (struct sta_rec_sec_uni *)tlv;
1645 sec->add = cmd;
1646
1647 if (cmd == SET_KEY) {
1648 struct sec_key_uni *sec_key;
1649 u8 cipher;
1650
1651 cipher = mt76_connac_mcu_get_cipher(key->cipher);
1652 if (cipher == MCU_CIPHER_NONE)
1653 return -EOPNOTSUPP;
1654
1655 sec_key = &sec->key[0];
1656 sec_key->cipher_len = sizeof(*sec_key);
1657
1658 if (cipher == MCU_CIPHER_BIP_CMAC_128) {
1659 sec_key->wlan_idx = cpu_to_le16(wcid->idx);
1660 sec_key->cipher_id = MCU_CIPHER_AES_CCMP;
1661 sec_key->key_id = sta_key_conf->keyidx;
1662 sec_key->key_len = 16;
1663 memcpy(sec_key->key, sta_key_conf->key, 16);
1664
1665 sec_key = &sec->key[1];
1666 sec_key->wlan_idx = cpu_to_le16(wcid->idx);
1667 sec_key->cipher_id = MCU_CIPHER_BIP_CMAC_128;
1668 sec_key->cipher_len = sizeof(*sec_key);
1669 sec_key->key_len = 16;
1670 memcpy(sec_key->key, key->key, 16);
1671 sec->n_cipher = 2;
1672 } else {
1673 sec_key->wlan_idx = cpu_to_le16(wcid->idx);
1674 sec_key->cipher_id = cipher;
1675 sec_key->key_id = key->keyidx;
1676 sec_key->key_len = key->keylen;
1677 memcpy(sec_key->key, key->key, key->keylen);
1678
1679 if (cipher == MCU_CIPHER_TKIP) {
1680 /* Rx/Tx MIC keys are swapped */
1681 memcpy(sec_key->key + 16, key->key + 24, 8);
1682 memcpy(sec_key->key + 24, key->key + 16, 8);
1683 }
1684
1685 /* store key_conf for BIP batch update */
1686 if (cipher == MCU_CIPHER_AES_CCMP) {
1687 memcpy(sta_key_conf->key, key->key, key->keylen);
1688 sta_key_conf->keyidx = key->keyidx;
1689 }
1690
1691 sec->n_cipher = 1;
1692 }
1693 } else {
1694 sec->n_cipher = 0;
1695 }
1696
1697 return 0;
1698}
1699
1700int mt7996_mcu_add_key(struct mt76_dev *dev, struct ieee80211_vif *vif,
1701 struct mt76_connac_sta_key_conf *sta_key_conf,
1702 struct ieee80211_key_conf *key, int mcu_cmd,
1703 struct mt76_wcid *wcid, enum set_key_cmd cmd)
1704{
1705 struct mt76_vif *mvif = (struct mt76_vif *)vif->drv_priv;
1706 struct sk_buff *skb;
1707 int ret;
1708
1709 skb = __mt76_connac_mcu_alloc_sta_req(dev, mvif, wcid,
1710 MT7996_STA_UPDATE_MAX_SIZE);
1711 if (IS_ERR(skb))
1712 return PTR_ERR(skb);
1713
1714 ret = mt7996_mcu_sta_key_tlv(wcid, sta_key_conf, skb, key, cmd);
1715 if (ret)
1716 return ret;
1717
1718 return mt76_mcu_skb_send_msg(dev, skb, mcu_cmd, true);
1719}
1720
1721int mt7996_mcu_add_dev_info(struct mt7996_phy *phy,
1722 struct ieee80211_vif *vif, bool enable)
1723{
1724 struct mt7996_dev *dev = phy->dev;
1725 struct mt7996_vif *mvif = (struct mt7996_vif *)vif->drv_priv;
1726 struct {
1727 struct req_hdr {
1728 u8 omac_idx;
1729 u8 band_idx;
1730 u8 __rsv[2];
1731 } __packed hdr;
1732 struct req_tlv {
1733 __le16 tag;
1734 __le16 len;
1735 u8 active;
1736 u8 __rsv;
1737 u8 omac_addr[ETH_ALEN];
1738 } __packed tlv;
1739 } data = {
1740 .hdr = {
1741 .omac_idx = mvif->mt76.omac_idx,
1742 .band_idx = mvif->mt76.band_idx,
1743 },
1744 .tlv = {
1745 .tag = cpu_to_le16(DEV_INFO_ACTIVE),
1746 .len = cpu_to_le16(sizeof(struct req_tlv)),
1747 .active = enable,
1748 },
1749 };
1750
1751 if (mvif->mt76.omac_idx >= REPEATER_BSSID_START)
1752 return mt7996_mcu_muar_config(phy, vif, false, enable);
1753
1754 memcpy(data.tlv.omac_addr, vif->addr, ETH_ALEN);
1755 return mt76_mcu_send_msg(&dev->mt76, MCU_WMWA_UNI_CMD(DEV_INFO_UPDATE),
1756 &data, sizeof(data), true);
1757}
1758
1759static void
1760mt7996_mcu_beacon_cntdwn(struct ieee80211_vif *vif, struct sk_buff *rskb,
1761 struct sk_buff *skb,
1762 struct ieee80211_mutable_offsets *offs)
1763{
1764 struct bss_bcn_cntdwn_tlv *info;
1765 struct tlv *tlv;
1766 u16 tag;
1767
1768 if (!offs->cntdwn_counter_offs[0])
1769 return;
1770
1771 tag = vif->bss_conf.csa_active ? UNI_BSS_INFO_BCN_CSA : UNI_BSS_INFO_BCN_BCC;
1772
1773 tlv = mt7996_mcu_add_uni_tlv(rskb, tag, sizeof(*info));
1774
1775 info = (struct bss_bcn_cntdwn_tlv *)tlv;
1776 info->cnt = skb->data[offs->cntdwn_counter_offs[0]];
1777}
1778
1779static void
1780mt7996_mcu_beacon_cont(struct mt7996_dev *dev, struct ieee80211_vif *vif,
1781 struct sk_buff *rskb, struct sk_buff *skb,
1782 struct bss_bcn_content_tlv *bcn,
1783 struct ieee80211_mutable_offsets *offs)
1784{
1785 struct mt76_wcid *wcid = &dev->mt76.global_wcid;
1786 u8 *buf;
1787
1788 bcn->pkt_len = cpu_to_le16(MT_TXD_SIZE + skb->len);
1789 bcn->tim_ie_pos = cpu_to_le16(offs->tim_offset);
1790
1791 if (offs->cntdwn_counter_offs[0]) {
1792 u16 offset = offs->cntdwn_counter_offs[0];
1793
1794 if (vif->bss_conf.csa_active)
1795 bcn->csa_ie_pos = cpu_to_le16(offset - 4);
1796 if (vif->bss_conf.color_change_active)
1797 bcn->bcc_ie_pos = cpu_to_le16(offset - 3);
1798 }
1799
1800 buf = (u8 *)bcn + sizeof(*bcn) - MAX_BEACON_SIZE;
1801 mt7996_mac_write_txwi(dev, (__le32 *)buf, skb, wcid, 0, NULL,
1802 BSS_CHANGED_BEACON);
1803 memcpy(buf + MT_TXD_SIZE, skb->data, skb->len);
1804}
1805
1806static void
1807mt7996_mcu_beacon_check_caps(struct mt7996_phy *phy, struct ieee80211_vif *vif,
1808 struct sk_buff *skb)
1809{
1810 struct mt7996_vif *mvif = (struct mt7996_vif *)vif->drv_priv;
1811 struct mt7996_vif_cap *vc = &mvif->cap;
1812 const struct ieee80211_he_cap_elem *he;
1813 const struct ieee80211_vht_cap *vht;
1814 const struct ieee80211_ht_cap *ht;
1815 struct ieee80211_mgmt *mgmt = (struct ieee80211_mgmt *)skb->data;
1816 const u8 *ie;
1817 u32 len, bc;
1818
1819 /* Check missing configuration options to allow AP mode in mac80211
1820 * to remain in sync with hostapd settings, and get a subset of
1821 * beacon and hardware capabilities.
1822 */
1823 if (WARN_ON_ONCE(skb->len <= (mgmt->u.beacon.variable - skb->data)))
1824 return;
1825
1826 memset(vc, 0, sizeof(*vc));
1827
1828 len = skb->len - (mgmt->u.beacon.variable - skb->data);
1829
1830 ie = cfg80211_find_ie(WLAN_EID_HT_CAPABILITY, mgmt->u.beacon.variable,
1831 len);
1832 if (ie && ie[1] >= sizeof(*ht)) {
1833 ht = (void *)(ie + 2);
1834 vc->ht_ldpc |= !!(le16_to_cpu(ht->cap_info) &
1835 IEEE80211_HT_CAP_LDPC_CODING);
1836 }
1837
1838 ie = cfg80211_find_ie(WLAN_EID_VHT_CAPABILITY, mgmt->u.beacon.variable,
1839 len);
1840 if (ie && ie[1] >= sizeof(*vht)) {
1841 u32 pc = phy->mt76->sband_5g.sband.vht_cap.cap;
1842
1843 vht = (void *)(ie + 2);
1844 bc = le32_to_cpu(vht->vht_cap_info);
1845
1846 vc->vht_ldpc |= !!(bc & IEEE80211_VHT_CAP_RXLDPC);
1847 vc->vht_su_ebfer =
1848 (bc & IEEE80211_VHT_CAP_SU_BEAMFORMER_CAPABLE) &&
1849 (pc & IEEE80211_VHT_CAP_SU_BEAMFORMER_CAPABLE);
1850 vc->vht_su_ebfee =
1851 (bc & IEEE80211_VHT_CAP_SU_BEAMFORMEE_CAPABLE) &&
1852 (pc & IEEE80211_VHT_CAP_SU_BEAMFORMEE_CAPABLE);
1853 vc->vht_mu_ebfer =
1854 (bc & IEEE80211_VHT_CAP_MU_BEAMFORMER_CAPABLE) &&
1855 (pc & IEEE80211_VHT_CAP_MU_BEAMFORMER_CAPABLE);
1856 vc->vht_mu_ebfee =
1857 (bc & IEEE80211_VHT_CAP_MU_BEAMFORMEE_CAPABLE) &&
1858 (pc & IEEE80211_VHT_CAP_MU_BEAMFORMEE_CAPABLE);
1859 }
1860
1861 ie = cfg80211_find_ext_ie(WLAN_EID_EXT_HE_CAPABILITY,
1862 mgmt->u.beacon.variable, len);
1863 if (ie && ie[1] >= sizeof(*he) + 1) {
1864 const struct ieee80211_sta_he_cap *pc =
1865 mt76_connac_get_he_phy_cap(phy->mt76, vif);
1866 const struct ieee80211_he_cap_elem *pe = &pc->he_cap_elem;
1867
1868 he = (void *)(ie + 3);
1869
1870 vc->he_ldpc =
1871 HE_PHY(CAP1_LDPC_CODING_IN_PAYLOAD, pe->phy_cap_info[1]);
1872 vc->he_su_ebfer =
1873 HE_PHY(CAP3_SU_BEAMFORMER, he->phy_cap_info[3]) &&
1874 HE_PHY(CAP3_SU_BEAMFORMER, pe->phy_cap_info[3]);
1875 vc->he_su_ebfee =
1876 HE_PHY(CAP4_SU_BEAMFORMEE, he->phy_cap_info[4]) &&
1877 HE_PHY(CAP4_SU_BEAMFORMEE, pe->phy_cap_info[4]);
1878 vc->he_mu_ebfer =
1879 HE_PHY(CAP4_MU_BEAMFORMER, he->phy_cap_info[4]) &&
1880 HE_PHY(CAP4_MU_BEAMFORMER, pe->phy_cap_info[4]);
1881 }
1882}
1883
1884int mt7996_mcu_add_beacon(struct ieee80211_hw *hw,
1885 struct ieee80211_vif *vif, int en)
1886{
1887 struct mt7996_dev *dev = mt7996_hw_dev(hw);
1888 struct mt7996_phy *phy = mt7996_hw_phy(hw);
1889 struct mt7996_vif *mvif = (struct mt7996_vif *)vif->drv_priv;
1890 struct ieee80211_mutable_offsets offs;
1891 struct ieee80211_tx_info *info;
1892 struct sk_buff *skb, *rskb;
1893 struct tlv *tlv;
1894 struct bss_bcn_content_tlv *bcn;
1895
1896 rskb = __mt7996_mcu_alloc_bss_req(&dev->mt76, &mvif->mt76,
1897 MT7996_BEACON_UPDATE_SIZE);
1898 if (IS_ERR(rskb))
1899 return PTR_ERR(rskb);
1900
1901 tlv = mt7996_mcu_add_uni_tlv(rskb,
1902 UNI_BSS_INFO_BCN_CONTENT, sizeof(*bcn));
1903 bcn = (struct bss_bcn_content_tlv *)tlv;
1904 bcn->enable = en;
1905
1906 if (!en)
1907 goto out;
1908
1909 skb = ieee80211_beacon_get_template(hw, vif, &offs, 0);
1910 if (!skb)
1911 return -EINVAL;
1912
1913 if (skb->len > MAX_BEACON_SIZE - MT_TXD_SIZE) {
1914 dev_err(dev->mt76.dev, "Bcn size limit exceed\n");
1915 dev_kfree_skb(skb);
1916 return -EINVAL;
1917 }
1918
1919 info = IEEE80211_SKB_CB(skb);
1920 info->hw_queue |= FIELD_PREP(MT_TX_HW_QUEUE_PHY, phy->mt76->band_idx);
1921
1922 mt7996_mcu_beacon_check_caps(phy, vif, skb);
1923
1924 mt7996_mcu_beacon_cont(dev, vif, rskb, skb, bcn, &offs);
1925 /* TODO: subtag - 11v MBSSID */
1926 mt7996_mcu_beacon_cntdwn(vif, rskb, skb, &offs);
1927 dev_kfree_skb(skb);
1928out:
1929 return mt76_mcu_skb_send_msg(&phy->dev->mt76, rskb,
1930 MCU_WMWA_UNI_CMD(BSS_INFO_UPDATE), true);
1931}
1932
1933int mt7996_mcu_beacon_inband_discov(struct mt7996_dev *dev,
1934 struct ieee80211_vif *vif, u32 changed)
1935{
1936#define OFFLOAD_TX_MODE_SU BIT(0)
1937#define OFFLOAD_TX_MODE_MU BIT(1)
1938 struct ieee80211_hw *hw = mt76_hw(dev);
1939 struct mt7996_phy *phy = mt7996_hw_phy(hw);
1940 struct mt7996_vif *mvif = (struct mt7996_vif *)vif->drv_priv;
1941 struct cfg80211_chan_def *chandef = &mvif->phy->mt76->chandef;
1942 enum nl80211_band band = chandef->chan->band;
1943 struct mt76_wcid *wcid = &dev->mt76.global_wcid;
1944 struct bss_inband_discovery_tlv *discov;
1945 struct ieee80211_tx_info *info;
1946 struct sk_buff *rskb, *skb = NULL;
1947 struct tlv *tlv;
1948 u8 *buf, interval;
1949
1950 rskb = __mt7996_mcu_alloc_bss_req(&dev->mt76, &mvif->mt76,
1951 MT7996_INBAND_FRAME_SIZE);
1952 if (IS_ERR(rskb))
1953 return PTR_ERR(rskb);
1954
1955 if (changed & BSS_CHANGED_FILS_DISCOVERY &&
1956 vif->bss_conf.fils_discovery.max_interval) {
1957 interval = vif->bss_conf.fils_discovery.max_interval;
1958 skb = ieee80211_get_fils_discovery_tmpl(hw, vif);
1959 } else if (changed & BSS_CHANGED_UNSOL_BCAST_PROBE_RESP &&
1960 vif->bss_conf.unsol_bcast_probe_resp_interval) {
1961 interval = vif->bss_conf.unsol_bcast_probe_resp_interval;
1962 skb = ieee80211_get_unsol_bcast_probe_resp_tmpl(hw, vif);
1963 }
1964
1965 if (!skb)
1966 return -EINVAL;
1967
1968 if (skb->len > MAX_INBAND_FRAME_SIZE - MT_TXD_SIZE) {
1969 dev_err(dev->mt76.dev, "inband discovery size limit exceed\n");
1970 dev_kfree_skb(skb);
1971 return -EINVAL;
1972 }
1973
1974 info = IEEE80211_SKB_CB(skb);
1975 info->control.vif = vif;
1976 info->band = band;
1977 info->hw_queue |= FIELD_PREP(MT_TX_HW_QUEUE_PHY, phy->mt76->band_idx);
1978
1979 tlv = mt7996_mcu_add_uni_tlv(rskb, UNI_BSS_INFO_OFFLOAD, sizeof(*discov));
1980
1981 discov = (struct bss_inband_discovery_tlv *)tlv;
1982 discov->tx_mode = OFFLOAD_TX_MODE_SU;
1983 /* 0: UNSOL PROBE RESP, 1: FILS DISCOV */
1984 discov->tx_type = !!(changed & BSS_CHANGED_FILS_DISCOVERY);
1985 discov->tx_interval = interval;
1986 discov->prob_rsp_len = cpu_to_le16(MT_TXD_SIZE + skb->len);
1987 discov->enable = true;
1988 discov->wcid = cpu_to_le16(MT7996_WTBL_RESERVED);
1989
1990 buf = (u8 *)tlv + sizeof(*discov) - MAX_INBAND_FRAME_SIZE;
1991
1992 mt7996_mac_write_txwi(dev, (__le32 *)buf, skb, wcid, 0, NULL,
1993 changed);
1994
1995 memcpy(buf + MT_TXD_SIZE, skb->data, skb->len);
1996
1997 dev_kfree_skb(skb);
1998
1999 return mt76_mcu_skb_send_msg(&dev->mt76, rskb,
2000 MCU_WMWA_UNI_CMD(BSS_INFO_UPDATE), true);
2001}
2002
2003static int mt7996_driver_own(struct mt7996_dev *dev, u8 band)
2004{
2005 mt76_wr(dev, MT_TOP_LPCR_HOST_BAND(band), MT_TOP_LPCR_HOST_DRV_OWN);
2006 if (!mt76_poll_msec(dev, MT_TOP_LPCR_HOST_BAND(band),
2007 MT_TOP_LPCR_HOST_FW_OWN_STAT, 0, 500)) {
2008 dev_err(dev->mt76.dev, "Timeout for driver own\n");
2009 return -EIO;
2010 }
2011
2012 /* clear irq when the driver own success */
2013 mt76_wr(dev, MT_TOP_LPCR_HOST_BAND_IRQ_STAT(band),
2014 MT_TOP_LPCR_HOST_BAND_STAT);
2015
2016 return 0;
2017}
2018
2019static u32 mt7996_patch_sec_mode(u32 key_info)
2020{
2021 u32 sec = u32_get_bits(key_info, MT7996_PATCH_SEC), key = 0;
2022
2023 if (key_info == GENMASK(31, 0) || sec == MT7996_SEC_MODE_PLAIN)
2024 return 0;
2025
2026 if (sec == MT7996_SEC_MODE_AES)
2027 key = u32_get_bits(key_info, MT7996_PATCH_AES_KEY);
2028 else
2029 key = u32_get_bits(key_info, MT7996_PATCH_SCRAMBLE_KEY);
2030
2031 return MT7996_SEC_ENCRYPT | MT7996_SEC_IV |
2032 u32_encode_bits(key, MT7996_SEC_KEY_IDX);
2033}
2034
2035static int mt7996_load_patch(struct mt7996_dev *dev)
2036{
2037 const struct mt7996_patch_hdr *hdr;
2038 const struct firmware *fw = NULL;
2039 int i, ret, sem;
2040
2041 sem = mt76_connac_mcu_patch_sem_ctrl(&dev->mt76, 1);
2042 switch (sem) {
2043 case PATCH_IS_DL:
2044 return 0;
2045 case PATCH_NOT_DL_SEM_SUCCESS:
2046 break;
2047 default:
2048 dev_err(dev->mt76.dev, "Failed to get patch semaphore\n");
2049 return -EAGAIN;
2050 }
2051
2052 ret = request_firmware(&fw, MT7996_ROM_PATCH, dev->mt76.dev);
2053 if (ret)
2054 goto out;
2055
2056 if (!fw || !fw->data || fw->size < sizeof(*hdr)) {
2057 dev_err(dev->mt76.dev, "Invalid firmware\n");
2058 ret = -EINVAL;
2059 goto out;
2060 }
2061
2062 hdr = (const struct mt7996_patch_hdr *)(fw->data);
2063
2064 dev_info(dev->mt76.dev, "HW/SW Version: 0x%x, Build Time: %.16s\n",
2065 be32_to_cpu(hdr->hw_sw_ver), hdr->build_date);
2066
2067 for (i = 0; i < be32_to_cpu(hdr->desc.n_region); i++) {
2068 struct mt7996_patch_sec *sec;
2069 const u8 *dl;
2070 u32 len, addr, sec_key_idx, mode = DL_MODE_NEED_RSP;
2071
2072 sec = (struct mt7996_patch_sec *)(fw->data + sizeof(*hdr) +
2073 i * sizeof(*sec));
2074 if ((be32_to_cpu(sec->type) & PATCH_SEC_TYPE_MASK) !=
2075 PATCH_SEC_TYPE_INFO) {
2076 ret = -EINVAL;
2077 goto out;
2078 }
2079
2080 addr = be32_to_cpu(sec->info.addr);
2081 len = be32_to_cpu(sec->info.len);
2082 sec_key_idx = be32_to_cpu(sec->info.sec_key_idx);
2083 dl = fw->data + be32_to_cpu(sec->offs);
2084
2085 mode |= mt7996_patch_sec_mode(sec_key_idx);
2086
2087 ret = mt76_connac_mcu_init_download(&dev->mt76, addr, len,
2088 mode);
2089 if (ret) {
2090 dev_err(dev->mt76.dev, "Download request failed\n");
2091 goto out;
2092 }
2093
2094 ret = __mt76_mcu_send_firmware(&dev->mt76, MCU_CMD(FW_SCATTER),
2095 dl, len, 4096);
2096 if (ret) {
2097 dev_err(dev->mt76.dev, "Failed to send patch\n");
2098 goto out;
2099 }
2100 }
2101
2102 ret = mt76_connac_mcu_start_patch(&dev->mt76);
2103 if (ret)
2104 dev_err(dev->mt76.dev, "Failed to start patch\n");
2105
2106out:
2107 sem = mt76_connac_mcu_patch_sem_ctrl(&dev->mt76, 0);
2108 switch (sem) {
2109 case PATCH_REL_SEM_SUCCESS:
2110 break;
2111 default:
2112 ret = -EAGAIN;
2113 dev_err(dev->mt76.dev, "Failed to release patch semaphore\n");
2114 break;
2115 }
2116 release_firmware(fw);
2117
2118 return ret;
2119}
2120
2121static int
2122mt7996_mcu_send_ram_firmware(struct mt7996_dev *dev,
2123 const struct mt7996_fw_trailer *hdr,
2124 const u8 *data, bool is_wa)
2125{
2126 int i, offset = 0;
2127 u32 override = 0, option = 0;
2128
2129 for (i = 0; i < hdr->n_region; i++) {
2130 const struct mt7996_fw_region *region;
2131 int err;
2132 u32 len, addr, mode;
2133
2134 region = (const struct mt7996_fw_region *)((const u8 *)hdr -
2135 (hdr->n_region - i) * sizeof(*region));
2136 mode = mt76_connac_mcu_gen_dl_mode(&dev->mt76,
2137 region->feature_set, is_wa);
2138 len = le32_to_cpu(region->len);
2139 addr = le32_to_cpu(region->addr);
2140
2141 if (region->feature_set & FW_FEATURE_OVERRIDE_ADDR)
2142 override = addr;
2143
2144 err = mt76_connac_mcu_init_download(&dev->mt76, addr, len,
2145 mode);
2146 if (err) {
2147 dev_err(dev->mt76.dev, "Download request failed\n");
2148 return err;
2149 }
2150
2151 err = __mt76_mcu_send_firmware(&dev->mt76, MCU_CMD(FW_SCATTER),
2152 data + offset, len, 4096);
2153 if (err) {
2154 dev_err(dev->mt76.dev, "Failed to send firmware.\n");
2155 return err;
2156 }
2157
2158 offset += len;
2159 }
2160
2161 if (override)
2162 option |= FW_START_OVERRIDE;
2163
2164 if (is_wa)
2165 option |= FW_START_WORKING_PDA_CR4;
2166
2167 return mt76_connac_mcu_start_firmware(&dev->mt76, override, option);
2168}
2169
2170static int mt7996_load_ram(struct mt7996_dev *dev)
2171{
2172 const struct mt7996_fw_trailer *hdr;
2173 const struct firmware *fw;
2174 int ret;
2175
2176 ret = request_firmware(&fw, MT7996_FIRMWARE_WM, dev->mt76.dev);
2177 if (ret)
2178 return ret;
2179
2180 if (!fw || !fw->data || fw->size < sizeof(*hdr)) {
2181 dev_err(dev->mt76.dev, "Invalid firmware\n");
2182 ret = -EINVAL;
2183 goto out;
2184 }
2185
2186 hdr = (const struct mt7996_fw_trailer *)(fw->data + fw->size - sizeof(*hdr));
2187
2188 dev_info(dev->mt76.dev, "WM Firmware Version: %.10s, Build Time: %.15s\n",
2189 hdr->fw_ver, hdr->build_date);
2190
2191 ret = mt7996_mcu_send_ram_firmware(dev, hdr, fw->data, false);
2192 if (ret) {
2193 dev_err(dev->mt76.dev, "Failed to start WM firmware\n");
2194 goto out;
2195 }
2196
2197 release_firmware(fw);
2198
2199 ret = request_firmware(&fw, MT7996_FIRMWARE_WA, dev->mt76.dev);
2200 if (ret)
2201 return ret;
2202
2203 if (!fw || !fw->data || fw->size < sizeof(*hdr)) {
2204 dev_err(dev->mt76.dev, "Invalid firmware\n");
2205 ret = -EINVAL;
2206 goto out;
2207 }
2208
2209 hdr = (const struct mt7996_fw_trailer *)(fw->data + fw->size - sizeof(*hdr));
2210
2211 dev_info(dev->mt76.dev, "WA Firmware Version: %.10s, Build Time: %.15s\n",
2212 hdr->fw_ver, hdr->build_date);
2213
2214 ret = mt7996_mcu_send_ram_firmware(dev, hdr, fw->data, true);
2215 if (ret) {
2216 dev_err(dev->mt76.dev, "Failed to start WA firmware\n");
2217 goto out;
2218 }
2219
2220 snprintf(dev->mt76.hw->wiphy->fw_version,
2221 sizeof(dev->mt76.hw->wiphy->fw_version),
2222 "%.10s-%.15s", hdr->fw_ver, hdr->build_date);
2223
2224out:
2225 release_firmware(fw);
2226
2227 return ret;
2228}
2229
2230static int
2231mt7996_firmware_state(struct mt7996_dev *dev, bool wa)
2232{
2233 u32 state = FIELD_PREP(MT_TOP_MISC_FW_STATE,
2234 wa ? FW_STATE_RDY : FW_STATE_FW_DOWNLOAD);
2235
2236 if (!mt76_poll_msec(dev, MT_TOP_MISC, MT_TOP_MISC_FW_STATE,
2237 state, 1000)) {
2238 dev_err(dev->mt76.dev, "Timeout for initializing firmware\n");
2239 return -EIO;
2240 }
2241 return 0;
2242}
2243
2244static int mt7996_load_firmware(struct mt7996_dev *dev)
2245{
2246 int ret;
2247
2248 /* make sure fw is download state */
2249 if (mt7996_firmware_state(dev, false)) {
2250 /* restart firmware once */
2251 __mt76_mcu_restart(&dev->mt76);
2252 ret = mt7996_firmware_state(dev, false);
2253 if (ret) {
2254 dev_err(dev->mt76.dev,
2255 "Firmware is not ready for download\n");
2256 return ret;
2257 }
2258 }
2259
2260 ret = mt7996_load_patch(dev);
2261 if (ret)
2262 return ret;
2263
2264 ret = mt7996_load_ram(dev);
2265 if (ret)
2266 return ret;
2267
2268 ret = mt7996_firmware_state(dev, true);
2269 if (ret)
2270 return ret;
2271
2272 mt76_queue_tx_cleanup(dev, dev->mt76.q_mcu[MT_MCUQ_FWDL], false);
2273
2274 dev_dbg(dev->mt76.dev, "Firmware init done\n");
2275
2276 return 0;
2277}
2278
2279int mt7996_mcu_fw_log_2_host(struct mt7996_dev *dev, u8 type, u8 ctrl)
2280{
2281 struct {
2282 u8 _rsv[4];
2283
2284 __le16 tag;
2285 __le16 len;
2286 u8 ctrl;
2287 u8 interval;
2288 u8 _rsv2[2];
2289 } __packed data = {
2290 .tag = cpu_to_le16(UNI_WSYS_CONFIG_FW_LOG_CTRL),
2291 .len = cpu_to_le16(sizeof(data) - 4),
2292 .ctrl = ctrl,
2293 };
2294
2295 if (type == MCU_FW_LOG_WA)
2296 return mt76_mcu_send_msg(&dev->mt76, MCU_WA_UNI_CMD(WSYS_CONFIG),
2297 &data, sizeof(data), true);
2298
2299 return mt76_mcu_send_msg(&dev->mt76, MCU_WM_UNI_CMD(WSYS_CONFIG), &data,
2300 sizeof(data), true);
2301}
2302
2303int mt7996_mcu_fw_dbg_ctrl(struct mt7996_dev *dev, u32 module, u8 level)
2304{
2305 struct {
2306 u8 _rsv[4];
2307
2308 __le16 tag;
2309 __le16 len;
2310 __le32 module_idx;
2311 u8 level;
2312 u8 _rsv2[3];
2313 } data = {
2314 .tag = cpu_to_le16(UNI_WSYS_CONFIG_FW_DBG_CTRL),
2315 .len = cpu_to_le16(sizeof(data) - 4),
2316 .module_idx = cpu_to_le32(module),
2317 .level = level,
2318 };
2319
2320 return mt76_mcu_send_msg(&dev->mt76, MCU_WM_UNI_CMD(WSYS_CONFIG), &data,
2321 sizeof(data), false);
2322}
2323
2324static int mt7996_mcu_set_mwds(struct mt7996_dev *dev, bool enabled)
2325{
2326 struct {
2327 u8 enable;
2328 u8 _rsv[3];
2329 } __packed req = {
2330 .enable = enabled
2331 };
2332
2333 return mt76_mcu_send_msg(&dev->mt76, MCU_WA_EXT_CMD(MWDS_SUPPORT), &req,
2334 sizeof(req), false);
2335}
2336
2337static void mt7996_add_rx_airtime_tlv(struct sk_buff *skb, u8 band_idx)
2338{
2339 struct vow_rx_airtime *req;
2340 struct tlv *tlv;
2341
2342 tlv = mt7996_mcu_add_uni_tlv(skb, UNI_VOW_RX_AT_AIRTIME_CLR_EN, sizeof(*req));
2343 req = (struct vow_rx_airtime *)tlv;
2344 req->enable = true;
2345 req->band = band_idx;
2346
2347 tlv = mt7996_mcu_add_uni_tlv(skb, UNI_VOW_RX_AT_AIRTIME_EN, sizeof(*req));
2348 req = (struct vow_rx_airtime *)tlv;
2349 req->enable = true;
2350 req->band = band_idx;
2351}
2352
2353static int
2354mt7996_mcu_init_rx_airtime(struct mt7996_dev *dev)
2355{
2356 struct uni_header hdr = {};
2357 struct sk_buff *skb;
2358 int len, num;
2359
2360 num = 2 + 2 * (dev->dbdc_support + dev->tbtc_support);
2361 len = sizeof(hdr) + num * sizeof(struct vow_rx_airtime);
2362 skb = mt76_mcu_msg_alloc(&dev->mt76, NULL, len);
2363 if (!skb)
2364 return -ENOMEM;
2365
2366 skb_put_data(skb, &hdr, sizeof(hdr));
2367
2368 mt7996_add_rx_airtime_tlv(skb, dev->mt76.phy.band_idx);
2369
2370 if (dev->dbdc_support)
2371 mt7996_add_rx_airtime_tlv(skb, MT_BAND1);
2372
2373 if (dev->tbtc_support)
2374 mt7996_add_rx_airtime_tlv(skb, MT_BAND2);
2375
2376 return mt76_mcu_skb_send_msg(&dev->mt76, skb,
2377 MCU_WM_UNI_CMD(VOW), true);
2378}
2379
2380static int
2381mt7996_mcu_restart(struct mt76_dev *dev)
2382{
2383 struct {
2384 u8 __rsv1[4];
2385
2386 __le16 tag;
2387 __le16 len;
2388 u8 power_mode;
2389 u8 __rsv2[3];
2390 } __packed req = {
2391 .tag = cpu_to_le16(UNI_POWER_OFF),
2392 .len = cpu_to_le16(sizeof(req) - 4),
2393 .power_mode = 1,
2394 };
2395
2396 return mt76_mcu_send_msg(dev, MCU_WM_UNI_CMD(POWER_CREL), &req,
2397 sizeof(req), false);
2398}
2399
2400int mt7996_mcu_init(struct mt7996_dev *dev)
2401{
2402 static const struct mt76_mcu_ops mt7996_mcu_ops = {
2403 .headroom = sizeof(struct mt76_connac2_mcu_txd), /* reuse */
2404 .mcu_skb_send_msg = mt7996_mcu_send_message,
2405 .mcu_parse_response = mt7996_mcu_parse_response,
2406 .mcu_restart = mt7996_mcu_restart,
2407 };
2408 int ret;
2409
2410 dev->mt76.mcu_ops = &mt7996_mcu_ops;
2411
2412 /* force firmware operation mode into normal state,
2413 * which should be set before firmware download stage.
2414 */
2415 mt76_wr(dev, MT_SWDEF_MODE, MT_SWDEF_NORMAL_MODE);
2416
2417 ret = mt7996_driver_own(dev, 0);
2418 if (ret)
2419 return ret;
2420 /* set driver own for band1 when two hif exist */
2421 if (dev->hif2) {
2422 ret = mt7996_driver_own(dev, 1);
2423 if (ret)
2424 return ret;
2425 }
2426
2427 ret = mt7996_load_firmware(dev);
2428 if (ret)
2429 return ret;
2430
2431 set_bit(MT76_STATE_MCU_RUNNING, &dev->mphy.state);
2432 ret = mt7996_mcu_fw_log_2_host(dev, MCU_FW_LOG_WM, 0);
2433 if (ret)
2434 return ret;
2435
2436 ret = mt7996_mcu_fw_log_2_host(dev, MCU_FW_LOG_WA, 0);
2437 if (ret)
2438 return ret;
2439
2440 ret = mt7996_mcu_set_mwds(dev, 1);
2441 if (ret)
2442 return ret;
2443
2444 ret = mt7996_mcu_init_rx_airtime(dev);
2445 if (ret)
2446 return ret;
2447
2448 return mt7996_mcu_wa_cmd(dev, MCU_WA_PARAM_CMD(SET),
2449 MCU_WA_PARAM_RED, 0, 0);
2450}
2451
2452void mt7996_mcu_exit(struct mt7996_dev *dev)
2453{
2454 __mt76_mcu_restart(&dev->mt76);
2455 if (mt7996_firmware_state(dev, false)) {
2456 dev_err(dev->mt76.dev, "Failed to exit mcu\n");
2457 return;
2458 }
2459
2460 mt76_wr(dev, MT_TOP_LPCR_HOST_BAND(0), MT_TOP_LPCR_HOST_FW_OWN);
2461 if (dev->hif2)
2462 mt76_wr(dev, MT_TOP_LPCR_HOST_BAND(1),
2463 MT_TOP_LPCR_HOST_FW_OWN);
2464 skb_queue_purge(&dev->mt76.mcu.res_q);
2465}
2466
2467int mt7996_mcu_set_hdr_trans(struct mt7996_dev *dev, bool hdr_trans)
2468{
2469 struct {
2470 u8 __rsv[4];
2471 } __packed hdr;
2472 struct hdr_trans_blacklist *req_blacklist;
2473 struct hdr_trans_en *req_en;
2474 struct sk_buff *skb;
2475 struct tlv *tlv;
2476 int len = MT7996_HDR_TRANS_MAX_SIZE + sizeof(hdr);
2477
2478 skb = mt76_mcu_msg_alloc(&dev->mt76, NULL, len);
2479 if (!skb)
2480 return -ENOMEM;
2481
2482 skb_put_data(skb, &hdr, sizeof(hdr));
2483
2484 tlv = mt7996_mcu_add_uni_tlv(skb, UNI_HDR_TRANS_EN, sizeof(*req_en));
2485 req_en = (struct hdr_trans_en *)tlv;
2486 req_en->enable = hdr_trans;
2487
2488 tlv = mt7996_mcu_add_uni_tlv(skb, UNI_HDR_TRANS_VLAN,
2489 sizeof(struct hdr_trans_vlan));
2490
2491 if (hdr_trans) {
2492 tlv = mt7996_mcu_add_uni_tlv(skb, UNI_HDR_TRANS_BLACKLIST,
2493 sizeof(*req_blacklist));
2494 req_blacklist = (struct hdr_trans_blacklist *)tlv;
2495 req_blacklist->enable = 1;
2496 req_blacklist->type = cpu_to_le16(ETH_P_PAE);
2497 }
2498
2499 return mt76_mcu_skb_send_msg(&dev->mt76, skb,
2500 MCU_WM_UNI_CMD(RX_HDR_TRANS), true);
2501}
2502
2503int mt7996_mcu_set_tx(struct mt7996_dev *dev, struct ieee80211_vif *vif)
2504{
2505#define MCU_EDCA_AC_PARAM 0
2506#define WMM_AIFS_SET BIT(0)
2507#define WMM_CW_MIN_SET BIT(1)
2508#define WMM_CW_MAX_SET BIT(2)
2509#define WMM_TXOP_SET BIT(3)
2510#define WMM_PARAM_SET (WMM_AIFS_SET | WMM_CW_MIN_SET | \
2511 WMM_CW_MAX_SET | WMM_TXOP_SET)
2512 struct mt7996_vif *mvif = (struct mt7996_vif *)vif->drv_priv;
2513 struct {
2514 u8 bss_idx;
2515 u8 __rsv[3];
2516 } __packed hdr = {
2517 .bss_idx = mvif->mt76.idx,
2518 };
2519 struct sk_buff *skb;
2520 int len = sizeof(hdr) + IEEE80211_NUM_ACS * sizeof(struct edca);
2521 int ac;
2522
2523 skb = mt76_mcu_msg_alloc(&dev->mt76, NULL, len);
2524 if (!skb)
2525 return -ENOMEM;
2526
2527 skb_put_data(skb, &hdr, sizeof(hdr));
2528
2529 for (ac = 0; ac < IEEE80211_NUM_ACS; ac++) {
2530 struct ieee80211_tx_queue_params *q = &mvif->queue_params[ac];
2531 struct edca *e;
2532 struct tlv *tlv;
2533
2534 tlv = mt7996_mcu_add_uni_tlv(skb, MCU_EDCA_AC_PARAM, sizeof(*e));
2535
2536 e = (struct edca *)tlv;
2537 e->set = WMM_PARAM_SET;
2538 e->queue = ac + mvif->mt76.wmm_idx * MT7996_MAX_WMM_SETS;
2539 e->aifs = q->aifs;
2540 e->txop = cpu_to_le16(q->txop);
2541
2542 if (q->cw_min)
2543 e->cw_min = fls(q->cw_min);
2544 else
2545 e->cw_min = 5;
2546
2547 if (q->cw_max)
2548 e->cw_max = fls(q->cw_max);
2549 else
2550 e->cw_max = 10;
2551 }
2552
2553 return mt76_mcu_skb_send_msg(&dev->mt76, skb,
2554 MCU_WM_UNI_CMD(EDCA_UPDATE), true);
2555}
2556
2557int mt7996_mcu_set_fcc5_lpn(struct mt7996_dev *dev, int val)
2558{
2559 struct {
2560 u8 _rsv[4];
2561
2562 __le16 tag;
2563 __le16 len;
2564
2565 __le32 ctrl;
2566 __le16 min_lpn;
2567 u8 rsv[2];
2568 } __packed req = {
2569 .tag = cpu_to_le16(UNI_RDD_CTRL_SET_TH),
2570 .len = cpu_to_le16(sizeof(req) - 4),
2571
2572 .ctrl = cpu_to_le32(0x1),
2573 .min_lpn = cpu_to_le16(val),
2574 };
2575
2576 return mt76_mcu_send_msg(&dev->mt76, MCU_WM_UNI_CMD(RDD_CTRL),
2577 &req, sizeof(req), true);
2578}
2579
2580int mt7996_mcu_set_pulse_th(struct mt7996_dev *dev,
2581 const struct mt7996_dfs_pulse *pulse)
2582{
2583 struct {
2584 u8 _rsv[4];
2585
2586 __le16 tag;
2587 __le16 len;
2588
2589 __le32 ctrl;
2590
2591 __le32 max_width; /* us */
2592 __le32 max_pwr; /* dbm */
2593 __le32 min_pwr; /* dbm */
2594 __le32 min_stgr_pri; /* us */
2595 __le32 max_stgr_pri; /* us */
2596 __le32 min_cr_pri; /* us */
2597 __le32 max_cr_pri; /* us */
2598 } __packed req = {
2599 .tag = cpu_to_le16(UNI_RDD_CTRL_SET_TH),
2600 .len = cpu_to_le16(sizeof(req) - 4),
2601
2602 .ctrl = cpu_to_le32(0x3),
2603
2604#define __req_field(field) .field = cpu_to_le32(pulse->field)
2605 __req_field(max_width),
2606 __req_field(max_pwr),
2607 __req_field(min_pwr),
2608 __req_field(min_stgr_pri),
2609 __req_field(max_stgr_pri),
2610 __req_field(min_cr_pri),
2611 __req_field(max_cr_pri),
2612#undef __req_field
2613 };
2614
2615 return mt76_mcu_send_msg(&dev->mt76, MCU_WM_UNI_CMD(RDD_CTRL),
2616 &req, sizeof(req), true);
2617}
2618
2619int mt7996_mcu_set_radar_th(struct mt7996_dev *dev, int index,
2620 const struct mt7996_dfs_pattern *pattern)
2621{
2622 struct {
2623 u8 _rsv[4];
2624
2625 __le16 tag;
2626 __le16 len;
2627
2628 __le32 ctrl;
2629 __le16 radar_type;
2630
2631 u8 enb;
2632 u8 stgr;
2633 u8 min_crpn;
2634 u8 max_crpn;
2635 u8 min_crpr;
2636 u8 min_pw;
2637 __le32 min_pri;
2638 __le32 max_pri;
2639 u8 max_pw;
2640 u8 min_crbn;
2641 u8 max_crbn;
2642 u8 min_stgpn;
2643 u8 max_stgpn;
2644 u8 min_stgpr;
2645 u8 rsv[2];
2646 __le32 min_stgpr_diff;
2647 } __packed req = {
2648 .tag = cpu_to_le16(UNI_RDD_CTRL_SET_TH),
2649 .len = cpu_to_le16(sizeof(req) - 4),
2650
2651 .ctrl = cpu_to_le32(0x2),
2652 .radar_type = cpu_to_le16(index),
2653
2654#define __req_field_u8(field) .field = pattern->field
2655#define __req_field_u32(field) .field = cpu_to_le32(pattern->field)
2656 __req_field_u8(enb),
2657 __req_field_u8(stgr),
2658 __req_field_u8(min_crpn),
2659 __req_field_u8(max_crpn),
2660 __req_field_u8(min_crpr),
2661 __req_field_u8(min_pw),
2662 __req_field_u32(min_pri),
2663 __req_field_u32(max_pri),
2664 __req_field_u8(max_pw),
2665 __req_field_u8(min_crbn),
2666 __req_field_u8(max_crbn),
2667 __req_field_u8(min_stgpn),
2668 __req_field_u8(max_stgpn),
2669 __req_field_u8(min_stgpr),
2670 __req_field_u32(min_stgpr_diff),
2671#undef __req_field_u8
2672#undef __req_field_u32
2673 };
2674
2675 return mt76_mcu_send_msg(&dev->mt76, MCU_WM_UNI_CMD(RDD_CTRL),
2676 &req, sizeof(req), true);
2677}
2678
2679static int
2680mt7996_mcu_background_chain_ctrl(struct mt7996_phy *phy,
2681 struct cfg80211_chan_def *chandef,
2682 int cmd)
2683{
2684 struct mt7996_dev *dev = phy->dev;
2685 struct mt76_phy *mphy = phy->mt76;
2686 struct ieee80211_channel *chan = mphy->chandef.chan;
2687 int freq = mphy->chandef.center_freq1;
2688 struct mt7996_mcu_background_chain_ctrl req = {
2689 .tag = cpu_to_le16(0),
2690 .len = cpu_to_le16(sizeof(req) - 4),
2691 .monitor_scan_type = 2, /* simple rx */
2692 };
2693
2694 if (!chandef && cmd != CH_SWITCH_BACKGROUND_SCAN_STOP)
2695 return -EINVAL;
2696
2697 if (!cfg80211_chandef_valid(&mphy->chandef))
2698 return -EINVAL;
2699
2700 switch (cmd) {
2701 case CH_SWITCH_BACKGROUND_SCAN_START: {
2702 req.chan = chan->hw_value;
2703 req.central_chan = ieee80211_frequency_to_channel(freq);
2704 req.bw = mt76_connac_chan_bw(&mphy->chandef);
2705 req.monitor_chan = chandef->chan->hw_value;
2706 req.monitor_central_chan =
2707 ieee80211_frequency_to_channel(chandef->center_freq1);
2708 req.monitor_bw = mt76_connac_chan_bw(chandef);
2709 req.band_idx = phy->mt76->band_idx;
2710 req.scan_mode = 1;
2711 break;
2712 }
2713 case CH_SWITCH_BACKGROUND_SCAN_RUNNING:
2714 req.monitor_chan = chandef->chan->hw_value;
2715 req.monitor_central_chan =
2716 ieee80211_frequency_to_channel(chandef->center_freq1);
2717 req.band_idx = phy->mt76->band_idx;
2718 req.scan_mode = 2;
2719 break;
2720 case CH_SWITCH_BACKGROUND_SCAN_STOP:
2721 req.chan = chan->hw_value;
2722 req.central_chan = ieee80211_frequency_to_channel(freq);
2723 req.bw = mt76_connac_chan_bw(&mphy->chandef);
2724 req.tx_stream = hweight8(mphy->antenna_mask);
2725 req.rx_stream = mphy->antenna_mask;
2726 break;
2727 default:
2728 return -EINVAL;
2729 }
2730 req.band = chandef ? chandef->chan->band == NL80211_BAND_5GHZ : 1;
2731
2732 return mt76_mcu_send_msg(&dev->mt76, MCU_WM_UNI_CMD(OFFCH_SCAN_CTRL),
2733 &req, sizeof(req), false);
2734}
2735
2736int mt7996_mcu_rdd_background_enable(struct mt7996_phy *phy,
2737 struct cfg80211_chan_def *chandef)
2738{
2739 struct mt7996_dev *dev = phy->dev;
2740 int err, region;
2741
2742 if (!chandef) { /* disable offchain */
2743 err = mt7996_mcu_rdd_cmd(dev, RDD_STOP, MT_RX_SEL2,
2744 0, 0);
2745 if (err)
2746 return err;
2747
2748 return mt7996_mcu_background_chain_ctrl(phy, NULL,
2749 CH_SWITCH_BACKGROUND_SCAN_STOP);
2750 }
2751
2752 err = mt7996_mcu_background_chain_ctrl(phy, chandef,
2753 CH_SWITCH_BACKGROUND_SCAN_START);
2754 if (err)
2755 return err;
2756
2757 switch (dev->mt76.region) {
2758 case NL80211_DFS_ETSI:
2759 region = 0;
2760 break;
2761 case NL80211_DFS_JP:
2762 region = 2;
2763 break;
2764 case NL80211_DFS_FCC:
2765 default:
2766 region = 1;
2767 break;
2768 }
2769
2770 return mt7996_mcu_rdd_cmd(dev, RDD_START, MT_RX_SEL2,
2771 0, region);
2772}
2773
2774int mt7996_mcu_set_chan_info(struct mt7996_phy *phy, u16 tag)
2775{
2776 static const u8 ch_band[] = {
2777 [NL80211_BAND_2GHZ] = 0,
2778 [NL80211_BAND_5GHZ] = 1,
2779 [NL80211_BAND_6GHZ] = 2,
2780 };
2781 struct mt7996_dev *dev = phy->dev;
2782 struct cfg80211_chan_def *chandef = &phy->mt76->chandef;
2783 int freq1 = chandef->center_freq1;
2784 u8 band_idx = phy->mt76->band_idx;
2785 struct {
2786 /* fixed field */
2787 u8 __rsv[4];
2788
2789 __le16 tag;
2790 __le16 len;
2791 u8 control_ch;
2792 u8 center_ch;
2793 u8 bw;
2794 u8 tx_path_num;
2795 u8 rx_path; /* mask or num */
2796 u8 switch_reason;
2797 u8 band_idx;
2798 u8 center_ch2; /* for 80+80 only */
2799 __le16 cac_case;
2800 u8 channel_band;
2801 u8 rsv0;
2802 __le32 outband_freq;
2803 u8 txpower_drop;
2804 u8 ap_bw;
2805 u8 ap_center_ch;
2806 u8 rsv1[53];
2807 } __packed req = {
2808 .tag = cpu_to_le16(tag),
2809 .len = cpu_to_le16(sizeof(req) - 4),
2810 .control_ch = chandef->chan->hw_value,
2811 .center_ch = ieee80211_frequency_to_channel(freq1),
2812 .bw = mt76_connac_chan_bw(chandef),
2813 .tx_path_num = hweight16(phy->mt76->chainmask),
2814 .rx_path = phy->mt76->chainmask >> dev->chainshift[band_idx],
2815 .band_idx = band_idx,
2816 .channel_band = ch_band[chandef->chan->band],
2817 };
2818
2819 if (tag == UNI_CHANNEL_RX_PATH ||
2820 dev->mt76.hw->conf.flags & IEEE80211_CONF_MONITOR)
2821 req.switch_reason = CH_SWITCH_NORMAL;
2822 else if (phy->mt76->hw->conf.flags & IEEE80211_CONF_OFFCHANNEL)
2823 req.switch_reason = CH_SWITCH_SCAN_BYPASS_DPD;
2824 else if (!cfg80211_reg_can_beacon(phy->mt76->hw->wiphy, chandef,
2825 NL80211_IFTYPE_AP))
2826 req.switch_reason = CH_SWITCH_DFS;
2827 else
2828 req.switch_reason = CH_SWITCH_NORMAL;
2829
2830 if (tag == UNI_CHANNEL_SWITCH)
2831 req.rx_path = hweight8(req.rx_path);
2832
2833 if (chandef->width == NL80211_CHAN_WIDTH_80P80) {
2834 int freq2 = chandef->center_freq2;
2835
2836 req.center_ch2 = ieee80211_frequency_to_channel(freq2);
2837 }
2838
2839 return mt76_mcu_send_msg(&dev->mt76, MCU_WMWA_UNI_CMD(CHANNEL_SWITCH),
2840 &req, sizeof(req), true);
2841}
2842
2843static int mt7996_mcu_set_eeprom_flash(struct mt7996_dev *dev)
2844{
2845#define MAX_PAGE_IDX_MASK GENMASK(7, 5)
2846#define PAGE_IDX_MASK GENMASK(4, 2)
2847#define PER_PAGE_SIZE 0x400
2848 struct mt7996_mcu_eeprom req = {
2849 .tag = cpu_to_le16(UNI_EFUSE_BUFFER_MODE),
2850 .buffer_mode = EE_MODE_BUFFER
2851 };
2852 u16 eeprom_size = MT7996_EEPROM_SIZE;
2853 u8 total = DIV_ROUND_UP(eeprom_size, PER_PAGE_SIZE);
2854 u8 *eep = (u8 *)dev->mt76.eeprom.data;
2855 int eep_len, i;
2856
2857 for (i = 0; i < total; i++, eep += eep_len) {
2858 struct sk_buff *skb;
2859 int ret, msg_len;
2860
2861 if (i == total - 1 && !!(eeprom_size % PER_PAGE_SIZE))
2862 eep_len = eeprom_size % PER_PAGE_SIZE;
2863 else
2864 eep_len = PER_PAGE_SIZE;
2865
2866 msg_len = sizeof(req) + eep_len;
2867 skb = mt76_mcu_msg_alloc(&dev->mt76, NULL, msg_len);
2868 if (!skb)
2869 return -ENOMEM;
2870
2871 req.len = cpu_to_le16(msg_len - 4);
2872 req.format = FIELD_PREP(MAX_PAGE_IDX_MASK, total - 1) |
2873 FIELD_PREP(PAGE_IDX_MASK, i) | EE_FORMAT_WHOLE;
2874 req.buf_len = cpu_to_le16(eep_len);
2875
2876 skb_put_data(skb, &req, sizeof(req));
2877 skb_put_data(skb, eep, eep_len);
2878
2879 ret = mt76_mcu_skb_send_msg(&dev->mt76, skb,
2880 MCU_WM_UNI_CMD(EFUSE_CTRL), true);
2881 if (ret)
2882 return ret;
2883 }
2884
2885 return 0;
2886}
2887
2888int mt7996_mcu_set_eeprom(struct mt7996_dev *dev)
2889{
2890 struct mt7996_mcu_eeprom req = {
2891 .tag = cpu_to_le16(UNI_EFUSE_BUFFER_MODE),
2892 .len = cpu_to_le16(sizeof(req) - 4),
2893 .buffer_mode = EE_MODE_EFUSE,
2894 .format = EE_FORMAT_WHOLE
2895 };
2896
2897 if (dev->flash_mode)
2898 return mt7996_mcu_set_eeprom_flash(dev);
2899
2900 return mt76_mcu_send_msg(&dev->mt76, MCU_WM_UNI_CMD(EFUSE_CTRL),
2901 &req, sizeof(req), true);
2902}
2903
2904int mt7996_mcu_get_eeprom(struct mt7996_dev *dev, u32 offset)
2905{
2906 struct {
2907 u8 _rsv[4];
2908
2909 __le16 tag;
2910 __le16 len;
2911 __le32 addr;
2912 __le32 valid;
2913 u8 data[16];
2914 } __packed req = {
2915 .tag = cpu_to_le16(UNI_EFUSE_ACCESS),
2916 .len = cpu_to_le16(sizeof(req) - 4),
2917 .addr = cpu_to_le32(round_down(offset,
2918 MT7996_EEPROM_BLOCK_SIZE)),
2919 };
2920 struct sk_buff *skb;
2921 bool valid;
2922 int ret;
2923
2924 ret = mt76_mcu_send_and_get_msg(&dev->mt76, MCU_WM_UNI_CMD_QUERY(EFUSE_CTRL), &req,
2925 sizeof(req), true, &skb);
2926 if (ret)
2927 return ret;
2928
2929 valid = le32_to_cpu(*(__le32 *)(skb->data + 16));
2930 if (valid) {
2931 u32 addr = le32_to_cpu(*(__le32 *)(skb->data + 12));
2932 u8 *buf = (u8 *)dev->mt76.eeprom.data + addr;
2933
2934 skb_pull(skb, 64);
2935 memcpy(buf, skb->data, MT7996_EEPROM_BLOCK_SIZE);
2936 }
2937
2938 dev_kfree_skb(skb);
2939
2940 return 0;
2941}
2942
2943int mt7996_mcu_get_eeprom_free_block(struct mt7996_dev *dev, u8 *block_num)
2944{
2945 struct {
2946 u8 _rsv[4];
2947
2948 __le16 tag;
2949 __le16 len;
2950 u8 num;
2951 u8 version;
2952 u8 die_idx;
2953 u8 _rsv2;
2954 } __packed req = {
2955 .tag = cpu_to_le16(UNI_EFUSE_FREE_BLOCK),
2956 .len = cpu_to_le16(sizeof(req) - 4),
2957 .version = 2,
2958 };
2959 struct sk_buff *skb;
2960 int ret;
2961
2962 ret = mt76_mcu_send_and_get_msg(&dev->mt76, MCU_WM_UNI_CMD_QUERY(EFUSE_CTRL), &req,
2963 sizeof(req), true, &skb);
2964 if (ret)
2965 return ret;
2966
2967 *block_num = *(u8 *)(skb->data + 8);
2968 dev_kfree_skb(skb);
2969
2970 return 0;
2971}
2972
2973int mt7996_mcu_get_chan_mib_info(struct mt7996_phy *phy, bool chan_switch)
2974{
2975 struct {
2976 struct {
2977 u8 band;
2978 u8 __rsv[3];
2979 } hdr;
2980 struct {
2981 __le16 tag;
2982 __le16 len;
2983 __le32 offs;
2984 } data[4];
2985 } __packed req = {
2986 .hdr.band = phy->mt76->band_idx,
2987 };
2988 /* strict order */
2989 static const u32 offs[] = {
2990 UNI_MIB_TX_TIME,
2991 UNI_MIB_RX_TIME,
2992 UNI_MIB_OBSS_AIRTIME,
2993 UNI_MIB_NON_WIFI_TIME,
2994 };
2995 struct mt76_channel_state *state = phy->mt76->chan_state;
2996 struct mt76_channel_state *state_ts = &phy->state_ts;
2997 struct mt7996_dev *dev = phy->dev;
2998 struct mt7996_mcu_mib *res;
2999 struct sk_buff *skb;
3000 int i, ret;
3001
3002 for (i = 0; i < 4; i++) {
3003 req.data[i].tag = cpu_to_le16(UNI_CMD_MIB_DATA);
3004 req.data[i].len = cpu_to_le16(sizeof(req.data[i]));
3005 req.data[i].offs = cpu_to_le32(offs[i]);
3006 }
3007
3008 ret = mt76_mcu_send_and_get_msg(&dev->mt76, MCU_WM_UNI_CMD_QUERY(GET_MIB_INFO),
3009 &req, sizeof(req), true, &skb);
3010 if (ret)
3011 return ret;
3012
3013 skb_pull(skb, sizeof(req.hdr));
3014
3015 res = (struct mt7996_mcu_mib *)(skb->data);
3016
3017 if (chan_switch)
3018 goto out;
3019
3020#define __res_u64(s) le64_to_cpu(res[s].data)
3021 state->cc_tx += __res_u64(1) - state_ts->cc_tx;
3022 state->cc_bss_rx += __res_u64(2) - state_ts->cc_bss_rx;
3023 state->cc_rx += __res_u64(2) + __res_u64(3) - state_ts->cc_rx;
3024 state->cc_busy += __res_u64(0) + __res_u64(1) + __res_u64(2) + __res_u64(3) -
3025 state_ts->cc_busy;
3026
3027out:
3028 state_ts->cc_tx = __res_u64(1);
3029 state_ts->cc_bss_rx = __res_u64(2);
3030 state_ts->cc_rx = __res_u64(2) + __res_u64(3);
3031 state_ts->cc_busy = __res_u64(0) + __res_u64(1) + __res_u64(2) + __res_u64(3);
3032#undef __res_u64
3033
3034 dev_kfree_skb(skb);
3035
3036 return 0;
3037}
3038
3039int mt7996_mcu_set_ser(struct mt7996_dev *dev, u8 action, u8 val, u8 band)
3040{
3041 struct {
3042 u8 rsv[4];
3043
3044 __le16 tag;
3045 __le16 len;
3046
3047 union {
3048 struct {
3049 __le32 mask;
3050 } __packed set;
3051
3052 struct {
3053 u8 method;
3054 u8 band;
3055 u8 rsv2[2];
3056 } __packed trigger;
3057 };
3058 } __packed req = {
3059 .tag = cpu_to_le16(action),
3060 .len = cpu_to_le16(sizeof(req) - 4),
3061 };
3062
3063 switch (action) {
3064 case UNI_CMD_SER_SET:
3065 req.set.mask = cpu_to_le32(val);
3066 break;
3067 case UNI_CMD_SER_TRIGGER:
3068 req.trigger.method = val;
3069 req.trigger.band = band;
3070 break;
3071 default:
3072 return -EINVAL;
3073 }
3074
3075 return mt76_mcu_send_msg(&dev->mt76, MCU_WM_UNI_CMD(SER),
3076 &req, sizeof(req), false);
3077}
3078
3079int mt7996_mcu_set_txbf(struct mt7996_dev *dev, u8 action)
3080{
3081#define MT7996_BF_MAX_SIZE sizeof(union bf_tag_tlv)
3082#define BF_PROCESSING 4
3083 struct uni_header hdr;
3084 struct sk_buff *skb;
3085 struct tlv *tlv;
3086 int len = sizeof(hdr) + MT7996_BF_MAX_SIZE;
3087
3088 memset(&hdr, 0, sizeof(hdr));
3089
3090 skb = mt76_mcu_msg_alloc(&dev->mt76, NULL, len);
3091 if (!skb)
3092 return -ENOMEM;
3093
3094 skb_put_data(skb, &hdr, sizeof(hdr));
3095
3096 switch (action) {
3097 case BF_SOUNDING_ON: {
3098 struct bf_sounding_on *req_snd_on;
3099
3100 tlv = mt7996_mcu_add_uni_tlv(skb, action, sizeof(*req_snd_on));
3101 req_snd_on = (struct bf_sounding_on *)tlv;
3102 req_snd_on->snd_mode = BF_PROCESSING;
3103 break;
3104 }
3105 case BF_HW_EN_UPDATE: {
3106 struct bf_hw_en_status_update *req_hw_en;
3107
3108 tlv = mt7996_mcu_add_uni_tlv(skb, action, sizeof(*req_hw_en));
3109 req_hw_en = (struct bf_hw_en_status_update *)tlv;
3110 req_hw_en->ebf = true;
3111 req_hw_en->ibf = dev->ibf;
3112 break;
3113 }
3114 case BF_MOD_EN_CTRL: {
3115 struct bf_mod_en_ctrl *req_mod_en;
3116
3117 tlv = mt7996_mcu_add_uni_tlv(skb, action, sizeof(*req_mod_en));
3118 req_mod_en = (struct bf_mod_en_ctrl *)tlv;
3119 req_mod_en->bf_num = 2;
3120 req_mod_en->bf_bitmap = GENMASK(0, 0);
3121 break;
3122 }
3123 default:
3124 return -EINVAL;
3125 }
3126
3127 return mt76_mcu_skb_send_msg(&dev->mt76, skb, MCU_WM_UNI_CMD(BF), true);
3128}
3129
3130static int
3131mt7996_mcu_enable_obss_spr(struct mt7996_phy *phy, u16 action, u8 val)
3132{
3133 struct mt7996_dev *dev = phy->dev;
3134 struct {
3135 u8 band_idx;
3136 u8 __rsv[3];
3137
3138 __le16 tag;
3139 __le16 len;
3140
3141 __le32 val;
3142 } __packed req = {
3143 .band_idx = phy->mt76->band_idx,
3144 .tag = cpu_to_le16(action),
3145 .len = cpu_to_le16(sizeof(req) - 4),
3146 .val = cpu_to_le32(val),
3147 };
3148
3149 return mt76_mcu_send_msg(&dev->mt76, MCU_WM_UNI_CMD(SR),
3150 &req, sizeof(req), true);
3151}
3152
3153static int
3154mt7996_mcu_set_obss_spr_pd(struct mt7996_phy *phy,
3155 struct ieee80211_he_obss_pd *he_obss_pd)
3156{
3157 struct mt7996_dev *dev = phy->dev;
3158 u8 max_th = 82, non_srg_max_th = 62;
3159 struct {
3160 u8 band_idx;
3161 u8 __rsv[3];
3162
3163 __le16 tag;
3164 __le16 len;
3165
3166 u8 pd_th_non_srg;
3167 u8 pd_th_srg;
3168 u8 period_offs;
3169 u8 rcpi_src;
3170 __le16 obss_pd_min;
3171 __le16 obss_pd_min_srg;
3172 u8 resp_txpwr_mode;
3173 u8 txpwr_restrict_mode;
3174 u8 txpwr_ref;
3175 u8 __rsv2[3];
3176 } __packed req = {
3177 .band_idx = phy->mt76->band_idx,
3178 .tag = cpu_to_le16(UNI_CMD_SR_SET_PARAM),
3179 .len = cpu_to_le16(sizeof(req) - 4),
3180 .obss_pd_min = cpu_to_le16(max_th),
3181 .obss_pd_min_srg = cpu_to_le16(max_th),
3182 .txpwr_restrict_mode = 2,
3183 .txpwr_ref = 21
3184 };
3185 int ret;
3186
3187 /* disable firmware dynamical PD asjustment */
3188 ret = mt7996_mcu_enable_obss_spr(phy, UNI_CMD_SR_ENABLE_DPD, false);
3189 if (ret)
3190 return ret;
3191
3192 if (he_obss_pd->sr_ctrl &
3193 IEEE80211_HE_SPR_NON_SRG_OBSS_PD_SR_DISALLOWED)
3194 req.pd_th_non_srg = max_th;
3195 else if (he_obss_pd->sr_ctrl & IEEE80211_HE_SPR_NON_SRG_OFFSET_PRESENT)
3196 req.pd_th_non_srg = max_th - he_obss_pd->non_srg_max_offset;
3197 else
3198 req.pd_th_non_srg = non_srg_max_th;
3199
3200 if (he_obss_pd->sr_ctrl & IEEE80211_HE_SPR_SRG_INFORMATION_PRESENT)
3201 req.pd_th_srg = max_th - he_obss_pd->max_offset;
3202
3203 return mt76_mcu_send_msg(&dev->mt76, MCU_WM_UNI_CMD(SR),
3204 &req, sizeof(req), true);
3205}
3206
3207static int
3208mt7996_mcu_set_obss_spr_siga(struct mt7996_phy *phy, struct ieee80211_vif *vif,
3209 struct ieee80211_he_obss_pd *he_obss_pd)
3210{
3211 struct mt7996_vif *mvif = (struct mt7996_vif *)vif->drv_priv;
3212 struct mt7996_dev *dev = phy->dev;
3213 u8 omac = mvif->mt76.omac_idx;
3214 struct {
3215 u8 band_idx;
3216 u8 __rsv[3];
3217
3218 __le16 tag;
3219 __le16 len;
3220
3221 u8 omac;
3222 u8 __rsv2[3];
3223 u8 flag[20];
3224 } __packed req = {
3225 .band_idx = phy->mt76->band_idx,
3226 .tag = cpu_to_le16(UNI_CMD_SR_SET_SIGA),
3227 .len = cpu_to_le16(sizeof(req) - 4),
3228 .omac = omac > HW_BSSID_MAX ? omac - 12 : omac,
3229 };
3230 int ret;
3231
3232 if (he_obss_pd->sr_ctrl & IEEE80211_HE_SPR_HESIGA_SR_VAL15_ALLOWED)
3233 req.flag[req.omac] = 0xf;
3234 else
3235 return 0;
3236
3237 /* switch to normal AP mode */
3238 ret = mt7996_mcu_enable_obss_spr(phy, UNI_CMD_SR_ENABLE_MODE, 0);
3239 if (ret)
3240 return ret;
3241
3242 return mt76_mcu_send_msg(&dev->mt76, MCU_WM_UNI_CMD(SR),
3243 &req, sizeof(req), true);
3244}
3245
3246static int
3247mt7996_mcu_set_obss_spr_bitmap(struct mt7996_phy *phy,
3248 struct ieee80211_he_obss_pd *he_obss_pd)
3249{
3250 struct mt7996_dev *dev = phy->dev;
3251 struct {
3252 u8 band_idx;
3253 u8 __rsv[3];
3254
3255 __le16 tag;
3256 __le16 len;
3257
3258 __le32 color_l[2];
3259 __le32 color_h[2];
3260 __le32 bssid_l[2];
3261 __le32 bssid_h[2];
3262 } __packed req = {
3263 .band_idx = phy->mt76->band_idx,
3264 .tag = cpu_to_le16(UNI_CMD_SR_SET_SRG_BITMAP),
3265 .len = cpu_to_le16(sizeof(req) - 4),
3266 };
3267 u32 bitmap;
3268
3269 memcpy(&bitmap, he_obss_pd->bss_color_bitmap, sizeof(bitmap));
3270 req.color_l[req.band_idx] = cpu_to_le32(bitmap);
3271
3272 memcpy(&bitmap, he_obss_pd->bss_color_bitmap + 4, sizeof(bitmap));
3273 req.color_h[req.band_idx] = cpu_to_le32(bitmap);
3274
3275 memcpy(&bitmap, he_obss_pd->partial_bssid_bitmap, sizeof(bitmap));
3276 req.bssid_l[req.band_idx] = cpu_to_le32(bitmap);
3277
3278 memcpy(&bitmap, he_obss_pd->partial_bssid_bitmap + 4, sizeof(bitmap));
3279 req.bssid_h[req.band_idx] = cpu_to_le32(bitmap);
3280
3281 return mt76_mcu_send_msg(&dev->mt76, MCU_WM_UNI_CMD(SR), &req,
3282 sizeof(req), true);
3283}
3284
3285int mt7996_mcu_add_obss_spr(struct mt7996_phy *phy, struct ieee80211_vif *vif,
3286 struct ieee80211_he_obss_pd *he_obss_pd)
3287{
3288 int ret;
3289
3290 /* enable firmware scene detection algorithms */
3291 ret = mt7996_mcu_enable_obss_spr(phy, UNI_CMD_SR_ENABLE_SD,
3292 sr_scene_detect);
3293 if (ret)
3294 return ret;
3295
3296 /* firmware dynamically adjusts PD threshold so skip manual control */
3297 if (sr_scene_detect && !he_obss_pd->enable)
3298 return 0;
3299
3300 /* enable spatial reuse */
3301 ret = mt7996_mcu_enable_obss_spr(phy, UNI_CMD_SR_ENABLE,
3302 he_obss_pd->enable);
3303 if (ret)
3304 return ret;
3305
3306 if (sr_scene_detect || !he_obss_pd->enable)
3307 return 0;
3308
3309 ret = mt7996_mcu_enable_obss_spr(phy, UNI_CMD_SR_ENABLE_TX, true);
3310 if (ret)
3311 return ret;
3312
3313 /* set SRG/non-SRG OBSS PD threshold */
3314 ret = mt7996_mcu_set_obss_spr_pd(phy, he_obss_pd);
3315 if (ret)
3316 return ret;
3317
3318 /* Set SR prohibit */
3319 ret = mt7996_mcu_set_obss_spr_siga(phy, vif, he_obss_pd);
3320 if (ret)
3321 return ret;
3322
3323 /* set SRG BSS color/BSSID bitmap */
3324 return mt7996_mcu_set_obss_spr_bitmap(phy, he_obss_pd);
3325}
3326
3327int mt7996_mcu_update_bss_color(struct mt7996_dev *dev, struct ieee80211_vif *vif,
3328 struct cfg80211_he_bss_color *he_bss_color)
3329{
3330 int len = sizeof(struct bss_req_hdr) + sizeof(struct bss_color_tlv);
3331 struct mt7996_vif *mvif = (struct mt7996_vif *)vif->drv_priv;
3332 struct bss_color_tlv *bss_color;
3333 struct sk_buff *skb;
3334 struct tlv *tlv;
3335
3336 skb = __mt7996_mcu_alloc_bss_req(&dev->mt76, &mvif->mt76, len);
3337 if (IS_ERR(skb))
3338 return PTR_ERR(skb);
3339
3340 tlv = mt76_connac_mcu_add_tlv(skb, UNI_BSS_INFO_BSS_COLOR,
3341 sizeof(*bss_color));
3342 bss_color = (struct bss_color_tlv *)tlv;
3343 bss_color->enable = he_bss_color->enabled;
3344 bss_color->color = he_bss_color->color;
3345
3346 return mt76_mcu_skb_send_msg(&dev->mt76, skb,
3347 MCU_WMWA_UNI_CMD(BSS_INFO_UPDATE), true);
3348}
3349
3350#define TWT_AGRT_TRIGGER BIT(0)
3351#define TWT_AGRT_ANNOUNCE BIT(1)
3352#define TWT_AGRT_PROTECT BIT(2)
3353
3354int mt7996_mcu_twt_agrt_update(struct mt7996_dev *dev,
3355 struct mt7996_vif *mvif,
3356 struct mt7996_twt_flow *flow,
3357 int cmd)
3358{
3359 struct {
3360 u8 _rsv[4];
3361
3362 __le16 tag;
3363 __le16 len;
3364 u8 tbl_idx;
3365 u8 cmd;
3366 u8 own_mac_idx;
3367 u8 flowid; /* 0xff for group id */
3368 __le16 peer_id; /* specify the peer_id (msb=0)
3369 * or group_id (msb=1)
3370 */
3371 u8 duration; /* 256 us */
3372 u8 bss_idx;
3373 __le64 start_tsf;
3374 __le16 mantissa;
3375 u8 exponent;
3376 u8 is_ap;
3377 u8 agrt_params;
3378 u8 __rsv2[135];
3379 } __packed req = {
3380 .tag = cpu_to_le16(UNI_CMD_TWT_ARGT_UPDATE),
3381 .len = cpu_to_le16(sizeof(req) - 4),
3382 .tbl_idx = flow->table_id,
3383 .cmd = cmd,
3384 .own_mac_idx = mvif->mt76.omac_idx,
3385 .flowid = flow->id,
3386 .peer_id = cpu_to_le16(flow->wcid),
3387 .duration = flow->duration,
3388 .bss_idx = mvif->mt76.idx,
3389 .start_tsf = cpu_to_le64(flow->tsf),
3390 .mantissa = flow->mantissa,
3391 .exponent = flow->exp,
3392 .is_ap = true,
3393 };
3394
3395 if (flow->protection)
3396 req.agrt_params |= TWT_AGRT_PROTECT;
3397 if (!flow->flowtype)
3398 req.agrt_params |= TWT_AGRT_ANNOUNCE;
3399 if (flow->trigger)
3400 req.agrt_params |= TWT_AGRT_TRIGGER;
3401
3402 return mt76_mcu_send_msg(&dev->mt76, MCU_WM_UNI_CMD(TWT),
3403 &req, sizeof(req), true);
3404}
3405
3406void mt7996_mcu_set_pm(void *priv, u8 *mac, struct ieee80211_vif *vif)
3407{
3408#define EXIT_PM_STATE 0
3409#define ENTER_PM_STATE 1
3410 struct ieee80211_hw *hw = priv;
3411 struct mt7996_dev *dev = mt7996_hw_dev(hw);
3412 struct mt7996_phy *phy = mt7996_hw_phy(hw);
3413 struct mt7996_vif *mvif = (struct mt7996_vif *)vif->drv_priv;
3414 struct bss_power_save *ps;
3415 struct sk_buff *skb;
3416 struct tlv *tlv;
3417 bool running = test_bit(MT76_STATE_RUNNING, &phy->mt76->state);
3418
3419 skb = __mt7996_mcu_alloc_bss_req(&dev->mt76, &mvif->mt76,
3420 MT7996_BSS_UPDATE_MAX_SIZE);
3421 if (IS_ERR(skb))
3422 return;
3423
3424 tlv = mt7996_mcu_add_uni_tlv(skb, UNI_BSS_INFO_PS, sizeof(*ps));
3425 ps = (struct bss_power_save *)tlv;
3426 ps->profile = running ? EXIT_PM_STATE : ENTER_PM_STATE;
3427
3428 mt76_mcu_skb_send_msg(&dev->mt76, skb,
3429 MCU_WMWA_UNI_CMD(BSS_INFO_UPDATE), true);
3430}
3431
3432int mt7996_mcu_set_rts_thresh(struct mt7996_phy *phy, u32 val)
3433{
3434 struct {
3435 u8 band_idx;
3436 u8 _rsv[3];
3437
3438 __le16 tag;
3439 __le16 len;
3440 __le32 len_thresh;
3441 __le32 pkt_thresh;
3442 } __packed req = {
3443 .band_idx = phy->mt76->band_idx,
3444 .tag = cpu_to_le16(UNI_BAND_CONFIG_RTS_THRESHOLD),
3445 .len = cpu_to_le16(sizeof(req) - 4),
3446 .len_thresh = cpu_to_le32(val),
3447 .pkt_thresh = cpu_to_le32(0x2),
3448 };
3449
3450 return mt76_mcu_send_msg(&phy->dev->mt76, MCU_WM_UNI_CMD(BAND_CONFIG),
3451 &req, sizeof(req), true);
3452}
3453
3454int mt7996_mcu_set_radio_en(struct mt7996_phy *phy, bool enable)
3455{
3456 struct {
3457 u8 band_idx;
3458 u8 _rsv[3];
3459
3460 __le16 tag;
3461 __le16 len;
3462 u8 enable;
3463 u8 _rsv2[3];
3464 } __packed req = {
3465 .band_idx = phy->mt76->band_idx,
3466 .tag = cpu_to_le16(UNI_BAND_CONFIG_RADIO_ENABLE),
3467 .len = cpu_to_le16(sizeof(req) - 4),
3468 .enable = enable,
3469 };
3470
3471 return mt76_mcu_send_msg(&phy->dev->mt76, MCU_WM_UNI_CMD(BAND_CONFIG),
3472 &req, sizeof(req), true);
3473}
3474
3475int mt7996_mcu_rdd_cmd(struct mt7996_dev *dev, int cmd, u8 index,
3476 u8 rx_sel, u8 val)
3477{
3478 struct {
3479 u8 _rsv[4];
3480
3481 __le16 tag;
3482 __le16 len;
3483
3484 u8 ctrl;
3485 u8 rdd_idx;
3486 u8 rdd_rx_sel;
3487 u8 val;
3488 u8 rsv[4];
3489 } __packed req = {
3490 .tag = cpu_to_le16(UNI_RDD_CTRL_PARM),
3491 .len = cpu_to_le16(sizeof(req) - 4),
3492 .ctrl = cmd,
3493 .rdd_idx = index,
3494 .rdd_rx_sel = rx_sel,
3495 .val = val,
3496 };
3497
3498 return mt76_mcu_send_msg(&dev->mt76, MCU_WM_UNI_CMD(RDD_CTRL),
3499 &req, sizeof(req), true);
3500}
3501
3502int mt7996_mcu_wtbl_update_hdr_trans(struct mt7996_dev *dev,
3503 struct ieee80211_vif *vif,
3504 struct ieee80211_sta *sta)
3505{
3506 struct mt7996_vif *mvif = (struct mt7996_vif *)vif->drv_priv;
3507 struct mt7996_sta *msta;
3508 struct sk_buff *skb;
3509
3510 msta = sta ? (struct mt7996_sta *)sta->drv_priv : &mvif->sta;
3511
3512 skb = __mt76_connac_mcu_alloc_sta_req(&dev->mt76, &mvif->mt76,
3513 &msta->wcid,
3514 MT7996_STA_UPDATE_MAX_SIZE);
3515 if (IS_ERR(skb))
3516 return PTR_ERR(skb);
3517
3518 /* starec hdr trans */
3519 mt7996_mcu_sta_hdr_trans_tlv(dev, skb, vif, sta);
3520 return mt76_mcu_skb_send_msg(&dev->mt76, skb,
3521 MCU_WMWA_UNI_CMD(STA_REC_UPDATE), true);
3522}
3523
3524int mt7996_mcu_rf_regval(struct mt7996_dev *dev, u32 regidx, u32 *val, bool set)
3525{
3526 struct {
3527 u8 __rsv1[4];
3528
3529 __le16 tag;
3530 __le16 len;
3531 __le16 idx;
3532 u8 __rsv2[2];
3533 __le32 ofs;
3534 __le32 data;
3535 } __packed *res, req = {
3536 .tag = cpu_to_le16(UNI_CMD_ACCESS_RF_REG_BASIC),
3537 .len = cpu_to_le16(sizeof(req) - 4),
3538
3539 .idx = cpu_to_le16(u32_get_bits(regidx, GENMASK(31, 24))),
3540 .ofs = cpu_to_le32(u32_get_bits(regidx, GENMASK(23, 0))),
3541 .data = set ? cpu_to_le32(*val) : 0,
3542 };
3543 struct sk_buff *skb;
3544 int ret;
3545
3546 if (set)
3547 return mt76_mcu_send_msg(&dev->mt76, MCU_WM_UNI_CMD(REG_ACCESS),
3548 &req, sizeof(req), true);
3549
3550 ret = mt76_mcu_send_and_get_msg(&dev->mt76,
3551 MCU_WM_UNI_CMD_QUERY(REG_ACCESS),
3552 &req, sizeof(req), true, &skb);
3553 if (ret)
3554 return ret;
3555
3556 res = (void *)skb->data;
3557 *val = le32_to_cpu(res->data);
3558 dev_kfree_skb(skb);
3559
3560 return 0;
3561}
3562
3563int mt7996_mcu_set_rro(struct mt7996_dev *dev, u16 tag, u8 val)
3564{
3565 struct {
3566 u8 __rsv1[4];
3567
3568 __le16 tag;
3569 __le16 len;
3570
3571 union {
3572 struct {
3573 u8 type;
3574 u8 __rsv2[3];
3575 } __packed platform_type;
3576 struct {
3577 u8 type;
3578 u8 dest;
3579 u8 __rsv2[2];
3580 } __packed bypass_mode;
3581 struct {
3582 u8 path;
3583 u8 __rsv2[3];
3584 } __packed txfree_path;
3585 };
3586 } __packed req = {
3587 .tag = cpu_to_le16(tag),
3588 .len = cpu_to_le16(sizeof(req) - 4),
3589 };
3590
3591 switch (tag) {
3592 case UNI_RRO_SET_PLATFORM_TYPE:
3593 req.platform_type.type = val;
3594 break;
3595 case UNI_RRO_SET_BYPASS_MODE:
3596 req.bypass_mode.type = val;
3597 break;
3598 case UNI_RRO_SET_TXFREE_PATH:
3599 req.txfree_path.path = val;
3600 break;
3601 default:
3602 return -EINVAL;
3603 }
3604
3605 return mt76_mcu_send_msg(&dev->mt76, MCU_WM_UNI_CMD(RRO), &req,
3606 sizeof(req), true);
3607}