1// SPDX-License-Identifier: ISC 2/* 3 * Copyright (C) 2022 MediaTek Inc. 4 */ 5 6#include <linux/firmware.h> 7#include <linux/fs.h> 8#include "mt7996.h" 9#include "mcu.h" 10#include "mac.h" 11#include "eeprom.h" 12 13struct mt7996_patch_hdr { 14 char build_date[16]; 15 char platform[4]; 16 __be32 hw_sw_ver; 17 __be32 patch_ver; 18 __be16 checksum; 19 u16 reserved; 20 struct { 21 __be32 patch_ver; 22 __be32 subsys; 23 __be32 feature; 24 __be32 n_region; 25 __be32 crc; 26 u32 reserved[11]; 27 } desc; 28} __packed; 29 30struct mt7996_patch_sec { 31 __be32 type; 32 __be32 offs; 33 __be32 size; 34 union { 35 __be32 spec[13]; 36 struct { 37 __be32 addr; 38 __be32 len; 39 __be32 sec_key_idx; 40 __be32 align_len; 41 u32 reserved[9]; 42 } info; 43 }; 44} __packed; 45 46struct mt7996_fw_trailer { 47 u8 chip_id; 48 u8 eco_code; 49 u8 n_region; 50 u8 format_ver; 51 u8 format_flag; 52 u8 reserved[2]; 53 char fw_ver[10]; 54 char build_date[15]; 55 u32 crc; 56} __packed; 57 58struct mt7996_fw_region { 59 __le32 decomp_crc; 60 __le32 decomp_len; 61 __le32 decomp_blk_sz; 62 u8 reserved[4]; 63 __le32 addr; 64 __le32 len; 65 u8 feature_set; 66 u8 reserved1[15]; 67} __packed; 68 69#define MCU_PATCH_ADDRESS 0x200000 70 71#define HE_PHY(p, c) u8_get_bits(c, IEEE80211_HE_PHY_##p) 72#define HE_MAC(m, c) u8_get_bits(c, IEEE80211_HE_MAC_##m) 73#define EHT_PHY(p, c) u8_get_bits(c, IEEE80211_EHT_PHY_##p) 74 75static bool sr_scene_detect = true; 76module_param(sr_scene_detect, bool, 0644); 77MODULE_PARM_DESC(sr_scene_detect, "Enable firmware scene detection algorithm"); 78 79static u8 80mt7996_mcu_get_sta_nss(u16 mcs_map) 81{ 82 u8 nss; 83 84 for (nss = 8; nss > 0; nss--) { 85 u8 nss_mcs = (mcs_map >> (2 * (nss - 1))) & 3; 86 87 if (nss_mcs != IEEE80211_VHT_MCS_NOT_SUPPORTED) 88 break; 89 } 90 91 return nss - 1; 92} 93 94static void 95mt7996_mcu_set_sta_he_mcs(struct ieee80211_sta *sta, __le16 *he_mcs, 96 u16 mcs_map) 97{ 98 struct mt7996_sta *msta = (struct mt7996_sta *)sta->drv_priv; 99 enum nl80211_band band = msta->vif->phy->mt76->chandef.chan->band; 100 const u16 *mask = msta->vif->bitrate_mask.control[band].he_mcs; 101 int nss, max_nss = sta->deflink.rx_nss > 3 ? 4 : sta->deflink.rx_nss; 102 103 for (nss = 0; nss < max_nss; nss++) { 104 int mcs; 105 106 switch ((mcs_map >> (2 * nss)) & 0x3) { 107 case IEEE80211_HE_MCS_SUPPORT_0_11: 108 mcs = GENMASK(11, 0); 109 break; 110 case IEEE80211_HE_MCS_SUPPORT_0_9: 111 mcs = GENMASK(9, 0); 112 break; 113 case IEEE80211_HE_MCS_SUPPORT_0_7: 114 mcs = GENMASK(7, 0); 115 break; 116 default: 117 mcs = 0; 118 } 119 120 mcs = mcs ? fls(mcs & mask[nss]) - 1 : -1; 121 122 switch (mcs) { 123 case 0 ... 7: 124 mcs = IEEE80211_HE_MCS_SUPPORT_0_7; 125 break; 126 case 8 ... 9: 127 mcs = IEEE80211_HE_MCS_SUPPORT_0_9; 128 break; 129 case 10 ... 11: 130 mcs = IEEE80211_HE_MCS_SUPPORT_0_11; 131 break; 132 default: 133 mcs = IEEE80211_HE_MCS_NOT_SUPPORTED; 134 break; 135 } 136 mcs_map &= ~(0x3 << (nss * 2)); 137 mcs_map |= mcs << (nss * 2); 138 } 139 140 *he_mcs = cpu_to_le16(mcs_map); 141} 142 143static void 144mt7996_mcu_set_sta_vht_mcs(struct ieee80211_sta *sta, __le16 *vht_mcs, 145 const u16 *mask) 146{ 147 u16 mcs, mcs_map = le16_to_cpu(sta->deflink.vht_cap.vht_mcs.rx_mcs_map); 148 int nss, max_nss = sta->deflink.rx_nss > 3 ? 4 : sta->deflink.rx_nss; 149 150 for (nss = 0; nss < max_nss; nss++, mcs_map >>= 2) { 151 switch (mcs_map & 0x3) { 152 case IEEE80211_VHT_MCS_SUPPORT_0_9: 153 mcs = GENMASK(9, 0); 154 break; 155 case IEEE80211_VHT_MCS_SUPPORT_0_8: 156 mcs = GENMASK(8, 0); 157 break; 158 case IEEE80211_VHT_MCS_SUPPORT_0_7: 159 mcs = GENMASK(7, 0); 160 break; 161 default: 162 mcs = 0; 163 } 164 165 vht_mcs[nss] = cpu_to_le16(mcs & mask[nss]); 166 } 167} 168 169static void 170mt7996_mcu_set_sta_ht_mcs(struct ieee80211_sta *sta, u8 *ht_mcs, 171 const u8 *mask) 172{ 173 int nss, max_nss = sta->deflink.rx_nss > 3 ? 4 : sta->deflink.rx_nss; 174 175 for (nss = 0; nss < max_nss; nss++) 176 ht_mcs[nss] = sta->deflink.ht_cap.mcs.rx_mask[nss] & mask[nss]; 177} 178 179static int 180mt7996_mcu_parse_response(struct mt76_dev *mdev, int cmd, 181 struct sk_buff *skb, int seq) 182{ 183 struct mt7996_mcu_rxd *rxd; 184 struct mt7996_mcu_uni_event *event; 185 int mcu_cmd = FIELD_GET(__MCU_CMD_FIELD_ID, cmd); 186 int ret = 0; 187 188 if (!skb) { 189 dev_err(mdev->dev, "Message %08x (seq %d) timeout\n", 190 cmd, seq); 191 return -ETIMEDOUT; 192 } 193 194 rxd = (struct mt7996_mcu_rxd *)skb->data; 195 if (seq != rxd->seq) 196 return -EAGAIN; 197 198 if (cmd == MCU_CMD(PATCH_SEM_CONTROL)) { 199 skb_pull(skb, sizeof(*rxd) - 4); 200 ret = *skb->data; 201 } else if ((rxd->option & MCU_UNI_CMD_EVENT) && 202 rxd->eid == MCU_UNI_EVENT_RESULT) { 203 skb_pull(skb, sizeof(*rxd)); 204 event = (struct mt7996_mcu_uni_event *)skb->data; 205 ret = le32_to_cpu(event->status); 206 /* skip invalid event */ 207 if (mcu_cmd != event->cid) 208 ret = -EAGAIN; 209 } else { 210 skb_pull(skb, sizeof(struct mt7996_mcu_rxd)); 211 } 212 213 return ret; 214} 215 216static int 217mt7996_mcu_send_message(struct mt76_dev *mdev, struct sk_buff *skb, 218 int cmd, int *wait_seq) 219{ 220 struct mt7996_dev *dev = container_of(mdev, struct mt7996_dev, mt76); 221 int txd_len, mcu_cmd = FIELD_GET(__MCU_CMD_FIELD_ID, cmd); 222 struct mt76_connac2_mcu_uni_txd *uni_txd; 223 struct mt76_connac2_mcu_txd *mcu_txd; 224 enum mt76_mcuq_id qid; 225 __le32 *txd; 226 u32 val; 227 u8 seq; 228 229 mdev->mcu.timeout = 20 * HZ; 230 231 seq = ++dev->mt76.mcu.msg_seq & 0xf; 232 if (!seq) 233 seq = ++dev->mt76.mcu.msg_seq & 0xf; 234 235 if (cmd == MCU_CMD(FW_SCATTER)) { 236 qid = MT_MCUQ_FWDL; 237 goto exit; 238 } 239 240 txd_len = cmd & __MCU_CMD_FIELD_UNI ? sizeof(*uni_txd) : sizeof(*mcu_txd); 241 txd = (__le32 *)skb_push(skb, txd_len); 242 if (test_bit(MT76_STATE_MCU_RUNNING, &dev->mphy.state)) 243 qid = MT_MCUQ_WA; 244 else 245 qid = MT_MCUQ_WM; 246 247 val = FIELD_PREP(MT_TXD0_TX_BYTES, skb->len) | 248 FIELD_PREP(MT_TXD0_PKT_FMT, MT_TX_TYPE_CMD) | 249 FIELD_PREP(MT_TXD0_Q_IDX, MT_TX_MCU_PORT_RX_Q0); 250 txd[0] = cpu_to_le32(val); 251 252 val = FIELD_PREP(MT_TXD1_HDR_FORMAT, MT_HDR_FORMAT_CMD); 253 txd[1] = cpu_to_le32(val); 254 255 if (cmd & __MCU_CMD_FIELD_UNI) { 256 uni_txd = (struct mt76_connac2_mcu_uni_txd *)txd; 257 uni_txd->len = cpu_to_le16(skb->len - sizeof(uni_txd->txd)); 258 uni_txd->cid = cpu_to_le16(mcu_cmd); 259 uni_txd->s2d_index = MCU_S2D_H2CN; 260 uni_txd->pkt_type = MCU_PKT_ID; 261 uni_txd->seq = seq; 262 263 if (cmd & __MCU_CMD_FIELD_QUERY) 264 uni_txd->option = MCU_CMD_UNI_QUERY_ACK; 265 else 266 uni_txd->option = MCU_CMD_UNI_EXT_ACK; 267 268 if ((cmd & __MCU_CMD_FIELD_WA) && (cmd & __MCU_CMD_FIELD_WM)) 269 uni_txd->s2d_index = MCU_S2D_H2CN; 270 else if (cmd & __MCU_CMD_FIELD_WA) 271 uni_txd->s2d_index = MCU_S2D_H2C; 272 else if (cmd & __MCU_CMD_FIELD_WM) 273 uni_txd->s2d_index = MCU_S2D_H2N; 274 275 goto exit; 276 } 277 278 mcu_txd = (struct mt76_connac2_mcu_txd *)txd; 279 mcu_txd->len = cpu_to_le16(skb->len - sizeof(mcu_txd->txd)); 280 mcu_txd->pq_id = cpu_to_le16(MCU_PQ_ID(MT_TX_PORT_IDX_MCU, 281 MT_TX_MCU_PORT_RX_Q0)); 282 mcu_txd->pkt_type = MCU_PKT_ID; 283 mcu_txd->seq = seq; 284 285 mcu_txd->cid = FIELD_GET(__MCU_CMD_FIELD_ID, cmd); 286 mcu_txd->set_query = MCU_Q_NA; 287 mcu_txd->ext_cid = FIELD_GET(__MCU_CMD_FIELD_EXT_ID, cmd); 288 if (mcu_txd->ext_cid) { 289 mcu_txd->ext_cid_ack = 1; 290 291 if (cmd & __MCU_CMD_FIELD_QUERY) 292 mcu_txd->set_query = MCU_Q_QUERY; 293 else 294 mcu_txd->set_query = MCU_Q_SET; 295 } 296 297 if (cmd & __MCU_CMD_FIELD_WA) 298 mcu_txd->s2d_index = MCU_S2D_H2C; 299 else 300 mcu_txd->s2d_index = MCU_S2D_H2N; 301 302exit: 303 if (wait_seq) 304 *wait_seq = seq; 305 306 return mt76_tx_queue_skb_raw(dev, mdev->q_mcu[qid], skb, 0); 307} 308 309int mt7996_mcu_wa_cmd(struct mt7996_dev *dev, int cmd, u32 a1, u32 a2, u32 a3) 310{ 311 struct { 312 __le32 args[3]; 313 } req = { 314 .args = { 315 cpu_to_le32(a1), 316 cpu_to_le32(a2), 317 cpu_to_le32(a3), 318 }, 319 }; 320 321 return mt76_mcu_send_msg(&dev->mt76, cmd, &req, sizeof(req), false); 322} 323 324static void 325mt7996_mcu_csa_finish(void *priv, u8 *mac, struct ieee80211_vif *vif) 326{ 327 if (vif->bss_conf.csa_active) 328 ieee80211_csa_finish(vif); 329} 330 331static void 332mt7996_mcu_rx_radar_detected(struct mt7996_dev *dev, struct sk_buff *skb) 333{ 334 struct mt76_phy *mphy = &dev->mt76.phy; 335 struct mt7996_mcu_rdd_report *r; 336 337 r = (struct mt7996_mcu_rdd_report *)skb->data; 338 339 if (r->band_idx >= ARRAY_SIZE(dev->mt76.phys)) 340 return; 341 342 if (dev->rdd2_phy && r->band_idx == MT_RX_SEL2) 343 mphy = dev->rdd2_phy->mt76; 344 else 345 mphy = dev->mt76.phys[r->band_idx]; 346 347 if (!mphy) 348 return; 349 350 if (r->band_idx == MT_RX_SEL2) 351 cfg80211_background_radar_event(mphy->hw->wiphy, 352 &dev->rdd2_chandef, 353 GFP_ATOMIC); 354 else 355 ieee80211_radar_detected(mphy->hw); 356 dev->hw_pattern++; 357} 358 359static void 360mt7996_mcu_rx_log_message(struct mt7996_dev *dev, struct sk_buff *skb) 361{ 362#define UNI_EVENT_FW_LOG_FORMAT 0 363 struct mt7996_mcu_rxd *rxd = (struct mt7996_mcu_rxd *)skb->data; 364 const char *data = (char *)&rxd[1] + 4, *type; 365#if defined(__linux__) 366 struct tlv *tlv = (struct tlv *)data; 367#elif defined(__FreeBSD__) 368 const struct tlv *tlv = (const struct tlv *)data; 369#endif 370 int len; 371 372 if (!(rxd->option & MCU_UNI_CMD_EVENT)) { 373 len = skb->len - sizeof(*rxd); 374 data = (char *)&rxd[1]; 375 goto out; 376 } 377 378 if (le16_to_cpu(tlv->tag) != UNI_EVENT_FW_LOG_FORMAT) 379 return; 380 381 data += sizeof(*tlv) + 4; 382 len = le16_to_cpu(tlv->len) - sizeof(*tlv) - 4; 383 384out: 385 switch (rxd->s2d_index) { 386 case 0: 387 if (mt7996_debugfs_rx_log(dev, data, len)) 388 return; 389 390 type = "WM"; 391 break; 392 case 2: 393 type = "WA"; 394 break; 395 default: 396 type = "unknown"; 397 break; 398 } 399 400 wiphy_info(mt76_hw(dev)->wiphy, "%s: %.*s", type, len, data); 401} 402 403static void 404mt7996_mcu_cca_finish(void *priv, u8 *mac, struct ieee80211_vif *vif) 405{ 406 if (!vif->bss_conf.color_change_active) 407 return; 408 409 ieee80211_color_change_finish(vif); 410} 411 412static void 413mt7996_mcu_ie_countdown(struct mt7996_dev *dev, struct sk_buff *skb) 414{ 415#define UNI_EVENT_IE_COUNTDOWN_CSA 0 416#define UNI_EVENT_IE_COUNTDOWN_BCC 1 417 struct header { 418 u8 band; 419 u8 rsv[3]; 420 }; 421 struct mt76_phy *mphy = &dev->mt76.phy; 422 struct mt7996_mcu_rxd *rxd = (struct mt7996_mcu_rxd *)skb->data; 423 const char *data = (char *)&rxd[1], *tail; 424#if defined(__linux__) 425 struct header *hdr = (struct header *)data; 426 struct tlv *tlv = (struct tlv *)(data + 4); 427#elif defined(__FreeBSD__) 428 const struct header *hdr = (const struct header *)data; 429 const struct tlv *tlv = (const struct tlv *)(data + 4); 430#endif 431 432 if (hdr->band >= ARRAY_SIZE(dev->mt76.phys)) 433 return; 434 435 if (hdr->band && dev->mt76.phys[hdr->band]) 436 mphy = dev->mt76.phys[hdr->band]; 437 438 tail = skb->data + skb->len; 439 data += sizeof(struct header); 440 while (data + sizeof(struct tlv) < tail && le16_to_cpu(tlv->len)) { 441 switch (le16_to_cpu(tlv->tag)) { 442 case UNI_EVENT_IE_COUNTDOWN_CSA: 443 ieee80211_iterate_active_interfaces_atomic(mphy->hw, 444 IEEE80211_IFACE_ITER_RESUME_ALL, 445 mt7996_mcu_csa_finish, mphy->hw); 446 break; 447 case UNI_EVENT_IE_COUNTDOWN_BCC: 448 ieee80211_iterate_active_interfaces_atomic(mphy->hw, 449 IEEE80211_IFACE_ITER_RESUME_ALL, 450 mt7996_mcu_cca_finish, mphy->hw); 451 break; 452 } 453 454 data += le16_to_cpu(tlv->len); 455#if defined(__linux__) 456 tlv = (struct tlv *)data; 457#elif defined(__FreeBSD__) 458 tlv = (const struct tlv *)data; 459#endif 460 } 461} 462 463static void 464mt7996_mcu_rx_ext_event(struct mt7996_dev *dev, struct sk_buff *skb) 465{ 466 struct mt7996_mcu_rxd *rxd = (struct mt7996_mcu_rxd *)skb->data; 467 468 switch (rxd->ext_eid) { 469 case MCU_EXT_EVENT_FW_LOG_2_HOST: 470 mt7996_mcu_rx_log_message(dev, skb); 471 break; 472 default: 473 break; 474 } 475} 476 477static void 478mt7996_mcu_rx_unsolicited_event(struct mt7996_dev *dev, struct sk_buff *skb) 479{ 480 struct mt7996_mcu_rxd *rxd = (struct mt7996_mcu_rxd *)skb->data; 481 482 switch (rxd->eid) { 483 case MCU_EVENT_EXT: 484 mt7996_mcu_rx_ext_event(dev, skb); 485 break; 486 default: 487 break; 488 } 489 dev_kfree_skb(skb); 490} 491 492static void 493mt7996_mcu_uni_rx_unsolicited_event(struct mt7996_dev *dev, struct sk_buff *skb) 494{ 495 struct mt7996_mcu_rxd *rxd = (struct mt7996_mcu_rxd *)skb->data; 496 497 switch (rxd->eid) { 498 case MCU_UNI_EVENT_FW_LOG_2_HOST: 499 mt7996_mcu_rx_log_message(dev, skb); 500 break; 501 case MCU_UNI_EVENT_IE_COUNTDOWN: 502 mt7996_mcu_ie_countdown(dev, skb); 503 break; 504 case MCU_UNI_EVENT_RDD_REPORT: 505 mt7996_mcu_rx_radar_detected(dev, skb); 506 break; 507 default: 508 break; 509 } 510 dev_kfree_skb(skb); 511} 512 513void mt7996_mcu_rx_event(struct mt7996_dev *dev, struct sk_buff *skb) 514{ 515 struct mt7996_mcu_rxd *rxd = (struct mt7996_mcu_rxd *)skb->data; 516 517 if (rxd->option & MCU_UNI_CMD_UNSOLICITED_EVENT) { 518 mt7996_mcu_uni_rx_unsolicited_event(dev, skb); 519 return; 520 } 521 522 /* WA still uses legacy event*/ 523 if (rxd->ext_eid == MCU_EXT_EVENT_FW_LOG_2_HOST || 524 !rxd->seq) 525 mt7996_mcu_rx_unsolicited_event(dev, skb); 526 else 527 mt76_mcu_rx_event(&dev->mt76, skb); 528} 529 530static struct tlv * 531mt7996_mcu_add_uni_tlv(struct sk_buff *skb, u16 tag, u16 len) 532{ 533 struct tlv *ptlv, tlv = { 534 .tag = cpu_to_le16(tag), 535 .len = cpu_to_le16(len), 536 }; 537 538 ptlv = skb_put(skb, len); 539 memcpy(ptlv, &tlv, sizeof(tlv)); 540 541 return ptlv; 542} 543 544static void 545mt7996_mcu_bss_rfch_tlv(struct sk_buff *skb, struct ieee80211_vif *vif, 546 struct mt7996_phy *phy) 547{ 548 static const u8 rlm_ch_band[] = { 549 [NL80211_BAND_2GHZ] = 1, 550 [NL80211_BAND_5GHZ] = 2, 551 [NL80211_BAND_6GHZ] = 3, 552 }; 553 struct cfg80211_chan_def *chandef = &phy->mt76->chandef; 554 struct bss_rlm_tlv *ch; 555 struct tlv *tlv; 556 int freq1 = chandef->center_freq1; 557 558 tlv = mt7996_mcu_add_uni_tlv(skb, UNI_BSS_INFO_RLM, sizeof(*ch)); 559 560 ch = (struct bss_rlm_tlv *)tlv; 561 ch->control_channel = chandef->chan->hw_value; 562 ch->center_chan = ieee80211_frequency_to_channel(freq1); 563 ch->bw = mt76_connac_chan_bw(chandef); 564 ch->tx_streams = hweight8(phy->mt76->antenna_mask); 565 ch->rx_streams = hweight8(phy->mt76->antenna_mask); 566 ch->band = rlm_ch_band[chandef->chan->band]; 567 568 if (chandef->width == NL80211_CHAN_WIDTH_80P80) { 569 int freq2 = chandef->center_freq2; 570 571 ch->center_chan2 = ieee80211_frequency_to_channel(freq2); 572 } 573} 574 575static void 576mt7996_mcu_bss_ra_tlv(struct sk_buff *skb, struct ieee80211_vif *vif, 577 struct mt7996_phy *phy) 578{ 579 struct bss_ra_tlv *ra; 580 struct tlv *tlv; 581 582 tlv = mt7996_mcu_add_uni_tlv(skb, UNI_BSS_INFO_RA, sizeof(*ra)); 583 584 ra = (struct bss_ra_tlv *)tlv; 585 ra->short_preamble = true; 586} 587 588static void 589mt7996_mcu_bss_he_tlv(struct sk_buff *skb, struct ieee80211_vif *vif, 590 struct mt7996_phy *phy) 591{ 592#define DEFAULT_HE_PE_DURATION 4 593#define DEFAULT_HE_DURATION_RTS_THRES 1023 594 const struct ieee80211_sta_he_cap *cap; 595 struct bss_info_uni_he *he; 596 struct tlv *tlv; 597 598 cap = mt76_connac_get_he_phy_cap(phy->mt76, vif); 599 600 tlv = mt7996_mcu_add_uni_tlv(skb, UNI_BSS_INFO_HE_BASIC, sizeof(*he)); 601 602 he = (struct bss_info_uni_he *)tlv; 603 he->he_pe_duration = vif->bss_conf.htc_trig_based_pkt_ext; 604 if (!he->he_pe_duration) 605 he->he_pe_duration = DEFAULT_HE_PE_DURATION; 606 607 he->he_rts_thres = cpu_to_le16(vif->bss_conf.frame_time_rts_th); 608 if (!he->he_rts_thres) 609 he->he_rts_thres = cpu_to_le16(DEFAULT_HE_DURATION_RTS_THRES); 610 611 he->max_nss_mcs[CMD_HE_MCS_BW80] = cap->he_mcs_nss_supp.tx_mcs_80; 612 he->max_nss_mcs[CMD_HE_MCS_BW160] = cap->he_mcs_nss_supp.tx_mcs_160; 613 he->max_nss_mcs[CMD_HE_MCS_BW8080] = cap->he_mcs_nss_supp.tx_mcs_80p80; 614} 615 616static void 617mt7996_mcu_bss_bmc_tlv(struct sk_buff *skb, struct ieee80211_vif *vif, 618 struct mt7996_phy *phy) 619{ 620 struct mt76_vif *mvif = (struct mt76_vif *)vif->drv_priv; 621 struct bss_rate_tlv *bmc; 622 struct cfg80211_chan_def *chandef = &phy->mt76->chandef; 623 enum nl80211_band band = chandef->chan->band; 624 struct tlv *tlv; 625 u8 idx = mvif->mcast_rates_idx ? 626 mvif->mcast_rates_idx : mvif->basic_rates_idx; 627 628 tlv = mt7996_mcu_add_uni_tlv(skb, UNI_BSS_INFO_RATE, sizeof(*bmc)); 629 630 bmc = (struct bss_rate_tlv *)tlv; 631 632 bmc->short_preamble = (band == NL80211_BAND_2GHZ); 633 bmc->bc_fixed_rate = idx; 634 bmc->mc_fixed_rate = idx; 635} 636 637static void 638mt7996_mcu_bss_txcmd_tlv(struct sk_buff *skb, bool en) 639{ 640 struct bss_txcmd_tlv *txcmd; 641 struct tlv *tlv; 642 643 tlv = mt7996_mcu_add_uni_tlv(skb, UNI_BSS_INFO_TXCMD, sizeof(*txcmd)); 644 645 txcmd = (struct bss_txcmd_tlv *)tlv; 646 txcmd->txcmd_mode = en; 647} 648 649static void 650mt7996_mcu_bss_mld_tlv(struct sk_buff *skb, struct ieee80211_vif *vif) 651{ 652 struct mt7996_vif *mvif = (struct mt7996_vif *)vif->drv_priv; 653 struct bss_mld_tlv *mld; 654 struct tlv *tlv; 655 656 tlv = mt7996_mcu_add_uni_tlv(skb, UNI_BSS_INFO_MLD, sizeof(*mld)); 657 658 mld = (struct bss_mld_tlv *)tlv; 659 mld->group_mld_id = 0xff; 660 mld->own_mld_id = mvif->mt76.idx; 661 mld->remap_idx = 0xff; 662} 663 664static void 665mt7996_mcu_bss_sec_tlv(struct sk_buff *skb, struct ieee80211_vif *vif) 666{ 667 struct mt76_vif *mvif = (struct mt76_vif *)vif->drv_priv; 668 struct bss_sec_tlv *sec; 669 struct tlv *tlv; 670 671 tlv = mt7996_mcu_add_uni_tlv(skb, UNI_BSS_INFO_SEC, sizeof(*sec)); 672 673 sec = (struct bss_sec_tlv *)tlv; 674 sec->cipher = mvif->cipher; 675} 676 677static int 678mt7996_mcu_muar_config(struct mt7996_phy *phy, struct ieee80211_vif *vif, 679 bool bssid, bool enable) 680{ 681#define UNI_MUAR_ENTRY 2 682 struct mt7996_dev *dev = phy->dev; 683 struct mt7996_vif *mvif = (struct mt7996_vif *)vif->drv_priv; 684 u32 idx = mvif->mt76.omac_idx - REPEATER_BSSID_START; 685 const u8 *addr = vif->addr; 686 687 struct { 688 struct { 689 u8 band; 690 u8 __rsv[3]; 691 } hdr; 692 693 __le16 tag; 694 __le16 len; 695 696 bool smesh; 697 u8 bssid; 698 u8 index; 699 u8 entry_add; 700 u8 addr[ETH_ALEN]; 701 u8 __rsv[2]; 702 } __packed req = { 703 .hdr.band = phy->mt76->band_idx, 704 .tag = cpu_to_le16(UNI_MUAR_ENTRY), 705 .len = cpu_to_le16(sizeof(req) - sizeof(req.hdr)), 706 .smesh = false, 707 .index = idx * 2 + bssid, 708 .entry_add = true, 709 }; 710 711 if (bssid) 712 addr = vif->bss_conf.bssid; 713 714 if (enable) 715 memcpy(req.addr, addr, ETH_ALEN); 716 717 return mt76_mcu_send_msg(&dev->mt76, MCU_WM_UNI_CMD(REPT_MUAR), &req, 718 sizeof(req), true); 719} 720 721static void 722mt7996_mcu_bss_ifs_timing_tlv(struct sk_buff *skb, struct ieee80211_vif *vif) 723{ 724 struct mt7996_vif *mvif = (struct mt7996_vif *)vif->drv_priv; 725 struct mt7996_phy *phy = mvif->phy; 726 struct bss_ifs_time_tlv *ifs_time; 727 struct tlv *tlv; 728 bool is_2ghz = phy->mt76->chandef.chan->band == NL80211_BAND_2GHZ; 729 730 tlv = mt7996_mcu_add_uni_tlv(skb, UNI_BSS_INFO_IFS_TIME, sizeof(*ifs_time)); 731 732 ifs_time = (struct bss_ifs_time_tlv *)tlv; 733 ifs_time->slot_valid = true; 734 ifs_time->sifs_valid = true; 735 ifs_time->rifs_valid = true; 736 ifs_time->eifs_valid = true; 737 738 ifs_time->slot_time = cpu_to_le16(phy->slottime); 739 ifs_time->sifs_time = cpu_to_le16(10); 740 ifs_time->rifs_time = cpu_to_le16(2); 741 ifs_time->eifs_time = cpu_to_le16(is_2ghz ? 78 : 84); 742 743 if (is_2ghz) { 744 ifs_time->eifs_cck_valid = true; 745 ifs_time->eifs_cck_time = cpu_to_le16(314); 746 } 747} 748 749static int 750mt7996_mcu_bss_basic_tlv(struct sk_buff *skb, 751 struct ieee80211_vif *vif, 752 struct ieee80211_sta *sta, 753 struct mt76_phy *phy, u16 wlan_idx, 754 bool enable) 755{ 756 struct mt76_vif *mvif = (struct mt76_vif *)vif->drv_priv; 757 struct cfg80211_chan_def *chandef = &phy->chandef; 758 struct mt76_connac_bss_basic_tlv *bss; 759 u32 type = CONNECTION_INFRA_AP; 760 u16 sta_wlan_idx = wlan_idx; 761 struct tlv *tlv; 762 int idx; 763 764 switch (vif->type) { 765 case NL80211_IFTYPE_MESH_POINT: 766 case NL80211_IFTYPE_AP: 767 case NL80211_IFTYPE_MONITOR: 768 break; 769 case NL80211_IFTYPE_STATION: 770 if (enable) { 771 rcu_read_lock(); 772 if (!sta) 773 sta = ieee80211_find_sta(vif, 774 vif->bss_conf.bssid); 775 /* TODO: enable BSS_INFO_UAPSD & BSS_INFO_PM */ 776 if (sta) { 777 struct mt76_wcid *wcid; 778 779 wcid = (struct mt76_wcid *)sta->drv_priv; 780 sta_wlan_idx = wcid->idx; 781 } 782 rcu_read_unlock(); 783 } 784 type = CONNECTION_INFRA_STA; 785 break; 786 case NL80211_IFTYPE_ADHOC: 787 type = CONNECTION_IBSS_ADHOC; 788 break; 789 default: 790 WARN_ON(1); 791 break; 792 } 793 794 tlv = mt7996_mcu_add_uni_tlv(skb, UNI_BSS_INFO_BASIC, sizeof(*bss)); 795 796 bss = (struct mt76_connac_bss_basic_tlv *)tlv; 797 bss->bcn_interval = cpu_to_le16(vif->bss_conf.beacon_int); 798 bss->dtim_period = vif->bss_conf.dtim_period; 799 bss->bmc_tx_wlan_idx = cpu_to_le16(wlan_idx); 800 bss->sta_idx = cpu_to_le16(sta_wlan_idx); 801 bss->conn_type = cpu_to_le32(type); 802 bss->omac_idx = mvif->omac_idx; 803 bss->band_idx = mvif->band_idx; 804 bss->wmm_idx = mvif->wmm_idx; 805 bss->conn_state = !enable; 806 bss->active = enable; 807 808 idx = mvif->omac_idx > EXT_BSSID_START ? HW_BSSID_0 : mvif->omac_idx; 809 bss->hw_bss_idx = idx; 810 811 if (vif->type == NL80211_IFTYPE_MONITOR) { 812 memcpy(bss->bssid, phy->macaddr, ETH_ALEN); 813 return 0; 814 } 815 816 memcpy(bss->bssid, vif->bss_conf.bssid, ETH_ALEN); 817 bss->bcn_interval = cpu_to_le16(vif->bss_conf.beacon_int); 818 bss->dtim_period = vif->bss_conf.dtim_period; 819 bss->phymode = mt76_connac_get_phy_mode(phy, vif, 820 chandef->chan->band, NULL); 821 bss->phymode_ext = mt76_connac_get_phy_mode_ext(phy, vif, 822 chandef->chan->band); 823 824 return 0; 825} 826 827static struct sk_buff * 828__mt7996_mcu_alloc_bss_req(struct mt76_dev *dev, struct mt76_vif *mvif, int len) 829{ 830 struct bss_req_hdr hdr = { 831 .bss_idx = mvif->idx, 832 }; 833 struct sk_buff *skb; 834 835 skb = mt76_mcu_msg_alloc(dev, NULL, len); 836 if (!skb) 837 return ERR_PTR(-ENOMEM); 838 839 skb_put_data(skb, &hdr, sizeof(hdr)); 840 841 return skb; 842} 843 844int mt7996_mcu_add_bss_info(struct mt7996_phy *phy, 845 struct ieee80211_vif *vif, int enable) 846{ 847 struct mt7996_vif *mvif = (struct mt7996_vif *)vif->drv_priv; 848 struct mt7996_dev *dev = phy->dev; 849 struct sk_buff *skb; 850 851 if (mvif->mt76.omac_idx >= REPEATER_BSSID_START) { 852 mt7996_mcu_muar_config(phy, vif, false, enable); 853 mt7996_mcu_muar_config(phy, vif, true, enable); 854 } 855 856 skb = __mt7996_mcu_alloc_bss_req(&dev->mt76, &mvif->mt76, 857 MT7996_BSS_UPDATE_MAX_SIZE); 858 if (IS_ERR(skb)) 859 return PTR_ERR(skb); 860 861 /* bss_basic must be first */ 862 mt7996_mcu_bss_basic_tlv(skb, vif, NULL, phy->mt76, 863 mvif->sta.wcid.idx, enable); 864 mt7996_mcu_bss_sec_tlv(skb, vif); 865 866 if (vif->type == NL80211_IFTYPE_MONITOR) 867 goto out; 868 869 if (enable) { 870 mt7996_mcu_bss_rfch_tlv(skb, vif, phy); 871 mt7996_mcu_bss_bmc_tlv(skb, vif, phy); 872 mt7996_mcu_bss_ra_tlv(skb, vif, phy); 873 mt7996_mcu_bss_txcmd_tlv(skb, true); 874 mt7996_mcu_bss_ifs_timing_tlv(skb, vif); 875 876 if (vif->bss_conf.he_support) 877 mt7996_mcu_bss_he_tlv(skb, vif, phy); 878 879 /* this tag is necessary no matter if the vif is MLD */ 880 mt7996_mcu_bss_mld_tlv(skb, vif); 881 } 882out: 883 return mt76_mcu_skb_send_msg(&dev->mt76, skb, 884 MCU_WMWA_UNI_CMD(BSS_INFO_UPDATE), true); 885} 886 887int mt7996_mcu_set_timing(struct mt7996_phy *phy, struct ieee80211_vif *vif) 888{ 889 struct mt7996_vif *mvif = (struct mt7996_vif *)vif->drv_priv; 890 struct mt7996_dev *dev = phy->dev; 891 struct sk_buff *skb; 892 893 skb = __mt7996_mcu_alloc_bss_req(&dev->mt76, &mvif->mt76, 894 MT7996_BSS_UPDATE_MAX_SIZE); 895 if (IS_ERR(skb)) 896 return PTR_ERR(skb); 897 898 mt7996_mcu_bss_ifs_timing_tlv(skb, vif); 899 900 return mt76_mcu_skb_send_msg(&dev->mt76, skb, 901 MCU_WMWA_UNI_CMD(BSS_INFO_UPDATE), true); 902} 903 904static int 905mt7996_mcu_sta_ba(struct mt76_dev *dev, struct mt76_vif *mvif, 906 struct ieee80211_ampdu_params *params, 907 bool enable, bool tx) 908{ 909 struct mt76_wcid *wcid = (struct mt76_wcid *)params->sta->drv_priv; 910 struct sta_rec_ba_uni *ba; 911 struct sk_buff *skb; 912 struct tlv *tlv; 913 914 skb = __mt76_connac_mcu_alloc_sta_req(dev, mvif, wcid, 915 MT7996_STA_UPDATE_MAX_SIZE); 916 if (IS_ERR(skb)) 917 return PTR_ERR(skb); 918 919 tlv = mt76_connac_mcu_add_tlv(skb, STA_REC_BA, sizeof(*ba)); 920 921 ba = (struct sta_rec_ba_uni *)tlv; 922 ba->ba_type = tx ? MT_BA_TYPE_ORIGINATOR : MT_BA_TYPE_RECIPIENT; 923 ba->winsize = cpu_to_le16(params->buf_size); 924 ba->ssn = cpu_to_le16(params->ssn); 925 ba->ba_en = enable << params->tid; 926 ba->amsdu = params->amsdu; 927 ba->tid = params->tid; 928 929 return mt76_mcu_skb_send_msg(dev, skb, 930 MCU_WMWA_UNI_CMD(STA_REC_UPDATE), true); 931} 932 933/** starec & wtbl **/ 934int mt7996_mcu_add_tx_ba(struct mt7996_dev *dev, 935 struct ieee80211_ampdu_params *params, 936 bool enable) 937{ 938 struct mt7996_sta *msta = (struct mt7996_sta *)params->sta->drv_priv; 939 struct mt7996_vif *mvif = msta->vif; 940 941 if (enable && !params->amsdu) 942 msta->wcid.amsdu = false; 943 944 return mt7996_mcu_sta_ba(&dev->mt76, &mvif->mt76, params, 945 enable, true); 946} 947 948int mt7996_mcu_add_rx_ba(struct mt7996_dev *dev, 949 struct ieee80211_ampdu_params *params, 950 bool enable) 951{ 952 struct mt7996_sta *msta = (struct mt7996_sta *)params->sta->drv_priv; 953 struct mt7996_vif *mvif = msta->vif; 954 955 return mt7996_mcu_sta_ba(&dev->mt76, &mvif->mt76, params, 956 enable, false); 957} 958 959static void 960mt7996_mcu_sta_he_tlv(struct sk_buff *skb, struct ieee80211_sta *sta) 961{ 962 struct ieee80211_he_cap_elem *elem = &sta->deflink.he_cap.he_cap_elem; 963 struct ieee80211_he_mcs_nss_supp mcs_map; 964 struct sta_rec_he_v2 *he; 965 struct tlv *tlv; 966 int i = 0; 967 968 if (!sta->deflink.he_cap.has_he) 969 return; 970 971 tlv = mt76_connac_mcu_add_tlv(skb, STA_REC_HE_V2, sizeof(*he)); 972 973 he = (struct sta_rec_he_v2 *)tlv; 974 for (i = 0; i < 11; i++) { 975 if (i < 6) 976 he->he_mac_cap[i] = elem->mac_cap_info[i]; 977 he->he_phy_cap[i] = elem->phy_cap_info[i]; 978 } 979 980 mcs_map = sta->deflink.he_cap.he_mcs_nss_supp; 981 switch (sta->deflink.bandwidth) { 982 case IEEE80211_STA_RX_BW_160: 983 if (elem->phy_cap_info[0] & 984 IEEE80211_HE_PHY_CAP0_CHANNEL_WIDTH_SET_80PLUS80_MHZ_IN_5G) 985 mt7996_mcu_set_sta_he_mcs(sta, 986 &he->max_nss_mcs[CMD_HE_MCS_BW8080], 987 le16_to_cpu(mcs_map.rx_mcs_80p80)); 988 989 mt7996_mcu_set_sta_he_mcs(sta, 990 &he->max_nss_mcs[CMD_HE_MCS_BW160], 991 le16_to_cpu(mcs_map.rx_mcs_160)); 992 fallthrough; 993 default: 994 mt7996_mcu_set_sta_he_mcs(sta, 995 &he->max_nss_mcs[CMD_HE_MCS_BW80], 996 le16_to_cpu(mcs_map.rx_mcs_80)); 997 break; 998 } 999 1000 he->pkt_ext = 2; 1001} 1002 1003static void 1004mt7996_mcu_sta_he_6g_tlv(struct sk_buff *skb, struct ieee80211_sta *sta) 1005{ 1006 struct sta_rec_he_6g_capa *he_6g; 1007 struct tlv *tlv; 1008 1009 if (!sta->deflink.he_6ghz_capa.capa) 1010 return; 1011 1012 tlv = mt76_connac_mcu_add_tlv(skb, STA_REC_HE_6G, sizeof(*he_6g)); 1013 1014 he_6g = (struct sta_rec_he_6g_capa *)tlv; 1015 he_6g->capa = sta->deflink.he_6ghz_capa.capa; 1016} 1017 1018static void 1019mt7996_mcu_sta_eht_tlv(struct sk_buff *skb, struct ieee80211_sta *sta) 1020{ 1021 struct ieee80211_eht_mcs_nss_supp *mcs_map; 1022 struct ieee80211_eht_cap_elem_fixed *elem; 1023 struct sta_rec_eht *eht; 1024 struct tlv *tlv; 1025 1026 if (!sta->deflink.eht_cap.has_eht) 1027 return; 1028 1029 mcs_map = &sta->deflink.eht_cap.eht_mcs_nss_supp; 1030 elem = &sta->deflink.eht_cap.eht_cap_elem; 1031 1032 tlv = mt76_connac_mcu_add_tlv(skb, STA_REC_EHT, sizeof(*eht)); 1033 1034 eht = (struct sta_rec_eht *)tlv; 1035 eht->tid_bitmap = 0xff; 1036 eht->mac_cap = cpu_to_le16(*(u16 *)elem->mac_cap_info); 1037 eht->phy_cap = cpu_to_le64(*(u64 *)elem->phy_cap_info); 1038 eht->phy_cap_ext = cpu_to_le64(elem->phy_cap_info[8]); 1039 1040 if (sta->deflink.bandwidth == IEEE80211_STA_RX_BW_20) 1041 memcpy(eht->mcs_map_bw20, &mcs_map->only_20mhz, sizeof(eht->mcs_map_bw20)); 1042 memcpy(eht->mcs_map_bw80, &mcs_map->bw._80, sizeof(eht->mcs_map_bw80)); 1043 memcpy(eht->mcs_map_bw160, &mcs_map->bw._160, sizeof(eht->mcs_map_bw160)); 1044 memcpy(eht->mcs_map_bw320, &mcs_map->bw._320, sizeof(eht->mcs_map_bw320)); 1045} 1046 1047static void 1048mt7996_mcu_sta_ht_tlv(struct sk_buff *skb, struct ieee80211_sta *sta) 1049{ 1050 struct sta_rec_ht *ht; 1051 struct tlv *tlv; 1052 1053 if (!sta->deflink.ht_cap.ht_supported) 1054 return; 1055 1056 tlv = mt76_connac_mcu_add_tlv(skb, STA_REC_HT, sizeof(*ht)); 1057 1058 ht = (struct sta_rec_ht *)tlv; 1059 ht->ht_cap = cpu_to_le16(sta->deflink.ht_cap.cap); 1060} 1061 1062static void 1063mt7996_mcu_sta_vht_tlv(struct sk_buff *skb, struct ieee80211_sta *sta) 1064{ 1065 struct sta_rec_vht *vht; 1066 struct tlv *tlv; 1067 1068 /* For 6G band, this tlv is necessary to let hw work normally */ 1069 if (!sta->deflink.he_6ghz_capa.capa && !sta->deflink.vht_cap.vht_supported) 1070 return; 1071 1072 tlv = mt76_connac_mcu_add_tlv(skb, STA_REC_VHT, sizeof(*vht)); 1073 1074 vht = (struct sta_rec_vht *)tlv; 1075 vht->vht_cap = cpu_to_le32(sta->deflink.vht_cap.cap); 1076 vht->vht_rx_mcs_map = sta->deflink.vht_cap.vht_mcs.rx_mcs_map; 1077 vht->vht_tx_mcs_map = sta->deflink.vht_cap.vht_mcs.tx_mcs_map; 1078} 1079 1080static void 1081mt7996_mcu_sta_amsdu_tlv(struct mt7996_dev *dev, struct sk_buff *skb, 1082 struct ieee80211_vif *vif, struct ieee80211_sta *sta) 1083{ 1084 struct mt7996_sta *msta = (struct mt7996_sta *)sta->drv_priv; 1085 struct sta_rec_amsdu *amsdu; 1086 struct tlv *tlv; 1087 1088 if (vif->type != NL80211_IFTYPE_STATION && 1089 vif->type != NL80211_IFTYPE_MESH_POINT && 1090 vif->type != NL80211_IFTYPE_AP) 1091 return; 1092 1093 if (!sta->deflink.agg.max_amsdu_len) 1094 return; 1095 1096 tlv = mt76_connac_mcu_add_tlv(skb, STA_REC_HW_AMSDU, sizeof(*amsdu)); 1097 amsdu = (struct sta_rec_amsdu *)tlv; 1098 amsdu->max_amsdu_num = 8; 1099 amsdu->amsdu_en = true; 1100 msta->wcid.amsdu = true; 1101 1102 switch (sta->deflink.agg.max_amsdu_len) { 1103 case IEEE80211_MAX_MPDU_LEN_VHT_11454: 1104 amsdu->max_mpdu_size = 1105 IEEE80211_VHT_CAP_MAX_MPDU_LENGTH_11454; 1106 return; 1107 case IEEE80211_MAX_MPDU_LEN_HT_7935: 1108 case IEEE80211_MAX_MPDU_LEN_VHT_7991: 1109 amsdu->max_mpdu_size = IEEE80211_VHT_CAP_MAX_MPDU_LENGTH_7991; 1110 return; 1111 default: 1112 amsdu->max_mpdu_size = IEEE80211_VHT_CAP_MAX_MPDU_LENGTH_3895; 1113 return; 1114 } 1115} 1116 1117static void 1118mt7996_mcu_sta_muru_tlv(struct mt7996_dev *dev, struct sk_buff *skb, 1119 struct ieee80211_vif *vif, struct ieee80211_sta *sta) 1120{ 1121 struct ieee80211_he_cap_elem *elem = &sta->deflink.he_cap.he_cap_elem; 1122 struct sta_rec_muru *muru; 1123 struct tlv *tlv; 1124 1125 if (vif->type != NL80211_IFTYPE_STATION && 1126 vif->type != NL80211_IFTYPE_AP) 1127 return; 1128 1129 tlv = mt76_connac_mcu_add_tlv(skb, STA_REC_MURU, sizeof(*muru)); 1130 1131 muru = (struct sta_rec_muru *)tlv; 1132 muru->cfg.mimo_dl_en = vif->bss_conf.eht_mu_beamformer || 1133 vif->bss_conf.he_mu_beamformer || 1134 vif->bss_conf.vht_mu_beamformer || 1135 vif->bss_conf.vht_mu_beamformee; 1136 muru->cfg.ofdma_dl_en = true; 1137 1138 if (sta->deflink.vht_cap.vht_supported) 1139 muru->mimo_dl.vht_mu_bfee = 1140 !!(sta->deflink.vht_cap.cap & IEEE80211_VHT_CAP_MU_BEAMFORMEE_CAPABLE); 1141 1142 if (!sta->deflink.he_cap.has_he) 1143 return; 1144 1145 muru->mimo_dl.partial_bw_dl_mimo = 1146 HE_PHY(CAP6_PARTIAL_BANDWIDTH_DL_MUMIMO, elem->phy_cap_info[6]); 1147 1148 muru->mimo_ul.full_ul_mimo = 1149 HE_PHY(CAP2_UL_MU_FULL_MU_MIMO, elem->phy_cap_info[2]); 1150 muru->mimo_ul.partial_ul_mimo = 1151 HE_PHY(CAP2_UL_MU_PARTIAL_MU_MIMO, elem->phy_cap_info[2]); 1152 1153 muru->ofdma_dl.punc_pream_rx = 1154 HE_PHY(CAP1_PREAMBLE_PUNC_RX_MASK, elem->phy_cap_info[1]); 1155 muru->ofdma_dl.he_20m_in_40m_2g = 1156 HE_PHY(CAP8_20MHZ_IN_40MHZ_HE_PPDU_IN_2G, elem->phy_cap_info[8]); 1157 muru->ofdma_dl.he_20m_in_160m = 1158 HE_PHY(CAP8_20MHZ_IN_160MHZ_HE_PPDU, elem->phy_cap_info[8]); 1159 muru->ofdma_dl.he_80m_in_160m = 1160 HE_PHY(CAP8_80MHZ_IN_160MHZ_HE_PPDU, elem->phy_cap_info[8]); 1161 1162 muru->ofdma_ul.t_frame_dur = 1163 HE_MAC(CAP1_TF_MAC_PAD_DUR_MASK, elem->mac_cap_info[1]); 1164 muru->ofdma_ul.mu_cascading = 1165 HE_MAC(CAP2_MU_CASCADING, elem->mac_cap_info[2]); 1166 muru->ofdma_ul.uo_ra = 1167 HE_MAC(CAP3_OFDMA_RA, elem->mac_cap_info[3]); 1168} 1169 1170static inline bool 1171mt7996_is_ebf_supported(struct mt7996_phy *phy, struct ieee80211_vif *vif, 1172 struct ieee80211_sta *sta, bool bfee) 1173{ 1174 int sts = hweight16(phy->mt76->chainmask); 1175 1176 if (vif->type != NL80211_IFTYPE_STATION && 1177 vif->type != NL80211_IFTYPE_AP) 1178 return false; 1179 1180 if (!bfee && sts < 2) 1181 return false; 1182 1183 if (sta->deflink.eht_cap.has_eht) { 1184 struct ieee80211_sta_eht_cap *pc = &sta->deflink.eht_cap; 1185 struct ieee80211_eht_cap_elem_fixed *pe = &pc->eht_cap_elem; 1186 1187 if (bfee) 1188 return vif->bss_conf.eht_su_beamformee && 1189 EHT_PHY(CAP0_SU_BEAMFORMEE, pe->phy_cap_info[0]); 1190 else 1191 return vif->bss_conf.eht_su_beamformer && 1192 EHT_PHY(CAP0_SU_BEAMFORMER, pe->phy_cap_info[0]); 1193 } 1194 1195 if (sta->deflink.he_cap.has_he) { 1196 struct ieee80211_he_cap_elem *pe = &sta->deflink.he_cap.he_cap_elem; 1197 1198 if (bfee) 1199 return vif->bss_conf.he_su_beamformee && 1200 HE_PHY(CAP3_SU_BEAMFORMER, pe->phy_cap_info[3]); 1201 else 1202 return vif->bss_conf.he_su_beamformer && 1203 HE_PHY(CAP4_SU_BEAMFORMEE, pe->phy_cap_info[4]); 1204 } 1205 1206 if (sta->deflink.vht_cap.vht_supported) { 1207 u32 cap = sta->deflink.vht_cap.cap; 1208 1209 if (bfee) 1210 return vif->bss_conf.vht_su_beamformee && 1211 (cap & IEEE80211_VHT_CAP_SU_BEAMFORMER_CAPABLE); 1212 else 1213 return vif->bss_conf.vht_su_beamformer && 1214 (cap & IEEE80211_VHT_CAP_SU_BEAMFORMEE_CAPABLE); 1215 } 1216 1217 return false; 1218} 1219 1220static void 1221mt7996_mcu_sta_sounding_rate(struct sta_rec_bf *bf) 1222{ 1223 bf->sounding_phy = MT_PHY_TYPE_OFDM; 1224 bf->ndp_rate = 0; /* mcs0 */ 1225 bf->ndpa_rate = MT7996_CFEND_RATE_DEFAULT; /* ofdm 24m */ 1226 bf->rept_poll_rate = MT7996_CFEND_RATE_DEFAULT; /* ofdm 24m */ 1227} 1228 1229static void 1230mt7996_mcu_sta_bfer_ht(struct ieee80211_sta *sta, struct mt7996_phy *phy, 1231 struct sta_rec_bf *bf) 1232{ 1233 struct ieee80211_mcs_info *mcs = &sta->deflink.ht_cap.mcs; 1234 u8 n = 0; 1235 1236 bf->tx_mode = MT_PHY_TYPE_HT; 1237 1238 if ((mcs->tx_params & IEEE80211_HT_MCS_TX_RX_DIFF) && 1239 (mcs->tx_params & IEEE80211_HT_MCS_TX_DEFINED)) 1240 n = FIELD_GET(IEEE80211_HT_MCS_TX_MAX_STREAMS_MASK, 1241 mcs->tx_params); 1242 else if (mcs->rx_mask[3]) 1243 n = 3; 1244 else if (mcs->rx_mask[2]) 1245 n = 2; 1246 else if (mcs->rx_mask[1]) 1247 n = 1; 1248 1249 bf->nrow = hweight8(phy->mt76->antenna_mask) - 1; 1250 bf->ncol = min_t(u8, bf->nrow, n); 1251 bf->ibf_ncol = n; 1252} 1253 1254static void 1255mt7996_mcu_sta_bfer_vht(struct ieee80211_sta *sta, struct mt7996_phy *phy, 1256 struct sta_rec_bf *bf, bool explicit) 1257{ 1258 struct ieee80211_sta_vht_cap *pc = &sta->deflink.vht_cap; 1259 struct ieee80211_sta_vht_cap *vc = &phy->mt76->sband_5g.sband.vht_cap; 1260 u16 mcs_map = le16_to_cpu(pc->vht_mcs.rx_mcs_map); 1261 u8 nss_mcs = mt7996_mcu_get_sta_nss(mcs_map); 1262 u8 tx_ant = hweight8(phy->mt76->antenna_mask) - 1; 1263 1264 bf->tx_mode = MT_PHY_TYPE_VHT; 1265 1266 if (explicit) { 1267 u8 sts, snd_dim; 1268 1269 mt7996_mcu_sta_sounding_rate(bf); 1270 1271 sts = FIELD_GET(IEEE80211_VHT_CAP_BEAMFORMEE_STS_MASK, 1272 pc->cap); 1273 snd_dim = FIELD_GET(IEEE80211_VHT_CAP_SOUNDING_DIMENSIONS_MASK, 1274 vc->cap); 1275 bf->nrow = min_t(u8, min_t(u8, snd_dim, sts), tx_ant); 1276 bf->ncol = min_t(u8, nss_mcs, bf->nrow); 1277 bf->ibf_ncol = bf->ncol; 1278 1279 if (sta->deflink.bandwidth == IEEE80211_STA_RX_BW_160) 1280 bf->nrow = 1; 1281 } else { 1282 bf->nrow = tx_ant; 1283 bf->ncol = min_t(u8, nss_mcs, bf->nrow); 1284 bf->ibf_ncol = nss_mcs; 1285 1286 if (sta->deflink.bandwidth == IEEE80211_STA_RX_BW_160) 1287 bf->ibf_nrow = 1; 1288 } 1289} 1290 1291static void 1292mt7996_mcu_sta_bfer_he(struct ieee80211_sta *sta, struct ieee80211_vif *vif, 1293 struct mt7996_phy *phy, struct sta_rec_bf *bf) 1294{ 1295 struct ieee80211_sta_he_cap *pc = &sta->deflink.he_cap; 1296 struct ieee80211_he_cap_elem *pe = &pc->he_cap_elem; 1297 const struct ieee80211_sta_he_cap *vc = 1298 mt76_connac_get_he_phy_cap(phy->mt76, vif); 1299 const struct ieee80211_he_cap_elem *ve = &vc->he_cap_elem; 1300 u16 mcs_map = le16_to_cpu(pc->he_mcs_nss_supp.rx_mcs_80); 1301 u8 nss_mcs = mt7996_mcu_get_sta_nss(mcs_map); 1302 u8 snd_dim, sts; 1303 1304 bf->tx_mode = MT_PHY_TYPE_HE_SU; 1305 1306 mt7996_mcu_sta_sounding_rate(bf); 1307 1308 bf->trigger_su = HE_PHY(CAP6_TRIG_SU_BEAMFORMING_FB, 1309 pe->phy_cap_info[6]); 1310 bf->trigger_mu = HE_PHY(CAP6_TRIG_MU_BEAMFORMING_PARTIAL_BW_FB, 1311 pe->phy_cap_info[6]); 1312 snd_dim = HE_PHY(CAP5_BEAMFORMEE_NUM_SND_DIM_UNDER_80MHZ_MASK, 1313 ve->phy_cap_info[5]); 1314 sts = HE_PHY(CAP4_BEAMFORMEE_MAX_STS_UNDER_80MHZ_MASK, 1315 pe->phy_cap_info[4]); 1316 bf->nrow = min_t(u8, snd_dim, sts); 1317 bf->ncol = min_t(u8, nss_mcs, bf->nrow); 1318 bf->ibf_ncol = bf->ncol; 1319 1320 if (sta->deflink.bandwidth != IEEE80211_STA_RX_BW_160) 1321 return; 1322 1323 /* go over for 160MHz and 80p80 */ 1324 if (pe->phy_cap_info[0] & 1325 IEEE80211_HE_PHY_CAP0_CHANNEL_WIDTH_SET_160MHZ_IN_5G) { 1326 mcs_map = le16_to_cpu(pc->he_mcs_nss_supp.rx_mcs_160); 1327 nss_mcs = mt7996_mcu_get_sta_nss(mcs_map); 1328 1329 bf->ncol_gt_bw80 = nss_mcs; 1330 } 1331 1332 if (pe->phy_cap_info[0] & 1333 IEEE80211_HE_PHY_CAP0_CHANNEL_WIDTH_SET_80PLUS80_MHZ_IN_5G) { 1334 mcs_map = le16_to_cpu(pc->he_mcs_nss_supp.rx_mcs_80p80); 1335 nss_mcs = mt7996_mcu_get_sta_nss(mcs_map); 1336 1337 if (bf->ncol_gt_bw80) 1338 bf->ncol_gt_bw80 = min_t(u8, bf->ncol_gt_bw80, nss_mcs); 1339 else 1340 bf->ncol_gt_bw80 = nss_mcs; 1341 } 1342 1343 snd_dim = HE_PHY(CAP5_BEAMFORMEE_NUM_SND_DIM_ABOVE_80MHZ_MASK, 1344 ve->phy_cap_info[5]); 1345 sts = HE_PHY(CAP4_BEAMFORMEE_MAX_STS_ABOVE_80MHZ_MASK, 1346 pe->phy_cap_info[4]); 1347 1348 bf->nrow_gt_bw80 = min_t(int, snd_dim, sts); 1349} 1350 1351static void 1352mt7996_mcu_sta_bfer_eht(struct ieee80211_sta *sta, struct ieee80211_vif *vif, 1353 struct mt7996_phy *phy, struct sta_rec_bf *bf) 1354{ 1355 struct ieee80211_sta_eht_cap *pc = &sta->deflink.eht_cap; 1356 struct ieee80211_eht_cap_elem_fixed *pe = &pc->eht_cap_elem; 1357 struct ieee80211_eht_mcs_nss_supp *eht_nss = &pc->eht_mcs_nss_supp; 1358 const struct ieee80211_sta_eht_cap *vc = 1359 mt76_connac_get_eht_phy_cap(phy->mt76, vif); 1360 const struct ieee80211_eht_cap_elem_fixed *ve = &vc->eht_cap_elem; 1361 u8 nss_mcs = u8_get_bits(eht_nss->bw._80.rx_tx_mcs9_max_nss, 1362 IEEE80211_EHT_MCS_NSS_RX) - 1; 1363 u8 snd_dim, sts; 1364 1365 bf->tx_mode = MT_PHY_TYPE_EHT_MU; 1366 1367 mt7996_mcu_sta_sounding_rate(bf); 1368 1369 bf->trigger_su = EHT_PHY(CAP3_TRIG_SU_BF_FDBK, pe->phy_cap_info[3]); 1370 bf->trigger_mu = EHT_PHY(CAP3_TRIG_MU_BF_PART_BW_FDBK, pe->phy_cap_info[3]); 1371 snd_dim = EHT_PHY(CAP2_SOUNDING_DIM_80MHZ_MASK, ve->phy_cap_info[2]); 1372 sts = EHT_PHY(CAP0_BEAMFORMEE_SS_80MHZ_MASK, pe->phy_cap_info[0]) + 1373 (EHT_PHY(CAP1_BEAMFORMEE_SS_80MHZ_MASK, pe->phy_cap_info[1]) << 1); 1374 bf->nrow = min_t(u8, snd_dim, sts); 1375 bf->ncol = min_t(u8, nss_mcs, bf->nrow); 1376 bf->ibf_ncol = bf->ncol; 1377 1378 if (sta->deflink.bandwidth < IEEE80211_STA_RX_BW_160) 1379 return; 1380 1381 switch (sta->deflink.bandwidth) { 1382 case IEEE80211_STA_RX_BW_160: 1383 snd_dim = EHT_PHY(CAP2_SOUNDING_DIM_160MHZ_MASK, ve->phy_cap_info[2]); 1384 sts = EHT_PHY(CAP1_BEAMFORMEE_SS_160MHZ_MASK, pe->phy_cap_info[1]); 1385 nss_mcs = u8_get_bits(eht_nss->bw._160.rx_tx_mcs9_max_nss, 1386 IEEE80211_EHT_MCS_NSS_RX) - 1; 1387 1388 bf->nrow_gt_bw80 = min_t(u8, snd_dim, sts); 1389 bf->ncol_gt_bw80 = nss_mcs; 1390 break; 1391 case IEEE80211_STA_RX_BW_320: 1392 snd_dim = EHT_PHY(CAP2_SOUNDING_DIM_320MHZ_MASK, ve->phy_cap_info[2]) + 1393 (EHT_PHY(CAP3_SOUNDING_DIM_320MHZ_MASK, 1394 ve->phy_cap_info[3]) << 1); 1395 sts = EHT_PHY(CAP1_BEAMFORMEE_SS_320MHZ_MASK, pe->phy_cap_info[1]); 1396 nss_mcs = u8_get_bits(eht_nss->bw._320.rx_tx_mcs9_max_nss, 1397 IEEE80211_EHT_MCS_NSS_RX) - 1; 1398 1399 bf->nrow_gt_bw80 = min_t(u8, snd_dim, sts) << 4; 1400 bf->ncol_gt_bw80 = nss_mcs << 4; 1401 break; 1402 default: 1403 break; 1404 } 1405} 1406 1407static void 1408mt7996_mcu_sta_bfer_tlv(struct mt7996_dev *dev, struct sk_buff *skb, 1409 struct ieee80211_vif *vif, struct ieee80211_sta *sta) 1410{ 1411 struct mt7996_vif *mvif = (struct mt7996_vif *)vif->drv_priv; 1412 struct mt7996_phy *phy = mvif->phy; 1413 int tx_ant = hweight8(phy->mt76->chainmask) - 1; 1414 struct sta_rec_bf *bf; 1415 struct tlv *tlv; 1416 const u8 matrix[4][4] = { 1417 {0, 0, 0, 0}, 1418 {1, 1, 0, 0}, /* 2x1, 2x2, 2x3, 2x4 */ 1419 {2, 4, 4, 0}, /* 3x1, 3x2, 3x3, 3x4 */ 1420 {3, 5, 6, 0} /* 4x1, 4x2, 4x3, 4x4 */ 1421 }; 1422 bool ebf; 1423 1424 if (!(sta->deflink.ht_cap.ht_supported || sta->deflink.he_cap.has_he)) 1425 return; 1426 1427 ebf = mt7996_is_ebf_supported(phy, vif, sta, false); 1428 if (!ebf && !dev->ibf) 1429 return; 1430 1431 tlv = mt76_connac_mcu_add_tlv(skb, STA_REC_BF, sizeof(*bf)); 1432 bf = (struct sta_rec_bf *)tlv; 1433 1434 /* he/eht: eBF only, in accordance with spec 1435 * vht: support eBF and iBF 1436 * ht: iBF only, since mac80211 lacks of eBF support 1437 */ 1438 if (sta->deflink.eht_cap.has_eht && ebf) 1439 mt7996_mcu_sta_bfer_eht(sta, vif, phy, bf); 1440 else if (sta->deflink.he_cap.has_he && ebf) 1441 mt7996_mcu_sta_bfer_he(sta, vif, phy, bf); 1442 else if (sta->deflink.vht_cap.vht_supported) 1443 mt7996_mcu_sta_bfer_vht(sta, phy, bf, ebf); 1444 else if (sta->deflink.ht_cap.ht_supported) 1445 mt7996_mcu_sta_bfer_ht(sta, phy, bf); 1446 else 1447 return; 1448 1449 bf->bf_cap = ebf ? ebf : dev->ibf << 1; 1450 bf->bw = sta->deflink.bandwidth; 1451 bf->ibf_dbw = sta->deflink.bandwidth; 1452 bf->ibf_nrow = tx_ant; 1453 1454 if (!ebf && sta->deflink.bandwidth <= IEEE80211_STA_RX_BW_40 && !bf->ncol) 1455 bf->ibf_timeout = 0x48; 1456 else 1457 bf->ibf_timeout = 0x18; 1458 1459 if (ebf && bf->nrow != tx_ant) 1460 bf->mem_20m = matrix[tx_ant][bf->ncol]; 1461 else 1462 bf->mem_20m = matrix[bf->nrow][bf->ncol]; 1463 1464 switch (sta->deflink.bandwidth) { 1465 case IEEE80211_STA_RX_BW_160: 1466 case IEEE80211_STA_RX_BW_80: 1467 bf->mem_total = bf->mem_20m * 2; 1468 break; 1469 case IEEE80211_STA_RX_BW_40: 1470 bf->mem_total = bf->mem_20m; 1471 break; 1472 case IEEE80211_STA_RX_BW_20: 1473 default: 1474 break; 1475 } 1476} 1477 1478static void 1479mt7996_mcu_sta_bfee_tlv(struct mt7996_dev *dev, struct sk_buff *skb, 1480 struct ieee80211_vif *vif, struct ieee80211_sta *sta) 1481{ 1482 struct mt7996_vif *mvif = (struct mt7996_vif *)vif->drv_priv; 1483 struct mt7996_phy *phy = mvif->phy; 1484 int tx_ant = hweight8(phy->mt76->antenna_mask) - 1; 1485 struct sta_rec_bfee *bfee; 1486 struct tlv *tlv; 1487 u8 nrow = 0; 1488 1489 if (!(sta->deflink.vht_cap.vht_supported || sta->deflink.he_cap.has_he)) 1490 return; 1491 1492 if (!mt7996_is_ebf_supported(phy, vif, sta, true)) 1493 return; 1494 1495 tlv = mt76_connac_mcu_add_tlv(skb, STA_REC_BFEE, sizeof(*bfee)); 1496 bfee = (struct sta_rec_bfee *)tlv; 1497 1498 if (sta->deflink.he_cap.has_he) { 1499 struct ieee80211_he_cap_elem *pe = &sta->deflink.he_cap.he_cap_elem; 1500 1501 nrow = HE_PHY(CAP5_BEAMFORMEE_NUM_SND_DIM_UNDER_80MHZ_MASK, 1502 pe->phy_cap_info[5]); 1503 } else if (sta->deflink.vht_cap.vht_supported) { 1504 struct ieee80211_sta_vht_cap *pc = &sta->deflink.vht_cap; 1505 1506 nrow = FIELD_GET(IEEE80211_VHT_CAP_SOUNDING_DIMENSIONS_MASK, 1507 pc->cap); 1508 } 1509 1510 /* reply with identity matrix to avoid 2x2 BF negative gain */ 1511 bfee->fb_identity_matrix = (nrow == 1 && tx_ant == 2); 1512} 1513 1514static void 1515mt7996_mcu_sta_phy_tlv(struct mt7996_dev *dev, struct sk_buff *skb, 1516 struct ieee80211_vif *vif, struct ieee80211_sta *sta) 1517{ 1518 struct sta_rec_phy *phy; 1519 struct tlv *tlv; 1520 u8 af = 0, mm = 0; 1521 1522 if (!sta->deflink.ht_cap.ht_supported && !sta->deflink.he_6ghz_capa.capa) 1523 return; 1524 1525 tlv = mt76_connac_mcu_add_tlv(skb, STA_REC_PHY, sizeof(*phy)); 1526 1527 phy = (struct sta_rec_phy *)tlv; 1528 if (sta->deflink.ht_cap.ht_supported) { 1529 af = sta->deflink.ht_cap.ampdu_factor; 1530 mm = sta->deflink.ht_cap.ampdu_density; 1531 } 1532 1533 if (sta->deflink.vht_cap.vht_supported) { 1534 u8 vht_af = FIELD_GET(IEEE80211_VHT_CAP_MAX_A_MPDU_LENGTH_EXPONENT_MASK, 1535 sta->deflink.vht_cap.cap); 1536 1537 af = max_t(u8, af, vht_af); 1538 } 1539 1540 if (sta->deflink.he_6ghz_capa.capa) { 1541 af = le16_get_bits(sta->deflink.he_6ghz_capa.capa, 1542 IEEE80211_HE_6GHZ_CAP_MAX_AMPDU_LEN_EXP); 1543 mm = le16_get_bits(sta->deflink.he_6ghz_capa.capa, 1544 IEEE80211_HE_6GHZ_CAP_MIN_MPDU_START); 1545 } 1546 1547 phy->ampdu = FIELD_PREP(IEEE80211_HT_AMPDU_PARM_FACTOR, af) | 1548 FIELD_PREP(IEEE80211_HT_AMPDU_PARM_DENSITY, mm); 1549 phy->max_ampdu_len = af; 1550} 1551 1552static void 1553mt7996_mcu_sta_hdrt_tlv(struct mt7996_dev *dev, struct sk_buff *skb) 1554{ 1555 struct sta_rec_hdrt *hdrt; 1556 struct tlv *tlv; 1557 1558 tlv = mt76_connac_mcu_add_tlv(skb, STA_REC_HDRT, sizeof(*hdrt)); 1559 1560 hdrt = (struct sta_rec_hdrt *)tlv; 1561 hdrt->hdrt_mode = 1; 1562} 1563 1564static void 1565mt7996_mcu_sta_hdr_trans_tlv(struct mt7996_dev *dev, struct sk_buff *skb, 1566 struct ieee80211_vif *vif, 1567 struct ieee80211_sta *sta) 1568{ 1569 struct sta_rec_hdr_trans *hdr_trans; 1570 struct mt76_wcid *wcid; 1571 struct tlv *tlv; 1572 1573 tlv = mt76_connac_mcu_add_tlv(skb, STA_REC_HDR_TRANS, sizeof(*hdr_trans)); 1574 hdr_trans = (struct sta_rec_hdr_trans *)tlv; 1575 hdr_trans->dis_rx_hdr_tran = true; 1576 1577 if (vif->type == NL80211_IFTYPE_STATION) 1578 hdr_trans->to_ds = true; 1579 else 1580 hdr_trans->from_ds = true; 1581 1582 wcid = (struct mt76_wcid *)sta->drv_priv; 1583 if (!wcid) 1584 return; 1585 1586 hdr_trans->dis_rx_hdr_tran = !test_bit(MT_WCID_FLAG_HDR_TRANS, &wcid->flags); 1587 if (test_bit(MT_WCID_FLAG_4ADDR, &wcid->flags)) { 1588 hdr_trans->to_ds = true; 1589 hdr_trans->from_ds = true; 1590 } 1591 1592 if (vif->type == NL80211_IFTYPE_MESH_POINT) { 1593 hdr_trans->to_ds = true; 1594 hdr_trans->from_ds = true; 1595 hdr_trans->mesh = true; 1596 } 1597} 1598 1599static enum mcu_mmps_mode 1600mt7996_mcu_get_mmps_mode(enum ieee80211_smps_mode smps) 1601{ 1602 switch (smps) { 1603 case IEEE80211_SMPS_OFF: 1604 return MCU_MMPS_DISABLE; 1605 case IEEE80211_SMPS_STATIC: 1606 return MCU_MMPS_STATIC; 1607 case IEEE80211_SMPS_DYNAMIC: 1608 return MCU_MMPS_DYNAMIC; 1609 default: 1610 return MCU_MMPS_DISABLE; 1611 } 1612} 1613 1614int mt7996_mcu_set_fixed_rate_ctrl(struct mt7996_dev *dev, 1615 void *data, u16 version) 1616{ 1617 struct ra_fixed_rate *req; 1618 struct uni_header hdr; 1619 struct sk_buff *skb; 1620 struct tlv *tlv; 1621 int len; 1622 1623 len = sizeof(hdr) + sizeof(*req); 1624 1625 skb = mt76_mcu_msg_alloc(&dev->mt76, NULL, len); 1626 if (!skb) 1627 return -ENOMEM; 1628 1629 skb_put_data(skb, &hdr, sizeof(hdr)); 1630 1631 tlv = mt7996_mcu_add_uni_tlv(skb, UNI_RA_FIXED_RATE, sizeof(*req)); 1632 req = (struct ra_fixed_rate *)tlv; 1633 req->version = cpu_to_le16(version); 1634 memcpy(&req->rate, data, sizeof(req->rate)); 1635 1636 return mt76_mcu_skb_send_msg(&dev->mt76, skb, 1637 MCU_WM_UNI_CMD(RA), true); 1638} 1639 1640static void 1641mt7996_mcu_sta_rate_ctrl_tlv(struct sk_buff *skb, struct mt7996_dev *dev, 1642 struct ieee80211_vif *vif, struct ieee80211_sta *sta) 1643{ 1644 struct mt7996_vif *mvif = (struct mt7996_vif *)vif->drv_priv; 1645 struct mt76_phy *mphy = mvif->phy->mt76; 1646 struct cfg80211_chan_def *chandef = &mphy->chandef; 1647 struct cfg80211_bitrate_mask *mask = &mvif->bitrate_mask; 1648 enum nl80211_band band = chandef->chan->band; 1649 struct sta_rec_ra *ra; 1650 struct tlv *tlv; 1651 u32 supp_rate = sta->deflink.supp_rates[band]; 1652 u32 cap = sta->wme ? STA_CAP_WMM : 0; 1653 1654 tlv = mt76_connac_mcu_add_tlv(skb, STA_REC_RA, sizeof(*ra)); 1655 ra = (struct sta_rec_ra *)tlv; 1656 1657 ra->valid = true; 1658 ra->auto_rate = true; 1659 ra->phy_mode = mt76_connac_get_phy_mode(mphy, vif, band, sta); 1660 ra->channel = chandef->chan->hw_value; 1661 ra->bw = (sta->deflink.bandwidth == IEEE80211_STA_RX_BW_320) ? 1662 CMD_CBW_320MHZ : sta->deflink.bandwidth; 1663 ra->phy.bw = ra->bw; 1664 ra->mmps_mode = mt7996_mcu_get_mmps_mode(sta->deflink.smps_mode); 1665 1666 if (supp_rate) { 1667 supp_rate &= mask->control[band].legacy; 1668 ra->rate_len = hweight32(supp_rate); 1669 1670 if (band == NL80211_BAND_2GHZ) { 1671 ra->supp_mode = MODE_CCK; 1672 ra->supp_cck_rate = supp_rate & GENMASK(3, 0); 1673 1674 if (ra->rate_len > 4) { 1675 ra->supp_mode |= MODE_OFDM; 1676 ra->supp_ofdm_rate = supp_rate >> 4; 1677 } 1678 } else { 1679 ra->supp_mode = MODE_OFDM; 1680 ra->supp_ofdm_rate = supp_rate; 1681 } 1682 } 1683 1684 if (sta->deflink.ht_cap.ht_supported) { 1685 ra->supp_mode |= MODE_HT; 1686 ra->af = sta->deflink.ht_cap.ampdu_factor; 1687 ra->ht_gf = !!(sta->deflink.ht_cap.cap & IEEE80211_HT_CAP_GRN_FLD); 1688 1689 cap |= STA_CAP_HT; 1690 if (sta->deflink.ht_cap.cap & IEEE80211_HT_CAP_SGI_20) 1691 cap |= STA_CAP_SGI_20; 1692 if (sta->deflink.ht_cap.cap & IEEE80211_HT_CAP_SGI_40) 1693 cap |= STA_CAP_SGI_40; 1694 if (sta->deflink.ht_cap.cap & IEEE80211_HT_CAP_TX_STBC) 1695 cap |= STA_CAP_TX_STBC; 1696 if (sta->deflink.ht_cap.cap & IEEE80211_HT_CAP_RX_STBC) 1697 cap |= STA_CAP_RX_STBC; 1698 if (vif->bss_conf.ht_ldpc && 1699 (sta->deflink.ht_cap.cap & IEEE80211_HT_CAP_LDPC_CODING)) 1700 cap |= STA_CAP_LDPC; 1701 1702 mt7996_mcu_set_sta_ht_mcs(sta, ra->ht_mcs, 1703 mask->control[band].ht_mcs); 1704 ra->supp_ht_mcs = *(__le32 *)ra->ht_mcs; 1705 } 1706 1707 if (sta->deflink.vht_cap.vht_supported) { 1708 u8 af; 1709 1710 ra->supp_mode |= MODE_VHT; 1711 af = FIELD_GET(IEEE80211_VHT_CAP_MAX_A_MPDU_LENGTH_EXPONENT_MASK, 1712 sta->deflink.vht_cap.cap); 1713 ra->af = max_t(u8, ra->af, af); 1714 1715 cap |= STA_CAP_VHT; 1716 if (sta->deflink.vht_cap.cap & IEEE80211_VHT_CAP_SHORT_GI_80) 1717 cap |= STA_CAP_VHT_SGI_80; 1718 if (sta->deflink.vht_cap.cap & IEEE80211_VHT_CAP_SHORT_GI_160) 1719 cap |= STA_CAP_VHT_SGI_160; 1720 if (sta->deflink.vht_cap.cap & IEEE80211_VHT_CAP_TXSTBC) 1721 cap |= STA_CAP_VHT_TX_STBC; 1722 if (sta->deflink.vht_cap.cap & IEEE80211_VHT_CAP_RXSTBC_1) 1723 cap |= STA_CAP_VHT_RX_STBC; 1724 if (vif->bss_conf.vht_ldpc && 1725 (sta->deflink.vht_cap.cap & IEEE80211_VHT_CAP_RXLDPC)) 1726 cap |= STA_CAP_VHT_LDPC; 1727 1728 mt7996_mcu_set_sta_vht_mcs(sta, ra->supp_vht_mcs, 1729 mask->control[band].vht_mcs); 1730 } 1731 1732 if (sta->deflink.he_cap.has_he) { 1733 ra->supp_mode |= MODE_HE; 1734 cap |= STA_CAP_HE; 1735 1736 if (sta->deflink.he_6ghz_capa.capa) 1737 ra->af = le16_get_bits(sta->deflink.he_6ghz_capa.capa, 1738 IEEE80211_HE_6GHZ_CAP_MAX_AMPDU_LEN_EXP); 1739 } 1740 ra->sta_cap = cpu_to_le32(cap); 1741} 1742 1743int mt7996_mcu_add_rate_ctrl(struct mt7996_dev *dev, struct ieee80211_vif *vif, 1744 struct ieee80211_sta *sta, bool changed) 1745{ 1746 struct mt7996_vif *mvif = (struct mt7996_vif *)vif->drv_priv; 1747 struct mt7996_sta *msta = (struct mt7996_sta *)sta->drv_priv; 1748 struct sk_buff *skb; 1749 1750 skb = __mt76_connac_mcu_alloc_sta_req(&dev->mt76, &mvif->mt76, 1751 &msta->wcid, 1752 MT7996_STA_UPDATE_MAX_SIZE); 1753 if (IS_ERR(skb)) 1754 return PTR_ERR(skb); 1755 1756 /* firmware rc algorithm refers to sta_rec_he for HE control. 1757 * once dev->rc_work changes the settings driver should also 1758 * update sta_rec_he here. 1759 */ 1760 if (changed) 1761 mt7996_mcu_sta_he_tlv(skb, sta); 1762 1763 /* sta_rec_ra accommodates BW, NSS and only MCS range format 1764 * i.e 0-{7,8,9} for VHT. 1765 */ 1766 mt7996_mcu_sta_rate_ctrl_tlv(skb, dev, vif, sta); 1767 1768 return mt76_mcu_skb_send_msg(&dev->mt76, skb, 1769 MCU_WMWA_UNI_CMD(STA_REC_UPDATE), true); 1770} 1771 1772static int 1773mt7996_mcu_add_group(struct mt7996_dev *dev, struct ieee80211_vif *vif, 1774 struct ieee80211_sta *sta) 1775{ 1776#define MT_STA_BSS_GROUP 1 1777 struct mt7996_vif *mvif = (struct mt7996_vif *)vif->drv_priv; 1778 struct mt7996_sta *msta; 1779 struct { 1780 u8 __rsv1[4]; 1781 1782 __le16 tag; 1783 __le16 len; 1784 __le16 wlan_idx; 1785 u8 __rsv2[2]; 1786 __le32 action; 1787 __le32 val; 1788 u8 __rsv3[8]; 1789 } __packed req = { 1790 .tag = cpu_to_le16(UNI_VOW_DRR_CTRL), 1791 .len = cpu_to_le16(sizeof(req) - 4), 1792 .action = cpu_to_le32(MT_STA_BSS_GROUP), 1793 .val = cpu_to_le32(mvif->mt76.idx % 16), 1794 }; 1795 1796 msta = sta ? (struct mt7996_sta *)sta->drv_priv : &mvif->sta; 1797 req.wlan_idx = cpu_to_le16(msta->wcid.idx); 1798 1799 return mt76_mcu_send_msg(&dev->mt76, MCU_WM_UNI_CMD(VOW), &req, 1800 sizeof(req), true); 1801} 1802 1803int mt7996_mcu_add_sta(struct mt7996_dev *dev, struct ieee80211_vif *vif, 1804 struct ieee80211_sta *sta, bool enable) 1805{ 1806 struct mt7996_vif *mvif = (struct mt7996_vif *)vif->drv_priv; 1807 struct mt7996_sta *msta; 1808 struct sk_buff *skb; 1809 int ret; 1810 1811 msta = sta ? (struct mt7996_sta *)sta->drv_priv : &mvif->sta; 1812 1813 skb = __mt76_connac_mcu_alloc_sta_req(&dev->mt76, &mvif->mt76, 1814 &msta->wcid, 1815 MT7996_STA_UPDATE_MAX_SIZE); 1816 if (IS_ERR(skb)) 1817 return PTR_ERR(skb); 1818 1819 /* starec basic */ 1820 mt76_connac_mcu_sta_basic_tlv(&dev->mt76, skb, vif, sta, enable, 1821 !rcu_access_pointer(dev->mt76.wcid[msta->wcid.idx])); 1822 if (!enable) 1823 goto out; 1824 1825 /* tag order is in accordance with firmware dependency. */ 1826 if (sta) { 1827 /* starec phy */ 1828 mt7996_mcu_sta_phy_tlv(dev, skb, vif, sta); 1829 /* starec hdrt mode */ 1830 mt7996_mcu_sta_hdrt_tlv(dev, skb); 1831 /* starec bfer */ 1832 mt7996_mcu_sta_bfer_tlv(dev, skb, vif, sta); 1833 /* starec ht */ 1834 mt7996_mcu_sta_ht_tlv(skb, sta); 1835 /* starec vht */ 1836 mt7996_mcu_sta_vht_tlv(skb, sta); 1837 /* starec uapsd */ 1838 mt76_connac_mcu_sta_uapsd(skb, vif, sta); 1839 /* starec amsdu */ 1840 mt7996_mcu_sta_amsdu_tlv(dev, skb, vif, sta); 1841 /* starec he */ 1842 mt7996_mcu_sta_he_tlv(skb, sta); 1843 /* starec he 6g*/ 1844 mt7996_mcu_sta_he_6g_tlv(skb, sta); 1845 /* starec eht */ 1846 mt7996_mcu_sta_eht_tlv(skb, sta); 1847 /* starec muru */ 1848 mt7996_mcu_sta_muru_tlv(dev, skb, vif, sta); 1849 /* starec bfee */ 1850 mt7996_mcu_sta_bfee_tlv(dev, skb, vif, sta); 1851 /* starec hdr trans */ 1852 mt7996_mcu_sta_hdr_trans_tlv(dev, skb, vif, sta); 1853 } 1854 1855 ret = mt7996_mcu_add_group(dev, vif, sta); 1856 if (ret) { 1857 dev_kfree_skb(skb); 1858 return ret; 1859 } 1860out: 1861 return mt76_mcu_skb_send_msg(&dev->mt76, skb, 1862 MCU_WMWA_UNI_CMD(STA_REC_UPDATE), true); 1863} 1864 1865static int 1866mt7996_mcu_sta_key_tlv(struct mt76_wcid *wcid, 1867 struct mt76_connac_sta_key_conf *sta_key_conf, 1868 struct sk_buff *skb, 1869 struct ieee80211_key_conf *key, 1870 enum set_key_cmd cmd) 1871{ 1872 struct sta_rec_sec_uni *sec; 1873 struct tlv *tlv; 1874 1875 tlv = mt76_connac_mcu_add_tlv(skb, STA_REC_KEY_V2, sizeof(*sec)); 1876 sec = (struct sta_rec_sec_uni *)tlv; 1877 sec->add = cmd; 1878 1879 if (cmd == SET_KEY) { 1880 struct sec_key_uni *sec_key; 1881 u8 cipher; 1882 1883 cipher = mt76_connac_mcu_get_cipher(key->cipher); 1884 if (cipher == MCU_CIPHER_NONE) 1885 return -EOPNOTSUPP; 1886 1887 sec_key = &sec->key[0]; 1888 sec_key->cipher_len = sizeof(*sec_key); 1889 1890 if (cipher == MCU_CIPHER_BIP_CMAC_128) { 1891 sec_key->wlan_idx = cpu_to_le16(wcid->idx); 1892 sec_key->cipher_id = MCU_CIPHER_AES_CCMP; 1893 sec_key->key_id = sta_key_conf->keyidx; 1894 sec_key->key_len = 16; 1895 memcpy(sec_key->key, sta_key_conf->key, 16); 1896 1897 sec_key = &sec->key[1]; 1898 sec_key->wlan_idx = cpu_to_le16(wcid->idx); 1899 sec_key->cipher_id = MCU_CIPHER_BIP_CMAC_128; 1900 sec_key->cipher_len = sizeof(*sec_key); 1901 sec_key->key_len = 16; 1902 memcpy(sec_key->key, key->key, 16); 1903 sec->n_cipher = 2; 1904 } else { 1905 sec_key->wlan_idx = cpu_to_le16(wcid->idx); 1906 sec_key->cipher_id = cipher; 1907 sec_key->key_id = key->keyidx; 1908 sec_key->key_len = key->keylen; 1909 memcpy(sec_key->key, key->key, key->keylen); 1910 1911 if (cipher == MCU_CIPHER_TKIP) { 1912 /* Rx/Tx MIC keys are swapped */ 1913 memcpy(sec_key->key + 16, key->key + 24, 8); 1914 memcpy(sec_key->key + 24, key->key + 16, 8); 1915 } 1916 1917 /* store key_conf for BIP batch update */ 1918 if (cipher == MCU_CIPHER_AES_CCMP) { 1919 memcpy(sta_key_conf->key, key->key, key->keylen); 1920 sta_key_conf->keyidx = key->keyidx; 1921 } 1922 1923 sec->n_cipher = 1; 1924 } 1925 } else { 1926 sec->n_cipher = 0; 1927 } 1928 1929 return 0; 1930} 1931 1932int mt7996_mcu_add_key(struct mt76_dev *dev, struct ieee80211_vif *vif, 1933 struct mt76_connac_sta_key_conf *sta_key_conf, 1934 struct ieee80211_key_conf *key, int mcu_cmd, 1935 struct mt76_wcid *wcid, enum set_key_cmd cmd) 1936{ 1937 struct mt76_vif *mvif = (struct mt76_vif *)vif->drv_priv; 1938 struct sk_buff *skb; 1939 int ret; 1940 1941 skb = __mt76_connac_mcu_alloc_sta_req(dev, mvif, wcid, 1942 MT7996_STA_UPDATE_MAX_SIZE); 1943 if (IS_ERR(skb)) 1944 return PTR_ERR(skb); 1945 1946 ret = mt7996_mcu_sta_key_tlv(wcid, sta_key_conf, skb, key, cmd); 1947 if (ret) 1948 return ret; 1949 1950 return mt76_mcu_skb_send_msg(dev, skb, mcu_cmd, true); 1951} 1952 1953int mt7996_mcu_add_dev_info(struct mt7996_phy *phy, 1954 struct ieee80211_vif *vif, bool enable) 1955{ 1956 struct mt7996_dev *dev = phy->dev; 1957 struct mt7996_vif *mvif = (struct mt7996_vif *)vif->drv_priv; 1958 struct { 1959 struct req_hdr { 1960 u8 omac_idx; 1961 u8 band_idx; 1962 u8 __rsv[2]; 1963 } __packed hdr; 1964 struct req_tlv { 1965 __le16 tag; 1966 __le16 len; 1967 u8 active; 1968 u8 __rsv; 1969 u8 omac_addr[ETH_ALEN]; 1970 } __packed tlv; 1971 } data = { 1972 .hdr = { 1973 .omac_idx = mvif->mt76.omac_idx, 1974 .band_idx = mvif->mt76.band_idx, 1975 }, 1976 .tlv = { 1977 .tag = cpu_to_le16(DEV_INFO_ACTIVE), 1978 .len = cpu_to_le16(sizeof(struct req_tlv)), 1979 .active = enable, 1980 }, 1981 }; 1982 1983 if (mvif->mt76.omac_idx >= REPEATER_BSSID_START) 1984 return mt7996_mcu_muar_config(phy, vif, false, enable); 1985 1986 memcpy(data.tlv.omac_addr, vif->addr, ETH_ALEN); 1987 return mt76_mcu_send_msg(&dev->mt76, MCU_WMWA_UNI_CMD(DEV_INFO_UPDATE), 1988 &data, sizeof(data), true); 1989} 1990 1991static void 1992mt7996_mcu_beacon_cntdwn(struct ieee80211_vif *vif, struct sk_buff *rskb, 1993 struct sk_buff *skb, 1994 struct ieee80211_mutable_offsets *offs) 1995{ 1996 struct bss_bcn_cntdwn_tlv *info; 1997 struct tlv *tlv; 1998 u16 tag; 1999 2000 if (!offs->cntdwn_counter_offs[0]) 2001 return; 2002 2003 tag = vif->bss_conf.csa_active ? UNI_BSS_INFO_BCN_CSA : UNI_BSS_INFO_BCN_BCC; 2004 2005 tlv = mt7996_mcu_add_uni_tlv(rskb, tag, sizeof(*info)); 2006 2007 info = (struct bss_bcn_cntdwn_tlv *)tlv; 2008 info->cnt = skb->data[offs->cntdwn_counter_offs[0]]; 2009} 2010 2011static void 2012mt7996_mcu_beacon_cont(struct mt7996_dev *dev, struct ieee80211_vif *vif, 2013 struct sk_buff *rskb, struct sk_buff *skb, 2014 struct bss_bcn_content_tlv *bcn, 2015 struct ieee80211_mutable_offsets *offs) 2016{ 2017 struct mt76_wcid *wcid = &dev->mt76.global_wcid; 2018 u8 *buf; 2019 2020 bcn->pkt_len = cpu_to_le16(MT_TXD_SIZE + skb->len); 2021 bcn->tim_ie_pos = cpu_to_le16(offs->tim_offset); 2022 2023 if (offs->cntdwn_counter_offs[0]) { 2024 u16 offset = offs->cntdwn_counter_offs[0]; 2025 2026 if (vif->bss_conf.csa_active) 2027 bcn->csa_ie_pos = cpu_to_le16(offset - 4); 2028 if (vif->bss_conf.color_change_active) 2029 bcn->bcc_ie_pos = cpu_to_le16(offset - 3); 2030 } 2031 2032 buf = (u8 *)bcn + sizeof(*bcn) - MAX_BEACON_SIZE; 2033 mt7996_mac_write_txwi(dev, (__le32 *)buf, skb, wcid, NULL, 0, 0, 2034 BSS_CHANGED_BEACON); 2035 2036 memcpy(buf + MT_TXD_SIZE, skb->data, skb->len); 2037} 2038 2039int mt7996_mcu_add_beacon(struct ieee80211_hw *hw, 2040 struct ieee80211_vif *vif, int en) 2041{ 2042 struct mt7996_dev *dev = mt7996_hw_dev(hw); 2043 struct mt7996_phy *phy = mt7996_hw_phy(hw); 2044 struct mt7996_vif *mvif = (struct mt7996_vif *)vif->drv_priv; 2045 struct ieee80211_mutable_offsets offs; 2046 struct ieee80211_tx_info *info; 2047 struct sk_buff *skb, *rskb; 2048 struct tlv *tlv; 2049 struct bss_bcn_content_tlv *bcn; 2050 2051 rskb = __mt7996_mcu_alloc_bss_req(&dev->mt76, &mvif->mt76, 2052 MT7996_BEACON_UPDATE_SIZE); 2053 if (IS_ERR(rskb)) 2054 return PTR_ERR(rskb); 2055 2056 tlv = mt7996_mcu_add_uni_tlv(rskb, 2057 UNI_BSS_INFO_BCN_CONTENT, sizeof(*bcn)); 2058 bcn = (struct bss_bcn_content_tlv *)tlv; 2059 bcn->enable = en; 2060 2061 if (!en) 2062 goto out; 2063 2064 skb = ieee80211_beacon_get_template(hw, vif, &offs, 0); 2065 if (!skb) 2066 return -EINVAL; 2067 2068 if (skb->len > MAX_BEACON_SIZE - MT_TXD_SIZE) { 2069 dev_err(dev->mt76.dev, "Bcn size limit exceed\n"); 2070 dev_kfree_skb(skb); 2071 return -EINVAL; 2072 } 2073 2074 info = IEEE80211_SKB_CB(skb); 2075 info->hw_queue |= FIELD_PREP(MT_TX_HW_QUEUE_PHY, phy->mt76->band_idx); 2076 2077 mt7996_mcu_beacon_cont(dev, vif, rskb, skb, bcn, &offs); 2078 /* TODO: subtag - 11v MBSSID */ 2079 mt7996_mcu_beacon_cntdwn(vif, rskb, skb, &offs); 2080 dev_kfree_skb(skb); 2081out: 2082 return mt76_mcu_skb_send_msg(&phy->dev->mt76, rskb, 2083 MCU_WMWA_UNI_CMD(BSS_INFO_UPDATE), true); 2084} 2085 2086int mt7996_mcu_beacon_inband_discov(struct mt7996_dev *dev, 2087 struct ieee80211_vif *vif, u32 changed) 2088{ 2089#define OFFLOAD_TX_MODE_SU BIT(0) 2090#define OFFLOAD_TX_MODE_MU BIT(1) 2091 struct ieee80211_hw *hw = mt76_hw(dev); 2092 struct mt7996_phy *phy = mt7996_hw_phy(hw); 2093 struct mt7996_vif *mvif = (struct mt7996_vif *)vif->drv_priv; 2094 struct cfg80211_chan_def *chandef = &mvif->phy->mt76->chandef; 2095 enum nl80211_band band = chandef->chan->band; 2096 struct mt76_wcid *wcid = &dev->mt76.global_wcid; 2097 struct bss_inband_discovery_tlv *discov; 2098 struct ieee80211_tx_info *info; 2099 struct sk_buff *rskb, *skb = NULL; 2100 struct tlv *tlv; 2101 u8 *buf, interval; 2102 2103 rskb = __mt7996_mcu_alloc_bss_req(&dev->mt76, &mvif->mt76, 2104 MT7996_INBAND_FRAME_SIZE); 2105 if (IS_ERR(rskb)) 2106 return PTR_ERR(rskb); 2107 2108 if (changed & BSS_CHANGED_FILS_DISCOVERY && 2109 vif->bss_conf.fils_discovery.max_interval) { 2110 interval = vif->bss_conf.fils_discovery.max_interval; 2111 skb = ieee80211_get_fils_discovery_tmpl(hw, vif); 2112 } else if (changed & BSS_CHANGED_UNSOL_BCAST_PROBE_RESP && 2113 vif->bss_conf.unsol_bcast_probe_resp_interval) { 2114 interval = vif->bss_conf.unsol_bcast_probe_resp_interval; 2115 skb = ieee80211_get_unsol_bcast_probe_resp_tmpl(hw, vif); 2116 } 2117 2118 if (!skb) 2119 return -EINVAL; 2120 2121 if (skb->len > MAX_INBAND_FRAME_SIZE - MT_TXD_SIZE) { 2122 dev_err(dev->mt76.dev, "inband discovery size limit exceed\n"); 2123 dev_kfree_skb(skb); 2124 return -EINVAL; 2125 } 2126 2127 info = IEEE80211_SKB_CB(skb); 2128 info->control.vif = vif; 2129 info->band = band; 2130 info->hw_queue |= FIELD_PREP(MT_TX_HW_QUEUE_PHY, phy->mt76->band_idx); 2131 2132 tlv = mt7996_mcu_add_uni_tlv(rskb, UNI_BSS_INFO_OFFLOAD, sizeof(*discov)); 2133 2134 discov = (struct bss_inband_discovery_tlv *)tlv; 2135 discov->tx_mode = OFFLOAD_TX_MODE_SU; 2136 /* 0: UNSOL PROBE RESP, 1: FILS DISCOV */ 2137 discov->tx_type = !!(changed & BSS_CHANGED_FILS_DISCOVERY); 2138 discov->tx_interval = interval; 2139 discov->prob_rsp_len = cpu_to_le16(MT_TXD_SIZE + skb->len); 2140 discov->enable = true; 2141 discov->wcid = cpu_to_le16(MT7996_WTBL_RESERVED); 2142 2143 buf = (u8 *)tlv + sizeof(*discov) - MAX_INBAND_FRAME_SIZE; 2144 2145 mt7996_mac_write_txwi(dev, (__le32 *)buf, skb, wcid, NULL, 0, 0, changed); 2146 2147 memcpy(buf + MT_TXD_SIZE, skb->data, skb->len); 2148 2149 dev_kfree_skb(skb); 2150 2151 return mt76_mcu_skb_send_msg(&dev->mt76, rskb, 2152 MCU_WMWA_UNI_CMD(BSS_INFO_UPDATE), true); 2153} 2154 2155static int mt7996_driver_own(struct mt7996_dev *dev, u8 band) 2156{ 2157 mt76_wr(dev, MT_TOP_LPCR_HOST_BAND(band), MT_TOP_LPCR_HOST_DRV_OWN); 2158 if (!mt76_poll_msec(dev, MT_TOP_LPCR_HOST_BAND(band), 2159 MT_TOP_LPCR_HOST_FW_OWN_STAT, 0, 500)) { 2160 dev_err(dev->mt76.dev, "Timeout for driver own\n"); 2161 return -EIO; 2162 } 2163 2164 /* clear irq when the driver own success */ 2165 mt76_wr(dev, MT_TOP_LPCR_HOST_BAND_IRQ_STAT(band), 2166 MT_TOP_LPCR_HOST_BAND_STAT); 2167 2168 return 0; 2169} 2170 2171static u32 mt7996_patch_sec_mode(u32 key_info) 2172{ 2173 u32 sec = u32_get_bits(key_info, MT7996_PATCH_SEC), key = 0; 2174 2175 if (key_info == GENMASK(31, 0) || sec == MT7996_SEC_MODE_PLAIN) 2176 return 0; 2177 2178 if (sec == MT7996_SEC_MODE_AES) 2179 key = u32_get_bits(key_info, MT7996_PATCH_AES_KEY); 2180 else 2181 key = u32_get_bits(key_info, MT7996_PATCH_SCRAMBLE_KEY); 2182 2183 return MT7996_SEC_ENCRYPT | MT7996_SEC_IV | 2184 u32_encode_bits(key, MT7996_SEC_KEY_IDX); 2185} 2186 2187static int mt7996_load_patch(struct mt7996_dev *dev) 2188{ 2189 const struct mt7996_patch_hdr *hdr; 2190 const struct firmware *fw = NULL; 2191 int i, ret, sem; 2192 2193 sem = mt76_connac_mcu_patch_sem_ctrl(&dev->mt76, 1); 2194 switch (sem) { 2195 case PATCH_IS_DL: 2196 return 0; 2197 case PATCH_NOT_DL_SEM_SUCCESS: 2198 break; 2199 default: 2200 dev_err(dev->mt76.dev, "Failed to get patch semaphore\n"); 2201 return -EAGAIN; 2202 } 2203 2204 ret = request_firmware(&fw, MT7996_ROM_PATCH, dev->mt76.dev); 2205 if (ret) 2206 goto out; 2207 2208 if (!fw || !fw->data || fw->size < sizeof(*hdr)) { 2209 dev_err(dev->mt76.dev, "Invalid firmware\n"); 2210 ret = -EINVAL; 2211 goto out; 2212 } 2213 2214 hdr = (const struct mt7996_patch_hdr *)(fw->data); 2215 2216 dev_info(dev->mt76.dev, "HW/SW Version: 0x%x, Build Time: %.16s\n", 2217 be32_to_cpu(hdr->hw_sw_ver), hdr->build_date); 2218 2219 for (i = 0; i < be32_to_cpu(hdr->desc.n_region); i++) { 2220#if defined(__linux__) 2221 struct mt7996_patch_sec *sec; 2222#elif defined(__FreeBSD__) 2223 const struct mt7996_patch_sec *sec; 2224#endif 2225 const u8 *dl; 2226 u32 len, addr, sec_key_idx, mode = DL_MODE_NEED_RSP; 2227 2228#if defined(__linux__) 2229 sec = (struct mt7996_patch_sec *)(fw->data + sizeof(*hdr) + 2230#elif defined(__FreeBSD__) 2231 sec = (const struct mt7996_patch_sec *)(fw->data + sizeof(*hdr) + 2232#endif 2233 i * sizeof(*sec)); 2234 if ((be32_to_cpu(sec->type) & PATCH_SEC_TYPE_MASK) != 2235 PATCH_SEC_TYPE_INFO) { 2236 ret = -EINVAL; 2237 goto out; 2238 } 2239 2240 addr = be32_to_cpu(sec->info.addr); 2241 len = be32_to_cpu(sec->info.len); 2242 sec_key_idx = be32_to_cpu(sec->info.sec_key_idx); 2243 dl = fw->data + be32_to_cpu(sec->offs); 2244 2245 mode |= mt7996_patch_sec_mode(sec_key_idx); 2246 2247 ret = mt76_connac_mcu_init_download(&dev->mt76, addr, len, 2248 mode); 2249 if (ret) { 2250 dev_err(dev->mt76.dev, "Download request failed\n"); 2251 goto out; 2252 } 2253 2254 ret = __mt76_mcu_send_firmware(&dev->mt76, MCU_CMD(FW_SCATTER), 2255 dl, len, 4096); 2256 if (ret) { 2257 dev_err(dev->mt76.dev, "Failed to send patch\n"); 2258 goto out; 2259 } 2260 } 2261 2262 ret = mt76_connac_mcu_start_patch(&dev->mt76); 2263 if (ret) 2264 dev_err(dev->mt76.dev, "Failed to start patch\n"); 2265 2266out: 2267 sem = mt76_connac_mcu_patch_sem_ctrl(&dev->mt76, 0); 2268 switch (sem) { 2269 case PATCH_REL_SEM_SUCCESS: 2270 break; 2271 default: 2272 ret = -EAGAIN; 2273 dev_err(dev->mt76.dev, "Failed to release patch semaphore\n"); 2274 break; 2275 } 2276 release_firmware(fw); 2277 2278 return ret; 2279} 2280 2281static int 2282mt7996_mcu_send_ram_firmware(struct mt7996_dev *dev, 2283 const struct mt7996_fw_trailer *hdr, 2284 const u8 *data, enum mt7996_ram_type type) 2285{ 2286 int i, offset = 0; 2287 u32 override = 0, option = 0; 2288 2289 for (i = 0; i < hdr->n_region; i++) { 2290 const struct mt7996_fw_region *region; 2291 int err; 2292 u32 len, addr, mode; 2293 2294 region = (const struct mt7996_fw_region *)((const u8 *)hdr - 2295 (hdr->n_region - i) * sizeof(*region)); 2296 /* DSP and WA use same mode */ 2297 mode = mt76_connac_mcu_gen_dl_mode(&dev->mt76, 2298 region->feature_set, 2299 type != MT7996_RAM_TYPE_WM); 2300 len = le32_to_cpu(region->len); 2301 addr = le32_to_cpu(region->addr); 2302 2303 if (region->feature_set & FW_FEATURE_OVERRIDE_ADDR) 2304 override = addr; 2305 2306 err = mt76_connac_mcu_init_download(&dev->mt76, addr, len, 2307 mode); 2308 if (err) { 2309 dev_err(dev->mt76.dev, "Download request failed\n"); 2310 return err; 2311 } 2312 2313 err = __mt76_mcu_send_firmware(&dev->mt76, MCU_CMD(FW_SCATTER), 2314 data + offset, len, 4096); 2315 if (err) { 2316 dev_err(dev->mt76.dev, "Failed to send firmware.\n"); 2317 return err; 2318 } 2319 2320 offset += len; 2321 } 2322 2323 if (override) 2324 option |= FW_START_OVERRIDE; 2325 2326 if (type == MT7996_RAM_TYPE_WA) 2327 option |= FW_START_WORKING_PDA_CR4; 2328 else if (type == MT7996_RAM_TYPE_DSP) 2329 option |= FW_START_WORKING_PDA_DSP; 2330 2331 return mt76_connac_mcu_start_firmware(&dev->mt76, override, option); 2332} 2333 2334static int __mt7996_load_ram(struct mt7996_dev *dev, const char *fw_type, 2335 const char *fw_file, enum mt7996_ram_type ram_type) 2336{ 2337 const struct mt7996_fw_trailer *hdr; 2338 const struct firmware *fw; 2339 int ret; 2340 2341 ret = request_firmware(&fw, fw_file, dev->mt76.dev); 2342 if (ret) 2343 return ret; 2344 2345 if (!fw || !fw->data || fw->size < sizeof(*hdr)) { 2346 dev_err(dev->mt76.dev, "Invalid firmware\n"); 2347 ret = -EINVAL; 2348 goto out; 2349 } 2350 2351 hdr = (const void *)(fw->data + fw->size - sizeof(*hdr)); 2352 dev_info(dev->mt76.dev, "%s Firmware Version: %.10s, Build Time: %.15s\n", 2353 fw_type, hdr->fw_ver, hdr->build_date); 2354 2355 ret = mt7996_mcu_send_ram_firmware(dev, hdr, fw->data, ram_type); 2356 if (ret) { 2357 dev_err(dev->mt76.dev, "Failed to start %s firmware\n", fw_type); 2358 goto out; 2359 } 2360 2361 snprintf(dev->mt76.hw->wiphy->fw_version, 2362 sizeof(dev->mt76.hw->wiphy->fw_version), 2363 "%.10s-%.15s", hdr->fw_ver, hdr->build_date); 2364 2365out: 2366 release_firmware(fw); 2367 2368 return ret; 2369} 2370 2371static int mt7996_load_ram(struct mt7996_dev *dev) 2372{ 2373 int ret; 2374 2375 ret = __mt7996_load_ram(dev, "WM", MT7996_FIRMWARE_WM, 2376 MT7996_RAM_TYPE_WM); 2377 if (ret) 2378 return ret; 2379 2380 ret = __mt7996_load_ram(dev, "DSP", MT7996_FIRMWARE_DSP, 2381 MT7996_RAM_TYPE_DSP); 2382 if (ret) 2383 return ret; 2384 2385 return __mt7996_load_ram(dev, "WA", MT7996_FIRMWARE_WA, 2386 MT7996_RAM_TYPE_WA); 2387} 2388 2389static int 2390mt7996_firmware_state(struct mt7996_dev *dev, bool wa) 2391{ 2392 u32 state = FIELD_PREP(MT_TOP_MISC_FW_STATE, 2393 wa ? FW_STATE_RDY : FW_STATE_FW_DOWNLOAD); 2394 2395 if (!mt76_poll_msec(dev, MT_TOP_MISC, MT_TOP_MISC_FW_STATE, 2396 state, 1000)) { 2397 dev_err(dev->mt76.dev, "Timeout for initializing firmware\n"); 2398 return -EIO; 2399 } 2400 return 0; 2401} 2402 2403static int 2404mt7996_mcu_restart(struct mt76_dev *dev) 2405{ 2406 struct { 2407 u8 __rsv1[4]; 2408 2409 __le16 tag; 2410 __le16 len; 2411 u8 power_mode; 2412 u8 __rsv2[3]; 2413 } __packed req = { 2414 .tag = cpu_to_le16(UNI_POWER_OFF), 2415 .len = cpu_to_le16(sizeof(req) - 4), 2416 .power_mode = 1, 2417 }; 2418 2419 return mt76_mcu_send_msg(dev, MCU_WM_UNI_CMD(POWER_CTRL), &req, 2420 sizeof(req), false); 2421} 2422 2423static int mt7996_load_firmware(struct mt7996_dev *dev) 2424{ 2425 int ret; 2426 2427 /* make sure fw is download state */ 2428 if (mt7996_firmware_state(dev, false)) { 2429 /* restart firmware once */ 2430 mt7996_mcu_restart(&dev->mt76); 2431 ret = mt7996_firmware_state(dev, false); 2432 if (ret) { 2433 dev_err(dev->mt76.dev, 2434 "Firmware is not ready for download\n"); 2435 return ret; 2436 } 2437 } 2438 2439 ret = mt7996_load_patch(dev); 2440 if (ret) 2441 return ret; 2442 2443 ret = mt7996_load_ram(dev); 2444 if (ret) 2445 return ret; 2446 2447 ret = mt7996_firmware_state(dev, true); 2448 if (ret) 2449 return ret; 2450 2451 mt76_queue_tx_cleanup(dev, dev->mt76.q_mcu[MT_MCUQ_FWDL], false); 2452 2453 dev_dbg(dev->mt76.dev, "Firmware init done\n"); 2454 2455 return 0; 2456} 2457 2458int mt7996_mcu_fw_log_2_host(struct mt7996_dev *dev, u8 type, u8 ctrl) 2459{ 2460 struct { 2461 u8 _rsv[4]; 2462 2463 __le16 tag; 2464 __le16 len; 2465 u8 ctrl; 2466 u8 interval; 2467 u8 _rsv2[2]; 2468 } __packed data = { 2469 .tag = cpu_to_le16(UNI_WSYS_CONFIG_FW_LOG_CTRL), 2470 .len = cpu_to_le16(sizeof(data) - 4), 2471 .ctrl = ctrl, 2472 }; 2473 2474 if (type == MCU_FW_LOG_WA) 2475 return mt76_mcu_send_msg(&dev->mt76, MCU_WA_UNI_CMD(WSYS_CONFIG), 2476 &data, sizeof(data), true); 2477 2478 return mt76_mcu_send_msg(&dev->mt76, MCU_WM_UNI_CMD(WSYS_CONFIG), &data, 2479 sizeof(data), true); 2480} 2481 2482int mt7996_mcu_fw_dbg_ctrl(struct mt7996_dev *dev, u32 module, u8 level) 2483{ 2484 struct { 2485 u8 _rsv[4]; 2486 2487 __le16 tag; 2488 __le16 len; 2489 __le32 module_idx; 2490 u8 level; 2491 u8 _rsv2[3]; 2492 } data = { 2493 .tag = cpu_to_le16(UNI_WSYS_CONFIG_FW_DBG_CTRL), 2494 .len = cpu_to_le16(sizeof(data) - 4), 2495 .module_idx = cpu_to_le32(module), 2496 .level = level, 2497 }; 2498 2499 return mt76_mcu_send_msg(&dev->mt76, MCU_WM_UNI_CMD(WSYS_CONFIG), &data, 2500 sizeof(data), false); 2501} 2502 2503static int mt7996_mcu_set_mwds(struct mt7996_dev *dev, bool enabled) 2504{ 2505 struct { 2506 u8 enable; 2507 u8 _rsv[3]; 2508 } __packed req = { 2509 .enable = enabled 2510 }; 2511 2512 return mt76_mcu_send_msg(&dev->mt76, MCU_WA_EXT_CMD(MWDS_SUPPORT), &req, 2513 sizeof(req), false); 2514} 2515 2516static void mt7996_add_rx_airtime_tlv(struct sk_buff *skb, u8 band_idx) 2517{ 2518 struct vow_rx_airtime *req; 2519 struct tlv *tlv; 2520 2521 tlv = mt7996_mcu_add_uni_tlv(skb, UNI_VOW_RX_AT_AIRTIME_CLR_EN, sizeof(*req)); 2522 req = (struct vow_rx_airtime *)tlv; 2523 req->enable = true; 2524 req->band = band_idx; 2525 2526 tlv = mt7996_mcu_add_uni_tlv(skb, UNI_VOW_RX_AT_AIRTIME_EN, sizeof(*req)); 2527 req = (struct vow_rx_airtime *)tlv; 2528 req->enable = true; 2529 req->band = band_idx; 2530} 2531 2532static int 2533mt7996_mcu_init_rx_airtime(struct mt7996_dev *dev) 2534{ 2535 struct uni_header hdr = {}; 2536 struct sk_buff *skb; 2537 int len, num; 2538 2539 num = 2 + 2 * (dev->dbdc_support + dev->tbtc_support); 2540 len = sizeof(hdr) + num * sizeof(struct vow_rx_airtime); 2541 skb = mt76_mcu_msg_alloc(&dev->mt76, NULL, len); 2542 if (!skb) 2543 return -ENOMEM; 2544 2545 skb_put_data(skb, &hdr, sizeof(hdr)); 2546 2547 mt7996_add_rx_airtime_tlv(skb, dev->mt76.phy.band_idx); 2548 2549 if (dev->dbdc_support) 2550 mt7996_add_rx_airtime_tlv(skb, MT_BAND1); 2551 2552 if (dev->tbtc_support) 2553 mt7996_add_rx_airtime_tlv(skb, MT_BAND2); 2554 2555 return mt76_mcu_skb_send_msg(&dev->mt76, skb, 2556 MCU_WM_UNI_CMD(VOW), true); 2557} 2558 2559int mt7996_mcu_init_firmware(struct mt7996_dev *dev) 2560{ 2561 int ret; 2562 2563 /* force firmware operation mode into normal state, 2564 * which should be set before firmware download stage. 2565 */ 2566 mt76_wr(dev, MT_SWDEF_MODE, MT_SWDEF_NORMAL_MODE); 2567 2568 ret = mt7996_driver_own(dev, 0); 2569 if (ret) 2570 return ret; 2571 /* set driver own for band1 when two hif exist */ 2572 if (dev->hif2) { 2573 ret = mt7996_driver_own(dev, 1); 2574 if (ret) 2575 return ret; 2576 } 2577 2578 ret = mt7996_load_firmware(dev); 2579 if (ret) 2580 return ret; 2581 2582 set_bit(MT76_STATE_MCU_RUNNING, &dev->mphy.state); 2583 ret = mt7996_mcu_fw_log_2_host(dev, MCU_FW_LOG_WM, 0); 2584 if (ret) 2585 return ret; 2586 2587 ret = mt7996_mcu_fw_log_2_host(dev, MCU_FW_LOG_WA, 0); 2588 if (ret) 2589 return ret; 2590 2591 ret = mt7996_mcu_set_mwds(dev, 1); 2592 if (ret) 2593 return ret; 2594 2595 ret = mt7996_mcu_init_rx_airtime(dev); 2596 if (ret) 2597 return ret; 2598 2599 return mt7996_mcu_wa_cmd(dev, MCU_WA_PARAM_CMD(SET), 2600 MCU_WA_PARAM_RED, 0, 0); 2601} 2602 2603int mt7996_mcu_init(struct mt7996_dev *dev) 2604{ 2605 static const struct mt76_mcu_ops mt7996_mcu_ops = { 2606 .headroom = sizeof(struct mt76_connac2_mcu_txd), /* reuse */ 2607 .mcu_skb_send_msg = mt7996_mcu_send_message, 2608 .mcu_parse_response = mt7996_mcu_parse_response, 2609 }; 2610 2611 dev->mt76.mcu_ops = &mt7996_mcu_ops; 2612 2613 return mt7996_mcu_init_firmware(dev); 2614} 2615 2616void mt7996_mcu_exit(struct mt7996_dev *dev) 2617{ 2618 mt7996_mcu_restart(&dev->mt76); 2619 if (mt7996_firmware_state(dev, false)) { 2620 dev_err(dev->mt76.dev, "Failed to exit mcu\n"); 2621 goto out; 2622 } 2623 2624 mt76_wr(dev, MT_TOP_LPCR_HOST_BAND(0), MT_TOP_LPCR_HOST_FW_OWN); 2625 if (dev->hif2) 2626 mt76_wr(dev, MT_TOP_LPCR_HOST_BAND(1), 2627 MT_TOP_LPCR_HOST_FW_OWN); 2628out: 2629 skb_queue_purge(&dev->mt76.mcu.res_q); 2630} 2631 2632int mt7996_mcu_set_hdr_trans(struct mt7996_dev *dev, bool hdr_trans) 2633{ 2634 struct { 2635 u8 __rsv[4]; 2636 } __packed hdr; 2637 struct hdr_trans_blacklist *req_blacklist; 2638 struct hdr_trans_en *req_en; 2639 struct sk_buff *skb; 2640 struct tlv *tlv; 2641 int len = MT7996_HDR_TRANS_MAX_SIZE + sizeof(hdr); 2642 2643 skb = mt76_mcu_msg_alloc(&dev->mt76, NULL, len); 2644 if (!skb) 2645 return -ENOMEM; 2646 2647 skb_put_data(skb, &hdr, sizeof(hdr)); 2648 2649 tlv = mt7996_mcu_add_uni_tlv(skb, UNI_HDR_TRANS_EN, sizeof(*req_en)); 2650 req_en = (struct hdr_trans_en *)tlv; 2651 req_en->enable = hdr_trans; 2652 2653 tlv = mt7996_mcu_add_uni_tlv(skb, UNI_HDR_TRANS_VLAN, 2654 sizeof(struct hdr_trans_vlan)); 2655 2656 if (hdr_trans) { 2657 tlv = mt7996_mcu_add_uni_tlv(skb, UNI_HDR_TRANS_BLACKLIST, 2658 sizeof(*req_blacklist)); 2659 req_blacklist = (struct hdr_trans_blacklist *)tlv; 2660 req_blacklist->enable = 1; 2661 req_blacklist->type = cpu_to_le16(ETH_P_PAE); 2662 } 2663 2664 return mt76_mcu_skb_send_msg(&dev->mt76, skb, 2665 MCU_WM_UNI_CMD(RX_HDR_TRANS), true); 2666} 2667 2668int mt7996_mcu_set_tx(struct mt7996_dev *dev, struct ieee80211_vif *vif) 2669{ 2670#define MCU_EDCA_AC_PARAM 0 2671#define WMM_AIFS_SET BIT(0) 2672#define WMM_CW_MIN_SET BIT(1) 2673#define WMM_CW_MAX_SET BIT(2) 2674#define WMM_TXOP_SET BIT(3) 2675#define WMM_PARAM_SET (WMM_AIFS_SET | WMM_CW_MIN_SET | \ 2676 WMM_CW_MAX_SET | WMM_TXOP_SET) 2677 struct mt7996_vif *mvif = (struct mt7996_vif *)vif->drv_priv; 2678 struct { 2679 u8 bss_idx; 2680 u8 __rsv[3]; 2681 } __packed hdr = { 2682 .bss_idx = mvif->mt76.idx, 2683 }; 2684 struct sk_buff *skb; 2685 int len = sizeof(hdr) + IEEE80211_NUM_ACS * sizeof(struct edca); 2686 int ac; 2687 2688 skb = mt76_mcu_msg_alloc(&dev->mt76, NULL, len); 2689 if (!skb) 2690 return -ENOMEM; 2691 2692 skb_put_data(skb, &hdr, sizeof(hdr)); 2693 2694 for (ac = 0; ac < IEEE80211_NUM_ACS; ac++) { 2695 struct ieee80211_tx_queue_params *q = &mvif->queue_params[ac]; 2696 struct edca *e; 2697 struct tlv *tlv; 2698 2699 tlv = mt7996_mcu_add_uni_tlv(skb, MCU_EDCA_AC_PARAM, sizeof(*e)); 2700 2701 e = (struct edca *)tlv; 2702 e->set = WMM_PARAM_SET; 2703 e->queue = ac + mvif->mt76.wmm_idx * MT7996_MAX_WMM_SETS; 2704 e->aifs = q->aifs; 2705 e->txop = cpu_to_le16(q->txop); 2706 2707 if (q->cw_min) 2708 e->cw_min = fls(q->cw_min); 2709 else 2710 e->cw_min = 5; 2711 2712 if (q->cw_max) 2713 e->cw_max = fls(q->cw_max); 2714 else 2715 e->cw_max = 10; 2716 } 2717 2718 return mt76_mcu_skb_send_msg(&dev->mt76, skb, 2719 MCU_WM_UNI_CMD(EDCA_UPDATE), true); 2720} 2721 2722int mt7996_mcu_set_fcc5_lpn(struct mt7996_dev *dev, int val) 2723{ 2724 struct { 2725 u8 _rsv[4]; 2726 2727 __le16 tag; 2728 __le16 len; 2729 2730 __le32 ctrl; 2731 __le16 min_lpn; 2732 u8 rsv[2]; 2733 } __packed req = { 2734 .tag = cpu_to_le16(UNI_RDD_CTRL_SET_TH), 2735 .len = cpu_to_le16(sizeof(req) - 4), 2736 2737 .ctrl = cpu_to_le32(0x1), 2738 .min_lpn = cpu_to_le16(val), 2739 }; 2740 2741 return mt76_mcu_send_msg(&dev->mt76, MCU_WM_UNI_CMD(RDD_CTRL), 2742 &req, sizeof(req), true); 2743} 2744 2745int mt7996_mcu_set_pulse_th(struct mt7996_dev *dev, 2746 const struct mt7996_dfs_pulse *pulse) 2747{ 2748 struct { 2749 u8 _rsv[4]; 2750 2751 __le16 tag; 2752 __le16 len; 2753 2754 __le32 ctrl; 2755 2756 __le32 max_width; /* us */ 2757 __le32 max_pwr; /* dbm */ 2758 __le32 min_pwr; /* dbm */ 2759 __le32 min_stgr_pri; /* us */ 2760 __le32 max_stgr_pri; /* us */ 2761 __le32 min_cr_pri; /* us */ 2762 __le32 max_cr_pri; /* us */ 2763 } __packed req = { 2764 .tag = cpu_to_le16(UNI_RDD_CTRL_SET_TH), 2765 .len = cpu_to_le16(sizeof(req) - 4), 2766 2767 .ctrl = cpu_to_le32(0x3), 2768 2769#define __req_field(field) .field = cpu_to_le32(pulse->field) 2770 __req_field(max_width), 2771 __req_field(max_pwr), 2772 __req_field(min_pwr), 2773 __req_field(min_stgr_pri), 2774 __req_field(max_stgr_pri), 2775 __req_field(min_cr_pri), 2776 __req_field(max_cr_pri), 2777#undef __req_field 2778 }; 2779 2780 return mt76_mcu_send_msg(&dev->mt76, MCU_WM_UNI_CMD(RDD_CTRL), 2781 &req, sizeof(req), true); 2782} 2783 2784int mt7996_mcu_set_radar_th(struct mt7996_dev *dev, int index, 2785 const struct mt7996_dfs_pattern *pattern) 2786{ 2787 struct { 2788 u8 _rsv[4]; 2789 2790 __le16 tag; 2791 __le16 len; 2792 2793 __le32 ctrl; 2794 __le16 radar_type; 2795 2796 u8 enb; 2797 u8 stgr; 2798 u8 min_crpn; 2799 u8 max_crpn; 2800 u8 min_crpr; 2801 u8 min_pw; 2802 __le32 min_pri; 2803 __le32 max_pri; 2804 u8 max_pw; 2805 u8 min_crbn; 2806 u8 max_crbn; 2807 u8 min_stgpn; 2808 u8 max_stgpn; 2809 u8 min_stgpr; 2810 u8 rsv[2]; 2811 __le32 min_stgpr_diff; 2812 } __packed req = { 2813 .tag = cpu_to_le16(UNI_RDD_CTRL_SET_TH), 2814 .len = cpu_to_le16(sizeof(req) - 4), 2815 2816 .ctrl = cpu_to_le32(0x2), 2817 .radar_type = cpu_to_le16(index), 2818 2819#define __req_field_u8(field) .field = pattern->field 2820#define __req_field_u32(field) .field = cpu_to_le32(pattern->field) 2821 __req_field_u8(enb), 2822 __req_field_u8(stgr), 2823 __req_field_u8(min_crpn), 2824 __req_field_u8(max_crpn), 2825 __req_field_u8(min_crpr), 2826 __req_field_u8(min_pw), 2827 __req_field_u32(min_pri), 2828 __req_field_u32(max_pri), 2829 __req_field_u8(max_pw), 2830 __req_field_u8(min_crbn), 2831 __req_field_u8(max_crbn), 2832 __req_field_u8(min_stgpn), 2833 __req_field_u8(max_stgpn), 2834 __req_field_u8(min_stgpr), 2835 __req_field_u32(min_stgpr_diff), 2836#undef __req_field_u8 2837#undef __req_field_u32 2838 }; 2839 2840 return mt76_mcu_send_msg(&dev->mt76, MCU_WM_UNI_CMD(RDD_CTRL), 2841 &req, sizeof(req), true); 2842} 2843 2844static int 2845mt7996_mcu_background_chain_ctrl(struct mt7996_phy *phy, 2846 struct cfg80211_chan_def *chandef, 2847 int cmd) 2848{ 2849 struct mt7996_dev *dev = phy->dev; 2850 struct mt76_phy *mphy = phy->mt76; 2851 struct ieee80211_channel *chan = mphy->chandef.chan; 2852 int freq = mphy->chandef.center_freq1; 2853 struct mt7996_mcu_background_chain_ctrl req = { 2854 .tag = cpu_to_le16(0), 2855 .len = cpu_to_le16(sizeof(req) - 4), 2856 .monitor_scan_type = 2, /* simple rx */ 2857 }; 2858 2859 if (!chandef && cmd != CH_SWITCH_BACKGROUND_SCAN_STOP) 2860 return -EINVAL; 2861 2862 if (!cfg80211_chandef_valid(&mphy->chandef)) 2863 return -EINVAL; 2864 2865 switch (cmd) { 2866 case CH_SWITCH_BACKGROUND_SCAN_START: { 2867 req.chan = chan->hw_value; 2868 req.central_chan = ieee80211_frequency_to_channel(freq); 2869 req.bw = mt76_connac_chan_bw(&mphy->chandef); 2870 req.monitor_chan = chandef->chan->hw_value; 2871 req.monitor_central_chan = 2872 ieee80211_frequency_to_channel(chandef->center_freq1); 2873 req.monitor_bw = mt76_connac_chan_bw(chandef); 2874 req.band_idx = phy->mt76->band_idx; 2875 req.scan_mode = 1; 2876 break; 2877 } 2878 case CH_SWITCH_BACKGROUND_SCAN_RUNNING: 2879 req.monitor_chan = chandef->chan->hw_value; 2880 req.monitor_central_chan = 2881 ieee80211_frequency_to_channel(chandef->center_freq1); 2882 req.band_idx = phy->mt76->band_idx; 2883 req.scan_mode = 2; 2884 break; 2885 case CH_SWITCH_BACKGROUND_SCAN_STOP: 2886 req.chan = chan->hw_value; 2887 req.central_chan = ieee80211_frequency_to_channel(freq); 2888 req.bw = mt76_connac_chan_bw(&mphy->chandef); 2889 req.tx_stream = hweight8(mphy->antenna_mask); 2890 req.rx_stream = mphy->antenna_mask; 2891 break; 2892 default: 2893 return -EINVAL; 2894 } 2895 req.band = chandef ? chandef->chan->band == NL80211_BAND_5GHZ : 1; 2896 2897 return mt76_mcu_send_msg(&dev->mt76, MCU_WM_UNI_CMD(OFFCH_SCAN_CTRL), 2898 &req, sizeof(req), false); 2899} 2900 2901int mt7996_mcu_rdd_background_enable(struct mt7996_phy *phy, 2902 struct cfg80211_chan_def *chandef) 2903{ 2904 struct mt7996_dev *dev = phy->dev; 2905 int err, region; 2906 2907 if (!chandef) { /* disable offchain */ 2908 err = mt7996_mcu_rdd_cmd(dev, RDD_STOP, MT_RX_SEL2, 2909 0, 0); 2910 if (err) 2911 return err; 2912 2913 return mt7996_mcu_background_chain_ctrl(phy, NULL, 2914 CH_SWITCH_BACKGROUND_SCAN_STOP); 2915 } 2916 2917 err = mt7996_mcu_background_chain_ctrl(phy, chandef, 2918 CH_SWITCH_BACKGROUND_SCAN_START); 2919 if (err) 2920 return err; 2921 2922 switch (dev->mt76.region) { 2923 case NL80211_DFS_ETSI: 2924 region = 0; 2925 break; 2926 case NL80211_DFS_JP: 2927 region = 2; 2928 break; 2929 case NL80211_DFS_FCC: 2930 default: 2931 region = 1; 2932 break; 2933 } 2934 2935 return mt7996_mcu_rdd_cmd(dev, RDD_START, MT_RX_SEL2, 2936 0, region); 2937} 2938 2939int mt7996_mcu_set_chan_info(struct mt7996_phy *phy, u16 tag) 2940{ 2941 static const u8 ch_band[] = { 2942 [NL80211_BAND_2GHZ] = 0, 2943 [NL80211_BAND_5GHZ] = 1, 2944 [NL80211_BAND_6GHZ] = 2, 2945 }; 2946 struct mt7996_dev *dev = phy->dev; 2947 struct cfg80211_chan_def *chandef = &phy->mt76->chandef; 2948 int freq1 = chandef->center_freq1; 2949 u8 band_idx = phy->mt76->band_idx; 2950 struct { 2951 /* fixed field */ 2952 u8 __rsv[4]; 2953 2954 __le16 tag; 2955 __le16 len; 2956 u8 control_ch; 2957 u8 center_ch; 2958 u8 bw; 2959 u8 tx_path_num; 2960 u8 rx_path; /* mask or num */ 2961 u8 switch_reason; 2962 u8 band_idx; 2963 u8 center_ch2; /* for 80+80 only */ 2964 __le16 cac_case; 2965 u8 channel_band; 2966 u8 rsv0; 2967 __le32 outband_freq; 2968 u8 txpower_drop; 2969 u8 ap_bw; 2970 u8 ap_center_ch; 2971 u8 rsv1[53]; 2972 } __packed req = { 2973 .tag = cpu_to_le16(tag), 2974 .len = cpu_to_le16(sizeof(req) - 4), 2975 .control_ch = chandef->chan->hw_value, 2976 .center_ch = ieee80211_frequency_to_channel(freq1), 2977 .bw = mt76_connac_chan_bw(chandef), 2978 .tx_path_num = hweight16(phy->mt76->chainmask), 2979 .rx_path = phy->mt76->chainmask >> dev->chainshift[band_idx], 2980 .band_idx = band_idx, 2981 .channel_band = ch_band[chandef->chan->band], 2982 }; 2983 2984 if (tag == UNI_CHANNEL_RX_PATH || 2985 dev->mt76.hw->conf.flags & IEEE80211_CONF_MONITOR) 2986 req.switch_reason = CH_SWITCH_NORMAL; 2987 else if (phy->mt76->hw->conf.flags & IEEE80211_CONF_OFFCHANNEL) 2988 req.switch_reason = CH_SWITCH_SCAN_BYPASS_DPD; 2989 else if (!cfg80211_reg_can_beacon(phy->mt76->hw->wiphy, chandef, 2990 NL80211_IFTYPE_AP)) 2991 req.switch_reason = CH_SWITCH_DFS; 2992 else 2993 req.switch_reason = CH_SWITCH_NORMAL; 2994 2995 if (tag == UNI_CHANNEL_SWITCH) 2996 req.rx_path = hweight8(req.rx_path); 2997 2998 if (chandef->width == NL80211_CHAN_WIDTH_80P80) { 2999 int freq2 = chandef->center_freq2; 3000 3001 req.center_ch2 = ieee80211_frequency_to_channel(freq2); 3002 } 3003 3004 return mt76_mcu_send_msg(&dev->mt76, MCU_WMWA_UNI_CMD(CHANNEL_SWITCH), 3005 &req, sizeof(req), true); 3006} 3007 3008static int mt7996_mcu_set_eeprom_flash(struct mt7996_dev *dev) 3009{ 3010#define MAX_PAGE_IDX_MASK GENMASK(7, 5) 3011#define PAGE_IDX_MASK GENMASK(4, 2) 3012#define PER_PAGE_SIZE 0x400 3013 struct mt7996_mcu_eeprom req = { 3014 .tag = cpu_to_le16(UNI_EFUSE_BUFFER_MODE), 3015 .buffer_mode = EE_MODE_BUFFER 3016 }; 3017 u16 eeprom_size = MT7996_EEPROM_SIZE; 3018 u8 total = DIV_ROUND_UP(eeprom_size, PER_PAGE_SIZE); 3019 u8 *eep = (u8 *)dev->mt76.eeprom.data; 3020 int eep_len, i; 3021 3022 for (i = 0; i < total; i++, eep += eep_len) { 3023 struct sk_buff *skb; 3024 int ret, msg_len; 3025 3026 if (i == total - 1 && !!(eeprom_size % PER_PAGE_SIZE)) 3027 eep_len = eeprom_size % PER_PAGE_SIZE; 3028 else 3029 eep_len = PER_PAGE_SIZE; 3030 3031 msg_len = sizeof(req) + eep_len; 3032 skb = mt76_mcu_msg_alloc(&dev->mt76, NULL, msg_len); 3033 if (!skb) 3034 return -ENOMEM; 3035 3036 req.len = cpu_to_le16(msg_len - 4); 3037 req.format = FIELD_PREP(MAX_PAGE_IDX_MASK, total - 1) | 3038 FIELD_PREP(PAGE_IDX_MASK, i) | EE_FORMAT_WHOLE; 3039 req.buf_len = cpu_to_le16(eep_len); 3040 3041 skb_put_data(skb, &req, sizeof(req)); 3042 skb_put_data(skb, eep, eep_len); 3043 3044 ret = mt76_mcu_skb_send_msg(&dev->mt76, skb, 3045 MCU_WM_UNI_CMD(EFUSE_CTRL), true); 3046 if (ret) 3047 return ret; 3048 } 3049 3050 return 0; 3051} 3052 3053int mt7996_mcu_set_eeprom(struct mt7996_dev *dev) 3054{ 3055 struct mt7996_mcu_eeprom req = { 3056 .tag = cpu_to_le16(UNI_EFUSE_BUFFER_MODE), 3057 .len = cpu_to_le16(sizeof(req) - 4), 3058 .buffer_mode = EE_MODE_EFUSE, 3059 .format = EE_FORMAT_WHOLE 3060 }; 3061 3062 if (dev->flash_mode) 3063 return mt7996_mcu_set_eeprom_flash(dev); 3064 3065 return mt76_mcu_send_msg(&dev->mt76, MCU_WM_UNI_CMD(EFUSE_CTRL), 3066 &req, sizeof(req), true); 3067} 3068 3069int mt7996_mcu_get_eeprom(struct mt7996_dev *dev, u32 offset) 3070{ 3071 struct { 3072 u8 _rsv[4]; 3073 3074 __le16 tag; 3075 __le16 len; 3076 __le32 addr; 3077 __le32 valid; 3078 u8 data[16]; 3079 } __packed req = { 3080 .tag = cpu_to_le16(UNI_EFUSE_ACCESS), 3081 .len = cpu_to_le16(sizeof(req) - 4), 3082 .addr = cpu_to_le32(round_down(offset, 3083 MT7996_EEPROM_BLOCK_SIZE)), 3084 }; 3085 struct sk_buff *skb; 3086 bool valid; 3087 int ret; 3088 3089 ret = mt76_mcu_send_and_get_msg(&dev->mt76, 3090 MCU_WM_UNI_CMD_QUERY(EFUSE_CTRL), 3091 &req, sizeof(req), true, &skb); 3092 if (ret) 3093 return ret; 3094 3095 valid = le32_to_cpu(*(__le32 *)(skb->data + 16)); 3096 if (valid) { 3097 u32 addr = le32_to_cpu(*(__le32 *)(skb->data + 12)); 3098 u8 *buf = (u8 *)dev->mt76.eeprom.data + addr; 3099 3100 skb_pull(skb, 64); 3101 memcpy(buf, skb->data, MT7996_EEPROM_BLOCK_SIZE); 3102 } 3103 3104 dev_kfree_skb(skb); 3105 3106 return 0; 3107} 3108 3109int mt7996_mcu_get_eeprom_free_block(struct mt7996_dev *dev, u8 *block_num) 3110{ 3111 struct { 3112 u8 _rsv[4]; 3113 3114 __le16 tag; 3115 __le16 len; 3116 u8 num; 3117 u8 version; 3118 u8 die_idx; 3119 u8 _rsv2; 3120 } __packed req = { 3121 .tag = cpu_to_le16(UNI_EFUSE_FREE_BLOCK), 3122 .len = cpu_to_le16(sizeof(req) - 4), 3123 .version = 2, 3124 }; 3125 struct sk_buff *skb; 3126 int ret; 3127 3128 ret = mt76_mcu_send_and_get_msg(&dev->mt76, MCU_WM_UNI_CMD_QUERY(EFUSE_CTRL), &req, 3129 sizeof(req), true, &skb); 3130 if (ret) 3131 return ret; 3132 3133 *block_num = *(u8 *)(skb->data + 8); 3134 dev_kfree_skb(skb); 3135 3136 return 0; 3137} 3138 3139int mt7996_mcu_get_chip_config(struct mt7996_dev *dev, u32 *cap) 3140{ 3141#define NIC_CAP 3 3142#define UNI_EVENT_CHIP_CONFIG_EFUSE_VERSION 0x21 3143 struct { 3144 u8 _rsv[4]; 3145 3146 __le16 tag; 3147 __le16 len; 3148 } __packed req = { 3149 .tag = cpu_to_le16(NIC_CAP), 3150 .len = cpu_to_le16(sizeof(req) - 4), 3151 }; 3152 struct sk_buff *skb; 3153 u8 *buf; 3154 int ret; 3155 3156 ret = mt76_mcu_send_and_get_msg(&dev->mt76, 3157 MCU_WM_UNI_CMD_QUERY(CHIP_CONFIG), &req, 3158 sizeof(req), true, &skb); 3159 if (ret) 3160 return ret; 3161 3162 /* fixed field */ 3163 skb_pull(skb, 4); 3164 3165 buf = skb->data; 3166 while (buf - skb->data < skb->len) { 3167 struct tlv *tlv = (struct tlv *)buf; 3168 3169 switch (le16_to_cpu(tlv->tag)) { 3170 case UNI_EVENT_CHIP_CONFIG_EFUSE_VERSION: 3171 *cap = le32_to_cpu(*(__le32 *)(buf + sizeof(*tlv))); 3172 break; 3173 default: 3174 break; 3175 } 3176 3177 buf += le16_to_cpu(tlv->len); 3178 } 3179 3180 dev_kfree_skb(skb); 3181 3182 return 0; 3183} 3184 3185int mt7996_mcu_get_chan_mib_info(struct mt7996_phy *phy, bool chan_switch) 3186{ 3187 struct { 3188 struct { 3189 u8 band; 3190 u8 __rsv[3]; 3191 } hdr; 3192 struct { 3193 __le16 tag; 3194 __le16 len; 3195 __le32 offs; 3196 } data[4]; 3197 } __packed req = { 3198 .hdr.band = phy->mt76->band_idx, 3199 }; 3200 /* strict order */ 3201 static const u32 offs[] = { 3202 UNI_MIB_TX_TIME, 3203 UNI_MIB_RX_TIME, 3204 UNI_MIB_OBSS_AIRTIME, 3205 UNI_MIB_NON_WIFI_TIME, 3206 }; 3207 struct mt76_channel_state *state = phy->mt76->chan_state; 3208 struct mt76_channel_state *state_ts = &phy->state_ts; 3209 struct mt7996_dev *dev = phy->dev; 3210 struct mt7996_mcu_mib *res; 3211 struct sk_buff *skb; 3212 int i, ret; 3213 3214 for (i = 0; i < 4; i++) { 3215 req.data[i].tag = cpu_to_le16(UNI_CMD_MIB_DATA); 3216 req.data[i].len = cpu_to_le16(sizeof(req.data[i])); 3217 req.data[i].offs = cpu_to_le32(offs[i]); 3218 } 3219 3220 ret = mt76_mcu_send_and_get_msg(&dev->mt76, MCU_WM_UNI_CMD_QUERY(GET_MIB_INFO), 3221 &req, sizeof(req), true, &skb); 3222 if (ret) 3223 return ret; 3224 3225 skb_pull(skb, sizeof(req.hdr)); 3226 3227 res = (struct mt7996_mcu_mib *)(skb->data); 3228 3229 if (chan_switch) 3230 goto out; 3231 3232#define __res_u64(s) le64_to_cpu(res[s].data) 3233 state->cc_tx += __res_u64(1) - state_ts->cc_tx; 3234 state->cc_bss_rx += __res_u64(2) - state_ts->cc_bss_rx; 3235 state->cc_rx += __res_u64(2) + __res_u64(3) - state_ts->cc_rx; 3236 state->cc_busy += __res_u64(0) + __res_u64(1) + __res_u64(2) + __res_u64(3) - 3237 state_ts->cc_busy; 3238 3239out: 3240 state_ts->cc_tx = __res_u64(1); 3241 state_ts->cc_bss_rx = __res_u64(2); 3242 state_ts->cc_rx = __res_u64(2) + __res_u64(3); 3243 state_ts->cc_busy = __res_u64(0) + __res_u64(1) + __res_u64(2) + __res_u64(3); 3244#undef __res_u64 3245 3246 dev_kfree_skb(skb); 3247 3248 return 0; 3249} 3250 3251int mt7996_mcu_set_ser(struct mt7996_dev *dev, u8 action, u8 val, u8 band) 3252{ 3253 struct { 3254 u8 rsv[4]; 3255 3256 __le16 tag; 3257 __le16 len; 3258 3259 union { 3260 struct { 3261 __le32 mask; 3262 } __packed set; 3263 3264 struct { 3265 u8 method; 3266 u8 band; 3267 u8 rsv2[2]; 3268 } __packed trigger; 3269 }; 3270 } __packed req = { 3271 .tag = cpu_to_le16(action), 3272 .len = cpu_to_le16(sizeof(req) - 4), 3273 }; 3274 3275 switch (action) { 3276 case UNI_CMD_SER_SET: 3277 req.set.mask = cpu_to_le32(val); 3278 break; 3279 case UNI_CMD_SER_TRIGGER: 3280 req.trigger.method = val; 3281 req.trigger.band = band; 3282 break; 3283 default: 3284 return -EINVAL; 3285 } 3286 3287 return mt76_mcu_send_msg(&dev->mt76, MCU_WM_UNI_CMD(SER), 3288 &req, sizeof(req), false); 3289} 3290 3291int mt7996_mcu_set_txbf(struct mt7996_dev *dev, u8 action) 3292{ 3293#define MT7996_BF_MAX_SIZE sizeof(union bf_tag_tlv) 3294#define BF_PROCESSING 4 3295 struct uni_header hdr; 3296 struct sk_buff *skb; 3297 struct tlv *tlv; 3298 int len = sizeof(hdr) + MT7996_BF_MAX_SIZE; 3299 3300 memset(&hdr, 0, sizeof(hdr)); 3301 3302 skb = mt76_mcu_msg_alloc(&dev->mt76, NULL, len); 3303 if (!skb) 3304 return -ENOMEM; 3305 3306 skb_put_data(skb, &hdr, sizeof(hdr)); 3307 3308 switch (action) { 3309 case BF_SOUNDING_ON: { 3310 struct bf_sounding_on *req_snd_on; 3311 3312 tlv = mt7996_mcu_add_uni_tlv(skb, action, sizeof(*req_snd_on)); 3313 req_snd_on = (struct bf_sounding_on *)tlv; 3314 req_snd_on->snd_mode = BF_PROCESSING; 3315 break; 3316 } 3317 case BF_HW_EN_UPDATE: { 3318 struct bf_hw_en_status_update *req_hw_en; 3319 3320 tlv = mt7996_mcu_add_uni_tlv(skb, action, sizeof(*req_hw_en)); 3321 req_hw_en = (struct bf_hw_en_status_update *)tlv; 3322 req_hw_en->ebf = true; 3323 req_hw_en->ibf = dev->ibf; 3324 break; 3325 } 3326 case BF_MOD_EN_CTRL: { 3327 struct bf_mod_en_ctrl *req_mod_en; 3328 3329 tlv = mt7996_mcu_add_uni_tlv(skb, action, sizeof(*req_mod_en)); 3330 req_mod_en = (struct bf_mod_en_ctrl *)tlv; 3331 req_mod_en->bf_num = 2; 3332 req_mod_en->bf_bitmap = GENMASK(0, 0); 3333 break; 3334 } 3335 default: 3336 return -EINVAL; 3337 } 3338 3339 return mt76_mcu_skb_send_msg(&dev->mt76, skb, MCU_WM_UNI_CMD(BF), true); 3340} 3341 3342static int 3343mt7996_mcu_enable_obss_spr(struct mt7996_phy *phy, u16 action, u8 val) 3344{ 3345 struct mt7996_dev *dev = phy->dev; 3346 struct { 3347 u8 band_idx; 3348 u8 __rsv[3]; 3349 3350 __le16 tag; 3351 __le16 len; 3352 3353 __le32 val; 3354 } __packed req = { 3355 .band_idx = phy->mt76->band_idx, 3356 .tag = cpu_to_le16(action), 3357 .len = cpu_to_le16(sizeof(req) - 4), 3358 .val = cpu_to_le32(val), 3359 }; 3360 3361 return mt76_mcu_send_msg(&dev->mt76, MCU_WM_UNI_CMD(SR), 3362 &req, sizeof(req), true); 3363} 3364 3365static int 3366mt7996_mcu_set_obss_spr_pd(struct mt7996_phy *phy, 3367 struct ieee80211_he_obss_pd *he_obss_pd) 3368{ 3369 struct mt7996_dev *dev = phy->dev; 3370 u8 max_th = 82, non_srg_max_th = 62; 3371 struct { 3372 u8 band_idx; 3373 u8 __rsv[3]; 3374 3375 __le16 tag; 3376 __le16 len; 3377 3378 u8 pd_th_non_srg; 3379 u8 pd_th_srg; 3380 u8 period_offs; 3381 u8 rcpi_src; 3382 __le16 obss_pd_min; 3383 __le16 obss_pd_min_srg; 3384 u8 resp_txpwr_mode; 3385 u8 txpwr_restrict_mode; 3386 u8 txpwr_ref; 3387 u8 __rsv2[3]; 3388 } __packed req = { 3389 .band_idx = phy->mt76->band_idx, 3390 .tag = cpu_to_le16(UNI_CMD_SR_SET_PARAM), 3391 .len = cpu_to_le16(sizeof(req) - 4), 3392 .obss_pd_min = cpu_to_le16(max_th), 3393 .obss_pd_min_srg = cpu_to_le16(max_th), 3394 .txpwr_restrict_mode = 2, 3395 .txpwr_ref = 21 3396 }; 3397 int ret; 3398 3399 /* disable firmware dynamical PD asjustment */ 3400 ret = mt7996_mcu_enable_obss_spr(phy, UNI_CMD_SR_ENABLE_DPD, false); 3401 if (ret) 3402 return ret; 3403 3404 if (he_obss_pd->sr_ctrl & 3405 IEEE80211_HE_SPR_NON_SRG_OBSS_PD_SR_DISALLOWED) 3406 req.pd_th_non_srg = max_th; 3407 else if (he_obss_pd->sr_ctrl & IEEE80211_HE_SPR_NON_SRG_OFFSET_PRESENT) 3408 req.pd_th_non_srg = max_th - he_obss_pd->non_srg_max_offset; 3409 else 3410 req.pd_th_non_srg = non_srg_max_th; 3411 3412 if (he_obss_pd->sr_ctrl & IEEE80211_HE_SPR_SRG_INFORMATION_PRESENT) 3413 req.pd_th_srg = max_th - he_obss_pd->max_offset; 3414 3415 return mt76_mcu_send_msg(&dev->mt76, MCU_WM_UNI_CMD(SR), 3416 &req, sizeof(req), true); 3417} 3418 3419static int 3420mt7996_mcu_set_obss_spr_siga(struct mt7996_phy *phy, struct ieee80211_vif *vif, 3421 struct ieee80211_he_obss_pd *he_obss_pd) 3422{ 3423 struct mt7996_vif *mvif = (struct mt7996_vif *)vif->drv_priv; 3424 struct mt7996_dev *dev = phy->dev; 3425 u8 omac = mvif->mt76.omac_idx; 3426 struct { 3427 u8 band_idx; 3428 u8 __rsv[3]; 3429 3430 __le16 tag; 3431 __le16 len; 3432 3433 u8 omac; 3434 u8 __rsv2[3]; 3435 u8 flag[20]; 3436 } __packed req = { 3437 .band_idx = phy->mt76->band_idx, 3438 .tag = cpu_to_le16(UNI_CMD_SR_SET_SIGA), 3439 .len = cpu_to_le16(sizeof(req) - 4), 3440 .omac = omac > HW_BSSID_MAX ? omac - 12 : omac, 3441 }; 3442 int ret; 3443 3444 if (he_obss_pd->sr_ctrl & IEEE80211_HE_SPR_HESIGA_SR_VAL15_ALLOWED) 3445 req.flag[req.omac] = 0xf; 3446 else 3447 return 0; 3448 3449 /* switch to normal AP mode */ 3450 ret = mt7996_mcu_enable_obss_spr(phy, UNI_CMD_SR_ENABLE_MODE, 0); 3451 if (ret) 3452 return ret; 3453 3454 return mt76_mcu_send_msg(&dev->mt76, MCU_WM_UNI_CMD(SR), 3455 &req, sizeof(req), true); 3456} 3457 3458static int 3459mt7996_mcu_set_obss_spr_bitmap(struct mt7996_phy *phy, 3460 struct ieee80211_he_obss_pd *he_obss_pd) 3461{ 3462 struct mt7996_dev *dev = phy->dev; 3463 struct { 3464 u8 band_idx; 3465 u8 __rsv[3]; 3466 3467 __le16 tag; 3468 __le16 len; 3469 3470 __le32 color_l[2]; 3471 __le32 color_h[2]; 3472 __le32 bssid_l[2]; 3473 __le32 bssid_h[2]; 3474 } __packed req = { 3475 .band_idx = phy->mt76->band_idx, 3476 .tag = cpu_to_le16(UNI_CMD_SR_SET_SRG_BITMAP), 3477 .len = cpu_to_le16(sizeof(req) - 4), 3478 }; 3479 u32 bitmap; 3480 3481 memcpy(&bitmap, he_obss_pd->bss_color_bitmap, sizeof(bitmap)); 3482 req.color_l[req.band_idx] = cpu_to_le32(bitmap); 3483 3484 memcpy(&bitmap, he_obss_pd->bss_color_bitmap + 4, sizeof(bitmap)); 3485 req.color_h[req.band_idx] = cpu_to_le32(bitmap); 3486 3487 memcpy(&bitmap, he_obss_pd->partial_bssid_bitmap, sizeof(bitmap)); 3488 req.bssid_l[req.band_idx] = cpu_to_le32(bitmap); 3489 3490 memcpy(&bitmap, he_obss_pd->partial_bssid_bitmap + 4, sizeof(bitmap)); 3491 req.bssid_h[req.band_idx] = cpu_to_le32(bitmap); 3492 3493 return mt76_mcu_send_msg(&dev->mt76, MCU_WM_UNI_CMD(SR), &req, 3494 sizeof(req), true); 3495} 3496 3497int mt7996_mcu_add_obss_spr(struct mt7996_phy *phy, struct ieee80211_vif *vif, 3498 struct ieee80211_he_obss_pd *he_obss_pd) 3499{ 3500 int ret; 3501 3502 /* enable firmware scene detection algorithms */ 3503 ret = mt7996_mcu_enable_obss_spr(phy, UNI_CMD_SR_ENABLE_SD, 3504 sr_scene_detect); 3505 if (ret) 3506 return ret; 3507 3508 /* firmware dynamically adjusts PD threshold so skip manual control */ 3509 if (sr_scene_detect && !he_obss_pd->enable) 3510 return 0; 3511 3512 /* enable spatial reuse */ 3513 ret = mt7996_mcu_enable_obss_spr(phy, UNI_CMD_SR_ENABLE, 3514 he_obss_pd->enable); 3515 if (ret) 3516 return ret; 3517 3518 if (sr_scene_detect || !he_obss_pd->enable) 3519 return 0; 3520 3521 ret = mt7996_mcu_enable_obss_spr(phy, UNI_CMD_SR_ENABLE_TX, true); 3522 if (ret) 3523 return ret; 3524 3525 /* set SRG/non-SRG OBSS PD threshold */ 3526 ret = mt7996_mcu_set_obss_spr_pd(phy, he_obss_pd); 3527 if (ret) 3528 return ret; 3529 3530 /* Set SR prohibit */ 3531 ret = mt7996_mcu_set_obss_spr_siga(phy, vif, he_obss_pd); 3532 if (ret) 3533 return ret; 3534 3535 /* set SRG BSS color/BSSID bitmap */ 3536 return mt7996_mcu_set_obss_spr_bitmap(phy, he_obss_pd); 3537} 3538 3539int mt7996_mcu_update_bss_color(struct mt7996_dev *dev, struct ieee80211_vif *vif, 3540 struct cfg80211_he_bss_color *he_bss_color) 3541{ 3542 int len = sizeof(struct bss_req_hdr) + sizeof(struct bss_color_tlv); 3543 struct mt7996_vif *mvif = (struct mt7996_vif *)vif->drv_priv; 3544 struct bss_color_tlv *bss_color; 3545 struct sk_buff *skb; 3546 struct tlv *tlv; 3547 3548 skb = __mt7996_mcu_alloc_bss_req(&dev->mt76, &mvif->mt76, len); 3549 if (IS_ERR(skb)) 3550 return PTR_ERR(skb); 3551 3552 tlv = mt76_connac_mcu_add_tlv(skb, UNI_BSS_INFO_BSS_COLOR, 3553 sizeof(*bss_color)); 3554 bss_color = (struct bss_color_tlv *)tlv; 3555 bss_color->enable = he_bss_color->enabled; 3556 bss_color->color = he_bss_color->color; 3557 3558 return mt76_mcu_skb_send_msg(&dev->mt76, skb, 3559 MCU_WMWA_UNI_CMD(BSS_INFO_UPDATE), true); 3560} 3561 3562#define TWT_AGRT_TRIGGER BIT(0) 3563#define TWT_AGRT_ANNOUNCE BIT(1) 3564#define TWT_AGRT_PROTECT BIT(2) 3565 3566int mt7996_mcu_twt_agrt_update(struct mt7996_dev *dev, 3567 struct mt7996_vif *mvif, 3568 struct mt7996_twt_flow *flow, 3569 int cmd) 3570{ 3571 struct { 3572 u8 _rsv[4]; 3573 3574 __le16 tag; 3575 __le16 len; 3576 u8 tbl_idx; 3577 u8 cmd; 3578 u8 own_mac_idx; 3579 u8 flowid; /* 0xff for group id */ 3580 __le16 peer_id; /* specify the peer_id (msb=0) 3581 * or group_id (msb=1) 3582 */ 3583 u8 duration; /* 256 us */ 3584 u8 bss_idx; 3585 __le64 start_tsf; 3586 __le16 mantissa; 3587 u8 exponent; 3588 u8 is_ap; 3589 u8 agrt_params; 3590 u8 __rsv2[135]; 3591 } __packed req = { 3592 .tag = cpu_to_le16(UNI_CMD_TWT_ARGT_UPDATE), 3593 .len = cpu_to_le16(sizeof(req) - 4), 3594 .tbl_idx = flow->table_id, 3595 .cmd = cmd, 3596 .own_mac_idx = mvif->mt76.omac_idx, 3597 .flowid = flow->id, 3598 .peer_id = cpu_to_le16(flow->wcid), 3599 .duration = flow->duration, 3600 .bss_idx = mvif->mt76.idx, 3601 .start_tsf = cpu_to_le64(flow->tsf), 3602 .mantissa = flow->mantissa, 3603 .exponent = flow->exp, 3604 .is_ap = true, 3605 }; 3606 3607 if (flow->protection) 3608 req.agrt_params |= TWT_AGRT_PROTECT; 3609 if (!flow->flowtype) 3610 req.agrt_params |= TWT_AGRT_ANNOUNCE; 3611 if (flow->trigger) 3612 req.agrt_params |= TWT_AGRT_TRIGGER; 3613 3614 return mt76_mcu_send_msg(&dev->mt76, MCU_WM_UNI_CMD(TWT), 3615 &req, sizeof(req), true); 3616} 3617 3618int mt7996_mcu_set_rts_thresh(struct mt7996_phy *phy, u32 val) 3619{ 3620 struct { 3621 u8 band_idx; 3622 u8 _rsv[3]; 3623 3624 __le16 tag; 3625 __le16 len; 3626 __le32 len_thresh; 3627 __le32 pkt_thresh; 3628 } __packed req = { 3629 .band_idx = phy->mt76->band_idx, 3630 .tag = cpu_to_le16(UNI_BAND_CONFIG_RTS_THRESHOLD), 3631 .len = cpu_to_le16(sizeof(req) - 4), 3632 .len_thresh = cpu_to_le32(val), 3633 .pkt_thresh = cpu_to_le32(0x2), 3634 }; 3635 3636 return mt76_mcu_send_msg(&phy->dev->mt76, MCU_WM_UNI_CMD(BAND_CONFIG), 3637 &req, sizeof(req), true); 3638} 3639 3640int mt7996_mcu_set_radio_en(struct mt7996_phy *phy, bool enable) 3641{ 3642 struct { 3643 u8 band_idx; 3644 u8 _rsv[3]; 3645 3646 __le16 tag; 3647 __le16 len; 3648 u8 enable; 3649 u8 _rsv2[3]; 3650 } __packed req = { 3651 .band_idx = phy->mt76->band_idx, 3652 .tag = cpu_to_le16(UNI_BAND_CONFIG_RADIO_ENABLE), 3653 .len = cpu_to_le16(sizeof(req) - 4), 3654 .enable = enable, 3655 }; 3656 3657 return mt76_mcu_send_msg(&phy->dev->mt76, MCU_WM_UNI_CMD(BAND_CONFIG), 3658 &req, sizeof(req), true); 3659} 3660 3661int mt7996_mcu_rdd_cmd(struct mt7996_dev *dev, int cmd, u8 index, 3662 u8 rx_sel, u8 val) 3663{ 3664 struct { 3665 u8 _rsv[4]; 3666 3667 __le16 tag; 3668 __le16 len; 3669 3670 u8 ctrl; 3671 u8 rdd_idx; 3672 u8 rdd_rx_sel; 3673 u8 val; 3674 u8 rsv[4]; 3675 } __packed req = { 3676 .tag = cpu_to_le16(UNI_RDD_CTRL_PARM), 3677 .len = cpu_to_le16(sizeof(req) - 4), 3678 .ctrl = cmd, 3679 .rdd_idx = index, 3680 .rdd_rx_sel = rx_sel, 3681 .val = val, 3682 }; 3683 3684 return mt76_mcu_send_msg(&dev->mt76, MCU_WM_UNI_CMD(RDD_CTRL), 3685 &req, sizeof(req), true); 3686} 3687 3688int mt7996_mcu_wtbl_update_hdr_trans(struct mt7996_dev *dev, 3689 struct ieee80211_vif *vif, 3690 struct ieee80211_sta *sta) 3691{ 3692 struct mt7996_vif *mvif = (struct mt7996_vif *)vif->drv_priv; 3693 struct mt7996_sta *msta; 3694 struct sk_buff *skb; 3695 3696 msta = sta ? (struct mt7996_sta *)sta->drv_priv : &mvif->sta; 3697 3698 skb = __mt76_connac_mcu_alloc_sta_req(&dev->mt76, &mvif->mt76, 3699 &msta->wcid, 3700 MT7996_STA_UPDATE_MAX_SIZE); 3701 if (IS_ERR(skb)) 3702 return PTR_ERR(skb); 3703 3704 /* starec hdr trans */ 3705 mt7996_mcu_sta_hdr_trans_tlv(dev, skb, vif, sta); 3706 return mt76_mcu_skb_send_msg(&dev->mt76, skb, 3707 MCU_WMWA_UNI_CMD(STA_REC_UPDATE), true); 3708} 3709 3710int mt7996_mcu_rf_regval(struct mt7996_dev *dev, u32 regidx, u32 *val, bool set) 3711{ 3712 struct { 3713 u8 __rsv1[4]; 3714 3715 __le16 tag; 3716 __le16 len; 3717 __le16 idx; 3718 u8 __rsv2[2]; 3719 __le32 ofs; 3720 __le32 data; 3721 } __packed *res, req = { 3722 .tag = cpu_to_le16(UNI_CMD_ACCESS_RF_REG_BASIC), 3723 .len = cpu_to_le16(sizeof(req) - 4), 3724 3725 .idx = cpu_to_le16(u32_get_bits(regidx, GENMASK(31, 24))), 3726 .ofs = cpu_to_le32(u32_get_bits(regidx, GENMASK(23, 0))), 3727 .data = set ? cpu_to_le32(*val) : 0, 3728 }; 3729 struct sk_buff *skb; 3730 int ret; 3731 3732 if (set) 3733 return mt76_mcu_send_msg(&dev->mt76, MCU_WM_UNI_CMD(REG_ACCESS), 3734 &req, sizeof(req), true); 3735 3736 ret = mt76_mcu_send_and_get_msg(&dev->mt76, 3737 MCU_WM_UNI_CMD_QUERY(REG_ACCESS), 3738 &req, sizeof(req), true, &skb); 3739 if (ret) 3740 return ret; 3741 3742 res = (void *)skb->data; 3743 *val = le32_to_cpu(res->data); 3744 dev_kfree_skb(skb); 3745 3746 return 0; 3747} 3748 3749int mt7996_mcu_trigger_assert(struct mt7996_dev *dev) 3750{ 3751 struct { 3752 __le16 tag; 3753 __le16 len; 3754 u8 enable; 3755 u8 rsv[3]; 3756 } __packed req = { 3757 .len = cpu_to_le16(sizeof(req) - 4), 3758 .enable = true, 3759 }; 3760 3761 return mt76_mcu_send_msg(&dev->mt76, MCU_WM_UNI_CMD(ASSERT_DUMP), 3762 &req, sizeof(req), false); 3763} 3764 3765int mt7996_mcu_set_rro(struct mt7996_dev *dev, u16 tag, u8 val) 3766{ 3767 struct { 3768 u8 __rsv1[4]; 3769 3770 __le16 tag; 3771 __le16 len; 3772 3773 union { 3774 struct { 3775 u8 type; 3776 u8 __rsv2[3]; 3777 } __packed platform_type; 3778 struct { 3779 u8 type; 3780 u8 dest; 3781 u8 __rsv2[2]; 3782 } __packed bypass_mode; 3783 struct { 3784 u8 path; 3785 u8 __rsv2[3]; 3786 } __packed txfree_path; 3787 }; 3788 } __packed req = { 3789 .tag = cpu_to_le16(tag), 3790 .len = cpu_to_le16(sizeof(req) - 4), 3791 }; 3792 3793 switch (tag) { 3794 case UNI_RRO_SET_PLATFORM_TYPE: 3795 req.platform_type.type = val; 3796 break; 3797 case UNI_RRO_SET_BYPASS_MODE: 3798 req.bypass_mode.type = val; 3799 break; 3800 case UNI_RRO_SET_TXFREE_PATH: 3801 req.txfree_path.path = val; 3802 break; 3803 default: 3804 return -EINVAL; 3805 } 3806 3807 return mt76_mcu_send_msg(&dev->mt76, MCU_WM_UNI_CMD(RRO), &req, 3808 sizeof(req), true); 3809} 3810