1// SPDX-License-Identifier: ISC 2/* 3 * Copyright (C) 2022 MediaTek Inc. 4 */ 5 6#include <linux/etherdevice.h> 7#include <linux/timekeeping.h> 8#include "coredump.h" 9#include "mt7996.h" 10#include "../dma.h" 11#include "mac.h" 12#include "mcu.h" 13 14#define to_rssi(field, rcpi) ((FIELD_GET(field, rcpi) - 220) / 2) 15 16static const struct mt7996_dfs_radar_spec etsi_radar_specs = { 17 .pulse_th = { 110, -10, -80, 40, 5200, 128, 5200 }, 18 .radar_pattern = { 19 [5] = { 1, 0, 6, 32, 28, 0, 990, 5010, 17, 1, 1 }, 20 [6] = { 1, 0, 9, 32, 28, 0, 615, 5010, 27, 1, 1 }, 21 [7] = { 1, 0, 15, 32, 28, 0, 240, 445, 27, 1, 1 }, 22 [8] = { 1, 0, 12, 32, 28, 0, 240, 510, 42, 1, 1 }, 23 [9] = { 1, 1, 0, 0, 0, 0, 2490, 3343, 14, 0, 0, 12, 32, 28, { }, 126 }, 24 [10] = { 1, 1, 0, 0, 0, 0, 2490, 3343, 14, 0, 0, 15, 32, 24, { }, 126 }, 25 [11] = { 1, 1, 0, 0, 0, 0, 823, 2510, 14, 0, 0, 18, 32, 28, { }, 54 }, 26 [12] = { 1, 1, 0, 0, 0, 0, 823, 2510, 14, 0, 0, 27, 32, 24, { }, 54 }, 27 }, 28}; 29 30static const struct mt7996_dfs_radar_spec fcc_radar_specs = { 31 .pulse_th = { 110, -10, -80, 40, 5200, 128, 5200 }, 32 .radar_pattern = { 33 [0] = { 1, 0, 8, 32, 28, 0, 508, 3076, 13, 1, 1 }, 34 [1] = { 1, 0, 12, 32, 28, 0, 140, 240, 17, 1, 1 }, 35 [2] = { 1, 0, 8, 32, 28, 0, 190, 510, 22, 1, 1 }, 36 [3] = { 1, 0, 6, 32, 28, 0, 190, 510, 32, 1, 1 }, 37 [4] = { 1, 0, 9, 255, 28, 0, 323, 343, 13, 1, 32 }, 38 }, 39}; 40 41static const struct mt7996_dfs_radar_spec jp_radar_specs = { 42 .pulse_th = { 110, -10, -80, 40, 5200, 128, 5200 }, 43 .radar_pattern = { 44 [0] = { 1, 0, 8, 32, 28, 0, 508, 3076, 13, 1, 1 }, 45 [1] = { 1, 0, 12, 32, 28, 0, 140, 240, 17, 1, 1 }, 46 [2] = { 1, 0, 8, 32, 28, 0, 190, 510, 22, 1, 1 }, 47 [3] = { 1, 0, 6, 32, 28, 0, 190, 510, 32, 1, 1 }, 48 [4] = { 1, 0, 9, 255, 28, 0, 323, 343, 13, 1, 32 }, 49 [13] = { 1, 0, 7, 32, 28, 0, 3836, 3856, 14, 1, 1 }, 50 [14] = { 1, 0, 6, 32, 28, 0, 615, 5010, 110, 1, 1 }, 51 [15] = { 1, 1, 0, 0, 0, 0, 15, 5010, 110, 0, 0, 12, 32, 28 }, 52 }, 53}; 54 55static struct mt76_wcid *mt7996_rx_get_wcid(struct mt7996_dev *dev, 56 u16 idx, bool unicast) 57{ 58 struct mt7996_sta *sta; 59 struct mt76_wcid *wcid; 60 61 if (idx >= ARRAY_SIZE(dev->mt76.wcid)) 62 return NULL; 63 64 wcid = rcu_dereference(dev->mt76.wcid[idx]); 65 if (unicast || !wcid) 66 return wcid; 67 68 if (!wcid->sta) 69 return NULL; 70 71 sta = container_of(wcid, struct mt7996_sta, wcid); 72 if (!sta->vif) 73 return NULL; 74 75 return &sta->vif->sta.wcid; 76} 77 78bool mt7996_mac_wtbl_update(struct mt7996_dev *dev, int idx, u32 mask) 79{ 80 mt76_rmw(dev, MT_WTBL_UPDATE, MT_WTBL_UPDATE_WLAN_IDX, 81 FIELD_PREP(MT_WTBL_UPDATE_WLAN_IDX, idx) | mask); 82 83 return mt76_poll(dev, MT_WTBL_UPDATE, MT_WTBL_UPDATE_BUSY, 84 0, 5000); 85} 86 87u32 mt7996_mac_wtbl_lmac_addr(struct mt7996_dev *dev, u16 wcid, u8 dw) 88{ 89 mt76_wr(dev, MT_WTBLON_TOP_WDUCR, 90 FIELD_PREP(MT_WTBLON_TOP_WDUCR_GROUP, (wcid >> 7))); 91 92 return MT_WTBL_LMAC_OFFS(wcid, dw); 93} 94 95static void mt7996_mac_sta_poll(struct mt7996_dev *dev) 96{ 97 static const u8 ac_to_tid[] = { 98 [IEEE80211_AC_BE] = 0, 99 [IEEE80211_AC_BK] = 1, 100 [IEEE80211_AC_VI] = 4, 101 [IEEE80211_AC_VO] = 6 102 }; 103 struct ieee80211_sta *sta; 104 struct mt7996_sta *msta; 105 u32 tx_time[IEEE80211_NUM_ACS], rx_time[IEEE80211_NUM_ACS]; 106 LIST_HEAD(sta_poll_list); 107 int i; 108 109 spin_lock_bh(&dev->mt76.sta_poll_lock); 110 list_splice_init(&dev->mt76.sta_poll_list, &sta_poll_list); 111 spin_unlock_bh(&dev->mt76.sta_poll_lock); 112 113 rcu_read_lock(); 114 115 while (true) { 116 bool clear = false; 117 u32 addr, val; 118 u16 idx; 119 s8 rssi[4]; 120 121 spin_lock_bh(&dev->mt76.sta_poll_lock); 122 if (list_empty(&sta_poll_list)) { 123 spin_unlock_bh(&dev->mt76.sta_poll_lock); 124 break; 125 } 126 msta = list_first_entry(&sta_poll_list, 127 struct mt7996_sta, wcid.poll_list); 128 list_del_init(&msta->wcid.poll_list); 129 spin_unlock_bh(&dev->mt76.sta_poll_lock); 130 131 idx = msta->wcid.idx; 132 133 /* refresh peer's airtime reporting */ 134 addr = mt7996_mac_wtbl_lmac_addr(dev, idx, 20); 135 136 for (i = 0; i < IEEE80211_NUM_ACS; i++) { 137 u32 tx_last = msta->airtime_ac[i]; 138 u32 rx_last = msta->airtime_ac[i + 4]; 139 140 msta->airtime_ac[i] = mt76_rr(dev, addr); 141 msta->airtime_ac[i + 4] = mt76_rr(dev, addr + 4); 142 143 tx_time[i] = msta->airtime_ac[i] - tx_last; 144 rx_time[i] = msta->airtime_ac[i + 4] - rx_last; 145 146 if ((tx_last | rx_last) & BIT(30)) 147 clear = true; 148 149 addr += 8; 150 } 151 152 if (clear) { 153 mt7996_mac_wtbl_update(dev, idx, 154 MT_WTBL_UPDATE_ADM_COUNT_CLEAR); 155 memset(msta->airtime_ac, 0, sizeof(msta->airtime_ac)); 156 } 157 158 if (!msta->wcid.sta) 159 continue; 160 161 sta = container_of((void *)msta, struct ieee80211_sta, 162 drv_priv); 163 for (i = 0; i < IEEE80211_NUM_ACS; i++) { 164 u8 q = mt76_connac_lmac_mapping(i); 165 u32 tx_cur = tx_time[q]; 166 u32 rx_cur = rx_time[q]; 167 u8 tid = ac_to_tid[i]; 168 169 if (!tx_cur && !rx_cur) 170 continue; 171 172 ieee80211_sta_register_airtime(sta, tid, tx_cur, rx_cur); 173 } 174 175 /* get signal strength of resp frames (CTS/BA/ACK) */ 176 addr = mt7996_mac_wtbl_lmac_addr(dev, idx, 34); 177 val = mt76_rr(dev, addr); 178 179 rssi[0] = to_rssi(GENMASK(7, 0), val); 180 rssi[1] = to_rssi(GENMASK(15, 8), val); 181 rssi[2] = to_rssi(GENMASK(23, 16), val); 182 rssi[3] = to_rssi(GENMASK(31, 14), val); 183 184 msta->ack_signal = 185 mt76_rx_signal(msta->vif->phy->mt76->antenna_mask, rssi); 186 187 ewma_avg_signal_add(&msta->avg_ack_signal, -msta->ack_signal); 188 } 189 190 rcu_read_unlock(); 191} 192 193void mt7996_mac_enable_rtscts(struct mt7996_dev *dev, 194 struct ieee80211_vif *vif, bool enable) 195{ 196 struct mt7996_vif *mvif = (struct mt7996_vif *)vif->drv_priv; 197 u32 addr; 198 199 addr = mt7996_mac_wtbl_lmac_addr(dev, mvif->sta.wcid.idx, 5); 200 if (enable) 201 mt76_set(dev, addr, BIT(5)); 202 else 203 mt76_clear(dev, addr, BIT(5)); 204} 205 206/* The HW does not translate the mac header to 802.3 for mesh point */ 207static int mt7996_reverse_frag0_hdr_trans(struct sk_buff *skb, u16 hdr_gap) 208{ 209 struct mt76_rx_status *status = (struct mt76_rx_status *)skb->cb; 210 struct ethhdr *eth_hdr = (struct ethhdr *)(skb->data + hdr_gap); 211 struct mt7996_sta *msta = (struct mt7996_sta *)status->wcid; 212 __le32 *rxd = (__le32 *)skb->data; 213 struct ieee80211_sta *sta; 214 struct ieee80211_vif *vif; 215 struct ieee80211_hdr hdr; 216 u16 frame_control; 217 218 if (le32_get_bits(rxd[3], MT_RXD3_NORMAL_ADDR_TYPE) != 219 MT_RXD3_NORMAL_U2M) 220 return -EINVAL; 221 222 if (!(le32_to_cpu(rxd[1]) & MT_RXD1_NORMAL_GROUP_4)) 223 return -EINVAL; 224 225 if (!msta || !msta->vif) 226 return -EINVAL; 227 228 sta = container_of((void *)msta, struct ieee80211_sta, drv_priv); 229 vif = container_of((void *)msta->vif, struct ieee80211_vif, drv_priv); 230 231 /* store the info from RXD and ethhdr to avoid being overridden */ 232 frame_control = le32_get_bits(rxd[8], MT_RXD8_FRAME_CONTROL); 233 hdr.frame_control = cpu_to_le16(frame_control); 234 hdr.seq_ctrl = cpu_to_le16(le32_get_bits(rxd[10], MT_RXD10_SEQ_CTRL)); 235 hdr.duration_id = 0; 236 237 ether_addr_copy(hdr.addr1, vif->addr); 238 ether_addr_copy(hdr.addr2, sta->addr); 239 switch (frame_control & (IEEE80211_FCTL_TODS | 240 IEEE80211_FCTL_FROMDS)) { 241 case 0: 242 ether_addr_copy(hdr.addr3, vif->bss_conf.bssid); 243 break; 244 case IEEE80211_FCTL_FROMDS: 245 ether_addr_copy(hdr.addr3, eth_hdr->h_source); 246 break; 247 case IEEE80211_FCTL_TODS: 248 ether_addr_copy(hdr.addr3, eth_hdr->h_dest); 249 break; 250 case IEEE80211_FCTL_TODS | IEEE80211_FCTL_FROMDS: 251 ether_addr_copy(hdr.addr3, eth_hdr->h_dest); 252 ether_addr_copy(hdr.addr4, eth_hdr->h_source); 253 break; 254 default: 255 return -EINVAL; 256 } 257 258 skb_pull(skb, hdr_gap + sizeof(struct ethhdr) - 2); 259 if (eth_hdr->h_proto == cpu_to_be16(ETH_P_AARP) || 260 eth_hdr->h_proto == cpu_to_be16(ETH_P_IPX)) 261 ether_addr_copy(skb_push(skb, ETH_ALEN), bridge_tunnel_header); 262 else if (be16_to_cpu(eth_hdr->h_proto) >= ETH_P_802_3_MIN) 263 ether_addr_copy(skb_push(skb, ETH_ALEN), rfc1042_header); 264 else 265 skb_pull(skb, 2); 266 267 if (ieee80211_has_order(hdr.frame_control)) 268 memcpy(skb_push(skb, IEEE80211_HT_CTL_LEN), &rxd[11], 269 IEEE80211_HT_CTL_LEN); 270 if (ieee80211_is_data_qos(hdr.frame_control)) { 271 __le16 qos_ctrl; 272 273 qos_ctrl = cpu_to_le16(le32_get_bits(rxd[10], MT_RXD10_QOS_CTL)); 274 memcpy(skb_push(skb, IEEE80211_QOS_CTL_LEN), &qos_ctrl, 275 IEEE80211_QOS_CTL_LEN); 276 } 277 278 if (ieee80211_has_a4(hdr.frame_control)) 279 memcpy(skb_push(skb, sizeof(hdr)), &hdr, sizeof(hdr)); 280 else 281 memcpy(skb_push(skb, sizeof(hdr) - 6), &hdr, sizeof(hdr) - 6); 282 283 return 0; 284} 285 286static int 287mt7996_mac_fill_rx_rate(struct mt7996_dev *dev, 288 struct mt76_rx_status *status, 289 struct ieee80211_supported_band *sband, 290 __le32 *rxv, u8 *mode) 291{ 292 u32 v0, v2; 293 u8 stbc, gi, bw, dcm, nss; 294 int i, idx; 295 bool cck = false; 296 297 v0 = le32_to_cpu(rxv[0]); 298 v2 = le32_to_cpu(rxv[2]); 299 300 idx = FIELD_GET(MT_PRXV_TX_RATE, v0); 301 i = idx; 302 nss = FIELD_GET(MT_PRXV_NSTS, v0) + 1; 303 304 stbc = FIELD_GET(MT_PRXV_HT_STBC, v2); 305 gi = FIELD_GET(MT_PRXV_HT_SHORT_GI, v2); 306 *mode = FIELD_GET(MT_PRXV_TX_MODE, v2); 307 dcm = FIELD_GET(MT_PRXV_DCM, v2); 308 bw = FIELD_GET(MT_PRXV_FRAME_MODE, v2); 309 310 switch (*mode) { 311 case MT_PHY_TYPE_CCK: 312 cck = true; 313 fallthrough; 314 case MT_PHY_TYPE_OFDM: 315 i = mt76_get_rate(&dev->mt76, sband, i, cck); 316 break; 317 case MT_PHY_TYPE_HT_GF: 318 case MT_PHY_TYPE_HT: 319 status->encoding = RX_ENC_HT; 320 if (gi) 321 status->enc_flags |= RX_ENC_FLAG_SHORT_GI; 322 if (i > 31) 323 return -EINVAL; 324 break; 325 case MT_PHY_TYPE_VHT: 326 status->nss = nss; 327 status->encoding = RX_ENC_VHT; 328 if (gi) 329 status->enc_flags |= RX_ENC_FLAG_SHORT_GI; 330 if (i > 11) 331 return -EINVAL; 332 break; 333 case MT_PHY_TYPE_HE_MU: 334 case MT_PHY_TYPE_HE_SU: 335 case MT_PHY_TYPE_HE_EXT_SU: 336 case MT_PHY_TYPE_HE_TB: 337 status->nss = nss; 338 status->encoding = RX_ENC_HE; 339 i &= GENMASK(3, 0); 340 341 if (gi <= NL80211_RATE_INFO_HE_GI_3_2) 342 status->he_gi = gi; 343 344 status->he_dcm = dcm; 345 break; 346 case MT_PHY_TYPE_EHT_SU: 347 case MT_PHY_TYPE_EHT_TRIG: 348 case MT_PHY_TYPE_EHT_MU: 349 status->nss = nss; 350 status->encoding = RX_ENC_EHT; 351 i &= GENMASK(3, 0); 352 353 if (gi <= NL80211_RATE_INFO_EHT_GI_3_2) 354 status->eht.gi = gi; 355 break; 356 default: 357 return -EINVAL; 358 } 359 status->rate_idx = i; 360 361 switch (bw) { 362 case IEEE80211_STA_RX_BW_20: 363 break; 364 case IEEE80211_STA_RX_BW_40: 365 if (*mode & MT_PHY_TYPE_HE_EXT_SU && 366 (idx & MT_PRXV_TX_ER_SU_106T)) { 367 status->bw = RATE_INFO_BW_HE_RU; 368 status->he_ru = 369 NL80211_RATE_INFO_HE_RU_ALLOC_106; 370 } else { 371 status->bw = RATE_INFO_BW_40; 372 } 373 break; 374 case IEEE80211_STA_RX_BW_80: 375 status->bw = RATE_INFO_BW_80; 376 break; 377 case IEEE80211_STA_RX_BW_160: 378 status->bw = RATE_INFO_BW_160; 379 break; 380 /* rxv reports bw 320-1 and 320-2 separately */ 381 case IEEE80211_STA_RX_BW_320: 382 case IEEE80211_STA_RX_BW_320 + 1: 383 status->bw = RATE_INFO_BW_320; 384 break; 385 default: 386 return -EINVAL; 387 } 388 389 status->enc_flags |= RX_ENC_FLAG_STBC_MASK * stbc; 390 if (*mode < MT_PHY_TYPE_HE_SU && gi) 391 status->enc_flags |= RX_ENC_FLAG_SHORT_GI; 392 393 return 0; 394} 395 396static void 397mt7996_wed_check_ppe(struct mt7996_dev *dev, struct mt76_queue *q, 398 struct mt7996_sta *msta, struct sk_buff *skb, 399 u32 info) 400{ 401 struct ieee80211_vif *vif; 402 struct wireless_dev *wdev; 403 404 if (!msta || !msta->vif) 405 return; 406 407 if (!mt76_queue_is_wed_rx(q)) 408 return; 409 410 if (!(info & MT_DMA_INFO_PPE_VLD)) 411 return; 412 413 vif = container_of((void *)msta->vif, struct ieee80211_vif, 414 drv_priv); 415 wdev = ieee80211_vif_to_wdev(vif); 416 skb->dev = wdev->netdev; 417 418 mtk_wed_device_ppe_check(&dev->mt76.mmio.wed, skb, 419 FIELD_GET(MT_DMA_PPE_CPU_REASON, info), 420 FIELD_GET(MT_DMA_PPE_ENTRY, info)); 421} 422 423static int 424mt7996_mac_fill_rx(struct mt7996_dev *dev, enum mt76_rxq_id q, 425 struct sk_buff *skb, u32 *info) 426{ 427 struct mt76_rx_status *status = (struct mt76_rx_status *)skb->cb; 428 struct mt76_phy *mphy = &dev->mt76.phy; 429 struct mt7996_phy *phy = &dev->phy; 430 struct ieee80211_supported_band *sband; 431 __le32 *rxd = (__le32 *)skb->data; 432 __le32 *rxv = NULL; 433 u32 rxd0 = le32_to_cpu(rxd[0]); 434 u32 rxd1 = le32_to_cpu(rxd[1]); 435 u32 rxd2 = le32_to_cpu(rxd[2]); 436 u32 rxd3 = le32_to_cpu(rxd[3]); 437 u32 rxd4 = le32_to_cpu(rxd[4]); 438 u32 csum_mask = MT_RXD0_NORMAL_IP_SUM | MT_RXD0_NORMAL_UDP_TCP_SUM; 439 u32 csum_status = *(u32 *)skb->cb; 440 u32 mesh_mask = MT_RXD0_MESH | MT_RXD0_MHCP; 441 bool is_mesh = (rxd0 & mesh_mask) == mesh_mask; 442 bool unicast, insert_ccmp_hdr = false; 443 u8 remove_pad, amsdu_info, band_idx; 444 u8 mode = 0, qos_ctl = 0; 445 bool hdr_trans; 446 u16 hdr_gap; 447 u16 seq_ctrl = 0; 448 __le16 fc = 0; 449 int idx; 450 u8 hw_aggr = false; 451 struct mt7996_sta *msta = NULL; 452 453 hw_aggr = status->aggr; 454 memset(status, 0, sizeof(*status)); 455 456 band_idx = FIELD_GET(MT_RXD1_NORMAL_BAND_IDX, rxd1); 457 mphy = dev->mt76.phys[band_idx]; 458 phy = mphy->priv; 459 status->phy_idx = mphy->band_idx; 460 461 if (!test_bit(MT76_STATE_RUNNING, &mphy->state)) 462 return -EINVAL; 463 464 if (rxd2 & MT_RXD2_NORMAL_AMSDU_ERR) 465 return -EINVAL; 466 467 hdr_trans = rxd2 & MT_RXD2_NORMAL_HDR_TRANS; 468 if (hdr_trans && (rxd1 & MT_RXD1_NORMAL_CM)) 469 return -EINVAL; 470 471 /* ICV error or CCMP/BIP/WPI MIC error */ 472 if (rxd1 & MT_RXD1_NORMAL_ICV_ERR) 473 status->flag |= RX_FLAG_ONLY_MONITOR; 474 475 unicast = FIELD_GET(MT_RXD3_NORMAL_ADDR_TYPE, rxd3) == MT_RXD3_NORMAL_U2M; 476 idx = FIELD_GET(MT_RXD1_NORMAL_WLAN_IDX, rxd1); 477 status->wcid = mt7996_rx_get_wcid(dev, idx, unicast); 478 479 if (status->wcid) { 480 msta = container_of(status->wcid, struct mt7996_sta, wcid); 481 spin_lock_bh(&dev->mt76.sta_poll_lock); 482 if (list_empty(&msta->wcid.poll_list)) 483 list_add_tail(&msta->wcid.poll_list, 484 &dev->mt76.sta_poll_list); 485 spin_unlock_bh(&dev->mt76.sta_poll_lock); 486 } 487 488 status->freq = mphy->chandef.chan->center_freq; 489 status->band = mphy->chandef.chan->band; 490 if (status->band == NL80211_BAND_5GHZ) 491 sband = &mphy->sband_5g.sband; 492 else if (status->band == NL80211_BAND_6GHZ) 493 sband = &mphy->sband_6g.sband; 494 else 495 sband = &mphy->sband_2g.sband; 496 497 if (!sband->channels) 498 return -EINVAL; 499 500 if ((rxd0 & csum_mask) == csum_mask && 501 !(csum_status & (BIT(0) | BIT(2) | BIT(3)))) 502 skb->ip_summed = CHECKSUM_UNNECESSARY; 503 504 if (rxd1 & MT_RXD3_NORMAL_FCS_ERR) 505 status->flag |= RX_FLAG_FAILED_FCS_CRC; 506 507 if (rxd1 & MT_RXD1_NORMAL_TKIP_MIC_ERR) 508 status->flag |= RX_FLAG_MMIC_ERROR; 509 510 if (FIELD_GET(MT_RXD2_NORMAL_SEC_MODE, rxd2) != 0 && 511 !(rxd1 & (MT_RXD1_NORMAL_CLM | MT_RXD1_NORMAL_CM))) { 512 status->flag |= RX_FLAG_DECRYPTED; 513 status->flag |= RX_FLAG_IV_STRIPPED; 514 status->flag |= RX_FLAG_MMIC_STRIPPED | RX_FLAG_MIC_STRIPPED; 515 } 516 517 remove_pad = FIELD_GET(MT_RXD2_NORMAL_HDR_OFFSET, rxd2); 518 519 if (rxd2 & MT_RXD2_NORMAL_MAX_LEN_ERROR) 520 return -EINVAL; 521 522 rxd += 8; 523 if (rxd1 & MT_RXD1_NORMAL_GROUP_4) { 524 u32 v0 = le32_to_cpu(rxd[0]); 525 u32 v2 = le32_to_cpu(rxd[2]); 526 527 fc = cpu_to_le16(FIELD_GET(MT_RXD8_FRAME_CONTROL, v0)); 528 qos_ctl = FIELD_GET(MT_RXD10_QOS_CTL, v2); 529 seq_ctrl = FIELD_GET(MT_RXD10_SEQ_CTRL, v2); 530 531 rxd += 4; 532 if ((u8 *)rxd - skb->data >= skb->len) 533 return -EINVAL; 534 } 535 536 if (rxd1 & MT_RXD1_NORMAL_GROUP_1) { 537 u8 *data = (u8 *)rxd; 538 539 if (status->flag & RX_FLAG_DECRYPTED) { 540 switch (FIELD_GET(MT_RXD2_NORMAL_SEC_MODE, rxd2)) { 541 case MT_CIPHER_AES_CCMP: 542 case MT_CIPHER_CCMP_CCX: 543 case MT_CIPHER_CCMP_256: 544 insert_ccmp_hdr = 545 FIELD_GET(MT_RXD2_NORMAL_FRAG, rxd2); 546 fallthrough; 547 case MT_CIPHER_TKIP: 548 case MT_CIPHER_TKIP_NO_MIC: 549 case MT_CIPHER_GCMP: 550 case MT_CIPHER_GCMP_256: 551 status->iv[0] = data[5]; 552 status->iv[1] = data[4]; 553 status->iv[2] = data[3]; 554 status->iv[3] = data[2]; 555 status->iv[4] = data[1]; 556 status->iv[5] = data[0]; 557 break; 558 default: 559 break; 560 } 561 } 562 rxd += 4; 563 if ((u8 *)rxd - skb->data >= skb->len) 564 return -EINVAL; 565 } 566 567 if (rxd1 & MT_RXD1_NORMAL_GROUP_2) { 568 status->timestamp = le32_to_cpu(rxd[0]); 569 status->flag |= RX_FLAG_MACTIME_START; 570 571 if (!(rxd2 & MT_RXD2_NORMAL_NON_AMPDU)) { 572 status->flag |= RX_FLAG_AMPDU_DETAILS; 573 574 /* all subframes of an A-MPDU have the same timestamp */ 575 if (phy->rx_ampdu_ts != status->timestamp) { 576 if (!++phy->ampdu_ref) 577 phy->ampdu_ref++; 578 } 579 phy->rx_ampdu_ts = status->timestamp; 580 581 status->ampdu_ref = phy->ampdu_ref; 582 } 583 584 rxd += 4; 585 if ((u8 *)rxd - skb->data >= skb->len) 586 return -EINVAL; 587 } 588 589 /* RXD Group 3 - P-RXV */ 590 if (rxd1 & MT_RXD1_NORMAL_GROUP_3) { 591 u32 v3; 592 int ret; 593 594 rxv = rxd; 595 rxd += 4; 596 if ((u8 *)rxd - skb->data >= skb->len) 597 return -EINVAL; 598 599 v3 = le32_to_cpu(rxv[3]); 600 601 status->chains = mphy->antenna_mask; 602 status->chain_signal[0] = to_rssi(MT_PRXV_RCPI0, v3); 603 status->chain_signal[1] = to_rssi(MT_PRXV_RCPI1, v3); 604 status->chain_signal[2] = to_rssi(MT_PRXV_RCPI2, v3); 605 status->chain_signal[3] = to_rssi(MT_PRXV_RCPI3, v3); 606 607 /* RXD Group 5 - C-RXV */ 608 if (rxd1 & MT_RXD1_NORMAL_GROUP_5) { 609 rxd += 24; 610 if ((u8 *)rxd - skb->data >= skb->len) 611 return -EINVAL; 612 } 613 614 ret = mt7996_mac_fill_rx_rate(dev, status, sband, rxv, &mode); 615 if (ret < 0) 616 return ret; 617 } 618 619 amsdu_info = FIELD_GET(MT_RXD4_NORMAL_PAYLOAD_FORMAT, rxd4); 620 status->amsdu = !!amsdu_info; 621 if (status->amsdu) { 622 status->first_amsdu = amsdu_info == MT_RXD4_FIRST_AMSDU_FRAME; 623 status->last_amsdu = amsdu_info == MT_RXD4_LAST_AMSDU_FRAME; 624 } 625 626 hdr_gap = (u8 *)rxd - skb->data + 2 * remove_pad; 627 if (hdr_trans && ieee80211_has_morefrags(fc)) { 628 if (mt7996_reverse_frag0_hdr_trans(skb, hdr_gap)) 629 return -EINVAL; 630 hdr_trans = false; 631 } else { 632 int pad_start = 0; 633 634 skb_pull(skb, hdr_gap); 635 if (!hdr_trans && status->amsdu && !(ieee80211_has_a4(fc) && is_mesh)) { 636 pad_start = ieee80211_get_hdrlen_from_skb(skb); 637 } else if (hdr_trans && (rxd2 & MT_RXD2_NORMAL_HDR_TRANS_ERROR)) { 638 /* When header translation failure is indicated, 639 * the hardware will insert an extra 2-byte field 640 * containing the data length after the protocol 641 * type field. This happens either when the LLC-SNAP 642 * pattern did not match, or if a VLAN header was 643 * detected. 644 */ 645 pad_start = 12; 646 if (get_unaligned_be16(skb->data + pad_start) == ETH_P_8021Q) 647 pad_start += 4; 648 else 649 pad_start = 0; 650 } 651 652 if (pad_start) { 653 memmove(skb->data + 2, skb->data, pad_start); 654 skb_pull(skb, 2); 655 } 656 } 657 658 if (!hdr_trans) { 659 struct ieee80211_hdr *hdr; 660 661 if (insert_ccmp_hdr) { 662 u8 key_id = FIELD_GET(MT_RXD1_NORMAL_KEY_ID, rxd1); 663 664 mt76_insert_ccmp_hdr(skb, key_id); 665 } 666 667 hdr = mt76_skb_get_hdr(skb); 668 fc = hdr->frame_control; 669 if (ieee80211_is_data_qos(fc)) { 670 u8 *qos = ieee80211_get_qos_ctl(hdr); 671 672 seq_ctrl = le16_to_cpu(hdr->seq_ctrl); 673 qos_ctl = *qos; 674 675 /* Mesh DA/SA/Length will be stripped after hardware 676 * de-amsdu, so here needs to clear amsdu present bit 677 * to mark it as a normal mesh frame. 678 */ 679 if (ieee80211_has_a4(fc) && is_mesh && status->amsdu) 680 *qos &= ~IEEE80211_QOS_CTL_A_MSDU_PRESENT; 681 } 682 } else { 683 status->flag |= RX_FLAG_8023; 684 mt7996_wed_check_ppe(dev, &dev->mt76.q_rx[q], msta, skb, 685 *info); 686 } 687 688 if (rxv && mode >= MT_PHY_TYPE_HE_SU && !(status->flag & RX_FLAG_8023)) 689 mt76_connac3_mac_decode_he_radiotap(skb, rxv, mode); 690 691 if (!status->wcid || !ieee80211_is_data_qos(fc) || hw_aggr) 692 return 0; 693 694 status->aggr = unicast && 695 !ieee80211_is_qos_nullfunc(fc); 696 status->qos_ctl = qos_ctl; 697 status->seqno = IEEE80211_SEQ_TO_SN(seq_ctrl); 698 699 return 0; 700} 701 702static void 703mt7996_mac_write_txwi_8023(struct mt7996_dev *dev, __le32 *txwi, 704 struct sk_buff *skb, struct mt76_wcid *wcid) 705{ 706 u8 tid = skb->priority & IEEE80211_QOS_CTL_TID_MASK; 707 u8 fc_type, fc_stype; 708 u16 ethertype; 709 bool wmm = false; 710 u32 val; 711 712 if (wcid->sta) { 713 struct ieee80211_sta *sta; 714 715 sta = container_of((void *)wcid, struct ieee80211_sta, drv_priv); 716 wmm = sta->wme; 717 } 718 719 val = FIELD_PREP(MT_TXD1_HDR_FORMAT, MT_HDR_FORMAT_802_3) | 720 FIELD_PREP(MT_TXD1_TID, tid); 721 722 ethertype = get_unaligned_be16(&skb->data[12]); 723 if (ethertype >= ETH_P_802_3_MIN) 724 val |= MT_TXD1_ETH_802_3; 725 726 txwi[1] |= cpu_to_le32(val); 727 728 fc_type = IEEE80211_FTYPE_DATA >> 2; 729 fc_stype = wmm ? IEEE80211_STYPE_QOS_DATA >> 4 : 0; 730 731 val = FIELD_PREP(MT_TXD2_FRAME_TYPE, fc_type) | 732 FIELD_PREP(MT_TXD2_SUB_TYPE, fc_stype); 733 734 txwi[2] |= cpu_to_le32(val); 735 736 if (wcid->amsdu) 737 txwi[3] |= cpu_to_le32(MT_TXD3_HW_AMSDU); 738} 739 740static void 741mt7996_mac_write_txwi_80211(struct mt7996_dev *dev, __le32 *txwi, 742 struct sk_buff *skb, struct ieee80211_key_conf *key) 743{ 744 struct ieee80211_hdr *hdr = (struct ieee80211_hdr *)skb->data; 745 struct ieee80211_mgmt *mgmt = (struct ieee80211_mgmt *)skb->data; 746 struct ieee80211_tx_info *info = IEEE80211_SKB_CB(skb); 747 bool multicast = is_multicast_ether_addr(hdr->addr1); 748 u8 tid = skb->priority & IEEE80211_QOS_CTL_TID_MASK; 749 __le16 fc = hdr->frame_control; 750 u8 fc_type, fc_stype; 751 u32 val; 752 753 if (ieee80211_is_action(fc) && 754 mgmt->u.action.category == WLAN_CATEGORY_BACK && 755 mgmt->u.action.u.addba_req.action_code == WLAN_ACTION_ADDBA_REQ) 756 tid = MT_TX_ADDBA; 757 else if (ieee80211_is_mgmt(hdr->frame_control)) 758 tid = MT_TX_NORMAL; 759 760 val = FIELD_PREP(MT_TXD1_HDR_FORMAT, MT_HDR_FORMAT_802_11) | 761 FIELD_PREP(MT_TXD1_HDR_INFO, 762 ieee80211_get_hdrlen_from_skb(skb) / 2) | 763 FIELD_PREP(MT_TXD1_TID, tid); 764 765 if (!ieee80211_is_data(fc) || multicast || 766 info->flags & IEEE80211_TX_CTL_USE_MINRATE) 767 val |= MT_TXD1_FIXED_RATE; 768 769 if (key && multicast && ieee80211_is_robust_mgmt_frame(skb) && 770 key->cipher == WLAN_CIPHER_SUITE_AES_CMAC) { 771 val |= MT_TXD1_BIP; 772 txwi[3] &= ~cpu_to_le32(MT_TXD3_PROTECT_FRAME); 773 } 774 775 txwi[1] |= cpu_to_le32(val); 776 777 fc_type = (le16_to_cpu(fc) & IEEE80211_FCTL_FTYPE) >> 2; 778 fc_stype = (le16_to_cpu(fc) & IEEE80211_FCTL_STYPE) >> 4; 779 780 val = FIELD_PREP(MT_TXD2_FRAME_TYPE, fc_type) | 781 FIELD_PREP(MT_TXD2_SUB_TYPE, fc_stype); 782 783 txwi[2] |= cpu_to_le32(val); 784 785 txwi[3] |= cpu_to_le32(FIELD_PREP(MT_TXD3_BCM, multicast)); 786 if (ieee80211_is_beacon(fc)) { 787 txwi[3] &= ~cpu_to_le32(MT_TXD3_SW_POWER_MGMT); 788 txwi[3] |= cpu_to_le32(MT_TXD3_REM_TX_COUNT); 789 } 790 791 if (info->flags & IEEE80211_TX_CTL_INJECTED) { 792 u16 seqno = le16_to_cpu(hdr->seq_ctrl); 793 794 if (ieee80211_is_back_req(hdr->frame_control)) { 795 struct ieee80211_bar *bar; 796 797 bar = (struct ieee80211_bar *)skb->data; 798 seqno = le16_to_cpu(bar->start_seq_num); 799 } 800 801 val = MT_TXD3_SN_VALID | 802 FIELD_PREP(MT_TXD3_SEQ, IEEE80211_SEQ_TO_SN(seqno)); 803 txwi[3] |= cpu_to_le32(val); 804 txwi[3] &= ~cpu_to_le32(MT_TXD3_HW_AMSDU); 805 } 806} 807 808void mt7996_mac_write_txwi(struct mt7996_dev *dev, __le32 *txwi, 809 struct sk_buff *skb, struct mt76_wcid *wcid, 810 struct ieee80211_key_conf *key, int pid, 811 enum mt76_txq_id qid, u32 changed) 812{ 813 struct ieee80211_tx_info *info = IEEE80211_SKB_CB(skb); 814 struct ieee80211_vif *vif = info->control.vif; 815 u8 band_idx = (info->hw_queue & MT_TX_HW_QUEUE_PHY) >> 2; 816 u8 p_fmt, q_idx, omac_idx = 0, wmm_idx = 0; 817 bool is_8023 = info->flags & IEEE80211_TX_CTL_HW_80211_ENCAP; 818 struct mt76_vif *mvif; 819 u16 tx_count = 15; 820 u32 val; 821 bool inband_disc = !!(changed & (BSS_CHANGED_UNSOL_BCAST_PROBE_RESP | 822 BSS_CHANGED_FILS_DISCOVERY)); 823 bool beacon = !!(changed & (BSS_CHANGED_BEACON | 824 BSS_CHANGED_BEACON_ENABLED)) && (!inband_disc); 825 826 mvif = vif ? (struct mt76_vif *)vif->drv_priv : NULL; 827 if (mvif) { 828 omac_idx = mvif->omac_idx; 829 wmm_idx = mvif->wmm_idx; 830 band_idx = mvif->band_idx; 831 } 832 833 if (inband_disc) { 834 p_fmt = MT_TX_TYPE_FW; 835 q_idx = MT_LMAC_ALTX0; 836 } else if (beacon) { 837 p_fmt = MT_TX_TYPE_FW; 838 q_idx = MT_LMAC_BCN0; 839 } else if (qid >= MT_TXQ_PSD) { 840 p_fmt = MT_TX_TYPE_CT; 841 q_idx = MT_LMAC_ALTX0; 842 } else { 843 p_fmt = MT_TX_TYPE_CT; 844 q_idx = wmm_idx * MT7996_MAX_WMM_SETS + 845 mt76_connac_lmac_mapping(skb_get_queue_mapping(skb)); 846 } 847 848 val = FIELD_PREP(MT_TXD0_TX_BYTES, skb->len + MT_TXD_SIZE) | 849 FIELD_PREP(MT_TXD0_PKT_FMT, p_fmt) | 850 FIELD_PREP(MT_TXD0_Q_IDX, q_idx); 851 txwi[0] = cpu_to_le32(val); 852 853 val = FIELD_PREP(MT_TXD1_WLAN_IDX, wcid->idx) | 854 FIELD_PREP(MT_TXD1_OWN_MAC, omac_idx); 855 856 if (band_idx) 857 val |= FIELD_PREP(MT_TXD1_TGID, band_idx); 858 859 txwi[1] = cpu_to_le32(val); 860 txwi[2] = 0; 861 862 val = MT_TXD3_SW_POWER_MGMT | 863 FIELD_PREP(MT_TXD3_REM_TX_COUNT, tx_count); 864 if (key) 865 val |= MT_TXD3_PROTECT_FRAME; 866 if (info->flags & IEEE80211_TX_CTL_NO_ACK) 867 val |= MT_TXD3_NO_ACK; 868 869 txwi[3] = cpu_to_le32(val); 870 txwi[4] = 0; 871 872 val = FIELD_PREP(MT_TXD5_PID, pid); 873 if (pid >= MT_PACKET_ID_FIRST) 874 val |= MT_TXD5_TX_STATUS_HOST; 875 txwi[5] = cpu_to_le32(val); 876 877 val = MT_TXD6_DIS_MAT | MT_TXD6_DAS; 878 if (is_mt7996(&dev->mt76)) 879 val |= FIELD_PREP(MT_TXD6_MSDU_CNT, 1); 880 else 881 val |= FIELD_PREP(MT_TXD6_MSDU_CNT_V2, 1); 882 txwi[6] = cpu_to_le32(val); 883 txwi[7] = 0; 884 885 if (is_8023) 886 mt7996_mac_write_txwi_8023(dev, txwi, skb, wcid); 887 else 888 mt7996_mac_write_txwi_80211(dev, txwi, skb, key); 889 890 if (txwi[1] & cpu_to_le32(MT_TXD1_FIXED_RATE)) { 891 struct ieee80211_hdr *hdr = (struct ieee80211_hdr *)skb->data; 892 bool mcast = ieee80211_is_data(hdr->frame_control) && 893 is_multicast_ether_addr(hdr->addr1); 894 u8 idx = MT7996_BASIC_RATES_TBL; 895 896 if (mvif) { 897 if (mcast && mvif->mcast_rates_idx) 898 idx = mvif->mcast_rates_idx; 899 else if (beacon && mvif->beacon_rates_idx) 900 idx = mvif->beacon_rates_idx; 901 else 902 idx = mvif->basic_rates_idx; 903 } 904 905 val = FIELD_PREP(MT_TXD6_TX_RATE, idx) | MT_TXD6_FIXED_BW; 906 txwi[6] |= cpu_to_le32(val); 907 txwi[3] |= cpu_to_le32(MT_TXD3_BA_DISABLE); 908 } 909} 910 911int mt7996_tx_prepare_skb(struct mt76_dev *mdev, void *txwi_ptr, 912 enum mt76_txq_id qid, struct mt76_wcid *wcid, 913 struct ieee80211_sta *sta, 914 struct mt76_tx_info *tx_info) 915{ 916 struct ieee80211_hdr *hdr = (struct ieee80211_hdr *)tx_info->skb->data; 917 struct mt7996_dev *dev = container_of(mdev, struct mt7996_dev, mt76); 918 struct ieee80211_tx_info *info = IEEE80211_SKB_CB(tx_info->skb); 919 struct ieee80211_key_conf *key = info->control.hw_key; 920 struct ieee80211_vif *vif = info->control.vif; 921 struct mt76_connac_txp_common *txp; 922 struct mt76_txwi_cache *t; 923 int id, i, pid, nbuf = tx_info->nbuf - 1; 924 bool is_8023 = info->flags & IEEE80211_TX_CTL_HW_80211_ENCAP; 925 u8 *txwi = (u8 *)txwi_ptr; 926 927 if (unlikely(tx_info->skb->len <= ETH_HLEN)) 928 return -EINVAL; 929 930 if (!wcid) 931 wcid = &dev->mt76.global_wcid; 932 933 t = (struct mt76_txwi_cache *)(txwi + mdev->drv->txwi_size); 934 t->skb = tx_info->skb; 935 936 id = mt76_token_consume(mdev, &t); 937 if (id < 0) 938 return id; 939 940 pid = mt76_tx_status_skb_add(mdev, wcid, tx_info->skb); 941 mt7996_mac_write_txwi(dev, txwi_ptr, tx_info->skb, wcid, key, 942 pid, qid, 0); 943 944 txp = (struct mt76_connac_txp_common *)(txwi + MT_TXD_SIZE); 945 for (i = 0; i < nbuf; i++) { 946 u16 len; 947 948 len = FIELD_PREP(MT_TXP_BUF_LEN, tx_info->buf[i + 1].len); 949#ifdef CONFIG_ARCH_DMA_ADDR_T_64BIT 950 len |= FIELD_PREP(MT_TXP_DMA_ADDR_H, 951 tx_info->buf[i + 1].addr >> 32); 952#endif 953 954 txp->fw.buf[i] = cpu_to_le32(tx_info->buf[i + 1].addr); 955 txp->fw.len[i] = cpu_to_le16(len); 956 } 957 txp->fw.nbuf = nbuf; 958 959 txp->fw.flags = 960 cpu_to_le16(MT_CT_INFO_FROM_HOST | MT_CT_INFO_APPLY_TXD); 961 962 if (!key) 963 txp->fw.flags |= cpu_to_le16(MT_CT_INFO_NONE_CIPHER_FRAME); 964 965 if (!is_8023 && ieee80211_is_mgmt(hdr->frame_control)) 966 txp->fw.flags |= cpu_to_le16(MT_CT_INFO_MGMT_FRAME); 967 968 if (vif) { 969 struct mt7996_vif *mvif = (struct mt7996_vif *)vif->drv_priv; 970 971 txp->fw.bss_idx = mvif->mt76.idx; 972 } 973 974 txp->fw.token = cpu_to_le16(id); 975 txp->fw.rept_wds_wcid = cpu_to_le16(sta ? wcid->idx : 0xfff); 976 977 tx_info->skb = NULL; 978 979 /* pass partial skb header to fw */ 980 tx_info->buf[1].len = MT_CT_PARSE_LEN; 981 tx_info->buf[1].skip_unmap = true; 982 tx_info->nbuf = MT_CT_DMA_BUF_NUM; 983 984 return 0; 985} 986 987u32 mt7996_wed_init_buf(void *ptr, dma_addr_t phys, int token_id) 988{ 989 struct mt76_connac_fw_txp *txp = ptr + MT_TXD_SIZE; 990 __le32 *txwi = ptr; 991 u32 val; 992 993 memset(ptr, 0, MT_TXD_SIZE + sizeof(*txp)); 994 995 val = FIELD_PREP(MT_TXD0_TX_BYTES, MT_TXD_SIZE) | 996 FIELD_PREP(MT_TXD0_PKT_FMT, MT_TX_TYPE_CT); 997 txwi[0] = cpu_to_le32(val); 998 999 val = BIT(31) | 1000 FIELD_PREP(MT_TXD1_HDR_FORMAT, MT_HDR_FORMAT_802_3); 1001 txwi[1] = cpu_to_le32(val); 1002 1003 txp->token = cpu_to_le16(token_id); 1004 txp->nbuf = 1; 1005 txp->buf[0] = cpu_to_le32(phys + MT_TXD_SIZE + sizeof(*txp)); 1006 1007 return MT_TXD_SIZE + sizeof(*txp); 1008} 1009 1010static void 1011mt7996_tx_check_aggr(struct ieee80211_sta *sta, struct sk_buff *skb) 1012{ 1013 struct mt7996_sta *msta; 1014 struct ieee80211_tx_info *info = IEEE80211_SKB_CB(skb); 1015 bool is_8023 = info->flags & IEEE80211_TX_CTL_HW_80211_ENCAP; 1016 u16 fc, tid; 1017 1018 if (!sta || !(sta->deflink.ht_cap.ht_supported || sta->deflink.he_cap.has_he)) 1019 return; 1020 1021 tid = skb->priority & IEEE80211_QOS_CTL_TID_MASK; 1022 if (tid >= 6) /* skip VO queue */ 1023 return; 1024 1025 if (is_8023) { 1026 fc = IEEE80211_FTYPE_DATA | 1027 (sta->wme ? IEEE80211_STYPE_QOS_DATA : IEEE80211_STYPE_DATA); 1028 } else { 1029 /* No need to get precise TID for Action/Management Frame, 1030 * since it will not meet the following Frame Control 1031 * condition anyway. 1032 */ 1033 1034 struct ieee80211_hdr *hdr = (struct ieee80211_hdr *)skb->data; 1035 1036 fc = le16_to_cpu(hdr->frame_control) & 1037 (IEEE80211_FCTL_FTYPE | IEEE80211_FCTL_STYPE); 1038 } 1039 1040 if (unlikely(fc != (IEEE80211_FTYPE_DATA | IEEE80211_STYPE_QOS_DATA))) 1041 return; 1042 1043 msta = (struct mt7996_sta *)sta->drv_priv; 1044 if (!test_and_set_bit(tid, &msta->wcid.ampdu_state)) 1045 ieee80211_start_tx_ba_session(sta, tid, 0); 1046} 1047 1048static void 1049mt7996_txwi_free(struct mt7996_dev *dev, struct mt76_txwi_cache *t, 1050 struct ieee80211_sta *sta, struct list_head *free_list) 1051{ 1052 struct mt76_dev *mdev = &dev->mt76; 1053 struct mt76_wcid *wcid; 1054 __le32 *txwi; 1055 u16 wcid_idx; 1056 1057 mt76_connac_txp_skb_unmap(mdev, t); 1058 if (!t->skb) 1059 goto out; 1060 1061 txwi = (__le32 *)mt76_get_txwi_ptr(mdev, t); 1062 if (sta) { 1063 wcid = (struct mt76_wcid *)sta->drv_priv; 1064 wcid_idx = wcid->idx; 1065 1066 if (likely(t->skb->protocol != cpu_to_be16(ETH_P_PAE))) 1067 mt7996_tx_check_aggr(sta, t->skb); 1068 } else { 1069 wcid_idx = le32_get_bits(txwi[9], MT_TXD9_WLAN_IDX); 1070 } 1071 1072 __mt76_tx_complete_skb(mdev, wcid_idx, t->skb, free_list); 1073 1074out: 1075 t->skb = NULL; 1076 mt76_put_txwi(mdev, t); 1077} 1078 1079static void 1080mt7996_mac_tx_free(struct mt7996_dev *dev, void *data, int len) 1081{ 1082 __le32 *tx_free = (__le32 *)data, *cur_info; 1083 struct mt76_dev *mdev = &dev->mt76; 1084 struct mt76_phy *phy2 = mdev->phys[MT_BAND1]; 1085 struct mt76_phy *phy3 = mdev->phys[MT_BAND2]; 1086 struct mt76_txwi_cache *txwi; 1087 struct ieee80211_sta *sta = NULL; 1088 struct mt76_wcid *wcid = NULL; 1089 LIST_HEAD(free_list); 1090 struct sk_buff *skb, *tmp; 1091 void *end = data + len; 1092 bool wake = false; 1093 u16 total, count = 0; 1094 1095 /* clean DMA queues and unmap buffers first */ 1096 mt76_queue_tx_cleanup(dev, dev->mphy.q_tx[MT_TXQ_PSD], false); 1097 mt76_queue_tx_cleanup(dev, dev->mphy.q_tx[MT_TXQ_BE], false); 1098 if (phy2) { 1099 mt76_queue_tx_cleanup(dev, phy2->q_tx[MT_TXQ_PSD], false); 1100 mt76_queue_tx_cleanup(dev, phy2->q_tx[MT_TXQ_BE], false); 1101 } 1102 if (phy3) { 1103 mt76_queue_tx_cleanup(dev, phy3->q_tx[MT_TXQ_PSD], false); 1104 mt76_queue_tx_cleanup(dev, phy3->q_tx[MT_TXQ_BE], false); 1105 } 1106 1107 if (WARN_ON_ONCE(le32_get_bits(tx_free[1], MT_TXFREE1_VER) < 5)) 1108 return; 1109 1110 total = le32_get_bits(tx_free[0], MT_TXFREE0_MSDU_CNT); 1111 for (cur_info = &tx_free[2]; count < total; cur_info++) { 1112 u32 msdu, info; 1113 u8 i; 1114 1115 if (WARN_ON_ONCE((void *)cur_info >= end)) 1116 return; 1117 /* 1'b1: new wcid pair. 1118 * 1'b0: msdu_id with the same 'wcid pair' as above. 1119 */ 1120 info = le32_to_cpu(*cur_info); 1121 if (info & MT_TXFREE_INFO_PAIR) { 1122 struct mt7996_sta *msta; 1123 u16 idx; 1124 1125 idx = FIELD_GET(MT_TXFREE_INFO_WLAN_ID, info); 1126 wcid = rcu_dereference(dev->mt76.wcid[idx]); 1127 sta = wcid_to_sta(wcid); 1128 if (!sta) 1129 continue; 1130 1131 msta = container_of(wcid, struct mt7996_sta, wcid); 1132 spin_lock_bh(&mdev->sta_poll_lock); 1133 if (list_empty(&msta->wcid.poll_list)) 1134 list_add_tail(&msta->wcid.poll_list, 1135 &mdev->sta_poll_list); 1136 spin_unlock_bh(&mdev->sta_poll_lock); 1137 continue; 1138 } else if (info & MT_TXFREE_INFO_HEADER) { 1139 u32 tx_retries = 0, tx_failed = 0; 1140 1141 if (!wcid) 1142 continue; 1143 1144 tx_retries = 1145 FIELD_GET(MT_TXFREE_INFO_COUNT, info) - 1; 1146 tx_failed = tx_retries + 1147 !!FIELD_GET(MT_TXFREE_INFO_STAT, info); 1148 1149 wcid->stats.tx_retries += tx_retries; 1150 wcid->stats.tx_failed += tx_failed; 1151 continue; 1152 } 1153 1154 for (i = 0; i < 2; i++) { 1155 msdu = (info >> (15 * i)) & MT_TXFREE_INFO_MSDU_ID; 1156 if (msdu == MT_TXFREE_INFO_MSDU_ID) 1157 continue; 1158 1159 count++; 1160 txwi = mt76_token_release(mdev, msdu, &wake); 1161 if (!txwi) 1162 continue; 1163 1164 mt7996_txwi_free(dev, txwi, sta, &free_list); 1165 } 1166 } 1167 1168 mt7996_mac_sta_poll(dev); 1169 1170 if (wake) 1171 mt76_set_tx_blocked(&dev->mt76, false); 1172 1173 mt76_worker_schedule(&dev->mt76.tx_worker); 1174 1175 list_for_each_entry_safe(skb, tmp, &free_list, list) { 1176 skb_list_del_init(skb); 1177 napi_consume_skb(skb, 1); 1178 } 1179} 1180 1181static bool 1182mt7996_mac_add_txs_skb(struct mt7996_dev *dev, struct mt76_wcid *wcid, 1183 int pid, __le32 *txs_data) 1184{ 1185 struct mt76_sta_stats *stats = &wcid->stats; 1186 struct ieee80211_supported_band *sband; 1187 struct mt76_dev *mdev = &dev->mt76; 1188 struct mt76_phy *mphy; 1189 struct ieee80211_tx_info *info; 1190 struct sk_buff_head list; 1191 struct rate_info rate = {}; 1192 struct sk_buff *skb = NULL; 1193 bool cck = false; 1194 u32 txrate, txs, mode, stbc; 1195 1196 txs = le32_to_cpu(txs_data[0]); 1197 1198 mt76_tx_status_lock(mdev, &list); 1199 1200 /* only report MPDU TXS */ 1201 if (le32_get_bits(txs_data[0], MT_TXS0_TXS_FORMAT) == 0) { 1202 skb = mt76_tx_status_skb_get(mdev, wcid, pid, &list); 1203 if (skb) { 1204 info = IEEE80211_SKB_CB(skb); 1205 if (!(txs & MT_TXS0_ACK_ERROR_MASK)) 1206 info->flags |= IEEE80211_TX_STAT_ACK; 1207 1208 info->status.ampdu_len = 1; 1209 info->status.ampdu_ack_len = 1210 !!(info->flags & IEEE80211_TX_STAT_ACK); 1211 1212 info->status.rates[0].idx = -1; 1213 } 1214 } 1215 1216 if (mtk_wed_device_active(&dev->mt76.mmio.wed) && wcid->sta) { 1217 struct ieee80211_sta *sta; 1218 u8 tid; 1219 1220 sta = container_of((void *)wcid, struct ieee80211_sta, drv_priv); 1221 tid = FIELD_GET(MT_TXS0_TID, txs); 1222 ieee80211_refresh_tx_agg_session_timer(sta, tid); 1223 } 1224 1225 txrate = FIELD_GET(MT_TXS0_TX_RATE, txs); 1226 1227 rate.mcs = FIELD_GET(MT_TX_RATE_IDX, txrate); 1228 rate.nss = FIELD_GET(MT_TX_RATE_NSS, txrate) + 1; 1229 stbc = le32_get_bits(txs_data[3], MT_TXS3_RATE_STBC); 1230 1231 if (stbc && rate.nss > 1) 1232 rate.nss >>= 1; 1233 1234 if (rate.nss - 1 < ARRAY_SIZE(stats->tx_nss)) 1235 stats->tx_nss[rate.nss - 1]++; 1236 if (rate.mcs < ARRAY_SIZE(stats->tx_mcs)) 1237 stats->tx_mcs[rate.mcs]++; 1238 1239 mode = FIELD_GET(MT_TX_RATE_MODE, txrate); 1240 switch (mode) { 1241 case MT_PHY_TYPE_CCK: 1242 cck = true; 1243 fallthrough; 1244 case MT_PHY_TYPE_OFDM: 1245 mphy = mt76_dev_phy(mdev, wcid->phy_idx); 1246 1247 if (mphy->chandef.chan->band == NL80211_BAND_5GHZ) 1248 sband = &mphy->sband_5g.sband; 1249 else if (mphy->chandef.chan->band == NL80211_BAND_6GHZ) 1250 sband = &mphy->sband_6g.sband; 1251 else 1252 sband = &mphy->sband_2g.sband; 1253 1254 rate.mcs = mt76_get_rate(mphy->dev, sband, rate.mcs, cck); 1255 rate.legacy = sband->bitrates[rate.mcs].bitrate; 1256 break; 1257 case MT_PHY_TYPE_HT: 1258 case MT_PHY_TYPE_HT_GF: 1259 if (rate.mcs > 31) 1260 goto out; 1261 1262 rate.flags = RATE_INFO_FLAGS_MCS; 1263 if (wcid->rate.flags & RATE_INFO_FLAGS_SHORT_GI) 1264 rate.flags |= RATE_INFO_FLAGS_SHORT_GI; 1265 break; 1266 case MT_PHY_TYPE_VHT: 1267 if (rate.mcs > 9) 1268 goto out; 1269 1270 rate.flags = RATE_INFO_FLAGS_VHT_MCS; 1271 if (wcid->rate.flags & RATE_INFO_FLAGS_SHORT_GI) 1272 rate.flags |= RATE_INFO_FLAGS_SHORT_GI; 1273 break; 1274 case MT_PHY_TYPE_HE_SU: 1275 case MT_PHY_TYPE_HE_EXT_SU: 1276 case MT_PHY_TYPE_HE_TB: 1277 case MT_PHY_TYPE_HE_MU: 1278 if (rate.mcs > 11) 1279 goto out; 1280 1281 rate.he_gi = wcid->rate.he_gi; 1282 rate.he_dcm = FIELD_GET(MT_TX_RATE_DCM, txrate); 1283 rate.flags = RATE_INFO_FLAGS_HE_MCS; 1284 break; 1285 case MT_PHY_TYPE_EHT_SU: 1286 case MT_PHY_TYPE_EHT_TRIG: 1287 case MT_PHY_TYPE_EHT_MU: 1288 if (rate.mcs > 13) 1289 goto out; 1290 1291 rate.eht_gi = wcid->rate.eht_gi; 1292 rate.flags = RATE_INFO_FLAGS_EHT_MCS; 1293 break; 1294 default: 1295 goto out; 1296 } 1297 1298 stats->tx_mode[mode]++; 1299 1300 switch (FIELD_GET(MT_TXS0_BW, txs)) { 1301 case IEEE80211_STA_RX_BW_320: 1302 rate.bw = RATE_INFO_BW_320; 1303 stats->tx_bw[4]++; 1304 break; 1305 case IEEE80211_STA_RX_BW_160: 1306 rate.bw = RATE_INFO_BW_160; 1307 stats->tx_bw[3]++; 1308 break; 1309 case IEEE80211_STA_RX_BW_80: 1310 rate.bw = RATE_INFO_BW_80; 1311 stats->tx_bw[2]++; 1312 break; 1313 case IEEE80211_STA_RX_BW_40: 1314 rate.bw = RATE_INFO_BW_40; 1315 stats->tx_bw[1]++; 1316 break; 1317 default: 1318 rate.bw = RATE_INFO_BW_20; 1319 stats->tx_bw[0]++; 1320 break; 1321 } 1322 wcid->rate = rate; 1323 1324out: 1325 if (skb) 1326 mt76_tx_status_skb_done(mdev, skb, &list); 1327 mt76_tx_status_unlock(mdev, &list); 1328 1329 return !!skb; 1330} 1331 1332static void mt7996_mac_add_txs(struct mt7996_dev *dev, void *data) 1333{ 1334 struct mt7996_sta *msta = NULL; 1335 struct mt76_wcid *wcid; 1336 __le32 *txs_data = data; 1337 u16 wcidx; 1338 u8 pid; 1339 1340 wcidx = le32_get_bits(txs_data[2], MT_TXS2_WCID); 1341 pid = le32_get_bits(txs_data[3], MT_TXS3_PID); 1342 1343 if (pid < MT_PACKET_ID_NO_SKB) 1344 return; 1345 1346 if (wcidx >= mt7996_wtbl_size(dev)) 1347 return; 1348 1349 rcu_read_lock(); 1350 1351 wcid = rcu_dereference(dev->mt76.wcid[wcidx]); 1352 if (!wcid) 1353 goto out; 1354 1355 msta = container_of(wcid, struct mt7996_sta, wcid); 1356 1357 mt7996_mac_add_txs_skb(dev, wcid, pid, txs_data); 1358 1359 if (!wcid->sta) 1360 goto out; 1361 1362 spin_lock_bh(&dev->mt76.sta_poll_lock); 1363 if (list_empty(&msta->wcid.poll_list)) 1364 list_add_tail(&msta->wcid.poll_list, &dev->mt76.sta_poll_list); 1365 spin_unlock_bh(&dev->mt76.sta_poll_lock); 1366 1367out: 1368 rcu_read_unlock(); 1369} 1370 1371bool mt7996_rx_check(struct mt76_dev *mdev, void *data, int len) 1372{ 1373 struct mt7996_dev *dev = container_of(mdev, struct mt7996_dev, mt76); 1374 __le32 *rxd = (__le32 *)data; 1375 __le32 *end = (__le32 *)&rxd[len / 4]; 1376 enum rx_pkt_type type; 1377 1378 type = le32_get_bits(rxd[0], MT_RXD0_PKT_TYPE); 1379 if (type != PKT_TYPE_NORMAL) { 1380 u32 sw_type = le32_get_bits(rxd[0], MT_RXD0_SW_PKT_TYPE_MASK); 1381 1382 if (unlikely((sw_type & MT_RXD0_SW_PKT_TYPE_MAP) == 1383 MT_RXD0_SW_PKT_TYPE_FRAME)) 1384 return true; 1385 } 1386 1387 switch (type) { 1388 case PKT_TYPE_TXRX_NOTIFY: 1389 mt7996_mac_tx_free(dev, data, len); 1390 return false; 1391 case PKT_TYPE_TXS: 1392 for (rxd += 4; rxd + 8 <= end; rxd += 8) 1393 mt7996_mac_add_txs(dev, rxd); 1394 return false; 1395 case PKT_TYPE_RX_FW_MONITOR: 1396 mt7996_debugfs_rx_fw_monitor(dev, data, len); 1397 return false; 1398 default: 1399 return true; 1400 } 1401} 1402 1403void mt7996_queue_rx_skb(struct mt76_dev *mdev, enum mt76_rxq_id q, 1404 struct sk_buff *skb, u32 *info) 1405{ 1406 struct mt7996_dev *dev = container_of(mdev, struct mt7996_dev, mt76); 1407 __le32 *rxd = (__le32 *)skb->data; 1408 __le32 *end = (__le32 *)&skb->data[skb->len]; 1409 enum rx_pkt_type type; 1410 1411 type = le32_get_bits(rxd[0], MT_RXD0_PKT_TYPE); 1412 if (type != PKT_TYPE_NORMAL) { 1413 u32 sw_type = le32_get_bits(rxd[0], MT_RXD0_SW_PKT_TYPE_MASK); 1414 1415 if (unlikely((sw_type & MT_RXD0_SW_PKT_TYPE_MAP) == 1416 MT_RXD0_SW_PKT_TYPE_FRAME)) 1417 type = PKT_TYPE_NORMAL; 1418 } 1419 1420 switch (type) { 1421 case PKT_TYPE_TXRX_NOTIFY: 1422 if (mtk_wed_device_active(&dev->mt76.mmio.wed_hif2) && 1423 q == MT_RXQ_TXFREE_BAND2) { 1424 dev_kfree_skb(skb); 1425 break; 1426 } 1427 1428 mt7996_mac_tx_free(dev, skb->data, skb->len); 1429 napi_consume_skb(skb, 1); 1430 break; 1431 case PKT_TYPE_RX_EVENT: 1432 mt7996_mcu_rx_event(dev, skb); 1433 break; 1434 case PKT_TYPE_TXS: 1435 for (rxd += 4; rxd + 8 <= end; rxd += 8) 1436 mt7996_mac_add_txs(dev, rxd); 1437 dev_kfree_skb(skb); 1438 break; 1439 case PKT_TYPE_RX_FW_MONITOR: 1440 mt7996_debugfs_rx_fw_monitor(dev, skb->data, skb->len); 1441 dev_kfree_skb(skb); 1442 break; 1443 case PKT_TYPE_NORMAL: 1444 if (!mt7996_mac_fill_rx(dev, q, skb, info)) { 1445 mt76_rx(&dev->mt76, q, skb); 1446 return; 1447 } 1448 fallthrough; 1449 default: 1450 dev_kfree_skb(skb); 1451 break; 1452 } 1453} 1454 1455void mt7996_mac_cca_stats_reset(struct mt7996_phy *phy) 1456{ 1457 struct mt7996_dev *dev = phy->dev; 1458 u32 reg = MT_WF_PHYRX_BAND_RX_CTRL1(phy->mt76->band_idx); 1459 1460 mt76_clear(dev, reg, MT_WF_PHYRX_BAND_RX_CTRL1_STSCNT_EN); 1461 mt76_set(dev, reg, BIT(11) | BIT(9)); 1462} 1463 1464void mt7996_mac_reset_counters(struct mt7996_phy *phy) 1465{ 1466 struct mt7996_dev *dev = phy->dev; 1467 u8 band_idx = phy->mt76->band_idx; 1468 int i; 1469 1470 for (i = 0; i < 16; i++) 1471 mt76_rr(dev, MT_TX_AGG_CNT(band_idx, i)); 1472 1473 phy->mt76->survey_time = ktime_get_boottime(); 1474 1475 memset(phy->mt76->aggr_stats, 0, sizeof(phy->mt76->aggr_stats)); 1476 1477 /* reset airtime counters */ 1478 mt76_set(dev, MT_WF_RMAC_MIB_AIRTIME0(band_idx), 1479 MT_WF_RMAC_MIB_RXTIME_CLR); 1480 1481 mt7996_mcu_get_chan_mib_info(phy, true); 1482} 1483 1484void mt7996_mac_set_coverage_class(struct mt7996_phy *phy) 1485{ 1486 s16 coverage_class = phy->coverage_class; 1487 struct mt7996_dev *dev = phy->dev; 1488 struct mt7996_phy *phy2 = mt7996_phy2(dev); 1489 struct mt7996_phy *phy3 = mt7996_phy3(dev); 1490 u32 reg_offset; 1491 u32 cck = FIELD_PREP(MT_TIMEOUT_VAL_PLCP, 231) | 1492 FIELD_PREP(MT_TIMEOUT_VAL_CCA, 48); 1493 u32 ofdm = FIELD_PREP(MT_TIMEOUT_VAL_PLCP, 60) | 1494 FIELD_PREP(MT_TIMEOUT_VAL_CCA, 28); 1495 u8 band_idx = phy->mt76->band_idx; 1496 int offset; 1497 1498 if (!test_bit(MT76_STATE_RUNNING, &phy->mt76->state)) 1499 return; 1500 1501 if (phy2) 1502 coverage_class = max_t(s16, dev->phy.coverage_class, 1503 phy2->coverage_class); 1504 1505 if (phy3) 1506 coverage_class = max_t(s16, coverage_class, 1507 phy3->coverage_class); 1508 1509 offset = 3 * coverage_class; 1510 reg_offset = FIELD_PREP(MT_TIMEOUT_VAL_PLCP, offset) | 1511 FIELD_PREP(MT_TIMEOUT_VAL_CCA, offset); 1512 1513 mt76_wr(dev, MT_TMAC_CDTR(band_idx), cck + reg_offset); 1514 mt76_wr(dev, MT_TMAC_ODTR(band_idx), ofdm + reg_offset); 1515} 1516 1517void mt7996_mac_enable_nf(struct mt7996_dev *dev, u8 band) 1518{ 1519 mt76_set(dev, MT_WF_PHYRX_CSD_BAND_RXTD12(band), 1520 MT_WF_PHYRX_CSD_BAND_RXTD12_IRPI_SW_CLR_ONLY | 1521 MT_WF_PHYRX_CSD_BAND_RXTD12_IRPI_SW_CLR); 1522 1523 mt76_set(dev, MT_WF_PHYRX_BAND_RX_CTRL1(band), 1524 FIELD_PREP(MT_WF_PHYRX_BAND_RX_CTRL1_IPI_EN, 0x5)); 1525} 1526 1527static u8 1528mt7996_phy_get_nf(struct mt7996_phy *phy, u8 band_idx) 1529{ 1530 static const u8 nf_power[] = { 92, 89, 86, 83, 80, 75, 70, 65, 60, 55, 52 }; 1531 struct mt7996_dev *dev = phy->dev; 1532 u32 val, sum = 0, n = 0; 1533 int ant, i; 1534 1535 for (ant = 0; ant < hweight8(phy->mt76->antenna_mask); ant++) { 1536 u32 reg = MT_WF_PHYRX_CSD_IRPI(band_idx, ant); 1537 1538 for (i = 0; i < ARRAY_SIZE(nf_power); i++, reg += 4) { 1539 val = mt76_rr(dev, reg); 1540 sum += val * nf_power[i]; 1541 n += val; 1542 } 1543 } 1544 1545 return n ? sum / n : 0; 1546} 1547 1548void mt7996_update_channel(struct mt76_phy *mphy) 1549{ 1550 struct mt7996_phy *phy = mphy->priv; 1551 struct mt76_channel_state *state = mphy->chan_state; 1552 int nf; 1553 1554 mt7996_mcu_get_chan_mib_info(phy, false); 1555 1556 nf = mt7996_phy_get_nf(phy, mphy->band_idx); 1557 if (!phy->noise) 1558 phy->noise = nf << 4; 1559 else if (nf) 1560 phy->noise += nf - (phy->noise >> 4); 1561 1562 state->noise = -(phy->noise >> 4); 1563} 1564 1565static bool 1566mt7996_wait_reset_state(struct mt7996_dev *dev, u32 state) 1567{ 1568 bool ret; 1569 1570 ret = wait_event_timeout(dev->reset_wait, 1571 (READ_ONCE(dev->recovery.state) & state), 1572 MT7996_RESET_TIMEOUT); 1573 1574 WARN(!ret, "Timeout waiting for MCU reset state %x\n", state); 1575 return ret; 1576} 1577 1578static void 1579mt7996_update_vif_beacon(void *priv, u8 *mac, struct ieee80211_vif *vif) 1580{ 1581 struct ieee80211_hw *hw = priv; 1582 1583 switch (vif->type) { 1584 case NL80211_IFTYPE_MESH_POINT: 1585 case NL80211_IFTYPE_ADHOC: 1586 case NL80211_IFTYPE_AP: 1587 mt7996_mcu_add_beacon(hw, vif, vif->bss_conf.enable_beacon); 1588 break; 1589 default: 1590 break; 1591 } 1592} 1593 1594static void 1595mt7996_update_beacons(struct mt7996_dev *dev) 1596{ 1597 struct mt76_phy *phy2, *phy3; 1598 1599 ieee80211_iterate_active_interfaces(dev->mt76.hw, 1600 IEEE80211_IFACE_ITER_RESUME_ALL, 1601 mt7996_update_vif_beacon, dev->mt76.hw); 1602 1603 phy2 = dev->mt76.phys[MT_BAND1]; 1604 if (!phy2) 1605 return; 1606 1607 ieee80211_iterate_active_interfaces(phy2->hw, 1608 IEEE80211_IFACE_ITER_RESUME_ALL, 1609 mt7996_update_vif_beacon, phy2->hw); 1610 1611 phy3 = dev->mt76.phys[MT_BAND2]; 1612 if (!phy3) 1613 return; 1614 1615 ieee80211_iterate_active_interfaces(phy3->hw, 1616 IEEE80211_IFACE_ITER_RESUME_ALL, 1617 mt7996_update_vif_beacon, phy3->hw); 1618} 1619 1620void mt7996_tx_token_put(struct mt7996_dev *dev) 1621{ 1622 struct mt76_txwi_cache *txwi; 1623 int id; 1624 1625 spin_lock_bh(&dev->mt76.token_lock); 1626 idr_for_each_entry(&dev->mt76.token, txwi, id) { 1627 mt7996_txwi_free(dev, txwi, NULL, NULL); 1628 dev->mt76.token_count--; 1629 } 1630 spin_unlock_bh(&dev->mt76.token_lock); 1631 idr_destroy(&dev->mt76.token); 1632} 1633 1634static int 1635mt7996_mac_restart(struct mt7996_dev *dev) 1636{ 1637 struct mt7996_phy *phy2, *phy3; 1638 struct mt76_dev *mdev = &dev->mt76; 1639 int i, ret; 1640 1641 phy2 = mt7996_phy2(dev); 1642 phy3 = mt7996_phy3(dev); 1643 1644 if (dev->hif2) { 1645 mt76_wr(dev, MT_INT1_MASK_CSR, 0x0); 1646 mt76_wr(dev, MT_INT1_SOURCE_CSR, ~0); 1647 } 1648 1649 if (dev_is_pci(mdev->dev)) { 1650 mt76_wr(dev, MT_PCIE_MAC_INT_ENABLE, 0x0); 1651 if (dev->hif2) 1652 mt76_wr(dev, MT_PCIE1_MAC_INT_ENABLE, 0x0); 1653 } 1654 1655 set_bit(MT76_RESET, &dev->mphy.state); 1656 set_bit(MT76_MCU_RESET, &dev->mphy.state); 1657 wake_up(&dev->mt76.mcu.wait); 1658 if (phy2) { 1659 set_bit(MT76_RESET, &phy2->mt76->state); 1660 set_bit(MT76_MCU_RESET, &phy2->mt76->state); 1661 } 1662 if (phy3) { 1663 set_bit(MT76_RESET, &phy3->mt76->state); 1664 set_bit(MT76_MCU_RESET, &phy3->mt76->state); 1665 } 1666 1667 /* lock/unlock all queues to ensure that no tx is pending */ 1668 mt76_txq_schedule_all(&dev->mphy); 1669 if (phy2) 1670 mt76_txq_schedule_all(phy2->mt76); 1671 if (phy3) 1672 mt76_txq_schedule_all(phy3->mt76); 1673 1674 /* disable all tx/rx napi */ 1675 mt76_worker_disable(&dev->mt76.tx_worker); 1676 mt76_for_each_q_rx(mdev, i) { 1677 if (mtk_wed_device_active(&dev->mt76.mmio.wed) && 1678 mt76_queue_is_wed_rro(&mdev->q_rx[i])) 1679 continue; 1680 1681 if (mdev->q_rx[i].ndesc) 1682 napi_disable(&dev->mt76.napi[i]); 1683 } 1684 napi_disable(&dev->mt76.tx_napi); 1685 1686 /* token reinit */ 1687 mt7996_tx_token_put(dev); 1688 idr_init(&dev->mt76.token); 1689 1690 mt7996_dma_reset(dev, true); 1691 1692 local_bh_disable(); 1693 mt76_for_each_q_rx(mdev, i) { 1694 if (mtk_wed_device_active(&dev->mt76.mmio.wed) && 1695 mt76_queue_is_wed_rro(&mdev->q_rx[i])) 1696 continue; 1697 1698 if (mdev->q_rx[i].ndesc) { 1699 napi_enable(&dev->mt76.napi[i]); 1700 napi_schedule(&dev->mt76.napi[i]); 1701 } 1702 } 1703 local_bh_enable(); 1704 clear_bit(MT76_MCU_RESET, &dev->mphy.state); 1705 clear_bit(MT76_STATE_MCU_RUNNING, &dev->mphy.state); 1706 1707 mt76_wr(dev, MT_INT_MASK_CSR, dev->mt76.mmio.irqmask); 1708 mt76_wr(dev, MT_INT_SOURCE_CSR, ~0); 1709 if (dev->hif2) { 1710 mt76_wr(dev, MT_INT1_MASK_CSR, dev->mt76.mmio.irqmask); 1711 mt76_wr(dev, MT_INT1_SOURCE_CSR, ~0); 1712 } 1713 if (dev_is_pci(mdev->dev)) { 1714 mt76_wr(dev, MT_PCIE_MAC_INT_ENABLE, 0xff); 1715 if (dev->hif2) 1716 mt76_wr(dev, MT_PCIE1_MAC_INT_ENABLE, 0xff); 1717 } 1718 1719 /* load firmware */ 1720 ret = mt7996_mcu_init_firmware(dev); 1721 if (ret) 1722 goto out; 1723 1724 /* set the necessary init items */ 1725 ret = mt7996_mcu_set_eeprom(dev); 1726 if (ret) 1727 goto out; 1728 1729 mt7996_mac_init(dev); 1730 mt7996_init_txpower(&dev->phy); 1731 mt7996_init_txpower(phy2); 1732 mt7996_init_txpower(phy3); 1733 ret = mt7996_txbf_init(dev); 1734 1735 if (test_bit(MT76_STATE_RUNNING, &dev->mphy.state)) { 1736 ret = mt7996_run(dev->mphy.hw); 1737 if (ret) 1738 goto out; 1739 } 1740 1741 if (phy2 && test_bit(MT76_STATE_RUNNING, &phy2->mt76->state)) { 1742 ret = mt7996_run(phy2->mt76->hw); 1743 if (ret) 1744 goto out; 1745 } 1746 1747 if (phy3 && test_bit(MT76_STATE_RUNNING, &phy3->mt76->state)) { 1748 ret = mt7996_run(phy3->mt76->hw); 1749 if (ret) 1750 goto out; 1751 } 1752 1753out: 1754 /* reset done */ 1755 clear_bit(MT76_RESET, &dev->mphy.state); 1756 if (phy2) 1757 clear_bit(MT76_RESET, &phy2->mt76->state); 1758 if (phy3) 1759 clear_bit(MT76_RESET, &phy3->mt76->state); 1760 1761 local_bh_disable(); 1762 napi_enable(&dev->mt76.tx_napi); 1763 napi_schedule(&dev->mt76.tx_napi); 1764 local_bh_enable(); 1765 1766 mt76_worker_enable(&dev->mt76.tx_worker); 1767 return ret; 1768} 1769 1770static void 1771mt7996_mac_full_reset(struct mt7996_dev *dev) 1772{ 1773 struct mt7996_phy *phy2, *phy3; 1774 int i; 1775 1776 phy2 = mt7996_phy2(dev); 1777 phy3 = mt7996_phy3(dev); 1778 dev->recovery.hw_full_reset = true; 1779 1780 wake_up(&dev->mt76.mcu.wait); 1781 ieee80211_stop_queues(mt76_hw(dev)); 1782 if (phy2) 1783 ieee80211_stop_queues(phy2->mt76->hw); 1784 if (phy3) 1785 ieee80211_stop_queues(phy3->mt76->hw); 1786 1787 cancel_work_sync(&dev->wed_rro.work); 1788 cancel_delayed_work_sync(&dev->mphy.mac_work); 1789 if (phy2) 1790 cancel_delayed_work_sync(&phy2->mt76->mac_work); 1791 if (phy3) 1792 cancel_delayed_work_sync(&phy3->mt76->mac_work); 1793 1794 mutex_lock(&dev->mt76.mutex); 1795 for (i = 0; i < 10; i++) { 1796 if (!mt7996_mac_restart(dev)) 1797 break; 1798 } 1799 mutex_unlock(&dev->mt76.mutex); 1800 1801 if (i == 10) 1802 dev_err(dev->mt76.dev, "chip full reset failed\n"); 1803 1804 ieee80211_restart_hw(mt76_hw(dev)); 1805 if (phy2) 1806 ieee80211_restart_hw(phy2->mt76->hw); 1807 if (phy3) 1808 ieee80211_restart_hw(phy3->mt76->hw); 1809 1810 ieee80211_wake_queues(mt76_hw(dev)); 1811 if (phy2) 1812 ieee80211_wake_queues(phy2->mt76->hw); 1813 if (phy3) 1814 ieee80211_wake_queues(phy3->mt76->hw); 1815 1816 dev->recovery.hw_full_reset = false; 1817 ieee80211_queue_delayed_work(mt76_hw(dev), 1818 &dev->mphy.mac_work, 1819 MT7996_WATCHDOG_TIME); 1820 if (phy2) 1821 ieee80211_queue_delayed_work(phy2->mt76->hw, 1822 &phy2->mt76->mac_work, 1823 MT7996_WATCHDOG_TIME); 1824 if (phy3) 1825 ieee80211_queue_delayed_work(phy3->mt76->hw, 1826 &phy3->mt76->mac_work, 1827 MT7996_WATCHDOG_TIME); 1828} 1829 1830void mt7996_mac_reset_work(struct work_struct *work) 1831{ 1832 struct mt7996_phy *phy2, *phy3; 1833 struct mt7996_dev *dev; 1834 int i; 1835 1836 dev = container_of(work, struct mt7996_dev, reset_work); 1837 phy2 = mt7996_phy2(dev); 1838 phy3 = mt7996_phy3(dev); 1839 1840 /* chip full reset */ 1841 if (dev->recovery.restart) { 1842 /* disable WA/WM WDT */ 1843 mt76_clear(dev, MT_WFDMA0_MCU_HOST_INT_ENA, 1844 MT_MCU_CMD_WDT_MASK); 1845 1846 if (READ_ONCE(dev->recovery.state) & MT_MCU_CMD_WA_WDT) 1847 dev->recovery.wa_reset_count++; 1848 else 1849 dev->recovery.wm_reset_count++; 1850 1851 mt7996_mac_full_reset(dev); 1852 1853 /* enable mcu irq */ 1854 mt7996_irq_enable(dev, MT_INT_MCU_CMD); 1855 mt7996_irq_disable(dev, 0); 1856 1857 /* enable WA/WM WDT */ 1858 mt76_set(dev, MT_WFDMA0_MCU_HOST_INT_ENA, MT_MCU_CMD_WDT_MASK); 1859 1860 dev->recovery.state = MT_MCU_CMD_NORMAL_STATE; 1861 dev->recovery.restart = false; 1862 return; 1863 } 1864 1865 if (!(READ_ONCE(dev->recovery.state) & MT_MCU_CMD_STOP_DMA)) 1866 return; 1867 1868 dev_info(dev->mt76.dev,"\n%s L1 SER recovery start.", 1869 wiphy_name(dev->mt76.hw->wiphy)); 1870 1871 if (mtk_wed_device_active(&dev->mt76.mmio.wed_hif2)) 1872 mtk_wed_device_stop(&dev->mt76.mmio.wed_hif2); 1873 1874 if (mtk_wed_device_active(&dev->mt76.mmio.wed)) 1875 mtk_wed_device_stop(&dev->mt76.mmio.wed); 1876 1877 ieee80211_stop_queues(mt76_hw(dev)); 1878 if (phy2) 1879 ieee80211_stop_queues(phy2->mt76->hw); 1880 if (phy3) 1881 ieee80211_stop_queues(phy3->mt76->hw); 1882 1883 set_bit(MT76_RESET, &dev->mphy.state); 1884 set_bit(MT76_MCU_RESET, &dev->mphy.state); 1885 wake_up(&dev->mt76.mcu.wait); 1886 1887 cancel_work_sync(&dev->wed_rro.work); 1888 cancel_delayed_work_sync(&dev->mphy.mac_work); 1889 if (phy2) { 1890 set_bit(MT76_RESET, &phy2->mt76->state); 1891 cancel_delayed_work_sync(&phy2->mt76->mac_work); 1892 } 1893 if (phy3) { 1894 set_bit(MT76_RESET, &phy3->mt76->state); 1895 cancel_delayed_work_sync(&phy3->mt76->mac_work); 1896 } 1897 mt76_worker_disable(&dev->mt76.tx_worker); 1898 mt76_for_each_q_rx(&dev->mt76, i) { 1899 if (mtk_wed_device_active(&dev->mt76.mmio.wed) && 1900 mt76_queue_is_wed_rro(&dev->mt76.q_rx[i])) 1901 continue; 1902 1903 napi_disable(&dev->mt76.napi[i]); 1904 } 1905 napi_disable(&dev->mt76.tx_napi); 1906 1907 mutex_lock(&dev->mt76.mutex); 1908 1909 mt76_wr(dev, MT_MCU_INT_EVENT, MT_MCU_INT_EVENT_DMA_STOPPED); 1910 1911 if (mt7996_wait_reset_state(dev, MT_MCU_CMD_RESET_DONE)) { 1912 mt7996_dma_reset(dev, false); 1913 1914 mt7996_tx_token_put(dev); 1915 idr_init(&dev->mt76.token); 1916 1917 mt76_wr(dev, MT_MCU_INT_EVENT, MT_MCU_INT_EVENT_DMA_INIT); 1918 mt7996_wait_reset_state(dev, MT_MCU_CMD_RECOVERY_DONE); 1919 } 1920 1921 mt76_wr(dev, MT_MCU_INT_EVENT, MT_MCU_INT_EVENT_RESET_DONE); 1922 mt7996_wait_reset_state(dev, MT_MCU_CMD_NORMAL_STATE); 1923 1924 /* enable DMA Tx/Tx and interrupt */ 1925 mt7996_dma_start(dev, false, false); 1926 1927 if (mtk_wed_device_active(&dev->mt76.mmio.wed)) { 1928 u32 wed_irq_mask = MT_INT_RRO_RX_DONE | MT_INT_TX_DONE_BAND2 | 1929 dev->mt76.mmio.irqmask; 1930 1931 if (mtk_wed_get_rx_capa(&dev->mt76.mmio.wed)) 1932 wed_irq_mask &= ~MT_INT_RX_DONE_RRO_IND; 1933 1934 mt76_wr(dev, MT_INT_MASK_CSR, wed_irq_mask); 1935 1936 mtk_wed_device_start_hw_rro(&dev->mt76.mmio.wed, wed_irq_mask, 1937 true); 1938 mt7996_irq_enable(dev, wed_irq_mask); 1939 mt7996_irq_disable(dev, 0); 1940 } 1941 1942 if (mtk_wed_device_active(&dev->mt76.mmio.wed_hif2)) { 1943 mt76_wr(dev, MT_INT_PCIE1_MASK_CSR, MT_INT_TX_RX_DONE_EXT); 1944 mtk_wed_device_start(&dev->mt76.mmio.wed_hif2, 1945 MT_INT_TX_RX_DONE_EXT); 1946 } 1947 1948 clear_bit(MT76_MCU_RESET, &dev->mphy.state); 1949 clear_bit(MT76_RESET, &dev->mphy.state); 1950 if (phy2) 1951 clear_bit(MT76_RESET, &phy2->mt76->state); 1952 if (phy3) 1953 clear_bit(MT76_RESET, &phy3->mt76->state); 1954 1955 local_bh_disable(); 1956 mt76_for_each_q_rx(&dev->mt76, i) { 1957 if (mtk_wed_device_active(&dev->mt76.mmio.wed) && 1958 mt76_queue_is_wed_rro(&dev->mt76.q_rx[i])) 1959 continue; 1960 1961 napi_enable(&dev->mt76.napi[i]); 1962 napi_schedule(&dev->mt76.napi[i]); 1963 } 1964 local_bh_enable(); 1965 1966 tasklet_schedule(&dev->mt76.irq_tasklet); 1967 1968 mt76_worker_enable(&dev->mt76.tx_worker); 1969 1970 local_bh_disable(); 1971 napi_enable(&dev->mt76.tx_napi); 1972 napi_schedule(&dev->mt76.tx_napi); 1973 local_bh_enable(); 1974 1975 ieee80211_wake_queues(mt76_hw(dev)); 1976 if (phy2) 1977 ieee80211_wake_queues(phy2->mt76->hw); 1978 if (phy3) 1979 ieee80211_wake_queues(phy3->mt76->hw); 1980 1981 mutex_unlock(&dev->mt76.mutex); 1982 1983 mt7996_update_beacons(dev); 1984 1985 ieee80211_queue_delayed_work(mt76_hw(dev), &dev->mphy.mac_work, 1986 MT7996_WATCHDOG_TIME); 1987 if (phy2) 1988 ieee80211_queue_delayed_work(phy2->mt76->hw, 1989 &phy2->mt76->mac_work, 1990 MT7996_WATCHDOG_TIME); 1991 if (phy3) 1992 ieee80211_queue_delayed_work(phy3->mt76->hw, 1993 &phy3->mt76->mac_work, 1994 MT7996_WATCHDOG_TIME); 1995 dev_info(dev->mt76.dev,"\n%s L1 SER recovery completed.", 1996 wiphy_name(dev->mt76.hw->wiphy)); 1997} 1998 1999/* firmware coredump */ 2000void mt7996_mac_dump_work(struct work_struct *work) 2001{ 2002 const struct mt7996_mem_region *mem_region; 2003 struct mt7996_crash_data *crash_data; 2004 struct mt7996_dev *dev; 2005 struct mt7996_mem_hdr *hdr; 2006 size_t buf_len; 2007 int i; 2008 u32 num; 2009 u8 *buf; 2010 2011 dev = container_of(work, struct mt7996_dev, dump_work); 2012 2013 mutex_lock(&dev->dump_mutex); 2014 2015 crash_data = mt7996_coredump_new(dev); 2016 if (!crash_data) { 2017 mutex_unlock(&dev->dump_mutex); 2018 goto skip_coredump; 2019 } 2020 2021 mem_region = mt7996_coredump_get_mem_layout(dev, &num); 2022 if (!mem_region || !crash_data->memdump_buf_len) { 2023 mutex_unlock(&dev->dump_mutex); 2024 goto skip_memdump; 2025 } 2026 2027 buf = crash_data->memdump_buf; 2028 buf_len = crash_data->memdump_buf_len; 2029 2030 /* dumping memory content... */ 2031 memset(buf, 0, buf_len); 2032 for (i = 0; i < num; i++) { 2033 if (mem_region->len > buf_len) { 2034 dev_warn(dev->mt76.dev, "%s len %zu is too large\n", 2035 mem_region->name, mem_region->len); 2036 break; 2037 } 2038 2039 /* reserve space for the header */ 2040 hdr = (void *)buf; 2041 buf += sizeof(*hdr); 2042 buf_len -= sizeof(*hdr); 2043 2044 mt7996_memcpy_fromio(dev, buf, mem_region->start, 2045 mem_region->len); 2046 2047 hdr->start = mem_region->start; 2048 hdr->len = mem_region->len; 2049 2050 if (!mem_region->len) 2051 /* note: the header remains, just with zero length */ 2052 break; 2053 2054 buf += mem_region->len; 2055 buf_len -= mem_region->len; 2056 2057 mem_region++; 2058 } 2059 2060 mutex_unlock(&dev->dump_mutex); 2061 2062skip_memdump: 2063 mt7996_coredump_submit(dev); 2064skip_coredump: 2065 queue_work(dev->mt76.wq, &dev->reset_work); 2066} 2067 2068void mt7996_reset(struct mt7996_dev *dev) 2069{ 2070 if (!dev->recovery.hw_init_done) 2071 return; 2072 2073 if (dev->recovery.hw_full_reset) 2074 return; 2075 2076 /* wm/wa exception: do full recovery */ 2077 if (READ_ONCE(dev->recovery.state) & MT_MCU_CMD_WDT_MASK) { 2078 dev->recovery.restart = true; 2079 dev_info(dev->mt76.dev, 2080 "%s indicated firmware crash, attempting recovery\n", 2081 wiphy_name(dev->mt76.hw->wiphy)); 2082 2083 mt7996_irq_disable(dev, MT_INT_MCU_CMD); 2084 queue_work(dev->mt76.wq, &dev->dump_work); 2085 return; 2086 } 2087 2088 queue_work(dev->mt76.wq, &dev->reset_work); 2089 wake_up(&dev->reset_wait); 2090} 2091 2092void mt7996_mac_update_stats(struct mt7996_phy *phy) 2093{ 2094 struct mt76_mib_stats *mib = &phy->mib; 2095 struct mt7996_dev *dev = phy->dev; 2096 u8 band_idx = phy->mt76->band_idx; 2097 u32 cnt; 2098 int i; 2099 2100 cnt = mt76_rr(dev, MT_MIB_RSCR1(band_idx)); 2101 mib->fcs_err_cnt += cnt; 2102 2103 cnt = mt76_rr(dev, MT_MIB_RSCR33(band_idx)); 2104 mib->rx_fifo_full_cnt += cnt; 2105 2106 cnt = mt76_rr(dev, MT_MIB_RSCR31(band_idx)); 2107 mib->rx_mpdu_cnt += cnt; 2108 2109 cnt = mt76_rr(dev, MT_MIB_SDR6(band_idx)); 2110 mib->channel_idle_cnt += FIELD_GET(MT_MIB_SDR6_CHANNEL_IDL_CNT_MASK, cnt); 2111 2112 cnt = mt76_rr(dev, MT_MIB_RVSR0(band_idx)); 2113 mib->rx_vector_mismatch_cnt += cnt; 2114 2115 cnt = mt76_rr(dev, MT_MIB_RSCR35(band_idx)); 2116 mib->rx_delimiter_fail_cnt += cnt; 2117 2118 cnt = mt76_rr(dev, MT_MIB_RSCR36(band_idx)); 2119 mib->rx_len_mismatch_cnt += cnt; 2120 2121 cnt = mt76_rr(dev, MT_MIB_TSCR0(band_idx)); 2122 mib->tx_ampdu_cnt += cnt; 2123 2124 cnt = mt76_rr(dev, MT_MIB_TSCR2(band_idx)); 2125 mib->tx_stop_q_empty_cnt += cnt; 2126 2127 cnt = mt76_rr(dev, MT_MIB_TSCR3(band_idx)); 2128 mib->tx_mpdu_attempts_cnt += cnt; 2129 2130 cnt = mt76_rr(dev, MT_MIB_TSCR4(band_idx)); 2131 mib->tx_mpdu_success_cnt += cnt; 2132 2133 cnt = mt76_rr(dev, MT_MIB_RSCR27(band_idx)); 2134 mib->rx_ampdu_cnt += cnt; 2135 2136 cnt = mt76_rr(dev, MT_MIB_RSCR28(band_idx)); 2137 mib->rx_ampdu_bytes_cnt += cnt; 2138 2139 cnt = mt76_rr(dev, MT_MIB_RSCR29(band_idx)); 2140 mib->rx_ampdu_valid_subframe_cnt += cnt; 2141 2142 cnt = mt76_rr(dev, MT_MIB_RSCR30(band_idx)); 2143 mib->rx_ampdu_valid_subframe_bytes_cnt += cnt; 2144 2145 cnt = mt76_rr(dev, MT_MIB_SDR27(band_idx)); 2146 mib->tx_rwp_fail_cnt += FIELD_GET(MT_MIB_SDR27_TX_RWP_FAIL_CNT, cnt); 2147 2148 cnt = mt76_rr(dev, MT_MIB_SDR28(band_idx)); 2149 mib->tx_rwp_need_cnt += FIELD_GET(MT_MIB_SDR28_TX_RWP_NEED_CNT, cnt); 2150 2151 cnt = mt76_rr(dev, MT_UMIB_RPDCR(band_idx)); 2152 mib->rx_pfdrop_cnt += cnt; 2153 2154 cnt = mt76_rr(dev, MT_MIB_RVSR1(band_idx)); 2155 mib->rx_vec_queue_overflow_drop_cnt += cnt; 2156 2157 cnt = mt76_rr(dev, MT_MIB_TSCR1(band_idx)); 2158 mib->rx_ba_cnt += cnt; 2159 2160 cnt = mt76_rr(dev, MT_MIB_BSCR0(band_idx)); 2161 mib->tx_bf_ebf_ppdu_cnt += cnt; 2162 2163 cnt = mt76_rr(dev, MT_MIB_BSCR1(band_idx)); 2164 mib->tx_bf_ibf_ppdu_cnt += cnt; 2165 2166 cnt = mt76_rr(dev, MT_MIB_BSCR2(band_idx)); 2167 mib->tx_mu_bf_cnt += cnt; 2168 2169 cnt = mt76_rr(dev, MT_MIB_TSCR5(band_idx)); 2170 mib->tx_mu_mpdu_cnt += cnt; 2171 2172 cnt = mt76_rr(dev, MT_MIB_TSCR6(band_idx)); 2173 mib->tx_mu_acked_mpdu_cnt += cnt; 2174 2175 cnt = mt76_rr(dev, MT_MIB_TSCR7(band_idx)); 2176 mib->tx_su_acked_mpdu_cnt += cnt; 2177 2178 cnt = mt76_rr(dev, MT_MIB_BSCR3(band_idx)); 2179 mib->tx_bf_rx_fb_ht_cnt += cnt; 2180 mib->tx_bf_rx_fb_all_cnt += cnt; 2181 2182 cnt = mt76_rr(dev, MT_MIB_BSCR4(band_idx)); 2183 mib->tx_bf_rx_fb_vht_cnt += cnt; 2184 mib->tx_bf_rx_fb_all_cnt += cnt; 2185 2186 cnt = mt76_rr(dev, MT_MIB_BSCR5(band_idx)); 2187 mib->tx_bf_rx_fb_he_cnt += cnt; 2188 mib->tx_bf_rx_fb_all_cnt += cnt; 2189 2190 cnt = mt76_rr(dev, MT_MIB_BSCR6(band_idx)); 2191 mib->tx_bf_rx_fb_eht_cnt += cnt; 2192 mib->tx_bf_rx_fb_all_cnt += cnt; 2193 2194 cnt = mt76_rr(dev, MT_ETBF_RX_FB_CONT(band_idx)); 2195 mib->tx_bf_rx_fb_bw = FIELD_GET(MT_ETBF_RX_FB_BW, cnt); 2196 mib->tx_bf_rx_fb_nc_cnt += FIELD_GET(MT_ETBF_RX_FB_NC, cnt); 2197 mib->tx_bf_rx_fb_nr_cnt += FIELD_GET(MT_ETBF_RX_FB_NR, cnt); 2198 2199 cnt = mt76_rr(dev, MT_MIB_BSCR7(band_idx)); 2200 mib->tx_bf_fb_trig_cnt += cnt; 2201 2202 cnt = mt76_rr(dev, MT_MIB_BSCR17(band_idx)); 2203 mib->tx_bf_fb_cpl_cnt += cnt; 2204 2205 for (i = 0; i < ARRAY_SIZE(mib->tx_amsdu); i++) { 2206 cnt = mt76_rr(dev, MT_PLE_AMSDU_PACK_MSDU_CNT(i)); 2207 mib->tx_amsdu[i] += cnt; 2208 mib->tx_amsdu_cnt += cnt; 2209 } 2210 2211 /* rts count */ 2212 cnt = mt76_rr(dev, MT_MIB_BTSCR5(band_idx)); 2213 mib->rts_cnt += cnt; 2214 2215 /* rts retry count */ 2216 cnt = mt76_rr(dev, MT_MIB_BTSCR6(band_idx)); 2217 mib->rts_retries_cnt += cnt; 2218 2219 /* ba miss count */ 2220 cnt = mt76_rr(dev, MT_MIB_BTSCR0(band_idx)); 2221 mib->ba_miss_cnt += cnt; 2222 2223 /* ack fail count */ 2224 cnt = mt76_rr(dev, MT_MIB_BFTFCR(band_idx)); 2225 mib->ack_fail_cnt += cnt; 2226 2227 for (i = 0; i < 16; i++) { 2228 cnt = mt76_rr(dev, MT_TX_AGG_CNT(band_idx, i)); 2229 phy->mt76->aggr_stats[i] += cnt; 2230 } 2231} 2232 2233void mt7996_mac_sta_rc_work(struct work_struct *work) 2234{ 2235 struct mt7996_dev *dev = container_of(work, struct mt7996_dev, rc_work); 2236 struct ieee80211_sta *sta; 2237 struct ieee80211_vif *vif; 2238 struct mt7996_sta *msta; 2239 u32 changed; 2240 LIST_HEAD(list); 2241 2242 spin_lock_bh(&dev->mt76.sta_poll_lock); 2243 list_splice_init(&dev->sta_rc_list, &list); 2244 2245 while (!list_empty(&list)) { 2246 msta = list_first_entry(&list, struct mt7996_sta, rc_list); 2247 list_del_init(&msta->rc_list); 2248 changed = msta->changed; 2249 msta->changed = 0; 2250 spin_unlock_bh(&dev->mt76.sta_poll_lock); 2251 2252 sta = container_of((void *)msta, struct ieee80211_sta, drv_priv); 2253 vif = container_of((void *)msta->vif, struct ieee80211_vif, drv_priv); 2254 2255 if (changed & (IEEE80211_RC_SUPP_RATES_CHANGED | 2256 IEEE80211_RC_NSS_CHANGED | 2257 IEEE80211_RC_BW_CHANGED)) 2258 mt7996_mcu_add_rate_ctrl(dev, vif, sta, true); 2259 2260 if (changed & IEEE80211_RC_SMPS_CHANGED) 2261 mt7996_mcu_set_fixed_field(dev, vif, sta, NULL, 2262 RATE_PARAM_MMPS_UPDATE); 2263 2264 spin_lock_bh(&dev->mt76.sta_poll_lock); 2265 } 2266 2267 spin_unlock_bh(&dev->mt76.sta_poll_lock); 2268} 2269 2270void mt7996_mac_work(struct work_struct *work) 2271{ 2272 struct mt7996_phy *phy; 2273 struct mt76_phy *mphy; 2274 2275 mphy = (struct mt76_phy *)container_of(work, struct mt76_phy, 2276 mac_work.work); 2277 phy = mphy->priv; 2278 2279 mutex_lock(&mphy->dev->mutex); 2280 2281 mt76_update_survey(mphy); 2282 if (++mphy->mac_work_count == 5) { 2283 mphy->mac_work_count = 0; 2284 2285 mt7996_mac_update_stats(phy); 2286 2287 mt7996_mcu_get_all_sta_info(phy, UNI_ALL_STA_TXRX_RATE); 2288 if (mtk_wed_device_active(&phy->dev->mt76.mmio.wed)) { 2289 mt7996_mcu_get_all_sta_info(phy, UNI_ALL_STA_TXRX_ADM_STAT); 2290 mt7996_mcu_get_all_sta_info(phy, UNI_ALL_STA_TXRX_MSDU_COUNT); 2291 } 2292 } 2293 2294 mutex_unlock(&mphy->dev->mutex); 2295 2296 mt76_tx_status_check(mphy->dev, false); 2297 2298 ieee80211_queue_delayed_work(mphy->hw, &mphy->mac_work, 2299 MT7996_WATCHDOG_TIME); 2300} 2301 2302static void mt7996_dfs_stop_radar_detector(struct mt7996_phy *phy) 2303{ 2304 struct mt7996_dev *dev = phy->dev; 2305 2306 if (phy->rdd_state & BIT(0)) 2307 mt7996_mcu_rdd_cmd(dev, RDD_STOP, 0, 2308 MT_RX_SEL0, 0); 2309 if (phy->rdd_state & BIT(1)) 2310 mt7996_mcu_rdd_cmd(dev, RDD_STOP, 1, 2311 MT_RX_SEL0, 0); 2312} 2313 2314static int mt7996_dfs_start_rdd(struct mt7996_dev *dev, int chain) 2315{ 2316 int err, region; 2317 2318 switch (dev->mt76.region) { 2319 case NL80211_DFS_ETSI: 2320 region = 0; 2321 break; 2322 case NL80211_DFS_JP: 2323 region = 2; 2324 break; 2325 case NL80211_DFS_FCC: 2326 default: 2327 region = 1; 2328 break; 2329 } 2330 2331 err = mt7996_mcu_rdd_cmd(dev, RDD_START, chain, 2332 MT_RX_SEL0, region); 2333 if (err < 0) 2334 return err; 2335 2336 return mt7996_mcu_rdd_cmd(dev, RDD_DET_MODE, chain, 2337 MT_RX_SEL0, 1); 2338} 2339 2340static int mt7996_dfs_start_radar_detector(struct mt7996_phy *phy) 2341{ 2342 struct cfg80211_chan_def *chandef = &phy->mt76->chandef; 2343 struct mt7996_dev *dev = phy->dev; 2344 u8 band_idx = phy->mt76->band_idx; 2345 int err; 2346 2347 /* start CAC */ 2348 err = mt7996_mcu_rdd_cmd(dev, RDD_CAC_START, band_idx, 2349 MT_RX_SEL0, 0); 2350 if (err < 0) 2351 return err; 2352 2353 err = mt7996_dfs_start_rdd(dev, band_idx); 2354 if (err < 0) 2355 return err; 2356 2357 phy->rdd_state |= BIT(band_idx); 2358 2359 if (chandef->width == NL80211_CHAN_WIDTH_160 || 2360 chandef->width == NL80211_CHAN_WIDTH_80P80) { 2361 err = mt7996_dfs_start_rdd(dev, 1); 2362 if (err < 0) 2363 return err; 2364 2365 phy->rdd_state |= BIT(1); 2366 } 2367 2368 return 0; 2369} 2370 2371static int 2372mt7996_dfs_init_radar_specs(struct mt7996_phy *phy) 2373{ 2374 const struct mt7996_dfs_radar_spec *radar_specs; 2375 struct mt7996_dev *dev = phy->dev; 2376 int err, i; 2377 2378 switch (dev->mt76.region) { 2379 case NL80211_DFS_FCC: 2380 radar_specs = &fcc_radar_specs; 2381 err = mt7996_mcu_set_fcc5_lpn(dev, 8); 2382 if (err < 0) 2383 return err; 2384 break; 2385 case NL80211_DFS_ETSI: 2386 radar_specs = &etsi_radar_specs; 2387 break; 2388 case NL80211_DFS_JP: 2389 radar_specs = &jp_radar_specs; 2390 break; 2391 default: 2392 return -EINVAL; 2393 } 2394 2395 for (i = 0; i < ARRAY_SIZE(radar_specs->radar_pattern); i++) { 2396 err = mt7996_mcu_set_radar_th(dev, i, 2397 &radar_specs->radar_pattern[i]); 2398 if (err < 0) 2399 return err; 2400 } 2401 2402 return mt7996_mcu_set_pulse_th(dev, &radar_specs->pulse_th); 2403} 2404 2405int mt7996_dfs_init_radar_detector(struct mt7996_phy *phy) 2406{ 2407 struct mt7996_dev *dev = phy->dev; 2408 enum mt76_dfs_state dfs_state, prev_state; 2409 int err; 2410 2411 prev_state = phy->mt76->dfs_state; 2412 dfs_state = mt76_phy_dfs_state(phy->mt76); 2413 2414 if (prev_state == dfs_state) 2415 return 0; 2416 2417 if (prev_state == MT_DFS_STATE_UNKNOWN) 2418 mt7996_dfs_stop_radar_detector(phy); 2419 2420 if (dfs_state == MT_DFS_STATE_DISABLED) 2421 goto stop; 2422 2423 if (prev_state <= MT_DFS_STATE_DISABLED) { 2424 err = mt7996_dfs_init_radar_specs(phy); 2425 if (err < 0) 2426 return err; 2427 2428 err = mt7996_dfs_start_radar_detector(phy); 2429 if (err < 0) 2430 return err; 2431 2432 phy->mt76->dfs_state = MT_DFS_STATE_CAC; 2433 } 2434 2435 if (dfs_state == MT_DFS_STATE_CAC) 2436 return 0; 2437 2438 err = mt7996_mcu_rdd_cmd(dev, RDD_CAC_END, 2439 phy->mt76->band_idx, MT_RX_SEL0, 0); 2440 if (err < 0) { 2441 phy->mt76->dfs_state = MT_DFS_STATE_UNKNOWN; 2442 return err; 2443 } 2444 2445 phy->mt76->dfs_state = MT_DFS_STATE_ACTIVE; 2446 return 0; 2447 2448stop: 2449 err = mt7996_mcu_rdd_cmd(dev, RDD_NORMAL_START, 2450 phy->mt76->band_idx, MT_RX_SEL0, 0); 2451 if (err < 0) 2452 return err; 2453 2454 mt7996_dfs_stop_radar_detector(phy); 2455 phy->mt76->dfs_state = MT_DFS_STATE_DISABLED; 2456 2457 return 0; 2458} 2459 2460static int 2461mt7996_mac_twt_duration_align(int duration) 2462{ 2463 return duration << 8; 2464} 2465 2466static u64 2467mt7996_mac_twt_sched_list_add(struct mt7996_dev *dev, 2468 struct mt7996_twt_flow *flow) 2469{ 2470 struct mt7996_twt_flow *iter, *iter_next; 2471 u32 duration = flow->duration << 8; 2472 u64 start_tsf; 2473 2474 iter = list_first_entry_or_null(&dev->twt_list, 2475 struct mt7996_twt_flow, list); 2476 if (!iter || !iter->sched || iter->start_tsf > duration) { 2477 /* add flow as first entry in the list */ 2478 list_add(&flow->list, &dev->twt_list); 2479 return 0; 2480 } 2481 2482 list_for_each_entry_safe(iter, iter_next, &dev->twt_list, list) { 2483 start_tsf = iter->start_tsf + 2484 mt7996_mac_twt_duration_align(iter->duration); 2485 if (list_is_last(&iter->list, &dev->twt_list)) 2486 break; 2487 2488 if (!iter_next->sched || 2489 iter_next->start_tsf > start_tsf + duration) { 2490 list_add(&flow->list, &iter->list); 2491 goto out; 2492 } 2493 } 2494 2495 /* add flow as last entry in the list */ 2496 list_add_tail(&flow->list, &dev->twt_list); 2497out: 2498 return start_tsf; 2499} 2500 2501static int mt7996_mac_check_twt_req(struct ieee80211_twt_setup *twt) 2502{ 2503 struct ieee80211_twt_params *twt_agrt; 2504 u64 interval, duration; 2505 u16 mantissa; 2506 u8 exp; 2507 2508 /* only individual agreement supported */ 2509 if (twt->control & IEEE80211_TWT_CONTROL_NEG_TYPE_BROADCAST) 2510 return -EOPNOTSUPP; 2511 2512 /* only 256us unit supported */ 2513 if (twt->control & IEEE80211_TWT_CONTROL_WAKE_DUR_UNIT) 2514 return -EOPNOTSUPP; 2515 2516 twt_agrt = (struct ieee80211_twt_params *)twt->params; 2517 2518 /* explicit agreement not supported */ 2519 if (!(twt_agrt->req_type & cpu_to_le16(IEEE80211_TWT_REQTYPE_IMPLICIT))) 2520 return -EOPNOTSUPP; 2521 2522 exp = FIELD_GET(IEEE80211_TWT_REQTYPE_WAKE_INT_EXP, 2523 le16_to_cpu(twt_agrt->req_type)); 2524 mantissa = le16_to_cpu(twt_agrt->mantissa); 2525 duration = twt_agrt->min_twt_dur << 8; 2526 2527 interval = (u64)mantissa << exp; 2528 if (interval < duration) 2529 return -EOPNOTSUPP; 2530 2531 return 0; 2532} 2533 2534static bool 2535mt7996_mac_twt_param_equal(struct mt7996_sta *msta, 2536 struct ieee80211_twt_params *twt_agrt) 2537{ 2538 u16 type = le16_to_cpu(twt_agrt->req_type); 2539 u8 exp; 2540 int i; 2541 2542 exp = FIELD_GET(IEEE80211_TWT_REQTYPE_WAKE_INT_EXP, type); 2543 for (i = 0; i < MT7996_MAX_STA_TWT_AGRT; i++) { 2544 struct mt7996_twt_flow *f; 2545 2546 if (!(msta->twt.flowid_mask & BIT(i))) 2547 continue; 2548 2549 f = &msta->twt.flow[i]; 2550 if (f->duration == twt_agrt->min_twt_dur && 2551 f->mantissa == twt_agrt->mantissa && 2552 f->exp == exp && 2553 f->protection == !!(type & IEEE80211_TWT_REQTYPE_PROTECTION) && 2554 f->flowtype == !!(type & IEEE80211_TWT_REQTYPE_FLOWTYPE) && 2555 f->trigger == !!(type & IEEE80211_TWT_REQTYPE_TRIGGER)) 2556 return true; 2557 } 2558 2559 return false; 2560} 2561 2562void mt7996_mac_add_twt_setup(struct ieee80211_hw *hw, 2563 struct ieee80211_sta *sta, 2564 struct ieee80211_twt_setup *twt) 2565{ 2566 enum ieee80211_twt_setup_cmd setup_cmd = TWT_SETUP_CMD_REJECT; 2567 struct mt7996_sta *msta = (struct mt7996_sta *)sta->drv_priv; 2568 struct ieee80211_twt_params *twt_agrt = (void *)twt->params; 2569 u16 req_type = le16_to_cpu(twt_agrt->req_type); 2570 enum ieee80211_twt_setup_cmd sta_setup_cmd; 2571 struct mt7996_dev *dev = mt7996_hw_dev(hw); 2572 struct mt7996_twt_flow *flow; 2573 u8 flowid, table_id, exp; 2574 2575 if (mt7996_mac_check_twt_req(twt)) 2576 goto out; 2577 2578 mutex_lock(&dev->mt76.mutex); 2579 2580 if (dev->twt.n_agrt == MT7996_MAX_TWT_AGRT) 2581 goto unlock; 2582 2583 if (hweight8(msta->twt.flowid_mask) == ARRAY_SIZE(msta->twt.flow)) 2584 goto unlock; 2585 2586 if (twt_agrt->min_twt_dur < MT7996_MIN_TWT_DUR) { 2587 setup_cmd = TWT_SETUP_CMD_DICTATE; 2588 twt_agrt->min_twt_dur = MT7996_MIN_TWT_DUR; 2589 goto unlock; 2590 } 2591 2592 if (mt7996_mac_twt_param_equal(msta, twt_agrt)) 2593 goto unlock; 2594 2595 flowid = ffs(~msta->twt.flowid_mask) - 1; 2596 twt_agrt->req_type &= ~cpu_to_le16(IEEE80211_TWT_REQTYPE_FLOWID); 2597 twt_agrt->req_type |= le16_encode_bits(flowid, 2598 IEEE80211_TWT_REQTYPE_FLOWID); 2599 2600 table_id = ffs(~dev->twt.table_mask) - 1; 2601 exp = FIELD_GET(IEEE80211_TWT_REQTYPE_WAKE_INT_EXP, req_type); 2602 sta_setup_cmd = FIELD_GET(IEEE80211_TWT_REQTYPE_SETUP_CMD, req_type); 2603 2604 flow = &msta->twt.flow[flowid]; 2605 memset(flow, 0, sizeof(*flow)); 2606 INIT_LIST_HEAD(&flow->list); 2607 flow->wcid = msta->wcid.idx; 2608 flow->table_id = table_id; 2609 flow->id = flowid; 2610 flow->duration = twt_agrt->min_twt_dur; 2611 flow->mantissa = twt_agrt->mantissa; 2612 flow->exp = exp; 2613 flow->protection = !!(req_type & IEEE80211_TWT_REQTYPE_PROTECTION); 2614 flow->flowtype = !!(req_type & IEEE80211_TWT_REQTYPE_FLOWTYPE); 2615 flow->trigger = !!(req_type & IEEE80211_TWT_REQTYPE_TRIGGER); 2616 2617 if (sta_setup_cmd == TWT_SETUP_CMD_REQUEST || 2618 sta_setup_cmd == TWT_SETUP_CMD_SUGGEST) { 2619 u64 interval = (u64)le16_to_cpu(twt_agrt->mantissa) << exp; 2620 u64 flow_tsf, curr_tsf; 2621 u32 rem; 2622 2623 flow->sched = true; 2624 flow->start_tsf = mt7996_mac_twt_sched_list_add(dev, flow); 2625 curr_tsf = __mt7996_get_tsf(hw, msta->vif); 2626 div_u64_rem(curr_tsf - flow->start_tsf, interval, &rem); 2627 flow_tsf = curr_tsf + interval - rem; 2628 twt_agrt->twt = cpu_to_le64(flow_tsf); 2629 } else { 2630 list_add_tail(&flow->list, &dev->twt_list); 2631 } 2632 flow->tsf = le64_to_cpu(twt_agrt->twt); 2633 2634 if (mt7996_mcu_twt_agrt_update(dev, msta->vif, flow, MCU_TWT_AGRT_ADD)) 2635 goto unlock; 2636 2637 setup_cmd = TWT_SETUP_CMD_ACCEPT; 2638 dev->twt.table_mask |= BIT(table_id); 2639 msta->twt.flowid_mask |= BIT(flowid); 2640 dev->twt.n_agrt++; 2641 2642unlock: 2643 mutex_unlock(&dev->mt76.mutex); 2644out: 2645 twt_agrt->req_type &= ~cpu_to_le16(IEEE80211_TWT_REQTYPE_SETUP_CMD); 2646 twt_agrt->req_type |= 2647 le16_encode_bits(setup_cmd, IEEE80211_TWT_REQTYPE_SETUP_CMD); 2648 twt->control = twt->control & IEEE80211_TWT_CONTROL_RX_DISABLED; 2649} 2650 2651void mt7996_mac_twt_teardown_flow(struct mt7996_dev *dev, 2652 struct mt7996_sta *msta, 2653 u8 flowid) 2654{ 2655 struct mt7996_twt_flow *flow; 2656 2657 lockdep_assert_held(&dev->mt76.mutex); 2658 2659 if (flowid >= ARRAY_SIZE(msta->twt.flow)) 2660 return; 2661 2662 if (!(msta->twt.flowid_mask & BIT(flowid))) 2663 return; 2664 2665 flow = &msta->twt.flow[flowid]; 2666 if (mt7996_mcu_twt_agrt_update(dev, msta->vif, flow, 2667 MCU_TWT_AGRT_DELETE)) 2668 return; 2669 2670 list_del_init(&flow->list); 2671 msta->twt.flowid_mask &= ~BIT(flowid); 2672 dev->twt.table_mask &= ~BIT(flow->table_id); 2673 dev->twt.n_agrt--; 2674} 2675