1// SPDX-License-Identifier: ISC 2/* 3 * Copyright (C) 2022 MediaTek Inc. 4 */ 5 6#include <linux/firmware.h> 7#include <linux/fs.h> 8#include "mt7996.h" 9#include "mcu.h" 10#include "mac.h" 11#include "eeprom.h" 12 13#define fw_name(_dev, name, ...) ({ \ 14 char *_fw; \ 15 switch (mt76_chip(&(_dev)->mt76)) { \ 16 case 0x7992: \ 17 _fw = MT7992_##name; \ 18 break; \ 19 case 0x7990: \ 20 default: \ 21 _fw = MT7996_##name; \ 22 break; \ 23 } \ 24 _fw; \ 25}) 26 27struct mt7996_patch_hdr { 28 char build_date[16]; 29 char platform[4]; 30 __be32 hw_sw_ver; 31 __be32 patch_ver; 32 __be16 checksum; 33 u16 reserved; 34 struct { 35 __be32 patch_ver; 36 __be32 subsys; 37 __be32 feature; 38 __be32 n_region; 39 __be32 crc; 40 u32 reserved[11]; 41 } desc; 42} __packed; 43 44struct mt7996_patch_sec { 45 __be32 type; 46 __be32 offs; 47 __be32 size; 48 union { 49 __be32 spec[13]; 50 struct { 51 __be32 addr; 52 __be32 len; 53 __be32 sec_key_idx; 54 __be32 align_len; 55 u32 reserved[9]; 56 } info; 57 }; 58} __packed; 59 60struct mt7996_fw_trailer { 61 u8 chip_id; 62 u8 eco_code; 63 u8 n_region; 64 u8 format_ver; 65 u8 format_flag; 66 u8 reserved[2]; 67 char fw_ver[10]; 68 char build_date[15]; 69 u32 crc; 70} __packed; 71 72struct mt7996_fw_region { 73 __le32 decomp_crc; 74 __le32 decomp_len; 75 __le32 decomp_blk_sz; 76 u8 reserved[4]; 77 __le32 addr; 78 __le32 len; 79 u8 feature_set; 80 u8 reserved1[15]; 81} __packed; 82 83#define MCU_PATCH_ADDRESS 0x200000 84 85#define HE_PHY(p, c) u8_get_bits(c, IEEE80211_HE_PHY_##p) 86#define HE_MAC(m, c) u8_get_bits(c, IEEE80211_HE_MAC_##m) 87#define EHT_PHY(p, c) u8_get_bits(c, IEEE80211_EHT_PHY_##p) 88 89static bool sr_scene_detect = true; 90module_param(sr_scene_detect, bool, 0644); 91MODULE_PARM_DESC(sr_scene_detect, "Enable firmware scene detection algorithm"); 92 93static u8 94mt7996_mcu_get_sta_nss(u16 mcs_map) 95{ 96 u8 nss; 97 98 for (nss = 8; nss > 0; nss--) { 99 u8 nss_mcs = (mcs_map >> (2 * (nss - 1))) & 3; 100 101 if (nss_mcs != IEEE80211_VHT_MCS_NOT_SUPPORTED) 102 break; 103 } 104 105 return nss - 1; 106} 107 108static void 109mt7996_mcu_set_sta_he_mcs(struct ieee80211_sta *sta, __le16 *he_mcs, 110 u16 mcs_map) 111{ 112 struct mt7996_sta *msta = (struct mt7996_sta *)sta->drv_priv; 113 enum nl80211_band band = msta->vif->phy->mt76->chandef.chan->band; 114 const u16 *mask = msta->vif->bitrate_mask.control[band].he_mcs; 115 int nss, max_nss = sta->deflink.rx_nss > 3 ? 4 : sta->deflink.rx_nss; 116 117 for (nss = 0; nss < max_nss; nss++) { 118 int mcs; 119 120 switch ((mcs_map >> (2 * nss)) & 0x3) { 121 case IEEE80211_HE_MCS_SUPPORT_0_11: 122 mcs = GENMASK(11, 0); 123 break; 124 case IEEE80211_HE_MCS_SUPPORT_0_9: 125 mcs = GENMASK(9, 0); 126 break; 127 case IEEE80211_HE_MCS_SUPPORT_0_7: 128 mcs = GENMASK(7, 0); 129 break; 130 default: 131 mcs = 0; 132 } 133 134 mcs = mcs ? fls(mcs & mask[nss]) - 1 : -1; 135 136 switch (mcs) { 137 case 0 ... 7: 138 mcs = IEEE80211_HE_MCS_SUPPORT_0_7; 139 break; 140 case 8 ... 9: 141 mcs = IEEE80211_HE_MCS_SUPPORT_0_9; 142 break; 143 case 10 ... 11: 144 mcs = IEEE80211_HE_MCS_SUPPORT_0_11; 145 break; 146 default: 147 mcs = IEEE80211_HE_MCS_NOT_SUPPORTED; 148 break; 149 } 150 mcs_map &= ~(0x3 << (nss * 2)); 151 mcs_map |= mcs << (nss * 2); 152 } 153 154 *he_mcs = cpu_to_le16(mcs_map); 155} 156 157static void 158mt7996_mcu_set_sta_vht_mcs(struct ieee80211_sta *sta, __le16 *vht_mcs, 159 const u16 *mask) 160{ 161 u16 mcs, mcs_map = le16_to_cpu(sta->deflink.vht_cap.vht_mcs.rx_mcs_map); 162 int nss, max_nss = sta->deflink.rx_nss > 3 ? 4 : sta->deflink.rx_nss; 163 164 for (nss = 0; nss < max_nss; nss++, mcs_map >>= 2) { 165 switch (mcs_map & 0x3) { 166 case IEEE80211_VHT_MCS_SUPPORT_0_9: 167 mcs = GENMASK(9, 0); 168 break; 169 case IEEE80211_VHT_MCS_SUPPORT_0_8: 170 mcs = GENMASK(8, 0); 171 break; 172 case IEEE80211_VHT_MCS_SUPPORT_0_7: 173 mcs = GENMASK(7, 0); 174 break; 175 default: 176 mcs = 0; 177 } 178 179 vht_mcs[nss] = cpu_to_le16(mcs & mask[nss]); 180 } 181} 182 183static void 184mt7996_mcu_set_sta_ht_mcs(struct ieee80211_sta *sta, u8 *ht_mcs, 185 const u8 *mask) 186{ 187 int nss, max_nss = sta->deflink.rx_nss > 3 ? 4 : sta->deflink.rx_nss; 188 189 for (nss = 0; nss < max_nss; nss++) 190 ht_mcs[nss] = sta->deflink.ht_cap.mcs.rx_mask[nss] & mask[nss]; 191} 192 193static int 194mt7996_mcu_parse_response(struct mt76_dev *mdev, int cmd, 195 struct sk_buff *skb, int seq) 196{ 197 struct mt7996_mcu_rxd *rxd; 198 struct mt7996_mcu_uni_event *event; 199 int mcu_cmd = FIELD_GET(__MCU_CMD_FIELD_ID, cmd); 200 int ret = 0; 201 202 if (!skb) { 203 dev_err(mdev->dev, "Message %08x (seq %d) timeout\n", 204 cmd, seq); 205 return -ETIMEDOUT; 206 } 207 208 rxd = (struct mt7996_mcu_rxd *)skb->data; 209 if (seq != rxd->seq) 210 return -EAGAIN; 211 212 if (cmd == MCU_CMD(PATCH_SEM_CONTROL)) { 213 skb_pull(skb, sizeof(*rxd) - 4); 214 ret = *skb->data; 215 } else if ((rxd->option & MCU_UNI_CMD_EVENT) && 216 rxd->eid == MCU_UNI_EVENT_RESULT) { 217 skb_pull(skb, sizeof(*rxd)); 218 event = (struct mt7996_mcu_uni_event *)skb->data; 219 ret = le32_to_cpu(event->status); 220 /* skip invalid event */ 221 if (mcu_cmd != event->cid) 222 ret = -EAGAIN; 223 } else { 224 skb_pull(skb, sizeof(struct mt7996_mcu_rxd)); 225 } 226 227 return ret; 228} 229 230static int 231mt7996_mcu_send_message(struct mt76_dev *mdev, struct sk_buff *skb, 232 int cmd, int *wait_seq) 233{ 234 struct mt7996_dev *dev = container_of(mdev, struct mt7996_dev, mt76); 235 int txd_len, mcu_cmd = FIELD_GET(__MCU_CMD_FIELD_ID, cmd); 236 struct mt76_connac2_mcu_uni_txd *uni_txd; 237 struct mt76_connac2_mcu_txd *mcu_txd; 238 enum mt76_mcuq_id qid; 239 __le32 *txd; 240 u32 val; 241 u8 seq; 242 243 mdev->mcu.timeout = 20 * HZ; 244 245 seq = ++dev->mt76.mcu.msg_seq & 0xf; 246 if (!seq) 247 seq = ++dev->mt76.mcu.msg_seq & 0xf; 248 249 if (cmd == MCU_CMD(FW_SCATTER)) { 250 qid = MT_MCUQ_FWDL; 251 goto exit; 252 } 253 254 txd_len = cmd & __MCU_CMD_FIELD_UNI ? sizeof(*uni_txd) : sizeof(*mcu_txd); 255 txd = (__le32 *)skb_push(skb, txd_len); 256 if (test_bit(MT76_STATE_MCU_RUNNING, &dev->mphy.state)) 257 qid = MT_MCUQ_WA; 258 else 259 qid = MT_MCUQ_WM; 260 261 val = FIELD_PREP(MT_TXD0_TX_BYTES, skb->len) | 262 FIELD_PREP(MT_TXD0_PKT_FMT, MT_TX_TYPE_CMD) | 263 FIELD_PREP(MT_TXD0_Q_IDX, MT_TX_MCU_PORT_RX_Q0); 264 txd[0] = cpu_to_le32(val); 265 266 val = FIELD_PREP(MT_TXD1_HDR_FORMAT, MT_HDR_FORMAT_CMD); 267 txd[1] = cpu_to_le32(val); 268 269 if (cmd & __MCU_CMD_FIELD_UNI) { 270 uni_txd = (struct mt76_connac2_mcu_uni_txd *)txd; 271 uni_txd->len = cpu_to_le16(skb->len - sizeof(uni_txd->txd)); 272 uni_txd->cid = cpu_to_le16(mcu_cmd); 273 uni_txd->s2d_index = MCU_S2D_H2CN; 274 uni_txd->pkt_type = MCU_PKT_ID; 275 uni_txd->seq = seq; 276 277 if (cmd & __MCU_CMD_FIELD_QUERY) 278 uni_txd->option = MCU_CMD_UNI_QUERY_ACK; 279 else 280 uni_txd->option = MCU_CMD_UNI_EXT_ACK; 281 282 if ((cmd & __MCU_CMD_FIELD_WA) && (cmd & __MCU_CMD_FIELD_WM)) 283 uni_txd->s2d_index = MCU_S2D_H2CN; 284 else if (cmd & __MCU_CMD_FIELD_WA) 285 uni_txd->s2d_index = MCU_S2D_H2C; 286 else if (cmd & __MCU_CMD_FIELD_WM) 287 uni_txd->s2d_index = MCU_S2D_H2N; 288 289 goto exit; 290 } 291 292 mcu_txd = (struct mt76_connac2_mcu_txd *)txd; 293 mcu_txd->len = cpu_to_le16(skb->len - sizeof(mcu_txd->txd)); 294 mcu_txd->pq_id = cpu_to_le16(MCU_PQ_ID(MT_TX_PORT_IDX_MCU, 295 MT_TX_MCU_PORT_RX_Q0)); 296 mcu_txd->pkt_type = MCU_PKT_ID; 297 mcu_txd->seq = seq; 298 299 mcu_txd->cid = FIELD_GET(__MCU_CMD_FIELD_ID, cmd); 300 mcu_txd->set_query = MCU_Q_NA; 301 mcu_txd->ext_cid = FIELD_GET(__MCU_CMD_FIELD_EXT_ID, cmd); 302 if (mcu_txd->ext_cid) { 303 mcu_txd->ext_cid_ack = 1; 304 305 if (cmd & __MCU_CMD_FIELD_QUERY) 306 mcu_txd->set_query = MCU_Q_QUERY; 307 else 308 mcu_txd->set_query = MCU_Q_SET; 309 } 310 311 if (cmd & __MCU_CMD_FIELD_WA) 312 mcu_txd->s2d_index = MCU_S2D_H2C; 313 else 314 mcu_txd->s2d_index = MCU_S2D_H2N; 315 316exit: 317 if (wait_seq) 318 *wait_seq = seq; 319 320 return mt76_tx_queue_skb_raw(dev, mdev->q_mcu[qid], skb, 0); 321} 322 323int mt7996_mcu_wa_cmd(struct mt7996_dev *dev, int cmd, u32 a1, u32 a2, u32 a3) 324{ 325 struct { 326 __le32 args[3]; 327 } req = { 328 .args = { 329 cpu_to_le32(a1), 330 cpu_to_le32(a2), 331 cpu_to_le32(a3), 332 }, 333 }; 334 335 return mt76_mcu_send_msg(&dev->mt76, cmd, &req, sizeof(req), false); 336} 337 338static void 339mt7996_mcu_csa_finish(void *priv, u8 *mac, struct ieee80211_vif *vif) 340{ 341 if (!vif->bss_conf.csa_active || vif->type == NL80211_IFTYPE_STATION) 342 return; 343 344 ieee80211_csa_finish(vif, 0); 345} 346 347static void 348mt7996_mcu_rx_radar_detected(struct mt7996_dev *dev, struct sk_buff *skb) 349{ 350 struct mt76_phy *mphy = &dev->mt76.phy; 351 struct mt7996_mcu_rdd_report *r; 352 353 r = (struct mt7996_mcu_rdd_report *)skb->data; 354 355 if (r->band_idx >= ARRAY_SIZE(dev->mt76.phys)) 356 return; 357 358 if (dev->rdd2_phy && r->band_idx == MT_RX_SEL2) 359 mphy = dev->rdd2_phy->mt76; 360 else 361 mphy = dev->mt76.phys[r->band_idx]; 362 363 if (!mphy) 364 return; 365 366 if (r->band_idx == MT_RX_SEL2) 367 cfg80211_background_radar_event(mphy->hw->wiphy, 368 &dev->rdd2_chandef, 369 GFP_ATOMIC); 370 else 371 ieee80211_radar_detected(mphy->hw); 372 dev->hw_pattern++; 373} 374 375static void 376mt7996_mcu_rx_log_message(struct mt7996_dev *dev, struct sk_buff *skb) 377{ 378#define UNI_EVENT_FW_LOG_FORMAT 0 379 struct mt7996_mcu_rxd *rxd = (struct mt7996_mcu_rxd *)skb->data; 380 const char *data = (char *)&rxd[1] + 4, *type; 381 struct tlv *tlv = (struct tlv *)data; 382 int len; 383 384 if (!(rxd->option & MCU_UNI_CMD_EVENT)) { 385 len = skb->len - sizeof(*rxd); 386 data = (char *)&rxd[1]; 387 goto out; 388 } 389 390 if (le16_to_cpu(tlv->tag) != UNI_EVENT_FW_LOG_FORMAT) 391 return; 392 393 data += sizeof(*tlv) + 4; 394 len = le16_to_cpu(tlv->len) - sizeof(*tlv) - 4; 395 396out: 397 switch (rxd->s2d_index) { 398 case 0: 399 if (mt7996_debugfs_rx_log(dev, data, len)) 400 return; 401 402 type = "WM"; 403 break; 404 case 2: 405 type = "WA"; 406 break; 407 default: 408 type = "unknown"; 409 break; 410 } 411 412 wiphy_info(mt76_hw(dev)->wiphy, "%s: %.*s", type, len, data); 413} 414 415static void 416mt7996_mcu_cca_finish(void *priv, u8 *mac, struct ieee80211_vif *vif) 417{ 418 if (!vif->bss_conf.color_change_active || vif->type == NL80211_IFTYPE_STATION) 419 return; 420 421 ieee80211_color_change_finish(vif); 422} 423 424static void 425mt7996_mcu_ie_countdown(struct mt7996_dev *dev, struct sk_buff *skb) 426{ 427#define UNI_EVENT_IE_COUNTDOWN_CSA 0 428#define UNI_EVENT_IE_COUNTDOWN_BCC 1 429 struct header { 430 u8 band; 431 u8 rsv[3]; 432 }; 433 struct mt76_phy *mphy = &dev->mt76.phy; 434 struct mt7996_mcu_rxd *rxd = (struct mt7996_mcu_rxd *)skb->data; 435 const char *data = (char *)&rxd[1], *tail; 436 struct header *hdr = (struct header *)data; 437 struct tlv *tlv = (struct tlv *)(data + 4); 438 439 if (hdr->band >= ARRAY_SIZE(dev->mt76.phys)) 440 return; 441 442 if (hdr->band && dev->mt76.phys[hdr->band]) 443 mphy = dev->mt76.phys[hdr->band]; 444 445 tail = skb->data + skb->len; 446 data += sizeof(struct header); 447 while (data + sizeof(struct tlv) < tail && le16_to_cpu(tlv->len)) { 448 switch (le16_to_cpu(tlv->tag)) { 449 case UNI_EVENT_IE_COUNTDOWN_CSA: 450 ieee80211_iterate_active_interfaces_atomic(mphy->hw, 451 IEEE80211_IFACE_ITER_RESUME_ALL, 452 mt7996_mcu_csa_finish, mphy->hw); 453 break; 454 case UNI_EVENT_IE_COUNTDOWN_BCC: 455 ieee80211_iterate_active_interfaces_atomic(mphy->hw, 456 IEEE80211_IFACE_ITER_RESUME_ALL, 457 mt7996_mcu_cca_finish, mphy->hw); 458 break; 459 } 460 461 data += le16_to_cpu(tlv->len); 462 tlv = (struct tlv *)data; 463 } 464} 465 466static int 467mt7996_mcu_update_tx_gi(struct rate_info *rate, struct all_sta_trx_rate *mcu_rate) 468{ 469 switch (mcu_rate->tx_mode) { 470 case MT_PHY_TYPE_CCK: 471 case MT_PHY_TYPE_OFDM: 472 break; 473 case MT_PHY_TYPE_HT: 474 case MT_PHY_TYPE_HT_GF: 475 case MT_PHY_TYPE_VHT: 476 if (mcu_rate->tx_gi) 477 rate->flags |= RATE_INFO_FLAGS_SHORT_GI; 478 else 479 rate->flags &= ~RATE_INFO_FLAGS_SHORT_GI; 480 break; 481 case MT_PHY_TYPE_HE_SU: 482 case MT_PHY_TYPE_HE_EXT_SU: 483 case MT_PHY_TYPE_HE_TB: 484 case MT_PHY_TYPE_HE_MU: 485 if (mcu_rate->tx_gi > NL80211_RATE_INFO_HE_GI_3_2) 486 return -EINVAL; 487 rate->he_gi = mcu_rate->tx_gi; 488 break; 489 case MT_PHY_TYPE_EHT_SU: 490 case MT_PHY_TYPE_EHT_TRIG: 491 case MT_PHY_TYPE_EHT_MU: 492 if (mcu_rate->tx_gi > NL80211_RATE_INFO_EHT_GI_3_2) 493 return -EINVAL; 494 rate->eht_gi = mcu_rate->tx_gi; 495 break; 496 default: 497 return -EINVAL; 498 } 499 500 return 0; 501} 502 503static void 504mt7996_mcu_rx_all_sta_info_event(struct mt7996_dev *dev, struct sk_buff *skb) 505{ 506 struct mt7996_mcu_all_sta_info_event *res; 507 u16 i; 508 509 skb_pull(skb, sizeof(struct mt7996_mcu_rxd)); 510 511 res = (struct mt7996_mcu_all_sta_info_event *)skb->data; 512 513 for (i = 0; i < le16_to_cpu(res->sta_num); i++) { 514 u8 ac; 515 u16 wlan_idx; 516 struct mt76_wcid *wcid; 517 518 switch (le16_to_cpu(res->tag)) { 519 case UNI_ALL_STA_TXRX_RATE: 520 wlan_idx = le16_to_cpu(res->rate[i].wlan_idx); 521 wcid = rcu_dereference(dev->mt76.wcid[wlan_idx]); 522 523 if (!wcid) 524 break; 525 526 if (mt7996_mcu_update_tx_gi(&wcid->rate, &res->rate[i])) 527 dev_err(dev->mt76.dev, "Failed to update TX GI\n"); 528 break; 529 case UNI_ALL_STA_TXRX_ADM_STAT: 530 wlan_idx = le16_to_cpu(res->adm_stat[i].wlan_idx); 531 wcid = rcu_dereference(dev->mt76.wcid[wlan_idx]); 532 533 if (!wcid) 534 break; 535 536 for (ac = 0; ac < IEEE80211_NUM_ACS; ac++) { 537 wcid->stats.tx_bytes += 538 le32_to_cpu(res->adm_stat[i].tx_bytes[ac]); 539 wcid->stats.rx_bytes += 540 le32_to_cpu(res->adm_stat[i].rx_bytes[ac]); 541 } 542 break; 543 case UNI_ALL_STA_TXRX_MSDU_COUNT: 544 wlan_idx = le16_to_cpu(res->msdu_cnt[i].wlan_idx); 545 wcid = rcu_dereference(dev->mt76.wcid[wlan_idx]); 546 547 if (!wcid) 548 break; 549 550 wcid->stats.tx_packets += 551 le32_to_cpu(res->msdu_cnt[i].tx_msdu_cnt); 552 wcid->stats.rx_packets += 553 le32_to_cpu(res->msdu_cnt[i].rx_msdu_cnt); 554 break; 555 default: 556 break; 557 } 558 } 559} 560 561static void 562mt7996_mcu_rx_thermal_notify(struct mt7996_dev *dev, struct sk_buff *skb) 563{ 564#define THERMAL_NOTIFY_TAG 0x4 565#define THERMAL_NOTIFY 0x2 566 struct mt76_phy *mphy = &dev->mt76.phy; 567 struct mt7996_mcu_thermal_notify *n; 568 struct mt7996_phy *phy; 569 570 n = (struct mt7996_mcu_thermal_notify *)skb->data; 571 572 if (le16_to_cpu(n->tag) != THERMAL_NOTIFY_TAG) 573 return; 574 575 if (n->event_id != THERMAL_NOTIFY) 576 return; 577 578 if (n->band_idx > MT_BAND2) 579 return; 580 581 mphy = dev->mt76.phys[n->band_idx]; 582 if (!mphy) 583 return; 584 585 phy = (struct mt7996_phy *)mphy->priv; 586 phy->throttle_state = n->duty_percent; 587} 588 589static void 590mt7996_mcu_rx_ext_event(struct mt7996_dev *dev, struct sk_buff *skb) 591{ 592 struct mt7996_mcu_rxd *rxd = (struct mt7996_mcu_rxd *)skb->data; 593 594 switch (rxd->ext_eid) { 595 case MCU_EXT_EVENT_FW_LOG_2_HOST: 596 mt7996_mcu_rx_log_message(dev, skb); 597 break; 598 default: 599 break; 600 } 601} 602 603static void 604mt7996_mcu_rx_unsolicited_event(struct mt7996_dev *dev, struct sk_buff *skb) 605{ 606 struct mt7996_mcu_rxd *rxd = (struct mt7996_mcu_rxd *)skb->data; 607 608 switch (rxd->eid) { 609 case MCU_EVENT_EXT: 610 mt7996_mcu_rx_ext_event(dev, skb); 611 break; 612 case MCU_UNI_EVENT_THERMAL: 613 mt7996_mcu_rx_thermal_notify(dev, skb); 614 break; 615 default: 616 break; 617 } 618 dev_kfree_skb(skb); 619} 620 621static void 622mt7996_mcu_wed_rro_event(struct mt7996_dev *dev, struct sk_buff *skb) 623{ 624 struct mt7996_mcu_wed_rro_event *event = (void *)skb->data; 625 626 if (!dev->has_rro) 627 return; 628 629 skb_pull(skb, sizeof(struct mt7996_mcu_rxd) + 4); 630 631 switch (le16_to_cpu(event->tag)) { 632 case UNI_WED_RRO_BA_SESSION_STATUS: { 633 struct mt7996_mcu_wed_rro_ba_event *e; 634 635 while (skb->len >= sizeof(*e)) { 636 struct mt76_rx_tid *tid; 637 struct mt76_wcid *wcid; 638 u16 idx; 639 640 e = (void *)skb->data; 641 idx = le16_to_cpu(e->wlan_id); 642 if (idx >= ARRAY_SIZE(dev->mt76.wcid)) 643 break; 644 645 wcid = rcu_dereference(dev->mt76.wcid[idx]); 646 if (!wcid || !wcid->sta) 647 break; 648 649 if (e->tid >= ARRAY_SIZE(wcid->aggr)) 650 break; 651 652 tid = rcu_dereference(wcid->aggr[e->tid]); 653 if (!tid) 654 break; 655 656 tid->id = le16_to_cpu(e->id); 657 skb_pull(skb, sizeof(*e)); 658 } 659 break; 660 } 661 case UNI_WED_RRO_BA_SESSION_DELETE: { 662 struct mt7996_mcu_wed_rro_ba_delete_event *e; 663 664 while (skb->len >= sizeof(*e)) { 665 struct mt7996_wed_rro_session_id *session; 666 667 e = (void *)skb->data; 668 session = kzalloc(sizeof(*session), GFP_ATOMIC); 669 if (!session) 670 break; 671 672 session->id = le16_to_cpu(e->session_id); 673 674 spin_lock_bh(&dev->wed_rro.lock); 675 list_add_tail(&session->list, &dev->wed_rro.poll_list); 676 spin_unlock_bh(&dev->wed_rro.lock); 677 678 ieee80211_queue_work(mt76_hw(dev), &dev->wed_rro.work); 679 skb_pull(skb, sizeof(*e)); 680 } 681 break; 682 } 683 default: 684 break; 685 } 686} 687 688static void 689mt7996_mcu_uni_rx_unsolicited_event(struct mt7996_dev *dev, struct sk_buff *skb) 690{ 691 struct mt7996_mcu_rxd *rxd = (struct mt7996_mcu_rxd *)skb->data; 692 693 switch (rxd->eid) { 694 case MCU_UNI_EVENT_FW_LOG_2_HOST: 695 mt7996_mcu_rx_log_message(dev, skb); 696 break; 697 case MCU_UNI_EVENT_IE_COUNTDOWN: 698 mt7996_mcu_ie_countdown(dev, skb); 699 break; 700 case MCU_UNI_EVENT_RDD_REPORT: 701 mt7996_mcu_rx_radar_detected(dev, skb); 702 break; 703 case MCU_UNI_EVENT_ALL_STA_INFO: 704 mt7996_mcu_rx_all_sta_info_event(dev, skb); 705 break; 706 case MCU_UNI_EVENT_WED_RRO: 707 mt7996_mcu_wed_rro_event(dev, skb); 708 break; 709 default: 710 break; 711 } 712 dev_kfree_skb(skb); 713} 714 715void mt7996_mcu_rx_event(struct mt7996_dev *dev, struct sk_buff *skb) 716{ 717 struct mt7996_mcu_rxd *rxd = (struct mt7996_mcu_rxd *)skb->data; 718 719 if (rxd->option & MCU_UNI_CMD_UNSOLICITED_EVENT) { 720 mt7996_mcu_uni_rx_unsolicited_event(dev, skb); 721 return; 722 } 723 724 /* WA still uses legacy event*/ 725 if (rxd->ext_eid == MCU_EXT_EVENT_FW_LOG_2_HOST || 726 !rxd->seq) 727 mt7996_mcu_rx_unsolicited_event(dev, skb); 728 else 729 mt76_mcu_rx_event(&dev->mt76, skb); 730} 731 732static struct tlv * 733mt7996_mcu_add_uni_tlv(struct sk_buff *skb, u16 tag, u16 len) 734{ 735 struct tlv *ptlv = skb_put(skb, len); 736 737 ptlv->tag = cpu_to_le16(tag); 738 ptlv->len = cpu_to_le16(len); 739 740 return ptlv; 741} 742 743static void 744mt7996_mcu_bss_rfch_tlv(struct sk_buff *skb, struct ieee80211_vif *vif, 745 struct mt7996_phy *phy) 746{ 747 static const u8 rlm_ch_band[] = { 748 [NL80211_BAND_2GHZ] = 1, 749 [NL80211_BAND_5GHZ] = 2, 750 [NL80211_BAND_6GHZ] = 3, 751 }; 752 struct cfg80211_chan_def *chandef = &phy->mt76->chandef; 753 struct bss_rlm_tlv *ch; 754 struct tlv *tlv; 755 int freq1 = chandef->center_freq1; 756 757 tlv = mt7996_mcu_add_uni_tlv(skb, UNI_BSS_INFO_RLM, sizeof(*ch)); 758 759 ch = (struct bss_rlm_tlv *)tlv; 760 ch->control_channel = chandef->chan->hw_value; 761 ch->center_chan = ieee80211_frequency_to_channel(freq1); 762 ch->bw = mt76_connac_chan_bw(chandef); 763 ch->tx_streams = hweight8(phy->mt76->antenna_mask); 764 ch->rx_streams = hweight8(phy->mt76->antenna_mask); 765 ch->band = rlm_ch_band[chandef->chan->band]; 766 767 if (chandef->width == NL80211_CHAN_WIDTH_80P80) { 768 int freq2 = chandef->center_freq2; 769 770 ch->center_chan2 = ieee80211_frequency_to_channel(freq2); 771 } 772} 773 774static void 775mt7996_mcu_bss_ra_tlv(struct sk_buff *skb, struct ieee80211_vif *vif, 776 struct mt7996_phy *phy) 777{ 778 struct bss_ra_tlv *ra; 779 struct tlv *tlv; 780 781 tlv = mt7996_mcu_add_uni_tlv(skb, UNI_BSS_INFO_RA, sizeof(*ra)); 782 783 ra = (struct bss_ra_tlv *)tlv; 784 ra->short_preamble = true; 785} 786 787static void 788mt7996_mcu_bss_he_tlv(struct sk_buff *skb, struct ieee80211_vif *vif, 789 struct mt7996_phy *phy) 790{ 791#define DEFAULT_HE_PE_DURATION 4 792#define DEFAULT_HE_DURATION_RTS_THRES 1023 793 const struct ieee80211_sta_he_cap *cap; 794 struct bss_info_uni_he *he; 795 struct tlv *tlv; 796 797 cap = mt76_connac_get_he_phy_cap(phy->mt76, vif); 798 799 tlv = mt7996_mcu_add_uni_tlv(skb, UNI_BSS_INFO_HE_BASIC, sizeof(*he)); 800 801 he = (struct bss_info_uni_he *)tlv; 802 he->he_pe_duration = vif->bss_conf.htc_trig_based_pkt_ext; 803 if (!he->he_pe_duration) 804 he->he_pe_duration = DEFAULT_HE_PE_DURATION; 805 806 he->he_rts_thres = cpu_to_le16(vif->bss_conf.frame_time_rts_th); 807 if (!he->he_rts_thres) 808 he->he_rts_thres = cpu_to_le16(DEFAULT_HE_DURATION_RTS_THRES); 809 810 he->max_nss_mcs[CMD_HE_MCS_BW80] = cap->he_mcs_nss_supp.tx_mcs_80; 811 he->max_nss_mcs[CMD_HE_MCS_BW160] = cap->he_mcs_nss_supp.tx_mcs_160; 812 he->max_nss_mcs[CMD_HE_MCS_BW8080] = cap->he_mcs_nss_supp.tx_mcs_80p80; 813} 814 815static void 816mt7996_mcu_bss_mbssid_tlv(struct sk_buff *skb, struct ieee80211_vif *vif, 817 struct mt7996_phy *phy, int enable) 818{ 819 struct bss_info_uni_mbssid *mbssid; 820 struct tlv *tlv; 821 822 tlv = mt7996_mcu_add_uni_tlv(skb, UNI_BSS_INFO_11V_MBSSID, sizeof(*mbssid)); 823 824 mbssid = (struct bss_info_uni_mbssid *)tlv; 825 826 if (enable && vif->bss_conf.bssid_indicator) { 827 mbssid->max_indicator = vif->bss_conf.bssid_indicator; 828 mbssid->mbss_idx = vif->bss_conf.bssid_index; 829 mbssid->tx_bss_omac_idx = 0; 830 } 831} 832 833static void 834mt7996_mcu_bss_bmc_tlv(struct sk_buff *skb, struct ieee80211_vif *vif, 835 struct mt7996_phy *phy) 836{ 837 struct mt76_vif *mvif = (struct mt76_vif *)vif->drv_priv; 838 struct bss_rate_tlv *bmc; 839 struct cfg80211_chan_def *chandef = &phy->mt76->chandef; 840 enum nl80211_band band = chandef->chan->band; 841 struct tlv *tlv; 842 u8 idx = mvif->mcast_rates_idx ? 843 mvif->mcast_rates_idx : mvif->basic_rates_idx; 844 845 tlv = mt7996_mcu_add_uni_tlv(skb, UNI_BSS_INFO_RATE, sizeof(*bmc)); 846 847 bmc = (struct bss_rate_tlv *)tlv; 848 849 bmc->short_preamble = (band == NL80211_BAND_2GHZ); 850 bmc->bc_fixed_rate = idx; 851 bmc->mc_fixed_rate = idx; 852} 853 854static void 855mt7996_mcu_bss_txcmd_tlv(struct sk_buff *skb, bool en) 856{ 857 struct bss_txcmd_tlv *txcmd; 858 struct tlv *tlv; 859 860 tlv = mt7996_mcu_add_uni_tlv(skb, UNI_BSS_INFO_TXCMD, sizeof(*txcmd)); 861 862 txcmd = (struct bss_txcmd_tlv *)tlv; 863 txcmd->txcmd_mode = en; 864} 865 866static void 867mt7996_mcu_bss_mld_tlv(struct sk_buff *skb, struct ieee80211_vif *vif) 868{ 869 struct mt7996_vif *mvif = (struct mt7996_vif *)vif->drv_priv; 870 struct bss_mld_tlv *mld; 871 struct tlv *tlv; 872 873 tlv = mt7996_mcu_add_uni_tlv(skb, UNI_BSS_INFO_MLD, sizeof(*mld)); 874 875 mld = (struct bss_mld_tlv *)tlv; 876 mld->group_mld_id = 0xff; 877 mld->own_mld_id = mvif->mt76.idx; 878 mld->remap_idx = 0xff; 879} 880 881static void 882mt7996_mcu_bss_sec_tlv(struct sk_buff *skb, struct ieee80211_vif *vif) 883{ 884 struct mt76_vif *mvif = (struct mt76_vif *)vif->drv_priv; 885 struct bss_sec_tlv *sec; 886 struct tlv *tlv; 887 888 tlv = mt7996_mcu_add_uni_tlv(skb, UNI_BSS_INFO_SEC, sizeof(*sec)); 889 890 sec = (struct bss_sec_tlv *)tlv; 891 sec->cipher = mvif->cipher; 892} 893 894static int 895mt7996_mcu_muar_config(struct mt7996_phy *phy, struct ieee80211_vif *vif, 896 bool bssid, bool enable) 897{ 898#define UNI_MUAR_ENTRY 2 899 struct mt7996_dev *dev = phy->dev; 900 struct mt7996_vif *mvif = (struct mt7996_vif *)vif->drv_priv; 901 u32 idx = mvif->mt76.omac_idx - REPEATER_BSSID_START; 902 const u8 *addr = vif->addr; 903 904 struct { 905 struct { 906 u8 band; 907 u8 __rsv[3]; 908 } hdr; 909 910 __le16 tag; 911 __le16 len; 912 913 bool smesh; 914 u8 bssid; 915 u8 index; 916 u8 entry_add; 917 u8 addr[ETH_ALEN]; 918 u8 __rsv[2]; 919 } __packed req = { 920 .hdr.band = phy->mt76->band_idx, 921 .tag = cpu_to_le16(UNI_MUAR_ENTRY), 922 .len = cpu_to_le16(sizeof(req) - sizeof(req.hdr)), 923 .smesh = false, 924 .index = idx * 2 + bssid, 925 .entry_add = true, 926 }; 927 928 if (bssid) 929 addr = vif->bss_conf.bssid; 930 931 if (enable) 932 memcpy(req.addr, addr, ETH_ALEN); 933 934 return mt76_mcu_send_msg(&dev->mt76, MCU_WM_UNI_CMD(REPT_MUAR), &req, 935 sizeof(req), true); 936} 937 938static void 939mt7996_mcu_bss_ifs_timing_tlv(struct sk_buff *skb, struct ieee80211_vif *vif) 940{ 941 struct mt7996_vif *mvif = (struct mt7996_vif *)vif->drv_priv; 942 struct mt7996_phy *phy = mvif->phy; 943 struct bss_ifs_time_tlv *ifs_time; 944 struct tlv *tlv; 945 bool is_2ghz = phy->mt76->chandef.chan->band == NL80211_BAND_2GHZ; 946 947 tlv = mt7996_mcu_add_uni_tlv(skb, UNI_BSS_INFO_IFS_TIME, sizeof(*ifs_time)); 948 949 ifs_time = (struct bss_ifs_time_tlv *)tlv; 950 ifs_time->slot_valid = true; 951 ifs_time->sifs_valid = true; 952 ifs_time->rifs_valid = true; 953 ifs_time->eifs_valid = true; 954 955 ifs_time->slot_time = cpu_to_le16(phy->slottime); 956 ifs_time->sifs_time = cpu_to_le16(10); 957 ifs_time->rifs_time = cpu_to_le16(2); 958 ifs_time->eifs_time = cpu_to_le16(is_2ghz ? 78 : 84); 959 960 if (is_2ghz) { 961 ifs_time->eifs_cck_valid = true; 962 ifs_time->eifs_cck_time = cpu_to_le16(314); 963 } 964} 965 966static int 967mt7996_mcu_bss_basic_tlv(struct sk_buff *skb, 968 struct ieee80211_vif *vif, 969 struct ieee80211_sta *sta, 970 struct mt76_phy *phy, u16 wlan_idx, 971 bool enable) 972{ 973 struct mt76_vif *mvif = (struct mt76_vif *)vif->drv_priv; 974 struct cfg80211_chan_def *chandef = &phy->chandef; 975 struct mt76_connac_bss_basic_tlv *bss; 976 u32 type = CONNECTION_INFRA_AP; 977 u16 sta_wlan_idx = wlan_idx; 978 struct tlv *tlv; 979 int idx; 980 981 switch (vif->type) { 982 case NL80211_IFTYPE_MESH_POINT: 983 case NL80211_IFTYPE_AP: 984 case NL80211_IFTYPE_MONITOR: 985 break; 986 case NL80211_IFTYPE_STATION: 987 if (enable) { 988 rcu_read_lock(); 989 if (!sta) 990 sta = ieee80211_find_sta(vif, 991 vif->bss_conf.bssid); 992 /* TODO: enable BSS_INFO_UAPSD & BSS_INFO_PM */ 993 if (sta) { 994 struct mt76_wcid *wcid; 995 996 wcid = (struct mt76_wcid *)sta->drv_priv; 997 sta_wlan_idx = wcid->idx; 998 } 999 rcu_read_unlock(); 1000 } 1001 type = CONNECTION_INFRA_STA; 1002 break; 1003 case NL80211_IFTYPE_ADHOC: 1004 type = CONNECTION_IBSS_ADHOC; 1005 break; 1006 default: 1007 WARN_ON(1); 1008 break; 1009 } 1010 1011 tlv = mt7996_mcu_add_uni_tlv(skb, UNI_BSS_INFO_BASIC, sizeof(*bss)); 1012 1013 bss = (struct mt76_connac_bss_basic_tlv *)tlv; 1014 bss->bcn_interval = cpu_to_le16(vif->bss_conf.beacon_int); 1015 bss->dtim_period = vif->bss_conf.dtim_period; 1016 bss->bmc_tx_wlan_idx = cpu_to_le16(wlan_idx); 1017 bss->sta_idx = cpu_to_le16(sta_wlan_idx); 1018 bss->conn_type = cpu_to_le32(type); 1019 bss->omac_idx = mvif->omac_idx; 1020 bss->band_idx = mvif->band_idx; 1021 bss->wmm_idx = mvif->wmm_idx; 1022 bss->conn_state = !enable; 1023 bss->active = enable; 1024 1025 idx = mvif->omac_idx > EXT_BSSID_START ? HW_BSSID_0 : mvif->omac_idx; 1026 bss->hw_bss_idx = idx; 1027 1028 if (vif->type == NL80211_IFTYPE_MONITOR) { 1029 memcpy(bss->bssid, phy->macaddr, ETH_ALEN); 1030 return 0; 1031 } 1032 1033 memcpy(bss->bssid, vif->bss_conf.bssid, ETH_ALEN); 1034 bss->bcn_interval = cpu_to_le16(vif->bss_conf.beacon_int); 1035 bss->dtim_period = vif->bss_conf.dtim_period; 1036 bss->phymode = mt76_connac_get_phy_mode(phy, vif, 1037 chandef->chan->band, NULL); 1038 bss->phymode_ext = mt76_connac_get_phy_mode_ext(phy, vif, 1039 chandef->chan->band); 1040 1041 return 0; 1042} 1043 1044static struct sk_buff * 1045__mt7996_mcu_alloc_bss_req(struct mt76_dev *dev, struct mt76_vif *mvif, int len) 1046{ 1047 struct bss_req_hdr hdr = { 1048 .bss_idx = mvif->idx, 1049 }; 1050 struct sk_buff *skb; 1051 1052 skb = mt76_mcu_msg_alloc(dev, NULL, len); 1053 if (!skb) 1054 return ERR_PTR(-ENOMEM); 1055 1056 skb_put_data(skb, &hdr, sizeof(hdr)); 1057 1058 return skb; 1059} 1060 1061int mt7996_mcu_add_bss_info(struct mt7996_phy *phy, 1062 struct ieee80211_vif *vif, int enable) 1063{ 1064 struct mt7996_vif *mvif = (struct mt7996_vif *)vif->drv_priv; 1065 struct mt7996_dev *dev = phy->dev; 1066 struct sk_buff *skb; 1067 1068 if (mvif->mt76.omac_idx >= REPEATER_BSSID_START) { 1069 mt7996_mcu_muar_config(phy, vif, false, enable); 1070 mt7996_mcu_muar_config(phy, vif, true, enable); 1071 } 1072 1073 skb = __mt7996_mcu_alloc_bss_req(&dev->mt76, &mvif->mt76, 1074 MT7996_BSS_UPDATE_MAX_SIZE); 1075 if (IS_ERR(skb)) 1076 return PTR_ERR(skb); 1077 1078 /* bss_basic must be first */ 1079 mt7996_mcu_bss_basic_tlv(skb, vif, NULL, phy->mt76, 1080 mvif->sta.wcid.idx, enable); 1081 mt7996_mcu_bss_sec_tlv(skb, vif); 1082 1083 if (vif->type == NL80211_IFTYPE_MONITOR) 1084 goto out; 1085 1086 if (enable) { 1087 mt7996_mcu_bss_rfch_tlv(skb, vif, phy); 1088 mt7996_mcu_bss_bmc_tlv(skb, vif, phy); 1089 mt7996_mcu_bss_ra_tlv(skb, vif, phy); 1090 mt7996_mcu_bss_txcmd_tlv(skb, true); 1091 mt7996_mcu_bss_ifs_timing_tlv(skb, vif); 1092 1093 if (vif->bss_conf.he_support) 1094 mt7996_mcu_bss_he_tlv(skb, vif, phy); 1095 1096 /* this tag is necessary no matter if the vif is MLD */ 1097 mt7996_mcu_bss_mld_tlv(skb, vif); 1098 } 1099 1100 mt7996_mcu_bss_mbssid_tlv(skb, vif, phy, enable); 1101 1102out: 1103 return mt76_mcu_skb_send_msg(&dev->mt76, skb, 1104 MCU_WMWA_UNI_CMD(BSS_INFO_UPDATE), true); 1105} 1106 1107int mt7996_mcu_set_timing(struct mt7996_phy *phy, struct ieee80211_vif *vif) 1108{ 1109 struct mt7996_vif *mvif = (struct mt7996_vif *)vif->drv_priv; 1110 struct mt7996_dev *dev = phy->dev; 1111 struct sk_buff *skb; 1112 1113 skb = __mt7996_mcu_alloc_bss_req(&dev->mt76, &mvif->mt76, 1114 MT7996_BSS_UPDATE_MAX_SIZE); 1115 if (IS_ERR(skb)) 1116 return PTR_ERR(skb); 1117 1118 mt7996_mcu_bss_ifs_timing_tlv(skb, vif); 1119 1120 return mt76_mcu_skb_send_msg(&dev->mt76, skb, 1121 MCU_WMWA_UNI_CMD(BSS_INFO_UPDATE), true); 1122} 1123 1124static int 1125mt7996_mcu_sta_ba(struct mt7996_dev *dev, struct mt76_vif *mvif, 1126 struct ieee80211_ampdu_params *params, 1127 bool enable, bool tx) 1128{ 1129 struct mt76_wcid *wcid = (struct mt76_wcid *)params->sta->drv_priv; 1130 struct sta_rec_ba_uni *ba; 1131 struct sk_buff *skb; 1132 struct tlv *tlv; 1133 1134 skb = __mt76_connac_mcu_alloc_sta_req(&dev->mt76, mvif, wcid, 1135 MT7996_STA_UPDATE_MAX_SIZE); 1136 if (IS_ERR(skb)) 1137 return PTR_ERR(skb); 1138 1139 tlv = mt76_connac_mcu_add_tlv(skb, STA_REC_BA, sizeof(*ba)); 1140 1141 ba = (struct sta_rec_ba_uni *)tlv; 1142 ba->ba_type = tx ? MT_BA_TYPE_ORIGINATOR : MT_BA_TYPE_RECIPIENT; 1143 ba->winsize = cpu_to_le16(params->buf_size); 1144 ba->ssn = cpu_to_le16(params->ssn); 1145 ba->ba_en = enable << params->tid; 1146 ba->amsdu = params->amsdu; 1147 ba->tid = params->tid; 1148 ba->ba_rdd_rro = !tx && enable && dev->has_rro; 1149 1150 return mt76_mcu_skb_send_msg(&dev->mt76, skb, 1151 MCU_WMWA_UNI_CMD(STA_REC_UPDATE), true); 1152} 1153 1154/** starec & wtbl **/ 1155int mt7996_mcu_add_tx_ba(struct mt7996_dev *dev, 1156 struct ieee80211_ampdu_params *params, 1157 bool enable) 1158{ 1159 struct mt7996_sta *msta = (struct mt7996_sta *)params->sta->drv_priv; 1160 struct mt7996_vif *mvif = msta->vif; 1161 1162 if (enable && !params->amsdu) 1163 msta->wcid.amsdu = false; 1164 1165 return mt7996_mcu_sta_ba(dev, &mvif->mt76, params, enable, true); 1166} 1167 1168int mt7996_mcu_add_rx_ba(struct mt7996_dev *dev, 1169 struct ieee80211_ampdu_params *params, 1170 bool enable) 1171{ 1172 struct mt7996_sta *msta = (struct mt7996_sta *)params->sta->drv_priv; 1173 struct mt7996_vif *mvif = msta->vif; 1174 1175 return mt7996_mcu_sta_ba(dev, &mvif->mt76, params, enable, false); 1176} 1177 1178static void 1179mt7996_mcu_sta_he_tlv(struct sk_buff *skb, struct ieee80211_sta *sta) 1180{ 1181 struct ieee80211_he_cap_elem *elem = &sta->deflink.he_cap.he_cap_elem; 1182 struct ieee80211_he_mcs_nss_supp mcs_map; 1183 struct sta_rec_he_v2 *he; 1184 struct tlv *tlv; 1185 int i = 0; 1186 1187 if (!sta->deflink.he_cap.has_he) 1188 return; 1189 1190 tlv = mt76_connac_mcu_add_tlv(skb, STA_REC_HE_V2, sizeof(*he)); 1191 1192 he = (struct sta_rec_he_v2 *)tlv; 1193 for (i = 0; i < 11; i++) { 1194 if (i < 6) 1195 he->he_mac_cap[i] = elem->mac_cap_info[i]; 1196 he->he_phy_cap[i] = elem->phy_cap_info[i]; 1197 } 1198 1199 mcs_map = sta->deflink.he_cap.he_mcs_nss_supp; 1200 switch (sta->deflink.bandwidth) { 1201 case IEEE80211_STA_RX_BW_160: 1202 if (elem->phy_cap_info[0] & 1203 IEEE80211_HE_PHY_CAP0_CHANNEL_WIDTH_SET_80PLUS80_MHZ_IN_5G) 1204 mt7996_mcu_set_sta_he_mcs(sta, 1205 &he->max_nss_mcs[CMD_HE_MCS_BW8080], 1206 le16_to_cpu(mcs_map.rx_mcs_80p80)); 1207 1208 mt7996_mcu_set_sta_he_mcs(sta, 1209 &he->max_nss_mcs[CMD_HE_MCS_BW160], 1210 le16_to_cpu(mcs_map.rx_mcs_160)); 1211 fallthrough; 1212 default: 1213 mt7996_mcu_set_sta_he_mcs(sta, 1214 &he->max_nss_mcs[CMD_HE_MCS_BW80], 1215 le16_to_cpu(mcs_map.rx_mcs_80)); 1216 break; 1217 } 1218 1219 he->pkt_ext = 2; 1220} 1221 1222static void 1223mt7996_mcu_sta_he_6g_tlv(struct sk_buff *skb, struct ieee80211_sta *sta) 1224{ 1225 struct sta_rec_he_6g_capa *he_6g; 1226 struct tlv *tlv; 1227 1228 if (!sta->deflink.he_6ghz_capa.capa) 1229 return; 1230 1231 tlv = mt76_connac_mcu_add_tlv(skb, STA_REC_HE_6G, sizeof(*he_6g)); 1232 1233 he_6g = (struct sta_rec_he_6g_capa *)tlv; 1234 he_6g->capa = sta->deflink.he_6ghz_capa.capa; 1235} 1236 1237static void 1238mt7996_mcu_sta_eht_tlv(struct sk_buff *skb, struct ieee80211_sta *sta) 1239{ 1240 struct mt7996_sta *msta = (struct mt7996_sta *)sta->drv_priv; 1241 struct ieee80211_vif *vif = container_of((void *)msta->vif, 1242 struct ieee80211_vif, drv_priv); 1243 struct ieee80211_eht_mcs_nss_supp *mcs_map; 1244 struct ieee80211_eht_cap_elem_fixed *elem; 1245 struct sta_rec_eht *eht; 1246 struct tlv *tlv; 1247 1248 if (!sta->deflink.eht_cap.has_eht) 1249 return; 1250 1251 mcs_map = &sta->deflink.eht_cap.eht_mcs_nss_supp; 1252 elem = &sta->deflink.eht_cap.eht_cap_elem; 1253 1254 tlv = mt76_connac_mcu_add_tlv(skb, STA_REC_EHT, sizeof(*eht)); 1255 1256 eht = (struct sta_rec_eht *)tlv; 1257 eht->tid_bitmap = 0xff; 1258 eht->mac_cap = cpu_to_le16(*(u16 *)elem->mac_cap_info); 1259 eht->phy_cap = cpu_to_le64(*(u64 *)elem->phy_cap_info); 1260 eht->phy_cap_ext = cpu_to_le64(elem->phy_cap_info[8]); 1261 1262 if (vif->type != NL80211_IFTYPE_STATION && 1263 (sta->deflink.he_cap.he_cap_elem.phy_cap_info[0] & 1264 (IEEE80211_HE_PHY_CAP0_CHANNEL_WIDTH_SET_40MHZ_IN_2G | 1265 IEEE80211_HE_PHY_CAP0_CHANNEL_WIDTH_SET_40MHZ_80MHZ_IN_5G | 1266 IEEE80211_HE_PHY_CAP0_CHANNEL_WIDTH_SET_160MHZ_IN_5G | 1267 IEEE80211_HE_PHY_CAP0_CHANNEL_WIDTH_SET_80PLUS80_MHZ_IN_5G)) == 0) { 1268 memcpy(eht->mcs_map_bw20, &mcs_map->only_20mhz, 1269 sizeof(eht->mcs_map_bw20)); 1270 return; 1271 } 1272 1273 memcpy(eht->mcs_map_bw80, &mcs_map->bw._80, sizeof(eht->mcs_map_bw80)); 1274 memcpy(eht->mcs_map_bw160, &mcs_map->bw._160, sizeof(eht->mcs_map_bw160)); 1275 memcpy(eht->mcs_map_bw320, &mcs_map->bw._320, sizeof(eht->mcs_map_bw320)); 1276} 1277 1278static void 1279mt7996_mcu_sta_ht_tlv(struct sk_buff *skb, struct ieee80211_sta *sta) 1280{ 1281 struct sta_rec_ht_uni *ht; 1282 struct tlv *tlv; 1283 1284 if (!sta->deflink.ht_cap.ht_supported) 1285 return; 1286 1287 tlv = mt76_connac_mcu_add_tlv(skb, STA_REC_HT, sizeof(*ht)); 1288 1289 ht = (struct sta_rec_ht_uni *)tlv; 1290 ht->ht_cap = cpu_to_le16(sta->deflink.ht_cap.cap); 1291 ht->ampdu_param = u8_encode_bits(sta->deflink.ht_cap.ampdu_factor, 1292 IEEE80211_HT_AMPDU_PARM_FACTOR) | 1293 u8_encode_bits(sta->deflink.ht_cap.ampdu_density, 1294 IEEE80211_HT_AMPDU_PARM_DENSITY); 1295} 1296 1297static void 1298mt7996_mcu_sta_vht_tlv(struct sk_buff *skb, struct ieee80211_sta *sta) 1299{ 1300 struct sta_rec_vht *vht; 1301 struct tlv *tlv; 1302 1303 /* For 6G band, this tlv is necessary to let hw work normally */ 1304 if (!sta->deflink.he_6ghz_capa.capa && !sta->deflink.vht_cap.vht_supported) 1305 return; 1306 1307 tlv = mt76_connac_mcu_add_tlv(skb, STA_REC_VHT, sizeof(*vht)); 1308 1309 vht = (struct sta_rec_vht *)tlv; 1310 vht->vht_cap = cpu_to_le32(sta->deflink.vht_cap.cap); 1311 vht->vht_rx_mcs_map = sta->deflink.vht_cap.vht_mcs.rx_mcs_map; 1312 vht->vht_tx_mcs_map = sta->deflink.vht_cap.vht_mcs.tx_mcs_map; 1313} 1314 1315static void 1316mt7996_mcu_sta_amsdu_tlv(struct mt7996_dev *dev, struct sk_buff *skb, 1317 struct ieee80211_vif *vif, struct ieee80211_sta *sta) 1318{ 1319 struct mt7996_sta *msta = (struct mt7996_sta *)sta->drv_priv; 1320 struct sta_rec_amsdu *amsdu; 1321 struct tlv *tlv; 1322 1323 if (vif->type != NL80211_IFTYPE_STATION && 1324 vif->type != NL80211_IFTYPE_MESH_POINT && 1325 vif->type != NL80211_IFTYPE_AP) 1326 return; 1327 1328 if (!sta->deflink.agg.max_amsdu_len) 1329 return; 1330 1331 tlv = mt76_connac_mcu_add_tlv(skb, STA_REC_HW_AMSDU, sizeof(*amsdu)); 1332 amsdu = (struct sta_rec_amsdu *)tlv; 1333 amsdu->max_amsdu_num = 8; 1334 amsdu->amsdu_en = true; 1335 msta->wcid.amsdu = true; 1336 1337 switch (sta->deflink.agg.max_amsdu_len) { 1338 case IEEE80211_MAX_MPDU_LEN_VHT_11454: 1339 amsdu->max_mpdu_size = 1340 IEEE80211_VHT_CAP_MAX_MPDU_LENGTH_11454; 1341 return; 1342 case IEEE80211_MAX_MPDU_LEN_HT_7935: 1343 case IEEE80211_MAX_MPDU_LEN_VHT_7991: 1344 amsdu->max_mpdu_size = IEEE80211_VHT_CAP_MAX_MPDU_LENGTH_7991; 1345 return; 1346 default: 1347 amsdu->max_mpdu_size = IEEE80211_VHT_CAP_MAX_MPDU_LENGTH_3895; 1348 return; 1349 } 1350} 1351 1352static void 1353mt7996_mcu_sta_muru_tlv(struct mt7996_dev *dev, struct sk_buff *skb, 1354 struct ieee80211_vif *vif, struct ieee80211_sta *sta) 1355{ 1356 struct ieee80211_he_cap_elem *elem = &sta->deflink.he_cap.he_cap_elem; 1357 struct sta_rec_muru *muru; 1358 struct tlv *tlv; 1359 1360 if (vif->type != NL80211_IFTYPE_STATION && 1361 vif->type != NL80211_IFTYPE_AP) 1362 return; 1363 1364 tlv = mt76_connac_mcu_add_tlv(skb, STA_REC_MURU, sizeof(*muru)); 1365 1366 muru = (struct sta_rec_muru *)tlv; 1367 muru->cfg.mimo_dl_en = vif->bss_conf.eht_mu_beamformer || 1368 vif->bss_conf.he_mu_beamformer || 1369 vif->bss_conf.vht_mu_beamformer || 1370 vif->bss_conf.vht_mu_beamformee; 1371 muru->cfg.ofdma_dl_en = true; 1372 1373 if (sta->deflink.vht_cap.vht_supported) 1374 muru->mimo_dl.vht_mu_bfee = 1375 !!(sta->deflink.vht_cap.cap & IEEE80211_VHT_CAP_MU_BEAMFORMEE_CAPABLE); 1376 1377 if (!sta->deflink.he_cap.has_he) 1378 return; 1379 1380 muru->mimo_dl.partial_bw_dl_mimo = 1381 HE_PHY(CAP6_PARTIAL_BANDWIDTH_DL_MUMIMO, elem->phy_cap_info[6]); 1382 1383 muru->mimo_ul.full_ul_mimo = 1384 HE_PHY(CAP2_UL_MU_FULL_MU_MIMO, elem->phy_cap_info[2]); 1385 muru->mimo_ul.partial_ul_mimo = 1386 HE_PHY(CAP2_UL_MU_PARTIAL_MU_MIMO, elem->phy_cap_info[2]); 1387 1388 muru->ofdma_dl.punc_pream_rx = 1389 HE_PHY(CAP1_PREAMBLE_PUNC_RX_MASK, elem->phy_cap_info[1]); 1390 muru->ofdma_dl.he_20m_in_40m_2g = 1391 HE_PHY(CAP8_20MHZ_IN_40MHZ_HE_PPDU_IN_2G, elem->phy_cap_info[8]); 1392 muru->ofdma_dl.he_20m_in_160m = 1393 HE_PHY(CAP8_20MHZ_IN_160MHZ_HE_PPDU, elem->phy_cap_info[8]); 1394 muru->ofdma_dl.he_80m_in_160m = 1395 HE_PHY(CAP8_80MHZ_IN_160MHZ_HE_PPDU, elem->phy_cap_info[8]); 1396 1397 muru->ofdma_ul.t_frame_dur = 1398 HE_MAC(CAP1_TF_MAC_PAD_DUR_MASK, elem->mac_cap_info[1]); 1399 muru->ofdma_ul.mu_cascading = 1400 HE_MAC(CAP2_MU_CASCADING, elem->mac_cap_info[2]); 1401 muru->ofdma_ul.uo_ra = 1402 HE_MAC(CAP3_OFDMA_RA, elem->mac_cap_info[3]); 1403 muru->ofdma_ul.rx_ctrl_frame_to_mbss = 1404 HE_MAC(CAP3_RX_CTRL_FRAME_TO_MULTIBSS, elem->mac_cap_info[3]); 1405} 1406 1407static inline bool 1408mt7996_is_ebf_supported(struct mt7996_phy *phy, struct ieee80211_vif *vif, 1409 struct ieee80211_sta *sta, bool bfee) 1410{ 1411 int sts = hweight16(phy->mt76->chainmask); 1412 1413 if (vif->type != NL80211_IFTYPE_STATION && 1414 vif->type != NL80211_IFTYPE_AP) 1415 return false; 1416 1417 if (!bfee && sts < 2) 1418 return false; 1419 1420 if (sta->deflink.eht_cap.has_eht) { 1421 struct ieee80211_sta_eht_cap *pc = &sta->deflink.eht_cap; 1422 struct ieee80211_eht_cap_elem_fixed *pe = &pc->eht_cap_elem; 1423 1424 if (bfee) 1425 return vif->bss_conf.eht_su_beamformee && 1426 EHT_PHY(CAP0_SU_BEAMFORMEE, pe->phy_cap_info[0]); 1427 else 1428 return vif->bss_conf.eht_su_beamformer && 1429 EHT_PHY(CAP0_SU_BEAMFORMER, pe->phy_cap_info[0]); 1430 } 1431 1432 if (sta->deflink.he_cap.has_he) { 1433 struct ieee80211_he_cap_elem *pe = &sta->deflink.he_cap.he_cap_elem; 1434 1435 if (bfee) 1436 return vif->bss_conf.he_su_beamformee && 1437 HE_PHY(CAP3_SU_BEAMFORMER, pe->phy_cap_info[3]); 1438 else 1439 return vif->bss_conf.he_su_beamformer && 1440 HE_PHY(CAP4_SU_BEAMFORMEE, pe->phy_cap_info[4]); 1441 } 1442 1443 if (sta->deflink.vht_cap.vht_supported) { 1444 u32 cap = sta->deflink.vht_cap.cap; 1445 1446 if (bfee) 1447 return vif->bss_conf.vht_su_beamformee && 1448 (cap & IEEE80211_VHT_CAP_SU_BEAMFORMER_CAPABLE); 1449 else 1450 return vif->bss_conf.vht_su_beamformer && 1451 (cap & IEEE80211_VHT_CAP_SU_BEAMFORMEE_CAPABLE); 1452 } 1453 1454 return false; 1455} 1456 1457static void 1458mt7996_mcu_sta_sounding_rate(struct sta_rec_bf *bf) 1459{ 1460 bf->sounding_phy = MT_PHY_TYPE_OFDM; 1461 bf->ndp_rate = 0; /* mcs0 */ 1462 bf->ndpa_rate = MT7996_CFEND_RATE_DEFAULT; /* ofdm 24m */ 1463 bf->rept_poll_rate = MT7996_CFEND_RATE_DEFAULT; /* ofdm 24m */ 1464} 1465 1466static void 1467mt7996_mcu_sta_bfer_ht(struct ieee80211_sta *sta, struct mt7996_phy *phy, 1468 struct sta_rec_bf *bf) 1469{ 1470 struct ieee80211_mcs_info *mcs = &sta->deflink.ht_cap.mcs; 1471 u8 n = 0; 1472 1473 bf->tx_mode = MT_PHY_TYPE_HT; 1474 1475 if ((mcs->tx_params & IEEE80211_HT_MCS_TX_RX_DIFF) && 1476 (mcs->tx_params & IEEE80211_HT_MCS_TX_DEFINED)) 1477 n = FIELD_GET(IEEE80211_HT_MCS_TX_MAX_STREAMS_MASK, 1478 mcs->tx_params); 1479 else if (mcs->rx_mask[3]) 1480 n = 3; 1481 else if (mcs->rx_mask[2]) 1482 n = 2; 1483 else if (mcs->rx_mask[1]) 1484 n = 1; 1485 1486 bf->nrow = hweight8(phy->mt76->antenna_mask) - 1; 1487 bf->ncol = min_t(u8, bf->nrow, n); 1488 bf->ibf_ncol = n; 1489} 1490 1491static void 1492mt7996_mcu_sta_bfer_vht(struct ieee80211_sta *sta, struct mt7996_phy *phy, 1493 struct sta_rec_bf *bf, bool explicit) 1494{ 1495 struct ieee80211_sta_vht_cap *pc = &sta->deflink.vht_cap; 1496 struct ieee80211_sta_vht_cap *vc = &phy->mt76->sband_5g.sband.vht_cap; 1497 u16 mcs_map = le16_to_cpu(pc->vht_mcs.rx_mcs_map); 1498 u8 nss_mcs = mt7996_mcu_get_sta_nss(mcs_map); 1499 u8 tx_ant = hweight8(phy->mt76->antenna_mask) - 1; 1500 1501 bf->tx_mode = MT_PHY_TYPE_VHT; 1502 1503 if (explicit) { 1504 u8 sts, snd_dim; 1505 1506 mt7996_mcu_sta_sounding_rate(bf); 1507 1508 sts = FIELD_GET(IEEE80211_VHT_CAP_BEAMFORMEE_STS_MASK, 1509 pc->cap); 1510 snd_dim = FIELD_GET(IEEE80211_VHT_CAP_SOUNDING_DIMENSIONS_MASK, 1511 vc->cap); 1512 bf->nrow = min_t(u8, min_t(u8, snd_dim, sts), tx_ant); 1513 bf->ncol = min_t(u8, nss_mcs, bf->nrow); 1514 bf->ibf_ncol = bf->ncol; 1515 1516 if (sta->deflink.bandwidth == IEEE80211_STA_RX_BW_160) 1517 bf->nrow = 1; 1518 } else { 1519 bf->nrow = tx_ant; 1520 bf->ncol = min_t(u8, nss_mcs, bf->nrow); 1521 bf->ibf_ncol = nss_mcs; 1522 1523 if (sta->deflink.bandwidth == IEEE80211_STA_RX_BW_160) 1524 bf->ibf_nrow = 1; 1525 } 1526} 1527 1528static void 1529mt7996_mcu_sta_bfer_he(struct ieee80211_sta *sta, struct ieee80211_vif *vif, 1530 struct mt7996_phy *phy, struct sta_rec_bf *bf) 1531{ 1532 struct ieee80211_sta_he_cap *pc = &sta->deflink.he_cap; 1533 struct ieee80211_he_cap_elem *pe = &pc->he_cap_elem; 1534 const struct ieee80211_sta_he_cap *vc = 1535 mt76_connac_get_he_phy_cap(phy->mt76, vif); 1536 const struct ieee80211_he_cap_elem *ve = &vc->he_cap_elem; 1537 u16 mcs_map = le16_to_cpu(pc->he_mcs_nss_supp.rx_mcs_80); 1538 u8 nss_mcs = mt7996_mcu_get_sta_nss(mcs_map); 1539 u8 snd_dim, sts; 1540 1541 bf->tx_mode = MT_PHY_TYPE_HE_SU; 1542 1543 mt7996_mcu_sta_sounding_rate(bf); 1544 1545 bf->trigger_su = HE_PHY(CAP6_TRIG_SU_BEAMFORMING_FB, 1546 pe->phy_cap_info[6]); 1547 bf->trigger_mu = HE_PHY(CAP6_TRIG_MU_BEAMFORMING_PARTIAL_BW_FB, 1548 pe->phy_cap_info[6]); 1549 snd_dim = HE_PHY(CAP5_BEAMFORMEE_NUM_SND_DIM_UNDER_80MHZ_MASK, 1550 ve->phy_cap_info[5]); 1551 sts = HE_PHY(CAP4_BEAMFORMEE_MAX_STS_UNDER_80MHZ_MASK, 1552 pe->phy_cap_info[4]); 1553 bf->nrow = min_t(u8, snd_dim, sts); 1554 bf->ncol = min_t(u8, nss_mcs, bf->nrow); 1555 bf->ibf_ncol = bf->ncol; 1556 1557 if (sta->deflink.bandwidth != IEEE80211_STA_RX_BW_160) 1558 return; 1559 1560 /* go over for 160MHz and 80p80 */ 1561 if (pe->phy_cap_info[0] & 1562 IEEE80211_HE_PHY_CAP0_CHANNEL_WIDTH_SET_160MHZ_IN_5G) { 1563 mcs_map = le16_to_cpu(pc->he_mcs_nss_supp.rx_mcs_160); 1564 nss_mcs = mt7996_mcu_get_sta_nss(mcs_map); 1565 1566 bf->ncol_gt_bw80 = nss_mcs; 1567 } 1568 1569 if (pe->phy_cap_info[0] & 1570 IEEE80211_HE_PHY_CAP0_CHANNEL_WIDTH_SET_80PLUS80_MHZ_IN_5G) { 1571 mcs_map = le16_to_cpu(pc->he_mcs_nss_supp.rx_mcs_80p80); 1572 nss_mcs = mt7996_mcu_get_sta_nss(mcs_map); 1573 1574 if (bf->ncol_gt_bw80) 1575 bf->ncol_gt_bw80 = min_t(u8, bf->ncol_gt_bw80, nss_mcs); 1576 else 1577 bf->ncol_gt_bw80 = nss_mcs; 1578 } 1579 1580 snd_dim = HE_PHY(CAP5_BEAMFORMEE_NUM_SND_DIM_ABOVE_80MHZ_MASK, 1581 ve->phy_cap_info[5]); 1582 sts = HE_PHY(CAP4_BEAMFORMEE_MAX_STS_ABOVE_80MHZ_MASK, 1583 pe->phy_cap_info[4]); 1584 1585 bf->nrow_gt_bw80 = min_t(int, snd_dim, sts); 1586} 1587 1588static void 1589mt7996_mcu_sta_bfer_eht(struct ieee80211_sta *sta, struct ieee80211_vif *vif, 1590 struct mt7996_phy *phy, struct sta_rec_bf *bf) 1591{ 1592 struct ieee80211_sta_eht_cap *pc = &sta->deflink.eht_cap; 1593 struct ieee80211_eht_cap_elem_fixed *pe = &pc->eht_cap_elem; 1594 struct ieee80211_eht_mcs_nss_supp *eht_nss = &pc->eht_mcs_nss_supp; 1595 const struct ieee80211_sta_eht_cap *vc = 1596 mt76_connac_get_eht_phy_cap(phy->mt76, vif); 1597 const struct ieee80211_eht_cap_elem_fixed *ve = &vc->eht_cap_elem; 1598 u8 nss_mcs = u8_get_bits(eht_nss->bw._80.rx_tx_mcs9_max_nss, 1599 IEEE80211_EHT_MCS_NSS_RX) - 1; 1600 u8 snd_dim, sts; 1601 1602 bf->tx_mode = MT_PHY_TYPE_EHT_MU; 1603 1604 mt7996_mcu_sta_sounding_rate(bf); 1605 1606 bf->trigger_su = EHT_PHY(CAP3_TRIG_SU_BF_FDBK, pe->phy_cap_info[3]); 1607 bf->trigger_mu = EHT_PHY(CAP3_TRIG_MU_BF_PART_BW_FDBK, pe->phy_cap_info[3]); 1608 snd_dim = EHT_PHY(CAP2_SOUNDING_DIM_80MHZ_MASK, ve->phy_cap_info[2]); 1609 sts = EHT_PHY(CAP0_BEAMFORMEE_SS_80MHZ_MASK, pe->phy_cap_info[0]) + 1610 (EHT_PHY(CAP1_BEAMFORMEE_SS_80MHZ_MASK, pe->phy_cap_info[1]) << 1); 1611 bf->nrow = min_t(u8, snd_dim, sts); 1612 bf->ncol = min_t(u8, nss_mcs, bf->nrow); 1613 bf->ibf_ncol = bf->ncol; 1614 1615 if (sta->deflink.bandwidth < IEEE80211_STA_RX_BW_160) 1616 return; 1617 1618 switch (sta->deflink.bandwidth) { 1619 case IEEE80211_STA_RX_BW_160: 1620 snd_dim = EHT_PHY(CAP2_SOUNDING_DIM_160MHZ_MASK, ve->phy_cap_info[2]); 1621 sts = EHT_PHY(CAP1_BEAMFORMEE_SS_160MHZ_MASK, pe->phy_cap_info[1]); 1622 nss_mcs = u8_get_bits(eht_nss->bw._160.rx_tx_mcs9_max_nss, 1623 IEEE80211_EHT_MCS_NSS_RX) - 1; 1624 1625 bf->nrow_gt_bw80 = min_t(u8, snd_dim, sts); 1626 bf->ncol_gt_bw80 = nss_mcs; 1627 break; 1628 case IEEE80211_STA_RX_BW_320: 1629 snd_dim = EHT_PHY(CAP2_SOUNDING_DIM_320MHZ_MASK, ve->phy_cap_info[2]) + 1630 (EHT_PHY(CAP3_SOUNDING_DIM_320MHZ_MASK, 1631 ve->phy_cap_info[3]) << 1); 1632 sts = EHT_PHY(CAP1_BEAMFORMEE_SS_320MHZ_MASK, pe->phy_cap_info[1]); 1633 nss_mcs = u8_get_bits(eht_nss->bw._320.rx_tx_mcs9_max_nss, 1634 IEEE80211_EHT_MCS_NSS_RX) - 1; 1635 1636 bf->nrow_gt_bw80 = min_t(u8, snd_dim, sts) << 4; 1637 bf->ncol_gt_bw80 = nss_mcs << 4; 1638 break; 1639 default: 1640 break; 1641 } 1642} 1643 1644static void 1645mt7996_mcu_sta_bfer_tlv(struct mt7996_dev *dev, struct sk_buff *skb, 1646 struct ieee80211_vif *vif, struct ieee80211_sta *sta) 1647{ 1648 struct mt7996_vif *mvif = (struct mt7996_vif *)vif->drv_priv; 1649 struct mt7996_phy *phy = mvif->phy; 1650 int tx_ant = hweight8(phy->mt76->chainmask) - 1; 1651 struct sta_rec_bf *bf; 1652 struct tlv *tlv; 1653 const u8 matrix[4][4] = { 1654 {0, 0, 0, 0}, 1655 {1, 1, 0, 0}, /* 2x1, 2x2, 2x3, 2x4 */ 1656 {2, 4, 4, 0}, /* 3x1, 3x2, 3x3, 3x4 */ 1657 {3, 5, 6, 0} /* 4x1, 4x2, 4x3, 4x4 */ 1658 }; 1659 bool ebf; 1660 1661 if (!(sta->deflink.ht_cap.ht_supported || sta->deflink.he_cap.has_he)) 1662 return; 1663 1664 ebf = mt7996_is_ebf_supported(phy, vif, sta, false); 1665 if (!ebf && !dev->ibf) 1666 return; 1667 1668 tlv = mt76_connac_mcu_add_tlv(skb, STA_REC_BF, sizeof(*bf)); 1669 bf = (struct sta_rec_bf *)tlv; 1670 1671 /* he/eht: eBF only, in accordance with spec 1672 * vht: support eBF and iBF 1673 * ht: iBF only, since mac80211 lacks of eBF support 1674 */ 1675 if (sta->deflink.eht_cap.has_eht && ebf) 1676 mt7996_mcu_sta_bfer_eht(sta, vif, phy, bf); 1677 else if (sta->deflink.he_cap.has_he && ebf) 1678 mt7996_mcu_sta_bfer_he(sta, vif, phy, bf); 1679 else if (sta->deflink.vht_cap.vht_supported) 1680 mt7996_mcu_sta_bfer_vht(sta, phy, bf, ebf); 1681 else if (sta->deflink.ht_cap.ht_supported) 1682 mt7996_mcu_sta_bfer_ht(sta, phy, bf); 1683 else 1684 return; 1685 1686 bf->bf_cap = ebf ? ebf : dev->ibf << 1; 1687 bf->bw = sta->deflink.bandwidth; 1688 bf->ibf_dbw = sta->deflink.bandwidth; 1689 bf->ibf_nrow = tx_ant; 1690 1691 if (!ebf && sta->deflink.bandwidth <= IEEE80211_STA_RX_BW_40 && !bf->ncol) 1692 bf->ibf_timeout = 0x48; 1693 else 1694 bf->ibf_timeout = 0x18; 1695 1696 if (ebf && bf->nrow != tx_ant) 1697 bf->mem_20m = matrix[tx_ant][bf->ncol]; 1698 else 1699 bf->mem_20m = matrix[bf->nrow][bf->ncol]; 1700 1701 switch (sta->deflink.bandwidth) { 1702 case IEEE80211_STA_RX_BW_160: 1703 case IEEE80211_STA_RX_BW_80: 1704 bf->mem_total = bf->mem_20m * 2; 1705 break; 1706 case IEEE80211_STA_RX_BW_40: 1707 bf->mem_total = bf->mem_20m; 1708 break; 1709 case IEEE80211_STA_RX_BW_20: 1710 default: 1711 break; 1712 } 1713} 1714 1715static void 1716mt7996_mcu_sta_bfee_tlv(struct mt7996_dev *dev, struct sk_buff *skb, 1717 struct ieee80211_vif *vif, struct ieee80211_sta *sta) 1718{ 1719 struct mt7996_vif *mvif = (struct mt7996_vif *)vif->drv_priv; 1720 struct mt7996_phy *phy = mvif->phy; 1721 int tx_ant = hweight8(phy->mt76->antenna_mask) - 1; 1722 struct sta_rec_bfee *bfee; 1723 struct tlv *tlv; 1724 u8 nrow = 0; 1725 1726 if (!(sta->deflink.vht_cap.vht_supported || sta->deflink.he_cap.has_he)) 1727 return; 1728 1729 if (!mt7996_is_ebf_supported(phy, vif, sta, true)) 1730 return; 1731 1732 tlv = mt76_connac_mcu_add_tlv(skb, STA_REC_BFEE, sizeof(*bfee)); 1733 bfee = (struct sta_rec_bfee *)tlv; 1734 1735 if (sta->deflink.he_cap.has_he) { 1736 struct ieee80211_he_cap_elem *pe = &sta->deflink.he_cap.he_cap_elem; 1737 1738 nrow = HE_PHY(CAP5_BEAMFORMEE_NUM_SND_DIM_UNDER_80MHZ_MASK, 1739 pe->phy_cap_info[5]); 1740 } else if (sta->deflink.vht_cap.vht_supported) { 1741 struct ieee80211_sta_vht_cap *pc = &sta->deflink.vht_cap; 1742 1743 nrow = FIELD_GET(IEEE80211_VHT_CAP_SOUNDING_DIMENSIONS_MASK, 1744 pc->cap); 1745 } 1746 1747 /* reply with identity matrix to avoid 2x2 BF negative gain */ 1748 bfee->fb_identity_matrix = (nrow == 1 && tx_ant == 2); 1749} 1750 1751static void 1752mt7996_mcu_sta_hdrt_tlv(struct mt7996_dev *dev, struct sk_buff *skb) 1753{ 1754 struct sta_rec_hdrt *hdrt; 1755 struct tlv *tlv; 1756 1757 tlv = mt76_connac_mcu_add_tlv(skb, STA_REC_HDRT, sizeof(*hdrt)); 1758 1759 hdrt = (struct sta_rec_hdrt *)tlv; 1760 hdrt->hdrt_mode = 1; 1761} 1762 1763static void 1764mt7996_mcu_sta_hdr_trans_tlv(struct mt7996_dev *dev, struct sk_buff *skb, 1765 struct ieee80211_vif *vif, 1766 struct ieee80211_sta *sta) 1767{ 1768 struct sta_rec_hdr_trans *hdr_trans; 1769 struct mt76_wcid *wcid; 1770 struct tlv *tlv; 1771 1772 tlv = mt76_connac_mcu_add_tlv(skb, STA_REC_HDR_TRANS, sizeof(*hdr_trans)); 1773 hdr_trans = (struct sta_rec_hdr_trans *)tlv; 1774 hdr_trans->dis_rx_hdr_tran = true; 1775 1776 if (vif->type == NL80211_IFTYPE_STATION) 1777 hdr_trans->to_ds = true; 1778 else 1779 hdr_trans->from_ds = true; 1780 1781 wcid = (struct mt76_wcid *)sta->drv_priv; 1782 if (!wcid) 1783 return; 1784 1785 hdr_trans->dis_rx_hdr_tran = !test_bit(MT_WCID_FLAG_HDR_TRANS, &wcid->flags); 1786 if (test_bit(MT_WCID_FLAG_4ADDR, &wcid->flags)) { 1787 hdr_trans->to_ds = true; 1788 hdr_trans->from_ds = true; 1789 } 1790 1791 if (vif->type == NL80211_IFTYPE_MESH_POINT) { 1792 hdr_trans->to_ds = true; 1793 hdr_trans->from_ds = true; 1794 hdr_trans->mesh = true; 1795 } 1796} 1797 1798static enum mcu_mmps_mode 1799mt7996_mcu_get_mmps_mode(enum ieee80211_smps_mode smps) 1800{ 1801 switch (smps) { 1802 case IEEE80211_SMPS_OFF: 1803 return MCU_MMPS_DISABLE; 1804 case IEEE80211_SMPS_STATIC: 1805 return MCU_MMPS_STATIC; 1806 case IEEE80211_SMPS_DYNAMIC: 1807 return MCU_MMPS_DYNAMIC; 1808 default: 1809 return MCU_MMPS_DISABLE; 1810 } 1811} 1812 1813int mt7996_mcu_set_fixed_rate_ctrl(struct mt7996_dev *dev, 1814 void *data, u16 version) 1815{ 1816 struct ra_fixed_rate *req; 1817 struct uni_header hdr; 1818 struct sk_buff *skb; 1819 struct tlv *tlv; 1820 int len; 1821 1822 len = sizeof(hdr) + sizeof(*req); 1823 1824 skb = mt76_mcu_msg_alloc(&dev->mt76, NULL, len); 1825 if (!skb) 1826 return -ENOMEM; 1827 1828 skb_put_data(skb, &hdr, sizeof(hdr)); 1829 1830 tlv = mt7996_mcu_add_uni_tlv(skb, UNI_RA_FIXED_RATE, sizeof(*req)); 1831 req = (struct ra_fixed_rate *)tlv; 1832 req->version = cpu_to_le16(version); 1833 memcpy(&req->rate, data, sizeof(req->rate)); 1834 1835 return mt76_mcu_skb_send_msg(&dev->mt76, skb, 1836 MCU_WM_UNI_CMD(RA), true); 1837} 1838 1839int mt7996_mcu_set_fixed_field(struct mt7996_dev *dev, struct ieee80211_vif *vif, 1840 struct ieee80211_sta *sta, void *data, u32 field) 1841{ 1842 struct mt7996_vif *mvif = (struct mt7996_vif *)vif->drv_priv; 1843 struct mt7996_sta *msta = (struct mt7996_sta *)sta->drv_priv; 1844 struct sta_phy_uni *phy = data; 1845 struct sta_rec_ra_fixed_uni *ra; 1846 struct sk_buff *skb; 1847 struct tlv *tlv; 1848 1849 skb = __mt76_connac_mcu_alloc_sta_req(&dev->mt76, &mvif->mt76, 1850 &msta->wcid, 1851 MT7996_STA_UPDATE_MAX_SIZE); 1852 if (IS_ERR(skb)) 1853 return PTR_ERR(skb); 1854 1855 tlv = mt76_connac_mcu_add_tlv(skb, STA_REC_RA_UPDATE, sizeof(*ra)); 1856 ra = (struct sta_rec_ra_fixed_uni *)tlv; 1857 1858 switch (field) { 1859 case RATE_PARAM_AUTO: 1860 break; 1861 case RATE_PARAM_FIXED: 1862 case RATE_PARAM_FIXED_MCS: 1863 case RATE_PARAM_FIXED_GI: 1864 case RATE_PARAM_FIXED_HE_LTF: 1865 if (phy) 1866 ra->phy = *phy; 1867 break; 1868 case RATE_PARAM_MMPS_UPDATE: 1869 ra->mmps_mode = mt7996_mcu_get_mmps_mode(sta->deflink.smps_mode); 1870 break; 1871 default: 1872 break; 1873 } 1874 ra->field = cpu_to_le32(field); 1875 1876 return mt76_mcu_skb_send_msg(&dev->mt76, skb, 1877 MCU_WMWA_UNI_CMD(STA_REC_UPDATE), true); 1878} 1879 1880static int 1881mt7996_mcu_add_rate_ctrl_fixed(struct mt7996_dev *dev, struct ieee80211_vif *vif, 1882 struct ieee80211_sta *sta) 1883{ 1884 struct mt7996_vif *mvif = (struct mt7996_vif *)vif->drv_priv; 1885 struct cfg80211_chan_def *chandef = &mvif->phy->mt76->chandef; 1886 struct cfg80211_bitrate_mask *mask = &mvif->bitrate_mask; 1887 enum nl80211_band band = chandef->chan->band; 1888 struct sta_phy_uni phy = {}; 1889 int ret, nrates = 0; 1890 1891#define __sta_phy_bitrate_mask_check(_mcs, _gi, _ht, _he) \ 1892 do { \ 1893 u8 i, gi = mask->control[band]._gi; \ 1894 gi = (_he) ? gi : gi == NL80211_TXRATE_FORCE_SGI; \ 1895 phy.sgi = gi; \ 1896 phy.he_ltf = mask->control[band].he_ltf; \ 1897 for (i = 0; i < ARRAY_SIZE(mask->control[band]._mcs); i++) { \ 1898 if (!mask->control[band]._mcs[i]) \ 1899 continue; \ 1900 nrates += hweight16(mask->control[band]._mcs[i]); \ 1901 phy.mcs = ffs(mask->control[band]._mcs[i]) - 1; \ 1902 if (_ht) \ 1903 phy.mcs += 8 * i; \ 1904 } \ 1905 } while (0) 1906 1907 if (sta->deflink.he_cap.has_he) { 1908 __sta_phy_bitrate_mask_check(he_mcs, he_gi, 0, 1); 1909 } else if (sta->deflink.vht_cap.vht_supported) { 1910 __sta_phy_bitrate_mask_check(vht_mcs, gi, 0, 0); 1911 } else if (sta->deflink.ht_cap.ht_supported) { 1912 __sta_phy_bitrate_mask_check(ht_mcs, gi, 1, 0); 1913 } else { 1914 nrates = hweight32(mask->control[band].legacy); 1915 phy.mcs = ffs(mask->control[band].legacy) - 1; 1916 } 1917#undef __sta_phy_bitrate_mask_check 1918 1919 /* fall back to auto rate control */ 1920 if (mask->control[band].gi == NL80211_TXRATE_DEFAULT_GI && 1921 mask->control[band].he_gi == GENMASK(7, 0) && 1922 mask->control[band].he_ltf == GENMASK(7, 0) && 1923 nrates != 1) 1924 return 0; 1925 1926 /* fixed single rate */ 1927 if (nrates == 1) { 1928 ret = mt7996_mcu_set_fixed_field(dev, vif, sta, &phy, 1929 RATE_PARAM_FIXED_MCS); 1930 if (ret) 1931 return ret; 1932 } 1933 1934 /* fixed GI */ 1935 if (mask->control[band].gi != NL80211_TXRATE_DEFAULT_GI || 1936 mask->control[band].he_gi != GENMASK(7, 0)) { 1937 struct mt7996_sta *msta = (struct mt7996_sta *)sta->drv_priv; 1938 u32 addr; 1939 1940 /* firmware updates only TXCMD but doesn't take WTBL into 1941 * account, so driver should update here to reflect the 1942 * actual txrate hardware sends out. 1943 */ 1944 addr = mt7996_mac_wtbl_lmac_addr(dev, msta->wcid.idx, 7); 1945 if (sta->deflink.he_cap.has_he) 1946 mt76_rmw_field(dev, addr, GENMASK(31, 24), phy.sgi); 1947 else 1948 mt76_rmw_field(dev, addr, GENMASK(15, 12), phy.sgi); 1949 1950 ret = mt7996_mcu_set_fixed_field(dev, vif, sta, &phy, 1951 RATE_PARAM_FIXED_GI); 1952 if (ret) 1953 return ret; 1954 } 1955 1956 /* fixed HE_LTF */ 1957 if (mask->control[band].he_ltf != GENMASK(7, 0)) { 1958 ret = mt7996_mcu_set_fixed_field(dev, vif, sta, &phy, 1959 RATE_PARAM_FIXED_HE_LTF); 1960 if (ret) 1961 return ret; 1962 } 1963 1964 return 0; 1965} 1966 1967static void 1968mt7996_mcu_sta_rate_ctrl_tlv(struct sk_buff *skb, struct mt7996_dev *dev, 1969 struct ieee80211_vif *vif, struct ieee80211_sta *sta) 1970{ 1971 struct mt7996_vif *mvif = (struct mt7996_vif *)vif->drv_priv; 1972 struct mt76_phy *mphy = mvif->phy->mt76; 1973 struct cfg80211_chan_def *chandef = &mphy->chandef; 1974 struct cfg80211_bitrate_mask *mask = &mvif->bitrate_mask; 1975 enum nl80211_band band = chandef->chan->band; 1976 struct sta_rec_ra_uni *ra; 1977 struct tlv *tlv; 1978 u32 supp_rate = sta->deflink.supp_rates[band]; 1979 u32 cap = sta->wme ? STA_CAP_WMM : 0; 1980 1981 tlv = mt76_connac_mcu_add_tlv(skb, STA_REC_RA, sizeof(*ra)); 1982 ra = (struct sta_rec_ra_uni *)tlv; 1983 1984 ra->valid = true; 1985 ra->auto_rate = true; 1986 ra->phy_mode = mt76_connac_get_phy_mode(mphy, vif, band, sta); 1987 ra->channel = chandef->chan->hw_value; 1988 ra->bw = (sta->deflink.bandwidth == IEEE80211_STA_RX_BW_320) ? 1989 CMD_CBW_320MHZ : sta->deflink.bandwidth; 1990 ra->phy.bw = ra->bw; 1991 ra->mmps_mode = mt7996_mcu_get_mmps_mode(sta->deflink.smps_mode); 1992 1993 if (supp_rate) { 1994 supp_rate &= mask->control[band].legacy; 1995 ra->rate_len = hweight32(supp_rate); 1996 1997 if (band == NL80211_BAND_2GHZ) { 1998 ra->supp_mode = MODE_CCK; 1999 ra->supp_cck_rate = supp_rate & GENMASK(3, 0); 2000 2001 if (ra->rate_len > 4) { 2002 ra->supp_mode |= MODE_OFDM; 2003 ra->supp_ofdm_rate = supp_rate >> 4; 2004 } 2005 } else { 2006 ra->supp_mode = MODE_OFDM; 2007 ra->supp_ofdm_rate = supp_rate; 2008 } 2009 } 2010 2011 if (sta->deflink.ht_cap.ht_supported) { 2012 ra->supp_mode |= MODE_HT; 2013 ra->af = sta->deflink.ht_cap.ampdu_factor; 2014 ra->ht_gf = !!(sta->deflink.ht_cap.cap & IEEE80211_HT_CAP_GRN_FLD); 2015 2016 cap |= STA_CAP_HT; 2017 if (sta->deflink.ht_cap.cap & IEEE80211_HT_CAP_SGI_20) 2018 cap |= STA_CAP_SGI_20; 2019 if (sta->deflink.ht_cap.cap & IEEE80211_HT_CAP_SGI_40) 2020 cap |= STA_CAP_SGI_40; 2021 if (sta->deflink.ht_cap.cap & IEEE80211_HT_CAP_TX_STBC) 2022 cap |= STA_CAP_TX_STBC; 2023 if (sta->deflink.ht_cap.cap & IEEE80211_HT_CAP_RX_STBC) 2024 cap |= STA_CAP_RX_STBC; 2025 if (vif->bss_conf.ht_ldpc && 2026 (sta->deflink.ht_cap.cap & IEEE80211_HT_CAP_LDPC_CODING)) 2027 cap |= STA_CAP_LDPC; 2028 2029 mt7996_mcu_set_sta_ht_mcs(sta, ra->ht_mcs, 2030 mask->control[band].ht_mcs); 2031 ra->supp_ht_mcs = *(__le32 *)ra->ht_mcs; 2032 } 2033 2034 if (sta->deflink.vht_cap.vht_supported) { 2035 u8 af; 2036 2037 ra->supp_mode |= MODE_VHT; 2038 af = FIELD_GET(IEEE80211_VHT_CAP_MAX_A_MPDU_LENGTH_EXPONENT_MASK, 2039 sta->deflink.vht_cap.cap); 2040 ra->af = max_t(u8, ra->af, af); 2041 2042 cap |= STA_CAP_VHT; 2043 if (sta->deflink.vht_cap.cap & IEEE80211_VHT_CAP_SHORT_GI_80) 2044 cap |= STA_CAP_VHT_SGI_80; 2045 if (sta->deflink.vht_cap.cap & IEEE80211_VHT_CAP_SHORT_GI_160) 2046 cap |= STA_CAP_VHT_SGI_160; 2047 if (sta->deflink.vht_cap.cap & IEEE80211_VHT_CAP_TXSTBC) 2048 cap |= STA_CAP_VHT_TX_STBC; 2049 if (sta->deflink.vht_cap.cap & IEEE80211_VHT_CAP_RXSTBC_1) 2050 cap |= STA_CAP_VHT_RX_STBC; 2051 if (vif->bss_conf.vht_ldpc && 2052 (sta->deflink.vht_cap.cap & IEEE80211_VHT_CAP_RXLDPC)) 2053 cap |= STA_CAP_VHT_LDPC; 2054 2055 mt7996_mcu_set_sta_vht_mcs(sta, ra->supp_vht_mcs, 2056 mask->control[band].vht_mcs); 2057 } 2058 2059 if (sta->deflink.he_cap.has_he) { 2060 ra->supp_mode |= MODE_HE; 2061 cap |= STA_CAP_HE; 2062 2063 if (sta->deflink.he_6ghz_capa.capa) 2064 ra->af = le16_get_bits(sta->deflink.he_6ghz_capa.capa, 2065 IEEE80211_HE_6GHZ_CAP_MAX_AMPDU_LEN_EXP); 2066 } 2067 ra->sta_cap = cpu_to_le32(cap); 2068} 2069 2070int mt7996_mcu_add_rate_ctrl(struct mt7996_dev *dev, struct ieee80211_vif *vif, 2071 struct ieee80211_sta *sta, bool changed) 2072{ 2073 struct mt7996_vif *mvif = (struct mt7996_vif *)vif->drv_priv; 2074 struct mt7996_sta *msta = (struct mt7996_sta *)sta->drv_priv; 2075 struct sk_buff *skb; 2076 int ret; 2077 2078 skb = __mt76_connac_mcu_alloc_sta_req(&dev->mt76, &mvif->mt76, 2079 &msta->wcid, 2080 MT7996_STA_UPDATE_MAX_SIZE); 2081 if (IS_ERR(skb)) 2082 return PTR_ERR(skb); 2083 2084 /* firmware rc algorithm refers to sta_rec_he for HE control. 2085 * once dev->rc_work changes the settings driver should also 2086 * update sta_rec_he here. 2087 */ 2088 if (changed) 2089 mt7996_mcu_sta_he_tlv(skb, sta); 2090 2091 /* sta_rec_ra accommodates BW, NSS and only MCS range format 2092 * i.e 0-{7,8,9} for VHT. 2093 */ 2094 mt7996_mcu_sta_rate_ctrl_tlv(skb, dev, vif, sta); 2095 2096 ret = mt76_mcu_skb_send_msg(&dev->mt76, skb, 2097 MCU_WMWA_UNI_CMD(STA_REC_UPDATE), true); 2098 if (ret) 2099 return ret; 2100 2101 return mt7996_mcu_add_rate_ctrl_fixed(dev, vif, sta); 2102} 2103 2104static int 2105mt7996_mcu_add_group(struct mt7996_dev *dev, struct ieee80211_vif *vif, 2106 struct ieee80211_sta *sta) 2107{ 2108#define MT_STA_BSS_GROUP 1 2109 struct mt7996_vif *mvif = (struct mt7996_vif *)vif->drv_priv; 2110 struct mt7996_sta *msta; 2111 struct { 2112 u8 __rsv1[4]; 2113 2114 __le16 tag; 2115 __le16 len; 2116 __le16 wlan_idx; 2117 u8 __rsv2[2]; 2118 __le32 action; 2119 __le32 val; 2120 u8 __rsv3[8]; 2121 } __packed req = { 2122 .tag = cpu_to_le16(UNI_VOW_DRR_CTRL), 2123 .len = cpu_to_le16(sizeof(req) - 4), 2124 .action = cpu_to_le32(MT_STA_BSS_GROUP), 2125 .val = cpu_to_le32(mvif->mt76.idx % 16), 2126 }; 2127 2128 msta = sta ? (struct mt7996_sta *)sta->drv_priv : &mvif->sta; 2129 req.wlan_idx = cpu_to_le16(msta->wcid.idx); 2130 2131 return mt76_mcu_send_msg(&dev->mt76, MCU_WM_UNI_CMD(VOW), &req, 2132 sizeof(req), true); 2133} 2134 2135int mt7996_mcu_add_sta(struct mt7996_dev *dev, struct ieee80211_vif *vif, 2136 struct ieee80211_sta *sta, bool enable) 2137{ 2138 struct mt7996_vif *mvif = (struct mt7996_vif *)vif->drv_priv; 2139 struct mt7996_sta *msta; 2140 struct sk_buff *skb; 2141 int ret; 2142 2143 msta = sta ? (struct mt7996_sta *)sta->drv_priv : &mvif->sta; 2144 2145 skb = __mt76_connac_mcu_alloc_sta_req(&dev->mt76, &mvif->mt76, 2146 &msta->wcid, 2147 MT7996_STA_UPDATE_MAX_SIZE); 2148 if (IS_ERR(skb)) 2149 return PTR_ERR(skb); 2150 2151 /* starec basic */ 2152 mt76_connac_mcu_sta_basic_tlv(&dev->mt76, skb, vif, sta, enable, 2153 !rcu_access_pointer(dev->mt76.wcid[msta->wcid.idx])); 2154 if (!enable) 2155 goto out; 2156 2157 /* tag order is in accordance with firmware dependency. */ 2158 if (sta) { 2159 /* starec hdrt mode */ 2160 mt7996_mcu_sta_hdrt_tlv(dev, skb); 2161 /* starec bfer */ 2162 mt7996_mcu_sta_bfer_tlv(dev, skb, vif, sta); 2163 /* starec ht */ 2164 mt7996_mcu_sta_ht_tlv(skb, sta); 2165 /* starec vht */ 2166 mt7996_mcu_sta_vht_tlv(skb, sta); 2167 /* starec uapsd */ 2168 mt76_connac_mcu_sta_uapsd(skb, vif, sta); 2169 /* starec amsdu */ 2170 mt7996_mcu_sta_amsdu_tlv(dev, skb, vif, sta); 2171 /* starec he */ 2172 mt7996_mcu_sta_he_tlv(skb, sta); 2173 /* starec he 6g*/ 2174 mt7996_mcu_sta_he_6g_tlv(skb, sta); 2175 /* starec eht */ 2176 mt7996_mcu_sta_eht_tlv(skb, sta); 2177 /* starec muru */ 2178 mt7996_mcu_sta_muru_tlv(dev, skb, vif, sta); 2179 /* starec bfee */ 2180 mt7996_mcu_sta_bfee_tlv(dev, skb, vif, sta); 2181 /* starec hdr trans */ 2182 mt7996_mcu_sta_hdr_trans_tlv(dev, skb, vif, sta); 2183 } 2184 2185 ret = mt7996_mcu_add_group(dev, vif, sta); 2186 if (ret) { 2187 dev_kfree_skb(skb); 2188 return ret; 2189 } 2190out: 2191 return mt76_mcu_skb_send_msg(&dev->mt76, skb, 2192 MCU_WMWA_UNI_CMD(STA_REC_UPDATE), true); 2193} 2194 2195static int 2196mt7996_mcu_sta_key_tlv(struct mt76_wcid *wcid, 2197 struct sk_buff *skb, 2198 struct ieee80211_key_conf *key, 2199 enum set_key_cmd cmd) 2200{ 2201 struct sta_rec_sec_uni *sec; 2202 struct tlv *tlv; 2203 2204 tlv = mt76_connac_mcu_add_tlv(skb, STA_REC_KEY_V2, sizeof(*sec)); 2205 sec = (struct sta_rec_sec_uni *)tlv; 2206 sec->add = cmd; 2207 2208 if (cmd == SET_KEY) { 2209 struct sec_key_uni *sec_key; 2210 u8 cipher; 2211 2212 cipher = mt76_connac_mcu_get_cipher(key->cipher); 2213 if (cipher == MCU_CIPHER_NONE) 2214 return -EOPNOTSUPP; 2215 2216 sec_key = &sec->key[0]; 2217 sec_key->wlan_idx = cpu_to_le16(wcid->idx); 2218 sec_key->mgmt_prot = 0; 2219 sec_key->cipher_id = cipher; 2220 sec_key->cipher_len = sizeof(*sec_key); 2221 sec_key->key_id = key->keyidx; 2222 sec_key->key_len = key->keylen; 2223 sec_key->need_resp = 0; 2224 memcpy(sec_key->key, key->key, key->keylen); 2225 2226 if (cipher == MCU_CIPHER_TKIP) { 2227 /* Rx/Tx MIC keys are swapped */ 2228 memcpy(sec_key->key + 16, key->key + 24, 8); 2229 memcpy(sec_key->key + 24, key->key + 16, 8); 2230 } 2231 2232 sec->n_cipher = 1; 2233 } else { 2234 sec->n_cipher = 0; 2235 } 2236 2237 return 0; 2238} 2239 2240int mt7996_mcu_add_key(struct mt76_dev *dev, struct ieee80211_vif *vif, 2241 struct ieee80211_key_conf *key, int mcu_cmd, 2242 struct mt76_wcid *wcid, enum set_key_cmd cmd) 2243{ 2244 struct mt76_vif *mvif = (struct mt76_vif *)vif->drv_priv; 2245 struct sk_buff *skb; 2246 int ret; 2247 2248 skb = __mt76_connac_mcu_alloc_sta_req(dev, mvif, wcid, 2249 MT7996_STA_UPDATE_MAX_SIZE); 2250 if (IS_ERR(skb)) 2251 return PTR_ERR(skb); 2252 2253 ret = mt7996_mcu_sta_key_tlv(wcid, skb, key, cmd); 2254 if (ret) 2255 return ret; 2256 2257 return mt76_mcu_skb_send_msg(dev, skb, mcu_cmd, true); 2258} 2259 2260static int mt7996_mcu_get_pn(struct mt7996_dev *dev, struct ieee80211_vif *vif, 2261 u8 *pn) 2262{ 2263#define TSC_TYPE_BIGTK_PN 2 2264 struct mt7996_vif *mvif = (struct mt7996_vif *)vif->drv_priv; 2265 struct sta_rec_pn_info *pn_info; 2266 struct sk_buff *skb, *rskb; 2267 struct tlv *tlv; 2268 int ret; 2269 2270 skb = mt76_connac_mcu_alloc_sta_req(&dev->mt76, &mvif->mt76, &mvif->sta.wcid); 2271 if (IS_ERR(skb)) 2272 return PTR_ERR(skb); 2273 2274 tlv = mt76_connac_mcu_add_tlv(skb, STA_REC_PN_INFO, sizeof(*pn_info)); 2275 pn_info = (struct sta_rec_pn_info *)tlv; 2276 2277 pn_info->tsc_type = TSC_TYPE_BIGTK_PN; 2278 ret = mt76_mcu_skb_send_and_get_msg(&dev->mt76, skb, 2279 MCU_WM_UNI_CMD_QUERY(STA_REC_UPDATE), 2280 true, &rskb); 2281 if (ret) 2282 return ret; 2283 2284 skb_pull(rskb, 4); 2285 2286 pn_info = (struct sta_rec_pn_info *)rskb->data; 2287 if (le16_to_cpu(pn_info->tag) == STA_REC_PN_INFO) 2288 memcpy(pn, pn_info->pn, 6); 2289 2290 dev_kfree_skb(rskb); 2291 return 0; 2292} 2293 2294int mt7996_mcu_bcn_prot_enable(struct mt7996_dev *dev, struct ieee80211_vif *vif, 2295 struct ieee80211_key_conf *key) 2296{ 2297 struct mt7996_vif *mvif = (struct mt7996_vif *)vif->drv_priv; 2298 struct mt7996_mcu_bcn_prot_tlv *bcn_prot; 2299 struct sk_buff *skb; 2300 struct tlv *tlv; 2301 u8 pn[6] = {}; 2302 int len = sizeof(struct bss_req_hdr) + 2303 sizeof(struct mt7996_mcu_bcn_prot_tlv); 2304 int ret; 2305 2306 skb = __mt7996_mcu_alloc_bss_req(&dev->mt76, &mvif->mt76, len); 2307 if (IS_ERR(skb)) 2308 return PTR_ERR(skb); 2309 2310 tlv = mt76_connac_mcu_add_tlv(skb, UNI_BSS_INFO_BCN_PROT, sizeof(*bcn_prot)); 2311 2312 bcn_prot = (struct mt7996_mcu_bcn_prot_tlv *)tlv; 2313 2314 ret = mt7996_mcu_get_pn(dev, vif, pn); 2315 if (ret) { 2316 dev_kfree_skb(skb); 2317 return ret; 2318 } 2319 2320 switch (key->cipher) { 2321 case WLAN_CIPHER_SUITE_AES_CMAC: 2322 bcn_prot->cipher_id = MCU_CIPHER_BCN_PROT_CMAC_128; 2323 break; 2324 case WLAN_CIPHER_SUITE_BIP_GMAC_128: 2325 bcn_prot->cipher_id = MCU_CIPHER_BCN_PROT_GMAC_128; 2326 break; 2327 case WLAN_CIPHER_SUITE_BIP_GMAC_256: 2328 bcn_prot->cipher_id = MCU_CIPHER_BCN_PROT_GMAC_256; 2329 break; 2330 case WLAN_CIPHER_SUITE_BIP_CMAC_256: 2331 default: 2332 dev_err(dev->mt76.dev, "Not supported Bigtk Cipher\n"); 2333 dev_kfree_skb(skb); 2334 return -EOPNOTSUPP; 2335 } 2336 2337 pn[0]++; 2338 memcpy(bcn_prot->pn, pn, 6); 2339 bcn_prot->enable = BP_SW_MODE; 2340 memcpy(bcn_prot->key, key->key, WLAN_MAX_KEY_LEN); 2341 bcn_prot->key_id = key->keyidx; 2342 2343 return mt76_mcu_skb_send_msg(&dev->mt76, skb, 2344 MCU_WMWA_UNI_CMD(BSS_INFO_UPDATE), true); 2345} 2346int mt7996_mcu_add_dev_info(struct mt7996_phy *phy, 2347 struct ieee80211_vif *vif, bool enable) 2348{ 2349 struct mt7996_dev *dev = phy->dev; 2350 struct mt7996_vif *mvif = (struct mt7996_vif *)vif->drv_priv; 2351 struct { 2352 struct req_hdr { 2353 u8 omac_idx; 2354 u8 band_idx; 2355 u8 __rsv[2]; 2356 } __packed hdr; 2357 struct req_tlv { 2358 __le16 tag; 2359 __le16 len; 2360 u8 active; 2361 u8 __rsv; 2362 u8 omac_addr[ETH_ALEN]; 2363 } __packed tlv; 2364 } data = { 2365 .hdr = { 2366 .omac_idx = mvif->mt76.omac_idx, 2367 .band_idx = mvif->mt76.band_idx, 2368 }, 2369 .tlv = { 2370 .tag = cpu_to_le16(DEV_INFO_ACTIVE), 2371 .len = cpu_to_le16(sizeof(struct req_tlv)), 2372 .active = enable, 2373 }, 2374 }; 2375 2376 if (mvif->mt76.omac_idx >= REPEATER_BSSID_START) 2377 return mt7996_mcu_muar_config(phy, vif, false, enable); 2378 2379 memcpy(data.tlv.omac_addr, vif->addr, ETH_ALEN); 2380 return mt76_mcu_send_msg(&dev->mt76, MCU_WMWA_UNI_CMD(DEV_INFO_UPDATE), 2381 &data, sizeof(data), true); 2382} 2383 2384static void 2385mt7996_mcu_beacon_cntdwn(struct ieee80211_vif *vif, struct sk_buff *rskb, 2386 struct sk_buff *skb, 2387 struct ieee80211_mutable_offsets *offs) 2388{ 2389 struct bss_bcn_cntdwn_tlv *info; 2390 struct tlv *tlv; 2391 u16 tag; 2392 2393 if (!offs->cntdwn_counter_offs[0]) 2394 return; 2395 2396 tag = vif->bss_conf.csa_active ? UNI_BSS_INFO_BCN_CSA : UNI_BSS_INFO_BCN_BCC; 2397 2398 tlv = mt7996_mcu_add_uni_tlv(rskb, tag, sizeof(*info)); 2399 2400 info = (struct bss_bcn_cntdwn_tlv *)tlv; 2401 info->cnt = skb->data[offs->cntdwn_counter_offs[0]]; 2402} 2403 2404static void 2405mt7996_mcu_beacon_mbss(struct sk_buff *rskb, struct sk_buff *skb, 2406 struct ieee80211_vif *vif, struct bss_bcn_content_tlv *bcn, 2407 struct ieee80211_mutable_offsets *offs) 2408{ 2409 struct bss_bcn_mbss_tlv *mbss; 2410 const struct element *elem; 2411 struct tlv *tlv; 2412 2413 if (!vif->bss_conf.bssid_indicator) 2414 return; 2415 2416 tlv = mt7996_mcu_add_uni_tlv(rskb, UNI_BSS_INFO_BCN_MBSSID, sizeof(*mbss)); 2417 2418 mbss = (struct bss_bcn_mbss_tlv *)tlv; 2419 mbss->offset[0] = cpu_to_le16(offs->tim_offset); 2420 mbss->bitmap = cpu_to_le32(1); 2421 2422 for_each_element_id(elem, WLAN_EID_MULTIPLE_BSSID, 2423 &skb->data[offs->mbssid_off], 2424 skb->len - offs->mbssid_off) { 2425 const struct element *sub_elem; 2426 2427 if (elem->datalen < 2) 2428 continue; 2429 2430 for_each_element(sub_elem, elem->data + 1, elem->datalen - 1) { 2431 const struct ieee80211_bssid_index *idx; 2432 const u8 *idx_ie; 2433 2434 /* not a valid BSS profile */ 2435 if (sub_elem->id || sub_elem->datalen < 4) 2436 continue; 2437 2438 /* Find WLAN_EID_MULTI_BSSID_IDX 2439 * in the merged nontransmitted profile 2440 */ 2441 idx_ie = cfg80211_find_ie(WLAN_EID_MULTI_BSSID_IDX, 2442 sub_elem->data, sub_elem->datalen); 2443 if (!idx_ie || idx_ie[1] < sizeof(*idx)) 2444 continue; 2445 2446 idx = (void *)(idx_ie + 2); 2447 if (!idx->bssid_index || idx->bssid_index > 31) 2448 continue; 2449 2450 mbss->offset[idx->bssid_index] = cpu_to_le16(idx_ie - 2451 skb->data); 2452 mbss->bitmap |= cpu_to_le32(BIT(idx->bssid_index)); 2453 } 2454 } 2455} 2456 2457static void 2458mt7996_mcu_beacon_cont(struct mt7996_dev *dev, struct ieee80211_vif *vif, 2459 struct sk_buff *rskb, struct sk_buff *skb, 2460 struct bss_bcn_content_tlv *bcn, 2461 struct ieee80211_mutable_offsets *offs) 2462{ 2463 struct mt76_wcid *wcid = &dev->mt76.global_wcid; 2464 u8 *buf; 2465 2466 bcn->pkt_len = cpu_to_le16(MT_TXD_SIZE + skb->len); 2467 bcn->tim_ie_pos = cpu_to_le16(offs->tim_offset); 2468 2469 if (offs->cntdwn_counter_offs[0]) { 2470 u16 offset = offs->cntdwn_counter_offs[0]; 2471 2472 if (vif->bss_conf.csa_active) 2473 bcn->csa_ie_pos = cpu_to_le16(offset - 4); 2474 if (vif->bss_conf.color_change_active) 2475 bcn->bcc_ie_pos = cpu_to_le16(offset - 3); 2476 } 2477 2478 buf = (u8 *)bcn + sizeof(*bcn); 2479 mt7996_mac_write_txwi(dev, (__le32 *)buf, skb, wcid, NULL, 0, 0, 2480 BSS_CHANGED_BEACON); 2481 2482 memcpy(buf + MT_TXD_SIZE, skb->data, skb->len); 2483} 2484 2485int mt7996_mcu_add_beacon(struct ieee80211_hw *hw, 2486 struct ieee80211_vif *vif, int en) 2487{ 2488 struct mt7996_dev *dev = mt7996_hw_dev(hw); 2489 struct mt7996_phy *phy = mt7996_hw_phy(hw); 2490 struct mt7996_vif *mvif = (struct mt7996_vif *)vif->drv_priv; 2491 struct ieee80211_mutable_offsets offs; 2492 struct ieee80211_tx_info *info; 2493 struct sk_buff *skb, *rskb; 2494 struct tlv *tlv; 2495 struct bss_bcn_content_tlv *bcn; 2496 int len; 2497 2498 if (vif->bss_conf.nontransmitted) 2499 return 0; 2500 2501 rskb = __mt7996_mcu_alloc_bss_req(&dev->mt76, &mvif->mt76, 2502 MT7996_MAX_BSS_OFFLOAD_SIZE); 2503 if (IS_ERR(rskb)) 2504 return PTR_ERR(rskb); 2505 2506 skb = ieee80211_beacon_get_template(hw, vif, &offs, 0); 2507 if (!skb) { 2508 dev_kfree_skb(rskb); 2509 return -EINVAL; 2510 } 2511 2512 if (skb->len > MT7996_MAX_BEACON_SIZE) { 2513 dev_err(dev->mt76.dev, "Bcn size limit exceed\n"); 2514 dev_kfree_skb(rskb); 2515 dev_kfree_skb(skb); 2516 return -EINVAL; 2517 } 2518 2519 info = IEEE80211_SKB_CB(skb); 2520 info->hw_queue |= FIELD_PREP(MT_TX_HW_QUEUE_PHY, phy->mt76->band_idx); 2521 2522 len = ALIGN(sizeof(*bcn) + MT_TXD_SIZE + skb->len, 4); 2523 tlv = mt7996_mcu_add_uni_tlv(rskb, UNI_BSS_INFO_BCN_CONTENT, len); 2524 bcn = (struct bss_bcn_content_tlv *)tlv; 2525 bcn->enable = en; 2526 if (!en) 2527 goto out; 2528 2529 mt7996_mcu_beacon_cont(dev, vif, rskb, skb, bcn, &offs); 2530 mt7996_mcu_beacon_mbss(rskb, skb, vif, bcn, &offs); 2531 mt7996_mcu_beacon_cntdwn(vif, rskb, skb, &offs); 2532out: 2533 dev_kfree_skb(skb); 2534 return mt76_mcu_skb_send_msg(&phy->dev->mt76, rskb, 2535 MCU_WMWA_UNI_CMD(BSS_INFO_UPDATE), true); 2536} 2537 2538int mt7996_mcu_beacon_inband_discov(struct mt7996_dev *dev, 2539 struct ieee80211_vif *vif, u32 changed) 2540{ 2541#define OFFLOAD_TX_MODE_SU BIT(0) 2542#define OFFLOAD_TX_MODE_MU BIT(1) 2543 struct ieee80211_hw *hw = mt76_hw(dev); 2544 struct mt7996_phy *phy = mt7996_hw_phy(hw); 2545 struct mt7996_vif *mvif = (struct mt7996_vif *)vif->drv_priv; 2546 struct cfg80211_chan_def *chandef = &mvif->phy->mt76->chandef; 2547 enum nl80211_band band = chandef->chan->band; 2548 struct mt76_wcid *wcid = &dev->mt76.global_wcid; 2549 struct bss_inband_discovery_tlv *discov; 2550 struct ieee80211_tx_info *info; 2551 struct sk_buff *rskb, *skb = NULL; 2552 struct tlv *tlv; 2553 u8 *buf, interval; 2554 int len; 2555 2556 if (vif->bss_conf.nontransmitted) 2557 return 0; 2558 2559 rskb = __mt7996_mcu_alloc_bss_req(&dev->mt76, &mvif->mt76, 2560 MT7996_MAX_BSS_OFFLOAD_SIZE); 2561 if (IS_ERR(rskb)) 2562 return PTR_ERR(rskb); 2563 2564 if (changed & BSS_CHANGED_FILS_DISCOVERY && 2565 vif->bss_conf.fils_discovery.max_interval) { 2566 interval = vif->bss_conf.fils_discovery.max_interval; 2567 skb = ieee80211_get_fils_discovery_tmpl(hw, vif); 2568 } else if (changed & BSS_CHANGED_UNSOL_BCAST_PROBE_RESP && 2569 vif->bss_conf.unsol_bcast_probe_resp_interval) { 2570 interval = vif->bss_conf.unsol_bcast_probe_resp_interval; 2571 skb = ieee80211_get_unsol_bcast_probe_resp_tmpl(hw, vif); 2572 } 2573 2574 if (!skb) { 2575 dev_kfree_skb(rskb); 2576 return -EINVAL; 2577 } 2578 2579 if (skb->len > MT7996_MAX_BEACON_SIZE) { 2580 dev_err(dev->mt76.dev, "inband discovery size limit exceed\n"); 2581 dev_kfree_skb(rskb); 2582 dev_kfree_skb(skb); 2583 return -EINVAL; 2584 } 2585 2586 info = IEEE80211_SKB_CB(skb); 2587 info->control.vif = vif; 2588 info->band = band; 2589 info->hw_queue |= FIELD_PREP(MT_TX_HW_QUEUE_PHY, phy->mt76->band_idx); 2590 2591 len = ALIGN(sizeof(*discov) + MT_TXD_SIZE + skb->len, 4); 2592 tlv = mt7996_mcu_add_uni_tlv(rskb, UNI_BSS_INFO_OFFLOAD, len); 2593 2594 discov = (struct bss_inband_discovery_tlv *)tlv; 2595 discov->tx_mode = OFFLOAD_TX_MODE_SU; 2596 /* 0: UNSOL PROBE RESP, 1: FILS DISCOV */ 2597 discov->tx_type = !!(changed & BSS_CHANGED_FILS_DISCOVERY); 2598 discov->tx_interval = interval; 2599 discov->prob_rsp_len = cpu_to_le16(MT_TXD_SIZE + skb->len); 2600 discov->enable = true; 2601 discov->wcid = cpu_to_le16(MT7996_WTBL_RESERVED); 2602 2603 buf = (u8 *)tlv + sizeof(*discov); 2604 2605 mt7996_mac_write_txwi(dev, (__le32 *)buf, skb, wcid, NULL, 0, 0, changed); 2606 2607 memcpy(buf + MT_TXD_SIZE, skb->data, skb->len); 2608 2609 dev_kfree_skb(skb); 2610 2611 return mt76_mcu_skb_send_msg(&dev->mt76, rskb, 2612 MCU_WMWA_UNI_CMD(BSS_INFO_UPDATE), true); 2613} 2614 2615static int mt7996_driver_own(struct mt7996_dev *dev, u8 band) 2616{ 2617 mt76_wr(dev, MT_TOP_LPCR_HOST_BAND(band), MT_TOP_LPCR_HOST_DRV_OWN); 2618 if (!mt76_poll_msec(dev, MT_TOP_LPCR_HOST_BAND(band), 2619 MT_TOP_LPCR_HOST_FW_OWN_STAT, 0, 500)) { 2620 dev_err(dev->mt76.dev, "Timeout for driver own\n"); 2621 return -EIO; 2622 } 2623 2624 /* clear irq when the driver own success */ 2625 mt76_wr(dev, MT_TOP_LPCR_HOST_BAND_IRQ_STAT(band), 2626 MT_TOP_LPCR_HOST_BAND_STAT); 2627 2628 return 0; 2629} 2630 2631static u32 mt7996_patch_sec_mode(u32 key_info) 2632{ 2633 u32 sec = u32_get_bits(key_info, MT7996_PATCH_SEC), key = 0; 2634 2635 if (key_info == GENMASK(31, 0) || sec == MT7996_SEC_MODE_PLAIN) 2636 return 0; 2637 2638 if (sec == MT7996_SEC_MODE_AES) 2639 key = u32_get_bits(key_info, MT7996_PATCH_AES_KEY); 2640 else 2641 key = u32_get_bits(key_info, MT7996_PATCH_SCRAMBLE_KEY); 2642 2643 return MT7996_SEC_ENCRYPT | MT7996_SEC_IV | 2644 u32_encode_bits(key, MT7996_SEC_KEY_IDX); 2645} 2646 2647static int mt7996_load_patch(struct mt7996_dev *dev) 2648{ 2649 const struct mt7996_patch_hdr *hdr; 2650 const struct firmware *fw = NULL; 2651 int i, ret, sem; 2652 2653 sem = mt76_connac_mcu_patch_sem_ctrl(&dev->mt76, 1); 2654 switch (sem) { 2655 case PATCH_IS_DL: 2656 return 0; 2657 case PATCH_NOT_DL_SEM_SUCCESS: 2658 break; 2659 default: 2660 dev_err(dev->mt76.dev, "Failed to get patch semaphore\n"); 2661 return -EAGAIN; 2662 } 2663 2664 ret = request_firmware(&fw, fw_name(dev, ROM_PATCH), dev->mt76.dev); 2665 if (ret) 2666 goto out; 2667 2668 if (!fw || !fw->data || fw->size < sizeof(*hdr)) { 2669 dev_err(dev->mt76.dev, "Invalid firmware\n"); 2670 ret = -EINVAL; 2671 goto out; 2672 } 2673 2674 hdr = (const struct mt7996_patch_hdr *)(fw->data); 2675 2676 dev_info(dev->mt76.dev, "HW/SW Version: 0x%x, Build Time: %.16s\n", 2677 be32_to_cpu(hdr->hw_sw_ver), hdr->build_date); 2678 2679 for (i = 0; i < be32_to_cpu(hdr->desc.n_region); i++) { 2680 struct mt7996_patch_sec *sec; 2681 const u8 *dl; 2682 u32 len, addr, sec_key_idx, mode = DL_MODE_NEED_RSP; 2683 2684 sec = (struct mt7996_patch_sec *)(fw->data + sizeof(*hdr) + 2685 i * sizeof(*sec)); 2686 if ((be32_to_cpu(sec->type) & PATCH_SEC_TYPE_MASK) != 2687 PATCH_SEC_TYPE_INFO) { 2688 ret = -EINVAL; 2689 goto out; 2690 } 2691 2692 addr = be32_to_cpu(sec->info.addr); 2693 len = be32_to_cpu(sec->info.len); 2694 sec_key_idx = be32_to_cpu(sec->info.sec_key_idx); 2695 dl = fw->data + be32_to_cpu(sec->offs); 2696 2697 mode |= mt7996_patch_sec_mode(sec_key_idx); 2698 2699 ret = mt76_connac_mcu_init_download(&dev->mt76, addr, len, 2700 mode); 2701 if (ret) { 2702 dev_err(dev->mt76.dev, "Download request failed\n"); 2703 goto out; 2704 } 2705 2706 ret = __mt76_mcu_send_firmware(&dev->mt76, MCU_CMD(FW_SCATTER), 2707 dl, len, 4096); 2708 if (ret) { 2709 dev_err(dev->mt76.dev, "Failed to send patch\n"); 2710 goto out; 2711 } 2712 } 2713 2714 ret = mt76_connac_mcu_start_patch(&dev->mt76); 2715 if (ret) 2716 dev_err(dev->mt76.dev, "Failed to start patch\n"); 2717 2718out: 2719 sem = mt76_connac_mcu_patch_sem_ctrl(&dev->mt76, 0); 2720 switch (sem) { 2721 case PATCH_REL_SEM_SUCCESS: 2722 break; 2723 default: 2724 ret = -EAGAIN; 2725 dev_err(dev->mt76.dev, "Failed to release patch semaphore\n"); 2726 break; 2727 } 2728 release_firmware(fw); 2729 2730 return ret; 2731} 2732 2733static int 2734mt7996_mcu_send_ram_firmware(struct mt7996_dev *dev, 2735 const struct mt7996_fw_trailer *hdr, 2736 const u8 *data, enum mt7996_ram_type type) 2737{ 2738 int i, offset = 0; 2739 u32 override = 0, option = 0; 2740 2741 for (i = 0; i < hdr->n_region; i++) { 2742 const struct mt7996_fw_region *region; 2743 int err; 2744 u32 len, addr, mode; 2745 2746 region = (const struct mt7996_fw_region *)((const u8 *)hdr - 2747 (hdr->n_region - i) * sizeof(*region)); 2748 /* DSP and WA use same mode */ 2749 mode = mt76_connac_mcu_gen_dl_mode(&dev->mt76, 2750 region->feature_set, 2751 type != MT7996_RAM_TYPE_WM); 2752 len = le32_to_cpu(region->len); 2753 addr = le32_to_cpu(region->addr); 2754 2755 if (region->feature_set & FW_FEATURE_OVERRIDE_ADDR) 2756 override = addr; 2757 2758 err = mt76_connac_mcu_init_download(&dev->mt76, addr, len, 2759 mode); 2760 if (err) { 2761 dev_err(dev->mt76.dev, "Download request failed\n"); 2762 return err; 2763 } 2764 2765 err = __mt76_mcu_send_firmware(&dev->mt76, MCU_CMD(FW_SCATTER), 2766 data + offset, len, 4096); 2767 if (err) { 2768 dev_err(dev->mt76.dev, "Failed to send firmware.\n"); 2769 return err; 2770 } 2771 2772 offset += len; 2773 } 2774 2775 if (override) 2776 option |= FW_START_OVERRIDE; 2777 2778 if (type == MT7996_RAM_TYPE_WA) 2779 option |= FW_START_WORKING_PDA_CR4; 2780 else if (type == MT7996_RAM_TYPE_DSP) 2781 option |= FW_START_WORKING_PDA_DSP; 2782 2783 return mt76_connac_mcu_start_firmware(&dev->mt76, override, option); 2784} 2785 2786static int __mt7996_load_ram(struct mt7996_dev *dev, const char *fw_type, 2787 const char *fw_file, enum mt7996_ram_type ram_type) 2788{ 2789 const struct mt7996_fw_trailer *hdr; 2790 const struct firmware *fw; 2791 int ret; 2792 2793 ret = request_firmware(&fw, fw_file, dev->mt76.dev); 2794 if (ret) 2795 return ret; 2796 2797 if (!fw || !fw->data || fw->size < sizeof(*hdr)) { 2798 dev_err(dev->mt76.dev, "Invalid firmware\n"); 2799 ret = -EINVAL; 2800 goto out; 2801 } 2802 2803 hdr = (const void *)(fw->data + fw->size - sizeof(*hdr)); 2804 dev_info(dev->mt76.dev, "%s Firmware Version: %.10s, Build Time: %.15s\n", 2805 fw_type, hdr->fw_ver, hdr->build_date); 2806 2807 ret = mt7996_mcu_send_ram_firmware(dev, hdr, fw->data, ram_type); 2808 if (ret) { 2809 dev_err(dev->mt76.dev, "Failed to start %s firmware\n", fw_type); 2810 goto out; 2811 } 2812 2813 snprintf(dev->mt76.hw->wiphy->fw_version, 2814 sizeof(dev->mt76.hw->wiphy->fw_version), 2815 "%.10s-%.15s", hdr->fw_ver, hdr->build_date); 2816 2817out: 2818 release_firmware(fw); 2819 2820 return ret; 2821} 2822 2823static int mt7996_load_ram(struct mt7996_dev *dev) 2824{ 2825 int ret; 2826 2827 ret = __mt7996_load_ram(dev, "WM", fw_name(dev, FIRMWARE_WM), 2828 MT7996_RAM_TYPE_WM); 2829 if (ret) 2830 return ret; 2831 2832 ret = __mt7996_load_ram(dev, "DSP", fw_name(dev, FIRMWARE_DSP), 2833 MT7996_RAM_TYPE_DSP); 2834 if (ret) 2835 return ret; 2836 2837 return __mt7996_load_ram(dev, "WA", fw_name(dev, FIRMWARE_WA), 2838 MT7996_RAM_TYPE_WA); 2839} 2840 2841static int 2842mt7996_firmware_state(struct mt7996_dev *dev, bool wa) 2843{ 2844 u32 state = FIELD_PREP(MT_TOP_MISC_FW_STATE, 2845 wa ? FW_STATE_RDY : FW_STATE_FW_DOWNLOAD); 2846 2847 if (!mt76_poll_msec(dev, MT_TOP_MISC, MT_TOP_MISC_FW_STATE, 2848 state, 1000)) { 2849 dev_err(dev->mt76.dev, "Timeout for initializing firmware\n"); 2850 return -EIO; 2851 } 2852 return 0; 2853} 2854 2855static int 2856mt7996_mcu_restart(struct mt76_dev *dev) 2857{ 2858 struct { 2859 u8 __rsv1[4]; 2860 2861 __le16 tag; 2862 __le16 len; 2863 u8 power_mode; 2864 u8 __rsv2[3]; 2865 } __packed req = { 2866 .tag = cpu_to_le16(UNI_POWER_OFF), 2867 .len = cpu_to_le16(sizeof(req) - 4), 2868 .power_mode = 1, 2869 }; 2870 2871 return mt76_mcu_send_msg(dev, MCU_WM_UNI_CMD(POWER_CTRL), &req, 2872 sizeof(req), false); 2873} 2874 2875static int mt7996_load_firmware(struct mt7996_dev *dev) 2876{ 2877 int ret; 2878 2879 /* make sure fw is download state */ 2880 if (mt7996_firmware_state(dev, false)) { 2881 /* restart firmware once */ 2882 mt7996_mcu_restart(&dev->mt76); 2883 ret = mt7996_firmware_state(dev, false); 2884 if (ret) { 2885 dev_err(dev->mt76.dev, 2886 "Firmware is not ready for download\n"); 2887 return ret; 2888 } 2889 } 2890 2891 ret = mt7996_load_patch(dev); 2892 if (ret) 2893 return ret; 2894 2895 ret = mt7996_load_ram(dev); 2896 if (ret) 2897 return ret; 2898 2899 ret = mt7996_firmware_state(dev, true); 2900 if (ret) 2901 return ret; 2902 2903 mt76_queue_tx_cleanup(dev, dev->mt76.q_mcu[MT_MCUQ_FWDL], false); 2904 2905 dev_dbg(dev->mt76.dev, "Firmware init done\n"); 2906 2907 return 0; 2908} 2909 2910int mt7996_mcu_fw_log_2_host(struct mt7996_dev *dev, u8 type, u8 ctrl) 2911{ 2912 struct { 2913 u8 _rsv[4]; 2914 2915 __le16 tag; 2916 __le16 len; 2917 u8 ctrl; 2918 u8 interval; 2919 u8 _rsv2[2]; 2920 } __packed data = { 2921 .tag = cpu_to_le16(UNI_WSYS_CONFIG_FW_LOG_CTRL), 2922 .len = cpu_to_le16(sizeof(data) - 4), 2923 .ctrl = ctrl, 2924 }; 2925 2926 if (type == MCU_FW_LOG_WA) 2927 return mt76_mcu_send_msg(&dev->mt76, MCU_WA_UNI_CMD(WSYS_CONFIG), 2928 &data, sizeof(data), true); 2929 2930 return mt76_mcu_send_msg(&dev->mt76, MCU_WM_UNI_CMD(WSYS_CONFIG), &data, 2931 sizeof(data), true); 2932} 2933 2934int mt7996_mcu_fw_dbg_ctrl(struct mt7996_dev *dev, u32 module, u8 level) 2935{ 2936 struct { 2937 u8 _rsv[4]; 2938 2939 __le16 tag; 2940 __le16 len; 2941 __le32 module_idx; 2942 u8 level; 2943 u8 _rsv2[3]; 2944 } data = { 2945 .tag = cpu_to_le16(UNI_WSYS_CONFIG_FW_DBG_CTRL), 2946 .len = cpu_to_le16(sizeof(data) - 4), 2947 .module_idx = cpu_to_le32(module), 2948 .level = level, 2949 }; 2950 2951 return mt76_mcu_send_msg(&dev->mt76, MCU_WM_UNI_CMD(WSYS_CONFIG), &data, 2952 sizeof(data), false); 2953} 2954 2955static int mt7996_mcu_set_mwds(struct mt7996_dev *dev, bool enabled) 2956{ 2957 struct { 2958 u8 enable; 2959 u8 _rsv[3]; 2960 } __packed req = { 2961 .enable = enabled 2962 }; 2963 2964 return mt76_mcu_send_msg(&dev->mt76, MCU_WA_EXT_CMD(MWDS_SUPPORT), &req, 2965 sizeof(req), false); 2966} 2967 2968static void mt7996_add_rx_airtime_tlv(struct sk_buff *skb, u8 band_idx) 2969{ 2970 struct vow_rx_airtime *req; 2971 struct tlv *tlv; 2972 2973 tlv = mt7996_mcu_add_uni_tlv(skb, UNI_VOW_RX_AT_AIRTIME_CLR_EN, sizeof(*req)); 2974 req = (struct vow_rx_airtime *)tlv; 2975 req->enable = true; 2976 req->band = band_idx; 2977 2978 tlv = mt7996_mcu_add_uni_tlv(skb, UNI_VOW_RX_AT_AIRTIME_EN, sizeof(*req)); 2979 req = (struct vow_rx_airtime *)tlv; 2980 req->enable = true; 2981 req->band = band_idx; 2982} 2983 2984static int 2985mt7996_mcu_init_rx_airtime(struct mt7996_dev *dev) 2986{ 2987 struct uni_header hdr = {}; 2988 struct sk_buff *skb; 2989 int len, num, i; 2990 2991 num = 2 + 2 * (mt7996_band_valid(dev, MT_BAND1) + 2992 mt7996_band_valid(dev, MT_BAND2)); 2993 len = sizeof(hdr) + num * sizeof(struct vow_rx_airtime); 2994 skb = mt76_mcu_msg_alloc(&dev->mt76, NULL, len); 2995 if (!skb) 2996 return -ENOMEM; 2997 2998 skb_put_data(skb, &hdr, sizeof(hdr)); 2999 3000 for (i = 0; i < __MT_MAX_BAND; i++) { 3001 if (mt7996_band_valid(dev, i)) 3002 mt7996_add_rx_airtime_tlv(skb, i); 3003 } 3004 3005 return mt76_mcu_skb_send_msg(&dev->mt76, skb, 3006 MCU_WM_UNI_CMD(VOW), true); 3007} 3008 3009int mt7996_mcu_init_firmware(struct mt7996_dev *dev) 3010{ 3011 int ret; 3012 3013 /* force firmware operation mode into normal state, 3014 * which should be set before firmware download stage. 3015 */ 3016 mt76_wr(dev, MT_SWDEF_MODE, MT_SWDEF_NORMAL_MODE); 3017 3018 ret = mt7996_driver_own(dev, 0); 3019 if (ret) 3020 return ret; 3021 /* set driver own for band1 when two hif exist */ 3022 if (dev->hif2) { 3023 ret = mt7996_driver_own(dev, 1); 3024 if (ret) 3025 return ret; 3026 } 3027 3028 ret = mt7996_load_firmware(dev); 3029 if (ret) 3030 return ret; 3031 3032 set_bit(MT76_STATE_MCU_RUNNING, &dev->mphy.state); 3033 ret = mt7996_mcu_fw_log_2_host(dev, MCU_FW_LOG_WM, 0); 3034 if (ret) 3035 return ret; 3036 3037 ret = mt7996_mcu_fw_log_2_host(dev, MCU_FW_LOG_WA, 0); 3038 if (ret) 3039 return ret; 3040 3041 ret = mt7996_mcu_set_mwds(dev, 1); 3042 if (ret) 3043 return ret; 3044 3045 ret = mt7996_mcu_init_rx_airtime(dev); 3046 if (ret) 3047 return ret; 3048 3049 return mt7996_mcu_wa_cmd(dev, MCU_WA_PARAM_CMD(SET), 3050 MCU_WA_PARAM_RED, 0, 0); 3051} 3052 3053int mt7996_mcu_init(struct mt7996_dev *dev) 3054{ 3055 static const struct mt76_mcu_ops mt7996_mcu_ops = { 3056 .headroom = sizeof(struct mt76_connac2_mcu_txd), /* reuse */ 3057 .mcu_skb_send_msg = mt7996_mcu_send_message, 3058 .mcu_parse_response = mt7996_mcu_parse_response, 3059 }; 3060 3061 dev->mt76.mcu_ops = &mt7996_mcu_ops; 3062 3063 return mt7996_mcu_init_firmware(dev); 3064} 3065 3066void mt7996_mcu_exit(struct mt7996_dev *dev) 3067{ 3068 mt7996_mcu_restart(&dev->mt76); 3069 if (mt7996_firmware_state(dev, false)) { 3070 dev_err(dev->mt76.dev, "Failed to exit mcu\n"); 3071 goto out; 3072 } 3073 3074 mt76_wr(dev, MT_TOP_LPCR_HOST_BAND(0), MT_TOP_LPCR_HOST_FW_OWN); 3075 if (dev->hif2) 3076 mt76_wr(dev, MT_TOP_LPCR_HOST_BAND(1), 3077 MT_TOP_LPCR_HOST_FW_OWN); 3078out: 3079 skb_queue_purge(&dev->mt76.mcu.res_q); 3080} 3081 3082int mt7996_mcu_set_hdr_trans(struct mt7996_dev *dev, bool hdr_trans) 3083{ 3084 struct { 3085 u8 __rsv[4]; 3086 } __packed hdr; 3087 struct hdr_trans_blacklist *req_blacklist; 3088 struct hdr_trans_en *req_en; 3089 struct sk_buff *skb; 3090 struct tlv *tlv; 3091 int len = MT7996_HDR_TRANS_MAX_SIZE + sizeof(hdr); 3092 3093 skb = mt76_mcu_msg_alloc(&dev->mt76, NULL, len); 3094 if (!skb) 3095 return -ENOMEM; 3096 3097 skb_put_data(skb, &hdr, sizeof(hdr)); 3098 3099 tlv = mt7996_mcu_add_uni_tlv(skb, UNI_HDR_TRANS_EN, sizeof(*req_en)); 3100 req_en = (struct hdr_trans_en *)tlv; 3101 req_en->enable = hdr_trans; 3102 3103 tlv = mt7996_mcu_add_uni_tlv(skb, UNI_HDR_TRANS_VLAN, 3104 sizeof(struct hdr_trans_vlan)); 3105 3106 if (hdr_trans) { 3107 tlv = mt7996_mcu_add_uni_tlv(skb, UNI_HDR_TRANS_BLACKLIST, 3108 sizeof(*req_blacklist)); 3109 req_blacklist = (struct hdr_trans_blacklist *)tlv; 3110 req_blacklist->enable = 1; 3111 req_blacklist->type = cpu_to_le16(ETH_P_PAE); 3112 } 3113 3114 return mt76_mcu_skb_send_msg(&dev->mt76, skb, 3115 MCU_WM_UNI_CMD(RX_HDR_TRANS), true); 3116} 3117 3118int mt7996_mcu_set_tx(struct mt7996_dev *dev, struct ieee80211_vif *vif) 3119{ 3120#define MCU_EDCA_AC_PARAM 0 3121#define WMM_AIFS_SET BIT(0) 3122#define WMM_CW_MIN_SET BIT(1) 3123#define WMM_CW_MAX_SET BIT(2) 3124#define WMM_TXOP_SET BIT(3) 3125#define WMM_PARAM_SET (WMM_AIFS_SET | WMM_CW_MIN_SET | \ 3126 WMM_CW_MAX_SET | WMM_TXOP_SET) 3127 struct mt7996_vif *mvif = (struct mt7996_vif *)vif->drv_priv; 3128 struct { 3129 u8 bss_idx; 3130 u8 __rsv[3]; 3131 } __packed hdr = { 3132 .bss_idx = mvif->mt76.idx, 3133 }; 3134 struct sk_buff *skb; 3135 int len = sizeof(hdr) + IEEE80211_NUM_ACS * sizeof(struct edca); 3136 int ac; 3137 3138 skb = mt76_mcu_msg_alloc(&dev->mt76, NULL, len); 3139 if (!skb) 3140 return -ENOMEM; 3141 3142 skb_put_data(skb, &hdr, sizeof(hdr)); 3143 3144 for (ac = 0; ac < IEEE80211_NUM_ACS; ac++) { 3145 struct ieee80211_tx_queue_params *q = &mvif->queue_params[ac]; 3146 struct edca *e; 3147 struct tlv *tlv; 3148 3149 tlv = mt7996_mcu_add_uni_tlv(skb, MCU_EDCA_AC_PARAM, sizeof(*e)); 3150 3151 e = (struct edca *)tlv; 3152 e->set = WMM_PARAM_SET; 3153 e->queue = ac; 3154 e->aifs = q->aifs; 3155 e->txop = cpu_to_le16(q->txop); 3156 3157 if (q->cw_min) 3158 e->cw_min = fls(q->cw_min); 3159 else 3160 e->cw_min = 5; 3161 3162 if (q->cw_max) 3163 e->cw_max = fls(q->cw_max); 3164 else 3165 e->cw_max = 10; 3166 } 3167 3168 return mt76_mcu_skb_send_msg(&dev->mt76, skb, 3169 MCU_WM_UNI_CMD(EDCA_UPDATE), true); 3170} 3171 3172int mt7996_mcu_set_fcc5_lpn(struct mt7996_dev *dev, int val) 3173{ 3174 struct { 3175 u8 _rsv[4]; 3176 3177 __le16 tag; 3178 __le16 len; 3179 3180 __le32 ctrl; 3181 __le16 min_lpn; 3182 u8 rsv[2]; 3183 } __packed req = { 3184 .tag = cpu_to_le16(UNI_RDD_CTRL_SET_TH), 3185 .len = cpu_to_le16(sizeof(req) - 4), 3186 3187 .ctrl = cpu_to_le32(0x1), 3188 .min_lpn = cpu_to_le16(val), 3189 }; 3190 3191 return mt76_mcu_send_msg(&dev->mt76, MCU_WM_UNI_CMD(RDD_CTRL), 3192 &req, sizeof(req), true); 3193} 3194 3195int mt7996_mcu_set_pulse_th(struct mt7996_dev *dev, 3196 const struct mt7996_dfs_pulse *pulse) 3197{ 3198 struct { 3199 u8 _rsv[4]; 3200 3201 __le16 tag; 3202 __le16 len; 3203 3204 __le32 ctrl; 3205 3206 __le32 max_width; /* us */ 3207 __le32 max_pwr; /* dbm */ 3208 __le32 min_pwr; /* dbm */ 3209 __le32 min_stgr_pri; /* us */ 3210 __le32 max_stgr_pri; /* us */ 3211 __le32 min_cr_pri; /* us */ 3212 __le32 max_cr_pri; /* us */ 3213 } __packed req = { 3214 .tag = cpu_to_le16(UNI_RDD_CTRL_SET_TH), 3215 .len = cpu_to_le16(sizeof(req) - 4), 3216 3217 .ctrl = cpu_to_le32(0x3), 3218 3219#define __req_field(field) .field = cpu_to_le32(pulse->field) 3220 __req_field(max_width), 3221 __req_field(max_pwr), 3222 __req_field(min_pwr), 3223 __req_field(min_stgr_pri), 3224 __req_field(max_stgr_pri), 3225 __req_field(min_cr_pri), 3226 __req_field(max_cr_pri), 3227#undef __req_field 3228 }; 3229 3230 return mt76_mcu_send_msg(&dev->mt76, MCU_WM_UNI_CMD(RDD_CTRL), 3231 &req, sizeof(req), true); 3232} 3233 3234int mt7996_mcu_set_radar_th(struct mt7996_dev *dev, int index, 3235 const struct mt7996_dfs_pattern *pattern) 3236{ 3237 struct { 3238 u8 _rsv[4]; 3239 3240 __le16 tag; 3241 __le16 len; 3242 3243 __le32 ctrl; 3244 __le16 radar_type; 3245 3246 u8 enb; 3247 u8 stgr; 3248 u8 min_crpn; 3249 u8 max_crpn; 3250 u8 min_crpr; 3251 u8 min_pw; 3252 __le32 min_pri; 3253 __le32 max_pri; 3254 u8 max_pw; 3255 u8 min_crbn; 3256 u8 max_crbn; 3257 u8 min_stgpn; 3258 u8 max_stgpn; 3259 u8 min_stgpr; 3260 u8 rsv[2]; 3261 __le32 min_stgpr_diff; 3262 } __packed req = { 3263 .tag = cpu_to_le16(UNI_RDD_CTRL_SET_TH), 3264 .len = cpu_to_le16(sizeof(req) - 4), 3265 3266 .ctrl = cpu_to_le32(0x2), 3267 .radar_type = cpu_to_le16(index), 3268 3269#define __req_field_u8(field) .field = pattern->field 3270#define __req_field_u32(field) .field = cpu_to_le32(pattern->field) 3271 __req_field_u8(enb), 3272 __req_field_u8(stgr), 3273 __req_field_u8(min_crpn), 3274 __req_field_u8(max_crpn), 3275 __req_field_u8(min_crpr), 3276 __req_field_u8(min_pw), 3277 __req_field_u32(min_pri), 3278 __req_field_u32(max_pri), 3279 __req_field_u8(max_pw), 3280 __req_field_u8(min_crbn), 3281 __req_field_u8(max_crbn), 3282 __req_field_u8(min_stgpn), 3283 __req_field_u8(max_stgpn), 3284 __req_field_u8(min_stgpr), 3285 __req_field_u32(min_stgpr_diff), 3286#undef __req_field_u8 3287#undef __req_field_u32 3288 }; 3289 3290 return mt76_mcu_send_msg(&dev->mt76, MCU_WM_UNI_CMD(RDD_CTRL), 3291 &req, sizeof(req), true); 3292} 3293 3294static int 3295mt7996_mcu_background_chain_ctrl(struct mt7996_phy *phy, 3296 struct cfg80211_chan_def *chandef, 3297 int cmd) 3298{ 3299 struct mt7996_dev *dev = phy->dev; 3300 struct mt76_phy *mphy = phy->mt76; 3301 struct ieee80211_channel *chan = mphy->chandef.chan; 3302 int freq = mphy->chandef.center_freq1; 3303 struct mt7996_mcu_background_chain_ctrl req = { 3304 .tag = cpu_to_le16(0), 3305 .len = cpu_to_le16(sizeof(req) - 4), 3306 .monitor_scan_type = 2, /* simple rx */ 3307 }; 3308 3309 if (!chandef && cmd != CH_SWITCH_BACKGROUND_SCAN_STOP) 3310 return -EINVAL; 3311 3312 if (!cfg80211_chandef_valid(&mphy->chandef)) 3313 return -EINVAL; 3314 3315 switch (cmd) { 3316 case CH_SWITCH_BACKGROUND_SCAN_START: { 3317 req.chan = chan->hw_value; 3318 req.central_chan = ieee80211_frequency_to_channel(freq); 3319 req.bw = mt76_connac_chan_bw(&mphy->chandef); 3320 req.monitor_chan = chandef->chan->hw_value; 3321 req.monitor_central_chan = 3322 ieee80211_frequency_to_channel(chandef->center_freq1); 3323 req.monitor_bw = mt76_connac_chan_bw(chandef); 3324 req.band_idx = phy->mt76->band_idx; 3325 req.scan_mode = 1; 3326 break; 3327 } 3328 case CH_SWITCH_BACKGROUND_SCAN_RUNNING: 3329 req.monitor_chan = chandef->chan->hw_value; 3330 req.monitor_central_chan = 3331 ieee80211_frequency_to_channel(chandef->center_freq1); 3332 req.band_idx = phy->mt76->band_idx; 3333 req.scan_mode = 2; 3334 break; 3335 case CH_SWITCH_BACKGROUND_SCAN_STOP: 3336 req.chan = chan->hw_value; 3337 req.central_chan = ieee80211_frequency_to_channel(freq); 3338 req.bw = mt76_connac_chan_bw(&mphy->chandef); 3339 req.tx_stream = hweight8(mphy->antenna_mask); 3340 req.rx_stream = mphy->antenna_mask; 3341 break; 3342 default: 3343 return -EINVAL; 3344 } 3345 req.band = chandef ? chandef->chan->band == NL80211_BAND_5GHZ : 1; 3346 3347 return mt76_mcu_send_msg(&dev->mt76, MCU_WM_UNI_CMD(OFFCH_SCAN_CTRL), 3348 &req, sizeof(req), false); 3349} 3350 3351int mt7996_mcu_rdd_background_enable(struct mt7996_phy *phy, 3352 struct cfg80211_chan_def *chandef) 3353{ 3354 struct mt7996_dev *dev = phy->dev; 3355 int err, region; 3356 3357 if (!chandef) { /* disable offchain */ 3358 err = mt7996_mcu_rdd_cmd(dev, RDD_STOP, MT_RX_SEL2, 3359 0, 0); 3360 if (err) 3361 return err; 3362 3363 return mt7996_mcu_background_chain_ctrl(phy, NULL, 3364 CH_SWITCH_BACKGROUND_SCAN_STOP); 3365 } 3366 3367 err = mt7996_mcu_background_chain_ctrl(phy, chandef, 3368 CH_SWITCH_BACKGROUND_SCAN_START); 3369 if (err) 3370 return err; 3371 3372 switch (dev->mt76.region) { 3373 case NL80211_DFS_ETSI: 3374 region = 0; 3375 break; 3376 case NL80211_DFS_JP: 3377 region = 2; 3378 break; 3379 case NL80211_DFS_FCC: 3380 default: 3381 region = 1; 3382 break; 3383 } 3384 3385 return mt7996_mcu_rdd_cmd(dev, RDD_START, MT_RX_SEL2, 3386 0, region); 3387} 3388 3389int mt7996_mcu_set_chan_info(struct mt7996_phy *phy, u16 tag) 3390{ 3391 static const u8 ch_band[] = { 3392 [NL80211_BAND_2GHZ] = 0, 3393 [NL80211_BAND_5GHZ] = 1, 3394 [NL80211_BAND_6GHZ] = 2, 3395 }; 3396 struct mt7996_dev *dev = phy->dev; 3397 struct cfg80211_chan_def *chandef = &phy->mt76->chandef; 3398 int freq1 = chandef->center_freq1; 3399 u8 band_idx = phy->mt76->band_idx; 3400 struct { 3401 /* fixed field */ 3402 u8 __rsv[4]; 3403 3404 __le16 tag; 3405 __le16 len; 3406 u8 control_ch; 3407 u8 center_ch; 3408 u8 bw; 3409 u8 tx_path_num; 3410 u8 rx_path; /* mask or num */ 3411 u8 switch_reason; 3412 u8 band_idx; 3413 u8 center_ch2; /* for 80+80 only */ 3414 __le16 cac_case; 3415 u8 channel_band; 3416 u8 rsv0; 3417 __le32 outband_freq; 3418 u8 txpower_drop; 3419 u8 ap_bw; 3420 u8 ap_center_ch; 3421 u8 rsv1[53]; 3422 } __packed req = { 3423 .tag = cpu_to_le16(tag), 3424 .len = cpu_to_le16(sizeof(req) - 4), 3425 .control_ch = chandef->chan->hw_value, 3426 .center_ch = ieee80211_frequency_to_channel(freq1), 3427 .bw = mt76_connac_chan_bw(chandef), 3428 .tx_path_num = hweight16(phy->mt76->chainmask), 3429 .rx_path = mt7996_rx_chainmask(phy) >> dev->chainshift[band_idx], 3430 .band_idx = band_idx, 3431 .channel_band = ch_band[chandef->chan->band], 3432 }; 3433 3434 if (phy->mt76->hw->conf.flags & IEEE80211_CONF_MONITOR) 3435 req.switch_reason = CH_SWITCH_NORMAL; 3436 else if (phy->mt76->hw->conf.flags & IEEE80211_CONF_OFFCHANNEL || 3437 phy->mt76->hw->conf.flags & IEEE80211_CONF_IDLE) 3438 req.switch_reason = CH_SWITCH_SCAN_BYPASS_DPD; 3439 else if (!cfg80211_reg_can_beacon(phy->mt76->hw->wiphy, chandef, 3440 NL80211_IFTYPE_AP)) 3441 req.switch_reason = CH_SWITCH_DFS; 3442 else 3443 req.switch_reason = CH_SWITCH_NORMAL; 3444 3445 if (tag == UNI_CHANNEL_SWITCH) 3446 req.rx_path = hweight8(req.rx_path); 3447 3448 if (chandef->width == NL80211_CHAN_WIDTH_80P80) { 3449 int freq2 = chandef->center_freq2; 3450 3451 req.center_ch2 = ieee80211_frequency_to_channel(freq2); 3452 } 3453 3454 return mt76_mcu_send_msg(&dev->mt76, MCU_WMWA_UNI_CMD(CHANNEL_SWITCH), 3455 &req, sizeof(req), true); 3456} 3457 3458static int mt7996_mcu_set_eeprom_flash(struct mt7996_dev *dev) 3459{ 3460#define MAX_PAGE_IDX_MASK GENMASK(7, 5) 3461#define PAGE_IDX_MASK GENMASK(4, 2) 3462#define PER_PAGE_SIZE 0x400 3463 struct mt7996_mcu_eeprom req = { 3464 .tag = cpu_to_le16(UNI_EFUSE_BUFFER_MODE), 3465 .buffer_mode = EE_MODE_BUFFER 3466 }; 3467 u16 eeprom_size = MT7996_EEPROM_SIZE; 3468 u8 total = DIV_ROUND_UP(eeprom_size, PER_PAGE_SIZE); 3469 u8 *eep = (u8 *)dev->mt76.eeprom.data; 3470 int eep_len, i; 3471 3472 for (i = 0; i < total; i++, eep += eep_len) { 3473 struct sk_buff *skb; 3474 int ret, msg_len; 3475 3476 if (i == total - 1 && !!(eeprom_size % PER_PAGE_SIZE)) 3477 eep_len = eeprom_size % PER_PAGE_SIZE; 3478 else 3479 eep_len = PER_PAGE_SIZE; 3480 3481 msg_len = sizeof(req) + eep_len; 3482 skb = mt76_mcu_msg_alloc(&dev->mt76, NULL, msg_len); 3483 if (!skb) 3484 return -ENOMEM; 3485 3486 req.len = cpu_to_le16(msg_len - 4); 3487 req.format = FIELD_PREP(MAX_PAGE_IDX_MASK, total - 1) | 3488 FIELD_PREP(PAGE_IDX_MASK, i) | EE_FORMAT_WHOLE; 3489 req.buf_len = cpu_to_le16(eep_len); 3490 3491 skb_put_data(skb, &req, sizeof(req)); 3492 skb_put_data(skb, eep, eep_len); 3493 3494 ret = mt76_mcu_skb_send_msg(&dev->mt76, skb, 3495 MCU_WM_UNI_CMD(EFUSE_CTRL), true); 3496 if (ret) 3497 return ret; 3498 } 3499 3500 return 0; 3501} 3502 3503int mt7996_mcu_set_eeprom(struct mt7996_dev *dev) 3504{ 3505 struct mt7996_mcu_eeprom req = { 3506 .tag = cpu_to_le16(UNI_EFUSE_BUFFER_MODE), 3507 .len = cpu_to_le16(sizeof(req) - 4), 3508 .buffer_mode = EE_MODE_EFUSE, 3509 .format = EE_FORMAT_WHOLE 3510 }; 3511 3512 if (dev->flash_mode) 3513 return mt7996_mcu_set_eeprom_flash(dev); 3514 3515 return mt76_mcu_send_msg(&dev->mt76, MCU_WM_UNI_CMD(EFUSE_CTRL), 3516 &req, sizeof(req), true); 3517} 3518 3519int mt7996_mcu_get_eeprom(struct mt7996_dev *dev, u32 offset) 3520{ 3521 struct { 3522 u8 _rsv[4]; 3523 3524 __le16 tag; 3525 __le16 len; 3526 __le32 addr; 3527 __le32 valid; 3528 u8 data[16]; 3529 } __packed req = { 3530 .tag = cpu_to_le16(UNI_EFUSE_ACCESS), 3531 .len = cpu_to_le16(sizeof(req) - 4), 3532 .addr = cpu_to_le32(round_down(offset, 3533 MT7996_EEPROM_BLOCK_SIZE)), 3534 }; 3535 struct sk_buff *skb; 3536 bool valid; 3537 int ret; 3538 3539 ret = mt76_mcu_send_and_get_msg(&dev->mt76, 3540 MCU_WM_UNI_CMD_QUERY(EFUSE_CTRL), 3541 &req, sizeof(req), true, &skb); 3542 if (ret) 3543 return ret; 3544 3545 valid = le32_to_cpu(*(__le32 *)(skb->data + 16)); 3546 if (valid) { 3547 u32 addr = le32_to_cpu(*(__le32 *)(skb->data + 12)); 3548 u8 *buf = (u8 *)dev->mt76.eeprom.data + addr; 3549 3550 skb_pull(skb, 48); 3551 memcpy(buf, skb->data, MT7996_EEPROM_BLOCK_SIZE); 3552 } 3553 3554 dev_kfree_skb(skb); 3555 3556 return 0; 3557} 3558 3559int mt7996_mcu_get_eeprom_free_block(struct mt7996_dev *dev, u8 *block_num) 3560{ 3561 struct { 3562 u8 _rsv[4]; 3563 3564 __le16 tag; 3565 __le16 len; 3566 u8 num; 3567 u8 version; 3568 u8 die_idx; 3569 u8 _rsv2; 3570 } __packed req = { 3571 .tag = cpu_to_le16(UNI_EFUSE_FREE_BLOCK), 3572 .len = cpu_to_le16(sizeof(req) - 4), 3573 .version = 2, 3574 }; 3575 struct sk_buff *skb; 3576 int ret; 3577 3578 ret = mt76_mcu_send_and_get_msg(&dev->mt76, MCU_WM_UNI_CMD_QUERY(EFUSE_CTRL), &req, 3579 sizeof(req), true, &skb); 3580 if (ret) 3581 return ret; 3582 3583 *block_num = *(u8 *)(skb->data + 8); 3584 dev_kfree_skb(skb); 3585 3586 return 0; 3587} 3588 3589int mt7996_mcu_get_chip_config(struct mt7996_dev *dev, u32 *cap) 3590{ 3591#define NIC_CAP 3 3592#define UNI_EVENT_CHIP_CONFIG_EFUSE_VERSION 0x21 3593 struct { 3594 u8 _rsv[4]; 3595 3596 __le16 tag; 3597 __le16 len; 3598 } __packed req = { 3599 .tag = cpu_to_le16(NIC_CAP), 3600 .len = cpu_to_le16(sizeof(req) - 4), 3601 }; 3602 struct sk_buff *skb; 3603 u8 *buf; 3604 int ret; 3605 3606 ret = mt76_mcu_send_and_get_msg(&dev->mt76, 3607 MCU_WM_UNI_CMD_QUERY(CHIP_CONFIG), &req, 3608 sizeof(req), true, &skb); 3609 if (ret) 3610 return ret; 3611 3612 /* fixed field */ 3613 skb_pull(skb, 4); 3614 3615 buf = skb->data; 3616 while (buf - skb->data < skb->len) { 3617 struct tlv *tlv = (struct tlv *)buf; 3618 3619 switch (le16_to_cpu(tlv->tag)) { 3620 case UNI_EVENT_CHIP_CONFIG_EFUSE_VERSION: 3621 *cap = le32_to_cpu(*(__le32 *)(buf + sizeof(*tlv))); 3622 break; 3623 default: 3624 break; 3625 } 3626 3627 buf += le16_to_cpu(tlv->len); 3628 } 3629 3630 dev_kfree_skb(skb); 3631 3632 return 0; 3633} 3634 3635int mt7996_mcu_get_chan_mib_info(struct mt7996_phy *phy, bool chan_switch) 3636{ 3637 struct { 3638 struct { 3639 u8 band; 3640 u8 __rsv[3]; 3641 } hdr; 3642 struct { 3643 __le16 tag; 3644 __le16 len; 3645 __le32 offs; 3646 } data[4]; 3647 } __packed req = { 3648 .hdr.band = phy->mt76->band_idx, 3649 }; 3650 /* strict order */ 3651 static const u32 offs[] = { 3652 UNI_MIB_TX_TIME, 3653 UNI_MIB_RX_TIME, 3654 UNI_MIB_OBSS_AIRTIME, 3655 UNI_MIB_NON_WIFI_TIME, 3656 }; 3657 struct mt76_channel_state *state = phy->mt76->chan_state; 3658 struct mt76_channel_state *state_ts = &phy->state_ts; 3659 struct mt7996_dev *dev = phy->dev; 3660 struct mt7996_mcu_mib *res; 3661 struct sk_buff *skb; 3662 int i, ret; 3663 3664 for (i = 0; i < 4; i++) { 3665 req.data[i].tag = cpu_to_le16(UNI_CMD_MIB_DATA); 3666 req.data[i].len = cpu_to_le16(sizeof(req.data[i])); 3667 req.data[i].offs = cpu_to_le32(offs[i]); 3668 } 3669 3670 ret = mt76_mcu_send_and_get_msg(&dev->mt76, MCU_WM_UNI_CMD_QUERY(GET_MIB_INFO), 3671 &req, sizeof(req), true, &skb); 3672 if (ret) 3673 return ret; 3674 3675 skb_pull(skb, sizeof(req.hdr)); 3676 3677 res = (struct mt7996_mcu_mib *)(skb->data); 3678 3679 if (chan_switch) 3680 goto out; 3681 3682#define __res_u64(s) le64_to_cpu(res[s].data) 3683 state->cc_tx += __res_u64(1) - state_ts->cc_tx; 3684 state->cc_bss_rx += __res_u64(2) - state_ts->cc_bss_rx; 3685 state->cc_rx += __res_u64(2) + __res_u64(3) - state_ts->cc_rx; 3686 state->cc_busy += __res_u64(0) + __res_u64(1) + __res_u64(2) + __res_u64(3) - 3687 state_ts->cc_busy; 3688 3689out: 3690 state_ts->cc_tx = __res_u64(1); 3691 state_ts->cc_bss_rx = __res_u64(2); 3692 state_ts->cc_rx = __res_u64(2) + __res_u64(3); 3693 state_ts->cc_busy = __res_u64(0) + __res_u64(1) + __res_u64(2) + __res_u64(3); 3694#undef __res_u64 3695 3696 dev_kfree_skb(skb); 3697 3698 return 0; 3699} 3700 3701int mt7996_mcu_get_temperature(struct mt7996_phy *phy) 3702{ 3703#define TEMPERATURE_QUERY 0 3704#define GET_TEMPERATURE 0 3705 struct { 3706 u8 _rsv[4]; 3707 3708 __le16 tag; 3709 __le16 len; 3710 3711 u8 rsv1; 3712 u8 action; 3713 u8 band_idx; 3714 u8 rsv2; 3715 } req = { 3716 .tag = cpu_to_le16(TEMPERATURE_QUERY), 3717 .len = cpu_to_le16(sizeof(req) - 4), 3718 .action = GET_TEMPERATURE, 3719 .band_idx = phy->mt76->band_idx, 3720 }; 3721 struct mt7996_mcu_thermal { 3722 u8 _rsv[4]; 3723 3724 __le16 tag; 3725 __le16 len; 3726 3727 __le32 rsv; 3728 __le32 temperature; 3729 } __packed * res; 3730 struct sk_buff *skb; 3731 int ret; 3732 3733 ret = mt76_mcu_send_and_get_msg(&phy->dev->mt76, MCU_WM_UNI_CMD(THERMAL), 3734 &req, sizeof(req), true, &skb); 3735 if (ret) 3736 return ret; 3737 3738 res = (void *)skb->data; 3739 3740 return le32_to_cpu(res->temperature); 3741} 3742 3743int mt7996_mcu_set_thermal_throttling(struct mt7996_phy *phy, u8 state) 3744{ 3745 struct { 3746 u8 _rsv[4]; 3747 3748 __le16 tag; 3749 __le16 len; 3750 3751 struct mt7996_mcu_thermal_ctrl ctrl; 3752 } __packed req = { 3753 .tag = cpu_to_le16(UNI_CMD_THERMAL_PROTECT_DUTY_CONFIG), 3754 .len = cpu_to_le16(sizeof(req) - 4), 3755 .ctrl = { 3756 .band_idx = phy->mt76->band_idx, 3757 }, 3758 }; 3759 int level, ret; 3760 3761 /* set duty cycle and level */ 3762 for (level = 0; level < 4; level++) { 3763 req.ctrl.duty.duty_level = level; 3764 req.ctrl.duty.duty_cycle = state; 3765 state /= 2; 3766 3767 ret = mt76_mcu_send_msg(&phy->dev->mt76, MCU_WM_UNI_CMD(THERMAL), 3768 &req, sizeof(req), false); 3769 if (ret) 3770 return ret; 3771 } 3772 3773 return 0; 3774} 3775 3776int mt7996_mcu_set_thermal_protect(struct mt7996_phy *phy, bool enable) 3777{ 3778#define SUSTAIN_PERIOD 10 3779 struct { 3780 u8 _rsv[4]; 3781 3782 __le16 tag; 3783 __le16 len; 3784 3785 struct mt7996_mcu_thermal_ctrl ctrl; 3786 struct mt7996_mcu_thermal_enable enable; 3787 } __packed req = { 3788 .len = cpu_to_le16(sizeof(req) - 4 - sizeof(req.enable)), 3789 .ctrl = { 3790 .band_idx = phy->mt76->band_idx, 3791 .type.protect_type = 1, 3792 .type.trigger_type = 1, 3793 }, 3794 }; 3795 int ret; 3796 3797 req.tag = cpu_to_le16(UNI_CMD_THERMAL_PROTECT_DISABLE); 3798 3799 ret = mt76_mcu_send_msg(&phy->dev->mt76, MCU_WM_UNI_CMD(THERMAL), 3800 &req, sizeof(req) - sizeof(req.enable), false); 3801 if (ret || !enable) 3802 return ret; 3803 3804 /* set high-temperature trigger threshold */ 3805 req.tag = cpu_to_le16(UNI_CMD_THERMAL_PROTECT_ENABLE); 3806 req.enable.restore_temp = cpu_to_le32(phy->throttle_temp[0]); 3807 req.enable.trigger_temp = cpu_to_le32(phy->throttle_temp[1]); 3808 req.enable.sustain_time = cpu_to_le16(SUSTAIN_PERIOD); 3809 3810 req.len = cpu_to_le16(sizeof(req) - 4); 3811 3812 return mt76_mcu_send_msg(&phy->dev->mt76, MCU_WM_UNI_CMD(THERMAL), 3813 &req, sizeof(req), false); 3814} 3815 3816int mt7996_mcu_set_ser(struct mt7996_dev *dev, u8 action, u8 val, u8 band) 3817{ 3818 struct { 3819 u8 rsv[4]; 3820 3821 __le16 tag; 3822 __le16 len; 3823 3824 union { 3825 struct { 3826 __le32 mask; 3827 } __packed set; 3828 3829 struct { 3830 u8 method; 3831 u8 band; 3832 u8 rsv2[2]; 3833 } __packed trigger; 3834 }; 3835 } __packed req = { 3836 .tag = cpu_to_le16(action), 3837 .len = cpu_to_le16(sizeof(req) - 4), 3838 }; 3839 3840 switch (action) { 3841 case UNI_CMD_SER_SET: 3842 req.set.mask = cpu_to_le32(val); 3843 break; 3844 case UNI_CMD_SER_TRIGGER: 3845 req.trigger.method = val; 3846 req.trigger.band = band; 3847 break; 3848 default: 3849 return -EINVAL; 3850 } 3851 3852 return mt76_mcu_send_msg(&dev->mt76, MCU_WM_UNI_CMD(SER), 3853 &req, sizeof(req), false); 3854} 3855 3856int mt7996_mcu_set_txbf(struct mt7996_dev *dev, u8 action) 3857{ 3858#define MT7996_BF_MAX_SIZE sizeof(union bf_tag_tlv) 3859#define BF_PROCESSING 4 3860 struct uni_header hdr; 3861 struct sk_buff *skb; 3862 struct tlv *tlv; 3863 int len = sizeof(hdr) + MT7996_BF_MAX_SIZE; 3864 3865 memset(&hdr, 0, sizeof(hdr)); 3866 3867 skb = mt76_mcu_msg_alloc(&dev->mt76, NULL, len); 3868 if (!skb) 3869 return -ENOMEM; 3870 3871 skb_put_data(skb, &hdr, sizeof(hdr)); 3872 3873 switch (action) { 3874 case BF_SOUNDING_ON: { 3875 struct bf_sounding_on *req_snd_on; 3876 3877 tlv = mt7996_mcu_add_uni_tlv(skb, action, sizeof(*req_snd_on)); 3878 req_snd_on = (struct bf_sounding_on *)tlv; 3879 req_snd_on->snd_mode = BF_PROCESSING; 3880 break; 3881 } 3882 case BF_HW_EN_UPDATE: { 3883 struct bf_hw_en_status_update *req_hw_en; 3884 3885 tlv = mt7996_mcu_add_uni_tlv(skb, action, sizeof(*req_hw_en)); 3886 req_hw_en = (struct bf_hw_en_status_update *)tlv; 3887 req_hw_en->ebf = true; 3888 req_hw_en->ibf = dev->ibf; 3889 break; 3890 } 3891 case BF_MOD_EN_CTRL: { 3892 struct bf_mod_en_ctrl *req_mod_en; 3893 3894 tlv = mt7996_mcu_add_uni_tlv(skb, action, sizeof(*req_mod_en)); 3895 req_mod_en = (struct bf_mod_en_ctrl *)tlv; 3896 req_mod_en->bf_num = 3; 3897 req_mod_en->bf_bitmap = GENMASK(2, 0); 3898 break; 3899 } 3900 default: 3901 return -EINVAL; 3902 } 3903 3904 return mt76_mcu_skb_send_msg(&dev->mt76, skb, MCU_WM_UNI_CMD(BF), true); 3905} 3906 3907static int 3908mt7996_mcu_enable_obss_spr(struct mt7996_phy *phy, u16 action, u8 val) 3909{ 3910 struct mt7996_dev *dev = phy->dev; 3911 struct { 3912 u8 band_idx; 3913 u8 __rsv[3]; 3914 3915 __le16 tag; 3916 __le16 len; 3917 3918 __le32 val; 3919 } __packed req = { 3920 .band_idx = phy->mt76->band_idx, 3921 .tag = cpu_to_le16(action), 3922 .len = cpu_to_le16(sizeof(req) - 4), 3923 .val = cpu_to_le32(val), 3924 }; 3925 3926 return mt76_mcu_send_msg(&dev->mt76, MCU_WM_UNI_CMD(SR), 3927 &req, sizeof(req), true); 3928} 3929 3930static int 3931mt7996_mcu_set_obss_spr_pd(struct mt7996_phy *phy, 3932 struct ieee80211_he_obss_pd *he_obss_pd) 3933{ 3934 struct mt7996_dev *dev = phy->dev; 3935 u8 max_th = 82, non_srg_max_th = 62; 3936 struct { 3937 u8 band_idx; 3938 u8 __rsv[3]; 3939 3940 __le16 tag; 3941 __le16 len; 3942 3943 u8 pd_th_non_srg; 3944 u8 pd_th_srg; 3945 u8 period_offs; 3946 u8 rcpi_src; 3947 __le16 obss_pd_min; 3948 __le16 obss_pd_min_srg; 3949 u8 resp_txpwr_mode; 3950 u8 txpwr_restrict_mode; 3951 u8 txpwr_ref; 3952 u8 __rsv2[3]; 3953 } __packed req = { 3954 .band_idx = phy->mt76->band_idx, 3955 .tag = cpu_to_le16(UNI_CMD_SR_SET_PARAM), 3956 .len = cpu_to_le16(sizeof(req) - 4), 3957 .obss_pd_min = cpu_to_le16(max_th), 3958 .obss_pd_min_srg = cpu_to_le16(max_th), 3959 .txpwr_restrict_mode = 2, 3960 .txpwr_ref = 21 3961 }; 3962 int ret; 3963 3964 /* disable firmware dynamical PD asjustment */ 3965 ret = mt7996_mcu_enable_obss_spr(phy, UNI_CMD_SR_ENABLE_DPD, false); 3966 if (ret) 3967 return ret; 3968 3969 if (he_obss_pd->sr_ctrl & 3970 IEEE80211_HE_SPR_NON_SRG_OBSS_PD_SR_DISALLOWED) 3971 req.pd_th_non_srg = max_th; 3972 else if (he_obss_pd->sr_ctrl & IEEE80211_HE_SPR_NON_SRG_OFFSET_PRESENT) 3973 req.pd_th_non_srg = max_th - he_obss_pd->non_srg_max_offset; 3974 else 3975 req.pd_th_non_srg = non_srg_max_th; 3976 3977 if (he_obss_pd->sr_ctrl & IEEE80211_HE_SPR_SRG_INFORMATION_PRESENT) 3978 req.pd_th_srg = max_th - he_obss_pd->max_offset; 3979 3980 return mt76_mcu_send_msg(&dev->mt76, MCU_WM_UNI_CMD(SR), 3981 &req, sizeof(req), true); 3982} 3983 3984static int 3985mt7996_mcu_set_obss_spr_siga(struct mt7996_phy *phy, struct ieee80211_vif *vif, 3986 struct ieee80211_he_obss_pd *he_obss_pd) 3987{ 3988 struct mt7996_vif *mvif = (struct mt7996_vif *)vif->drv_priv; 3989 struct mt7996_dev *dev = phy->dev; 3990 u8 omac = mvif->mt76.omac_idx; 3991 struct { 3992 u8 band_idx; 3993 u8 __rsv[3]; 3994 3995 __le16 tag; 3996 __le16 len; 3997 3998 u8 omac; 3999 u8 __rsv2[3]; 4000 u8 flag[20]; 4001 } __packed req = { 4002 .band_idx = phy->mt76->band_idx, 4003 .tag = cpu_to_le16(UNI_CMD_SR_SET_SIGA), 4004 .len = cpu_to_le16(sizeof(req) - 4), 4005 .omac = omac > HW_BSSID_MAX ? omac - 12 : omac, 4006 }; 4007 int ret; 4008 4009 if (he_obss_pd->sr_ctrl & IEEE80211_HE_SPR_HESIGA_SR_VAL15_ALLOWED) 4010 req.flag[req.omac] = 0xf; 4011 else 4012 return 0; 4013 4014 /* switch to normal AP mode */ 4015 ret = mt7996_mcu_enable_obss_spr(phy, UNI_CMD_SR_ENABLE_MODE, 0); 4016 if (ret) 4017 return ret; 4018 4019 return mt76_mcu_send_msg(&dev->mt76, MCU_WM_UNI_CMD(SR), 4020 &req, sizeof(req), true); 4021} 4022 4023static int 4024mt7996_mcu_set_obss_spr_bitmap(struct mt7996_phy *phy, 4025 struct ieee80211_he_obss_pd *he_obss_pd) 4026{ 4027 struct mt7996_dev *dev = phy->dev; 4028 struct { 4029 u8 band_idx; 4030 u8 __rsv[3]; 4031 4032 __le16 tag; 4033 __le16 len; 4034 4035 __le32 color_l[2]; 4036 __le32 color_h[2]; 4037 __le32 bssid_l[2]; 4038 __le32 bssid_h[2]; 4039 } __packed req = { 4040 .band_idx = phy->mt76->band_idx, 4041 .tag = cpu_to_le16(UNI_CMD_SR_SET_SRG_BITMAP), 4042 .len = cpu_to_le16(sizeof(req) - 4), 4043 }; 4044 u32 bitmap; 4045 4046 memcpy(&bitmap, he_obss_pd->bss_color_bitmap, sizeof(bitmap)); 4047 req.color_l[req.band_idx] = cpu_to_le32(bitmap); 4048 4049 memcpy(&bitmap, he_obss_pd->bss_color_bitmap + 4, sizeof(bitmap)); 4050 req.color_h[req.band_idx] = cpu_to_le32(bitmap); 4051 4052 memcpy(&bitmap, he_obss_pd->partial_bssid_bitmap, sizeof(bitmap)); 4053 req.bssid_l[req.band_idx] = cpu_to_le32(bitmap); 4054 4055 memcpy(&bitmap, he_obss_pd->partial_bssid_bitmap + 4, sizeof(bitmap)); 4056 req.bssid_h[req.band_idx] = cpu_to_le32(bitmap); 4057 4058 return mt76_mcu_send_msg(&dev->mt76, MCU_WM_UNI_CMD(SR), &req, 4059 sizeof(req), true); 4060} 4061 4062int mt7996_mcu_add_obss_spr(struct mt7996_phy *phy, struct ieee80211_vif *vif, 4063 struct ieee80211_he_obss_pd *he_obss_pd) 4064{ 4065 int ret; 4066 4067 /* enable firmware scene detection algorithms */ 4068 ret = mt7996_mcu_enable_obss_spr(phy, UNI_CMD_SR_ENABLE_SD, 4069 sr_scene_detect); 4070 if (ret) 4071 return ret; 4072 4073 /* firmware dynamically adjusts PD threshold so skip manual control */ 4074 if (sr_scene_detect && !he_obss_pd->enable) 4075 return 0; 4076 4077 /* enable spatial reuse */ 4078 ret = mt7996_mcu_enable_obss_spr(phy, UNI_CMD_SR_ENABLE, 4079 he_obss_pd->enable); 4080 if (ret) 4081 return ret; 4082 4083 if (sr_scene_detect || !he_obss_pd->enable) 4084 return 0; 4085 4086 ret = mt7996_mcu_enable_obss_spr(phy, UNI_CMD_SR_ENABLE_TX, true); 4087 if (ret) 4088 return ret; 4089 4090 /* set SRG/non-SRG OBSS PD threshold */ 4091 ret = mt7996_mcu_set_obss_spr_pd(phy, he_obss_pd); 4092 if (ret) 4093 return ret; 4094 4095 /* Set SR prohibit */ 4096 ret = mt7996_mcu_set_obss_spr_siga(phy, vif, he_obss_pd); 4097 if (ret) 4098 return ret; 4099 4100 /* set SRG BSS color/BSSID bitmap */ 4101 return mt7996_mcu_set_obss_spr_bitmap(phy, he_obss_pd); 4102} 4103 4104int mt7996_mcu_update_bss_color(struct mt7996_dev *dev, struct ieee80211_vif *vif, 4105 struct cfg80211_he_bss_color *he_bss_color) 4106{ 4107 int len = sizeof(struct bss_req_hdr) + sizeof(struct bss_color_tlv); 4108 struct mt7996_vif *mvif = (struct mt7996_vif *)vif->drv_priv; 4109 struct bss_color_tlv *bss_color; 4110 struct sk_buff *skb; 4111 struct tlv *tlv; 4112 4113 skb = __mt7996_mcu_alloc_bss_req(&dev->mt76, &mvif->mt76, len); 4114 if (IS_ERR(skb)) 4115 return PTR_ERR(skb); 4116 4117 tlv = mt76_connac_mcu_add_tlv(skb, UNI_BSS_INFO_BSS_COLOR, 4118 sizeof(*bss_color)); 4119 bss_color = (struct bss_color_tlv *)tlv; 4120 bss_color->enable = he_bss_color->enabled; 4121 bss_color->color = he_bss_color->color; 4122 4123 return mt76_mcu_skb_send_msg(&dev->mt76, skb, 4124 MCU_WMWA_UNI_CMD(BSS_INFO_UPDATE), true); 4125} 4126 4127#define TWT_AGRT_TRIGGER BIT(0) 4128#define TWT_AGRT_ANNOUNCE BIT(1) 4129#define TWT_AGRT_PROTECT BIT(2) 4130 4131int mt7996_mcu_twt_agrt_update(struct mt7996_dev *dev, 4132 struct mt7996_vif *mvif, 4133 struct mt7996_twt_flow *flow, 4134 int cmd) 4135{ 4136 struct { 4137 /* fixed field */ 4138 u8 bss; 4139 u8 _rsv[3]; 4140 4141 __le16 tag; 4142 __le16 len; 4143 u8 tbl_idx; 4144 u8 cmd; 4145 u8 own_mac_idx; 4146 u8 flowid; /* 0xff for group id */ 4147 __le16 peer_id; /* specify the peer_id (msb=0) 4148 * or group_id (msb=1) 4149 */ 4150 u8 duration; /* 256 us */ 4151 u8 bss_idx; 4152 __le64 start_tsf; 4153 __le16 mantissa; 4154 u8 exponent; 4155 u8 is_ap; 4156 u8 agrt_params; 4157 u8 __rsv2[23]; 4158 } __packed req = { 4159 .tag = cpu_to_le16(UNI_CMD_TWT_ARGT_UPDATE), 4160 .len = cpu_to_le16(sizeof(req) - 4), 4161 .tbl_idx = flow->table_id, 4162 .cmd = cmd, 4163 .own_mac_idx = mvif->mt76.omac_idx, 4164 .flowid = flow->id, 4165 .peer_id = cpu_to_le16(flow->wcid), 4166 .duration = flow->duration, 4167 .bss = mvif->mt76.idx, 4168 .bss_idx = mvif->mt76.idx, 4169 .start_tsf = cpu_to_le64(flow->tsf), 4170 .mantissa = flow->mantissa, 4171 .exponent = flow->exp, 4172 .is_ap = true, 4173 }; 4174 4175 if (flow->protection) 4176 req.agrt_params |= TWT_AGRT_PROTECT; 4177 if (!flow->flowtype) 4178 req.agrt_params |= TWT_AGRT_ANNOUNCE; 4179 if (flow->trigger) 4180 req.agrt_params |= TWT_AGRT_TRIGGER; 4181 4182 return mt76_mcu_send_msg(&dev->mt76, MCU_WM_UNI_CMD(TWT), 4183 &req, sizeof(req), true); 4184} 4185 4186int mt7996_mcu_set_rts_thresh(struct mt7996_phy *phy, u32 val) 4187{ 4188 struct { 4189 u8 band_idx; 4190 u8 _rsv[3]; 4191 4192 __le16 tag; 4193 __le16 len; 4194 __le32 len_thresh; 4195 __le32 pkt_thresh; 4196 } __packed req = { 4197 .band_idx = phy->mt76->band_idx, 4198 .tag = cpu_to_le16(UNI_BAND_CONFIG_RTS_THRESHOLD), 4199 .len = cpu_to_le16(sizeof(req) - 4), 4200 .len_thresh = cpu_to_le32(val), 4201 .pkt_thresh = cpu_to_le32(0x2), 4202 }; 4203 4204 return mt76_mcu_send_msg(&phy->dev->mt76, MCU_WM_UNI_CMD(BAND_CONFIG), 4205 &req, sizeof(req), true); 4206} 4207 4208int mt7996_mcu_set_radio_en(struct mt7996_phy *phy, bool enable) 4209{ 4210 struct { 4211 u8 band_idx; 4212 u8 _rsv[3]; 4213 4214 __le16 tag; 4215 __le16 len; 4216 u8 enable; 4217 u8 _rsv2[3]; 4218 } __packed req = { 4219 .band_idx = phy->mt76->band_idx, 4220 .tag = cpu_to_le16(UNI_BAND_CONFIG_RADIO_ENABLE), 4221 .len = cpu_to_le16(sizeof(req) - 4), 4222 .enable = enable, 4223 }; 4224 4225 return mt76_mcu_send_msg(&phy->dev->mt76, MCU_WM_UNI_CMD(BAND_CONFIG), 4226 &req, sizeof(req), true); 4227} 4228 4229int mt7996_mcu_rdd_cmd(struct mt7996_dev *dev, int cmd, u8 index, 4230 u8 rx_sel, u8 val) 4231{ 4232 struct { 4233 u8 _rsv[4]; 4234 4235 __le16 tag; 4236 __le16 len; 4237 4238 u8 ctrl; 4239 u8 rdd_idx; 4240 u8 rdd_rx_sel; 4241 u8 val; 4242 u8 rsv[4]; 4243 } __packed req = { 4244 .tag = cpu_to_le16(UNI_RDD_CTRL_PARM), 4245 .len = cpu_to_le16(sizeof(req) - 4), 4246 .ctrl = cmd, 4247 .rdd_idx = index, 4248 .rdd_rx_sel = rx_sel, 4249 .val = val, 4250 }; 4251 4252 return mt76_mcu_send_msg(&dev->mt76, MCU_WM_UNI_CMD(RDD_CTRL), 4253 &req, sizeof(req), true); 4254} 4255 4256int mt7996_mcu_wtbl_update_hdr_trans(struct mt7996_dev *dev, 4257 struct ieee80211_vif *vif, 4258 struct ieee80211_sta *sta) 4259{ 4260 struct mt7996_vif *mvif = (struct mt7996_vif *)vif->drv_priv; 4261 struct mt7996_sta *msta; 4262 struct sk_buff *skb; 4263 4264 msta = sta ? (struct mt7996_sta *)sta->drv_priv : &mvif->sta; 4265 4266 skb = __mt76_connac_mcu_alloc_sta_req(&dev->mt76, &mvif->mt76, 4267 &msta->wcid, 4268 MT7996_STA_UPDATE_MAX_SIZE); 4269 if (IS_ERR(skb)) 4270 return PTR_ERR(skb); 4271 4272 /* starec hdr trans */ 4273 mt7996_mcu_sta_hdr_trans_tlv(dev, skb, vif, sta); 4274 return mt76_mcu_skb_send_msg(&dev->mt76, skb, 4275 MCU_WMWA_UNI_CMD(STA_REC_UPDATE), true); 4276} 4277 4278int mt7996_mcu_set_fixed_rate_table(struct mt7996_phy *phy, u8 table_idx, 4279 u16 rate_idx, bool beacon) 4280{ 4281#define UNI_FIXED_RATE_TABLE_SET 0 4282#define SPE_IXD_SELECT_TXD 0 4283#define SPE_IXD_SELECT_BMC_WTBL 1 4284 struct mt7996_dev *dev = phy->dev; 4285 struct fixed_rate_table_ctrl req = { 4286 .tag = cpu_to_le16(UNI_FIXED_RATE_TABLE_SET), 4287 .len = cpu_to_le16(sizeof(req) - 4), 4288 .table_idx = table_idx, 4289 .rate_idx = cpu_to_le16(rate_idx), 4290 .gi = 1, 4291 .he_ltf = 1, 4292 }; 4293 u8 band_idx = phy->mt76->band_idx; 4294 4295 if (beacon) { 4296 req.spe_idx_sel = SPE_IXD_SELECT_TXD; 4297 req.spe_idx = 24 + band_idx; 4298 phy->beacon_rate = rate_idx; 4299 } else { 4300 req.spe_idx_sel = SPE_IXD_SELECT_BMC_WTBL; 4301 } 4302 4303 return mt76_mcu_send_msg(&dev->mt76, MCU_WM_UNI_CMD(FIXED_RATE_TABLE), 4304 &req, sizeof(req), false); 4305} 4306 4307int mt7996_mcu_rf_regval(struct mt7996_dev *dev, u32 regidx, u32 *val, bool set) 4308{ 4309 struct { 4310 u8 __rsv1[4]; 4311 4312 __le16 tag; 4313 __le16 len; 4314 __le16 idx; 4315 u8 __rsv2[2]; 4316 __le32 ofs; 4317 __le32 data; 4318 } __packed *res, req = { 4319 .tag = cpu_to_le16(UNI_CMD_ACCESS_RF_REG_BASIC), 4320 .len = cpu_to_le16(sizeof(req) - 4), 4321 4322 .idx = cpu_to_le16(u32_get_bits(regidx, GENMASK(31, 24))), 4323 .ofs = cpu_to_le32(u32_get_bits(regidx, GENMASK(23, 0))), 4324 .data = set ? cpu_to_le32(*val) : 0, 4325 }; 4326 struct sk_buff *skb; 4327 int ret; 4328 4329 if (set) 4330 return mt76_mcu_send_msg(&dev->mt76, MCU_WM_UNI_CMD(REG_ACCESS), 4331 &req, sizeof(req), true); 4332 4333 ret = mt76_mcu_send_and_get_msg(&dev->mt76, 4334 MCU_WM_UNI_CMD_QUERY(REG_ACCESS), 4335 &req, sizeof(req), true, &skb); 4336 if (ret) 4337 return ret; 4338 4339 res = (void *)skb->data; 4340 *val = le32_to_cpu(res->data); 4341 dev_kfree_skb(skb); 4342 4343 return 0; 4344} 4345 4346int mt7996_mcu_trigger_assert(struct mt7996_dev *dev) 4347{ 4348 struct { 4349 __le16 tag; 4350 __le16 len; 4351 u8 enable; 4352 u8 rsv[3]; 4353 } __packed req = { 4354 .len = cpu_to_le16(sizeof(req) - 4), 4355 .enable = true, 4356 }; 4357 4358 return mt76_mcu_send_msg(&dev->mt76, MCU_WM_UNI_CMD(ASSERT_DUMP), 4359 &req, sizeof(req), false); 4360} 4361 4362int mt7996_mcu_set_rro(struct mt7996_dev *dev, u16 tag, u16 val) 4363{ 4364 struct { 4365 u8 __rsv1[4]; 4366 __le16 tag; 4367 __le16 len; 4368 union { 4369 struct { 4370 u8 type; 4371 u8 __rsv2[3]; 4372 } __packed platform_type; 4373 struct { 4374 u8 type; 4375 u8 dest; 4376 u8 __rsv2[2]; 4377 } __packed bypass_mode; 4378 struct { 4379 u8 path; 4380 u8 __rsv2[3]; 4381 } __packed txfree_path; 4382 struct { 4383 __le16 flush_one; 4384 __le16 flush_all; 4385 u8 __rsv2[4]; 4386 } __packed timeout; 4387 }; 4388 } __packed req = { 4389 .tag = cpu_to_le16(tag), 4390 .len = cpu_to_le16(sizeof(req) - 4), 4391 }; 4392 4393 switch (tag) { 4394 case UNI_RRO_SET_PLATFORM_TYPE: 4395 req.platform_type.type = val; 4396 break; 4397 case UNI_RRO_SET_BYPASS_MODE: 4398 req.bypass_mode.type = val; 4399 break; 4400 case UNI_RRO_SET_TXFREE_PATH: 4401 req.txfree_path.path = val; 4402 break; 4403 case UNI_RRO_SET_FLUSH_TIMEOUT: 4404 req.timeout.flush_one = cpu_to_le16(val); 4405 req.timeout.flush_all = cpu_to_le16(2 * val); 4406 break; 4407 default: 4408 return -EINVAL; 4409 } 4410 4411 return mt76_mcu_send_msg(&dev->mt76, MCU_WM_UNI_CMD(RRO), &req, 4412 sizeof(req), true); 4413} 4414 4415int mt7996_mcu_get_all_sta_info(struct mt7996_phy *phy, u16 tag) 4416{ 4417 struct mt7996_dev *dev = phy->dev; 4418 struct { 4419 u8 _rsv[4]; 4420 4421 __le16 tag; 4422 __le16 len; 4423 } __packed req = { 4424 .tag = cpu_to_le16(tag), 4425 .len = cpu_to_le16(sizeof(req) - 4), 4426 }; 4427 4428 return mt76_mcu_send_msg(&dev->mt76, MCU_WM_UNI_CMD(ALL_STA_INFO), 4429 &req, sizeof(req), false); 4430} 4431 4432int mt7996_mcu_wed_rro_reset_sessions(struct mt7996_dev *dev, u16 id) 4433{ 4434 struct { 4435 u8 __rsv[4]; 4436 4437 __le16 tag; 4438 __le16 len; 4439 __le16 session_id; 4440 u8 pad[4]; 4441 } __packed req = { 4442 .tag = cpu_to_le16(UNI_RRO_DEL_BA_SESSION), 4443 .len = cpu_to_le16(sizeof(req) - 4), 4444 .session_id = cpu_to_le16(id), 4445 }; 4446 4447 return mt76_mcu_send_msg(&dev->mt76, MCU_WM_UNI_CMD(RRO), &req, 4448 sizeof(req), true); 4449} 4450 4451int mt7996_mcu_set_txpower_sku(struct mt7996_phy *phy) 4452{ 4453#define TX_POWER_LIMIT_TABLE_RATE 0 4454 struct mt7996_dev *dev = phy->dev; 4455 struct mt76_phy *mphy = phy->mt76; 4456 struct ieee80211_hw *hw = mphy->hw; 4457 struct tx_power_limit_table_ctrl { 4458 u8 __rsv1[4]; 4459 4460 __le16 tag; 4461 __le16 len; 4462 u8 power_ctrl_id; 4463 u8 power_limit_type; 4464 u8 band_idx; 4465 } __packed req = { 4466 .tag = cpu_to_le16(UNI_TXPOWER_POWER_LIMIT_TABLE_CTRL), 4467 .len = cpu_to_le16(sizeof(req) + MT7996_SKU_RATE_NUM - 4), 4468 .power_ctrl_id = UNI_TXPOWER_POWER_LIMIT_TABLE_CTRL, 4469 .power_limit_type = TX_POWER_LIMIT_TABLE_RATE, 4470 .band_idx = phy->mt76->band_idx, 4471 }; 4472 struct mt76_power_limits la = {}; 4473 struct sk_buff *skb; 4474 int i, tx_power; 4475 4476 tx_power = mt7996_get_power_bound(phy, hw->conf.power_level); 4477 tx_power = mt76_get_rate_power_limits(mphy, mphy->chandef.chan, 4478 &la, tx_power); 4479 mphy->txpower_cur = tx_power; 4480 4481 skb = mt76_mcu_msg_alloc(&dev->mt76, NULL, 4482 sizeof(req) + MT7996_SKU_RATE_NUM); 4483 if (!skb) 4484 return -ENOMEM; 4485 4486 skb_put_data(skb, &req, sizeof(req)); 4487 /* cck and ofdm */ 4488 skb_put_data(skb, &la.cck, sizeof(la.cck)); 4489 skb_put_data(skb, &la.ofdm, sizeof(la.ofdm)); 4490 /* ht20 */ 4491 skb_put_data(skb, &la.mcs[0], 8); 4492 /* ht40 */ 4493 skb_put_data(skb, &la.mcs[1], 9); 4494 4495 /* vht */ 4496 for (i = 0; i < 4; i++) { 4497 skb_put_data(skb, &la.mcs[i], sizeof(la.mcs[i])); 4498 skb_put_zero(skb, 2); /* padding */ 4499 } 4500 4501 /* he */ 4502 skb_put_data(skb, &la.ru[0], sizeof(la.ru)); 4503 /* eht */ 4504 skb_put_data(skb, &la.eht[0], sizeof(la.eht)); 4505 4506 return mt76_mcu_skb_send_msg(&dev->mt76, skb, 4507 MCU_WM_UNI_CMD(TXPOWER), true); 4508} 4509