xref: /openbmc/linux/drivers/net/wireless/mediatek/mt76/mt76_connac_mcu.c (revision c765ceda78f0bd9df1217f9beaefea58ecf3865c)
1 // SPDX-License-Identifier: ISC
2 /* Copyright (C) 2020 MediaTek Inc. */
3 
4 #include <linux/firmware.h>
5 #include "mt76_connac2_mac.h"
6 #include "mt76_connac_mcu.h"
7 
8 int mt76_connac_mcu_start_firmware(struct mt76_dev *dev, u32 addr, u32 option)
9 {
10 	struct {
11 		__le32 option;
12 		__le32 addr;
13 	} req = {
14 		.option = cpu_to_le32(option),
15 		.addr = cpu_to_le32(addr),
16 	};
17 
18 	return mt76_mcu_send_msg(dev, MCU_CMD(FW_START_REQ), &req,
19 				 sizeof(req), true);
20 }
21 EXPORT_SYMBOL_GPL(mt76_connac_mcu_start_firmware);
22 
23 int mt76_connac_mcu_patch_sem_ctrl(struct mt76_dev *dev, bool get)
24 {
25 	u32 op = get ? PATCH_SEM_GET : PATCH_SEM_RELEASE;
26 	struct {
27 		__le32 op;
28 	} req = {
29 		.op = cpu_to_le32(op),
30 	};
31 
32 	return mt76_mcu_send_msg(dev, MCU_CMD(PATCH_SEM_CONTROL),
33 				 &req, sizeof(req), true);
34 }
35 EXPORT_SYMBOL_GPL(mt76_connac_mcu_patch_sem_ctrl);
36 
37 int mt76_connac_mcu_start_patch(struct mt76_dev *dev)
38 {
39 	struct {
40 		u8 check_crc;
41 		u8 reserved[3];
42 	} req = {
43 		.check_crc = 0,
44 	};
45 
46 	return mt76_mcu_send_msg(dev, MCU_CMD(PATCH_FINISH_REQ),
47 				 &req, sizeof(req), true);
48 }
49 EXPORT_SYMBOL_GPL(mt76_connac_mcu_start_patch);
50 
51 #define MCU_PATCH_ADDRESS	0x200000
52 
53 int mt76_connac_mcu_init_download(struct mt76_dev *dev, u32 addr, u32 len,
54 				  u32 mode)
55 {
56 	struct {
57 		__le32 addr;
58 		__le32 len;
59 		__le32 mode;
60 	} req = {
61 		.addr = cpu_to_le32(addr),
62 		.len = cpu_to_le32(len),
63 		.mode = cpu_to_le32(mode),
64 	};
65 	int cmd;
66 
67 	if ((!is_connac_v1(dev) && addr == MCU_PATCH_ADDRESS) ||
68 	    (is_mt7921(dev) && addr == 0x900000) ||
69 	    (is_mt7996(dev) && addr == 0x900000))
70 		cmd = MCU_CMD(PATCH_START_REQ);
71 	else
72 		cmd = MCU_CMD(TARGET_ADDRESS_LEN_REQ);
73 
74 	return mt76_mcu_send_msg(dev, cmd, &req, sizeof(req), true);
75 }
76 EXPORT_SYMBOL_GPL(mt76_connac_mcu_init_download);
77 
78 int mt76_connac_mcu_set_channel_domain(struct mt76_phy *phy)
79 {
80 	int len, i, n_max_channels, n_2ch = 0, n_5ch = 0, n_6ch = 0;
81 	struct mt76_connac_mcu_channel_domain {
82 		u8 alpha2[4]; /* regulatory_request.alpha2 */
83 		u8 bw_2g; /* BW_20_40M		0
84 			   * BW_20M		1
85 			   * BW_20_40_80M	2
86 			   * BW_20_40_80_160M	3
87 			   * BW_20_40_80_8080M	4
88 			   */
89 		u8 bw_5g;
90 		u8 bw_6g;
91 		u8 pad;
92 		u8 n_2ch;
93 		u8 n_5ch;
94 		u8 n_6ch;
95 		u8 pad2;
96 	} __packed hdr = {
97 		.bw_2g = 0,
98 		.bw_5g = 3, /* BW_20_40_80_160M */
99 		.bw_6g = 3,
100 	};
101 	struct mt76_connac_mcu_chan {
102 		__le16 hw_value;
103 		__le16 pad;
104 		__le32 flags;
105 	} __packed channel;
106 	struct mt76_dev *dev = phy->dev;
107 	struct ieee80211_channel *chan;
108 	struct sk_buff *skb;
109 
110 	n_max_channels = phy->sband_2g.sband.n_channels +
111 			 phy->sband_5g.sband.n_channels +
112 			 phy->sband_6g.sband.n_channels;
113 	len = sizeof(hdr) + n_max_channels * sizeof(channel);
114 
115 	skb = mt76_mcu_msg_alloc(dev, NULL, len);
116 	if (!skb)
117 		return -ENOMEM;
118 
119 	skb_reserve(skb, sizeof(hdr));
120 
121 	for (i = 0; i < phy->sband_2g.sband.n_channels; i++) {
122 		chan = &phy->sband_2g.sband.channels[i];
123 		if (chan->flags & IEEE80211_CHAN_DISABLED)
124 			continue;
125 
126 		channel.hw_value = cpu_to_le16(chan->hw_value);
127 		channel.flags = cpu_to_le32(chan->flags);
128 		channel.pad = 0;
129 
130 		skb_put_data(skb, &channel, sizeof(channel));
131 		n_2ch++;
132 	}
133 	for (i = 0; i < phy->sband_5g.sband.n_channels; i++) {
134 		chan = &phy->sband_5g.sband.channels[i];
135 		if (chan->flags & IEEE80211_CHAN_DISABLED)
136 			continue;
137 
138 		channel.hw_value = cpu_to_le16(chan->hw_value);
139 		channel.flags = cpu_to_le32(chan->flags);
140 		channel.pad = 0;
141 
142 		skb_put_data(skb, &channel, sizeof(channel));
143 		n_5ch++;
144 	}
145 	for (i = 0; i < phy->sband_6g.sband.n_channels; i++) {
146 		chan = &phy->sband_6g.sband.channels[i];
147 		if (chan->flags & IEEE80211_CHAN_DISABLED)
148 			continue;
149 
150 		channel.hw_value = cpu_to_le16(chan->hw_value);
151 		channel.flags = cpu_to_le32(chan->flags);
152 		channel.pad = 0;
153 
154 		skb_put_data(skb, &channel, sizeof(channel));
155 		n_6ch++;
156 	}
157 
158 	BUILD_BUG_ON(sizeof(dev->alpha2) > sizeof(hdr.alpha2));
159 	memcpy(hdr.alpha2, dev->alpha2, sizeof(dev->alpha2));
160 	hdr.n_2ch = n_2ch;
161 	hdr.n_5ch = n_5ch;
162 	hdr.n_6ch = n_6ch;
163 
164 	memcpy(__skb_push(skb, sizeof(hdr)), &hdr, sizeof(hdr));
165 
166 	return mt76_mcu_skb_send_msg(dev, skb, MCU_CE_CMD(SET_CHAN_DOMAIN),
167 				     false);
168 }
169 EXPORT_SYMBOL_GPL(mt76_connac_mcu_set_channel_domain);
170 
171 int mt76_connac_mcu_set_mac_enable(struct mt76_dev *dev, int band, bool enable,
172 				   bool hdr_trans)
173 {
174 	struct {
175 		u8 enable;
176 		u8 band;
177 		u8 rsv[2];
178 	} __packed req_mac = {
179 		.enable = enable,
180 		.band = band,
181 	};
182 
183 	return mt76_mcu_send_msg(dev, MCU_EXT_CMD(MAC_INIT_CTRL), &req_mac,
184 				 sizeof(req_mac), true);
185 }
186 EXPORT_SYMBOL_GPL(mt76_connac_mcu_set_mac_enable);
187 
188 int mt76_connac_mcu_set_vif_ps(struct mt76_dev *dev, struct ieee80211_vif *vif)
189 {
190 	struct mt76_vif *mvif = (struct mt76_vif *)vif->drv_priv;
191 	struct {
192 		u8 bss_idx;
193 		u8 ps_state; /* 0: device awake
194 			      * 1: static power save
195 			      * 2: dynamic power saving
196 			      */
197 	} req = {
198 		.bss_idx = mvif->idx,
199 		.ps_state = vif->cfg.ps ? 2 : 0,
200 	};
201 
202 	if (vif->type != NL80211_IFTYPE_STATION)
203 		return -EOPNOTSUPP;
204 
205 	return mt76_mcu_send_msg(dev, MCU_CE_CMD(SET_PS_PROFILE),
206 				 &req, sizeof(req), false);
207 }
208 EXPORT_SYMBOL_GPL(mt76_connac_mcu_set_vif_ps);
209 
210 int mt76_connac_mcu_set_rts_thresh(struct mt76_dev *dev, u32 val, u8 band)
211 {
212 	struct {
213 		u8 prot_idx;
214 		u8 band;
215 		u8 rsv[2];
216 		__le32 len_thresh;
217 		__le32 pkt_thresh;
218 	} __packed req = {
219 		.prot_idx = 1,
220 		.band = band,
221 		.len_thresh = cpu_to_le32(val),
222 		.pkt_thresh = cpu_to_le32(0x2),
223 	};
224 
225 	return mt76_mcu_send_msg(dev, MCU_EXT_CMD(PROTECT_CTRL), &req,
226 				 sizeof(req), true);
227 }
228 EXPORT_SYMBOL_GPL(mt76_connac_mcu_set_rts_thresh);
229 
230 void mt76_connac_mcu_beacon_loss_iter(void *priv, u8 *mac,
231 				      struct ieee80211_vif *vif)
232 {
233 	struct mt76_vif *mvif = (struct mt76_vif *)vif->drv_priv;
234 	struct mt76_connac_beacon_loss_event *event = priv;
235 
236 	if (mvif->idx != event->bss_idx)
237 		return;
238 
239 	if (!(vif->driver_flags & IEEE80211_VIF_BEACON_FILTER))
240 		return;
241 
242 	ieee80211_beacon_loss(vif);
243 }
244 EXPORT_SYMBOL_GPL(mt76_connac_mcu_beacon_loss_iter);
245 
246 struct tlv *
247 mt76_connac_mcu_add_nested_tlv(struct sk_buff *skb, int tag, int len,
248 			       void *sta_ntlv, void *sta_wtbl)
249 {
250 	struct sta_ntlv_hdr *ntlv_hdr = sta_ntlv;
251 	struct tlv *sta_hdr = sta_wtbl;
252 	struct tlv *ptlv, tlv = {
253 		.tag = cpu_to_le16(tag),
254 		.len = cpu_to_le16(len),
255 	};
256 	u16 ntlv;
257 
258 	ptlv = skb_put(skb, len);
259 	memcpy(ptlv, &tlv, sizeof(tlv));
260 
261 	ntlv = le16_to_cpu(ntlv_hdr->tlv_num);
262 	ntlv_hdr->tlv_num = cpu_to_le16(ntlv + 1);
263 
264 	if (sta_hdr) {
265 		len += le16_to_cpu(sta_hdr->len);
266 		sta_hdr->len = cpu_to_le16(len);
267 	}
268 
269 	return ptlv;
270 }
271 EXPORT_SYMBOL_GPL(mt76_connac_mcu_add_nested_tlv);
272 
273 struct sk_buff *
274 __mt76_connac_mcu_alloc_sta_req(struct mt76_dev *dev, struct mt76_vif *mvif,
275 				struct mt76_wcid *wcid, int len)
276 {
277 	struct sta_req_hdr hdr = {
278 		.bss_idx = mvif->idx,
279 		.muar_idx = wcid ? mvif->omac_idx : 0,
280 		.is_tlv_append = 1,
281 	};
282 	struct sk_buff *skb;
283 
284 	mt76_connac_mcu_get_wlan_idx(dev, wcid, &hdr.wlan_idx_lo,
285 				     &hdr.wlan_idx_hi);
286 	skb = mt76_mcu_msg_alloc(dev, NULL, len);
287 	if (!skb)
288 		return ERR_PTR(-ENOMEM);
289 
290 	skb_put_data(skb, &hdr, sizeof(hdr));
291 
292 	return skb;
293 }
294 EXPORT_SYMBOL_GPL(__mt76_connac_mcu_alloc_sta_req);
295 
296 struct wtbl_req_hdr *
297 mt76_connac_mcu_alloc_wtbl_req(struct mt76_dev *dev, struct mt76_wcid *wcid,
298 			       int cmd, void *sta_wtbl, struct sk_buff **skb)
299 {
300 	struct tlv *sta_hdr = sta_wtbl;
301 	struct wtbl_req_hdr hdr = {
302 		.operation = cmd,
303 	};
304 	struct sk_buff *nskb = *skb;
305 
306 	mt76_connac_mcu_get_wlan_idx(dev, wcid, &hdr.wlan_idx_lo,
307 				     &hdr.wlan_idx_hi);
308 	if (!nskb) {
309 		nskb = mt76_mcu_msg_alloc(dev, NULL,
310 					  MT76_CONNAC_WTBL_UPDATE_MAX_SIZE);
311 		if (!nskb)
312 			return ERR_PTR(-ENOMEM);
313 
314 		*skb = nskb;
315 	}
316 
317 	if (sta_hdr)
318 		le16_add_cpu(&sta_hdr->len, sizeof(hdr));
319 
320 	return skb_put_data(nskb, &hdr, sizeof(hdr));
321 }
322 EXPORT_SYMBOL_GPL(mt76_connac_mcu_alloc_wtbl_req);
323 
324 void mt76_connac_mcu_bss_omac_tlv(struct sk_buff *skb,
325 				  struct ieee80211_vif *vif)
326 {
327 	struct mt76_vif *mvif = (struct mt76_vif *)vif->drv_priv;
328 	u8 omac_idx = mvif->omac_idx;
329 	struct bss_info_omac *omac;
330 	struct tlv *tlv;
331 	u32 type = 0;
332 
333 	switch (vif->type) {
334 	case NL80211_IFTYPE_MONITOR:
335 	case NL80211_IFTYPE_MESH_POINT:
336 	case NL80211_IFTYPE_AP:
337 		if (vif->p2p)
338 			type = CONNECTION_P2P_GO;
339 		else
340 			type = CONNECTION_INFRA_AP;
341 		break;
342 	case NL80211_IFTYPE_STATION:
343 		if (vif->p2p)
344 			type = CONNECTION_P2P_GC;
345 		else
346 			type = CONNECTION_INFRA_STA;
347 		break;
348 	case NL80211_IFTYPE_ADHOC:
349 		type = CONNECTION_IBSS_ADHOC;
350 		break;
351 	default:
352 		WARN_ON(1);
353 		break;
354 	}
355 
356 	tlv = mt76_connac_mcu_add_tlv(skb, BSS_INFO_OMAC, sizeof(*omac));
357 
358 	omac = (struct bss_info_omac *)tlv;
359 	omac->conn_type = cpu_to_le32(type);
360 	omac->omac_idx = mvif->omac_idx;
361 	omac->band_idx = mvif->band_idx;
362 	omac->hw_bss_idx = omac_idx > EXT_BSSID_START ? HW_BSSID_0 : omac_idx;
363 }
364 EXPORT_SYMBOL_GPL(mt76_connac_mcu_bss_omac_tlv);
365 
366 void mt76_connac_mcu_sta_basic_tlv(struct sk_buff *skb,
367 				   struct ieee80211_vif *vif,
368 				   struct ieee80211_sta *sta,
369 				   bool enable, bool newly)
370 {
371 	struct sta_rec_basic *basic;
372 	struct tlv *tlv;
373 	int conn_type;
374 
375 	tlv = mt76_connac_mcu_add_tlv(skb, STA_REC_BASIC, sizeof(*basic));
376 
377 	basic = (struct sta_rec_basic *)tlv;
378 	basic->extra_info = cpu_to_le16(EXTRA_INFO_VER);
379 
380 	if (enable) {
381 		if (newly)
382 			basic->extra_info |= cpu_to_le16(EXTRA_INFO_NEW);
383 		basic->conn_state = CONN_STATE_PORT_SECURE;
384 	} else {
385 		basic->conn_state = CONN_STATE_DISCONNECT;
386 	}
387 
388 	if (!sta) {
389 		basic->conn_type = cpu_to_le32(CONNECTION_INFRA_BC);
390 		eth_broadcast_addr(basic->peer_addr);
391 		return;
392 	}
393 
394 	switch (vif->type) {
395 	case NL80211_IFTYPE_MESH_POINT:
396 	case NL80211_IFTYPE_AP:
397 		if (vif->p2p)
398 			conn_type = CONNECTION_P2P_GC;
399 		else
400 			conn_type = CONNECTION_INFRA_STA;
401 		basic->conn_type = cpu_to_le32(conn_type);
402 		basic->aid = cpu_to_le16(sta->aid);
403 		break;
404 	case NL80211_IFTYPE_STATION:
405 		if (vif->p2p)
406 			conn_type = CONNECTION_P2P_GO;
407 		else
408 			conn_type = CONNECTION_INFRA_AP;
409 		basic->conn_type = cpu_to_le32(conn_type);
410 		basic->aid = cpu_to_le16(vif->cfg.aid);
411 		break;
412 	case NL80211_IFTYPE_ADHOC:
413 		basic->conn_type = cpu_to_le32(CONNECTION_IBSS_ADHOC);
414 		basic->aid = cpu_to_le16(sta->aid);
415 		break;
416 	default:
417 		WARN_ON(1);
418 		break;
419 	}
420 
421 	memcpy(basic->peer_addr, sta->addr, ETH_ALEN);
422 	basic->qos = sta->wme;
423 }
424 EXPORT_SYMBOL_GPL(mt76_connac_mcu_sta_basic_tlv);
425 
426 void mt76_connac_mcu_sta_uapsd(struct sk_buff *skb, struct ieee80211_vif *vif,
427 			       struct ieee80211_sta *sta)
428 {
429 	struct sta_rec_uapsd *uapsd;
430 	struct tlv *tlv;
431 
432 	if (vif->type != NL80211_IFTYPE_AP || !sta->wme)
433 		return;
434 
435 	tlv = mt76_connac_mcu_add_tlv(skb, STA_REC_APPS, sizeof(*uapsd));
436 	uapsd = (struct sta_rec_uapsd *)tlv;
437 
438 	if (sta->uapsd_queues & IEEE80211_WMM_IE_STA_QOSINFO_AC_VO) {
439 		uapsd->dac_map |= BIT(3);
440 		uapsd->tac_map |= BIT(3);
441 	}
442 	if (sta->uapsd_queues & IEEE80211_WMM_IE_STA_QOSINFO_AC_VI) {
443 		uapsd->dac_map |= BIT(2);
444 		uapsd->tac_map |= BIT(2);
445 	}
446 	if (sta->uapsd_queues & IEEE80211_WMM_IE_STA_QOSINFO_AC_BE) {
447 		uapsd->dac_map |= BIT(1);
448 		uapsd->tac_map |= BIT(1);
449 	}
450 	if (sta->uapsd_queues & IEEE80211_WMM_IE_STA_QOSINFO_AC_BK) {
451 		uapsd->dac_map |= BIT(0);
452 		uapsd->tac_map |= BIT(0);
453 	}
454 	uapsd->max_sp = sta->max_sp;
455 }
456 EXPORT_SYMBOL_GPL(mt76_connac_mcu_sta_uapsd);
457 
458 void mt76_connac_mcu_wtbl_hdr_trans_tlv(struct sk_buff *skb,
459 					struct ieee80211_vif *vif,
460 					struct mt76_wcid *wcid,
461 					void *sta_wtbl, void *wtbl_tlv)
462 {
463 	struct wtbl_hdr_trans *htr;
464 	struct tlv *tlv;
465 
466 	tlv = mt76_connac_mcu_add_nested_tlv(skb, WTBL_HDR_TRANS,
467 					     sizeof(*htr),
468 					     wtbl_tlv, sta_wtbl);
469 	htr = (struct wtbl_hdr_trans *)tlv;
470 	htr->no_rx_trans = true;
471 
472 	if (vif->type == NL80211_IFTYPE_STATION)
473 		htr->to_ds = true;
474 	else
475 		htr->from_ds = true;
476 
477 	if (!wcid)
478 		return;
479 
480 	htr->no_rx_trans = !test_bit(MT_WCID_FLAG_HDR_TRANS, &wcid->flags);
481 	if (test_bit(MT_WCID_FLAG_4ADDR, &wcid->flags)) {
482 		htr->to_ds = true;
483 		htr->from_ds = true;
484 	}
485 }
486 EXPORT_SYMBOL_GPL(mt76_connac_mcu_wtbl_hdr_trans_tlv);
487 
488 int mt76_connac_mcu_sta_update_hdr_trans(struct mt76_dev *dev,
489 					 struct ieee80211_vif *vif,
490 					 struct mt76_wcid *wcid, int cmd)
491 {
492 	struct mt76_vif *mvif = (struct mt76_vif *)vif->drv_priv;
493 	struct wtbl_req_hdr *wtbl_hdr;
494 	struct tlv *sta_wtbl;
495 	struct sk_buff *skb;
496 
497 	skb = mt76_connac_mcu_alloc_sta_req(dev, mvif, wcid);
498 	if (IS_ERR(skb))
499 		return PTR_ERR(skb);
500 
501 	sta_wtbl = mt76_connac_mcu_add_tlv(skb, STA_REC_WTBL,
502 					   sizeof(struct tlv));
503 
504 	wtbl_hdr = mt76_connac_mcu_alloc_wtbl_req(dev, wcid, WTBL_SET,
505 						  sta_wtbl, &skb);
506 	if (IS_ERR(wtbl_hdr))
507 		return PTR_ERR(wtbl_hdr);
508 
509 	mt76_connac_mcu_wtbl_hdr_trans_tlv(skb, vif, wcid, sta_wtbl, wtbl_hdr);
510 
511 	return mt76_mcu_skb_send_msg(dev, skb, cmd, true);
512 }
513 EXPORT_SYMBOL_GPL(mt76_connac_mcu_sta_update_hdr_trans);
514 
515 int mt76_connac_mcu_wtbl_update_hdr_trans(struct mt76_dev *dev,
516 					  struct ieee80211_vif *vif,
517 					  struct ieee80211_sta *sta)
518 {
519 	struct mt76_wcid *wcid = (struct mt76_wcid *)sta->drv_priv;
520 	struct wtbl_req_hdr *wtbl_hdr;
521 	struct sk_buff *skb = NULL;
522 
523 	wtbl_hdr = mt76_connac_mcu_alloc_wtbl_req(dev, wcid, WTBL_SET, NULL,
524 						  &skb);
525 	if (IS_ERR(wtbl_hdr))
526 		return PTR_ERR(wtbl_hdr);
527 
528 	mt76_connac_mcu_wtbl_hdr_trans_tlv(skb, vif, wcid, NULL, wtbl_hdr);
529 
530 	return mt76_mcu_skb_send_msg(dev, skb, MCU_EXT_CMD(WTBL_UPDATE), true);
531 }
532 EXPORT_SYMBOL_GPL(mt76_connac_mcu_wtbl_update_hdr_trans);
533 
534 void mt76_connac_mcu_wtbl_generic_tlv(struct mt76_dev *dev,
535 				      struct sk_buff *skb,
536 				      struct ieee80211_vif *vif,
537 				      struct ieee80211_sta *sta,
538 				      void *sta_wtbl, void *wtbl_tlv)
539 {
540 	struct mt76_vif *mvif = (struct mt76_vif *)vif->drv_priv;
541 	struct wtbl_generic *generic;
542 	struct wtbl_rx *rx;
543 	struct wtbl_spe *spe;
544 	struct tlv *tlv;
545 
546 	tlv = mt76_connac_mcu_add_nested_tlv(skb, WTBL_GENERIC,
547 					     sizeof(*generic),
548 					     wtbl_tlv, sta_wtbl);
549 
550 	generic = (struct wtbl_generic *)tlv;
551 
552 	if (sta) {
553 		if (vif->type == NL80211_IFTYPE_STATION)
554 			generic->partial_aid = cpu_to_le16(vif->cfg.aid);
555 		else
556 			generic->partial_aid = cpu_to_le16(sta->aid);
557 		memcpy(generic->peer_addr, sta->addr, ETH_ALEN);
558 		generic->muar_idx = mvif->omac_idx;
559 		generic->qos = sta->wme;
560 	} else {
561 		if (!is_connac_v1(dev) && vif->type == NL80211_IFTYPE_STATION)
562 			memcpy(generic->peer_addr, vif->bss_conf.bssid,
563 			       ETH_ALEN);
564 		else
565 			eth_broadcast_addr(generic->peer_addr);
566 
567 		generic->muar_idx = 0xe;
568 	}
569 
570 	tlv = mt76_connac_mcu_add_nested_tlv(skb, WTBL_RX, sizeof(*rx),
571 					     wtbl_tlv, sta_wtbl);
572 
573 	rx = (struct wtbl_rx *)tlv;
574 	rx->rca1 = sta ? vif->type != NL80211_IFTYPE_AP : 1;
575 	rx->rca2 = 1;
576 	rx->rv = 1;
577 
578 	if (!is_connac_v1(dev))
579 		return;
580 
581 	tlv = mt76_connac_mcu_add_nested_tlv(skb, WTBL_SPE, sizeof(*spe),
582 					     wtbl_tlv, sta_wtbl);
583 	spe = (struct wtbl_spe *)tlv;
584 	spe->spe_idx = 24;
585 }
586 EXPORT_SYMBOL_GPL(mt76_connac_mcu_wtbl_generic_tlv);
587 
588 static void
589 mt76_connac_mcu_sta_amsdu_tlv(struct sk_buff *skb, struct ieee80211_sta *sta,
590 			      struct ieee80211_vif *vif)
591 {
592 	struct mt76_wcid *wcid = (struct mt76_wcid *)sta->drv_priv;
593 	struct sta_rec_amsdu *amsdu;
594 	struct tlv *tlv;
595 
596 	if (vif->type != NL80211_IFTYPE_AP &&
597 	    vif->type != NL80211_IFTYPE_STATION)
598 		return;
599 
600 	if (!sta->deflink.agg.max_amsdu_len)
601 		return;
602 
603 	tlv = mt76_connac_mcu_add_tlv(skb, STA_REC_HW_AMSDU, sizeof(*amsdu));
604 	amsdu = (struct sta_rec_amsdu *)tlv;
605 	amsdu->max_amsdu_num = 8;
606 	amsdu->amsdu_en = true;
607 	amsdu->max_mpdu_size = sta->deflink.agg.max_amsdu_len >=
608 			       IEEE80211_MAX_MPDU_LEN_VHT_7991;
609 
610 	wcid->amsdu = true;
611 }
612 
613 #define HE_PHY(p, c)	u8_get_bits(c, IEEE80211_HE_PHY_##p)
614 #define HE_MAC(m, c)	u8_get_bits(c, IEEE80211_HE_MAC_##m)
615 static void
616 mt76_connac_mcu_sta_he_tlv(struct sk_buff *skb, struct ieee80211_sta *sta)
617 {
618 	struct ieee80211_sta_he_cap *he_cap = &sta->deflink.he_cap;
619 	struct ieee80211_he_cap_elem *elem = &he_cap->he_cap_elem;
620 	struct sta_rec_he *he;
621 	struct tlv *tlv;
622 	u32 cap = 0;
623 
624 	tlv = mt76_connac_mcu_add_tlv(skb, STA_REC_HE, sizeof(*he));
625 
626 	he = (struct sta_rec_he *)tlv;
627 
628 	if (elem->mac_cap_info[0] & IEEE80211_HE_MAC_CAP0_HTC_HE)
629 		cap |= STA_REC_HE_CAP_HTC;
630 
631 	if (elem->mac_cap_info[2] & IEEE80211_HE_MAC_CAP2_BSR)
632 		cap |= STA_REC_HE_CAP_BSR;
633 
634 	if (elem->mac_cap_info[3] & IEEE80211_HE_MAC_CAP3_OMI_CONTROL)
635 		cap |= STA_REC_HE_CAP_OM;
636 
637 	if (elem->mac_cap_info[4] & IEEE80211_HE_MAC_CAP4_AMSDU_IN_AMPDU)
638 		cap |= STA_REC_HE_CAP_AMSDU_IN_AMPDU;
639 
640 	if (elem->mac_cap_info[4] & IEEE80211_HE_MAC_CAP4_BQR)
641 		cap |= STA_REC_HE_CAP_BQR;
642 
643 	if (elem->phy_cap_info[0] &
644 	    (IEEE80211_HE_PHY_CAP0_CHANNEL_WIDTH_SET_RU_MAPPING_IN_2G |
645 	     IEEE80211_HE_PHY_CAP0_CHANNEL_WIDTH_SET_RU_MAPPING_IN_5G))
646 		cap |= STA_REC_HE_CAP_BW20_RU242_SUPPORT;
647 
648 	if (elem->phy_cap_info[1] &
649 	    IEEE80211_HE_PHY_CAP1_LDPC_CODING_IN_PAYLOAD)
650 		cap |= STA_REC_HE_CAP_LDPC;
651 
652 	if (elem->phy_cap_info[1] &
653 	    IEEE80211_HE_PHY_CAP1_HE_LTF_AND_GI_FOR_HE_PPDUS_0_8US)
654 		cap |= STA_REC_HE_CAP_SU_PPDU_1LTF_8US_GI;
655 
656 	if (elem->phy_cap_info[2] &
657 	    IEEE80211_HE_PHY_CAP2_NDP_4x_LTF_AND_3_2US)
658 		cap |= STA_REC_HE_CAP_NDP_4LTF_3DOT2MS_GI;
659 
660 	if (elem->phy_cap_info[2] &
661 	    IEEE80211_HE_PHY_CAP2_STBC_TX_UNDER_80MHZ)
662 		cap |= STA_REC_HE_CAP_LE_EQ_80M_TX_STBC;
663 
664 	if (elem->phy_cap_info[2] &
665 	    IEEE80211_HE_PHY_CAP2_STBC_RX_UNDER_80MHZ)
666 		cap |= STA_REC_HE_CAP_LE_EQ_80M_RX_STBC;
667 
668 	if (elem->phy_cap_info[6] &
669 	    IEEE80211_HE_PHY_CAP6_PARTIAL_BW_EXT_RANGE)
670 		cap |= STA_REC_HE_CAP_PARTIAL_BW_EXT_RANGE;
671 
672 	if (elem->phy_cap_info[7] &
673 	    IEEE80211_HE_PHY_CAP7_HE_SU_MU_PPDU_4XLTF_AND_08_US_GI)
674 		cap |= STA_REC_HE_CAP_SU_MU_PPDU_4LTF_8US_GI;
675 
676 	if (elem->phy_cap_info[7] &
677 	    IEEE80211_HE_PHY_CAP7_STBC_TX_ABOVE_80MHZ)
678 		cap |= STA_REC_HE_CAP_GT_80M_TX_STBC;
679 
680 	if (elem->phy_cap_info[7] &
681 	    IEEE80211_HE_PHY_CAP7_STBC_RX_ABOVE_80MHZ)
682 		cap |= STA_REC_HE_CAP_GT_80M_RX_STBC;
683 
684 	if (elem->phy_cap_info[8] &
685 	    IEEE80211_HE_PHY_CAP8_HE_ER_SU_PPDU_4XLTF_AND_08_US_GI)
686 		cap |= STA_REC_HE_CAP_ER_SU_PPDU_4LTF_8US_GI;
687 
688 	if (elem->phy_cap_info[8] &
689 	    IEEE80211_HE_PHY_CAP8_HE_ER_SU_1XLTF_AND_08_US_GI)
690 		cap |= STA_REC_HE_CAP_ER_SU_PPDU_1LTF_8US_GI;
691 
692 	if (elem->phy_cap_info[9] &
693 	    IEEE80211_HE_PHY_CAP9_NON_TRIGGERED_CQI_FEEDBACK)
694 		cap |= STA_REC_HE_CAP_TRIG_CQI_FK;
695 
696 	if (elem->phy_cap_info[9] &
697 	    IEEE80211_HE_PHY_CAP9_TX_1024_QAM_LESS_THAN_242_TONE_RU)
698 		cap |= STA_REC_HE_CAP_TX_1024QAM_UNDER_RU242;
699 
700 	if (elem->phy_cap_info[9] &
701 	    IEEE80211_HE_PHY_CAP9_RX_1024_QAM_LESS_THAN_242_TONE_RU)
702 		cap |= STA_REC_HE_CAP_RX_1024QAM_UNDER_RU242;
703 
704 	he->he_cap = cpu_to_le32(cap);
705 
706 	switch (sta->deflink.bandwidth) {
707 	case IEEE80211_STA_RX_BW_160:
708 		if (elem->phy_cap_info[0] &
709 		    IEEE80211_HE_PHY_CAP0_CHANNEL_WIDTH_SET_80PLUS80_MHZ_IN_5G)
710 			he->max_nss_mcs[CMD_HE_MCS_BW8080] =
711 				he_cap->he_mcs_nss_supp.rx_mcs_80p80;
712 
713 		he->max_nss_mcs[CMD_HE_MCS_BW160] =
714 				he_cap->he_mcs_nss_supp.rx_mcs_160;
715 		fallthrough;
716 	default:
717 		he->max_nss_mcs[CMD_HE_MCS_BW80] =
718 				he_cap->he_mcs_nss_supp.rx_mcs_80;
719 		break;
720 	}
721 
722 	he->t_frame_dur =
723 		HE_MAC(CAP1_TF_MAC_PAD_DUR_MASK, elem->mac_cap_info[1]);
724 	he->max_ampdu_exp =
725 		HE_MAC(CAP3_MAX_AMPDU_LEN_EXP_MASK, elem->mac_cap_info[3]);
726 
727 	he->bw_set =
728 		HE_PHY(CAP0_CHANNEL_WIDTH_SET_MASK, elem->phy_cap_info[0]);
729 	he->device_class =
730 		HE_PHY(CAP1_DEVICE_CLASS_A, elem->phy_cap_info[1]);
731 	he->punc_pream_rx =
732 		HE_PHY(CAP1_PREAMBLE_PUNC_RX_MASK, elem->phy_cap_info[1]);
733 
734 	he->dcm_tx_mode =
735 		HE_PHY(CAP3_DCM_MAX_CONST_TX_MASK, elem->phy_cap_info[3]);
736 	he->dcm_tx_max_nss =
737 		HE_PHY(CAP3_DCM_MAX_TX_NSS_2, elem->phy_cap_info[3]);
738 	he->dcm_rx_mode =
739 		HE_PHY(CAP3_DCM_MAX_CONST_RX_MASK, elem->phy_cap_info[3]);
740 	he->dcm_rx_max_nss =
741 		HE_PHY(CAP3_DCM_MAX_RX_NSS_2, elem->phy_cap_info[3]);
742 	he->dcm_rx_max_nss =
743 		HE_PHY(CAP8_DCM_MAX_RU_MASK, elem->phy_cap_info[8]);
744 
745 	he->pkt_ext = 2;
746 }
747 
748 static void
749 mt76_connac_mcu_sta_he_tlv_v2(struct sk_buff *skb, struct ieee80211_sta *sta)
750 {
751 	struct ieee80211_sta_he_cap *he_cap = &sta->deflink.he_cap;
752 	struct ieee80211_he_cap_elem *elem = &he_cap->he_cap_elem;
753 	struct sta_rec_he_v2 *he;
754 	struct tlv *tlv;
755 
756 	tlv = mt76_connac_mcu_add_tlv(skb, STA_REC_HE_V2, sizeof(*he));
757 
758 	he = (struct sta_rec_he_v2 *)tlv;
759 	memcpy(he->he_phy_cap, elem->phy_cap_info, sizeof(he->he_phy_cap));
760 	memcpy(he->he_mac_cap, elem->mac_cap_info, sizeof(he->he_mac_cap));
761 
762 	switch (sta->deflink.bandwidth) {
763 	case IEEE80211_STA_RX_BW_160:
764 		if (elem->phy_cap_info[0] &
765 		    IEEE80211_HE_PHY_CAP0_CHANNEL_WIDTH_SET_80PLUS80_MHZ_IN_5G)
766 			he->max_nss_mcs[CMD_HE_MCS_BW8080] =
767 				he_cap->he_mcs_nss_supp.rx_mcs_80p80;
768 
769 		he->max_nss_mcs[CMD_HE_MCS_BW160] =
770 				he_cap->he_mcs_nss_supp.rx_mcs_160;
771 		fallthrough;
772 	default:
773 		he->max_nss_mcs[CMD_HE_MCS_BW80] =
774 				he_cap->he_mcs_nss_supp.rx_mcs_80;
775 		break;
776 	}
777 
778 	he->pkt_ext = IEEE80211_HE_PHY_CAP9_NOMINAL_PKT_PADDING_16US;
779 }
780 
781 static u8
782 mt76_connac_get_phy_mode_v2(struct mt76_phy *mphy, struct ieee80211_vif *vif,
783 			    enum nl80211_band band, struct ieee80211_sta *sta)
784 {
785 	struct ieee80211_sta_ht_cap *ht_cap;
786 	struct ieee80211_sta_vht_cap *vht_cap;
787 	const struct ieee80211_sta_he_cap *he_cap;
788 	u8 mode = 0;
789 
790 	if (sta) {
791 		ht_cap = &sta->deflink.ht_cap;
792 		vht_cap = &sta->deflink.vht_cap;
793 		he_cap = &sta->deflink.he_cap;
794 	} else {
795 		struct ieee80211_supported_band *sband;
796 
797 		sband = mphy->hw->wiphy->bands[band];
798 		ht_cap = &sband->ht_cap;
799 		vht_cap = &sband->vht_cap;
800 		he_cap = ieee80211_get_he_iftype_cap(sband, vif->type);
801 	}
802 
803 	if (band == NL80211_BAND_2GHZ) {
804 		mode |= PHY_TYPE_BIT_HR_DSSS | PHY_TYPE_BIT_ERP;
805 
806 		if (ht_cap->ht_supported)
807 			mode |= PHY_TYPE_BIT_HT;
808 
809 		if (he_cap && he_cap->has_he)
810 			mode |= PHY_TYPE_BIT_HE;
811 	} else if (band == NL80211_BAND_5GHZ || band == NL80211_BAND_6GHZ) {
812 		mode |= PHY_TYPE_BIT_OFDM;
813 
814 		if (ht_cap->ht_supported)
815 			mode |= PHY_TYPE_BIT_HT;
816 
817 		if (vht_cap->vht_supported)
818 			mode |= PHY_TYPE_BIT_VHT;
819 
820 		if (he_cap && he_cap->has_he)
821 			mode |= PHY_TYPE_BIT_HE;
822 	}
823 
824 	return mode;
825 }
826 
827 void mt76_connac_mcu_sta_tlv(struct mt76_phy *mphy, struct sk_buff *skb,
828 			     struct ieee80211_sta *sta,
829 			     struct ieee80211_vif *vif,
830 			     u8 rcpi, u8 sta_state)
831 {
832 	struct cfg80211_chan_def *chandef = &mphy->chandef;
833 	enum nl80211_band band = chandef->chan->band;
834 	struct mt76_dev *dev = mphy->dev;
835 	struct sta_rec_ra_info *ra_info;
836 	struct sta_rec_state *state;
837 	struct sta_rec_phy *phy;
838 	struct tlv *tlv;
839 	u16 supp_rates;
840 
841 	/* starec ht */
842 	if (sta->deflink.ht_cap.ht_supported) {
843 		struct sta_rec_ht *ht;
844 
845 		tlv = mt76_connac_mcu_add_tlv(skb, STA_REC_HT, sizeof(*ht));
846 		ht = (struct sta_rec_ht *)tlv;
847 		ht->ht_cap = cpu_to_le16(sta->deflink.ht_cap.cap);
848 	}
849 
850 	/* starec vht */
851 	if (sta->deflink.vht_cap.vht_supported) {
852 		struct sta_rec_vht *vht;
853 		int len;
854 
855 		len = is_mt7921(dev) ? sizeof(*vht) : sizeof(*vht) - 4;
856 		tlv = mt76_connac_mcu_add_tlv(skb, STA_REC_VHT, len);
857 		vht = (struct sta_rec_vht *)tlv;
858 		vht->vht_cap = cpu_to_le32(sta->deflink.vht_cap.cap);
859 		vht->vht_rx_mcs_map = sta->deflink.vht_cap.vht_mcs.rx_mcs_map;
860 		vht->vht_tx_mcs_map = sta->deflink.vht_cap.vht_mcs.tx_mcs_map;
861 	}
862 
863 	/* starec uapsd */
864 	mt76_connac_mcu_sta_uapsd(skb, vif, sta);
865 
866 	if (!is_mt7921(dev))
867 		return;
868 
869 	if (sta->deflink.ht_cap.ht_supported || sta->deflink.he_cap.has_he)
870 		mt76_connac_mcu_sta_amsdu_tlv(skb, sta, vif);
871 
872 	/* starec he */
873 	if (sta->deflink.he_cap.has_he) {
874 		mt76_connac_mcu_sta_he_tlv(skb, sta);
875 		mt76_connac_mcu_sta_he_tlv_v2(skb, sta);
876 		if (band == NL80211_BAND_6GHZ &&
877 		    sta_state == MT76_STA_INFO_STATE_ASSOC) {
878 			struct sta_rec_he_6g_capa *he_6g_capa;
879 
880 			tlv = mt76_connac_mcu_add_tlv(skb, STA_REC_HE_6G,
881 						      sizeof(*he_6g_capa));
882 			he_6g_capa = (struct sta_rec_he_6g_capa *)tlv;
883 			he_6g_capa->capa = sta->deflink.he_6ghz_capa.capa;
884 		}
885 	}
886 
887 	tlv = mt76_connac_mcu_add_tlv(skb, STA_REC_PHY, sizeof(*phy));
888 	phy = (struct sta_rec_phy *)tlv;
889 	phy->phy_type = mt76_connac_get_phy_mode_v2(mphy, vif, band, sta);
890 	phy->basic_rate = cpu_to_le16((u16)vif->bss_conf.basic_rates);
891 	phy->rcpi = rcpi;
892 	phy->ampdu = FIELD_PREP(IEEE80211_HT_AMPDU_PARM_FACTOR,
893 				sta->deflink.ht_cap.ampdu_factor) |
894 		     FIELD_PREP(IEEE80211_HT_AMPDU_PARM_DENSITY,
895 				sta->deflink.ht_cap.ampdu_density);
896 
897 	tlv = mt76_connac_mcu_add_tlv(skb, STA_REC_RA, sizeof(*ra_info));
898 	ra_info = (struct sta_rec_ra_info *)tlv;
899 
900 	supp_rates = sta->deflink.supp_rates[band];
901 	if (band == NL80211_BAND_2GHZ)
902 		supp_rates = FIELD_PREP(RA_LEGACY_OFDM, supp_rates >> 4) |
903 			     FIELD_PREP(RA_LEGACY_CCK, supp_rates & 0xf);
904 	else
905 		supp_rates = FIELD_PREP(RA_LEGACY_OFDM, supp_rates);
906 
907 	ra_info->legacy = cpu_to_le16(supp_rates);
908 
909 	if (sta->deflink.ht_cap.ht_supported)
910 		memcpy(ra_info->rx_mcs_bitmask,
911 		       sta->deflink.ht_cap.mcs.rx_mask,
912 		       HT_MCS_MASK_NUM);
913 
914 	tlv = mt76_connac_mcu_add_tlv(skb, STA_REC_STATE, sizeof(*state));
915 	state = (struct sta_rec_state *)tlv;
916 	state->state = sta_state;
917 
918 	if (sta->deflink.vht_cap.vht_supported) {
919 		state->vht_opmode = sta->deflink.bandwidth;
920 		state->vht_opmode |= (sta->deflink.rx_nss - 1) <<
921 			IEEE80211_OPMODE_NOTIF_RX_NSS_SHIFT;
922 	}
923 }
924 EXPORT_SYMBOL_GPL(mt76_connac_mcu_sta_tlv);
925 
926 void mt76_connac_mcu_wtbl_smps_tlv(struct sk_buff *skb,
927 				   struct ieee80211_sta *sta,
928 				   void *sta_wtbl, void *wtbl_tlv)
929 {
930 	struct wtbl_smps *smps;
931 	struct tlv *tlv;
932 
933 	tlv = mt76_connac_mcu_add_nested_tlv(skb, WTBL_SMPS, sizeof(*smps),
934 					     wtbl_tlv, sta_wtbl);
935 	smps = (struct wtbl_smps *)tlv;
936 	smps->smps = (sta->deflink.smps_mode == IEEE80211_SMPS_DYNAMIC);
937 }
938 EXPORT_SYMBOL_GPL(mt76_connac_mcu_wtbl_smps_tlv);
939 
940 void mt76_connac_mcu_wtbl_ht_tlv(struct mt76_dev *dev, struct sk_buff *skb,
941 				 struct ieee80211_sta *sta, void *sta_wtbl,
942 				 void *wtbl_tlv, bool ht_ldpc, bool vht_ldpc)
943 {
944 	struct wtbl_ht *ht = NULL;
945 	struct tlv *tlv;
946 	u32 flags = 0;
947 
948 	if (sta->deflink.ht_cap.ht_supported || sta->deflink.he_6ghz_capa.capa) {
949 		tlv = mt76_connac_mcu_add_nested_tlv(skb, WTBL_HT, sizeof(*ht),
950 						     wtbl_tlv, sta_wtbl);
951 		ht = (struct wtbl_ht *)tlv;
952 		ht->ldpc = ht_ldpc &&
953 			   !!(sta->deflink.ht_cap.cap & IEEE80211_HT_CAP_LDPC_CODING);
954 
955 		if (sta->deflink.ht_cap.ht_supported) {
956 			ht->af = sta->deflink.ht_cap.ampdu_factor;
957 			ht->mm = sta->deflink.ht_cap.ampdu_density;
958 		} else {
959 			ht->af = le16_get_bits(sta->deflink.he_6ghz_capa.capa,
960 					       IEEE80211_HE_6GHZ_CAP_MAX_AMPDU_LEN_EXP);
961 			ht->mm = le16_get_bits(sta->deflink.he_6ghz_capa.capa,
962 					       IEEE80211_HE_6GHZ_CAP_MIN_MPDU_START);
963 		}
964 
965 		ht->ht = true;
966 	}
967 
968 	if (sta->deflink.vht_cap.vht_supported || sta->deflink.he_6ghz_capa.capa) {
969 		struct wtbl_vht *vht;
970 		u8 af;
971 
972 		tlv = mt76_connac_mcu_add_nested_tlv(skb, WTBL_VHT,
973 						     sizeof(*vht), wtbl_tlv,
974 						     sta_wtbl);
975 		vht = (struct wtbl_vht *)tlv;
976 		vht->ldpc = vht_ldpc &&
977 			    !!(sta->deflink.vht_cap.cap & IEEE80211_VHT_CAP_RXLDPC);
978 		vht->vht = true;
979 
980 		af = FIELD_GET(IEEE80211_VHT_CAP_MAX_A_MPDU_LENGTH_EXPONENT_MASK,
981 			       sta->deflink.vht_cap.cap);
982 		if (ht)
983 			ht->af = max(ht->af, af);
984 	}
985 
986 	mt76_connac_mcu_wtbl_smps_tlv(skb, sta, sta_wtbl, wtbl_tlv);
987 
988 	if (is_connac_v1(dev) && sta->deflink.ht_cap.ht_supported) {
989 		/* sgi */
990 		u32 msk = MT_WTBL_W5_SHORT_GI_20 | MT_WTBL_W5_SHORT_GI_40 |
991 			  MT_WTBL_W5_SHORT_GI_80 | MT_WTBL_W5_SHORT_GI_160;
992 		struct wtbl_raw *raw;
993 
994 		tlv = mt76_connac_mcu_add_nested_tlv(skb, WTBL_RAW_DATA,
995 						     sizeof(*raw), wtbl_tlv,
996 						     sta_wtbl);
997 
998 		if (sta->deflink.ht_cap.cap & IEEE80211_HT_CAP_SGI_20)
999 			flags |= MT_WTBL_W5_SHORT_GI_20;
1000 		if (sta->deflink.ht_cap.cap & IEEE80211_HT_CAP_SGI_40)
1001 			flags |= MT_WTBL_W5_SHORT_GI_40;
1002 
1003 		if (sta->deflink.vht_cap.vht_supported) {
1004 			if (sta->deflink.vht_cap.cap & IEEE80211_VHT_CAP_SHORT_GI_80)
1005 				flags |= MT_WTBL_W5_SHORT_GI_80;
1006 			if (sta->deflink.vht_cap.cap & IEEE80211_VHT_CAP_SHORT_GI_160)
1007 				flags |= MT_WTBL_W5_SHORT_GI_160;
1008 		}
1009 		raw = (struct wtbl_raw *)tlv;
1010 		raw->val = cpu_to_le32(flags);
1011 		raw->msk = cpu_to_le32(~msk);
1012 		raw->wtbl_idx = 1;
1013 		raw->dw = 5;
1014 	}
1015 }
1016 EXPORT_SYMBOL_GPL(mt76_connac_mcu_wtbl_ht_tlv);
1017 
1018 int mt76_connac_mcu_sta_cmd(struct mt76_phy *phy,
1019 			    struct mt76_sta_cmd_info *info)
1020 {
1021 	struct mt76_vif *mvif = (struct mt76_vif *)info->vif->drv_priv;
1022 	struct mt76_dev *dev = phy->dev;
1023 	struct wtbl_req_hdr *wtbl_hdr;
1024 	struct tlv *sta_wtbl;
1025 	struct sk_buff *skb;
1026 
1027 	skb = mt76_connac_mcu_alloc_sta_req(dev, mvif, info->wcid);
1028 	if (IS_ERR(skb))
1029 		return PTR_ERR(skb);
1030 
1031 	if (info->sta || !info->offload_fw)
1032 		mt76_connac_mcu_sta_basic_tlv(skb, info->vif, info->sta,
1033 					      info->enable, info->newly);
1034 	if (info->sta && info->enable)
1035 		mt76_connac_mcu_sta_tlv(phy, skb, info->sta,
1036 					info->vif, info->rcpi,
1037 					info->state);
1038 
1039 	sta_wtbl = mt76_connac_mcu_add_tlv(skb, STA_REC_WTBL,
1040 					   sizeof(struct tlv));
1041 
1042 	wtbl_hdr = mt76_connac_mcu_alloc_wtbl_req(dev, info->wcid,
1043 						  WTBL_RESET_AND_SET,
1044 						  sta_wtbl, &skb);
1045 	if (IS_ERR(wtbl_hdr))
1046 		return PTR_ERR(wtbl_hdr);
1047 
1048 	if (info->enable) {
1049 		mt76_connac_mcu_wtbl_generic_tlv(dev, skb, info->vif,
1050 						 info->sta, sta_wtbl,
1051 						 wtbl_hdr);
1052 		mt76_connac_mcu_wtbl_hdr_trans_tlv(skb, info->vif, info->wcid,
1053 						   sta_wtbl, wtbl_hdr);
1054 		if (info->sta)
1055 			mt76_connac_mcu_wtbl_ht_tlv(dev, skb, info->sta,
1056 						    sta_wtbl, wtbl_hdr,
1057 						    true, true);
1058 	}
1059 
1060 	return mt76_mcu_skb_send_msg(dev, skb, info->cmd, true);
1061 }
1062 EXPORT_SYMBOL_GPL(mt76_connac_mcu_sta_cmd);
1063 
1064 void mt76_connac_mcu_wtbl_ba_tlv(struct mt76_dev *dev, struct sk_buff *skb,
1065 				 struct ieee80211_ampdu_params *params,
1066 				 bool enable, bool tx, void *sta_wtbl,
1067 				 void *wtbl_tlv)
1068 {
1069 	struct wtbl_ba *ba;
1070 	struct tlv *tlv;
1071 
1072 	tlv = mt76_connac_mcu_add_nested_tlv(skb, WTBL_BA, sizeof(*ba),
1073 					     wtbl_tlv, sta_wtbl);
1074 
1075 	ba = (struct wtbl_ba *)tlv;
1076 	ba->tid = params->tid;
1077 
1078 	if (tx) {
1079 		ba->ba_type = MT_BA_TYPE_ORIGINATOR;
1080 		ba->sn = enable ? cpu_to_le16(params->ssn) : 0;
1081 		ba->ba_winsize = enable ? cpu_to_le16(params->buf_size) : 0;
1082 		ba->ba_en = enable;
1083 	} else {
1084 		memcpy(ba->peer_addr, params->sta->addr, ETH_ALEN);
1085 		ba->ba_type = MT_BA_TYPE_RECIPIENT;
1086 		ba->rst_ba_tid = params->tid;
1087 		ba->rst_ba_sel = RST_BA_MAC_TID_MATCH;
1088 		ba->rst_ba_sb = 1;
1089 	}
1090 
1091 	if (!is_connac_v1(dev)) {
1092 		ba->ba_winsize = enable ? cpu_to_le16(params->buf_size) : 0;
1093 		return;
1094 	}
1095 
1096 	if (enable && tx) {
1097 		static const u8 ba_range[] = { 4, 8, 12, 24, 36, 48, 54, 64 };
1098 		int i;
1099 
1100 		for (i = 7; i > 0; i--) {
1101 			if (params->buf_size >= ba_range[i])
1102 				break;
1103 		}
1104 		ba->ba_winsize_idx = i;
1105 	}
1106 }
1107 EXPORT_SYMBOL_GPL(mt76_connac_mcu_wtbl_ba_tlv);
1108 
1109 int mt76_connac_mcu_uni_add_dev(struct mt76_phy *phy,
1110 				struct ieee80211_vif *vif,
1111 				struct mt76_wcid *wcid,
1112 				bool enable)
1113 {
1114 	struct mt76_vif *mvif = (struct mt76_vif *)vif->drv_priv;
1115 	struct mt76_dev *dev = phy->dev;
1116 	struct {
1117 		struct {
1118 			u8 omac_idx;
1119 			u8 band_idx;
1120 			__le16 pad;
1121 		} __packed hdr;
1122 		struct req_tlv {
1123 			__le16 tag;
1124 			__le16 len;
1125 			u8 active;
1126 			u8 pad;
1127 			u8 omac_addr[ETH_ALEN];
1128 		} __packed tlv;
1129 	} dev_req = {
1130 		.hdr = {
1131 			.omac_idx = mvif->omac_idx,
1132 			.band_idx = mvif->band_idx,
1133 		},
1134 		.tlv = {
1135 			.tag = cpu_to_le16(DEV_INFO_ACTIVE),
1136 			.len = cpu_to_le16(sizeof(struct req_tlv)),
1137 			.active = enable,
1138 		},
1139 	};
1140 	struct {
1141 		struct {
1142 			u8 bss_idx;
1143 			u8 pad[3];
1144 		} __packed hdr;
1145 		struct mt76_connac_bss_basic_tlv basic;
1146 	} basic_req = {
1147 		.hdr = {
1148 			.bss_idx = mvif->idx,
1149 		},
1150 		.basic = {
1151 			.tag = cpu_to_le16(UNI_BSS_INFO_BASIC),
1152 			.len = cpu_to_le16(sizeof(struct mt76_connac_bss_basic_tlv)),
1153 			.omac_idx = mvif->omac_idx,
1154 			.band_idx = mvif->band_idx,
1155 			.wmm_idx = mvif->wmm_idx,
1156 			.active = enable,
1157 			.bmc_tx_wlan_idx = cpu_to_le16(wcid->idx),
1158 			.sta_idx = cpu_to_le16(wcid->idx),
1159 			.conn_state = 1,
1160 		},
1161 	};
1162 	int err, idx, cmd, len;
1163 	void *data;
1164 
1165 	switch (vif->type) {
1166 	case NL80211_IFTYPE_MESH_POINT:
1167 	case NL80211_IFTYPE_MONITOR:
1168 	case NL80211_IFTYPE_AP:
1169 		basic_req.basic.conn_type = cpu_to_le32(CONNECTION_INFRA_AP);
1170 		break;
1171 	case NL80211_IFTYPE_STATION:
1172 		basic_req.basic.conn_type = cpu_to_le32(CONNECTION_INFRA_STA);
1173 		break;
1174 	case NL80211_IFTYPE_ADHOC:
1175 		basic_req.basic.conn_type = cpu_to_le32(CONNECTION_IBSS_ADHOC);
1176 		break;
1177 	default:
1178 		WARN_ON(1);
1179 		break;
1180 	}
1181 
1182 	idx = mvif->omac_idx > EXT_BSSID_START ? HW_BSSID_0 : mvif->omac_idx;
1183 	basic_req.basic.hw_bss_idx = idx;
1184 
1185 	memcpy(dev_req.tlv.omac_addr, vif->addr, ETH_ALEN);
1186 
1187 	cmd = enable ? MCU_UNI_CMD(DEV_INFO_UPDATE) : MCU_UNI_CMD(BSS_INFO_UPDATE);
1188 	data = enable ? (void *)&dev_req : (void *)&basic_req;
1189 	len = enable ? sizeof(dev_req) : sizeof(basic_req);
1190 
1191 	err = mt76_mcu_send_msg(dev, cmd, data, len, true);
1192 	if (err < 0)
1193 		return err;
1194 
1195 	cmd = enable ? MCU_UNI_CMD(BSS_INFO_UPDATE) : MCU_UNI_CMD(DEV_INFO_UPDATE);
1196 	data = enable ? (void *)&basic_req : (void *)&dev_req;
1197 	len = enable ? sizeof(basic_req) : sizeof(dev_req);
1198 
1199 	return mt76_mcu_send_msg(dev, cmd, data, len, true);
1200 }
1201 EXPORT_SYMBOL_GPL(mt76_connac_mcu_uni_add_dev);
1202 
1203 void mt76_connac_mcu_sta_ba_tlv(struct sk_buff *skb,
1204 				struct ieee80211_ampdu_params *params,
1205 				bool enable, bool tx)
1206 {
1207 	struct sta_rec_ba *ba;
1208 	struct tlv *tlv;
1209 
1210 	tlv = mt76_connac_mcu_add_tlv(skb, STA_REC_BA, sizeof(*ba));
1211 
1212 	ba = (struct sta_rec_ba *)tlv;
1213 	ba->ba_type = tx ? MT_BA_TYPE_ORIGINATOR : MT_BA_TYPE_RECIPIENT;
1214 	ba->winsize = cpu_to_le16(params->buf_size);
1215 	ba->ssn = cpu_to_le16(params->ssn);
1216 	ba->ba_en = enable << params->tid;
1217 	ba->amsdu = params->amsdu;
1218 	ba->tid = params->tid;
1219 }
1220 EXPORT_SYMBOL_GPL(mt76_connac_mcu_sta_ba_tlv);
1221 
1222 int mt76_connac_mcu_sta_wed_update(struct mt76_dev *dev, struct sk_buff *skb)
1223 {
1224 	if (!mtk_wed_device_active(&dev->mmio.wed))
1225 		return 0;
1226 
1227 	return mtk_wed_device_update_msg(&dev->mmio.wed, WED_WO_STA_REC,
1228 					 skb->data, skb->len);
1229 }
1230 EXPORT_SYMBOL_GPL(mt76_connac_mcu_sta_wed_update);
1231 
1232 int mt76_connac_mcu_sta_ba(struct mt76_dev *dev, struct mt76_vif *mvif,
1233 			   struct ieee80211_ampdu_params *params,
1234 			   int cmd, bool enable, bool tx)
1235 {
1236 	struct mt76_wcid *wcid = (struct mt76_wcid *)params->sta->drv_priv;
1237 	struct wtbl_req_hdr *wtbl_hdr;
1238 	struct tlv *sta_wtbl;
1239 	struct sk_buff *skb;
1240 	int ret;
1241 
1242 	skb = mt76_connac_mcu_alloc_sta_req(dev, mvif, wcid);
1243 	if (IS_ERR(skb))
1244 		return PTR_ERR(skb);
1245 
1246 	sta_wtbl = mt76_connac_mcu_add_tlv(skb, STA_REC_WTBL,
1247 					   sizeof(struct tlv));
1248 
1249 	wtbl_hdr = mt76_connac_mcu_alloc_wtbl_req(dev, wcid, WTBL_SET,
1250 						  sta_wtbl, &skb);
1251 	if (IS_ERR(wtbl_hdr))
1252 		return PTR_ERR(wtbl_hdr);
1253 
1254 	mt76_connac_mcu_wtbl_ba_tlv(dev, skb, params, enable, tx, sta_wtbl,
1255 				    wtbl_hdr);
1256 
1257 	ret = mt76_connac_mcu_sta_wed_update(dev, skb);
1258 	if (ret)
1259 		return ret;
1260 
1261 	ret = mt76_mcu_skb_send_msg(dev, skb, cmd, true);
1262 	if (ret)
1263 		return ret;
1264 
1265 	skb = mt76_connac_mcu_alloc_sta_req(dev, mvif, wcid);
1266 	if (IS_ERR(skb))
1267 		return PTR_ERR(skb);
1268 
1269 	mt76_connac_mcu_sta_ba_tlv(skb, params, enable, tx);
1270 
1271 	ret = mt76_connac_mcu_sta_wed_update(dev, skb);
1272 	if (ret)
1273 		return ret;
1274 
1275 	return mt76_mcu_skb_send_msg(dev, skb, cmd, true);
1276 }
1277 EXPORT_SYMBOL_GPL(mt76_connac_mcu_sta_ba);
1278 
1279 u8 mt76_connac_get_phy_mode(struct mt76_phy *phy, struct ieee80211_vif *vif,
1280 			    enum nl80211_band band, struct ieee80211_sta *sta)
1281 {
1282 	struct mt76_dev *dev = phy->dev;
1283 	const struct ieee80211_sta_he_cap *he_cap;
1284 	struct ieee80211_sta_vht_cap *vht_cap;
1285 	struct ieee80211_sta_ht_cap *ht_cap;
1286 	u8 mode = 0;
1287 
1288 	if (is_connac_v1(dev))
1289 		return 0x38;
1290 
1291 	if (sta) {
1292 		ht_cap = &sta->deflink.ht_cap;
1293 		vht_cap = &sta->deflink.vht_cap;
1294 		he_cap = &sta->deflink.he_cap;
1295 	} else {
1296 		struct ieee80211_supported_band *sband;
1297 
1298 		sband = phy->hw->wiphy->bands[band];
1299 		ht_cap = &sband->ht_cap;
1300 		vht_cap = &sband->vht_cap;
1301 		he_cap = ieee80211_get_he_iftype_cap(sband, vif->type);
1302 	}
1303 
1304 	if (band == NL80211_BAND_2GHZ) {
1305 		mode |= PHY_MODE_B | PHY_MODE_G;
1306 
1307 		if (ht_cap->ht_supported)
1308 			mode |= PHY_MODE_GN;
1309 
1310 		if (he_cap && he_cap->has_he)
1311 			mode |= PHY_MODE_AX_24G;
1312 	} else if (band == NL80211_BAND_5GHZ) {
1313 		mode |= PHY_MODE_A;
1314 
1315 		if (ht_cap->ht_supported)
1316 			mode |= PHY_MODE_AN;
1317 
1318 		if (vht_cap->vht_supported)
1319 			mode |= PHY_MODE_AC;
1320 
1321 		if (he_cap && he_cap->has_he)
1322 			mode |= PHY_MODE_AX_5G;
1323 	} else if (band == NL80211_BAND_6GHZ) {
1324 		mode |= PHY_MODE_A | PHY_MODE_AN |
1325 			PHY_MODE_AC | PHY_MODE_AX_5G;
1326 	}
1327 
1328 	return mode;
1329 }
1330 EXPORT_SYMBOL_GPL(mt76_connac_get_phy_mode);
1331 
1332 const struct ieee80211_sta_he_cap *
1333 mt76_connac_get_he_phy_cap(struct mt76_phy *phy, struct ieee80211_vif *vif)
1334 {
1335 	enum nl80211_band band = phy->chandef.chan->band;
1336 	struct ieee80211_supported_band *sband;
1337 
1338 	sband = phy->hw->wiphy->bands[band];
1339 
1340 	return ieee80211_get_he_iftype_cap(sband, vif->type);
1341 }
1342 EXPORT_SYMBOL_GPL(mt76_connac_get_he_phy_cap);
1343 
1344 #define DEFAULT_HE_PE_DURATION		4
1345 #define DEFAULT_HE_DURATION_RTS_THRES	1023
1346 static void
1347 mt76_connac_mcu_uni_bss_he_tlv(struct mt76_phy *phy, struct ieee80211_vif *vif,
1348 			       struct tlv *tlv)
1349 {
1350 	const struct ieee80211_sta_he_cap *cap;
1351 	struct bss_info_uni_he *he;
1352 
1353 	cap = mt76_connac_get_he_phy_cap(phy, vif);
1354 
1355 	he = (struct bss_info_uni_he *)tlv;
1356 	he->he_pe_duration = vif->bss_conf.htc_trig_based_pkt_ext;
1357 	if (!he->he_pe_duration)
1358 		he->he_pe_duration = DEFAULT_HE_PE_DURATION;
1359 
1360 	he->he_rts_thres = cpu_to_le16(vif->bss_conf.frame_time_rts_th);
1361 	if (!he->he_rts_thres)
1362 		he->he_rts_thres = cpu_to_le16(DEFAULT_HE_DURATION_RTS_THRES);
1363 
1364 	he->max_nss_mcs[CMD_HE_MCS_BW80] = cap->he_mcs_nss_supp.tx_mcs_80;
1365 	he->max_nss_mcs[CMD_HE_MCS_BW160] = cap->he_mcs_nss_supp.tx_mcs_160;
1366 	he->max_nss_mcs[CMD_HE_MCS_BW8080] = cap->he_mcs_nss_supp.tx_mcs_80p80;
1367 }
1368 
1369 int mt76_connac_mcu_uni_set_chctx(struct mt76_phy *phy, struct mt76_vif *mvif,
1370 				  struct ieee80211_chanctx_conf *ctx)
1371 {
1372 	struct cfg80211_chan_def *chandef = ctx ? &ctx->def : &phy->chandef;
1373 	int freq1 = chandef->center_freq1, freq2 = chandef->center_freq2;
1374 	enum nl80211_band band = chandef->chan->band;
1375 	struct mt76_dev *mdev = phy->dev;
1376 	struct {
1377 		struct {
1378 			u8 bss_idx;
1379 			u8 pad[3];
1380 		} __packed hdr;
1381 		struct rlm_tlv {
1382 			__le16 tag;
1383 			__le16 len;
1384 			u8 control_channel;
1385 			u8 center_chan;
1386 			u8 center_chan2;
1387 			u8 bw;
1388 			u8 tx_streams;
1389 			u8 rx_streams;
1390 			u8 short_st;
1391 			u8 ht_op_info;
1392 			u8 sco;
1393 			u8 band;
1394 			u8 pad[2];
1395 		} __packed rlm;
1396 	} __packed rlm_req = {
1397 		.hdr = {
1398 			.bss_idx = mvif->idx,
1399 		},
1400 		.rlm = {
1401 			.tag = cpu_to_le16(UNI_BSS_INFO_RLM),
1402 			.len = cpu_to_le16(sizeof(struct rlm_tlv)),
1403 			.control_channel = chandef->chan->hw_value,
1404 			.center_chan = ieee80211_frequency_to_channel(freq1),
1405 			.center_chan2 = ieee80211_frequency_to_channel(freq2),
1406 			.tx_streams = hweight8(phy->antenna_mask),
1407 			.ht_op_info = 4, /* set HT 40M allowed */
1408 			.rx_streams = phy->chainmask,
1409 			.short_st = true,
1410 			.band = band,
1411 		},
1412 	};
1413 
1414 	switch (chandef->width) {
1415 	case NL80211_CHAN_WIDTH_40:
1416 		rlm_req.rlm.bw = CMD_CBW_40MHZ;
1417 		break;
1418 	case NL80211_CHAN_WIDTH_80:
1419 		rlm_req.rlm.bw = CMD_CBW_80MHZ;
1420 		break;
1421 	case NL80211_CHAN_WIDTH_80P80:
1422 		rlm_req.rlm.bw = CMD_CBW_8080MHZ;
1423 		break;
1424 	case NL80211_CHAN_WIDTH_160:
1425 		rlm_req.rlm.bw = CMD_CBW_160MHZ;
1426 		break;
1427 	case NL80211_CHAN_WIDTH_5:
1428 		rlm_req.rlm.bw = CMD_CBW_5MHZ;
1429 		break;
1430 	case NL80211_CHAN_WIDTH_10:
1431 		rlm_req.rlm.bw = CMD_CBW_10MHZ;
1432 		break;
1433 	case NL80211_CHAN_WIDTH_20_NOHT:
1434 	case NL80211_CHAN_WIDTH_20:
1435 	default:
1436 		rlm_req.rlm.bw = CMD_CBW_20MHZ;
1437 		rlm_req.rlm.ht_op_info = 0;
1438 		break;
1439 	}
1440 
1441 	if (rlm_req.rlm.control_channel < rlm_req.rlm.center_chan)
1442 		rlm_req.rlm.sco = 1; /* SCA */
1443 	else if (rlm_req.rlm.control_channel > rlm_req.rlm.center_chan)
1444 		rlm_req.rlm.sco = 3; /* SCB */
1445 
1446 	return mt76_mcu_send_msg(mdev, MCU_UNI_CMD(BSS_INFO_UPDATE), &rlm_req,
1447 				 sizeof(rlm_req), true);
1448 }
1449 EXPORT_SYMBOL_GPL(mt76_connac_mcu_uni_set_chctx);
1450 
1451 int mt76_connac_mcu_uni_add_bss(struct mt76_phy *phy,
1452 				struct ieee80211_vif *vif,
1453 				struct mt76_wcid *wcid,
1454 				bool enable,
1455 				struct ieee80211_chanctx_conf *ctx)
1456 {
1457 	struct mt76_vif *mvif = (struct mt76_vif *)vif->drv_priv;
1458 	struct cfg80211_chan_def *chandef = ctx ? &ctx->def : &phy->chandef;
1459 	enum nl80211_band band = chandef->chan->band;
1460 	struct mt76_dev *mdev = phy->dev;
1461 	struct {
1462 		struct {
1463 			u8 bss_idx;
1464 			u8 pad[3];
1465 		} __packed hdr;
1466 		struct mt76_connac_bss_basic_tlv basic;
1467 		struct mt76_connac_bss_qos_tlv qos;
1468 	} basic_req = {
1469 		.hdr = {
1470 			.bss_idx = mvif->idx,
1471 		},
1472 		.basic = {
1473 			.tag = cpu_to_le16(UNI_BSS_INFO_BASIC),
1474 			.len = cpu_to_le16(sizeof(struct mt76_connac_bss_basic_tlv)),
1475 			.bcn_interval = cpu_to_le16(vif->bss_conf.beacon_int),
1476 			.dtim_period = vif->bss_conf.dtim_period,
1477 			.omac_idx = mvif->omac_idx,
1478 			.band_idx = mvif->band_idx,
1479 			.wmm_idx = mvif->wmm_idx,
1480 			.active = true, /* keep bss deactivated */
1481 			.phymode = mt76_connac_get_phy_mode(phy, vif, band, NULL),
1482 		},
1483 		.qos = {
1484 			.tag = cpu_to_le16(UNI_BSS_INFO_QBSS),
1485 			.len = cpu_to_le16(sizeof(struct mt76_connac_bss_qos_tlv)),
1486 			.qos = vif->bss_conf.qos,
1487 		},
1488 	};
1489 	int err, conn_type;
1490 	u8 idx, basic_phy;
1491 
1492 	idx = mvif->omac_idx > EXT_BSSID_START ? HW_BSSID_0 : mvif->omac_idx;
1493 	basic_req.basic.hw_bss_idx = idx;
1494 	if (band == NL80211_BAND_6GHZ)
1495 		basic_req.basic.phymode_ext = PHY_MODE_AX_6G;
1496 
1497 	basic_phy = mt76_connac_get_phy_mode_v2(phy, vif, band, NULL);
1498 	basic_req.basic.nonht_basic_phy = cpu_to_le16(basic_phy);
1499 
1500 	switch (vif->type) {
1501 	case NL80211_IFTYPE_MESH_POINT:
1502 	case NL80211_IFTYPE_AP:
1503 		if (vif->p2p)
1504 			conn_type = CONNECTION_P2P_GO;
1505 		else
1506 			conn_type = CONNECTION_INFRA_AP;
1507 		basic_req.basic.conn_type = cpu_to_le32(conn_type);
1508 		/* Fully active/deactivate BSS network in AP mode only */
1509 		basic_req.basic.active = enable;
1510 		break;
1511 	case NL80211_IFTYPE_STATION:
1512 		if (vif->p2p)
1513 			conn_type = CONNECTION_P2P_GC;
1514 		else
1515 			conn_type = CONNECTION_INFRA_STA;
1516 		basic_req.basic.conn_type = cpu_to_le32(conn_type);
1517 		break;
1518 	case NL80211_IFTYPE_ADHOC:
1519 		basic_req.basic.conn_type = cpu_to_le32(CONNECTION_IBSS_ADHOC);
1520 		break;
1521 	default:
1522 		WARN_ON(1);
1523 		break;
1524 	}
1525 
1526 	memcpy(basic_req.basic.bssid, vif->bss_conf.bssid, ETH_ALEN);
1527 	basic_req.basic.bmc_tx_wlan_idx = cpu_to_le16(wcid->idx);
1528 	basic_req.basic.sta_idx = cpu_to_le16(wcid->idx);
1529 	basic_req.basic.conn_state = !enable;
1530 
1531 	err = mt76_mcu_send_msg(mdev, MCU_UNI_CMD(BSS_INFO_UPDATE), &basic_req,
1532 				sizeof(basic_req), true);
1533 	if (err < 0)
1534 		return err;
1535 
1536 	if (vif->bss_conf.he_support) {
1537 		struct {
1538 			struct {
1539 				u8 bss_idx;
1540 				u8 pad[3];
1541 			} __packed hdr;
1542 			struct bss_info_uni_he he;
1543 			struct bss_info_uni_bss_color bss_color;
1544 		} he_req = {
1545 			.hdr = {
1546 				.bss_idx = mvif->idx,
1547 			},
1548 			.he = {
1549 				.tag = cpu_to_le16(UNI_BSS_INFO_HE_BASIC),
1550 				.len = cpu_to_le16(sizeof(struct bss_info_uni_he)),
1551 			},
1552 			.bss_color = {
1553 				.tag = cpu_to_le16(UNI_BSS_INFO_BSS_COLOR),
1554 				.len = cpu_to_le16(sizeof(struct bss_info_uni_bss_color)),
1555 				.enable = 0,
1556 				.bss_color = 0,
1557 			},
1558 		};
1559 
1560 		if (enable) {
1561 			he_req.bss_color.enable =
1562 				vif->bss_conf.he_bss_color.enabled;
1563 			he_req.bss_color.bss_color =
1564 				vif->bss_conf.he_bss_color.color;
1565 		}
1566 
1567 		mt76_connac_mcu_uni_bss_he_tlv(phy, vif,
1568 					       (struct tlv *)&he_req.he);
1569 		err = mt76_mcu_send_msg(mdev, MCU_UNI_CMD(BSS_INFO_UPDATE),
1570 					&he_req, sizeof(he_req), true);
1571 		if (err < 0)
1572 			return err;
1573 	}
1574 
1575 	return mt76_connac_mcu_uni_set_chctx(phy, mvif, ctx);
1576 }
1577 EXPORT_SYMBOL_GPL(mt76_connac_mcu_uni_add_bss);
1578 
1579 #define MT76_CONNAC_SCAN_CHANNEL_TIME		60
1580 int mt76_connac_mcu_hw_scan(struct mt76_phy *phy, struct ieee80211_vif *vif,
1581 			    struct ieee80211_scan_request *scan_req)
1582 {
1583 	struct mt76_vif *mvif = (struct mt76_vif *)vif->drv_priv;
1584 	struct cfg80211_scan_request *sreq = &scan_req->req;
1585 	int n_ssids = 0, err, i, duration;
1586 	int ext_channels_num = max_t(int, sreq->n_channels - 32, 0);
1587 	struct ieee80211_channel **scan_list = sreq->channels;
1588 	struct mt76_dev *mdev = phy->dev;
1589 	struct mt76_connac_mcu_scan_channel *chan;
1590 	struct mt76_connac_hw_scan_req *req;
1591 	struct sk_buff *skb;
1592 
1593 	if (test_bit(MT76_HW_SCANNING, &phy->state))
1594 		return -EBUSY;
1595 
1596 	skb = mt76_mcu_msg_alloc(mdev, NULL, sizeof(*req));
1597 	if (!skb)
1598 		return -ENOMEM;
1599 
1600 	set_bit(MT76_HW_SCANNING, &phy->state);
1601 	mvif->scan_seq_num = (mvif->scan_seq_num + 1) & 0x7f;
1602 
1603 	req = (struct mt76_connac_hw_scan_req *)skb_put(skb, sizeof(*req));
1604 
1605 	req->seq_num = mvif->scan_seq_num | mvif->band_idx << 7;
1606 	req->bss_idx = mvif->idx;
1607 	req->scan_type = sreq->n_ssids ? 1 : 0;
1608 	req->probe_req_num = sreq->n_ssids ? 2 : 0;
1609 	req->version = 1;
1610 
1611 	for (i = 0; i < sreq->n_ssids; i++) {
1612 		if (!sreq->ssids[i].ssid_len)
1613 			continue;
1614 
1615 		req->ssids[i].ssid_len = cpu_to_le32(sreq->ssids[i].ssid_len);
1616 		memcpy(req->ssids[i].ssid, sreq->ssids[i].ssid,
1617 		       sreq->ssids[i].ssid_len);
1618 		n_ssids++;
1619 	}
1620 	req->ssid_type = n_ssids ? BIT(2) : BIT(0);
1621 	req->ssid_type_ext = n_ssids ? BIT(0) : 0;
1622 	req->ssids_num = n_ssids;
1623 
1624 	duration = is_mt7921(phy->dev) ? 0 : MT76_CONNAC_SCAN_CHANNEL_TIME;
1625 	/* increase channel time for passive scan */
1626 	if (!sreq->n_ssids)
1627 		duration *= 2;
1628 	req->timeout_value = cpu_to_le16(sreq->n_channels * duration);
1629 	req->channel_min_dwell_time = cpu_to_le16(duration);
1630 	req->channel_dwell_time = cpu_to_le16(duration);
1631 
1632 	req->channels_num = min_t(u8, sreq->n_channels, 32);
1633 	req->ext_channels_num = min_t(u8, ext_channels_num, 32);
1634 	for (i = 0; i < req->channels_num + req->ext_channels_num; i++) {
1635 		if (i >= 32)
1636 			chan = &req->ext_channels[i - 32];
1637 		else
1638 			chan = &req->channels[i];
1639 
1640 		switch (scan_list[i]->band) {
1641 		case NL80211_BAND_2GHZ:
1642 			chan->band = 1;
1643 			break;
1644 		case NL80211_BAND_6GHZ:
1645 			chan->band = 3;
1646 			break;
1647 		default:
1648 			chan->band = 2;
1649 			break;
1650 		}
1651 		chan->channel_num = scan_list[i]->hw_value;
1652 	}
1653 	req->channel_type = sreq->n_channels ? 4 : 0;
1654 
1655 	if (sreq->ie_len > 0) {
1656 		memcpy(req->ies, sreq->ie, sreq->ie_len);
1657 		req->ies_len = cpu_to_le16(sreq->ie_len);
1658 	}
1659 
1660 	if (is_mt7921(phy->dev))
1661 		req->scan_func |= SCAN_FUNC_SPLIT_SCAN;
1662 
1663 	memcpy(req->bssid, sreq->bssid, ETH_ALEN);
1664 	if (sreq->flags & NL80211_SCAN_FLAG_RANDOM_ADDR) {
1665 		get_random_mask_addr(req->random_mac, sreq->mac_addr,
1666 				     sreq->mac_addr_mask);
1667 		req->scan_func |= SCAN_FUNC_RANDOM_MAC;
1668 	}
1669 
1670 	err = mt76_mcu_skb_send_msg(mdev, skb, MCU_CE_CMD(START_HW_SCAN),
1671 				    false);
1672 	if (err < 0)
1673 		clear_bit(MT76_HW_SCANNING, &phy->state);
1674 
1675 	return err;
1676 }
1677 EXPORT_SYMBOL_GPL(mt76_connac_mcu_hw_scan);
1678 
1679 int mt76_connac_mcu_cancel_hw_scan(struct mt76_phy *phy,
1680 				   struct ieee80211_vif *vif)
1681 {
1682 	struct mt76_vif *mvif = (struct mt76_vif *)vif->drv_priv;
1683 	struct {
1684 		u8 seq_num;
1685 		u8 is_ext_channel;
1686 		u8 rsv[2];
1687 	} __packed req = {
1688 		.seq_num = mvif->scan_seq_num,
1689 	};
1690 
1691 	if (test_and_clear_bit(MT76_HW_SCANNING, &phy->state)) {
1692 		struct cfg80211_scan_info info = {
1693 			.aborted = true,
1694 		};
1695 
1696 		ieee80211_scan_completed(phy->hw, &info);
1697 	}
1698 
1699 	return mt76_mcu_send_msg(phy->dev, MCU_CE_CMD(CANCEL_HW_SCAN),
1700 				 &req, sizeof(req), false);
1701 }
1702 EXPORT_SYMBOL_GPL(mt76_connac_mcu_cancel_hw_scan);
1703 
1704 int mt76_connac_mcu_sched_scan_req(struct mt76_phy *phy,
1705 				   struct ieee80211_vif *vif,
1706 				   struct cfg80211_sched_scan_request *sreq)
1707 {
1708 	struct mt76_vif *mvif = (struct mt76_vif *)vif->drv_priv;
1709 	struct ieee80211_channel **scan_list = sreq->channels;
1710 	struct mt76_connac_mcu_scan_channel *chan;
1711 	struct mt76_connac_sched_scan_req *req;
1712 	struct mt76_dev *mdev = phy->dev;
1713 	struct cfg80211_match_set *match;
1714 	struct cfg80211_ssid *ssid;
1715 	struct sk_buff *skb;
1716 	int i;
1717 
1718 	skb = mt76_mcu_msg_alloc(mdev, NULL, sizeof(*req) + sreq->ie_len);
1719 	if (!skb)
1720 		return -ENOMEM;
1721 
1722 	mvif->scan_seq_num = (mvif->scan_seq_num + 1) & 0x7f;
1723 
1724 	req = (struct mt76_connac_sched_scan_req *)skb_put(skb, sizeof(*req));
1725 	req->version = 1;
1726 	req->seq_num = mvif->scan_seq_num | mvif->band_idx << 7;
1727 
1728 	if (sreq->flags & NL80211_SCAN_FLAG_RANDOM_ADDR) {
1729 		u8 *addr = is_mt7663(phy->dev) ? req->mt7663.random_mac
1730 					       : req->mt7921.random_mac;
1731 
1732 		req->scan_func = 1;
1733 		get_random_mask_addr(addr, sreq->mac_addr,
1734 				     sreq->mac_addr_mask);
1735 	}
1736 	if (is_mt7921(phy->dev)) {
1737 		req->mt7921.bss_idx = mvif->idx;
1738 		req->mt7921.delay = cpu_to_le32(sreq->delay);
1739 	}
1740 
1741 	req->ssids_num = sreq->n_ssids;
1742 	for (i = 0; i < req->ssids_num; i++) {
1743 		ssid = &sreq->ssids[i];
1744 		memcpy(req->ssids[i].ssid, ssid->ssid, ssid->ssid_len);
1745 		req->ssids[i].ssid_len = cpu_to_le32(ssid->ssid_len);
1746 	}
1747 
1748 	req->match_num = sreq->n_match_sets;
1749 	for (i = 0; i < req->match_num; i++) {
1750 		match = &sreq->match_sets[i];
1751 		memcpy(req->match[i].ssid, match->ssid.ssid,
1752 		       match->ssid.ssid_len);
1753 		req->match[i].rssi_th = cpu_to_le32(match->rssi_thold);
1754 		req->match[i].ssid_len = match->ssid.ssid_len;
1755 	}
1756 
1757 	req->channel_type = sreq->n_channels ? 4 : 0;
1758 	req->channels_num = min_t(u8, sreq->n_channels, 64);
1759 	for (i = 0; i < req->channels_num; i++) {
1760 		chan = &req->channels[i];
1761 
1762 		switch (scan_list[i]->band) {
1763 		case NL80211_BAND_2GHZ:
1764 			chan->band = 1;
1765 			break;
1766 		case NL80211_BAND_6GHZ:
1767 			chan->band = 3;
1768 			break;
1769 		default:
1770 			chan->band = 2;
1771 			break;
1772 		}
1773 		chan->channel_num = scan_list[i]->hw_value;
1774 	}
1775 
1776 	req->intervals_num = sreq->n_scan_plans;
1777 	for (i = 0; i < req->intervals_num; i++)
1778 		req->intervals[i] = cpu_to_le16(sreq->scan_plans[i].interval);
1779 
1780 	if (sreq->ie_len > 0) {
1781 		req->ie_len = cpu_to_le16(sreq->ie_len);
1782 		memcpy(skb_put(skb, sreq->ie_len), sreq->ie, sreq->ie_len);
1783 	}
1784 
1785 	return mt76_mcu_skb_send_msg(mdev, skb, MCU_CE_CMD(SCHED_SCAN_REQ),
1786 				     false);
1787 }
1788 EXPORT_SYMBOL_GPL(mt76_connac_mcu_sched_scan_req);
1789 
1790 int mt76_connac_mcu_sched_scan_enable(struct mt76_phy *phy,
1791 				      struct ieee80211_vif *vif,
1792 				      bool enable)
1793 {
1794 	struct {
1795 		u8 active; /* 0: enabled 1: disabled */
1796 		u8 rsv[3];
1797 	} __packed req = {
1798 		.active = !enable,
1799 	};
1800 
1801 	if (enable)
1802 		set_bit(MT76_HW_SCHED_SCANNING, &phy->state);
1803 	else
1804 		clear_bit(MT76_HW_SCHED_SCANNING, &phy->state);
1805 
1806 	return mt76_mcu_send_msg(phy->dev, MCU_CE_CMD(SCHED_SCAN_ENABLE),
1807 				 &req, sizeof(req), false);
1808 }
1809 EXPORT_SYMBOL_GPL(mt76_connac_mcu_sched_scan_enable);
1810 
1811 int mt76_connac_mcu_chip_config(struct mt76_dev *dev)
1812 {
1813 	struct mt76_connac_config req = {
1814 		.resp_type = 0,
1815 	};
1816 
1817 	memcpy(req.data, "assert", 7);
1818 
1819 	return mt76_mcu_send_msg(dev, MCU_CE_CMD(CHIP_CONFIG),
1820 				 &req, sizeof(req), false);
1821 }
1822 EXPORT_SYMBOL_GPL(mt76_connac_mcu_chip_config);
1823 
1824 int mt76_connac_mcu_set_deep_sleep(struct mt76_dev *dev, bool enable)
1825 {
1826 	struct mt76_connac_config req = {
1827 		.resp_type = 0,
1828 	};
1829 
1830 	snprintf(req.data, sizeof(req.data), "KeepFullPwr %d", !enable);
1831 
1832 	return mt76_mcu_send_msg(dev, MCU_CE_CMD(CHIP_CONFIG),
1833 				 &req, sizeof(req), false);
1834 }
1835 EXPORT_SYMBOL_GPL(mt76_connac_mcu_set_deep_sleep);
1836 
1837 int mt76_connac_sta_state_dp(struct mt76_dev *dev,
1838 			     enum ieee80211_sta_state old_state,
1839 			     enum ieee80211_sta_state new_state)
1840 {
1841 	if ((old_state == IEEE80211_STA_ASSOC &&
1842 	     new_state == IEEE80211_STA_AUTHORIZED) ||
1843 	    (old_state == IEEE80211_STA_NONE &&
1844 	     new_state == IEEE80211_STA_NOTEXIST))
1845 		mt76_connac_mcu_set_deep_sleep(dev, true);
1846 
1847 	if ((old_state == IEEE80211_STA_NOTEXIST &&
1848 	     new_state == IEEE80211_STA_NONE) ||
1849 	    (old_state == IEEE80211_STA_AUTHORIZED &&
1850 	     new_state == IEEE80211_STA_ASSOC))
1851 		mt76_connac_mcu_set_deep_sleep(dev, false);
1852 
1853 	return 0;
1854 }
1855 EXPORT_SYMBOL_GPL(mt76_connac_sta_state_dp);
1856 
1857 void mt76_connac_mcu_coredump_event(struct mt76_dev *dev, struct sk_buff *skb,
1858 				    struct mt76_connac_coredump *coredump)
1859 {
1860 	spin_lock_bh(&dev->lock);
1861 	__skb_queue_tail(&coredump->msg_list, skb);
1862 	spin_unlock_bh(&dev->lock);
1863 
1864 	coredump->last_activity = jiffies;
1865 
1866 	queue_delayed_work(dev->wq, &coredump->work,
1867 			   MT76_CONNAC_COREDUMP_TIMEOUT);
1868 }
1869 EXPORT_SYMBOL_GPL(mt76_connac_mcu_coredump_event);
1870 
1871 static void mt76_connac_mcu_parse_tx_resource(struct mt76_dev *dev,
1872 					      struct sk_buff *skb)
1873 {
1874 	struct mt76_sdio *sdio = &dev->sdio;
1875 	struct mt76_connac_tx_resource {
1876 		__le32 version;
1877 		__le32 pse_data_quota;
1878 		__le32 pse_mcu_quota;
1879 		__le32 ple_data_quota;
1880 		__le32 ple_mcu_quota;
1881 		__le16 pse_page_size;
1882 		__le16 ple_page_size;
1883 		u8 pp_padding;
1884 		u8 pad[3];
1885 	} __packed * tx_res;
1886 
1887 	tx_res = (struct mt76_connac_tx_resource *)skb->data;
1888 	sdio->sched.pse_data_quota = le32_to_cpu(tx_res->pse_data_quota);
1889 	sdio->sched.pse_mcu_quota = le32_to_cpu(tx_res->pse_mcu_quota);
1890 	sdio->sched.ple_data_quota = le32_to_cpu(tx_res->ple_data_quota);
1891 	sdio->sched.pse_page_size = le16_to_cpu(tx_res->pse_page_size);
1892 	sdio->sched.deficit = tx_res->pp_padding;
1893 }
1894 
1895 static void mt76_connac_mcu_parse_phy_cap(struct mt76_dev *dev,
1896 					  struct sk_buff *skb)
1897 {
1898 	struct mt76_connac_phy_cap {
1899 		u8 ht;
1900 		u8 vht;
1901 		u8 _5g;
1902 		u8 max_bw;
1903 		u8 nss;
1904 		u8 dbdc;
1905 		u8 tx_ldpc;
1906 		u8 rx_ldpc;
1907 		u8 tx_stbc;
1908 		u8 rx_stbc;
1909 		u8 hw_path;
1910 		u8 he;
1911 	} __packed * cap;
1912 
1913 	enum {
1914 		WF0_24G,
1915 		WF0_5G
1916 	};
1917 
1918 	cap = (struct mt76_connac_phy_cap *)skb->data;
1919 
1920 	dev->phy.antenna_mask = BIT(cap->nss) - 1;
1921 	dev->phy.chainmask = dev->phy.antenna_mask;
1922 	dev->phy.cap.has_2ghz = cap->hw_path & BIT(WF0_24G);
1923 	dev->phy.cap.has_5ghz = cap->hw_path & BIT(WF0_5G);
1924 }
1925 
1926 int mt76_connac_mcu_get_nic_capability(struct mt76_phy *phy)
1927 {
1928 	struct mt76_connac_cap_hdr {
1929 		__le16 n_element;
1930 		u8 rsv[2];
1931 	} __packed * hdr;
1932 	struct sk_buff *skb;
1933 	int ret, i;
1934 
1935 	ret = mt76_mcu_send_and_get_msg(phy->dev, MCU_CE_CMD(GET_NIC_CAPAB),
1936 					NULL, 0, true, &skb);
1937 	if (ret)
1938 		return ret;
1939 
1940 	hdr = (struct mt76_connac_cap_hdr *)skb->data;
1941 	if (skb->len < sizeof(*hdr)) {
1942 		ret = -EINVAL;
1943 		goto out;
1944 	}
1945 
1946 	skb_pull(skb, sizeof(*hdr));
1947 
1948 	for (i = 0; i < le16_to_cpu(hdr->n_element); i++) {
1949 		struct tlv_hdr {
1950 			__le32 type;
1951 			__le32 len;
1952 		} __packed * tlv = (struct tlv_hdr *)skb->data;
1953 		int len;
1954 
1955 		if (skb->len < sizeof(*tlv))
1956 			break;
1957 
1958 		skb_pull(skb, sizeof(*tlv));
1959 
1960 		len = le32_to_cpu(tlv->len);
1961 		if (skb->len < len)
1962 			break;
1963 
1964 		switch (le32_to_cpu(tlv->type)) {
1965 		case MT_NIC_CAP_6G:
1966 			phy->cap.has_6ghz = skb->data[0];
1967 			break;
1968 		case MT_NIC_CAP_MAC_ADDR:
1969 			memcpy(phy->macaddr, (void *)skb->data, ETH_ALEN);
1970 			break;
1971 		case MT_NIC_CAP_PHY:
1972 			mt76_connac_mcu_parse_phy_cap(phy->dev, skb);
1973 			break;
1974 		case MT_NIC_CAP_TX_RESOURCE:
1975 			if (mt76_is_sdio(phy->dev))
1976 				mt76_connac_mcu_parse_tx_resource(phy->dev,
1977 								  skb);
1978 			break;
1979 		default:
1980 			break;
1981 		}
1982 		skb_pull(skb, len);
1983 	}
1984 out:
1985 	dev_kfree_skb(skb);
1986 
1987 	return ret;
1988 }
1989 EXPORT_SYMBOL_GPL(mt76_connac_mcu_get_nic_capability);
1990 
1991 static void
1992 mt76_connac_mcu_build_sku(struct mt76_dev *dev, s8 *sku,
1993 			  struct mt76_power_limits *limits,
1994 			  enum nl80211_band band)
1995 {
1996 	int max_power = is_mt7921(dev) ? 127 : 63;
1997 	int i, offset = sizeof(limits->cck);
1998 
1999 	memset(sku, max_power, MT_SKU_POWER_LIMIT);
2000 
2001 	if (band == NL80211_BAND_2GHZ) {
2002 		/* cck */
2003 		memcpy(sku, limits->cck, sizeof(limits->cck));
2004 	}
2005 
2006 	/* ofdm */
2007 	memcpy(&sku[offset], limits->ofdm, sizeof(limits->ofdm));
2008 	offset += sizeof(limits->ofdm);
2009 
2010 	/* ht */
2011 	for (i = 0; i < 2; i++) {
2012 		memcpy(&sku[offset], limits->mcs[i], 8);
2013 		offset += 8;
2014 	}
2015 	sku[offset++] = limits->mcs[0][0];
2016 
2017 	/* vht */
2018 	for (i = 0; i < ARRAY_SIZE(limits->mcs); i++) {
2019 		memcpy(&sku[offset], limits->mcs[i],
2020 		       ARRAY_SIZE(limits->mcs[i]));
2021 		offset += 12;
2022 	}
2023 
2024 	if (!is_mt7921(dev))
2025 		return;
2026 
2027 	/* he */
2028 	for (i = 0; i < ARRAY_SIZE(limits->ru); i++) {
2029 		memcpy(&sku[offset], limits->ru[i], ARRAY_SIZE(limits->ru[i]));
2030 		offset += ARRAY_SIZE(limits->ru[i]);
2031 	}
2032 }
2033 
2034 static s8 mt76_connac_get_ch_power(struct mt76_phy *phy,
2035 				   struct ieee80211_channel *chan,
2036 				   s8 target_power)
2037 {
2038 	struct mt76_dev *dev = phy->dev;
2039 	struct ieee80211_supported_band *sband;
2040 	int i;
2041 
2042 	switch (chan->band) {
2043 	case NL80211_BAND_2GHZ:
2044 		sband = &phy->sband_2g.sband;
2045 		break;
2046 	case NL80211_BAND_5GHZ:
2047 		sband = &phy->sband_5g.sband;
2048 		break;
2049 	case NL80211_BAND_6GHZ:
2050 		sband = &phy->sband_6g.sband;
2051 		break;
2052 	default:
2053 		return target_power;
2054 	}
2055 
2056 	for (i = 0; i < sband->n_channels; i++) {
2057 		struct ieee80211_channel *ch = &sband->channels[i];
2058 
2059 		if (ch->hw_value == chan->hw_value) {
2060 			if (!(ch->flags & IEEE80211_CHAN_DISABLED)) {
2061 				int power = 2 * ch->max_reg_power;
2062 
2063 				if (is_mt7663(dev) && (power > 63 || power < -64))
2064 					power = 63;
2065 				target_power = min_t(s8, power, target_power);
2066 			}
2067 			break;
2068 		}
2069 	}
2070 
2071 	return target_power;
2072 }
2073 
2074 static int
2075 mt76_connac_mcu_rate_txpower_band(struct mt76_phy *phy,
2076 				  enum nl80211_band band)
2077 {
2078 	struct mt76_dev *dev = phy->dev;
2079 	int sku_len, batch_len = is_mt7921(dev) ? 8 : 16;
2080 	static const u8 chan_list_2ghz[] = {
2081 		1, 2,  3,  4,  5,  6,  7,
2082 		8, 9, 10, 11, 12, 13, 14
2083 	};
2084 	static const u8 chan_list_5ghz[] = {
2085 		 36,  38,  40,  42,  44,  46,  48,
2086 		 50,  52,  54,  56,  58,  60,  62,
2087 		 64, 100, 102, 104, 106, 108, 110,
2088 		112, 114, 116, 118, 120, 122, 124,
2089 		126, 128, 132, 134, 136, 138, 140,
2090 		142, 144, 149, 151, 153, 155, 157,
2091 		159, 161, 165
2092 	};
2093 	static const u8 chan_list_6ghz[] = {
2094 		  1,   3,   5,   7,   9,  11,  13,
2095 		 15,  17,  19,  21,  23,  25,  27,
2096 		 29,  33,  35,  37,  39,  41,  43,
2097 		 45,  47,  49,  51,  53,  55,  57,
2098 		 59,  61,  65,  67,  69,  71,  73,
2099 		 75,  77,  79,  81,  83,  85,  87,
2100 		 89,  91,  93,  97,  99, 101, 103,
2101 		105, 107, 109, 111, 113, 115, 117,
2102 		119, 121, 123, 125, 129, 131, 133,
2103 		135, 137, 139, 141, 143, 145, 147,
2104 		149, 151, 153, 155, 157, 161, 163,
2105 		165, 167, 169, 171, 173, 175, 177,
2106 		179, 181, 183, 185, 187, 189, 193,
2107 		195, 197, 199, 201, 203, 205, 207,
2108 		209, 211, 213, 215, 217, 219, 221,
2109 		225, 227, 229, 233
2110 	};
2111 	int i, n_chan, batch_size, idx = 0, tx_power, last_ch;
2112 	struct mt76_connac_sku_tlv sku_tlbv;
2113 	struct mt76_power_limits limits;
2114 	const u8 *ch_list;
2115 
2116 	sku_len = is_mt7921(dev) ? sizeof(sku_tlbv) : sizeof(sku_tlbv) - 92;
2117 	tx_power = 2 * phy->hw->conf.power_level;
2118 	if (!tx_power)
2119 		tx_power = 127;
2120 
2121 	if (band == NL80211_BAND_2GHZ) {
2122 		n_chan = ARRAY_SIZE(chan_list_2ghz);
2123 		ch_list = chan_list_2ghz;
2124 	} else if (band == NL80211_BAND_6GHZ) {
2125 		n_chan = ARRAY_SIZE(chan_list_6ghz);
2126 		ch_list = chan_list_6ghz;
2127 	} else {
2128 		n_chan = ARRAY_SIZE(chan_list_5ghz);
2129 		ch_list = chan_list_5ghz;
2130 	}
2131 	batch_size = DIV_ROUND_UP(n_chan, batch_len);
2132 
2133 	if (phy->cap.has_6ghz)
2134 		last_ch = chan_list_6ghz[ARRAY_SIZE(chan_list_6ghz) - 1];
2135 	else if (phy->cap.has_5ghz)
2136 		last_ch = chan_list_5ghz[ARRAY_SIZE(chan_list_5ghz) - 1];
2137 	else
2138 		last_ch = chan_list_2ghz[ARRAY_SIZE(chan_list_2ghz) - 1];
2139 
2140 	for (i = 0; i < batch_size; i++) {
2141 		struct mt76_connac_tx_power_limit_tlv tx_power_tlv = {};
2142 		int j, err, msg_len, num_ch;
2143 		struct sk_buff *skb;
2144 
2145 		num_ch = i == batch_size - 1 ? n_chan % batch_len : batch_len;
2146 		msg_len = sizeof(tx_power_tlv) + num_ch * sizeof(sku_tlbv);
2147 		skb = mt76_mcu_msg_alloc(dev, NULL, msg_len);
2148 		if (!skb)
2149 			return -ENOMEM;
2150 
2151 		skb_reserve(skb, sizeof(tx_power_tlv));
2152 
2153 		BUILD_BUG_ON(sizeof(dev->alpha2) > sizeof(tx_power_tlv.alpha2));
2154 		memcpy(tx_power_tlv.alpha2, dev->alpha2, sizeof(dev->alpha2));
2155 		tx_power_tlv.n_chan = num_ch;
2156 
2157 		switch (band) {
2158 		case NL80211_BAND_2GHZ:
2159 			tx_power_tlv.band = 1;
2160 			break;
2161 		case NL80211_BAND_6GHZ:
2162 			tx_power_tlv.band = 3;
2163 			break;
2164 		default:
2165 			tx_power_tlv.band = 2;
2166 			break;
2167 		}
2168 
2169 		for (j = 0; j < num_ch; j++, idx++) {
2170 			struct ieee80211_channel chan = {
2171 				.hw_value = ch_list[idx],
2172 				.band = band,
2173 			};
2174 			s8 reg_power, sar_power;
2175 
2176 			reg_power = mt76_connac_get_ch_power(phy, &chan,
2177 							     tx_power);
2178 			sar_power = mt76_get_sar_power(phy, &chan, reg_power);
2179 
2180 			mt76_get_rate_power_limits(phy, &chan, &limits,
2181 						   sar_power);
2182 
2183 			tx_power_tlv.last_msg = ch_list[idx] == last_ch;
2184 			sku_tlbv.channel = ch_list[idx];
2185 
2186 			mt76_connac_mcu_build_sku(dev, sku_tlbv.pwr_limit,
2187 						  &limits, band);
2188 			skb_put_data(skb, &sku_tlbv, sku_len);
2189 		}
2190 		__skb_push(skb, sizeof(tx_power_tlv));
2191 		memcpy(skb->data, &tx_power_tlv, sizeof(tx_power_tlv));
2192 
2193 		err = mt76_mcu_skb_send_msg(dev, skb,
2194 					    MCU_CE_CMD(SET_RATE_TX_POWER),
2195 					    false);
2196 		if (err < 0)
2197 			return err;
2198 	}
2199 
2200 	return 0;
2201 }
2202 
2203 int mt76_connac_mcu_set_rate_txpower(struct mt76_phy *phy)
2204 {
2205 	int err;
2206 
2207 	if (phy->cap.has_2ghz) {
2208 		err = mt76_connac_mcu_rate_txpower_band(phy,
2209 							NL80211_BAND_2GHZ);
2210 		if (err < 0)
2211 			return err;
2212 	}
2213 	if (phy->cap.has_5ghz) {
2214 		err = mt76_connac_mcu_rate_txpower_band(phy,
2215 							NL80211_BAND_5GHZ);
2216 		if (err < 0)
2217 			return err;
2218 	}
2219 	if (phy->cap.has_6ghz) {
2220 		err = mt76_connac_mcu_rate_txpower_band(phy,
2221 							NL80211_BAND_6GHZ);
2222 		if (err < 0)
2223 			return err;
2224 	}
2225 
2226 	return 0;
2227 }
2228 EXPORT_SYMBOL_GPL(mt76_connac_mcu_set_rate_txpower);
2229 
2230 int mt76_connac_mcu_update_arp_filter(struct mt76_dev *dev,
2231 				      struct mt76_vif *vif,
2232 				      struct ieee80211_bss_conf *info)
2233 {
2234 	struct ieee80211_vif *mvif = container_of(info, struct ieee80211_vif,
2235 						  bss_conf);
2236 	struct sk_buff *skb;
2237 	int i, len = min_t(int, mvif->cfg.arp_addr_cnt,
2238 			   IEEE80211_BSS_ARP_ADDR_LIST_LEN);
2239 	struct {
2240 		struct {
2241 			u8 bss_idx;
2242 			u8 pad[3];
2243 		} __packed hdr;
2244 		struct mt76_connac_arpns_tlv arp;
2245 	} req_hdr = {
2246 		.hdr = {
2247 			.bss_idx = vif->idx,
2248 		},
2249 		.arp = {
2250 			.tag = cpu_to_le16(UNI_OFFLOAD_OFFLOAD_ARP),
2251 			.len = cpu_to_le16(sizeof(struct mt76_connac_arpns_tlv)),
2252 			.ips_num = len,
2253 			.mode = 2,  /* update */
2254 			.option = 1,
2255 		},
2256 	};
2257 
2258 	skb = mt76_mcu_msg_alloc(dev, NULL,
2259 				 sizeof(req_hdr) + len * sizeof(__be32));
2260 	if (!skb)
2261 		return -ENOMEM;
2262 
2263 	skb_put_data(skb, &req_hdr, sizeof(req_hdr));
2264 	for (i = 0; i < len; i++)
2265 		skb_put_data(skb, &mvif->cfg.arp_addr_list[i], sizeof(__be32));
2266 
2267 	return mt76_mcu_skb_send_msg(dev, skb, MCU_UNI_CMD(OFFLOAD), true);
2268 }
2269 EXPORT_SYMBOL_GPL(mt76_connac_mcu_update_arp_filter);
2270 
2271 int mt76_connac_mcu_set_p2p_oppps(struct ieee80211_hw *hw,
2272 				  struct ieee80211_vif *vif)
2273 {
2274 	struct mt76_vif *mvif = (struct mt76_vif *)vif->drv_priv;
2275 	int ct_window = vif->bss_conf.p2p_noa_attr.oppps_ctwindow;
2276 	struct mt76_phy *phy = hw->priv;
2277 	struct {
2278 		__le32 ct_win;
2279 		u8 bss_idx;
2280 		u8 rsv[3];
2281 	} __packed req = {
2282 		.ct_win = cpu_to_le32(ct_window),
2283 		.bss_idx = mvif->idx,
2284 	};
2285 
2286 	return mt76_mcu_send_msg(phy->dev, MCU_CE_CMD(SET_P2P_OPPPS),
2287 				 &req, sizeof(req), false);
2288 }
2289 EXPORT_SYMBOL_GPL(mt76_connac_mcu_set_p2p_oppps);
2290 
2291 #ifdef CONFIG_PM
2292 
2293 const struct wiphy_wowlan_support mt76_connac_wowlan_support = {
2294 	.flags = WIPHY_WOWLAN_MAGIC_PKT | WIPHY_WOWLAN_DISCONNECT |
2295 		 WIPHY_WOWLAN_SUPPORTS_GTK_REKEY | WIPHY_WOWLAN_NET_DETECT,
2296 	.n_patterns = 1,
2297 	.pattern_min_len = 1,
2298 	.pattern_max_len = MT76_CONNAC_WOW_PATTEN_MAX_LEN,
2299 	.max_nd_match_sets = 10,
2300 };
2301 EXPORT_SYMBOL_GPL(mt76_connac_wowlan_support);
2302 
2303 static void
2304 mt76_connac_mcu_key_iter(struct ieee80211_hw *hw,
2305 			 struct ieee80211_vif *vif,
2306 			 struct ieee80211_sta *sta,
2307 			 struct ieee80211_key_conf *key,
2308 			 void *data)
2309 {
2310 	struct mt76_connac_gtk_rekey_tlv *gtk_tlv = data;
2311 	u32 cipher;
2312 
2313 	if (key->cipher != WLAN_CIPHER_SUITE_AES_CMAC &&
2314 	    key->cipher != WLAN_CIPHER_SUITE_CCMP &&
2315 	    key->cipher != WLAN_CIPHER_SUITE_TKIP)
2316 		return;
2317 
2318 	if (key->cipher == WLAN_CIPHER_SUITE_TKIP)
2319 		cipher = BIT(3);
2320 	else
2321 		cipher = BIT(4);
2322 
2323 	/* we are assuming here to have a single pairwise key */
2324 	if (key->flags & IEEE80211_KEY_FLAG_PAIRWISE) {
2325 		if (key->cipher == WLAN_CIPHER_SUITE_TKIP)
2326 			gtk_tlv->proto = cpu_to_le32(NL80211_WPA_VERSION_1);
2327 		else
2328 			gtk_tlv->proto = cpu_to_le32(NL80211_WPA_VERSION_2);
2329 
2330 		gtk_tlv->pairwise_cipher = cpu_to_le32(cipher);
2331 		gtk_tlv->keyid = key->keyidx;
2332 	} else {
2333 		gtk_tlv->group_cipher = cpu_to_le32(cipher);
2334 	}
2335 }
2336 
2337 int mt76_connac_mcu_update_gtk_rekey(struct ieee80211_hw *hw,
2338 				     struct ieee80211_vif *vif,
2339 				     struct cfg80211_gtk_rekey_data *key)
2340 {
2341 	struct mt76_vif *mvif = (struct mt76_vif *)vif->drv_priv;
2342 	struct mt76_connac_gtk_rekey_tlv *gtk_tlv;
2343 	struct mt76_phy *phy = hw->priv;
2344 	struct sk_buff *skb;
2345 	struct {
2346 		u8 bss_idx;
2347 		u8 pad[3];
2348 	} __packed hdr = {
2349 		.bss_idx = mvif->idx,
2350 	};
2351 
2352 	skb = mt76_mcu_msg_alloc(phy->dev, NULL,
2353 				 sizeof(hdr) + sizeof(*gtk_tlv));
2354 	if (!skb)
2355 		return -ENOMEM;
2356 
2357 	skb_put_data(skb, &hdr, sizeof(hdr));
2358 	gtk_tlv = (struct mt76_connac_gtk_rekey_tlv *)skb_put(skb,
2359 							 sizeof(*gtk_tlv));
2360 	gtk_tlv->tag = cpu_to_le16(UNI_OFFLOAD_OFFLOAD_GTK_REKEY);
2361 	gtk_tlv->len = cpu_to_le16(sizeof(*gtk_tlv));
2362 	gtk_tlv->rekey_mode = 2;
2363 	gtk_tlv->option = 1;
2364 
2365 	rcu_read_lock();
2366 	ieee80211_iter_keys_rcu(hw, vif, mt76_connac_mcu_key_iter, gtk_tlv);
2367 	rcu_read_unlock();
2368 
2369 	memcpy(gtk_tlv->kek, key->kek, NL80211_KEK_LEN);
2370 	memcpy(gtk_tlv->kck, key->kck, NL80211_KCK_LEN);
2371 	memcpy(gtk_tlv->replay_ctr, key->replay_ctr, NL80211_REPLAY_CTR_LEN);
2372 
2373 	return mt76_mcu_skb_send_msg(phy->dev, skb,
2374 				     MCU_UNI_CMD(OFFLOAD), true);
2375 }
2376 EXPORT_SYMBOL_GPL(mt76_connac_mcu_update_gtk_rekey);
2377 
2378 static int
2379 mt76_connac_mcu_set_arp_filter(struct mt76_dev *dev, struct ieee80211_vif *vif,
2380 			       bool suspend)
2381 {
2382 	struct mt76_vif *mvif = (struct mt76_vif *)vif->drv_priv;
2383 	struct {
2384 		struct {
2385 			u8 bss_idx;
2386 			u8 pad[3];
2387 		} __packed hdr;
2388 		struct mt76_connac_arpns_tlv arpns;
2389 	} req = {
2390 		.hdr = {
2391 			.bss_idx = mvif->idx,
2392 		},
2393 		.arpns = {
2394 			.tag = cpu_to_le16(UNI_OFFLOAD_OFFLOAD_ARP),
2395 			.len = cpu_to_le16(sizeof(struct mt76_connac_arpns_tlv)),
2396 			.mode = suspend,
2397 		},
2398 	};
2399 
2400 	return mt76_mcu_send_msg(dev, MCU_UNI_CMD(OFFLOAD), &req,
2401 				 sizeof(req), true);
2402 }
2403 
2404 static int
2405 mt76_connac_mcu_set_gtk_rekey(struct mt76_dev *dev, struct ieee80211_vif *vif,
2406 			      bool suspend)
2407 {
2408 	struct mt76_vif *mvif = (struct mt76_vif *)vif->drv_priv;
2409 	struct {
2410 		struct {
2411 			u8 bss_idx;
2412 			u8 pad[3];
2413 		} __packed hdr;
2414 		struct mt76_connac_gtk_rekey_tlv gtk_tlv;
2415 	} __packed req = {
2416 		.hdr = {
2417 			.bss_idx = mvif->idx,
2418 		},
2419 		.gtk_tlv = {
2420 			.tag = cpu_to_le16(UNI_OFFLOAD_OFFLOAD_GTK_REKEY),
2421 			.len = cpu_to_le16(sizeof(struct mt76_connac_gtk_rekey_tlv)),
2422 			.rekey_mode = !suspend,
2423 		},
2424 	};
2425 
2426 	return mt76_mcu_send_msg(dev, MCU_UNI_CMD(OFFLOAD), &req,
2427 				 sizeof(req), true);
2428 }
2429 
2430 static int
2431 mt76_connac_mcu_set_suspend_mode(struct mt76_dev *dev,
2432 				 struct ieee80211_vif *vif,
2433 				 bool enable, u8 mdtim,
2434 				 bool wow_suspend)
2435 {
2436 	struct mt76_vif *mvif = (struct mt76_vif *)vif->drv_priv;
2437 	struct {
2438 		struct {
2439 			u8 bss_idx;
2440 			u8 pad[3];
2441 		} __packed hdr;
2442 		struct mt76_connac_suspend_tlv suspend_tlv;
2443 	} req = {
2444 		.hdr = {
2445 			.bss_idx = mvif->idx,
2446 		},
2447 		.suspend_tlv = {
2448 			.tag = cpu_to_le16(UNI_SUSPEND_MODE_SETTING),
2449 			.len = cpu_to_le16(sizeof(struct mt76_connac_suspend_tlv)),
2450 			.enable = enable,
2451 			.mdtim = mdtim,
2452 			.wow_suspend = wow_suspend,
2453 		},
2454 	};
2455 
2456 	return mt76_mcu_send_msg(dev, MCU_UNI_CMD(SUSPEND), &req,
2457 				 sizeof(req), true);
2458 }
2459 
2460 static int
2461 mt76_connac_mcu_set_wow_pattern(struct mt76_dev *dev,
2462 				struct ieee80211_vif *vif,
2463 				u8 index, bool enable,
2464 				struct cfg80211_pkt_pattern *pattern)
2465 {
2466 	struct mt76_vif *mvif = (struct mt76_vif *)vif->drv_priv;
2467 	struct mt76_connac_wow_pattern_tlv *ptlv;
2468 	struct sk_buff *skb;
2469 	struct req_hdr {
2470 		u8 bss_idx;
2471 		u8 pad[3];
2472 	} __packed hdr = {
2473 		.bss_idx = mvif->idx,
2474 	};
2475 
2476 	skb = mt76_mcu_msg_alloc(dev, NULL, sizeof(hdr) + sizeof(*ptlv));
2477 	if (!skb)
2478 		return -ENOMEM;
2479 
2480 	skb_put_data(skb, &hdr, sizeof(hdr));
2481 	ptlv = (struct mt76_connac_wow_pattern_tlv *)skb_put(skb, sizeof(*ptlv));
2482 	ptlv->tag = cpu_to_le16(UNI_SUSPEND_WOW_PATTERN);
2483 	ptlv->len = cpu_to_le16(sizeof(*ptlv));
2484 	ptlv->data_len = pattern->pattern_len;
2485 	ptlv->enable = enable;
2486 	ptlv->index = index;
2487 
2488 	memcpy(ptlv->pattern, pattern->pattern, pattern->pattern_len);
2489 	memcpy(ptlv->mask, pattern->mask, DIV_ROUND_UP(pattern->pattern_len, 8));
2490 
2491 	return mt76_mcu_skb_send_msg(dev, skb, MCU_UNI_CMD(SUSPEND), true);
2492 }
2493 
2494 static int
2495 mt76_connac_mcu_set_wow_ctrl(struct mt76_phy *phy, struct ieee80211_vif *vif,
2496 			     bool suspend, struct cfg80211_wowlan *wowlan)
2497 {
2498 	struct mt76_vif *mvif = (struct mt76_vif *)vif->drv_priv;
2499 	struct mt76_dev *dev = phy->dev;
2500 	struct {
2501 		struct {
2502 			u8 bss_idx;
2503 			u8 pad[3];
2504 		} __packed hdr;
2505 		struct mt76_connac_wow_ctrl_tlv wow_ctrl_tlv;
2506 		struct mt76_connac_wow_gpio_param_tlv gpio_tlv;
2507 	} req = {
2508 		.hdr = {
2509 			.bss_idx = mvif->idx,
2510 		},
2511 		.wow_ctrl_tlv = {
2512 			.tag = cpu_to_le16(UNI_SUSPEND_WOW_CTRL),
2513 			.len = cpu_to_le16(sizeof(struct mt76_connac_wow_ctrl_tlv)),
2514 			.cmd = suspend ? 1 : 2,
2515 		},
2516 		.gpio_tlv = {
2517 			.tag = cpu_to_le16(UNI_SUSPEND_WOW_GPIO_PARAM),
2518 			.len = cpu_to_le16(sizeof(struct mt76_connac_wow_gpio_param_tlv)),
2519 			.gpio_pin = 0xff, /* follow fw about GPIO pin */
2520 		},
2521 	};
2522 
2523 	if (wowlan->magic_pkt)
2524 		req.wow_ctrl_tlv.trigger |= UNI_WOW_DETECT_TYPE_MAGIC;
2525 	if (wowlan->disconnect)
2526 		req.wow_ctrl_tlv.trigger |= (UNI_WOW_DETECT_TYPE_DISCONNECT |
2527 					     UNI_WOW_DETECT_TYPE_BCN_LOST);
2528 	if (wowlan->nd_config) {
2529 		mt76_connac_mcu_sched_scan_req(phy, vif, wowlan->nd_config);
2530 		req.wow_ctrl_tlv.trigger |= UNI_WOW_DETECT_TYPE_SCH_SCAN_HIT;
2531 		mt76_connac_mcu_sched_scan_enable(phy, vif, suspend);
2532 	}
2533 	if (wowlan->n_patterns)
2534 		req.wow_ctrl_tlv.trigger |= UNI_WOW_DETECT_TYPE_BITMAP;
2535 
2536 	if (mt76_is_mmio(dev))
2537 		req.wow_ctrl_tlv.wakeup_hif = WOW_PCIE;
2538 	else if (mt76_is_usb(dev))
2539 		req.wow_ctrl_tlv.wakeup_hif = WOW_USB;
2540 	else if (mt76_is_sdio(dev))
2541 		req.wow_ctrl_tlv.wakeup_hif = WOW_GPIO;
2542 
2543 	return mt76_mcu_send_msg(dev, MCU_UNI_CMD(SUSPEND), &req,
2544 				 sizeof(req), true);
2545 }
2546 
2547 int mt76_connac_mcu_set_hif_suspend(struct mt76_dev *dev, bool suspend)
2548 {
2549 	struct {
2550 		struct {
2551 			u8 hif_type; /* 0x0: HIF_SDIO
2552 				      * 0x1: HIF_USB
2553 				      * 0x2: HIF_PCIE
2554 				      */
2555 			u8 pad[3];
2556 		} __packed hdr;
2557 		struct hif_suspend_tlv {
2558 			__le16 tag;
2559 			__le16 len;
2560 			u8 suspend;
2561 		} __packed hif_suspend;
2562 	} req = {
2563 		.hif_suspend = {
2564 			.tag = cpu_to_le16(0), /* 0: UNI_HIF_CTRL_BASIC */
2565 			.len = cpu_to_le16(sizeof(struct hif_suspend_tlv)),
2566 			.suspend = suspend,
2567 		},
2568 	};
2569 
2570 	if (mt76_is_mmio(dev))
2571 		req.hdr.hif_type = 2;
2572 	else if (mt76_is_usb(dev))
2573 		req.hdr.hif_type = 1;
2574 	else if (mt76_is_sdio(dev))
2575 		req.hdr.hif_type = 0;
2576 
2577 	return mt76_mcu_send_msg(dev, MCU_UNI_CMD(HIF_CTRL), &req,
2578 				 sizeof(req), true);
2579 }
2580 EXPORT_SYMBOL_GPL(mt76_connac_mcu_set_hif_suspend);
2581 
2582 void mt76_connac_mcu_set_suspend_iter(void *priv, u8 *mac,
2583 				      struct ieee80211_vif *vif)
2584 {
2585 	struct mt76_phy *phy = priv;
2586 	bool suspend = !test_bit(MT76_STATE_RUNNING, &phy->state);
2587 	struct ieee80211_hw *hw = phy->hw;
2588 	struct cfg80211_wowlan *wowlan = hw->wiphy->wowlan_config;
2589 	int i;
2590 
2591 	mt76_connac_mcu_set_gtk_rekey(phy->dev, vif, suspend);
2592 	mt76_connac_mcu_set_arp_filter(phy->dev, vif, suspend);
2593 
2594 	mt76_connac_mcu_set_suspend_mode(phy->dev, vif, suspend, 1, true);
2595 
2596 	for (i = 0; i < wowlan->n_patterns; i++)
2597 		mt76_connac_mcu_set_wow_pattern(phy->dev, vif, i, suspend,
2598 						&wowlan->patterns[i]);
2599 	mt76_connac_mcu_set_wow_ctrl(phy, vif, suspend, wowlan);
2600 }
2601 EXPORT_SYMBOL_GPL(mt76_connac_mcu_set_suspend_iter);
2602 #endif /* CONFIG_PM */
2603 
2604 u32 mt76_connac_mcu_reg_rr(struct mt76_dev *dev, u32 offset)
2605 {
2606 	struct {
2607 		__le32 addr;
2608 		__le32 val;
2609 	} __packed req = {
2610 		.addr = cpu_to_le32(offset),
2611 	};
2612 
2613 	return mt76_mcu_send_msg(dev, MCU_CE_QUERY(REG_READ), &req,
2614 				 sizeof(req), true);
2615 }
2616 EXPORT_SYMBOL_GPL(mt76_connac_mcu_reg_rr);
2617 
2618 void mt76_connac_mcu_reg_wr(struct mt76_dev *dev, u32 offset, u32 val)
2619 {
2620 	struct {
2621 		__le32 addr;
2622 		__le32 val;
2623 	} __packed req = {
2624 		.addr = cpu_to_le32(offset),
2625 		.val = cpu_to_le32(val),
2626 	};
2627 
2628 	mt76_mcu_send_msg(dev, MCU_CE_CMD(REG_WRITE), &req,
2629 			  sizeof(req), false);
2630 }
2631 EXPORT_SYMBOL_GPL(mt76_connac_mcu_reg_wr);
2632 
2633 static int
2634 mt76_connac_mcu_sta_key_tlv(struct mt76_connac_sta_key_conf *sta_key_conf,
2635 			    struct sk_buff *skb,
2636 			    struct ieee80211_key_conf *key,
2637 			    enum set_key_cmd cmd)
2638 {
2639 	struct sta_rec_sec *sec;
2640 	u32 len = sizeof(*sec);
2641 	struct tlv *tlv;
2642 
2643 	tlv = mt76_connac_mcu_add_tlv(skb, STA_REC_KEY_V2, sizeof(*sec));
2644 	sec = (struct sta_rec_sec *)tlv;
2645 	sec->add = cmd;
2646 
2647 	if (cmd == SET_KEY) {
2648 		struct sec_key *sec_key;
2649 		u8 cipher;
2650 
2651 		cipher = mt76_connac_mcu_get_cipher(key->cipher);
2652 		if (cipher == MCU_CIPHER_NONE)
2653 			return -EOPNOTSUPP;
2654 
2655 		sec_key = &sec->key[0];
2656 		sec_key->cipher_len = sizeof(*sec_key);
2657 
2658 		if (cipher == MCU_CIPHER_BIP_CMAC_128) {
2659 			sec_key->cipher_id = MCU_CIPHER_AES_CCMP;
2660 			sec_key->key_id = sta_key_conf->keyidx;
2661 			sec_key->key_len = 16;
2662 			memcpy(sec_key->key, sta_key_conf->key, 16);
2663 
2664 			sec_key = &sec->key[1];
2665 			sec_key->cipher_id = MCU_CIPHER_BIP_CMAC_128;
2666 			sec_key->cipher_len = sizeof(*sec_key);
2667 			sec_key->key_len = 16;
2668 			memcpy(sec_key->key, key->key, 16);
2669 			sec->n_cipher = 2;
2670 		} else {
2671 			sec_key->cipher_id = cipher;
2672 			sec_key->key_id = key->keyidx;
2673 			sec_key->key_len = key->keylen;
2674 			memcpy(sec_key->key, key->key, key->keylen);
2675 
2676 			if (cipher == MCU_CIPHER_TKIP) {
2677 				/* Rx/Tx MIC keys are swapped */
2678 				memcpy(sec_key->key + 16, key->key + 24, 8);
2679 				memcpy(sec_key->key + 24, key->key + 16, 8);
2680 			}
2681 
2682 			/* store key_conf for BIP batch update */
2683 			if (cipher == MCU_CIPHER_AES_CCMP) {
2684 				memcpy(sta_key_conf->key, key->key, key->keylen);
2685 				sta_key_conf->keyidx = key->keyidx;
2686 			}
2687 
2688 			len -= sizeof(*sec_key);
2689 			sec->n_cipher = 1;
2690 		}
2691 	} else {
2692 		len -= sizeof(sec->key);
2693 		sec->n_cipher = 0;
2694 	}
2695 	sec->len = cpu_to_le16(len);
2696 
2697 	return 0;
2698 }
2699 
2700 int mt76_connac_mcu_add_key(struct mt76_dev *dev, struct ieee80211_vif *vif,
2701 			    struct mt76_connac_sta_key_conf *sta_key_conf,
2702 			    struct ieee80211_key_conf *key, int mcu_cmd,
2703 			    struct mt76_wcid *wcid, enum set_key_cmd cmd)
2704 {
2705 	struct mt76_vif *mvif = (struct mt76_vif *)vif->drv_priv;
2706 	struct sk_buff *skb;
2707 	int ret;
2708 
2709 	skb = mt76_connac_mcu_alloc_sta_req(dev, mvif, wcid);
2710 	if (IS_ERR(skb))
2711 		return PTR_ERR(skb);
2712 
2713 	ret = mt76_connac_mcu_sta_key_tlv(sta_key_conf, skb, key, cmd);
2714 	if (ret)
2715 		return ret;
2716 
2717 	ret = mt76_connac_mcu_sta_wed_update(dev, skb);
2718 	if (ret)
2719 		return ret;
2720 
2721 	return mt76_mcu_skb_send_msg(dev, skb, mcu_cmd, true);
2722 }
2723 EXPORT_SYMBOL_GPL(mt76_connac_mcu_add_key);
2724 
2725 /* SIFS 20us + 512 byte beacon transmitted by 1Mbps (3906us) */
2726 #define BCN_TX_ESTIMATE_TIME (4096 + 20)
2727 void mt76_connac_mcu_bss_ext_tlv(struct sk_buff *skb, struct mt76_vif *mvif)
2728 {
2729 	struct bss_info_ext_bss *ext;
2730 	int ext_bss_idx, tsf_offset;
2731 	struct tlv *tlv;
2732 
2733 	ext_bss_idx = mvif->omac_idx - EXT_BSSID_START;
2734 	if (ext_bss_idx < 0)
2735 		return;
2736 
2737 	tlv = mt76_connac_mcu_add_tlv(skb, BSS_INFO_EXT_BSS, sizeof(*ext));
2738 
2739 	ext = (struct bss_info_ext_bss *)tlv;
2740 	tsf_offset = ext_bss_idx * BCN_TX_ESTIMATE_TIME;
2741 	ext->mbss_tsf_offset = cpu_to_le32(tsf_offset);
2742 }
2743 EXPORT_SYMBOL_GPL(mt76_connac_mcu_bss_ext_tlv);
2744 
2745 int mt76_connac_mcu_bss_basic_tlv(struct sk_buff *skb,
2746 				  struct ieee80211_vif *vif,
2747 				  struct ieee80211_sta *sta,
2748 				  struct mt76_phy *phy, u16 wlan_idx,
2749 				  bool enable)
2750 {
2751 	struct mt76_vif *mvif = (struct mt76_vif *)vif->drv_priv;
2752 	u32 type = vif->p2p ? NETWORK_P2P : NETWORK_INFRA;
2753 	struct bss_info_basic *bss;
2754 	struct tlv *tlv;
2755 
2756 	tlv = mt76_connac_mcu_add_tlv(skb, BSS_INFO_BASIC, sizeof(*bss));
2757 	bss = (struct bss_info_basic *)tlv;
2758 
2759 	switch (vif->type) {
2760 	case NL80211_IFTYPE_MESH_POINT:
2761 	case NL80211_IFTYPE_MONITOR:
2762 		break;
2763 	case NL80211_IFTYPE_AP:
2764 		if (ieee80211_hw_check(phy->hw, SUPPORTS_MULTI_BSSID)) {
2765 			u8 bssid_id = vif->bss_conf.bssid_indicator;
2766 			struct wiphy *wiphy = phy->hw->wiphy;
2767 
2768 			if (bssid_id > ilog2(wiphy->mbssid_max_interfaces))
2769 				return -EINVAL;
2770 
2771 			bss->non_tx_bssid = vif->bss_conf.bssid_index;
2772 			bss->max_bssid = bssid_id;
2773 		}
2774 		break;
2775 	case NL80211_IFTYPE_STATION:
2776 		if (enable) {
2777 			rcu_read_lock();
2778 			if (!sta)
2779 				sta = ieee80211_find_sta(vif,
2780 							 vif->bss_conf.bssid);
2781 			/* TODO: enable BSS_INFO_UAPSD & BSS_INFO_PM */
2782 			if (sta) {
2783 				struct mt76_wcid *wcid;
2784 
2785 				wcid = (struct mt76_wcid *)sta->drv_priv;
2786 				wlan_idx = wcid->idx;
2787 			}
2788 			rcu_read_unlock();
2789 		}
2790 		break;
2791 	case NL80211_IFTYPE_ADHOC:
2792 		type = NETWORK_IBSS;
2793 		break;
2794 	default:
2795 		WARN_ON(1);
2796 		break;
2797 	}
2798 
2799 	bss->network_type = cpu_to_le32(type);
2800 	bss->bmc_wcid_lo = to_wcid_lo(wlan_idx);
2801 	bss->bmc_wcid_hi = to_wcid_hi(wlan_idx);
2802 	bss->wmm_idx = mvif->wmm_idx;
2803 	bss->active = enable;
2804 	bss->cipher = mvif->cipher;
2805 
2806 	if (vif->type != NL80211_IFTYPE_MONITOR) {
2807 		struct cfg80211_chan_def *chandef = &phy->chandef;
2808 
2809 		memcpy(bss->bssid, vif->bss_conf.bssid, ETH_ALEN);
2810 		bss->bcn_interval = cpu_to_le16(vif->bss_conf.beacon_int);
2811 		bss->dtim_period = vif->bss_conf.dtim_period;
2812 		bss->phy_mode = mt76_connac_get_phy_mode(phy, vif,
2813 							 chandef->chan->band, NULL);
2814 	} else {
2815 		memcpy(bss->bssid, phy->macaddr, ETH_ALEN);
2816 	}
2817 
2818 	return 0;
2819 }
2820 EXPORT_SYMBOL_GPL(mt76_connac_mcu_bss_basic_tlv);
2821 
2822 #define ENTER_PM_STATE		1
2823 #define EXIT_PM_STATE		2
2824 int mt76_connac_mcu_set_pm(struct mt76_dev *dev, int band, int enter)
2825 {
2826 	struct {
2827 		u8 pm_number;
2828 		u8 pm_state;
2829 		u8 bssid[ETH_ALEN];
2830 		u8 dtim_period;
2831 		u8 wlan_idx_lo;
2832 		__le16 bcn_interval;
2833 		__le32 aid;
2834 		__le32 rx_filter;
2835 		u8 band_idx;
2836 		u8 wlan_idx_hi;
2837 		u8 rsv[2];
2838 		__le32 feature;
2839 		u8 omac_idx;
2840 		u8 wmm_idx;
2841 		u8 bcn_loss_cnt;
2842 		u8 bcn_sp_duration;
2843 	} __packed req = {
2844 		.pm_number = 5,
2845 		.pm_state = enter ? ENTER_PM_STATE : EXIT_PM_STATE,
2846 		.band_idx = band,
2847 	};
2848 
2849 	return mt76_mcu_send_msg(dev, MCU_EXT_CMD(PM_STATE_CTRL), &req,
2850 				 sizeof(req), true);
2851 }
2852 EXPORT_SYMBOL_GPL(mt76_connac_mcu_set_pm);
2853 
2854 int mt76_connac_mcu_restart(struct mt76_dev *dev)
2855 {
2856 	struct {
2857 		u8 power_mode;
2858 		u8 rsv[3];
2859 	} req = {
2860 		.power_mode = 1,
2861 	};
2862 
2863 	return mt76_mcu_send_msg(dev, MCU_CMD(NIC_POWER_CTRL), &req,
2864 				 sizeof(req), false);
2865 }
2866 EXPORT_SYMBOL_GPL(mt76_connac_mcu_restart);
2867 
2868 int mt76_connac_mcu_rdd_cmd(struct mt76_dev *dev, int cmd, u8 index,
2869 			    u8 rx_sel, u8 val)
2870 {
2871 	struct {
2872 		u8 ctrl;
2873 		u8 rdd_idx;
2874 		u8 rdd_rx_sel;
2875 		u8 val;
2876 		u8 rsv[4];
2877 	} __packed req = {
2878 		.ctrl = cmd,
2879 		.rdd_idx = index,
2880 		.rdd_rx_sel = rx_sel,
2881 		.val = val,
2882 	};
2883 
2884 	return mt76_mcu_send_msg(dev, MCU_EXT_CMD(SET_RDD_CTRL), &req,
2885 				 sizeof(req), true);
2886 }
2887 EXPORT_SYMBOL_GPL(mt76_connac_mcu_rdd_cmd);
2888 
2889 static int
2890 mt76_connac_mcu_send_ram_firmware(struct mt76_dev *dev,
2891 				  const struct mt76_connac2_fw_trailer *hdr,
2892 				  const u8 *data, bool is_wa)
2893 {
2894 	int i, offset = 0, max_len = mt76_is_sdio(dev) ? 2048 : 4096;
2895 	u32 override = 0, option = 0;
2896 
2897 	for (i = 0; i < hdr->n_region; i++) {
2898 		const struct mt76_connac2_fw_region *region;
2899 		u32 len, addr, mode;
2900 		int err;
2901 
2902 		region = (const void *)((const u8 *)hdr -
2903 					(hdr->n_region - i) * sizeof(*region));
2904 		mode = mt76_connac_mcu_gen_dl_mode(dev, region->feature_set,
2905 						   is_wa);
2906 		len = le32_to_cpu(region->len);
2907 		addr = le32_to_cpu(region->addr);
2908 
2909 		if (region->feature_set & FW_FEATURE_NON_DL)
2910 			goto next;
2911 
2912 		if (region->feature_set & FW_FEATURE_OVERRIDE_ADDR)
2913 			override = addr;
2914 
2915 		err = mt76_connac_mcu_init_download(dev, addr, len, mode);
2916 		if (err) {
2917 			dev_err(dev->dev, "Download request failed\n");
2918 			return err;
2919 		}
2920 
2921 		err = __mt76_mcu_send_firmware(dev, MCU_CMD(FW_SCATTER),
2922 					       data + offset, len, max_len);
2923 		if (err) {
2924 			dev_err(dev->dev, "Failed to send firmware.\n");
2925 			return err;
2926 		}
2927 
2928 next:
2929 		offset += len;
2930 	}
2931 
2932 	if (override)
2933 		option |= FW_START_OVERRIDE;
2934 	if (is_wa)
2935 		option |= FW_START_WORKING_PDA_CR4;
2936 
2937 	return mt76_connac_mcu_start_firmware(dev, override, option);
2938 }
2939 
2940 int mt76_connac2_load_ram(struct mt76_dev *dev, const char *fw_wm,
2941 			  const char *fw_wa)
2942 {
2943 	const struct mt76_connac2_fw_trailer *hdr;
2944 	const struct firmware *fw;
2945 	int ret;
2946 
2947 	ret = request_firmware(&fw, fw_wm, dev->dev);
2948 	if (ret)
2949 		return ret;
2950 
2951 	if (!fw || !fw->data || fw->size < sizeof(*hdr)) {
2952 		dev_err(dev->dev, "Invalid firmware\n");
2953 		ret = -EINVAL;
2954 		goto out;
2955 	}
2956 
2957 	hdr = (const void *)(fw->data + fw->size - sizeof(*hdr));
2958 	dev_info(dev->dev, "WM Firmware Version: %.10s, Build Time: %.15s\n",
2959 		 hdr->fw_ver, hdr->build_date);
2960 
2961 	ret = mt76_connac_mcu_send_ram_firmware(dev, hdr, fw->data, false);
2962 	if (ret) {
2963 		dev_err(dev->dev, "Failed to start WM firmware\n");
2964 		goto out;
2965 	}
2966 
2967 	snprintf(dev->hw->wiphy->fw_version,
2968 		 sizeof(dev->hw->wiphy->fw_version),
2969 		 "%.10s-%.15s", hdr->fw_ver, hdr->build_date);
2970 
2971 	release_firmware(fw);
2972 
2973 	if (!fw_wa)
2974 		return 0;
2975 
2976 	ret = request_firmware(&fw, fw_wa, dev->dev);
2977 	if (ret)
2978 		return ret;
2979 
2980 	if (!fw || !fw->data || fw->size < sizeof(*hdr)) {
2981 		dev_err(dev->dev, "Invalid firmware\n");
2982 		ret = -EINVAL;
2983 		goto out;
2984 	}
2985 
2986 	hdr = (const void *)(fw->data + fw->size - sizeof(*hdr));
2987 	dev_info(dev->dev, "WA Firmware Version: %.10s, Build Time: %.15s\n",
2988 		 hdr->fw_ver, hdr->build_date);
2989 
2990 	ret = mt76_connac_mcu_send_ram_firmware(dev, hdr, fw->data, true);
2991 	if (ret) {
2992 		dev_err(dev->dev, "Failed to start WA firmware\n");
2993 		goto out;
2994 	}
2995 
2996 	snprintf(dev->hw->wiphy->fw_version,
2997 		 sizeof(dev->hw->wiphy->fw_version),
2998 		 "%.10s-%.15s", hdr->fw_ver, hdr->build_date);
2999 
3000 out:
3001 	release_firmware(fw);
3002 
3003 	return ret;
3004 }
3005 EXPORT_SYMBOL_GPL(mt76_connac2_load_ram);
3006 
3007 static u32 mt76_connac2_get_data_mode(struct mt76_dev *dev, u32 info)
3008 {
3009 	u32 mode = DL_MODE_NEED_RSP;
3010 
3011 	if (!is_mt7921(dev) || info == PATCH_SEC_NOT_SUPPORT)
3012 		return mode;
3013 
3014 	switch (FIELD_GET(PATCH_SEC_ENC_TYPE_MASK, info)) {
3015 	case PATCH_SEC_ENC_TYPE_PLAIN:
3016 		break;
3017 	case PATCH_SEC_ENC_TYPE_AES:
3018 		mode |= DL_MODE_ENCRYPT;
3019 		mode |= FIELD_PREP(DL_MODE_KEY_IDX,
3020 				(info & PATCH_SEC_ENC_AES_KEY_MASK)) & DL_MODE_KEY_IDX;
3021 		mode |= DL_MODE_RESET_SEC_IV;
3022 		break;
3023 	case PATCH_SEC_ENC_TYPE_SCRAMBLE:
3024 		mode |= DL_MODE_ENCRYPT;
3025 		mode |= DL_CONFIG_ENCRY_MODE_SEL;
3026 		mode |= DL_MODE_RESET_SEC_IV;
3027 		break;
3028 	default:
3029 		dev_err(dev->dev, "Encryption type not support!\n");
3030 	}
3031 
3032 	return mode;
3033 }
3034 
3035 int mt76_connac2_load_patch(struct mt76_dev *dev, const char *fw_name)
3036 {
3037 	int i, ret, sem, max_len = mt76_is_sdio(dev) ? 2048 : 4096;
3038 	const struct mt76_connac2_patch_hdr *hdr;
3039 	const struct firmware *fw = NULL;
3040 
3041 	sem = mt76_connac_mcu_patch_sem_ctrl(dev, true);
3042 	switch (sem) {
3043 	case PATCH_IS_DL:
3044 		return 0;
3045 	case PATCH_NOT_DL_SEM_SUCCESS:
3046 		break;
3047 	default:
3048 		dev_err(dev->dev, "Failed to get patch semaphore\n");
3049 		return -EAGAIN;
3050 	}
3051 
3052 	ret = request_firmware(&fw, fw_name, dev->dev);
3053 	if (ret)
3054 		goto out;
3055 
3056 	if (!fw || !fw->data || fw->size < sizeof(*hdr)) {
3057 		dev_err(dev->dev, "Invalid firmware\n");
3058 		ret = -EINVAL;
3059 		goto out;
3060 	}
3061 
3062 	hdr = (const void *)fw->data;
3063 	dev_info(dev->dev, "HW/SW Version: 0x%x, Build Time: %.16s\n",
3064 		 be32_to_cpu(hdr->hw_sw_ver), hdr->build_date);
3065 
3066 	for (i = 0; i < be32_to_cpu(hdr->desc.n_region); i++) {
3067 		struct mt76_connac2_patch_sec *sec;
3068 		u32 len, addr, mode;
3069 		const u8 *dl;
3070 		u32 sec_info;
3071 
3072 		sec = (void *)(fw->data + sizeof(*hdr) + i * sizeof(*sec));
3073 		if ((be32_to_cpu(sec->type) & PATCH_SEC_TYPE_MASK) !=
3074 		    PATCH_SEC_TYPE_INFO) {
3075 			ret = -EINVAL;
3076 			goto out;
3077 		}
3078 
3079 		addr = be32_to_cpu(sec->info.addr);
3080 		len = be32_to_cpu(sec->info.len);
3081 		dl = fw->data + be32_to_cpu(sec->offs);
3082 		sec_info = be32_to_cpu(sec->info.sec_key_idx);
3083 		mode = mt76_connac2_get_data_mode(dev, sec_info);
3084 
3085 		ret = mt76_connac_mcu_init_download(dev, addr, len, mode);
3086 		if (ret) {
3087 			dev_err(dev->dev, "Download request failed\n");
3088 			goto out;
3089 		}
3090 
3091 		ret = __mt76_mcu_send_firmware(dev, MCU_CMD(FW_SCATTER),
3092 					       dl, len, max_len);
3093 		if (ret) {
3094 			dev_err(dev->dev, "Failed to send patch\n");
3095 			goto out;
3096 		}
3097 	}
3098 
3099 	ret = mt76_connac_mcu_start_patch(dev);
3100 	if (ret)
3101 		dev_err(dev->dev, "Failed to start patch\n");
3102 
3103 out:
3104 	sem = mt76_connac_mcu_patch_sem_ctrl(dev, false);
3105 	switch (sem) {
3106 	case PATCH_REL_SEM_SUCCESS:
3107 		break;
3108 	default:
3109 		ret = -EAGAIN;
3110 		dev_err(dev->dev, "Failed to release patch semaphore\n");
3111 		break;
3112 	}
3113 
3114 	release_firmware(fw);
3115 
3116 	return ret;
3117 }
3118 EXPORT_SYMBOL_GPL(mt76_connac2_load_patch);
3119 
3120 int mt76_connac2_mcu_fill_message(struct mt76_dev *dev, struct sk_buff *skb,
3121 				  int cmd, int *wait_seq)
3122 {
3123 	int txd_len, mcu_cmd = FIELD_GET(__MCU_CMD_FIELD_ID, cmd);
3124 	struct mt76_connac2_mcu_uni_txd *uni_txd;
3125 	struct mt76_connac2_mcu_txd *mcu_txd;
3126 	__le32 *txd;
3127 	u32 val;
3128 	u8 seq;
3129 
3130 	/* TODO: make dynamic based on msg type */
3131 	dev->mcu.timeout = 20 * HZ;
3132 
3133 	seq = ++dev->mcu.msg_seq & 0xf;
3134 	if (!seq)
3135 		seq = ++dev->mcu.msg_seq & 0xf;
3136 
3137 	if (cmd == MCU_CMD(FW_SCATTER))
3138 		goto exit;
3139 
3140 	txd_len = cmd & __MCU_CMD_FIELD_UNI ? sizeof(*uni_txd) : sizeof(*mcu_txd);
3141 	txd = (__le32 *)skb_push(skb, txd_len);
3142 
3143 	val = FIELD_PREP(MT_TXD0_TX_BYTES, skb->len) |
3144 	      FIELD_PREP(MT_TXD0_PKT_FMT, MT_TX_TYPE_CMD) |
3145 	      FIELD_PREP(MT_TXD0_Q_IDX, MT_TX_MCU_PORT_RX_Q0);
3146 	txd[0] = cpu_to_le32(val);
3147 
3148 	val = MT_TXD1_LONG_FORMAT |
3149 	      FIELD_PREP(MT_TXD1_HDR_FORMAT, MT_HDR_FORMAT_CMD);
3150 	txd[1] = cpu_to_le32(val);
3151 
3152 	if (cmd & __MCU_CMD_FIELD_UNI) {
3153 		uni_txd = (struct mt76_connac2_mcu_uni_txd *)txd;
3154 		uni_txd->len = cpu_to_le16(skb->len - sizeof(uni_txd->txd));
3155 		uni_txd->option = MCU_CMD_UNI_EXT_ACK;
3156 		uni_txd->cid = cpu_to_le16(mcu_cmd);
3157 		uni_txd->s2d_index = MCU_S2D_H2N;
3158 		uni_txd->pkt_type = MCU_PKT_ID;
3159 		uni_txd->seq = seq;
3160 
3161 		goto exit;
3162 	}
3163 
3164 	mcu_txd = (struct mt76_connac2_mcu_txd *)txd;
3165 	mcu_txd->len = cpu_to_le16(skb->len - sizeof(mcu_txd->txd));
3166 	mcu_txd->pq_id = cpu_to_le16(MCU_PQ_ID(MT_TX_PORT_IDX_MCU,
3167 					       MT_TX_MCU_PORT_RX_Q0));
3168 	mcu_txd->pkt_type = MCU_PKT_ID;
3169 	mcu_txd->seq = seq;
3170 	mcu_txd->cid = mcu_cmd;
3171 	mcu_txd->ext_cid = FIELD_GET(__MCU_CMD_FIELD_EXT_ID, cmd);
3172 
3173 	if (mcu_txd->ext_cid || (cmd & __MCU_CMD_FIELD_CE)) {
3174 		if (cmd & __MCU_CMD_FIELD_QUERY)
3175 			mcu_txd->set_query = MCU_Q_QUERY;
3176 		else
3177 			mcu_txd->set_query = MCU_Q_SET;
3178 		mcu_txd->ext_cid_ack = !!mcu_txd->ext_cid;
3179 	} else {
3180 		mcu_txd->set_query = MCU_Q_NA;
3181 	}
3182 
3183 	if (cmd & __MCU_CMD_FIELD_WA)
3184 		mcu_txd->s2d_index = MCU_S2D_H2C;
3185 	else
3186 		mcu_txd->s2d_index = MCU_S2D_H2N;
3187 
3188 exit:
3189 	if (wait_seq)
3190 		*wait_seq = seq;
3191 
3192 	return 0;
3193 }
3194 EXPORT_SYMBOL_GPL(mt76_connac2_mcu_fill_message);
3195 
3196 MODULE_AUTHOR("Lorenzo Bianconi <lorenzo@kernel.org>");
3197 MODULE_LICENSE("Dual BSD/GPL");
3198