1 // SPDX-License-Identifier: ISC
2 /* Copyright (C) 2020 MediaTek Inc. */
3 
4 #include <linux/firmware.h>
5 #include "mt76_connac2_mac.h"
6 #include "mt76_connac_mcu.h"
7 
8 int mt76_connac_mcu_start_firmware(struct mt76_dev *dev, u32 addr, u32 option)
9 {
10 	struct {
11 		__le32 option;
12 		__le32 addr;
13 	} req = {
14 		.option = cpu_to_le32(option),
15 		.addr = cpu_to_le32(addr),
16 	};
17 
18 	return mt76_mcu_send_msg(dev, MCU_CMD(FW_START_REQ), &req,
19 				 sizeof(req), true);
20 }
21 EXPORT_SYMBOL_GPL(mt76_connac_mcu_start_firmware);
22 
23 int mt76_connac_mcu_patch_sem_ctrl(struct mt76_dev *dev, bool get)
24 {
25 	u32 op = get ? PATCH_SEM_GET : PATCH_SEM_RELEASE;
26 	struct {
27 		__le32 op;
28 	} req = {
29 		.op = cpu_to_le32(op),
30 	};
31 
32 	return mt76_mcu_send_msg(dev, MCU_CMD(PATCH_SEM_CONTROL),
33 				 &req, sizeof(req), true);
34 }
35 EXPORT_SYMBOL_GPL(mt76_connac_mcu_patch_sem_ctrl);
36 
37 int mt76_connac_mcu_start_patch(struct mt76_dev *dev)
38 {
39 	struct {
40 		u8 check_crc;
41 		u8 reserved[3];
42 	} req = {
43 		.check_crc = 0,
44 	};
45 
46 	return mt76_mcu_send_msg(dev, MCU_CMD(PATCH_FINISH_REQ),
47 				 &req, sizeof(req), true);
48 }
49 EXPORT_SYMBOL_GPL(mt76_connac_mcu_start_patch);
50 
51 #define MCU_PATCH_ADDRESS	0x200000
52 
53 int mt76_connac_mcu_init_download(struct mt76_dev *dev, u32 addr, u32 len,
54 				  u32 mode)
55 {
56 	struct {
57 		__le32 addr;
58 		__le32 len;
59 		__le32 mode;
60 	} req = {
61 		.addr = cpu_to_le32(addr),
62 		.len = cpu_to_le32(len),
63 		.mode = cpu_to_le32(mode),
64 	};
65 	int cmd;
66 
67 	if ((!is_connac_v1(dev) && addr == MCU_PATCH_ADDRESS) ||
68 	    (is_mt7921(dev) && addr == 0x900000) ||
69 	    (is_mt7996(dev) && addr == 0x900000))
70 		cmd = MCU_CMD(PATCH_START_REQ);
71 	else
72 		cmd = MCU_CMD(TARGET_ADDRESS_LEN_REQ);
73 
74 	return mt76_mcu_send_msg(dev, cmd, &req, sizeof(req), true);
75 }
76 EXPORT_SYMBOL_GPL(mt76_connac_mcu_init_download);
77 
78 int mt76_connac_mcu_set_channel_domain(struct mt76_phy *phy)
79 {
80 	int len, i, n_max_channels, n_2ch = 0, n_5ch = 0, n_6ch = 0;
81 	struct mt76_connac_mcu_channel_domain {
82 		u8 alpha2[4]; /* regulatory_request.alpha2 */
83 		u8 bw_2g; /* BW_20_40M		0
84 			   * BW_20M		1
85 			   * BW_20_40_80M	2
86 			   * BW_20_40_80_160M	3
87 			   * BW_20_40_80_8080M	4
88 			   */
89 		u8 bw_5g;
90 		u8 bw_6g;
91 		u8 pad;
92 		u8 n_2ch;
93 		u8 n_5ch;
94 		u8 n_6ch;
95 		u8 pad2;
96 	} __packed hdr = {
97 		.bw_2g = 0,
98 		.bw_5g = 3, /* BW_20_40_80_160M */
99 		.bw_6g = 3,
100 	};
101 	struct mt76_connac_mcu_chan {
102 		__le16 hw_value;
103 		__le16 pad;
104 		__le32 flags;
105 	} __packed channel;
106 	struct mt76_dev *dev = phy->dev;
107 	struct ieee80211_channel *chan;
108 	struct sk_buff *skb;
109 
110 	n_max_channels = phy->sband_2g.sband.n_channels +
111 			 phy->sband_5g.sband.n_channels +
112 			 phy->sband_6g.sband.n_channels;
113 	len = sizeof(hdr) + n_max_channels * sizeof(channel);
114 
115 	skb = mt76_mcu_msg_alloc(dev, NULL, len);
116 	if (!skb)
117 		return -ENOMEM;
118 
119 	skb_reserve(skb, sizeof(hdr));
120 
121 	for (i = 0; i < phy->sband_2g.sband.n_channels; i++) {
122 		chan = &phy->sband_2g.sband.channels[i];
123 		if (chan->flags & IEEE80211_CHAN_DISABLED)
124 			continue;
125 
126 		channel.hw_value = cpu_to_le16(chan->hw_value);
127 		channel.flags = cpu_to_le32(chan->flags);
128 		channel.pad = 0;
129 
130 		skb_put_data(skb, &channel, sizeof(channel));
131 		n_2ch++;
132 	}
133 	for (i = 0; i < phy->sband_5g.sband.n_channels; i++) {
134 		chan = &phy->sband_5g.sband.channels[i];
135 		if (chan->flags & IEEE80211_CHAN_DISABLED)
136 			continue;
137 
138 		channel.hw_value = cpu_to_le16(chan->hw_value);
139 		channel.flags = cpu_to_le32(chan->flags);
140 		channel.pad = 0;
141 
142 		skb_put_data(skb, &channel, sizeof(channel));
143 		n_5ch++;
144 	}
145 	for (i = 0; i < phy->sband_6g.sband.n_channels; i++) {
146 		chan = &phy->sband_6g.sband.channels[i];
147 		if (chan->flags & IEEE80211_CHAN_DISABLED)
148 			continue;
149 
150 		channel.hw_value = cpu_to_le16(chan->hw_value);
151 		channel.flags = cpu_to_le32(chan->flags);
152 		channel.pad = 0;
153 
154 		skb_put_data(skb, &channel, sizeof(channel));
155 		n_6ch++;
156 	}
157 
158 	BUILD_BUG_ON(sizeof(dev->alpha2) > sizeof(hdr.alpha2));
159 	memcpy(hdr.alpha2, dev->alpha2, sizeof(dev->alpha2));
160 	hdr.n_2ch = n_2ch;
161 	hdr.n_5ch = n_5ch;
162 	hdr.n_6ch = n_6ch;
163 
164 	memcpy(__skb_push(skb, sizeof(hdr)), &hdr, sizeof(hdr));
165 
166 	return mt76_mcu_skb_send_msg(dev, skb, MCU_CE_CMD(SET_CHAN_DOMAIN),
167 				     false);
168 }
169 EXPORT_SYMBOL_GPL(mt76_connac_mcu_set_channel_domain);
170 
171 int mt76_connac_mcu_set_mac_enable(struct mt76_dev *dev, int band, bool enable,
172 				   bool hdr_trans)
173 {
174 	struct {
175 		u8 enable;
176 		u8 band;
177 		u8 rsv[2];
178 	} __packed req_mac = {
179 		.enable = enable,
180 		.band = band,
181 	};
182 
183 	return mt76_mcu_send_msg(dev, MCU_EXT_CMD(MAC_INIT_CTRL), &req_mac,
184 				 sizeof(req_mac), true);
185 }
186 EXPORT_SYMBOL_GPL(mt76_connac_mcu_set_mac_enable);
187 
188 int mt76_connac_mcu_set_vif_ps(struct mt76_dev *dev, struct ieee80211_vif *vif)
189 {
190 	struct mt76_vif *mvif = (struct mt76_vif *)vif->drv_priv;
191 	struct {
192 		u8 bss_idx;
193 		u8 ps_state; /* 0: device awake
194 			      * 1: static power save
195 			      * 2: dynamic power saving
196 			      */
197 	} req = {
198 		.bss_idx = mvif->idx,
199 		.ps_state = vif->cfg.ps ? 2 : 0,
200 	};
201 
202 	if (vif->type != NL80211_IFTYPE_STATION)
203 		return -EOPNOTSUPP;
204 
205 	return mt76_mcu_send_msg(dev, MCU_CE_CMD(SET_PS_PROFILE),
206 				 &req, sizeof(req), false);
207 }
208 EXPORT_SYMBOL_GPL(mt76_connac_mcu_set_vif_ps);
209 
210 int mt76_connac_mcu_set_rts_thresh(struct mt76_dev *dev, u32 val, u8 band)
211 {
212 	struct {
213 		u8 prot_idx;
214 		u8 band;
215 		u8 rsv[2];
216 		__le32 len_thresh;
217 		__le32 pkt_thresh;
218 	} __packed req = {
219 		.prot_idx = 1,
220 		.band = band,
221 		.len_thresh = cpu_to_le32(val),
222 		.pkt_thresh = cpu_to_le32(0x2),
223 	};
224 
225 	return mt76_mcu_send_msg(dev, MCU_EXT_CMD(PROTECT_CTRL), &req,
226 				 sizeof(req), true);
227 }
228 EXPORT_SYMBOL_GPL(mt76_connac_mcu_set_rts_thresh);
229 
230 void mt76_connac_mcu_beacon_loss_iter(void *priv, u8 *mac,
231 				      struct ieee80211_vif *vif)
232 {
233 	struct mt76_vif *mvif = (struct mt76_vif *)vif->drv_priv;
234 	struct mt76_connac_beacon_loss_event *event = priv;
235 
236 	if (mvif->idx != event->bss_idx)
237 		return;
238 
239 	if (!(vif->driver_flags & IEEE80211_VIF_BEACON_FILTER))
240 		return;
241 
242 	ieee80211_beacon_loss(vif);
243 }
244 EXPORT_SYMBOL_GPL(mt76_connac_mcu_beacon_loss_iter);
245 
246 struct tlv *
247 mt76_connac_mcu_add_nested_tlv(struct sk_buff *skb, int tag, int len,
248 			       void *sta_ntlv, void *sta_wtbl)
249 {
250 	struct sta_ntlv_hdr *ntlv_hdr = sta_ntlv;
251 	struct tlv *sta_hdr = sta_wtbl;
252 	struct tlv *ptlv, tlv = {
253 		.tag = cpu_to_le16(tag),
254 		.len = cpu_to_le16(len),
255 	};
256 	u16 ntlv;
257 
258 	ptlv = skb_put_zero(skb, len);
259 	memcpy(ptlv, &tlv, sizeof(tlv));
260 
261 	ntlv = le16_to_cpu(ntlv_hdr->tlv_num);
262 	ntlv_hdr->tlv_num = cpu_to_le16(ntlv + 1);
263 
264 	if (sta_hdr) {
265 		len += le16_to_cpu(sta_hdr->len);
266 		sta_hdr->len = cpu_to_le16(len);
267 	}
268 
269 	return ptlv;
270 }
271 EXPORT_SYMBOL_GPL(mt76_connac_mcu_add_nested_tlv);
272 
273 struct sk_buff *
274 __mt76_connac_mcu_alloc_sta_req(struct mt76_dev *dev, struct mt76_vif *mvif,
275 				struct mt76_wcid *wcid, int len)
276 {
277 	struct sta_req_hdr hdr = {
278 		.bss_idx = mvif->idx,
279 		.muar_idx = wcid ? mvif->omac_idx : 0,
280 		.is_tlv_append = 1,
281 	};
282 	struct sk_buff *skb;
283 
284 	mt76_connac_mcu_get_wlan_idx(dev, wcid, &hdr.wlan_idx_lo,
285 				     &hdr.wlan_idx_hi);
286 	skb = mt76_mcu_msg_alloc(dev, NULL, len);
287 	if (!skb)
288 		return ERR_PTR(-ENOMEM);
289 
290 	skb_put_data(skb, &hdr, sizeof(hdr));
291 
292 	return skb;
293 }
294 EXPORT_SYMBOL_GPL(__mt76_connac_mcu_alloc_sta_req);
295 
296 struct wtbl_req_hdr *
297 mt76_connac_mcu_alloc_wtbl_req(struct mt76_dev *dev, struct mt76_wcid *wcid,
298 			       int cmd, void *sta_wtbl, struct sk_buff **skb)
299 {
300 	struct tlv *sta_hdr = sta_wtbl;
301 	struct wtbl_req_hdr hdr = {
302 		.operation = cmd,
303 	};
304 	struct sk_buff *nskb = *skb;
305 
306 	mt76_connac_mcu_get_wlan_idx(dev, wcid, &hdr.wlan_idx_lo,
307 				     &hdr.wlan_idx_hi);
308 	if (!nskb) {
309 		nskb = mt76_mcu_msg_alloc(dev, NULL,
310 					  MT76_CONNAC_WTBL_UPDATE_MAX_SIZE);
311 		if (!nskb)
312 			return ERR_PTR(-ENOMEM);
313 
314 		*skb = nskb;
315 	}
316 
317 	if (sta_hdr)
318 		le16_add_cpu(&sta_hdr->len, sizeof(hdr));
319 
320 	return skb_put_data(nskb, &hdr, sizeof(hdr));
321 }
322 EXPORT_SYMBOL_GPL(mt76_connac_mcu_alloc_wtbl_req);
323 
324 void mt76_connac_mcu_bss_omac_tlv(struct sk_buff *skb,
325 				  struct ieee80211_vif *vif)
326 {
327 	struct mt76_vif *mvif = (struct mt76_vif *)vif->drv_priv;
328 	u8 omac_idx = mvif->omac_idx;
329 	struct bss_info_omac *omac;
330 	struct tlv *tlv;
331 	u32 type = 0;
332 
333 	switch (vif->type) {
334 	case NL80211_IFTYPE_MONITOR:
335 	case NL80211_IFTYPE_MESH_POINT:
336 	case NL80211_IFTYPE_AP:
337 		if (vif->p2p)
338 			type = CONNECTION_P2P_GO;
339 		else
340 			type = CONNECTION_INFRA_AP;
341 		break;
342 	case NL80211_IFTYPE_STATION:
343 		if (vif->p2p)
344 			type = CONNECTION_P2P_GC;
345 		else
346 			type = CONNECTION_INFRA_STA;
347 		break;
348 	case NL80211_IFTYPE_ADHOC:
349 		type = CONNECTION_IBSS_ADHOC;
350 		break;
351 	default:
352 		WARN_ON(1);
353 		break;
354 	}
355 
356 	tlv = mt76_connac_mcu_add_tlv(skb, BSS_INFO_OMAC, sizeof(*omac));
357 
358 	omac = (struct bss_info_omac *)tlv;
359 	omac->conn_type = cpu_to_le32(type);
360 	omac->omac_idx = mvif->omac_idx;
361 	omac->band_idx = mvif->band_idx;
362 	omac->hw_bss_idx = omac_idx > EXT_BSSID_START ? HW_BSSID_0 : omac_idx;
363 }
364 EXPORT_SYMBOL_GPL(mt76_connac_mcu_bss_omac_tlv);
365 
366 void mt76_connac_mcu_sta_basic_tlv(struct mt76_dev *dev, struct sk_buff *skb,
367 				   struct ieee80211_vif *vif,
368 				   struct ieee80211_sta *sta,
369 				   bool enable, bool newly)
370 {
371 	struct sta_rec_basic *basic;
372 	struct tlv *tlv;
373 	int conn_type;
374 
375 	tlv = mt76_connac_mcu_add_tlv(skb, STA_REC_BASIC, sizeof(*basic));
376 
377 	basic = (struct sta_rec_basic *)tlv;
378 	basic->extra_info = cpu_to_le16(EXTRA_INFO_VER);
379 
380 	if (enable) {
381 		if (newly)
382 			basic->extra_info |= cpu_to_le16(EXTRA_INFO_NEW);
383 		basic->conn_state = CONN_STATE_PORT_SECURE;
384 	} else {
385 		basic->conn_state = CONN_STATE_DISCONNECT;
386 	}
387 
388 	if (!sta) {
389 		basic->conn_type = cpu_to_le32(CONNECTION_INFRA_BC);
390 		eth_broadcast_addr(basic->peer_addr);
391 		return;
392 	}
393 
394 	switch (vif->type) {
395 	case NL80211_IFTYPE_MESH_POINT:
396 	case NL80211_IFTYPE_AP:
397 		if (vif->p2p && !is_mt7921(dev))
398 			conn_type = CONNECTION_P2P_GC;
399 		else
400 			conn_type = CONNECTION_INFRA_STA;
401 		basic->conn_type = cpu_to_le32(conn_type);
402 		basic->aid = cpu_to_le16(sta->aid);
403 		break;
404 	case NL80211_IFTYPE_STATION:
405 		if (vif->p2p && !is_mt7921(dev))
406 			conn_type = CONNECTION_P2P_GO;
407 		else
408 			conn_type = CONNECTION_INFRA_AP;
409 		basic->conn_type = cpu_to_le32(conn_type);
410 		basic->aid = cpu_to_le16(vif->cfg.aid);
411 		break;
412 	case NL80211_IFTYPE_ADHOC:
413 		basic->conn_type = cpu_to_le32(CONNECTION_IBSS_ADHOC);
414 		basic->aid = cpu_to_le16(sta->aid);
415 		break;
416 	default:
417 		WARN_ON(1);
418 		break;
419 	}
420 
421 	memcpy(basic->peer_addr, sta->addr, ETH_ALEN);
422 	basic->qos = sta->wme;
423 }
424 EXPORT_SYMBOL_GPL(mt76_connac_mcu_sta_basic_tlv);
425 
426 void mt76_connac_mcu_sta_uapsd(struct sk_buff *skb, struct ieee80211_vif *vif,
427 			       struct ieee80211_sta *sta)
428 {
429 	struct sta_rec_uapsd *uapsd;
430 	struct tlv *tlv;
431 
432 	if (vif->type != NL80211_IFTYPE_AP || !sta->wme)
433 		return;
434 
435 	tlv = mt76_connac_mcu_add_tlv(skb, STA_REC_APPS, sizeof(*uapsd));
436 	uapsd = (struct sta_rec_uapsd *)tlv;
437 
438 	if (sta->uapsd_queues & IEEE80211_WMM_IE_STA_QOSINFO_AC_VO) {
439 		uapsd->dac_map |= BIT(3);
440 		uapsd->tac_map |= BIT(3);
441 	}
442 	if (sta->uapsd_queues & IEEE80211_WMM_IE_STA_QOSINFO_AC_VI) {
443 		uapsd->dac_map |= BIT(2);
444 		uapsd->tac_map |= BIT(2);
445 	}
446 	if (sta->uapsd_queues & IEEE80211_WMM_IE_STA_QOSINFO_AC_BE) {
447 		uapsd->dac_map |= BIT(1);
448 		uapsd->tac_map |= BIT(1);
449 	}
450 	if (sta->uapsd_queues & IEEE80211_WMM_IE_STA_QOSINFO_AC_BK) {
451 		uapsd->dac_map |= BIT(0);
452 		uapsd->tac_map |= BIT(0);
453 	}
454 	uapsd->max_sp = sta->max_sp;
455 }
456 EXPORT_SYMBOL_GPL(mt76_connac_mcu_sta_uapsd);
457 
458 void mt76_connac_mcu_wtbl_hdr_trans_tlv(struct sk_buff *skb,
459 					struct ieee80211_vif *vif,
460 					struct mt76_wcid *wcid,
461 					void *sta_wtbl, void *wtbl_tlv)
462 {
463 	struct wtbl_hdr_trans *htr;
464 	struct tlv *tlv;
465 
466 	tlv = mt76_connac_mcu_add_nested_tlv(skb, WTBL_HDR_TRANS,
467 					     sizeof(*htr),
468 					     wtbl_tlv, sta_wtbl);
469 	htr = (struct wtbl_hdr_trans *)tlv;
470 	htr->no_rx_trans = true;
471 
472 	if (vif->type == NL80211_IFTYPE_STATION)
473 		htr->to_ds = true;
474 	else
475 		htr->from_ds = true;
476 
477 	if (!wcid)
478 		return;
479 
480 	htr->no_rx_trans = !test_bit(MT_WCID_FLAG_HDR_TRANS, &wcid->flags);
481 	if (test_bit(MT_WCID_FLAG_4ADDR, &wcid->flags)) {
482 		htr->to_ds = true;
483 		htr->from_ds = true;
484 	}
485 }
486 EXPORT_SYMBOL_GPL(mt76_connac_mcu_wtbl_hdr_trans_tlv);
487 
488 int mt76_connac_mcu_sta_update_hdr_trans(struct mt76_dev *dev,
489 					 struct ieee80211_vif *vif,
490 					 struct mt76_wcid *wcid, int cmd)
491 {
492 	struct mt76_vif *mvif = (struct mt76_vif *)vif->drv_priv;
493 	struct wtbl_req_hdr *wtbl_hdr;
494 	struct tlv *sta_wtbl;
495 	struct sk_buff *skb;
496 
497 	skb = mt76_connac_mcu_alloc_sta_req(dev, mvif, wcid);
498 	if (IS_ERR(skb))
499 		return PTR_ERR(skb);
500 
501 	sta_wtbl = mt76_connac_mcu_add_tlv(skb, STA_REC_WTBL,
502 					   sizeof(struct tlv));
503 
504 	wtbl_hdr = mt76_connac_mcu_alloc_wtbl_req(dev, wcid, WTBL_SET,
505 						  sta_wtbl, &skb);
506 	if (IS_ERR(wtbl_hdr))
507 		return PTR_ERR(wtbl_hdr);
508 
509 	mt76_connac_mcu_wtbl_hdr_trans_tlv(skb, vif, wcid, sta_wtbl, wtbl_hdr);
510 
511 	return mt76_mcu_skb_send_msg(dev, skb, cmd, true);
512 }
513 EXPORT_SYMBOL_GPL(mt76_connac_mcu_sta_update_hdr_trans);
514 
515 int mt76_connac_mcu_wtbl_update_hdr_trans(struct mt76_dev *dev,
516 					  struct ieee80211_vif *vif,
517 					  struct ieee80211_sta *sta)
518 {
519 	struct mt76_wcid *wcid = (struct mt76_wcid *)sta->drv_priv;
520 	struct wtbl_req_hdr *wtbl_hdr;
521 	struct sk_buff *skb = NULL;
522 
523 	wtbl_hdr = mt76_connac_mcu_alloc_wtbl_req(dev, wcid, WTBL_SET, NULL,
524 						  &skb);
525 	if (IS_ERR(wtbl_hdr))
526 		return PTR_ERR(wtbl_hdr);
527 
528 	mt76_connac_mcu_wtbl_hdr_trans_tlv(skb, vif, wcid, NULL, wtbl_hdr);
529 
530 	return mt76_mcu_skb_send_msg(dev, skb, MCU_EXT_CMD(WTBL_UPDATE), true);
531 }
532 EXPORT_SYMBOL_GPL(mt76_connac_mcu_wtbl_update_hdr_trans);
533 
534 void mt76_connac_mcu_wtbl_generic_tlv(struct mt76_dev *dev,
535 				      struct sk_buff *skb,
536 				      struct ieee80211_vif *vif,
537 				      struct ieee80211_sta *sta,
538 				      void *sta_wtbl, void *wtbl_tlv)
539 {
540 	struct mt76_vif *mvif = (struct mt76_vif *)vif->drv_priv;
541 	struct wtbl_generic *generic;
542 	struct wtbl_rx *rx;
543 	struct wtbl_spe *spe;
544 	struct tlv *tlv;
545 
546 	tlv = mt76_connac_mcu_add_nested_tlv(skb, WTBL_GENERIC,
547 					     sizeof(*generic),
548 					     wtbl_tlv, sta_wtbl);
549 
550 	generic = (struct wtbl_generic *)tlv;
551 
552 	if (sta) {
553 		if (vif->type == NL80211_IFTYPE_STATION)
554 			generic->partial_aid = cpu_to_le16(vif->cfg.aid);
555 		else
556 			generic->partial_aid = cpu_to_le16(sta->aid);
557 		memcpy(generic->peer_addr, sta->addr, ETH_ALEN);
558 		generic->muar_idx = mvif->omac_idx;
559 		generic->qos = sta->wme;
560 	} else {
561 		if (!is_connac_v1(dev) && vif->type == NL80211_IFTYPE_STATION)
562 			memcpy(generic->peer_addr, vif->bss_conf.bssid,
563 			       ETH_ALEN);
564 		else
565 			eth_broadcast_addr(generic->peer_addr);
566 
567 		generic->muar_idx = 0xe;
568 	}
569 
570 	tlv = mt76_connac_mcu_add_nested_tlv(skb, WTBL_RX, sizeof(*rx),
571 					     wtbl_tlv, sta_wtbl);
572 
573 	rx = (struct wtbl_rx *)tlv;
574 	rx->rca1 = sta ? vif->type != NL80211_IFTYPE_AP : 1;
575 	rx->rca2 = 1;
576 	rx->rv = 1;
577 
578 	if (!is_connac_v1(dev))
579 		return;
580 
581 	tlv = mt76_connac_mcu_add_nested_tlv(skb, WTBL_SPE, sizeof(*spe),
582 					     wtbl_tlv, sta_wtbl);
583 	spe = (struct wtbl_spe *)tlv;
584 	spe->spe_idx = 24;
585 }
586 EXPORT_SYMBOL_GPL(mt76_connac_mcu_wtbl_generic_tlv);
587 
588 static void
589 mt76_connac_mcu_sta_amsdu_tlv(struct sk_buff *skb, struct ieee80211_sta *sta,
590 			      struct ieee80211_vif *vif)
591 {
592 	struct mt76_wcid *wcid = (struct mt76_wcid *)sta->drv_priv;
593 	struct sta_rec_amsdu *amsdu;
594 	struct tlv *tlv;
595 
596 	if (vif->type != NL80211_IFTYPE_AP &&
597 	    vif->type != NL80211_IFTYPE_STATION)
598 		return;
599 
600 	if (!sta->deflink.agg.max_amsdu_len)
601 		return;
602 
603 	tlv = mt76_connac_mcu_add_tlv(skb, STA_REC_HW_AMSDU, sizeof(*amsdu));
604 	amsdu = (struct sta_rec_amsdu *)tlv;
605 	amsdu->max_amsdu_num = 8;
606 	amsdu->amsdu_en = true;
607 	amsdu->max_mpdu_size = sta->deflink.agg.max_amsdu_len >=
608 			       IEEE80211_MAX_MPDU_LEN_VHT_7991;
609 
610 	wcid->amsdu = true;
611 }
612 
613 #define HE_PHY(p, c)	u8_get_bits(c, IEEE80211_HE_PHY_##p)
614 #define HE_MAC(m, c)	u8_get_bits(c, IEEE80211_HE_MAC_##m)
615 static void
616 mt76_connac_mcu_sta_he_tlv(struct sk_buff *skb, struct ieee80211_sta *sta)
617 {
618 	struct ieee80211_sta_he_cap *he_cap = &sta->deflink.he_cap;
619 	struct ieee80211_he_cap_elem *elem = &he_cap->he_cap_elem;
620 	struct sta_rec_he *he;
621 	struct tlv *tlv;
622 	u32 cap = 0;
623 
624 	tlv = mt76_connac_mcu_add_tlv(skb, STA_REC_HE, sizeof(*he));
625 
626 	he = (struct sta_rec_he *)tlv;
627 
628 	if (elem->mac_cap_info[0] & IEEE80211_HE_MAC_CAP0_HTC_HE)
629 		cap |= STA_REC_HE_CAP_HTC;
630 
631 	if (elem->mac_cap_info[2] & IEEE80211_HE_MAC_CAP2_BSR)
632 		cap |= STA_REC_HE_CAP_BSR;
633 
634 	if (elem->mac_cap_info[3] & IEEE80211_HE_MAC_CAP3_OMI_CONTROL)
635 		cap |= STA_REC_HE_CAP_OM;
636 
637 	if (elem->mac_cap_info[4] & IEEE80211_HE_MAC_CAP4_AMSDU_IN_AMPDU)
638 		cap |= STA_REC_HE_CAP_AMSDU_IN_AMPDU;
639 
640 	if (elem->mac_cap_info[4] & IEEE80211_HE_MAC_CAP4_BQR)
641 		cap |= STA_REC_HE_CAP_BQR;
642 
643 	if (elem->phy_cap_info[0] &
644 	    (IEEE80211_HE_PHY_CAP0_CHANNEL_WIDTH_SET_RU_MAPPING_IN_2G |
645 	     IEEE80211_HE_PHY_CAP0_CHANNEL_WIDTH_SET_RU_MAPPING_IN_5G))
646 		cap |= STA_REC_HE_CAP_BW20_RU242_SUPPORT;
647 
648 	if (elem->phy_cap_info[1] &
649 	    IEEE80211_HE_PHY_CAP1_LDPC_CODING_IN_PAYLOAD)
650 		cap |= STA_REC_HE_CAP_LDPC;
651 
652 	if (elem->phy_cap_info[1] &
653 	    IEEE80211_HE_PHY_CAP1_HE_LTF_AND_GI_FOR_HE_PPDUS_0_8US)
654 		cap |= STA_REC_HE_CAP_SU_PPDU_1LTF_8US_GI;
655 
656 	if (elem->phy_cap_info[2] &
657 	    IEEE80211_HE_PHY_CAP2_NDP_4x_LTF_AND_3_2US)
658 		cap |= STA_REC_HE_CAP_NDP_4LTF_3DOT2MS_GI;
659 
660 	if (elem->phy_cap_info[2] &
661 	    IEEE80211_HE_PHY_CAP2_STBC_TX_UNDER_80MHZ)
662 		cap |= STA_REC_HE_CAP_LE_EQ_80M_TX_STBC;
663 
664 	if (elem->phy_cap_info[2] &
665 	    IEEE80211_HE_PHY_CAP2_STBC_RX_UNDER_80MHZ)
666 		cap |= STA_REC_HE_CAP_LE_EQ_80M_RX_STBC;
667 
668 	if (elem->phy_cap_info[6] &
669 	    IEEE80211_HE_PHY_CAP6_PARTIAL_BW_EXT_RANGE)
670 		cap |= STA_REC_HE_CAP_PARTIAL_BW_EXT_RANGE;
671 
672 	if (elem->phy_cap_info[7] &
673 	    IEEE80211_HE_PHY_CAP7_HE_SU_MU_PPDU_4XLTF_AND_08_US_GI)
674 		cap |= STA_REC_HE_CAP_SU_MU_PPDU_4LTF_8US_GI;
675 
676 	if (elem->phy_cap_info[7] &
677 	    IEEE80211_HE_PHY_CAP7_STBC_TX_ABOVE_80MHZ)
678 		cap |= STA_REC_HE_CAP_GT_80M_TX_STBC;
679 
680 	if (elem->phy_cap_info[7] &
681 	    IEEE80211_HE_PHY_CAP7_STBC_RX_ABOVE_80MHZ)
682 		cap |= STA_REC_HE_CAP_GT_80M_RX_STBC;
683 
684 	if (elem->phy_cap_info[8] &
685 	    IEEE80211_HE_PHY_CAP8_HE_ER_SU_PPDU_4XLTF_AND_08_US_GI)
686 		cap |= STA_REC_HE_CAP_ER_SU_PPDU_4LTF_8US_GI;
687 
688 	if (elem->phy_cap_info[8] &
689 	    IEEE80211_HE_PHY_CAP8_HE_ER_SU_1XLTF_AND_08_US_GI)
690 		cap |= STA_REC_HE_CAP_ER_SU_PPDU_1LTF_8US_GI;
691 
692 	if (elem->phy_cap_info[9] &
693 	    IEEE80211_HE_PHY_CAP9_NON_TRIGGERED_CQI_FEEDBACK)
694 		cap |= STA_REC_HE_CAP_TRIG_CQI_FK;
695 
696 	if (elem->phy_cap_info[9] &
697 	    IEEE80211_HE_PHY_CAP9_TX_1024_QAM_LESS_THAN_242_TONE_RU)
698 		cap |= STA_REC_HE_CAP_TX_1024QAM_UNDER_RU242;
699 
700 	if (elem->phy_cap_info[9] &
701 	    IEEE80211_HE_PHY_CAP9_RX_1024_QAM_LESS_THAN_242_TONE_RU)
702 		cap |= STA_REC_HE_CAP_RX_1024QAM_UNDER_RU242;
703 
704 	he->he_cap = cpu_to_le32(cap);
705 
706 	switch (sta->deflink.bandwidth) {
707 	case IEEE80211_STA_RX_BW_160:
708 		if (elem->phy_cap_info[0] &
709 		    IEEE80211_HE_PHY_CAP0_CHANNEL_WIDTH_SET_80PLUS80_MHZ_IN_5G)
710 			he->max_nss_mcs[CMD_HE_MCS_BW8080] =
711 				he_cap->he_mcs_nss_supp.rx_mcs_80p80;
712 
713 		he->max_nss_mcs[CMD_HE_MCS_BW160] =
714 				he_cap->he_mcs_nss_supp.rx_mcs_160;
715 		fallthrough;
716 	default:
717 		he->max_nss_mcs[CMD_HE_MCS_BW80] =
718 				he_cap->he_mcs_nss_supp.rx_mcs_80;
719 		break;
720 	}
721 
722 	he->t_frame_dur =
723 		HE_MAC(CAP1_TF_MAC_PAD_DUR_MASK, elem->mac_cap_info[1]);
724 	he->max_ampdu_exp =
725 		HE_MAC(CAP3_MAX_AMPDU_LEN_EXP_MASK, elem->mac_cap_info[3]);
726 
727 	he->bw_set =
728 		HE_PHY(CAP0_CHANNEL_WIDTH_SET_MASK, elem->phy_cap_info[0]);
729 	he->device_class =
730 		HE_PHY(CAP1_DEVICE_CLASS_A, elem->phy_cap_info[1]);
731 	he->punc_pream_rx =
732 		HE_PHY(CAP1_PREAMBLE_PUNC_RX_MASK, elem->phy_cap_info[1]);
733 
734 	he->dcm_tx_mode =
735 		HE_PHY(CAP3_DCM_MAX_CONST_TX_MASK, elem->phy_cap_info[3]);
736 	he->dcm_tx_max_nss =
737 		HE_PHY(CAP3_DCM_MAX_TX_NSS_2, elem->phy_cap_info[3]);
738 	he->dcm_rx_mode =
739 		HE_PHY(CAP3_DCM_MAX_CONST_RX_MASK, elem->phy_cap_info[3]);
740 	he->dcm_rx_max_nss =
741 		HE_PHY(CAP3_DCM_MAX_RX_NSS_2, elem->phy_cap_info[3]);
742 	he->dcm_rx_max_nss =
743 		HE_PHY(CAP8_DCM_MAX_RU_MASK, elem->phy_cap_info[8]);
744 
745 	he->pkt_ext = 2;
746 }
747 
748 static void
749 mt76_connac_mcu_sta_he_tlv_v2(struct sk_buff *skb, struct ieee80211_sta *sta)
750 {
751 	struct ieee80211_sta_he_cap *he_cap = &sta->deflink.he_cap;
752 	struct ieee80211_he_cap_elem *elem = &he_cap->he_cap_elem;
753 	struct sta_rec_he_v2 *he;
754 	struct tlv *tlv;
755 
756 	tlv = mt76_connac_mcu_add_tlv(skb, STA_REC_HE_V2, sizeof(*he));
757 
758 	he = (struct sta_rec_he_v2 *)tlv;
759 	memcpy(he->he_phy_cap, elem->phy_cap_info, sizeof(he->he_phy_cap));
760 	memcpy(he->he_mac_cap, elem->mac_cap_info, sizeof(he->he_mac_cap));
761 
762 	switch (sta->deflink.bandwidth) {
763 	case IEEE80211_STA_RX_BW_160:
764 		if (elem->phy_cap_info[0] &
765 		    IEEE80211_HE_PHY_CAP0_CHANNEL_WIDTH_SET_80PLUS80_MHZ_IN_5G)
766 			he->max_nss_mcs[CMD_HE_MCS_BW8080] =
767 				he_cap->he_mcs_nss_supp.rx_mcs_80p80;
768 
769 		he->max_nss_mcs[CMD_HE_MCS_BW160] =
770 				he_cap->he_mcs_nss_supp.rx_mcs_160;
771 		fallthrough;
772 	default:
773 		he->max_nss_mcs[CMD_HE_MCS_BW80] =
774 				he_cap->he_mcs_nss_supp.rx_mcs_80;
775 		break;
776 	}
777 
778 	he->pkt_ext = IEEE80211_HE_PHY_CAP9_NOMINAL_PKT_PADDING_16US;
779 }
780 
781 static u8
782 mt76_connac_get_phy_mode_v2(struct mt76_phy *mphy, struct ieee80211_vif *vif,
783 			    enum nl80211_band band, struct ieee80211_sta *sta)
784 {
785 	struct ieee80211_sta_ht_cap *ht_cap;
786 	struct ieee80211_sta_vht_cap *vht_cap;
787 	const struct ieee80211_sta_he_cap *he_cap;
788 	u8 mode = 0;
789 
790 	if (sta) {
791 		ht_cap = &sta->deflink.ht_cap;
792 		vht_cap = &sta->deflink.vht_cap;
793 		he_cap = &sta->deflink.he_cap;
794 	} else {
795 		struct ieee80211_supported_band *sband;
796 
797 		sband = mphy->hw->wiphy->bands[band];
798 		ht_cap = &sband->ht_cap;
799 		vht_cap = &sband->vht_cap;
800 		he_cap = ieee80211_get_he_iftype_cap(sband, vif->type);
801 	}
802 
803 	if (band == NL80211_BAND_2GHZ) {
804 		mode |= PHY_TYPE_BIT_HR_DSSS | PHY_TYPE_BIT_ERP;
805 
806 		if (ht_cap->ht_supported)
807 			mode |= PHY_TYPE_BIT_HT;
808 
809 		if (he_cap && he_cap->has_he)
810 			mode |= PHY_TYPE_BIT_HE;
811 	} else if (band == NL80211_BAND_5GHZ || band == NL80211_BAND_6GHZ) {
812 		mode |= PHY_TYPE_BIT_OFDM;
813 
814 		if (ht_cap->ht_supported)
815 			mode |= PHY_TYPE_BIT_HT;
816 
817 		if (vht_cap->vht_supported)
818 			mode |= PHY_TYPE_BIT_VHT;
819 
820 		if (he_cap && he_cap->has_he)
821 			mode |= PHY_TYPE_BIT_HE;
822 	}
823 
824 	return mode;
825 }
826 
827 void mt76_connac_mcu_sta_tlv(struct mt76_phy *mphy, struct sk_buff *skb,
828 			     struct ieee80211_sta *sta,
829 			     struct ieee80211_vif *vif,
830 			     u8 rcpi, u8 sta_state)
831 {
832 	struct mt76_vif *mvif = (struct mt76_vif *)vif->drv_priv;
833 	struct cfg80211_chan_def *chandef = mvif->ctx ?
834 					    &mvif->ctx->def : &mphy->chandef;
835 	enum nl80211_band band = chandef->chan->band;
836 	struct mt76_dev *dev = mphy->dev;
837 	struct sta_rec_ra_info *ra_info;
838 	struct sta_rec_state *state;
839 	struct sta_rec_phy *phy;
840 	struct tlv *tlv;
841 	u16 supp_rates;
842 
843 	/* starec ht */
844 	if (sta->deflink.ht_cap.ht_supported) {
845 		struct sta_rec_ht *ht;
846 
847 		tlv = mt76_connac_mcu_add_tlv(skb, STA_REC_HT, sizeof(*ht));
848 		ht = (struct sta_rec_ht *)tlv;
849 		ht->ht_cap = cpu_to_le16(sta->deflink.ht_cap.cap);
850 	}
851 
852 	/* starec vht */
853 	if (sta->deflink.vht_cap.vht_supported) {
854 		struct sta_rec_vht *vht;
855 		int len;
856 
857 		len = is_mt7921(dev) ? sizeof(*vht) : sizeof(*vht) - 4;
858 		tlv = mt76_connac_mcu_add_tlv(skb, STA_REC_VHT, len);
859 		vht = (struct sta_rec_vht *)tlv;
860 		vht->vht_cap = cpu_to_le32(sta->deflink.vht_cap.cap);
861 		vht->vht_rx_mcs_map = sta->deflink.vht_cap.vht_mcs.rx_mcs_map;
862 		vht->vht_tx_mcs_map = sta->deflink.vht_cap.vht_mcs.tx_mcs_map;
863 	}
864 
865 	/* starec uapsd */
866 	mt76_connac_mcu_sta_uapsd(skb, vif, sta);
867 
868 	if (!is_mt7921(dev))
869 		return;
870 
871 	if (sta->deflink.ht_cap.ht_supported || sta->deflink.he_cap.has_he)
872 		mt76_connac_mcu_sta_amsdu_tlv(skb, sta, vif);
873 
874 	/* starec he */
875 	if (sta->deflink.he_cap.has_he) {
876 		mt76_connac_mcu_sta_he_tlv(skb, sta);
877 		mt76_connac_mcu_sta_he_tlv_v2(skb, sta);
878 		if (band == NL80211_BAND_6GHZ &&
879 		    sta_state == MT76_STA_INFO_STATE_ASSOC) {
880 			struct sta_rec_he_6g_capa *he_6g_capa;
881 
882 			tlv = mt76_connac_mcu_add_tlv(skb, STA_REC_HE_6G,
883 						      sizeof(*he_6g_capa));
884 			he_6g_capa = (struct sta_rec_he_6g_capa *)tlv;
885 			he_6g_capa->capa = sta->deflink.he_6ghz_capa.capa;
886 		}
887 	}
888 
889 	tlv = mt76_connac_mcu_add_tlv(skb, STA_REC_PHY, sizeof(*phy));
890 	phy = (struct sta_rec_phy *)tlv;
891 	phy->phy_type = mt76_connac_get_phy_mode_v2(mphy, vif, band, sta);
892 	phy->basic_rate = cpu_to_le16((u16)vif->bss_conf.basic_rates);
893 	phy->rcpi = rcpi;
894 	phy->ampdu = FIELD_PREP(IEEE80211_HT_AMPDU_PARM_FACTOR,
895 				sta->deflink.ht_cap.ampdu_factor) |
896 		     FIELD_PREP(IEEE80211_HT_AMPDU_PARM_DENSITY,
897 				sta->deflink.ht_cap.ampdu_density);
898 
899 	tlv = mt76_connac_mcu_add_tlv(skb, STA_REC_RA, sizeof(*ra_info));
900 	ra_info = (struct sta_rec_ra_info *)tlv;
901 
902 	supp_rates = sta->deflink.supp_rates[band];
903 	if (band == NL80211_BAND_2GHZ)
904 		supp_rates = FIELD_PREP(RA_LEGACY_OFDM, supp_rates >> 4) |
905 			     FIELD_PREP(RA_LEGACY_CCK, supp_rates & 0xf);
906 	else
907 		supp_rates = FIELD_PREP(RA_LEGACY_OFDM, supp_rates);
908 
909 	ra_info->legacy = cpu_to_le16(supp_rates);
910 
911 	if (sta->deflink.ht_cap.ht_supported)
912 		memcpy(ra_info->rx_mcs_bitmask,
913 		       sta->deflink.ht_cap.mcs.rx_mask,
914 		       HT_MCS_MASK_NUM);
915 
916 	tlv = mt76_connac_mcu_add_tlv(skb, STA_REC_STATE, sizeof(*state));
917 	state = (struct sta_rec_state *)tlv;
918 	state->state = sta_state;
919 
920 	if (sta->deflink.vht_cap.vht_supported) {
921 		state->vht_opmode = sta->deflink.bandwidth;
922 		state->vht_opmode |= (sta->deflink.rx_nss - 1) <<
923 			IEEE80211_OPMODE_NOTIF_RX_NSS_SHIFT;
924 	}
925 }
926 EXPORT_SYMBOL_GPL(mt76_connac_mcu_sta_tlv);
927 
928 void mt76_connac_mcu_wtbl_smps_tlv(struct sk_buff *skb,
929 				   struct ieee80211_sta *sta,
930 				   void *sta_wtbl, void *wtbl_tlv)
931 {
932 	struct wtbl_smps *smps;
933 	struct tlv *tlv;
934 
935 	tlv = mt76_connac_mcu_add_nested_tlv(skb, WTBL_SMPS, sizeof(*smps),
936 					     wtbl_tlv, sta_wtbl);
937 	smps = (struct wtbl_smps *)tlv;
938 	smps->smps = (sta->deflink.smps_mode == IEEE80211_SMPS_DYNAMIC);
939 }
940 EXPORT_SYMBOL_GPL(mt76_connac_mcu_wtbl_smps_tlv);
941 
942 void mt76_connac_mcu_wtbl_ht_tlv(struct mt76_dev *dev, struct sk_buff *skb,
943 				 struct ieee80211_sta *sta, void *sta_wtbl,
944 				 void *wtbl_tlv, bool ht_ldpc, bool vht_ldpc)
945 {
946 	struct wtbl_ht *ht = NULL;
947 	struct tlv *tlv;
948 	u32 flags = 0;
949 
950 	if (sta->deflink.ht_cap.ht_supported || sta->deflink.he_6ghz_capa.capa) {
951 		tlv = mt76_connac_mcu_add_nested_tlv(skb, WTBL_HT, sizeof(*ht),
952 						     wtbl_tlv, sta_wtbl);
953 		ht = (struct wtbl_ht *)tlv;
954 		ht->ldpc = ht_ldpc &&
955 			   !!(sta->deflink.ht_cap.cap & IEEE80211_HT_CAP_LDPC_CODING);
956 
957 		if (sta->deflink.ht_cap.ht_supported) {
958 			ht->af = sta->deflink.ht_cap.ampdu_factor;
959 			ht->mm = sta->deflink.ht_cap.ampdu_density;
960 		} else {
961 			ht->af = le16_get_bits(sta->deflink.he_6ghz_capa.capa,
962 					       IEEE80211_HE_6GHZ_CAP_MAX_AMPDU_LEN_EXP);
963 			ht->mm = le16_get_bits(sta->deflink.he_6ghz_capa.capa,
964 					       IEEE80211_HE_6GHZ_CAP_MIN_MPDU_START);
965 		}
966 
967 		ht->ht = true;
968 	}
969 
970 	if (sta->deflink.vht_cap.vht_supported || sta->deflink.he_6ghz_capa.capa) {
971 		struct wtbl_vht *vht;
972 		u8 af;
973 
974 		tlv = mt76_connac_mcu_add_nested_tlv(skb, WTBL_VHT,
975 						     sizeof(*vht), wtbl_tlv,
976 						     sta_wtbl);
977 		vht = (struct wtbl_vht *)tlv;
978 		vht->ldpc = vht_ldpc &&
979 			    !!(sta->deflink.vht_cap.cap & IEEE80211_VHT_CAP_RXLDPC);
980 		vht->vht = true;
981 
982 		af = FIELD_GET(IEEE80211_VHT_CAP_MAX_A_MPDU_LENGTH_EXPONENT_MASK,
983 			       sta->deflink.vht_cap.cap);
984 		if (ht)
985 			ht->af = max(ht->af, af);
986 	}
987 
988 	mt76_connac_mcu_wtbl_smps_tlv(skb, sta, sta_wtbl, wtbl_tlv);
989 
990 	if (is_connac_v1(dev) && sta->deflink.ht_cap.ht_supported) {
991 		/* sgi */
992 		u32 msk = MT_WTBL_W5_SHORT_GI_20 | MT_WTBL_W5_SHORT_GI_40 |
993 			  MT_WTBL_W5_SHORT_GI_80 | MT_WTBL_W5_SHORT_GI_160;
994 		struct wtbl_raw *raw;
995 
996 		tlv = mt76_connac_mcu_add_nested_tlv(skb, WTBL_RAW_DATA,
997 						     sizeof(*raw), wtbl_tlv,
998 						     sta_wtbl);
999 
1000 		if (sta->deflink.ht_cap.cap & IEEE80211_HT_CAP_SGI_20)
1001 			flags |= MT_WTBL_W5_SHORT_GI_20;
1002 		if (sta->deflink.ht_cap.cap & IEEE80211_HT_CAP_SGI_40)
1003 			flags |= MT_WTBL_W5_SHORT_GI_40;
1004 
1005 		if (sta->deflink.vht_cap.vht_supported) {
1006 			if (sta->deflink.vht_cap.cap & IEEE80211_VHT_CAP_SHORT_GI_80)
1007 				flags |= MT_WTBL_W5_SHORT_GI_80;
1008 			if (sta->deflink.vht_cap.cap & IEEE80211_VHT_CAP_SHORT_GI_160)
1009 				flags |= MT_WTBL_W5_SHORT_GI_160;
1010 		}
1011 		raw = (struct wtbl_raw *)tlv;
1012 		raw->val = cpu_to_le32(flags);
1013 		raw->msk = cpu_to_le32(~msk);
1014 		raw->wtbl_idx = 1;
1015 		raw->dw = 5;
1016 	}
1017 }
1018 EXPORT_SYMBOL_GPL(mt76_connac_mcu_wtbl_ht_tlv);
1019 
1020 int mt76_connac_mcu_sta_cmd(struct mt76_phy *phy,
1021 			    struct mt76_sta_cmd_info *info)
1022 {
1023 	struct mt76_vif *mvif = (struct mt76_vif *)info->vif->drv_priv;
1024 	struct mt76_dev *dev = phy->dev;
1025 	struct wtbl_req_hdr *wtbl_hdr;
1026 	struct tlv *sta_wtbl;
1027 	struct sk_buff *skb;
1028 
1029 	skb = mt76_connac_mcu_alloc_sta_req(dev, mvif, info->wcid);
1030 	if (IS_ERR(skb))
1031 		return PTR_ERR(skb);
1032 
1033 	if (info->sta || !info->offload_fw)
1034 		mt76_connac_mcu_sta_basic_tlv(dev, skb, info->vif, info->sta,
1035 					      info->enable, info->newly);
1036 	if (info->sta && info->enable)
1037 		mt76_connac_mcu_sta_tlv(phy, skb, info->sta,
1038 					info->vif, info->rcpi,
1039 					info->state);
1040 
1041 	sta_wtbl = mt76_connac_mcu_add_tlv(skb, STA_REC_WTBL,
1042 					   sizeof(struct tlv));
1043 
1044 	wtbl_hdr = mt76_connac_mcu_alloc_wtbl_req(dev, info->wcid,
1045 						  WTBL_RESET_AND_SET,
1046 						  sta_wtbl, &skb);
1047 	if (IS_ERR(wtbl_hdr))
1048 		return PTR_ERR(wtbl_hdr);
1049 
1050 	if (info->enable) {
1051 		mt76_connac_mcu_wtbl_generic_tlv(dev, skb, info->vif,
1052 						 info->sta, sta_wtbl,
1053 						 wtbl_hdr);
1054 		mt76_connac_mcu_wtbl_hdr_trans_tlv(skb, info->vif, info->wcid,
1055 						   sta_wtbl, wtbl_hdr);
1056 		if (info->sta)
1057 			mt76_connac_mcu_wtbl_ht_tlv(dev, skb, info->sta,
1058 						    sta_wtbl, wtbl_hdr,
1059 						    true, true);
1060 	}
1061 
1062 	return mt76_mcu_skb_send_msg(dev, skb, info->cmd, true);
1063 }
1064 EXPORT_SYMBOL_GPL(mt76_connac_mcu_sta_cmd);
1065 
1066 void mt76_connac_mcu_wtbl_ba_tlv(struct mt76_dev *dev, struct sk_buff *skb,
1067 				 struct ieee80211_ampdu_params *params,
1068 				 bool enable, bool tx, void *sta_wtbl,
1069 				 void *wtbl_tlv)
1070 {
1071 	struct wtbl_ba *ba;
1072 	struct tlv *tlv;
1073 
1074 	tlv = mt76_connac_mcu_add_nested_tlv(skb, WTBL_BA, sizeof(*ba),
1075 					     wtbl_tlv, sta_wtbl);
1076 
1077 	ba = (struct wtbl_ba *)tlv;
1078 	ba->tid = params->tid;
1079 
1080 	if (tx) {
1081 		ba->ba_type = MT_BA_TYPE_ORIGINATOR;
1082 		ba->sn = enable ? cpu_to_le16(params->ssn) : 0;
1083 		ba->ba_winsize = enable ? cpu_to_le16(params->buf_size) : 0;
1084 		ba->ba_en = enable;
1085 	} else {
1086 		memcpy(ba->peer_addr, params->sta->addr, ETH_ALEN);
1087 		ba->ba_type = MT_BA_TYPE_RECIPIENT;
1088 		ba->rst_ba_tid = params->tid;
1089 		ba->rst_ba_sel = RST_BA_MAC_TID_MATCH;
1090 		ba->rst_ba_sb = 1;
1091 	}
1092 
1093 	if (!is_connac_v1(dev)) {
1094 		ba->ba_winsize = enable ? cpu_to_le16(params->buf_size) : 0;
1095 		return;
1096 	}
1097 
1098 	if (enable && tx) {
1099 		static const u8 ba_range[] = { 4, 8, 12, 24, 36, 48, 54, 64 };
1100 		int i;
1101 
1102 		for (i = 7; i > 0; i--) {
1103 			if (params->buf_size >= ba_range[i])
1104 				break;
1105 		}
1106 		ba->ba_winsize_idx = i;
1107 	}
1108 }
1109 EXPORT_SYMBOL_GPL(mt76_connac_mcu_wtbl_ba_tlv);
1110 
1111 int mt76_connac_mcu_uni_add_dev(struct mt76_phy *phy,
1112 				struct ieee80211_vif *vif,
1113 				struct mt76_wcid *wcid,
1114 				bool enable)
1115 {
1116 	struct mt76_vif *mvif = (struct mt76_vif *)vif->drv_priv;
1117 	struct mt76_dev *dev = phy->dev;
1118 	struct {
1119 		struct {
1120 			u8 omac_idx;
1121 			u8 band_idx;
1122 			__le16 pad;
1123 		} __packed hdr;
1124 		struct req_tlv {
1125 			__le16 tag;
1126 			__le16 len;
1127 			u8 active;
1128 			u8 pad;
1129 			u8 omac_addr[ETH_ALEN];
1130 		} __packed tlv;
1131 	} dev_req = {
1132 		.hdr = {
1133 			.omac_idx = mvif->omac_idx,
1134 			.band_idx = mvif->band_idx,
1135 		},
1136 		.tlv = {
1137 			.tag = cpu_to_le16(DEV_INFO_ACTIVE),
1138 			.len = cpu_to_le16(sizeof(struct req_tlv)),
1139 			.active = enable,
1140 		},
1141 	};
1142 	struct {
1143 		struct {
1144 			u8 bss_idx;
1145 			u8 pad[3];
1146 		} __packed hdr;
1147 		struct mt76_connac_bss_basic_tlv basic;
1148 	} basic_req = {
1149 		.hdr = {
1150 			.bss_idx = mvif->idx,
1151 		},
1152 		.basic = {
1153 			.tag = cpu_to_le16(UNI_BSS_INFO_BASIC),
1154 			.len = cpu_to_le16(sizeof(struct mt76_connac_bss_basic_tlv)),
1155 			.omac_idx = mvif->omac_idx,
1156 			.band_idx = mvif->band_idx,
1157 			.wmm_idx = mvif->wmm_idx,
1158 			.active = enable,
1159 			.bmc_tx_wlan_idx = cpu_to_le16(wcid->idx),
1160 			.sta_idx = cpu_to_le16(wcid->idx),
1161 			.conn_state = 1,
1162 		},
1163 	};
1164 	int err, idx, cmd, len;
1165 	void *data;
1166 
1167 	switch (vif->type) {
1168 	case NL80211_IFTYPE_MESH_POINT:
1169 	case NL80211_IFTYPE_MONITOR:
1170 	case NL80211_IFTYPE_AP:
1171 		basic_req.basic.conn_type = cpu_to_le32(CONNECTION_INFRA_AP);
1172 		break;
1173 	case NL80211_IFTYPE_STATION:
1174 		basic_req.basic.conn_type = cpu_to_le32(CONNECTION_INFRA_STA);
1175 		break;
1176 	case NL80211_IFTYPE_ADHOC:
1177 		basic_req.basic.conn_type = cpu_to_le32(CONNECTION_IBSS_ADHOC);
1178 		break;
1179 	default:
1180 		WARN_ON(1);
1181 		break;
1182 	}
1183 
1184 	idx = mvif->omac_idx > EXT_BSSID_START ? HW_BSSID_0 : mvif->omac_idx;
1185 	basic_req.basic.hw_bss_idx = idx;
1186 
1187 	memcpy(dev_req.tlv.omac_addr, vif->addr, ETH_ALEN);
1188 
1189 	cmd = enable ? MCU_UNI_CMD(DEV_INFO_UPDATE) : MCU_UNI_CMD(BSS_INFO_UPDATE);
1190 	data = enable ? (void *)&dev_req : (void *)&basic_req;
1191 	len = enable ? sizeof(dev_req) : sizeof(basic_req);
1192 
1193 	err = mt76_mcu_send_msg(dev, cmd, data, len, true);
1194 	if (err < 0)
1195 		return err;
1196 
1197 	cmd = enable ? MCU_UNI_CMD(BSS_INFO_UPDATE) : MCU_UNI_CMD(DEV_INFO_UPDATE);
1198 	data = enable ? (void *)&basic_req : (void *)&dev_req;
1199 	len = enable ? sizeof(basic_req) : sizeof(dev_req);
1200 
1201 	return mt76_mcu_send_msg(dev, cmd, data, len, true);
1202 }
1203 EXPORT_SYMBOL_GPL(mt76_connac_mcu_uni_add_dev);
1204 
1205 void mt76_connac_mcu_sta_ba_tlv(struct sk_buff *skb,
1206 				struct ieee80211_ampdu_params *params,
1207 				bool enable, bool tx)
1208 {
1209 	struct sta_rec_ba *ba;
1210 	struct tlv *tlv;
1211 
1212 	tlv = mt76_connac_mcu_add_tlv(skb, STA_REC_BA, sizeof(*ba));
1213 
1214 	ba = (struct sta_rec_ba *)tlv;
1215 	ba->ba_type = tx ? MT_BA_TYPE_ORIGINATOR : MT_BA_TYPE_RECIPIENT;
1216 	ba->winsize = cpu_to_le16(params->buf_size);
1217 	ba->ssn = cpu_to_le16(params->ssn);
1218 	ba->ba_en = enable << params->tid;
1219 	ba->amsdu = params->amsdu;
1220 	ba->tid = params->tid;
1221 }
1222 EXPORT_SYMBOL_GPL(mt76_connac_mcu_sta_ba_tlv);
1223 
1224 int mt76_connac_mcu_sta_wed_update(struct mt76_dev *dev, struct sk_buff *skb)
1225 {
1226 	if (!mt76_is_mmio(dev))
1227 		return 0;
1228 
1229 	if (!mtk_wed_device_active(&dev->mmio.wed))
1230 		return 0;
1231 
1232 	return mtk_wed_device_update_msg(&dev->mmio.wed, WED_WO_STA_REC,
1233 					 skb->data, skb->len);
1234 }
1235 EXPORT_SYMBOL_GPL(mt76_connac_mcu_sta_wed_update);
1236 
1237 int mt76_connac_mcu_sta_ba(struct mt76_dev *dev, struct mt76_vif *mvif,
1238 			   struct ieee80211_ampdu_params *params,
1239 			   int cmd, bool enable, bool tx)
1240 {
1241 	struct mt76_wcid *wcid = (struct mt76_wcid *)params->sta->drv_priv;
1242 	struct wtbl_req_hdr *wtbl_hdr;
1243 	struct tlv *sta_wtbl;
1244 	struct sk_buff *skb;
1245 	int ret;
1246 
1247 	skb = mt76_connac_mcu_alloc_sta_req(dev, mvif, wcid);
1248 	if (IS_ERR(skb))
1249 		return PTR_ERR(skb);
1250 
1251 	sta_wtbl = mt76_connac_mcu_add_tlv(skb, STA_REC_WTBL,
1252 					   sizeof(struct tlv));
1253 
1254 	wtbl_hdr = mt76_connac_mcu_alloc_wtbl_req(dev, wcid, WTBL_SET,
1255 						  sta_wtbl, &skb);
1256 	if (IS_ERR(wtbl_hdr))
1257 		return PTR_ERR(wtbl_hdr);
1258 
1259 	mt76_connac_mcu_wtbl_ba_tlv(dev, skb, params, enable, tx, sta_wtbl,
1260 				    wtbl_hdr);
1261 
1262 	ret = mt76_connac_mcu_sta_wed_update(dev, skb);
1263 	if (ret)
1264 		return ret;
1265 
1266 	ret = mt76_mcu_skb_send_msg(dev, skb, cmd, true);
1267 	if (ret)
1268 		return ret;
1269 
1270 	skb = mt76_connac_mcu_alloc_sta_req(dev, mvif, wcid);
1271 	if (IS_ERR(skb))
1272 		return PTR_ERR(skb);
1273 
1274 	mt76_connac_mcu_sta_ba_tlv(skb, params, enable, tx);
1275 
1276 	ret = mt76_connac_mcu_sta_wed_update(dev, skb);
1277 	if (ret)
1278 		return ret;
1279 
1280 	return mt76_mcu_skb_send_msg(dev, skb, cmd, true);
1281 }
1282 EXPORT_SYMBOL_GPL(mt76_connac_mcu_sta_ba);
1283 
1284 u8 mt76_connac_get_phy_mode(struct mt76_phy *phy, struct ieee80211_vif *vif,
1285 			    enum nl80211_band band, struct ieee80211_sta *sta)
1286 {
1287 	struct mt76_dev *dev = phy->dev;
1288 	const struct ieee80211_sta_he_cap *he_cap;
1289 	struct ieee80211_sta_vht_cap *vht_cap;
1290 	struct ieee80211_sta_ht_cap *ht_cap;
1291 	u8 mode = 0;
1292 
1293 	if (is_connac_v1(dev))
1294 		return 0x38;
1295 
1296 	if (sta) {
1297 		ht_cap = &sta->deflink.ht_cap;
1298 		vht_cap = &sta->deflink.vht_cap;
1299 		he_cap = &sta->deflink.he_cap;
1300 	} else {
1301 		struct ieee80211_supported_band *sband;
1302 
1303 		sband = phy->hw->wiphy->bands[band];
1304 		ht_cap = &sband->ht_cap;
1305 		vht_cap = &sband->vht_cap;
1306 		he_cap = ieee80211_get_he_iftype_cap(sband, vif->type);
1307 	}
1308 
1309 	if (band == NL80211_BAND_2GHZ) {
1310 		mode |= PHY_MODE_B | PHY_MODE_G;
1311 
1312 		if (ht_cap->ht_supported)
1313 			mode |= PHY_MODE_GN;
1314 
1315 		if (he_cap && he_cap->has_he)
1316 			mode |= PHY_MODE_AX_24G;
1317 	} else if (band == NL80211_BAND_5GHZ) {
1318 		mode |= PHY_MODE_A;
1319 
1320 		if (ht_cap->ht_supported)
1321 			mode |= PHY_MODE_AN;
1322 
1323 		if (vht_cap->vht_supported)
1324 			mode |= PHY_MODE_AC;
1325 
1326 		if (he_cap && he_cap->has_he)
1327 			mode |= PHY_MODE_AX_5G;
1328 	} else if (band == NL80211_BAND_6GHZ) {
1329 		mode |= PHY_MODE_A | PHY_MODE_AN |
1330 			PHY_MODE_AC | PHY_MODE_AX_5G;
1331 	}
1332 
1333 	return mode;
1334 }
1335 EXPORT_SYMBOL_GPL(mt76_connac_get_phy_mode);
1336 
1337 u8 mt76_connac_get_phy_mode_ext(struct mt76_phy *phy, struct ieee80211_vif *vif,
1338 				enum nl80211_band band)
1339 {
1340 	const struct ieee80211_sta_eht_cap *eht_cap;
1341 	struct ieee80211_supported_band *sband;
1342 	u8 mode = 0;
1343 
1344 	if (band == NL80211_BAND_6GHZ)
1345 		mode |= PHY_MODE_AX_6G;
1346 
1347 	sband = phy->hw->wiphy->bands[band];
1348 	eht_cap = ieee80211_get_eht_iftype_cap(sband, vif->type);
1349 
1350 	if (!eht_cap || !eht_cap->has_eht || !vif->bss_conf.eht_support)
1351 		return mode;
1352 
1353 	switch (band) {
1354 	case NL80211_BAND_6GHZ:
1355 		mode |= PHY_MODE_BE_6G;
1356 		break;
1357 	case NL80211_BAND_5GHZ:
1358 		mode |= PHY_MODE_BE_5G;
1359 		break;
1360 	case NL80211_BAND_2GHZ:
1361 		mode |= PHY_MODE_BE_24G;
1362 		break;
1363 	default:
1364 		break;
1365 	}
1366 
1367 	return mode;
1368 }
1369 EXPORT_SYMBOL_GPL(mt76_connac_get_phy_mode_ext);
1370 
1371 const struct ieee80211_sta_he_cap *
1372 mt76_connac_get_he_phy_cap(struct mt76_phy *phy, struct ieee80211_vif *vif)
1373 {
1374 	struct mt76_vif *mvif = (struct mt76_vif *)vif->drv_priv;
1375 	struct cfg80211_chan_def *chandef = mvif->ctx ?
1376 					    &mvif->ctx->def : &phy->chandef;
1377 	enum nl80211_band band = chandef->chan->band;
1378 	struct ieee80211_supported_band *sband;
1379 
1380 	sband = phy->hw->wiphy->bands[band];
1381 
1382 	return ieee80211_get_he_iftype_cap(sband, vif->type);
1383 }
1384 EXPORT_SYMBOL_GPL(mt76_connac_get_he_phy_cap);
1385 
1386 const struct ieee80211_sta_eht_cap *
1387 mt76_connac_get_eht_phy_cap(struct mt76_phy *phy, struct ieee80211_vif *vif)
1388 {
1389 	enum nl80211_band band = phy->chandef.chan->band;
1390 	struct ieee80211_supported_band *sband;
1391 
1392 	sband = phy->hw->wiphy->bands[band];
1393 
1394 	return ieee80211_get_eht_iftype_cap(sband, vif->type);
1395 }
1396 EXPORT_SYMBOL_GPL(mt76_connac_get_eht_phy_cap);
1397 
1398 #define DEFAULT_HE_PE_DURATION		4
1399 #define DEFAULT_HE_DURATION_RTS_THRES	1023
1400 static void
1401 mt76_connac_mcu_uni_bss_he_tlv(struct mt76_phy *phy, struct ieee80211_vif *vif,
1402 			       struct tlv *tlv)
1403 {
1404 	const struct ieee80211_sta_he_cap *cap;
1405 	struct bss_info_uni_he *he;
1406 
1407 	cap = mt76_connac_get_he_phy_cap(phy, vif);
1408 
1409 	he = (struct bss_info_uni_he *)tlv;
1410 	he->he_pe_duration = vif->bss_conf.htc_trig_based_pkt_ext;
1411 	if (!he->he_pe_duration)
1412 		he->he_pe_duration = DEFAULT_HE_PE_DURATION;
1413 
1414 	he->he_rts_thres = cpu_to_le16(vif->bss_conf.frame_time_rts_th);
1415 	if (!he->he_rts_thres)
1416 		he->he_rts_thres = cpu_to_le16(DEFAULT_HE_DURATION_RTS_THRES);
1417 
1418 	he->max_nss_mcs[CMD_HE_MCS_BW80] = cap->he_mcs_nss_supp.tx_mcs_80;
1419 	he->max_nss_mcs[CMD_HE_MCS_BW160] = cap->he_mcs_nss_supp.tx_mcs_160;
1420 	he->max_nss_mcs[CMD_HE_MCS_BW8080] = cap->he_mcs_nss_supp.tx_mcs_80p80;
1421 }
1422 
1423 int mt76_connac_mcu_uni_set_chctx(struct mt76_phy *phy, struct mt76_vif *mvif,
1424 				  struct ieee80211_chanctx_conf *ctx)
1425 {
1426 	struct cfg80211_chan_def *chandef = ctx ? &ctx->def : &phy->chandef;
1427 	int freq1 = chandef->center_freq1, freq2 = chandef->center_freq2;
1428 	enum nl80211_band band = chandef->chan->band;
1429 	struct mt76_dev *mdev = phy->dev;
1430 	struct {
1431 		struct {
1432 			u8 bss_idx;
1433 			u8 pad[3];
1434 		} __packed hdr;
1435 		struct rlm_tlv {
1436 			__le16 tag;
1437 			__le16 len;
1438 			u8 control_channel;
1439 			u8 center_chan;
1440 			u8 center_chan2;
1441 			u8 bw;
1442 			u8 tx_streams;
1443 			u8 rx_streams;
1444 			u8 short_st;
1445 			u8 ht_op_info;
1446 			u8 sco;
1447 			u8 band;
1448 			u8 pad[2];
1449 		} __packed rlm;
1450 	} __packed rlm_req = {
1451 		.hdr = {
1452 			.bss_idx = mvif->idx,
1453 		},
1454 		.rlm = {
1455 			.tag = cpu_to_le16(UNI_BSS_INFO_RLM),
1456 			.len = cpu_to_le16(sizeof(struct rlm_tlv)),
1457 			.control_channel = chandef->chan->hw_value,
1458 			.center_chan = ieee80211_frequency_to_channel(freq1),
1459 			.center_chan2 = ieee80211_frequency_to_channel(freq2),
1460 			.tx_streams = hweight8(phy->antenna_mask),
1461 			.ht_op_info = 4, /* set HT 40M allowed */
1462 			.rx_streams = phy->chainmask,
1463 			.short_st = true,
1464 			.band = band,
1465 		},
1466 	};
1467 
1468 	switch (chandef->width) {
1469 	case NL80211_CHAN_WIDTH_40:
1470 		rlm_req.rlm.bw = CMD_CBW_40MHZ;
1471 		break;
1472 	case NL80211_CHAN_WIDTH_80:
1473 		rlm_req.rlm.bw = CMD_CBW_80MHZ;
1474 		break;
1475 	case NL80211_CHAN_WIDTH_80P80:
1476 		rlm_req.rlm.bw = CMD_CBW_8080MHZ;
1477 		break;
1478 	case NL80211_CHAN_WIDTH_160:
1479 		rlm_req.rlm.bw = CMD_CBW_160MHZ;
1480 		break;
1481 	case NL80211_CHAN_WIDTH_5:
1482 		rlm_req.rlm.bw = CMD_CBW_5MHZ;
1483 		break;
1484 	case NL80211_CHAN_WIDTH_10:
1485 		rlm_req.rlm.bw = CMD_CBW_10MHZ;
1486 		break;
1487 	case NL80211_CHAN_WIDTH_20_NOHT:
1488 	case NL80211_CHAN_WIDTH_20:
1489 	default:
1490 		rlm_req.rlm.bw = CMD_CBW_20MHZ;
1491 		rlm_req.rlm.ht_op_info = 0;
1492 		break;
1493 	}
1494 
1495 	if (rlm_req.rlm.control_channel < rlm_req.rlm.center_chan)
1496 		rlm_req.rlm.sco = 1; /* SCA */
1497 	else if (rlm_req.rlm.control_channel > rlm_req.rlm.center_chan)
1498 		rlm_req.rlm.sco = 3; /* SCB */
1499 
1500 	return mt76_mcu_send_msg(mdev, MCU_UNI_CMD(BSS_INFO_UPDATE), &rlm_req,
1501 				 sizeof(rlm_req), true);
1502 }
1503 EXPORT_SYMBOL_GPL(mt76_connac_mcu_uni_set_chctx);
1504 
1505 int mt76_connac_mcu_uni_add_bss(struct mt76_phy *phy,
1506 				struct ieee80211_vif *vif,
1507 				struct mt76_wcid *wcid,
1508 				bool enable,
1509 				struct ieee80211_chanctx_conf *ctx)
1510 {
1511 	struct mt76_vif *mvif = (struct mt76_vif *)vif->drv_priv;
1512 	struct cfg80211_chan_def *chandef = ctx ? &ctx->def : &phy->chandef;
1513 	enum nl80211_band band = chandef->chan->band;
1514 	struct mt76_dev *mdev = phy->dev;
1515 	struct {
1516 		struct {
1517 			u8 bss_idx;
1518 			u8 pad[3];
1519 		} __packed hdr;
1520 		struct mt76_connac_bss_basic_tlv basic;
1521 		struct mt76_connac_bss_qos_tlv qos;
1522 	} basic_req = {
1523 		.hdr = {
1524 			.bss_idx = mvif->idx,
1525 		},
1526 		.basic = {
1527 			.tag = cpu_to_le16(UNI_BSS_INFO_BASIC),
1528 			.len = cpu_to_le16(sizeof(struct mt76_connac_bss_basic_tlv)),
1529 			.bcn_interval = cpu_to_le16(vif->bss_conf.beacon_int),
1530 			.dtim_period = vif->bss_conf.dtim_period,
1531 			.omac_idx = mvif->omac_idx,
1532 			.band_idx = mvif->band_idx,
1533 			.wmm_idx = mvif->wmm_idx,
1534 			.active = true, /* keep bss deactivated */
1535 			.phymode = mt76_connac_get_phy_mode(phy, vif, band, NULL),
1536 		},
1537 		.qos = {
1538 			.tag = cpu_to_le16(UNI_BSS_INFO_QBSS),
1539 			.len = cpu_to_le16(sizeof(struct mt76_connac_bss_qos_tlv)),
1540 			.qos = vif->bss_conf.qos,
1541 		},
1542 	};
1543 	int err, conn_type;
1544 	u8 idx, basic_phy;
1545 
1546 	idx = mvif->omac_idx > EXT_BSSID_START ? HW_BSSID_0 : mvif->omac_idx;
1547 	basic_req.basic.hw_bss_idx = idx;
1548 	if (band == NL80211_BAND_6GHZ)
1549 		basic_req.basic.phymode_ext = PHY_MODE_AX_6G;
1550 
1551 	basic_phy = mt76_connac_get_phy_mode_v2(phy, vif, band, NULL);
1552 	basic_req.basic.nonht_basic_phy = cpu_to_le16(basic_phy);
1553 
1554 	switch (vif->type) {
1555 	case NL80211_IFTYPE_MESH_POINT:
1556 	case NL80211_IFTYPE_AP:
1557 		if (vif->p2p)
1558 			conn_type = CONNECTION_P2P_GO;
1559 		else
1560 			conn_type = CONNECTION_INFRA_AP;
1561 		basic_req.basic.conn_type = cpu_to_le32(conn_type);
1562 		/* Fully active/deactivate BSS network in AP mode only */
1563 		basic_req.basic.active = enable;
1564 		break;
1565 	case NL80211_IFTYPE_STATION:
1566 		if (vif->p2p)
1567 			conn_type = CONNECTION_P2P_GC;
1568 		else
1569 			conn_type = CONNECTION_INFRA_STA;
1570 		basic_req.basic.conn_type = cpu_to_le32(conn_type);
1571 		break;
1572 	case NL80211_IFTYPE_ADHOC:
1573 		basic_req.basic.conn_type = cpu_to_le32(CONNECTION_IBSS_ADHOC);
1574 		break;
1575 	default:
1576 		WARN_ON(1);
1577 		break;
1578 	}
1579 
1580 	memcpy(basic_req.basic.bssid, vif->bss_conf.bssid, ETH_ALEN);
1581 	basic_req.basic.bmc_tx_wlan_idx = cpu_to_le16(wcid->idx);
1582 	basic_req.basic.sta_idx = cpu_to_le16(wcid->idx);
1583 	basic_req.basic.conn_state = !enable;
1584 
1585 	err = mt76_mcu_send_msg(mdev, MCU_UNI_CMD(BSS_INFO_UPDATE), &basic_req,
1586 				sizeof(basic_req), true);
1587 	if (err < 0)
1588 		return err;
1589 
1590 	if (vif->bss_conf.he_support) {
1591 		struct {
1592 			struct {
1593 				u8 bss_idx;
1594 				u8 pad[3];
1595 			} __packed hdr;
1596 			struct bss_info_uni_he he;
1597 			struct bss_info_uni_bss_color bss_color;
1598 		} he_req = {
1599 			.hdr = {
1600 				.bss_idx = mvif->idx,
1601 			},
1602 			.he = {
1603 				.tag = cpu_to_le16(UNI_BSS_INFO_HE_BASIC),
1604 				.len = cpu_to_le16(sizeof(struct bss_info_uni_he)),
1605 			},
1606 			.bss_color = {
1607 				.tag = cpu_to_le16(UNI_BSS_INFO_BSS_COLOR),
1608 				.len = cpu_to_le16(sizeof(struct bss_info_uni_bss_color)),
1609 				.enable = 0,
1610 				.bss_color = 0,
1611 			},
1612 		};
1613 
1614 		if (enable) {
1615 			he_req.bss_color.enable =
1616 				vif->bss_conf.he_bss_color.enabled;
1617 			he_req.bss_color.bss_color =
1618 				vif->bss_conf.he_bss_color.color;
1619 		}
1620 
1621 		mt76_connac_mcu_uni_bss_he_tlv(phy, vif,
1622 					       (struct tlv *)&he_req.he);
1623 		err = mt76_mcu_send_msg(mdev, MCU_UNI_CMD(BSS_INFO_UPDATE),
1624 					&he_req, sizeof(he_req), true);
1625 		if (err < 0)
1626 			return err;
1627 	}
1628 
1629 	return mt76_connac_mcu_uni_set_chctx(phy, mvif, ctx);
1630 }
1631 EXPORT_SYMBOL_GPL(mt76_connac_mcu_uni_add_bss);
1632 
1633 #define MT76_CONNAC_SCAN_CHANNEL_TIME		60
1634 int mt76_connac_mcu_hw_scan(struct mt76_phy *phy, struct ieee80211_vif *vif,
1635 			    struct ieee80211_scan_request *scan_req)
1636 {
1637 	struct mt76_vif *mvif = (struct mt76_vif *)vif->drv_priv;
1638 	struct cfg80211_scan_request *sreq = &scan_req->req;
1639 	int n_ssids = 0, err, i, duration;
1640 	int ext_channels_num = max_t(int, sreq->n_channels - 32, 0);
1641 	struct ieee80211_channel **scan_list = sreq->channels;
1642 	struct mt76_dev *mdev = phy->dev;
1643 	struct mt76_connac_mcu_scan_channel *chan;
1644 	struct mt76_connac_hw_scan_req *req;
1645 	struct sk_buff *skb;
1646 
1647 	if (test_bit(MT76_HW_SCANNING, &phy->state))
1648 		return -EBUSY;
1649 
1650 	skb = mt76_mcu_msg_alloc(mdev, NULL, sizeof(*req));
1651 	if (!skb)
1652 		return -ENOMEM;
1653 
1654 	set_bit(MT76_HW_SCANNING, &phy->state);
1655 	mvif->scan_seq_num = (mvif->scan_seq_num + 1) & 0x7f;
1656 
1657 	req = (struct mt76_connac_hw_scan_req *)skb_put_zero(skb, sizeof(*req));
1658 
1659 	req->seq_num = mvif->scan_seq_num | mvif->band_idx << 7;
1660 	req->bss_idx = mvif->idx;
1661 	req->scan_type = sreq->n_ssids ? 1 : 0;
1662 	req->probe_req_num = sreq->n_ssids ? 2 : 0;
1663 	req->version = 1;
1664 
1665 	for (i = 0; i < sreq->n_ssids; i++) {
1666 		if (!sreq->ssids[i].ssid_len)
1667 			continue;
1668 
1669 		req->ssids[i].ssid_len = cpu_to_le32(sreq->ssids[i].ssid_len);
1670 		memcpy(req->ssids[i].ssid, sreq->ssids[i].ssid,
1671 		       sreq->ssids[i].ssid_len);
1672 		n_ssids++;
1673 	}
1674 	req->ssid_type = n_ssids ? BIT(2) : BIT(0);
1675 	req->ssid_type_ext = n_ssids ? BIT(0) : 0;
1676 	req->ssids_num = n_ssids;
1677 
1678 	duration = is_mt7921(phy->dev) ? 0 : MT76_CONNAC_SCAN_CHANNEL_TIME;
1679 	/* increase channel time for passive scan */
1680 	if (!sreq->n_ssids)
1681 		duration *= 2;
1682 	req->timeout_value = cpu_to_le16(sreq->n_channels * duration);
1683 	req->channel_min_dwell_time = cpu_to_le16(duration);
1684 	req->channel_dwell_time = cpu_to_le16(duration);
1685 
1686 	if (sreq->n_channels == 0 || sreq->n_channels > 64) {
1687 		req->channel_type = 0;
1688 		req->channels_num = 0;
1689 		req->ext_channels_num = 0;
1690 	} else {
1691 		req->channel_type = 4;
1692 		req->channels_num = min_t(u8, sreq->n_channels, 32);
1693 		req->ext_channels_num = min_t(u8, ext_channels_num, 32);
1694 	}
1695 
1696 	for (i = 0; i < req->channels_num + req->ext_channels_num; i++) {
1697 		if (i >= 32)
1698 			chan = &req->ext_channels[i - 32];
1699 		else
1700 			chan = &req->channels[i];
1701 
1702 		switch (scan_list[i]->band) {
1703 		case NL80211_BAND_2GHZ:
1704 			chan->band = 1;
1705 			break;
1706 		case NL80211_BAND_6GHZ:
1707 			chan->band = 3;
1708 			break;
1709 		default:
1710 			chan->band = 2;
1711 			break;
1712 		}
1713 		chan->channel_num = scan_list[i]->hw_value;
1714 	}
1715 
1716 	if (sreq->ie_len > 0) {
1717 		memcpy(req->ies, sreq->ie, sreq->ie_len);
1718 		req->ies_len = cpu_to_le16(sreq->ie_len);
1719 	}
1720 
1721 	if (is_mt7921(phy->dev))
1722 		req->scan_func |= SCAN_FUNC_SPLIT_SCAN;
1723 
1724 	memcpy(req->bssid, sreq->bssid, ETH_ALEN);
1725 	if (sreq->flags & NL80211_SCAN_FLAG_RANDOM_ADDR) {
1726 		get_random_mask_addr(req->random_mac, sreq->mac_addr,
1727 				     sreq->mac_addr_mask);
1728 		req->scan_func |= SCAN_FUNC_RANDOM_MAC;
1729 	}
1730 
1731 	err = mt76_mcu_skb_send_msg(mdev, skb, MCU_CE_CMD(START_HW_SCAN),
1732 				    false);
1733 	if (err < 0)
1734 		clear_bit(MT76_HW_SCANNING, &phy->state);
1735 
1736 	return err;
1737 }
1738 EXPORT_SYMBOL_GPL(mt76_connac_mcu_hw_scan);
1739 
1740 int mt76_connac_mcu_cancel_hw_scan(struct mt76_phy *phy,
1741 				   struct ieee80211_vif *vif)
1742 {
1743 	struct mt76_vif *mvif = (struct mt76_vif *)vif->drv_priv;
1744 	struct {
1745 		u8 seq_num;
1746 		u8 is_ext_channel;
1747 		u8 rsv[2];
1748 	} __packed req = {
1749 		.seq_num = mvif->scan_seq_num,
1750 	};
1751 
1752 	if (test_and_clear_bit(MT76_HW_SCANNING, &phy->state)) {
1753 		struct cfg80211_scan_info info = {
1754 			.aborted = true,
1755 		};
1756 
1757 		ieee80211_scan_completed(phy->hw, &info);
1758 	}
1759 
1760 	return mt76_mcu_send_msg(phy->dev, MCU_CE_CMD(CANCEL_HW_SCAN),
1761 				 &req, sizeof(req), false);
1762 }
1763 EXPORT_SYMBOL_GPL(mt76_connac_mcu_cancel_hw_scan);
1764 
1765 int mt76_connac_mcu_sched_scan_req(struct mt76_phy *phy,
1766 				   struct ieee80211_vif *vif,
1767 				   struct cfg80211_sched_scan_request *sreq)
1768 {
1769 	struct mt76_vif *mvif = (struct mt76_vif *)vif->drv_priv;
1770 	struct ieee80211_channel **scan_list = sreq->channels;
1771 	struct mt76_connac_mcu_scan_channel *chan;
1772 	struct mt76_connac_sched_scan_req *req;
1773 	struct mt76_dev *mdev = phy->dev;
1774 	struct cfg80211_match_set *match;
1775 	struct cfg80211_ssid *ssid;
1776 	struct sk_buff *skb;
1777 	int i;
1778 
1779 	skb = mt76_mcu_msg_alloc(mdev, NULL, sizeof(*req) + sreq->ie_len);
1780 	if (!skb)
1781 		return -ENOMEM;
1782 
1783 	mvif->scan_seq_num = (mvif->scan_seq_num + 1) & 0x7f;
1784 
1785 	req = (struct mt76_connac_sched_scan_req *)skb_put_zero(skb, sizeof(*req));
1786 	req->version = 1;
1787 	req->seq_num = mvif->scan_seq_num | mvif->band_idx << 7;
1788 
1789 	if (sreq->flags & NL80211_SCAN_FLAG_RANDOM_ADDR) {
1790 		u8 *addr = is_mt7663(phy->dev) ? req->mt7663.random_mac
1791 					       : req->mt7921.random_mac;
1792 
1793 		req->scan_func = 1;
1794 		get_random_mask_addr(addr, sreq->mac_addr,
1795 				     sreq->mac_addr_mask);
1796 	}
1797 	if (is_mt7921(phy->dev)) {
1798 		req->mt7921.bss_idx = mvif->idx;
1799 		req->mt7921.delay = cpu_to_le32(sreq->delay);
1800 	}
1801 
1802 	req->ssids_num = sreq->n_ssids;
1803 	for (i = 0; i < req->ssids_num; i++) {
1804 		ssid = &sreq->ssids[i];
1805 		memcpy(req->ssids[i].ssid, ssid->ssid, ssid->ssid_len);
1806 		req->ssids[i].ssid_len = cpu_to_le32(ssid->ssid_len);
1807 	}
1808 
1809 	req->match_num = sreq->n_match_sets;
1810 	for (i = 0; i < req->match_num; i++) {
1811 		match = &sreq->match_sets[i];
1812 		memcpy(req->match[i].ssid, match->ssid.ssid,
1813 		       match->ssid.ssid_len);
1814 		req->match[i].rssi_th = cpu_to_le32(match->rssi_thold);
1815 		req->match[i].ssid_len = match->ssid.ssid_len;
1816 	}
1817 
1818 	req->channel_type = sreq->n_channels ? 4 : 0;
1819 	req->channels_num = min_t(u8, sreq->n_channels, 64);
1820 	for (i = 0; i < req->channels_num; i++) {
1821 		chan = &req->channels[i];
1822 
1823 		switch (scan_list[i]->band) {
1824 		case NL80211_BAND_2GHZ:
1825 			chan->band = 1;
1826 			break;
1827 		case NL80211_BAND_6GHZ:
1828 			chan->band = 3;
1829 			break;
1830 		default:
1831 			chan->band = 2;
1832 			break;
1833 		}
1834 		chan->channel_num = scan_list[i]->hw_value;
1835 	}
1836 
1837 	req->intervals_num = sreq->n_scan_plans;
1838 	for (i = 0; i < req->intervals_num; i++)
1839 		req->intervals[i] = cpu_to_le16(sreq->scan_plans[i].interval);
1840 
1841 	if (sreq->ie_len > 0) {
1842 		req->ie_len = cpu_to_le16(sreq->ie_len);
1843 		memcpy(skb_put(skb, sreq->ie_len), sreq->ie, sreq->ie_len);
1844 	}
1845 
1846 	return mt76_mcu_skb_send_msg(mdev, skb, MCU_CE_CMD(SCHED_SCAN_REQ),
1847 				     false);
1848 }
1849 EXPORT_SYMBOL_GPL(mt76_connac_mcu_sched_scan_req);
1850 
1851 int mt76_connac_mcu_sched_scan_enable(struct mt76_phy *phy,
1852 				      struct ieee80211_vif *vif,
1853 				      bool enable)
1854 {
1855 	struct {
1856 		u8 active; /* 0: enabled 1: disabled */
1857 		u8 rsv[3];
1858 	} __packed req = {
1859 		.active = !enable,
1860 	};
1861 
1862 	if (enable)
1863 		set_bit(MT76_HW_SCHED_SCANNING, &phy->state);
1864 	else
1865 		clear_bit(MT76_HW_SCHED_SCANNING, &phy->state);
1866 
1867 	return mt76_mcu_send_msg(phy->dev, MCU_CE_CMD(SCHED_SCAN_ENABLE),
1868 				 &req, sizeof(req), false);
1869 }
1870 EXPORT_SYMBOL_GPL(mt76_connac_mcu_sched_scan_enable);
1871 
1872 int mt76_connac_mcu_chip_config(struct mt76_dev *dev)
1873 {
1874 	struct mt76_connac_config req = {
1875 		.resp_type = 0,
1876 	};
1877 
1878 	memcpy(req.data, "assert", 7);
1879 
1880 	return mt76_mcu_send_msg(dev, MCU_CE_CMD(CHIP_CONFIG),
1881 				 &req, sizeof(req), false);
1882 }
1883 EXPORT_SYMBOL_GPL(mt76_connac_mcu_chip_config);
1884 
1885 int mt76_connac_mcu_set_deep_sleep(struct mt76_dev *dev, bool enable)
1886 {
1887 	struct mt76_connac_config req = {
1888 		.resp_type = 0,
1889 	};
1890 
1891 	snprintf(req.data, sizeof(req.data), "KeepFullPwr %d", !enable);
1892 
1893 	return mt76_mcu_send_msg(dev, MCU_CE_CMD(CHIP_CONFIG),
1894 				 &req, sizeof(req), false);
1895 }
1896 EXPORT_SYMBOL_GPL(mt76_connac_mcu_set_deep_sleep);
1897 
1898 int mt76_connac_sta_state_dp(struct mt76_dev *dev,
1899 			     enum ieee80211_sta_state old_state,
1900 			     enum ieee80211_sta_state new_state)
1901 {
1902 	if ((old_state == IEEE80211_STA_ASSOC &&
1903 	     new_state == IEEE80211_STA_AUTHORIZED) ||
1904 	    (old_state == IEEE80211_STA_NONE &&
1905 	     new_state == IEEE80211_STA_NOTEXIST))
1906 		mt76_connac_mcu_set_deep_sleep(dev, true);
1907 
1908 	if ((old_state == IEEE80211_STA_NOTEXIST &&
1909 	     new_state == IEEE80211_STA_NONE) ||
1910 	    (old_state == IEEE80211_STA_AUTHORIZED &&
1911 	     new_state == IEEE80211_STA_ASSOC))
1912 		mt76_connac_mcu_set_deep_sleep(dev, false);
1913 
1914 	return 0;
1915 }
1916 EXPORT_SYMBOL_GPL(mt76_connac_sta_state_dp);
1917 
1918 void mt76_connac_mcu_coredump_event(struct mt76_dev *dev, struct sk_buff *skb,
1919 				    struct mt76_connac_coredump *coredump)
1920 {
1921 	spin_lock_bh(&dev->lock);
1922 	__skb_queue_tail(&coredump->msg_list, skb);
1923 	spin_unlock_bh(&dev->lock);
1924 
1925 	coredump->last_activity = jiffies;
1926 
1927 	queue_delayed_work(dev->wq, &coredump->work,
1928 			   MT76_CONNAC_COREDUMP_TIMEOUT);
1929 }
1930 EXPORT_SYMBOL_GPL(mt76_connac_mcu_coredump_event);
1931 
1932 static void mt76_connac_mcu_parse_tx_resource(struct mt76_dev *dev,
1933 					      struct sk_buff *skb)
1934 {
1935 	struct mt76_sdio *sdio = &dev->sdio;
1936 	struct mt76_connac_tx_resource {
1937 		__le32 version;
1938 		__le32 pse_data_quota;
1939 		__le32 pse_mcu_quota;
1940 		__le32 ple_data_quota;
1941 		__le32 ple_mcu_quota;
1942 		__le16 pse_page_size;
1943 		__le16 ple_page_size;
1944 		u8 pp_padding;
1945 		u8 pad[3];
1946 	} __packed * tx_res;
1947 
1948 	tx_res = (struct mt76_connac_tx_resource *)skb->data;
1949 	sdio->sched.pse_data_quota = le32_to_cpu(tx_res->pse_data_quota);
1950 	sdio->sched.pse_mcu_quota = le32_to_cpu(tx_res->pse_mcu_quota);
1951 	sdio->sched.ple_data_quota = le32_to_cpu(tx_res->ple_data_quota);
1952 	sdio->sched.pse_page_size = le16_to_cpu(tx_res->pse_page_size);
1953 	sdio->sched.deficit = tx_res->pp_padding;
1954 }
1955 
1956 static void mt76_connac_mcu_parse_phy_cap(struct mt76_dev *dev,
1957 					  struct sk_buff *skb)
1958 {
1959 	struct mt76_connac_phy_cap {
1960 		u8 ht;
1961 		u8 vht;
1962 		u8 _5g;
1963 		u8 max_bw;
1964 		u8 nss;
1965 		u8 dbdc;
1966 		u8 tx_ldpc;
1967 		u8 rx_ldpc;
1968 		u8 tx_stbc;
1969 		u8 rx_stbc;
1970 		u8 hw_path;
1971 		u8 he;
1972 	} __packed * cap;
1973 
1974 	enum {
1975 		WF0_24G,
1976 		WF0_5G
1977 	};
1978 
1979 	cap = (struct mt76_connac_phy_cap *)skb->data;
1980 
1981 	dev->phy.antenna_mask = BIT(cap->nss) - 1;
1982 	dev->phy.chainmask = dev->phy.antenna_mask;
1983 	dev->phy.cap.has_2ghz = cap->hw_path & BIT(WF0_24G);
1984 	dev->phy.cap.has_5ghz = cap->hw_path & BIT(WF0_5G);
1985 }
1986 
1987 int mt76_connac_mcu_get_nic_capability(struct mt76_phy *phy)
1988 {
1989 	struct mt76_connac_cap_hdr {
1990 		__le16 n_element;
1991 		u8 rsv[2];
1992 	} __packed * hdr;
1993 	struct sk_buff *skb;
1994 	int ret, i;
1995 
1996 	ret = mt76_mcu_send_and_get_msg(phy->dev, MCU_CE_CMD(GET_NIC_CAPAB),
1997 					NULL, 0, true, &skb);
1998 	if (ret)
1999 		return ret;
2000 
2001 	hdr = (struct mt76_connac_cap_hdr *)skb->data;
2002 	if (skb->len < sizeof(*hdr)) {
2003 		ret = -EINVAL;
2004 		goto out;
2005 	}
2006 
2007 	skb_pull(skb, sizeof(*hdr));
2008 
2009 	for (i = 0; i < le16_to_cpu(hdr->n_element); i++) {
2010 		struct tlv_hdr {
2011 			__le32 type;
2012 			__le32 len;
2013 		} __packed * tlv = (struct tlv_hdr *)skb->data;
2014 		int len;
2015 
2016 		if (skb->len < sizeof(*tlv))
2017 			break;
2018 
2019 		skb_pull(skb, sizeof(*tlv));
2020 
2021 		len = le32_to_cpu(tlv->len);
2022 		if (skb->len < len)
2023 			break;
2024 
2025 		switch (le32_to_cpu(tlv->type)) {
2026 		case MT_NIC_CAP_6G:
2027 			phy->cap.has_6ghz = skb->data[0];
2028 			break;
2029 		case MT_NIC_CAP_MAC_ADDR:
2030 			memcpy(phy->macaddr, (void *)skb->data, ETH_ALEN);
2031 			break;
2032 		case MT_NIC_CAP_PHY:
2033 			mt76_connac_mcu_parse_phy_cap(phy->dev, skb);
2034 			break;
2035 		case MT_NIC_CAP_TX_RESOURCE:
2036 			if (mt76_is_sdio(phy->dev))
2037 				mt76_connac_mcu_parse_tx_resource(phy->dev,
2038 								  skb);
2039 			break;
2040 		default:
2041 			break;
2042 		}
2043 		skb_pull(skb, len);
2044 	}
2045 out:
2046 	dev_kfree_skb(skb);
2047 
2048 	return ret;
2049 }
2050 EXPORT_SYMBOL_GPL(mt76_connac_mcu_get_nic_capability);
2051 
2052 static void
2053 mt76_connac_mcu_build_sku(struct mt76_dev *dev, s8 *sku,
2054 			  struct mt76_power_limits *limits,
2055 			  enum nl80211_band band)
2056 {
2057 	int max_power = is_mt7921(dev) ? 127 : 63;
2058 	int i, offset = sizeof(limits->cck);
2059 
2060 	memset(sku, max_power, MT_SKU_POWER_LIMIT);
2061 
2062 	if (band == NL80211_BAND_2GHZ) {
2063 		/* cck */
2064 		memcpy(sku, limits->cck, sizeof(limits->cck));
2065 	}
2066 
2067 	/* ofdm */
2068 	memcpy(&sku[offset], limits->ofdm, sizeof(limits->ofdm));
2069 	offset += sizeof(limits->ofdm);
2070 
2071 	/* ht */
2072 	for (i = 0; i < 2; i++) {
2073 		memcpy(&sku[offset], limits->mcs[i], 8);
2074 		offset += 8;
2075 	}
2076 	sku[offset++] = limits->mcs[0][0];
2077 
2078 	/* vht */
2079 	for (i = 0; i < ARRAY_SIZE(limits->mcs); i++) {
2080 		memcpy(&sku[offset], limits->mcs[i],
2081 		       ARRAY_SIZE(limits->mcs[i]));
2082 		offset += 12;
2083 	}
2084 
2085 	if (!is_mt7921(dev))
2086 		return;
2087 
2088 	/* he */
2089 	for (i = 0; i < ARRAY_SIZE(limits->ru); i++) {
2090 		memcpy(&sku[offset], limits->ru[i], ARRAY_SIZE(limits->ru[i]));
2091 		offset += ARRAY_SIZE(limits->ru[i]);
2092 	}
2093 }
2094 
2095 static s8 mt76_connac_get_ch_power(struct mt76_phy *phy,
2096 				   struct ieee80211_channel *chan,
2097 				   s8 target_power)
2098 {
2099 	struct mt76_dev *dev = phy->dev;
2100 	struct ieee80211_supported_band *sband;
2101 	int i;
2102 
2103 	switch (chan->band) {
2104 	case NL80211_BAND_2GHZ:
2105 		sband = &phy->sband_2g.sband;
2106 		break;
2107 	case NL80211_BAND_5GHZ:
2108 		sband = &phy->sband_5g.sband;
2109 		break;
2110 	case NL80211_BAND_6GHZ:
2111 		sband = &phy->sband_6g.sband;
2112 		break;
2113 	default:
2114 		return target_power;
2115 	}
2116 
2117 	for (i = 0; i < sband->n_channels; i++) {
2118 		struct ieee80211_channel *ch = &sband->channels[i];
2119 
2120 		if (ch->hw_value == chan->hw_value) {
2121 			if (!(ch->flags & IEEE80211_CHAN_DISABLED)) {
2122 				int power = 2 * ch->max_reg_power;
2123 
2124 				if (is_mt7663(dev) && (power > 63 || power < -64))
2125 					power = 63;
2126 				target_power = min_t(s8, power, target_power);
2127 			}
2128 			break;
2129 		}
2130 	}
2131 
2132 	return target_power;
2133 }
2134 
2135 static int
2136 mt76_connac_mcu_rate_txpower_band(struct mt76_phy *phy,
2137 				  enum nl80211_band band)
2138 {
2139 	struct mt76_dev *dev = phy->dev;
2140 	int sku_len, batch_len = is_mt7921(dev) ? 8 : 16;
2141 	static const u8 chan_list_2ghz[] = {
2142 		1, 2,  3,  4,  5,  6,  7,
2143 		8, 9, 10, 11, 12, 13, 14
2144 	};
2145 	static const u8 chan_list_5ghz[] = {
2146 		 36,  38,  40,  42,  44,  46,  48,
2147 		 50,  52,  54,  56,  58,  60,  62,
2148 		 64, 100, 102, 104, 106, 108, 110,
2149 		112, 114, 116, 118, 120, 122, 124,
2150 		126, 128, 132, 134, 136, 138, 140,
2151 		142, 144, 149, 151, 153, 155, 157,
2152 		159, 161, 165
2153 	};
2154 	static const u8 chan_list_6ghz[] = {
2155 		  1,   3,   5,   7,   9,  11,  13,
2156 		 15,  17,  19,  21,  23,  25,  27,
2157 		 29,  33,  35,  37,  39,  41,  43,
2158 		 45,  47,  49,  51,  53,  55,  57,
2159 		 59,  61,  65,  67,  69,  71,  73,
2160 		 75,  77,  79,  81,  83,  85,  87,
2161 		 89,  91,  93,  97,  99, 101, 103,
2162 		105, 107, 109, 111, 113, 115, 117,
2163 		119, 121, 123, 125, 129, 131, 133,
2164 		135, 137, 139, 141, 143, 145, 147,
2165 		149, 151, 153, 155, 157, 161, 163,
2166 		165, 167, 169, 171, 173, 175, 177,
2167 		179, 181, 183, 185, 187, 189, 193,
2168 		195, 197, 199, 201, 203, 205, 207,
2169 		209, 211, 213, 215, 217, 219, 221,
2170 		225, 227, 229, 233
2171 	};
2172 	int i, n_chan, batch_size, idx = 0, tx_power, last_ch;
2173 	struct mt76_connac_sku_tlv sku_tlbv;
2174 	struct mt76_power_limits limits;
2175 	const u8 *ch_list;
2176 
2177 	sku_len = is_mt7921(dev) ? sizeof(sku_tlbv) : sizeof(sku_tlbv) - 92;
2178 	tx_power = 2 * phy->hw->conf.power_level;
2179 	if (!tx_power)
2180 		tx_power = 127;
2181 
2182 	if (band == NL80211_BAND_2GHZ) {
2183 		n_chan = ARRAY_SIZE(chan_list_2ghz);
2184 		ch_list = chan_list_2ghz;
2185 	} else if (band == NL80211_BAND_6GHZ) {
2186 		n_chan = ARRAY_SIZE(chan_list_6ghz);
2187 		ch_list = chan_list_6ghz;
2188 	} else {
2189 		n_chan = ARRAY_SIZE(chan_list_5ghz);
2190 		ch_list = chan_list_5ghz;
2191 	}
2192 	batch_size = DIV_ROUND_UP(n_chan, batch_len);
2193 
2194 	if (phy->cap.has_6ghz)
2195 		last_ch = chan_list_6ghz[ARRAY_SIZE(chan_list_6ghz) - 1];
2196 	else if (phy->cap.has_5ghz)
2197 		last_ch = chan_list_5ghz[ARRAY_SIZE(chan_list_5ghz) - 1];
2198 	else
2199 		last_ch = chan_list_2ghz[ARRAY_SIZE(chan_list_2ghz) - 1];
2200 
2201 	for (i = 0; i < batch_size; i++) {
2202 		struct mt76_connac_tx_power_limit_tlv tx_power_tlv = {};
2203 		int j, err, msg_len, num_ch;
2204 		struct sk_buff *skb;
2205 
2206 		num_ch = i == batch_size - 1 ? n_chan % batch_len : batch_len;
2207 		msg_len = sizeof(tx_power_tlv) + num_ch * sizeof(sku_tlbv);
2208 		skb = mt76_mcu_msg_alloc(dev, NULL, msg_len);
2209 		if (!skb)
2210 			return -ENOMEM;
2211 
2212 		skb_reserve(skb, sizeof(tx_power_tlv));
2213 
2214 		BUILD_BUG_ON(sizeof(dev->alpha2) > sizeof(tx_power_tlv.alpha2));
2215 		memcpy(tx_power_tlv.alpha2, dev->alpha2, sizeof(dev->alpha2));
2216 		tx_power_tlv.n_chan = num_ch;
2217 
2218 		switch (band) {
2219 		case NL80211_BAND_2GHZ:
2220 			tx_power_tlv.band = 1;
2221 			break;
2222 		case NL80211_BAND_6GHZ:
2223 			tx_power_tlv.band = 3;
2224 			break;
2225 		default:
2226 			tx_power_tlv.band = 2;
2227 			break;
2228 		}
2229 
2230 		for (j = 0; j < num_ch; j++, idx++) {
2231 			struct ieee80211_channel chan = {
2232 				.hw_value = ch_list[idx],
2233 				.band = band,
2234 			};
2235 			s8 reg_power, sar_power;
2236 
2237 			reg_power = mt76_connac_get_ch_power(phy, &chan,
2238 							     tx_power);
2239 			sar_power = mt76_get_sar_power(phy, &chan, reg_power);
2240 
2241 			mt76_get_rate_power_limits(phy, &chan, &limits,
2242 						   sar_power);
2243 
2244 			tx_power_tlv.last_msg = ch_list[idx] == last_ch;
2245 			sku_tlbv.channel = ch_list[idx];
2246 
2247 			mt76_connac_mcu_build_sku(dev, sku_tlbv.pwr_limit,
2248 						  &limits, band);
2249 			skb_put_data(skb, &sku_tlbv, sku_len);
2250 		}
2251 		__skb_push(skb, sizeof(tx_power_tlv));
2252 		memcpy(skb->data, &tx_power_tlv, sizeof(tx_power_tlv));
2253 
2254 		err = mt76_mcu_skb_send_msg(dev, skb,
2255 					    MCU_CE_CMD(SET_RATE_TX_POWER),
2256 					    false);
2257 		if (err < 0)
2258 			return err;
2259 	}
2260 
2261 	return 0;
2262 }
2263 
2264 int mt76_connac_mcu_set_rate_txpower(struct mt76_phy *phy)
2265 {
2266 	int err;
2267 
2268 	if (phy->cap.has_2ghz) {
2269 		err = mt76_connac_mcu_rate_txpower_band(phy,
2270 							NL80211_BAND_2GHZ);
2271 		if (err < 0)
2272 			return err;
2273 	}
2274 	if (phy->cap.has_5ghz) {
2275 		err = mt76_connac_mcu_rate_txpower_band(phy,
2276 							NL80211_BAND_5GHZ);
2277 		if (err < 0)
2278 			return err;
2279 	}
2280 	if (phy->cap.has_6ghz) {
2281 		err = mt76_connac_mcu_rate_txpower_band(phy,
2282 							NL80211_BAND_6GHZ);
2283 		if (err < 0)
2284 			return err;
2285 	}
2286 
2287 	return 0;
2288 }
2289 EXPORT_SYMBOL_GPL(mt76_connac_mcu_set_rate_txpower);
2290 
2291 int mt76_connac_mcu_update_arp_filter(struct mt76_dev *dev,
2292 				      struct mt76_vif *vif,
2293 				      struct ieee80211_bss_conf *info)
2294 {
2295 	struct ieee80211_vif *mvif = container_of(info, struct ieee80211_vif,
2296 						  bss_conf);
2297 	struct sk_buff *skb;
2298 	int i, len = min_t(int, mvif->cfg.arp_addr_cnt,
2299 			   IEEE80211_BSS_ARP_ADDR_LIST_LEN);
2300 	struct {
2301 		struct {
2302 			u8 bss_idx;
2303 			u8 pad[3];
2304 		} __packed hdr;
2305 		struct mt76_connac_arpns_tlv arp;
2306 	} req_hdr = {
2307 		.hdr = {
2308 			.bss_idx = vif->idx,
2309 		},
2310 		.arp = {
2311 			.tag = cpu_to_le16(UNI_OFFLOAD_OFFLOAD_ARP),
2312 			.len = cpu_to_le16(sizeof(struct mt76_connac_arpns_tlv)),
2313 			.ips_num = len,
2314 			.mode = 2,  /* update */
2315 			.option = 1,
2316 		},
2317 	};
2318 
2319 	skb = mt76_mcu_msg_alloc(dev, NULL,
2320 				 sizeof(req_hdr) + len * sizeof(__be32));
2321 	if (!skb)
2322 		return -ENOMEM;
2323 
2324 	skb_put_data(skb, &req_hdr, sizeof(req_hdr));
2325 	for (i = 0; i < len; i++)
2326 		skb_put_data(skb, &mvif->cfg.arp_addr_list[i], sizeof(__be32));
2327 
2328 	return mt76_mcu_skb_send_msg(dev, skb, MCU_UNI_CMD(OFFLOAD), true);
2329 }
2330 EXPORT_SYMBOL_GPL(mt76_connac_mcu_update_arp_filter);
2331 
2332 int mt76_connac_mcu_set_p2p_oppps(struct ieee80211_hw *hw,
2333 				  struct ieee80211_vif *vif)
2334 {
2335 	struct mt76_vif *mvif = (struct mt76_vif *)vif->drv_priv;
2336 	int ct_window = vif->bss_conf.p2p_noa_attr.oppps_ctwindow;
2337 	struct mt76_phy *phy = hw->priv;
2338 	struct {
2339 		__le32 ct_win;
2340 		u8 bss_idx;
2341 		u8 rsv[3];
2342 	} __packed req = {
2343 		.ct_win = cpu_to_le32(ct_window),
2344 		.bss_idx = mvif->idx,
2345 	};
2346 
2347 	return mt76_mcu_send_msg(phy->dev, MCU_CE_CMD(SET_P2P_OPPPS),
2348 				 &req, sizeof(req), false);
2349 }
2350 EXPORT_SYMBOL_GPL(mt76_connac_mcu_set_p2p_oppps);
2351 
2352 #ifdef CONFIG_PM
2353 
2354 const struct wiphy_wowlan_support mt76_connac_wowlan_support = {
2355 	.flags = WIPHY_WOWLAN_MAGIC_PKT | WIPHY_WOWLAN_DISCONNECT |
2356 		 WIPHY_WOWLAN_SUPPORTS_GTK_REKEY | WIPHY_WOWLAN_NET_DETECT,
2357 	.n_patterns = 1,
2358 	.pattern_min_len = 1,
2359 	.pattern_max_len = MT76_CONNAC_WOW_PATTEN_MAX_LEN,
2360 	.max_nd_match_sets = 10,
2361 };
2362 EXPORT_SYMBOL_GPL(mt76_connac_wowlan_support);
2363 
2364 static void
2365 mt76_connac_mcu_key_iter(struct ieee80211_hw *hw,
2366 			 struct ieee80211_vif *vif,
2367 			 struct ieee80211_sta *sta,
2368 			 struct ieee80211_key_conf *key,
2369 			 void *data)
2370 {
2371 	struct mt76_connac_gtk_rekey_tlv *gtk_tlv = data;
2372 	u32 cipher;
2373 
2374 	if (key->cipher != WLAN_CIPHER_SUITE_AES_CMAC &&
2375 	    key->cipher != WLAN_CIPHER_SUITE_CCMP &&
2376 	    key->cipher != WLAN_CIPHER_SUITE_TKIP)
2377 		return;
2378 
2379 	if (key->cipher == WLAN_CIPHER_SUITE_TKIP)
2380 		cipher = BIT(3);
2381 	else
2382 		cipher = BIT(4);
2383 
2384 	/* we are assuming here to have a single pairwise key */
2385 	if (key->flags & IEEE80211_KEY_FLAG_PAIRWISE) {
2386 		if (key->cipher == WLAN_CIPHER_SUITE_TKIP)
2387 			gtk_tlv->proto = cpu_to_le32(NL80211_WPA_VERSION_1);
2388 		else
2389 			gtk_tlv->proto = cpu_to_le32(NL80211_WPA_VERSION_2);
2390 
2391 		gtk_tlv->pairwise_cipher = cpu_to_le32(cipher);
2392 		gtk_tlv->keyid = key->keyidx;
2393 	} else {
2394 		gtk_tlv->group_cipher = cpu_to_le32(cipher);
2395 	}
2396 }
2397 
2398 int mt76_connac_mcu_update_gtk_rekey(struct ieee80211_hw *hw,
2399 				     struct ieee80211_vif *vif,
2400 				     struct cfg80211_gtk_rekey_data *key)
2401 {
2402 	struct mt76_vif *mvif = (struct mt76_vif *)vif->drv_priv;
2403 	struct mt76_connac_gtk_rekey_tlv *gtk_tlv;
2404 	struct mt76_phy *phy = hw->priv;
2405 	struct sk_buff *skb;
2406 	struct {
2407 		u8 bss_idx;
2408 		u8 pad[3];
2409 	} __packed hdr = {
2410 		.bss_idx = mvif->idx,
2411 	};
2412 
2413 	skb = mt76_mcu_msg_alloc(phy->dev, NULL,
2414 				 sizeof(hdr) + sizeof(*gtk_tlv));
2415 	if (!skb)
2416 		return -ENOMEM;
2417 
2418 	skb_put_data(skb, &hdr, sizeof(hdr));
2419 	gtk_tlv = (struct mt76_connac_gtk_rekey_tlv *)skb_put_zero(skb,
2420 							 sizeof(*gtk_tlv));
2421 	gtk_tlv->tag = cpu_to_le16(UNI_OFFLOAD_OFFLOAD_GTK_REKEY);
2422 	gtk_tlv->len = cpu_to_le16(sizeof(*gtk_tlv));
2423 	gtk_tlv->rekey_mode = 2;
2424 	gtk_tlv->option = 1;
2425 
2426 	rcu_read_lock();
2427 	ieee80211_iter_keys_rcu(hw, vif, mt76_connac_mcu_key_iter, gtk_tlv);
2428 	rcu_read_unlock();
2429 
2430 	memcpy(gtk_tlv->kek, key->kek, NL80211_KEK_LEN);
2431 	memcpy(gtk_tlv->kck, key->kck, NL80211_KCK_LEN);
2432 	memcpy(gtk_tlv->replay_ctr, key->replay_ctr, NL80211_REPLAY_CTR_LEN);
2433 
2434 	return mt76_mcu_skb_send_msg(phy->dev, skb,
2435 				     MCU_UNI_CMD(OFFLOAD), true);
2436 }
2437 EXPORT_SYMBOL_GPL(mt76_connac_mcu_update_gtk_rekey);
2438 
2439 static int
2440 mt76_connac_mcu_set_arp_filter(struct mt76_dev *dev, struct ieee80211_vif *vif,
2441 			       bool suspend)
2442 {
2443 	struct mt76_vif *mvif = (struct mt76_vif *)vif->drv_priv;
2444 	struct {
2445 		struct {
2446 			u8 bss_idx;
2447 			u8 pad[3];
2448 		} __packed hdr;
2449 		struct mt76_connac_arpns_tlv arpns;
2450 	} req = {
2451 		.hdr = {
2452 			.bss_idx = mvif->idx,
2453 		},
2454 		.arpns = {
2455 			.tag = cpu_to_le16(UNI_OFFLOAD_OFFLOAD_ARP),
2456 			.len = cpu_to_le16(sizeof(struct mt76_connac_arpns_tlv)),
2457 			.mode = suspend,
2458 		},
2459 	};
2460 
2461 	return mt76_mcu_send_msg(dev, MCU_UNI_CMD(OFFLOAD), &req,
2462 				 sizeof(req), true);
2463 }
2464 
2465 static int
2466 mt76_connac_mcu_set_gtk_rekey(struct mt76_dev *dev, struct ieee80211_vif *vif,
2467 			      bool suspend)
2468 {
2469 	struct mt76_vif *mvif = (struct mt76_vif *)vif->drv_priv;
2470 	struct {
2471 		struct {
2472 			u8 bss_idx;
2473 			u8 pad[3];
2474 		} __packed hdr;
2475 		struct mt76_connac_gtk_rekey_tlv gtk_tlv;
2476 	} __packed req = {
2477 		.hdr = {
2478 			.bss_idx = mvif->idx,
2479 		},
2480 		.gtk_tlv = {
2481 			.tag = cpu_to_le16(UNI_OFFLOAD_OFFLOAD_GTK_REKEY),
2482 			.len = cpu_to_le16(sizeof(struct mt76_connac_gtk_rekey_tlv)),
2483 			.rekey_mode = !suspend,
2484 		},
2485 	};
2486 
2487 	return mt76_mcu_send_msg(dev, MCU_UNI_CMD(OFFLOAD), &req,
2488 				 sizeof(req), true);
2489 }
2490 
2491 static int
2492 mt76_connac_mcu_set_suspend_mode(struct mt76_dev *dev,
2493 				 struct ieee80211_vif *vif,
2494 				 bool enable, u8 mdtim,
2495 				 bool wow_suspend)
2496 {
2497 	struct mt76_vif *mvif = (struct mt76_vif *)vif->drv_priv;
2498 	struct {
2499 		struct {
2500 			u8 bss_idx;
2501 			u8 pad[3];
2502 		} __packed hdr;
2503 		struct mt76_connac_suspend_tlv suspend_tlv;
2504 	} req = {
2505 		.hdr = {
2506 			.bss_idx = mvif->idx,
2507 		},
2508 		.suspend_tlv = {
2509 			.tag = cpu_to_le16(UNI_SUSPEND_MODE_SETTING),
2510 			.len = cpu_to_le16(sizeof(struct mt76_connac_suspend_tlv)),
2511 			.enable = enable,
2512 			.mdtim = mdtim,
2513 			.wow_suspend = wow_suspend,
2514 		},
2515 	};
2516 
2517 	return mt76_mcu_send_msg(dev, MCU_UNI_CMD(SUSPEND), &req,
2518 				 sizeof(req), true);
2519 }
2520 
2521 static int
2522 mt76_connac_mcu_set_wow_pattern(struct mt76_dev *dev,
2523 				struct ieee80211_vif *vif,
2524 				u8 index, bool enable,
2525 				struct cfg80211_pkt_pattern *pattern)
2526 {
2527 	struct mt76_vif *mvif = (struct mt76_vif *)vif->drv_priv;
2528 	struct mt76_connac_wow_pattern_tlv *ptlv;
2529 	struct sk_buff *skb;
2530 	struct req_hdr {
2531 		u8 bss_idx;
2532 		u8 pad[3];
2533 	} __packed hdr = {
2534 		.bss_idx = mvif->idx,
2535 	};
2536 
2537 	skb = mt76_mcu_msg_alloc(dev, NULL, sizeof(hdr) + sizeof(*ptlv));
2538 	if (!skb)
2539 		return -ENOMEM;
2540 
2541 	skb_put_data(skb, &hdr, sizeof(hdr));
2542 	ptlv = (struct mt76_connac_wow_pattern_tlv *)skb_put_zero(skb, sizeof(*ptlv));
2543 	ptlv->tag = cpu_to_le16(UNI_SUSPEND_WOW_PATTERN);
2544 	ptlv->len = cpu_to_le16(sizeof(*ptlv));
2545 	ptlv->data_len = pattern->pattern_len;
2546 	ptlv->enable = enable;
2547 	ptlv->index = index;
2548 
2549 	memcpy(ptlv->pattern, pattern->pattern, pattern->pattern_len);
2550 	memcpy(ptlv->mask, pattern->mask, DIV_ROUND_UP(pattern->pattern_len, 8));
2551 
2552 	return mt76_mcu_skb_send_msg(dev, skb, MCU_UNI_CMD(SUSPEND), true);
2553 }
2554 
2555 static int
2556 mt76_connac_mcu_set_wow_ctrl(struct mt76_phy *phy, struct ieee80211_vif *vif,
2557 			     bool suspend, struct cfg80211_wowlan *wowlan)
2558 {
2559 	struct mt76_vif *mvif = (struct mt76_vif *)vif->drv_priv;
2560 	struct mt76_dev *dev = phy->dev;
2561 	struct {
2562 		struct {
2563 			u8 bss_idx;
2564 			u8 pad[3];
2565 		} __packed hdr;
2566 		struct mt76_connac_wow_ctrl_tlv wow_ctrl_tlv;
2567 		struct mt76_connac_wow_gpio_param_tlv gpio_tlv;
2568 	} req = {
2569 		.hdr = {
2570 			.bss_idx = mvif->idx,
2571 		},
2572 		.wow_ctrl_tlv = {
2573 			.tag = cpu_to_le16(UNI_SUSPEND_WOW_CTRL),
2574 			.len = cpu_to_le16(sizeof(struct mt76_connac_wow_ctrl_tlv)),
2575 			.cmd = suspend ? 1 : 2,
2576 		},
2577 		.gpio_tlv = {
2578 			.tag = cpu_to_le16(UNI_SUSPEND_WOW_GPIO_PARAM),
2579 			.len = cpu_to_le16(sizeof(struct mt76_connac_wow_gpio_param_tlv)),
2580 			.gpio_pin = 0xff, /* follow fw about GPIO pin */
2581 		},
2582 	};
2583 
2584 	if (wowlan->magic_pkt)
2585 		req.wow_ctrl_tlv.trigger |= UNI_WOW_DETECT_TYPE_MAGIC;
2586 	if (wowlan->disconnect)
2587 		req.wow_ctrl_tlv.trigger |= (UNI_WOW_DETECT_TYPE_DISCONNECT |
2588 					     UNI_WOW_DETECT_TYPE_BCN_LOST);
2589 	if (wowlan->nd_config) {
2590 		mt76_connac_mcu_sched_scan_req(phy, vif, wowlan->nd_config);
2591 		req.wow_ctrl_tlv.trigger |= UNI_WOW_DETECT_TYPE_SCH_SCAN_HIT;
2592 		mt76_connac_mcu_sched_scan_enable(phy, vif, suspend);
2593 	}
2594 	if (wowlan->n_patterns)
2595 		req.wow_ctrl_tlv.trigger |= UNI_WOW_DETECT_TYPE_BITMAP;
2596 
2597 	if (mt76_is_mmio(dev))
2598 		req.wow_ctrl_tlv.wakeup_hif = WOW_PCIE;
2599 	else if (mt76_is_usb(dev))
2600 		req.wow_ctrl_tlv.wakeup_hif = WOW_USB;
2601 	else if (mt76_is_sdio(dev))
2602 		req.wow_ctrl_tlv.wakeup_hif = WOW_GPIO;
2603 
2604 	return mt76_mcu_send_msg(dev, MCU_UNI_CMD(SUSPEND), &req,
2605 				 sizeof(req), true);
2606 }
2607 
2608 int mt76_connac_mcu_set_hif_suspend(struct mt76_dev *dev, bool suspend)
2609 {
2610 	struct {
2611 		struct {
2612 			u8 hif_type; /* 0x0: HIF_SDIO
2613 				      * 0x1: HIF_USB
2614 				      * 0x2: HIF_PCIE
2615 				      */
2616 			u8 pad[3];
2617 		} __packed hdr;
2618 		struct hif_suspend_tlv {
2619 			__le16 tag;
2620 			__le16 len;
2621 			u8 suspend;
2622 		} __packed hif_suspend;
2623 	} req = {
2624 		.hif_suspend = {
2625 			.tag = cpu_to_le16(0), /* 0: UNI_HIF_CTRL_BASIC */
2626 			.len = cpu_to_le16(sizeof(struct hif_suspend_tlv)),
2627 			.suspend = suspend,
2628 		},
2629 	};
2630 
2631 	if (mt76_is_mmio(dev))
2632 		req.hdr.hif_type = 2;
2633 	else if (mt76_is_usb(dev))
2634 		req.hdr.hif_type = 1;
2635 	else if (mt76_is_sdio(dev))
2636 		req.hdr.hif_type = 0;
2637 
2638 	return mt76_mcu_send_msg(dev, MCU_UNI_CMD(HIF_CTRL), &req,
2639 				 sizeof(req), true);
2640 }
2641 EXPORT_SYMBOL_GPL(mt76_connac_mcu_set_hif_suspend);
2642 
2643 void mt76_connac_mcu_set_suspend_iter(void *priv, u8 *mac,
2644 				      struct ieee80211_vif *vif)
2645 {
2646 	struct mt76_phy *phy = priv;
2647 	bool suspend = !test_bit(MT76_STATE_RUNNING, &phy->state);
2648 	struct ieee80211_hw *hw = phy->hw;
2649 	struct cfg80211_wowlan *wowlan = hw->wiphy->wowlan_config;
2650 	int i;
2651 
2652 	mt76_connac_mcu_set_gtk_rekey(phy->dev, vif, suspend);
2653 	mt76_connac_mcu_set_arp_filter(phy->dev, vif, suspend);
2654 
2655 	mt76_connac_mcu_set_suspend_mode(phy->dev, vif, suspend, 1, true);
2656 
2657 	for (i = 0; i < wowlan->n_patterns; i++)
2658 		mt76_connac_mcu_set_wow_pattern(phy->dev, vif, i, suspend,
2659 						&wowlan->patterns[i]);
2660 	mt76_connac_mcu_set_wow_ctrl(phy, vif, suspend, wowlan);
2661 }
2662 EXPORT_SYMBOL_GPL(mt76_connac_mcu_set_suspend_iter);
2663 #endif /* CONFIG_PM */
2664 
2665 u32 mt76_connac_mcu_reg_rr(struct mt76_dev *dev, u32 offset)
2666 {
2667 	struct {
2668 		__le32 addr;
2669 		__le32 val;
2670 	} __packed req = {
2671 		.addr = cpu_to_le32(offset),
2672 	};
2673 
2674 	return mt76_mcu_send_msg(dev, MCU_CE_QUERY(REG_READ), &req,
2675 				 sizeof(req), true);
2676 }
2677 EXPORT_SYMBOL_GPL(mt76_connac_mcu_reg_rr);
2678 
2679 void mt76_connac_mcu_reg_wr(struct mt76_dev *dev, u32 offset, u32 val)
2680 {
2681 	struct {
2682 		__le32 addr;
2683 		__le32 val;
2684 	} __packed req = {
2685 		.addr = cpu_to_le32(offset),
2686 		.val = cpu_to_le32(val),
2687 	};
2688 
2689 	mt76_mcu_send_msg(dev, MCU_CE_CMD(REG_WRITE), &req,
2690 			  sizeof(req), false);
2691 }
2692 EXPORT_SYMBOL_GPL(mt76_connac_mcu_reg_wr);
2693 
2694 static int
2695 mt76_connac_mcu_sta_key_tlv(struct mt76_connac_sta_key_conf *sta_key_conf,
2696 			    struct sk_buff *skb,
2697 			    struct ieee80211_key_conf *key,
2698 			    enum set_key_cmd cmd)
2699 {
2700 	struct sta_rec_sec *sec;
2701 	u32 len = sizeof(*sec);
2702 	struct tlv *tlv;
2703 
2704 	tlv = mt76_connac_mcu_add_tlv(skb, STA_REC_KEY_V2, sizeof(*sec));
2705 	sec = (struct sta_rec_sec *)tlv;
2706 	sec->add = cmd;
2707 
2708 	if (cmd == SET_KEY) {
2709 		struct sec_key *sec_key;
2710 		u8 cipher;
2711 
2712 		cipher = mt76_connac_mcu_get_cipher(key->cipher);
2713 		if (cipher == MCU_CIPHER_NONE)
2714 			return -EOPNOTSUPP;
2715 
2716 		sec_key = &sec->key[0];
2717 		sec_key->cipher_len = sizeof(*sec_key);
2718 
2719 		if (cipher == MCU_CIPHER_BIP_CMAC_128) {
2720 			sec_key->cipher_id = MCU_CIPHER_AES_CCMP;
2721 			sec_key->key_id = sta_key_conf->keyidx;
2722 			sec_key->key_len = 16;
2723 			memcpy(sec_key->key, sta_key_conf->key, 16);
2724 
2725 			sec_key = &sec->key[1];
2726 			sec_key->cipher_id = MCU_CIPHER_BIP_CMAC_128;
2727 			sec_key->cipher_len = sizeof(*sec_key);
2728 			sec_key->key_len = 16;
2729 			memcpy(sec_key->key, key->key, 16);
2730 			sec->n_cipher = 2;
2731 		} else {
2732 			sec_key->cipher_id = cipher;
2733 			sec_key->key_id = key->keyidx;
2734 			sec_key->key_len = key->keylen;
2735 			memcpy(sec_key->key, key->key, key->keylen);
2736 
2737 			if (cipher == MCU_CIPHER_TKIP) {
2738 				/* Rx/Tx MIC keys are swapped */
2739 				memcpy(sec_key->key + 16, key->key + 24, 8);
2740 				memcpy(sec_key->key + 24, key->key + 16, 8);
2741 			}
2742 
2743 			/* store key_conf for BIP batch update */
2744 			if (cipher == MCU_CIPHER_AES_CCMP) {
2745 				memcpy(sta_key_conf->key, key->key, key->keylen);
2746 				sta_key_conf->keyidx = key->keyidx;
2747 			}
2748 
2749 			len -= sizeof(*sec_key);
2750 			sec->n_cipher = 1;
2751 		}
2752 	} else {
2753 		len -= sizeof(sec->key);
2754 		sec->n_cipher = 0;
2755 	}
2756 	sec->len = cpu_to_le16(len);
2757 
2758 	return 0;
2759 }
2760 
2761 int mt76_connac_mcu_add_key(struct mt76_dev *dev, struct ieee80211_vif *vif,
2762 			    struct mt76_connac_sta_key_conf *sta_key_conf,
2763 			    struct ieee80211_key_conf *key, int mcu_cmd,
2764 			    struct mt76_wcid *wcid, enum set_key_cmd cmd)
2765 {
2766 	struct mt76_vif *mvif = (struct mt76_vif *)vif->drv_priv;
2767 	struct sk_buff *skb;
2768 	int ret;
2769 
2770 	skb = mt76_connac_mcu_alloc_sta_req(dev, mvif, wcid);
2771 	if (IS_ERR(skb))
2772 		return PTR_ERR(skb);
2773 
2774 	ret = mt76_connac_mcu_sta_key_tlv(sta_key_conf, skb, key, cmd);
2775 	if (ret)
2776 		return ret;
2777 
2778 	ret = mt76_connac_mcu_sta_wed_update(dev, skb);
2779 	if (ret)
2780 		return ret;
2781 
2782 	return mt76_mcu_skb_send_msg(dev, skb, mcu_cmd, true);
2783 }
2784 EXPORT_SYMBOL_GPL(mt76_connac_mcu_add_key);
2785 
2786 /* SIFS 20us + 512 byte beacon transmitted by 1Mbps (3906us) */
2787 #define BCN_TX_ESTIMATE_TIME (4096 + 20)
2788 void mt76_connac_mcu_bss_ext_tlv(struct sk_buff *skb, struct mt76_vif *mvif)
2789 {
2790 	struct bss_info_ext_bss *ext;
2791 	int ext_bss_idx, tsf_offset;
2792 	struct tlv *tlv;
2793 
2794 	ext_bss_idx = mvif->omac_idx - EXT_BSSID_START;
2795 	if (ext_bss_idx < 0)
2796 		return;
2797 
2798 	tlv = mt76_connac_mcu_add_tlv(skb, BSS_INFO_EXT_BSS, sizeof(*ext));
2799 
2800 	ext = (struct bss_info_ext_bss *)tlv;
2801 	tsf_offset = ext_bss_idx * BCN_TX_ESTIMATE_TIME;
2802 	ext->mbss_tsf_offset = cpu_to_le32(tsf_offset);
2803 }
2804 EXPORT_SYMBOL_GPL(mt76_connac_mcu_bss_ext_tlv);
2805 
2806 int mt76_connac_mcu_bss_basic_tlv(struct sk_buff *skb,
2807 				  struct ieee80211_vif *vif,
2808 				  struct ieee80211_sta *sta,
2809 				  struct mt76_phy *phy, u16 wlan_idx,
2810 				  bool enable)
2811 {
2812 	struct mt76_vif *mvif = (struct mt76_vif *)vif->drv_priv;
2813 	u32 type = vif->p2p ? NETWORK_P2P : NETWORK_INFRA;
2814 	struct bss_info_basic *bss;
2815 	struct tlv *tlv;
2816 
2817 	tlv = mt76_connac_mcu_add_tlv(skb, BSS_INFO_BASIC, sizeof(*bss));
2818 	bss = (struct bss_info_basic *)tlv;
2819 
2820 	switch (vif->type) {
2821 	case NL80211_IFTYPE_MESH_POINT:
2822 	case NL80211_IFTYPE_MONITOR:
2823 		break;
2824 	case NL80211_IFTYPE_AP:
2825 		if (ieee80211_hw_check(phy->hw, SUPPORTS_MULTI_BSSID)) {
2826 			u8 bssid_id = vif->bss_conf.bssid_indicator;
2827 			struct wiphy *wiphy = phy->hw->wiphy;
2828 
2829 			if (bssid_id > ilog2(wiphy->mbssid_max_interfaces))
2830 				return -EINVAL;
2831 
2832 			bss->non_tx_bssid = vif->bss_conf.bssid_index;
2833 			bss->max_bssid = bssid_id;
2834 		}
2835 		break;
2836 	case NL80211_IFTYPE_STATION:
2837 		if (enable) {
2838 			rcu_read_lock();
2839 			if (!sta)
2840 				sta = ieee80211_find_sta(vif,
2841 							 vif->bss_conf.bssid);
2842 			/* TODO: enable BSS_INFO_UAPSD & BSS_INFO_PM */
2843 			if (sta) {
2844 				struct mt76_wcid *wcid;
2845 
2846 				wcid = (struct mt76_wcid *)sta->drv_priv;
2847 				wlan_idx = wcid->idx;
2848 			}
2849 			rcu_read_unlock();
2850 		}
2851 		break;
2852 	case NL80211_IFTYPE_ADHOC:
2853 		type = NETWORK_IBSS;
2854 		break;
2855 	default:
2856 		WARN_ON(1);
2857 		break;
2858 	}
2859 
2860 	bss->network_type = cpu_to_le32(type);
2861 	bss->bmc_wcid_lo = to_wcid_lo(wlan_idx);
2862 	bss->bmc_wcid_hi = to_wcid_hi(wlan_idx);
2863 	bss->wmm_idx = mvif->wmm_idx;
2864 	bss->active = enable;
2865 	bss->cipher = mvif->cipher;
2866 
2867 	if (vif->type != NL80211_IFTYPE_MONITOR) {
2868 		struct cfg80211_chan_def *chandef = &phy->chandef;
2869 
2870 		memcpy(bss->bssid, vif->bss_conf.bssid, ETH_ALEN);
2871 		bss->bcn_interval = cpu_to_le16(vif->bss_conf.beacon_int);
2872 		bss->dtim_period = vif->bss_conf.dtim_period;
2873 		bss->phy_mode = mt76_connac_get_phy_mode(phy, vif,
2874 							 chandef->chan->band, NULL);
2875 	} else {
2876 		memcpy(bss->bssid, phy->macaddr, ETH_ALEN);
2877 	}
2878 
2879 	return 0;
2880 }
2881 EXPORT_SYMBOL_GPL(mt76_connac_mcu_bss_basic_tlv);
2882 
2883 #define ENTER_PM_STATE		1
2884 #define EXIT_PM_STATE		2
2885 int mt76_connac_mcu_set_pm(struct mt76_dev *dev, int band, int enter)
2886 {
2887 	struct {
2888 		u8 pm_number;
2889 		u8 pm_state;
2890 		u8 bssid[ETH_ALEN];
2891 		u8 dtim_period;
2892 		u8 wlan_idx_lo;
2893 		__le16 bcn_interval;
2894 		__le32 aid;
2895 		__le32 rx_filter;
2896 		u8 band_idx;
2897 		u8 wlan_idx_hi;
2898 		u8 rsv[2];
2899 		__le32 feature;
2900 		u8 omac_idx;
2901 		u8 wmm_idx;
2902 		u8 bcn_loss_cnt;
2903 		u8 bcn_sp_duration;
2904 	} __packed req = {
2905 		.pm_number = 5,
2906 		.pm_state = enter ? ENTER_PM_STATE : EXIT_PM_STATE,
2907 		.band_idx = band,
2908 	};
2909 
2910 	return mt76_mcu_send_msg(dev, MCU_EXT_CMD(PM_STATE_CTRL), &req,
2911 				 sizeof(req), true);
2912 }
2913 EXPORT_SYMBOL_GPL(mt76_connac_mcu_set_pm);
2914 
2915 int mt76_connac_mcu_restart(struct mt76_dev *dev)
2916 {
2917 	struct {
2918 		u8 power_mode;
2919 		u8 rsv[3];
2920 	} req = {
2921 		.power_mode = 1,
2922 	};
2923 
2924 	return mt76_mcu_send_msg(dev, MCU_CMD(NIC_POWER_CTRL), &req,
2925 				 sizeof(req), false);
2926 }
2927 EXPORT_SYMBOL_GPL(mt76_connac_mcu_restart);
2928 
2929 int mt76_connac_mcu_rdd_cmd(struct mt76_dev *dev, int cmd, u8 index,
2930 			    u8 rx_sel, u8 val)
2931 {
2932 	struct {
2933 		u8 ctrl;
2934 		u8 rdd_idx;
2935 		u8 rdd_rx_sel;
2936 		u8 val;
2937 		u8 rsv[4];
2938 	} __packed req = {
2939 		.ctrl = cmd,
2940 		.rdd_idx = index,
2941 		.rdd_rx_sel = rx_sel,
2942 		.val = val,
2943 	};
2944 
2945 	return mt76_mcu_send_msg(dev, MCU_EXT_CMD(SET_RDD_CTRL), &req,
2946 				 sizeof(req), true);
2947 }
2948 EXPORT_SYMBOL_GPL(mt76_connac_mcu_rdd_cmd);
2949 
2950 static int
2951 mt76_connac_mcu_send_ram_firmware(struct mt76_dev *dev,
2952 				  const struct mt76_connac2_fw_trailer *hdr,
2953 				  const u8 *data, bool is_wa)
2954 {
2955 	int i, offset = 0, max_len = mt76_is_sdio(dev) ? 2048 : 4096;
2956 	u32 override = 0, option = 0;
2957 
2958 	for (i = 0; i < hdr->n_region; i++) {
2959 		const struct mt76_connac2_fw_region *region;
2960 		u32 len, addr, mode;
2961 		int err;
2962 
2963 		region = (const void *)((const u8 *)hdr -
2964 					(hdr->n_region - i) * sizeof(*region));
2965 		mode = mt76_connac_mcu_gen_dl_mode(dev, region->feature_set,
2966 						   is_wa);
2967 		len = le32_to_cpu(region->len);
2968 		addr = le32_to_cpu(region->addr);
2969 
2970 		if (region->feature_set & FW_FEATURE_NON_DL)
2971 			goto next;
2972 
2973 		if (region->feature_set & FW_FEATURE_OVERRIDE_ADDR)
2974 			override = addr;
2975 
2976 		err = mt76_connac_mcu_init_download(dev, addr, len, mode);
2977 		if (err) {
2978 			dev_err(dev->dev, "Download request failed\n");
2979 			return err;
2980 		}
2981 
2982 		err = __mt76_mcu_send_firmware(dev, MCU_CMD(FW_SCATTER),
2983 					       data + offset, len, max_len);
2984 		if (err) {
2985 			dev_err(dev->dev, "Failed to send firmware.\n");
2986 			return err;
2987 		}
2988 
2989 next:
2990 		offset += len;
2991 	}
2992 
2993 	if (override)
2994 		option |= FW_START_OVERRIDE;
2995 	if (is_wa)
2996 		option |= FW_START_WORKING_PDA_CR4;
2997 
2998 	return mt76_connac_mcu_start_firmware(dev, override, option);
2999 }
3000 
3001 int mt76_connac2_load_ram(struct mt76_dev *dev, const char *fw_wm,
3002 			  const char *fw_wa)
3003 {
3004 	const struct mt76_connac2_fw_trailer *hdr;
3005 	const struct firmware *fw;
3006 	int ret;
3007 
3008 	ret = request_firmware(&fw, fw_wm, dev->dev);
3009 	if (ret)
3010 		return ret;
3011 
3012 	if (!fw || !fw->data || fw->size < sizeof(*hdr)) {
3013 		dev_err(dev->dev, "Invalid firmware\n");
3014 		ret = -EINVAL;
3015 		goto out;
3016 	}
3017 
3018 	hdr = (const void *)(fw->data + fw->size - sizeof(*hdr));
3019 	dev_info(dev->dev, "WM Firmware Version: %.10s, Build Time: %.15s\n",
3020 		 hdr->fw_ver, hdr->build_date);
3021 
3022 	ret = mt76_connac_mcu_send_ram_firmware(dev, hdr, fw->data, false);
3023 	if (ret) {
3024 		dev_err(dev->dev, "Failed to start WM firmware\n");
3025 		goto out;
3026 	}
3027 
3028 	snprintf(dev->hw->wiphy->fw_version,
3029 		 sizeof(dev->hw->wiphy->fw_version),
3030 		 "%.10s-%.15s", hdr->fw_ver, hdr->build_date);
3031 
3032 	release_firmware(fw);
3033 
3034 	if (!fw_wa)
3035 		return 0;
3036 
3037 	ret = request_firmware(&fw, fw_wa, dev->dev);
3038 	if (ret)
3039 		return ret;
3040 
3041 	if (!fw || !fw->data || fw->size < sizeof(*hdr)) {
3042 		dev_err(dev->dev, "Invalid firmware\n");
3043 		ret = -EINVAL;
3044 		goto out;
3045 	}
3046 
3047 	hdr = (const void *)(fw->data + fw->size - sizeof(*hdr));
3048 	dev_info(dev->dev, "WA Firmware Version: %.10s, Build Time: %.15s\n",
3049 		 hdr->fw_ver, hdr->build_date);
3050 
3051 	ret = mt76_connac_mcu_send_ram_firmware(dev, hdr, fw->data, true);
3052 	if (ret) {
3053 		dev_err(dev->dev, "Failed to start WA firmware\n");
3054 		goto out;
3055 	}
3056 
3057 	snprintf(dev->hw->wiphy->fw_version,
3058 		 sizeof(dev->hw->wiphy->fw_version),
3059 		 "%.10s-%.15s", hdr->fw_ver, hdr->build_date);
3060 
3061 out:
3062 	release_firmware(fw);
3063 
3064 	return ret;
3065 }
3066 EXPORT_SYMBOL_GPL(mt76_connac2_load_ram);
3067 
3068 static u32 mt76_connac2_get_data_mode(struct mt76_dev *dev, u32 info)
3069 {
3070 	u32 mode = DL_MODE_NEED_RSP;
3071 
3072 	if (!is_mt7921(dev) || info == PATCH_SEC_NOT_SUPPORT)
3073 		return mode;
3074 
3075 	switch (FIELD_GET(PATCH_SEC_ENC_TYPE_MASK, info)) {
3076 	case PATCH_SEC_ENC_TYPE_PLAIN:
3077 		break;
3078 	case PATCH_SEC_ENC_TYPE_AES:
3079 		mode |= DL_MODE_ENCRYPT;
3080 		mode |= FIELD_PREP(DL_MODE_KEY_IDX,
3081 				(info & PATCH_SEC_ENC_AES_KEY_MASK)) & DL_MODE_KEY_IDX;
3082 		mode |= DL_MODE_RESET_SEC_IV;
3083 		break;
3084 	case PATCH_SEC_ENC_TYPE_SCRAMBLE:
3085 		mode |= DL_MODE_ENCRYPT;
3086 		mode |= DL_CONFIG_ENCRY_MODE_SEL;
3087 		mode |= DL_MODE_RESET_SEC_IV;
3088 		break;
3089 	default:
3090 		dev_err(dev->dev, "Encryption type not support!\n");
3091 	}
3092 
3093 	return mode;
3094 }
3095 
3096 int mt76_connac2_load_patch(struct mt76_dev *dev, const char *fw_name)
3097 {
3098 	int i, ret, sem, max_len = mt76_is_sdio(dev) ? 2048 : 4096;
3099 	const struct mt76_connac2_patch_hdr *hdr;
3100 	const struct firmware *fw = NULL;
3101 
3102 	sem = mt76_connac_mcu_patch_sem_ctrl(dev, true);
3103 	switch (sem) {
3104 	case PATCH_IS_DL:
3105 		return 0;
3106 	case PATCH_NOT_DL_SEM_SUCCESS:
3107 		break;
3108 	default:
3109 		dev_err(dev->dev, "Failed to get patch semaphore\n");
3110 		return -EAGAIN;
3111 	}
3112 
3113 	ret = request_firmware(&fw, fw_name, dev->dev);
3114 	if (ret)
3115 		goto out;
3116 
3117 	if (!fw || !fw->data || fw->size < sizeof(*hdr)) {
3118 		dev_err(dev->dev, "Invalid firmware\n");
3119 		ret = -EINVAL;
3120 		goto out;
3121 	}
3122 
3123 	hdr = (const void *)fw->data;
3124 	dev_info(dev->dev, "HW/SW Version: 0x%x, Build Time: %.16s\n",
3125 		 be32_to_cpu(hdr->hw_sw_ver), hdr->build_date);
3126 
3127 	for (i = 0; i < be32_to_cpu(hdr->desc.n_region); i++) {
3128 		struct mt76_connac2_patch_sec *sec;
3129 		u32 len, addr, mode;
3130 		const u8 *dl;
3131 		u32 sec_info;
3132 
3133 		sec = (void *)(fw->data + sizeof(*hdr) + i * sizeof(*sec));
3134 		if ((be32_to_cpu(sec->type) & PATCH_SEC_TYPE_MASK) !=
3135 		    PATCH_SEC_TYPE_INFO) {
3136 			ret = -EINVAL;
3137 			goto out;
3138 		}
3139 
3140 		addr = be32_to_cpu(sec->info.addr);
3141 		len = be32_to_cpu(sec->info.len);
3142 		dl = fw->data + be32_to_cpu(sec->offs);
3143 		sec_info = be32_to_cpu(sec->info.sec_key_idx);
3144 		mode = mt76_connac2_get_data_mode(dev, sec_info);
3145 
3146 		ret = mt76_connac_mcu_init_download(dev, addr, len, mode);
3147 		if (ret) {
3148 			dev_err(dev->dev, "Download request failed\n");
3149 			goto out;
3150 		}
3151 
3152 		ret = __mt76_mcu_send_firmware(dev, MCU_CMD(FW_SCATTER),
3153 					       dl, len, max_len);
3154 		if (ret) {
3155 			dev_err(dev->dev, "Failed to send patch\n");
3156 			goto out;
3157 		}
3158 	}
3159 
3160 	ret = mt76_connac_mcu_start_patch(dev);
3161 	if (ret)
3162 		dev_err(dev->dev, "Failed to start patch\n");
3163 
3164 out:
3165 	sem = mt76_connac_mcu_patch_sem_ctrl(dev, false);
3166 	switch (sem) {
3167 	case PATCH_REL_SEM_SUCCESS:
3168 		break;
3169 	default:
3170 		ret = -EAGAIN;
3171 		dev_err(dev->dev, "Failed to release patch semaphore\n");
3172 		break;
3173 	}
3174 
3175 	release_firmware(fw);
3176 
3177 	return ret;
3178 }
3179 EXPORT_SYMBOL_GPL(mt76_connac2_load_patch);
3180 
3181 int mt76_connac2_mcu_fill_message(struct mt76_dev *dev, struct sk_buff *skb,
3182 				  int cmd, int *wait_seq)
3183 {
3184 	int txd_len, mcu_cmd = FIELD_GET(__MCU_CMD_FIELD_ID, cmd);
3185 	struct mt76_connac2_mcu_uni_txd *uni_txd;
3186 	struct mt76_connac2_mcu_txd *mcu_txd;
3187 	__le32 *txd;
3188 	u32 val;
3189 	u8 seq;
3190 
3191 	/* TODO: make dynamic based on msg type */
3192 	dev->mcu.timeout = 20 * HZ;
3193 
3194 	seq = ++dev->mcu.msg_seq & 0xf;
3195 	if (!seq)
3196 		seq = ++dev->mcu.msg_seq & 0xf;
3197 
3198 	if (cmd == MCU_CMD(FW_SCATTER))
3199 		goto exit;
3200 
3201 	txd_len = cmd & __MCU_CMD_FIELD_UNI ? sizeof(*uni_txd) : sizeof(*mcu_txd);
3202 	txd = (__le32 *)skb_push(skb, txd_len);
3203 
3204 	val = FIELD_PREP(MT_TXD0_TX_BYTES, skb->len) |
3205 	      FIELD_PREP(MT_TXD0_PKT_FMT, MT_TX_TYPE_CMD) |
3206 	      FIELD_PREP(MT_TXD0_Q_IDX, MT_TX_MCU_PORT_RX_Q0);
3207 	txd[0] = cpu_to_le32(val);
3208 
3209 	val = MT_TXD1_LONG_FORMAT |
3210 	      FIELD_PREP(MT_TXD1_HDR_FORMAT, MT_HDR_FORMAT_CMD);
3211 	txd[1] = cpu_to_le32(val);
3212 
3213 	if (cmd & __MCU_CMD_FIELD_UNI) {
3214 		uni_txd = (struct mt76_connac2_mcu_uni_txd *)txd;
3215 		uni_txd->len = cpu_to_le16(skb->len - sizeof(uni_txd->txd));
3216 		uni_txd->option = MCU_CMD_UNI_EXT_ACK;
3217 		uni_txd->cid = cpu_to_le16(mcu_cmd);
3218 		uni_txd->s2d_index = MCU_S2D_H2N;
3219 		uni_txd->pkt_type = MCU_PKT_ID;
3220 		uni_txd->seq = seq;
3221 
3222 		goto exit;
3223 	}
3224 
3225 	mcu_txd = (struct mt76_connac2_mcu_txd *)txd;
3226 	mcu_txd->len = cpu_to_le16(skb->len - sizeof(mcu_txd->txd));
3227 	mcu_txd->pq_id = cpu_to_le16(MCU_PQ_ID(MT_TX_PORT_IDX_MCU,
3228 					       MT_TX_MCU_PORT_RX_Q0));
3229 	mcu_txd->pkt_type = MCU_PKT_ID;
3230 	mcu_txd->seq = seq;
3231 	mcu_txd->cid = mcu_cmd;
3232 	mcu_txd->ext_cid = FIELD_GET(__MCU_CMD_FIELD_EXT_ID, cmd);
3233 
3234 	if (mcu_txd->ext_cid || (cmd & __MCU_CMD_FIELD_CE)) {
3235 		if (cmd & __MCU_CMD_FIELD_QUERY)
3236 			mcu_txd->set_query = MCU_Q_QUERY;
3237 		else
3238 			mcu_txd->set_query = MCU_Q_SET;
3239 		mcu_txd->ext_cid_ack = !!mcu_txd->ext_cid;
3240 	} else {
3241 		mcu_txd->set_query = MCU_Q_NA;
3242 	}
3243 
3244 	if (cmd & __MCU_CMD_FIELD_WA)
3245 		mcu_txd->s2d_index = MCU_S2D_H2C;
3246 	else
3247 		mcu_txd->s2d_index = MCU_S2D_H2N;
3248 
3249 exit:
3250 	if (wait_seq)
3251 		*wait_seq = seq;
3252 
3253 	return 0;
3254 }
3255 EXPORT_SYMBOL_GPL(mt76_connac2_mcu_fill_message);
3256 
3257 MODULE_AUTHOR("Lorenzo Bianconi <lorenzo@kernel.org>");
3258 MODULE_LICENSE("Dual BSD/GPL");
3259