1 // SPDX-License-Identifier: ISC
2 /* Copyright (C) 2020 MediaTek Inc. */
3 
4 #include <linux/etherdevice.h>
5 #include <linux/platform_device.h>
6 #include <linux/pci.h>
7 #include <linux/module.h>
8 #include "mt7915.h"
9 #include "mcu.h"
10 
11 static bool mt7915_dev_running(struct mt7915_dev *dev)
12 {
13 	struct mt7915_phy *phy;
14 
15 	if (test_bit(MT76_STATE_RUNNING, &dev->mphy.state))
16 		return true;
17 
18 	phy = mt7915_ext_phy(dev);
19 
20 	return phy && test_bit(MT76_STATE_RUNNING, &phy->mt76->state);
21 }
22 
23 static int mt7915_start(struct ieee80211_hw *hw)
24 {
25 	struct mt7915_dev *dev = mt7915_hw_dev(hw);
26 	struct mt7915_phy *phy = mt7915_hw_phy(hw);
27 	bool running;
28 	int ret;
29 
30 	flush_work(&dev->init_work);
31 
32 	mutex_lock(&dev->mt76.mutex);
33 
34 	running = mt7915_dev_running(dev);
35 
36 	if (!running) {
37 		ret = mt7915_mcu_set_pm(dev, 0, 0);
38 		if (ret)
39 			goto out;
40 
41 		ret = mt7915_mcu_set_mac(dev, 0, true, true);
42 		if (ret)
43 			goto out;
44 
45 		ret = mt7915_mcu_set_scs(dev, 0, true);
46 		if (ret)
47 			goto out;
48 
49 		mt7915_mac_enable_nf(dev, 0);
50 	}
51 
52 	if (phy != &dev->phy) {
53 		ret = mt7915_mcu_set_pm(dev, 1, 0);
54 		if (ret)
55 			goto out;
56 
57 		ret = mt7915_mcu_set_mac(dev, 1, true, true);
58 		if (ret)
59 			goto out;
60 
61 		ret = mt7915_mcu_set_scs(dev, 1, true);
62 		if (ret)
63 			goto out;
64 
65 		mt7915_mac_enable_nf(dev, 1);
66 	}
67 
68 	ret = mt7915_mcu_set_rts_thresh(phy, 0x92b);
69 	if (ret)
70 		goto out;
71 
72 	ret = mt7915_mcu_set_sku_en(phy, true);
73 	if (ret)
74 		goto out;
75 
76 	ret = mt7915_mcu_set_chan_info(phy, MCU_EXT_CMD(SET_RX_PATH));
77 	if (ret)
78 		goto out;
79 
80 	set_bit(MT76_STATE_RUNNING, &phy->mt76->state);
81 
82 	if (!mt76_testmode_enabled(phy->mt76))
83 		ieee80211_queue_delayed_work(hw, &phy->mt76->mac_work,
84 					     MT7915_WATCHDOG_TIME);
85 
86 	if (!running)
87 		mt7915_mac_reset_counters(phy);
88 
89 out:
90 	mutex_unlock(&dev->mt76.mutex);
91 
92 	return ret;
93 }
94 
95 static void mt7915_stop(struct ieee80211_hw *hw)
96 {
97 	struct mt7915_dev *dev = mt7915_hw_dev(hw);
98 	struct mt7915_phy *phy = mt7915_hw_phy(hw);
99 
100 	cancel_delayed_work_sync(&phy->mt76->mac_work);
101 
102 	mutex_lock(&dev->mt76.mutex);
103 
104 	mt76_testmode_reset(phy->mt76, true);
105 
106 	clear_bit(MT76_STATE_RUNNING, &phy->mt76->state);
107 
108 	if (phy != &dev->phy) {
109 		mt7915_mcu_set_pm(dev, 1, 1);
110 		mt7915_mcu_set_mac(dev, 1, false, false);
111 	}
112 
113 	if (!mt7915_dev_running(dev)) {
114 		mt7915_mcu_set_pm(dev, 0, 1);
115 		mt7915_mcu_set_mac(dev, 0, false, false);
116 	}
117 
118 	mutex_unlock(&dev->mt76.mutex);
119 }
120 
121 static inline int get_free_idx(u32 mask, u8 start, u8 end)
122 {
123 	return ffs(~mask & GENMASK(end, start));
124 }
125 
126 static int get_omac_idx(enum nl80211_iftype type, u64 mask)
127 {
128 	int i;
129 
130 	switch (type) {
131 	case NL80211_IFTYPE_MESH_POINT:
132 	case NL80211_IFTYPE_ADHOC:
133 	case NL80211_IFTYPE_STATION:
134 		/* prefer hw bssid slot 1-3 */
135 		i = get_free_idx(mask, HW_BSSID_1, HW_BSSID_3);
136 		if (i)
137 			return i - 1;
138 
139 		if (type != NL80211_IFTYPE_STATION)
140 			break;
141 
142 		/* next, try to find a free repeater entry for the sta */
143 		i = get_free_idx(mask >> REPEATER_BSSID_START, 0,
144 				 REPEATER_BSSID_MAX - REPEATER_BSSID_START);
145 		if (i)
146 			return i + 32 - 1;
147 
148 		i = get_free_idx(mask, EXT_BSSID_1, EXT_BSSID_MAX);
149 		if (i)
150 			return i - 1;
151 
152 		if (~mask & BIT(HW_BSSID_0))
153 			return HW_BSSID_0;
154 
155 		break;
156 	case NL80211_IFTYPE_MONITOR:
157 	case NL80211_IFTYPE_AP:
158 		/* ap uses hw bssid 0 and ext bssid */
159 		if (~mask & BIT(HW_BSSID_0))
160 			return HW_BSSID_0;
161 
162 		i = get_free_idx(mask, EXT_BSSID_1, EXT_BSSID_MAX);
163 		if (i)
164 			return i - 1;
165 
166 		break;
167 	default:
168 		WARN_ON(1);
169 		break;
170 	}
171 
172 	return -1;
173 }
174 
175 static int mt7915_add_interface(struct ieee80211_hw *hw,
176 				struct ieee80211_vif *vif)
177 {
178 	struct mt7915_vif *mvif = (struct mt7915_vif *)vif->drv_priv;
179 	struct mt7915_dev *dev = mt7915_hw_dev(hw);
180 	struct mt7915_phy *phy = mt7915_hw_phy(hw);
181 	struct mt76_txq *mtxq;
182 	bool ext_phy = phy != &dev->phy;
183 	int idx, ret = 0;
184 
185 	mutex_lock(&dev->mt76.mutex);
186 
187 	mt76_testmode_reset(phy->mt76, true);
188 
189 	if (vif->type == NL80211_IFTYPE_MONITOR &&
190 	    is_zero_ether_addr(vif->addr))
191 		phy->monitor_vif = vif;
192 
193 	mvif->idx = ffs(~dev->mt76.vif_mask) - 1;
194 	if (mvif->idx >= MT7915_MAX_INTERFACES) {
195 		ret = -ENOSPC;
196 		goto out;
197 	}
198 
199 	idx = get_omac_idx(vif->type, phy->omac_mask);
200 	if (idx < 0) {
201 		ret = -ENOSPC;
202 		goto out;
203 	}
204 	mvif->omac_idx = idx;
205 	mvif->phy = phy;
206 	mvif->band_idx = ext_phy;
207 
208 	if (ext_phy)
209 		mvif->wmm_idx = ext_phy * (MT7915_MAX_WMM_SETS / 2) +
210 				mvif->idx % (MT7915_MAX_WMM_SETS / 2);
211 	else
212 		mvif->wmm_idx = mvif->idx % MT7915_MAX_WMM_SETS;
213 
214 	ret = mt7915_mcu_add_dev_info(phy, vif, true);
215 	if (ret)
216 		goto out;
217 
218 	dev->mt76.vif_mask |= BIT(mvif->idx);
219 	phy->omac_mask |= BIT_ULL(mvif->omac_idx);
220 
221 	idx = MT7915_WTBL_RESERVED - mvif->idx;
222 
223 	INIT_LIST_HEAD(&mvif->sta.rc_list);
224 	INIT_LIST_HEAD(&mvif->sta.stats_list);
225 	INIT_LIST_HEAD(&mvif->sta.poll_list);
226 	mvif->sta.wcid.idx = idx;
227 	mvif->sta.wcid.ext_phy = mvif->band_idx;
228 	mvif->sta.wcid.hw_key_idx = -1;
229 	mvif->sta.wcid.tx_info |= MT_WCID_TX_INFO_SET;
230 	mt7915_mac_wtbl_update(dev, idx,
231 			       MT_WTBL_UPDATE_ADM_COUNT_CLEAR);
232 
233 	rcu_assign_pointer(dev->mt76.wcid[idx], &mvif->sta.wcid);
234 	if (vif->txq) {
235 		mtxq = (struct mt76_txq *)vif->txq->drv_priv;
236 		mtxq->wcid = &mvif->sta.wcid;
237 	}
238 
239 	if (vif->type != NL80211_IFTYPE_AP &&
240 	    (!mvif->omac_idx || mvif->omac_idx > 3))
241 		vif->offload_flags = 0;
242 	vif->offload_flags |= IEEE80211_OFFLOAD_ENCAP_4ADDR;
243 
244 out:
245 	mutex_unlock(&dev->mt76.mutex);
246 
247 	return ret;
248 }
249 
250 static void mt7915_remove_interface(struct ieee80211_hw *hw,
251 				    struct ieee80211_vif *vif)
252 {
253 	struct mt7915_vif *mvif = (struct mt7915_vif *)vif->drv_priv;
254 	struct mt7915_sta *msta = &mvif->sta;
255 	struct mt7915_dev *dev = mt7915_hw_dev(hw);
256 	struct mt7915_phy *phy = mt7915_hw_phy(hw);
257 	int idx = msta->wcid.idx;
258 
259 	mt7915_mcu_add_bss_info(phy, vif, false);
260 	mt7915_mcu_add_sta(dev, vif, NULL, false);
261 
262 	mutex_lock(&dev->mt76.mutex);
263 	mt76_testmode_reset(phy->mt76, true);
264 	mutex_unlock(&dev->mt76.mutex);
265 
266 	if (vif == phy->monitor_vif)
267 		phy->monitor_vif = NULL;
268 
269 	mt7915_mcu_add_dev_info(phy, vif, false);
270 
271 	rcu_assign_pointer(dev->mt76.wcid[idx], NULL);
272 
273 	mutex_lock(&dev->mt76.mutex);
274 	dev->mt76.vif_mask &= ~BIT(mvif->idx);
275 	phy->omac_mask &= ~BIT_ULL(mvif->omac_idx);
276 	mutex_unlock(&dev->mt76.mutex);
277 
278 	spin_lock_bh(&dev->sta_poll_lock);
279 	if (!list_empty(&msta->poll_list))
280 		list_del_init(&msta->poll_list);
281 	spin_unlock_bh(&dev->sta_poll_lock);
282 }
283 
284 static void mt7915_init_dfs_state(struct mt7915_phy *phy)
285 {
286 	struct mt76_phy *mphy = phy->mt76;
287 	struct ieee80211_hw *hw = mphy->hw;
288 	struct cfg80211_chan_def *chandef = &hw->conf.chandef;
289 
290 	if (hw->conf.flags & IEEE80211_CONF_OFFCHANNEL)
291 		return;
292 
293 	if (!(chandef->chan->flags & IEEE80211_CHAN_RADAR))
294 		return;
295 
296 	if (mphy->chandef.chan->center_freq == chandef->chan->center_freq &&
297 	    mphy->chandef.width == chandef->width)
298 		return;
299 
300 	phy->dfs_state = -1;
301 }
302 
303 int mt7915_set_channel(struct mt7915_phy *phy)
304 {
305 	struct mt7915_dev *dev = phy->dev;
306 	int ret;
307 
308 	cancel_delayed_work_sync(&phy->mt76->mac_work);
309 
310 	mutex_lock(&dev->mt76.mutex);
311 	set_bit(MT76_RESET, &phy->mt76->state);
312 
313 	mt7915_init_dfs_state(phy);
314 	mt76_set_channel(phy->mt76);
315 
316 	if (dev->flash_mode) {
317 		ret = mt7915_mcu_apply_tx_dpd(phy);
318 		if (ret)
319 			goto out;
320 	}
321 
322 	ret = mt7915_mcu_set_chan_info(phy, MCU_EXT_CMD(CHANNEL_SWITCH));
323 	if (ret)
324 		goto out;
325 
326 	mt7915_mac_set_timing(phy);
327 	ret = mt7915_dfs_init_radar_detector(phy);
328 	mt7915_mac_cca_stats_reset(phy);
329 
330 	mt7915_mac_reset_counters(phy);
331 	phy->noise = 0;
332 
333 out:
334 	clear_bit(MT76_RESET, &phy->mt76->state);
335 	mutex_unlock(&dev->mt76.mutex);
336 
337 	mt76_txq_schedule_all(phy->mt76);
338 
339 	if (!mt76_testmode_enabled(phy->mt76))
340 		ieee80211_queue_delayed_work(phy->mt76->hw,
341 					     &phy->mt76->mac_work,
342 					     MT7915_WATCHDOG_TIME);
343 
344 	return ret;
345 }
346 
347 static int mt7915_set_key(struct ieee80211_hw *hw, enum set_key_cmd cmd,
348 			  struct ieee80211_vif *vif, struct ieee80211_sta *sta,
349 			  struct ieee80211_key_conf *key)
350 {
351 	struct mt7915_dev *dev = mt7915_hw_dev(hw);
352 	struct mt7915_vif *mvif = (struct mt7915_vif *)vif->drv_priv;
353 	struct mt7915_sta *msta = sta ? (struct mt7915_sta *)sta->drv_priv :
354 				  &mvif->sta;
355 	struct mt76_wcid *wcid = &msta->wcid;
356 	u8 *wcid_keyidx = &wcid->hw_key_idx;
357 	int idx = key->keyidx;
358 	int err = 0;
359 
360 	/* The hardware does not support per-STA RX GTK, fallback
361 	 * to software mode for these.
362 	 */
363 	if ((vif->type == NL80211_IFTYPE_ADHOC ||
364 	     vif->type == NL80211_IFTYPE_MESH_POINT) &&
365 	    (key->cipher == WLAN_CIPHER_SUITE_TKIP ||
366 	     key->cipher == WLAN_CIPHER_SUITE_CCMP) &&
367 	    !(key->flags & IEEE80211_KEY_FLAG_PAIRWISE))
368 		return -EOPNOTSUPP;
369 
370 	/* fall back to sw encryption for unsupported ciphers */
371 	switch (key->cipher) {
372 	case WLAN_CIPHER_SUITE_AES_CMAC:
373 		wcid_keyidx = &wcid->hw_key_idx2;
374 		key->flags |= IEEE80211_KEY_FLAG_GENERATE_MMIE;
375 		break;
376 	case WLAN_CIPHER_SUITE_TKIP:
377 	case WLAN_CIPHER_SUITE_CCMP:
378 	case WLAN_CIPHER_SUITE_CCMP_256:
379 	case WLAN_CIPHER_SUITE_GCMP:
380 	case WLAN_CIPHER_SUITE_GCMP_256:
381 	case WLAN_CIPHER_SUITE_SMS4:
382 		break;
383 	case WLAN_CIPHER_SUITE_WEP40:
384 	case WLAN_CIPHER_SUITE_WEP104:
385 	default:
386 		return -EOPNOTSUPP;
387 	}
388 
389 	mutex_lock(&dev->mt76.mutex);
390 
391 	if (cmd == SET_KEY)
392 		*wcid_keyidx = idx;
393 	else if (idx == *wcid_keyidx)
394 		*wcid_keyidx = -1;
395 	else
396 		goto out;
397 
398 	mt76_wcid_key_setup(&dev->mt76, wcid,
399 			    cmd == SET_KEY ? key : NULL);
400 
401 	err = mt7915_mcu_add_key(dev, vif, msta, key, cmd);
402 
403 out:
404 	mutex_unlock(&dev->mt76.mutex);
405 
406 	return err;
407 }
408 
409 static int mt7915_config(struct ieee80211_hw *hw, u32 changed)
410 {
411 	struct mt7915_dev *dev = mt7915_hw_dev(hw);
412 	struct mt7915_phy *phy = mt7915_hw_phy(hw);
413 	bool band = phy != &dev->phy;
414 	int ret;
415 
416 	if (changed & IEEE80211_CONF_CHANGE_CHANNEL) {
417 #ifdef CONFIG_NL80211_TESTMODE
418 		if (phy->mt76->test.state != MT76_TM_STATE_OFF) {
419 			mutex_lock(&dev->mt76.mutex);
420 			mt76_testmode_reset(phy->mt76, false);
421 			mutex_unlock(&dev->mt76.mutex);
422 		}
423 #endif
424 		ieee80211_stop_queues(hw);
425 		ret = mt7915_set_channel(phy);
426 		if (ret)
427 			return ret;
428 		ieee80211_wake_queues(hw);
429 	}
430 
431 	if (changed & IEEE80211_CONF_CHANGE_POWER) {
432 		ret = mt7915_mcu_set_txpower_sku(phy);
433 		if (ret)
434 			return ret;
435 	}
436 
437 	mutex_lock(&dev->mt76.mutex);
438 
439 	if (changed & IEEE80211_CONF_CHANGE_MONITOR) {
440 		bool enabled = !!(hw->conf.flags & IEEE80211_CONF_MONITOR);
441 
442 		if (!enabled)
443 			phy->rxfilter |= MT_WF_RFCR_DROP_OTHER_UC;
444 		else
445 			phy->rxfilter &= ~MT_WF_RFCR_DROP_OTHER_UC;
446 
447 		mt76_rmw_field(dev, MT_DMA_DCR0(band), MT_DMA_DCR0_RXD_G5_EN,
448 			       enabled);
449 		mt76_testmode_reset(phy->mt76, true);
450 		mt76_wr(dev, MT_WF_RFCR(band), phy->rxfilter);
451 	}
452 
453 	mutex_unlock(&dev->mt76.mutex);
454 
455 	return 0;
456 }
457 
458 static int
459 mt7915_conf_tx(struct ieee80211_hw *hw, struct ieee80211_vif *vif, u16 queue,
460 	       const struct ieee80211_tx_queue_params *params)
461 {
462 	struct mt7915_dev *dev = mt7915_hw_dev(hw);
463 	struct mt7915_vif *mvif = (struct mt7915_vif *)vif->drv_priv;
464 
465 	/* no need to update right away, we'll get BSS_CHANGED_QOS */
466 	queue = mt7915_lmac_mapping(dev, queue);
467 	mvif->queue_params[queue] = *params;
468 
469 	return 0;
470 }
471 
472 static void mt7915_configure_filter(struct ieee80211_hw *hw,
473 				    unsigned int changed_flags,
474 				    unsigned int *total_flags,
475 				    u64 multicast)
476 {
477 	struct mt7915_dev *dev = mt7915_hw_dev(hw);
478 	struct mt7915_phy *phy = mt7915_hw_phy(hw);
479 	bool band = phy != &dev->phy;
480 	u32 ctl_flags = MT_WF_RFCR1_DROP_ACK |
481 			MT_WF_RFCR1_DROP_BF_POLL |
482 			MT_WF_RFCR1_DROP_BA |
483 			MT_WF_RFCR1_DROP_CFEND |
484 			MT_WF_RFCR1_DROP_CFACK;
485 	u32 flags = 0;
486 
487 #define MT76_FILTER(_flag, _hw) do {					\
488 		flags |= *total_flags & FIF_##_flag;			\
489 		phy->rxfilter &= ~(_hw);				\
490 		phy->rxfilter |= !(flags & FIF_##_flag) * (_hw);	\
491 	} while (0)
492 
493 	mutex_lock(&dev->mt76.mutex);
494 
495 	phy->rxfilter &= ~(MT_WF_RFCR_DROP_OTHER_BSS |
496 			   MT_WF_RFCR_DROP_OTHER_BEACON |
497 			   MT_WF_RFCR_DROP_FRAME_REPORT |
498 			   MT_WF_RFCR_DROP_PROBEREQ |
499 			   MT_WF_RFCR_DROP_MCAST_FILTERED |
500 			   MT_WF_RFCR_DROP_MCAST |
501 			   MT_WF_RFCR_DROP_BCAST |
502 			   MT_WF_RFCR_DROP_DUPLICATE |
503 			   MT_WF_RFCR_DROP_A2_BSSID |
504 			   MT_WF_RFCR_DROP_UNWANTED_CTL |
505 			   MT_WF_RFCR_DROP_STBC_MULTI);
506 
507 	MT76_FILTER(OTHER_BSS, MT_WF_RFCR_DROP_OTHER_TIM |
508 			       MT_WF_RFCR_DROP_A3_MAC |
509 			       MT_WF_RFCR_DROP_A3_BSSID);
510 
511 	MT76_FILTER(FCSFAIL, MT_WF_RFCR_DROP_FCSFAIL);
512 
513 	MT76_FILTER(CONTROL, MT_WF_RFCR_DROP_CTS |
514 			     MT_WF_RFCR_DROP_RTS |
515 			     MT_WF_RFCR_DROP_CTL_RSV |
516 			     MT_WF_RFCR_DROP_NDPA);
517 
518 	*total_flags = flags;
519 	mt76_wr(dev, MT_WF_RFCR(band), phy->rxfilter);
520 
521 	if (*total_flags & FIF_CONTROL)
522 		mt76_clear(dev, MT_WF_RFCR1(band), ctl_flags);
523 	else
524 		mt76_set(dev, MT_WF_RFCR1(band), ctl_flags);
525 
526 	mutex_unlock(&dev->mt76.mutex);
527 }
528 
529 static void mt7915_bss_info_changed(struct ieee80211_hw *hw,
530 				    struct ieee80211_vif *vif,
531 				    struct ieee80211_bss_conf *info,
532 				    u32 changed)
533 {
534 	struct mt7915_phy *phy = mt7915_hw_phy(hw);
535 	struct mt7915_dev *dev = mt7915_hw_dev(hw);
536 
537 	mutex_lock(&dev->mt76.mutex);
538 
539 	/*
540 	 * station mode uses BSSID to map the wlan entry to a peer,
541 	 * and then peer references bss_info_rfch to set bandwidth cap.
542 	 */
543 	if (changed & BSS_CHANGED_BSSID &&
544 	    vif->type == NL80211_IFTYPE_STATION) {
545 		bool join = !is_zero_ether_addr(info->bssid);
546 
547 		mt7915_mcu_add_bss_info(phy, vif, join);
548 		mt7915_mcu_add_sta(dev, vif, NULL, join);
549 	}
550 
551 	if (changed & BSS_CHANGED_ASSOC) {
552 		mt7915_mcu_add_bss_info(phy, vif, info->assoc);
553 		mt7915_mcu_add_obss_spr(dev, vif, info->he_obss_pd.enable);
554 	}
555 
556 	if (changed & BSS_CHANGED_ERP_SLOT) {
557 		int slottime = info->use_short_slot ? 9 : 20;
558 
559 		if (slottime != phy->slottime) {
560 			phy->slottime = slottime;
561 			mt7915_mac_set_timing(phy);
562 		}
563 	}
564 
565 	if (changed & BSS_CHANGED_BEACON_ENABLED && info->enable_beacon) {
566 		mt7915_mcu_add_bss_info(phy, vif, true);
567 		mt7915_mcu_add_sta(dev, vif, NULL, true);
568 	}
569 
570 	/* ensure that enable txcmd_mode after bss_info */
571 	if (changed & (BSS_CHANGED_QOS | BSS_CHANGED_BEACON_ENABLED))
572 		mt7915_mcu_set_tx(dev, vif);
573 
574 	if (changed & BSS_CHANGED_HE_OBSS_PD)
575 		mt7915_mcu_add_obss_spr(dev, vif, info->he_obss_pd.enable);
576 
577 	if (changed & (BSS_CHANGED_BEACON |
578 		       BSS_CHANGED_BEACON_ENABLED))
579 		mt7915_mcu_add_beacon(hw, vif, info->enable_beacon);
580 
581 	mutex_unlock(&dev->mt76.mutex);
582 }
583 
584 static void
585 mt7915_channel_switch_beacon(struct ieee80211_hw *hw,
586 			     struct ieee80211_vif *vif,
587 			     struct cfg80211_chan_def *chandef)
588 {
589 	struct mt7915_dev *dev = mt7915_hw_dev(hw);
590 
591 	mutex_lock(&dev->mt76.mutex);
592 	mt7915_mcu_add_beacon(hw, vif, true);
593 	mutex_unlock(&dev->mt76.mutex);
594 }
595 
596 int mt7915_mac_sta_add(struct mt76_dev *mdev, struct ieee80211_vif *vif,
597 		       struct ieee80211_sta *sta)
598 {
599 	struct mt7915_dev *dev = container_of(mdev, struct mt7915_dev, mt76);
600 	struct mt7915_sta *msta = (struct mt7915_sta *)sta->drv_priv;
601 	struct mt7915_vif *mvif = (struct mt7915_vif *)vif->drv_priv;
602 	int ret, idx;
603 
604 	idx = mt76_wcid_alloc(dev->mt76.wcid_mask, MT7915_WTBL_STA - 1);
605 	if (idx < 0)
606 		return -ENOSPC;
607 
608 	INIT_LIST_HEAD(&msta->rc_list);
609 	INIT_LIST_HEAD(&msta->stats_list);
610 	INIT_LIST_HEAD(&msta->poll_list);
611 	msta->vif = mvif;
612 	msta->wcid.sta = 1;
613 	msta->wcid.idx = idx;
614 	msta->wcid.ext_phy = mvif->band_idx;
615 	msta->wcid.tx_info |= MT_WCID_TX_INFO_SET;
616 	msta->stats.jiffies = jiffies;
617 
618 	mt7915_mac_wtbl_update(dev, idx,
619 			       MT_WTBL_UPDATE_ADM_COUNT_CLEAR);
620 
621 	ret = mt7915_mcu_add_sta(dev, vif, sta, true);
622 	if (ret)
623 		return ret;
624 
625 	return mt7915_mcu_add_sta_adv(dev, vif, sta, true);
626 }
627 
628 void mt7915_mac_sta_remove(struct mt76_dev *mdev, struct ieee80211_vif *vif,
629 			   struct ieee80211_sta *sta)
630 {
631 	struct mt7915_dev *dev = container_of(mdev, struct mt7915_dev, mt76);
632 	struct mt7915_sta *msta = (struct mt7915_sta *)sta->drv_priv;
633 
634 	mt7915_mcu_add_sta_adv(dev, vif, sta, false);
635 	mt7915_mcu_add_sta(dev, vif, sta, false);
636 
637 	mt7915_mac_wtbl_update(dev, msta->wcid.idx,
638 			       MT_WTBL_UPDATE_ADM_COUNT_CLEAR);
639 
640 	spin_lock_bh(&dev->sta_poll_lock);
641 	if (!list_empty(&msta->poll_list))
642 		list_del_init(&msta->poll_list);
643 	if (!list_empty(&msta->stats_list))
644 		list_del_init(&msta->stats_list);
645 	if (!list_empty(&msta->rc_list))
646 		list_del_init(&msta->rc_list);
647 	spin_unlock_bh(&dev->sta_poll_lock);
648 }
649 
650 static void mt7915_tx(struct ieee80211_hw *hw,
651 		      struct ieee80211_tx_control *control,
652 		      struct sk_buff *skb)
653 {
654 	struct mt7915_dev *dev = mt7915_hw_dev(hw);
655 	struct mt76_phy *mphy = hw->priv;
656 	struct ieee80211_tx_info *info = IEEE80211_SKB_CB(skb);
657 	struct ieee80211_vif *vif = info->control.vif;
658 	struct mt76_wcid *wcid = &dev->mt76.global_wcid;
659 
660 	if (control->sta) {
661 		struct mt7915_sta *sta;
662 
663 		sta = (struct mt7915_sta *)control->sta->drv_priv;
664 		wcid = &sta->wcid;
665 	}
666 
667 	if (vif && !control->sta) {
668 		struct mt7915_vif *mvif;
669 
670 		mvif = (struct mt7915_vif *)vif->drv_priv;
671 		wcid = &mvif->sta.wcid;
672 	}
673 
674 	mt76_tx(mphy, control->sta, wcid, skb);
675 }
676 
677 static int mt7915_set_rts_threshold(struct ieee80211_hw *hw, u32 val)
678 {
679 	struct mt7915_dev *dev = mt7915_hw_dev(hw);
680 	struct mt7915_phy *phy = mt7915_hw_phy(hw);
681 	int ret;
682 
683 	mutex_lock(&dev->mt76.mutex);
684 	ret = mt7915_mcu_set_rts_thresh(phy, val);
685 	mutex_unlock(&dev->mt76.mutex);
686 
687 	return ret;
688 }
689 
690 static int
691 mt7915_ampdu_action(struct ieee80211_hw *hw, struct ieee80211_vif *vif,
692 		    struct ieee80211_ampdu_params *params)
693 {
694 	enum ieee80211_ampdu_mlme_action action = params->action;
695 	struct mt7915_dev *dev = mt7915_hw_dev(hw);
696 	struct ieee80211_sta *sta = params->sta;
697 	struct ieee80211_txq *txq = sta->txq[params->tid];
698 	struct mt7915_sta *msta = (struct mt7915_sta *)sta->drv_priv;
699 	u16 tid = params->tid;
700 	u16 ssn = params->ssn;
701 	struct mt76_txq *mtxq;
702 	int ret = 0;
703 
704 	if (!txq)
705 		return -EINVAL;
706 
707 	mtxq = (struct mt76_txq *)txq->drv_priv;
708 
709 	mutex_lock(&dev->mt76.mutex);
710 	switch (action) {
711 	case IEEE80211_AMPDU_RX_START:
712 		mt76_rx_aggr_start(&dev->mt76, &msta->wcid, tid, ssn,
713 				   params->buf_size);
714 		ret = mt7915_mcu_add_rx_ba(dev, params, true);
715 		break;
716 	case IEEE80211_AMPDU_RX_STOP:
717 		mt76_rx_aggr_stop(&dev->mt76, &msta->wcid, tid);
718 		ret = mt7915_mcu_add_rx_ba(dev, params, false);
719 		break;
720 	case IEEE80211_AMPDU_TX_OPERATIONAL:
721 		mtxq->aggr = true;
722 		mtxq->send_bar = false;
723 		ret = mt7915_mcu_add_tx_ba(dev, params, true);
724 		break;
725 	case IEEE80211_AMPDU_TX_STOP_FLUSH:
726 	case IEEE80211_AMPDU_TX_STOP_FLUSH_CONT:
727 		mtxq->aggr = false;
728 		clear_bit(tid, &msta->ampdu_state);
729 		ret = mt7915_mcu_add_tx_ba(dev, params, false);
730 		break;
731 	case IEEE80211_AMPDU_TX_START:
732 		set_bit(tid, &msta->ampdu_state);
733 		ret = IEEE80211_AMPDU_TX_START_IMMEDIATE;
734 		break;
735 	case IEEE80211_AMPDU_TX_STOP_CONT:
736 		mtxq->aggr = false;
737 		clear_bit(tid, &msta->ampdu_state);
738 		ret = mt7915_mcu_add_tx_ba(dev, params, false);
739 		ieee80211_stop_tx_ba_cb_irqsafe(vif, sta->addr, tid);
740 		break;
741 	}
742 	mutex_unlock(&dev->mt76.mutex);
743 
744 	return ret;
745 }
746 
747 static int
748 mt7915_sta_add(struct ieee80211_hw *hw, struct ieee80211_vif *vif,
749 	       struct ieee80211_sta *sta)
750 {
751 	return mt76_sta_state(hw, vif, sta, IEEE80211_STA_NOTEXIST,
752 			      IEEE80211_STA_NONE);
753 }
754 
755 static int
756 mt7915_sta_remove(struct ieee80211_hw *hw, struct ieee80211_vif *vif,
757 		  struct ieee80211_sta *sta)
758 {
759 	return mt76_sta_state(hw, vif, sta, IEEE80211_STA_NONE,
760 			      IEEE80211_STA_NOTEXIST);
761 }
762 
763 static int
764 mt7915_get_stats(struct ieee80211_hw *hw,
765 		 struct ieee80211_low_level_stats *stats)
766 {
767 	struct mt7915_phy *phy = mt7915_hw_phy(hw);
768 	struct mt7915_dev *dev = mt7915_hw_dev(hw);
769 	struct mib_stats *mib = &phy->mib;
770 
771 	mutex_lock(&dev->mt76.mutex);
772 	stats->dot11RTSSuccessCount = mib->rts_cnt;
773 	stats->dot11RTSFailureCount = mib->rts_retries_cnt;
774 	stats->dot11FCSErrorCount = mib->fcs_err_cnt;
775 	stats->dot11ACKFailureCount = mib->ack_fail_cnt;
776 
777 	memset(mib, 0, sizeof(*mib));
778 
779 	mutex_unlock(&dev->mt76.mutex);
780 
781 	return 0;
782 }
783 
784 static u64
785 mt7915_get_tsf(struct ieee80211_hw *hw, struct ieee80211_vif *vif)
786 {
787 	struct mt7915_vif *mvif = (struct mt7915_vif *)vif->drv_priv;
788 	struct mt7915_dev *dev = mt7915_hw_dev(hw);
789 	struct mt7915_phy *phy = mt7915_hw_phy(hw);
790 	bool band = phy != &dev->phy;
791 	union {
792 		u64 t64;
793 		u32 t32[2];
794 	} tsf;
795 	u16 n;
796 
797 	mutex_lock(&dev->mt76.mutex);
798 
799 	n = mvif->omac_idx > HW_BSSID_MAX ? HW_BSSID_0 : mvif->omac_idx;
800 	/* TSF software read */
801 	mt76_set(dev, MT_LPON_TCR(band, n), MT_LPON_TCR_SW_MODE);
802 	tsf.t32[0] = mt76_rr(dev, MT_LPON_UTTR0(band));
803 	tsf.t32[1] = mt76_rr(dev, MT_LPON_UTTR1(band));
804 
805 	mutex_unlock(&dev->mt76.mutex);
806 
807 	return tsf.t64;
808 }
809 
810 static void
811 mt7915_set_tsf(struct ieee80211_hw *hw, struct ieee80211_vif *vif,
812 	       u64 timestamp)
813 {
814 	struct mt7915_vif *mvif = (struct mt7915_vif *)vif->drv_priv;
815 	struct mt7915_dev *dev = mt7915_hw_dev(hw);
816 	struct mt7915_phy *phy = mt7915_hw_phy(hw);
817 	bool band = phy != &dev->phy;
818 	union {
819 		u64 t64;
820 		u32 t32[2];
821 	} tsf = { .t64 = timestamp, };
822 	u16 n;
823 
824 	mutex_lock(&dev->mt76.mutex);
825 
826 	n = mvif->omac_idx > HW_BSSID_MAX ? HW_BSSID_0 : mvif->omac_idx;
827 	mt76_wr(dev, MT_LPON_UTTR0(band), tsf.t32[0]);
828 	mt76_wr(dev, MT_LPON_UTTR1(band), tsf.t32[1]);
829 	/* TSF software overwrite */
830 	mt76_set(dev, MT_LPON_TCR(band, n), MT_LPON_TCR_SW_WRITE);
831 
832 	mutex_unlock(&dev->mt76.mutex);
833 }
834 
835 static void
836 mt7915_set_coverage_class(struct ieee80211_hw *hw, s16 coverage_class)
837 {
838 	struct mt7915_phy *phy = mt7915_hw_phy(hw);
839 	struct mt7915_dev *dev = phy->dev;
840 
841 	mutex_lock(&dev->mt76.mutex);
842 	phy->coverage_class = max_t(s16, coverage_class, 0);
843 	mt7915_mac_set_timing(phy);
844 	mutex_unlock(&dev->mt76.mutex);
845 }
846 
847 static int
848 mt7915_set_antenna(struct ieee80211_hw *hw, u32 tx_ant, u32 rx_ant)
849 {
850 	struct mt7915_dev *dev = mt7915_hw_dev(hw);
851 	struct mt7915_phy *phy = mt7915_hw_phy(hw);
852 	int max_nss = hweight8(hw->wiphy->available_antennas_tx);
853 	bool ext_phy = phy != &dev->phy;
854 
855 	if (!tx_ant || tx_ant != rx_ant || ffs(tx_ant) > max_nss)
856 		return -EINVAL;
857 
858 	if ((BIT(hweight8(tx_ant)) - 1) != tx_ant)
859 		tx_ant = BIT(ffs(tx_ant) - 1) - 1;
860 
861 	mutex_lock(&dev->mt76.mutex);
862 
863 	phy->mt76->antenna_mask = tx_ant;
864 
865 	if (ext_phy) {
866 		if (dev->chainmask == 0xf)
867 			tx_ant <<= 2;
868 		else
869 			tx_ant <<= 1;
870 	}
871 	phy->mt76->chainmask = tx_ant;
872 
873 	mt76_set_stream_caps(phy->mt76, true);
874 	mt7915_set_stream_vht_txbf_caps(phy);
875 	mt7915_set_stream_he_caps(phy);
876 
877 	mutex_unlock(&dev->mt76.mutex);
878 
879 	return 0;
880 }
881 
882 static void mt7915_sta_statistics(struct ieee80211_hw *hw,
883 				  struct ieee80211_vif *vif,
884 				  struct ieee80211_sta *sta,
885 				  struct station_info *sinfo)
886 {
887 	struct mt7915_phy *phy = mt7915_hw_phy(hw);
888 	struct mt7915_sta *msta = (struct mt7915_sta *)sta->drv_priv;
889 	struct mt7915_sta_stats *stats = &msta->stats;
890 	struct rate_info rxrate = {};
891 
892 	if (!mt7915_mcu_get_rx_rate(phy, vif, sta, &rxrate)) {
893 		sinfo->rxrate = rxrate;
894 		sinfo->filled |= BIT_ULL(NL80211_STA_INFO_RX_BITRATE);
895 	}
896 
897 	if (!stats->tx_rate.legacy && !stats->tx_rate.flags)
898 		return;
899 
900 	if (stats->tx_rate.legacy) {
901 		sinfo->txrate.legacy = stats->tx_rate.legacy;
902 	} else {
903 		sinfo->txrate.mcs = stats->tx_rate.mcs;
904 		sinfo->txrate.nss = stats->tx_rate.nss;
905 		sinfo->txrate.bw = stats->tx_rate.bw;
906 		sinfo->txrate.he_gi = stats->tx_rate.he_gi;
907 		sinfo->txrate.he_dcm = stats->tx_rate.he_dcm;
908 		sinfo->txrate.he_ru_alloc = stats->tx_rate.he_ru_alloc;
909 	}
910 	sinfo->txrate.flags = stats->tx_rate.flags;
911 	sinfo->filled |= BIT_ULL(NL80211_STA_INFO_TX_BITRATE);
912 }
913 
914 static void
915 mt7915_sta_rc_update(struct ieee80211_hw *hw,
916 		     struct ieee80211_vif *vif,
917 		     struct ieee80211_sta *sta,
918 		     u32 changed)
919 {
920 	struct mt7915_dev *dev = mt7915_hw_dev(hw);
921 	struct mt7915_sta *msta = (struct mt7915_sta *)sta->drv_priv;
922 
923 	spin_lock_bh(&dev->sta_poll_lock);
924 	msta->stats.changed |= changed;
925 	if (list_empty(&msta->rc_list))
926 		list_add_tail(&msta->rc_list, &dev->sta_rc_list);
927 	spin_unlock_bh(&dev->sta_poll_lock);
928 
929 	ieee80211_queue_work(hw, &dev->rc_work);
930 }
931 
932 static void mt7915_sta_set_4addr(struct ieee80211_hw *hw,
933 				 struct ieee80211_vif *vif,
934 				 struct ieee80211_sta *sta,
935 				 bool enabled)
936 {
937 	struct mt7915_dev *dev = mt7915_hw_dev(hw);
938 	struct mt7915_sta *msta = (struct mt7915_sta *)sta->drv_priv;
939 
940 	if (enabled)
941 		set_bit(MT_WCID_FLAG_4ADDR, &msta->wcid.flags);
942 	else
943 		clear_bit(MT_WCID_FLAG_4ADDR, &msta->wcid.flags);
944 
945 	mt7915_mcu_sta_update_hdr_trans(dev, vif, sta);
946 }
947 
948 static void mt7915_sta_set_decap_offload(struct ieee80211_hw *hw,
949 				 struct ieee80211_vif *vif,
950 				 struct ieee80211_sta *sta,
951 				 bool enabled)
952 {
953 	struct mt7915_dev *dev = mt7915_hw_dev(hw);
954 	struct mt7915_sta *msta = (struct mt7915_sta *)sta->drv_priv;
955 
956 	if (enabled)
957 		set_bit(MT_WCID_FLAG_HDR_TRANS, &msta->wcid.flags);
958 	else
959 		clear_bit(MT_WCID_FLAG_HDR_TRANS, &msta->wcid.flags);
960 
961 	mt7915_mcu_sta_update_hdr_trans(dev, vif, sta);
962 }
963 
964 const struct ieee80211_ops mt7915_ops = {
965 	.tx = mt7915_tx,
966 	.start = mt7915_start,
967 	.stop = mt7915_stop,
968 	.add_interface = mt7915_add_interface,
969 	.remove_interface = mt7915_remove_interface,
970 	.config = mt7915_config,
971 	.conf_tx = mt7915_conf_tx,
972 	.configure_filter = mt7915_configure_filter,
973 	.bss_info_changed = mt7915_bss_info_changed,
974 	.sta_add = mt7915_sta_add,
975 	.sta_remove = mt7915_sta_remove,
976 	.sta_pre_rcu_remove = mt76_sta_pre_rcu_remove,
977 	.sta_rc_update = mt7915_sta_rc_update,
978 	.set_key = mt7915_set_key,
979 	.ampdu_action = mt7915_ampdu_action,
980 	.set_rts_threshold = mt7915_set_rts_threshold,
981 	.wake_tx_queue = mt76_wake_tx_queue,
982 	.sw_scan_start = mt76_sw_scan,
983 	.sw_scan_complete = mt76_sw_scan_complete,
984 	.release_buffered_frames = mt76_release_buffered_frames,
985 	.get_txpower = mt76_get_txpower,
986 	.channel_switch_beacon = mt7915_channel_switch_beacon,
987 	.get_stats = mt7915_get_stats,
988 	.get_tsf = mt7915_get_tsf,
989 	.set_tsf = mt7915_set_tsf,
990 	.get_survey = mt76_get_survey,
991 	.get_antenna = mt76_get_antenna,
992 	.set_antenna = mt7915_set_antenna,
993 	.set_coverage_class = mt7915_set_coverage_class,
994 	.sta_statistics = mt7915_sta_statistics,
995 	.sta_set_4addr = mt7915_sta_set_4addr,
996 	.sta_set_decap_offload = mt7915_sta_set_decap_offload,
997 	CFG80211_TESTMODE_CMD(mt76_testmode_cmd)
998 	CFG80211_TESTMODE_DUMP(mt76_testmode_dump)
999 #ifdef CONFIG_MAC80211_DEBUGFS
1000 	.sta_add_debugfs = mt7915_sta_add_debugfs,
1001 #endif
1002 };
1003