1 // SPDX-License-Identifier: ISC 2 /* 3 * Copyright (C) 2022 MediaTek Inc. 4 */ 5 6 #include <linux/firmware.h> 7 #include <linux/fs.h> 8 #include "mt7996.h" 9 #include "mcu.h" 10 #include "mac.h" 11 #include "eeprom.h" 12 13 struct mt7996_patch_hdr { 14 char build_date[16]; 15 char platform[4]; 16 __be32 hw_sw_ver; 17 __be32 patch_ver; 18 __be16 checksum; 19 u16 reserved; 20 struct { 21 __be32 patch_ver; 22 __be32 subsys; 23 __be32 feature; 24 __be32 n_region; 25 __be32 crc; 26 u32 reserved[11]; 27 } desc; 28 } __packed; 29 30 struct mt7996_patch_sec { 31 __be32 type; 32 __be32 offs; 33 __be32 size; 34 union { 35 __be32 spec[13]; 36 struct { 37 __be32 addr; 38 __be32 len; 39 __be32 sec_key_idx; 40 __be32 align_len; 41 u32 reserved[9]; 42 } info; 43 }; 44 } __packed; 45 46 struct mt7996_fw_trailer { 47 u8 chip_id; 48 u8 eco_code; 49 u8 n_region; 50 u8 format_ver; 51 u8 format_flag; 52 u8 reserved[2]; 53 char fw_ver[10]; 54 char build_date[15]; 55 u32 crc; 56 } __packed; 57 58 struct mt7996_fw_region { 59 __le32 decomp_crc; 60 __le32 decomp_len; 61 __le32 decomp_blk_sz; 62 u8 reserved[4]; 63 __le32 addr; 64 __le32 len; 65 u8 feature_set; 66 u8 reserved1[15]; 67 } __packed; 68 69 #define MCU_PATCH_ADDRESS 0x200000 70 71 #define HE_PHY(p, c) u8_get_bits(c, IEEE80211_HE_PHY_##p) 72 #define HE_MAC(m, c) u8_get_bits(c, IEEE80211_HE_MAC_##m) 73 74 static bool sr_scene_detect = true; 75 module_param(sr_scene_detect, bool, 0644); 76 MODULE_PARM_DESC(sr_scene_detect, "Enable firmware scene detection algorithm"); 77 78 static u8 79 mt7996_mcu_get_sta_nss(u16 mcs_map) 80 { 81 u8 nss; 82 83 for (nss = 8; nss > 0; nss--) { 84 u8 nss_mcs = (mcs_map >> (2 * (nss - 1))) & 3; 85 86 if (nss_mcs != IEEE80211_VHT_MCS_NOT_SUPPORTED) 87 break; 88 } 89 90 return nss - 1; 91 } 92 93 static void 94 mt7996_mcu_set_sta_he_mcs(struct ieee80211_sta *sta, __le16 *he_mcs, 95 u16 mcs_map) 96 { 97 struct mt7996_sta *msta = (struct mt7996_sta *)sta->drv_priv; 98 enum nl80211_band band = msta->vif->phy->mt76->chandef.chan->band; 99 const u16 *mask = msta->vif->bitrate_mask.control[band].he_mcs; 100 int nss, max_nss = sta->deflink.rx_nss > 3 ? 4 : sta->deflink.rx_nss; 101 102 for (nss = 0; nss < max_nss; nss++) { 103 int mcs; 104 105 switch ((mcs_map >> (2 * nss)) & 0x3) { 106 case IEEE80211_HE_MCS_SUPPORT_0_11: 107 mcs = GENMASK(11, 0); 108 break; 109 case IEEE80211_HE_MCS_SUPPORT_0_9: 110 mcs = GENMASK(9, 0); 111 break; 112 case IEEE80211_HE_MCS_SUPPORT_0_7: 113 mcs = GENMASK(7, 0); 114 break; 115 default: 116 mcs = 0; 117 } 118 119 mcs = mcs ? fls(mcs & mask[nss]) - 1 : -1; 120 121 switch (mcs) { 122 case 0 ... 7: 123 mcs = IEEE80211_HE_MCS_SUPPORT_0_7; 124 break; 125 case 8 ... 9: 126 mcs = IEEE80211_HE_MCS_SUPPORT_0_9; 127 break; 128 case 10 ... 11: 129 mcs = IEEE80211_HE_MCS_SUPPORT_0_11; 130 break; 131 default: 132 mcs = IEEE80211_HE_MCS_NOT_SUPPORTED; 133 break; 134 } 135 mcs_map &= ~(0x3 << (nss * 2)); 136 mcs_map |= mcs << (nss * 2); 137 } 138 139 *he_mcs = cpu_to_le16(mcs_map); 140 } 141 142 static void 143 mt7996_mcu_set_sta_vht_mcs(struct ieee80211_sta *sta, __le16 *vht_mcs, 144 const u16 *mask) 145 { 146 u16 mcs, mcs_map = le16_to_cpu(sta->deflink.vht_cap.vht_mcs.rx_mcs_map); 147 int nss, max_nss = sta->deflink.rx_nss > 3 ? 4 : sta->deflink.rx_nss; 148 149 for (nss = 0; nss < max_nss; nss++, mcs_map >>= 2) { 150 switch (mcs_map & 0x3) { 151 case IEEE80211_VHT_MCS_SUPPORT_0_9: 152 mcs = GENMASK(9, 0); 153 break; 154 case IEEE80211_VHT_MCS_SUPPORT_0_8: 155 mcs = GENMASK(8, 0); 156 break; 157 case IEEE80211_VHT_MCS_SUPPORT_0_7: 158 mcs = GENMASK(7, 0); 159 break; 160 default: 161 mcs = 0; 162 } 163 164 vht_mcs[nss] = cpu_to_le16(mcs & mask[nss]); 165 } 166 } 167 168 static void 169 mt7996_mcu_set_sta_ht_mcs(struct ieee80211_sta *sta, u8 *ht_mcs, 170 const u8 *mask) 171 { 172 int nss, max_nss = sta->deflink.rx_nss > 3 ? 4 : sta->deflink.rx_nss; 173 174 for (nss = 0; nss < max_nss; nss++) 175 ht_mcs[nss] = sta->deflink.ht_cap.mcs.rx_mask[nss] & mask[nss]; 176 } 177 178 static int 179 mt7996_mcu_parse_response(struct mt76_dev *mdev, int cmd, 180 struct sk_buff *skb, int seq) 181 { 182 struct mt7996_mcu_rxd *rxd; 183 struct mt7996_mcu_uni_event *event; 184 int mcu_cmd = FIELD_GET(__MCU_CMD_FIELD_ID, cmd); 185 int ret = 0; 186 187 if (!skb) { 188 dev_err(mdev->dev, "Message %08x (seq %d) timeout\n", 189 cmd, seq); 190 return -ETIMEDOUT; 191 } 192 193 rxd = (struct mt7996_mcu_rxd *)skb->data; 194 if (seq != rxd->seq) 195 return -EAGAIN; 196 197 if (cmd == MCU_CMD(PATCH_SEM_CONTROL)) { 198 skb_pull(skb, sizeof(*rxd) - 4); 199 ret = *skb->data; 200 } else if ((rxd->option & MCU_UNI_CMD_EVENT) && 201 rxd->eid == MCU_UNI_EVENT_RESULT) { 202 skb_pull(skb, sizeof(*rxd)); 203 event = (struct mt7996_mcu_uni_event *)skb->data; 204 ret = le32_to_cpu(event->status); 205 /* skip invalid event */ 206 if (mcu_cmd != event->cid) 207 ret = -EAGAIN; 208 } else { 209 skb_pull(skb, sizeof(struct mt7996_mcu_rxd)); 210 } 211 212 return ret; 213 } 214 215 static int 216 mt7996_mcu_send_message(struct mt76_dev *mdev, struct sk_buff *skb, 217 int cmd, int *wait_seq) 218 { 219 struct mt7996_dev *dev = container_of(mdev, struct mt7996_dev, mt76); 220 int txd_len, mcu_cmd = FIELD_GET(__MCU_CMD_FIELD_ID, cmd); 221 struct mt76_connac2_mcu_uni_txd *uni_txd; 222 struct mt76_connac2_mcu_txd *mcu_txd; 223 enum mt76_mcuq_id qid; 224 __le32 *txd; 225 u32 val; 226 u8 seq; 227 228 mdev->mcu.timeout = 20 * HZ; 229 230 seq = ++dev->mt76.mcu.msg_seq & 0xf; 231 if (!seq) 232 seq = ++dev->mt76.mcu.msg_seq & 0xf; 233 234 if (cmd == MCU_CMD(FW_SCATTER)) { 235 qid = MT_MCUQ_FWDL; 236 goto exit; 237 } 238 239 txd_len = cmd & __MCU_CMD_FIELD_UNI ? sizeof(*uni_txd) : sizeof(*mcu_txd); 240 txd = (__le32 *)skb_push(skb, txd_len); 241 if (test_bit(MT76_STATE_MCU_RUNNING, &dev->mphy.state)) 242 qid = MT_MCUQ_WA; 243 else 244 qid = MT_MCUQ_WM; 245 246 val = FIELD_PREP(MT_TXD0_TX_BYTES, skb->len) | 247 FIELD_PREP(MT_TXD0_PKT_FMT, MT_TX_TYPE_CMD) | 248 FIELD_PREP(MT_TXD0_Q_IDX, MT_TX_MCU_PORT_RX_Q0); 249 txd[0] = cpu_to_le32(val); 250 251 val = FIELD_PREP(MT_TXD1_HDR_FORMAT, MT_HDR_FORMAT_CMD); 252 txd[1] = cpu_to_le32(val); 253 254 if (cmd & __MCU_CMD_FIELD_UNI) { 255 uni_txd = (struct mt76_connac2_mcu_uni_txd *)txd; 256 uni_txd->len = cpu_to_le16(skb->len - sizeof(uni_txd->txd)); 257 uni_txd->cid = cpu_to_le16(mcu_cmd); 258 uni_txd->s2d_index = MCU_S2D_H2CN; 259 uni_txd->pkt_type = MCU_PKT_ID; 260 uni_txd->seq = seq; 261 262 if (cmd & __MCU_CMD_FIELD_QUERY) 263 uni_txd->option = MCU_CMD_UNI_QUERY_ACK; 264 else 265 uni_txd->option = MCU_CMD_UNI_EXT_ACK; 266 267 if ((cmd & __MCU_CMD_FIELD_WA) && (cmd & __MCU_CMD_FIELD_WM)) 268 uni_txd->s2d_index = MCU_S2D_H2CN; 269 else if (cmd & __MCU_CMD_FIELD_WA) 270 uni_txd->s2d_index = MCU_S2D_H2C; 271 else if (cmd & __MCU_CMD_FIELD_WM) 272 uni_txd->s2d_index = MCU_S2D_H2N; 273 274 goto exit; 275 } 276 277 mcu_txd = (struct mt76_connac2_mcu_txd *)txd; 278 mcu_txd->len = cpu_to_le16(skb->len - sizeof(mcu_txd->txd)); 279 mcu_txd->pq_id = cpu_to_le16(MCU_PQ_ID(MT_TX_PORT_IDX_MCU, 280 MT_TX_MCU_PORT_RX_Q0)); 281 mcu_txd->pkt_type = MCU_PKT_ID; 282 mcu_txd->seq = seq; 283 284 mcu_txd->cid = FIELD_GET(__MCU_CMD_FIELD_ID, cmd); 285 mcu_txd->set_query = MCU_Q_NA; 286 mcu_txd->ext_cid = FIELD_GET(__MCU_CMD_FIELD_EXT_ID, cmd); 287 if (mcu_txd->ext_cid) { 288 mcu_txd->ext_cid_ack = 1; 289 290 if (cmd & __MCU_CMD_FIELD_QUERY) 291 mcu_txd->set_query = MCU_Q_QUERY; 292 else 293 mcu_txd->set_query = MCU_Q_SET; 294 } 295 296 if (cmd & __MCU_CMD_FIELD_WA) 297 mcu_txd->s2d_index = MCU_S2D_H2C; 298 else 299 mcu_txd->s2d_index = MCU_S2D_H2N; 300 301 exit: 302 if (wait_seq) 303 *wait_seq = seq; 304 305 return mt76_tx_queue_skb_raw(dev, mdev->q_mcu[qid], skb, 0); 306 } 307 308 int mt7996_mcu_wa_cmd(struct mt7996_dev *dev, int cmd, u32 a1, u32 a2, u32 a3) 309 { 310 struct { 311 __le32 args[3]; 312 } req = { 313 .args = { 314 cpu_to_le32(a1), 315 cpu_to_le32(a2), 316 cpu_to_le32(a3), 317 }, 318 }; 319 320 return mt76_mcu_send_msg(&dev->mt76, cmd, &req, sizeof(req), false); 321 } 322 323 static void 324 mt7996_mcu_csa_finish(void *priv, u8 *mac, struct ieee80211_vif *vif) 325 { 326 if (vif->bss_conf.csa_active) 327 ieee80211_csa_finish(vif); 328 } 329 330 static void 331 mt7996_mcu_rx_radar_detected(struct mt7996_dev *dev, struct sk_buff *skb) 332 { 333 struct mt76_phy *mphy = &dev->mt76.phy; 334 struct mt7996_mcu_rdd_report *r; 335 336 r = (struct mt7996_mcu_rdd_report *)skb->data; 337 338 if (r->band_idx >= ARRAY_SIZE(dev->mt76.phys)) 339 return; 340 341 mphy = dev->mt76.phys[r->band_idx]; 342 if (!mphy) 343 return; 344 345 if (r->band_idx == MT_RX_SEL2) 346 cfg80211_background_radar_event(mphy->hw->wiphy, 347 &dev->rdd2_chandef, 348 GFP_ATOMIC); 349 else 350 ieee80211_radar_detected(mphy->hw); 351 dev->hw_pattern++; 352 } 353 354 static void 355 mt7996_mcu_rx_log_message(struct mt7996_dev *dev, struct sk_buff *skb) 356 { 357 #define UNI_EVENT_FW_LOG_FORMAT 0 358 struct mt7996_mcu_rxd *rxd = (struct mt7996_mcu_rxd *)skb->data; 359 const char *data = (char *)&rxd[1] + 4, *type; 360 struct tlv *tlv = (struct tlv *)data; 361 int len; 362 363 if (!(rxd->option & MCU_UNI_CMD_EVENT)) { 364 len = skb->len - sizeof(*rxd); 365 data = (char *)&rxd[1]; 366 goto out; 367 } 368 369 if (le16_to_cpu(tlv->tag) != UNI_EVENT_FW_LOG_FORMAT) 370 return; 371 372 data += sizeof(*tlv) + 4; 373 len = le16_to_cpu(tlv->len) - sizeof(*tlv) - 4; 374 375 out: 376 switch (rxd->s2d_index) { 377 case 0: 378 if (mt7996_debugfs_rx_log(dev, data, len)) 379 return; 380 381 type = "WM"; 382 break; 383 case 2: 384 type = "WA"; 385 break; 386 default: 387 type = "unknown"; 388 break; 389 } 390 391 wiphy_info(mt76_hw(dev)->wiphy, "%s: %.*s", type, len, data); 392 } 393 394 static void 395 mt7996_mcu_cca_finish(void *priv, u8 *mac, struct ieee80211_vif *vif) 396 { 397 if (!vif->bss_conf.color_change_active) 398 return; 399 400 ieee80211_color_change_finish(vif); 401 } 402 403 static void 404 mt7996_mcu_ie_countdown(struct mt7996_dev *dev, struct sk_buff *skb) 405 { 406 #define UNI_EVENT_IE_COUNTDOWN_CSA 0 407 #define UNI_EVENT_IE_COUNTDOWN_BCC 1 408 struct header { 409 u8 band; 410 u8 rsv[3]; 411 }; 412 struct mt76_phy *mphy = &dev->mt76.phy; 413 struct mt7996_mcu_rxd *rxd = (struct mt7996_mcu_rxd *)skb->data; 414 const char *data = (char *)&rxd[1], *tail; 415 struct header *hdr = (struct header *)data; 416 struct tlv *tlv = (struct tlv *)(data + 4); 417 418 if (hdr->band >= ARRAY_SIZE(dev->mt76.phys)) 419 return; 420 421 if (hdr->band && dev->mt76.phys[hdr->band]) 422 mphy = dev->mt76.phys[hdr->band]; 423 424 tail = skb->data + le16_to_cpu(rxd->len); 425 while (data + sizeof(struct tlv) < tail && le16_to_cpu(tlv->len)) { 426 switch (le16_to_cpu(tlv->tag)) { 427 case UNI_EVENT_IE_COUNTDOWN_CSA: 428 ieee80211_iterate_active_interfaces_atomic(mphy->hw, 429 IEEE80211_IFACE_ITER_RESUME_ALL, 430 mt7996_mcu_csa_finish, mphy->hw); 431 break; 432 case UNI_EVENT_IE_COUNTDOWN_BCC: 433 ieee80211_iterate_active_interfaces_atomic(mphy->hw, 434 IEEE80211_IFACE_ITER_RESUME_ALL, 435 mt7996_mcu_cca_finish, mphy->hw); 436 break; 437 } 438 439 data += le16_to_cpu(tlv->len); 440 tlv = (struct tlv *)data; 441 } 442 } 443 444 static void 445 mt7996_mcu_rx_ext_event(struct mt7996_dev *dev, struct sk_buff *skb) 446 { 447 struct mt7996_mcu_rxd *rxd = (struct mt7996_mcu_rxd *)skb->data; 448 449 switch (rxd->ext_eid) { 450 case MCU_EXT_EVENT_FW_LOG_2_HOST: 451 mt7996_mcu_rx_log_message(dev, skb); 452 break; 453 default: 454 break; 455 } 456 } 457 458 static void 459 mt7996_mcu_rx_unsolicited_event(struct mt7996_dev *dev, struct sk_buff *skb) 460 { 461 struct mt7996_mcu_rxd *rxd = (struct mt7996_mcu_rxd *)skb->data; 462 463 switch (rxd->eid) { 464 case MCU_EVENT_EXT: 465 mt7996_mcu_rx_ext_event(dev, skb); 466 break; 467 default: 468 break; 469 } 470 dev_kfree_skb(skb); 471 } 472 473 static void 474 mt7996_mcu_uni_rx_unsolicited_event(struct mt7996_dev *dev, struct sk_buff *skb) 475 { 476 struct mt7996_mcu_rxd *rxd = (struct mt7996_mcu_rxd *)skb->data; 477 478 switch (rxd->eid) { 479 case MCU_UNI_EVENT_FW_LOG_2_HOST: 480 mt7996_mcu_rx_log_message(dev, skb); 481 break; 482 case MCU_UNI_EVENT_IE_COUNTDOWN: 483 mt7996_mcu_ie_countdown(dev, skb); 484 break; 485 case MCU_UNI_EVENT_RDD_REPORT: 486 mt7996_mcu_rx_radar_detected(dev, skb); 487 break; 488 default: 489 break; 490 } 491 dev_kfree_skb(skb); 492 } 493 494 void mt7996_mcu_rx_event(struct mt7996_dev *dev, struct sk_buff *skb) 495 { 496 struct mt7996_mcu_rxd *rxd = (struct mt7996_mcu_rxd *)skb->data; 497 498 if (rxd->option & MCU_UNI_CMD_UNSOLICITED_EVENT) { 499 mt7996_mcu_uni_rx_unsolicited_event(dev, skb); 500 return; 501 } 502 503 /* WA still uses legacy event*/ 504 if (rxd->ext_eid == MCU_EXT_EVENT_FW_LOG_2_HOST || 505 !rxd->seq) 506 mt7996_mcu_rx_unsolicited_event(dev, skb); 507 else 508 mt76_mcu_rx_event(&dev->mt76, skb); 509 } 510 511 static struct tlv * 512 mt7996_mcu_add_uni_tlv(struct sk_buff *skb, u16 tag, u16 len) 513 { 514 struct tlv *ptlv, tlv = { 515 .tag = cpu_to_le16(tag), 516 .len = cpu_to_le16(len), 517 }; 518 519 ptlv = skb_put(skb, len); 520 memcpy(ptlv, &tlv, sizeof(tlv)); 521 522 return ptlv; 523 } 524 525 static void 526 mt7996_mcu_bss_rfch_tlv(struct sk_buff *skb, struct ieee80211_vif *vif, 527 struct mt7996_phy *phy) 528 { 529 static const u8 rlm_ch_band[] = { 530 [NL80211_BAND_2GHZ] = 1, 531 [NL80211_BAND_5GHZ] = 2, 532 [NL80211_BAND_6GHZ] = 3, 533 }; 534 struct cfg80211_chan_def *chandef = &phy->mt76->chandef; 535 struct bss_rlm_tlv *ch; 536 struct tlv *tlv; 537 int freq1 = chandef->center_freq1; 538 539 tlv = mt7996_mcu_add_uni_tlv(skb, UNI_BSS_INFO_RLM, sizeof(*ch)); 540 541 ch = (struct bss_rlm_tlv *)tlv; 542 ch->control_channel = chandef->chan->hw_value; 543 ch->center_chan = ieee80211_frequency_to_channel(freq1); 544 ch->bw = mt76_connac_chan_bw(chandef); 545 ch->tx_streams = hweight8(phy->mt76->antenna_mask); 546 ch->rx_streams = hweight8(phy->mt76->antenna_mask); 547 ch->band = rlm_ch_band[chandef->chan->band]; 548 549 if (chandef->width == NL80211_CHAN_WIDTH_80P80) { 550 int freq2 = chandef->center_freq2; 551 552 ch->center_chan2 = ieee80211_frequency_to_channel(freq2); 553 } 554 } 555 556 static void 557 mt7996_mcu_bss_ra_tlv(struct sk_buff *skb, struct ieee80211_vif *vif, 558 struct mt7996_phy *phy) 559 { 560 struct bss_ra_tlv *ra; 561 struct tlv *tlv; 562 563 tlv = mt7996_mcu_add_uni_tlv(skb, UNI_BSS_INFO_RA, sizeof(*ra)); 564 565 ra = (struct bss_ra_tlv *)tlv; 566 ra->short_preamble = true; 567 } 568 569 static void 570 mt7996_mcu_bss_he_tlv(struct sk_buff *skb, struct ieee80211_vif *vif, 571 struct mt7996_phy *phy) 572 { 573 #define DEFAULT_HE_PE_DURATION 4 574 #define DEFAULT_HE_DURATION_RTS_THRES 1023 575 const struct ieee80211_sta_he_cap *cap; 576 struct bss_info_uni_he *he; 577 struct tlv *tlv; 578 579 cap = mt76_connac_get_he_phy_cap(phy->mt76, vif); 580 581 tlv = mt7996_mcu_add_uni_tlv(skb, UNI_BSS_INFO_HE_BASIC, sizeof(*he)); 582 583 he = (struct bss_info_uni_he *)tlv; 584 he->he_pe_duration = vif->bss_conf.htc_trig_based_pkt_ext; 585 if (!he->he_pe_duration) 586 he->he_pe_duration = DEFAULT_HE_PE_DURATION; 587 588 he->he_rts_thres = cpu_to_le16(vif->bss_conf.frame_time_rts_th); 589 if (!he->he_rts_thres) 590 he->he_rts_thres = cpu_to_le16(DEFAULT_HE_DURATION_RTS_THRES); 591 592 he->max_nss_mcs[CMD_HE_MCS_BW80] = cap->he_mcs_nss_supp.tx_mcs_80; 593 he->max_nss_mcs[CMD_HE_MCS_BW160] = cap->he_mcs_nss_supp.tx_mcs_160; 594 he->max_nss_mcs[CMD_HE_MCS_BW8080] = cap->he_mcs_nss_supp.tx_mcs_80p80; 595 } 596 597 static void 598 mt7996_mcu_bss_bmc_tlv(struct sk_buff *skb, struct mt7996_phy *phy) 599 { 600 struct bss_rate_tlv *bmc; 601 struct cfg80211_chan_def *chandef = &phy->mt76->chandef; 602 enum nl80211_band band = chandef->chan->band; 603 struct tlv *tlv; 604 605 tlv = mt7996_mcu_add_uni_tlv(skb, UNI_BSS_INFO_RATE, sizeof(*bmc)); 606 607 bmc = (struct bss_rate_tlv *)tlv; 608 if (band == NL80211_BAND_2GHZ) { 609 bmc->short_preamble = true; 610 } else { 611 bmc->bc_trans = cpu_to_le16(0x8080); 612 bmc->mc_trans = cpu_to_le16(0x8080); 613 bmc->bc_fixed_rate = 1; 614 bmc->mc_fixed_rate = 1; 615 bmc->short_preamble = 1; 616 } 617 } 618 619 static void 620 mt7996_mcu_bss_txcmd_tlv(struct sk_buff *skb, bool en) 621 { 622 struct bss_txcmd_tlv *txcmd; 623 struct tlv *tlv; 624 625 tlv = mt7996_mcu_add_uni_tlv(skb, UNI_BSS_INFO_TXCMD, sizeof(*txcmd)); 626 627 txcmd = (struct bss_txcmd_tlv *)tlv; 628 txcmd->txcmd_mode = en; 629 } 630 631 static void 632 mt7996_mcu_bss_mld_tlv(struct sk_buff *skb, struct ieee80211_vif *vif) 633 { 634 struct mt7996_vif *mvif = (struct mt7996_vif *)vif->drv_priv; 635 struct bss_mld_tlv *mld; 636 struct tlv *tlv; 637 638 tlv = mt7996_mcu_add_uni_tlv(skb, UNI_BSS_INFO_MLD, sizeof(*mld)); 639 640 mld = (struct bss_mld_tlv *)tlv; 641 mld->group_mld_id = 0xff; 642 mld->own_mld_id = mvif->mt76.idx; 643 mld->remap_idx = 0xff; 644 } 645 646 static void 647 mt7996_mcu_bss_sec_tlv(struct sk_buff *skb, struct ieee80211_vif *vif) 648 { 649 struct mt76_vif *mvif = (struct mt76_vif *)vif->drv_priv; 650 struct bss_sec_tlv *sec; 651 struct tlv *tlv; 652 653 tlv = mt7996_mcu_add_uni_tlv(skb, UNI_BSS_INFO_SEC, sizeof(*sec)); 654 655 sec = (struct bss_sec_tlv *)tlv; 656 sec->cipher = mvif->cipher; 657 } 658 659 static int 660 mt7996_mcu_muar_config(struct mt7996_phy *phy, struct ieee80211_vif *vif, 661 bool bssid, bool enable) 662 { 663 #define UNI_MUAR_ENTRY 2 664 struct mt7996_dev *dev = phy->dev; 665 struct mt7996_vif *mvif = (struct mt7996_vif *)vif->drv_priv; 666 u32 idx = mvif->mt76.omac_idx - REPEATER_BSSID_START; 667 const u8 *addr = vif->addr; 668 669 struct { 670 struct { 671 u8 band; 672 u8 __rsv[3]; 673 } hdr; 674 675 __le16 tag; 676 __le16 len; 677 678 bool smesh; 679 u8 bssid; 680 u8 index; 681 u8 entry_add; 682 u8 addr[ETH_ALEN]; 683 u8 __rsv[2]; 684 } __packed req = { 685 .hdr.band = phy->mt76->band_idx, 686 .tag = cpu_to_le16(UNI_MUAR_ENTRY), 687 .len = cpu_to_le16(sizeof(req) - sizeof(req.hdr)), 688 .smesh = false, 689 .index = idx * 2 + bssid, 690 .entry_add = true, 691 }; 692 693 if (bssid) 694 addr = vif->bss_conf.bssid; 695 696 if (enable) 697 memcpy(req.addr, addr, ETH_ALEN); 698 699 return mt76_mcu_send_msg(&dev->mt76, MCU_WM_UNI_CMD(REPT_MUAR), &req, 700 sizeof(req), true); 701 } 702 703 static int 704 mt7996_mcu_bss_basic_tlv(struct sk_buff *skb, 705 struct ieee80211_vif *vif, 706 struct ieee80211_sta *sta, 707 struct mt76_phy *phy, u16 wlan_idx, 708 bool enable) 709 { 710 struct mt76_vif *mvif = (struct mt76_vif *)vif->drv_priv; 711 struct cfg80211_chan_def *chandef = &phy->chandef; 712 struct mt76_connac_bss_basic_tlv *bss; 713 u32 type = CONNECTION_INFRA_AP; 714 struct tlv *tlv; 715 int idx; 716 717 switch (vif->type) { 718 case NL80211_IFTYPE_MESH_POINT: 719 case NL80211_IFTYPE_AP: 720 case NL80211_IFTYPE_MONITOR: 721 break; 722 case NL80211_IFTYPE_STATION: 723 if (enable) { 724 rcu_read_lock(); 725 if (!sta) 726 sta = ieee80211_find_sta(vif, 727 vif->bss_conf.bssid); 728 /* TODO: enable BSS_INFO_UAPSD & BSS_INFO_PM */ 729 if (sta) { 730 struct mt76_wcid *wcid; 731 732 wcid = (struct mt76_wcid *)sta->drv_priv; 733 wlan_idx = wcid->idx; 734 } 735 rcu_read_unlock(); 736 } 737 type = CONNECTION_INFRA_STA; 738 break; 739 case NL80211_IFTYPE_ADHOC: 740 type = CONNECTION_IBSS_ADHOC; 741 break; 742 default: 743 WARN_ON(1); 744 break; 745 } 746 747 tlv = mt7996_mcu_add_uni_tlv(skb, UNI_BSS_INFO_BASIC, sizeof(*bss)); 748 749 bss = (struct mt76_connac_bss_basic_tlv *)tlv; 750 bss->bcn_interval = cpu_to_le16(vif->bss_conf.beacon_int); 751 bss->dtim_period = vif->bss_conf.dtim_period; 752 bss->bmc_tx_wlan_idx = cpu_to_le16(wlan_idx); 753 bss->sta_idx = cpu_to_le16(wlan_idx); 754 bss->conn_type = cpu_to_le32(type); 755 bss->omac_idx = mvif->omac_idx; 756 bss->band_idx = mvif->band_idx; 757 bss->wmm_idx = mvif->wmm_idx; 758 bss->conn_state = !enable; 759 bss->active = enable; 760 761 idx = mvif->omac_idx > EXT_BSSID_START ? HW_BSSID_0 : mvif->omac_idx; 762 bss->hw_bss_idx = idx; 763 764 if (vif->type == NL80211_IFTYPE_MONITOR) { 765 memcpy(bss->bssid, phy->macaddr, ETH_ALEN); 766 return 0; 767 } 768 769 memcpy(bss->bssid, vif->bss_conf.bssid, ETH_ALEN); 770 bss->bcn_interval = cpu_to_le16(vif->bss_conf.beacon_int); 771 bss->dtim_period = vif->bss_conf.dtim_period; 772 bss->phymode = mt76_connac_get_phy_mode(phy, vif, 773 chandef->chan->band, NULL); 774 775 if (chandef->chan->band == NL80211_BAND_6GHZ) 776 bss->phymode_ext |= PHY_MODE_AX_6G; 777 778 return 0; 779 } 780 781 static struct sk_buff * 782 __mt7996_mcu_alloc_bss_req(struct mt76_dev *dev, struct mt76_vif *mvif, int len) 783 { 784 struct bss_req_hdr hdr = { 785 .bss_idx = mvif->idx, 786 }; 787 struct sk_buff *skb; 788 789 skb = mt76_mcu_msg_alloc(dev, NULL, len); 790 if (!skb) 791 return ERR_PTR(-ENOMEM); 792 793 skb_put_data(skb, &hdr, sizeof(hdr)); 794 795 return skb; 796 } 797 798 int mt7996_mcu_add_bss_info(struct mt7996_phy *phy, 799 struct ieee80211_vif *vif, int enable) 800 { 801 struct mt7996_vif *mvif = (struct mt7996_vif *)vif->drv_priv; 802 struct mt7996_dev *dev = phy->dev; 803 struct sk_buff *skb; 804 805 if (mvif->mt76.omac_idx >= REPEATER_BSSID_START) { 806 mt7996_mcu_muar_config(phy, vif, false, enable); 807 mt7996_mcu_muar_config(phy, vif, true, enable); 808 } 809 810 skb = __mt7996_mcu_alloc_bss_req(&dev->mt76, &mvif->mt76, 811 MT7996_BSS_UPDATE_MAX_SIZE); 812 if (IS_ERR(skb)) 813 return PTR_ERR(skb); 814 815 /* bss_basic must be first */ 816 mt7996_mcu_bss_basic_tlv(skb, vif, NULL, phy->mt76, 817 mvif->sta.wcid.idx, enable); 818 mt7996_mcu_bss_sec_tlv(skb, vif); 819 820 if (vif->type == NL80211_IFTYPE_MONITOR) 821 goto out; 822 823 if (enable) { 824 mt7996_mcu_bss_rfch_tlv(skb, vif, phy); 825 mt7996_mcu_bss_bmc_tlv(skb, phy); 826 mt7996_mcu_bss_ra_tlv(skb, vif, phy); 827 mt7996_mcu_bss_txcmd_tlv(skb, true); 828 829 if (vif->bss_conf.he_support) 830 mt7996_mcu_bss_he_tlv(skb, vif, phy); 831 832 /* this tag is necessary no matter if the vif is MLD */ 833 mt7996_mcu_bss_mld_tlv(skb, vif); 834 } 835 out: 836 return mt76_mcu_skb_send_msg(&dev->mt76, skb, 837 MCU_WMWA_UNI_CMD(BSS_INFO_UPDATE), true); 838 } 839 840 static int 841 mt7996_mcu_sta_ba(struct mt76_dev *dev, struct mt76_vif *mvif, 842 struct ieee80211_ampdu_params *params, 843 bool enable, bool tx) 844 { 845 struct mt76_wcid *wcid = (struct mt76_wcid *)params->sta->drv_priv; 846 struct sta_rec_ba_uni *ba; 847 struct sk_buff *skb; 848 struct tlv *tlv; 849 850 skb = __mt76_connac_mcu_alloc_sta_req(dev, mvif, wcid, 851 MT7996_STA_UPDATE_MAX_SIZE); 852 if (IS_ERR(skb)) 853 return PTR_ERR(skb); 854 855 tlv = mt76_connac_mcu_add_tlv(skb, STA_REC_BA, sizeof(*ba)); 856 857 ba = (struct sta_rec_ba_uni *)tlv; 858 ba->ba_type = tx ? MT_BA_TYPE_ORIGINATOR : MT_BA_TYPE_RECIPIENT; 859 ba->winsize = cpu_to_le16(params->buf_size); 860 ba->ssn = cpu_to_le16(params->ssn); 861 ba->ba_en = enable << params->tid; 862 ba->amsdu = params->amsdu; 863 ba->tid = params->tid; 864 865 return mt76_mcu_skb_send_msg(dev, skb, 866 MCU_WMWA_UNI_CMD(STA_REC_UPDATE), true); 867 } 868 869 /** starec & wtbl **/ 870 int mt7996_mcu_add_tx_ba(struct mt7996_dev *dev, 871 struct ieee80211_ampdu_params *params, 872 bool enable) 873 { 874 struct mt7996_sta *msta = (struct mt7996_sta *)params->sta->drv_priv; 875 struct mt7996_vif *mvif = msta->vif; 876 877 if (enable && !params->amsdu) 878 msta->wcid.amsdu = false; 879 880 return mt7996_mcu_sta_ba(&dev->mt76, &mvif->mt76, params, 881 enable, true); 882 } 883 884 int mt7996_mcu_add_rx_ba(struct mt7996_dev *dev, 885 struct ieee80211_ampdu_params *params, 886 bool enable) 887 { 888 struct mt7996_sta *msta = (struct mt7996_sta *)params->sta->drv_priv; 889 struct mt7996_vif *mvif = msta->vif; 890 891 return mt7996_mcu_sta_ba(&dev->mt76, &mvif->mt76, params, 892 enable, false); 893 } 894 895 static void 896 mt7996_mcu_sta_he_tlv(struct sk_buff *skb, struct ieee80211_sta *sta) 897 { 898 struct ieee80211_he_cap_elem *elem = &sta->deflink.he_cap.he_cap_elem; 899 struct ieee80211_he_mcs_nss_supp mcs_map; 900 struct sta_rec_he_v2 *he; 901 struct tlv *tlv; 902 int i = 0; 903 904 if (!sta->deflink.he_cap.has_he) 905 return; 906 907 tlv = mt76_connac_mcu_add_tlv(skb, STA_REC_HE_V2, sizeof(*he)); 908 909 he = (struct sta_rec_he_v2 *)tlv; 910 for (i = 0; i < 11; i++) { 911 if (i < 6) 912 he->he_mac_cap[i] = elem->mac_cap_info[i]; 913 he->he_phy_cap[i] = elem->phy_cap_info[i]; 914 } 915 916 mcs_map = sta->deflink.he_cap.he_mcs_nss_supp; 917 switch (sta->deflink.bandwidth) { 918 case IEEE80211_STA_RX_BW_160: 919 if (elem->phy_cap_info[0] & 920 IEEE80211_HE_PHY_CAP0_CHANNEL_WIDTH_SET_80PLUS80_MHZ_IN_5G) 921 mt7996_mcu_set_sta_he_mcs(sta, 922 &he->max_nss_mcs[CMD_HE_MCS_BW8080], 923 le16_to_cpu(mcs_map.rx_mcs_80p80)); 924 925 mt7996_mcu_set_sta_he_mcs(sta, 926 &he->max_nss_mcs[CMD_HE_MCS_BW160], 927 le16_to_cpu(mcs_map.rx_mcs_160)); 928 fallthrough; 929 default: 930 mt7996_mcu_set_sta_he_mcs(sta, 931 &he->max_nss_mcs[CMD_HE_MCS_BW80], 932 le16_to_cpu(mcs_map.rx_mcs_80)); 933 break; 934 } 935 936 he->pkt_ext = 2; 937 } 938 939 static void 940 mt7996_mcu_sta_he_6g_tlv(struct sk_buff *skb, struct ieee80211_sta *sta) 941 { 942 struct sta_rec_he_6g_capa *he_6g; 943 struct tlv *tlv; 944 945 if (!sta->deflink.he_6ghz_capa.capa) 946 return; 947 948 tlv = mt76_connac_mcu_add_tlv(skb, STA_REC_HE_6G, sizeof(*he_6g)); 949 950 he_6g = (struct sta_rec_he_6g_capa *)tlv; 951 he_6g->capa = sta->deflink.he_6ghz_capa.capa; 952 } 953 954 static void 955 mt7996_mcu_sta_ht_tlv(struct sk_buff *skb, struct ieee80211_sta *sta) 956 { 957 struct sta_rec_ht *ht; 958 struct tlv *tlv; 959 960 if (!sta->deflink.ht_cap.ht_supported) 961 return; 962 963 tlv = mt76_connac_mcu_add_tlv(skb, STA_REC_HT, sizeof(*ht)); 964 965 ht = (struct sta_rec_ht *)tlv; 966 ht->ht_cap = cpu_to_le16(sta->deflink.ht_cap.cap); 967 } 968 969 static void 970 mt7996_mcu_sta_vht_tlv(struct sk_buff *skb, struct ieee80211_sta *sta) 971 { 972 struct sta_rec_vht *vht; 973 struct tlv *tlv; 974 975 /* For 6G band, this tlv is necessary to let hw work normally */ 976 if (!sta->deflink.he_6ghz_capa.capa && !sta->deflink.vht_cap.vht_supported) 977 return; 978 979 tlv = mt76_connac_mcu_add_tlv(skb, STA_REC_VHT, sizeof(*vht)); 980 981 vht = (struct sta_rec_vht *)tlv; 982 vht->vht_cap = cpu_to_le32(sta->deflink.vht_cap.cap); 983 vht->vht_rx_mcs_map = sta->deflink.vht_cap.vht_mcs.rx_mcs_map; 984 vht->vht_tx_mcs_map = sta->deflink.vht_cap.vht_mcs.tx_mcs_map; 985 } 986 987 static void 988 mt7996_mcu_sta_amsdu_tlv(struct mt7996_dev *dev, struct sk_buff *skb, 989 struct ieee80211_vif *vif, struct ieee80211_sta *sta) 990 { 991 struct mt7996_sta *msta = (struct mt7996_sta *)sta->drv_priv; 992 struct sta_rec_amsdu *amsdu; 993 struct tlv *tlv; 994 995 if (vif->type != NL80211_IFTYPE_STATION && 996 vif->type != NL80211_IFTYPE_AP) 997 return; 998 999 if (!sta->deflink.agg.max_amsdu_len) 1000 return; 1001 1002 tlv = mt76_connac_mcu_add_tlv(skb, STA_REC_HW_AMSDU, sizeof(*amsdu)); 1003 amsdu = (struct sta_rec_amsdu *)tlv; 1004 amsdu->max_amsdu_num = 8; 1005 amsdu->amsdu_en = true; 1006 msta->wcid.amsdu = true; 1007 1008 switch (sta->deflink.agg.max_amsdu_len) { 1009 case IEEE80211_MAX_MPDU_LEN_VHT_11454: 1010 amsdu->max_mpdu_size = 1011 IEEE80211_VHT_CAP_MAX_MPDU_LENGTH_11454; 1012 return; 1013 case IEEE80211_MAX_MPDU_LEN_HT_7935: 1014 case IEEE80211_MAX_MPDU_LEN_VHT_7991: 1015 amsdu->max_mpdu_size = IEEE80211_VHT_CAP_MAX_MPDU_LENGTH_7991; 1016 return; 1017 default: 1018 amsdu->max_mpdu_size = IEEE80211_VHT_CAP_MAX_MPDU_LENGTH_3895; 1019 return; 1020 } 1021 } 1022 1023 static inline bool 1024 mt7996_is_ebf_supported(struct mt7996_phy *phy, struct ieee80211_vif *vif, 1025 struct ieee80211_sta *sta, bool bfee) 1026 { 1027 struct mt7996_vif *mvif = (struct mt7996_vif *)vif->drv_priv; 1028 int tx_ant = hweight8(phy->mt76->antenna_mask) - 1; 1029 1030 if (vif->type != NL80211_IFTYPE_STATION && 1031 vif->type != NL80211_IFTYPE_AP) 1032 return false; 1033 1034 if (!bfee && tx_ant < 2) 1035 return false; 1036 1037 if (sta->deflink.he_cap.has_he) { 1038 struct ieee80211_he_cap_elem *pe = &sta->deflink.he_cap.he_cap_elem; 1039 1040 if (bfee) 1041 return mvif->cap.he_su_ebfee && 1042 HE_PHY(CAP3_SU_BEAMFORMER, pe->phy_cap_info[3]); 1043 else 1044 return mvif->cap.he_su_ebfer && 1045 HE_PHY(CAP4_SU_BEAMFORMEE, pe->phy_cap_info[4]); 1046 } 1047 1048 if (sta->deflink.vht_cap.vht_supported) { 1049 u32 cap = sta->deflink.vht_cap.cap; 1050 1051 if (bfee) 1052 return mvif->cap.vht_su_ebfee && 1053 (cap & IEEE80211_VHT_CAP_SU_BEAMFORMER_CAPABLE); 1054 else 1055 return mvif->cap.vht_su_ebfer && 1056 (cap & IEEE80211_VHT_CAP_SU_BEAMFORMEE_CAPABLE); 1057 } 1058 1059 return false; 1060 } 1061 1062 static void 1063 mt7996_mcu_sta_sounding_rate(struct sta_rec_bf *bf) 1064 { 1065 bf->sounding_phy = MT_PHY_TYPE_OFDM; 1066 bf->ndp_rate = 0; /* mcs0 */ 1067 bf->ndpa_rate = MT7996_CFEND_RATE_DEFAULT; /* ofdm 24m */ 1068 bf->rept_poll_rate = MT7996_CFEND_RATE_DEFAULT; /* ofdm 24m */ 1069 } 1070 1071 static void 1072 mt7996_mcu_sta_bfer_ht(struct ieee80211_sta *sta, struct mt7996_phy *phy, 1073 struct sta_rec_bf *bf) 1074 { 1075 struct ieee80211_mcs_info *mcs = &sta->deflink.ht_cap.mcs; 1076 u8 n = 0; 1077 1078 bf->tx_mode = MT_PHY_TYPE_HT; 1079 1080 if ((mcs->tx_params & IEEE80211_HT_MCS_TX_RX_DIFF) && 1081 (mcs->tx_params & IEEE80211_HT_MCS_TX_DEFINED)) 1082 n = FIELD_GET(IEEE80211_HT_MCS_TX_MAX_STREAMS_MASK, 1083 mcs->tx_params); 1084 else if (mcs->rx_mask[3]) 1085 n = 3; 1086 else if (mcs->rx_mask[2]) 1087 n = 2; 1088 else if (mcs->rx_mask[1]) 1089 n = 1; 1090 1091 bf->nrow = hweight8(phy->mt76->antenna_mask) - 1; 1092 bf->ncol = min_t(u8, bf->nrow, n); 1093 bf->ibf_ncol = n; 1094 } 1095 1096 static void 1097 mt7996_mcu_sta_bfer_vht(struct ieee80211_sta *sta, struct mt7996_phy *phy, 1098 struct sta_rec_bf *bf, bool explicit) 1099 { 1100 struct ieee80211_sta_vht_cap *pc = &sta->deflink.vht_cap; 1101 struct ieee80211_sta_vht_cap *vc = &phy->mt76->sband_5g.sband.vht_cap; 1102 u16 mcs_map = le16_to_cpu(pc->vht_mcs.rx_mcs_map); 1103 u8 nss_mcs = mt7996_mcu_get_sta_nss(mcs_map); 1104 u8 tx_ant = hweight8(phy->mt76->antenna_mask) - 1; 1105 1106 bf->tx_mode = MT_PHY_TYPE_VHT; 1107 1108 if (explicit) { 1109 u8 sts, snd_dim; 1110 1111 mt7996_mcu_sta_sounding_rate(bf); 1112 1113 sts = FIELD_GET(IEEE80211_VHT_CAP_BEAMFORMEE_STS_MASK, 1114 pc->cap); 1115 snd_dim = FIELD_GET(IEEE80211_VHT_CAP_SOUNDING_DIMENSIONS_MASK, 1116 vc->cap); 1117 bf->nrow = min_t(u8, min_t(u8, snd_dim, sts), tx_ant); 1118 bf->ncol = min_t(u8, nss_mcs, bf->nrow); 1119 bf->ibf_ncol = bf->ncol; 1120 1121 if (sta->deflink.bandwidth == IEEE80211_STA_RX_BW_160) 1122 bf->nrow = 1; 1123 } else { 1124 bf->nrow = tx_ant; 1125 bf->ncol = min_t(u8, nss_mcs, bf->nrow); 1126 bf->ibf_ncol = nss_mcs; 1127 1128 if (sta->deflink.bandwidth == IEEE80211_STA_RX_BW_160) 1129 bf->ibf_nrow = 1; 1130 } 1131 } 1132 1133 static void 1134 mt7996_mcu_sta_bfer_he(struct ieee80211_sta *sta, struct ieee80211_vif *vif, 1135 struct mt7996_phy *phy, struct sta_rec_bf *bf) 1136 { 1137 struct ieee80211_sta_he_cap *pc = &sta->deflink.he_cap; 1138 struct ieee80211_he_cap_elem *pe = &pc->he_cap_elem; 1139 const struct ieee80211_sta_he_cap *vc = 1140 mt76_connac_get_he_phy_cap(phy->mt76, vif); 1141 const struct ieee80211_he_cap_elem *ve = &vc->he_cap_elem; 1142 u16 mcs_map = le16_to_cpu(pc->he_mcs_nss_supp.rx_mcs_80); 1143 u8 nss_mcs = mt7996_mcu_get_sta_nss(mcs_map); 1144 u8 snd_dim, sts; 1145 1146 bf->tx_mode = MT_PHY_TYPE_HE_SU; 1147 1148 mt7996_mcu_sta_sounding_rate(bf); 1149 1150 bf->trigger_su = HE_PHY(CAP6_TRIG_SU_BEAMFORMING_FB, 1151 pe->phy_cap_info[6]); 1152 bf->trigger_mu = HE_PHY(CAP6_TRIG_MU_BEAMFORMING_PARTIAL_BW_FB, 1153 pe->phy_cap_info[6]); 1154 snd_dim = HE_PHY(CAP5_BEAMFORMEE_NUM_SND_DIM_UNDER_80MHZ_MASK, 1155 ve->phy_cap_info[5]); 1156 sts = HE_PHY(CAP4_BEAMFORMEE_MAX_STS_UNDER_80MHZ_MASK, 1157 pe->phy_cap_info[4]); 1158 bf->nrow = min_t(u8, snd_dim, sts); 1159 bf->ncol = min_t(u8, nss_mcs, bf->nrow); 1160 bf->ibf_ncol = bf->ncol; 1161 1162 if (sta->deflink.bandwidth != IEEE80211_STA_RX_BW_160) 1163 return; 1164 1165 /* go over for 160MHz and 80p80 */ 1166 if (pe->phy_cap_info[0] & 1167 IEEE80211_HE_PHY_CAP0_CHANNEL_WIDTH_SET_160MHZ_IN_5G) { 1168 mcs_map = le16_to_cpu(pc->he_mcs_nss_supp.rx_mcs_160); 1169 nss_mcs = mt7996_mcu_get_sta_nss(mcs_map); 1170 1171 bf->ncol_gt_bw80 = nss_mcs; 1172 } 1173 1174 if (pe->phy_cap_info[0] & 1175 IEEE80211_HE_PHY_CAP0_CHANNEL_WIDTH_SET_80PLUS80_MHZ_IN_5G) { 1176 mcs_map = le16_to_cpu(pc->he_mcs_nss_supp.rx_mcs_80p80); 1177 nss_mcs = mt7996_mcu_get_sta_nss(mcs_map); 1178 1179 if (bf->ncol_gt_bw80) 1180 bf->ncol_gt_bw80 = min_t(u8, bf->ncol_gt_bw80, nss_mcs); 1181 else 1182 bf->ncol_gt_bw80 = nss_mcs; 1183 } 1184 1185 snd_dim = HE_PHY(CAP5_BEAMFORMEE_NUM_SND_DIM_ABOVE_80MHZ_MASK, 1186 ve->phy_cap_info[5]); 1187 sts = HE_PHY(CAP4_BEAMFORMEE_MAX_STS_ABOVE_80MHZ_MASK, 1188 pe->phy_cap_info[4]); 1189 1190 bf->nrow_gt_bw80 = min_t(int, snd_dim, sts); 1191 } 1192 1193 static void 1194 mt7996_mcu_sta_bfer_tlv(struct mt7996_dev *dev, struct sk_buff *skb, 1195 struct ieee80211_vif *vif, struct ieee80211_sta *sta) 1196 { 1197 struct mt7996_vif *mvif = (struct mt7996_vif *)vif->drv_priv; 1198 struct mt7996_phy *phy = mvif->phy; 1199 int tx_ant = hweight8(phy->mt76->antenna_mask) - 1; 1200 struct sta_rec_bf *bf; 1201 struct tlv *tlv; 1202 const u8 matrix[4][4] = { 1203 {0, 0, 0, 0}, 1204 {1, 1, 0, 0}, /* 2x1, 2x2, 2x3, 2x4 */ 1205 {2, 4, 4, 0}, /* 3x1, 3x2, 3x3, 3x4 */ 1206 {3, 5, 6, 0} /* 4x1, 4x2, 4x3, 4x4 */ 1207 }; 1208 bool ebf; 1209 1210 if (!(sta->deflink.ht_cap.ht_supported || sta->deflink.he_cap.has_he)) 1211 return; 1212 1213 ebf = mt7996_is_ebf_supported(phy, vif, sta, false); 1214 if (!ebf && !dev->ibf) 1215 return; 1216 1217 tlv = mt76_connac_mcu_add_tlv(skb, STA_REC_BF, sizeof(*bf)); 1218 bf = (struct sta_rec_bf *)tlv; 1219 1220 /* he: eBF only, in accordance with spec 1221 * vht: support eBF and iBF 1222 * ht: iBF only, since mac80211 lacks of eBF support 1223 */ 1224 if (sta->deflink.he_cap.has_he && ebf) 1225 mt7996_mcu_sta_bfer_he(sta, vif, phy, bf); 1226 else if (sta->deflink.vht_cap.vht_supported) 1227 mt7996_mcu_sta_bfer_vht(sta, phy, bf, ebf); 1228 else if (sta->deflink.ht_cap.ht_supported) 1229 mt7996_mcu_sta_bfer_ht(sta, phy, bf); 1230 else 1231 return; 1232 1233 bf->bf_cap = ebf ? ebf : dev->ibf << 1; 1234 bf->bw = sta->deflink.bandwidth; 1235 bf->ibf_dbw = sta->deflink.bandwidth; 1236 bf->ibf_nrow = tx_ant; 1237 1238 if (!ebf && sta->deflink.bandwidth <= IEEE80211_STA_RX_BW_40 && !bf->ncol) 1239 bf->ibf_timeout = 0x48; 1240 else 1241 bf->ibf_timeout = 0x18; 1242 1243 if (ebf && bf->nrow != tx_ant) 1244 bf->mem_20m = matrix[tx_ant][bf->ncol]; 1245 else 1246 bf->mem_20m = matrix[bf->nrow][bf->ncol]; 1247 1248 switch (sta->deflink.bandwidth) { 1249 case IEEE80211_STA_RX_BW_160: 1250 case IEEE80211_STA_RX_BW_80: 1251 bf->mem_total = bf->mem_20m * 2; 1252 break; 1253 case IEEE80211_STA_RX_BW_40: 1254 bf->mem_total = bf->mem_20m; 1255 break; 1256 case IEEE80211_STA_RX_BW_20: 1257 default: 1258 break; 1259 } 1260 } 1261 1262 static void 1263 mt7996_mcu_sta_bfee_tlv(struct mt7996_dev *dev, struct sk_buff *skb, 1264 struct ieee80211_vif *vif, struct ieee80211_sta *sta) 1265 { 1266 struct mt7996_vif *mvif = (struct mt7996_vif *)vif->drv_priv; 1267 struct mt7996_phy *phy = mvif->phy; 1268 int tx_ant = hweight8(phy->mt76->antenna_mask) - 1; 1269 struct sta_rec_bfee *bfee; 1270 struct tlv *tlv; 1271 u8 nrow = 0; 1272 1273 if (!(sta->deflink.vht_cap.vht_supported || sta->deflink.he_cap.has_he)) 1274 return; 1275 1276 if (!mt7996_is_ebf_supported(phy, vif, sta, true)) 1277 return; 1278 1279 tlv = mt76_connac_mcu_add_tlv(skb, STA_REC_BFEE, sizeof(*bfee)); 1280 bfee = (struct sta_rec_bfee *)tlv; 1281 1282 if (sta->deflink.he_cap.has_he) { 1283 struct ieee80211_he_cap_elem *pe = &sta->deflink.he_cap.he_cap_elem; 1284 1285 nrow = HE_PHY(CAP5_BEAMFORMEE_NUM_SND_DIM_UNDER_80MHZ_MASK, 1286 pe->phy_cap_info[5]); 1287 } else if (sta->deflink.vht_cap.vht_supported) { 1288 struct ieee80211_sta_vht_cap *pc = &sta->deflink.vht_cap; 1289 1290 nrow = FIELD_GET(IEEE80211_VHT_CAP_SOUNDING_DIMENSIONS_MASK, 1291 pc->cap); 1292 } 1293 1294 /* reply with identity matrix to avoid 2x2 BF negative gain */ 1295 bfee->fb_identity_matrix = (nrow == 1 && tx_ant == 2); 1296 } 1297 1298 static void 1299 mt7996_mcu_sta_phy_tlv(struct mt7996_dev *dev, struct sk_buff *skb, 1300 struct ieee80211_vif *vif, struct ieee80211_sta *sta) 1301 { 1302 struct sta_rec_phy *phy; 1303 struct tlv *tlv; 1304 u8 af = 0, mm = 0; 1305 1306 if (!sta->deflink.ht_cap.ht_supported && !sta->deflink.he_6ghz_capa.capa) 1307 return; 1308 1309 tlv = mt76_connac_mcu_add_tlv(skb, STA_REC_PHY, sizeof(*phy)); 1310 1311 phy = (struct sta_rec_phy *)tlv; 1312 if (sta->deflink.ht_cap.ht_supported) { 1313 af = sta->deflink.ht_cap.ampdu_factor; 1314 mm = sta->deflink.ht_cap.ampdu_density; 1315 } 1316 1317 if (sta->deflink.vht_cap.vht_supported) { 1318 u8 vht_af = FIELD_GET(IEEE80211_VHT_CAP_MAX_A_MPDU_LENGTH_EXPONENT_MASK, 1319 sta->deflink.vht_cap.cap); 1320 1321 af = max_t(u8, af, vht_af); 1322 } 1323 1324 if (sta->deflink.he_6ghz_capa.capa) { 1325 af = le16_get_bits(sta->deflink.he_6ghz_capa.capa, 1326 IEEE80211_HE_6GHZ_CAP_MAX_AMPDU_LEN_EXP); 1327 mm = le16_get_bits(sta->deflink.he_6ghz_capa.capa, 1328 IEEE80211_HE_6GHZ_CAP_MIN_MPDU_START); 1329 } 1330 1331 phy->ampdu = FIELD_PREP(IEEE80211_HT_AMPDU_PARM_FACTOR, af) | 1332 FIELD_PREP(IEEE80211_HT_AMPDU_PARM_DENSITY, mm); 1333 phy->max_ampdu_len = af; 1334 } 1335 1336 static void 1337 mt7996_mcu_sta_hdrt_tlv(struct mt7996_dev *dev, struct sk_buff *skb) 1338 { 1339 struct sta_rec_hdrt *hdrt; 1340 struct tlv *tlv; 1341 1342 tlv = mt76_connac_mcu_add_tlv(skb, STA_REC_HDRT, sizeof(*hdrt)); 1343 1344 hdrt = (struct sta_rec_hdrt *)tlv; 1345 hdrt->hdrt_mode = 1; 1346 } 1347 1348 static void 1349 mt7996_mcu_sta_hdr_trans_tlv(struct mt7996_dev *dev, struct sk_buff *skb, 1350 struct ieee80211_vif *vif, 1351 struct ieee80211_sta *sta) 1352 { 1353 struct sta_rec_hdr_trans *hdr_trans; 1354 struct mt76_wcid *wcid; 1355 struct tlv *tlv; 1356 1357 tlv = mt76_connac_mcu_add_tlv(skb, STA_REC_HDR_TRANS, sizeof(*hdr_trans)); 1358 hdr_trans = (struct sta_rec_hdr_trans *)tlv; 1359 hdr_trans->dis_rx_hdr_tran = true; 1360 1361 if (vif->type == NL80211_IFTYPE_STATION) 1362 hdr_trans->to_ds = true; 1363 else 1364 hdr_trans->from_ds = true; 1365 1366 wcid = (struct mt76_wcid *)sta->drv_priv; 1367 if (!wcid) 1368 return; 1369 1370 hdr_trans->dis_rx_hdr_tran = !test_bit(MT_WCID_FLAG_HDR_TRANS, &wcid->flags); 1371 if (test_bit(MT_WCID_FLAG_4ADDR, &wcid->flags)) { 1372 hdr_trans->to_ds = true; 1373 hdr_trans->from_ds = true; 1374 } 1375 } 1376 1377 static enum mcu_mmps_mode 1378 mt7996_mcu_get_mmps_mode(enum ieee80211_smps_mode smps) 1379 { 1380 switch (smps) { 1381 case IEEE80211_SMPS_OFF: 1382 return MCU_MMPS_DISABLE; 1383 case IEEE80211_SMPS_STATIC: 1384 return MCU_MMPS_STATIC; 1385 case IEEE80211_SMPS_DYNAMIC: 1386 return MCU_MMPS_DYNAMIC; 1387 default: 1388 return MCU_MMPS_DISABLE; 1389 } 1390 } 1391 1392 int mt7996_mcu_set_fixed_rate_ctrl(struct mt7996_dev *dev, 1393 void *data, u16 version) 1394 { 1395 struct ra_fixed_rate *req; 1396 struct uni_header hdr; 1397 struct sk_buff *skb; 1398 struct tlv *tlv; 1399 int len; 1400 1401 len = sizeof(hdr) + sizeof(*req); 1402 1403 skb = mt76_mcu_msg_alloc(&dev->mt76, NULL, len); 1404 if (!skb) 1405 return -ENOMEM; 1406 1407 skb_put_data(skb, &hdr, sizeof(hdr)); 1408 1409 tlv = mt7996_mcu_add_uni_tlv(skb, UNI_RA_FIXED_RATE, sizeof(*req)); 1410 req = (struct ra_fixed_rate *)tlv; 1411 req->version = cpu_to_le16(version); 1412 memcpy(&req->rate, data, sizeof(req->rate)); 1413 1414 return mt76_mcu_skb_send_msg(&dev->mt76, skb, 1415 MCU_WM_UNI_CMD(RA), true); 1416 } 1417 1418 static void 1419 mt7996_mcu_sta_rate_ctrl_tlv(struct sk_buff *skb, struct mt7996_dev *dev, 1420 struct ieee80211_vif *vif, struct ieee80211_sta *sta) 1421 { 1422 struct mt7996_vif *mvif = (struct mt7996_vif *)vif->drv_priv; 1423 struct mt76_phy *mphy = mvif->phy->mt76; 1424 struct cfg80211_chan_def *chandef = &mphy->chandef; 1425 struct cfg80211_bitrate_mask *mask = &mvif->bitrate_mask; 1426 enum nl80211_band band = chandef->chan->band; 1427 struct sta_rec_ra *ra; 1428 struct tlv *tlv; 1429 u32 supp_rate = sta->deflink.supp_rates[band]; 1430 u32 cap = sta->wme ? STA_CAP_WMM : 0; 1431 1432 tlv = mt76_connac_mcu_add_tlv(skb, STA_REC_RA, sizeof(*ra)); 1433 ra = (struct sta_rec_ra *)tlv; 1434 1435 ra->valid = true; 1436 ra->auto_rate = true; 1437 ra->phy_mode = mt76_connac_get_phy_mode(mphy, vif, band, sta); 1438 ra->channel = chandef->chan->hw_value; 1439 ra->bw = sta->deflink.bandwidth; 1440 ra->phy.bw = sta->deflink.bandwidth; 1441 ra->mmps_mode = mt7996_mcu_get_mmps_mode(sta->deflink.smps_mode); 1442 1443 if (supp_rate) { 1444 supp_rate &= mask->control[band].legacy; 1445 ra->rate_len = hweight32(supp_rate); 1446 1447 if (band == NL80211_BAND_2GHZ) { 1448 ra->supp_mode = MODE_CCK; 1449 ra->supp_cck_rate = supp_rate & GENMASK(3, 0); 1450 1451 if (ra->rate_len > 4) { 1452 ra->supp_mode |= MODE_OFDM; 1453 ra->supp_ofdm_rate = supp_rate >> 4; 1454 } 1455 } else { 1456 ra->supp_mode = MODE_OFDM; 1457 ra->supp_ofdm_rate = supp_rate; 1458 } 1459 } 1460 1461 if (sta->deflink.ht_cap.ht_supported) { 1462 ra->supp_mode |= MODE_HT; 1463 ra->af = sta->deflink.ht_cap.ampdu_factor; 1464 ra->ht_gf = !!(sta->deflink.ht_cap.cap & IEEE80211_HT_CAP_GRN_FLD); 1465 1466 cap |= STA_CAP_HT; 1467 if (sta->deflink.ht_cap.cap & IEEE80211_HT_CAP_SGI_20) 1468 cap |= STA_CAP_SGI_20; 1469 if (sta->deflink.ht_cap.cap & IEEE80211_HT_CAP_SGI_40) 1470 cap |= STA_CAP_SGI_40; 1471 if (sta->deflink.ht_cap.cap & IEEE80211_HT_CAP_TX_STBC) 1472 cap |= STA_CAP_TX_STBC; 1473 if (sta->deflink.ht_cap.cap & IEEE80211_HT_CAP_RX_STBC) 1474 cap |= STA_CAP_RX_STBC; 1475 if (mvif->cap.ht_ldpc && 1476 (sta->deflink.ht_cap.cap & IEEE80211_HT_CAP_LDPC_CODING)) 1477 cap |= STA_CAP_LDPC; 1478 1479 mt7996_mcu_set_sta_ht_mcs(sta, ra->ht_mcs, 1480 mask->control[band].ht_mcs); 1481 ra->supp_ht_mcs = *(__le32 *)ra->ht_mcs; 1482 } 1483 1484 if (sta->deflink.vht_cap.vht_supported) { 1485 u8 af; 1486 1487 ra->supp_mode |= MODE_VHT; 1488 af = FIELD_GET(IEEE80211_VHT_CAP_MAX_A_MPDU_LENGTH_EXPONENT_MASK, 1489 sta->deflink.vht_cap.cap); 1490 ra->af = max_t(u8, ra->af, af); 1491 1492 cap |= STA_CAP_VHT; 1493 if (sta->deflink.vht_cap.cap & IEEE80211_VHT_CAP_SHORT_GI_80) 1494 cap |= STA_CAP_VHT_SGI_80; 1495 if (sta->deflink.vht_cap.cap & IEEE80211_VHT_CAP_SHORT_GI_160) 1496 cap |= STA_CAP_VHT_SGI_160; 1497 if (sta->deflink.vht_cap.cap & IEEE80211_VHT_CAP_TXSTBC) 1498 cap |= STA_CAP_VHT_TX_STBC; 1499 if (sta->deflink.vht_cap.cap & IEEE80211_VHT_CAP_RXSTBC_1) 1500 cap |= STA_CAP_VHT_RX_STBC; 1501 if (mvif->cap.vht_ldpc && 1502 (sta->deflink.vht_cap.cap & IEEE80211_VHT_CAP_RXLDPC)) 1503 cap |= STA_CAP_VHT_LDPC; 1504 1505 mt7996_mcu_set_sta_vht_mcs(sta, ra->supp_vht_mcs, 1506 mask->control[band].vht_mcs); 1507 } 1508 1509 if (sta->deflink.he_cap.has_he) { 1510 ra->supp_mode |= MODE_HE; 1511 cap |= STA_CAP_HE; 1512 1513 if (sta->deflink.he_6ghz_capa.capa) 1514 ra->af = le16_get_bits(sta->deflink.he_6ghz_capa.capa, 1515 IEEE80211_HE_6GHZ_CAP_MAX_AMPDU_LEN_EXP); 1516 } 1517 ra->sta_cap = cpu_to_le32(cap); 1518 } 1519 1520 int mt7996_mcu_add_rate_ctrl(struct mt7996_dev *dev, struct ieee80211_vif *vif, 1521 struct ieee80211_sta *sta, bool changed) 1522 { 1523 struct mt7996_vif *mvif = (struct mt7996_vif *)vif->drv_priv; 1524 struct mt7996_sta *msta = (struct mt7996_sta *)sta->drv_priv; 1525 struct sk_buff *skb; 1526 1527 skb = __mt76_connac_mcu_alloc_sta_req(&dev->mt76, &mvif->mt76, 1528 &msta->wcid, 1529 MT7996_STA_UPDATE_MAX_SIZE); 1530 if (IS_ERR(skb)) 1531 return PTR_ERR(skb); 1532 1533 /* firmware rc algorithm refers to sta_rec_he for HE control. 1534 * once dev->rc_work changes the settings driver should also 1535 * update sta_rec_he here. 1536 */ 1537 if (changed) 1538 mt7996_mcu_sta_he_tlv(skb, sta); 1539 1540 /* sta_rec_ra accommodates BW, NSS and only MCS range format 1541 * i.e 0-{7,8,9} for VHT. 1542 */ 1543 mt7996_mcu_sta_rate_ctrl_tlv(skb, dev, vif, sta); 1544 1545 return mt76_mcu_skb_send_msg(&dev->mt76, skb, 1546 MCU_WMWA_UNI_CMD(STA_REC_UPDATE), true); 1547 } 1548 1549 static int 1550 mt7996_mcu_add_group(struct mt7996_dev *dev, struct ieee80211_vif *vif, 1551 struct ieee80211_sta *sta) 1552 { 1553 #define MT_STA_BSS_GROUP 1 1554 struct mt7996_vif *mvif = (struct mt7996_vif *)vif->drv_priv; 1555 struct mt7996_sta *msta; 1556 struct { 1557 u8 __rsv1[4]; 1558 1559 __le16 tag; 1560 __le16 len; 1561 __le16 wlan_idx; 1562 u8 __rsv2[2]; 1563 __le32 action; 1564 __le32 val; 1565 u8 __rsv3[8]; 1566 } __packed req = { 1567 .tag = cpu_to_le16(UNI_VOW_DRR_CTRL), 1568 .len = cpu_to_le16(sizeof(req) - 4), 1569 .action = cpu_to_le32(MT_STA_BSS_GROUP), 1570 .val = cpu_to_le32(mvif->mt76.idx % 16), 1571 }; 1572 1573 msta = sta ? (struct mt7996_sta *)sta->drv_priv : &mvif->sta; 1574 req.wlan_idx = cpu_to_le16(msta->wcid.idx); 1575 1576 return mt76_mcu_send_msg(&dev->mt76, MCU_WM_UNI_CMD(VOW), &req, 1577 sizeof(req), true); 1578 } 1579 1580 int mt7996_mcu_add_sta(struct mt7996_dev *dev, struct ieee80211_vif *vif, 1581 struct ieee80211_sta *sta, bool enable) 1582 { 1583 struct mt7996_vif *mvif = (struct mt7996_vif *)vif->drv_priv; 1584 struct mt7996_sta *msta; 1585 struct sk_buff *skb; 1586 int ret; 1587 1588 msta = sta ? (struct mt7996_sta *)sta->drv_priv : &mvif->sta; 1589 1590 skb = __mt76_connac_mcu_alloc_sta_req(&dev->mt76, &mvif->mt76, 1591 &msta->wcid, 1592 MT7996_STA_UPDATE_MAX_SIZE); 1593 if (IS_ERR(skb)) 1594 return PTR_ERR(skb); 1595 1596 /* starec basic */ 1597 mt76_connac_mcu_sta_basic_tlv(skb, vif, sta, enable, 1598 !rcu_access_pointer(dev->mt76.wcid[msta->wcid.idx])); 1599 if (!enable) 1600 goto out; 1601 1602 /* tag order is in accordance with firmware dependency. */ 1603 if (sta) { 1604 /* starec phy */ 1605 mt7996_mcu_sta_phy_tlv(dev, skb, vif, sta); 1606 /* starec hdrt mode */ 1607 mt7996_mcu_sta_hdrt_tlv(dev, skb); 1608 /* starec bfer */ 1609 mt7996_mcu_sta_bfer_tlv(dev, skb, vif, sta); 1610 /* starec ht */ 1611 mt7996_mcu_sta_ht_tlv(skb, sta); 1612 /* starec vht */ 1613 mt7996_mcu_sta_vht_tlv(skb, sta); 1614 /* starec uapsd */ 1615 mt76_connac_mcu_sta_uapsd(skb, vif, sta); 1616 /* starec amsdu */ 1617 mt7996_mcu_sta_amsdu_tlv(dev, skb, vif, sta); 1618 /* starec he */ 1619 mt7996_mcu_sta_he_tlv(skb, sta); 1620 /* starec he 6g*/ 1621 mt7996_mcu_sta_he_6g_tlv(skb, sta); 1622 /* TODO: starec muru */ 1623 /* starec bfee */ 1624 mt7996_mcu_sta_bfee_tlv(dev, skb, vif, sta); 1625 /* starec hdr trans */ 1626 mt7996_mcu_sta_hdr_trans_tlv(dev, skb, vif, sta); 1627 } 1628 1629 ret = mt7996_mcu_add_group(dev, vif, sta); 1630 if (ret) { 1631 dev_kfree_skb(skb); 1632 return ret; 1633 } 1634 out: 1635 return mt76_mcu_skb_send_msg(&dev->mt76, skb, 1636 MCU_WMWA_UNI_CMD(STA_REC_UPDATE), true); 1637 } 1638 1639 static int 1640 mt7996_mcu_sta_key_tlv(struct mt76_wcid *wcid, 1641 struct mt76_connac_sta_key_conf *sta_key_conf, 1642 struct sk_buff *skb, 1643 struct ieee80211_key_conf *key, 1644 enum set_key_cmd cmd) 1645 { 1646 struct sta_rec_sec_uni *sec; 1647 struct tlv *tlv; 1648 1649 tlv = mt76_connac_mcu_add_tlv(skb, STA_REC_KEY_V2, sizeof(*sec)); 1650 sec = (struct sta_rec_sec_uni *)tlv; 1651 sec->add = cmd; 1652 1653 if (cmd == SET_KEY) { 1654 struct sec_key_uni *sec_key; 1655 u8 cipher; 1656 1657 cipher = mt76_connac_mcu_get_cipher(key->cipher); 1658 if (cipher == MCU_CIPHER_NONE) 1659 return -EOPNOTSUPP; 1660 1661 sec_key = &sec->key[0]; 1662 sec_key->cipher_len = sizeof(*sec_key); 1663 1664 if (cipher == MCU_CIPHER_BIP_CMAC_128) { 1665 sec_key->wlan_idx = cpu_to_le16(wcid->idx); 1666 sec_key->cipher_id = MCU_CIPHER_AES_CCMP; 1667 sec_key->key_id = sta_key_conf->keyidx; 1668 sec_key->key_len = 16; 1669 memcpy(sec_key->key, sta_key_conf->key, 16); 1670 1671 sec_key = &sec->key[1]; 1672 sec_key->wlan_idx = cpu_to_le16(wcid->idx); 1673 sec_key->cipher_id = MCU_CIPHER_BIP_CMAC_128; 1674 sec_key->cipher_len = sizeof(*sec_key); 1675 sec_key->key_len = 16; 1676 memcpy(sec_key->key, key->key, 16); 1677 sec->n_cipher = 2; 1678 } else { 1679 sec_key->wlan_idx = cpu_to_le16(wcid->idx); 1680 sec_key->cipher_id = cipher; 1681 sec_key->key_id = key->keyidx; 1682 sec_key->key_len = key->keylen; 1683 memcpy(sec_key->key, key->key, key->keylen); 1684 1685 if (cipher == MCU_CIPHER_TKIP) { 1686 /* Rx/Tx MIC keys are swapped */ 1687 memcpy(sec_key->key + 16, key->key + 24, 8); 1688 memcpy(sec_key->key + 24, key->key + 16, 8); 1689 } 1690 1691 /* store key_conf for BIP batch update */ 1692 if (cipher == MCU_CIPHER_AES_CCMP) { 1693 memcpy(sta_key_conf->key, key->key, key->keylen); 1694 sta_key_conf->keyidx = key->keyidx; 1695 } 1696 1697 sec->n_cipher = 1; 1698 } 1699 } else { 1700 sec->n_cipher = 0; 1701 } 1702 1703 return 0; 1704 } 1705 1706 int mt7996_mcu_add_key(struct mt76_dev *dev, struct ieee80211_vif *vif, 1707 struct mt76_connac_sta_key_conf *sta_key_conf, 1708 struct ieee80211_key_conf *key, int mcu_cmd, 1709 struct mt76_wcid *wcid, enum set_key_cmd cmd) 1710 { 1711 struct mt76_vif *mvif = (struct mt76_vif *)vif->drv_priv; 1712 struct sk_buff *skb; 1713 int ret; 1714 1715 skb = __mt76_connac_mcu_alloc_sta_req(dev, mvif, wcid, 1716 MT7996_STA_UPDATE_MAX_SIZE); 1717 if (IS_ERR(skb)) 1718 return PTR_ERR(skb); 1719 1720 ret = mt7996_mcu_sta_key_tlv(wcid, sta_key_conf, skb, key, cmd); 1721 if (ret) 1722 return ret; 1723 1724 return mt76_mcu_skb_send_msg(dev, skb, mcu_cmd, true); 1725 } 1726 1727 int mt7996_mcu_add_dev_info(struct mt7996_phy *phy, 1728 struct ieee80211_vif *vif, bool enable) 1729 { 1730 struct mt7996_dev *dev = phy->dev; 1731 struct mt7996_vif *mvif = (struct mt7996_vif *)vif->drv_priv; 1732 struct { 1733 struct req_hdr { 1734 u8 omac_idx; 1735 u8 band_idx; 1736 u8 __rsv[2]; 1737 } __packed hdr; 1738 struct req_tlv { 1739 __le16 tag; 1740 __le16 len; 1741 u8 active; 1742 u8 __rsv; 1743 u8 omac_addr[ETH_ALEN]; 1744 } __packed tlv; 1745 } data = { 1746 .hdr = { 1747 .omac_idx = mvif->mt76.omac_idx, 1748 .band_idx = mvif->mt76.band_idx, 1749 }, 1750 .tlv = { 1751 .tag = cpu_to_le16(DEV_INFO_ACTIVE), 1752 .len = cpu_to_le16(sizeof(struct req_tlv)), 1753 .active = enable, 1754 }, 1755 }; 1756 1757 if (mvif->mt76.omac_idx >= REPEATER_BSSID_START) 1758 return mt7996_mcu_muar_config(phy, vif, false, enable); 1759 1760 memcpy(data.tlv.omac_addr, vif->addr, ETH_ALEN); 1761 return mt76_mcu_send_msg(&dev->mt76, MCU_WMWA_UNI_CMD(DEV_INFO_UPDATE), 1762 &data, sizeof(data), true); 1763 } 1764 1765 static void 1766 mt7996_mcu_beacon_cntdwn(struct ieee80211_vif *vif, struct sk_buff *rskb, 1767 struct sk_buff *skb, 1768 struct ieee80211_mutable_offsets *offs) 1769 { 1770 struct bss_bcn_cntdwn_tlv *info; 1771 struct tlv *tlv; 1772 u16 tag; 1773 1774 if (!offs->cntdwn_counter_offs[0]) 1775 return; 1776 1777 tag = vif->bss_conf.csa_active ? UNI_BSS_INFO_BCN_CSA : UNI_BSS_INFO_BCN_BCC; 1778 1779 tlv = mt7996_mcu_add_uni_tlv(rskb, tag, sizeof(*info)); 1780 1781 info = (struct bss_bcn_cntdwn_tlv *)tlv; 1782 info->cnt = skb->data[offs->cntdwn_counter_offs[0]]; 1783 } 1784 1785 static void 1786 mt7996_mcu_beacon_cont(struct mt7996_dev *dev, struct ieee80211_vif *vif, 1787 struct sk_buff *rskb, struct sk_buff *skb, 1788 struct bss_bcn_content_tlv *bcn, 1789 struct ieee80211_mutable_offsets *offs) 1790 { 1791 struct mt76_wcid *wcid = &dev->mt76.global_wcid; 1792 u8 *buf; 1793 1794 bcn->pkt_len = cpu_to_le16(MT_TXD_SIZE + skb->len); 1795 bcn->tim_ie_pos = cpu_to_le16(offs->tim_offset); 1796 1797 if (offs->cntdwn_counter_offs[0]) { 1798 u16 offset = offs->cntdwn_counter_offs[0]; 1799 1800 if (vif->bss_conf.csa_active) 1801 bcn->csa_ie_pos = cpu_to_le16(offset - 4); 1802 if (vif->bss_conf.color_change_active) 1803 bcn->bcc_ie_pos = cpu_to_le16(offset - 3); 1804 } 1805 1806 buf = (u8 *)bcn + sizeof(*bcn) - MAX_BEACON_SIZE; 1807 mt7996_mac_write_txwi(dev, (__le32 *)buf, skb, wcid, 0, NULL, 1808 BSS_CHANGED_BEACON); 1809 memcpy(buf + MT_TXD_SIZE, skb->data, skb->len); 1810 } 1811 1812 static void 1813 mt7996_mcu_beacon_check_caps(struct mt7996_phy *phy, struct ieee80211_vif *vif, 1814 struct sk_buff *skb) 1815 { 1816 struct mt7996_vif *mvif = (struct mt7996_vif *)vif->drv_priv; 1817 struct mt7996_vif_cap *vc = &mvif->cap; 1818 const struct ieee80211_he_cap_elem *he; 1819 const struct ieee80211_vht_cap *vht; 1820 const struct ieee80211_ht_cap *ht; 1821 struct ieee80211_mgmt *mgmt = (struct ieee80211_mgmt *)skb->data; 1822 const u8 *ie; 1823 u32 len, bc; 1824 1825 /* Check missing configuration options to allow AP mode in mac80211 1826 * to remain in sync with hostapd settings, and get a subset of 1827 * beacon and hardware capabilities. 1828 */ 1829 if (WARN_ON_ONCE(skb->len <= (mgmt->u.beacon.variable - skb->data))) 1830 return; 1831 1832 memset(vc, 0, sizeof(*vc)); 1833 1834 len = skb->len - (mgmt->u.beacon.variable - skb->data); 1835 1836 ie = cfg80211_find_ie(WLAN_EID_HT_CAPABILITY, mgmt->u.beacon.variable, 1837 len); 1838 if (ie && ie[1] >= sizeof(*ht)) { 1839 ht = (void *)(ie + 2); 1840 vc->ht_ldpc |= !!(le16_to_cpu(ht->cap_info) & 1841 IEEE80211_HT_CAP_LDPC_CODING); 1842 } 1843 1844 ie = cfg80211_find_ie(WLAN_EID_VHT_CAPABILITY, mgmt->u.beacon.variable, 1845 len); 1846 if (ie && ie[1] >= sizeof(*vht)) { 1847 u32 pc = phy->mt76->sband_5g.sband.vht_cap.cap; 1848 1849 vht = (void *)(ie + 2); 1850 bc = le32_to_cpu(vht->vht_cap_info); 1851 1852 vc->vht_ldpc |= !!(bc & IEEE80211_VHT_CAP_RXLDPC); 1853 vc->vht_su_ebfer = 1854 (bc & IEEE80211_VHT_CAP_SU_BEAMFORMER_CAPABLE) && 1855 (pc & IEEE80211_VHT_CAP_SU_BEAMFORMER_CAPABLE); 1856 vc->vht_su_ebfee = 1857 (bc & IEEE80211_VHT_CAP_SU_BEAMFORMEE_CAPABLE) && 1858 (pc & IEEE80211_VHT_CAP_SU_BEAMFORMEE_CAPABLE); 1859 vc->vht_mu_ebfer = 1860 (bc & IEEE80211_VHT_CAP_MU_BEAMFORMER_CAPABLE) && 1861 (pc & IEEE80211_VHT_CAP_MU_BEAMFORMER_CAPABLE); 1862 vc->vht_mu_ebfee = 1863 (bc & IEEE80211_VHT_CAP_MU_BEAMFORMEE_CAPABLE) && 1864 (pc & IEEE80211_VHT_CAP_MU_BEAMFORMEE_CAPABLE); 1865 } 1866 1867 ie = cfg80211_find_ext_ie(WLAN_EID_EXT_HE_CAPABILITY, 1868 mgmt->u.beacon.variable, len); 1869 if (ie && ie[1] >= sizeof(*he) + 1) { 1870 const struct ieee80211_sta_he_cap *pc = 1871 mt76_connac_get_he_phy_cap(phy->mt76, vif); 1872 const struct ieee80211_he_cap_elem *pe = &pc->he_cap_elem; 1873 1874 he = (void *)(ie + 3); 1875 1876 vc->he_ldpc = 1877 HE_PHY(CAP1_LDPC_CODING_IN_PAYLOAD, pe->phy_cap_info[1]); 1878 vc->he_su_ebfer = 1879 HE_PHY(CAP3_SU_BEAMFORMER, he->phy_cap_info[3]) && 1880 HE_PHY(CAP3_SU_BEAMFORMER, pe->phy_cap_info[3]); 1881 vc->he_su_ebfee = 1882 HE_PHY(CAP4_SU_BEAMFORMEE, he->phy_cap_info[4]) && 1883 HE_PHY(CAP4_SU_BEAMFORMEE, pe->phy_cap_info[4]); 1884 vc->he_mu_ebfer = 1885 HE_PHY(CAP4_MU_BEAMFORMER, he->phy_cap_info[4]) && 1886 HE_PHY(CAP4_MU_BEAMFORMER, pe->phy_cap_info[4]); 1887 } 1888 } 1889 1890 int mt7996_mcu_add_beacon(struct ieee80211_hw *hw, 1891 struct ieee80211_vif *vif, int en) 1892 { 1893 struct mt7996_dev *dev = mt7996_hw_dev(hw); 1894 struct mt7996_phy *phy = mt7996_hw_phy(hw); 1895 struct mt7996_vif *mvif = (struct mt7996_vif *)vif->drv_priv; 1896 struct ieee80211_mutable_offsets offs; 1897 struct ieee80211_tx_info *info; 1898 struct sk_buff *skb, *rskb; 1899 struct tlv *tlv; 1900 struct bss_bcn_content_tlv *bcn; 1901 1902 rskb = __mt7996_mcu_alloc_bss_req(&dev->mt76, &mvif->mt76, 1903 MT7996_BEACON_UPDATE_SIZE); 1904 if (IS_ERR(rskb)) 1905 return PTR_ERR(rskb); 1906 1907 tlv = mt7996_mcu_add_uni_tlv(rskb, 1908 UNI_BSS_INFO_BCN_CONTENT, sizeof(*bcn)); 1909 bcn = (struct bss_bcn_content_tlv *)tlv; 1910 bcn->enable = en; 1911 1912 if (!en) 1913 goto out; 1914 1915 skb = ieee80211_beacon_get_template(hw, vif, &offs, 0); 1916 if (!skb) 1917 return -EINVAL; 1918 1919 if (skb->len > MAX_BEACON_SIZE - MT_TXD_SIZE) { 1920 dev_err(dev->mt76.dev, "Bcn size limit exceed\n"); 1921 dev_kfree_skb(skb); 1922 return -EINVAL; 1923 } 1924 1925 info = IEEE80211_SKB_CB(skb); 1926 info->hw_queue |= FIELD_PREP(MT_TX_HW_QUEUE_PHY, phy->mt76->band_idx); 1927 1928 mt7996_mcu_beacon_check_caps(phy, vif, skb); 1929 1930 mt7996_mcu_beacon_cont(dev, vif, rskb, skb, bcn, &offs); 1931 /* TODO: subtag - 11v MBSSID */ 1932 mt7996_mcu_beacon_cntdwn(vif, rskb, skb, &offs); 1933 dev_kfree_skb(skb); 1934 out: 1935 return mt76_mcu_skb_send_msg(&phy->dev->mt76, rskb, 1936 MCU_WMWA_UNI_CMD(BSS_INFO_UPDATE), true); 1937 } 1938 1939 int mt7996_mcu_beacon_inband_discov(struct mt7996_dev *dev, 1940 struct ieee80211_vif *vif, u32 changed) 1941 { 1942 #define OFFLOAD_TX_MODE_SU BIT(0) 1943 #define OFFLOAD_TX_MODE_MU BIT(1) 1944 struct ieee80211_hw *hw = mt76_hw(dev); 1945 struct mt7996_phy *phy = mt7996_hw_phy(hw); 1946 struct mt7996_vif *mvif = (struct mt7996_vif *)vif->drv_priv; 1947 struct cfg80211_chan_def *chandef = &mvif->phy->mt76->chandef; 1948 enum nl80211_band band = chandef->chan->band; 1949 struct mt76_wcid *wcid = &dev->mt76.global_wcid; 1950 struct bss_inband_discovery_tlv *discov; 1951 struct ieee80211_tx_info *info; 1952 struct sk_buff *rskb, *skb = NULL; 1953 struct tlv *tlv; 1954 u8 *buf, interval; 1955 1956 rskb = __mt7996_mcu_alloc_bss_req(&dev->mt76, &mvif->mt76, 1957 MT7996_INBAND_FRAME_SIZE); 1958 if (IS_ERR(rskb)) 1959 return PTR_ERR(rskb); 1960 1961 if (changed & BSS_CHANGED_FILS_DISCOVERY && 1962 vif->bss_conf.fils_discovery.max_interval) { 1963 interval = vif->bss_conf.fils_discovery.max_interval; 1964 skb = ieee80211_get_fils_discovery_tmpl(hw, vif); 1965 } else if (changed & BSS_CHANGED_UNSOL_BCAST_PROBE_RESP && 1966 vif->bss_conf.unsol_bcast_probe_resp_interval) { 1967 interval = vif->bss_conf.unsol_bcast_probe_resp_interval; 1968 skb = ieee80211_get_unsol_bcast_probe_resp_tmpl(hw, vif); 1969 } 1970 1971 if (!skb) 1972 return -EINVAL; 1973 1974 if (skb->len > MAX_INBAND_FRAME_SIZE - MT_TXD_SIZE) { 1975 dev_err(dev->mt76.dev, "inband discovery size limit exceed\n"); 1976 dev_kfree_skb(skb); 1977 return -EINVAL; 1978 } 1979 1980 info = IEEE80211_SKB_CB(skb); 1981 info->control.vif = vif; 1982 info->band = band; 1983 info->hw_queue |= FIELD_PREP(MT_TX_HW_QUEUE_PHY, phy->mt76->band_idx); 1984 1985 tlv = mt7996_mcu_add_uni_tlv(rskb, UNI_BSS_INFO_OFFLOAD, sizeof(*discov)); 1986 1987 discov = (struct bss_inband_discovery_tlv *)tlv; 1988 discov->tx_mode = OFFLOAD_TX_MODE_SU; 1989 /* 0: UNSOL PROBE RESP, 1: FILS DISCOV */ 1990 discov->tx_type = !!(changed & BSS_CHANGED_FILS_DISCOVERY); 1991 discov->tx_interval = interval; 1992 discov->prob_rsp_len = cpu_to_le16(MT_TXD_SIZE + skb->len); 1993 discov->enable = true; 1994 discov->wcid = cpu_to_le16(MT7996_WTBL_RESERVED); 1995 1996 buf = (u8 *)tlv + sizeof(*discov) - MAX_INBAND_FRAME_SIZE; 1997 1998 mt7996_mac_write_txwi(dev, (__le32 *)buf, skb, wcid, 0, NULL, 1999 changed); 2000 2001 memcpy(buf + MT_TXD_SIZE, skb->data, skb->len); 2002 2003 dev_kfree_skb(skb); 2004 2005 return mt76_mcu_skb_send_msg(&dev->mt76, rskb, 2006 MCU_WMWA_UNI_CMD(BSS_INFO_UPDATE), true); 2007 } 2008 2009 static int mt7996_driver_own(struct mt7996_dev *dev, u8 band) 2010 { 2011 mt76_wr(dev, MT_TOP_LPCR_HOST_BAND(band), MT_TOP_LPCR_HOST_DRV_OWN); 2012 if (!mt76_poll_msec(dev, MT_TOP_LPCR_HOST_BAND(band), 2013 MT_TOP_LPCR_HOST_FW_OWN_STAT, 0, 500)) { 2014 dev_err(dev->mt76.dev, "Timeout for driver own\n"); 2015 return -EIO; 2016 } 2017 2018 /* clear irq when the driver own success */ 2019 mt76_wr(dev, MT_TOP_LPCR_HOST_BAND_IRQ_STAT(band), 2020 MT_TOP_LPCR_HOST_BAND_STAT); 2021 2022 return 0; 2023 } 2024 2025 static u32 mt7996_patch_sec_mode(u32 key_info) 2026 { 2027 u32 sec = u32_get_bits(key_info, MT7996_PATCH_SEC), key = 0; 2028 2029 if (key_info == GENMASK(31, 0) || sec == MT7996_SEC_MODE_PLAIN) 2030 return 0; 2031 2032 if (sec == MT7996_SEC_MODE_AES) 2033 key = u32_get_bits(key_info, MT7996_PATCH_AES_KEY); 2034 else 2035 key = u32_get_bits(key_info, MT7996_PATCH_SCRAMBLE_KEY); 2036 2037 return MT7996_SEC_ENCRYPT | MT7996_SEC_IV | 2038 u32_encode_bits(key, MT7996_SEC_KEY_IDX); 2039 } 2040 2041 static int mt7996_load_patch(struct mt7996_dev *dev) 2042 { 2043 const struct mt7996_patch_hdr *hdr; 2044 const struct firmware *fw = NULL; 2045 int i, ret, sem; 2046 2047 sem = mt76_connac_mcu_patch_sem_ctrl(&dev->mt76, 1); 2048 switch (sem) { 2049 case PATCH_IS_DL: 2050 return 0; 2051 case PATCH_NOT_DL_SEM_SUCCESS: 2052 break; 2053 default: 2054 dev_err(dev->mt76.dev, "Failed to get patch semaphore\n"); 2055 return -EAGAIN; 2056 } 2057 2058 ret = request_firmware(&fw, MT7996_ROM_PATCH, dev->mt76.dev); 2059 if (ret) 2060 goto out; 2061 2062 if (!fw || !fw->data || fw->size < sizeof(*hdr)) { 2063 dev_err(dev->mt76.dev, "Invalid firmware\n"); 2064 ret = -EINVAL; 2065 goto out; 2066 } 2067 2068 hdr = (const struct mt7996_patch_hdr *)(fw->data); 2069 2070 dev_info(dev->mt76.dev, "HW/SW Version: 0x%x, Build Time: %.16s\n", 2071 be32_to_cpu(hdr->hw_sw_ver), hdr->build_date); 2072 2073 for (i = 0; i < be32_to_cpu(hdr->desc.n_region); i++) { 2074 struct mt7996_patch_sec *sec; 2075 const u8 *dl; 2076 u32 len, addr, sec_key_idx, mode = DL_MODE_NEED_RSP; 2077 2078 sec = (struct mt7996_patch_sec *)(fw->data + sizeof(*hdr) + 2079 i * sizeof(*sec)); 2080 if ((be32_to_cpu(sec->type) & PATCH_SEC_TYPE_MASK) != 2081 PATCH_SEC_TYPE_INFO) { 2082 ret = -EINVAL; 2083 goto out; 2084 } 2085 2086 addr = be32_to_cpu(sec->info.addr); 2087 len = be32_to_cpu(sec->info.len); 2088 sec_key_idx = be32_to_cpu(sec->info.sec_key_idx); 2089 dl = fw->data + be32_to_cpu(sec->offs); 2090 2091 mode |= mt7996_patch_sec_mode(sec_key_idx); 2092 2093 ret = mt76_connac_mcu_init_download(&dev->mt76, addr, len, 2094 mode); 2095 if (ret) { 2096 dev_err(dev->mt76.dev, "Download request failed\n"); 2097 goto out; 2098 } 2099 2100 ret = __mt76_mcu_send_firmware(&dev->mt76, MCU_CMD(FW_SCATTER), 2101 dl, len, 4096); 2102 if (ret) { 2103 dev_err(dev->mt76.dev, "Failed to send patch\n"); 2104 goto out; 2105 } 2106 } 2107 2108 ret = mt76_connac_mcu_start_patch(&dev->mt76); 2109 if (ret) 2110 dev_err(dev->mt76.dev, "Failed to start patch\n"); 2111 2112 out: 2113 sem = mt76_connac_mcu_patch_sem_ctrl(&dev->mt76, 0); 2114 switch (sem) { 2115 case PATCH_REL_SEM_SUCCESS: 2116 break; 2117 default: 2118 ret = -EAGAIN; 2119 dev_err(dev->mt76.dev, "Failed to release patch semaphore\n"); 2120 break; 2121 } 2122 release_firmware(fw); 2123 2124 return ret; 2125 } 2126 2127 static int 2128 mt7996_mcu_send_ram_firmware(struct mt7996_dev *dev, 2129 const struct mt7996_fw_trailer *hdr, 2130 const u8 *data, bool is_wa) 2131 { 2132 int i, offset = 0; 2133 u32 override = 0, option = 0; 2134 2135 for (i = 0; i < hdr->n_region; i++) { 2136 const struct mt7996_fw_region *region; 2137 int err; 2138 u32 len, addr, mode; 2139 2140 region = (const struct mt7996_fw_region *)((const u8 *)hdr - 2141 (hdr->n_region - i) * sizeof(*region)); 2142 mode = mt76_connac_mcu_gen_dl_mode(&dev->mt76, 2143 region->feature_set, is_wa); 2144 len = le32_to_cpu(region->len); 2145 addr = le32_to_cpu(region->addr); 2146 2147 if (region->feature_set & FW_FEATURE_OVERRIDE_ADDR) 2148 override = addr; 2149 2150 err = mt76_connac_mcu_init_download(&dev->mt76, addr, len, 2151 mode); 2152 if (err) { 2153 dev_err(dev->mt76.dev, "Download request failed\n"); 2154 return err; 2155 } 2156 2157 err = __mt76_mcu_send_firmware(&dev->mt76, MCU_CMD(FW_SCATTER), 2158 data + offset, len, 4096); 2159 if (err) { 2160 dev_err(dev->mt76.dev, "Failed to send firmware.\n"); 2161 return err; 2162 } 2163 2164 offset += len; 2165 } 2166 2167 if (override) 2168 option |= FW_START_OVERRIDE; 2169 2170 if (is_wa) 2171 option |= FW_START_WORKING_PDA_CR4; 2172 2173 return mt76_connac_mcu_start_firmware(&dev->mt76, override, option); 2174 } 2175 2176 static int mt7996_load_ram(struct mt7996_dev *dev) 2177 { 2178 const struct mt7996_fw_trailer *hdr; 2179 const struct firmware *fw; 2180 int ret; 2181 2182 ret = request_firmware(&fw, MT7996_FIRMWARE_WM, dev->mt76.dev); 2183 if (ret) 2184 return ret; 2185 2186 if (!fw || !fw->data || fw->size < sizeof(*hdr)) { 2187 dev_err(dev->mt76.dev, "Invalid firmware\n"); 2188 ret = -EINVAL; 2189 goto out; 2190 } 2191 2192 hdr = (const struct mt7996_fw_trailer *)(fw->data + fw->size - sizeof(*hdr)); 2193 2194 dev_info(dev->mt76.dev, "WM Firmware Version: %.10s, Build Time: %.15s\n", 2195 hdr->fw_ver, hdr->build_date); 2196 2197 ret = mt7996_mcu_send_ram_firmware(dev, hdr, fw->data, false); 2198 if (ret) { 2199 dev_err(dev->mt76.dev, "Failed to start WM firmware\n"); 2200 goto out; 2201 } 2202 2203 release_firmware(fw); 2204 2205 ret = request_firmware(&fw, MT7996_FIRMWARE_WA, dev->mt76.dev); 2206 if (ret) 2207 return ret; 2208 2209 if (!fw || !fw->data || fw->size < sizeof(*hdr)) { 2210 dev_err(dev->mt76.dev, "Invalid firmware\n"); 2211 ret = -EINVAL; 2212 goto out; 2213 } 2214 2215 hdr = (const struct mt7996_fw_trailer *)(fw->data + fw->size - sizeof(*hdr)); 2216 2217 dev_info(dev->mt76.dev, "WA Firmware Version: %.10s, Build Time: %.15s\n", 2218 hdr->fw_ver, hdr->build_date); 2219 2220 ret = mt7996_mcu_send_ram_firmware(dev, hdr, fw->data, true); 2221 if (ret) { 2222 dev_err(dev->mt76.dev, "Failed to start WA firmware\n"); 2223 goto out; 2224 } 2225 2226 snprintf(dev->mt76.hw->wiphy->fw_version, 2227 sizeof(dev->mt76.hw->wiphy->fw_version), 2228 "%.10s-%.15s", hdr->fw_ver, hdr->build_date); 2229 2230 out: 2231 release_firmware(fw); 2232 2233 return ret; 2234 } 2235 2236 static int 2237 mt7996_firmware_state(struct mt7996_dev *dev, bool wa) 2238 { 2239 u32 state = FIELD_PREP(MT_TOP_MISC_FW_STATE, 2240 wa ? FW_STATE_RDY : FW_STATE_FW_DOWNLOAD); 2241 2242 if (!mt76_poll_msec(dev, MT_TOP_MISC, MT_TOP_MISC_FW_STATE, 2243 state, 1000)) { 2244 dev_err(dev->mt76.dev, "Timeout for initializing firmware\n"); 2245 return -EIO; 2246 } 2247 return 0; 2248 } 2249 2250 static int mt7996_load_firmware(struct mt7996_dev *dev) 2251 { 2252 int ret; 2253 2254 /* make sure fw is download state */ 2255 if (mt7996_firmware_state(dev, false)) { 2256 /* restart firmware once */ 2257 __mt76_mcu_restart(&dev->mt76); 2258 ret = mt7996_firmware_state(dev, false); 2259 if (ret) { 2260 dev_err(dev->mt76.dev, 2261 "Firmware is not ready for download\n"); 2262 return ret; 2263 } 2264 } 2265 2266 ret = mt7996_load_patch(dev); 2267 if (ret) 2268 return ret; 2269 2270 ret = mt7996_load_ram(dev); 2271 if (ret) 2272 return ret; 2273 2274 ret = mt7996_firmware_state(dev, true); 2275 if (ret) 2276 return ret; 2277 2278 mt76_queue_tx_cleanup(dev, dev->mt76.q_mcu[MT_MCUQ_FWDL], false); 2279 2280 dev_dbg(dev->mt76.dev, "Firmware init done\n"); 2281 2282 return 0; 2283 } 2284 2285 int mt7996_mcu_fw_log_2_host(struct mt7996_dev *dev, u8 type, u8 ctrl) 2286 { 2287 struct { 2288 u8 _rsv[4]; 2289 2290 __le16 tag; 2291 __le16 len; 2292 u8 ctrl; 2293 u8 interval; 2294 u8 _rsv2[2]; 2295 } __packed data = { 2296 .tag = cpu_to_le16(UNI_WSYS_CONFIG_FW_LOG_CTRL), 2297 .len = cpu_to_le16(sizeof(data) - 4), 2298 .ctrl = ctrl, 2299 }; 2300 2301 if (type == MCU_FW_LOG_WA) 2302 return mt76_mcu_send_msg(&dev->mt76, MCU_WA_UNI_CMD(WSYS_CONFIG), 2303 &data, sizeof(data), true); 2304 2305 return mt76_mcu_send_msg(&dev->mt76, MCU_WM_UNI_CMD(WSYS_CONFIG), &data, 2306 sizeof(data), true); 2307 } 2308 2309 int mt7996_mcu_fw_dbg_ctrl(struct mt7996_dev *dev, u32 module, u8 level) 2310 { 2311 struct { 2312 u8 _rsv[4]; 2313 2314 __le16 tag; 2315 __le16 len; 2316 __le32 module_idx; 2317 u8 level; 2318 u8 _rsv2[3]; 2319 } data = { 2320 .tag = cpu_to_le16(UNI_WSYS_CONFIG_FW_DBG_CTRL), 2321 .len = cpu_to_le16(sizeof(data) - 4), 2322 .module_idx = cpu_to_le32(module), 2323 .level = level, 2324 }; 2325 2326 return mt76_mcu_send_msg(&dev->mt76, MCU_WM_UNI_CMD(WSYS_CONFIG), &data, 2327 sizeof(data), false); 2328 } 2329 2330 static int mt7996_mcu_set_mwds(struct mt7996_dev *dev, bool enabled) 2331 { 2332 struct { 2333 u8 enable; 2334 u8 _rsv[3]; 2335 } __packed req = { 2336 .enable = enabled 2337 }; 2338 2339 return mt76_mcu_send_msg(&dev->mt76, MCU_WA_EXT_CMD(MWDS_SUPPORT), &req, 2340 sizeof(req), false); 2341 } 2342 2343 static void mt7996_add_rx_airtime_tlv(struct sk_buff *skb, u8 band_idx) 2344 { 2345 struct vow_rx_airtime *req; 2346 struct tlv *tlv; 2347 2348 tlv = mt7996_mcu_add_uni_tlv(skb, UNI_VOW_RX_AT_AIRTIME_CLR_EN, sizeof(*req)); 2349 req = (struct vow_rx_airtime *)tlv; 2350 req->enable = true; 2351 req->band = band_idx; 2352 2353 tlv = mt7996_mcu_add_uni_tlv(skb, UNI_VOW_RX_AT_AIRTIME_EN, sizeof(*req)); 2354 req = (struct vow_rx_airtime *)tlv; 2355 req->enable = true; 2356 req->band = band_idx; 2357 } 2358 2359 static int 2360 mt7996_mcu_init_rx_airtime(struct mt7996_dev *dev) 2361 { 2362 struct uni_header hdr = {}; 2363 struct sk_buff *skb; 2364 int len, num; 2365 2366 num = 2 + 2 * (dev->dbdc_support + dev->tbtc_support); 2367 len = sizeof(hdr) + num * sizeof(struct vow_rx_airtime); 2368 skb = mt76_mcu_msg_alloc(&dev->mt76, NULL, len); 2369 if (!skb) 2370 return -ENOMEM; 2371 2372 skb_put_data(skb, &hdr, sizeof(hdr)); 2373 2374 mt7996_add_rx_airtime_tlv(skb, dev->mt76.phy.band_idx); 2375 2376 if (dev->dbdc_support) 2377 mt7996_add_rx_airtime_tlv(skb, MT_BAND1); 2378 2379 if (dev->tbtc_support) 2380 mt7996_add_rx_airtime_tlv(skb, MT_BAND2); 2381 2382 return mt76_mcu_skb_send_msg(&dev->mt76, skb, 2383 MCU_WM_UNI_CMD(VOW), true); 2384 } 2385 2386 static int 2387 mt7996_mcu_restart(struct mt76_dev *dev) 2388 { 2389 struct { 2390 u8 __rsv1[4]; 2391 2392 __le16 tag; 2393 __le16 len; 2394 u8 power_mode; 2395 u8 __rsv2[3]; 2396 } __packed req = { 2397 .tag = cpu_to_le16(UNI_POWER_OFF), 2398 .len = cpu_to_le16(sizeof(req) - 4), 2399 .power_mode = 1, 2400 }; 2401 2402 return mt76_mcu_send_msg(dev, MCU_WM_UNI_CMD(POWER_CREL), &req, 2403 sizeof(req), false); 2404 } 2405 2406 int mt7996_mcu_init(struct mt7996_dev *dev) 2407 { 2408 static const struct mt76_mcu_ops mt7996_mcu_ops = { 2409 .headroom = sizeof(struct mt76_connac2_mcu_txd), /* reuse */ 2410 .mcu_skb_send_msg = mt7996_mcu_send_message, 2411 .mcu_parse_response = mt7996_mcu_parse_response, 2412 .mcu_restart = mt7996_mcu_restart, 2413 }; 2414 int ret; 2415 2416 dev->mt76.mcu_ops = &mt7996_mcu_ops; 2417 2418 /* force firmware operation mode into normal state, 2419 * which should be set before firmware download stage. 2420 */ 2421 mt76_wr(dev, MT_SWDEF_MODE, MT_SWDEF_NORMAL_MODE); 2422 2423 ret = mt7996_driver_own(dev, 0); 2424 if (ret) 2425 return ret; 2426 /* set driver own for band1 when two hif exist */ 2427 if (dev->hif2) { 2428 ret = mt7996_driver_own(dev, 1); 2429 if (ret) 2430 return ret; 2431 } 2432 2433 ret = mt7996_load_firmware(dev); 2434 if (ret) 2435 return ret; 2436 2437 set_bit(MT76_STATE_MCU_RUNNING, &dev->mphy.state); 2438 ret = mt7996_mcu_fw_log_2_host(dev, MCU_FW_LOG_WM, 0); 2439 if (ret) 2440 return ret; 2441 2442 ret = mt7996_mcu_fw_log_2_host(dev, MCU_FW_LOG_WA, 0); 2443 if (ret) 2444 return ret; 2445 2446 ret = mt7996_mcu_set_mwds(dev, 1); 2447 if (ret) 2448 return ret; 2449 2450 ret = mt7996_mcu_init_rx_airtime(dev); 2451 if (ret) 2452 return ret; 2453 2454 return mt7996_mcu_wa_cmd(dev, MCU_WA_PARAM_CMD(SET), 2455 MCU_WA_PARAM_RED, 0, 0); 2456 } 2457 2458 void mt7996_mcu_exit(struct mt7996_dev *dev) 2459 { 2460 __mt76_mcu_restart(&dev->mt76); 2461 if (mt7996_firmware_state(dev, false)) { 2462 dev_err(dev->mt76.dev, "Failed to exit mcu\n"); 2463 return; 2464 } 2465 2466 mt76_wr(dev, MT_TOP_LPCR_HOST_BAND(0), MT_TOP_LPCR_HOST_FW_OWN); 2467 if (dev->hif2) 2468 mt76_wr(dev, MT_TOP_LPCR_HOST_BAND(1), 2469 MT_TOP_LPCR_HOST_FW_OWN); 2470 skb_queue_purge(&dev->mt76.mcu.res_q); 2471 } 2472 2473 int mt7996_mcu_set_hdr_trans(struct mt7996_dev *dev, bool hdr_trans) 2474 { 2475 struct { 2476 u8 __rsv[4]; 2477 } __packed hdr; 2478 struct hdr_trans_blacklist *req_blacklist; 2479 struct hdr_trans_en *req_en; 2480 struct sk_buff *skb; 2481 struct tlv *tlv; 2482 int len = MT7996_HDR_TRANS_MAX_SIZE + sizeof(hdr); 2483 2484 skb = mt76_mcu_msg_alloc(&dev->mt76, NULL, len); 2485 if (!skb) 2486 return -ENOMEM; 2487 2488 skb_put_data(skb, &hdr, sizeof(hdr)); 2489 2490 tlv = mt7996_mcu_add_uni_tlv(skb, UNI_HDR_TRANS_EN, sizeof(*req_en)); 2491 req_en = (struct hdr_trans_en *)tlv; 2492 req_en->enable = hdr_trans; 2493 2494 tlv = mt7996_mcu_add_uni_tlv(skb, UNI_HDR_TRANS_VLAN, 2495 sizeof(struct hdr_trans_vlan)); 2496 2497 if (hdr_trans) { 2498 tlv = mt7996_mcu_add_uni_tlv(skb, UNI_HDR_TRANS_BLACKLIST, 2499 sizeof(*req_blacklist)); 2500 req_blacklist = (struct hdr_trans_blacklist *)tlv; 2501 req_blacklist->enable = 1; 2502 req_blacklist->type = cpu_to_le16(ETH_P_PAE); 2503 } 2504 2505 return mt76_mcu_skb_send_msg(&dev->mt76, skb, 2506 MCU_WM_UNI_CMD(RX_HDR_TRANS), true); 2507 } 2508 2509 int mt7996_mcu_set_tx(struct mt7996_dev *dev, struct ieee80211_vif *vif) 2510 { 2511 #define MCU_EDCA_AC_PARAM 0 2512 #define WMM_AIFS_SET BIT(0) 2513 #define WMM_CW_MIN_SET BIT(1) 2514 #define WMM_CW_MAX_SET BIT(2) 2515 #define WMM_TXOP_SET BIT(3) 2516 #define WMM_PARAM_SET (WMM_AIFS_SET | WMM_CW_MIN_SET | \ 2517 WMM_CW_MAX_SET | WMM_TXOP_SET) 2518 struct mt7996_vif *mvif = (struct mt7996_vif *)vif->drv_priv; 2519 struct { 2520 u8 bss_idx; 2521 u8 __rsv[3]; 2522 } __packed hdr = { 2523 .bss_idx = mvif->mt76.idx, 2524 }; 2525 struct sk_buff *skb; 2526 int len = sizeof(hdr) + IEEE80211_NUM_ACS * sizeof(struct edca); 2527 int ac; 2528 2529 skb = mt76_mcu_msg_alloc(&dev->mt76, NULL, len); 2530 if (!skb) 2531 return -ENOMEM; 2532 2533 skb_put_data(skb, &hdr, sizeof(hdr)); 2534 2535 for (ac = 0; ac < IEEE80211_NUM_ACS; ac++) { 2536 struct ieee80211_tx_queue_params *q = &mvif->queue_params[ac]; 2537 struct edca *e; 2538 struct tlv *tlv; 2539 2540 tlv = mt7996_mcu_add_uni_tlv(skb, MCU_EDCA_AC_PARAM, sizeof(*e)); 2541 2542 e = (struct edca *)tlv; 2543 e->set = WMM_PARAM_SET; 2544 e->queue = ac + mvif->mt76.wmm_idx * MT7996_MAX_WMM_SETS; 2545 e->aifs = q->aifs; 2546 e->txop = cpu_to_le16(q->txop); 2547 2548 if (q->cw_min) 2549 e->cw_min = fls(q->cw_min); 2550 else 2551 e->cw_min = 5; 2552 2553 if (q->cw_max) 2554 e->cw_max = fls(q->cw_max); 2555 else 2556 e->cw_max = 10; 2557 } 2558 2559 return mt76_mcu_skb_send_msg(&dev->mt76, skb, 2560 MCU_WM_UNI_CMD(EDCA_UPDATE), true); 2561 } 2562 2563 int mt7996_mcu_set_fcc5_lpn(struct mt7996_dev *dev, int val) 2564 { 2565 struct { 2566 u8 _rsv[4]; 2567 2568 __le16 tag; 2569 __le16 len; 2570 2571 __le32 ctrl; 2572 __le16 min_lpn; 2573 u8 rsv[2]; 2574 } __packed req = { 2575 .tag = cpu_to_le16(UNI_RDD_CTRL_SET_TH), 2576 .len = cpu_to_le16(sizeof(req) - 4), 2577 2578 .ctrl = cpu_to_le32(0x1), 2579 .min_lpn = cpu_to_le16(val), 2580 }; 2581 2582 return mt76_mcu_send_msg(&dev->mt76, MCU_WM_UNI_CMD(RDD_CTRL), 2583 &req, sizeof(req), true); 2584 } 2585 2586 int mt7996_mcu_set_pulse_th(struct mt7996_dev *dev, 2587 const struct mt7996_dfs_pulse *pulse) 2588 { 2589 struct { 2590 u8 _rsv[4]; 2591 2592 __le16 tag; 2593 __le16 len; 2594 2595 __le32 ctrl; 2596 2597 __le32 max_width; /* us */ 2598 __le32 max_pwr; /* dbm */ 2599 __le32 min_pwr; /* dbm */ 2600 __le32 min_stgr_pri; /* us */ 2601 __le32 max_stgr_pri; /* us */ 2602 __le32 min_cr_pri; /* us */ 2603 __le32 max_cr_pri; /* us */ 2604 } __packed req = { 2605 .tag = cpu_to_le16(UNI_RDD_CTRL_SET_TH), 2606 .len = cpu_to_le16(sizeof(req) - 4), 2607 2608 .ctrl = cpu_to_le32(0x3), 2609 2610 #define __req_field(field) .field = cpu_to_le32(pulse->field) 2611 __req_field(max_width), 2612 __req_field(max_pwr), 2613 __req_field(min_pwr), 2614 __req_field(min_stgr_pri), 2615 __req_field(max_stgr_pri), 2616 __req_field(min_cr_pri), 2617 __req_field(max_cr_pri), 2618 #undef __req_field 2619 }; 2620 2621 return mt76_mcu_send_msg(&dev->mt76, MCU_WM_UNI_CMD(RDD_CTRL), 2622 &req, sizeof(req), true); 2623 } 2624 2625 int mt7996_mcu_set_radar_th(struct mt7996_dev *dev, int index, 2626 const struct mt7996_dfs_pattern *pattern) 2627 { 2628 struct { 2629 u8 _rsv[4]; 2630 2631 __le16 tag; 2632 __le16 len; 2633 2634 __le32 ctrl; 2635 __le16 radar_type; 2636 2637 u8 enb; 2638 u8 stgr; 2639 u8 min_crpn; 2640 u8 max_crpn; 2641 u8 min_crpr; 2642 u8 min_pw; 2643 __le32 min_pri; 2644 __le32 max_pri; 2645 u8 max_pw; 2646 u8 min_crbn; 2647 u8 max_crbn; 2648 u8 min_stgpn; 2649 u8 max_stgpn; 2650 u8 min_stgpr; 2651 u8 rsv[2]; 2652 __le32 min_stgpr_diff; 2653 } __packed req = { 2654 .tag = cpu_to_le16(UNI_RDD_CTRL_SET_TH), 2655 .len = cpu_to_le16(sizeof(req) - 4), 2656 2657 .ctrl = cpu_to_le32(0x2), 2658 .radar_type = cpu_to_le16(index), 2659 2660 #define __req_field_u8(field) .field = pattern->field 2661 #define __req_field_u32(field) .field = cpu_to_le32(pattern->field) 2662 __req_field_u8(enb), 2663 __req_field_u8(stgr), 2664 __req_field_u8(min_crpn), 2665 __req_field_u8(max_crpn), 2666 __req_field_u8(min_crpr), 2667 __req_field_u8(min_pw), 2668 __req_field_u32(min_pri), 2669 __req_field_u32(max_pri), 2670 __req_field_u8(max_pw), 2671 __req_field_u8(min_crbn), 2672 __req_field_u8(max_crbn), 2673 __req_field_u8(min_stgpn), 2674 __req_field_u8(max_stgpn), 2675 __req_field_u8(min_stgpr), 2676 __req_field_u32(min_stgpr_diff), 2677 #undef __req_field_u8 2678 #undef __req_field_u32 2679 }; 2680 2681 return mt76_mcu_send_msg(&dev->mt76, MCU_WM_UNI_CMD(RDD_CTRL), 2682 &req, sizeof(req), true); 2683 } 2684 2685 static int 2686 mt7996_mcu_background_chain_ctrl(struct mt7996_phy *phy, 2687 struct cfg80211_chan_def *chandef, 2688 int cmd) 2689 { 2690 struct mt7996_dev *dev = phy->dev; 2691 struct mt76_phy *mphy = phy->mt76; 2692 struct ieee80211_channel *chan = mphy->chandef.chan; 2693 int freq = mphy->chandef.center_freq1; 2694 struct mt7996_mcu_background_chain_ctrl req = { 2695 .tag = cpu_to_le16(0), 2696 .len = cpu_to_le16(sizeof(req) - 4), 2697 .monitor_scan_type = 2, /* simple rx */ 2698 }; 2699 2700 if (!chandef && cmd != CH_SWITCH_BACKGROUND_SCAN_STOP) 2701 return -EINVAL; 2702 2703 if (!cfg80211_chandef_valid(&mphy->chandef)) 2704 return -EINVAL; 2705 2706 switch (cmd) { 2707 case CH_SWITCH_BACKGROUND_SCAN_START: { 2708 req.chan = chan->hw_value; 2709 req.central_chan = ieee80211_frequency_to_channel(freq); 2710 req.bw = mt76_connac_chan_bw(&mphy->chandef); 2711 req.monitor_chan = chandef->chan->hw_value; 2712 req.monitor_central_chan = 2713 ieee80211_frequency_to_channel(chandef->center_freq1); 2714 req.monitor_bw = mt76_connac_chan_bw(chandef); 2715 req.band_idx = phy->mt76->band_idx; 2716 req.scan_mode = 1; 2717 break; 2718 } 2719 case CH_SWITCH_BACKGROUND_SCAN_RUNNING: 2720 req.monitor_chan = chandef->chan->hw_value; 2721 req.monitor_central_chan = 2722 ieee80211_frequency_to_channel(chandef->center_freq1); 2723 req.band_idx = phy->mt76->band_idx; 2724 req.scan_mode = 2; 2725 break; 2726 case CH_SWITCH_BACKGROUND_SCAN_STOP: 2727 req.chan = chan->hw_value; 2728 req.central_chan = ieee80211_frequency_to_channel(freq); 2729 req.bw = mt76_connac_chan_bw(&mphy->chandef); 2730 req.tx_stream = hweight8(mphy->antenna_mask); 2731 req.rx_stream = mphy->antenna_mask; 2732 break; 2733 default: 2734 return -EINVAL; 2735 } 2736 req.band = chandef ? chandef->chan->band == NL80211_BAND_5GHZ : 1; 2737 2738 return mt76_mcu_send_msg(&dev->mt76, MCU_WM_UNI_CMD(OFFCH_SCAN_CTRL), 2739 &req, sizeof(req), false); 2740 } 2741 2742 int mt7996_mcu_rdd_background_enable(struct mt7996_phy *phy, 2743 struct cfg80211_chan_def *chandef) 2744 { 2745 struct mt7996_dev *dev = phy->dev; 2746 int err, region; 2747 2748 if (!chandef) { /* disable offchain */ 2749 err = mt7996_mcu_rdd_cmd(dev, RDD_STOP, MT_RX_SEL2, 2750 0, 0); 2751 if (err) 2752 return err; 2753 2754 return mt7996_mcu_background_chain_ctrl(phy, NULL, 2755 CH_SWITCH_BACKGROUND_SCAN_STOP); 2756 } 2757 2758 err = mt7996_mcu_background_chain_ctrl(phy, chandef, 2759 CH_SWITCH_BACKGROUND_SCAN_START); 2760 if (err) 2761 return err; 2762 2763 switch (dev->mt76.region) { 2764 case NL80211_DFS_ETSI: 2765 region = 0; 2766 break; 2767 case NL80211_DFS_JP: 2768 region = 2; 2769 break; 2770 case NL80211_DFS_FCC: 2771 default: 2772 region = 1; 2773 break; 2774 } 2775 2776 return mt7996_mcu_rdd_cmd(dev, RDD_START, MT_RX_SEL2, 2777 0, region); 2778 } 2779 2780 int mt7996_mcu_set_chan_info(struct mt7996_phy *phy, u16 tag) 2781 { 2782 static const u8 ch_band[] = { 2783 [NL80211_BAND_2GHZ] = 0, 2784 [NL80211_BAND_5GHZ] = 1, 2785 [NL80211_BAND_6GHZ] = 2, 2786 }; 2787 struct mt7996_dev *dev = phy->dev; 2788 struct cfg80211_chan_def *chandef = &phy->mt76->chandef; 2789 int freq1 = chandef->center_freq1; 2790 u8 band_idx = phy->mt76->band_idx; 2791 struct { 2792 /* fixed field */ 2793 u8 __rsv[4]; 2794 2795 __le16 tag; 2796 __le16 len; 2797 u8 control_ch; 2798 u8 center_ch; 2799 u8 bw; 2800 u8 tx_path_num; 2801 u8 rx_path; /* mask or num */ 2802 u8 switch_reason; 2803 u8 band_idx; 2804 u8 center_ch2; /* for 80+80 only */ 2805 __le16 cac_case; 2806 u8 channel_band; 2807 u8 rsv0; 2808 __le32 outband_freq; 2809 u8 txpower_drop; 2810 u8 ap_bw; 2811 u8 ap_center_ch; 2812 u8 rsv1[53]; 2813 } __packed req = { 2814 .tag = cpu_to_le16(tag), 2815 .len = cpu_to_le16(sizeof(req) - 4), 2816 .control_ch = chandef->chan->hw_value, 2817 .center_ch = ieee80211_frequency_to_channel(freq1), 2818 .bw = mt76_connac_chan_bw(chandef), 2819 .tx_path_num = hweight16(phy->mt76->chainmask), 2820 .rx_path = phy->mt76->chainmask >> dev->chainshift[band_idx], 2821 .band_idx = band_idx, 2822 .channel_band = ch_band[chandef->chan->band], 2823 }; 2824 2825 if (tag == UNI_CHANNEL_RX_PATH || 2826 dev->mt76.hw->conf.flags & IEEE80211_CONF_MONITOR) 2827 req.switch_reason = CH_SWITCH_NORMAL; 2828 else if (phy->mt76->hw->conf.flags & IEEE80211_CONF_OFFCHANNEL) 2829 req.switch_reason = CH_SWITCH_SCAN_BYPASS_DPD; 2830 else if (!cfg80211_reg_can_beacon(phy->mt76->hw->wiphy, chandef, 2831 NL80211_IFTYPE_AP)) 2832 req.switch_reason = CH_SWITCH_DFS; 2833 else 2834 req.switch_reason = CH_SWITCH_NORMAL; 2835 2836 if (tag == UNI_CHANNEL_SWITCH) 2837 req.rx_path = hweight8(req.rx_path); 2838 2839 if (chandef->width == NL80211_CHAN_WIDTH_80P80) { 2840 int freq2 = chandef->center_freq2; 2841 2842 req.center_ch2 = ieee80211_frequency_to_channel(freq2); 2843 } 2844 2845 return mt76_mcu_send_msg(&dev->mt76, MCU_WMWA_UNI_CMD(CHANNEL_SWITCH), 2846 &req, sizeof(req), true); 2847 } 2848 2849 static int mt7996_mcu_set_eeprom_flash(struct mt7996_dev *dev) 2850 { 2851 #define MAX_PAGE_IDX_MASK GENMASK(7, 5) 2852 #define PAGE_IDX_MASK GENMASK(4, 2) 2853 #define PER_PAGE_SIZE 0x400 2854 struct mt7996_mcu_eeprom req = { 2855 .tag = cpu_to_le16(UNI_EFUSE_BUFFER_MODE), 2856 .buffer_mode = EE_MODE_BUFFER 2857 }; 2858 u16 eeprom_size = MT7996_EEPROM_SIZE; 2859 u8 total = DIV_ROUND_UP(eeprom_size, PER_PAGE_SIZE); 2860 u8 *eep = (u8 *)dev->mt76.eeprom.data; 2861 int eep_len, i; 2862 2863 for (i = 0; i < total; i++, eep += eep_len) { 2864 struct sk_buff *skb; 2865 int ret, msg_len; 2866 2867 if (i == total - 1 && !!(eeprom_size % PER_PAGE_SIZE)) 2868 eep_len = eeprom_size % PER_PAGE_SIZE; 2869 else 2870 eep_len = PER_PAGE_SIZE; 2871 2872 msg_len = sizeof(req) + eep_len; 2873 skb = mt76_mcu_msg_alloc(&dev->mt76, NULL, msg_len); 2874 if (!skb) 2875 return -ENOMEM; 2876 2877 req.len = cpu_to_le16(msg_len - 4); 2878 req.format = FIELD_PREP(MAX_PAGE_IDX_MASK, total - 1) | 2879 FIELD_PREP(PAGE_IDX_MASK, i) | EE_FORMAT_WHOLE; 2880 req.buf_len = cpu_to_le16(eep_len); 2881 2882 skb_put_data(skb, &req, sizeof(req)); 2883 skb_put_data(skb, eep, eep_len); 2884 2885 ret = mt76_mcu_skb_send_msg(&dev->mt76, skb, 2886 MCU_WM_UNI_CMD(EFUSE_CTRL), true); 2887 if (ret) 2888 return ret; 2889 } 2890 2891 return 0; 2892 } 2893 2894 int mt7996_mcu_set_eeprom(struct mt7996_dev *dev) 2895 { 2896 struct mt7996_mcu_eeprom req = { 2897 .tag = cpu_to_le16(UNI_EFUSE_BUFFER_MODE), 2898 .len = cpu_to_le16(sizeof(req) - 4), 2899 .buffer_mode = EE_MODE_EFUSE, 2900 .format = EE_FORMAT_WHOLE 2901 }; 2902 2903 if (dev->flash_mode) 2904 return mt7996_mcu_set_eeprom_flash(dev); 2905 2906 return mt76_mcu_send_msg(&dev->mt76, MCU_WM_UNI_CMD(EFUSE_CTRL), 2907 &req, sizeof(req), true); 2908 } 2909 2910 int mt7996_mcu_get_eeprom(struct mt7996_dev *dev, u32 offset) 2911 { 2912 struct { 2913 u8 _rsv[4]; 2914 2915 __le16 tag; 2916 __le16 len; 2917 __le32 addr; 2918 __le32 valid; 2919 u8 data[16]; 2920 } __packed req = { 2921 .tag = cpu_to_le16(UNI_EFUSE_ACCESS), 2922 .len = cpu_to_le16(sizeof(req) - 4), 2923 .addr = cpu_to_le32(round_down(offset, 2924 MT7996_EEPROM_BLOCK_SIZE)), 2925 }; 2926 struct sk_buff *skb; 2927 bool valid; 2928 int ret; 2929 2930 ret = mt76_mcu_send_and_get_msg(&dev->mt76, 2931 MCU_WM_UNI_CMD_QUERY(EFUSE_CTRL), 2932 &req, sizeof(req), true, &skb); 2933 if (ret) 2934 return ret; 2935 2936 valid = le32_to_cpu(*(__le32 *)(skb->data + 16)); 2937 if (valid) { 2938 u32 addr = le32_to_cpu(*(__le32 *)(skb->data + 12)); 2939 u8 *buf = (u8 *)dev->mt76.eeprom.data + addr; 2940 2941 skb_pull(skb, 64); 2942 memcpy(buf, skb->data, MT7996_EEPROM_BLOCK_SIZE); 2943 } 2944 2945 dev_kfree_skb(skb); 2946 2947 return 0; 2948 } 2949 2950 int mt7996_mcu_get_eeprom_free_block(struct mt7996_dev *dev, u8 *block_num) 2951 { 2952 struct { 2953 u8 _rsv[4]; 2954 2955 __le16 tag; 2956 __le16 len; 2957 u8 num; 2958 u8 version; 2959 u8 die_idx; 2960 u8 _rsv2; 2961 } __packed req = { 2962 .tag = cpu_to_le16(UNI_EFUSE_FREE_BLOCK), 2963 .len = cpu_to_le16(sizeof(req) - 4), 2964 .version = 2, 2965 }; 2966 struct sk_buff *skb; 2967 int ret; 2968 2969 ret = mt76_mcu_send_and_get_msg(&dev->mt76, MCU_WM_UNI_CMD_QUERY(EFUSE_CTRL), &req, 2970 sizeof(req), true, &skb); 2971 if (ret) 2972 return ret; 2973 2974 *block_num = *(u8 *)(skb->data + 8); 2975 dev_kfree_skb(skb); 2976 2977 return 0; 2978 } 2979 2980 int mt7996_mcu_get_chan_mib_info(struct mt7996_phy *phy, bool chan_switch) 2981 { 2982 struct { 2983 struct { 2984 u8 band; 2985 u8 __rsv[3]; 2986 } hdr; 2987 struct { 2988 __le16 tag; 2989 __le16 len; 2990 __le32 offs; 2991 } data[4]; 2992 } __packed req = { 2993 .hdr.band = phy->mt76->band_idx, 2994 }; 2995 /* strict order */ 2996 static const u32 offs[] = { 2997 UNI_MIB_TX_TIME, 2998 UNI_MIB_RX_TIME, 2999 UNI_MIB_OBSS_AIRTIME, 3000 UNI_MIB_NON_WIFI_TIME, 3001 }; 3002 struct mt76_channel_state *state = phy->mt76->chan_state; 3003 struct mt76_channel_state *state_ts = &phy->state_ts; 3004 struct mt7996_dev *dev = phy->dev; 3005 struct mt7996_mcu_mib *res; 3006 struct sk_buff *skb; 3007 int i, ret; 3008 3009 for (i = 0; i < 4; i++) { 3010 req.data[i].tag = cpu_to_le16(UNI_CMD_MIB_DATA); 3011 req.data[i].len = cpu_to_le16(sizeof(req.data[i])); 3012 req.data[i].offs = cpu_to_le32(offs[i]); 3013 } 3014 3015 ret = mt76_mcu_send_and_get_msg(&dev->mt76, MCU_WM_UNI_CMD_QUERY(GET_MIB_INFO), 3016 &req, sizeof(req), true, &skb); 3017 if (ret) 3018 return ret; 3019 3020 skb_pull(skb, sizeof(req.hdr)); 3021 3022 res = (struct mt7996_mcu_mib *)(skb->data); 3023 3024 if (chan_switch) 3025 goto out; 3026 3027 #define __res_u64(s) le64_to_cpu(res[s].data) 3028 state->cc_tx += __res_u64(1) - state_ts->cc_tx; 3029 state->cc_bss_rx += __res_u64(2) - state_ts->cc_bss_rx; 3030 state->cc_rx += __res_u64(2) + __res_u64(3) - state_ts->cc_rx; 3031 state->cc_busy += __res_u64(0) + __res_u64(1) + __res_u64(2) + __res_u64(3) - 3032 state_ts->cc_busy; 3033 3034 out: 3035 state_ts->cc_tx = __res_u64(1); 3036 state_ts->cc_bss_rx = __res_u64(2); 3037 state_ts->cc_rx = __res_u64(2) + __res_u64(3); 3038 state_ts->cc_busy = __res_u64(0) + __res_u64(1) + __res_u64(2) + __res_u64(3); 3039 #undef __res_u64 3040 3041 dev_kfree_skb(skb); 3042 3043 return 0; 3044 } 3045 3046 int mt7996_mcu_set_ser(struct mt7996_dev *dev, u8 action, u8 val, u8 band) 3047 { 3048 struct { 3049 u8 rsv[4]; 3050 3051 __le16 tag; 3052 __le16 len; 3053 3054 union { 3055 struct { 3056 __le32 mask; 3057 } __packed set; 3058 3059 struct { 3060 u8 method; 3061 u8 band; 3062 u8 rsv2[2]; 3063 } __packed trigger; 3064 }; 3065 } __packed req = { 3066 .tag = cpu_to_le16(action), 3067 .len = cpu_to_le16(sizeof(req) - 4), 3068 }; 3069 3070 switch (action) { 3071 case UNI_CMD_SER_SET: 3072 req.set.mask = cpu_to_le32(val); 3073 break; 3074 case UNI_CMD_SER_TRIGGER: 3075 req.trigger.method = val; 3076 req.trigger.band = band; 3077 break; 3078 default: 3079 return -EINVAL; 3080 } 3081 3082 return mt76_mcu_send_msg(&dev->mt76, MCU_WM_UNI_CMD(SER), 3083 &req, sizeof(req), false); 3084 } 3085 3086 int mt7996_mcu_set_txbf(struct mt7996_dev *dev, u8 action) 3087 { 3088 #define MT7996_BF_MAX_SIZE sizeof(union bf_tag_tlv) 3089 #define BF_PROCESSING 4 3090 struct uni_header hdr; 3091 struct sk_buff *skb; 3092 struct tlv *tlv; 3093 int len = sizeof(hdr) + MT7996_BF_MAX_SIZE; 3094 3095 memset(&hdr, 0, sizeof(hdr)); 3096 3097 skb = mt76_mcu_msg_alloc(&dev->mt76, NULL, len); 3098 if (!skb) 3099 return -ENOMEM; 3100 3101 skb_put_data(skb, &hdr, sizeof(hdr)); 3102 3103 switch (action) { 3104 case BF_SOUNDING_ON: { 3105 struct bf_sounding_on *req_snd_on; 3106 3107 tlv = mt7996_mcu_add_uni_tlv(skb, action, sizeof(*req_snd_on)); 3108 req_snd_on = (struct bf_sounding_on *)tlv; 3109 req_snd_on->snd_mode = BF_PROCESSING; 3110 break; 3111 } 3112 case BF_HW_EN_UPDATE: { 3113 struct bf_hw_en_status_update *req_hw_en; 3114 3115 tlv = mt7996_mcu_add_uni_tlv(skb, action, sizeof(*req_hw_en)); 3116 req_hw_en = (struct bf_hw_en_status_update *)tlv; 3117 req_hw_en->ebf = true; 3118 req_hw_en->ibf = dev->ibf; 3119 break; 3120 } 3121 case BF_MOD_EN_CTRL: { 3122 struct bf_mod_en_ctrl *req_mod_en; 3123 3124 tlv = mt7996_mcu_add_uni_tlv(skb, action, sizeof(*req_mod_en)); 3125 req_mod_en = (struct bf_mod_en_ctrl *)tlv; 3126 req_mod_en->bf_num = 2; 3127 req_mod_en->bf_bitmap = GENMASK(0, 0); 3128 break; 3129 } 3130 default: 3131 return -EINVAL; 3132 } 3133 3134 return mt76_mcu_skb_send_msg(&dev->mt76, skb, MCU_WM_UNI_CMD(BF), true); 3135 } 3136 3137 static int 3138 mt7996_mcu_enable_obss_spr(struct mt7996_phy *phy, u16 action, u8 val) 3139 { 3140 struct mt7996_dev *dev = phy->dev; 3141 struct { 3142 u8 band_idx; 3143 u8 __rsv[3]; 3144 3145 __le16 tag; 3146 __le16 len; 3147 3148 __le32 val; 3149 } __packed req = { 3150 .band_idx = phy->mt76->band_idx, 3151 .tag = cpu_to_le16(action), 3152 .len = cpu_to_le16(sizeof(req) - 4), 3153 .val = cpu_to_le32(val), 3154 }; 3155 3156 return mt76_mcu_send_msg(&dev->mt76, MCU_WM_UNI_CMD(SR), 3157 &req, sizeof(req), true); 3158 } 3159 3160 static int 3161 mt7996_mcu_set_obss_spr_pd(struct mt7996_phy *phy, 3162 struct ieee80211_he_obss_pd *he_obss_pd) 3163 { 3164 struct mt7996_dev *dev = phy->dev; 3165 u8 max_th = 82, non_srg_max_th = 62; 3166 struct { 3167 u8 band_idx; 3168 u8 __rsv[3]; 3169 3170 __le16 tag; 3171 __le16 len; 3172 3173 u8 pd_th_non_srg; 3174 u8 pd_th_srg; 3175 u8 period_offs; 3176 u8 rcpi_src; 3177 __le16 obss_pd_min; 3178 __le16 obss_pd_min_srg; 3179 u8 resp_txpwr_mode; 3180 u8 txpwr_restrict_mode; 3181 u8 txpwr_ref; 3182 u8 __rsv2[3]; 3183 } __packed req = { 3184 .band_idx = phy->mt76->band_idx, 3185 .tag = cpu_to_le16(UNI_CMD_SR_SET_PARAM), 3186 .len = cpu_to_le16(sizeof(req) - 4), 3187 .obss_pd_min = cpu_to_le16(max_th), 3188 .obss_pd_min_srg = cpu_to_le16(max_th), 3189 .txpwr_restrict_mode = 2, 3190 .txpwr_ref = 21 3191 }; 3192 int ret; 3193 3194 /* disable firmware dynamical PD asjustment */ 3195 ret = mt7996_mcu_enable_obss_spr(phy, UNI_CMD_SR_ENABLE_DPD, false); 3196 if (ret) 3197 return ret; 3198 3199 if (he_obss_pd->sr_ctrl & 3200 IEEE80211_HE_SPR_NON_SRG_OBSS_PD_SR_DISALLOWED) 3201 req.pd_th_non_srg = max_th; 3202 else if (he_obss_pd->sr_ctrl & IEEE80211_HE_SPR_NON_SRG_OFFSET_PRESENT) 3203 req.pd_th_non_srg = max_th - he_obss_pd->non_srg_max_offset; 3204 else 3205 req.pd_th_non_srg = non_srg_max_th; 3206 3207 if (he_obss_pd->sr_ctrl & IEEE80211_HE_SPR_SRG_INFORMATION_PRESENT) 3208 req.pd_th_srg = max_th - he_obss_pd->max_offset; 3209 3210 return mt76_mcu_send_msg(&dev->mt76, MCU_WM_UNI_CMD(SR), 3211 &req, sizeof(req), true); 3212 } 3213 3214 static int 3215 mt7996_mcu_set_obss_spr_siga(struct mt7996_phy *phy, struct ieee80211_vif *vif, 3216 struct ieee80211_he_obss_pd *he_obss_pd) 3217 { 3218 struct mt7996_vif *mvif = (struct mt7996_vif *)vif->drv_priv; 3219 struct mt7996_dev *dev = phy->dev; 3220 u8 omac = mvif->mt76.omac_idx; 3221 struct { 3222 u8 band_idx; 3223 u8 __rsv[3]; 3224 3225 __le16 tag; 3226 __le16 len; 3227 3228 u8 omac; 3229 u8 __rsv2[3]; 3230 u8 flag[20]; 3231 } __packed req = { 3232 .band_idx = phy->mt76->band_idx, 3233 .tag = cpu_to_le16(UNI_CMD_SR_SET_SIGA), 3234 .len = cpu_to_le16(sizeof(req) - 4), 3235 .omac = omac > HW_BSSID_MAX ? omac - 12 : omac, 3236 }; 3237 int ret; 3238 3239 if (he_obss_pd->sr_ctrl & IEEE80211_HE_SPR_HESIGA_SR_VAL15_ALLOWED) 3240 req.flag[req.omac] = 0xf; 3241 else 3242 return 0; 3243 3244 /* switch to normal AP mode */ 3245 ret = mt7996_mcu_enable_obss_spr(phy, UNI_CMD_SR_ENABLE_MODE, 0); 3246 if (ret) 3247 return ret; 3248 3249 return mt76_mcu_send_msg(&dev->mt76, MCU_WM_UNI_CMD(SR), 3250 &req, sizeof(req), true); 3251 } 3252 3253 static int 3254 mt7996_mcu_set_obss_spr_bitmap(struct mt7996_phy *phy, 3255 struct ieee80211_he_obss_pd *he_obss_pd) 3256 { 3257 struct mt7996_dev *dev = phy->dev; 3258 struct { 3259 u8 band_idx; 3260 u8 __rsv[3]; 3261 3262 __le16 tag; 3263 __le16 len; 3264 3265 __le32 color_l[2]; 3266 __le32 color_h[2]; 3267 __le32 bssid_l[2]; 3268 __le32 bssid_h[2]; 3269 } __packed req = { 3270 .band_idx = phy->mt76->band_idx, 3271 .tag = cpu_to_le16(UNI_CMD_SR_SET_SRG_BITMAP), 3272 .len = cpu_to_le16(sizeof(req) - 4), 3273 }; 3274 u32 bitmap; 3275 3276 memcpy(&bitmap, he_obss_pd->bss_color_bitmap, sizeof(bitmap)); 3277 req.color_l[req.band_idx] = cpu_to_le32(bitmap); 3278 3279 memcpy(&bitmap, he_obss_pd->bss_color_bitmap + 4, sizeof(bitmap)); 3280 req.color_h[req.band_idx] = cpu_to_le32(bitmap); 3281 3282 memcpy(&bitmap, he_obss_pd->partial_bssid_bitmap, sizeof(bitmap)); 3283 req.bssid_l[req.band_idx] = cpu_to_le32(bitmap); 3284 3285 memcpy(&bitmap, he_obss_pd->partial_bssid_bitmap + 4, sizeof(bitmap)); 3286 req.bssid_h[req.band_idx] = cpu_to_le32(bitmap); 3287 3288 return mt76_mcu_send_msg(&dev->mt76, MCU_WM_UNI_CMD(SR), &req, 3289 sizeof(req), true); 3290 } 3291 3292 int mt7996_mcu_add_obss_spr(struct mt7996_phy *phy, struct ieee80211_vif *vif, 3293 struct ieee80211_he_obss_pd *he_obss_pd) 3294 { 3295 int ret; 3296 3297 /* enable firmware scene detection algorithms */ 3298 ret = mt7996_mcu_enable_obss_spr(phy, UNI_CMD_SR_ENABLE_SD, 3299 sr_scene_detect); 3300 if (ret) 3301 return ret; 3302 3303 /* firmware dynamically adjusts PD threshold so skip manual control */ 3304 if (sr_scene_detect && !he_obss_pd->enable) 3305 return 0; 3306 3307 /* enable spatial reuse */ 3308 ret = mt7996_mcu_enable_obss_spr(phy, UNI_CMD_SR_ENABLE, 3309 he_obss_pd->enable); 3310 if (ret) 3311 return ret; 3312 3313 if (sr_scene_detect || !he_obss_pd->enable) 3314 return 0; 3315 3316 ret = mt7996_mcu_enable_obss_spr(phy, UNI_CMD_SR_ENABLE_TX, true); 3317 if (ret) 3318 return ret; 3319 3320 /* set SRG/non-SRG OBSS PD threshold */ 3321 ret = mt7996_mcu_set_obss_spr_pd(phy, he_obss_pd); 3322 if (ret) 3323 return ret; 3324 3325 /* Set SR prohibit */ 3326 ret = mt7996_mcu_set_obss_spr_siga(phy, vif, he_obss_pd); 3327 if (ret) 3328 return ret; 3329 3330 /* set SRG BSS color/BSSID bitmap */ 3331 return mt7996_mcu_set_obss_spr_bitmap(phy, he_obss_pd); 3332 } 3333 3334 int mt7996_mcu_update_bss_color(struct mt7996_dev *dev, struct ieee80211_vif *vif, 3335 struct cfg80211_he_bss_color *he_bss_color) 3336 { 3337 int len = sizeof(struct bss_req_hdr) + sizeof(struct bss_color_tlv); 3338 struct mt7996_vif *mvif = (struct mt7996_vif *)vif->drv_priv; 3339 struct bss_color_tlv *bss_color; 3340 struct sk_buff *skb; 3341 struct tlv *tlv; 3342 3343 skb = __mt7996_mcu_alloc_bss_req(&dev->mt76, &mvif->mt76, len); 3344 if (IS_ERR(skb)) 3345 return PTR_ERR(skb); 3346 3347 tlv = mt76_connac_mcu_add_tlv(skb, UNI_BSS_INFO_BSS_COLOR, 3348 sizeof(*bss_color)); 3349 bss_color = (struct bss_color_tlv *)tlv; 3350 bss_color->enable = he_bss_color->enabled; 3351 bss_color->color = he_bss_color->color; 3352 3353 return mt76_mcu_skb_send_msg(&dev->mt76, skb, 3354 MCU_WMWA_UNI_CMD(BSS_INFO_UPDATE), true); 3355 } 3356 3357 #define TWT_AGRT_TRIGGER BIT(0) 3358 #define TWT_AGRT_ANNOUNCE BIT(1) 3359 #define TWT_AGRT_PROTECT BIT(2) 3360 3361 int mt7996_mcu_twt_agrt_update(struct mt7996_dev *dev, 3362 struct mt7996_vif *mvif, 3363 struct mt7996_twt_flow *flow, 3364 int cmd) 3365 { 3366 struct { 3367 u8 _rsv[4]; 3368 3369 __le16 tag; 3370 __le16 len; 3371 u8 tbl_idx; 3372 u8 cmd; 3373 u8 own_mac_idx; 3374 u8 flowid; /* 0xff for group id */ 3375 __le16 peer_id; /* specify the peer_id (msb=0) 3376 * or group_id (msb=1) 3377 */ 3378 u8 duration; /* 256 us */ 3379 u8 bss_idx; 3380 __le64 start_tsf; 3381 __le16 mantissa; 3382 u8 exponent; 3383 u8 is_ap; 3384 u8 agrt_params; 3385 u8 __rsv2[135]; 3386 } __packed req = { 3387 .tag = cpu_to_le16(UNI_CMD_TWT_ARGT_UPDATE), 3388 .len = cpu_to_le16(sizeof(req) - 4), 3389 .tbl_idx = flow->table_id, 3390 .cmd = cmd, 3391 .own_mac_idx = mvif->mt76.omac_idx, 3392 .flowid = flow->id, 3393 .peer_id = cpu_to_le16(flow->wcid), 3394 .duration = flow->duration, 3395 .bss_idx = mvif->mt76.idx, 3396 .start_tsf = cpu_to_le64(flow->tsf), 3397 .mantissa = flow->mantissa, 3398 .exponent = flow->exp, 3399 .is_ap = true, 3400 }; 3401 3402 if (flow->protection) 3403 req.agrt_params |= TWT_AGRT_PROTECT; 3404 if (!flow->flowtype) 3405 req.agrt_params |= TWT_AGRT_ANNOUNCE; 3406 if (flow->trigger) 3407 req.agrt_params |= TWT_AGRT_TRIGGER; 3408 3409 return mt76_mcu_send_msg(&dev->mt76, MCU_WM_UNI_CMD(TWT), 3410 &req, sizeof(req), true); 3411 } 3412 3413 void mt7996_mcu_set_pm(void *priv, u8 *mac, struct ieee80211_vif *vif) 3414 { 3415 #define EXIT_PM_STATE 0 3416 #define ENTER_PM_STATE 1 3417 struct ieee80211_hw *hw = priv; 3418 struct mt7996_dev *dev = mt7996_hw_dev(hw); 3419 struct mt7996_phy *phy = mt7996_hw_phy(hw); 3420 struct mt7996_vif *mvif = (struct mt7996_vif *)vif->drv_priv; 3421 struct bss_power_save *ps; 3422 struct sk_buff *skb; 3423 struct tlv *tlv; 3424 bool running = test_bit(MT76_STATE_RUNNING, &phy->mt76->state); 3425 3426 skb = __mt7996_mcu_alloc_bss_req(&dev->mt76, &mvif->mt76, 3427 MT7996_BSS_UPDATE_MAX_SIZE); 3428 if (IS_ERR(skb)) 3429 return; 3430 3431 tlv = mt7996_mcu_add_uni_tlv(skb, UNI_BSS_INFO_PS, sizeof(*ps)); 3432 ps = (struct bss_power_save *)tlv; 3433 ps->profile = running ? EXIT_PM_STATE : ENTER_PM_STATE; 3434 3435 mt76_mcu_skb_send_msg(&dev->mt76, skb, 3436 MCU_WMWA_UNI_CMD(BSS_INFO_UPDATE), true); 3437 } 3438 3439 int mt7996_mcu_set_rts_thresh(struct mt7996_phy *phy, u32 val) 3440 { 3441 struct { 3442 u8 band_idx; 3443 u8 _rsv[3]; 3444 3445 __le16 tag; 3446 __le16 len; 3447 __le32 len_thresh; 3448 __le32 pkt_thresh; 3449 } __packed req = { 3450 .band_idx = phy->mt76->band_idx, 3451 .tag = cpu_to_le16(UNI_BAND_CONFIG_RTS_THRESHOLD), 3452 .len = cpu_to_le16(sizeof(req) - 4), 3453 .len_thresh = cpu_to_le32(val), 3454 .pkt_thresh = cpu_to_le32(0x2), 3455 }; 3456 3457 return mt76_mcu_send_msg(&phy->dev->mt76, MCU_WM_UNI_CMD(BAND_CONFIG), 3458 &req, sizeof(req), true); 3459 } 3460 3461 int mt7996_mcu_set_radio_en(struct mt7996_phy *phy, bool enable) 3462 { 3463 struct { 3464 u8 band_idx; 3465 u8 _rsv[3]; 3466 3467 __le16 tag; 3468 __le16 len; 3469 u8 enable; 3470 u8 _rsv2[3]; 3471 } __packed req = { 3472 .band_idx = phy->mt76->band_idx, 3473 .tag = cpu_to_le16(UNI_BAND_CONFIG_RADIO_ENABLE), 3474 .len = cpu_to_le16(sizeof(req) - 4), 3475 .enable = enable, 3476 }; 3477 3478 return mt76_mcu_send_msg(&phy->dev->mt76, MCU_WM_UNI_CMD(BAND_CONFIG), 3479 &req, sizeof(req), true); 3480 } 3481 3482 int mt7996_mcu_rdd_cmd(struct mt7996_dev *dev, int cmd, u8 index, 3483 u8 rx_sel, u8 val) 3484 { 3485 struct { 3486 u8 _rsv[4]; 3487 3488 __le16 tag; 3489 __le16 len; 3490 3491 u8 ctrl; 3492 u8 rdd_idx; 3493 u8 rdd_rx_sel; 3494 u8 val; 3495 u8 rsv[4]; 3496 } __packed req = { 3497 .tag = cpu_to_le16(UNI_RDD_CTRL_PARM), 3498 .len = cpu_to_le16(sizeof(req) - 4), 3499 .ctrl = cmd, 3500 .rdd_idx = index, 3501 .rdd_rx_sel = rx_sel, 3502 .val = val, 3503 }; 3504 3505 return mt76_mcu_send_msg(&dev->mt76, MCU_WM_UNI_CMD(RDD_CTRL), 3506 &req, sizeof(req), true); 3507 } 3508 3509 int mt7996_mcu_wtbl_update_hdr_trans(struct mt7996_dev *dev, 3510 struct ieee80211_vif *vif, 3511 struct ieee80211_sta *sta) 3512 { 3513 struct mt7996_vif *mvif = (struct mt7996_vif *)vif->drv_priv; 3514 struct mt7996_sta *msta; 3515 struct sk_buff *skb; 3516 3517 msta = sta ? (struct mt7996_sta *)sta->drv_priv : &mvif->sta; 3518 3519 skb = __mt76_connac_mcu_alloc_sta_req(&dev->mt76, &mvif->mt76, 3520 &msta->wcid, 3521 MT7996_STA_UPDATE_MAX_SIZE); 3522 if (IS_ERR(skb)) 3523 return PTR_ERR(skb); 3524 3525 /* starec hdr trans */ 3526 mt7996_mcu_sta_hdr_trans_tlv(dev, skb, vif, sta); 3527 return mt76_mcu_skb_send_msg(&dev->mt76, skb, 3528 MCU_WMWA_UNI_CMD(STA_REC_UPDATE), true); 3529 } 3530 3531 int mt7996_mcu_rf_regval(struct mt7996_dev *dev, u32 regidx, u32 *val, bool set) 3532 { 3533 struct { 3534 u8 __rsv1[4]; 3535 3536 __le16 tag; 3537 __le16 len; 3538 __le16 idx; 3539 u8 __rsv2[2]; 3540 __le32 ofs; 3541 __le32 data; 3542 } __packed *res, req = { 3543 .tag = cpu_to_le16(UNI_CMD_ACCESS_RF_REG_BASIC), 3544 .len = cpu_to_le16(sizeof(req) - 4), 3545 3546 .idx = cpu_to_le16(u32_get_bits(regidx, GENMASK(31, 24))), 3547 .ofs = cpu_to_le32(u32_get_bits(regidx, GENMASK(23, 0))), 3548 .data = set ? cpu_to_le32(*val) : 0, 3549 }; 3550 struct sk_buff *skb; 3551 int ret; 3552 3553 if (set) 3554 return mt76_mcu_send_msg(&dev->mt76, MCU_WM_UNI_CMD(REG_ACCESS), 3555 &req, sizeof(req), true); 3556 3557 ret = mt76_mcu_send_and_get_msg(&dev->mt76, 3558 MCU_WM_UNI_CMD_QUERY(REG_ACCESS), 3559 &req, sizeof(req), true, &skb); 3560 if (ret) 3561 return ret; 3562 3563 res = (void *)skb->data; 3564 *val = le32_to_cpu(res->data); 3565 dev_kfree_skb(skb); 3566 3567 return 0; 3568 } 3569 3570 int mt7996_mcu_set_rro(struct mt7996_dev *dev, u16 tag, u8 val) 3571 { 3572 struct { 3573 u8 __rsv1[4]; 3574 3575 __le16 tag; 3576 __le16 len; 3577 3578 union { 3579 struct { 3580 u8 type; 3581 u8 __rsv2[3]; 3582 } __packed platform_type; 3583 struct { 3584 u8 type; 3585 u8 dest; 3586 u8 __rsv2[2]; 3587 } __packed bypass_mode; 3588 struct { 3589 u8 path; 3590 u8 __rsv2[3]; 3591 } __packed txfree_path; 3592 }; 3593 } __packed req = { 3594 .tag = cpu_to_le16(tag), 3595 .len = cpu_to_le16(sizeof(req) - 4), 3596 }; 3597 3598 switch (tag) { 3599 case UNI_RRO_SET_PLATFORM_TYPE: 3600 req.platform_type.type = val; 3601 break; 3602 case UNI_RRO_SET_BYPASS_MODE: 3603 req.bypass_mode.type = val; 3604 break; 3605 case UNI_RRO_SET_TXFREE_PATH: 3606 req.txfree_path.path = val; 3607 break; 3608 default: 3609 return -EINVAL; 3610 } 3611 3612 return mt76_mcu_send_msg(&dev->mt76, MCU_WM_UNI_CMD(RRO), &req, 3613 sizeof(req), true); 3614 } 3615