1 // SPDX-License-Identifier: ISC 2 /* 3 * Copyright (C) 2022 MediaTek Inc. 4 */ 5 6 #include <linux/firmware.h> 7 #include <linux/fs.h> 8 #include "mt7996.h" 9 #include "mcu.h" 10 #include "mac.h" 11 #include "eeprom.h" 12 13 struct mt7996_patch_hdr { 14 char build_date[16]; 15 char platform[4]; 16 __be32 hw_sw_ver; 17 __be32 patch_ver; 18 __be16 checksum; 19 u16 reserved; 20 struct { 21 __be32 patch_ver; 22 __be32 subsys; 23 __be32 feature; 24 __be32 n_region; 25 __be32 crc; 26 u32 reserved[11]; 27 } desc; 28 } __packed; 29 30 struct mt7996_patch_sec { 31 __be32 type; 32 __be32 offs; 33 __be32 size; 34 union { 35 __be32 spec[13]; 36 struct { 37 __be32 addr; 38 __be32 len; 39 __be32 sec_key_idx; 40 __be32 align_len; 41 u32 reserved[9]; 42 } info; 43 }; 44 } __packed; 45 46 struct mt7996_fw_trailer { 47 u8 chip_id; 48 u8 eco_code; 49 u8 n_region; 50 u8 format_ver; 51 u8 format_flag; 52 u8 reserved[2]; 53 char fw_ver[10]; 54 char build_date[15]; 55 u32 crc; 56 } __packed; 57 58 struct mt7996_fw_region { 59 __le32 decomp_crc; 60 __le32 decomp_len; 61 __le32 decomp_blk_sz; 62 u8 reserved[4]; 63 __le32 addr; 64 __le32 len; 65 u8 feature_set; 66 u8 reserved1[15]; 67 } __packed; 68 69 #define MCU_PATCH_ADDRESS 0x200000 70 71 #define HE_PHY(p, c) u8_get_bits(c, IEEE80211_HE_PHY_##p) 72 #define HE_MAC(m, c) u8_get_bits(c, IEEE80211_HE_MAC_##m) 73 #define EHT_PHY(p, c) u8_get_bits(c, IEEE80211_EHT_PHY_##p) 74 75 static bool sr_scene_detect = true; 76 module_param(sr_scene_detect, bool, 0644); 77 MODULE_PARM_DESC(sr_scene_detect, "Enable firmware scene detection algorithm"); 78 79 static u8 80 mt7996_mcu_get_sta_nss(u16 mcs_map) 81 { 82 u8 nss; 83 84 for (nss = 8; nss > 0; nss--) { 85 u8 nss_mcs = (mcs_map >> (2 * (nss - 1))) & 3; 86 87 if (nss_mcs != IEEE80211_VHT_MCS_NOT_SUPPORTED) 88 break; 89 } 90 91 return nss - 1; 92 } 93 94 static void 95 mt7996_mcu_set_sta_he_mcs(struct ieee80211_sta *sta, __le16 *he_mcs, 96 u16 mcs_map) 97 { 98 struct mt7996_sta *msta = (struct mt7996_sta *)sta->drv_priv; 99 enum nl80211_band band = msta->vif->phy->mt76->chandef.chan->band; 100 const u16 *mask = msta->vif->bitrate_mask.control[band].he_mcs; 101 int nss, max_nss = sta->deflink.rx_nss > 3 ? 4 : sta->deflink.rx_nss; 102 103 for (nss = 0; nss < max_nss; nss++) { 104 int mcs; 105 106 switch ((mcs_map >> (2 * nss)) & 0x3) { 107 case IEEE80211_HE_MCS_SUPPORT_0_11: 108 mcs = GENMASK(11, 0); 109 break; 110 case IEEE80211_HE_MCS_SUPPORT_0_9: 111 mcs = GENMASK(9, 0); 112 break; 113 case IEEE80211_HE_MCS_SUPPORT_0_7: 114 mcs = GENMASK(7, 0); 115 break; 116 default: 117 mcs = 0; 118 } 119 120 mcs = mcs ? fls(mcs & mask[nss]) - 1 : -1; 121 122 switch (mcs) { 123 case 0 ... 7: 124 mcs = IEEE80211_HE_MCS_SUPPORT_0_7; 125 break; 126 case 8 ... 9: 127 mcs = IEEE80211_HE_MCS_SUPPORT_0_9; 128 break; 129 case 10 ... 11: 130 mcs = IEEE80211_HE_MCS_SUPPORT_0_11; 131 break; 132 default: 133 mcs = IEEE80211_HE_MCS_NOT_SUPPORTED; 134 break; 135 } 136 mcs_map &= ~(0x3 << (nss * 2)); 137 mcs_map |= mcs << (nss * 2); 138 } 139 140 *he_mcs = cpu_to_le16(mcs_map); 141 } 142 143 static void 144 mt7996_mcu_set_sta_vht_mcs(struct ieee80211_sta *sta, __le16 *vht_mcs, 145 const u16 *mask) 146 { 147 u16 mcs, mcs_map = le16_to_cpu(sta->deflink.vht_cap.vht_mcs.rx_mcs_map); 148 int nss, max_nss = sta->deflink.rx_nss > 3 ? 4 : sta->deflink.rx_nss; 149 150 for (nss = 0; nss < max_nss; nss++, mcs_map >>= 2) { 151 switch (mcs_map & 0x3) { 152 case IEEE80211_VHT_MCS_SUPPORT_0_9: 153 mcs = GENMASK(9, 0); 154 break; 155 case IEEE80211_VHT_MCS_SUPPORT_0_8: 156 mcs = GENMASK(8, 0); 157 break; 158 case IEEE80211_VHT_MCS_SUPPORT_0_7: 159 mcs = GENMASK(7, 0); 160 break; 161 default: 162 mcs = 0; 163 } 164 165 vht_mcs[nss] = cpu_to_le16(mcs & mask[nss]); 166 } 167 } 168 169 static void 170 mt7996_mcu_set_sta_ht_mcs(struct ieee80211_sta *sta, u8 *ht_mcs, 171 const u8 *mask) 172 { 173 int nss, max_nss = sta->deflink.rx_nss > 3 ? 4 : sta->deflink.rx_nss; 174 175 for (nss = 0; nss < max_nss; nss++) 176 ht_mcs[nss] = sta->deflink.ht_cap.mcs.rx_mask[nss] & mask[nss]; 177 } 178 179 static int 180 mt7996_mcu_parse_response(struct mt76_dev *mdev, int cmd, 181 struct sk_buff *skb, int seq) 182 { 183 struct mt7996_mcu_rxd *rxd; 184 struct mt7996_mcu_uni_event *event; 185 int mcu_cmd = FIELD_GET(__MCU_CMD_FIELD_ID, cmd); 186 int ret = 0; 187 188 if (!skb) { 189 dev_err(mdev->dev, "Message %08x (seq %d) timeout\n", 190 cmd, seq); 191 return -ETIMEDOUT; 192 } 193 194 rxd = (struct mt7996_mcu_rxd *)skb->data; 195 if (seq != rxd->seq) 196 return -EAGAIN; 197 198 if (cmd == MCU_CMD(PATCH_SEM_CONTROL)) { 199 skb_pull(skb, sizeof(*rxd) - 4); 200 ret = *skb->data; 201 } else if ((rxd->option & MCU_UNI_CMD_EVENT) && 202 rxd->eid == MCU_UNI_EVENT_RESULT) { 203 skb_pull(skb, sizeof(*rxd)); 204 event = (struct mt7996_mcu_uni_event *)skb->data; 205 ret = le32_to_cpu(event->status); 206 /* skip invalid event */ 207 if (mcu_cmd != event->cid) 208 ret = -EAGAIN; 209 } else { 210 skb_pull(skb, sizeof(struct mt7996_mcu_rxd)); 211 } 212 213 return ret; 214 } 215 216 static int 217 mt7996_mcu_send_message(struct mt76_dev *mdev, struct sk_buff *skb, 218 int cmd, int *wait_seq) 219 { 220 struct mt7996_dev *dev = container_of(mdev, struct mt7996_dev, mt76); 221 int txd_len, mcu_cmd = FIELD_GET(__MCU_CMD_FIELD_ID, cmd); 222 struct mt76_connac2_mcu_uni_txd *uni_txd; 223 struct mt76_connac2_mcu_txd *mcu_txd; 224 enum mt76_mcuq_id qid; 225 __le32 *txd; 226 u32 val; 227 u8 seq; 228 229 mdev->mcu.timeout = 20 * HZ; 230 231 seq = ++dev->mt76.mcu.msg_seq & 0xf; 232 if (!seq) 233 seq = ++dev->mt76.mcu.msg_seq & 0xf; 234 235 if (cmd == MCU_CMD(FW_SCATTER)) { 236 qid = MT_MCUQ_FWDL; 237 goto exit; 238 } 239 240 txd_len = cmd & __MCU_CMD_FIELD_UNI ? sizeof(*uni_txd) : sizeof(*mcu_txd); 241 txd = (__le32 *)skb_push(skb, txd_len); 242 if (test_bit(MT76_STATE_MCU_RUNNING, &dev->mphy.state)) 243 qid = MT_MCUQ_WA; 244 else 245 qid = MT_MCUQ_WM; 246 247 val = FIELD_PREP(MT_TXD0_TX_BYTES, skb->len) | 248 FIELD_PREP(MT_TXD0_PKT_FMT, MT_TX_TYPE_CMD) | 249 FIELD_PREP(MT_TXD0_Q_IDX, MT_TX_MCU_PORT_RX_Q0); 250 txd[0] = cpu_to_le32(val); 251 252 val = FIELD_PREP(MT_TXD1_HDR_FORMAT, MT_HDR_FORMAT_CMD); 253 txd[1] = cpu_to_le32(val); 254 255 if (cmd & __MCU_CMD_FIELD_UNI) { 256 uni_txd = (struct mt76_connac2_mcu_uni_txd *)txd; 257 uni_txd->len = cpu_to_le16(skb->len - sizeof(uni_txd->txd)); 258 uni_txd->cid = cpu_to_le16(mcu_cmd); 259 uni_txd->s2d_index = MCU_S2D_H2CN; 260 uni_txd->pkt_type = MCU_PKT_ID; 261 uni_txd->seq = seq; 262 263 if (cmd & __MCU_CMD_FIELD_QUERY) 264 uni_txd->option = MCU_CMD_UNI_QUERY_ACK; 265 else 266 uni_txd->option = MCU_CMD_UNI_EXT_ACK; 267 268 if ((cmd & __MCU_CMD_FIELD_WA) && (cmd & __MCU_CMD_FIELD_WM)) 269 uni_txd->s2d_index = MCU_S2D_H2CN; 270 else if (cmd & __MCU_CMD_FIELD_WA) 271 uni_txd->s2d_index = MCU_S2D_H2C; 272 else if (cmd & __MCU_CMD_FIELD_WM) 273 uni_txd->s2d_index = MCU_S2D_H2N; 274 275 goto exit; 276 } 277 278 mcu_txd = (struct mt76_connac2_mcu_txd *)txd; 279 mcu_txd->len = cpu_to_le16(skb->len - sizeof(mcu_txd->txd)); 280 mcu_txd->pq_id = cpu_to_le16(MCU_PQ_ID(MT_TX_PORT_IDX_MCU, 281 MT_TX_MCU_PORT_RX_Q0)); 282 mcu_txd->pkt_type = MCU_PKT_ID; 283 mcu_txd->seq = seq; 284 285 mcu_txd->cid = FIELD_GET(__MCU_CMD_FIELD_ID, cmd); 286 mcu_txd->set_query = MCU_Q_NA; 287 mcu_txd->ext_cid = FIELD_GET(__MCU_CMD_FIELD_EXT_ID, cmd); 288 if (mcu_txd->ext_cid) { 289 mcu_txd->ext_cid_ack = 1; 290 291 if (cmd & __MCU_CMD_FIELD_QUERY) 292 mcu_txd->set_query = MCU_Q_QUERY; 293 else 294 mcu_txd->set_query = MCU_Q_SET; 295 } 296 297 if (cmd & __MCU_CMD_FIELD_WA) 298 mcu_txd->s2d_index = MCU_S2D_H2C; 299 else 300 mcu_txd->s2d_index = MCU_S2D_H2N; 301 302 exit: 303 if (wait_seq) 304 *wait_seq = seq; 305 306 return mt76_tx_queue_skb_raw(dev, mdev->q_mcu[qid], skb, 0); 307 } 308 309 int mt7996_mcu_wa_cmd(struct mt7996_dev *dev, int cmd, u32 a1, u32 a2, u32 a3) 310 { 311 struct { 312 __le32 args[3]; 313 } req = { 314 .args = { 315 cpu_to_le32(a1), 316 cpu_to_le32(a2), 317 cpu_to_le32(a3), 318 }, 319 }; 320 321 return mt76_mcu_send_msg(&dev->mt76, cmd, &req, sizeof(req), false); 322 } 323 324 static void 325 mt7996_mcu_csa_finish(void *priv, u8 *mac, struct ieee80211_vif *vif) 326 { 327 if (vif->bss_conf.csa_active) 328 ieee80211_csa_finish(vif); 329 } 330 331 static void 332 mt7996_mcu_rx_radar_detected(struct mt7996_dev *dev, struct sk_buff *skb) 333 { 334 struct mt76_phy *mphy = &dev->mt76.phy; 335 struct mt7996_mcu_rdd_report *r; 336 337 r = (struct mt7996_mcu_rdd_report *)skb->data; 338 339 if (r->band_idx >= ARRAY_SIZE(dev->mt76.phys)) 340 return; 341 342 if (r->band_idx == MT_RX_SEL2 && !dev->rdd2_phy) 343 return; 344 345 if (r->band_idx == MT_RX_SEL2) 346 mphy = dev->rdd2_phy->mt76; 347 else 348 mphy = dev->mt76.phys[r->band_idx]; 349 350 if (!mphy) 351 return; 352 353 if (r->band_idx == MT_RX_SEL2) 354 cfg80211_background_radar_event(mphy->hw->wiphy, 355 &dev->rdd2_chandef, 356 GFP_ATOMIC); 357 else 358 ieee80211_radar_detected(mphy->hw); 359 dev->hw_pattern++; 360 } 361 362 static void 363 mt7996_mcu_rx_log_message(struct mt7996_dev *dev, struct sk_buff *skb) 364 { 365 #define UNI_EVENT_FW_LOG_FORMAT 0 366 struct mt7996_mcu_rxd *rxd = (struct mt7996_mcu_rxd *)skb->data; 367 const char *data = (char *)&rxd[1] + 4, *type; 368 struct tlv *tlv = (struct tlv *)data; 369 int len; 370 371 if (!(rxd->option & MCU_UNI_CMD_EVENT)) { 372 len = skb->len - sizeof(*rxd); 373 data = (char *)&rxd[1]; 374 goto out; 375 } 376 377 if (le16_to_cpu(tlv->tag) != UNI_EVENT_FW_LOG_FORMAT) 378 return; 379 380 data += sizeof(*tlv) + 4; 381 len = le16_to_cpu(tlv->len) - sizeof(*tlv) - 4; 382 383 out: 384 switch (rxd->s2d_index) { 385 case 0: 386 if (mt7996_debugfs_rx_log(dev, data, len)) 387 return; 388 389 type = "WM"; 390 break; 391 case 2: 392 type = "WA"; 393 break; 394 default: 395 type = "unknown"; 396 break; 397 } 398 399 wiphy_info(mt76_hw(dev)->wiphy, "%s: %.*s", type, len, data); 400 } 401 402 static void 403 mt7996_mcu_cca_finish(void *priv, u8 *mac, struct ieee80211_vif *vif) 404 { 405 if (!vif->bss_conf.color_change_active) 406 return; 407 408 ieee80211_color_change_finish(vif); 409 } 410 411 static void 412 mt7996_mcu_ie_countdown(struct mt7996_dev *dev, struct sk_buff *skb) 413 { 414 #define UNI_EVENT_IE_COUNTDOWN_CSA 0 415 #define UNI_EVENT_IE_COUNTDOWN_BCC 1 416 struct header { 417 u8 band; 418 u8 rsv[3]; 419 }; 420 struct mt76_phy *mphy = &dev->mt76.phy; 421 struct mt7996_mcu_rxd *rxd = (struct mt7996_mcu_rxd *)skb->data; 422 const char *data = (char *)&rxd[1], *tail; 423 struct header *hdr = (struct header *)data; 424 struct tlv *tlv = (struct tlv *)(data + 4); 425 426 if (hdr->band >= ARRAY_SIZE(dev->mt76.phys)) 427 return; 428 429 if (hdr->band && dev->mt76.phys[hdr->band]) 430 mphy = dev->mt76.phys[hdr->band]; 431 432 tail = skb->data + skb->len; 433 data += sizeof(struct header); 434 while (data + sizeof(struct tlv) < tail && le16_to_cpu(tlv->len)) { 435 switch (le16_to_cpu(tlv->tag)) { 436 case UNI_EVENT_IE_COUNTDOWN_CSA: 437 ieee80211_iterate_active_interfaces_atomic(mphy->hw, 438 IEEE80211_IFACE_ITER_RESUME_ALL, 439 mt7996_mcu_csa_finish, mphy->hw); 440 break; 441 case UNI_EVENT_IE_COUNTDOWN_BCC: 442 ieee80211_iterate_active_interfaces_atomic(mphy->hw, 443 IEEE80211_IFACE_ITER_RESUME_ALL, 444 mt7996_mcu_cca_finish, mphy->hw); 445 break; 446 } 447 448 data += le16_to_cpu(tlv->len); 449 tlv = (struct tlv *)data; 450 } 451 } 452 453 static void 454 mt7996_mcu_rx_ext_event(struct mt7996_dev *dev, struct sk_buff *skb) 455 { 456 struct mt7996_mcu_rxd *rxd = (struct mt7996_mcu_rxd *)skb->data; 457 458 switch (rxd->ext_eid) { 459 case MCU_EXT_EVENT_FW_LOG_2_HOST: 460 mt7996_mcu_rx_log_message(dev, skb); 461 break; 462 default: 463 break; 464 } 465 } 466 467 static void 468 mt7996_mcu_rx_unsolicited_event(struct mt7996_dev *dev, struct sk_buff *skb) 469 { 470 struct mt7996_mcu_rxd *rxd = (struct mt7996_mcu_rxd *)skb->data; 471 472 switch (rxd->eid) { 473 case MCU_EVENT_EXT: 474 mt7996_mcu_rx_ext_event(dev, skb); 475 break; 476 default: 477 break; 478 } 479 dev_kfree_skb(skb); 480 } 481 482 static void 483 mt7996_mcu_uni_rx_unsolicited_event(struct mt7996_dev *dev, struct sk_buff *skb) 484 { 485 struct mt7996_mcu_rxd *rxd = (struct mt7996_mcu_rxd *)skb->data; 486 487 switch (rxd->eid) { 488 case MCU_UNI_EVENT_FW_LOG_2_HOST: 489 mt7996_mcu_rx_log_message(dev, skb); 490 break; 491 case MCU_UNI_EVENT_IE_COUNTDOWN: 492 mt7996_mcu_ie_countdown(dev, skb); 493 break; 494 case MCU_UNI_EVENT_RDD_REPORT: 495 mt7996_mcu_rx_radar_detected(dev, skb); 496 break; 497 default: 498 break; 499 } 500 dev_kfree_skb(skb); 501 } 502 503 void mt7996_mcu_rx_event(struct mt7996_dev *dev, struct sk_buff *skb) 504 { 505 struct mt7996_mcu_rxd *rxd = (struct mt7996_mcu_rxd *)skb->data; 506 507 if (rxd->option & MCU_UNI_CMD_UNSOLICITED_EVENT) { 508 mt7996_mcu_uni_rx_unsolicited_event(dev, skb); 509 return; 510 } 511 512 /* WA still uses legacy event*/ 513 if (rxd->ext_eid == MCU_EXT_EVENT_FW_LOG_2_HOST || 514 !rxd->seq) 515 mt7996_mcu_rx_unsolicited_event(dev, skb); 516 else 517 mt76_mcu_rx_event(&dev->mt76, skb); 518 } 519 520 static struct tlv * 521 mt7996_mcu_add_uni_tlv(struct sk_buff *skb, u16 tag, u16 len) 522 { 523 struct tlv *ptlv, tlv = { 524 .tag = cpu_to_le16(tag), 525 .len = cpu_to_le16(len), 526 }; 527 528 ptlv = skb_put(skb, len); 529 memcpy(ptlv, &tlv, sizeof(tlv)); 530 531 return ptlv; 532 } 533 534 static void 535 mt7996_mcu_bss_rfch_tlv(struct sk_buff *skb, struct ieee80211_vif *vif, 536 struct mt7996_phy *phy) 537 { 538 static const u8 rlm_ch_band[] = { 539 [NL80211_BAND_2GHZ] = 1, 540 [NL80211_BAND_5GHZ] = 2, 541 [NL80211_BAND_6GHZ] = 3, 542 }; 543 struct cfg80211_chan_def *chandef = &phy->mt76->chandef; 544 struct bss_rlm_tlv *ch; 545 struct tlv *tlv; 546 int freq1 = chandef->center_freq1; 547 548 tlv = mt7996_mcu_add_uni_tlv(skb, UNI_BSS_INFO_RLM, sizeof(*ch)); 549 550 ch = (struct bss_rlm_tlv *)tlv; 551 ch->control_channel = chandef->chan->hw_value; 552 ch->center_chan = ieee80211_frequency_to_channel(freq1); 553 ch->bw = mt76_connac_chan_bw(chandef); 554 ch->tx_streams = hweight8(phy->mt76->antenna_mask); 555 ch->rx_streams = hweight8(phy->mt76->antenna_mask); 556 ch->band = rlm_ch_band[chandef->chan->band]; 557 558 if (chandef->width == NL80211_CHAN_WIDTH_80P80) { 559 int freq2 = chandef->center_freq2; 560 561 ch->center_chan2 = ieee80211_frequency_to_channel(freq2); 562 } 563 } 564 565 static void 566 mt7996_mcu_bss_ra_tlv(struct sk_buff *skb, struct ieee80211_vif *vif, 567 struct mt7996_phy *phy) 568 { 569 struct bss_ra_tlv *ra; 570 struct tlv *tlv; 571 572 tlv = mt7996_mcu_add_uni_tlv(skb, UNI_BSS_INFO_RA, sizeof(*ra)); 573 574 ra = (struct bss_ra_tlv *)tlv; 575 ra->short_preamble = true; 576 } 577 578 static void 579 mt7996_mcu_bss_he_tlv(struct sk_buff *skb, struct ieee80211_vif *vif, 580 struct mt7996_phy *phy) 581 { 582 #define DEFAULT_HE_PE_DURATION 4 583 #define DEFAULT_HE_DURATION_RTS_THRES 1023 584 const struct ieee80211_sta_he_cap *cap; 585 struct bss_info_uni_he *he; 586 struct tlv *tlv; 587 588 cap = mt76_connac_get_he_phy_cap(phy->mt76, vif); 589 590 tlv = mt7996_mcu_add_uni_tlv(skb, UNI_BSS_INFO_HE_BASIC, sizeof(*he)); 591 592 he = (struct bss_info_uni_he *)tlv; 593 he->he_pe_duration = vif->bss_conf.htc_trig_based_pkt_ext; 594 if (!he->he_pe_duration) 595 he->he_pe_duration = DEFAULT_HE_PE_DURATION; 596 597 he->he_rts_thres = cpu_to_le16(vif->bss_conf.frame_time_rts_th); 598 if (!he->he_rts_thres) 599 he->he_rts_thres = cpu_to_le16(DEFAULT_HE_DURATION_RTS_THRES); 600 601 he->max_nss_mcs[CMD_HE_MCS_BW80] = cap->he_mcs_nss_supp.tx_mcs_80; 602 he->max_nss_mcs[CMD_HE_MCS_BW160] = cap->he_mcs_nss_supp.tx_mcs_160; 603 he->max_nss_mcs[CMD_HE_MCS_BW8080] = cap->he_mcs_nss_supp.tx_mcs_80p80; 604 } 605 606 static void 607 mt7996_mcu_bss_bmc_tlv(struct sk_buff *skb, struct ieee80211_vif *vif, 608 struct mt7996_phy *phy) 609 { 610 struct mt76_vif *mvif = (struct mt76_vif *)vif->drv_priv; 611 struct bss_rate_tlv *bmc; 612 struct cfg80211_chan_def *chandef = &phy->mt76->chandef; 613 enum nl80211_band band = chandef->chan->band; 614 struct tlv *tlv; 615 u8 idx = mvif->mcast_rates_idx ? 616 mvif->mcast_rates_idx : mvif->basic_rates_idx; 617 618 tlv = mt7996_mcu_add_uni_tlv(skb, UNI_BSS_INFO_RATE, sizeof(*bmc)); 619 620 bmc = (struct bss_rate_tlv *)tlv; 621 622 bmc->short_preamble = (band == NL80211_BAND_2GHZ); 623 bmc->bc_fixed_rate = idx; 624 bmc->mc_fixed_rate = idx; 625 } 626 627 static void 628 mt7996_mcu_bss_txcmd_tlv(struct sk_buff *skb, bool en) 629 { 630 struct bss_txcmd_tlv *txcmd; 631 struct tlv *tlv; 632 633 tlv = mt7996_mcu_add_uni_tlv(skb, UNI_BSS_INFO_TXCMD, sizeof(*txcmd)); 634 635 txcmd = (struct bss_txcmd_tlv *)tlv; 636 txcmd->txcmd_mode = en; 637 } 638 639 static void 640 mt7996_mcu_bss_mld_tlv(struct sk_buff *skb, struct ieee80211_vif *vif) 641 { 642 struct mt7996_vif *mvif = (struct mt7996_vif *)vif->drv_priv; 643 struct bss_mld_tlv *mld; 644 struct tlv *tlv; 645 646 tlv = mt7996_mcu_add_uni_tlv(skb, UNI_BSS_INFO_MLD, sizeof(*mld)); 647 648 mld = (struct bss_mld_tlv *)tlv; 649 mld->group_mld_id = 0xff; 650 mld->own_mld_id = mvif->mt76.idx; 651 mld->remap_idx = 0xff; 652 } 653 654 static void 655 mt7996_mcu_bss_sec_tlv(struct sk_buff *skb, struct ieee80211_vif *vif) 656 { 657 struct mt76_vif *mvif = (struct mt76_vif *)vif->drv_priv; 658 struct bss_sec_tlv *sec; 659 struct tlv *tlv; 660 661 tlv = mt7996_mcu_add_uni_tlv(skb, UNI_BSS_INFO_SEC, sizeof(*sec)); 662 663 sec = (struct bss_sec_tlv *)tlv; 664 sec->cipher = mvif->cipher; 665 } 666 667 static int 668 mt7996_mcu_muar_config(struct mt7996_phy *phy, struct ieee80211_vif *vif, 669 bool bssid, bool enable) 670 { 671 #define UNI_MUAR_ENTRY 2 672 struct mt7996_dev *dev = phy->dev; 673 struct mt7996_vif *mvif = (struct mt7996_vif *)vif->drv_priv; 674 u32 idx = mvif->mt76.omac_idx - REPEATER_BSSID_START; 675 const u8 *addr = vif->addr; 676 677 struct { 678 struct { 679 u8 band; 680 u8 __rsv[3]; 681 } hdr; 682 683 __le16 tag; 684 __le16 len; 685 686 bool smesh; 687 u8 bssid; 688 u8 index; 689 u8 entry_add; 690 u8 addr[ETH_ALEN]; 691 u8 __rsv[2]; 692 } __packed req = { 693 .hdr.band = phy->mt76->band_idx, 694 .tag = cpu_to_le16(UNI_MUAR_ENTRY), 695 .len = cpu_to_le16(sizeof(req) - sizeof(req.hdr)), 696 .smesh = false, 697 .index = idx * 2 + bssid, 698 .entry_add = true, 699 }; 700 701 if (bssid) 702 addr = vif->bss_conf.bssid; 703 704 if (enable) 705 memcpy(req.addr, addr, ETH_ALEN); 706 707 return mt76_mcu_send_msg(&dev->mt76, MCU_WM_UNI_CMD(REPT_MUAR), &req, 708 sizeof(req), true); 709 } 710 711 static void 712 mt7996_mcu_bss_ifs_timing_tlv(struct sk_buff *skb, struct ieee80211_vif *vif) 713 { 714 struct mt7996_vif *mvif = (struct mt7996_vif *)vif->drv_priv; 715 struct mt7996_phy *phy = mvif->phy; 716 struct bss_ifs_time_tlv *ifs_time; 717 struct tlv *tlv; 718 bool is_2ghz = phy->mt76->chandef.chan->band == NL80211_BAND_2GHZ; 719 720 tlv = mt7996_mcu_add_uni_tlv(skb, UNI_BSS_INFO_IFS_TIME, sizeof(*ifs_time)); 721 722 ifs_time = (struct bss_ifs_time_tlv *)tlv; 723 ifs_time->slot_valid = true; 724 ifs_time->sifs_valid = true; 725 ifs_time->rifs_valid = true; 726 ifs_time->eifs_valid = true; 727 728 ifs_time->slot_time = cpu_to_le16(phy->slottime); 729 ifs_time->sifs_time = cpu_to_le16(10); 730 ifs_time->rifs_time = cpu_to_le16(2); 731 ifs_time->eifs_time = cpu_to_le16(is_2ghz ? 78 : 84); 732 733 if (is_2ghz) { 734 ifs_time->eifs_cck_valid = true; 735 ifs_time->eifs_cck_time = cpu_to_le16(314); 736 } 737 } 738 739 static int 740 mt7996_mcu_bss_basic_tlv(struct sk_buff *skb, 741 struct ieee80211_vif *vif, 742 struct ieee80211_sta *sta, 743 struct mt76_phy *phy, u16 wlan_idx, 744 bool enable) 745 { 746 struct mt76_vif *mvif = (struct mt76_vif *)vif->drv_priv; 747 struct cfg80211_chan_def *chandef = &phy->chandef; 748 struct mt76_connac_bss_basic_tlv *bss; 749 u32 type = CONNECTION_INFRA_AP; 750 u16 sta_wlan_idx = wlan_idx; 751 struct tlv *tlv; 752 int idx; 753 754 switch (vif->type) { 755 case NL80211_IFTYPE_MESH_POINT: 756 case NL80211_IFTYPE_AP: 757 case NL80211_IFTYPE_MONITOR: 758 break; 759 case NL80211_IFTYPE_STATION: 760 if (enable) { 761 rcu_read_lock(); 762 if (!sta) 763 sta = ieee80211_find_sta(vif, 764 vif->bss_conf.bssid); 765 /* TODO: enable BSS_INFO_UAPSD & BSS_INFO_PM */ 766 if (sta) { 767 struct mt76_wcid *wcid; 768 769 wcid = (struct mt76_wcid *)sta->drv_priv; 770 sta_wlan_idx = wcid->idx; 771 } 772 rcu_read_unlock(); 773 } 774 type = CONNECTION_INFRA_STA; 775 break; 776 case NL80211_IFTYPE_ADHOC: 777 type = CONNECTION_IBSS_ADHOC; 778 break; 779 default: 780 WARN_ON(1); 781 break; 782 } 783 784 tlv = mt7996_mcu_add_uni_tlv(skb, UNI_BSS_INFO_BASIC, sizeof(*bss)); 785 786 bss = (struct mt76_connac_bss_basic_tlv *)tlv; 787 bss->bcn_interval = cpu_to_le16(vif->bss_conf.beacon_int); 788 bss->dtim_period = vif->bss_conf.dtim_period; 789 bss->bmc_tx_wlan_idx = cpu_to_le16(wlan_idx); 790 bss->sta_idx = cpu_to_le16(sta_wlan_idx); 791 bss->conn_type = cpu_to_le32(type); 792 bss->omac_idx = mvif->omac_idx; 793 bss->band_idx = mvif->band_idx; 794 bss->wmm_idx = mvif->wmm_idx; 795 bss->conn_state = !enable; 796 bss->active = enable; 797 798 idx = mvif->omac_idx > EXT_BSSID_START ? HW_BSSID_0 : mvif->omac_idx; 799 bss->hw_bss_idx = idx; 800 801 if (vif->type == NL80211_IFTYPE_MONITOR) { 802 memcpy(bss->bssid, phy->macaddr, ETH_ALEN); 803 return 0; 804 } 805 806 memcpy(bss->bssid, vif->bss_conf.bssid, ETH_ALEN); 807 bss->bcn_interval = cpu_to_le16(vif->bss_conf.beacon_int); 808 bss->dtim_period = vif->bss_conf.dtim_period; 809 bss->phymode = mt76_connac_get_phy_mode(phy, vif, 810 chandef->chan->band, NULL); 811 bss->phymode_ext = mt76_connac_get_phy_mode_ext(phy, vif, 812 chandef->chan->band); 813 814 return 0; 815 } 816 817 static struct sk_buff * 818 __mt7996_mcu_alloc_bss_req(struct mt76_dev *dev, struct mt76_vif *mvif, int len) 819 { 820 struct bss_req_hdr hdr = { 821 .bss_idx = mvif->idx, 822 }; 823 struct sk_buff *skb; 824 825 skb = mt76_mcu_msg_alloc(dev, NULL, len); 826 if (!skb) 827 return ERR_PTR(-ENOMEM); 828 829 skb_put_data(skb, &hdr, sizeof(hdr)); 830 831 return skb; 832 } 833 834 int mt7996_mcu_add_bss_info(struct mt7996_phy *phy, 835 struct ieee80211_vif *vif, int enable) 836 { 837 struct mt7996_vif *mvif = (struct mt7996_vif *)vif->drv_priv; 838 struct mt7996_dev *dev = phy->dev; 839 struct sk_buff *skb; 840 841 if (mvif->mt76.omac_idx >= REPEATER_BSSID_START) { 842 mt7996_mcu_muar_config(phy, vif, false, enable); 843 mt7996_mcu_muar_config(phy, vif, true, enable); 844 } 845 846 skb = __mt7996_mcu_alloc_bss_req(&dev->mt76, &mvif->mt76, 847 MT7996_BSS_UPDATE_MAX_SIZE); 848 if (IS_ERR(skb)) 849 return PTR_ERR(skb); 850 851 /* bss_basic must be first */ 852 mt7996_mcu_bss_basic_tlv(skb, vif, NULL, phy->mt76, 853 mvif->sta.wcid.idx, enable); 854 mt7996_mcu_bss_sec_tlv(skb, vif); 855 856 if (vif->type == NL80211_IFTYPE_MONITOR) 857 goto out; 858 859 if (enable) { 860 mt7996_mcu_bss_rfch_tlv(skb, vif, phy); 861 mt7996_mcu_bss_bmc_tlv(skb, vif, phy); 862 mt7996_mcu_bss_ra_tlv(skb, vif, phy); 863 mt7996_mcu_bss_txcmd_tlv(skb, true); 864 mt7996_mcu_bss_ifs_timing_tlv(skb, vif); 865 866 if (vif->bss_conf.he_support) 867 mt7996_mcu_bss_he_tlv(skb, vif, phy); 868 869 /* this tag is necessary no matter if the vif is MLD */ 870 mt7996_mcu_bss_mld_tlv(skb, vif); 871 } 872 out: 873 return mt76_mcu_skb_send_msg(&dev->mt76, skb, 874 MCU_WMWA_UNI_CMD(BSS_INFO_UPDATE), true); 875 } 876 877 int mt7996_mcu_set_timing(struct mt7996_phy *phy, struct ieee80211_vif *vif) 878 { 879 struct mt7996_vif *mvif = (struct mt7996_vif *)vif->drv_priv; 880 struct mt7996_dev *dev = phy->dev; 881 struct sk_buff *skb; 882 883 skb = __mt7996_mcu_alloc_bss_req(&dev->mt76, &mvif->mt76, 884 MT7996_BSS_UPDATE_MAX_SIZE); 885 if (IS_ERR(skb)) 886 return PTR_ERR(skb); 887 888 mt7996_mcu_bss_ifs_timing_tlv(skb, vif); 889 890 return mt76_mcu_skb_send_msg(&dev->mt76, skb, 891 MCU_WMWA_UNI_CMD(BSS_INFO_UPDATE), true); 892 } 893 894 static int 895 mt7996_mcu_sta_ba(struct mt76_dev *dev, struct mt76_vif *mvif, 896 struct ieee80211_ampdu_params *params, 897 bool enable, bool tx) 898 { 899 struct mt76_wcid *wcid = (struct mt76_wcid *)params->sta->drv_priv; 900 struct sta_rec_ba_uni *ba; 901 struct sk_buff *skb; 902 struct tlv *tlv; 903 904 skb = __mt76_connac_mcu_alloc_sta_req(dev, mvif, wcid, 905 MT7996_STA_UPDATE_MAX_SIZE); 906 if (IS_ERR(skb)) 907 return PTR_ERR(skb); 908 909 tlv = mt76_connac_mcu_add_tlv(skb, STA_REC_BA, sizeof(*ba)); 910 911 ba = (struct sta_rec_ba_uni *)tlv; 912 ba->ba_type = tx ? MT_BA_TYPE_ORIGINATOR : MT_BA_TYPE_RECIPIENT; 913 ba->winsize = cpu_to_le16(params->buf_size); 914 ba->ssn = cpu_to_le16(params->ssn); 915 ba->ba_en = enable << params->tid; 916 ba->amsdu = params->amsdu; 917 ba->tid = params->tid; 918 919 return mt76_mcu_skb_send_msg(dev, skb, 920 MCU_WMWA_UNI_CMD(STA_REC_UPDATE), true); 921 } 922 923 /** starec & wtbl **/ 924 int mt7996_mcu_add_tx_ba(struct mt7996_dev *dev, 925 struct ieee80211_ampdu_params *params, 926 bool enable) 927 { 928 struct mt7996_sta *msta = (struct mt7996_sta *)params->sta->drv_priv; 929 struct mt7996_vif *mvif = msta->vif; 930 931 if (enable && !params->amsdu) 932 msta->wcid.amsdu = false; 933 934 return mt7996_mcu_sta_ba(&dev->mt76, &mvif->mt76, params, 935 enable, true); 936 } 937 938 int mt7996_mcu_add_rx_ba(struct mt7996_dev *dev, 939 struct ieee80211_ampdu_params *params, 940 bool enable) 941 { 942 struct mt7996_sta *msta = (struct mt7996_sta *)params->sta->drv_priv; 943 struct mt7996_vif *mvif = msta->vif; 944 945 return mt7996_mcu_sta_ba(&dev->mt76, &mvif->mt76, params, 946 enable, false); 947 } 948 949 static void 950 mt7996_mcu_sta_he_tlv(struct sk_buff *skb, struct ieee80211_sta *sta) 951 { 952 struct ieee80211_he_cap_elem *elem = &sta->deflink.he_cap.he_cap_elem; 953 struct ieee80211_he_mcs_nss_supp mcs_map; 954 struct sta_rec_he_v2 *he; 955 struct tlv *tlv; 956 int i = 0; 957 958 if (!sta->deflink.he_cap.has_he) 959 return; 960 961 tlv = mt76_connac_mcu_add_tlv(skb, STA_REC_HE_V2, sizeof(*he)); 962 963 he = (struct sta_rec_he_v2 *)tlv; 964 for (i = 0; i < 11; i++) { 965 if (i < 6) 966 he->he_mac_cap[i] = elem->mac_cap_info[i]; 967 he->he_phy_cap[i] = elem->phy_cap_info[i]; 968 } 969 970 mcs_map = sta->deflink.he_cap.he_mcs_nss_supp; 971 switch (sta->deflink.bandwidth) { 972 case IEEE80211_STA_RX_BW_160: 973 if (elem->phy_cap_info[0] & 974 IEEE80211_HE_PHY_CAP0_CHANNEL_WIDTH_SET_80PLUS80_MHZ_IN_5G) 975 mt7996_mcu_set_sta_he_mcs(sta, 976 &he->max_nss_mcs[CMD_HE_MCS_BW8080], 977 le16_to_cpu(mcs_map.rx_mcs_80p80)); 978 979 mt7996_mcu_set_sta_he_mcs(sta, 980 &he->max_nss_mcs[CMD_HE_MCS_BW160], 981 le16_to_cpu(mcs_map.rx_mcs_160)); 982 fallthrough; 983 default: 984 mt7996_mcu_set_sta_he_mcs(sta, 985 &he->max_nss_mcs[CMD_HE_MCS_BW80], 986 le16_to_cpu(mcs_map.rx_mcs_80)); 987 break; 988 } 989 990 he->pkt_ext = 2; 991 } 992 993 static void 994 mt7996_mcu_sta_he_6g_tlv(struct sk_buff *skb, struct ieee80211_sta *sta) 995 { 996 struct sta_rec_he_6g_capa *he_6g; 997 struct tlv *tlv; 998 999 if (!sta->deflink.he_6ghz_capa.capa) 1000 return; 1001 1002 tlv = mt76_connac_mcu_add_tlv(skb, STA_REC_HE_6G, sizeof(*he_6g)); 1003 1004 he_6g = (struct sta_rec_he_6g_capa *)tlv; 1005 he_6g->capa = sta->deflink.he_6ghz_capa.capa; 1006 } 1007 1008 static void 1009 mt7996_mcu_sta_eht_tlv(struct sk_buff *skb, struct ieee80211_sta *sta) 1010 { 1011 struct mt7996_sta *msta = (struct mt7996_sta *)sta->drv_priv; 1012 struct ieee80211_vif *vif = container_of((void *)msta->vif, 1013 struct ieee80211_vif, drv_priv); 1014 struct ieee80211_eht_mcs_nss_supp *mcs_map; 1015 struct ieee80211_eht_cap_elem_fixed *elem; 1016 struct sta_rec_eht *eht; 1017 struct tlv *tlv; 1018 1019 if (!sta->deflink.eht_cap.has_eht) 1020 return; 1021 1022 mcs_map = &sta->deflink.eht_cap.eht_mcs_nss_supp; 1023 elem = &sta->deflink.eht_cap.eht_cap_elem; 1024 1025 tlv = mt76_connac_mcu_add_tlv(skb, STA_REC_EHT, sizeof(*eht)); 1026 1027 eht = (struct sta_rec_eht *)tlv; 1028 eht->tid_bitmap = 0xff; 1029 eht->mac_cap = cpu_to_le16(*(u16 *)elem->mac_cap_info); 1030 eht->phy_cap = cpu_to_le64(*(u64 *)elem->phy_cap_info); 1031 eht->phy_cap_ext = cpu_to_le64(elem->phy_cap_info[8]); 1032 1033 if (vif->type != NL80211_IFTYPE_STATION && 1034 (sta->deflink.he_cap.he_cap_elem.phy_cap_info[0] & 1035 (IEEE80211_HE_PHY_CAP0_CHANNEL_WIDTH_SET_40MHZ_IN_2G | 1036 IEEE80211_HE_PHY_CAP0_CHANNEL_WIDTH_SET_40MHZ_80MHZ_IN_5G | 1037 IEEE80211_HE_PHY_CAP0_CHANNEL_WIDTH_SET_160MHZ_IN_5G | 1038 IEEE80211_HE_PHY_CAP0_CHANNEL_WIDTH_SET_80PLUS80_MHZ_IN_5G)) == 0) { 1039 memcpy(eht->mcs_map_bw20, &mcs_map->only_20mhz, 1040 sizeof(eht->mcs_map_bw20)); 1041 return; 1042 } 1043 1044 memcpy(eht->mcs_map_bw80, &mcs_map->bw._80, sizeof(eht->mcs_map_bw80)); 1045 memcpy(eht->mcs_map_bw160, &mcs_map->bw._160, sizeof(eht->mcs_map_bw160)); 1046 memcpy(eht->mcs_map_bw320, &mcs_map->bw._320, sizeof(eht->mcs_map_bw320)); 1047 } 1048 1049 static void 1050 mt7996_mcu_sta_ht_tlv(struct sk_buff *skb, struct ieee80211_sta *sta) 1051 { 1052 struct sta_rec_ht *ht; 1053 struct tlv *tlv; 1054 1055 if (!sta->deflink.ht_cap.ht_supported) 1056 return; 1057 1058 tlv = mt76_connac_mcu_add_tlv(skb, STA_REC_HT, sizeof(*ht)); 1059 1060 ht = (struct sta_rec_ht *)tlv; 1061 ht->ht_cap = cpu_to_le16(sta->deflink.ht_cap.cap); 1062 } 1063 1064 static void 1065 mt7996_mcu_sta_vht_tlv(struct sk_buff *skb, struct ieee80211_sta *sta) 1066 { 1067 struct sta_rec_vht *vht; 1068 struct tlv *tlv; 1069 1070 /* For 6G band, this tlv is necessary to let hw work normally */ 1071 if (!sta->deflink.he_6ghz_capa.capa && !sta->deflink.vht_cap.vht_supported) 1072 return; 1073 1074 tlv = mt76_connac_mcu_add_tlv(skb, STA_REC_VHT, sizeof(*vht)); 1075 1076 vht = (struct sta_rec_vht *)tlv; 1077 vht->vht_cap = cpu_to_le32(sta->deflink.vht_cap.cap); 1078 vht->vht_rx_mcs_map = sta->deflink.vht_cap.vht_mcs.rx_mcs_map; 1079 vht->vht_tx_mcs_map = sta->deflink.vht_cap.vht_mcs.tx_mcs_map; 1080 } 1081 1082 static void 1083 mt7996_mcu_sta_amsdu_tlv(struct mt7996_dev *dev, struct sk_buff *skb, 1084 struct ieee80211_vif *vif, struct ieee80211_sta *sta) 1085 { 1086 struct mt7996_sta *msta = (struct mt7996_sta *)sta->drv_priv; 1087 struct sta_rec_amsdu *amsdu; 1088 struct tlv *tlv; 1089 1090 if (vif->type != NL80211_IFTYPE_STATION && 1091 vif->type != NL80211_IFTYPE_MESH_POINT && 1092 vif->type != NL80211_IFTYPE_AP) 1093 return; 1094 1095 if (!sta->deflink.agg.max_amsdu_len) 1096 return; 1097 1098 tlv = mt76_connac_mcu_add_tlv(skb, STA_REC_HW_AMSDU, sizeof(*amsdu)); 1099 amsdu = (struct sta_rec_amsdu *)tlv; 1100 amsdu->max_amsdu_num = 8; 1101 amsdu->amsdu_en = true; 1102 msta->wcid.amsdu = true; 1103 1104 switch (sta->deflink.agg.max_amsdu_len) { 1105 case IEEE80211_MAX_MPDU_LEN_VHT_11454: 1106 amsdu->max_mpdu_size = 1107 IEEE80211_VHT_CAP_MAX_MPDU_LENGTH_11454; 1108 return; 1109 case IEEE80211_MAX_MPDU_LEN_HT_7935: 1110 case IEEE80211_MAX_MPDU_LEN_VHT_7991: 1111 amsdu->max_mpdu_size = IEEE80211_VHT_CAP_MAX_MPDU_LENGTH_7991; 1112 return; 1113 default: 1114 amsdu->max_mpdu_size = IEEE80211_VHT_CAP_MAX_MPDU_LENGTH_3895; 1115 return; 1116 } 1117 } 1118 1119 static void 1120 mt7996_mcu_sta_muru_tlv(struct mt7996_dev *dev, struct sk_buff *skb, 1121 struct ieee80211_vif *vif, struct ieee80211_sta *sta) 1122 { 1123 struct ieee80211_he_cap_elem *elem = &sta->deflink.he_cap.he_cap_elem; 1124 struct sta_rec_muru *muru; 1125 struct tlv *tlv; 1126 1127 if (vif->type != NL80211_IFTYPE_STATION && 1128 vif->type != NL80211_IFTYPE_AP) 1129 return; 1130 1131 tlv = mt76_connac_mcu_add_tlv(skb, STA_REC_MURU, sizeof(*muru)); 1132 1133 muru = (struct sta_rec_muru *)tlv; 1134 muru->cfg.mimo_dl_en = vif->bss_conf.eht_mu_beamformer || 1135 vif->bss_conf.he_mu_beamformer || 1136 vif->bss_conf.vht_mu_beamformer || 1137 vif->bss_conf.vht_mu_beamformee; 1138 muru->cfg.ofdma_dl_en = true; 1139 1140 if (sta->deflink.vht_cap.vht_supported) 1141 muru->mimo_dl.vht_mu_bfee = 1142 !!(sta->deflink.vht_cap.cap & IEEE80211_VHT_CAP_MU_BEAMFORMEE_CAPABLE); 1143 1144 if (!sta->deflink.he_cap.has_he) 1145 return; 1146 1147 muru->mimo_dl.partial_bw_dl_mimo = 1148 HE_PHY(CAP6_PARTIAL_BANDWIDTH_DL_MUMIMO, elem->phy_cap_info[6]); 1149 1150 muru->mimo_ul.full_ul_mimo = 1151 HE_PHY(CAP2_UL_MU_FULL_MU_MIMO, elem->phy_cap_info[2]); 1152 muru->mimo_ul.partial_ul_mimo = 1153 HE_PHY(CAP2_UL_MU_PARTIAL_MU_MIMO, elem->phy_cap_info[2]); 1154 1155 muru->ofdma_dl.punc_pream_rx = 1156 HE_PHY(CAP1_PREAMBLE_PUNC_RX_MASK, elem->phy_cap_info[1]); 1157 muru->ofdma_dl.he_20m_in_40m_2g = 1158 HE_PHY(CAP8_20MHZ_IN_40MHZ_HE_PPDU_IN_2G, elem->phy_cap_info[8]); 1159 muru->ofdma_dl.he_20m_in_160m = 1160 HE_PHY(CAP8_20MHZ_IN_160MHZ_HE_PPDU, elem->phy_cap_info[8]); 1161 muru->ofdma_dl.he_80m_in_160m = 1162 HE_PHY(CAP8_80MHZ_IN_160MHZ_HE_PPDU, elem->phy_cap_info[8]); 1163 1164 muru->ofdma_ul.t_frame_dur = 1165 HE_MAC(CAP1_TF_MAC_PAD_DUR_MASK, elem->mac_cap_info[1]); 1166 muru->ofdma_ul.mu_cascading = 1167 HE_MAC(CAP2_MU_CASCADING, elem->mac_cap_info[2]); 1168 muru->ofdma_ul.uo_ra = 1169 HE_MAC(CAP3_OFDMA_RA, elem->mac_cap_info[3]); 1170 } 1171 1172 static inline bool 1173 mt7996_is_ebf_supported(struct mt7996_phy *phy, struct ieee80211_vif *vif, 1174 struct ieee80211_sta *sta, bool bfee) 1175 { 1176 int sts = hweight16(phy->mt76->chainmask); 1177 1178 if (vif->type != NL80211_IFTYPE_STATION && 1179 vif->type != NL80211_IFTYPE_AP) 1180 return false; 1181 1182 if (!bfee && sts < 2) 1183 return false; 1184 1185 if (sta->deflink.eht_cap.has_eht) { 1186 struct ieee80211_sta_eht_cap *pc = &sta->deflink.eht_cap; 1187 struct ieee80211_eht_cap_elem_fixed *pe = &pc->eht_cap_elem; 1188 1189 if (bfee) 1190 return vif->bss_conf.eht_su_beamformee && 1191 EHT_PHY(CAP0_SU_BEAMFORMEE, pe->phy_cap_info[0]); 1192 else 1193 return vif->bss_conf.eht_su_beamformer && 1194 EHT_PHY(CAP0_SU_BEAMFORMER, pe->phy_cap_info[0]); 1195 } 1196 1197 if (sta->deflink.he_cap.has_he) { 1198 struct ieee80211_he_cap_elem *pe = &sta->deflink.he_cap.he_cap_elem; 1199 1200 if (bfee) 1201 return vif->bss_conf.he_su_beamformee && 1202 HE_PHY(CAP3_SU_BEAMFORMER, pe->phy_cap_info[3]); 1203 else 1204 return vif->bss_conf.he_su_beamformer && 1205 HE_PHY(CAP4_SU_BEAMFORMEE, pe->phy_cap_info[4]); 1206 } 1207 1208 if (sta->deflink.vht_cap.vht_supported) { 1209 u32 cap = sta->deflink.vht_cap.cap; 1210 1211 if (bfee) 1212 return vif->bss_conf.vht_su_beamformee && 1213 (cap & IEEE80211_VHT_CAP_SU_BEAMFORMER_CAPABLE); 1214 else 1215 return vif->bss_conf.vht_su_beamformer && 1216 (cap & IEEE80211_VHT_CAP_SU_BEAMFORMEE_CAPABLE); 1217 } 1218 1219 return false; 1220 } 1221 1222 static void 1223 mt7996_mcu_sta_sounding_rate(struct sta_rec_bf *bf) 1224 { 1225 bf->sounding_phy = MT_PHY_TYPE_OFDM; 1226 bf->ndp_rate = 0; /* mcs0 */ 1227 bf->ndpa_rate = MT7996_CFEND_RATE_DEFAULT; /* ofdm 24m */ 1228 bf->rept_poll_rate = MT7996_CFEND_RATE_DEFAULT; /* ofdm 24m */ 1229 } 1230 1231 static void 1232 mt7996_mcu_sta_bfer_ht(struct ieee80211_sta *sta, struct mt7996_phy *phy, 1233 struct sta_rec_bf *bf) 1234 { 1235 struct ieee80211_mcs_info *mcs = &sta->deflink.ht_cap.mcs; 1236 u8 n = 0; 1237 1238 bf->tx_mode = MT_PHY_TYPE_HT; 1239 1240 if ((mcs->tx_params & IEEE80211_HT_MCS_TX_RX_DIFF) && 1241 (mcs->tx_params & IEEE80211_HT_MCS_TX_DEFINED)) 1242 n = FIELD_GET(IEEE80211_HT_MCS_TX_MAX_STREAMS_MASK, 1243 mcs->tx_params); 1244 else if (mcs->rx_mask[3]) 1245 n = 3; 1246 else if (mcs->rx_mask[2]) 1247 n = 2; 1248 else if (mcs->rx_mask[1]) 1249 n = 1; 1250 1251 bf->nrow = hweight8(phy->mt76->antenna_mask) - 1; 1252 bf->ncol = min_t(u8, bf->nrow, n); 1253 bf->ibf_ncol = n; 1254 } 1255 1256 static void 1257 mt7996_mcu_sta_bfer_vht(struct ieee80211_sta *sta, struct mt7996_phy *phy, 1258 struct sta_rec_bf *bf, bool explicit) 1259 { 1260 struct ieee80211_sta_vht_cap *pc = &sta->deflink.vht_cap; 1261 struct ieee80211_sta_vht_cap *vc = &phy->mt76->sband_5g.sband.vht_cap; 1262 u16 mcs_map = le16_to_cpu(pc->vht_mcs.rx_mcs_map); 1263 u8 nss_mcs = mt7996_mcu_get_sta_nss(mcs_map); 1264 u8 tx_ant = hweight8(phy->mt76->antenna_mask) - 1; 1265 1266 bf->tx_mode = MT_PHY_TYPE_VHT; 1267 1268 if (explicit) { 1269 u8 sts, snd_dim; 1270 1271 mt7996_mcu_sta_sounding_rate(bf); 1272 1273 sts = FIELD_GET(IEEE80211_VHT_CAP_BEAMFORMEE_STS_MASK, 1274 pc->cap); 1275 snd_dim = FIELD_GET(IEEE80211_VHT_CAP_SOUNDING_DIMENSIONS_MASK, 1276 vc->cap); 1277 bf->nrow = min_t(u8, min_t(u8, snd_dim, sts), tx_ant); 1278 bf->ncol = min_t(u8, nss_mcs, bf->nrow); 1279 bf->ibf_ncol = bf->ncol; 1280 1281 if (sta->deflink.bandwidth == IEEE80211_STA_RX_BW_160) 1282 bf->nrow = 1; 1283 } else { 1284 bf->nrow = tx_ant; 1285 bf->ncol = min_t(u8, nss_mcs, bf->nrow); 1286 bf->ibf_ncol = nss_mcs; 1287 1288 if (sta->deflink.bandwidth == IEEE80211_STA_RX_BW_160) 1289 bf->ibf_nrow = 1; 1290 } 1291 } 1292 1293 static void 1294 mt7996_mcu_sta_bfer_he(struct ieee80211_sta *sta, struct ieee80211_vif *vif, 1295 struct mt7996_phy *phy, struct sta_rec_bf *bf) 1296 { 1297 struct ieee80211_sta_he_cap *pc = &sta->deflink.he_cap; 1298 struct ieee80211_he_cap_elem *pe = &pc->he_cap_elem; 1299 const struct ieee80211_sta_he_cap *vc = 1300 mt76_connac_get_he_phy_cap(phy->mt76, vif); 1301 const struct ieee80211_he_cap_elem *ve = &vc->he_cap_elem; 1302 u16 mcs_map = le16_to_cpu(pc->he_mcs_nss_supp.rx_mcs_80); 1303 u8 nss_mcs = mt7996_mcu_get_sta_nss(mcs_map); 1304 u8 snd_dim, sts; 1305 1306 bf->tx_mode = MT_PHY_TYPE_HE_SU; 1307 1308 mt7996_mcu_sta_sounding_rate(bf); 1309 1310 bf->trigger_su = HE_PHY(CAP6_TRIG_SU_BEAMFORMING_FB, 1311 pe->phy_cap_info[6]); 1312 bf->trigger_mu = HE_PHY(CAP6_TRIG_MU_BEAMFORMING_PARTIAL_BW_FB, 1313 pe->phy_cap_info[6]); 1314 snd_dim = HE_PHY(CAP5_BEAMFORMEE_NUM_SND_DIM_UNDER_80MHZ_MASK, 1315 ve->phy_cap_info[5]); 1316 sts = HE_PHY(CAP4_BEAMFORMEE_MAX_STS_UNDER_80MHZ_MASK, 1317 pe->phy_cap_info[4]); 1318 bf->nrow = min_t(u8, snd_dim, sts); 1319 bf->ncol = min_t(u8, nss_mcs, bf->nrow); 1320 bf->ibf_ncol = bf->ncol; 1321 1322 if (sta->deflink.bandwidth != IEEE80211_STA_RX_BW_160) 1323 return; 1324 1325 /* go over for 160MHz and 80p80 */ 1326 if (pe->phy_cap_info[0] & 1327 IEEE80211_HE_PHY_CAP0_CHANNEL_WIDTH_SET_160MHZ_IN_5G) { 1328 mcs_map = le16_to_cpu(pc->he_mcs_nss_supp.rx_mcs_160); 1329 nss_mcs = mt7996_mcu_get_sta_nss(mcs_map); 1330 1331 bf->ncol_gt_bw80 = nss_mcs; 1332 } 1333 1334 if (pe->phy_cap_info[0] & 1335 IEEE80211_HE_PHY_CAP0_CHANNEL_WIDTH_SET_80PLUS80_MHZ_IN_5G) { 1336 mcs_map = le16_to_cpu(pc->he_mcs_nss_supp.rx_mcs_80p80); 1337 nss_mcs = mt7996_mcu_get_sta_nss(mcs_map); 1338 1339 if (bf->ncol_gt_bw80) 1340 bf->ncol_gt_bw80 = min_t(u8, bf->ncol_gt_bw80, nss_mcs); 1341 else 1342 bf->ncol_gt_bw80 = nss_mcs; 1343 } 1344 1345 snd_dim = HE_PHY(CAP5_BEAMFORMEE_NUM_SND_DIM_ABOVE_80MHZ_MASK, 1346 ve->phy_cap_info[5]); 1347 sts = HE_PHY(CAP4_BEAMFORMEE_MAX_STS_ABOVE_80MHZ_MASK, 1348 pe->phy_cap_info[4]); 1349 1350 bf->nrow_gt_bw80 = min_t(int, snd_dim, sts); 1351 } 1352 1353 static void 1354 mt7996_mcu_sta_bfer_eht(struct ieee80211_sta *sta, struct ieee80211_vif *vif, 1355 struct mt7996_phy *phy, struct sta_rec_bf *bf) 1356 { 1357 struct ieee80211_sta_eht_cap *pc = &sta->deflink.eht_cap; 1358 struct ieee80211_eht_cap_elem_fixed *pe = &pc->eht_cap_elem; 1359 struct ieee80211_eht_mcs_nss_supp *eht_nss = &pc->eht_mcs_nss_supp; 1360 const struct ieee80211_sta_eht_cap *vc = 1361 mt76_connac_get_eht_phy_cap(phy->mt76, vif); 1362 const struct ieee80211_eht_cap_elem_fixed *ve = &vc->eht_cap_elem; 1363 u8 nss_mcs = u8_get_bits(eht_nss->bw._80.rx_tx_mcs9_max_nss, 1364 IEEE80211_EHT_MCS_NSS_RX) - 1; 1365 u8 snd_dim, sts; 1366 1367 bf->tx_mode = MT_PHY_TYPE_EHT_MU; 1368 1369 mt7996_mcu_sta_sounding_rate(bf); 1370 1371 bf->trigger_su = EHT_PHY(CAP3_TRIG_SU_BF_FDBK, pe->phy_cap_info[3]); 1372 bf->trigger_mu = EHT_PHY(CAP3_TRIG_MU_BF_PART_BW_FDBK, pe->phy_cap_info[3]); 1373 snd_dim = EHT_PHY(CAP2_SOUNDING_DIM_80MHZ_MASK, ve->phy_cap_info[2]); 1374 sts = EHT_PHY(CAP0_BEAMFORMEE_SS_80MHZ_MASK, pe->phy_cap_info[0]) + 1375 (EHT_PHY(CAP1_BEAMFORMEE_SS_80MHZ_MASK, pe->phy_cap_info[1]) << 1); 1376 bf->nrow = min_t(u8, snd_dim, sts); 1377 bf->ncol = min_t(u8, nss_mcs, bf->nrow); 1378 bf->ibf_ncol = bf->ncol; 1379 1380 if (sta->deflink.bandwidth < IEEE80211_STA_RX_BW_160) 1381 return; 1382 1383 switch (sta->deflink.bandwidth) { 1384 case IEEE80211_STA_RX_BW_160: 1385 snd_dim = EHT_PHY(CAP2_SOUNDING_DIM_160MHZ_MASK, ve->phy_cap_info[2]); 1386 sts = EHT_PHY(CAP1_BEAMFORMEE_SS_160MHZ_MASK, pe->phy_cap_info[1]); 1387 nss_mcs = u8_get_bits(eht_nss->bw._160.rx_tx_mcs9_max_nss, 1388 IEEE80211_EHT_MCS_NSS_RX) - 1; 1389 1390 bf->nrow_gt_bw80 = min_t(u8, snd_dim, sts); 1391 bf->ncol_gt_bw80 = nss_mcs; 1392 break; 1393 case IEEE80211_STA_RX_BW_320: 1394 snd_dim = EHT_PHY(CAP2_SOUNDING_DIM_320MHZ_MASK, ve->phy_cap_info[2]) + 1395 (EHT_PHY(CAP3_SOUNDING_DIM_320MHZ_MASK, 1396 ve->phy_cap_info[3]) << 1); 1397 sts = EHT_PHY(CAP1_BEAMFORMEE_SS_320MHZ_MASK, pe->phy_cap_info[1]); 1398 nss_mcs = u8_get_bits(eht_nss->bw._320.rx_tx_mcs9_max_nss, 1399 IEEE80211_EHT_MCS_NSS_RX) - 1; 1400 1401 bf->nrow_gt_bw80 = min_t(u8, snd_dim, sts) << 4; 1402 bf->ncol_gt_bw80 = nss_mcs << 4; 1403 break; 1404 default: 1405 break; 1406 } 1407 } 1408 1409 static void 1410 mt7996_mcu_sta_bfer_tlv(struct mt7996_dev *dev, struct sk_buff *skb, 1411 struct ieee80211_vif *vif, struct ieee80211_sta *sta) 1412 { 1413 struct mt7996_vif *mvif = (struct mt7996_vif *)vif->drv_priv; 1414 struct mt7996_phy *phy = mvif->phy; 1415 int tx_ant = hweight8(phy->mt76->chainmask) - 1; 1416 struct sta_rec_bf *bf; 1417 struct tlv *tlv; 1418 const u8 matrix[4][4] = { 1419 {0, 0, 0, 0}, 1420 {1, 1, 0, 0}, /* 2x1, 2x2, 2x3, 2x4 */ 1421 {2, 4, 4, 0}, /* 3x1, 3x2, 3x3, 3x4 */ 1422 {3, 5, 6, 0} /* 4x1, 4x2, 4x3, 4x4 */ 1423 }; 1424 bool ebf; 1425 1426 if (!(sta->deflink.ht_cap.ht_supported || sta->deflink.he_cap.has_he)) 1427 return; 1428 1429 ebf = mt7996_is_ebf_supported(phy, vif, sta, false); 1430 if (!ebf && !dev->ibf) 1431 return; 1432 1433 tlv = mt76_connac_mcu_add_tlv(skb, STA_REC_BF, sizeof(*bf)); 1434 bf = (struct sta_rec_bf *)tlv; 1435 1436 /* he/eht: eBF only, in accordance with spec 1437 * vht: support eBF and iBF 1438 * ht: iBF only, since mac80211 lacks of eBF support 1439 */ 1440 if (sta->deflink.eht_cap.has_eht && ebf) 1441 mt7996_mcu_sta_bfer_eht(sta, vif, phy, bf); 1442 else if (sta->deflink.he_cap.has_he && ebf) 1443 mt7996_mcu_sta_bfer_he(sta, vif, phy, bf); 1444 else if (sta->deflink.vht_cap.vht_supported) 1445 mt7996_mcu_sta_bfer_vht(sta, phy, bf, ebf); 1446 else if (sta->deflink.ht_cap.ht_supported) 1447 mt7996_mcu_sta_bfer_ht(sta, phy, bf); 1448 else 1449 return; 1450 1451 bf->bf_cap = ebf ? ebf : dev->ibf << 1; 1452 bf->bw = sta->deflink.bandwidth; 1453 bf->ibf_dbw = sta->deflink.bandwidth; 1454 bf->ibf_nrow = tx_ant; 1455 1456 if (!ebf && sta->deflink.bandwidth <= IEEE80211_STA_RX_BW_40 && !bf->ncol) 1457 bf->ibf_timeout = 0x48; 1458 else 1459 bf->ibf_timeout = 0x18; 1460 1461 if (ebf && bf->nrow != tx_ant) 1462 bf->mem_20m = matrix[tx_ant][bf->ncol]; 1463 else 1464 bf->mem_20m = matrix[bf->nrow][bf->ncol]; 1465 1466 switch (sta->deflink.bandwidth) { 1467 case IEEE80211_STA_RX_BW_160: 1468 case IEEE80211_STA_RX_BW_80: 1469 bf->mem_total = bf->mem_20m * 2; 1470 break; 1471 case IEEE80211_STA_RX_BW_40: 1472 bf->mem_total = bf->mem_20m; 1473 break; 1474 case IEEE80211_STA_RX_BW_20: 1475 default: 1476 break; 1477 } 1478 } 1479 1480 static void 1481 mt7996_mcu_sta_bfee_tlv(struct mt7996_dev *dev, struct sk_buff *skb, 1482 struct ieee80211_vif *vif, struct ieee80211_sta *sta) 1483 { 1484 struct mt7996_vif *mvif = (struct mt7996_vif *)vif->drv_priv; 1485 struct mt7996_phy *phy = mvif->phy; 1486 int tx_ant = hweight8(phy->mt76->antenna_mask) - 1; 1487 struct sta_rec_bfee *bfee; 1488 struct tlv *tlv; 1489 u8 nrow = 0; 1490 1491 if (!(sta->deflink.vht_cap.vht_supported || sta->deflink.he_cap.has_he)) 1492 return; 1493 1494 if (!mt7996_is_ebf_supported(phy, vif, sta, true)) 1495 return; 1496 1497 tlv = mt76_connac_mcu_add_tlv(skb, STA_REC_BFEE, sizeof(*bfee)); 1498 bfee = (struct sta_rec_bfee *)tlv; 1499 1500 if (sta->deflink.he_cap.has_he) { 1501 struct ieee80211_he_cap_elem *pe = &sta->deflink.he_cap.he_cap_elem; 1502 1503 nrow = HE_PHY(CAP5_BEAMFORMEE_NUM_SND_DIM_UNDER_80MHZ_MASK, 1504 pe->phy_cap_info[5]); 1505 } else if (sta->deflink.vht_cap.vht_supported) { 1506 struct ieee80211_sta_vht_cap *pc = &sta->deflink.vht_cap; 1507 1508 nrow = FIELD_GET(IEEE80211_VHT_CAP_SOUNDING_DIMENSIONS_MASK, 1509 pc->cap); 1510 } 1511 1512 /* reply with identity matrix to avoid 2x2 BF negative gain */ 1513 bfee->fb_identity_matrix = (nrow == 1 && tx_ant == 2); 1514 } 1515 1516 static void 1517 mt7996_mcu_sta_phy_tlv(struct mt7996_dev *dev, struct sk_buff *skb, 1518 struct ieee80211_vif *vif, struct ieee80211_sta *sta) 1519 { 1520 struct sta_rec_phy *phy; 1521 struct tlv *tlv; 1522 u8 af = 0, mm = 0; 1523 1524 if (!sta->deflink.ht_cap.ht_supported && !sta->deflink.he_6ghz_capa.capa) 1525 return; 1526 1527 tlv = mt76_connac_mcu_add_tlv(skb, STA_REC_PHY, sizeof(*phy)); 1528 1529 phy = (struct sta_rec_phy *)tlv; 1530 if (sta->deflink.ht_cap.ht_supported) { 1531 af = sta->deflink.ht_cap.ampdu_factor; 1532 mm = sta->deflink.ht_cap.ampdu_density; 1533 } 1534 1535 if (sta->deflink.vht_cap.vht_supported) { 1536 u8 vht_af = FIELD_GET(IEEE80211_VHT_CAP_MAX_A_MPDU_LENGTH_EXPONENT_MASK, 1537 sta->deflink.vht_cap.cap); 1538 1539 af = max_t(u8, af, vht_af); 1540 } 1541 1542 if (sta->deflink.he_6ghz_capa.capa) { 1543 af = le16_get_bits(sta->deflink.he_6ghz_capa.capa, 1544 IEEE80211_HE_6GHZ_CAP_MAX_AMPDU_LEN_EXP); 1545 mm = le16_get_bits(sta->deflink.he_6ghz_capa.capa, 1546 IEEE80211_HE_6GHZ_CAP_MIN_MPDU_START); 1547 } 1548 1549 phy->ampdu = FIELD_PREP(IEEE80211_HT_AMPDU_PARM_FACTOR, af) | 1550 FIELD_PREP(IEEE80211_HT_AMPDU_PARM_DENSITY, mm); 1551 phy->max_ampdu_len = af; 1552 } 1553 1554 static void 1555 mt7996_mcu_sta_hdrt_tlv(struct mt7996_dev *dev, struct sk_buff *skb) 1556 { 1557 struct sta_rec_hdrt *hdrt; 1558 struct tlv *tlv; 1559 1560 tlv = mt76_connac_mcu_add_tlv(skb, STA_REC_HDRT, sizeof(*hdrt)); 1561 1562 hdrt = (struct sta_rec_hdrt *)tlv; 1563 hdrt->hdrt_mode = 1; 1564 } 1565 1566 static void 1567 mt7996_mcu_sta_hdr_trans_tlv(struct mt7996_dev *dev, struct sk_buff *skb, 1568 struct ieee80211_vif *vif, 1569 struct ieee80211_sta *sta) 1570 { 1571 struct sta_rec_hdr_trans *hdr_trans; 1572 struct mt76_wcid *wcid; 1573 struct tlv *tlv; 1574 1575 tlv = mt76_connac_mcu_add_tlv(skb, STA_REC_HDR_TRANS, sizeof(*hdr_trans)); 1576 hdr_trans = (struct sta_rec_hdr_trans *)tlv; 1577 hdr_trans->dis_rx_hdr_tran = true; 1578 1579 if (vif->type == NL80211_IFTYPE_STATION) 1580 hdr_trans->to_ds = true; 1581 else 1582 hdr_trans->from_ds = true; 1583 1584 wcid = (struct mt76_wcid *)sta->drv_priv; 1585 if (!wcid) 1586 return; 1587 1588 hdr_trans->dis_rx_hdr_tran = !test_bit(MT_WCID_FLAG_HDR_TRANS, &wcid->flags); 1589 if (test_bit(MT_WCID_FLAG_4ADDR, &wcid->flags)) { 1590 hdr_trans->to_ds = true; 1591 hdr_trans->from_ds = true; 1592 } 1593 1594 if (vif->type == NL80211_IFTYPE_MESH_POINT) { 1595 hdr_trans->to_ds = true; 1596 hdr_trans->from_ds = true; 1597 hdr_trans->mesh = true; 1598 } 1599 } 1600 1601 static enum mcu_mmps_mode 1602 mt7996_mcu_get_mmps_mode(enum ieee80211_smps_mode smps) 1603 { 1604 switch (smps) { 1605 case IEEE80211_SMPS_OFF: 1606 return MCU_MMPS_DISABLE; 1607 case IEEE80211_SMPS_STATIC: 1608 return MCU_MMPS_STATIC; 1609 case IEEE80211_SMPS_DYNAMIC: 1610 return MCU_MMPS_DYNAMIC; 1611 default: 1612 return MCU_MMPS_DISABLE; 1613 } 1614 } 1615 1616 int mt7996_mcu_set_fixed_rate_ctrl(struct mt7996_dev *dev, 1617 void *data, u16 version) 1618 { 1619 struct ra_fixed_rate *req; 1620 struct uni_header hdr; 1621 struct sk_buff *skb; 1622 struct tlv *tlv; 1623 int len; 1624 1625 len = sizeof(hdr) + sizeof(*req); 1626 1627 skb = mt76_mcu_msg_alloc(&dev->mt76, NULL, len); 1628 if (!skb) 1629 return -ENOMEM; 1630 1631 skb_put_data(skb, &hdr, sizeof(hdr)); 1632 1633 tlv = mt7996_mcu_add_uni_tlv(skb, UNI_RA_FIXED_RATE, sizeof(*req)); 1634 req = (struct ra_fixed_rate *)tlv; 1635 req->version = cpu_to_le16(version); 1636 memcpy(&req->rate, data, sizeof(req->rate)); 1637 1638 return mt76_mcu_skb_send_msg(&dev->mt76, skb, 1639 MCU_WM_UNI_CMD(RA), true); 1640 } 1641 1642 static void 1643 mt7996_mcu_sta_rate_ctrl_tlv(struct sk_buff *skb, struct mt7996_dev *dev, 1644 struct ieee80211_vif *vif, struct ieee80211_sta *sta) 1645 { 1646 struct mt7996_vif *mvif = (struct mt7996_vif *)vif->drv_priv; 1647 struct mt76_phy *mphy = mvif->phy->mt76; 1648 struct cfg80211_chan_def *chandef = &mphy->chandef; 1649 struct cfg80211_bitrate_mask *mask = &mvif->bitrate_mask; 1650 enum nl80211_band band = chandef->chan->band; 1651 struct sta_rec_ra *ra; 1652 struct tlv *tlv; 1653 u32 supp_rate = sta->deflink.supp_rates[band]; 1654 u32 cap = sta->wme ? STA_CAP_WMM : 0; 1655 1656 tlv = mt76_connac_mcu_add_tlv(skb, STA_REC_RA, sizeof(*ra)); 1657 ra = (struct sta_rec_ra *)tlv; 1658 1659 ra->valid = true; 1660 ra->auto_rate = true; 1661 ra->phy_mode = mt76_connac_get_phy_mode(mphy, vif, band, sta); 1662 ra->channel = chandef->chan->hw_value; 1663 ra->bw = (sta->deflink.bandwidth == IEEE80211_STA_RX_BW_320) ? 1664 CMD_CBW_320MHZ : sta->deflink.bandwidth; 1665 ra->phy.bw = ra->bw; 1666 ra->mmps_mode = mt7996_mcu_get_mmps_mode(sta->deflink.smps_mode); 1667 1668 if (supp_rate) { 1669 supp_rate &= mask->control[band].legacy; 1670 ra->rate_len = hweight32(supp_rate); 1671 1672 if (band == NL80211_BAND_2GHZ) { 1673 ra->supp_mode = MODE_CCK; 1674 ra->supp_cck_rate = supp_rate & GENMASK(3, 0); 1675 1676 if (ra->rate_len > 4) { 1677 ra->supp_mode |= MODE_OFDM; 1678 ra->supp_ofdm_rate = supp_rate >> 4; 1679 } 1680 } else { 1681 ra->supp_mode = MODE_OFDM; 1682 ra->supp_ofdm_rate = supp_rate; 1683 } 1684 } 1685 1686 if (sta->deflink.ht_cap.ht_supported) { 1687 ra->supp_mode |= MODE_HT; 1688 ra->af = sta->deflink.ht_cap.ampdu_factor; 1689 ra->ht_gf = !!(sta->deflink.ht_cap.cap & IEEE80211_HT_CAP_GRN_FLD); 1690 1691 cap |= STA_CAP_HT; 1692 if (sta->deflink.ht_cap.cap & IEEE80211_HT_CAP_SGI_20) 1693 cap |= STA_CAP_SGI_20; 1694 if (sta->deflink.ht_cap.cap & IEEE80211_HT_CAP_SGI_40) 1695 cap |= STA_CAP_SGI_40; 1696 if (sta->deflink.ht_cap.cap & IEEE80211_HT_CAP_TX_STBC) 1697 cap |= STA_CAP_TX_STBC; 1698 if (sta->deflink.ht_cap.cap & IEEE80211_HT_CAP_RX_STBC) 1699 cap |= STA_CAP_RX_STBC; 1700 if (vif->bss_conf.ht_ldpc && 1701 (sta->deflink.ht_cap.cap & IEEE80211_HT_CAP_LDPC_CODING)) 1702 cap |= STA_CAP_LDPC; 1703 1704 mt7996_mcu_set_sta_ht_mcs(sta, ra->ht_mcs, 1705 mask->control[band].ht_mcs); 1706 ra->supp_ht_mcs = *(__le32 *)ra->ht_mcs; 1707 } 1708 1709 if (sta->deflink.vht_cap.vht_supported) { 1710 u8 af; 1711 1712 ra->supp_mode |= MODE_VHT; 1713 af = FIELD_GET(IEEE80211_VHT_CAP_MAX_A_MPDU_LENGTH_EXPONENT_MASK, 1714 sta->deflink.vht_cap.cap); 1715 ra->af = max_t(u8, ra->af, af); 1716 1717 cap |= STA_CAP_VHT; 1718 if (sta->deflink.vht_cap.cap & IEEE80211_VHT_CAP_SHORT_GI_80) 1719 cap |= STA_CAP_VHT_SGI_80; 1720 if (sta->deflink.vht_cap.cap & IEEE80211_VHT_CAP_SHORT_GI_160) 1721 cap |= STA_CAP_VHT_SGI_160; 1722 if (sta->deflink.vht_cap.cap & IEEE80211_VHT_CAP_TXSTBC) 1723 cap |= STA_CAP_VHT_TX_STBC; 1724 if (sta->deflink.vht_cap.cap & IEEE80211_VHT_CAP_RXSTBC_1) 1725 cap |= STA_CAP_VHT_RX_STBC; 1726 if (vif->bss_conf.vht_ldpc && 1727 (sta->deflink.vht_cap.cap & IEEE80211_VHT_CAP_RXLDPC)) 1728 cap |= STA_CAP_VHT_LDPC; 1729 1730 mt7996_mcu_set_sta_vht_mcs(sta, ra->supp_vht_mcs, 1731 mask->control[band].vht_mcs); 1732 } 1733 1734 if (sta->deflink.he_cap.has_he) { 1735 ra->supp_mode |= MODE_HE; 1736 cap |= STA_CAP_HE; 1737 1738 if (sta->deflink.he_6ghz_capa.capa) 1739 ra->af = le16_get_bits(sta->deflink.he_6ghz_capa.capa, 1740 IEEE80211_HE_6GHZ_CAP_MAX_AMPDU_LEN_EXP); 1741 } 1742 ra->sta_cap = cpu_to_le32(cap); 1743 } 1744 1745 int mt7996_mcu_add_rate_ctrl(struct mt7996_dev *dev, struct ieee80211_vif *vif, 1746 struct ieee80211_sta *sta, bool changed) 1747 { 1748 struct mt7996_vif *mvif = (struct mt7996_vif *)vif->drv_priv; 1749 struct mt7996_sta *msta = (struct mt7996_sta *)sta->drv_priv; 1750 struct sk_buff *skb; 1751 1752 skb = __mt76_connac_mcu_alloc_sta_req(&dev->mt76, &mvif->mt76, 1753 &msta->wcid, 1754 MT7996_STA_UPDATE_MAX_SIZE); 1755 if (IS_ERR(skb)) 1756 return PTR_ERR(skb); 1757 1758 /* firmware rc algorithm refers to sta_rec_he for HE control. 1759 * once dev->rc_work changes the settings driver should also 1760 * update sta_rec_he here. 1761 */ 1762 if (changed) 1763 mt7996_mcu_sta_he_tlv(skb, sta); 1764 1765 /* sta_rec_ra accommodates BW, NSS and only MCS range format 1766 * i.e 0-{7,8,9} for VHT. 1767 */ 1768 mt7996_mcu_sta_rate_ctrl_tlv(skb, dev, vif, sta); 1769 1770 return mt76_mcu_skb_send_msg(&dev->mt76, skb, 1771 MCU_WMWA_UNI_CMD(STA_REC_UPDATE), true); 1772 } 1773 1774 static int 1775 mt7996_mcu_add_group(struct mt7996_dev *dev, struct ieee80211_vif *vif, 1776 struct ieee80211_sta *sta) 1777 { 1778 #define MT_STA_BSS_GROUP 1 1779 struct mt7996_vif *mvif = (struct mt7996_vif *)vif->drv_priv; 1780 struct mt7996_sta *msta; 1781 struct { 1782 u8 __rsv1[4]; 1783 1784 __le16 tag; 1785 __le16 len; 1786 __le16 wlan_idx; 1787 u8 __rsv2[2]; 1788 __le32 action; 1789 __le32 val; 1790 u8 __rsv3[8]; 1791 } __packed req = { 1792 .tag = cpu_to_le16(UNI_VOW_DRR_CTRL), 1793 .len = cpu_to_le16(sizeof(req) - 4), 1794 .action = cpu_to_le32(MT_STA_BSS_GROUP), 1795 .val = cpu_to_le32(mvif->mt76.idx % 16), 1796 }; 1797 1798 msta = sta ? (struct mt7996_sta *)sta->drv_priv : &mvif->sta; 1799 req.wlan_idx = cpu_to_le16(msta->wcid.idx); 1800 1801 return mt76_mcu_send_msg(&dev->mt76, MCU_WM_UNI_CMD(VOW), &req, 1802 sizeof(req), true); 1803 } 1804 1805 int mt7996_mcu_add_sta(struct mt7996_dev *dev, struct ieee80211_vif *vif, 1806 struct ieee80211_sta *sta, bool enable) 1807 { 1808 struct mt7996_vif *mvif = (struct mt7996_vif *)vif->drv_priv; 1809 struct mt7996_sta *msta; 1810 struct sk_buff *skb; 1811 int ret; 1812 1813 msta = sta ? (struct mt7996_sta *)sta->drv_priv : &mvif->sta; 1814 1815 skb = __mt76_connac_mcu_alloc_sta_req(&dev->mt76, &mvif->mt76, 1816 &msta->wcid, 1817 MT7996_STA_UPDATE_MAX_SIZE); 1818 if (IS_ERR(skb)) 1819 return PTR_ERR(skb); 1820 1821 /* starec basic */ 1822 mt76_connac_mcu_sta_basic_tlv(&dev->mt76, skb, vif, sta, enable, 1823 !rcu_access_pointer(dev->mt76.wcid[msta->wcid.idx])); 1824 if (!enable) 1825 goto out; 1826 1827 /* tag order is in accordance with firmware dependency. */ 1828 if (sta) { 1829 /* starec phy */ 1830 mt7996_mcu_sta_phy_tlv(dev, skb, vif, sta); 1831 /* starec hdrt mode */ 1832 mt7996_mcu_sta_hdrt_tlv(dev, skb); 1833 /* starec bfer */ 1834 mt7996_mcu_sta_bfer_tlv(dev, skb, vif, sta); 1835 /* starec ht */ 1836 mt7996_mcu_sta_ht_tlv(skb, sta); 1837 /* starec vht */ 1838 mt7996_mcu_sta_vht_tlv(skb, sta); 1839 /* starec uapsd */ 1840 mt76_connac_mcu_sta_uapsd(skb, vif, sta); 1841 /* starec amsdu */ 1842 mt7996_mcu_sta_amsdu_tlv(dev, skb, vif, sta); 1843 /* starec he */ 1844 mt7996_mcu_sta_he_tlv(skb, sta); 1845 /* starec he 6g*/ 1846 mt7996_mcu_sta_he_6g_tlv(skb, sta); 1847 /* starec eht */ 1848 mt7996_mcu_sta_eht_tlv(skb, sta); 1849 /* starec muru */ 1850 mt7996_mcu_sta_muru_tlv(dev, skb, vif, sta); 1851 /* starec bfee */ 1852 mt7996_mcu_sta_bfee_tlv(dev, skb, vif, sta); 1853 /* starec hdr trans */ 1854 mt7996_mcu_sta_hdr_trans_tlv(dev, skb, vif, sta); 1855 } 1856 1857 ret = mt7996_mcu_add_group(dev, vif, sta); 1858 if (ret) { 1859 dev_kfree_skb(skb); 1860 return ret; 1861 } 1862 out: 1863 return mt76_mcu_skb_send_msg(&dev->mt76, skb, 1864 MCU_WMWA_UNI_CMD(STA_REC_UPDATE), true); 1865 } 1866 1867 static int 1868 mt7996_mcu_sta_key_tlv(struct mt76_wcid *wcid, 1869 struct mt76_connac_sta_key_conf *sta_key_conf, 1870 struct sk_buff *skb, 1871 struct ieee80211_key_conf *key, 1872 enum set_key_cmd cmd) 1873 { 1874 struct sta_rec_sec_uni *sec; 1875 struct tlv *tlv; 1876 1877 tlv = mt76_connac_mcu_add_tlv(skb, STA_REC_KEY_V2, sizeof(*sec)); 1878 sec = (struct sta_rec_sec_uni *)tlv; 1879 sec->add = cmd; 1880 1881 if (cmd == SET_KEY) { 1882 struct sec_key_uni *sec_key; 1883 u8 cipher; 1884 1885 cipher = mt76_connac_mcu_get_cipher(key->cipher); 1886 if (cipher == MCU_CIPHER_NONE) 1887 return -EOPNOTSUPP; 1888 1889 sec_key = &sec->key[0]; 1890 sec_key->cipher_len = sizeof(*sec_key); 1891 1892 if (cipher == MCU_CIPHER_BIP_CMAC_128) { 1893 sec_key->wlan_idx = cpu_to_le16(wcid->idx); 1894 sec_key->cipher_id = MCU_CIPHER_AES_CCMP; 1895 sec_key->key_id = sta_key_conf->keyidx; 1896 sec_key->key_len = 16; 1897 memcpy(sec_key->key, sta_key_conf->key, 16); 1898 1899 sec_key = &sec->key[1]; 1900 sec_key->wlan_idx = cpu_to_le16(wcid->idx); 1901 sec_key->cipher_id = MCU_CIPHER_BIP_CMAC_128; 1902 sec_key->cipher_len = sizeof(*sec_key); 1903 sec_key->key_len = 16; 1904 memcpy(sec_key->key, key->key, 16); 1905 sec->n_cipher = 2; 1906 } else { 1907 sec_key->wlan_idx = cpu_to_le16(wcid->idx); 1908 sec_key->cipher_id = cipher; 1909 sec_key->key_id = key->keyidx; 1910 sec_key->key_len = key->keylen; 1911 memcpy(sec_key->key, key->key, key->keylen); 1912 1913 if (cipher == MCU_CIPHER_TKIP) { 1914 /* Rx/Tx MIC keys are swapped */ 1915 memcpy(sec_key->key + 16, key->key + 24, 8); 1916 memcpy(sec_key->key + 24, key->key + 16, 8); 1917 } 1918 1919 /* store key_conf for BIP batch update */ 1920 if (cipher == MCU_CIPHER_AES_CCMP) { 1921 memcpy(sta_key_conf->key, key->key, key->keylen); 1922 sta_key_conf->keyidx = key->keyidx; 1923 } 1924 1925 sec->n_cipher = 1; 1926 } 1927 } else { 1928 sec->n_cipher = 0; 1929 } 1930 1931 return 0; 1932 } 1933 1934 int mt7996_mcu_add_key(struct mt76_dev *dev, struct ieee80211_vif *vif, 1935 struct mt76_connac_sta_key_conf *sta_key_conf, 1936 struct ieee80211_key_conf *key, int mcu_cmd, 1937 struct mt76_wcid *wcid, enum set_key_cmd cmd) 1938 { 1939 struct mt76_vif *mvif = (struct mt76_vif *)vif->drv_priv; 1940 struct sk_buff *skb; 1941 int ret; 1942 1943 skb = __mt76_connac_mcu_alloc_sta_req(dev, mvif, wcid, 1944 MT7996_STA_UPDATE_MAX_SIZE); 1945 if (IS_ERR(skb)) 1946 return PTR_ERR(skb); 1947 1948 ret = mt7996_mcu_sta_key_tlv(wcid, sta_key_conf, skb, key, cmd); 1949 if (ret) 1950 return ret; 1951 1952 return mt76_mcu_skb_send_msg(dev, skb, mcu_cmd, true); 1953 } 1954 1955 int mt7996_mcu_add_dev_info(struct mt7996_phy *phy, 1956 struct ieee80211_vif *vif, bool enable) 1957 { 1958 struct mt7996_dev *dev = phy->dev; 1959 struct mt7996_vif *mvif = (struct mt7996_vif *)vif->drv_priv; 1960 struct { 1961 struct req_hdr { 1962 u8 omac_idx; 1963 u8 band_idx; 1964 u8 __rsv[2]; 1965 } __packed hdr; 1966 struct req_tlv { 1967 __le16 tag; 1968 __le16 len; 1969 u8 active; 1970 u8 __rsv; 1971 u8 omac_addr[ETH_ALEN]; 1972 } __packed tlv; 1973 } data = { 1974 .hdr = { 1975 .omac_idx = mvif->mt76.omac_idx, 1976 .band_idx = mvif->mt76.band_idx, 1977 }, 1978 .tlv = { 1979 .tag = cpu_to_le16(DEV_INFO_ACTIVE), 1980 .len = cpu_to_le16(sizeof(struct req_tlv)), 1981 .active = enable, 1982 }, 1983 }; 1984 1985 if (mvif->mt76.omac_idx >= REPEATER_BSSID_START) 1986 return mt7996_mcu_muar_config(phy, vif, false, enable); 1987 1988 memcpy(data.tlv.omac_addr, vif->addr, ETH_ALEN); 1989 return mt76_mcu_send_msg(&dev->mt76, MCU_WMWA_UNI_CMD(DEV_INFO_UPDATE), 1990 &data, sizeof(data), true); 1991 } 1992 1993 static void 1994 mt7996_mcu_beacon_cntdwn(struct ieee80211_vif *vif, struct sk_buff *rskb, 1995 struct sk_buff *skb, 1996 struct ieee80211_mutable_offsets *offs) 1997 { 1998 struct bss_bcn_cntdwn_tlv *info; 1999 struct tlv *tlv; 2000 u16 tag; 2001 2002 if (!offs->cntdwn_counter_offs[0]) 2003 return; 2004 2005 tag = vif->bss_conf.csa_active ? UNI_BSS_INFO_BCN_CSA : UNI_BSS_INFO_BCN_BCC; 2006 2007 tlv = mt7996_mcu_add_uni_tlv(rskb, tag, sizeof(*info)); 2008 2009 info = (struct bss_bcn_cntdwn_tlv *)tlv; 2010 info->cnt = skb->data[offs->cntdwn_counter_offs[0]]; 2011 } 2012 2013 static void 2014 mt7996_mcu_beacon_cont(struct mt7996_dev *dev, struct ieee80211_vif *vif, 2015 struct sk_buff *rskb, struct sk_buff *skb, 2016 struct bss_bcn_content_tlv *bcn, 2017 struct ieee80211_mutable_offsets *offs) 2018 { 2019 struct mt76_wcid *wcid = &dev->mt76.global_wcid; 2020 u8 *buf; 2021 2022 bcn->pkt_len = cpu_to_le16(MT_TXD_SIZE + skb->len); 2023 bcn->tim_ie_pos = cpu_to_le16(offs->tim_offset); 2024 2025 if (offs->cntdwn_counter_offs[0]) { 2026 u16 offset = offs->cntdwn_counter_offs[0]; 2027 2028 if (vif->bss_conf.csa_active) 2029 bcn->csa_ie_pos = cpu_to_le16(offset - 4); 2030 if (vif->bss_conf.color_change_active) 2031 bcn->bcc_ie_pos = cpu_to_le16(offset - 3); 2032 } 2033 2034 buf = (u8 *)bcn + sizeof(*bcn); 2035 mt7996_mac_write_txwi(dev, (__le32 *)buf, skb, wcid, NULL, 0, 0, 2036 BSS_CHANGED_BEACON); 2037 2038 memcpy(buf + MT_TXD_SIZE, skb->data, skb->len); 2039 } 2040 2041 int mt7996_mcu_add_beacon(struct ieee80211_hw *hw, 2042 struct ieee80211_vif *vif, int en) 2043 { 2044 struct mt7996_dev *dev = mt7996_hw_dev(hw); 2045 struct mt7996_phy *phy = mt7996_hw_phy(hw); 2046 struct mt7996_vif *mvif = (struct mt7996_vif *)vif->drv_priv; 2047 struct ieee80211_mutable_offsets offs; 2048 struct ieee80211_tx_info *info; 2049 struct sk_buff *skb, *rskb; 2050 struct tlv *tlv; 2051 struct bss_bcn_content_tlv *bcn; 2052 int len; 2053 2054 rskb = __mt7996_mcu_alloc_bss_req(&dev->mt76, &mvif->mt76, 2055 MT7996_MAX_BSS_OFFLOAD_SIZE); 2056 if (IS_ERR(rskb)) 2057 return PTR_ERR(rskb); 2058 2059 skb = ieee80211_beacon_get_template(hw, vif, &offs, 0); 2060 if (!skb) { 2061 dev_kfree_skb(rskb); 2062 return -EINVAL; 2063 } 2064 2065 if (skb->len > MT7996_MAX_BEACON_SIZE) { 2066 dev_err(dev->mt76.dev, "Bcn size limit exceed\n"); 2067 dev_kfree_skb(rskb); 2068 dev_kfree_skb(skb); 2069 return -EINVAL; 2070 } 2071 2072 info = IEEE80211_SKB_CB(skb); 2073 info->hw_queue |= FIELD_PREP(MT_TX_HW_QUEUE_PHY, phy->mt76->band_idx); 2074 2075 len = sizeof(*bcn) + MT_TXD_SIZE + skb->len; 2076 tlv = mt7996_mcu_add_uni_tlv(rskb, UNI_BSS_INFO_BCN_CONTENT, len); 2077 bcn = (struct bss_bcn_content_tlv *)tlv; 2078 bcn->enable = en; 2079 if (!en) 2080 goto out; 2081 2082 mt7996_mcu_beacon_cont(dev, vif, rskb, skb, bcn, &offs); 2083 /* TODO: subtag - 11v MBSSID */ 2084 mt7996_mcu_beacon_cntdwn(vif, rskb, skb, &offs); 2085 out: 2086 dev_kfree_skb(skb); 2087 return mt76_mcu_skb_send_msg(&phy->dev->mt76, rskb, 2088 MCU_WMWA_UNI_CMD(BSS_INFO_UPDATE), true); 2089 } 2090 2091 int mt7996_mcu_beacon_inband_discov(struct mt7996_dev *dev, 2092 struct ieee80211_vif *vif, u32 changed) 2093 { 2094 #define OFFLOAD_TX_MODE_SU BIT(0) 2095 #define OFFLOAD_TX_MODE_MU BIT(1) 2096 struct ieee80211_hw *hw = mt76_hw(dev); 2097 struct mt7996_phy *phy = mt7996_hw_phy(hw); 2098 struct mt7996_vif *mvif = (struct mt7996_vif *)vif->drv_priv; 2099 struct cfg80211_chan_def *chandef = &mvif->phy->mt76->chandef; 2100 enum nl80211_band band = chandef->chan->band; 2101 struct mt76_wcid *wcid = &dev->mt76.global_wcid; 2102 struct bss_inband_discovery_tlv *discov; 2103 struct ieee80211_tx_info *info; 2104 struct sk_buff *rskb, *skb = NULL; 2105 struct tlv *tlv; 2106 u8 *buf, interval; 2107 int len; 2108 2109 if (vif->bss_conf.nontransmitted) 2110 return 0; 2111 2112 rskb = __mt7996_mcu_alloc_bss_req(&dev->mt76, &mvif->mt76, 2113 MT7996_MAX_BSS_OFFLOAD_SIZE); 2114 if (IS_ERR(rskb)) 2115 return PTR_ERR(rskb); 2116 2117 if (changed & BSS_CHANGED_FILS_DISCOVERY && 2118 vif->bss_conf.fils_discovery.max_interval) { 2119 interval = vif->bss_conf.fils_discovery.max_interval; 2120 skb = ieee80211_get_fils_discovery_tmpl(hw, vif); 2121 } else if (changed & BSS_CHANGED_UNSOL_BCAST_PROBE_RESP && 2122 vif->bss_conf.unsol_bcast_probe_resp_interval) { 2123 interval = vif->bss_conf.unsol_bcast_probe_resp_interval; 2124 skb = ieee80211_get_unsol_bcast_probe_resp_tmpl(hw, vif); 2125 } 2126 2127 if (!skb) { 2128 dev_kfree_skb(rskb); 2129 return -EINVAL; 2130 } 2131 2132 if (skb->len > MT7996_MAX_BEACON_SIZE) { 2133 dev_err(dev->mt76.dev, "inband discovery size limit exceed\n"); 2134 dev_kfree_skb(rskb); 2135 dev_kfree_skb(skb); 2136 return -EINVAL; 2137 } 2138 2139 info = IEEE80211_SKB_CB(skb); 2140 info->control.vif = vif; 2141 info->band = band; 2142 info->hw_queue |= FIELD_PREP(MT_TX_HW_QUEUE_PHY, phy->mt76->band_idx); 2143 2144 len = sizeof(*discov) + MT_TXD_SIZE + skb->len; 2145 2146 tlv = mt7996_mcu_add_uni_tlv(rskb, UNI_BSS_INFO_OFFLOAD, len); 2147 2148 discov = (struct bss_inband_discovery_tlv *)tlv; 2149 discov->tx_mode = OFFLOAD_TX_MODE_SU; 2150 /* 0: UNSOL PROBE RESP, 1: FILS DISCOV */ 2151 discov->tx_type = !!(changed & BSS_CHANGED_FILS_DISCOVERY); 2152 discov->tx_interval = interval; 2153 discov->prob_rsp_len = cpu_to_le16(MT_TXD_SIZE + skb->len); 2154 discov->enable = true; 2155 discov->wcid = cpu_to_le16(MT7996_WTBL_RESERVED); 2156 2157 buf = (u8 *)tlv + sizeof(*discov); 2158 2159 mt7996_mac_write_txwi(dev, (__le32 *)buf, skb, wcid, NULL, 0, 0, changed); 2160 2161 memcpy(buf + MT_TXD_SIZE, skb->data, skb->len); 2162 2163 dev_kfree_skb(skb); 2164 2165 return mt76_mcu_skb_send_msg(&dev->mt76, rskb, 2166 MCU_WMWA_UNI_CMD(BSS_INFO_UPDATE), true); 2167 } 2168 2169 static int mt7996_driver_own(struct mt7996_dev *dev, u8 band) 2170 { 2171 mt76_wr(dev, MT_TOP_LPCR_HOST_BAND(band), MT_TOP_LPCR_HOST_DRV_OWN); 2172 if (!mt76_poll_msec(dev, MT_TOP_LPCR_HOST_BAND(band), 2173 MT_TOP_LPCR_HOST_FW_OWN_STAT, 0, 500)) { 2174 dev_err(dev->mt76.dev, "Timeout for driver own\n"); 2175 return -EIO; 2176 } 2177 2178 /* clear irq when the driver own success */ 2179 mt76_wr(dev, MT_TOP_LPCR_HOST_BAND_IRQ_STAT(band), 2180 MT_TOP_LPCR_HOST_BAND_STAT); 2181 2182 return 0; 2183 } 2184 2185 static u32 mt7996_patch_sec_mode(u32 key_info) 2186 { 2187 u32 sec = u32_get_bits(key_info, MT7996_PATCH_SEC), key = 0; 2188 2189 if (key_info == GENMASK(31, 0) || sec == MT7996_SEC_MODE_PLAIN) 2190 return 0; 2191 2192 if (sec == MT7996_SEC_MODE_AES) 2193 key = u32_get_bits(key_info, MT7996_PATCH_AES_KEY); 2194 else 2195 key = u32_get_bits(key_info, MT7996_PATCH_SCRAMBLE_KEY); 2196 2197 return MT7996_SEC_ENCRYPT | MT7996_SEC_IV | 2198 u32_encode_bits(key, MT7996_SEC_KEY_IDX); 2199 } 2200 2201 static int mt7996_load_patch(struct mt7996_dev *dev) 2202 { 2203 const struct mt7996_patch_hdr *hdr; 2204 const struct firmware *fw = NULL; 2205 int i, ret, sem; 2206 2207 sem = mt76_connac_mcu_patch_sem_ctrl(&dev->mt76, 1); 2208 switch (sem) { 2209 case PATCH_IS_DL: 2210 return 0; 2211 case PATCH_NOT_DL_SEM_SUCCESS: 2212 break; 2213 default: 2214 dev_err(dev->mt76.dev, "Failed to get patch semaphore\n"); 2215 return -EAGAIN; 2216 } 2217 2218 ret = request_firmware(&fw, MT7996_ROM_PATCH, dev->mt76.dev); 2219 if (ret) 2220 goto out; 2221 2222 if (!fw || !fw->data || fw->size < sizeof(*hdr)) { 2223 dev_err(dev->mt76.dev, "Invalid firmware\n"); 2224 ret = -EINVAL; 2225 goto out; 2226 } 2227 2228 hdr = (const struct mt7996_patch_hdr *)(fw->data); 2229 2230 dev_info(dev->mt76.dev, "HW/SW Version: 0x%x, Build Time: %.16s\n", 2231 be32_to_cpu(hdr->hw_sw_ver), hdr->build_date); 2232 2233 for (i = 0; i < be32_to_cpu(hdr->desc.n_region); i++) { 2234 struct mt7996_patch_sec *sec; 2235 const u8 *dl; 2236 u32 len, addr, sec_key_idx, mode = DL_MODE_NEED_RSP; 2237 2238 sec = (struct mt7996_patch_sec *)(fw->data + sizeof(*hdr) + 2239 i * sizeof(*sec)); 2240 if ((be32_to_cpu(sec->type) & PATCH_SEC_TYPE_MASK) != 2241 PATCH_SEC_TYPE_INFO) { 2242 ret = -EINVAL; 2243 goto out; 2244 } 2245 2246 addr = be32_to_cpu(sec->info.addr); 2247 len = be32_to_cpu(sec->info.len); 2248 sec_key_idx = be32_to_cpu(sec->info.sec_key_idx); 2249 dl = fw->data + be32_to_cpu(sec->offs); 2250 2251 mode |= mt7996_patch_sec_mode(sec_key_idx); 2252 2253 ret = mt76_connac_mcu_init_download(&dev->mt76, addr, len, 2254 mode); 2255 if (ret) { 2256 dev_err(dev->mt76.dev, "Download request failed\n"); 2257 goto out; 2258 } 2259 2260 ret = __mt76_mcu_send_firmware(&dev->mt76, MCU_CMD(FW_SCATTER), 2261 dl, len, 4096); 2262 if (ret) { 2263 dev_err(dev->mt76.dev, "Failed to send patch\n"); 2264 goto out; 2265 } 2266 } 2267 2268 ret = mt76_connac_mcu_start_patch(&dev->mt76); 2269 if (ret) 2270 dev_err(dev->mt76.dev, "Failed to start patch\n"); 2271 2272 out: 2273 sem = mt76_connac_mcu_patch_sem_ctrl(&dev->mt76, 0); 2274 switch (sem) { 2275 case PATCH_REL_SEM_SUCCESS: 2276 break; 2277 default: 2278 ret = -EAGAIN; 2279 dev_err(dev->mt76.dev, "Failed to release patch semaphore\n"); 2280 break; 2281 } 2282 release_firmware(fw); 2283 2284 return ret; 2285 } 2286 2287 static int 2288 mt7996_mcu_send_ram_firmware(struct mt7996_dev *dev, 2289 const struct mt7996_fw_trailer *hdr, 2290 const u8 *data, enum mt7996_ram_type type) 2291 { 2292 int i, offset = 0; 2293 u32 override = 0, option = 0; 2294 2295 for (i = 0; i < hdr->n_region; i++) { 2296 const struct mt7996_fw_region *region; 2297 int err; 2298 u32 len, addr, mode; 2299 2300 region = (const struct mt7996_fw_region *)((const u8 *)hdr - 2301 (hdr->n_region - i) * sizeof(*region)); 2302 /* DSP and WA use same mode */ 2303 mode = mt76_connac_mcu_gen_dl_mode(&dev->mt76, 2304 region->feature_set, 2305 type != MT7996_RAM_TYPE_WM); 2306 len = le32_to_cpu(region->len); 2307 addr = le32_to_cpu(region->addr); 2308 2309 if (region->feature_set & FW_FEATURE_OVERRIDE_ADDR) 2310 override = addr; 2311 2312 err = mt76_connac_mcu_init_download(&dev->mt76, addr, len, 2313 mode); 2314 if (err) { 2315 dev_err(dev->mt76.dev, "Download request failed\n"); 2316 return err; 2317 } 2318 2319 err = __mt76_mcu_send_firmware(&dev->mt76, MCU_CMD(FW_SCATTER), 2320 data + offset, len, 4096); 2321 if (err) { 2322 dev_err(dev->mt76.dev, "Failed to send firmware.\n"); 2323 return err; 2324 } 2325 2326 offset += len; 2327 } 2328 2329 if (override) 2330 option |= FW_START_OVERRIDE; 2331 2332 if (type == MT7996_RAM_TYPE_WA) 2333 option |= FW_START_WORKING_PDA_CR4; 2334 else if (type == MT7996_RAM_TYPE_DSP) 2335 option |= FW_START_WORKING_PDA_DSP; 2336 2337 return mt76_connac_mcu_start_firmware(&dev->mt76, override, option); 2338 } 2339 2340 static int __mt7996_load_ram(struct mt7996_dev *dev, const char *fw_type, 2341 const char *fw_file, enum mt7996_ram_type ram_type) 2342 { 2343 const struct mt7996_fw_trailer *hdr; 2344 const struct firmware *fw; 2345 int ret; 2346 2347 ret = request_firmware(&fw, fw_file, dev->mt76.dev); 2348 if (ret) 2349 return ret; 2350 2351 if (!fw || !fw->data || fw->size < sizeof(*hdr)) { 2352 dev_err(dev->mt76.dev, "Invalid firmware\n"); 2353 ret = -EINVAL; 2354 goto out; 2355 } 2356 2357 hdr = (const void *)(fw->data + fw->size - sizeof(*hdr)); 2358 dev_info(dev->mt76.dev, "%s Firmware Version: %.10s, Build Time: %.15s\n", 2359 fw_type, hdr->fw_ver, hdr->build_date); 2360 2361 ret = mt7996_mcu_send_ram_firmware(dev, hdr, fw->data, ram_type); 2362 if (ret) { 2363 dev_err(dev->mt76.dev, "Failed to start %s firmware\n", fw_type); 2364 goto out; 2365 } 2366 2367 snprintf(dev->mt76.hw->wiphy->fw_version, 2368 sizeof(dev->mt76.hw->wiphy->fw_version), 2369 "%.10s-%.15s", hdr->fw_ver, hdr->build_date); 2370 2371 out: 2372 release_firmware(fw); 2373 2374 return ret; 2375 } 2376 2377 static int mt7996_load_ram(struct mt7996_dev *dev) 2378 { 2379 int ret; 2380 2381 ret = __mt7996_load_ram(dev, "WM", MT7996_FIRMWARE_WM, 2382 MT7996_RAM_TYPE_WM); 2383 if (ret) 2384 return ret; 2385 2386 ret = __mt7996_load_ram(dev, "DSP", MT7996_FIRMWARE_DSP, 2387 MT7996_RAM_TYPE_DSP); 2388 if (ret) 2389 return ret; 2390 2391 return __mt7996_load_ram(dev, "WA", MT7996_FIRMWARE_WA, 2392 MT7996_RAM_TYPE_WA); 2393 } 2394 2395 static int 2396 mt7996_firmware_state(struct mt7996_dev *dev, bool wa) 2397 { 2398 u32 state = FIELD_PREP(MT_TOP_MISC_FW_STATE, 2399 wa ? FW_STATE_RDY : FW_STATE_FW_DOWNLOAD); 2400 2401 if (!mt76_poll_msec(dev, MT_TOP_MISC, MT_TOP_MISC_FW_STATE, 2402 state, 1000)) { 2403 dev_err(dev->mt76.dev, "Timeout for initializing firmware\n"); 2404 return -EIO; 2405 } 2406 return 0; 2407 } 2408 2409 static int 2410 mt7996_mcu_restart(struct mt76_dev *dev) 2411 { 2412 struct { 2413 u8 __rsv1[4]; 2414 2415 __le16 tag; 2416 __le16 len; 2417 u8 power_mode; 2418 u8 __rsv2[3]; 2419 } __packed req = { 2420 .tag = cpu_to_le16(UNI_POWER_OFF), 2421 .len = cpu_to_le16(sizeof(req) - 4), 2422 .power_mode = 1, 2423 }; 2424 2425 return mt76_mcu_send_msg(dev, MCU_WM_UNI_CMD(POWER_CTRL), &req, 2426 sizeof(req), false); 2427 } 2428 2429 static int mt7996_load_firmware(struct mt7996_dev *dev) 2430 { 2431 int ret; 2432 2433 /* make sure fw is download state */ 2434 if (mt7996_firmware_state(dev, false)) { 2435 /* restart firmware once */ 2436 mt7996_mcu_restart(&dev->mt76); 2437 ret = mt7996_firmware_state(dev, false); 2438 if (ret) { 2439 dev_err(dev->mt76.dev, 2440 "Firmware is not ready for download\n"); 2441 return ret; 2442 } 2443 } 2444 2445 ret = mt7996_load_patch(dev); 2446 if (ret) 2447 return ret; 2448 2449 ret = mt7996_load_ram(dev); 2450 if (ret) 2451 return ret; 2452 2453 ret = mt7996_firmware_state(dev, true); 2454 if (ret) 2455 return ret; 2456 2457 mt76_queue_tx_cleanup(dev, dev->mt76.q_mcu[MT_MCUQ_FWDL], false); 2458 2459 dev_dbg(dev->mt76.dev, "Firmware init done\n"); 2460 2461 return 0; 2462 } 2463 2464 int mt7996_mcu_fw_log_2_host(struct mt7996_dev *dev, u8 type, u8 ctrl) 2465 { 2466 struct { 2467 u8 _rsv[4]; 2468 2469 __le16 tag; 2470 __le16 len; 2471 u8 ctrl; 2472 u8 interval; 2473 u8 _rsv2[2]; 2474 } __packed data = { 2475 .tag = cpu_to_le16(UNI_WSYS_CONFIG_FW_LOG_CTRL), 2476 .len = cpu_to_le16(sizeof(data) - 4), 2477 .ctrl = ctrl, 2478 }; 2479 2480 if (type == MCU_FW_LOG_WA) 2481 return mt76_mcu_send_msg(&dev->mt76, MCU_WA_UNI_CMD(WSYS_CONFIG), 2482 &data, sizeof(data), true); 2483 2484 return mt76_mcu_send_msg(&dev->mt76, MCU_WM_UNI_CMD(WSYS_CONFIG), &data, 2485 sizeof(data), true); 2486 } 2487 2488 int mt7996_mcu_fw_dbg_ctrl(struct mt7996_dev *dev, u32 module, u8 level) 2489 { 2490 struct { 2491 u8 _rsv[4]; 2492 2493 __le16 tag; 2494 __le16 len; 2495 __le32 module_idx; 2496 u8 level; 2497 u8 _rsv2[3]; 2498 } data = { 2499 .tag = cpu_to_le16(UNI_WSYS_CONFIG_FW_DBG_CTRL), 2500 .len = cpu_to_le16(sizeof(data) - 4), 2501 .module_idx = cpu_to_le32(module), 2502 .level = level, 2503 }; 2504 2505 return mt76_mcu_send_msg(&dev->mt76, MCU_WM_UNI_CMD(WSYS_CONFIG), &data, 2506 sizeof(data), false); 2507 } 2508 2509 static int mt7996_mcu_set_mwds(struct mt7996_dev *dev, bool enabled) 2510 { 2511 struct { 2512 u8 enable; 2513 u8 _rsv[3]; 2514 } __packed req = { 2515 .enable = enabled 2516 }; 2517 2518 return mt76_mcu_send_msg(&dev->mt76, MCU_WA_EXT_CMD(MWDS_SUPPORT), &req, 2519 sizeof(req), false); 2520 } 2521 2522 static void mt7996_add_rx_airtime_tlv(struct sk_buff *skb, u8 band_idx) 2523 { 2524 struct vow_rx_airtime *req; 2525 struct tlv *tlv; 2526 2527 tlv = mt7996_mcu_add_uni_tlv(skb, UNI_VOW_RX_AT_AIRTIME_CLR_EN, sizeof(*req)); 2528 req = (struct vow_rx_airtime *)tlv; 2529 req->enable = true; 2530 req->band = band_idx; 2531 2532 tlv = mt7996_mcu_add_uni_tlv(skb, UNI_VOW_RX_AT_AIRTIME_EN, sizeof(*req)); 2533 req = (struct vow_rx_airtime *)tlv; 2534 req->enable = true; 2535 req->band = band_idx; 2536 } 2537 2538 static int 2539 mt7996_mcu_init_rx_airtime(struct mt7996_dev *dev) 2540 { 2541 struct uni_header hdr = {}; 2542 struct sk_buff *skb; 2543 int len, num; 2544 2545 num = 2 + 2 * (dev->dbdc_support + dev->tbtc_support); 2546 len = sizeof(hdr) + num * sizeof(struct vow_rx_airtime); 2547 skb = mt76_mcu_msg_alloc(&dev->mt76, NULL, len); 2548 if (!skb) 2549 return -ENOMEM; 2550 2551 skb_put_data(skb, &hdr, sizeof(hdr)); 2552 2553 mt7996_add_rx_airtime_tlv(skb, dev->mt76.phy.band_idx); 2554 2555 if (dev->dbdc_support) 2556 mt7996_add_rx_airtime_tlv(skb, MT_BAND1); 2557 2558 if (dev->tbtc_support) 2559 mt7996_add_rx_airtime_tlv(skb, MT_BAND2); 2560 2561 return mt76_mcu_skb_send_msg(&dev->mt76, skb, 2562 MCU_WM_UNI_CMD(VOW), true); 2563 } 2564 2565 int mt7996_mcu_init_firmware(struct mt7996_dev *dev) 2566 { 2567 int ret; 2568 2569 /* force firmware operation mode into normal state, 2570 * which should be set before firmware download stage. 2571 */ 2572 mt76_wr(dev, MT_SWDEF_MODE, MT_SWDEF_NORMAL_MODE); 2573 2574 ret = mt7996_driver_own(dev, 0); 2575 if (ret) 2576 return ret; 2577 /* set driver own for band1 when two hif exist */ 2578 if (dev->hif2) { 2579 ret = mt7996_driver_own(dev, 1); 2580 if (ret) 2581 return ret; 2582 } 2583 2584 ret = mt7996_load_firmware(dev); 2585 if (ret) 2586 return ret; 2587 2588 set_bit(MT76_STATE_MCU_RUNNING, &dev->mphy.state); 2589 ret = mt7996_mcu_fw_log_2_host(dev, MCU_FW_LOG_WM, 0); 2590 if (ret) 2591 return ret; 2592 2593 ret = mt7996_mcu_fw_log_2_host(dev, MCU_FW_LOG_WA, 0); 2594 if (ret) 2595 return ret; 2596 2597 ret = mt7996_mcu_set_mwds(dev, 1); 2598 if (ret) 2599 return ret; 2600 2601 ret = mt7996_mcu_init_rx_airtime(dev); 2602 if (ret) 2603 return ret; 2604 2605 return mt7996_mcu_wa_cmd(dev, MCU_WA_PARAM_CMD(SET), 2606 MCU_WA_PARAM_RED, 0, 0); 2607 } 2608 2609 int mt7996_mcu_init(struct mt7996_dev *dev) 2610 { 2611 static const struct mt76_mcu_ops mt7996_mcu_ops = { 2612 .headroom = sizeof(struct mt76_connac2_mcu_txd), /* reuse */ 2613 .mcu_skb_send_msg = mt7996_mcu_send_message, 2614 .mcu_parse_response = mt7996_mcu_parse_response, 2615 }; 2616 2617 dev->mt76.mcu_ops = &mt7996_mcu_ops; 2618 2619 return mt7996_mcu_init_firmware(dev); 2620 } 2621 2622 void mt7996_mcu_exit(struct mt7996_dev *dev) 2623 { 2624 mt7996_mcu_restart(&dev->mt76); 2625 if (mt7996_firmware_state(dev, false)) { 2626 dev_err(dev->mt76.dev, "Failed to exit mcu\n"); 2627 goto out; 2628 } 2629 2630 mt76_wr(dev, MT_TOP_LPCR_HOST_BAND(0), MT_TOP_LPCR_HOST_FW_OWN); 2631 if (dev->hif2) 2632 mt76_wr(dev, MT_TOP_LPCR_HOST_BAND(1), 2633 MT_TOP_LPCR_HOST_FW_OWN); 2634 out: 2635 skb_queue_purge(&dev->mt76.mcu.res_q); 2636 } 2637 2638 int mt7996_mcu_set_hdr_trans(struct mt7996_dev *dev, bool hdr_trans) 2639 { 2640 struct { 2641 u8 __rsv[4]; 2642 } __packed hdr; 2643 struct hdr_trans_blacklist *req_blacklist; 2644 struct hdr_trans_en *req_en; 2645 struct sk_buff *skb; 2646 struct tlv *tlv; 2647 int len = MT7996_HDR_TRANS_MAX_SIZE + sizeof(hdr); 2648 2649 skb = mt76_mcu_msg_alloc(&dev->mt76, NULL, len); 2650 if (!skb) 2651 return -ENOMEM; 2652 2653 skb_put_data(skb, &hdr, sizeof(hdr)); 2654 2655 tlv = mt7996_mcu_add_uni_tlv(skb, UNI_HDR_TRANS_EN, sizeof(*req_en)); 2656 req_en = (struct hdr_trans_en *)tlv; 2657 req_en->enable = hdr_trans; 2658 2659 tlv = mt7996_mcu_add_uni_tlv(skb, UNI_HDR_TRANS_VLAN, 2660 sizeof(struct hdr_trans_vlan)); 2661 2662 if (hdr_trans) { 2663 tlv = mt7996_mcu_add_uni_tlv(skb, UNI_HDR_TRANS_BLACKLIST, 2664 sizeof(*req_blacklist)); 2665 req_blacklist = (struct hdr_trans_blacklist *)tlv; 2666 req_blacklist->enable = 1; 2667 req_blacklist->type = cpu_to_le16(ETH_P_PAE); 2668 } 2669 2670 return mt76_mcu_skb_send_msg(&dev->mt76, skb, 2671 MCU_WM_UNI_CMD(RX_HDR_TRANS), true); 2672 } 2673 2674 int mt7996_mcu_set_tx(struct mt7996_dev *dev, struct ieee80211_vif *vif) 2675 { 2676 #define MCU_EDCA_AC_PARAM 0 2677 #define WMM_AIFS_SET BIT(0) 2678 #define WMM_CW_MIN_SET BIT(1) 2679 #define WMM_CW_MAX_SET BIT(2) 2680 #define WMM_TXOP_SET BIT(3) 2681 #define WMM_PARAM_SET (WMM_AIFS_SET | WMM_CW_MIN_SET | \ 2682 WMM_CW_MAX_SET | WMM_TXOP_SET) 2683 struct mt7996_vif *mvif = (struct mt7996_vif *)vif->drv_priv; 2684 struct { 2685 u8 bss_idx; 2686 u8 __rsv[3]; 2687 } __packed hdr = { 2688 .bss_idx = mvif->mt76.idx, 2689 }; 2690 struct sk_buff *skb; 2691 int len = sizeof(hdr) + IEEE80211_NUM_ACS * sizeof(struct edca); 2692 int ac; 2693 2694 skb = mt76_mcu_msg_alloc(&dev->mt76, NULL, len); 2695 if (!skb) 2696 return -ENOMEM; 2697 2698 skb_put_data(skb, &hdr, sizeof(hdr)); 2699 2700 for (ac = 0; ac < IEEE80211_NUM_ACS; ac++) { 2701 struct ieee80211_tx_queue_params *q = &mvif->queue_params[ac]; 2702 struct edca *e; 2703 struct tlv *tlv; 2704 2705 tlv = mt7996_mcu_add_uni_tlv(skb, MCU_EDCA_AC_PARAM, sizeof(*e)); 2706 2707 e = (struct edca *)tlv; 2708 e->set = WMM_PARAM_SET; 2709 e->queue = ac; 2710 e->aifs = q->aifs; 2711 e->txop = cpu_to_le16(q->txop); 2712 2713 if (q->cw_min) 2714 e->cw_min = fls(q->cw_min); 2715 else 2716 e->cw_min = 5; 2717 2718 if (q->cw_max) 2719 e->cw_max = fls(q->cw_max); 2720 else 2721 e->cw_max = 10; 2722 } 2723 2724 return mt76_mcu_skb_send_msg(&dev->mt76, skb, 2725 MCU_WM_UNI_CMD(EDCA_UPDATE), true); 2726 } 2727 2728 int mt7996_mcu_set_fcc5_lpn(struct mt7996_dev *dev, int val) 2729 { 2730 struct { 2731 u8 _rsv[4]; 2732 2733 __le16 tag; 2734 __le16 len; 2735 2736 __le32 ctrl; 2737 __le16 min_lpn; 2738 u8 rsv[2]; 2739 } __packed req = { 2740 .tag = cpu_to_le16(UNI_RDD_CTRL_SET_TH), 2741 .len = cpu_to_le16(sizeof(req) - 4), 2742 2743 .ctrl = cpu_to_le32(0x1), 2744 .min_lpn = cpu_to_le16(val), 2745 }; 2746 2747 return mt76_mcu_send_msg(&dev->mt76, MCU_WM_UNI_CMD(RDD_CTRL), 2748 &req, sizeof(req), true); 2749 } 2750 2751 int mt7996_mcu_set_pulse_th(struct mt7996_dev *dev, 2752 const struct mt7996_dfs_pulse *pulse) 2753 { 2754 struct { 2755 u8 _rsv[4]; 2756 2757 __le16 tag; 2758 __le16 len; 2759 2760 __le32 ctrl; 2761 2762 __le32 max_width; /* us */ 2763 __le32 max_pwr; /* dbm */ 2764 __le32 min_pwr; /* dbm */ 2765 __le32 min_stgr_pri; /* us */ 2766 __le32 max_stgr_pri; /* us */ 2767 __le32 min_cr_pri; /* us */ 2768 __le32 max_cr_pri; /* us */ 2769 } __packed req = { 2770 .tag = cpu_to_le16(UNI_RDD_CTRL_SET_TH), 2771 .len = cpu_to_le16(sizeof(req) - 4), 2772 2773 .ctrl = cpu_to_le32(0x3), 2774 2775 #define __req_field(field) .field = cpu_to_le32(pulse->field) 2776 __req_field(max_width), 2777 __req_field(max_pwr), 2778 __req_field(min_pwr), 2779 __req_field(min_stgr_pri), 2780 __req_field(max_stgr_pri), 2781 __req_field(min_cr_pri), 2782 __req_field(max_cr_pri), 2783 #undef __req_field 2784 }; 2785 2786 return mt76_mcu_send_msg(&dev->mt76, MCU_WM_UNI_CMD(RDD_CTRL), 2787 &req, sizeof(req), true); 2788 } 2789 2790 int mt7996_mcu_set_radar_th(struct mt7996_dev *dev, int index, 2791 const struct mt7996_dfs_pattern *pattern) 2792 { 2793 struct { 2794 u8 _rsv[4]; 2795 2796 __le16 tag; 2797 __le16 len; 2798 2799 __le32 ctrl; 2800 __le16 radar_type; 2801 2802 u8 enb; 2803 u8 stgr; 2804 u8 min_crpn; 2805 u8 max_crpn; 2806 u8 min_crpr; 2807 u8 min_pw; 2808 __le32 min_pri; 2809 __le32 max_pri; 2810 u8 max_pw; 2811 u8 min_crbn; 2812 u8 max_crbn; 2813 u8 min_stgpn; 2814 u8 max_stgpn; 2815 u8 min_stgpr; 2816 u8 rsv[2]; 2817 __le32 min_stgpr_diff; 2818 } __packed req = { 2819 .tag = cpu_to_le16(UNI_RDD_CTRL_SET_TH), 2820 .len = cpu_to_le16(sizeof(req) - 4), 2821 2822 .ctrl = cpu_to_le32(0x2), 2823 .radar_type = cpu_to_le16(index), 2824 2825 #define __req_field_u8(field) .field = pattern->field 2826 #define __req_field_u32(field) .field = cpu_to_le32(pattern->field) 2827 __req_field_u8(enb), 2828 __req_field_u8(stgr), 2829 __req_field_u8(min_crpn), 2830 __req_field_u8(max_crpn), 2831 __req_field_u8(min_crpr), 2832 __req_field_u8(min_pw), 2833 __req_field_u32(min_pri), 2834 __req_field_u32(max_pri), 2835 __req_field_u8(max_pw), 2836 __req_field_u8(min_crbn), 2837 __req_field_u8(max_crbn), 2838 __req_field_u8(min_stgpn), 2839 __req_field_u8(max_stgpn), 2840 __req_field_u8(min_stgpr), 2841 __req_field_u32(min_stgpr_diff), 2842 #undef __req_field_u8 2843 #undef __req_field_u32 2844 }; 2845 2846 return mt76_mcu_send_msg(&dev->mt76, MCU_WM_UNI_CMD(RDD_CTRL), 2847 &req, sizeof(req), true); 2848 } 2849 2850 static int 2851 mt7996_mcu_background_chain_ctrl(struct mt7996_phy *phy, 2852 struct cfg80211_chan_def *chandef, 2853 int cmd) 2854 { 2855 struct mt7996_dev *dev = phy->dev; 2856 struct mt76_phy *mphy = phy->mt76; 2857 struct ieee80211_channel *chan = mphy->chandef.chan; 2858 int freq = mphy->chandef.center_freq1; 2859 struct mt7996_mcu_background_chain_ctrl req = { 2860 .tag = cpu_to_le16(0), 2861 .len = cpu_to_le16(sizeof(req) - 4), 2862 .monitor_scan_type = 2, /* simple rx */ 2863 }; 2864 2865 if (!chandef && cmd != CH_SWITCH_BACKGROUND_SCAN_STOP) 2866 return -EINVAL; 2867 2868 if (!cfg80211_chandef_valid(&mphy->chandef)) 2869 return -EINVAL; 2870 2871 switch (cmd) { 2872 case CH_SWITCH_BACKGROUND_SCAN_START: { 2873 req.chan = chan->hw_value; 2874 req.central_chan = ieee80211_frequency_to_channel(freq); 2875 req.bw = mt76_connac_chan_bw(&mphy->chandef); 2876 req.monitor_chan = chandef->chan->hw_value; 2877 req.monitor_central_chan = 2878 ieee80211_frequency_to_channel(chandef->center_freq1); 2879 req.monitor_bw = mt76_connac_chan_bw(chandef); 2880 req.band_idx = phy->mt76->band_idx; 2881 req.scan_mode = 1; 2882 break; 2883 } 2884 case CH_SWITCH_BACKGROUND_SCAN_RUNNING: 2885 req.monitor_chan = chandef->chan->hw_value; 2886 req.monitor_central_chan = 2887 ieee80211_frequency_to_channel(chandef->center_freq1); 2888 req.band_idx = phy->mt76->band_idx; 2889 req.scan_mode = 2; 2890 break; 2891 case CH_SWITCH_BACKGROUND_SCAN_STOP: 2892 req.chan = chan->hw_value; 2893 req.central_chan = ieee80211_frequency_to_channel(freq); 2894 req.bw = mt76_connac_chan_bw(&mphy->chandef); 2895 req.tx_stream = hweight8(mphy->antenna_mask); 2896 req.rx_stream = mphy->antenna_mask; 2897 break; 2898 default: 2899 return -EINVAL; 2900 } 2901 req.band = chandef ? chandef->chan->band == NL80211_BAND_5GHZ : 1; 2902 2903 return mt76_mcu_send_msg(&dev->mt76, MCU_WM_UNI_CMD(OFFCH_SCAN_CTRL), 2904 &req, sizeof(req), false); 2905 } 2906 2907 int mt7996_mcu_rdd_background_enable(struct mt7996_phy *phy, 2908 struct cfg80211_chan_def *chandef) 2909 { 2910 struct mt7996_dev *dev = phy->dev; 2911 int err, region; 2912 2913 if (!chandef) { /* disable offchain */ 2914 err = mt7996_mcu_rdd_cmd(dev, RDD_STOP, MT_RX_SEL2, 2915 0, 0); 2916 if (err) 2917 return err; 2918 2919 return mt7996_mcu_background_chain_ctrl(phy, NULL, 2920 CH_SWITCH_BACKGROUND_SCAN_STOP); 2921 } 2922 2923 err = mt7996_mcu_background_chain_ctrl(phy, chandef, 2924 CH_SWITCH_BACKGROUND_SCAN_START); 2925 if (err) 2926 return err; 2927 2928 switch (dev->mt76.region) { 2929 case NL80211_DFS_ETSI: 2930 region = 0; 2931 break; 2932 case NL80211_DFS_JP: 2933 region = 2; 2934 break; 2935 case NL80211_DFS_FCC: 2936 default: 2937 region = 1; 2938 break; 2939 } 2940 2941 return mt7996_mcu_rdd_cmd(dev, RDD_START, MT_RX_SEL2, 2942 0, region); 2943 } 2944 2945 int mt7996_mcu_set_chan_info(struct mt7996_phy *phy, u16 tag) 2946 { 2947 static const u8 ch_band[] = { 2948 [NL80211_BAND_2GHZ] = 0, 2949 [NL80211_BAND_5GHZ] = 1, 2950 [NL80211_BAND_6GHZ] = 2, 2951 }; 2952 struct mt7996_dev *dev = phy->dev; 2953 struct cfg80211_chan_def *chandef = &phy->mt76->chandef; 2954 int freq1 = chandef->center_freq1; 2955 u8 band_idx = phy->mt76->band_idx; 2956 struct { 2957 /* fixed field */ 2958 u8 __rsv[4]; 2959 2960 __le16 tag; 2961 __le16 len; 2962 u8 control_ch; 2963 u8 center_ch; 2964 u8 bw; 2965 u8 tx_path_num; 2966 u8 rx_path; /* mask or num */ 2967 u8 switch_reason; 2968 u8 band_idx; 2969 u8 center_ch2; /* for 80+80 only */ 2970 __le16 cac_case; 2971 u8 channel_band; 2972 u8 rsv0; 2973 __le32 outband_freq; 2974 u8 txpower_drop; 2975 u8 ap_bw; 2976 u8 ap_center_ch; 2977 u8 rsv1[53]; 2978 } __packed req = { 2979 .tag = cpu_to_le16(tag), 2980 .len = cpu_to_le16(sizeof(req) - 4), 2981 .control_ch = chandef->chan->hw_value, 2982 .center_ch = ieee80211_frequency_to_channel(freq1), 2983 .bw = mt76_connac_chan_bw(chandef), 2984 .tx_path_num = hweight16(phy->mt76->chainmask), 2985 .rx_path = phy->mt76->chainmask >> dev->chainshift[band_idx], 2986 .band_idx = band_idx, 2987 .channel_band = ch_band[chandef->chan->band], 2988 }; 2989 2990 if (phy->mt76->hw->conf.flags & IEEE80211_CONF_MONITOR) 2991 req.switch_reason = CH_SWITCH_NORMAL; 2992 else if (phy->mt76->hw->conf.flags & IEEE80211_CONF_OFFCHANNEL || 2993 phy->mt76->hw->conf.flags & IEEE80211_CONF_IDLE) 2994 req.switch_reason = CH_SWITCH_SCAN_BYPASS_DPD; 2995 else if (!cfg80211_reg_can_beacon(phy->mt76->hw->wiphy, chandef, 2996 NL80211_IFTYPE_AP)) 2997 req.switch_reason = CH_SWITCH_DFS; 2998 else 2999 req.switch_reason = CH_SWITCH_NORMAL; 3000 3001 if (tag == UNI_CHANNEL_SWITCH) 3002 req.rx_path = hweight8(req.rx_path); 3003 3004 if (chandef->width == NL80211_CHAN_WIDTH_80P80) { 3005 int freq2 = chandef->center_freq2; 3006 3007 req.center_ch2 = ieee80211_frequency_to_channel(freq2); 3008 } 3009 3010 return mt76_mcu_send_msg(&dev->mt76, MCU_WMWA_UNI_CMD(CHANNEL_SWITCH), 3011 &req, sizeof(req), true); 3012 } 3013 3014 static int mt7996_mcu_set_eeprom_flash(struct mt7996_dev *dev) 3015 { 3016 #define MAX_PAGE_IDX_MASK GENMASK(7, 5) 3017 #define PAGE_IDX_MASK GENMASK(4, 2) 3018 #define PER_PAGE_SIZE 0x400 3019 struct mt7996_mcu_eeprom req = { 3020 .tag = cpu_to_le16(UNI_EFUSE_BUFFER_MODE), 3021 .buffer_mode = EE_MODE_BUFFER 3022 }; 3023 u16 eeprom_size = MT7996_EEPROM_SIZE; 3024 u8 total = DIV_ROUND_UP(eeprom_size, PER_PAGE_SIZE); 3025 u8 *eep = (u8 *)dev->mt76.eeprom.data; 3026 int eep_len, i; 3027 3028 for (i = 0; i < total; i++, eep += eep_len) { 3029 struct sk_buff *skb; 3030 int ret, msg_len; 3031 3032 if (i == total - 1 && !!(eeprom_size % PER_PAGE_SIZE)) 3033 eep_len = eeprom_size % PER_PAGE_SIZE; 3034 else 3035 eep_len = PER_PAGE_SIZE; 3036 3037 msg_len = sizeof(req) + eep_len; 3038 skb = mt76_mcu_msg_alloc(&dev->mt76, NULL, msg_len); 3039 if (!skb) 3040 return -ENOMEM; 3041 3042 req.len = cpu_to_le16(msg_len - 4); 3043 req.format = FIELD_PREP(MAX_PAGE_IDX_MASK, total - 1) | 3044 FIELD_PREP(PAGE_IDX_MASK, i) | EE_FORMAT_WHOLE; 3045 req.buf_len = cpu_to_le16(eep_len); 3046 3047 skb_put_data(skb, &req, sizeof(req)); 3048 skb_put_data(skb, eep, eep_len); 3049 3050 ret = mt76_mcu_skb_send_msg(&dev->mt76, skb, 3051 MCU_WM_UNI_CMD(EFUSE_CTRL), true); 3052 if (ret) 3053 return ret; 3054 } 3055 3056 return 0; 3057 } 3058 3059 int mt7996_mcu_set_eeprom(struct mt7996_dev *dev) 3060 { 3061 struct mt7996_mcu_eeprom req = { 3062 .tag = cpu_to_le16(UNI_EFUSE_BUFFER_MODE), 3063 .len = cpu_to_le16(sizeof(req) - 4), 3064 .buffer_mode = EE_MODE_EFUSE, 3065 .format = EE_FORMAT_WHOLE 3066 }; 3067 3068 if (dev->flash_mode) 3069 return mt7996_mcu_set_eeprom_flash(dev); 3070 3071 return mt76_mcu_send_msg(&dev->mt76, MCU_WM_UNI_CMD(EFUSE_CTRL), 3072 &req, sizeof(req), true); 3073 } 3074 3075 int mt7996_mcu_get_eeprom(struct mt7996_dev *dev, u32 offset) 3076 { 3077 struct { 3078 u8 _rsv[4]; 3079 3080 __le16 tag; 3081 __le16 len; 3082 __le32 addr; 3083 __le32 valid; 3084 u8 data[16]; 3085 } __packed req = { 3086 .tag = cpu_to_le16(UNI_EFUSE_ACCESS), 3087 .len = cpu_to_le16(sizeof(req) - 4), 3088 .addr = cpu_to_le32(round_down(offset, 3089 MT7996_EEPROM_BLOCK_SIZE)), 3090 }; 3091 struct sk_buff *skb; 3092 bool valid; 3093 int ret; 3094 3095 ret = mt76_mcu_send_and_get_msg(&dev->mt76, 3096 MCU_WM_UNI_CMD_QUERY(EFUSE_CTRL), 3097 &req, sizeof(req), true, &skb); 3098 if (ret) 3099 return ret; 3100 3101 valid = le32_to_cpu(*(__le32 *)(skb->data + 16)); 3102 if (valid) { 3103 u32 addr = le32_to_cpu(*(__le32 *)(skb->data + 12)); 3104 u8 *buf = (u8 *)dev->mt76.eeprom.data + addr; 3105 3106 skb_pull(skb, 48); 3107 memcpy(buf, skb->data, MT7996_EEPROM_BLOCK_SIZE); 3108 } 3109 3110 dev_kfree_skb(skb); 3111 3112 return 0; 3113 } 3114 3115 int mt7996_mcu_get_eeprom_free_block(struct mt7996_dev *dev, u8 *block_num) 3116 { 3117 struct { 3118 u8 _rsv[4]; 3119 3120 __le16 tag; 3121 __le16 len; 3122 u8 num; 3123 u8 version; 3124 u8 die_idx; 3125 u8 _rsv2; 3126 } __packed req = { 3127 .tag = cpu_to_le16(UNI_EFUSE_FREE_BLOCK), 3128 .len = cpu_to_le16(sizeof(req) - 4), 3129 .version = 2, 3130 }; 3131 struct sk_buff *skb; 3132 int ret; 3133 3134 ret = mt76_mcu_send_and_get_msg(&dev->mt76, MCU_WM_UNI_CMD_QUERY(EFUSE_CTRL), &req, 3135 sizeof(req), true, &skb); 3136 if (ret) 3137 return ret; 3138 3139 *block_num = *(u8 *)(skb->data + 8); 3140 dev_kfree_skb(skb); 3141 3142 return 0; 3143 } 3144 3145 int mt7996_mcu_get_chip_config(struct mt7996_dev *dev, u32 *cap) 3146 { 3147 #define NIC_CAP 3 3148 #define UNI_EVENT_CHIP_CONFIG_EFUSE_VERSION 0x21 3149 struct { 3150 u8 _rsv[4]; 3151 3152 __le16 tag; 3153 __le16 len; 3154 } __packed req = { 3155 .tag = cpu_to_le16(NIC_CAP), 3156 .len = cpu_to_le16(sizeof(req) - 4), 3157 }; 3158 struct sk_buff *skb; 3159 u8 *buf; 3160 int ret; 3161 3162 ret = mt76_mcu_send_and_get_msg(&dev->mt76, 3163 MCU_WM_UNI_CMD_QUERY(CHIP_CONFIG), &req, 3164 sizeof(req), true, &skb); 3165 if (ret) 3166 return ret; 3167 3168 /* fixed field */ 3169 skb_pull(skb, 4); 3170 3171 buf = skb->data; 3172 while (buf - skb->data < skb->len) { 3173 struct tlv *tlv = (struct tlv *)buf; 3174 3175 switch (le16_to_cpu(tlv->tag)) { 3176 case UNI_EVENT_CHIP_CONFIG_EFUSE_VERSION: 3177 *cap = le32_to_cpu(*(__le32 *)(buf + sizeof(*tlv))); 3178 break; 3179 default: 3180 break; 3181 } 3182 3183 buf += le16_to_cpu(tlv->len); 3184 } 3185 3186 dev_kfree_skb(skb); 3187 3188 return 0; 3189 } 3190 3191 int mt7996_mcu_get_chan_mib_info(struct mt7996_phy *phy, bool chan_switch) 3192 { 3193 struct { 3194 struct { 3195 u8 band; 3196 u8 __rsv[3]; 3197 } hdr; 3198 struct { 3199 __le16 tag; 3200 __le16 len; 3201 __le32 offs; 3202 } data[4]; 3203 } __packed req = { 3204 .hdr.band = phy->mt76->band_idx, 3205 }; 3206 /* strict order */ 3207 static const u32 offs[] = { 3208 UNI_MIB_TX_TIME, 3209 UNI_MIB_RX_TIME, 3210 UNI_MIB_OBSS_AIRTIME, 3211 UNI_MIB_NON_WIFI_TIME, 3212 }; 3213 struct mt76_channel_state *state = phy->mt76->chan_state; 3214 struct mt76_channel_state *state_ts = &phy->state_ts; 3215 struct mt7996_dev *dev = phy->dev; 3216 struct mt7996_mcu_mib *res; 3217 struct sk_buff *skb; 3218 int i, ret; 3219 3220 for (i = 0; i < 4; i++) { 3221 req.data[i].tag = cpu_to_le16(UNI_CMD_MIB_DATA); 3222 req.data[i].len = cpu_to_le16(sizeof(req.data[i])); 3223 req.data[i].offs = cpu_to_le32(offs[i]); 3224 } 3225 3226 ret = mt76_mcu_send_and_get_msg(&dev->mt76, MCU_WM_UNI_CMD_QUERY(GET_MIB_INFO), 3227 &req, sizeof(req), true, &skb); 3228 if (ret) 3229 return ret; 3230 3231 skb_pull(skb, sizeof(req.hdr)); 3232 3233 res = (struct mt7996_mcu_mib *)(skb->data); 3234 3235 if (chan_switch) 3236 goto out; 3237 3238 #define __res_u64(s) le64_to_cpu(res[s].data) 3239 state->cc_tx += __res_u64(1) - state_ts->cc_tx; 3240 state->cc_bss_rx += __res_u64(2) - state_ts->cc_bss_rx; 3241 state->cc_rx += __res_u64(2) + __res_u64(3) - state_ts->cc_rx; 3242 state->cc_busy += __res_u64(0) + __res_u64(1) + __res_u64(2) + __res_u64(3) - 3243 state_ts->cc_busy; 3244 3245 out: 3246 state_ts->cc_tx = __res_u64(1); 3247 state_ts->cc_bss_rx = __res_u64(2); 3248 state_ts->cc_rx = __res_u64(2) + __res_u64(3); 3249 state_ts->cc_busy = __res_u64(0) + __res_u64(1) + __res_u64(2) + __res_u64(3); 3250 #undef __res_u64 3251 3252 dev_kfree_skb(skb); 3253 3254 return 0; 3255 } 3256 3257 int mt7996_mcu_set_ser(struct mt7996_dev *dev, u8 action, u8 val, u8 band) 3258 { 3259 struct { 3260 u8 rsv[4]; 3261 3262 __le16 tag; 3263 __le16 len; 3264 3265 union { 3266 struct { 3267 __le32 mask; 3268 } __packed set; 3269 3270 struct { 3271 u8 method; 3272 u8 band; 3273 u8 rsv2[2]; 3274 } __packed trigger; 3275 }; 3276 } __packed req = { 3277 .tag = cpu_to_le16(action), 3278 .len = cpu_to_le16(sizeof(req) - 4), 3279 }; 3280 3281 switch (action) { 3282 case UNI_CMD_SER_SET: 3283 req.set.mask = cpu_to_le32(val); 3284 break; 3285 case UNI_CMD_SER_TRIGGER: 3286 req.trigger.method = val; 3287 req.trigger.band = band; 3288 break; 3289 default: 3290 return -EINVAL; 3291 } 3292 3293 return mt76_mcu_send_msg(&dev->mt76, MCU_WM_UNI_CMD(SER), 3294 &req, sizeof(req), false); 3295 } 3296 3297 int mt7996_mcu_set_txbf(struct mt7996_dev *dev, u8 action) 3298 { 3299 #define MT7996_BF_MAX_SIZE sizeof(union bf_tag_tlv) 3300 #define BF_PROCESSING 4 3301 struct uni_header hdr; 3302 struct sk_buff *skb; 3303 struct tlv *tlv; 3304 int len = sizeof(hdr) + MT7996_BF_MAX_SIZE; 3305 3306 memset(&hdr, 0, sizeof(hdr)); 3307 3308 skb = mt76_mcu_msg_alloc(&dev->mt76, NULL, len); 3309 if (!skb) 3310 return -ENOMEM; 3311 3312 skb_put_data(skb, &hdr, sizeof(hdr)); 3313 3314 switch (action) { 3315 case BF_SOUNDING_ON: { 3316 struct bf_sounding_on *req_snd_on; 3317 3318 tlv = mt7996_mcu_add_uni_tlv(skb, action, sizeof(*req_snd_on)); 3319 req_snd_on = (struct bf_sounding_on *)tlv; 3320 req_snd_on->snd_mode = BF_PROCESSING; 3321 break; 3322 } 3323 case BF_HW_EN_UPDATE: { 3324 struct bf_hw_en_status_update *req_hw_en; 3325 3326 tlv = mt7996_mcu_add_uni_tlv(skb, action, sizeof(*req_hw_en)); 3327 req_hw_en = (struct bf_hw_en_status_update *)tlv; 3328 req_hw_en->ebf = true; 3329 req_hw_en->ibf = dev->ibf; 3330 break; 3331 } 3332 case BF_MOD_EN_CTRL: { 3333 struct bf_mod_en_ctrl *req_mod_en; 3334 3335 tlv = mt7996_mcu_add_uni_tlv(skb, action, sizeof(*req_mod_en)); 3336 req_mod_en = (struct bf_mod_en_ctrl *)tlv; 3337 req_mod_en->bf_num = 3; 3338 req_mod_en->bf_bitmap = GENMASK(2, 0); 3339 break; 3340 } 3341 default: 3342 return -EINVAL; 3343 } 3344 3345 return mt76_mcu_skb_send_msg(&dev->mt76, skb, MCU_WM_UNI_CMD(BF), true); 3346 } 3347 3348 static int 3349 mt7996_mcu_enable_obss_spr(struct mt7996_phy *phy, u16 action, u8 val) 3350 { 3351 struct mt7996_dev *dev = phy->dev; 3352 struct { 3353 u8 band_idx; 3354 u8 __rsv[3]; 3355 3356 __le16 tag; 3357 __le16 len; 3358 3359 __le32 val; 3360 } __packed req = { 3361 .band_idx = phy->mt76->band_idx, 3362 .tag = cpu_to_le16(action), 3363 .len = cpu_to_le16(sizeof(req) - 4), 3364 .val = cpu_to_le32(val), 3365 }; 3366 3367 return mt76_mcu_send_msg(&dev->mt76, MCU_WM_UNI_CMD(SR), 3368 &req, sizeof(req), true); 3369 } 3370 3371 static int 3372 mt7996_mcu_set_obss_spr_pd(struct mt7996_phy *phy, 3373 struct ieee80211_he_obss_pd *he_obss_pd) 3374 { 3375 struct mt7996_dev *dev = phy->dev; 3376 u8 max_th = 82, non_srg_max_th = 62; 3377 struct { 3378 u8 band_idx; 3379 u8 __rsv[3]; 3380 3381 __le16 tag; 3382 __le16 len; 3383 3384 u8 pd_th_non_srg; 3385 u8 pd_th_srg; 3386 u8 period_offs; 3387 u8 rcpi_src; 3388 __le16 obss_pd_min; 3389 __le16 obss_pd_min_srg; 3390 u8 resp_txpwr_mode; 3391 u8 txpwr_restrict_mode; 3392 u8 txpwr_ref; 3393 u8 __rsv2[3]; 3394 } __packed req = { 3395 .band_idx = phy->mt76->band_idx, 3396 .tag = cpu_to_le16(UNI_CMD_SR_SET_PARAM), 3397 .len = cpu_to_le16(sizeof(req) - 4), 3398 .obss_pd_min = cpu_to_le16(max_th), 3399 .obss_pd_min_srg = cpu_to_le16(max_th), 3400 .txpwr_restrict_mode = 2, 3401 .txpwr_ref = 21 3402 }; 3403 int ret; 3404 3405 /* disable firmware dynamical PD asjustment */ 3406 ret = mt7996_mcu_enable_obss_spr(phy, UNI_CMD_SR_ENABLE_DPD, false); 3407 if (ret) 3408 return ret; 3409 3410 if (he_obss_pd->sr_ctrl & 3411 IEEE80211_HE_SPR_NON_SRG_OBSS_PD_SR_DISALLOWED) 3412 req.pd_th_non_srg = max_th; 3413 else if (he_obss_pd->sr_ctrl & IEEE80211_HE_SPR_NON_SRG_OFFSET_PRESENT) 3414 req.pd_th_non_srg = max_th - he_obss_pd->non_srg_max_offset; 3415 else 3416 req.pd_th_non_srg = non_srg_max_th; 3417 3418 if (he_obss_pd->sr_ctrl & IEEE80211_HE_SPR_SRG_INFORMATION_PRESENT) 3419 req.pd_th_srg = max_th - he_obss_pd->max_offset; 3420 3421 return mt76_mcu_send_msg(&dev->mt76, MCU_WM_UNI_CMD(SR), 3422 &req, sizeof(req), true); 3423 } 3424 3425 static int 3426 mt7996_mcu_set_obss_spr_siga(struct mt7996_phy *phy, struct ieee80211_vif *vif, 3427 struct ieee80211_he_obss_pd *he_obss_pd) 3428 { 3429 struct mt7996_vif *mvif = (struct mt7996_vif *)vif->drv_priv; 3430 struct mt7996_dev *dev = phy->dev; 3431 u8 omac = mvif->mt76.omac_idx; 3432 struct { 3433 u8 band_idx; 3434 u8 __rsv[3]; 3435 3436 __le16 tag; 3437 __le16 len; 3438 3439 u8 omac; 3440 u8 __rsv2[3]; 3441 u8 flag[20]; 3442 } __packed req = { 3443 .band_idx = phy->mt76->band_idx, 3444 .tag = cpu_to_le16(UNI_CMD_SR_SET_SIGA), 3445 .len = cpu_to_le16(sizeof(req) - 4), 3446 .omac = omac > HW_BSSID_MAX ? omac - 12 : omac, 3447 }; 3448 int ret; 3449 3450 if (he_obss_pd->sr_ctrl & IEEE80211_HE_SPR_HESIGA_SR_VAL15_ALLOWED) 3451 req.flag[req.omac] = 0xf; 3452 else 3453 return 0; 3454 3455 /* switch to normal AP mode */ 3456 ret = mt7996_mcu_enable_obss_spr(phy, UNI_CMD_SR_ENABLE_MODE, 0); 3457 if (ret) 3458 return ret; 3459 3460 return mt76_mcu_send_msg(&dev->mt76, MCU_WM_UNI_CMD(SR), 3461 &req, sizeof(req), true); 3462 } 3463 3464 static int 3465 mt7996_mcu_set_obss_spr_bitmap(struct mt7996_phy *phy, 3466 struct ieee80211_he_obss_pd *he_obss_pd) 3467 { 3468 struct mt7996_dev *dev = phy->dev; 3469 struct { 3470 u8 band_idx; 3471 u8 __rsv[3]; 3472 3473 __le16 tag; 3474 __le16 len; 3475 3476 __le32 color_l[2]; 3477 __le32 color_h[2]; 3478 __le32 bssid_l[2]; 3479 __le32 bssid_h[2]; 3480 } __packed req = { 3481 .band_idx = phy->mt76->band_idx, 3482 .tag = cpu_to_le16(UNI_CMD_SR_SET_SRG_BITMAP), 3483 .len = cpu_to_le16(sizeof(req) - 4), 3484 }; 3485 u32 bitmap; 3486 3487 memcpy(&bitmap, he_obss_pd->bss_color_bitmap, sizeof(bitmap)); 3488 req.color_l[req.band_idx] = cpu_to_le32(bitmap); 3489 3490 memcpy(&bitmap, he_obss_pd->bss_color_bitmap + 4, sizeof(bitmap)); 3491 req.color_h[req.band_idx] = cpu_to_le32(bitmap); 3492 3493 memcpy(&bitmap, he_obss_pd->partial_bssid_bitmap, sizeof(bitmap)); 3494 req.bssid_l[req.band_idx] = cpu_to_le32(bitmap); 3495 3496 memcpy(&bitmap, he_obss_pd->partial_bssid_bitmap + 4, sizeof(bitmap)); 3497 req.bssid_h[req.band_idx] = cpu_to_le32(bitmap); 3498 3499 return mt76_mcu_send_msg(&dev->mt76, MCU_WM_UNI_CMD(SR), &req, 3500 sizeof(req), true); 3501 } 3502 3503 int mt7996_mcu_add_obss_spr(struct mt7996_phy *phy, struct ieee80211_vif *vif, 3504 struct ieee80211_he_obss_pd *he_obss_pd) 3505 { 3506 int ret; 3507 3508 /* enable firmware scene detection algorithms */ 3509 ret = mt7996_mcu_enable_obss_spr(phy, UNI_CMD_SR_ENABLE_SD, 3510 sr_scene_detect); 3511 if (ret) 3512 return ret; 3513 3514 /* firmware dynamically adjusts PD threshold so skip manual control */ 3515 if (sr_scene_detect && !he_obss_pd->enable) 3516 return 0; 3517 3518 /* enable spatial reuse */ 3519 ret = mt7996_mcu_enable_obss_spr(phy, UNI_CMD_SR_ENABLE, 3520 he_obss_pd->enable); 3521 if (ret) 3522 return ret; 3523 3524 if (sr_scene_detect || !he_obss_pd->enable) 3525 return 0; 3526 3527 ret = mt7996_mcu_enable_obss_spr(phy, UNI_CMD_SR_ENABLE_TX, true); 3528 if (ret) 3529 return ret; 3530 3531 /* set SRG/non-SRG OBSS PD threshold */ 3532 ret = mt7996_mcu_set_obss_spr_pd(phy, he_obss_pd); 3533 if (ret) 3534 return ret; 3535 3536 /* Set SR prohibit */ 3537 ret = mt7996_mcu_set_obss_spr_siga(phy, vif, he_obss_pd); 3538 if (ret) 3539 return ret; 3540 3541 /* set SRG BSS color/BSSID bitmap */ 3542 return mt7996_mcu_set_obss_spr_bitmap(phy, he_obss_pd); 3543 } 3544 3545 int mt7996_mcu_update_bss_color(struct mt7996_dev *dev, struct ieee80211_vif *vif, 3546 struct cfg80211_he_bss_color *he_bss_color) 3547 { 3548 int len = sizeof(struct bss_req_hdr) + sizeof(struct bss_color_tlv); 3549 struct mt7996_vif *mvif = (struct mt7996_vif *)vif->drv_priv; 3550 struct bss_color_tlv *bss_color; 3551 struct sk_buff *skb; 3552 struct tlv *tlv; 3553 3554 skb = __mt7996_mcu_alloc_bss_req(&dev->mt76, &mvif->mt76, len); 3555 if (IS_ERR(skb)) 3556 return PTR_ERR(skb); 3557 3558 tlv = mt76_connac_mcu_add_tlv(skb, UNI_BSS_INFO_BSS_COLOR, 3559 sizeof(*bss_color)); 3560 bss_color = (struct bss_color_tlv *)tlv; 3561 bss_color->enable = he_bss_color->enabled; 3562 bss_color->color = he_bss_color->color; 3563 3564 return mt76_mcu_skb_send_msg(&dev->mt76, skb, 3565 MCU_WMWA_UNI_CMD(BSS_INFO_UPDATE), true); 3566 } 3567 3568 #define TWT_AGRT_TRIGGER BIT(0) 3569 #define TWT_AGRT_ANNOUNCE BIT(1) 3570 #define TWT_AGRT_PROTECT BIT(2) 3571 3572 int mt7996_mcu_twt_agrt_update(struct mt7996_dev *dev, 3573 struct mt7996_vif *mvif, 3574 struct mt7996_twt_flow *flow, 3575 int cmd) 3576 { 3577 struct { 3578 /* fixed field */ 3579 u8 bss; 3580 u8 _rsv[3]; 3581 3582 __le16 tag; 3583 __le16 len; 3584 u8 tbl_idx; 3585 u8 cmd; 3586 u8 own_mac_idx; 3587 u8 flowid; /* 0xff for group id */ 3588 __le16 peer_id; /* specify the peer_id (msb=0) 3589 * or group_id (msb=1) 3590 */ 3591 u8 duration; /* 256 us */ 3592 u8 bss_idx; 3593 __le64 start_tsf; 3594 __le16 mantissa; 3595 u8 exponent; 3596 u8 is_ap; 3597 u8 agrt_params; 3598 u8 __rsv2[23]; 3599 } __packed req = { 3600 .tag = cpu_to_le16(UNI_CMD_TWT_ARGT_UPDATE), 3601 .len = cpu_to_le16(sizeof(req) - 4), 3602 .tbl_idx = flow->table_id, 3603 .cmd = cmd, 3604 .own_mac_idx = mvif->mt76.omac_idx, 3605 .flowid = flow->id, 3606 .peer_id = cpu_to_le16(flow->wcid), 3607 .duration = flow->duration, 3608 .bss = mvif->mt76.idx, 3609 .bss_idx = mvif->mt76.idx, 3610 .start_tsf = cpu_to_le64(flow->tsf), 3611 .mantissa = flow->mantissa, 3612 .exponent = flow->exp, 3613 .is_ap = true, 3614 }; 3615 3616 if (flow->protection) 3617 req.agrt_params |= TWT_AGRT_PROTECT; 3618 if (!flow->flowtype) 3619 req.agrt_params |= TWT_AGRT_ANNOUNCE; 3620 if (flow->trigger) 3621 req.agrt_params |= TWT_AGRT_TRIGGER; 3622 3623 return mt76_mcu_send_msg(&dev->mt76, MCU_WM_UNI_CMD(TWT), 3624 &req, sizeof(req), true); 3625 } 3626 3627 int mt7996_mcu_set_rts_thresh(struct mt7996_phy *phy, u32 val) 3628 { 3629 struct { 3630 u8 band_idx; 3631 u8 _rsv[3]; 3632 3633 __le16 tag; 3634 __le16 len; 3635 __le32 len_thresh; 3636 __le32 pkt_thresh; 3637 } __packed req = { 3638 .band_idx = phy->mt76->band_idx, 3639 .tag = cpu_to_le16(UNI_BAND_CONFIG_RTS_THRESHOLD), 3640 .len = cpu_to_le16(sizeof(req) - 4), 3641 .len_thresh = cpu_to_le32(val), 3642 .pkt_thresh = cpu_to_le32(0x2), 3643 }; 3644 3645 return mt76_mcu_send_msg(&phy->dev->mt76, MCU_WM_UNI_CMD(BAND_CONFIG), 3646 &req, sizeof(req), true); 3647 } 3648 3649 int mt7996_mcu_set_radio_en(struct mt7996_phy *phy, bool enable) 3650 { 3651 struct { 3652 u8 band_idx; 3653 u8 _rsv[3]; 3654 3655 __le16 tag; 3656 __le16 len; 3657 u8 enable; 3658 u8 _rsv2[3]; 3659 } __packed req = { 3660 .band_idx = phy->mt76->band_idx, 3661 .tag = cpu_to_le16(UNI_BAND_CONFIG_RADIO_ENABLE), 3662 .len = cpu_to_le16(sizeof(req) - 4), 3663 .enable = enable, 3664 }; 3665 3666 return mt76_mcu_send_msg(&phy->dev->mt76, MCU_WM_UNI_CMD(BAND_CONFIG), 3667 &req, sizeof(req), true); 3668 } 3669 3670 int mt7996_mcu_rdd_cmd(struct mt7996_dev *dev, int cmd, u8 index, 3671 u8 rx_sel, u8 val) 3672 { 3673 struct { 3674 u8 _rsv[4]; 3675 3676 __le16 tag; 3677 __le16 len; 3678 3679 u8 ctrl; 3680 u8 rdd_idx; 3681 u8 rdd_rx_sel; 3682 u8 val; 3683 u8 rsv[4]; 3684 } __packed req = { 3685 .tag = cpu_to_le16(UNI_RDD_CTRL_PARM), 3686 .len = cpu_to_le16(sizeof(req) - 4), 3687 .ctrl = cmd, 3688 .rdd_idx = index, 3689 .rdd_rx_sel = rx_sel, 3690 .val = val, 3691 }; 3692 3693 return mt76_mcu_send_msg(&dev->mt76, MCU_WM_UNI_CMD(RDD_CTRL), 3694 &req, sizeof(req), true); 3695 } 3696 3697 int mt7996_mcu_wtbl_update_hdr_trans(struct mt7996_dev *dev, 3698 struct ieee80211_vif *vif, 3699 struct ieee80211_sta *sta) 3700 { 3701 struct mt7996_vif *mvif = (struct mt7996_vif *)vif->drv_priv; 3702 struct mt7996_sta *msta; 3703 struct sk_buff *skb; 3704 3705 msta = sta ? (struct mt7996_sta *)sta->drv_priv : &mvif->sta; 3706 3707 skb = __mt76_connac_mcu_alloc_sta_req(&dev->mt76, &mvif->mt76, 3708 &msta->wcid, 3709 MT7996_STA_UPDATE_MAX_SIZE); 3710 if (IS_ERR(skb)) 3711 return PTR_ERR(skb); 3712 3713 /* starec hdr trans */ 3714 mt7996_mcu_sta_hdr_trans_tlv(dev, skb, vif, sta); 3715 return mt76_mcu_skb_send_msg(&dev->mt76, skb, 3716 MCU_WMWA_UNI_CMD(STA_REC_UPDATE), true); 3717 } 3718 3719 int mt7996_mcu_rf_regval(struct mt7996_dev *dev, u32 regidx, u32 *val, bool set) 3720 { 3721 struct { 3722 u8 __rsv1[4]; 3723 3724 __le16 tag; 3725 __le16 len; 3726 __le16 idx; 3727 u8 __rsv2[2]; 3728 __le32 ofs; 3729 __le32 data; 3730 } __packed *res, req = { 3731 .tag = cpu_to_le16(UNI_CMD_ACCESS_RF_REG_BASIC), 3732 .len = cpu_to_le16(sizeof(req) - 4), 3733 3734 .idx = cpu_to_le16(u32_get_bits(regidx, GENMASK(31, 24))), 3735 .ofs = cpu_to_le32(u32_get_bits(regidx, GENMASK(23, 0))), 3736 .data = set ? cpu_to_le32(*val) : 0, 3737 }; 3738 struct sk_buff *skb; 3739 int ret; 3740 3741 if (set) 3742 return mt76_mcu_send_msg(&dev->mt76, MCU_WM_UNI_CMD(REG_ACCESS), 3743 &req, sizeof(req), true); 3744 3745 ret = mt76_mcu_send_and_get_msg(&dev->mt76, 3746 MCU_WM_UNI_CMD_QUERY(REG_ACCESS), 3747 &req, sizeof(req), true, &skb); 3748 if (ret) 3749 return ret; 3750 3751 res = (void *)skb->data; 3752 *val = le32_to_cpu(res->data); 3753 dev_kfree_skb(skb); 3754 3755 return 0; 3756 } 3757 3758 int mt7996_mcu_trigger_assert(struct mt7996_dev *dev) 3759 { 3760 struct { 3761 __le16 tag; 3762 __le16 len; 3763 u8 enable; 3764 u8 rsv[3]; 3765 } __packed req = { 3766 .len = cpu_to_le16(sizeof(req) - 4), 3767 .enable = true, 3768 }; 3769 3770 return mt76_mcu_send_msg(&dev->mt76, MCU_WM_UNI_CMD(ASSERT_DUMP), 3771 &req, sizeof(req), false); 3772 } 3773 3774 int mt7996_mcu_set_rro(struct mt7996_dev *dev, u16 tag, u8 val) 3775 { 3776 struct { 3777 u8 __rsv1[4]; 3778 3779 __le16 tag; 3780 __le16 len; 3781 3782 union { 3783 struct { 3784 u8 type; 3785 u8 __rsv2[3]; 3786 } __packed platform_type; 3787 struct { 3788 u8 type; 3789 u8 dest; 3790 u8 __rsv2[2]; 3791 } __packed bypass_mode; 3792 struct { 3793 u8 path; 3794 u8 __rsv2[3]; 3795 } __packed txfree_path; 3796 }; 3797 } __packed req = { 3798 .tag = cpu_to_le16(tag), 3799 .len = cpu_to_le16(sizeof(req) - 4), 3800 }; 3801 3802 switch (tag) { 3803 case UNI_RRO_SET_PLATFORM_TYPE: 3804 req.platform_type.type = val; 3805 break; 3806 case UNI_RRO_SET_BYPASS_MODE: 3807 req.bypass_mode.type = val; 3808 break; 3809 case UNI_RRO_SET_TXFREE_PATH: 3810 req.txfree_path.path = val; 3811 break; 3812 default: 3813 return -EINVAL; 3814 } 3815 3816 return mt76_mcu_send_msg(&dev->mt76, MCU_WM_UNI_CMD(RRO), &req, 3817 sizeof(req), true); 3818 } 3819