1 // SPDX-License-Identifier: ISC
2 /* Copyright (C) 2020 MediaTek Inc. */
4 #include <linux/firmware.h>
11 struct mt7915_patch_hdr {
28 struct mt7915_patch_sec {
44 struct mt7915_fw_trailer {
56 struct mt7915_fw_region {
67 #define MCU_PATCH_ADDRESS 0x200000
69 #define FW_FEATURE_SET_ENCRYPT BIT(0)
70 #define FW_FEATURE_SET_KEY_IDX GENMASK(2, 1)
71 #define FW_FEATURE_OVERRIDE_ADDR BIT(5)
73 #define DL_MODE_ENCRYPT BIT(0)
74 #define DL_MODE_KEY_IDX GENMASK(2, 1)
75 #define DL_MODE_RESET_SEC_IV BIT(3)
76 #define DL_MODE_WORKING_PDA_CR4 BIT(4)
77 #define DL_MODE_NEED_RSP BIT(31)
79 #define FW_START_OVERRIDE BIT(0)
80 #define FW_START_WORKING_PDA_CR4 BIT(2)
82 #define PATCH_SEC_TYPE_MASK GENMASK(15, 0)
83 #define PATCH_SEC_TYPE_INFO 0x2
85 #define to_wcid_lo(id) FIELD_GET(GENMASK(7, 0), (u16)id)
86 #define to_wcid_hi(id) FIELD_GET(GENMASK(9, 8), (u16)id)
88 #define HE_PHY(p, c) u8_get_bits(c, IEEE80211_HE_PHY_##p)
89 #define HE_MAC(m, c) u8_get_bits(c, IEEE80211_HE_MAC_##m)
91 static enum mt7915_cipher_type
92 mt7915_mcu_get_cipher(int cipher)
95 case WLAN_CIPHER_SUITE_WEP40:
96 return MT_CIPHER_WEP40;
97 case WLAN_CIPHER_SUITE_WEP104:
98 return MT_CIPHER_WEP104;
99 case WLAN_CIPHER_SUITE_TKIP:
100 return MT_CIPHER_TKIP;
101 case WLAN_CIPHER_SUITE_AES_CMAC:
102 return MT_CIPHER_BIP_CMAC_128;
103 case WLAN_CIPHER_SUITE_CCMP:
104 return MT_CIPHER_AES_CCMP;
105 case WLAN_CIPHER_SUITE_CCMP_256:
106 return MT_CIPHER_CCMP_256;
107 case WLAN_CIPHER_SUITE_GCMP:
108 return MT_CIPHER_GCMP;
109 case WLAN_CIPHER_SUITE_GCMP_256:
110 return MT_CIPHER_GCMP_256;
111 case WLAN_CIPHER_SUITE_SMS4:
112 return MT_CIPHER_WAPI;
114 return MT_CIPHER_NONE;
118 static u8 mt7915_mcu_chan_bw(struct cfg80211_chan_def *chandef)
120 static const u8 width_to_bw[] = {
121 [NL80211_CHAN_WIDTH_40] = CMD_CBW_40MHZ,
122 [NL80211_CHAN_WIDTH_80] = CMD_CBW_80MHZ,
123 [NL80211_CHAN_WIDTH_80P80] = CMD_CBW_8080MHZ,
124 [NL80211_CHAN_WIDTH_160] = CMD_CBW_160MHZ,
125 [NL80211_CHAN_WIDTH_5] = CMD_CBW_5MHZ,
126 [NL80211_CHAN_WIDTH_10] = CMD_CBW_10MHZ,
127 [NL80211_CHAN_WIDTH_20] = CMD_CBW_20MHZ,
128 [NL80211_CHAN_WIDTH_20_NOHT] = CMD_CBW_20MHZ,
131 if (chandef->width >= ARRAY_SIZE(width_to_bw))
134 return width_to_bw[chandef->width];
137 static const struct ieee80211_sta_he_cap *
138 mt7915_get_he_phy_cap(struct mt7915_phy *phy, struct ieee80211_vif *vif)
140 struct ieee80211_supported_band *sband;
141 enum nl80211_band band;
143 band = phy->mt76->chandef.chan->band;
144 sband = phy->mt76->hw->wiphy->bands[band];
146 return ieee80211_get_he_iftype_cap(sband, vif->type);
150 mt7915_get_phy_mode(struct mt7915_dev *dev, struct ieee80211_vif *vif,
151 enum nl80211_band band, struct ieee80211_sta *sta)
153 struct ieee80211_sta_ht_cap *ht_cap;
154 struct ieee80211_sta_vht_cap *vht_cap;
155 const struct ieee80211_sta_he_cap *he_cap;
159 ht_cap = &sta->ht_cap;
160 vht_cap = &sta->vht_cap;
161 he_cap = &sta->he_cap;
163 struct ieee80211_supported_band *sband;
164 struct mt7915_phy *phy;
165 struct mt7915_vif *mvif;
167 mvif = (struct mt7915_vif *)vif->drv_priv;
168 phy = mvif->band_idx ? mt7915_ext_phy(dev) : &dev->phy;
169 sband = phy->mt76->hw->wiphy->bands[band];
171 ht_cap = &sband->ht_cap;
172 vht_cap = &sband->vht_cap;
173 he_cap = ieee80211_get_he_iftype_cap(sband, vif->type);
176 if (band == NL80211_BAND_2GHZ) {
177 mode |= PHY_MODE_B | PHY_MODE_G;
179 if (ht_cap->ht_supported)
183 mode |= PHY_MODE_AX_24G;
184 } else if (band == NL80211_BAND_5GHZ) {
187 if (ht_cap->ht_supported)
190 if (vht_cap->vht_supported)
194 mode |= PHY_MODE_AX_5G;
201 mt7915_mcu_get_sta_nss(u16 mcs_map)
205 for (nss = 8; nss > 0; nss--) {
206 u8 nss_mcs = (mcs_map >> (2 * (nss - 1))) & 3;
208 if (nss_mcs != IEEE80211_VHT_MCS_NOT_SUPPORTED)
216 mt7915_mcu_parse_response(struct mt76_dev *mdev, int cmd,
217 struct sk_buff *skb, int seq)
219 struct mt7915_mcu_rxd *rxd;
223 dev_err(mdev->dev, "Message %d (seq %d) timeout\n",
228 rxd = (struct mt7915_mcu_rxd *)skb->data;
232 if (cmd == MCU_CMD(PATCH_SEM_CONTROL)) {
233 skb_pull(skb, sizeof(*rxd) - 4);
235 } else if (cmd == MCU_EXT_CMD(THERMAL_CTRL)) {
236 skb_pull(skb, sizeof(*rxd) + 4);
237 ret = le32_to_cpu(*(__le32 *)skb->data);
239 skb_pull(skb, sizeof(struct mt7915_mcu_rxd));
246 mt7915_mcu_send_message(struct mt76_dev *mdev, struct sk_buff *skb,
247 int cmd, int *wait_seq)
249 struct mt7915_dev *dev = container_of(mdev, struct mt7915_dev, mt76);
250 struct mt7915_mcu_txd *mcu_txd;
251 enum mt76_mcuq_id qid;
256 /* TODO: make dynamic based on msg type */
257 mdev->mcu.timeout = 20 * HZ;
259 seq = ++dev->mt76.mcu.msg_seq & 0xf;
261 seq = ++dev->mt76.mcu.msg_seq & 0xf;
263 if (cmd == MCU_CMD(FW_SCATTER)) {
268 mcu_txd = (struct mt7915_mcu_txd *)skb_push(skb, sizeof(*mcu_txd));
269 if (test_bit(MT76_STATE_MCU_RUNNING, &dev->mphy.state))
276 val = FIELD_PREP(MT_TXD0_TX_BYTES, skb->len) |
277 FIELD_PREP(MT_TXD0_PKT_FMT, MT_TX_TYPE_CMD) |
278 FIELD_PREP(MT_TXD0_Q_IDX, MT_TX_MCU_PORT_RX_Q0);
279 txd[0] = cpu_to_le32(val);
281 val = MT_TXD1_LONG_FORMAT |
282 FIELD_PREP(MT_TXD1_HDR_FORMAT, MT_HDR_FORMAT_CMD);
283 txd[1] = cpu_to_le32(val);
285 mcu_txd->len = cpu_to_le16(skb->len - sizeof(mcu_txd->txd));
286 mcu_txd->pq_id = cpu_to_le16(MCU_PQ_ID(MT_TX_PORT_IDX_MCU,
287 MT_TX_MCU_PORT_RX_Q0));
288 mcu_txd->pkt_type = MCU_PKT_ID;
291 mcu_txd->cid = FIELD_GET(__MCU_CMD_FIELD_ID, cmd);
292 mcu_txd->set_query = MCU_Q_NA;
293 mcu_txd->ext_cid = FIELD_GET(__MCU_CMD_FIELD_EXT_ID, cmd);
294 if (mcu_txd->ext_cid) {
295 mcu_txd->ext_cid_ack = 1;
297 /* do not use Q_SET for efuse */
298 if (cmd & __MCU_CMD_FIELD_QUERY)
299 mcu_txd->set_query = MCU_Q_QUERY;
301 mcu_txd->set_query = MCU_Q_SET;
304 if (cmd & __MCU_CMD_FIELD_WA)
305 mcu_txd->s2d_index = MCU_S2D_H2C;
307 mcu_txd->s2d_index = MCU_S2D_H2N;
313 return mt76_tx_queue_skb_raw(dev, mdev->q_mcu[qid], skb, 0);
317 mt7915_mcu_wa_cmd(struct mt7915_dev *dev, int cmd, u32 a1, u32 a2, u32 a3)
329 mt76_mcu_send_msg(&dev->mt76, cmd, &req, sizeof(req), true);
333 mt7915_mcu_csa_finish(void *priv, u8 *mac, struct ieee80211_vif *vif)
336 ieee80211_csa_finish(vif);
340 mt7915_mcu_rx_radar_detected(struct mt7915_dev *dev, struct sk_buff *skb)
342 struct mt76_phy *mphy = &dev->mt76.phy;
343 struct mt7915_mcu_rdd_report *r;
345 r = (struct mt7915_mcu_rdd_report *)skb->data;
347 if (r->idx && dev->mt76.phy2)
348 mphy = dev->mt76.phy2;
350 ieee80211_radar_detected(mphy->hw);
355 mt7915_mcu_tx_rate_parse(struct mt76_phy *mphy, struct mt7915_mcu_ra_info *ra,
356 struct rate_info *rate, u16 r)
358 struct ieee80211_supported_band *sband;
359 u16 ru_idx = le16_to_cpu(ra->ru_idx);
362 rate->mcs = FIELD_GET(MT_RA_RATE_MCS, r);
363 rate->nss = FIELD_GET(MT_RA_RATE_NSS, r) + 1;
365 switch (FIELD_GET(MT_RA_RATE_TX_MODE, r)) {
366 case MT_PHY_TYPE_CCK:
367 case MT_PHY_TYPE_OFDM:
368 if (mphy->chandef.chan->band == NL80211_BAND_5GHZ)
369 sband = &mphy->sband_5g.sband;
371 sband = &mphy->sband_2g.sband;
373 rate->legacy = sband->bitrates[rate->mcs].bitrate;
376 case MT_PHY_TYPE_HT_GF:
377 rate->mcs += (rate->nss - 1) * 8;
378 flags |= RATE_INFO_FLAGS_MCS;
381 flags |= RATE_INFO_FLAGS_SHORT_GI;
383 case MT_PHY_TYPE_VHT:
384 flags |= RATE_INFO_FLAGS_VHT_MCS;
387 flags |= RATE_INFO_FLAGS_SHORT_GI;
389 case MT_PHY_TYPE_HE_SU:
390 case MT_PHY_TYPE_HE_EXT_SU:
391 case MT_PHY_TYPE_HE_TB:
392 case MT_PHY_TYPE_HE_MU:
393 rate->he_gi = ra->gi;
394 rate->he_dcm = FIELD_GET(MT_RA_RATE_DCM_EN, r);
396 flags |= RATE_INFO_FLAGS_HE_MCS;
406 rate->he_ru_alloc = NL80211_RATE_INFO_HE_RU_ALLOC_996;
409 rate->he_ru_alloc = NL80211_RATE_INFO_HE_RU_ALLOC_484;
412 rate->he_ru_alloc = NL80211_RATE_INFO_HE_RU_ALLOC_242;
415 rate->he_ru_alloc = NL80211_RATE_INFO_HE_RU_ALLOC_106;
418 rate->bw = RATE_INFO_BW_HE_RU;
420 u8 bw = mt7915_mcu_chan_bw(&mphy->chandef) -
421 FIELD_GET(MT_RA_RATE_BW, r);
424 case IEEE80211_STA_RX_BW_160:
425 rate->bw = RATE_INFO_BW_160;
427 case IEEE80211_STA_RX_BW_80:
428 rate->bw = RATE_INFO_BW_80;
430 case IEEE80211_STA_RX_BW_40:
431 rate->bw = RATE_INFO_BW_40;
434 rate->bw = RATE_INFO_BW_20;
441 mt7915_mcu_tx_rate_report(struct mt7915_dev *dev, struct sk_buff *skb)
443 struct mt7915_mcu_ra_info *ra = (struct mt7915_mcu_ra_info *)skb->data;
444 struct rate_info rate = {}, prob_rate = {};
445 u16 probe = le16_to_cpu(ra->prob_up_rate);
446 u16 attempts = le16_to_cpu(ra->attempts);
447 u16 curr = le16_to_cpu(ra->curr_rate);
448 u16 wcidx = le16_to_cpu(ra->wlan_idx);
449 struct mt76_phy *mphy = &dev->mphy;
450 struct mt7915_sta_stats *stats;
451 struct mt7915_sta *msta;
452 struct mt76_wcid *wcid;
454 if (wcidx >= MT76_N_WCIDS)
457 wcid = rcu_dereference(dev->mt76.wcid[wcidx]);
461 msta = container_of(wcid, struct mt7915_sta, wcid);
462 stats = &msta->stats;
464 if (msta->wcid.ext_phy && dev->mt76.phy2)
465 mphy = dev->mt76.phy2;
468 mt7915_mcu_tx_rate_parse(mphy, ra, &rate, curr);
469 stats->tx_rate = rate;
472 mt7915_mcu_tx_rate_parse(mphy, ra, &prob_rate, probe);
473 stats->prob_rate = prob_rate;
476 u16 success = le16_to_cpu(ra->success);
478 stats->per = 1000 * (attempts - success) / attempts;
483 mt7915_mcu_rx_log_message(struct mt7915_dev *dev, struct sk_buff *skb)
485 struct mt7915_mcu_rxd *rxd = (struct mt7915_mcu_rxd *)skb->data;
486 const char *data = (char *)&rxd[1];
489 switch (rxd->s2d_index) {
501 wiphy_info(mt76_hw(dev)->wiphy, "%s: %s", type, data);
505 mt7915_mcu_rx_ext_event(struct mt7915_dev *dev, struct sk_buff *skb)
507 struct mt7915_mcu_rxd *rxd = (struct mt7915_mcu_rxd *)skb->data;
509 switch (rxd->ext_eid) {
510 case MCU_EXT_EVENT_RDD_REPORT:
511 mt7915_mcu_rx_radar_detected(dev, skb);
513 case MCU_EXT_EVENT_CSA_NOTIFY:
514 ieee80211_iterate_active_interfaces_atomic(dev->mt76.hw,
515 IEEE80211_IFACE_ITER_RESUME_ALL,
516 mt7915_mcu_csa_finish, dev);
518 case MCU_EXT_EVENT_RATE_REPORT:
519 mt7915_mcu_tx_rate_report(dev, skb);
521 case MCU_EXT_EVENT_FW_LOG_2_HOST:
522 mt7915_mcu_rx_log_message(dev, skb);
530 mt7915_mcu_rx_unsolicited_event(struct mt7915_dev *dev, struct sk_buff *skb)
532 struct mt7915_mcu_rxd *rxd = (struct mt7915_mcu_rxd *)skb->data;
536 mt7915_mcu_rx_ext_event(dev, skb);
544 void mt7915_mcu_rx_event(struct mt7915_dev *dev, struct sk_buff *skb)
546 struct mt7915_mcu_rxd *rxd = (struct mt7915_mcu_rxd *)skb->data;
548 if (rxd->ext_eid == MCU_EXT_EVENT_THERMAL_PROTECT ||
549 rxd->ext_eid == MCU_EXT_EVENT_FW_LOG_2_HOST ||
550 rxd->ext_eid == MCU_EXT_EVENT_ASSERT_DUMP ||
551 rxd->ext_eid == MCU_EXT_EVENT_PS_SYNC ||
552 rxd->ext_eid == MCU_EXT_EVENT_RATE_REPORT ||
554 mt7915_mcu_rx_unsolicited_event(dev, skb);
556 mt76_mcu_rx_event(&dev->mt76, skb);
559 static struct sk_buff *
560 mt7915_mcu_alloc_sta_req(struct mt7915_dev *dev, struct mt7915_vif *mvif,
561 struct mt7915_sta *msta, int len)
563 struct sta_req_hdr hdr = {
564 .bss_idx = mvif->idx,
565 .wlan_idx_lo = msta ? to_wcid_lo(msta->wcid.idx) : 0,
566 .wlan_idx_hi = msta ? to_wcid_hi(msta->wcid.idx) : 0,
567 .muar_idx = msta ? mvif->omac_idx : 0,
572 skb = mt76_mcu_msg_alloc(&dev->mt76, NULL, len);
574 return ERR_PTR(-ENOMEM);
576 skb_put_data(skb, &hdr, sizeof(hdr));
581 static struct wtbl_req_hdr *
582 mt7915_mcu_alloc_wtbl_req(struct mt7915_dev *dev, struct mt7915_sta *msta,
583 int cmd, void *sta_wtbl, struct sk_buff **skb)
585 struct tlv *sta_hdr = sta_wtbl;
586 struct wtbl_req_hdr hdr = {
587 .wlan_idx_lo = to_wcid_lo(msta->wcid.idx),
588 .wlan_idx_hi = to_wcid_hi(msta->wcid.idx),
591 struct sk_buff *nskb = *skb;
594 nskb = mt76_mcu_msg_alloc(&dev->mt76, NULL,
595 MT7915_WTBL_UPDATE_BA_SIZE);
597 return ERR_PTR(-ENOMEM);
603 sta_hdr->len = cpu_to_le16(sizeof(hdr));
605 return skb_put_data(nskb, &hdr, sizeof(hdr));
609 mt7915_mcu_add_nested_tlv(struct sk_buff *skb, int tag, int len,
610 void *sta_ntlv, void *sta_wtbl)
612 struct sta_ntlv_hdr *ntlv_hdr = sta_ntlv;
613 struct tlv *sta_hdr = sta_wtbl;
614 struct tlv *ptlv, tlv = {
615 .tag = cpu_to_le16(tag),
616 .len = cpu_to_le16(len),
620 ptlv = skb_put(skb, len);
621 memcpy(ptlv, &tlv, sizeof(tlv));
623 ntlv = le16_to_cpu(ntlv_hdr->tlv_num);
624 ntlv_hdr->tlv_num = cpu_to_le16(ntlv + 1);
627 u16 size = le16_to_cpu(sta_hdr->len);
629 sta_hdr->len = cpu_to_le16(size + len);
636 mt7915_mcu_add_tlv(struct sk_buff *skb, int tag, int len)
638 return mt7915_mcu_add_nested_tlv(skb, tag, len, skb->data, NULL);
642 mt7915_mcu_add_nested_subtlv(struct sk_buff *skb, int sub_tag, int sub_len,
643 __le16 *sub_ntlv, __le16 *len)
645 struct tlv *ptlv, tlv = {
646 .tag = cpu_to_le16(sub_tag),
647 .len = cpu_to_le16(sub_len),
650 ptlv = skb_put(skb, sub_len);
651 memcpy(ptlv, &tlv, sizeof(tlv));
653 le16_add_cpu(sub_ntlv, 1);
654 le16_add_cpu(len, sub_len);
661 mt7915_mcu_bss_basic_tlv(struct sk_buff *skb, struct ieee80211_vif *vif,
662 struct mt7915_phy *phy, bool enable)
664 struct mt7915_vif *mvif = (struct mt7915_vif *)vif->drv_priv;
665 struct cfg80211_chan_def *chandef = &phy->mt76->chandef;
666 enum nl80211_band band = chandef->chan->band;
667 struct bss_info_basic *bss;
668 u16 wlan_idx = mvif->sta.wcid.idx;
669 u32 type = NETWORK_INFRA;
672 tlv = mt7915_mcu_add_tlv(skb, BSS_INFO_BASIC, sizeof(*bss));
675 case NL80211_IFTYPE_MESH_POINT:
676 case NL80211_IFTYPE_AP:
677 case NL80211_IFTYPE_MONITOR:
679 case NL80211_IFTYPE_STATION:
680 /* TODO: enable BSS_INFO_UAPSD & BSS_INFO_PM */
682 struct ieee80211_sta *sta;
683 struct mt7915_sta *msta;
686 sta = ieee80211_find_sta(vif, vif->bss_conf.bssid);
692 msta = (struct mt7915_sta *)sta->drv_priv;
693 wlan_idx = msta->wcid.idx;
697 case NL80211_IFTYPE_ADHOC:
705 bss = (struct bss_info_basic *)tlv;
706 bss->network_type = cpu_to_le32(type);
707 bss->bmc_wcid_lo = to_wcid_lo(wlan_idx);
708 bss->bmc_wcid_hi = to_wcid_hi(wlan_idx);
709 bss->wmm_idx = mvif->wmm_idx;
710 bss->active = enable;
712 if (vif->type != NL80211_IFTYPE_MONITOR) {
713 memcpy(bss->bssid, vif->bss_conf.bssid, ETH_ALEN);
714 bss->bcn_interval = cpu_to_le16(vif->bss_conf.beacon_int);
715 bss->dtim_period = vif->bss_conf.dtim_period;
716 bss->phy_mode = mt7915_get_phy_mode(phy->dev, vif, band, NULL);
718 memcpy(bss->bssid, phy->mt76->macaddr, ETH_ALEN);
725 mt7915_mcu_bss_omac_tlv(struct sk_buff *skb, struct ieee80211_vif *vif)
727 struct mt7915_vif *mvif = (struct mt7915_vif *)vif->drv_priv;
728 struct bss_info_omac *omac;
733 tlv = mt7915_mcu_add_tlv(skb, BSS_INFO_OMAC, sizeof(*omac));
736 case NL80211_IFTYPE_MONITOR:
737 case NL80211_IFTYPE_MESH_POINT:
738 case NL80211_IFTYPE_AP:
739 type = CONNECTION_INFRA_AP;
741 case NL80211_IFTYPE_STATION:
742 type = CONNECTION_INFRA_STA;
744 case NL80211_IFTYPE_ADHOC:
745 type = CONNECTION_IBSS_ADHOC;
752 omac = (struct bss_info_omac *)tlv;
753 idx = mvif->omac_idx > EXT_BSSID_START ? HW_BSSID_0 : mvif->omac_idx;
754 omac->conn_type = cpu_to_le32(type);
755 omac->omac_idx = mvif->omac_idx;
756 omac->band_idx = mvif->band_idx;
757 omac->hw_bss_idx = idx;
760 struct mt7915_he_obss_narrow_bw_ru_data {
764 static void mt7915_check_he_obss_narrow_bw_ru_iter(struct wiphy *wiphy,
765 struct cfg80211_bss *bss,
768 struct mt7915_he_obss_narrow_bw_ru_data *data = _data;
769 const struct element *elem;
771 elem = ieee80211_bss_get_elem(bss, WLAN_EID_EXT_CAPABILITY);
773 if (!elem || elem->datalen < 10 ||
775 WLAN_EXT_CAPA10_OBSS_NARROW_BW_RU_TOLERANCE_SUPPORT))
776 data->tolerated = false;
779 static bool mt7915_check_he_obss_narrow_bw_ru(struct ieee80211_hw *hw,
780 struct ieee80211_vif *vif)
782 struct mt7915_he_obss_narrow_bw_ru_data iter_data = {
786 if (!(vif->bss_conf.chandef.chan->flags & IEEE80211_CHAN_RADAR))
789 cfg80211_bss_iter(hw->wiphy, &vif->bss_conf.chandef,
790 mt7915_check_he_obss_narrow_bw_ru_iter,
794 * If there is at least one AP on radar channel that cannot
795 * tolerate 26-tone RU UL OFDMA transmissions using HE TB PPDU.
797 return !iter_data.tolerated;
801 mt7915_mcu_bss_rfch_tlv(struct sk_buff *skb, struct ieee80211_vif *vif,
802 struct mt7915_phy *phy)
804 struct cfg80211_chan_def *chandef = &phy->mt76->chandef;
805 struct bss_info_rf_ch *ch;
807 int freq1 = chandef->center_freq1;
809 tlv = mt7915_mcu_add_tlv(skb, BSS_INFO_RF_CH, sizeof(*ch));
811 ch = (struct bss_info_rf_ch *)tlv;
812 ch->pri_ch = chandef->chan->hw_value;
813 ch->center_ch0 = ieee80211_frequency_to_channel(freq1);
814 ch->bw = mt7915_mcu_chan_bw(chandef);
816 if (chandef->width == NL80211_CHAN_WIDTH_80P80) {
817 int freq2 = chandef->center_freq2;
819 ch->center_ch1 = ieee80211_frequency_to_channel(freq2);
822 if (vif->bss_conf.he_support && vif->type == NL80211_IFTYPE_STATION) {
823 struct mt7915_dev *dev = phy->dev;
824 struct mt76_phy *mphy = &dev->mt76.phy;
825 bool ext_phy = phy != &dev->phy;
827 if (ext_phy && dev->mt76.phy2)
828 mphy = dev->mt76.phy2;
831 mt7915_check_he_obss_narrow_bw_ru(mphy->hw, vif);
832 ch->he_all_disable = false;
834 ch->he_all_disable = true;
839 mt7915_mcu_bss_ra_tlv(struct sk_buff *skb, struct ieee80211_vif *vif,
840 struct mt7915_phy *phy)
842 int max_nss = hweight8(phy->mt76->chainmask);
843 struct bss_info_ra *ra;
846 tlv = mt7915_mcu_add_tlv(skb, BSS_INFO_RA, sizeof(*ra));
848 ra = (struct bss_info_ra *)tlv;
849 ra->op_mode = vif->type == NL80211_IFTYPE_AP;
850 ra->adhoc_en = vif->type == NL80211_IFTYPE_ADHOC;
851 ra->short_preamble = true;
852 ra->tx_streams = max_nss;
853 ra->rx_streams = max_nss;
855 ra->train_up_rule = 2;
856 ra->train_up_high_thres = 110;
857 ra->train_up_rule_rssi = -70;
858 ra->low_traffic_thres = 2;
859 ra->phy_cap = cpu_to_le32(0xfdf);
860 ra->interval = cpu_to_le32(500);
861 ra->fast_interval = cpu_to_le32(100);
865 mt7915_mcu_bss_he_tlv(struct sk_buff *skb, struct ieee80211_vif *vif,
866 struct mt7915_phy *phy)
868 #define DEFAULT_HE_PE_DURATION 4
869 #define DEFAULT_HE_DURATION_RTS_THRES 1023
870 const struct ieee80211_sta_he_cap *cap;
871 struct bss_info_he *he;
874 cap = mt7915_get_he_phy_cap(phy, vif);
876 tlv = mt7915_mcu_add_tlv(skb, BSS_INFO_HE_BASIC, sizeof(*he));
878 he = (struct bss_info_he *)tlv;
879 he->he_pe_duration = vif->bss_conf.htc_trig_based_pkt_ext;
880 if (!he->he_pe_duration)
881 he->he_pe_duration = DEFAULT_HE_PE_DURATION;
883 he->he_rts_thres = cpu_to_le16(vif->bss_conf.frame_time_rts_th);
884 if (!he->he_rts_thres)
885 he->he_rts_thres = cpu_to_le16(DEFAULT_HE_DURATION_RTS_THRES);
887 he->max_nss_mcs[CMD_HE_MCS_BW80] = cap->he_mcs_nss_supp.tx_mcs_80;
888 he->max_nss_mcs[CMD_HE_MCS_BW160] = cap->he_mcs_nss_supp.tx_mcs_160;
889 he->max_nss_mcs[CMD_HE_MCS_BW8080] = cap->he_mcs_nss_supp.tx_mcs_80p80;
893 mt7915_mcu_bss_hw_amsdu_tlv(struct sk_buff *skb)
895 #define TXD_CMP_MAP1 GENMASK(15, 0)
896 #define TXD_CMP_MAP2 (GENMASK(31, 0) & ~BIT(23))
897 struct bss_info_hw_amsdu *amsdu;
900 tlv = mt7915_mcu_add_tlv(skb, BSS_INFO_HW_AMSDU, sizeof(*amsdu));
902 amsdu = (struct bss_info_hw_amsdu *)tlv;
903 amsdu->cmp_bitmap_0 = cpu_to_le32(TXD_CMP_MAP1);
904 amsdu->cmp_bitmap_1 = cpu_to_le32(TXD_CMP_MAP2);
905 amsdu->trig_thres = cpu_to_le16(2);
906 amsdu->enable = true;
910 mt7915_mcu_bss_ext_tlv(struct sk_buff *skb, struct mt7915_vif *mvif)
912 /* SIFS 20us + 512 byte beacon tranmitted by 1Mbps (3906us) */
913 #define BCN_TX_ESTIMATE_TIME (4096 + 20)
914 struct bss_info_ext_bss *ext;
915 int ext_bss_idx, tsf_offset;
918 ext_bss_idx = mvif->omac_idx - EXT_BSSID_START;
922 tlv = mt7915_mcu_add_tlv(skb, BSS_INFO_EXT_BSS, sizeof(*ext));
924 ext = (struct bss_info_ext_bss *)tlv;
925 tsf_offset = ext_bss_idx * BCN_TX_ESTIMATE_TIME;
926 ext->mbss_tsf_offset = cpu_to_le32(tsf_offset);
930 mt7915_mcu_bss_bmc_tlv(struct sk_buff *skb, struct mt7915_phy *phy)
932 struct bss_info_bmc_rate *bmc;
933 struct cfg80211_chan_def *chandef = &phy->mt76->chandef;
934 enum nl80211_band band = chandef->chan->band;
937 tlv = mt7915_mcu_add_tlv(skb, BSS_INFO_BMC_RATE, sizeof(*bmc));
939 bmc = (struct bss_info_bmc_rate *)tlv;
940 if (band == NL80211_BAND_2GHZ) {
941 bmc->short_preamble = true;
943 bmc->bc_trans = cpu_to_le16(0x2000);
944 bmc->mc_trans = cpu_to_le16(0x2080);
949 mt7915_mcu_muar_config(struct mt7915_phy *phy, struct ieee80211_vif *vif,
950 bool bssid, bool enable)
952 struct mt7915_dev *dev = phy->dev;
953 struct mt7915_vif *mvif = (struct mt7915_vif *)vif->drv_priv;
954 u32 idx = mvif->omac_idx - REPEATER_BSSID_START;
955 u32 mask = phy->omac_mask >> 32 & ~BIT(idx);
956 const u8 *addr = vif->addr;
969 .mode = !!mask || enable,
972 .band = phy != &dev->phy,
973 .index = idx * 2 + bssid,
977 addr = vif->bss_conf.bssid;
980 ether_addr_copy(req.addr, addr);
982 return mt76_mcu_send_msg(&dev->mt76, MCU_EXT_CMD(MUAR_UPDATE), &req,
986 int mt7915_mcu_add_bss_info(struct mt7915_phy *phy,
987 struct ieee80211_vif *vif, int enable)
989 struct mt7915_vif *mvif = (struct mt7915_vif *)vif->drv_priv;
992 if (mvif->omac_idx >= REPEATER_BSSID_START)
993 mt7915_mcu_muar_config(phy, vif, true, enable);
995 skb = mt7915_mcu_alloc_sta_req(phy->dev, mvif, NULL,
996 MT7915_BSS_UPDATE_MAX_SIZE);
1000 /* bss_omac must be first */
1002 mt7915_mcu_bss_omac_tlv(skb, vif);
1004 mt7915_mcu_bss_basic_tlv(skb, vif, phy, enable);
1006 if (vif->type == NL80211_IFTYPE_MONITOR)
1010 mt7915_mcu_bss_rfch_tlv(skb, vif, phy);
1011 mt7915_mcu_bss_bmc_tlv(skb, phy);
1012 mt7915_mcu_bss_ra_tlv(skb, vif, phy);
1013 mt7915_mcu_bss_hw_amsdu_tlv(skb);
1015 if (vif->bss_conf.he_support)
1016 mt7915_mcu_bss_he_tlv(skb, vif, phy);
1018 if (mvif->omac_idx >= EXT_BSSID_START &&
1019 mvif->omac_idx < REPEATER_BSSID_START)
1020 mt7915_mcu_bss_ext_tlv(skb, mvif);
1023 return mt76_mcu_skb_send_msg(&phy->dev->mt76, skb,
1024 MCU_EXT_CMD(BSS_INFO_UPDATE), true);
1027 /** starec & wtbl **/
1029 mt7915_mcu_sta_key_tlv(struct mt7915_sta *msta, struct sk_buff *skb,
1030 struct ieee80211_key_conf *key, enum set_key_cmd cmd)
1032 struct mt7915_sta_key_conf *bip = &msta->bip;
1033 struct sta_rec_sec *sec;
1035 u32 len = sizeof(*sec);
1037 tlv = mt7915_mcu_add_tlv(skb, STA_REC_KEY_V2, sizeof(*sec));
1039 sec = (struct sta_rec_sec *)tlv;
1042 if (cmd == SET_KEY) {
1043 struct sec_key *sec_key;
1046 cipher = mt7915_mcu_get_cipher(key->cipher);
1047 if (cipher == MT_CIPHER_NONE)
1050 sec_key = &sec->key[0];
1051 sec_key->cipher_len = sizeof(*sec_key);
1053 if (cipher == MT_CIPHER_BIP_CMAC_128) {
1054 sec_key->cipher_id = MT_CIPHER_AES_CCMP;
1055 sec_key->key_id = bip->keyidx;
1056 sec_key->key_len = 16;
1057 memcpy(sec_key->key, bip->key, 16);
1059 sec_key = &sec->key[1];
1060 sec_key->cipher_id = MT_CIPHER_BIP_CMAC_128;
1061 sec_key->cipher_len = sizeof(*sec_key);
1062 sec_key->key_len = 16;
1063 memcpy(sec_key->key, key->key, 16);
1067 sec_key->cipher_id = cipher;
1068 sec_key->key_id = key->keyidx;
1069 sec_key->key_len = key->keylen;
1070 memcpy(sec_key->key, key->key, key->keylen);
1072 if (cipher == MT_CIPHER_TKIP) {
1073 /* Rx/Tx MIC keys are swapped */
1074 memcpy(sec_key->key + 16, key->key + 24, 8);
1075 memcpy(sec_key->key + 24, key->key + 16, 8);
1078 /* store key_conf for BIP batch update */
1079 if (cipher == MT_CIPHER_AES_CCMP) {
1080 memcpy(bip->key, key->key, key->keylen);
1081 bip->keyidx = key->keyidx;
1084 len -= sizeof(*sec_key);
1088 len -= sizeof(sec->key);
1091 sec->len = cpu_to_le16(len);
1096 int mt7915_mcu_add_key(struct mt7915_dev *dev, struct ieee80211_vif *vif,
1097 struct mt7915_sta *msta, struct ieee80211_key_conf *key,
1098 enum set_key_cmd cmd)
1100 struct mt7915_vif *mvif = (struct mt7915_vif *)vif->drv_priv;
1101 struct sk_buff *skb;
1102 int len = sizeof(struct sta_req_hdr) + sizeof(struct sta_rec_sec);
1105 skb = mt7915_mcu_alloc_sta_req(dev, mvif, msta, len);
1107 return PTR_ERR(skb);
1109 ret = mt7915_mcu_sta_key_tlv(msta, skb, key, cmd);
1113 return mt76_mcu_skb_send_msg(&dev->mt76, skb,
1114 MCU_EXT_CMD(STA_REC_UPDATE), true);
1118 mt7915_mcu_sta_ba_tlv(struct sk_buff *skb,
1119 struct ieee80211_ampdu_params *params,
1120 bool enable, bool tx)
1122 struct sta_rec_ba *ba;
1125 tlv = mt7915_mcu_add_tlv(skb, STA_REC_BA, sizeof(*ba));
1127 ba = (struct sta_rec_ba *)tlv;
1128 ba->ba_type = tx ? MT_BA_TYPE_ORIGINATOR : MT_BA_TYPE_RECIPIENT;
1129 ba->winsize = cpu_to_le16(params->buf_size);
1130 ba->ssn = cpu_to_le16(params->ssn);
1131 ba->ba_en = enable << params->tid;
1132 ba->amsdu = params->amsdu;
1133 ba->tid = params->tid;
1137 mt7915_mcu_wtbl_ba_tlv(struct sk_buff *skb,
1138 struct ieee80211_ampdu_params *params,
1139 bool enable, bool tx, void *sta_wtbl,
1145 tlv = mt7915_mcu_add_nested_tlv(skb, WTBL_BA, sizeof(*ba),
1146 wtbl_tlv, sta_wtbl);
1148 ba = (struct wtbl_ba *)tlv;
1149 ba->tid = params->tid;
1152 ba->ba_type = MT_BA_TYPE_ORIGINATOR;
1153 ba->sn = enable ? cpu_to_le16(params->ssn) : 0;
1156 memcpy(ba->peer_addr, params->sta->addr, ETH_ALEN);
1157 ba->ba_type = MT_BA_TYPE_RECIPIENT;
1158 ba->rst_ba_tid = params->tid;
1159 ba->rst_ba_sel = RST_BA_MAC_TID_MATCH;
1164 ba->ba_winsize = cpu_to_le16(params->buf_size);
1168 mt7915_mcu_sta_ba(struct mt7915_dev *dev,
1169 struct ieee80211_ampdu_params *params,
1170 bool enable, bool tx)
1172 struct mt7915_sta *msta = (struct mt7915_sta *)params->sta->drv_priv;
1173 struct mt7915_vif *mvif = msta->vif;
1174 struct wtbl_req_hdr *wtbl_hdr;
1175 struct tlv *sta_wtbl;
1176 struct sk_buff *skb;
1179 if (enable && tx && !params->amsdu)
1180 msta->wcid.amsdu = false;
1182 skb = mt7915_mcu_alloc_sta_req(dev, mvif, msta,
1183 MT7915_STA_UPDATE_MAX_SIZE);
1185 return PTR_ERR(skb);
1187 sta_wtbl = mt7915_mcu_add_tlv(skb, STA_REC_WTBL, sizeof(struct tlv));
1189 wtbl_hdr = mt7915_mcu_alloc_wtbl_req(dev, msta, WTBL_SET, sta_wtbl,
1191 mt7915_mcu_wtbl_ba_tlv(skb, params, enable, tx, sta_wtbl, wtbl_hdr);
1193 ret = mt76_mcu_skb_send_msg(&dev->mt76, skb,
1194 MCU_EXT_CMD(STA_REC_UPDATE), true);
1198 skb = mt7915_mcu_alloc_sta_req(dev, mvif, msta,
1199 MT7915_STA_UPDATE_MAX_SIZE);
1201 return PTR_ERR(skb);
1203 mt7915_mcu_sta_ba_tlv(skb, params, enable, tx);
1205 return mt76_mcu_skb_send_msg(&dev->mt76, skb,
1206 MCU_EXT_CMD(STA_REC_UPDATE), true);
1209 int mt7915_mcu_add_tx_ba(struct mt7915_dev *dev,
1210 struct ieee80211_ampdu_params *params,
1213 return mt7915_mcu_sta_ba(dev, params, enable, true);
1216 int mt7915_mcu_add_rx_ba(struct mt7915_dev *dev,
1217 struct ieee80211_ampdu_params *params,
1220 return mt7915_mcu_sta_ba(dev, params, enable, false);
1224 mt7915_mcu_wtbl_generic_tlv(struct sk_buff *skb, struct ieee80211_vif *vif,
1225 struct ieee80211_sta *sta, void *sta_wtbl,
1228 struct mt7915_vif *mvif = (struct mt7915_vif *)vif->drv_priv;
1229 struct wtbl_generic *generic;
1233 tlv = mt7915_mcu_add_nested_tlv(skb, WTBL_GENERIC, sizeof(*generic),
1234 wtbl_tlv, sta_wtbl);
1236 generic = (struct wtbl_generic *)tlv;
1239 memcpy(generic->peer_addr, sta->addr, ETH_ALEN);
1240 generic->partial_aid = cpu_to_le16(sta->aid);
1241 generic->muar_idx = mvif->omac_idx;
1242 generic->qos = sta->wme;
1244 /* use BSSID in station mode */
1245 if (vif->type == NL80211_IFTYPE_STATION)
1246 memcpy(generic->peer_addr, vif->bss_conf.bssid,
1249 eth_broadcast_addr(generic->peer_addr);
1251 generic->muar_idx = 0xe;
1254 tlv = mt7915_mcu_add_nested_tlv(skb, WTBL_RX, sizeof(*rx),
1255 wtbl_tlv, sta_wtbl);
1257 rx = (struct wtbl_rx *)tlv;
1258 rx->rca1 = sta ? vif->type != NL80211_IFTYPE_AP : 1;
1264 mt7915_mcu_sta_basic_tlv(struct sk_buff *skb, struct ieee80211_vif *vif,
1265 struct ieee80211_sta *sta, bool enable)
1267 #define EXTRA_INFO_VER BIT(0)
1268 #define EXTRA_INFO_NEW BIT(1)
1269 struct sta_rec_basic *basic;
1272 tlv = mt7915_mcu_add_tlv(skb, STA_REC_BASIC, sizeof(*basic));
1274 basic = (struct sta_rec_basic *)tlv;
1275 basic->extra_info = cpu_to_le16(EXTRA_INFO_VER);
1278 basic->extra_info |= cpu_to_le16(EXTRA_INFO_NEW);
1279 basic->conn_state = CONN_STATE_PORT_SECURE;
1281 basic->conn_state = CONN_STATE_DISCONNECT;
1285 basic->conn_type = cpu_to_le32(CONNECTION_INFRA_BC);
1286 eth_broadcast_addr(basic->peer_addr);
1290 switch (vif->type) {
1291 case NL80211_IFTYPE_MESH_POINT:
1292 case NL80211_IFTYPE_AP:
1293 basic->conn_type = cpu_to_le32(CONNECTION_INFRA_STA);
1295 case NL80211_IFTYPE_STATION:
1296 basic->conn_type = cpu_to_le32(CONNECTION_INFRA_AP);
1298 case NL80211_IFTYPE_ADHOC:
1299 basic->conn_type = cpu_to_le32(CONNECTION_IBSS_ADHOC);
1306 memcpy(basic->peer_addr, sta->addr, ETH_ALEN);
1307 basic->aid = cpu_to_le16(sta->aid);
1308 basic->qos = sta->wme;
1312 mt7915_mcu_sta_he_tlv(struct sk_buff *skb, struct ieee80211_sta *sta)
1314 struct ieee80211_sta_he_cap *he_cap = &sta->he_cap;
1315 struct ieee80211_he_cap_elem *elem = &he_cap->he_cap_elem;
1316 struct sta_rec_he *he;
1320 tlv = mt7915_mcu_add_tlv(skb, STA_REC_HE, sizeof(*he));
1322 he = (struct sta_rec_he *)tlv;
1324 if (elem->mac_cap_info[0] & IEEE80211_HE_MAC_CAP0_HTC_HE)
1325 cap |= STA_REC_HE_CAP_HTC;
1327 if (elem->mac_cap_info[2] & IEEE80211_HE_MAC_CAP2_BSR)
1328 cap |= STA_REC_HE_CAP_BSR;
1330 if (elem->mac_cap_info[3] & IEEE80211_HE_MAC_CAP3_OMI_CONTROL)
1331 cap |= STA_REC_HE_CAP_OM;
1333 if (elem->mac_cap_info[4] & IEEE80211_HE_MAC_CAP4_AMDSU_IN_AMPDU)
1334 cap |= STA_REC_HE_CAP_AMSDU_IN_AMPDU;
1336 if (elem->mac_cap_info[4] & IEEE80211_HE_MAC_CAP4_BQR)
1337 cap |= STA_REC_HE_CAP_BQR;
1339 if (elem->phy_cap_info[0] &
1340 (IEEE80211_HE_PHY_CAP0_CHANNEL_WIDTH_SET_RU_MAPPING_IN_2G |
1341 IEEE80211_HE_PHY_CAP0_CHANNEL_WIDTH_SET_RU_MAPPING_IN_5G))
1342 cap |= STA_REC_HE_CAP_BW20_RU242_SUPPORT;
1344 if (elem->phy_cap_info[1] &
1345 IEEE80211_HE_PHY_CAP1_LDPC_CODING_IN_PAYLOAD)
1346 cap |= STA_REC_HE_CAP_LDPC;
1348 if (elem->phy_cap_info[1] &
1349 IEEE80211_HE_PHY_CAP1_HE_LTF_AND_GI_FOR_HE_PPDUS_0_8US)
1350 cap |= STA_REC_HE_CAP_SU_PPDU_1LTF_8US_GI;
1352 if (elem->phy_cap_info[2] &
1353 IEEE80211_HE_PHY_CAP2_NDP_4x_LTF_AND_3_2US)
1354 cap |= STA_REC_HE_CAP_NDP_4LTF_3DOT2MS_GI;
1356 if (elem->phy_cap_info[2] &
1357 IEEE80211_HE_PHY_CAP2_STBC_TX_UNDER_80MHZ)
1358 cap |= STA_REC_HE_CAP_LE_EQ_80M_TX_STBC;
1360 if (elem->phy_cap_info[2] &
1361 IEEE80211_HE_PHY_CAP2_STBC_RX_UNDER_80MHZ)
1362 cap |= STA_REC_HE_CAP_LE_EQ_80M_RX_STBC;
1364 if (elem->phy_cap_info[6] &
1365 IEEE80211_HE_PHY_CAP6_PARTIAL_BW_EXT_RANGE)
1366 cap |= STA_REC_HE_CAP_PARTIAL_BW_EXT_RANGE;
1368 if (elem->phy_cap_info[7] &
1369 IEEE80211_HE_PHY_CAP7_HE_SU_MU_PPDU_4XLTF_AND_08_US_GI)
1370 cap |= STA_REC_HE_CAP_SU_MU_PPDU_4LTF_8US_GI;
1372 if (elem->phy_cap_info[7] &
1373 IEEE80211_HE_PHY_CAP7_STBC_TX_ABOVE_80MHZ)
1374 cap |= STA_REC_HE_CAP_GT_80M_TX_STBC;
1376 if (elem->phy_cap_info[7] &
1377 IEEE80211_HE_PHY_CAP7_STBC_RX_ABOVE_80MHZ)
1378 cap |= STA_REC_HE_CAP_GT_80M_RX_STBC;
1380 if (elem->phy_cap_info[8] &
1381 IEEE80211_HE_PHY_CAP8_HE_ER_SU_PPDU_4XLTF_AND_08_US_GI)
1382 cap |= STA_REC_HE_CAP_ER_SU_PPDU_4LTF_8US_GI;
1384 if (elem->phy_cap_info[8] &
1385 IEEE80211_HE_PHY_CAP8_HE_ER_SU_1XLTF_AND_08_US_GI)
1386 cap |= STA_REC_HE_CAP_ER_SU_PPDU_1LTF_8US_GI;
1388 if (elem->phy_cap_info[9] &
1389 IEEE80211_HE_PHY_CAP9_NON_TRIGGERED_CQI_FEEDBACK)
1390 cap |= STA_REC_HE_CAP_TRIG_CQI_FK;
1392 if (elem->phy_cap_info[9] &
1393 IEEE80211_HE_PHY_CAP9_TX_1024_QAM_LESS_THAN_242_TONE_RU)
1394 cap |= STA_REC_HE_CAP_TX_1024QAM_UNDER_RU242;
1396 if (elem->phy_cap_info[9] &
1397 IEEE80211_HE_PHY_CAP9_RX_1024_QAM_LESS_THAN_242_TONE_RU)
1398 cap |= STA_REC_HE_CAP_RX_1024QAM_UNDER_RU242;
1400 he->he_cap = cpu_to_le32(cap);
1402 switch (sta->bandwidth) {
1403 case IEEE80211_STA_RX_BW_160:
1404 if (elem->phy_cap_info[0] &
1405 IEEE80211_HE_PHY_CAP0_CHANNEL_WIDTH_SET_80PLUS80_MHZ_IN_5G)
1406 he->max_nss_mcs[CMD_HE_MCS_BW8080] =
1407 he_cap->he_mcs_nss_supp.rx_mcs_80p80;
1409 he->max_nss_mcs[CMD_HE_MCS_BW160] =
1410 he_cap->he_mcs_nss_supp.rx_mcs_160;
1413 he->max_nss_mcs[CMD_HE_MCS_BW80] =
1414 he_cap->he_mcs_nss_supp.rx_mcs_80;
1419 HE_MAC(CAP1_TF_MAC_PAD_DUR_MASK, elem->mac_cap_info[1]);
1421 HE_MAC(CAP3_MAX_AMPDU_LEN_EXP_MASK, elem->mac_cap_info[3]);
1424 HE_PHY(CAP0_CHANNEL_WIDTH_SET_MASK, elem->phy_cap_info[0]);
1426 HE_PHY(CAP1_DEVICE_CLASS_A, elem->phy_cap_info[1]);
1428 HE_PHY(CAP1_PREAMBLE_PUNC_RX_MASK, elem->phy_cap_info[1]);
1431 HE_PHY(CAP3_DCM_MAX_CONST_TX_MASK, elem->phy_cap_info[3]);
1432 he->dcm_tx_max_nss =
1433 HE_PHY(CAP3_DCM_MAX_TX_NSS_2, elem->phy_cap_info[3]);
1435 HE_PHY(CAP3_DCM_MAX_CONST_RX_MASK, elem->phy_cap_info[3]);
1436 he->dcm_rx_max_nss =
1437 HE_PHY(CAP3_DCM_MAX_RX_NSS_2, elem->phy_cap_info[3]);
1438 he->dcm_rx_max_nss =
1439 HE_PHY(CAP8_DCM_MAX_RU_MASK, elem->phy_cap_info[8]);
1445 mt7915_mcu_sta_uapsd_tlv(struct sk_buff *skb, struct ieee80211_sta *sta,
1446 struct ieee80211_vif *vif)
1448 struct sta_rec_uapsd *uapsd;
1451 if (vif->type != NL80211_IFTYPE_AP || !sta->wme)
1454 tlv = mt7915_mcu_add_tlv(skb, STA_REC_APPS, sizeof(*uapsd));
1455 uapsd = (struct sta_rec_uapsd *)tlv;
1457 if (sta->uapsd_queues & IEEE80211_WMM_IE_STA_QOSINFO_AC_VO) {
1458 uapsd->dac_map |= BIT(3);
1459 uapsd->tac_map |= BIT(3);
1461 if (sta->uapsd_queues & IEEE80211_WMM_IE_STA_QOSINFO_AC_VI) {
1462 uapsd->dac_map |= BIT(2);
1463 uapsd->tac_map |= BIT(2);
1465 if (sta->uapsd_queues & IEEE80211_WMM_IE_STA_QOSINFO_AC_BE) {
1466 uapsd->dac_map |= BIT(1);
1467 uapsd->tac_map |= BIT(1);
1469 if (sta->uapsd_queues & IEEE80211_WMM_IE_STA_QOSINFO_AC_BK) {
1470 uapsd->dac_map |= BIT(0);
1471 uapsd->tac_map |= BIT(0);
1473 uapsd->max_sp = sta->max_sp;
1477 mt7915_mcu_sta_muru_tlv(struct sk_buff *skb, struct ieee80211_sta *sta)
1479 struct ieee80211_sta_he_cap *he_cap = &sta->he_cap;
1480 struct ieee80211_he_cap_elem *elem = &he_cap->he_cap_elem;
1481 struct sta_rec_muru *muru;
1484 tlv = mt7915_mcu_add_tlv(skb, STA_REC_MURU, sizeof(*muru));
1486 muru = (struct sta_rec_muru *)tlv;
1487 muru->cfg.ofdma_dl_en = true;
1488 muru->cfg.mimo_dl_en = true;
1490 muru->ofdma_dl.punc_pream_rx =
1491 HE_PHY(CAP1_PREAMBLE_PUNC_RX_MASK, elem->phy_cap_info[1]);
1492 muru->ofdma_dl.he_20m_in_40m_2g =
1493 HE_PHY(CAP8_20MHZ_IN_40MHZ_HE_PPDU_IN_2G, elem->phy_cap_info[8]);
1494 muru->ofdma_dl.he_20m_in_160m =
1495 HE_PHY(CAP8_20MHZ_IN_160MHZ_HE_PPDU, elem->phy_cap_info[8]);
1496 muru->ofdma_dl.he_80m_in_160m =
1497 HE_PHY(CAP8_80MHZ_IN_160MHZ_HE_PPDU, elem->phy_cap_info[8]);
1498 muru->ofdma_dl.lt16_sigb = 0;
1499 muru->ofdma_dl.rx_su_comp_sigb = 0;
1500 muru->ofdma_dl.rx_su_non_comp_sigb = 0;
1502 muru->ofdma_ul.t_frame_dur =
1503 HE_MAC(CAP1_TF_MAC_PAD_DUR_MASK, elem->mac_cap_info[1]);
1504 muru->ofdma_ul.mu_cascading =
1505 HE_MAC(CAP2_MU_CASCADING, elem->mac_cap_info[2]);
1506 muru->ofdma_ul.uo_ra =
1507 HE_MAC(CAP3_OFDMA_RA, elem->mac_cap_info[3]);
1508 muru->ofdma_ul.he_2x996_tone = 0;
1509 muru->ofdma_ul.rx_t_frame_11ac = 0;
1511 muru->mimo_dl.vht_mu_bfee =
1512 !!(sta->vht_cap.cap & IEEE80211_VHT_CAP_MU_BEAMFORMEE_CAPABLE);
1513 muru->mimo_dl.partial_bw_dl_mimo =
1514 HE_PHY(CAP6_PARTIAL_BANDWIDTH_DL_MUMIMO, elem->phy_cap_info[6]);
1516 muru->mimo_ul.full_ul_mimo =
1517 HE_PHY(CAP2_UL_MU_FULL_MU_MIMO, elem->phy_cap_info[2]);
1518 muru->mimo_ul.partial_ul_mimo =
1519 HE_PHY(CAP2_UL_MU_PARTIAL_MU_MIMO, elem->phy_cap_info[2]);
1523 mt7915_mcu_add_mu(struct mt7915_dev *dev, struct ieee80211_vif *vif,
1524 struct ieee80211_sta *sta)
1526 struct mt7915_vif *mvif = (struct mt7915_vif *)vif->drv_priv;
1527 struct mt7915_sta *msta = (struct mt7915_sta *)sta->drv_priv;
1528 struct sk_buff *skb;
1529 int len = sizeof(struct sta_req_hdr) + sizeof(struct sta_rec_muru);
1531 if (!sta->vht_cap.vht_supported && !sta->he_cap.has_he)
1534 skb = mt7915_mcu_alloc_sta_req(dev, mvif, msta, len);
1536 return PTR_ERR(skb);
1539 mt7915_mcu_sta_muru_tlv(skb, sta);
1541 return mt76_mcu_skb_send_msg(&dev->mt76, skb,
1542 MCU_EXT_CMD(STA_REC_UPDATE), true);
1546 mt7915_mcu_sta_amsdu_tlv(struct sk_buff *skb, struct ieee80211_sta *sta)
1548 struct mt7915_sta *msta = (struct mt7915_sta *)sta->drv_priv;
1549 struct sta_rec_amsdu *amsdu;
1552 if (!sta->max_amsdu_len)
1555 tlv = mt7915_mcu_add_tlv(skb, STA_REC_HW_AMSDU, sizeof(*amsdu));
1556 amsdu = (struct sta_rec_amsdu *)tlv;
1557 amsdu->max_amsdu_num = 8;
1558 amsdu->amsdu_en = true;
1559 amsdu->max_mpdu_size = sta->max_amsdu_len >=
1560 IEEE80211_MAX_MPDU_LEN_VHT_7991;
1561 msta->wcid.amsdu = true;
1565 mt7915_hw_amsdu_supported(struct ieee80211_vif *vif)
1567 switch (vif->type) {
1568 case NL80211_IFTYPE_AP:
1569 case NL80211_IFTYPE_STATION:
1577 mt7915_mcu_sta_tlv(struct mt7915_dev *dev, struct sk_buff *skb,
1578 struct ieee80211_sta *sta, struct ieee80211_vif *vif)
1583 if (sta->ht_cap.ht_supported) {
1584 struct sta_rec_ht *ht;
1586 tlv = mt7915_mcu_add_tlv(skb, STA_REC_HT, sizeof(*ht));
1587 ht = (struct sta_rec_ht *)tlv;
1588 ht->ht_cap = cpu_to_le16(sta->ht_cap.cap);
1590 if (mt7915_hw_amsdu_supported(vif))
1591 mt7915_mcu_sta_amsdu_tlv(skb, sta);
1595 if (sta->vht_cap.vht_supported) {
1596 struct sta_rec_vht *vht;
1598 tlv = mt7915_mcu_add_tlv(skb, STA_REC_VHT, sizeof(*vht));
1599 vht = (struct sta_rec_vht *)tlv;
1600 vht->vht_cap = cpu_to_le32(sta->vht_cap.cap);
1601 vht->vht_rx_mcs_map = sta->vht_cap.vht_mcs.rx_mcs_map;
1602 vht->vht_tx_mcs_map = sta->vht_cap.vht_mcs.tx_mcs_map;
1606 if (sta->he_cap.has_he)
1607 mt7915_mcu_sta_he_tlv(skb, sta);
1610 mt7915_mcu_sta_uapsd_tlv(skb, sta, vif);
1614 mt7915_mcu_wtbl_smps_tlv(struct sk_buff *skb, struct ieee80211_sta *sta,
1615 void *sta_wtbl, void *wtbl_tlv)
1617 struct wtbl_smps *smps;
1620 tlv = mt7915_mcu_add_nested_tlv(skb, WTBL_SMPS, sizeof(*smps),
1621 wtbl_tlv, sta_wtbl);
1622 smps = (struct wtbl_smps *)tlv;
1624 if (sta->smps_mode == IEEE80211_SMPS_DYNAMIC)
1629 mt7915_mcu_wtbl_ht_tlv(struct sk_buff *skb, struct ieee80211_sta *sta,
1630 void *sta_wtbl, void *wtbl_tlv)
1632 struct wtbl_ht *ht = NULL;
1636 if (sta->ht_cap.ht_supported) {
1637 tlv = mt7915_mcu_add_nested_tlv(skb, WTBL_HT, sizeof(*ht),
1638 wtbl_tlv, sta_wtbl);
1639 ht = (struct wtbl_ht *)tlv;
1640 ht->ldpc = !!(sta->ht_cap.cap & IEEE80211_HT_CAP_LDPC_CODING);
1641 ht->af = sta->ht_cap.ampdu_factor;
1642 ht->mm = sta->ht_cap.ampdu_density;
1647 if (sta->vht_cap.vht_supported) {
1648 struct wtbl_vht *vht;
1651 tlv = mt7915_mcu_add_nested_tlv(skb, WTBL_VHT, sizeof(*vht),
1652 wtbl_tlv, sta_wtbl);
1653 vht = (struct wtbl_vht *)tlv;
1654 vht->ldpc = !!(sta->vht_cap.cap & IEEE80211_VHT_CAP_RXLDPC);
1657 af = FIELD_GET(IEEE80211_VHT_CAP_MAX_A_MPDU_LENGTH_EXPONENT_MASK,
1660 ht->af = max_t(u8, ht->af, af);
1663 mt7915_mcu_wtbl_smps_tlv(skb, sta, sta_wtbl, wtbl_tlv);
1667 mt7915_mcu_wtbl_hdr_trans_tlv(struct sk_buff *skb, struct ieee80211_vif *vif,
1668 struct ieee80211_sta *sta,
1669 void *sta_wtbl, void *wtbl_tlv)
1671 struct mt7915_sta *msta;
1672 struct wtbl_hdr_trans *htr = NULL;
1675 tlv = mt7915_mcu_add_nested_tlv(skb, WTBL_HDR_TRANS, sizeof(*htr),
1676 wtbl_tlv, sta_wtbl);
1677 htr = (struct wtbl_hdr_trans *)tlv;
1678 htr->no_rx_trans = true;
1679 if (vif->type == NL80211_IFTYPE_STATION)
1682 htr->from_ds = true;
1687 msta = (struct mt7915_sta *)sta->drv_priv;
1688 if (test_bit(MT_WCID_FLAG_4ADDR, &msta->wcid.flags)) {
1690 htr->from_ds = true;
1694 int mt7915_mcu_sta_update_hdr_trans(struct mt7915_dev *dev,
1695 struct ieee80211_vif *vif,
1696 struct ieee80211_sta *sta)
1698 struct mt7915_sta *msta = (struct mt7915_sta *)sta->drv_priv;
1699 struct wtbl_req_hdr *wtbl_hdr;
1700 struct sk_buff *skb;
1702 skb = mt76_mcu_msg_alloc(&dev->mt76, NULL, MT7915_WTBL_UPDATE_MAX_SIZE);
1706 wtbl_hdr = mt7915_mcu_alloc_wtbl_req(dev, msta, WTBL_SET, NULL, &skb);
1707 mt7915_mcu_wtbl_hdr_trans_tlv(skb, vif, sta, NULL, wtbl_hdr);
1709 return mt76_mcu_skb_send_msg(&dev->mt76, skb, MCU_EXT_CMD(WTBL_UPDATE),
1713 int mt7915_mcu_add_smps(struct mt7915_dev *dev, struct ieee80211_vif *vif,
1714 struct ieee80211_sta *sta)
1716 struct mt7915_vif *mvif = (struct mt7915_vif *)vif->drv_priv;
1717 struct mt7915_sta *msta = (struct mt7915_sta *)sta->drv_priv;
1718 struct wtbl_req_hdr *wtbl_hdr;
1719 struct tlv *sta_wtbl;
1720 struct sk_buff *skb;
1722 skb = mt7915_mcu_alloc_sta_req(dev, mvif, msta,
1723 MT7915_STA_UPDATE_MAX_SIZE);
1725 return PTR_ERR(skb);
1727 sta_wtbl = mt7915_mcu_add_tlv(skb, STA_REC_WTBL, sizeof(struct tlv));
1729 wtbl_hdr = mt7915_mcu_alloc_wtbl_req(dev, msta, WTBL_SET, sta_wtbl,
1731 mt7915_mcu_wtbl_smps_tlv(skb, sta, sta_wtbl, wtbl_hdr);
1733 return mt76_mcu_skb_send_msg(&dev->mt76, skb,
1734 MCU_EXT_CMD(STA_REC_UPDATE), true);
1738 mt7915_mcu_sta_sounding_rate(struct sta_rec_bf *bf)
1740 bf->bf_cap = MT_EBF;
1741 bf->sounding_phy = MT_PHY_TYPE_OFDM;
1742 bf->ndp_rate = 0; /* mcs0 */
1743 bf->ndpa_rate = MT7915_CFEND_RATE_DEFAULT; /* ofdm 24m */
1744 bf->rept_poll_rate = MT7915_CFEND_RATE_DEFAULT; /* ofdm 24m */
1748 mt7915_mcu_sta_bfer_ht(struct ieee80211_sta *sta, struct mt7915_phy *phy,
1749 struct sta_rec_bf *bf)
1751 struct ieee80211_mcs_info *mcs = &sta->ht_cap.mcs;
1754 bf->tx_mode = MT_PHY_TYPE_HT;
1755 bf->bf_cap = MT_IBF;
1757 if (mcs->tx_params & IEEE80211_HT_MCS_TX_RX_DIFF &&
1758 (mcs->tx_params & IEEE80211_HT_MCS_TX_DEFINED))
1759 n = FIELD_GET(IEEE80211_HT_MCS_TX_MAX_STREAMS_MASK,
1761 else if (mcs->rx_mask[3])
1763 else if (mcs->rx_mask[2])
1765 else if (mcs->rx_mask[1])
1768 bf->nr = hweight8(phy->mt76->chainmask) - 1;
1769 bf->nc = min_t(u8, bf->nr, n);
1774 mt7915_mcu_sta_bfer_vht(struct ieee80211_sta *sta, struct mt7915_phy *phy,
1775 struct sta_rec_bf *bf, bool explicit)
1777 struct ieee80211_sta_vht_cap *pc = &sta->vht_cap;
1778 struct ieee80211_sta_vht_cap *vc = &phy->mt76->sband_5g.sband.vht_cap;
1779 u16 mcs_map = le16_to_cpu(pc->vht_mcs.rx_mcs_map);
1780 u8 nss_mcs = mt7915_mcu_get_sta_nss(mcs_map);
1781 u8 tx_ant = hweight8(phy->mt76->chainmask) - 1;
1783 bf->tx_mode = MT_PHY_TYPE_VHT;
1786 u8 bfee_nr, bfer_nr;
1788 mt7915_mcu_sta_sounding_rate(bf);
1789 bfee_nr = FIELD_GET(IEEE80211_VHT_CAP_BEAMFORMEE_STS_MASK,
1791 bfer_nr = FIELD_GET(IEEE80211_VHT_CAP_SOUNDING_DIMENSIONS_MASK,
1793 bf->nr = min_t(u8, min_t(u8, bfer_nr, bfee_nr), tx_ant);
1794 bf->nc = min_t(u8, nss_mcs, bf->nr);
1795 bf->ibf_ncol = bf->nc;
1797 if (sta->bandwidth == IEEE80211_STA_RX_BW_160)
1800 bf->bf_cap = MT_IBF;
1802 bf->nc = min_t(u8, nss_mcs, bf->nr);
1803 bf->ibf_ncol = nss_mcs;
1805 if (sta->bandwidth == IEEE80211_STA_RX_BW_160)
1811 mt7915_mcu_sta_bfer_he(struct ieee80211_sta *sta, struct ieee80211_vif *vif,
1812 struct mt7915_phy *phy, struct sta_rec_bf *bf)
1814 struct ieee80211_sta_he_cap *pc = &sta->he_cap;
1815 struct ieee80211_he_cap_elem *pe = &pc->he_cap_elem;
1816 const struct ieee80211_sta_he_cap *vc = mt7915_get_he_phy_cap(phy, vif);
1817 const struct ieee80211_he_cap_elem *ve = &vc->he_cap_elem;
1818 u16 mcs_map = le16_to_cpu(pc->he_mcs_nss_supp.rx_mcs_80);
1819 u8 nss_mcs = mt7915_mcu_get_sta_nss(mcs_map);
1820 u8 bfee_nr, bfer_nr;
1822 bf->tx_mode = MT_PHY_TYPE_HE_SU;
1823 mt7915_mcu_sta_sounding_rate(bf);
1824 bf->trigger_su = HE_PHY(CAP6_TRIG_SU_BEAMFORMER_FB,
1825 pe->phy_cap_info[6]);
1826 bf->trigger_mu = HE_PHY(CAP6_TRIG_MU_BEAMFORMER_FB,
1827 pe->phy_cap_info[6]);
1828 bfer_nr = HE_PHY(CAP5_BEAMFORMEE_NUM_SND_DIM_UNDER_80MHZ_MASK,
1829 ve->phy_cap_info[5]);
1830 bfee_nr = HE_PHY(CAP4_BEAMFORMEE_MAX_STS_UNDER_80MHZ_MASK,
1831 pe->phy_cap_info[4]);
1832 bf->nr = min_t(u8, bfer_nr, bfee_nr);
1833 bf->nc = min_t(u8, nss_mcs, bf->nr);
1834 bf->ibf_ncol = bf->nc;
1836 if (sta->bandwidth != IEEE80211_STA_RX_BW_160)
1839 /* go over for 160MHz and 80p80 */
1840 if (pe->phy_cap_info[0] &
1841 IEEE80211_HE_PHY_CAP0_CHANNEL_WIDTH_SET_160MHZ_IN_5G) {
1842 mcs_map = le16_to_cpu(pc->he_mcs_nss_supp.rx_mcs_160);
1843 nss_mcs = mt7915_mcu_get_sta_nss(mcs_map);
1845 bf->nc_bw160 = nss_mcs;
1848 if (pe->phy_cap_info[0] &
1849 IEEE80211_HE_PHY_CAP0_CHANNEL_WIDTH_SET_80PLUS80_MHZ_IN_5G) {
1850 mcs_map = le16_to_cpu(pc->he_mcs_nss_supp.rx_mcs_80p80);
1851 nss_mcs = mt7915_mcu_get_sta_nss(mcs_map);
1854 bf->nc_bw160 = min_t(u8, bf->nc_bw160, nss_mcs);
1856 bf->nc_bw160 = nss_mcs;
1859 bfer_nr = HE_PHY(CAP5_BEAMFORMEE_NUM_SND_DIM_ABOVE_80MHZ_MASK,
1860 ve->phy_cap_info[5]);
1861 bfee_nr = HE_PHY(CAP4_BEAMFORMEE_MAX_STS_ABOVE_80MHZ_MASK,
1862 pe->phy_cap_info[4]);
1864 bf->nr_bw160 = min_t(int, bfer_nr, bfee_nr);
1868 mt7915_mcu_sta_bfer_tlv(struct sk_buff *skb, struct ieee80211_sta *sta,
1869 struct ieee80211_vif *vif, struct mt7915_phy *phy,
1870 bool enable, bool explicit)
1872 int tx_ant = hweight8(phy->mt76->chainmask) - 1;
1873 struct sta_rec_bf *bf;
1875 const u8 matrix[4][4] = {
1877 {1, 1, 0, 0}, /* 2x1, 2x2, 2x3, 2x4 */
1878 {2, 4, 4, 0}, /* 3x1, 3x2, 3x3, 3x4 */
1879 {3, 5, 6, 0} /* 4x1, 4x2, 4x3, 4x4 */
1882 #define MT_BFER_FREE cpu_to_le16(GENMASK(15, 0))
1884 tlv = mt7915_mcu_add_tlv(skb, STA_REC_BF, sizeof(*bf));
1885 bf = (struct sta_rec_bf *)tlv;
1888 bf->pfmu = MT_BFER_FREE;
1892 /* he: eBF only, in accordance with spec
1893 * vht: support eBF and iBF
1894 * ht: iBF only, since mac80211 lacks of eBF support
1896 if (sta->he_cap.has_he && explicit)
1897 mt7915_mcu_sta_bfer_he(sta, vif, phy, bf);
1898 else if (sta->vht_cap.vht_supported)
1899 mt7915_mcu_sta_bfer_vht(sta, phy, bf, explicit);
1900 else if (sta->ht_cap.ht_supported)
1901 mt7915_mcu_sta_bfer_ht(sta, phy, bf);
1905 bf->bw = sta->bandwidth;
1906 bf->ibf_dbw = sta->bandwidth;
1907 bf->ibf_nrow = tx_ant;
1909 if (!explicit && sta->bandwidth <= IEEE80211_STA_RX_BW_40 && !bf->nc)
1910 bf->ibf_timeout = 0x48;
1912 bf->ibf_timeout = 0x18;
1914 if (explicit && bf->nr != tx_ant)
1915 bf->mem_20m = matrix[tx_ant][bf->nc];
1917 bf->mem_20m = matrix[bf->nr][bf->nc];
1919 switch (sta->bandwidth) {
1920 case IEEE80211_STA_RX_BW_160:
1921 case IEEE80211_STA_RX_BW_80:
1922 bf->mem_total = bf->mem_20m * 2;
1924 case IEEE80211_STA_RX_BW_40:
1925 bf->mem_total = bf->mem_20m;
1927 case IEEE80211_STA_RX_BW_20:
1934 mt7915_mcu_sta_bfee_tlv(struct sk_buff *skb, struct ieee80211_sta *sta,
1935 struct mt7915_phy *phy)
1937 int tx_ant = hweight8(phy->mt76->chainmask) - 1;
1938 struct sta_rec_bfee *bfee;
1942 tlv = mt7915_mcu_add_tlv(skb, STA_REC_BFEE, sizeof(*bfee));
1943 bfee = (struct sta_rec_bfee *)tlv;
1945 if (sta->he_cap.has_he) {
1946 struct ieee80211_he_cap_elem *pe = &sta->he_cap.he_cap_elem;
1948 nr = HE_PHY(CAP5_BEAMFORMEE_NUM_SND_DIM_UNDER_80MHZ_MASK,
1949 pe->phy_cap_info[5]);
1950 } else if (sta->vht_cap.vht_supported) {
1951 struct ieee80211_sta_vht_cap *pc = &sta->vht_cap;
1953 nr = FIELD_GET(IEEE80211_VHT_CAP_SOUNDING_DIMENSIONS_MASK,
1957 /* reply with identity matrix to avoid 2x2 BF negative gain */
1958 bfee->fb_identity_matrix = !!(nr == 1 && tx_ant == 2);
1962 mt7915_mcu_add_txbf(struct mt7915_dev *dev, struct ieee80211_vif *vif,
1963 struct ieee80211_sta *sta, bool enable)
1965 struct mt7915_vif *mvif = (struct mt7915_vif *)vif->drv_priv;
1966 struct mt7915_sta *msta = (struct mt7915_sta *)sta->drv_priv;
1967 struct mt7915_phy *phy;
1968 struct sk_buff *skb;
1970 bool ebfee = 0, ebf = 0;
1972 if (vif->type != NL80211_IFTYPE_STATION &&
1973 vif->type != NL80211_IFTYPE_AP)
1976 phy = mvif->band_idx ? mt7915_ext_phy(dev) : &dev->phy;
1978 if (sta->he_cap.has_he) {
1979 struct ieee80211_he_cap_elem *pe;
1980 const struct ieee80211_he_cap_elem *ve;
1981 const struct ieee80211_sta_he_cap *vc;
1983 pe = &sta->he_cap.he_cap_elem;
1984 vc = mt7915_get_he_phy_cap(phy, vif);
1985 ve = &vc->he_cap_elem;
1987 ebfee = !!((HE_PHY(CAP3_SU_BEAMFORMER, pe->phy_cap_info[3]) ||
1988 HE_PHY(CAP4_MU_BEAMFORMER, pe->phy_cap_info[4])) &&
1989 HE_PHY(CAP4_SU_BEAMFORMEE, ve->phy_cap_info[4]));
1990 ebf = !!((HE_PHY(CAP3_SU_BEAMFORMER, ve->phy_cap_info[3]) ||
1991 HE_PHY(CAP4_MU_BEAMFORMER, ve->phy_cap_info[4])) &&
1992 HE_PHY(CAP4_SU_BEAMFORMEE, pe->phy_cap_info[4]));
1993 } else if (sta->vht_cap.vht_supported) {
1994 struct ieee80211_sta_vht_cap *pc;
1995 struct ieee80211_sta_vht_cap *vc;
1999 vc = &phy->mt76->sband_5g.sband.vht_cap;
2000 cr = IEEE80211_VHT_CAP_SU_BEAMFORMER_CAPABLE |
2001 IEEE80211_VHT_CAP_MU_BEAMFORMER_CAPABLE;
2002 ce = IEEE80211_VHT_CAP_SU_BEAMFORMEE_CAPABLE |
2003 IEEE80211_VHT_CAP_MU_BEAMFORMEE_CAPABLE;
2005 ebfee = !!((pc->cap & cr) && (vc->cap & ce));
2006 ebf = !!((vc->cap & cr) && (pc->cap & ce));
2009 /* must keep each tag independent */
2012 if (ebf || dev->ibf) {
2013 len = sizeof(struct sta_req_hdr) + sizeof(struct sta_rec_bf);
2015 skb = mt7915_mcu_alloc_sta_req(dev, mvif, msta, len);
2017 return PTR_ERR(skb);
2019 mt7915_mcu_sta_bfer_tlv(skb, sta, vif, phy, enable, ebf);
2021 r = mt76_mcu_skb_send_msg(&dev->mt76, skb,
2022 MCU_EXT_CMD(STA_REC_UPDATE), true);
2029 len = sizeof(struct sta_req_hdr) + sizeof(struct sta_rec_bfee);
2031 skb = mt7915_mcu_alloc_sta_req(dev, mvif, msta, len);
2033 return PTR_ERR(skb);
2035 mt7915_mcu_sta_bfee_tlv(skb, sta, phy);
2037 r = mt76_mcu_skb_send_msg(&dev->mt76, skb,
2038 MCU_EXT_CMD(STA_REC_UPDATE), true);
2047 mt7915_mcu_sta_rate_ctrl_tlv(struct sk_buff *skb, struct mt7915_dev *dev,
2048 struct ieee80211_vif *vif,
2049 struct ieee80211_sta *sta)
2051 struct cfg80211_chan_def *chandef = &dev->mphy.chandef;
2052 struct sta_rec_ra *ra;
2054 enum nl80211_band band = chandef->chan->band;
2055 u32 supp_rate = sta->supp_rates[band];
2056 int n_rates = hweight32(supp_rate);
2057 u32 cap = sta->wme ? STA_CAP_WMM : 0;
2058 u8 i, nss = sta->rx_nss, mcs = 0;
2060 tlv = mt7915_mcu_add_tlv(skb, STA_REC_RA, sizeof(*ra));
2062 ra = (struct sta_rec_ra *)tlv;
2064 ra->auto_rate = true;
2065 ra->phy_mode = mt7915_get_phy_mode(dev, vif, band, sta);
2066 ra->channel = chandef->chan->hw_value;
2067 ra->bw = sta->bandwidth;
2068 ra->rate_len = n_rates;
2069 ra->phy.bw = sta->bandwidth;
2072 if (band == NL80211_BAND_2GHZ) {
2073 ra->supp_mode = MODE_CCK;
2074 ra->supp_cck_rate = supp_rate & GENMASK(3, 0);
2075 ra->phy.type = MT_PHY_TYPE_CCK;
2078 ra->supp_mode |= MODE_OFDM;
2079 ra->supp_ofdm_rate = supp_rate >> 4;
2080 ra->phy.type = MT_PHY_TYPE_OFDM;
2083 ra->supp_mode = MODE_OFDM;
2084 ra->supp_ofdm_rate = supp_rate;
2085 ra->phy.type = MT_PHY_TYPE_OFDM;
2089 if (sta->ht_cap.ht_supported) {
2090 for (i = 0; i < nss; i++)
2091 ra->ht_mcs[i] = sta->ht_cap.mcs.rx_mask[i];
2093 ra->supp_ht_mcs = *(__le32 *)ra->ht_mcs;
2094 ra->supp_mode |= MODE_HT;
2095 mcs = hweight32(le32_to_cpu(ra->supp_ht_mcs)) - 1;
2096 ra->af = sta->ht_cap.ampdu_factor;
2097 ra->ht_gf = !!(sta->ht_cap.cap & IEEE80211_HT_CAP_GRN_FLD);
2100 if (sta->ht_cap.cap & IEEE80211_HT_CAP_SGI_20)
2101 cap |= STA_CAP_SGI_20;
2102 if (sta->ht_cap.cap & IEEE80211_HT_CAP_SGI_40)
2103 cap |= STA_CAP_SGI_40;
2104 if (sta->ht_cap.cap & IEEE80211_HT_CAP_TX_STBC)
2105 cap |= STA_CAP_TX_STBC;
2106 if (sta->ht_cap.cap & IEEE80211_HT_CAP_RX_STBC)
2107 cap |= STA_CAP_RX_STBC;
2108 if (sta->ht_cap.cap & IEEE80211_HT_CAP_LDPC_CODING)
2109 cap |= STA_CAP_LDPC;
2112 if (sta->vht_cap.vht_supported) {
2113 u16 mcs_map = le16_to_cpu(sta->vht_cap.vht_mcs.rx_mcs_map);
2117 af = FIELD_GET(IEEE80211_VHT_CAP_MAX_A_MPDU_LENGTH_EXPONENT_MASK,
2119 ra->af = max_t(u8, ra->af, af);
2122 if (sta->vht_cap.cap & IEEE80211_VHT_CAP_SHORT_GI_80)
2123 cap |= STA_CAP_VHT_SGI_80;
2124 if (sta->vht_cap.cap & IEEE80211_VHT_CAP_SHORT_GI_160)
2125 cap |= STA_CAP_VHT_SGI_160;
2126 if (sta->vht_cap.cap & IEEE80211_VHT_CAP_TXSTBC)
2127 cap |= STA_CAP_VHT_TX_STBC;
2128 if (sta->vht_cap.cap & IEEE80211_VHT_CAP_RXSTBC_1)
2129 cap |= STA_CAP_VHT_RX_STBC;
2130 if (sta->vht_cap.cap & IEEE80211_VHT_CAP_RXLDPC)
2131 cap |= STA_CAP_VHT_LDPC;
2133 ra->supp_mode |= MODE_VHT;
2134 for (mcs = 0, i = 0; i < nss; i++, mcs_map >>= 2) {
2135 switch (mcs_map & 0x3) {
2136 case IEEE80211_VHT_MCS_SUPPORT_0_9:
2137 vht_mcs = GENMASK(9, 0);
2139 case IEEE80211_VHT_MCS_SUPPORT_0_8:
2140 vht_mcs = GENMASK(8, 0);
2142 case IEEE80211_VHT_MCS_SUPPORT_0_7:
2143 vht_mcs = GENMASK(7, 0);
2149 ra->supp_vht_mcs[i] = cpu_to_le16(vht_mcs);
2151 mcs_prev = hweight16(vht_mcs) - 1;
2155 /* only support 2ss on 160MHz */
2156 if (i > 1 && (ra->bw == CMD_CBW_160MHZ ||
2157 ra->bw == CMD_CBW_8080MHZ))
2162 if (sta->he_cap.has_he) {
2163 ra->supp_mode |= MODE_HE;
2167 ra->sta_status = cpu_to_le32(cap);
2169 switch (BIT(fls(ra->supp_mode) - 1)) {
2171 ra->phy.type = MT_PHY_TYPE_VHT;
2174 ra->phy.stbc = !!(sta->vht_cap.cap & IEEE80211_VHT_CAP_TXSTBC);
2175 ra->phy.ldpc = !!(sta->vht_cap.cap & IEEE80211_VHT_CAP_RXLDPC);
2177 !!(sta->vht_cap.cap & IEEE80211_VHT_CAP_SHORT_GI_80);
2180 ra->phy.type = MT_PHY_TYPE_HT;
2182 ra->phy.ldpc = sta->ht_cap.cap & IEEE80211_HT_CAP_LDPC_CODING;
2183 ra->phy.stbc = !!(sta->ht_cap.cap & IEEE80211_HT_CAP_TX_STBC);
2184 ra->phy.sgi = !!(sta->ht_cap.cap & IEEE80211_HT_CAP_SGI_20);
2191 int mt7915_mcu_add_rate_ctrl(struct mt7915_dev *dev, struct ieee80211_vif *vif,
2192 struct ieee80211_sta *sta)
2194 struct mt7915_vif *mvif = (struct mt7915_vif *)vif->drv_priv;
2195 struct mt7915_sta *msta = (struct mt7915_sta *)sta->drv_priv;
2196 struct sk_buff *skb;
2197 int len = sizeof(struct sta_req_hdr) + sizeof(struct sta_rec_ra);
2199 skb = mt7915_mcu_alloc_sta_req(dev, mvif, msta, len);
2201 return PTR_ERR(skb);
2203 mt7915_mcu_sta_rate_ctrl_tlv(skb, dev, vif, sta);
2205 return mt76_mcu_skb_send_msg(&dev->mt76, skb,
2206 MCU_EXT_CMD(STA_REC_UPDATE), true);
2209 int mt7915_mcu_add_sta_adv(struct mt7915_dev *dev, struct ieee80211_vif *vif,
2210 struct ieee80211_sta *sta, bool enable)
2217 /* must keep the order */
2218 ret = mt7915_mcu_add_txbf(dev, vif, sta, enable);
2222 ret = mt7915_mcu_add_mu(dev, vif, sta);
2227 return mt7915_mcu_add_rate_ctrl(dev, vif, sta);
2232 int mt7915_mcu_add_sta(struct mt7915_dev *dev, struct ieee80211_vif *vif,
2233 struct ieee80211_sta *sta, bool enable)
2235 struct mt7915_vif *mvif = (struct mt7915_vif *)vif->drv_priv;
2236 struct wtbl_req_hdr *wtbl_hdr;
2237 struct mt7915_sta *msta;
2238 struct tlv *sta_wtbl;
2239 struct sk_buff *skb;
2241 msta = sta ? (struct mt7915_sta *)sta->drv_priv : &mvif->sta;
2243 skb = mt7915_mcu_alloc_sta_req(dev, mvif, msta,
2244 MT7915_STA_UPDATE_MAX_SIZE);
2246 return PTR_ERR(skb);
2248 mt7915_mcu_sta_basic_tlv(skb, vif, sta, enable);
2250 mt7915_mcu_sta_tlv(dev, skb, sta, vif);
2252 sta_wtbl = mt7915_mcu_add_tlv(skb, STA_REC_WTBL, sizeof(struct tlv));
2254 wtbl_hdr = mt7915_mcu_alloc_wtbl_req(dev, msta, WTBL_RESET_AND_SET,
2257 mt7915_mcu_wtbl_generic_tlv(skb, vif, sta, sta_wtbl, wtbl_hdr);
2258 mt7915_mcu_wtbl_hdr_trans_tlv(skb, vif, sta, sta_wtbl, wtbl_hdr);
2260 mt7915_mcu_wtbl_ht_tlv(skb, sta, sta_wtbl, wtbl_hdr);
2263 return mt76_mcu_skb_send_msg(&dev->mt76, skb,
2264 MCU_EXT_CMD(STA_REC_UPDATE), true);
2267 int mt7915_mcu_set_fixed_rate(struct mt7915_dev *dev,
2268 struct ieee80211_sta *sta, u32 rate)
2270 struct mt7915_sta *msta = (struct mt7915_sta *)sta->drv_priv;
2271 struct mt7915_vif *mvif = msta->vif;
2272 struct sta_rec_ra_fixed *ra;
2273 struct sk_buff *skb;
2275 int len = sizeof(struct sta_req_hdr) + sizeof(*ra);
2277 skb = mt7915_mcu_alloc_sta_req(dev, mvif, msta, len);
2279 return PTR_ERR(skb);
2281 tlv = mt7915_mcu_add_tlv(skb, STA_REC_RA_UPDATE, sizeof(*ra));
2282 ra = (struct sta_rec_ra_fixed *)tlv;
2285 ra->field = cpu_to_le32(RATE_PARAM_AUTO);
2288 ra->field = cpu_to_le32(RATE_PARAM_FIXED);
2291 ra->phy.type = FIELD_GET(RATE_CFG_PHY_TYPE, rate);
2292 ra->phy.bw = FIELD_GET(RATE_CFG_BW, rate);
2293 ra->phy.nss = FIELD_GET(RATE_CFG_NSS, rate);
2294 ra->phy.mcs = FIELD_GET(RATE_CFG_MCS, rate);
2295 ra->phy.stbc = FIELD_GET(RATE_CFG_STBC, rate);
2300 ra->phy.ldpc = FIELD_GET(RATE_CFG_LDPC, rate) * 7;
2302 /* HT/VHT - SGI: 1, LGI: 0; HE - SGI: 0, MGI: 1, LGI: 2 */
2303 if (ra->phy.type > MT_PHY_TYPE_VHT)
2304 ra->phy.sgi = ra->phy.mcs * 85;
2306 ra->phy.sgi = ra->phy.mcs * 15;
2309 return mt76_mcu_skb_send_msg(&dev->mt76, skb,
2310 MCU_EXT_CMD(STA_REC_UPDATE), true);
2313 int mt7915_mcu_add_dev_info(struct mt7915_phy *phy,
2314 struct ieee80211_vif *vif, bool enable)
2316 struct mt7915_dev *dev = phy->dev;
2317 struct mt7915_vif *mvif = (struct mt7915_vif *)vif->drv_priv;
2331 u8 omac_addr[ETH_ALEN];
2335 .omac_idx = mvif->omac_idx,
2336 .dbdc_idx = mvif->band_idx,
2337 .tlv_num = cpu_to_le16(1),
2341 .tag = cpu_to_le16(DEV_INFO_ACTIVE),
2342 .len = cpu_to_le16(sizeof(struct req_tlv)),
2344 .dbdc_idx = mvif->band_idx,
2348 if (mvif->omac_idx >= REPEATER_BSSID_START)
2349 return mt7915_mcu_muar_config(phy, vif, false, enable);
2351 memcpy(data.tlv.omac_addr, vif->addr, ETH_ALEN);
2352 return mt76_mcu_send_msg(&dev->mt76, MCU_EXT_CMD(DEV_INFO_UPDATE),
2353 &data, sizeof(data), true);
2357 mt7915_mcu_beacon_csa(struct sk_buff *rskb, struct sk_buff *skb,
2358 struct bss_info_bcn *bcn,
2359 struct ieee80211_mutable_offsets *offs)
2361 if (offs->cntdwn_counter_offs[0]) {
2363 struct bss_info_bcn_csa *csa;
2365 tlv = mt7915_mcu_add_nested_subtlv(rskb, BSS_INFO_BCN_CSA,
2366 sizeof(*csa), &bcn->sub_ntlv,
2368 csa = (struct bss_info_bcn_csa *)tlv;
2369 csa->cnt = skb->data[offs->cntdwn_counter_offs[0]];
2374 mt7915_mcu_beacon_cont(struct mt7915_dev *dev, struct sk_buff *rskb,
2375 struct sk_buff *skb, struct bss_info_bcn *bcn,
2376 struct ieee80211_mutable_offsets *offs)
2378 struct mt76_wcid *wcid = &dev->mt76.global_wcid;
2379 struct bss_info_bcn_cont *cont;
2382 int len = sizeof(*cont) + MT_TXD_SIZE + skb->len;
2384 tlv = mt7915_mcu_add_nested_subtlv(rskb, BSS_INFO_BCN_CONTENT,
2385 len, &bcn->sub_ntlv, &bcn->len);
2387 cont = (struct bss_info_bcn_cont *)tlv;
2388 cont->pkt_len = cpu_to_le16(MT_TXD_SIZE + skb->len);
2389 cont->tim_ofs = cpu_to_le16(offs->tim_offset);
2391 if (offs->cntdwn_counter_offs[0])
2392 cont->csa_ofs = cpu_to_le16(offs->cntdwn_counter_offs[0] - 4);
2394 buf = (u8 *)tlv + sizeof(*cont);
2395 mt7915_mac_write_txwi(dev, (__le32 *)buf, skb, wcid, NULL,
2397 memcpy(buf + MT_TXD_SIZE, skb->data, skb->len);
2400 int mt7915_mcu_add_beacon(struct ieee80211_hw *hw,
2401 struct ieee80211_vif *vif, int en)
2403 #define MAX_BEACON_SIZE 512
2404 struct mt7915_dev *dev = mt7915_hw_dev(hw);
2405 struct mt7915_phy *phy = mt7915_hw_phy(hw);
2406 struct mt7915_vif *mvif = (struct mt7915_vif *)vif->drv_priv;
2407 struct ieee80211_mutable_offsets offs;
2408 struct ieee80211_tx_info *info;
2409 struct sk_buff *skb, *rskb;
2411 struct bss_info_bcn *bcn;
2412 int len = MT7915_BEACON_UPDATE_SIZE + MAX_BEACON_SIZE;
2414 skb = ieee80211_beacon_get_template(hw, vif, &offs);
2418 if (skb->len > MAX_BEACON_SIZE - MT_TXD_SIZE) {
2419 dev_err(dev->mt76.dev, "Bcn size limit exceed\n");
2424 rskb = mt7915_mcu_alloc_sta_req(dev, mvif, NULL, len);
2427 return PTR_ERR(rskb);
2430 tlv = mt7915_mcu_add_tlv(rskb, BSS_INFO_OFFLOAD, sizeof(*bcn));
2431 bcn = (struct bss_info_bcn *)tlv;
2434 if (mvif->band_idx) {
2435 info = IEEE80211_SKB_CB(skb);
2436 info->hw_queue |= MT_TX_HW_QUEUE_EXT_PHY;
2439 /* TODO: subtag - bss color count & 11v MBSSID */
2440 mt7915_mcu_beacon_csa(rskb, skb, bcn, &offs);
2441 mt7915_mcu_beacon_cont(dev, rskb, skb, bcn, &offs);
2444 return mt76_mcu_skb_send_msg(&phy->dev->mt76, rskb,
2445 MCU_EXT_CMD(BSS_INFO_UPDATE), true);
2448 static int mt7915_mcu_start_firmware(struct mt7915_dev *dev, u32 addr,
2455 .option = cpu_to_le32(option),
2456 .addr = cpu_to_le32(addr),
2459 return mt76_mcu_send_msg(&dev->mt76, MCU_CMD(FW_START_REQ), &req,
2463 static int mt7915_mcu_restart(struct mt76_dev *dev)
2472 return mt76_mcu_send_msg(dev, MCU_CMD(NIC_POWER_CTRL), &req,
2473 sizeof(req), false);
2476 static int mt7915_mcu_patch_sem_ctrl(struct mt7915_dev *dev, bool get)
2481 .op = cpu_to_le32(get ? PATCH_SEM_GET : PATCH_SEM_RELEASE),
2484 return mt76_mcu_send_msg(&dev->mt76, MCU_CMD(PATCH_SEM_CONTROL), &req,
2488 static int mt7915_mcu_start_patch(struct mt7915_dev *dev)
2497 return mt76_mcu_send_msg(&dev->mt76, MCU_CMD(PATCH_FINISH_REQ), &req,
2501 static int mt7915_driver_own(struct mt7915_dev *dev)
2503 u32 reg = mt7915_reg_map_l1(dev, MT_TOP_LPCR_HOST_BAND0);
2505 mt76_wr(dev, reg, MT_TOP_LPCR_HOST_DRV_OWN);
2506 if (!mt76_poll_msec(dev, reg, MT_TOP_LPCR_HOST_FW_OWN,
2508 dev_err(dev->mt76.dev, "Timeout for driver own\n");
2515 static int mt7915_mcu_init_download(struct mt7915_dev *dev, u32 addr,
2523 .addr = cpu_to_le32(addr),
2524 .len = cpu_to_le32(len),
2525 .mode = cpu_to_le32(mode),
2529 if (req.addr == cpu_to_le32(MCU_PATCH_ADDRESS))
2530 attr = MCU_CMD(PATCH_START_REQ);
2532 attr = MCU_CMD(TARGET_ADDRESS_LEN_REQ);
2534 return mt76_mcu_send_msg(&dev->mt76, attr, &req, sizeof(req), true);
2537 static int mt7915_load_patch(struct mt7915_dev *dev)
2539 const struct mt7915_patch_hdr *hdr;
2540 const struct firmware *fw = NULL;
2543 sem = mt7915_mcu_patch_sem_ctrl(dev, 1);
2547 case PATCH_NOT_DL_SEM_SUCCESS:
2550 dev_err(dev->mt76.dev, "Failed to get patch semaphore\n");
2554 ret = request_firmware(&fw, MT7915_ROM_PATCH, dev->mt76.dev);
2558 if (!fw || !fw->data || fw->size < sizeof(*hdr)) {
2559 dev_err(dev->mt76.dev, "Invalid firmware\n");
2564 hdr = (const struct mt7915_patch_hdr *)(fw->data);
2566 dev_info(dev->mt76.dev, "HW/SW Version: 0x%x, Build Time: %.16s\n",
2567 be32_to_cpu(hdr->hw_sw_ver), hdr->build_date);
2569 for (i = 0; i < be32_to_cpu(hdr->desc.n_region); i++) {
2570 struct mt7915_patch_sec *sec;
2574 sec = (struct mt7915_patch_sec *)(fw->data + sizeof(*hdr) +
2576 if ((be32_to_cpu(sec->type) & PATCH_SEC_TYPE_MASK) !=
2577 PATCH_SEC_TYPE_INFO) {
2582 addr = be32_to_cpu(sec->info.addr);
2583 len = be32_to_cpu(sec->info.len);
2584 dl = fw->data + be32_to_cpu(sec->offs);
2586 ret = mt7915_mcu_init_download(dev, addr, len,
2589 dev_err(dev->mt76.dev, "Download request failed\n");
2593 ret = mt76_mcu_send_firmware(&dev->mt76, MCU_CMD(FW_SCATTER),
2596 dev_err(dev->mt76.dev, "Failed to send patch\n");
2601 ret = mt7915_mcu_start_patch(dev);
2603 dev_err(dev->mt76.dev, "Failed to start patch\n");
2606 sem = mt7915_mcu_patch_sem_ctrl(dev, 0);
2608 case PATCH_REL_SEM_SUCCESS:
2612 dev_err(dev->mt76.dev, "Failed to release patch semaphore\n");
2615 release_firmware(fw);
2620 static u32 mt7915_mcu_gen_dl_mode(u8 feature_set, bool is_wa)
2624 ret |= (feature_set & FW_FEATURE_SET_ENCRYPT) ?
2625 (DL_MODE_ENCRYPT | DL_MODE_RESET_SEC_IV) : 0;
2626 ret |= FIELD_PREP(DL_MODE_KEY_IDX,
2627 FIELD_GET(FW_FEATURE_SET_KEY_IDX, feature_set));
2628 ret |= DL_MODE_NEED_RSP;
2629 ret |= is_wa ? DL_MODE_WORKING_PDA_CR4 : 0;
2635 mt7915_mcu_send_ram_firmware(struct mt7915_dev *dev,
2636 const struct mt7915_fw_trailer *hdr,
2637 const u8 *data, bool is_wa)
2640 u32 override = 0, option = 0;
2642 for (i = 0; i < hdr->n_region; i++) {
2643 const struct mt7915_fw_region *region;
2645 u32 len, addr, mode;
2647 region = (const struct mt7915_fw_region *)((const u8 *)hdr -
2648 (hdr->n_region - i) * sizeof(*region));
2649 mode = mt7915_mcu_gen_dl_mode(region->feature_set, is_wa);
2650 len = le32_to_cpu(region->len);
2651 addr = le32_to_cpu(region->addr);
2653 if (region->feature_set & FW_FEATURE_OVERRIDE_ADDR)
2656 err = mt7915_mcu_init_download(dev, addr, len, mode);
2658 dev_err(dev->mt76.dev, "Download request failed\n");
2662 err = mt76_mcu_send_firmware(&dev->mt76, MCU_CMD(FW_SCATTER),
2663 data + offset, len);
2665 dev_err(dev->mt76.dev, "Failed to send firmware.\n");
2673 option |= FW_START_OVERRIDE;
2676 option |= FW_START_WORKING_PDA_CR4;
2678 return mt7915_mcu_start_firmware(dev, override, option);
2681 static int mt7915_load_ram(struct mt7915_dev *dev)
2683 const struct mt7915_fw_trailer *hdr;
2684 const struct firmware *fw;
2687 ret = request_firmware(&fw, MT7915_FIRMWARE_WM, dev->mt76.dev);
2691 if (!fw || !fw->data || fw->size < sizeof(*hdr)) {
2692 dev_err(dev->mt76.dev, "Invalid firmware\n");
2697 hdr = (const struct mt7915_fw_trailer *)(fw->data + fw->size -
2700 dev_info(dev->mt76.dev, "WM Firmware Version: %.10s, Build Time: %.15s\n",
2701 hdr->fw_ver, hdr->build_date);
2703 ret = mt7915_mcu_send_ram_firmware(dev, hdr, fw->data, false);
2705 dev_err(dev->mt76.dev, "Failed to start WM firmware\n");
2709 release_firmware(fw);
2711 ret = request_firmware(&fw, MT7915_FIRMWARE_WA, dev->mt76.dev);
2715 if (!fw || !fw->data || fw->size < sizeof(*hdr)) {
2716 dev_err(dev->mt76.dev, "Invalid firmware\n");
2721 hdr = (const struct mt7915_fw_trailer *)(fw->data + fw->size -
2724 dev_info(dev->mt76.dev, "WA Firmware Version: %.10s, Build Time: %.15s\n",
2725 hdr->fw_ver, hdr->build_date);
2727 ret = mt7915_mcu_send_ram_firmware(dev, hdr, fw->data, true);
2729 dev_err(dev->mt76.dev, "Failed to start WA firmware\n");
2733 snprintf(dev->mt76.hw->wiphy->fw_version,
2734 sizeof(dev->mt76.hw->wiphy->fw_version),
2735 "%.10s-%.15s", hdr->fw_ver, hdr->build_date);
2738 release_firmware(fw);
2743 static int mt7915_load_firmware(struct mt7915_dev *dev)
2746 u32 val, reg = mt7915_reg_map_l1(dev, MT_TOP_MISC);
2748 val = FIELD_PREP(MT_TOP_MISC_FW_STATE, FW_STATE_FW_DOWNLOAD);
2750 if (!mt76_poll_msec(dev, reg, MT_TOP_MISC_FW_STATE, val, 1000)) {
2751 /* restart firmware once */
2752 __mt76_mcu_restart(&dev->mt76);
2753 if (!mt76_poll_msec(dev, reg, MT_TOP_MISC_FW_STATE,
2755 dev_err(dev->mt76.dev,
2756 "Firmware is not ready for download\n");
2761 ret = mt7915_load_patch(dev);
2765 ret = mt7915_load_ram(dev);
2769 if (!mt76_poll_msec(dev, reg, MT_TOP_MISC_FW_STATE,
2770 FIELD_PREP(MT_TOP_MISC_FW_STATE,
2771 FW_STATE_WACPU_RDY), 1000)) {
2772 dev_err(dev->mt76.dev, "Timeout for initializing firmware\n");
2776 mt76_queue_tx_cleanup(dev, dev->mt76.q_mcu[MT_MCUQ_FWDL], false);
2778 dev_dbg(dev->mt76.dev, "Firmware init done\n");
2783 int mt7915_mcu_fw_log_2_host(struct mt7915_dev *dev, u8 ctrl)
2792 return mt76_mcu_send_msg(&dev->mt76, MCU_EXT_CMD(FW_LOG_2_HOST), &data,
2793 sizeof(data), true);
2796 int mt7915_mcu_fw_dbg_ctrl(struct mt7915_dev *dev, u32 module, u8 level)
2806 .module_idx = cpu_to_le32(module),
2810 return mt76_mcu_send_msg(&dev->mt76, MCU_EXT_CMD(FW_DBG_CTRL), &data,
2811 sizeof(data), false);
2814 static int mt7915_mcu_set_mwds(struct mt7915_dev *dev, bool enabled)
2823 return mt76_mcu_send_msg(&dev->mt76, MCU_WA_EXT_CMD(MWDS_SUPPORT), &req,
2824 sizeof(req), false);
2827 int mt7915_mcu_init(struct mt7915_dev *dev)
2829 static const struct mt76_mcu_ops mt7915_mcu_ops = {
2830 .headroom = sizeof(struct mt7915_mcu_txd),
2831 .mcu_skb_send_msg = mt7915_mcu_send_message,
2832 .mcu_parse_response = mt7915_mcu_parse_response,
2833 .mcu_restart = mt7915_mcu_restart,
2837 dev->mt76.mcu_ops = &mt7915_mcu_ops;
2839 ret = mt7915_driver_own(dev);
2843 ret = mt7915_load_firmware(dev);
2847 set_bit(MT76_STATE_MCU_RUNNING, &dev->mphy.state);
2848 mt7915_mcu_fw_log_2_host(dev, 0);
2849 mt7915_mcu_set_mwds(dev, 1);
2850 mt7915_mcu_wa_cmd(dev, MCU_WA_PARAM_CMD(SET), MCU_WA_PARAM_RED, 0, 0);
2855 void mt7915_mcu_exit(struct mt7915_dev *dev)
2857 u32 reg = mt7915_reg_map_l1(dev, MT_TOP_MISC);
2859 __mt76_mcu_restart(&dev->mt76);
2860 if (!mt76_poll_msec(dev, reg, MT_TOP_MISC_FW_STATE,
2861 FIELD_PREP(MT_TOP_MISC_FW_STATE,
2862 FW_STATE_FW_DOWNLOAD), 1000)) {
2863 dev_err(dev->mt76.dev, "Failed to exit mcu\n");
2867 reg = mt7915_reg_map_l1(dev, MT_TOP_LPCR_HOST_BAND0);
2868 mt76_wr(dev, reg, MT_TOP_LPCR_HOST_FW_OWN);
2869 skb_queue_purge(&dev->mt76.mcu.res_q);
2872 int mt7915_mcu_set_mac(struct mt7915_dev *dev, int band,
2873 bool enable, bool hdr_trans)
2884 } __packed req_trans = {
2885 .enable = hdr_trans,
2891 } __packed req_mac = {
2897 ret = mt76_mcu_send_msg(&dev->mt76, MCU_EXT_CMD(RX_HDR_TRANS),
2898 &req_trans, sizeof(req_trans), false);
2902 return mt76_mcu_send_msg(&dev->mt76, MCU_EXT_CMD(MAC_INIT_CTRL),
2903 &req_mac, sizeof(req_mac), true);
2906 int mt7915_mcu_set_scs(struct mt7915_dev *dev, u8 band, bool enable)
2913 .cmd = cpu_to_le32(SCS_ENABLE),
2915 .enable = enable + 1,
2918 return mt76_mcu_send_msg(&dev->mt76, MCU_EXT_CMD(SCS_CTRL), &req,
2919 sizeof(req), false);
2922 int mt7915_mcu_set_rts_thresh(struct mt7915_phy *phy, u32 val)
2924 struct mt7915_dev *dev = phy->dev;
2933 .band = phy != &dev->phy,
2934 .len_thresh = cpu_to_le32(val),
2935 .pkt_thresh = cpu_to_le32(0x2),
2938 return mt76_mcu_send_msg(&dev->mt76, MCU_EXT_CMD(PROTECT_CTRL), &req,
2942 int mt7915_mcu_update_edca(struct mt7915_dev *dev, void *param)
2944 struct mt7915_mcu_tx *req = (struct mt7915_mcu_tx *)param;
2945 u8 num = req->total;
2946 size_t len = sizeof(*req) -
2947 (IEEE80211_NUM_ACS - num) * sizeof(struct edca);
2949 return mt76_mcu_send_msg(&dev->mt76, MCU_EXT_CMD(EDCA_UPDATE), req,
2953 int mt7915_mcu_set_tx(struct mt7915_dev *dev, struct ieee80211_vif *vif)
2955 #define TX_CMD_MODE 1
2956 struct mt7915_mcu_tx req = {
2958 .mode = TX_CMD_MODE,
2959 .total = IEEE80211_NUM_ACS,
2961 struct mt7915_vif *mvif = (struct mt7915_vif *)vif->drv_priv;
2964 for (ac = 0; ac < IEEE80211_NUM_ACS; ac++) {
2965 struct ieee80211_tx_queue_params *q = &mvif->queue_params[ac];
2966 struct edca *e = &req.edca[ac];
2968 e->set = WMM_PARAM_SET;
2969 e->queue = ac + mvif->wmm_idx * MT7915_MAX_WMM_SETS;
2971 e->txop = cpu_to_le16(q->txop);
2974 e->cw_min = fls(q->cw_min);
2979 e->cw_max = cpu_to_le16(fls(q->cw_max));
2981 e->cw_max = cpu_to_le16(10);
2984 return mt7915_mcu_update_edca(dev, &req);
2987 int mt7915_mcu_set_pm(struct mt7915_dev *dev, int band, int enter)
2989 #define ENTER_PM_STATE 1
2990 #define EXIT_PM_STATE 2
2997 __le16 bcn_interval;
3010 .pm_state = (enter) ? ENTER_PM_STATE : EXIT_PM_STATE,
3014 return mt76_mcu_send_msg(&dev->mt76, MCU_EXT_CMD(PM_STATE_CTRL), &req,
3018 int mt7915_mcu_rdd_cmd(struct mt7915_dev *dev,
3019 enum mt7915_rdd_cmd cmd, u8 index,
3031 .rdd_rx_sel = rx_sel,
3035 return mt76_mcu_send_msg(&dev->mt76, MCU_EXT_CMD(SET_RDD_CTRL), &req,
3039 int mt7915_mcu_set_fcc5_lpn(struct mt7915_dev *dev, int val)
3046 .tag = cpu_to_le32(0x1),
3047 .min_lpn = cpu_to_le16(val),
3050 return mt76_mcu_send_msg(&dev->mt76, MCU_EXT_CMD(SET_RDD_TH), &req,
3054 int mt7915_mcu_set_pulse_th(struct mt7915_dev *dev,
3055 const struct mt7915_dfs_pulse *pulse)
3060 __le32 max_width; /* us */
3061 __le32 max_pwr; /* dbm */
3062 __le32 min_pwr; /* dbm */
3063 __le32 min_stgr_pri; /* us */
3064 __le32 max_stgr_pri; /* us */
3065 __le32 min_cr_pri; /* us */
3066 __le32 max_cr_pri; /* us */
3068 .tag = cpu_to_le32(0x3),
3070 #define __req_field(field) .field = cpu_to_le32(pulse->field)
3071 __req_field(max_width),
3072 __req_field(max_pwr),
3073 __req_field(min_pwr),
3074 __req_field(min_stgr_pri),
3075 __req_field(max_stgr_pri),
3076 __req_field(min_cr_pri),
3077 __req_field(max_cr_pri),
3081 return mt76_mcu_send_msg(&dev->mt76, MCU_EXT_CMD(SET_RDD_TH), &req,
3085 int mt7915_mcu_set_radar_th(struct mt7915_dev *dev, int index,
3086 const struct mt7915_dfs_pattern *pattern)
3107 __le32 min_stgpr_diff;
3109 .tag = cpu_to_le32(0x2),
3110 .radar_type = cpu_to_le16(index),
3112 #define __req_field_u8(field) .field = pattern->field
3113 #define __req_field_u32(field) .field = cpu_to_le32(pattern->field)
3114 __req_field_u8(enb),
3115 __req_field_u8(stgr),
3116 __req_field_u8(min_crpn),
3117 __req_field_u8(max_crpn),
3118 __req_field_u8(min_crpr),
3119 __req_field_u8(min_pw),
3120 __req_field_u32(min_pri),
3121 __req_field_u32(max_pri),
3122 __req_field_u8(max_pw),
3123 __req_field_u8(min_crbn),
3124 __req_field_u8(max_crbn),
3125 __req_field_u8(min_stgpn),
3126 __req_field_u8(max_stgpn),
3127 __req_field_u8(min_stgpr),
3128 __req_field_u32(min_stgpr_diff),
3129 #undef __req_field_u8
3130 #undef __req_field_u32
3133 return mt76_mcu_send_msg(&dev->mt76, MCU_EXT_CMD(SET_RDD_TH), &req,
3137 int mt7915_mcu_set_chan_info(struct mt7915_phy *phy, int cmd)
3139 struct mt7915_dev *dev = phy->dev;
3140 struct cfg80211_chan_def *chandef = &phy->mt76->chandef;
3141 int freq1 = chandef->center_freq1;
3142 bool ext_phy = phy != &dev->phy;
3148 u8 rx_streams; /* mask or num */
3151 u8 center_ch2; /* for 80+80 only */
3155 __le32 outband_freq;
3161 .control_ch = chandef->chan->hw_value,
3162 .center_ch = ieee80211_frequency_to_channel(freq1),
3163 .bw = mt7915_mcu_chan_bw(chandef),
3164 .tx_streams_num = hweight8(phy->mt76->antenna_mask),
3165 .rx_streams = phy->mt76->antenna_mask,
3166 .band_idx = ext_phy,
3167 .channel_band = chandef->chan->band,
3170 #ifdef CONFIG_NL80211_TESTMODE
3171 if (phy->mt76->test.tx_antenna_mask &&
3172 (phy->mt76->test.state == MT76_TM_STATE_TX_FRAMES ||
3173 phy->mt76->test.state == MT76_TM_STATE_RX_FRAMES ||
3174 phy->mt76->test.state == MT76_TM_STATE_TX_CONT)) {
3175 req.tx_streams_num = fls(phy->mt76->test.tx_antenna_mask);
3176 req.rx_streams = phy->mt76->test.tx_antenna_mask;
3179 req.tx_streams_num = 2;
3180 req.rx_streams >>= 2;
3185 if (dev->mt76.hw->conf.flags & IEEE80211_CONF_OFFCHANNEL)
3186 req.switch_reason = CH_SWITCH_SCAN_BYPASS_DPD;
3187 else if ((chandef->chan->flags & IEEE80211_CHAN_RADAR) &&
3188 chandef->chan->dfs_state != NL80211_DFS_AVAILABLE)
3189 req.switch_reason = CH_SWITCH_DFS;
3191 req.switch_reason = CH_SWITCH_NORMAL;
3193 if (cmd == MCU_EXT_CMD(CHANNEL_SWITCH))
3194 req.rx_streams = hweight8(req.rx_streams);
3196 if (chandef->width == NL80211_CHAN_WIDTH_80P80) {
3197 int freq2 = chandef->center_freq2;
3199 req.center_ch2 = ieee80211_frequency_to_channel(freq2);
3202 return mt76_mcu_send_msg(&dev->mt76, cmd, &req, sizeof(req), true);
3205 static int mt7915_mcu_set_eeprom_flash(struct mt7915_dev *dev)
3207 #define TOTAL_PAGE_MASK GENMASK(7, 5)
3208 #define PAGE_IDX_MASK GENMASK(4, 2)
3209 #define PER_PAGE_SIZE 0x400
3210 struct mt7915_mcu_eeprom req = { .buffer_mode = EE_MODE_BUFFER };
3211 u8 total = MT7915_EEPROM_SIZE / PER_PAGE_SIZE;
3212 u8 *eep = (u8 *)dev->mt76.eeprom.data;
3216 for (i = 0; i <= total; i++, eep += eep_len) {
3217 struct sk_buff *skb;
3221 eep_len = MT7915_EEPROM_SIZE % PER_PAGE_SIZE;
3223 eep_len = PER_PAGE_SIZE;
3225 skb = mt76_mcu_msg_alloc(&dev->mt76, NULL,
3226 sizeof(req) + eep_len);
3230 req.format = FIELD_PREP(TOTAL_PAGE_MASK, total) |
3231 FIELD_PREP(PAGE_IDX_MASK, i) | EE_FORMAT_WHOLE;
3232 req.len = cpu_to_le16(eep_len);
3234 skb_put_data(skb, &req, sizeof(req));
3235 skb_put_data(skb, eep, eep_len);
3237 ret = mt76_mcu_skb_send_msg(&dev->mt76, skb,
3238 MCU_EXT_CMD(EFUSE_BUFFER_MODE), true);
3246 int mt7915_mcu_set_eeprom(struct mt7915_dev *dev)
3248 struct mt7915_mcu_eeprom req = {
3249 .buffer_mode = EE_MODE_EFUSE,
3250 .format = EE_FORMAT_WHOLE,
3253 if (dev->flash_mode)
3254 return mt7915_mcu_set_eeprom_flash(dev);
3256 return mt76_mcu_send_msg(&dev->mt76, MCU_EXT_CMD(EFUSE_BUFFER_MODE),
3257 &req, sizeof(req), true);
3260 int mt7915_mcu_get_eeprom(struct mt7915_dev *dev, u32 offset)
3262 struct mt7915_mcu_eeprom_info req = {
3263 .addr = cpu_to_le32(round_down(offset, 16)),
3265 struct mt7915_mcu_eeprom_info *res;
3266 struct sk_buff *skb;
3270 ret = mt76_mcu_send_and_get_msg(&dev->mt76, MCU_EXT_QUERY(EFUSE_ACCESS), &req,
3271 sizeof(req), true, &skb);
3275 res = (struct mt7915_mcu_eeprom_info *)skb->data;
3276 buf = dev->mt76.eeprom.data + le32_to_cpu(res->addr);
3277 memcpy(buf, res->data, 16);
3283 int mt7915_mcu_get_temperature(struct mt7915_dev *dev, int index)
3291 .ctrl_id = THERMAL_SENSOR_TEMP_QUERY,
3295 return mt76_mcu_send_msg(&dev->mt76, MCU_EXT_CMD(THERMAL_CTRL), &req,
3299 int mt7915_mcu_get_tx_rate(struct mt7915_dev *dev, u32 cmd, u16 wlan_idx)
3308 .cmd = cpu_to_le32(cmd),
3309 .wlan_idx = cpu_to_le16(wlan_idx),
3310 .dump_group = cpu_to_le16(1),
3313 return mt76_mcu_send_msg(&dev->mt76, MCU_EXT_CMD(RATE_CTRL), &req,
3314 sizeof(req), false);
3317 int mt7915_mcu_set_sku(struct mt7915_phy *phy)
3319 struct mt7915_dev *dev = phy->dev;
3320 struct mt76_phy *mphy = phy->mt76;
3321 struct ieee80211_hw *hw = mphy->hw;
3322 struct mt7915_sku_val {
3326 s8 val[MT7915_SKU_RATE_NUM];
3329 .dbdc_idx = phy != &dev->phy,
3334 delta = dev->rate_power[mphy->chandef.chan->band];
3335 mphy->txpower_cur = hw->conf.power_level * 2 +
3336 delta[MT7915_SKU_MAX_DELTA_IDX];
3338 for (i = 0; i < MT7915_SKU_RATE_NUM; i++)
3339 req.val[i] = hw->conf.power_level * 2 + delta[i];
3341 return mt76_mcu_send_msg(&dev->mt76,
3342 MCU_EXT_CMD(TX_POWER_FEATURE_CTRL), &req,
3346 int mt7915_mcu_set_test_param(struct mt7915_dev *dev, u8 param, bool test_mode,
3359 .test_mode_en = test_mode,
3364 return mt76_mcu_send_msg(&dev->mt76, MCU_EXT_CMD(ATE_CTRL), &req,
3365 sizeof(req), false);
3368 int mt7915_mcu_set_sku_en(struct mt7915_phy *phy, bool enable)
3370 struct mt7915_dev *dev = phy->dev;
3378 .dbdc_idx = phy != &dev->phy,
3379 .sku_enable = enable,
3382 return mt76_mcu_send_msg(&dev->mt76,
3383 MCU_EXT_CMD(TX_POWER_FEATURE_CTRL), &req,
3387 int mt7915_mcu_set_ser(struct mt7915_dev *dev, u8 action, u8 set, u8 band)
3400 return mt76_mcu_send_msg(&dev->mt76, MCU_EXT_CMD(SET_SER_TRIGGER),
3401 &req, sizeof(req), false);
3404 int mt7915_mcu_set_txbf_module(struct mt7915_dev *dev)
3406 #define MT_BF_MODULE_UPDATE 25
3414 .action = MT_BF_MODULE_UPDATE,
3416 .bf_bitmap = GENMASK(1, 0),
3419 return mt76_mcu_send_msg(&dev->mt76, MCU_EXT_CMD(TXBF_ACTION), &req,
3423 int mt7915_mcu_set_txbf_type(struct mt7915_dev *dev)
3425 #define MT_BF_TYPE_UPDATE 20
3432 .action = MT_BF_TYPE_UPDATE,
3437 return mt76_mcu_send_msg(&dev->mt76, MCU_EXT_CMD(TXBF_ACTION), &req,
3441 int mt7915_mcu_set_txbf_sounding(struct mt7915_dev *dev)
3443 #define MT_BF_PROCESSING 4
3450 __le32 snd_period; /* ms */
3453 .snd_mode = MT_BF_PROCESSING,
3456 return mt76_mcu_send_msg(&dev->mt76, MCU_EXT_CMD(TXBF_ACTION), &req,
3460 int mt7915_mcu_add_obss_spr(struct mt7915_dev *dev, struct ieee80211_vif *vif,
3463 #define MT_SPR_ENABLE 1
3464 struct mt7915_vif *mvif = (struct mt7915_vif *)vif->drv_priv;
3471 u8 sta_idx; /* 256 sta */
3475 .action = MT_SPR_ENABLE,
3477 .band_idx = mvif->band_idx,
3478 .val = cpu_to_le32(enable),
3481 return mt76_mcu_send_msg(&dev->mt76, MCU_EXT_CMD(SET_SPR), &req,
3485 int mt7915_mcu_get_rx_rate(struct mt7915_phy *phy, struct ieee80211_vif *vif,
3486 struct ieee80211_sta *sta, struct rate_info *rate)
3488 struct mt7915_vif *mvif = (struct mt7915_vif *)vif->drv_priv;
3489 struct mt7915_sta *msta = (struct mt7915_sta *)sta->drv_priv;
3490 struct mt7915_dev *dev = phy->dev;
3491 struct mt76_phy *mphy = phy->mt76;
3497 .category = MCU_PHY_STATE_CONTENTION_RX_RATE,
3498 .band = mvif->band_idx,
3499 .wcid = cpu_to_le16(msta->wcid.idx),
3501 struct ieee80211_supported_band *sband;
3502 struct mt7915_mcu_phy_rx_info *res;
3503 struct sk_buff *skb;
3508 ret = mt76_mcu_send_and_get_msg(&dev->mt76, MCU_EXT_CMD(PHY_STAT_INFO),
3509 &req, sizeof(req), true, &skb);
3513 res = (struct mt7915_mcu_phy_rx_info *)skb->data;
3515 rate->mcs = res->rate;
3516 rate->nss = res->nsts + 1;
3518 switch (res->mode) {
3519 case MT_PHY_TYPE_CCK:
3520 case MT_PHY_TYPE_OFDM:
3521 if (mphy->chandef.chan->band == NL80211_BAND_5GHZ)
3522 sband = &mphy->sband_5g.sband;
3524 sband = &mphy->sband_2g.sband;
3526 for (i = 0; i < sband->n_bitrates; i++) {
3527 if (rate->mcs != (sband->bitrates[i].hw_value & 0xf))
3530 rate->legacy = sband->bitrates[i].bitrate;
3534 case MT_PHY_TYPE_HT:
3535 case MT_PHY_TYPE_HT_GF:
3539 flags |= RATE_INFO_FLAGS_MCS;
3542 flags |= RATE_INFO_FLAGS_SHORT_GI;
3544 case MT_PHY_TYPE_VHT:
3545 flags |= RATE_INFO_FLAGS_VHT_MCS;
3548 flags |= RATE_INFO_FLAGS_SHORT_GI;
3550 case MT_PHY_TYPE_HE_SU:
3551 case MT_PHY_TYPE_HE_EXT_SU:
3552 case MT_PHY_TYPE_HE_TB:
3553 case MT_PHY_TYPE_HE_MU:
3554 rate->he_gi = res->gi;
3556 flags |= RATE_INFO_FLAGS_HE_MCS;
3561 rate->flags = flags;
3564 case IEEE80211_STA_RX_BW_160:
3565 rate->bw = RATE_INFO_BW_160;
3567 case IEEE80211_STA_RX_BW_80:
3568 rate->bw = RATE_INFO_BW_80;
3570 case IEEE80211_STA_RX_BW_40:
3571 rate->bw = RATE_INFO_BW_40;
3574 rate->bw = RATE_INFO_BW_20;
projects / linux-2.6-microblaze.git / blob