1 // SPDX-License-Identifier: ISC
2 /* Copyright (C) 2020 MediaTek Inc. */
4 #include <linux/firmware.h>
7 #include "mt7921_trace.h"
11 struct mt7921_patch_hdr {
28 struct mt7921_patch_sec {
44 struct mt7921_fw_trailer {
56 struct mt7921_fw_region {
67 #define MT_STA_BFER BIT(0)
68 #define MT_STA_BFEE BIT(1)
70 #define FW_FEATURE_SET_ENCRYPT BIT(0)
71 #define FW_FEATURE_SET_KEY_IDX GENMASK(2, 1)
72 #define FW_FEATURE_ENCRY_MODE BIT(4)
73 #define FW_FEATURE_OVERRIDE_ADDR BIT(5)
75 #define DL_MODE_ENCRYPT BIT(0)
76 #define DL_MODE_KEY_IDX GENMASK(2, 1)
77 #define DL_MODE_RESET_SEC_IV BIT(3)
78 #define DL_MODE_WORKING_PDA_CR4 BIT(4)
79 #define DL_CONFIG_ENCRY_MODE_SEL BIT(6)
80 #define DL_MODE_NEED_RSP BIT(31)
82 #define FW_START_OVERRIDE BIT(0)
83 #define FW_START_WORKING_PDA_CR4 BIT(2)
85 #define PATCH_SEC_TYPE_MASK GENMASK(15, 0)
86 #define PATCH_SEC_TYPE_INFO 0x2
88 #define to_wcid_lo(id) FIELD_GET(GENMASK(7, 0), (u16)id)
89 #define to_wcid_hi(id) FIELD_GET(GENMASK(9, 8), (u16)id)
91 static enum mcu_cipher_type
92 mt7921_mcu_get_cipher(int cipher)
95 case WLAN_CIPHER_SUITE_WEP40:
96 return MCU_CIPHER_WEP40;
97 case WLAN_CIPHER_SUITE_WEP104:
98 return MCU_CIPHER_WEP104;
99 case WLAN_CIPHER_SUITE_TKIP:
100 return MCU_CIPHER_TKIP;
101 case WLAN_CIPHER_SUITE_AES_CMAC:
102 return MCU_CIPHER_BIP_CMAC_128;
103 case WLAN_CIPHER_SUITE_CCMP:
104 return MCU_CIPHER_AES_CCMP;
105 case WLAN_CIPHER_SUITE_CCMP_256:
106 return MCU_CIPHER_CCMP_256;
107 case WLAN_CIPHER_SUITE_GCMP:
108 return MCU_CIPHER_GCMP;
109 case WLAN_CIPHER_SUITE_GCMP_256:
110 return MCU_CIPHER_GCMP_256;
111 case WLAN_CIPHER_SUITE_SMS4:
112 return MCU_CIPHER_WAPI;
114 return MT_CIPHER_NONE;
118 static u8 mt7921_mcu_chan_bw(struct cfg80211_chan_def *chandef)
120 static const u8 width_to_bw[] = {
121 [NL80211_CHAN_WIDTH_40] = CMD_CBW_40MHZ,
122 [NL80211_CHAN_WIDTH_80] = CMD_CBW_80MHZ,
123 [NL80211_CHAN_WIDTH_80P80] = CMD_CBW_8080MHZ,
124 [NL80211_CHAN_WIDTH_160] = CMD_CBW_160MHZ,
125 [NL80211_CHAN_WIDTH_5] = CMD_CBW_5MHZ,
126 [NL80211_CHAN_WIDTH_10] = CMD_CBW_10MHZ,
127 [NL80211_CHAN_WIDTH_20] = CMD_CBW_20MHZ,
128 [NL80211_CHAN_WIDTH_20_NOHT] = CMD_CBW_20MHZ,
131 if (chandef->width >= ARRAY_SIZE(width_to_bw))
134 return width_to_bw[chandef->width];
138 mt7921_mcu_parse_eeprom(struct mt76_dev *dev, struct sk_buff *skb)
140 struct mt7921_mcu_eeprom_info *res;
146 skb_pull(skb, sizeof(struct mt7921_mcu_rxd));
148 res = (struct mt7921_mcu_eeprom_info *)skb->data;
149 buf = dev->eeprom.data + le32_to_cpu(res->addr);
150 memcpy(buf, res->data, 16);
156 mt7921_mcu_parse_response(struct mt76_dev *mdev, int cmd,
157 struct sk_buff *skb, int seq)
159 struct mt7921_mcu_rxd *rxd;
163 dev_err(mdev->dev, "Message %08x (seq %d) timeout\n",
170 rxd = (struct mt7921_mcu_rxd *)skb->data;
175 case MCU_CMD_PATCH_SEM_CONTROL:
176 skb_pull(skb, sizeof(*rxd) - 4);
179 case MCU_EXT_CMD_GET_TEMP:
180 skb_pull(skb, sizeof(*rxd) + 4);
181 ret = le32_to_cpu(*(__le32 *)skb->data);
183 case MCU_EXT_CMD_EFUSE_ACCESS:
184 ret = mt7921_mcu_parse_eeprom(mdev, skb);
186 case MCU_UNI_CMD_DEV_INFO_UPDATE:
187 case MCU_UNI_CMD_BSS_INFO_UPDATE:
188 case MCU_UNI_CMD_STA_REC_UPDATE:
189 case MCU_UNI_CMD_HIF_CTRL:
190 case MCU_UNI_CMD_OFFLOAD:
191 case MCU_UNI_CMD_SUSPEND: {
192 struct mt7921_mcu_uni_event *event;
194 skb_pull(skb, sizeof(*rxd));
195 event = (struct mt7921_mcu_uni_event *)skb->data;
196 ret = le32_to_cpu(event->status);
199 case MCU_CMD_REG_READ: {
200 struct mt7921_mcu_reg_event *event;
202 skb_pull(skb, sizeof(*rxd));
203 event = (struct mt7921_mcu_reg_event *)skb->data;
204 ret = (int)le32_to_cpu(event->val);
208 skb_pull(skb, sizeof(struct mt7921_mcu_rxd));
216 mt7921_mcu_send_message(struct mt76_dev *mdev, struct sk_buff *skb,
217 int cmd, int *wait_seq)
219 struct mt7921_dev *dev = container_of(mdev, struct mt7921_dev, mt76);
220 int txd_len, mcu_cmd = cmd & MCU_CMD_MASK;
221 enum mt76_mcuq_id txq = MT_MCUQ_WM;
222 struct mt7921_uni_txd *uni_txd;
223 struct mt7921_mcu_txd *mcu_txd;
229 case MCU_UNI_CMD_HIF_CTRL:
230 case MCU_UNI_CMD_SUSPEND:
231 case MCU_UNI_CMD_OFFLOAD:
232 mdev->mcu.timeout = HZ / 3;
235 mdev->mcu.timeout = 3 * HZ;
239 seq = ++dev->mt76.mcu.msg_seq & 0xf;
241 seq = ++dev->mt76.mcu.msg_seq & 0xf;
243 if (cmd == MCU_CMD_FW_SCATTER) {
248 txd_len = cmd & MCU_UNI_PREFIX ? sizeof(*uni_txd) : sizeof(*mcu_txd);
249 txd = (__le32 *)skb_push(skb, txd_len);
251 val = FIELD_PREP(MT_TXD0_TX_BYTES, skb->len) |
252 FIELD_PREP(MT_TXD0_PKT_FMT, MT_TX_TYPE_CMD) |
253 FIELD_PREP(MT_TXD0_Q_IDX, MT_TX_MCU_PORT_RX_Q0);
254 txd[0] = cpu_to_le32(val);
256 val = MT_TXD1_LONG_FORMAT |
257 FIELD_PREP(MT_TXD1_HDR_FORMAT, MT_HDR_FORMAT_CMD);
258 txd[1] = cpu_to_le32(val);
260 if (cmd & MCU_UNI_PREFIX) {
261 uni_txd = (struct mt7921_uni_txd *)txd;
262 uni_txd->len = cpu_to_le16(skb->len - sizeof(uni_txd->txd));
263 uni_txd->option = MCU_CMD_UNI_EXT_ACK;
264 uni_txd->cid = cpu_to_le16(mcu_cmd);
265 uni_txd->s2d_index = MCU_S2D_H2N;
266 uni_txd->pkt_type = MCU_PKT_ID;
272 mcu_txd = (struct mt7921_mcu_txd *)txd;
273 mcu_txd->len = cpu_to_le16(skb->len - sizeof(mcu_txd->txd));
274 mcu_txd->pq_id = cpu_to_le16(MCU_PQ_ID(MT_TX_PORT_IDX_MCU,
275 MT_TX_MCU_PORT_RX_Q0));
276 mcu_txd->pkt_type = MCU_PKT_ID;
279 switch (cmd & ~MCU_CMD_MASK) {
281 mcu_txd->set_query = MCU_Q_NA;
282 mcu_txd->cid = mcu_cmd;
285 if (cmd & MCU_QUERY_MASK)
286 mcu_txd->set_query = MCU_Q_QUERY;
288 mcu_txd->set_query = MCU_Q_SET;
289 mcu_txd->cid = mcu_cmd;
292 mcu_txd->cid = MCU_CMD_EXT_CID;
293 if (cmd & MCU_QUERY_PREFIX || cmd == MCU_EXT_CMD_EFUSE_ACCESS)
294 mcu_txd->set_query = MCU_Q_QUERY;
296 mcu_txd->set_query = MCU_Q_SET;
297 mcu_txd->ext_cid = mcu_cmd;
298 mcu_txd->ext_cid_ack = 1;
302 mcu_txd->s2d_index = MCU_S2D_H2N;
303 WARN_ON(cmd == MCU_EXT_CMD_EFUSE_ACCESS &&
304 mcu_txd->set_query != MCU_Q_QUERY);
310 return mt76_tx_queue_skb_raw(dev, mdev->q_mcu[txq], skb, 0);
314 mt7921_mcu_tx_rate_parse(struct mt76_phy *mphy,
315 struct mt7921_mcu_peer_cap *peer,
316 struct rate_info *rate, u16 r)
318 struct ieee80211_supported_band *sband;
320 u8 txmode = FIELD_GET(MT_WTBL_RATE_TX_MODE, r);
324 rate->mcs = FIELD_GET(MT_WTBL_RATE_MCS, r);
325 rate->nss = FIELD_GET(MT_WTBL_RATE_NSS, r) + 1;
328 case IEEE80211_STA_RX_BW_160:
331 case IEEE80211_STA_RX_BW_80:
334 case IEEE80211_STA_RX_BW_40:
342 gi = txmode >= MT_PHY_TYPE_HE_SU ?
343 FIELD_GET(MT_WTBL_RATE_HE_GI, gi) :
344 FIELD_GET(MT_WTBL_RATE_GI, gi);
347 case MT_PHY_TYPE_CCK:
348 case MT_PHY_TYPE_OFDM:
349 if (mphy->chandef.chan->band == NL80211_BAND_5GHZ)
350 sband = &mphy->sband_5g.sband;
352 sband = &mphy->sband_2g.sband;
354 rate->legacy = sband->bitrates[rate->mcs].bitrate;
357 case MT_PHY_TYPE_HT_GF:
358 flags |= RATE_INFO_FLAGS_MCS;
361 flags |= RATE_INFO_FLAGS_SHORT_GI;
363 case MT_PHY_TYPE_VHT:
364 flags |= RATE_INFO_FLAGS_VHT_MCS;
367 flags |= RATE_INFO_FLAGS_SHORT_GI;
369 case MT_PHY_TYPE_HE_SU:
370 case MT_PHY_TYPE_HE_EXT_SU:
371 case MT_PHY_TYPE_HE_TB:
372 case MT_PHY_TYPE_HE_MU:
374 rate->he_dcm = FIELD_GET(MT_RA_RATE_DCM_EN, r);
376 flags |= RATE_INFO_FLAGS_HE_MCS;
383 bw = mt7921_mcu_chan_bw(&mphy->chandef) - FIELD_GET(MT_RA_RATE_BW, r);
386 case IEEE80211_STA_RX_BW_160:
387 rate->bw = RATE_INFO_BW_160;
389 case IEEE80211_STA_RX_BW_80:
390 rate->bw = RATE_INFO_BW_80;
392 case IEEE80211_STA_RX_BW_40:
393 rate->bw = RATE_INFO_BW_40;
396 rate->bw = RATE_INFO_BW_20;
402 mt7921_mcu_scan_event(struct mt7921_dev *dev, struct sk_buff *skb)
404 struct mt76_phy *mphy = &dev->mt76.phy;
405 struct mt7921_phy *phy = (struct mt7921_phy *)mphy->priv;
407 spin_lock_bh(&dev->mt76.lock);
408 __skb_queue_tail(&phy->scan_event_list, skb);
409 spin_unlock_bh(&dev->mt76.lock);
411 ieee80211_queue_delayed_work(mphy->hw, &phy->scan_work,
412 MT7921_HW_SCAN_TIMEOUT);
416 mt7921_mcu_connection_loss_iter(void *priv, u8 *mac,
417 struct ieee80211_vif *vif)
419 struct mt76_vif *mvif = (struct mt76_vif *)vif->drv_priv;
420 struct mt76_connac_beacon_loss_event *event = priv;
422 if (mvif->idx != event->bss_idx)
425 if (!(vif->driver_flags & IEEE80211_VIF_BEACON_FILTER))
428 ieee80211_connection_loss(vif);
432 mt7921_mcu_connection_loss_event(struct mt7921_dev *dev, struct sk_buff *skb)
434 struct mt76_connac_beacon_loss_event *event;
435 struct mt76_phy *mphy = &dev->mt76.phy;
437 skb_pull(skb, sizeof(struct mt7921_mcu_rxd));
438 event = (struct mt76_connac_beacon_loss_event *)skb->data;
440 ieee80211_iterate_active_interfaces_atomic(mphy->hw,
441 IEEE80211_IFACE_ITER_RESUME_ALL,
442 mt7921_mcu_connection_loss_iter, event);
446 mt7921_mcu_bss_event(struct mt7921_dev *dev, struct sk_buff *skb)
448 struct mt76_phy *mphy = &dev->mt76.phy;
449 struct mt76_connac_mcu_bss_event *event;
451 skb_pull(skb, sizeof(struct mt7921_mcu_rxd));
452 event = (struct mt76_connac_mcu_bss_event *)skb->data;
453 if (event->is_absent)
454 ieee80211_stop_queues(mphy->hw);
456 ieee80211_wake_queues(mphy->hw);
460 mt7921_mcu_debug_msg_event(struct mt7921_dev *dev, struct sk_buff *skb)
462 struct mt7921_debug_msg {
471 skb_pull(skb, sizeof(struct mt7921_mcu_rxd));
472 msg = (struct mt7921_debug_msg *)skb->data;
474 if (msg->type == 3) { /* fw log */
475 u16 len = min_t(u16, le16_to_cpu(msg->len), 512);
478 for (i = 0 ; i < len; i++) {
479 if (!msg->content[i])
480 msg->content[i] = ' ';
482 wiphy_info(mt76_hw(dev)->wiphy, "%.*s", len, msg->content);
487 mt7921_mcu_low_power_event(struct mt7921_dev *dev, struct sk_buff *skb)
489 struct mt7921_mcu_lp_event {
494 skb_pull(skb, sizeof(struct mt7921_mcu_rxd));
495 event = (struct mt7921_mcu_lp_event *)skb->data;
497 trace_lp_event(dev, event->state);
501 mt7921_mcu_tx_done_event(struct mt7921_dev *dev, struct sk_buff *skb)
503 struct mt7921_mcu_tx_done_event *event;
504 struct mt7921_sta *msta;
505 struct mt7921_phy *mphy = &dev->phy;
506 struct mt7921_mcu_peer_cap peer;
507 struct ieee80211_sta *sta;
510 skb_pull(skb, sizeof(struct mt7921_mcu_rxd));
511 event = (struct mt7921_mcu_tx_done_event *)skb->data;
513 spin_lock_bh(&dev->sta_poll_lock);
514 list_splice_init(&mphy->stats_list, &list);
516 while (!list_empty(&list)) {
517 msta = list_first_entry(&list, struct mt7921_sta, stats_list);
518 list_del_init(&msta->stats_list);
520 if (msta->wcid.idx != event->wlan_idx)
523 spin_unlock_bh(&dev->sta_poll_lock);
525 sta = wcid_to_sta(&msta->wcid);
527 /* peer config based on IEEE SPEC */
528 memset(&peer, 0x0, sizeof(peer));
530 peer.g2 = !!(sta->ht_cap.cap & IEEE80211_HT_CAP_SGI_20);
531 peer.g4 = !!(sta->ht_cap.cap & IEEE80211_HT_CAP_SGI_40);
532 peer.g8 = !!(sta->vht_cap.cap & IEEE80211_VHT_CAP_SHORT_GI_80);
533 peer.g16 = !!(sta->vht_cap.cap & IEEE80211_VHT_CAP_SHORT_GI_160);
534 mt7921_mcu_tx_rate_parse(mphy->mt76, &peer,
535 &msta->stats.tx_rate, event->tx_rate);
537 spin_lock_bh(&dev->sta_poll_lock);
540 spin_unlock_bh(&dev->sta_poll_lock);
544 mt7921_mcu_rx_unsolicited_event(struct mt7921_dev *dev, struct sk_buff *skb)
546 struct mt7921_mcu_rxd *rxd = (struct mt7921_mcu_rxd *)skb->data;
549 case MCU_EVENT_BSS_BEACON_LOSS:
550 mt7921_mcu_connection_loss_event(dev, skb);
552 case MCU_EVENT_SCHED_SCAN_DONE:
553 case MCU_EVENT_SCAN_DONE:
554 mt7921_mcu_scan_event(dev, skb);
556 case MCU_EVENT_BSS_ABSENCE:
557 mt7921_mcu_bss_event(dev, skb);
559 case MCU_EVENT_DBG_MSG:
560 mt7921_mcu_debug_msg_event(dev, skb);
562 case MCU_EVENT_COREDUMP:
563 mt76_connac_mcu_coredump_event(&dev->mt76, skb,
566 case MCU_EVENT_LP_INFO:
567 mt7921_mcu_low_power_event(dev, skb);
569 case MCU_EVENT_TX_DONE:
570 mt7921_mcu_tx_done_event(dev, skb);
578 void mt7921_mcu_rx_event(struct mt7921_dev *dev, struct sk_buff *skb)
580 struct mt7921_mcu_rxd *rxd = (struct mt7921_mcu_rxd *)skb->data;
582 if (rxd->eid == 0x6) {
583 mt76_mcu_rx_event(&dev->mt76, skb);
587 if (rxd->ext_eid == MCU_EXT_EVENT_RATE_REPORT ||
588 rxd->eid == MCU_EVENT_BSS_BEACON_LOSS ||
589 rxd->eid == MCU_EVENT_SCHED_SCAN_DONE ||
590 rxd->eid == MCU_EVENT_BSS_ABSENCE ||
591 rxd->eid == MCU_EVENT_SCAN_DONE ||
592 rxd->eid == MCU_EVENT_TX_DONE ||
593 rxd->eid == MCU_EVENT_DBG_MSG ||
594 rxd->eid == MCU_EVENT_COREDUMP ||
595 rxd->eid == MCU_EVENT_LP_INFO ||
597 mt7921_mcu_rx_unsolicited_event(dev, skb);
599 mt76_mcu_rx_event(&dev->mt76, skb);
602 /** starec & wtbl **/
604 mt7921_mcu_sta_key_tlv(struct mt7921_sta *msta, struct sk_buff *skb,
605 struct ieee80211_key_conf *key, enum set_key_cmd cmd)
607 struct mt7921_sta_key_conf *bip = &msta->bip;
608 struct sta_rec_sec *sec;
610 u32 len = sizeof(*sec);
612 tlv = mt76_connac_mcu_add_tlv(skb, STA_REC_KEY_V2, sizeof(*sec));
614 sec = (struct sta_rec_sec *)tlv;
617 if (cmd == SET_KEY) {
618 struct sec_key *sec_key;
621 cipher = mt7921_mcu_get_cipher(key->cipher);
622 if (cipher == MT_CIPHER_NONE)
625 sec_key = &sec->key[0];
626 sec_key->cipher_len = sizeof(*sec_key);
628 if (cipher == MCU_CIPHER_BIP_CMAC_128) {
629 sec_key->cipher_id = MCU_CIPHER_AES_CCMP;
630 sec_key->key_id = bip->keyidx;
631 sec_key->key_len = 16;
632 memcpy(sec_key->key, bip->key, 16);
634 sec_key = &sec->key[1];
635 sec_key->cipher_id = MCU_CIPHER_BIP_CMAC_128;
636 sec_key->cipher_len = sizeof(*sec_key);
637 sec_key->key_len = 16;
638 memcpy(sec_key->key, key->key, 16);
642 sec_key->cipher_id = cipher;
643 sec_key->key_id = key->keyidx;
644 sec_key->key_len = key->keylen;
645 memcpy(sec_key->key, key->key, key->keylen);
647 if (cipher == MCU_CIPHER_TKIP) {
648 /* Rx/Tx MIC keys are swapped */
649 memcpy(sec_key->key + 16, key->key + 24, 8);
650 memcpy(sec_key->key + 24, key->key + 16, 8);
653 /* store key_conf for BIP batch update */
654 if (cipher == MCU_CIPHER_AES_CCMP) {
655 memcpy(bip->key, key->key, key->keylen);
656 bip->keyidx = key->keyidx;
659 len -= sizeof(*sec_key);
663 len -= sizeof(sec->key);
666 sec->len = cpu_to_le16(len);
671 int mt7921_mcu_add_key(struct mt7921_dev *dev, struct ieee80211_vif *vif,
672 struct mt7921_sta *msta, struct ieee80211_key_conf *key,
673 enum set_key_cmd cmd)
675 struct mt7921_vif *mvif = (struct mt7921_vif *)vif->drv_priv;
679 skb = mt76_connac_mcu_alloc_sta_req(&dev->mt76, &mvif->mt76,
684 ret = mt7921_mcu_sta_key_tlv(msta, skb, key, cmd);
688 return mt76_mcu_skb_send_msg(&dev->mt76, skb,
689 MCU_UNI_CMD_STA_REC_UPDATE, true);
692 int mt7921_mcu_uni_tx_ba(struct mt7921_dev *dev,
693 struct ieee80211_ampdu_params *params,
696 struct mt7921_sta *msta = (struct mt7921_sta *)params->sta->drv_priv;
698 if (enable && !params->amsdu)
699 msta->wcid.amsdu = false;
701 return mt76_connac_mcu_sta_ba(&dev->mt76, &msta->vif->mt76, params,
705 int mt7921_mcu_uni_rx_ba(struct mt7921_dev *dev,
706 struct ieee80211_ampdu_params *params,
709 struct mt7921_sta *msta = (struct mt7921_sta *)params->sta->drv_priv;
711 return mt76_connac_mcu_sta_ba(&dev->mt76, &msta->vif->mt76, params,
715 static int mt7921_mcu_restart(struct mt76_dev *dev)
724 return mt76_mcu_send_msg(dev, MCU_CMD_NIC_POWER_CTRL, &req,
728 static int mt7921_driver_own(struct mt7921_dev *dev)
730 u32 reg = mt7921_reg_map_l1(dev, MT_TOP_LPCR_HOST_BAND0);
732 mt76_wr(dev, reg, MT_TOP_LPCR_HOST_DRV_OWN);
733 if (!mt76_poll_msec(dev, reg, MT_TOP_LPCR_HOST_FW_OWN,
735 dev_err(dev->mt76.dev, "Timeout for driver own\n");
742 static int mt7921_load_patch(struct mt7921_dev *dev)
744 const struct mt7921_patch_hdr *hdr;
745 const struct firmware *fw = NULL;
748 sem = mt76_connac_mcu_patch_sem_ctrl(&dev->mt76, true);
752 case PATCH_NOT_DL_SEM_SUCCESS:
755 dev_err(dev->mt76.dev, "Failed to get patch semaphore\n");
759 ret = request_firmware(&fw, MT7921_ROM_PATCH, dev->mt76.dev);
763 if (!fw || !fw->data || fw->size < sizeof(*hdr)) {
764 dev_err(dev->mt76.dev, "Invalid firmware\n");
769 hdr = (const struct mt7921_patch_hdr *)(fw->data);
771 dev_info(dev->mt76.dev, "HW/SW Version: 0x%x, Build Time: %.16s\n",
772 be32_to_cpu(hdr->hw_sw_ver), hdr->build_date);
774 for (i = 0; i < be32_to_cpu(hdr->desc.n_region); i++) {
775 struct mt7921_patch_sec *sec;
779 sec = (struct mt7921_patch_sec *)(fw->data + sizeof(*hdr) +
781 if ((be32_to_cpu(sec->type) & PATCH_SEC_TYPE_MASK) !=
782 PATCH_SEC_TYPE_INFO) {
787 addr = be32_to_cpu(sec->info.addr);
788 len = be32_to_cpu(sec->info.len);
789 dl = fw->data + be32_to_cpu(sec->offs);
791 ret = mt76_connac_mcu_init_download(&dev->mt76, addr, len,
794 dev_err(dev->mt76.dev, "Download request failed\n");
798 ret = mt76_mcu_send_firmware(&dev->mt76, MCU_CMD_FW_SCATTER,
801 dev_err(dev->mt76.dev, "Failed to send patch\n");
806 ret = mt76_connac_mcu_start_patch(&dev->mt76);
808 dev_err(dev->mt76.dev, "Failed to start patch\n");
811 sem = mt76_connac_mcu_patch_sem_ctrl(&dev->mt76, false);
813 case PATCH_REL_SEM_SUCCESS:
817 dev_err(dev->mt76.dev, "Failed to release patch semaphore\n");
820 release_firmware(fw);
825 static u32 mt7921_mcu_gen_dl_mode(u8 feature_set, bool is_wa)
829 ret |= (feature_set & FW_FEATURE_SET_ENCRYPT) ?
830 (DL_MODE_ENCRYPT | DL_MODE_RESET_SEC_IV) : 0;
831 ret |= (feature_set & FW_FEATURE_ENCRY_MODE) ?
832 DL_CONFIG_ENCRY_MODE_SEL : 0;
833 ret |= FIELD_PREP(DL_MODE_KEY_IDX,
834 FIELD_GET(FW_FEATURE_SET_KEY_IDX, feature_set));
835 ret |= DL_MODE_NEED_RSP;
836 ret |= is_wa ? DL_MODE_WORKING_PDA_CR4 : 0;
842 mt7921_mcu_send_ram_firmware(struct mt7921_dev *dev,
843 const struct mt7921_fw_trailer *hdr,
844 const u8 *data, bool is_wa)
847 u32 override = 0, option = 0;
849 for (i = 0; i < hdr->n_region; i++) {
850 const struct mt7921_fw_region *region;
854 region = (const struct mt7921_fw_region *)((const u8 *)hdr -
855 (hdr->n_region - i) * sizeof(*region));
856 mode = mt7921_mcu_gen_dl_mode(region->feature_set, is_wa);
857 len = le32_to_cpu(region->len);
858 addr = le32_to_cpu(region->addr);
860 if (region->feature_set & FW_FEATURE_OVERRIDE_ADDR)
863 err = mt76_connac_mcu_init_download(&dev->mt76, addr, len,
866 dev_err(dev->mt76.dev, "Download request failed\n");
870 err = mt76_mcu_send_firmware(&dev->mt76, MCU_CMD_FW_SCATTER,
873 dev_err(dev->mt76.dev, "Failed to send firmware.\n");
881 option |= FW_START_OVERRIDE;
884 option |= FW_START_WORKING_PDA_CR4;
886 return mt76_connac_mcu_start_firmware(&dev->mt76, override, option);
889 static int mt7921_load_ram(struct mt7921_dev *dev)
891 const struct mt7921_fw_trailer *hdr;
892 const struct firmware *fw;
895 ret = request_firmware(&fw, MT7921_FIRMWARE_WM, dev->mt76.dev);
899 if (!fw || !fw->data || fw->size < sizeof(*hdr)) {
900 dev_err(dev->mt76.dev, "Invalid firmware\n");
905 hdr = (const struct mt7921_fw_trailer *)(fw->data + fw->size -
908 dev_info(dev->mt76.dev, "WM Firmware Version: %.10s, Build Time: %.15s\n",
909 hdr->fw_ver, hdr->build_date);
911 ret = mt7921_mcu_send_ram_firmware(dev, hdr, fw->data, false);
913 dev_err(dev->mt76.dev, "Failed to start WM firmware\n");
917 snprintf(dev->mt76.hw->wiphy->fw_version,
918 sizeof(dev->mt76.hw->wiphy->fw_version),
919 "%.10s-%.15s", hdr->fw_ver, hdr->build_date);
922 release_firmware(fw);
927 static int mt7921_load_firmware(struct mt7921_dev *dev)
931 ret = mt76_get_field(dev, MT_CONN_ON_MISC, MT_TOP_MISC2_FW_N9_RDY);
933 dev_dbg(dev->mt76.dev, "Firmware is already download\n");
937 ret = mt7921_load_patch(dev);
941 ret = mt7921_load_ram(dev);
945 if (!mt76_poll_msec(dev, MT_CONN_ON_MISC, MT_TOP_MISC2_FW_N9_RDY,
946 MT_TOP_MISC2_FW_N9_RDY, 1500)) {
947 dev_err(dev->mt76.dev, "Timeout for initializing firmware\n");
953 mt76_queue_tx_cleanup(dev, dev->mt76.q_mcu[MT_MCUQ_FWDL], false);
956 dev->mt76.hw->wiphy->wowlan = &mt76_connac_wowlan_support;
957 #endif /* CONFIG_PM */
959 dev_err(dev->mt76.dev, "Firmware init done\n");
964 int mt7921_mcu_fw_log_2_host(struct mt7921_dev *dev, u8 ctrl)
973 return mt76_mcu_send_msg(&dev->mt76, MCU_CMD_FWLOG_2_HOST, &data,
974 sizeof(data), false);
977 int mt7921_run_firmware(struct mt7921_dev *dev)
981 err = mt7921_driver_own(dev);
985 err = mt7921_load_firmware(dev);
989 set_bit(MT76_STATE_MCU_RUNNING, &dev->mphy.state);
990 mt7921_mcu_fw_log_2_host(dev, 1);
992 return mt76_connac_mcu_get_nic_capability(&dev->mphy);
995 int mt7921_mcu_init(struct mt7921_dev *dev)
997 static const struct mt76_mcu_ops mt7921_mcu_ops = {
998 .headroom = sizeof(struct mt7921_mcu_txd),
999 .mcu_skb_send_msg = mt7921_mcu_send_message,
1000 .mcu_parse_response = mt7921_mcu_parse_response,
1001 .mcu_restart = mt7921_mcu_restart,
1004 dev->mt76.mcu_ops = &mt7921_mcu_ops;
1006 return mt7921_run_firmware(dev);
1009 void mt7921_mcu_exit(struct mt7921_dev *dev)
1011 mt7921_wfsys_reset(dev);
1012 skb_queue_purge(&dev->mt76.mcu.res_q);
1015 int mt7921_mcu_set_tx(struct mt7921_dev *dev, struct ieee80211_vif *vif)
1017 #define WMM_AIFS_SET BIT(0)
1018 #define WMM_CW_MIN_SET BIT(1)
1019 #define WMM_CW_MAX_SET BIT(2)
1020 #define WMM_TXOP_SET BIT(3)
1021 #define WMM_PARAM_SET GENMASK(3, 0)
1022 #define TX_CMD_MODE 1
1031 struct mt7921_mcu_tx {
1037 struct edca edca[IEEE80211_NUM_ACS];
1040 .mode = TX_CMD_MODE,
1041 .total = IEEE80211_NUM_ACS,
1043 struct mt7921_vif *mvif = (struct mt7921_vif *)vif->drv_priv;
1046 for (ac = 0; ac < IEEE80211_NUM_ACS; ac++) {
1047 struct ieee80211_tx_queue_params *q = &mvif->queue_params[ac];
1048 struct edca *e = &req.edca[ac];
1050 e->set = WMM_PARAM_SET;
1051 e->queue = ac + mvif->mt76.wmm_idx * MT7921_MAX_WMM_SETS;
1053 e->txop = cpu_to_le16(q->txop);
1056 e->cw_min = fls(q->cw_min);
1061 e->cw_max = cpu_to_le16(fls(q->cw_max));
1063 e->cw_max = cpu_to_le16(10);
1065 return mt76_mcu_send_msg(&dev->mt76, MCU_EXT_CMD_EDCA_UPDATE, &req,
1069 int mt7921_mcu_set_chan_info(struct mt7921_phy *phy, int cmd)
1071 struct mt7921_dev *dev = phy->dev;
1072 struct cfg80211_chan_def *chandef = &phy->mt76->chandef;
1073 int freq1 = chandef->center_freq1;
1079 u8 rx_streams; /* mask or num */
1082 u8 center_ch2; /* for 80+80 only */
1086 __le32 outband_freq;
1092 .control_ch = chandef->chan->hw_value,
1093 .center_ch = ieee80211_frequency_to_channel(freq1),
1094 .bw = mt7921_mcu_chan_bw(chandef),
1095 .tx_streams_num = hweight8(phy->mt76->antenna_mask),
1096 .rx_streams = phy->mt76->antenna_mask,
1097 .band_idx = phy != &dev->phy,
1098 .channel_band = chandef->chan->band,
1101 if (dev->mt76.hw->conf.flags & IEEE80211_CONF_OFFCHANNEL)
1102 req.switch_reason = CH_SWITCH_SCAN_BYPASS_DPD;
1103 else if ((chandef->chan->flags & IEEE80211_CHAN_RADAR) &&
1104 chandef->chan->dfs_state != NL80211_DFS_AVAILABLE)
1105 req.switch_reason = CH_SWITCH_DFS;
1107 req.switch_reason = CH_SWITCH_NORMAL;
1109 if (cmd == MCU_EXT_CMD_CHANNEL_SWITCH)
1110 req.rx_streams = hweight8(req.rx_streams);
1112 if (chandef->width == NL80211_CHAN_WIDTH_80P80) {
1113 int freq2 = chandef->center_freq2;
1115 req.center_ch2 = ieee80211_frequency_to_channel(freq2);
1118 return mt76_mcu_send_msg(&dev->mt76, cmd, &req, sizeof(req), true);
1121 int mt7921_mcu_set_eeprom(struct mt7921_dev *dev)
1128 .buffer_mode = EE_MODE_EFUSE,
1129 .format = EE_FORMAT_WHOLE,
1132 return mt76_mcu_send_msg(&dev->mt76, MCU_EXT_CMD_EFUSE_BUFFER_MODE,
1133 &req, sizeof(req), true);
1136 int mt7921_mcu_get_eeprom(struct mt7921_dev *dev, u32 offset)
1138 struct mt7921_mcu_eeprom_info req = {
1139 .addr = cpu_to_le32(round_down(offset, 16)),
1141 struct mt7921_mcu_eeprom_info *res;
1142 struct sk_buff *skb;
1146 ret = mt76_mcu_send_and_get_msg(&dev->mt76, MCU_EXT_CMD_EFUSE_ACCESS, &req,
1147 sizeof(req), true, &skb);
1151 res = (struct mt7921_mcu_eeprom_info *)skb->data;
1152 buf = dev->mt76.eeprom.data + le32_to_cpu(res->addr);
1153 memcpy(buf, res->data, 16);
1159 int mt7921_mcu_uni_bss_ps(struct mt7921_dev *dev, struct ieee80211_vif *vif)
1161 struct mt7921_vif *mvif = (struct mt7921_vif *)vif->drv_priv;
1170 u8 ps_state; /* 0: device awake
1171 * 1: static power save
1172 * 2: dynamic power saving
1173 * 3: enter TWT power saving
1174 * 4: leave TWT power saving
1178 } __packed ps_req = {
1180 .bss_idx = mvif->mt76.idx,
1183 .tag = cpu_to_le16(UNI_BSS_INFO_PS),
1184 .len = cpu_to_le16(sizeof(struct ps_tlv)),
1185 .ps_state = vif->bss_conf.ps ? 2 : 0,
1189 if (vif->type != NL80211_IFTYPE_STATION)
1192 return mt76_mcu_send_msg(&dev->mt76, MCU_UNI_CMD_BSS_INFO_UPDATE,
1193 &ps_req, sizeof(ps_req), true);
1196 int mt7921_mcu_uni_bss_bcnft(struct mt7921_dev *dev, struct ieee80211_vif *vif,
1199 struct mt7921_vif *mvif = (struct mt7921_vif *)vif->drv_priv;
1208 __le16 bcn_interval;
1212 } __packed bcnft_req = {
1214 .bss_idx = mvif->mt76.idx,
1217 .tag = cpu_to_le16(UNI_BSS_INFO_BCNFT),
1218 .len = cpu_to_le16(sizeof(struct bcnft_tlv)),
1219 .bcn_interval = cpu_to_le16(vif->bss_conf.beacon_int),
1220 .dtim_period = vif->bss_conf.dtim_period,
1224 if (vif->type != NL80211_IFTYPE_STATION)
1227 return mt76_mcu_send_msg(&dev->mt76, MCU_UNI_CMD_BSS_INFO_UPDATE,
1228 &bcnft_req, sizeof(bcnft_req), true);
1231 int mt7921_mcu_set_bss_pm(struct mt7921_dev *dev, struct ieee80211_vif *vif,
1234 struct mt7921_vif *mvif = (struct mt7921_vif *)vif->drv_priv;
1239 __le16 bcn_interval;
1242 u8 bmc_delivered_ac;
1243 u8 bmc_triggered_ac;
1246 .bss_idx = mvif->mt76.idx,
1247 .aid = cpu_to_le16(vif->bss_conf.aid),
1248 .dtim_period = vif->bss_conf.dtim_period,
1249 .bcn_interval = cpu_to_le16(vif->bss_conf.beacon_int),
1255 .bss_idx = mvif->mt76.idx,
1259 if (vif->type != NL80211_IFTYPE_STATION)
1262 err = mt76_mcu_send_msg(&dev->mt76, MCU_CMD_SET_BSS_ABORT, &req_hdr,
1263 sizeof(req_hdr), false);
1264 if (err < 0 || !enable)
1267 return mt76_mcu_send_msg(&dev->mt76, MCU_CMD_SET_BSS_CONNECTED, &req,
1268 sizeof(req), false);
1271 int mt7921_mcu_sta_update(struct mt7921_dev *dev, struct ieee80211_sta *sta,
1272 struct ieee80211_vif *vif, bool enable,
1273 enum mt76_sta_info_state state)
1275 struct mt7921_vif *mvif = (struct mt7921_vif *)vif->drv_priv;
1276 int rssi = -ewma_rssi_read(&mvif->rssi);
1277 struct mt76_sta_cmd_info info = {
1281 .cmd = MCU_UNI_CMD_STA_REC_UPDATE,
1284 .rcpi = to_rcpi(rssi),
1286 struct mt7921_sta *msta;
1288 msta = sta ? (struct mt7921_sta *)sta->drv_priv : NULL;
1289 info.wcid = msta ? &msta->wcid : &mvif->sta.wcid;
1290 info.newly = msta ? state != MT76_STA_INFO_STATE_ASSOC : true;
1292 return mt76_connac_mcu_sta_cmd(&dev->mphy, &info);
1295 int __mt7921_mcu_drv_pmctrl(struct mt7921_dev *dev)
1297 struct mt76_phy *mphy = &dev->mt76.phy;
1298 struct mt76_connac_pm *pm = &dev->pm;
1301 for (i = 0; i < MT7921_DRV_OWN_RETRY_COUNT; i++) {
1302 mt76_wr(dev, MT_CONN_ON_LPCTL, PCIE_LPCR_HOST_CLR_OWN);
1303 if (mt76_poll_msec(dev, MT_CONN_ON_LPCTL,
1304 PCIE_LPCR_HOST_OWN_SYNC, 0, 50))
1308 if (i == MT7921_DRV_OWN_RETRY_COUNT) {
1309 dev_err(dev->mt76.dev, "driver own failed\n");
1314 mt7921_wpdma_reinit_cond(dev);
1315 clear_bit(MT76_STATE_PM, &mphy->state);
1317 pm->stats.last_wake_event = jiffies;
1318 pm->stats.doze_time += pm->stats.last_wake_event -
1319 pm->stats.last_doze_event;
1324 int mt7921_mcu_drv_pmctrl(struct mt7921_dev *dev)
1326 struct mt76_phy *mphy = &dev->mt76.phy;
1327 struct mt76_connac_pm *pm = &dev->pm;
1330 mutex_lock(&pm->mutex);
1332 if (!test_bit(MT76_STATE_PM, &mphy->state))
1335 err = __mt7921_mcu_drv_pmctrl(dev);
1337 mutex_unlock(&pm->mutex);
1340 mt7921_reset(&dev->mt76);
1345 int mt7921_mcu_fw_pmctrl(struct mt7921_dev *dev)
1347 struct mt76_phy *mphy = &dev->mt76.phy;
1348 struct mt76_connac_pm *pm = &dev->pm;
1351 mutex_lock(&pm->mutex);
1353 if (mt76_connac_skip_fw_pmctrl(mphy, pm))
1356 for (i = 0; i < MT7921_DRV_OWN_RETRY_COUNT; i++) {
1357 mt76_wr(dev, MT_CONN_ON_LPCTL, PCIE_LPCR_HOST_SET_OWN);
1358 if (mt76_poll_msec(dev, MT_CONN_ON_LPCTL,
1359 PCIE_LPCR_HOST_OWN_SYNC, 4, 50))
1363 if (i == MT7921_DRV_OWN_RETRY_COUNT) {
1364 dev_err(dev->mt76.dev, "firmware own failed\n");
1365 clear_bit(MT76_STATE_PM, &mphy->state);
1369 pm->stats.last_doze_event = jiffies;
1370 pm->stats.awake_time += pm->stats.last_doze_event -
1371 pm->stats.last_wake_event;
1373 mutex_unlock(&pm->mutex);
1376 mt7921_reset(&dev->mt76);
1382 mt7921_pm_interface_iter(void *priv, u8 *mac, struct ieee80211_vif *vif)
1384 struct mt7921_phy *phy = priv;
1385 struct mt7921_dev *dev = phy->dev;
1386 struct ieee80211_hw *hw = mt76_hw(dev);
1390 ret = mt7921_mcu_uni_bss_bcnft(dev, vif, true);
1392 ret = mt7921_mcu_set_bss_pm(dev, vif, false);
1397 if (dev->pm.enable) {
1398 vif->driver_flags |= IEEE80211_VIF_BEACON_FILTER;
1399 ieee80211_hw_set(hw, CONNECTION_MONITOR);
1400 mt76_set(dev, MT_WF_RFCR(0), MT_WF_RFCR_DROP_OTHER_BEACON);
1402 vif->driver_flags &= ~IEEE80211_VIF_BEACON_FILTER;
1403 __clear_bit(IEEE80211_HW_CONNECTION_MONITOR, hw->flags);
1404 mt76_clear(dev, MT_WF_RFCR(0), MT_WF_RFCR_DROP_OTHER_BEACON);
1408 int mt7921_get_txpwr_info(struct mt7921_dev *dev, struct mt7921_txpwr *txpwr)
1410 struct mt7921_txpwr_event *event;
1411 struct mt7921_txpwr_req req = {
1414 struct sk_buff *skb;
1417 ret = mt76_mcu_send_and_get_msg(&dev->mt76, MCU_CMD_GET_TXPWR,
1418 &req, sizeof(req), true, &skb);
1422 event = (struct mt7921_txpwr_event *)skb->data;
1423 WARN_ON(skb->len != le16_to_cpu(event->len));
1424 memcpy(txpwr, &event->txpwr, sizeof(event->txpwr));
projects / linux-2.6-microblaze.git / blob