]> git.proxmox.com Git - mirror_ubuntu-jammy-kernel.git/blob - drivers/net/wireless/mediatek/mt76/mt7615/mcu.c
projects / mirror_ubuntu-jammy-kernel.git / blob
? search:
summary | shortlog | log | commit | commitdiff | tree
blame | history | raw | HEAD
slip: Fix use-after-free Read in slip_open
[mirror_ubuntu-jammy-kernel.git] / drivers / net / wireless / mediatek / mt76 / mt7615 / mcu.c
1 // SPDX-License-Identifier: ISC
2 /* Copyright (C) 2019 MediaTek Inc.
3 *
4 * Author: Roy Luo <royluo@google.com>
5 * Ryder Lee <ryder.lee@mediatek.com>
6 */
7
8 #include <linux/firmware.h>
9 #include "mt7615.h"
10 #include "mcu.h"
11 #include "mac.h"
12 #include "eeprom.h"
13
14 struct mt7615_patch_hdr {
15 char build_date[16];
16 char platform[4];
17 __be32 hw_sw_ver;
18 __be32 patch_ver;
19 __be16 checksum;
20 } __packed;
21
22 struct mt7615_fw_trailer {
23 __le32 addr;
24 u8 chip_id;
25 u8 feature_set;
26 u8 eco_code;
27 char fw_ver[10];
28 char build_date[15];
29 __le32 len;
30 } __packed;
31
32 #define MCU_PATCH_ADDRESS 0x80000
33
34 #define N9_REGION_NUM 2
35 #define CR4_REGION_NUM 1
36
37 #define IMG_CRC_LEN 4
38
39 #define FW_FEATURE_SET_ENCRYPT BIT(0)
40 #define FW_FEATURE_SET_KEY_IDX GENMASK(2, 1)
41
42 #define DL_MODE_ENCRYPT BIT(0)
43 #define DL_MODE_KEY_IDX GENMASK(2, 1)
44 #define DL_MODE_RESET_SEC_IV BIT(3)
45 #define DL_MODE_WORKING_PDA_CR4 BIT(4)
46 #define DL_MODE_NEED_RSP BIT(31)
47
48 #define FW_START_OVERRIDE BIT(0)
49 #define FW_START_WORKING_PDA_CR4 BIT(2)
50
51 static int __mt7615_mcu_msg_send(struct mt7615_dev *dev, struct sk_buff *skb,
52 int cmd, int *wait_seq)
53 {
54 struct mt7615_mcu_txd *mcu_txd;
55 u8 seq, q_idx, pkt_fmt;
56 enum mt76_txq_id qid;
57 u32 val;
58 __le32 *txd;
59
60 seq = ++dev->mt76.mmio.mcu.msg_seq & 0xf;
61 if (!seq)
62 seq = ++dev->mt76.mmio.mcu.msg_seq & 0xf;
63
64 mcu_txd = (struct mt7615_mcu_txd *)skb_push(skb,
65 sizeof(struct mt7615_mcu_txd));
66 memset(mcu_txd, 0, sizeof(struct mt7615_mcu_txd));
67
68 if (cmd != -MCU_CMD_FW_SCATTER) {
69 q_idx = MT_TX_MCU_PORT_RX_Q0;
70 pkt_fmt = MT_TX_TYPE_CMD;
71 } else {
72 q_idx = MT_TX_MCU_PORT_RX_FWDL;
73 pkt_fmt = MT_TX_TYPE_FW;
74 }
75
76 txd = mcu_txd->txd;
77
78 val = FIELD_PREP(MT_TXD0_TX_BYTES, skb->len) |
79 FIELD_PREP(MT_TXD0_P_IDX, MT_TX_PORT_IDX_MCU) |
80 FIELD_PREP(MT_TXD0_Q_IDX, q_idx);
81 txd[0] = cpu_to_le32(val);
82
83 val = MT_TXD1_LONG_FORMAT |
84 FIELD_PREP(MT_TXD1_HDR_FORMAT, MT_HDR_FORMAT_CMD) |
85 FIELD_PREP(MT_TXD1_PKT_FMT, pkt_fmt);
86 txd[1] = cpu_to_le32(val);
87
88 mcu_txd->len = cpu_to_le16(skb->len - sizeof(mcu_txd->txd));
89 mcu_txd->pq_id = cpu_to_le16(MCU_PQ_ID(MT_TX_PORT_IDX_MCU, q_idx));
90 mcu_txd->pkt_type = MCU_PKT_ID;
91 mcu_txd->seq = seq;
92
93 if (cmd < 0) {
94 mcu_txd->set_query = MCU_Q_NA;
95 mcu_txd->cid = -cmd;
96 } else {
97 mcu_txd->cid = MCU_CMD_EXT_CID;
98 mcu_txd->set_query = MCU_Q_SET;
99 mcu_txd->ext_cid = cmd;
100 mcu_txd->ext_cid_ack = 1;
101 }
102 mcu_txd->s2d_index = MCU_S2D_H2N;
103
104 if (wait_seq)
105 *wait_seq = seq;
106
107 if (test_bit(MT76_STATE_MCU_RUNNING, &dev->mt76.state))
108 qid = MT_TXQ_MCU;
109 else
110 qid = MT_TXQ_FWDL;
111
112 return mt76_tx_queue_skb_raw(dev, qid, skb, 0);
113 }
114
115 static int
116 mt7615_mcu_parse_response(struct mt7615_dev *dev, int cmd,
117 struct sk_buff *skb, int seq)
118 {
119 struct mt7615_mcu_rxd *rxd = (struct mt7615_mcu_rxd *)skb->data;
120 int ret = 0;
121
122 if (seq != rxd->seq)
123 return -EAGAIN;
124
125 switch (cmd) {
126 case -MCU_CMD_PATCH_SEM_CONTROL:
127 skb_pull(skb, sizeof(*rxd) - 4);
128 ret = *skb->data;
129 break;
130 case MCU_EXT_CMD_GET_TEMP:
131 skb_pull(skb, sizeof(*rxd));
132 ret = le32_to_cpu(*(__le32 *)skb->data);
133 break;
134 default:
135 break;
136 }
137 dev_kfree_skb(skb);
138
139 return ret;
140 }
141
142 static int
143 mt7615_mcu_msg_send(struct mt76_dev *mdev, int cmd, const void *data,
144 int len, bool wait_resp)
145 {
146 struct mt7615_dev *dev = container_of(mdev, struct mt7615_dev, mt76);
147 unsigned long expires = jiffies + 10 * HZ;
148 struct sk_buff *skb;
149 int ret, seq;
150
151 skb = mt7615_mcu_msg_alloc(data, len);
152 if (!skb)
153 return -ENOMEM;
154
155 mutex_lock(&mdev->mmio.mcu.mutex);
156
157 ret = __mt7615_mcu_msg_send(dev, skb, cmd, &seq);
158 if (ret)
159 goto out;
160
161 while (wait_resp) {
162 skb = mt76_mcu_get_response(mdev, expires);
163 if (!skb) {
164 dev_err(mdev->dev, "Message %d (seq %d) timeout\n",
165 cmd, seq);
166 ret = -ETIMEDOUT;
167 break;
168 }
169
170 ret = mt7615_mcu_parse_response(dev, cmd, skb, seq);
171 if (ret != -EAGAIN)
172 break;
173 }
174
175 out:
176 mutex_unlock(&mdev->mmio.mcu.mutex);
177
178 return ret;
179 }
180
181 static void
182 mt7615_mcu_csa_finish(void *priv, u8 *mac, struct ieee80211_vif *vif)
183 {
184 if (vif->csa_active)
185 ieee80211_csa_finish(vif);
186 }
187
188 static void
189 mt7615_mcu_rx_ext_event(struct mt7615_dev *dev, struct sk_buff *skb)
190 {
191 struct mt7615_mcu_rxd *rxd = (struct mt7615_mcu_rxd *)skb->data;
192
193 switch (rxd->ext_eid) {
194 case MCU_EXT_EVENT_RDD_REPORT:
195 ieee80211_radar_detected(dev->mt76.hw);
196 dev->hw_pattern++;
197 break;
198 case MCU_EXT_EVENT_CSA_NOTIFY:
199 ieee80211_iterate_active_interfaces_atomic(dev->mt76.hw,
200 IEEE80211_IFACE_ITER_RESUME_ALL,
201 mt7615_mcu_csa_finish, dev);
202 break;
203 default:
204 break;
205 }
206 }
207
208 static void
209 mt7615_mcu_rx_unsolicited_event(struct mt7615_dev *dev, struct sk_buff *skb)
210 {
211 struct mt7615_mcu_rxd *rxd = (struct mt7615_mcu_rxd *)skb->data;
212
213 switch (rxd->eid) {
214 case MCU_EVENT_EXT:
215 mt7615_mcu_rx_ext_event(dev, skb);
216 break;
217 default:
218 break;
219 }
220 dev_kfree_skb(skb);
221 }
222
223 void mt7615_mcu_rx_event(struct mt7615_dev *dev, struct sk_buff *skb)
224 {
225 struct mt7615_mcu_rxd *rxd = (struct mt7615_mcu_rxd *)skb->data;
226
227 if (rxd->ext_eid == MCU_EXT_EVENT_THERMAL_PROTECT ||
228 rxd->ext_eid == MCU_EXT_EVENT_FW_LOG_2_HOST ||
229 rxd->ext_eid == MCU_EXT_EVENT_ASSERT_DUMP ||
230 rxd->ext_eid == MCU_EXT_EVENT_PS_SYNC ||
231 !rxd->seq)
232 mt7615_mcu_rx_unsolicited_event(dev, skb);
233 else
234 mt76_mcu_rx_event(&dev->mt76, skb);
235 }
236
237 static int mt7615_mcu_init_download(struct mt7615_dev *dev, u32 addr,
238 u32 len, u32 mode)
239 {
240 struct {
241 __le32 addr;
242 __le32 len;
243 __le32 mode;
244 } req = {
245 .addr = cpu_to_le32(addr),
246 .len = cpu_to_le32(len),
247 .mode = cpu_to_le32(mode),
248 };
249
250 return __mt76_mcu_send_msg(&dev->mt76, -MCU_CMD_TARGET_ADDRESS_LEN_REQ,
251 &req, sizeof(req), true);
252 }
253
254 static int mt7615_mcu_send_firmware(struct mt7615_dev *dev, const void *data,
255 int len)
256 {
257 int ret = 0, cur_len;
258
259 while (len > 0) {
260 cur_len = min_t(int, 4096 - sizeof(struct mt7615_mcu_txd),
261 len);
262
263 ret = __mt76_mcu_send_msg(&dev->mt76, -MCU_CMD_FW_SCATTER,
264 data, cur_len, false);
265 if (ret)
266 break;
267
268 data += cur_len;
269 len -= cur_len;
270 mt76_queue_tx_cleanup(dev, MT_TXQ_FWDL, false);
271 }
272
273 return ret;
274 }
275
276 static int mt7615_mcu_start_firmware(struct mt7615_dev *dev, u32 addr,
277 u32 option)
278 {
279 struct {
280 __le32 option;
281 __le32 addr;
282 } req = {
283 .option = cpu_to_le32(option),
284 .addr = cpu_to_le32(addr),
285 };
286
287 return __mt76_mcu_send_msg(&dev->mt76, -MCU_CMD_FW_START_REQ,
288 &req, sizeof(req), true);
289 }
290
291 static int mt7615_mcu_restart(struct mt76_dev *dev)
292 {
293 return __mt76_mcu_send_msg(dev, -MCU_CMD_RESTART_DL_REQ, NULL,
294 0, true);
295 }
296
297 static int mt7615_mcu_patch_sem_ctrl(struct mt7615_dev *dev, bool get)
298 {
299 struct {
300 __le32 op;
301 } req = {
302 .op = cpu_to_le32(get ? PATCH_SEM_GET : PATCH_SEM_RELEASE),
303 };
304
305 return __mt76_mcu_send_msg(&dev->mt76, -MCU_CMD_PATCH_SEM_CONTROL,
306 &req, sizeof(req), true);
307 }
308
309 static int mt7615_mcu_start_patch(struct mt7615_dev *dev)
310 {
311 struct {
312 u8 check_crc;
313 u8 reserved[3];
314 } req = {
315 .check_crc = 0,
316 };
317
318 return __mt76_mcu_send_msg(&dev->mt76, -MCU_CMD_PATCH_FINISH_REQ,
319 &req, sizeof(req), true);
320 }
321
322 static int mt7615_driver_own(struct mt7615_dev *dev)
323 {
324 mt76_wr(dev, MT_CFG_LPCR_HOST, MT_CFG_LPCR_HOST_DRV_OWN);
325 if (!mt76_poll_msec(dev, MT_CFG_LPCR_HOST,
326 MT_CFG_LPCR_HOST_FW_OWN, 0, 500)) {
327 dev_err(dev->mt76.dev, "Timeout for driver own\n");
328 return -EIO;
329 }
330
331 return 0;
332 }
333
334 static int mt7615_load_patch(struct mt7615_dev *dev)
335 {
336 const struct mt7615_patch_hdr *hdr;
337 const struct firmware *fw = NULL;
338 int len, ret, sem;
339
340 sem = mt7615_mcu_patch_sem_ctrl(dev, 1);
341 switch (sem) {
342 case PATCH_IS_DL:
343 return 0;
344 case PATCH_NOT_DL_SEM_SUCCESS:
345 break;
346 default:
347 dev_err(dev->mt76.dev, "Failed to get patch semaphore\n");
348 return -EAGAIN;
349 }
350
351 ret = request_firmware(&fw, MT7615_ROM_PATCH, dev->mt76.dev);
352 if (ret)
353 goto out;
354
355 if (!fw || !fw->data || fw->size < sizeof(*hdr)) {
356 dev_err(dev->mt76.dev, "Invalid firmware\n");
357 ret = -EINVAL;
358 goto out;
359 }
360
361 hdr = (const struct mt7615_patch_hdr *)(fw->data);
362
363 dev_info(dev->mt76.dev, "HW/SW Version: 0x%x, Build Time: %.16s\n",
364 be32_to_cpu(hdr->hw_sw_ver), hdr->build_date);
365
366 len = fw->size - sizeof(*hdr);
367
368 ret = mt7615_mcu_init_download(dev, MCU_PATCH_ADDRESS, len,
369 DL_MODE_NEED_RSP);
370 if (ret) {
371 dev_err(dev->mt76.dev, "Download request failed\n");
372 goto out;
373 }
374
375 ret = mt7615_mcu_send_firmware(dev, fw->data + sizeof(*hdr), len);
376 if (ret) {
377 dev_err(dev->mt76.dev, "Failed to send firmware to device\n");
378 goto out;
379 }
380
381 ret = mt7615_mcu_start_patch(dev);
382 if (ret)
383 dev_err(dev->mt76.dev, "Failed to start patch\n");
384
385 out:
386 release_firmware(fw);
387
388 sem = mt7615_mcu_patch_sem_ctrl(dev, 0);
389 switch (sem) {
390 case PATCH_REL_SEM_SUCCESS:
391 break;
392 default:
393 ret = -EAGAIN;
394 dev_err(dev->mt76.dev, "Failed to release patch semaphore\n");
395 break;
396 }
397
398 return ret;
399 }
400
401 static u32 mt7615_mcu_gen_dl_mode(u8 feature_set, bool is_cr4)
402 {
403 u32 ret = 0;
404
405 ret |= (feature_set & FW_FEATURE_SET_ENCRYPT) ?
406 (DL_MODE_ENCRYPT | DL_MODE_RESET_SEC_IV) : 0;
407 ret |= FIELD_PREP(DL_MODE_KEY_IDX,
408 FIELD_GET(FW_FEATURE_SET_KEY_IDX, feature_set));
409 ret |= DL_MODE_NEED_RSP;
410 ret |= is_cr4 ? DL_MODE_WORKING_PDA_CR4 : 0;
411
412 return ret;
413 }
414
415 static int
416 mt7615_mcu_send_ram_firmware(struct mt7615_dev *dev,
417 const struct mt7615_fw_trailer *hdr,
418 const u8 *data, bool is_cr4)
419 {
420 int n_region = is_cr4 ? CR4_REGION_NUM : N9_REGION_NUM;
421 int err, i, offset = 0;
422 u32 len, addr, mode;
423
424 for (i = 0; i < n_region; i++) {
425 mode = mt7615_mcu_gen_dl_mode(hdr[i].feature_set, is_cr4);
426 len = le32_to_cpu(hdr[i].len) + IMG_CRC_LEN;
427 addr = le32_to_cpu(hdr[i].addr);
428
429 err = mt7615_mcu_init_download(dev, addr, len, mode);
430 if (err) {
431 dev_err(dev->mt76.dev, "Download request failed\n");
432 return err;
433 }
434
435 err = mt7615_mcu_send_firmware(dev, data + offset, len);
436 if (err) {
437 dev_err(dev->mt76.dev, "Failed to send firmware to device\n");
438 return err;
439 }
440
441 offset += len;
442 }
443
444 return 0;
445 }
446
447 static int mt7615_load_ram(struct mt7615_dev *dev)
448 {
449 const struct mt7615_fw_trailer *hdr;
450 const struct firmware *fw;
451 int ret;
452
453 ret = request_firmware(&fw, MT7615_FIRMWARE_N9, dev->mt76.dev);
454 if (ret)
455 return ret;
456
457 if (!fw || !fw->data || fw->size < N9_REGION_NUM * sizeof(*hdr)) {
458 dev_err(dev->mt76.dev, "Invalid firmware\n");
459 ret = -EINVAL;
460 goto out;
461 }
462
463 hdr = (const struct mt7615_fw_trailer *)(fw->data + fw->size -
464 N9_REGION_NUM * sizeof(*hdr));
465
466 dev_info(dev->mt76.dev, "N9 Firmware Version: %.10s, Build Time: %.15s\n",
467 hdr->fw_ver, hdr->build_date);
468
469 ret = mt7615_mcu_send_ram_firmware(dev, hdr, fw->data, false);
470 if (ret)
471 goto out;
472
473 ret = mt7615_mcu_start_firmware(dev, le32_to_cpu(hdr->addr),
474 FW_START_OVERRIDE);
475 if (ret) {
476 dev_err(dev->mt76.dev, "Failed to start N9 firmware\n");
477 goto out;
478 }
479
480 release_firmware(fw);
481
482 ret = request_firmware(&fw, MT7615_FIRMWARE_CR4, dev->mt76.dev);
483 if (ret)
484 return ret;
485
486 if (!fw || !fw->data || fw->size < CR4_REGION_NUM * sizeof(*hdr)) {
487 dev_err(dev->mt76.dev, "Invalid firmware\n");
488 ret = -EINVAL;
489 goto out;
490 }
491
492 hdr = (const struct mt7615_fw_trailer *)(fw->data + fw->size -
493 CR4_REGION_NUM * sizeof(*hdr));
494
495 dev_info(dev->mt76.dev, "CR4 Firmware Version: %.10s, Build Time: %.15s\n",
496 hdr->fw_ver, hdr->build_date);
497
498 ret = mt7615_mcu_send_ram_firmware(dev, hdr, fw->data, true);
499 if (ret)
500 goto out;
501
502 ret = mt7615_mcu_start_firmware(dev, 0, FW_START_WORKING_PDA_CR4);
503 if (ret)
504 dev_err(dev->mt76.dev, "Failed to start CR4 firmware\n");
505
506 out:
507 release_firmware(fw);
508
509 return ret;
510 }
511
512 static int mt7615_load_firmware(struct mt7615_dev *dev)
513 {
514 int ret;
515 u32 val;
516
517 val = mt76_get_field(dev, MT_TOP_MISC2, MT_TOP_MISC2_FW_STATE);
518
519 if (val != FW_STATE_FW_DOWNLOAD) {
520 dev_err(dev->mt76.dev, "Firmware is not ready for download\n");
521 return -EIO;
522 }
523
524 ret = mt7615_load_patch(dev);
525 if (ret)
526 return ret;
527
528 ret = mt7615_load_ram(dev);
529 if (ret)
530 return ret;
531
532 if (!mt76_poll_msec(dev, MT_TOP_MISC2, MT_TOP_MISC2_FW_STATE,
533 FIELD_PREP(MT_TOP_MISC2_FW_STATE,
534 FW_STATE_CR4_RDY), 500)) {
535 dev_err(dev->mt76.dev, "Timeout for initializing firmware\n");
536 return -EIO;
537 }
538
539 mt76_queue_tx_cleanup(dev, MT_TXQ_FWDL, false);
540
541 dev_dbg(dev->mt76.dev, "Firmware init done\n");
542
543 return 0;
544 }
545
546 int mt7615_mcu_init(struct mt7615_dev *dev)
547 {
548 static const struct mt76_mcu_ops mt7615_mcu_ops = {
549 .mcu_send_msg = mt7615_mcu_msg_send,
550 .mcu_restart = mt7615_mcu_restart,
551 };
552 int ret;
553
554 dev->mt76.mcu_ops = &mt7615_mcu_ops,
555
556 ret = mt7615_driver_own(dev);
557 if (ret)
558 return ret;
559
560 ret = mt7615_load_firmware(dev);
561 if (ret)
562 return ret;
563
564 set_bit(MT76_STATE_MCU_RUNNING, &dev->mt76.state);
565
566 return 0;
567 }
568
569 void mt7615_mcu_exit(struct mt7615_dev *dev)
570 {
571 __mt76_mcu_restart(&dev->mt76);
572 mt76_wr(dev, MT_CFG_LPCR_HOST, MT_CFG_LPCR_HOST_FW_OWN);
573 skb_queue_purge(&dev->mt76.mmio.mcu.res_q);
574 }
575
576 int mt7615_mcu_set_eeprom(struct mt7615_dev *dev)
577 {
578 struct {
579 u8 buffer_mode;
580 u8 pad;
581 u16 len;
582 } __packed req_hdr = {
583 .buffer_mode = 1,
584 .len = __MT_EE_MAX - MT_EE_NIC_CONF_0,
585 };
586 int ret, len = sizeof(req_hdr) + __MT_EE_MAX - MT_EE_NIC_CONF_0;
587 u8 *req, *eep = (u8 *)dev->mt76.eeprom.data;
588
589 req = kzalloc(len, GFP_KERNEL);
590 if (!req)
591 return -ENOMEM;
592
593 memcpy(req, &req_hdr, sizeof(req_hdr));
594 memcpy(req + sizeof(req_hdr), eep + MT_EE_NIC_CONF_0,
595 __MT_EE_MAX - MT_EE_NIC_CONF_0);
596
597 ret = __mt76_mcu_send_msg(&dev->mt76, MCU_EXT_CMD_EFUSE_BUFFER_MODE,
598 req, len, true);
599 kfree(req);
600
601 return ret;
602 }
603
604 int mt7615_mcu_init_mac(struct mt7615_dev *dev)
605 {
606 struct {
607 u8 enable;
608 u8 band;
609 u8 rsv[2];
610 } __packed req = {
611 .enable = 1,
612 .band = 0,
613 };
614
615 return __mt76_mcu_send_msg(&dev->mt76, MCU_EXT_CMD_MAC_INIT_CTRL,
616 &req, sizeof(req), true);
617 }
618
619 int mt7615_mcu_set_rts_thresh(struct mt7615_dev *dev, u32 val)
620 {
621 struct {
622 u8 prot_idx;
623 u8 band;
624 u8 rsv[2];
625 __le32 len_thresh;
626 __le32 pkt_thresh;
627 } __packed req = {
628 .prot_idx = 1,
629 .band = 0,
630 .len_thresh = cpu_to_le32(val),
631 .pkt_thresh = cpu_to_le32(0x2),
632 };
633
634 return __mt76_mcu_send_msg(&dev->mt76, MCU_EXT_CMD_PROTECT_CTRL,
635 &req, sizeof(req), true);
636 }
637
638 int mt7615_mcu_set_wmm(struct mt7615_dev *dev, u8 queue,
639 const struct ieee80211_tx_queue_params *params)
640 {
641 #define WMM_AIFS_SET BIT(0)
642 #define WMM_CW_MIN_SET BIT(1)
643 #define WMM_CW_MAX_SET BIT(2)
644 #define WMM_TXOP_SET BIT(3)
645 #define WMM_PARAM_SET (WMM_AIFS_SET | WMM_CW_MIN_SET | \
646 WMM_CW_MAX_SET | WMM_TXOP_SET)
647 struct req_data {
648 u8 number;
649 u8 rsv[3];
650 u8 queue;
651 u8 valid;
652 u8 aifs;
653 u8 cw_min;
654 __le16 cw_max;
655 __le16 txop;
656 } __packed req = {
657 .number = 1,
658 .queue = queue,
659 .valid = WMM_PARAM_SET,
660 .aifs = params->aifs,
661 .cw_min = 5,
662 .cw_max = cpu_to_le16(10),
663 .txop = cpu_to_le16(params->txop),
664 };
665
666 if (params->cw_min)
667 req.cw_min = fls(params->cw_min);
668 if (params->cw_max)
669 req.cw_max = cpu_to_le16(fls(params->cw_max));
670
671 return __mt76_mcu_send_msg(&dev->mt76, MCU_EXT_CMD_EDCA_UPDATE,
672 &req, sizeof(req), true);
673 }
674
675 int mt7615_mcu_ctrl_pm_state(struct mt7615_dev *dev, int enter)
676 {
677 #define ENTER_PM_STATE 1
678 #define EXIT_PM_STATE 2
679 struct {
680 u8 pm_number;
681 u8 pm_state;
682 u8 bssid[ETH_ALEN];
683 u8 dtim_period;
684 u8 wlan_idx;
685 __le16 bcn_interval;
686 __le32 aid;
687 __le32 rx_filter;
688 u8 band_idx;
689 u8 rsv[3];
690 __le32 feature;
691 u8 omac_idx;
692 u8 wmm_idx;
693 u8 bcn_loss_cnt;
694 u8 bcn_sp_duration;
695 } __packed req = {
696 .pm_number = 5,
697 .pm_state = (enter) ? ENTER_PM_STATE : EXIT_PM_STATE,
698 .band_idx = 0,
699 };
700
701 return __mt76_mcu_send_msg(&dev->mt76, MCU_EXT_CMD_PM_STATE_CTRL,
702 &req, sizeof(req), true);
703 }
704
705 int mt7615_mcu_set_dev_info(struct mt7615_dev *dev,
706 struct ieee80211_vif *vif, bool enable)
707 {
708 struct mt7615_vif *mvif = (struct mt7615_vif *)vif->drv_priv;
709 struct {
710 struct req_hdr {
711 u8 omac_idx;
712 u8 band_idx;
713 __le16 tlv_num;
714 u8 is_tlv_append;
715 u8 rsv[3];
716 } __packed hdr;
717 struct req_tlv {
718 __le16 tag;
719 __le16 len;
720 u8 active;
721 u8 band_idx;
722 u8 omac_addr[ETH_ALEN];
723 } __packed tlv;
724 } data = {
725 .hdr = {
726 .omac_idx = mvif->omac_idx,
727 .band_idx = mvif->band_idx,
728 .tlv_num = cpu_to_le16(1),
729 .is_tlv_append = 1,
730 },
731 .tlv = {
732 .tag = cpu_to_le16(DEV_INFO_ACTIVE),
733 .len = cpu_to_le16(sizeof(struct req_tlv)),
734 .active = enable,
735 .band_idx = mvif->band_idx,
736 },
737 };
738
739 memcpy(data.tlv.omac_addr, vif->addr, ETH_ALEN);
740 return __mt76_mcu_send_msg(&dev->mt76, MCU_EXT_CMD_DEV_INFO_UPDATE,
741 &data, sizeof(data), true);
742 }
743
744 static void
745 mt7615_mcu_bss_info_omac_header(struct mt7615_vif *mvif, u8 *data,
746 u32 conn_type)
747 {
748 struct bss_info_omac *hdr = (struct bss_info_omac *)data;
749 u8 idx;
750
751 idx = mvif->omac_idx > EXT_BSSID_START ? HW_BSSID_0 : mvif->omac_idx;
752 hdr->tag = cpu_to_le16(BSS_INFO_OMAC);
753 hdr->len = cpu_to_le16(sizeof(struct bss_info_omac));
754 hdr->hw_bss_idx = idx;
755 hdr->omac_idx = mvif->omac_idx;
756 hdr->band_idx = mvif->band_idx;
757 hdr->conn_type = cpu_to_le32(conn_type);
758 }
759
760 static void
761 mt7615_mcu_bss_info_basic_header(struct ieee80211_vif *vif, u8 *data,
762 u32 net_type, u8 tx_wlan_idx,
763 bool enable)
764 {
765 struct mt7615_vif *mvif = (struct mt7615_vif *)vif->drv_priv;
766 struct bss_info_basic *hdr = (struct bss_info_basic *)data;
767
768 hdr->tag = cpu_to_le16(BSS_INFO_BASIC);
769 hdr->len = cpu_to_le16(sizeof(struct bss_info_basic));
770 hdr->network_type = cpu_to_le32(net_type);
771 hdr->active = enable;
772 hdr->bcn_interval = cpu_to_le16(vif->bss_conf.beacon_int);
773 memcpy(hdr->bssid, vif->bss_conf.bssid, ETH_ALEN);
774 hdr->wmm_idx = mvif->wmm_idx;
775 hdr->dtim_period = vif->bss_conf.dtim_period;
776 hdr->bmc_tx_wlan_idx = tx_wlan_idx;
777 }
778
779 static void
780 mt7615_mcu_bss_info_ext_header(struct mt7615_vif *mvif, u8 *data)
781 {
782 /* SIFS 20us + 512 byte beacon tranmitted by 1Mbps (3906us) */
783 #define BCN_TX_ESTIMATE_TIME (4096 + 20)
784 struct bss_info_ext_bss *hdr = (struct bss_info_ext_bss *)data;
785 int ext_bss_idx, tsf_offset;
786
787 ext_bss_idx = mvif->omac_idx - EXT_BSSID_START;
788 if (ext_bss_idx < 0)
789 return;
790
791 hdr->tag = cpu_to_le16(BSS_INFO_EXT_BSS);
792 hdr->len = cpu_to_le16(sizeof(struct bss_info_ext_bss));
793 tsf_offset = ext_bss_idx * BCN_TX_ESTIMATE_TIME;
794 hdr->mbss_tsf_offset = cpu_to_le32(tsf_offset);
795 }
796
797 int mt7615_mcu_set_bss_info(struct mt7615_dev *dev,
798 struct ieee80211_vif *vif, int en)
799 {
800 struct mt7615_vif *mvif = (struct mt7615_vif *)vif->drv_priv;
801 struct req_hdr {
802 u8 bss_idx;
803 u8 rsv0;
804 __le16 tlv_num;
805 u8 is_tlv_append;
806 u8 rsv1[3];
807 } __packed;
808 int len = sizeof(struct req_hdr) + sizeof(struct bss_info_basic);
809 int ret, i, features = BIT(BSS_INFO_BASIC), ntlv = 1;
810 u32 conn_type = 0, net_type = NETWORK_INFRA;
811 u8 *buf, *data, tx_wlan_idx = 0;
812 struct req_hdr *hdr;
813
814 if (en) {
815 len += sizeof(struct bss_info_omac);
816 features |= BIT(BSS_INFO_OMAC);
817 if (mvif->omac_idx > EXT_BSSID_START) {
818 len += sizeof(struct bss_info_ext_bss);
819 features |= BIT(BSS_INFO_EXT_BSS);
820 ntlv++;
821 }
822 ntlv++;
823 }
824
825 switch (vif->type) {
826 case NL80211_IFTYPE_AP:
827 case NL80211_IFTYPE_MESH_POINT:
828 tx_wlan_idx = mvif->sta.wcid.idx;
829 conn_type = CONNECTION_INFRA_AP;
830 break;
831 case NL80211_IFTYPE_STATION: {
832 /* TODO: enable BSS_INFO_UAPSD & BSS_INFO_PM */
833 if (en) {
834 struct ieee80211_sta *sta;
835 struct mt7615_sta *msta;
836
837 rcu_read_lock();
838 sta = ieee80211_find_sta(vif, vif->bss_conf.bssid);
839 if (!sta) {
840 rcu_read_unlock();
841 return -EINVAL;
842 }
843
844 msta = (struct mt7615_sta *)sta->drv_priv;
845 tx_wlan_idx = msta->wcid.idx;
846 rcu_read_unlock();
847 }
848 conn_type = CONNECTION_INFRA_STA;
849 break;
850 }
851 default:
852 WARN_ON(1);
853 break;
854 }
855
856 buf = kzalloc(len, GFP_KERNEL);
857 if (!buf)
858 return -ENOMEM;
859
860 hdr = (struct req_hdr *)buf;
861 hdr->bss_idx = mvif->idx;
862 hdr->tlv_num = cpu_to_le16(ntlv);
863 hdr->is_tlv_append = 1;
864
865 data = buf + sizeof(*hdr);
866 for (i = 0; i < BSS_INFO_MAX_NUM; i++) {
867 int tag = ffs(features & BIT(i)) - 1;
868
869 switch (tag) {
870 case BSS_INFO_OMAC:
871 mt7615_mcu_bss_info_omac_header(mvif, data,
872 conn_type);
873 data += sizeof(struct bss_info_omac);
874 break;
875 case BSS_INFO_BASIC:
876 mt7615_mcu_bss_info_basic_header(vif, data, net_type,
877 tx_wlan_idx, en);
878 data += sizeof(struct bss_info_basic);
879 break;
880 case BSS_INFO_EXT_BSS:
881 mt7615_mcu_bss_info_ext_header(mvif, data);
882 data += sizeof(struct bss_info_ext_bss);
883 break;
884 default:
885 break;
886 }
887 }
888
889 ret = __mt76_mcu_send_msg(&dev->mt76, MCU_EXT_CMD_BSS_INFO_UPDATE,
890 buf, len, true);
891 kfree(buf);
892
893 return ret;
894 }
895
896 static int
897 mt7615_mcu_add_wtbl_bmc(struct mt7615_dev *dev,
898 struct mt7615_vif *mvif)
899 {
900 struct {
901 struct wtbl_req_hdr hdr;
902 struct wtbl_generic g_wtbl;
903 struct wtbl_rx rx_wtbl;
904 } req = {
905 .hdr = {
906 .wlan_idx = mvif->sta.wcid.idx,
907 .operation = WTBL_RESET_AND_SET,
908 .tlv_num = cpu_to_le16(2),
909 },
910 .g_wtbl = {
911 .tag = cpu_to_le16(WTBL_GENERIC),
912 .len = cpu_to_le16(sizeof(struct wtbl_generic)),
913 .muar_idx = 0xe,
914 },
915 .rx_wtbl = {
916 .tag = cpu_to_le16(WTBL_RX),
917 .len = cpu_to_le16(sizeof(struct wtbl_rx)),
918 .rca1 = 1,
919 .rca2 = 1,
920 .rv = 1,
921 },
922 };
923 eth_broadcast_addr(req.g_wtbl.peer_addr);
924
925 return __mt76_mcu_send_msg(&dev->mt76, MCU_EXT_CMD_WTBL_UPDATE,
926 &req, sizeof(req), true);
927 }
928
929 int mt7615_mcu_wtbl_bmc(struct mt7615_dev *dev,
930 struct ieee80211_vif *vif, bool enable)
931 {
932 struct mt7615_vif *mvif = (struct mt7615_vif *)vif->drv_priv;
933
934 if (!enable) {
935 struct wtbl_req_hdr req = {
936 .wlan_idx = mvif->sta.wcid.idx,
937 .operation = WTBL_RESET_AND_SET,
938 };
939
940 return __mt76_mcu_send_msg(&dev->mt76, MCU_EXT_CMD_WTBL_UPDATE,
941 &req, sizeof(req), true);
942 }
943
944 return mt7615_mcu_add_wtbl_bmc(dev, mvif);
945 }
946
947 int mt7615_mcu_add_wtbl(struct mt7615_dev *dev, struct ieee80211_vif *vif,
948 struct ieee80211_sta *sta)
949 {
950 struct mt7615_vif *mvif = (struct mt7615_vif *)vif->drv_priv;
951 struct mt7615_sta *msta = (struct mt7615_sta *)sta->drv_priv;
952 struct {
953 struct wtbl_req_hdr hdr;
954 struct wtbl_generic g_wtbl;
955 struct wtbl_rx rx_wtbl;
956 } req = {
957 .hdr = {
958 .wlan_idx = msta->wcid.idx,
959 .operation = WTBL_RESET_AND_SET,
960 .tlv_num = cpu_to_le16(2),
961 },
962 .g_wtbl = {
963 .tag = cpu_to_le16(WTBL_GENERIC),
964 .len = cpu_to_le16(sizeof(struct wtbl_generic)),
965 .muar_idx = mvif->omac_idx,
966 .qos = sta->wme,
967 .partial_aid = cpu_to_le16(sta->aid),
968 },
969 .rx_wtbl = {
970 .tag = cpu_to_le16(WTBL_RX),
971 .len = cpu_to_le16(sizeof(struct wtbl_rx)),
972 .rca1 = vif->type != NL80211_IFTYPE_AP,
973 .rca2 = 1,
974 .rv = 1,
975 },
976 };
977 memcpy(req.g_wtbl.peer_addr, sta->addr, ETH_ALEN);
978
979 return __mt76_mcu_send_msg(&dev->mt76, MCU_EXT_CMD_WTBL_UPDATE,
980 &req, sizeof(req), true);
981 }
982
983 int mt7615_mcu_del_wtbl(struct mt7615_dev *dev,
984 struct ieee80211_sta *sta)
985 {
986 struct mt7615_sta *msta = (struct mt7615_sta *)sta->drv_priv;
987 struct wtbl_req_hdr req = {
988 .wlan_idx = msta->wcid.idx,
989 .operation = WTBL_RESET_AND_SET,
990 };
991
992 return __mt76_mcu_send_msg(&dev->mt76, MCU_EXT_CMD_WTBL_UPDATE,
993 &req, sizeof(req), true);
994 }
995
996 int mt7615_mcu_del_wtbl_all(struct mt7615_dev *dev)
997 {
998 struct wtbl_req_hdr req = {
999 .operation = WTBL_RESET_ALL,
1000 };
1001
1002 return __mt76_mcu_send_msg(&dev->mt76, MCU_EXT_CMD_WTBL_UPDATE,
1003 &req, sizeof(req), true);
1004 }
1005
1006 int mt7615_mcu_set_sta_rec_bmc(struct mt7615_dev *dev,
1007 struct ieee80211_vif *vif, bool en)
1008 {
1009 struct mt7615_vif *mvif = (struct mt7615_vif *)vif->drv_priv;
1010 struct {
1011 struct sta_req_hdr hdr;
1012 struct sta_rec_basic basic;
1013 } req = {
1014 .hdr = {
1015 .bss_idx = mvif->idx,
1016 .wlan_idx = mvif->sta.wcid.idx,
1017 .tlv_num = cpu_to_le16(1),
1018 .is_tlv_append = 1,
1019 .muar_idx = mvif->omac_idx,
1020 },
1021 .basic = {
1022 .tag = cpu_to_le16(STA_REC_BASIC),
1023 .len = cpu_to_le16(sizeof(struct sta_rec_basic)),
1024 .conn_type = cpu_to_le32(CONNECTION_INFRA_BC),
1025 },
1026 };
1027 eth_broadcast_addr(req.basic.peer_addr);
1028
1029 if (en) {
1030 req.basic.conn_state = CONN_STATE_PORT_SECURE;
1031 req.basic.extra_info = cpu_to_le16(EXTRA_INFO_VER |
1032 EXTRA_INFO_NEW);
1033 } else {
1034 req.basic.conn_state = CONN_STATE_DISCONNECT;
1035 req.basic.extra_info = cpu_to_le16(EXTRA_INFO_VER);
1036 }
1037
1038 return __mt76_mcu_send_msg(&dev->mt76, MCU_EXT_CMD_STA_REC_UPDATE,
1039 &req, sizeof(req), true);
1040 }
1041
1042 int mt7615_mcu_set_sta_rec(struct mt7615_dev *dev, struct ieee80211_vif *vif,
1043 struct ieee80211_sta *sta, bool en)
1044 {
1045 struct mt7615_vif *mvif = (struct mt7615_vif *)vif->drv_priv;
1046 struct mt7615_sta *msta = (struct mt7615_sta *)sta->drv_priv;
1047
1048 struct {
1049 struct sta_req_hdr hdr;
1050 struct sta_rec_basic basic;
1051 } req = {
1052 .hdr = {
1053 .bss_idx = mvif->idx,
1054 .wlan_idx = msta->wcid.idx,
1055 .tlv_num = cpu_to_le16(1),
1056 .is_tlv_append = 1,
1057 .muar_idx = mvif->omac_idx,
1058 },
1059 .basic = {
1060 .tag = cpu_to_le16(STA_REC_BASIC),
1061 .len = cpu_to_le16(sizeof(struct sta_rec_basic)),
1062 .qos = sta->wme,
1063 .aid = cpu_to_le16(sta->aid),
1064 },
1065 };
1066 memcpy(req.basic.peer_addr, sta->addr, ETH_ALEN);
1067
1068 switch (vif->type) {
1069 case NL80211_IFTYPE_AP:
1070 case NL80211_IFTYPE_MESH_POINT:
1071 req.basic.conn_type = cpu_to_le32(CONNECTION_INFRA_STA);
1072 break;
1073 case NL80211_IFTYPE_STATION:
1074 req.basic.conn_type = cpu_to_le32(CONNECTION_INFRA_AP);
1075 break;
1076 default:
1077 WARN_ON(1);
1078 break;
1079 };
1080
1081 if (en) {
1082 req.basic.conn_state = CONN_STATE_PORT_SECURE;
1083 req.basic.extra_info = cpu_to_le16(EXTRA_INFO_VER |
1084 EXTRA_INFO_NEW);
1085 } else {
1086 req.basic.conn_state = CONN_STATE_DISCONNECT;
1087 req.basic.extra_info = cpu_to_le16(EXTRA_INFO_VER);
1088 }
1089
1090 return __mt76_mcu_send_msg(&dev->mt76, MCU_EXT_CMD_STA_REC_UPDATE,
1091 &req, sizeof(req), true);
1092 }
1093
1094 int mt7615_mcu_set_bcn(struct mt7615_dev *dev, struct ieee80211_vif *vif,
1095 int en)
1096 {
1097 struct mt7615_vif *mvif = (struct mt7615_vif *)vif->drv_priv;
1098 struct mt76_wcid *wcid = &dev->mt76.global_wcid;
1099 struct ieee80211_mutable_offsets offs;
1100 struct req {
1101 u8 omac_idx;
1102 u8 enable;
1103 u8 wlan_idx;
1104 u8 band_idx;
1105 u8 pkt_type;
1106 u8 need_pre_tbtt_int;
1107 __le16 csa_ie_pos;
1108 __le16 pkt_len;
1109 __le16 tim_ie_pos;
1110 u8 pkt[512];
1111 u8 csa_cnt;
1112 /* bss color change */
1113 u8 bcc_cnt;
1114 __le16 bcc_ie_pos;
1115 } __packed req = {
1116 .omac_idx = mvif->omac_idx,
1117 .enable = en,
1118 .wlan_idx = wcid->idx,
1119 .band_idx = mvif->band_idx,
1120 };
1121 struct sk_buff *skb;
1122
1123 skb = ieee80211_beacon_get_template(mt76_hw(dev), vif, &offs);
1124 if (!skb)
1125 return -EINVAL;
1126
1127 if (skb->len > 512 - MT_TXD_SIZE) {
1128 dev_err(dev->mt76.dev, "Bcn size limit exceed\n");
1129 dev_kfree_skb(skb);
1130 return -EINVAL;
1131 }
1132
1133 mt7615_mac_write_txwi(dev, (__le32 *)(req.pkt), skb, wcid, NULL,
1134 0, NULL);
1135 memcpy(req.pkt + MT_TXD_SIZE, skb->data, skb->len);
1136 req.pkt_len = cpu_to_le16(MT_TXD_SIZE + skb->len);
1137 req.tim_ie_pos = cpu_to_le16(MT_TXD_SIZE + offs.tim_offset);
1138 if (offs.csa_counter_offs[0]) {
1139 u16 csa_offs;
1140
1141 csa_offs = MT_TXD_SIZE + offs.csa_counter_offs[0] - 4;
1142 req.csa_ie_pos = cpu_to_le16(csa_offs);
1143 req.csa_cnt = skb->data[offs.csa_counter_offs[0]];
1144 }
1145 dev_kfree_skb(skb);
1146
1147 return __mt76_mcu_send_msg(&dev->mt76, MCU_EXT_CMD_BCN_OFFLOAD,
1148 &req, sizeof(req), true);
1149 }
1150
1151 int mt7615_mcu_set_tx_power(struct mt7615_dev *dev)
1152 {
1153 int i, ret, n_chains = hweight8(dev->mt76.antenna_mask);
1154 struct cfg80211_chan_def *chandef = &dev->mt76.chandef;
1155 int freq = chandef->center_freq1, len, target_chains;
1156 u8 *req, *data, *eep = (u8 *)dev->mt76.eeprom.data;
1157 enum nl80211_band band = chandef->chan->band;
1158 struct ieee80211_hw *hw = mt76_hw(dev);
1159 struct {
1160 u8 center_chan;
1161 u8 dbdc_idx;
1162 u8 band;
1163 u8 rsv;
1164 } __packed req_hdr = {
1165 .center_chan = ieee80211_frequency_to_channel(freq),
1166 .band = band,
1167 };
1168 s8 tx_power;
1169
1170 len = sizeof(req_hdr) + __MT_EE_MAX - MT_EE_NIC_CONF_0;
1171 req = kzalloc(len, GFP_KERNEL);
1172 if (!req)
1173 return -ENOMEM;
1174
1175 memcpy(req, &req_hdr, sizeof(req_hdr));
1176 data = req + sizeof(req_hdr);
1177 memcpy(data, eep + MT_EE_NIC_CONF_0,
1178 __MT_EE_MAX - MT_EE_NIC_CONF_0);
1179
1180 tx_power = hw->conf.power_level * 2;
1181 switch (n_chains) {
1182 case 4:
1183 tx_power -= 12;
1184 break;
1185 case 3:
1186 tx_power -= 8;
1187 break;
1188 case 2:
1189 tx_power -= 6;
1190 break;
1191 default:
1192 break;
1193 }
1194 tx_power = max_t(s8, tx_power, 0);
1195 dev->mt76.txpower_cur = tx_power;
1196
1197 target_chains = mt7615_ext_pa_enabled(dev, band) ? 1 : n_chains;
1198 for (i = 0; i < target_chains; i++) {
1199 int index = -MT_EE_NIC_CONF_0;
1200
1201 ret = mt7615_eeprom_get_power_index(dev, chandef->chan, i);
1202 if (ret < 0)
1203 goto out;
1204
1205 index += ret;
1206 data[index] = min_t(u8, data[index], tx_power);
1207 }
1208
1209 ret = __mt76_mcu_send_msg(&dev->mt76, MCU_EXT_CMD_SET_TX_POWER_CTRL,
1210 req, len, true);
1211 out:
1212 kfree(req);
1213
1214 return ret;
1215 }
1216
1217 int mt7615_mcu_rdd_cmd(struct mt7615_dev *dev,
1218 enum mt7615_rdd_cmd cmd, u8 index,
1219 u8 rx_sel, u8 val)
1220 {
1221 struct {
1222 u8 ctrl;
1223 u8 rdd_idx;
1224 u8 rdd_rx_sel;
1225 u8 val;
1226 u8 rsv[4];
1227 } req = {
1228 .ctrl = cmd,
1229 .rdd_idx = index,
1230 .rdd_rx_sel = rx_sel,
1231 .val = val,
1232 };
1233
1234 return __mt76_mcu_send_msg(&dev->mt76, MCU_EXT_CMD_SET_RDD_CTRL,
1235 &req, sizeof(req), true);
1236 }
1237
1238 int mt7615_mcu_rdd_send_pattern(struct mt7615_dev *dev)
1239 {
1240 struct {
1241 u8 pulse_num;
1242 u8 rsv[3];
1243 struct {
1244 u32 start_time;
1245 u16 width;
1246 s16 power;
1247 } pattern[32];
1248 } req = {
1249 .pulse_num = dev->radar_pattern.n_pulses,
1250 };
1251 u32 start_time = ktime_to_ms(ktime_get_boottime());
1252 int i;
1253
1254 if (dev->radar_pattern.n_pulses > ARRAY_SIZE(req.pattern))
1255 return -EINVAL;
1256
1257 /* TODO: add some noise here */
1258 for (i = 0; i < dev->radar_pattern.n_pulses; i++) {
1259 req.pattern[i].width = dev->radar_pattern.width;
1260 req.pattern[i].power = dev->radar_pattern.power;
1261 req.pattern[i].start_time = start_time +
1262 i * dev->radar_pattern.period;
1263 }
1264
1265 return __mt76_mcu_send_msg(&dev->mt76, MCU_EXT_CMD_SET_RDD_PATTERN,
1266 &req, sizeof(req), false);
1267 }
1268
1269 int mt7615_mcu_set_channel(struct mt7615_dev *dev)
1270 {
1271 struct cfg80211_chan_def *chandef = &dev->mt76.chandef;
1272 int freq1 = chandef->center_freq1, freq2 = chandef->center_freq2;
1273 struct {
1274 u8 control_chan;
1275 u8 center_chan;
1276 u8 bw;
1277 u8 tx_streams;
1278 u8 rx_streams_mask;
1279 u8 switch_reason;
1280 u8 band_idx;
1281 /* for 80+80 only */
1282 u8 center_chan2;
1283 __le16 cac_case;
1284 u8 channel_band;
1285 u8 rsv0;
1286 __le32 outband_freq;
1287 u8 txpower_drop;
1288 u8 rsv1[3];
1289 u8 txpower_sku[53];
1290 u8 rsv2[3];
1291 } req = {
1292 .control_chan = chandef->chan->hw_value,
1293 .center_chan = ieee80211_frequency_to_channel(freq1),
1294 .tx_streams = (dev->mt76.chainmask >> 8) & 0xf,
1295 .rx_streams_mask = dev->mt76.antenna_mask,
1296 .center_chan2 = ieee80211_frequency_to_channel(freq2),
1297 };
1298 int ret;
1299
1300 if ((chandef->chan->flags & IEEE80211_CHAN_RADAR) &&
1301 chandef->chan->dfs_state != NL80211_DFS_AVAILABLE)
1302 req.switch_reason = CH_SWITCH_DFS;
1303 else
1304 req.switch_reason = CH_SWITCH_NORMAL;
1305
1306 switch (dev->mt76.chandef.width) {
1307 case NL80211_CHAN_WIDTH_40:
1308 req.bw = CMD_CBW_40MHZ;
1309 break;
1310 case NL80211_CHAN_WIDTH_80:
1311 req.bw = CMD_CBW_80MHZ;
1312 break;
1313 case NL80211_CHAN_WIDTH_80P80:
1314 req.bw = CMD_CBW_8080MHZ;
1315 break;
1316 case NL80211_CHAN_WIDTH_160:
1317 req.bw = CMD_CBW_160MHZ;
1318 break;
1319 case NL80211_CHAN_WIDTH_5:
1320 req.bw = CMD_CBW_5MHZ;
1321 break;
1322 case NL80211_CHAN_WIDTH_10:
1323 req.bw = CMD_CBW_10MHZ;
1324 break;
1325 case NL80211_CHAN_WIDTH_20_NOHT:
1326 case NL80211_CHAN_WIDTH_20:
1327 default:
1328 req.bw = CMD_CBW_20MHZ;
1329 break;
1330 }
1331 memset(req.txpower_sku, 0x3f, 49);
1332
1333 ret = __mt76_mcu_send_msg(&dev->mt76, MCU_EXT_CMD_CHANNEL_SWITCH,
1334 &req, sizeof(req), true);
1335 if (ret)
1336 return ret;
1337
1338 return __mt76_mcu_send_msg(&dev->mt76, MCU_EXT_CMD_SET_RX_PATH,
1339 &req, sizeof(req), true);
1340 }
1341
1342 int mt7615_mcu_set_ht_cap(struct mt7615_dev *dev, struct ieee80211_vif *vif,
1343 struct ieee80211_sta *sta)
1344 {
1345 struct mt7615_sta *msta = (struct mt7615_sta *)sta->drv_priv;
1346 struct mt7615_vif *mvif = (struct mt7615_vif *)vif->drv_priv;
1347 struct wtbl_req_hdr *wtbl_hdr;
1348 struct sta_req_hdr *sta_hdr;
1349 struct wtbl_raw *wtbl_raw;
1350 struct sta_rec_ht *sta_ht;
1351 struct wtbl_ht *wtbl_ht;
1352 int buf_len, ret, ntlv = 2;
1353 u32 msk, val = 0;
1354 u8 *buf;
1355
1356 buf = kzalloc(MT7615_WTBL_UPDATE_MAX_SIZE, GFP_KERNEL);
1357 if (!buf)
1358 return -ENOMEM;
1359
1360 wtbl_hdr = (struct wtbl_req_hdr *)buf;
1361 wtbl_hdr->wlan_idx = msta->wcid.idx;
1362 wtbl_hdr->operation = WTBL_SET;
1363 buf_len = sizeof(*wtbl_hdr);
1364
1365 /* ht basic */
1366 wtbl_ht = (struct wtbl_ht *)(buf + buf_len);
1367 wtbl_ht->tag = cpu_to_le16(WTBL_HT);
1368 wtbl_ht->len = cpu_to_le16(sizeof(*wtbl_ht));
1369 wtbl_ht->ht = 1;
1370 wtbl_ht->ldpc = sta->ht_cap.cap & IEEE80211_HT_CAP_LDPC_CODING;
1371 wtbl_ht->af = sta->ht_cap.ampdu_factor;
1372 wtbl_ht->mm = sta->ht_cap.ampdu_density;
1373 buf_len += sizeof(*wtbl_ht);
1374
1375 if (sta->ht_cap.cap & IEEE80211_HT_CAP_SGI_20)
1376 val |= MT_WTBL_W5_SHORT_GI_20;
1377 if (sta->ht_cap.cap & IEEE80211_HT_CAP_SGI_40)
1378 val |= MT_WTBL_W5_SHORT_GI_40;
1379
1380 /* vht basic */
1381 if (sta->vht_cap.vht_supported) {
1382 struct wtbl_vht *wtbl_vht;
1383
1384 wtbl_vht = (struct wtbl_vht *)(buf + buf_len);
1385 buf_len += sizeof(*wtbl_vht);
1386 wtbl_vht->tag = cpu_to_le16(WTBL_VHT);
1387 wtbl_vht->len = cpu_to_le16(sizeof(*wtbl_vht));
1388 wtbl_vht->ldpc = sta->vht_cap.cap & IEEE80211_VHT_CAP_RXLDPC;
1389 wtbl_vht->vht = 1;
1390 ntlv++;
1391
1392 if (sta->vht_cap.cap & IEEE80211_VHT_CAP_SHORT_GI_80)
1393 val |= MT_WTBL_W5_SHORT_GI_80;
1394 if (sta->vht_cap.cap & IEEE80211_VHT_CAP_SHORT_GI_160)
1395 val |= MT_WTBL_W5_SHORT_GI_160;
1396 }
1397
1398 /* smps */
1399 if (sta->smps_mode == IEEE80211_SMPS_DYNAMIC) {
1400 struct wtbl_smps *wtbl_smps;
1401
1402 wtbl_smps = (struct wtbl_smps *)(buf + buf_len);
1403 buf_len += sizeof(*wtbl_smps);
1404 wtbl_smps->tag = cpu_to_le16(WTBL_SMPS);
1405 wtbl_smps->len = cpu_to_le16(sizeof(*wtbl_smps));
1406 wtbl_smps->smps = 1;
1407 ntlv++;
1408 }
1409
1410 /* sgi */
1411 msk = MT_WTBL_W5_SHORT_GI_20 | MT_WTBL_W5_SHORT_GI_40 |
1412 MT_WTBL_W5_SHORT_GI_80 | MT_WTBL_W5_SHORT_GI_160;
1413
1414 wtbl_raw = (struct wtbl_raw *)(buf + buf_len);
1415 buf_len += sizeof(*wtbl_raw);
1416 wtbl_raw->tag = cpu_to_le16(WTBL_RAW_DATA);
1417 wtbl_raw->len = cpu_to_le16(sizeof(*wtbl_raw));
1418 wtbl_raw->wtbl_idx = 1;
1419 wtbl_raw->dw = 5;
1420 wtbl_raw->msk = cpu_to_le32(~msk);
1421 wtbl_raw->val = cpu_to_le32(val);
1422
1423 wtbl_hdr->tlv_num = cpu_to_le16(ntlv);
1424 ret = __mt76_mcu_send_msg(&dev->mt76, MCU_EXT_CMD_WTBL_UPDATE,
1425 buf, buf_len, true);
1426 if (ret)
1427 goto out;
1428
1429 memset(buf, 0, MT7615_WTBL_UPDATE_MAX_SIZE);
1430
1431 sta_hdr = (struct sta_req_hdr *)buf;
1432 sta_hdr->bss_idx = mvif->idx;
1433 sta_hdr->wlan_idx = msta->wcid.idx;
1434 sta_hdr->is_tlv_append = 1;
1435 ntlv = sta->vht_cap.vht_supported ? 2 : 1;
1436 sta_hdr->tlv_num = cpu_to_le16(ntlv);
1437 sta_hdr->muar_idx = mvif->omac_idx;
1438 buf_len = sizeof(*sta_hdr);
1439
1440 sta_ht = (struct sta_rec_ht *)(buf + buf_len);
1441 sta_ht->tag = cpu_to_le16(STA_REC_HT);
1442 sta_ht->len = cpu_to_le16(sizeof(*sta_ht));
1443 sta_ht->ht_cap = cpu_to_le16(sta->ht_cap.cap);
1444 buf_len += sizeof(*sta_ht);
1445
1446 if (sta->vht_cap.vht_supported) {
1447 struct sta_rec_vht *sta_vht;
1448
1449 sta_vht = (struct sta_rec_vht *)(buf + buf_len);
1450 buf_len += sizeof(*sta_vht);
1451 sta_vht->tag = cpu_to_le16(STA_REC_VHT);
1452 sta_vht->len = cpu_to_le16(sizeof(*sta_vht));
1453 sta_vht->vht_cap = cpu_to_le32(sta->vht_cap.cap);
1454 sta_vht->vht_rx_mcs_map = sta->vht_cap.vht_mcs.rx_mcs_map;
1455 sta_vht->vht_tx_mcs_map = sta->vht_cap.vht_mcs.tx_mcs_map;
1456 }
1457
1458 ret = __mt76_mcu_send_msg(&dev->mt76, MCU_EXT_CMD_STA_REC_UPDATE,
1459 buf, buf_len, true);
1460 out:
1461 kfree(buf);
1462
1463 return ret;
1464 }
1465
1466 int mt7615_mcu_set_tx_ba(struct mt7615_dev *dev,
1467 struct ieee80211_ampdu_params *params,
1468 bool add)
1469 {
1470 struct mt7615_sta *msta = (struct mt7615_sta *)params->sta->drv_priv;
1471 struct mt7615_vif *mvif = msta->vif;
1472 struct {
1473 struct wtbl_req_hdr hdr;
1474 struct wtbl_ba ba;
1475 } wtbl_req = {
1476 .hdr = {
1477 .wlan_idx = msta->wcid.idx,
1478 .operation = WTBL_SET,
1479 .tlv_num = cpu_to_le16(1),
1480 },
1481 .ba = {
1482 .tag = cpu_to_le16(WTBL_BA),
1483 .len = cpu_to_le16(sizeof(struct wtbl_ba)),
1484 .tid = params->tid,
1485 .ba_type = MT_BA_TYPE_ORIGINATOR,
1486 .sn = add ? cpu_to_le16(params->ssn) : 0,
1487 .ba_en = add,
1488 },
1489 };
1490 struct {
1491 struct sta_req_hdr hdr;
1492 struct sta_rec_ba ba;
1493 } sta_req = {
1494 .hdr = {
1495 .bss_idx = mvif->idx,
1496 .wlan_idx = msta->wcid.idx,
1497 .tlv_num = cpu_to_le16(1),
1498 .is_tlv_append = 1,
1499 .muar_idx = mvif->omac_idx,
1500 },
1501 .ba = {
1502 .tag = cpu_to_le16(STA_REC_BA),
1503 .len = cpu_to_le16(sizeof(struct sta_rec_ba)),
1504 .tid = params->tid,
1505 .ba_type = MT_BA_TYPE_ORIGINATOR,
1506 .amsdu = params->amsdu,
1507 .ba_en = add << params->tid,
1508 .ssn = cpu_to_le16(params->ssn),
1509 .winsize = cpu_to_le16(params->buf_size),
1510 },
1511 };
1512 int ret;
1513
1514 if (add) {
1515 u8 idx, ba_range[] = { 4, 8, 12, 24, 36, 48, 54, 64 };
1516
1517 for (idx = 7; idx > 0; idx--) {
1518 if (params->buf_size >= ba_range[idx])
1519 break;
1520 }
1521
1522 wtbl_req.ba.ba_winsize_idx = idx;
1523 }
1524
1525 ret = __mt76_mcu_send_msg(&dev->mt76, MCU_EXT_CMD_WTBL_UPDATE,
1526 &wtbl_req, sizeof(wtbl_req), true);
1527 if (ret)
1528 return ret;
1529
1530 return __mt76_mcu_send_msg(&dev->mt76, MCU_EXT_CMD_STA_REC_UPDATE,
1531 &sta_req, sizeof(sta_req), true);
1532 }
1533
1534 int mt7615_mcu_set_rx_ba(struct mt7615_dev *dev,
1535 struct ieee80211_ampdu_params *params,
1536 bool add)
1537 {
1538 struct mt7615_sta *msta = (struct mt7615_sta *)params->sta->drv_priv;
1539 struct mt7615_vif *mvif = msta->vif;
1540 struct {
1541 struct wtbl_req_hdr hdr;
1542 struct wtbl_ba ba;
1543 } wtbl_req = {
1544 .hdr = {
1545 .wlan_idx = msta->wcid.idx,
1546 .operation = WTBL_SET,
1547 .tlv_num = cpu_to_le16(1),
1548 },
1549 .ba = {
1550 .tag = cpu_to_le16(WTBL_BA),
1551 .len = cpu_to_le16(sizeof(struct wtbl_ba)),
1552 .tid = params->tid,
1553 .ba_type = MT_BA_TYPE_RECIPIENT,
1554 .rst_ba_tid = params->tid,
1555 .rst_ba_sel = RST_BA_MAC_TID_MATCH,
1556 .rst_ba_sb = 1,
1557 },
1558 };
1559 struct {
1560 struct sta_req_hdr hdr;
1561 struct sta_rec_ba ba;
1562 } sta_req = {
1563 .hdr = {
1564 .bss_idx = mvif->idx,
1565 .wlan_idx = msta->wcid.idx,
1566 .tlv_num = cpu_to_le16(1),
1567 .is_tlv_append = 1,
1568 .muar_idx = mvif->omac_idx,
1569 },
1570 .ba = {
1571 .tag = cpu_to_le16(STA_REC_BA),
1572 .len = cpu_to_le16(sizeof(struct sta_rec_ba)),
1573 .tid = params->tid,
1574 .ba_type = MT_BA_TYPE_RECIPIENT,
1575 .amsdu = params->amsdu,
1576 .ba_en = add << params->tid,
1577 .ssn = cpu_to_le16(params->ssn),
1578 .winsize = cpu_to_le16(params->buf_size),
1579 },
1580 };
1581 int ret;
1582
1583 memcpy(wtbl_req.ba.peer_addr, params->sta->addr, ETH_ALEN);
1584
1585 ret = __mt76_mcu_send_msg(&dev->mt76, MCU_EXT_CMD_STA_REC_UPDATE,
1586 &sta_req, sizeof(sta_req), true);
1587 if (ret || !add)
1588 return ret;
1589
1590 return __mt76_mcu_send_msg(&dev->mt76, MCU_EXT_CMD_WTBL_UPDATE,
1591 &wtbl_req, sizeof(wtbl_req), true);
1592 }
1593
1594 int mt7615_mcu_get_temperature(struct mt7615_dev *dev, int index)
1595 {
1596 struct {
1597 u8 action;
1598 u8 rsv[3];
1599 } req = {
1600 .action = index,
1601 };
1602
1603 return __mt76_mcu_send_msg(&dev->mt76, MCU_EXT_CMD_GET_TEMP, &req,
1604 sizeof(req), true);
1605 }
Ubuntu Jammy Linux kernel mirror