1 // SPDX-License-Identifier: ISC
2 /* Copyright (C) 2020 MediaTek Inc. */
3
4 #include <linux/firmware.h>
5 #include <linux/fs.h>
6 #include "mt7921.h"
7 #include "mt7921_trace.h"
8 #include "mcu.h"
9 #include "mac.h"
10
11 struct mt7921_patch_hdr {
12 char build_date[16];
13 char platform[4];
14 __be32 hw_sw_ver;
15 __be32 patch_ver;
16 __be16 checksum;
17 u16 reserved;
18 struct {
19 __be32 patch_ver;
20 __be32 subsys;
21 __be32 feature;
22 __be32 n_region;
23 __be32 crc;
24 u32 reserved[11];
25 } desc;
26 } __packed;
27
28 struct mt7921_patch_sec {
29 __be32 type;
30 __be32 offs;
31 __be32 size;
32 union {
33 __be32 spec[13];
34 struct {
35 __be32 addr;
36 __be32 len;
37 __be32 sec_key_idx;
38 __be32 align_len;
39 u32 reserved[9];
40 } info;
41 };
42 } __packed;
43
44 struct mt7921_fw_trailer {
45 u8 chip_id;
46 u8 eco_code;
47 u8 n_region;
48 u8 format_ver;
49 u8 format_flag;
50 u8 reserved[2];
51 char fw_ver[10];
52 char build_date[15];
53 u32 crc;
54 } __packed;
55
56 struct mt7921_fw_region {
57 __le32 decomp_crc;
58 __le32 decomp_len;
59 __le32 decomp_blk_sz;
60 u8 reserved[4];
61 __le32 addr;
62 __le32 len;
63 u8 feature_set;
64 u8 reserved1[15];
65 } __packed;
66
67 #define MT_STA_BFER BIT(0)
68 #define MT_STA_BFEE BIT(1)
69
70 #define PATCH_SEC_ENC_TYPE_MASK GENMASK(31, 24)
71 #define PATCH_SEC_ENC_TYPE_PLAIN 0x00
72 #define PATCH_SEC_ENC_TYPE_AES 0x01
73 #define PATCH_SEC_ENC_TYPE_SCRAMBLE 0x02
74 #define PATCH_SEC_ENC_SCRAMBLE_INFO_MASK GENMASK(15, 0)
75 #define PATCH_SEC_ENC_AES_KEY_MASK GENMASK(7, 0)
76
77 static int
mt7921_mcu_parse_eeprom(struct mt76_dev * dev,struct sk_buff * skb)78 mt7921_mcu_parse_eeprom(struct mt76_dev *dev, struct sk_buff *skb)
79 {
80 struct mt7921_mcu_eeprom_info *res;
81 u8 *buf;
82
83 if (!skb)
84 return -EINVAL;
85
86 skb_pull(skb, sizeof(struct mt7921_mcu_rxd));
87
88 res = (struct mt7921_mcu_eeprom_info *)skb->data;
89 buf = dev->eeprom.data + le32_to_cpu(res->addr);
90 memcpy(buf, res->data, 16);
91
92 return 0;
93 }
94
mt7921_mcu_parse_response(struct mt76_dev * mdev,int cmd,struct sk_buff * skb,int seq)95 int mt7921_mcu_parse_response(struct mt76_dev *mdev, int cmd,
96 struct sk_buff *skb, int seq)
97 {
98 int mcu_cmd = FIELD_GET(__MCU_CMD_FIELD_ID, cmd);
99 struct mt7921_mcu_rxd *rxd;
100 int ret = 0;
101
102 if (!skb) {
103 dev_err(mdev->dev, "Message %08x (seq %d) timeout\n",
104 cmd, seq);
105 mt7921_reset(mdev);
106
107 return -ETIMEDOUT;
108 }
109
110 rxd = (struct mt7921_mcu_rxd *)skb->data;
111 if (seq != rxd->seq)
112 return -EAGAIN;
113
114 if (cmd == MCU_CMD(PATCH_SEM_CONTROL)) {
115 skb_pull(skb, sizeof(*rxd) - 4);
116 ret = *skb->data;
117 } else if (cmd == MCU_EXT_CMD(THERMAL_CTRL)) {
118 skb_pull(skb, sizeof(*rxd) + 4);
119 ret = le32_to_cpu(*(__le32 *)skb->data);
120 } else if (cmd == MCU_EXT_CMD(EFUSE_ACCESS)) {
121 ret = mt7921_mcu_parse_eeprom(mdev, skb);
122 } else if (cmd == MCU_UNI_CMD(DEV_INFO_UPDATE) ||
123 cmd == MCU_UNI_CMD(BSS_INFO_UPDATE) ||
124 cmd == MCU_UNI_CMD(STA_REC_UPDATE) ||
125 cmd == MCU_UNI_CMD(HIF_CTRL) ||
126 cmd == MCU_UNI_CMD(OFFLOAD) ||
127 cmd == MCU_UNI_CMD(SUSPEND)) {
128 struct mt7921_mcu_uni_event *event;
129
130 skb_pull(skb, sizeof(*rxd));
131 event = (struct mt7921_mcu_uni_event *)skb->data;
132 ret = le32_to_cpu(event->status);
133 /* skip invalid event */
134 if (mcu_cmd != event->cid)
135 ret = -EAGAIN;
136 } else if (cmd == MCU_CE_QUERY(REG_READ)) {
137 struct mt7921_mcu_reg_event *event;
138
139 skb_pull(skb, sizeof(*rxd));
140 event = (struct mt7921_mcu_reg_event *)skb->data;
141 ret = (int)le32_to_cpu(event->val);
142 } else {
143 skb_pull(skb, sizeof(struct mt7921_mcu_rxd));
144 }
145
146 return ret;
147 }
148 EXPORT_SYMBOL_GPL(mt7921_mcu_parse_response);
149
mt7921_mcu_fill_message(struct mt76_dev * mdev,struct sk_buff * skb,int cmd,int * wait_seq)150 int mt7921_mcu_fill_message(struct mt76_dev *mdev, struct sk_buff *skb,
151 int cmd, int *wait_seq)
152 {
153 struct mt7921_dev *dev = container_of(mdev, struct mt7921_dev, mt76);
154 int txd_len, mcu_cmd = FIELD_GET(__MCU_CMD_FIELD_ID, cmd);
155 struct mt7921_uni_txd *uni_txd;
156 struct mt7921_mcu_txd *mcu_txd;
157 __le32 *txd;
158 u32 val;
159 u8 seq;
160
161 if (cmd == MCU_UNI_CMD(HIF_CTRL) ||
162 cmd == MCU_UNI_CMD(SUSPEND) ||
163 cmd == MCU_UNI_CMD(OFFLOAD))
164 mdev->mcu.timeout = HZ;
165 else
166 mdev->mcu.timeout = 3 * HZ;
167
168 seq = ++dev->mt76.mcu.msg_seq & 0xf;
169 if (!seq)
170 seq = ++dev->mt76.mcu.msg_seq & 0xf;
171
172 if (cmd == MCU_CMD(FW_SCATTER))
173 goto exit;
174
175 txd_len = cmd & __MCU_CMD_FIELD_UNI ? sizeof(*uni_txd) : sizeof(*mcu_txd);
176 txd = (__le32 *)skb_push(skb, txd_len);
177
178 val = FIELD_PREP(MT_TXD0_TX_BYTES, skb->len) |
179 FIELD_PREP(MT_TXD0_PKT_FMT, MT_TX_TYPE_CMD) |
180 FIELD_PREP(MT_TXD0_Q_IDX, MT_TX_MCU_PORT_RX_Q0);
181 txd[0] = cpu_to_le32(val);
182
183 val = MT_TXD1_LONG_FORMAT |
184 FIELD_PREP(MT_TXD1_HDR_FORMAT, MT_HDR_FORMAT_CMD);
185 txd[1] = cpu_to_le32(val);
186
187 if (cmd & __MCU_CMD_FIELD_UNI) {
188 uni_txd = (struct mt7921_uni_txd *)txd;
189 uni_txd->len = cpu_to_le16(skb->len - sizeof(uni_txd->txd));
190 uni_txd->option = MCU_CMD_UNI_EXT_ACK;
191 uni_txd->cid = cpu_to_le16(mcu_cmd);
192 uni_txd->s2d_index = MCU_S2D_H2N;
193 uni_txd->pkt_type = MCU_PKT_ID;
194 uni_txd->seq = seq;
195
196 goto exit;
197 }
198
199 mcu_txd = (struct mt7921_mcu_txd *)txd;
200 mcu_txd->len = cpu_to_le16(skb->len - sizeof(mcu_txd->txd));
201 mcu_txd->pq_id = cpu_to_le16(MCU_PQ_ID(MT_TX_PORT_IDX_MCU,
202 MT_TX_MCU_PORT_RX_Q0));
203 mcu_txd->pkt_type = MCU_PKT_ID;
204 mcu_txd->seq = seq;
205 mcu_txd->cid = mcu_cmd;
206 mcu_txd->s2d_index = MCU_S2D_H2N;
207 mcu_txd->ext_cid = FIELD_GET(__MCU_CMD_FIELD_EXT_ID, cmd);
208
209 if (mcu_txd->ext_cid || (cmd & __MCU_CMD_FIELD_CE)) {
210 if (cmd & __MCU_CMD_FIELD_QUERY)
211 mcu_txd->set_query = MCU_Q_QUERY;
212 else
213 mcu_txd->set_query = MCU_Q_SET;
214 mcu_txd->ext_cid_ack = !!mcu_txd->ext_cid;
215 } else {
216 mcu_txd->set_query = MCU_Q_NA;
217 }
218
219 exit:
220 if (wait_seq)
221 *wait_seq = seq;
222
223 return 0;
224 }
225 EXPORT_SYMBOL_GPL(mt7921_mcu_fill_message);
226
227 #ifdef CONFIG_PM
228
229 static int
mt7921_mcu_set_ipv6_ns_filter(struct mt76_dev * dev,struct ieee80211_vif * vif,bool suspend)230 mt7921_mcu_set_ipv6_ns_filter(struct mt76_dev *dev,
231 struct ieee80211_vif *vif, bool suspend)
232 {
233 struct mt7921_vif *mvif = (struct mt7921_vif *)vif->drv_priv;
234 struct {
235 struct {
236 u8 bss_idx;
237 u8 pad[3];
238 } __packed hdr;
239 struct mt76_connac_arpns_tlv arpns;
240 } req = {
241 .hdr = {
242 .bss_idx = mvif->mt76.idx,
243 },
244 .arpns = {
245 .tag = cpu_to_le16(UNI_OFFLOAD_OFFLOAD_ND),
246 .len = cpu_to_le16(sizeof(struct mt76_connac_arpns_tlv)),
247 .mode = suspend,
248 },
249 };
250
251 return mt76_mcu_send_msg(dev, MCU_UNI_CMD_OFFLOAD, &req, sizeof(req),
252 true);
253 }
254
mt7921_mcu_set_suspend_iter(void * priv,u8 * mac,struct ieee80211_vif * vif)255 void mt7921_mcu_set_suspend_iter(void *priv, u8 *mac, struct ieee80211_vif *vif)
256 {
257 if (IS_ENABLED(CONFIG_IPV6)) {
258 struct mt76_phy *phy = priv;
259
260 mt7921_mcu_set_ipv6_ns_filter(phy->dev, vif,
261 !test_bit(MT76_STATE_RUNNING,
262 &phy->state));
263 }
264
265 mt76_connac_mcu_set_suspend_iter(priv, mac, vif);
266 }
267
268 #endif /* CONFIG_PM */
269
270 static void
mt7921_mcu_scan_event(struct mt7921_dev * dev,struct sk_buff * skb)271 mt7921_mcu_scan_event(struct mt7921_dev *dev, struct sk_buff *skb)
272 {
273 struct mt76_phy *mphy = &dev->mt76.phy;
274 struct mt7921_phy *phy = (struct mt7921_phy *)mphy->priv;
275
276 spin_lock_bh(&dev->mt76.lock);
277 __skb_queue_tail(&phy->scan_event_list, skb);
278 spin_unlock_bh(&dev->mt76.lock);
279
280 ieee80211_queue_delayed_work(mphy->hw, &phy->scan_work,
281 MT7921_HW_SCAN_TIMEOUT);
282 }
283
284 static void
mt7921_mcu_connection_loss_iter(void * priv,u8 * mac,struct ieee80211_vif * vif)285 mt7921_mcu_connection_loss_iter(void *priv, u8 *mac,
286 struct ieee80211_vif *vif)
287 {
288 struct mt76_vif *mvif = (struct mt76_vif *)vif->drv_priv;
289 struct mt76_connac_beacon_loss_event *event = priv;
290
291 if (mvif->idx != event->bss_idx)
292 return;
293
294 if (!(vif->driver_flags & IEEE80211_VIF_BEACON_FILTER) ||
295 vif->type != NL80211_IFTYPE_STATION)
296 return;
297
298 ieee80211_connection_loss(vif);
299 }
300
301 static void
mt7921_mcu_connection_loss_event(struct mt7921_dev * dev,struct sk_buff * skb)302 mt7921_mcu_connection_loss_event(struct mt7921_dev *dev, struct sk_buff *skb)
303 {
304 struct mt76_connac_beacon_loss_event *event;
305 struct mt76_phy *mphy = &dev->mt76.phy;
306
307 skb_pull(skb, sizeof(struct mt7921_mcu_rxd));
308 event = (struct mt76_connac_beacon_loss_event *)skb->data;
309
310 ieee80211_iterate_active_interfaces_atomic(mphy->hw,
311 IEEE80211_IFACE_ITER_RESUME_ALL,
312 mt7921_mcu_connection_loss_iter, event);
313 }
314
315 static void
mt7921_mcu_bss_event(struct mt7921_dev * dev,struct sk_buff * skb)316 mt7921_mcu_bss_event(struct mt7921_dev *dev, struct sk_buff *skb)
317 {
318 struct mt76_phy *mphy = &dev->mt76.phy;
319 struct mt76_connac_mcu_bss_event *event;
320
321 skb_pull(skb, sizeof(struct mt7921_mcu_rxd));
322 event = (struct mt76_connac_mcu_bss_event *)skb->data;
323 if (event->is_absent)
324 ieee80211_stop_queues(mphy->hw);
325 else
326 ieee80211_wake_queues(mphy->hw);
327 }
328
329 static void
mt7921_mcu_debug_msg_event(struct mt7921_dev * dev,struct sk_buff * skb)330 mt7921_mcu_debug_msg_event(struct mt7921_dev *dev, struct sk_buff *skb)
331 {
332 struct mt7921_debug_msg {
333 __le16 id;
334 u8 type;
335 u8 flag;
336 __le32 value;
337 __le16 len;
338 u8 content[512];
339 } __packed * msg;
340
341 skb_pull(skb, sizeof(struct mt7921_mcu_rxd));
342 msg = (struct mt7921_debug_msg *)skb->data;
343
344 if (msg->type == 3) { /* fw log */
345 u16 len = min_t(u16, le16_to_cpu(msg->len), 512);
346 int i;
347
348 for (i = 0 ; i < len; i++) {
349 if (!msg->content[i])
350 msg->content[i] = ' ';
351 }
352 wiphy_info(mt76_hw(dev)->wiphy, "%.*s", len, msg->content);
353 }
354 }
355
356 static void
mt7921_mcu_low_power_event(struct mt7921_dev * dev,struct sk_buff * skb)357 mt7921_mcu_low_power_event(struct mt7921_dev *dev, struct sk_buff *skb)
358 {
359 struct mt7921_mcu_lp_event {
360 u8 state;
361 u8 reserved[3];
362 } __packed * event;
363
364 skb_pull(skb, sizeof(struct mt7921_mcu_rxd));
365 event = (struct mt7921_mcu_lp_event *)skb->data;
366
367 trace_lp_event(dev, event->state);
368 }
369
370 static void
mt7921_mcu_tx_done_event(struct mt7921_dev * dev,struct sk_buff * skb)371 mt7921_mcu_tx_done_event(struct mt7921_dev *dev, struct sk_buff *skb)
372 {
373 struct mt7921_mcu_tx_done_event *event;
374
375 skb_pull(skb, sizeof(struct mt7921_mcu_rxd));
376 event = (struct mt7921_mcu_tx_done_event *)skb->data;
377
378 mt7921_mac_add_txs(dev, event->txs);
379 }
380
381 static void
mt7921_mcu_rx_unsolicited_event(struct mt7921_dev * dev,struct sk_buff * skb)382 mt7921_mcu_rx_unsolicited_event(struct mt7921_dev *dev, struct sk_buff *skb)
383 {
384 struct mt7921_mcu_rxd *rxd = (struct mt7921_mcu_rxd *)skb->data;
385
386 switch (rxd->eid) {
387 case MCU_EVENT_BSS_BEACON_LOSS:
388 mt7921_mcu_connection_loss_event(dev, skb);
389 break;
390 case MCU_EVENT_SCHED_SCAN_DONE:
391 case MCU_EVENT_SCAN_DONE:
392 mt7921_mcu_scan_event(dev, skb);
393 return;
394 case MCU_EVENT_BSS_ABSENCE:
395 mt7921_mcu_bss_event(dev, skb);
396 break;
397 case MCU_EVENT_DBG_MSG:
398 mt7921_mcu_debug_msg_event(dev, skb);
399 break;
400 case MCU_EVENT_COREDUMP:
401 dev->fw_assert = true;
402 mt76_connac_mcu_coredump_event(&dev->mt76, skb,
403 &dev->coredump);
404 return;
405 case MCU_EVENT_LP_INFO:
406 mt7921_mcu_low_power_event(dev, skb);
407 break;
408 case MCU_EVENT_TX_DONE:
409 mt7921_mcu_tx_done_event(dev, skb);
410 break;
411 default:
412 break;
413 }
414 dev_kfree_skb(skb);
415 }
416
mt7921_mcu_rx_event(struct mt7921_dev * dev,struct sk_buff * skb)417 void mt7921_mcu_rx_event(struct mt7921_dev *dev, struct sk_buff *skb)
418 {
419 struct mt7921_mcu_rxd *rxd;
420
421 if (skb_linearize(skb))
422 return;
423
424 rxd = (struct mt7921_mcu_rxd *)skb->data;
425
426 if (rxd->eid == 0x6) {
427 mt76_mcu_rx_event(&dev->mt76, skb);
428 return;
429 }
430
431 if (rxd->ext_eid == MCU_EXT_EVENT_RATE_REPORT ||
432 rxd->eid == MCU_EVENT_BSS_BEACON_LOSS ||
433 rxd->eid == MCU_EVENT_SCHED_SCAN_DONE ||
434 rxd->eid == MCU_EVENT_BSS_ABSENCE ||
435 rxd->eid == MCU_EVENT_SCAN_DONE ||
436 rxd->eid == MCU_EVENT_TX_DONE ||
437 rxd->eid == MCU_EVENT_DBG_MSG ||
438 rxd->eid == MCU_EVENT_COREDUMP ||
439 rxd->eid == MCU_EVENT_LP_INFO ||
440 !rxd->seq)
441 mt7921_mcu_rx_unsolicited_event(dev, skb);
442 else
443 mt76_mcu_rx_event(&dev->mt76, skb);
444 }
445
446 /** starec & wtbl **/
mt7921_mcu_uni_tx_ba(struct mt7921_dev * dev,struct ieee80211_ampdu_params * params,bool enable)447 int mt7921_mcu_uni_tx_ba(struct mt7921_dev *dev,
448 struct ieee80211_ampdu_params *params,
449 bool enable)
450 {
451 struct mt7921_sta *msta = (struct mt7921_sta *)params->sta->drv_priv;
452
453 if (enable && !params->amsdu)
454 msta->wcid.amsdu = false;
455
456 return mt76_connac_mcu_sta_ba(&dev->mt76, &msta->vif->mt76, params,
457 MCU_UNI_CMD(STA_REC_UPDATE),
458 enable, true);
459 }
460
mt7921_mcu_uni_rx_ba(struct mt7921_dev * dev,struct ieee80211_ampdu_params * params,bool enable)461 int mt7921_mcu_uni_rx_ba(struct mt7921_dev *dev,
462 struct ieee80211_ampdu_params *params,
463 bool enable)
464 {
465 struct mt7921_sta *msta = (struct mt7921_sta *)params->sta->drv_priv;
466
467 return mt76_connac_mcu_sta_ba(&dev->mt76, &msta->vif->mt76, params,
468 MCU_UNI_CMD(STA_REC_UPDATE),
469 enable, false);
470 }
471
mt7921_get_data_mode(struct mt7921_dev * dev,u32 info)472 static u32 mt7921_get_data_mode(struct mt7921_dev *dev, u32 info)
473 {
474 u32 mode = DL_MODE_NEED_RSP;
475
476 if (info == PATCH_SEC_NOT_SUPPORT)
477 return mode;
478
479 switch (FIELD_GET(PATCH_SEC_ENC_TYPE_MASK, info)) {
480 case PATCH_SEC_ENC_TYPE_PLAIN:
481 break;
482 case PATCH_SEC_ENC_TYPE_AES:
483 mode |= DL_MODE_ENCRYPT;
484 mode |= FIELD_PREP(DL_MODE_KEY_IDX,
485 (info & PATCH_SEC_ENC_AES_KEY_MASK)) & DL_MODE_KEY_IDX;
486 mode |= DL_MODE_RESET_SEC_IV;
487 break;
488 case PATCH_SEC_ENC_TYPE_SCRAMBLE:
489 mode |= DL_MODE_ENCRYPT;
490 mode |= DL_CONFIG_ENCRY_MODE_SEL;
491 mode |= DL_MODE_RESET_SEC_IV;
492 break;
493 default:
494 dev_err(dev->mt76.dev, "Encryption type not support!\n");
495 }
496
497 return mode;
498 }
499
mt7921_patch_name(struct mt7921_dev * dev)500 static char *mt7921_patch_name(struct mt7921_dev *dev)
501 {
502 char *ret;
503
504 if (is_mt7922(&dev->mt76))
505 ret = MT7922_ROM_PATCH;
506 else
507 ret = MT7921_ROM_PATCH;
508
509 return ret;
510 }
511
mt7921_load_patch(struct mt7921_dev * dev)512 static int mt7921_load_patch(struct mt7921_dev *dev)
513 {
514 const struct mt7921_patch_hdr *hdr;
515 const struct firmware *fw = NULL;
516 int i, ret, sem, max_len;
517
518 max_len = mt76_is_sdio(&dev->mt76) ? 2048 : 4096;
519
520 sem = mt76_connac_mcu_patch_sem_ctrl(&dev->mt76, true);
521 switch (sem) {
522 case PATCH_IS_DL:
523 return 0;
524 case PATCH_NOT_DL_SEM_SUCCESS:
525 break;
526 default:
527 dev_err(dev->mt76.dev, "Failed to get patch semaphore\n");
528 return -EAGAIN;
529 }
530
531 ret = request_firmware(&fw, mt7921_patch_name(dev), dev->mt76.dev);
532 if (ret)
533 goto out;
534
535 if (!fw || !fw->data || fw->size < sizeof(*hdr)) {
536 dev_err(dev->mt76.dev, "Invalid firmware\n");
537 ret = -EINVAL;
538 goto out;
539 }
540
541 hdr = (const struct mt7921_patch_hdr *)(fw->data);
542
543 dev_info(dev->mt76.dev, "HW/SW Version: 0x%x, Build Time: %.16s\n",
544 be32_to_cpu(hdr->hw_sw_ver), hdr->build_date);
545
546 for (i = 0; i < be32_to_cpu(hdr->desc.n_region); i++) {
547 struct mt7921_patch_sec *sec;
548 const u8 *dl;
549 u32 len, addr, mode;
550 u32 sec_info = 0;
551
552 sec = (struct mt7921_patch_sec *)(fw->data + sizeof(*hdr) +
553 i * sizeof(*sec));
554 if ((be32_to_cpu(sec->type) & PATCH_SEC_TYPE_MASK) !=
555 PATCH_SEC_TYPE_INFO) {
556 ret = -EINVAL;
557 goto out;
558 }
559
560 addr = be32_to_cpu(sec->info.addr);
561 len = be32_to_cpu(sec->info.len);
562 dl = fw->data + be32_to_cpu(sec->offs);
563 sec_info = be32_to_cpu(sec->info.sec_key_idx);
564 mode = mt7921_get_data_mode(dev, sec_info);
565
566 ret = mt76_connac_mcu_init_download(&dev->mt76, addr, len,
567 mode);
568 if (ret) {
569 dev_err(dev->mt76.dev, "Download request failed\n");
570 goto out;
571 }
572
573 ret = __mt76_mcu_send_firmware(&dev->mt76, MCU_CMD(FW_SCATTER),
574 dl, len, max_len);
575 if (ret) {
576 dev_err(dev->mt76.dev, "Failed to send patch\n");
577 goto out;
578 }
579 }
580
581 ret = mt76_connac_mcu_start_patch(&dev->mt76);
582 if (ret)
583 dev_err(dev->mt76.dev, "Failed to start patch\n");
584
585 out:
586 sem = mt76_connac_mcu_patch_sem_ctrl(&dev->mt76, false);
587 switch (sem) {
588 case PATCH_REL_SEM_SUCCESS:
589 break;
590 default:
591 ret = -EAGAIN;
592 dev_err(dev->mt76.dev, "Failed to release patch semaphore\n");
593 break;
594 }
595
596 if (!ret && mt76_is_sdio(&dev->mt76)) {
597 /* activate again */
598 ret = __mt7921_mcu_fw_pmctrl(dev);
599 if (!ret)
600 ret = __mt7921_mcu_drv_pmctrl(dev);
601 }
602
603 release_firmware(fw);
604
605 return ret;
606 }
607
608 static int
mt7921_mcu_send_ram_firmware(struct mt7921_dev * dev,const struct mt7921_fw_trailer * hdr,const u8 * data,bool is_wa)609 mt7921_mcu_send_ram_firmware(struct mt7921_dev *dev,
610 const struct mt7921_fw_trailer *hdr,
611 const u8 *data, bool is_wa)
612 {
613 int i, offset = 0, max_len;
614 u32 override = 0, option = 0;
615
616 max_len = mt76_is_sdio(&dev->mt76) ? 2048 : 4096;
617
618 for (i = 0; i < hdr->n_region; i++) {
619 const struct mt7921_fw_region *region;
620 int err;
621 u32 len, addr, mode;
622
623 region = (const struct mt7921_fw_region *)((const u8 *)hdr -
624 (hdr->n_region - i) * sizeof(*region));
625 mode = mt76_connac_mcu_gen_dl_mode(&dev->mt76,
626 region->feature_set, is_wa);
627 len = le32_to_cpu(region->len);
628 addr = le32_to_cpu(region->addr);
629
630 if (region->feature_set & FW_FEATURE_OVERRIDE_ADDR)
631 override = addr;
632
633 err = mt76_connac_mcu_init_download(&dev->mt76, addr, len,
634 mode);
635 if (err) {
636 dev_err(dev->mt76.dev, "Download request failed\n");
637 return err;
638 }
639
640 err = __mt76_mcu_send_firmware(&dev->mt76, MCU_CMD(FW_SCATTER),
641 data + offset, len, max_len);
642 if (err) {
643 dev_err(dev->mt76.dev, "Failed to send firmware.\n");
644 return err;
645 }
646
647 offset += len;
648 }
649
650 if (override)
651 option |= FW_START_OVERRIDE;
652
653 if (is_wa)
654 option |= FW_START_WORKING_PDA_CR4;
655
656 return mt76_connac_mcu_start_firmware(&dev->mt76, override, option);
657 }
658
mt7921_ram_name(struct mt7921_dev * dev)659 static char *mt7921_ram_name(struct mt7921_dev *dev)
660 {
661 char *ret;
662
663 if (is_mt7922(&dev->mt76))
664 ret = MT7922_FIRMWARE_WM;
665 else
666 ret = MT7921_FIRMWARE_WM;
667
668 return ret;
669 }
670
mt7921_load_ram(struct mt7921_dev * dev)671 static int mt7921_load_ram(struct mt7921_dev *dev)
672 {
673 const struct mt7921_fw_trailer *hdr;
674 const struct firmware *fw;
675 int ret;
676
677 ret = request_firmware(&fw, mt7921_ram_name(dev), dev->mt76.dev);
678 if (ret)
679 return ret;
680
681 if (!fw || !fw->data || fw->size < sizeof(*hdr)) {
682 dev_err(dev->mt76.dev, "Invalid firmware\n");
683 ret = -EINVAL;
684 goto out;
685 }
686
687 hdr = (const struct mt7921_fw_trailer *)(fw->data + fw->size -
688 sizeof(*hdr));
689
690 dev_info(dev->mt76.dev, "WM Firmware Version: %.10s, Build Time: %.15s\n",
691 hdr->fw_ver, hdr->build_date);
692
693 ret = mt7921_mcu_send_ram_firmware(dev, hdr, fw->data, false);
694 if (ret) {
695 dev_err(dev->mt76.dev, "Failed to start WM firmware\n");
696 goto out;
697 }
698
699 snprintf(dev->mt76.hw->wiphy->fw_version,
700 sizeof(dev->mt76.hw->wiphy->fw_version),
701 "%.10s-%.15s", hdr->fw_ver, hdr->build_date);
702
703 out:
704 release_firmware(fw);
705
706 return ret;
707 }
708
mt7921_load_firmware(struct mt7921_dev * dev)709 static int mt7921_load_firmware(struct mt7921_dev *dev)
710 {
711 int ret;
712
713 ret = mt76_get_field(dev, MT_CONN_ON_MISC, MT_TOP_MISC2_FW_N9_RDY);
714 if (ret && mt76_is_mmio(&dev->mt76)) {
715 dev_dbg(dev->mt76.dev, "Firmware is already download\n");
716 goto fw_loaded;
717 }
718
719 ret = mt7921_load_patch(dev);
720 if (ret)
721 return ret;
722
723 ret = mt7921_load_ram(dev);
724 if (ret)
725 return ret;
726
727 if (!mt76_poll_msec(dev, MT_CONN_ON_MISC, MT_TOP_MISC2_FW_N9_RDY,
728 MT_TOP_MISC2_FW_N9_RDY, 1500)) {
729 dev_err(dev->mt76.dev, "Timeout for initializing firmware\n");
730
731 return -EIO;
732 }
733
734 fw_loaded:
735
736 #ifdef CONFIG_PM
737 dev->mt76.hw->wiphy->wowlan = &mt76_connac_wowlan_support;
738 #endif /* CONFIG_PM */
739
740 dev_dbg(dev->mt76.dev, "Firmware init done\n");
741
742 return 0;
743 }
744
mt7921_mcu_fw_log_2_host(struct mt7921_dev * dev,u8 ctrl)745 int mt7921_mcu_fw_log_2_host(struct mt7921_dev *dev, u8 ctrl)
746 {
747 struct {
748 u8 ctrl_val;
749 u8 pad[3];
750 } data = {
751 .ctrl_val = ctrl
752 };
753
754 return mt76_mcu_send_msg(&dev->mt76, MCU_CE_CMD(FWLOG_2_HOST),
755 &data, sizeof(data), false);
756 }
757
mt7921_run_firmware(struct mt7921_dev * dev)758 int mt7921_run_firmware(struct mt7921_dev *dev)
759 {
760 int err;
761
762 err = mt7921_load_firmware(dev);
763 if (err)
764 return err;
765
766 err = mt76_connac_mcu_get_nic_capability(&dev->mphy);
767 if (err)
768 return err;
769
770 set_bit(MT76_STATE_MCU_RUNNING, &dev->mphy.state);
771 return mt7921_mcu_fw_log_2_host(dev, 1);
772 }
773 EXPORT_SYMBOL_GPL(mt7921_run_firmware);
774
mt7921_mcu_exit(struct mt7921_dev * dev)775 void mt7921_mcu_exit(struct mt7921_dev *dev)
776 {
777 skb_queue_purge(&dev->mt76.mcu.res_q);
778 }
779 EXPORT_SYMBOL_GPL(mt7921_mcu_exit);
780
mt7921_mcu_set_tx(struct mt7921_dev * dev,struct ieee80211_vif * vif)781 int mt7921_mcu_set_tx(struct mt7921_dev *dev, struct ieee80211_vif *vif)
782 {
783 struct mt7921_vif *mvif = (struct mt7921_vif *)vif->drv_priv;
784 struct edca {
785 __le16 cw_min;
786 __le16 cw_max;
787 __le16 txop;
788 __le16 aifs;
789 u8 guardtime;
790 u8 acm;
791 } __packed;
792 struct mt7921_mcu_tx {
793 struct edca edca[IEEE80211_NUM_ACS];
794 u8 bss_idx;
795 u8 qos;
796 u8 wmm_idx;
797 u8 pad;
798 } __packed req = {
799 .bss_idx = mvif->mt76.idx,
800 .qos = vif->bss_conf.qos,
801 .wmm_idx = mvif->mt76.wmm_idx,
802 };
803 struct mu_edca {
804 u8 cw_min;
805 u8 cw_max;
806 u8 aifsn;
807 u8 acm;
808 u8 timer;
809 u8 padding[3];
810 };
811 struct mt7921_mcu_mu_tx {
812 u8 ver;
813 u8 pad0;
814 __le16 len;
815 u8 bss_idx;
816 u8 qos;
817 u8 wmm_idx;
818 u8 pad1;
819 struct mu_edca edca[IEEE80211_NUM_ACS];
820 u8 pad3[32];
821 } __packed req_mu = {
822 .bss_idx = mvif->mt76.idx,
823 .qos = vif->bss_conf.qos,
824 .wmm_idx = mvif->mt76.wmm_idx,
825 };
826 static const int to_aci[] = { 1, 0, 2, 3 };
827 int ac, ret;
828
829 for (ac = 0; ac < IEEE80211_NUM_ACS; ac++) {
830 struct ieee80211_tx_queue_params *q = &mvif->queue_params[ac];
831 struct edca *e = &req.edca[to_aci[ac]];
832
833 e->aifs = cpu_to_le16(q->aifs);
834 e->txop = cpu_to_le16(q->txop);
835
836 if (q->cw_min)
837 e->cw_min = cpu_to_le16(q->cw_min);
838 else
839 e->cw_min = cpu_to_le16(5);
840
841 if (q->cw_max)
842 e->cw_max = cpu_to_le16(q->cw_max);
843 else
844 e->cw_max = cpu_to_le16(10);
845 }
846
847 ret = mt76_mcu_send_msg(&dev->mt76, MCU_CE_CMD(SET_EDCA_PARMS), &req,
848 sizeof(req), false);
849 if (ret)
850 return ret;
851
852 if (!vif->bss_conf.he_support)
853 return 0;
854
855 for (ac = 0; ac < IEEE80211_NUM_ACS; ac++) {
856 struct ieee80211_he_mu_edca_param_ac_rec *q;
857 struct mu_edca *e;
858
859 if (!mvif->queue_params[ac].mu_edca)
860 break;
861
862 q = &mvif->queue_params[ac].mu_edca_param_rec;
863 e = &(req_mu.edca[to_aci[ac]]);
864
865 e->cw_min = q->ecw_min_max & 0xf;
866 e->cw_max = (q->ecw_min_max & 0xf0) >> 4;
867 e->aifsn = q->aifsn;
868 e->timer = q->mu_edca_timer;
869 }
870
871 return mt76_mcu_send_msg(&dev->mt76, MCU_CE_CMD(SET_MU_EDCA_PARMS),
872 &req_mu, sizeof(req_mu), false);
873 }
874
mt7921_mcu_set_chan_info(struct mt7921_phy * phy,int cmd)875 int mt7921_mcu_set_chan_info(struct mt7921_phy *phy, int cmd)
876 {
877 struct mt7921_dev *dev = phy->dev;
878 struct cfg80211_chan_def *chandef = &phy->mt76->chandef;
879 int freq1 = chandef->center_freq1;
880 struct {
881 u8 control_ch;
882 u8 center_ch;
883 u8 bw;
884 u8 tx_streams_num;
885 u8 rx_streams; /* mask or num */
886 u8 switch_reason;
887 u8 band_idx;
888 u8 center_ch2; /* for 80+80 only */
889 __le16 cac_case;
890 u8 channel_band;
891 u8 rsv0;
892 __le32 outband_freq;
893 u8 txpower_drop;
894 u8 ap_bw;
895 u8 ap_center_ch;
896 u8 rsv1[57];
897 } __packed req = {
898 .control_ch = chandef->chan->hw_value,
899 .center_ch = ieee80211_frequency_to_channel(freq1),
900 .bw = mt76_connac_chan_bw(chandef),
901 .tx_streams_num = hweight8(phy->mt76->antenna_mask),
902 .rx_streams = phy->mt76->antenna_mask,
903 .band_idx = phy != &dev->phy,
904 };
905
906 if (chandef->chan->band == NL80211_BAND_6GHZ)
907 req.channel_band = 2;
908 else
909 req.channel_band = chandef->chan->band;
910
911 if (cmd == MCU_EXT_CMD(SET_RX_PATH) ||
912 dev->mt76.hw->conf.flags & IEEE80211_CONF_MONITOR)
913 req.switch_reason = CH_SWITCH_NORMAL;
914 else if (dev->mt76.hw->conf.flags & IEEE80211_CONF_OFFCHANNEL)
915 req.switch_reason = CH_SWITCH_SCAN_BYPASS_DPD;
916 else if (!cfg80211_reg_can_beacon(dev->mt76.hw->wiphy, chandef,
917 NL80211_IFTYPE_AP))
918 req.switch_reason = CH_SWITCH_DFS;
919 else
920 req.switch_reason = CH_SWITCH_NORMAL;
921
922 if (cmd == MCU_EXT_CMD(CHANNEL_SWITCH))
923 req.rx_streams = hweight8(req.rx_streams);
924
925 if (chandef->width == NL80211_CHAN_WIDTH_80P80) {
926 int freq2 = chandef->center_freq2;
927
928 req.center_ch2 = ieee80211_frequency_to_channel(freq2);
929 }
930
931 return mt76_mcu_send_msg(&dev->mt76, cmd, &req, sizeof(req), true);
932 }
933
mt7921_mcu_set_eeprom(struct mt7921_dev * dev)934 int mt7921_mcu_set_eeprom(struct mt7921_dev *dev)
935 {
936 struct req_hdr {
937 u8 buffer_mode;
938 u8 format;
939 __le16 len;
940 } __packed req = {
941 .buffer_mode = EE_MODE_EFUSE,
942 .format = EE_FORMAT_WHOLE,
943 };
944
945 return mt76_mcu_send_msg(&dev->mt76, MCU_EXT_CMD(EFUSE_BUFFER_MODE),
946 &req, sizeof(req), true);
947 }
948 EXPORT_SYMBOL_GPL(mt7921_mcu_set_eeprom);
949
mt7921_mcu_uni_bss_ps(struct mt7921_dev * dev,struct ieee80211_vif * vif)950 int mt7921_mcu_uni_bss_ps(struct mt7921_dev *dev, struct ieee80211_vif *vif)
951 {
952 struct mt7921_vif *mvif = (struct mt7921_vif *)vif->drv_priv;
953 struct {
954 struct {
955 u8 bss_idx;
956 u8 pad[3];
957 } __packed hdr;
958 struct ps_tlv {
959 __le16 tag;
960 __le16 len;
961 u8 ps_state; /* 0: device awake
962 * 1: static power save
963 * 2: dynamic power saving
964 * 3: enter TWT power saving
965 * 4: leave TWT power saving
966 */
967 u8 pad[3];
968 } __packed ps;
969 } __packed ps_req = {
970 .hdr = {
971 .bss_idx = mvif->mt76.idx,
972 },
973 .ps = {
974 .tag = cpu_to_le16(UNI_BSS_INFO_PS),
975 .len = cpu_to_le16(sizeof(struct ps_tlv)),
976 .ps_state = vif->bss_conf.ps ? 2 : 0,
977 },
978 };
979
980 if (vif->type != NL80211_IFTYPE_STATION)
981 return -EOPNOTSUPP;
982
983 return mt76_mcu_send_msg(&dev->mt76, MCU_UNI_CMD(BSS_INFO_UPDATE),
984 &ps_req, sizeof(ps_req), true);
985 }
986
987 static int
mt7921_mcu_uni_bss_bcnft(struct mt7921_dev * dev,struct ieee80211_vif * vif,bool enable)988 mt7921_mcu_uni_bss_bcnft(struct mt7921_dev *dev, struct ieee80211_vif *vif,
989 bool enable)
990 {
991 struct mt7921_vif *mvif = (struct mt7921_vif *)vif->drv_priv;
992 struct {
993 struct {
994 u8 bss_idx;
995 u8 pad[3];
996 } __packed hdr;
997 struct bcnft_tlv {
998 __le16 tag;
999 __le16 len;
1000 __le16 bcn_interval;
1001 u8 dtim_period;
1002 u8 pad;
1003 } __packed bcnft;
1004 } __packed bcnft_req = {
1005 .hdr = {
1006 .bss_idx = mvif->mt76.idx,
1007 },
1008 .bcnft = {
1009 .tag = cpu_to_le16(UNI_BSS_INFO_BCNFT),
1010 .len = cpu_to_le16(sizeof(struct bcnft_tlv)),
1011 .bcn_interval = cpu_to_le16(vif->bss_conf.beacon_int),
1012 .dtim_period = vif->bss_conf.dtim_period,
1013 },
1014 };
1015
1016 if (vif->type != NL80211_IFTYPE_STATION)
1017 return 0;
1018
1019 return mt76_mcu_send_msg(&dev->mt76, MCU_UNI_CMD(BSS_INFO_UPDATE),
1020 &bcnft_req, sizeof(bcnft_req), true);
1021 }
1022
1023 int
mt7921_mcu_set_bss_pm(struct mt7921_dev * dev,struct ieee80211_vif * vif,bool enable)1024 mt7921_mcu_set_bss_pm(struct mt7921_dev *dev, struct ieee80211_vif *vif,
1025 bool enable)
1026 {
1027 struct mt7921_vif *mvif = (struct mt7921_vif *)vif->drv_priv;
1028 struct {
1029 u8 bss_idx;
1030 u8 dtim_period;
1031 __le16 aid;
1032 __le16 bcn_interval;
1033 __le16 atim_window;
1034 u8 uapsd;
1035 u8 bmc_delivered_ac;
1036 u8 bmc_triggered_ac;
1037 u8 pad;
1038 } req = {
1039 .bss_idx = mvif->mt76.idx,
1040 .aid = cpu_to_le16(vif->bss_conf.aid),
1041 .dtim_period = vif->bss_conf.dtim_period,
1042 .bcn_interval = cpu_to_le16(vif->bss_conf.beacon_int),
1043 };
1044 struct {
1045 u8 bss_idx;
1046 u8 pad[3];
1047 } req_hdr = {
1048 .bss_idx = mvif->mt76.idx,
1049 };
1050 int err;
1051
1052 err = mt76_mcu_send_msg(&dev->mt76, MCU_CE_CMD(SET_BSS_ABORT),
1053 &req_hdr, sizeof(req_hdr), false);
1054 if (err < 0 || !enable)
1055 return err;
1056
1057 return mt76_mcu_send_msg(&dev->mt76, MCU_CE_CMD(SET_BSS_CONNECTED),
1058 &req, sizeof(req), false);
1059 }
1060
mt7921_mcu_sta_update(struct mt7921_dev * dev,struct ieee80211_sta * sta,struct ieee80211_vif * vif,bool enable,enum mt76_sta_info_state state)1061 int mt7921_mcu_sta_update(struct mt7921_dev *dev, struct ieee80211_sta *sta,
1062 struct ieee80211_vif *vif, bool enable,
1063 enum mt76_sta_info_state state)
1064 {
1065 struct mt7921_vif *mvif = (struct mt7921_vif *)vif->drv_priv;
1066 int rssi = -ewma_rssi_read(&mvif->rssi);
1067 struct mt76_sta_cmd_info info = {
1068 .sta = sta,
1069 .vif = vif,
1070 .enable = enable,
1071 .cmd = MCU_UNI_CMD(STA_REC_UPDATE),
1072 .state = state,
1073 .offload_fw = true,
1074 .rcpi = to_rcpi(rssi),
1075 };
1076 struct mt7921_sta *msta;
1077
1078 msta = sta ? (struct mt7921_sta *)sta->drv_priv : NULL;
1079 info.wcid = msta ? &msta->wcid : &mvif->sta.wcid;
1080 info.newly = msta ? state != MT76_STA_INFO_STATE_ASSOC : true;
1081
1082 return mt76_connac_mcu_sta_cmd(&dev->mphy, &info);
1083 }
1084
mt7921_mcu_drv_pmctrl(struct mt7921_dev * dev)1085 int mt7921_mcu_drv_pmctrl(struct mt7921_dev *dev)
1086 {
1087 struct mt76_phy *mphy = &dev->mt76.phy;
1088 struct mt76_connac_pm *pm = &dev->pm;
1089 int err = 0;
1090
1091 mutex_lock(&pm->mutex);
1092
1093 if (!test_bit(MT76_STATE_PM, &mphy->state))
1094 goto out;
1095
1096 err = __mt7921_mcu_drv_pmctrl(dev);
1097 out:
1098 mutex_unlock(&pm->mutex);
1099
1100 if (err)
1101 mt7921_reset(&dev->mt76);
1102
1103 return err;
1104 }
1105 EXPORT_SYMBOL_GPL(mt7921_mcu_drv_pmctrl);
1106
mt7921_mcu_fw_pmctrl(struct mt7921_dev * dev)1107 int mt7921_mcu_fw_pmctrl(struct mt7921_dev *dev)
1108 {
1109 struct mt76_phy *mphy = &dev->mt76.phy;
1110 struct mt76_connac_pm *pm = &dev->pm;
1111 int err = 0;
1112
1113 mutex_lock(&pm->mutex);
1114
1115 if (mt76_connac_skip_fw_pmctrl(mphy, pm))
1116 goto out;
1117
1118 err = __mt7921_mcu_fw_pmctrl(dev);
1119 out:
1120 mutex_unlock(&pm->mutex);
1121
1122 if (err)
1123 mt7921_reset(&dev->mt76);
1124
1125 return err;
1126 }
1127 EXPORT_SYMBOL_GPL(mt7921_mcu_fw_pmctrl);
1128
mt7921_mcu_set_beacon_filter(struct mt7921_dev * dev,struct ieee80211_vif * vif,bool enable)1129 int mt7921_mcu_set_beacon_filter(struct mt7921_dev *dev,
1130 struct ieee80211_vif *vif,
1131 bool enable)
1132 {
1133 struct ieee80211_hw *hw = mt76_hw(dev);
1134 int err;
1135
1136 if (enable) {
1137 err = mt7921_mcu_uni_bss_bcnft(dev, vif, true);
1138 if (err)
1139 return err;
1140
1141 vif->driver_flags |= IEEE80211_VIF_BEACON_FILTER;
1142 ieee80211_hw_set(hw, CONNECTION_MONITOR);
1143 mt76_set(dev, MT_WF_RFCR(0), MT_WF_RFCR_DROP_OTHER_BEACON);
1144
1145 return 0;
1146 }
1147
1148 err = mt7921_mcu_set_bss_pm(dev, vif, false);
1149 if (err)
1150 return err;
1151
1152 vif->driver_flags &= ~IEEE80211_VIF_BEACON_FILTER;
1153 __clear_bit(IEEE80211_HW_CONNECTION_MONITOR, hw->flags);
1154 mt76_clear(dev, MT_WF_RFCR(0), MT_WF_RFCR_DROP_OTHER_BEACON);
1155
1156 return 0;
1157 }
1158
mt7921_get_txpwr_info(struct mt7921_dev * dev,struct mt7921_txpwr * txpwr)1159 int mt7921_get_txpwr_info(struct mt7921_dev *dev, struct mt7921_txpwr *txpwr)
1160 {
1161 struct mt7921_txpwr_event *event;
1162 struct mt7921_txpwr_req req = {
1163 .dbdc_idx = 0,
1164 };
1165 struct sk_buff *skb;
1166 int ret;
1167
1168 ret = mt76_mcu_send_and_get_msg(&dev->mt76, MCU_CE_CMD(GET_TXPWR),
1169 &req, sizeof(req), true, &skb);
1170 if (ret)
1171 return ret;
1172
1173 event = (struct mt7921_txpwr_event *)skb->data;
1174 WARN_ON(skb->len != le16_to_cpu(event->len));
1175 memcpy(txpwr, &event->txpwr, sizeof(event->txpwr));
1176
1177 dev_kfree_skb(skb);
1178
1179 return 0;
1180 }
1181
mt7921_mcu_set_sniffer(struct mt7921_dev * dev,struct ieee80211_vif * vif,bool enable)1182 int mt7921_mcu_set_sniffer(struct mt7921_dev *dev, struct ieee80211_vif *vif,
1183 bool enable)
1184 {
1185 struct mt76_vif *mvif = (struct mt76_vif *)vif->drv_priv;
1186 struct {
1187 struct {
1188 u8 band_idx;
1189 u8 pad[3];
1190 } __packed hdr;
1191 struct sniffer_enable_tlv {
1192 __le16 tag;
1193 __le16 len;
1194 u8 enable;
1195 u8 pad[3];
1196 } __packed enable;
1197 } req = {
1198 .hdr = {
1199 .band_idx = mvif->band_idx,
1200 },
1201 .enable = {
1202 .tag = cpu_to_le16(0),
1203 .len = cpu_to_le16(sizeof(struct sniffer_enable_tlv)),
1204 .enable = enable,
1205 },
1206 };
1207
1208 return mt76_mcu_send_msg(&dev->mt76, MCU_UNI_CMD(SNIFFER), &req, sizeof(req),
1209 true);
1210 }
1211
1212 int
mt7921_mcu_uni_add_beacon_offload(struct mt7921_dev * dev,struct ieee80211_hw * hw,struct ieee80211_vif * vif,bool enable)1213 mt7921_mcu_uni_add_beacon_offload(struct mt7921_dev *dev,
1214 struct ieee80211_hw *hw,
1215 struct ieee80211_vif *vif,
1216 bool enable)
1217 {
1218 struct mt7921_vif *mvif = (struct mt7921_vif *)vif->drv_priv;
1219 struct mt76_wcid *wcid = &dev->mt76.global_wcid;
1220 struct ieee80211_mutable_offsets offs;
1221 struct {
1222 struct req_hdr {
1223 u8 bss_idx;
1224 u8 pad[3];
1225 } __packed hdr;
1226 struct bcn_content_tlv {
1227 __le16 tag;
1228 __le16 len;
1229 __le16 tim_ie_pos;
1230 __le16 csa_ie_pos;
1231 __le16 bcc_ie_pos;
1232 /* 0: disable beacon offload
1233 * 1: enable beacon offload
1234 * 2: update probe respond offload
1235 */
1236 u8 enable;
1237 /* 0: legacy format (TXD + payload)
1238 * 1: only cap field IE
1239 */
1240 u8 type;
1241 __le16 pkt_len;
1242 u8 pkt[512];
1243 } __packed beacon_tlv;
1244 } req = {
1245 .hdr = {
1246 .bss_idx = mvif->mt76.idx,
1247 },
1248 .beacon_tlv = {
1249 .tag = cpu_to_le16(UNI_BSS_INFO_BCN_CONTENT),
1250 .len = cpu_to_le16(sizeof(struct bcn_content_tlv)),
1251 .enable = enable,
1252 },
1253 };
1254 struct sk_buff *skb;
1255
1256 /* support enable/update process only
1257 * disable flow would be handled in bss stop handler automatically
1258 */
1259 if (!enable)
1260 return -EOPNOTSUPP;
1261
1262 skb = ieee80211_beacon_get_template(mt76_hw(dev), vif, &offs);
1263 if (!skb)
1264 return -EINVAL;
1265
1266 if (skb->len > 512 - MT_TXD_SIZE) {
1267 dev_err(dev->mt76.dev, "beacon size limit exceed\n");
1268 dev_kfree_skb(skb);
1269 return -EINVAL;
1270 }
1271
1272 mt76_connac2_mac_write_txwi(&dev->mt76, (__le32 *)(req.beacon_tlv.pkt),
1273 skb, wcid, NULL, 0, BSS_CHANGED_BEACON);
1274 memcpy(req.beacon_tlv.pkt + MT_TXD_SIZE, skb->data, skb->len);
1275 req.beacon_tlv.pkt_len = cpu_to_le16(MT_TXD_SIZE + skb->len);
1276 req.beacon_tlv.tim_ie_pos = cpu_to_le16(MT_TXD_SIZE + offs.tim_offset);
1277
1278 if (offs.cntdwn_counter_offs[0]) {
1279 u16 csa_offs;
1280
1281 csa_offs = MT_TXD_SIZE + offs.cntdwn_counter_offs[0] - 4;
1282 req.beacon_tlv.csa_ie_pos = cpu_to_le16(csa_offs);
1283 }
1284 dev_kfree_skb(skb);
1285
1286 return mt76_mcu_send_msg(&dev->mt76, MCU_UNI_CMD(BSS_INFO_UPDATE),
1287 &req, sizeof(req), true);
1288 }
1289