drivers/net/wireless/mediatek/mt76/mac80211.c

   1 // SPDX-License-Identifier: ISC
   2 /*
   3  * Copyright (C) 2016 Felix Fietkau <nbd@nbd.name>
   4  */
   5 #include <linux/sched.h>
   6 #include <linux/of.h>
   7 #include "mt76.h"
   8
   9 #define CHAN2G(_idx, _freq) {                   \
  10         .band = NL80211_BAND_2GHZ,              \
  11         .center_freq = (_freq),                 \
  12         .hw_value = (_idx),                     \
  13         .max_power = 30,                        \
  14 }
  15
  16 #define CHAN5G(_idx, _freq) {                   \
  17         .band = NL80211_BAND_5GHZ,              \
  18         .center_freq = (_freq),                 \
  19         .hw_value = (_idx),                     \
  20         .max_power = 30,                        \
  21 }
  22
  23 #define CHAN6G(_idx, _freq) {                   \
  24         .band = NL80211_BAND_6GHZ,              \
  25         .center_freq = (_freq),                 \
  26         .hw_value = (_idx),                     \
  27         .max_power = 30,                        \
  28 }
  29
  30 static const struct ieee80211_channel mt76_channels_2ghz[] = {
  31         CHAN2G(1, 2412),
  32         CHAN2G(2, 2417),
  33         CHAN2G(3, 2422),
  34         CHAN2G(4, 2427),
  35         CHAN2G(5, 2432),
  36         CHAN2G(6, 2437),
  37         CHAN2G(7, 2442),
  38         CHAN2G(8, 2447),
  39         CHAN2G(9, 2452),
  40         CHAN2G(10, 2457),
  41         CHAN2G(11, 2462),
  42         CHAN2G(12, 2467),
  43         CHAN2G(13, 2472),
  44         CHAN2G(14, 2484),
  45 };
  46
  47 static const struct ieee80211_channel mt76_channels_5ghz[] = {
  48         CHAN5G(36, 5180),
  49         CHAN5G(40, 5200),
  50         CHAN5G(44, 5220),
  51         CHAN5G(48, 5240),
  52
  53         CHAN5G(52, 5260),
  54         CHAN5G(56, 5280),
  55         CHAN5G(60, 5300),
  56         CHAN5G(64, 5320),
  57
  58         CHAN5G(100, 5500),
  59         CHAN5G(104, 5520),
  60         CHAN5G(108, 5540),
  61         CHAN5G(112, 5560),
  62         CHAN5G(116, 5580),
  63         CHAN5G(120, 5600),
  64         CHAN5G(124, 5620),
  65         CHAN5G(128, 5640),
  66         CHAN5G(132, 5660),
  67         CHAN5G(136, 5680),
  68         CHAN5G(140, 5700),
  69         CHAN5G(144, 5720),
  70
  71         CHAN5G(149, 5745),
  72         CHAN5G(153, 5765),
  73         CHAN5G(157, 5785),
  74         CHAN5G(161, 5805),
  75         CHAN5G(165, 5825),
  76         CHAN5G(169, 5845),
  77         CHAN5G(173, 5865),
  78 };
  79
  80 static const struct ieee80211_channel mt76_channels_6ghz[] = {
  81         /* UNII-5 */
  82         CHAN6G(1, 5955),
  83         CHAN6G(5, 5975),
  84         CHAN6G(9, 5995),
  85         CHAN6G(13, 6015),
  86         CHAN6G(17, 6035),
  87         CHAN6G(21, 6055),
  88         CHAN6G(25, 6075),
  89         CHAN6G(29, 6095),
  90         CHAN6G(33, 6115),
  91         CHAN6G(37, 6135),
  92         CHAN6G(41, 6155),
  93         CHAN6G(45, 6175),
  94         CHAN6G(49, 6195),
  95         CHAN6G(53, 6215),
  96         CHAN6G(57, 6235),
  97         CHAN6G(61, 6255),
  98         CHAN6G(65, 6275),
  99         CHAN6G(69, 6295),
 100         CHAN6G(73, 6315),
 101         CHAN6G(77, 6335),
 102         CHAN6G(81, 6355),
 103         CHAN6G(85, 6375),
 104         CHAN6G(89, 6395),
 105         CHAN6G(93, 6415),
 106         /* UNII-6 */
 107         CHAN6G(97, 6435),
 108         CHAN6G(101, 6455),
 109         CHAN6G(105, 6475),
 110         CHAN6G(109, 6495),
 111         CHAN6G(113, 6515),
 112         CHAN6G(117, 6535),
 113         /* UNII-7 */
 114         CHAN6G(121, 6555),
 115         CHAN6G(125, 6575),
 116         CHAN6G(129, 6595),
 117         CHAN6G(133, 6615),
 118         CHAN6G(137, 6635),
 119         CHAN6G(141, 6655),
 120         CHAN6G(145, 6675),
 121         CHAN6G(149, 6695),
 122         CHAN6G(153, 6715),
 123         CHAN6G(157, 6735),
 124         CHAN6G(161, 6755),
 125         CHAN6G(165, 6775),
 126         CHAN6G(169, 6795),
 127         CHAN6G(173, 6815),
 128         CHAN6G(177, 6835),
 129         CHAN6G(181, 6855),
 130         CHAN6G(185, 6875),
 131         /* UNII-8 */
 132         CHAN6G(189, 6895),
 133         CHAN6G(193, 6915),
 134         CHAN6G(197, 6935),
 135         CHAN6G(201, 6955),
 136         CHAN6G(205, 6975),
 137         CHAN6G(209, 6995),
 138         CHAN6G(213, 7015),
 139         CHAN6G(217, 7035),
 140         CHAN6G(221, 7055),
 141         CHAN6G(225, 7075),
 142         CHAN6G(229, 7095),
 143         CHAN6G(233, 7115),
 144 };
 145
 146 static const struct ieee80211_tpt_blink mt76_tpt_blink[] = {
 147         { .throughput =   0 * 1024, .blink_time = 334 },
 148         { .throughput =   1 * 1024, .blink_time = 260 },
 149         { .throughput =   5 * 1024, .blink_time = 220 },
 150         { .throughput =  10 * 1024, .blink_time = 190 },
 151         { .throughput =  20 * 1024, .blink_time = 170 },
 152         { .throughput =  50 * 1024, .blink_time = 150 },
 153         { .throughput =  70 * 1024, .blink_time = 130 },
 154         { .throughput = 100 * 1024, .blink_time = 110 },
 155         { .throughput = 200 * 1024, .blink_time =  80 },
 156         { .throughput = 300 * 1024, .blink_time =  50 },
 157 };
 158
 159 struct ieee80211_rate mt76_rates[] = {
 160         CCK_RATE(0, 10),
 161         CCK_RATE(1, 20),
 162         CCK_RATE(2, 55),
 163         CCK_RATE(3, 110),
 164         OFDM_RATE(11, 60),
 165         OFDM_RATE(15, 90),
 166         OFDM_RATE(10, 120),
 167         OFDM_RATE(14, 180),
 168         OFDM_RATE(9,  240),
 169         OFDM_RATE(13, 360),
 170         OFDM_RATE(8,  480),
 171         OFDM_RATE(12, 540),
 172 };
 173 EXPORT_SYMBOL_GPL(mt76_rates);
 174
 175 static const struct cfg80211_sar_freq_ranges mt76_sar_freq_ranges[] = {
 176         { .start_freq = 2402, .end_freq = 2494, },
 177         { .start_freq = 5150, .end_freq = 5350, },
 178         { .start_freq = 5350, .end_freq = 5470, },
 179         { .start_freq = 5470, .end_freq = 5725, },
 180         { .start_freq = 5725, .end_freq = 5950, },
 181 };
 182
 183 static const struct cfg80211_sar_capa mt76_sar_capa = {
 184         .type = NL80211_SAR_TYPE_POWER,
 185         .num_freq_ranges = ARRAY_SIZE(mt76_sar_freq_ranges),
 186         .freq_ranges = &mt76_sar_freq_ranges[0],
 187 };
 188
 189 static int mt76_led_init(struct mt76_dev *dev)
 190 {
 191         struct device_node *np = dev->dev->of_node;
 192         struct ieee80211_hw *hw = dev->hw;
 193         int led_pin;
 194
 195         if (!dev->led_cdev.brightness_set && !dev->led_cdev.blink_set)
 196                 return 0;
 197
 198         snprintf(dev->led_name, sizeof(dev->led_name),
 199                  "mt76-%s", wiphy_name(hw->wiphy));
 200
 201         dev->led_cdev.name = dev->led_name;
 202         dev->led_cdev.default_trigger =
 203                 ieee80211_create_tpt_led_trigger(hw,
 204                                         IEEE80211_TPT_LEDTRIG_FL_RADIO,
 205                                         mt76_tpt_blink,
 206                                         ARRAY_SIZE(mt76_tpt_blink));
 207
 208         np = of_get_child_by_name(np, "led");
 209         if (np) {
 210                 if (!of_property_read_u32(np, "led-sources", &led_pin))
 211                         dev->led_pin = led_pin;
 212                 dev->led_al = of_property_read_bool(np, "led-active-low");
 213         }
 214
 215         return led_classdev_register(dev->dev, &dev->led_cdev);
 216 }
 217
 218 static void mt76_led_cleanup(struct mt76_dev *dev)
 219 {
 220         if (!dev->led_cdev.brightness_set && !dev->led_cdev.blink_set)
 221                 return;
 222
 223         led_classdev_unregister(&dev->led_cdev);
 224 }
 225
 226 static void mt76_init_stream_cap(struct mt76_phy *phy,
 227                                  struct ieee80211_supported_band *sband,
 228                                  bool vht)
 229 {
 230         struct ieee80211_sta_ht_cap *ht_cap = &sband->ht_cap;
 231         int i, nstream = hweight8(phy->antenna_mask);
 232         struct ieee80211_sta_vht_cap *vht_cap;
 233         u16 mcs_map = 0;
 234
 235         if (nstream > 1)
 236                 ht_cap->cap |= IEEE80211_HT_CAP_TX_STBC;
 237         else
 238                 ht_cap->cap &= ~IEEE80211_HT_CAP_TX_STBC;
 239
 240         for (i = 0; i < IEEE80211_HT_MCS_MASK_LEN; i++)
 241                 ht_cap->mcs.rx_mask[i] = i < nstream ? 0xff : 0;
 242
 243         if (!vht)
 244                 return;
 245
 246         vht_cap = &sband->vht_cap;
 247         if (nstream > 1)
 248                 vht_cap->cap |= IEEE80211_VHT_CAP_TXSTBC;
 249         else
 250                 vht_cap->cap &= ~IEEE80211_VHT_CAP_TXSTBC;
 251         vht_cap->cap |= IEEE80211_VHT_CAP_TX_ANTENNA_PATTERN |
 252                         IEEE80211_VHT_CAP_RX_ANTENNA_PATTERN;
 253
 254         for (i = 0; i < 8; i++) {
 255                 if (i < nstream)
 256                         mcs_map |= (IEEE80211_VHT_MCS_SUPPORT_0_9 << (i * 2));
 257                 else
 258                         mcs_map |=
 259                                 (IEEE80211_VHT_MCS_NOT_SUPPORTED << (i * 2));
 260         }
 261         vht_cap->vht_mcs.rx_mcs_map = cpu_to_le16(mcs_map);
 262         vht_cap->vht_mcs.tx_mcs_map = cpu_to_le16(mcs_map);
 263 }
 264
 265 void mt76_set_stream_caps(struct mt76_phy *phy, bool vht)
 266 {
 267         if (phy->cap.has_2ghz)
 268                 mt76_init_stream_cap(phy, &phy->sband_2g.sband, false);
 269         if (phy->cap.has_5ghz)
 270                 mt76_init_stream_cap(phy, &phy->sband_5g.sband, vht);
 271         if (phy->cap.has_6ghz)
 272                 mt76_init_stream_cap(phy, &phy->sband_6g.sband, vht);
 273 }
 274 EXPORT_SYMBOL_GPL(mt76_set_stream_caps);
 275
 276 static int
 277 mt76_init_sband(struct mt76_phy *phy, struct mt76_sband *msband,
 278                 const struct ieee80211_channel *chan, int n_chan,
 279                 struct ieee80211_rate *rates, int n_rates,
 280                 bool ht, bool vht)
 281 {
 282         struct ieee80211_supported_band *sband = &msband->sband;
 283         struct ieee80211_sta_vht_cap *vht_cap;
 284         struct ieee80211_sta_ht_cap *ht_cap;
 285         struct mt76_dev *dev = phy->dev;
 286         void *chanlist;
 287         int size;
 288
 289         size = n_chan * sizeof(*chan);
 290         chanlist = devm_kmemdup(dev->dev, chan, size, GFP_KERNEL);
 291         if (!chanlist)
 292                 return -ENOMEM;
 293
 294         msband->chan = devm_kcalloc(dev->dev, n_chan, sizeof(*msband->chan),
 295                                     GFP_KERNEL);
 296         if (!msband->chan)
 297                 return -ENOMEM;
 298
 299         sband->channels = chanlist;
 300         sband->n_channels = n_chan;
 301         sband->bitrates = rates;
 302         sband->n_bitrates = n_rates;
 303
 304         if (!ht)
 305                 return 0;
 306
 307         ht_cap = &sband->ht_cap;
 308         ht_cap->ht_supported = true;
 309         ht_cap->cap |= IEEE80211_HT_CAP_SUP_WIDTH_20_40 |
 310                        IEEE80211_HT_CAP_GRN_FLD |
 311                        IEEE80211_HT_CAP_SGI_20 |
 312                        IEEE80211_HT_CAP_SGI_40 |
 313                        (1 << IEEE80211_HT_CAP_RX_STBC_SHIFT);
 314
 315         ht_cap->mcs.tx_params = IEEE80211_HT_MCS_TX_DEFINED;
 316         ht_cap->ampdu_factor = IEEE80211_HT_MAX_AMPDU_64K;
 317
 318         mt76_init_stream_cap(phy, sband, vht);
 319
 320         if (!vht)
 321                 return 0;
 322
 323         vht_cap = &sband->vht_cap;
 324         vht_cap->vht_supported = true;
 325         vht_cap->cap |= IEEE80211_VHT_CAP_RXLDPC |
 326                         IEEE80211_VHT_CAP_RXSTBC_1 |
 327                         IEEE80211_VHT_CAP_SHORT_GI_80 |
 328                         (3 << IEEE80211_VHT_CAP_MAX_A_MPDU_LENGTH_EXPONENT_SHIFT);
 329
 330         return 0;
 331 }
 332
 333 static int
 334 mt76_init_sband_2g(struct mt76_phy *phy, struct ieee80211_rate *rates,
 335                    int n_rates)
 336 {
 337         phy->hw->wiphy->bands[NL80211_BAND_2GHZ] = &phy->sband_2g.sband;
 338
 339         return mt76_init_sband(phy, &phy->sband_2g, mt76_channels_2ghz,
 340                                ARRAY_SIZE(mt76_channels_2ghz), rates,
 341                                n_rates, true, false);
 342 }
 343
 344 static int
 345 mt76_init_sband_5g(struct mt76_phy *phy, struct ieee80211_rate *rates,
 346                    int n_rates, bool vht)
 347 {
 348         phy->hw->wiphy->bands[NL80211_BAND_5GHZ] = &phy->sband_5g.sband;
 349
 350         return mt76_init_sband(phy, &phy->sband_5g, mt76_channels_5ghz,
 351                                ARRAY_SIZE(mt76_channels_5ghz), rates,
 352                                n_rates, true, vht);
 353 }
 354
 355 static int
 356 mt76_init_sband_6g(struct mt76_phy *phy, struct ieee80211_rate *rates,
 357                    int n_rates)
 358 {
 359         phy->hw->wiphy->bands[NL80211_BAND_6GHZ] = &phy->sband_6g.sband;
 360
 361         return mt76_init_sband(phy, &phy->sband_6g, mt76_channels_6ghz,
 362                                ARRAY_SIZE(mt76_channels_6ghz), rates,
 363                                n_rates, false, false);
 364 }
 365
 366 static void
 367 mt76_check_sband(struct mt76_phy *phy, struct mt76_sband *msband,
 368                  enum nl80211_band band)
 369 {
 370         struct ieee80211_supported_band *sband = &msband->sband;
 371         bool found = false;
 372         int i;
 373
 374         if (!sband)
 375                 return;
 376
 377         for (i = 0; i < sband->n_channels; i++) {
 378                 if (sband->channels[i].flags & IEEE80211_CHAN_DISABLED)
 379                         continue;
 380
 381                 found = true;
 382                 break;
 383         }
 384
 385         if (found) {
 386                 phy->chandef.chan = &sband->channels[0];
 387                 phy->chan_state = &msband->chan[0];
 388                 return;
 389         }
 390
 391         sband->n_channels = 0;
 392         phy->hw->wiphy->bands[band] = NULL;
 393 }
 394
 395 static int
 396 mt76_phy_init(struct mt76_phy *phy, struct ieee80211_hw *hw)
 397 {
 398         struct mt76_dev *dev = phy->dev;
 399         struct wiphy *wiphy = hw->wiphy;
 400
 401         SET_IEEE80211_DEV(hw, dev->dev);
 402         SET_IEEE80211_PERM_ADDR(hw, phy->macaddr);
 403
 404         wiphy->features |= NL80211_FEATURE_ACTIVE_MONITOR;
 405         wiphy->flags |= WIPHY_FLAG_HAS_CHANNEL_SWITCH |
 406                         WIPHY_FLAG_SUPPORTS_TDLS |
 407                         WIPHY_FLAG_AP_UAPSD;
 408
 409         wiphy_ext_feature_set(wiphy, NL80211_EXT_FEATURE_CQM_RSSI_LIST);
 410         wiphy_ext_feature_set(wiphy, NL80211_EXT_FEATURE_AIRTIME_FAIRNESS);
 411         wiphy_ext_feature_set(wiphy, NL80211_EXT_FEATURE_AQL);
 412
 413         wiphy->available_antennas_tx = phy->antenna_mask;
 414         wiphy->available_antennas_rx = phy->antenna_mask;
 415
 416         wiphy->sar_capa = &mt76_sar_capa;
 417         phy->frp = devm_kcalloc(dev->dev, wiphy->sar_capa->num_freq_ranges,
 418                                 sizeof(struct mt76_freq_range_power),
 419                                 GFP_KERNEL);
 420         if (!phy->frp)
 421                 return -ENOMEM;
 422
 423         hw->txq_data_size = sizeof(struct mt76_txq);
 424         hw->uapsd_max_sp_len = IEEE80211_WMM_IE_STA_QOSINFO_SP_ALL;
 425
 426         if (!hw->max_tx_fragments)
 427                 hw->max_tx_fragments = 16;
 428
 429         ieee80211_hw_set(hw, SIGNAL_DBM);
 430         ieee80211_hw_set(hw, AMPDU_AGGREGATION);
 431         ieee80211_hw_set(hw, SUPPORTS_RC_TABLE);
 432         ieee80211_hw_set(hw, SUPPORT_FAST_XMIT);
 433         ieee80211_hw_set(hw, SUPPORTS_CLONED_SKBS);
 434         ieee80211_hw_set(hw, SUPPORTS_AMSDU_IN_AMPDU);
 435         ieee80211_hw_set(hw, SUPPORTS_REORDERING_BUFFER);
 436         ieee80211_hw_set(hw, TX_AMSDU);
 437         ieee80211_hw_set(hw, TX_FRAG_LIST);
 438         ieee80211_hw_set(hw, MFP_CAPABLE);
 439         ieee80211_hw_set(hw, AP_LINK_PS);
 440         ieee80211_hw_set(hw, REPORTS_TX_ACK_STATUS);
 441
 442         return 0;
 443 }
 444
 445 struct mt76_phy *
 446 mt76_alloc_phy(struct mt76_dev *dev, unsigned int size,
 447                const struct ieee80211_ops *ops)
 448 {
 449         struct ieee80211_hw *hw;
 450         unsigned int phy_size;
 451         struct mt76_phy *phy;
 452
 453         phy_size = ALIGN(sizeof(*phy), 8);
 454         hw = ieee80211_alloc_hw(size + phy_size, ops);
 455         if (!hw)
 456                 return NULL;
 457
 458         phy = hw->priv;
 459         phy->dev = dev;
 460         phy->hw = hw;
 461         phy->priv = hw->priv + phy_size;
 462
 463         hw->wiphy->flags |= WIPHY_FLAG_IBSS_RSN;
 464         hw->wiphy->interface_modes =
 465                 BIT(NL80211_IFTYPE_STATION) |
 466                 BIT(NL80211_IFTYPE_AP) |
 467 #ifdef CONFIG_MAC80211_MESH
 468                 BIT(NL80211_IFTYPE_MESH_POINT) |
 469 #endif
 470                 BIT(NL80211_IFTYPE_P2P_CLIENT) |
 471                 BIT(NL80211_IFTYPE_P2P_GO) |
 472                 BIT(NL80211_IFTYPE_ADHOC);
 473
 474         return phy;
 475 }
 476 EXPORT_SYMBOL_GPL(mt76_alloc_phy);
 477
 478 int mt76_register_phy(struct mt76_phy *phy, bool vht,
 479                       struct ieee80211_rate *rates, int n_rates)
 480 {
 481         int ret;
 482
 483         ret = mt76_phy_init(phy, phy->hw);
 484         if (ret)
 485                 return ret;
 486
 487         if (phy->cap.has_2ghz) {
 488                 ret = mt76_init_sband_2g(phy, rates, n_rates);
 489                 if (ret)
 490                         return ret;
 491         }
 492
 493         if (phy->cap.has_5ghz) {
 494                 ret = mt76_init_sband_5g(phy, rates + 4, n_rates - 4, vht);
 495                 if (ret)
 496                         return ret;
 497         }
 498
 499         if (phy->cap.has_6ghz) {
 500                 ret = mt76_init_sband_6g(phy, rates + 4, n_rates - 4);
 501                 if (ret)
 502                         return ret;
 503         }
 504
 505         wiphy_read_of_freq_limits(phy->hw->wiphy);
 506         mt76_check_sband(phy, &phy->sband_2g, NL80211_BAND_2GHZ);
 507         mt76_check_sband(phy, &phy->sband_5g, NL80211_BAND_5GHZ);
 508         mt76_check_sband(phy, &phy->sband_6g, NL80211_BAND_6GHZ);
 509
 510         ret = ieee80211_register_hw(phy->hw);
 511         if (ret)
 512                 return ret;
 513
 514         phy->dev->phy2 = phy;
 515
 516         return 0;
 517 }
 518 EXPORT_SYMBOL_GPL(mt76_register_phy);
 519
 520 void mt76_unregister_phy(struct mt76_phy *phy)
 521 {
 522         struct mt76_dev *dev = phy->dev;
 523
 524         mt76_tx_status_check(dev, true);
 525         ieee80211_unregister_hw(phy->hw);
 526         dev->phy2 = NULL;
 527 }
 528 EXPORT_SYMBOL_GPL(mt76_unregister_phy);
 529
 530 struct mt76_dev *
 531 mt76_alloc_device(struct device *pdev, unsigned int size,
 532                   const struct ieee80211_ops *ops,
 533                   const struct mt76_driver_ops *drv_ops)
 534 {
 535         struct ieee80211_hw *hw;
 536         struct mt76_phy *phy;
 537         struct mt76_dev *dev;
 538         int i;
 539
 540         hw = ieee80211_alloc_hw(size, ops);
 541         if (!hw)
 542                 return NULL;
 543
 544         dev = hw->priv;
 545         dev->hw = hw;
 546         dev->dev = pdev;
 547         dev->drv = drv_ops;
 548         dev->dma_dev = pdev;
 549
 550         phy = &dev->phy;
 551         phy->dev = dev;
 552         phy->hw = hw;
 553
 554         spin_lock_init(&dev->rx_lock);
 555         spin_lock_init(&dev->lock);
 556         spin_lock_init(&dev->cc_lock);
 557         spin_lock_init(&dev->status_lock);
 558         mutex_init(&dev->mutex);
 559         init_waitqueue_head(&dev->tx_wait);
 560
 561         skb_queue_head_init(&dev->mcu.res_q);
 562         init_waitqueue_head(&dev->mcu.wait);
 563         mutex_init(&dev->mcu.mutex);
 564         dev->tx_worker.fn = mt76_tx_worker;
 565
 566         hw->wiphy->flags |= WIPHY_FLAG_IBSS_RSN;
 567         hw->wiphy->interface_modes =
 568                 BIT(NL80211_IFTYPE_STATION) |
 569                 BIT(NL80211_IFTYPE_AP) |
 570 #ifdef CONFIG_MAC80211_MESH
 571                 BIT(NL80211_IFTYPE_MESH_POINT) |
 572 #endif
 573                 BIT(NL80211_IFTYPE_P2P_CLIENT) |
 574                 BIT(NL80211_IFTYPE_P2P_GO) |
 575                 BIT(NL80211_IFTYPE_ADHOC);
 576
 577         spin_lock_init(&dev->token_lock);
 578         idr_init(&dev->token);
 579
 580         INIT_LIST_HEAD(&dev->wcid_list);
 581
 582         INIT_LIST_HEAD(&dev->txwi_cache);
 583         dev->token_size = dev->drv->token_size;
 584
 585         for (i = 0; i < ARRAY_SIZE(dev->q_rx); i++)
 586                 skb_queue_head_init(&dev->rx_skb[i]);
 587
 588         dev->wq = alloc_ordered_workqueue("mt76", 0);
 589         if (!dev->wq) {
 590                 ieee80211_free_hw(hw);
 591                 return NULL;
 592         }
 593
 594         return dev;
 595 }
 596 EXPORT_SYMBOL_GPL(mt76_alloc_device);
 597
 598 int mt76_register_device(struct mt76_dev *dev, bool vht,
 599                          struct ieee80211_rate *rates, int n_rates)
 600 {
 601         struct ieee80211_hw *hw = dev->hw;
 602         struct mt76_phy *phy = &dev->phy;
 603         int ret;
 604
 605         dev_set_drvdata(dev->dev, dev);
 606         ret = mt76_phy_init(phy, hw);
 607         if (ret)
 608                 return ret;
 609
 610         if (phy->cap.has_2ghz) {
 611                 ret = mt76_init_sband_2g(phy, rates, n_rates);
 612                 if (ret)
 613                         return ret;
 614         }
 615
 616         if (phy->cap.has_5ghz) {
 617                 ret = mt76_init_sband_5g(phy, rates + 4, n_rates - 4, vht);
 618                 if (ret)
 619                         return ret;
 620         }
 621
 622         if (phy->cap.has_6ghz) {
 623                 ret = mt76_init_sband_6g(phy, rates + 4, n_rates - 4);
 624                 if (ret)
 625                         return ret;
 626         }
 627
 628         wiphy_read_of_freq_limits(hw->wiphy);
 629         mt76_check_sband(&dev->phy, &phy->sband_2g, NL80211_BAND_2GHZ);
 630         mt76_check_sband(&dev->phy, &phy->sband_5g, NL80211_BAND_5GHZ);
 631         mt76_check_sband(&dev->phy, &phy->sband_6g, NL80211_BAND_6GHZ);
 632
 633         if (IS_ENABLED(CONFIG_MT76_LEDS)) {
 634                 ret = mt76_led_init(dev);
 635                 if (ret)
 636                         return ret;
 637         }
 638
 639         ret = ieee80211_register_hw(hw);
 640         if (ret)
 641                 return ret;
 642
 643         WARN_ON(mt76_worker_setup(hw, &dev->tx_worker, NULL, "tx"));
 644         sched_set_fifo_low(dev->tx_worker.task);
 645
 646         return 0;
 647 }
 648 EXPORT_SYMBOL_GPL(mt76_register_device);
 649
 650 void mt76_unregister_device(struct mt76_dev *dev)
 651 {
 652         struct ieee80211_hw *hw = dev->hw;
 653
 654         if (IS_ENABLED(CONFIG_MT76_LEDS))
 655                 mt76_led_cleanup(dev);
 656         mt76_tx_status_check(dev, true);
 657         ieee80211_unregister_hw(hw);
 658 }
 659 EXPORT_SYMBOL_GPL(mt76_unregister_device);
 660
 661 void mt76_free_device(struct mt76_dev *dev)
 662 {
 663         mt76_worker_teardown(&dev->tx_worker);
 664         if (dev->wq) {
 665                 destroy_workqueue(dev->wq);
 666                 dev->wq = NULL;
 667         }
 668         ieee80211_free_hw(dev->hw);
 669 }
 670 EXPORT_SYMBOL_GPL(mt76_free_device);
 671
 672 static void mt76_rx_release_amsdu(struct mt76_phy *phy, enum mt76_rxq_id q)
 673 {
 674         struct sk_buff *skb = phy->rx_amsdu[q].head;
 675         struct mt76_rx_status *status = (struct mt76_rx_status *)skb->cb;
 676         struct mt76_dev *dev = phy->dev;
 677
 678         phy->rx_amsdu[q].head = NULL;
 679         phy->rx_amsdu[q].tail = NULL;
 680
 681         /*
 682          * Validate if the amsdu has a proper first subframe.
 683          * A single MSDU can be parsed as A-MSDU when the unauthenticated A-MSDU
 684          * flag of the QoS header gets flipped. In such cases, the first
 685          * subframe has a LLC/SNAP header in the location of the destination
 686          * address.
 687          */
 688         if (skb_shinfo(skb)->frag_list) {
 689                 int offset = 0;
 690
 691                 if (!(status->flag & RX_FLAG_8023)) {
 692                         offset = ieee80211_get_hdrlen_from_skb(skb);
 693
 694                         if ((status->flag &
 695                              (RX_FLAG_DECRYPTED | RX_FLAG_IV_STRIPPED)) ==
 696                             RX_FLAG_DECRYPTED)
 697                                 offset += 8;
 698                 }
 699
 700                 if (ether_addr_equal(skb->data + offset, rfc1042_header)) {
 701                         dev_kfree_skb(skb);
 702                         return;
 703                 }
 704         }
 705         __skb_queue_tail(&dev->rx_skb[q], skb);
 706 }
 707
 708 static void mt76_rx_release_burst(struct mt76_phy *phy, enum mt76_rxq_id q,
 709                                   struct sk_buff *skb)
 710 {
 711         struct mt76_rx_status *status = (struct mt76_rx_status *)skb->cb;
 712
 713         if (phy->rx_amsdu[q].head &&
 714             (!status->amsdu || status->first_amsdu ||
 715              status->seqno != phy->rx_amsdu[q].seqno))
 716                 mt76_rx_release_amsdu(phy, q);
 717
 718         if (!phy->rx_amsdu[q].head) {
 719                 phy->rx_amsdu[q].tail = &skb_shinfo(skb)->frag_list;
 720                 phy->rx_amsdu[q].seqno = status->seqno;
 721                 phy->rx_amsdu[q].head = skb;
 722         } else {
 723                 *phy->rx_amsdu[q].tail = skb;
 724                 phy->rx_amsdu[q].tail = &skb->next;
 725         }
 726
 727         if (!status->amsdu || status->last_amsdu)
 728                 mt76_rx_release_amsdu(phy, q);
 729 }
 730
 731 void mt76_rx(struct mt76_dev *dev, enum mt76_rxq_id q, struct sk_buff *skb)
 732 {
 733         struct mt76_rx_status *status = (struct mt76_rx_status *)skb->cb;
 734         struct mt76_phy *phy = mt76_dev_phy(dev, status->ext_phy);
 735
 736         if (!test_bit(MT76_STATE_RUNNING, &phy->state)) {
 737                 dev_kfree_skb(skb);
 738                 return;
 739         }
 740
 741 #ifdef CONFIG_NL80211_TESTMODE
 742         if (phy->test.state == MT76_TM_STATE_RX_FRAMES) {
 743                 phy->test.rx_stats.packets[q]++;
 744                 if (status->flag & RX_FLAG_FAILED_FCS_CRC)
 745                         phy->test.rx_stats.fcs_error[q]++;
 746         }
 747 #endif
 748
 749         mt76_rx_release_burst(phy, q, skb);
 750 }
 751 EXPORT_SYMBOL_GPL(mt76_rx);
 752
 753 bool mt76_has_tx_pending(struct mt76_phy *phy)
 754 {
 755         struct mt76_queue *q;
 756         int i;
 757
 758         for (i = 0; i < __MT_TXQ_MAX; i++) {
 759                 q = phy->q_tx[i];
 760                 if (q && q->queued)
 761                         return true;
 762         }
 763
 764         return false;
 765 }
 766 EXPORT_SYMBOL_GPL(mt76_has_tx_pending);
 767
 768 static struct mt76_channel_state *
 769 mt76_channel_state(struct mt76_phy *phy, struct ieee80211_channel *c)
 770 {
 771         struct mt76_sband *msband;
 772         int idx;
 773
 774         if (c->band == NL80211_BAND_2GHZ)
 775                 msband = &phy->sband_2g;
 776         else if (c->band == NL80211_BAND_6GHZ)
 777                 msband = &phy->sband_6g;
 778         else
 779                 msband = &phy->sband_5g;
 780
 781         idx = c - &msband->sband.channels[0];
 782         return &msband->chan[idx];
 783 }
 784
 785 void mt76_update_survey_active_time(struct mt76_phy *phy, ktime_t time)
 786 {
 787         struct mt76_channel_state *state = phy->chan_state;
 788
 789         state->cc_active += ktime_to_us(ktime_sub(time,
 790                                                   phy->survey_time));
 791         phy->survey_time = time;
 792 }
 793 EXPORT_SYMBOL_GPL(mt76_update_survey_active_time);
 794
 795 void mt76_update_survey(struct mt76_phy *phy)
 796 {
 797         struct mt76_dev *dev = phy->dev;
 798         ktime_t cur_time;
 799
 800         if (dev->drv->update_survey)
 801                 dev->drv->update_survey(phy);
 802
 803         cur_time = ktime_get_boottime();
 804         mt76_update_survey_active_time(phy, cur_time);
 805
 806         if (dev->drv->drv_flags & MT_DRV_SW_RX_AIRTIME) {
 807                 struct mt76_channel_state *state = phy->chan_state;
 808
 809                 spin_lock_bh(&dev->cc_lock);
 810                 state->cc_bss_rx += dev->cur_cc_bss_rx;
 811                 dev->cur_cc_bss_rx = 0;
 812                 spin_unlock_bh(&dev->cc_lock);
 813         }
 814 }
 815 EXPORT_SYMBOL_GPL(mt76_update_survey);
 816
 817 void mt76_set_channel(struct mt76_phy *phy)
 818 {
 819         struct mt76_dev *dev = phy->dev;
 820         struct ieee80211_hw *hw = phy->hw;
 821         struct cfg80211_chan_def *chandef = &hw->conf.chandef;
 822         bool offchannel = hw->conf.flags & IEEE80211_CONF_OFFCHANNEL;
 823         int timeout = HZ / 5;
 824
 825         wait_event_timeout(dev->tx_wait, !mt76_has_tx_pending(phy), timeout);
 826         mt76_update_survey(phy);
 827
 828         if (phy->chandef.chan->center_freq != chandef->chan->center_freq ||
 829             phy->chandef.width != chandef->width)
 830                 phy->dfs_state = MT_DFS_STATE_UNKNOWN;
 831
 832         phy->chandef = *chandef;
 833         phy->chan_state = mt76_channel_state(phy, chandef->chan);
 834
 835         if (!offchannel)
 836                 phy->main_chan = chandef->chan;
 837
 838         if (chandef->chan != phy->main_chan)
 839                 memset(phy->chan_state, 0, sizeof(*phy->chan_state));
 840 }
 841 EXPORT_SYMBOL_GPL(mt76_set_channel);
 842
 843 int mt76_get_survey(struct ieee80211_hw *hw, int idx,
 844                     struct survey_info *survey)
 845 {
 846         struct mt76_phy *phy = hw->priv;
 847         struct mt76_dev *dev = phy->dev;
 848         struct mt76_sband *sband;
 849         struct ieee80211_channel *chan;
 850         struct mt76_channel_state *state;
 851         int ret = 0;
 852
 853         mutex_lock(&dev->mutex);
 854         if (idx == 0 && dev->drv->update_survey)
 855                 mt76_update_survey(phy);
 856
 857         if (idx >= phy->sband_2g.sband.n_channels +
 858                    phy->sband_5g.sband.n_channels) {
 859                 idx -= (phy->sband_2g.sband.n_channels +
 860                         phy->sband_5g.sband.n_channels);
 861                 sband = &phy->sband_6g;
 862         } else if (idx >= phy->sband_2g.sband.n_channels) {
 863                 idx -= phy->sband_2g.sband.n_channels;
 864                 sband = &phy->sband_5g;
 865         } else {
 866                 sband = &phy->sband_2g;
 867         }
 868
 869         if (idx >= sband->sband.n_channels) {
 870                 ret = -ENOENT;
 871                 goto out;
 872         }
 873
 874         chan = &sband->sband.channels[idx];
 875         state = mt76_channel_state(phy, chan);
 876
 877         memset(survey, 0, sizeof(*survey));
 878         survey->channel = chan;
 879         survey->filled = SURVEY_INFO_TIME | SURVEY_INFO_TIME_BUSY;
 880         survey->filled |= dev->drv->survey_flags;
 881         if (state->noise)
 882                 survey->filled |= SURVEY_INFO_NOISE_DBM;
 883
 884         if (chan == phy->main_chan) {
 885                 survey->filled |= SURVEY_INFO_IN_USE;
 886
 887                 if (dev->drv->drv_flags & MT_DRV_SW_RX_AIRTIME)
 888                         survey->filled |= SURVEY_INFO_TIME_BSS_RX;
 889         }
 890
 891         survey->time_busy = div_u64(state->cc_busy, 1000);
 892         survey->time_rx = div_u64(state->cc_rx, 1000);
 893         survey->time = div_u64(state->cc_active, 1000);
 894         survey->noise = state->noise;
 895
 896         spin_lock_bh(&dev->cc_lock);
 897         survey->time_bss_rx = div_u64(state->cc_bss_rx, 1000);
 898         survey->time_tx = div_u64(state->cc_tx, 1000);
 899         spin_unlock_bh(&dev->cc_lock);
 900
 901 out:
 902         mutex_unlock(&dev->mutex);
 903
 904         return ret;
 905 }
 906 EXPORT_SYMBOL_GPL(mt76_get_survey);
 907
 908 void mt76_wcid_key_setup(struct mt76_dev *dev, struct mt76_wcid *wcid,
 909                          struct ieee80211_key_conf *key)
 910 {
 911         struct ieee80211_key_seq seq;
 912         int i;
 913
 914         wcid->rx_check_pn = false;
 915
 916         if (!key)
 917                 return;
 918
 919         if (key->cipher != WLAN_CIPHER_SUITE_CCMP)
 920                 return;
 921
 922         wcid->rx_check_pn = true;
 923
 924         /* data frame */
 925         for (i = 0; i < IEEE80211_NUM_TIDS; i++) {
 926                 ieee80211_get_key_rx_seq(key, i, &seq);
 927                 memcpy(wcid->rx_key_pn[i], seq.ccmp.pn, sizeof(seq.ccmp.pn));
 928         }
 929
 930         /* robust management frame */
 931         ieee80211_get_key_rx_seq(key, -1, &seq);
 932         memcpy(wcid->rx_key_pn[i], seq.ccmp.pn, sizeof(seq.ccmp.pn));
 933
 934 }
 935 EXPORT_SYMBOL(mt76_wcid_key_setup);
 936
 937 static int
 938 mt76_rx_signal(struct mt76_rx_status *status)
 939 {
 940         s8 *chain_signal = status->chain_signal;
 941         int signal = -128;
 942         u8 chains;
 943
 944         for (chains = status->chains; chains; chains >>= 1, chain_signal++) {
 945                 int cur, diff;
 946
 947                 cur = *chain_signal;
 948                 if (!(chains & BIT(0)) ||
 949                     cur > 0)
 950                         continue;
 951
 952                 if (cur > signal)
 953                         swap(cur, signal);
 954
 955                 diff = signal - cur;
 956                 if (diff == 0)
 957                         signal += 3;
 958                 else if (diff <= 2)
 959                         signal += 2;
 960                 else if (diff <= 6)
 961                         signal += 1;
 962         }
 963
 964         return signal;
 965 }
 966
 967 static void
 968 mt76_rx_convert(struct mt76_dev *dev, struct sk_buff *skb,
 969                 struct ieee80211_hw **hw,
 970                 struct ieee80211_sta **sta)
 971 {
 972         struct ieee80211_rx_status *status = IEEE80211_SKB_RXCB(skb);
 973         struct ieee80211_hdr *hdr = mt76_skb_get_hdr(skb);
 974         struct mt76_rx_status mstat;
 975
 976         mstat = *((struct mt76_rx_status *)skb->cb);
 977         memset(status, 0, sizeof(*status));
 978
 979         status->flag = mstat.flag;
 980         status->freq = mstat.freq;
 981         status->enc_flags = mstat.enc_flags;
 982         status->encoding = mstat.encoding;
 983         status->bw = mstat.bw;
 984         status->he_ru = mstat.he_ru;
 985         status->he_gi = mstat.he_gi;
 986         status->he_dcm = mstat.he_dcm;
 987         status->rate_idx = mstat.rate_idx;
 988         status->nss = mstat.nss;
 989         status->band = mstat.band;
 990         status->signal = mstat.signal;
 991         status->chains = mstat.chains;
 992         status->ampdu_reference = mstat.ampdu_ref;
 993         status->device_timestamp = mstat.timestamp;
 994         status->mactime = mstat.timestamp;
 995         status->signal = mt76_rx_signal(&mstat);
 996         if (status->signal <= -128)
 997                 status->flag |= RX_FLAG_NO_SIGNAL_VAL;
 998
 999         if (ieee80211_is_beacon(hdr->frame_control) ||
1000             ieee80211_is_probe_resp(hdr->frame_control))
1001                 status->boottime_ns = ktime_get_boottime_ns();
1002
1003         BUILD_BUG_ON(sizeof(mstat) > sizeof(skb->cb));
1004         BUILD_BUG_ON(sizeof(status->chain_signal) !=
1005                      sizeof(mstat.chain_signal));
1006         memcpy(status->chain_signal, mstat.chain_signal,
1007                sizeof(mstat.chain_signal));
1008
1009         *sta = wcid_to_sta(mstat.wcid);
1010         *hw = mt76_phy_hw(dev, mstat.ext_phy);
1011 }
1012
1013 static int
1014 mt76_check_ccmp_pn(struct sk_buff *skb)
1015 {
1016         struct mt76_rx_status *status = (struct mt76_rx_status *)skb->cb;
1017         struct mt76_wcid *wcid = status->wcid;
1018         struct ieee80211_hdr *hdr;
1019         int security_idx;
1020         int ret;
1021
1022         if (!(status->flag & RX_FLAG_DECRYPTED))
1023                 return 0;
1024
1025         if (!wcid || !wcid->rx_check_pn)
1026                 return 0;
1027
1028         security_idx = status->qos_ctl & IEEE80211_QOS_CTL_TID_MASK;
1029         if (status->flag & RX_FLAG_8023)
1030                 goto skip_hdr_check;
1031
1032         hdr = mt76_skb_get_hdr(skb);
1033         if (!(status->flag & RX_FLAG_IV_STRIPPED)) {
1034                 /*
1035                  * Validate the first fragment both here and in mac80211
1036                  * All further fragments will be validated by mac80211 only.
1037                  */
1038                 if (ieee80211_is_frag(hdr) &&
1039                     !ieee80211_is_first_frag(hdr->frame_control))
1040                         return 0;
1041         }
1042
1043         /* IEEE 802.11-2020, 12.5.3.4.4 "PN and replay detection" c):
1044          *
1045          * the recipient shall maintain a single replay counter for received
1046          * individually addressed robust Management frames that are received
1047          * with the To DS subfield equal to 0, [...]
1048          */
1049         if (ieee80211_is_mgmt(hdr->frame_control) &&
1050             !ieee80211_has_tods(hdr->frame_control))
1051                 security_idx = IEEE80211_NUM_TIDS;
1052
1053 skip_hdr_check:
1054         BUILD_BUG_ON(sizeof(status->iv) != sizeof(wcid->rx_key_pn[0]));
1055         ret = memcmp(status->iv, wcid->rx_key_pn[security_idx],
1056                      sizeof(status->iv));
1057         if (ret <= 0)
1058                 return -EINVAL; /* replay */
1059
1060         memcpy(wcid->rx_key_pn[security_idx], status->iv, sizeof(status->iv));
1061
1062         if (status->flag & RX_FLAG_IV_STRIPPED)
1063                 status->flag |= RX_FLAG_PN_VALIDATED;
1064
1065         return 0;
1066 }
1067
1068 static void
1069 mt76_airtime_report(struct mt76_dev *dev, struct mt76_rx_status *status,
1070                     int len)
1071 {
1072         struct mt76_wcid *wcid = status->wcid;
1073         struct ieee80211_rx_status info = {
1074                 .enc_flags = status->enc_flags,
1075                 .rate_idx = status->rate_idx,
1076                 .encoding = status->encoding,
1077                 .band = status->band,
1078                 .nss = status->nss,
1079                 .bw = status->bw,
1080         };
1081         struct ieee80211_sta *sta;
1082         u32 airtime;
1083         u8 tidno = status->qos_ctl & IEEE80211_QOS_CTL_TID_MASK;
1084
1085         airtime = ieee80211_calc_rx_airtime(dev->hw, &info, len);
1086         spin_lock(&dev->cc_lock);
1087         dev->cur_cc_bss_rx += airtime;
1088         spin_unlock(&dev->cc_lock);
1089
1090         if (!wcid || !wcid->sta)
1091                 return;
1092
1093         sta = container_of((void *)wcid, struct ieee80211_sta, drv_priv);
1094         ieee80211_sta_register_airtime(sta, tidno, 0, airtime);
1095 }
1096
1097 static void
1098 mt76_airtime_flush_ampdu(struct mt76_dev *dev)
1099 {
1100         struct mt76_wcid *wcid;
1101         int wcid_idx;
1102
1103         if (!dev->rx_ampdu_len)
1104                 return;
1105
1106         wcid_idx = dev->rx_ampdu_status.wcid_idx;
1107         if (wcid_idx < ARRAY_SIZE(dev->wcid))
1108                 wcid = rcu_dereference(dev->wcid[wcid_idx]);
1109         else
1110                 wcid = NULL;
1111         dev->rx_ampdu_status.wcid = wcid;
1112
1113         mt76_airtime_report(dev, &dev->rx_ampdu_status, dev->rx_ampdu_len);
1114
1115         dev->rx_ampdu_len = 0;
1116         dev->rx_ampdu_ref = 0;
1117 }
1118
1119 static void
1120 mt76_airtime_check(struct mt76_dev *dev, struct sk_buff *skb)
1121 {
1122         struct mt76_rx_status *status = (struct mt76_rx_status *)skb->cb;
1123         struct mt76_wcid *wcid = status->wcid;
1124
1125         if (!(dev->drv->drv_flags & MT_DRV_SW_RX_AIRTIME))
1126                 return;
1127
1128         if (!wcid || !wcid->sta) {
1129                 struct ieee80211_hdr *hdr = mt76_skb_get_hdr(skb);
1130
1131                 if (status->flag & RX_FLAG_8023)
1132                         return;
1133
1134                 if (!ether_addr_equal(hdr->addr1, dev->phy.macaddr))
1135                         return;
1136
1137                 wcid = NULL;
1138         }
1139
1140         if (!(status->flag & RX_FLAG_AMPDU_DETAILS) ||
1141             status->ampdu_ref != dev->rx_ampdu_ref)
1142                 mt76_airtime_flush_ampdu(dev);
1143
1144         if (status->flag & RX_FLAG_AMPDU_DETAILS) {
1145                 if (!dev->rx_ampdu_len ||
1146                     status->ampdu_ref != dev->rx_ampdu_ref) {
1147                         dev->rx_ampdu_status = *status;
1148                         dev->rx_ampdu_status.wcid_idx = wcid ? wcid->idx : 0xff;
1149                         dev->rx_ampdu_ref = status->ampdu_ref;
1150                 }
1151
1152                 dev->rx_ampdu_len += skb->len;
1153                 return;
1154         }
1155
1156         mt76_airtime_report(dev, status, skb->len);
1157 }
1158
1159 static void
1160 mt76_check_sta(struct mt76_dev *dev, struct sk_buff *skb)
1161 {
1162         struct mt76_rx_status *status = (struct mt76_rx_status *)skb->cb;
1163         struct ieee80211_hdr *hdr = mt76_skb_get_hdr(skb);
1164         struct ieee80211_sta *sta;
1165         struct ieee80211_hw *hw;
1166         struct mt76_wcid *wcid = status->wcid;
1167         u8 tidno = status->qos_ctl & IEEE80211_QOS_CTL_TID_MASK;
1168         bool ps;
1169
1170         hw = mt76_phy_hw(dev, status->ext_phy);
1171         if (ieee80211_is_pspoll(hdr->frame_control) && !wcid &&
1172             !(status->flag & RX_FLAG_8023)) {
1173                 sta = ieee80211_find_sta_by_ifaddr(hw, hdr->addr2, NULL);
1174                 if (sta)
1175                         wcid = status->wcid = (struct mt76_wcid *)sta->drv_priv;
1176         }
1177
1178         mt76_airtime_check(dev, skb);
1179
1180         if (!wcid || !wcid->sta)
1181                 return;
1182
1183         sta = container_of((void *)wcid, struct ieee80211_sta, drv_priv);
1184
1185         if (status->signal <= 0)
1186                 ewma_signal_add(&wcid->rssi, -status->signal);
1187
1188         wcid->inactive_count = 0;
1189
1190         if (status->flag & RX_FLAG_8023)
1191                 return;
1192
1193         if (!test_bit(MT_WCID_FLAG_CHECK_PS, &wcid->flags))
1194                 return;
1195
1196         if (ieee80211_is_pspoll(hdr->frame_control)) {
1197                 ieee80211_sta_pspoll(sta);
1198                 return;
1199         }
1200
1201         if (ieee80211_has_morefrags(hdr->frame_control) ||
1202             !(ieee80211_is_mgmt(hdr->frame_control) ||
1203               ieee80211_is_data(hdr->frame_control)))
1204                 return;
1205
1206         ps = ieee80211_has_pm(hdr->frame_control);
1207
1208         if (ps && (ieee80211_is_data_qos(hdr->frame_control) ||
1209                    ieee80211_is_qos_nullfunc(hdr->frame_control)))
1210                 ieee80211_sta_uapsd_trigger(sta, tidno);
1211
1212         if (!!test_bit(MT_WCID_FLAG_PS, &wcid->flags) == ps)
1213                 return;
1214
1215         if (ps)
1216                 set_bit(MT_WCID_FLAG_PS, &wcid->flags);
1217
1218         dev->drv->sta_ps(dev, sta, ps);
1219
1220         if (!ps)
1221                 clear_bit(MT_WCID_FLAG_PS, &wcid->flags);
1222
1223         ieee80211_sta_ps_transition(sta, ps);
1224 }
1225
1226 void mt76_rx_complete(struct mt76_dev *dev, struct sk_buff_head *frames,
1227                       struct napi_struct *napi)
1228 {
1229         struct ieee80211_sta *sta;
1230         struct ieee80211_hw *hw;
1231         struct sk_buff *skb, *tmp;
1232         LIST_HEAD(list);
1233
1234         spin_lock(&dev->rx_lock);
1235         while ((skb = __skb_dequeue(frames)) != NULL) {
1236                 struct sk_buff *nskb = skb_shinfo(skb)->frag_list;
1237
1238                 if (mt76_check_ccmp_pn(skb)) {
1239                         dev_kfree_skb(skb);
1240                         continue;
1241                 }
1242
1243                 skb_shinfo(skb)->frag_list = NULL;
1244                 mt76_rx_convert(dev, skb, &hw, &sta);
1245                 ieee80211_rx_list(hw, sta, skb, &list);
1246
1247                 /* subsequent amsdu frames */
1248                 while (nskb) {
1249                         skb = nskb;
1250                         nskb = nskb->next;
1251                         skb->next = NULL;
1252
1253                         mt76_rx_convert(dev, skb, &hw, &sta);
1254                         ieee80211_rx_list(hw, sta, skb, &list);
1255                 }
1256         }
1257         spin_unlock(&dev->rx_lock);
1258
1259         if (!napi) {
1260                 netif_receive_skb_list(&list);
1261                 return;
1262         }
1263
1264         list_for_each_entry_safe(skb, tmp, &list, list) {
1265                 skb_list_del_init(skb);
1266                 napi_gro_receive(napi, skb);
1267         }
1268 }
1269
1270 void mt76_rx_poll_complete(struct mt76_dev *dev, enum mt76_rxq_id q,
1271                            struct napi_struct *napi)
1272 {
1273         struct sk_buff_head frames;
1274         struct sk_buff *skb;
1275
1276         __skb_queue_head_init(&frames);
1277
1278         while ((skb = __skb_dequeue(&dev->rx_skb[q])) != NULL) {
1279                 mt76_check_sta(dev, skb);
1280                 mt76_rx_aggr_reorder(skb, &frames);
1281         }
1282
1283         mt76_rx_complete(dev, &frames, napi);
1284 }
1285 EXPORT_SYMBOL_GPL(mt76_rx_poll_complete);
1286
1287 static int
1288 mt76_sta_add(struct mt76_dev *dev, struct ieee80211_vif *vif,
1289              struct ieee80211_sta *sta, bool ext_phy)
1290 {
1291         struct mt76_wcid *wcid = (struct mt76_wcid *)sta->drv_priv;
1292         int ret;
1293         int i;
1294
1295         mutex_lock(&dev->mutex);
1296
1297         ret = dev->drv->sta_add(dev, vif, sta);
1298         if (ret)
1299                 goto out;
1300
1301         for (i = 0; i < ARRAY_SIZE(sta->txq); i++) {
1302                 struct mt76_txq *mtxq;
1303
1304                 if (!sta->txq[i])
1305                         continue;
1306
1307                 mtxq = (struct mt76_txq *)sta->txq[i]->drv_priv;
1308                 mtxq->wcid = wcid->idx;
1309         }
1310
1311         ewma_signal_init(&wcid->rssi);
1312         if (ext_phy)
1313                 mt76_wcid_mask_set(dev->wcid_phy_mask, wcid->idx);
1314         wcid->ext_phy = ext_phy;
1315         rcu_assign_pointer(dev->wcid[wcid->idx], wcid);
1316
1317         mt76_packet_id_init(wcid);
1318 out:
1319         mutex_unlock(&dev->mutex);
1320
1321         return ret;
1322 }
1323
1324 void __mt76_sta_remove(struct mt76_dev *dev, struct ieee80211_vif *vif,
1325                        struct ieee80211_sta *sta)
1326 {
1327         struct mt76_wcid *wcid = (struct mt76_wcid *)sta->drv_priv;
1328         int i, idx = wcid->idx;
1329
1330         for (i = 0; i < ARRAY_SIZE(wcid->aggr); i++)
1331                 mt76_rx_aggr_stop(dev, wcid, i);
1332
1333         if (dev->drv->sta_remove)
1334                 dev->drv->sta_remove(dev, vif, sta);
1335
1336         mt76_packet_id_flush(dev, wcid);
1337
1338         mt76_wcid_mask_clear(dev->wcid_mask, idx);
1339         mt76_wcid_mask_clear(dev->wcid_phy_mask, idx);
1340 }
1341 EXPORT_SYMBOL_GPL(__mt76_sta_remove);
1342
1343 static void
1344 mt76_sta_remove(struct mt76_dev *dev, struct ieee80211_vif *vif,
1345                 struct ieee80211_sta *sta)
1346 {
1347         mutex_lock(&dev->mutex);
1348         __mt76_sta_remove(dev, vif, sta);
1349         mutex_unlock(&dev->mutex);
1350 }
1351
1352 int mt76_sta_state(struct ieee80211_hw *hw, struct ieee80211_vif *vif,
1353                    struct ieee80211_sta *sta,
1354                    enum ieee80211_sta_state old_state,
1355                    enum ieee80211_sta_state new_state)
1356 {
1357         struct mt76_phy *phy = hw->priv;
1358         struct mt76_dev *dev = phy->dev;
1359         bool ext_phy = phy != &dev->phy;
1360
1361         if (old_state == IEEE80211_STA_NOTEXIST &&
1362             new_state == IEEE80211_STA_NONE)
1363                 return mt76_sta_add(dev, vif, sta, ext_phy);
1364
1365         if (old_state == IEEE80211_STA_AUTH &&
1366             new_state == IEEE80211_STA_ASSOC &&
1367             dev->drv->sta_assoc)
1368                 dev->drv->sta_assoc(dev, vif, sta);
1369
1370         if (old_state == IEEE80211_STA_NONE &&
1371             new_state == IEEE80211_STA_NOTEXIST)
1372                 mt76_sta_remove(dev, vif, sta);
1373
1374         return 0;
1375 }
1376 EXPORT_SYMBOL_GPL(mt76_sta_state);
1377
1378 void mt76_sta_pre_rcu_remove(struct ieee80211_hw *hw, struct ieee80211_vif *vif,
1379                              struct ieee80211_sta *sta)
1380 {
1381         struct mt76_phy *phy = hw->priv;
1382         struct mt76_dev *dev = phy->dev;
1383         struct mt76_wcid *wcid = (struct mt76_wcid *)sta->drv_priv;
1384
1385         mutex_lock(&dev->mutex);
1386         spin_lock_bh(&dev->status_lock);
1387         rcu_assign_pointer(dev->wcid[wcid->idx], NULL);
1388         spin_unlock_bh(&dev->status_lock);
1389         mutex_unlock(&dev->mutex);
1390 }
1391 EXPORT_SYMBOL_GPL(mt76_sta_pre_rcu_remove);
1392
1393 int mt76_get_txpower(struct ieee80211_hw *hw, struct ieee80211_vif *vif,
1394                      int *dbm)
1395 {
1396         struct mt76_phy *phy = hw->priv;
1397         int n_chains = hweight8(phy->antenna_mask);
1398         int delta = mt76_tx_power_nss_delta(n_chains);
1399
1400         *dbm = DIV_ROUND_UP(phy->txpower_cur + delta, 2);
1401
1402         return 0;
1403 }
1404 EXPORT_SYMBOL_GPL(mt76_get_txpower);
1405
1406 int mt76_init_sar_power(struct ieee80211_hw *hw,
1407                         const struct cfg80211_sar_specs *sar)
1408 {
1409         struct mt76_phy *phy = hw->priv;
1410         const struct cfg80211_sar_capa *capa = hw->wiphy->sar_capa;
1411         int i;
1412
1413         if (sar->type != NL80211_SAR_TYPE_POWER || !sar->num_sub_specs)
1414                 return -EINVAL;
1415
1416         for (i = 0; i < sar->num_sub_specs; i++) {
1417                 u32 index = sar->sub_specs[i].freq_range_index;
1418                 /* SAR specifies power limitaton in 0.25dbm */
1419                 s32 power = sar->sub_specs[i].power >> 1;
1420
1421                 if (power > 127 || power < -127)
1422                         power = 127;
1423
1424                 phy->frp[index].range = &capa->freq_ranges[index];
1425                 phy->frp[index].power = power;
1426         }
1427
1428         return 0;
1429 }
1430 EXPORT_SYMBOL_GPL(mt76_init_sar_power);
1431
1432 int mt76_get_sar_power(struct mt76_phy *phy,
1433                        struct ieee80211_channel *chan,
1434                        int power)
1435 {
1436         const struct cfg80211_sar_capa *capa = phy->hw->wiphy->sar_capa;
1437         int freq, i;
1438
1439         if (!capa || !phy->frp)
1440                 return power;
1441
1442         if (power > 127 || power < -127)
1443                 power = 127;
1444
1445         freq = ieee80211_channel_to_frequency(chan->hw_value, chan->band);
1446         for (i = 0 ; i < capa->num_freq_ranges; i++) {
1447                 if (phy->frp[i].range &&
1448                     freq >= phy->frp[i].range->start_freq &&
1449                     freq < phy->frp[i].range->end_freq) {
1450                         power = min_t(int, phy->frp[i].power, power);
1451                         break;
1452                 }
1453         }
1454
1455         return power;
1456 }
1457 EXPORT_SYMBOL_GPL(mt76_get_sar_power);
1458
1459 static void
1460 __mt76_csa_finish(void *priv, u8 *mac, struct ieee80211_vif *vif)
1461 {
1462         if (vif->csa_active && ieee80211_beacon_cntdwn_is_complete(vif))
1463                 ieee80211_csa_finish(vif);
1464 }
1465
1466 void mt76_csa_finish(struct mt76_dev *dev)
1467 {
1468         if (!dev->csa_complete)
1469                 return;
1470
1471         ieee80211_iterate_active_interfaces_atomic(dev->hw,
1472                 IEEE80211_IFACE_ITER_RESUME_ALL,
1473                 __mt76_csa_finish, dev);
1474
1475         dev->csa_complete = 0;
1476 }
1477 EXPORT_SYMBOL_GPL(mt76_csa_finish);
1478
1479 static void
1480 __mt76_csa_check(void *priv, u8 *mac, struct ieee80211_vif *vif)
1481 {
1482         struct mt76_dev *dev = priv;
1483
1484         if (!vif->csa_active)
1485                 return;
1486
1487         dev->csa_complete |= ieee80211_beacon_cntdwn_is_complete(vif);
1488 }
1489
1490 void mt76_csa_check(struct mt76_dev *dev)
1491 {
1492         ieee80211_iterate_active_interfaces_atomic(dev->hw,
1493                 IEEE80211_IFACE_ITER_RESUME_ALL,
1494                 __mt76_csa_check, dev);
1495 }
1496 EXPORT_SYMBOL_GPL(mt76_csa_check);
1497
1498 int
1499 mt76_set_tim(struct ieee80211_hw *hw, struct ieee80211_sta *sta, bool set)
1500 {
1501         return 0;
1502 }
1503 EXPORT_SYMBOL_GPL(mt76_set_tim);
1504
1505 void mt76_insert_ccmp_hdr(struct sk_buff *skb, u8 key_id)
1506 {
1507         struct mt76_rx_status *status = (struct mt76_rx_status *)skb->cb;
1508         int hdr_len = ieee80211_get_hdrlen_from_skb(skb);
1509         u8 *hdr, *pn = status->iv;
1510
1511         __skb_push(skb, 8);
1512         memmove(skb->data, skb->data + 8, hdr_len);
1513         hdr = skb->data + hdr_len;
1514
1515         hdr[0] = pn[5];
1516         hdr[1] = pn[4];
1517         hdr[2] = 0;
1518         hdr[3] = 0x20 | (key_id << 6);
1519         hdr[4] = pn[3];
1520         hdr[5] = pn[2];
1521         hdr[6] = pn[1];
1522         hdr[7] = pn[0];
1523
1524         status->flag &= ~RX_FLAG_IV_STRIPPED;
1525 }
1526 EXPORT_SYMBOL_GPL(mt76_insert_ccmp_hdr);
1527
1528 int mt76_get_rate(struct mt76_dev *dev,
1529                   struct ieee80211_supported_band *sband,
1530                   int idx, bool cck)
1531 {
1532         int i, offset = 0, len = sband->n_bitrates;
1533
1534         if (cck) {
1535                 if (sband != &dev->phy.sband_2g.sband)
1536                         return 0;
1537
1538                 idx &= ~BIT(2); /* short preamble */
1539         } else if (sband == &dev->phy.sband_2g.sband) {
1540                 offset = 4;
1541         }
1542
1543         for (i = offset; i < len; i++) {
1544                 if ((sband->bitrates[i].hw_value & GENMASK(7, 0)) == idx)
1545                         return i;
1546         }
1547
1548         return 0;
1549 }
1550 EXPORT_SYMBOL_GPL(mt76_get_rate);
1551
1552 void mt76_sw_scan(struct ieee80211_hw *hw, struct ieee80211_vif *vif,
1553                   const u8 *mac)
1554 {
1555         struct mt76_phy *phy = hw->priv;
1556
1557         set_bit(MT76_SCANNING, &phy->state);
1558 }
1559 EXPORT_SYMBOL_GPL(mt76_sw_scan);
1560
1561 void mt76_sw_scan_complete(struct ieee80211_hw *hw, struct ieee80211_vif *vif)
1562 {
1563         struct mt76_phy *phy = hw->priv;
1564
1565         clear_bit(MT76_SCANNING, &phy->state);
1566 }
1567 EXPORT_SYMBOL_GPL(mt76_sw_scan_complete);
1568
1569 int mt76_get_antenna(struct ieee80211_hw *hw, u32 *tx_ant, u32 *rx_ant)
1570 {
1571         struct mt76_phy *phy = hw->priv;
1572         struct mt76_dev *dev = phy->dev;
1573
1574         mutex_lock(&dev->mutex);
1575         *tx_ant = phy->antenna_mask;
1576         *rx_ant = phy->antenna_mask;
1577         mutex_unlock(&dev->mutex);
1578
1579         return 0;
1580 }
1581 EXPORT_SYMBOL_GPL(mt76_get_antenna);
1582
1583 struct mt76_queue *
1584 mt76_init_queue(struct mt76_dev *dev, int qid, int idx, int n_desc,
1585                 int ring_base, u32 flags)
1586 {
1587         struct mt76_queue *hwq;
1588         int err;
1589
1590         hwq = devm_kzalloc(dev->dev, sizeof(*hwq), GFP_KERNEL);
1591         if (!hwq)
1592                 return ERR_PTR(-ENOMEM);
1593
1594         hwq->flags = flags;
1595
1596         err = dev->queue_ops->alloc(dev, hwq, idx, n_desc, 0, ring_base);
1597         if (err < 0)
1598                 return ERR_PTR(err);
1599
1600         return hwq;
1601 }
1602 EXPORT_SYMBOL_GPL(mt76_init_queue);
1603
1604 u16 mt76_calculate_default_rate(struct mt76_phy *phy, int rateidx)
1605 {
1606         int offset = 0;
1607
1608         if (phy->chandef.chan->band != NL80211_BAND_2GHZ)
1609                 offset = 4;
1610
1611         /* pick the lowest rate for hidden nodes */
1612         if (rateidx < 0)
1613                 rateidx = 0;
1614
1615         rateidx += offset;
1616         if (rateidx >= ARRAY_SIZE(mt76_rates))
1617                 rateidx = offset;
1618
1619         return mt76_rates[rateidx].hw_value;
1620 }
1621 EXPORT_SYMBOL_GPL(mt76_calculate_default_rate);
1622
1623 void mt76_ethtool_worker(struct mt76_ethtool_worker_info *wi,
1624                          struct mt76_sta_stats *stats)
1625 {
1626         int i, ei = wi->initial_stat_idx;
1627         u64 *data = wi->data;
1628
1629         wi->sta_count++;
1630
1631         data[ei++] += stats->tx_mode[MT_PHY_TYPE_CCK];
1632         data[ei++] += stats->tx_mode[MT_PHY_TYPE_OFDM];
1633         data[ei++] += stats->tx_mode[MT_PHY_TYPE_HT];
1634         data[ei++] += stats->tx_mode[MT_PHY_TYPE_HT_GF];
1635         data[ei++] += stats->tx_mode[MT_PHY_TYPE_VHT];
1636         data[ei++] += stats->tx_mode[MT_PHY_TYPE_HE_SU];
1637         data[ei++] += stats->tx_mode[MT_PHY_TYPE_HE_EXT_SU];
1638         data[ei++] += stats->tx_mode[MT_PHY_TYPE_HE_TB];
1639         data[ei++] += stats->tx_mode[MT_PHY_TYPE_HE_MU];
1640
1641         for (i = 0; i < ARRAY_SIZE(stats->tx_bw); i++)
1642                 data[ei++] += stats->tx_bw[i];
1643
1644         for (i = 0; i < 12; i++)
1645                 data[ei++] += stats->tx_mcs[i];
1646
1647         wi->worker_stat_count = ei - wi->initial_stat_idx;
1648 }
1649 EXPORT_SYMBOL_GPL(mt76_ethtool_worker);
1650
1651 enum mt76_dfs_state mt76_phy_dfs_state(struct mt76_phy *phy)
1652 {
1653         struct ieee80211_hw *hw = phy->hw;
1654         struct mt76_dev *dev = phy->dev;
1655
1656         if (dev->region == NL80211_DFS_UNSET ||
1657             test_bit(MT76_SCANNING, &phy->state))
1658                 return MT_DFS_STATE_DISABLED;
1659
1660         if (!hw->conf.radar_enabled) {
1661                 if ((hw->conf.flags & IEEE80211_CONF_MONITOR) &&
1662                     (phy->chandef.chan->flags & IEEE80211_CHAN_RADAR))
1663                         return MT_DFS_STATE_ACTIVE;
1664
1665                 return MT_DFS_STATE_DISABLED;
1666         }
1667
1668         if (!cfg80211_reg_can_beacon(hw->wiphy, &phy->chandef, NL80211_IFTYPE_AP))
1669                 return MT_DFS_STATE_CAC;
1670
1671         return MT_DFS_STATE_ACTIVE;
1672 }
1673 EXPORT_SYMBOL_GPL(mt76_phy_dfs_state);