OpenWrt v21.02.3: adjust config defaults

Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>

config/Config-kernel.in

@@ -436,34 +436,22 @@ config KERNEL_PROVE_LOCKING
 	select KERNEL_DEBUG_KERNEL
 	default n
 
-config KERNEL_LOCKUP_DETECTOR
-	bool "Compile the kernel with detect Hard and Soft Lockups"
+config KERNEL_SOFTLOCKUP_DETECTOR
+	bool "Compile the kernel with detect Soft Lockups"
 	depends on KERNEL_DEBUG_KERNEL
 	help
 	  Say Y here to enable the kernel to act as a watchdog to detect
-	  hard and soft lockups.
+	  soft lockups.
 
 	  Softlockups are bugs that cause the kernel to loop in kernel
 	  mode for more than 20 seconds, without giving other tasks a
 	  chance to run.  The current stack trace is displayed upon
 	  detection and the system will stay locked up.
 
-	  Hardlockups are bugs that cause the CPU to loop in kernel mode
-	  for more than 10 seconds, without letting other interrupts have a
-	  chance to run.  The current stack trace is displayed upon detection
-	  and the system will stay locked up.
-
-	  The overhead should be minimal.  A periodic hrtimer runs to
-	  generate interrupts and kick the watchdog task every 4 seconds.
-	  An NMI is generated every 10 seconds or so to check for hardlockups.
-
-	  The frequency of hrtimer and NMI events and the soft and hard lockup
-	  thresholds can be controlled through the sysctl watchdog_thresh.
-
 config KERNEL_DETECT_HUNG_TASK
 	bool "Compile the kernel with detect Hung Tasks"
 	depends on KERNEL_DEBUG_KERNEL
-	default KERNEL_LOCKUP_DETECTOR
+	default KERNEL_SOFTLOCKUP_DETECTOR
 	help
 	  Say Y here to enable the kernel to detect "hung tasks",
 	  which are bugs that cause the task to be stuck in

feeds.conf.default

@@ -1,4 +1,4 @@
-src-git packages https://git.openwrt.org/feed/packages.git^65057dcbb5de371503c9159de3d45824bec482e0
-src-git luci https://git.openwrt.org/project/luci.git^3b3c2e5f9f82372df8ff01ac65668be47690dcd5
-src-git routing https://git.openwrt.org/feed/routing.git^c30c9ffc93702365439a7647244a052531f2e957
-src-git telephony https://git.openwrt.org/feed/telephony.git^7f73a9ad19269dcddcb7fc26e03a9823717587bb
+src-git packages https://git.openwrt.org/feed/packages.git^78bcd00c13587571b5c79ed2fc3363aa674aaef7
+src-git luci https://git.openwrt.org/project/luci.git^fe09ab990256d8b63e76cc1ab2435baef921b8b4
+src-git routing https://git.openwrt.org/feed/routing.git^a0d61bddb3ce4ca54bd76af86c28f58feb6cc044
+src-git telephony https://git.openwrt.org/feed/telephony.git^0183c1adda0e7581698b0ea4bff7c08379acf447

include/kernel-version.mk

@@ -6,9 +6,9 @@ ifdef CONFIG_TESTING_KERNEL
   KERNEL_PATCHVER:=$(KERNEL_TESTING_PATCHVER)
 endif
 
-LINUX_VERSION-5.4 = .143
+LINUX_VERSION-5.4 = .188
 
-LINUX_KERNEL_HASH-5.4.143 = 0953650b05a5f806d76c5691583e94e141f4f691bc0ba75a60b643740f021d24
+LINUX_KERNEL_HASH-5.4.188 = 9fbc8bfdc28c9fce2307bdf7cf1172c9819df673397a411c40a5c3d0a570fdbc
 
 remove_uri_prefix=$(subst git://,,$(subst http://,,$(subst https://,,$(1))))
 sanitize_uri=$(call qstrip,$(subst @,_,$(subst :,_,$(subst .,_,$(subst -,_,$(subst /,_,$(1)))))))

include/prereq-build.mk

@@ -153,20 +153,22 @@ $(eval $(call SetupHostCommand,perl,Please install Perl 5.x, \
 $(eval $(call CleanupPython2))
 
 $(eval $(call SetupHostCommand,python,Please install Python >= 3.5, \
+	python3.10 -V 2>&1 | grep 'Python 3', \
 	python3.9 -V 2>&1 | grep 'Python 3', \
 	python3.8 -V 2>&1 | grep 'Python 3', \
 	python3.7 -V 2>&1 | grep 'Python 3', \
 	python3.6 -V 2>&1 | grep 'Python 3', \
 	python3.5 -V 2>&1 | grep 'Python 3', \
-	python3 -V 2>&1 | grep -E 'Python 3\.[5-9]\.?'))
+	python3 -V 2>&1 | grep -E 'Python 3\.([5-9]|10)\.?'))
 
 $(eval $(call SetupHostCommand,python3,Please install Python >= 3.5, \
+	python3.10 -V 2>&1 | grep 'Python 3', \
 	python3.9 -V 2>&1 | grep 'Python 3', \
 	python3.8 -V 2>&1 | grep 'Python 3', \
 	python3.7 -V 2>&1 | grep 'Python 3', \
 	python3.6 -V 2>&1 | grep 'Python 3', \
 	python3.5 -V 2>&1 | grep 'Python 3', \
-	python3 -V 2>&1 | grep -E 'Python 3\.[5-9]\.?'))
+	python3 -V 2>&1 | grep -E 'Python 3\.([5-9]|10)\.?'))
 
 $(eval $(call TestHostCommand,python3-distutils, \
 	Please install the Python3 distutils module, \
@@ -182,7 +184,9 @@ $(eval $(call SetupHostCommand,rsync,Please install 'rsync', \
 	rsync --version </dev/null))
 
 $(eval $(call SetupHostCommand,which,Please install 'which', \
-	which which | grep which))
+	/usr/bin/which which, \
+	/bin/which which, \
+	which which))
 
 $(STAGING_DIR_HOST)/bin/mkhash: $(SCRIPT_DIR)/mkhash.c
 	mkdir -p $(dir $@)

include/u-boot.mk

@@ -44,6 +44,7 @@ TARGET_DEP = TARGET_$(BUILD_TARGET)$(if $(BUILD_SUBTARGET),_$(BUILD_SUBTARGET))
 UBOOT_MAKE_FLAGS = \
 	HOSTCC="$(HOSTCC)" \
 	HOSTCFLAGS="$(HOST_CFLAGS) $(HOST_CPPFLAGS) -std=gnu11" \
+	LOCALVERSION="-OpenWrt-$(REVISION)" \
 	HOSTLDFLAGS="$(HOST_LDFLAGS)"
 
 define Build/U-Boot/Target

include/version.mk

@@ -23,13 +23,13 @@ PKG_CONFIG_DEPENDS += \
 sanitize = $(call tolower,$(subst _,-,$(subst $(space),-,$(1))))
 
 VERSION_NUMBER:=$(call qstrip,$(CONFIG_VERSION_NUMBER))
-VERSION_NUMBER:=$(if $(VERSION_NUMBER),$(VERSION_NUMBER),21.02.0)
+VERSION_NUMBER:=$(if $(VERSION_NUMBER),$(VERSION_NUMBER),21.02.3)
 
 VERSION_CODE:=$(call qstrip,$(CONFIG_VERSION_CODE))
-VERSION_CODE:=$(if $(VERSION_CODE),$(VERSION_CODE),r16279-5cc0535800)
+VERSION_CODE:=$(if $(VERSION_CODE),$(VERSION_CODE),r16554-1d4dea6d4f)
 
 VERSION_REPO:=$(call qstrip,$(CONFIG_VERSION_REPO))
-VERSION_REPO:=$(if $(VERSION_REPO),$(VERSION_REPO),https://downloads.openwrt.org/releases/21.02.0)
+VERSION_REPO:=$(if $(VERSION_REPO),$(VERSION_REPO),https://downloads.openwrt.org/releases/21.02.3)
 
 VERSION_DIST:=$(call qstrip,$(CONFIG_VERSION_DIST))
 VERSION_DIST:=$(if $(VERSION_DIST),$(VERSION_DIST),OpenWrt)

package/Makefile

@@ -66,8 +66,10 @@ $(curdir)/install: $(TMP_DIR)/.build $(curdir)/merge $(if $(CONFIG_TARGET_PER_DE
 	- find $(STAGING_DIR_ROOT) -type d | $(XARGS) chmod 0755
 	rm -rf $(TARGET_DIR) $(TARGET_DIR_ORIG)
 	mkdir -p $(TARGET_DIR)/tmp
-	$(call opkg,$(TARGET_DIR)) install \
-		$(call opkg_package_files,$(foreach pkg,$(shell cat $(PACKAGE_INSTALL_FILES) 2>/dev/null),$(pkg)$(call GetABISuffix,$(pkg))))
+	$(file >$(TMP_DIR)/opkg_install_list,\
+	  $(call opkg_package_files,\
+	    $(foreach pkg,$(shell cat $(PACKAGE_INSTALL_FILES) 2>/dev/null),$(pkg)$(call GetABISuffix,$(pkg)))))
+	$(call opkg,$(TARGET_DIR)) install $$(cat $(TMP_DIR)/opkg_install_list)
 	@for file in $(PACKAGE_INSTALL_FILES); do \
 		[ -s $$file.flags ] || continue; \
 		for flag in `cat $$file.flags`; do \

package/base-files/files/etc/init.d/boot

@@ -21,9 +21,10 @@ boot() {
 	[ -f /proc/mounts ] || /sbin/mount_root
 	[ -f /proc/jffs2_bbc ] && echo "S" > /proc/jffs2_bbc
 
-	mkdir -p /var/run
-	mkdir -p /var/log
 	mkdir -p /var/lock
+	chmod 1777 /var/lock
+	mkdir -p /var/log
+	mkdir -p /var/run
 	mkdir -p /var/state
 	mkdir -p /var/tmp
 	mkdir -p /tmp/.uci
@@ -47,6 +48,7 @@ boot() {
 
 	/bin/config_generate
 	uci_apply_defaults
+	sync
 	
 	# temporary hack until configd exists
 	/sbin/reload_config

package/base-files/files/etc/rc.common

@@ -100,9 +100,9 @@ service_data() {
 }
 
 service_running() {
-	local service="${1:-$(basename $initscript)}"
-	local instance="${2:-*}"
-	procd_running "$service" "$instance" "$@"
+	local instance="${1:-*}"
+
+	procd_running "$(basename $initscript)" "$instance"
 }
 
 ${INIT_TRACE:+set -x}

package/base-files/files/lib/upgrade/common.sh

@@ -267,7 +267,7 @@ get_partitions() { # <device> <filename>
 				local type="$1"
 				local lba="$(( $(hex_le32_to_cpu $4) * 0x100000000 + $(hex_le32_to_cpu $3) ))"
 				local end="$(( $(hex_le32_to_cpu $6) * 0x100000000 + $(hex_le32_to_cpu $5) ))"
-				local num="$(( $end - $lba ))"
+				local num="$(( $end - $lba + 1 ))"
 
 				[ "$type" = "00000000000000000000000000000000" ] && continue
 

package/base-files/image-config.in

@@ -183,7 +183,7 @@ if VERSIONOPT
 	config VERSION_REPO
 		string
 		prompt "Release repository"
-		default "https://downloads.openwrt.org/releases/21.02.0"
+		default "https://downloads.openwrt.org/releases/21.02.3"
 		help
 			This is the repository address embedded in the image, it defaults
 			to the trunk snapshot repo; the url may contain the following placeholders:

package/boot/arm-trusted-firmware-bcm63xx/Makefile

@@ -0,0 +1,42 @@
+# SPDX-License-Identifier: GPL-2.0
+
+include $(TOPDIR)/rules.mk
+
+PKG_VERSION:=2.2
+PKG_RELEASE:=$(AUTORELEASE)
+
+PKG_SOURCE_PROTO:=git
+PKG_SOURCE_URL=$(PROJECT_GIT)/project/bcm63xx/atf.git
+PKG_SOURCE_DATE:=2021-12-24
+PKG_SOURCE_VERSION:=e6d46baf3fae79f693f90bf34f7284c3dfc64aef
+PKG_MIRROR_HASH:=9d5d04f572b1b6ddc6eb3064b9cb09f5fe982e82d350790041d35316349af124
+
+PKG_MAINTAINER:=Rafał Miłecki <rafal@milecki.pl>
+
+include $(INCLUDE_DIR)/trusted-firmware-a.mk
+include $(INCLUDE_DIR)/package.mk
+
+define Trusted-Firmware-A/Default
+  PLAT:=bcm
+  DEFAULT:=y
+endef
+
+define Trusted-Firmware-A/bcm4908
+  BUILD_TARGET:=bcm4908
+  NAME:=BCM4908
+  BRCM_CHIP=4908
+  TFA_IMAGE:=bl31.bin
+endef
+
+TFA_TARGETS:= \
+	bcm4908
+
+TFA_MAKE_FLAGS += \
+	BRCM_CHIP=$(BRCM_CHIP)
+
+define Package/trusted-firmware-a/install
+	$(INSTALL_DIR) $(STAGING_DIR_IMAGE)
+	$(INSTALL_DATA) $(PKG_BUILD_DIR)/build/$(PLAT)/release/$(TFA_IMAGE) $(STAGING_DIR_IMAGE)/
+endef
+
+$(eval $(call BuildPackage/Trusted-Firmware-A))

package/boot/uboot-bcm4908/Makefile

@@ -0,0 +1,48 @@
+# SPDX-License-Identifier: GPL-2.0-or-later
+
+include $(TOPDIR)/rules.mk
+include $(INCLUDE_DIR)/kernel.mk
+
+PKG_RELEASE:=$(AUTORELEASE)
+
+PKG_SOURCE_PROTO:=git
+PKG_SOURCE_URL:=https://git.openwrt.org/project/bcm63xx/u-boot.git
+PKG_SOURCE_DATE:=2022-03-03
+PKG_SOURCE_VERSION:=92e9eca819c9c898d9d2010e1a217726c42c8c47
+PKG_MIRROR_HASH:=11c37fe4c18d55e799153600d1cfd8ee9ca7da8326d0024c1d825f4a327c5f0d
+
+include $(INCLUDE_DIR)/u-boot.mk
+include $(INCLUDE_DIR)/package.mk
+
+define U-Boot/Default
+  BUILD_TARGET:=bcm4908
+  UBOOT_IMAGE:=u-boot-nodtb.bin
+  DEFAULT:=y
+endef
+
+define U-Boot/bcm4908
+  NAME:=Broadcom's BCM4908
+  UBOOT_CONFIG:=bcm94908
+endef
+
+UBOOT_TARGETS := \
+	bcm4908
+
+define Build/Prepare
+	$(call Build/Prepare/Default)
+	mkdir -p $(PKG_BUILD_DIR)/include/generated/
+	( cd $(PKG_BUILD_DIR)/board/broadcom/bcmbca/httpd/html/ && \
+	  $(STAGING_DIR_HOST)/bin/xxd -i index.html > ../../../../../include/generated/index.h && \
+	  $(STAGING_DIR_HOST)/bin/xxd -i flashing.html > ../../../../../include/generated/flashing.h && \
+	  $(STAGING_DIR_HOST)/bin/xxd -i fail.html > ../../../../../include/generated/fail.h && \
+	  $(STAGING_DIR_HOST)/bin/xxd -i 404.html > ../../../../../include/generated/404.h )
+endef
+
+define Build/InstallDev
+	$(INSTALL_DIR) $(STAGING_DIR_IMAGE)/u-boot
+	$(INSTALL_BIN) $(PKG_BUILD_DIR)/$(UBOOT_IMAGE) $(STAGING_DIR_IMAGE)/u-boot/
+	$(INSTALL_BIN) $(PKG_BUILD_DIR)/u-boot.dtb $(STAGING_DIR_IMAGE)/u-boot/
+	$(INSTALL_BIN) $(PKG_BUILD_DIR)/arch/arm/dts/*.dtb $(STAGING_DIR_IMAGE)/u-boot/
+endef
+
+$(eval $(call BuildPackage/U-Boot))

package/boot/uboot-bcm4908/patches/100-check-config-allow-to-complete-build-even-with-ad-ho.patch

@@ -0,0 +1,40 @@
+From: Masahiro Yamada <yamada.masahiro@socionext.com>
+Date: Mon, 26 Sep 2016 13:05:02 +0900
+Subject: [PATCH] check-config: allow to complete build even with ad-hoc CONFIG
+ options
+
+Currently, the check-config.sh terminates the build when unknown
+ad-hoc options are detected.  I think it is too much because we may
+want to patch config headers locally in a build/deployment project.
+
+So, let's relax check-config.sh to just warn even if it detects
+options that are not in the whitelist.  Instead, this check can be
+done at the end of build, along with other checks.  It will catch
+more attention.
+
+Even with this change, the Buildman tool catches new warnings,
+so Tom can give NACK to new ad-hoc options.
+
+Signed-off-by: Masahiro Yamada <yamada.masahiro@socionext.com>
+---
+ scripts/check-config.sh | 3 +--
+ 1 file changed, 1 insertion(+), 2 deletions(-)
+
+--- a/scripts/check-config.sh
++++ b/scripts/check-config.sh
+@@ -50,14 +50,13 @@ cat `find ${srctree} -name "Kconfig*"` |sed -n \
+ 	|sort |uniq > ${ok}
+ comm -23 ${suspects} ${ok} >${new_adhoc}
+ if [ -s ${new_adhoc} ]; then
+-	echo >&2 "Error: You must add new CONFIG options using Kconfig"
++	echo >&2 "Warning: You must add new CONFIG options using Kconfig"
+ 	echo >&2 "The following new ad-hoc CONFIG options were detected:"
+ 	cat >&2 ${new_adhoc}
+ 	echo >&2
+ 	echo >&2 "Please add these via Kconfig instead. Find a suitable Kconfig"
+ 	echo >&2 "file and add a 'config' or 'menuconfig' option."
+ 	# Don't delete the temporary files in case they are useful
+-	exit 1
+ else
+ 	rm ${suspects} ${ok} ${new_adhoc}
+ fi

package/boot/uboot-bcm4908/patches/101-tools-fix-mkimage-static-compilation.patch

@@ -0,0 +1,24 @@
+From 8efe417aa9de654425cc01d0fc93be355a3f648d Mon Sep 17 00:00:00 2001
+From: =?UTF-8?q?Rafa=C5=82=20Mi=C5=82ecki?= <rafal@milecki.pl>
+Date: Wed, 13 Oct 2021 11:04:45 +0200
+Subject: [PATCH] tools: fix mkimage static compilation
+MIME-Version: 1.0
+Content-Type: text/plain; charset=UTF-8
+Content-Transfer-Encoding: 8bit
+
+Signed-off-by: Rafał Miłecki <rafal@milecki.pl>
+---
+ tools/Makefile | 2 +-
+ 1 file changed, 1 insertion(+), 1 deletion(-)
+
+--- a/tools/Makefile
++++ b/tools/Makefile
+@@ -157,7 +157,7 @@ ifneq ($(CONFIG_MX23)$(CONFIG_MX28)$(CON
+ HOSTCFLAGS_kwbimage.o += \
+ 	$(shell pkg-config --cflags libssl libcrypto 2> /dev/null || echo "")
+ HOSTLOADLIBES_mkimage += \
+-	$(shell pkg-config --libs libssl libcrypto 2> /dev/null || echo "-lssl -lcrypto")
++	$(shell pkg-config --libs --static libssl libcrypto 2> /dev/null || echo "-lssl -lcrypto -lpthread")
+ 
+ # OS X deprecate openssl in favour of CommonCrypto, supress deprecation
+ # warnings on those systems

package/boot/uboot-bcm4908/patches/200-configs-bcm94908-unset-CONFIG_SPL.patch

@@ -0,0 +1,38 @@
+From: =?UTF-8?q?Rafa=C5=82=20Mi=C5=82ecki?= <rafal@milecki.pl>
+Date: Fri, 4 Mar 2022 09:21:32 +0100
+Subject: [PATCH] configs: bcm94908: unset CONFIG_SPL
+MIME-Version: 1.0
+Content-Type: text/plain; charset=UTF-8
+Content-Transfer-Encoding: 8bit
+
+Compiling SPL is always tricky as it needs to fit limited resources.
+Fortunately in most cases there is no need to replace SPL or TPL while
+flashing a new firmware.
+
+Compiling SPL for BCM4908 seems to fail with non-Broadcom toolchain:
+aarch64-openwrt-linux-musl-ld.bfd: u-boot-spl section `.u_boot_list' will not fit in region `.sram'
+aarch64-openwrt-linux-musl-ld.bfd: section .bss VMA [00000000822b9000,00000000822b93ef] overlaps section .u_boot_list VMA [00000000822b8f60,00000000822b9a87]
+aarch64-openwrt-linux-musl-ld.bfd: region `.sram' overflowed by 2696 bytes
+
+It also requires hashtable.h which has to be generated using some
+Broadcom's custom perl script that isn't integrated as this point.
+
+For now just disable SPL and use only last-stage U-Boot that must be
+shipped with every firmware.
+
+Signed-off-by: Rafał Miłecki <rafal@milecki.pl>
+---
+ configs/bcm94908_defconfig | 2 +-
+ 1 file changed, 1 insertion(+), 1 deletion(-)
+
+--- a/configs/bcm94908_defconfig
++++ b/configs/bcm94908_defconfig
+@@ -21,7 +21,7 @@ CONFIG_SPL_SERIAL_SUPPORT=y
+ CONFIG_TPL_LIBCOMMON_SUPPORT=y
+ CONFIG_TPL_LIBGENERIC_SUPPORT=y
+ CONFIG_NR_DRAM_BANKS=1
+-CONFIG_SPL=y
++# CONFIG_SPL is not set
+ CONFIG_SPL_LIBDISK_SUPPORT=y
+ CONFIG_ENV_VARS_UBOOT_CONFIG=y
+ CONFIG_TPL_SYS_MALLOC_F_LEN=0x11000

package/boot/uboot-bcm4908/patches/201-Assume-TPL-support-for-ATF-when-compiling-U-Boot-wit.patch

@@ -0,0 +1,55 @@
+From: =?UTF-8?q?Rafa=C5=82=20Mi=C5=82ecki?= <rafal@milecki.pl>
+Date: Fri, 4 Mar 2022 09:23:34 +0100
+Subject: [PATCH] Assume TPL support for ATF when compiling U-Boot without TPL
+MIME-Version: 1.0
+Content-Type: text/plain; charset=UTF-8
+Content-Transfer-Encoding: 8bit
+
+Broadcom's U-Boot behaviour depends on compilation time check whether
+TPL was compiled with or without ATF support. There is no proper runtime
+check.
+
+When compiling just U-Boot (without SPL & TPL) there is no way to tell
+if it's going to work with TPL with or without ATF support.
+
+Modify code to blindly assume ATF support in TPL in such cases. It seems
+to be always true for Broadcom and we need some assumption as we don't
+deal with compiling SPL or TPL.
+
+Signed-off-by: Rafał Miłecki <rafal@milecki.pl>
+---
+ arch/arm/mach-bcmbca/bcm4908/cpu.c | 2 +-
+ board/broadcom/bcmbca/board.c      | 4 ++--
+ 2 files changed, 3 insertions(+), 3 deletions(-)
+
+--- a/arch/arm/mach-bcmbca/bcm4908/cpu.c
++++ b/arch/arm/mach-bcmbca/bcm4908/cpu.c
+@@ -138,7 +138,7 @@ int get_nr_cpus()
+ 	return nr_cpus;
+ }
+ 
+-#if !defined(CONFIG_TPL_ATF)
++#if defined(CONFIG_TPL) && !defined(CONFIG_TPL_ATF)
+ void boot_secondary_cpu(unsigned long vector)
+ {
+ 	uint32_t cpu, nr_cpus = QUAD_CPUS;
+--- a/board/broadcom/bcmbca/board.c
++++ b/board/broadcom/bcmbca/board.c
+@@ -103,7 +103,7 @@ void board_spinor_init(void)
+ 
+ int board_init(void)
+ {
+-#if !defined(CONFIG_TPL_ATF)
++#if defined(CONFIG_TPL) && !defined(CONFIG_TPL_ATF)
+ 	unsigned long vector;
+ #endif
+ 	board_sdk_init_e();
+@@ -121,7 +121,7 @@ int board_init(void)
+ 	printf("$Uboot: "BUILD_TAG" $\n");
+ #endif
+ 
+-#if !defined(CONFIG_TPL_ATF)
++#if defined(CONFIG_TPL) && !defined(CONFIG_TPL_ATF)
+ #if defined(CONFIG_ARM64)
+ 	vector  = (unsigned long)&_start;
+ #else

package/boot/uboot-envtools/files/ath79

@@ -61,6 +61,8 @@ samsung,wam250|\
 ubnt,nanostation-m|\
 yuncore,a770|\
 yuncore,a782|\
+yuncore,a930|\
+yuncore,xd3200|\
 yuncore,xd4200|\
 zyxel,nbg6616)
 	ubootenv_add_uci_config "/dev/mtd1" "0x0" "0x10000" "0x10000"

package/boot/uboot-envtools/files/mvebu

@@ -18,7 +18,10 @@ buffalo,ls421de)
 	ubootenv_add_uci_config "/dev/mtd3" "0x0" "0x10000"
 	;;
 cznic,turris-omnia)
-	if grep -q 'U-Boot 2015.10-rc2' /dev/mtd0; then
+	idx="$(find_mtd_index u-boot-env)"
+	if [ -n "$idx" ]; then
+		ubootenv_add_uci_config "/dev/mtd${idx}" "0x0" "0x10000" "0x10000"
+	elif grep -q 'U-Boot 2015.10-rc2' /dev/mtd0; then
 		ubootenv_add_uci_config "/dev/mtd0" "0xc0000" "0x10000" "0x40000"
 	else
 		ubootenv_add_uci_config "/dev/mtd0" "0xf0000" "0x10000" "0x10000"

package/boot/uboot-lantiq/patches/0030-lzma-force-8bit-reads.patch

@@ -0,0 +1,57 @@
+From a40a6e16ed76e5e26a0f60226b64c311d4a62c9f Mon Sep 17 00:00:00 2001
+From: Mathias Kresin <dev@kresin.me>
+Date: Sun, 31 Oct 2021 23:04:54 +0100
+Subject: [PATCH] lzma: force 8bit reads
+
+At least since gcc 7.3.0 (OpenWrt 18.06) lwr/lwl are used in the
+assembly of LzmaProps_Decode. While the decission made by the compiler
+looks perfect fine, it triggers some obscure hang on lantiq danube-s
+v1.5 with MX29LV640EB NOR flash chips.
+
+Only if the offset 1 is used, the hang can be observed. Using any other
+offset works fine:
+
+  lwl s0,0(a1) - s0 == 0x6d000080
+  lwl s0,1(a1) - hangs
+  lwl s0,2(a1) - s0 == 0x0080xxxx
+  lwl s0,3(a1) - s0 == 0x80xxxxxx
+
+It isn't clear whether it is a limitation of the flash chip, the EBU or
+something else.
+
+Force 8bit reads to prevent gcc optimizing the read with lwr/lwl
+instructions.
+
+Signed-off-by: Mathias Kresin <dev@kresin.me>
+---
+ lib/lzma/LzmaDec.c | 3 ++-
+ 1 file changed, 2 insertions(+), 1 deletion(-)
+
+--- a/lib/lzma/LzmaDec.c
++++ b/lib/lzma/LzmaDec.c
+@@ -7,6 +7,7 @@
+ #include "LzmaDec.h"
+ 
+ #include <linux/string.h>
++#include <asm/io.h>
+ 
+ #define kNumTopBits 24
+ #define kTopValue ((UInt32)1 << kNumTopBits)
+@@ -703,7 +704,7 @@ static ELzmaDummy LzmaDec_TryDummy(const
+ 
+ static void LzmaDec_InitRc(CLzmaDec *p, const Byte *data)
+ {
+-  p->code = ((UInt32)data[1] << 24) | ((UInt32)data[2] << 16) | ((UInt32)data[3] << 8) | ((UInt32)data[4]);
++  p->code = ((UInt32)readb(&data[1]) << 24) | ((UInt32)readb(&data[2]) << 16) | ((UInt32)readb(&data[3]) << 8) | ((UInt32)readb(&data[4]));
+   p->range = 0xFFFFFFFF;
+   p->needFlush = 0;
+ }
+@@ -929,7 +930,7 @@ SRes LzmaProps_Decode(CLzmaProps *p, con
+   if (size < LZMA_PROPS_SIZE)
+     return SZ_ERROR_UNSUPPORTED;
+   else
+-    dicSize = data[1] | ((UInt32)data[2] << 8) | ((UInt32)data[3] << 16) | ((UInt32)data[4] << 24);
++    dicSize = readb(&data[1]) | ((UInt32)readb(&data[2]) << 8) | ((UInt32)readb(&data[3]) << 16) | ((UInt32)readb(&data[4]) << 24);
+ 
+   if (dicSize < LZMA_DIC_MIN)
+     dicSize = LZMA_DIC_MIN;

package/boot/uboot-lantiq/patches/101-fix-crypt-header-clash.patch

@@ -0,0 +1,172 @@
+Fix header clash with system /usr/include/sha1.h and sha256.h when libmd
+is installed.
+
+Backport of u-boot commit "includes: move openssl headers to include/u-boot"
+https://github.com/u-boot/u-boot/commit/2b9912e6a7df7b1f60beb7942bd0e6fa5f9d0167
+
+--- a/board/gdsys/p1022/controlcenterd-id.c
++++ b/board/gdsys/p1022/controlcenterd-id.c
+@@ -30,7 +30,7 @@
+ #include <i2c.h>
+ #include <mmc.h>
+ #include <tpm.h>
+-#include <sha1.h>
++#include <u-boot/sha1.h>
+ #include <asm/byteorder.h>
+ #include <asm/unaligned.h>
+ #include <pca9698.h>
+--- a/board/pcs440ep/pcs440ep.c
++++ b/board/pcs440ep/pcs440ep.c
+@@ -13,7 +13,7 @@
+ #include <asm/processor.h>
+ #include <spd_sdram.h>
+ #include <status_led.h>
+-#include <sha1.h>
++#include <u-boot/sha1.h>
+ #include <asm/io.h>
+ #include <net.h>
+ #include <ata.h>
+--- a/common/cmd_sha1sum.c
++++ b/common/cmd_sha1sum.c
+@@ -11,7 +11,7 @@
+ #include <common.h>
+ #include <command.h>
+ #include <hash.h>
+-#include <sha1.h>
++#include <u-boot/sha1.h>
+ 
+ int do_sha1sum(cmd_tbl_t *cmdtp, int flag, int argc, char * const argv[])
+ {
+--- a/common/hash.c
++++ b/common/hash.c
+@@ -14,8 +14,8 @@
+ #include <command.h>
+ #include <hw_sha.h>
+ #include <hash.h>
+-#include <sha1.h>
+-#include <sha256.h>
++#include <u-boot/sha1.h>
++#include <u-boot/sha256.h>
+ #include <asm/io.h>
+ #include <asm/errno.h>
+ 
+--- a/common/image-fit.c
++++ b/common/image-fit.c
+@@ -21,7 +21,7 @@ DECLARE_GLOBAL_DATA_PTR;
+ #endif /* !USE_HOSTCC*/
+ 
+ #include <bootstage.h>
+-#include <sha1.h>
++#include <u-boot/sha1.h>
+ #include <u-boot/crc.h>
+ #include <u-boot/md5.h>
+ 
+--- a/common/image.c
++++ b/common/image.c
+@@ -34,7 +34,7 @@
+ #endif
+ 
+ #include <u-boot/md5.h>
+-#include <sha1.h>
++#include <u-boot/sha1.h>
+ #include <asm/errno.h>
+ #include <asm/io.h>
+ 
+--- a/drivers/crypto/ace_sha.c
++++ b/drivers/crypto/ace_sha.c
+@@ -5,8 +5,8 @@
+  * SPDX-License-Identifier:	GPL-2.0+
+  */
+ #include <common.h>
+-#include <sha256.h>
+-#include <sha1.h>
++#include <u-boot/sha256.h>
++#include <u-boot/sha1.h>
+ #include <asm/errno.h>
+ #include "ace_sha.h"
+ 
+--- /dev/null
++++ b/include/u-boot/sha1.h
+@@ -0,0 +1 @@
++#include "../sha1.h"
+--- /dev/null
++++ b/include/u-boot/sha256.h
+@@ -0,0 +1 @@
++#include "../sha256.h"
+--- a/lib/rsa/rsa-verify.c
++++ b/lib/rsa/rsa-verify.c
+@@ -7,7 +7,7 @@
+ #include <common.h>
+ #include <fdtdec.h>
+ #include <rsa.h>
+-#include <sha1.h>
++#include <u-boot/sha1.h>
+ #include <asm/byteorder.h>
+ #include <asm/errno.h>
+ #include <asm/unaligned.h>
+--- a/lib/sha1.c
++++ b/lib/sha1.c
+@@ -36,7 +36,7 @@
+ #include <string.h>
+ #endif /* USE_HOSTCC */
+ #include <watchdog.h>
+-#include "sha1.h"
++#include <u-boot/sha1.h>
+ 
+ /*
+  * 32-bit integer manipulation macros (big endian)
+--- a/lib/sha256.c
++++ b/lib/sha256.c
+@@ -11,7 +11,7 @@
+ #endif /* USE_HOSTCC */
+ #include <watchdog.h>
+ #include <linux/string.h>
+-#include <sha256.h>
++#include <u-boot/sha256.h>
+ 
+ /*
+  * 32-bit integer manipulation macros (big endian)
+--- a/lib/tpm.c
++++ b/lib/tpm.c
+@@ -7,7 +7,7 @@
+ 
+ #include <common.h>
+ #include <stdarg.h>
+-#include <sha1.h>
++#include <u-boot/sha1.h>
+ #include <tpm.h>
+ #include <asm/unaligned.h>
+ 
+--- a/tools/imls/imls.c
++++ b/tools/imls/imls.c
+@@ -24,7 +24,7 @@
+ #include <mtd/mtd-user.h>
+ #endif
+ 
+-#include <sha1.h>
++#include <u-boot/sha1.h>
+ #include <libfdt.h>
+ #include <fdt_support.h>
+ #include <image.h>
+--- a/tools/mkimage.h
++++ b/tools/mkimage.h
+@@ -18,7 +18,7 @@
+ #include <sys/stat.h>
+ #include <time.h>
+ #include <unistd.h>
+-#include <sha1.h>
++#include <u-boot/sha1.h>
+ #include "fdt_host.h"
+ 
+ #undef MKIMAGE_DEBUG
+--- a/tools/ubsha1.c
++++ b/tools/ubsha1.c
+@@ -13,7 +13,7 @@
+ #include <errno.h>
+ #include <string.h>
+ #include <sys/stat.h>
+-#include "sha1.h"
++#include <u-boot/sha1.h>
+ 
+ int main (int argc, char **argv)
+ {

package/firmware/amd64-microcode/Makefile

@@ -1,47 +0,0 @@
-#
-# Copyright (C) 2018 OpenWrt.org
-#
-# This is free software, licensed under the GNU General Public License v2.
-# See /LICENSE for more information.
-#
-
-include $(TOPDIR)/rules.mk
-
-PKG_NAME:=amd64-microcode
-PKG_VERSION:=20191218
-PKG_RELEASE:=1
-
-PKG_SOURCE:=amd64-microcode_3.$(PKG_VERSION).$(PKG_RELEASE).tar.xz
-PKG_SOURCE_URL:=http://ftp.debian.org/debian/pool/non-free/a/amd64-microcode/
-PKG_HASH:=f469b79348097c5f04641b67a39d0ee5a2a1916c9556281626c04f2275d4132d
-PKG_BUILD_DIR:=$(BUILD_DIR)/$(PKG_NAME)-3.$(PKG_VERSION).$(PKG_RELEASE)
-
-PKG_LICENSE_FILE:=LICENSE.amd-ucode
-
-PKG_FLAGS:=nonshared
-
-include $(INCLUDE_DIR)/package.mk
-
-define Package/amd64-microcode
-  SECTION:=firmware
-  CATEGORY:=Firmware
-  URL:=$(PKG_SOURCE_URL)
-  DEPENDS:=@TARGET_x86
-  TITLE:=AMD64 CPU microcode
-endef
-
-define Build/Prepare
-	rm -rf $(PKG_BUILD_DIR)
-	mkdir -p $(PKG_BUILD_DIR)
-	$(TAR) -C $(BUILD_DIR) -xJf $(DL_DIR)/$(PKG_SOURCE)
-endef
-
-define Build/Compile
-endef
-
-define Package/amd64-microcode/install
-	$(INSTALL_DIR) $(1)/lib/firmware/amd-ucode
-	$(INSTALL_DATA) $(PKG_BUILD_DIR)/*.bin $(1)/lib/firmware/amd-ucode
-endef
-
-$(eval $(call BuildPackage,amd64-microcode))

package/firmware/cypress-firmware/Makefile

@@ -7,25 +7,24 @@
 
 include $(TOPDIR)/rules.mk
 
-UNPACK_CMD=unzip -q -p $(DL_DIR)/$(PKG_SOURCE) $(PKG_SOURCE_UNZIP) | gzip -dc | $(HOST_TAR) -C $(1) $(TAR_OPTIONS)
-
 PKG_NAME:=cypress-firmware
-PKG_VERSION:=v5.4.18-2020_0402
-PKG_RELEASE:=3
+PKG_VERSION:=5.4.18-2021_0812
+PKG_RELEASE:=1
 
-PKG_SOURCE_UNZIP:=cypress-firmware-$(PKG_VERSION).tar.gz
-PKG_SOURCE:=cypress-fmac-$(PKG_VERSION).zip
-PKG_SOURCE_URL:=https://community.cypress.com/gfawx74859/attachments/gfawx74859/resourcelibrary/1016/1/
-PKG_HASH:=b12b0570f462c2f3c26dde98b10235a845a7109037def1e7e51af728bcc1a958
+PKG_SOURCE_PROTO:=git
+PKG_SOURCE_URL:=https://github.com/Infineon/ifx-linux-firmware/
+PKG_MIRROR_HASH:=ac882b482dd401b53cdecc6004cd2bd3d65e888c19206dcf10931a28033ada4d
+PKG_SOURCE_VERSION:=release-v$(PKG_VERSION)
 
 PKG_MAINTAINER:=Álvaro Fernández Rojas <noltari@gmail.com>
+PKG_LICENSE_FILES:=LICENCE
 
 include $(INCLUDE_DIR)/package.mk
 
 define Package/cypress-firmware-default
   SECTION:=firmware
   CATEGORY:=Firmware
-  URL:=https://community.cypress.com/community/linux
+  URL:=https://community.infineon.com/
 endef
 
 define Build/Compile
@@ -41,10 +40,10 @@ endef
 define Package/cypress-firmware-43012-sdio/install
 	$(INSTALL_DIR) $(1)/lib/firmware/brcm
 	$(INSTALL_DATA) \
-		$(PKG_BUILD_DIR)/firmware/brcmfmac43012-sdio.bin \
+		$(PKG_BUILD_DIR)/firmware/cyfmac43012-sdio.bin \
 		$(1)/lib/firmware/brcm/brcmfmac43012-sdio.bin
 	$(INSTALL_DATA) \
-		$(PKG_BUILD_DIR)/firmware/brcmfmac43012-sdio.clm_blob \
+		$(PKG_BUILD_DIR)/firmware/cyfmac43012-sdio.clm_blob \
 		$(1)/lib/firmware/brcm/brcmfmac43012-sdio.clm_blob
 endef
 
@@ -59,7 +58,7 @@ endef
 define Package/cypress-firmware-43340-sdio/install
 	$(INSTALL_DIR) $(1)/lib/firmware/brcm
 	$(INSTALL_DATA) \
-		$(PKG_BUILD_DIR)/firmware/brcmfmac43340-sdio.bin \
+		$(PKG_BUILD_DIR)/firmware/cyfmac43340-sdio.bin \
 		$(1)/lib/firmware/brcm/brcmfmac43340-sdio.bin
 endef
 
@@ -76,7 +75,7 @@ endef
 define Package/cypress-firmware-43362-sdio/install
 	$(INSTALL_DIR) $(1)/lib/firmware/brcm
 	$(INSTALL_DATA) \
-		$(PKG_BUILD_DIR)/firmware/brcmfmac43362-sdio.bin \
+		$(PKG_BUILD_DIR)/firmware/cyfmac43362-sdio.bin \
 		$(1)/lib/firmware/brcm/brcmfmac43362-sdio.bin
 endef
 
@@ -91,7 +90,7 @@ endef
 define Package/cypress-firmware-4339-sdio/install
 	$(INSTALL_DIR) $(1)/lib/firmware/brcm
 	$(INSTALL_DATA) \
-		$(PKG_BUILD_DIR)/firmware/brcmfmac4339-sdio.bin \
+		$(PKG_BUILD_DIR)/firmware/cyfmac4339-sdio.bin \
 		$(1)/lib/firmware/brcm/brcmfmac4339-sdio.bin
 endef
 
@@ -108,10 +107,10 @@ endef
 define Package/cypress-firmware-43430-sdio/install
 	$(INSTALL_DIR) $(1)/lib/firmware/brcm
 	$(INSTALL_DATA) \
-		$(PKG_BUILD_DIR)/firmware/brcmfmac43430-sdio.bin \
+		$(PKG_BUILD_DIR)/firmware/cyfmac43430-sdio.bin \
 		$(1)/lib/firmware/brcm/brcmfmac43430-sdio.bin
 	$(INSTALL_DATA) \
-		$(PKG_BUILD_DIR)/firmware/brcmfmac43430-sdio.clm_blob \
+		$(PKG_BUILD_DIR)/firmware/cyfmac43430-sdio.clm_blob \
 		$(1)/lib/firmware/brcm/brcmfmac43430-sdio.clm_blob
 endef
 
@@ -128,10 +127,10 @@ endef
 define Package/cypress-firmware-43455-sdio/install
 	$(INSTALL_DIR) $(1)/lib/firmware/brcm
 	$(INSTALL_DATA) \
-		$(PKG_BUILD_DIR)/firmware/brcmfmac43455-sdio.bin \
+		$(PKG_BUILD_DIR)/firmware/cyfmac43455-sdio.bin \
 		$(1)/lib/firmware/brcm/brcmfmac43455-sdio.bin
 	$(INSTALL_DATA) \
-		$(PKG_BUILD_DIR)/firmware/brcmfmac43455-sdio.clm_blob \
+		$(PKG_BUILD_DIR)/firmware/cyfmac43455-sdio.clm_blob \
 		$(1)/lib/firmware/brcm/brcmfmac43455-sdio.clm_blob
 endef
 
@@ -146,10 +145,10 @@ endef
 define Package/cypress-firmware-4354-sdio/install
 	$(INSTALL_DIR) $(1)/lib/firmware/brcm
 	$(INSTALL_DATA) \
-		$(PKG_BUILD_DIR)/firmware/brcmfmac4354-sdio.bin \
+		$(PKG_BUILD_DIR)/firmware/cyfmac4354-sdio.bin \
 		$(1)/lib/firmware/brcm/brcmfmac4354-sdio.bin
 	$(INSTALL_DATA) \
-		$(PKG_BUILD_DIR)/firmware/brcmfmac4354-sdio.clm_blob \
+		$(PKG_BUILD_DIR)/firmware/cyfmac4354-sdio.clm_blob \
 		$(1)/lib/firmware/brcm/brcmfmac4354-sdio.clm_blob
 endef
 
@@ -164,10 +163,10 @@ endef
 define Package/cypress-firmware-4356-pcie/install
 	$(INSTALL_DIR) $(1)/lib/firmware/brcm
 	$(INSTALL_DATA) \
-		$(PKG_BUILD_DIR)/firmware/brcmfmac4356-pcie.bin \
+		$(PKG_BUILD_DIR)/firmware/cyfmac4356-pcie.bin \
 		$(1)/lib/firmware/brcm/brcmfmac4356-pcie.bin
 	$(INSTALL_DATA) \
-		$(PKG_BUILD_DIR)/firmware/brcmfmac4356-pcie.clm_blob \
+		$(PKG_BUILD_DIR)/firmware/cyfmac4356-pcie.clm_blob \
 		$(1)/lib/firmware/brcm/brcmfmac4356-pcie.clm_blob
 endef
 
@@ -182,10 +181,10 @@ endef
 define Package/cypress-firmware-4356-sdio/install
 	$(INSTALL_DIR) $(1)/lib/firmware/brcm
 	$(INSTALL_DATA) \
-		$(PKG_BUILD_DIR)/firmware/brcmfmac4356-sdio.bin \
+		$(PKG_BUILD_DIR)/firmware/cyfmac4356-sdio.bin \
 		$(1)/lib/firmware/brcm/brcmfmac4356-sdio.bin
 	$(INSTALL_DATA) \
-		$(PKG_BUILD_DIR)/firmware/brcmfmac4356-sdio.clm_blob \
+		$(PKG_BUILD_DIR)/firmware/cyfmac4356-sdio.clm_blob \
 		$(1)/lib/firmware/brcm/brcmfmac4356-sdio.clm_blob
 endef
 
@@ -200,51 +199,15 @@ endef
 define Package/cypress-firmware-43570-pcie/install
 	$(INSTALL_DIR) $(1)/lib/firmware/brcm
 	$(INSTALL_DATA) \
-		$(PKG_BUILD_DIR)/firmware/brcmfmac43570-pcie.bin \
+		$(PKG_BUILD_DIR)/firmware/cyfmac43570-pcie.bin \
 		$(1)/lib/firmware/brcm/brcmfmac43570-pcie.bin
 	$(INSTALL_DATA) \
-		$(PKG_BUILD_DIR)/firmware/brcmfmac43570-pcie.clm_blob \
+		$(PKG_BUILD_DIR)/firmware/cyfmac43570-pcie.clm_blob \
 		$(1)/lib/firmware/brcm/brcmfmac43570-pcie.clm_blob
 endef
 
 $(eval $(call BuildPackage,cypress-firmware-43570-pcie))
 
-# Cypress 4359 PCIe Firmware
-define Package/cypress-firmware-4359-pcie
-  $(Package/cypress-firmware-default)
-  TITLE:=CYW4359 FullMac PCIe firmware
-endef
-
-define Package/cypress-firmware-4359-pcie/install
-	$(INSTALL_DIR) $(1)/lib/firmware/brcm
-	$(INSTALL_DATA) \
-		$(PKG_BUILD_DIR)/firmware/brcmfmac4359-pcie.bin \
-		$(1)/lib/firmware/brcm/brcmfmac4359-pcie.bin
-	$(INSTALL_DATA) \
-		$(PKG_BUILD_DIR)/firmware/brcmfmac4359-pcie.clm_blob \
-		$(1)/lib/firmware/brcm/brcmfmac4359-pcie.clm_blob
-endef
-
-$(eval $(call BuildPackage,cypress-firmware-4359-pcie))
-
-# Cypress 4359 SDIO Firmware
-define Package/cypress-firmware-4359-sdio
-  $(Package/cypress-firmware-default)
-  TITLE:=CYW4359 FullMac SDIO firmware
-endef
-
-define Package/cypress-firmware-4359-sdio/install
-	$(INSTALL_DIR) $(1)/lib/firmware/brcm
-	$(INSTALL_DATA) \
-		$(PKG_BUILD_DIR)/firmware/brcmfmac4359-sdio.bin \
-		$(1)/lib/firmware/brcm/brcmfmac4359-sdio.bin
-	$(INSTALL_DATA) \
-		$(PKG_BUILD_DIR)/firmware/brcmfmac4359-sdio.clm_blob \
-		$(1)/lib/firmware/brcm/brcmfmac4359-sdio.clm_blob
-endef
-
-$(eval $(call BuildPackage,cypress-firmware-4359-sdio))
-
 # Cypress 4373 SDIO Firmware
 define Package/cypress-firmware-4373-sdio
   $(Package/cypress-firmware-default)
@@ -254,10 +217,10 @@ endef
 define Package/cypress-firmware-4373-sdio/install
 	$(INSTALL_DIR) $(1)/lib/firmware/brcm
 	$(INSTALL_DATA) \
-		$(PKG_BUILD_DIR)/firmware/brcmfmac4373-sdio.bin \
+		$(PKG_BUILD_DIR)/firmware/cyfmac4373-sdio.bin \
 		$(1)/lib/firmware/brcm/brcmfmac4373-sdio.bin
 	$(INSTALL_DATA) \
-		$(PKG_BUILD_DIR)/firmware/brcmfmac4373-sdio.clm_blob \
+		$(PKG_BUILD_DIR)/firmware/cyfmac4373-sdio.clm_blob \
 		$(1)/lib/firmware/brcm/brcmfmac4373-sdio.clm_blob
 endef
 
@@ -272,10 +235,10 @@ endef
 define Package/cypress-firmware-4373-usb/install
 	$(INSTALL_DIR) $(1)/lib/firmware/brcm
 	$(INSTALL_DATA) \
-		$(PKG_BUILD_DIR)/firmware/brcmfmac4373-usb.bin \
+		$(PKG_BUILD_DIR)/firmware/cyfmac4373-usb.bin \
 		$(1)/lib/firmware/brcm/brcmfmac4373-usb.bin
 	$(INSTALL_DATA) \
-		$(PKG_BUILD_DIR)/firmware/brcmfmac4373.clm_blob \
+		$(PKG_BUILD_DIR)/firmware/cyfmac4373.clm_blob \
 		$(1)/lib/firmware/brcm/brcmfmac4373.clm_blob
 endef
 
@@ -290,29 +253,11 @@ endef
 define Package/cypress-firmware-54591-pcie/install
 	$(INSTALL_DIR) $(1)/lib/firmware/brcm
 	$(INSTALL_DATA) \
-		$(PKG_BUILD_DIR)/firmware/brcmfmac54591-pcie.bin \
+		$(PKG_BUILD_DIR)/firmware/cyfmac54591-pcie.bin \
 		$(1)/lib/firmware/brcm/brcmfmac54591-pcie.bin
 	$(INSTALL_DATA) \
-		$(PKG_BUILD_DIR)/firmware/brcmfmac54591-pcie.clm_blob \
+		$(PKG_BUILD_DIR)/firmware/cyfmac54591-pcie.clm_blob \
 		$(1)/lib/firmware/brcm/brcmfmac54591-pcie.clm_blob
 endef
 
 $(eval $(call BuildPackage,cypress-firmware-54591-pcie))
-
-# Cypress 89459 PCIe Firmware
-define Package/cypress-firmware-89459-pcie
-  $(Package/cypress-firmware-default)
-  TITLE:=CYW89459 FullMac PCIe firmware
-endef
-
-define Package/cypress-firmware-89459-pcie/install
-	$(INSTALL_DIR) $(1)/lib/firmware/brcm
-	$(INSTALL_DATA) \
-		$(PKG_BUILD_DIR)/firmware/brcmfmac89459-pcie.bin \
-		$(1)/lib/firmware/brcm/brcmfmac89459-pcie.bin
-	$(INSTALL_DATA) \
-		$(PKG_BUILD_DIR)/firmware/brcmfmac89459-pcie.clm_blob \
-		$(1)/lib/firmware/brcm/brcmfmac89459-pcie.clm_blob
-endef
-
-$(eval $(call BuildPackage,cypress-firmware-89459-pcie))

package/firmware/cypress-nvram/Makefile

@@ -100,6 +100,9 @@ define Package/cypress-nvram-43455-sdio-rpi-4b/install
 	$(INSTALL_DATA) \
 		$(PKG_BUILD_DIR)/brcmfmac43455-sdio.raspberrypi,4-model-b.txt \
 		$(1)/lib/firmware/brcm/brcmfmac43455-sdio.raspberrypi,4-model-b.txt
+	$(INSTALL_DATA) \
+		$(PKG_BUILD_DIR)/brcmfmac43455-sdio.raspberrypi,4-model-b.txt \
+		$(1)/lib/firmware/brcm/brcmfmac43455-sdio.raspberrypi,4-compute-module.txt
 endef
 
 $(eval $(call BuildPackage,cypress-nvram-43455-sdio-rpi-4b))

package/firmware/intel-microcode/Makefile

@@ -8,13 +8,13 @@
 include $(TOPDIR)/rules.mk
 
 PKG_NAME:=intel-microcode
-PKG_VERSION:=20200616
+PKG_VERSION:=20210608
 PKG_RELEASE:=1
 
-PKG_SOURCE:=intel-microcode_3.$(PKG_VERSION).$(PKG_RELEASE).tar.xz
+PKG_SOURCE:=intel-microcode_3.$(PKG_VERSION).2.tar.xz
 PKG_SOURCE_URL:=http://ftp.debian.org/debian/pool/non-free/i/intel-microcode/
-PKG_HASH:=bcc3b81c452fe4649a948c022475d76c1cdfbb730f36749a082f412f1406a3b9
-PKG_BUILD_DIR:=$(BUILD_DIR)/$(PKG_NAME)-3.$(PKG_VERSION).$(PKG_RELEASE)
+PKG_HASH:=fbf82688ffd0d87b352a35c57bd097ea014f0ad32c9c8f9629725c1b43d1c84d
+PKG_BUILD_DIR:=$(BUILD_DIR)/intel-microcode-3.$(PKG_VERSION).2
 
 PKG_BUILD_DEPENDS:=iucode-tool/host
 

package/firmware/linux-firmware/Makefile

@@ -8,12 +8,12 @@
 include $(TOPDIR)/rules.mk
 
 PKG_NAME:=linux-firmware
-PKG_VERSION:=20201118
-PKG_RELEASE:=3
+PKG_VERSION:=20211216
+PKG_RELEASE:=1
 
 PKG_SOURCE_URL:=@KERNEL/linux/kernel/firmware
 PKG_SOURCE:=$(PKG_NAME)-$(PKG_VERSION).tar.xz
-PKG_HASH:=863d5a31da725b856a917280d1e3014929b3bc3d4e6e5faecf530c13afb7e2b9
+PKG_HASH:=eeddb4e6bef31fd1a3757f12ccc324929bbad97855c0b9ec5ed780f74de1837d
 
 PKG_MAINTAINER:=Felix Fietkau <nbd@nbd.name>
 

package/firmware/linux-firmware/amd.mk

@@ -0,0 +1,29 @@
+Package/amd64-microcode = $(call Package/firmware-default,AMD64 CPU microcode,@TARGET_x86)
+define Package/amd64-microcode/install
+	$(INSTALL_DIR) $(1)/lib/firmware/amd-ucode
+	$(CP) \
+		$(PKG_BUILD_DIR)/amd-ucode/*.bin \
+		$(1)/lib/firmware/amd-ucode
+endef
+
+$(eval $(call BuildPackage,amd64-microcode))
+
+Package/amdgpu-firmware = $(call Package/firmware-default,AMDGPU Video Driver firmware)
+define Package/amdgpu-firmware/install
+	$(INSTALL_DIR) $(1)/lib/firmware/amdgpu
+	$(CP) \
+		$(PKG_BUILD_DIR)/amdgpu/*.bin \
+		$(1)/lib/firmware/amdgpu
+endef
+
+$(eval $(call BuildPackage,amdgpu-firmware))
+
+Package/radeon-firmware = $(call Package/firmware-default,Radeon Video Driver firmware)
+define Package/radeon-firmware/install
+	$(INSTALL_DIR) $(1)/lib/firmware/radeon
+	$(CP) \
+		$(PKG_BUILD_DIR)/radeon/*.bin \
+		$(1)/lib/firmware/radeon
+endef
+
+$(eval $(call BuildPackage,radeon-firmware))

package/firmware/linux-firmware/amdgpu.mk

@@ -1,9 +0,0 @@
-Package/amdgpu-firmware = $(call Package/firmware-default,AMDGPU Video Driver firmware)
-define Package/amdgpu-firmware/install
-	$(INSTALL_DIR) $(1)/lib/firmware/amdgpu
-	$(CP) \
-		$(PKG_BUILD_DIR)/amdgpu/*.bin \
-		$(1)/lib/firmware/amdgpu
-endef
-
-$(eval $(call BuildPackage,amdgpu-firmware))

package/firmware/linux-firmware/broadcom.mk

@@ -34,24 +34,6 @@ define Package/brcmfmac-firmware-4329-sdio/install
 endef
 $(eval $(call BuildPackage,brcmfmac-firmware-4329-sdio))
 
-Package/brcmfmac-firmware-43362-sdio = $(call Package/firmware-default,Broadcom BCM43362 FullMac SDIO firmware)
-define Package/brcmfmac-firmware-43362-sdio/install
-	$(INSTALL_DIR) $(1)/lib/firmware/brcm
-	$(INSTALL_DATA) \
-		$(PKG_BUILD_DIR)/brcm/brcmfmac43362-sdio.bin \
-		$(1)/lib/firmware/brcm/brcmfmac43362-sdio.bin
-endef
-$(eval $(call BuildPackage,brcmfmac-firmware-43362-sdio))
-
-Package/brcmfmac-firmware-43430-sdio = $(call Package/firmware-default,Broadcom BCM43430 FullMac SDIO firmware)
-define Package/brcmfmac-firmware-43430-sdio/install
-	$(INSTALL_DIR) $(1)/lib/firmware/brcm
-	$(INSTALL_DATA) \
-		$(PKG_BUILD_DIR)/brcm/brcmfmac43430-sdio.bin \
-		$(1)/lib/firmware/brcm/brcmfmac43430-sdio.bin
-endef
-$(eval $(call BuildPackage,brcmfmac-firmware-43430-sdio))
-
 Package/brcmfmac-firmware-43430-sdio-rpi-3b = $(call Package/firmware-default,Broadcom BCM43430 NVRAM for Raspberry Pi 3B)
 define Package/brcmfmac-firmware-43430-sdio-rpi-3b/install
 	$(INSTALL_DIR) $(1)/lib/firmware/brcm
@@ -79,15 +61,6 @@ define Package/brcmfmac-firmware-43430a0-sdio/install
 endef
 $(eval $(call BuildPackage,brcmfmac-firmware-43430a0-sdio))
 
-Package/brcmfmac-firmware-43455-sdio = $(call Package/firmware-default,Broadcom BCM43455 FullMac SDIO firmware)
-define Package/brcmfmac-firmware-43455-sdio/install
-	$(INSTALL_DIR) $(1)/lib/firmware/brcm
-	$(INSTALL_DATA) \
-		$(PKG_BUILD_DIR)/brcm/brcmfmac43455-sdio.bin \
-		$(1)/lib/firmware/brcm/brcmfmac43455-sdio.bin
-endef
-$(eval $(call BuildPackage,brcmfmac-firmware-43455-sdio))
-
 Package/brcmfmac-firmware-43455-sdio-rpi-3b-plus = $(call Package/firmware-default,Broadcom BCM43455 NVRAM for Raspberry Pi 3B+)
 define Package/brcmfmac-firmware-43455-sdio-rpi-3b-plus/install
 	$(INSTALL_DIR) $(1)/lib/firmware/brcm

package/firmware/linux-firmware/qca_ath10k.mk

@@ -26,6 +26,23 @@ define Package/ath10k-firmware-qca4019/install
 endef
 $(eval $(call BuildPackage,ath10k-firmware-qca4019))
 
+Package/ath10k-board-qca9377 = $(call Package/firmware-default,ath10k qca9377 board firmware)
+define Package/ath10k-board-qca9377/install
+	$(INSTALL_DIR) $(1)/lib/firmware/ath10k/QCA9377/hw1.0
+	$(INSTALL_DATA) \
+		$(PKG_BUILD_DIR)/ath10k/QCA9377/hw1.0/board-2.bin \
+		$(1)/lib/firmware/ath10k/QCA9377/hw1.0/
+endef
+$(eval $(call BuildPackage,ath10k-board-qca9377))
+Package/ath10k-firmware-qca9377 = $(call Package/firmware-default,ath10k qca9377 firmware,+ath10k-board-qca9377)
+define Package/ath10k-firmware-qca9377/install
+	$(INSTALL_DIR) $(1)/lib/firmware/ath10k/QCA9377/hw1.0
+	$(INSTALL_DATA) \
+		$(PKG_BUILD_DIR)/ath10k/QCA9377/hw1.0/firmware-6.bin \
+		$(1)/lib/firmware/ath10k/QCA9377/hw1.0/firmware-6.bin
+endef
+$(eval $(call BuildPackage,ath10k-firmware-qca9377))
+
 Package/ath10k-board-qca9887 = $(call Package/firmware-default,ath10k qca9887 board firmware)
 define Package/ath10k-board-qca9887/install
 	$(INSTALL_DIR) $(1)/lib/firmware/ath10k/QCA9887/hw1.0

package/firmware/linux-firmware/radeon.mk

@@ -1,9 +0,0 @@
-Package/radeon-firmware = $(call Package/firmware-default,Radeon Video Driver firmware)
-define Package/radeon-firmware/install
-	$(INSTALL_DIR) $(1)/lib/firmware/radeon
-	$(CP) \
-		$(PKG_BUILD_DIR)/radeon/*.bin \
-		$(1)/lib/firmware/radeon
-endef
-
-$(eval $(call BuildPackage,radeon-firmware))

package/firmware/linux-firmware/realtek.mk

@@ -76,16 +76,10 @@ Package/rtl8723bu-firmware = $(call Package/firmware-default,RealTek RTL8723BU f
 define Package/rtl8723bu-firmware/install
 	$(INSTALL_DIR) $(1)/lib/firmware/rtlwifi
 	$(INSTALL_DATA) $(PKG_BUILD_DIR)/rtlwifi/rtl8723bu_nic.bin $(1)/lib/firmware/rtlwifi
+	ln -s rtl8723bu_nic.bin $(1)/lib/firmware/rtlwifi/rtl8723bs_nic.bin
 endef
 $(eval $(call BuildPackage,rtl8723bu-firmware))
 
-Package/rtl8723bs-firmware = $(call Package/firmware-default,RealTek RTL8723BS firmware)
-define Package/rtl8723bs-firmware/install
-	$(INSTALL_DIR) $(1)/lib/firmware/rtlwifi
-	$(INSTALL_DATA) $(PKG_BUILD_DIR)/rtlwifi/rtl8723bs*.bin $(1)/lib/firmware/rtlwifi
-endef
-$(eval $(call BuildPackage,rtl8723bs-firmware))
-
 Package/rtl8821ae-firmware = $(call Package/firmware-default,RealTek RTL8821AE firmware)
 define Package/rtl8821ae-firmware/install
 	$(INSTALL_DIR) $(1)/lib/firmware/rtlwifi

package/firmware/wireless-regdb/Makefile

@@ -1,12 +1,12 @@
 include $(TOPDIR)/rules.mk
 
 PKG_NAME:=wireless-regdb
-PKG_VERSION:=2021.04.21
+PKG_VERSION:=2021.08.28
 PKG_RELEASE:=1
 
 PKG_SOURCE:=$(PKG_NAME)-$(PKG_VERSION).tar.xz
 PKG_SOURCE_URL:=@KERNEL/software/network/wireless-regdb/
-PKG_HASH:=9e4c02b2a9710df4dbdb327c39612e8cbbae6495987afeddaebab28c1ea3d8fa
+PKG_HASH:=cff370c410d1e6d316ae0a7fa8ac6278fdf1efca5d3d664aca7cfd2aafa54446
 
 PKG_MAINTAINER:=Felix Fietkau <nbd@nbd.name>
 

package/kernel/ath10k-ct/Makefile

@@ -8,9 +8,9 @@ PKG_LICENSE_FILES:=
 
 PKG_SOURCE_URL:=https://github.com/greearb/ath10k-ct.git
 PKG_SOURCE_PROTO:=git
-PKG_SOURCE_DATE:=2021-06-03
-PKG_SOURCE_VERSION:=b44cd7b2e7b0df5995ece18f358d4dfc40834ba1
-PKG_MIRROR_HASH:=59f961ad425eb1a48fa9c391a325cc0f23845daec9d12673445d3077f9756cf0
+PKG_SOURCE_DATE:=2021-09-22
+PKG_SOURCE_VERSION:=e6a7d5b5b834737cd12e357b5efdc2e42d923bf6
+PKG_MIRROR_HASH:=62a1b97089d3561730656ef73beb3cd77231ec636645115cc1bbb3c6c84a6fe3
 
 # Build the 5.10 ath10k-ct driver version.
 # Probably this should match as closely as

package/kernel/ath10k-ct/patches/202-ath10k-use-tpt-trigger-by-default.patch

@@ -42,7 +42,7 @@ Signed-off-by: Mathias Kresin <dev@kresin.me>
  	if (ret)
 --- a/ath10k-5.10/mac.c
 +++ b/ath10k-5.10/mac.c
-@@ -11403,7 +11403,7 @@ int ath10k_mac_register(struct ath10k *a
+@@ -11405,7 +11405,7 @@ int ath10k_mac_register(struct ath10k *a
  	ar->hw->weight_multiplier = ATH10K_AIRTIME_WEIGHT_MULTIPLIER;
  
  #ifdef CPTCFG_MAC80211_LEDS

package/kernel/bcm63xx-cfe/Makefile

@@ -2,13 +2,13 @@ include $(TOPDIR)/rules.mk
 include $(INCLUDE_DIR)/kernel.mk
 
 PKG_NAME:=bcm63xx-cfe
-PKG_RELEASE:=2
+PKG_RELEASE:=1
 
 PKG_SOURCE_URL:=https://github.com/openwrt/bcm63xx-cfe.git
 PKG_SOURCE_PROTO:=git
-PKG_SOURCE_DATE:=2021-03-05
-PKG_SOURCE_VERSION:=d03501629fc8b1ba8f9b0961d543c256a3d0098f
-PKG_MIRROR_HASH:=b32a6f68d59c8f4534def7ec2568ad7da7a612a605b9406328309c78115ee88d
+PKG_SOURCE_DATE:=2021-06-22
+PKG_SOURCE_VERSION:=e5050f37150b34deb547b50feccd0e7439cb5bd7
+PKG_MIRROR_HASH:=85fed9f4bdf23cf7d33a02f549ffe9073666890f786d5ffa484c0368552b75ae
 
 PKG_FLAGS:=nonshared
 

package/kernel/gpio-button-hotplug/src/gpio-button-hotplug.c

@@ -242,11 +242,11 @@ static int gpio_button_get_value(struct gpio_keys_button_data *bdata)
 	int val;
 
 	if (bdata->can_sleep)
-		val = !!gpio_get_value_cansleep(bdata->b->gpio);
+		val = !!gpiod_get_value_cansleep(bdata->gpiod);
 	else
-		val = !!gpio_get_value(bdata->b->gpio);
+		val = !!gpiod_get_value(bdata->gpiod);
 
-	return val ^ bdata->b->active_low;
+	return val;
 }
 
 static void gpio_keys_handle_button(struct gpio_keys_button_data *bdata)
@@ -365,7 +365,6 @@ gpio_keys_get_devtree_pdata(struct device *dev)
 	struct device_node *node, *pp;
 	struct gpio_keys_platform_data *pdata;
 	struct gpio_keys_button *button;
-	int error;
 	int nbuttons;
 	int i = 0;
 
@@ -375,14 +374,12 @@ gpio_keys_get_devtree_pdata(struct device *dev)
 
 	nbuttons = of_get_child_count(node);
 	if (nbuttons == 0)
-		return NULL;
+		return ERR_PTR(-EINVAL);
 
 	pdata = devm_kzalloc(dev, sizeof(*pdata) + nbuttons * (sizeof *button),
 		GFP_KERNEL);
-	if (!pdata) {
-		error = -ENOMEM;
-		goto err_out;
-	}
+	if (!pdata)
+		return ERR_PTR(-ENOMEM);
 
 	pdata->buttons = (struct gpio_keys_button *)(pdata + 1);
 	pdata->nbuttons = nbuttons;
@@ -391,37 +388,13 @@ gpio_keys_get_devtree_pdata(struct device *dev)
 	of_property_read_u32(node, "poll-interval", &pdata->poll_interval);
 
 	for_each_child_of_node(node, pp) {
-		enum of_gpio_flags flags;
-
-		if (!of_find_property(pp, "gpios", NULL)) {
-			pdata->nbuttons--;
-			dev_warn(dev, "Found button without gpios\n");
-			continue;
-		}
-
 		button = (struct gpio_keys_button *)(&pdata->buttons[i++]);
 
-		button->irq = irq_of_parse_and_map(pp, 0);
-
-		button->gpio = of_get_gpio_flags(pp, 0, &flags);
-		if (button->gpio < 0) {
-			error = button->gpio;
-			if (error != -ENOENT) {
-				if (error != -EPROBE_DEFER)
-					dev_err(dev,
-						"Failed to get gpio flags, error: %d\n",
-						error);
-				return ERR_PTR(error);
-			}
-		} else {
-			button->active_low = !!(flags & OF_GPIO_ACTIVE_LOW);
-		}
-
 		if (of_property_read_u32(pp, "linux,code", &button->code)) {
-			dev_err(dev, "Button without keycode: 0x%x\n",
-				button->gpio);
-			error = -EINVAL;
-			goto err_out;
+			dev_err(dev, "Button node '%s' without keycode\n",
+				pp->full_name);
+			of_node_put(pp);
+			return ERR_PTR(-EINVAL);
 		}
 
 		button->desc = of_get_property(pp, "label", NULL);
@@ -434,17 +407,12 @@ gpio_keys_get_devtree_pdata(struct device *dev)
 		if (of_property_read_u32(pp, "debounce-interval",
 					&button->debounce_interval))
 			button->debounce_interval = 5;
-	}
 
-	if (pdata->nbuttons == 0) {
-		error = -EINVAL;
-		goto err_out;
+		button->irq = irq_of_parse_and_map(pp, 0);
+		button->gpio = -ENOENT; /* mark this as device-tree */
 	}
 
 	return pdata;
-
-err_out:
-	return ERR_PTR(error);
 }
 
 static struct of_device_id gpio_keys_of_match[] = {
@@ -471,11 +439,12 @@ gpio_keys_get_devtree_pdata(struct device *dev)
 static int gpio_keys_button_probe(struct platform_device *pdev,
 		struct gpio_keys_button_dev **_bdev, int polled)
 {
-	struct gpio_keys_platform_data *pdata = pdev->dev.platform_data;
 	struct device *dev = &pdev->dev;
+	struct gpio_keys_platform_data *pdata = dev_get_platdata(dev);
 	struct gpio_keys_button_dev *bdev;
 	struct gpio_keys_button *buttons;
-	int error;
+	struct device_node *prev = NULL;
+	int error = 0;
 	int i;
 
 	if (!pdata) {
@@ -514,46 +483,67 @@ static int gpio_keys_button_probe(struct platform_device *pdev,
 	for (i = 0; i < pdata->nbuttons; i++) {
 		struct gpio_keys_button *button = &buttons[i];
 		struct gpio_keys_button_data *bdata = &bdev->data[i];
-		unsigned int gpio = button->gpio;
+		const char *desc = button->desc ? button->desc : DRV_NAME;
 
 		if (button->wakeup) {
 			dev_err(dev, "does not support wakeup\n");
-			return -EINVAL;
+			error = -EINVAL;
+			goto out;
 		}
 
 		bdata->map_entry = button_get_index(button->code);
 		if (bdata->map_entry < 0) {
-			dev_warn(dev, "does not support key code:%u\n",
+			dev_err(dev, "does not support key code:%u\n",
 				button->code);
-			continue;
+			error = -EINVAL;
+			goto out;
 		}
 
 		if (!(button->type == 0 || button->type == EV_KEY ||
 		      button->type == EV_SW)) {
-			dev_warn(dev, "only supports buttons or switches\n");
-			continue;
+			dev_err(dev, "only supports buttons or switches\n");
+			error = -EINVAL;
+			goto out;
 		}
 
-		error = devm_gpio_request(dev, gpio,
-				     button->desc ? button->desc : DRV_NAME);
-		if (error) {
-			dev_err(dev, "unable to claim gpio %u, err=%d\n",
-				gpio, error);
-			return error;
-		}
-		bdata->gpiod = gpio_to_desc(gpio);
-		if (!bdata->gpiod)
-			return -EINVAL;
+		if (gpio_is_valid(button->gpio)) {
+			/* legacy platform data... but is it the lookup table? */
+			bdata->gpiod = devm_gpiod_get_index(dev, desc, i,
+							    GPIOD_IN);
+			if (IS_ERR(bdata->gpiod)) {
+				/* or the legacy (button->gpio is good) way? */
+				error = devm_gpio_request_one(dev,
+					button->gpio, GPIOF_IN | (
+					button->active_low ? GPIOF_ACTIVE_LOW :
+					0), desc);
+				if (error) {
+					if (error != -EPROBE_DEFER) {
+						dev_err(dev, "unable to claim gpio %d, err=%d\n",
+							button->gpio, error);
+					}
+					goto out;
+				}
 
-		error = gpio_direction_input(gpio);
-		if (error) {
-			dev_err(dev,
-				"unable to set direction on gpio %u, err=%d\n",
-				gpio, error);
-			return error;
+				bdata->gpiod = gpio_to_desc(button->gpio);
+			}
+		} else {
+			/* Device-tree */
+			struct device_node *child =
+				of_get_next_child(dev->of_node, prev);
+
+			bdata->gpiod = devm_gpiod_get_from_of_node(dev,
+				child, "gpios", 0, GPIOD_IN, desc);
+
+			prev = child;
 		}
 
-		bdata->can_sleep = gpio_cansleep(gpio);
+		if (IS_ERR_OR_NULL(bdata->gpiod)) {
+			error = IS_ERR(bdata->gpiod) ? PTR_ERR(bdata->gpiod) :
+				-EINVAL;
+			goto out;
+		}
+
+		bdata->can_sleep = gpiod_cansleep(bdata->gpiod);
 		bdata->last_state = -1; /* Unknown state on boot */
 
 		if (bdev->polled) {
@@ -584,8 +574,11 @@ static int gpio_keys_button_probe(struct platform_device *pdev,
 	platform_set_drvdata(pdev, bdev);
 
 	*_bdev = bdev;
+	error = 0;
 
-	return 0;
+out:
+	of_node_put(prev);
+	return error;
 }
 
 static int gpio_keys_probe(struct platform_device *pdev)
@@ -594,9 +587,7 @@ static int gpio_keys_probe(struct platform_device *pdev)
 	struct gpio_keys_button_dev *bdev;
 	int ret, i;
 
-
 	ret = gpio_keys_button_probe(pdev, &bdev, 0);
-
 	if (ret)
 		return ret;
 
@@ -608,12 +599,8 @@ static int gpio_keys_probe(struct platform_device *pdev)
 
 		INIT_DELAYED_WORK(&bdata->work, gpio_keys_irq_work_func);
 
-		if (!bdata->gpiod)
-			continue;
-
 		if (!button->irq) {
-			bdata->irq = gpio_to_irq(button->gpio);
-
+			bdata->irq = gpiod_to_irq(bdata->gpiod);
 			if (bdata->irq < 0) {
 				dev_err(&pdev->dev, "failed to get irq for gpio:%d\n",
 					button->gpio);
@@ -631,7 +618,6 @@ static int gpio_keys_probe(struct platform_device *pdev)
 		ret = devm_request_threaded_irq(&pdev->dev,
 			bdata->irq, NULL, button_handle_irq,
 			irqflags, dev_name(&pdev->dev), bdata);
-
 		if (ret < 0) {
 			bdata->irq = 0;
 			dev_err(&pdev->dev, "failed to request irq:%d for gpio:%d\n",
@@ -653,14 +639,12 @@ static int gpio_keys_polled_probe(struct platform_device *pdev)
 	int ret;
 
 	ret = gpio_keys_button_probe(pdev, &bdev, 1);
-
 	if (ret)
 		return ret;
 
 	INIT_DELAYED_WORK(&bdev->work, gpio_keys_polled_poll);
 
 	pdata = bdev->pdata;
-
 	if (pdata->enable)
 		pdata->enable(bdev->dev);
 

package/kernel/linux/modules/leds.mk

@@ -84,6 +84,22 @@ endef
 $(eval $(call KernelPackage,ledtrig-oneshot))
 
 
+define KernelPackage/ledtrig-pattern
+  SUBMENU:=$(LEDS_MENU)
+  TITLE:=LED Pattern Trigger
+  KCONFIG:=CONFIG_LEDS_TRIGGER_PATTERN
+  FILES:=$(LED_TRIGGER_DIR)/ledtrig-pattern.ko
+  AUTOLOAD:=$(call AutoLoad,50,ledtrig-pattern)
+endef
+
+define KernelPackage/ledtrig-pattern/description
+ This allows LEDs to be controlled by a software or hardware pattern
+ which is a series of tuples, of brightness and duration (ms).
+endef
+
+$(eval $(call KernelPackage,ledtrig-pattern))
+
+
 define KernelPackage/leds-pca963x
   SUBMENU:=$(LEDS_MENU)
   TITLE:=PCA963x LED support
@@ -114,3 +130,17 @@ define KernelPackage/leds-pwm/description
 endef
 
 $(eval $(call KernelPackage,leds-pwm))
+
+define KernelPackage/leds-uleds
+  SUBMENU:=$(LEDS_MENU)
+  TITLE:=Userspace LEDs
+  KCONFIG:=CONFIG_LEDS_USER
+  FILES:=$(LINUX_DIR)/drivers/leds/uleds.ko
+  AUTOLOAD:=$(call AutoLoad,60,uleds,1)
+endef
+
+define KernelPackage/leds-uleds/description
+ This option enables support for userspace LEDs.
+endef
+
+$(eval $(call KernelPackage,leds-uleds))

package/kernel/mac80211/Makefile

@@ -10,10 +10,10 @@ include $(INCLUDE_DIR)/kernel.mk
 
 PKG_NAME:=mac80211
 
-PKG_VERSION:=5.10.42-1
+PKG_VERSION:=5.10.110-1
 PKG_RELEASE:=1
-PKG_SOURCE_URL:=@KERNEL/linux/kernel/projects/backports/stable/v5.10.42/
-PKG_HASH:=6876520105240844fdb32d1dcdf2bfdea291a37a96f16c892fda3776ba714fcb
+PKG_SOURCE_URL:=@KERNEL/linux/kernel/projects/backports/stable/v5.10.110/
+PKG_HASH:=3d958154080c059adaf26512430fd1a8888d65a2228e5e70e48d028201e148b1
 
 PKG_SOURCE:=backports-$(PKG_VERSION).tar.xz
 PKG_BUILD_DIR:=$(KERNEL_BUILD_DIR)/backports-$(PKG_VERSION)
@@ -434,9 +434,15 @@ config-$(call config_package,rsi91x-sdio) += RSI_SDIO
 
 config-$(CONFIG_LEDS_TRIGGERS) += MAC80211_LEDS
 
+C_DEFINES=
+
+ifeq ($(BUILD_VARIANT),smallbuffers)
+	C_DEFINES+= -DCONFIG_ATH10K_SMALLBUFFERS
+endif
+
 MAKE_OPTS:= -C "$(PKG_BUILD_DIR)" \
 	$(KERNEL_MAKE_FLAGS) \
-	EXTRA_CFLAGS="-I$(PKG_BUILD_DIR)/include $(IREMAP_CFLAGS)" \
+	EXTRA_CFLAGS="-I$(PKG_BUILD_DIR)/include $(IREMAP_CFLAGS) $(C_DEFINES)" \
 	KLIB_BUILD="$(LINUX_DIR)" \
 	MODPROBE=true \
 	KLIB=$(TARGET_MODULES_DIR) \

package/kernel/mac80211/ath.mk

@@ -1,5 +1,5 @@
 PKG_DRIVERS += \
-	ath ath5k ath6kl ath6kl-sdio ath6kl-usb ath9k ath9k-common ath9k-htc ath10k \
+	ath ath5k ath6kl ath6kl-sdio ath6kl-usb ath9k ath9k-common ath9k-htc ath10k ath10k-smallbuffers \
 	carl9170 owl-loader ar5523 wil6210
 
 PKG_CONFIG_DEPENDS += \
@@ -55,6 +55,7 @@ config-$(CONFIG_ATH10K_THERMAL) += ATH10K_THERMAL
 
 config-$(call config_package,ath9k-htc) += ATH9K_HTC
 config-$(call config_package,ath10k) += ATH10K ATH10K_PCI
+config-$(call config_package,ath10k-smallbuffers) += ATH10K ATH10K_PCI ATH10K_SMALLBUFFERS
 
 config-$(call config_package,ath5k) += ATH5K
 ifdef CONFIG_TARGET_ath25
@@ -260,6 +261,7 @@ define KernelPackage/ath10k
 	$(PKG_BUILD_DIR)/drivers/net/wireless/ath/ath10k/ath10k_core.ko \
 	$(PKG_BUILD_DIR)/drivers/net/wireless/ath/ath10k/ath10k_pci.ko
   AUTOLOAD:=$(call AutoProbe,ath10k_pci)
+  VARIANT:=regular
 endef
 
 define KernelPackage/ath10k/description
@@ -273,14 +275,20 @@ define KernelPackage/ath10k/config
        config ATH10K_LEDS
                bool "Enable LED support"
                default y
-               depends on PACKAGE_kmod-ath10k
+               depends on PACKAGE_kmod-ath10k || PACKAGE_kmod-ath10k-smallbuffers
 
        config ATH10K_THERMAL
                bool "Enable thermal sensors and throttling support"
-               depends on PACKAGE_kmod-ath10k
+               depends on PACKAGE_kmod-ath10k || PACKAGE_kmod-ath10k-smallbuffers
 
 endef
 
+define KernelPackage/ath10k-smallbuffers
+  $(call KernelPackage/ath10k)
+  TITLE+= (small buffers for low-RAM devices)
+  VARIANT:=smallbuffers
+endef
+
 define KernelPackage/carl9170
   $(call KernelPackage/mac80211/Default)
   TITLE:=Driver for Atheros AR9170 USB sticks

package/kernel/mac80211/files/lib/netifd/wireless/mac80211.sh

@@ -26,7 +26,6 @@ drv_mac80211_init_device_config() {
 	hostapd_common_add_device_config
 
 	config_add_string path phy 'macaddr:macaddr'
-	config_add_string hwmode
 	config_add_string tx_burst
 	config_add_string distance
 	config_add_int beacon_int chanbw frag rts
@@ -44,11 +43,26 @@ drv_mac80211_init_device_config() {
 		su_beamformee \
 		mu_beamformer \
 		mu_beamformee \
+		he_su_beamformer \
+		he_su_beamformee \
+		he_mu_beamformer \
 		vht_txop_ps \
 		htc_vht \
 		rx_antenna_pattern \
-		tx_antenna_pattern
-	config_add_int vht_max_a_mpdu_len_exp vht_max_mpdu vht_link_adapt vht160 rx_stbc tx_stbc
+		tx_antenna_pattern \
+		he_spr_sr_control \
+		he_twt_required
+	config_add_int \
+		beamformer_antennas \
+		beamformee_antennas \
+		vht_max_a_mpdu_len_exp \
+		vht_max_mpdu \
+		vht_link_adapt \
+		vht160 \
+		rx_stbc \
+		tx_stbc \
+		he_bss_color \
+		he_spr_non_srg_obss_pd_max_offset
 	config_add_boolean \
 		ldpc \
 		greenfield \
@@ -96,6 +110,23 @@ mac80211_add_capabilities() {
 	export -n -- "$__var=$__out"
 }
 
+mac80211_add_he_capabilities() {
+	local __out= oifs
+
+	oifs="$IFS"
+	IFS=:
+	for capab in "$@"; do
+		set -- $capab
+		[ "$(($4))" -gt 0 ] || continue
+		[ "$(((0x$2) & $3))" -gt 0 ] || {
+			eval "$1=0"
+			continue
+		}
+		append base_cfg "$1=1" "$N"
+	done
+	IFS="$oifs"
+}
+
 mac80211_hostapd_setup_base() {
 	local phy="$1"
 
@@ -119,6 +150,9 @@ mac80211_hostapd_setup_base() {
 	[ "$noscan" -gt 0 ] && hostapd_noscan=1
 	[ "$tx_burst" = 0 ] && tx_burst=
 
+	chan_ofs=0
+	[ "$band" = "6g" ] && chan_ofs=1
+
 	ieee80211n=1
 	ht_capab=
 	case "$htmode" in
@@ -126,7 +160,7 @@ mac80211_hostapd_setup_base() {
 		HT40*|VHT40|VHT80|VHT160|HE40|HE80|HE160)
 			case "$hwmode" in
 				a)
-					case "$(( ($channel / 4) % 2 ))" in
+					case "$(( (($channel / 4) + $chan_ofs) % 2 ))" in
 						1) ht_capab="[HT40+]";;
 						0) ht_capab="[HT40-]";;
 					esac
@@ -200,7 +234,7 @@ mac80211_hostapd_setup_base() {
 	case "$htmode" in
 		VHT20|HE20) enable_ac=1;;
 		VHT40|HE40)
-			case "$(( ($channel / 4) % 2 ))" in
+			case "$(( (($channel / 4) + $chan_ofs) % 2 ))" in
 				1) idx=$(($channel + 2));;
 				0) idx=$(($channel - 2));;
 			esac
@@ -208,7 +242,7 @@ mac80211_hostapd_setup_base() {
 			vht_center_seg0=$idx
 		;;
 		VHT80|HE80)
-			case "$(( ($channel / 4) % 4 ))" in
+			case "$(( (($channel / 4) + $chan_ofs) % 4 ))" in
 				1) idx=$(($channel + 6));;
 				2) idx=$(($channel + 2));;
 				3) idx=$(($channel - 2));;
@@ -219,15 +253,35 @@ mac80211_hostapd_setup_base() {
 			vht_center_seg0=$idx
 		;;
 		VHT160|HE160)
-			case "$channel" in
-				36|40|44|48|52|56|60|64) idx=50;;
-				100|104|108|112|116|120|124|128) idx=114;;
-			esac
+			if [ "$band" = "6g" ]; then
+				case "$channel" in
+					1|5|9|13|17|21|25|29) idx=15;;
+					33|37|41|45|49|53|57|61) idx=47;;
+					65|69|73|77|81|85|89|93) idx=79;;
+					97|101|105|109|113|117|121|125) idx=111;;
+					129|133|137|141|145|149|153|157) idx=143;;
+					161|165|169|173|177|181|185|189) idx=175;;
+					193|197|201|205|209|213|217|221) idx=207;;
+				esac
+			else
+				case "$channel" in
+					36|40|44|48|52|56|60|64) idx=50;;
+					100|104|108|112|116|120|124|128) idx=114;;
+				esac
+			fi
 			enable_ac=1
 			vht_oper_chwidth=2
 			vht_center_seg0=$idx
 		;;
 	esac
+	[ "$band" = "6g" ] && {
+		op_class=
+		case "$htmode" in
+			HE20) op_class=131;;
+			HE*) op_class=$((132 + $vht_oper_chwidth))
+		esac
+		[ -n "$op_class" ] && append base_cfg "op_class=$op_class" "$N"
+	}
 	[ "$hwmode" = "a" ] || enable_ac=0
 
 	if [ "$enable_ac" != "0" ]; then
@@ -242,6 +296,8 @@ mac80211_hostapd_setup_base() {
 			mu_beamformee:1 \
 			vht_txop_ps:1 \
 			htc_vht:1 \
+			beamformee_antennas:4 \
+			beamformer_antennas:4 \
 			rx_antenna_pattern:1 \
 			tx_antenna_pattern:1 \
 			vht_max_a_mpdu_len_exp:7 \
@@ -282,6 +338,18 @@ mac80211_hostapd_setup_base() {
 			RX-STBC-123:0x700:0x300:1 \
 			RX-STBC-1234:0x700:0x400:1 \
 
+		[ "$(($vht_cap & 0x800))" -gt 0 -a "$su_beamformer" -gt 0 ] && {
+			cap_ant="$(( ( ($vht_cap >> 16) & 3 ) + 1 ))"
+			[ "$cap_ant" -gt "$beamformer_antennas" ] && cap_ant="$beamformer_antennas"
+			[ "$cap_ant" -gt 1 ] && vht_capab="$vht_capab[SOUNDING-DIMENSION-$cap_ant]"
+		}
+
+		[ "$(($vht_cap & 0x1000))" -gt 0 -a "$su_beamformee" -gt 0 ] && {
+			cap_ant="$(( ( ($vht_cap >> 13) & 3 ) + 1 ))"
+			[ "$cap_ant" -gt "$beamformee_antennas" ] && cap_ant="$beamformee_antennas"
+			[ "$cap_ant" -gt 1 ] && vht_capab="$vht_capab[BF-ANTENNA-$cap_ant]"
+		}
+
 		# supported Channel widths
 		vht160_hw=0
 		[ "$(($vht_cap & 12))" -eq 4 -a 1 -le "$vht160" ] && \
@@ -337,16 +405,62 @@ mac80211_hostapd_setup_base() {
 	esac
 
 	if [ "$enable_ax" != "0" ]; then
+		json_get_vars \
+			he_su_beamformer:1 \
+			he_su_beamformee:0 \
+			he_mu_beamformer:1 \
+			he_twt_required:0 \
+			he_spr_sr_control:0 \
+			he_spr_non_srg_obss_pd_max_offset:1 \
+			he_bss_color
+
+		he_phy_cap=$(iw phy "$phy" info | awk -F "[()]" '/HE PHY Capabilities/ { print $2 }' | head -1)
+		he_phy_cap=${he_phy_cap:2}
+		he_mac_cap=$(iw phy "$phy" info | awk -F "[()]" '/HE MAC Capabilities/ { print $2 }' | head -1)
+		he_mac_cap=${he_mac_cap:2}
+
 		append base_cfg "ieee80211ax=1" "$N"
+		[ -n "$he_bss_color" ] && append base_cfg "he_bss_color=$he_bss_color" "$N"
 		[ "$hwmode" = "a" ] && {
 			append base_cfg "he_oper_chwidth=$vht_oper_chwidth" "$N"
 			append base_cfg "he_oper_centr_freq_seg0_idx=$vht_center_seg0" "$N"
 		}
+
+		mac80211_add_he_capabilities \
+			he_su_beamformer:${he_phy_cap:6:2}:0x80:$he_su_beamformer \
+			he_su_beamformee:${he_phy_cap:8:2}:0x1:$he_su_beamformee \
+			he_mu_beamformer:${he_phy_cap:8:2}:0x2:$he_mu_beamformer \
+			he_spr_sr_control:${he_phy_cap:14:2}:0x1:$he_spr_sr_control \
+			he_twt_required:${he_mac_cap:0:2}:0x6:$he_twt_required
+
+		[ "$he_spr_sr_control" -gt 0 ] && append base_cfg "he_spr_non_srg_obss_pd_max_offset=$he_spr_non_srg_obss_pd_max_offset" "$N"
+
 		append base_cfg "he_default_pe_duration=4" "$N"
 		append base_cfg "he_rts_threshold=1023" "$N"
-		append base_cfg "he_su_beamformer=1" "$N"
-		append base_cfg "he_su_beamformee=1" "$N"
-		append base_cfg "he_mu_beamformer=1" "$N"
+		append base_cfg "he_mu_edca_qos_info_param_count=0" "$N"
+		append base_cfg "he_mu_edca_qos_info_q_ack=0" "$N"
+		append base_cfg "he_mu_edca_qos_info_queue_request=0" "$N"
+		append base_cfg "he_mu_edca_qos_info_txop_request=0" "$N"
+		append base_cfg "he_mu_edca_ac_be_aifsn=8" "$N"
+		append base_cfg "he_mu_edca_ac_be_aci=0" "$N"
+		append base_cfg "he_mu_edca_ac_be_ecwmin=9" "$N"
+		append base_cfg "he_mu_edca_ac_be_ecwmax=10" "$N"
+		append base_cfg "he_mu_edca_ac_be_timer=255" "$N"
+		append base_cfg "he_mu_edca_ac_bk_aifsn=15" "$N"
+		append base_cfg "he_mu_edca_ac_bk_aci=1" "$N"
+		append base_cfg "he_mu_edca_ac_bk_ecwmin=9" "$N"
+		append base_cfg "he_mu_edca_ac_bk_ecwmax=10" "$N"
+		append base_cfg "he_mu_edca_ac_bk_timer=255" "$N"
+		append base_cfg "he_mu_edca_ac_vi_ecwmin=5" "$N"
+		append base_cfg "he_mu_edca_ac_vi_ecwmax=7" "$N"
+		append base_cfg "he_mu_edca_ac_vi_aifsn=5" "$N"
+		append base_cfg "he_mu_edca_ac_vi_aci=2" "$N"
+		append base_cfg "he_mu_edca_ac_vi_timer=255" "$N"
+		append base_cfg "he_mu_edca_ac_vo_aifsn=5" "$N"
+		append base_cfg "he_mu_edca_ac_vo_aci=3" "$N"
+		append base_cfg "he_mu_edca_ac_vo_ecwmin=5" "$N"
+		append base_cfg "he_mu_edca_ac_vo_ecwmax=7" "$N"
+		append base_cfg "he_mu_edca_ac_vo_timer=255" "$N"
 	fi
 
 	hostapd_prepare_device_config "$hostapd_conf_file" nl80211
@@ -528,7 +642,7 @@ mac80211_iw_interface_add() {
 		rc="$?"
 	}
 
-	[ "$rc" != 0 ] && wireless_setup_failed INTERFACE_CREATION_FAILED
+	[ "$rc" != 0 ] && echo "Failed to create interface $ifname"
 	return $rc
 }
 
@@ -689,14 +803,8 @@ mac80211_prepare_iw_htmode() {
 	case "$htmode" in
 		VHT20|HT20) iw_htmode=HT20;;
 		HT40*|VHT40|VHT160)
-			case "$hwmode" in
-				a)
-					case "$(( ($channel / 4) % 2 ))" in
-						1) iw_htmode="HT40+" ;;
-						0) iw_htmode="HT40-";;
-					esac
-				;;
-				*)
+			case "$band" in
+				2g)
 					case "$htmode" in
 						HT40+) iw_htmode="HT40+";;
 						HT40-) iw_htmode="HT40-";;
@@ -709,6 +817,12 @@ mac80211_prepare_iw_htmode() {
 						;;
 					esac
 				;;
+				*)
+					case "$(( ($channel / 4) % 2 ))" in
+						1) iw_htmode="HT40+" ;;
+						0) iw_htmode="HT40-";;
+					esac
+				;;
 			esac
 			[ "$auto_channel" -gt 0 ] && iw_htmode="HT40+"
 		;;
@@ -763,6 +877,7 @@ mac80211_setup_adhoc() {
 	mcval=
 	[ -n "$mcast_rate" ] && wpa_supplicant_add_rate mcval "$mcast_rate"
 
+	iw dev "$ifname" set type ibss
 	iw dev "$ifname" ibss join "$ssid" $freq $iw_htmode fixed-freq $bssid \
 		beacon-interval $beacon_int \
 		${brstr:+basic-rates $brstr} \
@@ -818,7 +933,6 @@ mac80211_setup_vif() {
 		mesh)
 			wireless_vif_parse_encryption
 			[ -z "$htmode" ] && htmode="NOHT";
-			freq="$(get_freq "$phy" "$channel")"
 			if [ "$wpa" -gt 0 -o "$auto_channel" -gt 0 ] || chan_is_dfs "$phy" "$channel"; then
 				mac80211_setup_supplicant $vif_enable || failed=1
 			else
@@ -832,7 +946,6 @@ mac80211_setup_vif() {
 		adhoc)
 			wireless_vif_parse_encryption
 			if [ "$wpa" -gt 0 -o "$auto_channel" -gt 0 ]; then
-				freq="$(get_freq "$phy" "$channel")"
 				mac80211_setup_supplicant_noctl $vif_enable || failed=1
 			else
 				mac80211_setup_adhoc $vif_enable
@@ -849,10 +962,30 @@ mac80211_setup_vif() {
 
 get_freq() {
 	local phy="$1"
-	local chan="$2"
-	iw "$phy" info | grep -E -m1 "(\* ${chan:-....} MHz${chan:+|\\[$chan\\]})" | grep MHz | awk '{print $2}'
+	local channel="$2"
+	local band="$3"
+
+	case "$band" in
+		2g) band="1:";;
+		5g) band="2:";;
+		60g) band="3:";;
+		6g) band="4:";;
+	esac
+
+	iw "$phy" info | awk -v band="$band" -v channel="[$channel]" '
+
+$1 ~ /Band/ {
+	band_match = band == $2
 }
 
+band_match && $3 == "MHz" && $4 == channel {
+	print $2
+	exit
+}
+'
+}
+
+
 chan_is_dfs() {
 	local phy="$1"
 	local chan="$2"
@@ -933,7 +1066,7 @@ drv_mac80211_setup() {
 	done
 
 	# convert channel to frequency
-	[ "$auto_channel" -gt 0 ] || freq="$(get_freq "$phy" "$channel")"
+	[ "$auto_channel" -gt 0 ] || freq="$(get_freq "$phy" "$channel" "$band")"
 
 	[ -n "$country" ] && {
 		iw reg get | grep -q "^country $country:" || {

package/kernel/mac80211/files/lib/wifi/mac80211.sh

@@ -57,6 +57,85 @@ check_mac80211_device() {
 	[ "$phy" = "$dev" ] && found=1
 }
 
+
+__get_band_defaults() {
+	local phy="$1"
+
+	( iw phy "$phy" info; echo ) | awk '
+BEGIN {
+        bands = ""
+}
+
+($1 == "Band" || $1 == "") && band {
+        if (channel) {
+		mode="NOHT"
+		if (ht) mode="HT20"
+		if (vht && band != "1:") mode="VHT80"
+		if (he) mode="HE80"
+		if (he && band == "1:") mode="HE20"
+                sub("\\[", "", channel)
+                sub("\\]", "", channel)
+                bands = bands band channel ":" mode " "
+        }
+        band=""
+}
+
+$1 == "Band" {
+        band = $2
+        channel = ""
+	vht = ""
+	ht = ""
+	he = ""
+}
+
+$0 ~ "Capabilities:" {
+	ht=1
+}
+
+$0 ~ "VHT Capabilities" {
+	vht=1
+}
+
+$0 ~ "HE Iftypes" {
+	he=1
+}
+
+$1 == "*" && $3 == "MHz" && $0 !~ /disabled/ && band && !channel {
+        channel = $4
+}
+
+END {
+        print bands
+}'
+}
+
+get_band_defaults() {
+	local phy="$1"
+
+	for c in $(__get_band_defaults "$phy"); do
+		local band="${c%%:*}"
+		c="${c#*:}"
+		local chan="${c%%:*}"
+		c="${c#*:}"
+		local mode="${c%%:*}"
+
+		case "$band" in
+			1) band=2g;;
+			2) band=5g;;
+			3) band=60g;;
+			4) band=6g;;
+			*) band="";;
+		esac
+
+		[ -n "$band" ] || continue
+		[ -n "$mode_band" -a "$band" = "6g" ] && return
+
+		mode_band="$band"
+		channel="$chan"
+		htmode="$mode"
+	done
+}
+
 detect_mac80211() {
 	devidx=0
 	config_load wireless
@@ -75,26 +154,12 @@ detect_mac80211() {
 		config_foreach check_mac80211_device wifi-device
 		[ "$found" -gt 0 ] && continue
 
-		mode_band="g"
-		channel="11"
+		mode_band=""
+		channel=""
 		htmode=""
 		ht_capab=""
 
-		iw phy "$dev" info | grep -q 'Capabilities:' && htmode=HT20
-
-		iw phy "$dev" info | grep -q '\* 5... MHz \[' && {
-			mode_band="a"
-			channel=$(iw phy "$dev" info | grep '\* 5... MHz \[' | grep '(disabled)' -v -m 1 | sed 's/[^[]*\[\|\].*//g')
-			iw phy "$dev" info | grep -q 'VHT Capabilities' && htmode="VHT80"
-		}
-
-		iw phy "$dev" info | grep -q '\* 5.... MHz \[' && {
-			mode_band="ad"
-			channel=$(iw phy "$dev" info | grep '\* 5.... MHz \[' | grep '(disabled)' -v -m 1 | sed 's/[^[]*\[\|\|\].*//g')
-			iw phy "$dev" info | grep -q 'Capabilities:' && htmode="HT20"
-		}
-
-		[ -n "$htmode" ] && ht_capab="set wireless.radio${devidx}.htmode=$htmode"
+		get_band_defaults "$dev"
 
 		path="$(mac80211_phy_to_path "$dev")"
 		if [ -n "$path" ]; then
@@ -106,10 +171,10 @@ detect_mac80211() {
 		uci -q batch <<-EOF
 			set wireless.radio${devidx}=wifi-device
 			set wireless.radio${devidx}.type=mac80211
-			set wireless.radio${devidx}.channel=${channel}
-			set wireless.radio${devidx}.hwmode=11${mode_band}
 			${dev_id}
-			${ht_capab}
+			set wireless.radio${devidx}.channel=${channel}
+			set wireless.radio${devidx}.band=${mode_band}
+			set wireless.radio${devidx}.htmode=$htmode
 			set wireless.radio${devidx}.disabled=1
 
 			set wireless.default_radio${devidx}=wifi-iface

package/kernel/mac80211/patches/ath/356-Revert-ath9k-interpret-requested-txpower-in-EIRP-dom.patch

@@ -8,7 +8,7 @@ This reverts commit 71f5137bf010c6faffab50c0ec15374c59c4a411.
 
 --- a/drivers/net/wireless/ath/ath9k/hw.c
 +++ b/drivers/net/wireless/ath/ath9k/hw.c
-@@ -2977,7 +2977,8 @@ void ath9k_hw_apply_txpower(struct ath_h
+@@ -2979,7 +2979,8 @@ void ath9k_hw_apply_txpower(struct ath_h
  {
  	struct ath_regulatory *reg = ath9k_hw_regulatory(ah);
  	struct ieee80211_channel *channel;
@@ -18,7 +18,7 @@ This reverts commit 71f5137bf010c6faffab50c0ec15374c59c4a411.
  	u16 ctl = NO_CTL;
  
  	if (!chan)
-@@ -2989,9 +2990,14 @@ void ath9k_hw_apply_txpower(struct ath_h
+@@ -2991,9 +2992,14 @@ void ath9k_hw_apply_txpower(struct ath_h
  	channel = chan->chan;
  	chan_pwr = min_t(int, channel->max_power * 2, MAX_COMBINED_POWER);
  	new_pwr = min_t(int, chan_pwr, reg->power_limit);

package/kernel/mac80211/patches/ath/365-ath9k-adjust-tx-power-reduction-for-US-regulatory-do.patch

@@ -11,7 +11,7 @@ Signed-off-by: Felix Fietkau <nbd@nbd.name>
 
 --- a/drivers/net/wireless/ath/ath9k/hw.c
 +++ b/drivers/net/wireless/ath/ath9k/hw.c
-@@ -2996,6 +2996,10 @@ void ath9k_hw_apply_txpower(struct ath_h
+@@ -2998,6 +2998,10 @@ void ath9k_hw_apply_txpower(struct ath_h
  	if (ant_gain > max_gain)
  		ant_reduction = ant_gain - max_gain;
  

package/kernel/mac80211/patches/ath/400-ath_move_debug_code.patch

@@ -14,7 +14,7 @@
  CFLAGS_trace.o := -I$(src)
 --- a/drivers/net/wireless/ath/ath.h
 +++ b/drivers/net/wireless/ath/ath.h
-@@ -316,14 +316,7 @@ void _ath_dbg(struct ath_common *common,
+@@ -317,14 +317,7 @@ void _ath_dbg(struct ath_common *common,
  #endif /* CPTCFG_ATH_DEBUG */
  
  /** Returns string describing opmode, or NULL if unknown mode. */

package/kernel/mac80211/patches/ath/542-ath9k_debugfs_diag.patch

@@ -84,7 +84,7 @@
  	bool reset_power_on;
  	bool htc_reset_init;
  
-@@ -1076,6 +1084,7 @@ void ath9k_hw_check_nav(struct ath_hw *a
+@@ -1077,6 +1085,7 @@ void ath9k_hw_check_nav(struct ath_hw *a
  bool ath9k_hw_check_alive(struct ath_hw *ah);
  
  bool ath9k_hw_setpower(struct ath_hw *ah, enum ath9k_power_mode mode);
@@ -94,7 +94,7 @@
  struct ath_gen_timer *ath_gen_timer_alloc(struct ath_hw *ah,
 --- a/drivers/net/wireless/ath/ath9k/hw.c
 +++ b/drivers/net/wireless/ath/ath9k/hw.c
-@@ -1883,6 +1883,20 @@ u32 ath9k_hw_get_tsf_offset(struct times
+@@ -1882,6 +1882,20 @@ u32 ath9k_hw_get_tsf_offset(struct times
  }
  EXPORT_SYMBOL(ath9k_hw_get_tsf_offset);
  
@@ -115,7 +115,7 @@
  int ath9k_hw_reset(struct ath_hw *ah, struct ath9k_channel *chan,
  		   struct ath9k_hw_cal_data *caldata, bool fastcc)
  {
-@@ -2091,6 +2105,7 @@ int ath9k_hw_reset(struct ath_hw *ah, st
+@@ -2090,6 +2104,7 @@ int ath9k_hw_reset(struct ath_hw *ah, st
  		ar9003_hw_disable_phy_restart(ah);
  
  	ath9k_hw_apply_gpio_override(ah);
@@ -125,9 +125,9 @@
  		REG_SET_BIT(ah, AR_BTCOEX_WL_LNADIV, AR_BTCOEX_WL_LNADIV_FORCE_ON);
 --- a/drivers/net/wireless/ath/ath9k/main.c
 +++ b/drivers/net/wireless/ath/ath9k/main.c
-@@ -531,6 +531,11 @@ irqreturn_t ath_isr(int irq, void *dev)
- 	if (test_bit(ATH_OP_HW_RESET, &common->op_flags))
+@@ -538,6 +538,11 @@ irqreturn_t ath_isr(int irq, void *dev)
  		return IRQ_HANDLED;
+ 	}
  
 +	if (test_bit(ATH_DIAG_TRIGGER_ERROR, &ah->diag)) {
 +		status |= ATH9K_INT_FATAL;

package/kernel/mac80211/patches/ath/544-ath9k-ar933x-usb-hang-workaround.patch

@@ -40,7 +40,7 @@
  	return true;
  }
  
-@@ -1861,8 +1880,14 @@ static int ath9k_hw_do_fastcc(struct ath
+@@ -1860,8 +1879,14 @@ static int ath9k_hw_do_fastcc(struct ath
  	if (AR_SREV_9271(ah))
  		ar9002_hw_load_ani_reg(ah, chan);
  
@@ -55,7 +55,7 @@
  	return -EINVAL;
  }
  
-@@ -2116,6 +2141,9 @@ int ath9k_hw_reset(struct ath_hw *ah, st
+@@ -2115,6 +2140,9 @@ int ath9k_hw_reset(struct ath_hw *ah, st
  		ath9k_hw_set_radar_params(ah);
  	}
  

package/kernel/mac80211/patches/ath/551-ath9k_ubnt_uap_plus_hsr.patch

@@ -339,7 +339,7 @@
  
  static void ath9k_flush(struct ieee80211_hw *hw, struct ieee80211_vif *vif,
  			u32 queues, bool drop);
-@@ -652,6 +653,7 @@ void ath_reset_work(struct work_struct *
+@@ -659,6 +660,7 @@ void ath_reset_work(struct work_struct *
  static int ath9k_start(struct ieee80211_hw *hw)
  {
  	struct ath_softc *sc = hw->priv;
@@ -347,7 +347,7 @@
  	struct ath_hw *ah = sc->sc_ah;
  	struct ath_common *common = ath9k_hw_common(ah);
  	struct ieee80211_channel *curchan = sc->cur_chan->chandef.chan;
-@@ -730,6 +732,11 @@ static int ath9k_start(struct ieee80211_
+@@ -737,6 +739,11 @@ static int ath9k_start(struct ieee80211_
  					  AR_GPIO_OUTPUT_MUX_AS_OUTPUT);
  	}
  

package/kernel/mac80211/patches/ath/921-ath10k_init_devices_synchronously.patch

@@ -14,7 +14,7 @@ Signed-off-by: Sven Eckelmann <sven@open-mesh.com>
 
 --- a/drivers/net/wireless/ath/ath10k/core.c
 +++ b/drivers/net/wireless/ath/ath10k/core.c
-@@ -3189,6 +3189,16 @@ int ath10k_core_register(struct ath10k *
+@@ -3206,6 +3206,16 @@ int ath10k_core_register(struct ath10k *
  
  	queue_work(ar->workqueue, &ar->register_work);
  

package/kernel/mac80211/patches/ath/930-ath10k_add_tpt_led_trigger.patch

@@ -1,6 +1,6 @@
 --- a/drivers/net/wireless/ath/ath10k/mac.c
 +++ b/drivers/net/wireless/ath/ath10k/mac.c
-@@ -9708,6 +9708,21 @@ static int ath10k_mac_init_rd(struct ath
+@@ -9732,6 +9732,21 @@ static int ath10k_mac_init_rd(struct ath
  	return 0;
  }
  
@@ -22,7 +22,7 @@
  int ath10k_mac_register(struct ath10k *ar)
  {
  	static const u32 cipher_suites[] = {
-@@ -10057,6 +10072,12 @@ int ath10k_mac_register(struct ath10k *a
+@@ -10081,6 +10096,12 @@ int ath10k_mac_register(struct ath10k *a
  
  	ar->hw->weight_multiplier = ATH10K_AIRTIME_WEIGHT_MULTIPLIER;
  

package/kernel/mac80211/patches/ath/974-ath10k_add-LED-and-GPIO-controlling-support-for-various-chipsets.patch

@@ -140,7 +140,7 @@ v13:
  		.patch_load_addr = QCA988X_HW_2_0_PATCH_LOAD_ADDR,
  		.uart_pin = 7,
  		.cc_wraparound_type = ATH10K_HW_CC_WRAP_SHIFTED_ALL,
-@@ -130,6 +132,7 @@ static const struct ath10k_hw_params ath
+@@ -132,6 +134,7 @@ static const struct ath10k_hw_params ath
  		.dev_id = QCA9887_1_0_DEVICE_ID,
  		.bus = ATH10K_BUS_PCI,
  		.name = "qca9887 hw1.0",
@@ -148,7 +148,7 @@ v13:
  		.patch_load_addr = QCA9887_HW_1_0_PATCH_LOAD_ADDR,
  		.uart_pin = 7,
  		.cc_wraparound_type = ATH10K_HW_CC_WRAP_SHIFTED_ALL,
-@@ -335,6 +338,7 @@ static const struct ath10k_hw_params ath
+@@ -343,6 +346,7 @@ static const struct ath10k_hw_params ath
  		.dev_id = QCA99X0_2_0_DEVICE_ID,
  		.bus = ATH10K_BUS_PCI,
  		.name = "qca99x0 hw2.0",
@@ -156,7 +156,7 @@ v13:
  		.patch_load_addr = QCA99X0_HW_2_0_PATCH_LOAD_ADDR,
  		.uart_pin = 7,
  		.otp_exe_param = 0x00000700,
-@@ -375,6 +379,7 @@ static const struct ath10k_hw_params ath
+@@ -384,6 +388,7 @@ static const struct ath10k_hw_params ath
  		.dev_id = QCA9984_1_0_DEVICE_ID,
  		.bus = ATH10K_BUS_PCI,
  		.name = "qca9984/qca9994 hw1.0",
@@ -164,7 +164,7 @@ v13:
  		.patch_load_addr = QCA9984_HW_1_0_PATCH_LOAD_ADDR,
  		.uart_pin = 7,
  		.cc_wraparound_type = ATH10K_HW_CC_WRAP_SHIFTED_EACH,
-@@ -422,6 +427,7 @@ static const struct ath10k_hw_params ath
+@@ -432,6 +437,7 @@ static const struct ath10k_hw_params ath
  		.dev_id = QCA9888_2_0_DEVICE_ID,
  		.bus = ATH10K_BUS_PCI,
  		.name = "qca9888 hw2.0",
@@ -172,7 +172,7 @@ v13:
  		.patch_load_addr = QCA9888_HW_2_0_PATCH_LOAD_ADDR,
  		.uart_pin = 7,
  		.cc_wraparound_type = ATH10K_HW_CC_WRAP_SHIFTED_EACH,
-@@ -2904,6 +2910,10 @@ int ath10k_core_start(struct ath10k *ar,
+@@ -2921,6 +2927,10 @@ int ath10k_core_start(struct ath10k *ar,
  		goto err_hif_stop;
  	}
  
@@ -183,7 +183,7 @@ v13:
  	return 0;
  
  err_hif_stop:
-@@ -3162,9 +3172,18 @@ static void ath10k_core_register_work(st
+@@ -3179,9 +3189,18 @@ static void ath10k_core_register_work(st
  		goto err_spectral_destroy;
  	}
  
@@ -202,7 +202,7 @@ v13:
  err_spectral_destroy:
  	ath10k_spectral_destroy(ar);
  err_debug_destroy:
-@@ -3210,6 +3229,8 @@ void ath10k_core_unregister(struct ath10
+@@ -3227,6 +3246,8 @@ void ath10k_core_unregister(struct ath10
  	if (!test_bit(ATH10K_FLAG_CORE_REGISTERED, &ar->dev_flags))
  		return;
  
@@ -467,7 +467,7 @@ v13:
  static const struct wmi_peer_flags_map wmi_tlv_peer_flags_map = {
 --- a/drivers/net/wireless/ath/ath10k/wmi.c
 +++ b/drivers/net/wireless/ath/ath10k/wmi.c
-@@ -7468,6 +7468,49 @@ ath10k_wmi_op_gen_peer_set_param(struct
+@@ -7472,6 +7472,49 @@ ath10k_wmi_op_gen_peer_set_param(struct
  	return skb;
  }
  
@@ -517,7 +517,7 @@ v13:
  static struct sk_buff *
  ath10k_wmi_op_gen_set_psmode(struct ath10k *ar, u32 vdev_id,
  			     enum wmi_sta_ps_mode psmode)
-@@ -9156,6 +9199,9 @@ static const struct wmi_ops wmi_ops = {
+@@ -9160,6 +9203,9 @@ static const struct wmi_ops wmi_ops = {
  	.fw_stats_fill = ath10k_wmi_main_op_fw_stats_fill,
  	.get_vdev_subtype = ath10k_wmi_op_get_vdev_subtype,
  	.gen_echo = ath10k_wmi_op_gen_echo,
@@ -527,7 +527,7 @@ v13:
  	/* .gen_bcn_tmpl not implemented */
  	/* .gen_prb_tmpl not implemented */
  	/* .gen_p2p_go_bcn_ie not implemented */
-@@ -9226,6 +9272,8 @@ static const struct wmi_ops wmi_10_1_ops
+@@ -9230,6 +9276,8 @@ static const struct wmi_ops wmi_10_1_ops
  	.fw_stats_fill = ath10k_wmi_10x_op_fw_stats_fill,
  	.get_vdev_subtype = ath10k_wmi_op_get_vdev_subtype,
  	.gen_echo = ath10k_wmi_op_gen_echo,
@@ -536,7 +536,7 @@ v13:
  	/* .gen_bcn_tmpl not implemented */
  	/* .gen_prb_tmpl not implemented */
  	/* .gen_p2p_go_bcn_ie not implemented */
-@@ -9298,6 +9346,8 @@ static const struct wmi_ops wmi_10_2_ops
+@@ -9302,6 +9350,8 @@ static const struct wmi_ops wmi_10_2_ops
  	.gen_delba_send = ath10k_wmi_op_gen_delba_send,
  	.fw_stats_fill = ath10k_wmi_10x_op_fw_stats_fill,
  	.get_vdev_subtype = ath10k_wmi_op_get_vdev_subtype,
@@ -545,7 +545,7 @@ v13:
  	/* .gen_pdev_enable_adaptive_cca not implemented */
  };
  
-@@ -9369,6 +9419,8 @@ static const struct wmi_ops wmi_10_2_4_o
+@@ -9373,6 +9423,8 @@ static const struct wmi_ops wmi_10_2_4_o
  		ath10k_wmi_op_gen_pdev_enable_adaptive_cca,
  	.get_vdev_subtype = ath10k_wmi_10_2_4_op_get_vdev_subtype,
  	.gen_bb_timing = ath10k_wmi_10_2_4_op_gen_bb_timing,
@@ -554,7 +554,7 @@ v13:
  	/* .gen_bcn_tmpl not implemented */
  	/* .gen_prb_tmpl not implemented */
  	/* .gen_p2p_go_bcn_ie not implemented */
-@@ -9450,6 +9502,8 @@ static const struct wmi_ops wmi_10_4_ops
+@@ -9454,6 +9506,8 @@ static const struct wmi_ops wmi_10_4_ops
  	.gen_pdev_bss_chan_info_req = ath10k_wmi_10_2_op_gen_pdev_bss_chan_info,
  	.gen_echo = ath10k_wmi_op_gen_echo,
  	.gen_pdev_get_tpc_config = ath10k_wmi_10_2_4_op_gen_pdev_get_tpc_config,
@@ -565,7 +565,7 @@ v13:
  int ath10k_wmi_attach(struct ath10k *ar)
 --- a/drivers/net/wireless/ath/ath10k/wmi.h
 +++ b/drivers/net/wireless/ath/ath10k/wmi.h
-@@ -3027,6 +3027,41 @@ enum wmi_10_4_feature_mask {
+@@ -3030,6 +3030,41 @@ enum wmi_10_4_feature_mask {
  
  };
  

package/kernel/mac80211/patches/ath/975-ath10k-use-tpt-trigger-by-default.patch

@@ -42,7 +42,7 @@ Signed-off-by: Mathias Kresin <dev@kresin.me>
  	if (ret)
 --- a/drivers/net/wireless/ath/ath10k/mac.c
 +++ b/drivers/net/wireless/ath/ath10k/mac.c
-@@ -10074,7 +10074,7 @@ int ath10k_mac_register(struct ath10k *a
+@@ -10098,7 +10098,7 @@ int ath10k_mac_register(struct ath10k *a
  	ar->hw->weight_multiplier = ATH10K_AIRTIME_WEIGHT_MULTIPLIER;
  
  #ifdef CPTCFG_MAC80211_LEDS

package/kernel/mac80211/patches/ath/980-ath10k-fix-max-antenna-gain-unit.patch

@@ -1,49 +0,0 @@
-From: Sven Eckelmann <seckelmann@datto.com>
-Date: Tue, 11 Jun 2019 13:58:35 +0200
-Subject: ath10k: fix max antenna gain unit
-
-Most of the txpower for the ath10k firmware is stored as twicepower (0.5 dB
-steps). This isn't the case for max_antenna_gain - which is still expected
-by the firmware as dB.
-
-The firmware is converting it from dB to the internal (twicepower)
-representation when it calculates the limits of a channel. This can be seen
-in tpc_stats when configuring "12" as max_antenna_gain. Instead of the
-expected 12 (6 dB), the tpc_stats shows 24 (12 dB).
-
-Tested on QCA9888 and IPQ4019 with firmware 10.4-3.5.3-00057.
-
-Fixes: 02256930d9b8 ("ath10k: use proper tx power unit")
-Signed-off-by: Sven Eckelmann <seckelmann@datto.com>
-
-Forwarded: https://patchwork.kernel.org/patch/10986723/
-
---- a/drivers/net/wireless/ath/ath10k/mac.c
-+++ b/drivers/net/wireless/ath/ath10k/mac.c
-@@ -1038,7 +1038,7 @@ static int ath10k_monitor_vdev_start(str
- 	arg.channel.min_power = 0;
- 	arg.channel.max_power = channel->max_power * 2;
- 	arg.channel.max_reg_power = channel->max_reg_power * 2;
--	arg.channel.max_antenna_gain = channel->max_antenna_gain * 2;
-+	arg.channel.max_antenna_gain = channel->max_antenna_gain;
- 
- 	reinit_completion(&ar->vdev_setup_done);
- 	reinit_completion(&ar->vdev_delete_done);
-@@ -1484,7 +1484,7 @@ static int ath10k_vdev_start_restart(str
- 	arg.channel.min_power = 0;
- 	arg.channel.max_power = chandef->chan->max_power * 2;
- 	arg.channel.max_reg_power = chandef->chan->max_reg_power * 2;
--	arg.channel.max_antenna_gain = chandef->chan->max_antenna_gain * 2;
-+	arg.channel.max_antenna_gain = chandef->chan->max_antenna_gain;
- 
- 	if (arvif->vdev_type == WMI_VDEV_TYPE_AP) {
- 		arg.ssid = arvif->u.ap.ssid;
-@@ -3255,7 +3255,7 @@ static int ath10k_update_channel_list(st
- 			ch->min_power = 0;
- 			ch->max_power = channel->max_power * 2;
- 			ch->max_reg_power = channel->max_reg_power * 2;
--			ch->max_antenna_gain = channel->max_antenna_gain * 2;
-+			ch->max_antenna_gain = channel->max_antenna_gain;
- 			ch->reg_class_id = 0; /* FIXME */
- 
- 			/* FIXME: why use only legacy modes, why not any

package/kernel/mac80211/patches/ath/981-ath10k-adjust-tx-power-reduction-for-US-regulatory-d.patch

@@ -28,7 +28,7 @@ Forwarded: no
 
 --- a/drivers/net/wireless/ath/ath10k/mac.c
 +++ b/drivers/net/wireless/ath/ath10k/mac.c
-@@ -1006,6 +1006,40 @@ static inline int ath10k_vdev_setup_sync
+@@ -1010,6 +1010,40 @@ static inline int ath10k_vdev_setup_sync
  	return ar->last_wmi_vdev_start_status;
  }
  
@@ -69,7 +69,7 @@ Forwarded: no
  static int ath10k_monitor_vdev_start(struct ath10k *ar, int vdev_id)
  {
  	struct cfg80211_chan_def *chandef = NULL;
-@@ -1038,7 +1072,8 @@ static int ath10k_monitor_vdev_start(str
+@@ -1042,7 +1076,8 @@ static int ath10k_monitor_vdev_start(str
  	arg.channel.min_power = 0;
  	arg.channel.max_power = channel->max_power * 2;
  	arg.channel.max_reg_power = channel->max_reg_power * 2;
@@ -79,7 +79,7 @@ Forwarded: no
  
  	reinit_completion(&ar->vdev_setup_done);
  	reinit_completion(&ar->vdev_delete_done);
-@@ -1484,7 +1519,8 @@ static int ath10k_vdev_start_restart(str
+@@ -1488,7 +1523,8 @@ static int ath10k_vdev_start_restart(str
  	arg.channel.min_power = 0;
  	arg.channel.max_power = chandef->chan->max_power * 2;
  	arg.channel.max_reg_power = chandef->chan->max_reg_power * 2;
@@ -89,7 +89,7 @@ Forwarded: no
  
  	if (arvif->vdev_type == WMI_VDEV_TYPE_AP) {
  		arg.ssid = arvif->u.ap.ssid;
-@@ -3255,7 +3291,8 @@ static int ath10k_update_channel_list(st
+@@ -3259,7 +3295,8 @@ static int ath10k_update_channel_list(st
  			ch->min_power = 0;
  			ch->max_power = channel->max_power * 2;
  			ch->max_reg_power = channel->max_reg_power * 2;

package/kernel/mac80211/patches/ath/990-ath10k-small-buffers.patch

@@ -0,0 +1,64 @@
+--- a/drivers/net/wireless/ath/ath10k/htt.h
++++ b/drivers/net/wireless/ath/ath10k/htt.h
+@@ -236,7 +236,11 @@ enum htt_rx_ring_flags {
+ };
+ 
+ #define HTT_RX_RING_SIZE_MIN 128
++#ifndef CONFIG_ATH10K_SMALLBUFFERS
+ #define HTT_RX_RING_SIZE_MAX 2048
++#else
++#define HTT_RX_RING_SIZE_MAX 512
++#endif
+ #define HTT_RX_RING_SIZE HTT_RX_RING_SIZE_MAX
+ #define HTT_RX_RING_FILL_LEVEL (((HTT_RX_RING_SIZE) / 2) - 1)
+ #define HTT_RX_RING_FILL_LEVEL_DUAL_MAC (HTT_RX_RING_SIZE - 1)
+--- a/drivers/net/wireless/ath/ath10k/pci.c
++++ b/drivers/net/wireless/ath/ath10k/pci.c
+@@ -131,7 +131,11 @@ static const struct ce_attr pci_host_ce_
+ 		.flags = CE_ATTR_FLAGS,
+ 		.src_nentries = 0,
+ 		.src_sz_max = 2048,
++#ifndef CONFIG_ATH10K_SMALLBUFFERS
+ 		.dest_nentries = 512,
++#else
++		.dest_nentries = 128,
++#endif
+ 		.recv_cb = ath10k_pci_htt_htc_rx_cb,
+ 	},
+ 
+@@ -140,7 +144,11 @@ static const struct ce_attr pci_host_ce_
+ 		.flags = CE_ATTR_FLAGS,
+ 		.src_nentries = 0,
+ 		.src_sz_max = 2048,
++#ifndef CONFIG_ATH10K_SMALLBUFFERS
+ 		.dest_nentries = 128,
++#else
++		.dest_nentries = 64,
++#endif
+ 		.recv_cb = ath10k_pci_htc_rx_cb,
+ 	},
+ 
+@@ -167,7 +175,11 @@ static const struct ce_attr pci_host_ce_
+ 		.flags = CE_ATTR_FLAGS,
+ 		.src_nentries = 0,
+ 		.src_sz_max = 512,
++#ifndef CONFIG_ATH10K_SMALLBUFFERS
+ 		.dest_nentries = 512,
++#else
++		.dest_nentries = 128,
++#endif
+ 		.recv_cb = ath10k_pci_htt_rx_cb,
+ 	},
+ 
+@@ -192,7 +204,11 @@ static const struct ce_attr pci_host_ce_
+ 		.flags = CE_ATTR_FLAGS,
+ 		.src_nentries = 0,
+ 		.src_sz_max = 2048,
++#ifndef CONFIG_ATH10K_SMALLBUFFERS
+ 		.dest_nentries = 128,
++#else
++		.dest_nentries = 96,
++#endif
+ 		.recv_cb = ath10k_pci_pktlog_rx_cb,
+ 	},
+ 

package/kernel/mac80211/patches/brcm/860-brcmfmac-register-wiphy-s-during-module_init.patch

@@ -13,7 +13,7 @@ Signed-off-by: Rafał Miłecki <zajec5@gmail.com>
 
 --- a/drivers/net/wireless/broadcom/brcm80211/brcmfmac/firmware.c
 +++ b/drivers/net/wireless/broadcom/brcm80211/brcmfmac/firmware.c
-@@ -431,6 +431,7 @@ struct brcmf_fw {
+@@ -433,6 +433,7 @@ struct brcmf_fw {
  	struct brcmf_fw_request *req;
  	u32 curpos;
  	void (*done)(struct device *dev, int err, struct brcmf_fw_request *req);
@@ -21,7 +21,7 @@ Signed-off-by: Rafał Miłecki <zajec5@gmail.com>
  };
  
  static void brcmf_fw_request_done(const struct firmware *fw, void *ctx);
-@@ -638,6 +639,8 @@ static void brcmf_fw_request_done(const
+@@ -640,6 +641,8 @@ static void brcmf_fw_request_done(const
  		fwctx->req = NULL;
  	}
  	fwctx->done(fwctx->dev, ret, fwctx->req);
@@ -30,7 +30,7 @@ Signed-off-by: Rafał Miłecki <zajec5@gmail.com>
  	kfree(fwctx);
  }
  
-@@ -662,6 +665,8 @@ int brcmf_fw_get_firmwares(struct device
+@@ -664,6 +667,8 @@ int brcmf_fw_get_firmwares(struct device
  {
  	struct brcmf_fw_item *first = &req->items[0];
  	struct brcmf_fw *fwctx;
@@ -39,7 +39,7 @@ Signed-off-by: Rafał Miłecki <zajec5@gmail.com>
  	int ret;
  
  	brcmf_dbg(TRACE, "enter: dev=%s\n", dev_name(dev));
-@@ -678,6 +683,9 @@ int brcmf_fw_get_firmwares(struct device
+@@ -680,6 +685,9 @@ int brcmf_fw_get_firmwares(struct device
  	fwctx->dev = dev;
  	fwctx->req = req;
  	fwctx->done = fw_cb;
@@ -49,7 +49,7 @@ Signed-off-by: Rafał Miłecki <zajec5@gmail.com>
  
  	ret = request_firmware_nowait(THIS_MODULE, true, first->path,
  				      fwctx->dev, GFP_KERNEL, fwctx,
-@@ -685,6 +693,12 @@ int brcmf_fw_get_firmwares(struct device
+@@ -687,6 +695,12 @@ int brcmf_fw_get_firmwares(struct device
  	if (ret < 0)
  		brcmf_fw_request_done(NULL, fwctx);
  

package/kernel/mac80211/patches/brcm/862-brcmfmac-Disable-power-management.patch

@@ -14,7 +14,7 @@ Signed-off-by: Phil Elwell <phil@raspberrypi.org>
 
 --- a/drivers/net/wireless/broadcom/brcm80211/brcmfmac/cfg80211.c
 +++ b/drivers/net/wireless/broadcom/brcm80211/brcmfmac/cfg80211.c
-@@ -2958,6 +2958,10 @@ brcmf_cfg80211_set_power_mgmt(struct wip
+@@ -2961,6 +2961,10 @@ brcmf_cfg80211_set_power_mgmt(struct wip
  	 * preference in cfg struct to apply this to
  	 * FW later while initializing the dongle
  	 */

package/kernel/mac80211/patches/brcm/998-survey.patch

@@ -1,6 +1,6 @@
 --- a/drivers/net/wireless/broadcom/brcm80211/brcmfmac/cfg80211.c
 +++ b/drivers/net/wireless/broadcom/brcm80211/brcmfmac/cfg80211.c
-@@ -2910,6 +2910,63 @@ done:
+@@ -2913,6 +2913,63 @@ done:
  }
  
  static int
@@ -64,7 +64,7 @@
  brcmf_cfg80211_dump_station(struct wiphy *wiphy, struct net_device *ndev,
  			    int idx, u8 *mac, struct station_info *sinfo)
  {
-@@ -3005,6 +3062,7 @@ static s32 brcmf_inform_single_bss(struc
+@@ -3008,6 +3065,7 @@ static s32 brcmf_inform_single_bss(struc
  	struct brcmu_chan ch;
  	u16 channel;
  	u32 freq;
@@ -72,7 +72,7 @@
  	u16 notify_capability;
  	u16 notify_interval;
  	u8 *notify_ie;
-@@ -3029,6 +3087,17 @@ static s32 brcmf_inform_single_bss(struc
+@@ -3032,6 +3090,17 @@ static s32 brcmf_inform_single_bss(struc
  		band = NL80211_BAND_5GHZ;
  
  	freq = ieee80211_channel_to_frequency(channel, band);
@@ -90,7 +90,7 @@
  	bss_data.chan = ieee80211_get_channel(wiphy, freq);
  	bss_data.scan_width = NL80211_BSS_CHAN_WIDTH_20;
  	bss_data.boottime_ns = ktime_to_ns(ktime_get_boottime());
-@@ -5515,6 +5584,7 @@ static struct cfg80211_ops brcmf_cfg8021
+@@ -5518,6 +5587,7 @@ static struct cfg80211_ops brcmf_cfg8021
  	.leave_ibss = brcmf_cfg80211_leave_ibss,
  	.get_station = brcmf_cfg80211_get_station,
  	.dump_station = brcmf_cfg80211_dump_station,

package/kernel/mac80211/patches/subsys/100-remove-cryptoapi-dependencies.patch

@@ -439,7 +439,7 @@
  }
  
  
-@@ -543,13 +542,13 @@ ieee80211_crypto_ccmp_decrypt(struct iee
+@@ -546,13 +545,13 @@ ieee80211_crypto_ccmp_decrypt(struct iee
  			u8 aad[2 * AES_BLOCK_SIZE];
  			u8 b_0[AES_BLOCK_SIZE];
  			/* hardware didn't decrypt/verify MIC */
@@ -455,7 +455,7 @@
  				return RX_DROP_UNUSABLE;
  		}
  
-@@ -646,7 +645,7 @@ static int gcmp_encrypt_skb(struct ieee8
+@@ -649,7 +648,7 @@ static int gcmp_encrypt_skb(struct ieee8
  	u8 *pos;
  	u8 pn[6];
  	u64 pn64;
@@ -464,7 +464,7 @@
  	u8 j_0[AES_BLOCK_SIZE];
  
  	if (info->control.hw_key &&
-@@ -703,8 +702,10 @@ static int gcmp_encrypt_skb(struct ieee8
+@@ -706,8 +705,10 @@ static int gcmp_encrypt_skb(struct ieee8
  
  	pos += IEEE80211_GCMP_HDR_LEN;
  	gcmp_special_blocks(skb, pn, j_0, aad);
@@ -477,7 +477,7 @@
  }
  
  ieee80211_tx_result
-@@ -1133,9 +1134,9 @@ ieee80211_crypto_aes_gmac_encrypt(struct
+@@ -1139,9 +1140,9 @@ ieee80211_crypto_aes_gmac_encrypt(struct
  	struct ieee80211_key *key = tx->key;
  	struct ieee80211_mmie_16 *mmie;
  	struct ieee80211_hdr *hdr;
@@ -489,7 +489,7 @@
  
  	if (WARN_ON(skb_queue_len(&tx->skbs) != 1))
  		return TX_DROP;
-@@ -1181,7 +1182,7 @@ ieee80211_crypto_aes_gmac_decrypt(struct
+@@ -1187,7 +1188,7 @@ ieee80211_crypto_aes_gmac_decrypt(struct
  	struct ieee80211_rx_status *status = IEEE80211_SKB_RXCB(skb);
  	struct ieee80211_key *key = rx->key;
  	struct ieee80211_mmie_16 *mmie;

package/kernel/mac80211/patches/subsys/110-mac80211_keep_keys_on_stop_ap.patch

@@ -2,7 +2,7 @@ Used for AP+STA support in OpenWrt - preserve AP mode keys across STA reconnects
 
 --- a/net/mac80211/cfg.c
 +++ b/net/mac80211/cfg.c
-@@ -1288,7 +1288,6 @@ static int ieee80211_stop_ap(struct wiph
+@@ -1310,7 +1310,6 @@ static int ieee80211_stop_ap(struct wiph
  	sdata->vif.bss_conf.ftmr_params = NULL;
  
  	__sta_info_flush(sdata, true);

package/kernel/mac80211/patches/subsys/210-ap_scan.patch

@@ -1,6 +1,6 @@
 --- a/net/mac80211/cfg.c
 +++ b/net/mac80211/cfg.c
-@@ -2444,7 +2444,7 @@ static int ieee80211_scan(struct wiphy *
+@@ -2463,7 +2463,7 @@ static int ieee80211_scan(struct wiphy *
  		 * the  frames sent while scanning on other channel will be
  		 * lost)
  		 */

package/kernel/mac80211/patches/subsys/300-cfg80211-support-immediate-reconnect-request-hint.patch

@@ -14,7 +14,7 @@ Signed-off-by: Johannes Berg <johannes.berg@intel.com>
 
 --- a/include/net/cfg80211.h
 +++ b/include/net/cfg80211.h
-@@ -6410,13 +6410,15 @@ void cfg80211_abandon_assoc(struct net_d
+@@ -6408,13 +6408,15 @@ void cfg80211_abandon_assoc(struct net_d
   * @dev: network device
   * @buf: 802.11 frame (header + body)
   * @len: length of the frame data
@@ -33,7 +33,7 @@ Signed-off-by: Johannes Berg <johannes.berg@intel.com>
   * cfg80211_rx_unprot_mlme_mgmt - notification of unprotected mlme mgmt frame
 --- a/net/mac80211/mlme.c
 +++ b/net/mac80211/mlme.c
-@@ -2734,7 +2734,7 @@ static void ieee80211_report_disconnect(
+@@ -2733,7 +2733,7 @@ static void ieee80211_report_disconnect(
  	};
  
  	if (tx)
@@ -42,7 +42,7 @@ Signed-off-by: Johannes Berg <johannes.berg@intel.com>
  	else
  		cfg80211_rx_mlme_mgmt(sdata->dev, buf, len);
  
-@@ -4724,7 +4724,8 @@ void ieee80211_mgd_quiesce(struct ieee80
+@@ -4734,7 +4734,8 @@ void ieee80211_mgd_quiesce(struct ieee80
  		if (ifmgd->auth_data)
  			ieee80211_destroy_auth_data(sdata, false);
  		cfg80211_tx_mlme_mgmt(sdata->dev, frame_buf,
@@ -152,7 +152,7 @@ Signed-off-by: Johannes Berg <johannes.berg@intel.com>
  };
  
  /* policy for the key attributes */
-@@ -15903,7 +15904,7 @@ static void nl80211_send_mlme_event(stru
+@@ -15914,7 +15915,7 @@ static void nl80211_send_mlme_event(stru
  				    const u8 *buf, size_t len,
  				    enum nl80211_commands cmd, gfp_t gfp,
  				    int uapsd_queues, const u8 *req_ies,
@@ -161,7 +161,7 @@ Signed-off-by: Johannes Berg <johannes.berg@intel.com>
  {
  	struct sk_buff *msg;
  	void *hdr;
-@@ -15925,6 +15926,9 @@ static void nl80211_send_mlme_event(stru
+@@ -15936,6 +15937,9 @@ static void nl80211_send_mlme_event(stru
  	     nla_put(msg, NL80211_ATTR_REQ_IE, req_ies_len, req_ies)))
  		goto nla_put_failure;
  
@@ -171,7 +171,7 @@ Signed-off-by: Johannes Berg <johannes.berg@intel.com>
  	if (uapsd_queues >= 0) {
  		struct nlattr *nla_wmm =
  			nla_nest_start_noflag(msg, NL80211_ATTR_STA_WME);
-@@ -15953,7 +15957,8 @@ void nl80211_send_rx_auth(struct cfg8021
+@@ -15964,7 +15968,8 @@ void nl80211_send_rx_auth(struct cfg8021
  			  size_t len, gfp_t gfp)
  {
  	nl80211_send_mlme_event(rdev, netdev, buf, len,
@@ -181,7 +181,7 @@ Signed-off-by: Johannes Berg <johannes.berg@intel.com>
  }
  
  void nl80211_send_rx_assoc(struct cfg80211_registered_device *rdev,
-@@ -15963,23 +15968,25 @@ void nl80211_send_rx_assoc(struct cfg802
+@@ -15974,23 +15979,25 @@ void nl80211_send_rx_assoc(struct cfg802
  {
  	nl80211_send_mlme_event(rdev, netdev, buf, len,
  				NL80211_CMD_ASSOCIATE, gfp, uapsd_queues,
@@ -212,7 +212,7 @@ Signed-off-by: Johannes Berg <johannes.berg@intel.com>
  }
  
  void cfg80211_rx_unprot_mlme_mgmt(struct net_device *dev, const u8 *buf,
-@@ -16010,7 +16017,7 @@ void cfg80211_rx_unprot_mlme_mgmt(struct
+@@ -16021,7 +16028,7 @@ void cfg80211_rx_unprot_mlme_mgmt(struct
  
  	trace_cfg80211_rx_unprot_mlme_mgmt(dev, buf, len);
  	nl80211_send_mlme_event(rdev, dev, buf, len, cmd, GFP_ATOMIC, -1,

package/kernel/mac80211/patches/subsys/301-mac80211-support-driver-based-disconnect-with-reconn.patch

@@ -47,7 +47,7 @@ Signed-off-by: Johannes Berg <johannes.berg@intel.com>
  	struct ieee80211_mgd_auth_data *auth_data;
 --- a/net/mac80211/mlme.c
 +++ b/net/mac80211/mlme.c
-@@ -2725,7 +2725,7 @@ EXPORT_SYMBOL(ieee80211_ap_probereq_get)
+@@ -2724,7 +2724,7 @@ EXPORT_SYMBOL(ieee80211_ap_probereq_get)
  
  static void ieee80211_report_disconnect(struct ieee80211_sub_if_data *sdata,
  					const u8 *buf, size_t len, bool tx,
@@ -56,7 +56,7 @@ Signed-off-by: Johannes Berg <johannes.berg@intel.com>
  {
  	struct ieee80211_event event = {
  		.type = MLME_EVENT,
-@@ -2734,7 +2734,7 @@ static void ieee80211_report_disconnect(
+@@ -2733,7 +2733,7 @@ static void ieee80211_report_disconnect(
  	};
  
  	if (tx)
@@ -65,7 +65,7 @@ Signed-off-by: Johannes Berg <johannes.berg@intel.com>
  	else
  		cfg80211_rx_mlme_mgmt(sdata->dev, buf, len);
  
-@@ -2756,13 +2756,18 @@ static void __ieee80211_disconnect(struc
+@@ -2755,13 +2755,18 @@ static void __ieee80211_disconnect(struc
  
  	tx = !sdata->csa_block_tx;
  
@@ -89,7 +89,7 @@ Signed-off-by: Johannes Berg <johannes.berg@intel.com>
  			       tx, frame_buf);
  	mutex_lock(&local->mtx);
  	sdata->vif.csa_active = false;
-@@ -2775,7 +2780,9 @@ static void __ieee80211_disconnect(struc
+@@ -2774,7 +2779,9 @@ static void __ieee80211_disconnect(struc
  	mutex_unlock(&local->mtx);
  
  	ieee80211_report_disconnect(sdata, frame_buf, sizeof(frame_buf), tx,
@@ -100,7 +100,7 @@ Signed-off-by: Johannes Berg <johannes.berg@intel.com>
  
  	sdata_unlock(sdata);
  }
-@@ -2794,6 +2801,13 @@ static void ieee80211_beacon_connection_
+@@ -2793,6 +2800,13 @@ static void ieee80211_beacon_connection_
  		sdata_info(sdata, "Connection to AP %pM lost\n",
  			   ifmgd->bssid);
  		__ieee80211_disconnect(sdata);
@@ -114,7 +114,7 @@ Signed-off-by: Johannes Berg <johannes.berg@intel.com>
  	} else {
  		ieee80211_mgd_probe_ap(sdata, true);
  	}
-@@ -2832,6 +2846,21 @@ void ieee80211_connection_loss(struct ie
+@@ -2831,6 +2845,21 @@ void ieee80211_connection_loss(struct ie
  }
  EXPORT_SYMBOL(ieee80211_connection_loss);
  
@@ -136,7 +136,7 @@ Signed-off-by: Johannes Berg <johannes.berg@intel.com>
  
  static void ieee80211_destroy_auth_data(struct ieee80211_sub_if_data *sdata,
  					bool assoc)
-@@ -3135,7 +3164,7 @@ static void ieee80211_rx_mgmt_deauth(str
+@@ -3141,7 +3170,7 @@ static void ieee80211_rx_mgmt_deauth(str
  		ieee80211_set_disassoc(sdata, 0, 0, false, NULL);
  
  		ieee80211_report_disconnect(sdata, (u8 *)mgmt, len, false,
@@ -145,7 +145,7 @@ Signed-off-by: Johannes Berg <johannes.berg@intel.com>
  		return;
  	}
  
-@@ -3184,7 +3213,8 @@ static void ieee80211_rx_mgmt_disassoc(s
+@@ -3190,7 +3219,8 @@ static void ieee80211_rx_mgmt_disassoc(s
  
  	ieee80211_set_disassoc(sdata, 0, 0, false, NULL);
  
@@ -155,7 +155,7 @@ Signed-off-by: Johannes Berg <johannes.berg@intel.com>
  }
  
  static void ieee80211_get_rates(struct ieee80211_supported_band *sband,
-@@ -4204,7 +4234,8 @@ static void ieee80211_rx_mgmt_beacon(str
+@@ -4214,7 +4244,8 @@ static void ieee80211_rx_mgmt_beacon(str
  				       true, deauth_buf);
  		ieee80211_report_disconnect(sdata, deauth_buf,
  					    sizeof(deauth_buf), true,
@@ -165,7 +165,7 @@ Signed-off-by: Johannes Berg <johannes.berg@intel.com>
  		return;
  	}
  
-@@ -4349,7 +4380,7 @@ static void ieee80211_sta_connection_los
+@@ -4359,7 +4390,7 @@ static void ieee80211_sta_connection_los
  			       tx, frame_buf);
  
  	ieee80211_report_disconnect(sdata, frame_buf, sizeof(frame_buf), true,
@@ -174,7 +174,7 @@ Signed-off-by: Johannes Berg <johannes.berg@intel.com>
  }
  
  static int ieee80211_auth(struct ieee80211_sub_if_data *sdata)
-@@ -5439,7 +5470,8 @@ int ieee80211_mgd_auth(struct ieee80211_
+@@ -5449,7 +5480,8 @@ int ieee80211_mgd_auth(struct ieee80211_
  
  		ieee80211_report_disconnect(sdata, frame_buf,
  					    sizeof(frame_buf), true,
@@ -184,7 +184,7 @@ Signed-off-by: Johannes Berg <johannes.berg@intel.com>
  	}
  
  	sdata_info(sdata, "authenticate with %pM\n", req->bss->bssid);
-@@ -5511,7 +5543,8 @@ int ieee80211_mgd_assoc(struct ieee80211
+@@ -5521,7 +5553,8 @@ int ieee80211_mgd_assoc(struct ieee80211
  
  		ieee80211_report_disconnect(sdata, frame_buf,
  					    sizeof(frame_buf), true,
@@ -194,7 +194,7 @@ Signed-off-by: Johannes Berg <johannes.berg@intel.com>
  	}
  
  	if (ifmgd->auth_data && !ifmgd->auth_data->done) {
-@@ -5810,7 +5843,7 @@ int ieee80211_mgd_deauth(struct ieee8021
+@@ -5824,7 +5857,7 @@ int ieee80211_mgd_deauth(struct ieee8021
  		ieee80211_destroy_auth_data(sdata, false);
  		ieee80211_report_disconnect(sdata, frame_buf,
  					    sizeof(frame_buf), true,
@@ -203,7 +203,7 @@ Signed-off-by: Johannes Berg <johannes.berg@intel.com>
  
  		return 0;
  	}
-@@ -5830,7 +5863,7 @@ int ieee80211_mgd_deauth(struct ieee8021
+@@ -5844,7 +5877,7 @@ int ieee80211_mgd_deauth(struct ieee8021
  		ieee80211_destroy_assoc_data(sdata, false, true);
  		ieee80211_report_disconnect(sdata, frame_buf,
  					    sizeof(frame_buf), true,
@@ -212,7 +212,7 @@ Signed-off-by: Johannes Berg <johannes.berg@intel.com>
  		return 0;
  	}
  
-@@ -5845,7 +5878,7 @@ int ieee80211_mgd_deauth(struct ieee8021
+@@ -5859,7 +5892,7 @@ int ieee80211_mgd_deauth(struct ieee8021
  				       req->reason_code, tx, frame_buf);
  		ieee80211_report_disconnect(sdata, frame_buf,
  					    sizeof(frame_buf), true,
@@ -221,7 +221,7 @@ Signed-off-by: Johannes Berg <johannes.berg@intel.com>
  		return 0;
  	}
  
-@@ -5878,7 +5911,7 @@ int ieee80211_mgd_disassoc(struct ieee80
+@@ -5892,7 +5925,7 @@ int ieee80211_mgd_disassoc(struct ieee80
  			       frame_buf);
  
  	ieee80211_report_disconnect(sdata, frame_buf, sizeof(frame_buf), true,

package/kernel/mac80211/patches/subsys/302-cfg80211-Add-support-to-configure-SAE-PWE-value-to-d.patch

@@ -59,7 +59,7 @@ Signed-off-by: Johannes Berg <johannes.berg@intel.com>
  	[NL80211_ATTR_RECONNECT_REQUESTED] = { .type = NLA_REJECT },
  };
  
-@@ -9764,6 +9767,12 @@ static int nl80211_crypto_settings(struc
+@@ -9763,6 +9766,12 @@ static int nl80211_crypto_settings(struc
  			nla_len(info->attrs[NL80211_ATTR_SAE_PASSWORD]);
  	}
  

package/kernel/mac80211/patches/subsys/306-mac80211-set-up-the-fwd_skb-dev-for-mesh-forwarding.patch

@@ -0,0 +1,62 @@
+From: Xing Song <xing.song@mediatek.com>
+Date: Tue, 23 Nov 2021 11:31:23 +0800
+Subject: [PATCH] mac80211: set up the fwd_skb->dev for mesh forwarding
+
+Mesh forwarding requires that the fwd_skb->dev is set up for TX handling,
+otherwise the following warning will be generated, so set it up for the
+pending frames.
+
+[   72.835674 ] WARNING: CPU: 0 PID: 1193 at __skb_flow_dissect+0x284/0x1298
+[   72.842379 ] Modules linked in: ksmbd pppoe ppp_async l2tp_ppp ...
+[   72.962020 ] CPU: 0 PID: 1193 Comm: kworker/u5:1 Tainted: P S 5.4.137 #0
+[   72.969938 ] Hardware name: MT7622_MT7531 RFB (DT)
+[   72.974659 ] Workqueue: napi_workq napi_workfn
+[   72.979025 ] pstate: 60000005 (nZCv daif -PAN -UAO)
+[   72.983822 ] pc : __skb_flow_dissect+0x284/0x1298
+[   72.988444 ] lr : __skb_flow_dissect+0x54/0x1298
+[   72.992977 ] sp : ffffffc010c738c0
+[   72.996293 ] x29: ffffffc010c738c0 x28: 0000000000000000
+[   73.001615 ] x27: 000000000000ffc2 x26: ffffff800c2eb818
+[   73.006937 ] x25: ffffffc010a987c8 x24: 00000000000000ce
+[   73.012259 ] x23: ffffffc010c73a28 x22: ffffffc010a99c60
+[   73.017581 ] x21: 000000000000ffc2 x20: ffffff80094da800
+[   73.022903 ] x19: 0000000000000000 x18: 0000000000000014
+[   73.028226 ] x17: 00000000084d16af x16: 00000000d1fc0bab
+[   73.033548 ] x15: 00000000715f6034 x14: 000000009dbdd301
+[   73.038870 ] x13: 00000000ea4dcbc3 x12: 0000000000000040
+[   73.044192 ] x11: 000000000eb00ff0 x10: 0000000000000000
+[   73.049513 ] x9 : 000000000eb00073 x8 : 0000000000000088
+[   73.054834 ] x7 : 0000000000000000 x6 : 0000000000000001
+[   73.060155 ] x5 : 0000000000000000 x4 : 0000000000000000
+[   73.065476 ] x3 : ffffffc010a98000 x2 : 0000000000000000
+[   73.070797 ] x1 : 0000000000000000 x0 : 0000000000000000
+[   73.076120 ] Call trace:
+[   73.078572 ]  __skb_flow_dissect+0x284/0x1298
+[   73.082846 ]  __skb_get_hash+0x7c/0x228
+[   73.086629 ]  ieee80211_txq_may_transmit+0x7fc/0x17b8 [mac80211]
+[   73.092564 ]  ieee80211_tx_prepare_skb+0x20c/0x268 [mac80211]
+[   73.098238 ]  ieee80211_tx_pending+0x144/0x330 [mac80211]
+[   73.103560 ]  tasklet_action_common.isra.16+0xb4/0x158
+[   73.108618 ]  tasklet_action+0x2c/0x38
+[   73.112286 ]  __do_softirq+0x168/0x3b0
+[   73.115954 ]  do_softirq.part.15+0x88/0x98
+[   73.119969 ]  __local_bh_enable_ip+0xb0/0xb8
+[   73.124156 ]  napi_workfn+0x58/0x90
+[   73.127565 ]  process_one_work+0x20c/0x478
+[   73.131579 ]  worker_thread+0x50/0x4f0
+[   73.135249 ]  kthread+0x124/0x128
+[   73.138484 ]  ret_from_fork+0x10/0x1c
+
+Signed-off-by: Xing Song <xing.song@mediatek.com>
+---
+
+--- a/net/mac80211/rx.c
++++ b/net/mac80211/rx.c
+@@ -2941,6 +2941,7 @@ ieee80211_rx_h_mesh_fwding(struct ieee80
+ 	if (!fwd_skb)
+ 		goto out;
+ 
++	fwd_skb->dev = sdata->dev;
+ 	fwd_hdr =  (struct ieee80211_hdr *) fwd_skb->data;
+ 	fwd_hdr->frame_control &= ~cpu_to_le16(IEEE80211_FCTL_RETRY);
+ 	info = IEEE80211_SKB_CB(fwd_skb);

package/kernel/mac80211/patches/subsys/311-net-fq_impl-drop-get_default_func-move-default-flow-.patch

@@ -132,7 +132,7 @@ Signed-off-by: Felix Fietkau <nbd@nbd.name>
  	codel_vars_init(&txqi->def_cvars);
  	codel_stats_init(&txqi->cstats);
  	__skb_queue_head_init(&txqi->frags);
-@@ -3310,8 +3297,7 @@ static bool ieee80211_amsdu_aggregate(st
+@@ -3336,8 +3323,7 @@ static bool ieee80211_amsdu_aggregate(st
  	 */
  
  	tin = &txqi->tin;

package/kernel/mac80211/patches/subsys/312-net-fq_impl-do-not-maintain-a-backlog-sorted-list-of.patch

@@ -306,7 +306,7 @@ Signed-off-by: Felix Fietkau <nbd@nbd.name>
  #endif
 --- a/net/mac80211/tx.c
 +++ b/net/mac80211/tx.c
-@@ -3364,8 +3364,6 @@ out_recalc:
+@@ -3398,8 +3398,6 @@ out_recalc:
  	if (head->len != orig_len) {
  		flow->backlog += head->len - orig_len;
  		tin->backlog_bytes += head->len - orig_len;

package/kernel/mac80211/patches/subsys/315-mac80211-add-rx-decapsulation-offload-support.patch

@@ -109,7 +109,7 @@ Signed-off-by: Felix Fietkau <nbd@nbd.name>
  
 --- a/net/mac80211/driver-ops.h
 +++ b/net/mac80211/driver-ops.h
-@@ -1413,4 +1413,20 @@ static inline void drv_sta_set_4addr(str
+@@ -1416,4 +1416,20 @@ static inline void drv_sta_set_4addr(str
  	trace_drv_return_void(local);
  }
  
@@ -132,7 +132,7 @@ Signed-off-by: Felix Fietkau <nbd@nbd.name>
  #endif /* __MAC80211_DRIVER_OPS */
 --- a/net/mac80211/iface.c
 +++ b/net/mac80211/iface.c
-@@ -835,7 +835,7 @@ static const struct net_device_ops ieee8
+@@ -856,7 +856,7 @@ static const struct net_device_ops ieee8
  
  };
  
@@ -141,7 +141,7 @@ Signed-off-by: Felix Fietkau <nbd@nbd.name>
  {
  	switch (iftype) {
  	/* P2P GO and client are mapped to AP/STATION types */
-@@ -855,7 +855,7 @@ static bool ieee80211_set_sdata_offload_
+@@ -876,7 +876,7 @@ static bool ieee80211_set_sdata_offload_
  	flags = sdata->vif.offload_flags;
  
  	if (ieee80211_hw_check(&local->hw, SUPPORTS_TX_ENCAP_OFFLOAD) &&
@@ -150,7 +150,7 @@ Signed-off-by: Felix Fietkau <nbd@nbd.name>
  		flags |= IEEE80211_OFFLOAD_ENCAP_ENABLED;
  
  		if (!ieee80211_hw_check(&local->hw, SUPPORTS_TX_FRAG) &&
-@@ -868,10 +868,21 @@ static bool ieee80211_set_sdata_offload_
+@@ -889,10 +889,21 @@ static bool ieee80211_set_sdata_offload_
  		flags &= ~IEEE80211_OFFLOAD_ENCAP_ENABLED;
  	}
  
@@ -172,7 +172,7 @@ Signed-off-by: Felix Fietkau <nbd@nbd.name>
  	return true;
  }
  
-@@ -889,7 +900,7 @@ static void ieee80211_set_vif_encap_ops(
+@@ -910,7 +921,7 @@ static void ieee80211_set_vif_encap_ops(
  	}
  
  	if (!ieee80211_hw_check(&local->hw, SUPPORTS_TX_ENCAP_OFFLOAD) ||

package/kernel/mac80211/patches/subsys/316-mac80211-enable-QoS-support-for-nl80211-ctrl-port.patch

@@ -69,7 +69,7 @@ Signed-off-by: Johannes Berg <johannes.berg@intel.com>
  			tx->sta = sta_info_get_bss(sdata, hdr->addr1);
  		}
  		if (!tx->sta && !is_multicast_ether_addr(hdr->addr1))
-@@ -5421,6 +5419,7 @@ int ieee80211_tx_control_port(struct wip
+@@ -5455,6 +5453,7 @@ int ieee80211_tx_control_port(struct wip
  {
  	struct ieee80211_sub_if_data *sdata = IEEE80211_DEV_TO_SUB_IF(dev);
  	struct ieee80211_local *local = sdata->local;
@@ -77,7 +77,7 @@ Signed-off-by: Johannes Berg <johannes.berg@intel.com>
  	struct sk_buff *skb;
  	struct ethhdr *ehdr;
  	u32 ctrl_flags = 0;
-@@ -5443,8 +5442,7 @@ int ieee80211_tx_control_port(struct wip
+@@ -5477,8 +5476,7 @@ int ieee80211_tx_control_port(struct wip
  	if (cookie)
  		ctrl_flags |= IEEE80211_TX_CTL_REQ_TX_STATUS;
  
@@ -87,7 +87,7 @@ Signed-off-by: Johannes Berg <johannes.berg@intel.com>
  
  	skb = dev_alloc_skb(local->hw.extra_tx_headroom +
  			    sizeof(struct ethhdr) + len);
-@@ -5461,10 +5459,25 @@ int ieee80211_tx_control_port(struct wip
+@@ -5495,10 +5493,25 @@ int ieee80211_tx_control_port(struct wip
  	ehdr->h_proto = proto;
  
  	skb->dev = dev;

package/kernel/mac80211/patches/subsys/371-mac80211-don-t-apply-flow-control-on-management-fram.patch

@@ -48,7 +48,7 @@ Signed-off-by: Johannes Berg <johannes.berg@intel.com>
  	spin_unlock_bh(&fq->lock);
  }
  
-@@ -3844,6 +3853,9 @@ bool ieee80211_txq_airtime_check(struct
+@@ -3878,6 +3887,9 @@ bool ieee80211_txq_airtime_check(struct
  	if (!txq->sta)
  		return true;
  

package/kernel/mac80211/patches/subsys/372-mac80211-set-sk_pacing_shift-for-802.3-txpath.patch

@@ -9,7 +9,7 @@ Signed-off-by: Lorenzo Bianconi <lorenzo@kernel.org>
 
 --- a/net/mac80211/tx.c
 +++ b/net/mac80211/tx.c
-@@ -4171,6 +4171,9 @@ static bool ieee80211_tx_8023(struct iee
+@@ -4205,6 +4205,9 @@ static bool ieee80211_tx_8023(struct iee
  	unsigned long flags;
  	int q = info->hw_queue;
  

package/kernel/mac80211/patches/subsys/373-mac80211-support-Rx-timestamp-calculation-for-all-pr.patch

@@ -33,7 +33,7 @@ Signed-off-by: Johannes Berg <johannes.berg@intel.com>
  void ieee80211_vif_inc_num_mcast(struct ieee80211_sub_if_data *sdata);
 --- a/net/mac80211/util.c
 +++ b/net/mac80211/util.c
-@@ -3665,6 +3665,7 @@ u64 ieee80211_calculate_rx_timestamp(str
+@@ -3670,6 +3670,7 @@ u64 ieee80211_calculate_rx_timestamp(str
  	u64 ts = status->mactime;
  	struct rate_info ri;
  	u16 rate;
@@ -41,7 +41,7 @@ Signed-off-by: Johannes Berg <johannes.berg@intel.com>
  
  	if (WARN_ON(!ieee80211_have_rx_timestamp(status)))
  		return 0;
-@@ -3675,11 +3676,58 @@ u64 ieee80211_calculate_rx_timestamp(str
+@@ -3680,11 +3681,58 @@ u64 ieee80211_calculate_rx_timestamp(str
  
  	/* Fill cfg80211 rate info */
  	switch (status->encoding) {
@@ -100,7 +100,7 @@ Signed-off-by: Johannes Berg <johannes.berg@intel.com>
  		break;
  	case RX_ENC_VHT:
  		ri.flags |= RATE_INFO_FLAGS_VHT_MCS;
-@@ -3687,6 +3735,23 @@ u64 ieee80211_calculate_rx_timestamp(str
+@@ -3692,6 +3740,23 @@ u64 ieee80211_calculate_rx_timestamp(str
  		ri.nss = status->nss;
  		if (status->enc_flags & RX_ENC_FLAG_SHORT_GI)
  			ri.flags |= RATE_INFO_FLAGS_SHORT_GI;
@@ -124,7 +124,7 @@ Signed-off-by: Johannes Berg <johannes.berg@intel.com>
  		break;
  	default:
  		WARN_ON(1);
-@@ -3710,7 +3775,6 @@ u64 ieee80211_calculate_rx_timestamp(str
+@@ -3715,7 +3780,6 @@ u64 ieee80211_calculate_rx_timestamp(str
  		ri.legacy = DIV_ROUND_UP(bitrate, (1 << shift));
  
  		if (status->flag & RX_FLAG_MACTIME_PLCP_START) {

package/kernel/mac80211/patches/subsys/374-mac80211-move-A-MPDU-session-check-from-minstrel_ht-.patch

@@ -25,7 +25,7 @@ Signed-off-by: Felix Fietkau <nbd@nbd.name>
  struct rate_control_ops {
 --- a/net/mac80211/rc80211_minstrel_ht.c
 +++ b/net/mac80211/rc80211_minstrel_ht.c
-@@ -1153,29 +1153,6 @@ minstrel_downgrade_prob_rate(struct mins
+@@ -1144,29 +1144,6 @@ minstrel_downgrade_prob_rate(struct mins
  }
  
  static void
@@ -55,7 +55,7 @@ Signed-off-by: Felix Fietkau <nbd@nbd.name>
  minstrel_ht_tx_status(void *priv, struct ieee80211_supported_band *sband,
                        void *priv_sta, struct ieee80211_tx_status *st)
  {
-@@ -1477,10 +1454,6 @@ minstrel_ht_get_rate(void *priv, struct
+@@ -1461,10 +1438,6 @@ minstrel_ht_get_rate(void *priv, struct
  	struct minstrel_priv *mp = priv;
  	u16 sample_idx;
  
@@ -66,7 +66,7 @@ Signed-off-by: Felix Fietkau <nbd@nbd.name>
  	info->flags |= mi->tx_flags;
  
  #ifdef CPTCFG_MAC80211_DEBUGFS
-@@ -1894,6 +1867,7 @@ static u32 minstrel_ht_get_expected_thro
+@@ -1870,6 +1843,7 @@ static u32 minstrel_ht_get_expected_thro
  
  static const struct rate_control_ops mac80211_minstrel_ht = {
  	.name = "minstrel_ht",
@@ -76,7 +76,7 @@ Signed-off-by: Felix Fietkau <nbd@nbd.name>
  	.rate_init = minstrel_ht_rate_init,
 --- a/net/mac80211/tx.c
 +++ b/net/mac80211/tx.c
-@@ -3931,6 +3931,29 @@ void ieee80211_txq_schedule_start(struct
+@@ -3965,6 +3965,29 @@ void ieee80211_txq_schedule_start(struct
  }
  EXPORT_SYMBOL(ieee80211_txq_schedule_start);
  
@@ -106,7 +106,7 @@ Signed-off-by: Felix Fietkau <nbd@nbd.name>
  void __ieee80211_subif_start_xmit(struct sk_buff *skb,
  				  struct net_device *dev,
  				  u32 info_flags,
-@@ -3961,6 +3984,8 @@ void __ieee80211_subif_start_xmit(struct
+@@ -3995,6 +4018,8 @@ void __ieee80211_subif_start_xmit(struct
  		skb_get_hash(skb);
  	}
  
@@ -115,7 +115,7 @@ Signed-off-by: Felix Fietkau <nbd@nbd.name>
  	if (sta) {
  		struct ieee80211_fast_tx *fast_tx;
  
-@@ -4224,6 +4249,8 @@ static void ieee80211_8023_xmit(struct i
+@@ -4258,6 +4283,8 @@ static void ieee80211_8023_xmit(struct i
  
  	memset(info, 0, sizeof(*info));
  

package/kernel/mac80211/patches/subsys/375-mac80211-call-ieee80211_tx_h_rate_ctrl-when-dequeue.patch

@@ -29,7 +29,7 @@ Signed-off-by: Ryder Lee <ryder.lee@mediatek.com>
  	CALL_TXH(ieee80211_tx_h_michael_mic_add);
  	CALL_TXH(ieee80211_tx_h_sequence);
  	CALL_TXH(ieee80211_tx_h_fragment);
-@@ -3382,15 +3383,21 @@ out:
+@@ -3416,15 +3417,21 @@ out:
   * Can be called while the sta lock is held. Anything that can cause packets to
   * be generated will cause deadlock!
   */
@@ -55,7 +55,7 @@ Signed-off-by: Ryder Lee <ryder.lee@mediatek.com>
  	if (key)
  		info->control.hw_key = &key->conf;
  
-@@ -3439,6 +3446,8 @@ static void ieee80211_xmit_fast_finish(s
+@@ -3473,6 +3480,8 @@ static void ieee80211_xmit_fast_finish(s
  			break;
  		}
  	}
@@ -64,7 +64,7 @@ Signed-off-by: Ryder Lee <ryder.lee@mediatek.com>
  }
  
  static bool ieee80211_xmit_fast(struct ieee80211_sub_if_data *sdata,
-@@ -3542,24 +3551,17 @@ static bool ieee80211_xmit_fast(struct i
+@@ -3576,24 +3585,17 @@ static bool ieee80211_xmit_fast(struct i
  	tx.sta = sta;
  	tx.key = fast_tx->key;
  
@@ -97,7 +97,7 @@ Signed-off-by: Ryder Lee <ryder.lee@mediatek.com>
  
  	if (sdata->vif.type == NL80211_IFTYPE_AP_VLAN)
  		sdata = container_of(sdata->bss,
-@@ -3670,8 +3672,12 @@ begin:
+@@ -3704,8 +3706,12 @@ begin:
  		    (tx.key->conf.flags & IEEE80211_KEY_FLAG_GENERATE_IV))
  			pn_offs = ieee80211_hdrlen(hdr->frame_control);
  

package/kernel/mac80211/patches/subsys/376-mac80211-add-rate-control-support-for-encap-offload.patch

@@ -7,24 +7,6 @@ The software rate control cannot deal with encap offload, so fix it.
 Signed-off-by: Ryder Lee <ryder.lee@mediatek.com>
 ---
 
---- a/net/mac80211/ieee80211_i.h
-+++ b/net/mac80211/ieee80211_i.h
-@@ -2024,6 +2024,15 @@ static inline void ieee80211_tx_skb(stru
- 	ieee80211_tx_skb_tid(sdata, skb, 7);
- }
- 
-+static inline bool ieee80211_is_tx_data(struct sk_buff *skb)
-+{
-+	struct ieee80211_hdr *hdr = (struct ieee80211_hdr *)skb->data;
-+	struct ieee80211_tx_info *info = IEEE80211_SKB_CB(skb);
-+
-+	return info->flags & IEEE80211_TX_CTL_HW_80211_ENCAP ||
-+	       ieee80211_is_data(hdr->frame_control);
-+}
-+
- u32 ieee802_11_parse_elems_crc(const u8 *start, size_t len, bool action,
- 			       struct ieee802_11_elems *elems,
- 			       u64 filter, u32 crc, u8 *transmitter_bssid,
 --- a/net/mac80211/rate.c
 +++ b/net/mac80211/rate.c
 @@ -297,15 +297,11 @@ void ieee80211_check_rate_mask(struct ie
@@ -99,7 +81,7 @@ Signed-off-by: Ryder Lee <ryder.lee@mediatek.com>
  			tx->sta->tx_stats.last_rate = txrc.reported_rate;
  	} else if (tx->sta)
  		tx->sta->tx_stats.last_rate = txrc.reported_rate;
-@@ -3660,8 +3662,16 @@ begin:
+@@ -3694,8 +3696,16 @@ begin:
  	else
  		info->flags &= ~IEEE80211_TX_CTL_AMPDU;
  
@@ -117,3 +99,28 @@ Signed-off-by: Ryder Lee <ryder.lee@mediatek.com>
  
  	if (info->control.flags & IEEE80211_TX_CTRL_FAST_XMIT) {
  		struct sta_info *sta = container_of(txq->sta, struct sta_info,
+--- a/include/net/mac80211.h
++++ b/include/net/mac80211.h
+@@ -6733,4 +6733,22 @@ struct sk_buff *ieee80211_get_fils_disco
+ struct sk_buff *
+ ieee80211_get_unsol_bcast_probe_resp_tmpl(struct ieee80211_hw *hw,
+ 					  struct ieee80211_vif *vif);
++
++/**
++ * ieee80211_is_tx_data - check if frame is a data frame
++ *
++ * The function is used to check if a frame is a data frame. Frames with
++ * hardware encapsulation enabled are data frames.
++ *
++ * @skb: the frame to be transmitted.
++ */
++static inline bool ieee80211_is_tx_data(struct sk_buff *skb)
++{
++	struct ieee80211_tx_info *info = IEEE80211_SKB_CB(skb);
++	struct ieee80211_hdr *hdr = (void *) skb->data;
++
++	return info->flags & IEEE80211_TX_CTL_HW_80211_ENCAP ||
++	       ieee80211_is_data(hdr->frame_control);
++}
++
+ #endif /* MAC80211_H */

package/kernel/mac80211/patches/subsys/377-mac80211-minstrel_ht-fix-sample-time-check.patch

@@ -12,7 +12,7 @@ Signed-off-by: Felix Fietkau <nbd@nbd.name>
 
 --- a/net/mac80211/rc80211_minstrel_ht.c
 +++ b/net/mac80211/rc80211_minstrel_ht.c
-@@ -1466,7 +1466,7 @@ minstrel_ht_get_rate(void *priv, struct
+@@ -1450,7 +1450,7 @@ minstrel_ht_get_rate(void *priv, struct
  	    (info->control.flags & IEEE80211_TX_CTRL_PORT_CTRL_PROTO))
  		return;
  

package/kernel/mac80211/patches/subsys/378-mac80211-remove-iwlwifi-specific-workaround-that-bro.patch

@@ -1,51 +0,0 @@
-From: Felix Fietkau <nbd@nbd.name>
-Date: Sat, 19 Jun 2021 12:10:14 +0200
-Subject: [PATCH] mac80211: remove iwlwifi specific workaround that broke sta
- NDP tx
-
-Sending nulldata packets is important for sw AP link probing and detecting
-4-address mode links. The checks that dropped these packets were apparently
-added to work around an iwlwifi firmware bug with multi-TID aggregation.
-
-Fixes: 41cbb0f5a295 ("mac80211: add support for HE")
-Cc: stable@vger.kernel.org
-Signed-off-by: Felix Fietkau <nbd@nbd.name>
----
-
---- a/drivers/net/wireless/intel/iwlwifi/mvm/tx.c
-+++ b/drivers/net/wireless/intel/iwlwifi/mvm/tx.c
-@@ -1085,6 +1085,9 @@ static int iwl_mvm_tx_mpdu(struct iwl_mv
- 	if (WARN_ON_ONCE(mvmsta->sta_id == IWL_MVM_INVALID_STA))
- 		return -1;
- 
-+	if (unlikely(ieee80211_is_any_nullfunc(fc)) && sta->he_cap.has_he)
-+		return -1;
-+
- 	if (unlikely(ieee80211_is_probe_resp(fc)))
- 		iwl_mvm_probe_resp_set_noa(mvm, skb);
- 
---- a/net/mac80211/mlme.c
-+++ b/net/mac80211/mlme.c
-@@ -1094,11 +1094,6 @@ void ieee80211_send_nullfunc(struct ieee
- 	struct ieee80211_hdr_3addr *nullfunc;
- 	struct ieee80211_if_managed *ifmgd = &sdata->u.mgd;
- 
--	/* Don't send NDPs when STA is connected HE */
--	if (sdata->vif.type == NL80211_IFTYPE_STATION &&
--	    !(ifmgd->flags & IEEE80211_STA_DISABLE_HE))
--		return;
--
- 	skb = ieee80211_nullfunc_get(&local->hw, &sdata->vif,
- 		!ieee80211_hw_check(&local->hw, DOESNT_SUPPORT_QOS_NDP));
- 	if (!skb)
-@@ -1130,10 +1125,6 @@ static void ieee80211_send_4addr_nullfun
- 	if (WARN_ON(sdata->vif.type != NL80211_IFTYPE_STATION))
- 		return;
- 
--	/* Don't send NDPs when connected HE */
--	if (!(sdata->u.mgd.flags & IEEE80211_STA_DISABLE_HE))
--		return;
--
- 	skb = dev_alloc_skb(local->hw.extra_tx_headroom + 30);
- 	if (!skb)
- 		return;

package/kernel/mac80211/patches/subsys/379-mac80211-fix-starting-aggregation-sessions-on-mesh-i.patch

@@ -80,7 +80,7 @@ Signed-off-by: Felix Fietkau <nbd@nbd.name>
  		if (tid_tx) {
  			bool queued;
  
-@@ -3947,29 +3977,6 @@ void ieee80211_txq_schedule_start(struct
+@@ -3981,29 +4011,6 @@ void ieee80211_txq_schedule_start(struct
  }
  EXPORT_SYMBOL(ieee80211_txq_schedule_start);
  

package/kernel/mac80211/patches/subsys/380-mac80211-introduce-aql_enable-node-in-debugfs.patch

@@ -0,0 +1,111 @@
+From: Lorenzo Bianconi <lorenzo@kernel.org>
+Date: Sat, 9 Jan 2021 18:57:51 +0100
+Subject: [PATCH] mac80211: introduce aql_enable node in debugfs
+
+Introduce aql_enable node in debugfs in order to enable/disable aql.
+This is useful for debugging purpose.
+
+Signed-off-by: Lorenzo Bianconi <lorenzo@kernel.org>
+Link: https://lore.kernel.org/r/e7a934d5d84e4796c4f97ea5de4e66c824296b07.1610214851.git.lorenzo@kernel.org
+Signed-off-by: Johannes Berg <johannes.berg@intel.com>
+---
+
+--- a/net/mac80211/debugfs.c
++++ b/net/mac80211/debugfs.c
+@@ -281,6 +281,56 @@ static const struct file_operations aql_
+ 	.llseek = default_llseek,
+ };
+ 
++static ssize_t aql_enable_read(struct file *file, char __user *user_buf,
++			       size_t count, loff_t *ppos)
++{
++	char buf[3];
++	int len;
++
++	len = scnprintf(buf, sizeof(buf), "%d\n",
++			!static_key_false(&aql_disable.key));
++
++	return simple_read_from_buffer(user_buf, count, ppos, buf, len);
++}
++
++static ssize_t aql_enable_write(struct file *file, const char __user *user_buf,
++				size_t count, loff_t *ppos)
++{
++	bool aql_disabled = static_key_false(&aql_disable.key);
++	char buf[3];
++	size_t len;
++
++	if (count > sizeof(buf))
++		return -EINVAL;
++
++	if (copy_from_user(buf, user_buf, count))
++		return -EFAULT;
++
++	buf[sizeof(buf) - 1] = '\0';
++	len = strlen(buf);
++	if (len > 0 && buf[len - 1] == '\n')
++		buf[len - 1] = 0;
++
++	if (buf[0] == '0' && buf[1] == '\0') {
++		if (!aql_disabled)
++			static_branch_inc(&aql_disable);
++	} else if (buf[0] == '1' && buf[1] == '\0') {
++		if (aql_disabled)
++			static_branch_dec(&aql_disable);
++	} else {
++		return -EINVAL;
++	}
++
++	return count;
++}
++
++static const struct file_operations aql_enable_ops = {
++	.write = aql_enable_write,
++	.read = aql_enable_read,
++	.open = simple_open,
++	.llseek = default_llseek,
++};
++
+ static ssize_t force_tx_status_read(struct file *file,
+ 				    char __user *user_buf,
+ 				    size_t count,
+@@ -569,6 +619,7 @@ void debugfs_hw_add(struct ieee80211_loc
+ 	DEBUGFS_ADD(power);
+ 	DEBUGFS_ADD(hw_conf);
+ 	DEBUGFS_ADD_MODE(force_tx_status, 0600);
++	DEBUGFS_ADD_MODE(aql_enable, 0600);
+ 
+ 	if (local->ops->wake_tx_queue)
+ 		DEBUGFS_ADD_MODE(aqm, 0600);
+--- a/net/mac80211/ieee80211_i.h
++++ b/net/mac80211/ieee80211_i.h
+@@ -1140,6 +1140,8 @@ enum mac80211_scan_state {
+ 	SCAN_ABORT,
+ };
+ 
++DECLARE_STATIC_KEY_FALSE(aql_disable);
++
+ struct ieee80211_local {
+ 	/* embed the driver visible part.
+ 	 * don't cast (use the static inlines below), but we keep
+--- a/net/mac80211/tx.c
++++ b/net/mac80211/tx.c
+@@ -3921,6 +3921,8 @@ void __ieee80211_schedule_txq(struct iee
+ }
+ EXPORT_SYMBOL(__ieee80211_schedule_txq);
+ 
++DEFINE_STATIC_KEY_FALSE(aql_disable);
++
+ bool ieee80211_txq_airtime_check(struct ieee80211_hw *hw,
+ 				 struct ieee80211_txq *txq)
+ {
+@@ -3930,6 +3932,9 @@ bool ieee80211_txq_airtime_check(struct
+ 	if (!wiphy_ext_feature_isset(local->hw.wiphy, NL80211_EXT_FEATURE_AQL))
+ 		return true;
+ 
++	if (static_branch_unlikely(&aql_disable))
++		return true;
++
+ 	if (!txq->sta)
+ 		return true;
+ 

package/kernel/mac80211/patches/subsys/381-mac80211-rearrange-struct-txq_info-for-fewer-holes.patch

@@ -0,0 +1,39 @@
+From: Johannes Berg <johannes.berg@intel.com>
+Date: Fri, 18 Jun 2021 13:41:44 +0300
+Subject: [PATCH] mac80211: rearrange struct txq_info for fewer holes
+
+We can slightly decrease the size of struct txq_info by
+rearranging some fields for fewer holes, so do that.
+
+Signed-off-by: Johannes Berg <johannes.berg@intel.com>
+Signed-off-by: Luca Coelho <luciano.coelho@intel.com>
+Link: https://lore.kernel.org/r/iwlwifi.20210618133832.1bf019a1fe2e.Ib54622b8d6dc1a9a7dc484e573c073119450538b@changeid
+Signed-off-by: Johannes Berg <johannes.berg@intel.com>
+---
+
+--- a/net/mac80211/ieee80211_i.h
++++ b/net/mac80211/ieee80211_i.h
+@@ -5,7 +5,7 @@
+  * Copyright 2006-2007	Jiri Benc <jbenc@suse.cz>
+  * Copyright 2007-2010	Johannes Berg <johannes@sipsolutions.net>
+  * Copyright 2013-2015  Intel Mobile Communications GmbH
+- * Copyright (C) 2018-2020 Intel Corporation
++ * Copyright (C) 2018-2021 Intel Corporation
+  */
+ 
+ #ifndef IEEE80211_I_H
+@@ -848,9 +848,12 @@ struct txq_info {
+ 	struct fq_tin tin;
+ 	struct codel_vars def_cvars;
+ 	struct codel_stats cstats;
+-	struct sk_buff_head frags;
+-	struct list_head schedule_order;
++
+ 	u16 schedule_round;
++	struct list_head schedule_order;
++
++	struct sk_buff_head frags;
++
+ 	unsigned long flags;
+ 
+ 	/* keep last! */

package/kernel/mac80211/patches/subsys/384-nl80211-add-common-API-to-configure-SAR-power-limita.patch

@@ -0,0 +1,398 @@
+From: Carl Huang <cjhuang@codeaurora.org>
+Date: Thu, 3 Dec 2020 05:37:26 -0500
+Subject: [PATCH] nl80211: add common API to configure SAR power limitations
+
+NL80211_CMD_SET_SAR_SPECS is added to configure SAR from
+user space. NL80211_ATTR_SAR_SPEC is used to pass the SAR
+power specification when used with NL80211_CMD_SET_SAR_SPECS.
+
+Wireless driver needs to register SAR type, supported frequency
+ranges to wiphy, so user space can query it. The index in
+frequency range is used to specify which sub band the power
+limitation applies to. The SAR type is for compatibility, so later
+other SAR mechanism can be implemented without breaking the user
+space SAR applications.
+
+Normal process is user space queries the SAR capability, and
+gets the index of supported frequency ranges and associates the
+power limitation with this index and sends to kernel.
+
+Here is an example of message send to kernel:
+8c 00 00 00 08 00 01 00 00 00 00 00 38 00 2b 81
+08 00 01 00 00 00 00 00 2c 00 02 80 14 00 00 80
+08 00 02 00 00 00 00 00 08 00 01 00 38 00 00 00
+14 00 01 80 08 00 02 00 01 00 00 00 08 00 01 00
+48 00 00 00
+
+NL80211_CMD_SET_SAR_SPECS:  0x8c
+NL80211_ATTR_WIPHY:     0x01(phy idx is 0)
+NL80211_ATTR_SAR_SPEC:  0x812b (NLA_NESTED)
+NL80211_SAR_ATTR_TYPE:  0x00 (NL80211_SAR_TYPE_POWER)
+NL80211_SAR_ATTR_SPECS: 0x8002 (NLA_NESTED)
+freq range 0 power: 0x38 in 0.25dbm unit (14dbm)
+freq range 1 power: 0x48 in 0.25dbm unit (18dbm)
+
+Signed-off-by: Carl Huang <cjhuang@codeaurora.org>
+Reviewed-by: Brian Norris <briannorris@chromium.org>
+Reviewed-by: Abhishek Kumar <kuabhs@chromium.org>
+Link: https://lore.kernel.org/r/20201203103728.3034-2-cjhuang@codeaurora.org
+[minor edits, NLA parse cleanups]
+Signed-off-by: Johannes Berg <johannes.berg@intel.com>
+---
+
+--- a/include/net/cfg80211.h
++++ b/include/net/cfg80211.h
+@@ -1737,6 +1737,54 @@ struct station_info {
+ 	u8 connected_to_as;
+ };
+ 
++/**
++ * struct cfg80211_sar_sub_specs - sub specs limit
++ * @power: power limitation in 0.25dbm
++ * @freq_range_index: index the power limitation applies to
++ */
++struct cfg80211_sar_sub_specs {
++	s32 power;
++	u32 freq_range_index;
++};
++
++/**
++ * struct cfg80211_sar_specs - sar limit specs
++ * @type: it's set with power in 0.25dbm or other types
++ * @num_sub_specs: number of sar sub specs
++ * @sub_specs: memory to hold the sar sub specs
++ */
++struct cfg80211_sar_specs {
++	enum nl80211_sar_type type;
++	u32 num_sub_specs;
++	struct cfg80211_sar_sub_specs sub_specs[];
++};
++
++
++/**
++ * @struct cfg80211_sar_chan_ranges - sar frequency ranges
++ * @start_freq:  start range edge frequency
++ * @end_freq:    end range edge frequency
++ */
++struct cfg80211_sar_freq_ranges {
++	u32 start_freq;
++	u32 end_freq;
++};
++
++/**
++ * struct cfg80211_sar_capa - sar limit capability
++ * @type: it's set via power in 0.25dbm or other types
++ * @num_freq_ranges: number of frequency ranges
++ * @freq_ranges: memory to hold the freq ranges.
++ *
++ * Note: WLAN driver may append new ranges or split an existing
++ * range to small ones and then append them.
++ */
++struct cfg80211_sar_capa {
++	enum nl80211_sar_type type;
++	u32 num_freq_ranges;
++	const struct cfg80211_sar_freq_ranges *freq_ranges;
++};
++
+ #if IS_ENABLED(CPTCFG_CFG80211)
+ /**
+  * cfg80211_get_station - retrieve information about a given station
+@@ -4259,6 +4307,8 @@ struct cfg80211_ops {
+ 				  struct cfg80211_tid_config *tid_conf);
+ 	int	(*reset_tid_config)(struct wiphy *wiphy, struct net_device *dev,
+ 				    const u8 *peer, u8 tids);
++	int	(*set_sar_specs)(struct wiphy *wiphy,
++				 struct cfg80211_sar_specs *sar);
+ };
+ 
+ /*
+@@ -5030,6 +5080,8 @@ struct wiphy {
+ 
+ 	u8 max_data_retry_count;
+ 
++	const struct cfg80211_sar_capa *sar_capa;
++
+ 	char priv[] __aligned(NETDEV_ALIGN);
+ };
+ 
+--- a/net/wireless/nl80211.c
++++ b/net/wireless/nl80211.c
+@@ -405,6 +405,18 @@ nl80211_unsol_bcast_probe_resp_policy[NL
+ 						       .len = IEEE80211_MAX_DATA_LEN }
+ };
+ 
++static const struct nla_policy
++sar_specs_policy[NL80211_SAR_ATTR_SPECS_MAX + 1] = {
++	[NL80211_SAR_ATTR_SPECS_POWER] = { .type = NLA_S32 },
++	[NL80211_SAR_ATTR_SPECS_RANGE_INDEX] = {.type = NLA_U32 },
++};
++
++static const struct nla_policy
++sar_policy[NL80211_SAR_ATTR_MAX + 1] = {
++	[NL80211_SAR_ATTR_TYPE] = NLA_POLICY_MAX(NLA_U32, NUM_NL80211_SAR_TYPE),
++	[NL80211_SAR_ATTR_SPECS] = NLA_POLICY_NESTED_ARRAY(sar_specs_policy),
++};
++
+ static const struct nla_policy nl80211_policy[NUM_NL80211_ATTR] = {
+ 	[0] = { .strict_start_type = NL80211_ATTR_HE_OBSS_PD },
+ 	[NL80211_ATTR_WIPHY] = { .type = NLA_U32 },
+@@ -739,6 +751,7 @@ static const struct nla_policy nl80211_p
+ 	[NL80211_ATTR_SAE_PWE] =
+ 		NLA_POLICY_RANGE(NLA_U8, NL80211_SAE_PWE_HUNT_AND_PECK,
+ 				 NL80211_SAE_PWE_BOTH),
++	[NL80211_ATTR_SAR_SPEC] = NLA_POLICY_NESTED(sar_policy),
+ 	[NL80211_ATTR_RECONNECT_REQUESTED] = { .type = NLA_REJECT },
+ };
+ 
+@@ -2117,6 +2130,56 @@ fail:
+ 	return -ENOBUFS;
+ }
+ 
++static int
++nl80211_put_sar_specs(struct cfg80211_registered_device *rdev,
++		      struct sk_buff *msg)
++{
++	struct nlattr *sar_capa, *specs, *sub_freq_range;
++	u8 num_freq_ranges;
++	int i;
++
++	if (!rdev->wiphy.sar_capa)
++		return 0;
++
++	num_freq_ranges = rdev->wiphy.sar_capa->num_freq_ranges;
++
++	sar_capa = nla_nest_start(msg, NL80211_ATTR_SAR_SPEC);
++	if (!sar_capa)
++		return -ENOSPC;
++
++	if (nla_put_u32(msg, NL80211_SAR_ATTR_TYPE, rdev->wiphy.sar_capa->type))
++		goto fail;
++
++	specs = nla_nest_start(msg, NL80211_SAR_ATTR_SPECS);
++	if (!specs)
++		goto fail;
++
++	/* report supported freq_ranges */
++	for (i = 0; i < num_freq_ranges; i++) {
++		sub_freq_range = nla_nest_start(msg, i + 1);
++		if (!sub_freq_range)
++			goto fail;
++
++		if (nla_put_u32(msg, NL80211_SAR_ATTR_SPECS_START_FREQ,
++				rdev->wiphy.sar_capa->freq_ranges[i].start_freq))
++			goto fail;
++
++		if (nla_put_u32(msg, NL80211_SAR_ATTR_SPECS_END_FREQ,
++				rdev->wiphy.sar_capa->freq_ranges[i].end_freq))
++			goto fail;
++
++		nla_nest_end(msg, sub_freq_range);
++	}
++
++	nla_nest_end(msg, specs);
++	nla_nest_end(msg, sar_capa);
++
++	return 0;
++fail:
++	nla_nest_cancel(msg, sar_capa);
++	return -ENOBUFS;
++}
++
+ struct nl80211_dump_wiphy_state {
+ 	s64 filter_wiphy;
+ 	long start;
+@@ -2366,6 +2429,8 @@ static int nl80211_send_wiphy(struct cfg
+ 			CMD(set_multicast_to_unicast, SET_MULTICAST_TO_UNICAST);
+ 			CMD(update_connect_params, UPDATE_CONNECT_PARAMS);
+ 			CMD(update_ft_ies, UPDATE_FT_IES);
++			if (rdev->wiphy.sar_capa)
++				CMD(set_sar_specs, SET_SAR_SPECS);
+ 		}
+ #undef CMD
+ 
+@@ -2691,6 +2756,11 @@ static int nl80211_send_wiphy(struct cfg
+ 
+ 		if (nl80211_put_tid_config_support(rdev, msg))
+ 			goto nla_put_failure;
++		state->split_start++;
++		break;
++	case 16:
++		if (nl80211_put_sar_specs(rdev, msg))
++			goto nla_put_failure;
+ 
+ 		/* done */
+ 		state->split_start = 0;
+@@ -14724,6 +14794,111 @@ static void nl80211_post_doit(__genl_con
+ 	}
+ }
+ 
++static int nl80211_set_sar_sub_specs(struct cfg80211_registered_device *rdev,
++				     struct cfg80211_sar_specs *sar_specs,
++				     struct nlattr *spec[], int index)
++{
++	u32 range_index, i;
++
++	if (!sar_specs || !spec)
++		return -EINVAL;
++
++	if (!spec[NL80211_SAR_ATTR_SPECS_POWER] ||
++	    !spec[NL80211_SAR_ATTR_SPECS_RANGE_INDEX])
++		return -EINVAL;
++
++	range_index = nla_get_u32(spec[NL80211_SAR_ATTR_SPECS_RANGE_INDEX]);
++
++	/* check if range_index exceeds num_freq_ranges */
++	if (range_index >= rdev->wiphy.sar_capa->num_freq_ranges)
++		return -EINVAL;
++
++	/* check if range_index duplicates */
++	for (i = 0; i < index; i++) {
++		if (sar_specs->sub_specs[i].freq_range_index == range_index)
++			return -EINVAL;
++	}
++
++	sar_specs->sub_specs[index].power =
++		nla_get_s32(spec[NL80211_SAR_ATTR_SPECS_POWER]);
++
++	sar_specs->sub_specs[index].freq_range_index = range_index;
++
++	return 0;
++}
++
++static int nl80211_set_sar_specs(struct sk_buff *skb, struct genl_info *info)
++{
++	struct cfg80211_registered_device *rdev = info->user_ptr[0];
++	struct nlattr *spec[NL80211_SAR_ATTR_SPECS_MAX + 1];
++	struct nlattr *tb[NL80211_SAR_ATTR_MAX + 1];
++	struct cfg80211_sar_specs *sar_spec;
++	enum nl80211_sar_type type;
++	struct nlattr *spec_list;
++	u32 specs;
++	int rem, err;
++
++	if (!rdev->wiphy.sar_capa || !rdev->ops->set_sar_specs)
++		return -EOPNOTSUPP;
++
++	if (!info->attrs[NL80211_ATTR_SAR_SPEC])
++		return -EINVAL;
++
++	nla_parse_nested(tb, NL80211_SAR_ATTR_MAX,
++			 info->attrs[NL80211_ATTR_SAR_SPEC],
++			 NULL, NULL);
++
++	if (!tb[NL80211_SAR_ATTR_TYPE] || !tb[NL80211_SAR_ATTR_SPECS])
++		return -EINVAL;
++
++	type = nla_get_u32(tb[NL80211_SAR_ATTR_TYPE]);
++	if (type != rdev->wiphy.sar_capa->type)
++		return -EINVAL;
++
++	specs = 0;
++	nla_for_each_nested(spec_list, tb[NL80211_SAR_ATTR_SPECS], rem)
++		specs++;
++
++	if (specs > rdev->wiphy.sar_capa->num_freq_ranges)
++		return -EINVAL;
++
++	sar_spec = kzalloc(sizeof(*sar_spec) +
++			   specs * sizeof(struct cfg80211_sar_sub_specs),
++			   GFP_KERNEL);
++	if (!sar_spec)
++		return -ENOMEM;
++
++	sar_spec->type = type;
++	specs = 0;
++	nla_for_each_nested(spec_list, tb[NL80211_SAR_ATTR_SPECS], rem) {
++		nla_parse_nested(spec, NL80211_SAR_ATTR_SPECS_MAX,
++				 spec_list, NULL, NULL);
++
++		switch (type) {
++		case NL80211_SAR_TYPE_POWER:
++			if (nl80211_set_sar_sub_specs(rdev, sar_spec,
++						      spec, specs)) {
++				err = -EINVAL;
++				goto error;
++			}
++			break;
++		default:
++			err = -EINVAL;
++			goto error;
++		}
++		specs++;
++	}
++
++	sar_spec->num_sub_specs = specs;
++
++	rdev->cur_cmd_info = info;
++	err = rdev_set_sar_specs(rdev, sar_spec);
++	rdev->cur_cmd_info = NULL;
++error:
++	kfree(sar_spec);
++	return err;
++}
++
+ static __genl_const struct genl_ops nl80211_ops[] = {
+ 	{
+ 		.cmd = NL80211_CMD_GET_WIPHY,
+@@ -15587,6 +15762,14 @@ static const struct genl_small_ops nl802
+ 		.internal_flags = NL80211_FLAG_NEED_NETDEV |
+ 				  NL80211_FLAG_NEED_RTNL,
+ 	},
++	{
++		.cmd = NL80211_CMD_SET_SAR_SPECS,
++		.validate = GENL_DONT_VALIDATE_STRICT | GENL_DONT_VALIDATE_DUMP,
++		.doit = nl80211_set_sar_specs,
++		.flags = GENL_UNS_ADMIN_PERM,
++		.internal_flags = NL80211_FLAG_NEED_WIPHY |
++				  NL80211_FLAG_NEED_RTNL,
++	},
+ };
+ 
+ static struct genl_family nl80211_fam __genl_ro_after_init = {
+--- a/net/wireless/rdev-ops.h
++++ b/net/wireless/rdev-ops.h
+@@ -1356,4 +1356,16 @@ static inline int rdev_reset_tid_config(
+ 	return ret;
+ }
+ 
++static inline int rdev_set_sar_specs(struct cfg80211_registered_device *rdev,
++				     struct cfg80211_sar_specs *sar)
++{
++	int ret;
++
++	trace_rdev_set_sar_specs(&rdev->wiphy, sar);
++	ret = rdev->ops->set_sar_specs(&rdev->wiphy, sar);
++	trace_rdev_return_int(&rdev->wiphy, ret);
++
++	return ret;
++}
++
+ #endif /* __CFG80211_RDEV_OPS */
+--- a/net/wireless/trace.h
++++ b/net/wireless/trace.h
+@@ -3551,6 +3551,25 @@ TRACE_EVENT(rdev_reset_tid_config,
+ 	TP_printk(WIPHY_PR_FMT ", " NETDEV_PR_FMT ", peer: " MAC_PR_FMT ", tids: 0x%x",
+ 		  WIPHY_PR_ARG, NETDEV_PR_ARG, MAC_PR_ARG(peer), __entry->tids)
+ );
++
++TRACE_EVENT(rdev_set_sar_specs,
++	TP_PROTO(struct wiphy *wiphy, struct cfg80211_sar_specs *sar),
++	TP_ARGS(wiphy, sar),
++	TP_STRUCT__entry(
++		WIPHY_ENTRY
++		__field(u16, type)
++		__field(u16, num)
++	),
++	TP_fast_assign(
++		WIPHY_ASSIGN;
++		__entry->type = sar->type;
++		__entry->num = sar->num_sub_specs;
++
++	),
++	TP_printk(WIPHY_PR_FMT ", Set type:%d, num_specs:%d",
++		  WIPHY_PR_ARG, __entry->type, __entry->num)
++);
++
+ #endif /* !__RDEV_OPS_TRACE || TRACE_HEADER_MULTI_READ */
+ 
+ #undef TRACE_INCLUDE_PATH

package/kernel/mac80211/patches/subsys/385-mac80211-add-ieee80211_set_sar_specs.patch

@@ -0,0 +1,51 @@
+From: Carl Huang <cjhuang@codeaurora.org>
+Date: Thu, 3 Dec 2020 05:37:27 -0500
+Subject: [PATCH] mac80211: add ieee80211_set_sar_specs
+
+This change registers ieee80211_set_sar_specs to
+mac80211_config_ops, so cfg80211 can call it.
+
+Signed-off-by: Carl Huang <cjhuang@codeaurora.org>
+Reviewed-by: Brian Norris <briannorris@chromium.org>
+Reviewed-by: Abhishek Kumar <kuabhs@chromium.org>
+Link: https://lore.kernel.org/r/20201203103728.3034-3-cjhuang@codeaurora.org
+Signed-off-by: Johannes Berg <johannes.berg@intel.com>
+---
+
+--- a/include/net/mac80211.h
++++ b/include/net/mac80211.h
+@@ -4207,6 +4207,8 @@ struct ieee80211_ops {
+ 				   struct ieee80211_vif *vif);
+ 	void (*sta_set_4addr)(struct ieee80211_hw *hw, struct ieee80211_vif *vif,
+ 			      struct ieee80211_sta *sta, bool enabled);
++	int (*set_sar_specs)(struct ieee80211_hw *hw,
++			     const struct cfg80211_sar_specs *sar);
+ 	void (*sta_set_decap_offload)(struct ieee80211_hw *hw,
+ 				      struct ieee80211_vif *vif,
+ 				      struct ieee80211_sta *sta, bool enabled);
+--- a/net/mac80211/cfg.c
++++ b/net/mac80211/cfg.c
+@@ -4136,6 +4136,17 @@ static int ieee80211_reset_tid_config(st
+ 	return ret;
+ }
+ 
++static int ieee80211_set_sar_specs(struct wiphy *wiphy,
++				   struct cfg80211_sar_specs *sar)
++{
++	struct ieee80211_local *local = wiphy_priv(wiphy);
++
++	if (!local->ops->set_sar_specs)
++		return -EOPNOTSUPP;
++
++	return local->ops->set_sar_specs(&local->hw, sar);
++}
++
+ const struct cfg80211_ops mac80211_config_ops = {
+ 	.add_virtual_intf = ieee80211_add_iface,
+ 	.del_virtual_intf = ieee80211_del_iface,
+@@ -4239,4 +4250,5 @@ const struct cfg80211_ops mac80211_confi
+ 	.probe_mesh_link = ieee80211_probe_mesh_link,
+ 	.set_tid_config = ieee80211_set_tid_config,
+ 	.reset_tid_config = ieee80211_reset_tid_config,
++	.set_sar_specs = ieee80211_set_sar_specs,
+ };

package/kernel/mac80211/patches/subsys/386-mac80211-check-per-vif-offload_flags-in-Tx-path.patch

@@ -0,0 +1,26 @@
+From: Ryder Lee <ryder.lee@mediatek.com>
+Date: Fri, 18 Jun 2021 04:38:59 +0800
+Subject: [PATCH] mac80211: check per vif offload_flags in Tx path
+
+offload_flags has been introduced to indicate encap status of each interface.
+An interface can encap offload at runtime, or if it has some extra limitations
+it can simply override the flags, so it's more flexible to check offload_flags
+in Tx path.
+
+Signed-off-by: Ryder Lee <ryder.lee@mediatek.com>
+Link: https://lore.kernel.org/r/177785418cf407808bf3a44760302d0647076990.1623961575.git.ryder.lee@mediatek.com
+Signed-off-by: Johannes Berg <johannes.berg@intel.com>
+---
+
+--- a/net/mac80211/tx.c
++++ b/net/mac80211/tx.c
+@@ -3335,6 +3335,9 @@ static bool ieee80211_amsdu_aggregate(st
+ 	if (!ieee80211_hw_check(&local->hw, TX_AMSDU))
+ 		return false;
+ 
++	if (sdata->vif.offload_flags & IEEE80211_OFFLOAD_ENCAP_ENABLED)
++		return false;
++
+ 	if (skb_is_gso(skb))
+ 		return false;
+ 

package/kernel/mac80211/patches/subsys/387-nl80211-add-support-for-BSS-coloring.patch

@@ -0,0 +1,485 @@
+From: John Crispin <john@phrozen.org>
+Date: Fri, 2 Jul 2021 19:44:07 +0200
+Subject: [PATCH] nl80211: add support for BSS coloring
+
+This patch adds support for BSS color collisions to the wireless subsystem.
+Add the required functionality to nl80211 that will notify about color
+collisions, triggering the color change and notifying when it is completed.
+
+Co-developed-by: Lorenzo Bianconi <lorenzo@kernel.org>
+Signed-off-by: Lorenzo Bianconi <lorenzo@kernel.org>
+Signed-off-by: John Crispin <john@phrozen.org>
+Link: https://lore.kernel.org/r/500b3582aec8fe2c42ef46f3117b148cb7cbceb5.1625247619.git.lorenzo@kernel.org
+[remove unnecessary NULL initialisation]
+Signed-off-by: Johannes Berg <johannes.berg@intel.com>
+---
+
+--- a/include/net/cfg80211.h
++++ b/include/net/cfg80211.h
+@@ -1252,6 +1252,27 @@ struct cfg80211_csa_settings {
+ #define CFG80211_MAX_NUM_DIFFERENT_CHANNELS 10
+ 
+ /**
++ * struct cfg80211_color_change_settings - color change settings
++ *
++ * Used for bss color change
++ *
++ * @beacon_color_change: beacon data while performing the color countdown
++ * @counter_offsets_beacon: offsets of the counters within the beacon (tail)
++ * @counter_offsets_presp: offsets of the counters within the probe response
++ * @beacon_next: beacon data to be used after the color change
++ * @count: number of beacons until the color change
++ * @color: the color used after the change
++ */
++struct cfg80211_color_change_settings {
++	struct cfg80211_beacon_data beacon_color_change;
++	u16 counter_offset_beacon;
++	u16 counter_offset_presp;
++	struct cfg80211_beacon_data beacon_next;
++	u8 count;
++	u8 color;
++};
++
++/**
+  * struct iface_combination_params - input parameters for interface combinations
+  *
+  * Used to pass interface combination parameters
+@@ -3979,6 +4000,8 @@ struct mgmt_frame_regs {
+  *	This callback may sleep.
+  * @reset_tid_config: Reset TID specific configuration for the peer, for the
+  *	given TIDs. This callback may sleep.
++ *
++ * @color_change: Initiate a color change.
+  */
+ struct cfg80211_ops {
+ 	int	(*suspend)(struct wiphy *wiphy, struct cfg80211_wowlan *wow);
+@@ -4309,6 +4332,9 @@ struct cfg80211_ops {
+ 				    const u8 *peer, u8 tids);
+ 	int	(*set_sar_specs)(struct wiphy *wiphy,
+ 				 struct cfg80211_sar_specs *sar);
++	int	(*color_change)(struct wiphy *wiphy,
++				struct net_device *dev,
++				struct cfg80211_color_change_settings *params);
+ };
+ 
+ /*
+@@ -8092,4 +8118,70 @@ void cfg80211_update_owe_info_event(stru
+  */
+ void cfg80211_bss_flush(struct wiphy *wiphy);
+ 
++/**
++ * cfg80211_bss_color_notify - notify about bss color event
++ * @dev: network device
++ * @gfp: allocation flags
++ * @cmd: the actual event we want to notify
++ * @count: the number of TBTTs until the color change happens
++ * @color_bitmap: representations of the colors that the local BSS is aware of
++ */
++int cfg80211_bss_color_notify(struct net_device *dev, gfp_t gfp,
++			      enum nl80211_commands cmd, u8 count,
++			      u64 color_bitmap);
++
++/**
++ * cfg80211_obss_color_collision_notify - notify about bss color collision
++ * @dev: network device
++ * @color_bitmap: representations of the colors that the local BSS is aware of
++ */
++static inline int cfg80211_obss_color_collision_notify(struct net_device *dev,
++						       u64 color_bitmap)
++{
++	return cfg80211_bss_color_notify(dev, GFP_KERNEL,
++					 NL80211_CMD_OBSS_COLOR_COLLISION,
++					 0, color_bitmap);
++}
++
++/**
++ * cfg80211_color_change_started_notify - notify color change start
++ * @dev: the device on which the color is switched
++ * @count: the number of TBTTs until the color change happens
++ *
++ * Inform the userspace about the color change that has started.
++ */
++static inline int cfg80211_color_change_started_notify(struct net_device *dev,
++						       u8 count)
++{
++	return cfg80211_bss_color_notify(dev, GFP_KERNEL,
++					 NL80211_CMD_COLOR_CHANGE_STARTED,
++					 count, 0);
++}
++
++/**
++ * cfg80211_color_change_aborted_notify - notify color change abort
++ * @dev: the device on which the color is switched
++ *
++ * Inform the userspace about the color change that has aborted.
++ */
++static inline int cfg80211_color_change_aborted_notify(struct net_device *dev)
++{
++	return cfg80211_bss_color_notify(dev, GFP_KERNEL,
++					 NL80211_CMD_COLOR_CHANGE_ABORTED,
++					 0, 0);
++}
++
++/**
++ * cfg80211_color_change_notify - notify color change completion
++ * @dev: the device on which the color was switched
++ *
++ * Inform the userspace about the color change that has completed.
++ */
++static inline int cfg80211_color_change_notify(struct net_device *dev)
++{
++	return cfg80211_bss_color_notify(dev, GFP_KERNEL,
++					 NL80211_CMD_COLOR_CHANGE_COMPLETED,
++					 0, 0);
++}
++
+ #endif /* __NET_CFG80211_H */
+--- a/include/uapi/linux/nl80211.h
++++ b/include/uapi/linux/nl80211.h
+@@ -1185,6 +1185,21 @@
+  *	passed using %NL80211_ATTR_SAR_SPEC. %NL80211_ATTR_WIPHY is used to
+  *	specify the wiphy index to be applied to.
+  *
++ * @NL80211_CMD_OBSS_COLOR_COLLISION: This notification is sent out whenever
++ *	mac80211/drv detects a bss color collision.
++ *
++ * @NL80211_CMD_COLOR_CHANGE_REQUEST: This command is used to indicate that
++ *	userspace wants to change the BSS color.
++ *
++ * @NL80211_CMD_COLOR_CHANGE_STARTED: Notify userland, that a color change has
++ *	started
++ *
++ * @NL80211_CMD_COLOR_CHANGE_ABORTED: Notify userland, that the color change has
++ *	been aborted
++ *
++ * @NL80211_CMD_COLOR_CHANGE_COMPLETED: Notify userland that the color change
++ *	has completed
++ *
+  * @NL80211_CMD_MAX: highest used command number
+  * @__NL80211_CMD_AFTER_LAST: internal use
+  */
+@@ -1417,6 +1432,14 @@ enum nl80211_commands {
+ 
+ 	NL80211_CMD_SET_SAR_SPECS,
+ 
++	NL80211_CMD_OBSS_COLOR_COLLISION,
++
++	NL80211_CMD_COLOR_CHANGE_REQUEST,
++
++	NL80211_CMD_COLOR_CHANGE_STARTED,
++	NL80211_CMD_COLOR_CHANGE_ABORTED,
++	NL80211_CMD_COLOR_CHANGE_COMPLETED,
++
+ 	/* add new commands above here */
+ 
+ 	/* used to define NL80211_CMD_MAX below */
+@@ -2560,6 +2583,16 @@ enum nl80211_commands {
+  *	disassoc events to indicate that an immediate reconnect to the AP
+  *	is desired.
+  *
++ * @NL80211_ATTR_OBSS_COLOR_BITMAP: bitmap of the u64 BSS colors for the
++ *	%NL80211_CMD_OBSS_COLOR_COLLISION event.
++ *
++ * @NL80211_ATTR_COLOR_CHANGE_COUNT: u8 attribute specifying the number of TBTT's
++ *	until the color switch event.
++ * @NL80211_ATTR_COLOR_CHANGE_COLOR: u8 attribute specifying the color that we are
++ *	switching to
++ * @NL80211_ATTR_COLOR_CHANGE_ELEMS: Nested set of attributes containing the IE
++ *	information for the time while performing a color switch.
++ *
+  * @NUM_NL80211_ATTR: total number of nl80211_attrs available
+  * @NL80211_ATTR_MAX: highest attribute number currently defined
+  * @__NL80211_ATTR_AFTER_LAST: internal use
+@@ -3057,6 +3090,12 @@ enum nl80211_attrs {
+ 
+ 	NL80211_ATTR_DISABLE_HE,
+ 
++	NL80211_ATTR_OBSS_COLOR_BITMAP,
++
++	NL80211_ATTR_COLOR_CHANGE_COUNT,
++	NL80211_ATTR_COLOR_CHANGE_COLOR,
++	NL80211_ATTR_COLOR_CHANGE_ELEMS,
++
+ 	/* add attributes here, update the policy in nl80211.c */
+ 
+ 	__NL80211_ATTR_AFTER_LAST,
+@@ -5950,6 +5989,9 @@ enum nl80211_feature_flags {
+  *      frame protection for all management frames exchanged during the
+  *      negotiation and range measurement procedure.
+  *
++ * @NL80211_EXT_FEATURE_BSS_COLOR: The driver supports BSS color collision
++ *	detection and change announcemnts.
++ *
+  * @NUM_NL80211_EXT_FEATURES: number of extended features.
+  * @MAX_NL80211_EXT_FEATURES: highest extended feature index.
+  */
+@@ -6014,6 +6056,7 @@ enum nl80211_ext_feature_index {
+ 	NL80211_EXT_FEATURE_SECURE_LTF,
+ 	NL80211_EXT_FEATURE_SECURE_RTT,
+ 	NL80211_EXT_FEATURE_PROT_RANGE_NEGO_AND_MEASURE,
++	NL80211_EXT_FEATURE_BSS_COLOR,
+ 
+ 	/* add new features before the definition below */
+ 	NUM_NL80211_EXT_FEATURES,
+--- a/net/wireless/nl80211.c
++++ b/net/wireless/nl80211.c
+@@ -753,6 +753,10 @@ static const struct nla_policy nl80211_p
+ 				 NL80211_SAE_PWE_BOTH),
+ 	[NL80211_ATTR_SAR_SPEC] = NLA_POLICY_NESTED(sar_policy),
+ 	[NL80211_ATTR_RECONNECT_REQUESTED] = { .type = NLA_REJECT },
++	[NL80211_ATTR_OBSS_COLOR_BITMAP] = { .type = NLA_U64 },
++	[NL80211_ATTR_COLOR_CHANGE_COUNT] = { .type = NLA_U8 },
++	[NL80211_ATTR_COLOR_CHANGE_COLOR] = { .type = NLA_U8 },
++	[NL80211_ATTR_COLOR_CHANGE_ELEMS] = NLA_POLICY_NESTED(nl80211_policy),
+ };
+ 
+ /* policy for the key attributes */
+@@ -14689,6 +14693,106 @@ bad_tid_conf:
+ 	return ret;
+ }
+ 
++static int nl80211_color_change(struct sk_buff *skb, struct genl_info *info)
++{
++	struct cfg80211_registered_device *rdev = info->user_ptr[0];
++	struct cfg80211_color_change_settings params = {};
++	struct net_device *dev = info->user_ptr[1];
++	struct wireless_dev *wdev = dev->ieee80211_ptr;
++	struct nlattr **tb;
++	u16 offset;
++	int err;
++
++	if (!rdev->ops->color_change)
++		return -EOPNOTSUPP;
++
++	if (!wiphy_ext_feature_isset(&rdev->wiphy,
++				     NL80211_EXT_FEATURE_BSS_COLOR))
++		return -EOPNOTSUPP;
++
++	if (wdev->iftype != NL80211_IFTYPE_AP)
++		return -EOPNOTSUPP;
++
++	if (!info->attrs[NL80211_ATTR_COLOR_CHANGE_COUNT] ||
++	    !info->attrs[NL80211_ATTR_COLOR_CHANGE_COLOR] ||
++	    !info->attrs[NL80211_ATTR_COLOR_CHANGE_ELEMS])
++		return -EINVAL;
++
++	params.count = nla_get_u8(info->attrs[NL80211_ATTR_COLOR_CHANGE_COUNT]);
++	params.color = nla_get_u8(info->attrs[NL80211_ATTR_COLOR_CHANGE_COLOR]);
++
++	err = nl80211_parse_beacon(rdev, info->attrs, &params.beacon_next);
++	if (err)
++		return err;
++
++	tb = kcalloc(NL80211_ATTR_MAX + 1, sizeof(*tb), GFP_KERNEL);
++	if (!tb)
++		return -ENOMEM;
++
++	err = nla_parse_nested(tb, NL80211_ATTR_MAX,
++			       info->attrs[NL80211_ATTR_COLOR_CHANGE_ELEMS],
++			       nl80211_policy, info->extack);
++	if (err)
++		goto out;
++
++	err = nl80211_parse_beacon(rdev, tb, &params.beacon_color_change);
++	if (err)
++		goto out;
++
++	if (!tb[NL80211_ATTR_CNTDWN_OFFS_BEACON]) {
++		err = -EINVAL;
++		goto out;
++	}
++
++	if (nla_len(tb[NL80211_ATTR_CNTDWN_OFFS_BEACON]) != sizeof(u16)) {
++		err = -EINVAL;
++		goto out;
++	}
++
++	offset = nla_get_u16(tb[NL80211_ATTR_CNTDWN_OFFS_BEACON]);
++	if (offset >= params.beacon_color_change.tail_len) {
++		err = -EINVAL;
++		goto out;
++	}
++
++	if (params.beacon_color_change.tail[offset] != params.count) {
++		err = -EINVAL;
++		goto out;
++	}
++
++	params.counter_offset_beacon = offset;
++
++	if (tb[NL80211_ATTR_CNTDWN_OFFS_PRESP]) {
++		if (nla_len(tb[NL80211_ATTR_CNTDWN_OFFS_PRESP]) !=
++		    sizeof(u16)) {
++			err = -EINVAL;
++			goto out;
++		}
++
++		offset = nla_get_u16(tb[NL80211_ATTR_CNTDWN_OFFS_PRESP]);
++		if (offset >= params.beacon_color_change.probe_resp_len) {
++			err = -EINVAL;
++			goto out;
++		}
++
++		if (params.beacon_color_change.probe_resp[offset] !=
++		    params.count) {
++			err = -EINVAL;
++			goto out;
++		}
++
++		params.counter_offset_presp = offset;
++	}
++
++	wdev_lock(wdev);
++	err = rdev_color_change(rdev, dev, &params);
++	wdev_unlock(wdev);
++
++out:
++	kfree(tb);
++	return err;
++}
++
+ #define NL80211_FLAG_NEED_WIPHY		0x01
+ #define NL80211_FLAG_NEED_NETDEV	0x02
+ #define NL80211_FLAG_NEED_RTNL		0x04
+@@ -15770,6 +15874,14 @@ static const struct genl_small_ops nl802
+ 		.internal_flags = NL80211_FLAG_NEED_WIPHY |
+ 				  NL80211_FLAG_NEED_RTNL,
+ 	},
++	{
++		.cmd = NL80211_CMD_COLOR_CHANGE_REQUEST,
++		.validate = GENL_DONT_VALIDATE_STRICT | GENL_DONT_VALIDATE_DUMP,
++		.doit = nl80211_color_change,
++		.flags = GENL_UNS_ADMIN_PERM,
++		.internal_flags = NL80211_FLAG_NEED_NETDEV_UP |
++				  NL80211_FLAG_NEED_RTNL,
++	},
+ };
+ 
+ static struct genl_family nl80211_fam __genl_ro_after_init = {
+@@ -17397,6 +17509,51 @@ void cfg80211_ch_switch_started_notify(s
+ }
+ EXPORT_SYMBOL(cfg80211_ch_switch_started_notify);
+ 
++int cfg80211_bss_color_notify(struct net_device *dev, gfp_t gfp,
++			      enum nl80211_commands cmd, u8 count,
++			      u64 color_bitmap)
++{
++	struct wireless_dev *wdev = dev->ieee80211_ptr;
++	struct wiphy *wiphy = wdev->wiphy;
++	struct cfg80211_registered_device *rdev = wiphy_to_rdev(wiphy);
++	struct sk_buff *msg;
++	void *hdr;
++
++	ASSERT_WDEV_LOCK(wdev);
++
++	trace_cfg80211_bss_color_notify(dev, cmd, count, color_bitmap);
++
++	msg = nlmsg_new(NLMSG_DEFAULT_SIZE, gfp);
++	if (!msg)
++		return -ENOMEM;
++
++	hdr = nl80211hdr_put(msg, 0, 0, 0, cmd);
++	if (!hdr)
++		goto nla_put_failure;
++
++	if (nla_put_u32(msg, NL80211_ATTR_IFINDEX, dev->ifindex))
++		goto nla_put_failure;
++
++	if (cmd == NL80211_CMD_COLOR_CHANGE_STARTED &&
++	    nla_put_u32(msg, NL80211_ATTR_COLOR_CHANGE_COUNT, count))
++		goto nla_put_failure;
++
++	if (cmd == NL80211_CMD_OBSS_COLOR_COLLISION &&
++	    nla_put_u64_64bit(msg, NL80211_ATTR_OBSS_COLOR_BITMAP,
++			      color_bitmap, NL80211_ATTR_PAD))
++		goto nla_put_failure;
++
++	genlmsg_end(msg, hdr);
++
++	return genlmsg_multicast_netns(&nl80211_fam, wiphy_net(&rdev->wiphy),
++				       msg, 0, NL80211_MCGRP_MLME, gfp);
++
++nla_put_failure:
++	nlmsg_free(msg);
++	return -EINVAL;
++}
++EXPORT_SYMBOL(cfg80211_bss_color_notify);
++
+ void
+ nl80211_radar_notify(struct cfg80211_registered_device *rdev,
+ 		     const struct cfg80211_chan_def *chandef,
+--- a/net/wireless/rdev-ops.h
++++ b/net/wireless/rdev-ops.h
+@@ -1368,4 +1368,17 @@ static inline int rdev_set_sar_specs(str
+ 	return ret;
+ }
+ 
++static inline int rdev_color_change(struct cfg80211_registered_device *rdev,
++				    struct net_device *dev,
++				    struct cfg80211_color_change_settings *params)
++{
++	int ret;
++
++	trace_rdev_color_change(&rdev->wiphy, dev, params);
++	ret = rdev->ops->color_change(&rdev->wiphy, dev, params);
++	trace_rdev_return_int(&rdev->wiphy, ret);
++
++	return ret;
++}
++
+ #endif /* __CFG80211_RDEV_OPS */
+--- a/net/wireless/trace.h
++++ b/net/wireless/trace.h
+@@ -3570,6 +3570,52 @@ TRACE_EVENT(rdev_set_sar_specs,
+ 		  WIPHY_PR_ARG, __entry->type, __entry->num)
+ );
+ 
++TRACE_EVENT(rdev_color_change,
++	TP_PROTO(struct wiphy *wiphy, struct net_device *netdev,
++		 struct cfg80211_color_change_settings *params),
++	TP_ARGS(wiphy, netdev, params),
++	TP_STRUCT__entry(
++		WIPHY_ENTRY
++		NETDEV_ENTRY
++		__field(u8, count)
++		__field(u16, bcn_ofs)
++		__field(u16, pres_ofs)
++	),
++	TP_fast_assign(
++		WIPHY_ASSIGN;
++		NETDEV_ASSIGN;
++		__entry->count = params->count;
++		__entry->bcn_ofs = params->counter_offset_beacon;
++		__entry->pres_ofs = params->counter_offset_presp;
++	),
++	TP_printk(WIPHY_PR_FMT ", " NETDEV_PR_FMT
++		  ", count: %u",
++		  WIPHY_PR_ARG, NETDEV_PR_ARG,
++		  __entry->count)
++);
++
++TRACE_EVENT(cfg80211_bss_color_notify,
++	TP_PROTO(struct net_device *netdev,
++		 enum nl80211_commands cmd,
++		 u8 count, u64 color_bitmap),
++	TP_ARGS(netdev, cmd, count, color_bitmap),
++	TP_STRUCT__entry(
++		NETDEV_ENTRY
++		__field(enum nl80211_bss_scan_width, cmd)
++		__field(u8, count)
++		__field(u64, color_bitmap)
++	),
++	TP_fast_assign(
++		NETDEV_ASSIGN;
++		__entry->cmd = cmd;
++		__entry->count = count;
++		__entry->color_bitmap = color_bitmap;
++	),
++	TP_printk(NETDEV_PR_FMT ", cmd: %x, count: %u, bitmap: %llx",
++		  NETDEV_PR_ARG, __entry->cmd, __entry->count,
++		  __entry->color_bitmap)
++);
++
+ #endif /* !__RDEV_OPS_TRACE || TRACE_HEADER_MULTI_READ */
+ 
+ #undef TRACE_INCLUDE_PATH

package/kernel/mac80211/patches/subsys/388-mac80211-add-support-for-BSS-color-change.patch

@@ -0,0 +1,524 @@
+From: John Crispin <john@phrozen.org>
+Date: Fri, 2 Jul 2021 19:44:08 +0200
+Subject: [PATCH] mac80211: add support for BSS color change
+
+The color change announcement is very similar to how CSA works where
+we have an IE that includes a counter. When the counter hits 0, the new
+color is applied via an updated beacon.
+
+This patch makes the CSA counter functionality reusable, rather than
+implementing it again. This also allows for future reuse incase support
+for other counter IEs gets added.
+
+Co-developed-by: Lorenzo Bianconi <lorenzo@kernel.org>
+Signed-off-by: Lorenzo Bianconi <lorenzo@kernel.org>
+Signed-off-by: John Crispin <john@phrozen.org>
+Link: https://lore.kernel.org/r/057c1e67b82bee561ea44ce6a45a8462d3da6995.1625247619.git.lorenzo@kernel.org
+Signed-off-by: Johannes Berg <johannes.berg@intel.com>
+---
+
+--- a/include/net/mac80211.h
++++ b/include/net/mac80211.h
+@@ -1710,6 +1710,10 @@ enum ieee80211_offload_flags {
+  *	protected by fq->lock.
+  * @offload_flags: 802.3 -> 802.11 enapsulation offload flags, see
+  *	&enum ieee80211_offload_flags.
++ * @color_change_active: marks whether a color change is ongoing. Internally it is
++ *	write-protected by sdata_lock and local->mtx so holding either is fine
++ *	for read access.
++ * @color_change_color: the bss color that will be used after the change.
+  */
+ struct ieee80211_vif {
+ 	enum nl80211_iftype type;
+@@ -1738,6 +1742,9 @@ struct ieee80211_vif {
+ 
+ 	bool txqs_stopped[IEEE80211_NUM_ACS];
+ 
++	bool color_change_active;
++	u8 color_change_color;
++
+ 	/* must be last */
+ 	u8 drv_priv[] __aligned(sizeof(void *));
+ };
+@@ -4982,6 +4989,16 @@ void ieee80211_csa_finish(struct ieee802
+ bool ieee80211_beacon_cntdwn_is_complete(struct ieee80211_vif *vif);
+ 
+ /**
++ * ieee80211_color_change_finish - notify mac80211 about color change
++ * @vif: &struct ieee80211_vif pointer from the add_interface callback.
++ *
++ * After a color change announcement was scheduled and the counter in this
++ * announcement hits 1, this function must be called by the driver to
++ * notify mac80211 that the color can be changed
++ */
++void ieee80211_color_change_finish(struct ieee80211_vif *vif);
++
++/**
+  * ieee80211_proberesp_get - retrieve a Probe Response template
+  * @hw: pointer obtained from ieee80211_alloc_hw().
+  * @vif: &struct ieee80211_vif pointer from the add_interface callback.
+@@ -6726,6 +6743,18 @@ ieee80211_get_unsol_bcast_probe_resp_tmp
+ 					  struct ieee80211_vif *vif);
+ 
+ /**
++ * ieeee80211_obss_color_collision_notify - notify userland about a BSS color
++ * collision.
++ *
++ * @vif: &struct ieee80211_vif pointer from the add_interface callback.
++ * @color_bitmap: a 64 bit bitmap representing the colors that the local BSS is
++ *	aware of.
++ */
++void
++ieeee80211_obss_color_collision_notify(struct ieee80211_vif *vif,
++				       u64 color_bitmap);
++
++/**
+  * ieee80211_is_tx_data - check if frame is a data frame
+  *
+  * The function is used to check if a frame is a data frame. Frames with
+--- a/net/mac80211/cfg.c
++++ b/net/mac80211/cfg.c
+@@ -827,9 +827,11 @@ static int ieee80211_set_monitor_channel
+ 	return ret;
+ }
+ 
+-static int ieee80211_set_probe_resp(struct ieee80211_sub_if_data *sdata,
+-				    const u8 *resp, size_t resp_len,
+-				    const struct ieee80211_csa_settings *csa)
++static int
++ieee80211_set_probe_resp(struct ieee80211_sub_if_data *sdata,
++			 const u8 *resp, size_t resp_len,
++			 const struct ieee80211_csa_settings *csa,
++			 const struct ieee80211_color_change_settings *cca)
+ {
+ 	struct probe_resp *new, *old;
+ 
+@@ -849,6 +851,8 @@ static int ieee80211_set_probe_resp(stru
+ 		memcpy(new->cntdwn_counter_offsets, csa->counter_offsets_presp,
+ 		       csa->n_counter_offsets_presp *
+ 		       sizeof(new->cntdwn_counter_offsets[0]));
++	else if (cca)
++		new->cntdwn_counter_offsets[0] = cca->counter_offset_presp;
+ 
+ 	rcu_assign_pointer(sdata->u.ap.probe_resp, new);
+ 	if (old)
+@@ -954,7 +958,8 @@ static int ieee80211_set_ftm_responder_p
+ 
+ static int ieee80211_assign_beacon(struct ieee80211_sub_if_data *sdata,
+ 				   struct cfg80211_beacon_data *params,
+-				   const struct ieee80211_csa_settings *csa)
++				   const struct ieee80211_csa_settings *csa,
++				   const struct ieee80211_color_change_settings *cca)
+ {
+ 	struct beacon_data *new, *old;
+ 	int new_head_len, new_tail_len;
+@@ -1003,6 +1008,9 @@ static int ieee80211_assign_beacon(struc
+ 		memcpy(new->cntdwn_counter_offsets, csa->counter_offsets_beacon,
+ 		       csa->n_counter_offsets_beacon *
+ 		       sizeof(new->cntdwn_counter_offsets[0]));
++	} else if (cca) {
++		new->cntdwn_current_counter = cca->count;
++		new->cntdwn_counter_offsets[0] = cca->counter_offset_beacon;
+ 	}
+ 
+ 	/* copy in head */
+@@ -1019,7 +1027,7 @@ static int ieee80211_assign_beacon(struc
+ 			memcpy(new->tail, old->tail, new_tail_len);
+ 
+ 	err = ieee80211_set_probe_resp(sdata, params->probe_resp,
+-				       params->probe_resp_len, csa);
++				       params->probe_resp_len, csa, cca);
+ 	if (err < 0) {
+ 		kfree(new);
+ 		return err;
+@@ -1176,7 +1184,7 @@ static int ieee80211_start_ap(struct wip
+ 	if (ieee80211_hw_check(&local->hw, HAS_RATE_CONTROL))
+ 		sdata->vif.bss_conf.beacon_tx_rate = params->beacon_rate;
+ 
+-	err = ieee80211_assign_beacon(sdata, &params->beacon, NULL);
++	err = ieee80211_assign_beacon(sdata, &params->beacon, NULL, NULL);
+ 	if (err < 0)
+ 		goto error;
+ 	changed |= err;
+@@ -1234,17 +1242,17 @@ static int ieee80211_change_beacon(struc
+ 	sdata = IEEE80211_DEV_TO_SUB_IF(dev);
+ 	sdata_assert_lock(sdata);
+ 
+-	/* don't allow changing the beacon while CSA is in place - offset
++	/* don't allow changing the beacon while a countdown is in place - offset
+ 	 * of channel switch counter may change
+ 	 */
+-	if (sdata->vif.csa_active)
++	if (sdata->vif.csa_active || sdata->vif.color_change_active)
+ 		return -EBUSY;
+ 
+ 	old = sdata_dereference(sdata->u.ap.beacon, sdata);
+ 	if (!old)
+ 		return -ENOENT;
+ 
+-	err = ieee80211_assign_beacon(sdata, params, NULL);
++	err = ieee80211_assign_beacon(sdata, params, NULL, NULL);
+ 	if (err < 0)
+ 		return err;
+ 	ieee80211_bss_info_change_notify(sdata, err);
+@@ -3174,7 +3182,7 @@ static int ieee80211_set_after_csa_beaco
+ 	switch (sdata->vif.type) {
+ 	case NL80211_IFTYPE_AP:
+ 		err = ieee80211_assign_beacon(sdata, sdata->u.ap.next_beacon,
+-					      NULL);
++					      NULL, NULL);
+ 		kfree(sdata->u.ap.next_beacon);
+ 		sdata->u.ap.next_beacon = NULL;
+ 
+@@ -3340,7 +3348,7 @@ static int ieee80211_set_csa_beacon(stru
+ 		csa.n_counter_offsets_presp = params->n_counter_offsets_presp;
+ 		csa.count = params->count;
+ 
+-		err = ieee80211_assign_beacon(sdata, &params->beacon_csa, &csa);
++		err = ieee80211_assign_beacon(sdata, &params->beacon_csa, &csa, NULL);
+ 		if (err < 0) {
+ 			kfree(sdata->u.ap.next_beacon);
+ 			return err;
+@@ -3428,6 +3436,15 @@ static int ieee80211_set_csa_beacon(stru
+ 	return 0;
+ }
+ 
++static void ieee80211_color_change_abort(struct ieee80211_sub_if_data  *sdata)
++{
++	sdata->vif.color_change_active = false;
++	kfree(sdata->u.ap.next_beacon);
++	sdata->u.ap.next_beacon = NULL;
++
++	cfg80211_color_change_aborted_notify(sdata->dev);
++}
++
+ static int
+ __ieee80211_channel_switch(struct wiphy *wiphy, struct net_device *dev,
+ 			   struct cfg80211_csa_settings *params)
+@@ -3496,6 +3513,10 @@ __ieee80211_channel_switch(struct wiphy
+ 		goto out;
+ 	}
+ 
++	/* if there is a color change in progress, abort it */
++	if (sdata->vif.color_change_active)
++		ieee80211_color_change_abort(sdata);
++
+ 	err = ieee80211_set_csa_beacon(sdata, params, &changed);
+ 	if (err) {
+ 		ieee80211_vif_unreserve_chanctx(sdata);
+@@ -4147,6 +4168,196 @@ static int ieee80211_set_sar_specs(struc
+ 	return local->ops->set_sar_specs(&local->hw, sar);
+ }
+ 
++static int
++ieee80211_set_after_color_change_beacon(struct ieee80211_sub_if_data *sdata,
++					u32 *changed)
++{
++	switch (sdata->vif.type) {
++	case NL80211_IFTYPE_AP: {
++		int ret;
++
++		ret = ieee80211_assign_beacon(sdata, sdata->u.ap.next_beacon,
++					      NULL, NULL);
++		kfree(sdata->u.ap.next_beacon);
++		sdata->u.ap.next_beacon = NULL;
++
++		if (ret < 0)
++			return ret;
++
++		*changed |= ret;
++		break;
++	}
++	default:
++		WARN_ON_ONCE(1);
++		return -EINVAL;
++	}
++
++	return 0;
++}
++
++static int
++ieee80211_set_color_change_beacon(struct ieee80211_sub_if_data *sdata,
++				  struct cfg80211_color_change_settings *params,
++				  u32 *changed)
++{
++	struct ieee80211_color_change_settings color_change = {};
++	int err;
++
++	switch (sdata->vif.type) {
++	case NL80211_IFTYPE_AP:
++		sdata->u.ap.next_beacon =
++			cfg80211_beacon_dup(&params->beacon_next);
++		if (!sdata->u.ap.next_beacon)
++			return -ENOMEM;
++
++		if (params->count <= 1)
++			break;
++
++		color_change.counter_offset_beacon =
++			params->counter_offset_beacon;
++		color_change.counter_offset_presp =
++			params->counter_offset_presp;
++		color_change.count = params->count;
++
++		err = ieee80211_assign_beacon(sdata, &params->beacon_color_change,
++					      NULL, &color_change);
++		if (err < 0) {
++			kfree(sdata->u.ap.next_beacon);
++			return err;
++		}
++		*changed |= err;
++		break;
++	default:
++		return -EOPNOTSUPP;
++	}
++
++	return 0;
++}
++
++static void
++ieee80211_color_change_bss_config_notify(struct ieee80211_sub_if_data *sdata,
++					 u8 color, int enable, u32 changed)
++{
++	sdata->vif.bss_conf.he_bss_color.color = color;
++	sdata->vif.bss_conf.he_bss_color.enabled = enable;
++	changed |= BSS_CHANGED_HE_BSS_COLOR;
++
++	ieee80211_bss_info_change_notify(sdata, changed);
++}
++
++static int ieee80211_color_change_finalize(struct ieee80211_sub_if_data *sdata)
++{
++	struct ieee80211_local *local = sdata->local;
++	u32 changed = 0;
++	int err;
++
++	sdata_assert_lock(sdata);
++	lockdep_assert_held(&local->mtx);
++
++	sdata->vif.color_change_active = false;
++
++	err = ieee80211_set_after_color_change_beacon(sdata, &changed);
++	if (err) {
++		cfg80211_color_change_aborted_notify(sdata->dev);
++		return err;
++	}
++
++	ieee80211_color_change_bss_config_notify(sdata,
++						 sdata->vif.color_change_color,
++						 1, changed);
++	cfg80211_color_change_notify(sdata->dev);
++
++	return 0;
++}
++
++void ieee80211_color_change_finalize_work(struct work_struct *work)
++{
++	struct ieee80211_sub_if_data *sdata =
++		container_of(work, struct ieee80211_sub_if_data,
++			     color_change_finalize_work);
++	struct ieee80211_local *local = sdata->local;
++
++	sdata_lock(sdata);
++	mutex_lock(&local->mtx);
++
++	/* AP might have been stopped while waiting for the lock. */
++	if (!sdata->vif.color_change_active)
++		goto unlock;
++
++	if (!ieee80211_sdata_running(sdata))
++		goto unlock;
++
++	ieee80211_color_change_finalize(sdata);
++
++unlock:
++	mutex_unlock(&local->mtx);
++	sdata_unlock(sdata);
++}
++
++void ieee80211_color_change_finish(struct ieee80211_vif *vif)
++{
++	struct ieee80211_sub_if_data *sdata = vif_to_sdata(vif);
++
++	ieee80211_queue_work(&sdata->local->hw,
++			     &sdata->color_change_finalize_work);
++}
++EXPORT_SYMBOL_GPL(ieee80211_color_change_finish);
++
++void
++ieeee80211_obss_color_collision_notify(struct ieee80211_vif *vif,
++				       u64 color_bitmap)
++{
++	struct ieee80211_sub_if_data *sdata = vif_to_sdata(vif);
++
++	if (sdata->vif.color_change_active || sdata->vif.csa_active)
++		return;
++
++	cfg80211_obss_color_collision_notify(sdata->dev, color_bitmap);
++}
++EXPORT_SYMBOL_GPL(ieeee80211_obss_color_collision_notify);
++
++static int
++ieee80211_color_change(struct wiphy *wiphy, struct net_device *dev,
++		       struct cfg80211_color_change_settings *params)
++{
++	struct ieee80211_sub_if_data *sdata = IEEE80211_DEV_TO_SUB_IF(dev);
++	struct ieee80211_local *local = sdata->local;
++	u32 changed = 0;
++	int err;
++
++	sdata_assert_lock(sdata);
++
++	mutex_lock(&local->mtx);
++
++	/* don't allow another color change if one is already active or if csa
++	 * is active
++	 */
++	if (sdata->vif.color_change_active || sdata->vif.csa_active) {
++		err = -EBUSY;
++		goto out;
++	}
++
++	err = ieee80211_set_color_change_beacon(sdata, params, &changed);
++	if (err)
++		goto out;
++
++	sdata->vif.color_change_active = true;
++	sdata->vif.color_change_color = params->color;
++
++	cfg80211_color_change_started_notify(sdata->dev, params->count);
++
++	if (changed)
++		ieee80211_color_change_bss_config_notify(sdata, 0, 0, changed);
++	else
++		/* if the beacon didn't change, we can finalize immediately */
++		ieee80211_color_change_finalize(sdata);
++
++out:
++	mutex_unlock(&local->mtx);
++
++	return err;
++}
++
+ const struct cfg80211_ops mac80211_config_ops = {
+ 	.add_virtual_intf = ieee80211_add_iface,
+ 	.del_virtual_intf = ieee80211_del_iface,
+@@ -4251,4 +4462,5 @@ const struct cfg80211_ops mac80211_confi
+ 	.set_tid_config = ieee80211_set_tid_config,
+ 	.reset_tid_config = ieee80211_reset_tid_config,
+ 	.set_sar_specs = ieee80211_set_sar_specs,
++	.color_change = ieee80211_color_change,
+ };
+--- a/net/mac80211/ieee80211_i.h
++++ b/net/mac80211/ieee80211_i.h
+@@ -248,6 +248,12 @@ struct ieee80211_csa_settings {
+ 	u8 count;
+ };
+ 
++struct ieee80211_color_change_settings {
++	u16 counter_offset_beacon;
++	u16 counter_offset_presp;
++	u8 count;
++};
++
+ struct beacon_data {
+ 	u8 *head, *tail;
+ 	int head_len, tail_len;
+@@ -932,6 +938,8 @@ struct ieee80211_sub_if_data {
+ 	bool csa_block_tx; /* write-protected by sdata_lock and local->mtx */
+ 	struct cfg80211_chan_def csa_chandef;
+ 
++	struct work_struct color_change_finalize_work;
++
+ 	struct list_head assigned_chanctx_list; /* protected by chanctx_mtx */
+ 	struct list_head reserved_chanctx_list; /* protected by chanctx_mtx */
+ 
+@@ -1900,6 +1908,9 @@ void ieee80211_csa_finalize_work(struct
+ int ieee80211_channel_switch(struct wiphy *wiphy, struct net_device *dev,
+ 			     struct cfg80211_csa_settings *params);
+ 
++/* color change handling */
++void ieee80211_color_change_finalize_work(struct work_struct *work);
++
+ /* interface handling */
+ #define MAC80211_SUPPORTED_FEATURES_TX	(NETIF_F_IP_CSUM | NETIF_F_IPV6_CSUM | \
+ 					 NETIF_F_HW_CSUM | NETIF_F_SG | \
+--- a/net/mac80211/iface.c
++++ b/net/mac80211/iface.c
+@@ -465,6 +465,7 @@ static void ieee80211_do_stop(struct iee
+ 	sdata_unlock(sdata);
+ 
+ 	cancel_work_sync(&sdata->csa_finalize_work);
++	cancel_work_sync(&sdata->color_change_finalize_work);
+ 
+ 	cancel_delayed_work_sync(&sdata->dfs_cac_timer_work);
+ 
+@@ -1639,6 +1640,7 @@ static void ieee80211_setup_sdata(struct
+ 	INIT_WORK(&sdata->work, ieee80211_iface_work);
+ 	INIT_WORK(&sdata->recalc_smps, ieee80211_recalc_smps_work);
+ 	INIT_WORK(&sdata->csa_finalize_work, ieee80211_csa_finalize_work);
++	INIT_WORK(&sdata->color_change_finalize_work, ieee80211_color_change_finalize_work);
+ 	INIT_LIST_HEAD(&sdata->assigned_chanctx_list);
+ 	INIT_LIST_HEAD(&sdata->reserved_chanctx_list);
+ 
+--- a/net/mac80211/tx.c
++++ b/net/mac80211/tx.c
+@@ -4802,11 +4802,11 @@ static int ieee80211_beacon_add_tim(stru
+ static void ieee80211_set_beacon_cntdwn(struct ieee80211_sub_if_data *sdata,
+ 					struct beacon_data *beacon)
+ {
++	u8 *beacon_data, count, max_count = 1;
+ 	struct probe_resp *resp;
+-	u8 *beacon_data;
+ 	size_t beacon_data_len;
++	u16 *bcn_offsets;
+ 	int i;
+-	u8 count = beacon->cntdwn_current_counter;
+ 
+ 	switch (sdata->vif.type) {
+ 	case NL80211_IFTYPE_AP:
+@@ -4826,21 +4826,27 @@ static void ieee80211_set_beacon_cntdwn(
+ 	}
+ 
+ 	rcu_read_lock();
+-	for (i = 0; i < IEEE80211_MAX_CNTDWN_COUNTERS_NUM; ++i) {
+-		resp = rcu_dereference(sdata->u.ap.probe_resp);
++	resp = rcu_dereference(sdata->u.ap.probe_resp);
+ 
+-		if (beacon->cntdwn_counter_offsets[i]) {
+-			if (WARN_ON_ONCE(beacon->cntdwn_counter_offsets[i] >=
+-					 beacon_data_len)) {
++	bcn_offsets = beacon->cntdwn_counter_offsets;
++	count = beacon->cntdwn_current_counter;
++	if (sdata->vif.csa_active)
++		max_count = IEEE80211_MAX_CNTDWN_COUNTERS_NUM;
++
++	for (i = 0; i < max_count; ++i) {
++		if (bcn_offsets[i]) {
++			if (WARN_ON_ONCE(bcn_offsets[i] >= beacon_data_len)) {
+ 				rcu_read_unlock();
+ 				return;
+ 			}
+-
+-			beacon_data[beacon->cntdwn_counter_offsets[i]] = count;
++			beacon_data[bcn_offsets[i]] = count;
+ 		}
+ 
+-		if (sdata->vif.type == NL80211_IFTYPE_AP && resp)
+-			resp->data[resp->cntdwn_counter_offsets[i]] = count;
++		if (sdata->vif.type == NL80211_IFTYPE_AP && resp) {
++			u16 *resp_offsets = resp->cntdwn_counter_offsets;
++
++			resp->data[resp_offsets[i]] = count;
++		}
+ 	}
+ 	rcu_read_unlock();
+ }
+@@ -5050,6 +5056,7 @@ __ieee80211_beacon_get(struct ieee80211_
+ 			if (offs) {
+ 				offs->tim_offset = beacon->head_len;
+ 				offs->tim_length = skb->len - beacon->head_len;
++				offs->cntdwn_counter_offs[0] = beacon->cntdwn_counter_offsets[0];
+ 
+ 				/* for AP the csa offsets are from tail */
+ 				csa_off_base = skb->len;

package/kernel/mac80211/patches/subsys/389-ieee80211-add-TWT-element-definitions.patch

@@ -0,0 +1,112 @@
+From: Lorenzo Bianconi <lorenzo@kernel.org>
+Date: Mon, 23 Aug 2021 20:02:38 +0200
+Subject: [PATCH] ieee80211: add TWT element definitions
+
+Introduce TWT definitions and TWT Information element structure
+in ieee80211.h
+
+Tested-by: Peter Chiu <chui-hao.chiu@mediatek.com>
+Signed-off-by: Lorenzo Bianconi <lorenzo@kernel.org>
+Link: https://lore.kernel.org/r/71d8b581fe4b5abc5b92f8d77ac2de3e2f7591b6.1629741512.git.lorenzo@kernel.org
+Signed-off-by: Johannes Berg <johannes.berg@intel.com>
+---
+
+--- a/include/linux/ieee80211.h
++++ b/include/linux/ieee80211.h
+@@ -1088,6 +1088,48 @@ struct ieee80211_ext {
+ 	} u;
+ } __packed __aligned(2);
+ 
++#define IEEE80211_TWT_CONTROL_NDP			BIT(0)
++#define IEEE80211_TWT_CONTROL_RESP_MODE			BIT(1)
++#define IEEE80211_TWT_CONTROL_NEG_TYPE_BROADCAST	BIT(3)
++#define IEEE80211_TWT_CONTROL_RX_DISABLED		BIT(4)
++#define IEEE80211_TWT_CONTROL_WAKE_DUR_UNIT		BIT(5)
++
++#define IEEE80211_TWT_REQTYPE_REQUEST			BIT(0)
++#define IEEE80211_TWT_REQTYPE_SETUP_CMD			GENMASK(3, 1)
++#define IEEE80211_TWT_REQTYPE_TRIGGER			BIT(4)
++#define IEEE80211_TWT_REQTYPE_IMPLICIT			BIT(5)
++#define IEEE80211_TWT_REQTYPE_FLOWTYPE			BIT(6)
++#define IEEE80211_TWT_REQTYPE_FLOWID			GENMASK(9, 7)
++#define IEEE80211_TWT_REQTYPE_WAKE_INT_EXP		GENMASK(14, 10)
++#define IEEE80211_TWT_REQTYPE_PROTECTION		BIT(15)
++
++enum ieee80211_twt_setup_cmd {
++	TWT_SETUP_CMD_REQUEST,
++	TWT_SETUP_CMD_SUGGEST,
++	TWT_SETUP_CMD_DEMAND,
++	TWT_SETUP_CMD_GROUPING,
++	TWT_SETUP_CMD_ACCEPT,
++	TWT_SETUP_CMD_ALTERNATE,
++	TWT_SETUP_CMD_DICTATE,
++	TWT_SETUP_CMD_REJECT,
++};
++
++struct ieee80211_twt_params {
++	__le16 req_type;
++	__le64 twt;
++	u8 min_twt_dur;
++	__le16 mantissa;
++	u8 channel;
++} __packed;
++
++struct ieee80211_twt_setup {
++	u8 dialog_token;
++	u8 element_id;
++	u8 length;
++	u8 control;
++	u8 params[];
++} __packed;
++
+ struct ieee80211_mgmt {
+ 	__le16 frame_control;
+ 	__le16 duration;
+@@ -1252,6 +1294,10 @@ struct ieee80211_mgmt {
+ 					__le16 toa_error;
+ 					u8 variable[0];
+ 				} __packed ftm;
++				struct {
++					u8 action_code;
++					u8 variable[];
++				} __packed s1g;
+ 			} u;
+ 		} __packed action;
+ 	} u;
+@@ -2880,6 +2926,7 @@ enum ieee80211_eid {
+ 	WLAN_EID_AID_RESPONSE = 211,
+ 	WLAN_EID_S1G_BCN_COMPAT = 213,
+ 	WLAN_EID_S1G_SHORT_BCN_INTERVAL = 214,
++	WLAN_EID_S1G_TWT = 216,
+ 	WLAN_EID_S1G_CAPABILITIES = 217,
+ 	WLAN_EID_VENDOR_SPECIFIC = 221,
+ 	WLAN_EID_QOS_PARAMETER = 222,
+@@ -2948,6 +2995,7 @@ enum ieee80211_category {
+ 	WLAN_CATEGORY_FST = 18,
+ 	WLAN_CATEGORY_UNPROT_DMG = 20,
+ 	WLAN_CATEGORY_VHT = 21,
++	WLAN_CATEGORY_S1G = 22,
+ 	WLAN_CATEGORY_VENDOR_SPECIFIC_PROTECTED = 126,
+ 	WLAN_CATEGORY_VENDOR_SPECIFIC = 127,
+ };
+@@ -3021,6 +3069,20 @@ enum ieee80211_key_len {
+ 	WLAN_KEY_LEN_BIP_GMAC_256 = 32,
+ };
+ 
++enum ieee80211_s1g_actioncode {
++	WLAN_S1G_AID_SWITCH_REQUEST,
++	WLAN_S1G_AID_SWITCH_RESPONSE,
++	WLAN_S1G_SYNC_CONTROL,
++	WLAN_S1G_STA_INFO_ANNOUNCE,
++	WLAN_S1G_EDCA_PARAM_SET,
++	WLAN_S1G_EL_OPERATION,
++	WLAN_S1G_TWT_SETUP,
++	WLAN_S1G_TWT_TEARDOWN,
++	WLAN_S1G_SECT_GROUP_ID_LIST,
++	WLAN_S1G_SECT_ID_FEEDBACK,
++	WLAN_S1G_TWT_INFORMATION = 11,
++};
++
+ #define IEEE80211_WEP_IV_LEN		4
+ #define IEEE80211_WEP_ICV_LEN		4
+ #define IEEE80211_CCMP_HDR_LEN		8

package/kernel/mac80211/patches/subsys/390-mac80211-introduce-individual-TWT-support-in-AP-mode.patch

@@ -0,0 +1,576 @@
+From: Lorenzo Bianconi <lorenzo@kernel.org>
+Date: Mon, 23 Aug 2021 20:02:39 +0200
+Subject: [PATCH] mac80211: introduce individual TWT support in AP mode
+
+Introduce TWT action frames parsing support to mac80211.
+Currently just individual TWT agreement are support in AP mode.
+Whenever the AP receives a TWT action frame from an associated client,
+after performing sanity checks, it will notify the underlay driver with
+requested parameters in order to check if they are supported and if there
+is enough room for a new agreement. The driver is expected to set the
+agreement result and report it to mac80211.
+
+Drivers supporting this have two new callbacks:
+ - add_twt_setup (mandatory)
+ - twt_teardown_request (optional)
+
+mac80211 will send an action frame reply according to the result
+reported by the driver.
+
+Tested-by: Peter Chiu <chui-hao.chiu@mediatek.com>
+Signed-off-by: Lorenzo Bianconi <lorenzo@kernel.org>
+Link: https://lore.kernel.org/r/257512f2e22ba42b9f2624942a128dd8f141de4b.1629741512.git.lorenzo@kernel.org
+[use le16p_replace_bits(), minor cleanups, use (void *) casts,
+ fix to use ieee80211_get_he_iftype_cap() correctly]
+Signed-off-by: Johannes Berg <johannes.berg@intel.com>
+---
+
+--- a/include/net/mac80211.h
++++ b/include/net/mac80211.h
+@@ -4219,6 +4219,11 @@ struct ieee80211_ops {
+ 	void (*sta_set_decap_offload)(struct ieee80211_hw *hw,
+ 				      struct ieee80211_vif *vif,
+ 				      struct ieee80211_sta *sta, bool enabled);
++	void (*add_twt_setup)(struct ieee80211_hw *hw,
++			      struct ieee80211_sta *sta,
++			      struct ieee80211_twt_setup *twt);
++	void (*twt_teardown_request)(struct ieee80211_hw *hw,
++				     struct ieee80211_sta *sta, u8 flowid);
+ };
+ 
+ /**
+--- a/net/mac80211/driver-ops.h
++++ b/net/mac80211/driver-ops.h
+@@ -1432,4 +1432,40 @@ static inline void drv_sta_set_decap_off
+ 	trace_drv_return_void(local);
+ }
+ 
++static inline void drv_add_twt_setup(struct ieee80211_local *local,
++				     struct ieee80211_sub_if_data *sdata,
++				     struct ieee80211_sta *sta,
++				     struct ieee80211_twt_setup *twt)
++{
++	struct ieee80211_twt_params *twt_agrt;
++
++	might_sleep();
++
++	if (!check_sdata_in_driver(sdata))
++		return;
++
++	twt_agrt = (void *)twt->params;
++
++	trace_drv_add_twt_setup(local, sta, twt, twt_agrt);
++	local->ops->add_twt_setup(&local->hw, sta, twt);
++	trace_drv_return_void(local);
++}
++
++static inline void drv_twt_teardown_request(struct ieee80211_local *local,
++					    struct ieee80211_sub_if_data *sdata,
++					    struct ieee80211_sta *sta,
++					    u8 flowid)
++{
++	might_sleep();
++	if (!check_sdata_in_driver(sdata))
++		return;
++
++	if (!local->ops->twt_teardown_request)
++		return;
++
++	trace_drv_twt_teardown_request(local, sta, flowid);
++	local->ops->twt_teardown_request(&local->hw, sta, flowid);
++	trace_drv_return_void(local);
++}
++
+ #endif /* __MAC80211_DRIVER_OPS */
+--- a/net/mac80211/ieee80211_i.h
++++ b/net/mac80211/ieee80211_i.h
+@@ -954,6 +954,7 @@ struct ieee80211_sub_if_data {
+ 
+ 	struct work_struct work;
+ 	struct sk_buff_head skb_queue;
++	struct sk_buff_head status_queue;
+ 
+ 	u8 needed_rx_chains;
+ 	enum ieee80211_smps_mode smps_mode;
+@@ -2093,6 +2094,11 @@ ieee80211_he_op_ie_to_bss_conf(struct ie
+ 
+ /* S1G */
+ void ieee80211_s1g_sta_rate_init(struct sta_info *sta);
++bool ieee80211_s1g_is_twt_setup(struct sk_buff *skb);
++void ieee80211_s1g_rx_twt_action(struct ieee80211_sub_if_data *sdata,
++				 struct sk_buff *skb);
++void ieee80211_s1g_status_twt_action(struct ieee80211_sub_if_data *sdata,
++				     struct sk_buff *skb);
+ 
+ /* Spectrum management */
+ void ieee80211_process_measurement_req(struct ieee80211_sub_if_data *sdata,
+--- a/net/mac80211/iface.c
++++ b/net/mac80211/iface.c
+@@ -563,6 +563,7 @@ static void ieee80211_do_stop(struct iee
+ 		 */
+ 		ieee80211_free_keys(sdata, true);
+ 		skb_queue_purge(&sdata->skb_queue);
++		skb_queue_purge(&sdata->status_queue);
+ 	}
+ 
+ 	spin_lock_irqsave(&local->queue_stop_reason_lock, flags);
+@@ -1070,6 +1071,7 @@ int ieee80211_add_virtual_monitor(struct
+ 	}
+ 
+ 	skb_queue_head_init(&sdata->skb_queue);
++	skb_queue_head_init(&sdata->status_queue);
+ 	INIT_WORK(&sdata->work, ieee80211_iface_work);
+ 
+ 	return 0;
+@@ -1442,6 +1444,24 @@ static void ieee80211_if_setup_no_queue(
+ #endif
+ }
+ 
++static void ieee80211_iface_process_status(struct ieee80211_sub_if_data *sdata,
++					   struct sk_buff *skb)
++{
++	struct ieee80211_mgmt *mgmt = (void *)skb->data;
++
++	if (ieee80211_is_action(mgmt->frame_control) &&
++	    mgmt->u.action.category == WLAN_CATEGORY_S1G) {
++		switch (mgmt->u.action.u.s1g.action_code) {
++		case WLAN_S1G_TWT_TEARDOWN:
++		case WLAN_S1G_TWT_SETUP:
++			ieee80211_s1g_status_twt_action(sdata, skb);
++			break;
++		default:
++			break;
++		}
++	}
++}
++
+ static void ieee80211_iface_work(struct work_struct *work)
+ {
+ 	struct ieee80211_sub_if_data *sdata =
+@@ -1519,6 +1539,16 @@ static void ieee80211_iface_work(struct
+ 				WARN_ON(1);
+ 				break;
+ 			}
++		} else if (ieee80211_is_action(mgmt->frame_control) &&
++			   mgmt->u.action.category == WLAN_CATEGORY_S1G) {
++			switch (mgmt->u.action.u.s1g.action_code) {
++			case WLAN_S1G_TWT_TEARDOWN:
++			case WLAN_S1G_TWT_SETUP:
++				ieee80211_s1g_rx_twt_action(sdata, skb);
++				break;
++			default:
++				break;
++			}
+ 		} else if (ieee80211_is_ext(mgmt->frame_control)) {
+ 			if (sdata->vif.type == NL80211_IFTYPE_STATION)
+ 				ieee80211_sta_rx_queued_ext(sdata, skb);
+@@ -1574,6 +1604,12 @@ static void ieee80211_iface_work(struct
+ 		kfree_skb(skb);
+ 	}
+ 
++	/* process status queue */
++	while ((skb = skb_dequeue(&sdata->status_queue))) {
++		ieee80211_iface_process_status(sdata, skb);
++		kfree_skb(skb);
++	}
++
+ 	/* then other type-dependent work */
+ 	switch (sdata->vif.type) {
+ 	case NL80211_IFTYPE_STATION:
+@@ -1637,6 +1673,7 @@ static void ieee80211_setup_sdata(struct
+ 	}
+ 
+ 	skb_queue_head_init(&sdata->skb_queue);
++	skb_queue_head_init(&sdata->status_queue);
+ 	INIT_WORK(&sdata->work, ieee80211_iface_work);
+ 	INIT_WORK(&sdata->recalc_smps, ieee80211_recalc_smps_work);
+ 	INIT_WORK(&sdata->csa_finalize_work, ieee80211_csa_finalize_work);
+--- a/net/mac80211/rx.c
++++ b/net/mac80211/rx.c
+@@ -3210,6 +3210,68 @@ ieee80211_rx_h_mgmt_check(struct ieee802
+ 	return RX_CONTINUE;
+ }
+ 
++static bool
++ieee80211_process_rx_twt_action(struct ieee80211_rx_data *rx)
++{
++	struct ieee80211_mgmt *mgmt = (struct ieee80211_mgmt *)rx->skb->data;
++	struct ieee80211_rx_status *status = IEEE80211_SKB_RXCB(rx->skb);
++	struct ieee80211_sub_if_data *sdata = rx->sdata;
++	const struct ieee80211_sta_he_cap *hecap;
++	struct ieee80211_supported_band *sband;
++
++	/* TWT actions are only supported in AP for the moment */
++	if (sdata->vif.type != NL80211_IFTYPE_AP)
++		return false;
++
++	if (!rx->local->ops->add_twt_setup)
++		return false;
++
++	sband = rx->local->hw.wiphy->bands[status->band];
++	hecap = ieee80211_get_he_iftype_cap(sband,
++					    ieee80211_vif_type_p2p(&sdata->vif));
++	if (!hecap)
++		return false;
++
++	if (!(hecap->he_cap_elem.mac_cap_info[0] &
++	      IEEE80211_HE_MAC_CAP0_TWT_RES))
++		return false;
++
++	if (!rx->sta)
++		return false;
++
++	switch (mgmt->u.action.u.s1g.action_code) {
++	case WLAN_S1G_TWT_SETUP: {
++		struct ieee80211_twt_setup *twt;
++
++		if (rx->skb->len < IEEE80211_MIN_ACTION_SIZE +
++				   1 + /* action code */
++				   sizeof(struct ieee80211_twt_setup) +
++				   2 /* TWT req_type agrt */)
++			break;
++
++		twt = (void *)mgmt->u.action.u.s1g.variable;
++		if (twt->element_id != WLAN_EID_S1G_TWT)
++			break;
++
++		if (rx->skb->len < IEEE80211_MIN_ACTION_SIZE +
++				   4 + /* action code + token + tlv */
++				   twt->length)
++			break;
++
++		return true; /* queue the frame */
++	}
++	case WLAN_S1G_TWT_TEARDOWN:
++		if (rx->skb->len < IEEE80211_MIN_ACTION_SIZE + 2)
++			break;
++
++		return true; /* queue the frame */
++	default:
++		break;
++	}
++
++	return false;
++}
++
+ static ieee80211_rx_result debug_noinline
+ ieee80211_rx_h_action(struct ieee80211_rx_data *rx)
+ {
+@@ -3489,6 +3551,17 @@ ieee80211_rx_h_action(struct ieee80211_r
+ 		    !mesh_path_sel_is_hwmp(sdata))
+ 			break;
+ 		goto queue;
++	case WLAN_CATEGORY_S1G:
++		switch (mgmt->u.action.u.s1g.action_code) {
++		case WLAN_S1G_TWT_SETUP:
++		case WLAN_S1G_TWT_TEARDOWN:
++			if (ieee80211_process_rx_twt_action(rx))
++				goto queue;
++			break;
++		default:
++			break;
++		}
++		break;
+ 	}
+ 
+ 	return RX_CONTINUE;
+--- a/net/mac80211/s1g.c
++++ b/net/mac80211/s1g.c
+@@ -6,6 +6,7 @@
+ #include <linux/ieee80211.h>
+ #include <net/mac80211.h>
+ #include "ieee80211_i.h"
++#include "driver-ops.h"
+ 
+ void ieee80211_s1g_sta_rate_init(struct sta_info *sta)
+ {
+@@ -14,3 +15,182 @@ void ieee80211_s1g_sta_rate_init(struct
+ 	sta->rx_stats.last_rate =
+ 			STA_STATS_FIELD(TYPE, STA_STATS_RATE_TYPE_S1G);
+ }
++
++bool ieee80211_s1g_is_twt_setup(struct sk_buff *skb)
++{
++	struct ieee80211_mgmt *mgmt = (struct ieee80211_mgmt *)skb->data;
++
++	if (likely(!ieee80211_is_action(mgmt->frame_control)))
++		return false;
++
++	if (likely(mgmt->u.action.category != WLAN_CATEGORY_S1G))
++		return false;
++
++	return mgmt->u.action.u.s1g.action_code == WLAN_S1G_TWT_SETUP;
++}
++
++static void
++ieee80211_s1g_send_twt_setup(struct ieee80211_sub_if_data *sdata, const u8 *da,
++			     const u8 *bssid, struct ieee80211_twt_setup *twt)
++{
++	int len = IEEE80211_MIN_ACTION_SIZE + 4 + twt->length;
++	struct ieee80211_local *local = sdata->local;
++	struct ieee80211_mgmt *mgmt;
++	struct sk_buff *skb;
++
++	skb = dev_alloc_skb(local->hw.extra_tx_headroom + len);
++	if (!skb)
++		return;
++
++	skb_reserve(skb, local->hw.extra_tx_headroom);
++	mgmt = skb_put_zero(skb, len);
++	mgmt->frame_control = cpu_to_le16(IEEE80211_FTYPE_MGMT |
++					  IEEE80211_STYPE_ACTION);
++	memcpy(mgmt->da, da, ETH_ALEN);
++	memcpy(mgmt->sa, sdata->vif.addr, ETH_ALEN);
++	memcpy(mgmt->bssid, bssid, ETH_ALEN);
++
++	mgmt->u.action.category = WLAN_CATEGORY_S1G;
++	mgmt->u.action.u.s1g.action_code = WLAN_S1G_TWT_SETUP;
++	memcpy(mgmt->u.action.u.s1g.variable, twt, 3 + twt->length);
++
++	IEEE80211_SKB_CB(skb)->flags |= IEEE80211_TX_INTFL_DONT_ENCRYPT |
++					IEEE80211_TX_INTFL_MLME_CONN_TX |
++					IEEE80211_TX_CTL_REQ_TX_STATUS;
++	ieee80211_tx_skb(sdata, skb);
++}
++
++static void
++ieee80211_s1g_send_twt_teardown(struct ieee80211_sub_if_data *sdata,
++				const u8 *da, const u8 *bssid, u8 flowid)
++{
++	struct ieee80211_local *local = sdata->local;
++	struct ieee80211_mgmt *mgmt;
++	struct sk_buff *skb;
++	u8 *id;
++
++	skb = dev_alloc_skb(local->hw.extra_tx_headroom +
++			    IEEE80211_MIN_ACTION_SIZE + 2);
++	if (!skb)
++		return;
++
++	skb_reserve(skb, local->hw.extra_tx_headroom);
++	mgmt = skb_put_zero(skb, IEEE80211_MIN_ACTION_SIZE + 2);
++	mgmt->frame_control = cpu_to_le16(IEEE80211_FTYPE_MGMT |
++					  IEEE80211_STYPE_ACTION);
++	memcpy(mgmt->da, da, ETH_ALEN);
++	memcpy(mgmt->sa, sdata->vif.addr, ETH_ALEN);
++	memcpy(mgmt->bssid, bssid, ETH_ALEN);
++
++	mgmt->u.action.category = WLAN_CATEGORY_S1G;
++	mgmt->u.action.u.s1g.action_code = WLAN_S1G_TWT_TEARDOWN;
++	id = (u8 *)mgmt->u.action.u.s1g.variable;
++	*id = flowid;
++
++	IEEE80211_SKB_CB(skb)->flags |= IEEE80211_TX_INTFL_DONT_ENCRYPT |
++					IEEE80211_TX_CTL_REQ_TX_STATUS;
++	ieee80211_tx_skb(sdata, skb);
++}
++
++static void
++ieee80211_s1g_rx_twt_setup(struct ieee80211_sub_if_data *sdata,
++			   struct sta_info *sta, struct sk_buff *skb)
++{
++	struct ieee80211_mgmt *mgmt = (void *)skb->data;
++	struct ieee80211_twt_setup *twt = (void *)mgmt->u.action.u.s1g.variable;
++	struct ieee80211_twt_params *twt_agrt = (void *)twt->params;
++
++	twt_agrt->req_type &= cpu_to_le16(~IEEE80211_TWT_REQTYPE_REQUEST);
++
++	/* broadcast TWT not supported yet */
++	if (twt->control & IEEE80211_TWT_CONTROL_NEG_TYPE_BROADCAST) {
++		le16p_replace_bits(&twt_agrt->req_type,
++				   TWT_SETUP_CMD_REJECT,
++				   IEEE80211_TWT_REQTYPE_SETUP_CMD);
++		goto out;
++	}
++
++	drv_add_twt_setup(sdata->local, sdata, &sta->sta, twt);
++out:
++	ieee80211_s1g_send_twt_setup(sdata, mgmt->sa, sdata->vif.addr, twt);
++}
++
++static void
++ieee80211_s1g_rx_twt_teardown(struct ieee80211_sub_if_data *sdata,
++			      struct sta_info *sta, struct sk_buff *skb)
++{
++	struct ieee80211_mgmt *mgmt = (struct ieee80211_mgmt *)skb->data;
++
++	drv_twt_teardown_request(sdata->local, sdata, &sta->sta,
++				 mgmt->u.action.u.s1g.variable[0]);
++}
++
++static void
++ieee80211_s1g_tx_twt_setup_fail(struct ieee80211_sub_if_data *sdata,
++				struct sta_info *sta, struct sk_buff *skb)
++{
++	struct ieee80211_mgmt *mgmt = (struct ieee80211_mgmt *)skb->data;
++	struct ieee80211_twt_setup *twt = (void *)mgmt->u.action.u.s1g.variable;
++	struct ieee80211_twt_params *twt_agrt = (void *)twt->params;
++	u8 flowid = le16_get_bits(twt_agrt->req_type,
++				  IEEE80211_TWT_REQTYPE_FLOWID);
++
++	drv_twt_teardown_request(sdata->local, sdata, &sta->sta, flowid);
++
++	ieee80211_s1g_send_twt_teardown(sdata, mgmt->sa, sdata->vif.addr,
++					flowid);
++}
++
++void ieee80211_s1g_rx_twt_action(struct ieee80211_sub_if_data *sdata,
++				 struct sk_buff *skb)
++{
++	struct ieee80211_mgmt *mgmt = (struct ieee80211_mgmt *)skb->data;
++	struct ieee80211_local *local = sdata->local;
++	struct sta_info *sta;
++
++	mutex_lock(&local->sta_mtx);
++
++	sta = sta_info_get_bss(sdata, mgmt->sa);
++	if (!sta)
++		goto out;
++
++	switch (mgmt->u.action.u.s1g.action_code) {
++	case WLAN_S1G_TWT_SETUP:
++		ieee80211_s1g_rx_twt_setup(sdata, sta, skb);
++		break;
++	case WLAN_S1G_TWT_TEARDOWN:
++		ieee80211_s1g_rx_twt_teardown(sdata, sta, skb);
++		break;
++	default:
++		break;
++	}
++
++out:
++	mutex_unlock(&local->sta_mtx);
++}
++
++void ieee80211_s1g_status_twt_action(struct ieee80211_sub_if_data *sdata,
++				     struct sk_buff *skb)
++{
++	struct ieee80211_mgmt *mgmt = (struct ieee80211_mgmt *)skb->data;
++	struct ieee80211_local *local = sdata->local;
++	struct sta_info *sta;
++
++	mutex_lock(&local->sta_mtx);
++
++	sta = sta_info_get_bss(sdata, mgmt->da);
++	if (!sta)
++		goto out;
++
++	switch (mgmt->u.action.u.s1g.action_code) {
++	case WLAN_S1G_TWT_SETUP:
++		/* process failed twt setup frames */
++		ieee80211_s1g_tx_twt_setup_fail(sdata, sta, skb);
++		break;
++	default:
++		break;
++	}
++
++out:
++	mutex_unlock(&local->sta_mtx);
++}
+--- a/net/mac80211/status.c
++++ b/net/mac80211/status.c
+@@ -705,13 +705,26 @@ static void ieee80211_report_used_skb(st
+ 			/* Check to see if packet is a TDLS teardown packet */
+ 			if (ieee80211_is_data(hdr->frame_control) &&
+ 			    (ieee80211_get_tdls_action(skb, hdr_size) ==
+-			     WLAN_TDLS_TEARDOWN))
++			     WLAN_TDLS_TEARDOWN)) {
+ 				ieee80211_tdls_td_tx_handle(local, sdata, skb,
+ 							    info->flags);
+-			else
++			} else if (ieee80211_s1g_is_twt_setup(skb)) {
++				if (!acked) {
++					struct sk_buff *qskb;
++
++					qskb = skb_clone(skb, GFP_ATOMIC);
++					if (qskb) {
++						skb_queue_tail(&sdata->status_queue,
++							       qskb);
++						ieee80211_queue_work(&local->hw,
++								     &sdata->work);
++					}
++				}
++			} else {
+ 				ieee80211_mgd_conn_tx_status(sdata,
+ 							     hdr->frame_control,
+ 							     acked);
++			}
+ 		}
+ 
+ 		rcu_read_unlock();
+--- a/net/mac80211/trace.h
++++ b/net/mac80211/trace.h
+@@ -2804,6 +2804,73 @@ DEFINE_EVENT(sta_flag_evt, drv_sta_set_d
+ 	TP_ARGS(local, sdata, sta, enabled)
+ );
+ 
++TRACE_EVENT(drv_add_twt_setup,
++	TP_PROTO(struct ieee80211_local *local,
++		 struct ieee80211_sta *sta,
++		 struct ieee80211_twt_setup *twt,
++		 struct ieee80211_twt_params *twt_agrt),
++
++	TP_ARGS(local, sta, twt, twt_agrt),
++
++	TP_STRUCT__entry(
++		LOCAL_ENTRY
++		STA_ENTRY
++		__field(u8, dialog_token)
++		__field(u8, control)
++		__field(__le16, req_type)
++		__field(__le64, twt)
++		__field(u8, duration)
++		__field(__le16, mantissa)
++		__field(u8, channel)
++	),
++
++	TP_fast_assign(
++		LOCAL_ASSIGN;
++		STA_ASSIGN;
++		__entry->dialog_token = twt->dialog_token;
++		__entry->control = twt->control;
++		__entry->req_type = twt_agrt->req_type;
++		__entry->twt = twt_agrt->twt;
++		__entry->duration = twt_agrt->min_twt_dur;
++		__entry->mantissa = twt_agrt->mantissa;
++		__entry->channel = twt_agrt->channel;
++	),
++
++	TP_printk(
++		LOCAL_PR_FMT STA_PR_FMT
++		" token:%d control:0x%02x req_type:0x%04x"
++		" twt:%llu duration:%d mantissa:%d channel:%d",
++		LOCAL_PR_ARG, STA_PR_ARG, __entry->dialog_token,
++		__entry->control, le16_to_cpu(__entry->req_type),
++		le64_to_cpu(__entry->twt), __entry->duration,
++		le16_to_cpu(__entry->mantissa), __entry->channel
++	)
++);
++
++TRACE_EVENT(drv_twt_teardown_request,
++	TP_PROTO(struct ieee80211_local *local,
++		 struct ieee80211_sta *sta, u8 flowid),
++
++	TP_ARGS(local, sta, flowid),
++
++	TP_STRUCT__entry(
++		LOCAL_ENTRY
++		STA_ENTRY
++		__field(u8, flowid)
++	),
++
++	TP_fast_assign(
++		LOCAL_ASSIGN;
++		STA_ASSIGN;
++		__entry->flowid = flowid;
++	),
++
++	TP_printk(
++		LOCAL_PR_FMT STA_PR_FMT " flowid:%d",
++		LOCAL_PR_ARG, STA_PR_ARG, __entry->flowid
++	)
++);
++
+ #endif /* !__MAC80211_DRIVER_TRACE || TRACE_HEADER_MULTI_READ */
+ 
+ #undef TRACE_INCLUDE_PATH

package/kernel/mac80211/patches/subsys/391-wireless-align-some-HE-capabilities-with-the-spec.patch

@@ -0,0 +1,196 @@
+From: Johannes Berg <johannes.berg@intel.com>
+Date: Fri, 9 Apr 2021 12:40:17 +0300
+Subject: [PATCH] wireless: align some HE capabilities with the spec
+
+Some names were changed, align that with the spec as of
+802.11ax-D6.1.
+
+Signed-off-by: Luca Coelho <luciano.coelho@intel.com>
+Link: https://lore.kernel.org/r/iwlwifi.20210409123755.b1e5fbab0d8c.I3eb6076cb0714ec6aec6b8f9dee613ce4a05d825@changeid
+Signed-off-by: Johannes Berg <johannes.berg@intel.com>
+---
+
+--- a/drivers/net/wireless/ath/ath11k/mac.c
++++ b/drivers/net/wireless/ath/ath11k/mac.c
+@@ -3633,7 +3633,7 @@ ath11k_mac_filter_he_cap_mesh(struct iee
+ 	    IEEE80211_HE_MAC_CAP4_BQR;
+ 	he_cap_elem->mac_cap_info[4] &= ~m;
+ 
+-	m = IEEE80211_HE_MAC_CAP5_SUBCHAN_SELECVITE_TRANSMISSION |
++	m = IEEE80211_HE_MAC_CAP5_SUBCHAN_SELECTIVE_TRANSMISSION |
+ 	    IEEE80211_HE_MAC_CAP5_UL_2x996_TONE_RU |
+ 	    IEEE80211_HE_MAC_CAP5_PUNCTURED_SOUNDING |
+ 	    IEEE80211_HE_MAC_CAP5_HT_VHT_TRIG_FRAME_RX;
+@@ -3643,7 +3643,7 @@ ath11k_mac_filter_he_cap_mesh(struct iee
+ 	    IEEE80211_HE_PHY_CAP2_UL_MU_PARTIAL_MU_MIMO;
+ 	he_cap_elem->phy_cap_info[2] &= ~m;
+ 
+-	m = IEEE80211_HE_PHY_CAP3_RX_HE_MU_PPDU_FROM_NON_AP_STA |
++	m = IEEE80211_HE_PHY_CAP3_RX_PARTIAL_BW_SU_IN_20MHZ_MU |
+ 	    IEEE80211_HE_PHY_CAP3_DCM_MAX_CONST_TX_MASK |
+ 	    IEEE80211_HE_PHY_CAP3_DCM_MAX_CONST_RX_MASK;
+ 	he_cap_elem->phy_cap_info[3] &= ~m;
+@@ -3655,13 +3655,13 @@ ath11k_mac_filter_he_cap_mesh(struct iee
+ 	he_cap_elem->phy_cap_info[5] &= ~m;
+ 
+ 	m = IEEE80211_HE_PHY_CAP6_CODEBOOK_SIZE_75_MU |
+-	    IEEE80211_HE_PHY_CAP6_TRIG_MU_BEAMFORMER_FB |
++	    IEEE80211_HE_PHY_CAP6_TRIG_MU_BEAMFORMING_PARTIAL_BW_FB |
+ 	    IEEE80211_HE_PHY_CAP6_TRIG_CQI_FB |
+ 	    IEEE80211_HE_PHY_CAP6_PARTIAL_BANDWIDTH_DL_MUMIMO;
+ 	he_cap_elem->phy_cap_info[6] &= ~m;
+ 
+-	m = IEEE80211_HE_PHY_CAP7_SRP_BASED_SR |
+-	    IEEE80211_HE_PHY_CAP7_POWER_BOOST_FACTOR_AR |
++	m = IEEE80211_HE_PHY_CAP7_PSR_BASED_SR |
++	    IEEE80211_HE_PHY_CAP7_POWER_BOOST_FACTOR_SUPP |
+ 	    IEEE80211_HE_PHY_CAP7_STBC_TX_ABOVE_80MHZ |
+ 	    IEEE80211_HE_PHY_CAP7_STBC_RX_ABOVE_80MHZ;
+ 	he_cap_elem->phy_cap_info[7] &= ~m;
+--- a/drivers/net/wireless/mediatek/mt76/mt7915/init.c
++++ b/drivers/net/wireless/mediatek/mt76/mt7915/init.c
+@@ -307,8 +307,8 @@ mt7915_set_stream_he_txbf_caps(struct ie
+ 	    IEEE80211_HE_PHY_CAP5_BEAMFORMEE_NUM_SND_DIM_ABOVE_80MHZ_MASK;
+ 	elem->phy_cap_info[5] &= ~c;
+ 
+-	c = IEEE80211_HE_PHY_CAP6_TRIG_SU_BEAMFORMER_FB |
+-	    IEEE80211_HE_PHY_CAP6_TRIG_MU_BEAMFORMER_FB;
++	c = IEEE80211_HE_PHY_CAP6_TRIG_SU_BEAMFORMING_FB |
++	    IEEE80211_HE_PHY_CAP6_TRIG_MU_BEAMFORMING_PARTIAL_BW_FB;
+ 	elem->phy_cap_info[6] &= ~c;
+ 
+ 	elem->phy_cap_info[7] &= ~IEEE80211_HE_PHY_CAP7_MAX_NC_MASK;
+@@ -348,8 +348,8 @@ mt7915_set_stream_he_txbf_caps(struct ie
+ 	c = (nss - 1) | (max_t(int, mcs->tx_mcs_160, 1) << 3);
+ 	elem->phy_cap_info[5] |= c;
+ 
+-	c = IEEE80211_HE_PHY_CAP6_TRIG_SU_BEAMFORMER_FB |
+-	    IEEE80211_HE_PHY_CAP6_TRIG_MU_BEAMFORMER_FB;
++	c = IEEE80211_HE_PHY_CAP6_TRIG_SU_BEAMFORMING_FB |
++	    IEEE80211_HE_PHY_CAP6_TRIG_MU_BEAMFORMING_PARTIAL_BW_FB;
+ 	elem->phy_cap_info[6] |= c;
+ }
+ 
+@@ -484,7 +484,7 @@ mt7915_init_he_caps(struct mt7915_phy *p
+ 				IEEE80211_HE_PHY_CAP6_PARTIAL_BW_EXT_RANGE |
+ 				IEEE80211_HE_PHY_CAP6_PPE_THRESHOLD_PRESENT;
+ 			he_cap_elem->phy_cap_info[7] |=
+-				IEEE80211_HE_PHY_CAP7_POWER_BOOST_FACTOR_AR |
++				IEEE80211_HE_PHY_CAP7_POWER_BOOST_FACTOR_SUPP |
+ 				IEEE80211_HE_PHY_CAP7_HE_SU_MU_PPDU_4XLTF_AND_08_US_GI;
+ 			he_cap_elem->phy_cap_info[8] |=
+ 				IEEE80211_HE_PHY_CAP8_20MHZ_IN_40MHZ_HE_PPDU_IN_2G |
+--- a/include/linux/ieee80211.h
++++ b/include/linux/ieee80211.h
+@@ -2065,7 +2065,7 @@ int ieee80211_get_vht_max_nss(struct iee
+ #define IEEE80211_HE_MAC_CAP4_BSRP_BQRP_A_MPDU_AGG		0x01
+ #define IEEE80211_HE_MAC_CAP4_QTP				0x02
+ #define IEEE80211_HE_MAC_CAP4_BQR				0x04
+-#define IEEE80211_HE_MAC_CAP4_SRP_RESP				0x08
++#define IEEE80211_HE_MAC_CAP4_PSR_RESP				0x08
+ #define IEEE80211_HE_MAC_CAP4_NDP_FB_REP			0x10
+ #define IEEE80211_HE_MAC_CAP4_OPS				0x20
+ #define IEEE80211_HE_MAC_CAP4_AMDSU_IN_AMPDU			0x40
+@@ -2076,7 +2076,7 @@ int ieee80211_get_vht_max_nss(struct iee
+ 
+ #define IEEE80211_HE_MAC_CAP5_MULTI_TID_AGG_TX_QOS_B40		0x01
+ #define IEEE80211_HE_MAC_CAP5_MULTI_TID_AGG_TX_QOS_B41		0x02
+-#define IEEE80211_HE_MAC_CAP5_SUBCHAN_SELECVITE_TRANSMISSION	0x04
++#define IEEE80211_HE_MAC_CAP5_SUBCHAN_SELECTIVE_TRANSMISSION	0x04
+ #define IEEE80211_HE_MAC_CAP5_UL_2x996_TONE_RU			0x08
+ #define IEEE80211_HE_MAC_CAP5_OM_CTRL_UL_MU_DATA_DIS_RX		0x10
+ #define IEEE80211_HE_MAC_CAP5_HE_DYNAMIC_SM_PS			0x20
+@@ -2134,7 +2134,7 @@ int ieee80211_get_vht_max_nss(struct iee
+ #define IEEE80211_HE_PHY_CAP3_DCM_MAX_CONST_RX_MASK			0x18
+ #define IEEE80211_HE_PHY_CAP3_DCM_MAX_RX_NSS_1				0x00
+ #define IEEE80211_HE_PHY_CAP3_DCM_MAX_RX_NSS_2				0x20
+-#define IEEE80211_HE_PHY_CAP3_RX_HE_MU_PPDU_FROM_NON_AP_STA		0x40
++#define IEEE80211_HE_PHY_CAP3_RX_PARTIAL_BW_SU_IN_20MHZ_MU		0x40
+ #define IEEE80211_HE_PHY_CAP3_SU_BEAMFORMER				0x80
+ 
+ #define IEEE80211_HE_PHY_CAP4_SU_BEAMFORMEE				0x01
+@@ -2181,15 +2181,15 @@ int ieee80211_get_vht_max_nss(struct iee
+ 
+ #define IEEE80211_HE_PHY_CAP6_CODEBOOK_SIZE_42_SU			0x01
+ #define IEEE80211_HE_PHY_CAP6_CODEBOOK_SIZE_75_MU			0x02
+-#define IEEE80211_HE_PHY_CAP6_TRIG_SU_BEAMFORMER_FB			0x04
+-#define IEEE80211_HE_PHY_CAP6_TRIG_MU_BEAMFORMER_FB			0x08
++#define IEEE80211_HE_PHY_CAP6_TRIG_SU_BEAMFORMING_FB			0x04
++#define IEEE80211_HE_PHY_CAP6_TRIG_MU_BEAMFORMING_PARTIAL_BW_FB		0x08
+ #define IEEE80211_HE_PHY_CAP6_TRIG_CQI_FB				0x10
+ #define IEEE80211_HE_PHY_CAP6_PARTIAL_BW_EXT_RANGE			0x20
+ #define IEEE80211_HE_PHY_CAP6_PARTIAL_BANDWIDTH_DL_MUMIMO		0x40
+ #define IEEE80211_HE_PHY_CAP6_PPE_THRESHOLD_PRESENT			0x80
+ 
+-#define IEEE80211_HE_PHY_CAP7_SRP_BASED_SR				0x01
+-#define IEEE80211_HE_PHY_CAP7_POWER_BOOST_FACTOR_AR			0x02
++#define IEEE80211_HE_PHY_CAP7_PSR_BASED_SR				0x01
++#define IEEE80211_HE_PHY_CAP7_POWER_BOOST_FACTOR_SUPP			0x02
+ #define IEEE80211_HE_PHY_CAP7_HE_SU_MU_PPDU_4XLTF_AND_08_US_GI		0x04
+ #define IEEE80211_HE_PHY_CAP7_MAX_NC_1					0x08
+ #define IEEE80211_HE_PHY_CAP7_MAX_NC_2					0x10
+--- a/net/mac80211/debugfs_sta.c
++++ b/net/mac80211/debugfs_sta.c
+@@ -732,15 +732,15 @@ static ssize_t sta_he_capa_read(struct f
+ 	PFLAG(MAC, 4, BSRP_BQRP_A_MPDU_AGG, "BSRP-BQRP-A-MPDU-AGG");
+ 	PFLAG(MAC, 4, QTP, "QTP");
+ 	PFLAG(MAC, 4, BQR, "BQR");
+-	PFLAG(MAC, 4, SRP_RESP, "SRP-RESP");
++	PFLAG(MAC, 4, PSR_RESP, "PSR-RESP");
+ 	PFLAG(MAC, 4, NDP_FB_REP, "NDP-FB-REP");
+ 	PFLAG(MAC, 4, OPS, "OPS");
+ 	PFLAG(MAC, 4, AMDSU_IN_AMPDU, "AMSDU-IN-AMPDU");
+ 
+ 	PRINT("MULTI-TID-AGG-TX-QOS-%d", ((cap[5] << 1) | (cap[4] >> 7)) & 0x7);
+ 
+-	PFLAG(MAC, 5, SUBCHAN_SELECVITE_TRANSMISSION,
+-	      "SUBCHAN-SELECVITE-TRANSMISSION");
++	PFLAG(MAC, 5, SUBCHAN_SELECTIVE_TRANSMISSION,
++	      "SUBCHAN-SELECTIVE-TRANSMISSION");
+ 	PFLAG(MAC, 5, UL_2x996_TONE_RU, "UL-2x996-TONE-RU");
+ 	PFLAG(MAC, 5, OM_CTRL_UL_MU_DATA_DIS_RX, "OM-CTRL-UL-MU-DATA-DIS-RX");
+ 	PFLAG(MAC, 5, HE_DYNAMIC_SM_PS, "HE-DYNAMIC-SM-PS");
+@@ -832,8 +832,8 @@ static ssize_t sta_he_capa_read(struct f
+ 
+ 	PFLAG(PHY, 3, DCM_MAX_RX_NSS_1, "DCM-MAX-RX-NSS-1");
+ 	PFLAG(PHY, 3, DCM_MAX_RX_NSS_2, "DCM-MAX-RX-NSS-2");
+-	PFLAG(PHY, 3, RX_HE_MU_PPDU_FROM_NON_AP_STA,
+-	      "RX-HE-MU-PPDU-FROM-NON-AP-STA");
++	PFLAG(PHY, 3, RX_PARTIAL_BW_SU_IN_20MHZ_MU,
++	      "RX-PARTIAL-BW-SU-IN-20MHZ-MU");
+ 	PFLAG(PHY, 3, SU_BEAMFORMER, "SU-BEAMFORMER");
+ 
+ 	PFLAG(PHY, 4, SU_BEAMFORMEE, "SU-BEAMFORMEE");
+@@ -853,16 +853,17 @@ static ssize_t sta_he_capa_read(struct f
+ 
+ 	PFLAG(PHY, 6, CODEBOOK_SIZE_42_SU, "CODEBOOK-SIZE-42-SU");
+ 	PFLAG(PHY, 6, CODEBOOK_SIZE_75_MU, "CODEBOOK-SIZE-75-MU");
+-	PFLAG(PHY, 6, TRIG_SU_BEAMFORMER_FB, "TRIG-SU-BEAMFORMER-FB");
+-	PFLAG(PHY, 6, TRIG_MU_BEAMFORMER_FB, "TRIG-MU-BEAMFORMER-FB");
++	PFLAG(PHY, 6, TRIG_SU_BEAMFORMING_FB, "TRIG-SU-BEAMFORMING-FB");
++	PFLAG(PHY, 6, TRIG_MU_BEAMFORMING_PARTIAL_BW_FB,
++	      "MU-BEAMFORMING-PARTIAL-BW-FB");
+ 	PFLAG(PHY, 6, TRIG_CQI_FB, "TRIG-CQI-FB");
+ 	PFLAG(PHY, 6, PARTIAL_BW_EXT_RANGE, "PARTIAL-BW-EXT-RANGE");
+ 	PFLAG(PHY, 6, PARTIAL_BANDWIDTH_DL_MUMIMO,
+ 	      "PARTIAL-BANDWIDTH-DL-MUMIMO");
+ 	PFLAG(PHY, 6, PPE_THRESHOLD_PRESENT, "PPE-THRESHOLD-PRESENT");
+ 
+-	PFLAG(PHY, 7, SRP_BASED_SR, "SRP-BASED-SR");
+-	PFLAG(PHY, 7, POWER_BOOST_FACTOR_AR, "POWER-BOOST-FACTOR-AR");
++	PFLAG(PHY, 7, PSR_BASED_SR, "PSR-BASED-SR");
++	PFLAG(PHY, 7, POWER_BOOST_FACTOR_SUPP, "POWER-BOOST-FACTOR-SUPP");
+ 	PFLAG(PHY, 7, HE_SU_MU_PPDU_4XLTF_AND_08_US_GI,
+ 	      "HE-SU-MU-PPDU-4XLTF-AND-08-US-GI");
+ 	PFLAG_RANGE(PHY, 7, MAX_NC, 0, 1, 1, "MAX-NC-%d");
+--- a/drivers/net/wireless/intel/iwlwifi/iwl-nvm-parse.c
++++ b/drivers/net/wireless/intel/iwlwifi/iwl-nvm-parse.c
+@@ -630,7 +630,7 @@ static struct ieee80211_sband_iftype_dat
+ 				.phy_cap_info[6] =
+ 					IEEE80211_HE_PHY_CAP6_PPE_THRESHOLD_PRESENT,
+ 				.phy_cap_info[7] =
+-					IEEE80211_HE_PHY_CAP7_POWER_BOOST_FACTOR_AR |
++					IEEE80211_HE_PHY_CAP7_POWER_BOOST_FACTOR_SUPP |
+ 					IEEE80211_HE_PHY_CAP7_HE_SU_MU_PPDU_4XLTF_AND_08_US_GI |
+ 					IEEE80211_HE_PHY_CAP7_MAX_NC_1,
+ 				.phy_cap_info[8] =

package/kernel/mac80211/patches/subsys/392-wireless-fix-spelling-of-A-MSDU-in-HE-capabilities.patch

@@ -0,0 +1,113 @@
+From: Johannes Berg <johannes.berg@intel.com>
+Date: Fri, 9 Apr 2021 12:40:24 +0300
+Subject: [PATCH] wireless: fix spelling of A-MSDU in HE capabilities
+
+In the HE capabilities, spell A-MSDU correctly, not "A-MDSU".
+
+Signed-off-by: Luca Coelho <luciano.coelho@intel.com>
+Link: https://lore.kernel.org/r/iwlwifi.20210409123755.9e6ff1af1181.If6868bc6902ccd9a95c74c78f716c4b41473ef14@changeid
+Signed-off-by: Johannes Berg <johannes.berg@intel.com>
+---
+
+--- a/drivers/net/wireless/intel/iwlwifi/iwl-nvm-parse.c
++++ b/drivers/net/wireless/intel/iwlwifi/iwl-nvm-parse.c
+@@ -597,7 +597,7 @@ static struct ieee80211_sband_iftype_dat
+ 					IEEE80211_HE_MAC_CAP3_OMI_CONTROL |
+ 					IEEE80211_HE_MAC_CAP3_MAX_AMPDU_LEN_EXP_VHT_2,
+ 				.mac_cap_info[4] =
+-					IEEE80211_HE_MAC_CAP4_AMDSU_IN_AMPDU |
++					IEEE80211_HE_MAC_CAP4_AMSDU_IN_AMPDU |
+ 					IEEE80211_HE_MAC_CAP4_MULTI_TID_AGG_TX_QOS_B39,
+ 				.mac_cap_info[5] =
+ 					IEEE80211_HE_MAC_CAP5_MULTI_TID_AGG_TX_QOS_B40 |
+@@ -681,7 +681,7 @@ static struct ieee80211_sband_iftype_dat
+ 					IEEE80211_HE_MAC_CAP3_OMI_CONTROL |
+ 					IEEE80211_HE_MAC_CAP3_MAX_AMPDU_LEN_EXP_VHT_2,
+ 				.mac_cap_info[4] =
+-					IEEE80211_HE_MAC_CAP4_AMDSU_IN_AMPDU,
++					IEEE80211_HE_MAC_CAP4_AMSDU_IN_AMPDU,
+ 				.mac_cap_info[5] =
+ 					IEEE80211_HE_MAC_CAP5_UL_2x996_TONE_RU,
+ 				.phy_cap_info[0] =
+--- a/drivers/net/wireless/mediatek/mt76/mt7915/init.c
++++ b/drivers/net/wireless/mediatek/mt76/mt7915/init.c
+@@ -427,7 +427,7 @@ mt7915_init_he_caps(struct mt7915_phy *p
+ 			IEEE80211_HE_MAC_CAP3_OMI_CONTROL |
+ 			IEEE80211_HE_MAC_CAP3_MAX_AMPDU_LEN_EXP_RESERVED;
+ 		he_cap_elem->mac_cap_info[4] =
+-			IEEE80211_HE_MAC_CAP4_AMDSU_IN_AMPDU;
++			IEEE80211_HE_MAC_CAP4_AMSDU_IN_AMPDU;
+ 
+ 		if (band == NL80211_BAND_2GHZ)
+ 			he_cap_elem->phy_cap_info[0] =
+--- a/drivers/net/wireless/mediatek/mt76/mt7915/mcu.c
++++ b/drivers/net/wireless/mediatek/mt76/mt7915/mcu.c
+@@ -1358,7 +1358,7 @@ mt7915_mcu_sta_he_tlv(struct sk_buff *sk
+ 	if (elem->mac_cap_info[3] & IEEE80211_HE_MAC_CAP3_OMI_CONTROL)
+ 		cap |= STA_REC_HE_CAP_OM;
+ 
+-	if (elem->mac_cap_info[4] & IEEE80211_HE_MAC_CAP4_AMDSU_IN_AMPDU)
++	if (elem->mac_cap_info[4] & IEEE80211_HE_MAC_CAP4_AMSDU_IN_AMPDU)
+ 		cap |= STA_REC_HE_CAP_AMSDU_IN_AMPDU;
+ 
+ 	if (elem->mac_cap_info[4] & IEEE80211_HE_MAC_CAP4_BQR)
+--- a/include/linux/ieee80211.h
++++ b/include/linux/ieee80211.h
+@@ -2068,7 +2068,7 @@ int ieee80211_get_vht_max_nss(struct iee
+ #define IEEE80211_HE_MAC_CAP4_PSR_RESP				0x08
+ #define IEEE80211_HE_MAC_CAP4_NDP_FB_REP			0x10
+ #define IEEE80211_HE_MAC_CAP4_OPS				0x20
+-#define IEEE80211_HE_MAC_CAP4_AMDSU_IN_AMPDU			0x40
++#define IEEE80211_HE_MAC_CAP4_AMSDU_IN_AMPDU			0x40
+ /* Multi TID agg TX is split between byte #4 and #5
+  * The value is a combination of B39,B40,B41
+  */
+--- a/net/mac80211/debugfs_sta.c
++++ b/net/mac80211/debugfs_sta.c
+@@ -735,7 +735,7 @@ static ssize_t sta_he_capa_read(struct f
+ 	PFLAG(MAC, 4, PSR_RESP, "PSR-RESP");
+ 	PFLAG(MAC, 4, NDP_FB_REP, "NDP-FB-REP");
+ 	PFLAG(MAC, 4, OPS, "OPS");
+-	PFLAG(MAC, 4, AMDSU_IN_AMPDU, "AMSDU-IN-AMPDU");
++	PFLAG(MAC, 4, AMSDU_IN_AMPDU, "AMSDU-IN-AMPDU");
+ 
+ 	PRINT("MULTI-TID-AGG-TX-QOS-%d", ((cap[5] << 1) | (cap[4] >> 7)) & 0x7);
+ 
+--- a/drivers/net/wireless/mac80211_hwsim.c
++++ b/drivers/net/wireless/mac80211_hwsim.c
+@@ -2757,7 +2757,7 @@ static const struct ieee80211_sband_ifty
+ 				.mac_cap_info[3] =
+ 					IEEE80211_HE_MAC_CAP3_OMI_CONTROL |
+ 					IEEE80211_HE_MAC_CAP3_MAX_AMPDU_LEN_EXP_VHT_2,
+-				.mac_cap_info[4] = IEEE80211_HE_MAC_CAP4_AMDSU_IN_AMPDU,
++				.mac_cap_info[4] = IEEE80211_HE_MAC_CAP4_AMSDU_IN_AMPDU,
+ 				.phy_cap_info[1] =
+ 					IEEE80211_HE_PHY_CAP1_PREAMBLE_PUNC_RX_MASK |
+ 					IEEE80211_HE_PHY_CAP1_DEVICE_CLASS_A |
+@@ -2801,7 +2801,7 @@ static const struct ieee80211_sband_ifty
+ 				.mac_cap_info[3] =
+ 					IEEE80211_HE_MAC_CAP3_OMI_CONTROL |
+ 					IEEE80211_HE_MAC_CAP3_MAX_AMPDU_LEN_EXP_VHT_2,
+-				.mac_cap_info[4] = IEEE80211_HE_MAC_CAP4_AMDSU_IN_AMPDU,
++				.mac_cap_info[4] = IEEE80211_HE_MAC_CAP4_AMSDU_IN_AMPDU,
+ 				.phy_cap_info[1] =
+ 					IEEE80211_HE_PHY_CAP1_PREAMBLE_PUNC_RX_MASK |
+ 					IEEE80211_HE_PHY_CAP1_DEVICE_CLASS_A |
+@@ -2847,7 +2847,7 @@ static const struct ieee80211_sband_ifty
+ 				.mac_cap_info[3] =
+ 					IEEE80211_HE_MAC_CAP3_OMI_CONTROL |
+ 					IEEE80211_HE_MAC_CAP3_MAX_AMPDU_LEN_EXP_VHT_2,
+-				.mac_cap_info[4] = IEEE80211_HE_MAC_CAP4_AMDSU_IN_AMPDU,
++				.mac_cap_info[4] = IEEE80211_HE_MAC_CAP4_AMSDU_IN_AMPDU,
+ 				.phy_cap_info[0] =
+ 					IEEE80211_HE_PHY_CAP0_CHANNEL_WIDTH_SET_40MHZ_80MHZ_IN_5G |
+ 					IEEE80211_HE_PHY_CAP0_CHANNEL_WIDTH_SET_160MHZ_IN_5G |
+@@ -2895,7 +2895,7 @@ static const struct ieee80211_sband_ifty
+ 				.mac_cap_info[3] =
+ 					IEEE80211_HE_MAC_CAP3_OMI_CONTROL |
+ 					IEEE80211_HE_MAC_CAP3_MAX_AMPDU_LEN_EXP_VHT_2,
+-				.mac_cap_info[4] = IEEE80211_HE_MAC_CAP4_AMDSU_IN_AMPDU,
++				.mac_cap_info[4] = IEEE80211_HE_MAC_CAP4_AMSDU_IN_AMPDU,
+ 				.phy_cap_info[0] =
+ 					IEEE80211_HE_PHY_CAP0_CHANNEL_WIDTH_SET_40MHZ_80MHZ_IN_5G |
+ 					IEEE80211_HE_PHY_CAP0_CHANNEL_WIDTH_SET_160MHZ_IN_5G |

package/kernel/mac80211/patches/subsys/393-wireless-align-HE-capabilities-A-MPDU-Length-Exponen.patch

@@ -0,0 +1,148 @@
+From: Johannes Berg <johannes.berg@intel.com>
+Date: Fri, 9 Apr 2021 12:40:20 +0300
+Subject: [PATCH] wireless: align HE capabilities A-MPDU Length Exponent
+ Extension
+
+The A-MPDU length exponent extension is defined differently in
+802.11ax D6.1, align with that.
+
+Signed-off-by: Luca Coelho <luciano.coelho@intel.com>
+Link: https://lore.kernel.org/r/iwlwifi.20210409123755.c2a257d3e2df.I3455245d388c52c61dace7e7958dbed7e807cfb6@changeid
+Signed-off-by: Johannes Berg <johannes.berg@intel.com>
+---
+
+--- a/drivers/net/wireless/ath/ath11k/mac.c
++++ b/drivers/net/wireless/ath/ath11k/mac.c
+@@ -1295,9 +1295,8 @@ static void ath11k_peer_assoc_h_he(struc
+ 	 * request, then use MAX_AMPDU_LEN_FACTOR as 16 to calculate max_ampdu
+ 	 * length.
+ 	 */
+-	ampdu_factor = (he_cap->he_cap_elem.mac_cap_info[3] &
+-			IEEE80211_HE_MAC_CAP3_MAX_AMPDU_LEN_EXP_MASK) >>
+-			IEEE80211_HE_MAC_CAP3_MAX_AMPDU_LEN_EXP_SHIFT;
++	ampdu_factor = u8_get_bits(he_cap->he_cap_elem.mac_cap_info[3],
++				   IEEE80211_HE_MAC_CAP3_MAX_AMPDU_LEN_EXP_MASK);
+ 
+ 	if (ampdu_factor) {
+ 		if (sta->vht_cap.vht_supported)
+--- a/drivers/net/wireless/intel/iwlwifi/iwl-nvm-parse.c
++++ b/drivers/net/wireless/intel/iwlwifi/iwl-nvm-parse.c
+@@ -595,7 +595,7 @@ static struct ieee80211_sband_iftype_dat
+ 					IEEE80211_HE_MAC_CAP2_32BIT_BA_BITMAP,
+ 				.mac_cap_info[3] =
+ 					IEEE80211_HE_MAC_CAP3_OMI_CONTROL |
+-					IEEE80211_HE_MAC_CAP3_MAX_AMPDU_LEN_EXP_VHT_2,
++					IEEE80211_HE_MAC_CAP3_MAX_AMPDU_LEN_EXP_EXT_2,
+ 				.mac_cap_info[4] =
+ 					IEEE80211_HE_MAC_CAP4_AMSDU_IN_AMPDU |
+ 					IEEE80211_HE_MAC_CAP4_MULTI_TID_AGG_TX_QOS_B39,
+@@ -679,7 +679,7 @@ static struct ieee80211_sband_iftype_dat
+ 					IEEE80211_HE_MAC_CAP2_BSR,
+ 				.mac_cap_info[3] =
+ 					IEEE80211_HE_MAC_CAP3_OMI_CONTROL |
+-					IEEE80211_HE_MAC_CAP3_MAX_AMPDU_LEN_EXP_VHT_2,
++					IEEE80211_HE_MAC_CAP3_MAX_AMPDU_LEN_EXP_EXT_2,
+ 				.mac_cap_info[4] =
+ 					IEEE80211_HE_MAC_CAP4_AMSDU_IN_AMPDU,
+ 				.mac_cap_info[5] =
+--- a/drivers/net/wireless/mac80211_hwsim.c
++++ b/drivers/net/wireless/mac80211_hwsim.c
+@@ -2756,7 +2756,7 @@ static const struct ieee80211_sband_ifty
+ 					IEEE80211_HE_MAC_CAP2_ACK_EN,
+ 				.mac_cap_info[3] =
+ 					IEEE80211_HE_MAC_CAP3_OMI_CONTROL |
+-					IEEE80211_HE_MAC_CAP3_MAX_AMPDU_LEN_EXP_VHT_2,
++					IEEE80211_HE_MAC_CAP3_MAX_AMPDU_LEN_EXP_EXT_3,
+ 				.mac_cap_info[4] = IEEE80211_HE_MAC_CAP4_AMSDU_IN_AMPDU,
+ 				.phy_cap_info[1] =
+ 					IEEE80211_HE_PHY_CAP1_PREAMBLE_PUNC_RX_MASK |
+@@ -2800,7 +2800,7 @@ static const struct ieee80211_sband_ifty
+ 					IEEE80211_HE_MAC_CAP2_ACK_EN,
+ 				.mac_cap_info[3] =
+ 					IEEE80211_HE_MAC_CAP3_OMI_CONTROL |
+-					IEEE80211_HE_MAC_CAP3_MAX_AMPDU_LEN_EXP_VHT_2,
++					IEEE80211_HE_MAC_CAP3_MAX_AMPDU_LEN_EXP_EXT_3,
+ 				.mac_cap_info[4] = IEEE80211_HE_MAC_CAP4_AMSDU_IN_AMPDU,
+ 				.phy_cap_info[1] =
+ 					IEEE80211_HE_PHY_CAP1_PREAMBLE_PUNC_RX_MASK |
+@@ -2846,7 +2846,7 @@ static const struct ieee80211_sband_ifty
+ 					IEEE80211_HE_MAC_CAP2_ACK_EN,
+ 				.mac_cap_info[3] =
+ 					IEEE80211_HE_MAC_CAP3_OMI_CONTROL |
+-					IEEE80211_HE_MAC_CAP3_MAX_AMPDU_LEN_EXP_VHT_2,
++					IEEE80211_HE_MAC_CAP3_MAX_AMPDU_LEN_EXP_EXT_3,
+ 				.mac_cap_info[4] = IEEE80211_HE_MAC_CAP4_AMSDU_IN_AMPDU,
+ 				.phy_cap_info[0] =
+ 					IEEE80211_HE_PHY_CAP0_CHANNEL_WIDTH_SET_40MHZ_80MHZ_IN_5G |
+@@ -2894,7 +2894,7 @@ static const struct ieee80211_sband_ifty
+ 					IEEE80211_HE_MAC_CAP2_ACK_EN,
+ 				.mac_cap_info[3] =
+ 					IEEE80211_HE_MAC_CAP3_OMI_CONTROL |
+-					IEEE80211_HE_MAC_CAP3_MAX_AMPDU_LEN_EXP_VHT_2,
++					IEEE80211_HE_MAC_CAP3_MAX_AMPDU_LEN_EXP_EXT_3,
+ 				.mac_cap_info[4] = IEEE80211_HE_MAC_CAP4_AMSDU_IN_AMPDU,
+ 				.phy_cap_info[0] =
+ 					IEEE80211_HE_PHY_CAP0_CHANNEL_WIDTH_SET_40MHZ_80MHZ_IN_5G |
+--- a/drivers/net/wireless/mediatek/mt76/mt7915/init.c
++++ b/drivers/net/wireless/mediatek/mt76/mt7915/init.c
+@@ -425,7 +425,7 @@ mt7915_init_he_caps(struct mt7915_phy *p
+ 			IEEE80211_HE_MAC_CAP0_HTC_HE;
+ 		he_cap_elem->mac_cap_info[3] =
+ 			IEEE80211_HE_MAC_CAP3_OMI_CONTROL |
+-			IEEE80211_HE_MAC_CAP3_MAX_AMPDU_LEN_EXP_RESERVED;
++			IEEE80211_HE_MAC_CAP3_MAX_AMPDU_LEN_EXP_EXT_3;
+ 		he_cap_elem->mac_cap_info[4] =
+ 			IEEE80211_HE_MAC_CAP4_AMSDU_IN_AMPDU;
+ 
+--- a/include/linux/ieee80211.h
++++ b/include/linux/ieee80211.h
+@@ -2051,17 +2051,15 @@ int ieee80211_get_vht_max_nss(struct iee
+  * A-MDPU Length Exponent field in the HT capabilities, VHT capabilities and the
+  * same field in the HE capabilities.
+  */
+-#define IEEE80211_HE_MAC_CAP3_MAX_AMPDU_LEN_EXP_USE_VHT	0x00
+-#define IEEE80211_HE_MAC_CAP3_MAX_AMPDU_LEN_EXP_VHT_1		0x08
+-#define IEEE80211_HE_MAC_CAP3_MAX_AMPDU_LEN_EXP_VHT_2		0x10
+-#define IEEE80211_HE_MAC_CAP3_MAX_AMPDU_LEN_EXP_RESERVED	0x18
++#define IEEE80211_HE_MAC_CAP3_MAX_AMPDU_LEN_EXP_EXT_0		0x00
++#define IEEE80211_HE_MAC_CAP3_MAX_AMPDU_LEN_EXP_EXT_1		0x08
++#define IEEE80211_HE_MAC_CAP3_MAX_AMPDU_LEN_EXP_EXT_2		0x10
++#define IEEE80211_HE_MAC_CAP3_MAX_AMPDU_LEN_EXP_EXT_3		0x18
+ #define IEEE80211_HE_MAC_CAP3_MAX_AMPDU_LEN_EXP_MASK		0x18
+ #define IEEE80211_HE_MAC_CAP3_AMSDU_FRAG			0x20
+ #define IEEE80211_HE_MAC_CAP3_FLEX_TWT_SCHED			0x40
+ #define IEEE80211_HE_MAC_CAP3_RX_CTRL_FRAME_TO_MULTIBSS		0x80
+ 
+-#define IEEE80211_HE_MAC_CAP3_MAX_AMPDU_LEN_EXP_SHIFT		3
+-
+ #define IEEE80211_HE_MAC_CAP4_BSRP_BQRP_A_MPDU_AGG		0x01
+ #define IEEE80211_HE_MAC_CAP4_QTP				0x02
+ #define IEEE80211_HE_MAC_CAP4_BQR				0x04
+--- a/net/mac80211/debugfs_sta.c
++++ b/net/mac80211/debugfs_sta.c
+@@ -711,17 +711,17 @@ static ssize_t sta_he_capa_read(struct f
+ 	PFLAG(MAC, 3, OFDMA_RA, "OFDMA-RA");
+ 
+ 	switch (cap[3] & IEEE80211_HE_MAC_CAP3_MAX_AMPDU_LEN_EXP_MASK) {
+-	case IEEE80211_HE_MAC_CAP3_MAX_AMPDU_LEN_EXP_USE_VHT:
+-		PRINT("MAX-AMPDU-LEN-EXP-USE-VHT");
++	case IEEE80211_HE_MAC_CAP3_MAX_AMPDU_LEN_EXP_EXT_0:
++		PRINT("MAX-AMPDU-LEN-EXP-USE-EXT-0");
+ 		break;
+-	case IEEE80211_HE_MAC_CAP3_MAX_AMPDU_LEN_EXP_VHT_1:
+-		PRINT("MAX-AMPDU-LEN-EXP-VHT-1");
++	case IEEE80211_HE_MAC_CAP3_MAX_AMPDU_LEN_EXP_EXT_1:
++		PRINT("MAX-AMPDU-LEN-EXP-VHT-EXT-1");
+ 		break;
+-	case IEEE80211_HE_MAC_CAP3_MAX_AMPDU_LEN_EXP_VHT_2:
+-		PRINT("MAX-AMPDU-LEN-EXP-VHT-2");
++	case IEEE80211_HE_MAC_CAP3_MAX_AMPDU_LEN_EXP_EXT_2:
++		PRINT("MAX-AMPDU-LEN-EXP-VHT-EXT-2");
+ 		break;
+-	case IEEE80211_HE_MAC_CAP3_MAX_AMPDU_LEN_EXP_RESERVED:
+-		PRINT("MAX-AMPDU-LEN-EXP-RESERVED");
++	case IEEE80211_HE_MAC_CAP3_MAX_AMPDU_LEN_EXP_EXT_3:
++		PRINT("MAX-AMPDU-LEN-EXP-VHT-EXT-3");
+ 		break;
+ 	}
+ 

package/kernel/mac80211/patches/subsys/394-mac80211-fix-rate-control-for-retransmitted-frames.patch

@@ -0,0 +1,35 @@
+From: Felix Fietkau <nbd@nbd.name>
+Date: Mon, 22 Nov 2021 21:39:38 +0100
+Subject: [PATCH] mac80211: fix rate control for retransmitted frames
+
+Since retransmission clears info->control, rate control needs to be called
+again, otherwise the driver might crash due to invalid rates.
+
+Cc: stable@vger.kernel.org # 5.14+
+Reported-by: Aaro Koskinen <aaro.koskinen@iki.fi>
+Reported-by: Robert W <rwbugreport@lost-in-the-void.net>
+Fixes: 03c3911d2d67 ("mac80211: call ieee80211_tx_h_rate_ctrl() when dequeue")
+Signed-off-by: Felix Fietkau <nbd@nbd.name>
+---
+
+--- a/net/mac80211/tx.c
++++ b/net/mac80211/tx.c
+@@ -1835,15 +1835,15 @@ static int invoke_tx_handlers_late(struc
+ 	struct ieee80211_tx_info *info = IEEE80211_SKB_CB(tx->skb);
+ 	ieee80211_tx_result res = TX_CONTINUE;
+ 
++	if (!ieee80211_hw_check(&tx->local->hw, HAS_RATE_CONTROL))
++		CALL_TXH(ieee80211_tx_h_rate_ctrl);
++
+ 	if (unlikely(info->flags & IEEE80211_TX_INTFL_RETRANSMISSION)) {
+ 		__skb_queue_tail(&tx->skbs, tx->skb);
+ 		tx->skb = NULL;
+ 		goto txh_done;
+ 	}
+ 
+-	if (!ieee80211_hw_check(&tx->local->hw, HAS_RATE_CONTROL))
+-		CALL_TXH(ieee80211_tx_h_rate_ctrl);
+-
+ 	CALL_TXH(ieee80211_tx_h_michael_mic_add);
+ 	CALL_TXH(ieee80211_tx_h_sequence);
+ 	CALL_TXH(ieee80211_tx_h_fragment);

package/kernel/mac80211/patches/subsys/395-mac80211-use-coarse-boottime-for-airtime-fairness-co.patch

@@ -0,0 +1,60 @@
+From: Felix Fietkau <nbd@nbd.name>
+Date: Tue, 14 Dec 2021 17:53:12 +0100
+Subject: [PATCH] mac80211: use coarse boottime for airtime fairness code
+
+The time values used by the airtime fairness code only need to be accurate
+enough to cover station activity detection.
+Using ktime_get_coarse_boottime_ns instead of ktime_get_boottime_ns will
+drop the accuracy down to jiffies intervals, but at the same time saves
+a lot of CPU cycles in a hot path
+
+Signed-off-by: Felix Fietkau <nbd@nbd.name>
+---
+
+--- a/net/mac80211/tx.c
++++ b/net/mac80211/tx.c
+@@ -3834,7 +3834,7 @@ struct ieee80211_txq *ieee80211_next_txq
+ {
+ 	struct ieee80211_local *local = hw_to_local(hw);
+ 	struct airtime_sched_info *air_sched;
+-	u64 now = ktime_get_boottime_ns();
++	u64 now = ktime_get_coarse_boottime_ns();
+ 	struct ieee80211_txq *ret = NULL;
+ 	struct airtime_info *air_info;
+ 	struct txq_info *txqi = NULL;
+@@ -3961,7 +3961,7 @@ void ieee80211_update_airtime_weight(str
+ 	u64 weight_sum = 0;
+ 
+ 	if (unlikely(!now))
+-		now = ktime_get_boottime_ns();
++		now = ktime_get_coarse_boottime_ns();
+ 
+ 	lockdep_assert_held(&air_sched->lock);
+ 
+@@ -3987,7 +3987,7 @@ void ieee80211_schedule_txq(struct ieee8
+ 	struct ieee80211_local *local = hw_to_local(hw);
+ 	struct txq_info *txqi = to_txq_info(txq);
+ 	struct airtime_sched_info *air_sched;
+-	u64 now = ktime_get_boottime_ns();
++	u64 now = ktime_get_coarse_boottime_ns();
+ 	struct airtime_info *air_info;
+ 	u8 ac = txq->ac;
+ 	bool was_active;
+@@ -4045,7 +4045,7 @@ static void __ieee80211_unschedule_txq(s
+ 
+ 	if (!purge)
+ 		airtime_set_active(air_sched, air_info,
+-				   ktime_get_boottime_ns());
++				   ktime_get_coarse_boottime_ns());
+ 
+ 	rb_erase_cached(&txqi->schedule_order,
+ 			&air_sched->active_txqs);
+@@ -4133,7 +4133,7 @@ bool ieee80211_txq_may_transmit(struct i
+ 	if (RB_EMPTY_NODE(&txqi->schedule_order))
+ 		goto out;
+ 
+-	now = ktime_get_boottime_ns();
++	now = ktime_get_coarse_boottime_ns();
+ 
+ 	/* Like in ieee80211_next_txq(), make sure the first station in the
+ 	 * scheduling order is eligible for transmission to avoid starvation.

package/kernel/mac80211/patches/subsys/400-allow-ibss-mixed.patch

@@ -5,7 +5,7 @@ and we should ignore this.
 
 --- a/net/wireless/core.c
 +++ b/net/wireless/core.c
-@@ -614,21 +614,6 @@ static int wiphy_verify_combinations(str
+@@ -615,21 +615,6 @@ static int wiphy_verify_combinations(str
  				    c->limits[j].max > 1))
  				return -EINVAL;
  

package/kernel/mac80211/patches/subsys/500-mac80211_configure_antenna_gain.patch

@@ -1,6 +1,6 @@
 --- a/include/net/cfg80211.h
 +++ b/include/net/cfg80211.h
-@@ -3745,6 +3745,7 @@ struct mgmt_frame_regs {
+@@ -3814,6 +3814,7 @@ struct mgmt_frame_regs {
   *	(as advertised by the nl80211 feature flag.)
   * @get_tx_power: store the current TX power into the dbm variable;
   *	return 0 if successful
@@ -8,7 +8,7 @@
   *
   * @set_wds_peer: set the WDS peer for a WDS interface
   *
-@@ -4067,6 +4068,7 @@ struct cfg80211_ops {
+@@ -4138,6 +4139,7 @@ struct cfg80211_ops {
  				enum nl80211_tx_power_setting type, int mbm);
  	int	(*get_tx_power)(struct wiphy *wiphy, struct wireless_dev *wdev,
  				int *dbm);
@@ -36,9 +36,9 @@
  	u8 ps_dtim_period;
 --- a/include/uapi/linux/nl80211.h
 +++ b/include/uapi/linux/nl80211.h
-@@ -2560,6 +2560,9 @@ enum nl80211_commands {
-  *	disassoc events to indicate that an immediate reconnect to the AP
-  *	is desired.
+@@ -2593,6 +2593,9 @@ enum nl80211_commands {
+  * @NL80211_ATTR_COLOR_CHANGE_ELEMS: Nested set of attributes containing the IE
+  *	information for the time while performing a color switch.
   *
 + * @NL80211_ATTR_WIPHY_ANTENNA_GAIN: Configured antenna gain. Used to reduce
 + *	transmit power to stay within regulatory limits. u32, dBi.
@@ -46,9 +46,9 @@
   * @NUM_NL80211_ATTR: total number of nl80211_attrs available
   * @NL80211_ATTR_MAX: highest attribute number currently defined
   * @__NL80211_ATTR_AFTER_LAST: internal use
-@@ -3057,6 +3060,8 @@ enum nl80211_attrs {
- 
- 	NL80211_ATTR_DISABLE_HE,
+@@ -3096,6 +3099,8 @@ enum nl80211_attrs {
+ 	NL80211_ATTR_COLOR_CHANGE_COLOR,
+ 	NL80211_ATTR_COLOR_CHANGE_ELEMS,
  
 +	NL80211_ATTR_WIPHY_ANTENNA_GAIN,
 +
@@ -57,7 +57,7 @@
  	__NL80211_ATTR_AFTER_LAST,
 --- a/net/mac80211/cfg.c
 +++ b/net/mac80211/cfg.c
-@@ -2709,6 +2709,19 @@ static int ieee80211_get_tx_power(struct
+@@ -2769,6 +2769,19 @@ static int ieee80211_get_tx_power(struct
  	return 0;
  }
  
@@ -77,7 +77,7 @@
  static int ieee80211_set_wds_peer(struct wiphy *wiphy, struct net_device *dev,
  				  const u8 *addr)
  {
-@@ -4139,6 +4152,7 @@ const struct cfg80211_ops mac80211_confi
+@@ -4413,6 +4426,7 @@ const struct cfg80211_ops mac80211_confi
  	.set_wiphy_params = ieee80211_set_wiphy_params,
  	.set_tx_power = ieee80211_set_tx_power,
  	.get_tx_power = ieee80211_get_tx_power,
@@ -87,7 +87,7 @@
  	CFG80211_TESTMODE_CMD(ieee80211_testmode_cmd)
 --- a/net/mac80211/ieee80211_i.h
 +++ b/net/mac80211/ieee80211_i.h
-@@ -1390,6 +1390,7 @@ struct ieee80211_local {
+@@ -1435,6 +1435,7 @@ struct ieee80211_local {
  	int dynamic_ps_forced_timeout;
  
  	int user_power_level; /* in dBm, for all interfaces */
@@ -129,15 +129,15 @@
  	local->hw.max_mtu = IEEE80211_MAX_DATA_LEN;
 --- a/net/wireless/nl80211.c
 +++ b/net/wireless/nl80211.c
-@@ -740,6 +740,7 @@ static const struct nla_policy nl80211_p
- 		NLA_POLICY_RANGE(NLA_U8, NL80211_SAE_PWE_HUNT_AND_PECK,
- 				 NL80211_SAE_PWE_BOTH),
- 	[NL80211_ATTR_RECONNECT_REQUESTED] = { .type = NLA_REJECT },
+@@ -757,6 +757,7 @@ static const struct nla_policy nl80211_p
+ 	[NL80211_ATTR_COLOR_CHANGE_COUNT] = { .type = NLA_U8 },
+ 	[NL80211_ATTR_COLOR_CHANGE_COLOR] = { .type = NLA_U8 },
+ 	[NL80211_ATTR_COLOR_CHANGE_ELEMS] = NLA_POLICY_NESTED(nl80211_policy),
 +	[NL80211_ATTR_WIPHY_ANTENNA_GAIN] = { .type = NLA_U32 },
  };
  
  /* policy for the key attributes */
-@@ -3248,6 +3249,20 @@ static int nl80211_set_wiphy(struct sk_b
+@@ -3322,6 +3323,20 @@ static int nl80211_set_wiphy(struct sk_b
  		if (result)
  			return result;
  	}

package/kernel/mt76/Makefile

@@ -8,11 +8,12 @@ PKG_LICENSE_FILES:=
 
 PKG_SOURCE_URL:=https://github.com/openwrt/mt76
 PKG_SOURCE_PROTO:=git
-PKG_SOURCE_DATE:=2021-06-06
-PKG_SOURCE_VERSION:=22b690334c0f49b11534cc2e331c9d5e17c4a0bc
-PKG_MIRROR_HASH:=ff5e563935919d2e40c1e7254ef3bc06f7ecc5e69f8ddd12903e8f5de942d630
+PKG_SOURCE_DATE:=2021-12-03
+PKG_SOURCE_VERSION:=678071ef70297b7264661c356ddb3c8cf7f3c87b
+PKG_MIRROR_HASH:=b1f8613f7c65ca6a893f83ed9efc3f7ce72b9b4904fd11b89264f57f4f2a3b5e
 
 PKG_MAINTAINER:=Felix Fietkau <nbd@nbd.name>
+PKG_USE_NINJA:=0
 PKG_BUILD_PARALLEL:=1
 
 PKG_CONFIG_DEPENDS += \
@@ -151,6 +152,14 @@ define KernelPackage/mt76-connac
   FILES:= $(PKG_BUILD_DIR)/mt76-connac-lib.ko
 endef
 
+define KernelPackage/mt76-sdio
+  $(KernelPackage/mt76-default)
+  TITLE:=MediaTek MT7615/MT79xx SDIO driver common code
+  HIDDEN:=1
+  DEPENDS+=+kmod-mt76-core +kmod-mmc
+  FILES:= $(PKG_BUILD_DIR)/mt76-sdio.ko
+endef
+
 define KernelPackage/mt7615-common
   $(KernelPackage/mt76-default)
   TITLE:=MediaTek MT7615 wireless driver common code
@@ -195,9 +204,8 @@ endef
 define KernelPackage/mt7663s
   $(KernelPackage/mt76-default)
   TITLE:=MediaTek MT7663s wireless driver
-  DEPENDS+=+kmod-mmc +kmod-mt7615-common +kmod-mt7663-usb-sdio
+  DEPENDS+=+kmod-mt76-sdio +kmod-mt7615-common +kmod-mt7663-usb-sdio
   FILES:= \
-	$(PKG_BUILD_DIR)/mt76-sdio.ko \
 	$(PKG_BUILD_DIR)/mt7615/mt7663s.ko
   AUTOLOAD:=$(call AutoProbe,mt7663s)
 endef
@@ -218,10 +226,25 @@ define KernelPackage/mt7915e
   AUTOLOAD:=$(call AutoProbe,mt7915e)
 endef
 
+define KernelPackage/mt7921-common
+  TITLE:=MediaTek MT7615 wireless driver common code
+  HIDDEN:=1
+  DEPENDS+=@PCI_SUPPORT +kmod-mt76-core +kmod-mt76-connac
+  FILES:= $(PKG_BUILD_DIR)/mt7921/mt7921-common.ko
+endef
+
+define KernelPackage/mt7921s
+  $(KernelPackage/mt76-default)
+  TITLE:=MediaTek MT7921s wireless driver
+  DEPENDS+=@PCI_SUPPORT +kmod-mt76-connac +kmod-mt76-sdio +kmod-mt7921-common
+  FILES:= $(PKG_BUILD_DIR)/mt7921/mt7921s.ko
+  AUTOLOAD:=$(call AutoProbe,mt7921s)
+endef
+
 define KernelPackage/mt7921e
   $(KernelPackage/mt76-default)
   TITLE:=MediaTek MT7921e wireless driver
-  DEPENDS+=@PCI_SUPPORT +kmod-mt76-connac
+  DEPENDS+=@PCI_SUPPORT +kmod-mt76-connac +kmod-mt7921-common
   FILES:= $(PKG_BUILD_DIR)/mt7921/mt7921e.ko
   AUTOLOAD:=$(call AutoProbe,mt7921e)
 endef
@@ -287,6 +310,9 @@ endif
 ifdef CONFIG_PACKAGE_kmod-mt76-connac
   PKG_MAKE_FLAGS += CONFIG_MT76_CONNAC_LIB=m
 endif
+ifdef CONFIG_PACKAGE_kmod-mt76-sdio
+  PKG_MAKE_FLAGS += CONFIG_MT76_SDIO=m
+endif
 ifdef CONFIG_PACKAGE_kmod-mt7615-common
   PKG_MAKE_FLAGS += CONFIG_MT7615_COMMON=m
 endif
@@ -301,7 +327,6 @@ ifdef CONFIG_PACKAGE_kmod-mt7663-usb-sdio
   PKG_MAKE_FLAGS += CONFIG_MT7663_USB_SDIO_COMMON=m
 endif
 ifdef CONFIG_PACKAGE_kmod-mt7663s
-  PKG_MAKE_FLAGS += CONFIG_MT76_SDIO=m
   PKG_MAKE_FLAGS += CONFIG_MT7663S=m
 endif
 ifdef CONFIG_PACKAGE_kmod-mt7663u
@@ -310,6 +335,12 @@ endif
 ifdef CONFIG_PACKAGE_kmod-mt7915e
   PKG_MAKE_FLAGS += CONFIG_MT7915E=m
 endif
+ifdef CONFIG_PACKAGE_kmod-mt7921-common
+  PKG_MAKE_FLAGS += CONFIG_MT7921_COMMON=m
+endif
+ifdef CONFIG_PACKAGE_kmod-mt7921s
+  PKG_MAKE_FLAGS += CONFIG_MT7921S=m
+endif
 ifdef CONFIG_PACKAGE_kmod-mt7921e
   PKG_MAKE_FLAGS += CONFIG_MT7921E=m
 endif
@@ -432,6 +463,7 @@ $(eval $(call KernelPackage,mt76x2u))
 $(eval $(call KernelPackage,mt76x2))
 $(eval $(call KernelPackage,mt7603))
 $(eval $(call KernelPackage,mt76-connac))
+$(eval $(call KernelPackage,mt76-sdio))
 $(eval $(call KernelPackage,mt7615-common))
 $(eval $(call KernelPackage,mt7615-firmware))
 $(eval $(call KernelPackage,mt7615e))
@@ -441,6 +473,8 @@ $(eval $(call KernelPackage,mt7663-usb-sdio))
 $(eval $(call KernelPackage,mt7663u))
 $(eval $(call KernelPackage,mt7663s))
 $(eval $(call KernelPackage,mt7915e))
+$(eval $(call KernelPackage,mt7921-common))
+$(eval $(call KernelPackage,mt7921s))
 $(eval $(call KernelPackage,mt7921e))
 $(eval $(call KernelPackage,mt76))
 $(eval $(call BuildPackage,mt76-test))

package/kernel/mt76/patches/100-Revert-of-net-pass-the-dst-buffer-to-of_get_mac_addr.patch

@@ -0,0 +1,26 @@
+From: Felix Fietkau <nbd@nbd.name>
+Date: Tue, 23 Nov 2021 17:01:45 +0100
+Subject: [PATCH] Revert "of: net: pass the dst buffer to of_get_mac_address()"
+
+This reverts commit 4932c5d80153c336c77dbe8d7af9f8fdd879d01f.
+---
+
+--- a/eeprom.c
++++ b/eeprom.c
+@@ -105,9 +105,15 @@ mt76_eeprom_override(struct mt76_phy *ph
+ {
+ 	struct mt76_dev *dev = phy->dev;
+ 
++#ifdef CONFIG_OF
+ 	struct device_node *np = dev->dev->of_node;
++	const u8 *mac = NULL;
+ 
+-	of_get_mac_address(np, phy->macaddr);
++	if (np)
++		mac = of_get_mac_address(np);
++	if (!IS_ERR_OR_NULL(mac))
++		ether_addr_copy(phy->macaddr, mac);
++#endif
+ 
+ 	if (!is_valid_ether_addr(phy->macaddr)) {
+ 		eth_random_addr(phy->macaddr);

package/libs/libpcap/Makefile

@@ -9,11 +9,10 @@ include $(TOPDIR)/rules.mk
 
 PKG_NAME:=libpcap
 PKG_VERSION:=1.9.1
-PKG_RELEASE:=3
+PKG_RELEASE:=3.1
 
 PKG_SOURCE:=$(PKG_NAME)-$(PKG_VERSION).tar.gz
-PKG_SOURCE_URL:=http://www.us.tcpdump.org/release/ \
-        http://www.tcpdump.org/release/
+PKG_SOURCE_URL:=http://www.tcpdump.org/release/
 PKG_HASH:=635237637c5b619bcceba91900666b64d56ecb7be63f298f601ec786ce087094
 
 PKG_MAINTAINER:=Felix Fietkau <nbd@nbd.name>
@@ -45,6 +44,19 @@ define Package/libpcap/config
 	source "$(SOURCE)/Config.in"
 endef
 
+define Package/rpcapd
+  SECTION:=net
+  CATEGORY:=Network
+  TITLE:=Capture daemon to be controlled by a remote libpcap application
+  URL:=http://www.tcpdump.org/
+  DEPENDS+= +libpcap
+endef
+
+ifdef CONFIG_PACKAGE_rpcapd
+	CMAKE_OPTIONS += \
+		-DENABLE_REMOTE=ON
+endif
+
 CMAKE_OPTIONS += \
 	-DBUILD_SHARED_LIBS=ON \
 	-DBUILD_WITH_LIBNL=OFF \
@@ -84,4 +96,10 @@ define Package/libpcap/install
 	$(CP) $(PKG_INSTALL_DIR)/usr/lib/libpcap.so.* $(1)/usr/lib/
 endef
 
+define Package/rpcapd/install
+	$(INSTALL_DIR) $(1)/usr/bin
+	$(INSTALL_BIN) $(PKG_INSTALL_DIR)/usr/bin/rpcapd $(1)/usr/bin/
+endef
+
 $(eval $(call BuildPackage,libpcap))
+$(eval $(call BuildPackage,rpcapd))

package/libs/mbedtls/Makefile

@@ -8,13 +8,13 @@
 include $(TOPDIR)/rules.mk
 
 PKG_NAME:=mbedtls
-PKG_VERSION:=2.16.11
+PKG_VERSION:=2.16.12
 PKG_RELEASE:=$(AUTORELEASE)
 PKG_USE_MIPS16:=0
 
 PKG_SOURCE:=$(PKG_NAME)-$(PKG_VERSION).tar.gz
 PKG_SOURCE_URL:=https://codeload.github.com/ARMmbed/mbedtls/tar.gz/v$(PKG_VERSION)?
-PKG_HASH:=c18e7e9abf95e69e425260493720470021384a1728417042060a35d0b7b18b41
+PKG_HASH:=294871ab1864a65d0b74325e9219d5bcd6e91c34a3c59270c357bb9ae4d5c393
 
 PKG_BUILD_PARALLEL:=1
 PKG_LICENSE:=GPL-2.0-or-later