drivers/net/wireless/ath/carl9170/main.c

   1 /*
   2  * Atheros CARL9170 driver
   3  *
   4  * mac80211 interaction code
   5  *
   6  * Copyright 2008, Johannes Berg <johannes@sipsolutions.net>
   7  * Copyright 2009, 2010, Christian Lamparter <chunkeey@googlemail.com>
   8  *
   9  * This program is free software; you can redistribute it and/or modify
  10  * it under the terms of the GNU General Public License as published by
  11  * the Free Software Foundation; either version 2 of the License, or
  12  * (at your option) any later version.
  13  *
  14  * This program is distributed in the hope that it will be useful,
  15  * but WITHOUT ANY WARRANTY; without even the implied warranty of
  16  * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
  17  * GNU General Public License for more details.
  18  *
  19  * You should have received a copy of the GNU General Public License
  20  * along with this program; see the file COPYING.  If not, see
  21  * http://www.gnu.org/licenses/.
  22  *
  23  * This file incorporates work covered by the following copyright and
  24  * permission notice:
  25  *    Copyright (c) 2007-2008 Atheros Communications, Inc.
  26  *
  27  *    Permission to use, copy, modify, and/or distribute this software for any
  28  *    purpose with or without fee is hereby granted, provided that the above
  29  *    copyright notice and this permission notice appear in all copies.
  30  *
  31  *    THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES
  32  *    WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF
  33  *    MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR
  34  *    ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES
  35  *    WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN
  36  *    ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF
  37  *    OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE.
  38  */
  39
  40 #include <linux/init.h>
  41 #include <linux/slab.h>
  42 #include <linux/module.h>
  43 #include <linux/etherdevice.h>
  44 #include <linux/random.h>
  45 #include <net/mac80211.h>
  46 #include <net/cfg80211.h>
  47 #include "hw.h"
  48 #include "carl9170.h"
  49 #include "cmd.h"
  50
  51 static int modparam_nohwcrypt;
  52 module_param_named(nohwcrypt, modparam_nohwcrypt, bool, S_IRUGO);
  53 MODULE_PARM_DESC(nohwcrypt, "Disable hardware crypto offload.");
  54
  55 int modparam_noht;
  56 module_param_named(noht, modparam_noht, int, S_IRUGO);
  57 MODULE_PARM_DESC(noht, "Disable MPDU aggregation.");
  58
  59 #define RATE(_bitrate, _hw_rate, _txpidx, _flags) {     \
  60         .bitrate        = (_bitrate),                   \
  61         .flags          = (_flags),                     \
  62         .hw_value       = (_hw_rate) | (_txpidx) << 4,  \
  63 }
  64
  65 struct ieee80211_rate __carl9170_ratetable[] = {
  66         RATE(10, 0, 0, 0),
  67         RATE(20, 1, 1, IEEE80211_RATE_SHORT_PREAMBLE),
  68         RATE(55, 2, 2, IEEE80211_RATE_SHORT_PREAMBLE),
  69         RATE(110, 3, 3, IEEE80211_RATE_SHORT_PREAMBLE),
  70         RATE(60, 0xb, 0, 0),
  71         RATE(90, 0xf, 0, 0),
  72         RATE(120, 0xa, 0, 0),
  73         RATE(180, 0xe, 0, 0),
  74         RATE(240, 0x9, 0, 0),
  75         RATE(360, 0xd, 1, 0),
  76         RATE(480, 0x8, 2, 0),
  77         RATE(540, 0xc, 3, 0),
  78 };
  79 #undef RATE
  80
  81 #define carl9170_g_ratetable    (__carl9170_ratetable + 0)
  82 #define carl9170_g_ratetable_size       12
  83 #define carl9170_a_ratetable    (__carl9170_ratetable + 4)
  84 #define carl9170_a_ratetable_size       8
  85
  86 /*
  87  * NB: The hw_value is used as an index into the carl9170_phy_freq_params
  88  *     array in phy.c so that we don't have to do frequency lookups!
  89  */
  90 #define CHAN(_freq, _idx) {             \
  91         .center_freq    = (_freq),      \
  92         .hw_value       = (_idx),       \
  93         .max_power      = 18, /* XXX */ \
  94 }
  95
  96 static struct ieee80211_channel carl9170_2ghz_chantable[] = {
  97         CHAN(2412,  0),
  98         CHAN(2417,  1),
  99         CHAN(2422,  2),
 100         CHAN(2427,  3),
 101         CHAN(2432,  4),
 102         CHAN(2437,  5),
 103         CHAN(2442,  6),
 104         CHAN(2447,  7),
 105         CHAN(2452,  8),
 106         CHAN(2457,  9),
 107         CHAN(2462, 10),
 108         CHAN(2467, 11),
 109         CHAN(2472, 12),
 110         CHAN(2484, 13),
 111 };
 112
 113 static struct ieee80211_channel carl9170_5ghz_chantable[] = {
 114         CHAN(4920, 14),
 115         CHAN(4940, 15),
 116         CHAN(4960, 16),
 117         CHAN(4980, 17),
 118         CHAN(5040, 18),
 119         CHAN(5060, 19),
 120         CHAN(5080, 20),
 121         CHAN(5180, 21),
 122         CHAN(5200, 22),
 123         CHAN(5220, 23),
 124         CHAN(5240, 24),
 125         CHAN(5260, 25),
 126         CHAN(5280, 26),
 127         CHAN(5300, 27),
 128         CHAN(5320, 28),
 129         CHAN(5500, 29),
 130         CHAN(5520, 30),
 131         CHAN(5540, 31),
 132         CHAN(5560, 32),
 133         CHAN(5580, 33),
 134         CHAN(5600, 34),
 135         CHAN(5620, 35),
 136         CHAN(5640, 36),
 137         CHAN(5660, 37),
 138         CHAN(5680, 38),
 139         CHAN(5700, 39),
 140         CHAN(5745, 40),
 141         CHAN(5765, 41),
 142         CHAN(5785, 42),
 143         CHAN(5805, 43),
 144         CHAN(5825, 44),
 145         CHAN(5170, 45),
 146         CHAN(5190, 46),
 147         CHAN(5210, 47),
 148         CHAN(5230, 48),
 149 };
 150 #undef CHAN
 151
 152 #define CARL9170_HT_CAP                                                 \
 153 {                                                                       \
 154         .ht_supported   = true,                                         \
 155         .cap            = IEEE80211_HT_CAP_MAX_AMSDU |                  \
 156                           IEEE80211_HT_CAP_SUP_WIDTH_20_40 |            \
 157                           IEEE80211_HT_CAP_SGI_40 |                     \
 158                           IEEE80211_HT_CAP_DSSSCCK40 |                  \
 159                           IEEE80211_HT_CAP_SM_PS,                       \
 160         .ampdu_factor   = IEEE80211_HT_MAX_AMPDU_64K,                   \
 161         .ampdu_density  = IEEE80211_HT_MPDU_DENSITY_8,                  \
 162         .mcs            = {                                             \
 163                 .rx_mask = { 0xff, 0xff, 0, 0, 0x1, 0, 0, 0, 0, 0, },   \
 164                 .rx_highest = cpu_to_le16(300),                         \
 165                 .tx_params = IEEE80211_HT_MCS_TX_DEFINED,               \
 166         },                                                              \
 167 }
 168
 169 static struct ieee80211_supported_band carl9170_band_2GHz = {
 170         .channels       = carl9170_2ghz_chantable,
 171         .n_channels     = ARRAY_SIZE(carl9170_2ghz_chantable),
 172         .bitrates       = carl9170_g_ratetable,
 173         .n_bitrates     = carl9170_g_ratetable_size,
 174         .ht_cap         = CARL9170_HT_CAP,
 175 };
 176
 177 static struct ieee80211_supported_band carl9170_band_5GHz = {
 178         .channels       = carl9170_5ghz_chantable,
 179         .n_channels     = ARRAY_SIZE(carl9170_5ghz_chantable),
 180         .bitrates       = carl9170_a_ratetable,
 181         .n_bitrates     = carl9170_a_ratetable_size,
 182         .ht_cap         = CARL9170_HT_CAP,
 183 };
 184
 185 static void carl9170_ampdu_gc(struct ar9170 *ar)
 186 {
 187         struct carl9170_sta_tid *tid_info;
 188         LIST_HEAD(tid_gc);
 189
 190         rcu_read_lock();
 191         list_for_each_entry_rcu(tid_info, &ar->tx_ampdu_list, list) {
 192                 spin_lock_bh(&ar->tx_ampdu_list_lock);
 193                 if (tid_info->state == CARL9170_TID_STATE_SHUTDOWN) {
 194                         tid_info->state = CARL9170_TID_STATE_KILLED;
 195                         list_del_rcu(&tid_info->list);
 196                         ar->tx_ampdu_list_len--;
 197                         list_add_tail(&tid_info->tmp_list, &tid_gc);
 198                 }
 199                 spin_unlock_bh(&ar->tx_ampdu_list_lock);
 200
 201         }
 202         rcu_assign_pointer(ar->tx_ampdu_iter, tid_info);
 203         rcu_read_unlock();
 204
 205         synchronize_rcu();
 206
 207         while (!list_empty(&tid_gc)) {
 208                 struct sk_buff *skb;
 209                 tid_info = list_first_entry(&tid_gc, struct carl9170_sta_tid,
 210                                             tmp_list);
 211
 212                 while ((skb = __skb_dequeue(&tid_info->queue)))
 213                         carl9170_tx_status(ar, skb, false);
 214
 215                 list_del_init(&tid_info->tmp_list);
 216                 kfree(tid_info);
 217         }
 218 }
 219
 220 static void carl9170_flush(struct ar9170 *ar, bool drop_queued)
 221 {
 222         if (drop_queued) {
 223                 int i;
 224
 225                 /*
 226                  * We can only drop frames which have not been uploaded
 227                  * to the device yet.
 228                  */
 229
 230                 for (i = 0; i < ar->hw->queues; i++) {
 231                         struct sk_buff *skb;
 232
 233                         while ((skb = skb_dequeue(&ar->tx_pending[i]))) {
 234                                 struct ieee80211_tx_info *info;
 235
 236                                 info = IEEE80211_SKB_CB(skb);
 237                                 if (info->flags & IEEE80211_TX_CTL_AMPDU)
 238                                         atomic_dec(&ar->tx_ampdu_upload);
 239
 240                                 carl9170_tx_status(ar, skb, false);
 241                         }
 242                 }
 243         }
 244
 245         /* Wait for all other outstanding frames to timeout. */
 246         if (atomic_read(&ar->tx_total_queued))
 247                 WARN_ON(wait_for_completion_timeout(&ar->tx_flush, HZ) == 0);
 248 }
 249
 250 static void carl9170_flush_ba(struct ar9170 *ar)
 251 {
 252         struct sk_buff_head free;
 253         struct carl9170_sta_tid *tid_info;
 254         struct sk_buff *skb;
 255
 256         __skb_queue_head_init(&free);
 257
 258         rcu_read_lock();
 259         spin_lock_bh(&ar->tx_ampdu_list_lock);
 260         list_for_each_entry_rcu(tid_info, &ar->tx_ampdu_list, list) {
 261                 if (tid_info->state > CARL9170_TID_STATE_SUSPEND) {
 262                         tid_info->state = CARL9170_TID_STATE_SUSPEND;
 263
 264                         spin_lock(&tid_info->lock);
 265                         while ((skb = __skb_dequeue(&tid_info->queue)))
 266                                 __skb_queue_tail(&free, skb);
 267                         spin_unlock(&tid_info->lock);
 268                 }
 269         }
 270         spin_unlock_bh(&ar->tx_ampdu_list_lock);
 271         rcu_read_unlock();
 272
 273         while ((skb = __skb_dequeue(&free)))
 274                 carl9170_tx_status(ar, skb, false);
 275 }
 276
 277 static void carl9170_zap_queues(struct ar9170 *ar)
 278 {
 279         struct carl9170_vif_info *cvif;
 280         unsigned int i;
 281
 282         carl9170_ampdu_gc(ar);
 283
 284         carl9170_flush_ba(ar);
 285         carl9170_flush(ar, true);
 286
 287         for (i = 0; i < ar->hw->queues; i++) {
 288                 spin_lock_bh(&ar->tx_status[i].lock);
 289                 while (!skb_queue_empty(&ar->tx_status[i])) {
 290                         struct sk_buff *skb;
 291
 292                         skb = skb_peek(&ar->tx_status[i]);
 293                         carl9170_tx_get_skb(skb);
 294                         spin_unlock_bh(&ar->tx_status[i].lock);
 295                         carl9170_tx_drop(ar, skb);
 296                         spin_lock_bh(&ar->tx_status[i].lock);
 297                         carl9170_tx_put_skb(skb);
 298                 }
 299                 spin_unlock_bh(&ar->tx_status[i].lock);
 300         }
 301
 302         BUILD_BUG_ON(CARL9170_NUM_TX_LIMIT_SOFT < 1);
 303         BUILD_BUG_ON(CARL9170_NUM_TX_LIMIT_HARD < CARL9170_NUM_TX_LIMIT_SOFT);
 304         BUILD_BUG_ON(CARL9170_NUM_TX_LIMIT_HARD >= CARL9170_BAW_BITS);
 305
 306         /* reinitialize queues statistics */
 307         memset(&ar->tx_stats, 0, sizeof(ar->tx_stats));
 308         for (i = 0; i < ar->hw->queues; i++)
 309                 ar->tx_stats[i].limit = CARL9170_NUM_TX_LIMIT_HARD;
 310
 311         for (i = 0; i < DIV_ROUND_UP(ar->fw.mem_blocks, BITS_PER_LONG); i++)
 312                 ar->mem_bitmap[i] = 0;
 313
 314         rcu_read_lock();
 315         list_for_each_entry_rcu(cvif, &ar->vif_list, list) {
 316                 spin_lock_bh(&ar->beacon_lock);
 317                 dev_kfree_skb_any(cvif->beacon);
 318                 cvif->beacon = NULL;
 319                 spin_unlock_bh(&ar->beacon_lock);
 320         }
 321         rcu_read_unlock();
 322
 323         atomic_set(&ar->tx_ampdu_upload, 0);
 324         atomic_set(&ar->tx_ampdu_scheduler, 0);
 325         atomic_set(&ar->tx_total_pending, 0);
 326         atomic_set(&ar->tx_total_queued, 0);
 327         atomic_set(&ar->mem_free_blocks, ar->fw.mem_blocks);
 328 }
 329
 330 #define CARL9170_FILL_QUEUE(queue, ai_fs, cwmin, cwmax, _txop)          \
 331 do {                                                                    \
 332         queue.aifs = ai_fs;                                             \
 333         queue.cw_min = cwmin;                                           \
 334         queue.cw_max = cwmax;                                           \
 335         queue.txop = _txop;                                             \
 336 } while (0)
 337
 338 static int carl9170_op_start(struct ieee80211_hw *hw)
 339 {
 340         struct ar9170 *ar = hw->priv;
 341         int err, i;
 342
 343         mutex_lock(&ar->mutex);
 344
 345         carl9170_zap_queues(ar);
 346
 347         /* reset QoS defaults */
 348         CARL9170_FILL_QUEUE(ar->edcf[0], 3, 15, 1023,  0); /* BEST EFFORT */
 349         CARL9170_FILL_QUEUE(ar->edcf[1], 2, 7,    15, 94); /* VIDEO */
 350         CARL9170_FILL_QUEUE(ar->edcf[2], 2, 3,     7, 47); /* VOICE */
 351         CARL9170_FILL_QUEUE(ar->edcf[3], 7, 15, 1023,  0); /* BACKGROUND */
 352         CARL9170_FILL_QUEUE(ar->edcf[4], 2, 3,     7,  0); /* SPECIAL */
 353
 354         ar->current_factor = ar->current_density = -1;
 355         /* "The first key is unique." */
 356         ar->usedkeys = 1;
 357         ar->filter_state = 0;
 358         ar->ps.last_action = jiffies;
 359         ar->ps.last_slept = jiffies;
 360         ar->erp_mode = CARL9170_ERP_AUTO;
 361         ar->rx_software_decryption = false;
 362         ar->disable_offload = false;
 363
 364         for (i = 0; i < ar->hw->queues; i++) {
 365                 ar->queue_stop_timeout[i] = jiffies;
 366                 ar->max_queue_stop_timeout[i] = 0;
 367         }
 368
 369         atomic_set(&ar->mem_allocs, 0);
 370
 371         err = carl9170_usb_open(ar);
 372         if (err)
 373                 goto out;
 374
 375         err = carl9170_init_mac(ar);
 376         if (err)
 377                 goto out;
 378
 379         err = carl9170_set_qos(ar);
 380         if (err)
 381                 goto out;
 382
 383         err = carl9170_write_reg(ar, AR9170_MAC_REG_DMA_TRIGGER,
 384                                  AR9170_DMA_TRIGGER_RXQ);
 385         if (err)
 386                 goto out;
 387
 388         /* Clear key-cache */
 389         for (i = 0; i < AR9170_CAM_MAX_USER + 4; i++) {
 390                 err = carl9170_upload_key(ar, i, NULL, AR9170_ENC_ALG_NONE,
 391                                           0, NULL, 0);
 392                 if (err)
 393                         goto out;
 394
 395                 err = carl9170_upload_key(ar, i, NULL, AR9170_ENC_ALG_NONE,
 396                                           1, NULL, 0);
 397                 if (err)
 398                         goto out;
 399
 400                 if (i < AR9170_CAM_MAX_USER) {
 401                         err = carl9170_disable_key(ar, i);
 402                         if (err)
 403                                 goto out;
 404                 }
 405         }
 406
 407         carl9170_set_state_when(ar, CARL9170_IDLE, CARL9170_STARTED);
 408
 409         ieee80211_wake_queues(ar->hw);
 410         err = 0;
 411
 412 out:
 413         mutex_unlock(&ar->mutex);
 414         return err;
 415 }
 416
 417 static void carl9170_cancel_worker(struct ar9170 *ar)
 418 {
 419         cancel_delayed_work_sync(&ar->tx_janitor);
 420 #ifdef CONFIG_CARL9170_LEDS
 421         cancel_delayed_work_sync(&ar->led_work);
 422 #endif /* CONFIG_CARL9170_LEDS */
 423         cancel_work_sync(&ar->ps_work);
 424         cancel_work_sync(&ar->ampdu_work);
 425 }
 426
 427 static void carl9170_op_stop(struct ieee80211_hw *hw)
 428 {
 429         struct ar9170 *ar = hw->priv;
 430
 431         carl9170_set_state_when(ar, CARL9170_STARTED, CARL9170_IDLE);
 432
 433         ieee80211_stop_queues(ar->hw);
 434
 435         mutex_lock(&ar->mutex);
 436         if (IS_ACCEPTING_CMD(ar)) {
 437                 rcu_assign_pointer(ar->beacon_iter, NULL);
 438
 439                 carl9170_led_set_state(ar, 0);
 440
 441                 /* stop DMA */
 442                 carl9170_write_reg(ar, AR9170_MAC_REG_DMA_TRIGGER, 0);
 443                 carl9170_usb_stop(ar);
 444         }
 445
 446         carl9170_zap_queues(ar);
 447         mutex_unlock(&ar->mutex);
 448
 449         carl9170_cancel_worker(ar);
 450 }
 451
 452 static void carl9170_restart_work(struct work_struct *work)
 453 {
 454         struct ar9170 *ar = container_of(work, struct ar9170,
 455                                          restart_work);
 456         int err;
 457
 458         ar->usedkeys = 0;
 459         ar->filter_state = 0;
 460         carl9170_cancel_worker(ar);
 461
 462         mutex_lock(&ar->mutex);
 463         err = carl9170_usb_restart(ar);
 464         if (net_ratelimit()) {
 465                 if (err) {
 466                         dev_err(&ar->udev->dev, "Failed to restart device "
 467                                 " (%d).\n", err);
 468                  } else {
 469                         dev_info(&ar->udev->dev, "device restarted "
 470                                  "successfully.\n");
 471                 }
 472         }
 473
 474         carl9170_zap_queues(ar);
 475         mutex_unlock(&ar->mutex);
 476         if (!err) {
 477                 ar->restart_counter++;
 478                 atomic_set(&ar->pending_restarts, 0);
 479
 480                 ieee80211_restart_hw(ar->hw);
 481         } else {
 482                 /*
 483                  * The reset was unsuccessful and the device seems to
 484                  * be dead. But there's still one option: a low-level
 485                  * usb subsystem reset...
 486                  */
 487
 488                 carl9170_usb_reset(ar);
 489         }
 490 }
 491
 492 void carl9170_restart(struct ar9170 *ar, const enum carl9170_restart_reasons r)
 493 {
 494         carl9170_set_state_when(ar, CARL9170_STARTED, CARL9170_IDLE);
 495
 496         /*
 497          * Sometimes, an error can trigger several different reset events.
 498          * By ignoring these *surplus* reset events, the device won't be
 499          * killed again, right after it has recovered.
 500          */
 501         if (atomic_inc_return(&ar->pending_restarts) > 1) {
 502                 dev_dbg(&ar->udev->dev, "ignoring restart (%d)\n", r);
 503                 return;
 504         }
 505
 506         ieee80211_stop_queues(ar->hw);
 507
 508         dev_err(&ar->udev->dev, "restart device (%d)\n", r);
 509
 510         if (!WARN_ON(r == CARL9170_RR_NO_REASON) ||
 511             !WARN_ON(r >= __CARL9170_RR_LAST))
 512                 ar->last_reason = r;
 513
 514         if (!ar->registered)
 515                 return;
 516
 517         if (IS_ACCEPTING_CMD(ar) && !ar->needs_full_reset)
 518                 ieee80211_queue_work(ar->hw, &ar->restart_work);
 519         else
 520                 carl9170_usb_reset(ar);
 521
 522         /*
 523          * At this point, the device instance might have vanished/disabled.
 524          * So, don't put any code which access the ar9170 struct
 525          * without proper protection.
 526          */
 527 }
 528
 529 static int carl9170_init_interface(struct ar9170 *ar,
 530                                    struct ieee80211_vif *vif)
 531 {
 532         struct ath_common *common = &ar->common;
 533         int err;
 534
 535         if (!vif) {
 536                 WARN_ON_ONCE(IS_STARTED(ar));
 537                 return 0;
 538         }
 539
 540         memcpy(common->macaddr, vif->addr, ETH_ALEN);
 541
 542         if (modparam_nohwcrypt ||
 543             ((vif->type != NL80211_IFTYPE_STATION) &&
 544              (vif->type != NL80211_IFTYPE_AP))) {
 545                 ar->rx_software_decryption = true;
 546                 ar->disable_offload = true;
 547         }
 548
 549         err = carl9170_set_operating_mode(ar);
 550         return err;
 551 }
 552
 553 static int carl9170_op_add_interface(struct ieee80211_hw *hw,
 554                                      struct ieee80211_vif *vif)
 555 {
 556         struct carl9170_vif_info *vif_priv = (void *) vif->drv_priv;
 557         struct ieee80211_vif *main_vif;
 558         struct ar9170 *ar = hw->priv;
 559         int vif_id = -1, err = 0;
 560
 561         mutex_lock(&ar->mutex);
 562         rcu_read_lock();
 563         if (vif_priv->active) {
 564                 /*
 565                  * Skip the interface structure initialization,
 566                  * if the vif survived the _restart call.
 567                  */
 568                 vif_id = vif_priv->id;
 569                 vif_priv->enable_beacon = false;
 570
 571                 spin_lock_bh(&ar->beacon_lock);
 572                 dev_kfree_skb_any(vif_priv->beacon);
 573                 vif_priv->beacon = NULL;
 574                 spin_unlock_bh(&ar->beacon_lock);
 575
 576                 goto init;
 577         }
 578
 579         main_vif = carl9170_get_main_vif(ar);
 580
 581         if (main_vif) {
 582                 switch (main_vif->type) {
 583                 case NL80211_IFTYPE_STATION:
 584                         if (vif->type == NL80211_IFTYPE_STATION)
 585                                 break;
 586
 587                         err = -EBUSY;
 588                         rcu_read_unlock();
 589
 590                         goto unlock;
 591
 592                 case NL80211_IFTYPE_AP:
 593                         if ((vif->type == NL80211_IFTYPE_STATION) ||
 594                             (vif->type == NL80211_IFTYPE_WDS) ||
 595                             (vif->type == NL80211_IFTYPE_AP))
 596                                 break;
 597
 598                         err = -EBUSY;
 599                         rcu_read_unlock();
 600                         goto unlock;
 601
 602                 default:
 603                         rcu_read_unlock();
 604                         goto unlock;
 605                 }
 606         }
 607
 608         vif_id = bitmap_find_free_region(&ar->vif_bitmap, ar->fw.vif_num, 0);
 609
 610         if (vif_id < 0) {
 611                 rcu_read_unlock();
 612
 613                 err = -ENOSPC;
 614                 goto unlock;
 615         }
 616
 617         BUG_ON(ar->vif_priv[vif_id].id != vif_id);
 618
 619         vif_priv->active = true;
 620         vif_priv->id = vif_id;
 621         vif_priv->enable_beacon = false;
 622         ar->vifs++;
 623         list_add_tail_rcu(&vif_priv->list, &ar->vif_list);
 624         rcu_assign_pointer(ar->vif_priv[vif_id].vif, vif);
 625
 626 init:
 627         if (carl9170_get_main_vif(ar) == vif) {
 628                 rcu_assign_pointer(ar->beacon_iter, vif_priv);
 629                 rcu_read_unlock();
 630
 631                 err = carl9170_init_interface(ar, vif);
 632                 if (err)
 633                         goto unlock;
 634         } else {
 635                 err = carl9170_mod_virtual_mac(ar, vif_id, vif->addr);
 636                 rcu_read_unlock();
 637
 638                 if (err)
 639                         goto unlock;
 640         }
 641
 642 unlock:
 643         if (err && (vif_id != -1)) {
 644                 vif_priv->active = false;
 645                 bitmap_release_region(&ar->vif_bitmap, vif_id, 0);
 646                 ar->vifs--;
 647                 rcu_assign_pointer(ar->vif_priv[vif_id].vif, NULL);
 648                 list_del_rcu(&vif_priv->list);
 649                 mutex_unlock(&ar->mutex);
 650                 synchronize_rcu();
 651         } else {
 652                 if (ar->vifs > 1)
 653                         ar->ps.off_override |= PS_OFF_VIF;
 654
 655                 mutex_unlock(&ar->mutex);
 656         }
 657
 658         return err;
 659 }
 660
 661 static void carl9170_op_remove_interface(struct ieee80211_hw *hw,
 662                                          struct ieee80211_vif *vif)
 663 {
 664         struct carl9170_vif_info *vif_priv = (void *) vif->drv_priv;
 665         struct ieee80211_vif *main_vif;
 666         struct ar9170 *ar = hw->priv;
 667         unsigned int id;
 668
 669         mutex_lock(&ar->mutex);
 670
 671         if (WARN_ON_ONCE(!vif_priv->active))
 672                 goto unlock;
 673
 674         ar->vifs--;
 675
 676         rcu_read_lock();
 677         main_vif = carl9170_get_main_vif(ar);
 678
 679         id = vif_priv->id;
 680
 681         vif_priv->active = false;
 682         WARN_ON(vif_priv->enable_beacon);
 683         vif_priv->enable_beacon = false;
 684         list_del_rcu(&vif_priv->list);
 685         rcu_assign_pointer(ar->vif_priv[id].vif, NULL);
 686
 687         if (vif == main_vif) {
 688                 rcu_read_unlock();
 689
 690                 if (ar->vifs) {
 691                         WARN_ON(carl9170_init_interface(ar,
 692                                         carl9170_get_main_vif(ar)));
 693                 } else {
 694                         carl9170_set_operating_mode(ar);
 695                 }
 696         } else {
 697                 rcu_read_unlock();
 698
 699                 WARN_ON(carl9170_mod_virtual_mac(ar, id, NULL));
 700         }
 701
 702         carl9170_update_beacon(ar, false);
 703         carl9170_flush_cab(ar, id);
 704
 705         spin_lock_bh(&ar->beacon_lock);
 706         dev_kfree_skb_any(vif_priv->beacon);
 707         vif_priv->beacon = NULL;
 708         spin_unlock_bh(&ar->beacon_lock);
 709
 710         bitmap_release_region(&ar->vif_bitmap, id, 0);
 711
 712         carl9170_set_beacon_timers(ar);
 713
 714         if (ar->vifs == 1)
 715                 ar->ps.off_override &= ~PS_OFF_VIF;
 716
 717 unlock:
 718         mutex_unlock(&ar->mutex);
 719
 720         synchronize_rcu();
 721 }
 722
 723 void carl9170_ps_check(struct ar9170 *ar)
 724 {
 725         ieee80211_queue_work(ar->hw, &ar->ps_work);
 726 }
 727
 728 /* caller must hold ar->mutex */
 729 static int carl9170_ps_update(struct ar9170 *ar)
 730 {
 731         bool ps = false;
 732         int err = 0;
 733
 734         if (!ar->ps.off_override)
 735                 ps = (ar->hw->conf.flags & IEEE80211_CONF_PS);
 736
 737         if (ps != ar->ps.state) {
 738                 err = carl9170_powersave(ar, ps);
 739                 if (err)
 740                         return err;
 741
 742                 if (ar->ps.state && !ps) {
 743                         ar->ps.sleep_ms = jiffies_to_msecs(jiffies -
 744                                 ar->ps.last_action);
 745                 }
 746
 747                 if (ps)
 748                         ar->ps.last_slept = jiffies;
 749
 750                 ar->ps.last_action = jiffies;
 751                 ar->ps.state = ps;
 752         }
 753
 754         return 0;
 755 }
 756
 757 static void carl9170_ps_work(struct work_struct *work)
 758 {
 759         struct ar9170 *ar = container_of(work, struct ar9170,
 760                                          ps_work);
 761         mutex_lock(&ar->mutex);
 762         if (IS_STARTED(ar))
 763                 WARN_ON_ONCE(carl9170_ps_update(ar) != 0);
 764         mutex_unlock(&ar->mutex);
 765 }
 766
 767
 768 static int carl9170_op_config(struct ieee80211_hw *hw, u32 changed)
 769 {
 770         struct ar9170 *ar = hw->priv;
 771         int err = 0;
 772
 773         mutex_lock(&ar->mutex);
 774         if (changed & IEEE80211_CONF_CHANGE_LISTEN_INTERVAL) {
 775                 /* TODO */
 776                 err = 0;
 777         }
 778
 779         if (changed & IEEE80211_CONF_CHANGE_PS) {
 780                 err = carl9170_ps_update(ar);
 781                 if (err)
 782                         goto out;
 783         }
 784
 785         if (changed & IEEE80211_CONF_CHANGE_POWER) {
 786                 /* TODO */
 787                 err = 0;
 788         }
 789
 790         if (changed & IEEE80211_CONF_CHANGE_SMPS) {
 791                 /* TODO */
 792                 err = 0;
 793         }
 794
 795         if (changed & IEEE80211_CONF_CHANGE_CHANNEL) {
 796                 /* adjust slot time for 5 GHz */
 797                 err = carl9170_set_slot_time(ar);
 798                 if (err)
 799                         goto out;
 800
 801                 err = carl9170_set_channel(ar, hw->conf.channel,
 802                         hw->conf.channel_type, CARL9170_RFI_NONE);
 803                 if (err)
 804                         goto out;
 805
 806                 err = carl9170_set_dyn_sifs_ack(ar);
 807                 if (err)
 808                         goto out;
 809
 810                 err = carl9170_set_rts_cts_rate(ar);
 811                 if (err)
 812                         goto out;
 813         }
 814
 815 out:
 816         mutex_unlock(&ar->mutex);
 817         return err;
 818 }
 819
 820 static u64 carl9170_op_prepare_multicast(struct ieee80211_hw *hw,
 821                                          struct netdev_hw_addr_list *mc_list)
 822 {
 823         struct netdev_hw_addr *ha;
 824         u64 mchash;
 825
 826         /* always get broadcast frames */
 827         mchash = 1ULL << (0xff >> 2);
 828
 829         netdev_hw_addr_list_for_each(ha, mc_list)
 830                 mchash |= 1ULL << (ha->addr[5] >> 2);
 831
 832         return mchash;
 833 }
 834
 835 static void carl9170_op_configure_filter(struct ieee80211_hw *hw,
 836                                          unsigned int changed_flags,
 837                                          unsigned int *new_flags,
 838                                          u64 multicast)
 839 {
 840         struct ar9170 *ar = hw->priv;
 841
 842         /* mask supported flags */
 843         *new_flags &= FIF_ALLMULTI | FIF_FCSFAIL | FIF_PLCPFAIL |
 844                       FIF_OTHER_BSS | FIF_PROMISC_IN_BSS;
 845
 846         if (!IS_ACCEPTING_CMD(ar))
 847                 return;
 848
 849         mutex_lock(&ar->mutex);
 850
 851         ar->filter_state = *new_flags;
 852         /*
 853          * We can support more by setting the sniffer bit and
 854          * then checking the error flags, later.
 855          */
 856
 857         if (changed_flags & FIF_ALLMULTI && *new_flags & FIF_ALLMULTI)
 858                 multicast = ~0ULL;
 859
 860         if (multicast != ar->cur_mc_hash)
 861                 WARN_ON(carl9170_update_multicast(ar, multicast));
 862
 863         if (changed_flags & (FIF_OTHER_BSS | FIF_PROMISC_IN_BSS)) {
 864                 ar->sniffer_enabled = !!(*new_flags &
 865                         (FIF_OTHER_BSS | FIF_PROMISC_IN_BSS));
 866
 867                 WARN_ON(carl9170_set_operating_mode(ar));
 868         }
 869
 870         mutex_unlock(&ar->mutex);
 871 }
 872
 873
 874 static void carl9170_op_bss_info_changed(struct ieee80211_hw *hw,
 875                                          struct ieee80211_vif *vif,
 876                                          struct ieee80211_bss_conf *bss_conf,
 877                                          u32 changed)
 878 {
 879         struct ar9170 *ar = hw->priv;
 880         struct ath_common *common = &ar->common;
 881         int err = 0;
 882         struct carl9170_vif_info *vif_priv;
 883         struct ieee80211_vif *main_vif;
 884
 885         mutex_lock(&ar->mutex);
 886         vif_priv = (void *) vif->drv_priv;
 887         main_vif = carl9170_get_main_vif(ar);
 888         if (WARN_ON(!main_vif))
 889                 goto out;
 890
 891         if (changed & BSS_CHANGED_BEACON_ENABLED) {
 892                 struct carl9170_vif_info *iter;
 893                 int i = 0;
 894
 895                 vif_priv->enable_beacon = bss_conf->enable_beacon;
 896                 rcu_read_lock();
 897                 list_for_each_entry_rcu(iter, &ar->vif_list, list) {
 898                         if (iter->active && iter->enable_beacon)
 899                                 i++;
 900
 901                 }
 902                 rcu_read_unlock();
 903
 904                 ar->beacon_enabled = i;
 905         }
 906
 907         if (changed & BSS_CHANGED_BEACON) {
 908                 err = carl9170_update_beacon(ar, false);
 909                 if (err)
 910                         goto out;
 911         }
 912
 913         if (changed & (BSS_CHANGED_BEACON_ENABLED | BSS_CHANGED_BEACON |
 914                        BSS_CHANGED_BEACON_INT)) {
 915
 916                 if (main_vif != vif) {
 917                         bss_conf->beacon_int = main_vif->bss_conf.beacon_int;
 918                         bss_conf->dtim_period = main_vif->bss_conf.dtim_period;
 919                 }
 920
 921                 /*
 922                  * Therefore a hard limit for the broadcast traffic should
 923                  * prevent false alarms.
 924                  */
 925                 if (vif->type != NL80211_IFTYPE_STATION &&
 926                     (bss_conf->beacon_int * bss_conf->dtim_period >=
 927                      (CARL9170_QUEUE_STUCK_TIMEOUT / 2))) {
 928                         err = -EINVAL;
 929                         goto out;
 930                 }
 931
 932                 err = carl9170_set_beacon_timers(ar);
 933                 if (err)
 934                         goto out;
 935         }
 936
 937         if (changed & BSS_CHANGED_HT) {
 938                 /* TODO */
 939                 err = 0;
 940                 if (err)
 941                         goto out;
 942         }
 943
 944         if (main_vif != vif)
 945                 goto out;
 946
 947         /*
 948          * The following settings can only be changed by the
 949          * master interface.
 950          */
 951
 952         if (changed & BSS_CHANGED_BSSID) {
 953                 memcpy(common->curbssid, bss_conf->bssid, ETH_ALEN);
 954                 err = carl9170_set_operating_mode(ar);
 955                 if (err)
 956                         goto out;
 957         }
 958
 959         if (changed & BSS_CHANGED_ASSOC) {
 960                 ar->common.curaid = bss_conf->aid;
 961                 err = carl9170_set_beacon_timers(ar);
 962                 if (err)
 963                         goto out;
 964         }
 965
 966         if (changed & BSS_CHANGED_ERP_SLOT) {
 967                 err = carl9170_set_slot_time(ar);
 968                 if (err)
 969                         goto out;
 970         }
 971
 972         if (changed & BSS_CHANGED_BASIC_RATES) {
 973                 err = carl9170_set_mac_rates(ar);
 974                 if (err)
 975                         goto out;
 976         }
 977
 978 out:
 979         WARN_ON_ONCE(err && IS_STARTED(ar));
 980         mutex_unlock(&ar->mutex);
 981 }
 982
 983 static u64 carl9170_op_get_tsf(struct ieee80211_hw *hw)
 984 {
 985         struct ar9170 *ar = hw->priv;
 986         struct carl9170_tsf_rsp tsf;
 987         int err;
 988
 989         mutex_lock(&ar->mutex);
 990         err = carl9170_exec_cmd(ar, CARL9170_CMD_READ_TSF,
 991                                 0, NULL, sizeof(tsf), &tsf);
 992         mutex_unlock(&ar->mutex);
 993         if (WARN_ON(err))
 994                 return 0;
 995
 996         return le64_to_cpu(tsf.tsf_64);
 997 }
 998
 999 static int carl9170_op_set_key(struct ieee80211_hw *hw, enum set_key_cmd cmd,
1000                                struct ieee80211_vif *vif,
1001                                struct ieee80211_sta *sta,
1002                                struct ieee80211_key_conf *key)
1003 {
1004         struct ar9170 *ar = hw->priv;
1005         int err = 0, i;
1006         u8 ktype;
1007
1008         if (ar->disable_offload || !vif)
1009                 return -EOPNOTSUPP;
1010
1011         /*
1012          * We have to fall back to software encryption, whenever
1013          * the user choose to participates in an IBSS or is connected
1014          * to more than one network.
1015          *
1016          * This is very unfortunate, because some machines cannot handle
1017          * the high througput speed in 802.11n networks.
1018          */
1019
1020         if (!is_main_vif(ar, vif))
1021                 goto err_softw;
1022
1023         /*
1024          * While the hardware supports *catch-all* key, for offloading
1025          * group-key en-/de-cryption. The way of how the hardware
1026          * decides which keyId maps to which key, remains a mystery...
1027          */
1028         if ((vif->type != NL80211_IFTYPE_STATION &&
1029              vif->type != NL80211_IFTYPE_ADHOC) &&
1030             !(key->flags & IEEE80211_KEY_FLAG_PAIRWISE))
1031                 return -EOPNOTSUPP;
1032
1033         switch (key->cipher) {
1034         case WLAN_CIPHER_SUITE_WEP40:
1035                 ktype = AR9170_ENC_ALG_WEP64;
1036                 break;
1037         case WLAN_CIPHER_SUITE_WEP104:
1038                 ktype = AR9170_ENC_ALG_WEP128;
1039                 break;
1040         case WLAN_CIPHER_SUITE_TKIP:
1041                 ktype = AR9170_ENC_ALG_TKIP;
1042                 break;
1043         case WLAN_CIPHER_SUITE_CCMP:
1044                 ktype = AR9170_ENC_ALG_AESCCMP;
1045                 break;
1046         default:
1047                 return -EOPNOTSUPP;
1048         }
1049
1050         mutex_lock(&ar->mutex);
1051         if (cmd == SET_KEY) {
1052                 if (!IS_STARTED(ar)) {
1053                         err = -EOPNOTSUPP;
1054                         goto out;
1055                 }
1056
1057                 if (!(key->flags & IEEE80211_KEY_FLAG_PAIRWISE)) {
1058                         sta = NULL;
1059
1060                         i = 64 + key->keyidx;
1061                 } else {
1062                         for (i = 0; i < 64; i++)
1063                                 if (!(ar->usedkeys & BIT(i)))
1064                                         break;
1065                         if (i == 64)
1066                                 goto err_softw;
1067                 }
1068
1069                 key->hw_key_idx = i;
1070
1071                 err = carl9170_upload_key(ar, i, sta ? sta->addr : NULL,
1072                                           ktype, 0, key->key,
1073                                           min_t(u8, 16, key->keylen));
1074                 if (err)
1075                         goto out;
1076
1077                 if (key->cipher == WLAN_CIPHER_SUITE_TKIP) {
1078                         err = carl9170_upload_key(ar, i, sta ? sta->addr :
1079                                                   NULL, ktype, 1,
1080                                                   key->key + 16, 16);
1081                         if (err)
1082                                 goto out;
1083
1084                         /*
1085                          * hardware is not capable generating MMIC
1086                          * of fragmented frames!
1087                          */
1088                         key->flags |= IEEE80211_KEY_FLAG_GENERATE_MMIC;
1089                 }
1090
1091                 if (i < 64)
1092                         ar->usedkeys |= BIT(i);
1093
1094                 key->flags |= IEEE80211_KEY_FLAG_GENERATE_IV;
1095         } else {
1096                 if (!IS_STARTED(ar)) {
1097                         /* The device is gone... together with the key ;-) */
1098                         err = 0;
1099                         goto out;
1100                 }
1101
1102                 if (key->hw_key_idx < 64) {
1103                         ar->usedkeys &= ~BIT(key->hw_key_idx);
1104                 } else {
1105                         err = carl9170_upload_key(ar, key->hw_key_idx, NULL,
1106                                                   AR9170_ENC_ALG_NONE, 0,
1107                                                   NULL, 0);
1108                         if (err)
1109                                 goto out;
1110
1111                         if (key->cipher == WLAN_CIPHER_SUITE_TKIP) {
1112                                 err = carl9170_upload_key(ar, key->hw_key_idx,
1113                                                           NULL,
1114                                                           AR9170_ENC_ALG_NONE,
1115                                                           1, NULL, 0);
1116                                 if (err)
1117                                         goto out;
1118                         }
1119
1120                 }
1121
1122                 err = carl9170_disable_key(ar, key->hw_key_idx);
1123                 if (err)
1124                         goto out;
1125         }
1126
1127 out:
1128         mutex_unlock(&ar->mutex);
1129         return err;
1130
1131 err_softw:
1132         if (!ar->rx_software_decryption) {
1133                 ar->rx_software_decryption = true;
1134                 carl9170_set_operating_mode(ar);
1135         }
1136         mutex_unlock(&ar->mutex);
1137         return -ENOSPC;
1138 }
1139
1140 static int carl9170_op_sta_add(struct ieee80211_hw *hw,
1141                                struct ieee80211_vif *vif,
1142                                struct ieee80211_sta *sta)
1143 {
1144         struct carl9170_sta_info *sta_info = (void *) sta->drv_priv;
1145         unsigned int i;
1146
1147         if (sta->ht_cap.ht_supported) {
1148                 if (sta->ht_cap.ampdu_density > 6) {
1149                         /*
1150                          * HW does support 16us AMPDU density.
1151                          * No HT-Xmit for station.
1152                          */
1153
1154                         return 0;
1155                 }
1156
1157                 for (i = 0; i < CARL9170_NUM_TID; i++)
1158                         rcu_assign_pointer(sta_info->agg[i], NULL);
1159
1160                 sta_info->ampdu_max_len = 1 << (3 + sta->ht_cap.ampdu_factor);
1161                 sta_info->ht_sta = true;
1162         }
1163
1164         return 0;
1165 }
1166
1167 static int carl9170_op_sta_remove(struct ieee80211_hw *hw,
1168                                 struct ieee80211_vif *vif,
1169                                 struct ieee80211_sta *sta)
1170 {
1171         struct ar9170 *ar = hw->priv;
1172         struct carl9170_sta_info *sta_info = (void *) sta->drv_priv;
1173         unsigned int i;
1174         bool cleanup = false;
1175
1176         if (sta->ht_cap.ht_supported) {
1177
1178                 sta_info->ht_sta = false;
1179
1180                 rcu_read_lock();
1181                 for (i = 0; i < CARL9170_NUM_TID; i++) {
1182                         struct carl9170_sta_tid *tid_info;
1183
1184                         tid_info = rcu_dereference(sta_info->agg[i]);
1185                         rcu_assign_pointer(sta_info->agg[i], NULL);
1186
1187                         if (!tid_info)
1188                                 continue;
1189
1190                         spin_lock_bh(&ar->tx_ampdu_list_lock);
1191                         if (tid_info->state > CARL9170_TID_STATE_SHUTDOWN)
1192                                 tid_info->state = CARL9170_TID_STATE_SHUTDOWN;
1193                         spin_unlock_bh(&ar->tx_ampdu_list_lock);
1194                         cleanup = true;
1195                 }
1196                 rcu_read_unlock();
1197
1198                 if (cleanup)
1199                         carl9170_ampdu_gc(ar);
1200         }
1201
1202         return 0;
1203 }
1204
1205 static int carl9170_op_conf_tx(struct ieee80211_hw *hw, u16 queue,
1206                                const struct ieee80211_tx_queue_params *param)
1207 {
1208         struct ar9170 *ar = hw->priv;
1209         int ret;
1210
1211         mutex_lock(&ar->mutex);
1212         if (queue < ar->hw->queues) {
1213                 memcpy(&ar->edcf[ar9170_qmap[queue]], param, sizeof(*param));
1214                 ret = carl9170_set_qos(ar);
1215         } else {
1216                 ret = -EINVAL;
1217         }
1218
1219         mutex_unlock(&ar->mutex);
1220         return ret;
1221 }
1222
1223 static void carl9170_ampdu_work(struct work_struct *work)
1224 {
1225         struct ar9170 *ar = container_of(work, struct ar9170,
1226                                          ampdu_work);
1227
1228         if (!IS_STARTED(ar))
1229                 return;
1230
1231         mutex_lock(&ar->mutex);
1232         carl9170_ampdu_gc(ar);
1233         mutex_unlock(&ar->mutex);
1234 }
1235
1236 static int carl9170_op_ampdu_action(struct ieee80211_hw *hw,
1237                                     struct ieee80211_vif *vif,
1238                                     enum ieee80211_ampdu_mlme_action action,
1239                                     struct ieee80211_sta *sta,
1240                                     u16 tid, u16 *ssn)
1241 {
1242         struct ar9170 *ar = hw->priv;
1243         struct carl9170_sta_info *sta_info = (void *) sta->drv_priv;
1244         struct carl9170_sta_tid *tid_info;
1245
1246         if (modparam_noht)
1247                 return -EOPNOTSUPP;
1248
1249         switch (action) {
1250         case IEEE80211_AMPDU_TX_START:
1251                 if (WARN_ON_ONCE(!sta_info->ht_sta))
1252                         return -EOPNOTSUPP;
1253
1254                 rcu_read_lock();
1255                 if (rcu_dereference(sta_info->agg[tid])) {
1256                         rcu_read_unlock();
1257                         return -EBUSY;
1258                 }
1259
1260                 tid_info = kzalloc(sizeof(struct carl9170_sta_tid),
1261                                    GFP_ATOMIC);
1262                 if (!tid_info) {
1263                         rcu_read_unlock();
1264                         return -ENOMEM;
1265                 }
1266
1267                 tid_info->hsn = tid_info->bsn = tid_info->snx = (*ssn);
1268                 tid_info->state = CARL9170_TID_STATE_PROGRESS;
1269                 tid_info->tid = tid;
1270                 tid_info->max = sta_info->ampdu_max_len;
1271
1272                 INIT_LIST_HEAD(&tid_info->list);
1273                 INIT_LIST_HEAD(&tid_info->tmp_list);
1274                 skb_queue_head_init(&tid_info->queue);
1275                 spin_lock_init(&tid_info->lock);
1276
1277                 spin_lock_bh(&ar->tx_ampdu_list_lock);
1278                 ar->tx_ampdu_list_len++;
1279                 list_add_tail_rcu(&tid_info->list, &ar->tx_ampdu_list);
1280                 rcu_assign_pointer(sta_info->agg[tid], tid_info);
1281                 spin_unlock_bh(&ar->tx_ampdu_list_lock);
1282                 rcu_read_unlock();
1283
1284                 ieee80211_start_tx_ba_cb_irqsafe(vif, sta->addr, tid);
1285                 break;
1286
1287         case IEEE80211_AMPDU_TX_STOP:
1288                 rcu_read_lock();
1289                 tid_info = rcu_dereference(sta_info->agg[tid]);
1290                 if (tid_info) {
1291                         spin_lock_bh(&ar->tx_ampdu_list_lock);
1292                         if (tid_info->state > CARL9170_TID_STATE_SHUTDOWN)
1293                                 tid_info->state = CARL9170_TID_STATE_SHUTDOWN;
1294                         spin_unlock_bh(&ar->tx_ampdu_list_lock);
1295                 }
1296
1297                 rcu_assign_pointer(sta_info->agg[tid], NULL);
1298                 rcu_read_unlock();
1299
1300                 ieee80211_stop_tx_ba_cb_irqsafe(vif, sta->addr, tid);
1301                 ieee80211_queue_work(ar->hw, &ar->ampdu_work);
1302                 break;
1303
1304         case IEEE80211_AMPDU_TX_OPERATIONAL:
1305                 rcu_read_lock();
1306                 tid_info = rcu_dereference(sta_info->agg[tid]);
1307
1308                 sta_info->stats[tid].clear = true;
1309
1310                 if (tid_info) {
1311                         bitmap_zero(tid_info->bitmap, CARL9170_BAW_SIZE);
1312                         tid_info->state = CARL9170_TID_STATE_IDLE;
1313                 }
1314                 rcu_read_unlock();
1315
1316                 if (WARN_ON_ONCE(!tid_info))
1317                         return -EFAULT;
1318
1319                 break;
1320
1321         case IEEE80211_AMPDU_RX_START:
1322         case IEEE80211_AMPDU_RX_STOP:
1323                 /* Handled by hardware */
1324                 break;
1325
1326         default:
1327                 return -EOPNOTSUPP;
1328         }
1329
1330         return 0;
1331 }
1332
1333 #ifdef CONFIG_CARL9170_WPC
1334 static int carl9170_register_wps_button(struct ar9170 *ar)
1335 {
1336         struct input_dev *input;
1337         int err;
1338
1339         if (!(ar->features & CARL9170_WPS_BUTTON))
1340                 return 0;
1341
1342         input = input_allocate_device();
1343         if (!input)
1344                 return -ENOMEM;
1345
1346         snprintf(ar->wps.name, sizeof(ar->wps.name), "%s WPS Button",
1347                  wiphy_name(ar->hw->wiphy));
1348
1349         snprintf(ar->wps.phys, sizeof(ar->wps.phys),
1350                  "ieee80211/%s/input0", wiphy_name(ar->hw->wiphy));
1351
1352         input->name = ar->wps.name;
1353         input->phys = ar->wps.phys;
1354         input->id.bustype = BUS_USB;
1355         input->dev.parent = &ar->hw->wiphy->dev;
1356
1357         input_set_capability(input, EV_KEY, KEY_WPS_BUTTON);
1358
1359         err = input_register_device(input);
1360         if (err) {
1361                 input_free_device(input);
1362                 return err;
1363         }
1364
1365         ar->wps.pbc = input;
1366         return 0;
1367 }
1368 #endif /* CONFIG_CARL9170_WPC */
1369
1370 static int carl9170_op_get_survey(struct ieee80211_hw *hw, int idx,
1371                                 struct survey_info *survey)
1372 {
1373         struct ar9170 *ar = hw->priv;
1374         int err;
1375
1376         if (idx != 0)
1377                 return -ENOENT;
1378
1379         mutex_lock(&ar->mutex);
1380         err = carl9170_get_noisefloor(ar);
1381         mutex_unlock(&ar->mutex);
1382         if (err)
1383                 return err;
1384
1385         survey->channel = ar->channel;
1386         survey->filled = SURVEY_INFO_NOISE_DBM;
1387         survey->noise = ar->noise[0];
1388         return 0;
1389 }
1390
1391 static void carl9170_op_flush(struct ieee80211_hw *hw, bool drop)
1392 {
1393         struct ar9170 *ar = hw->priv;
1394         unsigned int vid;
1395
1396         mutex_lock(&ar->mutex);
1397         for_each_set_bit(vid, &ar->vif_bitmap, ar->fw.vif_num)
1398                 carl9170_flush_cab(ar, vid);
1399
1400         carl9170_flush(ar, drop);
1401         mutex_unlock(&ar->mutex);
1402 }
1403
1404 static int carl9170_op_get_stats(struct ieee80211_hw *hw,
1405                                  struct ieee80211_low_level_stats *stats)
1406 {
1407         struct ar9170 *ar = hw->priv;
1408
1409         memset(stats, 0, sizeof(*stats));
1410         stats->dot11ACKFailureCount = ar->tx_ack_failures;
1411         stats->dot11FCSErrorCount = ar->tx_fcs_errors;
1412         return 0;
1413 }
1414
1415 static void carl9170_op_sta_notify(struct ieee80211_hw *hw,
1416                                    struct ieee80211_vif *vif,
1417                                    enum sta_notify_cmd cmd,
1418                                    struct ieee80211_sta *sta)
1419 {
1420         struct ar9170 *ar = hw->priv;
1421         struct carl9170_sta_info *sta_info = (void *) sta->drv_priv;
1422         struct sk_buff *skb, *tmp;
1423         struct sk_buff_head free;
1424         int i;
1425
1426         switch (cmd) {
1427         case STA_NOTIFY_SLEEP:
1428                 /*
1429                  * Since the peer is no longer listening, we have to return
1430                  * as many SKBs as possible back to the mac80211 stack.
1431                  * It will deal with the retry procedure, once the peer
1432                  * has become available again.
1433                  *
1434                  * NB: Ideally, the driver should return the all frames in
1435                  * the correct, ascending order. However, I think that this
1436                  * functionality should be implemented in the stack and not
1437                  * here...
1438                  */
1439
1440                 __skb_queue_head_init(&free);
1441
1442                 if (sta->ht_cap.ht_supported) {
1443                         rcu_read_lock();
1444                         for (i = 0; i < CARL9170_NUM_TID; i++) {
1445                                 struct carl9170_sta_tid *tid_info;
1446
1447                                 tid_info = rcu_dereference(sta_info->agg[i]);
1448
1449                                 if (!tid_info)
1450                                         continue;
1451
1452                                 spin_lock_bh(&ar->tx_ampdu_list_lock);
1453                                 if (tid_info->state >
1454                                     CARL9170_TID_STATE_SUSPEND)
1455                                         tid_info->state =
1456                                                 CARL9170_TID_STATE_SUSPEND;
1457                                 spin_unlock_bh(&ar->tx_ampdu_list_lock);
1458
1459                                 spin_lock_bh(&tid_info->lock);
1460                                 while ((skb = __skb_dequeue(&tid_info->queue)))
1461                                         __skb_queue_tail(&free, skb);
1462                                 spin_unlock_bh(&tid_info->lock);
1463                         }
1464                         rcu_read_unlock();
1465                 }
1466
1467                 for (i = 0; i < ar->hw->queues; i++) {
1468                         spin_lock_bh(&ar->tx_pending[i].lock);
1469                         skb_queue_walk_safe(&ar->tx_pending[i], skb, tmp) {
1470                                 struct _carl9170_tx_superframe *super;
1471                                 struct ieee80211_hdr *hdr;
1472                                 struct ieee80211_tx_info *info;
1473
1474                                 super = (void *) skb->data;
1475                                 hdr = (void *) super->frame_data;
1476
1477                                 if (compare_ether_addr(hdr->addr1, sta->addr))
1478                                         continue;
1479
1480                                 __skb_unlink(skb, &ar->tx_pending[i]);
1481
1482                                 info = IEEE80211_SKB_CB(skb);
1483                                 if (info->flags & IEEE80211_TX_CTL_AMPDU)
1484                                         atomic_dec(&ar->tx_ampdu_upload);
1485
1486                                 carl9170_tx_status(ar, skb, false);
1487                         }
1488                         spin_unlock_bh(&ar->tx_pending[i].lock);
1489                 }
1490
1491                 while ((skb = __skb_dequeue(&free)))
1492                         carl9170_tx_status(ar, skb, false);
1493
1494                 break;
1495
1496         case STA_NOTIFY_AWAKE:
1497                 if (!sta->ht_cap.ht_supported)
1498                         return;
1499
1500                 rcu_read_lock();
1501                 for (i = 0; i < CARL9170_NUM_TID; i++) {
1502                         struct carl9170_sta_tid *tid_info;
1503
1504                         tid_info = rcu_dereference(sta_info->agg[i]);
1505
1506                         if (!tid_info)
1507                                 continue;
1508
1509                         if ((tid_info->state == CARL9170_TID_STATE_SUSPEND))
1510                                 tid_info->state = CARL9170_TID_STATE_IDLE;
1511                 }
1512                 rcu_read_unlock();
1513                 break;
1514         }
1515 }
1516
1517 static const struct ieee80211_ops carl9170_ops = {
1518         .start                  = carl9170_op_start,
1519         .stop                   = carl9170_op_stop,
1520         .tx                     = carl9170_op_tx,
1521         .flush                  = carl9170_op_flush,
1522         .add_interface          = carl9170_op_add_interface,
1523         .remove_interface       = carl9170_op_remove_interface,
1524         .config                 = carl9170_op_config,
1525         .prepare_multicast      = carl9170_op_prepare_multicast,
1526         .configure_filter       = carl9170_op_configure_filter,
1527         .conf_tx                = carl9170_op_conf_tx,
1528         .bss_info_changed       = carl9170_op_bss_info_changed,
1529         .get_tsf                = carl9170_op_get_tsf,
1530         .set_key                = carl9170_op_set_key,
1531         .sta_add                = carl9170_op_sta_add,
1532         .sta_remove             = carl9170_op_sta_remove,
1533         .sta_notify             = carl9170_op_sta_notify,
1534         .get_survey             = carl9170_op_get_survey,
1535         .get_stats              = carl9170_op_get_stats,
1536         .ampdu_action           = carl9170_op_ampdu_action,
1537 };
1538
1539 void *carl9170_alloc(size_t priv_size)
1540 {
1541         struct ieee80211_hw *hw;
1542         struct ar9170 *ar;
1543         struct sk_buff *skb;
1544         int i;
1545
1546         /*
1547          * this buffer is used for rx stream reconstruction.
1548          * Under heavy load this device (or the transport layer?)
1549          * tends to split the streams into separate rx descriptors.
1550          */
1551
1552         skb = __dev_alloc_skb(AR9170_RX_STREAM_MAX_SIZE, GFP_KERNEL);
1553         if (!skb)
1554                 goto err_nomem;
1555
1556         hw = ieee80211_alloc_hw(priv_size, &carl9170_ops);
1557         if (!hw)
1558                 goto err_nomem;
1559
1560         ar = hw->priv;
1561         ar->hw = hw;
1562         ar->rx_failover = skb;
1563
1564         memset(&ar->rx_plcp, 0, sizeof(struct ar9170_rx_head));
1565         ar->rx_has_plcp = false;
1566
1567         /*
1568          * Here's a hidden pitfall!
1569          *
1570          * All 4 AC queues work perfectly well under _legacy_ operation.
1571          * However as soon as aggregation is enabled, the traffic flow
1572          * gets very bumpy. Therefore we have to _switch_ to a
1573          * software AC with a single HW queue.
1574          */
1575         hw->queues = __AR9170_NUM_TXQ;
1576
1577         mutex_init(&ar->mutex);
1578         spin_lock_init(&ar->beacon_lock);
1579         spin_lock_init(&ar->cmd_lock);
1580         spin_lock_init(&ar->tx_stats_lock);
1581         spin_lock_init(&ar->tx_ampdu_list_lock);
1582         spin_lock_init(&ar->mem_lock);
1583         spin_lock_init(&ar->state_lock);
1584         atomic_set(&ar->pending_restarts, 0);
1585         ar->vifs = 0;
1586         for (i = 0; i < ar->hw->queues; i++) {
1587                 skb_queue_head_init(&ar->tx_status[i]);
1588                 skb_queue_head_init(&ar->tx_pending[i]);
1589         }
1590         INIT_WORK(&ar->ps_work, carl9170_ps_work);
1591         INIT_WORK(&ar->restart_work, carl9170_restart_work);
1592         INIT_WORK(&ar->ampdu_work, carl9170_ampdu_work);
1593         INIT_DELAYED_WORK(&ar->tx_janitor, carl9170_tx_janitor);
1594         INIT_LIST_HEAD(&ar->tx_ampdu_list);
1595         rcu_assign_pointer(ar->tx_ampdu_iter,
1596                            (struct carl9170_sta_tid *) &ar->tx_ampdu_list);
1597
1598         bitmap_zero(&ar->vif_bitmap, ar->fw.vif_num);
1599         INIT_LIST_HEAD(&ar->vif_list);
1600         init_completion(&ar->tx_flush);
1601
1602         /*
1603          * Note:
1604          * IBSS/ADHOC and AP mode are only enabled, if the firmware
1605          * supports these modes. The code which will add the
1606          * additional interface_modes is in fw.c.
1607          */
1608         hw->wiphy->interface_modes = BIT(NL80211_IFTYPE_STATION);
1609
1610         hw->flags |= IEEE80211_HW_RX_INCLUDES_FCS |
1611                      IEEE80211_HW_REPORTS_TX_ACK_STATUS |
1612                      IEEE80211_HW_SUPPORTS_PS |
1613                      IEEE80211_HW_PS_NULLFUNC_STACK |
1614                      IEEE80211_HW_SIGNAL_DBM;
1615
1616         if (!modparam_noht) {
1617                 /*
1618                  * see the comment above, why we allow the user
1619                  * to disable HT by a module parameter.
1620                  */
1621                 hw->flags |= IEEE80211_HW_AMPDU_AGGREGATION;
1622         }
1623
1624         hw->extra_tx_headroom = sizeof(struct _carl9170_tx_superframe);
1625         hw->sta_data_size = sizeof(struct carl9170_sta_info);
1626         hw->vif_data_size = sizeof(struct carl9170_vif_info);
1627
1628         hw->max_rates = CARL9170_TX_MAX_RATES;
1629         hw->max_rate_tries = CARL9170_TX_USER_RATE_TRIES;
1630
1631         for (i = 0; i < ARRAY_SIZE(ar->noise); i++)
1632                 ar->noise[i] = -95; /* ATH_DEFAULT_NOISE_FLOOR */
1633
1634         hw->wiphy->flags &= ~WIPHY_FLAG_PS_ON_BY_DEFAULT;
1635         return ar;
1636
1637 err_nomem:
1638         kfree_skb(skb);
1639         return ERR_PTR(-ENOMEM);
1640 }
1641
1642 static int carl9170_read_eeprom(struct ar9170 *ar)
1643 {
1644 #define RW      8       /* number of words to read at once */
1645 #define RB      (sizeof(u32) * RW)
1646         u8 *eeprom = (void *)&ar->eeprom;
1647         __le32 offsets[RW];
1648         int i, j, err;
1649
1650         BUILD_BUG_ON(sizeof(ar->eeprom) & 3);
1651
1652         BUILD_BUG_ON(RB > CARL9170_MAX_CMD_LEN - 4);
1653 #ifndef __CHECKER__
1654         /* don't want to handle trailing remains */
1655         BUILD_BUG_ON(sizeof(ar->eeprom) % RB);
1656 #endif
1657
1658         for (i = 0; i < sizeof(ar->eeprom)/RB; i++) {
1659                 for (j = 0; j < RW; j++)
1660                         offsets[j] = cpu_to_le32(AR9170_EEPROM_START +
1661                                                  RB * i + 4 * j);
1662
1663                 err = carl9170_exec_cmd(ar, CARL9170_CMD_RREG,
1664                                         RB, (u8 *) &offsets,
1665                                         RB, eeprom + RB * i);
1666                 if (err)
1667                         return err;
1668         }
1669
1670 #undef RW
1671 #undef RB
1672         return 0;
1673 }
1674
1675 static int carl9170_parse_eeprom(struct ar9170 *ar)
1676 {
1677         struct ath_regulatory *regulatory = &ar->common.regulatory;
1678         unsigned int rx_streams, tx_streams, tx_params = 0;
1679         int bands = 0;
1680
1681         if (ar->eeprom.length == cpu_to_le16(0xffff))
1682                 return -ENODATA;
1683
1684         rx_streams = hweight8(ar->eeprom.rx_mask);
1685         tx_streams = hweight8(ar->eeprom.tx_mask);
1686
1687         if (rx_streams != tx_streams) {
1688                 tx_params = IEEE80211_HT_MCS_TX_RX_DIFF;
1689
1690                 WARN_ON(!(tx_streams >= 1 && tx_streams <=
1691                         IEEE80211_HT_MCS_TX_MAX_STREAMS));
1692
1693                 tx_params = (tx_streams - 1) <<
1694                             IEEE80211_HT_MCS_TX_MAX_STREAMS_SHIFT;
1695
1696                 carl9170_band_2GHz.ht_cap.mcs.tx_params |= tx_params;
1697                 carl9170_band_5GHz.ht_cap.mcs.tx_params |= tx_params;
1698         }
1699
1700         if (ar->eeprom.operating_flags & AR9170_OPFLAG_2GHZ) {
1701                 ar->hw->wiphy->bands[IEEE80211_BAND_2GHZ] =
1702                         &carl9170_band_2GHz;
1703                 bands++;
1704         }
1705         if (ar->eeprom.operating_flags & AR9170_OPFLAG_5GHZ) {
1706                 ar->hw->wiphy->bands[IEEE80211_BAND_5GHZ] =
1707                         &carl9170_band_5GHz;
1708                 bands++;
1709         }
1710
1711         /*
1712          * I measured this, a bandswitch takes roughly
1713          * 135 ms and a frequency switch about 80.
1714          *
1715          * FIXME: measure these values again once EEPROM settings
1716          *        are used, that will influence them!
1717          */
1718         if (bands == 2)
1719                 ar->hw->channel_change_time = 135 * 1000;
1720         else
1721                 ar->hw->channel_change_time = 80 * 1000;
1722
1723         regulatory->current_rd = le16_to_cpu(ar->eeprom.reg_domain[0]);
1724         regulatory->current_rd_ext = le16_to_cpu(ar->eeprom.reg_domain[1]);
1725
1726         /* second part of wiphy init */
1727         SET_IEEE80211_PERM_ADDR(ar->hw, ar->eeprom.mac_address);
1728
1729         return bands ? 0 : -EINVAL;
1730 }
1731
1732 static int carl9170_reg_notifier(struct wiphy *wiphy,
1733                                  struct regulatory_request *request)
1734 {
1735         struct ieee80211_hw *hw = wiphy_to_ieee80211_hw(wiphy);
1736         struct ar9170 *ar = hw->priv;
1737
1738         return ath_reg_notifier_apply(wiphy, request, &ar->common.regulatory);
1739 }
1740
1741 int carl9170_register(struct ar9170 *ar)
1742 {
1743         struct ath_regulatory *regulatory = &ar->common.regulatory;
1744         int err = 0, i;
1745
1746         if (WARN_ON(ar->mem_bitmap))
1747                 return -EINVAL;
1748
1749         ar->mem_bitmap = kzalloc(roundup(ar->fw.mem_blocks, BITS_PER_LONG) *
1750                                  sizeof(unsigned long), GFP_KERNEL);
1751
1752         if (!ar->mem_bitmap)
1753                 return -ENOMEM;
1754
1755         /* try to read EEPROM, init MAC addr */
1756         err = carl9170_read_eeprom(ar);
1757         if (err)
1758                 return err;
1759
1760         err = carl9170_fw_fix_eeprom(ar);
1761         if (err)
1762                 return err;
1763
1764         err = carl9170_parse_eeprom(ar);
1765         if (err)
1766                 return err;
1767
1768         err = ath_regd_init(regulatory, ar->hw->wiphy,
1769                             carl9170_reg_notifier);
1770         if (err)
1771                 return err;
1772
1773         if (modparam_noht) {
1774                 carl9170_band_2GHz.ht_cap.ht_supported = false;
1775                 carl9170_band_5GHz.ht_cap.ht_supported = false;
1776         }
1777
1778         for (i = 0; i < ar->fw.vif_num; i++) {
1779                 ar->vif_priv[i].id = i;
1780                 ar->vif_priv[i].vif = NULL;
1781         }
1782
1783         err = ieee80211_register_hw(ar->hw);
1784         if (err)
1785                 return err;
1786
1787         /* mac80211 interface is now registered */
1788         ar->registered = true;
1789
1790         if (!ath_is_world_regd(regulatory))
1791                 regulatory_hint(ar->hw->wiphy, regulatory->alpha2);
1792
1793 #ifdef CONFIG_CARL9170_DEBUGFS
1794         carl9170_debugfs_register(ar);
1795 #endif /* CONFIG_CARL9170_DEBUGFS */
1796
1797         err = carl9170_led_init(ar);
1798         if (err)
1799                 goto err_unreg;
1800
1801 #ifdef CONFIG_CARL9170_LEDS
1802         err = carl9170_led_register(ar);
1803         if (err)
1804                 goto err_unreg;
1805 #endif /* CONFIG_CAR9L170_LEDS */
1806
1807 #ifdef CONFIG_CARL9170_WPC
1808         err = carl9170_register_wps_button(ar);
1809         if (err)
1810                 goto err_unreg;
1811 #endif /* CONFIG_CARL9170_WPC */
1812
1813         dev_info(&ar->udev->dev, "Atheros AR9170 is registered as '%s'\n",
1814                  wiphy_name(ar->hw->wiphy));
1815
1816         return 0;
1817
1818 err_unreg:
1819         carl9170_unregister(ar);
1820         return err;
1821 }
1822
1823 void carl9170_unregister(struct ar9170 *ar)
1824 {
1825         if (!ar->registered)
1826                 return;
1827
1828         ar->registered = false;
1829
1830 #ifdef CONFIG_CARL9170_LEDS
1831         carl9170_led_unregister(ar);
1832 #endif /* CONFIG_CARL9170_LEDS */
1833
1834 #ifdef CONFIG_CARL9170_DEBUGFS
1835         carl9170_debugfs_unregister(ar);
1836 #endif /* CONFIG_CARL9170_DEBUGFS */
1837
1838 #ifdef CONFIG_CARL9170_WPC
1839         if (ar->wps.pbc) {
1840                 input_unregister_device(ar->wps.pbc);
1841                 ar->wps.pbc = NULL;
1842         }
1843 #endif /* CONFIG_CARL9170_WPC */
1844
1845         carl9170_cancel_worker(ar);
1846         cancel_work_sync(&ar->restart_work);
1847
1848         ieee80211_unregister_hw(ar->hw);
1849 }
1850
1851 void carl9170_free(struct ar9170 *ar)
1852 {
1853         WARN_ON(ar->registered);
1854         WARN_ON(IS_INITIALIZED(ar));
1855
1856         kfree_skb(ar->rx_failover);
1857         ar->rx_failover = NULL;
1858
1859         kfree(ar->mem_bitmap);
1860         ar->mem_bitmap = NULL;
1861
1862         mutex_destroy(&ar->mutex);
1863
1864         ieee80211_free_hw(ar->hw);
1865 }