Merge git://bedivere.hansenpartnership.com/git/scsi-rc-fixes-2.6
[linux-2.6.git] / drivers / net / wireless / ath / carl9170 / main.c
1 /*
2  * Atheros CARL9170 driver
3  *
4  * mac80211 interaction code
5  *
6  * Copyright 2008, Johannes Berg <johannes@sipsolutions.net>
7  * Copyright 2009, 2010, Christian Lamparter <chunkeey@googlemail.com>
8  *
9  * This program is free software; you can redistribute it and/or modify
10  * it under the terms of the GNU General Public License as published by
11  * the Free Software Foundation; either version 2 of the License, or
12  * (at your option) any later version.
13  *
14  * This program is distributed in the hope that it will be useful,
15  * but WITHOUT ANY WARRANTY; without even the implied warranty of
16  * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
17  * GNU General Public License for more details.
18  *
19  * You should have received a copy of the GNU General Public License
20  * along with this program; see the file COPYING.  If not, see
21  * http://www.gnu.org/licenses/.
22  *
23  * This file incorporates work covered by the following copyright and
24  * permission notice:
25  *    Copyright (c) 2007-2008 Atheros Communications, Inc.
26  *
27  *    Permission to use, copy, modify, and/or distribute this software for any
28  *    purpose with or without fee is hereby granted, provided that the above
29  *    copyright notice and this permission notice appear in all copies.
30  *
31  *    THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES
32  *    WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF
33  *    MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR
34  *    ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES
35  *    WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN
36  *    ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF
37  *    OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE.
38  */
39
40 #include <linux/init.h>
41 #include <linux/slab.h>
42 #include <linux/module.h>
43 #include <linux/etherdevice.h>
44 #include <linux/random.h>
45 #include <net/mac80211.h>
46 #include <net/cfg80211.h>
47 #include "hw.h"
48 #include "carl9170.h"
49 #include "cmd.h"
50
51 static int modparam_nohwcrypt;
52 module_param_named(nohwcrypt, modparam_nohwcrypt, bool, S_IRUGO);
53 MODULE_PARM_DESC(nohwcrypt, "Disable hardware crypto offload.");
54
55 int modparam_noht;
56 module_param_named(noht, modparam_noht, int, S_IRUGO);
57 MODULE_PARM_DESC(noht, "Disable MPDU aggregation.");
58
59 #define RATE(_bitrate, _hw_rate, _txpidx, _flags) {     \
60         .bitrate        = (_bitrate),                   \
61         .flags          = (_flags),                     \
62         .hw_value       = (_hw_rate) | (_txpidx) << 4,  \
63 }
64
65 struct ieee80211_rate __carl9170_ratetable[] = {
66         RATE(10, 0, 0, 0),
67         RATE(20, 1, 1, IEEE80211_RATE_SHORT_PREAMBLE),
68         RATE(55, 2, 2, IEEE80211_RATE_SHORT_PREAMBLE),
69         RATE(110, 3, 3, IEEE80211_RATE_SHORT_PREAMBLE),
70         RATE(60, 0xb, 0, 0),
71         RATE(90, 0xf, 0, 0),
72         RATE(120, 0xa, 0, 0),
73         RATE(180, 0xe, 0, 0),
74         RATE(240, 0x9, 0, 0),
75         RATE(360, 0xd, 1, 0),
76         RATE(480, 0x8, 2, 0),
77         RATE(540, 0xc, 3, 0),
78 };
79 #undef RATE
80
81 #define carl9170_g_ratetable    (__carl9170_ratetable + 0)
82 #define carl9170_g_ratetable_size       12
83 #define carl9170_a_ratetable    (__carl9170_ratetable + 4)
84 #define carl9170_a_ratetable_size       8
85
86 /*
87  * NB: The hw_value is used as an index into the carl9170_phy_freq_params
88  *     array in phy.c so that we don't have to do frequency lookups!
89  */
90 #define CHAN(_freq, _idx) {             \
91         .center_freq    = (_freq),      \
92         .hw_value       = (_idx),       \
93         .max_power      = 18, /* XXX */ \
94 }
95
96 static struct ieee80211_channel carl9170_2ghz_chantable[] = {
97         CHAN(2412,  0),
98         CHAN(2417,  1),
99         CHAN(2422,  2),
100         CHAN(2427,  3),
101         CHAN(2432,  4),
102         CHAN(2437,  5),
103         CHAN(2442,  6),
104         CHAN(2447,  7),
105         CHAN(2452,  8),
106         CHAN(2457,  9),
107         CHAN(2462, 10),
108         CHAN(2467, 11),
109         CHAN(2472, 12),
110         CHAN(2484, 13),
111 };
112
113 static struct ieee80211_channel carl9170_5ghz_chantable[] = {
114         CHAN(4920, 14),
115         CHAN(4940, 15),
116         CHAN(4960, 16),
117         CHAN(4980, 17),
118         CHAN(5040, 18),
119         CHAN(5060, 19),
120         CHAN(5080, 20),
121         CHAN(5180, 21),
122         CHAN(5200, 22),
123         CHAN(5220, 23),
124         CHAN(5240, 24),
125         CHAN(5260, 25),
126         CHAN(5280, 26),
127         CHAN(5300, 27),
128         CHAN(5320, 28),
129         CHAN(5500, 29),
130         CHAN(5520, 30),
131         CHAN(5540, 31),
132         CHAN(5560, 32),
133         CHAN(5580, 33),
134         CHAN(5600, 34),
135         CHAN(5620, 35),
136         CHAN(5640, 36),
137         CHAN(5660, 37),
138         CHAN(5680, 38),
139         CHAN(5700, 39),
140         CHAN(5745, 40),
141         CHAN(5765, 41),
142         CHAN(5785, 42),
143         CHAN(5805, 43),
144         CHAN(5825, 44),
145         CHAN(5170, 45),
146         CHAN(5190, 46),
147         CHAN(5210, 47),
148         CHAN(5230, 48),
149 };
150 #undef CHAN
151
152 #define CARL9170_HT_CAP                                                 \
153 {                                                                       \
154         .ht_supported   = true,                                         \
155         .cap            = IEEE80211_HT_CAP_MAX_AMSDU |                  \
156                           IEEE80211_HT_CAP_SUP_WIDTH_20_40 |            \
157                           IEEE80211_HT_CAP_SGI_40 |                     \
158                           IEEE80211_HT_CAP_DSSSCCK40 |                  \
159                           IEEE80211_HT_CAP_SM_PS,                       \
160         .ampdu_factor   = IEEE80211_HT_MAX_AMPDU_64K,                   \
161         .ampdu_density  = IEEE80211_HT_MPDU_DENSITY_8,                  \
162         .mcs            = {                                             \
163                 .rx_mask = { 0xff, 0xff, 0, 0, 0x1, 0, 0, 0, 0, 0, },   \
164                 .rx_highest = cpu_to_le16(300),                         \
165                 .tx_params = IEEE80211_HT_MCS_TX_DEFINED,               \
166         },                                                              \
167 }
168
169 static struct ieee80211_supported_band carl9170_band_2GHz = {
170         .channels       = carl9170_2ghz_chantable,
171         .n_channels     = ARRAY_SIZE(carl9170_2ghz_chantable),
172         .bitrates       = carl9170_g_ratetable,
173         .n_bitrates     = carl9170_g_ratetable_size,
174         .ht_cap         = CARL9170_HT_CAP,
175 };
176
177 static struct ieee80211_supported_band carl9170_band_5GHz = {
178         .channels       = carl9170_5ghz_chantable,
179         .n_channels     = ARRAY_SIZE(carl9170_5ghz_chantable),
180         .bitrates       = carl9170_a_ratetable,
181         .n_bitrates     = carl9170_a_ratetable_size,
182         .ht_cap         = CARL9170_HT_CAP,
183 };
184
185 static void carl9170_ampdu_gc(struct ar9170 *ar)
186 {
187         struct carl9170_sta_tid *tid_info;
188         LIST_HEAD(tid_gc);
189
190         rcu_read_lock();
191         list_for_each_entry_rcu(tid_info, &ar->tx_ampdu_list, list) {
192                 spin_lock_bh(&ar->tx_ampdu_list_lock);
193                 if (tid_info->state == CARL9170_TID_STATE_SHUTDOWN) {
194                         tid_info->state = CARL9170_TID_STATE_KILLED;
195                         list_del_rcu(&tid_info->list);
196                         ar->tx_ampdu_list_len--;
197                         list_add_tail(&tid_info->tmp_list, &tid_gc);
198                 }
199                 spin_unlock_bh(&ar->tx_ampdu_list_lock);
200
201         }
202         rcu_assign_pointer(ar->tx_ampdu_iter, tid_info);
203         rcu_read_unlock();
204
205         synchronize_rcu();
206
207         while (!list_empty(&tid_gc)) {
208                 struct sk_buff *skb;
209                 tid_info = list_first_entry(&tid_gc, struct carl9170_sta_tid,
210                                             tmp_list);
211
212                 while ((skb = __skb_dequeue(&tid_info->queue)))
213                         carl9170_tx_status(ar, skb, false);
214
215                 list_del_init(&tid_info->tmp_list);
216                 kfree(tid_info);
217         }
218 }
219
220 static void carl9170_flush(struct ar9170 *ar, bool drop_queued)
221 {
222         if (drop_queued) {
223                 int i;
224
225                 /*
226                  * We can only drop frames which have not been uploaded
227                  * to the device yet.
228                  */
229
230                 for (i = 0; i < ar->hw->queues; i++) {
231                         struct sk_buff *skb;
232
233                         while ((skb = skb_dequeue(&ar->tx_pending[i]))) {
234                                 struct ieee80211_tx_info *info;
235
236                                 info = IEEE80211_SKB_CB(skb);
237                                 if (info->flags & IEEE80211_TX_CTL_AMPDU)
238                                         atomic_dec(&ar->tx_ampdu_upload);
239
240                                 carl9170_tx_status(ar, skb, false);
241                         }
242                 }
243         }
244
245         /* Wait for all other outstanding frames to timeout. */
246         if (atomic_read(&ar->tx_total_queued))
247                 WARN_ON(wait_for_completion_timeout(&ar->tx_flush, HZ) == 0);
248 }
249
250 static void carl9170_flush_ba(struct ar9170 *ar)
251 {
252         struct sk_buff_head free;
253         struct carl9170_sta_tid *tid_info;
254         struct sk_buff *skb;
255
256         __skb_queue_head_init(&free);
257
258         rcu_read_lock();
259         spin_lock_bh(&ar->tx_ampdu_list_lock);
260         list_for_each_entry_rcu(tid_info, &ar->tx_ampdu_list, list) {
261                 if (tid_info->state > CARL9170_TID_STATE_SUSPEND) {
262                         tid_info->state = CARL9170_TID_STATE_SUSPEND;
263
264                         spin_lock(&tid_info->lock);
265                         while ((skb = __skb_dequeue(&tid_info->queue)))
266                                 __skb_queue_tail(&free, skb);
267                         spin_unlock(&tid_info->lock);
268                 }
269         }
270         spin_unlock_bh(&ar->tx_ampdu_list_lock);
271         rcu_read_unlock();
272
273         while ((skb = __skb_dequeue(&free)))
274                 carl9170_tx_status(ar, skb, false);
275 }
276
277 static void carl9170_zap_queues(struct ar9170 *ar)
278 {
279         struct carl9170_vif_info *cvif;
280         unsigned int i;
281
282         carl9170_ampdu_gc(ar);
283
284         carl9170_flush_ba(ar);
285         carl9170_flush(ar, true);
286
287         for (i = 0; i < ar->hw->queues; i++) {
288                 spin_lock_bh(&ar->tx_status[i].lock);
289                 while (!skb_queue_empty(&ar->tx_status[i])) {
290                         struct sk_buff *skb;
291
292                         skb = skb_peek(&ar->tx_status[i]);
293                         carl9170_tx_get_skb(skb);
294                         spin_unlock_bh(&ar->tx_status[i].lock);
295                         carl9170_tx_drop(ar, skb);
296                         spin_lock_bh(&ar->tx_status[i].lock);
297                         carl9170_tx_put_skb(skb);
298                 }
299                 spin_unlock_bh(&ar->tx_status[i].lock);
300         }
301
302         BUILD_BUG_ON(CARL9170_NUM_TX_LIMIT_SOFT < 1);
303         BUILD_BUG_ON(CARL9170_NUM_TX_LIMIT_HARD < CARL9170_NUM_TX_LIMIT_SOFT);
304         BUILD_BUG_ON(CARL9170_NUM_TX_LIMIT_HARD >= CARL9170_BAW_BITS);
305
306         /* reinitialize queues statistics */
307         memset(&ar->tx_stats, 0, sizeof(ar->tx_stats));
308         for (i = 0; i < ar->hw->queues; i++)
309                 ar->tx_stats[i].limit = CARL9170_NUM_TX_LIMIT_HARD;
310
311         for (i = 0; i < DIV_ROUND_UP(ar->fw.mem_blocks, BITS_PER_LONG); i++)
312                 ar->mem_bitmap[i] = 0;
313
314         rcu_read_lock();
315         list_for_each_entry_rcu(cvif, &ar->vif_list, list) {
316                 spin_lock_bh(&ar->beacon_lock);
317                 dev_kfree_skb_any(cvif->beacon);
318                 cvif->beacon = NULL;
319                 spin_unlock_bh(&ar->beacon_lock);
320         }
321         rcu_read_unlock();
322
323         atomic_set(&ar->tx_ampdu_upload, 0);
324         atomic_set(&ar->tx_ampdu_scheduler, 0);
325         atomic_set(&ar->tx_total_pending, 0);
326         atomic_set(&ar->tx_total_queued, 0);
327         atomic_set(&ar->mem_free_blocks, ar->fw.mem_blocks);
328 }
329
330 #define CARL9170_FILL_QUEUE(queue, ai_fs, cwmin, cwmax, _txop)          \
331 do {                                                                    \
332         queue.aifs = ai_fs;                                             \
333         queue.cw_min = cwmin;                                           \
334         queue.cw_max = cwmax;                                           \
335         queue.txop = _txop;                                             \
336 } while (0)
337
338 static int carl9170_op_start(struct ieee80211_hw *hw)
339 {
340         struct ar9170 *ar = hw->priv;
341         int err, i;
342
343         mutex_lock(&ar->mutex);
344
345         carl9170_zap_queues(ar);
346
347         /* reset QoS defaults */
348         CARL9170_FILL_QUEUE(ar->edcf[AR9170_TXQ_VO], 2, 3,     7, 47);
349         CARL9170_FILL_QUEUE(ar->edcf[AR9170_TXQ_VI], 2, 7,    15, 94);
350         CARL9170_FILL_QUEUE(ar->edcf[AR9170_TXQ_BE], 3, 15, 1023,  0);
351         CARL9170_FILL_QUEUE(ar->edcf[AR9170_TXQ_BK], 7, 15, 1023,  0);
352         CARL9170_FILL_QUEUE(ar->edcf[AR9170_TXQ_SPECIAL], 2, 3, 7, 0);
353
354         ar->current_factor = ar->current_density = -1;
355         /* "The first key is unique." */
356         ar->usedkeys = 1;
357         ar->filter_state = 0;
358         ar->ps.last_action = jiffies;
359         ar->ps.last_slept = jiffies;
360         ar->erp_mode = CARL9170_ERP_AUTO;
361         ar->rx_software_decryption = false;
362         ar->disable_offload = false;
363
364         for (i = 0; i < ar->hw->queues; i++) {
365                 ar->queue_stop_timeout[i] = jiffies;
366                 ar->max_queue_stop_timeout[i] = 0;
367         }
368
369         atomic_set(&ar->mem_allocs, 0);
370
371         err = carl9170_usb_open(ar);
372         if (err)
373                 goto out;
374
375         err = carl9170_init_mac(ar);
376         if (err)
377                 goto out;
378
379         err = carl9170_set_qos(ar);
380         if (err)
381                 goto out;
382
383         if (ar->fw.rx_filter) {
384                 err = carl9170_rx_filter(ar, CARL9170_RX_FILTER_OTHER_RA |
385                         CARL9170_RX_FILTER_CTL_OTHER | CARL9170_RX_FILTER_BAD);
386                 if (err)
387                         goto out;
388         }
389
390         err = carl9170_write_reg(ar, AR9170_MAC_REG_DMA_TRIGGER,
391                                  AR9170_DMA_TRIGGER_RXQ);
392         if (err)
393                 goto out;
394
395         /* Clear key-cache */
396         for (i = 0; i < AR9170_CAM_MAX_USER + 4; i++) {
397                 err = carl9170_upload_key(ar, i, NULL, AR9170_ENC_ALG_NONE,
398                                           0, NULL, 0);
399                 if (err)
400                         goto out;
401
402                 err = carl9170_upload_key(ar, i, NULL, AR9170_ENC_ALG_NONE,
403                                           1, NULL, 0);
404                 if (err)
405                         goto out;
406
407                 if (i < AR9170_CAM_MAX_USER) {
408                         err = carl9170_disable_key(ar, i);
409                         if (err)
410                                 goto out;
411                 }
412         }
413
414         carl9170_set_state_when(ar, CARL9170_IDLE, CARL9170_STARTED);
415
416         ieee80211_wake_queues(ar->hw);
417         err = 0;
418
419 out:
420         mutex_unlock(&ar->mutex);
421         return err;
422 }
423
424 static void carl9170_cancel_worker(struct ar9170 *ar)
425 {
426         cancel_delayed_work_sync(&ar->tx_janitor);
427 #ifdef CONFIG_CARL9170_LEDS
428         cancel_delayed_work_sync(&ar->led_work);
429 #endif /* CONFIG_CARL9170_LEDS */
430         cancel_work_sync(&ar->ps_work);
431         cancel_work_sync(&ar->ping_work);
432         cancel_work_sync(&ar->ampdu_work);
433 }
434
435 static void carl9170_op_stop(struct ieee80211_hw *hw)
436 {
437         struct ar9170 *ar = hw->priv;
438
439         carl9170_set_state_when(ar, CARL9170_STARTED, CARL9170_IDLE);
440
441         ieee80211_stop_queues(ar->hw);
442
443         mutex_lock(&ar->mutex);
444         if (IS_ACCEPTING_CMD(ar)) {
445                 rcu_assign_pointer(ar->beacon_iter, NULL);
446
447                 carl9170_led_set_state(ar, 0);
448
449                 /* stop DMA */
450                 carl9170_write_reg(ar, AR9170_MAC_REG_DMA_TRIGGER, 0);
451                 carl9170_usb_stop(ar);
452         }
453
454         carl9170_zap_queues(ar);
455         mutex_unlock(&ar->mutex);
456
457         carl9170_cancel_worker(ar);
458 }
459
460 static void carl9170_restart_work(struct work_struct *work)
461 {
462         struct ar9170 *ar = container_of(work, struct ar9170,
463                                          restart_work);
464         int err;
465
466         ar->usedkeys = 0;
467         ar->filter_state = 0;
468         carl9170_cancel_worker(ar);
469
470         mutex_lock(&ar->mutex);
471         err = carl9170_usb_restart(ar);
472         if (net_ratelimit()) {
473                 if (err) {
474                         dev_err(&ar->udev->dev, "Failed to restart device "
475                                 " (%d).\n", err);
476                  } else {
477                         dev_info(&ar->udev->dev, "device restarted "
478                                  "successfully.\n");
479                 }
480         }
481
482         carl9170_zap_queues(ar);
483         mutex_unlock(&ar->mutex);
484         if (!err) {
485                 ar->restart_counter++;
486                 atomic_set(&ar->pending_restarts, 0);
487
488                 ieee80211_restart_hw(ar->hw);
489         } else {
490                 /*
491                  * The reset was unsuccessful and the device seems to
492                  * be dead. But there's still one option: a low-level
493                  * usb subsystem reset...
494                  */
495
496                 carl9170_usb_reset(ar);
497         }
498 }
499
500 void carl9170_restart(struct ar9170 *ar, const enum carl9170_restart_reasons r)
501 {
502         carl9170_set_state_when(ar, CARL9170_STARTED, CARL9170_IDLE);
503
504         /*
505          * Sometimes, an error can trigger several different reset events.
506          * By ignoring these *surplus* reset events, the device won't be
507          * killed again, right after it has recovered.
508          */
509         if (atomic_inc_return(&ar->pending_restarts) > 1) {
510                 dev_dbg(&ar->udev->dev, "ignoring restart (%d)\n", r);
511                 return;
512         }
513
514         ieee80211_stop_queues(ar->hw);
515
516         dev_err(&ar->udev->dev, "restart device (%d)\n", r);
517
518         if (!WARN_ON(r == CARL9170_RR_NO_REASON) ||
519             !WARN_ON(r >= __CARL9170_RR_LAST))
520                 ar->last_reason = r;
521
522         if (!ar->registered)
523                 return;
524
525         if (IS_ACCEPTING_CMD(ar) && !ar->needs_full_reset)
526                 ieee80211_queue_work(ar->hw, &ar->restart_work);
527         else
528                 carl9170_usb_reset(ar);
529
530         /*
531          * At this point, the device instance might have vanished/disabled.
532          * So, don't put any code which access the ar9170 struct
533          * without proper protection.
534          */
535 }
536
537 static void carl9170_ping_work(struct work_struct *work)
538 {
539         struct ar9170 *ar = container_of(work, struct ar9170, ping_work);
540         int err;
541
542         if (!IS_STARTED(ar))
543                 return;
544
545         mutex_lock(&ar->mutex);
546         err = carl9170_echo_test(ar, 0xdeadbeef);
547         if (err)
548                 carl9170_restart(ar, CARL9170_RR_UNRESPONSIVE_DEVICE);
549         mutex_unlock(&ar->mutex);
550 }
551
552 static int carl9170_init_interface(struct ar9170 *ar,
553                                    struct ieee80211_vif *vif)
554 {
555         struct ath_common *common = &ar->common;
556         int err;
557
558         if (!vif) {
559                 WARN_ON_ONCE(IS_STARTED(ar));
560                 return 0;
561         }
562
563         memcpy(common->macaddr, vif->addr, ETH_ALEN);
564
565         if (modparam_nohwcrypt ||
566             ((vif->type != NL80211_IFTYPE_STATION) &&
567              (vif->type != NL80211_IFTYPE_AP))) {
568                 ar->rx_software_decryption = true;
569                 ar->disable_offload = true;
570         }
571
572         err = carl9170_set_operating_mode(ar);
573         return err;
574 }
575
576 static int carl9170_op_add_interface(struct ieee80211_hw *hw,
577                                      struct ieee80211_vif *vif)
578 {
579         struct carl9170_vif_info *vif_priv = (void *) vif->drv_priv;
580         struct ieee80211_vif *main_vif;
581         struct ar9170 *ar = hw->priv;
582         int vif_id = -1, err = 0;
583
584         mutex_lock(&ar->mutex);
585         rcu_read_lock();
586         if (vif_priv->active) {
587                 /*
588                  * Skip the interface structure initialization,
589                  * if the vif survived the _restart call.
590                  */
591                 vif_id = vif_priv->id;
592                 vif_priv->enable_beacon = false;
593
594                 spin_lock_bh(&ar->beacon_lock);
595                 dev_kfree_skb_any(vif_priv->beacon);
596                 vif_priv->beacon = NULL;
597                 spin_unlock_bh(&ar->beacon_lock);
598
599                 goto init;
600         }
601
602         main_vif = carl9170_get_main_vif(ar);
603
604         if (main_vif) {
605                 switch (main_vif->type) {
606                 case NL80211_IFTYPE_STATION:
607                         if (vif->type == NL80211_IFTYPE_STATION)
608                                 break;
609
610                         err = -EBUSY;
611                         rcu_read_unlock();
612
613                         goto unlock;
614
615                 case NL80211_IFTYPE_AP:
616                         if ((vif->type == NL80211_IFTYPE_STATION) ||
617                             (vif->type == NL80211_IFTYPE_WDS) ||
618                             (vif->type == NL80211_IFTYPE_AP))
619                                 break;
620
621                         err = -EBUSY;
622                         rcu_read_unlock();
623                         goto unlock;
624
625                 default:
626                         rcu_read_unlock();
627                         goto unlock;
628                 }
629         }
630
631         vif_id = bitmap_find_free_region(&ar->vif_bitmap, ar->fw.vif_num, 0);
632
633         if (vif_id < 0) {
634                 rcu_read_unlock();
635
636                 err = -ENOSPC;
637                 goto unlock;
638         }
639
640         BUG_ON(ar->vif_priv[vif_id].id != vif_id);
641
642         vif_priv->active = true;
643         vif_priv->id = vif_id;
644         vif_priv->enable_beacon = false;
645         ar->vifs++;
646         list_add_tail_rcu(&vif_priv->list, &ar->vif_list);
647         rcu_assign_pointer(ar->vif_priv[vif_id].vif, vif);
648
649 init:
650         if (carl9170_get_main_vif(ar) == vif) {
651                 rcu_assign_pointer(ar->beacon_iter, vif_priv);
652                 rcu_read_unlock();
653
654                 err = carl9170_init_interface(ar, vif);
655                 if (err)
656                         goto unlock;
657         } else {
658                 rcu_read_unlock();
659                 err = carl9170_mod_virtual_mac(ar, vif_id, vif->addr);
660
661                 if (err)
662                         goto unlock;
663         }
664
665         if (ar->fw.tx_seq_table) {
666                 err = carl9170_write_reg(ar, ar->fw.tx_seq_table + vif_id * 4,
667                                          0);
668                 if (err)
669                         goto unlock;
670         }
671
672 unlock:
673         if (err && (vif_id >= 0)) {
674                 vif_priv->active = false;
675                 bitmap_release_region(&ar->vif_bitmap, vif_id, 0);
676                 ar->vifs--;
677                 rcu_assign_pointer(ar->vif_priv[vif_id].vif, NULL);
678                 list_del_rcu(&vif_priv->list);
679                 mutex_unlock(&ar->mutex);
680                 synchronize_rcu();
681         } else {
682                 if (ar->vifs > 1)
683                         ar->ps.off_override |= PS_OFF_VIF;
684
685                 mutex_unlock(&ar->mutex);
686         }
687
688         return err;
689 }
690
691 static void carl9170_op_remove_interface(struct ieee80211_hw *hw,
692                                          struct ieee80211_vif *vif)
693 {
694         struct carl9170_vif_info *vif_priv = (void *) vif->drv_priv;
695         struct ieee80211_vif *main_vif;
696         struct ar9170 *ar = hw->priv;
697         unsigned int id;
698
699         mutex_lock(&ar->mutex);
700
701         if (WARN_ON_ONCE(!vif_priv->active))
702                 goto unlock;
703
704         ar->vifs--;
705
706         rcu_read_lock();
707         main_vif = carl9170_get_main_vif(ar);
708
709         id = vif_priv->id;
710
711         vif_priv->active = false;
712         WARN_ON(vif_priv->enable_beacon);
713         vif_priv->enable_beacon = false;
714         list_del_rcu(&vif_priv->list);
715         rcu_assign_pointer(ar->vif_priv[id].vif, NULL);
716
717         if (vif == main_vif) {
718                 rcu_read_unlock();
719
720                 if (ar->vifs) {
721                         WARN_ON(carl9170_init_interface(ar,
722                                         carl9170_get_main_vif(ar)));
723                 } else {
724                         carl9170_set_operating_mode(ar);
725                 }
726         } else {
727                 rcu_read_unlock();
728
729                 WARN_ON(carl9170_mod_virtual_mac(ar, id, NULL));
730         }
731
732         carl9170_update_beacon(ar, false);
733         carl9170_flush_cab(ar, id);
734
735         spin_lock_bh(&ar->beacon_lock);
736         dev_kfree_skb_any(vif_priv->beacon);
737         vif_priv->beacon = NULL;
738         spin_unlock_bh(&ar->beacon_lock);
739
740         bitmap_release_region(&ar->vif_bitmap, id, 0);
741
742         carl9170_set_beacon_timers(ar);
743
744         if (ar->vifs == 1)
745                 ar->ps.off_override &= ~PS_OFF_VIF;
746
747 unlock:
748         mutex_unlock(&ar->mutex);
749
750         synchronize_rcu();
751 }
752
753 void carl9170_ps_check(struct ar9170 *ar)
754 {
755         ieee80211_queue_work(ar->hw, &ar->ps_work);
756 }
757
758 /* caller must hold ar->mutex */
759 static int carl9170_ps_update(struct ar9170 *ar)
760 {
761         bool ps = false;
762         int err = 0;
763
764         if (!ar->ps.off_override)
765                 ps = (ar->hw->conf.flags & IEEE80211_CONF_PS);
766
767         if (ps != ar->ps.state) {
768                 err = carl9170_powersave(ar, ps);
769                 if (err)
770                         return err;
771
772                 if (ar->ps.state && !ps) {
773                         ar->ps.sleep_ms = jiffies_to_msecs(jiffies -
774                                 ar->ps.last_action);
775                 }
776
777                 if (ps)
778                         ar->ps.last_slept = jiffies;
779
780                 ar->ps.last_action = jiffies;
781                 ar->ps.state = ps;
782         }
783
784         return 0;
785 }
786
787 static void carl9170_ps_work(struct work_struct *work)
788 {
789         struct ar9170 *ar = container_of(work, struct ar9170,
790                                          ps_work);
791         mutex_lock(&ar->mutex);
792         if (IS_STARTED(ar))
793                 WARN_ON_ONCE(carl9170_ps_update(ar) != 0);
794         mutex_unlock(&ar->mutex);
795 }
796
797
798 static int carl9170_op_config(struct ieee80211_hw *hw, u32 changed)
799 {
800         struct ar9170 *ar = hw->priv;
801         int err = 0;
802
803         mutex_lock(&ar->mutex);
804         if (changed & IEEE80211_CONF_CHANGE_LISTEN_INTERVAL) {
805                 /* TODO */
806                 err = 0;
807         }
808
809         if (changed & IEEE80211_CONF_CHANGE_PS) {
810                 err = carl9170_ps_update(ar);
811                 if (err)
812                         goto out;
813         }
814
815         if (changed & IEEE80211_CONF_CHANGE_POWER) {
816                 /* TODO */
817                 err = 0;
818         }
819
820         if (changed & IEEE80211_CONF_CHANGE_SMPS) {
821                 /* TODO */
822                 err = 0;
823         }
824
825         if (changed & IEEE80211_CONF_CHANGE_CHANNEL) {
826                 /* adjust slot time for 5 GHz */
827                 err = carl9170_set_slot_time(ar);
828                 if (err)
829                         goto out;
830
831                 err = carl9170_set_channel(ar, hw->conf.channel,
832                         hw->conf.channel_type, CARL9170_RFI_NONE);
833                 if (err)
834                         goto out;
835
836                 err = carl9170_set_dyn_sifs_ack(ar);
837                 if (err)
838                         goto out;
839
840                 err = carl9170_set_rts_cts_rate(ar);
841                 if (err)
842                         goto out;
843         }
844
845 out:
846         mutex_unlock(&ar->mutex);
847         return err;
848 }
849
850 static u64 carl9170_op_prepare_multicast(struct ieee80211_hw *hw,
851                                          struct netdev_hw_addr_list *mc_list)
852 {
853         struct netdev_hw_addr *ha;
854         u64 mchash;
855
856         /* always get broadcast frames */
857         mchash = 1ULL << (0xff >> 2);
858
859         netdev_hw_addr_list_for_each(ha, mc_list)
860                 mchash |= 1ULL << (ha->addr[5] >> 2);
861
862         return mchash;
863 }
864
865 static void carl9170_op_configure_filter(struct ieee80211_hw *hw,
866                                          unsigned int changed_flags,
867                                          unsigned int *new_flags,
868                                          u64 multicast)
869 {
870         struct ar9170 *ar = hw->priv;
871
872         /* mask supported flags */
873         *new_flags &= FIF_ALLMULTI | ar->rx_filter_caps;
874
875         if (!IS_ACCEPTING_CMD(ar))
876                 return;
877
878         mutex_lock(&ar->mutex);
879
880         ar->filter_state = *new_flags;
881         /*
882          * We can support more by setting the sniffer bit and
883          * then checking the error flags, later.
884          */
885
886         if (*new_flags & FIF_ALLMULTI)
887                 multicast = ~0ULL;
888
889         if (multicast != ar->cur_mc_hash)
890                 WARN_ON(carl9170_update_multicast(ar, multicast));
891
892         if (changed_flags & (FIF_OTHER_BSS | FIF_PROMISC_IN_BSS)) {
893                 ar->sniffer_enabled = !!(*new_flags &
894                         (FIF_OTHER_BSS | FIF_PROMISC_IN_BSS));
895
896                 WARN_ON(carl9170_set_operating_mode(ar));
897         }
898
899         if (ar->fw.rx_filter && changed_flags & ar->rx_filter_caps) {
900                 u32 rx_filter = 0;
901
902                 if (!(*new_flags & (FIF_FCSFAIL | FIF_PLCPFAIL)))
903                         rx_filter |= CARL9170_RX_FILTER_BAD;
904
905                 if (!(*new_flags & FIF_CONTROL))
906                         rx_filter |= CARL9170_RX_FILTER_CTL_OTHER;
907
908                 if (!(*new_flags & FIF_PSPOLL))
909                         rx_filter |= CARL9170_RX_FILTER_CTL_PSPOLL;
910
911                 if (!(*new_flags & (FIF_OTHER_BSS | FIF_PROMISC_IN_BSS))) {
912                         rx_filter |= CARL9170_RX_FILTER_OTHER_RA;
913                         rx_filter |= CARL9170_RX_FILTER_DECRY_FAIL;
914                 }
915
916                 WARN_ON(carl9170_rx_filter(ar, rx_filter));
917         }
918
919         mutex_unlock(&ar->mutex);
920 }
921
922
923 static void carl9170_op_bss_info_changed(struct ieee80211_hw *hw,
924                                          struct ieee80211_vif *vif,
925                                          struct ieee80211_bss_conf *bss_conf,
926                                          u32 changed)
927 {
928         struct ar9170 *ar = hw->priv;
929         struct ath_common *common = &ar->common;
930         int err = 0;
931         struct carl9170_vif_info *vif_priv;
932         struct ieee80211_vif *main_vif;
933
934         mutex_lock(&ar->mutex);
935         vif_priv = (void *) vif->drv_priv;
936         main_vif = carl9170_get_main_vif(ar);
937         if (WARN_ON(!main_vif))
938                 goto out;
939
940         if (changed & BSS_CHANGED_BEACON_ENABLED) {
941                 struct carl9170_vif_info *iter;
942                 int i = 0;
943
944                 vif_priv->enable_beacon = bss_conf->enable_beacon;
945                 rcu_read_lock();
946                 list_for_each_entry_rcu(iter, &ar->vif_list, list) {
947                         if (iter->active && iter->enable_beacon)
948                                 i++;
949
950                 }
951                 rcu_read_unlock();
952
953                 ar->beacon_enabled = i;
954         }
955
956         if (changed & BSS_CHANGED_BEACON) {
957                 err = carl9170_update_beacon(ar, false);
958                 if (err)
959                         goto out;
960         }
961
962         if (changed & (BSS_CHANGED_BEACON_ENABLED | BSS_CHANGED_BEACON |
963                        BSS_CHANGED_BEACON_INT)) {
964
965                 if (main_vif != vif) {
966                         bss_conf->beacon_int = main_vif->bss_conf.beacon_int;
967                         bss_conf->dtim_period = main_vif->bss_conf.dtim_period;
968                 }
969
970                 /*
971                  * Therefore a hard limit for the broadcast traffic should
972                  * prevent false alarms.
973                  */
974                 if (vif->type != NL80211_IFTYPE_STATION &&
975                     (bss_conf->beacon_int * bss_conf->dtim_period >=
976                      (CARL9170_QUEUE_STUCK_TIMEOUT / 2))) {
977                         err = -EINVAL;
978                         goto out;
979                 }
980
981                 err = carl9170_set_beacon_timers(ar);
982                 if (err)
983                         goto out;
984         }
985
986         if (changed & BSS_CHANGED_HT) {
987                 /* TODO */
988                 err = 0;
989                 if (err)
990                         goto out;
991         }
992
993         if (main_vif != vif)
994                 goto out;
995
996         /*
997          * The following settings can only be changed by the
998          * master interface.
999          */
1000
1001         if (changed & BSS_CHANGED_BSSID) {
1002                 memcpy(common->curbssid, bss_conf->bssid, ETH_ALEN);
1003                 err = carl9170_set_operating_mode(ar);
1004                 if (err)
1005                         goto out;
1006         }
1007
1008         if (changed & BSS_CHANGED_ASSOC) {
1009                 ar->common.curaid = bss_conf->aid;
1010                 err = carl9170_set_beacon_timers(ar);
1011                 if (err)
1012                         goto out;
1013         }
1014
1015         if (changed & BSS_CHANGED_ERP_SLOT) {
1016                 err = carl9170_set_slot_time(ar);
1017                 if (err)
1018                         goto out;
1019         }
1020
1021         if (changed & BSS_CHANGED_BASIC_RATES) {
1022                 err = carl9170_set_mac_rates(ar);
1023                 if (err)
1024                         goto out;
1025         }
1026
1027 out:
1028         WARN_ON_ONCE(err && IS_STARTED(ar));
1029         mutex_unlock(&ar->mutex);
1030 }
1031
1032 static u64 carl9170_op_get_tsf(struct ieee80211_hw *hw)
1033 {
1034         struct ar9170 *ar = hw->priv;
1035         struct carl9170_tsf_rsp tsf;
1036         int err;
1037
1038         mutex_lock(&ar->mutex);
1039         err = carl9170_exec_cmd(ar, CARL9170_CMD_READ_TSF,
1040                                 0, NULL, sizeof(tsf), &tsf);
1041         mutex_unlock(&ar->mutex);
1042         if (WARN_ON(err))
1043                 return 0;
1044
1045         return le64_to_cpu(tsf.tsf_64);
1046 }
1047
1048 static int carl9170_op_set_key(struct ieee80211_hw *hw, enum set_key_cmd cmd,
1049                                struct ieee80211_vif *vif,
1050                                struct ieee80211_sta *sta,
1051                                struct ieee80211_key_conf *key)
1052 {
1053         struct ar9170 *ar = hw->priv;
1054         int err = 0, i;
1055         u8 ktype;
1056
1057         if (ar->disable_offload || !vif)
1058                 return -EOPNOTSUPP;
1059
1060         /*
1061          * We have to fall back to software encryption, whenever
1062          * the user choose to participates in an IBSS or is connected
1063          * to more than one network.
1064          *
1065          * This is very unfortunate, because some machines cannot handle
1066          * the high througput speed in 802.11n networks.
1067          */
1068
1069         if (!is_main_vif(ar, vif)) {
1070                 mutex_lock(&ar->mutex);
1071                 goto err_softw;
1072         }
1073
1074         /*
1075          * While the hardware supports *catch-all* key, for offloading
1076          * group-key en-/de-cryption. The way of how the hardware
1077          * decides which keyId maps to which key, remains a mystery...
1078          */
1079         if ((vif->type != NL80211_IFTYPE_STATION &&
1080              vif->type != NL80211_IFTYPE_ADHOC) &&
1081             !(key->flags & IEEE80211_KEY_FLAG_PAIRWISE))
1082                 return -EOPNOTSUPP;
1083
1084         switch (key->cipher) {
1085         case WLAN_CIPHER_SUITE_WEP40:
1086                 ktype = AR9170_ENC_ALG_WEP64;
1087                 break;
1088         case WLAN_CIPHER_SUITE_WEP104:
1089                 ktype = AR9170_ENC_ALG_WEP128;
1090                 break;
1091         case WLAN_CIPHER_SUITE_TKIP:
1092                 ktype = AR9170_ENC_ALG_TKIP;
1093                 break;
1094         case WLAN_CIPHER_SUITE_CCMP:
1095                 ktype = AR9170_ENC_ALG_AESCCMP;
1096                 break;
1097         default:
1098                 return -EOPNOTSUPP;
1099         }
1100
1101         mutex_lock(&ar->mutex);
1102         if (cmd == SET_KEY) {
1103                 if (!IS_STARTED(ar)) {
1104                         err = -EOPNOTSUPP;
1105                         goto out;
1106                 }
1107
1108                 if (!(key->flags & IEEE80211_KEY_FLAG_PAIRWISE)) {
1109                         sta = NULL;
1110
1111                         i = 64 + key->keyidx;
1112                 } else {
1113                         for (i = 0; i < 64; i++)
1114                                 if (!(ar->usedkeys & BIT(i)))
1115                                         break;
1116                         if (i == 64)
1117                                 goto err_softw;
1118                 }
1119
1120                 key->hw_key_idx = i;
1121
1122                 err = carl9170_upload_key(ar, i, sta ? sta->addr : NULL,
1123                                           ktype, 0, key->key,
1124                                           min_t(u8, 16, key->keylen));
1125                 if (err)
1126                         goto out;
1127
1128                 if (key->cipher == WLAN_CIPHER_SUITE_TKIP) {
1129                         err = carl9170_upload_key(ar, i, sta ? sta->addr :
1130                                                   NULL, ktype, 1,
1131                                                   key->key + 16, 16);
1132                         if (err)
1133                                 goto out;
1134
1135                         /*
1136                          * hardware is not capable generating MMIC
1137                          * of fragmented frames!
1138                          */
1139                         key->flags |= IEEE80211_KEY_FLAG_GENERATE_MMIC;
1140                 }
1141
1142                 if (i < 64)
1143                         ar->usedkeys |= BIT(i);
1144
1145                 key->flags |= IEEE80211_KEY_FLAG_GENERATE_IV;
1146         } else {
1147                 if (!IS_STARTED(ar)) {
1148                         /* The device is gone... together with the key ;-) */
1149                         err = 0;
1150                         goto out;
1151                 }
1152
1153                 if (key->hw_key_idx < 64) {
1154                         ar->usedkeys &= ~BIT(key->hw_key_idx);
1155                 } else {
1156                         err = carl9170_upload_key(ar, key->hw_key_idx, NULL,
1157                                                   AR9170_ENC_ALG_NONE, 0,
1158                                                   NULL, 0);
1159                         if (err)
1160                                 goto out;
1161
1162                         if (key->cipher == WLAN_CIPHER_SUITE_TKIP) {
1163                                 err = carl9170_upload_key(ar, key->hw_key_idx,
1164                                                           NULL,
1165                                                           AR9170_ENC_ALG_NONE,
1166                                                           1, NULL, 0);
1167                                 if (err)
1168                                         goto out;
1169                         }
1170
1171                 }
1172
1173                 err = carl9170_disable_key(ar, key->hw_key_idx);
1174                 if (err)
1175                         goto out;
1176         }
1177
1178 out:
1179         mutex_unlock(&ar->mutex);
1180         return err;
1181
1182 err_softw:
1183         if (!ar->rx_software_decryption) {
1184                 ar->rx_software_decryption = true;
1185                 carl9170_set_operating_mode(ar);
1186         }
1187         mutex_unlock(&ar->mutex);
1188         return -ENOSPC;
1189 }
1190
1191 static int carl9170_op_sta_add(struct ieee80211_hw *hw,
1192                                struct ieee80211_vif *vif,
1193                                struct ieee80211_sta *sta)
1194 {
1195         struct carl9170_sta_info *sta_info = (void *) sta->drv_priv;
1196         unsigned int i;
1197
1198         atomic_set(&sta_info->pending_frames, 0);
1199
1200         if (sta->ht_cap.ht_supported) {
1201                 if (sta->ht_cap.ampdu_density > 6) {
1202                         /*
1203                          * HW does support 16us AMPDU density.
1204                          * No HT-Xmit for station.
1205                          */
1206
1207                         return 0;
1208                 }
1209
1210                 for (i = 0; i < CARL9170_NUM_TID; i++)
1211                         rcu_assign_pointer(sta_info->agg[i], NULL);
1212
1213                 sta_info->ampdu_max_len = 1 << (3 + sta->ht_cap.ampdu_factor);
1214                 sta_info->ht_sta = true;
1215         }
1216
1217         return 0;
1218 }
1219
1220 static int carl9170_op_sta_remove(struct ieee80211_hw *hw,
1221                                 struct ieee80211_vif *vif,
1222                                 struct ieee80211_sta *sta)
1223 {
1224         struct ar9170 *ar = hw->priv;
1225         struct carl9170_sta_info *sta_info = (void *) sta->drv_priv;
1226         unsigned int i;
1227         bool cleanup = false;
1228
1229         if (sta->ht_cap.ht_supported) {
1230
1231                 sta_info->ht_sta = false;
1232
1233                 rcu_read_lock();
1234                 for (i = 0; i < CARL9170_NUM_TID; i++) {
1235                         struct carl9170_sta_tid *tid_info;
1236
1237                         tid_info = rcu_dereference(sta_info->agg[i]);
1238                         rcu_assign_pointer(sta_info->agg[i], NULL);
1239
1240                         if (!tid_info)
1241                                 continue;
1242
1243                         spin_lock_bh(&ar->tx_ampdu_list_lock);
1244                         if (tid_info->state > CARL9170_TID_STATE_SHUTDOWN)
1245                                 tid_info->state = CARL9170_TID_STATE_SHUTDOWN;
1246                         spin_unlock_bh(&ar->tx_ampdu_list_lock);
1247                         cleanup = true;
1248                 }
1249                 rcu_read_unlock();
1250
1251                 if (cleanup)
1252                         carl9170_ampdu_gc(ar);
1253         }
1254
1255         return 0;
1256 }
1257
1258 static int carl9170_op_conf_tx(struct ieee80211_hw *hw, u16 queue,
1259                                const struct ieee80211_tx_queue_params *param)
1260 {
1261         struct ar9170 *ar = hw->priv;
1262         int ret;
1263
1264         mutex_lock(&ar->mutex);
1265         if (queue < ar->hw->queues) {
1266                 memcpy(&ar->edcf[ar9170_qmap[queue]], param, sizeof(*param));
1267                 ret = carl9170_set_qos(ar);
1268         } else {
1269                 ret = -EINVAL;
1270         }
1271
1272         mutex_unlock(&ar->mutex);
1273         return ret;
1274 }
1275
1276 static void carl9170_ampdu_work(struct work_struct *work)
1277 {
1278         struct ar9170 *ar = container_of(work, struct ar9170,
1279                                          ampdu_work);
1280
1281         if (!IS_STARTED(ar))
1282                 return;
1283
1284         mutex_lock(&ar->mutex);
1285         carl9170_ampdu_gc(ar);
1286         mutex_unlock(&ar->mutex);
1287 }
1288
1289 static int carl9170_op_ampdu_action(struct ieee80211_hw *hw,
1290                                     struct ieee80211_vif *vif,
1291                                     enum ieee80211_ampdu_mlme_action action,
1292                                     struct ieee80211_sta *sta,
1293                                     u16 tid, u16 *ssn, u8 buf_size)
1294 {
1295         struct ar9170 *ar = hw->priv;
1296         struct carl9170_sta_info *sta_info = (void *) sta->drv_priv;
1297         struct carl9170_sta_tid *tid_info;
1298
1299         if (modparam_noht)
1300                 return -EOPNOTSUPP;
1301
1302         switch (action) {
1303         case IEEE80211_AMPDU_TX_START:
1304                 if (!sta_info->ht_sta)
1305                         return -EOPNOTSUPP;
1306
1307                 rcu_read_lock();
1308                 if (rcu_dereference(sta_info->agg[tid])) {
1309                         rcu_read_unlock();
1310                         return -EBUSY;
1311                 }
1312
1313                 tid_info = kzalloc(sizeof(struct carl9170_sta_tid),
1314                                    GFP_ATOMIC);
1315                 if (!tid_info) {
1316                         rcu_read_unlock();
1317                         return -ENOMEM;
1318                 }
1319
1320                 tid_info->hsn = tid_info->bsn = tid_info->snx = (*ssn);
1321                 tid_info->state = CARL9170_TID_STATE_PROGRESS;
1322                 tid_info->tid = tid;
1323                 tid_info->max = sta_info->ampdu_max_len;
1324
1325                 INIT_LIST_HEAD(&tid_info->list);
1326                 INIT_LIST_HEAD(&tid_info->tmp_list);
1327                 skb_queue_head_init(&tid_info->queue);
1328                 spin_lock_init(&tid_info->lock);
1329
1330                 spin_lock_bh(&ar->tx_ampdu_list_lock);
1331                 ar->tx_ampdu_list_len++;
1332                 list_add_tail_rcu(&tid_info->list, &ar->tx_ampdu_list);
1333                 rcu_assign_pointer(sta_info->agg[tid], tid_info);
1334                 spin_unlock_bh(&ar->tx_ampdu_list_lock);
1335                 rcu_read_unlock();
1336
1337                 ieee80211_start_tx_ba_cb_irqsafe(vif, sta->addr, tid);
1338                 break;
1339
1340         case IEEE80211_AMPDU_TX_STOP:
1341                 rcu_read_lock();
1342                 tid_info = rcu_dereference(sta_info->agg[tid]);
1343                 if (tid_info) {
1344                         spin_lock_bh(&ar->tx_ampdu_list_lock);
1345                         if (tid_info->state > CARL9170_TID_STATE_SHUTDOWN)
1346                                 tid_info->state = CARL9170_TID_STATE_SHUTDOWN;
1347                         spin_unlock_bh(&ar->tx_ampdu_list_lock);
1348                 }
1349
1350                 rcu_assign_pointer(sta_info->agg[tid], NULL);
1351                 rcu_read_unlock();
1352
1353                 ieee80211_stop_tx_ba_cb_irqsafe(vif, sta->addr, tid);
1354                 ieee80211_queue_work(ar->hw, &ar->ampdu_work);
1355                 break;
1356
1357         case IEEE80211_AMPDU_TX_OPERATIONAL:
1358                 rcu_read_lock();
1359                 tid_info = rcu_dereference(sta_info->agg[tid]);
1360
1361                 sta_info->stats[tid].clear = true;
1362                 sta_info->stats[tid].req = false;
1363
1364                 if (tid_info) {
1365                         bitmap_zero(tid_info->bitmap, CARL9170_BAW_SIZE);
1366                         tid_info->state = CARL9170_TID_STATE_IDLE;
1367                 }
1368                 rcu_read_unlock();
1369
1370                 if (WARN_ON_ONCE(!tid_info))
1371                         return -EFAULT;
1372
1373                 break;
1374
1375         case IEEE80211_AMPDU_RX_START:
1376         case IEEE80211_AMPDU_RX_STOP:
1377                 /* Handled by hardware */
1378                 break;
1379
1380         default:
1381                 return -EOPNOTSUPP;
1382         }
1383
1384         return 0;
1385 }
1386
1387 #ifdef CONFIG_CARL9170_WPC
1388 static int carl9170_register_wps_button(struct ar9170 *ar)
1389 {
1390         struct input_dev *input;
1391         int err;
1392
1393         if (!(ar->features & CARL9170_WPS_BUTTON))
1394                 return 0;
1395
1396         input = input_allocate_device();
1397         if (!input)
1398                 return -ENOMEM;
1399
1400         snprintf(ar->wps.name, sizeof(ar->wps.name), "%s WPS Button",
1401                  wiphy_name(ar->hw->wiphy));
1402
1403         snprintf(ar->wps.phys, sizeof(ar->wps.phys),
1404                  "ieee80211/%s/input0", wiphy_name(ar->hw->wiphy));
1405
1406         input->name = ar->wps.name;
1407         input->phys = ar->wps.phys;
1408         input->id.bustype = BUS_USB;
1409         input->dev.parent = &ar->hw->wiphy->dev;
1410
1411         input_set_capability(input, EV_KEY, KEY_WPS_BUTTON);
1412
1413         err = input_register_device(input);
1414         if (err) {
1415                 input_free_device(input);
1416                 return err;
1417         }
1418
1419         ar->wps.pbc = input;
1420         return 0;
1421 }
1422 #endif /* CONFIG_CARL9170_WPC */
1423
1424 static int carl9170_op_get_survey(struct ieee80211_hw *hw, int idx,
1425                                 struct survey_info *survey)
1426 {
1427         struct ar9170 *ar = hw->priv;
1428         int err;
1429
1430         if (idx != 0)
1431                 return -ENOENT;
1432
1433         mutex_lock(&ar->mutex);
1434         err = carl9170_get_noisefloor(ar);
1435         mutex_unlock(&ar->mutex);
1436         if (err)
1437                 return err;
1438
1439         survey->channel = ar->channel;
1440         survey->filled = SURVEY_INFO_NOISE_DBM;
1441         survey->noise = ar->noise[0];
1442         return 0;
1443 }
1444
1445 static void carl9170_op_flush(struct ieee80211_hw *hw, bool drop)
1446 {
1447         struct ar9170 *ar = hw->priv;
1448         unsigned int vid;
1449
1450         mutex_lock(&ar->mutex);
1451         for_each_set_bit(vid, &ar->vif_bitmap, ar->fw.vif_num)
1452                 carl9170_flush_cab(ar, vid);
1453
1454         carl9170_flush(ar, drop);
1455         mutex_unlock(&ar->mutex);
1456 }
1457
1458 static int carl9170_op_get_stats(struct ieee80211_hw *hw,
1459                                  struct ieee80211_low_level_stats *stats)
1460 {
1461         struct ar9170 *ar = hw->priv;
1462
1463         memset(stats, 0, sizeof(*stats));
1464         stats->dot11ACKFailureCount = ar->tx_ack_failures;
1465         stats->dot11FCSErrorCount = ar->tx_fcs_errors;
1466         return 0;
1467 }
1468
1469 static void carl9170_op_sta_notify(struct ieee80211_hw *hw,
1470                                    struct ieee80211_vif *vif,
1471                                    enum sta_notify_cmd cmd,
1472                                    struct ieee80211_sta *sta)
1473 {
1474         struct carl9170_sta_info *sta_info = (void *) sta->drv_priv;
1475
1476         switch (cmd) {
1477         case STA_NOTIFY_SLEEP:
1478                 sta_info->sleeping = true;
1479                 if (atomic_read(&sta_info->pending_frames))
1480                         ieee80211_sta_block_awake(hw, sta, true);
1481                 break;
1482
1483         case STA_NOTIFY_AWAKE:
1484                 sta_info->sleeping = false;
1485                 break;
1486         }
1487 }
1488
1489 static bool carl9170_tx_frames_pending(struct ieee80211_hw *hw)
1490 {
1491         struct ar9170 *ar = hw->priv;
1492
1493         return !!atomic_read(&ar->tx_total_queued);
1494 }
1495
1496 static const struct ieee80211_ops carl9170_ops = {
1497         .start                  = carl9170_op_start,
1498         .stop                   = carl9170_op_stop,
1499         .tx                     = carl9170_op_tx,
1500         .flush                  = carl9170_op_flush,
1501         .add_interface          = carl9170_op_add_interface,
1502         .remove_interface       = carl9170_op_remove_interface,
1503         .config                 = carl9170_op_config,
1504         .prepare_multicast      = carl9170_op_prepare_multicast,
1505         .configure_filter       = carl9170_op_configure_filter,
1506         .conf_tx                = carl9170_op_conf_tx,
1507         .bss_info_changed       = carl9170_op_bss_info_changed,
1508         .get_tsf                = carl9170_op_get_tsf,
1509         .set_key                = carl9170_op_set_key,
1510         .sta_add                = carl9170_op_sta_add,
1511         .sta_remove             = carl9170_op_sta_remove,
1512         .sta_notify             = carl9170_op_sta_notify,
1513         .get_survey             = carl9170_op_get_survey,
1514         .get_stats              = carl9170_op_get_stats,
1515         .ampdu_action           = carl9170_op_ampdu_action,
1516         .tx_frames_pending      = carl9170_tx_frames_pending,
1517 };
1518
1519 void *carl9170_alloc(size_t priv_size)
1520 {
1521         struct ieee80211_hw *hw;
1522         struct ar9170 *ar;
1523         struct sk_buff *skb;
1524         int i;
1525
1526         /*
1527          * this buffer is used for rx stream reconstruction.
1528          * Under heavy load this device (or the transport layer?)
1529          * tends to split the streams into separate rx descriptors.
1530          */
1531
1532         skb = __dev_alloc_skb(AR9170_RX_STREAM_MAX_SIZE, GFP_KERNEL);
1533         if (!skb)
1534                 goto err_nomem;
1535
1536         hw = ieee80211_alloc_hw(priv_size, &carl9170_ops);
1537         if (!hw)
1538                 goto err_nomem;
1539
1540         ar = hw->priv;
1541         ar->hw = hw;
1542         ar->rx_failover = skb;
1543
1544         memset(&ar->rx_plcp, 0, sizeof(struct ar9170_rx_head));
1545         ar->rx_has_plcp = false;
1546
1547         /*
1548          * Here's a hidden pitfall!
1549          *
1550          * All 4 AC queues work perfectly well under _legacy_ operation.
1551          * However as soon as aggregation is enabled, the traffic flow
1552          * gets very bumpy. Therefore we have to _switch_ to a
1553          * software AC with a single HW queue.
1554          */
1555         hw->queues = __AR9170_NUM_TXQ;
1556
1557         mutex_init(&ar->mutex);
1558         spin_lock_init(&ar->beacon_lock);
1559         spin_lock_init(&ar->cmd_lock);
1560         spin_lock_init(&ar->tx_stats_lock);
1561         spin_lock_init(&ar->tx_ampdu_list_lock);
1562         spin_lock_init(&ar->mem_lock);
1563         spin_lock_init(&ar->state_lock);
1564         atomic_set(&ar->pending_restarts, 0);
1565         ar->vifs = 0;
1566         for (i = 0; i < ar->hw->queues; i++) {
1567                 skb_queue_head_init(&ar->tx_status[i]);
1568                 skb_queue_head_init(&ar->tx_pending[i]);
1569         }
1570         INIT_WORK(&ar->ps_work, carl9170_ps_work);
1571         INIT_WORK(&ar->ping_work, carl9170_ping_work);
1572         INIT_WORK(&ar->restart_work, carl9170_restart_work);
1573         INIT_WORK(&ar->ampdu_work, carl9170_ampdu_work);
1574         INIT_DELAYED_WORK(&ar->tx_janitor, carl9170_tx_janitor);
1575         INIT_LIST_HEAD(&ar->tx_ampdu_list);
1576         rcu_assign_pointer(ar->tx_ampdu_iter,
1577                            (struct carl9170_sta_tid *) &ar->tx_ampdu_list);
1578
1579         bitmap_zero(&ar->vif_bitmap, ar->fw.vif_num);
1580         INIT_LIST_HEAD(&ar->vif_list);
1581         init_completion(&ar->tx_flush);
1582
1583         /* firmware decides which modes we support */
1584         hw->wiphy->interface_modes = 0;
1585
1586         hw->flags |= IEEE80211_HW_RX_INCLUDES_FCS |
1587                      IEEE80211_HW_REPORTS_TX_ACK_STATUS |
1588                      IEEE80211_HW_SUPPORTS_PS |
1589                      IEEE80211_HW_PS_NULLFUNC_STACK |
1590                      IEEE80211_HW_NEED_DTIM_PERIOD |
1591                      IEEE80211_HW_SIGNAL_DBM;
1592
1593         if (!modparam_noht) {
1594                 /*
1595                  * see the comment above, why we allow the user
1596                  * to disable HT by a module parameter.
1597                  */
1598                 hw->flags |= IEEE80211_HW_AMPDU_AGGREGATION;
1599         }
1600
1601         hw->extra_tx_headroom = sizeof(struct _carl9170_tx_superframe);
1602         hw->sta_data_size = sizeof(struct carl9170_sta_info);
1603         hw->vif_data_size = sizeof(struct carl9170_vif_info);
1604
1605         hw->max_rates = CARL9170_TX_MAX_RATES;
1606         hw->max_rate_tries = CARL9170_TX_USER_RATE_TRIES;
1607
1608         for (i = 0; i < ARRAY_SIZE(ar->noise); i++)
1609                 ar->noise[i] = -95; /* ATH_DEFAULT_NOISE_FLOOR */
1610
1611         hw->wiphy->flags &= ~WIPHY_FLAG_PS_ON_BY_DEFAULT;
1612         return ar;
1613
1614 err_nomem:
1615         kfree_skb(skb);
1616         return ERR_PTR(-ENOMEM);
1617 }
1618
1619 static int carl9170_read_eeprom(struct ar9170 *ar)
1620 {
1621 #define RW      8       /* number of words to read at once */
1622 #define RB      (sizeof(u32) * RW)
1623         u8 *eeprom = (void *)&ar->eeprom;
1624         __le32 offsets[RW];
1625         int i, j, err;
1626
1627         BUILD_BUG_ON(sizeof(ar->eeprom) & 3);
1628
1629         BUILD_BUG_ON(RB > CARL9170_MAX_CMD_LEN - 4);
1630 #ifndef __CHECKER__
1631         /* don't want to handle trailing remains */
1632         BUILD_BUG_ON(sizeof(ar->eeprom) % RB);
1633 #endif
1634
1635         for (i = 0; i < sizeof(ar->eeprom) / RB; i++) {
1636                 for (j = 0; j < RW; j++)
1637                         offsets[j] = cpu_to_le32(AR9170_EEPROM_START +
1638                                                  RB * i + 4 * j);
1639
1640                 err = carl9170_exec_cmd(ar, CARL9170_CMD_RREG,
1641                                         RB, (u8 *) &offsets,
1642                                         RB, eeprom + RB * i);
1643                 if (err)
1644                         return err;
1645         }
1646
1647 #undef RW
1648 #undef RB
1649         return 0;
1650 }
1651
1652 static int carl9170_parse_eeprom(struct ar9170 *ar)
1653 {
1654         struct ath_regulatory *regulatory = &ar->common.regulatory;
1655         unsigned int rx_streams, tx_streams, tx_params = 0;
1656         int bands = 0;
1657
1658         if (ar->eeprom.length == cpu_to_le16(0xffff))
1659                 return -ENODATA;
1660
1661         rx_streams = hweight8(ar->eeprom.rx_mask);
1662         tx_streams = hweight8(ar->eeprom.tx_mask);
1663
1664         if (rx_streams != tx_streams) {
1665                 tx_params = IEEE80211_HT_MCS_TX_RX_DIFF;
1666
1667                 WARN_ON(!(tx_streams >= 1 && tx_streams <=
1668                         IEEE80211_HT_MCS_TX_MAX_STREAMS));
1669
1670                 tx_params = (tx_streams - 1) <<
1671                             IEEE80211_HT_MCS_TX_MAX_STREAMS_SHIFT;
1672
1673                 carl9170_band_2GHz.ht_cap.mcs.tx_params |= tx_params;
1674                 carl9170_band_5GHz.ht_cap.mcs.tx_params |= tx_params;
1675         }
1676
1677         if (ar->eeprom.operating_flags & AR9170_OPFLAG_2GHZ) {
1678                 ar->hw->wiphy->bands[IEEE80211_BAND_2GHZ] =
1679                         &carl9170_band_2GHz;
1680                 bands++;
1681         }
1682         if (ar->eeprom.operating_flags & AR9170_OPFLAG_5GHZ) {
1683                 ar->hw->wiphy->bands[IEEE80211_BAND_5GHZ] =
1684                         &carl9170_band_5GHz;
1685                 bands++;
1686         }
1687
1688         /*
1689          * I measured this, a bandswitch takes roughly
1690          * 135 ms and a frequency switch about 80.
1691          *
1692          * FIXME: measure these values again once EEPROM settings
1693          *        are used, that will influence them!
1694          */
1695         if (bands == 2)
1696                 ar->hw->channel_change_time = 135 * 1000;
1697         else
1698                 ar->hw->channel_change_time = 80 * 1000;
1699
1700         regulatory->current_rd = le16_to_cpu(ar->eeprom.reg_domain[0]);
1701         regulatory->current_rd_ext = le16_to_cpu(ar->eeprom.reg_domain[1]);
1702
1703         /* second part of wiphy init */
1704         SET_IEEE80211_PERM_ADDR(ar->hw, ar->eeprom.mac_address);
1705
1706         return bands ? 0 : -EINVAL;
1707 }
1708
1709 static int carl9170_reg_notifier(struct wiphy *wiphy,
1710                                  struct regulatory_request *request)
1711 {
1712         struct ieee80211_hw *hw = wiphy_to_ieee80211_hw(wiphy);
1713         struct ar9170 *ar = hw->priv;
1714
1715         return ath_reg_notifier_apply(wiphy, request, &ar->common.regulatory);
1716 }
1717
1718 int carl9170_register(struct ar9170 *ar)
1719 {
1720         struct ath_regulatory *regulatory = &ar->common.regulatory;
1721         int err = 0, i;
1722
1723         if (WARN_ON(ar->mem_bitmap))
1724                 return -EINVAL;
1725
1726         ar->mem_bitmap = kzalloc(roundup(ar->fw.mem_blocks, BITS_PER_LONG) *
1727                                  sizeof(unsigned long), GFP_KERNEL);
1728
1729         if (!ar->mem_bitmap)
1730                 return -ENOMEM;
1731
1732         /* try to read EEPROM, init MAC addr */
1733         err = carl9170_read_eeprom(ar);
1734         if (err)
1735                 return err;
1736
1737         err = carl9170_fw_fix_eeprom(ar);
1738         if (err)
1739                 return err;
1740
1741         err = carl9170_parse_eeprom(ar);
1742         if (err)
1743                 return err;
1744
1745         err = ath_regd_init(regulatory, ar->hw->wiphy,
1746                             carl9170_reg_notifier);
1747         if (err)
1748                 return err;
1749
1750         if (modparam_noht) {
1751                 carl9170_band_2GHz.ht_cap.ht_supported = false;
1752                 carl9170_band_5GHz.ht_cap.ht_supported = false;
1753         }
1754
1755         for (i = 0; i < ar->fw.vif_num; i++) {
1756                 ar->vif_priv[i].id = i;
1757                 ar->vif_priv[i].vif = NULL;
1758         }
1759
1760         err = ieee80211_register_hw(ar->hw);
1761         if (err)
1762                 return err;
1763
1764         /* mac80211 interface is now registered */
1765         ar->registered = true;
1766
1767         if (!ath_is_world_regd(regulatory))
1768                 regulatory_hint(ar->hw->wiphy, regulatory->alpha2);
1769
1770 #ifdef CONFIG_CARL9170_DEBUGFS
1771         carl9170_debugfs_register(ar);
1772 #endif /* CONFIG_CARL9170_DEBUGFS */
1773
1774         err = carl9170_led_init(ar);
1775         if (err)
1776                 goto err_unreg;
1777
1778 #ifdef CONFIG_CARL9170_LEDS
1779         err = carl9170_led_register(ar);
1780         if (err)
1781                 goto err_unreg;
1782 #endif /* CONFIG_CARL9170_LEDS */
1783
1784 #ifdef CONFIG_CARL9170_WPC
1785         err = carl9170_register_wps_button(ar);
1786         if (err)
1787                 goto err_unreg;
1788 #endif /* CONFIG_CARL9170_WPC */
1789
1790         dev_info(&ar->udev->dev, "Atheros AR9170 is registered as '%s'\n",
1791                  wiphy_name(ar->hw->wiphy));
1792
1793         return 0;
1794
1795 err_unreg:
1796         carl9170_unregister(ar);
1797         return err;
1798 }
1799
1800 void carl9170_unregister(struct ar9170 *ar)
1801 {
1802         if (!ar->registered)
1803                 return;
1804
1805         ar->registered = false;
1806
1807 #ifdef CONFIG_CARL9170_LEDS
1808         carl9170_led_unregister(ar);
1809 #endif /* CONFIG_CARL9170_LEDS */
1810
1811 #ifdef CONFIG_CARL9170_DEBUGFS
1812         carl9170_debugfs_unregister(ar);
1813 #endif /* CONFIG_CARL9170_DEBUGFS */
1814
1815 #ifdef CONFIG_CARL9170_WPC
1816         if (ar->wps.pbc) {
1817                 input_unregister_device(ar->wps.pbc);
1818                 ar->wps.pbc = NULL;
1819         }
1820 #endif /* CONFIG_CARL9170_WPC */
1821
1822         carl9170_cancel_worker(ar);
1823         cancel_work_sync(&ar->restart_work);
1824
1825         ieee80211_unregister_hw(ar->hw);
1826 }
1827
1828 void carl9170_free(struct ar9170 *ar)
1829 {
1830         WARN_ON(ar->registered);
1831         WARN_ON(IS_INITIALIZED(ar));
1832
1833         kfree_skb(ar->rx_failover);
1834         ar->rx_failover = NULL;
1835
1836         kfree(ar->mem_bitmap);
1837         ar->mem_bitmap = NULL;
1838
1839         mutex_destroy(&ar->mutex);
1840
1841         ieee80211_free_hw(ar->hw);
1842 }