carl9170: mac80211 glue and command interface
Christian Lamparter [Sun, 5 Sep 2010 22:48:55 +0000 (00:48 +0200)]
Signed-off-by: Christian Lamparter <chunkeey@googlemail.com>
Signed-off-by: John W. Linville <linville@tuxdriver.com>

drivers/net/wireless/ath/carl9170/carl9170.h [new file with mode: 0644]
drivers/net/wireless/ath/carl9170/cmd.c [new file with mode: 0644]
drivers/net/wireless/ath/carl9170/cmd.h [new file with mode: 0644]
drivers/net/wireless/ath/carl9170/led.c [new file with mode: 0644]
drivers/net/wireless/ath/carl9170/main.c [new file with mode: 0644]
drivers/net/wireless/ath/carl9170/version.h [new file with mode: 0644]

diff --git a/drivers/net/wireless/ath/carl9170/carl9170.h b/drivers/net/wireless/ath/carl9170/carl9170.h
new file mode 100644 (file)
index 0000000..9f1d603
--- /dev/null
@@ -0,0 +1,626 @@
+/*
+ * Atheros CARL9170 driver
+ *
+ * Driver specific definitions
+ *
+ * Copyright 2008, Johannes Berg <johannes@sipsolutions.net>
+ * Copyright 2009, 2010, Christian Lamparter <chunkeey@googlemail.com>
+ *
+ * This program is free software; you can redistribute it and/or modify
+ * it under the terms of the GNU General Public License as published by
+ * the Free Software Foundation; either version 2 of the License, or
+ * (at your option) any later version.
+ *
+ * This program is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+ * GNU General Public License for more details.
+ *
+ * You should have received a copy of the GNU General Public License
+ * along with this program; see the file COPYING.  If not, see
+ * http://www.gnu.org/licenses/.
+ *
+ * This file incorporates work covered by the following copyright and
+ * permission notice:
+ *    Copyright (c) 2007-2008 Atheros Communications, Inc.
+ *
+ *    Permission to use, copy, modify, and/or distribute this software for any
+ *    purpose with or without fee is hereby granted, provided that the above
+ *    copyright notice and this permission notice appear in all copies.
+ *
+ *    THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES
+ *    WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF
+ *    MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR
+ *    ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES
+ *    WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN
+ *    ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF
+ *    OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE.
+ */
+#ifndef __CARL9170_H
+#define __CARL9170_H
+
+#include <linux/kernel.h>
+#include <linux/firmware.h>
+#include <linux/completion.h>
+#include <linux/spinlock.h>
+#include <net/cfg80211.h>
+#include <net/mac80211.h>
+#include <linux/usb.h>
+#ifdef CONFIG_CARL9170_LEDS
+#include <linux/leds.h>
+#endif /* CONFIG_CARL170_LEDS */
+#ifdef CONFIG_CARL9170_WPC
+#include <linux/input.h>
+#endif /* CONFIG_CARL9170_WPC */
+#include "eeprom.h"
+#include "wlan.h"
+#include "hw.h"
+#include "fwdesc.h"
+#include "fwcmd.h"
+#include "../regd.h"
+
+#ifdef CONFIG_CARL9170_DEBUGFS
+#include "debug.h"
+#endif /* CONFIG_CARL9170_DEBUGFS */
+
+#define CARL9170FW_NAME        "carl9170-1.fw"
+
+#define PAYLOAD_MAX    (CARL9170_MAX_CMD_LEN / 4 - 1)
+
+enum carl9170_rf_init_mode {
+       CARL9170_RFI_NONE,
+       CARL9170_RFI_WARM,
+       CARL9170_RFI_COLD,
+};
+
+#define CARL9170_MAX_RX_BUFFER_SIZE            8192
+
+enum carl9170_device_state {
+       CARL9170_UNKNOWN_STATE,
+       CARL9170_STOPPED,
+       CARL9170_IDLE,
+       CARL9170_STARTED,
+};
+
+#define CARL9170_NUM_TID               16
+#define WME_BA_BMP_SIZE                        64
+#define CARL9170_TX_USER_RATE_TRIES    3
+
+#define WME_AC_BE   2
+#define WME_AC_BK   3
+#define WME_AC_VI   1
+#define WME_AC_VO   0
+
+#define TID_TO_WME_AC(_tid)                            \
+       ((((_tid) == 0) || ((_tid) == 3)) ? WME_AC_BE : \
+        (((_tid) == 1) || ((_tid) == 2)) ? WME_AC_BK : \
+        (((_tid) == 4) || ((_tid) == 5)) ? WME_AC_VI : \
+        WME_AC_VO)
+
+#define SEQ_DIFF(_start, _seq) \
+       (((_start) - (_seq)) & 0x0fff)
+#define SEQ_PREV(_seq) \
+       (((_seq) - 1) & 0x0fff)
+#define SEQ_NEXT(_seq) \
+       (((_seq) + 1) & 0x0fff)
+#define BAW_WITHIN(_start, _bawsz, _seqno) \
+       ((((_seqno) - (_start)) & 0xfff) < (_bawsz))
+
+enum carl9170_tid_state {
+       CARL9170_TID_STATE_INVALID,
+       CARL9170_TID_STATE_KILLED,
+       CARL9170_TID_STATE_SHUTDOWN,
+       CARL9170_TID_STATE_SUSPEND,
+       CARL9170_TID_STATE_PROGRESS,
+       CARL9170_TID_STATE_IDLE,
+       CARL9170_TID_STATE_XMIT,
+};
+
+#define CARL9170_BAW_BITS (2 * WME_BA_BMP_SIZE)
+#define CARL9170_BAW_SIZE (BITS_TO_LONGS(CARL9170_BAW_BITS))
+#define CARL9170_BAW_LEN (DIV_ROUND_UP(CARL9170_BAW_BITS, BITS_PER_BYTE))
+
+struct carl9170_sta_tid {
+       /* must be the first entry! */
+       struct list_head list;
+
+       /* temporary list for RCU unlink procedure */
+       struct list_head tmp_list;
+
+       /* lock for the following data structures */
+       spinlock_t lock;
+
+       unsigned int counter;
+       enum carl9170_tid_state state;
+       u8 tid;         /* TID number ( 0 - 15 ) */
+       u16 max;        /* max. AMPDU size */
+
+       u16 snx;        /* awaiting _next_ frame */
+       u16 hsn;        /* highest _queued_ sequence */
+       u16 bsn;        /* base of the tx/agg bitmap */
+       unsigned long bitmap[CARL9170_BAW_SIZE];
+
+       /* Preaggregation reorder queue */
+       struct sk_buff_head queue;
+};
+
+#define CARL9170_QUEUE_TIMEOUT         256
+#define CARL9170_BUMP_QUEUE            1000
+#define CARL9170_TX_TIMEOUT            2500
+#define CARL9170_JANITOR_DELAY         128
+#define CARL9170_QUEUE_STUCK_TIMEOUT   5500
+
+#define CARL9170_NUM_TX_AGG_MAX                30
+
+/*
+ * Tradeoff between stability/latency and speed.
+ *
+ * AR9170_TXQ_DEPTH is devised by dividing the amount of available
+ * tx buffers with the size of a full ethernet frame + overhead.
+ *
+ * Naturally: The higher the limit, the faster the device CAN send.
+ * However, even a slight over-commitment at the wrong time and the
+ * hardware is doomed to send all already-queued frames at suboptimal
+ * rates. This in turn leads to an enourmous amount of unsuccessful
+ * retries => Latency goes up, whereas the throughput goes down. CRASH!
+ */
+#define CARL9170_NUM_TX_LIMIT_HARD     ((AR9170_TXQ_DEPTH * 3) / 2)
+#define CARL9170_NUM_TX_LIMIT_SOFT     (AR9170_TXQ_DEPTH)
+
+struct carl9170_tx_queue_stats {
+       unsigned int count;
+       unsigned int limit;
+       unsigned int len;
+};
+
+struct carl9170_vif {
+       unsigned int id;
+       struct ieee80211_vif *vif;
+};
+
+struct carl9170_vif_info {
+       struct list_head list;
+       bool active;
+       unsigned int id;
+       struct sk_buff *beacon;
+       bool enable_beacon;
+};
+
+#define AR9170_NUM_RX_URBS     16
+#define AR9170_NUM_RX_URBS_MUL 2
+#define AR9170_NUM_TX_URBS     8
+#define AR9170_NUM_RX_URBS_POOL (AR9170_NUM_RX_URBS_MUL * AR9170_NUM_RX_URBS)
+
+enum carl9170_device_features {
+       CARL9170_WPS_BUTTON             = BIT(0),
+       CARL9170_ONE_LED                = BIT(1),
+};
+
+#ifdef CONFIG_CARL9170_LEDS
+struct ar9170;
+
+struct carl9170_led {
+       struct ar9170 *ar;
+       struct led_classdev l;
+       char name[32];
+       unsigned int toggled;
+       bool last_state;
+       bool registered;
+};
+#endif /* CONFIG_CARL9170_LEDS */
+
+enum carl9170_restart_reasons {
+       CARL9170_RR_NO_REASON = 0,
+       CARL9170_RR_FATAL_FIRMWARE_ERROR,
+       CARL9170_RR_TOO_MANY_FIRMWARE_ERRORS,
+       CARL9170_RR_WATCHDOG,
+       CARL9170_RR_STUCK_TX,
+       CARL9170_RR_SLOW_SYSTEM,
+       CARL9170_RR_COMMAND_TIMEOUT,
+       CARL9170_RR_TOO_MANY_PHY_ERRORS,
+       CARL9170_RR_LOST_RSP,
+       CARL9170_RR_INVALID_RSP,
+       CARL9170_RR_USER_REQUEST,
+
+       __CARL9170_RR_LAST,
+};
+
+enum carl9170_erp_modes {
+       CARL9170_ERP_INVALID,
+       CARL9170_ERP_AUTO,
+       CARL9170_ERP_MAC80211,
+       CARL9170_ERP_OFF,
+       CARL9170_ERP_CTS,
+       CARL9170_ERP_RTS,
+       __CARL9170_ERP_NUM,
+};
+
+struct ar9170 {
+       struct ath_common common;
+       struct ieee80211_hw *hw;
+       struct mutex mutex;
+       enum carl9170_device_state state;
+       spinlock_t state_lock;
+       enum carl9170_restart_reasons last_reason;
+       bool registered;
+
+       /* USB */
+       struct usb_device *udev;
+       struct usb_interface *intf;
+       struct usb_anchor rx_anch;
+       struct usb_anchor rx_work;
+       struct usb_anchor rx_pool;
+       struct usb_anchor tx_wait;
+       struct usb_anchor tx_anch;
+       struct usb_anchor tx_cmd;
+       struct usb_anchor tx_err;
+       struct tasklet_struct usb_tasklet;
+       atomic_t tx_cmd_urbs;
+       atomic_t tx_anch_urbs;
+       atomic_t rx_anch_urbs;
+       atomic_t rx_work_urbs;
+       atomic_t rx_pool_urbs;
+       kernel_ulong_t features;
+
+       /* firmware settings */
+       struct completion fw_load_wait;
+       struct completion fw_boot_wait;
+       struct {
+               const struct carl9170fw_desc_head *desc;
+               const struct firmware *fw;
+               unsigned int offset;
+               unsigned int address;
+               unsigned int cmd_bufs;
+               unsigned int api_version;
+               unsigned int vif_num;
+               unsigned int err_counter;
+               unsigned int bug_counter;
+               u32 beacon_addr;
+               unsigned int beacon_max_len;
+               bool rx_stream;
+               bool tx_stream;
+               unsigned int mem_blocks;
+               unsigned int mem_block_size;
+               unsigned int rx_size;
+       } fw;
+
+       /* reset / stuck frames/queue detection */
+       struct work_struct restart_work;
+       unsigned int restart_counter;
+       unsigned long queue_stop_timeout[__AR9170_NUM_TXQ];
+       unsigned long max_queue_stop_timeout[__AR9170_NUM_TXQ];
+       bool needs_full_reset;
+       atomic_t pending_restarts;
+
+       /* interface mode settings */
+       struct list_head vif_list;
+       unsigned long vif_bitmap;
+       unsigned int vifs;
+       struct carl9170_vif vif_priv[AR9170_MAX_VIRTUAL_MAC];
+
+       /* beaconing */
+       spinlock_t beacon_lock;
+       unsigned int global_pretbtt;
+       unsigned int global_beacon_int;
+       struct carl9170_vif_info *beacon_iter;
+       unsigned int beacon_enabled;
+
+       /* cryptographic engine */
+       u64 usedkeys;
+       bool rx_software_decryption;
+       bool disable_offload;
+
+       /* filter settings */
+       u64 cur_mc_hash;
+       u32 cur_filter;
+       unsigned int filter_state;
+       bool sniffer_enabled;
+
+       /* MAC */
+       enum carl9170_erp_modes erp_mode;
+
+       /* PHY */
+       struct ieee80211_channel *channel;
+       int noise[6];
+       unsigned int chan_fail;
+       unsigned int total_chan_fail;
+       u8 heavy_clip;
+
+       /* power calibration data */
+       u8 power_5G_leg[4];
+       u8 power_2G_cck[4];
+       u8 power_2G_ofdm[4];
+       u8 power_5G_ht20[8];
+       u8 power_5G_ht40[8];
+       u8 power_2G_ht20[8];
+       u8 power_2G_ht40[8];
+
+#ifdef CONFIG_CARL9170_LEDS
+       /* LED */
+       struct delayed_work led_work;
+       struct carl9170_led leds[AR9170_NUM_LEDS];
+#endif /* CONFIG_CARL9170_LEDS */
+
+       /* qos queue settings */
+       spinlock_t tx_stats_lock;
+       struct carl9170_tx_queue_stats tx_stats[__AR9170_NUM_TXQ];
+       struct ieee80211_tx_queue_params edcf[5];
+       struct completion tx_flush;
+
+       /* CMD */
+       int cmd_seq;
+       int readlen;
+       u8 *readbuf;
+       spinlock_t cmd_lock;
+       struct completion cmd_wait;
+       union {
+               __le32 cmd_buf[PAYLOAD_MAX + 1];
+               struct carl9170_cmd cmd;
+               struct carl9170_rsp rsp;
+       };
+
+       /* statistics */
+       unsigned int tx_dropped;
+       unsigned int tx_ack_failures;
+       unsigned int tx_fcs_errors;
+       unsigned int tx_ampdu_timeout;
+       unsigned int rx_dropped;
+
+       /* EEPROM */
+       struct ar9170_eeprom eeprom;
+
+       /* tx queuing */
+       struct sk_buff_head tx_pending[__AR9170_NUM_TXQ];
+       struct sk_buff_head tx_status[__AR9170_NUM_TXQ];
+       struct delayed_work tx_janitor;
+       unsigned long tx_janitor_last_run;
+       bool tx_schedule;
+
+       /* tx ampdu */
+       struct work_struct ampdu_work;
+       spinlock_t tx_ampdu_list_lock;
+       struct carl9170_sta_tid *tx_ampdu_iter;
+       struct list_head tx_ampdu_list;
+       atomic_t tx_ampdu_upload;
+       atomic_t tx_ampdu_scheduler;
+       atomic_t tx_total_pending;
+       atomic_t tx_total_queued;
+       unsigned int tx_ampdu_list_len;
+       int current_density;
+       int current_factor;
+       bool tx_ampdu_schedule;
+
+       /* internal memory management */
+       spinlock_t mem_lock;
+       unsigned long *mem_bitmap;
+       atomic_t mem_free_blocks;
+       atomic_t mem_allocs;
+
+       /* rxstream mpdu merge */
+       struct ar9170_rx_head rx_plcp;
+       bool rx_has_plcp;
+       struct sk_buff *rx_failover;
+       int rx_failover_missing;
+
+#ifdef CONFIG_CARL9170_WPC
+       struct {
+               bool pbc_state;
+               struct input_dev *pbc;
+               char name[32];
+               char phys[32];
+       } wps;
+#endif /* CONFIG_CARL9170_WPC */
+
+#ifdef CONFIG_CARL9170_DEBUGFS
+       struct carl9170_debug debug;
+       struct dentry *debug_dir;
+#endif /* CONFIG_CARL9170_DEBUGFS */
+
+       /* PSM */
+       struct work_struct ps_work;
+       struct {
+               unsigned int dtim_counter;
+               unsigned long last_beacon;
+               unsigned long last_action;
+               unsigned long last_slept;
+               unsigned int sleep_ms;
+               unsigned int off_override;
+               bool state;
+       } ps;
+};
+
+enum carl9170_ps_off_override_reasons {
+       PS_OFF_VIF      = BIT(0),
+       PS_OFF_BCN      = BIT(1),
+       PS_OFF_5GHZ     = BIT(2),
+};
+
+struct carl9170_ba_stats {
+       u8 ampdu_len;
+       u8 ampdu_ack_len;
+       bool clear;
+};
+
+struct carl9170_sta_info {
+       bool ht_sta;
+       unsigned int ampdu_max_len;
+       struct carl9170_sta_tid *agg[CARL9170_NUM_TID];
+       struct carl9170_ba_stats stats[CARL9170_NUM_TID];
+};
+
+struct carl9170_tx_info {
+       unsigned long timeout;
+       struct ar9170 *ar;
+       struct kref ref;
+};
+
+#define CHK_DEV_STATE(a, s)    (((struct ar9170 *)a)->state >= (s))
+#define IS_INITIALIZED(a)      (CHK_DEV_STATE(a, CARL9170_STOPPED))
+#define IS_ACCEPTING_CMD(a)    (CHK_DEV_STATE(a, CARL9170_IDLE))
+#define IS_STARTED(a)          (CHK_DEV_STATE(a, CARL9170_STARTED))
+
+static inline void __carl9170_set_state(struct ar9170 *ar,
+       enum carl9170_device_state newstate)
+{
+       ar->state = newstate;
+}
+
+static inline void carl9170_set_state(struct ar9170 *ar,
+       enum carl9170_device_state newstate)
+{
+       unsigned long flags;
+
+       spin_lock_irqsave(&ar->state_lock, flags);
+       __carl9170_set_state(ar, newstate);
+       spin_unlock_irqrestore(&ar->state_lock, flags);
+}
+
+static inline void carl9170_set_state_when(struct ar9170 *ar,
+       enum carl9170_device_state min, enum carl9170_device_state newstate)
+{
+       unsigned long flags;
+
+       spin_lock_irqsave(&ar->state_lock, flags);
+       if (CHK_DEV_STATE(ar, min))
+               __carl9170_set_state(ar, newstate);
+       spin_unlock_irqrestore(&ar->state_lock, flags);
+}
+
+/* exported interface */
+void *carl9170_alloc(size_t priv_size);
+int carl9170_register(struct ar9170 *ar);
+void carl9170_unregister(struct ar9170 *ar);
+void carl9170_free(struct ar9170 *ar);
+void carl9170_restart(struct ar9170 *ar, const enum carl9170_restart_reasons r);
+void carl9170_ps_check(struct ar9170 *ar);
+
+/* USB back-end */
+int carl9170_usb_open(struct ar9170 *ar);
+void carl9170_usb_stop(struct ar9170 *ar);
+void carl9170_usb_tx(struct ar9170 *ar, struct sk_buff *skb);
+void carl9170_usb_handle_tx_err(struct ar9170 *ar);
+int carl9170_exec_cmd(struct ar9170 *ar, const enum carl9170_cmd_oids,
+                     u32 plen, void *payload, u32 rlen, void *resp);
+int __carl9170_exec_cmd(struct ar9170 *ar, struct carl9170_cmd *cmd,
+                       const bool free_buf);
+int carl9170_usb_restart(struct ar9170 *ar);
+void carl9170_usb_reset(struct ar9170 *ar);
+
+/* MAC */
+int carl9170_init_mac(struct ar9170 *ar);
+int carl9170_set_qos(struct ar9170 *ar);
+int carl9170_update_multicast(struct ar9170 *ar, const u64 mc_hast);
+int carl9170_mod_virtual_mac(struct ar9170 *ar, const unsigned int id,
+                            const u8 *mac);
+int carl9170_set_operating_mode(struct ar9170 *ar);
+int carl9170_set_beacon_timers(struct ar9170 *ar);
+int carl9170_set_dyn_sifs_ack(struct ar9170 *ar);
+int carl9170_set_rts_cts_rate(struct ar9170 *ar);
+int carl9170_set_ampdu_settings(struct ar9170 *ar);
+int carl9170_set_slot_time(struct ar9170 *ar);
+int carl9170_set_mac_rates(struct ar9170 *ar);
+int carl9170_set_hwretry_limit(struct ar9170 *ar, const u32 max_retry);
+int carl9170_update_beacon(struct ar9170 *ar, const bool submit);
+int carl9170_upload_key(struct ar9170 *ar, const u8 id, const u8 *mac,
+       const u8 ktype, const u8 keyidx, const u8 *keydata, const int keylen);
+int carl9170_disable_key(struct ar9170 *ar, const u8 id);
+
+/* RX */
+void carl9170_rx(struct ar9170 *ar, void *buf, unsigned int len);
+void carl9170_handle_command_response(struct ar9170 *ar, void *buf, u32 len);
+
+/* TX */
+int carl9170_op_tx(struct ieee80211_hw *hw, struct sk_buff *skb);
+void carl9170_tx_janitor(struct work_struct *work);
+void carl9170_tx_process_status(struct ar9170 *ar,
+                               const struct carl9170_rsp *cmd);
+void carl9170_tx_status(struct ar9170 *ar, struct sk_buff *skb,
+                       const bool success);
+void carl9170_tx_callback(struct ar9170 *ar, struct sk_buff *skb);
+void carl9170_tx_drop(struct ar9170 *ar, struct sk_buff *skb);
+void carl9170_tx_scheduler(struct ar9170 *ar);
+void carl9170_tx_get_skb(struct sk_buff *skb);
+int carl9170_tx_put_skb(struct sk_buff *skb);
+
+/* LEDs */
+#ifdef CONFIG_CARL9170_LEDS
+int carl9170_led_register(struct ar9170 *ar);
+void carl9170_led_unregister(struct ar9170 *ar);
+#endif /* CONFIG_CARL9170_LEDS */
+int carl9170_led_init(struct ar9170 *ar);
+int carl9170_led_set_state(struct ar9170 *ar, const u32 led_state);
+
+/* PHY / RF */
+int carl9170_set_channel(struct ar9170 *ar, struct ieee80211_channel *channel,
+       enum nl80211_channel_type bw, enum carl9170_rf_init_mode rfi);
+int carl9170_get_noisefloor(struct ar9170 *ar);
+
+/* FW */
+int carl9170_parse_firmware(struct ar9170 *ar);
+int carl9170_fw_fix_eeprom(struct ar9170 *ar);
+
+extern struct ieee80211_rate __carl9170_ratetable[];
+extern int modparam_noht;
+
+static inline struct ar9170 *carl9170_get_priv(struct carl9170_vif *carl_vif)
+{
+       return container_of(carl_vif, struct ar9170,
+                           vif_priv[carl_vif->id]);
+}
+
+static inline struct ieee80211_hdr *carl9170_get_hdr(struct sk_buff *skb)
+{
+       return (void *)((struct _carl9170_tx_superframe *)
+               skb->data)->frame_data;
+}
+
+static inline u16 get_seq_h(struct ieee80211_hdr *hdr)
+{
+       return le16_to_cpu(hdr->seq_ctrl) >> 4;
+}
+
+static inline u16 carl9170_get_seq(struct sk_buff *skb)
+{
+       return get_seq_h(carl9170_get_hdr(skb));
+}
+
+static inline u16 get_tid_h(struct ieee80211_hdr *hdr)
+{
+       return (ieee80211_get_qos_ctl(hdr))[0] & IEEE80211_QOS_CTL_TID_MASK;
+}
+
+static inline u16 carl9170_get_tid(struct sk_buff *skb)
+{
+       return get_tid_h(carl9170_get_hdr(skb));
+}
+
+static inline struct ieee80211_vif *
+carl9170_get_vif(struct carl9170_vif_info *priv)
+{
+       return container_of((void *)priv, struct ieee80211_vif, drv_priv);
+}
+
+/* Protected by ar->mutex or RCU */
+static inline struct ieee80211_vif *carl9170_get_main_vif(struct ar9170 *ar)
+{
+       struct carl9170_vif_info *cvif;
+
+       list_for_each_entry_rcu(cvif, &ar->vif_list, list) {
+               if (cvif->active)
+                       return carl9170_get_vif(cvif);
+       }
+
+       return NULL;
+}
+
+static inline bool is_main_vif(struct ar9170 *ar, struct ieee80211_vif *vif)
+{
+       bool ret;
+
+       rcu_read_lock();
+       ret = (carl9170_get_main_vif(ar) == vif);
+       rcu_read_unlock();
+       return ret;
+}
+
+#endif /* __CARL9170_H */
diff --git a/drivers/net/wireless/ath/carl9170/cmd.c b/drivers/net/wireless/ath/carl9170/cmd.c
new file mode 100644 (file)
index 0000000..c21f336
--- /dev/null
@@ -0,0 +1,188 @@
+/*
+ * Atheros CARL9170 driver
+ *
+ * Basic HW register/memory/command access functions
+ *
+ * Copyright 2008, Johannes Berg <johannes@sipsolutions.net>
+ *
+ * This program is free software; you can redistribute it and/or modify
+ * it under the terms of the GNU General Public License as published by
+ * the Free Software Foundation; either version 2 of the License, or
+ * (at your option) any later version.
+ *
+ * This program is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+ * GNU General Public License for more details.
+ *
+ * You should have received a copy of the GNU General Public License
+ * along with this program; see the file COPYING.  If not, see
+ * http://www.gnu.org/licenses/.
+ *
+ * This file incorporates work covered by the following copyright and
+ * permission notice:
+ *    Copyright (c) 2007-2008 Atheros Communications, Inc.
+ *
+ *    Permission to use, copy, modify, and/or distribute this software for any
+ *    purpose with or without fee is hereby granted, provided that the above
+ *    copyright notice and this permission notice appear in all copies.
+ *
+ *    THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES
+ *    WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF
+ *    MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR
+ *    ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES
+ *    WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN
+ *    ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF
+ *    OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE.
+ */
+
+#include "carl9170.h"
+#include "cmd.h"
+
+int carl9170_write_reg(struct ar9170 *ar, const u32 reg, const u32 val)
+{
+       __le32 buf[2] = {
+               cpu_to_le32(reg),
+               cpu_to_le32(val),
+       };
+       int err;
+
+       err = carl9170_exec_cmd(ar, CARL9170_CMD_WREG, sizeof(buf),
+                               (u8 *) buf, 0, NULL);
+       if (err) {
+               if (net_ratelimit()) {
+                       wiphy_err(ar->hw->wiphy, "writing reg %#x "
+                               "(val %#x) failed (%d)\n", reg, val, err);
+               }
+       }
+       return err;
+}
+
+int carl9170_read_mreg(struct ar9170 *ar, const int nregs,
+                      const u32 *regs, u32 *out)
+{
+       int i, err;
+       __le32 *offs, *res;
+
+       /* abuse "out" for the register offsets, must be same length */
+       offs = (__le32 *)out;
+       for (i = 0; i < nregs; i++)
+               offs[i] = cpu_to_le32(regs[i]);
+
+       /* also use the same buffer for the input */
+       res = (__le32 *)out;
+
+       err = carl9170_exec_cmd(ar, CARL9170_CMD_RREG,
+                               4 * nregs, (u8 *)offs,
+                               4 * nregs, (u8 *)res);
+       if (err) {
+               if (net_ratelimit()) {
+                       wiphy_err(ar->hw->wiphy, "reading regs failed (%d)\n",
+                                 err);
+               }
+               return err;
+       }
+
+       /* convert result to cpu endian */
+       for (i = 0; i < nregs; i++)
+               out[i] = le32_to_cpu(res[i]);
+
+       return 0;
+}
+
+int carl9170_read_reg(struct ar9170 *ar, u32 reg, u32 *val)
+{
+       return carl9170_read_mreg(ar, 1, &reg, val);
+}
+
+int carl9170_echo_test(struct ar9170 *ar, const u32 v)
+{
+       u32 echores;
+       int err;
+
+       err = carl9170_exec_cmd(ar, CARL9170_CMD_ECHO,
+                               4, (u8 *)&v,
+                               4, (u8 *)&echores);
+       if (err)
+               return err;
+
+       if (v != echores) {
+               wiphy_info(ar->hw->wiphy, "wrong echo %x != %x", v, echores);
+               return -EINVAL;
+       }
+
+       return 0;
+}
+
+struct carl9170_cmd *carl9170_cmd_buf(struct ar9170 *ar,
+       const enum carl9170_cmd_oids cmd, const unsigned int len)
+{
+       struct carl9170_cmd *tmp;
+
+       tmp = kzalloc(sizeof(struct carl9170_cmd_head) + len, GFP_ATOMIC);
+       if (tmp) {
+               tmp->hdr.cmd = cmd;
+               tmp->hdr.len = len;
+       }
+
+       return tmp;
+}
+
+int carl9170_reboot(struct ar9170 *ar)
+{
+       struct carl9170_cmd *cmd;
+       int err;
+
+       cmd = carl9170_cmd_buf(ar, CARL9170_CMD_REBOOT_ASYNC, 0);
+       if (!cmd)
+               return -ENOMEM;
+
+       err = __carl9170_exec_cmd(ar, (struct carl9170_cmd *)cmd, true);
+       return err;
+}
+
+int carl9170_mac_reset(struct ar9170 *ar)
+{
+       return carl9170_exec_cmd(ar, CARL9170_CMD_SWRST,
+                                0, NULL, 0, NULL);
+}
+
+int carl9170_bcn_ctrl(struct ar9170 *ar, const unsigned int vif_id,
+                      const u32 mode, const u32 addr, const u32 len)
+{
+       struct carl9170_cmd *cmd;
+
+       cmd = carl9170_cmd_buf(ar, CARL9170_CMD_BCN_CTRL_ASYNC,
+                              sizeof(struct carl9170_bcn_ctrl_cmd));
+       if (!cmd)
+               return -ENOMEM;
+
+       cmd->bcn_ctrl.vif_id = cpu_to_le32(vif_id);
+       cmd->bcn_ctrl.mode = cpu_to_le32(mode);
+       cmd->bcn_ctrl.bcn_addr = cpu_to_le32(addr);
+       cmd->bcn_ctrl.bcn_len = cpu_to_le32(len);
+
+       return __carl9170_exec_cmd(ar, cmd, true);
+}
+
+int carl9170_powersave(struct ar9170 *ar, const bool ps)
+{
+       struct carl9170_cmd *cmd;
+       u32 state;
+
+       cmd = carl9170_cmd_buf(ar, CARL9170_CMD_PSM_ASYNC,
+                              sizeof(struct carl9170_psm));
+       if (!cmd)
+               return -ENOMEM;
+
+       if (ps) {
+               /* Sleep until next TBTT */
+               state = CARL9170_PSM_SLEEP | 1;
+       } else {
+               /* wake up immediately */
+               state = 1;
+       }
+
+       cmd->psm.state = cpu_to_le32(state);
+       return __carl9170_exec_cmd(ar, cmd, true);
+}
diff --git a/drivers/net/wireless/ath/carl9170/cmd.h b/drivers/net/wireless/ath/carl9170/cmd.h
new file mode 100644 (file)
index 0000000..0fc83d2
--- /dev/null
@@ -0,0 +1,158 @@
+/*
+ * Atheros CARL9170 driver
+ *
+ * Basic HW register/memory/command access functions
+ *
+ * Copyright 2008, Johannes Berg <johannes@sipsolutions.net>
+ * Copyright 2010, Christian Lamparter <chunkeey@googlemail.com>
+ *
+ * This program is free software; you can redistribute it and/or modify
+ * it under the terms of the GNU General Public License as published by
+ * the Free Software Foundation; either version 2 of the License, or
+ * (at your option) any later version.
+ *
+ * This program is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+ * GNU General Public License for more details.
+ *
+ * You should have received a copy of the GNU General Public License
+ * along with this program; see the file COPYING.  If not, see
+ * http://www.gnu.org/licenses/.
+ *
+ * This file incorporates work covered by the following copyright and
+ * permission notice:
+ *    Copyright (c) 2007-2008 Atheros Communications, Inc.
+ *
+ *    Permission to use, copy, modify, and/or distribute this software for any
+ *    purpose with or without fee is hereby granted, provided that the above
+ *    copyright notice and this permission notice appear in all copies.
+ *
+ *    THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES
+ *    WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF
+ *    MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR
+ *    ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES
+ *    WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN
+ *    ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF
+ *    OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE.
+ */
+#ifndef __CMD_H
+#define __CMD_H
+
+#include "carl9170.h"
+
+/* basic HW access */
+int carl9170_write_reg(struct ar9170 *ar, const u32 reg, const u32 val);
+int carl9170_read_reg(struct ar9170 *ar, const u32 reg, u32 *val);
+int carl9170_read_mreg(struct ar9170 *ar, const int nregs,
+                      const u32 *regs, u32 *out);
+int carl9170_echo_test(struct ar9170 *ar, u32 v);
+int carl9170_reboot(struct ar9170 *ar);
+int carl9170_mac_reset(struct ar9170 *ar);
+int carl9170_powersave(struct ar9170 *ar, const bool power_on);
+int carl9170_bcn_ctrl(struct ar9170 *ar, const unsigned int vif_id,
+                      const u32 mode, const u32 addr, const u32 len);
+
+static inline int carl9170_flush_cab(struct ar9170 *ar,
+                                    const unsigned int vif_id)
+{
+       return carl9170_bcn_ctrl(ar, vif_id, CARL9170_BCN_CTRL_DRAIN, 0, 0);
+}
+
+struct carl9170_cmd *carl9170_cmd_buf(struct ar9170 *ar,
+       const enum carl9170_cmd_oids cmd, const unsigned int len);
+
+/*
+ * Macros to facilitate writing multiple registers in a single
+ * write-combining USB command. Note that when the first group
+ * fails the whole thing will fail without any others attempted,
+ * but you won't know which write in the group failed.
+ */
+#define carl9170_regwrite_begin(ar)                                    \
+do {                                                                   \
+       int __nreg = 0, __err = 0;                                      \
+       struct ar9170 *__ar = ar;
+
+#define carl9170_regwrite(r, v) do {                                   \
+       __ar->cmd_buf[2 * __nreg + 1] = cpu_to_le32(r);                 \
+       __ar->cmd_buf[2 * __nreg + 2] = cpu_to_le32(v);                 \
+       __nreg++;                                                       \
+       if ((__nreg >= PAYLOAD_MAX/2)) {                                \
+               if (IS_ACCEPTING_CMD(__ar))                             \
+                       __err = carl9170_exec_cmd(__ar,                 \
+                               CARL9170_CMD_WREG, 8 * __nreg,          \
+                               (u8 *) &__ar->cmd_buf[1], 0, NULL);     \
+               else                                                    \
+                       goto __regwrite_out;                            \
+                                                                       \
+               __nreg = 0;                                             \
+               if (__err)                                              \
+                       goto __regwrite_out;                            \
+       }                                                               \
+} while (0)
+
+#define carl9170_regwrite_finish()                                     \
+__regwrite_out :                                                       \
+       if (__err == 0 && __nreg) {                                     \
+               if (IS_ACCEPTING_CMD(__ar))                             \
+                       __err = carl9170_exec_cmd(__ar,                 \
+                               CARL9170_CMD_WREG, 8 * __nreg,          \
+                               (u8 *) &__ar->cmd_buf[1], 0, NULL);     \
+               __nreg = 0;                                             \
+       }
+
+#define carl9170_regwrite_result()                                     \
+       __err;                                                          \
+} while (0);
+
+
+#define carl9170_async_get_buf()                                       \
+do {                                                                   \
+       __cmd = carl9170_cmd_buf(__carl, CARL9170_CMD_WREG_ASYNC,       \
+                                CARL9170_MAX_CMD_PAYLOAD_LEN);         \
+       if (__cmd == NULL) {                                            \
+               __err = -ENOMEM;                                        \
+               goto __async_regwrite_out;                              \
+       }                                                               \
+} while (0);
+
+#define carl9170_async_regwrite_begin(carl)                            \
+do {                                                                   \
+       int __nreg = 0, __err = 0;                                      \
+       struct ar9170 *__carl = carl;                                   \
+       struct carl9170_cmd *__cmd;                                     \
+       carl9170_async_get_buf();                                       \
+
+#define carl9170_async_regwrite(r, v) do {                             \
+       __cmd->wreg.regs[__nreg].addr = cpu_to_le32(r);                 \
+       __cmd->wreg.regs[__nreg].val = cpu_to_le32(v);                  \
+       __nreg++;                                                       \
+       if ((__nreg >= PAYLOAD_MAX/2)) {                                \
+               if (IS_ACCEPTING_CMD(__carl)) {                         \
+                       __cmd->hdr.len = 8 * __nreg;                    \
+                       __err = __carl9170_exec_cmd(__carl, __cmd, true);\
+                       __cmd = NULL;                                   \
+                       carl9170_async_get_buf();                       \
+               } else {                                                \
+                       goto __async_regwrite_out;                      \
+               }                                                       \
+               __nreg = 0;                                             \
+               if (__err)                                              \
+                       goto __async_regwrite_out;                      \
+       }                                                               \
+} while (0)
+
+#define carl9170_async_regwrite_finish()                               \
+__async_regwrite_out :                                                 \
+       if (__err == 0 && __nreg) {                                     \
+               __cmd->hdr.len = 8 * __nreg;                            \
+               if (IS_ACCEPTING_CMD(__carl))                           \
+                       __err = __carl9170_exec_cmd(__carl, __cmd, true);\
+               __nreg = 0;                                             \
+       }
+
+#define carl9170_async_regwrite_result()                               \
+       __err;                                                          \
+} while (0);
+
+#endif /* __CMD_H */
diff --git a/drivers/net/wireless/ath/carl9170/led.c b/drivers/net/wireless/ath/carl9170/led.c
new file mode 100644 (file)
index 0000000..4bb2cbd
--- /dev/null
@@ -0,0 +1,190 @@
+/*
+ * Atheros CARL9170 driver
+ *
+ * LED handling
+ *
+ * Copyright 2008, Johannes Berg <johannes@sipsolutions.net>
+ * Copyright 2009, 2010, Christian Lamparer <chunkeey@googlemail.com>
+ *
+ * This program is free software; you can redistribute it and/or modify
+ * it under the terms of the GNU General Public License as published by
+ * the Free Software Foundation; either version 2 of the License, or
+ * (at your option) any later version.
+ *
+ * This program is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+ * GNU General Public License for more details.
+ *
+ * You should have received a copy of the GNU General Public License
+ * along with this program; see the file COPYING.  If not, see
+ * http://www.gnu.org/licenses/.
+ *
+ * This file incorporates work covered by the following copyright and
+ * permission notice:
+ *    Copyright (c) 2007-2008 Atheros Communications, Inc.
+ *
+ *    Permission to use, copy, modify, and/or distribute this software for any
+ *    purpose with or without fee is hereby granted, provided that the above
+ *    copyright notice and this permission notice appear in all copies.
+ *
+ *    THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES
+ *    WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF
+ *    MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR
+ *    ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES
+ *    WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN
+ *    ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF
+ *    OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE.
+ */
+
+#include "carl9170.h"
+#include "cmd.h"
+
+int carl9170_led_set_state(struct ar9170 *ar, const u32 led_state)
+{
+       return carl9170_write_reg(ar, AR9170_GPIO_REG_PORT_DATA, led_state);
+}
+
+int carl9170_led_init(struct ar9170 *ar)
+{
+       int err;
+
+       /* disable LEDs */
+       /* GPIO [0/1 mode: output, 2/3: input] */
+       err = carl9170_write_reg(ar, AR9170_GPIO_REG_PORT_TYPE, 3);
+       if (err)
+               goto out;
+
+       /* GPIO 0/1 value: off */
+       err = carl9170_led_set_state(ar, 0);
+
+out:
+       return err;
+}
+
+#ifdef CONFIG_CARL9170_LEDS
+static void carl9170_led_update(struct work_struct *work)
+{
+       struct ar9170 *ar = container_of(work, struct ar9170, led_work.work);
+       int i, tmp = 300, blink_delay = 1000;
+       u32 led_val = 0;
+       bool rerun = false;
+
+       if (!IS_ACCEPTING_CMD(ar))
+               return;
+
+       mutex_lock(&ar->mutex);
+       for (i = 0; i < AR9170_NUM_LEDS; i++) {
+               if (ar->leds[i].registered) {
+                       if (ar->leds[i].last_state ||
+                           ar->leds[i].toggled) {
+
+                               if (ar->leds[i].toggled)
+                                       tmp = 70 + 200 / (ar->leds[i].toggled);
+
+                               if (tmp < blink_delay)
+                                       blink_delay = tmp;
+
+                               led_val |= 1 << i;
+                               ar->leds[i].toggled = 0;
+                               rerun = true;
+                       }
+               }
+       }
+
+       carl9170_led_set_state(ar, led_val);
+       mutex_unlock(&ar->mutex);
+
+       if (!rerun)
+               return;
+
+       ieee80211_queue_delayed_work(ar->hw,
+                                    &ar->led_work,
+                                    msecs_to_jiffies(blink_delay));
+}
+
+static void carl9170_led_set_brightness(struct led_classdev *led,
+                                       enum led_brightness brightness)
+{
+       struct carl9170_led *arl = container_of(led, struct carl9170_led, l);
+       struct ar9170 *ar = arl->ar;
+
+       if (!arl->registered)
+               return;
+
+       if (arl->last_state != !!brightness) {
+               arl->toggled++;
+               arl->last_state = !!brightness;
+       }
+
+       if (likely(IS_ACCEPTING_CMD(ar) && arl->toggled))
+               ieee80211_queue_delayed_work(ar->hw, &ar->led_work, HZ/10);
+}
+
+static int carl9170_led_register_led(struct ar9170 *ar, int i, char *name,
+                                    char *trigger)
+{
+       int err;
+
+       snprintf(ar->leds[i].name, sizeof(ar->leds[i].name),
+                "carl9170-%s::%s", wiphy_name(ar->hw->wiphy), name);
+
+       ar->leds[i].ar = ar;
+       ar->leds[i].l.name = ar->leds[i].name;
+       ar->leds[i].l.brightness_set = carl9170_led_set_brightness;
+       ar->leds[i].l.brightness = 0;
+       ar->leds[i].l.default_trigger = trigger;
+
+       err = led_classdev_register(wiphy_dev(ar->hw->wiphy),
+                                   &ar->leds[i].l);
+       if (err) {
+               wiphy_err(ar->hw->wiphy, "failed to register %s LED (%d).\n",
+                       ar->leds[i].name, err);
+       } else {
+               ar->leds[i].registered = true;
+       }
+
+       return err;
+}
+
+void carl9170_led_unregister(struct ar9170 *ar)
+{
+       int i;
+
+       for (i = 0; i < AR9170_NUM_LEDS; i++)
+               if (ar->leds[i].registered) {
+                       led_classdev_unregister(&ar->leds[i].l);
+                       ar->leds[i].registered = false;
+                       ar->leds[i].toggled = 0;
+               }
+
+       cancel_delayed_work_sync(&ar->led_work);
+}
+
+int carl9170_led_register(struct ar9170 *ar)
+{
+       int err;
+
+       INIT_DELAYED_WORK(&ar->led_work, carl9170_led_update);
+
+       err = carl9170_led_register_led(ar, 0, "tx",
+                                       ieee80211_get_tx_led_name(ar->hw));
+       if (err)
+               goto fail;
+
+       if (ar->features & CARL9170_ONE_LED)
+               return 0;
+
+       err = carl9170_led_register_led(ar, 1, "assoc",
+                                       ieee80211_get_assoc_led_name(ar->hw));
+       if (err)
+               goto fail;
+
+       return 0;
+
+fail:
+       carl9170_led_unregister(ar);
+       return err;
+}
+
+#endif /* CONFIG_CARL9170_LEDS */
diff --git a/drivers/net/wireless/ath/carl9170/main.c b/drivers/net/wireless/ath/carl9170/main.c
new file mode 100644 (file)
index 0000000..ea49d54
--- /dev/null
@@ -0,0 +1,1855 @@
+/*
+ * Atheros CARL9170 driver
+ *
+ * mac80211 interaction code
+ *
+ * Copyright 2008, Johannes Berg <johannes@sipsolutions.net>
+ * Copyright 2009, 2010, Christian Lamparter <chunkeey@googlemail.com>
+ *
+ * This program is free software; you can redistribute it and/or modify
+ * it under the terms of the GNU General Public License as published by
+ * the Free Software Foundation; either version 2 of the License, or
+ * (at your option) any later version.
+ *
+ * This program is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+ * GNU General Public License for more details.
+ *
+ * You should have received a copy of the GNU General Public License
+ * along with this program; see the file COPYING.  If not, see
+ * http://www.gnu.org/licenses/.
+ *
+ * This file incorporates work covered by the following copyright and
+ * permission notice:
+ *    Copyright (c) 2007-2008 Atheros Communications, Inc.
+ *
+ *    Permission to use, copy, modify, and/or distribute this software for any
+ *    purpose with or without fee is hereby granted, provided that the above
+ *    copyright notice and this permission notice appear in all copies.
+ *
+ *    THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES
+ *    WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF
+ *    MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR
+ *    ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES
+ *    WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN
+ *    ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF
+ *    OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE.
+ */
+
+#include <linux/init.h>
+#include <linux/slab.h>
+#include <linux/module.h>
+#include <linux/etherdevice.h>
+#include <linux/random.h>
+#include <net/mac80211.h>
+#include <net/cfg80211.h>
+#include "hw.h"
+#include "carl9170.h"
+#include "cmd.h"
+
+static int modparam_nohwcrypt;
+module_param_named(nohwcrypt, modparam_nohwcrypt, bool, S_IRUGO);
+MODULE_PARM_DESC(nohwcrypt, "Disable hardware crypto offload.");
+
+int modparam_noht;
+module_param_named(noht, modparam_noht, int, S_IRUGO);
+MODULE_PARM_DESC(noht, "Disable MPDU aggregation.");
+
+#define RATE(_bitrate, _hw_rate, _txpidx, _flags) {    \
+       .bitrate        = (_bitrate),                   \
+       .flags          = (_flags),                     \
+       .hw_value       = (_hw_rate) | (_txpidx) << 4,  \
+}
+
+struct ieee80211_rate __carl9170_ratetable[] = {
+       RATE(10, 0, 0, 0),
+       RATE(20, 1, 1, IEEE80211_RATE_SHORT_PREAMBLE),
+       RATE(55, 2, 2, IEEE80211_RATE_SHORT_PREAMBLE),
+       RATE(110, 3, 3, IEEE80211_RATE_SHORT_PREAMBLE),
+       RATE(60, 0xb, 0, 0),
+       RATE(90, 0xf, 0, 0),
+       RATE(120, 0xa, 0, 0),
+       RATE(180, 0xe, 0, 0),
+       RATE(240, 0x9, 0, 0),
+       RATE(360, 0xd, 1, 0),
+       RATE(480, 0x8, 2, 0),
+       RATE(540, 0xc, 3, 0),
+};
+#undef RATE
+
+#define carl9170_g_ratetable   (__carl9170_ratetable + 0)
+#define carl9170_g_ratetable_size      12
+#define carl9170_a_ratetable   (__carl9170_ratetable + 4)
+#define carl9170_a_ratetable_size      8
+
+/*
+ * NB: The hw_value is used as an index into the carl9170_phy_freq_params
+ *     array in phy.c so that we don't have to do frequency lookups!
+ */
+#define CHAN(_freq, _idx) {            \
+       .center_freq    = (_freq),      \
+       .hw_value       = (_idx),       \
+       .max_power      = 18, /* XXX */ \
+}
+
+static struct ieee80211_channel carl9170_2ghz_chantable[] = {
+       CHAN(2412,  0),
+       CHAN(2417,  1),
+       CHAN(2422,  2),
+       CHAN(2427,  3),
+       CHAN(2432,  4),
+       CHAN(2437,  5),
+       CHAN(2442,  6),
+       CHAN(2447,  7),
+       CHAN(2452,  8),
+       CHAN(2457,  9),
+       CHAN(2462, 10),
+       CHAN(2467, 11),
+       CHAN(2472, 12),
+       CHAN(2484, 13),
+};
+
+static struct ieee80211_channel carl9170_5ghz_chantable[] = {
+       CHAN(4920, 14),
+       CHAN(4940, 15),
+       CHAN(4960, 16),
+       CHAN(4980, 17),
+       CHAN(5040, 18),
+       CHAN(5060, 19),
+       CHAN(5080, 20),
+       CHAN(5180, 21),
+       CHAN(5200, 22),
+       CHAN(5220, 23),
+       CHAN(5240, 24),
+       CHAN(5260, 25),
+       CHAN(5280, 26),
+       CHAN(5300, 27),
+       CHAN(5320, 28),
+       CHAN(5500, 29),
+       CHAN(5520, 30),
+       CHAN(5540, 31),
+       CHAN(5560, 32),
+       CHAN(5580, 33),
+       CHAN(5600, 34),
+       CHAN(5620, 35),
+       CHAN(5640, 36),
+       CHAN(5660, 37),
+       CHAN(5680, 38),
+       CHAN(5700, 39),
+       CHAN(5745, 40),
+       CHAN(5765, 41),
+       CHAN(5785, 42),
+       CHAN(5805, 43),
+       CHAN(5825, 44),
+       CHAN(5170, 45),
+       CHAN(5190, 46),
+       CHAN(5210, 47),
+       CHAN(5230, 48),
+};
+#undef CHAN
+
+#define CARL9170_HT_CAP                                                        \
+{                                                                      \
+       .ht_supported   = true,                                         \
+       .cap            = IEEE80211_HT_CAP_MAX_AMSDU |                  \
+                         IEEE80211_HT_CAP_SUP_WIDTH_20_40 |            \
+                         IEEE80211_HT_CAP_SGI_40 |                     \
+                         IEEE80211_HT_CAP_DSSSCCK40 |                  \
+                         IEEE80211_HT_CAP_SM_PS,                       \
+       .ampdu_factor   = IEEE80211_HT_MAX_AMPDU_64K,                   \
+       .ampdu_density  = IEEE80211_HT_MPDU_DENSITY_8,                  \
+       .mcs            = {                                             \
+               .rx_mask = { 0xff, 0xff, 0, 0, 0x1, 0, 0, 0, 0, 0, },   \
+               .rx_highest = cpu_to_le16(300),                         \
+               .tx_params = IEEE80211_HT_MCS_TX_DEFINED,               \
+       },                                                              \
+}
+
+static struct ieee80211_supported_band carl9170_band_2GHz = {
+       .channels       = carl9170_2ghz_chantable,
+       .n_channels     = ARRAY_SIZE(carl9170_2ghz_chantable),
+       .bitrates       = carl9170_g_ratetable,
+       .n_bitrates     = carl9170_g_ratetable_size,
+       .ht_cap         = CARL9170_HT_CAP,
+};
+
+static struct ieee80211_supported_band carl9170_band_5GHz = {
+       .channels       = carl9170_5ghz_chantable,
+       .n_channels     = ARRAY_SIZE(carl9170_5ghz_chantable),
+       .bitrates       = carl9170_a_ratetable,
+       .n_bitrates     = carl9170_a_ratetable_size,
+       .ht_cap         = CARL9170_HT_CAP,
+};
+
+static void carl9170_ampdu_gc(struct ar9170 *ar)
+{
+       struct carl9170_sta_tid *tid_info;
+       LIST_HEAD(tid_gc);
+
+       rcu_read_lock();
+       list_for_each_entry_rcu(tid_info, &ar->tx_ampdu_list, list) {
+               spin_lock_bh(&ar->tx_ampdu_list_lock);
+               if (tid_info->state == CARL9170_TID_STATE_SHUTDOWN) {
+                       tid_info->state = CARL9170_TID_STATE_KILLED;
+                       list_del_rcu(&tid_info->list);
+                       ar->tx_ampdu_list_len--;
+                       list_add_tail(&tid_info->tmp_list, &tid_gc);
+               }
+               spin_unlock_bh(&ar->tx_ampdu_list_lock);
+
+       }
+       rcu_assign_pointer(ar->tx_ampdu_iter, tid_info);
+       rcu_read_unlock();
+
+       synchronize_rcu();
+
+       while (!list_empty(&tid_gc)) {
+               struct sk_buff *skb;
+               tid_info = list_first_entry(&tid_gc, struct carl9170_sta_tid,
+                                           tmp_list);
+
+               while ((skb = __skb_dequeue(&tid_info->queue)))
+                       carl9170_tx_status(ar, skb, false);
+
+               list_del_init(&tid_info->tmp_list);
+               kfree(tid_info);
+       }
+}
+
+static void carl9170_flush(struct ar9170 *ar, bool drop_queued)
+{
+       if (drop_queued) {
+               int i;
+
+               /*
+                * We can only drop frames which have not been uploaded
+                * to the device yet.
+                */
+
+               for (i = 0; i < ar->hw->queues; i++) {
+                       struct sk_buff *skb;
+
+                       while ((skb = skb_dequeue(&ar->tx_pending[i])))
+                               carl9170_tx_status(ar, skb, false);
+               }
+       }
+
+       /* Wait for all other outstanding frames to timeout. */
+       if (atomic_read(&ar->tx_total_queued))
+               WARN_ON(wait_for_completion_timeout(&ar->tx_flush, HZ) == 0);
+}
+
+static void carl9170_flush_ba(struct ar9170 *ar)
+{
+       struct sk_buff_head free;
+       struct carl9170_sta_tid *tid_info;
+       struct sk_buff *skb;
+
+       __skb_queue_head_init(&free);
+
+       rcu_read_lock();
+       spin_lock_bh(&ar->tx_ampdu_list_lock);
+       list_for_each_entry_rcu(tid_info, &ar->tx_ampdu_list, list) {
+               if (tid_info->state > CARL9170_TID_STATE_SUSPEND) {
+                       tid_info->state = CARL9170_TID_STATE_SUSPEND;
+
+                       spin_lock(&tid_info->lock);
+                       while ((skb = __skb_dequeue(&tid_info->queue)))
+                               __skb_queue_tail(&free, skb);
+                       spin_unlock(&tid_info->lock);
+               }
+       }
+       spin_unlock_bh(&ar->tx_ampdu_list_lock);
+       rcu_read_unlock();
+
+       while ((skb = __skb_dequeue(&free)))
+               carl9170_tx_status(ar, skb, false);
+}
+
+static void carl9170_zap_queues(struct ar9170 *ar)
+{
+       struct carl9170_vif_info *cvif;
+       unsigned int i;
+
+       carl9170_ampdu_gc(ar);
+
+       carl9170_flush_ba(ar);
+       carl9170_flush(ar, true);
+
+       for (i = 0; i < ar->hw->queues; i++) {
+               spin_lock_bh(&ar->tx_status[i].lock);
+               while (!skb_queue_empty(&ar->tx_status[i])) {
+                       struct sk_buff *skb;
+
+                       skb = skb_peek(&ar->tx_status[i]);
+                       carl9170_tx_get_skb(skb);
+                       spin_unlock_bh(&ar->tx_status[i].lock);
+                       carl9170_tx_drop(ar, skb);
+                       spin_lock_bh(&ar->tx_status[i].lock);
+                       carl9170_tx_put_skb(skb);
+               }
+               spin_unlock_bh(&ar->tx_status[i].lock);
+       }
+
+       BUILD_BUG_ON(CARL9170_NUM_TX_LIMIT_SOFT < 1);
+       BUILD_BUG_ON(CARL9170_NUM_TX_LIMIT_HARD < CARL9170_NUM_TX_LIMIT_SOFT);
+       BUILD_BUG_ON(CARL9170_NUM_TX_LIMIT_HARD >= CARL9170_BAW_BITS);
+
+       /* reinitialize queues statistics */
+       memset(&ar->tx_stats, 0, sizeof(ar->tx_stats));
+       for (i = 0; i < ar->hw->queues; i++)
+               ar->tx_stats[i].limit = CARL9170_NUM_TX_LIMIT_HARD;
+
+       for (i = 0; i < DIV_ROUND_UP(ar->fw.mem_blocks, BITS_PER_LONG); i++)
+               ar->mem_bitmap[i] = 0;
+
+       rcu_read_lock();
+       list_for_each_entry_rcu(cvif, &ar->vif_list, list) {
+               spin_lock_bh(&ar->beacon_lock);
+               dev_kfree_skb_any(cvif->beacon);
+               cvif->beacon = NULL;
+               spin_unlock_bh(&ar->beacon_lock);
+       }
+       rcu_read_unlock();
+
+       atomic_set(&ar->tx_ampdu_upload, 0);
+       atomic_set(&ar->tx_ampdu_scheduler, 0);
+       atomic_set(&ar->tx_total_pending, 0);
+       atomic_set(&ar->tx_total_queued, 0);
+       atomic_set(&ar->mem_free_blocks, ar->fw.mem_blocks);
+}
+
+#define CARL9170_FILL_QUEUE(queue, ai_fs, cwmin, cwmax, _txop)         \
+do {                                                                   \
+       queue.aifs = ai_fs;                                             \
+       queue.cw_min = cwmin;                                           \
+       queue.cw_max = cwmax;                                           \
+       queue.txop = _txop;                                             \
+} while (0)
+
+static int carl9170_op_start(struct ieee80211_hw *hw)
+{
+       struct ar9170 *ar = hw->priv;
+       int err, i;
+
+       mutex_lock(&ar->mutex);
+
+       carl9170_zap_queues(ar);
+
+       /* reset QoS defaults */
+       CARL9170_FILL_QUEUE(ar->edcf[0], 3, 15, 1023,  0); /* BEST EFFORT */
+       CARL9170_FILL_QUEUE(ar->edcf[1], 2, 7,    15, 94); /* VIDEO */
+       CARL9170_FILL_QUEUE(ar->edcf[2], 2, 3,     7, 47); /* VOICE */
+       CARL9170_FILL_QUEUE(ar->edcf[3], 7, 15, 1023,  0); /* BACKGROUND */
+       CARL9170_FILL_QUEUE(ar->edcf[4], 2, 3,     7,  0); /* SPECIAL */
+
+       ar->current_factor = ar->current_density = -1;
+       /* "The first key is unique." */
+       ar->usedkeys = 1;
+       ar->filter_state = 0;
+       ar->ps.last_action = jiffies;
+       ar->ps.last_slept = jiffies;
+       ar->erp_mode = CARL9170_ERP_AUTO;
+       ar->rx_software_decryption = false;
+       ar->disable_offload = false;
+
+       for (i = 0; i < ar->hw->queues; i++) {
+               ar->queue_stop_timeout[i] = jiffies;
+               ar->max_queue_stop_timeout[i] = 0;
+       }
+
+       atomic_set(&ar->mem_allocs, 0);
+
+       err = carl9170_usb_open(ar);
+       if (err)
+               goto out;
+
+       err = carl9170_init_mac(ar);
+       if (err)
+               goto out;
+
+       err = carl9170_set_qos(ar);
+       if (err)
+               goto out;
+
+       err = carl9170_write_reg(ar, AR9170_MAC_REG_DMA_TRIGGER,
+                                AR9170_DMA_TRIGGER_RXQ);
+       if (err)
+               goto out;
+
+       /* Clear key-cache */
+       for (i = 0; i < AR9170_CAM_MAX_USER + 4; i++) {
+               err = carl9170_upload_key(ar, i, NULL, AR9170_ENC_ALG_NONE,
+                                         0, NULL, 0);
+               if (err)
+                       goto out;
+
+               err = carl9170_upload_key(ar, i, NULL, AR9170_ENC_ALG_NONE,
+                                         1, NULL, 0);
+               if (err)
+                       goto out;
+
+               if (i < AR9170_CAM_MAX_USER) {
+                       err = carl9170_disable_key(ar, i);
+                       if (err)
+                               goto out;
+               }
+       }
+
+       carl9170_set_state_when(ar, CARL9170_IDLE, CARL9170_STARTED);
+
+       ieee80211_wake_queues(ar->hw);
+       err = 0;
+
+out:
+       mutex_unlock(&ar->mutex);
+       return err;
+}
+
+static void carl9170_cancel_worker(struct ar9170 *ar)
+{
+       cancel_delayed_work_sync(&ar->tx_janitor);
+#ifdef CONFIG_CARL9170_LEDS
+       cancel_delayed_work_sync(&ar->led_work);
+#endif /* CONFIG_CARL9170_LEDS */
+       cancel_work_sync(&ar->ps_work);
+       cancel_work_sync(&ar->ampdu_work);
+}
+
+static void carl9170_op_stop(struct ieee80211_hw *hw)
+{
+       struct ar9170 *ar = hw->priv;
+
+       carl9170_set_state_when(ar, CARL9170_STARTED, CARL9170_IDLE);
+
+       ieee80211_stop_queues(ar->hw);
+
+       mutex_lock(&ar->mutex);
+       if (IS_ACCEPTING_CMD(ar)) {
+               rcu_assign_pointer(ar->beacon_iter, NULL);
+
+               carl9170_led_set_state(ar, 0);
+
+               /* stop DMA */
+               carl9170_write_reg(ar, AR9170_MAC_REG_DMA_TRIGGER, 0);
+               carl9170_usb_stop(ar);
+       }
+
+       carl9170_zap_queues(ar);
+       mutex_unlock(&ar->mutex);
+
+       carl9170_cancel_worker(ar);
+}
+
+static void carl9170_restart_work(struct work_struct *work)
+{
+       struct ar9170 *ar = container_of(work, struct ar9170,
+                                        restart_work);
+       int err;
+
+       ar->usedkeys = 0;
+       ar->filter_state = 0;
+       carl9170_cancel_worker(ar);
+
+       mutex_lock(&ar->mutex);
+       err = carl9170_usb_restart(ar);
+       if (net_ratelimit()) {
+               if (err) {
+                       dev_err(&ar->udev->dev, "Failed to restart device "
+                               " (%d).\n", err);
+                } else {
+                       dev_info(&ar->udev->dev, "device restarted "
+                                "successfully.\n");
+               }
+       }
+
+       carl9170_zap_queues(ar);
+       mutex_unlock(&ar->mutex);
+       if (!err) {
+               ar->restart_counter++;
+               atomic_set(&ar->pending_restarts, 0);
+
+               ieee80211_restart_hw(ar->hw);
+       } else {
+               /*
+                * The reset was unsuccessful and the device seems to
+                * be dead. But there's still one option: a low-level
+                * usb subsystem reset...
+                */
+
+               carl9170_usb_reset(ar);
+       }
+}
+
+void carl9170_restart(struct ar9170 *ar, const enum carl9170_restart_reasons r)
+{
+       carl9170_set_state_when(ar, CARL9170_STARTED, CARL9170_IDLE);
+
+       /*
+        * Sometimes, an error can trigger several different reset events.
+        * By ignoring these *surplus* reset events, the device won't be
+        * killed again, right after it has recovered.
+        */
+       if (atomic_inc_return(&ar->pending_restarts) > 1) {
+               dev_dbg(&ar->udev->dev, "ignoring restart (%d)\n", r);
+               return;
+       }
+
+       ieee80211_stop_queues(ar->hw);
+
+       dev_err(&ar->udev->dev, "restart device (%d)\n", r);
+
+       if (!WARN_ON(r == CARL9170_RR_NO_REASON) ||
+           !WARN_ON(r >= __CARL9170_RR_LAST))
+               ar->last_reason = r;
+
+       if (!ar->registered)
+               return;
+
+       if (IS_ACCEPTING_CMD(ar) && !ar->needs_full_reset)
+               ieee80211_queue_work(ar->hw, &ar->restart_work);
+       else
+               carl9170_usb_reset(ar);
+
+       /*
+        * At this point, the device instance might have vanished/disabled.
+        * So, don't put any code which access the ar9170 struct
+        * without proper protection.
+        */
+}
+
+static int carl9170_init_interface(struct ar9170 *ar,
+                                  struct ieee80211_vif *vif)
+{
+       struct ath_common *common = &ar->common;
+       int err;
+
+       if (!vif) {
+               WARN_ON_ONCE(IS_STARTED(ar));
+               return 0;
+       }
+
+       memcpy(common->macaddr, vif->addr, ETH_ALEN);
+
+       if (modparam_nohwcrypt ||
+           ((vif->type != NL80211_IFTYPE_STATION) &&
+            (vif->type != NL80211_IFTYPE_AP))) {
+               ar->rx_software_decryption = true;
+               ar->disable_offload = true;
+       }
+
+       err = carl9170_set_operating_mode(ar);
+       return err;
+}
+
+static int carl9170_op_add_interface(struct ieee80211_hw *hw,
+                                    struct ieee80211_vif *vif)
+{
+       struct carl9170_vif_info *vif_priv = (void *) vif->drv_priv;
+       struct ieee80211_vif *main_vif;
+       struct ar9170 *ar = hw->priv;
+       int vif_id = -1, err = 0;
+
+       mutex_lock(&ar->mutex);
+       rcu_read_lock();
+       if (vif_priv->active) {
+               /*
+                * Skip the interface structure initialization,
+                * if the vif survived the _restart call.
+                */
+               vif_id = vif_priv->id;
+               vif_priv->enable_beacon = false;
+
+               spin_lock_bh(&ar->beacon_lock);
+               dev_kfree_skb_any(vif_priv->beacon);
+               vif_priv->beacon = NULL;
+               spin_unlock_bh(&ar->beacon_lock);
+
+               goto init;
+       }
+
+       main_vif = carl9170_get_main_vif(ar);
+
+       if (main_vif) {
+               switch (main_vif->type) {
+               case NL80211_IFTYPE_STATION:
+                       if (vif->type == NL80211_IFTYPE_STATION)
+                               break;
+
+                       err = -EBUSY;
+                       rcu_read_unlock();
+
+                       goto unlock;
+
+               case NL80211_IFTYPE_AP:
+                       if ((vif->type == NL80211_IFTYPE_STATION) ||
+                           (vif->type == NL80211_IFTYPE_WDS) ||
+                           (vif->type == NL80211_IFTYPE_AP))
+                               break;
+
+                       err = -EBUSY;
+                       rcu_read_unlock();
+                       goto unlock;
+
+               default:
+                       rcu_read_unlock();
+                       goto unlock;
+               }
+       }
+
+       vif_id = bitmap_find_free_region(&ar->vif_bitmap, ar->fw.vif_num, 0);
+
+       if (vif_id < 0) {
+               rcu_read_unlock();
+
+               err = -ENOSPC;
+               goto unlock;
+       }
+
+       BUG_ON(ar->vif_priv[vif_id].id != vif_id);
+
+       vif_priv->active = true;
+       vif_priv->id = vif_id;
+       vif_priv->enable_beacon = false;
+       ar->vifs++;
+       list_add_tail_rcu(&vif_priv->list, &ar->vif_list);
+       rcu_assign_pointer(ar->vif_priv[vif_id].vif, vif);
+
+init:
+       if (carl9170_get_main_vif(ar) == vif) {
+               rcu_assign_pointer(ar->beacon_iter, vif_priv);
+               rcu_read_unlock();
+
+               err = carl9170_init_interface(ar, vif);
+               if (err)
+                       goto unlock;
+       } else {
+               err = carl9170_mod_virtual_mac(ar, vif_id, vif->addr);
+               rcu_read_unlock();
+
+               if (err)
+                       goto unlock;
+       }
+
+unlock:
+       if (err && (vif_id != -1)) {
+               vif_priv->active = false;
+               bitmap_release_region(&ar->vif_bitmap, vif_id, 0);
+               ar->vifs--;
+               rcu_assign_pointer(ar->vif_priv[vif_id].vif, NULL);
+               list_del_rcu(&vif_priv->list);
+               mutex_unlock(&ar->mutex);
+               synchronize_rcu();
+       } else {
+               if (ar->vifs > 1)
+                       ar->ps.off_override |= PS_OFF_VIF;
+
+               mutex_unlock(&ar->mutex);
+       }
+
+       return err;
+}
+
+static void carl9170_op_remove_interface(struct ieee80211_hw *hw,
+                                        struct ieee80211_vif *vif)
+{
+       struct carl9170_vif_info *vif_priv = (void *) vif->drv_priv;
+       struct ieee80211_vif *main_vif;
+       struct ar9170 *ar = hw->priv;
+       unsigned int id;
+
+       mutex_lock(&ar->mutex);
+
+       if (WARN_ON_ONCE(!vif_priv->active))
+               goto unlock;
+
+       ar->vifs--;
+
+       rcu_read_lock();
+       main_vif = carl9170_get_main_vif(ar);
+
+       id = vif_priv->id;
+
+       vif_priv->active = false;
+       WARN_ON(vif_priv->enable_beacon);
+       vif_priv->enable_beacon = false;
+       list_del_rcu(&vif_priv->list);
+       rcu_assign_pointer(ar->vif_priv[id].vif, NULL);
+
+       if (vif == main_vif) {
+               rcu_read_unlock();
+
+               if (ar->vifs) {
+                       WARN_ON(carl9170_init_interface(ar,
+                                       carl9170_get_main_vif(ar)));
+               } else {
+                       carl9170_set_operating_mode(ar);
+               }
+       } else {
+               rcu_read_unlock();
+
+               WARN_ON(carl9170_mod_virtual_mac(ar, id, NULL));
+       }
+
+       carl9170_update_beacon(ar, false);
+       carl9170_flush_cab(ar, id);
+
+       spin_lock_bh(&ar->beacon_lock);
+       dev_kfree_skb_any(vif_priv->beacon);
+       vif_priv->beacon = NULL;
+       spin_unlock_bh(&ar->beacon_lock);
+
+       bitmap_release_region(&ar->vif_bitmap, id, 0);
+
+       carl9170_set_beacon_timers(ar);
+
+       if (ar->vifs == 1)
+               ar->ps.off_override &= ~PS_OFF_VIF;
+
+unlock:
+       mutex_unlock(&ar->mutex);
+
+       synchronize_rcu();
+}
+
+void carl9170_ps_check(struct ar9170 *ar)
+{
+       ieee80211_queue_work(ar->hw, &ar->ps_work);
+}
+
+/* caller must hold ar->mutex */
+static int carl9170_ps_update(struct ar9170 *ar)
+{
+       bool ps = false;
+       int err = 0;
+
+       if (!ar->ps.off_override)
+               ps = (ar->hw->conf.flags & IEEE80211_CONF_PS);
+
+       if (ps != ar->ps.state) {
+               err = carl9170_powersave(ar, ps);
+               if (err)
+                       return err;
+
+               if (ar->ps.state && !ps) {
+                       ar->ps.sleep_ms = jiffies_to_msecs(jiffies -
+                               ar->ps.last_action);
+               }
+
+               if (ps)
+                       ar->ps.last_slept = jiffies;
+
+               ar->ps.last_action = jiffies;
+               ar->ps.state = ps;
+       }
+
+       return 0;
+}
+
+static void carl9170_ps_work(struct work_struct *work)
+{
+       struct ar9170 *ar = container_of(work, struct ar9170,
+                                        ps_work);
+       mutex_lock(&ar->mutex);
+       if (IS_STARTED(ar))
+               WARN_ON_ONCE(carl9170_ps_update(ar) != 0);
+       mutex_unlock(&ar->mutex);
+}
+
+
+static int carl9170_op_config(struct ieee80211_hw *hw, u32 changed)
+{
+       struct ar9170 *ar = hw->priv;
+       int err = 0;
+
+       mutex_lock(&ar->mutex);
+       if (changed & IEEE80211_CONF_CHANGE_LISTEN_INTERVAL) {
+               /* TODO */
+               err = 0;
+       }
+
+       if (changed & IEEE80211_CONF_CHANGE_PS) {
+               err = carl9170_ps_update(ar);
+               if (err)
+                       goto out;
+       }
+
+       if (changed & IEEE80211_CONF_CHANGE_POWER) {
+               /* TODO */
+               err = 0;
+       }
+
+       if (changed & IEEE80211_CONF_CHANGE_SMPS) {
+               /* TODO */
+               err = 0;
+       }
+
+       if (changed & IEEE80211_CONF_CHANGE_CHANNEL) {
+               /* adjust slot time for 5 GHz */
+               err = carl9170_set_slot_time(ar);
+               if (err)
+                       goto out;
+
+               err = carl9170_set_channel(ar, hw->conf.channel,
+                       hw->conf.channel_type, CARL9170_RFI_NONE);
+               if (err)
+                       goto out;
+
+               err = carl9170_set_dyn_sifs_ack(ar);
+               if (err)
+                       goto out;
+
+               err = carl9170_set_rts_cts_rate(ar);
+               if (err)
+                       goto out;
+       }
+
+out:
+       mutex_unlock(&ar->mutex);
+       return err;
+}
+
+static u64 carl9170_op_prepare_multicast(struct ieee80211_hw *hw,
+                                        struct netdev_hw_addr_list *mc_list)
+{
+       struct netdev_hw_addr *ha;
+       u64 mchash;
+
+       /* always get broadcast frames */
+       mchash = 1ULL << (0xff >> 2);
+
+       netdev_hw_addr_list_for_each(ha, mc_list)
+               mchash |= 1ULL << (ha->addr[5] >> 2);
+
+       return mchash;
+}
+
+static void carl9170_op_configure_filter(struct ieee80211_hw *hw,
+                                        unsigned int changed_flags,
+                                        unsigned int *new_flags,
+                                        u64 multicast)
+{
+       struct ar9170 *ar = hw->priv;
+
+       /* mask supported flags */
+       *new_flags &= FIF_ALLMULTI | FIF_FCSFAIL | FIF_PLCPFAIL |
+                     FIF_OTHER_BSS | FIF_PROMISC_IN_BSS;
+
+       if (!IS_ACCEPTING_CMD(ar))
+               return;
+
+       mutex_lock(&ar->mutex);
+
+       ar->filter_state = *new_flags;
+       /*
+        * We can support more by setting the sniffer bit and
+        * then checking the error flags, later.
+        */
+
+       if (changed_flags & FIF_ALLMULTI && *new_flags & FIF_ALLMULTI)
+               multicast = ~0ULL;
+
+       if (multicast != ar->cur_mc_hash)
+               WARN_ON(carl9170_update_multicast(ar, multicast));
+
+       if (changed_flags & (FIF_OTHER_BSS | FIF_PROMISC_IN_BSS)) {
+               ar->sniffer_enabled = !!(*new_flags &
+                       (FIF_OTHER_BSS | FIF_PROMISC_IN_BSS));
+
+               WARN_ON(carl9170_set_operating_mode(ar));
+       }
+
+       mutex_unlock(&ar->mutex);
+}
+
+
+static void carl9170_op_bss_info_changed(struct ieee80211_hw *hw,
+                                        struct ieee80211_vif *vif,
+                                        struct ieee80211_bss_conf *bss_conf,
+                                        u32 changed)
+{
+       struct ar9170 *ar = hw->priv;
+       struct ath_common *common = &ar->common;
+       int err = 0;
+       struct carl9170_vif_info *vif_priv;
+       struct ieee80211_vif *main_vif;
+
+       mutex_lock(&ar->mutex);
+       vif_priv = (void *) vif->drv_priv;
+       main_vif = carl9170_get_main_vif(ar);
+       if (WARN_ON(!main_vif))
+               goto out;
+
+       if (changed & BSS_CHANGED_BEACON_ENABLED) {
+               struct carl9170_vif_info *iter;
+               int i = 0;
+
+               vif_priv->enable_beacon = bss_conf->enable_beacon;
+               rcu_read_lock();
+               list_for_each_entry_rcu(iter, &ar->vif_list, list) {
+                       if (iter->active && iter->enable_beacon)
+                               i++;
+
+               }
+               rcu_read_unlock();
+
+               ar->beacon_enabled = i;
+       }
+
+       if (changed & BSS_CHANGED_BEACON) {
+               err = carl9170_update_beacon(ar, false);
+               if (err)
+                       goto out;
+       }
+
+       if (changed & (BSS_CHANGED_BEACON_ENABLED | BSS_CHANGED_BEACON |
+                      BSS_CHANGED_BEACON_INT)) {
+
+               if (main_vif != vif) {
+                       bss_conf->beacon_int = main_vif->bss_conf.beacon_int;
+                       bss_conf->dtim_period = main_vif->bss_conf.dtim_period;
+               }
+
+               /*
+                * Therefore a hard limit for the broadcast traffic should
+                * prevent false alarms.
+                */
+               if (vif->type != NL80211_IFTYPE_STATION &&
+                   (bss_conf->beacon_int * bss_conf->dtim_period >=
+                    (CARL9170_QUEUE_STUCK_TIMEOUT / 2))) {
+                       err = -EINVAL;
+                       goto out;
+               }
+
+               err = carl9170_set_beacon_timers(ar);
+               if (err)
+                       goto out;
+       }
+
+       if (changed & BSS_CHANGED_HT) {
+               /* TODO */
+               err = 0;
+               if (err)
+                       goto out;
+       }
+
+       if (main_vif != vif)
+               goto out;
+
+       /*
+        * The following settings can only be changed by the
+        * master interface.
+        */
+
+       if (changed & BSS_CHANGED_BSSID) {
+               memcpy(common->curbssid, bss_conf->bssid, ETH_ALEN);
+               err = carl9170_set_operating_mode(ar);
+               if (err)
+                       goto out;
+       }
+
+       if (changed & BSS_CHANGED_ASSOC) {
+               ar->common.curaid = bss_conf->aid;
+               err = carl9170_set_beacon_timers(ar);
+               if (err)
+                       goto out;
+       }
+
+       if (changed & BSS_CHANGED_ERP_SLOT) {
+               err = carl9170_set_slot_time(ar);
+               if (err)
+                       goto out;
+       }
+
+       if (changed & BSS_CHANGED_BASIC_RATES) {
+               err = carl9170_set_mac_rates(ar);
+               if (err)
+                       goto out;
+       }
+
+out:
+       WARN_ON_ONCE(err && IS_STARTED(ar));
+       mutex_unlock(&ar->mutex);
+}
+
+static u64 carl9170_op_get_tsf(struct ieee80211_hw *hw)
+{
+       struct ar9170 *ar = hw->priv;
+       struct carl9170_tsf_rsp tsf;
+       int err;
+
+       mutex_lock(&ar->mutex);
+       err = carl9170_exec_cmd(ar, CARL9170_CMD_READ_TSF,
+                               0, NULL, sizeof(tsf), &tsf);
+       mutex_unlock(&ar->mutex);
+       if (WARN_ON(err))
+               return 0;
+
+       return le64_to_cpu(tsf.tsf_64);
+}
+
+static int carl9170_op_set_key(struct ieee80211_hw *hw, enum set_key_cmd cmd,
+                              struct ieee80211_vif *vif,
+                              struct ieee80211_sta *sta,
+                              struct ieee80211_key_conf *key)
+{
+       struct ar9170 *ar = hw->priv;
+       int err = 0, i;
+       u8 ktype;
+
+       if (ar->disable_offload || !vif)
+               return -EOPNOTSUPP;
+
+       /*
+        * We have to fall back to software encryption, whenever
+        * the user choose to participates in an IBSS or is connected
+        * to more than one network.
+        *
+        * This is very unfortunate, because some machines cannot handle
+        * the high througput speed in 802.11n networks.
+        */
+
+       if (!is_main_vif(ar, vif))
+               goto err_softw;
+
+       /*
+        * While the hardware supports *catch-all* key, for offloading
+        * group-key en-/de-cryption. The way of how the hardware
+        * decides which keyId maps to which key, remains a mystery...
+        */
+       if ((vif->type != NL80211_IFTYPE_STATION &&
+            vif->type != NL80211_IFTYPE_ADHOC) &&
+           !(key->flags & IEEE80211_KEY_FLAG_PAIRWISE))
+               return -EOPNOTSUPP;
+
+       switch (key->cipher) {
+       case WLAN_CIPHER_SUITE_WEP40:
+               ktype = AR9170_ENC_ALG_WEP64;
+               break;
+       case WLAN_CIPHER_SUITE_WEP104:
+               ktype = AR9170_ENC_ALG_WEP128;
+               break;
+       case WLAN_CIPHER_SUITE_TKIP:
+               ktype = AR9170_ENC_ALG_TKIP;
+               break;
+       case WLAN_CIPHER_SUITE_CCMP:
+               ktype = AR9170_ENC_ALG_AESCCMP;
+               break;
+       default:
+               return -EOPNOTSUPP;
+       }
+
+       mutex_lock(&ar->mutex);
+       if (cmd == SET_KEY) {
+               if (!IS_STARTED(ar)) {
+                       err = -EOPNOTSUPP;
+                       goto out;
+               }
+
+               if (!(key->flags & IEEE80211_KEY_FLAG_PAIRWISE)) {
+                       sta = NULL;
+
+                       i = 64 + key->keyidx;
+               } else {
+                       for (i = 0; i < 64; i++)
+                               if (!(ar->usedkeys & BIT(i)))
+                                       break;
+                       if (i == 64)
+                               goto err_softw;
+               }
+
+               key->hw_key_idx = i;
+
+               err = carl9170_upload_key(ar, i, sta ? sta->addr : NULL,
+                                         ktype, 0, key->key,
+                                         min_t(u8, 16, key->keylen));
+               if (err)
+                       goto out;
+
+               if (key->cipher == WLAN_CIPHER_SUITE_TKIP) {
+                       err = carl9170_upload_key(ar, i, sta ? sta->addr :
+                                                 NULL, ktype, 1,
+                                                 key->key + 16, 16);
+                       if (err)
+                               goto out;
+
+                       /*
+                        * hardware is not capable generating MMIC
+                        * of fragmented frames!
+                        */
+                       key->flags |= IEEE80211_KEY_FLAG_GENERATE_MMIC;
+               }
+
+               if (i < 64)
+                       ar->usedkeys |= BIT(i);
+
+               key->flags |= IEEE80211_KEY_FLAG_GENERATE_IV;
+       } else {
+               if (!IS_STARTED(ar)) {
+                       /* The device is gone... together with the key ;-) */
+                       err = 0;
+                       goto out;
+               }
+
+               if (key->hw_key_idx < 64) {
+                       ar->usedkeys &= ~BIT(key->hw_key_idx);
+               } else {
+                       err = carl9170_upload_key(ar, key->hw_key_idx, NULL,
+                                                 AR9170_ENC_ALG_NONE, 0,
+                                                 NULL, 0);
+                       if (err)
+                               goto out;
+
+                       if (key->cipher == WLAN_CIPHER_SUITE_TKIP) {
+                               err = carl9170_upload_key(ar, key->hw_key_idx,
+                                                         NULL,
+                                                         AR9170_ENC_ALG_NONE,
+                                                         1, NULL, 0);
+                               if (err)
+                                       goto out;
+                       }
+
+               }
+
+               err = carl9170_disable_key(ar, key->hw_key_idx);
+               if (err)
+                       goto out;
+       }
+
+out:
+       mutex_unlock(&ar->mutex);
+       return err;
+
+err_softw:
+       if (!ar->rx_software_decryption) {
+               ar->rx_software_decryption = true;
+               carl9170_set_operating_mode(ar);
+       }
+       mutex_unlock(&ar->mutex);
+       return -ENOSPC;
+}
+
+static int carl9170_op_sta_add(struct ieee80211_hw *hw,
+                              struct ieee80211_vif *vif,
+                              struct ieee80211_sta *sta)
+{
+       struct carl9170_sta_info *sta_info = (void *) sta->drv_priv;
+       unsigned int i;
+
+       if (sta->ht_cap.ht_supported) {
+               if (sta->ht_cap.ampdu_density > 6) {
+                       /*
+                        * HW does support 16us AMPDU density.
+                        * No HT-Xmit for station.
+                        */
+
+                       return 0;
+               }
+
+               for (i = 0; i < CARL9170_NUM_TID; i++)
+                       rcu_assign_pointer(sta_info->agg[i], NULL);
+
+               sta_info->ampdu_max_len = 1 << (3 + sta->ht_cap.ampdu_factor);
+               sta_info->ht_sta = true;
+       }
+
+       return 0;
+}
+
+static int carl9170_op_sta_remove(struct ieee80211_hw *hw,
+                               struct ieee80211_vif *vif,
+                               struct ieee80211_sta *sta)
+{
+       struct ar9170 *ar = hw->priv;
+       struct carl9170_sta_info *sta_info = (void *) sta->drv_priv;
+       unsigned int i;
+       bool cleanup = false;
+
+       if (sta->ht_cap.ht_supported) {
+
+               sta_info->ht_sta = false;
+
+               rcu_read_lock();
+               for (i = 0; i < CARL9170_NUM_TID; i++) {
+                       struct carl9170_sta_tid *tid_info;
+
+                       tid_info = rcu_dereference(sta_info->agg[i]);
+                       rcu_assign_pointer(sta_info->agg[i], NULL);
+
+                       if (!tid_info)
+                               continue;
+
+                       spin_lock_bh(&ar->tx_ampdu_list_lock);
+                       if (tid_info->state > CARL9170_TID_STATE_SHUTDOWN)
+                               tid_info->state = CARL9170_TID_STATE_SHUTDOWN;
+                       spin_unlock_bh(&ar->tx_ampdu_list_lock);
+                       cleanup = true;
+               }
+               rcu_read_unlock();
+
+               if (cleanup)
+                       carl9170_ampdu_gc(ar);
+       }
+
+       return 0;
+}
+
+static int carl9170_op_conf_tx(struct ieee80211_hw *hw, u16 queue,
+                              const struct ieee80211_tx_queue_params *param)
+{
+       struct ar9170 *ar = hw->priv;
+       int ret;
+
+       mutex_lock(&ar->mutex);
+       if (queue < ar->hw->queues) {
+               memcpy(&ar->edcf[ar9170_qmap[queue]], param, sizeof(*param));
+               ret = carl9170_set_qos(ar);
+       } else {
+               ret = -EINVAL;
+       }
+
+       mutex_unlock(&ar->mutex);
+       return ret;
+}
+
+static void carl9170_ampdu_work(struct work_struct *work)
+{
+       struct ar9170 *ar = container_of(work, struct ar9170,
+                                        ampdu_work);
+
+       if (!IS_STARTED(ar))
+               return;
+
+       mutex_lock(&ar->mutex);
+       carl9170_ampdu_gc(ar);
+       mutex_unlock(&ar->mutex);
+}
+
+static int carl9170_op_ampdu_action(struct ieee80211_hw *hw,
+                                   struct ieee80211_vif *vif,
+                                   enum ieee80211_ampdu_mlme_action action,
+                                   struct ieee80211_sta *sta,
+                                   u16 tid, u16 *ssn)
+{
+       struct ar9170 *ar = hw->priv;
+       struct carl9170_sta_info *sta_info = (void *) sta->drv_priv;
+       struct carl9170_sta_tid *tid_info;
+
+       if (modparam_noht)
+               return -EOPNOTSUPP;
+
+       switch (action) {
+       case IEEE80211_AMPDU_TX_START:
+               if (WARN_ON_ONCE(!sta_info->ht_sta))
+                       return -EOPNOTSUPP;
+
+               rcu_read_lock();
+               if (rcu_dereference(sta_info->agg[tid])) {
+                       rcu_read_unlock();
+                       return -EBUSY;
+               }
+
+               tid_info = kzalloc(sizeof(struct carl9170_sta_tid),
+                                  GFP_ATOMIC);
+               if (!tid_info) {
+                       rcu_read_unlock();
+                       return -ENOMEM;
+               }
+
+               tid_info->hsn = tid_info->bsn = tid_info->snx = (*ssn);
+               tid_info->state = CARL9170_TID_STATE_PROGRESS;
+               tid_info->tid = tid;
+               tid_info->max = sta_info->ampdu_max_len;
+
+               INIT_LIST_HEAD(&tid_info->list);
+               INIT_LIST_HEAD(&tid_info->tmp_list);
+               skb_queue_head_init(&tid_info->queue);
+               spin_lock_init(&tid_info->lock);
+
+               spin_lock_bh(&ar->tx_ampdu_list_lock);
+               ar->tx_ampdu_list_len++;
+               list_add_tail_rcu(&tid_info->list, &ar->tx_ampdu_list);
+               rcu_assign_pointer(sta_info->agg[tid], tid_info);
+               spin_unlock_bh(&ar->tx_ampdu_list_lock);
+               rcu_read_unlock();
+
+               ieee80211_start_tx_ba_cb_irqsafe(vif, sta->addr, tid);
+               break;
+
+       case IEEE80211_AMPDU_TX_STOP:
+               rcu_read_lock();
+               tid_info = rcu_dereference(sta_info->agg[tid]);
+               if (tid_info) {
+                       spin_lock_bh(&ar->tx_ampdu_list_lock);
+                       if (tid_info->state > CARL9170_TID_STATE_SHUTDOWN)
+                               tid_info->state = CARL9170_TID_STATE_SHUTDOWN;
+                       spin_unlock_bh(&ar->tx_ampdu_list_lock);
+               }
+
+               rcu_assign_pointer(sta_info->agg[tid], NULL);
+               rcu_read_unlock();
+
+               ieee80211_stop_tx_ba_cb_irqsafe(vif, sta->addr, tid);
+               ieee80211_queue_work(ar->hw, &ar->ampdu_work);
+               break;
+
+       case IEEE80211_AMPDU_TX_OPERATIONAL:
+               rcu_read_lock();
+               tid_info = rcu_dereference(sta_info->agg[tid]);
+
+               sta_info->stats[tid].clear = true;
+
+               if (tid_info) {
+                       bitmap_zero(tid_info->bitmap, CARL9170_BAW_SIZE);
+                       tid_info->state = CARL9170_TID_STATE_IDLE;
+               }
+               rcu_read_unlock();
+
+               if (WARN_ON_ONCE(!tid_info))
+                       return -EFAULT;
+
+               break;
+
+       case IEEE80211_AMPDU_RX_START:
+       case IEEE80211_AMPDU_RX_STOP:
+               /* Handled by hardware */
+               break;
+
+       default:
+               return -EOPNOTSUPP;
+       }
+
+       return 0;
+}
+
+#ifdef CONFIG_CARL9170_WPC
+static int carl9170_register_wps_button(struct ar9170 *ar)
+{
+       struct input_dev *input;
+       int err;
+
+       if (!(ar->features & CARL9170_WPS_BUTTON))
+               return 0;
+
+       input = input_allocate_device();
+       if (!input)
+               return -ENOMEM;
+
+       snprintf(ar->wps.name, sizeof(ar->wps.name), "%s WPS Button",
+                wiphy_name(ar->hw->wiphy));
+
+       snprintf(ar->wps.phys, sizeof(ar->wps.phys),
+                "ieee80211/%s/input0", wiphy_name(ar->hw->wiphy));
+
+       input->name = ar->wps.name;
+       input->phys = ar->wps.phys;
+       input->id.bustype = BUS_USB;
+       input->dev.parent = &ar->hw->wiphy->dev;
+
+       input_set_capability(input, EV_KEY, KEY_WPS_BUTTON);
+
+       err = input_register_device(input);
+       if (err) {
+               input_free_device(input);
+               return err;
+       }
+
+       ar->wps.pbc = input;
+       return 0;
+}
+#endif /* CONFIG_CARL9170_WPC */
+
+static int carl9170_op_get_survey(struct ieee80211_hw *hw, int idx,
+                               struct survey_info *survey)
+{
+       struct ar9170 *ar = hw->priv;
+       int err;
+
+       if (idx != 0)
+               return -ENOENT;
+
+       mutex_lock(&ar->mutex);
+       err = carl9170_get_noisefloor(ar);
+       mutex_unlock(&ar->mutex);
+       if (err)
+               return err;
+
+       survey->channel = ar->channel;
+       survey->filled = SURVEY_INFO_NOISE_DBM;
+       survey->noise = ar->noise[0];
+       return 0;
+}
+
+static void carl9170_op_flush(struct ieee80211_hw *hw, bool drop)
+{
+       struct ar9170 *ar = hw->priv;
+       unsigned int vid;
+
+       mutex_lock(&ar->mutex);
+       for_each_set_bit(vid, &ar->vif_bitmap, ar->fw.vif_num)
+               carl9170_flush_cab(ar, vid);
+
+       carl9170_flush(ar, drop);
+       mutex_unlock(&ar->mutex);
+}
+
+static int carl9170_op_get_stats(struct ieee80211_hw *hw,
+                                struct ieee80211_low_level_stats *stats)
+{
+       struct ar9170 *ar = hw->priv;
+
+       memset(stats, 0, sizeof(*stats));
+       stats->dot11ACKFailureCount = ar->tx_ack_failures;
+       stats->dot11FCSErrorCount = ar->tx_fcs_errors;
+       return 0;
+}
+
+static void carl9170_op_sta_notify(struct ieee80211_hw *hw,
+                                  struct ieee80211_vif *vif,
+                                  enum sta_notify_cmd cmd,
+                                  struct ieee80211_sta *sta)
+{
+       struct ar9170 *ar = hw->priv;
+       struct carl9170_sta_info *sta_info = (void *) sta->drv_priv;
+       struct sk_buff *skb;
+       struct sk_buff_head free;
+       int i;
+
+       switch (cmd) {
+       case STA_NOTIFY_SLEEP:
+               /*
+                * Since the peer is no longer listening, we have to return
+                * as many SKBs as possible back to the mac80211 stack.
+                * It will deal with the retry procedure, once the peer
+                * has become available again.
+                *
+                * NB: Ideally, the driver should return the all frames in
+                * the correct, ascending order. However, I think that this
+                * functionality should be implemented in the stack and not
+                * here...
+                */
+
+               __skb_queue_head_init(&free);
+
+               if (sta->ht_cap.ht_supported) {
+                       rcu_read_lock();
+                       for (i = 0; i < CARL9170_NUM_TID; i++) {
+                               struct carl9170_sta_tid *tid_info;
+
+                               tid_info = rcu_dereference(sta_info->agg[i]);
+
+                               if (!tid_info)
+                                       continue;
+
+                               spin_lock_bh(&ar->tx_ampdu_list_lock);
+                               if (tid_info->state >
+                                   CARL9170_TID_STATE_SUSPEND)
+                                       tid_info->state =
+                                               CARL9170_TID_STATE_SUSPEND;
+                               spin_unlock_bh(&ar->tx_ampdu_list_lock);
+
+                               spin_lock_bh(&tid_info->lock);
+                               while ((skb = __skb_dequeue(&tid_info->queue)))
+                                       __skb_queue_tail(&free, skb);
+                               spin_unlock_bh(&tid_info->lock);
+
+                               ieee80211_stop_tx_ba_session(sta,
+                                       tid_info->tid);
+                       }
+                       rcu_read_unlock();
+               }
+
+               for (i = 0; i < ar->hw->queues; i++) {
+                       spin_lock_bh(&ar->tx_pending[i].lock);
+                       skb_queue_walk(&ar->tx_pending[i], skb) {
+                               struct _carl9170_tx_superframe *super;
+                               struct ieee80211_hdr *hdr;
+
+                               super = (void *) skb->data;
+                               hdr = (void *) super->frame_data;
+
+                               if (compare_ether_addr(hdr->addr1, sta->addr))
+                                       continue;
+
+                               __skb_unlink(skb, &ar->tx_pending[i]);
+                               carl9170_tx_status(ar, skb, false);
+                       }
+                       spin_unlock_bh(&ar->tx_pending[i].lock);
+               }
+
+               while ((skb = __skb_dequeue(&free)))
+                       carl9170_tx_status(ar, skb, false);
+
+               break;
+
+       case STA_NOTIFY_AWAKE:
+               if (!sta->ht_cap.ht_supported)
+                       return;
+
+               rcu_read_lock();
+               for (i = 0; i < CARL9170_NUM_TID; i++) {
+                       struct carl9170_sta_tid *tid_info;
+
+                       tid_info = rcu_dereference(sta_info->agg[i]);
+
+                       if (!tid_info)
+                               continue;
+
+                       if ((tid_info->state == CARL9170_TID_STATE_SUSPEND))
+                               tid_info->state = CARL9170_TID_STATE_IDLE;
+               }
+               rcu_read_unlock();
+               break;
+       }
+}
+
+static const struct ieee80211_ops carl9170_ops = {
+       .start                  = carl9170_op_start,
+       .stop                   = carl9170_op_stop,
+       .tx                     = carl9170_op_tx,
+       .flush                  = carl9170_op_flush,
+       .add_interface          = carl9170_op_add_interface,
+       .remove_interface       = carl9170_op_remove_interface,
+       .config                 = carl9170_op_config,
+       .prepare_multicast      = carl9170_op_prepare_multicast,
+       .configure_filter       = carl9170_op_configure_filter,
+       .conf_tx                = carl9170_op_conf_tx,
+       .bss_info_changed       = carl9170_op_bss_info_changed,
+       .get_tsf                = carl9170_op_get_tsf,
+       .set_key                = carl9170_op_set_key,
+       .sta_add                = carl9170_op_sta_add,
+       .sta_remove             = carl9170_op_sta_remove,
+       .sta_notify             = carl9170_op_sta_notify,
+       .get_survey             = carl9170_op_get_survey,
+       .get_stats              = carl9170_op_get_stats,
+       .ampdu_action           = carl9170_op_ampdu_action,
+};
+
+void *carl9170_alloc(size_t priv_size)
+{
+       struct ieee80211_hw *hw;
+       struct ar9170 *ar;
+       struct sk_buff *skb;
+       int i;
+
+       /*
+        * this buffer is used for rx stream reconstruction.
+        * Under heavy load this device (or the transport layer?)
+        * tends to split the streams into separate rx descriptors.
+        */
+
+       skb = __dev_alloc_skb(AR9170_RX_STREAM_MAX_SIZE, GFP_KERNEL);
+       if (!skb)
+               goto err_nomem;
+
+       hw = ieee80211_alloc_hw(priv_size, &carl9170_ops);
+       if (!hw)
+               goto err_nomem;
+
+       ar = hw->priv;
+       ar->hw = hw;
+       ar->rx_failover = skb;
+
+       memset(&ar->rx_plcp, 0, sizeof(struct ar9170_rx_head));
+       ar->rx_has_plcp = false;
+
+       /*
+        * Here's a hidden pitfall!
+        *
+        * All 4 AC queues work perfectly well under _legacy_ operation.
+        * However as soon as aggregation is enabled, the traffic flow
+        * gets very bumpy. Therefore we have to _switch_ to a
+        * software AC with a single HW queue.
+        */
+       hw->queues = __AR9170_NUM_TXQ;
+
+       mutex_init(&ar->mutex);
+       spin_lock_init(&ar->beacon_lock);
+       spin_lock_init(&ar->cmd_lock);
+       spin_lock_init(&ar->tx_stats_lock);
+       spin_lock_init(&ar->tx_ampdu_list_lock);
+       spin_lock_init(&ar->mem_lock);
+       spin_lock_init(&ar->state_lock);
+       atomic_set(&ar->pending_restarts, 0);
+       ar->vifs = 0;
+       for (i = 0; i < ar->hw->queues; i++) {
+               skb_queue_head_init(&ar->tx_status[i]);
+               skb_queue_head_init(&ar->tx_pending[i]);
+       }
+       INIT_WORK(&ar->ps_work, carl9170_ps_work);
+       INIT_WORK(&ar->restart_work, carl9170_restart_work);
+       INIT_WORK(&ar->ampdu_work, carl9170_ampdu_work);
+       INIT_DELAYED_WORK(&ar->tx_janitor, carl9170_tx_janitor);
+       INIT_LIST_HEAD(&ar->tx_ampdu_list);
+       rcu_assign_pointer(ar->tx_ampdu_iter,
+                          (struct carl9170_sta_tid *) &ar->tx_ampdu_list);
+
+       bitmap_zero(&ar->vif_bitmap, ar->fw.vif_num);
+       INIT_LIST_HEAD(&ar->vif_list);
+       init_completion(&ar->tx_flush);
+
+       /*
+        * Note:
+        * IBSS/ADHOC and AP mode are only enabled, if the firmware
+        * supports these modes. The code which will add the
+        * additional interface_modes is in fw.c.
+        */
+       hw->wiphy->interface_modes = BIT(NL80211_IFTYPE_STATION);
+
+       hw->flags |= IEEE80211_HW_RX_INCLUDES_FCS |
+                    IEEE80211_HW_REPORTS_TX_ACK_STATUS |
+                    IEEE80211_HW_SUPPORTS_PS |
+                    IEEE80211_HW_PS_NULLFUNC_STACK |
+                    IEEE80211_HW_SIGNAL_DBM;
+
+       if (!modparam_noht) {
+               /*
+                * see the comment above, why we allow the user
+                * to disable HT by a module parameter.
+                */
+               hw->flags |= IEEE80211_HW_AMPDU_AGGREGATION;
+       }
+
+       hw->extra_tx_headroom = sizeof(struct _carl9170_tx_superframe);
+       hw->sta_data_size = sizeof(struct carl9170_sta_info);
+       hw->vif_data_size = sizeof(struct carl9170_vif_info);
+
+       hw->max_rates = CARL9170_TX_MAX_RATES;
+       hw->max_rate_tries = CARL9170_TX_USER_RATE_TRIES;
+
+       for (i = 0; i < ARRAY_SIZE(ar->noise); i++)
+               ar->noise[i] = -95; /* ATH_DEFAULT_NOISE_FLOOR */
+
+       hw->wiphy->flags &= ~WIPHY_FLAG_PS_ON_BY_DEFAULT;
+       return ar;
+
+err_nomem:
+       kfree_skb(skb);
+       return ERR_PTR(-ENOMEM);
+}
+
+static int carl9170_read_eeprom(struct ar9170 *ar)
+{
+#define RW     8       /* number of words to read at once */
+#define RB     (sizeof(u32) * RW)
+       u8 *eeprom = (void *)&ar->eeprom;
+       __le32 offsets[RW];
+       int i, j, err;
+
+       BUILD_BUG_ON(sizeof(ar->eeprom) & 3);
+
+       BUILD_BUG_ON(RB > CARL9170_MAX_CMD_LEN - 4);
+#ifndef __CHECKER__
+       /* don't want to handle trailing remains */
+       BUILD_BUG_ON(sizeof(ar->eeprom) % RB);
+#endif
+
+       for (i = 0; i < sizeof(ar->eeprom)/RB; i++) {
+               for (j = 0; j < RW; j++)
+                       offsets[j] = cpu_to_le32(AR9170_EEPROM_START +
+                                                RB * i + 4 * j);
+
+               err = carl9170_exec_cmd(ar, CARL9170_CMD_RREG,
+                                       RB, (u8 *) &offsets,
+                                       RB, eeprom + RB * i);
+               if (err)
+                       return err;
+       }
+
+#undef RW
+#undef RB
+       return 0;
+}
+
+static int carl9170_parse_eeprom(struct ar9170 *ar)
+{
+       struct ath_regulatory *regulatory = &ar->common.regulatory;
+       unsigned int rx_streams, tx_streams, tx_params = 0;
+       int bands = 0;
+
+       if (ar->eeprom.length == cpu_to_le16(0xffff))
+               return -ENODATA;
+
+       rx_streams = hweight8(ar->eeprom.rx_mask);
+       tx_streams = hweight8(ar->eeprom.tx_mask);
+
+       if (rx_streams != tx_streams) {
+               tx_params = IEEE80211_HT_MCS_TX_RX_DIFF;
+
+               WARN_ON(!(tx_streams >= 1 && tx_streams <=
+                       IEEE80211_HT_MCS_TX_MAX_STREAMS));
+
+               tx_params = (tx_streams - 1) <<
+                           IEEE80211_HT_MCS_TX_MAX_STREAMS_SHIFT;
+
+               carl9170_band_2GHz.ht_cap.mcs.tx_params |= tx_params;
+               carl9170_band_5GHz.ht_cap.mcs.tx_params |= tx_params;
+       }
+
+       if (ar->eeprom.operating_flags & AR9170_OPFLAG_2GHZ) {
+               ar->hw->wiphy->bands[IEEE80211_BAND_2GHZ] =
+                       &carl9170_band_2GHz;
+               bands++;
+       }
+       if (ar->eeprom.operating_flags & AR9170_OPFLAG_5GHZ) {
+               ar->hw->wiphy->bands[IEEE80211_BAND_5GHZ] =
+                       &carl9170_band_5GHz;
+               bands++;
+       }
+
+       /*
+        * I measured this, a bandswitch takes roughly
+        * 135 ms and a frequency switch about 80.
+        *
+        * FIXME: measure these values again once EEPROM settings
+        *        are used, that will influence them!
+        */
+       if (bands == 2)
+               ar->hw->channel_change_time = 135 * 1000;
+       else
+               ar->hw->channel_change_time = 80 * 1000;
+
+       regulatory->current_rd = le16_to_cpu(ar->eeprom.reg_domain[0]);
+       regulatory->current_rd_ext = le16_to_cpu(ar->eeprom.reg_domain[1]);
+
+       /* second part of wiphy init */
+       SET_IEEE80211_PERM_ADDR(ar->hw, ar->eeprom.mac_address);
+
+       return bands ? 0 : -EINVAL;
+}
+
+static int carl9170_reg_notifier(struct wiphy *wiphy,
+                                struct regulatory_request *request)
+{
+       struct ieee80211_hw *hw = wiphy_to_ieee80211_hw(wiphy);
+       struct ar9170 *ar = hw->priv;
+
+       return ath_reg_notifier_apply(wiphy, request, &ar->common.regulatory);
+}
+
+int carl9170_register(struct ar9170 *ar)
+{
+       struct ath_regulatory *regulatory = &ar->common.regulatory;
+       int err = 0, i;
+
+       if (WARN_ON(ar->mem_bitmap))
+               return -EINVAL;
+
+       ar->mem_bitmap = kzalloc(roundup(ar->fw.mem_blocks, BITS_PER_LONG) *
+                                sizeof(unsigned long), GFP_KERNEL);
+
+       if (!ar->mem_bitmap)
+               return -ENOMEM;
+
+       /* try to read EEPROM, init MAC addr */
+       err = carl9170_read_eeprom(ar);
+       if (err)
+               return err;
+
+       err = carl9170_fw_fix_eeprom(ar);
+       if (err)
+               return err;
+
+       err = carl9170_parse_eeprom(ar);
+       if (err)
+               return err;
+
+       err = ath_regd_init(regulatory, ar->hw->wiphy,
+                           carl9170_reg_notifier);
+       if (err)
+               return err;
+
+       if (modparam_noht) {
+               carl9170_band_2GHz.ht_cap.ht_supported = false;
+               carl9170_band_5GHz.ht_cap.ht_supported = false;
+       }
+
+       for (i = 0; i < ar->fw.vif_num; i++) {
+               ar->vif_priv[i].id = i;
+               ar->vif_priv[i].vif = NULL;
+       }
+
+       err = ieee80211_register_hw(ar->hw);
+       if (err)
+               return err;
+
+       /* mac80211 interface is now registered */
+       ar->registered = true;
+
+       if (!ath_is_world_regd(regulatory))
+               regulatory_hint(ar->hw->wiphy, regulatory->alpha2);
+
+#ifdef CONFIG_CARL9170_DEBUGFS
+       carl9170_debugfs_register(ar);
+#endif /* CONFIG_CARL9170_DEBUGFS */
+
+       err = carl9170_led_init(ar);
+       if (err)
+               goto err_unreg;
+
+#ifdef CONFIG_CARL9170_LEDS
+       err = carl9170_led_register(ar);
+       if (err)
+               goto err_unreg;
+#endif /* CONFIG_CAR9L170_LEDS */
+
+#ifdef CONFIG_CARL9170_WPC
+       err = carl9170_register_wps_button(ar);
+       if (err)
+               goto err_unreg;
+#endif /* CONFIG_CARL9170_WPC */
+
+       dev_info(&ar->udev->dev, "Atheros AR9170 is registered as '%s'\n",
+                wiphy_name(ar->hw->wiphy));
+
+       return 0;
+
+err_unreg:
+       carl9170_unregister(ar);
+       return err;
+}
+
+void carl9170_unregister(struct ar9170 *ar)
+{
+       if (!ar->registered)
+               return;
+
+       ar->registered = false;
+
+#ifdef CONFIG_CARL9170_LEDS
+       carl9170_led_unregister(ar);
+#endif /* CONFIG_CARL9170_LEDS */
+
+#ifdef CONFIG_CARL9170_DEBUGFS
+       carl9170_debugfs_unregister(ar);
+#endif /* CONFIG_CARL9170_DEBUGFS */
+
+#ifdef CONFIG_CARL9170_WPC
+       if (ar->wps.pbc) {
+               input_unregister_device(ar->wps.pbc);
+               ar->wps.pbc = NULL;
+       }
+#endif /* CONFIG_CARL9170_WPC */
+
+       carl9170_cancel_worker(ar);
+       cancel_work_sync(&ar->restart_work);
+
+       ieee80211_unregister_hw(ar->hw);
+}
+
+void carl9170_free(struct ar9170 *ar)
+{
+       WARN_ON(ar->registered);
+       WARN_ON(IS_INITIALIZED(ar));
+
+       kfree_skb(ar->rx_failover);
+       ar->rx_failover = NULL;
+
+       kfree(ar->mem_bitmap);
+       ar->mem_bitmap = NULL;
+
+       mutex_destroy(&ar->mutex);
+
+       ieee80211_free_hw(ar->hw);
+}
diff --git a/drivers/net/wireless/ath/carl9170/version.h b/drivers/net/wireless/ath/carl9170/version.h
new file mode 100644 (file)
index 0000000..0e917f8
--- /dev/null
@@ -0,0 +1,7 @@
+#ifndef __CARL9170_SHARED_VERSION_H
+#define __CARL9170_SHARED_VERSION_H
+#define CARL9170FW_VERSION_YEAR 10
+#define CARL9170FW_VERSION_MONTH 8
+#define CARL9170FW_VERSION_DAY 30
+#define CARL9170FW_VERSION_GIT "1.8.8.1"
+#endif /* __CARL9170_SHARED_VERSION_H */