aboutsummaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
-rw-r--r--drivers/net/wireless/Makefile3
-rw-r--r--drivers/net/wireless/airo.c11
-rw-r--r--drivers/net/wireless/ath/ath5k/ath5k.h2
-rw-r--r--drivers/net/wireless/ath/ath5k/attach.c1
-rw-r--r--drivers/net/wireless/ath/ath5k/base.c16
-rw-r--r--drivers/net/wireless/ath/ath5k/debug.c58
-rw-r--r--drivers/net/wireless/ath/ath5k/debug.h1
-rw-r--r--drivers/net/wireless/ath/ath5k/dma.c4
-rw-r--r--drivers/net/wireless/ath/ath5k/pcu.c99
-rw-r--r--drivers/net/wireless/ath/ath5k/phy.c4
-rw-r--r--drivers/net/wireless/ath/ath5k/reg.h29
-rw-r--r--drivers/net/wireless/ath/ath9k/ar5008_phy.c22
-rw-r--r--drivers/net/wireless/ath/ath9k/ar9002_calib.c21
-rw-r--r--drivers/net/wireless/ath/ath9k/ar9002_hw.c2
-rw-r--r--drivers/net/wireless/ath/ath9k/eeprom.h2
-rw-r--r--drivers/net/wireless/ath/ath9k/eeprom_4k.c10
-rw-r--r--drivers/net/wireless/ath/ath9k/eeprom_9287.c6
-rw-r--r--drivers/net/wireless/ath/ath9k/eeprom_def.c18
-rw-r--r--drivers/net/wireless/ath/ath9k/htc_drv_beacon.c9
-rw-r--r--drivers/net/wireless/ath/ath9k/htc_drv_init.c3
-rw-r--r--drivers/net/wireless/ath/ath9k/hw.c27
-rw-r--r--drivers/net/wireless/ath/ath9k/init.c2
-rw-r--r--drivers/net/wireless/ath/ath9k/main.c6
-rw-r--r--drivers/net/wireless/ath/ath9k/recv.c10
-rw-r--r--drivers/net/wireless/ath/ath9k/reg.h34
-rw-r--r--drivers/net/wireless/ath/ath9k/xmit.c3
-rw-r--r--drivers/net/wireless/ath/carl9170/Kconfig2
-rw-r--r--drivers/net/wireless/ath/carl9170/carl9170.h1
-rw-r--r--drivers/net/wireless/ath/carl9170/debug.c4
-rw-r--r--drivers/net/wireless/ath/carl9170/main.c20
-rw-r--r--drivers/net/wireless/ath/carl9170/tx.c192
-rw-r--r--drivers/net/wireless/ath/carl9170/usb.c2
-rw-r--r--drivers/net/wireless/wl12xx/Makefile3
-rw-r--r--drivers/net/wireless/wl12xx/wl1271_boot.c17
-rw-r--r--include/net/mac80211.h47
-rw-r--r--net/mac80211/debugfs.c1
-rw-r--r--net/mac80211/debugfs_netdev.c3
-rw-r--r--net/mac80211/debugfs_sta.c2
-rw-r--r--net/mac80211/ieee80211_i.h43
-rw-r--r--net/mac80211/main.c3
-rw-r--r--net/mac80211/mlme.c16
-rw-r--r--net/mac80211/rx.c291
-rw-r--r--net/mac80211/scan.c3
-rw-r--r--net/mac80211/sta_info.c15
-rw-r--r--net/mac80211/status.c1
-rw-r--r--net/mac80211/util.c47
-rw-r--r--net/mac80211/wpa.c2
-rw-r--r--net/wireless/ibss.c19
-rw-r--r--net/wireless/nl80211.c20
49 files changed, 671 insertions, 486 deletions
diff --git a/drivers/net/wireless/Makefile b/drivers/net/wireless/Makefile
index 85af697574a6..a13a602edb13 100644
--- a/drivers/net/wireless/Makefile
+++ b/drivers/net/wireless/Makefile
@@ -50,7 +50,6 @@ obj-$(CONFIG_ATH_COMMON) += ath/
50obj-$(CONFIG_MAC80211_HWSIM) += mac80211_hwsim.o 50obj-$(CONFIG_MAC80211_HWSIM) += mac80211_hwsim.o
51 51
52obj-$(CONFIG_WL12XX) += wl12xx/ 52obj-$(CONFIG_WL12XX) += wl12xx/
53# small builtin driver bit 53obj-$(CONFIG_WL12XX_PLATFORM_DATA) += wl12xx/
54obj-$(CONFIG_WL12XX_PLATFORM_DATA) += wl12xx/wl12xx_platform_data.o
55 54
56obj-$(CONFIG_IWM) += iwmc3200wifi/ 55obj-$(CONFIG_IWM) += iwmc3200wifi/
diff --git a/drivers/net/wireless/airo.c b/drivers/net/wireless/airo.c
index 924ed095dd99..5a56502c4eb0 100644
--- a/drivers/net/wireless/airo.c
+++ b/drivers/net/wireless/airo.c
@@ -217,7 +217,6 @@ static const char *statsLabels[] = {
217 (no spaces) list of rates (up to 8). */ 217 (no spaces) list of rates (up to 8). */
218 218
219static int rates[8]; 219static int rates[8];
220static int basic_rate;
221static char *ssids[3]; 220static char *ssids[3];
222 221
223static int io[4]; 222static int io[4];
@@ -250,7 +249,6 @@ MODULE_LICENSE("Dual BSD/GPL");
250MODULE_SUPPORTED_DEVICE("Aironet 4500, 4800 and Cisco 340/350"); 249MODULE_SUPPORTED_DEVICE("Aironet 4500, 4800 and Cisco 340/350");
251module_param_array(io, int, NULL, 0); 250module_param_array(io, int, NULL, 0);
252module_param_array(irq, int, NULL, 0); 251module_param_array(irq, int, NULL, 0);
253module_param(basic_rate, int, 0);
254module_param_array(rates, int, NULL, 0); 252module_param_array(rates, int, NULL, 0);
255module_param_array(ssids, charp, NULL, 0); 253module_param_array(ssids, charp, NULL, 0);
256module_param(auto_wep, int, 0); 254module_param(auto_wep, int, 0);
@@ -3883,15 +3881,6 @@ static u16 setup_card(struct airo_info *ai, u8 *mac, int lock)
3883 ai->config.rates[i] = rates[i]; 3881 ai->config.rates[i] = rates[i];
3884 } 3882 }
3885 } 3883 }
3886 if ( basic_rate > 0 ) {
3887 for( i = 0; i < 8; i++ ) {
3888 if ( ai->config.rates[i] == basic_rate ||
3889 !ai->config.rates ) {
3890 ai->config.rates[i] = basic_rate | 0x80;
3891 break;
3892 }
3893 }
3894 }
3895 set_bit (FLAG_COMMIT, &ai->flags); 3884 set_bit (FLAG_COMMIT, &ai->flags);
3896 } 3885 }
3897 3886
diff --git a/drivers/net/wireless/ath/ath5k/ath5k.h b/drivers/net/wireless/ath/ath5k/ath5k.h
index b96bb985b56d..0cba2e315d9a 100644
--- a/drivers/net/wireless/ath/ath5k/ath5k.h
+++ b/drivers/net/wireless/ath/ath5k/ath5k.h
@@ -1041,7 +1041,6 @@ struct ath5k_hw {
1041#define ah_modes ah_capabilities.cap_mode 1041#define ah_modes ah_capabilities.cap_mode
1042#define ah_ee_version ah_capabilities.cap_eeprom.ee_version 1042#define ah_ee_version ah_capabilities.cap_eeprom.ee_version
1043 1043
1044 u32 ah_atim_window;
1045 u32 ah_limit_tx_retries; 1044 u32 ah_limit_tx_retries;
1046 u8 ah_coverage_class; 1045 u8 ah_coverage_class;
1047 1046
@@ -1196,6 +1195,7 @@ u64 ath5k_hw_get_tsf64(struct ath5k_hw *ah);
1196void ath5k_hw_set_tsf64(struct ath5k_hw *ah, u64 tsf64); 1195void ath5k_hw_set_tsf64(struct ath5k_hw *ah, u64 tsf64);
1197void ath5k_hw_reset_tsf(struct ath5k_hw *ah); 1196void ath5k_hw_reset_tsf(struct ath5k_hw *ah);
1198void ath5k_hw_init_beacon(struct ath5k_hw *ah, u32 next_beacon, u32 interval); 1197void ath5k_hw_init_beacon(struct ath5k_hw *ah, u32 next_beacon, u32 interval);
1198bool ath5k_hw_check_beacon_timers(struct ath5k_hw *ah, int intval);
1199/* ACK bit rate */ 1199/* ACK bit rate */
1200void ath5k_hw_set_ack_bitrate_high(struct ath5k_hw *ah, bool high); 1200void ath5k_hw_set_ack_bitrate_high(struct ath5k_hw *ah, bool high);
1201/* Clock rate related functions */ 1201/* Clock rate related functions */
diff --git a/drivers/net/wireless/ath/ath5k/attach.c b/drivers/net/wireless/ath/ath5k/attach.c
index 6e02de311cdd..cd0b14a0a93a 100644
--- a/drivers/net/wireless/ath/ath5k/attach.c
+++ b/drivers/net/wireless/ath/ath5k/attach.c
@@ -118,7 +118,6 @@ int ath5k_hw_attach(struct ath5k_softc *sc)
118 ah->ah_turbo = false; 118 ah->ah_turbo = false;
119 ah->ah_txpower.txp_tpc = AR5K_TUNE_TPC_TXPOWER; 119 ah->ah_txpower.txp_tpc = AR5K_TUNE_TPC_TXPOWER;
120 ah->ah_imr = 0; 120 ah->ah_imr = 0;
121 ah->ah_atim_window = 0;
122 ah->ah_limit_tx_retries = AR5K_INIT_TX_RETRY; 121 ah->ah_limit_tx_retries = AR5K_INIT_TX_RETRY;
123 ah->ah_software_retry = false; 122 ah->ah_software_retry = false;
124 ah->ah_ant_mode = AR5K_ANTMODE_DEFAULT; 123 ah->ah_ant_mode = AR5K_ANTMODE_DEFAULT;
diff --git a/drivers/net/wireless/ath/ath5k/base.c b/drivers/net/wireless/ath/ath5k/base.c
index 95072db0ec21..94cc3354f3a6 100644
--- a/drivers/net/wireless/ath/ath5k/base.c
+++ b/drivers/net/wireless/ath/ath5k/base.c
@@ -1191,6 +1191,15 @@ ath5k_check_ibss_tsf(struct ath5k_softc *sc, struct sk_buff *skb,
1191 */ 1191 */
1192 if (hw_tu >= sc->nexttbtt) 1192 if (hw_tu >= sc->nexttbtt)
1193 ath5k_beacon_update_timers(sc, bc_tstamp); 1193 ath5k_beacon_update_timers(sc, bc_tstamp);
1194
1195 /* Check if the beacon timers are still correct, because a TSF
1196 * update might have created a window between them - for a
1197 * longer description see the comment of this function: */
1198 if (!ath5k_hw_check_beacon_timers(sc->ah, sc->bintval)) {
1199 ath5k_beacon_update_timers(sc, bc_tstamp);
1200 ATH5K_DBG_UNLIMIT(sc, ATH5K_DEBUG_BEACON,
1201 "fixed beacon timers after beacon receive\n");
1202 }
1194 } 1203 }
1195} 1204}
1196 1205
@@ -1877,8 +1886,11 @@ ath5k_beacon_update_timers(struct ath5k_softc *sc, u64 bc_tsf)
1877 hw_tsf = ath5k_hw_get_tsf64(ah); 1886 hw_tsf = ath5k_hw_get_tsf64(ah);
1878 hw_tu = TSF_TO_TU(hw_tsf); 1887 hw_tu = TSF_TO_TU(hw_tsf);
1879 1888
1880#define FUDGE 3 1889#define FUDGE AR5K_TUNE_SW_BEACON_RESP + 3
1881 /* we use FUDGE to make sure the next TBTT is ahead of the current TU */ 1890 /* We use FUDGE to make sure the next TBTT is ahead of the current TU.
1891 * Since we later substract AR5K_TUNE_SW_BEACON_RESP (10) in the timer
1892 * configuration we need to make sure it is bigger than that. */
1893
1882 if (bc_tsf == -1) { 1894 if (bc_tsf == -1) {
1883 /* 1895 /*
1884 * no beacons received, called internally. 1896 * no beacons received, called internally.
diff --git a/drivers/net/wireless/ath/ath5k/debug.c b/drivers/net/wireless/ath/ath5k/debug.c
index 6583a82a0783..0f06e8490314 100644
--- a/drivers/net/wireless/ath/ath5k/debug.c
+++ b/drivers/net/wireless/ath/ath5k/debug.c
@@ -483,6 +483,59 @@ static const struct file_operations fops_antenna = {
483 .owner = THIS_MODULE, 483 .owner = THIS_MODULE,
484}; 484};
485 485
486/* debugfs: misc */
487
488static ssize_t read_file_misc(struct file *file, char __user *user_buf,
489 size_t count, loff_t *ppos)
490{
491 struct ath5k_softc *sc = file->private_data;
492 char buf[700];
493 unsigned int len = 0;
494 u32 filt = ath5k_hw_get_rx_filter(sc->ah);
495
496 len += snprintf(buf+len, sizeof(buf)-len, "bssid-mask: %pM\n",
497 sc->bssidmask);
498 len += snprintf(buf+len, sizeof(buf)-len, "filter-flags: 0x%x ",
499 filt);
500 if (filt & AR5K_RX_FILTER_UCAST)
501 len += snprintf(buf+len, sizeof(buf)-len, " UCAST");
502 if (filt & AR5K_RX_FILTER_MCAST)
503 len += snprintf(buf+len, sizeof(buf)-len, " MCAST");
504 if (filt & AR5K_RX_FILTER_BCAST)
505 len += snprintf(buf+len, sizeof(buf)-len, " BCAST");
506 if (filt & AR5K_RX_FILTER_CONTROL)
507 len += snprintf(buf+len, sizeof(buf)-len, " CONTROL");
508 if (filt & AR5K_RX_FILTER_BEACON)
509 len += snprintf(buf+len, sizeof(buf)-len, " BEACON");
510 if (filt & AR5K_RX_FILTER_PROM)
511 len += snprintf(buf+len, sizeof(buf)-len, " PROM");
512 if (filt & AR5K_RX_FILTER_XRPOLL)
513 len += snprintf(buf+len, sizeof(buf)-len, " XRPOLL");
514 if (filt & AR5K_RX_FILTER_PROBEREQ)
515 len += snprintf(buf+len, sizeof(buf)-len, " PROBEREQ");
516 if (filt & AR5K_RX_FILTER_PHYERR_5212)
517 len += snprintf(buf+len, sizeof(buf)-len, " PHYERR-5212");
518 if (filt & AR5K_RX_FILTER_RADARERR_5212)
519 len += snprintf(buf+len, sizeof(buf)-len, " RADARERR-5212");
520 if (filt & AR5K_RX_FILTER_PHYERR_5211)
521 snprintf(buf+len, sizeof(buf)-len, " PHYERR-5211");
522 if (filt & AR5K_RX_FILTER_RADARERR_5211)
523 len += snprintf(buf+len, sizeof(buf)-len, " RADARERR-5211\n");
524 else
525 len += snprintf(buf+len, sizeof(buf)-len, "\n");
526
527 if (len > sizeof(buf))
528 len = sizeof(buf);
529
530 return simple_read_from_buffer(user_buf, count, ppos, buf, len);
531}
532
533static const struct file_operations fops_misc = {
534 .read = read_file_misc,
535 .open = ath5k_debugfs_open,
536 .owner = THIS_MODULE,
537};
538
486 539
487/* debugfs: frameerrors */ 540/* debugfs: frameerrors */
488 541
@@ -856,6 +909,10 @@ ath5k_debug_init_device(struct ath5k_softc *sc)
856 S_IWUSR | S_IRUSR, 909 S_IWUSR | S_IRUSR,
857 sc->debug.debugfs_phydir, sc, &fops_antenna); 910 sc->debug.debugfs_phydir, sc, &fops_antenna);
858 911
912 sc->debug.debugfs_misc = debugfs_create_file("misc",
913 S_IRUSR,
914 sc->debug.debugfs_phydir, sc, &fops_misc);
915
859 sc->debug.debugfs_frameerrors = debugfs_create_file("frameerrors", 916 sc->debug.debugfs_frameerrors = debugfs_create_file("frameerrors",
860 S_IWUSR | S_IRUSR, 917 S_IWUSR | S_IRUSR,
861 sc->debug.debugfs_phydir, sc, 918 sc->debug.debugfs_phydir, sc,
@@ -886,6 +943,7 @@ ath5k_debug_finish_device(struct ath5k_softc *sc)
886 debugfs_remove(sc->debug.debugfs_beacon); 943 debugfs_remove(sc->debug.debugfs_beacon);
887 debugfs_remove(sc->debug.debugfs_reset); 944 debugfs_remove(sc->debug.debugfs_reset);
888 debugfs_remove(sc->debug.debugfs_antenna); 945 debugfs_remove(sc->debug.debugfs_antenna);
946 debugfs_remove(sc->debug.debugfs_misc);
889 debugfs_remove(sc->debug.debugfs_frameerrors); 947 debugfs_remove(sc->debug.debugfs_frameerrors);
890 debugfs_remove(sc->debug.debugfs_ani); 948 debugfs_remove(sc->debug.debugfs_ani);
891 debugfs_remove(sc->debug.debugfs_queue); 949 debugfs_remove(sc->debug.debugfs_queue);
diff --git a/drivers/net/wireless/ath/ath5k/debug.h b/drivers/net/wireless/ath/ath5k/debug.h
index 9b22722a95f0..4f078b134015 100644
--- a/drivers/net/wireless/ath/ath5k/debug.h
+++ b/drivers/net/wireless/ath/ath5k/debug.h
@@ -75,6 +75,7 @@ struct ath5k_dbg_info {
75 struct dentry *debugfs_beacon; 75 struct dentry *debugfs_beacon;
76 struct dentry *debugfs_reset; 76 struct dentry *debugfs_reset;
77 struct dentry *debugfs_antenna; 77 struct dentry *debugfs_antenna;
78 struct dentry *debugfs_misc;
78 struct dentry *debugfs_frameerrors; 79 struct dentry *debugfs_frameerrors;
79 struct dentry *debugfs_ani; 80 struct dentry *debugfs_ani;
80 struct dentry *debugfs_queue; 81 struct dentry *debugfs_queue;
diff --git a/drivers/net/wireless/ath/ath5k/dma.c b/drivers/net/wireless/ath/ath5k/dma.c
index 58bb6c5dda7b..923c9ca5c4f0 100644
--- a/drivers/net/wireless/ath/ath5k/dma.c
+++ b/drivers/net/wireless/ath/ath5k/dma.c
@@ -244,7 +244,7 @@ int ath5k_hw_stop_tx_dma(struct ath5k_hw *ah, unsigned int queue)
244 244
245 /* Force channel idle high */ 245 /* Force channel idle high */
246 AR5K_REG_ENABLE_BITS(ah, AR5K_DIAG_SW_5211, 246 AR5K_REG_ENABLE_BITS(ah, AR5K_DIAG_SW_5211,
247 AR5K_DIAG_SW_CHANEL_IDLE_HIGH); 247 AR5K_DIAG_SW_CHANNEL_IDLE_HIGH);
248 248
249 /* Wait a while and disable mechanism */ 249 /* Wait a while and disable mechanism */
250 udelay(200); 250 udelay(200);
@@ -261,7 +261,7 @@ int ath5k_hw_stop_tx_dma(struct ath5k_hw *ah, unsigned int queue)
261 } while (--i && pending); 261 } while (--i && pending);
262 262
263 AR5K_REG_DISABLE_BITS(ah, AR5K_DIAG_SW_5211, 263 AR5K_REG_DISABLE_BITS(ah, AR5K_DIAG_SW_5211,
264 AR5K_DIAG_SW_CHANEL_IDLE_HIGH); 264 AR5K_DIAG_SW_CHANNEL_IDLE_HIGH);
265 } 265 }
266 266
267 /* Clear register */ 267 /* Clear register */
diff --git a/drivers/net/wireless/ath/ath5k/pcu.c b/drivers/net/wireless/ath/ath5k/pcu.c
index 6a891c4484a0..095d30b50ec7 100644
--- a/drivers/net/wireless/ath/ath5k/pcu.c
+++ b/drivers/net/wireless/ath/ath5k/pcu.c
@@ -495,6 +495,10 @@ u64 ath5k_hw_get_tsf64(struct ath5k_hw *ah)
495{ 495{
496 u32 tsf_lower, tsf_upper1, tsf_upper2; 496 u32 tsf_lower, tsf_upper1, tsf_upper2;
497 int i; 497 int i;
498 unsigned long flags;
499
500 /* This code is time critical - we don't want to be interrupted here */
501 local_irq_save(flags);
498 502
499 /* 503 /*
500 * While reading TSF upper and then lower part, the clock is still 504 * While reading TSF upper and then lower part, the clock is still
@@ -517,6 +521,8 @@ u64 ath5k_hw_get_tsf64(struct ath5k_hw *ah)
517 tsf_upper1 = tsf_upper2; 521 tsf_upper1 = tsf_upper2;
518 } 522 }
519 523
524 local_irq_restore(flags);
525
520 WARN_ON( i == ATH5K_MAX_TSF_READ ); 526 WARN_ON( i == ATH5K_MAX_TSF_READ );
521 527
522 return (((u64)tsf_upper1 << 32) | tsf_lower); 528 return (((u64)tsf_upper1 << 32) | tsf_lower);
@@ -600,7 +606,7 @@ void ath5k_hw_init_beacon(struct ath5k_hw *ah, u32 next_beacon, u32 interval)
600 /* Timer3 marks the end of our ATIM window 606 /* Timer3 marks the end of our ATIM window
601 * a zero length window is not allowed because 607 * a zero length window is not allowed because
602 * we 'll get no beacons */ 608 * we 'll get no beacons */
603 timer3 = next_beacon + (ah->ah_atim_window ? ah->ah_atim_window : 1); 609 timer3 = next_beacon + 1;
604 610
605 /* 611 /*
606 * Set the beacon register and enable all timers. 612 * Set the beacon register and enable all timers.
@@ -641,6 +647,97 @@ void ath5k_hw_init_beacon(struct ath5k_hw *ah, u32 next_beacon, u32 interval)
641} 647}
642 648
643/** 649/**
650 * ath5k_check_timer_win - Check if timer B is timer A + window
651 *
652 * @a: timer a (before b)
653 * @b: timer b (after a)
654 * @window: difference between a and b
655 * @intval: timers are increased by this interval
656 *
657 * This helper function checks if timer B is timer A + window and covers
658 * cases where timer A or B might have already been updated or wrapped
659 * around (Timers are 16 bit).
660 *
661 * Returns true if O.K.
662 */
663static inline bool
664ath5k_check_timer_win(int a, int b, int window, int intval)
665{
666 /*
667 * 1.) usually B should be A + window
668 * 2.) A already updated, B not updated yet
669 * 3.) A already updated and has wrapped around
670 * 4.) B has wrapped around
671 */
672 if ((b - a == window) || /* 1.) */
673 (a - b == intval - window) || /* 2.) */
674 ((a | 0x10000) - b == intval - window) || /* 3.) */
675 ((b | 0x10000) - a == window)) /* 4.) */
676 return true; /* O.K. */
677 return false;
678}
679
680/**
681 * ath5k_hw_check_beacon_timers - Check if the beacon timers are correct
682 *
683 * @ah: The &struct ath5k_hw
684 * @intval: beacon interval
685 *
686 * This is a workaround for IBSS mode:
687 *
688 * The need for this function arises from the fact that we have 4 separate
689 * HW timer registers (TIMER0 - TIMER3), which are closely related to the
690 * next beacon target time (NBTT), and that the HW updates these timers
691 * seperately based on the current TSF value. The hardware increments each
692 * timer by the beacon interval, when the local TSF coverted to TU is equal
693 * to the value stored in the timer.
694 *
695 * The reception of a beacon with the same BSSID can update the local HW TSF
696 * at any time - this is something we can't avoid. If the TSF jumps to a
697 * time which is later than the time stored in a timer, this timer will not
698 * be updated until the TSF in TU wraps around at 16 bit (the size of the
699 * timers) and reaches the time which is stored in the timer.
700 *
701 * The problem is that these timers are closely related to TIMER0 (NBTT) and
702 * that they define a time "window". When the TSF jumps between two timers
703 * (e.g. ATIM and NBTT), the one in the past will be left behind (not
704 * updated), while the one in the future will be updated every beacon
705 * interval. This causes the window to get larger, until the TSF wraps
706 * around as described above and the timer which was left behind gets
707 * updated again. But - because the beacon interval is usually not an exact
708 * divisor of the size of the timers (16 bit), an unwanted "window" between
709 * these timers has developed!
710 *
711 * This is especially important with the ATIM window, because during
712 * the ATIM window only ATIM frames and no data frames are allowed to be
713 * sent, which creates transmission pauses after each beacon. This symptom
714 * has been described as "ramping ping" because ping times increase linearly
715 * for some time and then drop down again. A wrong window on the DMA beacon
716 * timer has the same effect, so we check for these two conditions.
717 *
718 * Returns true if O.K.
719 */
720bool
721ath5k_hw_check_beacon_timers(struct ath5k_hw *ah, int intval)
722{
723 unsigned int nbtt, atim, dma;
724
725 nbtt = ath5k_hw_reg_read(ah, AR5K_TIMER0);
726 atim = ath5k_hw_reg_read(ah, AR5K_TIMER3);
727 dma = ath5k_hw_reg_read(ah, AR5K_TIMER1) >> 3;
728
729 /* NOTE: SWBA is different. Having a wrong window there does not
730 * stop us from sending data and this condition is catched thru
731 * other means (SWBA interrupt) */
732
733 if (ath5k_check_timer_win(nbtt, atim, 1, intval) &&
734 ath5k_check_timer_win(dma, nbtt, AR5K_TUNE_DMA_BEACON_RESP,
735 intval))
736 return true; /* O.K. */
737 return false;
738}
739
740/**
644 * ath5k_hw_set_coverage_class - Set IEEE 802.11 coverage class 741 * ath5k_hw_set_coverage_class - Set IEEE 802.11 coverage class
645 * 742 *
646 * @ah: The &struct ath5k_hw 743 * @ah: The &struct ath5k_hw
diff --git a/drivers/net/wireless/ath/ath5k/phy.c b/drivers/net/wireless/ath/ath5k/phy.c
index 4932bf2f35eb..61da913e7c8f 100644
--- a/drivers/net/wireless/ath/ath5k/phy.c
+++ b/drivers/net/wireless/ath/ath5k/phy.c
@@ -1257,7 +1257,7 @@ static int ath5k_hw_rf5110_calibrate(struct ath5k_hw *ah,
1257 * Disable beacons and RX/TX queues, wait 1257 * Disable beacons and RX/TX queues, wait
1258 */ 1258 */
1259 AR5K_REG_ENABLE_BITS(ah, AR5K_DIAG_SW_5210, 1259 AR5K_REG_ENABLE_BITS(ah, AR5K_DIAG_SW_5210,
1260 AR5K_DIAG_SW_DIS_TX | AR5K_DIAG_SW_DIS_RX_5210); 1260 AR5K_DIAG_SW_DIS_TX_5210 | AR5K_DIAG_SW_DIS_RX_5210);
1261 beacon = ath5k_hw_reg_read(ah, AR5K_BEACON_5210); 1261 beacon = ath5k_hw_reg_read(ah, AR5K_BEACON_5210);
1262 ath5k_hw_reg_write(ah, beacon & ~AR5K_BEACON_ENABLE, AR5K_BEACON_5210); 1262 ath5k_hw_reg_write(ah, beacon & ~AR5K_BEACON_ENABLE, AR5K_BEACON_5210);
1263 1263
@@ -1336,7 +1336,7 @@ static int ath5k_hw_rf5110_calibrate(struct ath5k_hw *ah,
1336 * Re-enable RX/TX and beacons 1336 * Re-enable RX/TX and beacons
1337 */ 1337 */
1338 AR5K_REG_DISABLE_BITS(ah, AR5K_DIAG_SW_5210, 1338 AR5K_REG_DISABLE_BITS(ah, AR5K_DIAG_SW_5210,
1339 AR5K_DIAG_SW_DIS_TX | AR5K_DIAG_SW_DIS_RX_5210); 1339 AR5K_DIAG_SW_DIS_TX_5210 | AR5K_DIAG_SW_DIS_RX_5210);
1340 ath5k_hw_reg_write(ah, beacon, AR5K_BEACON_5210); 1340 ath5k_hw_reg_write(ah, beacon, AR5K_BEACON_5210);
1341 1341
1342 return 0; 1342 return 0;
diff --git a/drivers/net/wireless/ath/ath5k/reg.h b/drivers/net/wireless/ath/ath5k/reg.h
index 67d63081705a..a34929f06533 100644
--- a/drivers/net/wireless/ath/ath5k/reg.h
+++ b/drivers/net/wireless/ath/ath5k/reg.h
@@ -1387,10 +1387,9 @@
1387 1387
1388 1388
1389/* 1389/*
1390 * PCU control register 1390 * PCU Diagnostic register
1391 * 1391 *
1392 * Only DIS_RX is used in the code, the rest i guess are 1392 * Used for tweaking/diagnostics.
1393 * for tweaking/diagnostics.
1394 */ 1393 */
1395#define AR5K_DIAG_SW_5210 0x8068 /* Register Address [5210] */ 1394#define AR5K_DIAG_SW_5210 0x8068 /* Register Address [5210] */
1396#define AR5K_DIAG_SW_5211 0x8048 /* Register Address [5211+] */ 1395#define AR5K_DIAG_SW_5211 0x8048 /* Register Address [5211+] */
@@ -1399,22 +1398,22 @@
1399#define AR5K_DIAG_SW_DIS_WEP_ACK 0x00000001 /* Disable ACKs if WEP key is invalid */ 1398#define AR5K_DIAG_SW_DIS_WEP_ACK 0x00000001 /* Disable ACKs if WEP key is invalid */
1400#define AR5K_DIAG_SW_DIS_ACK 0x00000002 /* Disable ACKs */ 1399#define AR5K_DIAG_SW_DIS_ACK 0x00000002 /* Disable ACKs */
1401#define AR5K_DIAG_SW_DIS_CTS 0x00000004 /* Disable CTSs */ 1400#define AR5K_DIAG_SW_DIS_CTS 0x00000004 /* Disable CTSs */
1402#define AR5K_DIAG_SW_DIS_ENC 0x00000008 /* Disable encryption */ 1401#define AR5K_DIAG_SW_DIS_ENC 0x00000008 /* Disable HW encryption */
1403#define AR5K_DIAG_SW_DIS_DEC 0x00000010 /* Disable decryption */ 1402#define AR5K_DIAG_SW_DIS_DEC 0x00000010 /* Disable HW decryption */
1404#define AR5K_DIAG_SW_DIS_TX 0x00000020 /* Disable transmit [5210] */ 1403#define AR5K_DIAG_SW_DIS_TX_5210 0x00000020 /* Disable transmit [5210] */
1405#define AR5K_DIAG_SW_DIS_RX_5210 0x00000040 /* Disable recieve */ 1404#define AR5K_DIAG_SW_DIS_RX_5210 0x00000040 /* Disable receive */
1406#define AR5K_DIAG_SW_DIS_RX_5211 0x00000020 1405#define AR5K_DIAG_SW_DIS_RX_5211 0x00000020
1407#define AR5K_DIAG_SW_DIS_RX (ah->ah_version == AR5K_AR5210 ? \ 1406#define AR5K_DIAG_SW_DIS_RX (ah->ah_version == AR5K_AR5210 ? \
1408 AR5K_DIAG_SW_DIS_RX_5210 : AR5K_DIAG_SW_DIS_RX_5211) 1407 AR5K_DIAG_SW_DIS_RX_5210 : AR5K_DIAG_SW_DIS_RX_5211)
1409#define AR5K_DIAG_SW_LOOP_BACK_5210 0x00000080 /* Loopback (i guess it goes with DIS_TX) [5210] */ 1408#define AR5K_DIAG_SW_LOOP_BACK_5210 0x00000080 /* TX Data Loopback (i guess it goes with DIS_TX) [5210] */
1410#define AR5K_DIAG_SW_LOOP_BACK_5211 0x00000040 1409#define AR5K_DIAG_SW_LOOP_BACK_5211 0x00000040
1411#define AR5K_DIAG_SW_LOOP_BACK (ah->ah_version == AR5K_AR5210 ? \ 1410#define AR5K_DIAG_SW_LOOP_BACK (ah->ah_version == AR5K_AR5210 ? \
1412 AR5K_DIAG_SW_LOOP_BACK_5210 : AR5K_DIAG_SW_LOOP_BACK_5211) 1411 AR5K_DIAG_SW_LOOP_BACK_5210 : AR5K_DIAG_SW_LOOP_BACK_5211)
1413#define AR5K_DIAG_SW_CORR_FCS_5210 0x00000100 /* Corrupted FCS */ 1412#define AR5K_DIAG_SW_CORR_FCS_5210 0x00000100 /* Generate invalid TX FCS */
1414#define AR5K_DIAG_SW_CORR_FCS_5211 0x00000080 1413#define AR5K_DIAG_SW_CORR_FCS_5211 0x00000080
1415#define AR5K_DIAG_SW_CORR_FCS (ah->ah_version == AR5K_AR5210 ? \ 1414#define AR5K_DIAG_SW_CORR_FCS (ah->ah_version == AR5K_AR5210 ? \
1416 AR5K_DIAG_SW_CORR_FCS_5210 : AR5K_DIAG_SW_CORR_FCS_5211) 1415 AR5K_DIAG_SW_CORR_FCS_5210 : AR5K_DIAG_SW_CORR_FCS_5211)
1417#define AR5K_DIAG_SW_CHAN_INFO_5210 0x00000200 /* Dump channel info */ 1416#define AR5K_DIAG_SW_CHAN_INFO_5210 0x00000200 /* Add 56 bytes of channel info before the frame data in the RX buffer */
1418#define AR5K_DIAG_SW_CHAN_INFO_5211 0x00000100 1417#define AR5K_DIAG_SW_CHAN_INFO_5211 0x00000100
1419#define AR5K_DIAG_SW_CHAN_INFO (ah->ah_version == AR5K_AR5210 ? \ 1418#define AR5K_DIAG_SW_CHAN_INFO (ah->ah_version == AR5K_AR5210 ? \
1420 AR5K_DIAG_SW_CHAN_INFO_5210 : AR5K_DIAG_SW_CHAN_INFO_5211) 1419 AR5K_DIAG_SW_CHAN_INFO_5210 : AR5K_DIAG_SW_CHAN_INFO_5211)
@@ -1426,17 +1425,17 @@
1426#define AR5K_DIAG_SW_SCVRAM_SEED 0x0003f800 /* [5210] */ 1425#define AR5K_DIAG_SW_SCVRAM_SEED 0x0003f800 /* [5210] */
1427#define AR5K_DIAG_SW_SCRAM_SEED_M 0x0001fc00 /* Scrambler seed mask */ 1426#define AR5K_DIAG_SW_SCRAM_SEED_M 0x0001fc00 /* Scrambler seed mask */
1428#define AR5K_DIAG_SW_SCRAM_SEED_S 10 1427#define AR5K_DIAG_SW_SCRAM_SEED_S 10
1429#define AR5K_DIAG_SW_DIS_SEQ_INC 0x00040000 /* Disable seqnum increment (?)[5210] */ 1428#define AR5K_DIAG_SW_DIS_SEQ_INC_5210 0x00040000 /* Disable seqnum increment (?)[5210] */
1430#define AR5K_DIAG_SW_FRAME_NV0_5210 0x00080000 1429#define AR5K_DIAG_SW_FRAME_NV0_5210 0x00080000
1431#define AR5K_DIAG_SW_FRAME_NV0_5211 0x00020000 /* Accept frames of non-zero protocol number */ 1430#define AR5K_DIAG_SW_FRAME_NV0_5211 0x00020000 /* Accept frames of non-zero protocol number */
1432#define AR5K_DIAG_SW_FRAME_NV0 (ah->ah_version == AR5K_AR5210 ? \ 1431#define AR5K_DIAG_SW_FRAME_NV0 (ah->ah_version == AR5K_AR5210 ? \
1433 AR5K_DIAG_SW_FRAME_NV0_5210 : AR5K_DIAG_SW_FRAME_NV0_5211) 1432 AR5K_DIAG_SW_FRAME_NV0_5210 : AR5K_DIAG_SW_FRAME_NV0_5211)
1434#define AR5K_DIAG_SW_OBSPT_M 0x000c0000 /* Observation point select (?) */ 1433#define AR5K_DIAG_SW_OBSPT_M 0x000c0000 /* Observation point select (?) */
1435#define AR5K_DIAG_SW_OBSPT_S 18 1434#define AR5K_DIAG_SW_OBSPT_S 18
1436#define AR5K_DIAG_SW_RX_CLEAR_HIGH 0x0010000 /* Force RX Clear high */ 1435#define AR5K_DIAG_SW_RX_CLEAR_HIGH 0x00100000 /* Ignore carrier sense */
1437#define AR5K_DIAG_SW_IGNORE_CARR_SENSE 0x0020000 /* Ignore virtual carrier sense */ 1436#define AR5K_DIAG_SW_IGNORE_CARR_SENSE 0x00200000 /* Ignore virtual carrier sense */
1438#define AR5K_DIAG_SW_CHANEL_IDLE_HIGH 0x0040000 /* Force channel idle high */ 1437#define AR5K_DIAG_SW_CHANNEL_IDLE_HIGH 0x00400000 /* Force channel idle high */
1439#define AR5K_DIAG_SW_PHEAR_ME 0x0080000 /* ??? */ 1438#define AR5K_DIAG_SW_PHEAR_ME 0x00800000 /* ??? */
1440 1439
1441/* 1440/*
1442 * TSF (clock) register (lower 32 bits) 1441 * TSF (clock) register (lower 32 bits)
diff --git a/drivers/net/wireless/ath/ath9k/ar5008_phy.c b/drivers/net/wireless/ath/ath9k/ar5008_phy.c
index 3d2c8679bc85..525671f52b45 100644
--- a/drivers/net/wireless/ath/ath9k/ar5008_phy.c
+++ b/drivers/net/wireless/ath/ath9k/ar5008_phy.c
@@ -118,7 +118,7 @@ static void ar5008_hw_force_bias(struct ath_hw *ah, u16 synth_freq)
118 if (!AR_SREV_5416(ah) || synth_freq >= 3000) 118 if (!AR_SREV_5416(ah) || synth_freq >= 3000)
119 return; 119 return;
120 120
121 BUG_ON(AR_SREV_9280_10_OR_LATER(ah)); 121 BUG_ON(AR_SREV_9280_20_OR_LATER(ah));
122 122
123 if (synth_freq < 2412) 123 if (synth_freq < 2412)
124 new_bias = 0; 124 new_bias = 0;
@@ -454,7 +454,7 @@ static int ar5008_hw_rf_alloc_ext_banks(struct ath_hw *ah)
454 454
455 struct ath_common *common = ath9k_hw_common(ah); 455 struct ath_common *common = ath9k_hw_common(ah);
456 456
457 BUG_ON(AR_SREV_9280_10_OR_LATER(ah)); 457 BUG_ON(AR_SREV_9280_20_OR_LATER(ah));
458 458
459 ATH_ALLOC_BANK(ah->analogBank0Data, ah->iniBank0.ia_rows); 459 ATH_ALLOC_BANK(ah->analogBank0Data, ah->iniBank0.ia_rows);
460 ATH_ALLOC_BANK(ah->analogBank1Data, ah->iniBank1.ia_rows); 460 ATH_ALLOC_BANK(ah->analogBank1Data, ah->iniBank1.ia_rows);
@@ -484,7 +484,7 @@ static void ar5008_hw_rf_free_ext_banks(struct ath_hw *ah)
484 bank = NULL; \ 484 bank = NULL; \
485 } while (0); 485 } while (0);
486 486
487 BUG_ON(AR_SREV_9280_10_OR_LATER(ah)); 487 BUG_ON(AR_SREV_9280_20_OR_LATER(ah));
488 488
489 ATH_FREE_BANK(ah->analogBank0Data); 489 ATH_FREE_BANK(ah->analogBank0Data);
490 ATH_FREE_BANK(ah->analogBank1Data); 490 ATH_FREE_BANK(ah->analogBank1Data);
@@ -525,7 +525,7 @@ static bool ar5008_hw_set_rf_regs(struct ath_hw *ah,
525 * for single chip devices, that is AR9280 or anything 525 * for single chip devices, that is AR9280 or anything
526 * after that. 526 * after that.
527 */ 527 */
528 if (AR_SREV_9280_10_OR_LATER(ah)) 528 if (AR_SREV_9280_20_OR_LATER(ah))
529 return true; 529 return true;
530 530
531 /* Setup rf parameters */ 531 /* Setup rf parameters */
@@ -663,20 +663,20 @@ static void ar5008_hw_override_ini(struct ath_hw *ah,
663 */ 663 */
664 REG_SET_BIT(ah, AR_DIAG_SW, (AR_DIAG_RX_DIS | AR_DIAG_RX_ABORT)); 664 REG_SET_BIT(ah, AR_DIAG_SW, (AR_DIAG_RX_DIS | AR_DIAG_RX_ABORT));
665 665
666 if (AR_SREV_9280_10_OR_LATER(ah)) { 666 if (AR_SREV_9280_20_OR_LATER(ah)) {
667 val = REG_READ(ah, AR_PCU_MISC_MODE2); 667 val = REG_READ(ah, AR_PCU_MISC_MODE2);
668 668
669 if (!AR_SREV_9271(ah)) 669 if (!AR_SREV_9271(ah))
670 val &= ~AR_PCU_MISC_MODE2_HWWAR1; 670 val &= ~AR_PCU_MISC_MODE2_HWWAR1;
671 671
672 if (AR_SREV_9287_10_OR_LATER(ah)) 672 if (AR_SREV_9287_11_OR_LATER(ah))
673 val = val & (~AR_PCU_MISC_MODE2_HWWAR2); 673 val = val & (~AR_PCU_MISC_MODE2_HWWAR2);
674 674
675 REG_WRITE(ah, AR_PCU_MISC_MODE2, val); 675 REG_WRITE(ah, AR_PCU_MISC_MODE2, val);
676 } 676 }
677 677
678 if (!AR_SREV_5416_20_OR_LATER(ah) || 678 if (!AR_SREV_5416_20_OR_LATER(ah) ||
679 AR_SREV_9280_10_OR_LATER(ah)) 679 AR_SREV_9280_20_OR_LATER(ah))
680 return; 680 return;
681 /* 681 /*
682 * Disable BB clock gating 682 * Disable BB clock gating
@@ -701,7 +701,7 @@ static void ar5008_hw_set_channel_regs(struct ath_hw *ah,
701 u32 phymode; 701 u32 phymode;
702 u32 enableDacFifo = 0; 702 u32 enableDacFifo = 0;
703 703
704 if (AR_SREV_9285_10_OR_LATER(ah)) 704 if (AR_SREV_9285_12_OR_LATER(ah))
705 enableDacFifo = (REG_READ(ah, AR_PHY_TURBO) & 705 enableDacFifo = (REG_READ(ah, AR_PHY_TURBO) &
706 AR_PHY_FC_ENABLE_DAC_FIFO); 706 AR_PHY_FC_ENABLE_DAC_FIFO);
707 707
@@ -820,11 +820,11 @@ static int ar5008_hw_process_ini(struct ath_hw *ah,
820 REGWRITE_BUFFER_FLUSH(ah); 820 REGWRITE_BUFFER_FLUSH(ah);
821 DISABLE_REGWRITE_BUFFER(ah); 821 DISABLE_REGWRITE_BUFFER(ah);
822 822
823 if (AR_SREV_9280(ah) || AR_SREV_9287_10_OR_LATER(ah)) 823 if (AR_SREV_9280(ah) || AR_SREV_9287_11_OR_LATER(ah))
824 REG_WRITE_ARRAY(&ah->iniModesRxGain, modesIndex, regWrites); 824 REG_WRITE_ARRAY(&ah->iniModesRxGain, modesIndex, regWrites);
825 825
826 if (AR_SREV_9280(ah) || AR_SREV_9285_12_OR_LATER(ah) || 826 if (AR_SREV_9280(ah) || AR_SREV_9285_12_OR_LATER(ah) ||
827 AR_SREV_9287_10_OR_LATER(ah)) 827 AR_SREV_9287_11_OR_LATER(ah))
828 REG_WRITE_ARRAY(&ah->iniModesTxGain, modesIndex, regWrites); 828 REG_WRITE_ARRAY(&ah->iniModesTxGain, modesIndex, regWrites);
829 829
830 if (AR_SREV_9271_10(ah)) 830 if (AR_SREV_9271_10(ah))
@@ -900,7 +900,7 @@ static void ar5008_hw_set_rfmode(struct ath_hw *ah, struct ath9k_channel *chan)
900 rfMode |= (IS_CHAN_B(chan) || IS_CHAN_G(chan)) 900 rfMode |= (IS_CHAN_B(chan) || IS_CHAN_G(chan))
901 ? AR_PHY_MODE_DYNAMIC : AR_PHY_MODE_OFDM; 901 ? AR_PHY_MODE_DYNAMIC : AR_PHY_MODE_OFDM;
902 902
903 if (!AR_SREV_9280_10_OR_LATER(ah)) 903 if (!AR_SREV_9280_20_OR_LATER(ah))
904 rfMode |= (IS_CHAN_5GHZ(chan)) ? 904 rfMode |= (IS_CHAN_5GHZ(chan)) ?
905 AR_PHY_MODE_RF5GHZ : AR_PHY_MODE_RF2GHZ; 905 AR_PHY_MODE_RF5GHZ : AR_PHY_MODE_RF2GHZ;
906 906
diff --git a/drivers/net/wireless/ath/ath9k/ar9002_calib.c b/drivers/net/wireless/ath/ath9k/ar9002_calib.c
index fe7418aefc4a..d7d1d55362e6 100644
--- a/drivers/net/wireless/ath/ath9k/ar9002_calib.c
+++ b/drivers/net/wireless/ath/ath9k/ar9002_calib.c
@@ -567,11 +567,6 @@ static inline void ar9285_hw_pa_cal(struct ath_hw *ah, bool is_reset)
567 AR5416_EEP_TXGAIN_HIGH_POWER) 567 AR5416_EEP_TXGAIN_HIGH_POWER)
568 return; 568 return;
569 569
570 if (AR_SREV_9285_11(ah)) {
571 REG_WRITE(ah, AR9285_AN_TOP4, (AR9285_AN_TOP4_DEFAULT | 0x14));
572 udelay(10);
573 }
574
575 for (i = 0; i < ARRAY_SIZE(regList); i++) 570 for (i = 0; i < ARRAY_SIZE(regList); i++)
576 regList[i][1] = REG_READ(ah, regList[i][0]); 571 regList[i][1] = REG_READ(ah, regList[i][0]);
577 572
@@ -651,10 +646,6 @@ static inline void ar9285_hw_pa_cal(struct ath_hw *ah, bool is_reset)
651 REG_WRITE(ah, regList[i][0], regList[i][1]); 646 REG_WRITE(ah, regList[i][0], regList[i][1]);
652 647
653 REG_RMW_FIELD(ah, AR9285_AN_RF2G6, AR9285_AN_RF2G6_CCOMP, ccomp_org); 648 REG_RMW_FIELD(ah, AR9285_AN_RF2G6, AR9285_AN_RF2G6_CCOMP, ccomp_org);
654
655 if (AR_SREV_9285_11(ah))
656 REG_WRITE(ah, AR9285_AN_TOP4, AR9285_AN_TOP4_DEFAULT);
657
658} 649}
659 650
660static void ar9002_hw_pa_cal(struct ath_hw *ah, bool is_reset) 651static void ar9002_hw_pa_cal(struct ath_hw *ah, bool is_reset)
@@ -664,7 +655,7 @@ static void ar9002_hw_pa_cal(struct ath_hw *ah, bool is_reset)
664 ar9271_hw_pa_cal(ah, is_reset); 655 ar9271_hw_pa_cal(ah, is_reset);
665 else 656 else
666 ah->pacal_info.skipcount--; 657 ah->pacal_info.skipcount--;
667 } else if (AR_SREV_9285_11_OR_LATER(ah)) { 658 } else if (AR_SREV_9285_12_OR_LATER(ah)) {
668 if (is_reset || !ah->pacal_info.skipcount) 659 if (is_reset || !ah->pacal_info.skipcount)
669 ar9285_hw_pa_cal(ah, is_reset); 660 ar9285_hw_pa_cal(ah, is_reset);
670 else 661 else
@@ -841,8 +832,8 @@ static bool ar9002_hw_init_cal(struct ath_hw *ah, struct ath9k_channel *chan)
841 if (!ar9285_hw_clc(ah, chan)) 832 if (!ar9285_hw_clc(ah, chan))
842 return false; 833 return false;
843 } else { 834 } else {
844 if (AR_SREV_9280_10_OR_LATER(ah)) { 835 if (AR_SREV_9280_20_OR_LATER(ah)) {
845 if (!AR_SREV_9287_10_OR_LATER(ah)) 836 if (!AR_SREV_9287_11_OR_LATER(ah))
846 REG_CLR_BIT(ah, AR_PHY_ADC_CTL, 837 REG_CLR_BIT(ah, AR_PHY_ADC_CTL,
847 AR_PHY_ADC_CTL_OFF_PWDADC); 838 AR_PHY_ADC_CTL_OFF_PWDADC);
848 REG_SET_BIT(ah, AR_PHY_AGC_CONTROL, 839 REG_SET_BIT(ah, AR_PHY_AGC_CONTROL,
@@ -864,8 +855,8 @@ static bool ar9002_hw_init_cal(struct ath_hw *ah, struct ath9k_channel *chan)
864 return false; 855 return false;
865 } 856 }
866 857
867 if (AR_SREV_9280_10_OR_LATER(ah)) { 858 if (AR_SREV_9280_20_OR_LATER(ah)) {
868 if (!AR_SREV_9287_10_OR_LATER(ah)) 859 if (!AR_SREV_9287_11_OR_LATER(ah))
869 REG_SET_BIT(ah, AR_PHY_ADC_CTL, 860 REG_SET_BIT(ah, AR_PHY_ADC_CTL,
870 AR_PHY_ADC_CTL_OFF_PWDADC); 861 AR_PHY_ADC_CTL_OFF_PWDADC);
871 REG_CLR_BIT(ah, AR_PHY_AGC_CONTROL, 862 REG_CLR_BIT(ah, AR_PHY_AGC_CONTROL,
@@ -976,7 +967,7 @@ static void ar9002_hw_init_cal_settings(struct ath_hw *ah)
976 } 967 }
977 968
978 if (AR_SREV_9160_10_OR_LATER(ah)) { 969 if (AR_SREV_9160_10_OR_LATER(ah)) {
979 if (AR_SREV_9280_10_OR_LATER(ah)) { 970 if (AR_SREV_9280_20_OR_LATER(ah)) {
980 ah->iq_caldata.calData = &iq_cal_single_sample; 971 ah->iq_caldata.calData = &iq_cal_single_sample;
981 ah->adcgain_caldata.calData = 972 ah->adcgain_caldata.calData =
982 &adc_gain_cal_single_sample; 973 &adc_gain_cal_single_sample;
diff --git a/drivers/net/wireless/ath/ath9k/ar9002_hw.c b/drivers/net/wireless/ath/ath9k/ar9002_hw.c
index 94392daebaa0..fde45082a13b 100644
--- a/drivers/net/wireless/ath/ath9k/ar9002_hw.c
+++ b/drivers/net/wireless/ath/ath9k/ar9002_hw.c
@@ -569,7 +569,7 @@ void ar9002_hw_attach_ops(struct ath_hw *ah)
569 ops->config_pci_powersave = ar9002_hw_configpcipowersave; 569 ops->config_pci_powersave = ar9002_hw_configpcipowersave;
570 570
571 ar5008_hw_attach_phy_ops(ah); 571 ar5008_hw_attach_phy_ops(ah);
572 if (AR_SREV_9280_10_OR_LATER(ah)) 572 if (AR_SREV_9280_20_OR_LATER(ah))
573 ar9002_hw_attach_phy_ops(ah); 573 ar9002_hw_attach_phy_ops(ah);
574 574
575 ar9002_hw_attach_calib_ops(ah); 575 ar9002_hw_attach_calib_ops(ah);
diff --git a/drivers/net/wireless/ath/ath9k/eeprom.h b/drivers/net/wireless/ath/ath9k/eeprom.h
index 3030564a0f21..dacb45e1b906 100644
--- a/drivers/net/wireless/ath/ath9k/eeprom.h
+++ b/drivers/net/wireless/ath/ath9k/eeprom.h
@@ -101,7 +101,7 @@
101#define AR5416_VER_MASK (eep->baseEepHeader.version & AR5416_EEP_VER_MINOR_MASK) 101#define AR5416_VER_MASK (eep->baseEepHeader.version & AR5416_EEP_VER_MINOR_MASK)
102#define OLC_FOR_AR9280_20_LATER (AR_SREV_9280_20_OR_LATER(ah) && \ 102#define OLC_FOR_AR9280_20_LATER (AR_SREV_9280_20_OR_LATER(ah) && \
103 ah->eep_ops->get_eeprom(ah, EEP_OL_PWRCTRL)) 103 ah->eep_ops->get_eeprom(ah, EEP_OL_PWRCTRL))
104#define OLC_FOR_AR9287_10_LATER (AR_SREV_9287_10_OR_LATER(ah) && \ 104#define OLC_FOR_AR9287_10_LATER (AR_SREV_9287_11_OR_LATER(ah) && \
105 ah->eep_ops->get_eeprom(ah, EEP_OL_PWRCTRL)) 105 ah->eep_ops->get_eeprom(ah, EEP_OL_PWRCTRL))
106 106
107#define AR_EEPROM_RFSILENT_GPIO_SEL 0x001c 107#define AR_EEPROM_RFSILENT_GPIO_SEL 0x001c
diff --git a/drivers/net/wireless/ath/ath9k/eeprom_4k.c b/drivers/net/wireless/ath/ath9k/eeprom_4k.c
index ead8b0dd3b53..d6eed1f02e84 100644
--- a/drivers/net/wireless/ath/ath9k/eeprom_4k.c
+++ b/drivers/net/wireless/ath/ath9k/eeprom_4k.c
@@ -333,7 +333,7 @@ static void ath9k_hw_get_4k_gain_boundaries_pdadcs(struct ath_hw *ah,
333 } 333 }
334 334
335 if (i == 0) { 335 if (i == 0) {
336 if (AR_SREV_9280_10_OR_LATER(ah)) 336 if (AR_SREV_9280_20_OR_LATER(ah))
337 ss = (int16_t)(0 - (minPwrT4[i] / 2)); 337 ss = (int16_t)(0 - (minPwrT4[i] / 2));
338 else 338 else
339 ss = 0; 339 ss = 0;
@@ -761,7 +761,7 @@ static void ath9k_hw_4k_set_txpower(struct ath_hw *ah,
761 761
762 regulatory->max_power_level = ratesArray[i]; 762 regulatory->max_power_level = ratesArray[i];
763 763
764 if (AR_SREV_9280_10_OR_LATER(ah)) { 764 if (AR_SREV_9280_20_OR_LATER(ah)) {
765 for (i = 0; i < Ar5416RateSize; i++) 765 for (i = 0; i < Ar5416RateSize; i++)
766 ratesArray[i] -= AR5416_PWR_TABLE_OFFSET_DB * 2; 766 ratesArray[i] -= AR5416_PWR_TABLE_OFFSET_DB * 2;
767 } 767 }
@@ -909,9 +909,6 @@ static void ath9k_hw_4k_set_gain(struct ath_hw *ah,
909 AR9280_PHY_RXGAIN_TXRX_ATTEN, txRxAttenLocal); 909 AR9280_PHY_RXGAIN_TXRX_ATTEN, txRxAttenLocal);
910 REG_RMW_FIELD(ah, AR_PHY_RXGAIN + 0x1000, 910 REG_RMW_FIELD(ah, AR_PHY_RXGAIN + 0x1000,
911 AR9280_PHY_RXGAIN_TXRX_MARGIN, pModal->rxTxMarginCh[0]); 911 AR9280_PHY_RXGAIN_TXRX_MARGIN, pModal->rxTxMarginCh[0]);
912
913 if (AR_SREV_9285_11(ah))
914 REG_WRITE(ah, AR9285_AN_TOP4, (AR9285_AN_TOP4_DEFAULT | 0x14));
915} 912}
916 913
917/* 914/*
@@ -1109,9 +1106,6 @@ static void ath9k_hw_4k_set_board_values(struct ath_hw *ah,
1109 } 1106 }
1110 1107
1111 1108
1112 if (AR_SREV_9285_11(ah))
1113 REG_WRITE(ah, AR9285_AN_TOP4, AR9285_AN_TOP4_DEFAULT);
1114
1115 REG_RMW_FIELD(ah, AR_PHY_SETTLING, AR_PHY_SETTLING_SWITCH, 1109 REG_RMW_FIELD(ah, AR_PHY_SETTLING, AR_PHY_SETTLING_SWITCH,
1116 pModal->switchSettling); 1110 pModal->switchSettling);
1117 REG_RMW_FIELD(ah, AR_PHY_DESIRED_SZ, AR_PHY_DESIRED_SZ_ADC, 1111 REG_RMW_FIELD(ah, AR_PHY_DESIRED_SZ, AR_PHY_DESIRED_SZ_ADC,
diff --git a/drivers/net/wireless/ath/ath9k/eeprom_9287.c b/drivers/net/wireless/ath/ath9k/eeprom_9287.c
index e6186515d05b..966b9496a9dd 100644
--- a/drivers/net/wireless/ath/ath9k/eeprom_9287.c
+++ b/drivers/net/wireless/ath/ath9k/eeprom_9287.c
@@ -324,7 +324,7 @@ static void ath9k_hw_get_ar9287_gain_boundaries_pdadcs(struct ath_hw *ah,
324 minDelta = 0; 324 minDelta = 0;
325 325
326 if (i == 0) { 326 if (i == 0) {
327 if (AR_SREV_9280_10_OR_LATER(ah)) 327 if (AR_SREV_9280_20_OR_LATER(ah))
328 ss = (int16_t)(0 - (minPwrT4[i] / 2)); 328 ss = (int16_t)(0 - (minPwrT4[i] / 2));
329 else 329 else
330 ss = 0; 330 ss = 0;
@@ -883,7 +883,7 @@ static void ath9k_hw_ar9287_set_txpower(struct ath_hw *ah,
883 ratesArray[i] = AR9287_MAX_RATE_POWER; 883 ratesArray[i] = AR9287_MAX_RATE_POWER;
884 } 884 }
885 885
886 if (AR_SREV_9280_10_OR_LATER(ah)) { 886 if (AR_SREV_9280_20_OR_LATER(ah)) {
887 for (i = 0; i < Ar5416RateSize; i++) 887 for (i = 0; i < Ar5416RateSize; i++)
888 ratesArray[i] -= AR9287_PWR_TABLE_OFFSET_DB * 2; 888 ratesArray[i] -= AR9287_PWR_TABLE_OFFSET_DB * 2;
889 } 889 }
@@ -977,7 +977,7 @@ static void ath9k_hw_ar9287_set_txpower(struct ath_hw *ah,
977 else 977 else
978 i = rate6mb; 978 i = rate6mb;
979 979
980 if (AR_SREV_9280_10_OR_LATER(ah)) 980 if (AR_SREV_9280_20_OR_LATER(ah))
981 regulatory->max_power_level = 981 regulatory->max_power_level =
982 ratesArray[i] + AR9287_PWR_TABLE_OFFSET_DB * 2; 982 ratesArray[i] + AR9287_PWR_TABLE_OFFSET_DB * 2;
983 else 983 else
diff --git a/drivers/net/wireless/ath/ath9k/eeprom_def.c b/drivers/net/wireless/ath/ath9k/eeprom_def.c
index 23f480d4c770..76b4d65472dd 100644
--- a/drivers/net/wireless/ath/ath9k/eeprom_def.c
+++ b/drivers/net/wireless/ath/ath9k/eeprom_def.c
@@ -223,7 +223,7 @@ static int ath9k_hw_def_check_eeprom(struct ath_hw *ah)
223 } 223 }
224 224
225 /* Enable fixup for AR_AN_TOP2 if necessary */ 225 /* Enable fixup for AR_AN_TOP2 if necessary */
226 if (AR_SREV_9280_10_OR_LATER(ah) && 226 if (AR_SREV_9280_20_OR_LATER(ah) &&
227 (eep->baseEepHeader.version & 0xff) > 0x0a && 227 (eep->baseEepHeader.version & 0xff) > 0x0a &&
228 eep->baseEepHeader.pwdclkind == 0) 228 eep->baseEepHeader.pwdclkind == 0)
229 ah->need_an_top2_fixup = 1; 229 ah->need_an_top2_fixup = 1;
@@ -317,7 +317,7 @@ static void ath9k_hw_def_set_gain(struct ath_hw *ah,
317 if (AR5416_VER_MASK >= AR5416_EEP_MINOR_VER_3) { 317 if (AR5416_VER_MASK >= AR5416_EEP_MINOR_VER_3) {
318 txRxAttenLocal = pModal->txRxAttenCh[i]; 318 txRxAttenLocal = pModal->txRxAttenCh[i];
319 319
320 if (AR_SREV_9280_10_OR_LATER(ah)) { 320 if (AR_SREV_9280_20_OR_LATER(ah)) {
321 REG_RMW_FIELD(ah, AR_PHY_GAIN_2GHZ + regChainOffset, 321 REG_RMW_FIELD(ah, AR_PHY_GAIN_2GHZ + regChainOffset,
322 AR_PHY_GAIN_2GHZ_XATTEN1_MARGIN, 322 AR_PHY_GAIN_2GHZ_XATTEN1_MARGIN,
323 pModal->bswMargin[i]); 323 pModal->bswMargin[i]);
@@ -344,7 +344,7 @@ static void ath9k_hw_def_set_gain(struct ath_hw *ah,
344 } 344 }
345 } 345 }
346 346
347 if (AR_SREV_9280_10_OR_LATER(ah)) { 347 if (AR_SREV_9280_20_OR_LATER(ah)) {
348 REG_RMW_FIELD(ah, 348 REG_RMW_FIELD(ah,
349 AR_PHY_RXGAIN + regChainOffset, 349 AR_PHY_RXGAIN + regChainOffset,
350 AR9280_PHY_RXGAIN_TXRX_ATTEN, txRxAttenLocal); 350 AR9280_PHY_RXGAIN_TXRX_ATTEN, txRxAttenLocal);
@@ -408,7 +408,7 @@ static void ath9k_hw_def_set_board_values(struct ath_hw *ah,
408 regChainOffset, i); 408 regChainOffset, i);
409 } 409 }
410 410
411 if (AR_SREV_9280_10_OR_LATER(ah)) { 411 if (AR_SREV_9280_20_OR_LATER(ah)) {
412 if (IS_CHAN_2GHZ(chan)) { 412 if (IS_CHAN_2GHZ(chan)) {
413 ath9k_hw_analog_shift_rmw(ah, AR_AN_RF2G1_CH0, 413 ath9k_hw_analog_shift_rmw(ah, AR_AN_RF2G1_CH0,
414 AR_AN_RF2G1_CH0_OB, 414 AR_AN_RF2G1_CH0_OB,
@@ -461,7 +461,7 @@ static void ath9k_hw_def_set_board_values(struct ath_hw *ah,
461 REG_RMW_FIELD(ah, AR_PHY_DESIRED_SZ, AR_PHY_DESIRED_SZ_ADC, 461 REG_RMW_FIELD(ah, AR_PHY_DESIRED_SZ, AR_PHY_DESIRED_SZ_ADC,
462 pModal->adcDesiredSize); 462 pModal->adcDesiredSize);
463 463
464 if (!AR_SREV_9280_10_OR_LATER(ah)) 464 if (!AR_SREV_9280_20_OR_LATER(ah))
465 REG_RMW_FIELD(ah, AR_PHY_DESIRED_SZ, 465 REG_RMW_FIELD(ah, AR_PHY_DESIRED_SZ,
466 AR_PHY_DESIRED_SZ_PGA, 466 AR_PHY_DESIRED_SZ_PGA,
467 pModal->pgaDesiredSize); 467 pModal->pgaDesiredSize);
@@ -478,7 +478,7 @@ static void ath9k_hw_def_set_board_values(struct ath_hw *ah,
478 REG_RMW_FIELD(ah, AR_PHY_RF_CTL3, AR_PHY_TX_END_TO_A2_RX_ON, 478 REG_RMW_FIELD(ah, AR_PHY_RF_CTL3, AR_PHY_TX_END_TO_A2_RX_ON,
479 pModal->txEndToRxOn); 479 pModal->txEndToRxOn);
480 480
481 if (AR_SREV_9280_10_OR_LATER(ah)) { 481 if (AR_SREV_9280_20_OR_LATER(ah)) {
482 REG_RMW_FIELD(ah, AR_PHY_CCA, AR9280_PHY_CCA_THRESH62, 482 REG_RMW_FIELD(ah, AR_PHY_CCA, AR9280_PHY_CCA_THRESH62,
483 pModal->thresh62); 483 pModal->thresh62);
484 REG_RMW_FIELD(ah, AR_PHY_EXT_CCA0, 484 REG_RMW_FIELD(ah, AR_PHY_EXT_CCA0,
@@ -696,7 +696,7 @@ static void ath9k_hw_get_def_gain_boundaries_pdadcs(struct ath_hw *ah,
696 } 696 }
697 697
698 if (i == 0) { 698 if (i == 0) {
699 if (AR_SREV_9280_10_OR_LATER(ah)) 699 if (AR_SREV_9280_20_OR_LATER(ah))
700 ss = (int16_t)(0 - (minPwrT4[i] / 2)); 700 ss = (int16_t)(0 - (minPwrT4[i] / 2));
701 else 701 else
702 ss = 0; 702 ss = 0;
@@ -1291,7 +1291,7 @@ static void ath9k_hw_def_set_txpower(struct ath_hw *ah,
1291 ratesArray[i] = AR5416_MAX_RATE_POWER; 1291 ratesArray[i] = AR5416_MAX_RATE_POWER;
1292 } 1292 }
1293 1293
1294 if (AR_SREV_9280_10_OR_LATER(ah)) { 1294 if (AR_SREV_9280_20_OR_LATER(ah)) {
1295 for (i = 0; i < Ar5416RateSize; i++) { 1295 for (i = 0; i < Ar5416RateSize; i++) {
1296 int8_t pwr_table_offset; 1296 int8_t pwr_table_offset;
1297 1297
@@ -1395,7 +1395,7 @@ static void ath9k_hw_def_set_txpower(struct ath_hw *ah,
1395 else if (IS_CHAN_HT20(chan)) 1395 else if (IS_CHAN_HT20(chan))
1396 i = rateHt20_0; 1396 i = rateHt20_0;
1397 1397
1398 if (AR_SREV_9280_10_OR_LATER(ah)) 1398 if (AR_SREV_9280_20_OR_LATER(ah))
1399 regulatory->max_power_level = 1399 regulatory->max_power_level =
1400 ratesArray[i] + AR5416_PWR_TABLE_OFFSET_DB * 2; 1400 ratesArray[i] + AR5416_PWR_TABLE_OFFSET_DB * 2;
1401 else 1401 else
diff --git a/drivers/net/wireless/ath/ath9k/htc_drv_beacon.c b/drivers/net/wireless/ath/ath9k/htc_drv_beacon.c
index bd1506e69105..1b72aa482ac7 100644
--- a/drivers/net/wireless/ath/ath9k/htc_drv_beacon.c
+++ b/drivers/net/wireless/ath/ath9k/htc_drv_beacon.c
@@ -235,7 +235,14 @@ void ath9k_htc_beaconq_config(struct ath9k_htc_priv *priv)
235 ath9k_hw_get_txq_props(ah, qnum, &qi_be); 235 ath9k_hw_get_txq_props(ah, qnum, &qi_be);
236 236
237 qi.tqi_aifs = qi_be.tqi_aifs; 237 qi.tqi_aifs = qi_be.tqi_aifs;
238 qi.tqi_cwmin = 4*qi_be.tqi_cwmin; 238 /* For WIFI Beacon Distribution
239 * Long slot time : 2x cwmin
240 * Short slot time : 4x cwmin
241 */
242 if (ah->slottime == ATH9K_SLOT_TIME_20)
243 qi.tqi_cwmin = 2*qi_be.tqi_cwmin;
244 else
245 qi.tqi_cwmin = 4*qi_be.tqi_cwmin;
239 qi.tqi_cwmax = qi_be.tqi_cwmax; 246 qi.tqi_cwmax = qi_be.tqi_cwmax;
240 247
241 if (!ath9k_hw_set_txq_props(ah, priv->beaconq, &qi)) { 248 if (!ath9k_hw_set_txq_props(ah, priv->beaconq, &qi)) {
diff --git a/drivers/net/wireless/ath/ath9k/htc_drv_init.c b/drivers/net/wireless/ath/ath9k/htc_drv_init.c
index 33850c952314..b100db2766cf 100644
--- a/drivers/net/wireless/ath/ath9k/htc_drv_init.c
+++ b/drivers/net/wireless/ath/ath9k/htc_drv_init.c
@@ -561,6 +561,9 @@ static void ath9k_init_crypto(struct ath9k_htc_priv *priv)
561 common->keymax = ATH_KEYMAX; 561 common->keymax = ATH_KEYMAX;
562 } 562 }
563 563
564 if (priv->ah->misc_mode & AR_PCU_MIC_NEW_LOC_ENA)
565 common->crypt_caps |= ATH_CRYPT_CAP_MIC_COMBINED;
566
564 /* 567 /*
565 * Reset the key cache since some parts do not 568 * Reset the key cache since some parts do not
566 * reset the contents on initial power up. 569 * reset the contents on initial power up.
diff --git a/drivers/net/wireless/ath/ath9k/hw.c b/drivers/net/wireless/ath/ath9k/hw.c
index 0b2ff98b6f33..25ed65ac992c 100644
--- a/drivers/net/wireless/ath/ath9k/hw.c
+++ b/drivers/net/wireless/ath/ath9k/hw.c
@@ -565,7 +565,7 @@ static int __ath9k_hw_init(struct ath_hw *ah)
565 ath9k_hw_init_cal_settings(ah); 565 ath9k_hw_init_cal_settings(ah);
566 566
567 ah->ani_function = ATH9K_ANI_ALL; 567 ah->ani_function = ATH9K_ANI_ALL;
568 if (AR_SREV_9280_10_OR_LATER(ah) && !AR_SREV_9300_20_OR_LATER(ah)) 568 if (AR_SREV_9280_20_OR_LATER(ah) && !AR_SREV_9300_20_OR_LATER(ah))
569 ah->ani_function &= ~ATH9K_ANI_NOISE_IMMUNITY_LEVEL; 569 ah->ani_function &= ~ATH9K_ANI_NOISE_IMMUNITY_LEVEL;
570 if (!AR_SREV_9300_20_OR_LATER(ah)) 570 if (!AR_SREV_9300_20_OR_LATER(ah))
571 ah->ani_function &= ~ATH9K_ANI_MRC_CCK; 571 ah->ani_function &= ~ATH9K_ANI_MRC_CCK;
@@ -1190,7 +1190,7 @@ bool ath9k_hw_check_alive(struct ath_hw *ah)
1190 int count = 50; 1190 int count = 50;
1191 u32 reg; 1191 u32 reg;
1192 1192
1193 if (AR_SREV_9285_10_OR_LATER(ah)) 1193 if (AR_SREV_9285_12_OR_LATER(ah))
1194 return true; 1194 return true;
1195 1195
1196 do { 1196 do {
@@ -1312,7 +1312,7 @@ int ath9k_hw_reset(struct ath_hw *ah, struct ath9k_channel *chan,
1312 if (tsf) 1312 if (tsf)
1313 ath9k_hw_settsf64(ah, tsf); 1313 ath9k_hw_settsf64(ah, tsf);
1314 1314
1315 if (AR_SREV_9280_10_OR_LATER(ah)) 1315 if (AR_SREV_9280_20_OR_LATER(ah))
1316 REG_SET_BIT(ah, AR_GPIO_INPUT_EN_VAL, AR_GPIO_JTAG_DISABLE); 1316 REG_SET_BIT(ah, AR_GPIO_INPUT_EN_VAL, AR_GPIO_JTAG_DISABLE);
1317 1317
1318 if (!AR_SREV_9300_20_OR_LATER(ah)) 1318 if (!AR_SREV_9300_20_OR_LATER(ah))
@@ -1787,7 +1787,7 @@ int ath9k_hw_fill_cap_info(struct ath_hw *ah)
1787 regulatory->current_rd = eeval; 1787 regulatory->current_rd = eeval;
1788 1788
1789 eeval = ah->eep_ops->get_eeprom(ah, EEP_REG_1); 1789 eeval = ah->eep_ops->get_eeprom(ah, EEP_REG_1);
1790 if (AR_SREV_9285_10_OR_LATER(ah)) 1790 if (AR_SREV_9285_12_OR_LATER(ah))
1791 eeval |= AR9285_RDEXT_DEFAULT; 1791 eeval |= AR9285_RDEXT_DEFAULT;
1792 regulatory->current_rd_ext = eeval; 1792 regulatory->current_rd_ext = eeval;
1793 1793
@@ -1857,8 +1857,7 @@ int ath9k_hw_fill_cap_info(struct ath_hw *ah)
1857 /* Use rx_chainmask from EEPROM. */ 1857 /* Use rx_chainmask from EEPROM. */
1858 pCap->rx_chainmask = ah->eep_ops->get_eeprom(ah, EEP_RX_MASK); 1858 pCap->rx_chainmask = ah->eep_ops->get_eeprom(ah, EEP_RX_MASK);
1859 1859
1860 if (!(AR_SREV_9280(ah) && (ah->hw_version.macRev == 0))) 1860 ah->misc_mode |= AR_PCU_MIC_NEW_LOC_ENA;
1861 ah->misc_mode |= AR_PCU_MIC_NEW_LOC_ENA;
1862 1861
1863 pCap->low_2ghz_chan = 2312; 1862 pCap->low_2ghz_chan = 2312;
1864 pCap->high_2ghz_chan = 2732; 1863 pCap->high_2ghz_chan = 2732;
@@ -1894,9 +1893,9 @@ int ath9k_hw_fill_cap_info(struct ath_hw *ah)
1894 pCap->num_gpio_pins = AR9271_NUM_GPIO; 1893 pCap->num_gpio_pins = AR9271_NUM_GPIO;
1895 else if (AR_DEVID_7010(ah)) 1894 else if (AR_DEVID_7010(ah))
1896 pCap->num_gpio_pins = AR7010_NUM_GPIO; 1895 pCap->num_gpio_pins = AR7010_NUM_GPIO;
1897 else if (AR_SREV_9285_10_OR_LATER(ah)) 1896 else if (AR_SREV_9285_12_OR_LATER(ah))
1898 pCap->num_gpio_pins = AR9285_NUM_GPIO; 1897 pCap->num_gpio_pins = AR9285_NUM_GPIO;
1899 else if (AR_SREV_9280_10_OR_LATER(ah)) 1898 else if (AR_SREV_9280_20_OR_LATER(ah))
1900 pCap->num_gpio_pins = AR928X_NUM_GPIO; 1899 pCap->num_gpio_pins = AR928X_NUM_GPIO;
1901 else 1900 else
1902 pCap->num_gpio_pins = AR_NUM_GPIO; 1901 pCap->num_gpio_pins = AR_NUM_GPIO;
@@ -1953,7 +1952,7 @@ int ath9k_hw_fill_cap_info(struct ath_hw *ah)
1953 pCap->num_antcfg_2ghz = 1952 pCap->num_antcfg_2ghz =
1954 ah->eep_ops->get_num_ant_config(ah, ATH9K_HAL_FREQ_BAND_2GHZ); 1953 ah->eep_ops->get_num_ant_config(ah, ATH9K_HAL_FREQ_BAND_2GHZ);
1955 1954
1956 if (AR_SREV_9280_10_OR_LATER(ah) && 1955 if (AR_SREV_9280_20_OR_LATER(ah) &&
1957 ath9k_hw_btcoex_supported(ah)) { 1956 ath9k_hw_btcoex_supported(ah)) {
1958 btcoex_hw->btactive_gpio = ATH_BTACTIVE_GPIO; 1957 btcoex_hw->btactive_gpio = ATH_BTACTIVE_GPIO;
1959 btcoex_hw->wlanactive_gpio = ATH_WLANACTIVE_GPIO; 1958 btcoex_hw->wlanactive_gpio = ATH_WLANACTIVE_GPIO;
@@ -1990,7 +1989,7 @@ int ath9k_hw_fill_cap_info(struct ath_hw *ah)
1990 if (AR_SREV_9300_20_OR_LATER(ah)) 1989 if (AR_SREV_9300_20_OR_LATER(ah))
1991 pCap->hw_caps |= ATH9K_HW_CAP_RAC_SUPPORTED; 1990 pCap->hw_caps |= ATH9K_HW_CAP_RAC_SUPPORTED;
1992 1991
1993 if (AR_SREV_9287_10_OR_LATER(ah) || AR_SREV_9271(ah)) 1992 if (AR_SREV_9287_11_OR_LATER(ah) || AR_SREV_9271(ah))
1994 pCap->hw_caps |= ATH9K_HW_CAP_SGI_20; 1993 pCap->hw_caps |= ATH9K_HW_CAP_SGI_20;
1995 1994
1996 if (AR_SREV_9285(ah)) 1995 if (AR_SREV_9285(ah))
@@ -2074,11 +2073,11 @@ u32 ath9k_hw_gpio_get(struct ath_hw *ah, u32 gpio)
2074 return MS_REG_READ(AR9300, gpio) != 0; 2073 return MS_REG_READ(AR9300, gpio) != 0;
2075 else if (AR_SREV_9271(ah)) 2074 else if (AR_SREV_9271(ah))
2076 return MS_REG_READ(AR9271, gpio) != 0; 2075 return MS_REG_READ(AR9271, gpio) != 0;
2077 else if (AR_SREV_9287_10_OR_LATER(ah)) 2076 else if (AR_SREV_9287_11_OR_LATER(ah))
2078 return MS_REG_READ(AR9287, gpio) != 0; 2077 return MS_REG_READ(AR9287, gpio) != 0;
2079 else if (AR_SREV_9285_10_OR_LATER(ah)) 2078 else if (AR_SREV_9285_12_OR_LATER(ah))
2080 return MS_REG_READ(AR9285, gpio) != 0; 2079 return MS_REG_READ(AR9285, gpio) != 0;
2081 else if (AR_SREV_9280_10_OR_LATER(ah)) 2080 else if (AR_SREV_9280_20_OR_LATER(ah))
2082 return MS_REG_READ(AR928X, gpio) != 0; 2081 return MS_REG_READ(AR928X, gpio) != 0;
2083 else 2082 else
2084 return MS_REG_READ(AR, gpio) != 0; 2083 return MS_REG_READ(AR, gpio) != 0;
@@ -2575,7 +2574,7 @@ void ath9k_hw_name(struct ath_hw *ah, char *hw_name, size_t len)
2575 int used; 2574 int used;
2576 2575
2577 /* chipsets >= AR9280 are single-chip */ 2576 /* chipsets >= AR9280 are single-chip */
2578 if (AR_SREV_9280_10_OR_LATER(ah)) { 2577 if (AR_SREV_9280_20_OR_LATER(ah)) {
2579 used = snprintf(hw_name, len, 2578 used = snprintf(hw_name, len,
2580 "Atheros AR%s Rev:%x", 2579 "Atheros AR%s Rev:%x",
2581 ath9k_hw_mac_bb_name(ah->hw_version.macVersion), 2580 ath9k_hw_mac_bb_name(ah->hw_version.macVersion),
diff --git a/drivers/net/wireless/ath/ath9k/init.c b/drivers/net/wireless/ath/ath9k/init.c
index 573899e27b3d..de3393867e37 100644
--- a/drivers/net/wireless/ath/ath9k/init.c
+++ b/drivers/net/wireless/ath/ath9k/init.c
@@ -211,7 +211,7 @@ static void setup_ht_cap(struct ath_softc *sc,
211 else 211 else
212 max_streams = 2; 212 max_streams = 2;
213 213
214 if (AR_SREV_9280_10_OR_LATER(ah)) { 214 if (AR_SREV_9280_20_OR_LATER(ah)) {
215 if (max_streams >= 2) 215 if (max_streams >= 2)
216 ht_info->cap |= IEEE80211_HT_CAP_TX_STBC; 216 ht_info->cap |= IEEE80211_HT_CAP_TX_STBC;
217 ht_info->cap |= (1 << IEEE80211_HT_CAP_RX_STBC_SHIFT); 217 ht_info->cap |= (1 << IEEE80211_HT_CAP_RX_STBC_SHIFT);
diff --git a/drivers/net/wireless/ath/ath9k/main.c b/drivers/net/wireless/ath/ath9k/main.c
index 8b327bcad695..a13387882636 100644
--- a/drivers/net/wireless/ath/ath9k/main.c
+++ b/drivers/net/wireless/ath/ath9k/main.c
@@ -270,6 +270,7 @@ static void ath_paprd_activate(struct ath_softc *sc)
270{ 270{
271 struct ath_hw *ah = sc->sc_ah; 271 struct ath_hw *ah = sc->sc_ah;
272 struct ath9k_hw_cal_data *caldata = ah->caldata; 272 struct ath9k_hw_cal_data *caldata = ah->caldata;
273 struct ath_common *common = ath9k_hw_common(ah);
273 int chain; 274 int chain;
274 275
275 if (!caldata || !caldata->paprd_done) 276 if (!caldata || !caldata->paprd_done)
@@ -278,7 +279,7 @@ static void ath_paprd_activate(struct ath_softc *sc)
278 ath9k_ps_wakeup(sc); 279 ath9k_ps_wakeup(sc);
279 ar9003_paprd_enable(ah, false); 280 ar9003_paprd_enable(ah, false);
280 for (chain = 0; chain < AR9300_MAX_CHAINS; chain++) { 281 for (chain = 0; chain < AR9300_MAX_CHAINS; chain++) {
281 if (!(ah->caps.tx_chainmask & BIT(chain))) 282 if (!(common->tx_chainmask & BIT(chain)))
282 continue; 283 continue;
283 284
284 ar9003_paprd_populate_single_table(ah, caldata, chain); 285 ar9003_paprd_populate_single_table(ah, caldata, chain);
@@ -300,6 +301,7 @@ void ath_paprd_calibrate(struct work_struct *work)
300 struct ieee80211_supported_band *sband = &sc->sbands[band]; 301 struct ieee80211_supported_band *sband = &sc->sbands[band];
301 struct ath_tx_control txctl; 302 struct ath_tx_control txctl;
302 struct ath9k_hw_cal_data *caldata = ah->caldata; 303 struct ath9k_hw_cal_data *caldata = ah->caldata;
304 struct ath_common *common = ath9k_hw_common(ah);
303 int qnum, ftype; 305 int qnum, ftype;
304 int chain_ok = 0; 306 int chain_ok = 0;
305 int chain; 307 int chain;
@@ -333,7 +335,7 @@ void ath_paprd_calibrate(struct work_struct *work)
333 ath9k_ps_wakeup(sc); 335 ath9k_ps_wakeup(sc);
334 ar9003_paprd_init_table(ah); 336 ar9003_paprd_init_table(ah);
335 for (chain = 0; chain < AR9300_MAX_CHAINS; chain++) { 337 for (chain = 0; chain < AR9300_MAX_CHAINS; chain++) {
336 if (!(ah->caps.tx_chainmask & BIT(chain))) 338 if (!(common->tx_chainmask & BIT(chain)))
337 continue; 339 continue;
338 340
339 chain_ok = 0; 341 chain_ok = 0;
diff --git a/drivers/net/wireless/ath/ath9k/recv.c b/drivers/net/wireless/ath/ath9k/recv.c
index c5e7af4f51ab..9c166f3804ab 100644
--- a/drivers/net/wireless/ath/ath9k/recv.c
+++ b/drivers/net/wireless/ath/ath9k/recv.c
@@ -454,8 +454,8 @@ u32 ath_calcrxfilter(struct ath_softc *sc)
454 else 454 else
455 rfilt |= ATH9K_RX_FILTER_BEACON; 455 rfilt |= ATH9K_RX_FILTER_BEACON;
456 456
457 if ((AR_SREV_9280_10_OR_LATER(sc->sc_ah) || 457 if ((AR_SREV_9280_20_OR_LATER(sc->sc_ah) ||
458 AR_SREV_9285_10_OR_LATER(sc->sc_ah)) && 458 AR_SREV_9285_12_OR_LATER(sc->sc_ah)) &&
459 (sc->sc_ah->opmode == NL80211_IFTYPE_AP) && 459 (sc->sc_ah->opmode == NL80211_IFTYPE_AP) &&
460 (sc->rx.rxfilter & FIF_PSPOLL)) 460 (sc->rx.rxfilter & FIF_PSPOLL))
461 rfilt |= ATH9K_RX_FILTER_PSPOLL; 461 rfilt |= ATH9K_RX_FILTER_PSPOLL;
@@ -977,7 +977,11 @@ static void ath9k_process_rssi(struct ath_common *common,
977 * at least one sdata of a wiphy on mac80211 but with ath9k virtual 977 * at least one sdata of a wiphy on mac80211 but with ath9k virtual
978 * wiphy you'd have to iterate over every wiphy and each sdata. 978 * wiphy you'd have to iterate over every wiphy and each sdata.
979 */ 979 */
980 sta = ieee80211_find_sta_by_hw(hw, hdr->addr2); 980 if (is_multicast_ether_addr(hdr->addr1))
981 sta = ieee80211_find_sta_by_ifaddr(hw, hdr->addr2, NULL);
982 else
983 sta = ieee80211_find_sta_by_ifaddr(hw, hdr->addr2, hdr->addr1);
984
981 if (sta) { 985 if (sta) {
982 an = (struct ath_node *) sta->drv_priv; 986 an = (struct ath_node *) sta->drv_priv;
983 if (rx_stats->rs_rssi != ATH9K_RSSI_BAD && 987 if (rx_stats->rs_rssi != ATH9K_RSSI_BAD &&
diff --git a/drivers/net/wireless/ath/ath9k/reg.h b/drivers/net/wireless/ath/ath9k/reg.h
index d01c4adab8d6..6d01e501b9b4 100644
--- a/drivers/net/wireless/ath/ath9k/reg.h
+++ b/drivers/net/wireless/ath/ath9k/reg.h
@@ -819,49 +819,23 @@
819 ((_ah)->hw_version.macRev == AR_SREV_REVISION_9160_11)) 819 ((_ah)->hw_version.macRev == AR_SREV_REVISION_9160_11))
820#define AR_SREV_9280(_ah) \ 820#define AR_SREV_9280(_ah) \
821 (((_ah)->hw_version.macVersion == AR_SREV_VERSION_9280)) 821 (((_ah)->hw_version.macVersion == AR_SREV_VERSION_9280))
822#define AR_SREV_9280_10_OR_LATER(_ah) \ 822#define AR_SREV_9280_20_OR_LATER(_ah) \
823 (((_ah)->hw_version.macVersion >= AR_SREV_VERSION_9280)) 823 (((_ah)->hw_version.macVersion >= AR_SREV_VERSION_9280))
824#define AR_SREV_9280_20(_ah) \ 824#define AR_SREV_9280_20(_ah) \
825 (((_ah)->hw_version.macVersion == AR_SREV_VERSION_9280) && \ 825 (((_ah)->hw_version.macVersion == AR_SREV_VERSION_9280))
826 ((_ah)->hw_version.macRev >= AR_SREV_REVISION_9280_20))
827#define AR_SREV_9280_20_OR_LATER(_ah) \
828 (((_ah)->hw_version.macVersion > AR_SREV_VERSION_9280) || \
829 (((_ah)->hw_version.macVersion == AR_SREV_VERSION_9280) && \
830 ((_ah)->hw_version.macRev >= AR_SREV_REVISION_9280_20)))
831 826
832#define AR_SREV_9285(_ah) \ 827#define AR_SREV_9285(_ah) \
833 (((_ah)->hw_version.macVersion == AR_SREV_VERSION_9285)) 828 (((_ah)->hw_version.macVersion == AR_SREV_VERSION_9285))
834#define AR_SREV_9285_10_OR_LATER(_ah) \
835 (((_ah)->hw_version.macVersion >= AR_SREV_VERSION_9285))
836#define AR_SREV_9285_11(_ah) \
837 (AR_SREV_9285(ah) && \
838 ((_ah)->hw_version.macRev == AR_SREV_REVISION_9285_11))
839#define AR_SREV_9285_11_OR_LATER(_ah) \
840 (((_ah)->hw_version.macVersion > AR_SREV_VERSION_9285) || \
841 (AR_SREV_9285(ah) && ((_ah)->hw_version.macRev >= \
842 AR_SREV_REVISION_9285_11)))
843#define AR_SREV_9285_12(_ah) \
844 (AR_SREV_9285(ah) && \
845 ((_ah)->hw_version.macRev == AR_SREV_REVISION_9285_12))
846#define AR_SREV_9285_12_OR_LATER(_ah) \ 829#define AR_SREV_9285_12_OR_LATER(_ah) \
847 (((_ah)->hw_version.macVersion > AR_SREV_VERSION_9285) || \ 830 (((_ah)->hw_version.macVersion >= AR_SREV_VERSION_9285))
848 (AR_SREV_9285(ah) && ((_ah)->hw_version.macRev >= \
849 AR_SREV_REVISION_9285_12)))
850 831
851#define AR_SREV_9287(_ah) \ 832#define AR_SREV_9287(_ah) \
852 (((_ah)->hw_version.macVersion == AR_SREV_VERSION_9287)) 833 (((_ah)->hw_version.macVersion == AR_SREV_VERSION_9287))
853#define AR_SREV_9287_10_OR_LATER(_ah) \ 834#define AR_SREV_9287_11_OR_LATER(_ah) \
854 (((_ah)->hw_version.macVersion >= AR_SREV_VERSION_9287)) 835 (((_ah)->hw_version.macVersion >= AR_SREV_VERSION_9287))
855#define AR_SREV_9287_10(_ah) \
856 (((_ah)->hw_version.macVersion == AR_SREV_VERSION_9287) && \
857 ((_ah)->hw_version.macRev == AR_SREV_REVISION_9287_10))
858#define AR_SREV_9287_11(_ah) \ 836#define AR_SREV_9287_11(_ah) \
859 (((_ah)->hw_version.macVersion == AR_SREV_VERSION_9287) && \ 837 (((_ah)->hw_version.macVersion == AR_SREV_VERSION_9287) && \
860 ((_ah)->hw_version.macRev == AR_SREV_REVISION_9287_11)) 838 ((_ah)->hw_version.macRev == AR_SREV_REVISION_9287_11))
861#define AR_SREV_9287_11_OR_LATER(_ah) \
862 (((_ah)->hw_version.macVersion > AR_SREV_VERSION_9287) || \
863 (((_ah)->hw_version.macVersion == AR_SREV_VERSION_9287) && \
864 ((_ah)->hw_version.macRev >= AR_SREV_REVISION_9287_11)))
865#define AR_SREV_9287_12(_ah) \ 839#define AR_SREV_9287_12(_ah) \
866 (((_ah)->hw_version.macVersion == AR_SREV_VERSION_9287) && \ 840 (((_ah)->hw_version.macVersion == AR_SREV_VERSION_9287) && \
867 ((_ah)->hw_version.macRev == AR_SREV_REVISION_9287_12)) 841 ((_ah)->hw_version.macRev == AR_SREV_REVISION_9287_12))
diff --git a/drivers/net/wireless/ath/ath9k/xmit.c b/drivers/net/wireless/ath/ath9k/xmit.c
index 85a7323a04ef..f7da6b20a925 100644
--- a/drivers/net/wireless/ath/ath9k/xmit.c
+++ b/drivers/net/wireless/ath/ath9k/xmit.c
@@ -328,8 +328,7 @@ static void ath_tx_complete_aggr(struct ath_softc *sc, struct ath_txq *txq,
328 328
329 rcu_read_lock(); 329 rcu_read_lock();
330 330
331 /* XXX: use ieee80211_find_sta! */ 331 sta = ieee80211_find_sta_by_ifaddr(hw, hdr->addr1, hdr->addr2);
332 sta = ieee80211_find_sta_by_hw(hw, hdr->addr1);
333 if (!sta) { 332 if (!sta) {
334 rcu_read_unlock(); 333 rcu_read_unlock();
335 334
diff --git a/drivers/net/wireless/ath/carl9170/Kconfig b/drivers/net/wireless/ath/carl9170/Kconfig
index c5d3a3f2e55b..2d1b821b440d 100644
--- a/drivers/net/wireless/ath/carl9170/Kconfig
+++ b/drivers/net/wireless/ath/carl9170/Kconfig
@@ -10,7 +10,7 @@ config CARL9170
10 but it needs a special firmware (carl9170-1.fw) to do that. 10 but it needs a special firmware (carl9170-1.fw) to do that.
11 11
12 The firmware can be downloaded from our wiki here: 12 The firmware can be downloaded from our wiki here:
13 http://wireless.kernel.org/en/users/Drivers/carl9170 13 <http://wireless.kernel.org/en/users/Drivers/carl9170>
14 14
15 If you choose to build a module, it'll be called carl9170. 15 If you choose to build a module, it'll be called carl9170.
16 16
diff --git a/drivers/net/wireless/ath/carl9170/carl9170.h b/drivers/net/wireless/ath/carl9170/carl9170.h
index d7c5482d74ce..20f2a77e54d2 100644
--- a/drivers/net/wireless/ath/carl9170/carl9170.h
+++ b/drivers/net/wireless/ath/carl9170/carl9170.h
@@ -364,7 +364,6 @@ struct ar9170 {
364 unsigned int tx_dropped; 364 unsigned int tx_dropped;
365 unsigned int tx_ack_failures; 365 unsigned int tx_ack_failures;
366 unsigned int tx_fcs_errors; 366 unsigned int tx_fcs_errors;
367 unsigned int tx_ampdu_timeout;
368 unsigned int rx_dropped; 367 unsigned int rx_dropped;
369 368
370 /* EEPROM */ 369 /* EEPROM */
diff --git a/drivers/net/wireless/ath/carl9170/debug.c b/drivers/net/wireless/ath/carl9170/debug.c
index 19b48369ffed..0ac1124c2a0b 100644
--- a/drivers/net/wireless/ath/carl9170/debug.c
+++ b/drivers/net/wireless/ath/carl9170/debug.c
@@ -798,8 +798,6 @@ DEBUGFS_READONLY_FILE(tx_total_queued, 20, "%d",
798 atomic_read(&ar->tx_total_queued)); 798 atomic_read(&ar->tx_total_queued));
799DEBUGFS_READONLY_FILE(tx_ampdu_scheduler, 20, "%d", 799DEBUGFS_READONLY_FILE(tx_ampdu_scheduler, 20, "%d",
800 atomic_read(&ar->tx_ampdu_scheduler)); 800 atomic_read(&ar->tx_ampdu_scheduler));
801DEBUGFS_READONLY_FILE(tx_ampdu_timeout, 20, "%d",
802 ar->tx_ampdu_timeout);
803 801
804DEBUGFS_READONLY_FILE(tx_total_pending, 20, "%d", 802DEBUGFS_READONLY_FILE(tx_total_pending, 20, "%d",
805 atomic_read(&ar->tx_total_pending)); 803 atomic_read(&ar->tx_total_pending));
@@ -872,8 +870,6 @@ void carl9170_debugfs_register(struct ar9170 *ar)
872 DEBUGFS_ADD(ampdu_density); 870 DEBUGFS_ADD(ampdu_density);
873 DEBUGFS_ADD(ampdu_factor); 871 DEBUGFS_ADD(ampdu_factor);
874 872
875 DEBUGFS_ADD(tx_ampdu_timeout);
876
877 DEBUGFS_ADD(tx_janitor_last_run); 873 DEBUGFS_ADD(tx_janitor_last_run);
878 874
879 DEBUGFS_ADD(tx_status_0); 875 DEBUGFS_ADD(tx_status_0);
diff --git a/drivers/net/wireless/ath/carl9170/main.c b/drivers/net/wireless/ath/carl9170/main.c
index 43de9dfa5820..84bd38e9961c 100644
--- a/drivers/net/wireless/ath/carl9170/main.c
+++ b/drivers/net/wireless/ath/carl9170/main.c
@@ -230,8 +230,15 @@ static void carl9170_flush(struct ar9170 *ar, bool drop_queued)
230 for (i = 0; i < ar->hw->queues; i++) { 230 for (i = 0; i < ar->hw->queues; i++) {
231 struct sk_buff *skb; 231 struct sk_buff *skb;
232 232
233 while ((skb = skb_dequeue(&ar->tx_pending[i]))) 233 while ((skb = skb_dequeue(&ar->tx_pending[i]))) {
234 struct ieee80211_tx_info *info;
235
236 info = IEEE80211_SKB_CB(skb);
237 if (info->flags & IEEE80211_TX_CTL_AMPDU)
238 atomic_dec(&ar->tx_ampdu_upload);
239
234 carl9170_tx_status(ar, skb, false); 240 carl9170_tx_status(ar, skb, false);
241 }
235 } 242 }
236 } 243 }
237 244
@@ -1241,7 +1248,7 @@ static int carl9170_op_ampdu_action(struct ieee80211_hw *hw,
1241 1248
1242 switch (action) { 1249 switch (action) {
1243 case IEEE80211_AMPDU_TX_START: 1250 case IEEE80211_AMPDU_TX_START:
1244 if (WARN_ON_ONCE(!sta_info->ht_sta)) 1251 if (!sta_info->ht_sta)
1245 return -EOPNOTSUPP; 1252 return -EOPNOTSUPP;
1246 1253
1247 rcu_read_lock(); 1254 rcu_read_lock();
@@ -1453,9 +1460,6 @@ static void carl9170_op_sta_notify(struct ieee80211_hw *hw,
1453 while ((skb = __skb_dequeue(&tid_info->queue))) 1460 while ((skb = __skb_dequeue(&tid_info->queue)))
1454 __skb_queue_tail(&free, skb); 1461 __skb_queue_tail(&free, skb);
1455 spin_unlock_bh(&tid_info->lock); 1462 spin_unlock_bh(&tid_info->lock);
1456
1457 ieee80211_stop_tx_ba_session(sta,
1458 tid_info->tid);
1459 } 1463 }
1460 rcu_read_unlock(); 1464 rcu_read_unlock();
1461 } 1465 }
@@ -1465,6 +1469,7 @@ static void carl9170_op_sta_notify(struct ieee80211_hw *hw,
1465 skb_queue_walk_safe(&ar->tx_pending[i], skb, tmp) { 1469 skb_queue_walk_safe(&ar->tx_pending[i], skb, tmp) {
1466 struct _carl9170_tx_superframe *super; 1470 struct _carl9170_tx_superframe *super;
1467 struct ieee80211_hdr *hdr; 1471 struct ieee80211_hdr *hdr;
1472 struct ieee80211_tx_info *info;
1468 1473
1469 super = (void *) skb->data; 1474 super = (void *) skb->data;
1470 hdr = (void *) super->frame_data; 1475 hdr = (void *) super->frame_data;
@@ -1473,6 +1478,11 @@ static void carl9170_op_sta_notify(struct ieee80211_hw *hw,
1473 continue; 1478 continue;
1474 1479
1475 __skb_unlink(skb, &ar->tx_pending[i]); 1480 __skb_unlink(skb, &ar->tx_pending[i]);
1481
1482 info = IEEE80211_SKB_CB(skb);
1483 if (info->flags & IEEE80211_TX_CTL_AMPDU)
1484 atomic_dec(&ar->tx_ampdu_upload);
1485
1476 carl9170_tx_status(ar, skb, false); 1486 carl9170_tx_status(ar, skb, false);
1477 } 1487 }
1478 spin_unlock_bh(&ar->tx_pending[i].lock); 1488 spin_unlock_bh(&ar->tx_pending[i].lock);
diff --git a/drivers/net/wireless/ath/carl9170/tx.c b/drivers/net/wireless/ath/carl9170/tx.c
index e0d2374e0c77..b575c865142d 100644
--- a/drivers/net/wireless/ath/carl9170/tx.c
+++ b/drivers/net/wireless/ath/carl9170/tx.c
@@ -760,8 +760,8 @@ static int carl9170_tx_prepare(struct ar9170 *ar, struct sk_buff *skb)
760 struct carl9170_tx_info *arinfo; 760 struct carl9170_tx_info *arinfo;
761 unsigned int hw_queue; 761 unsigned int hw_queue;
762 int i; 762 int i;
763 u16 keytype = 0; 763 __le16 mac_tmp;
764 u16 len, icv = 0; 764 u16 len;
765 bool ampdu, no_ack; 765 bool ampdu, no_ack;
766 766
767 BUILD_BUG_ON(sizeof(*arinfo) > sizeof(info->rate_driver_data)); 767 BUILD_BUG_ON(sizeof(*arinfo) > sizeof(info->rate_driver_data));
@@ -773,6 +773,10 @@ static int carl9170_tx_prepare(struct ar9170 *ar, struct sk_buff *skb)
773 773
774 BUILD_BUG_ON(IEEE80211_TX_MAX_RATES < CARL9170_TX_MAX_RATES); 774 BUILD_BUG_ON(IEEE80211_TX_MAX_RATES < CARL9170_TX_MAX_RATES);
775 775
776 BUILD_BUG_ON(AR9170_MAX_VIRTUAL_MAC >
777 ((CARL9170_TX_SUPER_MISC_VIF_ID >>
778 CARL9170_TX_SUPER_MISC_VIF_ID_S) + 1));
779
776 hw_queue = ar9170_qmap[carl9170_get_queue(ar, skb)]; 780 hw_queue = ar9170_qmap[carl9170_get_queue(ar, skb)];
777 781
778 hdr = (void *)skb->data; 782 hdr = (void *)skb->data;
@@ -793,20 +797,37 @@ static int carl9170_tx_prepare(struct ar9170 *ar, struct sk_buff *skb)
793 txc = (void *)skb_push(skb, sizeof(*txc)); 797 txc = (void *)skb_push(skb, sizeof(*txc));
794 memset(txc, 0, sizeof(*txc)); 798 memset(txc, 0, sizeof(*txc));
795 799
796 ampdu = !!(info->flags & IEEE80211_TX_CTL_AMPDU); 800 SET_VAL(CARL9170_TX_SUPER_MISC_QUEUE, txc->s.misc, hw_queue);
801
802 if (likely(cvif))
803 SET_VAL(CARL9170_TX_SUPER_MISC_VIF_ID, txc->s.misc, cvif->id);
804
805 if (unlikely(info->flags & IEEE80211_TX_CTL_SEND_AFTER_DTIM))
806 txc->s.misc |= CARL9170_TX_SUPER_MISC_CAB;
807
808 if (unlikely(ieee80211_is_probe_resp(hdr->frame_control)))
809 txc->s.misc |= CARL9170_TX_SUPER_MISC_FILL_IN_TSF;
810
811 mac_tmp = cpu_to_le16(AR9170_TX_MAC_HW_DURATION |
812 AR9170_TX_MAC_BACKOFF);
813 mac_tmp |= cpu_to_le16((hw_queue << AR9170_TX_MAC_QOS_S) &&
814 AR9170_TX_MAC_QOS);
815
797 no_ack = !!(info->flags & IEEE80211_TX_CTL_NO_ACK); 816 no_ack = !!(info->flags & IEEE80211_TX_CTL_NO_ACK);
817 if (unlikely(no_ack))
818 mac_tmp |= cpu_to_le16(AR9170_TX_MAC_NO_ACK);
798 819
799 if (info->control.hw_key) { 820 if (info->control.hw_key) {
800 icv = info->control.hw_key->icv_len; 821 len += info->control.hw_key->icv_len;
801 822
802 switch (info->control.hw_key->cipher) { 823 switch (info->control.hw_key->cipher) {
803 case WLAN_CIPHER_SUITE_WEP40: 824 case WLAN_CIPHER_SUITE_WEP40:
804 case WLAN_CIPHER_SUITE_WEP104: 825 case WLAN_CIPHER_SUITE_WEP104:
805 case WLAN_CIPHER_SUITE_TKIP: 826 case WLAN_CIPHER_SUITE_TKIP:
806 keytype = AR9170_TX_MAC_ENCR_RC4; 827 mac_tmp |= cpu_to_le16(AR9170_TX_MAC_ENCR_RC4);
807 break; 828 break;
808 case WLAN_CIPHER_SUITE_CCMP: 829 case WLAN_CIPHER_SUITE_CCMP:
809 keytype = AR9170_TX_MAC_ENCR_AES; 830 mac_tmp |= cpu_to_le16(AR9170_TX_MAC_ENCR_AES);
810 break; 831 break;
811 default: 832 default:
812 WARN_ON(1); 833 WARN_ON(1);
@@ -814,48 +835,58 @@ static int carl9170_tx_prepare(struct ar9170 *ar, struct sk_buff *skb)
814 } 835 }
815 } 836 }
816 837
817 BUILD_BUG_ON(AR9170_MAX_VIRTUAL_MAC > 838 ampdu = !!(info->flags & IEEE80211_TX_CTL_AMPDU);
818 ((CARL9170_TX_SUPER_MISC_VIF_ID >> 839 if (ampdu) {
819 CARL9170_TX_SUPER_MISC_VIF_ID_S) + 1)); 840 unsigned int density, factor;
820
821 txc->s.len = cpu_to_le16(len + sizeof(*txc));
822 txc->f.length = cpu_to_le16(len + icv + 4);
823 SET_VAL(CARL9170_TX_SUPER_MISC_VIF_ID, txc->s.misc,
824 cvif ? cvif->id : 0);
825 841
826 txc->f.mac_control = cpu_to_le16(AR9170_TX_MAC_HW_DURATION | 842 if (unlikely(!sta || !cvif))
827 AR9170_TX_MAC_BACKOFF); 843 goto err_out;
828 844
829 SET_VAL(CARL9170_TX_SUPER_MISC_QUEUE, txc->s.misc, hw_queue); 845 factor = min_t(unsigned int, 1u,
846 info->control.sta->ht_cap.ampdu_factor);
830 847
831 txc->f.mac_control |= cpu_to_le16(hw_queue << AR9170_TX_MAC_QOS_S); 848 density = info->control.sta->ht_cap.ampdu_density;
832 txc->f.mac_control |= cpu_to_le16(keytype);
833 txc->f.phy_control = cpu_to_le32(0);
834 849
835 if (no_ack) 850 if (density) {
836 txc->f.mac_control |= cpu_to_le16(AR9170_TX_MAC_NO_ACK); 851 /*
852 * Watch out!
853 *
854 * Otus uses slightly different density values than
855 * those from the 802.11n spec.
856 */
837 857
838 if (info->flags & IEEE80211_TX_CTL_SEND_AFTER_DTIM) 858 density = max_t(unsigned int, density + 1, 7u);
839 txc->s.misc |= CARL9170_TX_SUPER_MISC_CAB; 859 }
840 860
841 txrate = &info->control.rates[0]; 861 SET_VAL(CARL9170_TX_SUPER_AMPDU_DENSITY,
842 if (carl9170_tx_rts_check(ar, txrate, ampdu, no_ack)) 862 txc->s.ampdu_settings, density);
843 txc->f.mac_control |= cpu_to_le16(AR9170_TX_MAC_PROT_RTS);
844 else if (carl9170_tx_cts_check(ar, txrate))
845 txc->f.mac_control |= cpu_to_le16(AR9170_TX_MAC_PROT_CTS);
846 863
847 SET_VAL(CARL9170_TX_SUPER_RI_TRIES, txc->s.ri[0], txrate->count); 864 SET_VAL(CARL9170_TX_SUPER_AMPDU_FACTOR,
848 txc->f.phy_control |= carl9170_tx_physet(ar, info, txrate); 865 txc->s.ampdu_settings, factor);
849 866
850 if (info->flags & IEEE80211_TX_CTL_AMPDU) { 867 for (i = 0; i < CARL9170_TX_MAX_RATES; i++) {
851 for (i = 1; i < CARL9170_TX_MAX_RATES; i++) {
852 txrate = &info->control.rates[i]; 868 txrate = &info->control.rates[i];
853 if (txrate->idx >= 0) 869 if (txrate->idx >= 0) {
870 txc->s.ri[i] =
871 CARL9170_TX_SUPER_RI_AMPDU;
872
873 if (WARN_ON(!(txrate->flags &
874 IEEE80211_TX_RC_MCS))) {
875 /*
876 * Not sure if it's even possible
877 * to aggregate non-ht rates with
878 * this HW.
879 */
880 goto err_out;
881 }
854 continue; 882 continue;
883 }
855 884
856 txrate->idx = 0; 885 txrate->idx = 0;
857 txrate->count = ar->hw->max_rate_tries; 886 txrate->count = ar->hw->max_rate_tries;
858 } 887 }
888
889 mac_tmp |= cpu_to_le16(AR9170_TX_MAC_AGGR);
859 } 890 }
860 891
861 /* 892 /*
@@ -878,57 +909,21 @@ static int carl9170_tx_prepare(struct ar9170 *ar, struct sk_buff *skb)
878 txc->s.ri[i] |= (AR9170_TX_MAC_PROT_CTS << 909 txc->s.ri[i] |= (AR9170_TX_MAC_PROT_CTS <<
879 CARL9170_TX_SUPER_RI_ERP_PROT_S); 910 CARL9170_TX_SUPER_RI_ERP_PROT_S);
880 911
881 /*
882 * unaggregated fallback, in case aggregation
883 * proves to be unsuccessful and unreliable.
884 */
885 if (ampdu && i < 3)
886 txc->s.ri[i] |= CARL9170_TX_SUPER_RI_AMPDU;
887
888 txc->s.rr[i - 1] = carl9170_tx_physet(ar, info, txrate); 912 txc->s.rr[i - 1] = carl9170_tx_physet(ar, info, txrate);
889 } 913 }
890 914
891 if (ieee80211_is_probe_resp(hdr->frame_control)) 915 txrate = &info->control.rates[0];
892 txc->s.misc |= CARL9170_TX_SUPER_MISC_FILL_IN_TSF; 916 SET_VAL(CARL9170_TX_SUPER_RI_TRIES, txc->s.ri[0], txrate->count);
893
894 if (ampdu) {
895 unsigned int density, factor;
896
897 if (unlikely(!sta || !cvif))
898 goto err_out;
899
900 density = info->control.sta->ht_cap.ampdu_density;
901 factor = info->control.sta->ht_cap.ampdu_factor;
902
903 if (density) {
904 /*
905 * Watch out!
906 *
907 * Otus uses slightly different density values than
908 * those from the 802.11n spec.
909 */
910
911 density = max_t(unsigned int, density + 1, 7u);
912 }
913
914 factor = min_t(unsigned int, 1u, factor);
915
916 SET_VAL(CARL9170_TX_SUPER_AMPDU_DENSITY,
917 txc->s.ampdu_settings, density);
918 917
919 SET_VAL(CARL9170_TX_SUPER_AMPDU_FACTOR, 918 if (carl9170_tx_rts_check(ar, txrate, ampdu, no_ack))
920 txc->s.ampdu_settings, factor); 919 mac_tmp |= cpu_to_le16(AR9170_TX_MAC_PROT_RTS);
920 else if (carl9170_tx_cts_check(ar, txrate))
921 mac_tmp |= cpu_to_le16(AR9170_TX_MAC_PROT_CTS);
921 922
922 if (info->control.rates[0].flags & IEEE80211_TX_RC_MCS) { 923 txc->s.len = cpu_to_le16(skb->len);
923 txc->f.mac_control |= cpu_to_le16(AR9170_TX_MAC_AGGR); 924 txc->f.length = cpu_to_le16(len + FCS_LEN);
924 } else { 925 txc->f.mac_control = mac_tmp;
925 /* 926 txc->f.phy_control = carl9170_tx_physet(ar, info, txrate);
926 * Not sure if it's even possible to aggregate
927 * non-ht rates with this HW.
928 */
929 WARN_ON_ONCE(1);
930 }
931 }
932 927
933 arinfo = (void *)info->rate_driver_data; 928 arinfo = (void *)info->rate_driver_data;
934 arinfo->timeout = jiffies; 929 arinfo->timeout = jiffies;
@@ -1042,41 +1037,8 @@ retry:
1042 queue = TID_TO_WME_AC(tid_info->tid); 1037 queue = TID_TO_WME_AC(tid_info->tid);
1043 1038
1044 spin_lock_bh(&tid_info->lock); 1039 spin_lock_bh(&tid_info->lock);
1045 if (tid_info->state != CARL9170_TID_STATE_XMIT) { 1040 if (tid_info->state != CARL9170_TID_STATE_XMIT)
1046 first = skb_peek(&tid_info->queue); 1041 goto processed;
1047 if (first) {
1048 struct ieee80211_tx_info *txinfo;
1049 struct carl9170_tx_info *arinfo;
1050
1051 txinfo = IEEE80211_SKB_CB(first);
1052 arinfo = (void *) txinfo->rate_driver_data;
1053
1054 if (time_is_after_jiffies(arinfo->timeout +
1055 msecs_to_jiffies(CARL9170_QUEUE_TIMEOUT))
1056 == true)
1057 goto processed;
1058
1059 /*
1060 * We've been waiting for the frame which
1061 * matches "snx" (start sequence of the
1062 * next aggregate) for some time now.
1063 *
1064 * But it never arrived. Therefore
1065 * jump to the next available frame
1066 * and kick-start the transmission.
1067 *
1068 * Note: This might induce odd latency
1069 * spikes because the receiver will be
1070 * waiting for the lost frame too.
1071 */
1072 ar->tx_ampdu_timeout++;
1073
1074 tid_info->snx = carl9170_get_seq(first);
1075 tid_info->state = CARL9170_TID_STATE_XMIT;
1076 } else {
1077 goto processed;
1078 }
1079 }
1080 1042
1081 tid_info->counter++; 1043 tid_info->counter++;
1082 first = skb_peek(&tid_info->queue); 1044 first = skb_peek(&tid_info->queue);
diff --git a/drivers/net/wireless/ath/carl9170/usb.c b/drivers/net/wireless/ath/carl9170/usb.c
index eb789a9e4f15..c7f6193934ea 100644
--- a/drivers/net/wireless/ath/carl9170/usb.c
+++ b/drivers/net/wireless/ath/carl9170/usb.c
@@ -606,8 +606,6 @@ int __carl9170_exec_cmd(struct ar9170 *ar, struct carl9170_cmd *cmd,
606 AR9170_USB_EP_CMD), cmd, cmd->hdr.len + 4, 606 AR9170_USB_EP_CMD), cmd, cmd->hdr.len + 4,
607 carl9170_usb_cmd_complete, ar, 1); 607 carl9170_usb_cmd_complete, ar, 1);
608 608
609 urb->transfer_flags |= URB_ZERO_PACKET;
610
611 if (free_buf) 609 if (free_buf)
612 urb->transfer_flags |= URB_FREE_BUFFER; 610 urb->transfer_flags |= URB_FREE_BUFFER;
613 611
diff --git a/drivers/net/wireless/wl12xx/Makefile b/drivers/net/wireless/wl12xx/Makefile
index 078b4398ac1f..0d334d6f86f4 100644
--- a/drivers/net/wireless/wl12xx/Makefile
+++ b/drivers/net/wireless/wl12xx/Makefile
@@ -16,3 +16,6 @@ wl1271-$(CONFIG_NL80211_TESTMODE) += wl1271_testmode.o
16obj-$(CONFIG_WL1271) += wl1271.o 16obj-$(CONFIG_WL1271) += wl1271.o
17obj-$(CONFIG_WL1271_SPI) += wl1271_spi.o 17obj-$(CONFIG_WL1271_SPI) += wl1271_spi.o
18obj-$(CONFIG_WL1271_SDIO) += wl1271_sdio.o 18obj-$(CONFIG_WL1271_SDIO) += wl1271_sdio.o
19
20# small builtin driver bit
21obj-$(CONFIG_WL12XX_PLATFORM_DATA) += wl12xx_platform_data.o
diff --git a/drivers/net/wireless/wl12xx/wl1271_boot.c b/drivers/net/wireless/wl12xx/wl1271_boot.c
index fc21db810812..e5a7f042645f 100644
--- a/drivers/net/wireless/wl12xx/wl1271_boot.c
+++ b/drivers/net/wireless/wl12xx/wl1271_boot.c
@@ -274,11 +274,11 @@ static int wl1271_boot_upload_nvs(struct wl1271 *wl)
274 274
275 /* 275 /*
276 * We've reached the first zero length, the first NVS table 276 * We've reached the first zero length, the first NVS table
277 * is 7 bytes further. 277 * is located at an aligned offset which is at least 7 bytes further.
278 */ 278 */
279 nvs_ptr += 7; 279 nvs_ptr = (u8 *)wl->nvs->nvs +
280 ALIGN(nvs_ptr - (u8 *)wl->nvs->nvs + 7, 4);
280 nvs_len -= nvs_ptr - (u8 *)wl->nvs->nvs; 281 nvs_len -= nvs_ptr - (u8 *)wl->nvs->nvs;
281 nvs_len = ALIGN(nvs_len, 4);
282 282
283 /* FIXME: The driver sets the partition here, but this is not needed, 283 /* FIXME: The driver sets the partition here, but this is not needed,
284 since it sets to the same one as currently in use */ 284 since it sets to the same one as currently in use */
@@ -286,14 +286,9 @@ static int wl1271_boot_upload_nvs(struct wl1271 *wl)
286 wl1271_set_partition(wl, &part_table[PART_WORK]); 286 wl1271_set_partition(wl, &part_table[PART_WORK]);
287 287
288 /* Copy the NVS tables to a new block to ensure alignment */ 288 /* Copy the NVS tables to a new block to ensure alignment */
289 /* FIXME: We jump 3 more bytes before uploading the NVS. It seems 289 nvs_aligned = kmemdup(nvs_ptr, nvs_len, GFP_KERNEL);
290 that our NVS files have three extra zeros here. I'm not sure whether 290 if (!nvs_aligned)
291 the problem is in our NVS generation or we should really jumpt these 291 return -ENOMEM;
292 3 bytes here */
293 nvs_ptr += 3;
294
295 nvs_aligned = kmemdup(nvs_ptr, nvs_len, GFP_KERNEL); if
296 (!nvs_aligned) return -ENOMEM;
297 292
298 /* And finally we upload the NVS tables */ 293 /* And finally we upload the NVS tables */
299 /* FIXME: In wl1271, we upload everything at once. 294 /* FIXME: In wl1271, we upload everything at once.
diff --git a/include/net/mac80211.h b/include/net/mac80211.h
index 12a49f0ba32c..fe8b9dae4dee 100644
--- a/include/net/mac80211.h
+++ b/include/net/mac80211.h
@@ -321,6 +321,9 @@ struct ieee80211_bss_conf {
321 * @IEEE80211_TX_CTL_LDPC: tells the driver to use LDPC for this frame 321 * @IEEE80211_TX_CTL_LDPC: tells the driver to use LDPC for this frame
322 * @IEEE80211_TX_CTL_STBC: Enables Space-Time Block Coding (STBC) for this 322 * @IEEE80211_TX_CTL_STBC: Enables Space-Time Block Coding (STBC) for this
323 * frame and selects the maximum number of streams that it can use. 323 * frame and selects the maximum number of streams that it can use.
324 *
325 * Note: If you have to add new flags to the enumeration, then don't
326 * forget to update %IEEE80211_TX_TEMPORARY_FLAGS when necessary.
324 */ 327 */
325enum mac80211_tx_control_flags { 328enum mac80211_tx_control_flags {
326 IEEE80211_TX_CTL_REQ_TX_STATUS = BIT(0), 329 IEEE80211_TX_CTL_REQ_TX_STATUS = BIT(0),
@@ -350,6 +353,19 @@ enum mac80211_tx_control_flags {
350 353
351#define IEEE80211_TX_CTL_STBC_SHIFT 23 354#define IEEE80211_TX_CTL_STBC_SHIFT 23
352 355
356/*
357 * This definition is used as a mask to clear all temporary flags, which are
358 * set by the tx handlers for each transmission attempt by the mac80211 stack.
359 */
360#define IEEE80211_TX_TEMPORARY_FLAGS (IEEE80211_TX_CTL_NO_ACK | \
361 IEEE80211_TX_CTL_CLEAR_PS_FILT | IEEE80211_TX_CTL_FIRST_FRAGMENT | \
362 IEEE80211_TX_CTL_SEND_AFTER_DTIM | IEEE80211_TX_CTL_AMPDU | \
363 IEEE80211_TX_STAT_TX_FILTERED | IEEE80211_TX_STAT_ACK | \
364 IEEE80211_TX_STAT_AMPDU | IEEE80211_TX_STAT_AMPDU_NO_BACK | \
365 IEEE80211_TX_CTL_RATE_CTRL_PROBE | IEEE80211_TX_CTL_PSPOLL_RESPONSE | \
366 IEEE80211_TX_CTL_MORE_FRAMES | IEEE80211_TX_CTL_LDPC | \
367 IEEE80211_TX_CTL_STBC)
368
353/** 369/**
354 * enum mac80211_rate_control_flags - per-rate flags set by the 370 * enum mac80211_rate_control_flags - per-rate flags set by the
355 * Rate Control algorithm. 371 * Rate Control algorithm.
@@ -565,9 +581,6 @@ ieee80211_tx_info_clear_status(struct ieee80211_tx_info *info)
565 * @RX_FLAG_HT: HT MCS was used and rate_idx is MCS index 581 * @RX_FLAG_HT: HT MCS was used and rate_idx is MCS index
566 * @RX_FLAG_40MHZ: HT40 (40 MHz) was used 582 * @RX_FLAG_40MHZ: HT40 (40 MHz) was used
567 * @RX_FLAG_SHORT_GI: Short guard interval was used 583 * @RX_FLAG_SHORT_GI: Short guard interval was used
568 * @RX_FLAG_INTERNAL_CMTR: set internally after frame was reported
569 * on cooked monitor to avoid double-reporting it for multiple
570 * virtual interfaces
571 */ 584 */
572enum mac80211_rx_flags { 585enum mac80211_rx_flags {
573 RX_FLAG_MMIC_ERROR = 1<<0, 586 RX_FLAG_MMIC_ERROR = 1<<0,
@@ -581,7 +594,6 @@ enum mac80211_rx_flags {
581 RX_FLAG_HT = 1<<9, 594 RX_FLAG_HT = 1<<9,
582 RX_FLAG_40MHZ = 1<<10, 595 RX_FLAG_40MHZ = 1<<10,
583 RX_FLAG_SHORT_GI = 1<<11, 596 RX_FLAG_SHORT_GI = 1<<11,
584 RX_FLAG_INTERNAL_CMTR = 1<<12,
585}; 597};
586 598
587/** 599/**
@@ -602,6 +614,7 @@ enum mac80211_rx_flags {
602 * @rate_idx: index of data rate into band's supported rates or MCS index if 614 * @rate_idx: index of data rate into band's supported rates or MCS index if
603 * HT rates are use (RX_FLAG_HT) 615 * HT rates are use (RX_FLAG_HT)
604 * @flag: %RX_FLAG_* 616 * @flag: %RX_FLAG_*
617 * @rx_flags: internal RX flags for mac80211
605 */ 618 */
606struct ieee80211_rx_status { 619struct ieee80211_rx_status {
607 u64 mactime; 620 u64 mactime;
@@ -611,6 +624,7 @@ struct ieee80211_rx_status {
611 int antenna; 624 int antenna;
612 int rate_idx; 625 int rate_idx;
613 int flag; 626 int flag;
627 unsigned int rx_flags;
614}; 628};
615 629
616/** 630/**
@@ -2416,25 +2430,28 @@ struct ieee80211_sta *ieee80211_find_sta(struct ieee80211_vif *vif,
2416 const u8 *addr); 2430 const u8 *addr);
2417 2431
2418/** 2432/**
2419 * ieee80211_find_sta_by_hw - find a station on hardware 2433 * ieee80211_find_sta_by_ifaddr - find a station on hardware
2420 * 2434 *
2421 * @hw: pointer as obtained from ieee80211_alloc_hw() 2435 * @hw: pointer as obtained from ieee80211_alloc_hw()
2422 * @addr: station's address 2436 * @addr: remote station's address
2437 * @localaddr: local address (vif->sdata->vif.addr). Use NULL for 'any'.
2423 * 2438 *
2424 * This function must be called under RCU lock and the 2439 * This function must be called under RCU lock and the
2425 * resulting pointer is only valid under RCU lock as well. 2440 * resulting pointer is only valid under RCU lock as well.
2426 * 2441 *
2427 * NOTE: This function should not be used! When mac80211 is converted 2442 * NOTE: You may pass NULL for localaddr, but then you will just get
2428 * internally to properly keep track of stations on multiple 2443 * the first STA that matches the remote address 'addr'.
2429 * virtual interfaces, it will not always know which station to 2444 * We can have multiple STA associated with multiple
2430 * return here since a single address might be used by multiple 2445 * logical stations (e.g. consider a station connecting to another
2431 * logical stations (e.g. consider a station connecting to another 2446 * BSSID on the same AP hardware without disconnecting first).
2432 * BSSID on the same AP hardware without disconnecting first). 2447 * In this case, the result of this method with localaddr NULL
2448 * is not reliable.
2433 * 2449 *
2434 * DO NOT USE THIS FUNCTION. 2450 * DO NOT USE THIS FUNCTION with localaddr NULL if at all possible.
2435 */ 2451 */
2436struct ieee80211_sta *ieee80211_find_sta_by_hw(struct ieee80211_hw *hw, 2452struct ieee80211_sta *ieee80211_find_sta_by_ifaddr(struct ieee80211_hw *hw,
2437 const u8 *addr); 2453 const u8 *addr,
2454 const u8 *localaddr);
2438 2455
2439/** 2456/**
2440 * ieee80211_sta_block_awake - block station from waking up 2457 * ieee80211_sta_block_awake - block station from waking up
diff --git a/net/mac80211/debugfs.c b/net/mac80211/debugfs.c
index e81ef4e8cb32..ebd5b69f562e 100644
--- a/net/mac80211/debugfs.c
+++ b/net/mac80211/debugfs.c
@@ -368,7 +368,6 @@ void debugfs_hw_add(struct ieee80211_local *local)
368 if (!phyd) 368 if (!phyd)
369 return; 369 return;
370 370
371 local->debugfs.stations = debugfs_create_dir("stations", phyd);
372 local->debugfs.keys = debugfs_create_dir("keys", phyd); 371 local->debugfs.keys = debugfs_create_dir("keys", phyd);
373 372
374 DEBUGFS_ADD(frequency); 373 DEBUGFS_ADD(frequency);
diff --git a/net/mac80211/debugfs_netdev.c b/net/mac80211/debugfs_netdev.c
index 20b2998fa0ed..3e12430591b7 100644
--- a/net/mac80211/debugfs_netdev.c
+++ b/net/mac80211/debugfs_netdev.c
@@ -409,6 +409,9 @@ void ieee80211_debugfs_add_netdev(struct ieee80211_sub_if_data *sdata)
409 sprintf(buf, "netdev:%s", sdata->name); 409 sprintf(buf, "netdev:%s", sdata->name);
410 sdata->debugfs.dir = debugfs_create_dir(buf, 410 sdata->debugfs.dir = debugfs_create_dir(buf,
411 sdata->local->hw.wiphy->debugfsdir); 411 sdata->local->hw.wiphy->debugfsdir);
412 if (sdata->debugfs.dir)
413 sdata->debugfs.subdir_stations = debugfs_create_dir("stations",
414 sdata->debugfs.dir);
412 add_files(sdata); 415 add_files(sdata);
413} 416}
414 417
diff --git a/net/mac80211/debugfs_sta.c b/net/mac80211/debugfs_sta.c
index 76839d4dfaac..6b7ff9fb4604 100644
--- a/net/mac80211/debugfs_sta.c
+++ b/net/mac80211/debugfs_sta.c
@@ -300,7 +300,7 @@ STA_OPS(ht_capa);
300 300
301void ieee80211_sta_debugfs_add(struct sta_info *sta) 301void ieee80211_sta_debugfs_add(struct sta_info *sta)
302{ 302{
303 struct dentry *stations_dir = sta->local->debugfs.stations; 303 struct dentry *stations_dir = sta->sdata->debugfs.subdir_stations;
304 u8 mac[3*ETH_ALEN]; 304 u8 mac[3*ETH_ALEN];
305 305
306 sta->debugfs.add_has_run = true; 306 sta->debugfs.add_has_run = true;
diff --git a/net/mac80211/ieee80211_i.h b/net/mac80211/ieee80211_i.h
index 9346a6b0f400..945fbf29719d 100644
--- a/net/mac80211/ieee80211_i.h
+++ b/net/mac80211/ieee80211_i.h
@@ -159,13 +159,37 @@ typedef unsigned __bitwise__ ieee80211_rx_result;
159#define RX_DROP_MONITOR ((__force ieee80211_rx_result) 2u) 159#define RX_DROP_MONITOR ((__force ieee80211_rx_result) 2u)
160#define RX_QUEUED ((__force ieee80211_rx_result) 3u) 160#define RX_QUEUED ((__force ieee80211_rx_result) 3u)
161 161
162#define IEEE80211_RX_IN_SCAN BIT(0) 162/**
163/* frame is destined to interface currently processed (incl. multicast frames) */ 163 * enum ieee80211_packet_rx_flags - packet RX flags
164#define IEEE80211_RX_RA_MATCH BIT(1) 164 * @IEEE80211_RX_RA_MATCH: frame is destined to interface currently processed
165#define IEEE80211_RX_AMSDU BIT(2) 165 * (incl. multicast frames)
166#define IEEE80211_RX_FRAGMENTED BIT(3) 166 * @IEEE80211_RX_IN_SCAN: received while scanning
167#define IEEE80211_MALFORMED_ACTION_FRM BIT(4) 167 * @IEEE80211_RX_FRAGMENTED: fragmented frame
168/* only add flags here that do not change with subframes of an aMPDU */ 168 * @IEEE80211_RX_AMSDU: a-MSDU packet
169 * @IEEE80211_RX_MALFORMED_ACTION_FRM: action frame is malformed
170 *
171 * These are per-frame flags that are attached to a frame in the
172 * @rx_flags field of &struct ieee80211_rx_status.
173 */
174enum ieee80211_packet_rx_flags {
175 IEEE80211_RX_IN_SCAN = BIT(0),
176 IEEE80211_RX_RA_MATCH = BIT(1),
177 IEEE80211_RX_FRAGMENTED = BIT(2),
178 IEEE80211_RX_AMSDU = BIT(3),
179 IEEE80211_RX_MALFORMED_ACTION_FRM = BIT(4),
180};
181
182/**
183 * enum ieee80211_rx_flags - RX data flags
184 *
185 * @IEEE80211_RX_CMNTR: received on cooked monitor already
186 *
187 * These flags are used across handling multiple interfaces
188 * for a single frame.
189 */
190enum ieee80211_rx_flags {
191 IEEE80211_RX_CMNTR = BIT(0),
192};
169 193
170struct ieee80211_rx_data { 194struct ieee80211_rx_data {
171 struct sk_buff *skb; 195 struct sk_buff *skb;
@@ -564,6 +588,7 @@ struct ieee80211_sub_if_data {
564#ifdef CONFIG_MAC80211_DEBUGFS 588#ifdef CONFIG_MAC80211_DEBUGFS
565 struct { 589 struct {
566 struct dentry *dir; 590 struct dentry *dir;
591 struct dentry *subdir_stations;
567 struct dentry *default_key; 592 struct dentry *default_key;
568 struct dentry *default_mgmt_key; 593 struct dentry *default_mgmt_key;
569 } debugfs; 594 } debugfs;
@@ -899,7 +924,6 @@ struct ieee80211_local {
899#ifdef CONFIG_MAC80211_DEBUGFS 924#ifdef CONFIG_MAC80211_DEBUGFS
900 struct local_debugfsdentries { 925 struct local_debugfsdentries {
901 struct dentry *rcdir; 926 struct dentry *rcdir;
902 struct dentry *stations;
903 struct dentry *keys; 927 struct dentry *keys;
904 } debugfs; 928 } debugfs;
905#endif 929#endif
@@ -1256,7 +1280,8 @@ void ieee80211_send_auth(struct ieee80211_sub_if_data *sdata,
1256 const u8 *key, u8 key_len, u8 key_idx); 1280 const u8 *key, u8 key_len, u8 key_idx);
1257int ieee80211_build_preq_ies(struct ieee80211_local *local, u8 *buffer, 1281int ieee80211_build_preq_ies(struct ieee80211_local *local, u8 *buffer,
1258 const u8 *ie, size_t ie_len, 1282 const u8 *ie, size_t ie_len,
1259 enum ieee80211_band band); 1283 enum ieee80211_band band, u32 rate_mask,
1284 u8 channel);
1260void ieee80211_send_probe_req(struct ieee80211_sub_if_data *sdata, u8 *dst, 1285void ieee80211_send_probe_req(struct ieee80211_sub_if_data *sdata, u8 *dst,
1261 const u8 *ssid, size_t ssid_len, 1286 const u8 *ssid, size_t ssid_len,
1262 const u8 *ie, size_t ie_len); 1287 const u8 *ie, size_t ie_len);
diff --git a/net/mac80211/main.c b/net/mac80211/main.c
index fda97bb0018b..db341a99c7c7 100644
--- a/net/mac80211/main.c
+++ b/net/mac80211/main.c
@@ -110,7 +110,8 @@ int ieee80211_hw_config(struct ieee80211_local *local, u32 changed)
110 chan = scan_chan; 110 chan = scan_chan;
111 channel_type = NL80211_CHAN_NO_HT; 111 channel_type = NL80211_CHAN_NO_HT;
112 local->hw.conf.flags |= IEEE80211_CONF_OFFCHANNEL; 112 local->hw.conf.flags |= IEEE80211_CONF_OFFCHANNEL;
113 } else if (local->tmp_channel) { 113 } else if (local->tmp_channel &&
114 local->oper_channel != local->tmp_channel) {
114 chan = scan_chan = local->tmp_channel; 115 chan = scan_chan = local->tmp_channel;
115 channel_type = local->tmp_channel_type; 116 channel_type = local->tmp_channel_type;
116 local->hw.conf.flags |= IEEE80211_CONF_OFFCHANNEL; 117 local->hw.conf.flags |= IEEE80211_CONF_OFFCHANNEL;
diff --git a/net/mac80211/mlme.c b/net/mac80211/mlme.c
index 8b733cf6f3ea..77913a15f537 100644
--- a/net/mac80211/mlme.c
+++ b/net/mac80211/mlme.c
@@ -880,14 +880,6 @@ static void ieee80211_set_associated(struct ieee80211_sub_if_data *sdata,
880 sdata->u.mgd.flags &= ~(IEEE80211_STA_CONNECTION_POLL | 880 sdata->u.mgd.flags &= ~(IEEE80211_STA_CONNECTION_POLL |
881 IEEE80211_STA_BEACON_POLL); 881 IEEE80211_STA_BEACON_POLL);
882 882
883 /*
884 * Always handle WMM once after association regardless
885 * of the first value the AP uses. Setting -1 here has
886 * that effect because the AP values is an unsigned
887 * 4-bit value.
888 */
889 sdata->u.mgd.wmm_last_param_set = -1;
890
891 ieee80211_led_assoc(local, 1); 883 ieee80211_led_assoc(local, 1);
892 884
893 if (local->hw.flags & IEEE80211_HW_NEED_DTIM_PERIOD) 885 if (local->hw.flags & IEEE80211_HW_NEED_DTIM_PERIOD)
@@ -1367,6 +1359,14 @@ static bool ieee80211_assoc_success(struct ieee80211_work *wk,
1367 return false; 1359 return false;
1368 } 1360 }
1369 1361
1362 /*
1363 * Always handle WMM once after association regardless
1364 * of the first value the AP uses. Setting -1 here has
1365 * that effect because the AP values is an unsigned
1366 * 4-bit value.
1367 */
1368 ifmgd->wmm_last_param_set = -1;
1369
1370 if (elems.wmm_param) 1370 if (elems.wmm_param)
1371 ieee80211_sta_wmm_params(local, sdata, elems.wmm_param, 1371 ieee80211_sta_wmm_params(local, sdata, elems.wmm_param,
1372 elems.wmm_param_len); 1372 elems.wmm_param_len);
diff --git a/net/mac80211/rx.c b/net/mac80211/rx.c
index c0368152b721..0b0e83ebe3d5 100644
--- a/net/mac80211/rx.c
+++ b/net/mac80211/rx.c
@@ -315,6 +315,7 @@ ieee80211_rx_monitor(struct ieee80211_local *local, struct sk_buff *origskb,
315static void ieee80211_parse_qos(struct ieee80211_rx_data *rx) 315static void ieee80211_parse_qos(struct ieee80211_rx_data *rx)
316{ 316{
317 struct ieee80211_hdr *hdr = (struct ieee80211_hdr *)rx->skb->data; 317 struct ieee80211_hdr *hdr = (struct ieee80211_hdr *)rx->skb->data;
318 struct ieee80211_rx_status *status = IEEE80211_SKB_RXCB(rx->skb);
318 int tid; 319 int tid;
319 320
320 /* does the frame have a qos control field? */ 321 /* does the frame have a qos control field? */
@@ -323,9 +324,7 @@ static void ieee80211_parse_qos(struct ieee80211_rx_data *rx)
323 /* frame has qos control */ 324 /* frame has qos control */
324 tid = *qc & IEEE80211_QOS_CTL_TID_MASK; 325 tid = *qc & IEEE80211_QOS_CTL_TID_MASK;
325 if (*qc & IEEE80211_QOS_CONTROL_A_MSDU_PRESENT) 326 if (*qc & IEEE80211_QOS_CONTROL_A_MSDU_PRESENT)
326 rx->flags |= IEEE80211_RX_AMSDU; 327 status->rx_flags |= IEEE80211_RX_AMSDU;
327 else
328 rx->flags &= ~IEEE80211_RX_AMSDU;
329 } else { 328 } else {
330 /* 329 /*
331 * IEEE 802.11-2007, 7.1.3.4.1 ("Sequence Number field"): 330 * IEEE 802.11-2007, 7.1.3.4.1 ("Sequence Number field"):
@@ -387,26 +386,25 @@ static ieee80211_rx_result debug_noinline
387ieee80211_rx_h_passive_scan(struct ieee80211_rx_data *rx) 386ieee80211_rx_h_passive_scan(struct ieee80211_rx_data *rx)
388{ 387{
389 struct ieee80211_local *local = rx->local; 388 struct ieee80211_local *local = rx->local;
389 struct ieee80211_rx_status *status = IEEE80211_SKB_RXCB(rx->skb);
390 struct sk_buff *skb = rx->skb; 390 struct sk_buff *skb = rx->skb;
391 391
392 if (unlikely(test_bit(SCAN_HW_SCANNING, &local->scanning))) 392 if (likely(!(status->rx_flags & IEEE80211_RX_IN_SCAN)))
393 return RX_CONTINUE;
394
395 if (test_bit(SCAN_HW_SCANNING, &local->scanning))
393 return ieee80211_scan_rx(rx->sdata, skb); 396 return ieee80211_scan_rx(rx->sdata, skb);
394 397
395 if (unlikely(test_bit(SCAN_SW_SCANNING, &local->scanning) && 398 if (test_bit(SCAN_SW_SCANNING, &local->scanning)) {
396 (rx->flags & IEEE80211_RX_IN_SCAN))) {
397 /* drop all the other packets during a software scan anyway */ 399 /* drop all the other packets during a software scan anyway */
398 if (ieee80211_scan_rx(rx->sdata, skb) != RX_QUEUED) 400 if (ieee80211_scan_rx(rx->sdata, skb) != RX_QUEUED)
399 dev_kfree_skb(skb); 401 dev_kfree_skb(skb);
400 return RX_QUEUED; 402 return RX_QUEUED;
401 } 403 }
402 404
403 if (unlikely(rx->flags & IEEE80211_RX_IN_SCAN)) { 405 /* scanning finished during invoking of handlers */
404 /* scanning finished during invoking of handlers */ 406 I802_DEBUG_INC(local->rx_handlers_drop_passive_scan);
405 I802_DEBUG_INC(local->rx_handlers_drop_passive_scan); 407 return RX_DROP_UNUSABLE;
406 return RX_DROP_UNUSABLE;
407 }
408
409 return RX_CONTINUE;
410} 408}
411 409
412 410
@@ -785,13 +783,14 @@ static ieee80211_rx_result debug_noinline
785ieee80211_rx_h_check(struct ieee80211_rx_data *rx) 783ieee80211_rx_h_check(struct ieee80211_rx_data *rx)
786{ 784{
787 struct ieee80211_hdr *hdr = (struct ieee80211_hdr *)rx->skb->data; 785 struct ieee80211_hdr *hdr = (struct ieee80211_hdr *)rx->skb->data;
786 struct ieee80211_rx_status *status = IEEE80211_SKB_RXCB(rx->skb);
788 787
789 /* Drop duplicate 802.11 retransmissions (IEEE 802.11 Chap. 9.2.9) */ 788 /* Drop duplicate 802.11 retransmissions (IEEE 802.11 Chap. 9.2.9) */
790 if (rx->sta && !is_multicast_ether_addr(hdr->addr1)) { 789 if (rx->sta && !is_multicast_ether_addr(hdr->addr1)) {
791 if (unlikely(ieee80211_has_retry(hdr->frame_control) && 790 if (unlikely(ieee80211_has_retry(hdr->frame_control) &&
792 rx->sta->last_seq_ctrl[rx->queue] == 791 rx->sta->last_seq_ctrl[rx->queue] ==
793 hdr->seq_ctrl)) { 792 hdr->seq_ctrl)) {
794 if (rx->flags & IEEE80211_RX_RA_MATCH) { 793 if (status->rx_flags & IEEE80211_RX_RA_MATCH) {
795 rx->local->dot11FrameDuplicateCount++; 794 rx->local->dot11FrameDuplicateCount++;
796 rx->sta->num_duplicates++; 795 rx->sta->num_duplicates++;
797 } 796 }
@@ -824,7 +823,7 @@ ieee80211_rx_h_check(struct ieee80211_rx_data *rx)
824 if ((!ieee80211_has_fromds(hdr->frame_control) && 823 if ((!ieee80211_has_fromds(hdr->frame_control) &&
825 !ieee80211_has_tods(hdr->frame_control) && 824 !ieee80211_has_tods(hdr->frame_control) &&
826 ieee80211_is_data(hdr->frame_control)) || 825 ieee80211_is_data(hdr->frame_control)) ||
827 !(rx->flags & IEEE80211_RX_RA_MATCH)) { 826 !(status->rx_flags & IEEE80211_RX_RA_MATCH)) {
828 /* Drop IBSS frames and frames for other hosts 827 /* Drop IBSS frames and frames for other hosts
829 * silently. */ 828 * silently. */
830 return RX_DROP_MONITOR; 829 return RX_DROP_MONITOR;
@@ -881,7 +880,7 @@ ieee80211_rx_h_decrypt(struct ieee80211_rx_data *rx)
881 * No point in finding a key and decrypting if the frame is neither 880 * No point in finding a key and decrypting if the frame is neither
882 * addressed to us nor a multicast frame. 881 * addressed to us nor a multicast frame.
883 */ 882 */
884 if (!(rx->flags & IEEE80211_RX_RA_MATCH)) 883 if (!(status->rx_flags & IEEE80211_RX_RA_MATCH))
885 return RX_CONTINUE; 884 return RX_CONTINUE;
886 885
887 /* start without a key */ 886 /* start without a key */
@@ -1114,7 +1113,7 @@ ieee80211_rx_h_sta_process(struct ieee80211_rx_data *rx)
1114 sta->last_rx = jiffies; 1113 sta->last_rx = jiffies;
1115 } 1114 }
1116 1115
1117 if (!(rx->flags & IEEE80211_RX_RA_MATCH)) 1116 if (!(status->rx_flags & IEEE80211_RX_RA_MATCH))
1118 return RX_CONTINUE; 1117 return RX_CONTINUE;
1119 1118
1120 if (rx->sdata->vif.type == NL80211_IFTYPE_STATION) 1119 if (rx->sdata->vif.type == NL80211_IFTYPE_STATION)
@@ -1271,6 +1270,7 @@ ieee80211_rx_h_defragment(struct ieee80211_rx_data *rx)
1271 unsigned int frag, seq; 1270 unsigned int frag, seq;
1272 struct ieee80211_fragment_entry *entry; 1271 struct ieee80211_fragment_entry *entry;
1273 struct sk_buff *skb; 1272 struct sk_buff *skb;
1273 struct ieee80211_rx_status *status;
1274 1274
1275 hdr = (struct ieee80211_hdr *)rx->skb->data; 1275 hdr = (struct ieee80211_hdr *)rx->skb->data;
1276 fc = hdr->frame_control; 1276 fc = hdr->frame_control;
@@ -1370,7 +1370,8 @@ ieee80211_rx_h_defragment(struct ieee80211_rx_data *rx)
1370 } 1370 }
1371 1371
1372 /* Complete frame has been reassembled - process it now */ 1372 /* Complete frame has been reassembled - process it now */
1373 rx->flags |= IEEE80211_RX_FRAGMENTED; 1373 status = IEEE80211_SKB_RXCB(rx->skb);
1374 status->rx_flags |= IEEE80211_RX_FRAGMENTED;
1374 1375
1375 out: 1376 out:
1376 if (rx->sta) 1377 if (rx->sta)
@@ -1387,9 +1388,10 @@ ieee80211_rx_h_ps_poll(struct ieee80211_rx_data *rx)
1387{ 1388{
1388 struct ieee80211_sub_if_data *sdata = rx->sdata; 1389 struct ieee80211_sub_if_data *sdata = rx->sdata;
1389 __le16 fc = ((struct ieee80211_hdr *)rx->skb->data)->frame_control; 1390 __le16 fc = ((struct ieee80211_hdr *)rx->skb->data)->frame_control;
1391 struct ieee80211_rx_status *status = IEEE80211_SKB_RXCB(rx->skb);
1390 1392
1391 if (likely(!rx->sta || !ieee80211_is_pspoll(fc) || 1393 if (likely(!rx->sta || !ieee80211_is_pspoll(fc) ||
1392 !(rx->flags & IEEE80211_RX_RA_MATCH))) 1394 !(status->rx_flags & IEEE80211_RX_RA_MATCH)))
1393 return RX_CONTINUE; 1395 return RX_CONTINUE;
1394 1396
1395 if ((sdata->vif.type != NL80211_IFTYPE_AP) && 1397 if ((sdata->vif.type != NL80211_IFTYPE_AP) &&
@@ -1550,6 +1552,7 @@ ieee80211_deliver_skb(struct ieee80211_rx_data *rx)
1550 struct sk_buff *skb, *xmit_skb; 1552 struct sk_buff *skb, *xmit_skb;
1551 struct ethhdr *ehdr = (struct ethhdr *) rx->skb->data; 1553 struct ethhdr *ehdr = (struct ethhdr *) rx->skb->data;
1552 struct sta_info *dsta; 1554 struct sta_info *dsta;
1555 struct ieee80211_rx_status *status = IEEE80211_SKB_RXCB(rx->skb);
1553 1556
1554 skb = rx->skb; 1557 skb = rx->skb;
1555 xmit_skb = NULL; 1558 xmit_skb = NULL;
@@ -1557,7 +1560,7 @@ ieee80211_deliver_skb(struct ieee80211_rx_data *rx)
1557 if ((sdata->vif.type == NL80211_IFTYPE_AP || 1560 if ((sdata->vif.type == NL80211_IFTYPE_AP ||
1558 sdata->vif.type == NL80211_IFTYPE_AP_VLAN) && 1561 sdata->vif.type == NL80211_IFTYPE_AP_VLAN) &&
1559 !(sdata->flags & IEEE80211_SDATA_DONT_BRIDGE_PACKETS) && 1562 !(sdata->flags & IEEE80211_SDATA_DONT_BRIDGE_PACKETS) &&
1560 (rx->flags & IEEE80211_RX_RA_MATCH) && 1563 (status->rx_flags & IEEE80211_RX_RA_MATCH) &&
1561 (sdata->vif.type != NL80211_IFTYPE_AP_VLAN || !sdata->u.vlan.sta)) { 1564 (sdata->vif.type != NL80211_IFTYPE_AP_VLAN || !sdata->u.vlan.sta)) {
1562 if (is_multicast_ether_addr(ehdr->h_dest)) { 1565 if (is_multicast_ether_addr(ehdr->h_dest)) {
1563 /* 1566 /*
@@ -1634,6 +1637,7 @@ ieee80211_rx_h_amsdu(struct ieee80211_rx_data *rx)
1634 struct ieee80211_hdr *hdr = (struct ieee80211_hdr *)skb->data; 1637 struct ieee80211_hdr *hdr = (struct ieee80211_hdr *)skb->data;
1635 __le16 fc = hdr->frame_control; 1638 __le16 fc = hdr->frame_control;
1636 struct sk_buff_head frame_list; 1639 struct sk_buff_head frame_list;
1640 struct ieee80211_rx_status *status = IEEE80211_SKB_RXCB(rx->skb);
1637 1641
1638 if (unlikely(!ieee80211_is_data(fc))) 1642 if (unlikely(!ieee80211_is_data(fc)))
1639 return RX_CONTINUE; 1643 return RX_CONTINUE;
@@ -1641,7 +1645,7 @@ ieee80211_rx_h_amsdu(struct ieee80211_rx_data *rx)
1641 if (unlikely(!ieee80211_is_data_present(fc))) 1645 if (unlikely(!ieee80211_is_data_present(fc)))
1642 return RX_DROP_MONITOR; 1646 return RX_DROP_MONITOR;
1643 1647
1644 if (!(rx->flags & IEEE80211_RX_AMSDU)) 1648 if (!(status->rx_flags & IEEE80211_RX_AMSDU))
1645 return RX_CONTINUE; 1649 return RX_CONTINUE;
1646 1650
1647 if (ieee80211_has_a4(hdr->frame_control) && 1651 if (ieee80211_has_a4(hdr->frame_control) &&
@@ -1692,6 +1696,7 @@ ieee80211_rx_h_mesh_fwding(struct ieee80211_rx_data *rx)
1692 struct sk_buff *skb = rx->skb, *fwd_skb; 1696 struct sk_buff *skb = rx->skb, *fwd_skb;
1693 struct ieee80211_local *local = rx->local; 1697 struct ieee80211_local *local = rx->local;
1694 struct ieee80211_sub_if_data *sdata = rx->sdata; 1698 struct ieee80211_sub_if_data *sdata = rx->sdata;
1699 struct ieee80211_rx_status *status = IEEE80211_SKB_RXCB(skb);
1695 1700
1696 hdr = (struct ieee80211_hdr *) skb->data; 1701 hdr = (struct ieee80211_hdr *) skb->data;
1697 hdrlen = ieee80211_hdrlen(hdr->frame_control); 1702 hdrlen = ieee80211_hdrlen(hdr->frame_control);
@@ -1737,7 +1742,7 @@ ieee80211_rx_h_mesh_fwding(struct ieee80211_rx_data *rx)
1737 1742
1738 mesh_hdr->ttl--; 1743 mesh_hdr->ttl--;
1739 1744
1740 if (rx->flags & IEEE80211_RX_RA_MATCH) { 1745 if (status->rx_flags & IEEE80211_RX_RA_MATCH) {
1741 if (!mesh_hdr->ttl) 1746 if (!mesh_hdr->ttl)
1742 IEEE80211_IFSTA_MESH_CTR_INC(&rx->sdata->u.mesh, 1747 IEEE80211_IFSTA_MESH_CTR_INC(&rx->sdata->u.mesh,
1743 dropped_frames_ttl); 1748 dropped_frames_ttl);
@@ -1947,6 +1952,7 @@ static ieee80211_rx_result debug_noinline
1947ieee80211_rx_h_mgmt_check(struct ieee80211_rx_data *rx) 1952ieee80211_rx_h_mgmt_check(struct ieee80211_rx_data *rx)
1948{ 1953{
1949 struct ieee80211_mgmt *mgmt = (struct ieee80211_mgmt *) rx->skb->data; 1954 struct ieee80211_mgmt *mgmt = (struct ieee80211_mgmt *) rx->skb->data;
1955 struct ieee80211_rx_status *status = IEEE80211_SKB_RXCB(rx->skb);
1950 1956
1951 /* 1957 /*
1952 * From here on, look only at management frames. 1958 * From here on, look only at management frames.
@@ -1959,7 +1965,7 @@ ieee80211_rx_h_mgmt_check(struct ieee80211_rx_data *rx)
1959 if (!ieee80211_is_mgmt(mgmt->frame_control)) 1965 if (!ieee80211_is_mgmt(mgmt->frame_control))
1960 return RX_DROP_MONITOR; 1966 return RX_DROP_MONITOR;
1961 1967
1962 if (!(rx->flags & IEEE80211_RX_RA_MATCH)) 1968 if (!(status->rx_flags & IEEE80211_RX_RA_MATCH))
1963 return RX_DROP_MONITOR; 1969 return RX_DROP_MONITOR;
1964 1970
1965 if (ieee80211_drop_unencrypted_mgmt(rx)) 1971 if (ieee80211_drop_unencrypted_mgmt(rx))
@@ -1974,6 +1980,7 @@ ieee80211_rx_h_action(struct ieee80211_rx_data *rx)
1974 struct ieee80211_local *local = rx->local; 1980 struct ieee80211_local *local = rx->local;
1975 struct ieee80211_sub_if_data *sdata = rx->sdata; 1981 struct ieee80211_sub_if_data *sdata = rx->sdata;
1976 struct ieee80211_mgmt *mgmt = (struct ieee80211_mgmt *) rx->skb->data; 1982 struct ieee80211_mgmt *mgmt = (struct ieee80211_mgmt *) rx->skb->data;
1983 struct ieee80211_rx_status *status = IEEE80211_SKB_RXCB(rx->skb);
1977 int len = rx->skb->len; 1984 int len = rx->skb->len;
1978 1985
1979 if (!ieee80211_is_action(mgmt->frame_control)) 1986 if (!ieee80211_is_action(mgmt->frame_control))
@@ -1986,7 +1993,7 @@ ieee80211_rx_h_action(struct ieee80211_rx_data *rx)
1986 if (!rx->sta && mgmt->u.action.category != WLAN_CATEGORY_PUBLIC) 1993 if (!rx->sta && mgmt->u.action.category != WLAN_CATEGORY_PUBLIC)
1987 return RX_DROP_UNUSABLE; 1994 return RX_DROP_UNUSABLE;
1988 1995
1989 if (!(rx->flags & IEEE80211_RX_RA_MATCH)) 1996 if (!(status->rx_flags & IEEE80211_RX_RA_MATCH))
1990 return RX_DROP_UNUSABLE; 1997 return RX_DROP_UNUSABLE;
1991 1998
1992 switch (mgmt->u.action.category) { 1999 switch (mgmt->u.action.category) {
@@ -2082,7 +2089,7 @@ ieee80211_rx_h_action(struct ieee80211_rx_data *rx)
2082 return RX_CONTINUE; 2089 return RX_CONTINUE;
2083 2090
2084 invalid: 2091 invalid:
2085 rx->flags |= IEEE80211_MALFORMED_ACTION_FRM; 2092 status->rx_flags |= IEEE80211_RX_MALFORMED_ACTION_FRM;
2086 /* will return in the next handlers */ 2093 /* will return in the next handlers */
2087 return RX_CONTINUE; 2094 return RX_CONTINUE;
2088 2095
@@ -2104,10 +2111,10 @@ ieee80211_rx_h_action(struct ieee80211_rx_data *rx)
2104static ieee80211_rx_result debug_noinline 2111static ieee80211_rx_result debug_noinline
2105ieee80211_rx_h_userspace_mgmt(struct ieee80211_rx_data *rx) 2112ieee80211_rx_h_userspace_mgmt(struct ieee80211_rx_data *rx)
2106{ 2113{
2107 struct ieee80211_rx_status *status; 2114 struct ieee80211_rx_status *status = IEEE80211_SKB_RXCB(rx->skb);
2108 2115
2109 /* skip known-bad action frames and return them in the next handler */ 2116 /* skip known-bad action frames and return them in the next handler */
2110 if (rx->flags & IEEE80211_MALFORMED_ACTION_FRM) 2117 if (status->rx_flags & IEEE80211_RX_MALFORMED_ACTION_FRM)
2111 return RX_CONTINUE; 2118 return RX_CONTINUE;
2112 2119
2113 /* 2120 /*
@@ -2116,7 +2123,6 @@ ieee80211_rx_h_userspace_mgmt(struct ieee80211_rx_data *rx)
2116 * so userspace can register for those to know whether ones 2123 * so userspace can register for those to know whether ones
2117 * it transmitted were processed or returned. 2124 * it transmitted were processed or returned.
2118 */ 2125 */
2119 status = IEEE80211_SKB_RXCB(rx->skb);
2120 2126
2121 if (cfg80211_rx_mgmt(rx->sdata->dev, status->freq, 2127 if (cfg80211_rx_mgmt(rx->sdata->dev, status->freq,
2122 rx->skb->data, rx->skb->len, 2128 rx->skb->data, rx->skb->len,
@@ -2138,6 +2144,7 @@ ieee80211_rx_h_action_return(struct ieee80211_rx_data *rx)
2138 struct ieee80211_mgmt *mgmt = (struct ieee80211_mgmt *) rx->skb->data; 2144 struct ieee80211_mgmt *mgmt = (struct ieee80211_mgmt *) rx->skb->data;
2139 struct sk_buff *nskb; 2145 struct sk_buff *nskb;
2140 struct ieee80211_sub_if_data *sdata = rx->sdata; 2146 struct ieee80211_sub_if_data *sdata = rx->sdata;
2147 struct ieee80211_rx_status *status = IEEE80211_SKB_RXCB(rx->skb);
2141 2148
2142 if (!ieee80211_is_action(mgmt->frame_control)) 2149 if (!ieee80211_is_action(mgmt->frame_control))
2143 return RX_CONTINUE; 2150 return RX_CONTINUE;
@@ -2152,7 +2159,7 @@ ieee80211_rx_h_action_return(struct ieee80211_rx_data *rx)
2152 * registration mechanisms, but older ones still use cooked 2159 * registration mechanisms, but older ones still use cooked
2153 * monitor interfaces so push all frames there. 2160 * monitor interfaces so push all frames there.
2154 */ 2161 */
2155 if (!(rx->flags & IEEE80211_MALFORMED_ACTION_FRM) && 2162 if (!(status->rx_flags & IEEE80211_RX_MALFORMED_ACTION_FRM) &&
2156 (sdata->vif.type == NL80211_IFTYPE_AP || 2163 (sdata->vif.type == NL80211_IFTYPE_AP ||
2157 sdata->vif.type == NL80211_IFTYPE_AP_VLAN)) 2164 sdata->vif.type == NL80211_IFTYPE_AP_VLAN))
2158 return RX_DROP_MONITOR; 2165 return RX_DROP_MONITOR;
@@ -2286,8 +2293,13 @@ static void ieee80211_rx_cooked_monitor(struct ieee80211_rx_data *rx,
2286 struct net_device *prev_dev = NULL; 2293 struct net_device *prev_dev = NULL;
2287 struct ieee80211_rx_status *status = IEEE80211_SKB_RXCB(skb); 2294 struct ieee80211_rx_status *status = IEEE80211_SKB_RXCB(skb);
2288 2295
2289 if (status->flag & RX_FLAG_INTERNAL_CMTR) 2296 /*
2297 * If cooked monitor has been processed already, then
2298 * don't do it again. If not, set the flag.
2299 */
2300 if (rx->flags & IEEE80211_RX_CMNTR)
2290 goto out_free_skb; 2301 goto out_free_skb;
2302 rx->flags |= IEEE80211_RX_CMNTR;
2291 2303
2292 if (skb_headroom(skb) < sizeof(*rthdr) && 2304 if (skb_headroom(skb) < sizeof(*rthdr) &&
2293 pskb_expand_head(skb, sizeof(*rthdr), 0, GFP_ATOMIC)) 2305 pskb_expand_head(skb, sizeof(*rthdr), 0, GFP_ATOMIC))
@@ -2343,12 +2355,8 @@ static void ieee80211_rx_cooked_monitor(struct ieee80211_rx_data *rx,
2343 if (prev_dev) { 2355 if (prev_dev) {
2344 skb->dev = prev_dev; 2356 skb->dev = prev_dev;
2345 netif_receive_skb(skb); 2357 netif_receive_skb(skb);
2346 skb = NULL; 2358 return;
2347 } else 2359 }
2348 goto out_free_skb;
2349
2350 status->flag |= RX_FLAG_INTERNAL_CMTR;
2351 return;
2352 2360
2353 out_free_skb: 2361 out_free_skb:
2354 dev_kfree_skb(skb); 2362 dev_kfree_skb(skb);
@@ -2409,6 +2417,7 @@ static void ieee80211_rx_handlers(struct ieee80211_rx_data *rx,
2409 * same TID from the same station 2417 * same TID from the same station
2410 */ 2418 */
2411 rx->skb = skb; 2419 rx->skb = skb;
2420 rx->flags = 0;
2412 2421
2413 CALL_RXH(ieee80211_rx_h_decrypt) 2422 CALL_RXH(ieee80211_rx_h_decrypt)
2414 CALL_RXH(ieee80211_rx_h_check_more_data) 2423 CALL_RXH(ieee80211_rx_h_check_more_data)
@@ -2443,18 +2452,13 @@ static void ieee80211_rx_handlers(struct ieee80211_rx_data *rx,
2443 } 2452 }
2444} 2453}
2445 2454
2446static void ieee80211_invoke_rx_handlers(struct ieee80211_sub_if_data *sdata, 2455static void ieee80211_invoke_rx_handlers(struct ieee80211_rx_data *rx)
2447 struct ieee80211_rx_data *rx,
2448 struct sk_buff *skb)
2449{ 2456{
2450 struct sk_buff_head reorder_release; 2457 struct sk_buff_head reorder_release;
2451 ieee80211_rx_result res = RX_DROP_MONITOR; 2458 ieee80211_rx_result res = RX_DROP_MONITOR;
2452 2459
2453 __skb_queue_head_init(&reorder_release); 2460 __skb_queue_head_init(&reorder_release);
2454 2461
2455 rx->skb = skb;
2456 rx->sdata = sdata;
2457
2458#define CALL_RXH(rxh) \ 2462#define CALL_RXH(rxh) \
2459 do { \ 2463 do { \
2460 res = rxh(rx); \ 2464 res = rxh(rx); \
@@ -2484,7 +2488,12 @@ static void ieee80211_invoke_rx_handlers(struct ieee80211_sub_if_data *sdata,
2484void ieee80211_release_reorder_timeout(struct sta_info *sta, int tid) 2488void ieee80211_release_reorder_timeout(struct sta_info *sta, int tid)
2485{ 2489{
2486 struct sk_buff_head frames; 2490 struct sk_buff_head frames;
2487 struct ieee80211_rx_data rx = { }; 2491 struct ieee80211_rx_data rx = {
2492 .sta = sta,
2493 .sdata = sta->sdata,
2494 .local = sta->local,
2495 .queue = tid,
2496 };
2488 struct tid_ampdu_rx *tid_agg_rx; 2497 struct tid_ampdu_rx *tid_agg_rx;
2489 2498
2490 tid_agg_rx = rcu_dereference(sta->ampdu_mlme.tid_rx[tid]); 2499 tid_agg_rx = rcu_dereference(sta->ampdu_mlme.tid_rx[tid]);
@@ -2493,17 +2502,6 @@ void ieee80211_release_reorder_timeout(struct sta_info *sta, int tid)
2493 2502
2494 __skb_queue_head_init(&frames); 2503 __skb_queue_head_init(&frames);
2495 2504
2496 /* construct rx struct */
2497 rx.sta = sta;
2498 rx.sdata = sta->sdata;
2499 rx.local = sta->local;
2500 rx.queue = tid;
2501 rx.flags |= IEEE80211_RX_RA_MATCH;
2502
2503 if (unlikely(test_bit(SCAN_HW_SCANNING, &sta->local->scanning) ||
2504 test_bit(SCAN_OFF_CHANNEL, &sta->local->scanning)))
2505 rx.flags |= IEEE80211_RX_IN_SCAN;
2506
2507 spin_lock(&tid_agg_rx->reorder_lock); 2505 spin_lock(&tid_agg_rx->reorder_lock);
2508 ieee80211_sta_reorder_release(&sta->local->hw, tid_agg_rx, &frames); 2506 ieee80211_sta_reorder_release(&sta->local->hw, tid_agg_rx, &frames);
2509 spin_unlock(&tid_agg_rx->reorder_lock); 2507 spin_unlock(&tid_agg_rx->reorder_lock);
@@ -2513,10 +2511,10 @@ void ieee80211_release_reorder_timeout(struct sta_info *sta, int tid)
2513 2511
2514/* main receive path */ 2512/* main receive path */
2515 2513
2516static int prepare_for_handlers(struct ieee80211_sub_if_data *sdata, 2514static int prepare_for_handlers(struct ieee80211_rx_data *rx,
2517 struct ieee80211_rx_data *rx,
2518 struct ieee80211_hdr *hdr) 2515 struct ieee80211_hdr *hdr)
2519{ 2516{
2517 struct ieee80211_sub_if_data *sdata = rx->sdata;
2520 struct sk_buff *skb = rx->skb; 2518 struct sk_buff *skb = rx->skb;
2521 struct ieee80211_rx_status *status = IEEE80211_SKB_RXCB(skb); 2519 struct ieee80211_rx_status *status = IEEE80211_SKB_RXCB(skb);
2522 u8 *bssid = ieee80211_get_bssid(hdr, skb->len, sdata->vif.type); 2520 u8 *bssid = ieee80211_get_bssid(hdr, skb->len, sdata->vif.type);
@@ -2530,7 +2528,7 @@ static int prepare_for_handlers(struct ieee80211_sub_if_data *sdata,
2530 compare_ether_addr(sdata->vif.addr, hdr->addr1) != 0) { 2528 compare_ether_addr(sdata->vif.addr, hdr->addr1) != 0) {
2531 if (!(sdata->dev->flags & IFF_PROMISC)) 2529 if (!(sdata->dev->flags & IFF_PROMISC))
2532 return 0; 2530 return 0;
2533 rx->flags &= ~IEEE80211_RX_RA_MATCH; 2531 status->rx_flags &= ~IEEE80211_RX_RA_MATCH;
2534 } 2532 }
2535 break; 2533 break;
2536 case NL80211_IFTYPE_ADHOC: 2534 case NL80211_IFTYPE_ADHOC:
@@ -2540,15 +2538,15 @@ static int prepare_for_handlers(struct ieee80211_sub_if_data *sdata,
2540 return 1; 2538 return 1;
2541 } 2539 }
2542 else if (!ieee80211_bssid_match(bssid, sdata->u.ibss.bssid)) { 2540 else if (!ieee80211_bssid_match(bssid, sdata->u.ibss.bssid)) {
2543 if (!(rx->flags & IEEE80211_RX_IN_SCAN)) 2541 if (!(status->rx_flags & IEEE80211_RX_IN_SCAN))
2544 return 0; 2542 return 0;
2545 rx->flags &= ~IEEE80211_RX_RA_MATCH; 2543 status->rx_flags &= ~IEEE80211_RX_RA_MATCH;
2546 } else if (!multicast && 2544 } else if (!multicast &&
2547 compare_ether_addr(sdata->vif.addr, 2545 compare_ether_addr(sdata->vif.addr,
2548 hdr->addr1) != 0) { 2546 hdr->addr1) != 0) {
2549 if (!(sdata->dev->flags & IFF_PROMISC)) 2547 if (!(sdata->dev->flags & IFF_PROMISC))
2550 return 0; 2548 return 0;
2551 rx->flags &= ~IEEE80211_RX_RA_MATCH; 2549 status->rx_flags &= ~IEEE80211_RX_RA_MATCH;
2552 } else if (!rx->sta) { 2550 } else if (!rx->sta) {
2553 int rate_idx; 2551 int rate_idx;
2554 if (status->flag & RX_FLAG_HT) 2552 if (status->flag & RX_FLAG_HT)
@@ -2566,7 +2564,7 @@ static int prepare_for_handlers(struct ieee80211_sub_if_data *sdata,
2566 if (!(sdata->dev->flags & IFF_PROMISC)) 2564 if (!(sdata->dev->flags & IFF_PROMISC))
2567 return 0; 2565 return 0;
2568 2566
2569 rx->flags &= ~IEEE80211_RX_RA_MATCH; 2567 status->rx_flags &= ~IEEE80211_RX_RA_MATCH;
2570 } 2568 }
2571 break; 2569 break;
2572 case NL80211_IFTYPE_AP_VLAN: 2570 case NL80211_IFTYPE_AP_VLAN:
@@ -2577,9 +2575,9 @@ static int prepare_for_handlers(struct ieee80211_sub_if_data *sdata,
2577 return 0; 2575 return 0;
2578 } else if (!ieee80211_bssid_match(bssid, 2576 } else if (!ieee80211_bssid_match(bssid,
2579 sdata->vif.addr)) { 2577 sdata->vif.addr)) {
2580 if (!(rx->flags & IEEE80211_RX_IN_SCAN)) 2578 if (!(status->rx_flags & IEEE80211_RX_IN_SCAN))
2581 return 0; 2579 return 0;
2582 rx->flags &= ~IEEE80211_RX_RA_MATCH; 2580 status->rx_flags &= ~IEEE80211_RX_RA_MATCH;
2583 } 2581 }
2584 break; 2582 break;
2585 case NL80211_IFTYPE_WDS: 2583 case NL80211_IFTYPE_WDS:
@@ -2598,6 +2596,51 @@ static int prepare_for_handlers(struct ieee80211_sub_if_data *sdata,
2598} 2596}
2599 2597
2600/* 2598/*
2599 * This function returns whether or not the SKB
2600 * was destined for RX processing or not, which,
2601 * if consume is true, is equivalent to whether
2602 * or not the skb was consumed.
2603 */
2604static bool ieee80211_prepare_and_rx_handle(struct ieee80211_rx_data *rx,
2605 struct sk_buff *skb, bool consume)
2606{
2607 struct ieee80211_local *local = rx->local;
2608 struct ieee80211_sub_if_data *sdata = rx->sdata;
2609 struct ieee80211_rx_status *status = IEEE80211_SKB_RXCB(skb);
2610 struct ieee80211_hdr *hdr = (void *)skb->data;
2611 int prepares;
2612
2613 rx->skb = skb;
2614 status->rx_flags |= IEEE80211_RX_RA_MATCH;
2615 prepares = prepare_for_handlers(rx, hdr);
2616
2617 if (!prepares)
2618 return false;
2619
2620 if (status->flag & RX_FLAG_MMIC_ERROR) {
2621 if (status->rx_flags & IEEE80211_RX_RA_MATCH)
2622 ieee80211_rx_michael_mic_report(hdr, rx);
2623 return false;
2624 }
2625
2626 if (!consume) {
2627 skb = skb_copy(skb, GFP_ATOMIC);
2628 if (!skb) {
2629 if (net_ratelimit())
2630 wiphy_debug(local->hw.wiphy,
2631 "failed to copy multicast frame for %s\n",
2632 sdata->name);
2633 return true;
2634 }
2635
2636 rx->skb = skb;
2637 }
2638
2639 ieee80211_invoke_rx_handlers(rx);
2640 return true;
2641}
2642
2643/*
2601 * This is the actual Rx frames handler. as it blongs to Rx path it must 2644 * This is the actual Rx frames handler. as it blongs to Rx path it must
2602 * be called with rcu_read_lock protection. 2645 * be called with rcu_read_lock protection.
2603 */ 2646 */
@@ -2610,11 +2653,8 @@ static void __ieee80211_rx_handle_packet(struct ieee80211_hw *hw,
2610 struct ieee80211_hdr *hdr; 2653 struct ieee80211_hdr *hdr;
2611 __le16 fc; 2654 __le16 fc;
2612 struct ieee80211_rx_data rx; 2655 struct ieee80211_rx_data rx;
2613 int prepares; 2656 struct ieee80211_sub_if_data *prev;
2614 struct ieee80211_sub_if_data *prev = NULL; 2657 struct sta_info *sta, *tmp, *prev_sta;
2615 struct sk_buff *skb_new;
2616 struct sta_info *sta, *tmp;
2617 bool found_sta = false;
2618 int err = 0; 2658 int err = 0;
2619 2659
2620 fc = ((struct ieee80211_hdr *)skb->data)->frame_control; 2660 fc = ((struct ieee80211_hdr *)skb->data)->frame_control;
@@ -2627,7 +2667,7 @@ static void __ieee80211_rx_handle_packet(struct ieee80211_hw *hw,
2627 2667
2628 if (unlikely(test_bit(SCAN_HW_SCANNING, &local->scanning) || 2668 if (unlikely(test_bit(SCAN_HW_SCANNING, &local->scanning) ||
2629 test_bit(SCAN_OFF_CHANNEL, &local->scanning))) 2669 test_bit(SCAN_OFF_CHANNEL, &local->scanning)))
2630 rx.flags |= IEEE80211_RX_IN_SCAN; 2670 status->rx_flags |= IEEE80211_RX_IN_SCAN;
2631 2671
2632 if (ieee80211_is_mgmt(fc)) 2672 if (ieee80211_is_mgmt(fc))
2633 err = skb_linearize(skb); 2673 err = skb_linearize(skb);
@@ -2644,90 +2684,67 @@ static void __ieee80211_rx_handle_packet(struct ieee80211_hw *hw,
2644 ieee80211_verify_alignment(&rx); 2684 ieee80211_verify_alignment(&rx);
2645 2685
2646 if (ieee80211_is_data(fc)) { 2686 if (ieee80211_is_data(fc)) {
2687 prev_sta = NULL;
2688
2647 for_each_sta_info(local, hdr->addr2, sta, tmp) { 2689 for_each_sta_info(local, hdr->addr2, sta, tmp) {
2648 rx.sta = sta; 2690 if (!prev_sta) {
2649 found_sta = true; 2691 prev_sta = sta;
2650 rx.sdata = sta->sdata;
2651
2652 rx.flags |= IEEE80211_RX_RA_MATCH;
2653 prepares = prepare_for_handlers(rx.sdata, &rx, hdr);
2654 if (prepares) {
2655 if (status->flag & RX_FLAG_MMIC_ERROR) {
2656 if (rx.flags & IEEE80211_RX_RA_MATCH)
2657 ieee80211_rx_michael_mic_report(hdr, &rx);
2658 } else
2659 prev = rx.sdata;
2660 }
2661 }
2662 }
2663 if (!found_sta) {
2664 list_for_each_entry_rcu(sdata, &local->interfaces, list) {
2665 if (!ieee80211_sdata_running(sdata))
2666 continue; 2692 continue;
2693 }
2667 2694
2668 if (sdata->vif.type == NL80211_IFTYPE_MONITOR || 2695 rx.sta = prev_sta;
2669 sdata->vif.type == NL80211_IFTYPE_AP_VLAN) 2696 rx.sdata = prev_sta->sdata;
2670 continue; 2697 ieee80211_prepare_and_rx_handle(&rx, skb, false);
2671 2698
2672 /* 2699 prev_sta = sta;
2673 * frame is destined for this interface, but if it's 2700 }
2674 * not also for the previous one we handle that after
2675 * the loop to avoid copying the SKB once too much
2676 */
2677 2701
2678 if (!prev) { 2702 if (prev_sta) {
2679 prev = sdata; 2703 rx.sta = prev_sta;
2680 continue; 2704 rx.sdata = prev_sta->sdata;
2681 }
2682 2705
2683 rx.sta = sta_info_get_bss(prev, hdr->addr2); 2706 if (ieee80211_prepare_and_rx_handle(&rx, skb, true))
2707 return;
2708 }
2709 }
2684 2710
2685 rx.flags |= IEEE80211_RX_RA_MATCH; 2711 prev = NULL;
2686 prepares = prepare_for_handlers(prev, &rx, hdr);
2687 2712
2688 if (!prepares) 2713 list_for_each_entry_rcu(sdata, &local->interfaces, list) {
2689 goto next; 2714 if (!ieee80211_sdata_running(sdata))
2715 continue;
2690 2716
2691 if (status->flag & RX_FLAG_MMIC_ERROR) { 2717 if (sdata->vif.type == NL80211_IFTYPE_MONITOR ||
2692 rx.sdata = prev; 2718 sdata->vif.type == NL80211_IFTYPE_AP_VLAN)
2693 if (rx.flags & IEEE80211_RX_RA_MATCH) 2719 continue;
2694 ieee80211_rx_michael_mic_report(hdr,
2695 &rx);
2696 goto next;
2697 }
2698 2720
2699 /* 2721 /*
2700 * frame was destined for the previous interface 2722 * frame is destined for this interface, but if it's
2701 * so invoke RX handlers for it 2723 * not also for the previous one we handle that after
2702 */ 2724 * the loop to avoid copying the SKB once too much
2725 */
2703 2726
2704 skb_new = skb_copy(skb, GFP_ATOMIC); 2727 if (!prev) {
2705 if (!skb_new) {
2706 if (net_ratelimit())
2707 wiphy_debug(local->hw.wiphy,
2708 "failed to copy multicast frame for %s\n",
2709 prev->name);
2710 goto next;
2711 }
2712 ieee80211_invoke_rx_handlers(prev, &rx, skb_new);
2713next:
2714 prev = sdata; 2728 prev = sdata;
2729 continue;
2715 } 2730 }
2716 2731
2717 if (prev) { 2732 rx.sta = sta_info_get_bss(prev, hdr->addr2);
2718 rx.sta = sta_info_get_bss(prev, hdr->addr2); 2733 rx.sdata = prev;
2734 ieee80211_prepare_and_rx_handle(&rx, skb, false);
2719 2735
2720 rx.flags |= IEEE80211_RX_RA_MATCH; 2736 prev = sdata;
2721 prepares = prepare_for_handlers(prev, &rx, hdr); 2737 }
2722 2738
2723 if (!prepares) 2739 if (prev) {
2724 prev = NULL; 2740 rx.sta = sta_info_get_bss(prev, hdr->addr2);
2725 } 2741 rx.sdata = prev;
2742
2743 if (ieee80211_prepare_and_rx_handle(&rx, skb, true))
2744 return;
2726 } 2745 }
2727 if (prev) 2746
2728 ieee80211_invoke_rx_handlers(prev, &rx, skb); 2747 dev_kfree_skb(skb);
2729 else
2730 dev_kfree_skb(skb);
2731} 2748}
2732 2749
2733/* 2750/*
@@ -2801,6 +2818,8 @@ void ieee80211_rx(struct ieee80211_hw *hw, struct sk_buff *skb)
2801 } 2818 }
2802 } 2819 }
2803 2820
2821 status->rx_flags = 0;
2822
2804 /* 2823 /*
2805 * key references and virtual interfaces are protected using RCU 2824 * key references and virtual interfaces are protected using RCU
2806 * and this requires that we are in a read-side RCU section during 2825 * and this requires that we are in a read-side RCU section during
diff --git a/net/mac80211/scan.c b/net/mac80211/scan.c
index d60389ba9b95..5171a9581631 100644
--- a/net/mac80211/scan.c
+++ b/net/mac80211/scan.c
@@ -242,7 +242,8 @@ static bool ieee80211_prep_hw_scan(struct ieee80211_local *local)
242 local->hw_scan_req->n_channels = n_chans; 242 local->hw_scan_req->n_channels = n_chans;
243 243
244 ielen = ieee80211_build_preq_ies(local, (u8 *)local->hw_scan_req->ie, 244 ielen = ieee80211_build_preq_ies(local, (u8 *)local->hw_scan_req->ie,
245 req->ie, req->ie_len, band); 245 req->ie, req->ie_len, band, (u32) -1,
246 0);
246 local->hw_scan_req->ie_len = ielen; 247 local->hw_scan_req->ie_len = ielen;
247 248
248 return true; 249 return true;
diff --git a/net/mac80211/sta_info.c b/net/mac80211/sta_info.c
index 44e10a9de0a7..ca2cba9cea87 100644
--- a/net/mac80211/sta_info.c
+++ b/net/mac80211/sta_info.c
@@ -838,13 +838,20 @@ void ieee80211_sta_expire(struct ieee80211_sub_if_data *sdata,
838 mutex_unlock(&local->sta_mtx); 838 mutex_unlock(&local->sta_mtx);
839} 839}
840 840
841struct ieee80211_sta *ieee80211_find_sta_by_hw(struct ieee80211_hw *hw, 841struct ieee80211_sta *ieee80211_find_sta_by_ifaddr(struct ieee80211_hw *hw,
842 const u8 *addr) 842 const u8 *addr,
843 const u8 *localaddr)
843{ 844{
844 struct sta_info *sta, *nxt; 845 struct sta_info *sta, *nxt;
845 846
846 /* Just return a random station ... first in list ... */ 847 /*
848 * Just return a random station if localaddr is NULL
849 * ... first in list.
850 */
847 for_each_sta_info(hw_to_local(hw), addr, sta, nxt) { 851 for_each_sta_info(hw_to_local(hw), addr, sta, nxt) {
852 if (localaddr &&
853 compare_ether_addr(sta->sdata->vif.addr, localaddr) != 0)
854 continue;
848 if (!sta->uploaded) 855 if (!sta->uploaded)
849 return NULL; 856 return NULL;
850 return &sta->sta; 857 return &sta->sta;
@@ -852,7 +859,7 @@ struct ieee80211_sta *ieee80211_find_sta_by_hw(struct ieee80211_hw *hw,
852 859
853 return NULL; 860 return NULL;
854} 861}
855EXPORT_SYMBOL_GPL(ieee80211_find_sta_by_hw); 862EXPORT_SYMBOL_GPL(ieee80211_find_sta_by_ifaddr);
856 863
857struct ieee80211_sta *ieee80211_find_sta(struct ieee80211_vif *vif, 864struct ieee80211_sta *ieee80211_find_sta(struct ieee80211_vif *vif,
858 const u8 *addr) 865 const u8 *addr)
diff --git a/net/mac80211/status.c b/net/mac80211/status.c
index 571b32bfc54c..dd85006c4fe8 100644
--- a/net/mac80211/status.c
+++ b/net/mac80211/status.c
@@ -58,6 +58,7 @@ static void ieee80211_handle_filtered_frame(struct ieee80211_local *local,
58 info->control.vif = &sta->sdata->vif; 58 info->control.vif = &sta->sdata->vif;
59 info->flags |= IEEE80211_TX_INTFL_NEED_TXPROCESSING | 59 info->flags |= IEEE80211_TX_INTFL_NEED_TXPROCESSING |
60 IEEE80211_TX_INTFL_RETRANSMISSION; 60 IEEE80211_TX_INTFL_RETRANSMISSION;
61 info->flags &= ~IEEE80211_TX_TEMPORARY_FLAGS;
61 62
62 sta->tx_filtered_count++; 63 sta->tx_filtered_count++;
63 64
diff --git a/net/mac80211/util.c b/net/mac80211/util.c
index 737f4267c335..aba025d748e9 100644
--- a/net/mac80211/util.c
+++ b/net/mac80211/util.c
@@ -895,26 +895,34 @@ void ieee80211_send_auth(struct ieee80211_sub_if_data *sdata,
895 895
896int ieee80211_build_preq_ies(struct ieee80211_local *local, u8 *buffer, 896int ieee80211_build_preq_ies(struct ieee80211_local *local, u8 *buffer,
897 const u8 *ie, size_t ie_len, 897 const u8 *ie, size_t ie_len,
898 enum ieee80211_band band) 898 enum ieee80211_band band, u32 rate_mask,
899 u8 channel)
899{ 900{
900 struct ieee80211_supported_band *sband; 901 struct ieee80211_supported_band *sband;
901 u8 *pos; 902 u8 *pos;
902 size_t offset = 0, noffset; 903 size_t offset = 0, noffset;
903 int supp_rates_len, i; 904 int supp_rates_len, i;
905 u8 rates[32];
906 int num_rates;
907 int ext_rates_len;
904 908
905 sband = local->hw.wiphy->bands[band]; 909 sband = local->hw.wiphy->bands[band];
906 910
907 pos = buffer; 911 pos = buffer;
908 912
909 supp_rates_len = min_t(int, sband->n_bitrates, 8); 913 num_rates = 0;
914 for (i = 0; i < sband->n_bitrates; i++) {
915 if ((BIT(i) & rate_mask) == 0)
916 continue; /* skip rate */
917 rates[num_rates++] = (u8) (sband->bitrates[i].bitrate / 5);
918 }
919
920 supp_rates_len = min_t(int, num_rates, 8);
910 921
911 *pos++ = WLAN_EID_SUPP_RATES; 922 *pos++ = WLAN_EID_SUPP_RATES;
912 *pos++ = supp_rates_len; 923 *pos++ = supp_rates_len;
913 924 memcpy(pos, rates, supp_rates_len);
914 for (i = 0; i < supp_rates_len; i++) { 925 pos += supp_rates_len;
915 int rate = sband->bitrates[i].bitrate;
916 *pos++ = (u8) (rate / 5);
917 }
918 926
919 /* insert "request information" if in custom IEs */ 927 /* insert "request information" if in custom IEs */
920 if (ie && ie_len) { 928 if (ie && ie_len) {
@@ -932,14 +940,18 @@ int ieee80211_build_preq_ies(struct ieee80211_local *local, u8 *buffer,
932 offset = noffset; 940 offset = noffset;
933 } 941 }
934 942
935 if (sband->n_bitrates > i) { 943 ext_rates_len = num_rates - supp_rates_len;
944 if (ext_rates_len > 0) {
936 *pos++ = WLAN_EID_EXT_SUPP_RATES; 945 *pos++ = WLAN_EID_EXT_SUPP_RATES;
937 *pos++ = sband->n_bitrates - i; 946 *pos++ = ext_rates_len;
947 memcpy(pos, rates + supp_rates_len, ext_rates_len);
948 pos += ext_rates_len;
949 }
938 950
939 for (; i < sband->n_bitrates; i++) { 951 if (channel && sband->band == IEEE80211_BAND_2GHZ) {
940 int rate = sband->bitrates[i].bitrate; 952 *pos++ = WLAN_EID_DS_PARAMS;
941 *pos++ = (u8) (rate / 5); 953 *pos++ = 1;
942 } 954 *pos++ = channel;
943 } 955 }
944 956
945 /* insert custom IEs that go before HT */ 957 /* insert custom IEs that go before HT */
@@ -1008,6 +1020,7 @@ void ieee80211_send_probe_req(struct ieee80211_sub_if_data *sdata, u8 *dst,
1008 struct ieee80211_mgmt *mgmt; 1020 struct ieee80211_mgmt *mgmt;
1009 size_t buf_len; 1021 size_t buf_len;
1010 u8 *buf; 1022 u8 *buf;
1023 u8 chan;
1011 1024
1012 /* FIXME: come up with a proper value */ 1025 /* FIXME: come up with a proper value */
1013 buf = kmalloc(200 + ie_len, GFP_KERNEL); 1026 buf = kmalloc(200 + ie_len, GFP_KERNEL);
@@ -1017,8 +1030,14 @@ void ieee80211_send_probe_req(struct ieee80211_sub_if_data *sdata, u8 *dst,
1017 return; 1030 return;
1018 } 1031 }
1019 1032
1033 chan = ieee80211_frequency_to_channel(
1034 local->hw.conf.channel->center_freq);
1035
1020 buf_len = ieee80211_build_preq_ies(local, buf, ie, ie_len, 1036 buf_len = ieee80211_build_preq_ies(local, buf, ie, ie_len,
1021 local->hw.conf.channel->band); 1037 local->hw.conf.channel->band,
1038 sdata->rc_rateidx_mask
1039 [local->hw.conf.channel->band],
1040 chan);
1022 1041
1023 skb = ieee80211_probereq_get(&local->hw, &sdata->vif, 1042 skb = ieee80211_probereq_get(&local->hw, &sdata->vif,
1024 ssid, ssid_len, 1043 ssid, ssid_len,
diff --git a/net/mac80211/wpa.c b/net/mac80211/wpa.c
index 43882b36da55..bee230d8fd11 100644
--- a/net/mac80211/wpa.c
+++ b/net/mac80211/wpa.c
@@ -117,7 +117,7 @@ ieee80211_rx_h_michael_mic_verify(struct ieee80211_rx_data *rx)
117 key = &rx->key->conf.key[key_offset]; 117 key = &rx->key->conf.key[key_offset];
118 michael_mic(key, hdr, data, data_len, mic); 118 michael_mic(key, hdr, data, data_len, mic);
119 if (memcmp(mic, data + data_len, MICHAEL_MIC_LEN) != 0 || wpa_test) { 119 if (memcmp(mic, data + data_len, MICHAEL_MIC_LEN) != 0 || wpa_test) {
120 if (!(rx->flags & IEEE80211_RX_RA_MATCH)) 120 if (!(status->rx_flags & IEEE80211_RX_RA_MATCH))
121 return RX_DROP_UNUSABLE; 121 return RX_DROP_UNUSABLE;
122 122
123 mac80211_ev_michael_mic_failure(rx->sdata, rx->key->conf.keyidx, 123 mac80211_ev_michael_mic_failure(rx->sdata, rx->key->conf.keyidx,
diff --git a/net/wireless/ibss.c b/net/wireless/ibss.c
index 27a8ce9343c3..8cb6e08373b9 100644
--- a/net/wireless/ibss.c
+++ b/net/wireless/ibss.c
@@ -88,6 +88,25 @@ int __cfg80211_join_ibss(struct cfg80211_registered_device *rdev,
88 if (wdev->ssid_len) 88 if (wdev->ssid_len)
89 return -EALREADY; 89 return -EALREADY;
90 90
91 if (!params->basic_rates) {
92 /*
93 * If no rates were explicitly configured,
94 * use the mandatory rate set for 11b or
95 * 11a for maximum compatibility.
96 */
97 struct ieee80211_supported_band *sband =
98 rdev->wiphy.bands[params->channel->band];
99 int j;
100 u32 flag = params->channel->band == IEEE80211_BAND_5GHZ ?
101 IEEE80211_RATE_MANDATORY_A :
102 IEEE80211_RATE_MANDATORY_B;
103
104 for (j = 0; j < sband->n_bitrates; j++) {
105 if (sband->bitrates[j].flags & flag)
106 params->basic_rates |= BIT(j);
107 }
108 }
109
91 if (WARN_ON(wdev->connect_keys)) 110 if (WARN_ON(wdev->connect_keys))
92 kfree(wdev->connect_keys); 111 kfree(wdev->connect_keys);
93 wdev->connect_keys = connkeys; 112 wdev->connect_keys = connkeys;
diff --git a/net/wireless/nl80211.c b/net/wireless/nl80211.c
index f15b1af2c768..9c84825803ce 100644
--- a/net/wireless/nl80211.c
+++ b/net/wireless/nl80211.c
@@ -4119,23 +4119,6 @@ static int nl80211_join_ibss(struct sk_buff *skb, struct genl_info *info)
4119 goto out; 4119 goto out;
4120 } 4120 }
4121 } 4121 }
4122 } else {
4123 /*
4124 * If no rates were explicitly configured,
4125 * use the mandatory rate set for 11b or
4126 * 11a for maximum compatibility.
4127 */
4128 struct ieee80211_supported_band *sband =
4129 wiphy->bands[ibss.channel->band];
4130 int j;
4131 u32 flag = ibss.channel->band == IEEE80211_BAND_5GHZ ?
4132 IEEE80211_RATE_MANDATORY_A :
4133 IEEE80211_RATE_MANDATORY_B;
4134
4135 for (j = 0; j < sband->n_bitrates; j++) {
4136 if (sband->bitrates[j].flags & flag)
4137 ibss.basic_rates |= BIT(j);
4138 }
4139 } 4122 }
4140 4123
4141 err = cfg80211_join_ibss(rdev, dev, &ibss, connkeys); 4124 err = cfg80211_join_ibss(rdev, dev, &ibss, connkeys);
@@ -4990,7 +4973,7 @@ static int nl80211_set_power_save(struct sk_buff *skb, struct genl_info *info)
4990 4973
4991 err = get_rdev_dev_by_info_ifindex(info, &rdev, &dev); 4974 err = get_rdev_dev_by_info_ifindex(info, &rdev, &dev);
4992 if (err) 4975 if (err)
4993 goto unlock_rdev; 4976 goto unlock_rtnl;
4994 4977
4995 wdev = dev->ieee80211_ptr; 4978 wdev = dev->ieee80211_ptr;
4996 4979
@@ -5014,6 +4997,7 @@ static int nl80211_set_power_save(struct sk_buff *skb, struct genl_info *info)
5014unlock_rdev: 4997unlock_rdev:
5015 cfg80211_unlock_rdev(rdev); 4998 cfg80211_unlock_rdev(rdev);
5016 dev_put(dev); 4999 dev_put(dev);
5000unlock_rtnl:
5017 rtnl_unlock(); 5001 rtnl_unlock();
5018 5002
5019out: 5003out: