aboutsummaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
Diffstat
-rw-r--r--Documentation/nfc/nfc-hci.txt129
-rw-r--r--Documentation/nfc/nfc-pn544.txt84
-rw-r--r--MAINTAINERS8
-rw-r--r--arch/mips/bcm47xx/serial.c2
-rw-r--r--drivers/bcma/Kconfig3
-rw-r--r--drivers/bcma/bcma_private.h3
-rw-r--r--drivers/bcma/driver_chipcommon.c2
-rw-r--r--drivers/bcma/driver_chipcommon_sflash.c2
-rw-r--r--drivers/bcma/driver_gpio.c11
-rw-r--r--drivers/bcma/driver_mips.c195
-rw-r--r--drivers/bcma/driver_pci_host.c62
-rw-r--r--drivers/bcma/main.c12
-rw-r--r--drivers/bluetooth/ath3k.c10
-rw-r--r--drivers/bluetooth/btusb.c5
-rw-r--r--drivers/net/wireless/ath/Kconfig1
-rw-r--r--drivers/net/wireless/ath/Makefile1
-rw-r--r--drivers/net/wireless/ath/ath5k/base.c5
-rw-r--r--drivers/net/wireless/ath/ath6kl/cfg80211.c16
-rw-r--r--drivers/net/wireless/ath/ath9k/Kconfig5
-rw-r--r--drivers/net/wireless/ath/ath9k/ahb.c22
-rw-r--r--drivers/net/wireless/ath/ath9k/ani.c33
-rw-r--r--drivers/net/wireless/ath/ath9k/ani.h8
-rw-r--r--drivers/net/wireless/ath/ath9k/ar5008_initvals.h8
-rw-r--r--drivers/net/wireless/ath/ath9k/ar5008_phy.c50
-rw-r--r--drivers/net/wireless/ath/ath9k/ar9001_initvals.h4
-rw-r--r--drivers/net/wireless/ath/ath9k/ar9002_hw.c23
-rw-r--r--drivers/net/wireless/ath/ath9k/ar9002_phy.c66
-rw-r--r--drivers/net/wireless/ath/ath9k/ar9003_2p2_initvals.h180
-rw-r--r--drivers/net/wireless/ath/ath9k/ar9003_calib.c145
-rw-r--r--drivers/net/wireless/ath/ath9k/ar9003_eeprom.c128
-rw-r--r--drivers/net/wireless/ath/ath9k/ar9003_hw.c71
-rw-r--r--drivers/net/wireless/ath/ath9k/ar9003_phy.c122
-rw-r--r--drivers/net/wireless/ath/ath9k/ar9003_phy.h2
-rw-r--r--drivers/net/wireless/ath/ath9k/ar9340_initvals.h100
-rw-r--r--drivers/net/wireless/ath/ath9k/ar9485_initvals.h146
-rw-r--r--drivers/net/wireless/ath/ath9k/ar955x_1p0_initvals.h132
-rw-r--r--drivers/net/wireless/ath/ath9k/ar9580_1p0_initvals.h76
-rw-r--r--drivers/net/wireless/ath/ath9k/ath9k.h166
-rw-r--r--drivers/net/wireless/ath/ath9k/beacon.c4
-rw-r--r--drivers/net/wireless/ath/ath9k/debug.c305
-rw-r--r--drivers/net/wireless/ath/ath9k/debug.h9
-rw-r--r--drivers/net/wireless/ath/ath9k/htc_drv_init.c8
-rw-r--r--drivers/net/wireless/ath/ath9k/htc_drv_main.c4
-rw-r--r--drivers/net/wireless/ath/ath9k/htc_hst.c2
-rw-r--r--drivers/net/wireless/ath/ath9k/hw-ops.h16
-rw-r--r--drivers/net/wireless/ath/ath9k/hw.c48
-rw-r--r--drivers/net/wireless/ath/ath9k/hw.h59
-rw-r--r--drivers/net/wireless/ath/ath9k/init.c123
-rw-r--r--drivers/net/wireless/ath/ath9k/mac.c8
-rw-r--r--drivers/net/wireless/ath/ath9k/mac.h3
-rw-r--r--drivers/net/wireless/ath/ath9k/main.c152
-rw-r--r--drivers/net/wireless/ath/ath9k/mci.c7
-rw-r--r--drivers/net/wireless/ath/ath9k/pci.c39
-rw-r--r--drivers/net/wireless/ath/ath9k/recv.c180
-rw-r--r--drivers/net/wireless/ath/ath9k/reg.h7
-rw-r--r--drivers/net/wireless/ath/ath9k/xmit.c145
-rw-r--r--drivers/net/wireless/ath/carl9170/carl9170.h19
-rw-r--r--drivers/net/wireless/ath/carl9170/fw.c43
-rw-r--r--drivers/net/wireless/ath/carl9170/fwcmd.h8
-rw-r--r--drivers/net/wireless/ath/carl9170/hw.h2
-rw-r--r--drivers/net/wireless/ath/carl9170/main.c113
-rw-r--r--drivers/net/wireless/ath/carl9170/tx.c133
-rw-r--r--drivers/net/wireless/ath/carl9170/version.h6
-rw-r--r--drivers/net/wireless/ath/regd.c37
-rw-r--r--drivers/net/wireless/ath/regd.h10
-rw-r--r--drivers/net/wireless/ath/wil6210/Kconfig29
-rw-r--r--drivers/net/wireless/ath/wil6210/Makefile13
-rw-r--r--drivers/net/wireless/ath/wil6210/cfg80211.c572
-rw-r--r--drivers/net/wireless/ath/wil6210/dbg_hexdump.h30
-rw-r--r--drivers/net/wireless/ath/wil6210/debugfs.c603
-rw-r--r--drivers/net/wireless/ath/wil6210/interrupt.c490
-rw-r--r--drivers/net/wireless/ath/wil6210/main.c410
-rw-r--r--drivers/net/wireless/ath/wil6210/netdev.c132
-rw-r--r--drivers/net/wireless/ath/wil6210/pcie_bus.c223
-rw-r--r--drivers/net/wireless/ath/wil6210/txrx.c826
-rw-r--r--drivers/net/wireless/ath/wil6210/txrx.h362
-rw-r--r--drivers/net/wireless/ath/wil6210/wil6210.h363
-rw-r--r--drivers/net/wireless/ath/wil6210/wmi.c1024
-rw-r--r--drivers/net/wireless/ath/wil6210/wmi.h1116
-rw-r--r--drivers/net/wireless/b43/b43.h5
-rw-r--r--drivers/net/wireless/b43/main.c54
-rw-r--r--drivers/net/wireless/b43/main.h5
-rw-r--r--drivers/net/wireless/b43/tables_nphy.c30
-rw-r--r--drivers/net/wireless/brcm80211/brcmfmac/bcmsdh.c2
-rw-r--r--drivers/net/wireless/brcm80211/brcmfmac/bcmsdh_sdmmc.c2
-rw-r--r--drivers/net/wireless/brcm80211/brcmfmac/dhd.h39
-rw-r--r--drivers/net/wireless/brcm80211/brcmfmac/dhd_bus.h19
-rw-r--r--drivers/net/wireless/brcm80211/brcmfmac/dhd_cdc.c48
-rw-r--r--drivers/net/wireless/brcm80211/brcmfmac/dhd_common.c2
-rw-r--r--drivers/net/wireless/brcm80211/brcmfmac/dhd_dbg.h35
-rw-r--r--drivers/net/wireless/brcm80211/brcmfmac/dhd_linux.c90
-rw-r--r--drivers/net/wireless/brcm80211/brcmfmac/dhd_sdio.c24
-rw-r--r--drivers/net/wireless/brcm80211/brcmfmac/sdio_chip.c2
-rw-r--r--drivers/net/wireless/brcm80211/brcmfmac/usb.c27
-rw-r--r--drivers/net/wireless/brcm80211/brcmfmac/wl_cfg80211.c99
-rw-r--r--drivers/net/wireless/brcm80211/brcmsmac/ampdu.c7
-rw-r--r--drivers/net/wireless/brcm80211/brcmsmac/channel.c13
-rw-r--r--drivers/net/wireless/brcm80211/brcmsmac/debug.h1
-rw-r--r--drivers/net/wireless/brcm80211/brcmsmac/mac80211_if.c19
-rw-r--r--drivers/net/wireless/brcm80211/brcmsmac/main.c9
-rw-r--r--drivers/net/wireless/brcm80211/brcmsmac/phy/phy_lcn.c4
-rw-r--r--drivers/net/wireless/brcm80211/brcmsmac/scb.h1
-rw-r--r--drivers/net/wireless/iwlegacy/3945-mac.c8
-rw-r--r--drivers/net/wireless/iwlegacy/4965-mac.c13
-rw-r--r--drivers/net/wireless/iwlegacy/4965.c3
-rw-r--r--drivers/net/wireless/iwlegacy/commands.h2
-rw-r--r--drivers/net/wireless/iwlegacy/common.c71
-rw-r--r--drivers/net/wireless/iwlegacy/common.h1
-rw-r--r--drivers/net/wireless/iwlwifi/dvm/mac80211.c5
-rw-r--r--drivers/net/wireless/iwlwifi/dvm/tx.c26
-rw-r--r--drivers/net/wireless/iwlwifi/pcie/rx.c1
-rw-r--r--drivers/net/wireless/libertas/cfg.c33
-rw-r--r--drivers/net/wireless/libertas/cfg.h3
-rw-r--r--drivers/net/wireless/mac80211_hwsim.c177
-rw-r--r--drivers/net/wireless/mwifiex/11n.c4
-rw-r--r--drivers/net/wireless/mwifiex/11n_aggr.c6
-rw-r--r--drivers/net/wireless/mwifiex/cfg80211.c27
-rw-r--r--drivers/net/wireless/mwifiex/decl.h18
-rw-r--r--drivers/net/wireless/mwifiex/fw.h14
-rw-r--r--drivers/net/wireless/mwifiex/init.c6
-rw-r--r--drivers/net/wireless/mwifiex/ioctl.h3
-rw-r--r--drivers/net/wireless/mwifiex/join.c34
-rw-r--r--drivers/net/wireless/mwifiex/main.h6
-rw-r--r--drivers/net/wireless/mwifiex/pcie.c658
-rw-r--r--drivers/net/wireless/mwifiex/pcie.h33
-rw-r--r--drivers/net/wireless/mwifiex/sdio.c10
-rw-r--r--drivers/net/wireless/mwifiex/sta_cmd.c10
-rw-r--r--drivers/net/wireless/mwifiex/sta_ioctl.c35
-rw-r--r--drivers/net/wireless/mwifiex/txrx.c6
-rw-r--r--drivers/net/wireless/mwifiex/uap_cmd.c44
-rw-r--r--drivers/net/wireless/mwifiex/usb.c34
-rw-r--r--drivers/net/wireless/mwifiex/util.h8
-rw-r--r--drivers/net/wireless/mwifiex/wmm.c8
-rw-r--r--drivers/net/wireless/mwl8k.c322
-rw-r--r--drivers/net/wireless/p54/p54pci.c7
-rw-r--r--drivers/net/wireless/p54/p54usb.c4
-rw-r--r--drivers/net/wireless/prism54/isl_ioctl.c1
-rw-r--r--drivers/net/wireless/ray_cs.c19
-rw-r--r--drivers/net/wireless/rt2x00/rt2800lib.c816
-rw-r--r--drivers/net/wireless/rt2x00/rt2800lib.h8
-rw-r--r--drivers/net/wireless/rt2x00/rt2800pci.c35
-rw-r--r--drivers/net/wireless/rt2x00/rt2800usb.c18
-rw-r--r--drivers/net/wireless/rt2x00/rt2x00.h26
-rw-r--r--drivers/net/wireless/rt2x00/rt2x00dev.c108
-rw-r--r--drivers/net/wireless/rt2x00/rt2x00mac.c6
-rw-r--r--drivers/net/wireless/rt2x00/rt2x00queue.c47
-rw-r--r--drivers/net/wireless/rtlwifi/Kconfig4
-rw-r--r--drivers/net/wireless/rtlwifi/core.c4
-rw-r--r--drivers/net/wireless/rtlwifi/pci.c6
-rw-r--r--drivers/net/wireless/rtlwifi/rc.c15
-rw-r--r--drivers/net/wireless/rtlwifi/regd.c37
-rw-r--r--drivers/net/wireless/rtlwifi/regd.h6
-rw-r--r--drivers/net/wireless/rtlwifi/rtl8192c/phy_common.c2
-rw-r--r--drivers/net/wireless/rtlwifi/rtl8192ce/trx.c11
-rw-r--r--drivers/net/wireless/rtlwifi/rtl8192de/trx.c12
-rw-r--r--drivers/net/wireless/rtlwifi/rtl8192se/trx.c15
-rw-r--r--drivers/net/wireless/rtlwifi/rtl8723ae/fw.c6
-rw-r--r--drivers/net/wireless/rtlwifi/rtl8723ae/phy.c2
-rw-r--r--drivers/net/wireless/rtlwifi/rtl8723ae/trx.c12
-rw-r--r--drivers/net/wireless/rtlwifi/usb.c8
-rw-r--r--drivers/net/wireless/ti/wl1251/Kconfig2
-rw-r--r--drivers/net/wireless/ti/wl12xx/Makefile2
-rw-r--r--drivers/net/wireless/ti/wl12xx/cmd.c37
-rw-r--r--drivers/net/wireless/ti/wl12xx/cmd.h20
-rw-r--r--drivers/net/wireless/ti/wl12xx/event.c116
-rw-r--r--drivers/net/wireless/ti/wl12xx/event.h111
-rw-r--r--drivers/net/wireless/ti/wl12xx/main.c192
-rw-r--r--drivers/net/wireless/ti/wl12xx/scan.c501
-rw-r--r--drivers/net/wireless/ti/wl12xx/scan.h140
-rw-r--r--drivers/net/wireless/ti/wl12xx/wl12xx.h40
-rw-r--r--drivers/net/wireless/ti/wl18xx/Makefile2
-rw-r--r--drivers/net/wireless/ti/wl18xx/acx.c87
-rw-r--r--drivers/net/wireless/ti/wl18xx/acx.h55
-rw-r--r--drivers/net/wireless/ti/wl18xx/cmd.c80
-rw-r--r--drivers/net/wireless/ti/wl18xx/cmd.h52
-rw-r--r--drivers/net/wireless/ti/wl18xx/conf.h21
-rw-r--r--drivers/net/wireless/ti/wl18xx/event.c111
-rw-r--r--drivers/net/wireless/ti/wl18xx/event.h77
-rw-r--r--drivers/net/wireless/ti/wl18xx/main.c267
-rw-r--r--drivers/net/wireless/ti/wl18xx/scan.c326
-rw-r--r--drivers/net/wireless/ti/wl18xx/scan.h127
-rw-r--r--drivers/net/wireless/ti/wl18xx/tx.c54
-rw-r--r--drivers/net/wireless/ti/wl18xx/wl18xx.h50
-rw-r--r--drivers/net/wireless/ti/wlcore/acx.c15
-rw-r--r--drivers/net/wireless/ti/wlcore/acx.h1
-rw-r--r--drivers/net/wireless/ti/wlcore/boot.c77
-rw-r--r--drivers/net/wireless/ti/wlcore/cmd.c419
-rw-r--r--drivers/net/wireless/ti/wlcore/cmd.h81
-rw-r--r--drivers/net/wireless/ti/wlcore/conf.h110
-rw-r--r--drivers/net/wireless/ti/wlcore/debugfs.c10
-rw-r--r--drivers/net/wireless/ti/wlcore/event.c326
-rw-r--r--drivers/net/wireless/ti/wlcore/event.h99
-rw-r--r--drivers/net/wireless/ti/wlcore/hw_ops.h41
-rw-r--r--drivers/net/wireless/ti/wlcore/init.c19
-rw-r--r--drivers/net/wireless/ti/wlcore/io.h12
-rw-r--r--drivers/net/wireless/ti/wlcore/main.c1580
-rw-r--r--drivers/net/wireless/ti/wlcore/ps.c11
-rw-r--r--drivers/net/wireless/ti/wlcore/rx.c33
-rw-r--r--drivers/net/wireless/ti/wlcore/rx.h3
-rw-r--r--drivers/net/wireless/ti/wlcore/scan.c696
-rw-r--r--drivers/net/wireless/ti/wlcore/scan.h144
-rw-r--r--drivers/net/wireless/ti/wlcore/sdio.c3
-rw-r--r--drivers/net/wireless/ti/wlcore/spi.c5
-rw-r--r--drivers/net/wireless/ti/wlcore/tx.c298
-rw-r--r--drivers/net/wireless/ti/wlcore/tx.h35
-rw-r--r--drivers/net/wireless/ti/wlcore/wlcore.h118
-rw-r--r--drivers/net/wireless/ti/wlcore/wlcore_i.h49
-rw-r--r--drivers/nfc/Kconfig15
-rw-r--r--drivers/nfc/Makefile2
-rw-r--r--drivers/nfc/nfcwilink.c10
-rw-r--r--drivers/nfc/pn533.c1593
-rw-r--r--drivers/nfc/pn544/Kconfig23
-rw-r--r--drivers/nfc/pn544/Makefile5
-rw-r--r--drivers/nfc/pn544/i2c.c44
-rw-r--r--drivers/nfc/pn544/pn544.c65
-rw-r--r--drivers/ssb/Kconfig8
-rw-r--r--drivers/ssb/Makefile1
-rw-r--r--drivers/ssb/driver_chipcommon_sflash.c140
-rw-r--r--drivers/ssb/driver_gpio.c22
-rw-r--r--drivers/ssb/driver_mipscore.c51
-rw-r--r--drivers/ssb/main.c8
-rw-r--r--drivers/ssb/ssb_private.h15
-rw-r--r--include/linux/bcma/bcma_driver_mips.h11
-rw-r--r--include/linux/bcma/bcma_driver_pci.h2
-rw-r--r--include/linux/ieee80211.h105
-rw-r--r--include/linux/ssb/ssb_driver_mips.h5
-rw-r--r--include/net/bluetooth/a2mp.h4
-rw-r--r--include/net/bluetooth/bluetooth.h23
-rw-r--r--include/net/bluetooth/hci.h18
-rw-r--r--include/net/bluetooth/hci_core.h4
-rw-r--r--include/net/bluetooth/l2cap.h1
-rw-r--r--include/net/cfg80211.h254
-rw-r--r--include/net/mac80211.h143
-rw-r--r--include/net/nfc/hci.h22
-rw-r--r--include/net/nfc/nci_core.h1
-rw-r--r--include/net/nfc/nfc.h8
-rw-r--r--include/net/regulatory.h4
-rw-r--r--include/uapi/linux/nfc.h37
-rw-r--r--include/uapi/linux/nl80211.h123
-rw-r--r--net/bluetooth/a2mp.c42
-rw-r--r--net/bluetooth/amp.c25
-rw-r--r--net/bluetooth/bnep/core.c1
-rw-r--r--net/bluetooth/hci_core.c28
-rw-r--r--net/bluetooth/hci_event.c62
-rw-r--r--net/bluetooth/hci_sysfs.c22
-rw-r--r--net/bluetooth/hidp/core.c2
-rw-r--r--net/bluetooth/l2cap_core.c16
-rw-r--r--net/bluetooth/mgmt.c270
-rw-r--r--net/bluetooth/sco.c2
-rw-r--r--net/mac80211/agg-rx.c14
-rw-r--r--net/mac80211/agg-tx.c300
-rw-r--r--net/mac80211/cfg.c179
-rw-r--r--net/mac80211/chan.c41
-rw-r--r--net/mac80211/driver-ops.h59
-rw-r--r--net/mac80211/ht.c33
-rw-r--r--net/mac80211/ibss.c66
-rw-r--r--net/mac80211/ieee80211_i.h48
-rw-r--r--net/mac80211/iface.c79
-rw-r--r--net/mac80211/key.c5
-rw-r--r--net/mac80211/main.c134
-rw-r--r--net/mac80211/mesh.c43
-rw-r--r--net/mac80211/mesh.h18
-rw-r--r--net/mac80211/mesh_hwmp.c10
-rw-r--r--net/mac80211/mesh_plink.c182
-rw-r--r--net/mac80211/mlme.c187
-rw-r--r--net/mac80211/offchannel.c34
-rw-r--r--net/mac80211/pm.c64
-rw-r--r--net/mac80211/rx.c31
-rw-r--r--net/mac80211/scan.c70
-rw-r--r--net/mac80211/sta_info.c71
-rw-r--r--net/mac80211/sta_info.h45
-rw-r--r--net/mac80211/trace.h77
-rw-r--r--net/mac80211/tx.c64
-rw-r--r--net/mac80211/util.c25
-rw-r--r--net/nfc/core.c50
-rw-r--r--net/nfc/hci/command.c7
-rw-r--r--net/nfc/hci/core.c57
-rw-r--r--net/nfc/hci/hcp.c7
-rw-r--r--net/nfc/llcp/commands.c2
-rw-r--r--net/nfc/llcp/llcp.c44
-rw-r--r--net/nfc/llcp/llcp.h1
-rw-r--r--net/nfc/llcp/sock.c22
-rw-r--r--net/nfc/nci/core.c2
-rw-r--r--net/nfc/netlink.c1
-rw-r--r--net/wireless/ap.c62
-rw-r--r--net/wireless/chan.c4
-rw-r--r--net/wireless/core.c31
-rw-r--r--net/wireless/core.h25
-rw-r--r--net/wireless/mesh.c8
-rw-r--r--net/wireless/mlme.c62
-rw-r--r--net/wireless/nl80211.c384
-rw-r--r--net/wireless/rdev-ops.h12
-rw-r--r--net/wireless/reg.c1124
-rw-r--r--net/wireless/reg.h7
-rw-r--r--net/wireless/sme.c9
-rw-r--r--net/wireless/trace.h18
-rw-r--r--net/wireless/util.c42
297 files changed, 19790 insertions, 7084 deletions
diff --git a/Documentation/nfc/nfc-hci.txt b/Documentation/nfc/nfc-hci.txt
index 89a339c9b079..0686c9e211c2 100644
--- a/Documentation/nfc/nfc-hci.txt
+++ b/Documentation/nfc/nfc-hci.txt
@@ -17,10 +17,12 @@ HCI
17HCI registers as an nfc device with NFC Core. Requests coming from userspace are 17HCI registers as an nfc device with NFC Core. Requests coming from userspace are
18routed through netlink sockets to NFC Core and then to HCI. From this point, 18routed through netlink sockets to NFC Core and then to HCI. From this point,
19they are translated in a sequence of HCI commands sent to the HCI layer in the 19they are translated in a sequence of HCI commands sent to the HCI layer in the
20host controller (the chip). The sending context blocks while waiting for the 20host controller (the chip). Commands can be executed synchronously (the sending
21response to arrive. 21context blocks waiting for response) or asynchronously (the response is returned
22from HCI Rx context).
22HCI events can also be received from the host controller. They will be handled 23HCI events can also be received from the host controller. They will be handled
23and a translation will be forwarded to NFC Core as needed. 24and a translation will be forwarded to NFC Core as needed. There are hooks to
25let the HCI driver handle proprietary events or override standard behavior.
24HCI uses 2 execution contexts: 26HCI uses 2 execution contexts:
25- one for executing commands : nfc_hci_msg_tx_work(). Only one command 27- one for executing commands : nfc_hci_msg_tx_work(). Only one command
26can be executing at any given moment. 28can be executing at any given moment.
@@ -33,6 +35,8 @@ The Session initialization is an HCI standard which must unfortunately
33support proprietary gates. This is the reason why the driver will pass a list 35support proprietary gates. This is the reason why the driver will pass a list
34of proprietary gates that must be part of the session. HCI will ensure all 36of proprietary gates that must be part of the session. HCI will ensure all
35those gates have pipes connected when the hci device is set up. 37those gates have pipes connected when the hci device is set up.
38In case the chip supports pre-opened gates and pseudo-static pipes, the driver
39can pass that information to HCI core.
36 40
37HCI Gates and Pipes 41HCI Gates and Pipes
38------------------- 42-------------------
@@ -46,6 +50,13 @@ without knowing the pipe connected to it.
46Driver interface 50Driver interface
47---------------- 51----------------
48 52
53A driver is generally written in two parts : the physical link management and
54the HCI management. This makes it easier to maintain a driver for a chip that
55can be connected using various phy (i2c, spi, ...)
56
57HCI Management
58--------------
59
49A driver would normally register itself with HCI and provide the following 60A driver would normally register itself with HCI and provide the following
50entry points: 61entry points:
51 62
@@ -53,58 +64,113 @@ struct nfc_hci_ops {
53 int (*open)(struct nfc_hci_dev *hdev); 64 int (*open)(struct nfc_hci_dev *hdev);
54 void (*close)(struct nfc_hci_dev *hdev); 65 void (*close)(struct nfc_hci_dev *hdev);
55 int (*hci_ready) (struct nfc_hci_dev *hdev); 66 int (*hci_ready) (struct nfc_hci_dev *hdev);
56 int (*xmit)(struct nfc_hci_dev *hdev, struct sk_buff *skb); 67 int (*xmit) (struct nfc_hci_dev *hdev, struct sk_buff *skb);
57 int (*start_poll)(struct nfc_hci_dev *hdev, u32 protocols); 68 int (*start_poll) (struct nfc_hci_dev *hdev,
58 int (*target_from_gate)(struct nfc_hci_dev *hdev, u8 gate, 69 u32 im_protocols, u32 tm_protocols);
59 struct nfc_target *target); 70 int (*dep_link_up)(struct nfc_hci_dev *hdev, struct nfc_target *target,
71 u8 comm_mode, u8 *gb, size_t gb_len);
72 int (*dep_link_down)(struct nfc_hci_dev *hdev);
73 int (*target_from_gate) (struct nfc_hci_dev *hdev, u8 gate,
74 struct nfc_target *target);
60 int (*complete_target_discovered) (struct nfc_hci_dev *hdev, u8 gate, 75 int (*complete_target_discovered) (struct nfc_hci_dev *hdev, u8 gate,
61 struct nfc_target *target); 76 struct nfc_target *target);
62 int (*data_exchange) (struct nfc_hci_dev *hdev, 77 int (*im_transceive) (struct nfc_hci_dev *hdev,
63 struct nfc_target *target, 78 struct nfc_target *target, struct sk_buff *skb,
64 struct sk_buff *skb, struct sk_buff **res_skb); 79 data_exchange_cb_t cb, void *cb_context);
80 int (*tm_send)(struct nfc_hci_dev *hdev, struct sk_buff *skb);
65 int (*check_presence)(struct nfc_hci_dev *hdev, 81 int (*check_presence)(struct nfc_hci_dev *hdev,
66 struct nfc_target *target); 82 struct nfc_target *target);
83 int (*event_received)(struct nfc_hci_dev *hdev, u8 gate, u8 event,
84 struct sk_buff *skb);
67}; 85};
68 86
69- open() and close() shall turn the hardware on and off. 87- open() and close() shall turn the hardware on and off.
70- hci_ready() is an optional entry point that is called right after the hci 88- hci_ready() is an optional entry point that is called right after the hci
71session has been set up. The driver can use it to do additional initialization 89session has been set up. The driver can use it to do additional initialization
72that must be performed using HCI commands. 90that must be performed using HCI commands.
73- xmit() shall simply write a frame to the chip. 91- xmit() shall simply write a frame to the physical link.
74- start_poll() is an optional entrypoint that shall set the hardware in polling 92- start_poll() is an optional entrypoint that shall set the hardware in polling
75mode. This must be implemented only if the hardware uses proprietary gates or a 93mode. This must be implemented only if the hardware uses proprietary gates or a
76mechanism slightly different from the HCI standard. 94mechanism slightly different from the HCI standard.
95- dep_link_up() is called after a p2p target has been detected, to finish
96the p2p connection setup with hardware parameters that need to be passed back
97to nfc core.
98- dep_link_down() is called to bring the p2p link down.
77- target_from_gate() is an optional entrypoint to return the nfc protocols 99- target_from_gate() is an optional entrypoint to return the nfc protocols
78corresponding to a proprietary gate. 100corresponding to a proprietary gate.
79- complete_target_discovered() is an optional entry point to let the driver 101- complete_target_discovered() is an optional entry point to let the driver
80perform additional proprietary processing necessary to auto activate the 102perform additional proprietary processing necessary to auto activate the
81discovered target. 103discovered target.
82- data_exchange() must be implemented by the driver if proprietary HCI commands 104- im_transceive() must be implemented by the driver if proprietary HCI commands
83are required to send data to the tag. Some tag types will require custom 105are required to send data to the tag. Some tag types will require custom
84commands, others can be written to using the standard HCI commands. The driver 106commands, others can be written to using the standard HCI commands. The driver
85can check the tag type and either do proprietary processing, or return 1 to ask 107can check the tag type and either do proprietary processing, or return 1 to ask
86for standard processing. 108for standard processing. The data exchange command itself must be sent
109asynchronously.
110- tm_send() is called to send data in the case of a p2p connection
87- check_presence() is an optional entry point that will be called regularly 111- check_presence() is an optional entry point that will be called regularly
88by the core to check that an activated tag is still in the field. If this is 112by the core to check that an activated tag is still in the field. If this is
89not implemented, the core will not be able to push tag_lost events to the user 113not implemented, the core will not be able to push tag_lost events to the user
90space 114space
115- event_received() is called to handle an event coming from the chip. Driver
116can handle the event or return 1 to let HCI attempt standard processing.
91 117
92On the rx path, the driver is responsible to push incoming HCP frames to HCI 118On the rx path, the driver is responsible to push incoming HCP frames to HCI
93using nfc_hci_recv_frame(). HCI will take care of re-aggregation and handling 119using nfc_hci_recv_frame(). HCI will take care of re-aggregation and handling
94This must be done from a context that can sleep. 120This must be done from a context that can sleep.
95 121
96SHDLC 122PHY Management
97----- 123--------------
124
125The physical link (i2c, ...) management is defined by the following struture:
126
127struct nfc_phy_ops {
128 int (*write)(void *dev_id, struct sk_buff *skb);
129 int (*enable)(void *dev_id);
130 void (*disable)(void *dev_id);
131};
132
133enable(): turn the phy on (power on), make it ready to transfer data
134disable(): turn the phy off
135write(): Send a data frame to the chip. Note that to enable higher
136layers such as an llc to store the frame for re-emission, this function must
137not alter the skb. It must also not return a positive result (return 0 for
138success, negative for failure).
139
140Data coming from the chip shall be sent directly to nfc_hci_recv_frame().
141
142LLC
143---
144
145Communication between the CPU and the chip often requires some link layer
146protocol. Those are isolated as modules managed by the HCI layer. There are
147currently two modules : nop (raw transfert) and shdlc.
148A new llc must implement the following functions:
149
150struct nfc_llc_ops {
151 void *(*init) (struct nfc_hci_dev *hdev, xmit_to_drv_t xmit_to_drv,
152 rcv_to_hci_t rcv_to_hci, int tx_headroom,
153 int tx_tailroom, int *rx_headroom, int *rx_tailroom,
154 llc_failure_t llc_failure);
155 void (*deinit) (struct nfc_llc *llc);
156 int (*start) (struct nfc_llc *llc);
157 int (*stop) (struct nfc_llc *llc);
158 void (*rcv_from_drv) (struct nfc_llc *llc, struct sk_buff *skb);
159 int (*xmit_from_hci) (struct nfc_llc *llc, struct sk_buff *skb);
160};
161
162- init() : allocate and init your private storage
163- deinit() : cleanup
164- start() : establish the logical connection
165- stop () : terminate the logical connection
166- rcv_from_drv() : handle data coming from the chip, going to HCI
167- xmit_from_hci() : handle data sent by HCI, going to the chip
98 168
99Most chips use shdlc to ensure integrity and delivery ordering of the HCP 169The llc must be registered with nfc before it can be used. Do that by
100frames between the host controller (the chip) and hosts (entities connected 170calling nfc_llc_register(const char *name, struct nfc_llc_ops *ops);
101to the chip, like the cpu). In order to simplify writing the driver, an shdlc 171
102layer is available for use by the driver. 172Again, note that the llc does not handle the physical link. It is thus very
103When used, the driver actually registers with shdlc, and shdlc will register 173easy to mix any physical link with any llc for a given chip driver.
104with HCI. HCI sees shdlc as the driver and thus send its HCP frames
105through shdlc->xmit.
106SHDLC adds a new execution context (nfc_shdlc_sm_work()) to run its state
107machine and handle both its rx and tx path.
108 174
109Included Drivers 175Included Drivers
110---------------- 176----------------
@@ -117,10 +183,12 @@ Execution Contexts
117 183
118The execution contexts are the following: 184The execution contexts are the following:
119- IRQ handler (IRQH): 185- IRQ handler (IRQH):
120fast, cannot sleep. stores incoming frames into an shdlc rx queue 186fast, cannot sleep. sends incoming frames to HCI where they are passed to
187the current llc. In case of shdlc, the frame is queued in shdlc rx queue.
121 188
122- SHDLC State Machine worker (SMW) 189- SHDLC State Machine worker (SMW)
123handles shdlc rx & tx queues. Dispatches HCI cmd responses. 190Only when llc_shdlc is used: handles shdlc rx & tx queues.
191Dispatches HCI cmd responses.
124 192
125- HCI Tx Cmd worker (MSGTXWQ) 193- HCI Tx Cmd worker (MSGTXWQ)
126Serializes execution of HCI commands. Completes execution in case of response 194Serializes execution of HCI commands. Completes execution in case of response
@@ -166,6 +234,15 @@ waiting command execution. Response processing involves invoking the completion
166callback that was provided by nfc_hci_msg_tx_work() when it sent the command. 234callback that was provided by nfc_hci_msg_tx_work() when it sent the command.
167The completion callback will then wake the syscall context. 235The completion callback will then wake the syscall context.
168 236
237It is also possible to execute the command asynchronously using this API:
238
239static int nfc_hci_execute_cmd_async(struct nfc_hci_dev *hdev, u8 pipe, u8 cmd,
240 const u8 *param, size_t param_len,
241 data_exchange_cb_t cb, void *cb_context)
242
243The workflow is the same, except that the API call returns immediately, and
244the callback will be called with the result from the SMW context.
245
169Workflow receiving an HCI event or command 246Workflow receiving an HCI event or command
170------------------------------------------ 247------------------------------------------
171 248
diff --git a/Documentation/nfc/nfc-pn544.txt b/Documentation/nfc/nfc-pn544.txt
index 2fcac9f5996e..b36ca14ca2d6 100644
--- a/Documentation/nfc/nfc-pn544.txt
+++ b/Documentation/nfc/nfc-pn544.txt
@@ -1,32 +1,15 @@
1Kernel driver for the NXP Semiconductors PN544 Near Field 1Kernel driver for the NXP Semiconductors PN544 Near Field
2Communication chip 2Communication chip
3 3
4Author: Jari Vanhala
5Contact: Matti Aaltonen (matti.j.aaltonen at nokia.com)
6
7General 4General
8------- 5-------
9 6
10The PN544 is an integrated transmission module for contactless 7The PN544 is an integrated transmission module for contactless
11communication. The driver goes under drives/nfc/ and is compiled as a 8communication. The driver goes under drives/nfc/ and is compiled as a
12module named "pn544". It registers a misc device and creates a device 9module named "pn544".
13file named "/dev/pn544".
14 10
15Host Interfaces: I2C, SPI and HSU, this driver supports currently only I2C. 11Host Interfaces: I2C, SPI and HSU, this driver supports currently only I2C.
16 12
17The Interface
18-------------
19
20The driver offers a sysfs interface for a hardware test and an IOCTL
21interface for selecting between two operating modes. There are read,
22write and poll functions for transferring messages. The two operating
23modes are the normal (HCI) mode and the firmware update mode.
24
25PN544 is controlled by sending messages from the userspace to the
26chip. The main function of the driver is just to pass those messages
27without caring about the message content.
28
29
30Protocols 13Protocols
31--------- 14---------
32 15
@@ -47,68 +30,3 @@ and third (LSB) bytes of the message. The maximum FW message length is
47 30
48For the ETSI HCI specification see 31For the ETSI HCI specification see
49http://www.etsi.org/WebSite/Technologies/ProtocolSpecification.aspx 32http://www.etsi.org/WebSite/Technologies/ProtocolSpecification.aspx
50
51The Hardware Test
52-----------------
53
54The idea of the test is that it can performed by reading from the
55corresponding sysfs file. The test is implemented in the board file
56and it should test that PN544 can be put into the firmware update
57mode. If the test is not implemented the sysfs file does not get
58created.
59
60Example:
61> cat /sys/module/pn544/drivers/i2c\:pn544/3-002b/nfc_test
621
63
64Normal Operation
65----------------
66
67PN544 is powered up when the device file is opened, otherwise it's
68turned off. Only one instance can use the device at a time.
69
70Userspace applications control PN544 with HCI messages. The hardware
71sends an interrupt when data is available for reading. Data is
72physically read when the read function is called by a userspace
73application. Poll() checks the read interrupt state. Configuration and
74self testing are also done from the userspace using read and write.
75
76Example platform data:
77
78static int rx71_pn544_nfc_request_resources(struct i2c_client *client)
79{
80 /* Get and setup the HW resources for the device */
81}
82
83static void rx71_pn544_nfc_free_resources(void)
84{
85 /* Release the HW resources */
86}
87
88static void rx71_pn544_nfc_enable(int fw)
89{
90 /* Turn the device on */
91}
92
93static int rx71_pn544_nfc_test(void)
94{
95 /*
96 * Put the device into the FW update mode
97 * and then back to the normal mode.
98 * Check the behavior and return one on success,
99 * zero on failure.
100 */
101}
102
103static void rx71_pn544_nfc_disable(void)
104{
105 /* turn the power off */
106}
107
108static struct pn544_nfc_platform_data rx71_nfc_data = {
109 .request_resources = rx71_pn544_nfc_request_resources,
110 .free_resources = rx71_pn544_nfc_free_resources,
111 .enable = rx71_pn544_nfc_enable,
112 .test = rx71_pn544_nfc_test,
113 .disable = rx71_pn544_nfc_disable,
114};
diff --git a/MAINTAINERS b/MAINTAINERS
index 4e2a1f67a1fc..16c3506da16c 100644
--- a/MAINTAINERS
+++ b/MAINTAINERS
@@ -1353,6 +1353,14 @@ W: http://wireless.kernel.org/en/users/Drivers/ath9k
1353S: Supported 1353S: Supported
1354F: drivers/net/wireless/ath/ath9k/ 1354F: drivers/net/wireless/ath/ath9k/
1355 1355
1356WILOCITY WIL6210 WIRELESS DRIVER
1357M: Vladimir Kondratiev <qca_vkondrat@qca.qualcomm.com>
1358L: linux-wireless@vger.kernel.org
1359L: wil6210@qca.qualcomm.com
1360S: Supported
1361W: http://wireless.kernel.org/en/users/Drivers/wil6210
1362F: drivers/net/wireless/ath/wil6210/
1363
1356CARL9170 LINUX COMMUNITY WIRELESS DRIVER 1364CARL9170 LINUX COMMUNITY WIRELESS DRIVER
1357M: Christian Lamparter <chunkeey@googlemail.com> 1365M: Christian Lamparter <chunkeey@googlemail.com>
1358L: linux-wireless@vger.kernel.org 1366L: linux-wireless@vger.kernel.org
diff --git a/arch/mips/bcm47xx/serial.c b/arch/mips/bcm47xx/serial.c
index 57981e4fe2bc..b8ef965705cf 100644
--- a/arch/mips/bcm47xx/serial.c
+++ b/arch/mips/bcm47xx/serial.c
@@ -62,7 +62,7 @@ static int __init uart8250_init_bcma(void)
62 62
63 p->mapbase = (unsigned int) bcma_port->regs; 63 p->mapbase = (unsigned int) bcma_port->regs;
64 p->membase = (void *) bcma_port->regs; 64 p->membase = (void *) bcma_port->regs;
65 p->irq = bcma_port->irq + 2; 65 p->irq = bcma_port->irq;
66 p->uartclk = bcma_port->baud_base; 66 p->uartclk = bcma_port->baud_base;
67 p->regshift = bcma_port->reg_shift; 67 p->regshift = bcma_port->reg_shift;
68 p->iotype = UPIO_MEM; 68 p->iotype = UPIO_MEM;
diff --git a/drivers/bcma/Kconfig b/drivers/bcma/Kconfig
index d7b56a88c9f4..8b4221cfd118 100644
--- a/drivers/bcma/Kconfig
+++ b/drivers/bcma/Kconfig
@@ -67,8 +67,7 @@ config BCMA_DRIVER_GMAC_CMN
67 67
68config BCMA_DRIVER_GPIO 68config BCMA_DRIVER_GPIO
69 bool "BCMA GPIO driver" 69 bool "BCMA GPIO driver"
70 depends on BCMA 70 depends on BCMA && GPIOLIB
71 select GPIOLIB
72 help 71 help
73 Driver to provide access to the GPIO pins of the bcma bus. 72 Driver to provide access to the GPIO pins of the bcma bus.
74 73
diff --git a/drivers/bcma/bcma_private.h b/drivers/bcma/bcma_private.h
index 4a2d72ec6d43..16c1dddfda00 100644
--- a/drivers/bcma/bcma_private.h
+++ b/drivers/bcma/bcma_private.h
@@ -31,6 +31,8 @@ int __init bcma_bus_early_register(struct bcma_bus *bus,
31int bcma_bus_suspend(struct bcma_bus *bus); 31int bcma_bus_suspend(struct bcma_bus *bus);
32int bcma_bus_resume(struct bcma_bus *bus); 32int bcma_bus_resume(struct bcma_bus *bus);
33#endif 33#endif
34struct bcma_device *bcma_find_core_unit(struct bcma_bus *bus, u16 coreid,
35 u8 unit);
34 36
35/* scan.c */ 37/* scan.c */
36int bcma_bus_scan(struct bcma_bus *bus); 38int bcma_bus_scan(struct bcma_bus *bus);
@@ -45,6 +47,7 @@ int bcma_sprom_get(struct bcma_bus *bus);
45/* driver_chipcommon.c */ 47/* driver_chipcommon.c */
46#ifdef CONFIG_BCMA_DRIVER_MIPS 48#ifdef CONFIG_BCMA_DRIVER_MIPS
47void bcma_chipco_serial_init(struct bcma_drv_cc *cc); 49void bcma_chipco_serial_init(struct bcma_drv_cc *cc);
50extern struct platform_device bcma_pflash_dev;
48#endif /* CONFIG_BCMA_DRIVER_MIPS */ 51#endif /* CONFIG_BCMA_DRIVER_MIPS */
49 52
50/* driver_chipcommon_pmu.c */ 53/* driver_chipcommon_pmu.c */
diff --git a/drivers/bcma/driver_chipcommon.c b/drivers/bcma/driver_chipcommon.c
index e461ad25fda4..28fa50ad87be 100644
--- a/drivers/bcma/driver_chipcommon.c
+++ b/drivers/bcma/driver_chipcommon.c
@@ -329,7 +329,7 @@ void bcma_chipco_serial_init(struct bcma_drv_cc *cc)
329 return; 329 return;
330 } 330 }
331 331
332 irq = bcma_core_mips_irq(cc->core); 332 irq = bcma_core_irq(cc->core);
333 333
334 /* Determine the registers of the UARTs */ 334 /* Determine the registers of the UARTs */
335 cc->nr_serial_ports = (cc->capabilities & BCMA_CC_CAP_NRUART); 335 cc->nr_serial_ports = (cc->capabilities & BCMA_CC_CAP_NRUART);
diff --git a/drivers/bcma/driver_chipcommon_sflash.c b/drivers/bcma/driver_chipcommon_sflash.c
index 63e688393825..1e694db4532d 100644
--- a/drivers/bcma/driver_chipcommon_sflash.c
+++ b/drivers/bcma/driver_chipcommon_sflash.c
@@ -35,7 +35,7 @@ static struct bcma_sflash_tbl_e bcma_sflash_st_tbl[] = {
35 { "M25P40", 0x12, 0x10000, 8, }, 35 { "M25P40", 0x12, 0x10000, 8, },
36 36
37 { "M25P16", 0x14, 0x10000, 32, }, 37 { "M25P16", 0x14, 0x10000, 32, },
38 { "M25P32", 0x14, 0x10000, 64, }, 38 { "M25P32", 0x15, 0x10000, 64, },
39 { "M25P64", 0x16, 0x10000, 128, }, 39 { "M25P64", 0x16, 0x10000, 128, },
40 { "M25FL128", 0x17, 0x10000, 256, }, 40 { "M25FL128", 0x17, 0x10000, 256, },
41 { 0 }, 41 { 0 },
diff --git a/drivers/bcma/driver_gpio.c b/drivers/bcma/driver_gpio.c
index 9a6f585da2d9..0b5df538dfd9 100644
--- a/drivers/bcma/driver_gpio.c
+++ b/drivers/bcma/driver_gpio.c
@@ -73,6 +73,16 @@ static void bcma_gpio_free(struct gpio_chip *chip, unsigned gpio)
73 bcma_chipco_gpio_pullup(cc, 1 << gpio, 0); 73 bcma_chipco_gpio_pullup(cc, 1 << gpio, 0);
74} 74}
75 75
76static int bcma_gpio_to_irq(struct gpio_chip *chip, unsigned gpio)
77{
78 struct bcma_drv_cc *cc = bcma_gpio_get_cc(chip);
79
80 if (cc->core->bus->hosttype == BCMA_HOSTTYPE_SOC)
81 return bcma_core_irq(cc->core);
82 else
83 return -EINVAL;
84}
85
76int bcma_gpio_init(struct bcma_drv_cc *cc) 86int bcma_gpio_init(struct bcma_drv_cc *cc)
77{ 87{
78 struct gpio_chip *chip = &cc->gpio; 88 struct gpio_chip *chip = &cc->gpio;
@@ -85,6 +95,7 @@ int bcma_gpio_init(struct bcma_drv_cc *cc)
85 chip->set = bcma_gpio_set_value; 95 chip->set = bcma_gpio_set_value;
86 chip->direction_input = bcma_gpio_direction_input; 96 chip->direction_input = bcma_gpio_direction_input;
87 chip->direction_output = bcma_gpio_direction_output; 97 chip->direction_output = bcma_gpio_direction_output;
98 chip->to_irq = bcma_gpio_to_irq;
88 chip->ngpio = 16; 99 chip->ngpio = 16;
89 /* There is just one SoC in one device and its GPIO addresses should be 100 /* There is just one SoC in one device and its GPIO addresses should be
90 * deterministic to address them more easily. The other buses could get 101 * deterministic to address them more easily. The other buses could get
diff --git a/drivers/bcma/driver_mips.c b/drivers/bcma/driver_mips.c
index 792daad28cbc..9a7f0e3ab5a3 100644
--- a/drivers/bcma/driver_mips.c
+++ b/drivers/bcma/driver_mips.c
@@ -14,11 +14,33 @@
14 14
15#include <linux/bcma/bcma.h> 15#include <linux/bcma/bcma.h>
16 16
17#include <linux/mtd/physmap.h>
18#include <linux/platform_device.h>
17#include <linux/serial.h> 19#include <linux/serial.h>
18#include <linux/serial_core.h> 20#include <linux/serial_core.h>
19#include <linux/serial_reg.h> 21#include <linux/serial_reg.h>
20#include <linux/time.h> 22#include <linux/time.h>
21 23
24static const char *part_probes[] = { "bcm47xxpart", NULL };
25
26static struct physmap_flash_data bcma_pflash_data = {
27 .part_probe_types = part_probes,
28};
29
30static struct resource bcma_pflash_resource = {
31 .name = "bcma_pflash",
32 .flags = IORESOURCE_MEM,
33};
34
35struct platform_device bcma_pflash_dev = {
36 .name = "physmap-flash",
37 .dev = {
38 .platform_data = &bcma_pflash_data,
39 },
40 .resource = &bcma_pflash_resource,
41 .num_resources = 1,
42};
43
22/* The 47162a0 hangs when reading MIPS DMP registers registers */ 44/* The 47162a0 hangs when reading MIPS DMP registers registers */
23static inline bool bcma_core_mips_bcm47162a0_quirk(struct bcma_device *dev) 45static inline bool bcma_core_mips_bcm47162a0_quirk(struct bcma_device *dev)
24{ 46{
@@ -74,28 +96,41 @@ static u32 bcma_core_mips_irqflag(struct bcma_device *dev)
74 return dev->core_index; 96 return dev->core_index;
75 flag = bcma_aread32(dev, BCMA_MIPS_OOBSELOUTA30); 97 flag = bcma_aread32(dev, BCMA_MIPS_OOBSELOUTA30);
76 98
77 return flag & 0x1F; 99 if (flag)
100 return flag & 0x1F;
101 else
102 return 0x3f;
78} 103}
79 104
80/* Get the MIPS IRQ assignment for a specified device. 105/* Get the MIPS IRQ assignment for a specified device.
81 * If unassigned, 0 is returned. 106 * If unassigned, 0 is returned.
107 * If disabled, 5 is returned.
108 * If not supported, 6 is returned.
82 */ 109 */
83unsigned int bcma_core_mips_irq(struct bcma_device *dev) 110static unsigned int bcma_core_mips_irq(struct bcma_device *dev)
84{ 111{
85 struct bcma_device *mdev = dev->bus->drv_mips.core; 112 struct bcma_device *mdev = dev->bus->drv_mips.core;
86 u32 irqflag; 113 u32 irqflag;
87 unsigned int irq; 114 unsigned int irq;
88 115
89 irqflag = bcma_core_mips_irqflag(dev); 116 irqflag = bcma_core_mips_irqflag(dev);
117 if (irqflag == 0x3f)
118 return 6;
90 119
91 for (irq = 1; irq <= 4; irq++) 120 for (irq = 0; irq <= 4; irq++)
92 if (bcma_read32(mdev, BCMA_MIPS_MIPS74K_INTMASK(irq)) & 121 if (bcma_read32(mdev, BCMA_MIPS_MIPS74K_INTMASK(irq)) &
93 (1 << irqflag)) 122 (1 << irqflag))
94 return irq; 123 return irq;
95 124
96 return 0; 125 return 5;
126}
127
128unsigned int bcma_core_irq(struct bcma_device *dev)
129{
130 unsigned int mips_irq = bcma_core_mips_irq(dev);
131 return mips_irq <= 4 ? mips_irq + 2 : 0;
97} 132}
98EXPORT_SYMBOL(bcma_core_mips_irq); 133EXPORT_SYMBOL(bcma_core_irq);
99 134
100static void bcma_core_mips_set_irq(struct bcma_device *dev, unsigned int irq) 135static void bcma_core_mips_set_irq(struct bcma_device *dev, unsigned int irq)
101{ 136{
@@ -114,7 +149,7 @@ static void bcma_core_mips_set_irq(struct bcma_device *dev, unsigned int irq)
114 bcma_write32(mdev, BCMA_MIPS_MIPS74K_INTMASK(0), 149 bcma_write32(mdev, BCMA_MIPS_MIPS74K_INTMASK(0),
115 bcma_read32(mdev, BCMA_MIPS_MIPS74K_INTMASK(0)) & 150 bcma_read32(mdev, BCMA_MIPS_MIPS74K_INTMASK(0)) &
116 ~(1 << irqflag)); 151 ~(1 << irqflag));
117 else 152 else if (oldirq != 5)
118 bcma_write32(mdev, BCMA_MIPS_MIPS74K_INTMASK(oldirq), 0); 153 bcma_write32(mdev, BCMA_MIPS_MIPS74K_INTMASK(oldirq), 0);
119 154
120 /* assign the new one */ 155 /* assign the new one */
@@ -123,9 +158,9 @@ static void bcma_core_mips_set_irq(struct bcma_device *dev, unsigned int irq)
123 bcma_read32(mdev, BCMA_MIPS_MIPS74K_INTMASK(0)) | 158 bcma_read32(mdev, BCMA_MIPS_MIPS74K_INTMASK(0)) |
124 (1 << irqflag)); 159 (1 << irqflag));
125 } else { 160 } else {
126 u32 oldirqflag = bcma_read32(mdev, 161 u32 irqinitmask = bcma_read32(mdev,
127 BCMA_MIPS_MIPS74K_INTMASK(irq)); 162 BCMA_MIPS_MIPS74K_INTMASK(irq));
128 if (oldirqflag) { 163 if (irqinitmask) {
129 struct bcma_device *core; 164 struct bcma_device *core;
130 165
131 /* backplane irq line is in use, find out who uses 166 /* backplane irq line is in use, find out who uses
@@ -133,7 +168,7 @@ static void bcma_core_mips_set_irq(struct bcma_device *dev, unsigned int irq)
133 */ 168 */
134 list_for_each_entry(core, &bus->cores, list) { 169 list_for_each_entry(core, &bus->cores, list) {
135 if ((1 << bcma_core_mips_irqflag(core)) == 170 if ((1 << bcma_core_mips_irqflag(core)) ==
136 oldirqflag) { 171 irqinitmask) {
137 bcma_core_mips_set_irq(core, 0); 172 bcma_core_mips_set_irq(core, 0);
138 break; 173 break;
139 } 174 }
@@ -143,15 +178,31 @@ static void bcma_core_mips_set_irq(struct bcma_device *dev, unsigned int irq)
143 1 << irqflag); 178 1 << irqflag);
144 } 179 }
145 180
146 bcma_info(bus, "set_irq: core 0x%04x, irq %d => %d\n", 181 bcma_debug(bus, "set_irq: core 0x%04x, irq %d => %d\n",
147 dev->id.id, oldirq + 2, irq + 2); 182 dev->id.id, oldirq <= 4 ? oldirq + 2 : 0, irq + 2);
183}
184
185static void bcma_core_mips_set_irq_name(struct bcma_bus *bus, unsigned int irq,
186 u16 coreid, u8 unit)
187{
188 struct bcma_device *core;
189
190 core = bcma_find_core_unit(bus, coreid, unit);
191 if (!core) {
192 bcma_warn(bus,
193 "Can not find core (id: 0x%x, unit %i) for IRQ configuration.\n",
194 coreid, unit);
195 return;
196 }
197
198 bcma_core_mips_set_irq(core, irq);
148} 199}
149 200
150static void bcma_core_mips_print_irq(struct bcma_device *dev, unsigned int irq) 201static void bcma_core_mips_print_irq(struct bcma_device *dev, unsigned int irq)
151{ 202{
152 int i; 203 int i;
153 static const char *irq_name[] = {"2(S)", "3", "4", "5", "6", "D", "I"}; 204 static const char *irq_name[] = {"2(S)", "3", "4", "5", "6", "D", "I"};
154 printk(KERN_INFO KBUILD_MODNAME ": core 0x%04x, irq :", dev->id.id); 205 printk(KERN_DEBUG KBUILD_MODNAME ": core 0x%04x, irq :", dev->id.id);
155 for (i = 0; i <= 6; i++) 206 for (i = 0; i <= 6; i++)
156 printk(" %s%s", irq_name[i], i == irq ? "*" : " "); 207 printk(" %s%s", irq_name[i], i == irq ? "*" : " ");
157 printk("\n"); 208 printk("\n");
@@ -182,6 +233,7 @@ static void bcma_core_mips_flash_detect(struct bcma_drv_mips *mcore)
182{ 233{
183 struct bcma_bus *bus = mcore->core->bus; 234 struct bcma_bus *bus = mcore->core->bus;
184 struct bcma_drv_cc *cc = &bus->drv_cc; 235 struct bcma_drv_cc *cc = &bus->drv_cc;
236 struct bcma_pflash *pflash = &cc->pflash;
185 237
186 switch (cc->capabilities & BCMA_CC_CAP_FLASHT) { 238 switch (cc->capabilities & BCMA_CC_CAP_FLASHT) {
187 case BCMA_CC_FLASHT_STSER: 239 case BCMA_CC_FLASHT_STSER:
@@ -191,15 +243,20 @@ static void bcma_core_mips_flash_detect(struct bcma_drv_mips *mcore)
191 break; 243 break;
192 case BCMA_CC_FLASHT_PARA: 244 case BCMA_CC_FLASHT_PARA:
193 bcma_debug(bus, "Found parallel flash\n"); 245 bcma_debug(bus, "Found parallel flash\n");
194 cc->pflash.present = true; 246 pflash->present = true;
195 cc->pflash.window = BCMA_SOC_FLASH2; 247 pflash->window = BCMA_SOC_FLASH2;
196 cc->pflash.window_size = BCMA_SOC_FLASH2_SZ; 248 pflash->window_size = BCMA_SOC_FLASH2_SZ;
197 249
198 if ((bcma_read32(cc->core, BCMA_CC_FLASH_CFG) & 250 if ((bcma_read32(cc->core, BCMA_CC_FLASH_CFG) &
199 BCMA_CC_FLASH_CFG_DS) == 0) 251 BCMA_CC_FLASH_CFG_DS) == 0)
200 cc->pflash.buswidth = 1; 252 pflash->buswidth = 1;
201 else 253 else
202 cc->pflash.buswidth = 2; 254 pflash->buswidth = 2;
255
256 bcma_pflash_data.width = pflash->buswidth;
257 bcma_pflash_resource.start = pflash->window;
258 bcma_pflash_resource.end = pflash->window + pflash->window_size;
259
203 break; 260 break;
204 default: 261 default:
205 bcma_err(bus, "Flash type not supported\n"); 262 bcma_err(bus, "Flash type not supported\n");
@@ -227,6 +284,32 @@ void bcma_core_mips_early_init(struct bcma_drv_mips *mcore)
227 mcore->early_setup_done = true; 284 mcore->early_setup_done = true;
228} 285}
229 286
287static void bcma_fix_i2s_irqflag(struct bcma_bus *bus)
288{
289 struct bcma_device *cpu, *pcie, *i2s;
290
291 /* Fixup the interrupts in 4716/4748 for i2s core (2010 Broadcom SDK)
292 * (IRQ flags > 7 are ignored when setting the interrupt masks)
293 */
294 if (bus->chipinfo.id != BCMA_CHIP_ID_BCM4716 &&
295 bus->chipinfo.id != BCMA_CHIP_ID_BCM4748)
296 return;
297
298 cpu = bcma_find_core(bus, BCMA_CORE_MIPS_74K);
299 pcie = bcma_find_core(bus, BCMA_CORE_PCIE);
300 i2s = bcma_find_core(bus, BCMA_CORE_I2S);
301 if (cpu && pcie && i2s &&
302 bcma_aread32(cpu, BCMA_MIPS_OOBSELINA74) == 0x08060504 &&
303 bcma_aread32(pcie, BCMA_MIPS_OOBSELINA74) == 0x08060504 &&
304 bcma_aread32(i2s, BCMA_MIPS_OOBSELOUTA30) == 0x88) {
305 bcma_awrite32(cpu, BCMA_MIPS_OOBSELINA74, 0x07060504);
306 bcma_awrite32(pcie, BCMA_MIPS_OOBSELINA74, 0x07060504);
307 bcma_awrite32(i2s, BCMA_MIPS_OOBSELOUTA30, 0x87);
308 bcma_debug(bus,
309 "Moved i2s interrupt to oob line 7 instead of 8\n");
310 }
311}
312
230void bcma_core_mips_init(struct bcma_drv_mips *mcore) 313void bcma_core_mips_init(struct bcma_drv_mips *mcore)
231{ 314{
232 struct bcma_bus *bus; 315 struct bcma_bus *bus;
@@ -236,43 +319,55 @@ void bcma_core_mips_init(struct bcma_drv_mips *mcore)
236 if (mcore->setup_done) 319 if (mcore->setup_done)
237 return; 320 return;
238 321
239 bcma_info(bus, "Initializing MIPS core...\n"); 322 bcma_debug(bus, "Initializing MIPS core...\n");
240 323
241 bcma_core_mips_early_init(mcore); 324 bcma_core_mips_early_init(mcore);
242 325
243 mcore->assigned_irqs = 1; 326 bcma_fix_i2s_irqflag(bus);
244 327
245 /* Assign IRQs to all cores on the bus */ 328 switch (bus->chipinfo.id) {
246 list_for_each_entry(core, &bus->cores, list) { 329 case BCMA_CHIP_ID_BCM4716:
247 int mips_irq; 330 case BCMA_CHIP_ID_BCM4748:
248 if (core->irq) 331 bcma_core_mips_set_irq_name(bus, 1, BCMA_CORE_80211, 0);
249 continue; 332 bcma_core_mips_set_irq_name(bus, 2, BCMA_CORE_MAC_GBIT, 0);
250 333 bcma_core_mips_set_irq_name(bus, 3, BCMA_CORE_USB20_HOST, 0);
251 mips_irq = bcma_core_mips_irq(core); 334 bcma_core_mips_set_irq_name(bus, 4, BCMA_CORE_PCIE, 0);
252 if (mips_irq > 4) 335 bcma_core_mips_set_irq_name(bus, 0, BCMA_CORE_CHIPCOMMON, 0);
253 core->irq = 0; 336 bcma_core_mips_set_irq_name(bus, 0, BCMA_CORE_I2S, 0);
254 else 337 break;
255 core->irq = mips_irq + 2; 338 case BCMA_CHIP_ID_BCM5356:
256 if (core->irq > 5) 339 case BCMA_CHIP_ID_BCM47162:
257 continue; 340 case BCMA_CHIP_ID_BCM53572:
258 switch (core->id.id) { 341 bcma_core_mips_set_irq_name(bus, 1, BCMA_CORE_80211, 0);
259 case BCMA_CORE_PCI: 342 bcma_core_mips_set_irq_name(bus, 2, BCMA_CORE_MAC_GBIT, 0);
260 case BCMA_CORE_PCIE: 343 bcma_core_mips_set_irq_name(bus, 0, BCMA_CORE_CHIPCOMMON, 0);
261 case BCMA_CORE_ETHERNET: 344 break;
262 case BCMA_CORE_ETHERNET_GBIT: 345 case BCMA_CHIP_ID_BCM5357:
263 case BCMA_CORE_MAC_GBIT: 346 case BCMA_CHIP_ID_BCM4749:
264 case BCMA_CORE_80211: 347 bcma_core_mips_set_irq_name(bus, 1, BCMA_CORE_80211, 0);
265 case BCMA_CORE_USB20_HOST: 348 bcma_core_mips_set_irq_name(bus, 2, BCMA_CORE_MAC_GBIT, 0);
266 /* These devices get their own IRQ line if available, 349 bcma_core_mips_set_irq_name(bus, 3, BCMA_CORE_USB20_HOST, 0);
267 * the rest goes on IRQ0 350 bcma_core_mips_set_irq_name(bus, 0, BCMA_CORE_CHIPCOMMON, 0);
268 */ 351 bcma_core_mips_set_irq_name(bus, 0, BCMA_CORE_I2S, 0);
269 if (mcore->assigned_irqs <= 4) 352 break;
270 bcma_core_mips_set_irq(core, 353 case BCMA_CHIP_ID_BCM4706:
271 mcore->assigned_irqs++); 354 bcma_core_mips_set_irq_name(bus, 1, BCMA_CORE_PCIE, 0);
272 break; 355 bcma_core_mips_set_irq_name(bus, 2, BCMA_CORE_4706_MAC_GBIT,
356 0);
357 bcma_core_mips_set_irq_name(bus, 3, BCMA_CORE_PCIE, 1);
358 bcma_core_mips_set_irq_name(bus, 4, BCMA_CORE_USB20_HOST, 0);
359 bcma_core_mips_set_irq_name(bus, 0, BCMA_CORE_4706_CHIPCOMMON,
360 0);
361 break;
362 default:
363 list_for_each_entry(core, &bus->cores, list) {
364 core->irq = bcma_core_irq(core);
273 } 365 }
366 bcma_err(bus,
367 "Unknown device (0x%x) found, can not configure IRQs\n",
368 bus->chipinfo.id);
274 } 369 }
275 bcma_info(bus, "IRQ reconfiguration done\n"); 370 bcma_debug(bus, "IRQ reconfiguration done\n");
276 bcma_core_mips_dump_irq(bus); 371 bcma_core_mips_dump_irq(bus);
277 372
278 mcore->setup_done = true; 373 mcore->setup_done = true;
diff --git a/drivers/bcma/driver_pci_host.c b/drivers/bcma/driver_pci_host.c
index e6b5c89469dc..221f8bb76390 100644
--- a/drivers/bcma/driver_pci_host.c
+++ b/drivers/bcma/driver_pci_host.c
@@ -94,19 +94,19 @@ static int bcma_extpci_read_config(struct bcma_drv_pci *pc, unsigned int dev,
94 if (dev == 0) { 94 if (dev == 0) {
95 /* we support only two functions on device 0 */ 95 /* we support only two functions on device 0 */
96 if (func > 1) 96 if (func > 1)
97 return -EINVAL; 97 goto out;
98 98
99 /* accesses to config registers with offsets >= 256 99 /* accesses to config registers with offsets >= 256
100 * requires indirect access. 100 * requires indirect access.
101 */ 101 */
102 if (off >= PCI_CONFIG_SPACE_SIZE) { 102 if (off >= PCI_CONFIG_SPACE_SIZE) {
103 addr = (func << 12); 103 addr = (func << 12);
104 addr |= (off & 0x0FFF); 104 addr |= (off & 0x0FFC);
105 val = bcma_pcie_read_config(pc, addr); 105 val = bcma_pcie_read_config(pc, addr);
106 } else { 106 } else {
107 addr = BCMA_CORE_PCI_PCICFG0; 107 addr = BCMA_CORE_PCI_PCICFG0;
108 addr |= (func << 8); 108 addr |= (func << 8);
109 addr |= (off & 0xfc); 109 addr |= (off & 0xFC);
110 val = pcicore_read32(pc, addr); 110 val = pcicore_read32(pc, addr);
111 } 111 }
112 } else { 112 } else {
@@ -119,11 +119,9 @@ static int bcma_extpci_read_config(struct bcma_drv_pci *pc, unsigned int dev,
119 goto out; 119 goto out;
120 120
121 if (mips_busprobe32(val, mmio)) { 121 if (mips_busprobe32(val, mmio)) {
122 val = 0xffffffff; 122 val = 0xFFFFFFFF;
123 goto unmap; 123 goto unmap;
124 } 124 }
125
126 val = readl(mmio);
127 } 125 }
128 val >>= (8 * (off & 3)); 126 val >>= (8 * (off & 3));
129 127
@@ -151,7 +149,7 @@ static int bcma_extpci_write_config(struct bcma_drv_pci *pc, unsigned int dev,
151 const void *buf, int len) 149 const void *buf, int len)
152{ 150{
153 int err = -EINVAL; 151 int err = -EINVAL;
154 u32 addr = 0, val = 0; 152 u32 addr, val;
155 void __iomem *mmio = 0; 153 void __iomem *mmio = 0;
156 u16 chipid = pc->core->bus->chipinfo.id; 154 u16 chipid = pc->core->bus->chipinfo.id;
157 155
@@ -159,16 +157,22 @@ static int bcma_extpci_write_config(struct bcma_drv_pci *pc, unsigned int dev,
159 if (unlikely(len != 1 && len != 2 && len != 4)) 157 if (unlikely(len != 1 && len != 2 && len != 4))
160 goto out; 158 goto out;
161 if (dev == 0) { 159 if (dev == 0) {
160 /* we support only two functions on device 0 */
161 if (func > 1)
162 goto out;
163
162 /* accesses to config registers with offsets >= 256 164 /* accesses to config registers with offsets >= 256
163 * requires indirect access. 165 * requires indirect access.
164 */ 166 */
165 if (off < PCI_CONFIG_SPACE_SIZE) { 167 if (off >= PCI_CONFIG_SPACE_SIZE) {
166 addr = pc->core->addr + BCMA_CORE_PCI_PCICFG0; 168 addr = (func << 12);
169 addr |= (off & 0x0FFC);
170 val = bcma_pcie_read_config(pc, addr);
171 } else {
172 addr = BCMA_CORE_PCI_PCICFG0;
167 addr |= (func << 8); 173 addr |= (func << 8);
168 addr |= (off & 0xfc); 174 addr |= (off & 0xFC);
169 mmio = ioremap_nocache(addr, sizeof(val)); 175 val = pcicore_read32(pc, addr);
170 if (!mmio)
171 goto out;
172 } 176 }
173 } else { 177 } else {
174 addr = bcma_get_cfgspace_addr(pc, dev, func, off); 178 addr = bcma_get_cfgspace_addr(pc, dev, func, off);
@@ -180,19 +184,17 @@ static int bcma_extpci_write_config(struct bcma_drv_pci *pc, unsigned int dev,
180 goto out; 184 goto out;
181 185
182 if (mips_busprobe32(val, mmio)) { 186 if (mips_busprobe32(val, mmio)) {
183 val = 0xffffffff; 187 val = 0xFFFFFFFF;
184 goto unmap; 188 goto unmap;
185 } 189 }
186 } 190 }
187 191
188 switch (len) { 192 switch (len) {
189 case 1: 193 case 1:
190 val = readl(mmio);
191 val &= ~(0xFF << (8 * (off & 3))); 194 val &= ~(0xFF << (8 * (off & 3)));
192 val |= *((const u8 *)buf) << (8 * (off & 3)); 195 val |= *((const u8 *)buf) << (8 * (off & 3));
193 break; 196 break;
194 case 2: 197 case 2:
195 val = readl(mmio);
196 val &= ~(0xFFFF << (8 * (off & 3))); 198 val &= ~(0xFFFF << (8 * (off & 3)));
197 val |= *((const u16 *)buf) << (8 * (off & 3)); 199 val |= *((const u16 *)buf) << (8 * (off & 3));
198 break; 200 break;
@@ -200,13 +202,14 @@ static int bcma_extpci_write_config(struct bcma_drv_pci *pc, unsigned int dev,
200 val = *((const u32 *)buf); 202 val = *((const u32 *)buf);
201 break; 203 break;
202 } 204 }
203 if (dev == 0 && !addr) { 205 if (dev == 0) {
204 /* accesses to config registers with offsets >= 256 206 /* accesses to config registers with offsets >= 256
205 * requires indirect access. 207 * requires indirect access.
206 */ 208 */
207 addr = (func << 12); 209 if (off >= PCI_CONFIG_SPACE_SIZE)
208 addr |= (off & 0x0FFF); 210 bcma_pcie_write_config(pc, addr, val);
209 bcma_pcie_write_config(pc, addr, val); 211 else
212 pcicore_write32(pc, addr, val);
210 } else { 213 } else {
211 writel(val, mmio); 214 writel(val, mmio);
212 215
@@ -277,7 +280,7 @@ static u8 __devinit bcma_find_pci_capability(struct bcma_drv_pci *pc,
277 /* check for Header type 0 */ 280 /* check for Header type 0 */
278 bcma_extpci_read_config(pc, dev, func, PCI_HEADER_TYPE, &byte_val, 281 bcma_extpci_read_config(pc, dev, func, PCI_HEADER_TYPE, &byte_val,
279 sizeof(u8)); 282 sizeof(u8));
280 if ((byte_val & 0x7f) != PCI_HEADER_TYPE_NORMAL) 283 if ((byte_val & 0x7F) != PCI_HEADER_TYPE_NORMAL)
281 return cap_ptr; 284 return cap_ptr;
282 285
283 /* check if the capability pointer field exists */ 286 /* check if the capability pointer field exists */
@@ -427,7 +430,7 @@ void __devinit bcma_core_pci_hostmode_init(struct bcma_drv_pci *pc)
427 /* Reset RC */ 430 /* Reset RC */
428 usleep_range(3000, 5000); 431 usleep_range(3000, 5000);
429 pcicore_write32(pc, BCMA_CORE_PCI_CTL, BCMA_CORE_PCI_CTL_RST_OE); 432 pcicore_write32(pc, BCMA_CORE_PCI_CTL, BCMA_CORE_PCI_CTL_RST_OE);
430 usleep_range(1000, 2000); 433 msleep(50);
431 pcicore_write32(pc, BCMA_CORE_PCI_CTL, BCMA_CORE_PCI_CTL_RST | 434 pcicore_write32(pc, BCMA_CORE_PCI_CTL, BCMA_CORE_PCI_CTL_RST |
432 BCMA_CORE_PCI_CTL_RST_OE); 435 BCMA_CORE_PCI_CTL_RST_OE);
433 436
@@ -489,6 +492,17 @@ void __devinit bcma_core_pci_hostmode_init(struct bcma_drv_pci *pc)
489 492
490 bcma_core_pci_enable_crs(pc); 493 bcma_core_pci_enable_crs(pc);
491 494
495 if (bus->chipinfo.id == BCMA_CHIP_ID_BCM4706 ||
496 bus->chipinfo.id == BCMA_CHIP_ID_BCM4716) {
497 u16 val16;
498 bcma_extpci_read_config(pc, 0, 0, BCMA_CORE_PCI_CFG_DEVCTRL,
499 &val16, sizeof(val16));
500 val16 |= (2 << 5); /* Max payload size of 512 */
501 val16 |= (2 << 12); /* MRRS 512 */
502 bcma_extpci_write_config(pc, 0, 0, BCMA_CORE_PCI_CFG_DEVCTRL,
503 &val16, sizeof(val16));
504 }
505
492 /* Enable PCI bridge BAR0 memory & master access */ 506 /* Enable PCI bridge BAR0 memory & master access */
493 tmp = PCI_COMMAND_MASTER | PCI_COMMAND_MEMORY; 507 tmp = PCI_COMMAND_MASTER | PCI_COMMAND_MEMORY;
494 bcma_extpci_write_config(pc, 0, 0, PCI_COMMAND, &tmp, sizeof(tmp)); 508 bcma_extpci_write_config(pc, 0, 0, PCI_COMMAND, &tmp, sizeof(tmp));
@@ -577,7 +591,7 @@ int bcma_core_pci_plat_dev_init(struct pci_dev *dev)
577 pr_info("PCI: Fixing up device %s\n", pci_name(dev)); 591 pr_info("PCI: Fixing up device %s\n", pci_name(dev));
578 592
579 /* Fix up interrupt lines */ 593 /* Fix up interrupt lines */
580 dev->irq = bcma_core_mips_irq(pc_host->pdev->core) + 2; 594 dev->irq = bcma_core_irq(pc_host->pdev->core);
581 pci_write_config_byte(dev, PCI_INTERRUPT_LINE, dev->irq); 595 pci_write_config_byte(dev, PCI_INTERRUPT_LINE, dev->irq);
582 596
583 return 0; 597 return 0;
@@ -596,6 +610,6 @@ int bcma_core_pci_pcibios_map_irq(const struct pci_dev *dev)
596 610
597 pc_host = container_of(dev->bus->ops, struct bcma_drv_pci_host, 611 pc_host = container_of(dev->bus->ops, struct bcma_drv_pci_host,
598 pci_ops); 612 pci_ops);
599 return bcma_core_mips_irq(pc_host->pdev->core) + 2; 613 return bcma_core_irq(pc_host->pdev->core);
600} 614}
601EXPORT_SYMBOL(bcma_core_pci_pcibios_map_irq); 615EXPORT_SYMBOL(bcma_core_pci_pcibios_map_irq);
diff --git a/drivers/bcma/main.c b/drivers/bcma/main.c
index 53ba20ca17e0..95ba5756c67e 100644
--- a/drivers/bcma/main.c
+++ b/drivers/bcma/main.c
@@ -81,8 +81,8 @@ struct bcma_device *bcma_find_core(struct bcma_bus *bus, u16 coreid)
81} 81}
82EXPORT_SYMBOL_GPL(bcma_find_core); 82EXPORT_SYMBOL_GPL(bcma_find_core);
83 83
84static struct bcma_device *bcma_find_core_unit(struct bcma_bus *bus, u16 coreid, 84struct bcma_device *bcma_find_core_unit(struct bcma_bus *bus, u16 coreid,
85 u8 unit) 85 u8 unit)
86{ 86{
87 struct bcma_device *core; 87 struct bcma_device *core;
88 88
@@ -149,6 +149,14 @@ static int bcma_register_cores(struct bcma_bus *bus)
149 dev_id++; 149 dev_id++;
150 } 150 }
151 151
152#ifdef CONFIG_BCMA_DRIVER_MIPS
153 if (bus->drv_cc.pflash.present) {
154 err = platform_device_register(&bcma_pflash_dev);
155 if (err)
156 bcma_err(bus, "Error registering parallel flash\n");
157 }
158#endif
159
152#ifdef CONFIG_BCMA_SFLASH 160#ifdef CONFIG_BCMA_SFLASH
153 if (bus->drv_cc.sflash.present) { 161 if (bus->drv_cc.sflash.present) {
154 err = platform_device_register(&bcma_sflash_dev); 162 err = platform_device_register(&bcma_sflash_dev);
diff --git a/drivers/bluetooth/ath3k.c b/drivers/bluetooth/ath3k.c
index b00000e8aef6..33c9a44a9678 100644
--- a/drivers/bluetooth/ath3k.c
+++ b/drivers/bluetooth/ath3k.c
@@ -77,10 +77,15 @@ static struct usb_device_id ath3k_table[] = {
77 { USB_DEVICE(0x0CF3, 0x311D) }, 77 { USB_DEVICE(0x0CF3, 0x311D) },
78 { USB_DEVICE(0x13d3, 0x3375) }, 78 { USB_DEVICE(0x13d3, 0x3375) },
79 { USB_DEVICE(0x04CA, 0x3005) }, 79 { USB_DEVICE(0x04CA, 0x3005) },
80 { USB_DEVICE(0x04CA, 0x3006) },
81 { USB_DEVICE(0x04CA, 0x3008) },
80 { USB_DEVICE(0x13d3, 0x3362) }, 82 { USB_DEVICE(0x13d3, 0x3362) },
81 { USB_DEVICE(0x0CF3, 0xE004) }, 83 { USB_DEVICE(0x0CF3, 0xE004) },
82 { USB_DEVICE(0x0930, 0x0219) }, 84 { USB_DEVICE(0x0930, 0x0219) },
83 { USB_DEVICE(0x0489, 0xe057) }, 85 { USB_DEVICE(0x0489, 0xe057) },
86 { USB_DEVICE(0x13d3, 0x3393) },
87 { USB_DEVICE(0x0489, 0xe04e) },
88 { USB_DEVICE(0x0489, 0xe056) },
84 89
85 /* Atheros AR5BBU12 with sflash firmware */ 90 /* Atheros AR5BBU12 with sflash firmware */
86 { USB_DEVICE(0x0489, 0xE02C) }, 91 { USB_DEVICE(0x0489, 0xE02C) },
@@ -104,10 +109,15 @@ static struct usb_device_id ath3k_blist_tbl[] = {
104 { USB_DEVICE(0x0cf3, 0x311D), .driver_info = BTUSB_ATH3012 }, 109 { USB_DEVICE(0x0cf3, 0x311D), .driver_info = BTUSB_ATH3012 },
105 { USB_DEVICE(0x13d3, 0x3375), .driver_info = BTUSB_ATH3012 }, 110 { USB_DEVICE(0x13d3, 0x3375), .driver_info = BTUSB_ATH3012 },
106 { USB_DEVICE(0x04ca, 0x3005), .driver_info = BTUSB_ATH3012 }, 111 { USB_DEVICE(0x04ca, 0x3005), .driver_info = BTUSB_ATH3012 },
112 { USB_DEVICE(0x04ca, 0x3006), .driver_info = BTUSB_ATH3012 },
113 { USB_DEVICE(0x04ca, 0x3008), .driver_info = BTUSB_ATH3012 },
107 { USB_DEVICE(0x13d3, 0x3362), .driver_info = BTUSB_ATH3012 }, 114 { USB_DEVICE(0x13d3, 0x3362), .driver_info = BTUSB_ATH3012 },
108 { USB_DEVICE(0x0cf3, 0xe004), .driver_info = BTUSB_ATH3012 }, 115 { USB_DEVICE(0x0cf3, 0xe004), .driver_info = BTUSB_ATH3012 },
109 { USB_DEVICE(0x0930, 0x0219), .driver_info = BTUSB_ATH3012 }, 116 { USB_DEVICE(0x0930, 0x0219), .driver_info = BTUSB_ATH3012 },
110 { USB_DEVICE(0x0489, 0xe057), .driver_info = BTUSB_ATH3012 }, 117 { USB_DEVICE(0x0489, 0xe057), .driver_info = BTUSB_ATH3012 },
118 { USB_DEVICE(0x13d3, 0x3393), .driver_info = BTUSB_ATH3012 },
119 { USB_DEVICE(0x0489, 0xe04e), .driver_info = BTUSB_ATH3012 },
120 { USB_DEVICE(0x0489, 0xe056), .driver_info = BTUSB_ATH3012 },
111 121
112 /* Atheros AR5BBU22 with sflash firmware */ 122 /* Atheros AR5BBU22 with sflash firmware */
113 { USB_DEVICE(0x0489, 0xE03C), .driver_info = BTUSB_ATH3012 }, 123 { USB_DEVICE(0x0489, 0xE03C), .driver_info = BTUSB_ATH3012 },
diff --git a/drivers/bluetooth/btusb.c b/drivers/bluetooth/btusb.c
index a1d4ede5b892..7e351e345476 100644
--- a/drivers/bluetooth/btusb.c
+++ b/drivers/bluetooth/btusb.c
@@ -135,10 +135,15 @@ static struct usb_device_id blacklist_table[] = {
135 { USB_DEVICE(0x0cf3, 0x311d), .driver_info = BTUSB_ATH3012 }, 135 { USB_DEVICE(0x0cf3, 0x311d), .driver_info = BTUSB_ATH3012 },
136 { USB_DEVICE(0x13d3, 0x3375), .driver_info = BTUSB_ATH3012 }, 136 { USB_DEVICE(0x13d3, 0x3375), .driver_info = BTUSB_ATH3012 },
137 { USB_DEVICE(0x04ca, 0x3005), .driver_info = BTUSB_ATH3012 }, 137 { USB_DEVICE(0x04ca, 0x3005), .driver_info = BTUSB_ATH3012 },
138 { USB_DEVICE(0x04ca, 0x3006), .driver_info = BTUSB_ATH3012 },
139 { USB_DEVICE(0x04ca, 0x3008), .driver_info = BTUSB_ATH3012 },
138 { USB_DEVICE(0x13d3, 0x3362), .driver_info = BTUSB_ATH3012 }, 140 { USB_DEVICE(0x13d3, 0x3362), .driver_info = BTUSB_ATH3012 },
139 { USB_DEVICE(0x0cf3, 0xe004), .driver_info = BTUSB_ATH3012 }, 141 { USB_DEVICE(0x0cf3, 0xe004), .driver_info = BTUSB_ATH3012 },
140 { USB_DEVICE(0x0930, 0x0219), .driver_info = BTUSB_ATH3012 }, 142 { USB_DEVICE(0x0930, 0x0219), .driver_info = BTUSB_ATH3012 },
141 { USB_DEVICE(0x0489, 0xe057), .driver_info = BTUSB_ATH3012 }, 143 { USB_DEVICE(0x0489, 0xe057), .driver_info = BTUSB_ATH3012 },
144 { USB_DEVICE(0x13d3, 0x3393), .driver_info = BTUSB_ATH3012 },
145 { USB_DEVICE(0x0489, 0xe04e), .driver_info = BTUSB_ATH3012 },
146 { USB_DEVICE(0x0489, 0xe056), .driver_info = BTUSB_ATH3012 },
142 147
143 /* Atheros AR5BBU12 with sflash firmware */ 148 /* Atheros AR5BBU12 with sflash firmware */
144 { USB_DEVICE(0x0489, 0xe02c), .driver_info = BTUSB_IGNORE }, 149 { USB_DEVICE(0x0489, 0xe02c), .driver_info = BTUSB_IGNORE },
diff --git a/drivers/net/wireless/ath/Kconfig b/drivers/net/wireless/ath/Kconfig
index 1a67a4f829fe..2c02b4e84094 100644
--- a/drivers/net/wireless/ath/Kconfig
+++ b/drivers/net/wireless/ath/Kconfig
@@ -30,5 +30,6 @@ source "drivers/net/wireless/ath/ath9k/Kconfig"
30source "drivers/net/wireless/ath/carl9170/Kconfig" 30source "drivers/net/wireless/ath/carl9170/Kconfig"
31source "drivers/net/wireless/ath/ath6kl/Kconfig" 31source "drivers/net/wireless/ath/ath6kl/Kconfig"
32source "drivers/net/wireless/ath/ar5523/Kconfig" 32source "drivers/net/wireless/ath/ar5523/Kconfig"
33source "drivers/net/wireless/ath/wil6210/Kconfig"
33 34
34endif 35endif
diff --git a/drivers/net/wireless/ath/Makefile b/drivers/net/wireless/ath/Makefile
index 1e18621326dc..97b964ded2be 100644
--- a/drivers/net/wireless/ath/Makefile
+++ b/drivers/net/wireless/ath/Makefile
@@ -3,6 +3,7 @@ obj-$(CONFIG_ATH9K_HW) += ath9k/
3obj-$(CONFIG_CARL9170) += carl9170/ 3obj-$(CONFIG_CARL9170) += carl9170/
4obj-$(CONFIG_ATH6KL) += ath6kl/ 4obj-$(CONFIG_ATH6KL) += ath6kl/
5obj-$(CONFIG_AR5523) += ar5523/ 5obj-$(CONFIG_AR5523) += ar5523/
6obj-$(CONFIG_WIL6210) += wil6210/
6 7
7obj-$(CONFIG_ATH_COMMON) += ath.o 8obj-$(CONFIG_ATH_COMMON) += ath.o
8 9
diff --git a/drivers/net/wireless/ath/ath5k/base.c b/drivers/net/wireless/ath/ath5k/base.c
index 30ca0a60a64c..1d264c0f5a9b 100644
--- a/drivers/net/wireless/ath/ath5k/base.c
+++ b/drivers/net/wireless/ath/ath5k/base.c
@@ -240,13 +240,14 @@ static const struct ath_ops ath5k_common_ops = {
240* Driver Initialization * 240* Driver Initialization *
241\***********************/ 241\***********************/
242 242
243static int ath5k_reg_notifier(struct wiphy *wiphy, struct regulatory_request *request) 243static void ath5k_reg_notifier(struct wiphy *wiphy,
244 struct regulatory_request *request)
244{ 245{
245 struct ieee80211_hw *hw = wiphy_to_ieee80211_hw(wiphy); 246 struct ieee80211_hw *hw = wiphy_to_ieee80211_hw(wiphy);
246 struct ath5k_hw *ah = hw->priv; 247 struct ath5k_hw *ah = hw->priv;
247 struct ath_regulatory *regulatory = ath5k_hw_regulatory(ah); 248 struct ath_regulatory *regulatory = ath5k_hw_regulatory(ah);
248 249
249 return ath_reg_notifier_apply(wiphy, request, regulatory); 250 ath_reg_notifier_apply(wiphy, request, regulatory);
250} 251}
251 252
252/********************\ 253/********************\
diff --git a/drivers/net/wireless/ath/ath6kl/cfg80211.c b/drivers/net/wireless/ath/ath6kl/cfg80211.c
index 5516a8ccc3c6..4225cca0f198 100644
--- a/drivers/net/wireless/ath/ath6kl/cfg80211.c
+++ b/drivers/net/wireless/ath/ath6kl/cfg80211.c
@@ -3492,8 +3492,8 @@ void ath6kl_cfg80211_stop_all(struct ath6kl *ar)
3492 ath6kl_cfg80211_stop(vif); 3492 ath6kl_cfg80211_stop(vif);
3493} 3493}
3494 3494
3495static int ath6kl_cfg80211_reg_notify(struct wiphy *wiphy, 3495static void ath6kl_cfg80211_reg_notify(struct wiphy *wiphy,
3496 struct regulatory_request *request) 3496 struct regulatory_request *request)
3497{ 3497{
3498 struct ath6kl *ar = wiphy_priv(wiphy); 3498 struct ath6kl *ar = wiphy_priv(wiphy);
3499 u32 rates[IEEE80211_NUM_BANDS]; 3499 u32 rates[IEEE80211_NUM_BANDS];
@@ -3506,17 +3506,13 @@ static int ath6kl_cfg80211_reg_notify(struct wiphy *wiphy,
3506 request->processed ? " processed" : "", 3506 request->processed ? " processed" : "",
3507 request->initiator, request->user_reg_hint_type); 3507 request->initiator, request->user_reg_hint_type);
3508 3508
3509 /*
3510 * As firmware is not able intersect regdoms, we can only listen to
3511 * cellular hints.
3512 */
3513 if (request->user_reg_hint_type != NL80211_USER_REG_HINT_CELL_BASE) 3509 if (request->user_reg_hint_type != NL80211_USER_REG_HINT_CELL_BASE)
3514 return -EOPNOTSUPP; 3510 return;
3515 3511
3516 ret = ath6kl_wmi_set_regdomain_cmd(ar->wmi, request->alpha2); 3512 ret = ath6kl_wmi_set_regdomain_cmd(ar->wmi, request->alpha2);
3517 if (ret) { 3513 if (ret) {
3518 ath6kl_err("failed to set regdomain: %d\n", ret); 3514 ath6kl_err("failed to set regdomain: %d\n", ret);
3519 return ret; 3515 return;
3520 } 3516 }
3521 3517
3522 /* 3518 /*
@@ -3536,10 +3532,8 @@ static int ath6kl_cfg80211_reg_notify(struct wiphy *wiphy,
3536 if (ret) { 3532 if (ret) {
3537 ath6kl_err("failed to start scan for a regdomain change: %d\n", 3533 ath6kl_err("failed to start scan for a regdomain change: %d\n",
3538 ret); 3534 ret);
3539 return ret; 3535 return;
3540 } 3536 }
3541
3542 return 0;
3543} 3537}
3544 3538
3545static int ath6kl_cfg80211_vif_init(struct ath6kl_vif *vif) 3539static int ath6kl_cfg80211_vif_init(struct ath6kl_vif *vif)
diff --git a/drivers/net/wireless/ath/ath9k/Kconfig b/drivers/net/wireless/ath/ath9k/Kconfig
index 5fc15bf8be09..7647ed6b73d7 100644
--- a/drivers/net/wireless/ath/ath9k/Kconfig
+++ b/drivers/net/wireless/ath/ath9k/Kconfig
@@ -2,6 +2,7 @@ config ATH9K_HW
2 tristate 2 tristate
3config ATH9K_COMMON 3config ATH9K_COMMON
4 tristate 4 tristate
5 select ATH_COMMON
5config ATH9K_DFS_DEBUGFS 6config ATH9K_DFS_DEBUGFS
6 def_bool y 7 def_bool y
7 depends on ATH9K_DEBUGFS && ATH9K_DFS_CERTIFIED 8 depends on ATH9K_DEBUGFS && ATH9K_DFS_CERTIFIED
@@ -17,7 +18,6 @@ config ATH9K_BTCOEX_SUPPORT
17config ATH9K 18config ATH9K
18 tristate "Atheros 802.11n wireless cards support" 19 tristate "Atheros 802.11n wireless cards support"
19 depends on MAC80211 20 depends on MAC80211
20 select ATH_COMMON
21 select ATH9K_HW 21 select ATH9K_HW
22 select MAC80211_LEDS 22 select MAC80211_LEDS
23 select LEDS_CLASS 23 select LEDS_CLASS
@@ -56,7 +56,8 @@ config ATH9K_AHB
56 56
57config ATH9K_DEBUGFS 57config ATH9K_DEBUGFS
58 bool "Atheros ath9k debugging" 58 bool "Atheros ath9k debugging"
59 depends on ATH9K && DEBUG_FS 59 depends on ATH9K
60 select MAC80211_DEBUGFS
60 ---help--- 61 ---help---
61 Say Y, if you need access to ath9k's statistics for 62 Say Y, if you need access to ath9k's statistics for
62 interrupts, rate control, etc. 63 interrupts, rate control, etc.
diff --git a/drivers/net/wireless/ath/ath9k/ahb.c b/drivers/net/wireless/ath/ath9k/ahb.c
index 3a69804f4c16..d1ff3c246a12 100644
--- a/drivers/net/wireless/ath/ath9k/ahb.c
+++ b/drivers/net/wireless/ath/ath9k/ahb.c
@@ -86,29 +86,25 @@ static int ath_ahb_probe(struct platform_device *pdev)
86 86
87 if (!pdev->dev.platform_data) { 87 if (!pdev->dev.platform_data) {
88 dev_err(&pdev->dev, "no platform data specified\n"); 88 dev_err(&pdev->dev, "no platform data specified\n");
89 ret = -EINVAL; 89 return -EINVAL;
90 goto err_out;
91 } 90 }
92 91
93 res = platform_get_resource(pdev, IORESOURCE_MEM, 0); 92 res = platform_get_resource(pdev, IORESOURCE_MEM, 0);
94 if (res == NULL) { 93 if (res == NULL) {
95 dev_err(&pdev->dev, "no memory resource found\n"); 94 dev_err(&pdev->dev, "no memory resource found\n");
96 ret = -ENXIO; 95 return -ENXIO;
97 goto err_out;
98 } 96 }
99 97
100 mem = ioremap_nocache(res->start, resource_size(res)); 98 mem = devm_ioremap_nocache(&pdev->dev, res->start, resource_size(res));
101 if (mem == NULL) { 99 if (mem == NULL) {
102 dev_err(&pdev->dev, "ioremap failed\n"); 100 dev_err(&pdev->dev, "ioremap failed\n");
103 ret = -ENOMEM; 101 return -ENOMEM;
104 goto err_out;
105 } 102 }
106 103
107 res = platform_get_resource(pdev, IORESOURCE_IRQ, 0); 104 res = platform_get_resource(pdev, IORESOURCE_IRQ, 0);
108 if (res == NULL) { 105 if (res == NULL) {
109 dev_err(&pdev->dev, "no IRQ resource found\n"); 106 dev_err(&pdev->dev, "no IRQ resource found\n");
110 ret = -ENXIO; 107 return -ENXIO;
111 goto err_iounmap;
112 } 108 }
113 109
114 irq = res->start; 110 irq = res->start;
@@ -116,8 +112,7 @@ static int ath_ahb_probe(struct platform_device *pdev)
116 hw = ieee80211_alloc_hw(sizeof(struct ath_softc), &ath9k_ops); 112 hw = ieee80211_alloc_hw(sizeof(struct ath_softc), &ath9k_ops);
117 if (hw == NULL) { 113 if (hw == NULL) {
118 dev_err(&pdev->dev, "no memory for ieee80211_hw\n"); 114 dev_err(&pdev->dev, "no memory for ieee80211_hw\n");
119 ret = -ENOMEM; 115 return -ENOMEM;
120 goto err_iounmap;
121 } 116 }
122 117
123 SET_IEEE80211_DEV(hw, &pdev->dev); 118 SET_IEEE80211_DEV(hw, &pdev->dev);
@@ -156,9 +151,6 @@ static int ath_ahb_probe(struct platform_device *pdev)
156 err_free_hw: 151 err_free_hw:
157 ieee80211_free_hw(hw); 152 ieee80211_free_hw(hw);
158 platform_set_drvdata(pdev, NULL); 153 platform_set_drvdata(pdev, NULL);
159 err_iounmap:
160 iounmap(mem);
161 err_out:
162 return ret; 154 return ret;
163} 155}
164 156
@@ -168,12 +160,10 @@ static int ath_ahb_remove(struct platform_device *pdev)
168 160
169 if (hw) { 161 if (hw) {
170 struct ath_softc *sc = hw->priv; 162 struct ath_softc *sc = hw->priv;
171 void __iomem *mem = sc->mem;
172 163
173 ath9k_deinit_device(sc); 164 ath9k_deinit_device(sc);
174 free_irq(sc->irq, sc); 165 free_irq(sc->irq, sc);
175 ieee80211_free_hw(sc->hw); 166 ieee80211_free_hw(sc->hw);
176 iounmap(mem);
177 platform_set_drvdata(pdev, NULL); 167 platform_set_drvdata(pdev, NULL);
178 } 168 }
179 169
diff --git a/drivers/net/wireless/ath/ath9k/ani.c b/drivers/net/wireless/ath/ath9k/ani.c
index e09ec40ce71a..7ecd40f07a74 100644
--- a/drivers/net/wireless/ath/ath9k/ani.c
+++ b/drivers/net/wireless/ath/ath9k/ani.c
@@ -152,7 +152,8 @@ static void ath9k_hw_set_ofdm_nil(struct ath_hw *ah, u8 immunityLevel,
152 ath_dbg(common, ANI, "**** ofdmlevel %d=>%d, rssi=%d[lo=%d hi=%d]\n", 152 ath_dbg(common, ANI, "**** ofdmlevel %d=>%d, rssi=%d[lo=%d hi=%d]\n",
153 aniState->ofdmNoiseImmunityLevel, 153 aniState->ofdmNoiseImmunityLevel,
154 immunityLevel, BEACON_RSSI(ah), 154 immunityLevel, BEACON_RSSI(ah),
155 aniState->rssiThrLow, aniState->rssiThrHigh); 155 ATH9K_ANI_RSSI_THR_LOW,
156 ATH9K_ANI_RSSI_THR_HIGH);
156 157
157 if (!scan) 158 if (!scan)
158 aniState->ofdmNoiseImmunityLevel = immunityLevel; 159 aniState->ofdmNoiseImmunityLevel = immunityLevel;
@@ -173,7 +174,7 @@ static void ath9k_hw_set_ofdm_nil(struct ath_hw *ah, u8 immunityLevel,
173 174
174 weak_sig = entry_ofdm->ofdm_weak_signal_on; 175 weak_sig = entry_ofdm->ofdm_weak_signal_on;
175 if (ah->opmode == NL80211_IFTYPE_STATION && 176 if (ah->opmode == NL80211_IFTYPE_STATION &&
176 BEACON_RSSI(ah) <= aniState->rssiThrHigh) 177 BEACON_RSSI(ah) <= ATH9K_ANI_RSSI_THR_HIGH)
177 weak_sig = true; 178 weak_sig = true;
178 179
179 if (aniState->ofdmWeakSigDetect != weak_sig) 180 if (aniState->ofdmWeakSigDetect != weak_sig)
@@ -216,11 +217,11 @@ static void ath9k_hw_set_cck_nil(struct ath_hw *ah, u_int8_t immunityLevel,
216 217
217 ath_dbg(common, ANI, "**** ccklevel %d=>%d, rssi=%d[lo=%d hi=%d]\n", 218 ath_dbg(common, ANI, "**** ccklevel %d=>%d, rssi=%d[lo=%d hi=%d]\n",
218 aniState->cckNoiseImmunityLevel, immunityLevel, 219 aniState->cckNoiseImmunityLevel, immunityLevel,
219 BEACON_RSSI(ah), aniState->rssiThrLow, 220 BEACON_RSSI(ah), ATH9K_ANI_RSSI_THR_LOW,
220 aniState->rssiThrHigh); 221 ATH9K_ANI_RSSI_THR_HIGH);
221 222
222 if (ah->opmode == NL80211_IFTYPE_STATION && 223 if (ah->opmode == NL80211_IFTYPE_STATION &&
223 BEACON_RSSI(ah) <= aniState->rssiThrLow && 224 BEACON_RSSI(ah) <= ATH9K_ANI_RSSI_THR_LOW &&
224 immunityLevel > ATH9K_ANI_CCK_MAX_LEVEL_LOW_RSSI) 225 immunityLevel > ATH9K_ANI_CCK_MAX_LEVEL_LOW_RSSI)
225 immunityLevel = ATH9K_ANI_CCK_MAX_LEVEL_LOW_RSSI; 226 immunityLevel = ATH9K_ANI_CCK_MAX_LEVEL_LOW_RSSI;
226 227
@@ -418,9 +419,6 @@ void ath9k_hw_ani_monitor(struct ath_hw *ah, struct ath9k_channel *chan)
418 return; 419 return;
419 420
420 aniState = &ah->curchan->ani; 421 aniState = &ah->curchan->ani;
421 if (WARN_ON(!aniState))
422 return;
423
424 if (!ath9k_hw_ani_read_counters(ah)) 422 if (!ath9k_hw_ani_read_counters(ah))
425 return; 423 return;
426 424
@@ -489,23 +487,6 @@ void ath9k_hw_disable_mib_counters(struct ath_hw *ah)
489} 487}
490EXPORT_SYMBOL(ath9k_hw_disable_mib_counters); 488EXPORT_SYMBOL(ath9k_hw_disable_mib_counters);
491 489
492void ath9k_hw_ani_setup(struct ath_hw *ah)
493{
494 int i;
495
496 static const int totalSizeDesired[] = { -55, -55, -55, -55, -62 };
497 static const int coarseHigh[] = { -14, -14, -14, -14, -12 };
498 static const int coarseLow[] = { -64, -64, -64, -64, -70 };
499 static const int firpwr[] = { -78, -78, -78, -78, -80 };
500
501 for (i = 0; i < 5; i++) {
502 ah->totalSizeDesired[i] = totalSizeDesired[i];
503 ah->coarse_high[i] = coarseHigh[i];
504 ah->coarse_low[i] = coarseLow[i];
505 ah->firpwr[i] = firpwr[i];
506 }
507}
508
509void ath9k_hw_ani_init(struct ath_hw *ah) 490void ath9k_hw_ani_init(struct ath_hw *ah)
510{ 491{
511 struct ath_common *common = ath9k_hw_common(ah); 492 struct ath_common *common = ath9k_hw_common(ah);
@@ -531,8 +512,6 @@ void ath9k_hw_ani_init(struct ath_hw *ah)
531 512
532 ani->ofdmsTurn = true; 513 ani->ofdmsTurn = true;
533 514
534 ani->rssiThrHigh = ATH9K_ANI_RSSI_THR_HIGH;
535 ani->rssiThrLow = ATH9K_ANI_RSSI_THR_LOW;
536 ani->ofdmWeakSigDetect = ATH9K_ANI_USE_OFDM_WEAK_SIG; 515 ani->ofdmWeakSigDetect = ATH9K_ANI_USE_OFDM_WEAK_SIG;
537 ani->cckNoiseImmunityLevel = ATH9K_ANI_CCK_DEF_LEVEL; 516 ani->cckNoiseImmunityLevel = ATH9K_ANI_CCK_DEF_LEVEL;
538 ani->ofdmNoiseImmunityLevel = ATH9K_ANI_OFDM_DEF_LEVEL; 517 ani->ofdmNoiseImmunityLevel = ATH9K_ANI_OFDM_DEF_LEVEL;
diff --git a/drivers/net/wireless/ath/ath9k/ani.h b/drivers/net/wireless/ath/ath9k/ani.h
index 1485bf5e3518..dddb1361039a 100644
--- a/drivers/net/wireless/ath/ath9k/ani.h
+++ b/drivers/net/wireless/ath/ath9k/ani.h
@@ -104,7 +104,6 @@ struct ath9k_ani_default {
104}; 104};
105 105
106struct ar5416AniState { 106struct ar5416AniState {
107 struct ath9k_channel *c;
108 u8 noiseImmunityLevel; 107 u8 noiseImmunityLevel;
109 u8 ofdmNoiseImmunityLevel; 108 u8 ofdmNoiseImmunityLevel;
110 u8 cckNoiseImmunityLevel; 109 u8 cckNoiseImmunityLevel;
@@ -113,15 +112,9 @@ struct ar5416AniState {
113 u8 spurImmunityLevel; 112 u8 spurImmunityLevel;
114 u8 firstepLevel; 113 u8 firstepLevel;
115 u8 ofdmWeakSigDetect; 114 u8 ofdmWeakSigDetect;
116 u8 cckWeakSigThreshold;
117 u32 listenTime; 115 u32 listenTime;
118 int32_t rssiThrLow;
119 int32_t rssiThrHigh;
120 u32 ofdmPhyErrCount; 116 u32 ofdmPhyErrCount;
121 u32 cckPhyErrCount; 117 u32 cckPhyErrCount;
122 int16_t pktRssi[2];
123 int16_t ofdmErrRssi[2];
124 int16_t cckErrRssi[2];
125 struct ath9k_ani_default iniDef; 118 struct ath9k_ani_default iniDef;
126}; 119};
127 120
@@ -147,7 +140,6 @@ struct ar5416Stats {
147 140
148void ath9k_enable_mib_counters(struct ath_hw *ah); 141void ath9k_enable_mib_counters(struct ath_hw *ah);
149void ath9k_hw_disable_mib_counters(struct ath_hw *ah); 142void ath9k_hw_disable_mib_counters(struct ath_hw *ah);
150void ath9k_hw_ani_setup(struct ath_hw *ah);
151void ath9k_hw_ani_init(struct ath_hw *ah); 143void ath9k_hw_ani_init(struct ath_hw *ah);
152 144
153#endif /* ANI_H */ 145#endif /* ANI_H */
diff --git a/drivers/net/wireless/ath/ath9k/ar5008_initvals.h b/drivers/net/wireless/ath/ath9k/ar5008_initvals.h
index f81e7fc60a36..467ccfae2cee 100644
--- a/drivers/net/wireless/ath/ath9k/ar5008_initvals.h
+++ b/drivers/net/wireless/ath/ath9k/ar5008_initvals.h
@@ -466,7 +466,7 @@ static const u32 ar5416Bank0[][2] = {
466}; 466};
467 467
468static const u32 ar5416BB_RfGain[][3] = { 468static const u32 ar5416BB_RfGain[][3] = {
469 /* Addr 5G_HT20 5G_HT40 */ 469 /* Addr 5G 2G */
470 {0x00009a00, 0x00000000, 0x00000000}, 470 {0x00009a00, 0x00000000, 0x00000000},
471 {0x00009a04, 0x00000040, 0x00000040}, 471 {0x00009a04, 0x00000040, 0x00000040},
472 {0x00009a08, 0x00000080, 0x00000080}, 472 {0x00009a08, 0x00000080, 0x00000080},
@@ -546,12 +546,12 @@ static const u32 ar5416Bank2[][2] = {
546}; 546};
547 547
548static const u32 ar5416Bank3[][3] = { 548static const u32 ar5416Bank3[][3] = {
549 /* Addr 5G_HT20 5G_HT40 */ 549 /* Addr 5G 2G */
550 {0x000098f0, 0x01400018, 0x01c00018}, 550 {0x000098f0, 0x01400018, 0x01c00018},
551}; 551};
552 552
553static const u32 ar5416Bank6[][3] = { 553static const u32 ar5416Bank6[][3] = {
554 /* Addr 5G_HT20 5G_HT40 */ 554 /* Addr 5G 2G */
555 {0x0000989c, 0x00000000, 0x00000000}, 555 {0x0000989c, 0x00000000, 0x00000000},
556 {0x0000989c, 0x00000000, 0x00000000}, 556 {0x0000989c, 0x00000000, 0x00000000},
557 {0x0000989c, 0x00000000, 0x00000000}, 557 {0x0000989c, 0x00000000, 0x00000000},
@@ -588,7 +588,7 @@ static const u32 ar5416Bank6[][3] = {
588}; 588};
589 589
590static const u32 ar5416Bank6TPC[][3] = { 590static const u32 ar5416Bank6TPC[][3] = {
591 /* Addr 5G_HT20 5G_HT40 */ 591 /* Addr 5G 2G */
592 {0x0000989c, 0x00000000, 0x00000000}, 592 {0x0000989c, 0x00000000, 0x00000000},
593 {0x0000989c, 0x00000000, 0x00000000}, 593 {0x0000989c, 0x00000000, 0x00000000},
594 {0x0000989c, 0x00000000, 0x00000000}, 594 {0x0000989c, 0x00000000, 0x00000000},
diff --git a/drivers/net/wireless/ath/ath9k/ar5008_phy.c b/drivers/net/wireless/ath/ath9k/ar5008_phy.c
index 874186bfda41..fd69376ecc83 100644
--- a/drivers/net/wireless/ath/ath9k/ar5008_phy.c
+++ b/drivers/net/wireless/ath/ath9k/ar5008_phy.c
@@ -470,16 +470,15 @@ static void ar5008_hw_spur_mitigate(struct ath_hw *ah,
470static int ar5008_hw_rf_alloc_ext_banks(struct ath_hw *ah) 470static int ar5008_hw_rf_alloc_ext_banks(struct ath_hw *ah)
471{ 471{
472#define ATH_ALLOC_BANK(bank, size) do { \ 472#define ATH_ALLOC_BANK(bank, size) do { \
473 bank = kzalloc((sizeof(u32) * size), GFP_KERNEL); \ 473 bank = devm_kzalloc(ah->dev, sizeof(u32) * size, GFP_KERNEL); \
474 if (!bank) { \ 474 if (!bank) \
475 ath_err(common, "Cannot allocate RF banks\n"); \ 475 goto error; \
476 return -ENOMEM; \
477 } \
478 } while (0); 476 } while (0);
479 477
480 struct ath_common *common = ath9k_hw_common(ah); 478 struct ath_common *common = ath9k_hw_common(ah);
481 479
482 BUG_ON(AR_SREV_9280_20_OR_LATER(ah)); 480 if (AR_SREV_9280_20_OR_LATER(ah))
481 return 0;
483 482
484 ATH_ALLOC_BANK(ah->analogBank0Data, ah->iniBank0.ia_rows); 483 ATH_ALLOC_BANK(ah->analogBank0Data, ah->iniBank0.ia_rows);
485 ATH_ALLOC_BANK(ah->analogBank1Data, ah->iniBank1.ia_rows); 484 ATH_ALLOC_BANK(ah->analogBank1Data, ah->iniBank1.ia_rows);
@@ -492,35 +491,12 @@ static int ar5008_hw_rf_alloc_ext_banks(struct ath_hw *ah)
492 491
493 return 0; 492 return 0;
494#undef ATH_ALLOC_BANK 493#undef ATH_ALLOC_BANK
494error:
495 ath_err(common, "Cannot allocate RF banks\n");
496 return -ENOMEM;
495} 497}
496 498
497 499
498/**
499 * ar5008_hw_rf_free_ext_banks - Free memory for analog bank scratch buffers
500 * @ah: atheros hardware struture
501 * For the external AR2133/AR5133 radios banks.
502 */
503static void ar5008_hw_rf_free_ext_banks(struct ath_hw *ah)
504{
505#define ATH_FREE_BANK(bank) do { \
506 kfree(bank); \
507 bank = NULL; \
508 } while (0);
509
510 BUG_ON(AR_SREV_9280_20_OR_LATER(ah));
511
512 ATH_FREE_BANK(ah->analogBank0Data);
513 ATH_FREE_BANK(ah->analogBank1Data);
514 ATH_FREE_BANK(ah->analogBank2Data);
515 ATH_FREE_BANK(ah->analogBank3Data);
516 ATH_FREE_BANK(ah->analogBank6Data);
517 ATH_FREE_BANK(ah->analogBank6TPCData);
518 ATH_FREE_BANK(ah->analogBank7Data);
519 ATH_FREE_BANK(ah->bank6Temp);
520
521#undef ATH_FREE_BANK
522}
523
524/* * 500/* *
525 * ar5008_hw_set_rf_regs - programs rf registers based on EEPROM 501 * ar5008_hw_set_rf_regs - programs rf registers based on EEPROM
526 * @ah: atheros hardware structure 502 * @ah: atheros hardware structure
@@ -1380,7 +1356,7 @@ static void ar5008_hw_set_radar_conf(struct ath_hw *ah)
1380 conf->radar_inband = 8; 1356 conf->radar_inband = 8;
1381} 1357}
1382 1358
1383void ar5008_hw_attach_phy_ops(struct ath_hw *ah) 1359int ar5008_hw_attach_phy_ops(struct ath_hw *ah)
1384{ 1360{
1385 struct ath_hw_private_ops *priv_ops = ath9k_hw_private_ops(ah); 1361 struct ath_hw_private_ops *priv_ops = ath9k_hw_private_ops(ah);
1386 static const u32 ar5416_cca_regs[6] = { 1362 static const u32 ar5416_cca_regs[6] = {
@@ -1391,12 +1367,15 @@ void ar5008_hw_attach_phy_ops(struct ath_hw *ah)
1391 AR_PHY_CH1_EXT_CCA, 1367 AR_PHY_CH1_EXT_CCA,
1392 AR_PHY_CH2_EXT_CCA 1368 AR_PHY_CH2_EXT_CCA
1393 }; 1369 };
1370 int ret;
1371
1372 ret = ar5008_hw_rf_alloc_ext_banks(ah);
1373 if (ret)
1374 return ret;
1394 1375
1395 priv_ops->rf_set_freq = ar5008_hw_set_channel; 1376 priv_ops->rf_set_freq = ar5008_hw_set_channel;
1396 priv_ops->spur_mitigate_freq = ar5008_hw_spur_mitigate; 1377 priv_ops->spur_mitigate_freq = ar5008_hw_spur_mitigate;
1397 1378
1398 priv_ops->rf_alloc_ext_banks = ar5008_hw_rf_alloc_ext_banks;
1399 priv_ops->rf_free_ext_banks = ar5008_hw_rf_free_ext_banks;
1400 priv_ops->set_rf_regs = ar5008_hw_set_rf_regs; 1379 priv_ops->set_rf_regs = ar5008_hw_set_rf_regs;
1401 priv_ops->set_channel_regs = ar5008_hw_set_channel_regs; 1380 priv_ops->set_channel_regs = ar5008_hw_set_channel_regs;
1402 priv_ops->init_bb = ar5008_hw_init_bb; 1381 priv_ops->init_bb = ar5008_hw_init_bb;
@@ -1421,4 +1400,5 @@ void ar5008_hw_attach_phy_ops(struct ath_hw *ah)
1421 ar5008_hw_set_nf_limits(ah); 1400 ar5008_hw_set_nf_limits(ah);
1422 ar5008_hw_set_radar_conf(ah); 1401 ar5008_hw_set_radar_conf(ah);
1423 memcpy(ah->nf_regs, ar5416_cca_regs, sizeof(ah->nf_regs)); 1402 memcpy(ah->nf_regs, ar5416_cca_regs, sizeof(ah->nf_regs));
1403 return 0;
1424} 1404}
diff --git a/drivers/net/wireless/ath/ath9k/ar9001_initvals.h b/drivers/net/wireless/ath/ath9k/ar9001_initvals.h
index ea4a230997ac..59524e1d4678 100644
--- a/drivers/net/wireless/ath/ath9k/ar9001_initvals.h
+++ b/drivers/net/wireless/ath/ath9k/ar9001_initvals.h
@@ -460,7 +460,7 @@ static const u32 ar5416Common_9100[][2] = {
460}; 460};
461 461
462static const u32 ar5416Bank6_9100[][3] = { 462static const u32 ar5416Bank6_9100[][3] = {
463 /* Addr 5G_HT20 5G_HT40 */ 463 /* Addr 5G 2G */
464 {0x0000989c, 0x00000000, 0x00000000}, 464 {0x0000989c, 0x00000000, 0x00000000},
465 {0x0000989c, 0x00000000, 0x00000000}, 465 {0x0000989c, 0x00000000, 0x00000000},
466 {0x0000989c, 0x00000000, 0x00000000}, 466 {0x0000989c, 0x00000000, 0x00000000},
@@ -497,7 +497,7 @@ static const u32 ar5416Bank6_9100[][3] = {
497}; 497};
498 498
499static const u32 ar5416Bank6TPC_9100[][3] = { 499static const u32 ar5416Bank6TPC_9100[][3] = {
500 /* Addr 5G_HT20 5G_HT40 */ 500 /* Addr 5G 2G */
501 {0x0000989c, 0x00000000, 0x00000000}, 501 {0x0000989c, 0x00000000, 0x00000000},
502 {0x0000989c, 0x00000000, 0x00000000}, 502 {0x0000989c, 0x00000000, 0x00000000},
503 {0x0000989c, 0x00000000, 0x00000000}, 503 {0x0000989c, 0x00000000, 0x00000000},
diff --git a/drivers/net/wireless/ath/ath9k/ar9002_hw.c b/drivers/net/wireless/ath/ath9k/ar9002_hw.c
index 648da3e885e9..f053d978540e 100644
--- a/drivers/net/wireless/ath/ath9k/ar9002_hw.c
+++ b/drivers/net/wireless/ath/ath9k/ar9002_hw.c
@@ -23,13 +23,13 @@
23 23
24/* General hardware code for the A5008/AR9001/AR9002 hadware families */ 24/* General hardware code for the A5008/AR9001/AR9002 hadware families */
25 25
26static void ar9002_hw_init_mode_regs(struct ath_hw *ah) 26static int ar9002_hw_init_mode_regs(struct ath_hw *ah)
27{ 27{
28 if (AR_SREV_9271(ah)) { 28 if (AR_SREV_9271(ah)) {
29 INIT_INI_ARRAY(&ah->iniModes, ar9271Modes_9271); 29 INIT_INI_ARRAY(&ah->iniModes, ar9271Modes_9271);
30 INIT_INI_ARRAY(&ah->iniCommon, ar9271Common_9271); 30 INIT_INI_ARRAY(&ah->iniCommon, ar9271Common_9271);
31 INIT_INI_ARRAY(&ah->iniModes_9271_ANI_reg, ar9271Modes_9271_ANI_reg); 31 INIT_INI_ARRAY(&ah->iniModes_9271_ANI_reg, ar9271Modes_9271_ANI_reg);
32 return; 32 return 0;
33 } 33 }
34 34
35 if (ah->config.pcie_clock_req) 35 if (ah->config.pcie_clock_req)
@@ -102,9 +102,9 @@ static void ar9002_hw_init_mode_regs(struct ath_hw *ah)
102 u32 size = sizeof(u32) * addac->ia_rows * addac->ia_columns; 102 u32 size = sizeof(u32) * addac->ia_rows * addac->ia_columns;
103 u32 *data; 103 u32 *data;
104 104
105 data = kmalloc(size, GFP_KERNEL); 105 data = devm_kzalloc(ah->dev, size, GFP_KERNEL);
106 if (!data) 106 if (!data)
107 return; 107 return -ENOMEM;
108 108
109 memcpy(data, addac->ia_array, size); 109 memcpy(data, addac->ia_array, size);
110 addac->ia_array = data; 110 addac->ia_array = data;
@@ -120,6 +120,7 @@ static void ar9002_hw_init_mode_regs(struct ath_hw *ah)
120 INIT_INI_ARRAY(&ah->iniCckfirJapan2484, 120 INIT_INI_ARRAY(&ah->iniCckfirJapan2484,
121 ar9287Common_japan_2484_cck_fir_coeff_9287_1_1); 121 ar9287Common_japan_2484_cck_fir_coeff_9287_1_1);
122 } 122 }
123 return 0;
123} 124}
124 125
125static void ar9280_20_hw_init_rxgain_ini(struct ath_hw *ah) 126static void ar9280_20_hw_init_rxgain_ini(struct ath_hw *ah)
@@ -409,22 +410,30 @@ void ar9002_hw_enable_async_fifo(struct ath_hw *ah)
409} 410}
410 411
411/* Sets up the AR5008/AR9001/AR9002 hardware familiy callbacks */ 412/* Sets up the AR5008/AR9001/AR9002 hardware familiy callbacks */
412void ar9002_hw_attach_ops(struct ath_hw *ah) 413int ar9002_hw_attach_ops(struct ath_hw *ah)
413{ 414{
414 struct ath_hw_private_ops *priv_ops = ath9k_hw_private_ops(ah); 415 struct ath_hw_private_ops *priv_ops = ath9k_hw_private_ops(ah);
415 struct ath_hw_ops *ops = ath9k_hw_ops(ah); 416 struct ath_hw_ops *ops = ath9k_hw_ops(ah);
417 int ret;
418
419 ret = ar9002_hw_init_mode_regs(ah);
420 if (ret)
421 return ret;
416 422
417 priv_ops->init_mode_regs = ar9002_hw_init_mode_regs;
418 priv_ops->init_mode_gain_regs = ar9002_hw_init_mode_gain_regs; 423 priv_ops->init_mode_gain_regs = ar9002_hw_init_mode_gain_regs;
419 424
420 ops->config_pci_powersave = ar9002_hw_configpcipowersave; 425 ops->config_pci_powersave = ar9002_hw_configpcipowersave;
421 426
422 ar5008_hw_attach_phy_ops(ah); 427 ret = ar5008_hw_attach_phy_ops(ah);
428 if (ret)
429 return ret;
430
423 if (AR_SREV_9280_20_OR_LATER(ah)) 431 if (AR_SREV_9280_20_OR_LATER(ah))
424 ar9002_hw_attach_phy_ops(ah); 432 ar9002_hw_attach_phy_ops(ah);
425 433
426 ar9002_hw_attach_calib_ops(ah); 434 ar9002_hw_attach_calib_ops(ah);
427 ar9002_hw_attach_mac_ops(ah); 435 ar9002_hw_attach_mac_ops(ah);
436 return 0;
428} 437}
429 438
430void ar9002_hw_load_ani_reg(struct ath_hw *ah, struct ath9k_channel *chan) 439void ar9002_hw_load_ani_reg(struct ath_hw *ah, struct ath9k_channel *chan)
diff --git a/drivers/net/wireless/ath/ath9k/ar9002_phy.c b/drivers/net/wireless/ath/ath9k/ar9002_phy.c
index 846dd7974eb8..f4003512d8d5 100644
--- a/drivers/net/wireless/ath/ath9k/ar9002_phy.c
+++ b/drivers/net/wireless/ath/ath9k/ar9002_phy.c
@@ -555,14 +555,73 @@ static void ar9002_hw_antdiv_comb_conf_set(struct ath_hw *ah,
555 REG_WRITE(ah, AR_PHY_MULTICHAIN_GAIN_CTL, regval); 555 REG_WRITE(ah, AR_PHY_MULTICHAIN_GAIN_CTL, regval);
556} 556}
557 557
558static void ar9002_hw_spectral_scan_config(struct ath_hw *ah,
559 struct ath_spec_scan *param)
560{
561 u8 count;
562
563 if (!param->enabled) {
564 REG_CLR_BIT(ah, AR_PHY_SPECTRAL_SCAN,
565 AR_PHY_SPECTRAL_SCAN_ENABLE);
566 return;
567 }
568 REG_SET_BIT(ah, AR_PHY_RADAR_0, AR_PHY_RADAR_0_FFT_ENA);
569 REG_SET_BIT(ah, AR_PHY_SPECTRAL_SCAN, AR_PHY_SPECTRAL_SCAN_ENABLE);
570
571 if (param->short_repeat)
572 REG_SET_BIT(ah, AR_PHY_SPECTRAL_SCAN,
573 AR_PHY_SPECTRAL_SCAN_SHORT_REPEAT);
574 else
575 REG_CLR_BIT(ah, AR_PHY_SPECTRAL_SCAN,
576 AR_PHY_SPECTRAL_SCAN_SHORT_REPEAT);
577
578 /* on AR92xx, the highest bit of count will make the the chip send
579 * spectral samples endlessly. Check if this really was intended,
580 * and fix otherwise.
581 */
582 count = param->count;
583 if (param->endless)
584 count = 0x80;
585 else if (count & 0x80)
586 count = 0x7f;
587
588 REG_RMW_FIELD(ah, AR_PHY_SPECTRAL_SCAN,
589 AR_PHY_SPECTRAL_SCAN_COUNT, count);
590 REG_RMW_FIELD(ah, AR_PHY_SPECTRAL_SCAN,
591 AR_PHY_SPECTRAL_SCAN_PERIOD, param->period);
592 REG_RMW_FIELD(ah, AR_PHY_SPECTRAL_SCAN,
593 AR_PHY_SPECTRAL_SCAN_FFT_PERIOD, param->fft_period);
594
595 return;
596}
597
598static void ar9002_hw_spectral_scan_trigger(struct ath_hw *ah)
599{
600 REG_SET_BIT(ah, AR_PHY_SPECTRAL_SCAN, AR_PHY_SPECTRAL_SCAN_ENABLE);
601 /* Activate spectral scan */
602 REG_SET_BIT(ah, AR_PHY_SPECTRAL_SCAN,
603 AR_PHY_SPECTRAL_SCAN_ACTIVE);
604}
605
606static void ar9002_hw_spectral_scan_wait(struct ath_hw *ah)
607{
608 struct ath_common *common = ath9k_hw_common(ah);
609
610 /* Poll for spectral scan complete */
611 if (!ath9k_hw_wait(ah, AR_PHY_SPECTRAL_SCAN,
612 AR_PHY_SPECTRAL_SCAN_ACTIVE,
613 0, AH_WAIT_TIMEOUT)) {
614 ath_err(common, "spectral scan wait failed\n");
615 return;
616 }
617}
618
558void ar9002_hw_attach_phy_ops(struct ath_hw *ah) 619void ar9002_hw_attach_phy_ops(struct ath_hw *ah)
559{ 620{
560 struct ath_hw_private_ops *priv_ops = ath9k_hw_private_ops(ah); 621 struct ath_hw_private_ops *priv_ops = ath9k_hw_private_ops(ah);
561 struct ath_hw_ops *ops = ath9k_hw_ops(ah); 622 struct ath_hw_ops *ops = ath9k_hw_ops(ah);
562 623
563 priv_ops->set_rf_regs = NULL; 624 priv_ops->set_rf_regs = NULL;
564 priv_ops->rf_alloc_ext_banks = NULL;
565 priv_ops->rf_free_ext_banks = NULL;
566 priv_ops->rf_set_freq = ar9002_hw_set_channel; 625 priv_ops->rf_set_freq = ar9002_hw_set_channel;
567 priv_ops->spur_mitigate_freq = ar9002_hw_spur_mitigate; 626 priv_ops->spur_mitigate_freq = ar9002_hw_spur_mitigate;
568 priv_ops->olc_init = ar9002_olc_init; 627 priv_ops->olc_init = ar9002_olc_init;
@@ -571,6 +630,9 @@ void ar9002_hw_attach_phy_ops(struct ath_hw *ah)
571 630
572 ops->antdiv_comb_conf_get = ar9002_hw_antdiv_comb_conf_get; 631 ops->antdiv_comb_conf_get = ar9002_hw_antdiv_comb_conf_get;
573 ops->antdiv_comb_conf_set = ar9002_hw_antdiv_comb_conf_set; 632 ops->antdiv_comb_conf_set = ar9002_hw_antdiv_comb_conf_set;
633 ops->spectral_scan_config = ar9002_hw_spectral_scan_config;
634 ops->spectral_scan_trigger = ar9002_hw_spectral_scan_trigger;
635 ops->spectral_scan_wait = ar9002_hw_spectral_scan_wait;
574 636
575 ar9002_hw_set_nf_limits(ah); 637 ar9002_hw_set_nf_limits(ah);
576} 638}
diff --git a/drivers/net/wireless/ath/ath9k/ar9003_2p2_initvals.h b/drivers/net/wireless/ath/ath9k/ar9003_2p2_initvals.h
index 262e1e036fd7..db5ffada2217 100644
--- a/drivers/net/wireless/ath/ath9k/ar9003_2p2_initvals.h
+++ b/drivers/net/wireless/ath/ath9k/ar9003_2p2_initvals.h
@@ -744,6 +744,186 @@ static const u32 ar9300Modes_high_ob_db_tx_gain_table_2p2[][5] = {
744 {0x00016868, 0x6db6db6c, 0x6db6db6c, 0x6db6db6c, 0x6db6db6c}, 744 {0x00016868, 0x6db6db6c, 0x6db6db6c, 0x6db6db6c, 0x6db6db6c},
745}; 745};
746 746
747static const u32 ar9300Modes_mixed_ob_db_tx_gain_table_2p2[][5] = {
748 /* Addr 5G_HT20 5G_HT40 2G_HT40 2G_HT20 */
749 {0x0000a2dc, 0x00033800, 0x00033800, 0x03aaa352, 0x03aaa352},
750 {0x0000a2e0, 0x0003c000, 0x0003c000, 0x03ccc584, 0x03ccc584},
751 {0x0000a2e4, 0x03fc0000, 0x03fc0000, 0x03f0f800, 0x03f0f800},
752 {0x0000a2e8, 0x00000000, 0x00000000, 0x03ff0000, 0x03ff0000},
753 {0x0000a410, 0x000050d9, 0x000050d9, 0x000050d9, 0x000050d9},
754 {0x0000a500, 0x00000000, 0x00000000, 0x00000000, 0x00000000},
755 {0x0000a504, 0x06000003, 0x06000003, 0x04000002, 0x04000002},
756 {0x0000a508, 0x0a000020, 0x0a000020, 0x08000004, 0x08000004},
757 {0x0000a50c, 0x10000023, 0x10000023, 0x0b000200, 0x0b000200},
758 {0x0000a510, 0x16000220, 0x16000220, 0x0f000202, 0x0f000202},
759 {0x0000a514, 0x1c000223, 0x1c000223, 0x11000400, 0x11000400},
760 {0x0000a518, 0x21002220, 0x21002220, 0x15000402, 0x15000402},
761 {0x0000a51c, 0x27002223, 0x27002223, 0x19000404, 0x19000404},
762 {0x0000a520, 0x2b022220, 0x2b022220, 0x1b000603, 0x1b000603},
763 {0x0000a524, 0x2f022222, 0x2f022222, 0x1f000a02, 0x1f000a02},
764 {0x0000a528, 0x34022225, 0x34022225, 0x23000a04, 0x23000a04},
765 {0x0000a52c, 0x3a02222a, 0x3a02222a, 0x26000a20, 0x26000a20},
766 {0x0000a530, 0x3e02222c, 0x3e02222c, 0x2a000e20, 0x2a000e20},
767 {0x0000a534, 0x4202242a, 0x4202242a, 0x2e000e22, 0x2e000e22},
768 {0x0000a538, 0x4702244a, 0x4702244a, 0x31000e24, 0x31000e24},
769 {0x0000a53c, 0x4b02244c, 0x4b02244c, 0x34001640, 0x34001640},
770 {0x0000a540, 0x4e02246c, 0x4e02246c, 0x38001660, 0x38001660},
771 {0x0000a544, 0x52022470, 0x52022470, 0x3b001861, 0x3b001861},
772 {0x0000a548, 0x55022490, 0x55022490, 0x3e001a81, 0x3e001a81},
773 {0x0000a54c, 0x59022492, 0x59022492, 0x42001a83, 0x42001a83},
774 {0x0000a550, 0x5d022692, 0x5d022692, 0x44001c84, 0x44001c84},
775 {0x0000a554, 0x61022892, 0x61022892, 0x48001ce3, 0x48001ce3},
776 {0x0000a558, 0x65024890, 0x65024890, 0x4c001ce5, 0x4c001ce5},
777 {0x0000a55c, 0x69024892, 0x69024892, 0x50001ce9, 0x50001ce9},
778 {0x0000a560, 0x6e024c92, 0x6e024c92, 0x54001ceb, 0x54001ceb},
779 {0x0000a564, 0x74026e92, 0x74026e92, 0x56001eec, 0x56001eec},
780 {0x0000a568, 0x74026e92, 0x74026e92, 0x56001eec, 0x56001eec},
781 {0x0000a56c, 0x74026e92, 0x74026e92, 0x56001eec, 0x56001eec},
782 {0x0000a570, 0x74026e92, 0x74026e92, 0x56001eec, 0x56001eec},
783 {0x0000a574, 0x74026e92, 0x74026e92, 0x56001eec, 0x56001eec},
784 {0x0000a578, 0x74026e92, 0x74026e92, 0x56001eec, 0x56001eec},
785 {0x0000a57c, 0x74026e92, 0x74026e92, 0x56001eec, 0x56001eec},
786 {0x0000a580, 0x00800000, 0x00800000, 0x00800000, 0x00800000},
787 {0x0000a584, 0x06800003, 0x06800003, 0x04800002, 0x04800002},
788 {0x0000a588, 0x0a800020, 0x0a800020, 0x08800004, 0x08800004},
789 {0x0000a58c, 0x10800023, 0x10800023, 0x0b800200, 0x0b800200},
790 {0x0000a590, 0x16800220, 0x16800220, 0x0f800202, 0x0f800202},
791 {0x0000a594, 0x1c800223, 0x1c800223, 0x11800400, 0x11800400},
792 {0x0000a598, 0x21802220, 0x21802220, 0x15800402, 0x15800402},
793 {0x0000a59c, 0x27802223, 0x27802223, 0x19800404, 0x19800404},
794 {0x0000a5a0, 0x2b822220, 0x2b822220, 0x1b800603, 0x1b800603},
795 {0x0000a5a4, 0x2f822222, 0x2f822222, 0x1f800a02, 0x1f800a02},
796 {0x0000a5a8, 0x34822225, 0x34822225, 0x23800a04, 0x23800a04},
797 {0x0000a5ac, 0x3a82222a, 0x3a82222a, 0x26800a20, 0x26800a20},
798 {0x0000a5b0, 0x3e82222c, 0x3e82222c, 0x2a800e20, 0x2a800e20},
799 {0x0000a5b4, 0x4282242a, 0x4282242a, 0x2e800e22, 0x2e800e22},
800 {0x0000a5b8, 0x4782244a, 0x4782244a, 0x31800e24, 0x31800e24},
801 {0x0000a5bc, 0x4b82244c, 0x4b82244c, 0x34801640, 0x34801640},
802 {0x0000a5c0, 0x4e82246c, 0x4e82246c, 0x38801660, 0x38801660},
803 {0x0000a5c4, 0x52822470, 0x52822470, 0x3b801861, 0x3b801861},
804 {0x0000a5c8, 0x55822490, 0x55822490, 0x3e801a81, 0x3e801a81},
805 {0x0000a5cc, 0x59822492, 0x59822492, 0x42801a83, 0x42801a83},
806 {0x0000a5d0, 0x5d822692, 0x5d822692, 0x44801c84, 0x44801c84},
807 {0x0000a5d4, 0x61822892, 0x61822892, 0x48801ce3, 0x48801ce3},
808 {0x0000a5d8, 0x65824890, 0x65824890, 0x4c801ce5, 0x4c801ce5},
809 {0x0000a5dc, 0x69824892, 0x69824892, 0x50801ce9, 0x50801ce9},
810 {0x0000a5e0, 0x6e824c92, 0x6e824c92, 0x54801ceb, 0x54801ceb},
811 {0x0000a5e4, 0x74826e92, 0x74826e92, 0x56801eec, 0x56801eec},
812 {0x0000a5e8, 0x74826e92, 0x74826e92, 0x56801eec, 0x56801eec},
813 {0x0000a5ec, 0x74826e92, 0x74826e92, 0x56801eec, 0x56801eec},
814 {0x0000a5f0, 0x74826e92, 0x74826e92, 0x56801eec, 0x56801eec},
815 {0x0000a5f4, 0x74826e92, 0x74826e92, 0x56801eec, 0x56801eec},
816 {0x0000a5f8, 0x74826e92, 0x74826e92, 0x56801eec, 0x56801eec},
817 {0x0000a5fc, 0x74826e92, 0x74826e92, 0x56801eec, 0x56801eec},
818 {0x0000a600, 0x00000000, 0x00000000, 0x00000000, 0x00000000},
819 {0x0000a604, 0x00000000, 0x00000000, 0x00000000, 0x00000000},
820 {0x0000a608, 0x00000000, 0x00000000, 0x00000000, 0x00000000},
821 {0x0000a60c, 0x00000000, 0x00000000, 0x00000000, 0x00000000},
822 {0x0000a610, 0x00000000, 0x00000000, 0x00000000, 0x00000000},
823 {0x0000a614, 0x02004000, 0x02004000, 0x01404000, 0x01404000},
824 {0x0000a618, 0x02004801, 0x02004801, 0x01404501, 0x01404501},
825 {0x0000a61c, 0x02808a02, 0x02808a02, 0x02008501, 0x02008501},
826 {0x0000a620, 0x0380ce03, 0x0380ce03, 0x0280ca03, 0x0280ca03},
827 {0x0000a624, 0x04411104, 0x04411104, 0x03010c04, 0x03010c04},
828 {0x0000a628, 0x04411104, 0x04411104, 0x04014c04, 0x04014c04},
829 {0x0000a62c, 0x04411104, 0x04411104, 0x04015005, 0x04015005},
830 {0x0000a630, 0x04411104, 0x04411104, 0x04015005, 0x04015005},
831 {0x0000a634, 0x04411104, 0x04411104, 0x04015005, 0x04015005},
832 {0x0000a638, 0x04411104, 0x04411104, 0x04015005, 0x04015005},
833 {0x0000a63c, 0x04411104, 0x04411104, 0x04015005, 0x04015005},
834 {0x0000b2dc, 0x00033800, 0x00033800, 0x03aaa352, 0x03aaa352},
835 {0x0000b2e0, 0x0003c000, 0x0003c000, 0x03ccc584, 0x03ccc584},
836 {0x0000b2e4, 0x03fc0000, 0x03fc0000, 0x03f0f800, 0x03f0f800},
837 {0x0000b2e8, 0x00000000, 0x00000000, 0x03ff0000, 0x03ff0000},
838 {0x0000c2dc, 0x00033800, 0x00033800, 0x03aaa352, 0x03aaa352},
839 {0x0000c2e0, 0x0003c000, 0x0003c000, 0x03ccc584, 0x03ccc584},
840 {0x0000c2e4, 0x03fc0000, 0x03fc0000, 0x03f0f800, 0x03f0f800},
841 {0x0000c2e8, 0x00000000, 0x00000000, 0x03ff0000, 0x03ff0000},
842 {0x00016044, 0x012492d4, 0x012492d4, 0x056db2e4, 0x056db2e4},
843 {0x00016048, 0x66480001, 0x66480001, 0x8e480001, 0x8e480001},
844 {0x00016068, 0x6db6db6c, 0x6db6db6c, 0x6db6db6c, 0x6db6db6c},
845 {0x00016444, 0x012492d4, 0x012492d4, 0x056db2e4, 0x056db2e4},
846 {0x00016448, 0x66480001, 0x66480001, 0x8e480001, 0x8e480001},
847 {0x00016468, 0x6db6db6c, 0x6db6db6c, 0x6db6db6c, 0x6db6db6c},
848 {0x00016844, 0x012492d4, 0x012492d4, 0x056db2e4, 0x056db2e4},
849 {0x00016848, 0x66480001, 0x66480001, 0x8e480001, 0x8e480001},
850 {0x00016868, 0x6db6db6c, 0x6db6db6c, 0x6db6db6c, 0x6db6db6c},
851};
852
853static const u32 ar9300Modes_type5_tx_gain_table_2p2[][5] = {
854 /* Addr 5G_HT20 5G_HT40 2G_HT40 2G_HT20 */
855 {0x0000a2dc, 0x000cfff0, 0x000cfff0, 0x03aaa352, 0x03aaa352},
856 {0x0000a2e0, 0x000f0000, 0x000f0000, 0x03ccc584, 0x03ccc584},
857 {0x0000a2e4, 0x03f00000, 0x03f00000, 0x03f0f800, 0x03f0f800},
858 {0x0000a2e8, 0x00000000, 0x00000000, 0x03ff0000, 0x03ff0000},
859 {0x0000a410, 0x000050d9, 0x000050d9, 0x000050d9, 0x000050d9},
860 {0x0000a500, 0x00000000, 0x00000000, 0x00000000, 0x00000000},
861 {0x0000a504, 0x06000003, 0x06000003, 0x04000002, 0x04000002},
862 {0x0000a508, 0x0a000020, 0x0a000020, 0x08000004, 0x08000004},
863 {0x0000a50c, 0x10000023, 0x10000023, 0x0b000200, 0x0b000200},
864 {0x0000a510, 0x15000028, 0x15000028, 0x0f000202, 0x0f000202},
865 {0x0000a514, 0x1b00002b, 0x1b00002b, 0x12000400, 0x12000400},
866 {0x0000a518, 0x1f020028, 0x1f020028, 0x16000402, 0x16000402},
867 {0x0000a51c, 0x2502002b, 0x2502002b, 0x19000404, 0x19000404},
868 {0x0000a520, 0x2a04002a, 0x2a04002a, 0x1c000603, 0x1c000603},
869 {0x0000a524, 0x2e06002a, 0x2e06002a, 0x21000a02, 0x21000a02},
870 {0x0000a528, 0x3302202d, 0x3302202d, 0x25000a04, 0x25000a04},
871 {0x0000a52c, 0x3804202c, 0x3804202c, 0x28000a20, 0x28000a20},
872 {0x0000a530, 0x3c06202c, 0x3c06202c, 0x2c000e20, 0x2c000e20},
873 {0x0000a534, 0x4108202d, 0x4108202d, 0x30000e22, 0x30000e22},
874 {0x0000a538, 0x4506402d, 0x4506402d, 0x34000e24, 0x34000e24},
875 {0x0000a53c, 0x4906222d, 0x4906222d, 0x38001640, 0x38001640},
876 {0x0000a540, 0x4d062231, 0x4d062231, 0x3c001660, 0x3c001660},
877 {0x0000a544, 0x50082231, 0x50082231, 0x3f001861, 0x3f001861},
878 {0x0000a548, 0x5608422e, 0x5608422e, 0x43001a81, 0x43001a81},
879 {0x0000a54c, 0x5e08442e, 0x5e08442e, 0x47001a83, 0x47001a83},
880 {0x0000a550, 0x620a4431, 0x620a4431, 0x4a001c84, 0x4a001c84},
881 {0x0000a554, 0x640a4432, 0x640a4432, 0x4e001ce3, 0x4e001ce3},
882 {0x0000a558, 0x680a4434, 0x680a4434, 0x52001ce5, 0x52001ce5},
883 {0x0000a55c, 0x6c0a6434, 0x6c0a6434, 0x56001ce9, 0x56001ce9},
884 {0x0000a560, 0x6f0a6633, 0x6f0a6633, 0x5a001ceb, 0x5a001ceb},
885 {0x0000a564, 0x730c6634, 0x730c6634, 0x5d001eec, 0x5d001eec},
886 {0x0000a568, 0x730c6634, 0x730c6634, 0x5d001eec, 0x5d001eec},
887 {0x0000a56c, 0x730c6634, 0x730c6634, 0x5d001eec, 0x5d001eec},
888 {0x0000a570, 0x730c6634, 0x730c6634, 0x5d001eec, 0x5d001eec},
889 {0x0000a574, 0x730c6634, 0x730c6634, 0x5d001eec, 0x5d001eec},
890 {0x0000a578, 0x730c6634, 0x730c6634, 0x5d001eec, 0x5d001eec},
891 {0x0000a57c, 0x730c6634, 0x730c6634, 0x5d001eec, 0x5d001eec},
892 {0x0000a600, 0x00000000, 0x00000000, 0x00000000, 0x00000000},
893 {0x0000a604, 0x00000000, 0x00000000, 0x00000000, 0x00000000},
894 {0x0000a608, 0x01804601, 0x01804601, 0x00000000, 0x00000000},
895 {0x0000a60c, 0x01804601, 0x01804601, 0x00000000, 0x00000000},
896 {0x0000a610, 0x01804601, 0x01804601, 0x00000000, 0x00000000},
897 {0x0000a614, 0x01804601, 0x01804601, 0x01404000, 0x01404000},
898 {0x0000a618, 0x01804601, 0x01804601, 0x01404501, 0x01404501},
899 {0x0000a61c, 0x01804601, 0x01804601, 0x02008501, 0x02008501},
900 {0x0000a620, 0x03408d02, 0x03408d02, 0x0280ca03, 0x0280ca03},
901 {0x0000a624, 0x0300cc03, 0x0300cc03, 0x03010c04, 0x03010c04},
902 {0x0000a628, 0x03410d04, 0x03410d04, 0x04014c04, 0x04014c04},
903 {0x0000a62c, 0x03410d04, 0x03410d04, 0x04015005, 0x04015005},
904 {0x0000a630, 0x03410d04, 0x03410d04, 0x04015005, 0x04015005},
905 {0x0000a634, 0x03410d04, 0x03410d04, 0x04015005, 0x04015005},
906 {0x0000a638, 0x03410d04, 0x03410d04, 0x04015005, 0x04015005},
907 {0x0000a63c, 0x03410d04, 0x03410d04, 0x04015005, 0x04015005},
908 {0x0000b2dc, 0x000cfff0, 0x000cfff0, 0x03aaa352, 0x03aaa352},
909 {0x0000b2e0, 0x000f0000, 0x000f0000, 0x03ccc584, 0x03ccc584},
910 {0x0000b2e4, 0x03f00000, 0x03f00000, 0x03f0f800, 0x03f0f800},
911 {0x0000b2e8, 0x00000000, 0x00000000, 0x03ff0000, 0x03ff0000},
912 {0x0000c2dc, 0x000cfff0, 0x000cfff0, 0x03aaa352, 0x03aaa352},
913 {0x0000c2e0, 0x000f0000, 0x000f0000, 0x03ccc584, 0x03ccc584},
914 {0x0000c2e4, 0x03f00000, 0x03f00000, 0x03f0f800, 0x03f0f800},
915 {0x0000c2e8, 0x00000000, 0x00000000, 0x03ff0000, 0x03ff0000},
916 {0x00016044, 0x012492d4, 0x012492d4, 0x012492d4, 0x012492d4},
917 {0x00016048, 0x65240001, 0x65240001, 0x66480001, 0x66480001},
918 {0x00016068, 0x6db6db6c, 0x6db6db6c, 0x6db6db6c, 0x6db6db6c},
919 {0x00016444, 0x012492d4, 0x012492d4, 0x012492d4, 0x012492d4},
920 {0x00016448, 0x65240001, 0x65240001, 0x66480001, 0x66480001},
921 {0x00016468, 0x6db6db6c, 0x6db6db6c, 0x6db6db6c, 0x6db6db6c},
922 {0x00016844, 0x012492d4, 0x012492d4, 0x012492d4, 0x012492d4},
923 {0x00016848, 0x65240001, 0x65240001, 0x66480001, 0x66480001},
924 {0x00016868, 0x6db6db6c, 0x6db6db6c, 0x6db6db6c, 0x6db6db6c},
925};
926
747static const u32 ar9300Common_rx_gain_table_2p2[][2] = { 927static const u32 ar9300Common_rx_gain_table_2p2[][2] = {
748 /* Addr allmodes */ 928 /* Addr allmodes */
749 {0x0000a000, 0x00010000}, 929 {0x0000a000, 0x00010000},
diff --git a/drivers/net/wireless/ath/ath9k/ar9003_calib.c b/drivers/net/wireless/ath/ath9k/ar9003_calib.c
index 8b0d8dcd7625..4cc13940c895 100644
--- a/drivers/net/wireless/ath/ath9k/ar9003_calib.c
+++ b/drivers/net/wireless/ath/ath9k/ar9003_calib.c
@@ -32,7 +32,6 @@ struct coeff {
32 32
33enum ar9003_cal_types { 33enum ar9003_cal_types {
34 IQ_MISMATCH_CAL = BIT(0), 34 IQ_MISMATCH_CAL = BIT(0),
35 TEMP_COMP_CAL = BIT(1),
36}; 35};
37 36
38static void ar9003_hw_setup_calibration(struct ath_hw *ah, 37static void ar9003_hw_setup_calibration(struct ath_hw *ah,
@@ -49,7 +48,7 @@ static void ar9003_hw_setup_calibration(struct ath_hw *ah,
49 */ 48 */
50 REG_RMW_FIELD(ah, AR_PHY_TIMING4, 49 REG_RMW_FIELD(ah, AR_PHY_TIMING4,
51 AR_PHY_TIMING4_IQCAL_LOG_COUNT_MAX, 50 AR_PHY_TIMING4_IQCAL_LOG_COUNT_MAX,
52 currCal->calData->calCountMax); 51 currCal->calData->calCountMax);
53 REG_WRITE(ah, AR_PHY_CALMODE, AR_PHY_CALMODE_IQ); 52 REG_WRITE(ah, AR_PHY_CALMODE, AR_PHY_CALMODE_IQ);
54 53
55 ath_dbg(common, CALIBRATE, 54 ath_dbg(common, CALIBRATE,
@@ -58,14 +57,8 @@ static void ar9003_hw_setup_calibration(struct ath_hw *ah,
58 /* Kick-off cal */ 57 /* Kick-off cal */
59 REG_SET_BIT(ah, AR_PHY_TIMING4, AR_PHY_TIMING4_DO_CAL); 58 REG_SET_BIT(ah, AR_PHY_TIMING4, AR_PHY_TIMING4_DO_CAL);
60 break; 59 break;
61 case TEMP_COMP_CAL: 60 default:
62 REG_RMW_FIELD(ah, AR_PHY_65NM_CH0_THERM, 61 ath_err(common, "Invalid calibration type\n");
63 AR_PHY_65NM_CH0_THERM_LOCAL, 1);
64 REG_RMW_FIELD(ah, AR_PHY_65NM_CH0_THERM,
65 AR_PHY_65NM_CH0_THERM_START, 1);
66
67 ath_dbg(common, CALIBRATE,
68 "starting Temperature Compensation Calibration\n");
69 break; 62 break;
70 } 63 }
71} 64}
@@ -323,6 +316,14 @@ static const struct ath9k_percal_data iq_cal_single_sample = {
323static void ar9003_hw_init_cal_settings(struct ath_hw *ah) 316static void ar9003_hw_init_cal_settings(struct ath_hw *ah)
324{ 317{
325 ah->iq_caldata.calData = &iq_cal_single_sample; 318 ah->iq_caldata.calData = &iq_cal_single_sample;
319
320 if (AR_SREV_9300_20_OR_LATER(ah)) {
321 ah->enabled_cals |= TX_IQ_CAL;
322 if (AR_SREV_9485_OR_LATER(ah) && !AR_SREV_9340(ah))
323 ah->enabled_cals |= TX_IQ_ON_AGC_CAL;
324 }
325
326 ah->supp_cals = IQ_MISMATCH_CAL;
326} 327}
327 328
328/* 329/*
@@ -959,22 +960,70 @@ static void ar9003_hw_manual_peak_cal(struct ath_hw *ah, u8 chain, bool is_2g)
959 AR_PHY_65NM_RXRF_AGC_AGC_CAL_OVR, 0); 960 AR_PHY_65NM_RXRF_AGC_AGC_CAL_OVR, 0);
960} 961}
961 962
963static void ar9003_hw_do_manual_peak_cal(struct ath_hw *ah,
964 struct ath9k_channel *chan)
965{
966 int i;
967
968 if (!AR_SREV_9462(ah) && !AR_SREV_9565(ah))
969 return;
970
971 for (i = 0; i < AR9300_MAX_CHAINS; i++) {
972 if (!(ah->rxchainmask & (1 << i)))
973 continue;
974 ar9003_hw_manual_peak_cal(ah, i, IS_CHAN_2GHZ(chan));
975 }
976}
977
978static void ar9003_hw_cl_cal_post_proc(struct ath_hw *ah, bool is_reusable)
979{
980 u32 cl_idx[AR9300_MAX_CHAINS] = { AR_PHY_CL_TAB_0,
981 AR_PHY_CL_TAB_1,
982 AR_PHY_CL_TAB_2 };
983 struct ath9k_hw_cal_data *caldata = ah->caldata;
984 bool txclcal_done = false;
985 int i, j;
986
987 if (!caldata || !(ah->enabled_cals & TX_CL_CAL))
988 return;
989
990 txclcal_done = !!(REG_READ(ah, AR_PHY_AGC_CONTROL) &
991 AR_PHY_AGC_CONTROL_CLC_SUCCESS);
992
993 if (caldata->done_txclcal_once) {
994 for (i = 0; i < AR9300_MAX_CHAINS; i++) {
995 if (!(ah->txchainmask & (1 << i)))
996 continue;
997 for (j = 0; j < MAX_CL_TAB_ENTRY; j++)
998 REG_WRITE(ah, CL_TAB_ENTRY(cl_idx[i]),
999 caldata->tx_clcal[i][j]);
1000 }
1001 } else if (is_reusable && txclcal_done) {
1002 for (i = 0; i < AR9300_MAX_CHAINS; i++) {
1003 if (!(ah->txchainmask & (1 << i)))
1004 continue;
1005 for (j = 0; j < MAX_CL_TAB_ENTRY; j++)
1006 caldata->tx_clcal[i][j] =
1007 REG_READ(ah, CL_TAB_ENTRY(cl_idx[i]));
1008 }
1009 caldata->done_txclcal_once = true;
1010 }
1011}
1012
962static bool ar9003_hw_init_cal(struct ath_hw *ah, 1013static bool ar9003_hw_init_cal(struct ath_hw *ah,
963 struct ath9k_channel *chan) 1014 struct ath9k_channel *chan)
964{ 1015{
965 struct ath_common *common = ath9k_hw_common(ah); 1016 struct ath_common *common = ath9k_hw_common(ah);
966 struct ath9k_hw_cal_data *caldata = ah->caldata; 1017 struct ath9k_hw_cal_data *caldata = ah->caldata;
967 bool txiqcal_done = false, txclcal_done = false; 1018 bool txiqcal_done = false;
968 bool is_reusable = true, status = true; 1019 bool is_reusable = true, status = true;
969 bool run_rtt_cal = false, run_agc_cal; 1020 bool run_rtt_cal = false, run_agc_cal, sep_iq_cal = false;
970 bool rtt = !!(ah->caps.hw_caps & ATH9K_HW_CAP_RTT); 1021 bool rtt = !!(ah->caps.hw_caps & ATH9K_HW_CAP_RTT);
971 u32 agc_ctrl = 0, agc_supp_cals = AR_PHY_AGC_CONTROL_OFFSET_CAL | 1022 u32 agc_ctrl = 0, agc_supp_cals = AR_PHY_AGC_CONTROL_OFFSET_CAL |
972 AR_PHY_AGC_CONTROL_FLTR_CAL | 1023 AR_PHY_AGC_CONTROL_FLTR_CAL |
973 AR_PHY_AGC_CONTROL_PKDET_CAL; 1024 AR_PHY_AGC_CONTROL_PKDET_CAL;
974 int i, j; 1025
975 u32 cl_idx[AR9300_MAX_CHAINS] = { AR_PHY_CL_TAB_0, 1026 ar9003_hw_set_chain_masks(ah, ah->caps.rx_chainmask, ah->caps.tx_chainmask);
976 AR_PHY_CL_TAB_1,
977 AR_PHY_CL_TAB_2 };
978 1027
979 if (rtt) { 1028 if (rtt) {
980 if (!ar9003_hw_rtt_restore(ah, chan)) 1029 if (!ar9003_hw_rtt_restore(ah, chan))
@@ -1012,7 +1061,8 @@ static bool ar9003_hw_init_cal(struct ath_hw *ah,
1012 } 1061 }
1013 } 1062 }
1014 1063
1015 if (!(ah->enabled_cals & TX_IQ_CAL)) 1064 if ((IS_CHAN_HALF_RATE(chan) || IS_CHAN_QUARTER_RATE(chan)) ||
1065 !(ah->enabled_cals & TX_IQ_CAL))
1016 goto skip_tx_iqcal; 1066 goto skip_tx_iqcal;
1017 1067
1018 /* Do Tx IQ Calibration */ 1068 /* Do Tx IQ Calibration */
@@ -1032,21 +1082,22 @@ static bool ar9003_hw_init_cal(struct ath_hw *ah,
1032 REG_CLR_BIT(ah, AR_PHY_TX_IQCAL_CONTROL_0, 1082 REG_CLR_BIT(ah, AR_PHY_TX_IQCAL_CONTROL_0,
1033 AR_PHY_TX_IQCAL_CONTROL_0_ENABLE_TXIQ_CAL); 1083 AR_PHY_TX_IQCAL_CONTROL_0_ENABLE_TXIQ_CAL);
1034 txiqcal_done = run_agc_cal = true; 1084 txiqcal_done = run_agc_cal = true;
1035 goto skip_tx_iqcal; 1085 } else if (caldata && !caldata->done_txiqcal_once) {
1036 } else if (caldata && !caldata->done_txiqcal_once)
1037 run_agc_cal = true; 1086 run_agc_cal = true;
1087 sep_iq_cal = true;
1088 }
1038 1089
1090skip_tx_iqcal:
1039 if (ath9k_hw_mci_is_enabled(ah) && IS_CHAN_2GHZ(chan) && run_agc_cal) 1091 if (ath9k_hw_mci_is_enabled(ah) && IS_CHAN_2GHZ(chan) && run_agc_cal)
1040 ar9003_mci_init_cal_req(ah, &is_reusable); 1092 ar9003_mci_init_cal_req(ah, &is_reusable);
1041 1093
1042 if (!(IS_CHAN_HALF_RATE(chan) || IS_CHAN_QUARTER_RATE(chan))) { 1094 if (sep_iq_cal) {
1043 txiqcal_done = ar9003_hw_tx_iq_cal_run(ah); 1095 txiqcal_done = ar9003_hw_tx_iq_cal_run(ah);
1044 REG_WRITE(ah, AR_PHY_ACTIVE, AR_PHY_ACTIVE_DIS); 1096 REG_WRITE(ah, AR_PHY_ACTIVE, AR_PHY_ACTIVE_DIS);
1045 udelay(5); 1097 udelay(5);
1046 REG_WRITE(ah, AR_PHY_ACTIVE, AR_PHY_ACTIVE_EN); 1098 REG_WRITE(ah, AR_PHY_ACTIVE, AR_PHY_ACTIVE_EN);
1047 } 1099 }
1048 1100
1049skip_tx_iqcal:
1050 if (run_agc_cal || !(ah->ah_flags & AH_FASTCC)) { 1101 if (run_agc_cal || !(ah->ah_flags & AH_FASTCC)) {
1051 /* Calibrate the AGC */ 1102 /* Calibrate the AGC */
1052 REG_WRITE(ah, AR_PHY_AGC_CONTROL, 1103 REG_WRITE(ah, AR_PHY_AGC_CONTROL,
@@ -1057,14 +1108,8 @@ skip_tx_iqcal:
1057 status = ath9k_hw_wait(ah, AR_PHY_AGC_CONTROL, 1108 status = ath9k_hw_wait(ah, AR_PHY_AGC_CONTROL,
1058 AR_PHY_AGC_CONTROL_CAL, 1109 AR_PHY_AGC_CONTROL_CAL,
1059 0, AH_WAIT_TIMEOUT); 1110 0, AH_WAIT_TIMEOUT);
1060 if (AR_SREV_9462(ah) || AR_SREV_9565(ah)) { 1111
1061 for (i = 0; i < AR9300_MAX_CHAINS; i++) { 1112 ar9003_hw_do_manual_peak_cal(ah, chan);
1062 if (!(ah->rxchainmask & (1 << i)))
1063 continue;
1064 ar9003_hw_manual_peak_cal(ah, i,
1065 IS_CHAN_2GHZ(chan));
1066 }
1067 }
1068 } 1113 }
1069 1114
1070 if (ath9k_hw_mci_is_enabled(ah) && IS_CHAN_2GHZ(chan) && run_agc_cal) 1115 if (ath9k_hw_mci_is_enabled(ah) && IS_CHAN_2GHZ(chan) && run_agc_cal)
@@ -1089,31 +1134,7 @@ skip_tx_iqcal:
1089 else if (caldata && caldata->done_txiqcal_once) 1134 else if (caldata && caldata->done_txiqcal_once)
1090 ar9003_hw_tx_iq_cal_reload(ah); 1135 ar9003_hw_tx_iq_cal_reload(ah);
1091 1136
1092#define CL_TAB_ENTRY(reg_base) (reg_base + (4 * j)) 1137 ar9003_hw_cl_cal_post_proc(ah, is_reusable);
1093 if (caldata && (ah->enabled_cals & TX_CL_CAL)) {
1094 txclcal_done = !!(REG_READ(ah, AR_PHY_AGC_CONTROL) &
1095 AR_PHY_AGC_CONTROL_CLC_SUCCESS);
1096 if (caldata->done_txclcal_once) {
1097 for (i = 0; i < AR9300_MAX_CHAINS; i++) {
1098 if (!(ah->txchainmask & (1 << i)))
1099 continue;
1100 for (j = 0; j < MAX_CL_TAB_ENTRY; j++)
1101 REG_WRITE(ah, CL_TAB_ENTRY(cl_idx[i]),
1102 caldata->tx_clcal[i][j]);
1103 }
1104 } else if (is_reusable && txclcal_done) {
1105 for (i = 0; i < AR9300_MAX_CHAINS; i++) {
1106 if (!(ah->txchainmask & (1 << i)))
1107 continue;
1108 for (j = 0; j < MAX_CL_TAB_ENTRY; j++)
1109 caldata->tx_clcal[i][j] =
1110 REG_READ(ah,
1111 CL_TAB_ENTRY(cl_idx[i]));
1112 }
1113 caldata->done_txclcal_once = true;
1114 }
1115 }
1116#undef CL_TAB_ENTRY
1117 1138
1118 if (run_rtt_cal && caldata) { 1139 if (run_rtt_cal && caldata) {
1119 if (is_reusable) { 1140 if (is_reusable) {
@@ -1131,20 +1152,10 @@ skip_tx_iqcal:
1131 1152
1132 /* Initialize list pointers */ 1153 /* Initialize list pointers */
1133 ah->cal_list = ah->cal_list_last = ah->cal_list_curr = NULL; 1154 ah->cal_list = ah->cal_list_last = ah->cal_list_curr = NULL;
1134 ah->supp_cals = IQ_MISMATCH_CAL;
1135
1136 if (ah->supp_cals & IQ_MISMATCH_CAL) {
1137 INIT_CAL(&ah->iq_caldata);
1138 INSERT_CAL(ah, &ah->iq_caldata);
1139 ath_dbg(common, CALIBRATE, "enabling IQ Calibration\n");
1140 }
1141 1155
1142 if (ah->supp_cals & TEMP_COMP_CAL) { 1156 INIT_CAL(&ah->iq_caldata);
1143 INIT_CAL(&ah->tempCompCalData); 1157 INSERT_CAL(ah, &ah->iq_caldata);
1144 INSERT_CAL(ah, &ah->tempCompCalData); 1158 ath_dbg(common, CALIBRATE, "enabling IQ Calibration\n");
1145 ath_dbg(common, CALIBRATE,
1146 "enabling Temperature Compensation Calibration\n");
1147 }
1148 1159
1149 /* Initialize current pointer to first element in list */ 1160 /* Initialize current pointer to first element in list */
1150 ah->cal_list_curr = ah->cal_list; 1161 ah->cal_list_curr = ah->cal_list;
diff --git a/drivers/net/wireless/ath/ath9k/ar9003_eeprom.c b/drivers/net/wireless/ath/ath9k/ar9003_eeprom.c
index 562186ca9b52..881e989ea470 100644
--- a/drivers/net/wireless/ath/ath9k/ar9003_eeprom.c
+++ b/drivers/net/wireless/ath/ath9k/ar9003_eeprom.c
@@ -4586,14 +4586,14 @@ static int ar9003_hw_cal_pier_get(struct ath_hw *ah,
4586 return 0; 4586 return 0;
4587} 4587}
4588 4588
4589static int ar9003_hw_power_control_override(struct ath_hw *ah, 4589static void ar9003_hw_power_control_override(struct ath_hw *ah,
4590 int frequency, 4590 int frequency,
4591 int *correction, 4591 int *correction,
4592 int *voltage, int *temperature) 4592 int *voltage, int *temperature)
4593{ 4593{
4594 int tempSlope = 0; 4594 int temp_slope = 0, temp_slope1 = 0, temp_slope2 = 0;
4595 struct ar9300_eeprom *eep = &ah->eeprom.ar9300_eep; 4595 struct ar9300_eeprom *eep = &ah->eeprom.ar9300_eep;
4596 int f[8], t[8], i; 4596 int f[8], t[8], t1[3], t2[3], i;
4597 4597
4598 REG_RMW(ah, AR_PHY_TPC_11_B0, 4598 REG_RMW(ah, AR_PHY_TPC_11_B0,
4599 (correction[0] << AR_PHY_TPC_OLPC_GAIN_DELTA_S), 4599 (correction[0] << AR_PHY_TPC_OLPC_GAIN_DELTA_S),
@@ -4624,38 +4624,108 @@ static int ar9003_hw_power_control_override(struct ath_hw *ah,
4624 * enable temperature compensation 4624 * enable temperature compensation
4625 * Need to use register names 4625 * Need to use register names
4626 */ 4626 */
4627 if (frequency < 4000) 4627 if (frequency < 4000) {
4628 tempSlope = eep->modalHeader2G.tempSlope; 4628 temp_slope = eep->modalHeader2G.tempSlope;
4629 else if ((eep->baseEepHeader.miscConfiguration & 0x20) != 0) { 4629 } else {
4630 for (i = 0; i < 8; i++) { 4630 if (AR_SREV_9550(ah)) {
4631 t[i] = eep->base_ext1.tempslopextension[i]; 4631 t[0] = eep->base_ext1.tempslopextension[2];
4632 f[i] = FBIN2FREQ(eep->calFreqPier5G[i], 0); 4632 t1[0] = eep->base_ext1.tempslopextension[3];
4633 t2[0] = eep->base_ext1.tempslopextension[4];
4634 f[0] = 5180;
4635
4636 t[1] = eep->modalHeader5G.tempSlope;
4637 t1[1] = eep->base_ext1.tempslopextension[0];
4638 t2[1] = eep->base_ext1.tempslopextension[1];
4639 f[1] = 5500;
4640
4641 t[2] = eep->base_ext1.tempslopextension[5];
4642 t1[2] = eep->base_ext1.tempslopextension[6];
4643 t2[2] = eep->base_ext1.tempslopextension[7];
4644 f[2] = 5785;
4645
4646 temp_slope = ar9003_hw_power_interpolate(frequency,
4647 f, t, 3);
4648 temp_slope1 = ar9003_hw_power_interpolate(frequency,
4649 f, t1, 3);
4650 temp_slope2 = ar9003_hw_power_interpolate(frequency,
4651 f, t2, 3);
4652
4653 goto tempslope;
4633 } 4654 }
4634 tempSlope = ar9003_hw_power_interpolate((s32) frequency,
4635 f, t, 8);
4636 } else if (eep->base_ext2.tempSlopeLow != 0) {
4637 t[0] = eep->base_ext2.tempSlopeLow;
4638 f[0] = 5180;
4639 t[1] = eep->modalHeader5G.tempSlope;
4640 f[1] = 5500;
4641 t[2] = eep->base_ext2.tempSlopeHigh;
4642 f[2] = 5785;
4643 tempSlope = ar9003_hw_power_interpolate((s32) frequency,
4644 f, t, 3);
4645 } else
4646 tempSlope = eep->modalHeader5G.tempSlope;
4647 4655
4648 REG_RMW_FIELD(ah, AR_PHY_TPC_19, AR_PHY_TPC_19_ALPHA_THERM, tempSlope); 4656 if ((eep->baseEepHeader.miscConfiguration & 0x20) != 0) {
4657 for (i = 0; i < 8; i++) {
4658 t[i] = eep->base_ext1.tempslopextension[i];
4659 f[i] = FBIN2FREQ(eep->calFreqPier5G[i], 0);
4660 }
4661 temp_slope = ar9003_hw_power_interpolate((s32) frequency,
4662 f, t, 8);
4663 } else if (eep->base_ext2.tempSlopeLow != 0) {
4664 t[0] = eep->base_ext2.tempSlopeLow;
4665 f[0] = 5180;
4666 t[1] = eep->modalHeader5G.tempSlope;
4667 f[1] = 5500;
4668 t[2] = eep->base_ext2.tempSlopeHigh;
4669 f[2] = 5785;
4670 temp_slope = ar9003_hw_power_interpolate((s32) frequency,
4671 f, t, 3);
4672 } else {
4673 temp_slope = eep->modalHeader5G.tempSlope;
4674 }
4675 }
4676
4677tempslope:
4678 if (AR_SREV_9550(ah)) {
4679 /*
4680 * AR955x has tempSlope register for each chain.
4681 * Check whether temp_compensation feature is enabled or not.
4682 */
4683 if (eep->baseEepHeader.featureEnable & 0x1) {
4684 if (frequency < 4000) {
4685 REG_RMW_FIELD(ah, AR_PHY_TPC_19,
4686 AR_PHY_TPC_19_ALPHA_THERM,
4687 eep->base_ext2.tempSlopeLow);
4688 REG_RMW_FIELD(ah, AR_PHY_TPC_19_B1,
4689 AR_PHY_TPC_19_ALPHA_THERM,
4690 temp_slope);
4691 REG_RMW_FIELD(ah, AR_PHY_TPC_19_B2,
4692 AR_PHY_TPC_19_ALPHA_THERM,
4693 eep->base_ext2.tempSlopeHigh);
4694 } else {
4695 REG_RMW_FIELD(ah, AR_PHY_TPC_19,
4696 AR_PHY_TPC_19_ALPHA_THERM,
4697 temp_slope);
4698 REG_RMW_FIELD(ah, AR_PHY_TPC_19_B1,
4699 AR_PHY_TPC_19_ALPHA_THERM,
4700 temp_slope1);
4701 REG_RMW_FIELD(ah, AR_PHY_TPC_19_B2,
4702 AR_PHY_TPC_19_ALPHA_THERM,
4703 temp_slope2);
4704 }
4705 } else {
4706 /*
4707 * If temp compensation is not enabled,
4708 * set all registers to 0.
4709 */
4710 REG_RMW_FIELD(ah, AR_PHY_TPC_19,
4711 AR_PHY_TPC_19_ALPHA_THERM, 0);
4712 REG_RMW_FIELD(ah, AR_PHY_TPC_19_B1,
4713 AR_PHY_TPC_19_ALPHA_THERM, 0);
4714 REG_RMW_FIELD(ah, AR_PHY_TPC_19_B2,
4715 AR_PHY_TPC_19_ALPHA_THERM, 0);
4716 }
4717 } else {
4718 REG_RMW_FIELD(ah, AR_PHY_TPC_19,
4719 AR_PHY_TPC_19_ALPHA_THERM, temp_slope);
4720 }
4649 4721
4650 if (AR_SREV_9462_20(ah)) 4722 if (AR_SREV_9462_20(ah))
4651 REG_RMW_FIELD(ah, AR_PHY_TPC_19_B1, 4723 REG_RMW_FIELD(ah, AR_PHY_TPC_19_B1,
4652 AR_PHY_TPC_19_B1_ALPHA_THERM, tempSlope); 4724 AR_PHY_TPC_19_B1_ALPHA_THERM, temp_slope);
4653 4725
4654 4726
4655 REG_RMW_FIELD(ah, AR_PHY_TPC_18, AR_PHY_TPC_18_THERM_CAL_VALUE, 4727 REG_RMW_FIELD(ah, AR_PHY_TPC_18, AR_PHY_TPC_18_THERM_CAL_VALUE,
4656 temperature[0]); 4728 temperature[0]);
4657
4658 return 0;
4659} 4729}
4660 4730
4661/* Apply the recorded correction values. */ 4731/* Apply the recorded correction values. */
diff --git a/drivers/net/wireless/ath/ath9k/ar9003_hw.c b/drivers/net/wireless/ath/ath9k/ar9003_hw.c
index 74fd3977feeb..a3523c969a3a 100644
--- a/drivers/net/wireless/ath/ath9k/ar9003_hw.c
+++ b/drivers/net/wireless/ath/ath9k/ar9003_hw.c
@@ -507,28 +507,59 @@ static void ar9003_tx_gain_table_mode4(struct ath_hw *ah)
507 else if (AR_SREV_9580(ah)) 507 else if (AR_SREV_9580(ah))
508 INIT_INI_ARRAY(&ah->iniModesTxGain, 508 INIT_INI_ARRAY(&ah->iniModesTxGain,
509 ar9580_1p0_mixed_ob_db_tx_gain_table); 509 ar9580_1p0_mixed_ob_db_tx_gain_table);
510 else
511 INIT_INI_ARRAY(&ah->iniModesTxGain,
512 ar9300Modes_mixed_ob_db_tx_gain_table_2p2);
513}
514
515static void ar9003_tx_gain_table_mode5(struct ath_hw *ah)
516{
517 if (AR_SREV_9485_11(ah))
518 INIT_INI_ARRAY(&ah->iniModesTxGain,
519 ar9485Modes_green_ob_db_tx_gain_1_1);
520 else if (AR_SREV_9340(ah))
521 INIT_INI_ARRAY(&ah->iniModesTxGain,
522 ar9340Modes_ub124_tx_gain_table_1p0);
523 else if (AR_SREV_9580(ah))
524 INIT_INI_ARRAY(&ah->iniModesTxGain,
525 ar9580_1p0_type5_tx_gain_table);
526 else if (AR_SREV_9300_22(ah))
527 INIT_INI_ARRAY(&ah->iniModesTxGain,
528 ar9300Modes_type5_tx_gain_table_2p2);
529}
530
531static void ar9003_tx_gain_table_mode6(struct ath_hw *ah)
532{
533 if (AR_SREV_9340(ah))
534 INIT_INI_ARRAY(&ah->iniModesTxGain,
535 ar9340Modes_low_ob_db_and_spur_tx_gain_table_1p0);
536 else if (AR_SREV_9485_11(ah))
537 INIT_INI_ARRAY(&ah->iniModesTxGain,
538 ar9485Modes_green_spur_ob_db_tx_gain_1_1);
539 else if (AR_SREV_9580(ah))
540 INIT_INI_ARRAY(&ah->iniModesTxGain,
541 ar9580_1p0_type6_tx_gain_table);
510} 542}
511 543
544typedef void (*ath_txgain_tab)(struct ath_hw *ah);
545
512static void ar9003_tx_gain_table_apply(struct ath_hw *ah) 546static void ar9003_tx_gain_table_apply(struct ath_hw *ah)
513{ 547{
514 switch (ar9003_hw_get_tx_gain_idx(ah)) { 548 static const ath_txgain_tab modes[] = {
515 case 0: 549 ar9003_tx_gain_table_mode0,
516 default: 550 ar9003_tx_gain_table_mode1,
517 ar9003_tx_gain_table_mode0(ah); 551 ar9003_tx_gain_table_mode2,
518 break; 552 ar9003_tx_gain_table_mode3,
519 case 1: 553 ar9003_tx_gain_table_mode4,
520 ar9003_tx_gain_table_mode1(ah); 554 ar9003_tx_gain_table_mode5,
521 break; 555 ar9003_tx_gain_table_mode6,
522 case 2: 556 };
523 ar9003_tx_gain_table_mode2(ah); 557 int idx = ar9003_hw_get_tx_gain_idx(ah);
524 break; 558
525 case 3: 559 if (idx >= ARRAY_SIZE(modes))
526 ar9003_tx_gain_table_mode3(ah); 560 idx = 0;
527 break; 561
528 case 4: 562 modes[idx](ah);
529 ar9003_tx_gain_table_mode4(ah);
530 break;
531 }
532} 563}
533 564
534static void ar9003_rx_gain_table_mode0(struct ath_hw *ah) 565static void ar9003_rx_gain_table_mode0(struct ath_hw *ah)
@@ -544,7 +575,7 @@ static void ar9003_rx_gain_table_mode0(struct ath_hw *ah)
544 ar9340Common_rx_gain_table_1p0); 575 ar9340Common_rx_gain_table_1p0);
545 else if (AR_SREV_9485_11(ah)) 576 else if (AR_SREV_9485_11(ah))
546 INIT_INI_ARRAY(&ah->iniModesRxGain, 577 INIT_INI_ARRAY(&ah->iniModesRxGain,
547 ar9485Common_wo_xlna_rx_gain_1_1); 578 ar9485_common_rx_gain_1_1);
548 else if (AR_SREV_9550(ah)) { 579 else if (AR_SREV_9550(ah)) {
549 INIT_INI_ARRAY(&ah->iniModesRxGain, 580 INIT_INI_ARRAY(&ah->iniModesRxGain,
550 ar955x_1p0_common_rx_gain_table); 581 ar955x_1p0_common_rx_gain_table);
@@ -673,7 +704,7 @@ void ar9003_hw_attach_ops(struct ath_hw *ah)
673 struct ath_hw_private_ops *priv_ops = ath9k_hw_private_ops(ah); 704 struct ath_hw_private_ops *priv_ops = ath9k_hw_private_ops(ah);
674 struct ath_hw_ops *ops = ath9k_hw_ops(ah); 705 struct ath_hw_ops *ops = ath9k_hw_ops(ah);
675 706
676 priv_ops->init_mode_regs = ar9003_hw_init_mode_regs; 707 ar9003_hw_init_mode_regs(ah);
677 priv_ops->init_mode_gain_regs = ar9003_hw_init_mode_gain_regs; 708 priv_ops->init_mode_gain_regs = ar9003_hw_init_mode_gain_regs;
678 709
679 ops->config_pci_powersave = ar9003_hw_configpcipowersave; 710 ops->config_pci_powersave = ar9003_hw_configpcipowersave;
diff --git a/drivers/net/wireless/ath/ath9k/ar9003_phy.c b/drivers/net/wireless/ath/ath9k/ar9003_phy.c
index ce19c09fa8e8..2bf6548dd143 100644
--- a/drivers/net/wireless/ath/ath9k/ar9003_phy.c
+++ b/drivers/net/wireless/ath/ath9k/ar9003_phy.c
@@ -68,7 +68,7 @@ static const int m2ThreshExt_off = 127;
68static int ar9003_hw_set_channel(struct ath_hw *ah, struct ath9k_channel *chan) 68static int ar9003_hw_set_channel(struct ath_hw *ah, struct ath9k_channel *chan)
69{ 69{
70 u16 bMode, fracMode = 0, aModeRefSel = 0; 70 u16 bMode, fracMode = 0, aModeRefSel = 0;
71 u32 freq, channelSel = 0, reg32 = 0; 71 u32 freq, chan_frac, div, channelSel = 0, reg32 = 0;
72 struct chan_centers centers; 72 struct chan_centers centers;
73 int loadSynthChannel; 73 int loadSynthChannel;
74 74
@@ -77,9 +77,6 @@ static int ar9003_hw_set_channel(struct ath_hw *ah, struct ath9k_channel *chan)
77 77
78 if (freq < 4800) { /* 2 GHz, fractional mode */ 78 if (freq < 4800) { /* 2 GHz, fractional mode */
79 if (AR_SREV_9330(ah)) { 79 if (AR_SREV_9330(ah)) {
80 u32 chan_frac;
81 u32 div;
82
83 if (ah->is_clk_25mhz) 80 if (ah->is_clk_25mhz)
84 div = 75; 81 div = 75;
85 else 82 else
@@ -89,34 +86,40 @@ static int ar9003_hw_set_channel(struct ath_hw *ah, struct ath9k_channel *chan)
89 chan_frac = (((freq * 4) % div) * 0x20000) / div; 86 chan_frac = (((freq * 4) % div) * 0x20000) / div;
90 channelSel = (channelSel << 17) | chan_frac; 87 channelSel = (channelSel << 17) | chan_frac;
91 } else if (AR_SREV_9485(ah) || AR_SREV_9565(ah)) { 88 } else if (AR_SREV_9485(ah) || AR_SREV_9565(ah)) {
92 u32 chan_frac;
93
94 /* 89 /*
95 * freq_ref = 40 / (refdiva >> amoderefsel); where refdiva=1 and amoderefsel=0 90 * freq_ref = 40 / (refdiva >> amoderefsel);
91 * where refdiva=1 and amoderefsel=0
96 * ndiv = ((chan_mhz * 4) / 3) / freq_ref; 92 * ndiv = ((chan_mhz * 4) / 3) / freq_ref;
97 * chansel = int(ndiv), chanfrac = (ndiv - chansel) * 0x20000 93 * chansel = int(ndiv), chanfrac = (ndiv - chansel) * 0x20000
98 */ 94 */
99 channelSel = (freq * 4) / 120; 95 channelSel = (freq * 4) / 120;
100 chan_frac = (((freq * 4) % 120) * 0x20000) / 120; 96 chan_frac = (((freq * 4) % 120) * 0x20000) / 120;
101 channelSel = (channelSel << 17) | chan_frac; 97 channelSel = (channelSel << 17) | chan_frac;
102 } else if (AR_SREV_9340(ah) || AR_SREV_9550(ah)) { 98 } else if (AR_SREV_9340(ah)) {
103 if (ah->is_clk_25mhz) { 99 if (ah->is_clk_25mhz) {
104 u32 chan_frac;
105
106 channelSel = (freq * 2) / 75; 100 channelSel = (freq * 2) / 75;
107 chan_frac = (((freq * 2) % 75) * 0x20000) / 75; 101 chan_frac = (((freq * 2) % 75) * 0x20000) / 75;
108 channelSel = (channelSel << 17) | chan_frac; 102 channelSel = (channelSel << 17) | chan_frac;
109 } else 103 } else {
110 channelSel = CHANSEL_2G(freq) >> 1; 104 channelSel = CHANSEL_2G(freq) >> 1;
111 } else 105 }
106 } else if (AR_SREV_9550(ah)) {
107 if (ah->is_clk_25mhz)
108 div = 75;
109 else
110 div = 120;
111
112 channelSel = (freq * 4) / div;
113 chan_frac = (((freq * 4) % div) * 0x20000) / div;
114 channelSel = (channelSel << 17) | chan_frac;
115 } else {
112 channelSel = CHANSEL_2G(freq); 116 channelSel = CHANSEL_2G(freq);
117 }
113 /* Set to 2G mode */ 118 /* Set to 2G mode */
114 bMode = 1; 119 bMode = 1;
115 } else { 120 } else {
116 if ((AR_SREV_9340(ah) || AR_SREV_9550(ah)) && 121 if ((AR_SREV_9340(ah) || AR_SREV_9550(ah)) &&
117 ah->is_clk_25mhz) { 122 ah->is_clk_25mhz) {
118 u32 chan_frac;
119
120 channelSel = freq / 75; 123 channelSel = freq / 75;
121 chan_frac = ((freq % 75) * 0x20000) / 75; 124 chan_frac = ((freq % 75) * 0x20000) / 75;
122 channelSel = (channelSel << 17) | chan_frac; 125 channelSel = (channelSel << 17) | chan_frac;
@@ -586,32 +589,19 @@ static void ar9003_hw_init_bb(struct ath_hw *ah,
586 ath9k_hw_synth_delay(ah, chan, synthDelay); 589 ath9k_hw_synth_delay(ah, chan, synthDelay);
587} 590}
588 591
589static void ar9003_hw_set_chain_masks(struct ath_hw *ah, u8 rx, u8 tx) 592void ar9003_hw_set_chain_masks(struct ath_hw *ah, u8 rx, u8 tx)
590{ 593{
591 switch (rx) { 594 if (ah->caps.tx_chainmask == 5 || ah->caps.rx_chainmask == 5)
592 case 0x5:
593 REG_SET_BIT(ah, AR_PHY_ANALOG_SWAP, 595 REG_SET_BIT(ah, AR_PHY_ANALOG_SWAP,
594 AR_PHY_SWAP_ALT_CHAIN); 596 AR_PHY_SWAP_ALT_CHAIN);
595 case 0x3: 597
596 case 0x1: 598 REG_WRITE(ah, AR_PHY_RX_CHAINMASK, rx);
597 case 0x2: 599 REG_WRITE(ah, AR_PHY_CAL_CHAINMASK, rx);
598 case 0x7:
599 REG_WRITE(ah, AR_PHY_RX_CHAINMASK, rx);
600 REG_WRITE(ah, AR_PHY_CAL_CHAINMASK, rx);
601 break;
602 default:
603 break;
604 }
605 600
606 if ((ah->caps.hw_caps & ATH9K_HW_CAP_APM) && (tx == 0x7)) 601 if ((ah->caps.hw_caps & ATH9K_HW_CAP_APM) && (tx == 0x7))
607 REG_WRITE(ah, AR_SELFGEN_MASK, 0x3); 602 tx = 3;
608 else
609 REG_WRITE(ah, AR_SELFGEN_MASK, tx);
610 603
611 if (tx == 0x5) { 604 REG_WRITE(ah, AR_SELFGEN_MASK, tx);
612 REG_SET_BIT(ah, AR_PHY_ANALOG_SWAP,
613 AR_PHY_SWAP_ALT_CHAIN);
614 }
615} 605}
616 606
617/* 607/*
@@ -1450,6 +1440,67 @@ set_rfmode:
1450 return 0; 1440 return 0;
1451} 1441}
1452 1442
1443static void ar9003_hw_spectral_scan_config(struct ath_hw *ah,
1444 struct ath_spec_scan *param)
1445{
1446 u8 count;
1447
1448 if (!param->enabled) {
1449 REG_CLR_BIT(ah, AR_PHY_SPECTRAL_SCAN,
1450 AR_PHY_SPECTRAL_SCAN_ENABLE);
1451 return;
1452 }
1453
1454 REG_SET_BIT(ah, AR_PHY_RADAR_0, AR_PHY_RADAR_0_FFT_ENA);
1455 REG_SET_BIT(ah, AR_PHY_SPECTRAL_SCAN, AR_PHY_SPECTRAL_SCAN_ENABLE);
1456
1457 /* on AR93xx and newer, count = 0 will make the the chip send
1458 * spectral samples endlessly. Check if this really was intended,
1459 * and fix otherwise.
1460 */
1461 count = param->count;
1462 if (param->endless)
1463 count = 0;
1464 else if (param->count == 0)
1465 count = 1;
1466
1467 if (param->short_repeat)
1468 REG_SET_BIT(ah, AR_PHY_SPECTRAL_SCAN,
1469 AR_PHY_SPECTRAL_SCAN_SHORT_REPEAT);
1470 else
1471 REG_CLR_BIT(ah, AR_PHY_SPECTRAL_SCAN,
1472 AR_PHY_SPECTRAL_SCAN_SHORT_REPEAT);
1473
1474 REG_RMW_FIELD(ah, AR_PHY_SPECTRAL_SCAN,
1475 AR_PHY_SPECTRAL_SCAN_COUNT, count);
1476 REG_RMW_FIELD(ah, AR_PHY_SPECTRAL_SCAN,
1477 AR_PHY_SPECTRAL_SCAN_PERIOD, param->period);
1478 REG_RMW_FIELD(ah, AR_PHY_SPECTRAL_SCAN,
1479 AR_PHY_SPECTRAL_SCAN_FFT_PERIOD, param->fft_period);
1480
1481 return;
1482}
1483
1484static void ar9003_hw_spectral_scan_trigger(struct ath_hw *ah)
1485{
1486 /* Activate spectral scan */
1487 REG_SET_BIT(ah, AR_PHY_SPECTRAL_SCAN,
1488 AR_PHY_SPECTRAL_SCAN_ACTIVE);
1489}
1490
1491static void ar9003_hw_spectral_scan_wait(struct ath_hw *ah)
1492{
1493 struct ath_common *common = ath9k_hw_common(ah);
1494
1495 /* Poll for spectral scan complete */
1496 if (!ath9k_hw_wait(ah, AR_PHY_SPECTRAL_SCAN,
1497 AR_PHY_SPECTRAL_SCAN_ACTIVE,
1498 0, AH_WAIT_TIMEOUT)) {
1499 ath_err(common, "spectral scan wait failed\n");
1500 return;
1501 }
1502}
1503
1453void ar9003_hw_attach_phy_ops(struct ath_hw *ah) 1504void ar9003_hw_attach_phy_ops(struct ath_hw *ah)
1454{ 1505{
1455 struct ath_hw_private_ops *priv_ops = ath9k_hw_private_ops(ah); 1506 struct ath_hw_private_ops *priv_ops = ath9k_hw_private_ops(ah);
@@ -1483,6 +1534,9 @@ void ar9003_hw_attach_phy_ops(struct ath_hw *ah)
1483 ops->antdiv_comb_conf_get = ar9003_hw_antdiv_comb_conf_get; 1534 ops->antdiv_comb_conf_get = ar9003_hw_antdiv_comb_conf_get;
1484 ops->antdiv_comb_conf_set = ar9003_hw_antdiv_comb_conf_set; 1535 ops->antdiv_comb_conf_set = ar9003_hw_antdiv_comb_conf_set;
1485 ops->antctrl_shared_chain_lnadiv = ar9003_hw_antctrl_shared_chain_lnadiv; 1536 ops->antctrl_shared_chain_lnadiv = ar9003_hw_antctrl_shared_chain_lnadiv;
1537 ops->spectral_scan_config = ar9003_hw_spectral_scan_config;
1538 ops->spectral_scan_trigger = ar9003_hw_spectral_scan_trigger;
1539 ops->spectral_scan_wait = ar9003_hw_spectral_scan_wait;
1486 1540
1487 ar9003_hw_set_nf_limits(ah); 1541 ar9003_hw_set_nf_limits(ah);
1488 ar9003_hw_set_radar_conf(ah); 1542 ar9003_hw_set_radar_conf(ah);
diff --git a/drivers/net/wireless/ath/ath9k/ar9003_phy.h b/drivers/net/wireless/ath/ath9k/ar9003_phy.h
index 107956298488..e71774196c01 100644
--- a/drivers/net/wireless/ath/ath9k/ar9003_phy.h
+++ b/drivers/net/wireless/ath/ath9k/ar9003_phy.h
@@ -1028,7 +1028,7 @@
1028#define AR_PHY_TPC_5_B2 (AR_SM2_BASE + 0x208) 1028#define AR_PHY_TPC_5_B2 (AR_SM2_BASE + 0x208)
1029#define AR_PHY_TPC_6_B2 (AR_SM2_BASE + 0x20c) 1029#define AR_PHY_TPC_6_B2 (AR_SM2_BASE + 0x20c)
1030#define AR_PHY_TPC_11_B2 (AR_SM2_BASE + 0x220) 1030#define AR_PHY_TPC_11_B2 (AR_SM2_BASE + 0x220)
1031#define AR_PHY_PDADC_TAB_2 (AR_SM2_BASE + 0x240) 1031#define AR_PHY_TPC_19_B2 (AR_SM2_BASE + 0x240)
1032#define AR_PHY_TX_IQCAL_STATUS_B2 (AR_SM2_BASE + 0x48c) 1032#define AR_PHY_TX_IQCAL_STATUS_B2 (AR_SM2_BASE + 0x48c)
1033#define AR_PHY_TX_IQCAL_CORR_COEFF_B2(_i) (AR_SM2_BASE + 0x450 + ((_i) << 2)) 1033#define AR_PHY_TX_IQCAL_CORR_COEFF_B2(_i) (AR_SM2_BASE + 0x450 + ((_i) << 2))
1034 1034
diff --git a/drivers/net/wireless/ath/ath9k/ar9340_initvals.h b/drivers/net/wireless/ath/ath9k/ar9340_initvals.h
index f69d292bdc02..25db9215985a 100644
--- a/drivers/net/wireless/ath/ath9k/ar9340_initvals.h
+++ b/drivers/net/wireless/ath/ath9k/ar9340_initvals.h
@@ -1172,6 +1172,106 @@ static const u32 ar9340Modes_mixed_ob_db_tx_gain_table_1p0[][5] = {
1172 {0x00016448, 0x24925666, 0x24925666, 0x8e481266, 0x8e481266}, 1172 {0x00016448, 0x24925666, 0x24925666, 0x8e481266, 0x8e481266},
1173}; 1173};
1174 1174
1175static const u32 ar9340Modes_low_ob_db_and_spur_tx_gain_table_1p0[][5] = {
1176 /* Addr 5G_HT20 5G_HT40 2G_HT40 2G_HT20 */
1177 {0x0000a2dc, 0x0380c7fc, 0x0380c7fc, 0x03eaac5a, 0x03eaac5a},
1178 {0x0000a2e0, 0x0000f800, 0x0000f800, 0x03f330ac, 0x03f330ac},
1179 {0x0000a2e4, 0x03ff0000, 0x03ff0000, 0x03fc3f00, 0x03fc3f00},
1180 {0x0000a2e8, 0x00000000, 0x00000000, 0x03ffc000, 0x03ffc000},
1181 {0x0000a394, 0x00000444, 0x00000444, 0x00000404, 0x00000404},
1182 {0x0000a410, 0x000050d9, 0x000050d9, 0x000050d9, 0x000050d9},
1183 {0x0000a500, 0x00000000, 0x00000000, 0x00000000, 0x00000000},
1184 {0x0000a504, 0x06000003, 0x06000003, 0x02000001, 0x02000001},
1185 {0x0000a508, 0x0a000020, 0x0a000020, 0x05000003, 0x05000003},
1186 {0x0000a50c, 0x10000023, 0x10000023, 0x0a000005, 0x0a000005},
1187 {0x0000a510, 0x16000220, 0x16000220, 0x0e000201, 0x0e000201},
1188 {0x0000a514, 0x1c000223, 0x1c000223, 0x11000203, 0x11000203},
1189 {0x0000a518, 0x21002220, 0x21002220, 0x14000401, 0x14000401},
1190 {0x0000a51c, 0x27002223, 0x27002223, 0x18000403, 0x18000403},
1191 {0x0000a520, 0x2b022220, 0x2b022220, 0x1b000602, 0x1b000602},
1192 {0x0000a524, 0x2f022222, 0x2f022222, 0x1f000802, 0x1f000802},
1193 {0x0000a528, 0x34022225, 0x34022225, 0x21000620, 0x21000620},
1194 {0x0000a52c, 0x3a02222a, 0x3a02222a, 0x25000820, 0x25000820},
1195 {0x0000a530, 0x3e02222c, 0x3e02222c, 0x29000822, 0x29000822},
1196 {0x0000a534, 0x4202242a, 0x4202242a, 0x2d000824, 0x2d000824},
1197 {0x0000a538, 0x4702244a, 0x4702244a, 0x30000828, 0x30000828},
1198 {0x0000a53c, 0x4b02244c, 0x4b02244c, 0x3400082a, 0x3400082a},
1199 {0x0000a540, 0x4e02246c, 0x4e02246c, 0x38000849, 0x38000849},
1200 {0x0000a544, 0x5302266c, 0x5302266c, 0x3b000a2c, 0x3b000a2c},
1201 {0x0000a548, 0x5702286c, 0x5702286c, 0x3e000e2b, 0x3e000e2b},
1202 {0x0000a54c, 0x5c02486b, 0x5c02486b, 0x42000e2d, 0x42000e2d},
1203 {0x0000a550, 0x61024a6c, 0x61024a6c, 0x4500124a, 0x4500124a},
1204 {0x0000a554, 0x66026a6c, 0x66026a6c, 0x4900124c, 0x4900124c},
1205 {0x0000a558, 0x6b026e6c, 0x6b026e6c, 0x4c00126c, 0x4c00126c},
1206 {0x0000a55c, 0x7002708c, 0x7002708c, 0x4f00128c, 0x4f00128c},
1207 {0x0000a560, 0x7302b08a, 0x7302b08a, 0x52001290, 0x52001290},
1208 {0x0000a564, 0x7702b08c, 0x7702b08c, 0x56001292, 0x56001292},
1209 {0x0000a568, 0x7702b08c, 0x7702b08c, 0x56001292, 0x56001292},
1210 {0x0000a56c, 0x7702b08c, 0x7702b08c, 0x56001292, 0x56001292},
1211 {0x0000a570, 0x7702b08c, 0x7702b08c, 0x56001292, 0x56001292},
1212 {0x0000a574, 0x7702b08c, 0x7702b08c, 0x56001292, 0x56001292},
1213 {0x0000a578, 0x7702b08c, 0x7702b08c, 0x56001292, 0x56001292},
1214 {0x0000a57c, 0x7702b08c, 0x7702b08c, 0x56001292, 0x56001292},
1215 {0x0000a580, 0x00800000, 0x00800000, 0x00800000, 0x00800000},
1216 {0x0000a584, 0x06800003, 0x06800003, 0x02800001, 0x02800001},
1217 {0x0000a588, 0x0a800020, 0x0a800020, 0x05800003, 0x05800003},
1218 {0x0000a58c, 0x10800023, 0x10800023, 0x0a800005, 0x0a800005},
1219 {0x0000a590, 0x16800220, 0x16800220, 0x0e800201, 0x0e800201},
1220 {0x0000a594, 0x1c800223, 0x1c800223, 0x11800203, 0x11800203},
1221 {0x0000a598, 0x21820220, 0x21820220, 0x14800401, 0x14800401},
1222 {0x0000a59c, 0x27820223, 0x27820223, 0x18800403, 0x18800403},
1223 {0x0000a5a0, 0x2b822220, 0x2b822220, 0x1b800602, 0x1b800602},
1224 {0x0000a5a4, 0x2f822222, 0x2f822222, 0x1f800802, 0x1f800802},
1225 {0x0000a5a8, 0x34822225, 0x34822225, 0x21800620, 0x21800620},
1226 {0x0000a5ac, 0x3a82222a, 0x3a82222a, 0x25800820, 0x25800820},
1227 {0x0000a5b0, 0x3e82222c, 0x3e82222c, 0x29800822, 0x29800822},
1228 {0x0000a5b4, 0x4282242a, 0x4282242a, 0x2d800824, 0x2d800824},
1229 {0x0000a5b8, 0x4782244a, 0x4782244a, 0x30800828, 0x30800828},
1230 {0x0000a5bc, 0x4b82244c, 0x4b82244c, 0x3480082a, 0x3480082a},
1231 {0x0000a5c0, 0x4e82246c, 0x4e82246c, 0x38800849, 0x38800849},
1232 {0x0000a5c4, 0x5382266c, 0x5382266c, 0x3b800a2c, 0x3b800a2c},
1233 {0x0000a5c8, 0x5782286c, 0x5782286c, 0x3e800e2b, 0x3e800e2b},
1234 {0x0000a5cc, 0x5c84286b, 0x5c84286b, 0x42800e2d, 0x42800e2d},
1235 {0x0000a5d0, 0x61842a6c, 0x61842a6c, 0x4580124a, 0x4580124a},
1236 {0x0000a5d4, 0x66862a6c, 0x66862a6c, 0x4980124c, 0x4980124c},
1237 {0x0000a5d8, 0x6b862e6c, 0x6b862e6c, 0x4c80126c, 0x4c80126c},
1238 {0x0000a5dc, 0x7086308c, 0x7086308c, 0x4f80128c, 0x4f80128c},
1239 {0x0000a5e0, 0x738a308a, 0x738a308a, 0x52801290, 0x52801290},
1240 {0x0000a5e4, 0x778a308c, 0x778a308c, 0x56801292, 0x56801292},
1241 {0x0000a5e8, 0x778a308c, 0x778a308c, 0x56801292, 0x56801292},
1242 {0x0000a5ec, 0x778a308c, 0x778a308c, 0x56801292, 0x56801292},
1243 {0x0000a5f0, 0x778a308c, 0x778a308c, 0x56801292, 0x56801292},
1244 {0x0000a5f4, 0x778a308c, 0x778a308c, 0x56801292, 0x56801292},
1245 {0x0000a5f8, 0x778a308c, 0x778a308c, 0x56801292, 0x56801292},
1246 {0x0000a5fc, 0x778a308c, 0x778a308c, 0x56801292, 0x56801292},
1247 {0x0000a600, 0x00000000, 0x00000000, 0x00000000, 0x00000000},
1248 {0x0000a604, 0x00000000, 0x00000000, 0x00000000, 0x00000000},
1249 {0x0000a608, 0x00000000, 0x00000000, 0x00000000, 0x00000000},
1250 {0x0000a60c, 0x00000000, 0x00000000, 0x00000000, 0x00000000},
1251 {0x0000a610, 0x00000000, 0x00000000, 0x00000000, 0x00000000},
1252 {0x0000a614, 0x01404000, 0x01404000, 0x01404501, 0x01404501},
1253 {0x0000a618, 0x01404501, 0x01404501, 0x01404501, 0x01404501},
1254 {0x0000a61c, 0x02008802, 0x02008802, 0x01404501, 0x01404501},
1255 {0x0000a620, 0x0300cc03, 0x0300cc03, 0x03c0cf02, 0x03c0cf02},
1256 {0x0000a624, 0x0300cc03, 0x0300cc03, 0x03c0cf03, 0x03c0cf03},
1257 {0x0000a628, 0x0300cc03, 0x0300cc03, 0x04011004, 0x04011004},
1258 {0x0000a62c, 0x03810c03, 0x03810c03, 0x05419405, 0x05419405},
1259 {0x0000a630, 0x03810e04, 0x03810e04, 0x05419506, 0x05419506},
1260 {0x0000a634, 0x03810e04, 0x03810e04, 0x05419506, 0x05419506},
1261 {0x0000a638, 0x03810e04, 0x03810e04, 0x05419506, 0x05419506},
1262 {0x0000a63c, 0x03810e04, 0x03810e04, 0x05419506, 0x05419506},
1263 {0x0000b2dc, 0x0380c7fc, 0x0380c7fc, 0x03eaac5a, 0x03eaac5a},
1264 {0x0000b2e0, 0x0000f800, 0x0000f800, 0x03f330ac, 0x03f330ac},
1265 {0x0000b2e4, 0x03ff0000, 0x03ff0000, 0x03fc3f00, 0x03fc3f00},
1266 {0x0000b2e8, 0x00000000, 0x00000000, 0x03ffc000, 0x03ffc000},
1267 {0x00016044, 0x022492db, 0x022492db, 0x022492db, 0x022492db},
1268 {0x00016048, 0x24925666, 0x24925666, 0x24925266, 0x24925266},
1269 {0x00016280, 0x01000015, 0x01000015, 0x01001015, 0x01001015},
1270 {0x00016288, 0xf0318000, 0xf0318000, 0xf0318000, 0xf0318000},
1271 {0x00016444, 0x022492db, 0x022492db, 0x022492db, 0x022492db},
1272 {0x00016448, 0x24925666, 0x24925666, 0x24925266, 0x24925266},
1273};
1274
1175static const u32 ar9340_1p0_mac_core[][2] = { 1275static const u32 ar9340_1p0_mac_core[][2] = {
1176 /* Addr allmodes */ 1276 /* Addr allmodes */
1177 {0x00000008, 0x00000000}, 1277 {0x00000008, 0x00000000},
diff --git a/drivers/net/wireless/ath/ath9k/ar9485_initvals.h b/drivers/net/wireless/ath/ath9k/ar9485_initvals.h
index a3710f3bb90c..712f415b8c08 100644
--- a/drivers/net/wireless/ath/ath9k/ar9485_initvals.h
+++ b/drivers/net/wireless/ath/ath9k/ar9485_initvals.h
@@ -260,6 +260,79 @@ static const u32 ar9485Modes_high_power_tx_gain_1_1[][5] = {
260 {0x00016048, 0x6c924260, 0x6c924260, 0x6c924260, 0x6c924260}, 260 {0x00016048, 0x6c924260, 0x6c924260, 0x6c924260, 0x6c924260},
261}; 261};
262 262
263static const u32 ar9485Modes_green_ob_db_tx_gain_1_1[][5] = {
264 /* Addr 5G_HT20 5G_HT40 2G_HT40 2G_HT20 */
265 {0x000098bc, 0x00000003, 0x00000003, 0x00000003, 0x00000003},
266 {0x0000a410, 0x000050d9, 0x000050d9, 0x000050d8, 0x000050d8},
267 {0x0000a458, 0x80000000, 0x80000000, 0x80000000, 0x80000000},
268 {0x0000a500, 0x00022200, 0x00022200, 0x00000006, 0x00000006},
269 {0x0000a504, 0x05062002, 0x05062002, 0x03000201, 0x03000201},
270 {0x0000a508, 0x0c002e00, 0x0c002e00, 0x06000203, 0x06000203},
271 {0x0000a50c, 0x11062202, 0x11062202, 0x0a000401, 0x0a000401},
272 {0x0000a510, 0x17022e00, 0x17022e00, 0x0e000403, 0x0e000403},
273 {0x0000a514, 0x1d000ec2, 0x1d000ec2, 0x12000405, 0x12000405},
274 {0x0000a518, 0x25020ec0, 0x25020ec0, 0x15000604, 0x15000604},
275 {0x0000a51c, 0x2b020ec3, 0x2b020ec3, 0x18000605, 0x18000605},
276 {0x0000a520, 0x2f001f04, 0x2f001f04, 0x1c000a04, 0x1c000a04},
277 {0x0000a524, 0x35001fc4, 0x35001fc4, 0x21000a06, 0x21000a06},
278 {0x0000a528, 0x3c022f04, 0x3c022f04, 0x29000a24, 0x29000a24},
279 {0x0000a52c, 0x41023e85, 0x41023e85, 0x2f000e21, 0x2f000e21},
280 {0x0000a530, 0x48023ec6, 0x48023ec6, 0x31000e20, 0x31000e20},
281 {0x0000a534, 0x4d023f01, 0x4d023f01, 0x33000e20, 0x33000e20},
282 {0x0000a538, 0x53023f4b, 0x53023f4b, 0x43000e62, 0x43000e62},
283 {0x0000a53c, 0x5a027f09, 0x5a027f09, 0x45000e63, 0x45000e63},
284 {0x0000a540, 0x5f027fc9, 0x5f027fc9, 0x49000e65, 0x49000e65},
285 {0x0000a544, 0x6502feca, 0x6502feca, 0x4b000e66, 0x4b000e66},
286 {0x0000a548, 0x6b02ff4a, 0x6b02ff4a, 0x4d001645, 0x4d001645},
287 {0x0000a54c, 0x7203feca, 0x7203feca, 0x51001865, 0x51001865},
288 {0x0000a550, 0x7703ff0b, 0x7703ff0b, 0x55001a86, 0x55001a86},
289 {0x0000a554, 0x7d06ffcb, 0x7d06ffcb, 0x57001ce9, 0x57001ce9},
290 {0x0000a558, 0x8407ff0b, 0x8407ff0b, 0x5a001ceb, 0x5a001ceb},
291 {0x0000a55c, 0x8907ffcb, 0x8907ffcb, 0x5e001eeb, 0x5e001eeb},
292 {0x0000a560, 0x900fff0b, 0x900fff0b, 0x5e001eeb, 0x5e001eeb},
293 {0x0000a564, 0x960fffcb, 0x960fffcb, 0x5e001eeb, 0x5e001eeb},
294 {0x0000a568, 0x9c1fff0b, 0x9c1fff0b, 0x5e001eeb, 0x5e001eeb},
295 {0x0000a56c, 0x9c1fff0b, 0x9c1fff0b, 0x5e001eeb, 0x5e001eeb},
296 {0x0000a570, 0x9c1fff0b, 0x9c1fff0b, 0x5e001eeb, 0x5e001eeb},
297 {0x0000a574, 0x9c1fff0b, 0x9c1fff0b, 0x5e001eeb, 0x5e001eeb},
298 {0x0000a578, 0x9c1fff0b, 0x9c1fff0b, 0x5e001eeb, 0x5e001eeb},
299 {0x0000a57c, 0x9c1fff0b, 0x9c1fff0b, 0x5e001eeb, 0x5e001eeb},
300 {0x0000b500, 0x0000001a, 0x0000001a, 0x0000001a, 0x0000001a},
301 {0x0000b504, 0x0000001a, 0x0000001a, 0x0000001a, 0x0000001a},
302 {0x0000b508, 0x0000001a, 0x0000001a, 0x0000001a, 0x0000001a},
303 {0x0000b50c, 0x0000001a, 0x0000001a, 0x0000001a, 0x0000001a},
304 {0x0000b510, 0x0000001a, 0x0000001a, 0x0000001a, 0x0000001a},
305 {0x0000b514, 0x0000001a, 0x0000001a, 0x0000001a, 0x0000001a},
306 {0x0000b518, 0x0000001a, 0x0000001a, 0x0000001a, 0x0000001a},
307 {0x0000b51c, 0x0000001a, 0x0000001a, 0x0000001a, 0x0000001a},
308 {0x0000b520, 0x0000001a, 0x0000001a, 0x0000001a, 0x0000001a},
309 {0x0000b524, 0x0000001a, 0x0000001a, 0x0000001a, 0x0000001a},
310 {0x0000b528, 0x0000001a, 0x0000001a, 0x0000001a, 0x0000001a},
311 {0x0000b52c, 0x0000002a, 0x0000002a, 0x0000002a, 0x0000002a},
312 {0x0000b530, 0x0000003a, 0x0000003a, 0x0000003a, 0x0000003a},
313 {0x0000b534, 0x0000004a, 0x0000004a, 0x0000004a, 0x0000004a},
314 {0x0000b538, 0x0000005b, 0x0000005b, 0x0000005b, 0x0000005b},
315 {0x0000b53c, 0x0000005b, 0x0000005b, 0x0000005b, 0x0000005b},
316 {0x0000b540, 0x0000005b, 0x0000005b, 0x0000005b, 0x0000005b},
317 {0x0000b544, 0x0000005b, 0x0000005b, 0x0000005b, 0x0000005b},
318 {0x0000b548, 0x0000005b, 0x0000005b, 0x0000005b, 0x0000005b},
319 {0x0000b54c, 0x0000005b, 0x0000005b, 0x0000005b, 0x0000005b},
320 {0x0000b550, 0x0000005b, 0x0000005b, 0x0000005b, 0x0000005b},
321 {0x0000b554, 0x0000005b, 0x0000005b, 0x0000005b, 0x0000005b},
322 {0x0000b558, 0x0000005b, 0x0000005b, 0x0000005b, 0x0000005b},
323 {0x0000b55c, 0x0000005b, 0x0000005b, 0x0000005b, 0x0000005b},
324 {0x0000b560, 0x0000005b, 0x0000005b, 0x0000005b, 0x0000005b},
325 {0x0000b564, 0x0000005b, 0x0000005b, 0x0000005b, 0x0000005b},
326 {0x0000b568, 0x0000005b, 0x0000005b, 0x0000005b, 0x0000005b},
327 {0x0000b56c, 0x0000005b, 0x0000005b, 0x0000005b, 0x0000005b},
328 {0x0000b570, 0x0000005b, 0x0000005b, 0x0000005b, 0x0000005b},
329 {0x0000b574, 0x0000005b, 0x0000005b, 0x0000005b, 0x0000005b},
330 {0x0000b578, 0x0000005b, 0x0000005b, 0x0000005b, 0x0000005b},
331 {0x0000b57c, 0x0000005b, 0x0000005b, 0x0000005b, 0x0000005b},
332 {0x00016044, 0x05d6b2db, 0x05d6b2db, 0x05d6b2db, 0x05d6b2db},
333 {0x00016048, 0x6c924260, 0x6c924260, 0x6c924260, 0x6c924260},
334};
335
263static const u32 ar9485Modes_high_ob_db_tx_gain_1_1[][5] = { 336static const u32 ar9485Modes_high_ob_db_tx_gain_1_1[][5] = {
264 /* Addr 5G_HT20 5G_HT40 2G_HT40 2G_HT20 */ 337 /* Addr 5G_HT20 5G_HT40 2G_HT40 2G_HT20 */
265 {0x000098bc, 0x00000002, 0x00000002, 0x00000002, 0x00000002}, 338 {0x000098bc, 0x00000002, 0x00000002, 0x00000002, 0x00000002},
@@ -450,6 +523,79 @@ static const u32 ar9485Modes_low_ob_db_tx_gain_1_1[][5] = {
450 523
451#define ar9485_modes_lowest_ob_db_tx_gain_1_1 ar9485Modes_low_ob_db_tx_gain_1_1 524#define ar9485_modes_lowest_ob_db_tx_gain_1_1 ar9485Modes_low_ob_db_tx_gain_1_1
452 525
526static const u32 ar9485Modes_green_spur_ob_db_tx_gain_1_1[][5] = {
527 /* Addr 5G_HT20 5G_HT40 2G_HT40 2G_HT20 */
528 {0x000098bc, 0x00000003, 0x00000003, 0x00000003, 0x00000003},
529 {0x0000a410, 0x000050d9, 0x000050d9, 0x000050d8, 0x000050d8},
530 {0x0000a458, 0x80000000, 0x80000000, 0x80000000, 0x80000000},
531 {0x0000a500, 0x00022200, 0x00022200, 0x00000006, 0x00000006},
532 {0x0000a504, 0x05062002, 0x05062002, 0x03000201, 0x03000201},
533 {0x0000a508, 0x0c002e00, 0x0c002e00, 0x07000203, 0x07000203},
534 {0x0000a50c, 0x11062202, 0x11062202, 0x0a000401, 0x0a000401},
535 {0x0000a510, 0x17022e00, 0x17022e00, 0x0e000403, 0x0e000403},
536 {0x0000a514, 0x1d000ec2, 0x1d000ec2, 0x12000405, 0x12000405},
537 {0x0000a518, 0x25020ec0, 0x25020ec0, 0x14000406, 0x14000406},
538 {0x0000a51c, 0x2b020ec3, 0x2b020ec3, 0x1800040a, 0x1800040a},
539 {0x0000a520, 0x2f001f04, 0x2f001f04, 0x1c000460, 0x1c000460},
540 {0x0000a524, 0x35001fc4, 0x35001fc4, 0x22000463, 0x22000463},
541 {0x0000a528, 0x3c022f04, 0x3c022f04, 0x26000465, 0x26000465},
542 {0x0000a52c, 0x41023e85, 0x41023e85, 0x2e0006e0, 0x2e0006e0},
543 {0x0000a530, 0x48023ec6, 0x48023ec6, 0x310006e0, 0x310006e0},
544 {0x0000a534, 0x4d023f01, 0x4d023f01, 0x330006e0, 0x330006e0},
545 {0x0000a538, 0x53023f4b, 0x53023f4b, 0x3e0008e3, 0x3e0008e3},
546 {0x0000a53c, 0x5a027f09, 0x5a027f09, 0x410008e5, 0x410008e5},
547 {0x0000a540, 0x5f027fc9, 0x5f027fc9, 0x430008e6, 0x430008e6},
548 {0x0000a544, 0x6502feca, 0x6502feca, 0x4a0008ec, 0x4a0008ec},
549 {0x0000a548, 0x6b02ff4a, 0x6b02ff4a, 0x4e0008f1, 0x4e0008f1},
550 {0x0000a54c, 0x7203feca, 0x7203feca, 0x520008f3, 0x520008f3},
551 {0x0000a550, 0x7703ff0b, 0x7703ff0b, 0x54000eed, 0x54000eed},
552 {0x0000a554, 0x7d06ffcb, 0x7d06ffcb, 0x58000ef1, 0x58000ef1},
553 {0x0000a558, 0x8407ff0b, 0x8407ff0b, 0x5c000ef3, 0x5c000ef3},
554 {0x0000a55c, 0x8907ffcb, 0x8907ffcb, 0x60000ef5, 0x60000ef5},
555 {0x0000a560, 0x900fff0b, 0x900fff0b, 0x62000ef6, 0x62000ef6},
556 {0x0000a564, 0x960fffcb, 0x960fffcb, 0x62000ef6, 0x62000ef6},
557 {0x0000a568, 0x9c1fff0b, 0x9c1fff0b, 0x62000ef6, 0x62000ef6},
558 {0x0000a56c, 0x9c1fff0b, 0x9c1fff0b, 0x62000ef6, 0x62000ef6},
559 {0x0000a570, 0x9c1fff0b, 0x9c1fff0b, 0x62000ef6, 0x62000ef6},
560 {0x0000a574, 0x9c1fff0b, 0x9c1fff0b, 0x62000ef6, 0x62000ef6},
561 {0x0000a578, 0x9c1fff0b, 0x9c1fff0b, 0x62000ef6, 0x62000ef6},
562 {0x0000a57c, 0x9c1fff0b, 0x9c1fff0b, 0x62000ef6, 0x62000ef6},
563 {0x0000b500, 0x0000001a, 0x0000001a, 0x0000001a, 0x0000001a},
564 {0x0000b504, 0x0000001a, 0x0000001a, 0x0000001a, 0x0000001a},
565 {0x0000b508, 0x0000001a, 0x0000001a, 0x0000001a, 0x0000001a},
566 {0x0000b50c, 0x0000001a, 0x0000001a, 0x0000001a, 0x0000001a},
567 {0x0000b510, 0x0000001a, 0x0000001a, 0x0000001a, 0x0000001a},
568 {0x0000b514, 0x0000001a, 0x0000001a, 0x0000001a, 0x0000001a},
569 {0x0000b518, 0x0000001a, 0x0000001a, 0x0000001a, 0x0000001a},
570 {0x0000b51c, 0x0000001a, 0x0000001a, 0x0000001a, 0x0000001a},
571 {0x0000b520, 0x0000001a, 0x0000001a, 0x0000001a, 0x0000001a},
572 {0x0000b524, 0x0000001a, 0x0000001a, 0x0000001a, 0x0000001a},
573 {0x0000b528, 0x0000001a, 0x0000001a, 0x0000001a, 0x0000001a},
574 {0x0000b52c, 0x0000002a, 0x0000002a, 0x0000002a, 0x0000002a},
575 {0x0000b530, 0x0000003a, 0x0000003a, 0x0000003a, 0x0000003a},
576 {0x0000b534, 0x0000004a, 0x0000004a, 0x0000004a, 0x0000004a},
577 {0x0000b538, 0x0000005b, 0x0000005b, 0x0000005b, 0x0000005b},
578 {0x0000b53c, 0x0000005b, 0x0000005b, 0x0000005b, 0x0000005b},
579 {0x0000b540, 0x0000005b, 0x0000005b, 0x0000005b, 0x0000005b},
580 {0x0000b544, 0x0000005b, 0x0000005b, 0x0000005b, 0x0000005b},
581 {0x0000b548, 0x0000005b, 0x0000005b, 0x0000005b, 0x0000005b},
582 {0x0000b54c, 0x0000005b, 0x0000005b, 0x0000005b, 0x0000005b},
583 {0x0000b550, 0x0000005b, 0x0000005b, 0x0000005b, 0x0000005b},
584 {0x0000b554, 0x0000005b, 0x0000005b, 0x0000005b, 0x0000005b},
585 {0x0000b558, 0x0000005b, 0x0000005b, 0x0000005b, 0x0000005b},
586 {0x0000b55c, 0x0000005b, 0x0000005b, 0x0000005b, 0x0000005b},
587 {0x0000b560, 0x0000005b, 0x0000005b, 0x0000005b, 0x0000005b},
588 {0x0000b564, 0x0000005b, 0x0000005b, 0x0000005b, 0x0000005b},
589 {0x0000b568, 0x0000005b, 0x0000005b, 0x0000005b, 0x0000005b},
590 {0x0000b56c, 0x0000005b, 0x0000005b, 0x0000005b, 0x0000005b},
591 {0x0000b570, 0x0000005b, 0x0000005b, 0x0000005b, 0x0000005b},
592 {0x0000b574, 0x0000005b, 0x0000005b, 0x0000005b, 0x0000005b},
593 {0x0000b578, 0x0000005b, 0x0000005b, 0x0000005b, 0x0000005b},
594 {0x0000b57c, 0x0000005b, 0x0000005b, 0x0000005b, 0x0000005b},
595 {0x00016044, 0x05d6b2db, 0x05d6b2db, 0x05d6b2db, 0x05d6b2db},
596 {0x00016048, 0x6c924260, 0x6c924260, 0x6c924260, 0x6c924260},
597};
598
453static const u32 ar9485_1_1[][2] = { 599static const u32 ar9485_1_1[][2] = {
454 /* Addr allmodes */ 600 /* Addr allmodes */
455 {0x0000a580, 0x00000000}, 601 {0x0000a580, 0x00000000},
diff --git a/drivers/net/wireless/ath/ath9k/ar955x_1p0_initvals.h b/drivers/net/wireless/ath/ath9k/ar955x_1p0_initvals.h
index df97f21c52dc..ccc5b6c99add 100644
--- a/drivers/net/wireless/ath/ath9k/ar955x_1p0_initvals.h
+++ b/drivers/net/wireless/ath/ath9k/ar955x_1p0_initvals.h
@@ -23,16 +23,16 @@
23static const u32 ar955x_1p0_radio_postamble[][5] = { 23static const u32 ar955x_1p0_radio_postamble[][5] = {
24 /* Addr 5G_HT20 5G_HT40 2G_HT40 2G_HT20 */ 24 /* Addr 5G_HT20 5G_HT40 2G_HT40 2G_HT20 */
25 {0x00016098, 0xd2dd5554, 0xd2dd5554, 0xd28b3330, 0xd28b3330}, 25 {0x00016098, 0xd2dd5554, 0xd2dd5554, 0xd28b3330, 0xd28b3330},
26 {0x0001609c, 0x0a566f3a, 0x0a566f3a, 0x06345f2a, 0x06345f2a}, 26 {0x0001609c, 0x0a566f3a, 0x0a566f3a, 0x0a566f3a, 0x0a566f3a},
27 {0x000160ac, 0xa4647c00, 0xa4647c00, 0xa4646800, 0xa4646800}, 27 {0x000160ac, 0xa4647c00, 0xa4647c00, 0x24647c00, 0x24647c00},
28 {0x000160b0, 0x01885f52, 0x01885f52, 0x04accf3a, 0x04accf3a}, 28 {0x000160b0, 0x01885f52, 0x01885f52, 0x01885f52, 0x01885f52},
29 {0x00016104, 0xb7a00001, 0xb7a00001, 0xb7a00001, 0xb7a00001}, 29 {0x00016104, 0xb7a00000, 0xb7a00000, 0xb7a00001, 0xb7a00001},
30 {0x0001610c, 0xc0000000, 0xc0000000, 0xc0000000, 0xc0000000}, 30 {0x0001610c, 0xc0000000, 0xc0000000, 0xc0000000, 0xc0000000},
31 {0x00016140, 0x10804008, 0x10804008, 0x10804008, 0x10804008}, 31 {0x00016140, 0x10804008, 0x10804008, 0x10804008, 0x10804008},
32 {0x00016504, 0xb7a00001, 0xb7a00001, 0xb7a00001, 0xb7a00001}, 32 {0x00016504, 0xb7a00000, 0xb7a00000, 0xb7a00001, 0xb7a00001},
33 {0x0001650c, 0xc0000000, 0xc0000000, 0xc0000000, 0xc0000000}, 33 {0x0001650c, 0xc0000000, 0xc0000000, 0xc0000000, 0xc0000000},
34 {0x00016540, 0x10804008, 0x10804008, 0x10804008, 0x10804008}, 34 {0x00016540, 0x10804008, 0x10804008, 0x10804008, 0x10804008},
35 {0x00016904, 0xb7a00001, 0xb7a00001, 0xb7a00001, 0xb7a00001}, 35 {0x00016904, 0xb7a00000, 0xb7a00000, 0xb7a00001, 0xb7a00001},
36 {0x0001690c, 0xc0000000, 0xc0000000, 0xc0000000, 0xc0000000}, 36 {0x0001690c, 0xc0000000, 0xc0000000, 0xc0000000, 0xc0000000},
37 {0x00016940, 0x10804008, 0x10804008, 0x10804008, 0x10804008}, 37 {0x00016940, 0x10804008, 0x10804008, 0x10804008, 0x10804008},
38}; 38};
@@ -69,15 +69,15 @@ static const u32 ar955x_1p0_baseband_postamble[][5] = {
69 {0x0000a204, 0x005c0ec0, 0x005c0ec4, 0x005c0ec4, 0x005c0ec0}, 69 {0x0000a204, 0x005c0ec0, 0x005c0ec4, 0x005c0ec4, 0x005c0ec0},
70 {0x0000a208, 0x00000104, 0x00000104, 0x00000004, 0x00000004}, 70 {0x0000a208, 0x00000104, 0x00000104, 0x00000004, 0x00000004},
71 {0x0000a22c, 0x07e26a2f, 0x07e26a2f, 0x01026a2f, 0x01026a2f}, 71 {0x0000a22c, 0x07e26a2f, 0x07e26a2f, 0x01026a2f, 0x01026a2f},
72 {0x0000a230, 0x0000000a, 0x00000014, 0x00000016, 0x0000000b}, 72 {0x0000a230, 0x0000400a, 0x00004014, 0x00004016, 0x0000400b},
73 {0x0000a234, 0x00000fff, 0x10000fff, 0x10000fff, 0x00000fff}, 73 {0x0000a234, 0x00000fff, 0x10000fff, 0x10000fff, 0x00000fff},
74 {0x0000a238, 0xffb01018, 0xffb01018, 0xffb01018, 0xffb01018}, 74 {0x0000a238, 0xffb01018, 0xffb01018, 0xffb01018, 0xffb01018},
75 {0x0000a250, 0x00000000, 0x00000000, 0x00000210, 0x00000108}, 75 {0x0000a250, 0x00000000, 0x00000000, 0x00000210, 0x00000108},
76 {0x0000a254, 0x000007d0, 0x00000fa0, 0x00001130, 0x00000898}, 76 {0x0000a254, 0x000007d0, 0x00000fa0, 0x00001130, 0x00000898},
77 {0x0000a258, 0x02020002, 0x02020002, 0x02020002, 0x02020002}, 77 {0x0000a258, 0x02020002, 0x02020002, 0x02020002, 0x02020002},
78 {0x0000a25c, 0x01000e0e, 0x01000e0e, 0x01000e0e, 0x01000e0e}, 78 {0x0000a25c, 0x01000e0e, 0x01000e0e, 0x01010e0e, 0x01010e0e},
79 {0x0000a260, 0x0a021501, 0x0a021501, 0x3a021501, 0x3a021501}, 79 {0x0000a260, 0x0a021501, 0x0a021501, 0x3a021501, 0x3a021501},
80 {0x0000a264, 0x00000e0e, 0x00000e0e, 0x00000e0e, 0x00000e0e}, 80 {0x0000a264, 0x00000e0e, 0x00000e0e, 0x01000e0e, 0x01000e0e},
81 {0x0000a280, 0x00000007, 0x00000007, 0x0000000b, 0x0000000b}, 81 {0x0000a280, 0x00000007, 0x00000007, 0x0000000b, 0x0000000b},
82 {0x0000a284, 0x00000000, 0x00000000, 0x00000010, 0x00000010}, 82 {0x0000a284, 0x00000000, 0x00000000, 0x00000010, 0x00000010},
83 {0x0000a288, 0x00000110, 0x00000110, 0x00000110, 0x00000110}, 83 {0x0000a288, 0x00000110, 0x00000110, 0x00000110, 0x00000110},
@@ -125,7 +125,7 @@ static const u32 ar955x_1p0_radio_core[][2] = {
125 {0x00016094, 0x00000000}, 125 {0x00016094, 0x00000000},
126 {0x000160a0, 0x0a108ffe}, 126 {0x000160a0, 0x0a108ffe},
127 {0x000160a4, 0x812fc370}, 127 {0x000160a4, 0x812fc370},
128 {0x000160a8, 0x423c8000}, 128 {0x000160a8, 0x423c8100},
129 {0x000160b4, 0x92480080}, 129 {0x000160b4, 0x92480080},
130 {0x000160c0, 0x006db6d0}, 130 {0x000160c0, 0x006db6d0},
131 {0x000160c4, 0x6db6db60}, 131 {0x000160c4, 0x6db6db60},
@@ -134,7 +134,7 @@ static const u32 ar955x_1p0_radio_core[][2] = {
134 {0x00016100, 0x11999601}, 134 {0x00016100, 0x11999601},
135 {0x00016108, 0x00080010}, 135 {0x00016108, 0x00080010},
136 {0x00016144, 0x02084080}, 136 {0x00016144, 0x02084080},
137 {0x00016148, 0x000080c0}, 137 {0x00016148, 0x00008040},
138 {0x00016280, 0x01800804}, 138 {0x00016280, 0x01800804},
139 {0x00016284, 0x00038dc5}, 139 {0x00016284, 0x00038dc5},
140 {0x00016288, 0x00000000}, 140 {0x00016288, 0x00000000},
@@ -178,7 +178,7 @@ static const u32 ar955x_1p0_radio_core[][2] = {
178 {0x00016500, 0x11999601}, 178 {0x00016500, 0x11999601},
179 {0x00016508, 0x00080010}, 179 {0x00016508, 0x00080010},
180 {0x00016544, 0x02084080}, 180 {0x00016544, 0x02084080},
181 {0x00016548, 0x000080c0}, 181 {0x00016548, 0x00008040},
182 {0x00016780, 0x00000000}, 182 {0x00016780, 0x00000000},
183 {0x00016784, 0x00000000}, 183 {0x00016784, 0x00000000},
184 {0x00016788, 0x00400705}, 184 {0x00016788, 0x00400705},
@@ -218,7 +218,7 @@ static const u32 ar955x_1p0_radio_core[][2] = {
218 {0x00016900, 0x11999601}, 218 {0x00016900, 0x11999601},
219 {0x00016908, 0x00080010}, 219 {0x00016908, 0x00080010},
220 {0x00016944, 0x02084080}, 220 {0x00016944, 0x02084080},
221 {0x00016948, 0x000080c0}, 221 {0x00016948, 0x00008040},
222 {0x00016b80, 0x00000000}, 222 {0x00016b80, 0x00000000},
223 {0x00016b84, 0x00000000}, 223 {0x00016b84, 0x00000000},
224 {0x00016b88, 0x00400705}, 224 {0x00016b88, 0x00400705},
@@ -245,9 +245,9 @@ static const u32 ar955x_1p0_radio_core[][2] = {
245 245
246static const u32 ar955x_1p0_modes_xpa_tx_gain_table[][9] = { 246static const u32 ar955x_1p0_modes_xpa_tx_gain_table[][9] = {
247 /* Addr 5G_HT20_L 5G_HT40_L 5G_HT20_M 5G_HT40_M 5G_HT20_H 5G_HT40_H 2G_HT40 2G_HT20 */ 247 /* Addr 5G_HT20_L 5G_HT40_L 5G_HT20_M 5G_HT40_M 5G_HT20_H 5G_HT40_H 2G_HT40 2G_HT20 */
248 {0x0000a2dc, 0xffffaaaa, 0xffffaaaa, 0xffffaaaa, 0xffffaaaa, 0xffffaaaa, 0xffffaaaa, 0xfffd5aaa, 0xfffd5aaa}, 248 {0x0000a2dc, 0xffff6aaa, 0xffff6aaa, 0xffff6aaa, 0xffff6aaa, 0xffff6aaa, 0xffff6aaa, 0xfffd5aaa, 0xfffd5aaa},
249 {0x0000a2e0, 0xffffcccc, 0xffffcccc, 0xffffcccc, 0xffffcccc, 0xffffcccc, 0xffffcccc, 0xfffe9ccc, 0xfffe9ccc}, 249 {0x0000a2e0, 0xfffdcccc, 0xfffdcccc, 0xfffdcccc, 0xfffdcccc, 0xfffdcccc, 0xfffdcccc, 0xfffe9ccc, 0xfffe9ccc},
250 {0x0000a2e4, 0xfffff0f0, 0xfffff0f0, 0xfffff0f0, 0xfffff0f0, 0xfffff0f0, 0xfffff0f0, 0xffffe0f0, 0xffffe0f0}, 250 {0x0000a2e4, 0xffe3b0f0, 0xffe3b0f0, 0xffe3b0f0, 0xffe3b0f0, 0xffe3b0f0, 0xffe3b0f0, 0xffffe0f0, 0xffffe0f0},
251 {0x0000a2e8, 0xffffff00, 0xffffff00, 0xffffff00, 0xffffff00, 0xffffff00, 0xffffff00, 0xfffcff00, 0xfffcff00}, 251 {0x0000a2e8, 0xffffff00, 0xffffff00, 0xffffff00, 0xffffff00, 0xffffff00, 0xffffff00, 0xfffcff00, 0xfffcff00},
252 {0x0000a410, 0x000050de, 0x000050de, 0x000050de, 0x000050de, 0x000050de, 0x000050de, 0x000050da, 0x000050da}, 252 {0x0000a410, 0x000050de, 0x000050de, 0x000050de, 0x000050de, 0x000050de, 0x000050de, 0x000050da, 0x000050da},
253 {0x0000a500, 0x00000003, 0x00000003, 0x00000003, 0x00000003, 0x00000003, 0x00000003, 0x00000000, 0x00000000}, 253 {0x0000a500, 0x00000003, 0x00000003, 0x00000003, 0x00000003, 0x00000003, 0x00000003, 0x00000000, 0x00000000},
@@ -256,63 +256,63 @@ static const u32 ar955x_1p0_modes_xpa_tx_gain_table[][9] = {
256 {0x0000a50c, 0x0c00000b, 0x0c00000b, 0x0c00000b, 0x0c00000b, 0x0c00000b, 0x0c00000b, 0x0c000006, 0x0c000006}, 256 {0x0000a50c, 0x0c00000b, 0x0c00000b, 0x0c00000b, 0x0c00000b, 0x0c00000b, 0x0c00000b, 0x0c000006, 0x0c000006},
257 {0x0000a510, 0x1000000d, 0x1000000d, 0x1000000d, 0x1000000d, 0x1000000d, 0x1000000d, 0x0f00000a, 0x0f00000a}, 257 {0x0000a510, 0x1000000d, 0x1000000d, 0x1000000d, 0x1000000d, 0x1000000d, 0x1000000d, 0x0f00000a, 0x0f00000a},
258 {0x0000a514, 0x14000011, 0x14000011, 0x14000011, 0x14000011, 0x14000011, 0x14000011, 0x1300000c, 0x1300000c}, 258 {0x0000a514, 0x14000011, 0x14000011, 0x14000011, 0x14000011, 0x14000011, 0x14000011, 0x1300000c, 0x1300000c},
259 {0x0000a518, 0x19004008, 0x19004008, 0x19004008, 0x19004008, 0x18004008, 0x18004008, 0x1700000e, 0x1700000e}, 259 {0x0000a518, 0x1700002b, 0x1700002b, 0x1700002b, 0x1700002b, 0x1600002b, 0x1600002b, 0x1700000e, 0x1700000e},
260 {0x0000a51c, 0x1d00400a, 0x1d00400a, 0x1d00400a, 0x1d00400a, 0x1c00400a, 0x1c00400a, 0x1b000064, 0x1b000064}, 260 {0x0000a51c, 0x1b00002d, 0x1b00002d, 0x1b00002d, 0x1b00002d, 0x1a00002d, 0x1a00002d, 0x1b000064, 0x1b000064},
261 {0x0000a520, 0x230020a2, 0x230020a2, 0x210020a2, 0x210020a2, 0x200020a2, 0x200020a2, 0x1f000242, 0x1f000242}, 261 {0x0000a520, 0x20000031, 0x20000031, 0x1f000031, 0x1f000031, 0x1e000031, 0x1e000031, 0x1f000242, 0x1f000242},
262 {0x0000a524, 0x2500006e, 0x2500006e, 0x2500006e, 0x2500006e, 0x2400006e, 0x2400006e, 0x23000229, 0x23000229}, 262 {0x0000a524, 0x24000051, 0x24000051, 0x23000051, 0x23000051, 0x23000051, 0x23000051, 0x23000229, 0x23000229},
263 {0x0000a528, 0x29022221, 0x29022221, 0x28022221, 0x28022221, 0x27022221, 0x27022221, 0x270002a2, 0x270002a2}, 263 {0x0000a528, 0x27000071, 0x27000071, 0x27000071, 0x27000071, 0x26000071, 0x26000071, 0x270002a2, 0x270002a2},
264 {0x0000a52c, 0x2d00062a, 0x2d00062a, 0x2c00062a, 0x2c00062a, 0x2a00062a, 0x2a00062a, 0x2c001203, 0x2c001203}, 264 {0x0000a52c, 0x2b000092, 0x2b000092, 0x2b000092, 0x2b000092, 0x2b000092, 0x2b000092, 0x2c001203, 0x2c001203},
265 {0x0000a530, 0x340220a5, 0x340220a5, 0x320220a5, 0x320220a5, 0x2f0220a5, 0x2f0220a5, 0x30001803, 0x30001803}, 265 {0x0000a530, 0x3000028c, 0x3000028c, 0x2f00028c, 0x2f00028c, 0x2e00028c, 0x2e00028c, 0x30001803, 0x30001803},
266 {0x0000a534, 0x380022c5, 0x380022c5, 0x350022c5, 0x350022c5, 0x320022c5, 0x320022c5, 0x33000881, 0x33000881}, 266 {0x0000a534, 0x34000290, 0x34000290, 0x33000290, 0x33000290, 0x32000290, 0x32000290, 0x33000881, 0x33000881},
267 {0x0000a538, 0x3b002486, 0x3b002486, 0x39002486, 0x39002486, 0x36002486, 0x36002486, 0x38001809, 0x38001809}, 267 {0x0000a538, 0x37000292, 0x37000292, 0x36000292, 0x36000292, 0x35000292, 0x35000292, 0x38001809, 0x38001809},
268 {0x0000a53c, 0x3f00248a, 0x3f00248a, 0x3d00248a, 0x3d00248a, 0x3a00248a, 0x3a00248a, 0x3a000814, 0x3a000814}, 268 {0x0000a53c, 0x3b02028d, 0x3b02028d, 0x3a02028d, 0x3a02028d, 0x3902028d, 0x3902028d, 0x3a000814, 0x3a000814},
269 {0x0000a540, 0x4202242c, 0x4202242c, 0x4102242c, 0x4102242c, 0x3f02242c, 0x3f02242c, 0x3f001a0c, 0x3f001a0c}, 269 {0x0000a540, 0x3f020291, 0x3f020291, 0x3e020291, 0x3e020291, 0x3d020291, 0x3d020291, 0x3f001a0c, 0x3f001a0c},
270 {0x0000a544, 0x490044c6, 0x490044c6, 0x460044c6, 0x460044c6, 0x420044c6, 0x420044c6, 0x43001a0e, 0x43001a0e}, 270 {0x0000a544, 0x44020490, 0x44020490, 0x43020490, 0x43020490, 0x42020490, 0x42020490, 0x43001a0e, 0x43001a0e},
271 {0x0000a548, 0x4d024485, 0x4d024485, 0x4a024485, 0x4a024485, 0x46024485, 0x46024485, 0x46001812, 0x46001812}, 271 {0x0000a548, 0x48020492, 0x48020492, 0x47020492, 0x47020492, 0x46020492, 0x46020492, 0x46001812, 0x46001812},
272 {0x0000a54c, 0x51044483, 0x51044483, 0x4e044483, 0x4e044483, 0x4a044483, 0x4a044483, 0x49001884, 0x49001884}, 272 {0x0000a54c, 0x4c020692, 0x4c020692, 0x4b020692, 0x4b020692, 0x4a020692, 0x4a020692, 0x49001884, 0x49001884},
273 {0x0000a550, 0x5404a40c, 0x5404a40c, 0x5204a40c, 0x5204a40c, 0x4d04a40c, 0x4d04a40c, 0x4d001e84, 0x4d001e84}, 273 {0x0000a550, 0x50020892, 0x50020892, 0x4f020892, 0x4f020892, 0x4e020892, 0x4e020892, 0x4d001e84, 0x4d001e84},
274 {0x0000a554, 0x57024632, 0x57024632, 0x55024632, 0x55024632, 0x52024632, 0x52024632, 0x50001e69, 0x50001e69}, 274 {0x0000a554, 0x53040891, 0x53040891, 0x53040891, 0x53040891, 0x52040891, 0x52040891, 0x50001e69, 0x50001e69},
275 {0x0000a558, 0x5c00a634, 0x5c00a634, 0x5900a634, 0x5900a634, 0x5600a634, 0x5600a634, 0x550006f4, 0x550006f4}, 275 {0x0000a558, 0x58040893, 0x58040893, 0x57040893, 0x57040893, 0x56040893, 0x56040893, 0x550006f4, 0x550006f4},
276 {0x0000a55c, 0x5f026832, 0x5f026832, 0x5d026832, 0x5d026832, 0x5a026832, 0x5a026832, 0x59000ad3, 0x59000ad3}, 276 {0x0000a55c, 0x5c0408b4, 0x5c0408b4, 0x5a0408b4, 0x5a0408b4, 0x5a0408b4, 0x5a0408b4, 0x59000ad3, 0x59000ad3},
277 {0x0000a560, 0x6602b012, 0x6602b012, 0x6202b012, 0x6202b012, 0x5d02b012, 0x5d02b012, 0x5e000ad5, 0x5e000ad5}, 277 {0x0000a560, 0x610408b6, 0x610408b6, 0x5e0408b6, 0x5e0408b6, 0x5e0408b6, 0x5e0408b6, 0x5e000ad5, 0x5e000ad5},
278 {0x0000a564, 0x6e02d0e1, 0x6e02d0e1, 0x6802d0e1, 0x6802d0e1, 0x6002d0e1, 0x6002d0e1, 0x61001ced, 0x61001ced}, 278 {0x0000a564, 0x670408f6, 0x670408f6, 0x620408f6, 0x620408f6, 0x620408f6, 0x620408f6, 0x61001ced, 0x61001ced},
279 {0x0000a568, 0x7202b4c4, 0x7202b4c4, 0x6c02b4c4, 0x6c02b4c4, 0x6502b4c4, 0x6502b4c4, 0x660018d4, 0x660018d4}, 279 {0x0000a568, 0x6a040cf6, 0x6a040cf6, 0x66040cf6, 0x66040cf6, 0x66040cf6, 0x66040cf6, 0x660018d4, 0x660018d4},
280 {0x0000a56c, 0x75007894, 0x75007894, 0x70007894, 0x70007894, 0x6b007894, 0x6b007894, 0x660018d4, 0x660018d4}, 280 {0x0000a56c, 0x6d040d76, 0x6d040d76, 0x6a040d76, 0x6a040d76, 0x6a040d76, 0x6a040d76, 0x660018d4, 0x660018d4},
281 {0x0000a570, 0x7b025c74, 0x7b025c74, 0x75025c74, 0x75025c74, 0x70025c74, 0x70025c74, 0x660018d4, 0x660018d4}, 281 {0x0000a570, 0x70060db6, 0x70060db6, 0x6e060db6, 0x6e060db6, 0x6e060db6, 0x6e060db6, 0x660018d4, 0x660018d4},
282 {0x0000a574, 0x8300bcb5, 0x8300bcb5, 0x7a00bcb5, 0x7a00bcb5, 0x7600bcb5, 0x7600bcb5, 0x660018d4, 0x660018d4}, 282 {0x0000a574, 0x730a0df6, 0x730a0df6, 0x720a0df6, 0x720a0df6, 0x720a0df6, 0x720a0df6, 0x660018d4, 0x660018d4},
283 {0x0000a578, 0x8a04dc74, 0x8a04dc74, 0x7f04dc74, 0x7f04dc74, 0x7c04dc74, 0x7c04dc74, 0x660018d4, 0x660018d4}, 283 {0x0000a578, 0x770a13f6, 0x770a13f6, 0x760a13f6, 0x760a13f6, 0x760a13f6, 0x760a13f6, 0x660018d4, 0x660018d4},
284 {0x0000a57c, 0x8a04dc74, 0x8a04dc74, 0x7f04dc74, 0x7f04dc74, 0x7c04dc74, 0x7c04dc74, 0x660018d4, 0x660018d4}, 284 {0x0000a57c, 0x770a13f6, 0x770a13f6, 0x760a13f6, 0x760a13f6, 0x760a13f6, 0x760a13f6, 0x660018d4, 0x660018d4},
285 {0x0000a600, 0x00000000, 0x00000000, 0x00000000, 0x00000000, 0x00000000, 0x00000000, 0x00000000, 0x00000000}, 285 {0x0000a600, 0x00000000, 0x00000000, 0x00000000, 0x00000000, 0x00000000, 0x00000000, 0x00000000, 0x00000000},
286 {0x0000a604, 0x00000000, 0x00000000, 0x00000000, 0x00000000, 0x00000000, 0x00000000, 0x00000000, 0x00000000}, 286 {0x0000a604, 0x00000000, 0x00000000, 0x00000000, 0x00000000, 0x00000000, 0x00000000, 0x00000000, 0x00000000},
287 {0x0000a608, 0x00000000, 0x00000000, 0x00000000, 0x00000000, 0x00000000, 0x00000000, 0x00000000, 0x00000000}, 287 {0x0000a608, 0x00000000, 0x00000000, 0x00000000, 0x00000000, 0x00000000, 0x00000000, 0x00000000, 0x00000000},
288 {0x0000a60c, 0x00000000, 0x00000000, 0x00000000, 0x00000000, 0x00000000, 0x00000000, 0x03804000, 0x03804000}, 288 {0x0000a60c, 0x02c04b01, 0x02c04b01, 0x02c04b01, 0x02c04b01, 0x02c04b01, 0x02c04b01, 0x03804000, 0x03804000},
289 {0x0000a610, 0x04c08c01, 0x04c08c01, 0x04808b01, 0x04808b01, 0x04808a01, 0x04808a01, 0x0300ca02, 0x0300ca02}, 289 {0x0000a610, 0x04008b01, 0x04008b01, 0x04008b01, 0x04008b01, 0x03c08b01, 0x03c08b01, 0x0300ca02, 0x0300ca02},
290 {0x0000a614, 0x00c0c303, 0x00c0c303, 0x00c0c303, 0x00c0c303, 0x00c0c303, 0x00c0c303, 0x00000e04, 0x00000e04}, 290 {0x0000a614, 0x05811403, 0x05811403, 0x05411303, 0x05411303, 0x05411303, 0x05411303, 0x00000e04, 0x00000e04},
291 {0x0000a618, 0x04010c01, 0x04010c01, 0x03c10b01, 0x03c10b01, 0x03810a01, 0x03810a01, 0x03014000, 0x03014000}, 291 {0x0000a618, 0x05811604, 0x05811604, 0x05411504, 0x05411504, 0x05411504, 0x05411504, 0x03014000, 0x03014000},
292 {0x0000a61c, 0x03814e05, 0x03814e05, 0x03414d05, 0x03414d05, 0x03414d05, 0x03414d05, 0x00000000, 0x00000000}, 292 {0x0000a61c, 0x05811604, 0x05811604, 0x05411504, 0x05411504, 0x05411504, 0x05411504, 0x00000000, 0x00000000},
293 {0x0000a620, 0x04010303, 0x04010303, 0x03c10303, 0x03c10303, 0x03810303, 0x03810303, 0x00000000, 0x00000000}, 293 {0x0000a620, 0x05811604, 0x05811604, 0x05411504, 0x05411504, 0x05411504, 0x05411504, 0x00000000, 0x00000000},
294 {0x0000a624, 0x03814e05, 0x03814e05, 0x03414d05, 0x03414d05, 0x03414d05, 0x03414d05, 0x03014000, 0x03014000}, 294 {0x0000a624, 0x05811604, 0x05811604, 0x05411504, 0x05411504, 0x05411504, 0x05411504, 0x03014000, 0x03014000},
295 {0x0000a628, 0x00c0c000, 0x00c0c000, 0x00c0c000, 0x00c0c000, 0x00c0c000, 0x00c0c000, 0x03804c05, 0x03804c05}, 295 {0x0000a628, 0x05811604, 0x05811604, 0x05411504, 0x05411504, 0x05411504, 0x05411504, 0x03804c05, 0x03804c05},
296 {0x0000a62c, 0x00c0c303, 0x00c0c303, 0x00c0c303, 0x00c0c303, 0x00c0c303, 0x00c0c303, 0x0701de06, 0x0701de06}, 296 {0x0000a62c, 0x06815604, 0x06815604, 0x06415504, 0x06415504, 0x06015504, 0x06015504, 0x0701de06, 0x0701de06},
297 {0x0000a630, 0x03418000, 0x03418000, 0x03018000, 0x03018000, 0x02c18000, 0x02c18000, 0x07819c07, 0x07819c07}, 297 {0x0000a630, 0x07819a05, 0x07819a05, 0x07419905, 0x07419905, 0x07019805, 0x07019805, 0x07819c07, 0x07819c07},
298 {0x0000a634, 0x03815004, 0x03815004, 0x03414f04, 0x03414f04, 0x03414e04, 0x03414e04, 0x0701dc07, 0x0701dc07}, 298 {0x0000a634, 0x07819e06, 0x07819e06, 0x07419d06, 0x07419d06, 0x07019c06, 0x07019c06, 0x0701dc07, 0x0701dc07},
299 {0x0000a638, 0x03005302, 0x03005302, 0x02c05202, 0x02c05202, 0x02805202, 0x02805202, 0x0701dc07, 0x0701dc07}, 299 {0x0000a638, 0x07819e06, 0x07819e06, 0x07419d06, 0x07419d06, 0x07019c06, 0x07019c06, 0x0701dc07, 0x0701dc07},
300 {0x0000a63c, 0x04c09302, 0x04c09302, 0x04809202, 0x04809202, 0x04809202, 0x04809202, 0x0701dc07, 0x0701dc07}, 300 {0x0000a63c, 0x07819e06, 0x07819e06, 0x07419d06, 0x07419d06, 0x07019c06, 0x07019c06, 0x0701dc07, 0x0701dc07},
301 {0x0000b2dc, 0xffffaaaa, 0xffffaaaa, 0xffffaaaa, 0xffffaaaa, 0xffffaaaa, 0xffffaaaa, 0xfffd5aaa, 0xfffd5aaa}, 301 {0x0000b2dc, 0xffff6aaa, 0xffff6aaa, 0xffff6aaa, 0xffff6aaa, 0xffff6aaa, 0xffff6aaa, 0xfffd5aaa, 0xfffd5aaa},
302 {0x0000b2e0, 0xffffcccc, 0xffffcccc, 0xffffcccc, 0xffffcccc, 0xffffcccc, 0xffffcccc, 0xfffe9ccc, 0xfffe9ccc}, 302 {0x0000b2e0, 0xfffdcccc, 0xfffdcccc, 0xfffdcccc, 0xfffdcccc, 0xfffdcccc, 0xfffdcccc, 0xfffe9ccc, 0xfffe9ccc},
303 {0x0000b2e4, 0xfffff0f0, 0xfffff0f0, 0xfffff0f0, 0xfffff0f0, 0xfffff0f0, 0xfffff0f0, 0xffffe0f0, 0xffffe0f0}, 303 {0x0000b2e4, 0xffe3b0f0, 0xffe3b0f0, 0xffe3b0f0, 0xffe3b0f0, 0xffe3b0f0, 0xffe3b0f0, 0xffffe0f0, 0xffffe0f0},
304 {0x0000b2e8, 0xffffff00, 0xffffff00, 0xffffff00, 0xffffff00, 0xffffff00, 0xffffff00, 0xfffcff00, 0xfffcff00}, 304 {0x0000b2e8, 0xffffff00, 0xffffff00, 0xffffff00, 0xffffff00, 0xffffff00, 0xffffff00, 0xfffcff00, 0xfffcff00},
305 {0x0000c2dc, 0xffffaaaa, 0xffffaaaa, 0xffffaaaa, 0xffffaaaa, 0xffffaaaa, 0xffffaaaa, 0xfffd5aaa, 0xfffd5aaa}, 305 {0x0000c2dc, 0xffff6aaa, 0xffff6aaa, 0xffff6aaa, 0xffff6aaa, 0xffff6aaa, 0xffff6aaa, 0xfffd5aaa, 0xfffd5aaa},
306 {0x0000c2e0, 0xffffcccc, 0xffffcccc, 0xffffcccc, 0xffffcccc, 0xffffcccc, 0xffffcccc, 0xfffe9ccc, 0xfffe9ccc}, 306 {0x0000c2e0, 0xfffdcccc, 0xfffdcccc, 0xfffdcccc, 0xfffdcccc, 0xfffdcccc, 0xfffdcccc, 0xfffe9ccc, 0xfffe9ccc},
307 {0x0000c2e4, 0xfffff0f0, 0xfffff0f0, 0xfffff0f0, 0xfffff0f0, 0xfffff0f0, 0xfffff0f0, 0xffffe0f0, 0xffffe0f0}, 307 {0x0000c2e4, 0xffe3b0f0, 0xffe3b0f0, 0xffe3b0f0, 0xffe3b0f0, 0xffe3b0f0, 0xffe3b0f0, 0xffffe0f0, 0xffffe0f0},
308 {0x0000c2e8, 0xffffff00, 0xffffff00, 0xffffff00, 0xffffff00, 0xffffff00, 0xffffff00, 0xfffcff00, 0xfffcff00}, 308 {0x0000c2e8, 0xffffff00, 0xffffff00, 0xffffff00, 0xffffff00, 0xffffff00, 0xffffff00, 0xfffcff00, 0xfffcff00},
309 {0x00016044, 0x056db2d4, 0x056db2d4, 0x056db2d4, 0x056db2d4, 0x056db2d4, 0x056db2d4, 0x010002d4, 0x010002d4}, 309 {0x00016044, 0x056db2d4, 0x056db2d4, 0x056db2d4, 0x056db2d4, 0x056db2d4, 0x056db2d4, 0x010002d4, 0x010002d4},
310 {0x00016048, 0x62482401, 0x62482401, 0x62482401, 0x62482401, 0x62482401, 0x62482401, 0x66482401, 0x66482401}, 310 {0x00016048, 0x66482401, 0x66482401, 0x66482401, 0x66482401, 0x66482401, 0x66482401, 0x66482401, 0x66482401},
311 {0x00016280, 0x01801e84, 0x01801e84, 0x01801e84, 0x01801e84, 0x01801e84, 0x01801e84, 0x01808e84, 0x01808e84}, 311 {0x00016280, 0x01801e84, 0x01801e84, 0x01801e84, 0x01801e84, 0x01801e84, 0x01801e84, 0x01808e84, 0x01808e84},
312 {0x00016444, 0x056db2d4, 0x056db2d4, 0x056db2d4, 0x056db2d4, 0x056db2d4, 0x056db2d4, 0x010002d4, 0x010002d4}, 312 {0x00016444, 0x056db2d4, 0x056db2d4, 0x056db2d4, 0x056db2d4, 0x056db2d4, 0x056db2d4, 0x010002d4, 0x010002d4},
313 {0x00016448, 0x62482401, 0x62482401, 0x62482401, 0x62482401, 0x62482401, 0x62482401, 0x66482401, 0x66482401}, 313 {0x00016448, 0x66482401, 0x66482401, 0x66482401, 0x66482401, 0x66482401, 0x66482401, 0x66482401, 0x66482401},
314 {0x00016844, 0x056db2d4, 0x056db2d4, 0x056db2d4, 0x056db2d4, 0x056db2d4, 0x056db2d4, 0x010002d4, 0x010002d4}, 314 {0x00016844, 0x056db2d4, 0x056db2d4, 0x056db2d4, 0x056db2d4, 0x056db2d4, 0x056db2d4, 0x010002d4, 0x010002d4},
315 {0x00016848, 0x62482401, 0x62482401, 0x62482401, 0x62482401, 0x62482401, 0x62482401, 0x66482401, 0x66482401}, 315 {0x00016848, 0x66482401, 0x66482401, 0x66482401, 0x66482401, 0x66482401, 0x66482401, 0x66482401, 0x66482401},
316}; 316};
317 317
318static const u32 ar955x_1p0_mac_core[][2] = { 318static const u32 ar955x_1p0_mac_core[][2] = {
@@ -846,7 +846,7 @@ static const u32 ar955x_1p0_baseband_core[][2] = {
846 {0x0000a44c, 0x00000001}, 846 {0x0000a44c, 0x00000001},
847 {0x0000a450, 0x00010000}, 847 {0x0000a450, 0x00010000},
848 {0x0000a458, 0x00000000}, 848 {0x0000a458, 0x00000000},
849 {0x0000a644, 0x3fad9d74}, 849 {0x0000a644, 0xbfad9d74},
850 {0x0000a648, 0x0048060a}, 850 {0x0000a648, 0x0048060a},
851 {0x0000a64c, 0x00003c37}, 851 {0x0000a64c, 0x00003c37},
852 {0x0000a670, 0x03020100}, 852 {0x0000a670, 0x03020100},
@@ -1277,7 +1277,7 @@ static const u32 ar955x_1p0_modes_fast_clock[][3] = {
1277 {0x0000801c, 0x148ec02b, 0x148ec057}, 1277 {0x0000801c, 0x148ec02b, 0x148ec057},
1278 {0x00008318, 0x000044c0, 0x00008980}, 1278 {0x00008318, 0x000044c0, 0x00008980},
1279 {0x00009e00, 0x0372131c, 0x0372131c}, 1279 {0x00009e00, 0x0372131c, 0x0372131c},
1280 {0x0000a230, 0x0000000b, 0x00000016}, 1280 {0x0000a230, 0x0000400b, 0x00004016},
1281 {0x0000a254, 0x00000898, 0x00001130}, 1281 {0x0000a254, 0x00000898, 0x00001130},
1282}; 1282};
1283 1283
diff --git a/drivers/net/wireless/ath/ath9k/ar9580_1p0_initvals.h b/drivers/net/wireless/ath/ath9k/ar9580_1p0_initvals.h
index 6e1915aee712..28fd99203f64 100644
--- a/drivers/net/wireless/ath/ath9k/ar9580_1p0_initvals.h
+++ b/drivers/net/wireless/ath/ath9k/ar9580_1p0_initvals.h
@@ -685,6 +685,82 @@ static const u32 ar9580_1p0_mixed_ob_db_tx_gain_table[][5] = {
685 685
686#define ar9580_1p0_high_ob_db_tx_gain_table ar9300Modes_high_ob_db_tx_gain_table_2p2 686#define ar9580_1p0_high_ob_db_tx_gain_table ar9300Modes_high_ob_db_tx_gain_table_2p2
687 687
688#define ar9580_1p0_type5_tx_gain_table ar9300Modes_type5_tx_gain_table_2p2
689
690static const u32 ar9580_1p0_type6_tx_gain_table[][5] = {
691 /* Addr 5G_HT20 5G_HT40 2G_HT40 2G_HT20 */
692 {0x0000a2dc, 0x000cfff0, 0x000cfff0, 0x03aaa352, 0x03aaa352},
693 {0x0000a2e0, 0x000f0000, 0x000f0000, 0x03ccc584, 0x03ccc584},
694 {0x0000a2e4, 0x03f00000, 0x03f00000, 0x03f0f800, 0x03f0f800},
695 {0x0000a2e8, 0x00000000, 0x00000000, 0x03ff0000, 0x03ff0000},
696 {0x0000a410, 0x000050d9, 0x000050d9, 0x000050d9, 0x000050d9},
697 {0x0000a500, 0x00000000, 0x00000000, 0x00000000, 0x00000000},
698 {0x0000a504, 0x06000003, 0x06000003, 0x04000002, 0x04000002},
699 {0x0000a508, 0x0a000020, 0x0a000020, 0x08000004, 0x08000004},
700 {0x0000a50c, 0x10000023, 0x10000023, 0x0b000200, 0x0b000200},
701 {0x0000a510, 0x15000028, 0x15000028, 0x0f000202, 0x0f000202},
702 {0x0000a514, 0x1b00002b, 0x1b00002b, 0x12000400, 0x12000400},
703 {0x0000a518, 0x1f020028, 0x1f020028, 0x16000402, 0x16000402},
704 {0x0000a51c, 0x2502002b, 0x2502002b, 0x19000404, 0x19000404},
705 {0x0000a520, 0x2a04002a, 0x2a04002a, 0x1c000603, 0x1c000603},
706 {0x0000a524, 0x2e06002a, 0x2e06002a, 0x21000a02, 0x21000a02},
707 {0x0000a528, 0x3302202d, 0x3302202d, 0x25000a04, 0x25000a04},
708 {0x0000a52c, 0x3804202c, 0x3804202c, 0x28000a20, 0x28000a20},
709 {0x0000a530, 0x3c06202c, 0x3c06202c, 0x2c000e20, 0x2c000e20},
710 {0x0000a534, 0x4108202d, 0x4108202d, 0x30000e22, 0x30000e22},
711 {0x0000a538, 0x4506402d, 0x4506402d, 0x34000e24, 0x34000e24},
712 {0x0000a53c, 0x4906222d, 0x4906222d, 0x38001640, 0x38001640},
713 {0x0000a540, 0x4d062231, 0x4d062231, 0x3c001660, 0x3c001660},
714 {0x0000a544, 0x50082231, 0x50082231, 0x3f001861, 0x3f001861},
715 {0x0000a548, 0x5608422e, 0x5608422e, 0x43001a81, 0x43001a81},
716 {0x0000a54c, 0x5e08442e, 0x5e08442e, 0x47001a83, 0x47001a83},
717 {0x0000a550, 0x620a4431, 0x620a4431, 0x4a001c84, 0x4a001c84},
718 {0x0000a554, 0x640a4432, 0x640a4432, 0x4e001ce3, 0x4e001ce3},
719 {0x0000a558, 0x680a4434, 0x680a4434, 0x52001ce5, 0x52001ce5},
720 {0x0000a55c, 0x6c0a6434, 0x6c0a6434, 0x56001ce9, 0x56001ce9},
721 {0x0000a560, 0x6f0a6633, 0x6f0a6633, 0x5a001ceb, 0x5a001ceb},
722 {0x0000a564, 0x730c6634, 0x730c6634, 0x5d001eec, 0x5d001eec},
723 {0x0000a568, 0x730c6634, 0x730c6634, 0x5d001eec, 0x5d001eec},
724 {0x0000a56c, 0x730c6634, 0x730c6634, 0x5d001eec, 0x5d001eec},
725 {0x0000a570, 0x730c6634, 0x730c6634, 0x5d001eec, 0x5d001eec},
726 {0x0000a574, 0x730c6634, 0x730c6634, 0x5d001eec, 0x5d001eec},
727 {0x0000a578, 0x730c6634, 0x730c6634, 0x5d001eec, 0x5d001eec},
728 {0x0000a57c, 0x730c6634, 0x730c6634, 0x5d001eec, 0x5d001eec},
729 {0x0000a600, 0x00000000, 0x00000000, 0x00000000, 0x00000000},
730 {0x0000a604, 0x00000000, 0x00000000, 0x00000000, 0x00000000},
731 {0x0000a608, 0x01804601, 0x01804601, 0x00000000, 0x00000000},
732 {0x0000a60c, 0x01804601, 0x01804601, 0x00000000, 0x00000000},
733 {0x0000a610, 0x01804601, 0x01804601, 0x00000000, 0x00000000},
734 {0x0000a614, 0x01804601, 0x01804601, 0x01404000, 0x01404000},
735 {0x0000a618, 0x01804601, 0x01804601, 0x01404501, 0x01404501},
736 {0x0000a61c, 0x01804601, 0x01804601, 0x02008501, 0x02008501},
737 {0x0000a620, 0x03408d02, 0x03408d02, 0x0280ca03, 0x0280ca03},
738 {0x0000a624, 0x0300cc03, 0x0300cc03, 0x03010c04, 0x03010c04},
739 {0x0000a628, 0x03410d04, 0x03410d04, 0x04014c04, 0x04014c04},
740 {0x0000a62c, 0x03410d04, 0x03410d04, 0x04015005, 0x04015005},
741 {0x0000a630, 0x03410d04, 0x03410d04, 0x04015005, 0x04015005},
742 {0x0000a634, 0x03410d04, 0x03410d04, 0x04015005, 0x04015005},
743 {0x0000a638, 0x03410d04, 0x03410d04, 0x04015005, 0x04015005},
744 {0x0000a63c, 0x03410d04, 0x03410d04, 0x04015005, 0x04015005},
745 {0x0000b2dc, 0x000cfff0, 0x000cfff0, 0x03aaa352, 0x03aaa352},
746 {0x0000b2e0, 0x000f0000, 0x000f0000, 0x03ccc584, 0x03ccc584},
747 {0x0000b2e4, 0x03f00000, 0x03f00000, 0x03f0f800, 0x03f0f800},
748 {0x0000b2e8, 0x00000000, 0x00000000, 0x03ff0000, 0x03ff0000},
749 {0x0000c2dc, 0x000cfff0, 0x000cfff0, 0x03aaa352, 0x03aaa352},
750 {0x0000c2e0, 0x000f0000, 0x000f0000, 0x03ccc584, 0x03ccc584},
751 {0x0000c2e4, 0x03f00000, 0x03f00000, 0x03f0f800, 0x03f0f800},
752 {0x0000c2e8, 0x00000000, 0x00000000, 0x03ff0000, 0x03ff0000},
753 {0x00016044, 0x012492d4, 0x012492d4, 0x012492d4, 0x012492d4},
754 {0x00016048, 0x61200001, 0x61200001, 0x66480001, 0x66480001},
755 {0x00016068, 0x6db6db6c, 0x6db6db6c, 0x6db6db6c, 0x6db6db6c},
756 {0x00016444, 0x012492d4, 0x012492d4, 0x012492d4, 0x012492d4},
757 {0x00016448, 0x61200001, 0x61200001, 0x66480001, 0x66480001},
758 {0x00016468, 0x6db6db6c, 0x6db6db6c, 0x6db6db6c, 0x6db6db6c},
759 {0x00016844, 0x012492d4, 0x012492d4, 0x012492d4, 0x012492d4},
760 {0x00016848, 0x61200001, 0x61200001, 0x66480001, 0x66480001},
761 {0x00016868, 0x6db6db6c, 0x6db6db6c, 0x6db6db6c, 0x6db6db6c},
762};
763
688static const u32 ar9580_1p0_soc_preamble[][2] = { 764static const u32 ar9580_1p0_soc_preamble[][2] = {
689 /* Addr allmodes */ 765 /* Addr allmodes */
690 {0x000040a4, 0x00a0c1c9}, 766 {0x000040a4, 0x00a0c1c9},
diff --git a/drivers/net/wireless/ath/ath9k/ath9k.h b/drivers/net/wireless/ath/ath9k/ath9k.h
index 86e26a19efda..67df8644fef6 100644
--- a/drivers/net/wireless/ath/ath9k/ath9k.h
+++ b/drivers/net/wireless/ath/ath9k/ath9k.h
@@ -109,14 +109,11 @@ struct ath_descdma {
109 void *dd_desc; 109 void *dd_desc;
110 dma_addr_t dd_desc_paddr; 110 dma_addr_t dd_desc_paddr;
111 u32 dd_desc_len; 111 u32 dd_desc_len;
112 struct ath_buf *dd_bufptr;
113}; 112};
114 113
115int ath_descdma_setup(struct ath_softc *sc, struct ath_descdma *dd, 114int ath_descdma_setup(struct ath_softc *sc, struct ath_descdma *dd,
116 struct list_head *head, const char *name, 115 struct list_head *head, const char *name,
117 int nbuf, int ndesc, bool is_tx); 116 int nbuf, int ndesc, bool is_tx);
118void ath_descdma_cleanup(struct ath_softc *sc, struct ath_descdma *dd,
119 struct list_head *head);
120 117
121/***********/ 118/***********/
122/* RX / TX */ 119/* RX / TX */
@@ -317,10 +314,8 @@ struct ath_rx {
317 u32 *rxlink; 314 u32 *rxlink;
318 u32 num_pkts; 315 u32 num_pkts;
319 unsigned int rxfilter; 316 unsigned int rxfilter;
320 spinlock_t rxbuflock;
321 struct list_head rxbuf; 317 struct list_head rxbuf;
322 struct ath_descdma rxdma; 318 struct ath_descdma rxdma;
323 struct ath_buf *rx_bufptr;
324 struct ath_rx_edma rx_edma[ATH9K_RX_QUEUE_MAX]; 319 struct ath_rx_edma rx_edma[ATH9K_RX_QUEUE_MAX];
325 320
326 struct sk_buff *frag; 321 struct sk_buff *frag;
@@ -328,7 +323,6 @@ struct ath_rx {
328 323
329int ath_startrecv(struct ath_softc *sc); 324int ath_startrecv(struct ath_softc *sc);
330bool ath_stoprecv(struct ath_softc *sc); 325bool ath_stoprecv(struct ath_softc *sc);
331void ath_flushrecv(struct ath_softc *sc);
332u32 ath_calcrxfilter(struct ath_softc *sc); 326u32 ath_calcrxfilter(struct ath_softc *sc);
333int ath_rx_init(struct ath_softc *sc, int nbufs); 327int ath_rx_init(struct ath_softc *sc, int nbufs);
334void ath_rx_cleanup(struct ath_softc *sc); 328void ath_rx_cleanup(struct ath_softc *sc);
@@ -338,14 +332,12 @@ void ath_txq_lock(struct ath_softc *sc, struct ath_txq *txq);
338void ath_txq_unlock(struct ath_softc *sc, struct ath_txq *txq); 332void ath_txq_unlock(struct ath_softc *sc, struct ath_txq *txq);
339void ath_txq_unlock_complete(struct ath_softc *sc, struct ath_txq *txq); 333void ath_txq_unlock_complete(struct ath_softc *sc, struct ath_txq *txq);
340void ath_tx_cleanupq(struct ath_softc *sc, struct ath_txq *txq); 334void ath_tx_cleanupq(struct ath_softc *sc, struct ath_txq *txq);
341bool ath_drain_all_txq(struct ath_softc *sc, bool retry_tx); 335bool ath_drain_all_txq(struct ath_softc *sc);
342void ath_draintxq(struct ath_softc *sc, 336void ath_draintxq(struct ath_softc *sc, struct ath_txq *txq);
343 struct ath_txq *txq, bool retry_tx);
344void ath_tx_node_init(struct ath_softc *sc, struct ath_node *an); 337void ath_tx_node_init(struct ath_softc *sc, struct ath_node *an);
345void ath_tx_node_cleanup(struct ath_softc *sc, struct ath_node *an); 338void ath_tx_node_cleanup(struct ath_softc *sc, struct ath_node *an);
346void ath_txq_schedule(struct ath_softc *sc, struct ath_txq *txq); 339void ath_txq_schedule(struct ath_softc *sc, struct ath_txq *txq);
347int ath_tx_init(struct ath_softc *sc, int nbufs); 340int ath_tx_init(struct ath_softc *sc, int nbufs);
348void ath_tx_cleanup(struct ath_softc *sc);
349int ath_txq_update(struct ath_softc *sc, int qnum, 341int ath_txq_update(struct ath_softc *sc, int qnum,
350 struct ath9k_tx_queue_info *q); 342 struct ath9k_tx_queue_info *q);
351void ath_update_max_aggr_framelen(struct ath_softc *sc, int queue, int txop); 343void ath_update_max_aggr_framelen(struct ath_softc *sc, int queue, int txop);
@@ -646,7 +638,6 @@ void ath_ant_comb_update(struct ath_softc *sc);
646enum sc_op_flags { 638enum sc_op_flags {
647 SC_OP_INVALID, 639 SC_OP_INVALID,
648 SC_OP_BEACONS, 640 SC_OP_BEACONS,
649 SC_OP_RXFLUSH,
650 SC_OP_ANI_RUN, 641 SC_OP_ANI_RUN,
651 SC_OP_PRIM_STA_VIF, 642 SC_OP_PRIM_STA_VIF,
652 SC_OP_HW_RESET, 643 SC_OP_HW_RESET,
@@ -675,6 +666,23 @@ struct ath9k_vif_iter_data {
675 int nadhocs; /* number of adhoc vifs */ 666 int nadhocs; /* number of adhoc vifs */
676}; 667};
677 668
669/* enum spectral_mode:
670 *
671 * @SPECTRAL_DISABLED: spectral mode is disabled
672 * @SPECTRAL_BACKGROUND: hardware sends samples when it is not busy with
673 * something else.
674 * @SPECTRAL_MANUAL: spectral scan is enabled, triggering for samples
675 * is performed manually.
676 * @SPECTRAL_CHANSCAN: Like manual, but also triggered when changing channels
677 * during a channel scan.
678 */
679enum spectral_mode {
680 SPECTRAL_DISABLED = 0,
681 SPECTRAL_BACKGROUND,
682 SPECTRAL_MANUAL,
683 SPECTRAL_CHANSCAN,
684};
685
678struct ath_softc { 686struct ath_softc {
679 struct ieee80211_hw *hw; 687 struct ieee80211_hw *hw;
680 struct device *dev; 688 struct device *dev;
@@ -743,6 +751,11 @@ struct ath_softc {
743 u8 ant_tx, ant_rx; 751 u8 ant_tx, ant_rx;
744 struct dfs_pattern_detector *dfs_detector; 752 struct dfs_pattern_detector *dfs_detector;
745 u32 wow_enabled; 753 u32 wow_enabled;
754 /* relay(fs) channel for spectral scan */
755 struct rchan *rfs_chan_spec_scan;
756 enum spectral_mode spectral_mode;
757 struct ath_spec_scan spec_config;
758 int scanning;
746 759
747#ifdef CONFIG_PM_SLEEP 760#ifdef CONFIG_PM_SLEEP
748 atomic_t wow_got_bmiss_intr; 761 atomic_t wow_got_bmiss_intr;
@@ -751,6 +764,133 @@ struct ath_softc {
751#endif 764#endif
752}; 765};
753 766
767#define SPECTRAL_SCAN_BITMASK 0x10
768/* Radar info packet format, used for DFS and spectral formats. */
769struct ath_radar_info {
770 u8 pulse_length_pri;
771 u8 pulse_length_ext;
772 u8 pulse_bw_info;
773} __packed;
774
775/* The HT20 spectral data has 4 bytes of additional information at it's end.
776 *
777 * [7:0]: all bins {max_magnitude[1:0], bitmap_weight[5:0]}
778 * [7:0]: all bins max_magnitude[9:2]
779 * [7:0]: all bins {max_index[5:0], max_magnitude[11:10]}
780 * [3:0]: max_exp (shift amount to size max bin to 8-bit unsigned)
781 */
782struct ath_ht20_mag_info {
783 u8 all_bins[3];
784 u8 max_exp;
785} __packed;
786
787#define SPECTRAL_HT20_NUM_BINS 56
788
789/* WARNING: don't actually use this struct! MAC may vary the amount of
790 * data by -1/+2. This struct is for reference only.
791 */
792struct ath_ht20_fft_packet {
793 u8 data[SPECTRAL_HT20_NUM_BINS];
794 struct ath_ht20_mag_info mag_info;
795 struct ath_radar_info radar_info;
796} __packed;
797
798#define SPECTRAL_HT20_TOTAL_DATA_LEN (sizeof(struct ath_ht20_fft_packet))
799
800/* Dynamic 20/40 mode:
801 *
802 * [7:0]: lower bins {max_magnitude[1:0], bitmap_weight[5:0]}
803 * [7:0]: lower bins max_magnitude[9:2]
804 * [7:0]: lower bins {max_index[5:0], max_magnitude[11:10]}
805 * [7:0]: upper bins {max_magnitude[1:0], bitmap_weight[5:0]}
806 * [7:0]: upper bins max_magnitude[9:2]
807 * [7:0]: upper bins {max_index[5:0], max_magnitude[11:10]}
808 * [3:0]: max_exp (shift amount to size max bin to 8-bit unsigned)
809 */
810struct ath_ht20_40_mag_info {
811 u8 lower_bins[3];
812 u8 upper_bins[3];
813 u8 max_exp;
814} __packed;
815
816#define SPECTRAL_HT20_40_NUM_BINS 128
817
818/* WARNING: don't actually use this struct! MAC may vary the amount of
819 * data. This struct is for reference only.
820 */
821struct ath_ht20_40_fft_packet {
822 u8 data[SPECTRAL_HT20_40_NUM_BINS];
823 struct ath_ht20_40_mag_info mag_info;
824 struct ath_radar_info radar_info;
825} __packed;
826
827
828#define SPECTRAL_HT20_40_TOTAL_DATA_LEN (sizeof(struct ath_ht20_40_fft_packet))
829
830/* grabs the max magnitude from the all/upper/lower bins */
831static inline u16 spectral_max_magnitude(u8 *bins)
832{
833 return (bins[0] & 0xc0) >> 6 |
834 (bins[1] & 0xff) << 2 |
835 (bins[2] & 0x03) << 10;
836}
837
838/* return the max magnitude from the all/upper/lower bins */
839static inline u8 spectral_max_index(u8 *bins)
840{
841 s8 m = (bins[2] & 0xfc) >> 2;
842
843 /* TODO: this still doesn't always report the right values ... */
844 if (m > 32)
845 m |= 0xe0;
846 else
847 m &= ~0xe0;
848
849 return m + 29;
850}
851
852/* return the bitmap weight from the all/upper/lower bins */
853static inline u8 spectral_bitmap_weight(u8 *bins)
854{
855 return bins[0] & 0x3f;
856}
857
858/* FFT sample format given to userspace via debugfs.
859 *
860 * Please keep the type/length at the front position and change
861 * other fields after adding another sample type
862 *
863 * TODO: this might need rework when switching to nl80211-based
864 * interface.
865 */
866enum ath_fft_sample_type {
867 ATH_FFT_SAMPLE_HT20 = 1,
868};
869
870struct fft_sample_tlv {
871 u8 type; /* see ath_fft_sample */
872 u16 length;
873 /* type dependent data follows */
874} __packed;
875
876struct fft_sample_ht20 {
877 struct fft_sample_tlv tlv;
878
879 u8 max_exp;
880
881 u16 freq;
882 s8 rssi;
883 s8 noise;
884
885 u16 max_magnitude;
886 u8 max_index;
887 u8 bitmap_weight;
888
889 u64 tsf;
890
891 u8 data[SPECTRAL_HT20_NUM_BINS];
892} __packed;
893
754void ath9k_tasklet(unsigned long data); 894void ath9k_tasklet(unsigned long data);
755int ath_cabq_update(struct ath_softc *); 895int ath_cabq_update(struct ath_softc *);
756 896
@@ -773,6 +913,10 @@ void ath9k_set_hw_capab(struct ath_softc *sc, struct ieee80211_hw *hw);
773void ath9k_reload_chainmask_settings(struct ath_softc *sc); 913void ath9k_reload_chainmask_settings(struct ath_softc *sc);
774 914
775bool ath9k_uses_beacons(int type); 915bool ath9k_uses_beacons(int type);
916void ath9k_spectral_scan_trigger(struct ieee80211_hw *hw);
917int ath9k_spectral_scan_config(struct ieee80211_hw *hw,
918 enum spectral_mode spectral_mode);
919
776 920
777#ifdef CONFIG_ATH9K_PCI 921#ifdef CONFIG_ATH9K_PCI
778int ath_pci_init(void); 922int ath_pci_init(void);
diff --git a/drivers/net/wireless/ath/ath9k/beacon.c b/drivers/net/wireless/ath/ath9k/beacon.c
index 531fffd801a3..dd3771954bd7 100644
--- a/drivers/net/wireless/ath/ath9k/beacon.c
+++ b/drivers/net/wireless/ath/ath9k/beacon.c
@@ -147,6 +147,7 @@ static struct ath_buf *ath9k_beacon_generate(struct ieee80211_hw *hw,
147 skb->len, DMA_TO_DEVICE); 147 skb->len, DMA_TO_DEVICE);
148 dev_kfree_skb_any(skb); 148 dev_kfree_skb_any(skb);
149 bf->bf_buf_addr = 0; 149 bf->bf_buf_addr = 0;
150 bf->bf_mpdu = NULL;
150 } 151 }
151 152
152 skb = ieee80211_beacon_get(hw, vif); 153 skb = ieee80211_beacon_get(hw, vif);
@@ -198,7 +199,7 @@ static struct ath_buf *ath9k_beacon_generate(struct ieee80211_hw *hw,
198 if (sc->nvifs > 1) { 199 if (sc->nvifs > 1) {
199 ath_dbg(common, BEACON, 200 ath_dbg(common, BEACON,
200 "Flushing previous cabq traffic\n"); 201 "Flushing previous cabq traffic\n");
201 ath_draintxq(sc, cabq, false); 202 ath_draintxq(sc, cabq);
202 } 203 }
203 } 204 }
204 205
@@ -359,7 +360,6 @@ void ath9k_beacon_tasklet(unsigned long data)
359 return; 360 return;
360 361
361 bf = ath9k_beacon_generate(sc->hw, vif); 362 bf = ath9k_beacon_generate(sc->hw, vif);
362 WARN_ON(!bf);
363 363
364 if (sc->beacon.bmisscnt != 0) { 364 if (sc->beacon.bmisscnt != 0) {
365 ath_dbg(common, BSTUCK, "resume beacon xmit after %u misses\n", 365 ath_dbg(common, BSTUCK, "resume beacon xmit after %u misses\n",
diff --git a/drivers/net/wireless/ath/ath9k/debug.c b/drivers/net/wireless/ath/ath9k/debug.c
index 13ff9edc2401..3714b971d18e 100644
--- a/drivers/net/wireless/ath/ath9k/debug.c
+++ b/drivers/net/wireless/ath/ath9k/debug.c
@@ -17,6 +17,7 @@
17#include <linux/slab.h> 17#include <linux/slab.h>
18#include <linux/vmalloc.h> 18#include <linux/vmalloc.h>
19#include <linux/export.h> 19#include <linux/export.h>
20#include <linux/relay.h>
20#include <asm/unaligned.h> 21#include <asm/unaligned.h>
21 22
22#include "ath9k.h" 23#include "ath9k.h"
@@ -861,7 +862,6 @@ static ssize_t read_file_recv(struct file *file, char __user *user_buf,
861 RXS_ERR("RX-LENGTH-ERR", rx_len_err); 862 RXS_ERR("RX-LENGTH-ERR", rx_len_err);
862 RXS_ERR("RX-OOM-ERR", rx_oom_err); 863 RXS_ERR("RX-OOM-ERR", rx_oom_err);
863 RXS_ERR("RX-RATE-ERR", rx_rate_err); 864 RXS_ERR("RX-RATE-ERR", rx_rate_err);
864 RXS_ERR("RX-DROP-RXFLUSH", rx_drop_rxflush);
865 RXS_ERR("RX-TOO-MANY-FRAGS", rx_too_many_frags_err); 865 RXS_ERR("RX-TOO-MANY-FRAGS", rx_too_many_frags_err);
866 866
867 PHY_ERR("UNDERRUN ERR", ATH9K_PHYERR_UNDERRUN); 867 PHY_ERR("UNDERRUN ERR", ATH9K_PHYERR_UNDERRUN);
@@ -895,6 +895,7 @@ static ssize_t read_file_recv(struct file *file, char __user *user_buf,
895 RXS_ERR("RX-Bytes-All", rx_bytes_all); 895 RXS_ERR("RX-Bytes-All", rx_bytes_all);
896 RXS_ERR("RX-Beacons", rx_beacons); 896 RXS_ERR("RX-Beacons", rx_beacons);
897 RXS_ERR("RX-Frags", rx_frags); 897 RXS_ERR("RX-Frags", rx_frags);
898 RXS_ERR("RX-Spectral", rx_spectral);
898 899
899 if (len > size) 900 if (len > size)
900 len = size; 901 len = size;
@@ -966,6 +967,290 @@ static const struct file_operations fops_recv = {
966 .llseek = default_llseek, 967 .llseek = default_llseek,
967}; 968};
968 969
970static ssize_t read_file_spec_scan_ctl(struct file *file, char __user *user_buf,
971 size_t count, loff_t *ppos)
972{
973 struct ath_softc *sc = file->private_data;
974 char *mode = "";
975 unsigned int len;
976
977 switch (sc->spectral_mode) {
978 case SPECTRAL_DISABLED:
979 mode = "disable";
980 break;
981 case SPECTRAL_BACKGROUND:
982 mode = "background";
983 break;
984 case SPECTRAL_CHANSCAN:
985 mode = "chanscan";
986 break;
987 case SPECTRAL_MANUAL:
988 mode = "manual";
989 break;
990 }
991 len = strlen(mode);
992 return simple_read_from_buffer(user_buf, count, ppos, mode, len);
993}
994
995static ssize_t write_file_spec_scan_ctl(struct file *file,
996 const char __user *user_buf,
997 size_t count, loff_t *ppos)
998{
999 struct ath_softc *sc = file->private_data;
1000 struct ath_common *common = ath9k_hw_common(sc->sc_ah);
1001 char buf[32];
1002 ssize_t len;
1003
1004 len = min(count, sizeof(buf) - 1);
1005 if (copy_from_user(buf, user_buf, len))
1006 return -EFAULT;
1007
1008 buf[len] = '\0';
1009
1010 if (strncmp("trigger", buf, 7) == 0) {
1011 ath9k_spectral_scan_trigger(sc->hw);
1012 } else if (strncmp("background", buf, 9) == 0) {
1013 ath9k_spectral_scan_config(sc->hw, SPECTRAL_BACKGROUND);
1014 ath_dbg(common, CONFIG, "spectral scan: background mode enabled\n");
1015 } else if (strncmp("chanscan", buf, 8) == 0) {
1016 ath9k_spectral_scan_config(sc->hw, SPECTRAL_CHANSCAN);
1017 ath_dbg(common, CONFIG, "spectral scan: channel scan mode enabled\n");
1018 } else if (strncmp("manual", buf, 6) == 0) {
1019 ath9k_spectral_scan_config(sc->hw, SPECTRAL_MANUAL);
1020 ath_dbg(common, CONFIG, "spectral scan: manual mode enabled\n");
1021 } else if (strncmp("disable", buf, 7) == 0) {
1022 ath9k_spectral_scan_config(sc->hw, SPECTRAL_DISABLED);
1023 ath_dbg(common, CONFIG, "spectral scan: disabled\n");
1024 } else {
1025 return -EINVAL;
1026 }
1027
1028 return count;
1029}
1030
1031static const struct file_operations fops_spec_scan_ctl = {
1032 .read = read_file_spec_scan_ctl,
1033 .write = write_file_spec_scan_ctl,
1034 .open = simple_open,
1035 .owner = THIS_MODULE,
1036 .llseek = default_llseek,
1037};
1038
1039static ssize_t read_file_spectral_short_repeat(struct file *file,
1040 char __user *user_buf,
1041 size_t count, loff_t *ppos)
1042{
1043 struct ath_softc *sc = file->private_data;
1044 char buf[32];
1045 unsigned int len;
1046
1047 len = sprintf(buf, "%d\n", sc->spec_config.short_repeat);
1048 return simple_read_from_buffer(user_buf, count, ppos, buf, len);
1049}
1050
1051static ssize_t write_file_spectral_short_repeat(struct file *file,
1052 const char __user *user_buf,
1053 size_t count, loff_t *ppos)
1054{
1055 struct ath_softc *sc = file->private_data;
1056 unsigned long val;
1057 char buf[32];
1058 ssize_t len;
1059
1060 len = min(count, sizeof(buf) - 1);
1061 if (copy_from_user(buf, user_buf, len))
1062 return -EFAULT;
1063
1064 buf[len] = '\0';
1065 if (kstrtoul(buf, 0, &val))
1066 return -EINVAL;
1067
1068 if (val < 0 || val > 1)
1069 return -EINVAL;
1070
1071 sc->spec_config.short_repeat = val;
1072 return count;
1073}
1074
1075static const struct file_operations fops_spectral_short_repeat = {
1076 .read = read_file_spectral_short_repeat,
1077 .write = write_file_spectral_short_repeat,
1078 .open = simple_open,
1079 .owner = THIS_MODULE,
1080 .llseek = default_llseek,
1081};
1082
1083static ssize_t read_file_spectral_count(struct file *file,
1084 char __user *user_buf,
1085 size_t count, loff_t *ppos)
1086{
1087 struct ath_softc *sc = file->private_data;
1088 char buf[32];
1089 unsigned int len;
1090
1091 len = sprintf(buf, "%d\n", sc->spec_config.count);
1092 return simple_read_from_buffer(user_buf, count, ppos, buf, len);
1093}
1094
1095static ssize_t write_file_spectral_count(struct file *file,
1096 const char __user *user_buf,
1097 size_t count, loff_t *ppos)
1098{
1099 struct ath_softc *sc = file->private_data;
1100 unsigned long val;
1101 char buf[32];
1102 ssize_t len;
1103
1104 len = min(count, sizeof(buf) - 1);
1105 if (copy_from_user(buf, user_buf, len))
1106 return -EFAULT;
1107
1108 buf[len] = '\0';
1109 if (kstrtoul(buf, 0, &val))
1110 return -EINVAL;
1111
1112 if (val < 0 || val > 255)
1113 return -EINVAL;
1114
1115 sc->spec_config.count = val;
1116 return count;
1117}
1118
1119static const struct file_operations fops_spectral_count = {
1120 .read = read_file_spectral_count,
1121 .write = write_file_spectral_count,
1122 .open = simple_open,
1123 .owner = THIS_MODULE,
1124 .llseek = default_llseek,
1125};
1126
1127static ssize_t read_file_spectral_period(struct file *file,
1128 char __user *user_buf,
1129 size_t count, loff_t *ppos)
1130{
1131 struct ath_softc *sc = file->private_data;
1132 char buf[32];
1133 unsigned int len;
1134
1135 len = sprintf(buf, "%d\n", sc->spec_config.period);
1136 return simple_read_from_buffer(user_buf, count, ppos, buf, len);
1137}
1138
1139static ssize_t write_file_spectral_period(struct file *file,
1140 const char __user *user_buf,
1141 size_t count, loff_t *ppos)
1142{
1143 struct ath_softc *sc = file->private_data;
1144 unsigned long val;
1145 char buf[32];
1146 ssize_t len;
1147
1148 len = min(count, sizeof(buf) - 1);
1149 if (copy_from_user(buf, user_buf, len))
1150 return -EFAULT;
1151
1152 buf[len] = '\0';
1153 if (kstrtoul(buf, 0, &val))
1154 return -EINVAL;
1155
1156 if (val < 0 || val > 255)
1157 return -EINVAL;
1158
1159 sc->spec_config.period = val;
1160 return count;
1161}
1162
1163static const struct file_operations fops_spectral_period = {
1164 .read = read_file_spectral_period,
1165 .write = write_file_spectral_period,
1166 .open = simple_open,
1167 .owner = THIS_MODULE,
1168 .llseek = default_llseek,
1169};
1170
1171static ssize_t read_file_spectral_fft_period(struct file *file,
1172 char __user *user_buf,
1173 size_t count, loff_t *ppos)
1174{
1175 struct ath_softc *sc = file->private_data;
1176 char buf[32];
1177 unsigned int len;
1178
1179 len = sprintf(buf, "%d\n", sc->spec_config.fft_period);
1180 return simple_read_from_buffer(user_buf, count, ppos, buf, len);
1181}
1182
1183static ssize_t write_file_spectral_fft_period(struct file *file,
1184 const char __user *user_buf,
1185 size_t count, loff_t *ppos)
1186{
1187 struct ath_softc *sc = file->private_data;
1188 unsigned long val;
1189 char buf[32];
1190 ssize_t len;
1191
1192 len = min(count, sizeof(buf) - 1);
1193 if (copy_from_user(buf, user_buf, len))
1194 return -EFAULT;
1195
1196 buf[len] = '\0';
1197 if (kstrtoul(buf, 0, &val))
1198 return -EINVAL;
1199
1200 if (val < 0 || val > 15)
1201 return -EINVAL;
1202
1203 sc->spec_config.fft_period = val;
1204 return count;
1205}
1206
1207static const struct file_operations fops_spectral_fft_period = {
1208 .read = read_file_spectral_fft_period,
1209 .write = write_file_spectral_fft_period,
1210 .open = simple_open,
1211 .owner = THIS_MODULE,
1212 .llseek = default_llseek,
1213};
1214
1215static struct dentry *create_buf_file_handler(const char *filename,
1216 struct dentry *parent,
1217 umode_t mode,
1218 struct rchan_buf *buf,
1219 int *is_global)
1220{
1221 struct dentry *buf_file;
1222
1223 buf_file = debugfs_create_file(filename, mode, parent, buf,
1224 &relay_file_operations);
1225 *is_global = 1;
1226 return buf_file;
1227}
1228
1229static int remove_buf_file_handler(struct dentry *dentry)
1230{
1231 debugfs_remove(dentry);
1232
1233 return 0;
1234}
1235
1236void ath_debug_send_fft_sample(struct ath_softc *sc,
1237 struct fft_sample_tlv *fft_sample_tlv)
1238{
1239 int length;
1240 if (!sc->rfs_chan_spec_scan)
1241 return;
1242
1243 length = __be16_to_cpu(fft_sample_tlv->length) +
1244 sizeof(*fft_sample_tlv);
1245 relay_write(sc->rfs_chan_spec_scan, fft_sample_tlv, length);
1246}
1247
1248static struct rchan_callbacks rfs_spec_scan_cb = {
1249 .create_buf_file = create_buf_file_handler,
1250 .remove_buf_file = remove_buf_file_handler,
1251};
1252
1253
969static ssize_t read_file_regidx(struct file *file, char __user *user_buf, 1254static ssize_t read_file_regidx(struct file *file, char __user *user_buf,
970 size_t count, loff_t *ppos) 1255 size_t count, loff_t *ppos)
971{ 1256{
@@ -1780,6 +2065,24 @@ int ath9k_init_debug(struct ath_hw *ah)
1780 &fops_base_eeprom); 2065 &fops_base_eeprom);
1781 debugfs_create_file("modal_eeprom", S_IRUSR, sc->debug.debugfs_phy, sc, 2066 debugfs_create_file("modal_eeprom", S_IRUSR, sc->debug.debugfs_phy, sc,
1782 &fops_modal_eeprom); 2067 &fops_modal_eeprom);
2068 sc->rfs_chan_spec_scan = relay_open("spectral_scan",
2069 sc->debug.debugfs_phy,
2070 262144, 4, &rfs_spec_scan_cb,
2071 NULL);
2072 debugfs_create_file("spectral_scan_ctl", S_IRUSR | S_IWUSR,
2073 sc->debug.debugfs_phy, sc,
2074 &fops_spec_scan_ctl);
2075 debugfs_create_file("spectral_short_repeat", S_IRUSR | S_IWUSR,
2076 sc->debug.debugfs_phy, sc,
2077 &fops_spectral_short_repeat);
2078 debugfs_create_file("spectral_count", S_IRUSR | S_IWUSR,
2079 sc->debug.debugfs_phy, sc, &fops_spectral_count);
2080 debugfs_create_file("spectral_period", S_IRUSR | S_IWUSR,
2081 sc->debug.debugfs_phy, sc, &fops_spectral_period);
2082 debugfs_create_file("spectral_fft_period", S_IRUSR | S_IWUSR,
2083 sc->debug.debugfs_phy, sc,
2084 &fops_spectral_fft_period);
2085
1783#ifdef CONFIG_ATH9K_MAC_DEBUG 2086#ifdef CONFIG_ATH9K_MAC_DEBUG
1784 debugfs_create_file("samples", S_IRUSR, sc->debug.debugfs_phy, sc, 2087 debugfs_create_file("samples", S_IRUSR, sc->debug.debugfs_phy, sc,
1785 &fops_samps); 2088 &fops_samps);
diff --git a/drivers/net/wireless/ath/ath9k/debug.h b/drivers/net/wireless/ath/ath9k/debug.h
index 375c3b46411e..410d6d8f1aa7 100644
--- a/drivers/net/wireless/ath/ath9k/debug.h
+++ b/drivers/net/wireless/ath/ath9k/debug.h
@@ -23,6 +23,7 @@
23 23
24struct ath_txq; 24struct ath_txq;
25struct ath_buf; 25struct ath_buf;
26struct fft_sample_tlv;
26 27
27#ifdef CONFIG_ATH9K_DEBUGFS 28#ifdef CONFIG_ATH9K_DEBUGFS
28#define TX_STAT_INC(q, c) sc->debug.stats.txstats[q].c++ 29#define TX_STAT_INC(q, c) sc->debug.stats.txstats[q].c++
@@ -216,9 +217,9 @@ struct ath_tx_stats {
216 * @rx_oom_err: No. of frames dropped due to OOM issues. 217 * @rx_oom_err: No. of frames dropped due to OOM issues.
217 * @rx_rate_err: No. of frames dropped due to rate errors. 218 * @rx_rate_err: No. of frames dropped due to rate errors.
218 * @rx_too_many_frags_err: Frames dropped due to too-many-frags received. 219 * @rx_too_many_frags_err: Frames dropped due to too-many-frags received.
219 * @rx_drop_rxflush: No. of frames dropped due to RX-FLUSH.
220 * @rx_beacons: No. of beacons received. 220 * @rx_beacons: No. of beacons received.
221 * @rx_frags: No. of rx-fragements received. 221 * @rx_frags: No. of rx-fragements received.
222 * @rx_spectral: No of spectral packets received.
222 */ 223 */
223struct ath_rx_stats { 224struct ath_rx_stats {
224 u32 rx_pkts_all; 225 u32 rx_pkts_all;
@@ -235,9 +236,9 @@ struct ath_rx_stats {
235 u32 rx_oom_err; 236 u32 rx_oom_err;
236 u32 rx_rate_err; 237 u32 rx_rate_err;
237 u32 rx_too_many_frags_err; 238 u32 rx_too_many_frags_err;
238 u32 rx_drop_rxflush;
239 u32 rx_beacons; 239 u32 rx_beacons;
240 u32 rx_frags; 240 u32 rx_frags;
241 u32 rx_spectral;
241}; 242};
242 243
243struct ath_stats { 244struct ath_stats {
@@ -323,6 +324,10 @@ void ath9k_sta_remove_debugfs(struct ieee80211_hw *hw,
323 struct ieee80211_vif *vif, 324 struct ieee80211_vif *vif,
324 struct ieee80211_sta *sta, 325 struct ieee80211_sta *sta,
325 struct dentry *dir); 326 struct dentry *dir);
327
328void ath_debug_send_fft_sample(struct ath_softc *sc,
329 struct fft_sample_tlv *fft_sample);
330
326#else 331#else
327 332
328#define RX_STAT_INC(c) /* NOP */ 333#define RX_STAT_INC(c) /* NOP */
diff --git a/drivers/net/wireless/ath/ath9k/htc_drv_init.c b/drivers/net/wireless/ath/ath9k/htc_drv_init.c
index 05d5ba66cac3..e5d7958ab948 100644
--- a/drivers/net/wireless/ath/ath9k/htc_drv_init.c
+++ b/drivers/net/wireless/ath/ath9k/htc_drv_init.c
@@ -280,14 +280,14 @@ err:
280 return ret; 280 return ret;
281} 281}
282 282
283static int ath9k_reg_notifier(struct wiphy *wiphy, 283static void ath9k_reg_notifier(struct wiphy *wiphy,
284 struct regulatory_request *request) 284 struct regulatory_request *request)
285{ 285{
286 struct ieee80211_hw *hw = wiphy_to_ieee80211_hw(wiphy); 286 struct ieee80211_hw *hw = wiphy_to_ieee80211_hw(wiphy);
287 struct ath9k_htc_priv *priv = hw->priv; 287 struct ath9k_htc_priv *priv = hw->priv;
288 288
289 return ath_reg_notifier_apply(wiphy, request, 289 ath_reg_notifier_apply(wiphy, request,
290 ath9k_hw_regulatory(priv->ah)); 290 ath9k_hw_regulatory(priv->ah));
291} 291}
292 292
293static unsigned int ath9k_regread(void *hw_priv, u32 reg_offset) 293static unsigned int ath9k_regread(void *hw_priv, u32 reg_offset)
diff --git a/drivers/net/wireless/ath/ath9k/htc_drv_main.c b/drivers/net/wireless/ath/ath9k/htc_drv_main.c
index 9c07a8fa5134..a8016d70088a 100644
--- a/drivers/net/wireless/ath/ath9k/htc_drv_main.c
+++ b/drivers/net/wireless/ath/ath9k/htc_drv_main.c
@@ -1628,7 +1628,9 @@ static int ath9k_htc_ampdu_action(struct ieee80211_hw *hw,
1628 if (!ret) 1628 if (!ret)
1629 ieee80211_start_tx_ba_cb_irqsafe(vif, sta->addr, tid); 1629 ieee80211_start_tx_ba_cb_irqsafe(vif, sta->addr, tid);
1630 break; 1630 break;
1631 case IEEE80211_AMPDU_TX_STOP: 1631 case IEEE80211_AMPDU_TX_STOP_CONT:
1632 case IEEE80211_AMPDU_TX_STOP_FLUSH:
1633 case IEEE80211_AMPDU_TX_STOP_FLUSH_CONT:
1632 ath9k_htc_tx_aggr_oper(priv, vif, sta, action, tid); 1634 ath9k_htc_tx_aggr_oper(priv, vif, sta, action, tid);
1633 ieee80211_stop_tx_ba_cb_irqsafe(vif, sta->addr, tid); 1635 ieee80211_stop_tx_ba_cb_irqsafe(vif, sta->addr, tid);
1634 break; 1636 break;
diff --git a/drivers/net/wireless/ath/ath9k/htc_hst.c b/drivers/net/wireless/ath/ath9k/htc_hst.c
index 4a9570dfba72..aac4a406a513 100644
--- a/drivers/net/wireless/ath/ath9k/htc_hst.c
+++ b/drivers/net/wireless/ath/ath9k/htc_hst.c
@@ -344,6 +344,8 @@ void ath9k_htc_txcompletion_cb(struct htc_target *htc_handle,
344 endpoint->ep_callbacks.tx(endpoint->ep_callbacks.priv, 344 endpoint->ep_callbacks.tx(endpoint->ep_callbacks.priv,
345 skb, htc_hdr->endpoint_id, 345 skb, htc_hdr->endpoint_id,
346 txok); 346 txok);
347 } else {
348 kfree_skb(skb);
347 } 349 }
348 } 350 }
349 351
diff --git a/drivers/net/wireless/ath/ath9k/hw-ops.h b/drivers/net/wireless/ath/ath9k/hw-ops.h
index 0f2b97f6b739..14b701140b49 100644
--- a/drivers/net/wireless/ath/ath9k/hw-ops.h
+++ b/drivers/net/wireless/ath/ath9k/hw-ops.h
@@ -101,22 +101,6 @@ static inline void ath9k_hw_spur_mitigate_freq(struct ath_hw *ah,
101 ath9k_hw_private_ops(ah)->spur_mitigate_freq(ah, chan); 101 ath9k_hw_private_ops(ah)->spur_mitigate_freq(ah, chan);
102} 102}
103 103
104static inline int ath9k_hw_rf_alloc_ext_banks(struct ath_hw *ah)
105{
106 if (!ath9k_hw_private_ops(ah)->rf_alloc_ext_banks)
107 return 0;
108
109 return ath9k_hw_private_ops(ah)->rf_alloc_ext_banks(ah);
110}
111
112static inline void ath9k_hw_rf_free_ext_banks(struct ath_hw *ah)
113{
114 if (!ath9k_hw_private_ops(ah)->rf_free_ext_banks)
115 return;
116
117 ath9k_hw_private_ops(ah)->rf_free_ext_banks(ah);
118}
119
120static inline bool ath9k_hw_set_rf_regs(struct ath_hw *ah, 104static inline bool ath9k_hw_set_rf_regs(struct ath_hw *ah,
121 struct ath9k_channel *chan, 105 struct ath9k_channel *chan,
122 u16 modesIndex) 106 u16 modesIndex)
diff --git a/drivers/net/wireless/ath/ath9k/hw.c b/drivers/net/wireless/ath/ath9k/hw.c
index 7cb787065913..42cf3c7f1e25 100644
--- a/drivers/net/wireless/ath/ath9k/hw.c
+++ b/drivers/net/wireless/ath/ath9k/hw.c
@@ -54,11 +54,6 @@ static void ath9k_hw_init_cal_settings(struct ath_hw *ah)
54 ath9k_hw_private_ops(ah)->init_cal_settings(ah); 54 ath9k_hw_private_ops(ah)->init_cal_settings(ah);
55} 55}
56 56
57static void ath9k_hw_init_mode_regs(struct ath_hw *ah)
58{
59 ath9k_hw_private_ops(ah)->init_mode_regs(ah);
60}
61
62static u32 ath9k_hw_compute_pll_control(struct ath_hw *ah, 57static u32 ath9k_hw_compute_pll_control(struct ath_hw *ah,
63 struct ath9k_channel *chan) 58 struct ath9k_channel *chan)
64{ 59{
@@ -208,7 +203,7 @@ void ath9k_hw_synth_delay(struct ath_hw *ah, struct ath9k_channel *chan,
208 udelay(hw_delay + BASE_ACTIVATE_DELAY); 203 udelay(hw_delay + BASE_ACTIVATE_DELAY);
209} 204}
210 205
211void ath9k_hw_write_array(struct ath_hw *ah, struct ar5416IniArray *array, 206void ath9k_hw_write_array(struct ath_hw *ah, const struct ar5416IniArray *array,
212 int column, unsigned int *writecnt) 207 int column, unsigned int *writecnt)
213{ 208{
214 int r; 209 int r;
@@ -554,28 +549,19 @@ static int ath9k_hw_post_init(struct ath_hw *ah)
554 ah->eep_ops->get_eeprom_ver(ah), 549 ah->eep_ops->get_eeprom_ver(ah),
555 ah->eep_ops->get_eeprom_rev(ah)); 550 ah->eep_ops->get_eeprom_rev(ah));
556 551
557 ecode = ath9k_hw_rf_alloc_ext_banks(ah); 552 if (ah->config.enable_ani)
558 if (ecode) {
559 ath_err(ath9k_hw_common(ah),
560 "Failed allocating banks for external radio\n");
561 ath9k_hw_rf_free_ext_banks(ah);
562 return ecode;
563 }
564
565 if (ah->config.enable_ani) {
566 ath9k_hw_ani_setup(ah);
567 ath9k_hw_ani_init(ah); 553 ath9k_hw_ani_init(ah);
568 }
569 554
570 return 0; 555 return 0;
571} 556}
572 557
573static void ath9k_hw_attach_ops(struct ath_hw *ah) 558static int ath9k_hw_attach_ops(struct ath_hw *ah)
574{ 559{
575 if (AR_SREV_9300_20_OR_LATER(ah)) 560 if (!AR_SREV_9300_20_OR_LATER(ah))
576 ar9003_hw_attach_ops(ah); 561 return ar9002_hw_attach_ops(ah);
577 else 562
578 ar9002_hw_attach_ops(ah); 563 ar9003_hw_attach_ops(ah);
564 return 0;
579} 565}
580 566
581/* Called for all hardware families */ 567/* Called for all hardware families */
@@ -611,7 +597,9 @@ static int __ath9k_hw_init(struct ath_hw *ah)
611 ath9k_hw_init_defaults(ah); 597 ath9k_hw_init_defaults(ah);
612 ath9k_hw_init_config(ah); 598 ath9k_hw_init_config(ah);
613 599
614 ath9k_hw_attach_ops(ah); 600 r = ath9k_hw_attach_ops(ah);
601 if (r)
602 return r;
615 603
616 if (!ath9k_hw_setpower(ah, ATH9K_PM_AWAKE)) { 604 if (!ath9k_hw_setpower(ah, ATH9K_PM_AWAKE)) {
617 ath_err(common, "Couldn't wakeup chip\n"); 605 ath_err(common, "Couldn't wakeup chip\n");
@@ -675,8 +663,6 @@ static int __ath9k_hw_init(struct ath_hw *ah)
675 if (!AR_SREV_9300_20_OR_LATER(ah)) 663 if (!AR_SREV_9300_20_OR_LATER(ah))
676 ah->ani_function &= ~ATH9K_ANI_MRC_CCK; 664 ah->ani_function &= ~ATH9K_ANI_MRC_CCK;
677 665
678 ath9k_hw_init_mode_regs(ah);
679
680 if (!ah->is_pciexpress) 666 if (!ah->is_pciexpress)
681 ath9k_hw_disablepcie(ah); 667 ath9k_hw_disablepcie(ah);
682 668
@@ -1153,12 +1139,9 @@ void ath9k_hw_deinit(struct ath_hw *ah)
1153 struct ath_common *common = ath9k_hw_common(ah); 1139 struct ath_common *common = ath9k_hw_common(ah);
1154 1140
1155 if (common->state < ATH_HW_INITIALIZED) 1141 if (common->state < ATH_HW_INITIALIZED)
1156 goto free_hw; 1142 return;
1157 1143
1158 ath9k_hw_setpower(ah, ATH9K_PM_FULL_SLEEP); 1144 ath9k_hw_setpower(ah, ATH9K_PM_FULL_SLEEP);
1159
1160free_hw:
1161 ath9k_hw_rf_free_ext_banks(ah);
1162} 1145}
1163EXPORT_SYMBOL(ath9k_hw_deinit); 1146EXPORT_SYMBOL(ath9k_hw_deinit);
1164 1147
@@ -2576,12 +2559,6 @@ int ath9k_hw_fill_cap_info(struct ath_hw *ah)
2576 rx_chainmask >>= 1; 2559 rx_chainmask >>= 1;
2577 } 2560 }
2578 2561
2579 if (AR_SREV_9300_20_OR_LATER(ah)) {
2580 ah->enabled_cals |= TX_IQ_CAL;
2581 if (AR_SREV_9485_OR_LATER(ah))
2582 ah->enabled_cals |= TX_IQ_ON_AGC_CAL;
2583 }
2584
2585 if (AR_SREV_9462(ah) || AR_SREV_9565(ah)) { 2562 if (AR_SREV_9462(ah) || AR_SREV_9565(ah)) {
2586 if (!(ah->ent_mode & AR_ENT_OTP_49GHZ_DISABLE)) 2563 if (!(ah->ent_mode & AR_ENT_OTP_49GHZ_DISABLE))
2587 pCap->hw_caps |= ATH9K_HW_CAP_MCI; 2564 pCap->hw_caps |= ATH9K_HW_CAP_MCI;
@@ -2590,7 +2567,6 @@ int ath9k_hw_fill_cap_info(struct ath_hw *ah)
2590 pCap->hw_caps |= ATH9K_HW_CAP_RTT; 2567 pCap->hw_caps |= ATH9K_HW_CAP_RTT;
2591 } 2568 }
2592 2569
2593
2594 if (AR_SREV_9280_20_OR_LATER(ah)) { 2570 if (AR_SREV_9280_20_OR_LATER(ah)) {
2595 pCap->hw_caps |= ATH9K_HW_WOW_DEVICE_CAPABLE | 2571 pCap->hw_caps |= ATH9K_HW_WOW_DEVICE_CAPABLE |
2596 ATH9K_HW_WOW_PATTERN_MATCH_EXACT; 2572 ATH9K_HW_WOW_PATTERN_MATCH_EXACT;
diff --git a/drivers/net/wireless/ath/ath9k/hw.h b/drivers/net/wireless/ath/ath9k/hw.h
index 7f1a8e91c908..784e81ccb903 100644
--- a/drivers/net/wireless/ath/ath9k/hw.h
+++ b/drivers/net/wireless/ath/ath9k/hw.h
@@ -397,6 +397,7 @@ enum ath9k_int {
397#define MAX_RTT_TABLE_ENTRY 6 397#define MAX_RTT_TABLE_ENTRY 6
398#define MAX_IQCAL_MEASUREMENT 8 398#define MAX_IQCAL_MEASUREMENT 8
399#define MAX_CL_TAB_ENTRY 16 399#define MAX_CL_TAB_ENTRY 16
400#define CL_TAB_ENTRY(reg_base) (reg_base + (4 * j))
400 401
401struct ath9k_hw_cal_data { 402struct ath9k_hw_cal_data {
402 u16 channel; 403 u16 channel;
@@ -599,13 +600,10 @@ struct ath_hw_radar_conf {
599 * @init_cal_settings: setup types of calibrations supported 600 * @init_cal_settings: setup types of calibrations supported
600 * @init_cal: starts actual calibration 601 * @init_cal: starts actual calibration
601 * 602 *
602 * @init_mode_regs: Initializes mode registers
603 * @init_mode_gain_regs: Initialize TX/RX gain registers 603 * @init_mode_gain_regs: Initialize TX/RX gain registers
604 * 604 *
605 * @rf_set_freq: change frequency 605 * @rf_set_freq: change frequency
606 * @spur_mitigate_freq: spur mitigation 606 * @spur_mitigate_freq: spur mitigation
607 * @rf_alloc_ext_banks:
608 * @rf_free_ext_banks:
609 * @set_rf_regs: 607 * @set_rf_regs:
610 * @compute_pll_control: compute the PLL control value to use for 608 * @compute_pll_control: compute the PLL control value to use for
611 * AR_RTC_PLL_CONTROL for a given channel 609 * AR_RTC_PLL_CONTROL for a given channel
@@ -620,7 +618,6 @@ struct ath_hw_private_ops {
620 void (*init_cal_settings)(struct ath_hw *ah); 618 void (*init_cal_settings)(struct ath_hw *ah);
621 bool (*init_cal)(struct ath_hw *ah, struct ath9k_channel *chan); 619 bool (*init_cal)(struct ath_hw *ah, struct ath9k_channel *chan);
622 620
623 void (*init_mode_regs)(struct ath_hw *ah);
624 void (*init_mode_gain_regs)(struct ath_hw *ah); 621 void (*init_mode_gain_regs)(struct ath_hw *ah);
625 void (*setup_calibration)(struct ath_hw *ah, 622 void (*setup_calibration)(struct ath_hw *ah,
626 struct ath9k_cal_list *currCal); 623 struct ath9k_cal_list *currCal);
@@ -630,8 +627,6 @@ struct ath_hw_private_ops {
630 struct ath9k_channel *chan); 627 struct ath9k_channel *chan);
631 void (*spur_mitigate_freq)(struct ath_hw *ah, 628 void (*spur_mitigate_freq)(struct ath_hw *ah,
632 struct ath9k_channel *chan); 629 struct ath9k_channel *chan);
633 int (*rf_alloc_ext_banks)(struct ath_hw *ah);
634 void (*rf_free_ext_banks)(struct ath_hw *ah);
635 bool (*set_rf_regs)(struct ath_hw *ah, 630 bool (*set_rf_regs)(struct ath_hw *ah,
636 struct ath9k_channel *chan, 631 struct ath9k_channel *chan,
637 u16 modesIndex); 632 u16 modesIndex);
@@ -661,6 +656,37 @@ struct ath_hw_private_ops {
661}; 656};
662 657
663/** 658/**
659 * struct ath_spec_scan - parameters for Atheros spectral scan
660 *
661 * @enabled: enable/disable spectral scan
662 * @short_repeat: controls whether the chip is in spectral scan mode
663 * for 4 usec (enabled) or 204 usec (disabled)
664 * @count: number of scan results requested. There are special meanings
665 * in some chip revisions:
666 * AR92xx: highest bit set (>=128) for endless mode
667 * (spectral scan won't stopped until explicitly disabled)
668 * AR9300 and newer: 0 for endless mode
669 * @endless: true if endless mode is intended. Otherwise, count value is
670 * corrected to the next possible value.
671 * @period: time duration between successive spectral scan entry points
672 * (period*256*Tclk). Tclk = ath_common->clockrate
673 * @fft_period: PHY passes FFT frames to MAC every (fft_period+1)*4uS
674 *
675 * Note: Tclk = 40MHz or 44MHz depending upon operating mode.
676 * Typically it's 44MHz in 2/5GHz on later chips, but there's
677 * a "fast clock" check for this in 5GHz.
678 *
679 */
680struct ath_spec_scan {
681 bool enabled;
682 bool short_repeat;
683 bool endless;
684 u8 count;
685 u8 period;
686 u8 fft_period;
687};
688
689/**
664 * struct ath_hw_ops - callbacks used by hardware code and driver code 690 * struct ath_hw_ops - callbacks used by hardware code and driver code
665 * 691 *
666 * This structure contains callbacks designed to to be used internally by 692 * This structure contains callbacks designed to to be used internally by
@@ -668,6 +694,10 @@ struct ath_hw_private_ops {
668 * 694 *
669 * @config_pci_powersave: 695 * @config_pci_powersave:
670 * @calibrate: periodic calibration for NF, ANI, IQ, ADC gain, ADC-DC 696 * @calibrate: periodic calibration for NF, ANI, IQ, ADC gain, ADC-DC
697 *
698 * @spectral_scan_config: set parameters for spectral scan and enable/disable it
699 * @spectral_scan_trigger: trigger a spectral scan run
700 * @spectral_scan_wait: wait for a spectral scan run to finish
671 */ 701 */
672struct ath_hw_ops { 702struct ath_hw_ops {
673 void (*config_pci_powersave)(struct ath_hw *ah, 703 void (*config_pci_powersave)(struct ath_hw *ah,
@@ -688,6 +718,10 @@ struct ath_hw_ops {
688 void (*antdiv_comb_conf_set)(struct ath_hw *ah, 718 void (*antdiv_comb_conf_set)(struct ath_hw *ah,
689 struct ath_hw_antcomb_conf *antconf); 719 struct ath_hw_antcomb_conf *antconf);
690 void (*antctrl_shared_chain_lnadiv)(struct ath_hw *hw, bool enable); 720 void (*antctrl_shared_chain_lnadiv)(struct ath_hw *hw, bool enable);
721 void (*spectral_scan_config)(struct ath_hw *ah,
722 struct ath_spec_scan *param);
723 void (*spectral_scan_trigger)(struct ath_hw *ah);
724 void (*spectral_scan_wait)(struct ath_hw *ah);
691}; 725};
692 726
693struct ath_nf_limits { 727struct ath_nf_limits {
@@ -710,6 +744,7 @@ enum ath_cal_list {
710struct ath_hw { 744struct ath_hw {
711 struct ath_ops reg_ops; 745 struct ath_ops reg_ops;
712 746
747 struct device *dev;
713 struct ieee80211_hw *hw; 748 struct ieee80211_hw *hw;
714 struct ath_common common; 749 struct ath_common common;
715 struct ath9k_hw_version hw_version; 750 struct ath9k_hw_version hw_version;
@@ -771,7 +806,6 @@ struct ath_hw {
771 struct ath9k_cal_list iq_caldata; 806 struct ath9k_cal_list iq_caldata;
772 struct ath9k_cal_list adcgain_caldata; 807 struct ath9k_cal_list adcgain_caldata;
773 struct ath9k_cal_list adcdc_caldata; 808 struct ath9k_cal_list adcdc_caldata;
774 struct ath9k_cal_list tempCompCalData;
775 struct ath9k_cal_list *cal_list; 809 struct ath9k_cal_list *cal_list;
776 struct ath9k_cal_list *cal_list_last; 810 struct ath9k_cal_list *cal_list_last;
777 struct ath9k_cal_list *cal_list_curr; 811 struct ath9k_cal_list *cal_list_curr;
@@ -830,10 +864,6 @@ struct ath_hw {
830 /* ANI */ 864 /* ANI */
831 u32 proc_phyerr; 865 u32 proc_phyerr;
832 u32 aniperiod; 866 u32 aniperiod;
833 int totalSizeDesired[5];
834 int coarse_high[5];
835 int coarse_low[5];
836 int firpwr[5];
837 enum ath9k_ani_cmd ani_function; 867 enum ath9k_ani_cmd ani_function;
838 u32 ani_skip_count; 868 u32 ani_skip_count;
839 869
@@ -979,7 +1009,7 @@ void ath9k_hw_setantenna(struct ath_hw *ah, u32 antenna);
979void ath9k_hw_synth_delay(struct ath_hw *ah, struct ath9k_channel *chan, 1009void ath9k_hw_synth_delay(struct ath_hw *ah, struct ath9k_channel *chan,
980 int hw_delay); 1010 int hw_delay);
981bool ath9k_hw_wait(struct ath_hw *ah, u32 reg, u32 mask, u32 val, u32 timeout); 1011bool ath9k_hw_wait(struct ath_hw *ah, u32 reg, u32 mask, u32 val, u32 timeout);
982void ath9k_hw_write_array(struct ath_hw *ah, struct ar5416IniArray *array, 1012void ath9k_hw_write_array(struct ath_hw *ah, const struct ar5416IniArray *array,
983 int column, unsigned int *writecnt); 1013 int column, unsigned int *writecnt);
984u32 ath9k_hw_reverse_bits(u32 val, u32 n); 1014u32 ath9k_hw_reverse_bits(u32 val, u32 n);
985u16 ath9k_hw_computetxtime(struct ath_hw *ah, 1015u16 ath9k_hw_computetxtime(struct ath_hw *ah,
@@ -1066,16 +1096,17 @@ void ar9003_paprd_setup_gain_table(struct ath_hw *ah, int chain);
1066int ar9003_paprd_init_table(struct ath_hw *ah); 1096int ar9003_paprd_init_table(struct ath_hw *ah);
1067bool ar9003_paprd_is_done(struct ath_hw *ah); 1097bool ar9003_paprd_is_done(struct ath_hw *ah);
1068bool ar9003_is_paprd_enabled(struct ath_hw *ah); 1098bool ar9003_is_paprd_enabled(struct ath_hw *ah);
1099void ar9003_hw_set_chain_masks(struct ath_hw *ah, u8 rx, u8 tx);
1069 1100
1070/* Hardware family op attach helpers */ 1101/* Hardware family op attach helpers */
1071void ar5008_hw_attach_phy_ops(struct ath_hw *ah); 1102int ar5008_hw_attach_phy_ops(struct ath_hw *ah);
1072void ar9002_hw_attach_phy_ops(struct ath_hw *ah); 1103void ar9002_hw_attach_phy_ops(struct ath_hw *ah);
1073void ar9003_hw_attach_phy_ops(struct ath_hw *ah); 1104void ar9003_hw_attach_phy_ops(struct ath_hw *ah);
1074 1105
1075void ar9002_hw_attach_calib_ops(struct ath_hw *ah); 1106void ar9002_hw_attach_calib_ops(struct ath_hw *ah);
1076void ar9003_hw_attach_calib_ops(struct ath_hw *ah); 1107void ar9003_hw_attach_calib_ops(struct ath_hw *ah);
1077 1108
1078void ar9002_hw_attach_ops(struct ath_hw *ah); 1109int ar9002_hw_attach_ops(struct ath_hw *ah);
1079void ar9003_hw_attach_ops(struct ath_hw *ah); 1110void ar9003_hw_attach_ops(struct ath_hw *ah);
1080 1111
1081void ar9002_hw_load_ani_reg(struct ath_hw *ah, struct ath9k_channel *chan); 1112void ar9002_hw_load_ani_reg(struct ath_hw *ah, struct ath9k_channel *chan);
diff --git a/drivers/net/wireless/ath/ath9k/init.c b/drivers/net/wireless/ath/ath9k/init.c
index f69ef5d48c7b..c7d116c2c615 100644
--- a/drivers/net/wireless/ath/ath9k/init.c
+++ b/drivers/net/wireless/ath/ath9k/init.c
@@ -20,6 +20,7 @@
20#include <linux/slab.h> 20#include <linux/slab.h>
21#include <linux/ath9k_platform.h> 21#include <linux/ath9k_platform.h>
22#include <linux/module.h> 22#include <linux/module.h>
23#include <linux/relay.h>
23 24
24#include "ath9k.h" 25#include "ath9k.h"
25 26
@@ -302,16 +303,15 @@ static void setup_ht_cap(struct ath_softc *sc,
302 ht_info->mcs.tx_params |= IEEE80211_HT_MCS_TX_DEFINED; 303 ht_info->mcs.tx_params |= IEEE80211_HT_MCS_TX_DEFINED;
303} 304}
304 305
305static int ath9k_reg_notifier(struct wiphy *wiphy, 306static void ath9k_reg_notifier(struct wiphy *wiphy,
306 struct regulatory_request *request) 307 struct regulatory_request *request)
307{ 308{
308 struct ieee80211_hw *hw = wiphy_to_ieee80211_hw(wiphy); 309 struct ieee80211_hw *hw = wiphy_to_ieee80211_hw(wiphy);
309 struct ath_softc *sc = hw->priv; 310 struct ath_softc *sc = hw->priv;
310 struct ath_hw *ah = sc->sc_ah; 311 struct ath_hw *ah = sc->sc_ah;
311 struct ath_regulatory *reg = ath9k_hw_regulatory(ah); 312 struct ath_regulatory *reg = ath9k_hw_regulatory(ah);
312 int ret;
313 313
314 ret = ath_reg_notifier_apply(wiphy, request, reg); 314 ath_reg_notifier_apply(wiphy, request, reg);
315 315
316 /* Set tx power */ 316 /* Set tx power */
317 if (ah->curchan) { 317 if (ah->curchan) {
@@ -321,8 +321,6 @@ static int ath9k_reg_notifier(struct wiphy *wiphy,
321 sc->curtxpow = ath9k_hw_regulatory(ah)->power_limit; 321 sc->curtxpow = ath9k_hw_regulatory(ah)->power_limit;
322 ath9k_ps_restore(sc); 322 ath9k_ps_restore(sc);
323 } 323 }
324
325 return ret;
326} 324}
327 325
328/* 326/*
@@ -337,7 +335,7 @@ int ath_descdma_setup(struct ath_softc *sc, struct ath_descdma *dd,
337 struct ath_common *common = ath9k_hw_common(sc->sc_ah); 335 struct ath_common *common = ath9k_hw_common(sc->sc_ah);
338 u8 *ds; 336 u8 *ds;
339 struct ath_buf *bf; 337 struct ath_buf *bf;
340 int i, bsize, error, desc_len; 338 int i, bsize, desc_len;
341 339
342 ath_dbg(common, CONFIG, "%s DMA: %u buffers %u desc/buf\n", 340 ath_dbg(common, CONFIG, "%s DMA: %u buffers %u desc/buf\n",
343 name, nbuf, ndesc); 341 name, nbuf, ndesc);
@@ -353,8 +351,7 @@ int ath_descdma_setup(struct ath_softc *sc, struct ath_descdma *dd,
353 if ((desc_len % 4) != 0) { 351 if ((desc_len % 4) != 0) {
354 ath_err(common, "ath_desc not DWORD aligned\n"); 352 ath_err(common, "ath_desc not DWORD aligned\n");
355 BUG_ON((desc_len % 4) != 0); 353 BUG_ON((desc_len % 4) != 0);
356 error = -ENOMEM; 354 return -ENOMEM;
357 goto fail;
358 } 355 }
359 356
360 dd->dd_desc_len = desc_len * nbuf * ndesc; 357 dd->dd_desc_len = desc_len * nbuf * ndesc;
@@ -378,12 +375,11 @@ int ath_descdma_setup(struct ath_softc *sc, struct ath_descdma *dd,
378 } 375 }
379 376
380 /* allocate descriptors */ 377 /* allocate descriptors */
381 dd->dd_desc = dma_alloc_coherent(sc->dev, dd->dd_desc_len, 378 dd->dd_desc = dmam_alloc_coherent(sc->dev, dd->dd_desc_len,
382 &dd->dd_desc_paddr, GFP_KERNEL); 379 &dd->dd_desc_paddr, GFP_KERNEL);
383 if (dd->dd_desc == NULL) { 380 if (!dd->dd_desc)
384 error = -ENOMEM; 381 return -ENOMEM;
385 goto fail; 382
386 }
387 ds = (u8 *) dd->dd_desc; 383 ds = (u8 *) dd->dd_desc;
388 ath_dbg(common, CONFIG, "%s DMA map: %p (%u) -> %llx (%u)\n", 384 ath_dbg(common, CONFIG, "%s DMA map: %p (%u) -> %llx (%u)\n",
389 name, ds, (u32) dd->dd_desc_len, 385 name, ds, (u32) dd->dd_desc_len,
@@ -391,12 +387,9 @@ int ath_descdma_setup(struct ath_softc *sc, struct ath_descdma *dd,
391 387
392 /* allocate buffers */ 388 /* allocate buffers */
393 bsize = sizeof(struct ath_buf) * nbuf; 389 bsize = sizeof(struct ath_buf) * nbuf;
394 bf = kzalloc(bsize, GFP_KERNEL); 390 bf = devm_kzalloc(sc->dev, bsize, GFP_KERNEL);
395 if (bf == NULL) { 391 if (!bf)
396 error = -ENOMEM; 392 return -ENOMEM;
397 goto fail2;
398 }
399 dd->dd_bufptr = bf;
400 393
401 for (i = 0; i < nbuf; i++, bf++, ds += (desc_len * ndesc)) { 394 for (i = 0; i < nbuf; i++, bf++, ds += (desc_len * ndesc)) {
402 bf->bf_desc = ds; 395 bf->bf_desc = ds;
@@ -422,12 +415,6 @@ int ath_descdma_setup(struct ath_softc *sc, struct ath_descdma *dd,
422 list_add_tail(&bf->list, head); 415 list_add_tail(&bf->list, head);
423 } 416 }
424 return 0; 417 return 0;
425fail2:
426 dma_free_coherent(sc->dev, dd->dd_desc_len, dd->dd_desc,
427 dd->dd_desc_paddr);
428fail:
429 memset(dd, 0, sizeof(*dd));
430 return error;
431} 418}
432 419
433static int ath9k_init_queues(struct ath_softc *sc) 420static int ath9k_init_queues(struct ath_softc *sc)
@@ -457,11 +444,13 @@ static int ath9k_init_channels_rates(struct ath_softc *sc)
457 ATH9K_NUM_CHANNELS); 444 ATH9K_NUM_CHANNELS);
458 445
459 if (sc->sc_ah->caps.hw_caps & ATH9K_HW_CAP_2GHZ) { 446 if (sc->sc_ah->caps.hw_caps & ATH9K_HW_CAP_2GHZ) {
460 channels = kmemdup(ath9k_2ghz_chantable, 447 channels = devm_kzalloc(sc->dev,
461 sizeof(ath9k_2ghz_chantable), GFP_KERNEL); 448 sizeof(ath9k_2ghz_chantable), GFP_KERNEL);
462 if (!channels) 449 if (!channels)
463 return -ENOMEM; 450 return -ENOMEM;
464 451
452 memcpy(channels, ath9k_2ghz_chantable,
453 sizeof(ath9k_2ghz_chantable));
465 sc->sbands[IEEE80211_BAND_2GHZ].channels = channels; 454 sc->sbands[IEEE80211_BAND_2GHZ].channels = channels;
466 sc->sbands[IEEE80211_BAND_2GHZ].band = IEEE80211_BAND_2GHZ; 455 sc->sbands[IEEE80211_BAND_2GHZ].band = IEEE80211_BAND_2GHZ;
467 sc->sbands[IEEE80211_BAND_2GHZ].n_channels = 456 sc->sbands[IEEE80211_BAND_2GHZ].n_channels =
@@ -472,14 +461,13 @@ static int ath9k_init_channels_rates(struct ath_softc *sc)
472 } 461 }
473 462
474 if (sc->sc_ah->caps.hw_caps & ATH9K_HW_CAP_5GHZ) { 463 if (sc->sc_ah->caps.hw_caps & ATH9K_HW_CAP_5GHZ) {
475 channels = kmemdup(ath9k_5ghz_chantable, 464 channels = devm_kzalloc(sc->dev,
476 sizeof(ath9k_5ghz_chantable), GFP_KERNEL); 465 sizeof(ath9k_5ghz_chantable), GFP_KERNEL);
477 if (!channels) { 466 if (!channels)
478 if (sc->sbands[IEEE80211_BAND_2GHZ].channels)
479 kfree(sc->sbands[IEEE80211_BAND_2GHZ].channels);
480 return -ENOMEM; 467 return -ENOMEM;
481 }
482 468
469 memcpy(channels, ath9k_5ghz_chantable,
470 sizeof(ath9k_5ghz_chantable));
483 sc->sbands[IEEE80211_BAND_5GHZ].channels = channels; 471 sc->sbands[IEEE80211_BAND_5GHZ].channels = channels;
484 sc->sbands[IEEE80211_BAND_5GHZ].band = IEEE80211_BAND_5GHZ; 472 sc->sbands[IEEE80211_BAND_5GHZ].band = IEEE80211_BAND_5GHZ;
485 sc->sbands[IEEE80211_BAND_5GHZ].n_channels = 473 sc->sbands[IEEE80211_BAND_5GHZ].n_channels =
@@ -509,6 +497,13 @@ static void ath9k_init_misc(struct ath_softc *sc)
509 497
510 if (sc->sc_ah->caps.hw_caps & ATH9K_HW_CAP_ANT_DIV_COMB) 498 if (sc->sc_ah->caps.hw_caps & ATH9K_HW_CAP_ANT_DIV_COMB)
511 sc->ant_comb.count = ATH_ANT_DIV_COMB_INIT_COUNT; 499 sc->ant_comb.count = ATH_ANT_DIV_COMB_INIT_COUNT;
500
501 sc->spec_config.enabled = 0;
502 sc->spec_config.short_repeat = true;
503 sc->spec_config.count = 8;
504 sc->spec_config.endless = false;
505 sc->spec_config.period = 0xFF;
506 sc->spec_config.fft_period = 0xF;
512} 507}
513 508
514static void ath9k_eeprom_request_cb(const struct firmware *eeprom_blob, 509static void ath9k_eeprom_request_cb(const struct firmware *eeprom_blob,
@@ -565,10 +560,11 @@ static int ath9k_init_softc(u16 devid, struct ath_softc *sc,
565 int ret = 0, i; 560 int ret = 0, i;
566 int csz = 0; 561 int csz = 0;
567 562
568 ah = kzalloc(sizeof(struct ath_hw), GFP_KERNEL); 563 ah = devm_kzalloc(sc->dev, sizeof(struct ath_hw), GFP_KERNEL);
569 if (!ah) 564 if (!ah)
570 return -ENOMEM; 565 return -ENOMEM;
571 566
567 ah->dev = sc->dev;
572 ah->hw = sc->hw; 568 ah->hw = sc->hw;
573 ah->hw_version.devid = devid; 569 ah->hw_version.devid = devid;
574 ah->reg_ops.read = ath9k_ioread32; 570 ah->reg_ops.read = ath9k_ioread32;
@@ -636,7 +632,7 @@ static int ath9k_init_softc(u16 devid, struct ath_softc *sc,
636 if (pdata && pdata->eeprom_name) { 632 if (pdata && pdata->eeprom_name) {
637 ret = ath9k_eeprom_request(sc, pdata->eeprom_name); 633 ret = ath9k_eeprom_request(sc, pdata->eeprom_name);
638 if (ret) 634 if (ret)
639 goto err_eeprom; 635 return ret;
640 } 636 }
641 637
642 /* Initializes the hardware for all supported chipsets */ 638 /* Initializes the hardware for all supported chipsets */
@@ -676,10 +672,6 @@ err_queues:
676 ath9k_hw_deinit(ah); 672 ath9k_hw_deinit(ah);
677err_hw: 673err_hw:
678 ath9k_eeprom_release(sc); 674 ath9k_eeprom_release(sc);
679err_eeprom:
680 kfree(ah);
681 sc->sc_ah = NULL;
682
683 return ret; 675 return ret;
684} 676}
685 677
@@ -844,8 +836,8 @@ int ath9k_init_device(u16 devid, struct ath_softc *sc,
844 836
845 /* Bring up device */ 837 /* Bring up device */
846 error = ath9k_init_softc(devid, sc, bus_ops); 838 error = ath9k_init_softc(devid, sc, bus_ops);
847 if (error != 0) 839 if (error)
848 goto error_init; 840 return error;
849 841
850 ah = sc->sc_ah; 842 ah = sc->sc_ah;
851 common = ath9k_hw_common(ah); 843 common = ath9k_hw_common(ah);
@@ -855,19 +847,19 @@ int ath9k_init_device(u16 devid, struct ath_softc *sc,
855 error = ath_regd_init(&common->regulatory, sc->hw->wiphy, 847 error = ath_regd_init(&common->regulatory, sc->hw->wiphy,
856 ath9k_reg_notifier); 848 ath9k_reg_notifier);
857 if (error) 849 if (error)
858 goto error_regd; 850 goto deinit;
859 851
860 reg = &common->regulatory; 852 reg = &common->regulatory;
861 853
862 /* Setup TX DMA */ 854 /* Setup TX DMA */
863 error = ath_tx_init(sc, ATH_TXBUF); 855 error = ath_tx_init(sc, ATH_TXBUF);
864 if (error != 0) 856 if (error != 0)
865 goto error_tx; 857 goto deinit;
866 858
867 /* Setup RX DMA */ 859 /* Setup RX DMA */
868 error = ath_rx_init(sc, ATH_RXBUF); 860 error = ath_rx_init(sc, ATH_RXBUF);
869 if (error != 0) 861 if (error != 0)
870 goto error_rx; 862 goto deinit;
871 863
872 ath9k_init_txpower_limits(sc); 864 ath9k_init_txpower_limits(sc);
873 865
@@ -881,19 +873,19 @@ int ath9k_init_device(u16 devid, struct ath_softc *sc,
881 /* Register with mac80211 */ 873 /* Register with mac80211 */
882 error = ieee80211_register_hw(hw); 874 error = ieee80211_register_hw(hw);
883 if (error) 875 if (error)
884 goto error_register; 876 goto rx_cleanup;
885 877
886 error = ath9k_init_debug(ah); 878 error = ath9k_init_debug(ah);
887 if (error) { 879 if (error) {
888 ath_err(common, "Unable to create debugfs files\n"); 880 ath_err(common, "Unable to create debugfs files\n");
889 goto error_world; 881 goto unregister;
890 } 882 }
891 883
892 /* Handle world regulatory */ 884 /* Handle world regulatory */
893 if (!ath_is_world_regd(reg)) { 885 if (!ath_is_world_regd(reg)) {
894 error = regulatory_hint(hw->wiphy, reg->alpha2); 886 error = regulatory_hint(hw->wiphy, reg->alpha2);
895 if (error) 887 if (error)
896 goto error_world; 888 goto unregister;
897 } 889 }
898 890
899 ath_init_leds(sc); 891 ath_init_leds(sc);
@@ -901,17 +893,12 @@ int ath9k_init_device(u16 devid, struct ath_softc *sc,
901 893
902 return 0; 894 return 0;
903 895
904error_world: 896unregister:
905 ieee80211_unregister_hw(hw); 897 ieee80211_unregister_hw(hw);
906error_register: 898rx_cleanup:
907 ath_rx_cleanup(sc); 899 ath_rx_cleanup(sc);
908error_rx: 900deinit:
909 ath_tx_cleanup(sc);
910error_tx:
911 /* Nothing */
912error_regd:
913 ath9k_deinit_softc(sc); 901 ath9k_deinit_softc(sc);
914error_init:
915 return error; 902 return error;
916} 903}
917 904
@@ -923,12 +910,6 @@ static void ath9k_deinit_softc(struct ath_softc *sc)
923{ 910{
924 int i = 0; 911 int i = 0;
925 912
926 if (sc->sbands[IEEE80211_BAND_2GHZ].channels)
927 kfree(sc->sbands[IEEE80211_BAND_2GHZ].channels);
928
929 if (sc->sbands[IEEE80211_BAND_5GHZ].channels)
930 kfree(sc->sbands[IEEE80211_BAND_5GHZ].channels);
931
932 ath9k_deinit_btcoex(sc); 913 ath9k_deinit_btcoex(sc);
933 914
934 for (i = 0; i < ATH9K_NUM_TX_QUEUES; i++) 915 for (i = 0; i < ATH9K_NUM_TX_QUEUES; i++)
@@ -940,8 +921,11 @@ static void ath9k_deinit_softc(struct ath_softc *sc)
940 sc->dfs_detector->exit(sc->dfs_detector); 921 sc->dfs_detector->exit(sc->dfs_detector);
941 922
942 ath9k_eeprom_release(sc); 923 ath9k_eeprom_release(sc);
943 kfree(sc->sc_ah); 924
944 sc->sc_ah = NULL; 925 if (sc->rfs_chan_spec_scan) {
926 relay_close(sc->rfs_chan_spec_scan);
927 sc->rfs_chan_spec_scan = NULL;
928 }
945} 929}
946 930
947void ath9k_deinit_device(struct ath_softc *sc) 931void ath9k_deinit_device(struct ath_softc *sc)
@@ -957,22 +941,9 @@ void ath9k_deinit_device(struct ath_softc *sc)
957 941
958 ieee80211_unregister_hw(hw); 942 ieee80211_unregister_hw(hw);
959 ath_rx_cleanup(sc); 943 ath_rx_cleanup(sc);
960 ath_tx_cleanup(sc);
961 ath9k_deinit_softc(sc); 944 ath9k_deinit_softc(sc);
962} 945}
963 946
964void ath_descdma_cleanup(struct ath_softc *sc,
965 struct ath_descdma *dd,
966 struct list_head *head)
967{
968 dma_free_coherent(sc->dev, dd->dd_desc_len, dd->dd_desc,
969 dd->dd_desc_paddr);
970
971 INIT_LIST_HEAD(head);
972 kfree(dd->dd_bufptr);
973 memset(dd, 0, sizeof(*dd));
974}
975
976/************************/ 947/************************/
977/* Module Hooks */ 948/* Module Hooks */
978/************************/ 949/************************/
diff --git a/drivers/net/wireless/ath/ath9k/mac.c b/drivers/net/wireless/ath/ath9k/mac.c
index b42be910a83d..811007ec07a7 100644
--- a/drivers/net/wireless/ath/ath9k/mac.c
+++ b/drivers/net/wireless/ath/ath9k/mac.c
@@ -605,13 +605,13 @@ int ath9k_hw_rxprocdesc(struct ath_hw *ah, struct ath_desc *ds,
605 * reported, then decryption and MIC errors are irrelevant, 605 * reported, then decryption and MIC errors are irrelevant,
606 * the frame is going to be dropped either way 606 * the frame is going to be dropped either way
607 */ 607 */
608 if (ads.ds_rxstatus8 & AR_CRCErr) 608 if (ads.ds_rxstatus8 & AR_PHYErr) {
609 rs->rs_status |= ATH9K_RXERR_CRC;
610 else if (ads.ds_rxstatus8 & AR_PHYErr) {
611 rs->rs_status |= ATH9K_RXERR_PHY; 609 rs->rs_status |= ATH9K_RXERR_PHY;
612 phyerr = MS(ads.ds_rxstatus8, AR_PHYErrCode); 610 phyerr = MS(ads.ds_rxstatus8, AR_PHYErrCode);
613 rs->rs_phyerr = phyerr; 611 rs->rs_phyerr = phyerr;
614 } else if (ads.ds_rxstatus8 & AR_DecryptCRCErr) 612 } else if (ads.ds_rxstatus8 & AR_CRCErr)
613 rs->rs_status |= ATH9K_RXERR_CRC;
614 else if (ads.ds_rxstatus8 & AR_DecryptCRCErr)
615 rs->rs_status |= ATH9K_RXERR_DECRYPT; 615 rs->rs_status |= ATH9K_RXERR_DECRYPT;
616 else if (ads.ds_rxstatus8 & AR_MichaelErr) 616 else if (ads.ds_rxstatus8 & AR_MichaelErr)
617 rs->rs_status |= ATH9K_RXERR_MIC; 617 rs->rs_status |= ATH9K_RXERR_MIC;
diff --git a/drivers/net/wireless/ath/ath9k/mac.h b/drivers/net/wireless/ath/ath9k/mac.h
index 4a745e68dd94..1ff817061ebc 100644
--- a/drivers/net/wireless/ath/ath9k/mac.h
+++ b/drivers/net/wireless/ath/ath9k/mac.h
@@ -226,7 +226,8 @@ enum ath9k_phyerr {
226 ATH9K_PHYERR_HT_LENGTH_ILLEGAL = 35, 226 ATH9K_PHYERR_HT_LENGTH_ILLEGAL = 35,
227 ATH9K_PHYERR_HT_RATE_ILLEGAL = 36, 227 ATH9K_PHYERR_HT_RATE_ILLEGAL = 36,
228 228
229 ATH9K_PHYERR_MAX = 37, 229 ATH9K_PHYERR_SPECTRAL = 38,
230 ATH9K_PHYERR_MAX = 39,
230}; 231};
231 232
232struct ath_desc { 233struct ath_desc {
diff --git a/drivers/net/wireless/ath/ath9k/main.c b/drivers/net/wireless/ath/ath9k/main.c
index be30a9af1528..5432f1247e2e 100644
--- a/drivers/net/wireless/ath/ath9k/main.c
+++ b/drivers/net/wireless/ath/ath9k/main.c
@@ -182,7 +182,7 @@ static void ath_restart_work(struct ath_softc *sc)
182 ath_start_ani(sc); 182 ath_start_ani(sc);
183} 183}
184 184
185static bool ath_prepare_reset(struct ath_softc *sc, bool retry_tx, bool flush) 185static bool ath_prepare_reset(struct ath_softc *sc)
186{ 186{
187 struct ath_hw *ah = sc->sc_ah; 187 struct ath_hw *ah = sc->sc_ah;
188 bool ret = true; 188 bool ret = true;
@@ -196,20 +196,12 @@ static bool ath_prepare_reset(struct ath_softc *sc, bool retry_tx, bool flush)
196 ath9k_debug_samp_bb_mac(sc); 196 ath9k_debug_samp_bb_mac(sc);
197 ath9k_hw_disable_interrupts(ah); 197 ath9k_hw_disable_interrupts(ah);
198 198
199 if (!ath_stoprecv(sc)) 199 if (!ath_drain_all_txq(sc))
200 ret = false; 200 ret = false;
201 201
202 if (!ath_drain_all_txq(sc, retry_tx)) 202 if (!ath_stoprecv(sc))
203 ret = false; 203 ret = false;
204 204
205 if (!flush) {
206 if (ah->caps.hw_caps & ATH9K_HW_CAP_EDMA)
207 ath_rx_tasklet(sc, 1, true);
208 ath_rx_tasklet(sc, 1, false);
209 } else {
210 ath_flushrecv(sc);
211 }
212
213 return ret; 205 return ret;
214} 206}
215 207
@@ -255,18 +247,17 @@ static bool ath_complete_reset(struct ath_softc *sc, bool start)
255 return true; 247 return true;
256} 248}
257 249
258static int ath_reset_internal(struct ath_softc *sc, struct ath9k_channel *hchan, 250static int ath_reset_internal(struct ath_softc *sc, struct ath9k_channel *hchan)
259 bool retry_tx)
260{ 251{
261 struct ath_hw *ah = sc->sc_ah; 252 struct ath_hw *ah = sc->sc_ah;
262 struct ath_common *common = ath9k_hw_common(ah); 253 struct ath_common *common = ath9k_hw_common(ah);
263 struct ath9k_hw_cal_data *caldata = NULL; 254 struct ath9k_hw_cal_data *caldata = NULL;
264 bool fastcc = true; 255 bool fastcc = true;
265 bool flush = false;
266 int r; 256 int r;
267 257
268 __ath_cancel_work(sc); 258 __ath_cancel_work(sc);
269 259
260 tasklet_disable(&sc->intr_tq);
270 spin_lock_bh(&sc->sc_pcu_lock); 261 spin_lock_bh(&sc->sc_pcu_lock);
271 262
272 if (!(sc->hw->conf.flags & IEEE80211_CONF_OFFCHANNEL)) { 263 if (!(sc->hw->conf.flags & IEEE80211_CONF_OFFCHANNEL)) {
@@ -276,11 +267,10 @@ static int ath_reset_internal(struct ath_softc *sc, struct ath9k_channel *hchan,
276 267
277 if (!hchan) { 268 if (!hchan) {
278 fastcc = false; 269 fastcc = false;
279 flush = true;
280 hchan = ah->curchan; 270 hchan = ah->curchan;
281 } 271 }
282 272
283 if (!ath_prepare_reset(sc, retry_tx, flush)) 273 if (!ath_prepare_reset(sc))
284 fastcc = false; 274 fastcc = false;
285 275
286 ath_dbg(common, CONFIG, "Reset to %u MHz, HT40: %d fastcc: %d\n", 276 ath_dbg(common, CONFIG, "Reset to %u MHz, HT40: %d fastcc: %d\n",
@@ -302,6 +292,8 @@ static int ath_reset_internal(struct ath_softc *sc, struct ath9k_channel *hchan,
302 292
303out: 293out:
304 spin_unlock_bh(&sc->sc_pcu_lock); 294 spin_unlock_bh(&sc->sc_pcu_lock);
295 tasklet_enable(&sc->intr_tq);
296
305 return r; 297 return r;
306} 298}
307 299
@@ -319,7 +311,7 @@ static int ath_set_channel(struct ath_softc *sc, struct ieee80211_hw *hw,
319 if (test_bit(SC_OP_INVALID, &sc->sc_flags)) 311 if (test_bit(SC_OP_INVALID, &sc->sc_flags))
320 return -EIO; 312 return -EIO;
321 313
322 r = ath_reset_internal(sc, hchan, false); 314 r = ath_reset_internal(sc, hchan);
323 315
324 return r; 316 return r;
325} 317}
@@ -549,23 +541,21 @@ chip_reset:
549#undef SCHED_INTR 541#undef SCHED_INTR
550} 542}
551 543
552static int ath_reset(struct ath_softc *sc, bool retry_tx) 544static int ath_reset(struct ath_softc *sc)
553{ 545{
554 int r; 546 int i, r;
555 547
556 ath9k_ps_wakeup(sc); 548 ath9k_ps_wakeup(sc);
557 549
558 r = ath_reset_internal(sc, NULL, retry_tx); 550 r = ath_reset_internal(sc, NULL);
559 551
560 if (retry_tx) { 552 for (i = 0; i < ATH9K_NUM_TX_QUEUES; i++) {
561 int i; 553 if (!ATH_TXQ_SETUP(sc, i))
562 for (i = 0; i < ATH9K_NUM_TX_QUEUES; i++) { 554 continue;
563 if (ATH_TXQ_SETUP(sc, i)) { 555
564 spin_lock_bh(&sc->tx.txq[i].axq_lock); 556 spin_lock_bh(&sc->tx.txq[i].axq_lock);
565 ath_txq_schedule(sc, &sc->tx.txq[i]); 557 ath_txq_schedule(sc, &sc->tx.txq[i]);
566 spin_unlock_bh(&sc->tx.txq[i].axq_lock); 558 spin_unlock_bh(&sc->tx.txq[i].axq_lock);
567 }
568 }
569 } 559 }
570 560
571 ath9k_ps_restore(sc); 561 ath9k_ps_restore(sc);
@@ -586,7 +576,7 @@ void ath_reset_work(struct work_struct *work)
586{ 576{
587 struct ath_softc *sc = container_of(work, struct ath_softc, hw_reset_work); 577 struct ath_softc *sc = container_of(work, struct ath_softc, hw_reset_work);
588 578
589 ath_reset(sc, true); 579 ath_reset(sc);
590} 580}
591 581
592/**********************/ 582/**********************/
@@ -804,7 +794,7 @@ static void ath9k_stop(struct ieee80211_hw *hw)
804 ath9k_hw_cfg_gpio_input(ah, ah->led_pin); 794 ath9k_hw_cfg_gpio_input(ah, ah->led_pin);
805 } 795 }
806 796
807 ath_prepare_reset(sc, false, true); 797 ath_prepare_reset(sc);
808 798
809 if (sc->rx.frag) { 799 if (sc->rx.frag) {
810 dev_kfree_skb_any(sc->rx.frag); 800 dev_kfree_skb_any(sc->rx.frag);
@@ -1075,6 +1065,75 @@ static void ath9k_disable_ps(struct ath_softc *sc)
1075 ath_dbg(common, PS, "PowerSave disabled\n"); 1065 ath_dbg(common, PS, "PowerSave disabled\n");
1076} 1066}
1077 1067
1068void ath9k_spectral_scan_trigger(struct ieee80211_hw *hw)
1069{
1070 struct ath_softc *sc = hw->priv;
1071 struct ath_hw *ah = sc->sc_ah;
1072 struct ath_common *common = ath9k_hw_common(ah);
1073 u32 rxfilter;
1074
1075 if (!ath9k_hw_ops(ah)->spectral_scan_trigger) {
1076 ath_err(common, "spectrum analyzer not implemented on this hardware\n");
1077 return;
1078 }
1079
1080 ath9k_ps_wakeup(sc);
1081 rxfilter = ath9k_hw_getrxfilter(ah);
1082 ath9k_hw_setrxfilter(ah, rxfilter |
1083 ATH9K_RX_FILTER_PHYRADAR |
1084 ATH9K_RX_FILTER_PHYERR);
1085
1086 /* TODO: usually this should not be neccesary, but for some reason
1087 * (or in some mode?) the trigger must be called after the
1088 * configuration, otherwise the register will have its values reset
1089 * (on my ar9220 to value 0x01002310)
1090 */
1091 ath9k_spectral_scan_config(hw, sc->spectral_mode);
1092 ath9k_hw_ops(ah)->spectral_scan_trigger(ah);
1093 ath9k_ps_restore(sc);
1094}
1095
1096int ath9k_spectral_scan_config(struct ieee80211_hw *hw,
1097 enum spectral_mode spectral_mode)
1098{
1099 struct ath_softc *sc = hw->priv;
1100 struct ath_hw *ah = sc->sc_ah;
1101 struct ath_common *common = ath9k_hw_common(ah);
1102
1103 if (!ath9k_hw_ops(ah)->spectral_scan_trigger) {
1104 ath_err(common, "spectrum analyzer not implemented on this hardware\n");
1105 return -1;
1106 }
1107
1108 switch (spectral_mode) {
1109 case SPECTRAL_DISABLED:
1110 sc->spec_config.enabled = 0;
1111 break;
1112 case SPECTRAL_BACKGROUND:
1113 /* send endless samples.
1114 * TODO: is this really useful for "background"?
1115 */
1116 sc->spec_config.endless = 1;
1117 sc->spec_config.enabled = 1;
1118 break;
1119 case SPECTRAL_CHANSCAN:
1120 case SPECTRAL_MANUAL:
1121 sc->spec_config.endless = 0;
1122 sc->spec_config.enabled = 1;
1123 break;
1124 default:
1125 return -1;
1126 }
1127
1128 ath9k_ps_wakeup(sc);
1129 ath9k_hw_ops(ah)->spectral_scan_config(ah, &sc->spec_config);
1130 ath9k_ps_restore(sc);
1131
1132 sc->spectral_mode = spectral_mode;
1133
1134 return 0;
1135}
1136
1078static int ath9k_config(struct ieee80211_hw *hw, u32 changed) 1137static int ath9k_config(struct ieee80211_hw *hw, u32 changed)
1079{ 1138{
1080 struct ath_softc *sc = hw->priv; 1139 struct ath_softc *sc = hw->priv;
@@ -1188,6 +1247,11 @@ static int ath9k_config(struct ieee80211_hw *hw, u32 changed)
1188 */ 1247 */
1189 if (old_pos >= 0) 1248 if (old_pos >= 0)
1190 ath_update_survey_nf(sc, old_pos); 1249 ath_update_survey_nf(sc, old_pos);
1250
1251 /* perform spectral scan if requested. */
1252 if (sc->scanning && sc->spectral_mode == SPECTRAL_CHANSCAN)
1253 ath9k_spectral_scan_trigger(hw);
1254
1191 } 1255 }
1192 1256
1193 if (changed & IEEE80211_CONF_CHANGE_POWER) { 1257 if (changed & IEEE80211_CONF_CHANGE_POWER) {
@@ -1610,7 +1674,9 @@ static int ath9k_ampdu_action(struct ieee80211_hw *hw,
1610 ieee80211_start_tx_ba_cb_irqsafe(vif, sta->addr, tid); 1674 ieee80211_start_tx_ba_cb_irqsafe(vif, sta->addr, tid);
1611 ath9k_ps_restore(sc); 1675 ath9k_ps_restore(sc);
1612 break; 1676 break;
1613 case IEEE80211_AMPDU_TX_STOP: 1677 case IEEE80211_AMPDU_TX_STOP_CONT:
1678 case IEEE80211_AMPDU_TX_STOP_FLUSH:
1679 case IEEE80211_AMPDU_TX_STOP_FLUSH_CONT:
1614 ath9k_ps_wakeup(sc); 1680 ath9k_ps_wakeup(sc);
1615 ath_tx_aggr_stop(sc, sta, tid); 1681 ath_tx_aggr_stop(sc, sta, tid);
1616 ieee80211_stop_tx_ba_cb_irqsafe(vif, sta->addr, tid); 1682 ieee80211_stop_tx_ba_cb_irqsafe(vif, sta->addr, tid);
@@ -1729,11 +1795,11 @@ static void ath9k_flush(struct ieee80211_hw *hw, bool drop)
1729 if (drop) { 1795 if (drop) {
1730 ath9k_ps_wakeup(sc); 1796 ath9k_ps_wakeup(sc);
1731 spin_lock_bh(&sc->sc_pcu_lock); 1797 spin_lock_bh(&sc->sc_pcu_lock);
1732 drain_txq = ath_drain_all_txq(sc, false); 1798 drain_txq = ath_drain_all_txq(sc);
1733 spin_unlock_bh(&sc->sc_pcu_lock); 1799 spin_unlock_bh(&sc->sc_pcu_lock);
1734 1800
1735 if (!drain_txq) 1801 if (!drain_txq)
1736 ath_reset(sc, false); 1802 ath_reset(sc);
1737 1803
1738 ath9k_ps_restore(sc); 1804 ath9k_ps_restore(sc);
1739 ieee80211_wake_queues(hw); 1805 ieee80211_wake_queues(hw);
@@ -1833,6 +1899,9 @@ static u32 fill_chainmask(u32 cap, u32 new)
1833 1899
1834static bool validate_antenna_mask(struct ath_hw *ah, u32 val) 1900static bool validate_antenna_mask(struct ath_hw *ah, u32 val)
1835{ 1901{
1902 if (AR_SREV_9300_20_OR_LATER(ah))
1903 return true;
1904
1836 switch (val & 0x7) { 1905 switch (val & 0x7) {
1837 case 0x1: 1906 case 0x1:
1838 case 0x3: 1907 case 0x3:
@@ -2238,6 +2307,19 @@ static void ath9k_set_wakeup(struct ieee80211_hw *hw, bool enabled)
2238} 2307}
2239 2308
2240#endif 2309#endif
2310static void ath9k_sw_scan_start(struct ieee80211_hw *hw)
2311{
2312 struct ath_softc *sc = hw->priv;
2313
2314 sc->scanning = 1;
2315}
2316
2317static void ath9k_sw_scan_complete(struct ieee80211_hw *hw)
2318{
2319 struct ath_softc *sc = hw->priv;
2320
2321 sc->scanning = 0;
2322}
2241 2323
2242struct ieee80211_ops ath9k_ops = { 2324struct ieee80211_ops ath9k_ops = {
2243 .tx = ath9k_tx, 2325 .tx = ath9k_tx,
@@ -2284,4 +2366,6 @@ struct ieee80211_ops ath9k_ops = {
2284 .sta_add_debugfs = ath9k_sta_add_debugfs, 2366 .sta_add_debugfs = ath9k_sta_add_debugfs,
2285 .sta_remove_debugfs = ath9k_sta_remove_debugfs, 2367 .sta_remove_debugfs = ath9k_sta_remove_debugfs,
2286#endif 2368#endif
2369 .sw_scan_start = ath9k_sw_scan_start,
2370 .sw_scan_complete = ath9k_sw_scan_complete,
2287}; 2371};
diff --git a/drivers/net/wireless/ath/ath9k/mci.c b/drivers/net/wireless/ath/ath9k/mci.c
index 5c02702f21e7..d2074334ec9b 100644
--- a/drivers/net/wireless/ath/ath9k/mci.c
+++ b/drivers/net/wireless/ath/ath9k/mci.c
@@ -438,7 +438,7 @@ int ath_mci_setup(struct ath_softc *sc)
438 struct ath_mci_buf *buf = &mci->sched_buf; 438 struct ath_mci_buf *buf = &mci->sched_buf;
439 int ret; 439 int ret;
440 440
441 buf->bf_addr = dma_alloc_coherent(sc->dev, 441 buf->bf_addr = dmam_alloc_coherent(sc->dev,
442 ATH_MCI_SCHED_BUF_SIZE + ATH_MCI_GPM_BUF_SIZE, 442 ATH_MCI_SCHED_BUF_SIZE + ATH_MCI_GPM_BUF_SIZE,
443 &buf->bf_paddr, GFP_KERNEL); 443 &buf->bf_paddr, GFP_KERNEL);
444 444
@@ -477,11 +477,6 @@ void ath_mci_cleanup(struct ath_softc *sc)
477 struct ath_mci_coex *mci = &sc->mci_coex; 477 struct ath_mci_coex *mci = &sc->mci_coex;
478 struct ath_mci_buf *buf = &mci->sched_buf; 478 struct ath_mci_buf *buf = &mci->sched_buf;
479 479
480 if (buf->bf_addr)
481 dma_free_coherent(sc->dev,
482 ATH_MCI_SCHED_BUF_SIZE + ATH_MCI_GPM_BUF_SIZE,
483 buf->bf_addr, buf->bf_paddr);
484
485 ar9003_mci_cleanup(ah); 480 ar9003_mci_cleanup(ah);
486 481
487 ath_dbg(common, MCI, "MCI De-Initialized\n"); 482 ath_dbg(common, MCI, "MCI De-Initialized\n");
diff --git a/drivers/net/wireless/ath/ath9k/pci.c b/drivers/net/wireless/ath/ath9k/pci.c
index 7ae73fbd9136..0e0d39583837 100644
--- a/drivers/net/wireless/ath/ath9k/pci.c
+++ b/drivers/net/wireless/ath/ath9k/pci.c
@@ -147,7 +147,6 @@ static const struct ath_bus_ops ath_pci_bus_ops = {
147 147
148static int ath_pci_probe(struct pci_dev *pdev, const struct pci_device_id *id) 148static int ath_pci_probe(struct pci_dev *pdev, const struct pci_device_id *id)
149{ 149{
150 void __iomem *mem;
151 struct ath_softc *sc; 150 struct ath_softc *sc;
152 struct ieee80211_hw *hw; 151 struct ieee80211_hw *hw;
153 u8 csz; 152 u8 csz;
@@ -155,19 +154,19 @@ static int ath_pci_probe(struct pci_dev *pdev, const struct pci_device_id *id)
155 int ret = 0; 154 int ret = 0;
156 char hw_name[64]; 155 char hw_name[64];
157 156
158 if (pci_enable_device(pdev)) 157 if (pcim_enable_device(pdev))
159 return -EIO; 158 return -EIO;
160 159
161 ret = pci_set_dma_mask(pdev, DMA_BIT_MASK(32)); 160 ret = pci_set_dma_mask(pdev, DMA_BIT_MASK(32));
162 if (ret) { 161 if (ret) {
163 pr_err("32-bit DMA not available\n"); 162 pr_err("32-bit DMA not available\n");
164 goto err_dma; 163 return ret;
165 } 164 }
166 165
167 ret = pci_set_consistent_dma_mask(pdev, DMA_BIT_MASK(32)); 166 ret = pci_set_consistent_dma_mask(pdev, DMA_BIT_MASK(32));
168 if (ret) { 167 if (ret) {
169 pr_err("32-bit DMA consistent DMA enable failed\n"); 168 pr_err("32-bit DMA consistent DMA enable failed\n");
170 goto err_dma; 169 return ret;
171 } 170 }
172 171
173 /* 172 /*
@@ -203,25 +202,16 @@ static int ath_pci_probe(struct pci_dev *pdev, const struct pci_device_id *id)
203 if ((val & 0x0000ff00) != 0) 202 if ((val & 0x0000ff00) != 0)
204 pci_write_config_dword(pdev, 0x40, val & 0xffff00ff); 203 pci_write_config_dword(pdev, 0x40, val & 0xffff00ff);
205 204
206 ret = pci_request_region(pdev, 0, "ath9k"); 205 ret = pcim_iomap_regions(pdev, BIT(0), "ath9k");
207 if (ret) { 206 if (ret) {
208 dev_err(&pdev->dev, "PCI memory region reserve error\n"); 207 dev_err(&pdev->dev, "PCI memory region reserve error\n");
209 ret = -ENODEV; 208 return -ENODEV;
210 goto err_region;
211 }
212
213 mem = pci_iomap(pdev, 0, 0);
214 if (!mem) {
215 pr_err("PCI memory map error\n") ;
216 ret = -EIO;
217 goto err_iomap;
218 } 209 }
219 210
220 hw = ieee80211_alloc_hw(sizeof(struct ath_softc), &ath9k_ops); 211 hw = ieee80211_alloc_hw(sizeof(struct ath_softc), &ath9k_ops);
221 if (!hw) { 212 if (!hw) {
222 dev_err(&pdev->dev, "No memory for ieee80211_hw\n"); 213 dev_err(&pdev->dev, "No memory for ieee80211_hw\n");
223 ret = -ENOMEM; 214 return -ENOMEM;
224 goto err_alloc_hw;
225 } 215 }
226 216
227 SET_IEEE80211_DEV(hw, &pdev->dev); 217 SET_IEEE80211_DEV(hw, &pdev->dev);
@@ -230,7 +220,7 @@ static int ath_pci_probe(struct pci_dev *pdev, const struct pci_device_id *id)
230 sc = hw->priv; 220 sc = hw->priv;
231 sc->hw = hw; 221 sc->hw = hw;
232 sc->dev = &pdev->dev; 222 sc->dev = &pdev->dev;
233 sc->mem = mem; 223 sc->mem = pcim_iomap_table(pdev)[0];
234 224
235 /* Will be cleared in ath9k_start() */ 225 /* Will be cleared in ath9k_start() */
236 set_bit(SC_OP_INVALID, &sc->sc_flags); 226 set_bit(SC_OP_INVALID, &sc->sc_flags);
@@ -251,7 +241,7 @@ static int ath_pci_probe(struct pci_dev *pdev, const struct pci_device_id *id)
251 241
252 ath9k_hw_name(sc->sc_ah, hw_name, sizeof(hw_name)); 242 ath9k_hw_name(sc->sc_ah, hw_name, sizeof(hw_name));
253 wiphy_info(hw->wiphy, "%s mem=0x%lx, irq=%d\n", 243 wiphy_info(hw->wiphy, "%s mem=0x%lx, irq=%d\n",
254 hw_name, (unsigned long)mem, pdev->irq); 244 hw_name, (unsigned long)sc->mem, pdev->irq);
255 245
256 return 0; 246 return 0;
257 247
@@ -259,14 +249,6 @@ err_init:
259 free_irq(sc->irq, sc); 249 free_irq(sc->irq, sc);
260err_irq: 250err_irq:
261 ieee80211_free_hw(hw); 251 ieee80211_free_hw(hw);
262err_alloc_hw:
263 pci_iounmap(pdev, mem);
264err_iomap:
265 pci_release_region(pdev, 0);
266err_region:
267 /* Nothing */
268err_dma:
269 pci_disable_device(pdev);
270 return ret; 252 return ret;
271} 253}
272 254
@@ -274,17 +256,12 @@ static void ath_pci_remove(struct pci_dev *pdev)
274{ 256{
275 struct ieee80211_hw *hw = pci_get_drvdata(pdev); 257 struct ieee80211_hw *hw = pci_get_drvdata(pdev);
276 struct ath_softc *sc = hw->priv; 258 struct ath_softc *sc = hw->priv;
277 void __iomem *mem = sc->mem;
278 259
279 if (!is_ath9k_unloaded) 260 if (!is_ath9k_unloaded)
280 sc->sc_ah->ah_flags |= AH_UNPLUGGED; 261 sc->sc_ah->ah_flags |= AH_UNPLUGGED;
281 ath9k_deinit_device(sc); 262 ath9k_deinit_device(sc);
282 free_irq(sc->irq, sc); 263 free_irq(sc->irq, sc);
283 ieee80211_free_hw(sc->hw); 264 ieee80211_free_hw(sc->hw);
284
285 pci_iounmap(pdev, mem);
286 pci_disable_device(pdev);
287 pci_release_region(pdev, 0);
288} 265}
289 266
290#ifdef CONFIG_PM_SLEEP 267#ifdef CONFIG_PM_SLEEP
diff --git a/drivers/net/wireless/ath/ath9k/recv.c b/drivers/net/wireless/ath/ath9k/recv.c
index d4df98a938bf..2af6f19d2d2a 100644
--- a/drivers/net/wireless/ath/ath9k/recv.c
+++ b/drivers/net/wireless/ath/ath9k/recv.c
@@ -15,6 +15,7 @@
15 */ 15 */
16 16
17#include <linux/dma-mapping.h> 17#include <linux/dma-mapping.h>
18#include <linux/relay.h>
18#include "ath9k.h" 19#include "ath9k.h"
19#include "ar9003_mac.h" 20#include "ar9003_mac.h"
20 21
@@ -180,11 +181,6 @@ static void ath_rx_edma_cleanup(struct ath_softc *sc)
180 bf->bf_mpdu = NULL; 181 bf->bf_mpdu = NULL;
181 } 182 }
182 } 183 }
183
184 INIT_LIST_HEAD(&sc->rx.rxbuf);
185
186 kfree(sc->rx.rx_bufptr);
187 sc->rx.rx_bufptr = NULL;
188} 184}
189 185
190static void ath_rx_edma_init_queue(struct ath_rx_edma *rx_edma, int size) 186static void ath_rx_edma_init_queue(struct ath_rx_edma *rx_edma, int size)
@@ -211,12 +207,11 @@ static int ath_rx_edma_init(struct ath_softc *sc, int nbufs)
211 ah->caps.rx_hp_qdepth); 207 ah->caps.rx_hp_qdepth);
212 208
213 size = sizeof(struct ath_buf) * nbufs; 209 size = sizeof(struct ath_buf) * nbufs;
214 bf = kzalloc(size, GFP_KERNEL); 210 bf = devm_kzalloc(sc->dev, size, GFP_KERNEL);
215 if (!bf) 211 if (!bf)
216 return -ENOMEM; 212 return -ENOMEM;
217 213
218 INIT_LIST_HEAD(&sc->rx.rxbuf); 214 INIT_LIST_HEAD(&sc->rx.rxbuf);
219 sc->rx.rx_bufptr = bf;
220 215
221 for (i = 0; i < nbufs; i++, bf++) { 216 for (i = 0; i < nbufs; i++, bf++) {
222 skb = ath_rxbuf_alloc(common, common->rx_bufsize, GFP_KERNEL); 217 skb = ath_rxbuf_alloc(common, common->rx_bufsize, GFP_KERNEL);
@@ -254,8 +249,6 @@ rx_init_fail:
254 249
255static void ath_edma_start_recv(struct ath_softc *sc) 250static void ath_edma_start_recv(struct ath_softc *sc)
256{ 251{
257 spin_lock_bh(&sc->rx.rxbuflock);
258
259 ath9k_hw_rxena(sc->sc_ah); 252 ath9k_hw_rxena(sc->sc_ah);
260 253
261 ath_rx_addbuffer_edma(sc, ATH9K_RX_QUEUE_HP, 254 ath_rx_addbuffer_edma(sc, ATH9K_RX_QUEUE_HP,
@@ -267,8 +260,6 @@ static void ath_edma_start_recv(struct ath_softc *sc)
267 ath_opmode_init(sc); 260 ath_opmode_init(sc);
268 261
269 ath9k_hw_startpcureceive(sc->sc_ah, !!(sc->hw->conf.flags & IEEE80211_CONF_OFFCHANNEL)); 262 ath9k_hw_startpcureceive(sc->sc_ah, !!(sc->hw->conf.flags & IEEE80211_CONF_OFFCHANNEL));
270
271 spin_unlock_bh(&sc->rx.rxbuflock);
272} 263}
273 264
274static void ath_edma_stop_recv(struct ath_softc *sc) 265static void ath_edma_stop_recv(struct ath_softc *sc)
@@ -285,8 +276,6 @@ int ath_rx_init(struct ath_softc *sc, int nbufs)
285 int error = 0; 276 int error = 0;
286 277
287 spin_lock_init(&sc->sc_pcu_lock); 278 spin_lock_init(&sc->sc_pcu_lock);
288 spin_lock_init(&sc->rx.rxbuflock);
289 clear_bit(SC_OP_RXFLUSH, &sc->sc_flags);
290 279
291 common->rx_bufsize = IEEE80211_MAX_MPDU_LEN / 2 + 280 common->rx_bufsize = IEEE80211_MAX_MPDU_LEN / 2 +
292 sc->sc_ah->caps.rx_status_len; 281 sc->sc_ah->caps.rx_status_len;
@@ -363,9 +352,6 @@ void ath_rx_cleanup(struct ath_softc *sc)
363 bf->bf_mpdu = NULL; 352 bf->bf_mpdu = NULL;
364 } 353 }
365 } 354 }
366
367 if (sc->rx.rxdma.dd_desc_len != 0)
368 ath_descdma_cleanup(sc, &sc->rx.rxdma, &sc->rx.rxbuf);
369 } 355 }
370} 356}
371 357
@@ -447,7 +433,6 @@ int ath_startrecv(struct ath_softc *sc)
447 return 0; 433 return 0;
448 } 434 }
449 435
450 spin_lock_bh(&sc->rx.rxbuflock);
451 if (list_empty(&sc->rx.rxbuf)) 436 if (list_empty(&sc->rx.rxbuf))
452 goto start_recv; 437 goto start_recv;
453 438
@@ -468,26 +453,31 @@ start_recv:
468 ath_opmode_init(sc); 453 ath_opmode_init(sc);
469 ath9k_hw_startpcureceive(ah, !!(sc->hw->conf.flags & IEEE80211_CONF_OFFCHANNEL)); 454 ath9k_hw_startpcureceive(ah, !!(sc->hw->conf.flags & IEEE80211_CONF_OFFCHANNEL));
470 455
471 spin_unlock_bh(&sc->rx.rxbuflock);
472
473 return 0; 456 return 0;
474} 457}
475 458
459static void ath_flushrecv(struct ath_softc *sc)
460{
461 if (sc->sc_ah->caps.hw_caps & ATH9K_HW_CAP_EDMA)
462 ath_rx_tasklet(sc, 1, true);
463 ath_rx_tasklet(sc, 1, false);
464}
465
476bool ath_stoprecv(struct ath_softc *sc) 466bool ath_stoprecv(struct ath_softc *sc)
477{ 467{
478 struct ath_hw *ah = sc->sc_ah; 468 struct ath_hw *ah = sc->sc_ah;
479 bool stopped, reset = false; 469 bool stopped, reset = false;
480 470
481 spin_lock_bh(&sc->rx.rxbuflock);
482 ath9k_hw_abortpcurecv(ah); 471 ath9k_hw_abortpcurecv(ah);
483 ath9k_hw_setrxfilter(ah, 0); 472 ath9k_hw_setrxfilter(ah, 0);
484 stopped = ath9k_hw_stopdmarecv(ah, &reset); 473 stopped = ath9k_hw_stopdmarecv(ah, &reset);
485 474
475 ath_flushrecv(sc);
476
486 if (sc->sc_ah->caps.hw_caps & ATH9K_HW_CAP_EDMA) 477 if (sc->sc_ah->caps.hw_caps & ATH9K_HW_CAP_EDMA)
487 ath_edma_stop_recv(sc); 478 ath_edma_stop_recv(sc);
488 else 479 else
489 sc->rx.rxlink = NULL; 480 sc->rx.rxlink = NULL;
490 spin_unlock_bh(&sc->rx.rxbuflock);
491 481
492 if (!(ah->ah_flags & AH_UNPLUGGED) && 482 if (!(ah->ah_flags & AH_UNPLUGGED) &&
493 unlikely(!stopped)) { 483 unlikely(!stopped)) {
@@ -499,15 +489,6 @@ bool ath_stoprecv(struct ath_softc *sc)
499 return stopped && !reset; 489 return stopped && !reset;
500} 490}
501 491
502void ath_flushrecv(struct ath_softc *sc)
503{
504 set_bit(SC_OP_RXFLUSH, &sc->sc_flags);
505 if (sc->sc_ah->caps.hw_caps & ATH9K_HW_CAP_EDMA)
506 ath_rx_tasklet(sc, 1, true);
507 ath_rx_tasklet(sc, 1, false);
508 clear_bit(SC_OP_RXFLUSH, &sc->sc_flags);
509}
510
511static bool ath_beacon_dtim_pending_cab(struct sk_buff *skb) 492static bool ath_beacon_dtim_pending_cab(struct sk_buff *skb)
512{ 493{
513 /* Check whether the Beacon frame has DTIM indicating buffered bc/mc */ 494 /* Check whether the Beacon frame has DTIM indicating buffered bc/mc */
@@ -744,6 +725,7 @@ static struct ath_buf *ath_get_next_rx_buf(struct ath_softc *sc,
744 return NULL; 725 return NULL;
745 } 726 }
746 727
728 list_del(&bf->list);
747 if (!bf->bf_mpdu) 729 if (!bf->bf_mpdu)
748 return bf; 730 return bf;
749 731
@@ -1034,6 +1016,113 @@ static void ath9k_rx_skb_postprocess(struct ath_common *common,
1034 rxs->flag &= ~RX_FLAG_DECRYPTED; 1016 rxs->flag &= ~RX_FLAG_DECRYPTED;
1035} 1017}
1036 1018
1019static s8 fix_rssi_inv_only(u8 rssi_val)
1020{
1021 if (rssi_val == 128)
1022 rssi_val = 0;
1023 return (s8) rssi_val;
1024}
1025
1026/* returns 1 if this was a spectral frame, even if not handled. */
1027static int ath_process_fft(struct ath_softc *sc, struct ieee80211_hdr *hdr,
1028 struct ath_rx_status *rs, u64 tsf)
1029{
1030#ifdef CONFIG_ATH_DEBUG
1031 struct ath_hw *ah = sc->sc_ah;
1032 u8 bins[SPECTRAL_HT20_NUM_BINS];
1033 u8 *vdata = (u8 *)hdr;
1034 struct fft_sample_ht20 fft_sample;
1035 struct ath_radar_info *radar_info;
1036 struct ath_ht20_mag_info *mag_info;
1037 int len = rs->rs_datalen;
1038 int dc_pos;
1039
1040 /* AR9280 and before report via ATH9K_PHYERR_RADAR, AR93xx and newer
1041 * via ATH9K_PHYERR_SPECTRAL. Haven't seen ATH9K_PHYERR_FALSE_RADAR_EXT
1042 * yet, but this is supposed to be possible as well.
1043 */
1044 if (rs->rs_phyerr != ATH9K_PHYERR_RADAR &&
1045 rs->rs_phyerr != ATH9K_PHYERR_FALSE_RADAR_EXT &&
1046 rs->rs_phyerr != ATH9K_PHYERR_SPECTRAL)
1047 return 0;
1048
1049 /* check if spectral scan bit is set. This does not have to be checked
1050 * if received through a SPECTRAL phy error, but shouldn't hurt.
1051 */
1052 radar_info = ((struct ath_radar_info *)&vdata[len]) - 1;
1053 if (!(radar_info->pulse_bw_info & SPECTRAL_SCAN_BITMASK))
1054 return 0;
1055
1056 /* Variation in the data length is possible and will be fixed later.
1057 * Note that we only support HT20 for now.
1058 *
1059 * TODO: add HT20_40 support as well.
1060 */
1061 if ((len > SPECTRAL_HT20_TOTAL_DATA_LEN + 2) ||
1062 (len < SPECTRAL_HT20_TOTAL_DATA_LEN - 1))
1063 return 1;
1064
1065 fft_sample.tlv.type = ATH_FFT_SAMPLE_HT20;
1066 fft_sample.tlv.length = sizeof(fft_sample) - sizeof(fft_sample.tlv);
1067 fft_sample.tlv.length = __cpu_to_be16(fft_sample.tlv.length);
1068
1069 fft_sample.freq = __cpu_to_be16(ah->curchan->chan->center_freq);
1070 fft_sample.rssi = fix_rssi_inv_only(rs->rs_rssi_ctl0);
1071 fft_sample.noise = ah->noise;
1072
1073 switch (len - SPECTRAL_HT20_TOTAL_DATA_LEN) {
1074 case 0:
1075 /* length correct, nothing to do. */
1076 memcpy(bins, vdata, SPECTRAL_HT20_NUM_BINS);
1077 break;
1078 case -1:
1079 /* first byte missing, duplicate it. */
1080 memcpy(&bins[1], vdata, SPECTRAL_HT20_NUM_BINS - 1);
1081 bins[0] = vdata[0];
1082 break;
1083 case 2:
1084 /* MAC added 2 extra bytes at bin 30 and 32, remove them. */
1085 memcpy(bins, vdata, 30);
1086 bins[30] = vdata[31];
1087 memcpy(&bins[31], &vdata[33], SPECTRAL_HT20_NUM_BINS - 31);
1088 break;
1089 case 1:
1090 /* MAC added 2 extra bytes AND first byte is missing. */
1091 bins[0] = vdata[0];
1092 memcpy(&bins[0], vdata, 30);
1093 bins[31] = vdata[31];
1094 memcpy(&bins[32], &vdata[33], SPECTRAL_HT20_NUM_BINS - 32);
1095 break;
1096 default:
1097 return 1;
1098 }
1099
1100 /* DC value (value in the middle) is the blind spot of the spectral
1101 * sample and invalid, interpolate it.
1102 */
1103 dc_pos = SPECTRAL_HT20_NUM_BINS / 2;
1104 bins[dc_pos] = (bins[dc_pos + 1] + bins[dc_pos - 1]) / 2;
1105
1106 /* mag data is at the end of the frame, in front of radar_info */
1107 mag_info = ((struct ath_ht20_mag_info *)radar_info) - 1;
1108
1109 /* copy raw bins without scaling them */
1110 memcpy(fft_sample.data, bins, SPECTRAL_HT20_NUM_BINS);
1111 fft_sample.max_exp = mag_info->max_exp & 0xf;
1112
1113 fft_sample.max_magnitude = spectral_max_magnitude(mag_info->all_bins);
1114 fft_sample.max_magnitude = __cpu_to_be16(fft_sample.max_magnitude);
1115 fft_sample.max_index = spectral_max_index(mag_info->all_bins);
1116 fft_sample.bitmap_weight = spectral_bitmap_weight(mag_info->all_bins);
1117 fft_sample.tsf = __cpu_to_be64(tsf);
1118
1119 ath_debug_send_fft_sample(sc, &fft_sample.tlv);
1120 return 1;
1121#else
1122 return 0;
1123#endif
1124}
1125
1037int ath_rx_tasklet(struct ath_softc *sc, int flush, bool hp) 1126int ath_rx_tasklet(struct ath_softc *sc, int flush, bool hp)
1038{ 1127{
1039 struct ath_buf *bf; 1128 struct ath_buf *bf;
@@ -1059,16 +1148,12 @@ int ath_rx_tasklet(struct ath_softc *sc, int flush, bool hp)
1059 dma_type = DMA_FROM_DEVICE; 1148 dma_type = DMA_FROM_DEVICE;
1060 1149
1061 qtype = hp ? ATH9K_RX_QUEUE_HP : ATH9K_RX_QUEUE_LP; 1150 qtype = hp ? ATH9K_RX_QUEUE_HP : ATH9K_RX_QUEUE_LP;
1062 spin_lock_bh(&sc->rx.rxbuflock);
1063 1151
1064 tsf = ath9k_hw_gettsf64(ah); 1152 tsf = ath9k_hw_gettsf64(ah);
1065 tsf_lower = tsf & 0xffffffff; 1153 tsf_lower = tsf & 0xffffffff;
1066 1154
1067 do { 1155 do {
1068 bool decrypt_error = false; 1156 bool decrypt_error = false;
1069 /* If handling rx interrupt and flush is in progress => exit */
1070 if (test_bit(SC_OP_RXFLUSH, &sc->sc_flags) && (flush == 0))
1071 break;
1072 1157
1073 memset(&rs, 0, sizeof(rs)); 1158 memset(&rs, 0, sizeof(rs));
1074 if (edma) 1159 if (edma)
@@ -1111,15 +1196,6 @@ int ath_rx_tasklet(struct ath_softc *sc, int flush, bool hp)
1111 1196
1112 ath_debug_stat_rx(sc, &rs); 1197 ath_debug_stat_rx(sc, &rs);
1113 1198
1114 /*
1115 * If we're asked to flush receive queue, directly
1116 * chain it back at the queue without processing it.
1117 */
1118 if (test_bit(SC_OP_RXFLUSH, &sc->sc_flags)) {
1119 RX_STAT_INC(rx_drop_rxflush);
1120 goto requeue_drop_frag;
1121 }
1122
1123 memset(rxs, 0, sizeof(struct ieee80211_rx_status)); 1199 memset(rxs, 0, sizeof(struct ieee80211_rx_status));
1124 1200
1125 rxs->mactime = (tsf & ~0xffffffffULL) | rs.rs_tstamp; 1201 rxs->mactime = (tsf & ~0xffffffffULL) | rs.rs_tstamp;
@@ -1131,6 +1207,13 @@ int ath_rx_tasklet(struct ath_softc *sc, int flush, bool hp)
1131 unlikely(tsf_lower - rs.rs_tstamp > 0x10000000)) 1207 unlikely(tsf_lower - rs.rs_tstamp > 0x10000000))
1132 rxs->mactime += 0x100000000ULL; 1208 rxs->mactime += 0x100000000ULL;
1133 1209
1210 if (rs.rs_status & ATH9K_RXERR_PHY) {
1211 if (ath_process_fft(sc, hdr, &rs, rxs->mactime)) {
1212 RX_STAT_INC(rx_spectral);
1213 goto requeue_drop_frag;
1214 }
1215 }
1216
1134 retval = ath9k_rx_skb_preprocess(common, hw, hdr, &rs, 1217 retval = ath9k_rx_skb_preprocess(common, hw, hdr, &rs,
1135 rxs, &decrypt_error); 1218 rxs, &decrypt_error);
1136 if (retval) 1219 if (retval)
@@ -1254,19 +1337,18 @@ requeue_drop_frag:
1254 sc->rx.frag = NULL; 1337 sc->rx.frag = NULL;
1255 } 1338 }
1256requeue: 1339requeue:
1340 list_add_tail(&bf->list, &sc->rx.rxbuf);
1341 if (flush)
1342 continue;
1343
1257 if (edma) { 1344 if (edma) {
1258 list_add_tail(&bf->list, &sc->rx.rxbuf);
1259 ath_rx_edma_buf_link(sc, qtype); 1345 ath_rx_edma_buf_link(sc, qtype);
1260 } else { 1346 } else {
1261 list_move_tail(&bf->list, &sc->rx.rxbuf);
1262 ath_rx_buf_link(sc, bf); 1347 ath_rx_buf_link(sc, bf);
1263 if (!flush) 1348 ath9k_hw_rxena(ah);
1264 ath9k_hw_rxena(ah);
1265 } 1349 }
1266 } while (1); 1350 } while (1);
1267 1351
1268 spin_unlock_bh(&sc->rx.rxbuflock);
1269
1270 if (!(ah->imask & ATH9K_INT_RXEOL)) { 1352 if (!(ah->imask & ATH9K_INT_RXEOL)) {
1271 ah->imask |= (ATH9K_INT_RXEOL | ATH9K_INT_RXORN); 1353 ah->imask |= (ATH9K_INT_RXEOL | ATH9K_INT_RXORN);
1272 ath9k_hw_set_interrupts(ah); 1354 ath9k_hw_set_interrupts(ah);
diff --git a/drivers/net/wireless/ath/ath9k/reg.h b/drivers/net/wireless/ath/ath9k/reg.h
index ad3c82c09177..5929850649f0 100644
--- a/drivers/net/wireless/ath/ath9k/reg.h
+++ b/drivers/net/wireless/ath/ath9k/reg.h
@@ -789,6 +789,7 @@
789#define AR_SREV_REVISION_9271_11 1 789#define AR_SREV_REVISION_9271_11 1
790#define AR_SREV_VERSION_9300 0x1c0 790#define AR_SREV_VERSION_9300 0x1c0
791#define AR_SREV_REVISION_9300_20 2 /* 2.0 and 2.1 */ 791#define AR_SREV_REVISION_9300_20 2 /* 2.0 and 2.1 */
792#define AR_SREV_REVISION_9300_22 3
792#define AR_SREV_VERSION_9330 0x200 793#define AR_SREV_VERSION_9330 0x200
793#define AR_SREV_REVISION_9330_10 0 794#define AR_SREV_REVISION_9330_10 0
794#define AR_SREV_REVISION_9330_11 1 795#define AR_SREV_REVISION_9330_11 1
@@ -869,6 +870,9 @@
869 (((_ah)->hw_version.macVersion == AR_SREV_VERSION_9300)) 870 (((_ah)->hw_version.macVersion == AR_SREV_VERSION_9300))
870#define AR_SREV_9300_20_OR_LATER(_ah) \ 871#define AR_SREV_9300_20_OR_LATER(_ah) \
871 ((_ah)->hw_version.macVersion >= AR_SREV_VERSION_9300) 872 ((_ah)->hw_version.macVersion >= AR_SREV_VERSION_9300)
873#define AR_SREV_9300_22(_ah) \
874 (AR_SREV_9300(ah) && \
875 ((_ah)->hw_version.macRev == AR_SREV_REVISION_9300_22))
872 876
873#define AR_SREV_9330(_ah) \ 877#define AR_SREV_9330(_ah) \
874 (((_ah)->hw_version.macVersion == AR_SREV_VERSION_9330)) 878 (((_ah)->hw_version.macVersion == AR_SREV_VERSION_9330))
@@ -884,9 +888,6 @@
884 888
885#define AR_SREV_9485(_ah) \ 889#define AR_SREV_9485(_ah) \
886 (((_ah)->hw_version.macVersion == AR_SREV_VERSION_9485)) 890 (((_ah)->hw_version.macVersion == AR_SREV_VERSION_9485))
887#define AR_SREV_9485_10(_ah) \
888 (AR_SREV_9485(_ah) && \
889 ((_ah)->hw_version.macRev == AR_SREV_REVISION_9485_10))
890#define AR_SREV_9485_11(_ah) \ 891#define AR_SREV_9485_11(_ah) \
891 (AR_SREV_9485(_ah) && \ 892 (AR_SREV_9485(_ah) && \
892 ((_ah)->hw_version.macRev == AR_SREV_REVISION_9485_11)) 893 ((_ah)->hw_version.macRev == AR_SREV_REVISION_9485_11))
diff --git a/drivers/net/wireless/ath/ath9k/xmit.c b/drivers/net/wireless/ath/ath9k/xmit.c
index 90e48a0fafe5..feacaafee959 100644
--- a/drivers/net/wireless/ath/ath9k/xmit.c
+++ b/drivers/net/wireless/ath/ath9k/xmit.c
@@ -378,7 +378,7 @@ static void ath_tx_count_frames(struct ath_softc *sc, struct ath_buf *bf,
378 378
379static void ath_tx_complete_aggr(struct ath_softc *sc, struct ath_txq *txq, 379static void ath_tx_complete_aggr(struct ath_softc *sc, struct ath_txq *txq,
380 struct ath_buf *bf, struct list_head *bf_q, 380 struct ath_buf *bf, struct list_head *bf_q,
381 struct ath_tx_status *ts, int txok, bool retry) 381 struct ath_tx_status *ts, int txok)
382{ 382{
383 struct ath_node *an = NULL; 383 struct ath_node *an = NULL;
384 struct sk_buff *skb; 384 struct sk_buff *skb;
@@ -490,7 +490,7 @@ static void ath_tx_complete_aggr(struct ath_softc *sc, struct ath_txq *txq,
490 } else if (!isaggr && txok) { 490 } else if (!isaggr && txok) {
491 /* transmit completion */ 491 /* transmit completion */
492 acked_cnt++; 492 acked_cnt++;
493 } else if ((tid->state & AGGR_CLEANUP) || !retry) { 493 } else if (tid->state & AGGR_CLEANUP) {
494 /* 494 /*
495 * cleanup in progress, just fail 495 * cleanup in progress, just fail
496 * the un-acked sub-frames 496 * the un-acked sub-frames
@@ -604,6 +604,37 @@ static void ath_tx_complete_aggr(struct ath_softc *sc, struct ath_txq *txq,
604 ath9k_queue_reset(sc, RESET_TYPE_TX_ERROR); 604 ath9k_queue_reset(sc, RESET_TYPE_TX_ERROR);
605} 605}
606 606
607static bool bf_is_ampdu_not_probing(struct ath_buf *bf)
608{
609 struct ieee80211_tx_info *info = IEEE80211_SKB_CB(bf->bf_mpdu);
610 return bf_isampdu(bf) && !(info->flags & IEEE80211_TX_CTL_RATE_CTRL_PROBE);
611}
612
613static void ath_tx_process_buffer(struct ath_softc *sc, struct ath_txq *txq,
614 struct ath_tx_status *ts, struct ath_buf *bf,
615 struct list_head *bf_head)
616{
617 bool txok, flush;
618
619 txok = !(ts->ts_status & ATH9K_TXERR_MASK);
620 flush = !!(ts->ts_status & ATH9K_TX_FLUSH);
621 txq->axq_tx_inprogress = false;
622
623 txq->axq_depth--;
624 if (bf_is_ampdu_not_probing(bf))
625 txq->axq_ampdu_depth--;
626
627 if (!bf_isampdu(bf)) {
628 if (!flush)
629 ath_tx_rc_status(sc, bf, ts, 1, txok ? 0 : 1, txok);
630 ath_tx_complete_buf(sc, bf, txq, bf_head, ts, txok);
631 } else
632 ath_tx_complete_aggr(sc, txq, bf, bf_head, ts, txok);
633
634 if ((sc->sc_ah->caps.hw_caps & ATH9K_HW_CAP_HT) && !flush)
635 ath_txq_schedule(sc, txq);
636}
637
607static bool ath_lookup_legacy(struct ath_buf *bf) 638static bool ath_lookup_legacy(struct ath_buf *bf)
608{ 639{
609 struct sk_buff *skb; 640 struct sk_buff *skb;
@@ -1331,23 +1362,6 @@ void ath_tx_aggr_resume(struct ath_softc *sc, struct ieee80211_sta *sta, u16 tid
1331/* Queue Management */ 1362/* Queue Management */
1332/********************/ 1363/********************/
1333 1364
1334static void ath_txq_drain_pending_buffers(struct ath_softc *sc,
1335 struct ath_txq *txq)
1336{
1337 struct ath_atx_ac *ac, *ac_tmp;
1338 struct ath_atx_tid *tid, *tid_tmp;
1339
1340 list_for_each_entry_safe(ac, ac_tmp, &txq->axq_acq, list) {
1341 list_del(&ac->list);
1342 ac->sched = false;
1343 list_for_each_entry_safe(tid, tid_tmp, &ac->tid_q, list) {
1344 list_del(&tid->list);
1345 tid->sched = false;
1346 ath_tid_drain(sc, txq, tid);
1347 }
1348 }
1349}
1350
1351struct ath_txq *ath_txq_setup(struct ath_softc *sc, int qtype, int subtype) 1365struct ath_txq *ath_txq_setup(struct ath_softc *sc, int qtype, int subtype)
1352{ 1366{
1353 struct ath_hw *ah = sc->sc_ah; 1367 struct ath_hw *ah = sc->sc_ah;
@@ -1470,14 +1484,8 @@ int ath_cabq_update(struct ath_softc *sc)
1470 return 0; 1484 return 0;
1471} 1485}
1472 1486
1473static bool bf_is_ampdu_not_probing(struct ath_buf *bf)
1474{
1475 struct ieee80211_tx_info *info = IEEE80211_SKB_CB(bf->bf_mpdu);
1476 return bf_isampdu(bf) && !(info->flags & IEEE80211_TX_CTL_RATE_CTRL_PROBE);
1477}
1478
1479static void ath_drain_txq_list(struct ath_softc *sc, struct ath_txq *txq, 1487static void ath_drain_txq_list(struct ath_softc *sc, struct ath_txq *txq,
1480 struct list_head *list, bool retry_tx) 1488 struct list_head *list)
1481{ 1489{
1482 struct ath_buf *bf, *lastbf; 1490 struct ath_buf *bf, *lastbf;
1483 struct list_head bf_head; 1491 struct list_head bf_head;
@@ -1499,16 +1507,7 @@ static void ath_drain_txq_list(struct ath_softc *sc, struct ath_txq *txq,
1499 1507
1500 lastbf = bf->bf_lastbf; 1508 lastbf = bf->bf_lastbf;
1501 list_cut_position(&bf_head, list, &lastbf->list); 1509 list_cut_position(&bf_head, list, &lastbf->list);
1502 1510 ath_tx_process_buffer(sc, txq, &ts, bf, &bf_head);
1503 txq->axq_depth--;
1504 if (bf_is_ampdu_not_probing(bf))
1505 txq->axq_ampdu_depth--;
1506
1507 if (bf_isampdu(bf))
1508 ath_tx_complete_aggr(sc, txq, bf, &bf_head, &ts, 0,
1509 retry_tx);
1510 else
1511 ath_tx_complete_buf(sc, bf, txq, &bf_head, &ts, 0);
1512 } 1511 }
1513} 1512}
1514 1513
@@ -1518,7 +1517,7 @@ static void ath_drain_txq_list(struct ath_softc *sc, struct ath_txq *txq,
1518 * This assumes output has been stopped and 1517 * This assumes output has been stopped and
1519 * we do not need to block ath_tx_tasklet. 1518 * we do not need to block ath_tx_tasklet.
1520 */ 1519 */
1521void ath_draintxq(struct ath_softc *sc, struct ath_txq *txq, bool retry_tx) 1520void ath_draintxq(struct ath_softc *sc, struct ath_txq *txq)
1522{ 1521{
1523 ath_txq_lock(sc, txq); 1522 ath_txq_lock(sc, txq);
1524 1523
@@ -1526,8 +1525,7 @@ void ath_draintxq(struct ath_softc *sc, struct ath_txq *txq, bool retry_tx)
1526 int idx = txq->txq_tailidx; 1525 int idx = txq->txq_tailidx;
1527 1526
1528 while (!list_empty(&txq->txq_fifo[idx])) { 1527 while (!list_empty(&txq->txq_fifo[idx])) {
1529 ath_drain_txq_list(sc, txq, &txq->txq_fifo[idx], 1528 ath_drain_txq_list(sc, txq, &txq->txq_fifo[idx]);
1530 retry_tx);
1531 1529
1532 INCR(idx, ATH_TXFIFO_DEPTH); 1530 INCR(idx, ATH_TXFIFO_DEPTH);
1533 } 1531 }
@@ -1536,16 +1534,12 @@ void ath_draintxq(struct ath_softc *sc, struct ath_txq *txq, bool retry_tx)
1536 1534
1537 txq->axq_link = NULL; 1535 txq->axq_link = NULL;
1538 txq->axq_tx_inprogress = false; 1536 txq->axq_tx_inprogress = false;
1539 ath_drain_txq_list(sc, txq, &txq->axq_q, retry_tx); 1537 ath_drain_txq_list(sc, txq, &txq->axq_q);
1540
1541 /* flush any pending frames if aggregation is enabled */
1542 if ((sc->sc_ah->caps.hw_caps & ATH9K_HW_CAP_HT) && !retry_tx)
1543 ath_txq_drain_pending_buffers(sc, txq);
1544 1538
1545 ath_txq_unlock_complete(sc, txq); 1539 ath_txq_unlock_complete(sc, txq);
1546} 1540}
1547 1541
1548bool ath_drain_all_txq(struct ath_softc *sc, bool retry_tx) 1542bool ath_drain_all_txq(struct ath_softc *sc)
1549{ 1543{
1550 struct ath_hw *ah = sc->sc_ah; 1544 struct ath_hw *ah = sc->sc_ah;
1551 struct ath_common *common = ath9k_hw_common(sc->sc_ah); 1545 struct ath_common *common = ath9k_hw_common(sc->sc_ah);
@@ -1581,7 +1575,7 @@ bool ath_drain_all_txq(struct ath_softc *sc, bool retry_tx)
1581 */ 1575 */
1582 txq = &sc->tx.txq[i]; 1576 txq = &sc->tx.txq[i];
1583 txq->stopped = false; 1577 txq->stopped = false;
1584 ath_draintxq(sc, txq, retry_tx); 1578 ath_draintxq(sc, txq);
1585 } 1579 }
1586 1580
1587 return !npend; 1581 return !npend;
@@ -2175,28 +2169,6 @@ static void ath_tx_rc_status(struct ath_softc *sc, struct ath_buf *bf,
2175 tx_info->status.rates[tx_rateindex].count = ts->ts_longretry + 1; 2169 tx_info->status.rates[tx_rateindex].count = ts->ts_longretry + 1;
2176} 2170}
2177 2171
2178static void ath_tx_process_buffer(struct ath_softc *sc, struct ath_txq *txq,
2179 struct ath_tx_status *ts, struct ath_buf *bf,
2180 struct list_head *bf_head)
2181{
2182 int txok;
2183
2184 txq->axq_depth--;
2185 txok = !(ts->ts_status & ATH9K_TXERR_MASK);
2186 txq->axq_tx_inprogress = false;
2187 if (bf_is_ampdu_not_probing(bf))
2188 txq->axq_ampdu_depth--;
2189
2190 if (!bf_isampdu(bf)) {
2191 ath_tx_rc_status(sc, bf, ts, 1, txok ? 0 : 1, txok);
2192 ath_tx_complete_buf(sc, bf, txq, bf_head, ts, txok);
2193 } else
2194 ath_tx_complete_aggr(sc, txq, bf, bf_head, ts, txok, true);
2195
2196 if (sc->sc_ah->caps.hw_caps & ATH9K_HW_CAP_HT)
2197 ath_txq_schedule(sc, txq);
2198}
2199
2200static void ath_tx_processq(struct ath_softc *sc, struct ath_txq *txq) 2172static void ath_tx_processq(struct ath_softc *sc, struct ath_txq *txq)
2201{ 2173{
2202 struct ath_hw *ah = sc->sc_ah; 2174 struct ath_hw *ah = sc->sc_ah;
@@ -2361,8 +2333,8 @@ static int ath_txstatus_setup(struct ath_softc *sc, int size)
2361 u8 txs_len = sc->sc_ah->caps.txs_len; 2333 u8 txs_len = sc->sc_ah->caps.txs_len;
2362 2334
2363 dd->dd_desc_len = size * txs_len; 2335 dd->dd_desc_len = size * txs_len;
2364 dd->dd_desc = dma_alloc_coherent(sc->dev, dd->dd_desc_len, 2336 dd->dd_desc = dmam_alloc_coherent(sc->dev, dd->dd_desc_len,
2365 &dd->dd_desc_paddr, GFP_KERNEL); 2337 &dd->dd_desc_paddr, GFP_KERNEL);
2366 if (!dd->dd_desc) 2338 if (!dd->dd_desc)
2367 return -ENOMEM; 2339 return -ENOMEM;
2368 2340
@@ -2382,14 +2354,6 @@ static int ath_tx_edma_init(struct ath_softc *sc)
2382 return err; 2354 return err;
2383} 2355}
2384 2356
2385static void ath_tx_edma_cleanup(struct ath_softc *sc)
2386{
2387 struct ath_descdma *dd = &sc->txsdma;
2388
2389 dma_free_coherent(sc->dev, dd->dd_desc_len, dd->dd_desc,
2390 dd->dd_desc_paddr);
2391}
2392
2393int ath_tx_init(struct ath_softc *sc, int nbufs) 2357int ath_tx_init(struct ath_softc *sc, int nbufs)
2394{ 2358{
2395 struct ath_common *common = ath9k_hw_common(sc->sc_ah); 2359 struct ath_common *common = ath9k_hw_common(sc->sc_ah);
@@ -2402,7 +2366,7 @@ int ath_tx_init(struct ath_softc *sc, int nbufs)
2402 if (error != 0) { 2366 if (error != 0) {
2403 ath_err(common, 2367 ath_err(common,
2404 "Failed to allocate tx descriptors: %d\n", error); 2368 "Failed to allocate tx descriptors: %d\n", error);
2405 goto err; 2369 return error;
2406 } 2370 }
2407 2371
2408 error = ath_descdma_setup(sc, &sc->beacon.bdma, &sc->beacon.bbuf, 2372 error = ath_descdma_setup(sc, &sc->beacon.bdma, &sc->beacon.bbuf,
@@ -2410,36 +2374,17 @@ int ath_tx_init(struct ath_softc *sc, int nbufs)
2410 if (error != 0) { 2374 if (error != 0) {
2411 ath_err(common, 2375 ath_err(common,
2412 "Failed to allocate beacon descriptors: %d\n", error); 2376 "Failed to allocate beacon descriptors: %d\n", error);
2413 goto err; 2377 return error;
2414 } 2378 }
2415 2379
2416 INIT_DELAYED_WORK(&sc->tx_complete_work, ath_tx_complete_poll_work); 2380 INIT_DELAYED_WORK(&sc->tx_complete_work, ath_tx_complete_poll_work);
2417 2381
2418 if (sc->sc_ah->caps.hw_caps & ATH9K_HW_CAP_EDMA) { 2382 if (sc->sc_ah->caps.hw_caps & ATH9K_HW_CAP_EDMA)
2419 error = ath_tx_edma_init(sc); 2383 error = ath_tx_edma_init(sc);
2420 if (error)
2421 goto err;
2422 }
2423
2424err:
2425 if (error != 0)
2426 ath_tx_cleanup(sc);
2427 2384
2428 return error; 2385 return error;
2429} 2386}
2430 2387
2431void ath_tx_cleanup(struct ath_softc *sc)
2432{
2433 if (sc->beacon.bdma.dd_desc_len != 0)
2434 ath_descdma_cleanup(sc, &sc->beacon.bdma, &sc->beacon.bbuf);
2435
2436 if (sc->tx.txdma.dd_desc_len != 0)
2437 ath_descdma_cleanup(sc, &sc->tx.txdma, &sc->tx.txbuf);
2438
2439 if (sc->sc_ah->caps.hw_caps & ATH9K_HW_CAP_EDMA)
2440 ath_tx_edma_cleanup(sc);
2441}
2442
2443void ath_tx_node_init(struct ath_softc *sc, struct ath_node *an) 2388void ath_tx_node_init(struct ath_softc *sc, struct ath_node *an)
2444{ 2389{
2445 struct ath_atx_tid *tid; 2390 struct ath_atx_tid *tid;
diff --git a/drivers/net/wireless/ath/carl9170/carl9170.h b/drivers/net/wireless/ath/carl9170/carl9170.h
index 2df17f1e49ef..25599741cd8a 100644
--- a/drivers/net/wireless/ath/carl9170/carl9170.h
+++ b/drivers/net/wireless/ath/carl9170/carl9170.h
@@ -85,20 +85,14 @@ enum carl9170_device_state {
85 CARL9170_STARTED, 85 CARL9170_STARTED,
86}; 86};
87 87
88#define CARL9170_NUM_TID 16
89#define WME_BA_BMP_SIZE 64 88#define WME_BA_BMP_SIZE 64
90#define CARL9170_TX_USER_RATE_TRIES 3 89#define CARL9170_TX_USER_RATE_TRIES 3
91 90
92#define WME_AC_BE 2
93#define WME_AC_BK 3
94#define WME_AC_VI 1
95#define WME_AC_VO 0
96
97#define TID_TO_WME_AC(_tid) \ 91#define TID_TO_WME_AC(_tid) \
98 ((((_tid) == 0) || ((_tid) == 3)) ? WME_AC_BE : \ 92 ((((_tid) == 0) || ((_tid) == 3)) ? IEEE80211_AC_BE : \
99 (((_tid) == 1) || ((_tid) == 2)) ? WME_AC_BK : \ 93 (((_tid) == 1) || ((_tid) == 2)) ? IEEE80211_AC_BK : \
100 (((_tid) == 4) || ((_tid) == 5)) ? WME_AC_VI : \ 94 (((_tid) == 4) || ((_tid) == 5)) ? IEEE80211_AC_VI : \
101 WME_AC_VO) 95 IEEE80211_AC_VO)
102 96
103#define SEQ_DIFF(_start, _seq) \ 97#define SEQ_DIFF(_start, _seq) \
104 (((_start) - (_seq)) & 0x0fff) 98 (((_start) - (_seq)) & 0x0fff)
@@ -290,6 +284,7 @@ struct ar9170 {
290 unsigned int rx_size; 284 unsigned int rx_size;
291 unsigned int tx_seq_table; 285 unsigned int tx_seq_table;
292 bool ba_filter; 286 bool ba_filter;
287 bool disable_offload_fw;
293 } fw; 288 } fw;
294 289
295 /* interface configuration combinations */ 290 /* interface configuration combinations */
@@ -493,8 +488,8 @@ struct carl9170_sta_info {
493 bool sleeping; 488 bool sleeping;
494 atomic_t pending_frames; 489 atomic_t pending_frames;
495 unsigned int ampdu_max_len; 490 unsigned int ampdu_max_len;
496 struct carl9170_sta_tid __rcu *agg[CARL9170_NUM_TID]; 491 struct carl9170_sta_tid __rcu *agg[IEEE80211_NUM_TIDS];
497 struct carl9170_ba_stats stats[CARL9170_NUM_TID]; 492 struct carl9170_ba_stats stats[IEEE80211_NUM_TIDS];
498}; 493};
499 494
500struct carl9170_tx_info { 495struct carl9170_tx_info {
diff --git a/drivers/net/wireless/ath/carl9170/fw.c b/drivers/net/wireless/ath/carl9170/fw.c
index aaebecd19e59..47d5c2e910ad 100644
--- a/drivers/net/wireless/ath/carl9170/fw.c
+++ b/drivers/net/wireless/ath/carl9170/fw.c
@@ -215,6 +215,24 @@ static int carl9170_fw_tx_sequence(struct ar9170 *ar)
215 return 0; 215 return 0;
216} 216}
217 217
218static void carl9170_fw_set_if_combinations(struct ar9170 *ar,
219 u16 if_comb_types)
220{
221 if (ar->fw.vif_num < 2)
222 return;
223
224 ar->if_comb_limits[0].max = ar->fw.vif_num;
225 ar->if_comb_limits[0].types = if_comb_types;
226
227 ar->if_combs[0].num_different_channels = 1;
228 ar->if_combs[0].max_interfaces = ar->fw.vif_num;
229 ar->if_combs[0].limits = ar->if_comb_limits;
230 ar->if_combs[0].n_limits = ARRAY_SIZE(ar->if_comb_limits);
231
232 ar->hw->wiphy->iface_combinations = ar->if_combs;
233 ar->hw->wiphy->n_iface_combinations = ARRAY_SIZE(ar->if_combs);
234}
235
218static int carl9170_fw(struct ar9170 *ar, const __u8 *data, size_t len) 236static int carl9170_fw(struct ar9170 *ar, const __u8 *data, size_t len)
219{ 237{
220 const struct carl9170fw_otus_desc *otus_desc; 238 const struct carl9170fw_otus_desc *otus_desc;
@@ -264,7 +282,7 @@ static int carl9170_fw(struct ar9170 *ar, const __u8 *data, size_t len)
264 if (!SUPP(CARL9170FW_COMMAND_CAM)) { 282 if (!SUPP(CARL9170FW_COMMAND_CAM)) {
265 dev_info(&ar->udev->dev, "crypto offloading is disabled " 283 dev_info(&ar->udev->dev, "crypto offloading is disabled "
266 "by firmware.\n"); 284 "by firmware.\n");
267 ar->disable_offload = true; 285 ar->fw.disable_offload_fw = true;
268 } 286 }
269 287
270 if (SUPP(CARL9170FW_PSM) && SUPP(CARL9170FW_FIXED_5GHZ_PSM)) 288 if (SUPP(CARL9170FW_PSM) && SUPP(CARL9170FW_FIXED_5GHZ_PSM))
@@ -336,25 +354,24 @@ static int carl9170_fw(struct ar9170 *ar, const __u8 *data, size_t len)
336 if (SUPP(CARL9170FW_WLANTX_CAB)) { 354 if (SUPP(CARL9170FW_WLANTX_CAB)) {
337 if_comb_types |= 355 if_comb_types |=
338 BIT(NL80211_IFTYPE_AP) | 356 BIT(NL80211_IFTYPE_AP) |
339 BIT(NL80211_IFTYPE_MESH_POINT) |
340 BIT(NL80211_IFTYPE_P2P_GO); 357 BIT(NL80211_IFTYPE_P2P_GO);
358
359#ifdef CONFIG_MAC80211_MESH
360 if_comb_types |=
361 BIT(NL80211_IFTYPE_MESH_POINT);
362#endif /* CONFIG_MAC80211_MESH */
341 } 363 }
342 } 364 }
343 365
344 ar->if_comb_limits[0].max = ar->fw.vif_num; 366 carl9170_fw_set_if_combinations(ar, if_comb_types);
345 ar->if_comb_limits[0].types = if_comb_types;
346
347 ar->if_combs[0].num_different_channels = 1;
348 ar->if_combs[0].max_interfaces = ar->fw.vif_num;
349 ar->if_combs[0].limits = ar->if_comb_limits;
350 ar->if_combs[0].n_limits = ARRAY_SIZE(ar->if_comb_limits);
351
352 ar->hw->wiphy->iface_combinations = ar->if_combs;
353 ar->hw->wiphy->n_iface_combinations = ARRAY_SIZE(ar->if_combs);
354 367
355 ar->hw->wiphy->interface_modes |= if_comb_types; 368 ar->hw->wiphy->interface_modes |= if_comb_types;
356 369
357 ar->hw->wiphy->flags |= WIPHY_FLAG_HAS_REMAIN_ON_CHANNEL; 370 ar->hw->wiphy->flags &= ~WIPHY_FLAG_PS_ON_BY_DEFAULT;
371
372 /* As IBSS Encryption is software-based, IBSS RSN is supported. */
373 ar->hw->wiphy->flags |= WIPHY_FLAG_HAS_REMAIN_ON_CHANNEL |
374 WIPHY_FLAG_IBSS_RSN | WIPHY_FLAG_SUPPORTS_TDLS;
358 375
359#undef SUPPORTED 376#undef SUPPORTED
360 return carl9170_fw_tx_sequence(ar); 377 return carl9170_fw_tx_sequence(ar);
diff --git a/drivers/net/wireless/ath/carl9170/fwcmd.h b/drivers/net/wireless/ath/carl9170/fwcmd.h
index 9443c802b25b..9111d4ffc1b3 100644
--- a/drivers/net/wireless/ath/carl9170/fwcmd.h
+++ b/drivers/net/wireless/ath/carl9170/fwcmd.h
@@ -156,6 +156,14 @@ struct carl9170_psm {
156} __packed; 156} __packed;
157#define CARL9170_PSM_SIZE 4 157#define CARL9170_PSM_SIZE 4
158 158
159/*
160 * Note: If a bit in rx_filter is set, then it
161 * means that the particular frames which matches
162 * the condition are FILTERED/REMOVED/DISCARDED!
163 * (This is can be a bit confusing, especially
164 * because someone people think it's the exact
165 * opposite way, so watch out!)
166 */
159struct carl9170_rx_filter_cmd { 167struct carl9170_rx_filter_cmd {
160 __le32 rx_filter; 168 __le32 rx_filter;
161} __packed; 169} __packed;
diff --git a/drivers/net/wireless/ath/carl9170/hw.h b/drivers/net/wireless/ath/carl9170/hw.h
index fa834c1460f0..0db874abde50 100644
--- a/drivers/net/wireless/ath/carl9170/hw.h
+++ b/drivers/net/wireless/ath/carl9170/hw.h
@@ -384,7 +384,7 @@
384 384
385#define AR9170_MAC_REG_BCN_ADDR (AR9170_MAC_REG_BASE + 0xd84) 385#define AR9170_MAC_REG_BCN_ADDR (AR9170_MAC_REG_BASE + 0xd84)
386#define AR9170_MAC_REG_BCN_LENGTH (AR9170_MAC_REG_BASE + 0xd88) 386#define AR9170_MAC_REG_BCN_LENGTH (AR9170_MAC_REG_BASE + 0xd88)
387#define AR9170_MAC_BCN_LENGTH_MAX 256 387#define AR9170_MAC_BCN_LENGTH_MAX (512 - 32)
388 388
389#define AR9170_MAC_REG_BCN_STATUS (AR9170_MAC_REG_BASE + 0xd8c) 389#define AR9170_MAC_REG_BCN_STATUS (AR9170_MAC_REG_BASE + 0xd8c)
390 390
diff --git a/drivers/net/wireless/ath/carl9170/main.c b/drivers/net/wireless/ath/carl9170/main.c
index 25a1e2f4f738..ef82751722e0 100644
--- a/drivers/net/wireless/ath/carl9170/main.c
+++ b/drivers/net/wireless/ath/carl9170/main.c
@@ -358,8 +358,13 @@ static int carl9170_op_start(struct ieee80211_hw *hw)
358 ar->ps.last_action = jiffies; 358 ar->ps.last_action = jiffies;
359 ar->ps.last_slept = jiffies; 359 ar->ps.last_slept = jiffies;
360 ar->erp_mode = CARL9170_ERP_AUTO; 360 ar->erp_mode = CARL9170_ERP_AUTO;
361 ar->rx_software_decryption = false; 361
362 ar->disable_offload = false; 362 /* Set "disable hw crypto offload" whenever the module parameter
363 * nohwcrypt is true or if the firmware does not support it.
364 */
365 ar->disable_offload = modparam_nohwcrypt |
366 ar->fw.disable_offload_fw;
367 ar->rx_software_decryption = ar->disable_offload;
363 368
364 for (i = 0; i < ar->hw->queues; i++) { 369 for (i = 0; i < ar->hw->queues; i++) {
365 ar->queue_stop_timeout[i] = jiffies; 370 ar->queue_stop_timeout[i] = jiffies;
@@ -565,12 +570,28 @@ static int carl9170_init_interface(struct ar9170 *ar,
565 570
566 memcpy(common->macaddr, vif->addr, ETH_ALEN); 571 memcpy(common->macaddr, vif->addr, ETH_ALEN);
567 572
568 if (modparam_nohwcrypt || 573 /* We have to fall back to software crypto, whenever
569 ((vif->type != NL80211_IFTYPE_STATION) && 574 * the user choose to participates in an IBSS. HW
570 (vif->type != NL80211_IFTYPE_AP))) { 575 * offload for IBSS RSN is not supported by this driver.
571 ar->rx_software_decryption = true; 576 *
572 ar->disable_offload = true; 577 * NOTE: If the previous main interface has already
573 } 578 * disabled hw crypto offload, we have to keep this
579 * previous disable_offload setting as it was.
580 * Altough ideally, we should notify mac80211 and tell
581 * it to forget about any HW crypto offload for now.
582 */
583 ar->disable_offload |= ((vif->type != NL80211_IFTYPE_STATION) &&
584 (vif->type != NL80211_IFTYPE_AP));
585
586 /* While the driver supports HW offload in a single
587 * P2P client configuration, it doesn't support HW
588 * offload in the favourit, concurrent P2P GO+CLIENT
589 * configuration. Hence, HW offload will always be
590 * disabled for P2P.
591 */
592 ar->disable_offload |= vif->p2p;
593
594 ar->rx_software_decryption = ar->disable_offload;
574 595
575 err = carl9170_set_operating_mode(ar); 596 err = carl9170_set_operating_mode(ar);
576 return err; 597 return err;
@@ -580,7 +601,7 @@ static int carl9170_op_add_interface(struct ieee80211_hw *hw,
580 struct ieee80211_vif *vif) 601 struct ieee80211_vif *vif)
581{ 602{
582 struct carl9170_vif_info *vif_priv = (void *) vif->drv_priv; 603 struct carl9170_vif_info *vif_priv = (void *) vif->drv_priv;
583 struct ieee80211_vif *main_vif; 604 struct ieee80211_vif *main_vif, *old_main = NULL;
584 struct ar9170 *ar = hw->priv; 605 struct ar9170 *ar = hw->priv;
585 int vif_id = -1, err = 0; 606 int vif_id = -1, err = 0;
586 607
@@ -602,6 +623,15 @@ static int carl9170_op_add_interface(struct ieee80211_hw *hw,
602 goto init; 623 goto init;
603 } 624 }
604 625
626 /* Because the AR9170 HW's MAC doesn't provide full support for
627 * multiple, independent interfaces [of different operation modes].
628 * We have to select ONE main interface [main mode of HW], but we
629 * can have multiple slaves [AKA: entry in the ACK-table].
630 *
631 * The first (from HEAD/TOP) interface in the ar->vif_list is
632 * always the main intf. All following intfs in this list
633 * are considered to be slave intfs.
634 */
605 main_vif = carl9170_get_main_vif(ar); 635 main_vif = carl9170_get_main_vif(ar);
606 636
607 if (main_vif) { 637 if (main_vif) {
@@ -610,6 +640,18 @@ static int carl9170_op_add_interface(struct ieee80211_hw *hw,
610 if (vif->type == NL80211_IFTYPE_STATION) 640 if (vif->type == NL80211_IFTYPE_STATION)
611 break; 641 break;
612 642
643 /* P2P GO [master] use-case
644 * Because the P2P GO station is selected dynamically
645 * by all participating peers of a WIFI Direct network,
646 * the driver has be able to change the main interface
647 * operating mode on the fly.
648 */
649 if (main_vif->p2p && vif->p2p &&
650 vif->type == NL80211_IFTYPE_AP) {
651 old_main = main_vif;
652 break;
653 }
654
613 err = -EBUSY; 655 err = -EBUSY;
614 rcu_read_unlock(); 656 rcu_read_unlock();
615 657
@@ -648,14 +690,41 @@ static int carl9170_op_add_interface(struct ieee80211_hw *hw,
648 vif_priv->id = vif_id; 690 vif_priv->id = vif_id;
649 vif_priv->enable_beacon = false; 691 vif_priv->enable_beacon = false;
650 ar->vifs++; 692 ar->vifs++;
651 list_add_tail_rcu(&vif_priv->list, &ar->vif_list); 693 if (old_main) {
694 /* We end up in here, if the main interface is being replaced.
695 * Put the new main interface at the HEAD of the list and the
696 * previous inteface will automatically become second in line.
697 */
698 list_add_rcu(&vif_priv->list, &ar->vif_list);
699 } else {
700 /* Add new inteface. If the list is empty, it will become the
701 * main inteface, otherwise it will be slave.
702 */
703 list_add_tail_rcu(&vif_priv->list, &ar->vif_list);
704 }
652 rcu_assign_pointer(ar->vif_priv[vif_id].vif, vif); 705 rcu_assign_pointer(ar->vif_priv[vif_id].vif, vif);
653 706
654init: 707init:
655 if (carl9170_get_main_vif(ar) == vif) { 708 main_vif = carl9170_get_main_vif(ar);
709
710 if (main_vif == vif) {
656 rcu_assign_pointer(ar->beacon_iter, vif_priv); 711 rcu_assign_pointer(ar->beacon_iter, vif_priv);
657 rcu_read_unlock(); 712 rcu_read_unlock();
658 713
714 if (old_main) {
715 struct carl9170_vif_info *old_main_priv =
716 (void *) old_main->drv_priv;
717 /* downgrade old main intf to slave intf.
718 * NOTE: We are no longer under rcu_read_lock.
719 * But we are still holding ar->mutex, so the
720 * vif data [id, addr] is safe.
721 */
722 err = carl9170_mod_virtual_mac(ar, old_main_priv->id,
723 old_main->addr);
724 if (err)
725 goto unlock;
726 }
727
659 err = carl9170_init_interface(ar, vif); 728 err = carl9170_init_interface(ar, vif);
660 if (err) 729 if (err)
661 goto unlock; 730 goto unlock;
@@ -1112,9 +1181,7 @@ static int carl9170_op_set_key(struct ieee80211_hw *hw, enum set_key_cmd cmd,
1112 if (ar->disable_offload || !vif) 1181 if (ar->disable_offload || !vif)
1113 return -EOPNOTSUPP; 1182 return -EOPNOTSUPP;
1114 1183
1115 /* 1184 /* Fall back to software encryption whenever the driver is connected
1116 * We have to fall back to software encryption, whenever
1117 * the user choose to participates in an IBSS or is connected
1118 * to more than one network. 1185 * to more than one network.
1119 * 1186 *
1120 * This is very unfortunate, because some machines cannot handle 1187 * This is very unfortunate, because some machines cannot handle
@@ -1263,7 +1330,7 @@ static int carl9170_op_sta_add(struct ieee80211_hw *hw,
1263 return 0; 1330 return 0;
1264 } 1331 }
1265 1332
1266 for (i = 0; i < CARL9170_NUM_TID; i++) 1333 for (i = 0; i < ARRAY_SIZE(sta_info->agg); i++)
1267 RCU_INIT_POINTER(sta_info->agg[i], NULL); 1334 RCU_INIT_POINTER(sta_info->agg[i], NULL);
1268 1335
1269 sta_info->ampdu_max_len = 1 << (3 + sta->ht_cap.ampdu_factor); 1336 sta_info->ampdu_max_len = 1 << (3 + sta->ht_cap.ampdu_factor);
@@ -1287,7 +1354,7 @@ static int carl9170_op_sta_remove(struct ieee80211_hw *hw,
1287 sta_info->ht_sta = false; 1354 sta_info->ht_sta = false;
1288 1355
1289 rcu_read_lock(); 1356 rcu_read_lock();
1290 for (i = 0; i < CARL9170_NUM_TID; i++) { 1357 for (i = 0; i < ARRAY_SIZE(sta_info->agg); i++) {
1291 struct carl9170_sta_tid *tid_info; 1358 struct carl9170_sta_tid *tid_info;
1292 1359
1293 tid_info = rcu_dereference(sta_info->agg[i]); 1360 tid_info = rcu_dereference(sta_info->agg[i]);
@@ -1394,7 +1461,9 @@ static int carl9170_op_ampdu_action(struct ieee80211_hw *hw,
1394 ieee80211_start_tx_ba_cb_irqsafe(vif, sta->addr, tid); 1461 ieee80211_start_tx_ba_cb_irqsafe(vif, sta->addr, tid);
1395 break; 1462 break;
1396 1463
1397 case IEEE80211_AMPDU_TX_STOP: 1464 case IEEE80211_AMPDU_TX_STOP_CONT:
1465 case IEEE80211_AMPDU_TX_STOP_FLUSH:
1466 case IEEE80211_AMPDU_TX_STOP_FLUSH_CONT:
1398 rcu_read_lock(); 1467 rcu_read_lock();
1399 tid_info = rcu_dereference(sta_info->agg[tid]); 1468 tid_info = rcu_dereference(sta_info->agg[tid]);
1400 if (tid_info) { 1469 if (tid_info) {
@@ -1805,10 +1874,6 @@ void *carl9170_alloc(size_t priv_size)
1805 for (i = 0; i < ARRAY_SIZE(ar->noise); i++) 1874 for (i = 0; i < ARRAY_SIZE(ar->noise); i++)
1806 ar->noise[i] = -95; /* ATH_DEFAULT_NOISE_FLOOR */ 1875 ar->noise[i] = -95; /* ATH_DEFAULT_NOISE_FLOOR */
1807 1876
1808 hw->wiphy->flags &= ~WIPHY_FLAG_PS_ON_BY_DEFAULT;
1809
1810 /* As IBSS Encryption is software-based, IBSS RSN is supported. */
1811 hw->wiphy->flags |= WIPHY_FLAG_IBSS_RSN;
1812 return ar; 1877 return ar;
1813 1878
1814err_nomem: 1879err_nomem:
@@ -1916,13 +1981,13 @@ static int carl9170_parse_eeprom(struct ar9170 *ar)
1916 return 0; 1981 return 0;
1917} 1982}
1918 1983
1919static int carl9170_reg_notifier(struct wiphy *wiphy, 1984static void carl9170_reg_notifier(struct wiphy *wiphy,
1920 struct regulatory_request *request) 1985 struct regulatory_request *request)
1921{ 1986{
1922 struct ieee80211_hw *hw = wiphy_to_ieee80211_hw(wiphy); 1987 struct ieee80211_hw *hw = wiphy_to_ieee80211_hw(wiphy);
1923 struct ar9170 *ar = hw->priv; 1988 struct ar9170 *ar = hw->priv;
1924 1989
1925 return ath_reg_notifier_apply(wiphy, request, &ar->common.regulatory); 1990 ath_reg_notifier_apply(wiphy, request, &ar->common.regulatory);
1926} 1991}
1927 1992
1928int carl9170_register(struct ar9170 *ar) 1993int carl9170_register(struct ar9170 *ar)
diff --git a/drivers/net/wireless/ath/carl9170/tx.c b/drivers/net/wireless/ath/carl9170/tx.c
index ef4ec0da6e49..9c0b150d5b8e 100644
--- a/drivers/net/wireless/ath/carl9170/tx.c
+++ b/drivers/net/wireless/ath/carl9170/tx.c
@@ -1520,35 +1520,92 @@ void carl9170_tx_scheduler(struct ar9170 *ar)
1520 carl9170_tx(ar); 1520 carl9170_tx(ar);
1521} 1521}
1522 1522
1523int carl9170_update_beacon(struct ar9170 *ar, const bool submit) 1523/* caller has to take rcu_read_lock */
1524static struct carl9170_vif_info *carl9170_pick_beaconing_vif(struct ar9170 *ar)
1524{ 1525{
1525 struct sk_buff *skb = NULL;
1526 struct carl9170_vif_info *cvif; 1526 struct carl9170_vif_info *cvif;
1527 int i = 1;
1528
1529 /* The AR9170 hardware has no fancy beacon queue or some
1530 * other scheduling mechanism. So, the driver has to make
1531 * due by setting the two beacon timers (pretbtt and tbtt)
1532 * once and then swapping the beacon address in the HW's
1533 * register file each time the pretbtt fires.
1534 */
1535
1536 cvif = rcu_dereference(ar->beacon_iter);
1537 if (ar->vifs > 0 && cvif) {
1538 do {
1539 list_for_each_entry_continue_rcu(cvif, &ar->vif_list,
1540 list) {
1541 if (cvif->active && cvif->enable_beacon)
1542 goto out;
1543 }
1544 } while (ar->beacon_enabled && i--);
1545 }
1546
1547out:
1548 rcu_assign_pointer(ar->beacon_iter, cvif);
1549 return cvif;
1550}
1551
1552static bool carl9170_tx_beacon_physet(struct ar9170 *ar, struct sk_buff *skb,
1553 u32 *ht1, u32 *plcp)
1554{
1527 struct ieee80211_tx_info *txinfo; 1555 struct ieee80211_tx_info *txinfo;
1528 struct ieee80211_tx_rate *rate; 1556 struct ieee80211_tx_rate *rate;
1529 __le32 *data, *old = NULL; 1557 unsigned int power, chains;
1530 unsigned int plcp, power, chains; 1558 bool ht_rate;
1531 u32 word, ht1, off, addr, len;
1532 int i = 0, err = 0;
1533 1559
1534 rcu_read_lock(); 1560 txinfo = IEEE80211_SKB_CB(skb);
1535 cvif = rcu_dereference(ar->beacon_iter); 1561 rate = &txinfo->control.rates[0];
1536retry: 1562 ht_rate = !!(txinfo->control.rates[0].flags & IEEE80211_TX_RC_MCS);
1537 if (ar->vifs == 0 || !cvif) 1563 carl9170_tx_rate_tpc_chains(ar, txinfo, rate, plcp, &power, &chains);
1538 goto out_unlock;
1539 1564
1540 list_for_each_entry_continue_rcu(cvif, &ar->vif_list, list) { 1565 *ht1 = AR9170_MAC_BCN_HT1_TX_ANT0;
1541 if (cvif->active && cvif->enable_beacon) 1566 if (chains == AR9170_TX_PHY_TXCHAIN_2)
1542 goto found; 1567 *ht1 |= AR9170_MAC_BCN_HT1_TX_ANT1;
1568 SET_VAL(AR9170_MAC_BCN_HT1_PWR_CTRL, *ht1, 7);
1569 SET_VAL(AR9170_MAC_BCN_HT1_TPC, *ht1, power);
1570 SET_VAL(AR9170_MAC_BCN_HT1_CHAIN_MASK, *ht1, chains);
1571
1572 if (ht_rate) {
1573 *ht1 |= AR9170_MAC_BCN_HT1_HT_EN;
1574 if (rate->flags & IEEE80211_TX_RC_SHORT_GI)
1575 *plcp |= AR9170_MAC_BCN_HT2_SGI;
1576
1577 if (rate->flags & IEEE80211_TX_RC_40_MHZ_WIDTH) {
1578 *ht1 |= AR9170_MAC_BCN_HT1_BWC_40M_SHARED;
1579 *plcp |= AR9170_MAC_BCN_HT2_BW40;
1580 } else if (rate->flags & IEEE80211_TX_RC_DUP_DATA) {
1581 *ht1 |= AR9170_MAC_BCN_HT1_BWC_40M_DUP;
1582 *plcp |= AR9170_MAC_BCN_HT2_BW40;
1583 }
1584
1585 SET_VAL(AR9170_MAC_BCN_HT2_LEN, *plcp, skb->len + FCS_LEN);
1586 } else {
1587 if (*plcp <= AR9170_TX_PHY_RATE_CCK_11M)
1588 *plcp |= ((skb->len + FCS_LEN) << (3 + 16)) + 0x0400;
1589 else
1590 *plcp |= ((skb->len + FCS_LEN) << 16) + 0x0010;
1543 } 1591 }
1544 1592
1545 if (!ar->beacon_enabled || i++) 1593 return ht_rate;
1546 goto out_unlock; 1594}
1547 1595
1548 goto retry; 1596int carl9170_update_beacon(struct ar9170 *ar, const bool submit)
1597{
1598 struct sk_buff *skb = NULL;
1599 struct carl9170_vif_info *cvif;
1600 __le32 *data, *old = NULL;
1601 u32 word, ht1, plcp, off, addr, len;
1602 int i = 0, err = 0;
1603 bool ht_rate;
1549 1604
1550found: 1605 rcu_read_lock();
1551 rcu_assign_pointer(ar->beacon_iter, cvif); 1606 cvif = carl9170_pick_beaconing_vif(ar);
1607 if (!cvif)
1608 goto out_unlock;
1552 1609
1553 skb = ieee80211_beacon_get_tim(ar->hw, carl9170_get_vif(cvif), 1610 skb = ieee80211_beacon_get_tim(ar->hw, carl9170_get_vif(cvif),
1554 NULL, NULL); 1611 NULL, NULL);
@@ -1558,7 +1615,6 @@ found:
1558 goto err_free; 1615 goto err_free;
1559 } 1616 }
1560 1617
1561 txinfo = IEEE80211_SKB_CB(skb);
1562 spin_lock_bh(&ar->beacon_lock); 1618 spin_lock_bh(&ar->beacon_lock);
1563 data = (__le32 *)skb->data; 1619 data = (__le32 *)skb->data;
1564 if (cvif->beacon) 1620 if (cvif->beacon)
@@ -1588,43 +1644,14 @@ found:
1588 goto err_unlock; 1644 goto err_unlock;
1589 } 1645 }
1590 1646
1591 ht1 = AR9170_MAC_BCN_HT1_TX_ANT0; 1647 ht_rate = carl9170_tx_beacon_physet(ar, skb, &ht1, &plcp);
1592 rate = &txinfo->control.rates[0];
1593 carl9170_tx_rate_tpc_chains(ar, txinfo, rate, &plcp, &power, &chains);
1594 if (!(txinfo->control.rates[0].flags & IEEE80211_TX_RC_MCS)) {
1595 if (plcp <= AR9170_TX_PHY_RATE_CCK_11M)
1596 plcp |= ((skb->len + FCS_LEN) << (3 + 16)) + 0x0400;
1597 else
1598 plcp |= ((skb->len + FCS_LEN) << 16) + 0x0010;
1599 } else {
1600 ht1 |= AR9170_MAC_BCN_HT1_HT_EN;
1601 if (rate->flags & IEEE80211_TX_RC_SHORT_GI)
1602 plcp |= AR9170_MAC_BCN_HT2_SGI;
1603
1604 if (rate->flags & IEEE80211_TX_RC_40_MHZ_WIDTH) {
1605 ht1 |= AR9170_MAC_BCN_HT1_BWC_40M_SHARED;
1606 plcp |= AR9170_MAC_BCN_HT2_BW40;
1607 }
1608 if (rate->flags & IEEE80211_TX_RC_DUP_DATA) {
1609 ht1 |= AR9170_MAC_BCN_HT1_BWC_40M_DUP;
1610 plcp |= AR9170_MAC_BCN_HT2_BW40;
1611 }
1612
1613 SET_VAL(AR9170_MAC_BCN_HT2_LEN, plcp, skb->len + FCS_LEN);
1614 }
1615
1616 SET_VAL(AR9170_MAC_BCN_HT1_PWR_CTRL, ht1, 7);
1617 SET_VAL(AR9170_MAC_BCN_HT1_TPC, ht1, power);
1618 SET_VAL(AR9170_MAC_BCN_HT1_CHAIN_MASK, ht1, chains);
1619 if (chains == AR9170_TX_PHY_TXCHAIN_2)
1620 ht1 |= AR9170_MAC_BCN_HT1_TX_ANT1;
1621 1648
1622 carl9170_async_regwrite_begin(ar); 1649 carl9170_async_regwrite_begin(ar);
1623 carl9170_async_regwrite(AR9170_MAC_REG_BCN_HT1, ht1); 1650 carl9170_async_regwrite(AR9170_MAC_REG_BCN_HT1, ht1);
1624 if (!(txinfo->control.rates[0].flags & IEEE80211_TX_RC_MCS)) 1651 if (ht_rate)
1625 carl9170_async_regwrite(AR9170_MAC_REG_BCN_PLCP, plcp);
1626 else
1627 carl9170_async_regwrite(AR9170_MAC_REG_BCN_HT2, plcp); 1652 carl9170_async_regwrite(AR9170_MAC_REG_BCN_HT2, plcp);
1653 else
1654 carl9170_async_regwrite(AR9170_MAC_REG_BCN_PLCP, plcp);
1628 1655
1629 for (i = 0; i < DIV_ROUND_UP(skb->len, 4); i++) { 1656 for (i = 0; i < DIV_ROUND_UP(skb->len, 4); i++) {
1630 /* 1657 /*
diff --git a/drivers/net/wireless/ath/carl9170/version.h b/drivers/net/wireless/ath/carl9170/version.h
index 2ec3e9191e4d..2282847d4bb8 100644
--- a/drivers/net/wireless/ath/carl9170/version.h
+++ b/drivers/net/wireless/ath/carl9170/version.h
@@ -1,7 +1,7 @@
1#ifndef __CARL9170_SHARED_VERSION_H 1#ifndef __CARL9170_SHARED_VERSION_H
2#define __CARL9170_SHARED_VERSION_H 2#define __CARL9170_SHARED_VERSION_H
3#define CARL9170FW_VERSION_YEAR 12 3#define CARL9170FW_VERSION_YEAR 12
4#define CARL9170FW_VERSION_MONTH 7 4#define CARL9170FW_VERSION_MONTH 12
5#define CARL9170FW_VERSION_DAY 7 5#define CARL9170FW_VERSION_DAY 15
6#define CARL9170FW_VERSION_GIT "1.9.6" 6#define CARL9170FW_VERSION_GIT "1.9.7"
7#endif /* __CARL9170_SHARED_VERSION_H */ 7#endif /* __CARL9170_SHARED_VERSION_H */
diff --git a/drivers/net/wireless/ath/regd.c b/drivers/net/wireless/ath/regd.c
index d81698015bf7..ccc4c718f124 100644
--- a/drivers/net/wireless/ath/regd.c
+++ b/drivers/net/wireless/ath/regd.c
@@ -195,8 +195,6 @@ ath_reg_apply_beaconing_flags(struct wiphy *wiphy,
195 const struct ieee80211_reg_rule *reg_rule; 195 const struct ieee80211_reg_rule *reg_rule;
196 struct ieee80211_channel *ch; 196 struct ieee80211_channel *ch;
197 unsigned int i; 197 unsigned int i;
198 u32 bandwidth = 0;
199 int r;
200 198
201 for (band = 0; band < IEEE80211_NUM_BANDS; band++) { 199 for (band = 0; band < IEEE80211_NUM_BANDS; band++) {
202 200
@@ -214,11 +212,8 @@ ath_reg_apply_beaconing_flags(struct wiphy *wiphy,
214 continue; 212 continue;
215 213
216 if (initiator == NL80211_REGDOM_SET_BY_COUNTRY_IE) { 214 if (initiator == NL80211_REGDOM_SET_BY_COUNTRY_IE) {
217 r = freq_reg_info(wiphy, 215 reg_rule = freq_reg_info(wiphy, ch->center_freq);
218 ch->center_freq, 216 if (IS_ERR(reg_rule))
219 bandwidth,
220 &reg_rule);
221 if (r)
222 continue; 217 continue;
223 /* 218 /*
224 * If 11d had a rule for this channel ensure 219 * If 11d had a rule for this channel ensure
@@ -254,8 +249,6 @@ ath_reg_apply_active_scan_flags(struct wiphy *wiphy,
254 struct ieee80211_supported_band *sband; 249 struct ieee80211_supported_band *sband;
255 struct ieee80211_channel *ch; 250 struct ieee80211_channel *ch;
256 const struct ieee80211_reg_rule *reg_rule; 251 const struct ieee80211_reg_rule *reg_rule;
257 u32 bandwidth = 0;
258 int r;
259 252
260 sband = wiphy->bands[IEEE80211_BAND_2GHZ]; 253 sband = wiphy->bands[IEEE80211_BAND_2GHZ];
261 if (!sband) 254 if (!sband)
@@ -283,16 +276,16 @@ ath_reg_apply_active_scan_flags(struct wiphy *wiphy,
283 */ 276 */
284 277
285 ch = &sband->channels[11]; /* CH 12 */ 278 ch = &sband->channels[11]; /* CH 12 */
286 r = freq_reg_info(wiphy, ch->center_freq, bandwidth, &reg_rule); 279 reg_rule = freq_reg_info(wiphy, ch->center_freq);
287 if (!r) { 280 if (!IS_ERR(reg_rule)) {
288 if (!(reg_rule->flags & NL80211_RRF_PASSIVE_SCAN)) 281 if (!(reg_rule->flags & NL80211_RRF_PASSIVE_SCAN))
289 if (ch->flags & IEEE80211_CHAN_PASSIVE_SCAN) 282 if (ch->flags & IEEE80211_CHAN_PASSIVE_SCAN)
290 ch->flags &= ~IEEE80211_CHAN_PASSIVE_SCAN; 283 ch->flags &= ~IEEE80211_CHAN_PASSIVE_SCAN;
291 } 284 }
292 285
293 ch = &sband->channels[12]; /* CH 13 */ 286 ch = &sband->channels[12]; /* CH 13 */
294 r = freq_reg_info(wiphy, ch->center_freq, bandwidth, &reg_rule); 287 reg_rule = freq_reg_info(wiphy, ch->center_freq);
295 if (!r) { 288 if (!IS_ERR(reg_rule)) {
296 if (!(reg_rule->flags & NL80211_RRF_PASSIVE_SCAN)) 289 if (!(reg_rule->flags & NL80211_RRF_PASSIVE_SCAN))
297 if (ch->flags & IEEE80211_CHAN_PASSIVE_SCAN) 290 if (ch->flags & IEEE80211_CHAN_PASSIVE_SCAN)
298 ch->flags &= ~IEEE80211_CHAN_PASSIVE_SCAN; 291 ch->flags &= ~IEEE80211_CHAN_PASSIVE_SCAN;
@@ -363,9 +356,9 @@ static u16 ath_regd_find_country_by_name(char *alpha2)
363 return -1; 356 return -1;
364} 357}
365 358
366int ath_reg_notifier_apply(struct wiphy *wiphy, 359void ath_reg_notifier_apply(struct wiphy *wiphy,
367 struct regulatory_request *request, 360 struct regulatory_request *request,
368 struct ath_regulatory *reg) 361 struct ath_regulatory *reg)
369{ 362{
370 struct ath_common *common = container_of(reg, struct ath_common, 363 struct ath_common *common = container_of(reg, struct ath_common,
371 regulatory); 364 regulatory);
@@ -380,7 +373,7 @@ int ath_reg_notifier_apply(struct wiphy *wiphy,
380 * any pending requests in the queue. 373 * any pending requests in the queue.
381 */ 374 */
382 if (!request) 375 if (!request)
383 return 0; 376 return;
384 377
385 switch (request->initiator) { 378 switch (request->initiator) {
386 case NL80211_REGDOM_SET_BY_CORE: 379 case NL80211_REGDOM_SET_BY_CORE:
@@ -416,8 +409,6 @@ int ath_reg_notifier_apply(struct wiphy *wiphy,
416 409
417 break; 410 break;
418 } 411 }
419
420 return 0;
421} 412}
422EXPORT_SYMBOL(ath_reg_notifier_apply); 413EXPORT_SYMBOL(ath_reg_notifier_apply);
423 414
@@ -507,8 +498,8 @@ ath_get_regpair(int regdmn)
507static int 498static int
508ath_regd_init_wiphy(struct ath_regulatory *reg, 499ath_regd_init_wiphy(struct ath_regulatory *reg,
509 struct wiphy *wiphy, 500 struct wiphy *wiphy,
510 int (*reg_notifier)(struct wiphy *wiphy, 501 void (*reg_notifier)(struct wiphy *wiphy,
511 struct regulatory_request *request)) 502 struct regulatory_request *request))
512{ 503{
513 const struct ieee80211_regdomain *regd; 504 const struct ieee80211_regdomain *regd;
514 505
@@ -628,8 +619,8 @@ static int __ath_regd_init(struct ath_regulatory *reg)
628int 619int
629ath_regd_init(struct ath_regulatory *reg, 620ath_regd_init(struct ath_regulatory *reg,
630 struct wiphy *wiphy, 621 struct wiphy *wiphy,
631 int (*reg_notifier)(struct wiphy *wiphy, 622 void (*reg_notifier)(struct wiphy *wiphy,
632 struct regulatory_request *request)) 623 struct regulatory_request *request))
633{ 624{
634 struct ath_common *common = container_of(reg, struct ath_common, 625 struct ath_common *common = container_of(reg, struct ath_common,
635 regulatory); 626 regulatory);
diff --git a/drivers/net/wireless/ath/regd.h b/drivers/net/wireless/ath/regd.h
index 03a8268ccf21..37f53bd8fcb1 100644
--- a/drivers/net/wireless/ath/regd.h
+++ b/drivers/net/wireless/ath/regd.h
@@ -252,12 +252,12 @@ enum CountryCode {
252bool ath_is_world_regd(struct ath_regulatory *reg); 252bool ath_is_world_regd(struct ath_regulatory *reg);
253bool ath_is_49ghz_allowed(u16 redomain); 253bool ath_is_49ghz_allowed(u16 redomain);
254int ath_regd_init(struct ath_regulatory *reg, struct wiphy *wiphy, 254int ath_regd_init(struct ath_regulatory *reg, struct wiphy *wiphy,
255 int (*reg_notifier)(struct wiphy *wiphy, 255 void (*reg_notifier)(struct wiphy *wiphy,
256 struct regulatory_request *request)); 256 struct regulatory_request *request));
257u32 ath_regd_get_band_ctl(struct ath_regulatory *reg, 257u32 ath_regd_get_band_ctl(struct ath_regulatory *reg,
258 enum ieee80211_band band); 258 enum ieee80211_band band);
259int ath_reg_notifier_apply(struct wiphy *wiphy, 259void ath_reg_notifier_apply(struct wiphy *wiphy,
260 struct regulatory_request *request, 260 struct regulatory_request *request,
261 struct ath_regulatory *reg); 261 struct ath_regulatory *reg);
262 262
263#endif 263#endif
diff --git a/drivers/net/wireless/ath/wil6210/Kconfig b/drivers/net/wireless/ath/wil6210/Kconfig
new file mode 100644
index 000000000000..bac3d98a0cfb
--- /dev/null
+++ b/drivers/net/wireless/ath/wil6210/Kconfig
@@ -0,0 +1,29 @@
1config WIL6210
2 tristate "Wilocity 60g WiFi card wil6210 support"
3 depends on CFG80211
4 depends on PCI
5 default n
6 ---help---
7 This module adds support for wireless adapter based on
8 wil6210 chip by Wilocity. It supports operation on the
9 60 GHz band, covered by the IEEE802.11ad standard.
10
11 http://wireless.kernel.org/en/users/Drivers/wil6210
12
13 If you choose to build it as a module, it will be called
14 wil6210
15
16config WIL6210_ISR_COR
17 bool "Use Clear-On-Read mode for ISR registers for wil6210"
18 depends on WIL6210
19 default y
20 ---help---
21 ISR registers on wil6210 chip may operate in either
22 COR (Clear-On-Read) or W1C (Write-1-to-Clear) mode.
23 For production code, use COR (say y); is default since
24 it saves extra target transaction;
25 For ISR debug, use W1C (say n); is allows to monitor ISR
26 registers with debugfs. If COR were used, ISR would
27 self-clear when accessed for debug purposes, it makes
28 such monitoring impossible.
29 Say y unless you debug interrupts
diff --git a/drivers/net/wireless/ath/wil6210/Makefile b/drivers/net/wireless/ath/wil6210/Makefile
new file mode 100644
index 000000000000..9396dc9fe3c5
--- /dev/null
+++ b/drivers/net/wireless/ath/wil6210/Makefile
@@ -0,0 +1,13 @@
1obj-$(CONFIG_WIL6210) += wil6210.o
2
3wil6210-objs := main.o
4wil6210-objs += netdev.o
5wil6210-objs += cfg80211.o
6wil6210-objs += pcie_bus.o
7wil6210-objs += debugfs.o
8wil6210-objs += wmi.o
9wil6210-objs += interrupt.o
10wil6210-objs += txrx.o
11
12subdir-ccflags-y += -Werror
13subdir-ccflags-y += -D__CHECK_ENDIAN__
diff --git a/drivers/net/wireless/ath/wil6210/cfg80211.c b/drivers/net/wireless/ath/wil6210/cfg80211.c
new file mode 100644
index 000000000000..002851fceb2f
--- /dev/null
+++ b/drivers/net/wireless/ath/wil6210/cfg80211.c
@@ -0,0 +1,572 @@
1/*
2 * Copyright (c) 2012 Qualcomm Atheros, Inc.
3 *
4 * Permission to use, copy, modify, and/or distribute this software for any
5 * purpose with or without fee is hereby granted, provided that the above
6 * copyright notice and this permission notice appear in all copies.
7 *
8 * THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES
9 * WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF
10 * MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR
11 * ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES
12 * WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN
13 * ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF
14 * OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE.
15 */
16
17#include <linux/kernel.h>
18#include <linux/netdevice.h>
19#include <linux/sched.h>
20#include <linux/etherdevice.h>
21#include <linux/wireless.h>
22#include <linux/ieee80211.h>
23#include <linux/slab.h>
24#include <linux/version.h>
25#include <net/cfg80211.h>
26
27#include "wil6210.h"
28#include "wmi.h"
29
30#define CHAN60G(_channel, _flags) { \
31 .band = IEEE80211_BAND_60GHZ, \
32 .center_freq = 56160 + (2160 * (_channel)), \
33 .hw_value = (_channel), \
34 .flags = (_flags), \
35 .max_antenna_gain = 0, \
36 .max_power = 40, \
37}
38
39static struct ieee80211_channel wil_60ghz_channels[] = {
40 CHAN60G(1, 0),
41 CHAN60G(2, 0),
42 CHAN60G(3, 0),
43/* channel 4 not supported yet */
44};
45
46static struct ieee80211_supported_band wil_band_60ghz = {
47 .channels = wil_60ghz_channels,
48 .n_channels = ARRAY_SIZE(wil_60ghz_channels),
49 .ht_cap = {
50 .ht_supported = true,
51 .cap = 0, /* TODO */
52 .ampdu_factor = IEEE80211_HT_MAX_AMPDU_64K, /* TODO */
53 .ampdu_density = IEEE80211_HT_MPDU_DENSITY_8, /* TODO */
54 .mcs = {
55 /* MCS 1..12 - SC PHY */
56 .rx_mask = {0xfe, 0x1f}, /* 1..12 */
57 .tx_params = IEEE80211_HT_MCS_TX_DEFINED, /* TODO */
58 },
59 },
60};
61
62static const struct ieee80211_txrx_stypes
63wil_mgmt_stypes[NUM_NL80211_IFTYPES] = {
64 [NL80211_IFTYPE_STATION] = {
65 .tx = BIT(IEEE80211_STYPE_ACTION >> 4) |
66 BIT(IEEE80211_STYPE_PROBE_RESP >> 4),
67 .rx = BIT(IEEE80211_STYPE_ACTION >> 4) |
68 BIT(IEEE80211_STYPE_PROBE_REQ >> 4)
69 },
70 [NL80211_IFTYPE_AP] = {
71 .tx = BIT(IEEE80211_STYPE_ACTION >> 4) |
72 BIT(IEEE80211_STYPE_PROBE_RESP >> 4),
73 .rx = BIT(IEEE80211_STYPE_ACTION >> 4) |
74 BIT(IEEE80211_STYPE_PROBE_REQ >> 4)
75 },
76 [NL80211_IFTYPE_P2P_CLIENT] = {
77 .tx = BIT(IEEE80211_STYPE_ACTION >> 4) |
78 BIT(IEEE80211_STYPE_PROBE_RESP >> 4),
79 .rx = BIT(IEEE80211_STYPE_ACTION >> 4) |
80 BIT(IEEE80211_STYPE_PROBE_REQ >> 4)
81 },
82 [NL80211_IFTYPE_P2P_GO] = {
83 .tx = BIT(IEEE80211_STYPE_ACTION >> 4) |
84 BIT(IEEE80211_STYPE_PROBE_RESP >> 4),
85 .rx = BIT(IEEE80211_STYPE_ACTION >> 4) |
86 BIT(IEEE80211_STYPE_PROBE_REQ >> 4)
87 },
88};
89
90static const u32 wil_cipher_suites[] = {
91 WLAN_CIPHER_SUITE_GCMP,
92};
93
94int wil_iftype_nl2wmi(enum nl80211_iftype type)
95{
96 static const struct {
97 enum nl80211_iftype nl;
98 enum wmi_network_type wmi;
99 } __nl2wmi[] = {
100 {NL80211_IFTYPE_ADHOC, WMI_NETTYPE_ADHOC},
101 {NL80211_IFTYPE_STATION, WMI_NETTYPE_INFRA},
102 {NL80211_IFTYPE_AP, WMI_NETTYPE_AP},
103 {NL80211_IFTYPE_P2P_CLIENT, WMI_NETTYPE_P2P},
104 {NL80211_IFTYPE_P2P_GO, WMI_NETTYPE_P2P},
105 {NL80211_IFTYPE_MONITOR, WMI_NETTYPE_ADHOC}, /* FIXME */
106 };
107 uint i;
108
109 for (i = 0; i < ARRAY_SIZE(__nl2wmi); i++) {
110 if (__nl2wmi[i].nl == type)
111 return __nl2wmi[i].wmi;
112 }
113
114 return -EOPNOTSUPP;
115}
116
117static int wil_cfg80211_get_station(struct wiphy *wiphy,
118 struct net_device *ndev,
119 u8 *mac, struct station_info *sinfo)
120{
121 struct wil6210_priv *wil = wiphy_to_wil(wiphy);
122 int rc;
123 struct wmi_notify_req_cmd cmd = {
124 .cid = 0,
125 .interval_usec = 0,
126 };
127
128 if (memcmp(mac, wil->dst_addr[0], ETH_ALEN))
129 return -ENOENT;
130
131 /* WMI_NOTIFY_REQ_DONE_EVENTID handler fills wil->stats.bf_mcs */
132 rc = wmi_call(wil, WMI_NOTIFY_REQ_CMDID, &cmd, sizeof(cmd),
133 WMI_NOTIFY_REQ_DONE_EVENTID, NULL, 0, 20);
134 if (rc)
135 return rc;
136
137 sinfo->generation = wil->sinfo_gen;
138
139 sinfo->filled |= STATION_INFO_TX_BITRATE;
140 sinfo->txrate.flags = RATE_INFO_FLAGS_MCS | RATE_INFO_FLAGS_60G;
141 sinfo->txrate.mcs = wil->stats.bf_mcs;
142 sinfo->filled |= STATION_INFO_RX_BITRATE;
143 sinfo->rxrate.flags = RATE_INFO_FLAGS_MCS | RATE_INFO_FLAGS_60G;
144 sinfo->rxrate.mcs = wil->stats.last_mcs_rx;
145
146 if (test_bit(wil_status_fwconnected, &wil->status)) {
147 sinfo->filled |= STATION_INFO_SIGNAL;
148 sinfo->signal = 12; /* TODO: provide real value */
149 }
150
151 return 0;
152}
153
154static int wil_cfg80211_change_iface(struct wiphy *wiphy,
155 struct net_device *ndev,
156 enum nl80211_iftype type, u32 *flags,
157 struct vif_params *params)
158{
159 struct wil6210_priv *wil = wiphy_to_wil(wiphy);
160 struct wireless_dev *wdev = wil->wdev;
161
162 switch (type) {
163 case NL80211_IFTYPE_STATION:
164 case NL80211_IFTYPE_AP:
165 case NL80211_IFTYPE_P2P_CLIENT:
166 case NL80211_IFTYPE_P2P_GO:
167 break;
168 case NL80211_IFTYPE_MONITOR:
169 if (flags)
170 wil->monitor_flags = *flags;
171 else
172 wil->monitor_flags = 0;
173
174 break;
175 default:
176 return -EOPNOTSUPP;
177 }
178
179 wdev->iftype = type;
180
181 return 0;
182}
183
184static int wil_cfg80211_scan(struct wiphy *wiphy,
185 struct cfg80211_scan_request *request)
186{
187 struct wil6210_priv *wil = wiphy_to_wil(wiphy);
188 struct wireless_dev *wdev = wil->wdev;
189 struct {
190 struct wmi_start_scan_cmd cmd;
191 u16 chnl[4];
192 } __packed cmd;
193 uint i, n;
194
195 if (wil->scan_request) {
196 wil_err(wil, "Already scanning\n");
197 return -EAGAIN;
198 }
199
200 /* check we are client side */
201 switch (wdev->iftype) {
202 case NL80211_IFTYPE_STATION:
203 case NL80211_IFTYPE_P2P_CLIENT:
204 break;
205 default:
206 return -EOPNOTSUPP;
207 }
208
209 /* FW don't support scan after connection attempt */
210 if (test_bit(wil_status_dontscan, &wil->status)) {
211 wil_err(wil, "Scan after connect attempt not supported\n");
212 return -EBUSY;
213 }
214
215 wil->scan_request = request;
216
217 memset(&cmd, 0, sizeof(cmd));
218 cmd.cmd.num_channels = 0;
219 n = min(request->n_channels, 4U);
220 for (i = 0; i < n; i++) {
221 int ch = request->channels[i]->hw_value;
222 if (ch == 0) {
223 wil_err(wil,
224 "Scan requested for unknown frequency %dMhz\n",
225 request->channels[i]->center_freq);
226 continue;
227 }
228 /* 0-based channel indexes */
229 cmd.cmd.channel_list[cmd.cmd.num_channels++].channel = ch - 1;
230 wil_dbg_misc(wil, "Scan for ch %d : %d MHz\n", ch,
231 request->channels[i]->center_freq);
232 }
233
234 return wmi_send(wil, WMI_START_SCAN_CMDID, &cmd, sizeof(cmd.cmd) +
235 cmd.cmd.num_channels * sizeof(cmd.cmd.channel_list[0]));
236}
237
238static int wil_cfg80211_connect(struct wiphy *wiphy,
239 struct net_device *ndev,
240 struct cfg80211_connect_params *sme)
241{
242 struct wil6210_priv *wil = wiphy_to_wil(wiphy);
243 struct cfg80211_bss *bss;
244 struct wmi_connect_cmd conn;
245 const u8 *ssid_eid;
246 const u8 *rsn_eid;
247 int ch;
248 int rc = 0;
249
250 bss = cfg80211_get_bss(wiphy, sme->channel, sme->bssid,
251 sme->ssid, sme->ssid_len,
252 WLAN_CAPABILITY_ESS, WLAN_CAPABILITY_ESS);
253 if (!bss) {
254 wil_err(wil, "Unable to find BSS\n");
255 return -ENOENT;
256 }
257
258 ssid_eid = ieee80211_bss_get_ie(bss, WLAN_EID_SSID);
259 if (!ssid_eid) {
260 wil_err(wil, "No SSID\n");
261 rc = -ENOENT;
262 goto out;
263 }
264
265 rsn_eid = sme->ie ?
266 cfg80211_find_ie(WLAN_EID_RSN, sme->ie, sme->ie_len) :
267 NULL;
268 if (rsn_eid) {
269 if (sme->ie_len > WMI_MAX_IE_LEN) {
270 rc = -ERANGE;
271 wil_err(wil, "IE too large (%td bytes)\n",
272 sme->ie_len);
273 goto out;
274 }
275 /*
276 * For secure assoc, send:
277 * (1) WMI_DELETE_CIPHER_KEY_CMD
278 * (2) WMI_SET_APPIE_CMD
279 */
280 rc = wmi_del_cipher_key(wil, 0, bss->bssid);
281 if (rc) {
282 wil_err(wil, "WMI_DELETE_CIPHER_KEY_CMD failed\n");
283 goto out;
284 }
285 /* WMI_SET_APPIE_CMD */
286 rc = wmi_set_ie(wil, WMI_FRAME_ASSOC_REQ, sme->ie_len, sme->ie);
287 if (rc) {
288 wil_err(wil, "WMI_SET_APPIE_CMD failed\n");
289 goto out;
290 }
291 }
292
293 /* WMI_CONNECT_CMD */
294 memset(&conn, 0, sizeof(conn));
295 switch (bss->capability & 0x03) {
296 case WLAN_CAPABILITY_DMG_TYPE_AP:
297 conn.network_type = WMI_NETTYPE_INFRA;
298 break;
299 case WLAN_CAPABILITY_DMG_TYPE_PBSS:
300 conn.network_type = WMI_NETTYPE_P2P;
301 break;
302 default:
303 wil_err(wil, "Unsupported BSS type, capability= 0x%04x\n",
304 bss->capability);
305 goto out;
306 }
307 if (rsn_eid) {
308 conn.dot11_auth_mode = WMI_AUTH11_SHARED;
309 conn.auth_mode = WMI_AUTH_WPA2_PSK;
310 conn.pairwise_crypto_type = WMI_CRYPT_AES_GCMP;
311 conn.pairwise_crypto_len = 16;
312 } else {
313 conn.dot11_auth_mode = WMI_AUTH11_OPEN;
314 conn.auth_mode = WMI_AUTH_NONE;
315 }
316
317 conn.ssid_len = min_t(u8, ssid_eid[1], 32);
318 memcpy(conn.ssid, ssid_eid+2, conn.ssid_len);
319
320 ch = bss->channel->hw_value;
321 if (ch == 0) {
322 wil_err(wil, "BSS at unknown frequency %dMhz\n",
323 bss->channel->center_freq);
324 rc = -EOPNOTSUPP;
325 goto out;
326 }
327 conn.channel = ch - 1;
328
329 memcpy(conn.bssid, bss->bssid, 6);
330 memcpy(conn.dst_mac, bss->bssid, 6);
331 /*
332 * FW don't support scan after connection attempt
333 */
334 set_bit(wil_status_dontscan, &wil->status);
335
336 rc = wmi_send(wil, WMI_CONNECT_CMDID, &conn, sizeof(conn));
337 if (rc == 0) {
338 /* Connect can take lots of time */
339 mod_timer(&wil->connect_timer,
340 jiffies + msecs_to_jiffies(2000));
341 }
342
343 out:
344 cfg80211_put_bss(bss);
345
346 return rc;
347}
348
349static int wil_cfg80211_disconnect(struct wiphy *wiphy,
350 struct net_device *ndev,
351 u16 reason_code)
352{
353 int rc;
354 struct wil6210_priv *wil = wiphy_to_wil(wiphy);
355
356 rc = wmi_send(wil, WMI_DISCONNECT_CMDID, NULL, 0);
357
358 return rc;
359}
360
361static int wil_cfg80211_set_channel(struct wiphy *wiphy,
362 struct cfg80211_chan_def *chandef)
363{
364 struct wil6210_priv *wil = wiphy_to_wil(wiphy);
365 struct wireless_dev *wdev = wil->wdev;
366
367 wdev->preset_chandef = *chandef;
368
369 return 0;
370}
371
372static int wil_cfg80211_add_key(struct wiphy *wiphy,
373 struct net_device *ndev,
374 u8 key_index, bool pairwise,
375 const u8 *mac_addr,
376 struct key_params *params)
377{
378 struct wil6210_priv *wil = wiphy_to_wil(wiphy);
379
380 /* group key is not used */
381 if (!pairwise)
382 return 0;
383
384 return wmi_add_cipher_key(wil, key_index, mac_addr,
385 params->key_len, params->key);
386}
387
388static int wil_cfg80211_del_key(struct wiphy *wiphy,
389 struct net_device *ndev,
390 u8 key_index, bool pairwise,
391 const u8 *mac_addr)
392{
393 struct wil6210_priv *wil = wiphy_to_wil(wiphy);
394
395 /* group key is not used */
396 if (!pairwise)
397 return 0;
398
399 return wmi_del_cipher_key(wil, key_index, mac_addr);
400}
401
402/* Need to be present or wiphy_new() will WARN */
403static int wil_cfg80211_set_default_key(struct wiphy *wiphy,
404 struct net_device *ndev,
405 u8 key_index, bool unicast,
406 bool multicast)
407{
408 return 0;
409}
410
411static int wil_cfg80211_start_ap(struct wiphy *wiphy,
412 struct net_device *ndev,
413 struct cfg80211_ap_settings *info)
414{
415 int rc = 0;
416 struct wil6210_priv *wil = wiphy_to_wil(wiphy);
417 struct wireless_dev *wdev = ndev->ieee80211_ptr;
418 struct ieee80211_channel *channel = info->chandef.chan;
419 struct cfg80211_beacon_data *bcon = &info->beacon;
420 u8 wmi_nettype = wil_iftype_nl2wmi(wdev->iftype);
421
422 if (!channel) {
423 wil_err(wil, "AP: No channel???\n");
424 return -EINVAL;
425 }
426
427 wil_dbg_misc(wil, "AP on Channel %d %d MHz, %s\n", channel->hw_value,
428 channel->center_freq, info->privacy ? "secure" : "open");
429 print_hex_dump_bytes("SSID ", DUMP_PREFIX_OFFSET,
430 info->ssid, info->ssid_len);
431
432 rc = wil_reset(wil);
433 if (rc)
434 return rc;
435
436 rc = wmi_set_ssid(wil, info->ssid_len, info->ssid);
437 if (rc)
438 return rc;
439
440 rc = wmi_set_channel(wil, channel->hw_value);
441 if (rc)
442 return rc;
443
444 /* MAC address - pre-requisite for other commands */
445 wmi_set_mac_address(wil, ndev->dev_addr);
446
447 /* IE's */
448 /* bcon 'head IE's are not relevant for 60g band */
449 wmi_set_ie(wil, WMI_FRAME_BEACON, bcon->beacon_ies_len,
450 bcon->beacon_ies);
451 wmi_set_ie(wil, WMI_FRAME_PROBE_RESP, bcon->proberesp_ies_len,
452 bcon->proberesp_ies);
453 wmi_set_ie(wil, WMI_FRAME_ASSOC_RESP, bcon->assocresp_ies_len,
454 bcon->assocresp_ies);
455
456 wil->secure_pcp = info->privacy;
457
458 rc = wmi_set_bcon(wil, info->beacon_interval, wmi_nettype);
459 if (rc)
460 return rc;
461
462 /* Rx VRING. After MAC and beacon */
463 rc = wil_rx_init(wil);
464
465 netif_carrier_on(ndev);
466
467 return rc;
468}
469
470static int wil_cfg80211_stop_ap(struct wiphy *wiphy,
471 struct net_device *ndev)
472{
473 int rc = 0;
474 struct wil6210_priv *wil = wiphy_to_wil(wiphy);
475 struct wireless_dev *wdev = ndev->ieee80211_ptr;
476 u8 wmi_nettype = wil_iftype_nl2wmi(wdev->iftype);
477
478 /* To stop beaconing, set BI to 0 */
479 rc = wmi_set_bcon(wil, 0, wmi_nettype);
480
481 return rc;
482}
483
484static struct cfg80211_ops wil_cfg80211_ops = {
485 .scan = wil_cfg80211_scan,
486 .connect = wil_cfg80211_connect,
487 .disconnect = wil_cfg80211_disconnect,
488 .change_virtual_intf = wil_cfg80211_change_iface,
489 .get_station = wil_cfg80211_get_station,
490 .set_monitor_channel = wil_cfg80211_set_channel,
491 .add_key = wil_cfg80211_add_key,
492 .del_key = wil_cfg80211_del_key,
493 .set_default_key = wil_cfg80211_set_default_key,
494 /* AP mode */
495 .start_ap = wil_cfg80211_start_ap,
496 .stop_ap = wil_cfg80211_stop_ap,
497};
498
499static void wil_wiphy_init(struct wiphy *wiphy)
500{
501 /* TODO: set real value */
502 wiphy->max_scan_ssids = 10;
503 wiphy->max_num_pmkids = 0 /* TODO: */;
504 wiphy->interface_modes = BIT(NL80211_IFTYPE_STATION) |
505 BIT(NL80211_IFTYPE_AP) |
506 BIT(NL80211_IFTYPE_MONITOR);
507 /* TODO: enable P2P when integrated with supplicant:
508 * BIT(NL80211_IFTYPE_P2P_CLIENT) | BIT(NL80211_IFTYPE_P2P_GO)
509 */
510 wiphy->flags |= WIPHY_FLAG_HAVE_AP_SME |
511 WIPHY_FLAG_AP_PROBE_RESP_OFFLOAD;
512 dev_warn(wiphy_dev(wiphy), "%s : flags = 0x%08x\n",
513 __func__, wiphy->flags);
514 wiphy->probe_resp_offload =
515 NL80211_PROBE_RESP_OFFLOAD_SUPPORT_WPS |
516 NL80211_PROBE_RESP_OFFLOAD_SUPPORT_WPS2 |
517 NL80211_PROBE_RESP_OFFLOAD_SUPPORT_P2P;
518
519 wiphy->bands[IEEE80211_BAND_60GHZ] = &wil_band_60ghz;
520
521 /* TODO: figure this out */
522 wiphy->signal_type = CFG80211_SIGNAL_TYPE_MBM;
523
524 wiphy->cipher_suites = wil_cipher_suites;
525 wiphy->n_cipher_suites = ARRAY_SIZE(wil_cipher_suites);
526 wiphy->mgmt_stypes = wil_mgmt_stypes;
527}
528
529struct wireless_dev *wil_cfg80211_init(struct device *dev)
530{
531 int rc = 0;
532 struct wireless_dev *wdev;
533
534 wdev = kzalloc(sizeof(struct wireless_dev), GFP_KERNEL);
535 if (!wdev)
536 return ERR_PTR(-ENOMEM);
537
538 wdev->wiphy = wiphy_new(&wil_cfg80211_ops,
539 sizeof(struct wil6210_priv));
540 if (!wdev->wiphy) {
541 rc = -ENOMEM;
542 goto out;
543 }
544
545 set_wiphy_dev(wdev->wiphy, dev);
546 wil_wiphy_init(wdev->wiphy);
547
548 rc = wiphy_register(wdev->wiphy);
549 if (rc < 0)
550 goto out_failed_reg;
551
552 return wdev;
553
554out_failed_reg:
555 wiphy_free(wdev->wiphy);
556out:
557 kfree(wdev);
558
559 return ERR_PTR(rc);
560}
561
562void wil_wdev_free(struct wil6210_priv *wil)
563{
564 struct wireless_dev *wdev = wil_to_wdev(wil);
565
566 if (!wdev)
567 return;
568
569 wiphy_unregister(wdev->wiphy);
570 wiphy_free(wdev->wiphy);
571 kfree(wdev);
572}
diff --git a/drivers/net/wireless/ath/wil6210/dbg_hexdump.h b/drivers/net/wireless/ath/wil6210/dbg_hexdump.h
new file mode 100644
index 000000000000..6a315ba5aa7d
--- /dev/null
+++ b/drivers/net/wireless/ath/wil6210/dbg_hexdump.h
@@ -0,0 +1,30 @@
1#ifndef WIL_DBG_HEXDUMP_H_
2#define WIL_DBG_HEXDUMP_H_
3
4#if defined(CONFIG_DYNAMIC_DEBUG)
5#define wil_dynamic_hex_dump(prefix_str, prefix_type, rowsize, \
6 groupsize, buf, len, ascii) \
7do { \
8 DEFINE_DYNAMIC_DEBUG_METADATA(descriptor, \
9 __builtin_constant_p(prefix_str) ? prefix_str : "hexdump");\
10 if (unlikely(descriptor.flags & _DPRINTK_FLAGS_PRINT)) \
11 print_hex_dump(KERN_DEBUG, prefix_str, \
12 prefix_type, rowsize, groupsize, \
13 buf, len, ascii); \
14} while (0)
15
16#define wil_print_hex_dump_debug(prefix_str, prefix_type, rowsize, \
17 groupsize, buf, len, ascii) \
18 wil_dynamic_hex_dump(prefix_str, prefix_type, rowsize, \
19 groupsize, buf, len, ascii)
20
21#define print_hex_dump_bytes(prefix_str, prefix_type, buf, len) \
22 wil_dynamic_hex_dump(prefix_str, prefix_type, 16, 1, buf, len, true)
23#else /* defined(CONFIG_DYNAMIC_DEBUG) */
24#define wil_print_hex_dump_debug(prefix_str, prefix_type, rowsize, \
25 groupsize, buf, len, ascii) \
26 print_hex_dump(KERN_DEBUG, prefix_str, prefix_type, rowsize, \
27 groupsize, buf, len, ascii)
28#endif /* defined(CONFIG_DYNAMIC_DEBUG) */
29
30#endif /* WIL_DBG_HEXDUMP_H_ */
diff --git a/drivers/net/wireless/ath/wil6210/debugfs.c b/drivers/net/wireless/ath/wil6210/debugfs.c
new file mode 100644
index 000000000000..65fc9683bfd8
--- /dev/null
+++ b/drivers/net/wireless/ath/wil6210/debugfs.c
@@ -0,0 +1,603 @@
1/*
2 * Copyright (c) 2012 Qualcomm Atheros, Inc.
3 *
4 * Permission to use, copy, modify, and/or distribute this software for any
5 * purpose with or without fee is hereby granted, provided that the above
6 * copyright notice and this permission notice appear in all copies.
7 *
8 * THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES
9 * WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF
10 * MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR
11 * ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES
12 * WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN
13 * ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF
14 * OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE.
15 */
16
17#include <linux/module.h>
18#include <linux/debugfs.h>
19#include <linux/seq_file.h>
20#include <linux/pci.h>
21#include <linux/rtnetlink.h>
22
23#include "wil6210.h"
24#include "txrx.h"
25
26/* Nasty hack. Better have per device instances */
27static u32 mem_addr;
28static u32 dbg_txdesc_index;
29
30static void wil_print_vring(struct seq_file *s, struct wil6210_priv *wil,
31 const char *name, struct vring *vring)
32{
33 void __iomem *x = wmi_addr(wil, vring->hwtail);
34
35 seq_printf(s, "VRING %s = {\n", name);
36 seq_printf(s, " pa = 0x%016llx\n", (unsigned long long)vring->pa);
37 seq_printf(s, " va = 0x%p\n", vring->va);
38 seq_printf(s, " size = %d\n", vring->size);
39 seq_printf(s, " swtail = %d\n", vring->swtail);
40 seq_printf(s, " swhead = %d\n", vring->swhead);
41 seq_printf(s, " hwtail = [0x%08x] -> ", vring->hwtail);
42 if (x)
43 seq_printf(s, "0x%08x\n", ioread32(x));
44 else
45 seq_printf(s, "???\n");
46
47 if (vring->va && (vring->size < 1025)) {
48 uint i;
49 for (i = 0; i < vring->size; i++) {
50 volatile struct vring_tx_desc *d = &vring->va[i].tx;
51 if ((i % 64) == 0 && (i != 0))
52 seq_printf(s, "\n");
53 seq_printf(s, "%s", (d->dma.status & BIT(0)) ?
54 "S" : (vring->ctx[i] ? "H" : "h"));
55 }
56 seq_printf(s, "\n");
57 }
58 seq_printf(s, "}\n");
59}
60
61static int wil_vring_debugfs_show(struct seq_file *s, void *data)
62{
63 uint i;
64 struct wil6210_priv *wil = s->private;
65
66 wil_print_vring(s, wil, "rx", &wil->vring_rx);
67
68 for (i = 0; i < ARRAY_SIZE(wil->vring_tx); i++) {
69 struct vring *vring = &(wil->vring_tx[i]);
70 if (vring->va) {
71 char name[10];
72 snprintf(name, sizeof(name), "tx_%2d", i);
73 wil_print_vring(s, wil, name, vring);
74 }
75 }
76
77 return 0;
78}
79
80static int wil_vring_seq_open(struct inode *inode, struct file *file)
81{
82 return single_open(file, wil_vring_debugfs_show, inode->i_private);
83}
84
85static const struct file_operations fops_vring = {
86 .open = wil_vring_seq_open,
87 .release = single_release,
88 .read = seq_read,
89 .llseek = seq_lseek,
90};
91
92static void wil_print_ring(struct seq_file *s, const char *prefix,
93 void __iomem *off)
94{
95 struct wil6210_priv *wil = s->private;
96 struct wil6210_mbox_ring r;
97 int rsize;
98 uint i;
99
100 wil_memcpy_fromio_32(&r, off, sizeof(r));
101 wil_mbox_ring_le2cpus(&r);
102 /*
103 * we just read memory block from NIC. This memory may be
104 * garbage. Check validity before using it.
105 */
106 rsize = r.size / sizeof(struct wil6210_mbox_ring_desc);
107
108 seq_printf(s, "ring %s = {\n", prefix);
109 seq_printf(s, " base = 0x%08x\n", r.base);
110 seq_printf(s, " size = 0x%04x bytes -> %d entries\n", r.size, rsize);
111 seq_printf(s, " tail = 0x%08x\n", r.tail);
112 seq_printf(s, " head = 0x%08x\n", r.head);
113 seq_printf(s, " entry size = %d\n", r.entry_size);
114
115 if (r.size % sizeof(struct wil6210_mbox_ring_desc)) {
116 seq_printf(s, " ??? size is not multiple of %zd, garbage?\n",
117 sizeof(struct wil6210_mbox_ring_desc));
118 goto out;
119 }
120
121 if (!wmi_addr(wil, r.base) ||
122 !wmi_addr(wil, r.tail) ||
123 !wmi_addr(wil, r.head)) {
124 seq_printf(s, " ??? pointers are garbage?\n");
125 goto out;
126 }
127
128 for (i = 0; i < rsize; i++) {
129 struct wil6210_mbox_ring_desc d;
130 struct wil6210_mbox_hdr hdr;
131 size_t delta = i * sizeof(d);
132 void __iomem *x = wil->csr + HOSTADDR(r.base) + delta;
133
134 wil_memcpy_fromio_32(&d, x, sizeof(d));
135
136 seq_printf(s, " [%2x] %s %s%s 0x%08x", i,
137 d.sync ? "F" : "E",
138 (r.tail - r.base == delta) ? "t" : " ",
139 (r.head - r.base == delta) ? "h" : " ",
140 le32_to_cpu(d.addr));
141 if (0 == wmi_read_hdr(wil, d.addr, &hdr)) {
142 u16 len = le16_to_cpu(hdr.len);
143 seq_printf(s, " -> %04x %04x %04x %02x\n",
144 le16_to_cpu(hdr.seq), len,
145 le16_to_cpu(hdr.type), hdr.flags);
146 if (len <= MAX_MBOXITEM_SIZE) {
147 int n = 0;
148 unsigned char printbuf[16 * 3 + 2];
149 unsigned char databuf[MAX_MBOXITEM_SIZE];
150 void __iomem *src = wmi_buffer(wil, d.addr) +
151 sizeof(struct wil6210_mbox_hdr);
152 /*
153 * No need to check @src for validity -
154 * we already validated @d.addr while
155 * reading header
156 */
157 wil_memcpy_fromio_32(databuf, src, len);
158 while (n < len) {
159 int l = min(len - n, 16);
160 hex_dump_to_buffer(databuf + n, l,
161 16, 1, printbuf,
162 sizeof(printbuf),
163 false);
164 seq_printf(s, " : %s\n", printbuf);
165 n += l;
166 }
167 }
168 } else {
169 seq_printf(s, "\n");
170 }
171 }
172 out:
173 seq_printf(s, "}\n");
174}
175
176static int wil_mbox_debugfs_show(struct seq_file *s, void *data)
177{
178 struct wil6210_priv *wil = s->private;
179
180 wil_print_ring(s, "tx", wil->csr + HOST_MBOX +
181 offsetof(struct wil6210_mbox_ctl, tx));
182 wil_print_ring(s, "rx", wil->csr + HOST_MBOX +
183 offsetof(struct wil6210_mbox_ctl, rx));
184
185 return 0;
186}
187
188static int wil_mbox_seq_open(struct inode *inode, struct file *file)
189{
190 return single_open(file, wil_mbox_debugfs_show, inode->i_private);
191}
192
193static const struct file_operations fops_mbox = {
194 .open = wil_mbox_seq_open,
195 .release = single_release,
196 .read = seq_read,
197 .llseek = seq_lseek,
198};
199
200static int wil_debugfs_iomem_x32_set(void *data, u64 val)
201{
202 iowrite32(val, (void __iomem *)data);
203 wmb(); /* make sure write propagated to HW */
204
205 return 0;
206}
207
208static int wil_debugfs_iomem_x32_get(void *data, u64 *val)
209{
210 *val = ioread32((void __iomem *)data);
211
212 return 0;
213}
214
215DEFINE_SIMPLE_ATTRIBUTE(fops_iomem_x32, wil_debugfs_iomem_x32_get,
216 wil_debugfs_iomem_x32_set, "0x%08llx\n");
217
218static struct dentry *wil_debugfs_create_iomem_x32(const char *name,
219 mode_t mode,
220 struct dentry *parent,
221 void __iomem *value)
222{
223 return debugfs_create_file(name, mode, parent, (void * __force)value,
224 &fops_iomem_x32);
225}
226
227static int wil6210_debugfs_create_ISR(struct wil6210_priv *wil,
228 const char *name,
229 struct dentry *parent, u32 off)
230{
231 struct dentry *d = debugfs_create_dir(name, parent);
232
233 if (IS_ERR_OR_NULL(d))
234 return -ENODEV;
235
236 wil_debugfs_create_iomem_x32("ICC", S_IRUGO | S_IWUSR, d,
237 wil->csr + off);
238 wil_debugfs_create_iomem_x32("ICR", S_IRUGO | S_IWUSR, d,
239 wil->csr + off + 4);
240 wil_debugfs_create_iomem_x32("ICM", S_IRUGO | S_IWUSR, d,
241 wil->csr + off + 8);
242 wil_debugfs_create_iomem_x32("ICS", S_IWUSR, d,
243 wil->csr + off + 12);
244 wil_debugfs_create_iomem_x32("IMV", S_IRUGO | S_IWUSR, d,
245 wil->csr + off + 16);
246 wil_debugfs_create_iomem_x32("IMS", S_IWUSR, d,
247 wil->csr + off + 20);
248 wil_debugfs_create_iomem_x32("IMC", S_IWUSR, d,
249 wil->csr + off + 24);
250
251 return 0;
252}
253
254static int wil6210_debugfs_create_pseudo_ISR(struct wil6210_priv *wil,
255 struct dentry *parent)
256{
257 struct dentry *d = debugfs_create_dir("PSEUDO_ISR", parent);
258
259 if (IS_ERR_OR_NULL(d))
260 return -ENODEV;
261
262 wil_debugfs_create_iomem_x32("CAUSE", S_IRUGO, d, wil->csr +
263 HOSTADDR(RGF_DMA_PSEUDO_CAUSE));
264 wil_debugfs_create_iomem_x32("MASK_SW", S_IRUGO, d, wil->csr +
265 HOSTADDR(RGF_DMA_PSEUDO_CAUSE_MASK_SW));
266 wil_debugfs_create_iomem_x32("MASK_FW", S_IRUGO, d, wil->csr +
267 HOSTADDR(RGF_DMA_PSEUDO_CAUSE_MASK_FW));
268
269 return 0;
270}
271
272static int wil6210_debugfs_create_ITR_CNT(struct wil6210_priv *wil,
273 struct dentry *parent)
274{
275 struct dentry *d = debugfs_create_dir("ITR_CNT", parent);
276
277 if (IS_ERR_OR_NULL(d))
278 return -ENODEV;
279
280 wil_debugfs_create_iomem_x32("TRSH", S_IRUGO, d, wil->csr +
281 HOSTADDR(RGF_DMA_ITR_CNT_TRSH));
282 wil_debugfs_create_iomem_x32("DATA", S_IRUGO, d, wil->csr +
283 HOSTADDR(RGF_DMA_ITR_CNT_DATA));
284 wil_debugfs_create_iomem_x32("CTL", S_IRUGO, d, wil->csr +
285 HOSTADDR(RGF_DMA_ITR_CNT_CRL));
286
287 return 0;
288}
289
290static int wil_memread_debugfs_show(struct seq_file *s, void *data)
291{
292 struct wil6210_priv *wil = s->private;
293 void __iomem *a = wmi_buffer(wil, cpu_to_le32(mem_addr));
294
295 if (a)
296 seq_printf(s, "[0x%08x] = 0x%08x\n", mem_addr, ioread32(a));
297 else
298 seq_printf(s, "[0x%08x] = INVALID\n", mem_addr);
299
300 return 0;
301}
302
303static int wil_memread_seq_open(struct inode *inode, struct file *file)
304{
305 return single_open(file, wil_memread_debugfs_show, inode->i_private);
306}
307
308static const struct file_operations fops_memread = {
309 .open = wil_memread_seq_open,
310 .release = single_release,
311 .read = seq_read,
312 .llseek = seq_lseek,
313};
314
315static int wil_default_open(struct inode *inode, struct file *file)
316{
317 if (inode->i_private)
318 file->private_data = inode->i_private;
319
320 return 0;
321}
322
323static ssize_t wil_read_file_ioblob(struct file *file, char __user *user_buf,
324 size_t count, loff_t *ppos)
325{
326 enum { max_count = 4096 };
327 struct debugfs_blob_wrapper *blob = file->private_data;
328 loff_t pos = *ppos;
329 size_t available = blob->size;
330 void *buf;
331 size_t ret;
332
333 if (pos < 0)
334 return -EINVAL;
335
336 if (pos >= available || !count)
337 return 0;
338
339 if (count > available - pos)
340 count = available - pos;
341 if (count > max_count)
342 count = max_count;
343
344 buf = kmalloc(count, GFP_KERNEL);
345 if (!buf)
346 return -ENOMEM;
347
348 wil_memcpy_fromio_32(buf, (const volatile void __iomem *)blob->data +
349 pos, count);
350
351 ret = copy_to_user(user_buf, buf, count);
352 kfree(buf);
353 if (ret == count)
354 return -EFAULT;
355
356 count -= ret;
357 *ppos = pos + count;
358
359 return count;
360}
361
362static const struct file_operations fops_ioblob = {
363 .read = wil_read_file_ioblob,
364 .open = wil_default_open,
365 .llseek = default_llseek,
366};
367
368static
369struct dentry *wil_debugfs_create_ioblob(const char *name,
370 mode_t mode,
371 struct dentry *parent,
372 struct debugfs_blob_wrapper *blob)
373{
374 return debugfs_create_file(name, mode, parent, blob, &fops_ioblob);
375}
376/*---reset---*/
377static ssize_t wil_write_file_reset(struct file *file, const char __user *buf,
378 size_t len, loff_t *ppos)
379{
380 struct wil6210_priv *wil = file->private_data;
381 struct net_device *ndev = wil_to_ndev(wil);
382
383 /**
384 * BUG:
385 * this code does NOT sync device state with the rest of system
386 * use with care, debug only!!!
387 */
388 rtnl_lock();
389 dev_close(ndev);
390 ndev->flags &= ~IFF_UP;
391 rtnl_unlock();
392 wil_reset(wil);
393
394 return len;
395}
396
397static const struct file_operations fops_reset = {
398 .write = wil_write_file_reset,
399 .open = wil_default_open,
400};
401/*---------Tx descriptor------------*/
402
403static int wil_txdesc_debugfs_show(struct seq_file *s, void *data)
404{
405 struct wil6210_priv *wil = s->private;
406 struct vring *vring = &(wil->vring_tx[0]);
407
408 if (!vring->va) {
409 seq_printf(s, "No Tx VRING\n");
410 return 0;
411 }
412
413 if (dbg_txdesc_index < vring->size) {
414 volatile struct vring_tx_desc *d =
415 &(vring->va[dbg_txdesc_index].tx);
416 volatile u32 *u = (volatile u32 *)d;
417 struct sk_buff *skb = vring->ctx[dbg_txdesc_index];
418
419 seq_printf(s, "Tx[%3d] = {\n", dbg_txdesc_index);
420 seq_printf(s, " MAC = 0x%08x 0x%08x 0x%08x 0x%08x\n",
421 u[0], u[1], u[2], u[3]);
422 seq_printf(s, " DMA = 0x%08x 0x%08x 0x%08x 0x%08x\n",
423 u[4], u[5], u[6], u[7]);
424 seq_printf(s, " SKB = %p\n", skb);
425
426 if (skb) {
427 unsigned char printbuf[16 * 3 + 2];
428 int i = 0;
429 int len = skb_headlen(skb);
430 void *p = skb->data;
431
432 seq_printf(s, " len = %d\n", len);
433
434 while (i < len) {
435 int l = min(len - i, 16);
436 hex_dump_to_buffer(p + i, l, 16, 1, printbuf,
437 sizeof(printbuf), false);
438 seq_printf(s, " : %s\n", printbuf);
439 i += l;
440 }
441 }
442 seq_printf(s, "}\n");
443 } else {
444 seq_printf(s, "TxDesc index (%d) >= size (%d)\n",
445 dbg_txdesc_index, vring->size);
446 }
447
448 return 0;
449}
450
451static int wil_txdesc_seq_open(struct inode *inode, struct file *file)
452{
453 return single_open(file, wil_txdesc_debugfs_show, inode->i_private);
454}
455
456static const struct file_operations fops_txdesc = {
457 .open = wil_txdesc_seq_open,
458 .release = single_release,
459 .read = seq_read,
460 .llseek = seq_lseek,
461};
462
463/*---------beamforming------------*/
464static int wil_bf_debugfs_show(struct seq_file *s, void *data)
465{
466 struct wil6210_priv *wil = s->private;
467 seq_printf(s,
468 "TSF : 0x%016llx\n"
469 "TxMCS : %d\n"
470 "Sectors(rx:tx) my %2d:%2d peer %2d:%2d\n",
471 wil->stats.tsf, wil->stats.bf_mcs,
472 wil->stats.my_rx_sector, wil->stats.my_tx_sector,
473 wil->stats.peer_rx_sector, wil->stats.peer_tx_sector);
474 return 0;
475}
476
477static int wil_bf_seq_open(struct inode *inode, struct file *file)
478{
479 return single_open(file, wil_bf_debugfs_show, inode->i_private);
480}
481
482static const struct file_operations fops_bf = {
483 .open = wil_bf_seq_open,
484 .release = single_release,
485 .read = seq_read,
486 .llseek = seq_lseek,
487};
488/*---------SSID------------*/
489static ssize_t wil_read_file_ssid(struct file *file, char __user *user_buf,
490 size_t count, loff_t *ppos)
491{
492 struct wil6210_priv *wil = file->private_data;
493 struct wireless_dev *wdev = wil_to_wdev(wil);
494
495 return simple_read_from_buffer(user_buf, count, ppos,
496 wdev->ssid, wdev->ssid_len);
497}
498
499static ssize_t wil_write_file_ssid(struct file *file, const char __user *buf,
500 size_t count, loff_t *ppos)
501{
502 struct wil6210_priv *wil = file->private_data;
503 struct wireless_dev *wdev = wil_to_wdev(wil);
504 struct net_device *ndev = wil_to_ndev(wil);
505
506 if (*ppos != 0) {
507 wil_err(wil, "Unable to set SSID substring from [%d]\n",
508 (int)*ppos);
509 return -EINVAL;
510 }
511
512 if (count > sizeof(wdev->ssid)) {
513 wil_err(wil, "SSID too long, len = %d\n", (int)count);
514 return -EINVAL;
515 }
516 if (netif_running(ndev)) {
517 wil_err(wil, "Unable to change SSID on running interface\n");
518 return -EINVAL;
519 }
520
521 wdev->ssid_len = count;
522 return simple_write_to_buffer(wdev->ssid, wdev->ssid_len, ppos,
523 buf, count);
524}
525
526static const struct file_operations fops_ssid = {
527 .read = wil_read_file_ssid,
528 .write = wil_write_file_ssid,
529 .open = wil_default_open,
530};
531
532/*----------------*/
533int wil6210_debugfs_init(struct wil6210_priv *wil)
534{
535 struct dentry *dbg = wil->debug = debugfs_create_dir(WIL_NAME,
536 wil_to_wiphy(wil)->debugfsdir);
537
538 if (IS_ERR_OR_NULL(dbg))
539 return -ENODEV;
540
541 debugfs_create_file("mbox", S_IRUGO, dbg, wil, &fops_mbox);
542 debugfs_create_file("vrings", S_IRUGO, dbg, wil, &fops_vring);
543 debugfs_create_file("txdesc", S_IRUGO, dbg, wil, &fops_txdesc);
544 debugfs_create_u32("txdesc_index", S_IRUGO | S_IWUSR, dbg,
545 &dbg_txdesc_index);
546 debugfs_create_file("bf", S_IRUGO, dbg, wil, &fops_bf);
547 debugfs_create_file("ssid", S_IRUGO | S_IWUSR, dbg, wil, &fops_ssid);
548 debugfs_create_u32("secure_pcp", S_IRUGO | S_IWUSR, dbg,
549 &wil->secure_pcp);
550
551 wil6210_debugfs_create_ISR(wil, "USER_ICR", dbg,
552 HOSTADDR(RGF_USER_USER_ICR));
553 wil6210_debugfs_create_ISR(wil, "DMA_EP_TX_ICR", dbg,
554 HOSTADDR(RGF_DMA_EP_TX_ICR));
555 wil6210_debugfs_create_ISR(wil, "DMA_EP_RX_ICR", dbg,
556 HOSTADDR(RGF_DMA_EP_RX_ICR));
557 wil6210_debugfs_create_ISR(wil, "DMA_EP_MISC_ICR", dbg,
558 HOSTADDR(RGF_DMA_EP_MISC_ICR));
559 wil6210_debugfs_create_pseudo_ISR(wil, dbg);
560 wil6210_debugfs_create_ITR_CNT(wil, dbg);
561
562 debugfs_create_u32("mem_addr", S_IRUGO | S_IWUSR, dbg, &mem_addr);
563 debugfs_create_file("mem_val", S_IRUGO, dbg, wil, &fops_memread);
564
565 debugfs_create_file("reset", S_IWUSR, dbg, wil, &fops_reset);
566
567 wil->rgf_blob.data = (void * __force)wil->csr + 0;
568 wil->rgf_blob.size = 0xa000;
569 wil_debugfs_create_ioblob("blob_rgf", S_IRUGO, dbg, &wil->rgf_blob);
570
571 wil->fw_code_blob.data = (void * __force)wil->csr + 0x40000;
572 wil->fw_code_blob.size = 0x40000;
573 wil_debugfs_create_ioblob("blob_fw_code", S_IRUGO, dbg,
574 &wil->fw_code_blob);
575
576 wil->fw_data_blob.data = (void * __force)wil->csr + 0x80000;
577 wil->fw_data_blob.size = 0x8000;
578 wil_debugfs_create_ioblob("blob_fw_data", S_IRUGO, dbg,
579 &wil->fw_data_blob);
580
581 wil->fw_peri_blob.data = (void * __force)wil->csr + 0x88000;
582 wil->fw_peri_blob.size = 0x18000;
583 wil_debugfs_create_ioblob("blob_fw_peri", S_IRUGO, dbg,
584 &wil->fw_peri_blob);
585
586 wil->uc_code_blob.data = (void * __force)wil->csr + 0xa0000;
587 wil->uc_code_blob.size = 0x10000;
588 wil_debugfs_create_ioblob("blob_uc_code", S_IRUGO, dbg,
589 &wil->uc_code_blob);
590
591 wil->uc_data_blob.data = (void * __force)wil->csr + 0xb0000;
592 wil->uc_data_blob.size = 0x4000;
593 wil_debugfs_create_ioblob("blob_uc_data", S_IRUGO, dbg,
594 &wil->uc_data_blob);
595
596 return 0;
597}
598
599void wil6210_debugfs_remove(struct wil6210_priv *wil)
600{
601 debugfs_remove_recursive(wil->debug);
602 wil->debug = NULL;
603}
diff --git a/drivers/net/wireless/ath/wil6210/interrupt.c b/drivers/net/wireless/ath/wil6210/interrupt.c
new file mode 100644
index 000000000000..dc97e7b2609c
--- /dev/null
+++ b/drivers/net/wireless/ath/wil6210/interrupt.c
@@ -0,0 +1,490 @@
1/*
2 * Copyright (c) 2012 Qualcomm Atheros, Inc.
3 *
4 * Permission to use, copy, modify, and/or distribute this software for any
5 * purpose with or without fee is hereby granted, provided that the above
6 * copyright notice and this permission notice appear in all copies.
7 *
8 * THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES
9 * WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF
10 * MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR
11 * ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES
12 * WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN
13 * ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF
14 * OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE.
15 */
16
17#include <linux/interrupt.h>
18
19#include "wil6210.h"
20
21/**
22 * Theory of operation:
23 *
24 * There is ISR pseudo-cause register,
25 * dma_rgf->DMA_RGF.PSEUDO_CAUSE.PSEUDO_CAUSE
26 * Its bits represents OR'ed bits from 3 real ISR registers:
27 * TX, RX, and MISC.
28 *
29 * Registers may be configured to either "write 1 to clear" or
30 * "clear on read" mode
31 *
32 * When handling interrupt, one have to mask/unmask interrupts for the
33 * real ISR registers, or hardware may malfunction.
34 *
35 */
36
37#define WIL6210_IRQ_DISABLE (0xFFFFFFFFUL)
38#define WIL6210_IMC_RX BIT_DMA_EP_RX_ICR_RX_DONE
39#define WIL6210_IMC_TX (BIT_DMA_EP_TX_ICR_TX_DONE | \
40 BIT_DMA_EP_TX_ICR_TX_DONE_N(0))
41#define WIL6210_IMC_MISC (ISR_MISC_FW_READY | \
42 ISR_MISC_MBOX_EVT | \
43 ISR_MISC_FW_ERROR)
44
45#define WIL6210_IRQ_PSEUDO_MASK (u32)(~(BIT_DMA_PSEUDO_CAUSE_RX | \
46 BIT_DMA_PSEUDO_CAUSE_TX | \
47 BIT_DMA_PSEUDO_CAUSE_MISC))
48
49#if defined(CONFIG_WIL6210_ISR_COR)
50/* configure to Clear-On-Read mode */
51#define WIL_ICR_ICC_VALUE (0xFFFFFFFFUL)
52
53static inline void wil_icr_clear(u32 x, void __iomem *addr)
54{
55}
56#else /* defined(CONFIG_WIL6210_ISR_COR) */
57/* configure to Write-1-to-Clear mode */
58#define WIL_ICR_ICC_VALUE (0UL)
59
60static inline void wil_icr_clear(u32 x, void __iomem *addr)
61{
62 iowrite32(x, addr);
63}
64#endif /* defined(CONFIG_WIL6210_ISR_COR) */
65
66static inline u32 wil_ioread32_and_clear(void __iomem *addr)
67{
68 u32 x = ioread32(addr);
69
70 wil_icr_clear(x, addr);
71
72 return x;
73}
74
75static void wil6210_mask_irq_tx(struct wil6210_priv *wil)
76{
77 iowrite32(WIL6210_IRQ_DISABLE, wil->csr +
78 HOSTADDR(RGF_DMA_EP_TX_ICR) +
79 offsetof(struct RGF_ICR, IMS));
80}
81
82static void wil6210_mask_irq_rx(struct wil6210_priv *wil)
83{
84 iowrite32(WIL6210_IRQ_DISABLE, wil->csr +
85 HOSTADDR(RGF_DMA_EP_RX_ICR) +
86 offsetof(struct RGF_ICR, IMS));
87}
88
89static void wil6210_mask_irq_misc(struct wil6210_priv *wil)
90{
91 iowrite32(WIL6210_IRQ_DISABLE, wil->csr +
92 HOSTADDR(RGF_DMA_EP_MISC_ICR) +
93 offsetof(struct RGF_ICR, IMS));
94}
95
96static void wil6210_mask_irq_pseudo(struct wil6210_priv *wil)
97{
98 wil_dbg_irq(wil, "%s()\n", __func__);
99
100 iowrite32(WIL6210_IRQ_DISABLE, wil->csr +
101 HOSTADDR(RGF_DMA_PSEUDO_CAUSE_MASK_SW));
102
103 clear_bit(wil_status_irqen, &wil->status);
104}
105
106static void wil6210_unmask_irq_tx(struct wil6210_priv *wil)
107{
108 iowrite32(WIL6210_IMC_TX, wil->csr +
109 HOSTADDR(RGF_DMA_EP_TX_ICR) +
110 offsetof(struct RGF_ICR, IMC));
111}
112
113static void wil6210_unmask_irq_rx(struct wil6210_priv *wil)
114{
115 iowrite32(WIL6210_IMC_RX, wil->csr +
116 HOSTADDR(RGF_DMA_EP_RX_ICR) +
117 offsetof(struct RGF_ICR, IMC));
118}
119
120static void wil6210_unmask_irq_misc(struct wil6210_priv *wil)
121{
122 iowrite32(WIL6210_IMC_MISC, wil->csr +
123 HOSTADDR(RGF_DMA_EP_MISC_ICR) +
124 offsetof(struct RGF_ICR, IMC));
125}
126
127static void wil6210_unmask_irq_pseudo(struct wil6210_priv *wil)
128{
129 wil_dbg_irq(wil, "%s()\n", __func__);
130
131 set_bit(wil_status_irqen, &wil->status);
132
133 iowrite32(WIL6210_IRQ_PSEUDO_MASK, wil->csr +
134 HOSTADDR(RGF_DMA_PSEUDO_CAUSE_MASK_SW));
135}
136
137void wil6210_disable_irq(struct wil6210_priv *wil)
138{
139 wil_dbg_irq(wil, "%s()\n", __func__);
140
141 wil6210_mask_irq_tx(wil);
142 wil6210_mask_irq_rx(wil);
143 wil6210_mask_irq_misc(wil);
144 wil6210_mask_irq_pseudo(wil);
145}
146
147void wil6210_enable_irq(struct wil6210_priv *wil)
148{
149 wil_dbg_irq(wil, "%s()\n", __func__);
150
151 iowrite32(WIL_ICR_ICC_VALUE, wil->csr + HOSTADDR(RGF_DMA_EP_RX_ICR) +
152 offsetof(struct RGF_ICR, ICC));
153 iowrite32(WIL_ICR_ICC_VALUE, wil->csr + HOSTADDR(RGF_DMA_EP_TX_ICR) +
154 offsetof(struct RGF_ICR, ICC));
155 iowrite32(WIL_ICR_ICC_VALUE, wil->csr + HOSTADDR(RGF_DMA_EP_MISC_ICR) +
156 offsetof(struct RGF_ICR, ICC));
157
158 wil6210_unmask_irq_pseudo(wil);
159 wil6210_unmask_irq_tx(wil);
160 wil6210_unmask_irq_rx(wil);
161 wil6210_unmask_irq_misc(wil);
162}
163
164static irqreturn_t wil6210_irq_rx(int irq, void *cookie)
165{
166 struct wil6210_priv *wil = cookie;
167 u32 isr = wil_ioread32_and_clear(wil->csr +
168 HOSTADDR(RGF_DMA_EP_RX_ICR) +
169 offsetof(struct RGF_ICR, ICR));
170
171 wil_dbg_irq(wil, "ISR RX 0x%08x\n", isr);
172
173 if (!isr) {
174 wil_err(wil, "spurious IRQ: RX\n");
175 return IRQ_NONE;
176 }
177
178 wil6210_mask_irq_rx(wil);
179
180 if (isr & BIT_DMA_EP_RX_ICR_RX_DONE) {
181 wil_dbg_irq(wil, "RX done\n");
182 isr &= ~BIT_DMA_EP_RX_ICR_RX_DONE;
183 wil_rx_handle(wil);
184 }
185
186 if (isr)
187 wil_err(wil, "un-handled RX ISR bits 0x%08x\n", isr);
188
189 wil6210_unmask_irq_rx(wil);
190
191 return IRQ_HANDLED;
192}
193
194static irqreturn_t wil6210_irq_tx(int irq, void *cookie)
195{
196 struct wil6210_priv *wil = cookie;
197 u32 isr = wil_ioread32_and_clear(wil->csr +
198 HOSTADDR(RGF_DMA_EP_TX_ICR) +
199 offsetof(struct RGF_ICR, ICR));
200
201 wil_dbg_irq(wil, "ISR TX 0x%08x\n", isr);
202
203 if (!isr) {
204 wil_err(wil, "spurious IRQ: TX\n");
205 return IRQ_NONE;
206 }
207
208 wil6210_mask_irq_tx(wil);
209
210 if (isr & BIT_DMA_EP_TX_ICR_TX_DONE) {
211 uint i;
212 wil_dbg_irq(wil, "TX done\n");
213 isr &= ~BIT_DMA_EP_TX_ICR_TX_DONE;
214 for (i = 0; i < 24; i++) {
215 u32 mask = BIT_DMA_EP_TX_ICR_TX_DONE_N(i);
216 if (isr & mask) {
217 isr &= ~mask;
218 wil_dbg_irq(wil, "TX done(%i)\n", i);
219 wil_tx_complete(wil, i);
220 }
221 }
222 }
223
224 if (isr)
225 wil_err(wil, "un-handled TX ISR bits 0x%08x\n", isr);
226
227 wil6210_unmask_irq_tx(wil);
228
229 return IRQ_HANDLED;
230}
231
232static void wil_notify_fw_error(struct wil6210_priv *wil)
233{
234 struct device *dev = &wil_to_ndev(wil)->dev;
235 char *envp[3] = {
236 [0] = "SOURCE=wil6210",
237 [1] = "EVENT=FW_ERROR",
238 [2] = NULL,
239 };
240 kobject_uevent_env(&dev->kobj, KOBJ_CHANGE, envp);
241}
242
243static irqreturn_t wil6210_irq_misc(int irq, void *cookie)
244{
245 struct wil6210_priv *wil = cookie;
246 u32 isr = wil_ioread32_and_clear(wil->csr +
247 HOSTADDR(RGF_DMA_EP_MISC_ICR) +
248 offsetof(struct RGF_ICR, ICR));
249
250 wil_dbg_irq(wil, "ISR MISC 0x%08x\n", isr);
251
252 if (!isr) {
253 wil_err(wil, "spurious IRQ: MISC\n");
254 return IRQ_NONE;
255 }
256
257 wil6210_mask_irq_misc(wil);
258
259 if (isr & ISR_MISC_FW_ERROR) {
260 wil_dbg_irq(wil, "IRQ: Firmware error\n");
261 clear_bit(wil_status_fwready, &wil->status);
262 wil_notify_fw_error(wil);
263 isr &= ~ISR_MISC_FW_ERROR;
264 }
265
266 if (isr & ISR_MISC_FW_READY) {
267 wil_dbg_irq(wil, "IRQ: FW ready\n");
268 /**
269 * Actual FW ready indicated by the
270 * WMI_FW_READY_EVENTID
271 */
272 isr &= ~ISR_MISC_FW_READY;
273 }
274
275 wil->isr_misc = isr;
276
277 if (isr) {
278 return IRQ_WAKE_THREAD;
279 } else {
280 wil6210_unmask_irq_misc(wil);
281 return IRQ_HANDLED;
282 }
283}
284
285static irqreturn_t wil6210_irq_misc_thread(int irq, void *cookie)
286{
287 struct wil6210_priv *wil = cookie;
288 u32 isr = wil->isr_misc;
289
290 wil_dbg_irq(wil, "Thread ISR MISC 0x%08x\n", isr);
291
292 if (isr & ISR_MISC_MBOX_EVT) {
293 wil_dbg_irq(wil, "MBOX event\n");
294 wmi_recv_cmd(wil);
295 isr &= ~ISR_MISC_MBOX_EVT;
296 }
297
298 if (isr)
299 wil_err(wil, "un-handled MISC ISR bits 0x%08x\n", isr);
300
301 wil->isr_misc = 0;
302
303 wil6210_unmask_irq_misc(wil);
304
305 return IRQ_HANDLED;
306}
307
308/**
309 * thread IRQ handler
310 */
311static irqreturn_t wil6210_thread_irq(int irq, void *cookie)
312{
313 struct wil6210_priv *wil = cookie;
314
315 wil_dbg_irq(wil, "Thread IRQ\n");
316 /* Discover real IRQ cause */
317 if (wil->isr_misc)
318 wil6210_irq_misc_thread(irq, cookie);
319
320 wil6210_unmask_irq_pseudo(wil);
321
322 return IRQ_HANDLED;
323}
324
325/* DEBUG
326 * There is subtle bug in hardware that causes IRQ to raise when it should be
327 * masked. It is quite rare and hard to debug.
328 *
329 * Catch irq issue if it happens and print all I can.
330 */
331static int wil6210_debug_irq_mask(struct wil6210_priv *wil, u32 pseudo_cause)
332{
333 if (!test_bit(wil_status_irqen, &wil->status)) {
334 u32 icm_rx = wil_ioread32_and_clear(wil->csr +
335 HOSTADDR(RGF_DMA_EP_RX_ICR) +
336 offsetof(struct RGF_ICR, ICM));
337 u32 icr_rx = wil_ioread32_and_clear(wil->csr +
338 HOSTADDR(RGF_DMA_EP_RX_ICR) +
339 offsetof(struct RGF_ICR, ICR));
340 u32 imv_rx = ioread32(wil->csr +
341 HOSTADDR(RGF_DMA_EP_RX_ICR) +
342 offsetof(struct RGF_ICR, IMV));
343 u32 icm_tx = wil_ioread32_and_clear(wil->csr +
344 HOSTADDR(RGF_DMA_EP_TX_ICR) +
345 offsetof(struct RGF_ICR, ICM));
346 u32 icr_tx = wil_ioread32_and_clear(wil->csr +
347 HOSTADDR(RGF_DMA_EP_TX_ICR) +
348 offsetof(struct RGF_ICR, ICR));
349 u32 imv_tx = ioread32(wil->csr +
350 HOSTADDR(RGF_DMA_EP_TX_ICR) +
351 offsetof(struct RGF_ICR, IMV));
352 u32 icm_misc = wil_ioread32_and_clear(wil->csr +
353 HOSTADDR(RGF_DMA_EP_MISC_ICR) +
354 offsetof(struct RGF_ICR, ICM));
355 u32 icr_misc = wil_ioread32_and_clear(wil->csr +
356 HOSTADDR(RGF_DMA_EP_MISC_ICR) +
357 offsetof(struct RGF_ICR, ICR));
358 u32 imv_misc = ioread32(wil->csr +
359 HOSTADDR(RGF_DMA_EP_MISC_ICR) +
360 offsetof(struct RGF_ICR, IMV));
361 wil_err(wil, "IRQ when it should be masked: pseudo 0x%08x\n"
362 "Rx icm:icr:imv 0x%08x 0x%08x 0x%08x\n"
363 "Tx icm:icr:imv 0x%08x 0x%08x 0x%08x\n"
364 "Misc icm:icr:imv 0x%08x 0x%08x 0x%08x\n",
365 pseudo_cause,
366 icm_rx, icr_rx, imv_rx,
367 icm_tx, icr_tx, imv_tx,
368 icm_misc, icr_misc, imv_misc);
369
370 return -EINVAL;
371 }
372
373 return 0;
374}
375
376static irqreturn_t wil6210_hardirq(int irq, void *cookie)
377{
378 irqreturn_t rc = IRQ_HANDLED;
379 struct wil6210_priv *wil = cookie;
380 u32 pseudo_cause = ioread32(wil->csr + HOSTADDR(RGF_DMA_PSEUDO_CAUSE));
381
382 /**
383 * pseudo_cause is Clear-On-Read, no need to ACK
384 */
385 if ((pseudo_cause == 0) || ((pseudo_cause & 0xff) == 0xff))
386 return IRQ_NONE;
387
388 /* FIXME: IRQ mask debug */
389 if (wil6210_debug_irq_mask(wil, pseudo_cause))
390 return IRQ_NONE;
391
392 wil_dbg_irq(wil, "Pseudo IRQ 0x%08x\n", pseudo_cause);
393
394 wil6210_mask_irq_pseudo(wil);
395
396 /* Discover real IRQ cause
397 * There are 2 possible phases for every IRQ:
398 * - hard IRQ handler called right here
399 * - threaded handler called later
400 *
401 * Hard IRQ handler reads and clears ISR.
402 *
403 * If threaded handler requested, hard IRQ handler
404 * returns IRQ_WAKE_THREAD and saves ISR register value
405 * for the threaded handler use.
406 *
407 * voting for wake thread - need at least 1 vote
408 */
409 if ((pseudo_cause & BIT_DMA_PSEUDO_CAUSE_RX) &&
410 (wil6210_irq_rx(irq, cookie) == IRQ_WAKE_THREAD))
411 rc = IRQ_WAKE_THREAD;
412
413 if ((pseudo_cause & BIT_DMA_PSEUDO_CAUSE_TX) &&
414 (wil6210_irq_tx(irq, cookie) == IRQ_WAKE_THREAD))
415 rc = IRQ_WAKE_THREAD;
416
417 if ((pseudo_cause & BIT_DMA_PSEUDO_CAUSE_MISC) &&
418 (wil6210_irq_misc(irq, cookie) == IRQ_WAKE_THREAD))
419 rc = IRQ_WAKE_THREAD;
420
421 /* if thread is requested, it will unmask IRQ */
422 if (rc != IRQ_WAKE_THREAD)
423 wil6210_unmask_irq_pseudo(wil);
424
425 return rc;
426}
427
428static int wil6210_request_3msi(struct wil6210_priv *wil, int irq)
429{
430 int rc;
431 /*
432 * IRQ's are in the following order:
433 * - Tx
434 * - Rx
435 * - Misc
436 */
437
438 rc = request_irq(irq, wil6210_irq_tx, IRQF_SHARED,
439 WIL_NAME"_tx", wil);
440 if (rc)
441 return rc;
442
443 rc = request_irq(irq + 1, wil6210_irq_rx, IRQF_SHARED,
444 WIL_NAME"_rx", wil);
445 if (rc)
446 goto free0;
447
448 rc = request_threaded_irq(irq + 2, wil6210_irq_misc,
449 wil6210_irq_misc_thread,
450 IRQF_SHARED, WIL_NAME"_misc", wil);
451 if (rc)
452 goto free1;
453
454 return 0;
455 /* error branch */
456free1:
457 free_irq(irq + 1, wil);
458free0:
459 free_irq(irq, wil);
460
461 return rc;
462}
463
464int wil6210_init_irq(struct wil6210_priv *wil, int irq)
465{
466 int rc;
467 if (wil->n_msi == 3)
468 rc = wil6210_request_3msi(wil, irq);
469 else
470 rc = request_threaded_irq(irq, wil6210_hardirq,
471 wil6210_thread_irq,
472 wil->n_msi ? 0 : IRQF_SHARED,
473 WIL_NAME, wil);
474 if (rc)
475 return rc;
476
477 wil6210_enable_irq(wil);
478
479 return 0;
480}
481
482void wil6210_fini_irq(struct wil6210_priv *wil, int irq)
483{
484 wil6210_disable_irq(wil);
485 free_irq(irq, wil);
486 if (wil->n_msi == 3) {
487 free_irq(irq + 1, wil);
488 free_irq(irq + 2, wil);
489 }
490}
diff --git a/drivers/net/wireless/ath/wil6210/main.c b/drivers/net/wireless/ath/wil6210/main.c
new file mode 100644
index 000000000000..761c389586d4
--- /dev/null
+++ b/drivers/net/wireless/ath/wil6210/main.c
@@ -0,0 +1,410 @@
1/*
2 * Copyright (c) 2012 Qualcomm Atheros, Inc.
3 *
4 * Permission to use, copy, modify, and/or distribute this software for any
5 * purpose with or without fee is hereby granted, provided that the above
6 * copyright notice and this permission notice appear in all copies.
7 *
8 * THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES
9 * WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF
10 * MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR
11 * ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES
12 * WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN
13 * ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF
14 * OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE.
15 */
16
17#include <linux/kernel.h>
18#include <linux/netdevice.h>
19#include <linux/sched.h>
20#include <linux/ieee80211.h>
21#include <linux/wireless.h>
22#include <linux/slab.h>
23#include <linux/moduleparam.h>
24#include <linux/if_arp.h>
25
26#include "wil6210.h"
27
28/*
29 * Due to a hardware issue,
30 * one has to read/write to/from NIC in 32-bit chunks;
31 * regular memcpy_fromio and siblings will
32 * not work on 64-bit platform - it uses 64-bit transactions
33 *
34 * Force 32-bit transactions to enable NIC on 64-bit platforms
35 *
36 * To avoid byte swap on big endian host, __raw_{read|write}l
37 * should be used - {read|write}l would swap bytes to provide
38 * little endian on PCI value in host endianness.
39 */
40void wil_memcpy_fromio_32(void *dst, const volatile void __iomem *src,
41 size_t count)
42{
43 u32 *d = dst;
44 const volatile u32 __iomem *s = src;
45
46 /* size_t is unsigned, if (count%4 != 0) it will wrap */
47 for (count += 4; count > 4; count -= 4)
48 *d++ = __raw_readl(s++);
49}
50
51void wil_memcpy_toio_32(volatile void __iomem *dst, const void *src,
52 size_t count)
53{
54 volatile u32 __iomem *d = dst;
55 const u32 *s = src;
56
57 for (count += 4; count > 4; count -= 4)
58 __raw_writel(*s++, d++);
59}
60
61static void _wil6210_disconnect(struct wil6210_priv *wil, void *bssid)
62{
63 uint i;
64 struct net_device *ndev = wil_to_ndev(wil);
65 struct wireless_dev *wdev = wil->wdev;
66
67 wil_dbg_misc(wil, "%s()\n", __func__);
68
69 wil_link_off(wil);
70 clear_bit(wil_status_fwconnected, &wil->status);
71
72 switch (wdev->sme_state) {
73 case CFG80211_SME_CONNECTED:
74 cfg80211_disconnected(ndev, WLAN_STATUS_UNSPECIFIED_FAILURE,
75 NULL, 0, GFP_KERNEL);
76 break;
77 case CFG80211_SME_CONNECTING:
78 cfg80211_connect_result(ndev, bssid, NULL, 0, NULL, 0,
79 WLAN_STATUS_UNSPECIFIED_FAILURE,
80 GFP_KERNEL);
81 break;
82 default:
83 break;
84 }
85
86 for (i = 0; i < ARRAY_SIZE(wil->vring_tx); i++)
87 wil_vring_fini_tx(wil, i);
88
89 clear_bit(wil_status_dontscan, &wil->status);
90}
91
92static void wil_disconnect_worker(struct work_struct *work)
93{
94 struct wil6210_priv *wil = container_of(work,
95 struct wil6210_priv, disconnect_worker);
96
97 _wil6210_disconnect(wil, NULL);
98}
99
100static void wil_connect_timer_fn(ulong x)
101{
102 struct wil6210_priv *wil = (void *)x;
103
104 wil_dbg_misc(wil, "Connect timeout\n");
105
106 /* reschedule to thread context - disconnect won't
107 * run from atomic context
108 */
109 schedule_work(&wil->disconnect_worker);
110}
111
112static void wil_cache_mbox_regs(struct wil6210_priv *wil)
113{
114 /* make shadow copy of registers that should not change on run time */
115 wil_memcpy_fromio_32(&wil->mbox_ctl, wil->csr + HOST_MBOX,
116 sizeof(struct wil6210_mbox_ctl));
117 wil_mbox_ring_le2cpus(&wil->mbox_ctl.rx);
118 wil_mbox_ring_le2cpus(&wil->mbox_ctl.tx);
119}
120
121int wil_priv_init(struct wil6210_priv *wil)
122{
123 wil_dbg_misc(wil, "%s()\n", __func__);
124
125 mutex_init(&wil->mutex);
126 mutex_init(&wil->wmi_mutex);
127
128 init_completion(&wil->wmi_ready);
129
130 wil->pending_connect_cid = -1;
131 setup_timer(&wil->connect_timer, wil_connect_timer_fn, (ulong)wil);
132
133 INIT_WORK(&wil->wmi_connect_worker, wmi_connect_worker);
134 INIT_WORK(&wil->disconnect_worker, wil_disconnect_worker);
135 INIT_WORK(&wil->wmi_event_worker, wmi_event_worker);
136
137 INIT_LIST_HEAD(&wil->pending_wmi_ev);
138 spin_lock_init(&wil->wmi_ev_lock);
139
140 wil->wmi_wq = create_singlethread_workqueue(WIL_NAME"_wmi");
141 if (!wil->wmi_wq)
142 return -EAGAIN;
143
144 wil->wmi_wq_conn = create_singlethread_workqueue(WIL_NAME"_connect");
145 if (!wil->wmi_wq_conn) {
146 destroy_workqueue(wil->wmi_wq);
147 return -EAGAIN;
148 }
149
150 wil_cache_mbox_regs(wil);
151
152 return 0;
153}
154
155void wil6210_disconnect(struct wil6210_priv *wil, void *bssid)
156{
157 del_timer_sync(&wil->connect_timer);
158 _wil6210_disconnect(wil, bssid);
159}
160
161void wil_priv_deinit(struct wil6210_priv *wil)
162{
163 cancel_work_sync(&wil->disconnect_worker);
164 wil6210_disconnect(wil, NULL);
165 wmi_event_flush(wil);
166 destroy_workqueue(wil->wmi_wq_conn);
167 destroy_workqueue(wil->wmi_wq);
168}
169
170static void wil_target_reset(struct wil6210_priv *wil)
171{
172 wil_dbg_misc(wil, "Resetting...\n");
173
174 /* register write */
175#define W(a, v) iowrite32(v, wil->csr + HOSTADDR(a))
176 /* register set = read, OR, write */
177#define S(a, v) iowrite32(ioread32(wil->csr + HOSTADDR(a)) | v, \
178 wil->csr + HOSTADDR(a))
179
180 /* hpal_perst_from_pad_src_n_mask */
181 S(RGF_USER_CLKS_CTL_SW_RST_MASK_0, BIT(6));
182 /* car_perst_rst_src_n_mask */
183 S(RGF_USER_CLKS_CTL_SW_RST_MASK_0, BIT(7));
184
185 W(RGF_USER_MAC_CPU_0, BIT(1)); /* mac_cpu_man_rst */
186 W(RGF_USER_USER_CPU_0, BIT(1)); /* user_cpu_man_rst */
187
188 msleep(100);
189
190 W(RGF_USER_CLKS_CTL_SW_RST_VEC_2, 0xFE000000);
191 W(RGF_USER_CLKS_CTL_SW_RST_VEC_1, 0x0000003F);
192 W(RGF_USER_CLKS_CTL_SW_RST_VEC_3, 0x00000170);
193 W(RGF_USER_CLKS_CTL_SW_RST_VEC_0, 0xFFE7FC00);
194
195 msleep(100);
196
197 W(RGF_USER_CLKS_CTL_SW_RST_VEC_3, 0);
198 W(RGF_USER_CLKS_CTL_SW_RST_VEC_2, 0);
199 W(RGF_USER_CLKS_CTL_SW_RST_VEC_1, 0);
200 W(RGF_USER_CLKS_CTL_SW_RST_VEC_0, 0);
201
202 W(RGF_USER_CLKS_CTL_SW_RST_VEC_3, 0x00000001);
203 W(RGF_USER_CLKS_CTL_SW_RST_VEC_2, 0x00000080);
204 W(RGF_USER_CLKS_CTL_SW_RST_VEC_0, 0);
205
206 msleep(2000);
207
208 W(RGF_USER_USER_CPU_0, BIT(0)); /* user_cpu_man_de_rst */
209
210 msleep(2000);
211
212 wil_dbg_misc(wil, "Reset completed\n");
213
214#undef W
215#undef S
216}
217
218void wil_mbox_ring_le2cpus(struct wil6210_mbox_ring *r)
219{
220 le32_to_cpus(&r->base);
221 le16_to_cpus(&r->entry_size);
222 le16_to_cpus(&r->size);
223 le32_to_cpus(&r->tail);
224 le32_to_cpus(&r->head);
225}
226
227static int wil_wait_for_fw_ready(struct wil6210_priv *wil)
228{
229 ulong to = msecs_to_jiffies(1000);
230 ulong left = wait_for_completion_timeout(&wil->wmi_ready, to);
231 if (0 == left) {
232 wil_err(wil, "Firmware not ready\n");
233 return -ETIME;
234 } else {
235 wil_dbg_misc(wil, "FW ready after %d ms\n",
236 jiffies_to_msecs(to-left));
237 }
238 return 0;
239}
240
241/*
242 * We reset all the structures, and we reset the UMAC.
243 * After calling this routine, you're expected to reload
244 * the firmware.
245 */
246int wil_reset(struct wil6210_priv *wil)
247{
248 int rc;
249
250 cancel_work_sync(&wil->disconnect_worker);
251 wil6210_disconnect(wil, NULL);
252
253 wil6210_disable_irq(wil);
254 wil->status = 0;
255
256 wmi_event_flush(wil);
257
258 flush_workqueue(wil->wmi_wq_conn);
259 flush_workqueue(wil->wmi_wq);
260
261 /* TODO: put MAC in reset */
262 wil_target_reset(wil);
263
264 /* init after reset */
265 wil->pending_connect_cid = -1;
266 INIT_COMPLETION(wil->wmi_ready);
267
268 wil_cache_mbox_regs(wil);
269
270 /* TODO: release MAC reset */
271 wil6210_enable_irq(wil);
272
273 /* we just started MAC, wait for FW ready */
274 rc = wil_wait_for_fw_ready(wil);
275
276 return rc;
277}
278
279
280void wil_link_on(struct wil6210_priv *wil)
281{
282 struct net_device *ndev = wil_to_ndev(wil);
283
284 wil_dbg_misc(wil, "%s()\n", __func__);
285
286 netif_carrier_on(ndev);
287 netif_tx_wake_all_queues(ndev);
288}
289
290void wil_link_off(struct wil6210_priv *wil)
291{
292 struct net_device *ndev = wil_to_ndev(wil);
293
294 wil_dbg_misc(wil, "%s()\n", __func__);
295
296 netif_tx_stop_all_queues(ndev);
297 netif_carrier_off(ndev);
298}
299
300static int __wil_up(struct wil6210_priv *wil)
301{
302 struct net_device *ndev = wil_to_ndev(wil);
303 struct wireless_dev *wdev = wil->wdev;
304 struct ieee80211_channel *channel = wdev->preset_chandef.chan;
305 int rc;
306 int bi;
307 u16 wmi_nettype = wil_iftype_nl2wmi(wdev->iftype);
308
309 rc = wil_reset(wil);
310 if (rc)
311 return rc;
312
313 /* FIXME Firmware works now in PBSS mode(ToDS=0, FromDS=0) */
314 wmi_nettype = wil_iftype_nl2wmi(NL80211_IFTYPE_ADHOC);
315 switch (wdev->iftype) {
316 case NL80211_IFTYPE_STATION:
317 wil_dbg_misc(wil, "type: STATION\n");
318 bi = 0;
319 ndev->type = ARPHRD_ETHER;
320 break;
321 case NL80211_IFTYPE_AP:
322 wil_dbg_misc(wil, "type: AP\n");
323 bi = 100;
324 ndev->type = ARPHRD_ETHER;
325 break;
326 case NL80211_IFTYPE_P2P_CLIENT:
327 wil_dbg_misc(wil, "type: P2P_CLIENT\n");
328 bi = 0;
329 ndev->type = ARPHRD_ETHER;
330 break;
331 case NL80211_IFTYPE_P2P_GO:
332 wil_dbg_misc(wil, "type: P2P_GO\n");
333 bi = 100;
334 ndev->type = ARPHRD_ETHER;
335 break;
336 case NL80211_IFTYPE_MONITOR:
337 wil_dbg_misc(wil, "type: Monitor\n");
338 bi = 0;
339 ndev->type = ARPHRD_IEEE80211_RADIOTAP;
340 /* ARPHRD_IEEE80211 or ARPHRD_IEEE80211_RADIOTAP ? */
341 break;
342 default:
343 return -EOPNOTSUPP;
344 }
345
346 /* Apply profile in the following order: */
347 /* SSID and channel for the AP */
348 switch (wdev->iftype) {
349 case NL80211_IFTYPE_AP:
350 case NL80211_IFTYPE_P2P_GO:
351 if (wdev->ssid_len == 0) {
352 wil_err(wil, "SSID not set\n");
353 return -EINVAL;
354 }
355 wmi_set_ssid(wil, wdev->ssid_len, wdev->ssid);
356 if (channel)
357 wmi_set_channel(wil, channel->hw_value);
358 break;
359 default:
360 break;
361 }
362
363 /* MAC address - pre-requisite for other commands */
364 wmi_set_mac_address(wil, ndev->dev_addr);
365
366 /* Set up beaconing if required. */
367 rc = wmi_set_bcon(wil, bi, wmi_nettype);
368 if (rc)
369 return rc;
370
371 /* Rx VRING. After MAC and beacon */
372 wil_rx_init(wil);
373
374 return 0;
375}
376
377int wil_up(struct wil6210_priv *wil)
378{
379 int rc;
380
381 mutex_lock(&wil->mutex);
382 rc = __wil_up(wil);
383 mutex_unlock(&wil->mutex);
384
385 return rc;
386}
387
388static int __wil_down(struct wil6210_priv *wil)
389{
390 if (wil->scan_request) {
391 cfg80211_scan_done(wil->scan_request, true);
392 wil->scan_request = NULL;
393 }
394
395 wil6210_disconnect(wil, NULL);
396 wil_rx_fini(wil);
397
398 return 0;
399}
400
401int wil_down(struct wil6210_priv *wil)
402{
403 int rc;
404
405 mutex_lock(&wil->mutex);
406 rc = __wil_down(wil);
407 mutex_unlock(&wil->mutex);
408
409 return rc;
410}
diff --git a/drivers/net/wireless/ath/wil6210/netdev.c b/drivers/net/wireless/ath/wil6210/netdev.c
new file mode 100644
index 000000000000..8ce2e33dce20
--- /dev/null
+++ b/drivers/net/wireless/ath/wil6210/netdev.c
@@ -0,0 +1,132 @@
1/*
2 * Copyright (c) 2012 Qualcomm Atheros, Inc.
3 *
4 * Permission to use, copy, modify, and/or distribute this software for any
5 * purpose with or without fee is hereby granted, provided that the above
6 * copyright notice and this permission notice appear in all copies.
7 *
8 * THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES
9 * WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF
10 * MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR
11 * ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES
12 * WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN
13 * ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF
14 * OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE.
15 */
16
17#include <linux/module.h>
18#include <linux/netdevice.h>
19#include <linux/etherdevice.h>
20#include <linux/slab.h>
21
22#include "wil6210.h"
23
24static int wil_open(struct net_device *ndev)
25{
26 struct wil6210_priv *wil = ndev_to_wil(ndev);
27
28 return wil_up(wil);
29}
30
31static int wil_stop(struct net_device *ndev)
32{
33 struct wil6210_priv *wil = ndev_to_wil(ndev);
34
35 return wil_down(wil);
36}
37
38static const struct net_device_ops wil_netdev_ops = {
39 .ndo_open = wil_open,
40 .ndo_stop = wil_stop,
41 .ndo_start_xmit = wil_start_xmit,
42 .ndo_set_mac_address = eth_mac_addr,
43 .ndo_validate_addr = eth_validate_addr,
44};
45
46void *wil_if_alloc(struct device *dev, void __iomem *csr)
47{
48 struct net_device *ndev;
49 struct wireless_dev *wdev;
50 struct wil6210_priv *wil;
51 struct ieee80211_channel *ch;
52 int rc = 0;
53
54 wdev = wil_cfg80211_init(dev);
55 if (IS_ERR(wdev)) {
56 dev_err(dev, "wil_cfg80211_init failed\n");
57 return wdev;
58 }
59
60 wil = wdev_to_wil(wdev);
61 wil->csr = csr;
62 wil->wdev = wdev;
63
64 rc = wil_priv_init(wil);
65 if (rc) {
66 dev_err(dev, "wil_priv_init failed\n");
67 goto out_wdev;
68 }
69
70 wdev->iftype = NL80211_IFTYPE_STATION; /* TODO */
71 /* default monitor channel */
72 ch = wdev->wiphy->bands[IEEE80211_BAND_60GHZ]->channels;
73 cfg80211_chandef_create(&wdev->preset_chandef, ch, NL80211_CHAN_NO_HT);
74
75 ndev = alloc_netdev(0, "wlan%d", ether_setup);
76 if (!ndev) {
77 dev_err(dev, "alloc_netdev_mqs failed\n");
78 rc = -ENOMEM;
79 goto out_priv;
80 }
81
82 ndev->netdev_ops = &wil_netdev_ops;
83 ndev->ieee80211_ptr = wdev;
84 SET_NETDEV_DEV(ndev, wiphy_dev(wdev->wiphy));
85 wdev->netdev = ndev;
86
87 wil_link_off(wil);
88
89 return wil;
90
91 out_priv:
92 wil_priv_deinit(wil);
93
94 out_wdev:
95 wil_wdev_free(wil);
96
97 return ERR_PTR(rc);
98}
99
100void wil_if_free(struct wil6210_priv *wil)
101{
102 struct net_device *ndev = wil_to_ndev(wil);
103 if (!ndev)
104 return;
105
106 free_netdev(ndev);
107 wil_priv_deinit(wil);
108 wil_wdev_free(wil);
109}
110
111int wil_if_add(struct wil6210_priv *wil)
112{
113 struct net_device *ndev = wil_to_ndev(wil);
114 int rc;
115
116 rc = register_netdev(ndev);
117 if (rc < 0) {
118 dev_err(&ndev->dev, "Failed to register netdev: %d\n", rc);
119 return rc;
120 }
121
122 wil_link_off(wil);
123
124 return 0;
125}
126
127void wil_if_remove(struct wil6210_priv *wil)
128{
129 struct net_device *ndev = wil_to_ndev(wil);
130
131 unregister_netdev(ndev);
132}
diff --git a/drivers/net/wireless/ath/wil6210/pcie_bus.c b/drivers/net/wireless/ath/wil6210/pcie_bus.c
new file mode 100644
index 000000000000..81c35c6e3832
--- /dev/null
+++ b/drivers/net/wireless/ath/wil6210/pcie_bus.c
@@ -0,0 +1,223 @@
1/*
2 * Copyright (c) 2012 Qualcomm Atheros, Inc.
3 *
4 * Permission to use, copy, modify, and/or distribute this software for any
5 * purpose with or without fee is hereby granted, provided that the above
6 * copyright notice and this permission notice appear in all copies.
7 *
8 * THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES
9 * WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF
10 * MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR
11 * ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES
12 * WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN
13 * ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF
14 * OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE.
15 */
16
17#include <linux/kernel.h>
18#include <linux/module.h>
19#include <linux/slab.h>
20#include <linux/netdevice.h>
21#include <linux/debugfs.h>
22#include <linux/pci.h>
23#include <linux/moduleparam.h>
24
25#include "wil6210.h"
26
27static int use_msi = 1;
28module_param(use_msi, int, S_IRUGO);
29MODULE_PARM_DESC(use_msi,
30 " Use MSI interrupt: "
31 "0 - don't, 1 - (default) - single, or 3");
32
33/* Bus ops */
34static int wil_if_pcie_enable(struct wil6210_priv *wil)
35{
36 struct pci_dev *pdev = wil->pdev;
37 int rc;
38
39 pci_set_master(pdev);
40
41 /*
42 * how many MSI interrupts to request?
43 */
44 switch (use_msi) {
45 case 3:
46 case 1:
47 case 0:
48 break;
49 default:
50 wil_err(wil, "Invalid use_msi=%d, default to 1\n",
51 use_msi);
52 use_msi = 1;
53 }
54 wil->n_msi = use_msi;
55 if (wil->n_msi) {
56 wil_dbg_misc(wil, "Setup %d MSI interrupts\n", use_msi);
57 rc = pci_enable_msi_block(pdev, wil->n_msi);
58 if (rc && (wil->n_msi == 3)) {
59 wil_err(wil, "3 MSI mode failed, try 1 MSI\n");
60 wil->n_msi = 1;
61 rc = pci_enable_msi_block(pdev, wil->n_msi);
62 }
63 if (rc) {
64 wil_err(wil, "pci_enable_msi failed, use INTx\n");
65 wil->n_msi = 0;
66 }
67 } else {
68 wil_dbg_misc(wil, "MSI interrupts disabled, use INTx\n");
69 }
70
71 rc = wil6210_init_irq(wil, pdev->irq);
72 if (rc)
73 goto stop_master;
74
75 /* need reset here to obtain MAC */
76 rc = wil_reset(wil);
77 if (rc)
78 goto release_irq;
79
80 return 0;
81
82 release_irq:
83 wil6210_fini_irq(wil, pdev->irq);
84 /* safe to call if no MSI */
85 pci_disable_msi(pdev);
86 stop_master:
87 pci_clear_master(pdev);
88 return rc;
89}
90
91static int wil_if_pcie_disable(struct wil6210_priv *wil)
92{
93 struct pci_dev *pdev = wil->pdev;
94
95 pci_clear_master(pdev);
96 /* disable and release IRQ */
97 wil6210_fini_irq(wil, pdev->irq);
98 /* safe to call if no MSI */
99 pci_disable_msi(pdev);
100 /* TODO: disable HW */
101
102 return 0;
103}
104
105static int wil_pcie_probe(struct pci_dev *pdev, const struct pci_device_id *id)
106{
107 struct wil6210_priv *wil;
108 struct device *dev = &pdev->dev;
109 void __iomem *csr;
110 int rc;
111
112 /* check HW */
113 dev_info(&pdev->dev, WIL_NAME " device found [%04x:%04x] (rev %x)\n",
114 (int)pdev->vendor, (int)pdev->device, (int)pdev->revision);
115
116 if (pci_resource_len(pdev, 0) != WIL6210_MEM_SIZE) {
117 dev_err(&pdev->dev, "Not " WIL_NAME "? "
118 "BAR0 size is %lu while expecting %lu\n",
119 (ulong)pci_resource_len(pdev, 0), WIL6210_MEM_SIZE);
120 return -ENODEV;
121 }
122
123 rc = pci_enable_device(pdev);
124 if (rc) {
125 dev_err(&pdev->dev, "pci_enable_device failed\n");
126 return -ENODEV;
127 }
128 /* rollback to err_disable_pdev */
129
130 rc = pci_request_region(pdev, 0, WIL_NAME);
131 if (rc) {
132 dev_err(&pdev->dev, "pci_request_region failed\n");
133 goto err_disable_pdev;
134 }
135 /* rollback to err_release_reg */
136
137 csr = pci_ioremap_bar(pdev, 0);
138 if (!csr) {
139 dev_err(&pdev->dev, "pci_ioremap_bar failed\n");
140 rc = -ENODEV;
141 goto err_release_reg;
142 }
143 /* rollback to err_iounmap */
144 dev_info(&pdev->dev, "CSR at %pR -> %p\n", &pdev->resource[0], csr);
145
146 wil = wil_if_alloc(dev, csr);
147 if (IS_ERR(wil)) {
148 rc = (int)PTR_ERR(wil);
149 dev_err(dev, "wil_if_alloc failed: %d\n", rc);
150 goto err_iounmap;
151 }
152 /* rollback to if_free */
153
154 pci_set_drvdata(pdev, wil);
155 wil->pdev = pdev;
156
157 /* FW should raise IRQ when ready */
158 rc = wil_if_pcie_enable(wil);
159 if (rc) {
160 wil_err(wil, "Enable device failed\n");
161 goto if_free;
162 }
163 /* rollback to bus_disable */
164
165 rc = wil_if_add(wil);
166 if (rc) {
167 wil_err(wil, "wil_if_add failed: %d\n", rc);
168 goto bus_disable;
169 }
170
171 wil6210_debugfs_init(wil);
172
173 /* check FW is alive */
174 wmi_echo(wil);
175
176 return 0;
177
178 bus_disable:
179 wil_if_pcie_disable(wil);
180 if_free:
181 wil_if_free(wil);
182 err_iounmap:
183 pci_iounmap(pdev, csr);
184 err_release_reg:
185 pci_release_region(pdev, 0);
186 err_disable_pdev:
187 pci_disable_device(pdev);
188
189 return rc;
190}
191
192static void wil_pcie_remove(struct pci_dev *pdev)
193{
194 struct wil6210_priv *wil = pci_get_drvdata(pdev);
195
196 wil6210_debugfs_remove(wil);
197 wil_if_pcie_disable(wil);
198 wil_if_remove(wil);
199 wil_if_free(wil);
200 pci_iounmap(pdev, wil->csr);
201 pci_release_region(pdev, 0);
202 pci_disable_device(pdev);
203 pci_set_drvdata(pdev, NULL);
204}
205
206static DEFINE_PCI_DEVICE_TABLE(wil6210_pcie_ids) = {
207 { PCI_DEVICE(0x1ae9, 0x0301) },
208 { /* end: all zeroes */ },
209};
210MODULE_DEVICE_TABLE(pci, wil6210_pcie_ids);
211
212static struct pci_driver wil6210_driver = {
213 .probe = wil_pcie_probe,
214 .remove = wil_pcie_remove,
215 .id_table = wil6210_pcie_ids,
216 .name = WIL_NAME,
217};
218
219module_pci_driver(wil6210_driver);
220
221MODULE_LICENSE("Dual BSD/GPL");
222MODULE_AUTHOR("Qualcomm Atheros <wil6210@qca.qualcomm.com>");
223MODULE_DESCRIPTION("Driver for 60g WiFi WIL6210 card");
diff --git a/drivers/net/wireless/ath/wil6210/txrx.c b/drivers/net/wireless/ath/wil6210/txrx.c
new file mode 100644
index 000000000000..64b971fdc3cc
--- /dev/null
+++ b/drivers/net/wireless/ath/wil6210/txrx.c
@@ -0,0 +1,826 @@
1/*
2 * Copyright (c) 2012 Qualcomm Atheros, Inc.
3 *
4 * Permission to use, copy, modify, and/or distribute this software for any
5 * purpose with or without fee is hereby granted, provided that the above
6 * copyright notice and this permission notice appear in all copies.
7 *
8 * THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES
9 * WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF
10 * MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR
11 * ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES
12 * WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN
13 * ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF
14 * OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE.
15 */
16
17#include <linux/kernel.h>
18#include <linux/netdevice.h>
19#include <linux/etherdevice.h>
20#include <linux/hardirq.h>
21#include <net/ieee80211_radiotap.h>
22#include <linux/if_arp.h>
23#include <linux/moduleparam.h>
24
25#include "wil6210.h"
26#include "wmi.h"
27#include "txrx.h"
28
29static bool rtap_include_phy_info;
30module_param(rtap_include_phy_info, bool, S_IRUGO);
31MODULE_PARM_DESC(rtap_include_phy_info,
32 " Include PHY info in the radiotap header, default - no");
33
34static inline int wil_vring_is_empty(struct vring *vring)
35{
36 return vring->swhead == vring->swtail;
37}
38
39static inline u32 wil_vring_next_tail(struct vring *vring)
40{
41 return (vring->swtail + 1) % vring->size;
42}
43
44static inline void wil_vring_advance_head(struct vring *vring, int n)
45{
46 vring->swhead = (vring->swhead + n) % vring->size;
47}
48
49static inline int wil_vring_is_full(struct vring *vring)
50{
51 return wil_vring_next_tail(vring) == vring->swhead;
52}
53/*
54 * Available space in Tx Vring
55 */
56static inline int wil_vring_avail_tx(struct vring *vring)
57{
58 u32 swhead = vring->swhead;
59 u32 swtail = vring->swtail;
60 int used = (vring->size + swhead - swtail) % vring->size;
61
62 return vring->size - used - 1;
63}
64
65static int wil_vring_alloc(struct wil6210_priv *wil, struct vring *vring)
66{
67 struct device *dev = wil_to_dev(wil);
68 size_t sz = vring->size * sizeof(vring->va[0]);
69 uint i;
70
71 BUILD_BUG_ON(sizeof(vring->va[0]) != 32);
72
73 vring->swhead = 0;
74 vring->swtail = 0;
75 vring->ctx = kzalloc(vring->size * sizeof(vring->ctx[0]), GFP_KERNEL);
76 if (!vring->ctx) {
77 wil_err(wil, "vring_alloc [%d] failed to alloc ctx mem\n",
78 vring->size);
79 vring->va = NULL;
80 return -ENOMEM;
81 }
82 /*
83 * vring->va should be aligned on its size rounded up to power of 2
84 * This is granted by the dma_alloc_coherent
85 */
86 vring->va = dma_alloc_coherent(dev, sz, &vring->pa, GFP_KERNEL);
87 if (!vring->va) {
88 wil_err(wil, "vring_alloc [%d] failed to alloc DMA mem\n",
89 vring->size);
90 kfree(vring->ctx);
91 vring->ctx = NULL;
92 return -ENOMEM;
93 }
94 /* initially, all descriptors are SW owned
95 * For Tx and Rx, ownership bit is at the same location, thus
96 * we can use any
97 */
98 for (i = 0; i < vring->size; i++) {
99 volatile struct vring_tx_desc *d = &(vring->va[i].tx);
100 d->dma.status = TX_DMA_STATUS_DU;
101 }
102
103 wil_dbg_misc(wil, "vring[%d] 0x%p:0x%016llx 0x%p\n", vring->size,
104 vring->va, (unsigned long long)vring->pa, vring->ctx);
105
106 return 0;
107}
108
109static void wil_vring_free(struct wil6210_priv *wil, struct vring *vring,
110 int tx)
111{
112 struct device *dev = wil_to_dev(wil);
113 size_t sz = vring->size * sizeof(vring->va[0]);
114
115 while (!wil_vring_is_empty(vring)) {
116 if (tx) {
117 volatile struct vring_tx_desc *d =
118 &vring->va[vring->swtail].tx;
119 dma_addr_t pa = d->dma.addr_low |
120 ((u64)d->dma.addr_high << 32);
121 struct sk_buff *skb = vring->ctx[vring->swtail];
122 if (skb) {
123 dma_unmap_single(dev, pa, d->dma.length,
124 DMA_TO_DEVICE);
125 dev_kfree_skb_any(skb);
126 vring->ctx[vring->swtail] = NULL;
127 } else {
128 dma_unmap_page(dev, pa, d->dma.length,
129 DMA_TO_DEVICE);
130 }
131 vring->swtail = wil_vring_next_tail(vring);
132 } else { /* rx */
133 volatile struct vring_rx_desc *d =
134 &vring->va[vring->swtail].rx;
135 dma_addr_t pa = d->dma.addr_low |
136 ((u64)d->dma.addr_high << 32);
137 struct sk_buff *skb = vring->ctx[vring->swhead];
138 dma_unmap_single(dev, pa, d->dma.length,
139 DMA_FROM_DEVICE);
140 kfree_skb(skb);
141 wil_vring_advance_head(vring, 1);
142 }
143 }
144 dma_free_coherent(dev, sz, (void *)vring->va, vring->pa);
145 kfree(vring->ctx);
146 vring->pa = 0;
147 vring->va = NULL;
148 vring->ctx = NULL;
149}
150
151/**
152 * Allocate one skb for Rx VRING
153 *
154 * Safe to call from IRQ
155 */
156static int wil_vring_alloc_skb(struct wil6210_priv *wil, struct vring *vring,
157 u32 i, int headroom)
158{
159 struct device *dev = wil_to_dev(wil);
160 unsigned int sz = RX_BUF_LEN;
161 volatile struct vring_rx_desc *d = &(vring->va[i].rx);
162 dma_addr_t pa;
163
164 /* TODO align */
165 struct sk_buff *skb = dev_alloc_skb(sz + headroom);
166 if (unlikely(!skb))
167 return -ENOMEM;
168
169 skb_reserve(skb, headroom);
170 skb_put(skb, sz);
171
172 pa = dma_map_single(dev, skb->data, skb->len, DMA_FROM_DEVICE);
173 if (unlikely(dma_mapping_error(dev, pa))) {
174 kfree_skb(skb);
175 return -ENOMEM;
176 }
177
178 d->dma.d0 = BIT(9) | RX_DMA_D0_CMD_DMA_IT;
179 d->dma.addr_low = lower_32_bits(pa);
180 d->dma.addr_high = (u16)upper_32_bits(pa);
181 /* ip_length don't care */
182 /* b11 don't care */
183 /* error don't care */
184 d->dma.status = 0; /* BIT(0) should be 0 for HW_OWNED */
185 d->dma.length = sz;
186 vring->ctx[i] = skb;
187
188 return 0;
189}
190
191/**
192 * Adds radiotap header
193 *
194 * Any error indicated as "Bad FCS"
195 *
196 * Vendor data for 04:ce:14-1 (Wilocity-1) consists of:
197 * - Rx descriptor: 32 bytes
198 * - Phy info
199 */
200static void wil_rx_add_radiotap_header(struct wil6210_priv *wil,
201 struct sk_buff *skb,
202 volatile struct vring_rx_desc *d)
203{
204 struct wireless_dev *wdev = wil->wdev;
205 struct wil6210_rtap {
206 struct ieee80211_radiotap_header rthdr;
207 /* fields should be in the order of bits in rthdr.it_present */
208 /* flags */
209 u8 flags;
210 /* channel */
211 __le16 chnl_freq __aligned(2);
212 __le16 chnl_flags;
213 /* MCS */
214 u8 mcs_present;
215 u8 mcs_flags;
216 u8 mcs_index;
217 } __packed;
218 struct wil6210_rtap_vendor {
219 struct wil6210_rtap rtap;
220 /* vendor */
221 u8 vendor_oui[3] __aligned(2);
222 u8 vendor_ns;
223 __le16 vendor_skip;
224 u8 vendor_data[0];
225 } __packed;
226 struct wil6210_rtap_vendor *rtap_vendor;
227 int rtap_len = sizeof(struct wil6210_rtap);
228 int phy_length = 0; /* phy info header size, bytes */
229 static char phy_data[128];
230 struct ieee80211_channel *ch = wdev->preset_chandef.chan;
231
232 if (rtap_include_phy_info) {
233 rtap_len = sizeof(*rtap_vendor) + sizeof(*d);
234 /* calculate additional length */
235 if (d->dma.status & RX_DMA_STATUS_PHY_INFO) {
236 /**
237 * PHY info starts from 8-byte boundary
238 * there are 8-byte lines, last line may be partially
239 * written (HW bug), thus FW configures for last line
240 * to be excessive. Driver skips this last line.
241 */
242 int len = min_t(int, 8 + sizeof(phy_data),
243 wil_rxdesc_phy_length(d));
244 if (len > 8) {
245 void *p = skb_tail_pointer(skb);
246 void *pa = PTR_ALIGN(p, 8);
247 if (skb_tailroom(skb) >= len + (pa - p)) {
248 phy_length = len - 8;
249 memcpy(phy_data, pa, phy_length);
250 }
251 }
252 }
253 rtap_len += phy_length;
254 }
255
256 if (skb_headroom(skb) < rtap_len &&
257 pskb_expand_head(skb, rtap_len, 0, GFP_ATOMIC)) {
258 wil_err(wil, "Unable to expand headrom to %d\n", rtap_len);
259 return;
260 }
261
262 rtap_vendor = (void *)skb_push(skb, rtap_len);
263 memset(rtap_vendor, 0, rtap_len);
264
265 rtap_vendor->rtap.rthdr.it_version = PKTHDR_RADIOTAP_VERSION;
266 rtap_vendor->rtap.rthdr.it_len = cpu_to_le16(rtap_len);
267 rtap_vendor->rtap.rthdr.it_present = cpu_to_le32(
268 (1 << IEEE80211_RADIOTAP_FLAGS) |
269 (1 << IEEE80211_RADIOTAP_CHANNEL) |
270 (1 << IEEE80211_RADIOTAP_MCS));
271 if (d->dma.status & RX_DMA_STATUS_ERROR)
272 rtap_vendor->rtap.flags |= IEEE80211_RADIOTAP_F_BADFCS;
273
274 rtap_vendor->rtap.chnl_freq = cpu_to_le16(ch ? ch->center_freq : 58320);
275 rtap_vendor->rtap.chnl_flags = cpu_to_le16(0);
276
277 rtap_vendor->rtap.mcs_present = IEEE80211_RADIOTAP_MCS_HAVE_MCS;
278 rtap_vendor->rtap.mcs_flags = 0;
279 rtap_vendor->rtap.mcs_index = wil_rxdesc_mcs(d);
280
281 if (rtap_include_phy_info) {
282 rtap_vendor->rtap.rthdr.it_present |= cpu_to_le32(1 <<
283 IEEE80211_RADIOTAP_VENDOR_NAMESPACE);
284 /* OUI for Wilocity 04:ce:14 */
285 rtap_vendor->vendor_oui[0] = 0x04;
286 rtap_vendor->vendor_oui[1] = 0xce;
287 rtap_vendor->vendor_oui[2] = 0x14;
288 rtap_vendor->vendor_ns = 1;
289 /* Rx descriptor + PHY data */
290 rtap_vendor->vendor_skip = cpu_to_le16(sizeof(*d) +
291 phy_length);
292 memcpy(rtap_vendor->vendor_data, (void *)d, sizeof(*d));
293 memcpy(rtap_vendor->vendor_data + sizeof(*d), phy_data,
294 phy_length);
295 }
296}
297
298/*
299 * Fast swap in place between 2 registers
300 */
301static void wil_swap_u16(u16 *a, u16 *b)
302{
303 *a ^= *b;
304 *b ^= *a;
305 *a ^= *b;
306}
307
308static void wil_swap_ethaddr(void *data)
309{
310 struct ethhdr *eth = data;
311 u16 *s = (u16 *)eth->h_source;
312 u16 *d = (u16 *)eth->h_dest;
313
314 wil_swap_u16(s++, d++);
315 wil_swap_u16(s++, d++);
316 wil_swap_u16(s, d);
317}
318
319/**
320 * reap 1 frame from @swhead
321 *
322 * Safe to call from IRQ
323 */
324static struct sk_buff *wil_vring_reap_rx(struct wil6210_priv *wil,
325 struct vring *vring)
326{
327 struct device *dev = wil_to_dev(wil);
328 struct net_device *ndev = wil_to_ndev(wil);
329 volatile struct vring_rx_desc *d;
330 struct sk_buff *skb;
331 dma_addr_t pa;
332 unsigned int sz = RX_BUF_LEN;
333 u8 ftype;
334 u8 ds_bits;
335
336 if (wil_vring_is_empty(vring))
337 return NULL;
338
339 d = &(vring->va[vring->swhead].rx);
340 if (!(d->dma.status & RX_DMA_STATUS_DU)) {
341 /* it is not error, we just reached end of Rx done area */
342 return NULL;
343 }
344
345 pa = d->dma.addr_low | ((u64)d->dma.addr_high << 32);
346 skb = vring->ctx[vring->swhead];
347 dma_unmap_single(dev, pa, sz, DMA_FROM_DEVICE);
348 skb_trim(skb, d->dma.length);
349
350 wil->stats.last_mcs_rx = wil_rxdesc_mcs(d);
351
352 /* use radiotap header only if required */
353 if (ndev->type == ARPHRD_IEEE80211_RADIOTAP)
354 wil_rx_add_radiotap_header(wil, skb, d);
355
356 wil_dbg_txrx(wil, "Rx[%3d] : %d bytes\n", vring->swhead, d->dma.length);
357 wil_hex_dump_txrx("Rx ", DUMP_PREFIX_NONE, 32, 4,
358 (const void *)d, sizeof(*d), false);
359
360 wil_vring_advance_head(vring, 1);
361
362 /* no extra checks if in sniffer mode */
363 if (ndev->type != ARPHRD_ETHER)
364 return skb;
365 /*
366 * Non-data frames may be delivered through Rx DMA channel (ex: BAR)
367 * Driver should recognize it by frame type, that is found
368 * in Rx descriptor. If type is not data, it is 802.11 frame as is
369 */
370 ftype = wil_rxdesc_ftype(d) << 2;
371 if (ftype != IEEE80211_FTYPE_DATA) {
372 wil_dbg_txrx(wil, "Non-data frame ftype 0x%08x\n", ftype);
373 /* TODO: process it */
374 kfree_skb(skb);
375 return NULL;
376 }
377
378 if (skb->len < ETH_HLEN) {
379 wil_err(wil, "Short frame, len = %d\n", skb->len);
380 /* TODO: process it (i.e. BAR) */
381 kfree_skb(skb);
382 return NULL;
383 }
384
385 ds_bits = wil_rxdesc_ds_bits(d);
386 if (ds_bits == 1) {
387 /*
388 * HW bug - in ToDS mode, i.e. Rx on AP side,
389 * addresses get swapped
390 */
391 wil_swap_ethaddr(skb->data);
392 }
393
394 return skb;
395}
396
397/**
398 * allocate and fill up to @count buffers in rx ring
399 * buffers posted at @swtail
400 */
401static int wil_rx_refill(struct wil6210_priv *wil, int count)
402{
403 struct net_device *ndev = wil_to_ndev(wil);
404 struct vring *v = &wil->vring_rx;
405 u32 next_tail;
406 int rc = 0;
407 int headroom = ndev->type == ARPHRD_IEEE80211_RADIOTAP ?
408 WIL6210_RTAP_SIZE : 0;
409
410 for (; next_tail = wil_vring_next_tail(v),
411 (next_tail != v->swhead) && (count-- > 0);
412 v->swtail = next_tail) {
413 rc = wil_vring_alloc_skb(wil, v, v->swtail, headroom);
414 if (rc) {
415 wil_err(wil, "Error %d in wil_rx_refill[%d]\n",
416 rc, v->swtail);
417 break;
418 }
419 }
420 iowrite32(v->swtail, wil->csr + HOSTADDR(v->hwtail));
421
422 return rc;
423}
424
425/*
426 * Pass Rx packet to the netif. Update statistics.
427 */
428static void wil_netif_rx_any(struct sk_buff *skb, struct net_device *ndev)
429{
430 int rc;
431 unsigned int len = skb->len;
432
433 skb_orphan(skb);
434
435 if (in_interrupt())
436 rc = netif_rx(skb);
437 else
438 rc = netif_rx_ni(skb);
439
440 if (likely(rc == NET_RX_SUCCESS)) {
441 ndev->stats.rx_packets++;
442 ndev->stats.rx_bytes += len;
443
444 } else {
445 ndev->stats.rx_dropped++;
446 }
447}
448
449/**
450 * Proceed all completed skb's from Rx VRING
451 *
452 * Safe to call from IRQ
453 */
454void wil_rx_handle(struct wil6210_priv *wil)
455{
456 struct net_device *ndev = wil_to_ndev(wil);
457 struct vring *v = &wil->vring_rx;
458 struct sk_buff *skb;
459
460 if (!v->va) {
461 wil_err(wil, "Rx IRQ while Rx not yet initialized\n");
462 return;
463 }
464 wil_dbg_txrx(wil, "%s()\n", __func__);
465 while (NULL != (skb = wil_vring_reap_rx(wil, v))) {
466 wil_hex_dump_txrx("Rx ", DUMP_PREFIX_OFFSET, 16, 1,
467 skb->data, skb_headlen(skb), false);
468
469 if (wil->wdev->iftype == NL80211_IFTYPE_MONITOR) {
470 skb->dev = ndev;
471 skb_reset_mac_header(skb);
472 skb->ip_summed = CHECKSUM_UNNECESSARY;
473 skb->pkt_type = PACKET_OTHERHOST;
474 skb->protocol = htons(ETH_P_802_2);
475
476 } else {
477 skb->protocol = eth_type_trans(skb, ndev);
478 }
479
480 wil_netif_rx_any(skb, ndev);
481 }
482 wil_rx_refill(wil, v->size);
483}
484
485int wil_rx_init(struct wil6210_priv *wil)
486{
487 struct vring *vring = &wil->vring_rx;
488 int rc;
489
490 vring->size = WIL6210_RX_RING_SIZE;
491 rc = wil_vring_alloc(wil, vring);
492 if (rc)
493 return rc;
494
495 rc = wmi_rx_chain_add(wil, vring);
496 if (rc)
497 goto err_free;
498
499 rc = wil_rx_refill(wil, vring->size);
500 if (rc)
501 goto err_free;
502
503 return 0;
504 err_free:
505 wil_vring_free(wil, vring, 0);
506
507 return rc;
508}
509
510void wil_rx_fini(struct wil6210_priv *wil)
511{
512 struct vring *vring = &wil->vring_rx;
513
514 if (vring->va)
515 wil_vring_free(wil, vring, 0);
516}
517
518int wil_vring_init_tx(struct wil6210_priv *wil, int id, int size,
519 int cid, int tid)
520{
521 int rc;
522 struct wmi_vring_cfg_cmd cmd = {
523 .action = cpu_to_le32(WMI_VRING_CMD_ADD),
524 .vring_cfg = {
525 .tx_sw_ring = {
526 .max_mpdu_size = cpu_to_le16(TX_BUF_LEN),
527 },
528 .ringid = id,
529 .cidxtid = (cid & 0xf) | ((tid & 0xf) << 4),
530 .encap_trans_type = WMI_VRING_ENC_TYPE_802_3,
531 .mac_ctrl = 0,
532 .to_resolution = 0,
533 .agg_max_wsize = 16,
534 .schd_params = {
535 .priority = cpu_to_le16(0),
536 .timeslot_us = cpu_to_le16(0xfff),
537 },
538 },
539 };
540 struct {
541 struct wil6210_mbox_hdr_wmi wmi;
542 struct wmi_vring_cfg_done_event cmd;
543 } __packed reply;
544 struct vring *vring = &wil->vring_tx[id];
545
546 if (vring->va) {
547 wil_err(wil, "Tx ring [%d] already allocated\n", id);
548 rc = -EINVAL;
549 goto out;
550 }
551
552 vring->size = size;
553 rc = wil_vring_alloc(wil, vring);
554 if (rc)
555 goto out;
556
557 cmd.vring_cfg.tx_sw_ring.ring_mem_base = cpu_to_le64(vring->pa);
558 cmd.vring_cfg.tx_sw_ring.ring_size = cpu_to_le16(vring->size);
559
560 rc = wmi_call(wil, WMI_VRING_CFG_CMDID, &cmd, sizeof(cmd),
561 WMI_VRING_CFG_DONE_EVENTID, &reply, sizeof(reply), 100);
562 if (rc)
563 goto out_free;
564
565 if (reply.cmd.status != WMI_VRING_CFG_SUCCESS) {
566 wil_err(wil, "Tx config failed, status 0x%02x\n",
567 reply.cmd.status);
568 rc = -EINVAL;
569 goto out_free;
570 }
571 vring->hwtail = le32_to_cpu(reply.cmd.tx_vring_tail_ptr);
572
573 return 0;
574 out_free:
575 wil_vring_free(wil, vring, 1);
576 out:
577
578 return rc;
579}
580
581void wil_vring_fini_tx(struct wil6210_priv *wil, int id)
582{
583 struct vring *vring = &wil->vring_tx[id];
584
585 if (!vring->va)
586 return;
587
588 wil_vring_free(wil, vring, 1);
589}
590
591static struct vring *wil_find_tx_vring(struct wil6210_priv *wil,
592 struct sk_buff *skb)
593{
594 struct vring *v = &wil->vring_tx[0];
595
596 if (v->va)
597 return v;
598
599 return NULL;
600}
601
602static int wil_tx_desc_map(volatile struct vring_tx_desc *d,
603 dma_addr_t pa, u32 len)
604{
605 d->dma.addr_low = lower_32_bits(pa);
606 d->dma.addr_high = (u16)upper_32_bits(pa);
607 d->dma.ip_length = 0;
608 /* 0..6: mac_length; 7:ip_version 0-IP6 1-IP4*/
609 d->dma.b11 = 0/*14 | BIT(7)*/;
610 d->dma.error = 0;
611 d->dma.status = 0; /* BIT(0) should be 0 for HW_OWNED */
612 d->dma.length = len;
613 d->dma.d0 = 0;
614 d->mac.d[0] = 0;
615 d->mac.d[1] = 0;
616 d->mac.d[2] = 0;
617 d->mac.ucode_cmd = 0;
618 /* use dst index 0 */
619 d->mac.d[1] |= BIT(MAC_CFG_DESC_TX_1_DST_INDEX_EN_POS) |
620 (0 << MAC_CFG_DESC_TX_1_DST_INDEX_POS);
621 /* translation type: 0 - bypass; 1 - 802.3; 2 - native wifi */
622 d->mac.d[2] = BIT(MAC_CFG_DESC_TX_2_SNAP_HDR_INSERTION_EN_POS) |
623 (1 << MAC_CFG_DESC_TX_2_L2_TRANSLATION_TYPE_POS);
624
625 return 0;
626}
627
628static int wil_tx_vring(struct wil6210_priv *wil, struct vring *vring,
629 struct sk_buff *skb)
630{
631 struct device *dev = wil_to_dev(wil);
632 volatile struct vring_tx_desc *d;
633 u32 swhead = vring->swhead;
634 int avail = wil_vring_avail_tx(vring);
635 int nr_frags = skb_shinfo(skb)->nr_frags;
636 uint f;
637 int vring_index = vring - wil->vring_tx;
638 uint i = swhead;
639 dma_addr_t pa;
640
641 wil_dbg_txrx(wil, "%s()\n", __func__);
642
643 if (avail < vring->size/8)
644 netif_tx_stop_all_queues(wil_to_ndev(wil));
645 if (avail < 1 + nr_frags) {
646 wil_err(wil, "Tx ring full. No space for %d fragments\n",
647 1 + nr_frags);
648 return -ENOMEM;
649 }
650 d = &(vring->va[i].tx);
651
652 /* FIXME FW can accept only unicast frames for the peer */
653 memcpy(skb->data, wil->dst_addr[vring_index], ETH_ALEN);
654
655 pa = dma_map_single(dev, skb->data,
656 skb_headlen(skb), DMA_TO_DEVICE);
657
658 wil_dbg_txrx(wil, "Tx skb %d bytes %p -> %#08llx\n", skb_headlen(skb),
659 skb->data, (unsigned long long)pa);
660 wil_hex_dump_txrx("Tx ", DUMP_PREFIX_OFFSET, 16, 1,
661 skb->data, skb_headlen(skb), false);
662
663 if (unlikely(dma_mapping_error(dev, pa)))
664 return -EINVAL;
665 /* 1-st segment */
666 wil_tx_desc_map(d, pa, skb_headlen(skb));
667 d->mac.d[2] |= ((nr_frags + 1) <<
668 MAC_CFG_DESC_TX_2_NUM_OF_DESCRIPTORS_POS);
669 /* middle segments */
670 for (f = 0; f < nr_frags; f++) {
671 const struct skb_frag_struct *frag =
672 &skb_shinfo(skb)->frags[f];
673 int len = skb_frag_size(frag);
674 i = (swhead + f + 1) % vring->size;
675 d = &(vring->va[i].tx);
676 pa = skb_frag_dma_map(dev, frag, 0, skb_frag_size(frag),
677 DMA_TO_DEVICE);
678 if (unlikely(dma_mapping_error(dev, pa)))
679 goto dma_error;
680 wil_tx_desc_map(d, pa, len);
681 vring->ctx[i] = NULL;
682 }
683 /* for the last seg only */
684 d->dma.d0 |= BIT(DMA_CFG_DESC_TX_0_CMD_EOP_POS);
685 d->dma.d0 |= BIT(9); /* BUG: undocumented bit */
686 d->dma.d0 |= BIT(DMA_CFG_DESC_TX_0_CMD_DMA_IT_POS);
687 d->dma.d0 |= (vring_index << DMA_CFG_DESC_TX_0_QID_POS);
688
689 wil_hex_dump_txrx("Tx ", DUMP_PREFIX_NONE, 32, 4,
690 (const void *)d, sizeof(*d), false);
691
692 /* advance swhead */
693 wil_vring_advance_head(vring, nr_frags + 1);
694 wil_dbg_txrx(wil, "Tx swhead %d -> %d\n", swhead, vring->swhead);
695 iowrite32(vring->swhead, wil->csr + HOSTADDR(vring->hwtail));
696 /* hold reference to skb
697 * to prevent skb release before accounting
698 * in case of immediate "tx done"
699 */
700 vring->ctx[i] = skb_get(skb);
701
702 return 0;
703 dma_error:
704 /* unmap what we have mapped */
705 /* Note: increment @f to operate with positive index */
706 for (f++; f > 0; f--) {
707 i = (swhead + f) % vring->size;
708 d = &(vring->va[i].tx);
709 d->dma.status = TX_DMA_STATUS_DU;
710 pa = d->dma.addr_low | ((u64)d->dma.addr_high << 32);
711 if (vring->ctx[i])
712 dma_unmap_single(dev, pa, d->dma.length, DMA_TO_DEVICE);
713 else
714 dma_unmap_page(dev, pa, d->dma.length, DMA_TO_DEVICE);
715 }
716
717 return -EINVAL;
718}
719
720
721netdev_tx_t wil_start_xmit(struct sk_buff *skb, struct net_device *ndev)
722{
723 struct wil6210_priv *wil = ndev_to_wil(ndev);
724 struct vring *vring;
725 int rc;
726
727 wil_dbg_txrx(wil, "%s()\n", __func__);
728 if (!test_bit(wil_status_fwready, &wil->status)) {
729 wil_err(wil, "FW not ready\n");
730 goto drop;
731 }
732 if (!test_bit(wil_status_fwconnected, &wil->status)) {
733 wil_err(wil, "FW not connected\n");
734 goto drop;
735 }
736 if (wil->wdev->iftype == NL80211_IFTYPE_MONITOR) {
737 wil_err(wil, "Xmit in monitor mode not supported\n");
738 goto drop;
739 }
740 if (skb->protocol == cpu_to_be16(ETH_P_PAE)) {
741 rc = wmi_tx_eapol(wil, skb);
742 } else {
743 /* find vring */
744 vring = wil_find_tx_vring(wil, skb);
745 if (!vring) {
746 wil_err(wil, "No Tx VRING available\n");
747 goto drop;
748 }
749 /* set up vring entry */
750 rc = wil_tx_vring(wil, vring, skb);
751 }
752 switch (rc) {
753 case 0:
754 /* statistics will be updated on the tx_complete */
755 dev_kfree_skb_any(skb);
756 return NETDEV_TX_OK;
757 case -ENOMEM:
758 return NETDEV_TX_BUSY;
759 default:
760 break; /* goto drop; */
761 }
762 drop:
763 netif_tx_stop_all_queues(ndev);
764 ndev->stats.tx_dropped++;
765 dev_kfree_skb_any(skb);
766
767 return NET_XMIT_DROP;
768}
769
770/**
771 * Clean up transmitted skb's from the Tx VRING
772 *
773 * Safe to call from IRQ
774 */
775void wil_tx_complete(struct wil6210_priv *wil, int ringid)
776{
777 struct net_device *ndev = wil_to_ndev(wil);
778 struct device *dev = wil_to_dev(wil);
779 struct vring *vring = &wil->vring_tx[ringid];
780
781 if (!vring->va) {
782 wil_err(wil, "Tx irq[%d]: vring not initialized\n", ringid);
783 return;
784 }
785
786 wil_dbg_txrx(wil, "%s(%d)\n", __func__, ringid);
787
788 while (!wil_vring_is_empty(vring)) {
789 volatile struct vring_tx_desc *d = &vring->va[vring->swtail].tx;
790 dma_addr_t pa;
791 struct sk_buff *skb;
792 if (!(d->dma.status & TX_DMA_STATUS_DU))
793 break;
794
795 wil_dbg_txrx(wil,
796 "Tx[%3d] : %d bytes, status 0x%02x err 0x%02x\n",
797 vring->swtail, d->dma.length, d->dma.status,
798 d->dma.error);
799 wil_hex_dump_txrx("TxC ", DUMP_PREFIX_NONE, 32, 4,
800 (const void *)d, sizeof(*d), false);
801
802 pa = d->dma.addr_low | ((u64)d->dma.addr_high << 32);
803 skb = vring->ctx[vring->swtail];
804 if (skb) {
805 if (d->dma.error == 0) {
806 ndev->stats.tx_packets++;
807 ndev->stats.tx_bytes += skb->len;
808 } else {
809 ndev->stats.tx_errors++;
810 }
811
812 dma_unmap_single(dev, pa, d->dma.length, DMA_TO_DEVICE);
813 dev_kfree_skb_any(skb);
814 vring->ctx[vring->swtail] = NULL;
815 } else {
816 dma_unmap_page(dev, pa, d->dma.length, DMA_TO_DEVICE);
817 }
818 d->dma.addr_low = 0;
819 d->dma.addr_high = 0;
820 d->dma.length = 0;
821 d->dma.status = TX_DMA_STATUS_DU;
822 vring->swtail = wil_vring_next_tail(vring);
823 }
824 if (wil_vring_avail_tx(vring) > vring->size/4)
825 netif_tx_wake_all_queues(wil_to_ndev(wil));
826}
diff --git a/drivers/net/wireless/ath/wil6210/txrx.h b/drivers/net/wireless/ath/wil6210/txrx.h
new file mode 100644
index 000000000000..45a61f597c5c
--- /dev/null
+++ b/drivers/net/wireless/ath/wil6210/txrx.h
@@ -0,0 +1,362 @@
1/*
2 * Copyright (c) 2012 Qualcomm Atheros, Inc.
3 *
4 * Permission to use, copy, modify, and/or distribute this software for any
5 * purpose with or without fee is hereby granted, provided that the above
6 * copyright notice and this permission notice appear in all copies.
7 *
8 * THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES
9 * WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF
10 * MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR
11 * ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES
12 * WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN
13 * ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF
14 * OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE.
15 */
16
17#ifndef WIL6210_TXRX_H
18#define WIL6210_TXRX_H
19
20#define BUF_SW_OWNED (1)
21#define BUF_HW_OWNED (0)
22
23/* size of max. Rx packet */
24#define RX_BUF_LEN (2048)
25#define TX_BUF_LEN (2048)
26/* how many bytes to reserve for rtap header? */
27#define WIL6210_RTAP_SIZE (128)
28
29/* Tx/Rx path */
30/*
31 * Tx descriptor - MAC part
32 * [dword 0]
33 * bit 0.. 9 : lifetime_expiry_value:10
34 * bit 10 : interrup_en:1
35 * bit 11 : status_en:1
36 * bit 12..13 : txss_override:2
37 * bit 14 : timestamp_insertion:1
38 * bit 15 : duration_preserve:1
39 * bit 16..21 : reserved0:6
40 * bit 22..26 : mcs_index:5
41 * bit 27 : mcs_en:1
42 * bit 28..29 : reserved1:2
43 * bit 30 : reserved2:1
44 * bit 31 : sn_preserved:1
45 * [dword 1]
46 * bit 0.. 3 : pkt_mode:4
47 * bit 4 : pkt_mode_en:1
48 * bit 5.. 7 : reserved0:3
49 * bit 8..13 : reserved1:6
50 * bit 14 : reserved2:1
51 * bit 15 : ack_policy_en:1
52 * bit 16..19 : dst_index:4
53 * bit 20 : dst_index_en:1
54 * bit 21..22 : ack_policy:2
55 * bit 23 : lifetime_en:1
56 * bit 24..30 : max_retry:7
57 * bit 31 : max_retry_en:1
58 * [dword 2]
59 * bit 0.. 7 : num_of_descriptors:8
60 * bit 8..17 : reserved:10
61 * bit 18..19 : l2_translation_type:2
62 * bit 20 : snap_hdr_insertion_en:1
63 * bit 21 : vlan_removal_en:1
64 * bit 22..31 : reserved0:10
65 * [dword 3]
66 * bit 0.. 31: ucode_cmd:32
67 */
68struct vring_tx_mac {
69 u32 d[3];
70 u32 ucode_cmd;
71} __packed;
72
73/* TX MAC Dword 0 */
74#define MAC_CFG_DESC_TX_0_LIFETIME_EXPIRY_VALUE_POS 0
75#define MAC_CFG_DESC_TX_0_LIFETIME_EXPIRY_VALUE_LEN 10
76#define MAC_CFG_DESC_TX_0_LIFETIME_EXPIRY_VALUE_MSK 0x3FF
77
78#define MAC_CFG_DESC_TX_0_INTERRUP_EN_POS 10
79#define MAC_CFG_DESC_TX_0_INTERRUP_EN_LEN 1
80#define MAC_CFG_DESC_TX_0_INTERRUP_EN_MSK 0x400
81
82#define MAC_CFG_DESC_TX_0_STATUS_EN_POS 11
83#define MAC_CFG_DESC_TX_0_STATUS_EN_LEN 1
84#define MAC_CFG_DESC_TX_0_STATUS_EN_MSK 0x800
85
86#define MAC_CFG_DESC_TX_0_TXSS_OVERRIDE_POS 12
87#define MAC_CFG_DESC_TX_0_TXSS_OVERRIDE_LEN 2
88#define MAC_CFG_DESC_TX_0_TXSS_OVERRIDE_MSK 0x3000
89
90#define MAC_CFG_DESC_TX_0_TIMESTAMP_INSERTION_POS 14
91#define MAC_CFG_DESC_TX_0_TIMESTAMP_INSERTION_LEN 1
92#define MAC_CFG_DESC_TX_0_TIMESTAMP_INSERTION_MSK 0x4000
93
94#define MAC_CFG_DESC_TX_0_DURATION_PRESERVE_POS 15
95#define MAC_CFG_DESC_TX_0_DURATION_PRESERVE_LEN 1
96#define MAC_CFG_DESC_TX_0_DURATION_PRESERVE_MSK 0x8000
97
98#define MAC_CFG_DESC_TX_0_MCS_INDEX_POS 22
99#define MAC_CFG_DESC_TX_0_MCS_INDEX_LEN 5
100#define MAC_CFG_DESC_TX_0_MCS_INDEX_MSK 0x7C00000
101
102#define MAC_CFG_DESC_TX_0_MCS_EN_POS 27
103#define MAC_CFG_DESC_TX_0_MCS_EN_LEN 1
104#define MAC_CFG_DESC_TX_0_MCS_EN_MSK 0x8000000
105
106#define MAC_CFG_DESC_TX_0_SN_PRESERVED_POS 31
107#define MAC_CFG_DESC_TX_0_SN_PRESERVED_LEN 1
108#define MAC_CFG_DESC_TX_0_SN_PRESERVED_MSK 0x80000000
109
110/* TX MAC Dword 1 */
111#define MAC_CFG_DESC_TX_1_PKT_MODE_POS 0
112#define MAC_CFG_DESC_TX_1_PKT_MODE_LEN 4
113#define MAC_CFG_DESC_TX_1_PKT_MODE_MSK 0xF
114
115#define MAC_CFG_DESC_TX_1_PKT_MODE_EN_POS 4
116#define MAC_CFG_DESC_TX_1_PKT_MODE_EN_LEN 1
117#define MAC_CFG_DESC_TX_1_PKT_MODE_EN_MSK 0x10
118
119#define MAC_CFG_DESC_TX_1_ACK_POLICY_EN_POS 15
120#define MAC_CFG_DESC_TX_1_ACK_POLICY_EN_LEN 1
121#define MAC_CFG_DESC_TX_1_ACK_POLICY_EN_MSK 0x8000
122
123#define MAC_CFG_DESC_TX_1_DST_INDEX_POS 16
124#define MAC_CFG_DESC_TX_1_DST_INDEX_LEN 4
125#define MAC_CFG_DESC_TX_1_DST_INDEX_MSK 0xF0000
126
127#define MAC_CFG_DESC_TX_1_DST_INDEX_EN_POS 20
128#define MAC_CFG_DESC_TX_1_DST_INDEX_EN_LEN 1
129#define MAC_CFG_DESC_TX_1_DST_INDEX_EN_MSK 0x100000
130
131#define MAC_CFG_DESC_TX_1_ACK_POLICY_POS 21
132#define MAC_CFG_DESC_TX_1_ACK_POLICY_LEN 2
133#define MAC_CFG_DESC_TX_1_ACK_POLICY_MSK 0x600000
134
135#define MAC_CFG_DESC_TX_1_LIFETIME_EN_POS 23
136#define MAC_CFG_DESC_TX_1_LIFETIME_EN_LEN 1
137#define MAC_CFG_DESC_TX_1_LIFETIME_EN_MSK 0x800000
138
139#define MAC_CFG_DESC_TX_1_MAX_RETRY_POS 24
140#define MAC_CFG_DESC_TX_1_MAX_RETRY_LEN 7
141#define MAC_CFG_DESC_TX_1_MAX_RETRY_MSK 0x7F000000
142
143#define MAC_CFG_DESC_TX_1_MAX_RETRY_EN_POS 31
144#define MAC_CFG_DESC_TX_1_MAX_RETRY_EN_LEN 1
145#define MAC_CFG_DESC_TX_1_MAX_RETRY_EN_MSK 0x80000000
146
147/* TX MAC Dword 2 */
148#define MAC_CFG_DESC_TX_2_NUM_OF_DESCRIPTORS_POS 0
149#define MAC_CFG_DESC_TX_2_NUM_OF_DESCRIPTORS_LEN 8
150#define MAC_CFG_DESC_TX_2_NUM_OF_DESCRIPTORS_MSK 0xFF
151
152#define MAC_CFG_DESC_TX_2_RESERVED_POS 8
153#define MAC_CFG_DESC_TX_2_RESERVED_LEN 10
154#define MAC_CFG_DESC_TX_2_RESERVED_MSK 0x3FF00
155
156#define MAC_CFG_DESC_TX_2_L2_TRANSLATION_TYPE_POS 18
157#define MAC_CFG_DESC_TX_2_L2_TRANSLATION_TYPE_LEN 2
158#define MAC_CFG_DESC_TX_2_L2_TRANSLATION_TYPE_MSK 0xC0000
159
160#define MAC_CFG_DESC_TX_2_SNAP_HDR_INSERTION_EN_POS 20
161#define MAC_CFG_DESC_TX_2_SNAP_HDR_INSERTION_EN_LEN 1
162#define MAC_CFG_DESC_TX_2_SNAP_HDR_INSERTION_EN_MSK 0x100000
163
164#define MAC_CFG_DESC_TX_2_VLAN_REMOVAL_EN_POS 21
165#define MAC_CFG_DESC_TX_2_VLAN_REMOVAL_EN_LEN 1
166#define MAC_CFG_DESC_TX_2_VLAN_REMOVAL_EN_MSK 0x200000
167
168/* TX MAC Dword 3 */
169#define MAC_CFG_DESC_TX_3_UCODE_CMD_POS 0
170#define MAC_CFG_DESC_TX_3_UCODE_CMD_LEN 32
171#define MAC_CFG_DESC_TX_3_UCODE_CMD_MSK 0xFFFFFFFF
172
173/* TX DMA Dword 0 */
174#define DMA_CFG_DESC_TX_0_L4_LENGTH_POS 0
175#define DMA_CFG_DESC_TX_0_L4_LENGTH_LEN 8
176#define DMA_CFG_DESC_TX_0_L4_LENGTH_MSK 0xFF
177
178#define DMA_CFG_DESC_TX_0_CMD_EOP_POS 8
179#define DMA_CFG_DESC_TX_0_CMD_EOP_LEN 1
180#define DMA_CFG_DESC_TX_0_CMD_EOP_MSK 0x100
181
182#define DMA_CFG_DESC_TX_0_CMD_DMA_IT_POS 10
183#define DMA_CFG_DESC_TX_0_CMD_DMA_IT_LEN 1
184#define DMA_CFG_DESC_TX_0_CMD_DMA_IT_MSK 0x400
185
186#define DMA_CFG_DESC_TX_0_SEGMENT_BUF_DETAILS_POS 11
187#define DMA_CFG_DESC_TX_0_SEGMENT_BUF_DETAILS_LEN 2
188#define DMA_CFG_DESC_TX_0_SEGMENT_BUF_DETAILS_MSK 0x1800
189
190#define DMA_CFG_DESC_TX_0_TCP_SEG_EN_POS 13
191#define DMA_CFG_DESC_TX_0_TCP_SEG_EN_LEN 1
192#define DMA_CFG_DESC_TX_0_TCP_SEG_EN_MSK 0x2000
193
194#define DMA_CFG_DESC_TX_0_IPV4_CHECKSUM_EN_POS 14
195#define DMA_CFG_DESC_TX_0_IPV4_CHECKSUM_EN_LEN 1
196#define DMA_CFG_DESC_TX_0_IPV4_CHECKSUM_EN_MSK 0x4000
197
198#define DMA_CFG_DESC_TX_0_TCP_UDP_CHECKSUM_EN_POS 15
199#define DMA_CFG_DESC_TX_0_TCP_UDP_CHECKSUM_EN_LEN 1
200#define DMA_CFG_DESC_TX_0_TCP_UDP_CHECKSUM_EN_MSK 0x8000
201
202#define DMA_CFG_DESC_TX_0_QID_POS 16
203#define DMA_CFG_DESC_TX_0_QID_LEN 5
204#define DMA_CFG_DESC_TX_0_QID_MSK 0x1F0000
205
206#define DMA_CFG_DESC_TX_0_PSEUDO_HEADER_CALC_EN_POS 21
207#define DMA_CFG_DESC_TX_0_PSEUDO_HEADER_CALC_EN_LEN 1
208#define DMA_CFG_DESC_TX_0_PSEUDO_HEADER_CALC_EN_MSK 0x200000
209
210#define DMA_CFG_DESC_TX_0_L4_TYPE_POS 30
211#define DMA_CFG_DESC_TX_0_L4_TYPE_LEN 2
212#define DMA_CFG_DESC_TX_0_L4_TYPE_MSK 0xC0000000
213
214
215#define TX_DMA_STATUS_DU BIT(0)
216
217struct vring_tx_dma {
218 u32 d0;
219 u32 addr_low;
220 u16 addr_high;
221 u8 ip_length;
222 u8 b11; /* 0..6: mac_length; 7:ip_version */
223 u8 error; /* 0..2: err; 3..7: reserved; */
224 u8 status; /* 0: used; 1..7; reserved */
225 u16 length;
226} __packed;
227
228/*
229 * Rx descriptor - MAC part
230 * [dword 0]
231 * bit 0.. 3 : tid:4 The QoS (b3-0) TID Field
232 * bit 4.. 6 : connection_id:3 :The Source index that was found during
233 * Parsing the TA. This field is used to define the source of the packet
234 * bit 7 : reserved:1
235 * bit 8.. 9 : mac_id:2 : The MAC virtual Ring number (always zero)
236 * bit 10..11 : frame_type:2 : The FC Control (b3-2) - MPDU Type
237 * (management, data, control and extension)
238 * bit 12..15 : frame_subtype:4 : The FC Control (b7-4) - Frame Subtype
239 * bit 16..27 : seq_number:12 The received Sequence number field
240 * bit 28..31 : extended:4 extended subtype
241 * [dword 1]
242 * bit 0.. 3 : reserved
243 * bit 4.. 5 : key_id:2
244 * bit 6 : decrypt_bypass:1
245 * bit 7 : security:1
246 * bit 8.. 9 : ds_bits:2
247 * bit 10 : a_msdu_present:1 from qos header
248 * bit 11 : a_msdu_type:1 from qos header
249 * bit 12 : a_mpdu:1 part of AMPDU aggregation
250 * bit 13 : broadcast:1
251 * bit 14 : mutlicast:1
252 * bit 15 : reserved:1
253 * bit 16..20 : rx_mac_qid:5 The Queue Identifier that the packet
254 * is received from
255 * bit 21..24 : mcs:4
256 * bit 25..28 : mic_icr:4
257 * bit 29..31 : reserved:3
258 * [dword 2]
259 * bit 0.. 2 : time_slot:3 The timeslot that the MPDU is received
260 * bit 3 : fc_protocol_ver:1 The FC Control (b0) - Protocol Version
261 * bit 4 : fc_order:1 The FC Control (b15) -Order
262 * bit 5.. 7 : qos_ack_policy:3 The QoS (b6-5) ack policy Field
263 * bit 8 : esop:1 The QoS (b4) ESOP field
264 * bit 9 : qos_rdg_more_ppdu:1 The QoS (b9) RDG field
265 * bit 10..14 : qos_reserved:5 The QoS (b14-10) Reserved field
266 * bit 15 : qos_ac_constraint:1
267 * bit 16..31 : pn_15_0:16 low 2 bytes of PN
268 * [dword 3]
269 * bit 0..31 : pn_47_16:32 high 4 bytes of PN
270 */
271struct vring_rx_mac {
272 u32 d0;
273 u32 d1;
274 u16 w4;
275 u16 pn_15_0;
276 u32 pn_47_16;
277} __packed;
278
279/*
280 * Rx descriptor - DMA part
281 * [dword 0]
282 * bit 0.. 7 : l4_length:8 layer 4 length
283 * bit 8.. 9 : reserved:2
284 * bit 10 : cmd_dma_it:1
285 * bit 11..15 : reserved:5
286 * bit 16..29 : phy_info_length:14
287 * bit 30..31 : l4_type:2 valid if the L4I bit is set in the status field
288 * [dword 1]
289 * bit 0..31 : addr_low:32 The payload buffer low address
290 * [dword 2]
291 * bit 0..15 : addr_high:16 The payload buffer high address
292 * bit 16..23 : ip_length:8
293 * bit 24..30 : mac_length:7
294 * bit 31 : ip_version:1
295 * [dword 3]
296 * [byte 12] error
297 * [byte 13] status
298 * bit 0 : du:1
299 * bit 1 : eop:1
300 * bit 2 : error:1
301 * bit 3 : mi:1
302 * bit 4 : l3_identified:1
303 * bit 5 : l4_identified:1
304 * bit 6 : phy_info_included:1
305 * bit 7 : reserved:1
306 * [word 7] length
307 *
308 */
309
310#define RX_DMA_D0_CMD_DMA_IT BIT(10)
311
312#define RX_DMA_STATUS_DU BIT(0)
313#define RX_DMA_STATUS_ERROR BIT(2)
314#define RX_DMA_STATUS_PHY_INFO BIT(6)
315
316struct vring_rx_dma {
317 u32 d0;
318 u32 addr_low;
319 u16 addr_high;
320 u8 ip_length;
321 u8 b11;
322 u8 error;
323 u8 status;
324 u16 length;
325} __packed;
326
327struct vring_tx_desc {
328 struct vring_tx_mac mac;
329 struct vring_tx_dma dma;
330} __packed;
331
332struct vring_rx_desc {
333 struct vring_rx_mac mac;
334 struct vring_rx_dma dma;
335} __packed;
336
337union vring_desc {
338 struct vring_tx_desc tx;
339 struct vring_rx_desc rx;
340} __packed;
341
342static inline int wil_rxdesc_phy_length(volatile struct vring_rx_desc *d)
343{
344 return WIL_GET_BITS(d->dma.d0, 16, 29);
345}
346
347static inline int wil_rxdesc_mcs(volatile struct vring_rx_desc *d)
348{
349 return WIL_GET_BITS(d->mac.d1, 21, 24);
350}
351
352static inline int wil_rxdesc_ds_bits(volatile struct vring_rx_desc *d)
353{
354 return WIL_GET_BITS(d->mac.d1, 8, 9);
355}
356
357static inline int wil_rxdesc_ftype(volatile struct vring_rx_desc *d)
358{
359 return WIL_GET_BITS(d->mac.d0, 10, 11);
360}
361
362#endif /* WIL6210_TXRX_H */
diff --git a/drivers/net/wireless/ath/wil6210/wil6210.h b/drivers/net/wireless/ath/wil6210/wil6210.h
new file mode 100644
index 000000000000..aea961ff8f08
--- /dev/null
+++ b/drivers/net/wireless/ath/wil6210/wil6210.h
@@ -0,0 +1,363 @@
1/*
2 * Copyright (c) 2012 Qualcomm Atheros, Inc.
3 *
4 * Permission to use, copy, modify, and/or distribute this software for any
5 * purpose with or without fee is hereby granted, provided that the above
6 * copyright notice and this permission notice appear in all copies.
7 *
8 * THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES
9 * WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF
10 * MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR
11 * ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES
12 * WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN
13 * ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF
14 * OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE.
15 */
16
17#ifndef __WIL6210_H__
18#define __WIL6210_H__
19
20#include <linux/netdevice.h>
21#include <linux/wireless.h>
22#include <net/cfg80211.h>
23
24#include "dbg_hexdump.h"
25
26#define WIL_NAME "wil6210"
27
28/**
29 * extract bits [@b0:@b1] (inclusive) from the value @x
30 * it should be @b0 <= @b1, or result is incorrect
31 */
32static inline u32 WIL_GET_BITS(u32 x, int b0, int b1)
33{
34 return (x >> b0) & ((1 << (b1 - b0 + 1)) - 1);
35}
36
37#define WIL6210_MEM_SIZE (2*1024*1024UL)
38
39#define WIL6210_RX_RING_SIZE (128)
40#define WIL6210_TX_RING_SIZE (128)
41#define WIL6210_MAX_TX_RINGS (24)
42
43/* Hardware definitions begin */
44
45/*
46 * Mapping
47 * RGF File | Host addr | FW addr
48 * | |
49 * user_rgf | 0x000000 | 0x880000
50 * dma_rgf | 0x001000 | 0x881000
51 * pcie_rgf | 0x002000 | 0x882000
52 * | |
53 */
54
55/* Where various structures placed in host address space */
56#define WIL6210_FW_HOST_OFF (0x880000UL)
57
58#define HOSTADDR(fwaddr) (fwaddr - WIL6210_FW_HOST_OFF)
59
60/*
61 * Interrupt control registers block
62 *
63 * each interrupt controlled by the same bit in all registers
64 */
65struct RGF_ICR {
66 u32 ICC; /* Cause Control, RW: 0 - W1C, 1 - COR */
67 u32 ICR; /* Cause, W1C/COR depending on ICC */
68 u32 ICM; /* Cause masked (ICR & ~IMV), W1C/COR depending on ICC */
69 u32 ICS; /* Cause Set, WO */
70 u32 IMV; /* Mask, RW+S/C */
71 u32 IMS; /* Mask Set, write 1 to set */
72 u32 IMC; /* Mask Clear, write 1 to clear */
73} __packed;
74
75/* registers - FW addresses */
76#define RGF_USER_USER_SCRATCH_PAD (0x8802bc)
77#define RGF_USER_USER_ICR (0x880b4c) /* struct RGF_ICR */
78 #define BIT_USER_USER_ICR_SW_INT_2 BIT(18)
79#define RGF_USER_CLKS_CTL_SW_RST_MASK_0 (0x880b14)
80#define RGF_USER_MAC_CPU_0 (0x8801fc)
81#define RGF_USER_USER_CPU_0 (0x8801e0)
82#define RGF_USER_CLKS_CTL_SW_RST_VEC_0 (0x880b04)
83#define RGF_USER_CLKS_CTL_SW_RST_VEC_1 (0x880b08)
84#define RGF_USER_CLKS_CTL_SW_RST_VEC_2 (0x880b0c)
85#define RGF_USER_CLKS_CTL_SW_RST_VEC_3 (0x880b10)
86
87#define RGF_DMA_PSEUDO_CAUSE (0x881c68)
88#define RGF_DMA_PSEUDO_CAUSE_MASK_SW (0x881c6c)
89#define RGF_DMA_PSEUDO_CAUSE_MASK_FW (0x881c70)
90 #define BIT_DMA_PSEUDO_CAUSE_RX BIT(0)
91 #define BIT_DMA_PSEUDO_CAUSE_TX BIT(1)
92 #define BIT_DMA_PSEUDO_CAUSE_MISC BIT(2)
93
94#define RGF_DMA_EP_TX_ICR (0x881bb4) /* struct RGF_ICR */
95 #define BIT_DMA_EP_TX_ICR_TX_DONE BIT(0)
96 #define BIT_DMA_EP_TX_ICR_TX_DONE_N(n) BIT(n+1) /* n = [0..23] */
97#define RGF_DMA_EP_RX_ICR (0x881bd0) /* struct RGF_ICR */
98 #define BIT_DMA_EP_RX_ICR_RX_DONE BIT(0)
99#define RGF_DMA_EP_MISC_ICR (0x881bec) /* struct RGF_ICR */
100 #define BIT_DMA_EP_MISC_ICR_RX_HTRSH BIT(0)
101 #define BIT_DMA_EP_MISC_ICR_TX_NO_ACT BIT(1)
102 #define BIT_DMA_EP_MISC_ICR_FW_INT(n) BIT(28+n) /* n = [0..3] */
103
104/* Interrupt moderation control */
105#define RGF_DMA_ITR_CNT_TRSH (0x881c5c)
106#define RGF_DMA_ITR_CNT_DATA (0x881c60)
107#define RGF_DMA_ITR_CNT_CRL (0x881C64)
108 #define BIT_DMA_ITR_CNT_CRL_EN BIT(0)
109 #define BIT_DMA_ITR_CNT_CRL_EXT_TICK BIT(1)
110 #define BIT_DMA_ITR_CNT_CRL_FOREVER BIT(2)
111 #define BIT_DMA_ITR_CNT_CRL_CLR BIT(3)
112 #define BIT_DMA_ITR_CNT_CRL_REACH_TRSH BIT(4)
113
114/* popular locations */
115#define HOST_MBOX HOSTADDR(RGF_USER_USER_SCRATCH_PAD)
116#define HOST_SW_INT (HOSTADDR(RGF_USER_USER_ICR) + \
117 offsetof(struct RGF_ICR, ICS))
118#define SW_INT_MBOX BIT_USER_USER_ICR_SW_INT_2
119
120/* ISR register bits */
121#define ISR_MISC_FW_READY BIT_DMA_EP_MISC_ICR_FW_INT(0)
122#define ISR_MISC_MBOX_EVT BIT_DMA_EP_MISC_ICR_FW_INT(1)
123#define ISR_MISC_FW_ERROR BIT_DMA_EP_MISC_ICR_FW_INT(3)
124
125/* Hardware definitions end */
126
127struct wil6210_mbox_ring {
128 u32 base;
129 u16 entry_size; /* max. size of mbox entry, incl. all headers */
130 u16 size;
131 u32 tail;
132 u32 head;
133} __packed;
134
135struct wil6210_mbox_ring_desc {
136 __le32 sync;
137 __le32 addr;
138} __packed;
139
140/* at HOST_OFF_WIL6210_MBOX_CTL */
141struct wil6210_mbox_ctl {
142 struct wil6210_mbox_ring tx;
143 struct wil6210_mbox_ring rx;
144} __packed;
145
146struct wil6210_mbox_hdr {
147 __le16 seq;
148 __le16 len; /* payload, bytes after this header */
149 __le16 type;
150 u8 flags;
151 u8 reserved;
152} __packed;
153
154#define WIL_MBOX_HDR_TYPE_WMI (0)
155
156/* max. value for wil6210_mbox_hdr.len */
157#define MAX_MBOXITEM_SIZE (240)
158
159struct wil6210_mbox_hdr_wmi {
160 u8 reserved0[2];
161 __le16 id;
162 __le16 info1; /* bits [0..3] - device_id, rest - unused */
163 u8 reserved1[2];
164} __packed;
165
166struct pending_wmi_event {
167 struct list_head list;
168 struct {
169 struct wil6210_mbox_hdr hdr;
170 struct wil6210_mbox_hdr_wmi wmi;
171 u8 data[0];
172 } __packed event;
173};
174
175union vring_desc;
176
177struct vring {
178 dma_addr_t pa;
179 volatile union vring_desc *va; /* vring_desc[size], WriteBack by DMA */
180 u16 size; /* number of vring_desc elements */
181 u32 swtail;
182 u32 swhead;
183 u32 hwtail; /* write here to inform hw */
184 void **ctx; /* void *ctx[size] - software context */
185};
186
187enum { /* for wil6210_priv.status */
188 wil_status_fwready = 0,
189 wil_status_fwconnected,
190 wil_status_dontscan,
191 wil_status_irqen, /* FIXME: interrupts enabled - for debug */
192};
193
194struct pci_dev;
195
196struct wil6210_stats {
197 u64 tsf;
198 u32 snr;
199 u16 last_mcs_rx;
200 u16 bf_mcs; /* last BF, used for Tx */
201 u16 my_rx_sector;
202 u16 my_tx_sector;
203 u16 peer_rx_sector;
204 u16 peer_tx_sector;
205};
206
207struct wil6210_priv {
208 struct pci_dev *pdev;
209 int n_msi;
210 struct wireless_dev *wdev;
211 void __iomem *csr;
212 ulong status;
213 /* profile */
214 u32 monitor_flags;
215 u32 secure_pcp; /* create secure PCP? */
216 int sinfo_gen;
217 /* cached ISR registers */
218 u32 isr_misc;
219 /* mailbox related */
220 struct mutex wmi_mutex;
221 struct wil6210_mbox_ctl mbox_ctl;
222 struct completion wmi_ready;
223 u16 wmi_seq;
224 u16 reply_id; /**< wait for this WMI event */
225 void *reply_buf;
226 u16 reply_size;
227 struct workqueue_struct *wmi_wq; /* for deferred calls */
228 struct work_struct wmi_event_worker;
229 struct workqueue_struct *wmi_wq_conn; /* for connect worker */
230 struct work_struct wmi_connect_worker;
231 struct work_struct disconnect_worker;
232 struct timer_list connect_timer;
233 int pending_connect_cid;
234 struct list_head pending_wmi_ev;
235 /*
236 * protect pending_wmi_ev
237 * - fill in IRQ from wil6210_irq_misc,
238 * - consumed in thread by wmi_event_worker
239 */
240 spinlock_t wmi_ev_lock;
241 /* DMA related */
242 struct vring vring_rx;
243 struct vring vring_tx[WIL6210_MAX_TX_RINGS];
244 u8 dst_addr[WIL6210_MAX_TX_RINGS][ETH_ALEN];
245 /* scan */
246 struct cfg80211_scan_request *scan_request;
247
248 struct mutex mutex; /* for wil6210_priv access in wil_{up|down} */
249 /* statistics */
250 struct wil6210_stats stats;
251 /* debugfs */
252 struct dentry *debug;
253 struct debugfs_blob_wrapper fw_code_blob;
254 struct debugfs_blob_wrapper fw_data_blob;
255 struct debugfs_blob_wrapper fw_peri_blob;
256 struct debugfs_blob_wrapper uc_code_blob;
257 struct debugfs_blob_wrapper uc_data_blob;
258 struct debugfs_blob_wrapper rgf_blob;
259};
260
261#define wil_to_wiphy(i) (i->wdev->wiphy)
262#define wil_to_dev(i) (wiphy_dev(wil_to_wiphy(i)))
263#define wiphy_to_wil(w) (struct wil6210_priv *)(wiphy_priv(w))
264#define wil_to_wdev(i) (i->wdev)
265#define wdev_to_wil(w) (struct wil6210_priv *)(wdev_priv(w))
266#define wil_to_ndev(i) (wil_to_wdev(i)->netdev)
267#define ndev_to_wil(n) (wdev_to_wil(n->ieee80211_ptr))
268
269#define wil_dbg(wil, fmt, arg...) netdev_dbg(wil_to_ndev(wil), fmt, ##arg)
270#define wil_info(wil, fmt, arg...) netdev_info(wil_to_ndev(wil), fmt, ##arg)
271#define wil_err(wil, fmt, arg...) netdev_err(wil_to_ndev(wil), fmt, ##arg)
272
273#define wil_dbg_irq(wil, fmt, arg...) wil_dbg(wil, "DBG[ IRQ]" fmt, ##arg)
274#define wil_dbg_txrx(wil, fmt, arg...) wil_dbg(wil, "DBG[TXRX]" fmt, ##arg)
275#define wil_dbg_wmi(wil, fmt, arg...) wil_dbg(wil, "DBG[ WMI]" fmt, ##arg)
276#define wil_dbg_misc(wil, fmt, arg...) wil_dbg(wil, "DBG[MISC]" fmt, ##arg)
277
278#define wil_hex_dump_txrx(prefix_str, prefix_type, rowsize, \
279 groupsize, buf, len, ascii) \
280 wil_print_hex_dump_debug("DBG[TXRX]" prefix_str,\
281 prefix_type, rowsize, \
282 groupsize, buf, len, ascii)
283
284#define wil_hex_dump_wmi(prefix_str, prefix_type, rowsize, \
285 groupsize, buf, len, ascii) \
286 wil_print_hex_dump_debug("DBG[ WMI]" prefix_str,\
287 prefix_type, rowsize, \
288 groupsize, buf, len, ascii)
289
290void wil_memcpy_fromio_32(void *dst, const volatile void __iomem *src,
291 size_t count);
292void wil_memcpy_toio_32(volatile void __iomem *dst, const void *src,
293 size_t count);
294
295void *wil_if_alloc(struct device *dev, void __iomem *csr);
296void wil_if_free(struct wil6210_priv *wil);
297int wil_if_add(struct wil6210_priv *wil);
298void wil_if_remove(struct wil6210_priv *wil);
299int wil_priv_init(struct wil6210_priv *wil);
300void wil_priv_deinit(struct wil6210_priv *wil);
301int wil_reset(struct wil6210_priv *wil);
302void wil_link_on(struct wil6210_priv *wil);
303void wil_link_off(struct wil6210_priv *wil);
304int wil_up(struct wil6210_priv *wil);
305int wil_down(struct wil6210_priv *wil);
306void wil_mbox_ring_le2cpus(struct wil6210_mbox_ring *r);
307
308void __iomem *wmi_buffer(struct wil6210_priv *wil, __le32 ptr);
309void __iomem *wmi_addr(struct wil6210_priv *wil, u32 ptr);
310int wmi_read_hdr(struct wil6210_priv *wil, __le32 ptr,
311 struct wil6210_mbox_hdr *hdr);
312int wmi_send(struct wil6210_priv *wil, u16 cmdid, void *buf, u16 len);
313void wmi_recv_cmd(struct wil6210_priv *wil);
314int wmi_call(struct wil6210_priv *wil, u16 cmdid, void *buf, u16 len,
315 u16 reply_id, void *reply, u8 reply_size, int to_msec);
316void wmi_connect_worker(struct work_struct *work);
317void wmi_event_worker(struct work_struct *work);
318void wmi_event_flush(struct wil6210_priv *wil);
319int wmi_set_ssid(struct wil6210_priv *wil, u8 ssid_len, const void *ssid);
320int wmi_get_ssid(struct wil6210_priv *wil, u8 *ssid_len, void *ssid);
321int wmi_set_channel(struct wil6210_priv *wil, int channel);
322int wmi_get_channel(struct wil6210_priv *wil, int *channel);
323int wmi_tx_eapol(struct wil6210_priv *wil, struct sk_buff *skb);
324int wmi_del_cipher_key(struct wil6210_priv *wil, u8 key_index,
325 const void *mac_addr);
326int wmi_add_cipher_key(struct wil6210_priv *wil, u8 key_index,
327 const void *mac_addr, int key_len, const void *key);
328int wmi_echo(struct wil6210_priv *wil);
329int wmi_set_ie(struct wil6210_priv *wil, u8 type, u16 ie_len, const void *ie);
330int wmi_rx_chain_add(struct wil6210_priv *wil, struct vring *vring);
331
332int wil6210_init_irq(struct wil6210_priv *wil, int irq);
333void wil6210_fini_irq(struct wil6210_priv *wil, int irq);
334void wil6210_disable_irq(struct wil6210_priv *wil);
335void wil6210_enable_irq(struct wil6210_priv *wil);
336
337int wil6210_debugfs_init(struct wil6210_priv *wil);
338void wil6210_debugfs_remove(struct wil6210_priv *wil);
339
340struct wireless_dev *wil_cfg80211_init(struct device *dev);
341void wil_wdev_free(struct wil6210_priv *wil);
342
343int wmi_set_mac_address(struct wil6210_priv *wil, void *addr);
344int wmi_set_bcon(struct wil6210_priv *wil, int bi, u8 wmi_nettype);
345void wil6210_disconnect(struct wil6210_priv *wil, void *bssid);
346
347int wil_rx_init(struct wil6210_priv *wil);
348void wil_rx_fini(struct wil6210_priv *wil);
349
350/* TX API */
351int wil_vring_init_tx(struct wil6210_priv *wil, int id, int size,
352 int cid, int tid);
353void wil_vring_fini_tx(struct wil6210_priv *wil, int id);
354
355netdev_tx_t wil_start_xmit(struct sk_buff *skb, struct net_device *ndev);
356void wil_tx_complete(struct wil6210_priv *wil, int ringid);
357
358/* RX API */
359void wil_rx_handle(struct wil6210_priv *wil);
360
361int wil_iftype_nl2wmi(enum nl80211_iftype type);
362
363#endif /* __WIL6210_H__ */
diff --git a/drivers/net/wireless/ath/wil6210/wmi.c b/drivers/net/wireless/ath/wil6210/wmi.c
new file mode 100644
index 000000000000..0b70e17cd1fb
--- /dev/null
+++ b/drivers/net/wireless/ath/wil6210/wmi.c
@@ -0,0 +1,1024 @@
1/*
2 * Copyright (c) 2012 Qualcomm Atheros, Inc.
3 *
4 * Permission to use, copy, modify, and/or distribute this software for any
5 * purpose with or without fee is hereby granted, provided that the above
6 * copyright notice and this permission notice appear in all copies.
7 *
8 * THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES
9 * WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF
10 * MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR
11 * ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES
12 * WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN
13 * ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF
14 * OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE.
15 */
16
17#include <linux/pci.h>
18#include <linux/io.h>
19#include <linux/list.h>
20#include <linux/etherdevice.h>
21#include <linux/if_arp.h>
22
23#include "wil6210.h"
24#include "txrx.h"
25#include "wmi.h"
26
27/**
28 * WMI event receiving - theory of operations
29 *
30 * When firmware about to report WMI event, it fills memory area
31 * in the mailbox and raises misc. IRQ. Thread interrupt handler invoked for
32 * the misc IRQ, function @wmi_recv_cmd called by thread IRQ handler.
33 *
34 * @wmi_recv_cmd reads event, allocates memory chunk and attaches it to the
35 * event list @wil->pending_wmi_ev. Then, work queue @wil->wmi_wq wakes up
36 * and handles events within the @wmi_event_worker. Every event get detached
37 * from list, processed and deleted.
38 *
39 * Purpose for this mechanism is to release IRQ thread; otherwise,
40 * if WMI event handling involves another WMI command flow, this 2-nd flow
41 * won't be completed because of blocked IRQ thread.
42 */
43
44/**
45 * Addressing - theory of operations
46 *
47 * There are several buses present on the WIL6210 card.
48 * Same memory areas are visible at different address on
49 * the different busses. There are 3 main bus masters:
50 * - MAC CPU (ucode)
51 * - User CPU (firmware)
52 * - AHB (host)
53 *
54 * On the PCI bus, there is one BAR (BAR0) of 2Mb size, exposing
55 * AHB addresses starting from 0x880000
56 *
57 * Internally, firmware uses addresses that allows faster access but
58 * are invisible from the host. To read from these addresses, alternative
59 * AHB address must be used.
60 *
61 * Memory mapping
62 * Linker address PCI/Host address
63 * 0x880000 .. 0xa80000 2Mb BAR0
64 * 0x800000 .. 0x807000 0x900000 .. 0x907000 28k DCCM
65 * 0x840000 .. 0x857000 0x908000 .. 0x91f000 92k PERIPH
66 */
67
68/**
69 * @fw_mapping provides memory remapping table
70 */
71static const struct {
72 u32 from; /* linker address - from, inclusive */
73 u32 to; /* linker address - to, exclusive */
74 u32 host; /* PCI/Host address - BAR0 + 0x880000 */
75} fw_mapping[] = {
76 {0x000000, 0x040000, 0x8c0000}, /* FW code RAM 256k */
77 {0x800000, 0x808000, 0x900000}, /* FW data RAM 32k */
78 {0x840000, 0x860000, 0x908000}, /* peripheral data RAM 128k/96k used */
79 {0x880000, 0x88a000, 0x880000}, /* various RGF */
80 {0x8c0000, 0x932000, 0x8c0000}, /* trivial mapping for upper area */
81 /*
82 * 920000..930000 ucode code RAM
83 * 930000..932000 ucode data RAM
84 */
85};
86
87/**
88 * return AHB address for given firmware/ucode internal (linker) address
89 * @x - internal address
90 * If address have no valid AHB mapping, return 0
91 */
92static u32 wmi_addr_remap(u32 x)
93{
94 uint i;
95
96 for (i = 0; i < ARRAY_SIZE(fw_mapping); i++) {
97 if ((x >= fw_mapping[i].from) && (x < fw_mapping[i].to))
98 return x + fw_mapping[i].host - fw_mapping[i].from;
99 }
100
101 return 0;
102}
103
104/**
105 * Check address validity for WMI buffer; remap if needed
106 * @ptr - internal (linker) fw/ucode address
107 *
108 * Valid buffer should be DWORD aligned
109 *
110 * return address for accessing buffer from the host;
111 * if buffer is not valid, return NULL.
112 */
113void __iomem *wmi_buffer(struct wil6210_priv *wil, __le32 ptr_)
114{
115 u32 off;
116 u32 ptr = le32_to_cpu(ptr_);
117
118 if (ptr % 4)
119 return NULL;
120
121 ptr = wmi_addr_remap(ptr);
122 if (ptr < WIL6210_FW_HOST_OFF)
123 return NULL;
124
125 off = HOSTADDR(ptr);
126 if (off > WIL6210_MEM_SIZE - 4)
127 return NULL;
128
129 return wil->csr + off;
130}
131
132/**
133 * Check address validity
134 */
135void __iomem *wmi_addr(struct wil6210_priv *wil, u32 ptr)
136{
137 u32 off;
138
139 if (ptr % 4)
140 return NULL;
141
142 if (ptr < WIL6210_FW_HOST_OFF)
143 return NULL;
144
145 off = HOSTADDR(ptr);
146 if (off > WIL6210_MEM_SIZE - 4)
147 return NULL;
148
149 return wil->csr + off;
150}
151
152int wmi_read_hdr(struct wil6210_priv *wil, __le32 ptr,
153 struct wil6210_mbox_hdr *hdr)
154{
155 void __iomem *src = wmi_buffer(wil, ptr);
156 if (!src)
157 return -EINVAL;
158
159 wil_memcpy_fromio_32(hdr, src, sizeof(*hdr));
160
161 return 0;
162}
163
164static int __wmi_send(struct wil6210_priv *wil, u16 cmdid, void *buf, u16 len)
165{
166 struct {
167 struct wil6210_mbox_hdr hdr;
168 struct wil6210_mbox_hdr_wmi wmi;
169 } __packed cmd = {
170 .hdr = {
171 .type = WIL_MBOX_HDR_TYPE_WMI,
172 .flags = 0,
173 .len = cpu_to_le16(sizeof(cmd.wmi) + len),
174 },
175 .wmi = {
176 .id = cpu_to_le16(cmdid),
177 .info1 = 0,
178 },
179 };
180 struct wil6210_mbox_ring *r = &wil->mbox_ctl.tx;
181 struct wil6210_mbox_ring_desc d_head;
182 u32 next_head;
183 void __iomem *dst;
184 void __iomem *head = wmi_addr(wil, r->head);
185 uint retry;
186
187 if (sizeof(cmd) + len > r->entry_size) {
188 wil_err(wil, "WMI size too large: %d bytes, max is %d\n",
189 (int)(sizeof(cmd) + len), r->entry_size);
190 return -ERANGE;
191 }
192
193 might_sleep();
194
195 if (!test_bit(wil_status_fwready, &wil->status)) {
196 wil_err(wil, "FW not ready\n");
197 return -EAGAIN;
198 }
199
200 if (!head) {
201 wil_err(wil, "WMI head is garbage: 0x%08x\n", r->head);
202 return -EINVAL;
203 }
204 /* read Tx head till it is not busy */
205 for (retry = 5; retry > 0; retry--) {
206 wil_memcpy_fromio_32(&d_head, head, sizeof(d_head));
207 if (d_head.sync == 0)
208 break;
209 msleep(20);
210 }
211 if (d_head.sync != 0) {
212 wil_err(wil, "WMI head busy\n");
213 return -EBUSY;
214 }
215 /* next head */
216 next_head = r->base + ((r->head - r->base + sizeof(d_head)) % r->size);
217 wil_dbg_wmi(wil, "Head 0x%08x -> 0x%08x\n", r->head, next_head);
218 /* wait till FW finish with previous command */
219 for (retry = 5; retry > 0; retry--) {
220 r->tail = ioread32(wil->csr + HOST_MBOX +
221 offsetof(struct wil6210_mbox_ctl, tx.tail));
222 if (next_head != r->tail)
223 break;
224 msleep(20);
225 }
226 if (next_head == r->tail) {
227 wil_err(wil, "WMI ring full\n");
228 return -EBUSY;
229 }
230 dst = wmi_buffer(wil, d_head.addr);
231 if (!dst) {
232 wil_err(wil, "invalid WMI buffer: 0x%08x\n",
233 le32_to_cpu(d_head.addr));
234 return -EINVAL;
235 }
236 cmd.hdr.seq = cpu_to_le16(++wil->wmi_seq);
237 /* set command */
238 wil_dbg_wmi(wil, "WMI command 0x%04x [%d]\n", cmdid, len);
239 wil_hex_dump_wmi("Cmd ", DUMP_PREFIX_OFFSET, 16, 1, &cmd,
240 sizeof(cmd), true);
241 wil_hex_dump_wmi("cmd ", DUMP_PREFIX_OFFSET, 16, 1, buf,
242 len, true);
243 wil_memcpy_toio_32(dst, &cmd, sizeof(cmd));
244 wil_memcpy_toio_32(dst + sizeof(cmd), buf, len);
245 /* mark entry as full */
246 iowrite32(1, wil->csr + HOSTADDR(r->head) +
247 offsetof(struct wil6210_mbox_ring_desc, sync));
248 /* advance next ptr */
249 iowrite32(r->head = next_head, wil->csr + HOST_MBOX +
250 offsetof(struct wil6210_mbox_ctl, tx.head));
251
252 /* interrupt to FW */
253 iowrite32(SW_INT_MBOX, wil->csr + HOST_SW_INT);
254
255 return 0;
256}
257
258int wmi_send(struct wil6210_priv *wil, u16 cmdid, void *buf, u16 len)
259{
260 int rc;
261
262 mutex_lock(&wil->wmi_mutex);
263 rc = __wmi_send(wil, cmdid, buf, len);
264 mutex_unlock(&wil->wmi_mutex);
265
266 return rc;
267}
268
269/*=== Event handlers ===*/
270static void wmi_evt_ready(struct wil6210_priv *wil, int id, void *d, int len)
271{
272 struct net_device *ndev = wil_to_ndev(wil);
273 struct wireless_dev *wdev = wil->wdev;
274 struct wmi_ready_event *evt = d;
275 u32 ver = le32_to_cpu(evt->sw_version);
276
277 wil_dbg_wmi(wil, "FW ver. %d; MAC %pM\n", ver, evt->mac);
278
279 if (!is_valid_ether_addr(ndev->dev_addr)) {
280 memcpy(ndev->dev_addr, evt->mac, ETH_ALEN);
281 memcpy(ndev->perm_addr, evt->mac, ETH_ALEN);
282 }
283 snprintf(wdev->wiphy->fw_version, sizeof(wdev->wiphy->fw_version),
284 "%d", ver);
285}
286
287static void wmi_evt_fw_ready(struct wil6210_priv *wil, int id, void *d,
288 int len)
289{
290 wil_dbg_wmi(wil, "WMI: FW ready\n");
291
292 set_bit(wil_status_fwready, &wil->status);
293 /* reuse wmi_ready for the firmware ready indication */
294 complete(&wil->wmi_ready);
295}
296
297static void wmi_evt_rx_mgmt(struct wil6210_priv *wil, int id, void *d, int len)
298{
299 struct wmi_rx_mgmt_packet_event *data = d;
300 struct wiphy *wiphy = wil_to_wiphy(wil);
301 struct ieee80211_mgmt *rx_mgmt_frame =
302 (struct ieee80211_mgmt *)data->payload;
303 int ch_no = data->info.channel+1;
304 u32 freq = ieee80211_channel_to_frequency(ch_no,
305 IEEE80211_BAND_60GHZ);
306 struct ieee80211_channel *channel = ieee80211_get_channel(wiphy, freq);
307 /* TODO convert LE to CPU */
308 s32 signal = 0; /* TODO */
309 __le16 fc = rx_mgmt_frame->frame_control;
310 u32 d_len = le32_to_cpu(data->info.len);
311 u16 d_status = le16_to_cpu(data->info.status);
312
313 wil_dbg_wmi(wil, "MGMT: channel %d MCS %d SNR %d\n",
314 data->info.channel, data->info.mcs, data->info.snr);
315 wil_dbg_wmi(wil, "status 0x%04x len %d stype %04x\n", d_status, d_len,
316 le16_to_cpu(data->info.stype));
317 wil_dbg_wmi(wil, "qid %d mid %d cid %d\n",
318 data->info.qid, data->info.mid, data->info.cid);
319
320 if (!channel) {
321 wil_err(wil, "Frame on unsupported channel\n");
322 return;
323 }
324
325 if (ieee80211_is_beacon(fc) || ieee80211_is_probe_resp(fc)) {
326 struct cfg80211_bss *bss;
327 u64 tsf = le64_to_cpu(rx_mgmt_frame->u.beacon.timestamp);
328 u16 cap = le16_to_cpu(rx_mgmt_frame->u.beacon.capab_info);
329 u16 bi = le16_to_cpu(rx_mgmt_frame->u.beacon.beacon_int);
330 const u8 *ie_buf = rx_mgmt_frame->u.beacon.variable;
331 size_t ie_len = d_len - offsetof(struct ieee80211_mgmt,
332 u.beacon.variable);
333 wil_dbg_wmi(wil, "Capability info : 0x%04x\n", cap);
334
335 bss = cfg80211_inform_bss(wiphy, channel, rx_mgmt_frame->bssid,
336 tsf, cap, bi, ie_buf, ie_len,
337 signal, GFP_KERNEL);
338 if (bss) {
339 wil_dbg_wmi(wil, "Added BSS %pM\n",
340 rx_mgmt_frame->bssid);
341 cfg80211_put_bss(bss);
342 } else {
343 wil_err(wil, "cfg80211_inform_bss() failed\n");
344 }
345 }
346}
347
348static void wmi_evt_scan_complete(struct wil6210_priv *wil, int id,
349 void *d, int len)
350{
351 if (wil->scan_request) {
352 struct wmi_scan_complete_event *data = d;
353 bool aborted = (data->status != 0);
354
355 wil_dbg_wmi(wil, "SCAN_COMPLETE(0x%08x)\n", data->status);
356 cfg80211_scan_done(wil->scan_request, aborted);
357 wil->scan_request = NULL;
358 } else {
359 wil_err(wil, "SCAN_COMPLETE while not scanning\n");
360 }
361}
362
363static void wmi_evt_connect(struct wil6210_priv *wil, int id, void *d, int len)
364{
365 struct net_device *ndev = wil_to_ndev(wil);
366 struct wireless_dev *wdev = wil->wdev;
367 struct wmi_connect_event *evt = d;
368 int ch; /* channel number */
369 struct station_info sinfo;
370 u8 *assoc_req_ie, *assoc_resp_ie;
371 size_t assoc_req_ielen, assoc_resp_ielen;
372 /* capinfo(u16) + listen_interval(u16) + IEs */
373 const size_t assoc_req_ie_offset = sizeof(u16) * 2;
374 /* capinfo(u16) + status_code(u16) + associd(u16) + IEs */
375 const size_t assoc_resp_ie_offset = sizeof(u16) * 3;
376
377 if (len < sizeof(*evt)) {
378 wil_err(wil, "Connect event too short : %d bytes\n", len);
379 return;
380 }
381 if (len != sizeof(*evt) + evt->beacon_ie_len + evt->assoc_req_len +
382 evt->assoc_resp_len) {
383 wil_err(wil,
384 "Connect event corrupted : %d != %d + %d + %d + %d\n",
385 len, (int)sizeof(*evt), evt->beacon_ie_len,
386 evt->assoc_req_len, evt->assoc_resp_len);
387 return;
388 }
389 ch = evt->channel + 1;
390 wil_dbg_wmi(wil, "Connect %pM channel [%d] cid %d\n",
391 evt->bssid, ch, evt->cid);
392 wil_hex_dump_wmi("connect AI : ", DUMP_PREFIX_OFFSET, 16, 1,
393 evt->assoc_info, len - sizeof(*evt), true);
394
395 /* figure out IE's */
396 assoc_req_ie = &evt->assoc_info[evt->beacon_ie_len +
397 assoc_req_ie_offset];
398 assoc_req_ielen = evt->assoc_req_len - assoc_req_ie_offset;
399 if (evt->assoc_req_len <= assoc_req_ie_offset) {
400 assoc_req_ie = NULL;
401 assoc_req_ielen = 0;
402 }
403
404 assoc_resp_ie = &evt->assoc_info[evt->beacon_ie_len +
405 evt->assoc_req_len +
406 assoc_resp_ie_offset];
407 assoc_resp_ielen = evt->assoc_resp_len - assoc_resp_ie_offset;
408 if (evt->assoc_resp_len <= assoc_resp_ie_offset) {
409 assoc_resp_ie = NULL;
410 assoc_resp_ielen = 0;
411 }
412
413 if ((wdev->iftype == NL80211_IFTYPE_STATION) ||
414 (wdev->iftype == NL80211_IFTYPE_P2P_CLIENT)) {
415 if (wdev->sme_state != CFG80211_SME_CONNECTING) {
416 wil_err(wil, "Not in connecting state\n");
417 return;
418 }
419 del_timer_sync(&wil->connect_timer);
420 cfg80211_connect_result(ndev, evt->bssid,
421 assoc_req_ie, assoc_req_ielen,
422 assoc_resp_ie, assoc_resp_ielen,
423 WLAN_STATUS_SUCCESS, GFP_KERNEL);
424
425 } else if ((wdev->iftype == NL80211_IFTYPE_AP) ||
426 (wdev->iftype == NL80211_IFTYPE_P2P_GO)) {
427 memset(&sinfo, 0, sizeof(sinfo));
428
429 sinfo.generation = wil->sinfo_gen++;
430
431 if (assoc_req_ie) {
432 sinfo.assoc_req_ies = assoc_req_ie;
433 sinfo.assoc_req_ies_len = assoc_req_ielen;
434 sinfo.filled |= STATION_INFO_ASSOC_REQ_IES;
435 }
436
437 cfg80211_new_sta(ndev, evt->bssid, &sinfo, GFP_KERNEL);
438 }
439 set_bit(wil_status_fwconnected, &wil->status);
440
441 /* FIXME FW can transmit only ucast frames to peer */
442 /* FIXME real ring_id instead of hard coded 0 */
443 memcpy(wil->dst_addr[0], evt->bssid, ETH_ALEN);
444
445 wil->pending_connect_cid = evt->cid;
446 queue_work(wil->wmi_wq_conn, &wil->wmi_connect_worker);
447}
448
449static void wmi_evt_disconnect(struct wil6210_priv *wil, int id,
450 void *d, int len)
451{
452 struct wmi_disconnect_event *evt = d;
453
454 wil_dbg_wmi(wil, "Disconnect %pM reason %d proto %d wmi\n",
455 evt->bssid,
456 evt->protocol_reason_status, evt->disconnect_reason);
457
458 wil->sinfo_gen++;
459
460 wil6210_disconnect(wil, evt->bssid);
461}
462
463static void wmi_evt_notify(struct wil6210_priv *wil, int id, void *d, int len)
464{
465 struct wmi_notify_req_done_event *evt = d;
466
467 if (len < sizeof(*evt)) {
468 wil_err(wil, "Short NOTIFY event\n");
469 return;
470 }
471
472 wil->stats.tsf = le64_to_cpu(evt->tsf);
473 wil->stats.snr = le32_to_cpu(evt->snr_val);
474 wil->stats.bf_mcs = le16_to_cpu(evt->bf_mcs);
475 wil->stats.my_rx_sector = le16_to_cpu(evt->my_rx_sector);
476 wil->stats.my_tx_sector = le16_to_cpu(evt->my_tx_sector);
477 wil->stats.peer_rx_sector = le16_to_cpu(evt->other_rx_sector);
478 wil->stats.peer_tx_sector = le16_to_cpu(evt->other_tx_sector);
479 wil_dbg_wmi(wil, "Link status, MCS %d TSF 0x%016llx\n"
480 "BF status 0x%08x SNR 0x%08x\n"
481 "Tx Tpt %d goodput %d Rx goodput %d\n"
482 "Sectors(rx:tx) my %d:%d peer %d:%d\n",
483 wil->stats.bf_mcs, wil->stats.tsf, evt->status,
484 wil->stats.snr, le32_to_cpu(evt->tx_tpt),
485 le32_to_cpu(evt->tx_goodput), le32_to_cpu(evt->rx_goodput),
486 wil->stats.my_rx_sector, wil->stats.my_tx_sector,
487 wil->stats.peer_rx_sector, wil->stats.peer_tx_sector);
488}
489
490/*
491 * Firmware reports EAPOL frame using WME event.
492 * Reconstruct Ethernet frame and deliver it via normal Rx
493 */
494static void wmi_evt_eapol_rx(struct wil6210_priv *wil, int id,
495 void *d, int len)
496{
497 struct net_device *ndev = wil_to_ndev(wil);
498 struct wmi_eapol_rx_event *evt = d;
499 u16 eapol_len = le16_to_cpu(evt->eapol_len);
500 int sz = eapol_len + ETH_HLEN;
501 struct sk_buff *skb;
502 struct ethhdr *eth;
503
504 wil_dbg_wmi(wil, "EAPOL len %d from %pM\n", eapol_len,
505 evt->src_mac);
506
507 if (eapol_len > 196) { /* TODO: revisit size limit */
508 wil_err(wil, "EAPOL too large\n");
509 return;
510 }
511
512 skb = alloc_skb(sz, GFP_KERNEL);
513 if (!skb) {
514 wil_err(wil, "Failed to allocate skb\n");
515 return;
516 }
517 eth = (struct ethhdr *)skb_put(skb, ETH_HLEN);
518 memcpy(eth->h_dest, ndev->dev_addr, ETH_ALEN);
519 memcpy(eth->h_source, evt->src_mac, ETH_ALEN);
520 eth->h_proto = cpu_to_be16(ETH_P_PAE);
521 memcpy(skb_put(skb, eapol_len), evt->eapol, eapol_len);
522 skb->protocol = eth_type_trans(skb, ndev);
523 if (likely(netif_rx_ni(skb) == NET_RX_SUCCESS)) {
524 ndev->stats.rx_packets++;
525 ndev->stats.rx_bytes += skb->len;
526 } else {
527 ndev->stats.rx_dropped++;
528 }
529}
530
531static const struct {
532 int eventid;
533 void (*handler)(struct wil6210_priv *wil, int eventid,
534 void *data, int data_len);
535} wmi_evt_handlers[] = {
536 {WMI_READY_EVENTID, wmi_evt_ready},
537 {WMI_FW_READY_EVENTID, wmi_evt_fw_ready},
538 {WMI_RX_MGMT_PACKET_EVENTID, wmi_evt_rx_mgmt},
539 {WMI_SCAN_COMPLETE_EVENTID, wmi_evt_scan_complete},
540 {WMI_CONNECT_EVENTID, wmi_evt_connect},
541 {WMI_DISCONNECT_EVENTID, wmi_evt_disconnect},
542 {WMI_NOTIFY_REQ_DONE_EVENTID, wmi_evt_notify},
543 {WMI_EAPOL_RX_EVENTID, wmi_evt_eapol_rx},
544};
545
546/*
547 * Run in IRQ context
548 * Extract WMI command from mailbox. Queue it to the @wil->pending_wmi_ev
549 * that will be eventually handled by the @wmi_event_worker in the thread
550 * context of thread "wil6210_wmi"
551 */
552void wmi_recv_cmd(struct wil6210_priv *wil)
553{
554 struct wil6210_mbox_ring_desc d_tail;
555 struct wil6210_mbox_hdr hdr;
556 struct wil6210_mbox_ring *r = &wil->mbox_ctl.rx;
557 struct pending_wmi_event *evt;
558 u8 *cmd;
559 void __iomem *src;
560 ulong flags;
561
562 for (;;) {
563 u16 len;
564
565 r->head = ioread32(wil->csr + HOST_MBOX +
566 offsetof(struct wil6210_mbox_ctl, rx.head));
567 if (r->tail == r->head)
568 return;
569
570 /* read cmd from tail */
571 wil_memcpy_fromio_32(&d_tail, wil->csr + HOSTADDR(r->tail),
572 sizeof(struct wil6210_mbox_ring_desc));
573 if (d_tail.sync == 0) {
574 wil_err(wil, "Mbox evt not owned by FW?\n");
575 return;
576 }
577
578 if (0 != wmi_read_hdr(wil, d_tail.addr, &hdr)) {
579 wil_err(wil, "Mbox evt at 0x%08x?\n",
580 le32_to_cpu(d_tail.addr));
581 return;
582 }
583
584 len = le16_to_cpu(hdr.len);
585 src = wmi_buffer(wil, d_tail.addr) +
586 sizeof(struct wil6210_mbox_hdr);
587 evt = kmalloc(ALIGN(offsetof(struct pending_wmi_event,
588 event.wmi) + len, 4),
589 GFP_KERNEL);
590 if (!evt) {
591 wil_err(wil, "kmalloc for WMI event (%d) failed\n",
592 len);
593 return;
594 }
595 evt->event.hdr = hdr;
596 cmd = (void *)&evt->event.wmi;
597 wil_memcpy_fromio_32(cmd, src, len);
598 /* mark entry as empty */
599 iowrite32(0, wil->csr + HOSTADDR(r->tail) +
600 offsetof(struct wil6210_mbox_ring_desc, sync));
601 /* indicate */
602 wil_dbg_wmi(wil, "Mbox evt %04x %04x %04x %02x\n",
603 le16_to_cpu(hdr.seq), len, le16_to_cpu(hdr.type),
604 hdr.flags);
605 if ((hdr.type == WIL_MBOX_HDR_TYPE_WMI) &&
606 (len >= sizeof(struct wil6210_mbox_hdr_wmi))) {
607 wil_dbg_wmi(wil, "WMI event 0x%04x\n",
608 evt->event.wmi.id);
609 }
610 wil_hex_dump_wmi("evt ", DUMP_PREFIX_OFFSET, 16, 1,
611 &evt->event.hdr, sizeof(hdr) + len, true);
612
613 /* advance tail */
614 r->tail = r->base + ((r->tail - r->base +
615 sizeof(struct wil6210_mbox_ring_desc)) % r->size);
616 iowrite32(r->tail, wil->csr + HOST_MBOX +
617 offsetof(struct wil6210_mbox_ctl, rx.tail));
618
619 /* add to the pending list */
620 spin_lock_irqsave(&wil->wmi_ev_lock, flags);
621 list_add_tail(&evt->list, &wil->pending_wmi_ev);
622 spin_unlock_irqrestore(&wil->wmi_ev_lock, flags);
623 {
624 int q = queue_work(wil->wmi_wq,
625 &wil->wmi_event_worker);
626 wil_dbg_wmi(wil, "queue_work -> %d\n", q);
627 }
628 }
629}
630
631int wmi_call(struct wil6210_priv *wil, u16 cmdid, void *buf, u16 len,
632 u16 reply_id, void *reply, u8 reply_size, int to_msec)
633{
634 int rc;
635 int remain;
636
637 mutex_lock(&wil->wmi_mutex);
638
639 rc = __wmi_send(wil, cmdid, buf, len);
640 if (rc)
641 goto out;
642
643 wil->reply_id = reply_id;
644 wil->reply_buf = reply;
645 wil->reply_size = reply_size;
646 remain = wait_for_completion_timeout(&wil->wmi_ready,
647 msecs_to_jiffies(to_msec));
648 if (0 == remain) {
649 wil_err(wil, "wmi_call(0x%04x->0x%04x) timeout %d msec\n",
650 cmdid, reply_id, to_msec);
651 rc = -ETIME;
652 } else {
653 wil_dbg_wmi(wil,
654 "wmi_call(0x%04x->0x%04x) completed in %d msec\n",
655 cmdid, reply_id,
656 to_msec - jiffies_to_msecs(remain));
657 }
658 wil->reply_id = 0;
659 wil->reply_buf = NULL;
660 wil->reply_size = 0;
661 out:
662 mutex_unlock(&wil->wmi_mutex);
663
664 return rc;
665}
666
667int wmi_echo(struct wil6210_priv *wil)
668{
669 struct wmi_echo_cmd cmd = {
670 .value = cpu_to_le32(0x12345678),
671 };
672
673 return wmi_call(wil, WMI_ECHO_CMDID, &cmd, sizeof(cmd),
674 WMI_ECHO_RSP_EVENTID, NULL, 0, 20);
675}
676
677int wmi_set_mac_address(struct wil6210_priv *wil, void *addr)
678{
679 struct wmi_set_mac_address_cmd cmd;
680
681 memcpy(cmd.mac, addr, ETH_ALEN);
682
683 wil_dbg_wmi(wil, "Set MAC %pM\n", addr);
684
685 return wmi_send(wil, WMI_SET_MAC_ADDRESS_CMDID, &cmd, sizeof(cmd));
686}
687
688int wmi_set_bcon(struct wil6210_priv *wil, int bi, u8 wmi_nettype)
689{
690 struct wmi_bcon_ctrl_cmd cmd = {
691 .bcon_interval = cpu_to_le16(bi),
692 .network_type = wmi_nettype,
693 .disable_sec_offload = 1,
694 };
695
696 if (!wil->secure_pcp)
697 cmd.disable_sec = 1;
698
699 return wmi_send(wil, WMI_BCON_CTRL_CMDID, &cmd, sizeof(cmd));
700}
701
702int wmi_set_ssid(struct wil6210_priv *wil, u8 ssid_len, const void *ssid)
703{
704 struct wmi_set_ssid_cmd cmd = {
705 .ssid_len = cpu_to_le32(ssid_len),
706 };
707
708 if (ssid_len > sizeof(cmd.ssid))
709 return -EINVAL;
710
711 memcpy(cmd.ssid, ssid, ssid_len);
712
713 return wmi_send(wil, WMI_SET_SSID_CMDID, &cmd, sizeof(cmd));
714}
715
716int wmi_get_ssid(struct wil6210_priv *wil, u8 *ssid_len, void *ssid)
717{
718 int rc;
719 struct {
720 struct wil6210_mbox_hdr_wmi wmi;
721 struct wmi_set_ssid_cmd cmd;
722 } __packed reply;
723 int len; /* reply.cmd.ssid_len in CPU order */
724
725 rc = wmi_call(wil, WMI_GET_SSID_CMDID, NULL, 0, WMI_GET_SSID_EVENTID,
726 &reply, sizeof(reply), 20);
727 if (rc)
728 return rc;
729
730 len = le32_to_cpu(reply.cmd.ssid_len);
731 if (len > sizeof(reply.cmd.ssid))
732 return -EINVAL;
733
734 *ssid_len = len;
735 memcpy(ssid, reply.cmd.ssid, len);
736
737 return 0;
738}
739
740int wmi_set_channel(struct wil6210_priv *wil, int channel)
741{
742 struct wmi_set_pcp_channel_cmd cmd = {
743 .channel = channel - 1,
744 };
745
746 return wmi_send(wil, WMI_SET_PCP_CHANNEL_CMDID, &cmd, sizeof(cmd));
747}
748
749int wmi_get_channel(struct wil6210_priv *wil, int *channel)
750{
751 int rc;
752 struct {
753 struct wil6210_mbox_hdr_wmi wmi;
754 struct wmi_set_pcp_channel_cmd cmd;
755 } __packed reply;
756
757 rc = wmi_call(wil, WMI_GET_PCP_CHANNEL_CMDID, NULL, 0,
758 WMI_GET_PCP_CHANNEL_EVENTID, &reply, sizeof(reply), 20);
759 if (rc)
760 return rc;
761
762 if (reply.cmd.channel > 3)
763 return -EINVAL;
764
765 *channel = reply.cmd.channel + 1;
766
767 return 0;
768}
769
770int wmi_tx_eapol(struct wil6210_priv *wil, struct sk_buff *skb)
771{
772 struct wmi_eapol_tx_cmd *cmd;
773 struct ethhdr *eth;
774 u16 eapol_len = skb->len - ETH_HLEN;
775 void *eapol = skb->data + ETH_HLEN;
776 uint i;
777 int rc;
778
779 skb_set_mac_header(skb, 0);
780 eth = eth_hdr(skb);
781 wil_dbg_wmi(wil, "EAPOL %d bytes to %pM\n", eapol_len, eth->h_dest);
782 for (i = 0; i < ARRAY_SIZE(wil->vring_tx); i++) {
783 if (memcmp(wil->dst_addr[i], eth->h_dest, ETH_ALEN) == 0)
784 goto found_dest;
785 }
786
787 return -EINVAL;
788
789 found_dest:
790 /* find out eapol data & len */
791 cmd = kzalloc(sizeof(*cmd) + eapol_len, GFP_KERNEL);
792 if (!cmd)
793 return -EINVAL;
794
795 memcpy(cmd->dst_mac, eth->h_dest, ETH_ALEN);
796 cmd->eapol_len = cpu_to_le16(eapol_len);
797 memcpy(cmd->eapol, eapol, eapol_len);
798 rc = wmi_send(wil, WMI_EAPOL_TX_CMDID, cmd, sizeof(*cmd) + eapol_len);
799 kfree(cmd);
800
801 return rc;
802}
803
804int wmi_del_cipher_key(struct wil6210_priv *wil, u8 key_index,
805 const void *mac_addr)
806{
807 struct wmi_delete_cipher_key_cmd cmd = {
808 .key_index = key_index,
809 };
810
811 if (mac_addr)
812 memcpy(cmd.mac, mac_addr, WMI_MAC_LEN);
813
814 return wmi_send(wil, WMI_DELETE_CIPHER_KEY_CMDID, &cmd, sizeof(cmd));
815}
816
817int wmi_add_cipher_key(struct wil6210_priv *wil, u8 key_index,
818 const void *mac_addr, int key_len, const void *key)
819{
820 struct wmi_add_cipher_key_cmd cmd = {
821 .key_index = key_index,
822 .key_usage = WMI_KEY_USE_PAIRWISE,
823 .key_len = key_len,
824 };
825
826 if (!key || (key_len > sizeof(cmd.key)))
827 return -EINVAL;
828
829 memcpy(cmd.key, key, key_len);
830 if (mac_addr)
831 memcpy(cmd.mac, mac_addr, WMI_MAC_LEN);
832
833 return wmi_send(wil, WMI_ADD_CIPHER_KEY_CMDID, &cmd, sizeof(cmd));
834}
835
836int wmi_set_ie(struct wil6210_priv *wil, u8 type, u16 ie_len, const void *ie)
837{
838 int rc;
839 u16 len = sizeof(struct wmi_set_appie_cmd) + ie_len;
840 struct wmi_set_appie_cmd *cmd = kzalloc(len, GFP_KERNEL);
841 if (!cmd) {
842 wil_err(wil, "kmalloc(%d) failed\n", len);
843 return -ENOMEM;
844 }
845
846 cmd->mgmt_frm_type = type;
847 /* BUG: FW API define ieLen as u8. Will fix FW */
848 cmd->ie_len = cpu_to_le16(ie_len);
849 memcpy(cmd->ie_info, ie, ie_len);
850 rc = wmi_send(wil, WMI_SET_APPIE_CMDID, &cmd, len);
851 kfree(cmd);
852
853 return rc;
854}
855
856int wmi_rx_chain_add(struct wil6210_priv *wil, struct vring *vring)
857{
858 struct wireless_dev *wdev = wil->wdev;
859 struct net_device *ndev = wil_to_ndev(wil);
860 struct wmi_cfg_rx_chain_cmd cmd = {
861 .action = WMI_RX_CHAIN_ADD,
862 .rx_sw_ring = {
863 .max_mpdu_size = cpu_to_le16(RX_BUF_LEN),
864 .ring_mem_base = cpu_to_le64(vring->pa),
865 .ring_size = cpu_to_le16(vring->size),
866 },
867 .mid = 0, /* TODO - what is it? */
868 .decap_trans_type = WMI_DECAP_TYPE_802_3,
869 };
870 struct {
871 struct wil6210_mbox_hdr_wmi wmi;
872 struct wmi_cfg_rx_chain_done_event evt;
873 } __packed evt;
874 int rc;
875
876 if (wdev->iftype == NL80211_IFTYPE_MONITOR) {
877 struct ieee80211_channel *ch = wdev->preset_chandef.chan;
878
879 cmd.sniffer_cfg.mode = cpu_to_le32(WMI_SNIFFER_ON);
880 if (ch)
881 cmd.sniffer_cfg.channel = ch->hw_value - 1;
882 cmd.sniffer_cfg.phy_info_mode =
883 cpu_to_le32(ndev->type == ARPHRD_IEEE80211_RADIOTAP);
884 cmd.sniffer_cfg.phy_support =
885 cpu_to_le32((wil->monitor_flags & MONITOR_FLAG_CONTROL)
886 ? WMI_SNIFFER_CP : WMI_SNIFFER_DP);
887 }
888 /* typical time for secure PCP is 840ms */
889 rc = wmi_call(wil, WMI_CFG_RX_CHAIN_CMDID, &cmd, sizeof(cmd),
890 WMI_CFG_RX_CHAIN_DONE_EVENTID, &evt, sizeof(evt), 2000);
891 if (rc)
892 return rc;
893
894 vring->hwtail = le32_to_cpu(evt.evt.rx_ring_tail_ptr);
895
896 wil_dbg_misc(wil, "Rx init: status %d tail 0x%08x\n",
897 le32_to_cpu(evt.evt.status), vring->hwtail);
898
899 if (le32_to_cpu(evt.evt.status) != WMI_CFG_RX_CHAIN_SUCCESS)
900 rc = -EINVAL;
901
902 return rc;
903}
904
905void wmi_event_flush(struct wil6210_priv *wil)
906{
907 struct pending_wmi_event *evt, *t;
908
909 wil_dbg_wmi(wil, "%s()\n", __func__);
910
911 list_for_each_entry_safe(evt, t, &wil->pending_wmi_ev, list) {
912 list_del(&evt->list);
913 kfree(evt);
914 }
915}
916
917static bool wmi_evt_call_handler(struct wil6210_priv *wil, int id,
918 void *d, int len)
919{
920 uint i;
921
922 for (i = 0; i < ARRAY_SIZE(wmi_evt_handlers); i++) {
923 if (wmi_evt_handlers[i].eventid == id) {
924 wmi_evt_handlers[i].handler(wil, id, d, len);
925 return true;
926 }
927 }
928
929 return false;
930}
931
932static void wmi_event_handle(struct wil6210_priv *wil,
933 struct wil6210_mbox_hdr *hdr)
934{
935 u16 len = le16_to_cpu(hdr->len);
936
937 if ((hdr->type == WIL_MBOX_HDR_TYPE_WMI) &&
938 (len >= sizeof(struct wil6210_mbox_hdr_wmi))) {
939 struct wil6210_mbox_hdr_wmi *wmi = (void *)(&hdr[1]);
940 void *evt_data = (void *)(&wmi[1]);
941 u16 id = le16_to_cpu(wmi->id);
942 /* check if someone waits for this event */
943 if (wil->reply_id && wil->reply_id == id) {
944 if (wil->reply_buf) {
945 memcpy(wil->reply_buf, wmi,
946 min(len, wil->reply_size));
947 } else {
948 wmi_evt_call_handler(wil, id, evt_data,
949 len - sizeof(*wmi));
950 }
951 wil_dbg_wmi(wil, "Complete WMI 0x%04x\n", id);
952 complete(&wil->wmi_ready);
953 return;
954 }
955 /* unsolicited event */
956 /* search for handler */
957 if (!wmi_evt_call_handler(wil, id, evt_data,
958 len - sizeof(*wmi))) {
959 wil_err(wil, "Unhandled event 0x%04x\n", id);
960 }
961 } else {
962 wil_err(wil, "Unknown event type\n");
963 print_hex_dump(KERN_ERR, "evt?? ", DUMP_PREFIX_OFFSET, 16, 1,
964 hdr, sizeof(*hdr) + len, true);
965 }
966}
967
968/*
969 * Retrieve next WMI event from the pending list
970 */
971static struct list_head *next_wmi_ev(struct wil6210_priv *wil)
972{
973 ulong flags;
974 struct list_head *ret = NULL;
975
976 spin_lock_irqsave(&wil->wmi_ev_lock, flags);
977
978 if (!list_empty(&wil->pending_wmi_ev)) {
979 ret = wil->pending_wmi_ev.next;
980 list_del(ret);
981 }
982
983 spin_unlock_irqrestore(&wil->wmi_ev_lock, flags);
984
985 return ret;
986}
987
988/*
989 * Handler for the WMI events
990 */
991void wmi_event_worker(struct work_struct *work)
992{
993 struct wil6210_priv *wil = container_of(work, struct wil6210_priv,
994 wmi_event_worker);
995 struct pending_wmi_event *evt;
996 struct list_head *lh;
997
998 while ((lh = next_wmi_ev(wil)) != NULL) {
999 evt = list_entry(lh, struct pending_wmi_event, list);
1000 wmi_event_handle(wil, &evt->event.hdr);
1001 kfree(evt);
1002 }
1003}
1004
1005void wmi_connect_worker(struct work_struct *work)
1006{
1007 int rc;
1008 struct wil6210_priv *wil = container_of(work, struct wil6210_priv,
1009 wmi_connect_worker);
1010
1011 if (wil->pending_connect_cid < 0) {
1012 wil_err(wil, "No connection pending\n");
1013 return;
1014 }
1015
1016 wil_dbg_wmi(wil, "Configure for connection CID %d\n",
1017 wil->pending_connect_cid);
1018
1019 rc = wil_vring_init_tx(wil, 0, WIL6210_TX_RING_SIZE,
1020 wil->pending_connect_cid, 0);
1021 wil->pending_connect_cid = -1;
1022 if (rc == 0)
1023 wil_link_on(wil);
1024}
diff --git a/drivers/net/wireless/ath/wil6210/wmi.h b/drivers/net/wireless/ath/wil6210/wmi.h
new file mode 100644
index 000000000000..3bbf87572b07
--- /dev/null
+++ b/drivers/net/wireless/ath/wil6210/wmi.h
@@ -0,0 +1,1116 @@
1/*
2 * Copyright (c) 2012 Qualcomm Atheros, Inc.
3 * Copyright (c) 2006-2012 Wilocity .
4 *
5 * Permission to use, copy, modify, and/or distribute this software for any
6 * purpose with or without fee is hereby granted, provided that the above
7 * copyright notice and this permission notice appear in all copies.
8 *
9 * THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES
10 * WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF
11 * MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR
12 * ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES
13 * WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN
14 * ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF
15 * OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE.
16 */
17
18/*
19 * This file contains the definitions of the WMI protocol specified in the
20 * Wireless Module Interface (WMI) for the Wilocity
21 * MARLON 60 Gigabit wireless solution.
22 * It includes definitions of all the commands and events.
23 * Commands are messages from the host to the WM.
24 * Events are messages from the WM to the host.
25 */
26
27#ifndef __WILOCITY_WMI_H__
28#define __WILOCITY_WMI_H__
29
30/* General */
31
32#define WMI_MAC_LEN (6)
33#define WMI_PROX_RANGE_NUM (3)
34
35/* List of Commands */
36enum wmi_command_id {
37 WMI_CONNECT_CMDID = 0x0001,
38 WMI_DISCONNECT_CMDID = 0x0003,
39 WMI_START_SCAN_CMDID = 0x0007,
40 WMI_SET_BSS_FILTER_CMDID = 0x0009,
41 WMI_SET_PROBED_SSID_CMDID = 0x000a,
42 WMI_SET_LISTEN_INT_CMDID = 0x000b,
43 WMI_BCON_CTRL_CMDID = 0x000f,
44 WMI_ADD_CIPHER_KEY_CMDID = 0x0016,
45 WMI_DELETE_CIPHER_KEY_CMDID = 0x0017,
46 WMI_SET_APPIE_CMDID = 0x003f,
47 WMI_GET_APPIE_CMDID = 0x0040,
48 WMI_SET_WSC_STATUS_CMDID = 0x0041,
49 WMI_PXMT_RANGE_CFG_CMDID = 0x0042,
50 WMI_PXMT_SNR2_RANGE_CFG_CMDID = 0x0043,
51 WMI_FAST_MEM_ACC_MODE_CMDID = 0x0300,
52 WMI_MEM_READ_CMDID = 0x0800,
53 WMI_MEM_WR_CMDID = 0x0801,
54 WMI_ECHO_CMDID = 0x0803,
55 WMI_DEEP_ECHO_CMDID = 0x0804,
56 WMI_CONFIG_MAC_CMDID = 0x0805,
57 WMI_CONFIG_PHY_DEBUG_CMDID = 0x0806,
58 WMI_ADD_STATION_CMDID = 0x0807,
59 WMI_ADD_DEBUG_TX_PCKT_CMDID = 0x0808,
60 WMI_PHY_GET_STATISTICS_CMDID = 0x0809,
61 WMI_FS_TUNE_CMDID = 0x080a,
62 WMI_CORR_MEASURE_CMDID = 0x080b,
63 WMI_TEMP_SENSE_CMDID = 0x080e,
64 WMI_DC_CALIB_CMDID = 0x080f,
65 WMI_SEND_TONE_CMDID = 0x0810,
66 WMI_IQ_TX_CALIB_CMDID = 0x0811,
67 WMI_IQ_RX_CALIB_CMDID = 0x0812,
68 WMI_SET_UCODE_IDLE_CMDID = 0x0813,
69 WMI_SET_WORK_MODE_CMDID = 0x0815,
70 WMI_LO_LEAKAGE_CALIB_CMDID = 0x0816,
71 WMI_MARLON_R_ACTIVATE_CMDID = 0x0817,
72 WMI_MARLON_R_READ_CMDID = 0x0818,
73 WMI_MARLON_R_WRITE_CMDID = 0x0819,
74 WMI_MARLON_R_TXRX_SEL_CMDID = 0x081a,
75 MAC_IO_STATIC_PARAMS_CMDID = 0x081b,
76 MAC_IO_DYNAMIC_PARAMS_CMDID = 0x081c,
77 WMI_SILENT_RSSI_CALIB_CMDID = 0x081d,
78 WMI_CFG_RX_CHAIN_CMDID = 0x0820,
79 WMI_VRING_CFG_CMDID = 0x0821,
80 WMI_RX_ON_CMDID = 0x0822,
81 WMI_VRING_BA_EN_CMDID = 0x0823,
82 WMI_VRING_BA_DIS_CMDID = 0x0824,
83 WMI_RCP_ADDBA_RESP_CMDID = 0x0825,
84 WMI_RCP_DELBA_CMDID = 0x0826,
85 WMI_SET_SSID_CMDID = 0x0827,
86 WMI_GET_SSID_CMDID = 0x0828,
87 WMI_SET_PCP_CHANNEL_CMDID = 0x0829,
88 WMI_GET_PCP_CHANNEL_CMDID = 0x082a,
89 WMI_SW_TX_REQ_CMDID = 0x082b,
90 WMI_RX_OFF_CMDID = 0x082c,
91 WMI_READ_MAC_RXQ_CMDID = 0x0830,
92 WMI_READ_MAC_TXQ_CMDID = 0x0831,
93 WMI_WRITE_MAC_RXQ_CMDID = 0x0832,
94 WMI_WRITE_MAC_TXQ_CMDID = 0x0833,
95 WMI_WRITE_MAC_XQ_FIELD_CMDID = 0x0834,
96 WMI_MLME_PUSH_CMDID = 0x0835,
97 WMI_BEAMFORMING_MGMT_CMDID = 0x0836,
98 WMI_BF_TXSS_MGMT_CMDID = 0x0837,
99 WMI_BF_SM_MGMT_CMDID = 0x0838,
100 WMI_BF_RXSS_MGMT_CMDID = 0x0839,
101 WMI_SET_SECTORS_CMDID = 0x0849,
102 WMI_MAINTAIN_PAUSE_CMDID = 0x0850,
103 WMI_MAINTAIN_RESUME_CMDID = 0x0851,
104 WMI_RS_MGMT_CMDID = 0x0852,
105 WMI_RF_MGMT_CMDID = 0x0853,
106 /* Performance monitoring commands */
107 WMI_BF_CTRL_CMDID = 0x0862,
108 WMI_NOTIFY_REQ_CMDID = 0x0863,
109 WMI_GET_STATUS_CMDID = 0x0864,
110 WMI_UNIT_TEST_CMDID = 0x0900,
111 WMI_HICCUP_CMDID = 0x0901,
112 WMI_FLASH_READ_CMDID = 0x0902,
113 WMI_FLASH_WRITE_CMDID = 0x0903,
114 WMI_SECURITY_UNIT_TEST_CMDID = 0x0904,
115
116 WMI_SET_MAC_ADDRESS_CMDID = 0xf003,
117 WMI_ABORT_SCAN_CMDID = 0xf007,
118 WMI_SET_PMK_CMDID = 0xf028,
119
120 WMI_SET_PROMISCUOUS_MODE_CMDID = 0xf041,
121 WMI_GET_PMK_CMDID = 0xf048,
122 WMI_SET_PASSPHRASE_CMDID = 0xf049,
123 WMI_SEND_ASSOC_RES_CMDID = 0xf04a,
124 WMI_SET_ASSOC_REQ_RELAY_CMDID = 0xf04b,
125 WMI_EAPOL_TX_CMDID = 0xf04c,
126 WMI_MAC_ADDR_REQ_CMDID = 0xf04d,
127 WMI_FW_VER_CMDID = 0xf04e,
128};
129
130/*
131 * Commands data structures
132 */
133
134/*
135 * Frame Types
136 */
137enum wmi_mgmt_frame_type {
138 WMI_FRAME_BEACON = 0,
139 WMI_FRAME_PROBE_REQ = 1,
140 WMI_FRAME_PROBE_RESP = 2,
141 WMI_FRAME_ASSOC_REQ = 3,
142 WMI_FRAME_ASSOC_RESP = 4,
143 WMI_NUM_MGMT_FRAME,
144};
145
146/*
147 * WMI_CONNECT_CMDID
148 */
149enum wmi_network_type {
150 WMI_NETTYPE_INFRA = 0x01,
151 WMI_NETTYPE_ADHOC = 0x02,
152 WMI_NETTYPE_ADHOC_CREATOR = 0x04,
153 WMI_NETTYPE_AP = 0x10,
154 WMI_NETTYPE_P2P = 0x20,
155 WMI_NETTYPE_WBE = 0x40, /* PCIE over 60g */
156};
157
158enum wmi_dot11_auth_mode {
159 WMI_AUTH11_OPEN = 0x01,
160 WMI_AUTH11_SHARED = 0x02,
161 WMI_AUTH11_LEAP = 0x04,
162 WMI_AUTH11_WSC = 0x08,
163};
164
165enum wmi_auth_mode {
166 WMI_AUTH_NONE = 0x01,
167 WMI_AUTH_WPA = 0x02,
168 WMI_AUTH_WPA2 = 0x04,
169 WMI_AUTH_WPA_PSK = 0x08,
170 WMI_AUTH_WPA2_PSK = 0x10,
171 WMI_AUTH_WPA_CCKM = 0x20,
172 WMI_AUTH_WPA2_CCKM = 0x40,
173};
174
175enum wmi_crypto_type {
176 WMI_CRYPT_NONE = 0x01,
177 WMI_CRYPT_WEP = 0x02,
178 WMI_CRYPT_TKIP = 0x04,
179 WMI_CRYPT_AES = 0x08,
180 WMI_CRYPT_AES_GCMP = 0x20,
181};
182
183
184enum wmi_connect_ctrl_flag_bits {
185 WMI_CONNECT_ASSOC_POLICY_USER = 0x0001,
186 WMI_CONNECT_SEND_REASSOC = 0x0002,
187 WMI_CONNECT_IGNORE_WPAx_GROUP_CIPHER = 0x0004,
188 WMI_CONNECT_PROFILE_MATCH_DONE = 0x0008,
189 WMI_CONNECT_IGNORE_AAC_BEACON = 0x0010,
190 WMI_CONNECT_CSA_FOLLOW_BSS = 0x0020,
191 WMI_CONNECT_DO_WPA_OFFLOAD = 0x0040,
192 WMI_CONNECT_DO_NOT_DEAUTH = 0x0080,
193};
194
195#define WMI_MAX_SSID_LEN (32)
196
197struct wmi_connect_cmd {
198 u8 network_type;
199 u8 dot11_auth_mode;
200 u8 auth_mode;
201 u8 pairwise_crypto_type;
202 u8 pairwise_crypto_len;
203 u8 group_crypto_type;
204 u8 group_crypto_len;
205 u8 ssid_len;
206 u8 ssid[WMI_MAX_SSID_LEN];
207 u8 channel;
208 u8 reserved0;
209 u8 bssid[WMI_MAC_LEN];
210 __le32 ctrl_flags;
211 u8 dst_mac[WMI_MAC_LEN];
212 u8 reserved1[2];
213} __packed;
214
215
216/*
217 * WMI_RECONNECT_CMDID
218 */
219struct wmi_reconnect_cmd {
220 u8 channel; /* hint */
221 u8 reserved;
222 u8 bssid[WMI_MAC_LEN]; /* mandatory if set */
223} __packed;
224
225
226/*
227 * WMI_SET_PMK_CMDID
228 */
229
230#define WMI_MIN_KEY_INDEX (0)
231#define WMI_MAX_KEY_INDEX (3)
232#define WMI_MAX_KEY_LEN (32)
233#define WMI_PASSPHRASE_LEN (64)
234#define WMI_PMK_LEN (32)
235
236struct wmi_set_pmk_cmd {
237 u8 pmk[WMI_PMK_LEN];
238} __packed;
239
240
241/*
242 * WMI_SET_PASSPHRASE_CMDID
243 */
244struct wmi_set_passphrase_cmd {
245 u8 ssid[WMI_MAX_SSID_LEN];
246 u8 passphrase[WMI_PASSPHRASE_LEN];
247 u8 ssid_len;
248 u8 passphrase_len;
249} __packed;
250
251/*
252 * WMI_ADD_CIPHER_KEY_CMDID
253 */
254enum wmi_key_usage {
255 WMI_KEY_USE_PAIRWISE = 0,
256 WMI_KEY_USE_GROUP = 1,
257 WMI_KEY_USE_TX = 2, /* default Tx Key - Static WEP only */
258};
259
260struct wmi_add_cipher_key_cmd {
261 u8 key_index;
262 u8 key_type;
263 u8 key_usage; /* enum wmi_key_usage */
264 u8 key_len;
265 u8 key_rsc[8]; /* key replay sequence counter */
266 u8 key[WMI_MAX_KEY_LEN];
267 u8 key_op_ctrl; /* Additional Key Control information */
268 u8 mac[WMI_MAC_LEN];
269} __packed;
270
271/*
272 * WMI_DELETE_CIPHER_KEY_CMDID
273 */
274struct wmi_delete_cipher_key_cmd {
275 u8 key_index;
276 u8 mac[WMI_MAC_LEN];
277} __packed;
278
279
280/*
281 * WMI_START_SCAN_CMDID
282 *
283 * Start L1 scan operation
284 *
285 * Returned events:
286 * - WMI_RX_MGMT_PACKET_EVENTID - for every probe resp.
287 * - WMI_SCAN_COMPLETE_EVENTID
288 */
289enum wmi_scan_type {
290 WMI_LONG_SCAN = 0,
291 WMI_SHORT_SCAN = 1,
292};
293
294struct wmi_start_scan_cmd {
295 u8 reserved[8];
296 __le32 home_dwell_time; /* Max duration in the home channel(ms) */
297 __le32 force_scan_interval; /* Time interval between scans (ms)*/
298 u8 scan_type; /* wmi_scan_type */
299 u8 num_channels; /* how many channels follow */
300 struct {
301 u8 channel;
302 u8 reserved;
303 } channel_list[0]; /* channels ID's */
304 /* 0 - 58320 MHz */
305 /* 1 - 60480 MHz */
306 /* 2 - 62640 MHz */
307} __packed;
308
309/*
310 * WMI_SET_PROBED_SSID_CMDID
311 */
312#define MAX_PROBED_SSID_INDEX (15)
313
314enum wmi_ssid_flag {
315 WMI_SSID_FLAG_DISABLE = 0, /* disables entry */
316 WMI_SSID_FLAG_SPECIFIC = 1, /* probes specified ssid */
317 WMI_SSID_FLAG_ANY = 2, /* probes for any ssid */
318};
319
320struct wmi_probed_ssid_cmd {
321 u8 entry_index; /* 0 to MAX_PROBED_SSID_INDEX */
322 u8 flag; /* enum wmi_ssid_flag */
323 u8 ssid_len;
324 u8 ssid[WMI_MAX_SSID_LEN];
325} __packed;
326
327/*
328 * WMI_SET_APPIE_CMDID
329 * Add Application specified IE to a management frame
330 */
331struct wmi_set_appie_cmd {
332 u8 mgmt_frm_type; /* enum wmi_mgmt_frame_type */
333 u8 reserved;
334 __le16 ie_len; /* Length of the IE to be added to MGMT frame */
335 u8 ie_info[0];
336} __packed;
337
338#define WMI_MAX_IE_LEN (1024)
339
340struct wmi_pxmt_range_cfg_cmd {
341 u8 dst_mac[WMI_MAC_LEN];
342 __le16 range;
343} __packed;
344
345struct wmi_pxmt_snr2_range_cfg_cmd {
346 s8 snr2range_arr[WMI_PROX_RANGE_NUM-1];
347} __packed;
348
349/*
350 * WMI_RF_MGMT_CMDID
351 */
352enum wmi_rf_mgmt_type {
353 WMI_RF_MGMT_W_DISABLE = 0,
354 WMI_RF_MGMT_W_ENABLE = 1,
355 WMI_RF_MGMT_GET_STATUS = 2,
356};
357
358struct wmi_rf_mgmt_cmd {
359 __le32 rf_mgmt_type;
360} __packed;
361
362/*
363 * WMI_SET_SSID_CMDID
364 */
365struct wmi_set_ssid_cmd {
366 __le32 ssid_len;
367 u8 ssid[WMI_MAX_SSID_LEN];
368} __packed;
369
370/*
371 * WMI_SET_PCP_CHANNEL_CMDID
372 */
373struct wmi_set_pcp_channel_cmd {
374 u8 channel;
375 u8 reserved[3];
376} __packed;
377
378/*
379 * WMI_BCON_CTRL_CMDID
380 */
381struct wmi_bcon_ctrl_cmd {
382 __le16 bcon_interval;
383 __le16 frag_num;
384 __le64 ss_mask;
385 u8 network_type;
386 u8 reserved;
387 u8 disable_sec_offload;
388 u8 disable_sec;
389} __packed;
390
391/*
392 * WMI_SW_TX_REQ_CMDID
393 */
394struct wmi_sw_tx_req_cmd {
395 u8 dst_mac[WMI_MAC_LEN];
396 __le16 len;
397 u8 payload[0];
398} __packed;
399
400/*
401 * WMI_VRING_CFG_CMDID
402 */
403
404struct wmi_sw_ring_cfg {
405 __le64 ring_mem_base;
406 __le16 ring_size;
407 __le16 max_mpdu_size;
408} __packed;
409
410struct wmi_vring_cfg_schd {
411 __le16 priority;
412 __le16 timeslot_us;
413} __packed;
414
415enum wmi_vring_cfg_encap_trans_type {
416 WMI_VRING_ENC_TYPE_802_3 = 0,
417 WMI_VRING_ENC_TYPE_NATIVE_WIFI = 1,
418};
419
420enum wmi_vring_cfg_ds_cfg {
421 WMI_VRING_DS_PBSS = 0,
422 WMI_VRING_DS_STATION = 1,
423 WMI_VRING_DS_AP = 2,
424 WMI_VRING_DS_ADDR4 = 3,
425};
426
427enum wmi_vring_cfg_nwifi_ds_trans_type {
428 WMI_NWIFI_TX_TRANS_MODE_NO = 0,
429 WMI_NWIFI_TX_TRANS_MODE_AP2PBSS = 1,
430 WMI_NWIFI_TX_TRANS_MODE_STA2PBSS = 2,
431};
432
433enum wmi_vring_cfg_schd_params_priority {
434 WMI_SCH_PRIO_REGULAR = 0,
435 WMI_SCH_PRIO_HIGH = 1,
436};
437
438struct wmi_vring_cfg {
439 struct wmi_sw_ring_cfg tx_sw_ring;
440 u8 ringid; /* 0-23 vrings */
441
442 #define CIDXTID_CID_POS (0)
443 #define CIDXTID_CID_LEN (4)
444 #define CIDXTID_CID_MSK (0xF)
445 #define CIDXTID_TID_POS (4)
446 #define CIDXTID_TID_LEN (4)
447 #define CIDXTID_TID_MSK (0xF0)
448 u8 cidxtid;
449
450 u8 encap_trans_type;
451 u8 ds_cfg; /* 802.3 DS cfg */
452 u8 nwifi_ds_trans_type;
453
454 #define VRING_CFG_MAC_CTRL_LIFETIME_EN_POS (0)
455 #define VRING_CFG_MAC_CTRL_LIFETIME_EN_LEN (1)
456 #define VRING_CFG_MAC_CTRL_LIFETIME_EN_MSK (0x1)
457 #define VRING_CFG_MAC_CTRL_AGGR_EN_POS (1)
458 #define VRING_CFG_MAC_CTRL_AGGR_EN_LEN (1)
459 #define VRING_CFG_MAC_CTRL_AGGR_EN_MSK (0x2)
460 u8 mac_ctrl;
461
462 #define VRING_CFG_TO_RESOLUTION_VALUE_POS (0)
463 #define VRING_CFG_TO_RESOLUTION_VALUE_LEN (6)
464 #define VRING_CFG_TO_RESOLUTION_VALUE_MSK (0x3F)
465 u8 to_resolution;
466 u8 agg_max_wsize;
467 struct wmi_vring_cfg_schd schd_params;
468} __packed;
469
470enum wmi_vring_cfg_cmd_action {
471 WMI_VRING_CMD_ADD = 0,
472 WMI_VRING_CMD_MODIFY = 1,
473 WMI_VRING_CMD_DELETE = 2,
474};
475
476struct wmi_vring_cfg_cmd {
477 __le32 action;
478 struct wmi_vring_cfg vring_cfg;
479} __packed;
480
481/*
482 * WMI_VRING_BA_EN_CMDID
483 */
484struct wmi_vring_ba_en_cmd {
485 u8 ringid;
486 u8 agg_max_wsize;
487 __le16 ba_timeout;
488} __packed;
489
490/*
491 * WMI_VRING_BA_DIS_CMDID
492 */
493struct wmi_vring_ba_dis_cmd {
494 u8 ringid;
495 u8 reserved;
496 __le16 reason;
497} __packed;
498
499/*
500 * WMI_NOTIFY_REQ_CMDID
501 */
502struct wmi_notify_req_cmd {
503 u8 cid;
504 u8 reserved[3];
505 __le32 interval_usec;
506} __packed;
507
508/*
509 * WMI_CFG_RX_CHAIN_CMDID
510 */
511enum wmi_sniffer_cfg_mode {
512 WMI_SNIFFER_OFF = 0,
513 WMI_SNIFFER_ON = 1,
514};
515
516enum wmi_sniffer_cfg_phy_info_mode {
517 WMI_SNIFFER_PHY_INFO_DISABLED = 0,
518 WMI_SNIFFER_PHY_INFO_ENABLED = 1,
519};
520
521enum wmi_sniffer_cfg_phy_support {
522 WMI_SNIFFER_CP = 0,
523 WMI_SNIFFER_DP = 1,
524 WMI_SNIFFER_BOTH_PHYS = 2,
525};
526
527struct wmi_sniffer_cfg {
528 __le32 mode; /* enum wmi_sniffer_cfg_mode */
529 __le32 phy_info_mode; /* enum wmi_sniffer_cfg_phy_info_mode */
530 __le32 phy_support; /* enum wmi_sniffer_cfg_phy_support */
531 u8 channel;
532 u8 reserved[3];
533} __packed;
534
535enum wmi_cfg_rx_chain_cmd_action {
536 WMI_RX_CHAIN_ADD = 0,
537 WMI_RX_CHAIN_DEL = 1,
538};
539
540enum wmi_cfg_rx_chain_cmd_decap_trans_type {
541 WMI_DECAP_TYPE_802_3 = 0,
542 WMI_DECAP_TYPE_NATIVE_WIFI = 1,
543};
544
545enum wmi_cfg_rx_chain_cmd_nwifi_ds_trans_type {
546 WMI_NWIFI_RX_TRANS_MODE_NO = 0,
547 WMI_NWIFI_RX_TRANS_MODE_PBSS2AP = 1,
548 WMI_NWIFI_RX_TRANS_MODE_PBSS2STA = 2,
549};
550
551struct wmi_cfg_rx_chain_cmd {
552 __le32 action;
553 struct wmi_sw_ring_cfg rx_sw_ring;
554 u8 mid;
555 u8 decap_trans_type;
556
557 #define L2_802_3_OFFLOAD_CTRL_VLAN_TAG_INSERTION_POS (0)
558 #define L2_802_3_OFFLOAD_CTRL_VLAN_TAG_INSERTION_LEN (1)
559 #define L2_802_3_OFFLOAD_CTRL_VLAN_TAG_INSERTION_MSK (0x1)
560 u8 l2_802_3_offload_ctrl;
561
562 #define L2_NWIFI_OFFLOAD_CTRL_REMOVE_QOS_POS (0)
563 #define L2_NWIFI_OFFLOAD_CTRL_REMOVE_QOS_LEN (1)
564 #define L2_NWIFI_OFFLOAD_CTRL_REMOVE_QOS_MSK (0x1)
565 #define L2_NWIFI_OFFLOAD_CTRL_REMOVE_PN_POS (1)
566 #define L2_NWIFI_OFFLOAD_CTRL_REMOVE_PN_LEN (1)
567 #define L2_NWIFI_OFFLOAD_CTRL_REMOVE_PN_MSK (0x2)
568 u8 l2_nwifi_offload_ctrl;
569
570 u8 vlan_id;
571 u8 nwifi_ds_trans_type;
572
573 #define L3_L4_CTRL_IPV4_CHECKSUM_EN_POS (0)
574 #define L3_L4_CTRL_IPV4_CHECKSUM_EN_LEN (1)
575 #define L3_L4_CTRL_IPV4_CHECKSUM_EN_MSK (0x1)
576 #define L3_L4_CTRL_TCPIP_CHECKSUM_EN_POS (1)
577 #define L3_L4_CTRL_TCPIP_CHECKSUM_EN_LEN (1)
578 #define L3_L4_CTRL_TCPIP_CHECKSUM_EN_MSK (0x2)
579 u8 l3_l4_ctrl;
580
581 #define RING_CTRL_OVERRIDE_PREFETCH_THRSH_POS (0)
582 #define RING_CTRL_OVERRIDE_PREFETCH_THRSH_LEN (1)
583 #define RING_CTRL_OVERRIDE_PREFETCH_THRSH_MSK (0x1)
584 #define RING_CTRL_OVERRIDE_WB_THRSH_POS (1)
585 #define RING_CTRL_OVERRIDE_WB_THRSH_LEN (1)
586 #define RING_CTRL_OVERRIDE_WB_THRSH_MSK (0x2)
587 #define RING_CTRL_OVERRIDE_ITR_THRSH_POS (2)
588 #define RING_CTRL_OVERRIDE_ITR_THRSH_LEN (1)
589 #define RING_CTRL_OVERRIDE_ITR_THRSH_MSK (0x4)
590 #define RING_CTRL_OVERRIDE_HOST_THRSH_POS (3)
591 #define RING_CTRL_OVERRIDE_HOST_THRSH_LEN (1)
592 #define RING_CTRL_OVERRIDE_HOST_THRSH_MSK (0x8)
593 u8 ring_ctrl;
594
595 __le16 prefetch_thrsh;
596 __le16 wb_thrsh;
597 __le32 itr_value;
598 __le16 host_thrsh;
599 u8 reserved[2];
600 struct wmi_sniffer_cfg sniffer_cfg;
601} __packed;
602
603/*
604 * WMI_RCP_ADDBA_RESP_CMDID
605 */
606struct wmi_rcp_addba_resp_cmd {
607
608 #define CIDXTID_CID_POS (0)
609 #define CIDXTID_CID_LEN (4)
610 #define CIDXTID_CID_MSK (0xF)
611 #define CIDXTID_TID_POS (4)
612 #define CIDXTID_TID_LEN (4)
613 #define CIDXTID_TID_MSK (0xF0)
614 u8 cidxtid;
615
616 u8 dialog_token;
617 __le16 status_code;
618 __le16 ba_param_set; /* ieee80211_ba_parameterset field to send */
619 __le16 ba_timeout;
620} __packed;
621
622/*
623 * WMI_RCP_DELBA_CMDID
624 */
625struct wmi_rcp_delba_cmd {
626
627 #define CIDXTID_CID_POS (0)
628 #define CIDXTID_CID_LEN (4)
629 #define CIDXTID_CID_MSK (0xF)
630 #define CIDXTID_TID_POS (4)
631 #define CIDXTID_TID_LEN (4)
632 #define CIDXTID_TID_MSK (0xF0)
633 u8 cidxtid;
634
635 u8 reserved;
636 __le16 reason;
637} __packed;
638
639/*
640 * WMI_RCP_ADDBA_REQ_CMDID
641 */
642struct wmi_rcp_addba_req_cmd {
643
644 #define CIDXTID_CID_POS (0)
645 #define CIDXTID_CID_LEN (4)
646 #define CIDXTID_CID_MSK (0xF)
647 #define CIDXTID_TID_POS (4)
648 #define CIDXTID_TID_LEN (4)
649 #define CIDXTID_TID_MSK (0xF0)
650 u8 cidxtid;
651
652 u8 dialog_token;
653 /* ieee80211_ba_parameterset field as it received */
654 __le16 ba_param_set;
655 __le16 ba_timeout;
656 /* ieee80211_ba_seqstrl field as it received */
657 __le16 ba_seq_ctrl;
658} __packed;
659
660/*
661 * WMI_SET_MAC_ADDRESS_CMDID
662 */
663struct wmi_set_mac_address_cmd {
664 u8 mac[WMI_MAC_LEN];
665 u8 reserved[2];
666} __packed;
667
668
669/*
670* WMI_EAPOL_TX_CMDID
671*/
672struct wmi_eapol_tx_cmd {
673 u8 dst_mac[WMI_MAC_LEN];
674 __le16 eapol_len;
675 u8 eapol[0];
676} __packed;
677
678/*
679 * WMI_ECHO_CMDID
680 *
681 * Check FW is alive
682 *
683 * WMI_DEEP_ECHO_CMDID
684 *
685 * Check FW and ucode are alive
686 *
687 * Returned event: WMI_ECHO_RSP_EVENTID
688 * same event for both commands
689 */
690struct wmi_echo_cmd {
691 __le32 value;
692} __packed;
693
694/*
695 * WMI Events
696 */
697
698/*
699 * List of Events (target to host)
700 */
701enum wmi_event_id {
702 WMI_IMM_RSP_EVENTID = 0x0000,
703 WMI_READY_EVENTID = 0x1001,
704 WMI_CONNECT_EVENTID = 0x1002,
705 WMI_DISCONNECT_EVENTID = 0x1003,
706 WMI_SCAN_COMPLETE_EVENTID = 0x100a,
707 WMI_REPORT_STATISTICS_EVENTID = 0x100b,
708 WMI_RD_MEM_RSP_EVENTID = 0x1800,
709 WMI_FW_READY_EVENTID = 0x1801,
710 WMI_EXIT_FAST_MEM_ACC_MODE_EVENTID = 0x0200,
711 WMI_ECHO_RSP_EVENTID = 0x1803,
712 WMI_CONFIG_MAC_DONE_EVENTID = 0x1805,
713 WMI_CONFIG_PHY_DEBUG_DONE_EVENTID = 0x1806,
714 WMI_ADD_STATION_DONE_EVENTID = 0x1807,
715 WMI_ADD_DEBUG_TX_PCKT_DONE_EVENTID = 0x1808,
716 WMI_PHY_GET_STATISTICS_EVENTID = 0x1809,
717 WMI_FS_TUNE_DONE_EVENTID = 0x180a,
718 WMI_CORR_MEASURE_DONE_EVENTID = 0x180b,
719 WMI_TEMP_SENSE_DONE_EVENTID = 0x180e,
720 WMI_DC_CALIB_DONE_EVENTID = 0x180f,
721 WMI_IQ_TX_CALIB_DONE_EVENTID = 0x1811,
722 WMI_IQ_RX_CALIB_DONE_EVENTID = 0x1812,
723 WMI_SET_WORK_MODE_DONE_EVENTID = 0x1815,
724 WMI_LO_LEAKAGE_CALIB_DONE_EVENTID = 0x1816,
725 WMI_MARLON_R_ACTIVATE_DONE_EVENTID = 0x1817,
726 WMI_MARLON_R_READ_DONE_EVENTID = 0x1818,
727 WMI_MARLON_R_WRITE_DONE_EVENTID = 0x1819,
728 WMI_MARLON_R_TXRX_SEL_DONE_EVENTID = 0x181a,
729 WMI_SILENT_RSSI_CALIB_DONE_EVENTID = 0x181d,
730
731 WMI_CFG_RX_CHAIN_DONE_EVENTID = 0x1820,
732 WMI_VRING_CFG_DONE_EVENTID = 0x1821,
733 WMI_RX_ON_DONE_EVENTID = 0x1822,
734 WMI_BA_STATUS_EVENTID = 0x1823,
735 WMI_RCP_ADDBA_REQ_EVENTID = 0x1824,
736 WMI_ADDBA_RESP_SENT_EVENTID = 0x1825,
737 WMI_DELBA_EVENTID = 0x1826,
738 WMI_GET_SSID_EVENTID = 0x1828,
739 WMI_GET_PCP_CHANNEL_EVENTID = 0x182a,
740 WMI_SW_TX_COMPLETE_EVENTID = 0x182b,
741 WMI_RX_OFF_DONE_EVENTID = 0x182c,
742
743 WMI_READ_MAC_RXQ_EVENTID = 0x1830,
744 WMI_READ_MAC_TXQ_EVENTID = 0x1831,
745 WMI_WRITE_MAC_RXQ_EVENTID = 0x1832,
746 WMI_WRITE_MAC_TXQ_EVENTID = 0x1833,
747 WMI_WRITE_MAC_XQ_FIELD_EVENTID = 0x1834,
748
749 WMI_BEAFORMING_MGMT_DONE_EVENTID = 0x1836,
750 WMI_BF_TXSS_MGMT_DONE_EVENTID = 0x1837,
751 WMI_BF_RXSS_MGMT_DONE_EVENTID = 0x1839,
752 WMI_RS_MGMT_DONE_EVENTID = 0x1852,
753 WMI_RF_MGMT_STATUS_EVENTID = 0x1853,
754 WMI_BF_SM_MGMT_DONE_EVENTID = 0x1838,
755 WMI_RX_MGMT_PACKET_EVENTID = 0x1840,
756
757 /* Performance monitoring events */
758 WMI_DATA_PORT_OPEN_EVENTID = 0x1860,
759 WMI_WBE_LINKDOWN_EVENTID = 0x1861,
760
761 WMI_BF_CTRL_DONE_EVENTID = 0x1862,
762 WMI_NOTIFY_REQ_DONE_EVENTID = 0x1863,
763 WMI_GET_STATUS_DONE_EVENTID = 0x1864,
764
765 WMI_UNIT_TEST_EVENTID = 0x1900,
766 WMI_FLASH_READ_DONE_EVENTID = 0x1902,
767 WMI_FLASH_WRITE_DONE_EVENTID = 0x1903,
768
769 WMI_SET_CHANNEL_EVENTID = 0x9000,
770 WMI_ASSOC_REQ_EVENTID = 0x9001,
771 WMI_EAPOL_RX_EVENTID = 0x9002,
772 WMI_MAC_ADDR_RESP_EVENTID = 0x9003,
773 WMI_FW_VER_EVENTID = 0x9004,
774};
775
776/*
777 * Events data structures
778 */
779
780/*
781 * WMI_RF_MGMT_STATUS_EVENTID
782 */
783enum wmi_rf_status {
784 WMI_RF_ENABLED = 0,
785 WMI_RF_DISABLED_HW = 1,
786 WMI_RF_DISABLED_SW = 2,
787 WMI_RF_DISABLED_HW_SW = 3,
788};
789
790struct wmi_rf_mgmt_status_event {
791 __le32 rf_status;
792} __packed;
793
794/*
795 * WMI_GET_STATUS_DONE_EVENTID
796 */
797struct wmi_get_status_done_event {
798 __le32 is_associated;
799 u8 cid;
800 u8 reserved0[3];
801 u8 bssid[WMI_MAC_LEN];
802 u8 channel;
803 u8 reserved1;
804 u8 network_type;
805 u8 reserved2[3];
806 __le32 ssid_len;
807 u8 ssid[WMI_MAX_SSID_LEN];
808 __le32 rf_status;
809 __le32 is_secured;
810} __packed;
811
812/*
813 * WMI_FW_VER_EVENTID
814 */
815struct wmi_fw_ver_event {
816 u8 major;
817 u8 minor;
818 __le16 subminor;
819 __le16 build;
820} __packed;
821
822/*
823* WMI_MAC_ADDR_RESP_EVENTID
824*/
825struct wmi_mac_addr_resp_event {
826 u8 mac[WMI_MAC_LEN];
827 u8 auth_mode;
828 u8 crypt_mode;
829 __le32 offload_mode;
830} __packed;
831
832/*
833* WMI_EAPOL_RX_EVENTID
834*/
835struct wmi_eapol_rx_event {
836 u8 src_mac[WMI_MAC_LEN];
837 __le16 eapol_len;
838 u8 eapol[0];
839} __packed;
840
841/*
842* WMI_READY_EVENTID
843*/
844enum wmi_phy_capability {
845 WMI_11A_CAPABILITY = 1,
846 WMI_11G_CAPABILITY = 2,
847 WMI_11AG_CAPABILITY = 3,
848 WMI_11NA_CAPABILITY = 4,
849 WMI_11NG_CAPABILITY = 5,
850 WMI_11NAG_CAPABILITY = 6,
851 WMI_11AD_CAPABILITY = 7,
852 WMI_11N_CAPABILITY_OFFSET = WMI_11NA_CAPABILITY - WMI_11A_CAPABILITY,
853};
854
855struct wmi_ready_event {
856 __le32 sw_version;
857 __le32 abi_version;
858 u8 mac[WMI_MAC_LEN];
859 u8 phy_capability; /* enum wmi_phy_capability */
860 u8 reserved;
861} __packed;
862
863/*
864 * WMI_NOTIFY_REQ_DONE_EVENTID
865 */
866struct wmi_notify_req_done_event {
867 __le32 status;
868 __le64 tsf;
869 __le32 snr_val;
870 __le32 tx_tpt;
871 __le32 tx_goodput;
872 __le32 rx_goodput;
873 __le16 bf_mcs;
874 __le16 my_rx_sector;
875 __le16 my_tx_sector;
876 __le16 other_rx_sector;
877 __le16 other_tx_sector;
878 __le16 range;
879} __packed;
880
881/*
882 * WMI_CONNECT_EVENTID
883 */
884struct wmi_connect_event {
885 u8 channel;
886 u8 reserved0;
887 u8 bssid[WMI_MAC_LEN];
888 __le16 listen_interval;
889 __le16 beacon_interval;
890 u8 network_type;
891 u8 reserved1[3];
892 u8 beacon_ie_len;
893 u8 assoc_req_len;
894 u8 assoc_resp_len;
895 u8 cid;
896 u8 reserved2[3];
897 u8 assoc_info[0];
898} __packed;
899
900/*
901 * WMI_DISCONNECT_EVENTID
902 */
903enum wmi_disconnect_reason {
904 WMI_DIS_REASON_NO_NETWORK_AVAIL = 1,
905 WMI_DIS_REASON_LOST_LINK = 2, /* bmiss */
906 WMI_DIS_REASON_DISCONNECT_CMD = 3,
907 WMI_DIS_REASON_BSS_DISCONNECTED = 4,
908 WMI_DIS_REASON_AUTH_FAILED = 5,
909 WMI_DIS_REASON_ASSOC_FAILED = 6,
910 WMI_DIS_REASON_NO_RESOURCES_AVAIL = 7,
911 WMI_DIS_REASON_CSERV_DISCONNECT = 8,
912 WMI_DIS_REASON_INVALID_PROFILE = 10,
913 WMI_DIS_REASON_DOT11H_CHANNEL_SWITCH = 11,
914 WMI_DIS_REASON_PROFILE_MISMATCH = 12,
915 WMI_DIS_REASON_CONNECTION_EVICTED = 13,
916 WMI_DIS_REASON_IBSS_MERGE = 14,
917};
918
919struct wmi_disconnect_event {
920 __le16 protocol_reason_status; /* reason code, see 802.11 spec. */
921 u8 bssid[WMI_MAC_LEN]; /* set if known */
922 u8 disconnect_reason; /* see wmi_disconnect_reason_e */
923 u8 assoc_resp_len;
924 u8 assoc_info[0];
925} __packed;
926
927/*
928 * WMI_SCAN_COMPLETE_EVENTID
929 */
930struct wmi_scan_complete_event {
931 __le32 status;
932} __packed;
933
934/*
935 * WMI_BA_STATUS_EVENTID
936 */
937enum wmi_vring_ba_status {
938 WMI_BA_AGREED = 0,
939 WMI_BA_NON_AGREED = 1,
940};
941
942struct wmi_vring_ba_status_event {
943 __le16 status;
944 u8 reserved[2];
945 u8 ringid;
946 u8 agg_wsize;
947 __le16 ba_timeout;
948} __packed;
949
950/*
951 * WMI_DELBA_EVENTID
952 */
953struct wmi_delba_event {
954
955 #define CIDXTID_CID_POS (0)
956 #define CIDXTID_CID_LEN (4)
957 #define CIDXTID_CID_MSK (0xF)
958 #define CIDXTID_TID_POS (4)
959 #define CIDXTID_TID_LEN (4)
960 #define CIDXTID_TID_MSK (0xF0)
961 u8 cidxtid;
962
963 u8 from_initiator;
964 __le16 reason;
965} __packed;
966
967/*
968 * WMI_VRING_CFG_DONE_EVENTID
969 */
970enum wmi_vring_cfg_done_event_status {
971 WMI_VRING_CFG_SUCCESS = 0,
972 WMI_VRING_CFG_FAILURE = 1,
973};
974
975struct wmi_vring_cfg_done_event {
976 u8 ringid;
977 u8 status;
978 u8 reserved[2];
979 __le32 tx_vring_tail_ptr;
980} __packed;
981
982/*
983 * WMI_ADDBA_RESP_SENT_EVENTID
984 */
985enum wmi_rcp_addba_resp_sent_event_status {
986 WMI_ADDBA_SUCCESS = 0,
987 WMI_ADDBA_FAIL = 1,
988};
989
990struct wmi_rcp_addba_resp_sent_event {
991
992 #define CIDXTID_CID_POS (0)
993 #define CIDXTID_CID_LEN (4)
994 #define CIDXTID_CID_MSK (0xF)
995 #define CIDXTID_TID_POS (4)
996 #define CIDXTID_TID_LEN (4)
997 #define CIDXTID_TID_MSK (0xF0)
998 u8 cidxtid;
999
1000 u8 reserved;
1001 __le16 status;
1002} __packed;
1003
1004/*
1005 * WMI_RCP_ADDBA_REQ_EVENTID
1006 */
1007struct wmi_rcp_addba_req_event {
1008
1009 #define CIDXTID_CID_POS (0)
1010 #define CIDXTID_CID_LEN (4)
1011 #define CIDXTID_CID_MSK (0xF)
1012 #define CIDXTID_TID_POS (4)
1013 #define CIDXTID_TID_LEN (4)
1014 #define CIDXTID_TID_MSK (0xF0)
1015 u8 cidxtid;
1016
1017 u8 dialog_token;
1018 __le16 ba_param_set; /* ieee80211_ba_parameterset as it received */
1019 __le16 ba_timeout;
1020 __le16 ba_seq_ctrl; /* ieee80211_ba_seqstrl field as it received */
1021} __packed;
1022
1023/*
1024 * WMI_CFG_RX_CHAIN_DONE_EVENTID
1025 */
1026enum wmi_cfg_rx_chain_done_event_status {
1027 WMI_CFG_RX_CHAIN_SUCCESS = 1,
1028};
1029
1030struct wmi_cfg_rx_chain_done_event {
1031 __le32 rx_ring_tail_ptr; /* Rx V-Ring Tail pointer */
1032 __le32 status;
1033} __packed;
1034
1035/*
1036 * WMI_WBE_LINKDOWN_EVENTID
1037 */
1038enum wmi_wbe_link_down_event_reason {
1039 WMI_WBE_REASON_USER_REQUEST = 0,
1040 WMI_WBE_REASON_RX_DISASSOC = 1,
1041 WMI_WBE_REASON_BAD_PHY_LINK = 2,
1042};
1043
1044struct wmi_wbe_link_down_event {
1045 u8 cid;
1046 u8 reserved[3];
1047 __le32 reason;
1048} __packed;
1049
1050/*
1051 * WMI_DATA_PORT_OPEN_EVENTID
1052 */
1053struct wmi_data_port_open_event {
1054 u8 cid;
1055 u8 reserved[3];
1056} __packed;
1057
1058/*
1059 * WMI_GET_PCP_CHANNEL_EVENTID
1060 */
1061struct wmi_get_pcp_channel_event {
1062 u8 channel;
1063 u8 reserved[3];
1064} __packed;
1065
1066/*
1067 * WMI_SW_TX_COMPLETE_EVENTID
1068 */
1069enum wmi_sw_tx_status {
1070 WMI_TX_SW_STATUS_SUCCESS = 0,
1071 WMI_TX_SW_STATUS_FAILED_NO_RESOURCES = 1,
1072 WMI_TX_SW_STATUS_FAILED_TX = 2,
1073};
1074
1075struct wmi_sw_tx_complete_event {
1076 u8 status; /* enum wmi_sw_tx_status */
1077 u8 reserved[3];
1078} __packed;
1079
1080/*
1081 * WMI_GET_SSID_EVENTID
1082 */
1083struct wmi_get_ssid_event {
1084 __le32 ssid_len;
1085 u8 ssid[WMI_MAX_SSID_LEN];
1086} __packed;
1087
1088/*
1089 * WMI_RX_MGMT_PACKET_EVENTID
1090 */
1091struct wmi_rx_mgmt_info {
1092 u8 mcs;
1093 s8 snr;
1094 __le16 range;
1095 __le16 stype;
1096 __le16 status;
1097 __le32 len;
1098 u8 qid;
1099 u8 mid;
1100 u8 cid;
1101 u8 channel; /* From Radio MNGR */
1102} __packed;
1103
1104struct wmi_rx_mgmt_packet_event {
1105 struct wmi_rx_mgmt_info info;
1106 u8 payload[0];
1107} __packed;
1108
1109/*
1110 * WMI_ECHO_RSP_EVENTID
1111 */
1112struct wmi_echo_event {
1113 __le32 echoed_value;
1114} __packed;
1115
1116#endif /* __WILOCITY_WMI_H__ */
diff --git a/drivers/net/wireless/b43/b43.h b/drivers/net/wireless/b43/b43.h
index b298e5d68be2..10e288d470e7 100644
--- a/drivers/net/wireless/b43/b43.h
+++ b/drivers/net/wireless/b43/b43.h
@@ -7,6 +7,7 @@
7#include <linux/hw_random.h> 7#include <linux/hw_random.h>
8#include <linux/bcma/bcma.h> 8#include <linux/bcma/bcma.h>
9#include <linux/ssb/ssb.h> 9#include <linux/ssb/ssb.h>
10#include <linux/completion.h>
10#include <net/mac80211.h> 11#include <net/mac80211.h>
11 12
12#include "debugfs.h" 13#include "debugfs.h"
@@ -722,6 +723,10 @@ enum b43_firmware_file_type {
722struct b43_request_fw_context { 723struct b43_request_fw_context {
723 /* The device we are requesting the fw for. */ 724 /* The device we are requesting the fw for. */
724 struct b43_wldev *dev; 725 struct b43_wldev *dev;
726 /* a completion event structure needed if this call is asynchronous */
727 struct completion fw_load_complete;
728 /* a pointer to the firmware object */
729 const struct firmware *blob;
725 /* The type of firmware to request. */ 730 /* The type of firmware to request. */
726 enum b43_firmware_file_type req_type; 731 enum b43_firmware_file_type req_type;
727 /* Error messages for each firmware type. */ 732 /* Error messages for each firmware type. */
diff --git a/drivers/net/wireless/b43/main.c b/drivers/net/wireless/b43/main.c
index 16ab280359bd..806e34c19281 100644
--- a/drivers/net/wireless/b43/main.c
+++ b/drivers/net/wireless/b43/main.c
@@ -2088,11 +2088,18 @@ static void b43_print_fw_helptext(struct b43_wl *wl, bool error)
2088 b43warn(wl, text); 2088 b43warn(wl, text);
2089} 2089}
2090 2090
2091static void b43_fw_cb(const struct firmware *firmware, void *context)
2092{
2093 struct b43_request_fw_context *ctx = context;
2094
2095 ctx->blob = firmware;
2096 complete(&ctx->fw_load_complete);
2097}
2098
2091int b43_do_request_fw(struct b43_request_fw_context *ctx, 2099int b43_do_request_fw(struct b43_request_fw_context *ctx,
2092 const char *name, 2100 const char *name,
2093 struct b43_firmware_file *fw) 2101 struct b43_firmware_file *fw, bool async)
2094{ 2102{
2095 const struct firmware *blob;
2096 struct b43_fw_header *hdr; 2103 struct b43_fw_header *hdr;
2097 u32 size; 2104 u32 size;
2098 int err; 2105 int err;
@@ -2131,11 +2138,31 @@ int b43_do_request_fw(struct b43_request_fw_context *ctx,
2131 B43_WARN_ON(1); 2138 B43_WARN_ON(1);
2132 return -ENOSYS; 2139 return -ENOSYS;
2133 } 2140 }
2134 err = request_firmware(&blob, ctx->fwname, ctx->dev->dev->dev); 2141 if (async) {
2142 /* do this part asynchronously */
2143 init_completion(&ctx->fw_load_complete);
2144 err = request_firmware_nowait(THIS_MODULE, 1, ctx->fwname,
2145 ctx->dev->dev->dev, GFP_KERNEL,
2146 ctx, b43_fw_cb);
2147 if (err < 0) {
2148 pr_err("Unable to load firmware\n");
2149 return err;
2150 }
2151 /* stall here until fw ready */
2152 wait_for_completion(&ctx->fw_load_complete);
2153 if (ctx->blob)
2154 goto fw_ready;
2155 /* On some ARM systems, the async request will fail, but the next sync
2156 * request works. For this reason, we dall through here
2157 */
2158 }
2159 err = request_firmware(&ctx->blob, ctx->fwname,
2160 ctx->dev->dev->dev);
2135 if (err == -ENOENT) { 2161 if (err == -ENOENT) {
2136 snprintf(ctx->errors[ctx->req_type], 2162 snprintf(ctx->errors[ctx->req_type],
2137 sizeof(ctx->errors[ctx->req_type]), 2163 sizeof(ctx->errors[ctx->req_type]),
2138 "Firmware file \"%s\" not found\n", ctx->fwname); 2164 "Firmware file \"%s\" not found\n",
2165 ctx->fwname);
2139 return err; 2166 return err;
2140 } else if (err) { 2167 } else if (err) {
2141 snprintf(ctx->errors[ctx->req_type], 2168 snprintf(ctx->errors[ctx->req_type],
@@ -2144,14 +2171,15 @@ int b43_do_request_fw(struct b43_request_fw_context *ctx,
2144 ctx->fwname, err); 2171 ctx->fwname, err);
2145 return err; 2172 return err;
2146 } 2173 }
2147 if (blob->size < sizeof(struct b43_fw_header)) 2174fw_ready:
2175 if (ctx->blob->size < sizeof(struct b43_fw_header))
2148 goto err_format; 2176 goto err_format;
2149 hdr = (struct b43_fw_header *)(blob->data); 2177 hdr = (struct b43_fw_header *)(ctx->blob->data);
2150 switch (hdr->type) { 2178 switch (hdr->type) {
2151 case B43_FW_TYPE_UCODE: 2179 case B43_FW_TYPE_UCODE:
2152 case B43_FW_TYPE_PCM: 2180 case B43_FW_TYPE_PCM:
2153 size = be32_to_cpu(hdr->size); 2181 size = be32_to_cpu(hdr->size);
2154 if (size != blob->size - sizeof(struct b43_fw_header)) 2182 if (size != ctx->blob->size - sizeof(struct b43_fw_header))
2155 goto err_format; 2183 goto err_format;
2156 /* fallthrough */ 2184 /* fallthrough */
2157 case B43_FW_TYPE_IV: 2185 case B43_FW_TYPE_IV:
@@ -2162,7 +2190,7 @@ int b43_do_request_fw(struct b43_request_fw_context *ctx,
2162 goto err_format; 2190 goto err_format;
2163 } 2191 }
2164 2192
2165 fw->data = blob; 2193 fw->data = ctx->blob;
2166 fw->filename = name; 2194 fw->filename = name;
2167 fw->type = ctx->req_type; 2195 fw->type = ctx->req_type;
2168 2196
@@ -2172,7 +2200,7 @@ err_format:
2172 snprintf(ctx->errors[ctx->req_type], 2200 snprintf(ctx->errors[ctx->req_type],
2173 sizeof(ctx->errors[ctx->req_type]), 2201 sizeof(ctx->errors[ctx->req_type]),
2174 "Firmware file \"%s\" format error.\n", ctx->fwname); 2202 "Firmware file \"%s\" format error.\n", ctx->fwname);
2175 release_firmware(blob); 2203 release_firmware(ctx->blob);
2176 2204
2177 return -EPROTO; 2205 return -EPROTO;
2178} 2206}
@@ -2223,7 +2251,7 @@ static int b43_try_request_fw(struct b43_request_fw_context *ctx)
2223 goto err_no_ucode; 2251 goto err_no_ucode;
2224 } 2252 }
2225 } 2253 }
2226 err = b43_do_request_fw(ctx, filename, &fw->ucode); 2254 err = b43_do_request_fw(ctx, filename, &fw->ucode, true);
2227 if (err) 2255 if (err)
2228 goto err_load; 2256 goto err_load;
2229 2257
@@ -2235,7 +2263,7 @@ static int b43_try_request_fw(struct b43_request_fw_context *ctx)
2235 else 2263 else
2236 goto err_no_pcm; 2264 goto err_no_pcm;
2237 fw->pcm_request_failed = false; 2265 fw->pcm_request_failed = false;
2238 err = b43_do_request_fw(ctx, filename, &fw->pcm); 2266 err = b43_do_request_fw(ctx, filename, &fw->pcm, false);
2239 if (err == -ENOENT) { 2267 if (err == -ENOENT) {
2240 /* We did not find a PCM file? Not fatal, but 2268 /* We did not find a PCM file? Not fatal, but
2241 * core rev <= 10 must do without hwcrypto then. */ 2269 * core rev <= 10 must do without hwcrypto then. */
@@ -2296,7 +2324,7 @@ static int b43_try_request_fw(struct b43_request_fw_context *ctx)
2296 default: 2324 default:
2297 goto err_no_initvals; 2325 goto err_no_initvals;
2298 } 2326 }
2299 err = b43_do_request_fw(ctx, filename, &fw->initvals); 2327 err = b43_do_request_fw(ctx, filename, &fw->initvals, false);
2300 if (err) 2328 if (err)
2301 goto err_load; 2329 goto err_load;
2302 2330
@@ -2355,7 +2383,7 @@ static int b43_try_request_fw(struct b43_request_fw_context *ctx)
2355 default: 2383 default:
2356 goto err_no_initvals; 2384 goto err_no_initvals;
2357 } 2385 }
2358 err = b43_do_request_fw(ctx, filename, &fw->initvals_band); 2386 err = b43_do_request_fw(ctx, filename, &fw->initvals_band, false);
2359 if (err) 2387 if (err)
2360 goto err_load; 2388 goto err_load;
2361 2389
diff --git a/drivers/net/wireless/b43/main.h b/drivers/net/wireless/b43/main.h
index 8c684cd33529..abac25ee958d 100644
--- a/drivers/net/wireless/b43/main.h
+++ b/drivers/net/wireless/b43/main.h
@@ -137,9 +137,8 @@ void b43_mac_phy_clock_set(struct b43_wldev *dev, bool on);
137 137
138 138
139struct b43_request_fw_context; 139struct b43_request_fw_context;
140int b43_do_request_fw(struct b43_request_fw_context *ctx, 140int b43_do_request_fw(struct b43_request_fw_context *ctx, const char *name,
141 const char *name, 141 struct b43_firmware_file *fw, bool async);
142 struct b43_firmware_file *fw);
143void b43_do_release_fw(struct b43_firmware_file *fw); 142void b43_do_release_fw(struct b43_firmware_file *fw);
144 143
145#endif /* B43_MAIN_H_ */ 144#endif /* B43_MAIN_H_ */
diff --git a/drivers/net/wireless/b43/tables_nphy.c b/drivers/net/wireless/b43/tables_nphy.c
index 97d4e27bf36f..aaca60c6f575 100644
--- a/drivers/net/wireless/b43/tables_nphy.c
+++ b/drivers/net/wireless/b43/tables_nphy.c
@@ -3226,8 +3226,6 @@ struct nphy_gain_ctl_workaround_entry *b43_nphy_get_gain_ctl_workaround_ent(
3226{ 3226{
3227 struct nphy_gain_ctl_workaround_entry *e; 3227 struct nphy_gain_ctl_workaround_entry *e;
3228 u8 phy_idx; 3228 u8 phy_idx;
3229 u8 tr_iso = ghz5 ? dev->dev->bus_sprom->fem.ghz5.tr_iso :
3230 dev->dev->bus_sprom->fem.ghz2.tr_iso;
3231 3229
3232 if (!ghz5 && dev->phy.rev >= 6 && dev->phy.radio_rev == 11) 3230 if (!ghz5 && dev->phy.rev >= 6 && dev->phy.radio_rev == 11)
3233 return &nphy_gain_ctl_wa_phy6_radio11_ghz2; 3231 return &nphy_gain_ctl_wa_phy6_radio11_ghz2;
@@ -3249,6 +3247,10 @@ struct nphy_gain_ctl_workaround_entry *b43_nphy_get_gain_ctl_workaround_ent(
3249 !b43_channel_type_is_40mhz(dev->phy.channel_type)) 3247 !b43_channel_type_is_40mhz(dev->phy.channel_type))
3250 e->cliplo_gain = 0x2d; 3248 e->cliplo_gain = 0x2d;
3251 } else if (!ghz5 && dev->phy.rev >= 5) { 3249 } else if (!ghz5 && dev->phy.rev >= 5) {
3250 static const int gain_data[] = {0x0062, 0x0064, 0x006a, 0x106a,
3251 0x106c, 0x1074, 0x107c, 0x207c};
3252 u8 tr_iso = dev->dev->bus_sprom->fem.ghz2.tr_iso;
3253
3252 if (ext_lna) { 3254 if (ext_lna) {
3253 e->rfseq_init[0] &= ~0x4000; 3255 e->rfseq_init[0] &= ~0x4000;
3254 e->rfseq_init[1] &= ~0x4000; 3256 e->rfseq_init[1] &= ~0x4000;
@@ -3256,26 +3258,10 @@ struct nphy_gain_ctl_workaround_entry *b43_nphy_get_gain_ctl_workaround_ent(
3256 e->rfseq_init[3] &= ~0x4000; 3258 e->rfseq_init[3] &= ~0x4000;
3257 e->init_gain &= ~0x4000; 3259 e->init_gain &= ~0x4000;
3258 } 3260 }
3259 switch (tr_iso) { 3261 if (tr_iso > 7)
3260 case 0: 3262 tr_iso = 3;
3261 e->cliplo_gain = 0x0062; 3263 e->cliplo_gain = gain_data[tr_iso];
3262 case 1: 3264
3263 e->cliplo_gain = 0x0064;
3264 case 2:
3265 e->cliplo_gain = 0x006a;
3266 case 3:
3267 e->cliplo_gain = 0x106a;
3268 case 4:
3269 e->cliplo_gain = 0x106c;
3270 case 5:
3271 e->cliplo_gain = 0x1074;
3272 case 6:
3273 e->cliplo_gain = 0x107c;
3274 case 7:
3275 e->cliplo_gain = 0x207c;
3276 default:
3277 e->cliplo_gain = 0x106a;
3278 }
3279 } else if (ghz5 && dev->phy.rev == 4 && ext_lna) { 3265 } else if (ghz5 && dev->phy.rev == 4 && ext_lna) {
3280 e->rfseq_init[0] &= ~0x4000; 3266 e->rfseq_init[0] &= ~0x4000;
3281 e->rfseq_init[1] &= ~0x4000; 3267 e->rfseq_init[1] &= ~0x4000;
diff --git a/drivers/net/wireless/brcm80211/brcmfmac/bcmsdh.c b/drivers/net/wireless/brcm80211/brcmfmac/bcmsdh.c
index be35a2f99b1c..11fd1c735589 100644
--- a/drivers/net/wireless/brcm80211/brcmfmac/bcmsdh.c
+++ b/drivers/net/wireless/brcm80211/brcmfmac/bcmsdh.c
@@ -15,8 +15,6 @@
15 */ 15 */
16/* ****************** SDIO CARD Interface Functions **************************/ 16/* ****************** SDIO CARD Interface Functions **************************/
17 17
18#define pr_fmt(fmt) KBUILD_MODNAME ": " fmt
19
20#include <linux/types.h> 18#include <linux/types.h>
21#include <linux/netdevice.h> 19#include <linux/netdevice.h>
22#include <linux/export.h> 20#include <linux/export.h>
diff --git a/drivers/net/wireless/brcm80211/brcmfmac/bcmsdh_sdmmc.c b/drivers/net/wireless/brcm80211/brcmfmac/bcmsdh_sdmmc.c
index d33e5598611b..d92d373733d7 100644
--- a/drivers/net/wireless/brcm80211/brcmfmac/bcmsdh_sdmmc.c
+++ b/drivers/net/wireless/brcm80211/brcmfmac/bcmsdh_sdmmc.c
@@ -14,8 +14,6 @@
14 * CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE. 14 * CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE.
15 */ 15 */
16 16
17#define pr_fmt(fmt) KBUILD_MODNAME ": " fmt
18
19#include <linux/types.h> 17#include <linux/types.h>
20#include <linux/netdevice.h> 18#include <linux/netdevice.h>
21#include <linux/mmc/sdio.h> 19#include <linux/mmc/sdio.h>
diff --git a/drivers/net/wireless/brcm80211/brcmfmac/dhd.h b/drivers/net/wireless/brcm80211/brcmfmac/dhd.h
index fd672bf53867..a2f32fb990fa 100644
--- a/drivers/net/wireless/brcm80211/brcmfmac/dhd.h
+++ b/drivers/net/wireless/brcm80211/brcmfmac/dhd.h
@@ -39,6 +39,7 @@
39#define BRCMF_C_GET_BSSID 23 39#define BRCMF_C_GET_BSSID 23
40#define BRCMF_C_GET_SSID 25 40#define BRCMF_C_GET_SSID 25
41#define BRCMF_C_SET_SSID 26 41#define BRCMF_C_SET_SSID 26
42#define BRCMF_C_TERMINATED 28
42#define BRCMF_C_GET_CHANNEL 29 43#define BRCMF_C_GET_CHANNEL 29
43#define BRCMF_C_SET_CHANNEL 30 44#define BRCMF_C_SET_CHANNEL 30
44#define BRCMF_C_GET_SRL 31 45#define BRCMF_C_GET_SRL 31
@@ -480,36 +481,14 @@ struct brcmf_pub {
480 unsigned long drv_version; /* Version of dongle-resident driver */ 481 unsigned long drv_version; /* Version of dongle-resident driver */
481 u8 mac[ETH_ALEN]; /* MAC address obtained from dongle */ 482 u8 mac[ETH_ALEN]; /* MAC address obtained from dongle */
482 483
483 /* Additional stats for the bus level */
484
485 /* Multicast data packets sent to dongle */ 484 /* Multicast data packets sent to dongle */
486 unsigned long tx_multicast; 485 unsigned long tx_multicast;
487 /* Packets flushed due to unscheduled sendup thread */
488 unsigned long rx_flushed;
489 /* Number of times dpc scheduled by watchdog timer */
490 unsigned long wd_dpc_sched;
491
492 /* Number of flow control pkts recvd */
493 unsigned long fc_packets;
494
495 /* Last error return */
496 int bcmerror;
497
498 /* Last error from dongle */
499 int dongle_error;
500
501 /* Suspend disable flag flag */
502 int suspend_disable_flag; /* "1" to disable all extra powersaving
503 during suspend */
504 int in_suspend; /* flag set to 1 when early suspend called */
505 int dtim_skip; /* dtim skip , default 0 means wake each dtim */
506 486
507 struct brcmf_if *iflist[BRCMF_MAX_IFS]; 487 struct brcmf_if *iflist[BRCMF_MAX_IFS];
508 488
509 struct mutex proto_block; 489 struct mutex proto_block;
510 unsigned char proto_buf[BRCMF_DCMD_MAXLEN]; 490 unsigned char proto_buf[BRCMF_DCMD_MAXLEN];
511 491
512 u8 macvalue[ETH_ALEN];
513 atomic_t pend_8021x_cnt; 492 atomic_t pend_8021x_cnt;
514 wait_queue_head_t pend_8021x_wait; 493 wait_queue_head_t pend_8021x_wait;
515 494
@@ -519,11 +498,6 @@ struct brcmf_pub {
519#endif 498#endif
520}; 499};
521 500
522struct bcmevent_name {
523 uint event;
524 const char *name;
525};
526
527struct brcmf_if_event { 501struct brcmf_if_event {
528 u8 ifidx; 502 u8 ifidx;
529 u8 action; 503 u8 action;
@@ -557,13 +531,6 @@ struct brcmf_if {
557 u8 mac_addr[ETH_ALEN]; 531 u8 mac_addr[ETH_ALEN];
558}; 532};
559 533
560static inline s32 brcmf_ndev_bssidx(struct net_device *ndev)
561{
562 struct brcmf_if *ifp = netdev_priv(ndev);
563 return ifp->bssidx;
564}
565
566extern const struct bcmevent_name bcmevent_names[];
567 534
568extern int brcmf_netdev_wait_pend8021x(struct net_device *ndev); 535extern int brcmf_netdev_wait_pend8021x(struct net_device *ndev);
569 536
@@ -576,6 +543,10 @@ extern int brcmf_proto_cdc_query_dcmd(struct brcmf_pub *drvr, int ifidx,
576extern int brcmf_proto_cdc_set_dcmd(struct brcmf_pub *drvr, int ifidx, uint cmd, 543extern int brcmf_proto_cdc_set_dcmd(struct brcmf_pub *drvr, int ifidx, uint cmd,
577 void *buf, uint len); 544 void *buf, uint len);
578 545
546/* Remove any protocol-specific data header. */
547extern int brcmf_proto_hdrpull(struct brcmf_pub *drvr, u8 *ifidx,
548 struct sk_buff *rxp);
549
579extern int brcmf_net_attach(struct brcmf_if *ifp); 550extern int brcmf_net_attach(struct brcmf_if *ifp);
580extern struct brcmf_if *brcmf_add_if(struct brcmf_pub *drvr, int ifidx, 551extern struct brcmf_if *brcmf_add_if(struct brcmf_pub *drvr, int ifidx,
581 s32 bssidx, char *name, u8 *mac_addr); 552 s32 bssidx, char *name, u8 *mac_addr);
diff --git a/drivers/net/wireless/brcm80211/brcmfmac/dhd_bus.h b/drivers/net/wireless/brcm80211/brcmfmac/dhd_bus.h
index dd38b78a9726..64c38f4226a3 100644
--- a/drivers/net/wireless/brcm80211/brcmfmac/dhd_bus.h
+++ b/drivers/net/wireless/brcm80211/brcmfmac/dhd_bus.h
@@ -130,31 +130,18 @@ int brcmf_bus_rxctl(struct brcmf_bus *bus, unsigned char *msg, uint len)
130 * interface functions from common layer 130 * interface functions from common layer
131 */ 131 */
132 132
133/* Remove any protocol-specific data header. */
134extern int brcmf_proto_hdrpull(struct device *dev, int *ifidx,
135 struct sk_buff *rxp);
136
137extern bool brcmf_c_prec_enq(struct device *dev, struct pktq *q, 133extern bool brcmf_c_prec_enq(struct device *dev, struct pktq *q,
138 struct sk_buff *pkt, int prec); 134 struct sk_buff *pkt, int prec);
139 135
140/* Receive frame for delivery to OS. Callee disposes of rxp. */ 136/* Receive frame for delivery to OS. Callee disposes of rxp. */
141extern void brcmf_rx_frame(struct device *dev, u8 ifidx, 137extern void brcmf_rx_frames(struct device *dev, struct sk_buff_head *rxlist);
142 struct sk_buff_head *rxlist);
143static inline void brcmf_rx_packet(struct device *dev, int ifidx,
144 struct sk_buff *pkt)
145{
146 struct sk_buff_head q;
147
148 skb_queue_head_init(&q);
149 skb_queue_tail(&q, pkt);
150 brcmf_rx_frame(dev, ifidx, &q);
151}
152 138
153/* Indication from bus module regarding presence/insertion of dongle. */ 139/* Indication from bus module regarding presence/insertion of dongle. */
154extern int brcmf_attach(uint bus_hdrlen, struct device *dev); 140extern int brcmf_attach(uint bus_hdrlen, struct device *dev);
155/* Indication from bus module regarding removal/absence of dongle */ 141/* Indication from bus module regarding removal/absence of dongle */
156extern void brcmf_detach(struct device *dev); 142extern void brcmf_detach(struct device *dev);
157 143/* Indication from bus module that dongle should be reset */
144extern void brcmf_dev_reset(struct device *dev);
158/* Indication from bus module to change flow-control state */ 145/* Indication from bus module to change flow-control state */
159extern void brcmf_txflowblock(struct device *dev, bool state); 146extern void brcmf_txflowblock(struct device *dev, bool state);
160 147
diff --git a/drivers/net/wireless/brcm80211/brcmfmac/dhd_cdc.c b/drivers/net/wireless/brcm80211/brcmfmac/dhd_cdc.c
index 83923553f1ac..bb454cdab29d 100644
--- a/drivers/net/wireless/brcm80211/brcmfmac/dhd_cdc.c
+++ b/drivers/net/wireless/brcm80211/brcmfmac/dhd_cdc.c
@@ -19,8 +19,6 @@
19 * For certain dcmd codes, the dongle interprets string data from the host. 19 * For certain dcmd codes, the dongle interprets string data from the host.
20 ******************************************************************************/ 20 ******************************************************************************/
21 21
22#define pr_fmt(fmt) KBUILD_MODNAME ": " fmt
23
24#include <linux/types.h> 22#include <linux/types.h>
25#include <linux/netdevice.h> 23#include <linux/netdevice.h>
26 24
@@ -94,8 +92,6 @@ struct brcmf_proto_bdc_header {
94 92
95struct brcmf_proto { 93struct brcmf_proto {
96 u16 reqid; 94 u16 reqid;
97 u8 pending;
98 u32 lastcmd;
99 u8 bus_header[BUS_HEADER_LEN]; 95 u8 bus_header[BUS_HEADER_LEN];
100 struct brcmf_proto_cdc_dcmd msg; 96 struct brcmf_proto_cdc_dcmd msg;
101 unsigned char buf[BRCMF_DCMD_MAXLEN + ROUND_UP_MARGIN]; 97 unsigned char buf[BRCMF_DCMD_MAXLEN + ROUND_UP_MARGIN];
@@ -107,7 +103,7 @@ static int brcmf_proto_cdc_msg(struct brcmf_pub *drvr)
107 int len = le32_to_cpu(prot->msg.len) + 103 int len = le32_to_cpu(prot->msg.len) +
108 sizeof(struct brcmf_proto_cdc_dcmd); 104 sizeof(struct brcmf_proto_cdc_dcmd);
109 105
110 brcmf_dbg(TRACE, "Enter\n"); 106 brcmf_dbg(CDC, "Enter\n");
111 107
112 /* NOTE : cdc->msg.len holds the desired length of the buffer to be 108 /* NOTE : cdc->msg.len holds the desired length of the buffer to be
113 * returned. Only up to CDC_MAX_MSG_SIZE of this buffer area 109 * returned. Only up to CDC_MAX_MSG_SIZE of this buffer area
@@ -125,7 +121,7 @@ static int brcmf_proto_cdc_cmplt(struct brcmf_pub *drvr, u32 id, u32 len)
125 int ret; 121 int ret;
126 struct brcmf_proto *prot = drvr->prot; 122 struct brcmf_proto *prot = drvr->prot;
127 123
128 brcmf_dbg(TRACE, "Enter\n"); 124 brcmf_dbg(CDC, "Enter\n");
129 len += sizeof(struct brcmf_proto_cdc_dcmd); 125 len += sizeof(struct brcmf_proto_cdc_dcmd);
130 do { 126 do {
131 ret = brcmf_bus_rxctl(drvr->bus_if, (unsigned char *)&prot->msg, 127 ret = brcmf_bus_rxctl(drvr->bus_if, (unsigned char *)&prot->msg,
@@ -147,20 +143,7 @@ brcmf_proto_cdc_query_dcmd(struct brcmf_pub *drvr, int ifidx, uint cmd,
147 int ret = 0, retries = 0; 143 int ret = 0, retries = 0;
148 u32 id, flags; 144 u32 id, flags;
149 145
150 brcmf_dbg(TRACE, "Enter\n"); 146 brcmf_dbg(CDC, "Enter, cmd %d len %d\n", cmd, len);
151 brcmf_dbg(CTL, "cmd %d len %d\n", cmd, len);
152
153 /* Respond "bcmerror" and "bcmerrorstr" with local cache */
154 if (cmd == BRCMF_C_GET_VAR && buf) {
155 if (!strcmp((char *)buf, "bcmerrorstr")) {
156 strncpy((char *)buf, "bcm_error",
157 BCME_STRLEN);
158 goto done;
159 } else if (!strcmp((char *)buf, "bcmerror")) {
160 *(int *)buf = drvr->dongle_error;
161 goto done;
162 }
163 }
164 147
165 memset(msg, 0, sizeof(struct brcmf_proto_cdc_dcmd)); 148 memset(msg, 0, sizeof(struct brcmf_proto_cdc_dcmd));
166 149
@@ -210,11 +193,8 @@ retry:
210 } 193 }
211 194
212 /* Check the ERROR flag */ 195 /* Check the ERROR flag */
213 if (flags & CDC_DCMD_ERROR) { 196 if (flags & CDC_DCMD_ERROR)
214 ret = le32_to_cpu(msg->status); 197 ret = le32_to_cpu(msg->status);
215 /* Cache error from dongle */
216 drvr->dongle_error = ret;
217 }
218 198
219done: 199done:
220 return ret; 200 return ret;
@@ -228,8 +208,7 @@ int brcmf_proto_cdc_set_dcmd(struct brcmf_pub *drvr, int ifidx, uint cmd,
228 int ret = 0; 208 int ret = 0;
229 u32 flags, id; 209 u32 flags, id;
230 210
231 brcmf_dbg(TRACE, "Enter\n"); 211 brcmf_dbg(CDC, "Enter, cmd %d len %d\n", cmd, len);
232 brcmf_dbg(CTL, "cmd %d len %d\n", cmd, len);
233 212
234 memset(msg, 0, sizeof(struct brcmf_proto_cdc_dcmd)); 213 memset(msg, 0, sizeof(struct brcmf_proto_cdc_dcmd));
235 214
@@ -262,11 +241,8 @@ int brcmf_proto_cdc_set_dcmd(struct brcmf_pub *drvr, int ifidx, uint cmd,
262 } 241 }
263 242
264 /* Check the ERROR flag */ 243 /* Check the ERROR flag */
265 if (flags & CDC_DCMD_ERROR) { 244 if (flags & CDC_DCMD_ERROR)
266 ret = le32_to_cpu(msg->status); 245 ret = le32_to_cpu(msg->status);
267 /* Cache error from dongle */
268 drvr->dongle_error = ret;
269 }
270 246
271done: 247done:
272 return ret; 248 return ret;
@@ -287,7 +263,7 @@ void brcmf_proto_hdrpush(struct brcmf_pub *drvr, int ifidx,
287{ 263{
288 struct brcmf_proto_bdc_header *h; 264 struct brcmf_proto_bdc_header *h;
289 265
290 brcmf_dbg(TRACE, "Enter\n"); 266 brcmf_dbg(CDC, "Enter\n");
291 267
292 /* Push BDC header used to convey priority for buses that don't */ 268 /* Push BDC header used to convey priority for buses that don't */
293 269
@@ -305,14 +281,12 @@ void brcmf_proto_hdrpush(struct brcmf_pub *drvr, int ifidx,
305 BDC_SET_IF_IDX(h, ifidx); 281 BDC_SET_IF_IDX(h, ifidx);
306} 282}
307 283
308int brcmf_proto_hdrpull(struct device *dev, int *ifidx, 284int brcmf_proto_hdrpull(struct brcmf_pub *drvr, u8 *ifidx,
309 struct sk_buff *pktbuf) 285 struct sk_buff *pktbuf)
310{ 286{
311 struct brcmf_proto_bdc_header *h; 287 struct brcmf_proto_bdc_header *h;
312 struct brcmf_bus *bus_if = dev_get_drvdata(dev);
313 struct brcmf_pub *drvr = bus_if->drvr;
314 288
315 brcmf_dbg(TRACE, "Enter\n"); 289 brcmf_dbg(CDC, "Enter\n");
316 290
317 /* Pop BDC header used to convey priority for buses that don't */ 291 /* Pop BDC header used to convey priority for buses that don't */
318 292
@@ -338,7 +312,7 @@ int brcmf_proto_hdrpull(struct device *dev, int *ifidx,
338 } 312 }
339 313
340 if (h->flags & BDC_FLAG_SUM_GOOD) { 314 if (h->flags & BDC_FLAG_SUM_GOOD) {
341 brcmf_dbg(INFO, "%s: BDC packet received with good rx-csum, flags 0x%x\n", 315 brcmf_dbg(CDC, "%s: BDC rcv, good checksum, flags 0x%x\n",
342 brcmf_ifname(drvr, *ifidx), h->flags); 316 brcmf_ifname(drvr, *ifidx), h->flags);
343 pkt_set_sum_good(pktbuf, true); 317 pkt_set_sum_good(pktbuf, true);
344 } 318 }
@@ -348,6 +322,8 @@ int brcmf_proto_hdrpull(struct device *dev, int *ifidx,
348 skb_pull(pktbuf, BDC_HEADER_LEN); 322 skb_pull(pktbuf, BDC_HEADER_LEN);
349 skb_pull(pktbuf, h->data_offset << 2); 323 skb_pull(pktbuf, h->data_offset << 2);
350 324
325 if (pktbuf->len == 0)
326 return -ENODATA;
351 return 0; 327 return 0;
352} 328}
353 329
diff --git a/drivers/net/wireless/brcm80211/brcmfmac/dhd_common.c b/drivers/net/wireless/brcm80211/brcmfmac/dhd_common.c
index f8b52e5b941a..4544342a0428 100644
--- a/drivers/net/wireless/brcm80211/brcmfmac/dhd_common.c
+++ b/drivers/net/wireless/brcm80211/brcmfmac/dhd_common.c
@@ -14,8 +14,6 @@
14 * CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE. 14 * CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE.
15 */ 15 */
16 16
17#define pr_fmt(fmt) KBUILD_MODNAME ": " fmt
18
19#include <linux/kernel.h> 17#include <linux/kernel.h>
20#include <linux/string.h> 18#include <linux/string.h>
21#include <linux/netdevice.h> 19#include <linux/netdevice.h>
diff --git a/drivers/net/wireless/brcm80211/brcmfmac/dhd_dbg.h b/drivers/net/wireless/brcm80211/brcmfmac/dhd_dbg.h
index f2ab01cd7966..bc013cbe06f6 100644
--- a/drivers/net/wireless/brcm80211/brcmfmac/dhd_dbg.h
+++ b/drivers/net/wireless/brcm80211/brcmfmac/dhd_dbg.h
@@ -18,21 +18,26 @@
18#define _BRCMF_DBG_H_ 18#define _BRCMF_DBG_H_
19 19
20/* message levels */ 20/* message levels */
21#define BRCMF_TRACE_VAL 0x0002 21#define BRCMF_TRACE_VAL 0x00000002
22#define BRCMF_INFO_VAL 0x0004 22#define BRCMF_INFO_VAL 0x00000004
23#define BRCMF_DATA_VAL 0x0008 23#define BRCMF_DATA_VAL 0x00000008
24#define BRCMF_CTL_VAL 0x0010 24#define BRCMF_CTL_VAL 0x00000010
25#define BRCMF_TIMER_VAL 0x0020 25#define BRCMF_TIMER_VAL 0x00000020
26#define BRCMF_HDRS_VAL 0x0040 26#define BRCMF_HDRS_VAL 0x00000040
27#define BRCMF_BYTES_VAL 0x0080 27#define BRCMF_BYTES_VAL 0x00000080
28#define BRCMF_INTR_VAL 0x0100 28#define BRCMF_INTR_VAL 0x00000100
29#define BRCMF_GLOM_VAL 0x0200 29#define BRCMF_GLOM_VAL 0x00000200
30#define BRCMF_EVENT_VAL 0x0400 30#define BRCMF_EVENT_VAL 0x00000400
31#define BRCMF_BTA_VAL 0x0800 31#define BRCMF_BTA_VAL 0x00000800
32#define BRCMF_FIL_VAL 0x1000 32#define BRCMF_FIL_VAL 0x00001000
33#define BRCMF_USB_VAL 0x2000 33#define BRCMF_USB_VAL 0x00002000
34#define BRCMF_SCAN_VAL 0x4000 34#define BRCMF_SCAN_VAL 0x00004000
35#define BRCMF_CONN_VAL 0x8000 35#define BRCMF_CONN_VAL 0x00008000
36#define BRCMF_CDC_VAL 0x00010000
37
38/* set default print format */
39#undef pr_fmt
40#define pr_fmt(fmt) KBUILD_MODNAME ": " fmt
36 41
37/* Macro for error messages. net_ratelimit() is used when driver 42/* Macro for error messages. net_ratelimit() is used when driver
38 * debugging is not selected. When debugging the driver error 43 * debugging is not selected. When debugging the driver error
diff --git a/drivers/net/wireless/brcm80211/brcmfmac/dhd_linux.c b/drivers/net/wireless/brcm80211/brcmfmac/dhd_linux.c
index 74a616b4de8e..e3326a58bdb1 100644
--- a/drivers/net/wireless/brcm80211/brcmfmac/dhd_linux.c
+++ b/drivers/net/wireless/brcm80211/brcmfmac/dhd_linux.c
@@ -14,8 +14,6 @@
14 * CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE. 14 * CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE.
15 */ 15 */
16 16
17#define pr_fmt(fmt) KBUILD_MODNAME ": " fmt
18
19#include <linux/kernel.h> 17#include <linux/kernel.h>
20#include <linux/etherdevice.h> 18#include <linux/etherdevice.h>
21#include <linux/module.h> 19#include <linux/module.h>
@@ -162,28 +160,31 @@ static void brcmf_netdev_set_multicast_list(struct net_device *ndev)
162 schedule_work(&ifp->multicast_work); 160 schedule_work(&ifp->multicast_work);
163} 161}
164 162
165static int brcmf_netdev_start_xmit(struct sk_buff *skb, struct net_device *ndev) 163static netdev_tx_t brcmf_netdev_start_xmit(struct sk_buff *skb,
164 struct net_device *ndev)
166{ 165{
167 int ret; 166 int ret;
168 struct brcmf_if *ifp = netdev_priv(ndev); 167 struct brcmf_if *ifp = netdev_priv(ndev);
169 struct brcmf_pub *drvr = ifp->drvr; 168 struct brcmf_pub *drvr = ifp->drvr;
169 struct ethhdr *eh;
170 170
171 brcmf_dbg(TRACE, "Enter\n"); 171 brcmf_dbg(TRACE, "Enter\n");
172 172
173 /* Reject if down */ 173 /* Can the device send data? */
174 if (!drvr->bus_if->drvr_up || 174 if (drvr->bus_if->state != BRCMF_BUS_DATA) {
175 (drvr->bus_if->state != BRCMF_BUS_DATA)) { 175 brcmf_err("xmit rejected state=%d\n", drvr->bus_if->state);
176 brcmf_err("xmit rejected drvup=%d state=%d\n",
177 drvr->bus_if->drvr_up,
178 drvr->bus_if->state);
179 netif_stop_queue(ndev); 176 netif_stop_queue(ndev);
180 return -ENODEV; 177 dev_kfree_skb(skb);
178 ret = -ENODEV;
179 goto done;
181 } 180 }
182 181
183 if (!drvr->iflist[ifp->idx]) { 182 if (!drvr->iflist[ifp->idx]) {
184 brcmf_err("bad ifidx %d\n", ifp->idx); 183 brcmf_err("bad ifidx %d\n", ifp->idx);
185 netif_stop_queue(ndev); 184 netif_stop_queue(ndev);
186 return -ENODEV; 185 dev_kfree_skb(skb);
186 ret = -ENODEV;
187 goto done;
187 } 188 }
188 189
189 /* Make sure there's enough room for any header */ 190 /* Make sure there's enough room for any header */
@@ -204,17 +205,20 @@ static int brcmf_netdev_start_xmit(struct sk_buff *skb, struct net_device *ndev)
204 } 205 }
205 } 206 }
206 207
207 /* Update multicast statistic */ 208 /* validate length for ether packet */
208 if (skb->len >= ETH_ALEN) { 209 if (skb->len < sizeof(*eh)) {
209 u8 *pktdata = (u8 *)(skb->data); 210 ret = -EINVAL;
210 struct ethhdr *eh = (struct ethhdr *)pktdata; 211 dev_kfree_skb(skb);
211 212 goto done;
212 if (is_multicast_ether_addr(eh->h_dest))
213 drvr->tx_multicast++;
214 if (ntohs(eh->h_proto) == ETH_P_PAE)
215 atomic_inc(&drvr->pend_8021x_cnt);
216 } 213 }
217 214
215 /* handle ethernet header */
216 eh = (struct ethhdr *)(skb->data);
217 if (is_multicast_ether_addr(eh->h_dest))
218 drvr->tx_multicast++;
219 if (ntohs(eh->h_proto) == ETH_P_PAE)
220 atomic_inc(&drvr->pend_8021x_cnt);
221
218 /* If the protocol uses a data header, apply it */ 222 /* If the protocol uses a data header, apply it */
219 brcmf_proto_hdrpush(drvr, ifp->idx, skb); 223 brcmf_proto_hdrpush(drvr, ifp->idx, skb);
220 224
@@ -228,7 +232,7 @@ done:
228 drvr->bus_if->dstats.tx_packets++; 232 drvr->bus_if->dstats.tx_packets++;
229 233
230 /* Return ok: we always eat the packet */ 234 /* Return ok: we always eat the packet */
231 return 0; 235 return NETDEV_TX_OK;
232} 236}
233 237
234void brcmf_txflowblock(struct device *dev, bool state) 238void brcmf_txflowblock(struct device *dev, bool state)
@@ -250,8 +254,7 @@ void brcmf_txflowblock(struct device *dev, bool state)
250 } 254 }
251} 255}
252 256
253void brcmf_rx_frame(struct device *dev, u8 ifidx, 257void brcmf_rx_frames(struct device *dev, struct sk_buff_head *skb_list)
254 struct sk_buff_head *skb_list)
255{ 258{
256 unsigned char *eth; 259 unsigned char *eth;
257 uint len; 260 uint len;
@@ -259,12 +262,24 @@ void brcmf_rx_frame(struct device *dev, u8 ifidx,
259 struct brcmf_if *ifp; 262 struct brcmf_if *ifp;
260 struct brcmf_bus *bus_if = dev_get_drvdata(dev); 263 struct brcmf_bus *bus_if = dev_get_drvdata(dev);
261 struct brcmf_pub *drvr = bus_if->drvr; 264 struct brcmf_pub *drvr = bus_if->drvr;
265 u8 ifidx;
266 int ret;
262 267
263 brcmf_dbg(TRACE, "Enter\n"); 268 brcmf_dbg(TRACE, "Enter\n");
264 269
265 skb_queue_walk_safe(skb_list, skb, pnext) { 270 skb_queue_walk_safe(skb_list, skb, pnext) {
266 skb_unlink(skb, skb_list); 271 skb_unlink(skb, skb_list);
267 272
273 /* process and remove protocol-specific header
274 */
275 ret = brcmf_proto_hdrpull(drvr, &ifidx, skb);
276 if (ret < 0) {
277 if (ret != -ENODATA)
278 bus_if->dstats.rx_errors++;
279 brcmu_pkt_buf_free_skb(skb);
280 continue;
281 }
282
268 /* Get the protocol, maintain skb around eth_type_trans() 283 /* Get the protocol, maintain skb around eth_type_trans()
269 * The main reason for this hack is for the limitation of 284 * The main reason for this hack is for the limitation of
270 * Linux 2.4 where 'eth_type_trans' uses the 285 * Linux 2.4 where 'eth_type_trans' uses the
@@ -328,13 +343,13 @@ void brcmf_rx_frame(struct device *dev, u8 ifidx,
328 343
329void brcmf_txcomplete(struct device *dev, struct sk_buff *txp, bool success) 344void brcmf_txcomplete(struct device *dev, struct sk_buff *txp, bool success)
330{ 345{
331 uint ifidx; 346 u8 ifidx;
332 struct ethhdr *eh; 347 struct ethhdr *eh;
333 u16 type; 348 u16 type;
334 struct brcmf_bus *bus_if = dev_get_drvdata(dev); 349 struct brcmf_bus *bus_if = dev_get_drvdata(dev);
335 struct brcmf_pub *drvr = bus_if->drvr; 350 struct brcmf_pub *drvr = bus_if->drvr;
336 351
337 brcmf_proto_hdrpull(dev, &ifidx, txp); 352 brcmf_proto_hdrpull(drvr, &ifidx, txp);
338 353
339 eh = (struct ethhdr *)(txp->data); 354 eh = (struct ethhdr *)(txp->data);
340 type = ntohs(eh->h_proto); 355 type = ntohs(eh->h_proto);
@@ -450,7 +465,7 @@ static int brcmf_ethtool(struct brcmf_if *ifp, void __user *uaddr)
450 sprintf(info.version, "%lu", drvr->drv_version); 465 sprintf(info.version, "%lu", drvr->drv_version);
451 if (copy_to_user(uaddr, &info, sizeof(info))) 466 if (copy_to_user(uaddr, &info, sizeof(info)))
452 return -EFAULT; 467 return -EFAULT;
453 brcmf_dbg(CTL, "given %*s, returning %s\n", 468 brcmf_dbg(TRACE, "given %*s, returning %s\n",
454 (int)sizeof(drvname), drvname, info.driver); 469 (int)sizeof(drvname), drvname, info.driver);
455 break; 470 break;
456 471
@@ -570,14 +585,9 @@ static int brcmf_netdev_open(struct net_device *ndev)
570 /* Get current TOE mode from dongle */ 585 /* Get current TOE mode from dongle */
571 if (brcmf_fil_iovar_int_get(ifp, "toe_ol", &toe_ol) >= 0 586 if (brcmf_fil_iovar_int_get(ifp, "toe_ol", &toe_ol) >= 0
572 && (toe_ol & TOE_TX_CSUM_OL) != 0) 587 && (toe_ol & TOE_TX_CSUM_OL) != 0)
573 drvr->iflist[ifp->idx]->ndev->features |= 588 ndev->features |= NETIF_F_IP_CSUM;
574 NETIF_F_IP_CSUM;
575 else 589 else
576 drvr->iflist[ifp->idx]->ndev->features &= 590 ndev->features &= ~NETIF_F_IP_CSUM;
577 ~NETIF_F_IP_CSUM;
578
579 /* make sure RF is ready for work */
580 brcmf_fil_cmd_int_set(ifp, BRCMF_C_UP, 0);
581 591
582 /* Allow transmit calls */ 592 /* Allow transmit calls */
583 netif_start_queue(ndev); 593 netif_start_queue(ndev);
@@ -845,6 +855,17 @@ static void brcmf_bus_detach(struct brcmf_pub *drvr)
845 } 855 }
846} 856}
847 857
858void brcmf_dev_reset(struct device *dev)
859{
860 struct brcmf_bus *bus_if = dev_get_drvdata(dev);
861 struct brcmf_pub *drvr = bus_if->drvr;
862
863 if (drvr == NULL)
864 return;
865
866 brcmf_fil_cmd_int_set(drvr->iflist[0], BRCMF_C_TERMINATED, 1);
867}
868
848void brcmf_detach(struct device *dev) 869void brcmf_detach(struct device *dev)
849{ 870{
850 int i; 871 int i;
@@ -866,9 +887,8 @@ void brcmf_detach(struct device *dev)
866 887
867 brcmf_bus_detach(drvr); 888 brcmf_bus_detach(drvr);
868 889
869 if (drvr->prot) { 890 if (drvr->prot)
870 brcmf_proto_detach(drvr); 891 brcmf_proto_detach(drvr);
871 }
872 892
873 brcmf_debugfs_detach(drvr); 893 brcmf_debugfs_detach(drvr);
874 bus_if->drvr = NULL; 894 bus_if->drvr = NULL;
diff --git a/drivers/net/wireless/brcm80211/brcmfmac/dhd_sdio.c b/drivers/net/wireless/brcm80211/brcmfmac/dhd_sdio.c
index cf857f1edf8c..7fef9b5ba003 100644
--- a/drivers/net/wireless/brcm80211/brcmfmac/dhd_sdio.c
+++ b/drivers/net/wireless/brcm80211/brcmfmac/dhd_sdio.c
@@ -14,8 +14,6 @@
14 * CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE. 14 * CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE.
15 */ 15 */
16 16
17#define pr_fmt(fmt) KBUILD_MODNAME ": " fmt
18
19#include <linux/types.h> 17#include <linux/types.h>
20#include <linux/kernel.h> 18#include <linux/kernel.h>
21#include <linux/kthread.h> 19#include <linux/kthread.h>
@@ -1169,7 +1167,6 @@ static u8 brcmf_sdbrcm_rxglom(struct brcmf_sdio *bus, u8 rxseq)
1169 int errcode; 1167 int errcode;
1170 u8 doff, sfdoff; 1168 u8 doff, sfdoff;
1171 1169
1172 int ifidx = 0;
1173 bool usechain = bus->use_rxchain; 1170 bool usechain = bus->use_rxchain;
1174 1171
1175 struct brcmf_sdio_read rd_new; 1172 struct brcmf_sdio_read rd_new;
@@ -1388,13 +1385,6 @@ static u8 brcmf_sdbrcm_rxglom(struct brcmf_sdio *bus, u8 rxseq)
1388 skb_unlink(pfirst, &bus->glom); 1385 skb_unlink(pfirst, &bus->glom);
1389 brcmu_pkt_buf_free_skb(pfirst); 1386 brcmu_pkt_buf_free_skb(pfirst);
1390 continue; 1387 continue;
1391 } else if (brcmf_proto_hdrpull(bus->sdiodev->dev,
1392 &ifidx, pfirst) != 0) {
1393 brcmf_err("rx protocol error\n");
1394 bus->sdiodev->bus_if->dstats.rx_errors++;
1395 skb_unlink(pfirst, &bus->glom);
1396 brcmu_pkt_buf_free_skb(pfirst);
1397 continue;
1398 } 1388 }
1399 1389
1400 brcmf_dbg_hex_dump(BRCMF_GLOM_ON(), 1390 brcmf_dbg_hex_dump(BRCMF_GLOM_ON(),
@@ -1407,7 +1397,7 @@ static u8 brcmf_sdbrcm_rxglom(struct brcmf_sdio *bus, u8 rxseq)
1407 } 1397 }
1408 /* sent any remaining packets up */ 1398 /* sent any remaining packets up */
1409 if (bus->glom.qlen) 1399 if (bus->glom.qlen)
1410 brcmf_rx_frame(bus->sdiodev->dev, ifidx, &bus->glom); 1400 brcmf_rx_frames(bus->sdiodev->dev, &bus->glom);
1411 1401
1412 bus->sdcnt.rxglomframes++; 1402 bus->sdcnt.rxglomframes++;
1413 bus->sdcnt.rxglompkts += bus->glom.qlen; 1403 bus->sdcnt.rxglompkts += bus->glom.qlen;
@@ -1558,10 +1548,10 @@ static void brcmf_pad(struct brcmf_sdio *bus, u16 *pad, u16 *rdlen)
1558static uint brcmf_sdio_readframes(struct brcmf_sdio *bus, uint maxframes) 1548static uint brcmf_sdio_readframes(struct brcmf_sdio *bus, uint maxframes)
1559{ 1549{
1560 struct sk_buff *pkt; /* Packet for event or data frames */ 1550 struct sk_buff *pkt; /* Packet for event or data frames */
1551 struct sk_buff_head pktlist; /* needed for bus interface */
1561 u16 pad; /* Number of pad bytes to read */ 1552 u16 pad; /* Number of pad bytes to read */
1562 uint rxleft = 0; /* Remaining number of frames allowed */ 1553 uint rxleft = 0; /* Remaining number of frames allowed */
1563 int sdret; /* Return code from calls */ 1554 int sdret; /* Return code from calls */
1564 int ifidx = 0;
1565 uint rxcount = 0; /* Total frames read */ 1555 uint rxcount = 0; /* Total frames read */
1566 struct brcmf_sdio_read *rd = &bus->cur_read, rd_new; 1556 struct brcmf_sdio_read *rd = &bus->cur_read, rd_new;
1567 u8 head_read = 0; 1557 u8 head_read = 0;
@@ -1760,15 +1750,11 @@ static uint brcmf_sdio_readframes(struct brcmf_sdio *bus, uint maxframes)
1760 if (pkt->len == 0) { 1750 if (pkt->len == 0) {
1761 brcmu_pkt_buf_free_skb(pkt); 1751 brcmu_pkt_buf_free_skb(pkt);
1762 continue; 1752 continue;
1763 } else if (brcmf_proto_hdrpull(bus->sdiodev->dev, &ifidx,
1764 pkt) != 0) {
1765 brcmf_err("rx protocol error\n");
1766 brcmu_pkt_buf_free_skb(pkt);
1767 bus->sdiodev->bus_if->dstats.rx_errors++;
1768 continue;
1769 } 1753 }
1770 1754
1771 brcmf_rx_packet(bus->sdiodev->dev, ifidx, pkt); 1755 skb_queue_head_init(&pktlist);
1756 skb_queue_tail(&pktlist, pkt);
1757 brcmf_rx_frames(bus->sdiodev->dev, &pktlist);
1772 } 1758 }
1773 1759
1774 rxcount = maxframes - rxleft; 1760 rxcount = maxframes - rxleft;
diff --git a/drivers/net/wireless/brcm80211/brcmfmac/sdio_chip.c b/drivers/net/wireless/brcm80211/brcmfmac/sdio_chip.c
index b1bb46c49799..14be2d5530ce 100644
--- a/drivers/net/wireless/brcm80211/brcmfmac/sdio_chip.c
+++ b/drivers/net/wireless/brcm80211/brcmfmac/sdio_chip.c
@@ -15,8 +15,6 @@
15 */ 15 */
16/* ***** SDIO interface chip backplane handle functions ***** */ 16/* ***** SDIO interface chip backplane handle functions ***** */
17 17
18#define pr_fmt(fmt) KBUILD_MODNAME ": " fmt
19
20#include <linux/types.h> 18#include <linux/types.h>
21#include <linux/netdevice.h> 19#include <linux/netdevice.h>
22#include <linux/mmc/card.h> 20#include <linux/mmc/card.h>
diff --git a/drivers/net/wireless/brcm80211/brcmfmac/usb.c b/drivers/net/wireless/brcm80211/brcmfmac/usb.c
index 914c56fe6c5f..e15630cc3889 100644
--- a/drivers/net/wireless/brcm80211/brcmfmac/usb.c
+++ b/drivers/net/wireless/brcm80211/brcmfmac/usb.c
@@ -443,14 +443,15 @@ static void brcmf_usb_rx_complete(struct urb *urb)
443 struct brcmf_usbreq *req = (struct brcmf_usbreq *)urb->context; 443 struct brcmf_usbreq *req = (struct brcmf_usbreq *)urb->context;
444 struct brcmf_usbdev_info *devinfo = req->devinfo; 444 struct brcmf_usbdev_info *devinfo = req->devinfo;
445 struct sk_buff *skb; 445 struct sk_buff *skb;
446 int ifidx = 0; 446 struct sk_buff_head skbq;
447 447
448 brcmf_dbg(USB, "Enter, urb->status=%d\n", urb->status); 448 brcmf_dbg(USB, "Enter, urb->status=%d\n", urb->status);
449 brcmf_usb_del_fromq(devinfo, req); 449 brcmf_usb_del_fromq(devinfo, req);
450 skb = req->skb; 450 skb = req->skb;
451 req->skb = NULL; 451 req->skb = NULL;
452 452
453 if (urb->status == 0) { 453 /* zero lenght packets indicate usb "failure". Do not refill */
454 if (urb->status == 0 && urb->actual_length) {
454 devinfo->bus_pub.bus->dstats.rx_packets++; 455 devinfo->bus_pub.bus->dstats.rx_packets++;
455 } else { 456 } else {
456 devinfo->bus_pub.bus->dstats.rx_errors++; 457 devinfo->bus_pub.bus->dstats.rx_errors++;
@@ -460,13 +461,10 @@ static void brcmf_usb_rx_complete(struct urb *urb)
460 } 461 }
461 462
462 if (devinfo->bus_pub.state == BRCMFMAC_USB_STATE_UP) { 463 if (devinfo->bus_pub.state == BRCMFMAC_USB_STATE_UP) {
464 skb_queue_head_init(&skbq);
465 skb_queue_tail(&skbq, skb);
463 skb_put(skb, urb->actual_length); 466 skb_put(skb, urb->actual_length);
464 if (brcmf_proto_hdrpull(devinfo->dev, &ifidx, skb) != 0) { 467 brcmf_rx_frames(devinfo->dev, &skbq);
465 brcmf_err("rx protocol error\n");
466 brcmu_pkt_buf_free_skb(skb);
467 devinfo->bus_pub.bus->dstats.rx_errors++;
468 } else
469 brcmf_rx_packet(devinfo->dev, ifidx, skb);
470 brcmf_usb_rx_refill(devinfo, req); 468 brcmf_usb_rx_refill(devinfo, req);
471 } else { 469 } else {
472 brcmu_pkt_buf_free_skb(skb); 470 brcmu_pkt_buf_free_skb(skb);
@@ -1520,10 +1518,23 @@ static void brcmf_release_fw(struct list_head *q)
1520 } 1518 }
1521} 1519}
1522 1520
1521static int brcmf_usb_reset_device(struct device *dev, void *notused)
1522{
1523 /* device past is the usb interface so we
1524 * need to use parent here.
1525 */
1526 brcmf_dev_reset(dev->parent);
1527 return 0;
1528}
1523 1529
1524void brcmf_usb_exit(void) 1530void brcmf_usb_exit(void)
1525{ 1531{
1532 struct device_driver *drv = &brcmf_usbdrvr.drvwrap.driver;
1533 int ret;
1534
1526 brcmf_dbg(USB, "Enter\n"); 1535 brcmf_dbg(USB, "Enter\n");
1536 ret = driver_for_each_device(drv, NULL, NULL,
1537 brcmf_usb_reset_device);
1527 usb_deregister(&brcmf_usbdrvr); 1538 usb_deregister(&brcmf_usbdrvr);
1528 brcmf_release_fw(&fw_image_list); 1539 brcmf_release_fw(&fw_image_list);
1529} 1540}
diff --git a/drivers/net/wireless/brcm80211/brcmfmac/wl_cfg80211.c b/drivers/net/wireless/brcm80211/brcmfmac/wl_cfg80211.c
index 1261a9b84e04..62a528e8b958 100644
--- a/drivers/net/wireless/brcm80211/brcmfmac/wl_cfg80211.c
+++ b/drivers/net/wireless/brcm80211/brcmfmac/wl_cfg80211.c
@@ -16,8 +16,6 @@
16 16
17/* Toplevel file. Relies on dhd_linux.c to send commands to the dongle. */ 17/* Toplevel file. Relies on dhd_linux.c to send commands to the dongle. */
18 18
19#define pr_fmt(fmt) KBUILD_MODNAME ": " fmt
20
21#include <linux/kernel.h> 19#include <linux/kernel.h>
22#include <linux/etherdevice.h> 20#include <linux/etherdevice.h>
23#include <net/cfg80211.h> 21#include <net/cfg80211.h>
@@ -2011,67 +2009,6 @@ done:
2011 return err; 2009 return err;
2012} 2010}
2013 2011
2014static s32
2015brcmf_cfg80211_set_bitrate_mask(struct wiphy *wiphy, struct net_device *ndev,
2016 const u8 *addr,
2017 const struct cfg80211_bitrate_mask *mask)
2018{
2019 struct brcmf_if *ifp = netdev_priv(ndev);
2020 struct brcm_rateset_le rateset_le;
2021 s32 rate;
2022 s32 val;
2023 s32 err_bg;
2024 s32 err_a;
2025 u32 legacy;
2026 s32 err = 0;
2027
2028 brcmf_dbg(TRACE, "Enter\n");
2029 if (!check_vif_up(ifp->vif))
2030 return -EIO;
2031
2032 /* addr param is always NULL. ignore it */
2033 /* Get current rateset */
2034 err = brcmf_fil_cmd_data_get(ifp, BRCMF_C_GET_CURR_RATESET,
2035 &rateset_le, sizeof(rateset_le));
2036 if (err) {
2037 brcmf_err("could not get current rateset (%d)\n", err);
2038 goto done;
2039 }
2040
2041 legacy = ffs(mask->control[IEEE80211_BAND_2GHZ].legacy & 0xFFFF);
2042 if (!legacy)
2043 legacy = ffs(mask->control[IEEE80211_BAND_5GHZ].legacy &
2044 0xFFFF);
2045
2046 val = wl_g_rates[legacy - 1].bitrate * 100000;
2047
2048 if (val < le32_to_cpu(rateset_le.count))
2049 /* Select rate by rateset index */
2050 rate = rateset_le.rates[val] & 0x7f;
2051 else
2052 /* Specified rate in bps */
2053 rate = val / 500000;
2054
2055 brcmf_dbg(CONN, "rate %d mbps\n", rate / 2);
2056
2057 /*
2058 *
2059 * Set rate override,
2060 * Since the is a/b/g-blind, both a/bg_rate are enforced.
2061 */
2062 err_bg = brcmf_fil_iovar_int_set(ifp, "bg_rate", rate);
2063 err_a = brcmf_fil_iovar_int_set(ifp, "a_rate", rate);
2064 if (err_bg && err_a) {
2065 brcmf_err("could not set fixed rate (%d) (%d)\n", err_bg,
2066 err_a);
2067 err = err_bg | err_a;
2068 }
2069
2070done:
2071 brcmf_dbg(TRACE, "Exit\n");
2072 return err;
2073}
2074
2075static s32 brcmf_inform_single_bss(struct brcmf_cfg80211_info *cfg, 2012static s32 brcmf_inform_single_bss(struct brcmf_cfg80211_info *cfg,
2076 struct brcmf_bss_info_le *bi) 2013 struct brcmf_bss_info_le *bi)
2077{ 2014{
@@ -3091,10 +3028,11 @@ brcmf_configure_wpaie(struct net_device *ndev, struct brcmf_vs_tlv *wpa_ie,
3091 3028
3092 len = wpa_ie->len + TLV_HDR_LEN; 3029 len = wpa_ie->len + TLV_HDR_LEN;
3093 data = (u8 *)wpa_ie; 3030 data = (u8 *)wpa_ie;
3094 offset = 0; 3031 offset = TLV_HDR_LEN;
3095 if (!is_rsn_ie) 3032 if (!is_rsn_ie)
3096 offset += VS_IE_FIXED_HDR_LEN; 3033 offset += VS_IE_FIXED_HDR_LEN;
3097 offset += WPA_IE_VERSION_LEN; 3034 else
3035 offset += WPA_IE_VERSION_LEN;
3098 3036
3099 /* check for multicast cipher suite */ 3037 /* check for multicast cipher suite */
3100 if (offset + WPA_IE_MIN_OUI_LEN > len) { 3038 if (offset + WPA_IE_MIN_OUI_LEN > len) {
@@ -3703,7 +3641,6 @@ static struct cfg80211_ops wl_cfg80211_ops = {
3703 .set_default_key = brcmf_cfg80211_config_default_key, 3641 .set_default_key = brcmf_cfg80211_config_default_key,
3704 .set_default_mgmt_key = brcmf_cfg80211_config_default_mgmt_key, 3642 .set_default_mgmt_key = brcmf_cfg80211_config_default_mgmt_key,
3705 .set_power_mgmt = brcmf_cfg80211_set_power_mgmt, 3643 .set_power_mgmt = brcmf_cfg80211_set_power_mgmt,
3706 .set_bitrate_mask = brcmf_cfg80211_set_bitrate_mask,
3707 .connect = brcmf_cfg80211_connect, 3644 .connect = brcmf_cfg80211_connect,
3708 .disconnect = brcmf_cfg80211_disconnect, 3645 .disconnect = brcmf_cfg80211_disconnect,
3709 .suspend = brcmf_cfg80211_suspend, 3646 .suspend = brcmf_cfg80211_suspend,
@@ -4329,9 +4266,8 @@ void brcmf_cfg80211_detach(struct brcmf_cfg80211_info *cfg)
4329} 4266}
4330 4267
4331static s32 4268static s32
4332brcmf_dongle_roam(struct net_device *ndev, u32 roamvar, u32 bcn_timeout) 4269brcmf_dongle_roam(struct brcmf_if *ifp, u32 roamvar, u32 bcn_timeout)
4333{ 4270{
4334 struct brcmf_if *ifp = netdev_priv(ndev);
4335 s32 err = 0; 4271 s32 err = 0;
4336 __le32 roamtrigger[2]; 4272 __le32 roamtrigger[2];
4337 __le32 roam_delta[2]; 4273 __le32 roam_delta[2];
@@ -4382,10 +4318,9 @@ dongle_rom_out:
4382} 4318}
4383 4319
4384static s32 4320static s32
4385brcmf_dongle_scantime(struct net_device *ndev, s32 scan_assoc_time, 4321brcmf_dongle_scantime(struct brcmf_if *ifp, s32 scan_assoc_time,
4386 s32 scan_unassoc_time, s32 scan_passive_time) 4322 s32 scan_unassoc_time, s32 scan_passive_time)
4387{ 4323{
4388 struct brcmf_if *ifp = netdev_priv(ndev);
4389 s32 err = 0; 4324 s32 err = 0;
4390 4325
4391 err = brcmf_fil_cmd_int_set(ifp, BRCMF_C_SET_SCAN_CHANNEL_TIME, 4326 err = brcmf_fil_cmd_int_set(ifp, BRCMF_C_SET_SCAN_CHANNEL_TIME,
@@ -4455,6 +4390,7 @@ static s32 brcmf_config_dongle(struct brcmf_cfg80211_info *cfg)
4455{ 4390{
4456 struct net_device *ndev; 4391 struct net_device *ndev;
4457 struct wireless_dev *wdev; 4392 struct wireless_dev *wdev;
4393 struct brcmf_if *ifp;
4458 s32 power_mode; 4394 s32 power_mode;
4459 s32 err = 0; 4395 s32 err = 0;
4460 4396
@@ -4463,35 +4399,34 @@ static s32 brcmf_config_dongle(struct brcmf_cfg80211_info *cfg)
4463 4399
4464 ndev = cfg_to_ndev(cfg); 4400 ndev = cfg_to_ndev(cfg);
4465 wdev = ndev->ieee80211_ptr; 4401 wdev = ndev->ieee80211_ptr;
4402 ifp = netdev_priv(ndev);
4466 4403
4467 brcmf_dongle_scantime(ndev, WL_SCAN_CHANNEL_TIME, 4404 /* make sure RF is ready for work */
4468 WL_SCAN_UNASSOC_TIME, WL_SCAN_PASSIVE_TIME); 4405 brcmf_fil_cmd_int_set(ifp, BRCMF_C_UP, 0);
4406
4407 brcmf_dongle_scantime(ifp, WL_SCAN_CHANNEL_TIME,
4408 WL_SCAN_UNASSOC_TIME, WL_SCAN_PASSIVE_TIME);
4469 4409
4470 power_mode = cfg->pwr_save ? PM_FAST : PM_OFF; 4410 power_mode = cfg->pwr_save ? PM_FAST : PM_OFF;
4471 err = brcmf_fil_cmd_int_set(netdev_priv(ndev), BRCMF_C_SET_PM, 4411 err = brcmf_fil_cmd_int_set(ifp, BRCMF_C_SET_PM, power_mode);
4472 power_mode);
4473 if (err) 4412 if (err)
4474 goto default_conf_out; 4413 goto default_conf_out;
4475 brcmf_dbg(INFO, "power save set to %s\n", 4414 brcmf_dbg(INFO, "power save set to %s\n",
4476 (power_mode ? "enabled" : "disabled")); 4415 (power_mode ? "enabled" : "disabled"));
4477 4416
4478 err = brcmf_dongle_roam(ndev, (cfg->roam_on ? 0 : 1), 4417 err = brcmf_dongle_roam(ifp, (cfg->roam_on ? 0 : 1), WL_BEACON_TIMEOUT);
4479 WL_BEACON_TIMEOUT);
4480 if (err) 4418 if (err)
4481 goto default_conf_out; 4419 goto default_conf_out;
4482 err = brcmf_cfg80211_change_iface(wdev->wiphy, ndev, wdev->iftype, 4420 err = brcmf_cfg80211_change_iface(wdev->wiphy, ndev, wdev->iftype,
4483 NULL, NULL); 4421 NULL, NULL);
4484 if (err && err != -EINPROGRESS) 4422 if (err)
4485 goto default_conf_out; 4423 goto default_conf_out;
4486 err = brcmf_dongle_probecap(cfg); 4424 err = brcmf_dongle_probecap(cfg);
4487 if (err) 4425 if (err)
4488 goto default_conf_out; 4426 goto default_conf_out;
4489 4427
4490 /* -EINPROGRESS: Call commit handler */
4491
4492default_conf_out:
4493
4494 cfg->dongle_up = true; 4428 cfg->dongle_up = true;
4429default_conf_out:
4495 4430
4496 return err; 4431 return err;
4497 4432
@@ -4500,8 +4435,6 @@ default_conf_out:
4500static s32 __brcmf_cfg80211_up(struct brcmf_if *ifp) 4435static s32 __brcmf_cfg80211_up(struct brcmf_if *ifp)
4501{ 4436{
4502 set_bit(BRCMF_VIF_STATUS_READY, &ifp->vif->sme_state); 4437 set_bit(BRCMF_VIF_STATUS_READY, &ifp->vif->sme_state);
4503 if (ifp->idx)
4504 return 0;
4505 4438
4506 return brcmf_config_dongle(ifp->drvr->config); 4439 return brcmf_config_dongle(ifp->drvr->config);
4507} 4440}
diff --git a/drivers/net/wireless/brcm80211/brcmsmac/ampdu.c b/drivers/net/wireless/brcm80211/brcmsmac/ampdu.c
index 1de94f30564f..1585cc5bf866 100644
--- a/drivers/net/wireless/brcm80211/brcmsmac/ampdu.c
+++ b/drivers/net/wireless/brcm80211/brcmsmac/ampdu.c
@@ -961,7 +961,6 @@ brcms_c_ampdu_dotxstatus_complete(struct ampdu_info *ampdu, struct scb *scb,
961 /* if acked then clear bit and free packet */ 961 /* if acked then clear bit and free packet */
962 if ((bindex < AMPDU_TX_BA_MAX_WSIZE) 962 if ((bindex < AMPDU_TX_BA_MAX_WSIZE)
963 && isset(bitmap, bindex)) { 963 && isset(bitmap, bindex)) {
964 ini->tx_in_transit--;
965 ini->txretry[index] = 0; 964 ini->txretry[index] = 0;
966 965
967 /* 966 /*
@@ -990,7 +989,6 @@ brcms_c_ampdu_dotxstatus_complete(struct ampdu_info *ampdu, struct scb *scb,
990 if (retry && (ini->txretry[index] < (int)retry_limit)) { 989 if (retry && (ini->txretry[index] < (int)retry_limit)) {
991 int ret; 990 int ret;
992 ini->txretry[index]++; 991 ini->txretry[index]++;
993 ini->tx_in_transit--;
994 ret = brcms_c_txfifo(wlc, queue, p); 992 ret = brcms_c_txfifo(wlc, queue, p);
995 /* 993 /*
996 * We shouldn't be out of space in the DMA 994 * We shouldn't be out of space in the DMA
@@ -1000,7 +998,6 @@ brcms_c_ampdu_dotxstatus_complete(struct ampdu_info *ampdu, struct scb *scb,
1000 WARN_ONCE(ret, "queue %d out of txds\n", queue); 998 WARN_ONCE(ret, "queue %d out of txds\n", queue);
1001 } else { 999 } else {
1002 /* Retry timeout */ 1000 /* Retry timeout */
1003 ini->tx_in_transit--;
1004 ieee80211_tx_info_clear_status(tx_info); 1001 ieee80211_tx_info_clear_status(tx_info);
1005 tx_info->status.ampdu_ack_len = 0; 1002 tx_info->status.ampdu_ack_len = 0;
1006 tx_info->status.ampdu_len = 1; 1003 tx_info->status.ampdu_len = 1;
@@ -1009,8 +1006,8 @@ brcms_c_ampdu_dotxstatus_complete(struct ampdu_info *ampdu, struct scb *scb,
1009 skb_pull(p, D11_PHY_HDR_LEN); 1006 skb_pull(p, D11_PHY_HDR_LEN);
1010 skb_pull(p, D11_TXH_LEN); 1007 skb_pull(p, D11_TXH_LEN);
1011 brcms_dbg_ht(wlc->hw->d11core, 1008 brcms_dbg_ht(wlc->hw->d11core,
1012 "BA Timeout, seq %d, in_transit %d\n", 1009 "BA Timeout, seq %d\n",
1013 seq, ini->tx_in_transit); 1010 seq);
1014 ieee80211_tx_status_irqsafe(wlc->pub->ieee_hw, 1011 ieee80211_tx_status_irqsafe(wlc->pub->ieee_hw,
1015 p); 1012 p);
1016 } 1013 }
diff --git a/drivers/net/wireless/brcm80211/brcmsmac/channel.c b/drivers/net/wireless/brcm80211/brcmsmac/channel.c
index a90b72202ec5..cdb62b8ccc79 100644
--- a/drivers/net/wireless/brcm80211/brcmsmac/channel.c
+++ b/drivers/net/wireless/brcm80211/brcmsmac/channel.c
@@ -670,7 +670,7 @@ brcms_reg_apply_beaconing_flags(struct wiphy *wiphy,
670 struct ieee80211_supported_band *sband; 670 struct ieee80211_supported_band *sband;
671 struct ieee80211_channel *ch; 671 struct ieee80211_channel *ch;
672 const struct ieee80211_reg_rule *rule; 672 const struct ieee80211_reg_rule *rule;
673 int band, i, ret; 673 int band, i;
674 674
675 for (band = 0; band < IEEE80211_NUM_BANDS; band++) { 675 for (band = 0; band < IEEE80211_NUM_BANDS; band++) {
676 sband = wiphy->bands[band]; 676 sband = wiphy->bands[band];
@@ -685,9 +685,8 @@ brcms_reg_apply_beaconing_flags(struct wiphy *wiphy,
685 continue; 685 continue;
686 686
687 if (initiator == NL80211_REGDOM_SET_BY_COUNTRY_IE) { 687 if (initiator == NL80211_REGDOM_SET_BY_COUNTRY_IE) {
688 ret = freq_reg_info(wiphy, ch->center_freq, 688 rule = freq_reg_info(wiphy, ch->center_freq);
689 0, &rule); 689 if (IS_ERR(rule))
690 if (ret)
691 continue; 690 continue;
692 691
693 if (!(rule->flags & NL80211_RRF_NO_IBSS)) 692 if (!(rule->flags & NL80211_RRF_NO_IBSS))
@@ -703,8 +702,8 @@ brcms_reg_apply_beaconing_flags(struct wiphy *wiphy,
703 } 702 }
704} 703}
705 704
706static int brcms_reg_notifier(struct wiphy *wiphy, 705static void brcms_reg_notifier(struct wiphy *wiphy,
707 struct regulatory_request *request) 706 struct regulatory_request *request)
708{ 707{
709 struct ieee80211_hw *hw = wiphy_to_ieee80211_hw(wiphy); 708 struct ieee80211_hw *hw = wiphy_to_ieee80211_hw(wiphy);
710 struct brcms_info *wl = hw->priv; 709 struct brcms_info *wl = hw->priv;
@@ -745,8 +744,6 @@ static int brcms_reg_notifier(struct wiphy *wiphy,
745 if (wlc->pub->_nbands > 1 || wlc->band->bandtype == BRCM_BAND_2G) 744 if (wlc->pub->_nbands > 1 || wlc->band->bandtype == BRCM_BAND_2G)
746 wlc_phy_chanspec_ch14_widefilter_set(wlc->band->pi, 745 wlc_phy_chanspec_ch14_widefilter_set(wlc->band->pi,
747 brcms_c_japan_ccode(request->alpha2)); 746 brcms_c_japan_ccode(request->alpha2));
748
749 return 0;
750} 747}
751 748
752void brcms_c_regd_init(struct brcms_c_info *wlc) 749void brcms_c_regd_init(struct brcms_c_info *wlc)
diff --git a/drivers/net/wireless/brcm80211/brcmsmac/debug.h b/drivers/net/wireless/brcm80211/brcmsmac/debug.h
index 796836b0f469..822781cf15d4 100644
--- a/drivers/net/wireless/brcm80211/brcmsmac/debug.h
+++ b/drivers/net/wireless/brcm80211/brcmsmac/debug.h
@@ -1,5 +1,6 @@
1/* 1/*
2 * Copyright (c) 2012 Broadcom Corporation 2 * Copyright (c) 2012 Broadcom Corporation
3 * Copyright (c) 2012 Canonical Ltd.
3 * 4 *
4 * Permission to use, copy, modify, and/or distribute this software for any 5 * Permission to use, copy, modify, and/or distribute this software for any
5 * purpose with or without fee is hereby granted, provided that the above 6 * purpose with or without fee is hereby granted, provided that the above
diff --git a/drivers/net/wireless/brcm80211/brcmsmac/mac80211_if.c b/drivers/net/wireless/brcm80211/brcmsmac/mac80211_if.c
index 1fbd8ecbe2ea..b1dd5600fd02 100644
--- a/drivers/net/wireless/brcm80211/brcmsmac/mac80211_if.c
+++ b/drivers/net/wireless/brcm80211/brcmsmac/mac80211_if.c
@@ -362,8 +362,11 @@ brcms_ops_add_interface(struct ieee80211_hw *hw, struct ieee80211_vif *vif)
362 return -EOPNOTSUPP; 362 return -EOPNOTSUPP;
363 } 363 }
364 364
365 spin_lock_bh(&wl->lock);
366 memcpy(wl->pub->cur_etheraddr, vif->addr, sizeof(vif->addr));
365 wl->mute_tx = false; 367 wl->mute_tx = false;
366 brcms_c_mute(wl->wlc, false); 368 brcms_c_mute(wl->wlc, false);
369 spin_unlock_bh(&wl->lock);
367 370
368 return 0; 371 return 0;
369} 372}
@@ -539,9 +542,8 @@ brcms_ops_bss_info_changed(struct ieee80211_hw *hw,
539 542
540 if (changed & BSS_CHANGED_ARP_FILTER) { 543 if (changed & BSS_CHANGED_ARP_FILTER) {
541 /* Hardware ARP filter address list or state changed */ 544 /* Hardware ARP filter address list or state changed */
542 brcms_err(core, "%s: arp filtering: enabled %s, count %d" 545 brcms_err(core, "%s: arp filtering: %d addresses"
543 " (implement)\n", __func__, info->arp_filter_enabled ? 546 " (implement)\n", __func__, info->arp_addr_cnt);
544 "true" : "false", info->arp_addr_cnt);
545 } 547 }
546 548
547 if (changed & BSS_CHANGED_QOS) { 549 if (changed & BSS_CHANGED_QOS) {
@@ -668,7 +670,9 @@ brcms_ops_ampdu_action(struct ieee80211_hw *hw,
668 ieee80211_start_tx_ba_cb_irqsafe(vif, sta->addr, tid); 670 ieee80211_start_tx_ba_cb_irqsafe(vif, sta->addr, tid);
669 break; 671 break;
670 672
671 case IEEE80211_AMPDU_TX_STOP: 673 case IEEE80211_AMPDU_TX_STOP_CONT:
674 case IEEE80211_AMPDU_TX_STOP_FLUSH:
675 case IEEE80211_AMPDU_TX_STOP_FLUSH_CONT:
672 spin_lock_bh(&wl->lock); 676 spin_lock_bh(&wl->lock);
673 brcms_c_ampdu_flush(wl->wlc, sta, tid); 677 brcms_c_ampdu_flush(wl->wlc, sta, tid);
674 spin_unlock_bh(&wl->lock); 678 spin_unlock_bh(&wl->lock);
@@ -1407,9 +1411,10 @@ void brcms_add_timer(struct brcms_timer *t, uint ms, int periodic)
1407#endif 1411#endif
1408 t->ms = ms; 1412 t->ms = ms;
1409 t->periodic = (bool) periodic; 1413 t->periodic = (bool) periodic;
1410 t->set = true; 1414 if (!t->set) {
1411 1415 t->set = true;
1412 atomic_inc(&t->wl->callbacks); 1416 atomic_inc(&t->wl->callbacks);
1417 }
1413 1418
1414 ieee80211_queue_delayed_work(hw, &t->dly_wrk, msecs_to_jiffies(ms)); 1419 ieee80211_queue_delayed_work(hw, &t->dly_wrk, msecs_to_jiffies(ms));
1415} 1420}
diff --git a/drivers/net/wireless/brcm80211/brcmsmac/main.c b/drivers/net/wireless/brcm80211/brcmsmac/main.c
index 17594de4199e..c26992a60e6c 100644
--- a/drivers/net/wireless/brcm80211/brcmsmac/main.c
+++ b/drivers/net/wireless/brcm80211/brcmsmac/main.c
@@ -2473,6 +2473,7 @@ static void brcms_b_tx_fifo_resume(struct brcms_hardware *wlc_hw,
2473static void brcms_b_mute(struct brcms_hardware *wlc_hw, bool mute_tx) 2473static void brcms_b_mute(struct brcms_hardware *wlc_hw, bool mute_tx)
2474{ 2474{
2475 static const u8 null_ether_addr[ETH_ALEN] = {0, 0, 0, 0, 0, 0}; 2475 static const u8 null_ether_addr[ETH_ALEN] = {0, 0, 0, 0, 0, 0};
2476 u8 *ethaddr = wlc_hw->wlc->pub->cur_etheraddr;
2476 2477
2477 if (mute_tx) { 2478 if (mute_tx) {
2478 /* suspend tx fifos */ 2479 /* suspend tx fifos */
@@ -2482,8 +2483,7 @@ static void brcms_b_mute(struct brcms_hardware *wlc_hw, bool mute_tx)
2482 brcms_b_tx_fifo_suspend(wlc_hw, TX_AC_VI_FIFO); 2483 brcms_b_tx_fifo_suspend(wlc_hw, TX_AC_VI_FIFO);
2483 2484
2484 /* zero the address match register so we do not send ACKs */ 2485 /* zero the address match register so we do not send ACKs */
2485 brcms_b_set_addrmatch(wlc_hw, RCM_MAC_OFFSET, 2486 brcms_b_set_addrmatch(wlc_hw, RCM_MAC_OFFSET, null_ether_addr);
2486 null_ether_addr);
2487 } else { 2487 } else {
2488 /* resume tx fifos */ 2488 /* resume tx fifos */
2489 brcms_b_tx_fifo_resume(wlc_hw, TX_DATA_FIFO); 2489 brcms_b_tx_fifo_resume(wlc_hw, TX_DATA_FIFO);
@@ -2492,8 +2492,7 @@ static void brcms_b_mute(struct brcms_hardware *wlc_hw, bool mute_tx)
2492 brcms_b_tx_fifo_resume(wlc_hw, TX_AC_VI_FIFO); 2492 brcms_b_tx_fifo_resume(wlc_hw, TX_AC_VI_FIFO);
2493 2493
2494 /* Restore address */ 2494 /* Restore address */
2495 brcms_b_set_addrmatch(wlc_hw, RCM_MAC_OFFSET, 2495 brcms_b_set_addrmatch(wlc_hw, RCM_MAC_OFFSET, ethaddr);
2496 wlc_hw->etheraddr);
2497 } 2496 }
2498 2497
2499 wlc_phy_mute_upd(wlc_hw->band->pi, mute_tx, 0); 2498 wlc_phy_mute_upd(wlc_hw->band->pi, mute_tx, 0);
@@ -7633,7 +7632,7 @@ brcms_b_recv(struct brcms_hardware *wlc_hw, uint fifo, bool bound)
7633 7632
7634 uint n = 0; 7633 uint n = 0;
7635 uint bound_limit = bound ? RXBND : -1; 7634 uint bound_limit = bound ? RXBND : -1;
7636 bool morepending; 7635 bool morepending = false;
7637 7636
7638 skb_queue_head_init(&recv_frames); 7637 skb_queue_head_init(&recv_frames);
7639 7638
diff --git a/drivers/net/wireless/brcm80211/brcmsmac/phy/phy_lcn.c b/drivers/net/wireless/brcm80211/brcmsmac/phy/phy_lcn.c
index 606b534347bc..21a824232478 100644
--- a/drivers/net/wireless/brcm80211/brcmsmac/phy/phy_lcn.c
+++ b/drivers/net/wireless/brcm80211/brcmsmac/phy/phy_lcn.c
@@ -1343,13 +1343,13 @@ static bool wlc_lcnphy_rx_iq_cal_gain(struct brcms_phy *pi, u16 biq1_gain,
1343 1343
1344 wlc_lcnphy_rx_gain_override_enable(pi, true); 1344 wlc_lcnphy_rx_gain_override_enable(pi, true);
1345 wlc_lcnphy_start_tx_tone(pi, 2000, (40 >> 1), 0); 1345 wlc_lcnphy_start_tx_tone(pi, 2000, (40 >> 1), 0);
1346 usleep_range(500, 500); 1346 udelay(500);
1347 write_radio_reg(pi, RADIO_2064_REG112, 0); 1347 write_radio_reg(pi, RADIO_2064_REG112, 0);
1348 if (!wlc_lcnphy_rx_iq_est(pi, 1024, 32, &iq_est_l)) 1348 if (!wlc_lcnphy_rx_iq_est(pi, 1024, 32, &iq_est_l))
1349 return false; 1349 return false;
1350 1350
1351 wlc_lcnphy_start_tx_tone(pi, 2000, 40, 0); 1351 wlc_lcnphy_start_tx_tone(pi, 2000, 40, 0);
1352 usleep_range(500, 500); 1352 udelay(500);
1353 write_radio_reg(pi, RADIO_2064_REG112, 0); 1353 write_radio_reg(pi, RADIO_2064_REG112, 0);
1354 if (!wlc_lcnphy_rx_iq_est(pi, 1024, 32, &iq_est_h)) 1354 if (!wlc_lcnphy_rx_iq_est(pi, 1024, 32, &iq_est_h))
1355 return false; 1355 return false;
diff --git a/drivers/net/wireless/brcm80211/brcmsmac/scb.h b/drivers/net/wireless/brcm80211/brcmsmac/scb.h
index 51c79c7239b7..3a3d73699f83 100644
--- a/drivers/net/wireless/brcm80211/brcmsmac/scb.h
+++ b/drivers/net/wireless/brcm80211/brcmsmac/scb.h
@@ -36,7 +36,6 @@
36 36
37/* structure to store per-tid state for the ampdu initiator */ 37/* structure to store per-tid state for the ampdu initiator */
38struct scb_ampdu_tid_ini { 38struct scb_ampdu_tid_ini {
39 u8 tx_in_transit; /* number of pending mpdus in transit in driver */
40 u8 tid; /* initiator tid for easy lookup */ 39 u8 tid; /* initiator tid for easy lookup */
41 /* tx retry count; indexed by seq modulo */ 40 /* tx retry count; indexed by seq modulo */
42 u8 txretry[AMPDU_TX_BA_MAX_WSIZE]; 41 u8 txretry[AMPDU_TX_BA_MAX_WSIZE];
diff --git a/drivers/net/wireless/iwlegacy/3945-mac.c b/drivers/net/wireless/iwlegacy/3945-mac.c
index d604b4036a76..050ce7c70d74 100644
--- a/drivers/net/wireless/iwlegacy/3945-mac.c
+++ b/drivers/net/wireless/iwlegacy/3945-mac.c
@@ -3273,7 +3273,7 @@ il3945_store_measurement(struct device *d, struct device_attribute *attr,
3273 3273
3274 if (count) { 3274 if (count) {
3275 char *p = buffer; 3275 char *p = buffer;
3276 strncpy(buffer, buf, min(sizeof(buffer), count)); 3276 strlcpy(buffer, buf, sizeof(buffer));
3277 channel = simple_strtoul(p, NULL, 0); 3277 channel = simple_strtoul(p, NULL, 0);
3278 if (channel) 3278 if (channel)
3279 params.channel = channel; 3279 params.channel = channel;
@@ -3474,6 +3474,7 @@ struct ieee80211_ops il3945_mac_ops = {
3474 .sta_add = il3945_mac_sta_add, 3474 .sta_add = il3945_mac_sta_add,
3475 .sta_remove = il_mac_sta_remove, 3475 .sta_remove = il_mac_sta_remove,
3476 .tx_last_beacon = il_mac_tx_last_beacon, 3476 .tx_last_beacon = il_mac_tx_last_beacon,
3477 .flush = il_mac_flush,
3477}; 3478};
3478 3479
3479static int 3480static int
@@ -3548,7 +3549,8 @@ il3945_setup_mac(struct il_priv *il)
3548 hw->vif_data_size = sizeof(struct il_vif_priv); 3549 hw->vif_data_size = sizeof(struct il_vif_priv);
3549 3550
3550 /* Tell mac80211 our characteristics */ 3551 /* Tell mac80211 our characteristics */
3551 hw->flags = IEEE80211_HW_SIGNAL_DBM | IEEE80211_HW_SPECTRUM_MGMT; 3552 hw->flags = IEEE80211_HW_SIGNAL_DBM | IEEE80211_HW_SPECTRUM_MGMT |
3553 IEEE80211_HW_SUPPORTS_PS | IEEE80211_HW_SUPPORTS_DYNAMIC_PS;
3552 3554
3553 hw->wiphy->interface_modes = 3555 hw->wiphy->interface_modes =
3554 BIT(NL80211_IFTYPE_STATION) | BIT(NL80211_IFTYPE_ADHOC); 3556 BIT(NL80211_IFTYPE_STATION) | BIT(NL80211_IFTYPE_ADHOC);
@@ -3557,6 +3559,8 @@ il3945_setup_mac(struct il_priv *il)
3557 WIPHY_FLAG_CUSTOM_REGULATORY | WIPHY_FLAG_DISABLE_BEACON_HINTS | 3559 WIPHY_FLAG_CUSTOM_REGULATORY | WIPHY_FLAG_DISABLE_BEACON_HINTS |
3558 WIPHY_FLAG_IBSS_RSN; 3560 WIPHY_FLAG_IBSS_RSN;
3559 3561
3562 hw->wiphy->flags &= ~WIPHY_FLAG_PS_ON_BY_DEFAULT;
3563
3560 hw->wiphy->max_scan_ssids = PROBE_OPTION_MAX_3945; 3564 hw->wiphy->max_scan_ssids = PROBE_OPTION_MAX_3945;
3561 /* we create the 802.11 header and a zero-length SSID element */ 3565 /* we create the 802.11 header and a zero-length SSID element */
3562 hw->wiphy->max_scan_ie_len = IL3945_MAX_PROBE_REQUEST - 24 - 2; 3566 hw->wiphy->max_scan_ie_len = IL3945_MAX_PROBE_REQUEST - 24 - 2;
diff --git a/drivers/net/wireless/iwlegacy/4965-mac.c b/drivers/net/wireless/iwlegacy/4965-mac.c
index c3fbf6717564..d665a3d9f08f 100644
--- a/drivers/net/wireless/iwlegacy/4965-mac.c
+++ b/drivers/net/wireless/iwlegacy/4965-mac.c
@@ -5712,8 +5712,8 @@ il4965_mac_setup_register(struct il_priv *il, u32 max_probe_length)
5712 hw->flags = 5712 hw->flags =
5713 IEEE80211_HW_SIGNAL_DBM | IEEE80211_HW_AMPDU_AGGREGATION | 5713 IEEE80211_HW_SIGNAL_DBM | IEEE80211_HW_AMPDU_AGGREGATION |
5714 IEEE80211_HW_NEED_DTIM_PERIOD | IEEE80211_HW_SPECTRUM_MGMT | 5714 IEEE80211_HW_NEED_DTIM_PERIOD | IEEE80211_HW_SPECTRUM_MGMT |
5715 IEEE80211_HW_REPORTS_TX_ACK_STATUS; 5715 IEEE80211_HW_REPORTS_TX_ACK_STATUS | IEEE80211_HW_SUPPORTS_PS |
5716 5716 IEEE80211_HW_SUPPORTS_DYNAMIC_PS;
5717 if (il->cfg->sku & IL_SKU_N) 5717 if (il->cfg->sku & IL_SKU_N)
5718 hw->flags |= 5718 hw->flags |=
5719 IEEE80211_HW_SUPPORTS_DYNAMIC_SMPS | 5719 IEEE80211_HW_SUPPORTS_DYNAMIC_SMPS |
@@ -5968,7 +5968,9 @@ il4965_mac_ampdu_action(struct ieee80211_hw *hw, struct ieee80211_vif *vif,
5968 D_HT("start Tx\n"); 5968 D_HT("start Tx\n");
5969 ret = il4965_tx_agg_start(il, vif, sta, tid, ssn); 5969 ret = il4965_tx_agg_start(il, vif, sta, tid, ssn);
5970 break; 5970 break;
5971 case IEEE80211_AMPDU_TX_STOP: 5971 case IEEE80211_AMPDU_TX_STOP_CONT:
5972 case IEEE80211_AMPDU_TX_STOP_FLUSH:
5973 case IEEE80211_AMPDU_TX_STOP_FLUSH_CONT:
5972 D_HT("stop Tx\n"); 5974 D_HT("stop Tx\n");
5973 ret = il4965_tx_agg_stop(il, vif, sta, tid); 5975 ret = il4965_tx_agg_stop(il, vif, sta, tid);
5974 if (test_bit(S_EXIT_PENDING, &il->status)) 5976 if (test_bit(S_EXIT_PENDING, &il->status))
@@ -6306,6 +6308,7 @@ const struct ieee80211_ops il4965_mac_ops = {
6306 .sta_remove = il_mac_sta_remove, 6308 .sta_remove = il_mac_sta_remove,
6307 .channel_switch = il4965_mac_channel_switch, 6309 .channel_switch = il4965_mac_channel_switch,
6308 .tx_last_beacon = il_mac_tx_last_beacon, 6310 .tx_last_beacon = il_mac_tx_last_beacon,
6311 .flush = il_mac_flush,
6309}; 6312};
6310 6313
6311static int 6314static int
@@ -6553,6 +6556,7 @@ il4965_pci_probe(struct pci_dev *pdev, const struct pci_device_id *ent)
6553 il4965_prepare_card_hw(il); 6556 il4965_prepare_card_hw(il);
6554 if (!il->hw_ready) { 6557 if (!il->hw_ready) {
6555 IL_WARN("Failed, HW not ready\n"); 6558 IL_WARN("Failed, HW not ready\n");
6559 err = -EIO;
6556 goto out_iounmap; 6560 goto out_iounmap;
6557 } 6561 }
6558 6562
@@ -6569,9 +6573,6 @@ il4965_pci_probe(struct pci_dev *pdev, const struct pci_device_id *ent)
6569 if (err) 6573 if (err)
6570 goto out_free_eeprom; 6574 goto out_free_eeprom;
6571 6575
6572 if (err)
6573 goto out_free_eeprom;
6574
6575 /* extract MAC Address */ 6576 /* extract MAC Address */
6576 il4965_eeprom_get_mac(il, il->addresses[0].addr); 6577 il4965_eeprom_get_mac(il, il->addresses[0].addr);
6577 D_INFO("MAC address: %pM\n", il->addresses[0].addr); 6578 D_INFO("MAC address: %pM\n", il->addresses[0].addr);
diff --git a/drivers/net/wireless/iwlegacy/4965.c b/drivers/net/wireless/iwlegacy/4965.c
index 5db11714e047..91eb2d07fdb8 100644
--- a/drivers/net/wireless/iwlegacy/4965.c
+++ b/drivers/net/wireless/iwlegacy/4965.c
@@ -1748,7 +1748,6 @@ static void
1748il4965_post_associate(struct il_priv *il) 1748il4965_post_associate(struct il_priv *il)
1749{ 1749{
1750 struct ieee80211_vif *vif = il->vif; 1750 struct ieee80211_vif *vif = il->vif;
1751 struct ieee80211_conf *conf = NULL;
1752 int ret = 0; 1751 int ret = 0;
1753 1752
1754 if (!vif || !il->is_open) 1753 if (!vif || !il->is_open)
@@ -1759,8 +1758,6 @@ il4965_post_associate(struct il_priv *il)
1759 1758
1760 il_scan_cancel_timeout(il, 200); 1759 il_scan_cancel_timeout(il, 200);
1761 1760
1762 conf = &il->hw->conf;
1763
1764 il->staging.filter_flags &= ~RXON_FILTER_ASSOC_MSK; 1761 il->staging.filter_flags &= ~RXON_FILTER_ASSOC_MSK;
1765 il_commit_rxon(il); 1762 il_commit_rxon(il);
1766 1763
diff --git a/drivers/net/wireless/iwlegacy/commands.h b/drivers/net/wireless/iwlegacy/commands.h
index 25dd7d28d022..829d3b9aaa17 100644
--- a/drivers/net/wireless/iwlegacy/commands.h
+++ b/drivers/net/wireless/iwlegacy/commands.h
@@ -1134,7 +1134,7 @@ struct il_wep_cmd {
1134#define RX_RES_PHY_FLAGS_MOD_CCK_MSK cpu_to_le16(1 << 1) 1134#define RX_RES_PHY_FLAGS_MOD_CCK_MSK cpu_to_le16(1 << 1)
1135#define RX_RES_PHY_FLAGS_SHORT_PREAMBLE_MSK cpu_to_le16(1 << 2) 1135#define RX_RES_PHY_FLAGS_SHORT_PREAMBLE_MSK cpu_to_le16(1 << 2)
1136#define RX_RES_PHY_FLAGS_NARROW_BAND_MSK cpu_to_le16(1 << 3) 1136#define RX_RES_PHY_FLAGS_NARROW_BAND_MSK cpu_to_le16(1 << 3)
1137#define RX_RES_PHY_FLAGS_ANTENNA_MSK 0xf0 1137#define RX_RES_PHY_FLAGS_ANTENNA_MSK 0x70
1138#define RX_RES_PHY_FLAGS_ANTENNA_POS 4 1138#define RX_RES_PHY_FLAGS_ANTENNA_POS 4
1139 1139
1140#define RX_RES_STATUS_SEC_TYPE_MSK (0x7 << 8) 1140#define RX_RES_STATUS_SEC_TYPE_MSK (0x7 << 8)
diff --git a/drivers/net/wireless/iwlegacy/common.c b/drivers/net/wireless/iwlegacy/common.c
index 7e16d10a7f14..1f598604a79c 100644
--- a/drivers/net/wireless/iwlegacy/common.c
+++ b/drivers/net/wireless/iwlegacy/common.c
@@ -3958,17 +3958,21 @@ il_connection_init_rx_config(struct il_priv *il)
3958 3958
3959 memset(&il->staging, 0, sizeof(il->staging)); 3959 memset(&il->staging, 0, sizeof(il->staging));
3960 3960
3961 if (!il->vif) { 3961 switch (il->iw_mode) {
3962 case NL80211_IFTYPE_UNSPECIFIED:
3962 il->staging.dev_type = RXON_DEV_TYPE_ESS; 3963 il->staging.dev_type = RXON_DEV_TYPE_ESS;
3963 } else if (il->vif->type == NL80211_IFTYPE_STATION) { 3964 break;
3965 case NL80211_IFTYPE_STATION:
3964 il->staging.dev_type = RXON_DEV_TYPE_ESS; 3966 il->staging.dev_type = RXON_DEV_TYPE_ESS;
3965 il->staging.filter_flags = RXON_FILTER_ACCEPT_GRP_MSK; 3967 il->staging.filter_flags = RXON_FILTER_ACCEPT_GRP_MSK;
3966 } else if (il->vif->type == NL80211_IFTYPE_ADHOC) { 3968 break;
3969 case NL80211_IFTYPE_ADHOC:
3967 il->staging.dev_type = RXON_DEV_TYPE_IBSS; 3970 il->staging.dev_type = RXON_DEV_TYPE_IBSS;
3968 il->staging.flags = RXON_FLG_SHORT_PREAMBLE_MSK; 3971 il->staging.flags = RXON_FLG_SHORT_PREAMBLE_MSK;
3969 il->staging.filter_flags = 3972 il->staging.filter_flags =
3970 RXON_FILTER_BCON_AWARE_MSK | RXON_FILTER_ACCEPT_GRP_MSK; 3973 RXON_FILTER_BCON_AWARE_MSK | RXON_FILTER_ACCEPT_GRP_MSK;
3971 } else { 3974 break;
3975 default:
3972 IL_ERR("Unsupported interface type %d\n", il->vif->type); 3976 IL_ERR("Unsupported interface type %d\n", il->vif->type);
3973 return; 3977 return;
3974 } 3978 }
@@ -4550,8 +4554,7 @@ out:
4550EXPORT_SYMBOL(il_mac_add_interface); 4554EXPORT_SYMBOL(il_mac_add_interface);
4551 4555
4552static void 4556static void
4553il_teardown_interface(struct il_priv *il, struct ieee80211_vif *vif, 4557il_teardown_interface(struct il_priv *il, struct ieee80211_vif *vif)
4554 bool mode_change)
4555{ 4558{
4556 lockdep_assert_held(&il->mutex); 4559 lockdep_assert_held(&il->mutex);
4557 4560
@@ -4560,9 +4563,7 @@ il_teardown_interface(struct il_priv *il, struct ieee80211_vif *vif,
4560 il_force_scan_end(il); 4563 il_force_scan_end(il);
4561 } 4564 }
4562 4565
4563 if (!mode_change) 4566 il_set_mode(il);
4564 il_set_mode(il);
4565
4566} 4567}
4567 4568
4568void 4569void
@@ -4575,8 +4576,8 @@ il_mac_remove_interface(struct ieee80211_hw *hw, struct ieee80211_vif *vif)
4575 4576
4576 WARN_ON(il->vif != vif); 4577 WARN_ON(il->vif != vif);
4577 il->vif = NULL; 4578 il->vif = NULL;
4578 4579 il->iw_mode = NL80211_IFTYPE_UNSPECIFIED;
4579 il_teardown_interface(il, vif, false); 4580 il_teardown_interface(il, vif);
4580 memset(il->bssid, 0, ETH_ALEN); 4581 memset(il->bssid, 0, ETH_ALEN);
4581 4582
4582 D_MAC80211("leave\n"); 4583 D_MAC80211("leave\n");
@@ -4685,18 +4686,10 @@ il_mac_change_interface(struct ieee80211_hw *hw, struct ieee80211_vif *vif,
4685 } 4686 }
4686 4687
4687 /* success */ 4688 /* success */
4688 il_teardown_interface(il, vif, true);
4689 vif->type = newtype; 4689 vif->type = newtype;
4690 vif->p2p = false; 4690 vif->p2p = false;
4691 err = il_set_mode(il); 4691 il->iw_mode = newtype;
4692 WARN_ON(err); 4692 il_teardown_interface(il, vif);
4693 /*
4694 * We've switched internally, but submitting to the
4695 * device may have failed for some reason. Mask this
4696 * error, because otherwise mac80211 will not switch
4697 * (and set the interface type back) and we'll be
4698 * out of sync with it.
4699 */
4700 err = 0; 4693 err = 0;
4701 4694
4702out: 4695out:
@@ -4707,6 +4700,42 @@ out:
4707} 4700}
4708EXPORT_SYMBOL(il_mac_change_interface); 4701EXPORT_SYMBOL(il_mac_change_interface);
4709 4702
4703void
4704il_mac_flush(struct ieee80211_hw *hw, bool drop)
4705{
4706 struct il_priv *il = hw->priv;
4707 unsigned long timeout = jiffies + msecs_to_jiffies(500);
4708 int i;
4709
4710 mutex_lock(&il->mutex);
4711 D_MAC80211("enter\n");
4712
4713 if (il->txq == NULL)
4714 goto out;
4715
4716 for (i = 0; i < il->hw_params.max_txq_num; i++) {
4717 struct il_queue *q;
4718
4719 if (i == il->cmd_queue)
4720 continue;
4721
4722 q = &il->txq[i].q;
4723 if (q->read_ptr == q->write_ptr)
4724 continue;
4725
4726 if (time_after(jiffies, timeout)) {
4727 IL_ERR("Failed to flush queue %d\n", q->id);
4728 break;
4729 }
4730
4731 msleep(20);
4732 }
4733out:
4734 D_MAC80211("leave\n");
4735 mutex_unlock(&il->mutex);
4736}
4737EXPORT_SYMBOL(il_mac_flush);
4738
4710/* 4739/*
4711 * On every watchdog tick we check (latest) time stamp. If it does not 4740 * On every watchdog tick we check (latest) time stamp. If it does not
4712 * change during timeout period and queue is not empty we reset firmware. 4741 * change during timeout period and queue is not empty we reset firmware.
diff --git a/drivers/net/wireless/iwlegacy/common.h b/drivers/net/wireless/iwlegacy/common.h
index a9a569f432fb..37fe553b25e0 100644
--- a/drivers/net/wireless/iwlegacy/common.h
+++ b/drivers/net/wireless/iwlegacy/common.h
@@ -1723,6 +1723,7 @@ void il_mac_remove_interface(struct ieee80211_hw *hw,
1723 struct ieee80211_vif *vif); 1723 struct ieee80211_vif *vif);
1724int il_mac_change_interface(struct ieee80211_hw *hw, struct ieee80211_vif *vif, 1724int il_mac_change_interface(struct ieee80211_hw *hw, struct ieee80211_vif *vif,
1725 enum nl80211_iftype newtype, bool newp2p); 1725 enum nl80211_iftype newtype, bool newp2p);
1726void il_mac_flush(struct ieee80211_hw *hw, bool drop);
1726int il_alloc_txq_mem(struct il_priv *il); 1727int il_alloc_txq_mem(struct il_priv *il);
1727void il_free_txq_mem(struct il_priv *il); 1728void il_free_txq_mem(struct il_priv *il);
1728 1729
diff --git a/drivers/net/wireless/iwlwifi/dvm/mac80211.c b/drivers/net/wireless/iwlwifi/dvm/mac80211.c
index 293c7bf3f826..b55181275fd0 100644
--- a/drivers/net/wireless/iwlwifi/dvm/mac80211.c
+++ b/drivers/net/wireless/iwlwifi/dvm/mac80211.c
@@ -677,7 +677,9 @@ static int iwlagn_mac_ampdu_action(struct ieee80211_hw *hw,
677 IWL_DEBUG_HT(priv, "start Tx\n"); 677 IWL_DEBUG_HT(priv, "start Tx\n");
678 ret = iwlagn_tx_agg_start(priv, vif, sta, tid, ssn); 678 ret = iwlagn_tx_agg_start(priv, vif, sta, tid, ssn);
679 break; 679 break;
680 case IEEE80211_AMPDU_TX_STOP: 680 case IEEE80211_AMPDU_TX_STOP_CONT:
681 case IEEE80211_AMPDU_TX_STOP_FLUSH:
682 case IEEE80211_AMPDU_TX_STOP_FLUSH_CONT:
681 IWL_DEBUG_HT(priv, "stop Tx\n"); 683 IWL_DEBUG_HT(priv, "stop Tx\n");
682 ret = iwlagn_tx_agg_stop(priv, vif, sta, tid); 684 ret = iwlagn_tx_agg_stop(priv, vif, sta, tid);
683 if ((ret == 0) && (priv->agg_tids_count > 0)) { 685 if ((ret == 0) && (priv->agg_tids_count > 0)) {
@@ -1152,6 +1154,7 @@ static int iwlagn_mac_cancel_remain_on_channel(struct ieee80211_hw *hw)
1152} 1154}
1153 1155
1154static void iwlagn_mac_rssi_callback(struct ieee80211_hw *hw, 1156static void iwlagn_mac_rssi_callback(struct ieee80211_hw *hw,
1157 struct ieee80211_vif *vif,
1155 enum ieee80211_rssi_event rssi_event) 1158 enum ieee80211_rssi_event rssi_event)
1156{ 1159{
1157 struct iwl_priv *priv = IWL_MAC80211_GET_DVM(hw); 1160 struct iwl_priv *priv = IWL_MAC80211_GET_DVM(hw);
diff --git a/drivers/net/wireless/iwlwifi/dvm/tx.c b/drivers/net/wireless/iwlwifi/dvm/tx.c
index 4bd42cdfdf55..7b0550d35a91 100644
--- a/drivers/net/wireless/iwlwifi/dvm/tx.c
+++ b/drivers/net/wireless/iwlwifi/dvm/tx.c
@@ -1071,6 +1071,8 @@ static void iwlagn_set_tx_status(struct iwl_priv *priv,
1071{ 1071{
1072 u16 status = le16_to_cpu(tx_resp->status.status); 1072 u16 status = le16_to_cpu(tx_resp->status.status);
1073 1073
1074 info->flags &= ~IEEE80211_TX_CTL_AMPDU;
1075
1074 info->status.rates[0].count = tx_resp->failure_frame + 1; 1076 info->status.rates[0].count = tx_resp->failure_frame + 1;
1075 info->flags |= iwl_tx_status_to_mac80211(status); 1077 info->flags |= iwl_tx_status_to_mac80211(status);
1076 iwlagn_hwrate_to_tx_control(priv, le32_to_cpu(tx_resp->rate_n_flags), 1078 iwlagn_hwrate_to_tx_control(priv, le32_to_cpu(tx_resp->rate_n_flags),
@@ -1143,13 +1145,6 @@ int iwlagn_rx_reply_tx(struct iwl_priv *priv, struct iwl_rx_cmd_buffer *rxb,
1143 next_reclaimed = ssn; 1145 next_reclaimed = ssn;
1144 } 1146 }
1145 1147
1146 if (tid != IWL_TID_NON_QOS) {
1147 priv->tid_data[sta_id][tid].next_reclaimed =
1148 next_reclaimed;
1149 IWL_DEBUG_TX_REPLY(priv, "Next reclaimed packet:%d\n",
1150 next_reclaimed);
1151 }
1152
1153 iwl_trans_reclaim(priv->trans, txq_id, ssn, &skbs); 1148 iwl_trans_reclaim(priv->trans, txq_id, ssn, &skbs);
1154 1149
1155 iwlagn_check_ratid_empty(priv, sta_id, tid); 1150 iwlagn_check_ratid_empty(priv, sta_id, tid);
@@ -1200,11 +1195,28 @@ int iwlagn_rx_reply_tx(struct iwl_priv *priv, struct iwl_rx_cmd_buffer *rxb,
1200 if (!is_agg) 1195 if (!is_agg)
1201 iwlagn_non_agg_tx_status(priv, ctx, hdr->addr1); 1196 iwlagn_non_agg_tx_status(priv, ctx, hdr->addr1);
1202 1197
1198 /*
1199 * W/A for FW bug - the seq_ctl isn't updated when the
1200 * queues are flushed. Fetch it from the packet itself
1201 */
1202 if (!is_agg && status == TX_STATUS_FAIL_FIFO_FLUSHED) {
1203 next_reclaimed = le16_to_cpu(hdr->seq_ctrl);
1204 next_reclaimed =
1205 SEQ_TO_SN(next_reclaimed + 0x10);
1206 }
1207
1203 is_offchannel_skb = 1208 is_offchannel_skb =
1204 (info->flags & IEEE80211_TX_CTL_TX_OFFCHAN); 1209 (info->flags & IEEE80211_TX_CTL_TX_OFFCHAN);
1205 freed++; 1210 freed++;
1206 } 1211 }
1207 1212
1213 if (tid != IWL_TID_NON_QOS) {
1214 priv->tid_data[sta_id][tid].next_reclaimed =
1215 next_reclaimed;
1216 IWL_DEBUG_TX_REPLY(priv, "Next reclaimed packet:%d\n",
1217 next_reclaimed);
1218 }
1219
1208 if (!is_agg && freed != 1) 1220 if (!is_agg && freed != 1)
1209 IWL_ERR(priv, "Q: %d, freed %d\n", txq_id, freed); 1221 IWL_ERR(priv, "Q: %d, freed %d\n", txq_id, freed);
1210 1222
diff --git a/drivers/net/wireless/iwlwifi/pcie/rx.c b/drivers/net/wireless/iwlwifi/pcie/rx.c
index a2f351779941..a9ca1d35fa93 100644
--- a/drivers/net/wireless/iwlwifi/pcie/rx.c
+++ b/drivers/net/wireless/iwlwifi/pcie/rx.c
@@ -1173,6 +1173,7 @@ static irqreturn_t iwl_pcie_isr(int irq, void *data)
1173 else if (test_bit(STATUS_INT_ENABLED, &trans_pcie->status) && 1173 else if (test_bit(STATUS_INT_ENABLED, &trans_pcie->status) &&
1174 !trans_pcie->inta) 1174 !trans_pcie->inta)
1175 iwl_enable_interrupts(trans); 1175 iwl_enable_interrupts(trans);
1176 return IRQ_HANDLED;
1176 1177
1177none: 1178none:
1178 /* re-enable interrupts here since we don't have anything to service. */ 1179 /* re-enable interrupts here since we don't have anything to service. */
diff --git a/drivers/net/wireless/libertas/cfg.c b/drivers/net/wireless/libertas/cfg.c
index ec6d5d6b452e..230f8ebbe289 100644
--- a/drivers/net/wireless/libertas/cfg.c
+++ b/drivers/net/wireless/libertas/cfg.c
@@ -2132,6 +2132,21 @@ static void lbs_cfg_set_regulatory_hint(struct lbs_private *priv)
2132 lbs_deb_leave(LBS_DEB_CFG80211); 2132 lbs_deb_leave(LBS_DEB_CFG80211);
2133} 2133}
2134 2134
2135static void lbs_reg_notifier(struct wiphy *wiphy,
2136 struct regulatory_request *request)
2137{
2138 struct lbs_private *priv = wiphy_priv(wiphy);
2139
2140 lbs_deb_enter_args(LBS_DEB_CFG80211, "cfg80211 regulatory domain "
2141 "callback for domain %c%c\n", request->alpha2[0],
2142 request->alpha2[1]);
2143
2144 memcpy(priv->country_code, request->alpha2, sizeof(request->alpha2));
2145 if (lbs_iface_active(priv))
2146 lbs_set_11d_domain_info(priv);
2147
2148 lbs_deb_leave(LBS_DEB_CFG80211);
2149}
2135 2150
2136/* 2151/*
2137 * This function get's called after lbs_setup_firmware() determined the 2152 * This function get's called after lbs_setup_firmware() determined the
@@ -2184,24 +2199,6 @@ int lbs_cfg_register(struct lbs_private *priv)
2184 return ret; 2199 return ret;
2185} 2200}
2186 2201
2187int lbs_reg_notifier(struct wiphy *wiphy,
2188 struct regulatory_request *request)
2189{
2190 struct lbs_private *priv = wiphy_priv(wiphy);
2191 int ret = 0;
2192
2193 lbs_deb_enter_args(LBS_DEB_CFG80211, "cfg80211 regulatory domain "
2194 "callback for domain %c%c\n", request->alpha2[0],
2195 request->alpha2[1]);
2196
2197 memcpy(priv->country_code, request->alpha2, sizeof(request->alpha2));
2198 if (lbs_iface_active(priv))
2199 ret = lbs_set_11d_domain_info(priv);
2200
2201 lbs_deb_leave(LBS_DEB_CFG80211);
2202 return ret;
2203}
2204
2205void lbs_scan_deinit(struct lbs_private *priv) 2202void lbs_scan_deinit(struct lbs_private *priv)
2206{ 2203{
2207 lbs_deb_enter(LBS_DEB_CFG80211); 2204 lbs_deb_enter(LBS_DEB_CFG80211);
diff --git a/drivers/net/wireless/libertas/cfg.h b/drivers/net/wireless/libertas/cfg.h
index 558168ce634d..10995f59fe34 100644
--- a/drivers/net/wireless/libertas/cfg.h
+++ b/drivers/net/wireless/libertas/cfg.h
@@ -10,9 +10,6 @@ struct wireless_dev *lbs_cfg_alloc(struct device *dev);
10int lbs_cfg_register(struct lbs_private *priv); 10int lbs_cfg_register(struct lbs_private *priv);
11void lbs_cfg_free(struct lbs_private *priv); 11void lbs_cfg_free(struct lbs_private *priv);
12 12
13int lbs_reg_notifier(struct wiphy *wiphy,
14 struct regulatory_request *request);
15
16void lbs_send_disconnect_notification(struct lbs_private *priv); 13void lbs_send_disconnect_notification(struct lbs_private *priv);
17void lbs_send_mic_failureevent(struct lbs_private *priv, u32 event); 14void lbs_send_mic_failureevent(struct lbs_private *priv, u32 event);
18 15
diff --git a/drivers/net/wireless/mac80211_hwsim.c b/drivers/net/wireless/mac80211_hwsim.c
index ff9085502bea..b73e497fe770 100644
--- a/drivers/net/wireless/mac80211_hwsim.c
+++ b/drivers/net/wireless/mac80211_hwsim.c
@@ -48,6 +48,10 @@ static int channels = 1;
48module_param(channels, int, 0444); 48module_param(channels, int, 0444);
49MODULE_PARM_DESC(channels, "Number of concurrent channels"); 49MODULE_PARM_DESC(channels, "Number of concurrent channels");
50 50
51static bool paged_rx = false;
52module_param(paged_rx, bool, 0644);
53MODULE_PARM_DESC(paged_rx, "Use paged SKBs for RX instead of linear ones");
54
51/** 55/**
52 * enum hwsim_regtest - the type of regulatory tests we offer 56 * enum hwsim_regtest - the type of regulatory tests we offer
53 * 57 *
@@ -333,11 +337,11 @@ struct mac80211_hwsim_data {
333 int scan_chan_idx; 337 int scan_chan_idx;
334 338
335 struct ieee80211_channel *channel; 339 struct ieee80211_channel *channel;
336 unsigned long beacon_int; /* in jiffies unit */ 340 u64 beacon_int /* beacon interval in us */;
337 unsigned int rx_filter; 341 unsigned int rx_filter;
338 bool started, idle, scanning; 342 bool started, idle, scanning;
339 struct mutex mutex; 343 struct mutex mutex;
340 struct timer_list beacon_timer; 344 struct tasklet_hrtimer beacon_timer;
341 enum ps_mode { 345 enum ps_mode {
342 PS_DISABLED, PS_ENABLED, PS_AUTO_POLL, PS_MANUAL_POLL 346 PS_DISABLED, PS_ENABLED, PS_AUTO_POLL, PS_MANUAL_POLL
343 } ps; 347 } ps;
@@ -357,7 +361,10 @@ struct mac80211_hwsim_data {
357 int power_level; 361 int power_level;
358 362
359 /* difference between this hw's clock and the real clock, in usecs */ 363 /* difference between this hw's clock and the real clock, in usecs */
360 u64 tsf_offset; 364 s64 tsf_offset;
365 s64 bcn_delta;
366 /* absolute beacon transmission time. Used to cover up "tx" delay. */
367 u64 abs_bcn_ts;
361}; 368};
362 369
363 370
@@ -405,15 +412,19 @@ static netdev_tx_t hwsim_mon_xmit(struct sk_buff *skb,
405 return NETDEV_TX_OK; 412 return NETDEV_TX_OK;
406} 413}
407 414
415static inline u64 mac80211_hwsim_get_tsf_raw(void)
416{
417 return ktime_to_us(ktime_get_real());
418}
419
408static __le64 __mac80211_hwsim_get_tsf(struct mac80211_hwsim_data *data) 420static __le64 __mac80211_hwsim_get_tsf(struct mac80211_hwsim_data *data)
409{ 421{
410 struct timeval tv = ktime_to_timeval(ktime_get_real()); 422 u64 now = mac80211_hwsim_get_tsf_raw();
411 u64 now = tv.tv_sec * USEC_PER_SEC + tv.tv_usec;
412 return cpu_to_le64(now + data->tsf_offset); 423 return cpu_to_le64(now + data->tsf_offset);
413} 424}
414 425
415static u64 mac80211_hwsim_get_tsf(struct ieee80211_hw *hw, 426static u64 mac80211_hwsim_get_tsf(struct ieee80211_hw *hw,
416 struct ieee80211_vif *vif) 427 struct ieee80211_vif *vif)
417{ 428{
418 struct mac80211_hwsim_data *data = hw->priv; 429 struct mac80211_hwsim_data *data = hw->priv;
419 return le64_to_cpu(__mac80211_hwsim_get_tsf(data)); 430 return le64_to_cpu(__mac80211_hwsim_get_tsf(data));
@@ -423,9 +434,13 @@ static void mac80211_hwsim_set_tsf(struct ieee80211_hw *hw,
423 struct ieee80211_vif *vif, u64 tsf) 434 struct ieee80211_vif *vif, u64 tsf)
424{ 435{
425 struct mac80211_hwsim_data *data = hw->priv; 436 struct mac80211_hwsim_data *data = hw->priv;
426 struct timeval tv = ktime_to_timeval(ktime_get_real()); 437 u64 now = mac80211_hwsim_get_tsf(hw, vif);
427 u64 now = tv.tv_sec * USEC_PER_SEC + tv.tv_usec; 438 u32 bcn_int = data->beacon_int;
428 data->tsf_offset = tsf - now; 439 s64 delta = tsf - now;
440
441 data->tsf_offset += delta;
442 /* adjust after beaconing with new timestamp at old TBTT */
443 data->bcn_delta = do_div(delta, bcn_int);
429} 444}
430 445
431static void mac80211_hwsim_monitor_rx(struct ieee80211_hw *hw, 446static void mac80211_hwsim_monitor_rx(struct ieee80211_hw *hw,
@@ -696,7 +711,7 @@ static bool mac80211_hwsim_tx_frame_no_nl(struct ieee80211_hw *hw,
696 struct ieee80211_hdr *hdr = (struct ieee80211_hdr *) skb->data; 711 struct ieee80211_hdr *hdr = (struct ieee80211_hdr *) skb->data;
697 struct ieee80211_tx_info *info = IEEE80211_SKB_CB(skb); 712 struct ieee80211_tx_info *info = IEEE80211_SKB_CB(skb);
698 struct ieee80211_rx_status rx_status; 713 struct ieee80211_rx_status rx_status;
699 struct ieee80211_rate *txrate = ieee80211_get_tx_rate(hw, info); 714 u64 now;
700 715
701 memset(&rx_status, 0, sizeof(rx_status)); 716 memset(&rx_status, 0, sizeof(rx_status));
702 rx_status.flag |= RX_FLAG_MACTIME_START; 717 rx_status.flag |= RX_FLAG_MACTIME_START;
@@ -722,11 +737,23 @@ static bool mac80211_hwsim_tx_frame_no_nl(struct ieee80211_hw *hw,
722 secpath_reset(skb); 737 secpath_reset(skb);
723 nf_reset(skb); 738 nf_reset(skb);
724 739
740 /*
741 * Get absolute mactime here so all HWs RX at the "same time", and
742 * absolute TX time for beacon mactime so the timestamp matches.
743 * Giving beacons a different mactime than non-beacons looks messy, but
744 * it helps the Toffset be exact and a ~10us mactime discrepancy
745 * probably doesn't really matter.
746 */
747 if (ieee80211_is_beacon(hdr->frame_control) ||
748 ieee80211_is_probe_resp(hdr->frame_control))
749 now = data->abs_bcn_ts;
750 else
751 now = mac80211_hwsim_get_tsf_raw();
752
725 /* Copy skb to all enabled radios that are on the current frequency */ 753 /* Copy skb to all enabled radios that are on the current frequency */
726 spin_lock(&hwsim_radio_lock); 754 spin_lock(&hwsim_radio_lock);
727 list_for_each_entry(data2, &hwsim_radios, list) { 755 list_for_each_entry(data2, &hwsim_radios, list) {
728 struct sk_buff *nskb; 756 struct sk_buff *nskb;
729 struct ieee80211_mgmt *mgmt;
730 struct tx_iter_data tx_iter_data = { 757 struct tx_iter_data tx_iter_data = {
731 .receive = false, 758 .receive = false,
732 .channel = chan, 759 .channel = chan,
@@ -755,24 +782,30 @@ static bool mac80211_hwsim_tx_frame_no_nl(struct ieee80211_hw *hw,
755 * reserve some space for our vendor and the normal 782 * reserve some space for our vendor and the normal
756 * radiotap header, since we're copying anyway 783 * radiotap header, since we're copying anyway
757 */ 784 */
758 nskb = skb_copy_expand(skb, 64, 0, GFP_ATOMIC); 785 if (skb->len < PAGE_SIZE && paged_rx) {
759 if (nskb == NULL) 786 struct page *page = alloc_page(GFP_ATOMIC);
760 continue; 787
788 if (!page)
789 continue;
790
791 nskb = dev_alloc_skb(128);
792 if (!nskb) {
793 __free_page(page);
794 continue;
795 }
796
797 memcpy(page_address(page), skb->data, skb->len);
798 skb_add_rx_frag(nskb, 0, page, 0, skb->len, skb->len);
799 } else {
800 nskb = skb_copy(skb, GFP_ATOMIC);
801 if (!nskb)
802 continue;
803 }
761 804
762 if (mac80211_hwsim_addr_match(data2, hdr->addr1)) 805 if (mac80211_hwsim_addr_match(data2, hdr->addr1))
763 ack = true; 806 ack = true;
764 807
765 /* set bcn timestamp relative to receiver mactime */ 808 rx_status.mactime = now + data2->tsf_offset;
766 rx_status.mactime =
767 le64_to_cpu(__mac80211_hwsim_get_tsf(data2));
768 mgmt = (struct ieee80211_mgmt *) nskb->data;
769 if (ieee80211_is_beacon(mgmt->frame_control) ||
770 ieee80211_is_probe_resp(mgmt->frame_control))
771 mgmt->u.beacon.timestamp = cpu_to_le64(
772 rx_status.mactime +
773 (data->tsf_offset - data2->tsf_offset) +
774 24 * 8 * 10 / txrate->bitrate);
775
776#if 0 809#if 0
777 /* 810 /*
778 * Don't enable this code by default as the OUI 00:00:00 811 * Don't enable this code by default as the OUI 00:00:00
@@ -896,7 +929,7 @@ static void mac80211_hwsim_stop(struct ieee80211_hw *hw)
896{ 929{
897 struct mac80211_hwsim_data *data = hw->priv; 930 struct mac80211_hwsim_data *data = hw->priv;
898 data->started = false; 931 data->started = false;
899 del_timer(&data->beacon_timer); 932 tasklet_hrtimer_cancel(&data->beacon_timer);
900 wiphy_debug(hw->wiphy, "%s\n", __func__); 933 wiphy_debug(hw->wiphy, "%s\n", __func__);
901} 934}
902 935
@@ -962,7 +995,11 @@ static void mac80211_hwsim_tx_frame(struct ieee80211_hw *hw,
962static void mac80211_hwsim_beacon_tx(void *arg, u8 *mac, 995static void mac80211_hwsim_beacon_tx(void *arg, u8 *mac,
963 struct ieee80211_vif *vif) 996 struct ieee80211_vif *vif)
964{ 997{
965 struct ieee80211_hw *hw = arg; 998 struct mac80211_hwsim_data *data = arg;
999 struct ieee80211_hw *hw = data->hw;
1000 struct ieee80211_tx_info *info;
1001 struct ieee80211_rate *txrate;
1002 struct ieee80211_mgmt *mgmt;
966 struct sk_buff *skb; 1003 struct sk_buff *skb;
967 1004
968 hwsim_check_magic(vif); 1005 hwsim_check_magic(vif);
@@ -975,26 +1012,48 @@ static void mac80211_hwsim_beacon_tx(void *arg, u8 *mac,
975 skb = ieee80211_beacon_get(hw, vif); 1012 skb = ieee80211_beacon_get(hw, vif);
976 if (skb == NULL) 1013 if (skb == NULL)
977 return; 1014 return;
1015 info = IEEE80211_SKB_CB(skb);
1016 txrate = ieee80211_get_tx_rate(hw, info);
1017
1018 mgmt = (struct ieee80211_mgmt *) skb->data;
1019 /* fake header transmission time */
1020 data->abs_bcn_ts = mac80211_hwsim_get_tsf_raw();
1021 mgmt->u.beacon.timestamp = cpu_to_le64(data->abs_bcn_ts +
1022 data->tsf_offset +
1023 24 * 8 * 10 / txrate->bitrate);
978 1024
979 mac80211_hwsim_tx_frame(hw, skb, 1025 mac80211_hwsim_tx_frame(hw, skb,
980 rcu_dereference(vif->chanctx_conf)->def.chan); 1026 rcu_dereference(vif->chanctx_conf)->def.chan);
981} 1027}
982 1028
983 1029static enum hrtimer_restart
984static void mac80211_hwsim_beacon(unsigned long arg) 1030mac80211_hwsim_beacon(struct hrtimer *timer)
985{ 1031{
986 struct ieee80211_hw *hw = (struct ieee80211_hw *) arg; 1032 struct mac80211_hwsim_data *data =
987 struct mac80211_hwsim_data *data = hw->priv; 1033 container_of(timer, struct mac80211_hwsim_data,
1034 beacon_timer.timer);
1035 struct ieee80211_hw *hw = data->hw;
1036 u64 bcn_int = data->beacon_int;
1037 ktime_t next_bcn;
988 1038
989 if (!data->started) 1039 if (!data->started)
990 return; 1040 goto out;
991 1041
992 ieee80211_iterate_active_interfaces_atomic( 1042 ieee80211_iterate_active_interfaces_atomic(
993 hw, IEEE80211_IFACE_ITER_NORMAL, 1043 hw, IEEE80211_IFACE_ITER_NORMAL,
994 mac80211_hwsim_beacon_tx, hw); 1044 mac80211_hwsim_beacon_tx, data);
1045
1046 /* beacon at new TBTT + beacon interval */
1047 if (data->bcn_delta) {
1048 bcn_int -= data->bcn_delta;
1049 data->bcn_delta = 0;
1050 }
995 1051
996 data->beacon_timer.expires = jiffies + data->beacon_int; 1052 next_bcn = ktime_add(hrtimer_get_expires(timer),
997 add_timer(&data->beacon_timer); 1053 ns_to_ktime(bcn_int * 1000));
1054 tasklet_hrtimer_start(&data->beacon_timer, next_bcn, HRTIMER_MODE_ABS);
1055out:
1056 return HRTIMER_NORESTART;
998} 1057}
999 1058
1000static const char *hwsim_chantypes[] = { 1059static const char *hwsim_chantypes[] = {
@@ -1032,9 +1091,16 @@ static int mac80211_hwsim_config(struct ieee80211_hw *hw, u32 changed)
1032 1091
1033 data->power_level = conf->power_level; 1092 data->power_level = conf->power_level;
1034 if (!data->started || !data->beacon_int) 1093 if (!data->started || !data->beacon_int)
1035 del_timer(&data->beacon_timer); 1094 tasklet_hrtimer_cancel(&data->beacon_timer);
1036 else 1095 else if (!hrtimer_is_queued(&data->beacon_timer.timer)) {
1037 mod_timer(&data->beacon_timer, jiffies + data->beacon_int); 1096 u64 tsf = mac80211_hwsim_get_tsf(hw, NULL);
1097 u32 bcn_int = data->beacon_int;
1098 u64 until_tbtt = bcn_int - do_div(tsf, bcn_int);
1099
1100 tasklet_hrtimer_start(&data->beacon_timer,
1101 ns_to_ktime(until_tbtt * 1000),
1102 HRTIMER_MODE_REL);
1103 }
1038 1104
1039 return 0; 1105 return 0;
1040} 1106}
@@ -1084,12 +1150,26 @@ static void mac80211_hwsim_bss_info_changed(struct ieee80211_hw *hw,
1084 1150
1085 if (changed & BSS_CHANGED_BEACON_INT) { 1151 if (changed & BSS_CHANGED_BEACON_INT) {
1086 wiphy_debug(hw->wiphy, " BCNINT: %d\n", info->beacon_int); 1152 wiphy_debug(hw->wiphy, " BCNINT: %d\n", info->beacon_int);
1087 data->beacon_int = 1024 * info->beacon_int / 1000 * HZ / 1000; 1153 data->beacon_int = info->beacon_int * 1024;
1088 if (WARN_ON(!data->beacon_int)) 1154 }
1089 data->beacon_int = 1; 1155
1090 if (data->started) 1156 if (changed & BSS_CHANGED_BEACON_ENABLED) {
1091 mod_timer(&data->beacon_timer, 1157 wiphy_debug(hw->wiphy, " BCN EN: %d\n", info->enable_beacon);
1092 jiffies + data->beacon_int); 1158 if (data->started &&
1159 !hrtimer_is_queued(&data->beacon_timer.timer) &&
1160 info->enable_beacon) {
1161 u64 tsf, until_tbtt;
1162 u32 bcn_int;
1163 if (WARN_ON(!data->beacon_int))
1164 data->beacon_int = 1000 * 1024;
1165 tsf = mac80211_hwsim_get_tsf(hw, vif);
1166 bcn_int = data->beacon_int;
1167 until_tbtt = bcn_int - do_div(tsf, bcn_int);
1168 tasklet_hrtimer_start(&data->beacon_timer,
1169 ns_to_ktime(until_tbtt * 1000),
1170 HRTIMER_MODE_REL);
1171 } else if (!info->enable_beacon)
1172 tasklet_hrtimer_cancel(&data->beacon_timer);
1093 } 1173 }
1094 1174
1095 if (changed & BSS_CHANGED_ERP_CTS_PROT) { 1175 if (changed & BSS_CHANGED_ERP_CTS_PROT) {
@@ -1292,7 +1372,9 @@ static int mac80211_hwsim_ampdu_action(struct ieee80211_hw *hw,
1292 case IEEE80211_AMPDU_TX_START: 1372 case IEEE80211_AMPDU_TX_START:
1293 ieee80211_start_tx_ba_cb_irqsafe(vif, sta->addr, tid); 1373 ieee80211_start_tx_ba_cb_irqsafe(vif, sta->addr, tid);
1294 break; 1374 break;
1295 case IEEE80211_AMPDU_TX_STOP: 1375 case IEEE80211_AMPDU_TX_STOP_CONT:
1376 case IEEE80211_AMPDU_TX_STOP_FLUSH:
1377 case IEEE80211_AMPDU_TX_STOP_FLUSH_CONT:
1296 ieee80211_stop_tx_ba_cb_irqsafe(vif, sta->addr, tid); 1378 ieee80211_stop_tx_ba_cb_irqsafe(vif, sta->addr, tid);
1297 break; 1379 break;
1298 case IEEE80211_AMPDU_TX_OPERATIONAL: 1380 case IEEE80211_AMPDU_TX_OPERATIONAL:
@@ -2370,8 +2452,9 @@ static int __init init_mac80211_hwsim(void)
2370 data->debugfs, data, 2452 data->debugfs, data,
2371 &hwsim_fops_group); 2453 &hwsim_fops_group);
2372 2454
2373 setup_timer(&data->beacon_timer, mac80211_hwsim_beacon, 2455 tasklet_hrtimer_init(&data->beacon_timer,
2374 (unsigned long) hw); 2456 mac80211_hwsim_beacon,
2457 CLOCK_REALTIME, HRTIMER_MODE_ABS);
2375 2458
2376 list_add_tail(&data->list, &hwsim_radios); 2459 list_add_tail(&data->list, &hwsim_radios);
2377 } 2460 }
diff --git a/drivers/net/wireless/mwifiex/11n.c b/drivers/net/wireless/mwifiex/11n.c
index 245a371f1a43..9cd6216c61e6 100644
--- a/drivers/net/wireless/mwifiex/11n.c
+++ b/drivers/net/wireless/mwifiex/11n.c
@@ -53,7 +53,9 @@ mwifiex_fill_cap_info(struct mwifiex_private *priv, u8 radio_type,
53 sizeof(sband->ht_cap.mcs)); 53 sizeof(sband->ht_cap.mcs));
54 54
55 if (priv->bss_mode == NL80211_IFTYPE_STATION || 55 if (priv->bss_mode == NL80211_IFTYPE_STATION ||
56 sband->ht_cap.cap & IEEE80211_HT_CAP_SUP_WIDTH_20_40) 56 (sband->ht_cap.cap & IEEE80211_HT_CAP_SUP_WIDTH_20_40 &&
57 (priv->adapter->sec_chan_offset !=
58 IEEE80211_HT_PARAM_CHA_SEC_NONE)))
57 /* Set MCS32 for infra mode or ad-hoc mode with 40MHz support */ 59 /* Set MCS32 for infra mode or ad-hoc mode with 40MHz support */
58 SETHT_MCS32(ht_cap->ht_cap.mcs.rx_mask); 60 SETHT_MCS32(ht_cap->ht_cap.mcs.rx_mask);
59 61
diff --git a/drivers/net/wireless/mwifiex/11n_aggr.c b/drivers/net/wireless/mwifiex/11n_aggr.c
index 68d52cfc1ebd..af8fe6352eed 100644
--- a/drivers/net/wireless/mwifiex/11n_aggr.c
+++ b/drivers/net/wireless/mwifiex/11n_aggr.c
@@ -278,14 +278,16 @@ mwifiex_11n_aggregate_pkt(struct mwifiex_private *priv,
278 dev_dbg(adapter->dev, "data: -EBUSY is returned\n"); 278 dev_dbg(adapter->dev, "data: -EBUSY is returned\n");
279 break; 279 break;
280 case -1: 280 case -1:
281 adapter->data_sent = false; 281 if (adapter->iface_type != MWIFIEX_PCIE)
282 adapter->data_sent = false;
282 dev_err(adapter->dev, "%s: host_to_card failed: %#x\n", 283 dev_err(adapter->dev, "%s: host_to_card failed: %#x\n",
283 __func__, ret); 284 __func__, ret);
284 adapter->dbg.num_tx_host_to_card_failure++; 285 adapter->dbg.num_tx_host_to_card_failure++;
285 mwifiex_write_data_complete(adapter, skb_aggr, 1, ret); 286 mwifiex_write_data_complete(adapter, skb_aggr, 1, ret);
286 return 0; 287 return 0;
287 case -EINPROGRESS: 288 case -EINPROGRESS:
288 adapter->data_sent = false; 289 if (adapter->iface_type != MWIFIEX_PCIE)
290 adapter->data_sent = false;
289 break; 291 break;
290 case 0: 292 case 0:
291 mwifiex_write_data_complete(adapter, skb_aggr, 1, ret); 293 mwifiex_write_data_complete(adapter, skb_aggr, 1, ret);
diff --git a/drivers/net/wireless/mwifiex/cfg80211.c b/drivers/net/wireless/mwifiex/cfg80211.c
index a875499f8945..3a004b85b99f 100644
--- a/drivers/net/wireless/mwifiex/cfg80211.c
+++ b/drivers/net/wireless/mwifiex/cfg80211.c
@@ -519,8 +519,8 @@ static int mwifiex_send_domain_info_cmd_fw(struct wiphy *wiphy)
519 * - Set by user 519 * - Set by user
520 * - Set bt Country IE 520 * - Set bt Country IE
521 */ 521 */
522static int mwifiex_reg_notifier(struct wiphy *wiphy, 522static void mwifiex_reg_notifier(struct wiphy *wiphy,
523 struct regulatory_request *request) 523 struct regulatory_request *request)
524{ 524{
525 struct mwifiex_adapter *adapter = mwifiex_cfg80211_get_adapter(wiphy); 525 struct mwifiex_adapter *adapter = mwifiex_cfg80211_get_adapter(wiphy);
526 526
@@ -540,8 +540,6 @@ static int mwifiex_reg_notifier(struct wiphy *wiphy,
540 break; 540 break;
541 } 541 }
542 mwifiex_send_domain_info_cmd_fw(wiphy); 542 mwifiex_send_domain_info_cmd_fw(wiphy);
543
544 return 0;
545} 543}
546 544
547/* 545/*
@@ -1327,6 +1325,7 @@ static int mwifiex_cfg80211_start_ap(struct wiphy *wiphy,
1327 } 1325 }
1328 1326
1329 mwifiex_set_ht_params(priv, bss_cfg, params); 1327 mwifiex_set_ht_params(priv, bss_cfg, params);
1328 mwifiex_set_wmm_params(priv, bss_cfg, params);
1330 1329
1331 if (params->inactivity_timeout > 0) { 1330 if (params->inactivity_timeout > 0) {
1332 /* sta_ao_timer/ps_sta_ao_timer is in unit of 100ms */ 1331 /* sta_ao_timer/ps_sta_ao_timer is in unit of 100ms */
@@ -1459,7 +1458,7 @@ mwifiex_cfg80211_assoc(struct mwifiex_private *priv, size_t ssid_len, u8 *ssid,
1459 struct cfg80211_ssid req_ssid; 1458 struct cfg80211_ssid req_ssid;
1460 int ret, auth_type = 0; 1459 int ret, auth_type = 0;
1461 struct cfg80211_bss *bss = NULL; 1460 struct cfg80211_bss *bss = NULL;
1462 u8 is_scanning_required = 0, config_bands = 0; 1461 u8 is_scanning_required = 0;
1463 1462
1464 memset(&req_ssid, 0, sizeof(struct cfg80211_ssid)); 1463 memset(&req_ssid, 0, sizeof(struct cfg80211_ssid));
1465 1464
@@ -1478,19 +1477,6 @@ mwifiex_cfg80211_assoc(struct mwifiex_private *priv, size_t ssid_len, u8 *ssid,
1478 /* disconnect before try to associate */ 1477 /* disconnect before try to associate */
1479 mwifiex_deauthenticate(priv, NULL); 1478 mwifiex_deauthenticate(priv, NULL);
1480 1479
1481 if (channel) {
1482 if (mode == NL80211_IFTYPE_STATION) {
1483 if (channel->band == IEEE80211_BAND_2GHZ)
1484 config_bands = BAND_B | BAND_G | BAND_GN;
1485 else
1486 config_bands = BAND_A | BAND_AN;
1487
1488 if (!((config_bands | priv->adapter->fw_bands) &
1489 ~priv->adapter->fw_bands))
1490 priv->adapter->config_bands = config_bands;
1491 }
1492 }
1493
1494 /* As this is new association, clear locally stored 1480 /* As this is new association, clear locally stored
1495 * keys and security related flags */ 1481 * keys and security related flags */
1496 priv->sec_info.wpa_enabled = false; 1482 priv->sec_info.wpa_enabled = false;
@@ -1707,9 +1693,9 @@ static int mwifiex_set_ibss_params(struct mwifiex_private *priv,
1707 1693
1708 if (cfg80211_get_chandef_type(&params->chandef) != 1694 if (cfg80211_get_chandef_type(&params->chandef) !=
1709 NL80211_CHAN_NO_HT) 1695 NL80211_CHAN_NO_HT)
1710 config_bands |= BAND_GN; 1696 config_bands |= BAND_G | BAND_GN;
1711 } else { 1697 } else {
1712 if (cfg80211_get_chandef_type(&params->chandef) != 1698 if (cfg80211_get_chandef_type(&params->chandef) ==
1713 NL80211_CHAN_NO_HT) 1699 NL80211_CHAN_NO_HT)
1714 config_bands = BAND_A; 1700 config_bands = BAND_A;
1715 else 1701 else
@@ -2261,6 +2247,7 @@ int mwifiex_register_cfg80211(struct mwifiex_adapter *adapter)
2261 wiphy->signal_type = CFG80211_SIGNAL_TYPE_MBM; 2247 wiphy->signal_type = CFG80211_SIGNAL_TYPE_MBM;
2262 wiphy->flags |= WIPHY_FLAG_HAVE_AP_SME | 2248 wiphy->flags |= WIPHY_FLAG_HAVE_AP_SME |
2263 WIPHY_FLAG_AP_PROBE_RESP_OFFLOAD | 2249 WIPHY_FLAG_AP_PROBE_RESP_OFFLOAD |
2250 WIPHY_FLAG_AP_UAPSD |
2264 WIPHY_FLAG_CUSTOM_REGULATORY | 2251 WIPHY_FLAG_CUSTOM_REGULATORY |
2265 WIPHY_FLAG_HAS_REMAIN_ON_CHANNEL; 2252 WIPHY_FLAG_HAS_REMAIN_ON_CHANNEL;
2266 2253
diff --git a/drivers/net/wireless/mwifiex/decl.h b/drivers/net/wireless/mwifiex/decl.h
index e9357d87d327..e8a569aaa2e8 100644
--- a/drivers/net/wireless/mwifiex/decl.h
+++ b/drivers/net/wireless/mwifiex/decl.h
@@ -26,6 +26,7 @@
26#include <linux/wait.h> 26#include <linux/wait.h>
27#include <linux/timer.h> 27#include <linux/timer.h>
28#include <linux/ieee80211.h> 28#include <linux/ieee80211.h>
29#include <net/mac80211.h>
29 30
30 31
31#define MWIFIEX_MAX_BSS_NUM (3) 32#define MWIFIEX_MAX_BSS_NUM (3)
@@ -58,6 +59,8 @@
58#define MWIFIEX_RTS_MAX_VALUE (2347) 59#define MWIFIEX_RTS_MAX_VALUE (2347)
59#define MWIFIEX_FRAG_MIN_VALUE (256) 60#define MWIFIEX_FRAG_MIN_VALUE (256)
60#define MWIFIEX_FRAG_MAX_VALUE (2346) 61#define MWIFIEX_FRAG_MAX_VALUE (2346)
62#define MWIFIEX_WMM_VERSION 0x01
63#define MWIFIEX_WMM_SUBTYPE 0x01
61 64
62#define MWIFIEX_RETRY_LIMIT 14 65#define MWIFIEX_RETRY_LIMIT 14
63#define MWIFIEX_SDIO_BLOCK_SIZE 256 66#define MWIFIEX_SDIO_BLOCK_SIZE 256
@@ -126,4 +129,19 @@ enum mwifiex_wmm_ac_e {
126 WMM_AC_VI, 129 WMM_AC_VI,
127 WMM_AC_VO 130 WMM_AC_VO
128} __packed; 131} __packed;
132
133struct ieee_types_wmm_ac_parameters {
134 u8 aci_aifsn_bitmap;
135 u8 ecw_bitmap;
136 __le16 tx_op_limit;
137} __packed;
138
139struct mwifiex_types_wmm_info {
140 u8 oui[4];
141 u8 subtype;
142 u8 version;
143 u8 qos_info;
144 u8 reserved;
145 struct ieee_types_wmm_ac_parameters ac_params[IEEE80211_NUM_ACS];
146} __packed;
129#endif /* !_MWIFIEX_DECL_H_ */ 147#endif /* !_MWIFIEX_DECL_H_ */
diff --git a/drivers/net/wireless/mwifiex/fw.h b/drivers/net/wireless/mwifiex/fw.h
index 4dc8e2e9a889..ebe2f6a7984c 100644
--- a/drivers/net/wireless/mwifiex/fw.h
+++ b/drivers/net/wireless/mwifiex/fw.h
@@ -330,6 +330,9 @@ enum P2P_MODES {
330#define HOST_SLEEP_CFG_GPIO_DEF 0xff 330#define HOST_SLEEP_CFG_GPIO_DEF 0xff
331#define HOST_SLEEP_CFG_GAP_DEF 0 331#define HOST_SLEEP_CFG_GAP_DEF 0
332 332
333#define MWIFIEX_TIMEOUT_FOR_AP_RESP 0xfffc
334#define MWIFIEX_STATUS_CODE_AUTH_TIMEOUT 2
335
333#define CMD_F_HOSTCMD (1 << 0) 336#define CMD_F_HOSTCMD (1 << 0)
334#define CMD_F_CANCELED (1 << 1) 337#define CMD_F_CANCELED (1 << 1)
335 338
@@ -1131,12 +1134,6 @@ struct ieee_types_vendor_header {
1131 u8 version; 1134 u8 version;
1132} __packed; 1135} __packed;
1133 1136
1134struct ieee_types_wmm_ac_parameters {
1135 u8 aci_aifsn_bitmap;
1136 u8 ecw_bitmap;
1137 __le16 tx_op_limit;
1138} __packed;
1139
1140struct ieee_types_wmm_parameter { 1137struct ieee_types_wmm_parameter {
1141 /* 1138 /*
1142 * WMM Parameter IE - Vendor Specific Header: 1139 * WMM Parameter IE - Vendor Specific Header:
@@ -1186,6 +1183,11 @@ struct mwifiex_ie_types_htcap {
1186 struct ieee80211_ht_cap ht_cap; 1183 struct ieee80211_ht_cap ht_cap;
1187} __packed; 1184} __packed;
1188 1185
1186struct mwifiex_ie_types_wmmcap {
1187 struct mwifiex_ie_types_header header;
1188 struct mwifiex_types_wmm_info wmm_info;
1189} __packed;
1190
1189struct mwifiex_ie_types_htinfo { 1191struct mwifiex_ie_types_htinfo {
1190 struct mwifiex_ie_types_header header; 1192 struct mwifiex_ie_types_header header;
1191 struct ieee80211_ht_operation ht_oper; 1193 struct ieee80211_ht_operation ht_oper;
diff --git a/drivers/net/wireless/mwifiex/init.c b/drivers/net/wireless/mwifiex/init.c
index 39f03ce5a5b1..e00b8060aff7 100644
--- a/drivers/net/wireless/mwifiex/init.c
+++ b/drivers/net/wireless/mwifiex/init.c
@@ -591,6 +591,12 @@ int mwifiex_init_fw(struct mwifiex_adapter *adapter)
591 return -1; 591 return -1;
592 } 592 }
593 } 593 }
594
595 if (adapter->if_ops.init_fw_port) {
596 if (adapter->if_ops.init_fw_port(adapter))
597 return -1;
598 }
599
594 for (i = 0; i < adapter->priv_num; i++) { 600 for (i = 0; i < adapter->priv_num; i++) {
595 if (adapter->priv[i]) { 601 if (adapter->priv[i]) {
596 ret = mwifiex_sta_init_cmd(adapter->priv[i], first_sta); 602 ret = mwifiex_sta_init_cmd(adapter->priv[i], first_sta);
diff --git a/drivers/net/wireless/mwifiex/ioctl.h b/drivers/net/wireless/mwifiex/ioctl.h
index 4e31c6013ebe..6095b3e53f4e 100644
--- a/drivers/net/wireless/mwifiex/ioctl.h
+++ b/drivers/net/wireless/mwifiex/ioctl.h
@@ -20,7 +20,6 @@
20#ifndef _MWIFIEX_IOCTL_H_ 20#ifndef _MWIFIEX_IOCTL_H_
21#define _MWIFIEX_IOCTL_H_ 21#define _MWIFIEX_IOCTL_H_
22 22
23#include <net/mac80211.h>
24#include <net/lib80211.h> 23#include <net/lib80211.h>
25 24
26enum { 25enum {
@@ -107,6 +106,8 @@ struct mwifiex_uap_bss_param {
107 u8 rates[MWIFIEX_SUPPORTED_RATES]; 106 u8 rates[MWIFIEX_SUPPORTED_RATES];
108 u32 sta_ao_timer; 107 u32 sta_ao_timer;
109 u32 ps_sta_ao_timer; 108 u32 ps_sta_ao_timer;
109 u8 qos_info;
110 struct mwifiex_types_wmm_info wmm_info;
110}; 111};
111 112
112enum { 113enum {
diff --git a/drivers/net/wireless/mwifiex/join.c b/drivers/net/wireless/mwifiex/join.c
index 88664ae667ba..f0a634d237c1 100644
--- a/drivers/net/wireless/mwifiex/join.c
+++ b/drivers/net/wireless/mwifiex/join.c
@@ -157,8 +157,8 @@ static int mwifiex_get_common_rates(struct mwifiex_private *priv, u8 *rate1,
157 157
158 memset(rate1, 0, rate1_size); 158 memset(rate1, 0, rate1_size);
159 159
160 for (i = 0; rate2[i] && i < rate2_size; i++) { 160 for (i = 0; i < rate2_size && rate2[i]; i++) {
161 for (j = 0; tmp[j] && j < rate1_size; j++) { 161 for (j = 0; j < rate1_size && tmp[j]; j++) {
162 /* Check common rate, excluding the bit for 162 /* Check common rate, excluding the bit for
163 basic rate */ 163 basic rate */
164 if ((rate2[i] & 0x7F) == (tmp[j] & 0x7F)) { 164 if ((rate2[i] & 0x7F) == (tmp[j] & 0x7F)) {
@@ -615,23 +615,33 @@ int mwifiex_ret_802_11_associate(struct mwifiex_private *priv,
615 struct ieee_types_assoc_rsp *assoc_rsp; 615 struct ieee_types_assoc_rsp *assoc_rsp;
616 struct mwifiex_bssdescriptor *bss_desc; 616 struct mwifiex_bssdescriptor *bss_desc;
617 u8 enable_data = true; 617 u8 enable_data = true;
618 u16 cap_info, status_code;
618 619
619 assoc_rsp = (struct ieee_types_assoc_rsp *) &resp->params; 620 assoc_rsp = (struct ieee_types_assoc_rsp *) &resp->params;
620 621
622 cap_info = le16_to_cpu(assoc_rsp->cap_info_bitmap);
623 status_code = le16_to_cpu(assoc_rsp->status_code);
624
621 priv->assoc_rsp_size = min(le16_to_cpu(resp->size) - S_DS_GEN, 625 priv->assoc_rsp_size = min(le16_to_cpu(resp->size) - S_DS_GEN,
622 sizeof(priv->assoc_rsp_buf)); 626 sizeof(priv->assoc_rsp_buf));
623 627
624 memcpy(priv->assoc_rsp_buf, &resp->params, priv->assoc_rsp_size); 628 memcpy(priv->assoc_rsp_buf, &resp->params, priv->assoc_rsp_size);
625 629
626 if (le16_to_cpu(assoc_rsp->status_code)) { 630 if (status_code) {
627 priv->adapter->dbg.num_cmd_assoc_failure++; 631 priv->adapter->dbg.num_cmd_assoc_failure++;
628 dev_err(priv->adapter->dev, 632 dev_err(priv->adapter->dev,
629 "ASSOC_RESP: failed, status code=%d err=%#x a_id=%#x\n", 633 "ASSOC_RESP: failed, status code=%d err=%#x a_id=%#x\n",
630 le16_to_cpu(assoc_rsp->status_code), 634 status_code, cap_info, le16_to_cpu(assoc_rsp->a_id));
631 le16_to_cpu(assoc_rsp->cap_info_bitmap), 635
632 le16_to_cpu(assoc_rsp->a_id)); 636 if (cap_info == MWIFIEX_TIMEOUT_FOR_AP_RESP) {
637 if (status_code == MWIFIEX_STATUS_CODE_AUTH_TIMEOUT)
638 ret = WLAN_STATUS_AUTH_TIMEOUT;
639 else
640 ret = WLAN_STATUS_UNSPECIFIED_FAILURE;
641 } else {
642 ret = status_code;
643 }
633 644
634 ret = le16_to_cpu(assoc_rsp->status_code);
635 goto done; 645 goto done;
636 } 646 }
637 647
@@ -969,6 +979,16 @@ mwifiex_cmd_802_11_ad_hoc_start(struct mwifiex_private *priv,
969 priv->adapter->config_bands); 979 priv->adapter->config_bands);
970 mwifiex_fill_cap_info(priv, radio_type, ht_cap); 980 mwifiex_fill_cap_info(priv, radio_type, ht_cap);
971 981
982 if (adapter->sec_chan_offset ==
983 IEEE80211_HT_PARAM_CHA_SEC_NONE) {
984 u16 tmp_ht_cap;
985
986 tmp_ht_cap = le16_to_cpu(ht_cap->ht_cap.cap_info);
987 tmp_ht_cap &= ~IEEE80211_HT_CAP_SUP_WIDTH_20_40;
988 tmp_ht_cap &= ~IEEE80211_HT_CAP_SGI_40;
989 ht_cap->ht_cap.cap_info = cpu_to_le16(tmp_ht_cap);
990 }
991
972 pos += sizeof(struct mwifiex_ie_types_htcap); 992 pos += sizeof(struct mwifiex_ie_types_htcap);
973 cmd_append_size += sizeof(struct mwifiex_ie_types_htcap); 993 cmd_append_size += sizeof(struct mwifiex_ie_types_htcap);
974 994
diff --git a/drivers/net/wireless/mwifiex/main.h b/drivers/net/wireless/mwifiex/main.h
index 1b3cfc821940..51044e3ea89b 100644
--- a/drivers/net/wireless/mwifiex/main.h
+++ b/drivers/net/wireless/mwifiex/main.h
@@ -599,8 +599,10 @@ struct mwifiex_if_ops {
599 int (*cmdrsp_complete) (struct mwifiex_adapter *, struct sk_buff *); 599 int (*cmdrsp_complete) (struct mwifiex_adapter *, struct sk_buff *);
600 int (*event_complete) (struct mwifiex_adapter *, struct sk_buff *); 600 int (*event_complete) (struct mwifiex_adapter *, struct sk_buff *);
601 int (*data_complete) (struct mwifiex_adapter *, struct sk_buff *); 601 int (*data_complete) (struct mwifiex_adapter *, struct sk_buff *);
602 int (*init_fw_port) (struct mwifiex_adapter *);
602 int (*dnld_fw) (struct mwifiex_adapter *, struct mwifiex_fw_image *); 603 int (*dnld_fw) (struct mwifiex_adapter *, struct mwifiex_fw_image *);
603 void (*card_reset) (struct mwifiex_adapter *); 604 void (*card_reset) (struct mwifiex_adapter *);
605 int (*clean_pcie_ring) (struct mwifiex_adapter *adapter);
604}; 606};
605 607
606struct mwifiex_adapter { 608struct mwifiex_adapter {
@@ -890,6 +892,10 @@ void mwifiex_set_ht_params(struct mwifiex_private *priv,
890 struct cfg80211_ap_settings *params); 892 struct cfg80211_ap_settings *params);
891void mwifiex_set_uap_rates(struct mwifiex_uap_bss_param *bss_cfg, 893void mwifiex_set_uap_rates(struct mwifiex_uap_bss_param *bss_cfg,
892 struct cfg80211_ap_settings *params); 894 struct cfg80211_ap_settings *params);
895void
896mwifiex_set_wmm_params(struct mwifiex_private *priv,
897 struct mwifiex_uap_bss_param *bss_cfg,
898 struct cfg80211_ap_settings *params);
893 899
894/* 900/*
895 * This function checks if the queuing is RA based or not. 901 * This function checks if the queuing is RA based or not.
diff --git a/drivers/net/wireless/mwifiex/pcie.c b/drivers/net/wireless/mwifiex/pcie.c
index 13fbc4eb1595..df88e65595c8 100644
--- a/drivers/net/wireless/mwifiex/pcie.c
+++ b/drivers/net/wireless/mwifiex/pcie.c
@@ -39,17 +39,20 @@ static struct semaphore add_remove_card_sem;
39static int mwifiex_pcie_enable_host_int(struct mwifiex_adapter *adapter); 39static int mwifiex_pcie_enable_host_int(struct mwifiex_adapter *adapter);
40static int mwifiex_pcie_resume(struct pci_dev *pdev); 40static int mwifiex_pcie_resume(struct pci_dev *pdev);
41 41
42/* 42static int
43 * This function is called after skb allocation to update 43mwifiex_map_pci_memory(struct mwifiex_adapter *adapter, struct sk_buff *skb,
44 * "skb->cb" with physical address of data pointer. 44 int size, int flags)
45 */
46static phys_addr_t *mwifiex_update_sk_buff_pa(struct sk_buff *skb)
47{ 45{
48 phys_addr_t *buf_pa = MWIFIEX_SKB_PACB(skb); 46 struct pcie_service_card *card = adapter->card;
49 47 dma_addr_t buf_pa;
50 *buf_pa = (phys_addr_t)virt_to_phys(skb->data);
51 48
52 return buf_pa; 49 buf_pa = pci_map_single(card->dev, skb->data, size, flags);
50 if (pci_dma_mapping_error(card->dev, buf_pa)) {
51 dev_err(adapter->dev, "failed to map pci memory!\n");
52 return -1;
53 }
54 memcpy(skb->cb, &buf_pa, sizeof(dma_addr_t));
55 return 0;
53} 56}
54 57
55/* 58/*
@@ -60,8 +63,8 @@ static bool mwifiex_pcie_ok_to_access_hw(struct mwifiex_adapter *adapter)
60 u32 *cookie_addr; 63 u32 *cookie_addr;
61 struct pcie_service_card *card = adapter->card; 64 struct pcie_service_card *card = adapter->card;
62 65
63 if (card->sleep_cookie) { 66 if (card->sleep_cookie_vbase) {
64 cookie_addr = (u32 *)card->sleep_cookie->data; 67 cookie_addr = (u32 *)card->sleep_cookie_vbase;
65 dev_dbg(adapter->dev, "info: ACCESS_HW: sleep cookie=0x%x\n", 68 dev_dbg(adapter->dev, "info: ACCESS_HW: sleep cookie=0x%x\n",
66 *cookie_addr); 69 *cookie_addr);
67 if (*cookie_addr == FW_AWAKE_COOKIE) 70 if (*cookie_addr == FW_AWAKE_COOKIE)
@@ -161,7 +164,7 @@ static int mwifiex_pcie_suspend(struct pci_dev *pdev, pm_message_t state)
161 164
162 if (pdev) { 165 if (pdev) {
163 card = (struct pcie_service_card *) pci_get_drvdata(pdev); 166 card = (struct pcie_service_card *) pci_get_drvdata(pdev);
164 if (!card || card->adapter) { 167 if (!card || !card->adapter) {
165 pr_err("Card or adapter structure is not valid\n"); 168 pr_err("Card or adapter structure is not valid\n");
166 return 0; 169 return 0;
167 } 170 }
@@ -366,9 +369,7 @@ static int mwifiex_pcie_enable_host_int(struct mwifiex_adapter *adapter)
366static int mwifiex_pcie_create_txbd_ring(struct mwifiex_adapter *adapter) 369static int mwifiex_pcie_create_txbd_ring(struct mwifiex_adapter *adapter)
367{ 370{
368 struct pcie_service_card *card = adapter->card; 371 struct pcie_service_card *card = adapter->card;
369 struct sk_buff *skb;
370 int i; 372 int i;
371 phys_addr_t *buf_pa;
372 373
373 /* 374 /*
374 * driver maintaines the write pointer and firmware maintaines the read 375 * driver maintaines the write pointer and firmware maintaines the read
@@ -384,16 +385,18 @@ static int mwifiex_pcie_create_txbd_ring(struct mwifiex_adapter *adapter)
384 MWIFIEX_MAX_TXRX_BD; 385 MWIFIEX_MAX_TXRX_BD;
385 dev_dbg(adapter->dev, "info: txbd_ring: Allocating %d bytes\n", 386 dev_dbg(adapter->dev, "info: txbd_ring: Allocating %d bytes\n",
386 card->txbd_ring_size); 387 card->txbd_ring_size);
387 card->txbd_ring_vbase = kzalloc(card->txbd_ring_size, GFP_KERNEL); 388 card->txbd_ring_vbase = pci_alloc_consistent(card->dev,
389 card->txbd_ring_size,
390 &card->txbd_ring_pbase);
388 if (!card->txbd_ring_vbase) { 391 if (!card->txbd_ring_vbase) {
389 dev_err(adapter->dev, "Unable to alloc buffer for txbd ring\n"); 392 dev_err(adapter->dev,
393 "allocate consistent memory (%d bytes) failed!\n",
394 card->txbd_ring_size);
390 return -ENOMEM; 395 return -ENOMEM;
391 } 396 }
392 card->txbd_ring_pbase = virt_to_phys(card->txbd_ring_vbase);
393
394 dev_dbg(adapter->dev, 397 dev_dbg(adapter->dev,
395 "info: txbd_ring - base: %p, pbase: %#x:%x, len: %x\n", 398 "info: txbd_ring - base: %p, pbase: %#x:%x, len: %x\n",
396 card->txbd_ring_vbase, (u32)card->txbd_ring_pbase, 399 card->txbd_ring_vbase, (unsigned int)card->txbd_ring_pbase,
397 (u32)((u64)card->txbd_ring_pbase >> 32), card->txbd_ring_size); 400 (u32)((u64)card->txbd_ring_pbase >> 32), card->txbd_ring_size);
398 401
399 for (i = 0; i < MWIFIEX_MAX_TXRX_BD; i++) { 402 for (i = 0; i < MWIFIEX_MAX_TXRX_BD; i++) {
@@ -402,24 +405,9 @@ static int mwifiex_pcie_create_txbd_ring(struct mwifiex_adapter *adapter)
402 (sizeof(struct mwifiex_pcie_buf_desc) 405 (sizeof(struct mwifiex_pcie_buf_desc)
403 * i)); 406 * i));
404 407
405 /* Allocate buffer here so that firmware can DMA data from it */ 408 card->tx_buf_list[i] = NULL;
406 skb = dev_alloc_skb(MWIFIEX_RX_DATA_BUF_SIZE); 409 card->txbd_ring[i]->paddr = 0;
407 if (!skb) { 410 card->txbd_ring[i]->len = 0;
408 dev_err(adapter->dev, "Unable to allocate skb for TX ring.\n");
409 kfree(card->txbd_ring_vbase);
410 return -ENOMEM;
411 }
412 buf_pa = mwifiex_update_sk_buff_pa(skb);
413
414 skb_put(skb, MWIFIEX_RX_DATA_BUF_SIZE);
415 dev_dbg(adapter->dev, "info: TX ring: add new skb base: %p, "
416 "buf_base: %p, buf_pbase: %#x:%x, buf_len: %#x\n",
417 skb, skb->data, (u32)*buf_pa,
418 (u32)(((u64)*buf_pa >> 32)), skb->len);
419
420 card->tx_buf_list[i] = skb;
421 card->txbd_ring[i]->paddr = *buf_pa;
422 card->txbd_ring[i]->len = (u16)skb->len;
423 card->txbd_ring[i]->flags = 0; 411 card->txbd_ring[i]->flags = 0;
424 } 412 }
425 413
@@ -429,11 +417,16 @@ static int mwifiex_pcie_create_txbd_ring(struct mwifiex_adapter *adapter)
429static int mwifiex_pcie_delete_txbd_ring(struct mwifiex_adapter *adapter) 417static int mwifiex_pcie_delete_txbd_ring(struct mwifiex_adapter *adapter)
430{ 418{
431 struct pcie_service_card *card = adapter->card; 419 struct pcie_service_card *card = adapter->card;
420 struct sk_buff *skb;
432 int i; 421 int i;
433 422
434 for (i = 0; i < MWIFIEX_MAX_TXRX_BD; i++) { 423 for (i = 0; i < MWIFIEX_MAX_TXRX_BD; i++) {
435 if (card->tx_buf_list[i]) 424 if (card->tx_buf_list[i]) {
436 dev_kfree_skb_any(card->tx_buf_list[i]); 425 skb = card->tx_buf_list[i];
426 pci_unmap_single(card->dev, card->txbd_ring[i]->paddr,
427 skb->len, PCI_DMA_TODEVICE);
428 dev_kfree_skb_any(skb);
429 }
437 card->tx_buf_list[i] = NULL; 430 card->tx_buf_list[i] = NULL;
438 card->txbd_ring[i]->paddr = 0; 431 card->txbd_ring[i]->paddr = 0;
439 card->txbd_ring[i]->len = 0; 432 card->txbd_ring[i]->len = 0;
@@ -441,11 +434,15 @@ static int mwifiex_pcie_delete_txbd_ring(struct mwifiex_adapter *adapter)
441 card->txbd_ring[i] = NULL; 434 card->txbd_ring[i] = NULL;
442 } 435 }
443 436
444 kfree(card->txbd_ring_vbase); 437 if (card->txbd_ring_vbase)
438 pci_free_consistent(card->dev, card->txbd_ring_size,
439 card->txbd_ring_vbase,
440 card->txbd_ring_pbase);
445 card->txbd_ring_size = 0; 441 card->txbd_ring_size = 0;
446 card->txbd_wrptr = 0; 442 card->txbd_wrptr = 0;
447 card->txbd_rdptr = 0 | MWIFIEX_BD_FLAG_ROLLOVER_IND; 443 card->txbd_rdptr = 0 | MWIFIEX_BD_FLAG_ROLLOVER_IND;
448 card->txbd_ring_vbase = NULL; 444 card->txbd_ring_vbase = NULL;
445 card->txbd_ring_pbase = 0;
449 446
450 return 0; 447 return 0;
451} 448}
@@ -458,7 +455,7 @@ static int mwifiex_pcie_create_rxbd_ring(struct mwifiex_adapter *adapter)
458 struct pcie_service_card *card = adapter->card; 455 struct pcie_service_card *card = adapter->card;
459 struct sk_buff *skb; 456 struct sk_buff *skb;
460 int i; 457 int i;
461 phys_addr_t *buf_pa; 458 dma_addr_t buf_pa;
462 459
463 /* 460 /*
464 * driver maintaines the read pointer and firmware maintaines the write 461 * driver maintaines the read pointer and firmware maintaines the write
@@ -472,13 +469,15 @@ static int mwifiex_pcie_create_rxbd_ring(struct mwifiex_adapter *adapter)
472 MWIFIEX_MAX_TXRX_BD; 469 MWIFIEX_MAX_TXRX_BD;
473 dev_dbg(adapter->dev, "info: rxbd_ring: Allocating %d bytes\n", 470 dev_dbg(adapter->dev, "info: rxbd_ring: Allocating %d bytes\n",
474 card->rxbd_ring_size); 471 card->rxbd_ring_size);
475 card->rxbd_ring_vbase = kzalloc(card->rxbd_ring_size, GFP_KERNEL); 472 card->rxbd_ring_vbase = pci_alloc_consistent(card->dev,
473 card->rxbd_ring_size,
474 &card->rxbd_ring_pbase);
476 if (!card->rxbd_ring_vbase) { 475 if (!card->rxbd_ring_vbase) {
477 dev_err(adapter->dev, "Unable to allocate buffer for " 476 dev_err(adapter->dev,
478 "rxbd_ring.\n"); 477 "allocate consistent memory (%d bytes) failed!\n",
478 card->rxbd_ring_size);
479 return -ENOMEM; 479 return -ENOMEM;
480 } 480 }
481 card->rxbd_ring_pbase = virt_to_phys(card->rxbd_ring_vbase);
482 481
483 dev_dbg(adapter->dev, 482 dev_dbg(adapter->dev,
484 "info: rxbd_ring - base: %p, pbase: %#x:%x, len: %#x\n", 483 "info: rxbd_ring - base: %p, pbase: %#x:%x, len: %#x\n",
@@ -500,16 +499,20 @@ static int mwifiex_pcie_create_rxbd_ring(struct mwifiex_adapter *adapter)
500 kfree(card->rxbd_ring_vbase); 499 kfree(card->rxbd_ring_vbase);
501 return -ENOMEM; 500 return -ENOMEM;
502 } 501 }
503 buf_pa = mwifiex_update_sk_buff_pa(skb); 502 if (mwifiex_map_pci_memory(adapter, skb,
504 skb_put(skb, MWIFIEX_RX_DATA_BUF_SIZE); 503 MWIFIEX_RX_DATA_BUF_SIZE,
504 PCI_DMA_FROMDEVICE))
505 return -1;
506
507 MWIFIEX_SKB_PACB(skb, &buf_pa);
505 508
506 dev_dbg(adapter->dev, "info: RX ring: add new skb base: %p, " 509 dev_dbg(adapter->dev, "info: RX ring: add new skb base: %p, "
507 "buf_base: %p, buf_pbase: %#x:%x, buf_len: %#x\n", 510 "buf_base: %p, buf_pbase: %#x:%x, buf_len: %#x\n",
508 skb, skb->data, (u32)*buf_pa, (u32)((u64)*buf_pa >> 32), 511 skb, skb->data, (u32)buf_pa, (u32)((u64)buf_pa >> 32),
509 skb->len); 512 skb->len);
510 513
511 card->rx_buf_list[i] = skb; 514 card->rx_buf_list[i] = skb;
512 card->rxbd_ring[i]->paddr = *buf_pa; 515 card->rxbd_ring[i]->paddr = buf_pa;
513 card->rxbd_ring[i]->len = (u16)skb->len; 516 card->rxbd_ring[i]->len = (u16)skb->len;
514 card->rxbd_ring[i]->flags = 0; 517 card->rxbd_ring[i]->flags = 0;
515 } 518 }
@@ -523,11 +526,17 @@ static int mwifiex_pcie_create_rxbd_ring(struct mwifiex_adapter *adapter)
523static int mwifiex_pcie_delete_rxbd_ring(struct mwifiex_adapter *adapter) 526static int mwifiex_pcie_delete_rxbd_ring(struct mwifiex_adapter *adapter)
524{ 527{
525 struct pcie_service_card *card = adapter->card; 528 struct pcie_service_card *card = adapter->card;
529 struct sk_buff *skb;
526 int i; 530 int i;
527 531
528 for (i = 0; i < MWIFIEX_MAX_TXRX_BD; i++) { 532 for (i = 0; i < MWIFIEX_MAX_TXRX_BD; i++) {
529 if (card->rx_buf_list[i]) 533 if (card->rx_buf_list[i]) {
530 dev_kfree_skb_any(card->rx_buf_list[i]); 534 skb = card->rx_buf_list[i];
535 pci_unmap_single(card->dev, card->rxbd_ring[i]->paddr ,
536 MWIFIEX_RX_DATA_BUF_SIZE,
537 PCI_DMA_FROMDEVICE);
538 dev_kfree_skb_any(skb);
539 }
531 card->rx_buf_list[i] = NULL; 540 card->rx_buf_list[i] = NULL;
532 card->rxbd_ring[i]->paddr = 0; 541 card->rxbd_ring[i]->paddr = 0;
533 card->rxbd_ring[i]->len = 0; 542 card->rxbd_ring[i]->len = 0;
@@ -535,11 +544,15 @@ static int mwifiex_pcie_delete_rxbd_ring(struct mwifiex_adapter *adapter)
535 card->rxbd_ring[i] = NULL; 544 card->rxbd_ring[i] = NULL;
536 } 545 }
537 546
538 kfree(card->rxbd_ring_vbase); 547 if (card->rxbd_ring_vbase)
548 pci_free_consistent(card->dev, card->rxbd_ring_size,
549 card->rxbd_ring_vbase,
550 card->rxbd_ring_pbase);
539 card->rxbd_ring_size = 0; 551 card->rxbd_ring_size = 0;
540 card->rxbd_wrptr = 0; 552 card->rxbd_wrptr = 0;
541 card->rxbd_rdptr = 0 | MWIFIEX_BD_FLAG_ROLLOVER_IND; 553 card->rxbd_rdptr = 0 | MWIFIEX_BD_FLAG_ROLLOVER_IND;
542 card->rxbd_ring_vbase = NULL; 554 card->rxbd_ring_vbase = NULL;
555 card->rxbd_ring_pbase = 0;
543 556
544 return 0; 557 return 0;
545} 558}
@@ -552,7 +565,7 @@ static int mwifiex_pcie_create_evtbd_ring(struct mwifiex_adapter *adapter)
552 struct pcie_service_card *card = adapter->card; 565 struct pcie_service_card *card = adapter->card;
553 struct sk_buff *skb; 566 struct sk_buff *skb;
554 int i; 567 int i;
555 phys_addr_t *buf_pa; 568 dma_addr_t buf_pa;
556 569
557 /* 570 /*
558 * driver maintaines the read pointer and firmware maintaines the write 571 * driver maintaines the read pointer and firmware maintaines the write
@@ -566,13 +579,15 @@ static int mwifiex_pcie_create_evtbd_ring(struct mwifiex_adapter *adapter)
566 MWIFIEX_MAX_EVT_BD; 579 MWIFIEX_MAX_EVT_BD;
567 dev_dbg(adapter->dev, "info: evtbd_ring: Allocating %d bytes\n", 580 dev_dbg(adapter->dev, "info: evtbd_ring: Allocating %d bytes\n",
568 card->evtbd_ring_size); 581 card->evtbd_ring_size);
569 card->evtbd_ring_vbase = kzalloc(card->evtbd_ring_size, GFP_KERNEL); 582 card->evtbd_ring_vbase = pci_alloc_consistent(card->dev,
583 card->evtbd_ring_size,
584 &card->evtbd_ring_pbase);
570 if (!card->evtbd_ring_vbase) { 585 if (!card->evtbd_ring_vbase) {
571 dev_err(adapter->dev, 586 dev_err(adapter->dev,
572 "Unable to allocate buffer. Terminating download\n"); 587 "allocate consistent memory (%d bytes) failed!\n",
588 card->evtbd_ring_size);
573 return -ENOMEM; 589 return -ENOMEM;
574 } 590 }
575 card->evtbd_ring_pbase = virt_to_phys(card->evtbd_ring_vbase);
576 591
577 dev_dbg(adapter->dev, 592 dev_dbg(adapter->dev,
578 "info: CMDRSP/EVT bd_ring - base: %p pbase: %#x:%x len: %#x\n", 593 "info: CMDRSP/EVT bd_ring - base: %p pbase: %#x:%x len: %#x\n",
@@ -594,16 +609,20 @@ static int mwifiex_pcie_create_evtbd_ring(struct mwifiex_adapter *adapter)
594 kfree(card->evtbd_ring_vbase); 609 kfree(card->evtbd_ring_vbase);
595 return -ENOMEM; 610 return -ENOMEM;
596 } 611 }
597 buf_pa = mwifiex_update_sk_buff_pa(skb);
598 skb_put(skb, MAX_EVENT_SIZE); 612 skb_put(skb, MAX_EVENT_SIZE);
599 613
614 if (mwifiex_map_pci_memory(adapter, skb, MAX_EVENT_SIZE,
615 PCI_DMA_FROMDEVICE))
616 return -1;
617
618 MWIFIEX_SKB_PACB(skb, &buf_pa);
600 dev_dbg(adapter->dev, "info: Evt ring: add new skb. base: %p, " 619 dev_dbg(adapter->dev, "info: Evt ring: add new skb. base: %p, "
601 "buf_base: %p, buf_pbase: %#x:%x, buf_len: %#x\n", 620 "buf_base: %p, buf_pbase: %#x:%x, buf_len: %#x\n",
602 skb, skb->data, (u32)*buf_pa, (u32)((u64)*buf_pa >> 32), 621 skb, skb->data, (u32)buf_pa, (u32)((u64)buf_pa >> 32),
603 skb->len); 622 skb->len);
604 623
605 card->evt_buf_list[i] = skb; 624 card->evt_buf_list[i] = skb;
606 card->evtbd_ring[i]->paddr = *buf_pa; 625 card->evtbd_ring[i]->paddr = buf_pa;
607 card->evtbd_ring[i]->len = (u16)skb->len; 626 card->evtbd_ring[i]->len = (u16)skb->len;
608 card->evtbd_ring[i]->flags = 0; 627 card->evtbd_ring[i]->flags = 0;
609 } 628 }
@@ -617,11 +636,16 @@ static int mwifiex_pcie_create_evtbd_ring(struct mwifiex_adapter *adapter)
617static int mwifiex_pcie_delete_evtbd_ring(struct mwifiex_adapter *adapter) 636static int mwifiex_pcie_delete_evtbd_ring(struct mwifiex_adapter *adapter)
618{ 637{
619 struct pcie_service_card *card = adapter->card; 638 struct pcie_service_card *card = adapter->card;
639 struct sk_buff *skb;
620 int i; 640 int i;
621 641
622 for (i = 0; i < MWIFIEX_MAX_EVT_BD; i++) { 642 for (i = 0; i < MWIFIEX_MAX_EVT_BD; i++) {
623 if (card->evt_buf_list[i]) 643 if (card->evt_buf_list[i]) {
624 dev_kfree_skb_any(card->evt_buf_list[i]); 644 skb = card->evt_buf_list[i];
645 pci_unmap_single(card->dev, card->evtbd_ring[i]->paddr,
646 MAX_EVENT_SIZE, PCI_DMA_FROMDEVICE);
647 dev_kfree_skb_any(skb);
648 }
625 card->evt_buf_list[i] = NULL; 649 card->evt_buf_list[i] = NULL;
626 card->evtbd_ring[i]->paddr = 0; 650 card->evtbd_ring[i]->paddr = 0;
627 card->evtbd_ring[i]->len = 0; 651 card->evtbd_ring[i]->len = 0;
@@ -629,11 +653,15 @@ static int mwifiex_pcie_delete_evtbd_ring(struct mwifiex_adapter *adapter)
629 card->evtbd_ring[i] = NULL; 653 card->evtbd_ring[i] = NULL;
630 } 654 }
631 655
632 kfree(card->evtbd_ring_vbase); 656 if (card->evtbd_ring_vbase)
657 pci_free_consistent(card->dev, card->evtbd_ring_size,
658 card->evtbd_ring_vbase,
659 card->evtbd_ring_pbase);
633 card->evtbd_wrptr = 0; 660 card->evtbd_wrptr = 0;
634 card->evtbd_rdptr = 0 | MWIFIEX_BD_FLAG_ROLLOVER_IND; 661 card->evtbd_rdptr = 0 | MWIFIEX_BD_FLAG_ROLLOVER_IND;
635 card->evtbd_ring_size = 0; 662 card->evtbd_ring_size = 0;
636 card->evtbd_ring_vbase = NULL; 663 card->evtbd_ring_vbase = NULL;
664 card->evtbd_ring_pbase = 0;
637 665
638 return 0; 666 return 0;
639} 667}
@@ -653,21 +681,12 @@ static int mwifiex_pcie_alloc_cmdrsp_buf(struct mwifiex_adapter *adapter)
653 "Unable to allocate skb for command response data.\n"); 681 "Unable to allocate skb for command response data.\n");
654 return -ENOMEM; 682 return -ENOMEM;
655 } 683 }
656 mwifiex_update_sk_buff_pa(skb);
657 skb_put(skb, MWIFIEX_UPLD_SIZE); 684 skb_put(skb, MWIFIEX_UPLD_SIZE);
658 card->cmdrsp_buf = skb; 685 if (mwifiex_map_pci_memory(adapter, skb, MWIFIEX_UPLD_SIZE,
686 PCI_DMA_FROMDEVICE))
687 return -1;
659 688
660 skb = NULL; 689 card->cmdrsp_buf = skb;
661 /* Allocate memory for sending command to firmware */
662 skb = dev_alloc_skb(MWIFIEX_SIZE_OF_CMD_BUFFER);
663 if (!skb) {
664 dev_err(adapter->dev,
665 "Unable to allocate skb for command data.\n");
666 return -ENOMEM;
667 }
668 mwifiex_update_sk_buff_pa(skb);
669 skb_put(skb, MWIFIEX_SIZE_OF_CMD_BUFFER);
670 card->cmd_buf = skb;
671 690
672 return 0; 691 return 0;
673} 692}
@@ -678,18 +697,26 @@ static int mwifiex_pcie_alloc_cmdrsp_buf(struct mwifiex_adapter *adapter)
678static int mwifiex_pcie_delete_cmdrsp_buf(struct mwifiex_adapter *adapter) 697static int mwifiex_pcie_delete_cmdrsp_buf(struct mwifiex_adapter *adapter)
679{ 698{
680 struct pcie_service_card *card; 699 struct pcie_service_card *card;
700 dma_addr_t buf_pa;
681 701
682 if (!adapter) 702 if (!adapter)
683 return 0; 703 return 0;
684 704
685 card = adapter->card; 705 card = adapter->card;
686 706
687 if (card && card->cmdrsp_buf) 707 if (card && card->cmdrsp_buf) {
708 MWIFIEX_SKB_PACB(card->cmdrsp_buf, &buf_pa);
709 pci_unmap_single(card->dev, buf_pa, MWIFIEX_UPLD_SIZE,
710 PCI_DMA_FROMDEVICE);
688 dev_kfree_skb_any(card->cmdrsp_buf); 711 dev_kfree_skb_any(card->cmdrsp_buf);
712 }
689 713
690 if (card && card->cmd_buf) 714 if (card && card->cmd_buf) {
715 MWIFIEX_SKB_PACB(card->cmd_buf, &buf_pa);
716 pci_unmap_single(card->dev, buf_pa, MWIFIEX_SIZE_OF_CMD_BUFFER,
717 PCI_DMA_TODEVICE);
691 dev_kfree_skb_any(card->cmd_buf); 718 dev_kfree_skb_any(card->cmd_buf);
692 719 }
693 return 0; 720 return 0;
694} 721}
695 722
@@ -698,27 +725,19 @@ static int mwifiex_pcie_delete_cmdrsp_buf(struct mwifiex_adapter *adapter)
698 */ 725 */
699static int mwifiex_pcie_alloc_sleep_cookie_buf(struct mwifiex_adapter *adapter) 726static int mwifiex_pcie_alloc_sleep_cookie_buf(struct mwifiex_adapter *adapter)
700{ 727{
701 struct sk_buff *skb;
702 struct pcie_service_card *card = adapter->card; 728 struct pcie_service_card *card = adapter->card;
703 729
704 /* Allocate memory for sleep cookie */ 730 card->sleep_cookie_vbase = pci_alloc_consistent(card->dev, sizeof(u32),
705 skb = dev_alloc_skb(sizeof(u32)); 731 &card->sleep_cookie_pbase);
706 if (!skb) { 732 if (!card->sleep_cookie_vbase) {
707 dev_err(adapter->dev, 733 dev_err(adapter->dev, "pci_alloc_consistent failed!\n");
708 "Unable to allocate skb for sleep cookie!\n");
709 return -ENOMEM; 734 return -ENOMEM;
710 } 735 }
711 mwifiex_update_sk_buff_pa(skb);
712 skb_put(skb, sizeof(u32));
713
714 /* Init val of Sleep Cookie */ 736 /* Init val of Sleep Cookie */
715 *(u32 *)skb->data = FW_AWAKE_COOKIE; 737 *(u32 *)card->sleep_cookie_vbase = FW_AWAKE_COOKIE;
716 738
717 dev_dbg(adapter->dev, "alloc_scook: sleep cookie=0x%x\n", 739 dev_dbg(adapter->dev, "alloc_scook: sleep cookie=0x%x\n",
718 *((u32 *)skb->data)); 740 *((u32 *)card->sleep_cookie_vbase));
719
720 /* Save the sleep cookie */
721 card->sleep_cookie = skb;
722 741
723 return 0; 742 return 0;
724} 743}
@@ -735,24 +754,57 @@ static int mwifiex_pcie_delete_sleep_cookie_buf(struct mwifiex_adapter *adapter)
735 754
736 card = adapter->card; 755 card = adapter->card;
737 756
738 if (card && card->sleep_cookie) { 757 if (card && card->sleep_cookie_vbase) {
739 dev_kfree_skb_any(card->sleep_cookie); 758 pci_free_consistent(card->dev, sizeof(u32),
740 card->sleep_cookie = NULL; 759 card->sleep_cookie_vbase,
760 card->sleep_cookie_pbase);
761 card->sleep_cookie_vbase = NULL;
741 } 762 }
742 763
743 return 0; 764 return 0;
744} 765}
745 766
767/* This function flushes the TX buffer descriptor ring
768 * This function defined as handler is also called while cleaning TXRX
769 * during disconnect/ bss stop.
770 */
771static int mwifiex_clean_pcie_ring_buf(struct mwifiex_adapter *adapter)
772{
773 struct pcie_service_card *card = adapter->card;
774 u32 rdptr;
775
776 /* Read the TX ring read pointer set by firmware */
777 if (mwifiex_read_reg(adapter, REG_TXBD_RDPTR, &rdptr)) {
778 dev_err(adapter->dev,
779 "Flush TXBD: failed to read REG_TXBD_RDPTR\n");
780 return -1;
781 }
782
783 if (!mwifiex_pcie_txbd_empty(card, rdptr)) {
784 card->txbd_flush = 1;
785 /* write pointer already set at last send
786 * send dnld-rdy intr again, wait for completion.
787 */
788 if (mwifiex_write_reg(adapter, PCIE_CPU_INT_EVENT,
789 CPU_INTR_DNLD_RDY)) {
790 dev_err(adapter->dev,
791 "failed to assert dnld-rdy interrupt.\n");
792 return -1;
793 }
794 }
795 return 0;
796}
797
746/* 798/*
747 * This function sends data buffer to device 799 * This function unmaps and frees downloaded data buffer
748 */ 800 */
749static int 801static int mwifiex_pcie_send_data_complete(struct mwifiex_adapter *adapter)
750mwifiex_pcie_send_data(struct mwifiex_adapter *adapter, struct sk_buff *skb)
751{ 802{
803 const u32 num_tx_buffs = MWIFIEX_MAX_TXRX_BD;
804 struct sk_buff *skb;
805 dma_addr_t buf_pa;
806 u32 wrdoneidx, rdptr, unmap_count = 0;
752 struct pcie_service_card *card = adapter->card; 807 struct pcie_service_card *card = adapter->card;
753 u32 wrindx, rdptr;
754 phys_addr_t *buf_pa;
755 __le16 *tmp;
756 808
757 if (!mwifiex_pcie_ok_to_access_hw(adapter)) 809 if (!mwifiex_pcie_ok_to_access_hw(adapter))
758 mwifiex_pm_wakeup_card(adapter); 810 mwifiex_pm_wakeup_card(adapter);
@@ -760,34 +812,112 @@ mwifiex_pcie_send_data(struct mwifiex_adapter *adapter, struct sk_buff *skb)
760 /* Read the TX ring read pointer set by firmware */ 812 /* Read the TX ring read pointer set by firmware */
761 if (mwifiex_read_reg(adapter, REG_TXBD_RDPTR, &rdptr)) { 813 if (mwifiex_read_reg(adapter, REG_TXBD_RDPTR, &rdptr)) {
762 dev_err(adapter->dev, 814 dev_err(adapter->dev,
763 "SEND DATA: failed to read REG_TXBD_RDPTR\n"); 815 "SEND COMP: failed to read REG_TXBD_RDPTR\n");
764 return -1; 816 return -1;
765 } 817 }
766 818
767 wrindx = card->txbd_wrptr & MWIFIEX_TXBD_MASK; 819 dev_dbg(adapter->dev, "SEND COMP: rdptr_prev=0x%x, rdptr=0x%x\n",
820 card->txbd_rdptr, rdptr);
768 821
769 dev_dbg(adapter->dev, "info: SEND DATA: <Rd: %#x, Wr: %#x>\n", rdptr, 822 /* free from previous txbd_rdptr to current txbd_rdptr */
770 card->txbd_wrptr); 823 while (((card->txbd_rdptr & MWIFIEX_TXBD_MASK) !=
771 if (((card->txbd_wrptr & MWIFIEX_TXBD_MASK) != 824 (rdptr & MWIFIEX_TXBD_MASK)) ||
772 (rdptr & MWIFIEX_TXBD_MASK)) || 825 ((card->txbd_rdptr & MWIFIEX_BD_FLAG_ROLLOVER_IND) !=
773 ((card->txbd_wrptr & MWIFIEX_BD_FLAG_ROLLOVER_IND) != 826 (rdptr & MWIFIEX_BD_FLAG_ROLLOVER_IND))) {
774 (rdptr & MWIFIEX_BD_FLAG_ROLLOVER_IND))) { 827 wrdoneidx = card->txbd_rdptr & MWIFIEX_TXBD_MASK;
775 struct sk_buff *skb_data; 828
829 skb = card->tx_buf_list[wrdoneidx];
830 if (skb) {
831 dev_dbg(adapter->dev,
832 "SEND COMP: Detach skb %p at txbd_rdidx=%d\n",
833 skb, wrdoneidx);
834 MWIFIEX_SKB_PACB(skb, &buf_pa);
835 pci_unmap_single(card->dev, buf_pa, skb->len,
836 PCI_DMA_TODEVICE);
837
838 unmap_count++;
839
840 if (card->txbd_flush)
841 mwifiex_write_data_complete(adapter, skb, 0,
842 -1);
843 else
844 mwifiex_write_data_complete(adapter, skb, 0, 0);
845 }
846
847 card->tx_buf_list[wrdoneidx] = NULL;
848 card->txbd_ring[wrdoneidx]->paddr = 0;
849 card->txbd_ring[wrdoneidx]->len = 0;
850 card->txbd_ring[wrdoneidx]->flags = 0;
851 card->txbd_rdptr++;
852
853 if ((card->txbd_rdptr & MWIFIEX_TXBD_MASK) == num_tx_buffs)
854 card->txbd_rdptr = ((card->txbd_rdptr &
855 MWIFIEX_BD_FLAG_ROLLOVER_IND) ^
856 MWIFIEX_BD_FLAG_ROLLOVER_IND);
857 }
858
859 if (unmap_count)
860 adapter->data_sent = false;
861
862 if (card->txbd_flush) {
863 if (((card->txbd_wrptr & MWIFIEX_TXBD_MASK) ==
864 (card->txbd_rdptr & MWIFIEX_TXBD_MASK)) &&
865 ((card->txbd_wrptr & MWIFIEX_BD_FLAG_ROLLOVER_IND) !=
866 (card->txbd_rdptr & MWIFIEX_BD_FLAG_ROLLOVER_IND)))
867 card->txbd_flush = 0;
868 else
869 mwifiex_clean_pcie_ring_buf(adapter);
870 }
871
872 return 0;
873}
874
875/* This function sends data buffer to device. First 4 bytes of payload
876 * are filled with payload length and payload type. Then this payload
877 * is mapped to PCI device memory. Tx ring pointers are advanced accordingly.
878 * Download ready interrupt to FW is deffered if Tx ring is not full and
879 * additional payload can be accomodated.
880 */
881static int
882mwifiex_pcie_send_data(struct mwifiex_adapter *adapter, struct sk_buff *skb,
883 struct mwifiex_tx_param *tx_param)
884{
885 struct pcie_service_card *card = adapter->card;
886 u32 wrindx;
887 int ret;
888 dma_addr_t buf_pa;
889 __le16 *tmp;
890
891 if (!(skb->data && skb->len)) {
892 dev_err(adapter->dev, "%s(): invalid parameter <%p, %#x>\n",
893 __func__, skb->data, skb->len);
894 return -1;
895 }
896
897 if (!mwifiex_pcie_ok_to_access_hw(adapter))
898 mwifiex_pm_wakeup_card(adapter);
899
900 dev_dbg(adapter->dev, "info: SEND DATA: <Rd: %#x, Wr: %#x>\n",
901 card->txbd_rdptr, card->txbd_wrptr);
902 if (mwifiex_pcie_txbd_not_full(card)) {
776 u8 *payload; 903 u8 *payload;
777 904
778 adapter->data_sent = true; 905 adapter->data_sent = true;
779 skb_data = card->tx_buf_list[wrindx]; 906 payload = skb->data;
780 memcpy(skb_data->data, skb->data, skb->len);
781 payload = skb_data->data;
782 tmp = (__le16 *)&payload[0]; 907 tmp = (__le16 *)&payload[0];
783 *tmp = cpu_to_le16((u16)skb->len); 908 *tmp = cpu_to_le16((u16)skb->len);
784 tmp = (__le16 *)&payload[2]; 909 tmp = (__le16 *)&payload[2];
785 *tmp = cpu_to_le16(MWIFIEX_TYPE_DATA); 910 *tmp = cpu_to_le16(MWIFIEX_TYPE_DATA);
786 skb_put(skb_data, MWIFIEX_RX_DATA_BUF_SIZE - skb_data->len); 911
787 skb_trim(skb_data, skb->len); 912 if (mwifiex_map_pci_memory(adapter, skb, skb->len ,
788 buf_pa = MWIFIEX_SKB_PACB(skb_data); 913 PCI_DMA_TODEVICE))
789 card->txbd_ring[wrindx]->paddr = *buf_pa; 914 return -1;
790 card->txbd_ring[wrindx]->len = (u16)skb_data->len; 915
916 wrindx = card->txbd_wrptr & MWIFIEX_TXBD_MASK;
917 MWIFIEX_SKB_PACB(skb, &buf_pa);
918 card->tx_buf_list[wrindx] = skb;
919 card->txbd_ring[wrindx]->paddr = buf_pa;
920 card->txbd_ring[wrindx]->len = (u16)skb->len;
791 card->txbd_ring[wrindx]->flags = MWIFIEX_BD_FLAG_FIRST_DESC | 921 card->txbd_ring[wrindx]->flags = MWIFIEX_BD_FLAG_FIRST_DESC |
792 MWIFIEX_BD_FLAG_LAST_DESC; 922 MWIFIEX_BD_FLAG_LAST_DESC;
793 923
@@ -802,19 +932,28 @@ mwifiex_pcie_send_data(struct mwifiex_adapter *adapter, struct sk_buff *skb)
802 card->txbd_wrptr)) { 932 card->txbd_wrptr)) {
803 dev_err(adapter->dev, 933 dev_err(adapter->dev,
804 "SEND DATA: failed to write REG_TXBD_WRPTR\n"); 934 "SEND DATA: failed to write REG_TXBD_WRPTR\n");
805 return 0; 935 ret = -1;
936 goto done_unmap;
806 } 937 }
807 938 if ((mwifiex_pcie_txbd_not_full(card)) &&
808 /* Send the TX ready interrupt */ 939 tx_param->next_pkt_len) {
809 if (mwifiex_write_reg(adapter, PCIE_CPU_INT_EVENT, 940 /* have more packets and TxBD still can hold more */
810 CPU_INTR_DNLD_RDY)) { 941 dev_dbg(adapter->dev,
811 dev_err(adapter->dev, 942 "SEND DATA: delay dnld-rdy interrupt.\n");
812 "SEND DATA: failed to assert door-bell intr\n"); 943 adapter->data_sent = false;
813 return -1; 944 } else {
945 /* Send the TX ready interrupt */
946 if (mwifiex_write_reg(adapter, PCIE_CPU_INT_EVENT,
947 CPU_INTR_DNLD_RDY)) {
948 dev_err(adapter->dev,
949 "SEND DATA: failed to assert dnld-rdy interrupt.\n");
950 ret = -1;
951 goto done_unmap;
952 }
814 } 953 }
815 dev_dbg(adapter->dev, "info: SEND DATA: Updated <Rd: %#x, Wr: " 954 dev_dbg(adapter->dev, "info: SEND DATA: Updated <Rd: %#x, Wr: "
816 "%#x> and sent packet to firmware successfully\n", 955 "%#x> and sent packet to firmware successfully\n",
817 rdptr, card->txbd_wrptr); 956 card->txbd_rdptr, card->txbd_wrptr);
818 } else { 957 } else {
819 dev_dbg(adapter->dev, 958 dev_dbg(adapter->dev,
820 "info: TX Ring full, can't send packets to fw\n"); 959 "info: TX Ring full, can't send packets to fw\n");
@@ -827,7 +966,15 @@ mwifiex_pcie_send_data(struct mwifiex_adapter *adapter, struct sk_buff *skb)
827 return -EBUSY; 966 return -EBUSY;
828 } 967 }
829 968
830 return 0; 969 return -EINPROGRESS;
970done_unmap:
971 MWIFIEX_SKB_PACB(skb, &buf_pa);
972 pci_unmap_single(card->dev, buf_pa, skb->len, PCI_DMA_TODEVICE);
973 card->tx_buf_list[wrindx] = NULL;
974 card->txbd_ring[wrindx]->paddr = 0;
975 card->txbd_ring[wrindx]->len = 0;
976 card->txbd_ring[wrindx]->flags = 0;
977 return ret;
831} 978}
832 979
833/* 980/*
@@ -838,9 +985,13 @@ static int mwifiex_pcie_process_recv_data(struct mwifiex_adapter *adapter)
838{ 985{
839 struct pcie_service_card *card = adapter->card; 986 struct pcie_service_card *card = adapter->card;
840 u32 wrptr, rd_index; 987 u32 wrptr, rd_index;
988 dma_addr_t buf_pa;
841 int ret = 0; 989 int ret = 0;
842 struct sk_buff *skb_tmp = NULL; 990 struct sk_buff *skb_tmp = NULL;
843 991
992 if (!mwifiex_pcie_ok_to_access_hw(adapter))
993 mwifiex_pm_wakeup_card(adapter);
994
844 /* Read the RX ring Write pointer set by firmware */ 995 /* Read the RX ring Write pointer set by firmware */
845 if (mwifiex_read_reg(adapter, REG_RXBD_WRPTR, &wrptr)) { 996 if (mwifiex_read_reg(adapter, REG_RXBD_WRPTR, &wrptr)) {
846 dev_err(adapter->dev, 997 dev_err(adapter->dev,
@@ -848,6 +999,7 @@ static int mwifiex_pcie_process_recv_data(struct mwifiex_adapter *adapter)
848 ret = -1; 999 ret = -1;
849 goto done; 1000 goto done;
850 } 1001 }
1002 card->rxbd_wrptr = wrptr;
851 1003
852 while (((wrptr & MWIFIEX_RXBD_MASK) != 1004 while (((wrptr & MWIFIEX_RXBD_MASK) !=
853 (card->rxbd_rdptr & MWIFIEX_RXBD_MASK)) || 1005 (card->rxbd_rdptr & MWIFIEX_RXBD_MASK)) ||
@@ -855,27 +1007,50 @@ static int mwifiex_pcie_process_recv_data(struct mwifiex_adapter *adapter)
855 (card->rxbd_rdptr & MWIFIEX_BD_FLAG_ROLLOVER_IND))) { 1007 (card->rxbd_rdptr & MWIFIEX_BD_FLAG_ROLLOVER_IND))) {
856 struct sk_buff *skb_data; 1008 struct sk_buff *skb_data;
857 u16 rx_len; 1009 u16 rx_len;
1010 __le16 pkt_len;
858 1011
859 rd_index = card->rxbd_rdptr & MWIFIEX_RXBD_MASK; 1012 rd_index = card->rxbd_rdptr & MWIFIEX_RXBD_MASK;
860 skb_data = card->rx_buf_list[rd_index]; 1013 skb_data = card->rx_buf_list[rd_index];
861 1014
1015 MWIFIEX_SKB_PACB(skb_data, &buf_pa);
1016 pci_unmap_single(card->dev, buf_pa, MWIFIEX_RX_DATA_BUF_SIZE,
1017 PCI_DMA_FROMDEVICE);
1018 card->rx_buf_list[rd_index] = NULL;
1019
862 /* Get data length from interface header - 1020 /* Get data length from interface header -
863 first byte is len, second byte is type */ 1021 * first 2 bytes for len, next 2 bytes is for type
864 rx_len = *((u16 *)skb_data->data); 1022 */
1023 pkt_len = *((__le16 *)skb_data->data);
1024 rx_len = le16_to_cpu(pkt_len);
1025 skb_put(skb_data, rx_len);
865 dev_dbg(adapter->dev, 1026 dev_dbg(adapter->dev,
866 "info: RECV DATA: Rd=%#x, Wr=%#x, Len=%d\n", 1027 "info: RECV DATA: Rd=%#x, Wr=%#x, Len=%d\n",
867 card->rxbd_rdptr, wrptr, rx_len); 1028 card->rxbd_rdptr, wrptr, rx_len);
868 skb_tmp = dev_alloc_skb(rx_len); 1029 skb_pull(skb_data, INTF_HEADER_LEN);
1030 mwifiex_handle_rx_packet(adapter, skb_data);
1031
1032 skb_tmp = dev_alloc_skb(MWIFIEX_RX_DATA_BUF_SIZE);
869 if (!skb_tmp) { 1033 if (!skb_tmp) {
870 dev_dbg(adapter->dev, 1034 dev_err(adapter->dev,
871 "info: Failed to alloc skb for RX\n"); 1035 "Unable to allocate skb.\n");
872 ret = -EBUSY; 1036 return -ENOMEM;
873 goto done;
874 } 1037 }
875 1038
876 skb_put(skb_tmp, rx_len); 1039 if (mwifiex_map_pci_memory(adapter, skb_tmp,
1040 MWIFIEX_RX_DATA_BUF_SIZE,
1041 PCI_DMA_FROMDEVICE))
1042 return -1;
1043
1044 MWIFIEX_SKB_PACB(skb_tmp, &buf_pa);
1045
1046 dev_dbg(adapter->dev,
1047 "RECV DATA: Attach new sk_buff %p at rxbd_rdidx=%d\n",
1048 skb_tmp, rd_index);
1049 card->rx_buf_list[rd_index] = skb_tmp;
1050 card->rxbd_ring[rd_index]->paddr = buf_pa;
1051 card->rxbd_ring[rd_index]->len = skb_tmp->len;
1052 card->rxbd_ring[rd_index]->flags = 0;
877 1053
878 memcpy(skb_tmp->data, skb_data->data + INTF_HEADER_LEN, rx_len);
879 if ((++card->rxbd_rdptr & MWIFIEX_RXBD_MASK) == 1054 if ((++card->rxbd_rdptr & MWIFIEX_RXBD_MASK) ==
880 MWIFIEX_MAX_TXRX_BD) { 1055 MWIFIEX_MAX_TXRX_BD) {
881 card->rxbd_rdptr = ((card->rxbd_rdptr & 1056 card->rxbd_rdptr = ((card->rxbd_rdptr &
@@ -903,12 +1078,10 @@ static int mwifiex_pcie_process_recv_data(struct mwifiex_adapter *adapter)
903 } 1078 }
904 dev_dbg(adapter->dev, 1079 dev_dbg(adapter->dev,
905 "info: RECV DATA: Rcvd packet from fw successfully\n"); 1080 "info: RECV DATA: Rcvd packet from fw successfully\n");
906 mwifiex_handle_rx_packet(adapter, skb_tmp); 1081 card->rxbd_wrptr = wrptr;
907 } 1082 }
908 1083
909done: 1084done:
910 if (ret && skb_tmp)
911 dev_kfree_skb_any(skb_tmp);
912 return ret; 1085 return ret;
913} 1086}
914 1087
@@ -918,32 +1091,41 @@ done:
918static int 1091static int
919mwifiex_pcie_send_boot_cmd(struct mwifiex_adapter *adapter, struct sk_buff *skb) 1092mwifiex_pcie_send_boot_cmd(struct mwifiex_adapter *adapter, struct sk_buff *skb)
920{ 1093{
921 phys_addr_t *buf_pa = MWIFIEX_SKB_PACB(skb); 1094 dma_addr_t buf_pa;
1095 struct pcie_service_card *card = adapter->card;
922 1096
923 if (!(skb->data && skb->len && *buf_pa)) { 1097 if (!(skb->data && skb->len)) {
924 dev_err(adapter->dev, 1098 dev_err(adapter->dev,
925 "Invalid parameter in %s <%p, %#x:%x, %x>\n", 1099 "Invalid parameter in %s <%p. len %d>\n",
926 __func__, skb->data, skb->len, 1100 __func__, skb->data, skb->len);
927 (u32)*buf_pa, (u32)((u64)*buf_pa >> 32));
928 return -1; 1101 return -1;
929 } 1102 }
930 1103
1104 if (mwifiex_map_pci_memory(adapter, skb, skb->len , PCI_DMA_TODEVICE))
1105 return -1;
1106
1107 MWIFIEX_SKB_PACB(skb, &buf_pa);
1108
931 /* Write the lower 32bits of the physical address to scratch 1109 /* Write the lower 32bits of the physical address to scratch
932 * register 0 */ 1110 * register 0 */
933 if (mwifiex_write_reg(adapter, PCIE_SCRATCH_0_REG, (u32)*buf_pa)) { 1111 if (mwifiex_write_reg(adapter, PCIE_SCRATCH_0_REG, (u32)buf_pa)) {
934 dev_err(adapter->dev, 1112 dev_err(adapter->dev,
935 "%s: failed to write download command to boot code.\n", 1113 "%s: failed to write download command to boot code.\n",
936 __func__); 1114 __func__);
1115 pci_unmap_single(card->dev, buf_pa, MWIFIEX_UPLD_SIZE,
1116 PCI_DMA_TODEVICE);
937 return -1; 1117 return -1;
938 } 1118 }
939 1119
940 /* Write the upper 32bits of the physical address to scratch 1120 /* Write the upper 32bits of the physical address to scratch
941 * register 1 */ 1121 * register 1 */
942 if (mwifiex_write_reg(adapter, PCIE_SCRATCH_1_REG, 1122 if (mwifiex_write_reg(adapter, PCIE_SCRATCH_1_REG,
943 (u32)((u64)*buf_pa >> 32))) { 1123 (u32)((u64)buf_pa >> 32))) {
944 dev_err(adapter->dev, 1124 dev_err(adapter->dev,
945 "%s: failed to write download command to boot code.\n", 1125 "%s: failed to write download command to boot code.\n",
946 __func__); 1126 __func__);
1127 pci_unmap_single(card->dev, buf_pa, MWIFIEX_UPLD_SIZE,
1128 PCI_DMA_TODEVICE);
947 return -1; 1129 return -1;
948 } 1130 }
949 1131
@@ -952,6 +1134,8 @@ mwifiex_pcie_send_boot_cmd(struct mwifiex_adapter *adapter, struct sk_buff *skb)
952 dev_err(adapter->dev, 1134 dev_err(adapter->dev,
953 "%s: failed to write command len to scratch reg 2\n", 1135 "%s: failed to write command len to scratch reg 2\n",
954 __func__); 1136 __func__);
1137 pci_unmap_single(card->dev, buf_pa, MWIFIEX_UPLD_SIZE,
1138 PCI_DMA_TODEVICE);
955 return -1; 1139 return -1;
956 } 1140 }
957 1141
@@ -960,22 +1144,39 @@ mwifiex_pcie_send_boot_cmd(struct mwifiex_adapter *adapter, struct sk_buff *skb)
960 CPU_INTR_DOOR_BELL)) { 1144 CPU_INTR_DOOR_BELL)) {
961 dev_err(adapter->dev, 1145 dev_err(adapter->dev,
962 "%s: failed to assert door-bell intr\n", __func__); 1146 "%s: failed to assert door-bell intr\n", __func__);
1147 pci_unmap_single(card->dev, buf_pa,
1148 MWIFIEX_UPLD_SIZE, PCI_DMA_TODEVICE);
963 return -1; 1149 return -1;
964 } 1150 }
965 1151
966 return 0; 1152 return 0;
967} 1153}
968 1154
969/* 1155/* This function init rx port in firmware which in turn enables to receive data
970 * This function downloads commands to the device 1156 * from device before transmitting any packet.
1157 */
1158static int mwifiex_pcie_init_fw_port(struct mwifiex_adapter *adapter)
1159{
1160 struct pcie_service_card *card = adapter->card;
1161
1162 /* Write the RX ring read pointer in to REG_RXBD_RDPTR */
1163 if (mwifiex_write_reg(adapter, REG_RXBD_RDPTR, card->rxbd_rdptr | 0)) {
1164 dev_err(adapter->dev,
1165 "RECV DATA: failed to write REG_RXBD_RDPTR\n");
1166 return -1;
1167 }
1168 return 0;
1169}
1170
1171/* This function downloads commands to the device
971 */ 1172 */
972static int 1173static int
973mwifiex_pcie_send_cmd(struct mwifiex_adapter *adapter, struct sk_buff *skb) 1174mwifiex_pcie_send_cmd(struct mwifiex_adapter *adapter, struct sk_buff *skb)
974{ 1175{
975 struct pcie_service_card *card = adapter->card; 1176 struct pcie_service_card *card = adapter->card;
976 int ret = 0; 1177 int ret = 0;
977 phys_addr_t *cmd_buf_pa; 1178 dma_addr_t cmd_buf_pa, cmdrsp_buf_pa;
978 phys_addr_t *cmdrsp_buf_pa; 1179 u8 *payload = (u8 *)skb->data;
979 1180
980 if (!(skb->data && skb->len)) { 1181 if (!(skb->data && skb->len)) {
981 dev_err(adapter->dev, "Invalid parameter in %s <%p, %#x>\n", 1182 dev_err(adapter->dev, "Invalid parameter in %s <%p, %#x>\n",
@@ -990,17 +1191,18 @@ mwifiex_pcie_send_cmd(struct mwifiex_adapter *adapter, struct sk_buff *skb)
990 return -EBUSY; 1191 return -EBUSY;
991 } 1192 }
992 1193
993 /* Make sure a command buffer is available */ 1194 if (!mwifiex_pcie_ok_to_access_hw(adapter))
994 if (!card->cmd_buf) { 1195 mwifiex_pm_wakeup_card(adapter);
995 dev_err(adapter->dev, "Command buffer not available\n");
996 return -EBUSY;
997 }
998 1196
999 adapter->cmd_sent = true; 1197 adapter->cmd_sent = true;
1000 /* Copy the given skb in to DMA accessable shared buffer */ 1198
1001 skb_put(card->cmd_buf, MWIFIEX_SIZE_OF_CMD_BUFFER - card->cmd_buf->len); 1199 *(__le16 *)&payload[0] = cpu_to_le16((u16)skb->len);
1002 skb_trim(card->cmd_buf, skb->len); 1200 *(__le16 *)&payload[2] = cpu_to_le16(MWIFIEX_TYPE_CMD);
1003 memcpy(card->cmd_buf->data, skb->data, skb->len); 1201
1202 if (mwifiex_map_pci_memory(adapter, skb, skb->len, PCI_DMA_TODEVICE))
1203 return -1;
1204
1205 card->cmd_buf = skb;
1004 1206
1005 /* To send a command, the driver will: 1207 /* To send a command, the driver will:
1006 1. Write the 64bit physical address of the data buffer to 1208 1. Write the 64bit physical address of the data buffer to
@@ -1013,11 +1215,11 @@ mwifiex_pcie_send_cmd(struct mwifiex_adapter *adapter, struct sk_buff *skb)
1013 */ 1215 */
1014 1216
1015 if (card->cmdrsp_buf) { 1217 if (card->cmdrsp_buf) {
1016 cmdrsp_buf_pa = MWIFIEX_SKB_PACB(card->cmdrsp_buf); 1218 MWIFIEX_SKB_PACB(card->cmdrsp_buf, &cmdrsp_buf_pa);
1017 /* Write the lower 32bits of the cmdrsp buffer physical 1219 /* Write the lower 32bits of the cmdrsp buffer physical
1018 address */ 1220 address */
1019 if (mwifiex_write_reg(adapter, REG_CMDRSP_ADDR_LO, 1221 if (mwifiex_write_reg(adapter, REG_CMDRSP_ADDR_LO,
1020 (u32)*cmdrsp_buf_pa)) { 1222 (u32)cmdrsp_buf_pa)) {
1021 dev_err(adapter->dev, 1223 dev_err(adapter->dev,
1022 "Failed to write download cmd to boot code.\n"); 1224 "Failed to write download cmd to boot code.\n");
1023 ret = -1; 1225 ret = -1;
@@ -1026,7 +1228,7 @@ mwifiex_pcie_send_cmd(struct mwifiex_adapter *adapter, struct sk_buff *skb)
1026 /* Write the upper 32bits of the cmdrsp buffer physical 1228 /* Write the upper 32bits of the cmdrsp buffer physical
1027 address */ 1229 address */
1028 if (mwifiex_write_reg(adapter, REG_CMDRSP_ADDR_HI, 1230 if (mwifiex_write_reg(adapter, REG_CMDRSP_ADDR_HI,
1029 (u32)((u64)*cmdrsp_buf_pa >> 32))) { 1231 (u32)((u64)cmdrsp_buf_pa >> 32))) {
1030 dev_err(adapter->dev, 1232 dev_err(adapter->dev,
1031 "Failed to write download cmd to boot code.\n"); 1233 "Failed to write download cmd to boot code.\n");
1032 ret = -1; 1234 ret = -1;
@@ -1034,9 +1236,9 @@ mwifiex_pcie_send_cmd(struct mwifiex_adapter *adapter, struct sk_buff *skb)
1034 } 1236 }
1035 } 1237 }
1036 1238
1037 cmd_buf_pa = MWIFIEX_SKB_PACB(card->cmd_buf); 1239 MWIFIEX_SKB_PACB(card->cmd_buf, &cmd_buf_pa);
1038 /* Write the lower 32bits of the physical address to REG_CMD_ADDR_LO */ 1240 /* Write the lower 32bits of the physical address to REG_CMD_ADDR_LO */
1039 if (mwifiex_write_reg(adapter, REG_CMD_ADDR_LO, (u32)*cmd_buf_pa)) { 1241 if (mwifiex_write_reg(adapter, REG_CMD_ADDR_LO, (u32)cmd_buf_pa)) {
1040 dev_err(adapter->dev, 1242 dev_err(adapter->dev,
1041 "Failed to write download cmd to boot code.\n"); 1243 "Failed to write download cmd to boot code.\n");
1042 ret = -1; 1244 ret = -1;
@@ -1044,7 +1246,7 @@ mwifiex_pcie_send_cmd(struct mwifiex_adapter *adapter, struct sk_buff *skb)
1044 } 1246 }
1045 /* Write the upper 32bits of the physical address to REG_CMD_ADDR_HI */ 1247 /* Write the upper 32bits of the physical address to REG_CMD_ADDR_HI */
1046 if (mwifiex_write_reg(adapter, REG_CMD_ADDR_HI, 1248 if (mwifiex_write_reg(adapter, REG_CMD_ADDR_HI,
1047 (u32)((u64)*cmd_buf_pa >> 32))) { 1249 (u32)((u64)cmd_buf_pa >> 32))) {
1048 dev_err(adapter->dev, 1250 dev_err(adapter->dev,
1049 "Failed to write download cmd to boot code.\n"); 1251 "Failed to write download cmd to boot code.\n");
1050 ret = -1; 1252 ret = -1;
@@ -1083,11 +1285,22 @@ static int mwifiex_pcie_process_cmd_complete(struct mwifiex_adapter *adapter)
1083 struct pcie_service_card *card = adapter->card; 1285 struct pcie_service_card *card = adapter->card;
1084 struct sk_buff *skb = card->cmdrsp_buf; 1286 struct sk_buff *skb = card->cmdrsp_buf;
1085 int count = 0; 1287 int count = 0;
1288 u16 rx_len;
1289 __le16 pkt_len;
1290 dma_addr_t buf_pa;
1086 1291
1087 dev_dbg(adapter->dev, "info: Rx CMD Response\n"); 1292 dev_dbg(adapter->dev, "info: Rx CMD Response\n");
1088 1293
1294 MWIFIEX_SKB_PACB(skb, &buf_pa);
1295 pci_unmap_single(card->dev, buf_pa, MWIFIEX_UPLD_SIZE,
1296 PCI_DMA_FROMDEVICE);
1297
1298 pkt_len = *((__le16 *)skb->data);
1299 rx_len = le16_to_cpu(pkt_len);
1300 skb_trim(skb, rx_len);
1301 skb_pull(skb, INTF_HEADER_LEN);
1302
1089 if (!adapter->curr_cmd) { 1303 if (!adapter->curr_cmd) {
1090 skb_pull(skb, INTF_HEADER_LEN);
1091 if (adapter->ps_state == PS_STATE_SLEEP_CFM) { 1304 if (adapter->ps_state == PS_STATE_SLEEP_CFM) {
1092 mwifiex_process_sleep_confirm_resp(adapter, skb->data, 1305 mwifiex_process_sleep_confirm_resp(adapter, skb->data,
1093 skb->len); 1306 skb->len);
@@ -1100,9 +1313,12 @@ static int mwifiex_pcie_process_cmd_complete(struct mwifiex_adapter *adapter)
1100 } 1313 }
1101 memcpy(adapter->upld_buf, skb->data, 1314 memcpy(adapter->upld_buf, skb->data,
1102 min_t(u32, MWIFIEX_SIZE_OF_CMD_BUFFER, skb->len)); 1315 min_t(u32, MWIFIEX_SIZE_OF_CMD_BUFFER, skb->len));
1103 skb_push(skb, INTF_HEADER_LEN); 1316 if (mwifiex_map_pci_memory(adapter, skb, MWIFIEX_UPLD_SIZE,
1317 PCI_DMA_FROMDEVICE))
1318 return -1;
1319
1320 MWIFIEX_SKB_PACB(skb, &buf_pa);
1104 } else if (mwifiex_pcie_ok_to_access_hw(adapter)) { 1321 } else if (mwifiex_pcie_ok_to_access_hw(adapter)) {
1105 skb_pull(skb, INTF_HEADER_LEN);
1106 adapter->curr_cmd->resp_skb = skb; 1322 adapter->curr_cmd->resp_skb = skb;
1107 adapter->cmd_resp_received = true; 1323 adapter->cmd_resp_received = true;
1108 /* Take the pointer and set it to CMD node and will 1324 /* Take the pointer and set it to CMD node and will
@@ -1136,10 +1352,23 @@ static int mwifiex_pcie_cmdrsp_complete(struct mwifiex_adapter *adapter,
1136 struct sk_buff *skb) 1352 struct sk_buff *skb)
1137{ 1353{
1138 struct pcie_service_card *card = adapter->card; 1354 struct pcie_service_card *card = adapter->card;
1355 dma_addr_t buf_pa;
1356 struct sk_buff *skb_tmp;
1139 1357
1140 if (skb) { 1358 if (skb) {
1141 card->cmdrsp_buf = skb; 1359 card->cmdrsp_buf = skb;
1142 skb_push(card->cmdrsp_buf, INTF_HEADER_LEN); 1360 skb_push(card->cmdrsp_buf, INTF_HEADER_LEN);
1361 if (mwifiex_map_pci_memory(adapter, skb, MWIFIEX_UPLD_SIZE,
1362 PCI_DMA_FROMDEVICE))
1363 return -1;
1364 }
1365
1366 skb_tmp = card->cmd_buf;
1367 if (skb_tmp) {
1368 MWIFIEX_SKB_PACB(skb_tmp, &buf_pa);
1369 pci_unmap_single(card->dev, buf_pa, MWIFIEX_UPLD_SIZE,
1370 PCI_DMA_FROMDEVICE);
1371 card->cmd_buf = NULL;
1143 } 1372 }
1144 1373
1145 return 0; 1374 return 0;
@@ -1153,6 +1382,10 @@ static int mwifiex_pcie_process_event_ready(struct mwifiex_adapter *adapter)
1153 struct pcie_service_card *card = adapter->card; 1382 struct pcie_service_card *card = adapter->card;
1154 u32 rdptr = card->evtbd_rdptr & MWIFIEX_EVTBD_MASK; 1383 u32 rdptr = card->evtbd_rdptr & MWIFIEX_EVTBD_MASK;
1155 u32 wrptr, event; 1384 u32 wrptr, event;
1385 dma_addr_t buf_pa;
1386
1387 if (!mwifiex_pcie_ok_to_access_hw(adapter))
1388 mwifiex_pm_wakeup_card(adapter);
1156 1389
1157 if (adapter->event_received) { 1390 if (adapter->event_received) {
1158 dev_dbg(adapter->dev, "info: Event being processed, " 1391 dev_dbg(adapter->dev, "info: Event being processed, "
@@ -1184,6 +1417,10 @@ static int mwifiex_pcie_process_event_ready(struct mwifiex_adapter *adapter)
1184 1417
1185 dev_dbg(adapter->dev, "info: Read Index: %d\n", rdptr); 1418 dev_dbg(adapter->dev, "info: Read Index: %d\n", rdptr);
1186 skb_cmd = card->evt_buf_list[rdptr]; 1419 skb_cmd = card->evt_buf_list[rdptr];
1420 MWIFIEX_SKB_PACB(skb_cmd, &buf_pa);
1421 pci_unmap_single(card->dev, buf_pa, MAX_EVENT_SIZE,
1422 PCI_DMA_FROMDEVICE);
1423
1187 /* Take the pointer and set it to event pointer in adapter 1424 /* Take the pointer and set it to event pointer in adapter
1188 and will return back after event handling callback */ 1425 and will return back after event handling callback */
1189 card->evt_buf_list[rdptr] = NULL; 1426 card->evt_buf_list[rdptr] = NULL;
@@ -1228,7 +1465,7 @@ static int mwifiex_pcie_event_complete(struct mwifiex_adapter *adapter,
1228 int ret = 0; 1465 int ret = 0;
1229 u32 rdptr = card->evtbd_rdptr & MWIFIEX_EVTBD_MASK; 1466 u32 rdptr = card->evtbd_rdptr & MWIFIEX_EVTBD_MASK;
1230 u32 wrptr; 1467 u32 wrptr;
1231 phys_addr_t *buf_pa; 1468 dma_addr_t buf_pa;
1232 1469
1233 if (!skb) 1470 if (!skb)
1234 return 0; 1471 return 0;
@@ -1248,9 +1485,14 @@ static int mwifiex_pcie_event_complete(struct mwifiex_adapter *adapter,
1248 1485
1249 if (!card->evt_buf_list[rdptr]) { 1486 if (!card->evt_buf_list[rdptr]) {
1250 skb_push(skb, INTF_HEADER_LEN); 1487 skb_push(skb, INTF_HEADER_LEN);
1488 if (mwifiex_map_pci_memory(adapter, skb,
1489 MAX_EVENT_SIZE,
1490 PCI_DMA_FROMDEVICE))
1491 return -1;
1492 MWIFIEX_SKB_PACB(skb, &buf_pa);
1251 card->evt_buf_list[rdptr] = skb; 1493 card->evt_buf_list[rdptr] = skb;
1252 buf_pa = MWIFIEX_SKB_PACB(skb); 1494 MWIFIEX_SKB_PACB(skb, &buf_pa);
1253 card->evtbd_ring[rdptr]->paddr = *buf_pa; 1495 card->evtbd_ring[rdptr]->paddr = buf_pa;
1254 card->evtbd_ring[rdptr]->len = (u16)skb->len; 1496 card->evtbd_ring[rdptr]->len = (u16)skb->len;
1255 card->evtbd_ring[rdptr]->flags = 0; 1497 card->evtbd_ring[rdptr]->flags = 0;
1256 skb = NULL; 1498 skb = NULL;
@@ -1299,11 +1541,8 @@ static int mwifiex_prog_fw_w_helper(struct mwifiex_adapter *adapter,
1299 struct sk_buff *skb; 1541 struct sk_buff *skb;
1300 u32 txlen, tx_blocks = 0, tries, len; 1542 u32 txlen, tx_blocks = 0, tries, len;
1301 u32 block_retry_cnt = 0; 1543 u32 block_retry_cnt = 0;
1302 1544 dma_addr_t buf_pa;
1303 if (!adapter) { 1545 struct pcie_service_card *card = adapter->card;
1304 pr_err("adapter structure is not valid\n");
1305 return -1;
1306 }
1307 1546
1308 if (!firmware || !firmware_len) { 1547 if (!firmware || !firmware_len) {
1309 dev_err(adapter->dev, 1548 dev_err(adapter->dev,
@@ -1325,7 +1564,6 @@ static int mwifiex_prog_fw_w_helper(struct mwifiex_adapter *adapter,
1325 ret = -ENOMEM; 1564 ret = -ENOMEM;
1326 goto done; 1565 goto done;
1327 } 1566 }
1328 mwifiex_update_sk_buff_pa(skb);
1329 1567
1330 /* Perform firmware data transfer */ 1568 /* Perform firmware data transfer */
1331 do { 1569 do {
@@ -1400,6 +1638,9 @@ static int mwifiex_prog_fw_w_helper(struct mwifiex_adapter *adapter,
1400 ret = -1; 1638 ret = -1;
1401 goto done; 1639 goto done;
1402 } 1640 }
1641
1642 MWIFIEX_SKB_PACB(skb, &buf_pa);
1643
1403 /* Wait for the command done interrupt */ 1644 /* Wait for the command done interrupt */
1404 do { 1645 do {
1405 if (mwifiex_read_reg(adapter, PCIE_CPU_INT_STATUS, 1646 if (mwifiex_read_reg(adapter, PCIE_CPU_INT_STATUS,
@@ -1407,11 +1648,17 @@ static int mwifiex_prog_fw_w_helper(struct mwifiex_adapter *adapter,
1407 dev_err(adapter->dev, "%s: Failed to read " 1648 dev_err(adapter->dev, "%s: Failed to read "
1408 "interrupt status during fw dnld.\n", 1649 "interrupt status during fw dnld.\n",
1409 __func__); 1650 __func__);
1651 pci_unmap_single(card->dev, buf_pa, skb->len,
1652 PCI_DMA_TODEVICE);
1410 ret = -1; 1653 ret = -1;
1411 goto done; 1654 goto done;
1412 } 1655 }
1413 } while ((ireg_intr & CPU_INTR_DOOR_BELL) == 1656 } while ((ireg_intr & CPU_INTR_DOOR_BELL) ==
1414 CPU_INTR_DOOR_BELL); 1657 CPU_INTR_DOOR_BELL);
1658
1659 pci_unmap_single(card->dev, buf_pa, skb->len,
1660 PCI_DMA_TODEVICE);
1661
1415 offset += txlen; 1662 offset += txlen;
1416 } while (true); 1663 } while (true);
1417 1664
@@ -1594,39 +1841,40 @@ exit:
1594static int mwifiex_process_int_status(struct mwifiex_adapter *adapter) 1841static int mwifiex_process_int_status(struct mwifiex_adapter *adapter)
1595{ 1842{
1596 int ret; 1843 int ret;
1597 u32 pcie_ireg = 0; 1844 u32 pcie_ireg;
1598 unsigned long flags; 1845 unsigned long flags;
1599 1846
1600 spin_lock_irqsave(&adapter->int_lock, flags); 1847 spin_lock_irqsave(&adapter->int_lock, flags);
1601 /* Clear out unused interrupts */ 1848 /* Clear out unused interrupts */
1602 adapter->int_status &= HOST_INTR_MASK; 1849 pcie_ireg = adapter->int_status;
1850 adapter->int_status = 0;
1603 spin_unlock_irqrestore(&adapter->int_lock, flags); 1851 spin_unlock_irqrestore(&adapter->int_lock, flags);
1604 1852
1605 while (adapter->int_status & HOST_INTR_MASK) { 1853 while (pcie_ireg & HOST_INTR_MASK) {
1606 if (adapter->int_status & HOST_INTR_DNLD_DONE) { 1854 if (pcie_ireg & HOST_INTR_DNLD_DONE) {
1607 adapter->int_status &= ~HOST_INTR_DNLD_DONE; 1855 pcie_ireg &= ~HOST_INTR_DNLD_DONE;
1608 if (adapter->data_sent) { 1856 dev_dbg(adapter->dev, "info: TX DNLD Done\n");
1609 dev_dbg(adapter->dev, "info: DATA sent intr\n"); 1857 ret = mwifiex_pcie_send_data_complete(adapter);
1610 adapter->data_sent = false; 1858 if (ret)
1611 } 1859 return ret;
1612 } 1860 }
1613 if (adapter->int_status & HOST_INTR_UPLD_RDY) { 1861 if (pcie_ireg & HOST_INTR_UPLD_RDY) {
1614 adapter->int_status &= ~HOST_INTR_UPLD_RDY; 1862 pcie_ireg &= ~HOST_INTR_UPLD_RDY;
1615 dev_dbg(adapter->dev, "info: Rx DATA\n"); 1863 dev_dbg(adapter->dev, "info: Rx DATA\n");
1616 ret = mwifiex_pcie_process_recv_data(adapter); 1864 ret = mwifiex_pcie_process_recv_data(adapter);
1617 if (ret) 1865 if (ret)
1618 return ret; 1866 return ret;
1619 } 1867 }
1620 if (adapter->int_status & HOST_INTR_EVENT_RDY) { 1868 if (pcie_ireg & HOST_INTR_EVENT_RDY) {
1621 adapter->int_status &= ~HOST_INTR_EVENT_RDY; 1869 pcie_ireg &= ~HOST_INTR_EVENT_RDY;
1622 dev_dbg(adapter->dev, "info: Rx EVENT\n"); 1870 dev_dbg(adapter->dev, "info: Rx EVENT\n");
1623 ret = mwifiex_pcie_process_event_ready(adapter); 1871 ret = mwifiex_pcie_process_event_ready(adapter);
1624 if (ret) 1872 if (ret)
1625 return ret; 1873 return ret;
1626 } 1874 }
1627 1875
1628 if (adapter->int_status & HOST_INTR_CMD_DONE) { 1876 if (pcie_ireg & HOST_INTR_CMD_DONE) {
1629 adapter->int_status &= ~HOST_INTR_CMD_DONE; 1877 pcie_ireg &= ~HOST_INTR_CMD_DONE;
1630 if (adapter->cmd_sent) { 1878 if (adapter->cmd_sent) {
1631 dev_dbg(adapter->dev, 1879 dev_dbg(adapter->dev,
1632 "info: CMD sent Interrupt\n"); 1880 "info: CMD sent Interrupt\n");
@@ -1654,8 +1902,6 @@ static int mwifiex_process_int_status(struct mwifiex_adapter *adapter)
1654 "Write register failed\n"); 1902 "Write register failed\n");
1655 return -1; 1903 return -1;
1656 } 1904 }
1657 adapter->int_status |= pcie_ireg;
1658 adapter->int_status &= HOST_INTR_MASK;
1659 } 1905 }
1660 1906
1661 } 1907 }
@@ -1687,7 +1933,7 @@ static int mwifiex_pcie_host_to_card(struct mwifiex_adapter *adapter, u8 type,
1687 } 1933 }
1688 1934
1689 if (type == MWIFIEX_TYPE_DATA) 1935 if (type == MWIFIEX_TYPE_DATA)
1690 return mwifiex_pcie_send_data(adapter, skb); 1936 return mwifiex_pcie_send_data(adapter, skb, tx_param);
1691 else if (type == MWIFIEX_TYPE_CMD) 1937 else if (type == MWIFIEX_TYPE_CMD)
1692 return mwifiex_pcie_send_cmd(adapter, skb); 1938 return mwifiex_pcie_send_cmd(adapter, skb);
1693 1939
@@ -1739,6 +1985,7 @@ static int mwifiex_pcie_init(struct mwifiex_adapter *adapter)
1739 card->pci_mmap = pci_iomap(pdev, 0, 0); 1985 card->pci_mmap = pci_iomap(pdev, 0, 0);
1740 if (!card->pci_mmap) { 1986 if (!card->pci_mmap) {
1741 dev_err(adapter->dev, "iomap(0) error\n"); 1987 dev_err(adapter->dev, "iomap(0) error\n");
1988 ret = -EIO;
1742 goto err_iomap0; 1989 goto err_iomap0;
1743 } 1990 }
1744 ret = pci_request_region(pdev, 2, DRV_NAME); 1991 ret = pci_request_region(pdev, 2, DRV_NAME);
@@ -1749,6 +1996,7 @@ static int mwifiex_pcie_init(struct mwifiex_adapter *adapter)
1749 card->pci_mmap1 = pci_iomap(pdev, 2, 0); 1996 card->pci_mmap1 = pci_iomap(pdev, 2, 0);
1750 if (!card->pci_mmap1) { 1997 if (!card->pci_mmap1) {
1751 dev_err(adapter->dev, "iomap(2) error\n"); 1998 dev_err(adapter->dev, "iomap(2) error\n");
1999 ret = -EIO;
1752 goto err_iomap2; 2000 goto err_iomap2;
1753 } 2001 }
1754 2002
@@ -1814,15 +2062,8 @@ static void mwifiex_pcie_cleanup(struct mwifiex_adapter *adapter)
1814 struct pcie_service_card *card = adapter->card; 2062 struct pcie_service_card *card = adapter->card;
1815 struct pci_dev *pdev = card->dev; 2063 struct pci_dev *pdev = card->dev;
1816 2064
1817 mwifiex_pcie_delete_sleep_cookie_buf(adapter);
1818 mwifiex_pcie_delete_cmdrsp_buf(adapter);
1819 mwifiex_pcie_delete_evtbd_ring(adapter);
1820 mwifiex_pcie_delete_rxbd_ring(adapter);
1821 mwifiex_pcie_delete_txbd_ring(adapter);
1822 card->cmdrsp_buf = NULL;
1823
1824 dev_dbg(adapter->dev, "Clearing driver ready signature\n");
1825 if (user_rmmod) { 2065 if (user_rmmod) {
2066 dev_dbg(adapter->dev, "Clearing driver ready signature\n");
1826 if (mwifiex_write_reg(adapter, REG_DRV_READY, 0x00000000)) 2067 if (mwifiex_write_reg(adapter, REG_DRV_READY, 0x00000000))
1827 dev_err(adapter->dev, 2068 dev_err(adapter->dev,
1828 "Failed to write driver not-ready signature\n"); 2069 "Failed to write driver not-ready signature\n");
@@ -1879,6 +2120,13 @@ static void mwifiex_unregister_dev(struct mwifiex_adapter *adapter)
1879 if (card) { 2120 if (card) {
1880 dev_dbg(adapter->dev, "%s(): calling free_irq()\n", __func__); 2121 dev_dbg(adapter->dev, "%s(): calling free_irq()\n", __func__);
1881 free_irq(card->dev->irq, card->dev); 2122 free_irq(card->dev->irq, card->dev);
2123
2124 mwifiex_pcie_delete_sleep_cookie_buf(adapter);
2125 mwifiex_pcie_delete_cmdrsp_buf(adapter);
2126 mwifiex_pcie_delete_evtbd_ring(adapter);
2127 mwifiex_pcie_delete_rxbd_ring(adapter);
2128 mwifiex_pcie_delete_txbd_ring(adapter);
2129 card->cmdrsp_buf = NULL;
1882 } 2130 }
1883} 2131}
1884 2132
@@ -1900,6 +2148,8 @@ static struct mwifiex_if_ops pcie_ops = {
1900 .event_complete = mwifiex_pcie_event_complete, 2148 .event_complete = mwifiex_pcie_event_complete,
1901 .update_mp_end_port = NULL, 2149 .update_mp_end_port = NULL,
1902 .cleanup_mpa_buf = NULL, 2150 .cleanup_mpa_buf = NULL,
2151 .init_fw_port = mwifiex_pcie_init_fw_port,
2152 .clean_pcie_ring = mwifiex_clean_pcie_ring_buf,
1903}; 2153};
1904 2154
1905/* 2155/*
diff --git a/drivers/net/wireless/mwifiex/pcie.h b/drivers/net/wireless/mwifiex/pcie.h
index 2f218f9a3fd3..37eeb2ca6b29 100644
--- a/drivers/net/wireless/mwifiex/pcie.h
+++ b/drivers/net/wireless/mwifiex/pcie.h
@@ -114,11 +114,12 @@ struct pcie_service_card {
114 struct pci_dev *dev; 114 struct pci_dev *dev;
115 struct mwifiex_adapter *adapter; 115 struct mwifiex_adapter *adapter;
116 116
117 u8 txbd_flush;
117 u32 txbd_wrptr; 118 u32 txbd_wrptr;
118 u32 txbd_rdptr; 119 u32 txbd_rdptr;
119 u32 txbd_ring_size; 120 u32 txbd_ring_size;
120 u8 *txbd_ring_vbase; 121 u8 *txbd_ring_vbase;
121 phys_addr_t txbd_ring_pbase; 122 dma_addr_t txbd_ring_pbase;
122 struct mwifiex_pcie_buf_desc *txbd_ring[MWIFIEX_MAX_TXRX_BD]; 123 struct mwifiex_pcie_buf_desc *txbd_ring[MWIFIEX_MAX_TXRX_BD];
123 struct sk_buff *tx_buf_list[MWIFIEX_MAX_TXRX_BD]; 124 struct sk_buff *tx_buf_list[MWIFIEX_MAX_TXRX_BD];
124 125
@@ -126,7 +127,7 @@ struct pcie_service_card {
126 u32 rxbd_rdptr; 127 u32 rxbd_rdptr;
127 u32 rxbd_ring_size; 128 u32 rxbd_ring_size;
128 u8 *rxbd_ring_vbase; 129 u8 *rxbd_ring_vbase;
129 phys_addr_t rxbd_ring_pbase; 130 dma_addr_t rxbd_ring_pbase;
130 struct mwifiex_pcie_buf_desc *rxbd_ring[MWIFIEX_MAX_TXRX_BD]; 131 struct mwifiex_pcie_buf_desc *rxbd_ring[MWIFIEX_MAX_TXRX_BD];
131 struct sk_buff *rx_buf_list[MWIFIEX_MAX_TXRX_BD]; 132 struct sk_buff *rx_buf_list[MWIFIEX_MAX_TXRX_BD];
132 133
@@ -134,15 +135,39 @@ struct pcie_service_card {
134 u32 evtbd_rdptr; 135 u32 evtbd_rdptr;
135 u32 evtbd_ring_size; 136 u32 evtbd_ring_size;
136 u8 *evtbd_ring_vbase; 137 u8 *evtbd_ring_vbase;
137 phys_addr_t evtbd_ring_pbase; 138 dma_addr_t evtbd_ring_pbase;
138 struct mwifiex_pcie_buf_desc *evtbd_ring[MWIFIEX_MAX_EVT_BD]; 139 struct mwifiex_pcie_buf_desc *evtbd_ring[MWIFIEX_MAX_EVT_BD];
139 struct sk_buff *evt_buf_list[MWIFIEX_MAX_EVT_BD]; 140 struct sk_buff *evt_buf_list[MWIFIEX_MAX_EVT_BD];
140 141
141 struct sk_buff *cmd_buf; 142 struct sk_buff *cmd_buf;
142 struct sk_buff *cmdrsp_buf; 143 struct sk_buff *cmdrsp_buf;
143 struct sk_buff *sleep_cookie; 144 u8 *sleep_cookie_vbase;
145 dma_addr_t sleep_cookie_pbase;
144 void __iomem *pci_mmap; 146 void __iomem *pci_mmap;
145 void __iomem *pci_mmap1; 147 void __iomem *pci_mmap1;
146}; 148};
147 149
150static inline int
151mwifiex_pcie_txbd_empty(struct pcie_service_card *card, u32 rdptr)
152{
153 if (((card->txbd_wrptr & MWIFIEX_TXBD_MASK) ==
154 (rdptr & MWIFIEX_TXBD_MASK)) &&
155 ((card->txbd_wrptr & MWIFIEX_BD_FLAG_ROLLOVER_IND) !=
156 (rdptr & MWIFIEX_BD_FLAG_ROLLOVER_IND)))
157 return 1;
158
159 return 0;
160}
161
162static inline int
163mwifiex_pcie_txbd_not_full(struct pcie_service_card *card)
164{
165 if (((card->txbd_wrptr & MWIFIEX_TXBD_MASK) !=
166 (card->txbd_rdptr & MWIFIEX_TXBD_MASK)) ||
167 ((card->txbd_wrptr & MWIFIEX_BD_FLAG_ROLLOVER_IND) !=
168 (card->txbd_rdptr & MWIFIEX_BD_FLAG_ROLLOVER_IND)))
169 return 1;
170
171 return 0;
172}
148#endif /* _MWIFIEX_PCIE_H */ 173#endif /* _MWIFIEX_PCIE_H */
diff --git a/drivers/net/wireless/mwifiex/sdio.c b/drivers/net/wireless/mwifiex/sdio.c
index 5a1c1d0e5599..e35b67a9e6a6 100644
--- a/drivers/net/wireless/mwifiex/sdio.c
+++ b/drivers/net/wireless/mwifiex/sdio.c
@@ -332,7 +332,7 @@ mwifiex_write_data_sync(struct mwifiex_adapter *adapter,
332 u8 *buffer, u32 pkt_len, u32 port) 332 u8 *buffer, u32 pkt_len, u32 port)
333{ 333{
334 struct sdio_mmc_card *card = adapter->card; 334 struct sdio_mmc_card *card = adapter->card;
335 int ret = -1; 335 int ret;
336 u8 blk_mode = 336 u8 blk_mode =
337 (port & MWIFIEX_SDIO_BYTE_MODE_MASK) ? BYTE_MODE : BLOCK_MODE; 337 (port & MWIFIEX_SDIO_BYTE_MODE_MASK) ? BYTE_MODE : BLOCK_MODE;
338 u32 blk_size = (blk_mode == BLOCK_MODE) ? MWIFIEX_SDIO_BLOCK_SIZE : 1; 338 u32 blk_size = (blk_mode == BLOCK_MODE) ? MWIFIEX_SDIO_BLOCK_SIZE : 1;
@@ -350,8 +350,7 @@ mwifiex_write_data_sync(struct mwifiex_adapter *adapter,
350 350
351 sdio_claim_host(card->func); 351 sdio_claim_host(card->func);
352 352
353 if (!sdio_writesb(card->func, ioport, buffer, blk_cnt * blk_size)) 353 ret = sdio_writesb(card->func, ioport, buffer, blk_cnt * blk_size);
354 ret = 0;
355 354
356 sdio_release_host(card->func); 355 sdio_release_host(card->func);
357 356
@@ -365,7 +364,7 @@ static int mwifiex_read_data_sync(struct mwifiex_adapter *adapter, u8 *buffer,
365 u32 len, u32 port, u8 claim) 364 u32 len, u32 port, u8 claim)
366{ 365{
367 struct sdio_mmc_card *card = adapter->card; 366 struct sdio_mmc_card *card = adapter->card;
368 int ret = -1; 367 int ret;
369 u8 blk_mode = (port & MWIFIEX_SDIO_BYTE_MODE_MASK) ? BYTE_MODE 368 u8 blk_mode = (port & MWIFIEX_SDIO_BYTE_MODE_MASK) ? BYTE_MODE
370 : BLOCK_MODE; 369 : BLOCK_MODE;
371 u32 blk_size = (blk_mode == BLOCK_MODE) ? MWIFIEX_SDIO_BLOCK_SIZE : 1; 370 u32 blk_size = (blk_mode == BLOCK_MODE) ? MWIFIEX_SDIO_BLOCK_SIZE : 1;
@@ -376,8 +375,7 @@ static int mwifiex_read_data_sync(struct mwifiex_adapter *adapter, u8 *buffer,
376 if (claim) 375 if (claim)
377 sdio_claim_host(card->func); 376 sdio_claim_host(card->func);
378 377
379 if (!sdio_readsb(card->func, buffer, ioport, blk_cnt * blk_size)) 378 ret = sdio_readsb(card->func, buffer, ioport, blk_cnt * blk_size);
380 ret = 0;
381 379
382 if (claim) 380 if (claim)
383 sdio_release_host(card->func); 381 sdio_release_host(card->func);
diff --git a/drivers/net/wireless/mwifiex/sta_cmd.c b/drivers/net/wireless/mwifiex/sta_cmd.c
index 5d87195390f8..c4607859d59d 100644
--- a/drivers/net/wireless/mwifiex/sta_cmd.c
+++ b/drivers/net/wireless/mwifiex/sta_cmd.c
@@ -931,7 +931,6 @@ mwifiex_cmd_pcie_host_spec(struct mwifiex_private *priv,
931 struct host_cmd_ds_pcie_details *host_spec = 931 struct host_cmd_ds_pcie_details *host_spec =
932 &cmd->params.pcie_host_spec; 932 &cmd->params.pcie_host_spec;
933 struct pcie_service_card *card = priv->adapter->card; 933 struct pcie_service_card *card = priv->adapter->card;
934 phys_addr_t *buf_pa;
935 934
936 cmd->command = cpu_to_le16(HostCmd_CMD_PCIE_DESC_DETAILS); 935 cmd->command = cpu_to_le16(HostCmd_CMD_PCIE_DESC_DETAILS);
937 cmd->size = cpu_to_le16(sizeof(struct 936 cmd->size = cpu_to_le16(sizeof(struct
@@ -953,10 +952,11 @@ mwifiex_cmd_pcie_host_spec(struct mwifiex_private *priv,
953 host_spec->evtbd_addr_lo = (u32)(card->evtbd_ring_pbase); 952 host_spec->evtbd_addr_lo = (u32)(card->evtbd_ring_pbase);
954 host_spec->evtbd_addr_hi = (u32)(((u64)card->evtbd_ring_pbase)>>32); 953 host_spec->evtbd_addr_hi = (u32)(((u64)card->evtbd_ring_pbase)>>32);
955 host_spec->evtbd_count = MWIFIEX_MAX_EVT_BD; 954 host_spec->evtbd_count = MWIFIEX_MAX_EVT_BD;
956 if (card->sleep_cookie) { 955 if (card->sleep_cookie_vbase) {
957 buf_pa = MWIFIEX_SKB_PACB(card->sleep_cookie); 956 host_spec->sleep_cookie_addr_lo =
958 host_spec->sleep_cookie_addr_lo = (u32) *buf_pa; 957 (u32)(card->sleep_cookie_pbase);
959 host_spec->sleep_cookie_addr_hi = (u32) (((u64)*buf_pa) >> 32); 958 host_spec->sleep_cookie_addr_hi =
959 (u32)(((u64)(card->sleep_cookie_pbase)) >> 32);
960 dev_dbg(priv->adapter->dev, "sleep_cook_lo phy addr: 0x%x\n", 960 dev_dbg(priv->adapter->dev, "sleep_cook_lo phy addr: 0x%x\n",
961 host_spec->sleep_cookie_addr_lo); 961 host_spec->sleep_cookie_addr_lo);
962 } 962 }
diff --git a/drivers/net/wireless/mwifiex/sta_ioctl.c b/drivers/net/wireless/mwifiex/sta_ioctl.c
index cb682561c438..f542bb8ccbc8 100644
--- a/drivers/net/wireless/mwifiex/sta_ioctl.c
+++ b/drivers/net/wireless/mwifiex/sta_ioctl.c
@@ -56,7 +56,6 @@ int mwifiex_copy_mcast_addr(struct mwifiex_multicast_list *mlist,
56 */ 56 */
57int mwifiex_wait_queue_complete(struct mwifiex_adapter *adapter) 57int mwifiex_wait_queue_complete(struct mwifiex_adapter *adapter)
58{ 58{
59 bool cancel_flag = false;
60 int status; 59 int status;
61 struct cmd_ctrl_node *cmd_queued; 60 struct cmd_ctrl_node *cmd_queued;
62 61
@@ -70,14 +69,11 @@ int mwifiex_wait_queue_complete(struct mwifiex_adapter *adapter)
70 atomic_inc(&adapter->cmd_pending); 69 atomic_inc(&adapter->cmd_pending);
71 70
72 /* Wait for completion */ 71 /* Wait for completion */
73 wait_event_interruptible(adapter->cmd_wait_q.wait, 72 status = wait_event_interruptible(adapter->cmd_wait_q.wait,
74 *(cmd_queued->condition)); 73 *(cmd_queued->condition));
75 if (!*(cmd_queued->condition)) 74 if (status) {
76 cancel_flag = true; 75 dev_err(adapter->dev, "cmd_wait_q terminated: %d\n", status);
77 76 return status;
78 if (cancel_flag) {
79 mwifiex_cancel_pending_ioctl(adapter);
80 dev_dbg(adapter->dev, "cmd cancel\n");
81 } 77 }
82 78
83 status = adapter->cmd_wait_q.status; 79 status = adapter->cmd_wait_q.status;
@@ -287,6 +283,20 @@ int mwifiex_bss_start(struct mwifiex_private *priv, struct cfg80211_bss *bss,
287 if (ret) 283 if (ret)
288 goto done; 284 goto done;
289 285
286 if (bss_desc) {
287 u8 config_bands = 0;
288
289 if (mwifiex_band_to_radio_type((u8) bss_desc->bss_band)
290 == HostCmd_SCAN_RADIO_TYPE_BG)
291 config_bands = BAND_B | BAND_G | BAND_GN;
292 else
293 config_bands = BAND_A | BAND_AN;
294
295 if (!((config_bands | adapter->fw_bands) &
296 ~adapter->fw_bands))
297 adapter->config_bands = config_bands;
298 }
299
290 ret = mwifiex_check_network_compatibility(priv, bss_desc); 300 ret = mwifiex_check_network_compatibility(priv, bss_desc);
291 if (ret) 301 if (ret)
292 goto done; 302 goto done;
@@ -496,8 +506,11 @@ int mwifiex_enable_hs(struct mwifiex_adapter *adapter)
496 return false; 506 return false;
497 } 507 }
498 508
499 wait_event_interruptible(adapter->hs_activate_wait_q, 509 if (wait_event_interruptible(adapter->hs_activate_wait_q,
500 adapter->hs_activate_wait_q_woken); 510 adapter->hs_activate_wait_q_woken)) {
511 dev_err(adapter->dev, "hs_activate_wait_q terminated\n");
512 return false;
513 }
501 514
502 return true; 515 return true;
503} 516}
diff --git a/drivers/net/wireless/mwifiex/txrx.c b/drivers/net/wireless/mwifiex/txrx.c
index 8c80024c30ff..296faec14365 100644
--- a/drivers/net/wireless/mwifiex/txrx.c
+++ b/drivers/net/wireless/mwifiex/txrx.c
@@ -117,14 +117,16 @@ int mwifiex_process_tx(struct mwifiex_private *priv, struct sk_buff *skb,
117 dev_dbg(adapter->dev, "data: -EBUSY is returned\n"); 117 dev_dbg(adapter->dev, "data: -EBUSY is returned\n");
118 break; 118 break;
119 case -1: 119 case -1:
120 adapter->data_sent = false; 120 if (adapter->iface_type != MWIFIEX_PCIE)
121 adapter->data_sent = false;
121 dev_err(adapter->dev, "mwifiex_write_data_async failed: 0x%X\n", 122 dev_err(adapter->dev, "mwifiex_write_data_async failed: 0x%X\n",
122 ret); 123 ret);
123 adapter->dbg.num_tx_host_to_card_failure++; 124 adapter->dbg.num_tx_host_to_card_failure++;
124 mwifiex_write_data_complete(adapter, skb, 0, ret); 125 mwifiex_write_data_complete(adapter, skb, 0, ret);
125 break; 126 break;
126 case -EINPROGRESS: 127 case -EINPROGRESS:
127 adapter->data_sent = false; 128 if (adapter->iface_type != MWIFIEX_PCIE)
129 adapter->data_sent = false;
128 break; 130 break;
129 case 0: 131 case 0:
130 mwifiex_write_data_complete(adapter, skb, 0, ret); 132 mwifiex_write_data_complete(adapter, skb, 0, ret);
diff --git a/drivers/net/wireless/mwifiex/uap_cmd.c b/drivers/net/wireless/mwifiex/uap_cmd.c
index 8dd72240f162..6e76a15a8950 100644
--- a/drivers/net/wireless/mwifiex/uap_cmd.c
+++ b/drivers/net/wireless/mwifiex/uap_cmd.c
@@ -219,6 +219,7 @@ void mwifiex_set_sys_config_invalid_data(struct mwifiex_uap_bss_param *config)
219 config->rts_threshold = 0x7FFF; 219 config->rts_threshold = 0x7FFF;
220 config->frag_threshold = 0x7FFF; 220 config->frag_threshold = 0x7FFF;
221 config->retry_limit = 0x7F; 221 config->retry_limit = 0x7F;
222 config->qos_info = 0xFF;
222} 223}
223 224
224/* This function parses BSS related parameters from structure 225/* This function parses BSS related parameters from structure
@@ -297,6 +298,38 @@ mwifiex_uap_bss_wpa(u8 **tlv_buf, void *cmd_buf, u16 *param_size)
297 return; 298 return;
298} 299}
299 300
301/* This function parses WMM related parameters from cfg80211_ap_settings
302 * structure and updates bss_config structure.
303 */
304void
305mwifiex_set_wmm_params(struct mwifiex_private *priv,
306 struct mwifiex_uap_bss_param *bss_cfg,
307 struct cfg80211_ap_settings *params)
308{
309 const u8 *vendor_ie;
310 struct ieee_types_header *wmm_ie;
311 u8 wmm_oui[] = {0x00, 0x50, 0xf2, 0x02};
312
313 vendor_ie = cfg80211_find_vendor_ie(WLAN_OUI_MICROSOFT,
314 WLAN_OUI_TYPE_MICROSOFT_WMM,
315 params->beacon.tail,
316 params->beacon.tail_len);
317 if (vendor_ie) {
318 wmm_ie = (struct ieee_types_header *)vendor_ie;
319 memcpy(&bss_cfg->wmm_info, wmm_ie + 1,
320 sizeof(bss_cfg->wmm_info));
321 priv->wmm_enabled = 1;
322 } else {
323 memset(&bss_cfg->wmm_info, 0, sizeof(bss_cfg->wmm_info));
324 memcpy(&bss_cfg->wmm_info.oui, wmm_oui, sizeof(wmm_oui));
325 bss_cfg->wmm_info.subtype = MWIFIEX_WMM_SUBTYPE;
326 bss_cfg->wmm_info.version = MWIFIEX_WMM_VERSION;
327 priv->wmm_enabled = 0;
328 }
329
330 bss_cfg->qos_info = 0x00;
331 return;
332}
300/* This function parses BSS related parameters from structure 333/* This function parses BSS related parameters from structure
301 * and prepares TLVs specific to WEP encryption. 334 * and prepares TLVs specific to WEP encryption.
302 * These TLVs are appended to command buffer. 335 * These TLVs are appended to command buffer.
@@ -354,6 +387,7 @@ mwifiex_uap_bss_param_prepare(u8 *tlv, void *cmd_buf, u16 *param_size)
354 struct host_cmd_tlv_rates *tlv_rates; 387 struct host_cmd_tlv_rates *tlv_rates;
355 struct host_cmd_tlv_ageout_timer *ao_timer, *ps_ao_timer; 388 struct host_cmd_tlv_ageout_timer *ao_timer, *ps_ao_timer;
356 struct mwifiex_ie_types_htcap *htcap; 389 struct mwifiex_ie_types_htcap *htcap;
390 struct mwifiex_ie_types_wmmcap *wmm_cap;
357 struct mwifiex_uap_bss_param *bss_cfg = cmd_buf; 391 struct mwifiex_uap_bss_param *bss_cfg = cmd_buf;
358 int i; 392 int i;
359 u16 cmd_size = *param_size; 393 u16 cmd_size = *param_size;
@@ -507,6 +541,16 @@ mwifiex_uap_bss_param_prepare(u8 *tlv, void *cmd_buf, u16 *param_size)
507 tlv += sizeof(struct mwifiex_ie_types_htcap); 541 tlv += sizeof(struct mwifiex_ie_types_htcap);
508 } 542 }
509 543
544 if (bss_cfg->wmm_info.qos_info != 0xFF) {
545 wmm_cap = (struct mwifiex_ie_types_wmmcap *)tlv;
546 wmm_cap->header.type = cpu_to_le16(WLAN_EID_VENDOR_SPECIFIC);
547 wmm_cap->header.len = cpu_to_le16(sizeof(wmm_cap->wmm_info));
548 memcpy(&wmm_cap->wmm_info, &bss_cfg->wmm_info,
549 sizeof(wmm_cap->wmm_info));
550 cmd_size += sizeof(struct mwifiex_ie_types_wmmcap);
551 tlv += sizeof(struct mwifiex_ie_types_wmmcap);
552 }
553
510 if (bss_cfg->sta_ao_timer) { 554 if (bss_cfg->sta_ao_timer) {
511 ao_timer = (struct host_cmd_tlv_ageout_timer *)tlv; 555 ao_timer = (struct host_cmd_tlv_ageout_timer *)tlv;
512 ao_timer->tlv.type = cpu_to_le16(TLV_TYPE_UAP_AO_TIMER); 556 ao_timer->tlv.type = cpu_to_le16(TLV_TYPE_UAP_AO_TIMER);
diff --git a/drivers/net/wireless/mwifiex/usb.c b/drivers/net/wireless/mwifiex/usb.c
index 63ac9f2d11ae..f90fe21e5bfd 100644
--- a/drivers/net/wireless/mwifiex/usb.c
+++ b/drivers/net/wireless/mwifiex/usb.c
@@ -672,7 +672,7 @@ static int mwifiex_write_data_sync(struct mwifiex_adapter *adapter, u8 *pbuf,
672 *len, &actual_length, timeout); 672 *len, &actual_length, timeout);
673 if (ret) { 673 if (ret) {
674 dev_err(adapter->dev, "usb_bulk_msg for tx failed: %d\n", ret); 674 dev_err(adapter->dev, "usb_bulk_msg for tx failed: %d\n", ret);
675 ret = -1; 675 return ret;
676 } 676 }
677 677
678 *len = actual_length; 678 *len = actual_length;
@@ -691,7 +691,7 @@ static int mwifiex_read_data_sync(struct mwifiex_adapter *adapter, u8 *pbuf,
691 *len, &actual_length, timeout); 691 *len, &actual_length, timeout);
692 if (ret) { 692 if (ret) {
693 dev_err(adapter->dev, "usb_bulk_msg for rx failed: %d\n", ret); 693 dev_err(adapter->dev, "usb_bulk_msg for rx failed: %d\n", ret);
694 ret = -1; 694 return ret;
695 } 695 }
696 696
697 *len = actual_length; 697 *len = actual_length;
@@ -786,21 +786,6 @@ static int mwifiex_register_dev(struct mwifiex_adapter *adapter)
786 return 0; 786 return 0;
787} 787}
788 788
789/* This function reads one block of firmware data. */
790static int mwifiex_get_fw_data(struct mwifiex_adapter *adapter,
791 u32 offset, u32 len, u8 *buf)
792{
793 if (!buf || !len)
794 return -1;
795
796 if (offset + len > adapter->firmware->size)
797 return -1;
798
799 memcpy(buf, adapter->firmware->data + offset, len);
800
801 return 0;
802}
803
804static int mwifiex_prog_fw_w_helper(struct mwifiex_adapter *adapter, 789static int mwifiex_prog_fw_w_helper(struct mwifiex_adapter *adapter,
805 struct mwifiex_fw_image *fw) 790 struct mwifiex_fw_image *fw)
806{ 791{
@@ -836,23 +821,14 @@ static int mwifiex_prog_fw_w_helper(struct mwifiex_adapter *adapter,
836 dlen = 0; 821 dlen = 0;
837 } else { 822 } else {
838 /* copy the header of the fw_data to get the length */ 823 /* copy the header of the fw_data to get the length */
839 if (firmware) 824 memcpy(&fwdata->fw_hdr, &firmware[tlen],
840 memcpy(&fwdata->fw_hdr, &firmware[tlen], 825 sizeof(struct fw_header));
841 sizeof(struct fw_header));
842 else
843 mwifiex_get_fw_data(adapter, tlen,
844 sizeof(struct fw_header),
845 (u8 *)&fwdata->fw_hdr);
846 826
847 dlen = le32_to_cpu(fwdata->fw_hdr.data_len); 827 dlen = le32_to_cpu(fwdata->fw_hdr.data_len);
848 dnld_cmd = le32_to_cpu(fwdata->fw_hdr.dnld_cmd); 828 dnld_cmd = le32_to_cpu(fwdata->fw_hdr.dnld_cmd);
849 tlen += sizeof(struct fw_header); 829 tlen += sizeof(struct fw_header);
850 830
851 if (firmware) 831 memcpy(fwdata->data, &firmware[tlen], dlen);
852 memcpy(fwdata->data, &firmware[tlen], dlen);
853 else
854 mwifiex_get_fw_data(adapter, tlen, dlen,
855 (u8 *)fwdata->data);
856 832
857 fwdata->seq_num = cpu_to_le32(fw_seqnum); 833 fwdata->seq_num = cpu_to_le32(fw_seqnum);
858 tlen += dlen; 834 tlen += dlen;
diff --git a/drivers/net/wireless/mwifiex/util.h b/drivers/net/wireless/mwifiex/util.h
index f6d36b9654a0..cb2d0582bd36 100644
--- a/drivers/net/wireless/mwifiex/util.h
+++ b/drivers/net/wireless/mwifiex/util.h
@@ -22,16 +22,16 @@
22 22
23static inline struct mwifiex_rxinfo *MWIFIEX_SKB_RXCB(struct sk_buff *skb) 23static inline struct mwifiex_rxinfo *MWIFIEX_SKB_RXCB(struct sk_buff *skb)
24{ 24{
25 return (struct mwifiex_rxinfo *)(skb->cb + sizeof(phys_addr_t)); 25 return (struct mwifiex_rxinfo *)(skb->cb + sizeof(dma_addr_t));
26} 26}
27 27
28static inline struct mwifiex_txinfo *MWIFIEX_SKB_TXCB(struct sk_buff *skb) 28static inline struct mwifiex_txinfo *MWIFIEX_SKB_TXCB(struct sk_buff *skb)
29{ 29{
30 return (struct mwifiex_txinfo *)(skb->cb + sizeof(phys_addr_t)); 30 return (struct mwifiex_txinfo *)(skb->cb + sizeof(dma_addr_t));
31} 31}
32 32
33static inline phys_addr_t *MWIFIEX_SKB_PACB(struct sk_buff *skb) 33static inline void MWIFIEX_SKB_PACB(struct sk_buff *skb, dma_addr_t *buf_pa)
34{ 34{
35 return (phys_addr_t *)skb->cb; 35 memcpy(buf_pa, skb->cb, sizeof(dma_addr_t));
36} 36}
37#endif /* !_MWIFIEX_UTIL_H_ */ 37#endif /* !_MWIFIEX_UTIL_H_ */
diff --git a/drivers/net/wireless/mwifiex/wmm.c b/drivers/net/wireless/mwifiex/wmm.c
index 818f871ae987..135d96df2063 100644
--- a/drivers/net/wireless/mwifiex/wmm.c
+++ b/drivers/net/wireless/mwifiex/wmm.c
@@ -568,6 +568,8 @@ mwifiex_clean_txrx(struct mwifiex_private *priv)
568 mwifiex_wmm_delete_all_ralist(priv); 568 mwifiex_wmm_delete_all_ralist(priv);
569 memcpy(tos_to_tid, ac_to_tid, sizeof(tos_to_tid)); 569 memcpy(tos_to_tid, ac_to_tid, sizeof(tos_to_tid));
570 570
571 if (priv->adapter->if_ops.clean_pcie_ring)
572 priv->adapter->if_ops.clean_pcie_ring(priv->adapter);
571 spin_unlock_irqrestore(&priv->wmm.ra_list_spinlock, flags); 573 spin_unlock_irqrestore(&priv->wmm.ra_list_spinlock, flags);
572} 574}
573 575
@@ -1206,13 +1208,15 @@ mwifiex_send_processed_packet(struct mwifiex_private *priv,
1206 ra_list_flags); 1208 ra_list_flags);
1207 break; 1209 break;
1208 case -1: 1210 case -1:
1209 adapter->data_sent = false; 1211 if (adapter->iface_type != MWIFIEX_PCIE)
1212 adapter->data_sent = false;
1210 dev_err(adapter->dev, "host_to_card failed: %#x\n", ret); 1213 dev_err(adapter->dev, "host_to_card failed: %#x\n", ret);
1211 adapter->dbg.num_tx_host_to_card_failure++; 1214 adapter->dbg.num_tx_host_to_card_failure++;
1212 mwifiex_write_data_complete(adapter, skb, 0, ret); 1215 mwifiex_write_data_complete(adapter, skb, 0, ret);
1213 break; 1216 break;
1214 case -EINPROGRESS: 1217 case -EINPROGRESS:
1215 adapter->data_sent = false; 1218 if (adapter->iface_type != MWIFIEX_PCIE)
1219 adapter->data_sent = false;
1216 default: 1220 default:
1217 break; 1221 break;
1218 } 1222 }
diff --git a/drivers/net/wireless/mwl8k.c b/drivers/net/wireless/mwl8k.c
index f221b95b90b3..2031130d860b 100644
--- a/drivers/net/wireless/mwl8k.c
+++ b/drivers/net/wireless/mwl8k.c
@@ -101,6 +101,18 @@ MODULE_PARM_DESC(ap_mode_default,
101#define MWL8K_MAX_TX_QUEUES (MWL8K_TX_WMM_QUEUES + MWL8K_MAX_AMPDU_QUEUES) 101#define MWL8K_MAX_TX_QUEUES (MWL8K_TX_WMM_QUEUES + MWL8K_MAX_AMPDU_QUEUES)
102#define mwl8k_tx_queues(priv) (MWL8K_TX_WMM_QUEUES + (priv)->num_ampdu_queues) 102#define mwl8k_tx_queues(priv) (MWL8K_TX_WMM_QUEUES + (priv)->num_ampdu_queues)
103 103
104/* txpriorities are mapped with hw queues.
105 * Each hw queue has a txpriority.
106 */
107#define TOTAL_HW_TX_QUEUES 8
108
109/* Each HW queue can have one AMPDU stream.
110 * But, because one of the hw queue is reserved,
111 * maximum AMPDU queues that can be created are
112 * one short of total tx queues.
113 */
114#define MWL8K_NUM_AMPDU_STREAMS (TOTAL_HW_TX_QUEUES - 1)
115
104struct rxd_ops { 116struct rxd_ops {
105 int rxd_size; 117 int rxd_size;
106 void (*rxd_init)(void *rxd, dma_addr_t next_dma_addr); 118 void (*rxd_init)(void *rxd, dma_addr_t next_dma_addr);
@@ -160,7 +172,6 @@ struct mwl8k_ampdu_stream {
160 u8 tid; 172 u8 tid;
161 u8 state; 173 u8 state;
162 u8 idx; 174 u8 idx;
163 u8 txq_idx; /* index of this stream in priv->txq */
164}; 175};
165 176
166struct mwl8k_priv { 177struct mwl8k_priv {
@@ -202,6 +213,8 @@ struct mwl8k_priv {
202 int fw_mutex_depth; 213 int fw_mutex_depth;
203 struct completion *hostcmd_wait; 214 struct completion *hostcmd_wait;
204 215
216 atomic_t watchdog_event_pending;
217
205 /* lock held over TX and TX reap */ 218 /* lock held over TX and TX reap */
206 spinlock_t tx_lock; 219 spinlock_t tx_lock;
207 220
@@ -272,6 +285,9 @@ struct mwl8k_priv {
272 char *fw_pref; 285 char *fw_pref;
273 char *fw_alt; 286 char *fw_alt;
274 struct completion firmware_loading_complete; 287 struct completion firmware_loading_complete;
288
289 /* bitmap of running BSSes */
290 u32 running_bsses;
275}; 291};
276 292
277#define MAX_WEP_KEY_LEN 13 293#define MAX_WEP_KEY_LEN 13
@@ -1516,6 +1532,9 @@ static int mwl8k_tx_wait_empty(struct ieee80211_hw *hw)
1516 return -EBUSY; 1532 return -EBUSY;
1517 } 1533 }
1518 1534
1535 if (atomic_read(&priv->watchdog_event_pending))
1536 return 0;
1537
1519 /* 1538 /*
1520 * The TX queues are stopped at this point, so this test 1539 * The TX queues are stopped at this point, so this test
1521 * doesn't need to take ->tx_lock. 1540 * doesn't need to take ->tx_lock.
@@ -1537,6 +1556,14 @@ static int mwl8k_tx_wait_empty(struct ieee80211_hw *hw)
1537 spin_unlock_bh(&priv->tx_lock); 1556 spin_unlock_bh(&priv->tx_lock);
1538 timeout = wait_for_completion_timeout(&tx_wait, 1557 timeout = wait_for_completion_timeout(&tx_wait,
1539 msecs_to_jiffies(MWL8K_TX_WAIT_TIMEOUT_MS)); 1558 msecs_to_jiffies(MWL8K_TX_WAIT_TIMEOUT_MS));
1559
1560 if (atomic_read(&priv->watchdog_event_pending)) {
1561 spin_lock_bh(&priv->tx_lock);
1562 priv->tx_wait = NULL;
1563 spin_unlock_bh(&priv->tx_lock);
1564 return 0;
1565 }
1566
1540 spin_lock_bh(&priv->tx_lock); 1567 spin_lock_bh(&priv->tx_lock);
1541 1568
1542 if (timeout) { 1569 if (timeout) {
@@ -1564,6 +1591,7 @@ static int mwl8k_tx_wait_empty(struct ieee80211_hw *hw)
1564 1591
1565 rc = -ETIMEDOUT; 1592 rc = -ETIMEDOUT;
1566 } 1593 }
1594 priv->tx_wait = NULL;
1567 spin_unlock_bh(&priv->tx_lock); 1595 spin_unlock_bh(&priv->tx_lock);
1568 1596
1569 return rc; 1597 return rc;
@@ -1734,14 +1762,13 @@ mwl8k_add_stream(struct ieee80211_hw *hw, struct ieee80211_sta *sta, u8 tid)
1734 struct mwl8k_priv *priv = hw->priv; 1762 struct mwl8k_priv *priv = hw->priv;
1735 int i; 1763 int i;
1736 1764
1737 for (i = 0; i < priv->num_ampdu_queues; i++) { 1765 for (i = 0; i < MWL8K_NUM_AMPDU_STREAMS; i++) {
1738 stream = &priv->ampdu[i]; 1766 stream = &priv->ampdu[i];
1739 if (stream->state == AMPDU_NO_STREAM) { 1767 if (stream->state == AMPDU_NO_STREAM) {
1740 stream->sta = sta; 1768 stream->sta = sta;
1741 stream->state = AMPDU_STREAM_NEW; 1769 stream->state = AMPDU_STREAM_NEW;
1742 stream->tid = tid; 1770 stream->tid = tid;
1743 stream->idx = i; 1771 stream->idx = i;
1744 stream->txq_idx = MWL8K_TX_WMM_QUEUES + i;
1745 wiphy_debug(hw->wiphy, "Added a new stream for %pM %d", 1772 wiphy_debug(hw->wiphy, "Added a new stream for %pM %d",
1746 sta->addr, tid); 1773 sta->addr, tid);
1747 return stream; 1774 return stream;
@@ -1782,7 +1809,7 @@ mwl8k_lookup_stream(struct ieee80211_hw *hw, u8 *addr, u8 tid)
1782 struct mwl8k_priv *priv = hw->priv; 1809 struct mwl8k_priv *priv = hw->priv;
1783 int i; 1810 int i;
1784 1811
1785 for (i = 0 ; i < priv->num_ampdu_queues; i++) { 1812 for (i = 0; i < MWL8K_NUM_AMPDU_STREAMS; i++) {
1786 struct mwl8k_ampdu_stream *stream; 1813 struct mwl8k_ampdu_stream *stream;
1787 stream = &priv->ampdu[i]; 1814 stream = &priv->ampdu[i];
1788 if (stream->state == AMPDU_NO_STREAM) 1815 if (stream->state == AMPDU_NO_STREAM)
@@ -1829,6 +1856,13 @@ static inline void mwl8k_tx_count_packet(struct ieee80211_sta *sta, u8 tid)
1829 tx_stats->pkts++; 1856 tx_stats->pkts++;
1830} 1857}
1831 1858
1859/* The hardware ampdu queues start from 5.
1860 * txpriorities for ampdu queues are
1861 * 5 6 7 0 1 2 3 4 ie., queue 5 is highest
1862 * and queue 3 is lowest (queue 4 is reserved)
1863 */
1864#define BA_QUEUE 5
1865
1832static void 1866static void
1833mwl8k_txq_xmit(struct ieee80211_hw *hw, 1867mwl8k_txq_xmit(struct ieee80211_hw *hw,
1834 int index, 1868 int index,
@@ -1928,8 +1962,13 @@ mwl8k_txq_xmit(struct ieee80211_hw *hw,
1928 stream = mwl8k_lookup_stream(hw, sta->addr, tid); 1962 stream = mwl8k_lookup_stream(hw, sta->addr, tid);
1929 if (stream != NULL) { 1963 if (stream != NULL) {
1930 if (stream->state == AMPDU_STREAM_ACTIVE) { 1964 if (stream->state == AMPDU_STREAM_ACTIVE) {
1931 txpriority = stream->txq_idx; 1965 WARN_ON(!(qos & MWL8K_QOS_ACK_POLICY_BLOCKACK));
1932 index = stream->txq_idx; 1966 txpriority = (BA_QUEUE + stream->idx) %
1967 TOTAL_HW_TX_QUEUES;
1968 if (stream->idx <= 1)
1969 index = stream->idx +
1970 MWL8K_TX_WMM_QUEUES;
1971
1933 } else if (stream->state == AMPDU_STREAM_NEW) { 1972 } else if (stream->state == AMPDU_STREAM_NEW) {
1934 /* We get here if the driver sends us packets 1973 /* We get here if the driver sends us packets
1935 * after we've initiated a stream, but before 1974 * after we've initiated a stream, but before
@@ -1971,6 +2010,9 @@ mwl8k_txq_xmit(struct ieee80211_hw *hw,
1971 } 2010 }
1972 } 2011 }
1973 spin_unlock(&priv->stream_lock); 2012 spin_unlock(&priv->stream_lock);
2013 } else {
2014 qos &= ~MWL8K_QOS_ACK_POLICY_MASK;
2015 qos |= MWL8K_QOS_ACK_POLICY_NORMAL;
1974 } 2016 }
1975 2017
1976 dma = pci_map_single(priv->pdev, skb->data, 2018 dma = pci_map_single(priv->pdev, skb->data,
@@ -2117,6 +2159,8 @@ static void mwl8k_fw_unlock(struct ieee80211_hw *hw)
2117 } 2159 }
2118} 2160}
2119 2161
2162static void mwl8k_enable_bsses(struct ieee80211_hw *hw, bool enable,
2163 u32 bitmap);
2120 2164
2121/* 2165/*
2122 * Command processing. 2166 * Command processing.
@@ -2135,6 +2179,34 @@ static int mwl8k_post_cmd(struct ieee80211_hw *hw, struct mwl8k_cmd_pkt *cmd)
2135 int rc; 2179 int rc;
2136 unsigned long timeout = 0; 2180 unsigned long timeout = 0;
2137 u8 buf[32]; 2181 u8 buf[32];
2182 u32 bitmap = 0;
2183
2184 wiphy_dbg(hw->wiphy, "Posting %s [%d]\n",
2185 mwl8k_cmd_name(cmd->code, buf, sizeof(buf)), cmd->macid);
2186
2187 /* Before posting firmware commands that could change the hardware
2188 * characteristics, make sure that all BSSes are stopped temporary.
2189 * Enable these stopped BSSes after completion of the commands
2190 */
2191
2192 rc = mwl8k_fw_lock(hw);
2193 if (rc)
2194 return rc;
2195
2196 if (priv->ap_fw && priv->running_bsses) {
2197 switch (le16_to_cpu(cmd->code)) {
2198 case MWL8K_CMD_SET_RF_CHANNEL:
2199 case MWL8K_CMD_RADIO_CONTROL:
2200 case MWL8K_CMD_RF_TX_POWER:
2201 case MWL8K_CMD_TX_POWER:
2202 case MWL8K_CMD_RF_ANTENNA:
2203 case MWL8K_CMD_RTS_THRESHOLD:
2204 case MWL8K_CMD_MIMO_CONFIG:
2205 bitmap = priv->running_bsses;
2206 mwl8k_enable_bsses(hw, false, bitmap);
2207 break;
2208 }
2209 }
2138 2210
2139 cmd->result = (__force __le16) 0xffff; 2211 cmd->result = (__force __le16) 0xffff;
2140 dma_size = le16_to_cpu(cmd->length); 2212 dma_size = le16_to_cpu(cmd->length);
@@ -2143,13 +2215,6 @@ static int mwl8k_post_cmd(struct ieee80211_hw *hw, struct mwl8k_cmd_pkt *cmd)
2143 if (pci_dma_mapping_error(priv->pdev, dma_addr)) 2215 if (pci_dma_mapping_error(priv->pdev, dma_addr))
2144 return -ENOMEM; 2216 return -ENOMEM;
2145 2217
2146 rc = mwl8k_fw_lock(hw);
2147 if (rc) {
2148 pci_unmap_single(priv->pdev, dma_addr, dma_size,
2149 PCI_DMA_BIDIRECTIONAL);
2150 return rc;
2151 }
2152
2153 priv->hostcmd_wait = &cmd_wait; 2218 priv->hostcmd_wait = &cmd_wait;
2154 iowrite32(dma_addr, regs + MWL8K_HIU_GEN_PTR); 2219 iowrite32(dma_addr, regs + MWL8K_HIU_GEN_PTR);
2155 iowrite32(MWL8K_H2A_INT_DOORBELL, 2220 iowrite32(MWL8K_H2A_INT_DOORBELL,
@@ -2162,7 +2227,6 @@ static int mwl8k_post_cmd(struct ieee80211_hw *hw, struct mwl8k_cmd_pkt *cmd)
2162 2227
2163 priv->hostcmd_wait = NULL; 2228 priv->hostcmd_wait = NULL;
2164 2229
2165 mwl8k_fw_unlock(hw);
2166 2230
2167 pci_unmap_single(priv->pdev, dma_addr, dma_size, 2231 pci_unmap_single(priv->pdev, dma_addr, dma_size,
2168 PCI_DMA_BIDIRECTIONAL); 2232 PCI_DMA_BIDIRECTIONAL);
@@ -2189,6 +2253,11 @@ static int mwl8k_post_cmd(struct ieee80211_hw *hw, struct mwl8k_cmd_pkt *cmd)
2189 ms); 2253 ms);
2190 } 2254 }
2191 2255
2256 if (bitmap)
2257 mwl8k_enable_bsses(hw, true, bitmap);
2258
2259 mwl8k_fw_unlock(hw);
2260
2192 return rc; 2261 return rc;
2193} 2262}
2194 2263
@@ -2450,7 +2519,7 @@ static int mwl8k_cmd_get_hw_spec_ap(struct ieee80211_hw *hw)
2450 priv->hw_rev = cmd->hw_rev; 2519 priv->hw_rev = cmd->hw_rev;
2451 mwl8k_set_caps(hw, le32_to_cpu(cmd->caps)); 2520 mwl8k_set_caps(hw, le32_to_cpu(cmd->caps));
2452 priv->ap_macids_supported = 0x000000ff; 2521 priv->ap_macids_supported = 0x000000ff;
2453 priv->sta_macids_supported = 0x00000000; 2522 priv->sta_macids_supported = 0x00000100;
2454 priv->num_ampdu_queues = le32_to_cpu(cmd->num_of_ampdu_queues); 2523 priv->num_ampdu_queues = le32_to_cpu(cmd->num_of_ampdu_queues);
2455 if (priv->num_ampdu_queues > MWL8K_MAX_AMPDU_QUEUES) { 2524 if (priv->num_ampdu_queues > MWL8K_MAX_AMPDU_QUEUES) {
2456 wiphy_warn(hw->wiphy, "fw reported %d ampdu queues" 2525 wiphy_warn(hw->wiphy, "fw reported %d ampdu queues"
@@ -3469,7 +3538,10 @@ static int mwl8k_cmd_update_mac_addr(struct ieee80211_hw *hw,
3469 mac_type = MWL8K_MAC_TYPE_PRIMARY_AP; 3538 mac_type = MWL8K_MAC_TYPE_PRIMARY_AP;
3470 if (vif != NULL && vif->type == NL80211_IFTYPE_STATION) { 3539 if (vif != NULL && vif->type == NL80211_IFTYPE_STATION) {
3471 if (mwl8k_vif->macid + 1 == ffs(priv->sta_macids_supported)) 3540 if (mwl8k_vif->macid + 1 == ffs(priv->sta_macids_supported))
3472 mac_type = MWL8K_MAC_TYPE_PRIMARY_CLIENT; 3541 if (priv->ap_fw)
3542 mac_type = MWL8K_MAC_TYPE_SECONDARY_CLIENT;
3543 else
3544 mac_type = MWL8K_MAC_TYPE_PRIMARY_CLIENT;
3473 else 3545 else
3474 mac_type = MWL8K_MAC_TYPE_SECONDARY_CLIENT; 3546 mac_type = MWL8K_MAC_TYPE_SECONDARY_CLIENT;
3475 } else if (vif != NULL && vif->type == NL80211_IFTYPE_AP) { 3547 } else if (vif != NULL && vif->type == NL80211_IFTYPE_AP) {
@@ -3578,7 +3650,11 @@ static int mwl8k_cmd_get_watchdog_bitmap(struct ieee80211_hw *hw, u8 *bitmap)
3578 return rc; 3650 return rc;
3579} 3651}
3580 3652
3581#define INVALID_BA 0xAA 3653#define MWL8K_WMM_QUEUE_NUMBER 3
3654
3655static void mwl8k_destroy_ba(struct ieee80211_hw *hw,
3656 u8 idx);
3657
3582static void mwl8k_watchdog_ba_events(struct work_struct *work) 3658static void mwl8k_watchdog_ba_events(struct work_struct *work)
3583{ 3659{
3584 int rc; 3660 int rc;
@@ -3586,24 +3662,41 @@ static void mwl8k_watchdog_ba_events(struct work_struct *work)
3586 struct mwl8k_ampdu_stream *streams; 3662 struct mwl8k_ampdu_stream *streams;
3587 struct mwl8k_priv *priv = 3663 struct mwl8k_priv *priv =
3588 container_of(work, struct mwl8k_priv, watchdog_ba_handle); 3664 container_of(work, struct mwl8k_priv, watchdog_ba_handle);
3665 struct ieee80211_hw *hw = priv->hw;
3666 int i;
3667 u32 status = 0;
3668
3669 mwl8k_fw_lock(hw);
3589 3670
3590 rc = mwl8k_cmd_get_watchdog_bitmap(priv->hw, &bitmap); 3671 rc = mwl8k_cmd_get_watchdog_bitmap(priv->hw, &bitmap);
3591 if (rc) 3672 if (rc)
3592 return; 3673 goto done;
3593 3674
3594 if (bitmap == INVALID_BA) 3675 spin_lock(&priv->stream_lock);
3595 return;
3596 3676
3597 /* the bitmap is the hw queue number. Map it to the ampdu queue. */ 3677 /* the bitmap is the hw queue number. Map it to the ampdu queue. */
3598 stream_index = bitmap - MWL8K_TX_WMM_QUEUES; 3678 for (i = 0; i < TOTAL_HW_TX_QUEUES; i++) {
3599 3679 if (bitmap & (1 << i)) {
3600 BUG_ON(stream_index >= priv->num_ampdu_queues); 3680 stream_index = (i + MWL8K_WMM_QUEUE_NUMBER) %
3601 3681 TOTAL_HW_TX_QUEUES;
3602 streams = &priv->ampdu[stream_index]; 3682 streams = &priv->ampdu[stream_index];
3603 3683 if (streams->state == AMPDU_STREAM_ACTIVE) {
3604 if (streams->state == AMPDU_STREAM_ACTIVE) 3684 ieee80211_stop_tx_ba_session(streams->sta,
3605 ieee80211_stop_tx_ba_session(streams->sta, streams->tid); 3685 streams->tid);
3686 spin_unlock(&priv->stream_lock);
3687 mwl8k_destroy_ba(hw, stream_index);
3688 spin_lock(&priv->stream_lock);
3689 }
3690 }
3691 }
3606 3692
3693 spin_unlock(&priv->stream_lock);
3694done:
3695 atomic_dec(&priv->watchdog_event_pending);
3696 status = ioread32(priv->regs + MWL8K_HIU_A2H_INTERRUPT_STATUS_MASK);
3697 iowrite32((status | MWL8K_A2H_INT_BA_WATCHDOG),
3698 priv->regs + MWL8K_HIU_A2H_INTERRUPT_STATUS_MASK);
3699 mwl8k_fw_unlock(hw);
3607 return; 3700 return;
3608} 3701}
3609 3702
@@ -3620,8 +3713,16 @@ static int mwl8k_cmd_bss_start(struct ieee80211_hw *hw,
3620 struct ieee80211_vif *vif, int enable) 3713 struct ieee80211_vif *vif, int enable)
3621{ 3714{
3622 struct mwl8k_cmd_bss_start *cmd; 3715 struct mwl8k_cmd_bss_start *cmd;
3716 struct mwl8k_vif *mwl8k_vif = MWL8K_VIF(vif);
3717 struct mwl8k_priv *priv = hw->priv;
3623 int rc; 3718 int rc;
3624 3719
3720 if (enable && (priv->running_bsses & (1 << mwl8k_vif->macid)))
3721 return 0;
3722
3723 if (!enable && !(priv->running_bsses & (1 << mwl8k_vif->macid)))
3724 return 0;
3725
3625 cmd = kzalloc(sizeof(*cmd), GFP_KERNEL); 3726 cmd = kzalloc(sizeof(*cmd), GFP_KERNEL);
3626 if (cmd == NULL) 3727 if (cmd == NULL)
3627 return -ENOMEM; 3728 return -ENOMEM;
@@ -3633,9 +3734,31 @@ static int mwl8k_cmd_bss_start(struct ieee80211_hw *hw,
3633 rc = mwl8k_post_pervif_cmd(hw, vif, &cmd->header); 3734 rc = mwl8k_post_pervif_cmd(hw, vif, &cmd->header);
3634 kfree(cmd); 3735 kfree(cmd);
3635 3736
3737 if (!rc) {
3738 if (enable)
3739 priv->running_bsses |= (1 << mwl8k_vif->macid);
3740 else
3741 priv->running_bsses &= ~(1 << mwl8k_vif->macid);
3742 }
3636 return rc; 3743 return rc;
3637} 3744}
3638 3745
3746static void mwl8k_enable_bsses(struct ieee80211_hw *hw, bool enable, u32 bitmap)
3747{
3748 struct mwl8k_priv *priv = hw->priv;
3749 struct mwl8k_vif *mwl8k_vif, *tmp_vif;
3750 struct ieee80211_vif *vif;
3751
3752 list_for_each_entry_safe(mwl8k_vif, tmp_vif, &priv->vif_list, list) {
3753 vif = mwl8k_vif->vif;
3754
3755 if (!(bitmap & (1 << mwl8k_vif->macid)))
3756 continue;
3757
3758 if (vif->type == NL80211_IFTYPE_AP)
3759 mwl8k_cmd_bss_start(hw, vif, enable);
3760 }
3761}
3639/* 3762/*
3640 * CMD_BASTREAM. 3763 * CMD_BASTREAM.
3641 */ 3764 */
@@ -3763,7 +3886,7 @@ mwl8k_create_ba(struct ieee80211_hw *hw, struct mwl8k_ampdu_stream *stream,
3763} 3886}
3764 3887
3765static void mwl8k_destroy_ba(struct ieee80211_hw *hw, 3888static void mwl8k_destroy_ba(struct ieee80211_hw *hw,
3766 struct mwl8k_ampdu_stream *stream) 3889 u8 idx)
3767{ 3890{
3768 struct mwl8k_cmd_bastream *cmd; 3891 struct mwl8k_cmd_bastream *cmd;
3769 3892
@@ -3775,10 +3898,10 @@ static void mwl8k_destroy_ba(struct ieee80211_hw *hw,
3775 cmd->header.length = cpu_to_le16(sizeof(*cmd)); 3898 cmd->header.length = cpu_to_le16(sizeof(*cmd));
3776 cmd->action = cpu_to_le32(MWL8K_BA_DESTROY); 3899 cmd->action = cpu_to_le32(MWL8K_BA_DESTROY);
3777 3900
3778 cmd->destroy_params.ba_context = cpu_to_le32(stream->idx); 3901 cmd->destroy_params.ba_context = cpu_to_le32(idx);
3779 mwl8k_post_cmd(hw, &cmd->header); 3902 mwl8k_post_cmd(hw, &cmd->header);
3780 3903
3781 wiphy_debug(hw->wiphy, "Deleted BA stream index %d\n", stream->idx); 3904 wiphy_debug(hw->wiphy, "Deleted BA stream index %d\n", idx);
3782 3905
3783 kfree(cmd); 3906 kfree(cmd);
3784} 3907}
@@ -3875,7 +3998,30 @@ static int mwl8k_cmd_set_new_stn_del(struct ieee80211_hw *hw,
3875 struct ieee80211_vif *vif, u8 *addr) 3998 struct ieee80211_vif *vif, u8 *addr)
3876{ 3999{
3877 struct mwl8k_cmd_set_new_stn *cmd; 4000 struct mwl8k_cmd_set_new_stn *cmd;
3878 int rc; 4001 struct mwl8k_priv *priv = hw->priv;
4002 int rc, i;
4003 u8 idx;
4004
4005 spin_lock(&priv->stream_lock);
4006 /* Destroy any active ampdu streams for this sta */
4007 for (i = 0; i < MWL8K_NUM_AMPDU_STREAMS; i++) {
4008 struct mwl8k_ampdu_stream *s;
4009 s = &priv->ampdu[i];
4010 if (s->state != AMPDU_NO_STREAM) {
4011 if (memcmp(s->sta->addr, addr, ETH_ALEN) == 0) {
4012 if (s->state == AMPDU_STREAM_ACTIVE) {
4013 idx = s->idx;
4014 spin_unlock(&priv->stream_lock);
4015 mwl8k_destroy_ba(hw, idx);
4016 spin_lock(&priv->stream_lock);
4017 } else if (s->state == AMPDU_STREAM_NEW) {
4018 mwl8k_remove_stream(hw, s);
4019 }
4020 }
4021 }
4022 }
4023
4024 spin_unlock(&priv->stream_lock);
3879 4025
3880 cmd = kzalloc(sizeof(*cmd), GFP_KERNEL); 4026 cmd = kzalloc(sizeof(*cmd), GFP_KERNEL);
3881 if (cmd == NULL) 4027 if (cmd == NULL)
@@ -4119,8 +4265,9 @@ static int mwl8k_set_key(struct ieee80211_hw *hw,
4119 u8 encr_type; 4265 u8 encr_type;
4120 u8 *addr; 4266 u8 *addr;
4121 struct mwl8k_vif *mwl8k_vif = MWL8K_VIF(vif); 4267 struct mwl8k_vif *mwl8k_vif = MWL8K_VIF(vif);
4268 struct mwl8k_priv *priv = hw->priv;
4122 4269
4123 if (vif->type == NL80211_IFTYPE_STATION) 4270 if (vif->type == NL80211_IFTYPE_STATION && !priv->ap_fw)
4124 return -EOPNOTSUPP; 4271 return -EOPNOTSUPP;
4125 4272
4126 if (sta == NULL) 4273 if (sta == NULL)
@@ -4250,9 +4397,11 @@ static int mwl8k_cmd_update_stadb_add(struct ieee80211_hw *hw,
4250 p->amsdu_enabled = 0; 4397 p->amsdu_enabled = 0;
4251 4398
4252 rc = mwl8k_post_cmd(hw, &cmd->header); 4399 rc = mwl8k_post_cmd(hw, &cmd->header);
4400 if (!rc)
4401 rc = p->station_id;
4253 kfree(cmd); 4402 kfree(cmd);
4254 4403
4255 return rc ? rc : p->station_id; 4404 return rc;
4256} 4405}
4257 4406
4258static int mwl8k_cmd_update_stadb_del(struct ieee80211_hw *hw, 4407static int mwl8k_cmd_update_stadb_del(struct ieee80211_hw *hw,
@@ -4301,6 +4450,10 @@ static irqreturn_t mwl8k_interrupt(int irq, void *dev_id)
4301 } 4450 }
4302 4451
4303 if (status & MWL8K_A2H_INT_BA_WATCHDOG) { 4452 if (status & MWL8K_A2H_INT_BA_WATCHDOG) {
4453 iowrite32(~MWL8K_A2H_INT_BA_WATCHDOG,
4454 priv->regs + MWL8K_HIU_A2H_INTERRUPT_STATUS_MASK);
4455
4456 atomic_inc(&priv->watchdog_event_pending);
4304 status &= ~MWL8K_A2H_INT_BA_WATCHDOG; 4457 status &= ~MWL8K_A2H_INT_BA_WATCHDOG;
4305 ieee80211_queue_work(hw, &priv->watchdog_ba_handle); 4458 ieee80211_queue_work(hw, &priv->watchdog_ba_handle);
4306 } 4459 }
@@ -4444,6 +4597,8 @@ static int mwl8k_start(struct ieee80211_hw *hw)
4444 priv->irq = -1; 4597 priv->irq = -1;
4445 tasklet_disable(&priv->poll_tx_task); 4598 tasklet_disable(&priv->poll_tx_task);
4446 tasklet_disable(&priv->poll_rx_task); 4599 tasklet_disable(&priv->poll_rx_task);
4600 } else {
4601 ieee80211_wake_queues(hw);
4447 } 4602 }
4448 4603
4449 return rc; 4604 return rc;
@@ -4518,12 +4673,18 @@ static int mwl8k_add_interface(struct ieee80211_hw *hw,
4518 break; 4673 break;
4519 case NL80211_IFTYPE_STATION: 4674 case NL80211_IFTYPE_STATION:
4520 if (priv->ap_fw && di->fw_image_sta) { 4675 if (priv->ap_fw && di->fw_image_sta) {
4521 /* we must load the sta fw to meet this request */ 4676 if (!list_empty(&priv->vif_list)) {
4522 if (!list_empty(&priv->vif_list)) 4677 wiphy_warn(hw->wiphy, "AP interface is running.\n"
4523 return -EBUSY; 4678 "Adding STA interface for WDS");
4524 rc = mwl8k_reload_firmware(hw, di->fw_image_sta); 4679 } else {
4525 if (rc) 4680 /* we must load the sta fw to
4526 return rc; 4681 * meet this request.
4682 */
4683 rc = mwl8k_reload_firmware(hw,
4684 di->fw_image_sta);
4685 if (rc)
4686 return rc;
4687 }
4527 } 4688 }
4528 macids_supported = priv->sta_macids_supported; 4689 macids_supported = priv->sta_macids_supported;
4529 break; 4690 break;
@@ -4547,7 +4708,7 @@ static int mwl8k_add_interface(struct ieee80211_hw *hw,
4547 /* Set the mac address. */ 4708 /* Set the mac address. */
4548 mwl8k_cmd_set_mac_addr(hw, vif, vif->addr); 4709 mwl8k_cmd_set_mac_addr(hw, vif, vif->addr);
4549 4710
4550 if (priv->ap_fw) 4711 if (vif->type == NL80211_IFTYPE_AP)
4551 mwl8k_cmd_set_new_stn_add_self(hw, vif); 4712 mwl8k_cmd_set_new_stn_add_self(hw, vif);
4552 4713
4553 priv->macids_used |= 1 << mwl8k_vif->macid; 4714 priv->macids_used |= 1 << mwl8k_vif->macid;
@@ -4572,7 +4733,7 @@ static void mwl8k_remove_interface(struct ieee80211_hw *hw,
4572 struct mwl8k_priv *priv = hw->priv; 4733 struct mwl8k_priv *priv = hw->priv;
4573 struct mwl8k_vif *mwl8k_vif = MWL8K_VIF(vif); 4734 struct mwl8k_vif *mwl8k_vif = MWL8K_VIF(vif);
4574 4735
4575 if (priv->ap_fw) 4736 if (vif->type == NL80211_IFTYPE_AP)
4576 mwl8k_cmd_set_new_stn_del(hw, vif, vif->addr); 4737 mwl8k_cmd_set_new_stn_del(hw, vif, vif->addr);
4577 4738
4578 mwl8k_cmd_del_mac_addr(hw, vif, vif->addr); 4739 mwl8k_cmd_del_mac_addr(hw, vif, vif->addr);
@@ -4646,9 +4807,11 @@ static int mwl8k_config(struct ieee80211_hw *hw, u32 changed)
4646 if (rc) 4807 if (rc)
4647 goto out; 4808 goto out;
4648 4809
4649 rc = mwl8k_cmd_set_rf_channel(hw, conf); 4810 if (changed & IEEE80211_CONF_CHANGE_CHANNEL) {
4650 if (rc) 4811 rc = mwl8k_cmd_set_rf_channel(hw, conf);
4651 goto out; 4812 if (rc)
4813 goto out;
4814 }
4652 4815
4653 if (conf->power_level > 18) 4816 if (conf->power_level > 18)
4654 conf->power_level = 18; 4817 conf->power_level = 18;
@@ -4661,12 +4824,6 @@ static int mwl8k_config(struct ieee80211_hw *hw, u32 changed)
4661 goto out; 4824 goto out;
4662 } 4825 }
4663 4826
4664 rc = mwl8k_cmd_rf_antenna(hw, MWL8K_RF_ANTENNA_RX, 0x3);
4665 if (rc)
4666 wiphy_warn(hw->wiphy, "failed to set # of RX antennas");
4667 rc = mwl8k_cmd_rf_antenna(hw, MWL8K_RF_ANTENNA_TX, 0x7);
4668 if (rc)
4669 wiphy_warn(hw->wiphy, "failed to set # of TX antennas");
4670 4827
4671 } else { 4828 } else {
4672 rc = mwl8k_cmd_rf_tx_power(hw, conf->power_level); 4829 rc = mwl8k_cmd_rf_tx_power(hw, conf->power_level);
@@ -4724,7 +4881,8 @@ mwl8k_bss_info_changed_sta(struct ieee80211_hw *hw, struct ieee80211_vif *vif,
4724 rcu_read_unlock(); 4881 rcu_read_unlock();
4725 } 4882 }
4726 4883
4727 if ((changed & BSS_CHANGED_ASSOC) && vif->bss_conf.assoc) { 4884 if ((changed & BSS_CHANGED_ASSOC) && vif->bss_conf.assoc &&
4885 !priv->ap_fw) {
4728 rc = mwl8k_cmd_set_rate(hw, vif, ap_legacy_rates, ap_mcs_rates); 4886 rc = mwl8k_cmd_set_rate(hw, vif, ap_legacy_rates, ap_mcs_rates);
4729 if (rc) 4887 if (rc)
4730 goto out; 4888 goto out;
@@ -4732,6 +4890,25 @@ mwl8k_bss_info_changed_sta(struct ieee80211_hw *hw, struct ieee80211_vif *vif,
4732 rc = mwl8k_cmd_use_fixed_rate_sta(hw); 4890 rc = mwl8k_cmd_use_fixed_rate_sta(hw);
4733 if (rc) 4891 if (rc)
4734 goto out; 4892 goto out;
4893 } else {
4894 if ((changed & BSS_CHANGED_ASSOC) && vif->bss_conf.assoc &&
4895 priv->ap_fw) {
4896 int idx;
4897 int rate;
4898
4899 /* Use AP firmware specific rate command.
4900 */
4901 idx = ffs(vif->bss_conf.basic_rates);
4902 if (idx)
4903 idx--;
4904
4905 if (hw->conf.channel->band == IEEE80211_BAND_2GHZ)
4906 rate = mwl8k_rates_24[idx].hw_value;
4907 else
4908 rate = mwl8k_rates_50[idx].hw_value;
4909
4910 mwl8k_cmd_use_fixed_rate_ap(hw, rate, rate);
4911 }
4735 } 4912 }
4736 4913
4737 if (changed & BSS_CHANGED_ERP_PREAMBLE) { 4914 if (changed & BSS_CHANGED_ERP_PREAMBLE) {
@@ -4741,13 +4918,13 @@ mwl8k_bss_info_changed_sta(struct ieee80211_hw *hw, struct ieee80211_vif *vif,
4741 goto out; 4918 goto out;
4742 } 4919 }
4743 4920
4744 if (changed & BSS_CHANGED_ERP_SLOT) { 4921 if ((changed & BSS_CHANGED_ERP_SLOT) && !priv->ap_fw) {
4745 rc = mwl8k_cmd_set_slot(hw, vif->bss_conf.use_short_slot); 4922 rc = mwl8k_cmd_set_slot(hw, vif->bss_conf.use_short_slot);
4746 if (rc) 4923 if (rc)
4747 goto out; 4924 goto out;
4748 } 4925 }
4749 4926
4750 if (vif->bss_conf.assoc && 4927 if (vif->bss_conf.assoc && !priv->ap_fw &&
4751 (changed & (BSS_CHANGED_ASSOC | BSS_CHANGED_ERP_CTS_PROT | 4928 (changed & (BSS_CHANGED_ASSOC | BSS_CHANGED_ERP_CTS_PROT |
4752 BSS_CHANGED_HT))) { 4929 BSS_CHANGED_HT))) {
4753 rc = mwl8k_cmd_set_aid(hw, vif, ap_legacy_rates); 4930 rc = mwl8k_cmd_set_aid(hw, vif, ap_legacy_rates);
@@ -4827,11 +5004,9 @@ static void
4827mwl8k_bss_info_changed(struct ieee80211_hw *hw, struct ieee80211_vif *vif, 5004mwl8k_bss_info_changed(struct ieee80211_hw *hw, struct ieee80211_vif *vif,
4828 struct ieee80211_bss_conf *info, u32 changed) 5005 struct ieee80211_bss_conf *info, u32 changed)
4829{ 5006{
4830 struct mwl8k_priv *priv = hw->priv; 5007 if (vif->type == NL80211_IFTYPE_STATION)
4831
4832 if (!priv->ap_fw)
4833 mwl8k_bss_info_changed_sta(hw, vif, info, changed); 5008 mwl8k_bss_info_changed_sta(hw, vif, info, changed);
4834 else 5009 if (vif->type == NL80211_IFTYPE_AP)
4835 mwl8k_bss_info_changed_ap(hw, vif, info, changed); 5010 mwl8k_bss_info_changed_ap(hw, vif, info, changed);
4836} 5011}
4837 5012
@@ -5092,7 +5267,7 @@ mwl8k_ampdu_action(struct ieee80211_hw *hw, struct ieee80211_vif *vif,
5092 int i, rc = 0; 5267 int i, rc = 0;
5093 struct mwl8k_priv *priv = hw->priv; 5268 struct mwl8k_priv *priv = hw->priv;
5094 struct mwl8k_ampdu_stream *stream; 5269 struct mwl8k_ampdu_stream *stream;
5095 u8 *addr = sta->addr; 5270 u8 *addr = sta->addr, idx;
5096 struct mwl8k_sta *sta_info = MWL8K_STA(sta); 5271 struct mwl8k_sta *sta_info = MWL8K_STA(sta);
5097 5272
5098 if (!(hw->flags & IEEE80211_HW_AMPDU_AGGREGATION)) 5273 if (!(hw->flags & IEEE80211_HW_AMPDU_AGGREGATION))
@@ -5170,11 +5345,14 @@ mwl8k_ampdu_action(struct ieee80211_hw *hw, struct ieee80211_vif *vif,
5170 } 5345 }
5171 ieee80211_start_tx_ba_cb_irqsafe(vif, addr, tid); 5346 ieee80211_start_tx_ba_cb_irqsafe(vif, addr, tid);
5172 break; 5347 break;
5173 case IEEE80211_AMPDU_TX_STOP: 5348 case IEEE80211_AMPDU_TX_STOP_CONT:
5349 case IEEE80211_AMPDU_TX_STOP_FLUSH:
5350 case IEEE80211_AMPDU_TX_STOP_FLUSH_CONT:
5174 if (stream) { 5351 if (stream) {
5175 if (stream->state == AMPDU_STREAM_ACTIVE) { 5352 if (stream->state == AMPDU_STREAM_ACTIVE) {
5353 idx = stream->idx;
5176 spin_unlock(&priv->stream_lock); 5354 spin_unlock(&priv->stream_lock);
5177 mwl8k_destroy_ba(hw, stream); 5355 mwl8k_destroy_ba(hw, idx);
5178 spin_lock(&priv->stream_lock); 5356 spin_lock(&priv->stream_lock);
5179 } 5357 }
5180 mwl8k_remove_stream(hw, stream); 5358 mwl8k_remove_stream(hw, stream);
@@ -5190,8 +5368,9 @@ mwl8k_ampdu_action(struct ieee80211_hw *hw, struct ieee80211_vif *vif,
5190 if (!rc) 5368 if (!rc)
5191 stream->state = AMPDU_STREAM_ACTIVE; 5369 stream->state = AMPDU_STREAM_ACTIVE;
5192 else { 5370 else {
5371 idx = stream->idx;
5193 spin_unlock(&priv->stream_lock); 5372 spin_unlock(&priv->stream_lock);
5194 mwl8k_destroy_ba(hw, stream); 5373 mwl8k_destroy_ba(hw, idx);
5195 spin_lock(&priv->stream_lock); 5374 spin_lock(&priv->stream_lock);
5196 wiphy_debug(hw->wiphy, 5375 wiphy_debug(hw->wiphy,
5197 "Failed adding stream for sta %pM tid %d\n", 5376 "Failed adding stream for sta %pM tid %d\n",
@@ -5254,7 +5433,7 @@ enum {
5254 MWL8366, 5433 MWL8366,
5255}; 5434};
5256 5435
5257#define MWL8K_8366_AP_FW_API 2 5436#define MWL8K_8366_AP_FW_API 3
5258#define _MWL8K_8366_AP_FW(api) "mwl8k/fmimage_8366_ap-" #api ".fw" 5437#define _MWL8K_8366_AP_FW(api) "mwl8k/fmimage_8366_ap-" #api ".fw"
5259#define MWL8K_8366_AP_FW(api) _MWL8K_8366_AP_FW(api) 5438#define MWL8K_8366_AP_FW(api) _MWL8K_8366_AP_FW(api)
5260 5439
@@ -5462,6 +5641,7 @@ static int mwl8k_probe_hw(struct ieee80211_hw *hw)
5462 if (priv->rxd_ops == NULL) { 5641 if (priv->rxd_ops == NULL) {
5463 wiphy_err(hw->wiphy, 5642 wiphy_err(hw->wiphy,
5464 "Driver does not have AP firmware image support for this hardware\n"); 5643 "Driver does not have AP firmware image support for this hardware\n");
5644 rc = -ENOENT;
5465 goto err_stop_firmware; 5645 goto err_stop_firmware;
5466 } 5646 }
5467 } else { 5647 } else {
@@ -5471,6 +5651,7 @@ static int mwl8k_probe_hw(struct ieee80211_hw *hw)
5471 priv->sniffer_enabled = false; 5651 priv->sniffer_enabled = false;
5472 priv->wmm_enabled = false; 5652 priv->wmm_enabled = false;
5473 priv->pending_tx_pkts = 0; 5653 priv->pending_tx_pkts = 0;
5654 atomic_set(&priv->watchdog_event_pending, 0);
5474 5655
5475 rc = mwl8k_rxq_init(hw, 0); 5656 rc = mwl8k_rxq_init(hw, 0);
5476 if (rc) 5657 if (rc)
@@ -5550,6 +5731,15 @@ static int mwl8k_probe_hw(struct ieee80211_hw *hw)
5550 goto err_free_irq; 5731 goto err_free_irq;
5551 } 5732 }
5552 5733
5734 /* Configure Antennas */
5735 rc = mwl8k_cmd_rf_antenna(hw, MWL8K_RF_ANTENNA_RX, 0x3);
5736 if (rc)
5737 wiphy_warn(hw->wiphy, "failed to set # of RX antennas");
5738 rc = mwl8k_cmd_rf_antenna(hw, MWL8K_RF_ANTENNA_TX, 0x7);
5739 if (rc)
5740 wiphy_warn(hw->wiphy, "failed to set # of TX antennas");
5741
5742
5553 /* Disable interrupts */ 5743 /* Disable interrupts */
5554 iowrite32(0, priv->regs + MWL8K_HIU_A2H_INTERRUPT_MASK); 5744 iowrite32(0, priv->regs + MWL8K_HIU_A2H_INTERRUPT_MASK);
5555 free_irq(priv->pdev->irq, hw); 5745 free_irq(priv->pdev->irq, hw);
@@ -5637,6 +5827,7 @@ fail:
5637 5827
5638static const struct ieee80211_iface_limit ap_if_limits[] = { 5828static const struct ieee80211_iface_limit ap_if_limits[] = {
5639 { .max = 8, .types = BIT(NL80211_IFTYPE_AP) }, 5829 { .max = 8, .types = BIT(NL80211_IFTYPE_AP) },
5830 { .max = 1, .types = BIT(NL80211_IFTYPE_STATION) },
5640}; 5831};
5641 5832
5642static const struct ieee80211_iface_combination ap_if_comb = { 5833static const struct ieee80211_iface_combination ap_if_comb = {
@@ -5729,6 +5920,7 @@ static int mwl8k_firmware_load_success(struct mwl8k_priv *priv)
5729 5920
5730 if (priv->ap_macids_supported || priv->device_info->fw_image_ap) { 5921 if (priv->ap_macids_supported || priv->device_info->fw_image_ap) {
5731 hw->wiphy->interface_modes |= BIT(NL80211_IFTYPE_AP); 5922 hw->wiphy->interface_modes |= BIT(NL80211_IFTYPE_AP);
5923 hw->wiphy->interface_modes |= BIT(NL80211_IFTYPE_STATION);
5732 hw->wiphy->iface_combinations = &ap_if_comb; 5924 hw->wiphy->iface_combinations = &ap_if_comb;
5733 hw->wiphy->n_iface_combinations = 1; 5925 hw->wiphy->n_iface_combinations = 1;
5734 } 5926 }
@@ -5807,6 +5999,7 @@ static int mwl8k_probe(struct pci_dev *pdev,
5807 priv->sram = pci_iomap(pdev, 0, 0x10000); 5999 priv->sram = pci_iomap(pdev, 0, 0x10000);
5808 if (priv->sram == NULL) { 6000 if (priv->sram == NULL) {
5809 wiphy_err(hw->wiphy, "Cannot map device SRAM\n"); 6001 wiphy_err(hw->wiphy, "Cannot map device SRAM\n");
6002 rc = -EIO;
5810 goto err_iounmap; 6003 goto err_iounmap;
5811 } 6004 }
5812 6005
@@ -5819,6 +6012,7 @@ static int mwl8k_probe(struct pci_dev *pdev,
5819 priv->regs = pci_iomap(pdev, 2, 0x10000); 6012 priv->regs = pci_iomap(pdev, 2, 0x10000);
5820 if (priv->regs == NULL) { 6013 if (priv->regs == NULL) {
5821 wiphy_err(hw->wiphy, "Cannot map device registers\n"); 6014 wiphy_err(hw->wiphy, "Cannot map device registers\n");
6015 rc = -EIO;
5822 goto err_iounmap; 6016 goto err_iounmap;
5823 } 6017 }
5824 } 6018 }
@@ -5849,6 +6043,8 @@ static int mwl8k_probe(struct pci_dev *pdev,
5849 6043
5850 priv->hw_restart_in_progress = false; 6044 priv->hw_restart_in_progress = false;
5851 6045
6046 priv->running_bsses = 0;
6047
5852 return rc; 6048 return rc;
5853 6049
5854err_stop_firmware: 6050err_stop_firmware:
diff --git a/drivers/net/wireless/p54/p54pci.c b/drivers/net/wireless/p54/p54pci.c
index 933e5d941937..57e3af8ebb4b 100644
--- a/drivers/net/wireless/p54/p54pci.c
+++ b/drivers/net/wireless/p54/p54pci.c
@@ -559,6 +559,7 @@ static int p54p_probe(struct pci_dev *pdev,
559 mem_len = pci_resource_len(pdev, 0); 559 mem_len = pci_resource_len(pdev, 0);
560 if (mem_len < sizeof(struct p54p_csr)) { 560 if (mem_len < sizeof(struct p54p_csr)) {
561 dev_err(&pdev->dev, "Too short PCI resources\n"); 561 dev_err(&pdev->dev, "Too short PCI resources\n");
562 err = -ENODEV;
562 goto err_disable_dev; 563 goto err_disable_dev;
563 } 564 }
564 565
@@ -568,8 +569,10 @@ static int p54p_probe(struct pci_dev *pdev,
568 goto err_disable_dev; 569 goto err_disable_dev;
569 } 570 }
570 571
571 if (pci_set_dma_mask(pdev, DMA_BIT_MASK(32)) || 572 err = pci_set_dma_mask(pdev, DMA_BIT_MASK(32));
572 pci_set_consistent_dma_mask(pdev, DMA_BIT_MASK(32))) { 573 if (!err)
574 err = pci_set_consistent_dma_mask(pdev, DMA_BIT_MASK(32));
575 if (err) {
573 dev_err(&pdev->dev, "No suitable DMA available\n"); 576 dev_err(&pdev->dev, "No suitable DMA available\n");
574 goto err_free_reg; 577 goto err_free_reg;
575 } 578 }
diff --git a/drivers/net/wireless/p54/p54usb.c b/drivers/net/wireless/p54/p54usb.c
index e71c702e2eb1..800a16526c8e 100644
--- a/drivers/net/wireless/p54/p54usb.c
+++ b/drivers/net/wireless/p54/p54usb.c
@@ -47,6 +47,7 @@ static struct usb_device_id p54u_table[] = {
47 {USB_DEVICE(0x0411, 0x0050)}, /* Buffalo WLI2-USB2-G54 */ 47 {USB_DEVICE(0x0411, 0x0050)}, /* Buffalo WLI2-USB2-G54 */
48 {USB_DEVICE(0x045e, 0x00c2)}, /* Microsoft MN-710 */ 48 {USB_DEVICE(0x045e, 0x00c2)}, /* Microsoft MN-710 */
49 {USB_DEVICE(0x0506, 0x0a11)}, /* 3COM 3CRWE254G72 */ 49 {USB_DEVICE(0x0506, 0x0a11)}, /* 3COM 3CRWE254G72 */
50 {USB_DEVICE(0x0675, 0x0530)}, /* DrayTek Vigor 530 */
50 {USB_DEVICE(0x06b9, 0x0120)}, /* Thomson SpeedTouch 120g */ 51 {USB_DEVICE(0x06b9, 0x0120)}, /* Thomson SpeedTouch 120g */
51 {USB_DEVICE(0x0707, 0xee06)}, /* SMC 2862W-G */ 52 {USB_DEVICE(0x0707, 0xee06)}, /* SMC 2862W-G */
52 {USB_DEVICE(0x07aa, 0x001c)}, /* Corega CG-WLUSB2GT */ 53 {USB_DEVICE(0x07aa, 0x001c)}, /* Corega CG-WLUSB2GT */
@@ -82,6 +83,8 @@ static struct usb_device_id p54u_table[] = {
82 {USB_DEVICE(0x06a9, 0x000e)}, /* Westell 802.11g USB (A90-211WG-01) */ 83 {USB_DEVICE(0x06a9, 0x000e)}, /* Westell 802.11g USB (A90-211WG-01) */
83 {USB_DEVICE(0x06b9, 0x0121)}, /* Thomson SpeedTouch 121g */ 84 {USB_DEVICE(0x06b9, 0x0121)}, /* Thomson SpeedTouch 121g */
84 {USB_DEVICE(0x0707, 0xee13)}, /* SMC 2862W-G version 2 */ 85 {USB_DEVICE(0x0707, 0xee13)}, /* SMC 2862W-G version 2 */
86 {USB_DEVICE(0x0803, 0x4310)}, /* Zoom 4410a */
87 {USB_DEVICE(0x083a, 0x4503)}, /* T-Com Sinus 154 data II */
85 {USB_DEVICE(0x083a, 0x4521)}, /* Siemens Gigaset USB Adapter 54 version 2 */ 88 {USB_DEVICE(0x083a, 0x4521)}, /* Siemens Gigaset USB Adapter 54 version 2 */
86 {USB_DEVICE(0x083a, 0xc501)}, /* Zoom Wireless-G 4410 */ 89 {USB_DEVICE(0x083a, 0xc501)}, /* Zoom Wireless-G 4410 */
87 {USB_DEVICE(0x083a, 0xf503)}, /* Accton FD7050E ver 1010ec */ 90 {USB_DEVICE(0x083a, 0xf503)}, /* Accton FD7050E ver 1010ec */
@@ -101,6 +104,7 @@ static struct usb_device_id p54u_table[] = {
101 {USB_DEVICE(0x13B1, 0x000C)}, /* Linksys WUSB54AG */ 104 {USB_DEVICE(0x13B1, 0x000C)}, /* Linksys WUSB54AG */
102 {USB_DEVICE(0x1413, 0x5400)}, /* Telsey 802.11g USB2.0 Adapter */ 105 {USB_DEVICE(0x1413, 0x5400)}, /* Telsey 802.11g USB2.0 Adapter */
103 {USB_DEVICE(0x1435, 0x0427)}, /* Inventel UR054G */ 106 {USB_DEVICE(0x1435, 0x0427)}, /* Inventel UR054G */
107 /* {USB_DEVICE(0x15a9, 0x0002)}, * Also SparkLAN WL-682 with 3887 */
104 {USB_DEVICE(0x1668, 0x1050)}, /* Actiontec 802UIG-1 */ 108 {USB_DEVICE(0x1668, 0x1050)}, /* Actiontec 802UIG-1 */
105 {USB_DEVICE(0x1740, 0x1000)}, /* Senao NUB-350 */ 109 {USB_DEVICE(0x1740, 0x1000)}, /* Senao NUB-350 */
106 {USB_DEVICE(0x2001, 0x3704)}, /* DLink DWL-G122 rev A2 */ 110 {USB_DEVICE(0x2001, 0x3704)}, /* DLink DWL-G122 rev A2 */
diff --git a/drivers/net/wireless/prism54/isl_ioctl.c b/drivers/net/wireless/prism54/isl_ioctl.c
index 4e44b1af119a..1c22b81e6ef3 100644
--- a/drivers/net/wireless/prism54/isl_ioctl.c
+++ b/drivers/net/wireless/prism54/isl_ioctl.c
@@ -1503,6 +1503,7 @@ static int prism54_get_auth(struct net_device *ndev,
1503 case DOT11_AUTH_BOTH: 1503 case DOT11_AUTH_BOTH:
1504 case DOT11_AUTH_SK: 1504 case DOT11_AUTH_SK:
1505 param->value = IW_AUTH_ALG_SHARED_KEY; 1505 param->value = IW_AUTH_ALG_SHARED_KEY;
1506 break;
1506 case DOT11_AUTH_NONE: 1507 case DOT11_AUTH_NONE:
1507 default: 1508 default:
1508 param->value = 0; 1509 param->value = 0;
diff --git a/drivers/net/wireless/ray_cs.c b/drivers/net/wireless/ray_cs.c
index 598ca1cafb95..e7cf37f550d1 100644
--- a/drivers/net/wireless/ray_cs.c
+++ b/drivers/net/wireless/ray_cs.c
@@ -1107,12 +1107,15 @@ static int ray_get_essid(struct net_device *dev, struct iw_request_info *info,
1107 union iwreq_data *wrqu, char *extra) 1107 union iwreq_data *wrqu, char *extra)
1108{ 1108{
1109 ray_dev_t *local = netdev_priv(dev); 1109 ray_dev_t *local = netdev_priv(dev);
1110 UCHAR tmp[IW_ESSID_MAX_SIZE + 1];
1110 1111
1111 /* Get the essid that was set */ 1112 /* Get the essid that was set */
1112 memcpy(extra, local->sparm.b5.a_current_ess_id, IW_ESSID_MAX_SIZE); 1113 memcpy(extra, local->sparm.b5.a_current_ess_id, IW_ESSID_MAX_SIZE);
1114 memcpy(tmp, local->sparm.b5.a_current_ess_id, IW_ESSID_MAX_SIZE);
1115 tmp[IW_ESSID_MAX_SIZE] = '\0';
1113 1116
1114 /* Push it out ! */ 1117 /* Push it out ! */
1115 wrqu->essid.length = strlen(extra); 1118 wrqu->essid.length = strlen(tmp);
1116 wrqu->essid.flags = 1; /* active */ 1119 wrqu->essid.flags = 1; /* active */
1117 1120
1118 return 0; 1121 return 0;
@@ -1842,6 +1845,8 @@ static irqreturn_t ray_interrupt(int irq, void *dev_id)
1842 UCHAR tmp; 1845 UCHAR tmp;
1843 UCHAR cmd; 1846 UCHAR cmd;
1844 UCHAR status; 1847 UCHAR status;
1848 UCHAR memtmp[ESSID_SIZE + 1];
1849
1845 1850
1846 if (dev == NULL) /* Note that we want interrupts with dev->start == 0 */ 1851 if (dev == NULL) /* Note that we want interrupts with dev->start == 0 */
1847 return IRQ_NONE; 1852 return IRQ_NONE;
@@ -1901,17 +1906,21 @@ static irqreturn_t ray_interrupt(int irq, void *dev_id)
1901 break; 1906 break;
1902 case CCS_START_NETWORK: 1907 case CCS_START_NETWORK:
1903 case CCS_JOIN_NETWORK: 1908 case CCS_JOIN_NETWORK:
1909 memcpy(memtmp, local->sparm.b4.a_current_ess_id,
1910 ESSID_SIZE);
1911 memtmp[ESSID_SIZE] = '\0';
1912
1904 if (status == CCS_COMMAND_COMPLETE) { 1913 if (status == CCS_COMMAND_COMPLETE) {
1905 if (readb 1914 if (readb
1906 (&pccs->var.start_network.net_initiated) == 1915 (&pccs->var.start_network.net_initiated) ==
1907 1) { 1916 1) {
1908 dev_dbg(&link->dev, 1917 dev_dbg(&link->dev,
1909 "ray_cs interrupt network \"%s\" started\n", 1918 "ray_cs interrupt network \"%s\" started\n",
1910 local->sparm.b4.a_current_ess_id); 1919 memtmp);
1911 } else { 1920 } else {
1912 dev_dbg(&link->dev, 1921 dev_dbg(&link->dev,
1913 "ray_cs interrupt network \"%s\" joined\n", 1922 "ray_cs interrupt network \"%s\" joined\n",
1914 local->sparm.b4.a_current_ess_id); 1923 memtmp);
1915 } 1924 }
1916 memcpy_fromio(&local->bss_id, 1925 memcpy_fromio(&local->bss_id,
1917 pccs->var.start_network.bssid, 1926 pccs->var.start_network.bssid,
@@ -1939,12 +1948,12 @@ static irqreturn_t ray_interrupt(int irq, void *dev_id)
1939 if (status == CCS_START_NETWORK) { 1948 if (status == CCS_START_NETWORK) {
1940 dev_dbg(&link->dev, 1949 dev_dbg(&link->dev,
1941 "ray_cs interrupt network \"%s\" start failed\n", 1950 "ray_cs interrupt network \"%s\" start failed\n",
1942 local->sparm.b4.a_current_ess_id); 1951 memtmp);
1943 local->timer.function = start_net; 1952 local->timer.function = start_net;
1944 } else { 1953 } else {
1945 dev_dbg(&link->dev, 1954 dev_dbg(&link->dev,
1946 "ray_cs interrupt network \"%s\" join failed\n", 1955 "ray_cs interrupt network \"%s\" join failed\n",
1947 local->sparm.b4.a_current_ess_id); 1956 memtmp);
1948 local->timer.function = join_net; 1957 local->timer.function = join_net;
1949 } 1958 }
1950 add_timer(&local->timer); 1959 add_timer(&local->timer);
diff --git a/drivers/net/wireless/rt2x00/rt2800lib.c b/drivers/net/wireless/rt2x00/rt2800lib.c
index 197b4466a5d2..a658b4bc7da2 100644
--- a/drivers/net/wireless/rt2x00/rt2800lib.c
+++ b/drivers/net/wireless/rt2x00/rt2800lib.c
@@ -80,7 +80,7 @@ static inline bool rt2800_is_305x_soc(struct rt2x00_dev *rt2x00dev)
80 rt2x00_rf(rt2x00dev, RF3022)) 80 rt2x00_rf(rt2x00dev, RF3022))
81 return true; 81 return true;
82 82
83 NOTICE(rt2x00dev, "Unknown RF chipset on rt305x\n"); 83 WARNING(rt2x00dev, "Unknown RF chipset on rt305x\n");
84 return false; 84 return false;
85} 85}
86 86
@@ -1296,8 +1296,7 @@ void rt2800_config_filter(struct rt2x00_dev *rt2x00dev,
1296 !(filter_flags & FIF_CONTROL)); 1296 !(filter_flags & FIF_CONTROL));
1297 rt2x00_set_field32(&reg, RX_FILTER_CFG_DROP_PSPOLL, 1297 rt2x00_set_field32(&reg, RX_FILTER_CFG_DROP_PSPOLL,
1298 !(filter_flags & FIF_PSPOLL)); 1298 !(filter_flags & FIF_PSPOLL));
1299 rt2x00_set_field32(&reg, RX_FILTER_CFG_DROP_BA, 1299 rt2x00_set_field32(&reg, RX_FILTER_CFG_DROP_BA, 0);
1300 !(filter_flags & FIF_CONTROL));
1301 rt2x00_set_field32(&reg, RX_FILTER_CFG_DROP_BAR, 1300 rt2x00_set_field32(&reg, RX_FILTER_CFG_DROP_BAR,
1302 !(filter_flags & FIF_CONTROL)); 1301 !(filter_flags & FIF_CONTROL));
1303 rt2x00_set_field32(&reg, RX_FILTER_CFG_DROP_CNTL, 1302 rt2x00_set_field32(&reg, RX_FILTER_CFG_DROP_CNTL,
@@ -3866,6 +3865,400 @@ static u8 rt2800_init_rx_filter(struct rt2x00_dev *rt2x00dev,
3866 return rfcsr24; 3865 return rfcsr24;
3867} 3866}
3868 3867
3868static void rt2800_init_rfcsr_305x_soc(struct rt2x00_dev *rt2x00dev)
3869{
3870 rt2800_rfcsr_write(rt2x00dev, 0, 0x50);
3871 rt2800_rfcsr_write(rt2x00dev, 1, 0x01);
3872 rt2800_rfcsr_write(rt2x00dev, 2, 0xf7);
3873 rt2800_rfcsr_write(rt2x00dev, 3, 0x75);
3874 rt2800_rfcsr_write(rt2x00dev, 4, 0x40);
3875 rt2800_rfcsr_write(rt2x00dev, 5, 0x03);
3876 rt2800_rfcsr_write(rt2x00dev, 6, 0x02);
3877 rt2800_rfcsr_write(rt2x00dev, 7, 0x50);
3878 rt2800_rfcsr_write(rt2x00dev, 8, 0x39);
3879 rt2800_rfcsr_write(rt2x00dev, 9, 0x0f);
3880 rt2800_rfcsr_write(rt2x00dev, 10, 0x60);
3881 rt2800_rfcsr_write(rt2x00dev, 11, 0x21);
3882 rt2800_rfcsr_write(rt2x00dev, 12, 0x75);
3883 rt2800_rfcsr_write(rt2x00dev, 13, 0x75);
3884 rt2800_rfcsr_write(rt2x00dev, 14, 0x90);
3885 rt2800_rfcsr_write(rt2x00dev, 15, 0x58);
3886 rt2800_rfcsr_write(rt2x00dev, 16, 0xb3);
3887 rt2800_rfcsr_write(rt2x00dev, 17, 0x92);
3888 rt2800_rfcsr_write(rt2x00dev, 18, 0x2c);
3889 rt2800_rfcsr_write(rt2x00dev, 19, 0x02);
3890 rt2800_rfcsr_write(rt2x00dev, 20, 0xba);
3891 rt2800_rfcsr_write(rt2x00dev, 21, 0xdb);
3892 rt2800_rfcsr_write(rt2x00dev, 22, 0x00);
3893 rt2800_rfcsr_write(rt2x00dev, 23, 0x31);
3894 rt2800_rfcsr_write(rt2x00dev, 24, 0x08);
3895 rt2800_rfcsr_write(rt2x00dev, 25, 0x01);
3896 rt2800_rfcsr_write(rt2x00dev, 26, 0x25);
3897 rt2800_rfcsr_write(rt2x00dev, 27, 0x23);
3898 rt2800_rfcsr_write(rt2x00dev, 28, 0x13);
3899 rt2800_rfcsr_write(rt2x00dev, 29, 0x83);
3900 rt2800_rfcsr_write(rt2x00dev, 30, 0x00);
3901 rt2800_rfcsr_write(rt2x00dev, 31, 0x00);
3902}
3903
3904static void rt2800_init_rfcsr_30xx(struct rt2x00_dev *rt2x00dev)
3905{
3906 rt2800_rfcsr_write(rt2x00dev, 4, 0x40);
3907 rt2800_rfcsr_write(rt2x00dev, 5, 0x03);
3908 rt2800_rfcsr_write(rt2x00dev, 6, 0x02);
3909 rt2800_rfcsr_write(rt2x00dev, 7, 0x60);
3910 rt2800_rfcsr_write(rt2x00dev, 9, 0x0f);
3911 rt2800_rfcsr_write(rt2x00dev, 10, 0x41);
3912 rt2800_rfcsr_write(rt2x00dev, 11, 0x21);
3913 rt2800_rfcsr_write(rt2x00dev, 12, 0x7b);
3914 rt2800_rfcsr_write(rt2x00dev, 14, 0x90);
3915 rt2800_rfcsr_write(rt2x00dev, 15, 0x58);
3916 rt2800_rfcsr_write(rt2x00dev, 16, 0xb3);
3917 rt2800_rfcsr_write(rt2x00dev, 17, 0x92);
3918 rt2800_rfcsr_write(rt2x00dev, 18, 0x2c);
3919 rt2800_rfcsr_write(rt2x00dev, 19, 0x02);
3920 rt2800_rfcsr_write(rt2x00dev, 20, 0xba);
3921 rt2800_rfcsr_write(rt2x00dev, 21, 0xdb);
3922 rt2800_rfcsr_write(rt2x00dev, 24, 0x16);
3923 rt2800_rfcsr_write(rt2x00dev, 25, 0x01);
3924 rt2800_rfcsr_write(rt2x00dev, 29, 0x1f);
3925}
3926
3927static void rt2800_init_rfcsr_3290(struct rt2x00_dev *rt2x00dev)
3928{
3929 rt2800_rfcsr_write(rt2x00dev, 1, 0x0f);
3930 rt2800_rfcsr_write(rt2x00dev, 2, 0x80);
3931 rt2800_rfcsr_write(rt2x00dev, 3, 0x08);
3932 rt2800_rfcsr_write(rt2x00dev, 4, 0x00);
3933 rt2800_rfcsr_write(rt2x00dev, 6, 0xa0);
3934 rt2800_rfcsr_write(rt2x00dev, 8, 0xf3);
3935 rt2800_rfcsr_write(rt2x00dev, 9, 0x02);
3936 rt2800_rfcsr_write(rt2x00dev, 10, 0x53);
3937 rt2800_rfcsr_write(rt2x00dev, 11, 0x4a);
3938 rt2800_rfcsr_write(rt2x00dev, 12, 0x46);
3939 rt2800_rfcsr_write(rt2x00dev, 13, 0x9f);
3940 rt2800_rfcsr_write(rt2x00dev, 18, 0x02);
3941 rt2800_rfcsr_write(rt2x00dev, 22, 0x20);
3942 rt2800_rfcsr_write(rt2x00dev, 25, 0x83);
3943 rt2800_rfcsr_write(rt2x00dev, 26, 0x82);
3944 rt2800_rfcsr_write(rt2x00dev, 27, 0x09);
3945 rt2800_rfcsr_write(rt2x00dev, 29, 0x10);
3946 rt2800_rfcsr_write(rt2x00dev, 30, 0x10);
3947 rt2800_rfcsr_write(rt2x00dev, 31, 0x80);
3948 rt2800_rfcsr_write(rt2x00dev, 32, 0x80);
3949 rt2800_rfcsr_write(rt2x00dev, 33, 0x00);
3950 rt2800_rfcsr_write(rt2x00dev, 34, 0x05);
3951 rt2800_rfcsr_write(rt2x00dev, 35, 0x12);
3952 rt2800_rfcsr_write(rt2x00dev, 36, 0x00);
3953 rt2800_rfcsr_write(rt2x00dev, 38, 0x85);
3954 rt2800_rfcsr_write(rt2x00dev, 39, 0x1b);
3955 rt2800_rfcsr_write(rt2x00dev, 40, 0x0b);
3956 rt2800_rfcsr_write(rt2x00dev, 41, 0xbb);
3957 rt2800_rfcsr_write(rt2x00dev, 42, 0xd5);
3958 rt2800_rfcsr_write(rt2x00dev, 43, 0x7b);
3959 rt2800_rfcsr_write(rt2x00dev, 44, 0x0e);
3960 rt2800_rfcsr_write(rt2x00dev, 45, 0xa2);
3961 rt2800_rfcsr_write(rt2x00dev, 46, 0x73);
3962 rt2800_rfcsr_write(rt2x00dev, 47, 0x00);
3963 rt2800_rfcsr_write(rt2x00dev, 48, 0x10);
3964 rt2800_rfcsr_write(rt2x00dev, 49, 0x98);
3965 rt2800_rfcsr_write(rt2x00dev, 52, 0x38);
3966 rt2800_rfcsr_write(rt2x00dev, 53, 0x00);
3967 rt2800_rfcsr_write(rt2x00dev, 54, 0x78);
3968 rt2800_rfcsr_write(rt2x00dev, 55, 0x43);
3969 rt2800_rfcsr_write(rt2x00dev, 56, 0x02);
3970 rt2800_rfcsr_write(rt2x00dev, 57, 0x80);
3971 rt2800_rfcsr_write(rt2x00dev, 58, 0x7f);
3972 rt2800_rfcsr_write(rt2x00dev, 59, 0x09);
3973 rt2800_rfcsr_write(rt2x00dev, 60, 0x45);
3974 rt2800_rfcsr_write(rt2x00dev, 61, 0xc1);
3975}
3976
3977static void rt2800_init_rfcsr_3352(struct rt2x00_dev *rt2x00dev)
3978{
3979 rt2800_rfcsr_write(rt2x00dev, 0, 0xf0);
3980 rt2800_rfcsr_write(rt2x00dev, 1, 0x23);
3981 rt2800_rfcsr_write(rt2x00dev, 2, 0x50);
3982 rt2800_rfcsr_write(rt2x00dev, 3, 0x18);
3983 rt2800_rfcsr_write(rt2x00dev, 4, 0x00);
3984 rt2800_rfcsr_write(rt2x00dev, 5, 0x00);
3985 rt2800_rfcsr_write(rt2x00dev, 6, 0x33);
3986 rt2800_rfcsr_write(rt2x00dev, 7, 0x00);
3987 rt2800_rfcsr_write(rt2x00dev, 8, 0xf1);
3988 rt2800_rfcsr_write(rt2x00dev, 9, 0x02);
3989 rt2800_rfcsr_write(rt2x00dev, 10, 0xd2);
3990 rt2800_rfcsr_write(rt2x00dev, 11, 0x42);
3991 rt2800_rfcsr_write(rt2x00dev, 12, 0x1c);
3992 rt2800_rfcsr_write(rt2x00dev, 13, 0x00);
3993 rt2800_rfcsr_write(rt2x00dev, 14, 0x5a);
3994 rt2800_rfcsr_write(rt2x00dev, 15, 0x00);
3995 rt2800_rfcsr_write(rt2x00dev, 16, 0x01);
3996 rt2800_rfcsr_write(rt2x00dev, 18, 0x45);
3997 rt2800_rfcsr_write(rt2x00dev, 19, 0x02);
3998 rt2800_rfcsr_write(rt2x00dev, 20, 0x00);
3999 rt2800_rfcsr_write(rt2x00dev, 21, 0x00);
4000 rt2800_rfcsr_write(rt2x00dev, 22, 0x00);
4001 rt2800_rfcsr_write(rt2x00dev, 23, 0x00);
4002 rt2800_rfcsr_write(rt2x00dev, 24, 0x00);
4003 rt2800_rfcsr_write(rt2x00dev, 25, 0x80);
4004 rt2800_rfcsr_write(rt2x00dev, 26, 0x00);
4005 rt2800_rfcsr_write(rt2x00dev, 27, 0x03);
4006 rt2800_rfcsr_write(rt2x00dev, 28, 0x03);
4007 rt2800_rfcsr_write(rt2x00dev, 29, 0x00);
4008 rt2800_rfcsr_write(rt2x00dev, 30, 0x10);
4009 rt2800_rfcsr_write(rt2x00dev, 31, 0x80);
4010 rt2800_rfcsr_write(rt2x00dev, 32, 0x80);
4011 rt2800_rfcsr_write(rt2x00dev, 33, 0x00);
4012 rt2800_rfcsr_write(rt2x00dev, 34, 0x01);
4013 rt2800_rfcsr_write(rt2x00dev, 35, 0x03);
4014 rt2800_rfcsr_write(rt2x00dev, 36, 0xbd);
4015 rt2800_rfcsr_write(rt2x00dev, 37, 0x3c);
4016 rt2800_rfcsr_write(rt2x00dev, 38, 0x5f);
4017 rt2800_rfcsr_write(rt2x00dev, 39, 0xc5);
4018 rt2800_rfcsr_write(rt2x00dev, 40, 0x33);
4019 rt2800_rfcsr_write(rt2x00dev, 41, 0x5b);
4020 rt2800_rfcsr_write(rt2x00dev, 42, 0x5b);
4021 rt2800_rfcsr_write(rt2x00dev, 43, 0xdb);
4022 rt2800_rfcsr_write(rt2x00dev, 44, 0xdb);
4023 rt2800_rfcsr_write(rt2x00dev, 45, 0xdb);
4024 rt2800_rfcsr_write(rt2x00dev, 46, 0xdd);
4025 rt2800_rfcsr_write(rt2x00dev, 47, 0x0d);
4026 rt2800_rfcsr_write(rt2x00dev, 48, 0x14);
4027 rt2800_rfcsr_write(rt2x00dev, 49, 0x00);
4028 rt2800_rfcsr_write(rt2x00dev, 50, 0x2d);
4029 rt2800_rfcsr_write(rt2x00dev, 51, 0x7f);
4030 rt2800_rfcsr_write(rt2x00dev, 52, 0x00);
4031 rt2800_rfcsr_write(rt2x00dev, 53, 0x52);
4032 rt2800_rfcsr_write(rt2x00dev, 54, 0x1b);
4033 rt2800_rfcsr_write(rt2x00dev, 55, 0x7f);
4034 rt2800_rfcsr_write(rt2x00dev, 56, 0x00);
4035 rt2800_rfcsr_write(rt2x00dev, 57, 0x52);
4036 rt2800_rfcsr_write(rt2x00dev, 58, 0x1b);
4037 rt2800_rfcsr_write(rt2x00dev, 59, 0x00);
4038 rt2800_rfcsr_write(rt2x00dev, 60, 0x00);
4039 rt2800_rfcsr_write(rt2x00dev, 61, 0x00);
4040 rt2800_rfcsr_write(rt2x00dev, 62, 0x00);
4041 rt2800_rfcsr_write(rt2x00dev, 63, 0x00);
4042}
4043
4044static void rt2800_init_rfcsr_3390(struct rt2x00_dev *rt2x00dev)
4045{
4046 rt2800_rfcsr_write(rt2x00dev, 0, 0xa0);
4047 rt2800_rfcsr_write(rt2x00dev, 1, 0xe1);
4048 rt2800_rfcsr_write(rt2x00dev, 2, 0xf1);
4049 rt2800_rfcsr_write(rt2x00dev, 3, 0x62);
4050 rt2800_rfcsr_write(rt2x00dev, 4, 0x40);
4051 rt2800_rfcsr_write(rt2x00dev, 5, 0x8b);
4052 rt2800_rfcsr_write(rt2x00dev, 6, 0x42);
4053 rt2800_rfcsr_write(rt2x00dev, 7, 0x34);
4054 rt2800_rfcsr_write(rt2x00dev, 8, 0x00);
4055 rt2800_rfcsr_write(rt2x00dev, 9, 0xc0);
4056 rt2800_rfcsr_write(rt2x00dev, 10, 0x61);
4057 rt2800_rfcsr_write(rt2x00dev, 11, 0x21);
4058 rt2800_rfcsr_write(rt2x00dev, 12, 0x3b);
4059 rt2800_rfcsr_write(rt2x00dev, 13, 0xe0);
4060 rt2800_rfcsr_write(rt2x00dev, 14, 0x90);
4061 rt2800_rfcsr_write(rt2x00dev, 15, 0x53);
4062 rt2800_rfcsr_write(rt2x00dev, 16, 0xe0);
4063 rt2800_rfcsr_write(rt2x00dev, 17, 0x94);
4064 rt2800_rfcsr_write(rt2x00dev, 18, 0x5c);
4065 rt2800_rfcsr_write(rt2x00dev, 19, 0x4a);
4066 rt2800_rfcsr_write(rt2x00dev, 20, 0xb2);
4067 rt2800_rfcsr_write(rt2x00dev, 21, 0xf6);
4068 rt2800_rfcsr_write(rt2x00dev, 22, 0x00);
4069 rt2800_rfcsr_write(rt2x00dev, 23, 0x14);
4070 rt2800_rfcsr_write(rt2x00dev, 24, 0x08);
4071 rt2800_rfcsr_write(rt2x00dev, 25, 0x3d);
4072 rt2800_rfcsr_write(rt2x00dev, 26, 0x85);
4073 rt2800_rfcsr_write(rt2x00dev, 27, 0x00);
4074 rt2800_rfcsr_write(rt2x00dev, 28, 0x41);
4075 rt2800_rfcsr_write(rt2x00dev, 29, 0x8f);
4076 rt2800_rfcsr_write(rt2x00dev, 30, 0x20);
4077 rt2800_rfcsr_write(rt2x00dev, 31, 0x0f);
4078}
4079
4080static void rt2800_init_rfcsr_3572(struct rt2x00_dev *rt2x00dev)
4081{
4082 rt2800_rfcsr_write(rt2x00dev, 0, 0x70);
4083 rt2800_rfcsr_write(rt2x00dev, 1, 0x81);
4084 rt2800_rfcsr_write(rt2x00dev, 2, 0xf1);
4085 rt2800_rfcsr_write(rt2x00dev, 3, 0x02);
4086 rt2800_rfcsr_write(rt2x00dev, 4, 0x4c);
4087 rt2800_rfcsr_write(rt2x00dev, 5, 0x05);
4088 rt2800_rfcsr_write(rt2x00dev, 6, 0x4a);
4089 rt2800_rfcsr_write(rt2x00dev, 7, 0xd8);
4090 rt2800_rfcsr_write(rt2x00dev, 9, 0xc3);
4091 rt2800_rfcsr_write(rt2x00dev, 10, 0xf1);
4092 rt2800_rfcsr_write(rt2x00dev, 11, 0xb9);
4093 rt2800_rfcsr_write(rt2x00dev, 12, 0x70);
4094 rt2800_rfcsr_write(rt2x00dev, 13, 0x65);
4095 rt2800_rfcsr_write(rt2x00dev, 14, 0xa0);
4096 rt2800_rfcsr_write(rt2x00dev, 15, 0x53);
4097 rt2800_rfcsr_write(rt2x00dev, 16, 0x4c);
4098 rt2800_rfcsr_write(rt2x00dev, 17, 0x23);
4099 rt2800_rfcsr_write(rt2x00dev, 18, 0xac);
4100 rt2800_rfcsr_write(rt2x00dev, 19, 0x93);
4101 rt2800_rfcsr_write(rt2x00dev, 20, 0xb3);
4102 rt2800_rfcsr_write(rt2x00dev, 21, 0xd0);
4103 rt2800_rfcsr_write(rt2x00dev, 22, 0x00);
4104 rt2800_rfcsr_write(rt2x00dev, 23, 0x3c);
4105 rt2800_rfcsr_write(rt2x00dev, 24, 0x16);
4106 rt2800_rfcsr_write(rt2x00dev, 25, 0x15);
4107 rt2800_rfcsr_write(rt2x00dev, 26, 0x85);
4108 rt2800_rfcsr_write(rt2x00dev, 27, 0x00);
4109 rt2800_rfcsr_write(rt2x00dev, 28, 0x00);
4110 rt2800_rfcsr_write(rt2x00dev, 29, 0x9b);
4111 rt2800_rfcsr_write(rt2x00dev, 30, 0x09);
4112 rt2800_rfcsr_write(rt2x00dev, 31, 0x10);
4113}
4114
4115static void rt2800_init_rfcsr_5390(struct rt2x00_dev *rt2x00dev)
4116{
4117 rt2800_rfcsr_write(rt2x00dev, 1, 0x0f);
4118 rt2800_rfcsr_write(rt2x00dev, 2, 0x80);
4119 rt2800_rfcsr_write(rt2x00dev, 3, 0x88);
4120 rt2800_rfcsr_write(rt2x00dev, 5, 0x10);
4121 if (rt2x00_rt_rev_gte(rt2x00dev, RT5390, REV_RT5390F))
4122 rt2800_rfcsr_write(rt2x00dev, 6, 0xe0);
4123 else
4124 rt2800_rfcsr_write(rt2x00dev, 6, 0xa0);
4125 rt2800_rfcsr_write(rt2x00dev, 7, 0x00);
4126 rt2800_rfcsr_write(rt2x00dev, 10, 0x53);
4127 rt2800_rfcsr_write(rt2x00dev, 11, 0x4a);
4128 rt2800_rfcsr_write(rt2x00dev, 12, 0xc6);
4129 rt2800_rfcsr_write(rt2x00dev, 13, 0x9f);
4130 rt2800_rfcsr_write(rt2x00dev, 14, 0x00);
4131 rt2800_rfcsr_write(rt2x00dev, 15, 0x00);
4132 rt2800_rfcsr_write(rt2x00dev, 16, 0x00);
4133 rt2800_rfcsr_write(rt2x00dev, 18, 0x03);
4134 rt2800_rfcsr_write(rt2x00dev, 19, 0x00);
4135
4136 rt2800_rfcsr_write(rt2x00dev, 20, 0x00);
4137 rt2800_rfcsr_write(rt2x00dev, 21, 0x00);
4138 rt2800_rfcsr_write(rt2x00dev, 22, 0x20);
4139 rt2800_rfcsr_write(rt2x00dev, 23, 0x00);
4140 rt2800_rfcsr_write(rt2x00dev, 24, 0x00);
4141 if (rt2x00_rt_rev_gte(rt2x00dev, RT5390, REV_RT5390F))
4142 rt2800_rfcsr_write(rt2x00dev, 25, 0x80);
4143 else
4144 rt2800_rfcsr_write(rt2x00dev, 25, 0xc0);
4145 rt2800_rfcsr_write(rt2x00dev, 26, 0x00);
4146 rt2800_rfcsr_write(rt2x00dev, 27, 0x09);
4147 rt2800_rfcsr_write(rt2x00dev, 28, 0x00);
4148 rt2800_rfcsr_write(rt2x00dev, 29, 0x10);
4149
4150 rt2800_rfcsr_write(rt2x00dev, 30, 0x00);
4151 rt2800_rfcsr_write(rt2x00dev, 31, 0x80);
4152 rt2800_rfcsr_write(rt2x00dev, 32, 0x80);
4153 rt2800_rfcsr_write(rt2x00dev, 33, 0x00);
4154 rt2800_rfcsr_write(rt2x00dev, 34, 0x07);
4155 rt2800_rfcsr_write(rt2x00dev, 35, 0x12);
4156 rt2800_rfcsr_write(rt2x00dev, 36, 0x00);
4157 rt2800_rfcsr_write(rt2x00dev, 37, 0x08);
4158 rt2800_rfcsr_write(rt2x00dev, 38, 0x85);
4159 rt2800_rfcsr_write(rt2x00dev, 39, 0x1b);
4160
4161 if (rt2x00_rt_rev_gte(rt2x00dev, RT5390, REV_RT5390F))
4162 rt2800_rfcsr_write(rt2x00dev, 40, 0x0b);
4163 else
4164 rt2800_rfcsr_write(rt2x00dev, 40, 0x4b);
4165 rt2800_rfcsr_write(rt2x00dev, 41, 0xbb);
4166 rt2800_rfcsr_write(rt2x00dev, 42, 0xd2);
4167 rt2800_rfcsr_write(rt2x00dev, 43, 0x9a);
4168 rt2800_rfcsr_write(rt2x00dev, 44, 0x0e);
4169 rt2800_rfcsr_write(rt2x00dev, 45, 0xa2);
4170 if (rt2x00_rt_rev_gte(rt2x00dev, RT5390, REV_RT5390F))
4171 rt2800_rfcsr_write(rt2x00dev, 46, 0x73);
4172 else
4173 rt2800_rfcsr_write(rt2x00dev, 46, 0x7b);
4174 rt2800_rfcsr_write(rt2x00dev, 47, 0x00);
4175 rt2800_rfcsr_write(rt2x00dev, 48, 0x10);
4176 rt2800_rfcsr_write(rt2x00dev, 49, 0x94);
4177
4178 rt2800_rfcsr_write(rt2x00dev, 52, 0x38);
4179 if (rt2x00_rt_rev_gte(rt2x00dev, RT5390, REV_RT5390F))
4180 rt2800_rfcsr_write(rt2x00dev, 53, 0x00);
4181 else
4182 rt2800_rfcsr_write(rt2x00dev, 53, 0x84);
4183 rt2800_rfcsr_write(rt2x00dev, 54, 0x78);
4184 rt2800_rfcsr_write(rt2x00dev, 55, 0x44);
4185 rt2800_rfcsr_write(rt2x00dev, 56, 0x22);
4186 rt2800_rfcsr_write(rt2x00dev, 57, 0x80);
4187 rt2800_rfcsr_write(rt2x00dev, 58, 0x7f);
4188 rt2800_rfcsr_write(rt2x00dev, 59, 0x63);
4189
4190 rt2800_rfcsr_write(rt2x00dev, 60, 0x45);
4191 if (rt2x00_rt_rev_gte(rt2x00dev, RT5390, REV_RT5390F))
4192 rt2800_rfcsr_write(rt2x00dev, 61, 0xd1);
4193 else
4194 rt2800_rfcsr_write(rt2x00dev, 61, 0xdd);
4195 rt2800_rfcsr_write(rt2x00dev, 62, 0x00);
4196 rt2800_rfcsr_write(rt2x00dev, 63, 0x00);
4197}
4198
4199static void rt2800_init_rfcsr_5392(struct rt2x00_dev *rt2x00dev)
4200{
4201 rt2800_rfcsr_write(rt2x00dev, 1, 0x17);
4202 rt2800_rfcsr_write(rt2x00dev, 2, 0x80);
4203 rt2800_rfcsr_write(rt2x00dev, 3, 0x88);
4204 rt2800_rfcsr_write(rt2x00dev, 5, 0x10);
4205 rt2800_rfcsr_write(rt2x00dev, 6, 0xe0);
4206 rt2800_rfcsr_write(rt2x00dev, 7, 0x00);
4207 rt2800_rfcsr_write(rt2x00dev, 10, 0x53);
4208 rt2800_rfcsr_write(rt2x00dev, 11, 0x4a);
4209 rt2800_rfcsr_write(rt2x00dev, 12, 0x46);
4210 rt2800_rfcsr_write(rt2x00dev, 13, 0x9f);
4211 rt2800_rfcsr_write(rt2x00dev, 14, 0x00);
4212 rt2800_rfcsr_write(rt2x00dev, 15, 0x00);
4213 rt2800_rfcsr_write(rt2x00dev, 16, 0x00);
4214 rt2800_rfcsr_write(rt2x00dev, 18, 0x03);
4215 rt2800_rfcsr_write(rt2x00dev, 19, 0x4d);
4216 rt2800_rfcsr_write(rt2x00dev, 20, 0x00);
4217 rt2800_rfcsr_write(rt2x00dev, 21, 0x8d);
4218 rt2800_rfcsr_write(rt2x00dev, 22, 0x20);
4219 rt2800_rfcsr_write(rt2x00dev, 23, 0x0b);
4220 rt2800_rfcsr_write(rt2x00dev, 24, 0x44);
4221 rt2800_rfcsr_write(rt2x00dev, 25, 0x80);
4222 rt2800_rfcsr_write(rt2x00dev, 26, 0x82);
4223 rt2800_rfcsr_write(rt2x00dev, 27, 0x09);
4224 rt2800_rfcsr_write(rt2x00dev, 28, 0x00);
4225 rt2800_rfcsr_write(rt2x00dev, 29, 0x10);
4226 rt2800_rfcsr_write(rt2x00dev, 30, 0x10);
4227 rt2800_rfcsr_write(rt2x00dev, 31, 0x80);
4228 rt2800_rfcsr_write(rt2x00dev, 32, 0x20);
4229 rt2800_rfcsr_write(rt2x00dev, 33, 0xC0);
4230 rt2800_rfcsr_write(rt2x00dev, 34, 0x07);
4231 rt2800_rfcsr_write(rt2x00dev, 35, 0x12);
4232 rt2800_rfcsr_write(rt2x00dev, 36, 0x00);
4233 rt2800_rfcsr_write(rt2x00dev, 37, 0x08);
4234 rt2800_rfcsr_write(rt2x00dev, 38, 0x89);
4235 rt2800_rfcsr_write(rt2x00dev, 39, 0x1b);
4236 rt2800_rfcsr_write(rt2x00dev, 40, 0x0f);
4237 rt2800_rfcsr_write(rt2x00dev, 41, 0xbb);
4238 rt2800_rfcsr_write(rt2x00dev, 42, 0xd5);
4239 rt2800_rfcsr_write(rt2x00dev, 43, 0x9b);
4240 rt2800_rfcsr_write(rt2x00dev, 44, 0x0e);
4241 rt2800_rfcsr_write(rt2x00dev, 45, 0xa2);
4242 rt2800_rfcsr_write(rt2x00dev, 46, 0x73);
4243 rt2800_rfcsr_write(rt2x00dev, 47, 0x0c);
4244 rt2800_rfcsr_write(rt2x00dev, 48, 0x10);
4245 rt2800_rfcsr_write(rt2x00dev, 49, 0x94);
4246 rt2800_rfcsr_write(rt2x00dev, 50, 0x94);
4247 rt2800_rfcsr_write(rt2x00dev, 51, 0x3a);
4248 rt2800_rfcsr_write(rt2x00dev, 52, 0x48);
4249 rt2800_rfcsr_write(rt2x00dev, 53, 0x44);
4250 rt2800_rfcsr_write(rt2x00dev, 54, 0x38);
4251 rt2800_rfcsr_write(rt2x00dev, 55, 0x43);
4252 rt2800_rfcsr_write(rt2x00dev, 56, 0xa1);
4253 rt2800_rfcsr_write(rt2x00dev, 57, 0x00);
4254 rt2800_rfcsr_write(rt2x00dev, 58, 0x39);
4255 rt2800_rfcsr_write(rt2x00dev, 59, 0x07);
4256 rt2800_rfcsr_write(rt2x00dev, 60, 0x45);
4257 rt2800_rfcsr_write(rt2x00dev, 61, 0x91);
4258 rt2800_rfcsr_write(rt2x00dev, 62, 0x39);
4259 rt2800_rfcsr_write(rt2x00dev, 63, 0x07);
4260}
4261
3869static int rt2800_init_rfcsr(struct rt2x00_dev *rt2x00dev) 4262static int rt2800_init_rfcsr(struct rt2x00_dev *rt2x00dev)
3870{ 4263{
3871 struct rt2800_drv_data *drv_data = rt2x00dev->drv_data; 4264 struct rt2800_drv_data *drv_data = rt2x00dev->drv_data;
@@ -3889,6 +4282,7 @@ static int rt2800_init_rfcsr(struct rt2x00_dev *rt2x00dev)
3889 /* 4282 /*
3890 * Init RF calibration. 4283 * Init RF calibration.
3891 */ 4284 */
4285
3892 if (rt2x00_rt(rt2x00dev, RT3290) || 4286 if (rt2x00_rt(rt2x00dev, RT3290) ||
3893 rt2x00_rt(rt2x00dev, RT5390) || 4287 rt2x00_rt(rt2x00dev, RT5390) ||
3894 rt2x00_rt(rt2x00dev, RT5392)) { 4288 rt2x00_rt(rt2x00dev, RT5392)) {
@@ -3907,379 +4301,35 @@ static int rt2800_init_rfcsr(struct rt2x00_dev *rt2x00dev)
3907 rt2800_rfcsr_write(rt2x00dev, 30, rfcsr); 4301 rt2800_rfcsr_write(rt2x00dev, 30, rfcsr);
3908 } 4302 }
3909 4303
3910 if (rt2x00_rt(rt2x00dev, RT3070) || 4304 if (rt2800_is_305x_soc(rt2x00dev)) {
3911 rt2x00_rt(rt2x00dev, RT3071) || 4305 rt2800_init_rfcsr_305x_soc(rt2x00dev);
3912 rt2x00_rt(rt2x00dev, RT3090)) {
3913 rt2800_rfcsr_write(rt2x00dev, 4, 0x40);
3914 rt2800_rfcsr_write(rt2x00dev, 5, 0x03);
3915 rt2800_rfcsr_write(rt2x00dev, 6, 0x02);
3916 rt2800_rfcsr_write(rt2x00dev, 7, 0x60);
3917 rt2800_rfcsr_write(rt2x00dev, 9, 0x0f);
3918 rt2800_rfcsr_write(rt2x00dev, 10, 0x41);
3919 rt2800_rfcsr_write(rt2x00dev, 11, 0x21);
3920 rt2800_rfcsr_write(rt2x00dev, 12, 0x7b);
3921 rt2800_rfcsr_write(rt2x00dev, 14, 0x90);
3922 rt2800_rfcsr_write(rt2x00dev, 15, 0x58);
3923 rt2800_rfcsr_write(rt2x00dev, 16, 0xb3);
3924 rt2800_rfcsr_write(rt2x00dev, 17, 0x92);
3925 rt2800_rfcsr_write(rt2x00dev, 18, 0x2c);
3926 rt2800_rfcsr_write(rt2x00dev, 19, 0x02);
3927 rt2800_rfcsr_write(rt2x00dev, 20, 0xba);
3928 rt2800_rfcsr_write(rt2x00dev, 21, 0xdb);
3929 rt2800_rfcsr_write(rt2x00dev, 24, 0x16);
3930 rt2800_rfcsr_write(rt2x00dev, 25, 0x01);
3931 rt2800_rfcsr_write(rt2x00dev, 29, 0x1f);
3932 } else if (rt2x00_rt(rt2x00dev, RT3290)) {
3933 rt2800_rfcsr_write(rt2x00dev, 1, 0x0f);
3934 rt2800_rfcsr_write(rt2x00dev, 2, 0x80);
3935 rt2800_rfcsr_write(rt2x00dev, 3, 0x08);
3936 rt2800_rfcsr_write(rt2x00dev, 4, 0x00);
3937 rt2800_rfcsr_write(rt2x00dev, 6, 0xa0);
3938 rt2800_rfcsr_write(rt2x00dev, 8, 0xf3);
3939 rt2800_rfcsr_write(rt2x00dev, 9, 0x02);
3940 rt2800_rfcsr_write(rt2x00dev, 10, 0x53);
3941 rt2800_rfcsr_write(rt2x00dev, 11, 0x4a);
3942 rt2800_rfcsr_write(rt2x00dev, 12, 0x46);
3943 rt2800_rfcsr_write(rt2x00dev, 13, 0x9f);
3944 rt2800_rfcsr_write(rt2x00dev, 18, 0x02);
3945 rt2800_rfcsr_write(rt2x00dev, 22, 0x20);
3946 rt2800_rfcsr_write(rt2x00dev, 25, 0x83);
3947 rt2800_rfcsr_write(rt2x00dev, 26, 0x82);
3948 rt2800_rfcsr_write(rt2x00dev, 27, 0x09);
3949 rt2800_rfcsr_write(rt2x00dev, 29, 0x10);
3950 rt2800_rfcsr_write(rt2x00dev, 30, 0x10);
3951 rt2800_rfcsr_write(rt2x00dev, 31, 0x80);
3952 rt2800_rfcsr_write(rt2x00dev, 32, 0x80);
3953 rt2800_rfcsr_write(rt2x00dev, 33, 0x00);
3954 rt2800_rfcsr_write(rt2x00dev, 34, 0x05);
3955 rt2800_rfcsr_write(rt2x00dev, 35, 0x12);
3956 rt2800_rfcsr_write(rt2x00dev, 36, 0x00);
3957 rt2800_rfcsr_write(rt2x00dev, 38, 0x85);
3958 rt2800_rfcsr_write(rt2x00dev, 39, 0x1b);
3959 rt2800_rfcsr_write(rt2x00dev, 40, 0x0b);
3960 rt2800_rfcsr_write(rt2x00dev, 41, 0xbb);
3961 rt2800_rfcsr_write(rt2x00dev, 42, 0xd5);
3962 rt2800_rfcsr_write(rt2x00dev, 43, 0x7b);
3963 rt2800_rfcsr_write(rt2x00dev, 44, 0x0e);
3964 rt2800_rfcsr_write(rt2x00dev, 45, 0xa2);
3965 rt2800_rfcsr_write(rt2x00dev, 46, 0x73);
3966 rt2800_rfcsr_write(rt2x00dev, 47, 0x00);
3967 rt2800_rfcsr_write(rt2x00dev, 48, 0x10);
3968 rt2800_rfcsr_write(rt2x00dev, 49, 0x98);
3969 rt2800_rfcsr_write(rt2x00dev, 52, 0x38);
3970 rt2800_rfcsr_write(rt2x00dev, 53, 0x00);
3971 rt2800_rfcsr_write(rt2x00dev, 54, 0x78);
3972 rt2800_rfcsr_write(rt2x00dev, 55, 0x43);
3973 rt2800_rfcsr_write(rt2x00dev, 56, 0x02);
3974 rt2800_rfcsr_write(rt2x00dev, 57, 0x80);
3975 rt2800_rfcsr_write(rt2x00dev, 58, 0x7f);
3976 rt2800_rfcsr_write(rt2x00dev, 59, 0x09);
3977 rt2800_rfcsr_write(rt2x00dev, 60, 0x45);
3978 rt2800_rfcsr_write(rt2x00dev, 61, 0xc1);
3979 } else if (rt2x00_rt(rt2x00dev, RT3390)) {
3980 rt2800_rfcsr_write(rt2x00dev, 0, 0xa0);
3981 rt2800_rfcsr_write(rt2x00dev, 1, 0xe1);
3982 rt2800_rfcsr_write(rt2x00dev, 2, 0xf1);
3983 rt2800_rfcsr_write(rt2x00dev, 3, 0x62);
3984 rt2800_rfcsr_write(rt2x00dev, 4, 0x40);
3985 rt2800_rfcsr_write(rt2x00dev, 5, 0x8b);
3986 rt2800_rfcsr_write(rt2x00dev, 6, 0x42);
3987 rt2800_rfcsr_write(rt2x00dev, 7, 0x34);
3988 rt2800_rfcsr_write(rt2x00dev, 8, 0x00);
3989 rt2800_rfcsr_write(rt2x00dev, 9, 0xc0);
3990 rt2800_rfcsr_write(rt2x00dev, 10, 0x61);
3991 rt2800_rfcsr_write(rt2x00dev, 11, 0x21);
3992 rt2800_rfcsr_write(rt2x00dev, 12, 0x3b);
3993 rt2800_rfcsr_write(rt2x00dev, 13, 0xe0);
3994 rt2800_rfcsr_write(rt2x00dev, 14, 0x90);
3995 rt2800_rfcsr_write(rt2x00dev, 15, 0x53);
3996 rt2800_rfcsr_write(rt2x00dev, 16, 0xe0);
3997 rt2800_rfcsr_write(rt2x00dev, 17, 0x94);
3998 rt2800_rfcsr_write(rt2x00dev, 18, 0x5c);
3999 rt2800_rfcsr_write(rt2x00dev, 19, 0x4a);
4000 rt2800_rfcsr_write(rt2x00dev, 20, 0xb2);
4001 rt2800_rfcsr_write(rt2x00dev, 21, 0xf6);
4002 rt2800_rfcsr_write(rt2x00dev, 22, 0x00);
4003 rt2800_rfcsr_write(rt2x00dev, 23, 0x14);
4004 rt2800_rfcsr_write(rt2x00dev, 24, 0x08);
4005 rt2800_rfcsr_write(rt2x00dev, 25, 0x3d);
4006 rt2800_rfcsr_write(rt2x00dev, 26, 0x85);
4007 rt2800_rfcsr_write(rt2x00dev, 27, 0x00);
4008 rt2800_rfcsr_write(rt2x00dev, 28, 0x41);
4009 rt2800_rfcsr_write(rt2x00dev, 29, 0x8f);
4010 rt2800_rfcsr_write(rt2x00dev, 30, 0x20);
4011 rt2800_rfcsr_write(rt2x00dev, 31, 0x0f);
4012 } else if (rt2x00_rt(rt2x00dev, RT3572)) {
4013 rt2800_rfcsr_write(rt2x00dev, 0, 0x70);
4014 rt2800_rfcsr_write(rt2x00dev, 1, 0x81);
4015 rt2800_rfcsr_write(rt2x00dev, 2, 0xf1);
4016 rt2800_rfcsr_write(rt2x00dev, 3, 0x02);
4017 rt2800_rfcsr_write(rt2x00dev, 4, 0x4c);
4018 rt2800_rfcsr_write(rt2x00dev, 5, 0x05);
4019 rt2800_rfcsr_write(rt2x00dev, 6, 0x4a);
4020 rt2800_rfcsr_write(rt2x00dev, 7, 0xd8);
4021 rt2800_rfcsr_write(rt2x00dev, 9, 0xc3);
4022 rt2800_rfcsr_write(rt2x00dev, 10, 0xf1);
4023 rt2800_rfcsr_write(rt2x00dev, 11, 0xb9);
4024 rt2800_rfcsr_write(rt2x00dev, 12, 0x70);
4025 rt2800_rfcsr_write(rt2x00dev, 13, 0x65);
4026 rt2800_rfcsr_write(rt2x00dev, 14, 0xa0);
4027 rt2800_rfcsr_write(rt2x00dev, 15, 0x53);
4028 rt2800_rfcsr_write(rt2x00dev, 16, 0x4c);
4029 rt2800_rfcsr_write(rt2x00dev, 17, 0x23);
4030 rt2800_rfcsr_write(rt2x00dev, 18, 0xac);
4031 rt2800_rfcsr_write(rt2x00dev, 19, 0x93);
4032 rt2800_rfcsr_write(rt2x00dev, 20, 0xb3);
4033 rt2800_rfcsr_write(rt2x00dev, 21, 0xd0);
4034 rt2800_rfcsr_write(rt2x00dev, 22, 0x00);
4035 rt2800_rfcsr_write(rt2x00dev, 23, 0x3c);
4036 rt2800_rfcsr_write(rt2x00dev, 24, 0x16);
4037 rt2800_rfcsr_write(rt2x00dev, 25, 0x15);
4038 rt2800_rfcsr_write(rt2x00dev, 26, 0x85);
4039 rt2800_rfcsr_write(rt2x00dev, 27, 0x00);
4040 rt2800_rfcsr_write(rt2x00dev, 28, 0x00);
4041 rt2800_rfcsr_write(rt2x00dev, 29, 0x9b);
4042 rt2800_rfcsr_write(rt2x00dev, 30, 0x09);
4043 rt2800_rfcsr_write(rt2x00dev, 31, 0x10);
4044 } else if (rt2800_is_305x_soc(rt2x00dev)) {
4045 rt2800_rfcsr_write(rt2x00dev, 0, 0x50);
4046 rt2800_rfcsr_write(rt2x00dev, 1, 0x01);
4047 rt2800_rfcsr_write(rt2x00dev, 2, 0xf7);
4048 rt2800_rfcsr_write(rt2x00dev, 3, 0x75);
4049 rt2800_rfcsr_write(rt2x00dev, 4, 0x40);
4050 rt2800_rfcsr_write(rt2x00dev, 5, 0x03);
4051 rt2800_rfcsr_write(rt2x00dev, 6, 0x02);
4052 rt2800_rfcsr_write(rt2x00dev, 7, 0x50);
4053 rt2800_rfcsr_write(rt2x00dev, 8, 0x39);
4054 rt2800_rfcsr_write(rt2x00dev, 9, 0x0f);
4055 rt2800_rfcsr_write(rt2x00dev, 10, 0x60);
4056 rt2800_rfcsr_write(rt2x00dev, 11, 0x21);
4057 rt2800_rfcsr_write(rt2x00dev, 12, 0x75);
4058 rt2800_rfcsr_write(rt2x00dev, 13, 0x75);
4059 rt2800_rfcsr_write(rt2x00dev, 14, 0x90);
4060 rt2800_rfcsr_write(rt2x00dev, 15, 0x58);
4061 rt2800_rfcsr_write(rt2x00dev, 16, 0xb3);
4062 rt2800_rfcsr_write(rt2x00dev, 17, 0x92);
4063 rt2800_rfcsr_write(rt2x00dev, 18, 0x2c);
4064 rt2800_rfcsr_write(rt2x00dev, 19, 0x02);
4065 rt2800_rfcsr_write(rt2x00dev, 20, 0xba);
4066 rt2800_rfcsr_write(rt2x00dev, 21, 0xdb);
4067 rt2800_rfcsr_write(rt2x00dev, 22, 0x00);
4068 rt2800_rfcsr_write(rt2x00dev, 23, 0x31);
4069 rt2800_rfcsr_write(rt2x00dev, 24, 0x08);
4070 rt2800_rfcsr_write(rt2x00dev, 25, 0x01);
4071 rt2800_rfcsr_write(rt2x00dev, 26, 0x25);
4072 rt2800_rfcsr_write(rt2x00dev, 27, 0x23);
4073 rt2800_rfcsr_write(rt2x00dev, 28, 0x13);
4074 rt2800_rfcsr_write(rt2x00dev, 29, 0x83);
4075 rt2800_rfcsr_write(rt2x00dev, 30, 0x00);
4076 rt2800_rfcsr_write(rt2x00dev, 31, 0x00);
4077 return 0; 4306 return 0;
4078 } else if (rt2x00_rt(rt2x00dev, RT3352)) { 4307 }
4079 rt2800_rfcsr_write(rt2x00dev, 0, 0xf0); 4308
4080 rt2800_rfcsr_write(rt2x00dev, 1, 0x23); 4309 switch (rt2x00dev->chip.rt) {
4081 rt2800_rfcsr_write(rt2x00dev, 2, 0x50); 4310 case RT3070:
4082 rt2800_rfcsr_write(rt2x00dev, 3, 0x18); 4311 case RT3071:
4083 rt2800_rfcsr_write(rt2x00dev, 4, 0x00); 4312 case RT3090:
4084 rt2800_rfcsr_write(rt2x00dev, 5, 0x00); 4313 rt2800_init_rfcsr_30xx(rt2x00dev);
4085 rt2800_rfcsr_write(rt2x00dev, 6, 0x33); 4314 break;
4086 rt2800_rfcsr_write(rt2x00dev, 7, 0x00); 4315 case RT3290:
4087 rt2800_rfcsr_write(rt2x00dev, 8, 0xf1); 4316 rt2800_init_rfcsr_3290(rt2x00dev);
4088 rt2800_rfcsr_write(rt2x00dev, 9, 0x02); 4317 break;
4089 rt2800_rfcsr_write(rt2x00dev, 10, 0xd2); 4318 case RT3352:
4090 rt2800_rfcsr_write(rt2x00dev, 11, 0x42); 4319 rt2800_init_rfcsr_3352(rt2x00dev);
4091 rt2800_rfcsr_write(rt2x00dev, 12, 0x1c); 4320 break;
4092 rt2800_rfcsr_write(rt2x00dev, 13, 0x00); 4321 case RT3390:
4093 rt2800_rfcsr_write(rt2x00dev, 14, 0x5a); 4322 rt2800_init_rfcsr_3390(rt2x00dev);
4094 rt2800_rfcsr_write(rt2x00dev, 15, 0x00); 4323 break;
4095 rt2800_rfcsr_write(rt2x00dev, 16, 0x01); 4324 case RT3572:
4096 rt2800_rfcsr_write(rt2x00dev, 18, 0x45); 4325 rt2800_init_rfcsr_3572(rt2x00dev);
4097 rt2800_rfcsr_write(rt2x00dev, 19, 0x02); 4326 break;
4098 rt2800_rfcsr_write(rt2x00dev, 20, 0x00); 4327 case RT5390:
4099 rt2800_rfcsr_write(rt2x00dev, 21, 0x00); 4328 rt2800_init_rfcsr_5390(rt2x00dev);
4100 rt2800_rfcsr_write(rt2x00dev, 22, 0x00); 4329 break;
4101 rt2800_rfcsr_write(rt2x00dev, 23, 0x00); 4330 case RT5392:
4102 rt2800_rfcsr_write(rt2x00dev, 24, 0x00); 4331 rt2800_init_rfcsr_5392(rt2x00dev);
4103 rt2800_rfcsr_write(rt2x00dev, 25, 0x80); 4332 break;
4104 rt2800_rfcsr_write(rt2x00dev, 26, 0x00);
4105 rt2800_rfcsr_write(rt2x00dev, 27, 0x03);
4106 rt2800_rfcsr_write(rt2x00dev, 28, 0x03);
4107 rt2800_rfcsr_write(rt2x00dev, 29, 0x00);
4108 rt2800_rfcsr_write(rt2x00dev, 30, 0x10);
4109 rt2800_rfcsr_write(rt2x00dev, 31, 0x80);
4110 rt2800_rfcsr_write(rt2x00dev, 32, 0x80);
4111 rt2800_rfcsr_write(rt2x00dev, 33, 0x00);
4112 rt2800_rfcsr_write(rt2x00dev, 34, 0x01);
4113 rt2800_rfcsr_write(rt2x00dev, 35, 0x03);
4114 rt2800_rfcsr_write(rt2x00dev, 36, 0xbd);
4115 rt2800_rfcsr_write(rt2x00dev, 37, 0x3c);
4116 rt2800_rfcsr_write(rt2x00dev, 38, 0x5f);
4117 rt2800_rfcsr_write(rt2x00dev, 39, 0xc5);
4118 rt2800_rfcsr_write(rt2x00dev, 40, 0x33);
4119 rt2800_rfcsr_write(rt2x00dev, 41, 0x5b);
4120 rt2800_rfcsr_write(rt2x00dev, 42, 0x5b);
4121 rt2800_rfcsr_write(rt2x00dev, 43, 0xdb);
4122 rt2800_rfcsr_write(rt2x00dev, 44, 0xdb);
4123 rt2800_rfcsr_write(rt2x00dev, 45, 0xdb);
4124 rt2800_rfcsr_write(rt2x00dev, 46, 0xdd);
4125 rt2800_rfcsr_write(rt2x00dev, 47, 0x0d);
4126 rt2800_rfcsr_write(rt2x00dev, 48, 0x14);
4127 rt2800_rfcsr_write(rt2x00dev, 49, 0x00);
4128 rt2800_rfcsr_write(rt2x00dev, 50, 0x2d);
4129 rt2800_rfcsr_write(rt2x00dev, 51, 0x7f);
4130 rt2800_rfcsr_write(rt2x00dev, 52, 0x00);
4131 rt2800_rfcsr_write(rt2x00dev, 53, 0x52);
4132 rt2800_rfcsr_write(rt2x00dev, 54, 0x1b);
4133 rt2800_rfcsr_write(rt2x00dev, 55, 0x7f);
4134 rt2800_rfcsr_write(rt2x00dev, 56, 0x00);
4135 rt2800_rfcsr_write(rt2x00dev, 57, 0x52);
4136 rt2800_rfcsr_write(rt2x00dev, 58, 0x1b);
4137 rt2800_rfcsr_write(rt2x00dev, 59, 0x00);
4138 rt2800_rfcsr_write(rt2x00dev, 60, 0x00);
4139 rt2800_rfcsr_write(rt2x00dev, 61, 0x00);
4140 rt2800_rfcsr_write(rt2x00dev, 62, 0x00);
4141 rt2800_rfcsr_write(rt2x00dev, 63, 0x00);
4142 } else if (rt2x00_rt(rt2x00dev, RT5390)) {
4143 rt2800_rfcsr_write(rt2x00dev, 1, 0x0f);
4144 rt2800_rfcsr_write(rt2x00dev, 2, 0x80);
4145 rt2800_rfcsr_write(rt2x00dev, 3, 0x88);
4146 rt2800_rfcsr_write(rt2x00dev, 5, 0x10);
4147 if (rt2x00_rt_rev_gte(rt2x00dev, RT5390, REV_RT5390F))
4148 rt2800_rfcsr_write(rt2x00dev, 6, 0xe0);
4149 else
4150 rt2800_rfcsr_write(rt2x00dev, 6, 0xa0);
4151 rt2800_rfcsr_write(rt2x00dev, 7, 0x00);
4152 rt2800_rfcsr_write(rt2x00dev, 10, 0x53);
4153 rt2800_rfcsr_write(rt2x00dev, 11, 0x4a);
4154 rt2800_rfcsr_write(rt2x00dev, 12, 0xc6);
4155 rt2800_rfcsr_write(rt2x00dev, 13, 0x9f);
4156 rt2800_rfcsr_write(rt2x00dev, 14, 0x00);
4157 rt2800_rfcsr_write(rt2x00dev, 15, 0x00);
4158 rt2800_rfcsr_write(rt2x00dev, 16, 0x00);
4159 rt2800_rfcsr_write(rt2x00dev, 18, 0x03);
4160 rt2800_rfcsr_write(rt2x00dev, 19, 0x00);
4161
4162 rt2800_rfcsr_write(rt2x00dev, 20, 0x00);
4163 rt2800_rfcsr_write(rt2x00dev, 21, 0x00);
4164 rt2800_rfcsr_write(rt2x00dev, 22, 0x20);
4165 rt2800_rfcsr_write(rt2x00dev, 23, 0x00);
4166 rt2800_rfcsr_write(rt2x00dev, 24, 0x00);
4167 if (rt2x00_rt_rev_gte(rt2x00dev, RT5390, REV_RT5390F))
4168 rt2800_rfcsr_write(rt2x00dev, 25, 0x80);
4169 else
4170 rt2800_rfcsr_write(rt2x00dev, 25, 0xc0);
4171 rt2800_rfcsr_write(rt2x00dev, 26, 0x00);
4172 rt2800_rfcsr_write(rt2x00dev, 27, 0x09);
4173 rt2800_rfcsr_write(rt2x00dev, 28, 0x00);
4174 rt2800_rfcsr_write(rt2x00dev, 29, 0x10);
4175
4176 rt2800_rfcsr_write(rt2x00dev, 30, 0x00);
4177 rt2800_rfcsr_write(rt2x00dev, 31, 0x80);
4178 rt2800_rfcsr_write(rt2x00dev, 32, 0x80);
4179 rt2800_rfcsr_write(rt2x00dev, 33, 0x00);
4180 rt2800_rfcsr_write(rt2x00dev, 34, 0x07);
4181 rt2800_rfcsr_write(rt2x00dev, 35, 0x12);
4182 rt2800_rfcsr_write(rt2x00dev, 36, 0x00);
4183 rt2800_rfcsr_write(rt2x00dev, 37, 0x08);
4184 rt2800_rfcsr_write(rt2x00dev, 38, 0x85);
4185 rt2800_rfcsr_write(rt2x00dev, 39, 0x1b);
4186
4187 if (rt2x00_rt_rev_gte(rt2x00dev, RT5390, REV_RT5390F))
4188 rt2800_rfcsr_write(rt2x00dev, 40, 0x0b);
4189 else
4190 rt2800_rfcsr_write(rt2x00dev, 40, 0x4b);
4191 rt2800_rfcsr_write(rt2x00dev, 41, 0xbb);
4192 rt2800_rfcsr_write(rt2x00dev, 42, 0xd2);
4193 rt2800_rfcsr_write(rt2x00dev, 43, 0x9a);
4194 rt2800_rfcsr_write(rt2x00dev, 44, 0x0e);
4195 rt2800_rfcsr_write(rt2x00dev, 45, 0xa2);
4196 if (rt2x00_rt_rev_gte(rt2x00dev, RT5390, REV_RT5390F))
4197 rt2800_rfcsr_write(rt2x00dev, 46, 0x73);
4198 else
4199 rt2800_rfcsr_write(rt2x00dev, 46, 0x7b);
4200 rt2800_rfcsr_write(rt2x00dev, 47, 0x00);
4201 rt2800_rfcsr_write(rt2x00dev, 48, 0x10);
4202 rt2800_rfcsr_write(rt2x00dev, 49, 0x94);
4203
4204 rt2800_rfcsr_write(rt2x00dev, 52, 0x38);
4205 if (rt2x00_rt_rev_gte(rt2x00dev, RT5390, REV_RT5390F))
4206 rt2800_rfcsr_write(rt2x00dev, 53, 0x00);
4207 else
4208 rt2800_rfcsr_write(rt2x00dev, 53, 0x84);
4209 rt2800_rfcsr_write(rt2x00dev, 54, 0x78);
4210 rt2800_rfcsr_write(rt2x00dev, 55, 0x44);
4211 rt2800_rfcsr_write(rt2x00dev, 56, 0x22);
4212 rt2800_rfcsr_write(rt2x00dev, 57, 0x80);
4213 rt2800_rfcsr_write(rt2x00dev, 58, 0x7f);
4214 rt2800_rfcsr_write(rt2x00dev, 59, 0x63);
4215
4216 rt2800_rfcsr_write(rt2x00dev, 60, 0x45);
4217 if (rt2x00_rt_rev_gte(rt2x00dev, RT5390, REV_RT5390F))
4218 rt2800_rfcsr_write(rt2x00dev, 61, 0xd1);
4219 else
4220 rt2800_rfcsr_write(rt2x00dev, 61, 0xdd);
4221 rt2800_rfcsr_write(rt2x00dev, 62, 0x00);
4222 rt2800_rfcsr_write(rt2x00dev, 63, 0x00);
4223 } else if (rt2x00_rt(rt2x00dev, RT5392)) {
4224 rt2800_rfcsr_write(rt2x00dev, 1, 0x17);
4225 rt2800_rfcsr_write(rt2x00dev, 2, 0x80);
4226 rt2800_rfcsr_write(rt2x00dev, 3, 0x88);
4227 rt2800_rfcsr_write(rt2x00dev, 5, 0x10);
4228 rt2800_rfcsr_write(rt2x00dev, 6, 0xe0);
4229 rt2800_rfcsr_write(rt2x00dev, 7, 0x00);
4230 rt2800_rfcsr_write(rt2x00dev, 10, 0x53);
4231 rt2800_rfcsr_write(rt2x00dev, 11, 0x4a);
4232 rt2800_rfcsr_write(rt2x00dev, 12, 0x46);
4233 rt2800_rfcsr_write(rt2x00dev, 13, 0x9f);
4234 rt2800_rfcsr_write(rt2x00dev, 14, 0x00);
4235 rt2800_rfcsr_write(rt2x00dev, 15, 0x00);
4236 rt2800_rfcsr_write(rt2x00dev, 16, 0x00);
4237 rt2800_rfcsr_write(rt2x00dev, 18, 0x03);
4238 rt2800_rfcsr_write(rt2x00dev, 19, 0x4d);
4239 rt2800_rfcsr_write(rt2x00dev, 20, 0x00);
4240 rt2800_rfcsr_write(rt2x00dev, 21, 0x8d);
4241 rt2800_rfcsr_write(rt2x00dev, 22, 0x20);
4242 rt2800_rfcsr_write(rt2x00dev, 23, 0x0b);
4243 rt2800_rfcsr_write(rt2x00dev, 24, 0x44);
4244 rt2800_rfcsr_write(rt2x00dev, 25, 0x80);
4245 rt2800_rfcsr_write(rt2x00dev, 26, 0x82);
4246 rt2800_rfcsr_write(rt2x00dev, 27, 0x09);
4247 rt2800_rfcsr_write(rt2x00dev, 28, 0x00);
4248 rt2800_rfcsr_write(rt2x00dev, 29, 0x10);
4249 rt2800_rfcsr_write(rt2x00dev, 30, 0x10);
4250 rt2800_rfcsr_write(rt2x00dev, 31, 0x80);
4251 rt2800_rfcsr_write(rt2x00dev, 32, 0x20);
4252 rt2800_rfcsr_write(rt2x00dev, 33, 0xC0);
4253 rt2800_rfcsr_write(rt2x00dev, 34, 0x07);
4254 rt2800_rfcsr_write(rt2x00dev, 35, 0x12);
4255 rt2800_rfcsr_write(rt2x00dev, 36, 0x00);
4256 rt2800_rfcsr_write(rt2x00dev, 37, 0x08);
4257 rt2800_rfcsr_write(rt2x00dev, 38, 0x89);
4258 rt2800_rfcsr_write(rt2x00dev, 39, 0x1b);
4259 rt2800_rfcsr_write(rt2x00dev, 40, 0x0f);
4260 rt2800_rfcsr_write(rt2x00dev, 41, 0xbb);
4261 rt2800_rfcsr_write(rt2x00dev, 42, 0xd5);
4262 rt2800_rfcsr_write(rt2x00dev, 43, 0x9b);
4263 rt2800_rfcsr_write(rt2x00dev, 44, 0x0e);
4264 rt2800_rfcsr_write(rt2x00dev, 45, 0xa2);
4265 rt2800_rfcsr_write(rt2x00dev, 46, 0x73);
4266 rt2800_rfcsr_write(rt2x00dev, 47, 0x0c);
4267 rt2800_rfcsr_write(rt2x00dev, 48, 0x10);
4268 rt2800_rfcsr_write(rt2x00dev, 49, 0x94);
4269 rt2800_rfcsr_write(rt2x00dev, 50, 0x94);
4270 rt2800_rfcsr_write(rt2x00dev, 51, 0x3a);
4271 rt2800_rfcsr_write(rt2x00dev, 52, 0x48);
4272 rt2800_rfcsr_write(rt2x00dev, 53, 0x44);
4273 rt2800_rfcsr_write(rt2x00dev, 54, 0x38);
4274 rt2800_rfcsr_write(rt2x00dev, 55, 0x43);
4275 rt2800_rfcsr_write(rt2x00dev, 56, 0xa1);
4276 rt2800_rfcsr_write(rt2x00dev, 57, 0x00);
4277 rt2800_rfcsr_write(rt2x00dev, 58, 0x39);
4278 rt2800_rfcsr_write(rt2x00dev, 59, 0x07);
4279 rt2800_rfcsr_write(rt2x00dev, 60, 0x45);
4280 rt2800_rfcsr_write(rt2x00dev, 61, 0x91);
4281 rt2800_rfcsr_write(rt2x00dev, 62, 0x39);
4282 rt2800_rfcsr_write(rt2x00dev, 63, 0x07);
4283 } 4333 }
4284 4334
4285 if (rt2x00_rt_rev_lt(rt2x00dev, RT3070, REV_RT3070F)) { 4335 if (rt2x00_rt_rev_lt(rt2x00dev, RT3070, REV_RT3070F)) {
@@ -4620,12 +4670,14 @@ static void rt2800_efuse_read(struct rt2x00_dev *rt2x00dev, unsigned int i)
4620 mutex_unlock(&rt2x00dev->csr_mutex); 4670 mutex_unlock(&rt2x00dev->csr_mutex);
4621} 4671}
4622 4672
4623void rt2800_read_eeprom_efuse(struct rt2x00_dev *rt2x00dev) 4673int rt2800_read_eeprom_efuse(struct rt2x00_dev *rt2x00dev)
4624{ 4674{
4625 unsigned int i; 4675 unsigned int i;
4626 4676
4627 for (i = 0; i < EEPROM_SIZE / sizeof(u16); i += 8) 4677 for (i = 0; i < EEPROM_SIZE / sizeof(u16); i += 8)
4628 rt2800_efuse_read(rt2x00dev, i); 4678 rt2800_efuse_read(rt2x00dev, i);
4679
4680 return 0;
4629} 4681}
4630EXPORT_SYMBOL_GPL(rt2800_read_eeprom_efuse); 4682EXPORT_SYMBOL_GPL(rt2800_read_eeprom_efuse);
4631 4683
@@ -4635,11 +4687,14 @@ static int rt2800_validate_eeprom(struct rt2x00_dev *rt2x00dev)
4635 u16 word; 4687 u16 word;
4636 u8 *mac; 4688 u8 *mac;
4637 u8 default_lna_gain; 4689 u8 default_lna_gain;
4690 int retval;
4638 4691
4639 /* 4692 /*
4640 * Read the EEPROM. 4693 * Read the EEPROM.
4641 */ 4694 */
4642 rt2800_read_eeprom(rt2x00dev); 4695 retval = rt2800_read_eeprom(rt2x00dev);
4696 if (retval)
4697 return retval;
4643 4698
4644 /* 4699 /*
4645 * Start validation of the data that has been read. 4700 * Start validation of the data that has been read.
@@ -5090,8 +5145,7 @@ static int rt2800_probe_hw_mode(struct rt2x00_dev *rt2x00dev)
5090 IEEE80211_HW_SUPPORTS_PS | 5145 IEEE80211_HW_SUPPORTS_PS |
5091 IEEE80211_HW_PS_NULLFUNC_STACK | 5146 IEEE80211_HW_PS_NULLFUNC_STACK |
5092 IEEE80211_HW_AMPDU_AGGREGATION | 5147 IEEE80211_HW_AMPDU_AGGREGATION |
5093 IEEE80211_HW_REPORTS_TX_ACK_STATUS | 5148 IEEE80211_HW_REPORTS_TX_ACK_STATUS;
5094 IEEE80211_HW_TEARDOWN_AGGR_ON_BAR_FAIL;
5095 5149
5096 /* 5150 /*
5097 * Don't set IEEE80211_HW_HOST_BROADCAST_PS_BUFFERING for USB devices 5151 * Don't set IEEE80211_HW_HOST_BROADCAST_PS_BUFFERING for USB devices
@@ -5484,7 +5538,9 @@ int rt2800_ampdu_action(struct ieee80211_hw *hw, struct ieee80211_vif *vif,
5484 case IEEE80211_AMPDU_TX_START: 5538 case IEEE80211_AMPDU_TX_START:
5485 ieee80211_start_tx_ba_cb_irqsafe(vif, sta->addr, tid); 5539 ieee80211_start_tx_ba_cb_irqsafe(vif, sta->addr, tid);
5486 break; 5540 break;
5487 case IEEE80211_AMPDU_TX_STOP: 5541 case IEEE80211_AMPDU_TX_STOP_CONT:
5542 case IEEE80211_AMPDU_TX_STOP_FLUSH:
5543 case IEEE80211_AMPDU_TX_STOP_FLUSH_CONT:
5488 ieee80211_stop_tx_ba_cb_irqsafe(vif, sta->addr, tid); 5544 ieee80211_stop_tx_ba_cb_irqsafe(vif, sta->addr, tid);
5489 break; 5545 break;
5490 case IEEE80211_AMPDU_TX_OPERATIONAL: 5546 case IEEE80211_AMPDU_TX_OPERATIONAL:
diff --git a/drivers/net/wireless/rt2x00/rt2800lib.h b/drivers/net/wireless/rt2x00/rt2800lib.h
index a128ceadcb3e..6ec739466db4 100644
--- a/drivers/net/wireless/rt2x00/rt2800lib.h
+++ b/drivers/net/wireless/rt2x00/rt2800lib.h
@@ -43,7 +43,7 @@ struct rt2800_ops {
43 const unsigned int offset, 43 const unsigned int offset,
44 const struct rt2x00_field32 field, u32 *reg); 44 const struct rt2x00_field32 field, u32 *reg);
45 45
46 void (*read_eeprom)(struct rt2x00_dev *rt2x00dev); 46 int (*read_eeprom)(struct rt2x00_dev *rt2x00dev);
47 bool (*hwcrypt_disabled)(struct rt2x00_dev *rt2x00dev); 47 bool (*hwcrypt_disabled)(struct rt2x00_dev *rt2x00dev);
48 48
49 int (*drv_write_firmware)(struct rt2x00_dev *rt2x00dev, 49 int (*drv_write_firmware)(struct rt2x00_dev *rt2x00dev,
@@ -117,11 +117,11 @@ static inline int rt2800_regbusy_read(struct rt2x00_dev *rt2x00dev,
117 return rt2800ops->regbusy_read(rt2x00dev, offset, field, reg); 117 return rt2800ops->regbusy_read(rt2x00dev, offset, field, reg);
118} 118}
119 119
120static inline void rt2800_read_eeprom(struct rt2x00_dev *rt2x00dev) 120static inline int rt2800_read_eeprom(struct rt2x00_dev *rt2x00dev)
121{ 121{
122 const struct rt2800_ops *rt2800ops = rt2x00dev->ops->drv; 122 const struct rt2800_ops *rt2800ops = rt2x00dev->ops->drv;
123 123
124 rt2800ops->read_eeprom(rt2x00dev); 124 return rt2800ops->read_eeprom(rt2x00dev);
125} 125}
126 126
127static inline bool rt2800_hwcrypt_disabled(struct rt2x00_dev *rt2x00dev) 127static inline bool rt2800_hwcrypt_disabled(struct rt2x00_dev *rt2x00dev)
@@ -207,7 +207,7 @@ int rt2800_enable_radio(struct rt2x00_dev *rt2x00dev);
207void rt2800_disable_radio(struct rt2x00_dev *rt2x00dev); 207void rt2800_disable_radio(struct rt2x00_dev *rt2x00dev);
208 208
209int rt2800_efuse_detect(struct rt2x00_dev *rt2x00dev); 209int rt2800_efuse_detect(struct rt2x00_dev *rt2x00dev);
210void rt2800_read_eeprom_efuse(struct rt2x00_dev *rt2x00dev); 210int rt2800_read_eeprom_efuse(struct rt2x00_dev *rt2x00dev);
211 211
212int rt2800_probe_hw(struct rt2x00_dev *rt2x00dev); 212int rt2800_probe_hw(struct rt2x00_dev *rt2x00dev);
213 213
diff --git a/drivers/net/wireless/rt2x00/rt2800pci.c b/drivers/net/wireless/rt2x00/rt2800pci.c
index 9224d874bf24..0e8d1705e368 100644
--- a/drivers/net/wireless/rt2x00/rt2800pci.c
+++ b/drivers/net/wireless/rt2x00/rt2800pci.c
@@ -90,17 +90,22 @@ static void rt2800pci_mcu_status(struct rt2x00_dev *rt2x00dev, const u8 token)
90} 90}
91 91
92#if defined(CONFIG_RALINK_RT288X) || defined(CONFIG_RALINK_RT305X) 92#if defined(CONFIG_RALINK_RT288X) || defined(CONFIG_RALINK_RT305X)
93static void rt2800pci_read_eeprom_soc(struct rt2x00_dev *rt2x00dev) 93static int rt2800pci_read_eeprom_soc(struct rt2x00_dev *rt2x00dev)
94{ 94{
95 void __iomem *base_addr = ioremap(0x1F040000, EEPROM_SIZE); 95 void __iomem *base_addr = ioremap(0x1F040000, EEPROM_SIZE);
96 96
97 if (!base_addr)
98 return -ENOMEM;
99
97 memcpy_fromio(rt2x00dev->eeprom, base_addr, EEPROM_SIZE); 100 memcpy_fromio(rt2x00dev->eeprom, base_addr, EEPROM_SIZE);
98 101
99 iounmap(base_addr); 102 iounmap(base_addr);
103 return 0;
100} 104}
101#else 105#else
102static inline void rt2800pci_read_eeprom_soc(struct rt2x00_dev *rt2x00dev) 106static inline int rt2800pci_read_eeprom_soc(struct rt2x00_dev *rt2x00dev)
103{ 107{
108 return -ENOMEM;
104} 109}
105#endif /* CONFIG_RALINK_RT288X || CONFIG_RALINK_RT305X */ 110#endif /* CONFIG_RALINK_RT288X || CONFIG_RALINK_RT305X */
106 111
@@ -135,7 +140,7 @@ static void rt2800pci_eepromregister_write(struct eeprom_93cx6 *eeprom)
135 rt2x00pci_register_write(rt2x00dev, E2PROM_CSR, reg); 140 rt2x00pci_register_write(rt2x00dev, E2PROM_CSR, reg);
136} 141}
137 142
138static void rt2800pci_read_eeprom_pci(struct rt2x00_dev *rt2x00dev) 143static int rt2800pci_read_eeprom_pci(struct rt2x00_dev *rt2x00dev)
139{ 144{
140 struct eeprom_93cx6 eeprom; 145 struct eeprom_93cx6 eeprom;
141 u32 reg; 146 u32 reg;
@@ -164,6 +169,8 @@ static void rt2800pci_read_eeprom_pci(struct rt2x00_dev *rt2x00dev)
164 169
165 eeprom_93cx6_multiread(&eeprom, EEPROM_BASE, rt2x00dev->eeprom, 170 eeprom_93cx6_multiread(&eeprom, EEPROM_BASE, rt2x00dev->eeprom,
166 EEPROM_SIZE / sizeof(u16)); 171 EEPROM_SIZE / sizeof(u16));
172
173 return 0;
167} 174}
168 175
169static int rt2800pci_efuse_detect(struct rt2x00_dev *rt2x00dev) 176static int rt2800pci_efuse_detect(struct rt2x00_dev *rt2x00dev)
@@ -171,13 +178,14 @@ static int rt2800pci_efuse_detect(struct rt2x00_dev *rt2x00dev)
171 return rt2800_efuse_detect(rt2x00dev); 178 return rt2800_efuse_detect(rt2x00dev);
172} 179}
173 180
174static inline void rt2800pci_read_eeprom_efuse(struct rt2x00_dev *rt2x00dev) 181static inline int rt2800pci_read_eeprom_efuse(struct rt2x00_dev *rt2x00dev)
175{ 182{
176 rt2800_read_eeprom_efuse(rt2x00dev); 183 return rt2800_read_eeprom_efuse(rt2x00dev);
177} 184}
178#else 185#else
179static inline void rt2800pci_read_eeprom_pci(struct rt2x00_dev *rt2x00dev) 186static inline int rt2800pci_read_eeprom_pci(struct rt2x00_dev *rt2x00dev)
180{ 187{
188 return -EOPNOTSUPP;
181} 189}
182 190
183static inline int rt2800pci_efuse_detect(struct rt2x00_dev *rt2x00dev) 191static inline int rt2800pci_efuse_detect(struct rt2x00_dev *rt2x00dev)
@@ -185,8 +193,9 @@ static inline int rt2800pci_efuse_detect(struct rt2x00_dev *rt2x00dev)
185 return 0; 193 return 0;
186} 194}
187 195
188static inline void rt2800pci_read_eeprom_efuse(struct rt2x00_dev *rt2x00dev) 196static inline int rt2800pci_read_eeprom_efuse(struct rt2x00_dev *rt2x00dev)
189{ 197{
198 return -EOPNOTSUPP;
190} 199}
191#endif /* CONFIG_PCI */ 200#endif /* CONFIG_PCI */
192 201
@@ -970,14 +979,18 @@ static irqreturn_t rt2800pci_interrupt(int irq, void *dev_instance)
970/* 979/*
971 * Device probe functions. 980 * Device probe functions.
972 */ 981 */
973static void rt2800pci_read_eeprom(struct rt2x00_dev *rt2x00dev) 982static int rt2800pci_read_eeprom(struct rt2x00_dev *rt2x00dev)
974{ 983{
984 int retval;
985
975 if (rt2x00_is_soc(rt2x00dev)) 986 if (rt2x00_is_soc(rt2x00dev))
976 rt2800pci_read_eeprom_soc(rt2x00dev); 987 retval = rt2800pci_read_eeprom_soc(rt2x00dev);
977 else if (rt2800pci_efuse_detect(rt2x00dev)) 988 else if (rt2800pci_efuse_detect(rt2x00dev))
978 rt2800pci_read_eeprom_efuse(rt2x00dev); 989 retval = rt2800pci_read_eeprom_efuse(rt2x00dev);
979 else 990 else
980 rt2800pci_read_eeprom_pci(rt2x00dev); 991 retval = rt2800pci_read_eeprom_pci(rt2x00dev);
992
993 return retval;
981} 994}
982 995
983static const struct ieee80211_ops rt2800pci_mac80211_ops = { 996static const struct ieee80211_ops rt2800pci_mac80211_ops = {
diff --git a/drivers/net/wireless/rt2x00/rt2800usb.c b/drivers/net/wireless/rt2x00/rt2800usb.c
index 5c149b58ab46..d6863289471b 100644
--- a/drivers/net/wireless/rt2x00/rt2800usb.c
+++ b/drivers/net/wireless/rt2x00/rt2800usb.c
@@ -540,9 +540,9 @@ rt2800usb_txdone_entry_check(struct queue_entry *entry, u32 reg)
540 tx_pid = rt2x00_get_field32(word, TXWI_W1_PACKETID); 540 tx_pid = rt2x00_get_field32(word, TXWI_W1_PACKETID);
541 541
542 if (wcid != tx_wcid || ack != tx_ack || (!is_agg && pid != tx_pid)) { 542 if (wcid != tx_wcid || ack != tx_ack || (!is_agg && pid != tx_pid)) {
543 WARNING(entry->queue->rt2x00dev, 543 DEBUG(entry->queue->rt2x00dev,
544 "TX status report missed for queue %d entry %d\n", 544 "TX status report missed for queue %d entry %d\n",
545 entry->queue->qid, entry->entry_idx); 545 entry->queue->qid, entry->entry_idx);
546 return TXDONE_UNKNOWN; 546 return TXDONE_UNKNOWN;
547 } 547 }
548 548
@@ -735,13 +735,17 @@ static void rt2800usb_fill_rxdone(struct queue_entry *entry,
735/* 735/*
736 * Device probe functions. 736 * Device probe functions.
737 */ 737 */
738static void rt2800usb_read_eeprom(struct rt2x00_dev *rt2x00dev) 738static int rt2800usb_read_eeprom(struct rt2x00_dev *rt2x00dev)
739{ 739{
740 int retval;
741
740 if (rt2800_efuse_detect(rt2x00dev)) 742 if (rt2800_efuse_detect(rt2x00dev))
741 rt2800_read_eeprom_efuse(rt2x00dev); 743 retval = rt2800_read_eeprom_efuse(rt2x00dev);
742 else 744 else
743 rt2x00usb_eeprom_read(rt2x00dev, rt2x00dev->eeprom, 745 retval = rt2x00usb_eeprom_read(rt2x00dev, rt2x00dev->eeprom,
744 EEPROM_SIZE); 746 EEPROM_SIZE);
747
748 return retval;
745} 749}
746 750
747static int rt2800usb_probe_hw(struct rt2x00_dev *rt2x00dev) 751static int rt2800usb_probe_hw(struct rt2x00_dev *rt2x00dev)
diff --git a/drivers/net/wireless/rt2x00/rt2x00.h b/drivers/net/wireless/rt2x00/rt2x00.h
index 0751b35ef6dc..9a3f31a543ce 100644
--- a/drivers/net/wireless/rt2x00/rt2x00.h
+++ b/drivers/net/wireless/rt2x00/rt2x00.h
@@ -88,11 +88,9 @@
88#define ERROR_PROBE(__msg, __args...) \ 88#define ERROR_PROBE(__msg, __args...) \
89 DEBUG_PRINTK_PROBE(KERN_ERR, "Error", __msg, ##__args) 89 DEBUG_PRINTK_PROBE(KERN_ERR, "Error", __msg, ##__args)
90#define WARNING(__dev, __msg, __args...) \ 90#define WARNING(__dev, __msg, __args...) \
91 DEBUG_PRINTK(__dev, KERN_WARNING, "Warning", __msg, ##__args) 91 DEBUG_PRINTK_MSG(__dev, KERN_WARNING, "Warning", __msg, ##__args)
92#define NOTICE(__dev, __msg, __args...) \
93 DEBUG_PRINTK(__dev, KERN_NOTICE, "Notice", __msg, ##__args)
94#define INFO(__dev, __msg, __args...) \ 92#define INFO(__dev, __msg, __args...) \
95 DEBUG_PRINTK(__dev, KERN_INFO, "Info", __msg, ##__args) 93 DEBUG_PRINTK_MSG(__dev, KERN_INFO, "Info", __msg, ##__args)
96#define DEBUG(__dev, __msg, __args...) \ 94#define DEBUG(__dev, __msg, __args...) \
97 DEBUG_PRINTK(__dev, KERN_DEBUG, "Debug", __msg, ##__args) 95 DEBUG_PRINTK(__dev, KERN_DEBUG, "Debug", __msg, ##__args)
98#define EEPROM(__dev, __msg, __args...) \ 96#define EEPROM(__dev, __msg, __args...) \
@@ -1016,6 +1014,26 @@ struct rt2x00_dev {
1016 * Protect the interrupt mask register. 1014 * Protect the interrupt mask register.
1017 */ 1015 */
1018 spinlock_t irqmask_lock; 1016 spinlock_t irqmask_lock;
1017
1018 /*
1019 * List of BlockAckReq TX entries that need driver BlockAck processing.
1020 */
1021 struct list_head bar_list;
1022 spinlock_t bar_list_lock;
1023};
1024
1025struct rt2x00_bar_list_entry {
1026 struct list_head list;
1027 struct rcu_head head;
1028
1029 struct queue_entry *entry;
1030 int block_acked;
1031
1032 /* Relevant parts of the IEEE80211 BAR header */
1033 __u8 ra[6];
1034 __u8 ta[6];
1035 __le16 control;
1036 __le16 start_seq_num;
1019}; 1037};
1020 1038
1021/* 1039/*
diff --git a/drivers/net/wireless/rt2x00/rt2x00dev.c b/drivers/net/wireless/rt2x00/rt2x00dev.c
index 44f8b3f3cbed..1031db66474a 100644
--- a/drivers/net/wireless/rt2x00/rt2x00dev.c
+++ b/drivers/net/wireless/rt2x00/rt2x00dev.c
@@ -271,6 +271,50 @@ void rt2x00lib_dmadone(struct queue_entry *entry)
271} 271}
272EXPORT_SYMBOL_GPL(rt2x00lib_dmadone); 272EXPORT_SYMBOL_GPL(rt2x00lib_dmadone);
273 273
274static inline int rt2x00lib_txdone_bar_status(struct queue_entry *entry)
275{
276 struct rt2x00_dev *rt2x00dev = entry->queue->rt2x00dev;
277 struct ieee80211_bar *bar = (void *) entry->skb->data;
278 struct rt2x00_bar_list_entry *bar_entry;
279 int ret;
280
281 if (likely(!ieee80211_is_back_req(bar->frame_control)))
282 return 0;
283
284 /*
285 * Unlike all other frames, the status report for BARs does
286 * not directly come from the hardware as it is incapable of
287 * matching a BA to a previously send BAR. The hardware will
288 * report all BARs as if they weren't acked at all.
289 *
290 * Instead the RX-path will scan for incoming BAs and set the
291 * block_acked flag if it sees one that was likely caused by
292 * a BAR from us.
293 *
294 * Remove remaining BARs here and return their status for
295 * TX done processing.
296 */
297 ret = 0;
298 rcu_read_lock();
299 list_for_each_entry_rcu(bar_entry, &rt2x00dev->bar_list, list) {
300 if (bar_entry->entry != entry)
301 continue;
302
303 spin_lock_bh(&rt2x00dev->bar_list_lock);
304 /* Return whether this BAR was blockacked or not */
305 ret = bar_entry->block_acked;
306 /* Remove the BAR from our checklist */
307 list_del_rcu(&bar_entry->list);
308 spin_unlock_bh(&rt2x00dev->bar_list_lock);
309 kfree_rcu(bar_entry, head);
310
311 break;
312 }
313 rcu_read_unlock();
314
315 return ret;
316}
317
274void rt2x00lib_txdone(struct queue_entry *entry, 318void rt2x00lib_txdone(struct queue_entry *entry,
275 struct txdone_entry_desc *txdesc) 319 struct txdone_entry_desc *txdesc)
276{ 320{
@@ -324,9 +368,12 @@ void rt2x00lib_txdone(struct queue_entry *entry,
324 rt2x00debug_dump_frame(rt2x00dev, DUMP_FRAME_TXDONE, entry->skb); 368 rt2x00debug_dump_frame(rt2x00dev, DUMP_FRAME_TXDONE, entry->skb);
325 369
326 /* 370 /*
327 * Determine if the frame has been successfully transmitted. 371 * Determine if the frame has been successfully transmitted and
372 * remove BARs from our check list while checking for their
373 * TX status.
328 */ 374 */
329 success = 375 success =
376 rt2x00lib_txdone_bar_status(entry) ||
330 test_bit(TXDONE_SUCCESS, &txdesc->flags) || 377 test_bit(TXDONE_SUCCESS, &txdesc->flags) ||
331 test_bit(TXDONE_UNKNOWN, &txdesc->flags); 378 test_bit(TXDONE_UNKNOWN, &txdesc->flags);
332 379
@@ -491,6 +538,50 @@ static void rt2x00lib_sleep(struct work_struct *work)
491 IEEE80211_CONF_CHANGE_PS); 538 IEEE80211_CONF_CHANGE_PS);
492} 539}
493 540
541static void rt2x00lib_rxdone_check_ba(struct rt2x00_dev *rt2x00dev,
542 struct sk_buff *skb,
543 struct rxdone_entry_desc *rxdesc)
544{
545 struct rt2x00_bar_list_entry *entry;
546 struct ieee80211_bar *ba = (void *)skb->data;
547
548 if (likely(!ieee80211_is_back(ba->frame_control)))
549 return;
550
551 if (rxdesc->size < sizeof(*ba) + FCS_LEN)
552 return;
553
554 rcu_read_lock();
555 list_for_each_entry_rcu(entry, &rt2x00dev->bar_list, list) {
556
557 if (ba->start_seq_num != entry->start_seq_num)
558 continue;
559
560#define TID_CHECK(a, b) ( \
561 ((a) & cpu_to_le16(IEEE80211_BAR_CTRL_TID_INFO_MASK)) == \
562 ((b) & cpu_to_le16(IEEE80211_BAR_CTRL_TID_INFO_MASK))) \
563
564 if (!TID_CHECK(ba->control, entry->control))
565 continue;
566
567#undef TID_CHECK
568
569 if (compare_ether_addr(ba->ra, entry->ta))
570 continue;
571
572 if (compare_ether_addr(ba->ta, entry->ra))
573 continue;
574
575 /* Mark BAR since we received the according BA */
576 spin_lock_bh(&rt2x00dev->bar_list_lock);
577 entry->block_acked = 1;
578 spin_unlock_bh(&rt2x00dev->bar_list_lock);
579 break;
580 }
581 rcu_read_unlock();
582
583}
584
494static void rt2x00lib_rxdone_check_ps(struct rt2x00_dev *rt2x00dev, 585static void rt2x00lib_rxdone_check_ps(struct rt2x00_dev *rt2x00dev,
495 struct sk_buff *skb, 586 struct sk_buff *skb,
496 struct rxdone_entry_desc *rxdesc) 587 struct rxdone_entry_desc *rxdesc)
@@ -674,6 +765,12 @@ void rt2x00lib_rxdone(struct queue_entry *entry, gfp_t gfp)
674 rt2x00lib_rxdone_check_ps(rt2x00dev, entry->skb, &rxdesc); 765 rt2x00lib_rxdone_check_ps(rt2x00dev, entry->skb, &rxdesc);
675 766
676 /* 767 /*
768 * Check for incoming BlockAcks to match to the BlockAckReqs
769 * we've send out.
770 */
771 rt2x00lib_rxdone_check_ba(rt2x00dev, entry->skb, &rxdesc);
772
773 /*
677 * Update extra components 774 * Update extra components
678 */ 775 */
679 rt2x00link_update_stats(rt2x00dev, entry->skb, &rxdesc); 776 rt2x00link_update_stats(rt2x00dev, entry->skb, &rxdesc);
@@ -1139,7 +1236,8 @@ static inline void rt2x00lib_set_if_combinations(struct rt2x00_dev *rt2x00dev)
1139 */ 1236 */
1140 if_limit = &rt2x00dev->if_limits_ap; 1237 if_limit = &rt2x00dev->if_limits_ap;
1141 if_limit->max = rt2x00dev->ops->max_ap_intf; 1238 if_limit->max = rt2x00dev->ops->max_ap_intf;
1142 if_limit->types = BIT(NL80211_IFTYPE_AP); 1239 if_limit->types = BIT(NL80211_IFTYPE_AP) |
1240 BIT(NL80211_IFTYPE_MESH_POINT);
1143 1241
1144 /* 1242 /*
1145 * Build up AP interface combinations structure. 1243 * Build up AP interface combinations structure.
@@ -1183,6 +1281,8 @@ int rt2x00lib_probe_dev(struct rt2x00_dev *rt2x00dev)
1183 1281
1184 spin_lock_init(&rt2x00dev->irqmask_lock); 1282 spin_lock_init(&rt2x00dev->irqmask_lock);
1185 mutex_init(&rt2x00dev->csr_mutex); 1283 mutex_init(&rt2x00dev->csr_mutex);
1284 INIT_LIST_HEAD(&rt2x00dev->bar_list);
1285 spin_lock_init(&rt2x00dev->bar_list_lock);
1186 1286
1187 set_bit(DEVICE_STATE_PRESENT, &rt2x00dev->flags); 1287 set_bit(DEVICE_STATE_PRESENT, &rt2x00dev->flags);
1188 1288
@@ -1347,7 +1447,7 @@ EXPORT_SYMBOL_GPL(rt2x00lib_remove_dev);
1347#ifdef CONFIG_PM 1447#ifdef CONFIG_PM
1348int rt2x00lib_suspend(struct rt2x00_dev *rt2x00dev, pm_message_t state) 1448int rt2x00lib_suspend(struct rt2x00_dev *rt2x00dev, pm_message_t state)
1349{ 1449{
1350 NOTICE(rt2x00dev, "Going to sleep.\n"); 1450 DEBUG(rt2x00dev, "Going to sleep.\n");
1351 1451
1352 /* 1452 /*
1353 * Prevent mac80211 from accessing driver while suspended. 1453 * Prevent mac80211 from accessing driver while suspended.
@@ -1387,7 +1487,7 @@ EXPORT_SYMBOL_GPL(rt2x00lib_suspend);
1387 1487
1388int rt2x00lib_resume(struct rt2x00_dev *rt2x00dev) 1488int rt2x00lib_resume(struct rt2x00_dev *rt2x00dev)
1389{ 1489{
1390 NOTICE(rt2x00dev, "Waking up.\n"); 1490 DEBUG(rt2x00dev, "Waking up.\n");
1391 1491
1392 /* 1492 /*
1393 * Restore/enable extra components. 1493 * Restore/enable extra components.
diff --git a/drivers/net/wireless/rt2x00/rt2x00mac.c b/drivers/net/wireless/rt2x00/rt2x00mac.c
index ed7a1bb3f245..20c6eccce5aa 100644
--- a/drivers/net/wireless/rt2x00/rt2x00mac.c
+++ b/drivers/net/wireless/rt2x00/rt2x00mac.c
@@ -731,9 +731,9 @@ int rt2x00mac_conf_tx(struct ieee80211_hw *hw,
731 queue->aifs = params->aifs; 731 queue->aifs = params->aifs;
732 queue->txop = params->txop; 732 queue->txop = params->txop;
733 733
734 INFO(rt2x00dev, 734 DEBUG(rt2x00dev,
735 "Configured TX queue %d - CWmin: %d, CWmax: %d, Aifs: %d, TXop: %d.\n", 735 "Configured TX queue %d - CWmin: %d, CWmax: %d, Aifs: %d, TXop: %d.\n",
736 queue_idx, queue->cw_min, queue->cw_max, queue->aifs, queue->txop); 736 queue_idx, queue->cw_min, queue->cw_max, queue->aifs, queue->txop);
737 737
738 return 0; 738 return 0;
739} 739}
diff --git a/drivers/net/wireless/rt2x00/rt2x00queue.c b/drivers/net/wireless/rt2x00/rt2x00queue.c
index e488b944a034..f35d85a71bbc 100644
--- a/drivers/net/wireless/rt2x00/rt2x00queue.c
+++ b/drivers/net/wireless/rt2x00/rt2x00queue.c
@@ -582,6 +582,48 @@ static void rt2x00queue_kick_tx_queue(struct data_queue *queue,
582 queue->rt2x00dev->ops->lib->kick_queue(queue); 582 queue->rt2x00dev->ops->lib->kick_queue(queue);
583} 583}
584 584
585static void rt2x00queue_bar_check(struct queue_entry *entry)
586{
587 struct rt2x00_dev *rt2x00dev = entry->queue->rt2x00dev;
588 struct ieee80211_bar *bar = (void *) (entry->skb->data +
589 rt2x00dev->ops->extra_tx_headroom);
590 struct rt2x00_bar_list_entry *bar_entry;
591
592 if (likely(!ieee80211_is_back_req(bar->frame_control)))
593 return;
594
595 bar_entry = kmalloc(sizeof(*bar_entry), GFP_ATOMIC);
596
597 /*
598 * If the alloc fails we still send the BAR out but just don't track
599 * it in our bar list. And as a result we will report it to mac80211
600 * back as failed.
601 */
602 if (!bar_entry)
603 return;
604
605 bar_entry->entry = entry;
606 bar_entry->block_acked = 0;
607
608 /*
609 * Copy the relevant parts of the 802.11 BAR into out check list
610 * such that we can use RCU for less-overhead in the RX path since
611 * sending BARs and processing the according BlockAck should be
612 * the exception.
613 */
614 memcpy(bar_entry->ra, bar->ra, sizeof(bar->ra));
615 memcpy(bar_entry->ta, bar->ta, sizeof(bar->ta));
616 bar_entry->control = bar->control;
617 bar_entry->start_seq_num = bar->start_seq_num;
618
619 /*
620 * Insert BAR into our BAR check list.
621 */
622 spin_lock_bh(&rt2x00dev->bar_list_lock);
623 list_add_tail_rcu(&bar_entry->list, &rt2x00dev->bar_list);
624 spin_unlock_bh(&rt2x00dev->bar_list_lock);
625}
626
585int rt2x00queue_write_tx_frame(struct data_queue *queue, struct sk_buff *skb, 627int rt2x00queue_write_tx_frame(struct data_queue *queue, struct sk_buff *skb,
586 bool local) 628 bool local)
587{ 629{
@@ -680,6 +722,11 @@ int rt2x00queue_write_tx_frame(struct data_queue *queue, struct sk_buff *skb,
680 goto out; 722 goto out;
681 } 723 }
682 724
725 /*
726 * Put BlockAckReqs into our check list for driver BA processing.
727 */
728 rt2x00queue_bar_check(entry);
729
683 set_bit(ENTRY_DATA_PENDING, &entry->flags); 730 set_bit(ENTRY_DATA_PENDING, &entry->flags);
684 731
685 rt2x00queue_index_inc(entry, Q_INDEX); 732 rt2x00queue_index_inc(entry, Q_INDEX);
diff --git a/drivers/net/wireless/rtlwifi/Kconfig b/drivers/net/wireless/rtlwifi/Kconfig
index 21b1bbb93a7e..b80bc4612581 100644
--- a/drivers/net/wireless/rtlwifi/Kconfig
+++ b/drivers/net/wireless/rtlwifi/Kconfig
@@ -57,12 +57,12 @@ config RTL8192CU
57 57
58config RTLWIFI 58config RTLWIFI
59 tristate 59 tristate
60 depends on RTL8192CE || RTL8192CU || RTL8192SE || RTL8192DE 60 depends on RTL8192CE || RTL8192CU || RTL8192SE || RTL8192DE || RTL8723AE
61 default m 61 default m
62 62
63config RTLWIFI_DEBUG 63config RTLWIFI_DEBUG
64 bool "Additional debugging output" 64 bool "Additional debugging output"
65 depends on RTL8192CE || RTL8192CU || RTL8192SE || RTL8192DE 65 depends on RTL8192CE || RTL8192CU || RTL8192SE || RTL8192DE || RTL8723AE
66 default y 66 default y
67 67
68config RTL8192C_COMMON 68config RTL8192C_COMMON
diff --git a/drivers/net/wireless/rtlwifi/core.c b/drivers/net/wireless/rtlwifi/core.c
index be33aa14c8af..d3ce9fbef00e 100644
--- a/drivers/net/wireless/rtlwifi/core.c
+++ b/drivers/net/wireless/rtlwifi/core.c
@@ -879,7 +879,9 @@ static int rtl_op_ampdu_action(struct ieee80211_hw *hw,
879 "IEEE80211_AMPDU_TX_START: TID:%d\n", tid); 879 "IEEE80211_AMPDU_TX_START: TID:%d\n", tid);
880 return rtl_tx_agg_start(hw, sta, tid, ssn); 880 return rtl_tx_agg_start(hw, sta, tid, ssn);
881 break; 881 break;
882 case IEEE80211_AMPDU_TX_STOP: 882 case IEEE80211_AMPDU_TX_STOP_CONT:
883 case IEEE80211_AMPDU_TX_STOP_FLUSH:
884 case IEEE80211_AMPDU_TX_STOP_FLUSH_CONT:
883 RT_TRACE(rtlpriv, COMP_MAC80211, DBG_TRACE, 885 RT_TRACE(rtlpriv, COMP_MAC80211, DBG_TRACE,
884 "IEEE80211_AMPDU_TX_STOP: TID:%d\n", tid); 886 "IEEE80211_AMPDU_TX_STOP: TID:%d\n", tid);
885 return rtl_tx_agg_stop(hw, sta, tid); 887 return rtl_tx_agg_stop(hw, sta, tid);
diff --git a/drivers/net/wireless/rtlwifi/pci.c b/drivers/net/wireless/rtlwifi/pci.c
index 3deacafdcd5e..4261e8ecc4c3 100644
--- a/drivers/net/wireless/rtlwifi/pci.c
+++ b/drivers/net/wireless/rtlwifi/pci.c
@@ -743,6 +743,8 @@ static void _rtl_pci_rx_interrupt(struct ieee80211_hw *hw)
743 743
744done: 744done:
745 bufferaddress = (*((dma_addr_t *)skb->cb)); 745 bufferaddress = (*((dma_addr_t *)skb->cb));
746 if (pci_dma_mapping_error(rtlpci->pdev, bufferaddress))
747 return;
746 tmp_one = 1; 748 tmp_one = 1;
747 rtlpriv->cfg->ops->set_desc((u8 *) pdesc, false, 749 rtlpriv->cfg->ops->set_desc((u8 *) pdesc, false,
748 HW_DESC_RXBUFF_ADDR, 750 HW_DESC_RXBUFF_ADDR,
@@ -1115,6 +1117,10 @@ static int _rtl_pci_init_rx_ring(struct ieee80211_hw *hw)
1115 PCI_DMA_FROMDEVICE); 1117 PCI_DMA_FROMDEVICE);
1116 1118
1117 bufferaddress = (*((dma_addr_t *)skb->cb)); 1119 bufferaddress = (*((dma_addr_t *)skb->cb));
1120 if (pci_dma_mapping_error(rtlpci->pdev, bufferaddress)) {
1121 dev_kfree_skb_any(skb);
1122 return 1;
1123 }
1118 rtlpriv->cfg->ops->set_desc((u8 *)entry, false, 1124 rtlpriv->cfg->ops->set_desc((u8 *)entry, false,
1119 HW_DESC_RXBUFF_ADDR, 1125 HW_DESC_RXBUFF_ADDR,
1120 (u8 *)&bufferaddress); 1126 (u8 *)&bufferaddress);
diff --git a/drivers/net/wireless/rtlwifi/rc.c b/drivers/net/wireless/rtlwifi/rc.c
index c1e065f136ba..204f46c4510d 100644
--- a/drivers/net/wireless/rtlwifi/rc.c
+++ b/drivers/net/wireless/rtlwifi/rc.c
@@ -217,19 +217,6 @@ static void rtl_tx_status(void *ppriv,
217 } 217 }
218} 218}
219 219
220static void rtl_rate_init(void *ppriv,
221 struct ieee80211_supported_band *sband,
222 struct ieee80211_sta *sta, void *priv_sta)
223{
224}
225
226static void rtl_rate_update(void *ppriv,
227 struct ieee80211_supported_band *sband,
228 struct ieee80211_sta *sta, void *priv_sta,
229 u32 changed)
230{
231}
232
233static void *rtl_rate_alloc(struct ieee80211_hw *hw, 220static void *rtl_rate_alloc(struct ieee80211_hw *hw,
234 struct dentry *debugfsdir) 221 struct dentry *debugfsdir)
235{ 222{
@@ -274,8 +261,6 @@ static struct rate_control_ops rtl_rate_ops = {
274 .free = rtl_rate_free, 261 .free = rtl_rate_free,
275 .alloc_sta = rtl_rate_alloc_sta, 262 .alloc_sta = rtl_rate_alloc_sta,
276 .free_sta = rtl_rate_free_sta, 263 .free_sta = rtl_rate_free_sta,
277 .rate_init = rtl_rate_init,
278 .rate_update = rtl_rate_update,
279 .tx_status = rtl_tx_status, 264 .tx_status = rtl_tx_status,
280 .get_rate = rtl_get_rate, 265 .get_rate = rtl_get_rate,
281}; 266};
diff --git a/drivers/net/wireless/rtlwifi/regd.c b/drivers/net/wireless/rtlwifi/regd.c
index c1608cddc529..d7d0d4948b01 100644
--- a/drivers/net/wireless/rtlwifi/regd.c
+++ b/drivers/net/wireless/rtlwifi/regd.c
@@ -158,8 +158,6 @@ static void _rtl_reg_apply_beaconing_flags(struct wiphy *wiphy,
158 const struct ieee80211_reg_rule *reg_rule; 158 const struct ieee80211_reg_rule *reg_rule;
159 struct ieee80211_channel *ch; 159 struct ieee80211_channel *ch;
160 unsigned int i; 160 unsigned int i;
161 u32 bandwidth = 0;
162 int r;
163 161
164 for (band = 0; band < IEEE80211_NUM_BANDS; band++) { 162 for (band = 0; band < IEEE80211_NUM_BANDS; band++) {
165 163
@@ -174,9 +172,8 @@ static void _rtl_reg_apply_beaconing_flags(struct wiphy *wiphy,
174 (ch->flags & IEEE80211_CHAN_RADAR)) 172 (ch->flags & IEEE80211_CHAN_RADAR))
175 continue; 173 continue;
176 if (initiator == NL80211_REGDOM_SET_BY_COUNTRY_IE) { 174 if (initiator == NL80211_REGDOM_SET_BY_COUNTRY_IE) {
177 r = freq_reg_info(wiphy, ch->center_freq, 175 reg_rule = freq_reg_info(wiphy, ch->center_freq);
178 bandwidth, &reg_rule); 176 if (IS_ERR(reg_rule))
179 if (r)
180 continue; 177 continue;
181 178
182 /* 179 /*
@@ -211,8 +208,6 @@ static void _rtl_reg_apply_active_scan_flags(struct wiphy *wiphy,
211 struct ieee80211_supported_band *sband; 208 struct ieee80211_supported_band *sband;
212 struct ieee80211_channel *ch; 209 struct ieee80211_channel *ch;
213 const struct ieee80211_reg_rule *reg_rule; 210 const struct ieee80211_reg_rule *reg_rule;
214 u32 bandwidth = 0;
215 int r;
216 211
217 if (!wiphy->bands[IEEE80211_BAND_2GHZ]) 212 if (!wiphy->bands[IEEE80211_BAND_2GHZ])
218 return; 213 return;
@@ -240,16 +235,16 @@ static void _rtl_reg_apply_active_scan_flags(struct wiphy *wiphy,
240 */ 235 */
241 236
242 ch = &sband->channels[11]; /* CH 12 */ 237 ch = &sband->channels[11]; /* CH 12 */
243 r = freq_reg_info(wiphy, ch->center_freq, bandwidth, &reg_rule); 238 reg_rule = freq_reg_info(wiphy, ch->center_freq);
244 if (!r) { 239 if (!IS_ERR(reg_rule)) {
245 if (!(reg_rule->flags & NL80211_RRF_PASSIVE_SCAN)) 240 if (!(reg_rule->flags & NL80211_RRF_PASSIVE_SCAN))
246 if (ch->flags & IEEE80211_CHAN_PASSIVE_SCAN) 241 if (ch->flags & IEEE80211_CHAN_PASSIVE_SCAN)
247 ch->flags &= ~IEEE80211_CHAN_PASSIVE_SCAN; 242 ch->flags &= ~IEEE80211_CHAN_PASSIVE_SCAN;
248 } 243 }
249 244
250 ch = &sband->channels[12]; /* CH 13 */ 245 ch = &sband->channels[12]; /* CH 13 */
251 r = freq_reg_info(wiphy, ch->center_freq, bandwidth, &reg_rule); 246 reg_rule = freq_reg_info(wiphy, ch->center_freq);
252 if (!r) { 247 if (!IS_ERR(reg_rule)) {
253 if (!(reg_rule->flags & NL80211_RRF_PASSIVE_SCAN)) 248 if (!(reg_rule->flags & NL80211_RRF_PASSIVE_SCAN))
254 if (ch->flags & IEEE80211_CHAN_PASSIVE_SCAN) 249 if (ch->flags & IEEE80211_CHAN_PASSIVE_SCAN)
255 ch->flags &= ~IEEE80211_CHAN_PASSIVE_SCAN; 250 ch->flags &= ~IEEE80211_CHAN_PASSIVE_SCAN;
@@ -303,9 +298,9 @@ static void _rtl_reg_apply_world_flags(struct wiphy *wiphy,
303 return; 298 return;
304} 299}
305 300
306static int _rtl_reg_notifier_apply(struct wiphy *wiphy, 301static void _rtl_reg_notifier_apply(struct wiphy *wiphy,
307 struct regulatory_request *request, 302 struct regulatory_request *request,
308 struct rtl_regulatory *reg) 303 struct rtl_regulatory *reg)
309{ 304{
310 /* We always apply this */ 305 /* We always apply this */
311 _rtl_reg_apply_radar_flags(wiphy); 306 _rtl_reg_apply_radar_flags(wiphy);
@@ -319,8 +314,6 @@ static int _rtl_reg_notifier_apply(struct wiphy *wiphy,
319 _rtl_reg_apply_world_flags(wiphy, request->initiator, reg); 314 _rtl_reg_apply_world_flags(wiphy, request->initiator, reg);
320 break; 315 break;
321 } 316 }
322
323 return 0;
324} 317}
325 318
326static const struct ieee80211_regdomain *_rtl_regdomain_select( 319static const struct ieee80211_regdomain *_rtl_regdomain_select(
@@ -353,9 +346,9 @@ static const struct ieee80211_regdomain *_rtl_regdomain_select(
353 346
354static int _rtl_regd_init_wiphy(struct rtl_regulatory *reg, 347static int _rtl_regd_init_wiphy(struct rtl_regulatory *reg,
355 struct wiphy *wiphy, 348 struct wiphy *wiphy,
356 int (*reg_notifier) (struct wiphy *wiphy, 349 void (*reg_notifier) (struct wiphy *wiphy,
357 struct regulatory_request * 350 struct regulatory_request *
358 request)) 351 request))
359{ 352{
360 const struct ieee80211_regdomain *regd; 353 const struct ieee80211_regdomain *regd;
361 354
@@ -384,7 +377,7 @@ static struct country_code_to_enum_rd *_rtl_regd_find_country(u16 countrycode)
384} 377}
385 378
386int rtl_regd_init(struct ieee80211_hw *hw, 379int rtl_regd_init(struct ieee80211_hw *hw,
387 int (*reg_notifier) (struct wiphy *wiphy, 380 void (*reg_notifier) (struct wiphy *wiphy,
388 struct regulatory_request *request)) 381 struct regulatory_request *request))
389{ 382{
390 struct rtl_priv *rtlpriv = rtl_priv(hw); 383 struct rtl_priv *rtlpriv = rtl_priv(hw);
@@ -426,12 +419,12 @@ int rtl_regd_init(struct ieee80211_hw *hw,
426 return 0; 419 return 0;
427} 420}
428 421
429int rtl_reg_notifier(struct wiphy *wiphy, struct regulatory_request *request) 422void rtl_reg_notifier(struct wiphy *wiphy, struct regulatory_request *request)
430{ 423{
431 struct ieee80211_hw *hw = wiphy_to_ieee80211_hw(wiphy); 424 struct ieee80211_hw *hw = wiphy_to_ieee80211_hw(wiphy);
432 struct rtl_priv *rtlpriv = rtl_priv(hw); 425 struct rtl_priv *rtlpriv = rtl_priv(hw);
433 426
434 RT_TRACE(rtlpriv, COMP_REGD, DBG_LOUD, "\n"); 427 RT_TRACE(rtlpriv, COMP_REGD, DBG_LOUD, "\n");
435 428
436 return _rtl_reg_notifier_apply(wiphy, request, &rtlpriv->regd); 429 _rtl_reg_notifier_apply(wiphy, request, &rtlpriv->regd);
437} 430}
diff --git a/drivers/net/wireless/rtlwifi/regd.h b/drivers/net/wireless/rtlwifi/regd.h
index 70ef2f418a44..4e1f4f00e6e9 100644
--- a/drivers/net/wireless/rtlwifi/regd.h
+++ b/drivers/net/wireless/rtlwifi/regd.h
@@ -55,7 +55,7 @@ enum country_code_type_t {
55}; 55};
56 56
57int rtl_regd_init(struct ieee80211_hw *hw, 57int rtl_regd_init(struct ieee80211_hw *hw,
58 int (*reg_notifier) (struct wiphy *wiphy, 58 void (*reg_notifier) (struct wiphy *wiphy,
59 struct regulatory_request *request)); 59 struct regulatory_request *request));
60int rtl_reg_notifier(struct wiphy *wiphy, struct regulatory_request *request); 60void rtl_reg_notifier(struct wiphy *wiphy, struct regulatory_request *request);
61#endif 61#endif
diff --git a/drivers/net/wireless/rtlwifi/rtl8192c/phy_common.c b/drivers/net/wireless/rtlwifi/rtl8192c/phy_common.c
index 1d5d3604e3e0..246e5352f2e1 100644
--- a/drivers/net/wireless/rtlwifi/rtl8192c/phy_common.c
+++ b/drivers/net/wireless/rtlwifi/rtl8192c/phy_common.c
@@ -692,7 +692,7 @@ u8 rtl92c_phy_sw_chnl(struct ieee80211_hw *hw)
692 if (!(is_hal_stop(rtlhal)) && !(RT_CANNOT_IO(hw))) { 692 if (!(is_hal_stop(rtlhal)) && !(RT_CANNOT_IO(hw))) {
693 rtl92c_phy_sw_chnl_callback(hw); 693 rtl92c_phy_sw_chnl_callback(hw);
694 RT_TRACE(rtlpriv, COMP_CHAN, DBG_LOUD, 694 RT_TRACE(rtlpriv, COMP_CHAN, DBG_LOUD,
695 "sw_chnl_inprogress false schdule workitem\n"); 695 "sw_chnl_inprogress false schedule workitem\n");
696 rtlphy->sw_chnl_inprogress = false; 696 rtlphy->sw_chnl_inprogress = false;
697 } else { 697 } else {
698 RT_TRACE(rtlpriv, COMP_CHAN, DBG_LOUD, 698 RT_TRACE(rtlpriv, COMP_CHAN, DBG_LOUD,
diff --git a/drivers/net/wireless/rtlwifi/rtl8192ce/trx.c b/drivers/net/wireless/rtlwifi/rtl8192ce/trx.c
index 173424756149..c31795e379f7 100644
--- a/drivers/net/wireless/rtlwifi/rtl8192ce/trx.c
+++ b/drivers/net/wireless/rtlwifi/rtl8192ce/trx.c
@@ -611,8 +611,14 @@ void rtl92ce_tx_fill_desc(struct ieee80211_hw *hw,
611 dma_addr_t mapping = pci_map_single(rtlpci->pdev, 611 dma_addr_t mapping = pci_map_single(rtlpci->pdev,
612 skb->data, skb->len, 612 skb->data, skb->len,
613 PCI_DMA_TODEVICE); 613 PCI_DMA_TODEVICE);
614
614 u8 bw_40 = 0; 615 u8 bw_40 = 0;
615 616
617 if (pci_dma_mapping_error(rtlpci->pdev, mapping)) {
618 RT_TRACE(rtlpriv, COMP_SEND, DBG_TRACE,
619 "DMA mapping error");
620 return;
621 }
616 rcu_read_lock(); 622 rcu_read_lock();
617 sta = get_sta(hw, mac->vif, mac->bssid); 623 sta = get_sta(hw, mac->vif, mac->bssid);
618 if (mac->opmode == NL80211_IFTYPE_STATION) { 624 if (mac->opmode == NL80211_IFTYPE_STATION) {
@@ -774,6 +780,11 @@ void rtl92ce_tx_fill_cmddesc(struct ieee80211_hw *hw,
774 struct ieee80211_hdr *hdr = (struct ieee80211_hdr *)(skb->data); 780 struct ieee80211_hdr *hdr = (struct ieee80211_hdr *)(skb->data);
775 __le16 fc = hdr->frame_control; 781 __le16 fc = hdr->frame_control;
776 782
783 if (pci_dma_mapping_error(rtlpci->pdev, mapping)) {
784 RT_TRACE(rtlpriv, COMP_SEND, DBG_TRACE,
785 "DMA mapping error");
786 return;
787 }
777 CLEAR_PCI_TX_DESC_CONTENT(pdesc, TX_DESC_SIZE); 788 CLEAR_PCI_TX_DESC_CONTENT(pdesc, TX_DESC_SIZE);
778 789
779 if (firstseg) 790 if (firstseg)
diff --git a/drivers/net/wireless/rtlwifi/rtl8192de/trx.c b/drivers/net/wireless/rtlwifi/rtl8192de/trx.c
index f9f3861046c1..cdb570ffb4b5 100644
--- a/drivers/net/wireless/rtlwifi/rtl8192de/trx.c
+++ b/drivers/net/wireless/rtlwifi/rtl8192de/trx.c
@@ -452,7 +452,7 @@ static void _rtl92de_translate_rx_signal_stuff(struct ieee80211_hw *hw,
452 u8 *praddr; 452 u8 *praddr;
453 u16 type, cfc; 453 u16 type, cfc;
454 __le16 fc; 454 __le16 fc;
455 bool packet_matchbssid, packet_toself, packet_beacon; 455 bool packet_matchbssid, packet_toself, packet_beacon = false;
456 456
457 tmp_buf = skb->data + pstats->rx_drvinfo_size + pstats->rx_bufshift; 457 tmp_buf = skb->data + pstats->rx_drvinfo_size + pstats->rx_bufshift;
458 hdr = (struct ieee80211_hdr *)tmp_buf; 458 hdr = (struct ieee80211_hdr *)tmp_buf;
@@ -587,6 +587,11 @@ void rtl92de_tx_fill_desc(struct ieee80211_hw *hw,
587 buf_len = skb->len; 587 buf_len = skb->len;
588 mapping = pci_map_single(rtlpci->pdev, skb->data, skb->len, 588 mapping = pci_map_single(rtlpci->pdev, skb->data, skb->len,
589 PCI_DMA_TODEVICE); 589 PCI_DMA_TODEVICE);
590 if (pci_dma_mapping_error(rtlpci->pdev, mapping)) {
591 RT_TRACE(rtlpriv, COMP_SEND, DBG_TRACE,
592 "DMA mapping error");
593 return;
594 }
590 CLEAR_PCI_TX_DESC_CONTENT(pdesc, sizeof(struct tx_desc_92d)); 595 CLEAR_PCI_TX_DESC_CONTENT(pdesc, sizeof(struct tx_desc_92d));
591 if (ieee80211_is_nullfunc(fc) || ieee80211_is_ctl(fc)) { 596 if (ieee80211_is_nullfunc(fc) || ieee80211_is_ctl(fc)) {
592 firstseg = true; 597 firstseg = true;
@@ -740,6 +745,11 @@ void rtl92de_tx_fill_cmddesc(struct ieee80211_hw *hw,
740 struct ieee80211_hdr *hdr = (struct ieee80211_hdr *)(skb->data); 745 struct ieee80211_hdr *hdr = (struct ieee80211_hdr *)(skb->data);
741 __le16 fc = hdr->frame_control; 746 __le16 fc = hdr->frame_control;
742 747
748 if (pci_dma_mapping_error(rtlpci->pdev, mapping)) {
749 RT_TRACE(rtlpriv, COMP_SEND, DBG_TRACE,
750 "DMA mapping error");
751 return;
752 }
743 CLEAR_PCI_TX_DESC_CONTENT(pdesc, TX_DESC_SIZE); 753 CLEAR_PCI_TX_DESC_CONTENT(pdesc, TX_DESC_SIZE);
744 if (firstseg) 754 if (firstseg)
745 SET_TX_DESC_OFFSET(pdesc, USB_HWDESC_HEADER_LEN); 755 SET_TX_DESC_OFFSET(pdesc, USB_HWDESC_HEADER_LEN);
diff --git a/drivers/net/wireless/rtlwifi/rtl8192se/trx.c b/drivers/net/wireless/rtlwifi/rtl8192se/trx.c
index 0e9f6ebf078a..f8431a3c2c9d 100644
--- a/drivers/net/wireless/rtlwifi/rtl8192se/trx.c
+++ b/drivers/net/wireless/rtlwifi/rtl8192se/trx.c
@@ -480,7 +480,7 @@ static void _rtl92se_translate_rx_signal_stuff(struct ieee80211_hw *hw,
480 u8 *praddr; 480 u8 *praddr;
481 __le16 fc; 481 __le16 fc;
482 u16 type, cfc; 482 u16 type, cfc;
483 bool packet_matchbssid, packet_toself, packet_beacon; 483 bool packet_matchbssid, packet_toself, packet_beacon = false;
484 484
485 tmp_buf = skb->data + pstats->rx_drvinfo_size + pstats->rx_bufshift; 485 tmp_buf = skb->data + pstats->rx_drvinfo_size + pstats->rx_bufshift;
486 486
@@ -611,6 +611,11 @@ void rtl92se_tx_fill_desc(struct ieee80211_hw *hw,
611 PCI_DMA_TODEVICE); 611 PCI_DMA_TODEVICE);
612 u8 bw_40 = 0; 612 u8 bw_40 = 0;
613 613
614 if (pci_dma_mapping_error(rtlpci->pdev, mapping)) {
615 RT_TRACE(rtlpriv, COMP_SEND, DBG_TRACE,
616 "DMA mapping error");
617 return;
618 }
614 if (mac->opmode == NL80211_IFTYPE_STATION) { 619 if (mac->opmode == NL80211_IFTYPE_STATION) {
615 bw_40 = mac->bw_40; 620 bw_40 = mac->bw_40;
616 } else if (mac->opmode == NL80211_IFTYPE_AP || 621 } else if (mac->opmode == NL80211_IFTYPE_AP ||
@@ -763,6 +768,7 @@ void rtl92se_tx_fill_desc(struct ieee80211_hw *hw,
763void rtl92se_tx_fill_cmddesc(struct ieee80211_hw *hw, u8 *pdesc, 768void rtl92se_tx_fill_cmddesc(struct ieee80211_hw *hw, u8 *pdesc,
764 bool firstseg, bool lastseg, struct sk_buff *skb) 769 bool firstseg, bool lastseg, struct sk_buff *skb)
765{ 770{
771 struct rtl_priv *rtlpriv = rtl_priv(hw);
766 struct rtl_pci *rtlpci = rtl_pcidev(rtl_pcipriv(hw)); 772 struct rtl_pci *rtlpci = rtl_pcidev(rtl_pcipriv(hw));
767 struct rtl_hal *rtlhal = rtl_hal(rtl_priv(hw)); 773 struct rtl_hal *rtlhal = rtl_hal(rtl_priv(hw));
768 struct rtl_tcb_desc *tcb_desc = (struct rtl_tcb_desc *)(skb->cb); 774 struct rtl_tcb_desc *tcb_desc = (struct rtl_tcb_desc *)(skb->cb);
@@ -770,7 +776,12 @@ void rtl92se_tx_fill_cmddesc(struct ieee80211_hw *hw, u8 *pdesc,
770 dma_addr_t mapping = pci_map_single(rtlpci->pdev, skb->data, skb->len, 776 dma_addr_t mapping = pci_map_single(rtlpci->pdev, skb->data, skb->len,
771 PCI_DMA_TODEVICE); 777 PCI_DMA_TODEVICE);
772 778
773 /* Clear all status */ 779 if (pci_dma_mapping_error(rtlpci->pdev, mapping)) {
780 RT_TRACE(rtlpriv, COMP_SEND, DBG_TRACE,
781 "DMA mapping error");
782 return;
783 }
784 /* Clear all status */
774 CLEAR_PCI_TX_DESC_CONTENT(pdesc, TX_CMDDESC_SIZE_RTL8192S); 785 CLEAR_PCI_TX_DESC_CONTENT(pdesc, TX_CMDDESC_SIZE_RTL8192S);
775 786
776 /* This bit indicate this packet is used for FW download. */ 787 /* This bit indicate this packet is used for FW download. */
diff --git a/drivers/net/wireless/rtlwifi/rtl8723ae/fw.c b/drivers/net/wireless/rtlwifi/rtl8723ae/fw.c
index f55b1767ef57..3b71dab4f3b2 100644
--- a/drivers/net/wireless/rtlwifi/rtl8723ae/fw.c
+++ b/drivers/net/wireless/rtlwifi/rtl8723ae/fw.c
@@ -252,7 +252,7 @@ static void _rtl8723ae_fill_h2c_command(struct ieee80211_hw *hw,
252 u16 box_reg = 0, box_extreg = 0; 252 u16 box_reg = 0, box_extreg = 0;
253 u8 u1tmp; 253 u8 u1tmp;
254 bool isfw_rd = false; 254 bool isfw_rd = false;
255 bool bwrite_sucess = false; 255 bool bwrite_success = false;
256 u8 wait_h2c_limmit = 100; 256 u8 wait_h2c_limmit = 100;
257 u8 wait_writeh2c_limmit = 100; 257 u8 wait_writeh2c_limmit = 100;
258 u8 boxcontent[4], boxextcontent[2]; 258 u8 boxcontent[4], boxextcontent[2];
@@ -291,7 +291,7 @@ static void _rtl8723ae_fill_h2c_command(struct ieee80211_hw *hw,
291 } 291 }
292 } 292 }
293 293
294 while (!bwrite_sucess) { 294 while (!bwrite_success) {
295 wait_writeh2c_limmit--; 295 wait_writeh2c_limmit--;
296 if (wait_writeh2c_limmit == 0) { 296 if (wait_writeh2c_limmit == 0) {
297 RT_TRACE(rtlpriv, COMP_ERR, DBG_EMERG, 297 RT_TRACE(rtlpriv, COMP_ERR, DBG_EMERG,
@@ -429,7 +429,7 @@ static void _rtl8723ae_fill_h2c_command(struct ieee80211_hw *hw,
429 break; 429 break;
430 } 430 }
431 431
432 bwrite_sucess = true; 432 bwrite_success = true;
433 433
434 rtlhal->last_hmeboxnum = boxnum + 1; 434 rtlhal->last_hmeboxnum = boxnum + 1;
435 if (rtlhal->last_hmeboxnum == 4) 435 if (rtlhal->last_hmeboxnum == 4)
diff --git a/drivers/net/wireless/rtlwifi/rtl8723ae/phy.c b/drivers/net/wireless/rtlwifi/rtl8723ae/phy.c
index 39cc7938eedf..3d8536bb0d2b 100644
--- a/drivers/net/wireless/rtlwifi/rtl8723ae/phy.c
+++ b/drivers/net/wireless/rtlwifi/rtl8723ae/phy.c
@@ -1106,7 +1106,7 @@ u8 rtl8723ae_phy_sw_chnl(struct ieee80211_hw *hw)
1106 if (!(is_hal_stop(rtlhal)) && !(RT_CANNOT_IO(hw))) { 1106 if (!(is_hal_stop(rtlhal)) && !(RT_CANNOT_IO(hw))) {
1107 rtl8723ae_phy_sw_chnl_callback(hw); 1107 rtl8723ae_phy_sw_chnl_callback(hw);
1108 RT_TRACE(rtlpriv, COMP_CHAN, DBG_LOUD, 1108 RT_TRACE(rtlpriv, COMP_CHAN, DBG_LOUD,
1109 "sw_chnl_inprogress false schdule workitem\n"); 1109 "sw_chnl_inprogress false schedule workitem\n");
1110 rtlphy->sw_chnl_inprogress = false; 1110 rtlphy->sw_chnl_inprogress = false;
1111 } else { 1111 } else {
1112 RT_TRACE(rtlpriv, COMP_CHAN, DBG_LOUD, 1112 RT_TRACE(rtlpriv, COMP_CHAN, DBG_LOUD,
diff --git a/drivers/net/wireless/rtlwifi/rtl8723ae/trx.c b/drivers/net/wireless/rtlwifi/rtl8723ae/trx.c
index 87331d826d73..ce8ad12bce5b 100644
--- a/drivers/net/wireless/rtlwifi/rtl8723ae/trx.c
+++ b/drivers/net/wireless/rtlwifi/rtl8723ae/trx.c
@@ -247,7 +247,7 @@ static void _rtl8723ae_translate_rx_signal_stuff(struct ieee80211_hw *hw,
247 u8 *psaddr; 247 u8 *psaddr;
248 __le16 fc; 248 __le16 fc;
249 u16 type; 249 u16 type;
250 bool packet_matchbssid, packet_toself, packet_beacon; 250 bool packet_matchbssid, packet_toself, packet_beacon = false;
251 251
252 tmp_buf = skb->data + pstatus->rx_drvinfo_size + pstatus->rx_bufshift; 252 tmp_buf = skb->data + pstatus->rx_drvinfo_size + pstatus->rx_bufshift;
253 253
@@ -387,6 +387,11 @@ void rtl8723ae_tx_fill_desc(struct ieee80211_hw *hw,
387 PCI_DMA_TODEVICE); 387 PCI_DMA_TODEVICE);
388 u8 bw_40 = 0; 388 u8 bw_40 = 0;
389 389
390 if (pci_dma_mapping_error(rtlpci->pdev, mapping)) {
391 RT_TRACE(rtlpriv, COMP_SEND, DBG_TRACE,
392 "DMA mapping error");
393 return;
394 }
390 if (mac->opmode == NL80211_IFTYPE_STATION) { 395 if (mac->opmode == NL80211_IFTYPE_STATION) {
391 bw_40 = mac->bw_40; 396 bw_40 = mac->bw_40;
392 } else if (mac->opmode == NL80211_IFTYPE_AP || 397 } else if (mac->opmode == NL80211_IFTYPE_AP ||
@@ -542,6 +547,11 @@ void rtl8723ae_tx_fill_cmddesc(struct ieee80211_hw *hw,
542 PCI_DMA_TODEVICE); 547 PCI_DMA_TODEVICE);
543 __le16 fc = hdr->frame_control; 548 __le16 fc = hdr->frame_control;
544 549
550 if (pci_dma_mapping_error(rtlpci->pdev, mapping)) {
551 RT_TRACE(rtlpriv, COMP_SEND, DBG_TRACE,
552 "DMA mapping error");
553 return;
554 }
545 CLEAR_PCI_TX_DESC_CONTENT(pdesc, TX_DESC_SIZE); 555 CLEAR_PCI_TX_DESC_CONTENT(pdesc, TX_DESC_SIZE);
546 556
547 if (firstseg) 557 if (firstseg)
diff --git a/drivers/net/wireless/rtlwifi/usb.c b/drivers/net/wireless/rtlwifi/usb.c
index 29f0969e4ba0..f2ecdeb3a90d 100644
--- a/drivers/net/wireless/rtlwifi/usb.c
+++ b/drivers/net/wireless/rtlwifi/usb.c
@@ -210,17 +210,16 @@ static void _usb_writeN_sync(struct rtl_priv *rtlpriv, u32 addr, void *data,
210 u16 index = REALTEK_USB_VENQT_CMD_IDX; 210 u16 index = REALTEK_USB_VENQT_CMD_IDX;
211 int pipe = usb_sndctrlpipe(udev, 0); /* write_out */ 211 int pipe = usb_sndctrlpipe(udev, 0); /* write_out */
212 u8 *buffer; 212 u8 *buffer;
213 dma_addr_t dma_addr;
214 213
215 wvalue = (u16)(addr&0x0000ffff); 214 wvalue = (u16)(addr & 0x0000ffff);
216 buffer = usb_alloc_coherent(udev, (size_t)len, GFP_ATOMIC, &dma_addr); 215 buffer = kmalloc(len, GFP_ATOMIC);
217 if (!buffer) 216 if (!buffer)
218 return; 217 return;
219 memcpy(buffer, data, len); 218 memcpy(buffer, data, len);
220 usb_control_msg(udev, pipe, request, reqtype, wvalue, 219 usb_control_msg(udev, pipe, request, reqtype, wvalue,
221 index, buffer, len, 50); 220 index, buffer, len, 50);
222 221
223 usb_free_coherent(udev, (size_t)len, buffer, dma_addr); 222 kfree(buffer);
224} 223}
225 224
226static void _rtl_usb_io_handler_init(struct device *dev, 225static void _rtl_usb_io_handler_init(struct device *dev,
@@ -640,6 +639,7 @@ static int _rtl_usb_receive(struct ieee80211_hw *hw)
640 RT_TRACE(rtlpriv, COMP_USB, DBG_EMERG, 639 RT_TRACE(rtlpriv, COMP_USB, DBG_EMERG,
641 "Failed to prep_rx_urb!!\n"); 640 "Failed to prep_rx_urb!!\n");
642 err = PTR_ERR(skb); 641 err = PTR_ERR(skb);
642 usb_free_urb(urb);
643 goto err_out; 643 goto err_out;
644 } 644 }
645 645
diff --git a/drivers/net/wireless/ti/wl1251/Kconfig b/drivers/net/wireless/ti/wl1251/Kconfig
index 1fb65849414f..8fec4ed36ac2 100644
--- a/drivers/net/wireless/ti/wl1251/Kconfig
+++ b/drivers/net/wireless/ti/wl1251/Kconfig
@@ -1,6 +1,6 @@
1menuconfig WL1251 1menuconfig WL1251
2 tristate "TI wl1251 driver support" 2 tristate "TI wl1251 driver support"
3 depends on MAC80211 && EXPERIMENTAL && GENERIC_HARDIRQS 3 depends on MAC80211 && GENERIC_HARDIRQS
4 select FW_LOADER 4 select FW_LOADER
5 select CRC7 5 select CRC7
6 ---help--- 6 ---help---
diff --git a/drivers/net/wireless/ti/wl12xx/Makefile b/drivers/net/wireless/ti/wl12xx/Makefile
index da509aa7d009..e6a24056b3c8 100644
--- a/drivers/net/wireless/ti/wl12xx/Makefile
+++ b/drivers/net/wireless/ti/wl12xx/Makefile
@@ -1,3 +1,3 @@
1wl12xx-objs = main.o cmd.o acx.o debugfs.o 1wl12xx-objs = main.o cmd.o acx.o debugfs.o scan.o event.o
2 2
3obj-$(CONFIG_WL12XX) += wl12xx.o 3obj-$(CONFIG_WL12XX) += wl12xx.o
diff --git a/drivers/net/wireless/ti/wl12xx/cmd.c b/drivers/net/wireless/ti/wl12xx/cmd.c
index 622206241e83..7dc9f965037d 100644
--- a/drivers/net/wireless/ti/wl12xx/cmd.c
+++ b/drivers/net/wireless/ti/wl12xx/cmd.c
@@ -284,3 +284,40 @@ int wl128x_cmd_radio_parms(struct wl1271 *wl)
284 kfree(radio_parms); 284 kfree(radio_parms);
285 return ret; 285 return ret;
286} 286}
287
288int wl12xx_cmd_channel_switch(struct wl1271 *wl,
289 struct wl12xx_vif *wlvif,
290 struct ieee80211_channel_switch *ch_switch)
291{
292 struct wl12xx_cmd_channel_switch *cmd;
293 int ret;
294
295 wl1271_debug(DEBUG_ACX, "cmd channel switch");
296
297 cmd = kzalloc(sizeof(*cmd), GFP_KERNEL);
298 if (!cmd) {
299 ret = -ENOMEM;
300 goto out;
301 }
302
303 cmd->role_id = wlvif->role_id;
304 cmd->channel = ch_switch->channel->hw_value;
305 cmd->switch_time = ch_switch->count;
306 cmd->stop_tx = ch_switch->block_tx;
307
308 /* FIXME: control from mac80211 in the future */
309 /* Enable TX on the target channel */
310 cmd->post_switch_tx_disable = 0;
311
312 ret = wl1271_cmd_send(wl, CMD_CHANNEL_SWITCH, cmd, sizeof(*cmd), 0);
313 if (ret < 0) {
314 wl1271_error("failed to send channel switch command");
315 goto out_free;
316 }
317
318out_free:
319 kfree(cmd);
320
321out:
322 return ret;
323}
diff --git a/drivers/net/wireless/ti/wl12xx/cmd.h b/drivers/net/wireless/ti/wl12xx/cmd.h
index 140a0e8829d5..32cbad54e993 100644
--- a/drivers/net/wireless/ti/wl12xx/cmd.h
+++ b/drivers/net/wireless/ti/wl12xx/cmd.h
@@ -103,10 +103,30 @@ struct wl1271_ext_radio_parms_cmd {
103 u8 padding[3]; 103 u8 padding[3];
104} __packed; 104} __packed;
105 105
106struct wl12xx_cmd_channel_switch {
107 struct wl1271_cmd_header header;
108
109 u8 role_id;
110
111 /* The new serving channel */
112 u8 channel;
113 /* Relative time of the serving channel switch in TBTT units */
114 u8 switch_time;
115 /* Stop the role TX, should expect it after radar detection */
116 u8 stop_tx;
117 /* The target channel tx status 1-stopped 0-open*/
118 u8 post_switch_tx_disable;
119
120 u8 padding[3];
121} __packed;
122
106int wl1271_cmd_general_parms(struct wl1271 *wl); 123int wl1271_cmd_general_parms(struct wl1271 *wl);
107int wl128x_cmd_general_parms(struct wl1271 *wl); 124int wl128x_cmd_general_parms(struct wl1271 *wl);
108int wl1271_cmd_radio_parms(struct wl1271 *wl); 125int wl1271_cmd_radio_parms(struct wl1271 *wl);
109int wl128x_cmd_radio_parms(struct wl1271 *wl); 126int wl128x_cmd_radio_parms(struct wl1271 *wl);
110int wl1271_cmd_ext_radio_parms(struct wl1271 *wl); 127int wl1271_cmd_ext_radio_parms(struct wl1271 *wl);
128int wl12xx_cmd_channel_switch(struct wl1271 *wl,
129 struct wl12xx_vif *wlvif,
130 struct ieee80211_channel_switch *ch_switch);
111 131
112#endif /* __WL12XX_CMD_H__ */ 132#endif /* __WL12XX_CMD_H__ */
diff --git a/drivers/net/wireless/ti/wl12xx/event.c b/drivers/net/wireless/ti/wl12xx/event.c
new file mode 100644
index 000000000000..6ac0ed751da8
--- /dev/null
+++ b/drivers/net/wireless/ti/wl12xx/event.c
@@ -0,0 +1,116 @@
1/*
2 * This file is part of wl12xx
3 *
4 * Copyright (C) 2012 Texas Instruments. All rights reserved.
5 *
6 * This program is free software; you can redistribute it and/or
7 * modify it under the terms of the GNU General Public License
8 * version 2 as published by the Free Software Foundation.
9 *
10 * This program is distributed in the hope that it will be useful, but
11 * WITHOUT ANY WARRANTY; without even the implied warranty of
12 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
13 * General Public License for more details.
14 *
15 * You should have received a copy of the GNU General Public License
16 * along with this program; if not, write to the Free Software
17 * Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA
18 * 02110-1301 USA
19 *
20 */
21
22#include "event.h"
23#include "scan.h"
24#include "../wlcore/cmd.h"
25#include "../wlcore/debug.h"
26
27int wl12xx_wait_for_event(struct wl1271 *wl, enum wlcore_wait_event event,
28 bool *timeout)
29{
30 u32 local_event;
31
32 switch (event) {
33 case WLCORE_EVENT_ROLE_STOP_COMPLETE:
34 local_event = ROLE_STOP_COMPLETE_EVENT_ID;
35 break;
36
37 case WLCORE_EVENT_PEER_REMOVE_COMPLETE:
38 local_event = PEER_REMOVE_COMPLETE_EVENT_ID;
39 break;
40
41 default:
42 /* event not implemented */
43 return 0;
44 }
45 return wlcore_cmd_wait_for_event_or_timeout(wl, local_event, timeout);
46}
47
48int wl12xx_process_mailbox_events(struct wl1271 *wl)
49{
50 struct wl12xx_event_mailbox *mbox = wl->mbox;
51 u32 vector;
52
53
54 vector = le32_to_cpu(mbox->events_vector);
55 vector &= ~(le32_to_cpu(mbox->events_mask));
56
57 wl1271_debug(DEBUG_EVENT, "MBOX vector: 0x%x", vector);
58
59 if (vector & SCAN_COMPLETE_EVENT_ID) {
60 wl1271_debug(DEBUG_EVENT, "status: 0x%x",
61 mbox->scheduled_scan_status);
62
63 if (wl->scan_wlvif)
64 wl12xx_scan_completed(wl, wl->scan_wlvif);
65 }
66
67 if (vector & PERIODIC_SCAN_REPORT_EVENT_ID) {
68 wl1271_debug(DEBUG_EVENT,
69 "PERIODIC_SCAN_REPORT_EVENT (status 0x%0x)",
70 mbox->scheduled_scan_status);
71
72 wlcore_scan_sched_scan_results(wl);
73 }
74
75 if (vector & PERIODIC_SCAN_COMPLETE_EVENT_ID)
76 wlcore_event_sched_scan_completed(wl,
77 mbox->scheduled_scan_status);
78 if (vector & SOFT_GEMINI_SENSE_EVENT_ID)
79 wlcore_event_soft_gemini_sense(wl,
80 mbox->soft_gemini_sense_info);
81
82 if (vector & BSS_LOSE_EVENT_ID)
83 wlcore_event_beacon_loss(wl, 0xff);
84
85 if (vector & RSSI_SNR_TRIGGER_0_EVENT_ID)
86 wlcore_event_rssi_trigger(wl, mbox->rssi_snr_trigger_metric);
87
88 if (vector & BA_SESSION_RX_CONSTRAINT_EVENT_ID)
89 wlcore_event_ba_rx_constraint(wl,
90 BIT(mbox->role_id),
91 mbox->rx_ba_allowed);
92
93 if (vector & CHANNEL_SWITCH_COMPLETE_EVENT_ID)
94 wlcore_event_channel_switch(wl, 0xff,
95 mbox->channel_switch_status);
96
97 if (vector & DUMMY_PACKET_EVENT_ID)
98 wlcore_event_dummy_packet(wl);
99
100 /*
101 * "TX retries exceeded" has a different meaning according to mode.
102 * In AP mode the offending station is disconnected.
103 */
104 if (vector & MAX_TX_RETRY_EVENT_ID)
105 wlcore_event_max_tx_failure(wl,
106 le16_to_cpu(mbox->sta_tx_retry_exceeded));
107
108 if (vector & INACTIVE_STA_EVENT_ID)
109 wlcore_event_inactive_sta(wl,
110 le16_to_cpu(mbox->sta_aging_status));
111
112 if (vector & REMAIN_ON_CHANNEL_COMPLETE_EVENT_ID)
113 wlcore_event_roc_complete(wl);
114
115 return 0;
116}
diff --git a/drivers/net/wireless/ti/wl12xx/event.h b/drivers/net/wireless/ti/wl12xx/event.h
new file mode 100644
index 000000000000..a5cc3fcd9eea
--- /dev/null
+++ b/drivers/net/wireless/ti/wl12xx/event.h
@@ -0,0 +1,111 @@
1/*
2 * This file is part of wl12xx
3 *
4 * Copyright (C) 2012 Texas Instruments. All rights reserved.
5 *
6 * This program is free software; you can redistribute it and/or
7 * modify it under the terms of the GNU General Public License
8 * version 2 as published by the Free Software Foundation.
9 *
10 * This program is distributed in the hope that it will be useful, but
11 * WITHOUT ANY WARRANTY; without even the implied warranty of
12 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
13 * General Public License for more details.
14 *
15 * You should have received a copy of the GNU General Public License
16 * along with this program; if not, write to the Free Software
17 * Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA
18 * 02110-1301 USA
19 *
20 */
21
22#ifndef __WL12XX_EVENT_H__
23#define __WL12XX_EVENT_H__
24
25#include "../wlcore/wlcore.h"
26
27enum {
28 MEASUREMENT_START_EVENT_ID = BIT(8),
29 MEASUREMENT_COMPLETE_EVENT_ID = BIT(9),
30 SCAN_COMPLETE_EVENT_ID = BIT(10),
31 WFD_DISCOVERY_COMPLETE_EVENT_ID = BIT(11),
32 AP_DISCOVERY_COMPLETE_EVENT_ID = BIT(12),
33 RESERVED1 = BIT(13),
34 PSPOLL_DELIVERY_FAILURE_EVENT_ID = BIT(14),
35 ROLE_STOP_COMPLETE_EVENT_ID = BIT(15),
36 RADAR_DETECTED_EVENT_ID = BIT(16),
37 CHANNEL_SWITCH_COMPLETE_EVENT_ID = BIT(17),
38 BSS_LOSE_EVENT_ID = BIT(18),
39 REGAINED_BSS_EVENT_ID = BIT(19),
40 MAX_TX_RETRY_EVENT_ID = BIT(20),
41 DUMMY_PACKET_EVENT_ID = BIT(21),
42 SOFT_GEMINI_SENSE_EVENT_ID = BIT(22),
43 CHANGE_AUTO_MODE_TIMEOUT_EVENT_ID = BIT(23),
44 SOFT_GEMINI_AVALANCHE_EVENT_ID = BIT(24),
45 PLT_RX_CALIBRATION_COMPLETE_EVENT_ID = BIT(25),
46 INACTIVE_STA_EVENT_ID = BIT(26),
47 PEER_REMOVE_COMPLETE_EVENT_ID = BIT(27),
48 PERIODIC_SCAN_COMPLETE_EVENT_ID = BIT(28),
49 PERIODIC_SCAN_REPORT_EVENT_ID = BIT(29),
50 BA_SESSION_RX_CONSTRAINT_EVENT_ID = BIT(30),
51 REMAIN_ON_CHANNEL_COMPLETE_EVENT_ID = BIT(31),
52};
53
54struct wl12xx_event_mailbox {
55 __le32 events_vector;
56 __le32 events_mask;
57 __le32 reserved_1;
58 __le32 reserved_2;
59
60 u8 number_of_scan_results;
61 u8 scan_tag;
62 u8 completed_scan_status;
63 u8 reserved_3;
64
65 u8 soft_gemini_sense_info;
66 u8 soft_gemini_protective_info;
67 s8 rssi_snr_trigger_metric[NUM_OF_RSSI_SNR_TRIGGERS];
68 u8 change_auto_mode_timeout;
69 u8 scheduled_scan_status;
70 u8 reserved4;
71 /* tuned channel (roc) */
72 u8 roc_channel;
73
74 __le16 hlid_removed_bitmap;
75
76 /* bitmap of aged stations (by HLID) */
77 __le16 sta_aging_status;
78
79 /* bitmap of stations (by HLID) which exceeded max tx retries */
80 __le16 sta_tx_retry_exceeded;
81
82 /* discovery completed results */
83 u8 discovery_tag;
84 u8 number_of_preq_results;
85 u8 number_of_prsp_results;
86 u8 reserved_5;
87
88 /* rx ba constraint */
89 u8 role_id; /* 0xFF means any role. */
90 u8 rx_ba_allowed;
91 u8 reserved_6[2];
92
93 /* Channel switch results */
94
95 u8 channel_switch_role_id;
96 u8 channel_switch_status;
97 u8 reserved_7[2];
98
99 u8 ps_poll_delivery_failure_role_ids;
100 u8 stopped_role_ids;
101 u8 started_role_ids;
102
103 u8 reserved_8[9];
104} __packed;
105
106int wl12xx_wait_for_event(struct wl1271 *wl, enum wlcore_wait_event event,
107 bool *timeout);
108int wl12xx_process_mailbox_events(struct wl1271 *wl);
109
110#endif
111
diff --git a/drivers/net/wireless/ti/wl12xx/main.c b/drivers/net/wireless/ti/wl12xx/main.c
index e5f5f8f39144..3254bfc81a2a 100644
--- a/drivers/net/wireless/ti/wl12xx/main.c
+++ b/drivers/net/wireless/ti/wl12xx/main.c
@@ -38,6 +38,8 @@
38#include "reg.h" 38#include "reg.h"
39#include "cmd.h" 39#include "cmd.h"
40#include "acx.h" 40#include "acx.h"
41#include "scan.h"
42#include "event.h"
41#include "debugfs.h" 43#include "debugfs.h"
42 44
43static char *fref_param; 45static char *fref_param;
@@ -208,6 +210,8 @@ static struct wlcore_conf wl12xx_conf = {
208 .tmpl_short_retry_limit = 10, 210 .tmpl_short_retry_limit = 10,
209 .tmpl_long_retry_limit = 10, 211 .tmpl_long_retry_limit = 10,
210 .tx_watchdog_timeout = 5000, 212 .tx_watchdog_timeout = 5000,
213 .slow_link_thold = 3,
214 .fast_link_thold = 10,
211 }, 215 },
212 .conn = { 216 .conn = {
213 .wake_up_event = CONF_WAKE_UP_EVENT_DTIM, 217 .wake_up_event = CONF_WAKE_UP_EVENT_DTIM,
@@ -265,8 +269,10 @@ static struct wlcore_conf wl12xx_conf = {
265 .scan = { 269 .scan = {
266 .min_dwell_time_active = 7500, 270 .min_dwell_time_active = 7500,
267 .max_dwell_time_active = 30000, 271 .max_dwell_time_active = 30000,
268 .min_dwell_time_passive = 100000, 272 .min_dwell_time_active_long = 25000,
269 .max_dwell_time_passive = 100000, 273 .max_dwell_time_active_long = 50000,
274 .dwell_time_passive = 100000,
275 .dwell_time_dfs = 150000,
270 .num_probe_reqs = 2, 276 .num_probe_reqs = 2,
271 .split_scan_timeout = 50000, 277 .split_scan_timeout = 50000,
272 }, 278 },
@@ -368,6 +374,10 @@ static struct wlcore_conf wl12xx_conf = {
368 .increase_time = 1, 374 .increase_time = 1,
369 .window_size = 16, 375 .window_size = 16,
370 }, 376 },
377 .recovery = {
378 .bug_on_recovery = 0,
379 .no_recovery = 0,
380 },
371}; 381};
372 382
373static struct wl12xx_priv_conf wl12xx_default_priv_conf = { 383static struct wl12xx_priv_conf wl12xx_default_priv_conf = {
@@ -601,9 +611,9 @@ static int wl127x_prepare_read(struct wl1271 *wl, u32 rx_desc, u32 len)
601{ 611{
602 int ret; 612 int ret;
603 613
604 if (wl->chip.id != CHIP_ID_1283_PG20) { 614 if (wl->chip.id != CHIP_ID_128X_PG20) {
605 struct wl1271_acx_mem_map *wl_mem_map = wl->target_mem_map; 615 struct wl1271_acx_mem_map *wl_mem_map = wl->target_mem_map;
606 struct wl127x_rx_mem_pool_addr rx_mem_addr; 616 struct wl12xx_priv *priv = wl->priv;
607 617
608 /* 618 /*
609 * Choose the block we want to read 619 * Choose the block we want to read
@@ -612,13 +622,13 @@ static int wl127x_prepare_read(struct wl1271 *wl, u32 rx_desc, u32 len)
612 */ 622 */
613 u32 mem_block = rx_desc & RX_MEM_BLOCK_MASK; 623 u32 mem_block = rx_desc & RX_MEM_BLOCK_MASK;
614 624
615 rx_mem_addr.addr = (mem_block << 8) + 625 priv->rx_mem_addr->addr = (mem_block << 8) +
616 le32_to_cpu(wl_mem_map->packet_memory_pool_start); 626 le32_to_cpu(wl_mem_map->packet_memory_pool_start);
617 627
618 rx_mem_addr.addr_extra = rx_mem_addr.addr + 4; 628 priv->rx_mem_addr->addr_extra = priv->rx_mem_addr->addr + 4;
619 629
620 ret = wlcore_write(wl, WL1271_SLV_REG_DATA, &rx_mem_addr, 630 ret = wlcore_write(wl, WL1271_SLV_REG_DATA, priv->rx_mem_addr,
621 sizeof(rx_mem_addr), false); 631 sizeof(*priv->rx_mem_addr), false);
622 if (ret < 0) 632 if (ret < 0)
623 return ret; 633 return ret;
624 } 634 }
@@ -631,13 +641,15 @@ static int wl12xx_identify_chip(struct wl1271 *wl)
631 int ret = 0; 641 int ret = 0;
632 642
633 switch (wl->chip.id) { 643 switch (wl->chip.id) {
634 case CHIP_ID_1271_PG10: 644 case CHIP_ID_127X_PG10:
635 wl1271_warning("chip id 0x%x (1271 PG10) support is obsolete", 645 wl1271_warning("chip id 0x%x (1271 PG10) support is obsolete",
636 wl->chip.id); 646 wl->chip.id);
637 647
638 wl->quirks |= WLCORE_QUIRK_LEGACY_NVS | 648 wl->quirks |= WLCORE_QUIRK_LEGACY_NVS |
639 WLCORE_QUIRK_DUAL_PROBE_TMPL | 649 WLCORE_QUIRK_DUAL_PROBE_TMPL |
640 WLCORE_QUIRK_TKIP_HEADER_SPACE; 650 WLCORE_QUIRK_TKIP_HEADER_SPACE |
651 WLCORE_QUIRK_START_STA_FAILS |
652 WLCORE_QUIRK_AP_ZERO_SESSION_ID;
641 wl->sr_fw_name = WL127X_FW_NAME_SINGLE; 653 wl->sr_fw_name = WL127X_FW_NAME_SINGLE;
642 wl->mr_fw_name = WL127X_FW_NAME_MULTI; 654 wl->mr_fw_name = WL127X_FW_NAME_MULTI;
643 memcpy(&wl->conf.mem, &wl12xx_default_priv_conf.mem_wl127x, 655 memcpy(&wl->conf.mem, &wl12xx_default_priv_conf.mem_wl127x,
@@ -646,18 +658,22 @@ static int wl12xx_identify_chip(struct wl1271 *wl)
646 /* read data preparation is only needed by wl127x */ 658 /* read data preparation is only needed by wl127x */
647 wl->ops->prepare_read = wl127x_prepare_read; 659 wl->ops->prepare_read = wl127x_prepare_read;
648 660
649 wlcore_set_min_fw_ver(wl, WL127X_CHIP_VER, WL127X_IFTYPE_VER, 661 wlcore_set_min_fw_ver(wl, WL127X_CHIP_VER,
650 WL127X_MAJOR_VER, WL127X_SUBTYPE_VER, 662 WL127X_IFTYPE_SR_VER, WL127X_MAJOR_SR_VER,
651 WL127X_MINOR_VER); 663 WL127X_SUBTYPE_SR_VER, WL127X_MINOR_SR_VER,
664 WL127X_IFTYPE_MR_VER, WL127X_MAJOR_MR_VER,
665 WL127X_SUBTYPE_MR_VER, WL127X_MINOR_MR_VER);
652 break; 666 break;
653 667
654 case CHIP_ID_1271_PG20: 668 case CHIP_ID_127X_PG20:
655 wl1271_debug(DEBUG_BOOT, "chip id 0x%x (1271 PG20)", 669 wl1271_debug(DEBUG_BOOT, "chip id 0x%x (1271 PG20)",
656 wl->chip.id); 670 wl->chip.id);
657 671
658 wl->quirks |= WLCORE_QUIRK_LEGACY_NVS | 672 wl->quirks |= WLCORE_QUIRK_LEGACY_NVS |
659 WLCORE_QUIRK_DUAL_PROBE_TMPL | 673 WLCORE_QUIRK_DUAL_PROBE_TMPL |
660 WLCORE_QUIRK_TKIP_HEADER_SPACE; 674 WLCORE_QUIRK_TKIP_HEADER_SPACE |
675 WLCORE_QUIRK_START_STA_FAILS |
676 WLCORE_QUIRK_AP_ZERO_SESSION_ID;
661 wl->plt_fw_name = WL127X_PLT_FW_NAME; 677 wl->plt_fw_name = WL127X_PLT_FW_NAME;
662 wl->sr_fw_name = WL127X_FW_NAME_SINGLE; 678 wl->sr_fw_name = WL127X_FW_NAME_SINGLE;
663 wl->mr_fw_name = WL127X_FW_NAME_MULTI; 679 wl->mr_fw_name = WL127X_FW_NAME_MULTI;
@@ -667,12 +683,14 @@ static int wl12xx_identify_chip(struct wl1271 *wl)
667 /* read data preparation is only needed by wl127x */ 683 /* read data preparation is only needed by wl127x */
668 wl->ops->prepare_read = wl127x_prepare_read; 684 wl->ops->prepare_read = wl127x_prepare_read;
669 685
670 wlcore_set_min_fw_ver(wl, WL127X_CHIP_VER, WL127X_IFTYPE_VER, 686 wlcore_set_min_fw_ver(wl, WL127X_CHIP_VER,
671 WL127X_MAJOR_VER, WL127X_SUBTYPE_VER, 687 WL127X_IFTYPE_SR_VER, WL127X_MAJOR_SR_VER,
672 WL127X_MINOR_VER); 688 WL127X_SUBTYPE_SR_VER, WL127X_MINOR_SR_VER,
689 WL127X_IFTYPE_MR_VER, WL127X_MAJOR_MR_VER,
690 WL127X_SUBTYPE_MR_VER, WL127X_MINOR_MR_VER);
673 break; 691 break;
674 692
675 case CHIP_ID_1283_PG20: 693 case CHIP_ID_128X_PG20:
676 wl1271_debug(DEBUG_BOOT, "chip id 0x%x (1283 PG20)", 694 wl1271_debug(DEBUG_BOOT, "chip id 0x%x (1283 PG20)",
677 wl->chip.id); 695 wl->chip.id);
678 wl->plt_fw_name = WL128X_PLT_FW_NAME; 696 wl->plt_fw_name = WL128X_PLT_FW_NAME;
@@ -682,19 +700,29 @@ static int wl12xx_identify_chip(struct wl1271 *wl)
682 /* wl128x requires TX blocksize alignment */ 700 /* wl128x requires TX blocksize alignment */
683 wl->quirks |= WLCORE_QUIRK_TX_BLOCKSIZE_ALIGN | 701 wl->quirks |= WLCORE_QUIRK_TX_BLOCKSIZE_ALIGN |
684 WLCORE_QUIRK_DUAL_PROBE_TMPL | 702 WLCORE_QUIRK_DUAL_PROBE_TMPL |
685 WLCORE_QUIRK_TKIP_HEADER_SPACE; 703 WLCORE_QUIRK_TKIP_HEADER_SPACE |
686 704 WLCORE_QUIRK_START_STA_FAILS |
687 wlcore_set_min_fw_ver(wl, WL128X_CHIP_VER, WL128X_IFTYPE_VER, 705 WLCORE_QUIRK_AP_ZERO_SESSION_ID;
688 WL128X_MAJOR_VER, WL128X_SUBTYPE_VER, 706
689 WL128X_MINOR_VER); 707 wlcore_set_min_fw_ver(wl, WL128X_CHIP_VER,
708 WL128X_IFTYPE_SR_VER, WL128X_MAJOR_SR_VER,
709 WL128X_SUBTYPE_SR_VER, WL128X_MINOR_SR_VER,
710 WL128X_IFTYPE_MR_VER, WL128X_MAJOR_MR_VER,
711 WL128X_SUBTYPE_MR_VER, WL128X_MINOR_MR_VER);
690 break; 712 break;
691 case CHIP_ID_1283_PG10: 713 case CHIP_ID_128X_PG10:
692 default: 714 default:
693 wl1271_warning("unsupported chip id: 0x%x", wl->chip.id); 715 wl1271_warning("unsupported chip id: 0x%x", wl->chip.id);
694 ret = -ENODEV; 716 ret = -ENODEV;
695 goto out; 717 goto out;
696 } 718 }
697 719
720 /* common settings */
721 wl->scan_templ_id_2_4 = CMD_TEMPL_APP_PROBE_REQ_2_4_LEGACY;
722 wl->scan_templ_id_5 = CMD_TEMPL_APP_PROBE_REQ_5_LEGACY;
723 wl->sched_scan_templ_id_2_4 = CMD_TEMPL_CFG_PROBE_REQ_2_4;
724 wl->sched_scan_templ_id_5 = CMD_TEMPL_CFG_PROBE_REQ_5;
725 wl->max_channels_5 = WL12XX_MAX_CHANNELS_5GHZ;
698out: 726out:
699 return ret; 727 return ret;
700} 728}
@@ -1067,7 +1095,7 @@ static int wl12xx_pre_boot(struct wl1271 *wl)
1067 u32 clk; 1095 u32 clk;
1068 int selected_clock = -1; 1096 int selected_clock = -1;
1069 1097
1070 if (wl->chip.id == CHIP_ID_1283_PG20) { 1098 if (wl->chip.id == CHIP_ID_128X_PG20) {
1071 ret = wl128x_boot_clk(wl, &selected_clock); 1099 ret = wl128x_boot_clk(wl, &selected_clock);
1072 if (ret < 0) 1100 if (ret < 0)
1073 goto out; 1101 goto out;
@@ -1098,7 +1126,7 @@ static int wl12xx_pre_boot(struct wl1271 *wl)
1098 1126
1099 wl1271_debug(DEBUG_BOOT, "clk2 0x%x", clk); 1127 wl1271_debug(DEBUG_BOOT, "clk2 0x%x", clk);
1100 1128
1101 if (wl->chip.id == CHIP_ID_1283_PG20) 1129 if (wl->chip.id == CHIP_ID_128X_PG20)
1102 clk |= ((selected_clock & 0x3) << 1) << 4; 1130 clk |= ((selected_clock & 0x3) << 1) << 4;
1103 else 1131 else
1104 clk |= (priv->ref_clock << 1) << 4; 1132 clk |= (priv->ref_clock << 1) << 4;
@@ -1152,7 +1180,7 @@ static int wl12xx_pre_upload(struct wl1271 *wl)
1152 /* WL1271: The reference driver skips steps 7 to 10 (jumps directly 1180 /* WL1271: The reference driver skips steps 7 to 10 (jumps directly
1153 * to upload_fw) */ 1181 * to upload_fw) */
1154 1182
1155 if (wl->chip.id == CHIP_ID_1283_PG20) { 1183 if (wl->chip.id == CHIP_ID_128X_PG20) {
1156 ret = wl12xx_top_reg_write(wl, SDIO_IO_DS, HCI_IO_DS_6MA); 1184 ret = wl12xx_top_reg_write(wl, SDIO_IO_DS, HCI_IO_DS_6MA);
1157 if (ret < 0) 1185 if (ret < 0)
1158 goto out; 1186 goto out;
@@ -1219,6 +1247,23 @@ static int wl12xx_boot(struct wl1271 *wl)
1219 if (ret < 0) 1247 if (ret < 0)
1220 goto out; 1248 goto out;
1221 1249
1250 wl->event_mask = BSS_LOSE_EVENT_ID |
1251 REGAINED_BSS_EVENT_ID |
1252 SCAN_COMPLETE_EVENT_ID |
1253 ROLE_STOP_COMPLETE_EVENT_ID |
1254 RSSI_SNR_TRIGGER_0_EVENT_ID |
1255 PSPOLL_DELIVERY_FAILURE_EVENT_ID |
1256 SOFT_GEMINI_SENSE_EVENT_ID |
1257 PERIODIC_SCAN_REPORT_EVENT_ID |
1258 PERIODIC_SCAN_COMPLETE_EVENT_ID |
1259 DUMMY_PACKET_EVENT_ID |
1260 PEER_REMOVE_COMPLETE_EVENT_ID |
1261 BA_SESSION_RX_CONSTRAINT_EVENT_ID |
1262 REMAIN_ON_CHANNEL_COMPLETE_EVENT_ID |
1263 INACTIVE_STA_EVENT_ID |
1264 MAX_TX_RETRY_EVENT_ID |
1265 CHANNEL_SWITCH_COMPLETE_EVENT_ID;
1266
1222 ret = wlcore_boot_run_firmware(wl); 1267 ret = wlcore_boot_run_firmware(wl);
1223 if (ret < 0) 1268 if (ret < 0)
1224 goto out; 1269 goto out;
@@ -1261,7 +1306,7 @@ static void
1261wl12xx_set_tx_desc_blocks(struct wl1271 *wl, struct wl1271_tx_hw_descr *desc, 1306wl12xx_set_tx_desc_blocks(struct wl1271 *wl, struct wl1271_tx_hw_descr *desc,
1262 u32 blks, u32 spare_blks) 1307 u32 blks, u32 spare_blks)
1263{ 1308{
1264 if (wl->chip.id == CHIP_ID_1283_PG20) { 1309 if (wl->chip.id == CHIP_ID_128X_PG20) {
1265 desc->wl128x_mem.total_mem_blocks = blks; 1310 desc->wl128x_mem.total_mem_blocks = blks;
1266 } else { 1311 } else {
1267 desc->wl127x_mem.extra_blocks = spare_blks; 1312 desc->wl127x_mem.extra_blocks = spare_blks;
@@ -1275,7 +1320,7 @@ wl12xx_set_tx_desc_data_len(struct wl1271 *wl, struct wl1271_tx_hw_descr *desc,
1275{ 1320{
1276 u32 aligned_len = wlcore_calc_packet_alignment(wl, skb->len); 1321 u32 aligned_len = wlcore_calc_packet_alignment(wl, skb->len);
1277 1322
1278 if (wl->chip.id == CHIP_ID_1283_PG20) { 1323 if (wl->chip.id == CHIP_ID_128X_PG20) {
1279 desc->wl128x_mem.extra_bytes = aligned_len - skb->len; 1324 desc->wl128x_mem.extra_bytes = aligned_len - skb->len;
1280 desc->length = cpu_to_le16(aligned_len >> 2); 1325 desc->length = cpu_to_le16(aligned_len >> 2);
1281 1326
@@ -1339,7 +1384,7 @@ static int wl12xx_hw_init(struct wl1271 *wl)
1339{ 1384{
1340 int ret; 1385 int ret;
1341 1386
1342 if (wl->chip.id == CHIP_ID_1283_PG20) { 1387 if (wl->chip.id == CHIP_ID_128X_PG20) {
1343 u32 host_cfg_bitmap = HOST_IF_CFG_RX_FIFO_ENABLE; 1388 u32 host_cfg_bitmap = HOST_IF_CFG_RX_FIFO_ENABLE;
1344 1389
1345 ret = wl128x_cmd_general_parms(wl); 1390 ret = wl128x_cmd_general_parms(wl);
@@ -1394,22 +1439,6 @@ static u32 wl12xx_sta_get_ap_rate_mask(struct wl1271 *wl,
1394 return wlvif->rate_set; 1439 return wlvif->rate_set;
1395} 1440}
1396 1441
1397static int wl12xx_identify_fw(struct wl1271 *wl)
1398{
1399 unsigned int *fw_ver = wl->chip.fw_ver;
1400
1401 /* Only new station firmwares support routing fw logs to the host */
1402 if ((fw_ver[FW_VER_IF_TYPE] == FW_VER_IF_TYPE_STA) &&
1403 (fw_ver[FW_VER_MINOR] < FW_VER_MINOR_FWLOG_STA_MIN))
1404 wl->quirks |= WLCORE_QUIRK_FWLOG_NOT_IMPLEMENTED;
1405
1406 /* This feature is not yet supported for AP mode */
1407 if (fw_ver[FW_VER_IF_TYPE] == FW_VER_IF_TYPE_AP)
1408 wl->quirks |= WLCORE_QUIRK_FWLOG_NOT_IMPLEMENTED;
1409
1410 return 0;
1411}
1412
1413static void wl12xx_conf_init(struct wl1271 *wl) 1442static void wl12xx_conf_init(struct wl1271 *wl)
1414{ 1443{
1415 struct wl12xx_priv *priv = wl->priv; 1444 struct wl12xx_priv *priv = wl->priv;
@@ -1426,7 +1455,7 @@ static bool wl12xx_mac_in_fuse(struct wl1271 *wl)
1426 bool supported = false; 1455 bool supported = false;
1427 u8 major, minor; 1456 u8 major, minor;
1428 1457
1429 if (wl->chip.id == CHIP_ID_1283_PG20) { 1458 if (wl->chip.id == CHIP_ID_128X_PG20) {
1430 major = WL128X_PG_GET_MAJOR(wl->hw_pg_ver); 1459 major = WL128X_PG_GET_MAJOR(wl->hw_pg_ver);
1431 minor = WL128X_PG_GET_MINOR(wl->hw_pg_ver); 1460 minor = WL128X_PG_GET_MINOR(wl->hw_pg_ver);
1432 1461
@@ -1482,7 +1511,7 @@ static int wl12xx_get_pg_ver(struct wl1271 *wl, s8 *ver)
1482 u16 die_info; 1511 u16 die_info;
1483 int ret; 1512 int ret;
1484 1513
1485 if (wl->chip.id == CHIP_ID_1283_PG20) 1514 if (wl->chip.id == CHIP_ID_128X_PG20)
1486 ret = wl12xx_top_reg_read(wl, WL128X_REG_FUSE_DATA_2_1, 1515 ret = wl12xx_top_reg_read(wl, WL128X_REG_FUSE_DATA_2_1,
1487 &die_info); 1516 &die_info);
1488 else 1517 else
@@ -1589,16 +1618,46 @@ static int wl12xx_set_key(struct wl1271 *wl, enum set_key_cmd cmd,
1589 return wlcore_set_key(wl, cmd, vif, sta, key_conf); 1618 return wlcore_set_key(wl, cmd, vif, sta, key_conf);
1590} 1619}
1591 1620
1621static int wl12xx_set_peer_cap(struct wl1271 *wl,
1622 struct ieee80211_sta_ht_cap *ht_cap,
1623 bool allow_ht_operation,
1624 u32 rate_set, u8 hlid)
1625{
1626 return wl1271_acx_set_ht_capabilities(wl, ht_cap, allow_ht_operation,
1627 hlid);
1628}
1629
1630static bool wl12xx_lnk_high_prio(struct wl1271 *wl, u8 hlid,
1631 struct wl1271_link *lnk)
1632{
1633 u8 thold;
1634
1635 if (test_bit(hlid, (unsigned long *)&wl->fw_fast_lnk_map))
1636 thold = wl->conf.tx.fast_link_thold;
1637 else
1638 thold = wl->conf.tx.slow_link_thold;
1639
1640 return lnk->allocated_pkts < thold;
1641}
1642
1643static bool wl12xx_lnk_low_prio(struct wl1271 *wl, u8 hlid,
1644 struct wl1271_link *lnk)
1645{
1646 /* any link is good for low priority */
1647 return true;
1648}
1649
1592static int wl12xx_setup(struct wl1271 *wl); 1650static int wl12xx_setup(struct wl1271 *wl);
1593 1651
1594static struct wlcore_ops wl12xx_ops = { 1652static struct wlcore_ops wl12xx_ops = {
1595 .setup = wl12xx_setup, 1653 .setup = wl12xx_setup,
1596 .identify_chip = wl12xx_identify_chip, 1654 .identify_chip = wl12xx_identify_chip,
1597 .identify_fw = wl12xx_identify_fw,
1598 .boot = wl12xx_boot, 1655 .boot = wl12xx_boot,
1599 .plt_init = wl12xx_plt_init, 1656 .plt_init = wl12xx_plt_init,
1600 .trigger_cmd = wl12xx_trigger_cmd, 1657 .trigger_cmd = wl12xx_trigger_cmd,
1601 .ack_event = wl12xx_ack_event, 1658 .ack_event = wl12xx_ack_event,
1659 .wait_for_event = wl12xx_wait_for_event,
1660 .process_mailbox_events = wl12xx_process_mailbox_events,
1602 .calc_tx_blocks = wl12xx_calc_tx_blocks, 1661 .calc_tx_blocks = wl12xx_calc_tx_blocks,
1603 .set_tx_desc_blocks = wl12xx_set_tx_desc_blocks, 1662 .set_tx_desc_blocks = wl12xx_set_tx_desc_blocks,
1604 .set_tx_desc_data_len = wl12xx_set_tx_desc_data_len, 1663 .set_tx_desc_data_len = wl12xx_set_tx_desc_data_len,
@@ -1615,9 +1674,17 @@ static struct wlcore_ops wl12xx_ops = {
1615 .set_rx_csum = NULL, 1674 .set_rx_csum = NULL,
1616 .ap_get_mimo_wide_rate_mask = NULL, 1675 .ap_get_mimo_wide_rate_mask = NULL,
1617 .debugfs_init = wl12xx_debugfs_add_files, 1676 .debugfs_init = wl12xx_debugfs_add_files,
1677 .scan_start = wl12xx_scan_start,
1678 .scan_stop = wl12xx_scan_stop,
1679 .sched_scan_start = wl12xx_sched_scan_start,
1680 .sched_scan_stop = wl12xx_scan_sched_scan_stop,
1618 .get_spare_blocks = wl12xx_get_spare_blocks, 1681 .get_spare_blocks = wl12xx_get_spare_blocks,
1619 .set_key = wl12xx_set_key, 1682 .set_key = wl12xx_set_key,
1683 .channel_switch = wl12xx_cmd_channel_switch,
1620 .pre_pkt_send = NULL, 1684 .pre_pkt_send = NULL,
1685 .set_peer_cap = wl12xx_set_peer_cap,
1686 .lnk_high_prio = wl12xx_lnk_high_prio,
1687 .lnk_low_prio = wl12xx_lnk_low_prio,
1621}; 1688};
1622 1689
1623static struct ieee80211_sta_ht_cap wl12xx_ht_cap = { 1690static struct ieee80211_sta_ht_cap wl12xx_ht_cap = {
@@ -1641,6 +1708,7 @@ static int wl12xx_setup(struct wl1271 *wl)
1641 wl->rtable = wl12xx_rtable; 1708 wl->rtable = wl12xx_rtable;
1642 wl->num_tx_desc = WL12XX_NUM_TX_DESCRIPTORS; 1709 wl->num_tx_desc = WL12XX_NUM_TX_DESCRIPTORS;
1643 wl->num_rx_desc = WL12XX_NUM_RX_DESCRIPTORS; 1710 wl->num_rx_desc = WL12XX_NUM_RX_DESCRIPTORS;
1711 wl->num_channels = 1;
1644 wl->num_mac_addr = WL12XX_NUM_MAC_ADDRESSES; 1712 wl->num_mac_addr = WL12XX_NUM_MAC_ADDRESSES;
1645 wl->band_rate_to_idx = wl12xx_band_rate_to_idx; 1713 wl->band_rate_to_idx = wl12xx_band_rate_to_idx;
1646 wl->hw_tx_rate_tbl_size = WL12XX_CONF_HW_RXTX_RATE_MAX; 1714 wl->hw_tx_rate_tbl_size = WL12XX_CONF_HW_RXTX_RATE_MAX;
@@ -1693,6 +1761,10 @@ static int wl12xx_setup(struct wl1271 *wl)
1693 wl1271_error("Invalid tcxo parameter %s", tcxo_param); 1761 wl1271_error("Invalid tcxo parameter %s", tcxo_param);
1694 } 1762 }
1695 1763
1764 priv->rx_mem_addr = kmalloc(sizeof(*priv->rx_mem_addr), GFP_KERNEL);
1765 if (!priv->rx_mem_addr)
1766 return -ENOMEM;
1767
1696 return 0; 1768 return 0;
1697} 1769}
1698 1770
@@ -1703,7 +1775,8 @@ static int wl12xx_probe(struct platform_device *pdev)
1703 int ret; 1775 int ret;
1704 1776
1705 hw = wlcore_alloc_hw(sizeof(struct wl12xx_priv), 1777 hw = wlcore_alloc_hw(sizeof(struct wl12xx_priv),
1706 WL12XX_AGGR_BUFFER_SIZE); 1778 WL12XX_AGGR_BUFFER_SIZE,
1779 sizeof(struct wl12xx_event_mailbox));
1707 if (IS_ERR(hw)) { 1780 if (IS_ERR(hw)) {
1708 wl1271_error("can't allocate hw"); 1781 wl1271_error("can't allocate hw");
1709 ret = PTR_ERR(hw); 1782 ret = PTR_ERR(hw);
@@ -1725,6 +1798,21 @@ out:
1725 return ret; 1798 return ret;
1726} 1799}
1727 1800
1801static int wl12xx_remove(struct platform_device *pdev)
1802{
1803 struct wl1271 *wl = platform_get_drvdata(pdev);
1804 struct wl12xx_priv *priv;
1805
1806 if (!wl)
1807 goto out;
1808 priv = wl->priv;
1809
1810 kfree(priv->rx_mem_addr);
1811
1812out:
1813 return wlcore_remove(pdev);
1814}
1815
1728static const struct platform_device_id wl12xx_id_table[] = { 1816static const struct platform_device_id wl12xx_id_table[] = {
1729 { "wl12xx", 0 }, 1817 { "wl12xx", 0 },
1730 { } /* Terminating Entry */ 1818 { } /* Terminating Entry */
@@ -1733,7 +1821,7 @@ MODULE_DEVICE_TABLE(platform, wl12xx_id_table);
1733 1821
1734static struct platform_driver wl12xx_driver = { 1822static struct platform_driver wl12xx_driver = {
1735 .probe = wl12xx_probe, 1823 .probe = wl12xx_probe,
1736 .remove = wlcore_remove, 1824 .remove = wl12xx_remove,
1737 .id_table = wl12xx_id_table, 1825 .id_table = wl12xx_id_table,
1738 .driver = { 1826 .driver = {
1739 .name = "wl12xx_driver", 1827 .name = "wl12xx_driver",
diff --git a/drivers/net/wireless/ti/wl12xx/scan.c b/drivers/net/wireless/ti/wl12xx/scan.c
new file mode 100644
index 000000000000..affdb3ec6225
--- /dev/null
+++ b/drivers/net/wireless/ti/wl12xx/scan.c
@@ -0,0 +1,501 @@
1/*
2 * This file is part of wl12xx
3 *
4 * Copyright (C) 2012 Texas Instruments. All rights reserved.
5 *
6 * This program is free software; you can redistribute it and/or
7 * modify it under the terms of the GNU General Public License
8 * version 2 as published by the Free Software Foundation.
9 *
10 * This program is distributed in the hope that it will be useful, but
11 * WITHOUT ANY WARRANTY; without even the implied warranty of
12 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
13 * General Public License for more details.
14 *
15 * You should have received a copy of the GNU General Public License
16 * along with this program; if not, write to the Free Software
17 * Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA
18 * 02110-1301 USA
19 *
20 */
21
22#include <linux/ieee80211.h>
23#include "scan.h"
24#include "../wlcore/debug.h"
25#include "../wlcore/tx.h"
26
27static int wl1271_get_scan_channels(struct wl1271 *wl,
28 struct cfg80211_scan_request *req,
29 struct basic_scan_channel_params *channels,
30 enum ieee80211_band band, bool passive)
31{
32 struct conf_scan_settings *c = &wl->conf.scan;
33 int i, j;
34 u32 flags;
35
36 for (i = 0, j = 0;
37 i < req->n_channels && j < WL1271_SCAN_MAX_CHANNELS;
38 i++) {
39 flags = req->channels[i]->flags;
40
41 if (!test_bit(i, wl->scan.scanned_ch) &&
42 !(flags & IEEE80211_CHAN_DISABLED) &&
43 (req->channels[i]->band == band) &&
44 /*
45 * In passive scans, we scan all remaining
46 * channels, even if not marked as such.
47 * In active scans, we only scan channels not
48 * marked as passive.
49 */
50 (passive || !(flags & IEEE80211_CHAN_PASSIVE_SCAN))) {
51 wl1271_debug(DEBUG_SCAN, "band %d, center_freq %d ",
52 req->channels[i]->band,
53 req->channels[i]->center_freq);
54 wl1271_debug(DEBUG_SCAN, "hw_value %d, flags %X",
55 req->channels[i]->hw_value,
56 req->channels[i]->flags);
57 wl1271_debug(DEBUG_SCAN,
58 "max_antenna_gain %d, max_power %d",
59 req->channels[i]->max_antenna_gain,
60 req->channels[i]->max_power);
61 wl1271_debug(DEBUG_SCAN, "beacon_found %d",
62 req->channels[i]->beacon_found);
63
64 if (!passive) {
65 channels[j].min_duration =
66 cpu_to_le32(c->min_dwell_time_active);
67 channels[j].max_duration =
68 cpu_to_le32(c->max_dwell_time_active);
69 } else {
70 channels[j].min_duration =
71 cpu_to_le32(c->dwell_time_passive);
72 channels[j].max_duration =
73 cpu_to_le32(c->dwell_time_passive);
74 }
75 channels[j].early_termination = 0;
76 channels[j].tx_power_att = req->channels[i]->max_power;
77 channels[j].channel = req->channels[i]->hw_value;
78
79 memset(&channels[j].bssid_lsb, 0xff, 4);
80 memset(&channels[j].bssid_msb, 0xff, 2);
81
82 /* Mark the channels we already used */
83 set_bit(i, wl->scan.scanned_ch);
84
85 j++;
86 }
87 }
88
89 return j;
90}
91
92#define WL1271_NOTHING_TO_SCAN 1
93
94static int wl1271_scan_send(struct wl1271 *wl, struct wl12xx_vif *wlvif,
95 enum ieee80211_band band,
96 bool passive, u32 basic_rate)
97{
98 struct ieee80211_vif *vif = wl12xx_wlvif_to_vif(wlvif);
99 struct wl1271_cmd_scan *cmd;
100 struct wl1271_cmd_trigger_scan_to *trigger;
101 int ret;
102 u16 scan_options = 0;
103
104 /* skip active scans if we don't have SSIDs */
105 if (!passive && wl->scan.req->n_ssids == 0)
106 return WL1271_NOTHING_TO_SCAN;
107
108 cmd = kzalloc(sizeof(*cmd), GFP_KERNEL);
109 trigger = kzalloc(sizeof(*trigger), GFP_KERNEL);
110 if (!cmd || !trigger) {
111 ret = -ENOMEM;
112 goto out;
113 }
114
115 if (wl->conf.scan.split_scan_timeout)
116 scan_options |= WL1271_SCAN_OPT_SPLIT_SCAN;
117
118 if (passive)
119 scan_options |= WL1271_SCAN_OPT_PASSIVE;
120
121 cmd->params.role_id = wlvif->role_id;
122
123 if (WARN_ON(cmd->params.role_id == WL12XX_INVALID_ROLE_ID)) {
124 ret = -EINVAL;
125 goto out;
126 }
127
128 cmd->params.scan_options = cpu_to_le16(scan_options);
129
130 cmd->params.n_ch = wl1271_get_scan_channels(wl, wl->scan.req,
131 cmd->channels,
132 band, passive);
133 if (cmd->params.n_ch == 0) {
134 ret = WL1271_NOTHING_TO_SCAN;
135 goto out;
136 }
137
138 cmd->params.tx_rate = cpu_to_le32(basic_rate);
139 cmd->params.n_probe_reqs = wl->conf.scan.num_probe_reqs;
140 cmd->params.tid_trigger = CONF_TX_AC_ANY_TID;
141 cmd->params.scan_tag = WL1271_SCAN_DEFAULT_TAG;
142
143 if (band == IEEE80211_BAND_2GHZ)
144 cmd->params.band = WL1271_SCAN_BAND_2_4_GHZ;
145 else
146 cmd->params.band = WL1271_SCAN_BAND_5_GHZ;
147
148 if (wl->scan.ssid_len && wl->scan.ssid) {
149 cmd->params.ssid_len = wl->scan.ssid_len;
150 memcpy(cmd->params.ssid, wl->scan.ssid, wl->scan.ssid_len);
151 }
152
153 memcpy(cmd->addr, vif->addr, ETH_ALEN);
154
155 ret = wl12xx_cmd_build_probe_req(wl, wlvif,
156 cmd->params.role_id, band,
157 wl->scan.ssid, wl->scan.ssid_len,
158 wl->scan.req->ie,
159 wl->scan.req->ie_len, false);
160 if (ret < 0) {
161 wl1271_error("PROBE request template failed");
162 goto out;
163 }
164
165 trigger->timeout = cpu_to_le32(wl->conf.scan.split_scan_timeout);
166 ret = wl1271_cmd_send(wl, CMD_TRIGGER_SCAN_TO, trigger,
167 sizeof(*trigger), 0);
168 if (ret < 0) {
169 wl1271_error("trigger scan to failed for hw scan");
170 goto out;
171 }
172
173 wl1271_dump(DEBUG_SCAN, "SCAN: ", cmd, sizeof(*cmd));
174
175 ret = wl1271_cmd_send(wl, CMD_SCAN, cmd, sizeof(*cmd), 0);
176 if (ret < 0) {
177 wl1271_error("SCAN failed");
178 goto out;
179 }
180
181out:
182 kfree(cmd);
183 kfree(trigger);
184 return ret;
185}
186
187int wl12xx_scan_stop(struct wl1271 *wl, struct wl12xx_vif *wlvif)
188{
189 struct wl1271_cmd_header *cmd = NULL;
190 int ret = 0;
191
192 if (WARN_ON(wl->scan.state == WL1271_SCAN_STATE_IDLE))
193 return -EINVAL;
194
195 wl1271_debug(DEBUG_CMD, "cmd scan stop");
196
197 cmd = kzalloc(sizeof(*cmd), GFP_KERNEL);
198 if (!cmd) {
199 ret = -ENOMEM;
200 goto out;
201 }
202
203 ret = wl1271_cmd_send(wl, CMD_STOP_SCAN, cmd,
204 sizeof(*cmd), 0);
205 if (ret < 0) {
206 wl1271_error("cmd stop_scan failed");
207 goto out;
208 }
209out:
210 kfree(cmd);
211 return ret;
212}
213
214void wl1271_scan_stm(struct wl1271 *wl, struct wl12xx_vif *wlvif)
215{
216 int ret = 0;
217 enum ieee80211_band band;
218 u32 rate, mask;
219
220 switch (wl->scan.state) {
221 case WL1271_SCAN_STATE_IDLE:
222 break;
223
224 case WL1271_SCAN_STATE_2GHZ_ACTIVE:
225 band = IEEE80211_BAND_2GHZ;
226 mask = wlvif->bitrate_masks[band];
227 if (wl->scan.req->no_cck) {
228 mask &= ~CONF_TX_CCK_RATES;
229 if (!mask)
230 mask = CONF_TX_RATE_MASK_BASIC_P2P;
231 }
232 rate = wl1271_tx_min_rate_get(wl, mask);
233 ret = wl1271_scan_send(wl, wlvif, band, false, rate);
234 if (ret == WL1271_NOTHING_TO_SCAN) {
235 wl->scan.state = WL1271_SCAN_STATE_2GHZ_PASSIVE;
236 wl1271_scan_stm(wl, wlvif);
237 }
238
239 break;
240
241 case WL1271_SCAN_STATE_2GHZ_PASSIVE:
242 band = IEEE80211_BAND_2GHZ;
243 mask = wlvif->bitrate_masks[band];
244 if (wl->scan.req->no_cck) {
245 mask &= ~CONF_TX_CCK_RATES;
246 if (!mask)
247 mask = CONF_TX_RATE_MASK_BASIC_P2P;
248 }
249 rate = wl1271_tx_min_rate_get(wl, mask);
250 ret = wl1271_scan_send(wl, wlvif, band, true, rate);
251 if (ret == WL1271_NOTHING_TO_SCAN) {
252 if (wl->enable_11a)
253 wl->scan.state = WL1271_SCAN_STATE_5GHZ_ACTIVE;
254 else
255 wl->scan.state = WL1271_SCAN_STATE_DONE;
256 wl1271_scan_stm(wl, wlvif);
257 }
258
259 break;
260
261 case WL1271_SCAN_STATE_5GHZ_ACTIVE:
262 band = IEEE80211_BAND_5GHZ;
263 rate = wl1271_tx_min_rate_get(wl, wlvif->bitrate_masks[band]);
264 ret = wl1271_scan_send(wl, wlvif, band, false, rate);
265 if (ret == WL1271_NOTHING_TO_SCAN) {
266 wl->scan.state = WL1271_SCAN_STATE_5GHZ_PASSIVE;
267 wl1271_scan_stm(wl, wlvif);
268 }
269
270 break;
271
272 case WL1271_SCAN_STATE_5GHZ_PASSIVE:
273 band = IEEE80211_BAND_5GHZ;
274 rate = wl1271_tx_min_rate_get(wl, wlvif->bitrate_masks[band]);
275 ret = wl1271_scan_send(wl, wlvif, band, true, rate);
276 if (ret == WL1271_NOTHING_TO_SCAN) {
277 wl->scan.state = WL1271_SCAN_STATE_DONE;
278 wl1271_scan_stm(wl, wlvif);
279 }
280
281 break;
282
283 case WL1271_SCAN_STATE_DONE:
284 wl->scan.failed = false;
285 cancel_delayed_work(&wl->scan_complete_work);
286 ieee80211_queue_delayed_work(wl->hw, &wl->scan_complete_work,
287 msecs_to_jiffies(0));
288 break;
289
290 default:
291 wl1271_error("invalid scan state");
292 break;
293 }
294
295 if (ret < 0) {
296 cancel_delayed_work(&wl->scan_complete_work);
297 ieee80211_queue_delayed_work(wl->hw, &wl->scan_complete_work,
298 msecs_to_jiffies(0));
299 }
300}
301
302static void wl12xx_adjust_channels(struct wl1271_cmd_sched_scan_config *cmd,
303 struct wlcore_scan_channels *cmd_channels)
304{
305 memcpy(cmd->passive, cmd_channels->passive, sizeof(cmd->passive));
306 memcpy(cmd->active, cmd_channels->active, sizeof(cmd->active));
307 cmd->dfs = cmd_channels->dfs;
308 cmd->n_pactive_ch = cmd_channels->passive_active;
309
310 memcpy(cmd->channels_2, cmd_channels->channels_2,
311 sizeof(cmd->channels_2));
312 memcpy(cmd->channels_5, cmd_channels->channels_5,
313 sizeof(cmd->channels_2));
314 /* channels_4 are not supported, so no need to copy them */
315}
316
317int wl1271_scan_sched_scan_config(struct wl1271 *wl,
318 struct wl12xx_vif *wlvif,
319 struct cfg80211_sched_scan_request *req,
320 struct ieee80211_sched_scan_ies *ies)
321{
322 struct wl1271_cmd_sched_scan_config *cfg = NULL;
323 struct wlcore_scan_channels *cfg_channels = NULL;
324 struct conf_sched_scan_settings *c = &wl->conf.sched_scan;
325 int i, ret;
326 bool force_passive = !req->n_ssids;
327
328 wl1271_debug(DEBUG_CMD, "cmd sched_scan scan config");
329
330 cfg = kzalloc(sizeof(*cfg), GFP_KERNEL);
331 if (!cfg)
332 return -ENOMEM;
333
334 cfg->role_id = wlvif->role_id;
335 cfg->rssi_threshold = c->rssi_threshold;
336 cfg->snr_threshold = c->snr_threshold;
337 cfg->n_probe_reqs = c->num_probe_reqs;
338 /* cycles set to 0 it means infinite (until manually stopped) */
339 cfg->cycles = 0;
340 /* report APs when at least 1 is found */
341 cfg->report_after = 1;
342 /* don't stop scanning automatically when something is found */
343 cfg->terminate = 0;
344 cfg->tag = WL1271_SCAN_DEFAULT_TAG;
345 /* don't filter on BSS type */
346 cfg->bss_type = SCAN_BSS_TYPE_ANY;
347 /* currently NL80211 supports only a single interval */
348 for (i = 0; i < SCAN_MAX_CYCLE_INTERVALS; i++)
349 cfg->intervals[i] = cpu_to_le32(req->interval);
350
351 cfg->ssid_len = 0;
352 ret = wlcore_scan_sched_scan_ssid_list(wl, wlvif, req);
353 if (ret < 0)
354 goto out;
355
356 cfg->filter_type = ret;
357
358 wl1271_debug(DEBUG_SCAN, "filter_type = %d", cfg->filter_type);
359
360 cfg_channels = kzalloc(sizeof(*cfg_channels), GFP_KERNEL);
361 if (!cfg_channels) {
362 ret = -ENOMEM;
363 goto out;
364 }
365
366 if (!wlcore_set_scan_chan_params(wl, cfg_channels, req->channels,
367 req->n_channels, req->n_ssids,
368 SCAN_TYPE_PERIODIC)) {
369 wl1271_error("scan channel list is empty");
370 ret = -EINVAL;
371 goto out;
372 }
373 wl12xx_adjust_channels(cfg, cfg_channels);
374
375 if (!force_passive && cfg->active[0]) {
376 u8 band = IEEE80211_BAND_2GHZ;
377 ret = wl12xx_cmd_build_probe_req(wl, wlvif,
378 wlvif->role_id, band,
379 req->ssids[0].ssid,
380 req->ssids[0].ssid_len,
381 ies->ie[band],
382 ies->len[band], true);
383 if (ret < 0) {
384 wl1271_error("2.4GHz PROBE request template failed");
385 goto out;
386 }
387 }
388
389 if (!force_passive && cfg->active[1]) {
390 u8 band = IEEE80211_BAND_5GHZ;
391 ret = wl12xx_cmd_build_probe_req(wl, wlvif,
392 wlvif->role_id, band,
393 req->ssids[0].ssid,
394 req->ssids[0].ssid_len,
395 ies->ie[band],
396 ies->len[band], true);
397 if (ret < 0) {
398 wl1271_error("5GHz PROBE request template failed");
399 goto out;
400 }
401 }
402
403 wl1271_dump(DEBUG_SCAN, "SCAN_CFG: ", cfg, sizeof(*cfg));
404
405 ret = wl1271_cmd_send(wl, CMD_CONNECTION_SCAN_CFG, cfg,
406 sizeof(*cfg), 0);
407 if (ret < 0) {
408 wl1271_error("SCAN configuration failed");
409 goto out;
410 }
411out:
412 kfree(cfg_channels);
413 kfree(cfg);
414 return ret;
415}
416
417int wl1271_scan_sched_scan_start(struct wl1271 *wl, struct wl12xx_vif *wlvif)
418{
419 struct wl1271_cmd_sched_scan_start *start;
420 int ret = 0;
421
422 wl1271_debug(DEBUG_CMD, "cmd periodic scan start");
423
424 if (wlvif->bss_type != BSS_TYPE_STA_BSS)
425 return -EOPNOTSUPP;
426
427 if ((wl->quirks & WLCORE_QUIRK_NO_SCHED_SCAN_WHILE_CONN) &&
428 test_bit(WLVIF_FLAG_IN_USE, &wlvif->flags))
429 return -EBUSY;
430
431 start = kzalloc(sizeof(*start), GFP_KERNEL);
432 if (!start)
433 return -ENOMEM;
434
435 start->role_id = wlvif->role_id;
436 start->tag = WL1271_SCAN_DEFAULT_TAG;
437
438 ret = wl1271_cmd_send(wl, CMD_START_PERIODIC_SCAN, start,
439 sizeof(*start), 0);
440 if (ret < 0) {
441 wl1271_error("failed to send scan start command");
442 goto out_free;
443 }
444
445out_free:
446 kfree(start);
447 return ret;
448}
449
450int wl12xx_sched_scan_start(struct wl1271 *wl, struct wl12xx_vif *wlvif,
451 struct cfg80211_sched_scan_request *req,
452 struct ieee80211_sched_scan_ies *ies)
453{
454 int ret;
455
456 ret = wl1271_scan_sched_scan_config(wl, wlvif, req, ies);
457 if (ret < 0)
458 return ret;
459
460 return wl1271_scan_sched_scan_start(wl, wlvif);
461}
462
463void wl12xx_scan_sched_scan_stop(struct wl1271 *wl, struct wl12xx_vif *wlvif)
464{
465 struct wl1271_cmd_sched_scan_stop *stop;
466 int ret = 0;
467
468 wl1271_debug(DEBUG_CMD, "cmd periodic scan stop");
469
470 /* FIXME: what to do if alloc'ing to stop fails? */
471 stop = kzalloc(sizeof(*stop), GFP_KERNEL);
472 if (!stop) {
473 wl1271_error("failed to alloc memory to send sched scan stop");
474 return;
475 }
476
477 stop->role_id = wlvif->role_id;
478 stop->tag = WL1271_SCAN_DEFAULT_TAG;
479
480 ret = wl1271_cmd_send(wl, CMD_STOP_PERIODIC_SCAN, stop,
481 sizeof(*stop), 0);
482 if (ret < 0) {
483 wl1271_error("failed to send sched scan stop command");
484 goto out_free;
485 }
486
487out_free:
488 kfree(stop);
489}
490
491int wl12xx_scan_start(struct wl1271 *wl, struct wl12xx_vif *wlvif,
492 struct cfg80211_scan_request *req)
493{
494 wl1271_scan_stm(wl, wlvif);
495 return 0;
496}
497
498void wl12xx_scan_completed(struct wl1271 *wl, struct wl12xx_vif *wlvif)
499{
500 wl1271_scan_stm(wl, wlvif);
501}
diff --git a/drivers/net/wireless/ti/wl12xx/scan.h b/drivers/net/wireless/ti/wl12xx/scan.h
new file mode 100644
index 000000000000..264af7ac2785
--- /dev/null
+++ b/drivers/net/wireless/ti/wl12xx/scan.h
@@ -0,0 +1,140 @@
1/*
2 * This file is part of wl12xx
3 *
4 * Copyright (C) 2012 Texas Instruments. All rights reserved.
5 *
6 * This program is free software; you can redistribute it and/or
7 * modify it under the terms of the GNU General Public License
8 * version 2 as published by the Free Software Foundation.
9 *
10 * This program is distributed in the hope that it will be useful, but
11 * WITHOUT ANY WARRANTY; without even the implied warranty of
12 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
13 * General Public License for more details.
14 *
15 * You should have received a copy of the GNU General Public License
16 * along with this program; if not, write to the Free Software
17 * Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA
18 * 02110-1301 USA
19 *
20 */
21
22#ifndef __WL12XX_SCAN_H__
23#define __WL12XX_SCAN_H__
24
25#include "../wlcore/wlcore.h"
26#include "../wlcore/cmd.h"
27#include "../wlcore/scan.h"
28
29#define WL12XX_MAX_CHANNELS_5GHZ 23
30
31struct basic_scan_params {
32 /* Scan option flags (WL1271_SCAN_OPT_*) */
33 __le16 scan_options;
34 u8 role_id;
35 /* Number of scan channels in the list (maximum 30) */
36 u8 n_ch;
37 /* This field indicates the number of probe requests to send
38 per channel for an active scan */
39 u8 n_probe_reqs;
40 u8 tid_trigger;
41 u8 ssid_len;
42 u8 use_ssid_list;
43
44 /* Rate bit field for sending the probes */
45 __le32 tx_rate;
46
47 u8 ssid[IEEE80211_MAX_SSID_LEN];
48 /* Band to scan */
49 u8 band;
50
51 u8 scan_tag;
52 u8 padding2[2];
53} __packed;
54
55struct basic_scan_channel_params {
56 /* Duration in TU to wait for frames on a channel for active scan */
57 __le32 min_duration;
58 __le32 max_duration;
59 __le32 bssid_lsb;
60 __le16 bssid_msb;
61 u8 early_termination;
62 u8 tx_power_att;
63 u8 channel;
64 /* FW internal use only! */
65 u8 dfs_candidate;
66 u8 activity_detected;
67 u8 pad;
68} __packed;
69
70struct wl1271_cmd_scan {
71 struct wl1271_cmd_header header;
72
73 struct basic_scan_params params;
74 struct basic_scan_channel_params channels[WL1271_SCAN_MAX_CHANNELS];
75
76 /* src mac address */
77 u8 addr[ETH_ALEN];
78 u8 padding[2];
79} __packed;
80
81struct wl1271_cmd_sched_scan_config {
82 struct wl1271_cmd_header header;
83
84 __le32 intervals[SCAN_MAX_CYCLE_INTERVALS];
85
86 s8 rssi_threshold; /* for filtering (in dBm) */
87 s8 snr_threshold; /* for filtering (in dB) */
88
89 u8 cycles; /* maximum number of scan cycles */
90 u8 report_after; /* report when this number of results are received */
91 u8 terminate; /* stop scanning after reporting */
92
93 u8 tag;
94 u8 bss_type; /* for filtering */
95 u8 filter_type;
96
97 u8 ssid_len; /* For SCAN_SSID_FILTER_SPECIFIC */
98 u8 ssid[IEEE80211_MAX_SSID_LEN];
99
100 u8 n_probe_reqs; /* Number of probes requests per channel */
101
102 u8 passive[SCAN_MAX_BANDS];
103 u8 active[SCAN_MAX_BANDS];
104
105 u8 dfs;
106
107 u8 n_pactive_ch; /* number of pactive (passive until fw detects energy)
108 channels in BG band */
109 u8 role_id;
110 u8 padding[1];
111 struct conn_scan_ch_params channels_2[MAX_CHANNELS_2GHZ];
112 struct conn_scan_ch_params channels_5[WL12XX_MAX_CHANNELS_5GHZ];
113 struct conn_scan_ch_params channels_4[MAX_CHANNELS_4GHZ];
114} __packed;
115
116struct wl1271_cmd_sched_scan_start {
117 struct wl1271_cmd_header header;
118
119 u8 tag;
120 u8 role_id;
121 u8 padding[2];
122} __packed;
123
124struct wl1271_cmd_sched_scan_stop {
125 struct wl1271_cmd_header header;
126
127 u8 tag;
128 u8 role_id;
129 u8 padding[2];
130} __packed;
131
132int wl12xx_scan_start(struct wl1271 *wl, struct wl12xx_vif *wlvif,
133 struct cfg80211_scan_request *req);
134int wl12xx_scan_stop(struct wl1271 *wl, struct wl12xx_vif *wlvif);
135void wl12xx_scan_completed(struct wl1271 *wl, struct wl12xx_vif *wlvif);
136int wl12xx_sched_scan_start(struct wl1271 *wl, struct wl12xx_vif *wlvif,
137 struct cfg80211_sched_scan_request *req,
138 struct ieee80211_sched_scan_ies *ies);
139void wl12xx_scan_sched_scan_stop(struct wl1271 *wl, struct wl12xx_vif *wlvif);
140#endif
diff --git a/drivers/net/wireless/ti/wl12xx/wl12xx.h b/drivers/net/wireless/ti/wl12xx/wl12xx.h
index 7182bbf6625d..d4552857480c 100644
--- a/drivers/net/wireless/ti/wl12xx/wl12xx.h
+++ b/drivers/net/wireless/ti/wl12xx/wl12xx.h
@@ -24,19 +24,37 @@
24 24
25#include "conf.h" 25#include "conf.h"
26 26
27/* minimum FW required for driver for wl127x */ 27/* WiLink 6/7 chip IDs */
28#define CHIP_ID_127X_PG10 (0x04030101)
29#define CHIP_ID_127X_PG20 (0x04030111)
30#define CHIP_ID_128X_PG10 (0x05030101)
31#define CHIP_ID_128X_PG20 (0x05030111)
32
33/* FW chip version for wl127x */
28#define WL127X_CHIP_VER 6 34#define WL127X_CHIP_VER 6
29#define WL127X_IFTYPE_VER 3 35/* minimum single-role FW version for wl127x */
30#define WL127X_MAJOR_VER 10 36#define WL127X_IFTYPE_SR_VER 3
31#define WL127X_SUBTYPE_VER 2 37#define WL127X_MAJOR_SR_VER 10
32#define WL127X_MINOR_VER 115 38#define WL127X_SUBTYPE_SR_VER WLCORE_FW_VER_IGNORE
39#define WL127X_MINOR_SR_VER 115
40/* minimum multi-role FW version for wl127x */
41#define WL127X_IFTYPE_MR_VER 5
42#define WL127X_MAJOR_MR_VER 7
43#define WL127X_SUBTYPE_MR_VER WLCORE_FW_VER_IGNORE
44#define WL127X_MINOR_MR_VER 115
33 45
34/* minimum FW required for driver for wl128x */ 46/* FW chip version for wl128x */
35#define WL128X_CHIP_VER 7 47#define WL128X_CHIP_VER 7
36#define WL128X_IFTYPE_VER 3 48/* minimum single-role FW version for wl128x */
37#define WL128X_MAJOR_VER 10 49#define WL128X_IFTYPE_SR_VER 3
38#define WL128X_SUBTYPE_VER 2 50#define WL128X_MAJOR_SR_VER 10
39#define WL128X_MINOR_VER 115 51#define WL128X_SUBTYPE_SR_VER WLCORE_FW_VER_IGNORE
52#define WL128X_MINOR_SR_VER 115
53/* minimum multi-role FW version for wl128x */
54#define WL128X_IFTYPE_MR_VER 5
55#define WL128X_MAJOR_MR_VER 7
56#define WL128X_SUBTYPE_MR_VER WLCORE_FW_VER_IGNORE
57#define WL128X_MINOR_MR_VER 42
40 58
41#define WL12XX_AGGR_BUFFER_SIZE (4 * PAGE_SIZE) 59#define WL12XX_AGGR_BUFFER_SIZE (4 * PAGE_SIZE)
42 60
@@ -55,6 +73,8 @@ struct wl12xx_priv {
55 73
56 int ref_clock; 74 int ref_clock;
57 int tcxo_clock; 75 int tcxo_clock;
76
77 struct wl127x_rx_mem_pool_addr *rx_mem_addr;
58}; 78};
59 79
60#endif /* __WL12XX_PRIV_H__ */ 80#endif /* __WL12XX_PRIV_H__ */
diff --git a/drivers/net/wireless/ti/wl18xx/Makefile b/drivers/net/wireless/ti/wl18xx/Makefile
index 67c098734c7f..ae2b81735785 100644
--- a/drivers/net/wireless/ti/wl18xx/Makefile
+++ b/drivers/net/wireless/ti/wl18xx/Makefile
@@ -1,3 +1,3 @@
1wl18xx-objs = main.o acx.o tx.o io.o debugfs.o 1wl18xx-objs = main.o acx.o tx.o io.o debugfs.o scan.o cmd.o event.o
2 2
3obj-$(CONFIG_WL18XX) += wl18xx.o 3obj-$(CONFIG_WL18XX) += wl18xx.o
diff --git a/drivers/net/wireless/ti/wl18xx/acx.c b/drivers/net/wireless/ti/wl18xx/acx.c
index 72840e23bf59..a169bb5a5dbf 100644
--- a/drivers/net/wireless/ti/wl18xx/acx.c
+++ b/drivers/net/wireless/ti/wl18xx/acx.c
@@ -75,7 +75,7 @@ int wl18xx_acx_set_checksum_state(struct wl1271 *wl)
75 75
76 acx->checksum_state = CHECKSUM_OFFLOAD_ENABLED; 76 acx->checksum_state = CHECKSUM_OFFLOAD_ENABLED;
77 77
78 ret = wl1271_cmd_configure(wl, ACX_CHECKSUM_CONFIG, acx, sizeof(*acx)); 78 ret = wl1271_cmd_configure(wl, ACX_CSUM_CONFIG, acx, sizeof(*acx));
79 if (ret < 0) { 79 if (ret < 0) {
80 wl1271_warning("failed to set Tx checksum state: %d", ret); 80 wl1271_warning("failed to set Tx checksum state: %d", ret);
81 goto out; 81 goto out;
@@ -109,3 +109,88 @@ out:
109 kfree(acx); 109 kfree(acx);
110 return ret; 110 return ret;
111} 111}
112
113int wl18xx_acx_peer_ht_operation_mode(struct wl1271 *wl, u8 hlid, bool wide)
114{
115 struct wlcore_peer_ht_operation_mode *acx;
116 int ret;
117
118 wl1271_debug(DEBUG_ACX, "acx peer ht operation mode hlid %d bw %d",
119 hlid, wide);
120
121 acx = kzalloc(sizeof(*acx), GFP_KERNEL);
122 if (!acx) {
123 ret = -ENOMEM;
124 goto out;
125 }
126
127 acx->hlid = hlid;
128 acx->bandwidth = wide ? WLCORE_BANDWIDTH_40MHZ : WLCORE_BANDWIDTH_20MHZ;
129
130 ret = wl1271_cmd_configure(wl, ACX_PEER_HT_OPERATION_MODE_CFG, acx,
131 sizeof(*acx));
132
133 if (ret < 0) {
134 wl1271_warning("acx peer ht operation mode failed: %d", ret);
135 goto out;
136 }
137
138out:
139 kfree(acx);
140 return ret;
141
142}
143
144/*
145 * this command is basically the same as wl1271_acx_ht_capabilities,
146 * with the addition of supported rates. they should be unified in
147 * the next fw api change
148 */
149int wl18xx_acx_set_peer_cap(struct wl1271 *wl,
150 struct ieee80211_sta_ht_cap *ht_cap,
151 bool allow_ht_operation,
152 u32 rate_set, u8 hlid)
153{
154 struct wlcore_acx_peer_cap *acx;
155 int ret = 0;
156 u32 ht_capabilites = 0;
157
158 wl1271_debug(DEBUG_ACX,
159 "acx set cap ht_supp: %d ht_cap: %d rates: 0x%x",
160 ht_cap->ht_supported, ht_cap->cap, rate_set);
161
162 acx = kzalloc(sizeof(*acx), GFP_KERNEL);
163 if (!acx) {
164 ret = -ENOMEM;
165 goto out;
166 }
167
168 if (allow_ht_operation && ht_cap->ht_supported) {
169 /* no need to translate capabilities - use the spec values */
170 ht_capabilites = ht_cap->cap;
171
172 /*
173 * this bit is not employed by the spec but only by FW to
174 * indicate peer HT support
175 */
176 ht_capabilites |= WL12XX_HT_CAP_HT_OPERATION;
177
178 /* get data from A-MPDU parameters field */
179 acx->ampdu_max_length = ht_cap->ampdu_factor;
180 acx->ampdu_min_spacing = ht_cap->ampdu_density;
181 }
182
183 acx->hlid = hlid;
184 acx->ht_capabilites = cpu_to_le32(ht_capabilites);
185 acx->supported_rates = cpu_to_le32(rate_set);
186
187 ret = wl1271_cmd_configure(wl, ACX_PEER_CAP, acx, sizeof(*acx));
188 if (ret < 0) {
189 wl1271_warning("acx ht capabilities setting failed: %d", ret);
190 goto out;
191 }
192
193out:
194 kfree(acx);
195 return ret;
196}
diff --git a/drivers/net/wireless/ti/wl18xx/acx.h b/drivers/net/wireless/ti/wl18xx/acx.h
index e2609a6b7341..0e636def1217 100644
--- a/drivers/net/wireless/ti/wl18xx/acx.h
+++ b/drivers/net/wireless/ti/wl18xx/acx.h
@@ -26,7 +26,13 @@
26#include "../wlcore/acx.h" 26#include "../wlcore/acx.h"
27 27
28enum { 28enum {
29 ACX_CLEAR_STATISTICS = 0x0047, 29 ACX_NS_IPV6_FILTER = 0x0050,
30 ACX_PEER_HT_OPERATION_MODE_CFG = 0x0051,
31 ACX_CSUM_CONFIG = 0x0052,
32 ACX_SIM_CONFIG = 0x0053,
33 ACX_CLEAR_STATISTICS = 0x0054,
34 ACX_AUTO_RX_STREAMING = 0x0055,
35 ACX_PEER_CAP = 0x0056
30}; 36};
31 37
32/* numbers of bits the length field takes (add 1 for the actual number) */ 38/* numbers of bits the length field takes (add 1 for the actual number) */
@@ -278,10 +284,57 @@ struct wl18xx_acx_clear_statistics {
278 struct acx_header header; 284 struct acx_header header;
279}; 285};
280 286
287enum wlcore_bandwidth {
288 WLCORE_BANDWIDTH_20MHZ,
289 WLCORE_BANDWIDTH_40MHZ,
290};
291
292struct wlcore_peer_ht_operation_mode {
293 struct acx_header header;
294
295 u8 hlid;
296 u8 bandwidth; /* enum wlcore_bandwidth */
297 u8 padding[2];
298};
299
300/*
301 * ACX_PEER_CAP
302 * this struct is very similar to wl1271_acx_ht_capabilities, with the
303 * addition of supported rates
304 */
305struct wlcore_acx_peer_cap {
306 struct acx_header header;
307
308 /* bitmask of capability bits supported by the peer */
309 __le32 ht_capabilites;
310
311 /* rates supported by the remote peer */
312 __le32 supported_rates;
313
314 /* Indicates to which link these capabilities apply. */
315 u8 hlid;
316
317 /*
318 * This the maximum A-MPDU length supported by the AP. The FW may not
319 * exceed this length when sending A-MPDUs
320 */
321 u8 ampdu_max_length;
322
323 /* This is the minimal spacing required when sending A-MPDUs to the AP*/
324 u8 ampdu_min_spacing;
325
326 u8 padding;
327} __packed;
328
281int wl18xx_acx_host_if_cfg_bitmap(struct wl1271 *wl, u32 host_cfg_bitmap, 329int wl18xx_acx_host_if_cfg_bitmap(struct wl1271 *wl, u32 host_cfg_bitmap,
282 u32 sdio_blk_size, u32 extra_mem_blks, 330 u32 sdio_blk_size, u32 extra_mem_blks,
283 u32 len_field_size); 331 u32 len_field_size);
284int wl18xx_acx_set_checksum_state(struct wl1271 *wl); 332int wl18xx_acx_set_checksum_state(struct wl1271 *wl);
285int wl18xx_acx_clear_statistics(struct wl1271 *wl); 333int wl18xx_acx_clear_statistics(struct wl1271 *wl);
334int wl18xx_acx_peer_ht_operation_mode(struct wl1271 *wl, u8 hlid, bool wide);
335int wl18xx_acx_set_peer_cap(struct wl1271 *wl,
336 struct ieee80211_sta_ht_cap *ht_cap,
337 bool allow_ht_operation,
338 u32 rate_set, u8 hlid);
286 339
287#endif /* __WL18XX_ACX_H__ */ 340#endif /* __WL18XX_ACX_H__ */
diff --git a/drivers/net/wireless/ti/wl18xx/cmd.c b/drivers/net/wireless/ti/wl18xx/cmd.c
new file mode 100644
index 000000000000..1d1f6cc7a50a
--- /dev/null
+++ b/drivers/net/wireless/ti/wl18xx/cmd.c
@@ -0,0 +1,80 @@
1/*
2 * This file is part of wl18xx
3 *
4 * Copyright (C) 2011 Texas Instruments Inc.
5 *
6 * This program is free software; you can redistribute it and/or
7 * modify it under the terms of the GNU General Public License
8 * version 2 as published by the Free Software Foundation.
9 *
10 * This program is distributed in the hope that it will be useful, but
11 * WITHOUT ANY WARRANTY; without even the implied warranty of
12 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
13 * General Public License for more details.
14 *
15 * You should have received a copy of the GNU General Public License
16 * along with this program; if not, write to the Free Software
17 * Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA
18 * 02110-1301 USA
19 *
20 */
21
22#include "../wlcore/cmd.h"
23#include "../wlcore/debug.h"
24#include "../wlcore/hw_ops.h"
25
26#include "cmd.h"
27
28int wl18xx_cmd_channel_switch(struct wl1271 *wl,
29 struct wl12xx_vif *wlvif,
30 struct ieee80211_channel_switch *ch_switch)
31{
32 struct wl18xx_cmd_channel_switch *cmd;
33 u32 supported_rates;
34 int ret;
35
36 wl1271_debug(DEBUG_ACX, "cmd channel switch");
37
38 cmd = kzalloc(sizeof(*cmd), GFP_KERNEL);
39 if (!cmd) {
40 ret = -ENOMEM;
41 goto out;
42 }
43
44 cmd->role_id = wlvif->role_id;
45 cmd->channel = ch_switch->channel->hw_value;
46 cmd->switch_time = ch_switch->count;
47 cmd->stop_tx = ch_switch->block_tx;
48
49 switch (ch_switch->channel->band) {
50 case IEEE80211_BAND_2GHZ:
51 cmd->band = WLCORE_BAND_2_4GHZ;
52 break;
53 case IEEE80211_BAND_5GHZ:
54 cmd->band = WLCORE_BAND_5GHZ;
55 break;
56 default:
57 wl1271_error("invalid channel switch band: %d",
58 ch_switch->channel->band);
59 ret = -EINVAL;
60 goto out_free;
61 }
62
63 supported_rates = CONF_TX_ENABLED_RATES | CONF_TX_MCS_RATES |
64 wlcore_hw_sta_get_ap_rate_mask(wl, wlvif);
65 if (wlvif->p2p)
66 supported_rates &= ~CONF_TX_CCK_RATES;
67 cmd->local_supported_rates = cpu_to_le32(supported_rates);
68 cmd->channel_type = wlvif->channel_type;
69
70 ret = wl1271_cmd_send(wl, CMD_CHANNEL_SWITCH, cmd, sizeof(*cmd), 0);
71 if (ret < 0) {
72 wl1271_error("failed to send channel switch command");
73 goto out_free;
74 }
75
76out_free:
77 kfree(cmd);
78out:
79 return ret;
80}
diff --git a/drivers/net/wireless/ti/wl18xx/cmd.h b/drivers/net/wireless/ti/wl18xx/cmd.h
new file mode 100644
index 000000000000..6687d10899ac
--- /dev/null
+++ b/drivers/net/wireless/ti/wl18xx/cmd.h
@@ -0,0 +1,52 @@
1/*
2 * This file is part of wl18xx
3 *
4 * Copyright (C) 2011 Texas Instruments. All rights reserved.
5 *
6 * This program is free software; you can redistribute it and/or
7 * modify it under the terms of the GNU General Public License
8 * version 2 as published by the Free Software Foundation.
9 *
10 * This program is distributed in the hope that it will be useful, but
11 * WITHOUT ANY WARRANTY; without even the implied warranty of
12 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
13 * General Public License for more details.
14 *
15 * You should have received a copy of the GNU General Public License
16 * along with this program; if not, write to the Free Software
17 * Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA
18 * 02110-1301 USA
19 *
20 */
21
22#ifndef __WL18XX_CMD_H__
23#define __WL18XX_CMD_H__
24
25#include "../wlcore/wlcore.h"
26#include "../wlcore/acx.h"
27
28struct wl18xx_cmd_channel_switch {
29 struct wl1271_cmd_header header;
30
31 u8 role_id;
32
33 /* The new serving channel */
34 u8 channel;
35 /* Relative time of the serving channel switch in TBTT units */
36 u8 switch_time;
37 /* Stop the role TX, should expect it after radar detection */
38 u8 stop_tx;
39
40 __le32 local_supported_rates;
41
42 u8 channel_type;
43 u8 band;
44
45 u8 padding[2];
46} __packed;
47
48int wl18xx_cmd_channel_switch(struct wl1271 *wl,
49 struct wl12xx_vif *wlvif,
50 struct ieee80211_channel_switch *ch_switch);
51
52#endif
diff --git a/drivers/net/wireless/ti/wl18xx/conf.h b/drivers/net/wireless/ti/wl18xx/conf.h
index 4d426cc20274..b5f114857191 100644
--- a/drivers/net/wireless/ti/wl18xx/conf.h
+++ b/drivers/net/wireless/ti/wl18xx/conf.h
@@ -23,20 +23,21 @@
23#define __WL18XX_CONF_H__ 23#define __WL18XX_CONF_H__
24 24
25#define WL18XX_CONF_MAGIC 0x10e100ca 25#define WL18XX_CONF_MAGIC 0x10e100ca
26#define WL18XX_CONF_VERSION (WLCORE_CONF_VERSION | 0x0003) 26#define WL18XX_CONF_VERSION (WLCORE_CONF_VERSION | 0x0005)
27#define WL18XX_CONF_MASK 0x0000ffff 27#define WL18XX_CONF_MASK 0x0000ffff
28#define WL18XX_CONF_SIZE (WLCORE_CONF_SIZE + \ 28#define WL18XX_CONF_SIZE (WLCORE_CONF_SIZE + \
29 sizeof(struct wl18xx_priv_conf)) 29 sizeof(struct wl18xx_priv_conf))
30 30
31#define NUM_OF_CHANNELS_11_ABG 150 31#define NUM_OF_CHANNELS_11_ABG 150
32#define NUM_OF_CHANNELS_11_P 7 32#define NUM_OF_CHANNELS_11_P 7
33#define WL18XX_NUM_OF_SUB_BANDS 9
34#define SRF_TABLE_LEN 16 33#define SRF_TABLE_LEN 16
35#define PIN_MUXING_SIZE 2 34#define PIN_MUXING_SIZE 2
35#define WL18XX_TRACE_LOSS_GAPS_TX 10
36#define WL18XX_TRACE_LOSS_GAPS_RX 18
36 37
37struct wl18xx_mac_and_phy_params { 38struct wl18xx_mac_and_phy_params {
38 u8 phy_standalone; 39 u8 phy_standalone;
39 u8 rdl; 40 u8 spare0;
40 u8 enable_clpc; 41 u8 enable_clpc;
41 u8 enable_tx_low_pwr_on_siso_rdl; 42 u8 enable_tx_low_pwr_on_siso_rdl;
42 u8 auto_detect; 43 u8 auto_detect;
@@ -69,18 +70,26 @@ struct wl18xx_mac_and_phy_params {
69 u8 pwr_limit_reference_11_abg; 70 u8 pwr_limit_reference_11_abg;
70 u8 per_chan_pwr_limit_arr_11p[NUM_OF_CHANNELS_11_P]; 71 u8 per_chan_pwr_limit_arr_11p[NUM_OF_CHANNELS_11_P];
71 u8 pwr_limit_reference_11p; 72 u8 pwr_limit_reference_11p;
72 u8 per_sub_band_tx_trace_loss[WL18XX_NUM_OF_SUB_BANDS]; 73 u8 spare1[9];
73 u8 per_sub_band_rx_trace_loss[WL18XX_NUM_OF_SUB_BANDS]; 74 u8 spare2[9];
74 u8 primary_clock_setting_time; 75 u8 primary_clock_setting_time;
75 u8 clock_valid_on_wake_up; 76 u8 clock_valid_on_wake_up;
76 u8 secondary_clock_setting_time; 77 u8 secondary_clock_setting_time;
77 u8 board_type; 78 u8 board_type;
78 /* enable point saturation */ 79 /* enable point saturation */
79 u8 psat; 80 u8 psat;
80 /* low/medium/high Tx power in dBm */ 81 /* low/medium/high Tx power in dBm for STA-HP BG */
81 s8 low_power_val; 82 s8 low_power_val;
82 s8 med_power_val; 83 s8 med_power_val;
83 s8 high_power_val; 84 s8 high_power_val;
85 s8 per_sub_band_tx_trace_loss[WL18XX_TRACE_LOSS_GAPS_TX];
86 s8 per_sub_band_rx_trace_loss[WL18XX_TRACE_LOSS_GAPS_RX];
87 u8 tx_rf_margin;
88 /* low/medium/high Tx power in dBm for other role */
89 s8 low_power_val_2nd;
90 s8 med_power_val_2nd;
91 s8 high_power_val_2nd;
92
84 u8 padding[1]; 93 u8 padding[1];
85} __packed; 94} __packed;
86 95
diff --git a/drivers/net/wireless/ti/wl18xx/event.c b/drivers/net/wireless/ti/wl18xx/event.c
new file mode 100644
index 000000000000..c9199d7804c6
--- /dev/null
+++ b/drivers/net/wireless/ti/wl18xx/event.c
@@ -0,0 +1,111 @@
1/*
2 * This file is part of wl12xx
3 *
4 * Copyright (C) 2012 Texas Instruments. All rights reserved.
5 *
6 * This program is free software; you can redistribute it and/or
7 * modify it under the terms of the GNU General Public License
8 * version 2 as published by the Free Software Foundation.
9 *
10 * This program is distributed in the hope that it will be useful, but
11 * WITHOUT ANY WARRANTY; without even the implied warranty of
12 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
13 * General Public License for more details.
14 *
15 * You should have received a copy of the GNU General Public License
16 * along with this program; if not, write to the Free Software
17 * Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA
18 * 02110-1301 USA
19 *
20 */
21
22#include "event.h"
23#include "scan.h"
24#include "../wlcore/cmd.h"
25#include "../wlcore/debug.h"
26
27int wl18xx_wait_for_event(struct wl1271 *wl, enum wlcore_wait_event event,
28 bool *timeout)
29{
30 u32 local_event;
31
32 switch (event) {
33 case WLCORE_EVENT_PEER_REMOVE_COMPLETE:
34 local_event = PEER_REMOVE_COMPLETE_EVENT_ID;
35 break;
36
37 case WLCORE_EVENT_DFS_CONFIG_COMPLETE:
38 local_event = DFS_CHANNELS_CONFIG_COMPLETE_EVENT;
39 break;
40
41 default:
42 /* event not implemented */
43 return 0;
44 }
45 return wlcore_cmd_wait_for_event_or_timeout(wl, local_event, timeout);
46}
47
48int wl18xx_process_mailbox_events(struct wl1271 *wl)
49{
50 struct wl18xx_event_mailbox *mbox = wl->mbox;
51 u32 vector;
52
53 vector = le32_to_cpu(mbox->events_vector);
54 wl1271_debug(DEBUG_EVENT, "MBOX vector: 0x%x", vector);
55
56 if (vector & SCAN_COMPLETE_EVENT_ID) {
57 wl1271_debug(DEBUG_EVENT, "scan results: %d",
58 mbox->number_of_scan_results);
59
60 if (wl->scan_wlvif)
61 wl18xx_scan_completed(wl, wl->scan_wlvif);
62 }
63
64 if (vector & PERIODIC_SCAN_REPORT_EVENT_ID) {
65 wl1271_debug(DEBUG_EVENT,
66 "PERIODIC_SCAN_REPORT_EVENT (results %d)",
67 mbox->number_of_sched_scan_results);
68
69 wlcore_scan_sched_scan_results(wl);
70 }
71
72 if (vector & PERIODIC_SCAN_COMPLETE_EVENT_ID)
73 wlcore_event_sched_scan_completed(wl, 1);
74
75 if (vector & RSSI_SNR_TRIGGER_0_EVENT_ID)
76 wlcore_event_rssi_trigger(wl, mbox->rssi_snr_trigger_metric);
77
78 if (vector & BA_SESSION_RX_CONSTRAINT_EVENT_ID)
79 wlcore_event_ba_rx_constraint(wl,
80 le16_to_cpu(mbox->rx_ba_role_id_bitmap),
81 le16_to_cpu(mbox->rx_ba_allowed_bitmap));
82
83 if (vector & BSS_LOSS_EVENT_ID)
84 wlcore_event_beacon_loss(wl,
85 le16_to_cpu(mbox->bss_loss_bitmap));
86
87 if (vector & CHANNEL_SWITCH_COMPLETE_EVENT_ID)
88 wlcore_event_channel_switch(wl,
89 le16_to_cpu(mbox->channel_switch_role_id_bitmap),
90 true);
91
92 if (vector & DUMMY_PACKET_EVENT_ID)
93 wlcore_event_dummy_packet(wl);
94
95 /*
96 * "TX retries exceeded" has a different meaning according to mode.
97 * In AP mode the offending station is disconnected.
98 */
99 if (vector & MAX_TX_FAILURE_EVENT_ID)
100 wlcore_event_max_tx_failure(wl,
101 le32_to_cpu(mbox->tx_retry_exceeded_bitmap));
102
103 if (vector & INACTIVE_STA_EVENT_ID)
104 wlcore_event_inactive_sta(wl,
105 le32_to_cpu(mbox->inactive_sta_bitmap));
106
107 if (vector & REMAIN_ON_CHANNEL_COMPLETE_EVENT_ID)
108 wlcore_event_roc_complete(wl);
109
110 return 0;
111}
diff --git a/drivers/net/wireless/ti/wl18xx/event.h b/drivers/net/wireless/ti/wl18xx/event.h
new file mode 100644
index 000000000000..398f3d2c0a6c
--- /dev/null
+++ b/drivers/net/wireless/ti/wl18xx/event.h
@@ -0,0 +1,77 @@
1/*
2 * This file is part of wl18xx
3 *
4 * Copyright (C) 2012 Texas Instruments. All rights reserved.
5 *
6 * This program is free software; you can redistribute it and/or
7 * modify it under the terms of the GNU General Public License
8 * version 2 as published by the Free Software Foundation.
9 *
10 * This program is distributed in the hope that it will be useful, but
11 * WITHOUT ANY WARRANTY; without even the implied warranty of
12 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
13 * General Public License for more details.
14 *
15 * You should have received a copy of the GNU General Public License
16 * along with this program; if not, write to the Free Software
17 * Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA
18 * 02110-1301 USA
19 *
20 */
21
22#ifndef __WL18XX_EVENT_H__
23#define __WL18XX_EVENT_H__
24
25#include "../wlcore/wlcore.h"
26
27enum {
28 SCAN_COMPLETE_EVENT_ID = BIT(8),
29 RADAR_DETECTED_EVENT_ID = BIT(9),
30 CHANNEL_SWITCH_COMPLETE_EVENT_ID = BIT(10),
31 BSS_LOSS_EVENT_ID = BIT(11),
32 MAX_TX_FAILURE_EVENT_ID = BIT(12),
33 DUMMY_PACKET_EVENT_ID = BIT(13),
34 INACTIVE_STA_EVENT_ID = BIT(14),
35 PEER_REMOVE_COMPLETE_EVENT_ID = BIT(15),
36 PERIODIC_SCAN_COMPLETE_EVENT_ID = BIT(16),
37 BA_SESSION_RX_CONSTRAINT_EVENT_ID = BIT(17),
38 REMAIN_ON_CHANNEL_COMPLETE_EVENT_ID = BIT(18),
39 DFS_CHANNELS_CONFIG_COMPLETE_EVENT = BIT(19),
40 PERIODIC_SCAN_REPORT_EVENT_ID = BIT(20),
41};
42
43struct wl18xx_event_mailbox {
44 __le32 events_vector;
45
46 u8 number_of_scan_results;
47 u8 number_of_sched_scan_results;
48
49 __le16 channel_switch_role_id_bitmap;
50
51 s8 rssi_snr_trigger_metric[NUM_OF_RSSI_SNR_TRIGGERS];
52
53 /* bitmap of removed links */
54 __le32 hlid_removed_bitmap;
55
56 /* rx ba constraint */
57 __le16 rx_ba_role_id_bitmap; /* 0xfff means any role. */
58 __le16 rx_ba_allowed_bitmap;
59
60 /* bitmap of roc completed (by role id) */
61 __le16 roc_completed_bitmap;
62
63 /* bitmap of stations (by role id) with bss loss */
64 __le16 bss_loss_bitmap;
65
66 /* bitmap of stations (by HLID) which exceeded max tx retries */
67 __le32 tx_retry_exceeded_bitmap;
68
69 /* bitmap of inactive stations (by HLID) */
70 __le32 inactive_sta_bitmap;
71} __packed;
72
73int wl18xx_wait_for_event(struct wl1271 *wl, enum wlcore_wait_event event,
74 bool *timeout);
75int wl18xx_process_mailbox_events(struct wl1271 *wl);
76
77#endif
diff --git a/drivers/net/wireless/ti/wl18xx/main.c b/drivers/net/wireless/ti/wl18xx/main.c
index 8d8c1f8c63b7..0be1cfc17a86 100644
--- a/drivers/net/wireless/ti/wl18xx/main.c
+++ b/drivers/net/wireless/ti/wl18xx/main.c
@@ -34,10 +34,13 @@
34 34
35#include "reg.h" 35#include "reg.h"
36#include "conf.h" 36#include "conf.h"
37#include "cmd.h"
37#include "acx.h" 38#include "acx.h"
38#include "tx.h" 39#include "tx.h"
39#include "wl18xx.h" 40#include "wl18xx.h"
40#include "io.h" 41#include "io.h"
42#include "scan.h"
43#include "event.h"
41#include "debugfs.h" 44#include "debugfs.h"
42 45
43#define WL18XX_RX_CHECKSUM_MASK 0x40 46#define WL18XX_RX_CHECKSUM_MASK 0x40
@@ -334,6 +337,8 @@ static struct wlcore_conf wl18xx_conf = {
334 .tmpl_short_retry_limit = 10, 337 .tmpl_short_retry_limit = 10,
335 .tmpl_long_retry_limit = 10, 338 .tmpl_long_retry_limit = 10,
336 .tx_watchdog_timeout = 5000, 339 .tx_watchdog_timeout = 5000,
340 .slow_link_thold = 3,
341 .fast_link_thold = 30,
337 }, 342 },
338 .conn = { 343 .conn = {
339 .wake_up_event = CONF_WAKE_UP_EVENT_DTIM, 344 .wake_up_event = CONF_WAKE_UP_EVENT_DTIM,
@@ -391,8 +396,10 @@ static struct wlcore_conf wl18xx_conf = {
391 .scan = { 396 .scan = {
392 .min_dwell_time_active = 7500, 397 .min_dwell_time_active = 7500,
393 .max_dwell_time_active = 30000, 398 .max_dwell_time_active = 30000,
394 .min_dwell_time_passive = 100000, 399 .min_dwell_time_active_long = 25000,
395 .max_dwell_time_passive = 100000, 400 .max_dwell_time_active_long = 50000,
401 .dwell_time_passive = 100000,
402 .dwell_time_dfs = 150000,
396 .num_probe_reqs = 2, 403 .num_probe_reqs = 2,
397 .split_scan_timeout = 50000, 404 .split_scan_timeout = 50000,
398 }, 405 },
@@ -489,6 +496,10 @@ static struct wlcore_conf wl18xx_conf = {
489 .increase_time = 1, 496 .increase_time = 1,
490 .window_size = 16, 497 .window_size = 16,
491 }, 498 },
499 .recovery = {
500 .bug_on_recovery = 0,
501 .no_recovery = 0,
502 },
492}; 503};
493 504
494static struct wl18xx_priv_conf wl18xx_default_priv_conf = { 505static struct wl18xx_priv_conf wl18xx_default_priv_conf = {
@@ -501,7 +512,6 @@ static struct wl18xx_priv_conf wl18xx_default_priv_conf = {
501 .clock_valid_on_wake_up = 0x00, 512 .clock_valid_on_wake_up = 0x00,
502 .secondary_clock_setting_time = 0x05, 513 .secondary_clock_setting_time = 0x05,
503 .board_type = BOARD_TYPE_HDK_18XX, 514 .board_type = BOARD_TYPE_HDK_18XX,
504 .rdl = 0x01,
505 .auto_detect = 0x00, 515 .auto_detect = 0x00,
506 .dedicated_fem = FEM_NONE, 516 .dedicated_fem = FEM_NONE,
507 .low_band_component = COMPONENT_3_WAY_SWITCH, 517 .low_band_component = COMPONENT_3_WAY_SWITCH,
@@ -517,14 +527,39 @@ static struct wl18xx_priv_conf wl18xx_default_priv_conf = {
517 .enable_clpc = 0x00, 527 .enable_clpc = 0x00,
518 .enable_tx_low_pwr_on_siso_rdl = 0x00, 528 .enable_tx_low_pwr_on_siso_rdl = 0x00,
519 .rx_profile = 0x00, 529 .rx_profile = 0x00,
520 .pwr_limit_reference_11_abg = 0xc8, 530 .pwr_limit_reference_11_abg = 0x64,
531 .per_chan_pwr_limit_arr_11abg = {
532 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff,
533 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff,
534 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff,
535 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff,
536 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff,
537 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff,
538 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff,
539 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff,
540 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff,
541 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff,
542 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff,
543 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff,
544 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff,
545 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff,
546 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff,
547 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff,
548 0xff, 0xff, 0xff, 0xff, 0xff, 0xff },
549 .pwr_limit_reference_11p = 0x64,
550 .per_chan_pwr_limit_arr_11p = { 0xff, 0xff, 0xff, 0xff,
551 0xff, 0xff, 0xff },
521 .psat = 0, 552 .psat = 0,
522 .low_power_val = 0x00, 553 .low_power_val = 0x08,
523 .med_power_val = 0x0a, 554 .med_power_val = 0x12,
524 .high_power_val = 0x1e, 555 .high_power_val = 0x18,
556 .low_power_val_2nd = 0x05,
557 .med_power_val_2nd = 0x0a,
558 .high_power_val_2nd = 0x14,
525 .external_pa_dc2dc = 0, 559 .external_pa_dc2dc = 0,
526 .number_of_assembled_ant2_4 = 1, 560 .number_of_assembled_ant2_4 = 2,
527 .number_of_assembled_ant5 = 1, 561 .number_of_assembled_ant5 = 1,
562 .tx_rf_margin = 1,
528 }, 563 },
529}; 564};
530 565
@@ -595,7 +630,7 @@ static const struct wl18xx_clk_cfg wl18xx_clk_table[NUM_CLOCK_CONFIGS] = {
595}; 630};
596 631
597/* TODO: maybe move to a new header file? */ 632/* TODO: maybe move to a new header file? */
598#define WL18XX_FW_NAME "ti-connectivity/wl18xx-fw.bin" 633#define WL18XX_FW_NAME "ti-connectivity/wl18xx-fw-2.bin"
599 634
600static int wl18xx_identify_chip(struct wl1271 *wl) 635static int wl18xx_identify_chip(struct wl1271 *wl)
601{ 636{
@@ -608,15 +643,18 @@ static int wl18xx_identify_chip(struct wl1271 *wl)
608 wl->sr_fw_name = WL18XX_FW_NAME; 643 wl->sr_fw_name = WL18XX_FW_NAME;
609 /* wl18xx uses the same firmware for PLT */ 644 /* wl18xx uses the same firmware for PLT */
610 wl->plt_fw_name = WL18XX_FW_NAME; 645 wl->plt_fw_name = WL18XX_FW_NAME;
611 wl->quirks |= WLCORE_QUIRK_NO_ELP | 646 wl->quirks |= WLCORE_QUIRK_RX_BLOCKSIZE_ALIGN |
612 WLCORE_QUIRK_RX_BLOCKSIZE_ALIGN |
613 WLCORE_QUIRK_TX_BLOCKSIZE_ALIGN | 647 WLCORE_QUIRK_TX_BLOCKSIZE_ALIGN |
614 WLCORE_QUIRK_NO_SCHED_SCAN_WHILE_CONN | 648 WLCORE_QUIRK_NO_SCHED_SCAN_WHILE_CONN |
615 WLCORE_QUIRK_TX_PAD_LAST_FRAME; 649 WLCORE_QUIRK_TX_PAD_LAST_FRAME |
616 650 WLCORE_QUIRK_REGDOMAIN_CONF |
617 wlcore_set_min_fw_ver(wl, WL18XX_CHIP_VER, WL18XX_IFTYPE_VER, 651 WLCORE_QUIRK_DUAL_PROBE_TMPL;
618 WL18XX_MAJOR_VER, WL18XX_SUBTYPE_VER, 652
619 WL18XX_MINOR_VER); 653 wlcore_set_min_fw_ver(wl, WL18XX_CHIP_VER,
654 WL18XX_IFTYPE_VER, WL18XX_MAJOR_VER,
655 WL18XX_SUBTYPE_VER, WL18XX_MINOR_VER,
656 /* there's no separate multi-role FW */
657 0, 0, 0, 0);
620 break; 658 break;
621 case CHIP_ID_185x_PG10: 659 case CHIP_ID_185x_PG10:
622 wl1271_warning("chip id 0x%x (185x PG10) is deprecated", 660 wl1271_warning("chip id 0x%x (185x PG10) is deprecated",
@@ -630,6 +668,11 @@ static int wl18xx_identify_chip(struct wl1271 *wl)
630 goto out; 668 goto out;
631 } 669 }
632 670
671 wl->scan_templ_id_2_4 = CMD_TEMPL_CFG_PROBE_REQ_2_4;
672 wl->scan_templ_id_5 = CMD_TEMPL_CFG_PROBE_REQ_5;
673 wl->sched_scan_templ_id_2_4 = CMD_TEMPL_PROBE_REQ_2_4_PERIODIC;
674 wl->sched_scan_templ_id_5 = CMD_TEMPL_PROBE_REQ_5_PERIODIC;
675 wl->max_channels_5 = WL18XX_MAX_CHANNELS_5GHZ;
633out: 676out:
634 return ret; 677 return ret;
635} 678}
@@ -843,6 +886,20 @@ static int wl18xx_boot(struct wl1271 *wl)
843 if (ret < 0) 886 if (ret < 0)
844 goto out; 887 goto out;
845 888
889 wl->event_mask = BSS_LOSS_EVENT_ID |
890 SCAN_COMPLETE_EVENT_ID |
891 RSSI_SNR_TRIGGER_0_EVENT_ID |
892 PERIODIC_SCAN_COMPLETE_EVENT_ID |
893 PERIODIC_SCAN_REPORT_EVENT_ID |
894 DUMMY_PACKET_EVENT_ID |
895 PEER_REMOVE_COMPLETE_EVENT_ID |
896 BA_SESSION_RX_CONSTRAINT_EVENT_ID |
897 REMAIN_ON_CHANNEL_COMPLETE_EVENT_ID |
898 INACTIVE_STA_EVENT_ID |
899 MAX_TX_FAILURE_EVENT_ID |
900 CHANNEL_SWITCH_COMPLETE_EVENT_ID |
901 DFS_CHANNELS_CONFIG_COMPLETE_EVENT;
902
846 ret = wlcore_boot_run_firmware(wl); 903 ret = wlcore_boot_run_firmware(wl);
847 if (ret < 0) 904 if (ret < 0)
848 goto out; 905 goto out;
@@ -964,7 +1021,7 @@ static int wl18xx_hw_init(struct wl1271 *wl)
964 1021
965 /* (re)init private structures. Relevant on recovery as well. */ 1022 /* (re)init private structures. Relevant on recovery as well. */
966 priv->last_fw_rls_idx = 0; 1023 priv->last_fw_rls_idx = 0;
967 priv->extra_spare_vif_count = 0; 1024 priv->extra_spare_key_count = 0;
968 1025
969 /* set the default amount of spare blocks in the bitmap */ 1026 /* set the default amount of spare blocks in the bitmap */
970 ret = wl18xx_set_host_cfg_bitmap(wl, WL18XX_TX_HW_BLOCK_SPARE); 1027 ret = wl18xx_set_host_cfg_bitmap(wl, WL18XX_TX_HW_BLOCK_SPARE);
@@ -1022,7 +1079,12 @@ static bool wl18xx_is_mimo_supported(struct wl1271 *wl)
1022{ 1079{
1023 struct wl18xx_priv *priv = wl->priv; 1080 struct wl18xx_priv *priv = wl->priv;
1024 1081
1025 return priv->conf.phy.number_of_assembled_ant2_4 >= 2; 1082 /* only support MIMO with multiple antennas, and when SISO
1083 * is not forced through config
1084 */
1085 return (priv->conf.phy.number_of_assembled_ant2_4 >= 2) &&
1086 (priv->conf.ht.mode != HT_MODE_WIDE) &&
1087 (priv->conf.ht.mode != HT_MODE_SISO20);
1026} 1088}
1027 1089
1028/* 1090/*
@@ -1223,8 +1285,8 @@ static int wl18xx_get_spare_blocks(struct wl1271 *wl, bool is_gem)
1223{ 1285{
1224 struct wl18xx_priv *priv = wl->priv; 1286 struct wl18xx_priv *priv = wl->priv;
1225 1287
1226 /* If we have VIFs requiring extra spare, indulge them */ 1288 /* If we have keys requiring extra spare, indulge them */
1227 if (priv->extra_spare_vif_count) 1289 if (priv->extra_spare_key_count)
1228 return WL18XX_TX_HW_EXTRA_BLOCK_SPARE; 1290 return WL18XX_TX_HW_EXTRA_BLOCK_SPARE;
1229 1291
1230 return WL18XX_TX_HW_BLOCK_SPARE; 1292 return WL18XX_TX_HW_BLOCK_SPARE;
@@ -1236,42 +1298,48 @@ static int wl18xx_set_key(struct wl1271 *wl, enum set_key_cmd cmd,
1236 struct ieee80211_key_conf *key_conf) 1298 struct ieee80211_key_conf *key_conf)
1237{ 1299{
1238 struct wl18xx_priv *priv = wl->priv; 1300 struct wl18xx_priv *priv = wl->priv;
1239 bool change_spare = false; 1301 bool change_spare = false, special_enc;
1240 int ret; 1302 int ret;
1241 1303
1304 wl1271_debug(DEBUG_CRYPT, "extra spare keys before: %d",
1305 priv->extra_spare_key_count);
1306
1307 special_enc = key_conf->cipher == WL1271_CIPHER_SUITE_GEM ||
1308 key_conf->cipher == WLAN_CIPHER_SUITE_TKIP;
1309
1310 ret = wlcore_set_key(wl, cmd, vif, sta, key_conf);
1311 if (ret < 0)
1312 goto out;
1313
1242 /* 1314 /*
1243 * when adding the first or removing the last GEM/TKIP interface, 1315 * when adding the first or removing the last GEM/TKIP key,
1244 * we have to adjust the number of spare blocks. 1316 * we have to adjust the number of spare blocks.
1245 */ 1317 */
1246 change_spare = (key_conf->cipher == WL1271_CIPHER_SUITE_GEM || 1318 if (special_enc) {
1247 key_conf->cipher == WLAN_CIPHER_SUITE_TKIP) && 1319 if (cmd == SET_KEY) {
1248 ((priv->extra_spare_vif_count == 0 && cmd == SET_KEY) || 1320 /* first key */
1249 (priv->extra_spare_vif_count == 1 && cmd == DISABLE_KEY)); 1321 change_spare = (priv->extra_spare_key_count == 0);
1322 priv->extra_spare_key_count++;
1323 } else if (cmd == DISABLE_KEY) {
1324 /* last key */
1325 change_spare = (priv->extra_spare_key_count == 1);
1326 priv->extra_spare_key_count--;
1327 }
1328 }
1250 1329
1251 /* no need to change spare - just regular set_key */ 1330 wl1271_debug(DEBUG_CRYPT, "extra spare keys after: %d",
1252 if (!change_spare) 1331 priv->extra_spare_key_count);
1253 return wlcore_set_key(wl, cmd, vif, sta, key_conf);
1254 1332
1255 ret = wlcore_set_key(wl, cmd, vif, sta, key_conf); 1333 if (!change_spare)
1256 if (ret < 0)
1257 goto out; 1334 goto out;
1258 1335
1259 /* key is now set, change the spare blocks */ 1336 /* key is now set, change the spare blocks */
1260 if (cmd == SET_KEY) { 1337 if (priv->extra_spare_key_count)
1261 ret = wl18xx_set_host_cfg_bitmap(wl, 1338 ret = wl18xx_set_host_cfg_bitmap(wl,
1262 WL18XX_TX_HW_EXTRA_BLOCK_SPARE); 1339 WL18XX_TX_HW_EXTRA_BLOCK_SPARE);
1263 if (ret < 0) 1340 else
1264 goto out;
1265
1266 priv->extra_spare_vif_count++;
1267 } else {
1268 ret = wl18xx_set_host_cfg_bitmap(wl, 1341 ret = wl18xx_set_host_cfg_bitmap(wl,
1269 WL18XX_TX_HW_BLOCK_SPARE); 1342 WL18XX_TX_HW_BLOCK_SPARE);
1270 if (ret < 0)
1271 goto out;
1272
1273 priv->extra_spare_vif_count--;
1274 }
1275 1343
1276out: 1344out:
1277 return ret; 1345 return ret;
@@ -1296,6 +1364,92 @@ static u32 wl18xx_pre_pkt_send(struct wl1271 *wl,
1296 return buf_offset; 1364 return buf_offset;
1297} 1365}
1298 1366
1367static void wl18xx_sta_rc_update(struct wl1271 *wl,
1368 struct wl12xx_vif *wlvif,
1369 struct ieee80211_sta *sta,
1370 u32 changed)
1371{
1372 bool wide = sta->ht_cap.cap & IEEE80211_HT_CAP_SUP_WIDTH_20_40;
1373
1374 wl1271_debug(DEBUG_MAC80211, "mac80211 sta_rc_update wide %d", wide);
1375
1376 if (!(changed & IEEE80211_RC_BW_CHANGED))
1377 return;
1378
1379 mutex_lock(&wl->mutex);
1380
1381 /* sanity */
1382 if (WARN_ON(wlvif->bss_type != BSS_TYPE_STA_BSS))
1383 goto out;
1384
1385 /* ignore the change before association */
1386 if (!test_bit(WLVIF_FLAG_STA_ASSOCIATED, &wlvif->flags))
1387 goto out;
1388
1389 /*
1390 * If we started out as wide, we can change the operation mode. If we
1391 * thought this was a 20mhz AP, we have to reconnect
1392 */
1393 if (wlvif->sta.role_chan_type == NL80211_CHAN_HT40MINUS ||
1394 wlvif->sta.role_chan_type == NL80211_CHAN_HT40PLUS)
1395 wl18xx_acx_peer_ht_operation_mode(wl, wlvif->sta.hlid, wide);
1396 else
1397 ieee80211_connection_loss(wl12xx_wlvif_to_vif(wlvif));
1398
1399out:
1400 mutex_unlock(&wl->mutex);
1401}
1402
1403static int wl18xx_set_peer_cap(struct wl1271 *wl,
1404 struct ieee80211_sta_ht_cap *ht_cap,
1405 bool allow_ht_operation,
1406 u32 rate_set, u8 hlid)
1407{
1408 return wl18xx_acx_set_peer_cap(wl, ht_cap, allow_ht_operation,
1409 rate_set, hlid);
1410}
1411
1412static bool wl18xx_lnk_high_prio(struct wl1271 *wl, u8 hlid,
1413 struct wl1271_link *lnk)
1414{
1415 u8 thold;
1416 struct wl18xx_fw_status_priv *status_priv =
1417 (struct wl18xx_fw_status_priv *)wl->fw_status_2->priv;
1418 u32 suspend_bitmap = le32_to_cpu(status_priv->link_suspend_bitmap);
1419
1420 /* suspended links are never high priority */
1421 if (test_bit(hlid, (unsigned long *)&suspend_bitmap))
1422 return false;
1423
1424 /* the priority thresholds are taken from FW */
1425 if (test_bit(hlid, (unsigned long *)&wl->fw_fast_lnk_map) &&
1426 !test_bit(hlid, (unsigned long *)&wl->ap_fw_ps_map))
1427 thold = status_priv->tx_fast_link_prio_threshold;
1428 else
1429 thold = status_priv->tx_slow_link_prio_threshold;
1430
1431 return lnk->allocated_pkts < thold;
1432}
1433
1434static bool wl18xx_lnk_low_prio(struct wl1271 *wl, u8 hlid,
1435 struct wl1271_link *lnk)
1436{
1437 u8 thold;
1438 struct wl18xx_fw_status_priv *status_priv =
1439 (struct wl18xx_fw_status_priv *)wl->fw_status_2->priv;
1440 u32 suspend_bitmap = le32_to_cpu(status_priv->link_suspend_bitmap);
1441
1442 if (test_bit(hlid, (unsigned long *)&suspend_bitmap))
1443 thold = status_priv->tx_suspend_threshold;
1444 else if (test_bit(hlid, (unsigned long *)&wl->fw_fast_lnk_map) &&
1445 !test_bit(hlid, (unsigned long *)&wl->ap_fw_ps_map))
1446 thold = status_priv->tx_fast_stop_threshold;
1447 else
1448 thold = status_priv->tx_slow_stop_threshold;
1449
1450 return lnk->allocated_pkts < thold;
1451}
1452
1299static int wl18xx_setup(struct wl1271 *wl); 1453static int wl18xx_setup(struct wl1271 *wl);
1300 1454
1301static struct wlcore_ops wl18xx_ops = { 1455static struct wlcore_ops wl18xx_ops = {
@@ -1305,6 +1459,8 @@ static struct wlcore_ops wl18xx_ops = {
1305 .plt_init = wl18xx_plt_init, 1459 .plt_init = wl18xx_plt_init,
1306 .trigger_cmd = wl18xx_trigger_cmd, 1460 .trigger_cmd = wl18xx_trigger_cmd,
1307 .ack_event = wl18xx_ack_event, 1461 .ack_event = wl18xx_ack_event,
1462 .wait_for_event = wl18xx_wait_for_event,
1463 .process_mailbox_events = wl18xx_process_mailbox_events,
1308 .calc_tx_blocks = wl18xx_calc_tx_blocks, 1464 .calc_tx_blocks = wl18xx_calc_tx_blocks,
1309 .set_tx_desc_blocks = wl18xx_set_tx_desc_blocks, 1465 .set_tx_desc_blocks = wl18xx_set_tx_desc_blocks,
1310 .set_tx_desc_data_len = wl18xx_set_tx_desc_data_len, 1466 .set_tx_desc_data_len = wl18xx_set_tx_desc_data_len,
@@ -1320,16 +1476,26 @@ static struct wlcore_ops wl18xx_ops = {
1320 .ap_get_mimo_wide_rate_mask = wl18xx_ap_get_mimo_wide_rate_mask, 1476 .ap_get_mimo_wide_rate_mask = wl18xx_ap_get_mimo_wide_rate_mask,
1321 .get_mac = wl18xx_get_mac, 1477 .get_mac = wl18xx_get_mac,
1322 .debugfs_init = wl18xx_debugfs_add_files, 1478 .debugfs_init = wl18xx_debugfs_add_files,
1479 .scan_start = wl18xx_scan_start,
1480 .scan_stop = wl18xx_scan_stop,
1481 .sched_scan_start = wl18xx_sched_scan_start,
1482 .sched_scan_stop = wl18xx_scan_sched_scan_stop,
1323 .handle_static_data = wl18xx_handle_static_data, 1483 .handle_static_data = wl18xx_handle_static_data,
1324 .get_spare_blocks = wl18xx_get_spare_blocks, 1484 .get_spare_blocks = wl18xx_get_spare_blocks,
1325 .set_key = wl18xx_set_key, 1485 .set_key = wl18xx_set_key,
1486 .channel_switch = wl18xx_cmd_channel_switch,
1326 .pre_pkt_send = wl18xx_pre_pkt_send, 1487 .pre_pkt_send = wl18xx_pre_pkt_send,
1488 .sta_rc_update = wl18xx_sta_rc_update,
1489 .set_peer_cap = wl18xx_set_peer_cap,
1490 .lnk_high_prio = wl18xx_lnk_high_prio,
1491 .lnk_low_prio = wl18xx_lnk_low_prio,
1327}; 1492};
1328 1493
1329/* HT cap appropriate for wide channels in 2Ghz */ 1494/* HT cap appropriate for wide channels in 2Ghz */
1330static struct ieee80211_sta_ht_cap wl18xx_siso40_ht_cap_2ghz = { 1495static struct ieee80211_sta_ht_cap wl18xx_siso40_ht_cap_2ghz = {
1331 .cap = IEEE80211_HT_CAP_SGI_20 | IEEE80211_HT_CAP_SGI_40 | 1496 .cap = IEEE80211_HT_CAP_SGI_20 | IEEE80211_HT_CAP_SGI_40 |
1332 IEEE80211_HT_CAP_SUP_WIDTH_20_40 | IEEE80211_HT_CAP_DSSSCCK40, 1497 IEEE80211_HT_CAP_SUP_WIDTH_20_40 | IEEE80211_HT_CAP_DSSSCCK40 |
1498 IEEE80211_HT_CAP_GRN_FLD,
1333 .ht_supported = true, 1499 .ht_supported = true,
1334 .ampdu_factor = IEEE80211_HT_MAX_AMPDU_16K, 1500 .ampdu_factor = IEEE80211_HT_MAX_AMPDU_16K,
1335 .ampdu_density = IEEE80211_HT_MPDU_DENSITY_16, 1501 .ampdu_density = IEEE80211_HT_MPDU_DENSITY_16,
@@ -1343,7 +1509,8 @@ static struct ieee80211_sta_ht_cap wl18xx_siso40_ht_cap_2ghz = {
1343/* HT cap appropriate for wide channels in 5Ghz */ 1509/* HT cap appropriate for wide channels in 5Ghz */
1344static struct ieee80211_sta_ht_cap wl18xx_siso40_ht_cap_5ghz = { 1510static struct ieee80211_sta_ht_cap wl18xx_siso40_ht_cap_5ghz = {
1345 .cap = IEEE80211_HT_CAP_SGI_20 | IEEE80211_HT_CAP_SGI_40 | 1511 .cap = IEEE80211_HT_CAP_SGI_20 | IEEE80211_HT_CAP_SGI_40 |
1346 IEEE80211_HT_CAP_SUP_WIDTH_20_40, 1512 IEEE80211_HT_CAP_SUP_WIDTH_20_40 |
1513 IEEE80211_HT_CAP_GRN_FLD,
1347 .ht_supported = true, 1514 .ht_supported = true,
1348 .ampdu_factor = IEEE80211_HT_MAX_AMPDU_16K, 1515 .ampdu_factor = IEEE80211_HT_MAX_AMPDU_16K,
1349 .ampdu_density = IEEE80211_HT_MPDU_DENSITY_16, 1516 .ampdu_density = IEEE80211_HT_MPDU_DENSITY_16,
@@ -1356,7 +1523,8 @@ static struct ieee80211_sta_ht_cap wl18xx_siso40_ht_cap_5ghz = {
1356 1523
1357/* HT cap appropriate for SISO 20 */ 1524/* HT cap appropriate for SISO 20 */
1358static struct ieee80211_sta_ht_cap wl18xx_siso20_ht_cap = { 1525static struct ieee80211_sta_ht_cap wl18xx_siso20_ht_cap = {
1359 .cap = IEEE80211_HT_CAP_SGI_20, 1526 .cap = IEEE80211_HT_CAP_SGI_20 |
1527 IEEE80211_HT_CAP_GRN_FLD,
1360 .ht_supported = true, 1528 .ht_supported = true,
1361 .ampdu_factor = IEEE80211_HT_MAX_AMPDU_16K, 1529 .ampdu_factor = IEEE80211_HT_MAX_AMPDU_16K,
1362 .ampdu_density = IEEE80211_HT_MPDU_DENSITY_16, 1530 .ampdu_density = IEEE80211_HT_MPDU_DENSITY_16,
@@ -1369,7 +1537,8 @@ static struct ieee80211_sta_ht_cap wl18xx_siso20_ht_cap = {
1369 1537
1370/* HT cap appropriate for MIMO rates in 20mhz channel */ 1538/* HT cap appropriate for MIMO rates in 20mhz channel */
1371static struct ieee80211_sta_ht_cap wl18xx_mimo_ht_cap_2ghz = { 1539static struct ieee80211_sta_ht_cap wl18xx_mimo_ht_cap_2ghz = {
1372 .cap = IEEE80211_HT_CAP_SGI_20, 1540 .cap = IEEE80211_HT_CAP_SGI_20 |
1541 IEEE80211_HT_CAP_GRN_FLD,
1373 .ht_supported = true, 1542 .ht_supported = true,
1374 .ampdu_factor = IEEE80211_HT_MAX_AMPDU_16K, 1543 .ampdu_factor = IEEE80211_HT_MAX_AMPDU_16K,
1375 .ampdu_density = IEEE80211_HT_MPDU_DENSITY_16, 1544 .ampdu_density = IEEE80211_HT_MPDU_DENSITY_16,
@@ -1387,7 +1556,8 @@ static int wl18xx_setup(struct wl1271 *wl)
1387 1556
1388 wl->rtable = wl18xx_rtable; 1557 wl->rtable = wl18xx_rtable;
1389 wl->num_tx_desc = WL18XX_NUM_TX_DESCRIPTORS; 1558 wl->num_tx_desc = WL18XX_NUM_TX_DESCRIPTORS;
1390 wl->num_rx_desc = WL18XX_NUM_TX_DESCRIPTORS; 1559 wl->num_rx_desc = WL18XX_NUM_RX_DESCRIPTORS;
1560 wl->num_channels = 2;
1391 wl->num_mac_addr = WL18XX_NUM_MAC_ADDRESSES; 1561 wl->num_mac_addr = WL18XX_NUM_MAC_ADDRESSES;
1392 wl->band_rate_to_idx = wl18xx_band_rate_to_idx; 1562 wl->band_rate_to_idx = wl18xx_band_rate_to_idx;
1393 wl->hw_tx_rate_tbl_size = WL18XX_CONF_HW_RXTX_RATE_MAX; 1563 wl->hw_tx_rate_tbl_size = WL18XX_CONF_HW_RXTX_RATE_MAX;
@@ -1506,7 +1676,8 @@ static int wl18xx_probe(struct platform_device *pdev)
1506 int ret; 1676 int ret;
1507 1677
1508 hw = wlcore_alloc_hw(sizeof(struct wl18xx_priv), 1678 hw = wlcore_alloc_hw(sizeof(struct wl18xx_priv),
1509 WL18XX_AGGR_BUFFER_SIZE); 1679 WL18XX_AGGR_BUFFER_SIZE,
1680 sizeof(struct wl18xx_event_mailbox));
1510 if (IS_ERR(hw)) { 1681 if (IS_ERR(hw)) {
1511 wl1271_error("can't allocate hw"); 1682 wl1271_error("can't allocate hw");
1512 ret = PTR_ERR(hw); 1683 ret = PTR_ERR(hw);
diff --git a/drivers/net/wireless/ti/wl18xx/scan.c b/drivers/net/wireless/ti/wl18xx/scan.c
new file mode 100644
index 000000000000..09d944505ac0
--- /dev/null
+++ b/drivers/net/wireless/ti/wl18xx/scan.c
@@ -0,0 +1,326 @@
1/*
2 * This file is part of wl18xx
3 *
4 * Copyright (C) 2012 Texas Instruments. All rights reserved.
5 *
6 * This program is free software; you can redistribute it and/or
7 * modify it under the terms of the GNU General Public License
8 * version 2 as published by the Free Software Foundation.
9 *
10 * This program is distributed in the hope that it will be useful, but
11 * WITHOUT ANY WARRANTY; without even the implied warranty of
12 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
13 * General Public License for more details.
14 *
15 * You should have received a copy of the GNU General Public License
16 * along with this program; if not, write to the Free Software
17 * Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA
18 * 02110-1301 USA
19 *
20 */
21
22#include <linux/ieee80211.h>
23#include "scan.h"
24#include "../wlcore/debug.h"
25
26static void wl18xx_adjust_channels(struct wl18xx_cmd_scan_params *cmd,
27 struct wlcore_scan_channels *cmd_channels)
28{
29 memcpy(cmd->passive, cmd_channels->passive, sizeof(cmd->passive));
30 memcpy(cmd->active, cmd_channels->active, sizeof(cmd->active));
31 cmd->dfs = cmd_channels->dfs;
32 cmd->passive_active = cmd_channels->passive_active;
33
34 memcpy(cmd->channels_2, cmd_channels->channels_2,
35 sizeof(cmd->channels_2));
36 memcpy(cmd->channels_5, cmd_channels->channels_5,
37 sizeof(cmd->channels_2));
38 /* channels_4 are not supported, so no need to copy them */
39}
40
41static int wl18xx_scan_send(struct wl1271 *wl, struct wl12xx_vif *wlvif,
42 struct cfg80211_scan_request *req)
43{
44 struct wl18xx_cmd_scan_params *cmd;
45 struct wlcore_scan_channels *cmd_channels = NULL;
46 int ret;
47
48 cmd = kzalloc(sizeof(*cmd), GFP_KERNEL);
49 if (!cmd) {
50 ret = -ENOMEM;
51 goto out;
52 }
53
54 cmd->role_id = wlvif->role_id;
55
56 if (WARN_ON(cmd->role_id == WL12XX_INVALID_ROLE_ID)) {
57 ret = -EINVAL;
58 goto out;
59 }
60
61 cmd->scan_type = SCAN_TYPE_SEARCH;
62 cmd->rssi_threshold = -127;
63 cmd->snr_threshold = 0;
64
65 cmd->bss_type = SCAN_BSS_TYPE_ANY;
66
67 cmd->ssid_from_list = 0;
68 cmd->filter = 0;
69 cmd->add_broadcast = 0;
70
71 cmd->urgency = 0;
72 cmd->protect = 0;
73
74 cmd->n_probe_reqs = wl->conf.scan.num_probe_reqs;
75 cmd->terminate_after = 0;
76
77 /* configure channels */
78 WARN_ON(req->n_ssids > 1);
79
80 cmd_channels = kzalloc(sizeof(*cmd_channels), GFP_KERNEL);
81 if (!cmd_channels) {
82 ret = -ENOMEM;
83 goto out;
84 }
85
86 wlcore_set_scan_chan_params(wl, cmd_channels, req->channels,
87 req->n_channels, req->n_ssids,
88 SCAN_TYPE_SEARCH);
89 wl18xx_adjust_channels(cmd, cmd_channels);
90
91 /*
92 * all the cycles params (except total cycles) should
93 * remain 0 for normal scan
94 */
95 cmd->total_cycles = 1;
96
97 if (req->no_cck)
98 cmd->rate = WL18XX_SCAN_RATE_6;
99
100 cmd->tag = WL1271_SCAN_DEFAULT_TAG;
101
102 if (req->n_ssids) {
103 cmd->ssid_len = req->ssids[0].ssid_len;
104 memcpy(cmd->ssid, req->ssids[0].ssid, cmd->ssid_len);
105 }
106
107 /* TODO: per-band ies? */
108 if (cmd->active[0]) {
109 u8 band = IEEE80211_BAND_2GHZ;
110 ret = wl12xx_cmd_build_probe_req(wl, wlvif,
111 cmd->role_id, band,
112 req->ssids ? req->ssids[0].ssid : NULL,
113 req->ssids ? req->ssids[0].ssid_len : 0,
114 req->ie,
115 req->ie_len,
116 false);
117 if (ret < 0) {
118 wl1271_error("2.4GHz PROBE request template failed");
119 goto out;
120 }
121 }
122
123 if (cmd->active[1] || cmd->dfs) {
124 u8 band = IEEE80211_BAND_5GHZ;
125 ret = wl12xx_cmd_build_probe_req(wl, wlvif,
126 cmd->role_id, band,
127 req->ssids ? req->ssids[0].ssid : NULL,
128 req->ssids ? req->ssids[0].ssid_len : 0,
129 req->ie,
130 req->ie_len,
131 false);
132 if (ret < 0) {
133 wl1271_error("5GHz PROBE request template failed");
134 goto out;
135 }
136 }
137
138 wl1271_dump(DEBUG_SCAN, "SCAN: ", cmd, sizeof(*cmd));
139
140 ret = wl1271_cmd_send(wl, CMD_SCAN, cmd, sizeof(*cmd), 0);
141 if (ret < 0) {
142 wl1271_error("SCAN failed");
143 goto out;
144 }
145
146out:
147 kfree(cmd_channels);
148 kfree(cmd);
149 return ret;
150}
151
152void wl18xx_scan_completed(struct wl1271 *wl, struct wl12xx_vif *wlvif)
153{
154 wl->scan.failed = false;
155 cancel_delayed_work(&wl->scan_complete_work);
156 ieee80211_queue_delayed_work(wl->hw, &wl->scan_complete_work,
157 msecs_to_jiffies(0));
158}
159
160static
161int wl18xx_scan_sched_scan_config(struct wl1271 *wl,
162 struct wl12xx_vif *wlvif,
163 struct cfg80211_sched_scan_request *req,
164 struct ieee80211_sched_scan_ies *ies)
165{
166 struct wl18xx_cmd_scan_params *cmd;
167 struct wlcore_scan_channels *cmd_channels = NULL;
168 struct conf_sched_scan_settings *c = &wl->conf.sched_scan;
169 int ret;
170 int filter_type;
171
172 wl1271_debug(DEBUG_CMD, "cmd sched_scan scan config");
173
174 filter_type = wlcore_scan_sched_scan_ssid_list(wl, wlvif, req);
175 if (filter_type < 0)
176 return filter_type;
177
178 cmd = kzalloc(sizeof(*cmd), GFP_KERNEL);
179 if (!cmd) {
180 ret = -ENOMEM;
181 goto out;
182 }
183
184 cmd->role_id = wlvif->role_id;
185
186 if (WARN_ON(cmd->role_id == WL12XX_INVALID_ROLE_ID)) {
187 ret = -EINVAL;
188 goto out;
189 }
190
191 cmd->scan_type = SCAN_TYPE_PERIODIC;
192 cmd->rssi_threshold = c->rssi_threshold;
193 cmd->snr_threshold = c->snr_threshold;
194
195 /* don't filter on BSS type */
196 cmd->bss_type = SCAN_BSS_TYPE_ANY;
197
198 cmd->ssid_from_list = 1;
199 if (filter_type == SCAN_SSID_FILTER_LIST)
200 cmd->filter = 1;
201 cmd->add_broadcast = 0;
202
203 cmd->urgency = 0;
204 cmd->protect = 0;
205
206 cmd->n_probe_reqs = c->num_probe_reqs;
207 /* don't stop scanning automatically when something is found */
208 cmd->terminate_after = 0;
209
210 cmd_channels = kzalloc(sizeof(*cmd_channels), GFP_KERNEL);
211 if (!cmd_channels) {
212 ret = -ENOMEM;
213 goto out;
214 }
215
216 /* configure channels */
217 wlcore_set_scan_chan_params(wl, cmd_channels, req->channels,
218 req->n_channels, req->n_ssids,
219 SCAN_TYPE_PERIODIC);
220 wl18xx_adjust_channels(cmd, cmd_channels);
221
222 cmd->short_cycles_sec = 0;
223 cmd->long_cycles_sec = cpu_to_le16(req->interval);
224 cmd->short_cycles_count = 0;
225
226 cmd->total_cycles = 0;
227
228 cmd->tag = WL1271_SCAN_DEFAULT_TAG;
229
230 /* create a PERIODIC_SCAN_REPORT_EVENT whenever we've got a match */
231 cmd->report_threshold = 1;
232 cmd->terminate_on_report = 0;
233
234 if (cmd->active[0]) {
235 u8 band = IEEE80211_BAND_2GHZ;
236 ret = wl12xx_cmd_build_probe_req(wl, wlvif,
237 cmd->role_id, band,
238 req->ssids ? req->ssids[0].ssid : NULL,
239 req->ssids ? req->ssids[0].ssid_len : 0,
240 ies->ie[band],
241 ies->len[band],
242 true);
243 if (ret < 0) {
244 wl1271_error("2.4GHz PROBE request template failed");
245 goto out;
246 }
247 }
248
249 if (cmd->active[1] || cmd->dfs) {
250 u8 band = IEEE80211_BAND_5GHZ;
251 ret = wl12xx_cmd_build_probe_req(wl, wlvif,
252 cmd->role_id, band,
253 req->ssids ? req->ssids[0].ssid : NULL,
254 req->ssids ? req->ssids[0].ssid_len : 0,
255 ies->ie[band],
256 ies->len[band],
257 true);
258 if (ret < 0) {
259 wl1271_error("5GHz PROBE request template failed");
260 goto out;
261 }
262 }
263
264 wl1271_dump(DEBUG_SCAN, "SCAN: ", cmd, sizeof(*cmd));
265
266 ret = wl1271_cmd_send(wl, CMD_SCAN, cmd, sizeof(*cmd), 0);
267 if (ret < 0) {
268 wl1271_error("SCAN failed");
269 goto out;
270 }
271
272out:
273 kfree(cmd_channels);
274 kfree(cmd);
275 return ret;
276}
277
278int wl18xx_sched_scan_start(struct wl1271 *wl, struct wl12xx_vif *wlvif,
279 struct cfg80211_sched_scan_request *req,
280 struct ieee80211_sched_scan_ies *ies)
281{
282 return wl18xx_scan_sched_scan_config(wl, wlvif, req, ies);
283}
284
285static int __wl18xx_scan_stop(struct wl1271 *wl, struct wl12xx_vif *wlvif,
286 u8 scan_type)
287{
288 struct wl18xx_cmd_scan_stop *stop;
289 int ret;
290
291 wl1271_debug(DEBUG_CMD, "cmd periodic scan stop");
292
293 stop = kzalloc(sizeof(*stop), GFP_KERNEL);
294 if (!stop) {
295 wl1271_error("failed to alloc memory to send sched scan stop");
296 return -ENOMEM;
297 }
298
299 stop->role_id = wlvif->role_id;
300 stop->scan_type = scan_type;
301
302 ret = wl1271_cmd_send(wl, CMD_STOP_SCAN, stop, sizeof(*stop), 0);
303 if (ret < 0) {
304 wl1271_error("failed to send sched scan stop command");
305 goto out_free;
306 }
307
308out_free:
309 kfree(stop);
310 return ret;
311}
312
313void wl18xx_scan_sched_scan_stop(struct wl1271 *wl, struct wl12xx_vif *wlvif)
314{
315 __wl18xx_scan_stop(wl, wlvif, SCAN_TYPE_PERIODIC);
316}
317int wl18xx_scan_start(struct wl1271 *wl, struct wl12xx_vif *wlvif,
318 struct cfg80211_scan_request *req)
319{
320 return wl18xx_scan_send(wl, wlvif, req);
321}
322
323int wl18xx_scan_stop(struct wl1271 *wl, struct wl12xx_vif *wlvif)
324{
325 return __wl18xx_scan_stop(wl, wlvif, SCAN_TYPE_SEARCH);
326}
diff --git a/drivers/net/wireless/ti/wl18xx/scan.h b/drivers/net/wireless/ti/wl18xx/scan.h
new file mode 100644
index 000000000000..eadee42689d1
--- /dev/null
+++ b/drivers/net/wireless/ti/wl18xx/scan.h
@@ -0,0 +1,127 @@
1/*
2 * This file is part of wl18xx
3 *
4 * Copyright (C) 2012 Texas Instruments. All rights reserved.
5 *
6 * This program is free software; you can redistribute it and/or
7 * modify it under the terms of the GNU General Public License
8 * version 2 as published by the Free Software Foundation.
9 *
10 * This program is distributed in the hope that it will be useful, but
11 * WITHOUT ANY WARRANTY; without even the implied warranty of
12 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
13 * General Public License for more details.
14 *
15 * You should have received a copy of the GNU General Public License
16 * along with this program; if not, write to the Free Software
17 * Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA
18 * 02110-1301 USA
19 *
20 */
21
22#ifndef __WL18XX_SCAN_H__
23#define __WL18XX_SCAN_H__
24
25#include "../wlcore/wlcore.h"
26#include "../wlcore/cmd.h"
27#include "../wlcore/scan.h"
28
29struct tracking_ch_params {
30 struct conn_scan_ch_params channel;
31
32 __le32 bssid_lsb;
33 __le16 bssid_msb;
34
35 u8 padding[2];
36} __packed;
37
38/* probe request rate */
39enum
40{
41 WL18XX_SCAN_RATE_1 = 0,
42 WL18XX_SCAN_RATE_5_5 = 1,
43 WL18XX_SCAN_RATE_6 = 2,
44};
45
46#define WL18XX_MAX_CHANNELS_5GHZ 32
47
48struct wl18xx_cmd_scan_params {
49 struct wl1271_cmd_header header;
50
51 u8 role_id;
52 u8 scan_type;
53
54 s8 rssi_threshold; /* for filtering (in dBm) */
55 s8 snr_threshold; /* for filtering (in dB) */
56
57 u8 bss_type; /* for filtering */
58 u8 ssid_from_list; /* use ssid from configured ssid list */
59 u8 filter; /* forward only results with matching ssids */
60
61 /*
62 * add broadcast ssid in addition to the configured ssids.
63 * the driver should add dummy entry for it (?).
64 */
65 u8 add_broadcast;
66
67 u8 urgency;
68 u8 protect; /* ??? */
69 u8 n_probe_reqs; /* Number of probes requests per channel */
70 u8 terminate_after; /* early terminate scan operation */
71
72 u8 passive[SCAN_MAX_BANDS]; /* number of passive scan channels */
73 u8 active[SCAN_MAX_BANDS]; /* number of active scan channels */
74 u8 dfs; /* number of dfs channels in 5ghz */
75 u8 passive_active; /* number of passive before active channels 2.4ghz */
76
77 __le16 short_cycles_sec;
78 __le16 long_cycles_sec;
79 u8 short_cycles_count;
80 u8 total_cycles; /* 0 - infinite */
81 u8 padding[2];
82
83 union {
84 struct {
85 struct conn_scan_ch_params channels_2[MAX_CHANNELS_2GHZ];
86 struct conn_scan_ch_params channels_5[WL18XX_MAX_CHANNELS_5GHZ];
87 struct conn_scan_ch_params channels_4[MAX_CHANNELS_4GHZ];
88 };
89 struct tracking_ch_params channels_tracking[WL1271_SCAN_MAX_CHANNELS];
90 } ;
91
92 u8 ssid[IEEE80211_MAX_SSID_LEN];
93 u8 ssid_len; /* For SCAN_SSID_FILTER_SPECIFIC */
94 u8 tag;
95 u8 rate;
96
97 /* send SCAN_REPORT_EVENT in periodic scans after each cycle
98 * if number of results >= report_threshold. Must be 0 for
99 * non periodic scans
100 */
101 u8 report_threshold;
102
103 /* Should periodic scan stop after a report event was created.
104 * Must be 0 for non periodic scans.
105 */
106 u8 terminate_on_report;
107
108 u8 padding1[3];
109} __packed;
110
111struct wl18xx_cmd_scan_stop {
112 struct wl1271_cmd_header header;
113
114 u8 role_id;
115 u8 scan_type;
116 u8 padding[2];
117} __packed;
118
119int wl18xx_scan_start(struct wl1271 *wl, struct wl12xx_vif *wlvif,
120 struct cfg80211_scan_request *req);
121int wl18xx_scan_stop(struct wl1271 *wl, struct wl12xx_vif *wlvif);
122void wl18xx_scan_completed(struct wl1271 *wl, struct wl12xx_vif *wlvif);
123int wl18xx_sched_scan_start(struct wl1271 *wl, struct wl12xx_vif *wlvif,
124 struct cfg80211_sched_scan_request *req,
125 struct ieee80211_sched_scan_ies *ies);
126void wl18xx_scan_sched_scan_stop(struct wl1271 *wl, struct wl12xx_vif *wlvif);
127#endif
diff --git a/drivers/net/wireless/ti/wl18xx/tx.c b/drivers/net/wireless/ti/wl18xx/tx.c
index 5b1fb10d9fd7..57c694396647 100644
--- a/drivers/net/wireless/ti/wl18xx/tx.c
+++ b/drivers/net/wireless/ti/wl18xx/tx.c
@@ -28,6 +28,49 @@
28#include "wl18xx.h" 28#include "wl18xx.h"
29#include "tx.h" 29#include "tx.h"
30 30
31static
32void wl18xx_get_last_tx_rate(struct wl1271 *wl, struct ieee80211_vif *vif,
33 struct ieee80211_tx_rate *rate)
34{
35 u8 fw_rate = wl->fw_status_2->counters.tx_last_rate;
36
37 if (fw_rate > CONF_HW_RATE_INDEX_MAX) {
38 wl1271_error("last Tx rate invalid: %d", fw_rate);
39 rate->idx = 0;
40 rate->flags = 0;
41 return;
42 }
43
44 if (fw_rate <= CONF_HW_RATE_INDEX_54MBPS) {
45 rate->idx = fw_rate;
46 rate->flags = 0;
47 } else {
48 rate->flags = IEEE80211_TX_RC_MCS;
49 rate->idx = fw_rate - CONF_HW_RATE_INDEX_MCS0;
50
51 /* SGI modifier is counted as a separate rate */
52 if (fw_rate >= CONF_HW_RATE_INDEX_MCS7_SGI)
53 (rate->idx)--;
54 if (fw_rate == CONF_HW_RATE_INDEX_MCS15_SGI)
55 (rate->idx)--;
56
57 /* this also covers the 40Mhz SGI case (= MCS15) */
58 if (fw_rate == CONF_HW_RATE_INDEX_MCS7_SGI ||
59 fw_rate == CONF_HW_RATE_INDEX_MCS15_SGI)
60 rate->flags |= IEEE80211_TX_RC_SHORT_GI;
61
62 if (fw_rate > CONF_HW_RATE_INDEX_MCS7_SGI && vif) {
63 struct wl12xx_vif *wlvif = wl12xx_vif_to_data(vif);
64 if (wlvif->channel_type == NL80211_CHAN_HT40MINUS ||
65 wlvif->channel_type == NL80211_CHAN_HT40PLUS) {
66 /* adjustment needed for range 0-7 */
67 rate->idx -= 8;
68 rate->flags |= IEEE80211_TX_RC_40_MHZ_WIDTH;
69 }
70 }
71 }
72}
73
31static void wl18xx_tx_complete_packet(struct wl1271 *wl, u8 tx_stat_byte) 74static void wl18xx_tx_complete_packet(struct wl1271 *wl, u8 tx_stat_byte)
32{ 75{
33 struct ieee80211_tx_info *info; 76 struct ieee80211_tx_info *info;
@@ -44,7 +87,6 @@ static void wl18xx_tx_complete_packet(struct wl1271 *wl, u8 tx_stat_byte)
44 /* a zero bit indicates Tx success */ 87 /* a zero bit indicates Tx success */
45 tx_success = !(tx_stat_byte & BIT(WL18XX_TX_STATUS_STAT_BIT_IDX)); 88 tx_success = !(tx_stat_byte & BIT(WL18XX_TX_STATUS_STAT_BIT_IDX));
46 89
47
48 skb = wl->tx_frames[id]; 90 skb = wl->tx_frames[id];
49 info = IEEE80211_SKB_CB(skb); 91 info = IEEE80211_SKB_CB(skb);
50 92
@@ -56,11 +98,13 @@ static void wl18xx_tx_complete_packet(struct wl1271 *wl, u8 tx_stat_byte)
56 /* update the TX status info */ 98 /* update the TX status info */
57 if (tx_success && !(info->flags & IEEE80211_TX_CTL_NO_ACK)) 99 if (tx_success && !(info->flags & IEEE80211_TX_CTL_NO_ACK))
58 info->flags |= IEEE80211_TX_STAT_ACK; 100 info->flags |= IEEE80211_TX_STAT_ACK;
101 /*
102 * first pass info->control.vif while it's valid, and then fill out
103 * the info->status structures
104 */
105 wl18xx_get_last_tx_rate(wl, info->control.vif, &info->status.rates[0]);
59 106
60 /* no real data about Tx completion */ 107 info->status.rates[0].count = 1; /* no data about retries */
61 info->status.rates[0].idx = -1;
62 info->status.rates[0].count = 0;
63 info->status.rates[0].flags = 0;
64 info->status.ack_signal = -1; 108 info->status.ack_signal = -1;
65 109
66 if (!tx_success) 110 if (!tx_success)
diff --git a/drivers/net/wireless/ti/wl18xx/wl18xx.h b/drivers/net/wireless/ti/wl18xx/wl18xx.h
index 96a1e438d677..b6739e79efcf 100644
--- a/drivers/net/wireless/ti/wl18xx/wl18xx.h
+++ b/drivers/net/wireless/ti/wl18xx/wl18xx.h
@@ -26,10 +26,10 @@
26 26
27/* minimum FW required for driver */ 27/* minimum FW required for driver */
28#define WL18XX_CHIP_VER 8 28#define WL18XX_CHIP_VER 8
29#define WL18XX_IFTYPE_VER 2 29#define WL18XX_IFTYPE_VER 5
30#define WL18XX_MAJOR_VER 0 30#define WL18XX_MAJOR_VER WLCORE_FW_VER_IGNORE
31#define WL18XX_SUBTYPE_VER 0 31#define WL18XX_SUBTYPE_VER WLCORE_FW_VER_IGNORE
32#define WL18XX_MINOR_VER 100 32#define WL18XX_MINOR_VER 28
33 33
34#define WL18XX_CMD_MAX_SIZE 740 34#define WL18XX_CMD_MAX_SIZE 740
35 35
@@ -49,8 +49,8 @@ struct wl18xx_priv {
49 /* Index of last released Tx desc in FW */ 49 /* Index of last released Tx desc in FW */
50 u8 last_fw_rls_idx; 50 u8 last_fw_rls_idx;
51 51
52 /* number of VIFs requiring extra spare mem-blocks */ 52 /* number of keys requiring extra spare mem-blocks */
53 int extra_spare_vif_count; 53 int extra_spare_key_count;
54}; 54};
55 55
56#define WL18XX_FW_MAX_TX_STATUS_DESC 33 56#define WL18XX_FW_MAX_TX_STATUS_DESC 33
@@ -68,7 +68,43 @@ struct wl18xx_fw_status_priv {
68 */ 68 */
69 u8 released_tx_desc[WL18XX_FW_MAX_TX_STATUS_DESC]; 69 u8 released_tx_desc[WL18XX_FW_MAX_TX_STATUS_DESC];
70 70
71 u8 padding[2]; 71 /* A bitmap representing the currently suspended links. The suspend
72 * is short lived, for multi-channel Tx requirements.
73 */
74 __le32 link_suspend_bitmap;
75
76 /* packet threshold for an "almost empty" AC,
77 * for Tx schedulng purposes
78 */
79 u8 tx_ac_threshold;
80
81 /* number of packets to queue up for a link in PS */
82 u8 tx_ps_threshold;
83
84 /* number of packet to queue up for a suspended link */
85 u8 tx_suspend_threshold;
86
87 /* Should have less than this number of packets in queue of a slow
88 * link to qualify as high priority link
89 */
90 u8 tx_slow_link_prio_threshold;
91
92 /* Should have less than this number of packets in queue of a fast
93 * link to qualify as high priority link
94 */
95 u8 tx_fast_link_prio_threshold;
96
97 /* Should have less than this number of packets in queue of a slow
98 * link before we stop queuing up packets for it.
99 */
100 u8 tx_slow_stop_threshold;
101
102 /* Should have less than this number of packets in queue of a fast
103 * link before we stop queuing up packets for it.
104 */
105 u8 tx_fast_stop_threshold;
106
107 u8 padding[3];
72}; 108};
73 109
74#define WL18XX_PHY_VERSION_MAX_LEN 20 110#define WL18XX_PHY_VERSION_MAX_LEN 20
diff --git a/drivers/net/wireless/ti/wlcore/acx.c b/drivers/net/wireless/ti/wlcore/acx.c
index ce108a736bd0..c79654323396 100644
--- a/drivers/net/wireless/ti/wlcore/acx.c
+++ b/drivers/net/wireless/ti/wlcore/acx.c
@@ -1340,6 +1340,8 @@ out:
1340 kfree(acx); 1340 kfree(acx);
1341 return ret; 1341 return ret;
1342} 1342}
1343EXPORT_SYMBOL_GPL(wl1271_acx_set_ht_capabilities);
1344
1343 1345
1344int wl1271_acx_set_ht_information(struct wl1271 *wl, 1346int wl1271_acx_set_ht_information(struct wl1271 *wl,
1345 struct wl12xx_vif *wlvif, 1347 struct wl12xx_vif *wlvif,
@@ -1433,13 +1435,22 @@ int wl12xx_acx_set_ba_receiver_session(struct wl1271 *wl, u8 tid_index,
1433 acx->win_size = wl->conf.ht.rx_ba_win_size; 1435 acx->win_size = wl->conf.ht.rx_ba_win_size;
1434 acx->ssn = ssn; 1436 acx->ssn = ssn;
1435 1437
1436 ret = wl1271_cmd_configure(wl, ACX_BA_SESSION_RX_SETUP, acx, 1438 ret = wlcore_cmd_configure_failsafe(wl, ACX_BA_SESSION_RX_SETUP, acx,
1437 sizeof(*acx)); 1439 sizeof(*acx),
1440 BIT(CMD_STATUS_NO_RX_BA_SESSION));
1438 if (ret < 0) { 1441 if (ret < 0) {
1439 wl1271_warning("acx ba receiver session failed: %d", ret); 1442 wl1271_warning("acx ba receiver session failed: %d", ret);
1440 goto out; 1443 goto out;
1441 } 1444 }
1442 1445
1446 /* sometimes we can't start the session */
1447 if (ret == CMD_STATUS_NO_RX_BA_SESSION) {
1448 wl1271_warning("no fw rx ba on tid %d", tid_index);
1449 ret = -EBUSY;
1450 goto out;
1451 }
1452
1453 ret = 0;
1443out: 1454out:
1444 kfree(acx); 1455 kfree(acx);
1445 return ret; 1456 return ret;
diff --git a/drivers/net/wireless/ti/wlcore/acx.h b/drivers/net/wireless/ti/wlcore/acx.h
index d03215d6b3bd..126536c6a393 100644
--- a/drivers/net/wireless/ti/wlcore/acx.h
+++ b/drivers/net/wireless/ti/wlcore/acx.h
@@ -1025,7 +1025,6 @@ enum {
1025 ACX_CONFIG_HANGOVER = 0x0042, 1025 ACX_CONFIG_HANGOVER = 0x0042,
1026 ACX_FEATURE_CFG = 0x0043, 1026 ACX_FEATURE_CFG = 0x0043,
1027 ACX_PROTECTION_CFG = 0x0044, 1027 ACX_PROTECTION_CFG = 0x0044,
1028 ACX_CHECKSUM_CONFIG = 0x0045,
1029}; 1028};
1030 1029
1031 1030
diff --git a/drivers/net/wireless/ti/wlcore/boot.c b/drivers/net/wireless/ti/wlcore/boot.c
index 375ea574eafb..b58ae5fc1487 100644
--- a/drivers/net/wireless/ti/wlcore/boot.c
+++ b/drivers/net/wireless/ti/wlcore/boot.c
@@ -84,47 +84,57 @@ out:
84static int wlcore_validate_fw_ver(struct wl1271 *wl) 84static int wlcore_validate_fw_ver(struct wl1271 *wl)
85{ 85{
86 unsigned int *fw_ver = wl->chip.fw_ver; 86 unsigned int *fw_ver = wl->chip.fw_ver;
87 unsigned int *min_ver = wl->min_fw_ver; 87 unsigned int *min_ver = (wl->fw_type == WL12XX_FW_TYPE_NORMAL) ?
88 wl->min_sr_fw_ver : wl->min_mr_fw_ver;
89 char min_fw_str[32] = "";
90 int i;
88 91
89 /* the chip must be exactly equal */ 92 /* the chip must be exactly equal */
90 if (min_ver[FW_VER_CHIP] != fw_ver[FW_VER_CHIP]) 93 if ((min_ver[FW_VER_CHIP] != WLCORE_FW_VER_IGNORE) &&
94 (min_ver[FW_VER_CHIP] != fw_ver[FW_VER_CHIP]))
91 goto fail; 95 goto fail;
92 96
93 /* always check the next digit if all previous ones are equal */ 97 /* the firmware type must be equal */
94 98 if ((min_ver[FW_VER_IF_TYPE] != WLCORE_FW_VER_IGNORE) &&
95 if (min_ver[FW_VER_IF_TYPE] < fw_ver[FW_VER_IF_TYPE]) 99 (min_ver[FW_VER_IF_TYPE] != fw_ver[FW_VER_IF_TYPE]))
96 goto out;
97 else if (min_ver[FW_VER_IF_TYPE] > fw_ver[FW_VER_IF_TYPE])
98 goto fail; 100 goto fail;
99 101
100 if (min_ver[FW_VER_MAJOR] < fw_ver[FW_VER_MAJOR]) 102 /* the project number must be equal */
101 goto out; 103 if ((min_ver[FW_VER_SUBTYPE] != WLCORE_FW_VER_IGNORE) &&
102 else if (min_ver[FW_VER_MAJOR] > fw_ver[FW_VER_MAJOR]) 104 (min_ver[FW_VER_SUBTYPE] != fw_ver[FW_VER_SUBTYPE]))
103 goto fail; 105 goto fail;
104 106
105 if (min_ver[FW_VER_SUBTYPE] < fw_ver[FW_VER_SUBTYPE]) 107 /* the API version must be greater or equal */
106 goto out; 108 if ((min_ver[FW_VER_MAJOR] != WLCORE_FW_VER_IGNORE) &&
107 else if (min_ver[FW_VER_SUBTYPE] > fw_ver[FW_VER_SUBTYPE]) 109 (min_ver[FW_VER_MAJOR] > fw_ver[FW_VER_MAJOR]))
108 goto fail; 110 goto fail;
109 111
110 if (min_ver[FW_VER_MINOR] < fw_ver[FW_VER_MINOR]) 112 /* if the API version is equal... */
111 goto out; 113 if (((min_ver[FW_VER_MAJOR] == WLCORE_FW_VER_IGNORE) ||
112 else if (min_ver[FW_VER_MINOR] > fw_ver[FW_VER_MINOR]) 114 (min_ver[FW_VER_MAJOR] == fw_ver[FW_VER_MAJOR])) &&
115 /* ...the minor must be greater or equal */
116 ((min_ver[FW_VER_MINOR] != WLCORE_FW_VER_IGNORE) &&
117 (min_ver[FW_VER_MINOR] > fw_ver[FW_VER_MINOR])))
113 goto fail; 118 goto fail;
114 119
115out:
116 return 0; 120 return 0;
117 121
118fail: 122fail:
119 wl1271_error("Your WiFi FW version (%u.%u.%u.%u.%u) is outdated.\n" 123 for (i = 0; i < NUM_FW_VER; i++)
120 "Please use at least FW %u.%u.%u.%u.%u.\n" 124 if (min_ver[i] == WLCORE_FW_VER_IGNORE)
121 "You can get more information at:\n" 125 snprintf(min_fw_str, sizeof(min_fw_str),
122 "http://wireless.kernel.org/en/users/Drivers/wl12xx", 126 "%s*.", min_fw_str);
127 else
128 snprintf(min_fw_str, sizeof(min_fw_str),
129 "%s%u.", min_fw_str, min_ver[i]);
130
131 wl1271_error("Your WiFi FW version (%u.%u.%u.%u.%u) is invalid.\n"
132 "Please use at least FW %s\n"
133 "You can get the latest firmwares at:\n"
134 "git://github.com/TI-OpenLink/firmwares.git",
123 fw_ver[FW_VER_CHIP], fw_ver[FW_VER_IF_TYPE], 135 fw_ver[FW_VER_CHIP], fw_ver[FW_VER_IF_TYPE],
124 fw_ver[FW_VER_MAJOR], fw_ver[FW_VER_SUBTYPE], 136 fw_ver[FW_VER_MAJOR], fw_ver[FW_VER_SUBTYPE],
125 fw_ver[FW_VER_MINOR], min_ver[FW_VER_CHIP], 137 fw_ver[FW_VER_MINOR], min_fw_str);
126 min_ver[FW_VER_IF_TYPE], min_ver[FW_VER_MAJOR],
127 min_ver[FW_VER_SUBTYPE], min_ver[FW_VER_MINOR]);
128 return -EINVAL; 138 return -EINVAL;
129} 139}
130 140
@@ -491,7 +501,7 @@ int wlcore_boot_run_firmware(struct wl1271 *wl)
491 if (ret < 0) 501 if (ret < 0)
492 return ret; 502 return ret;
493 503
494 wl->mbox_ptr[1] = wl->mbox_ptr[0] + sizeof(struct event_mailbox); 504 wl->mbox_ptr[1] = wl->mbox_ptr[0] + wl->mbox_size;
495 505
496 wl1271_debug(DEBUG_MAILBOX, "MBOX ptrs: 0x%x 0x%x", 506 wl1271_debug(DEBUG_MAILBOX, "MBOX ptrs: 0x%x 0x%x",
497 wl->mbox_ptr[0], wl->mbox_ptr[1]); 507 wl->mbox_ptr[0], wl->mbox_ptr[1]);
@@ -508,23 +518,6 @@ int wlcore_boot_run_firmware(struct wl1271 *wl)
508 */ 518 */
509 519
510 /* unmask required mbox events */ 520 /* unmask required mbox events */
511 wl->event_mask = BSS_LOSE_EVENT_ID |
512 REGAINED_BSS_EVENT_ID |
513 SCAN_COMPLETE_EVENT_ID |
514 ROLE_STOP_COMPLETE_EVENT_ID |
515 RSSI_SNR_TRIGGER_0_EVENT_ID |
516 PSPOLL_DELIVERY_FAILURE_EVENT_ID |
517 SOFT_GEMINI_SENSE_EVENT_ID |
518 PERIODIC_SCAN_REPORT_EVENT_ID |
519 PERIODIC_SCAN_COMPLETE_EVENT_ID |
520 DUMMY_PACKET_EVENT_ID |
521 PEER_REMOVE_COMPLETE_EVENT_ID |
522 BA_SESSION_RX_CONSTRAINT_EVENT_ID |
523 REMAIN_ON_CHANNEL_COMPLETE_EVENT_ID |
524 INACTIVE_STA_EVENT_ID |
525 MAX_TX_RETRY_EVENT_ID |
526 CHANNEL_SWITCH_COMPLETE_EVENT_ID;
527
528 ret = wl1271_event_unmask(wl); 521 ret = wl1271_event_unmask(wl);
529 if (ret < 0) { 522 if (ret < 0) {
530 wl1271_error("EVENT mask setting failed"); 523 wl1271_error("EVENT mask setting failed");
diff --git a/drivers/net/wireless/ti/wlcore/cmd.c b/drivers/net/wireless/ti/wlcore/cmd.c
index 27f83f72a93b..1201aca9c89a 100644
--- a/drivers/net/wireless/ti/wlcore/cmd.c
+++ b/drivers/net/wireless/ti/wlcore/cmd.c
@@ -48,14 +48,15 @@
48 * @id: command id 48 * @id: command id
49 * @buf: buffer containing the command, must work with dma 49 * @buf: buffer containing the command, must work with dma
50 * @len: length of the buffer 50 * @len: length of the buffer
51 * return the cmd status code on success.
51 */ 52 */
52int wl1271_cmd_send(struct wl1271 *wl, u16 id, void *buf, size_t len, 53static int __wlcore_cmd_send(struct wl1271 *wl, u16 id, void *buf,
53 size_t res_len) 54 size_t len, size_t res_len)
54{ 55{
55 struct wl1271_cmd_header *cmd; 56 struct wl1271_cmd_header *cmd;
56 unsigned long timeout; 57 unsigned long timeout;
57 u32 intr; 58 u32 intr;
58 int ret = 0; 59 int ret;
59 u16 status; 60 u16 status;
60 u16 poll_count = 0; 61 u16 poll_count = 0;
61 62
@@ -71,7 +72,7 @@ int wl1271_cmd_send(struct wl1271 *wl, u16 id, void *buf, size_t len,
71 72
72 ret = wlcore_write(wl, wl->cmd_box_addr, buf, len, false); 73 ret = wlcore_write(wl, wl->cmd_box_addr, buf, len, false);
73 if (ret < 0) 74 if (ret < 0)
74 goto fail; 75 return ret;
75 76
76 /* 77 /*
77 * TODO: we just need this because one bit is in a different 78 * TODO: we just need this because one bit is in a different
@@ -79,19 +80,18 @@ int wl1271_cmd_send(struct wl1271 *wl, u16 id, void *buf, size_t len,
79 */ 80 */
80 ret = wl->ops->trigger_cmd(wl, wl->cmd_box_addr, buf, len); 81 ret = wl->ops->trigger_cmd(wl, wl->cmd_box_addr, buf, len);
81 if (ret < 0) 82 if (ret < 0)
82 goto fail; 83 return ret;
83 84
84 timeout = jiffies + msecs_to_jiffies(WL1271_COMMAND_TIMEOUT); 85 timeout = jiffies + msecs_to_jiffies(WL1271_COMMAND_TIMEOUT);
85 86
86 ret = wlcore_read_reg(wl, REG_INTERRUPT_NO_CLEAR, &intr); 87 ret = wlcore_read_reg(wl, REG_INTERRUPT_NO_CLEAR, &intr);
87 if (ret < 0) 88 if (ret < 0)
88 goto fail; 89 return ret;
89 90
90 while (!(intr & WL1271_ACX_INTR_CMD_COMPLETE)) { 91 while (!(intr & WL1271_ACX_INTR_CMD_COMPLETE)) {
91 if (time_after(jiffies, timeout)) { 92 if (time_after(jiffies, timeout)) {
92 wl1271_error("command complete timeout"); 93 wl1271_error("command complete timeout");
93 ret = -ETIMEDOUT; 94 return -ETIMEDOUT;
94 goto fail;
95 } 95 }
96 96
97 poll_count++; 97 poll_count++;
@@ -102,7 +102,7 @@ int wl1271_cmd_send(struct wl1271 *wl, u16 id, void *buf, size_t len,
102 102
103 ret = wlcore_read_reg(wl, REG_INTERRUPT_NO_CLEAR, &intr); 103 ret = wlcore_read_reg(wl, REG_INTERRUPT_NO_CLEAR, &intr);
104 if (ret < 0) 104 if (ret < 0)
105 goto fail; 105 return ret;
106 } 106 }
107 107
108 /* read back the status code of the command */ 108 /* read back the status code of the command */
@@ -111,33 +111,66 @@ int wl1271_cmd_send(struct wl1271 *wl, u16 id, void *buf, size_t len,
111 111
112 ret = wlcore_read(wl, wl->cmd_box_addr, cmd, res_len, false); 112 ret = wlcore_read(wl, wl->cmd_box_addr, cmd, res_len, false);
113 if (ret < 0) 113 if (ret < 0)
114 goto fail; 114 return ret;
115 115
116 status = le16_to_cpu(cmd->status); 116 status = le16_to_cpu(cmd->status);
117 if (status != CMD_STATUS_SUCCESS) {
118 wl1271_error("command execute failure %d", status);
119 ret = -EIO;
120 goto fail;
121 }
122 117
123 ret = wlcore_write_reg(wl, REG_INTERRUPT_ACK, 118 ret = wlcore_write_reg(wl, REG_INTERRUPT_ACK,
124 WL1271_ACX_INTR_CMD_COMPLETE); 119 WL1271_ACX_INTR_CMD_COMPLETE);
125 if (ret < 0) 120 if (ret < 0)
121 return ret;
122
123 return status;
124}
125
126/*
127 * send command to fw and return cmd status on success
128 * valid_rets contains a bitmap of allowed error codes
129 */
130int wlcore_cmd_send_failsafe(struct wl1271 *wl, u16 id, void *buf, size_t len,
131 size_t res_len, unsigned long valid_rets)
132{
133 int ret = __wlcore_cmd_send(wl, id, buf, len, res_len);
134
135 if (ret < 0)
126 goto fail; 136 goto fail;
127 137
128 return 0; 138 /* success is always a valid status */
139 valid_rets |= BIT(CMD_STATUS_SUCCESS);
129 140
141 if (ret >= MAX_COMMAND_STATUS ||
142 !test_bit(ret, &valid_rets)) {
143 wl1271_error("command execute failure %d", ret);
144 ret = -EIO;
145 goto fail;
146 }
147 return ret;
130fail: 148fail:
131 wl12xx_queue_recovery_work(wl); 149 wl12xx_queue_recovery_work(wl);
132 return ret; 150 return ret;
133} 151}
152EXPORT_SYMBOL_GPL(wl1271_cmd_send);
153
154/*
155 * wrapper for wlcore_cmd_send that accept only CMD_STATUS_SUCCESS
156 * return 0 on success.
157 */
158int wl1271_cmd_send(struct wl1271 *wl, u16 id, void *buf, size_t len,
159 size_t res_len)
160{
161 int ret = wlcore_cmd_send_failsafe(wl, id, buf, len, res_len, 0);
162
163 if (ret < 0)
164 return ret;
165 return 0;
166}
134 167
135/* 168/*
136 * Poll the mailbox event field until any of the bits in the mask is set or a 169 * Poll the mailbox event field until any of the bits in the mask is set or a
137 * timeout occurs (WL1271_EVENT_TIMEOUT in msecs) 170 * timeout occurs (WL1271_EVENT_TIMEOUT in msecs)
138 */ 171 */
139static int wl1271_cmd_wait_for_event_or_timeout(struct wl1271 *wl, 172int wlcore_cmd_wait_for_event_or_timeout(struct wl1271 *wl,
140 u32 mask, bool *timeout) 173 u32 mask, bool *timeout)
141{ 174{
142 u32 *events_vector; 175 u32 *events_vector;
143 u32 event; 176 u32 event;
@@ -187,20 +220,7 @@ out:
187 kfree(events_vector); 220 kfree(events_vector);
188 return ret; 221 return ret;
189} 222}
190 223EXPORT_SYMBOL_GPL(wlcore_cmd_wait_for_event_or_timeout);
191static int wl1271_cmd_wait_for_event(struct wl1271 *wl, u32 mask)
192{
193 int ret;
194 bool timeout = false;
195
196 ret = wl1271_cmd_wait_for_event_or_timeout(wl, mask, &timeout);
197 if (ret != 0 || timeout) {
198 wl12xx_queue_recovery_work(wl);
199 return ret;
200 }
201
202 return 0;
203}
204 224
205int wl12xx_cmd_role_enable(struct wl1271 *wl, u8 *addr, u8 role_type, 225int wl12xx_cmd_role_enable(struct wl1271 *wl, u8 *addr, u8 role_type,
206 u8 *role_id) 226 u8 *role_id)
@@ -278,6 +298,16 @@ out:
278 return ret; 298 return ret;
279} 299}
280 300
301static int wlcore_get_new_session_id(struct wl1271 *wl, u8 hlid)
302{
303 if (wl->session_ids[hlid] >= SESSION_COUNTER_MAX)
304 wl->session_ids[hlid] = 0;
305
306 wl->session_ids[hlid]++;
307
308 return wl->session_ids[hlid];
309}
310
281int wl12xx_allocate_link(struct wl1271 *wl, struct wl12xx_vif *wlvif, u8 *hlid) 311int wl12xx_allocate_link(struct wl1271 *wl, struct wl12xx_vif *wlvif, u8 *hlid)
282{ 312{
283 unsigned long flags; 313 unsigned long flags;
@@ -285,12 +315,21 @@ int wl12xx_allocate_link(struct wl1271 *wl, struct wl12xx_vif *wlvif, u8 *hlid)
285 if (link >= WL12XX_MAX_LINKS) 315 if (link >= WL12XX_MAX_LINKS)
286 return -EBUSY; 316 return -EBUSY;
287 317
318 wl->session_ids[link] = wlcore_get_new_session_id(wl, link);
319
288 /* these bits are used by op_tx */ 320 /* these bits are used by op_tx */
289 spin_lock_irqsave(&wl->wl_lock, flags); 321 spin_lock_irqsave(&wl->wl_lock, flags);
290 __set_bit(link, wl->links_map); 322 __set_bit(link, wl->links_map);
291 __set_bit(link, wlvif->links_map); 323 __set_bit(link, wlvif->links_map);
292 spin_unlock_irqrestore(&wl->wl_lock, flags); 324 spin_unlock_irqrestore(&wl->wl_lock, flags);
325
326 /* take the last "freed packets" value from the current FW status */
327 wl->links[link].prev_freed_pkts =
328 wl->fw_status_2->counters.tx_lnk_free_pkts[link];
329 wl->links[link].wlvif = wlvif;
293 *hlid = link; 330 *hlid = link;
331
332 wl->active_link_count++;
294 return 0; 333 return 0;
295} 334}
296 335
@@ -307,24 +346,21 @@ void wl12xx_free_link(struct wl1271 *wl, struct wl12xx_vif *wlvif, u8 *hlid)
307 __clear_bit(*hlid, wlvif->links_map); 346 __clear_bit(*hlid, wlvif->links_map);
308 spin_unlock_irqrestore(&wl->wl_lock, flags); 347 spin_unlock_irqrestore(&wl->wl_lock, flags);
309 348
349 wl->links[*hlid].allocated_pkts = 0;
350 wl->links[*hlid].prev_freed_pkts = 0;
351 wl->links[*hlid].ba_bitmap = 0;
352 memset(wl->links[*hlid].addr, 0, ETH_ALEN);
353
310 /* 354 /*
311 * At this point op_tx() will not add more packets to the queues. We 355 * At this point op_tx() will not add more packets to the queues. We
312 * can purge them. 356 * can purge them.
313 */ 357 */
314 wl1271_tx_reset_link_queues(wl, *hlid); 358 wl1271_tx_reset_link_queues(wl, *hlid);
359 wl->links[*hlid].wlvif = NULL;
315 360
316 *hlid = WL12XX_INVALID_LINK_ID; 361 *hlid = WL12XX_INVALID_LINK_ID;
317} 362 wl->active_link_count--;
318 363 WARN_ON_ONCE(wl->active_link_count < 0);
319static int wl12xx_get_new_session_id(struct wl1271 *wl,
320 struct wl12xx_vif *wlvif)
321{
322 if (wlvif->session_counter >= SESSION_COUNTER_MAX)
323 wlvif->session_counter = 0;
324
325 wlvif->session_counter++;
326
327 return wlvif->session_counter;
328} 364}
329 365
330static u8 wlcore_get_native_channel_type(u8 nl_channel_type) 366static u8 wlcore_get_native_channel_type(u8 nl_channel_type)
@@ -345,7 +381,9 @@ static u8 wlcore_get_native_channel_type(u8 nl_channel_type)
345} 381}
346 382
347static int wl12xx_cmd_role_start_dev(struct wl1271 *wl, 383static int wl12xx_cmd_role_start_dev(struct wl1271 *wl,
348 struct wl12xx_vif *wlvif) 384 struct wl12xx_vif *wlvif,
385 enum ieee80211_band band,
386 int channel)
349{ 387{
350 struct wl12xx_cmd_role_start *cmd; 388 struct wl12xx_cmd_role_start *cmd;
351 int ret; 389 int ret;
@@ -359,9 +397,9 @@ static int wl12xx_cmd_role_start_dev(struct wl1271 *wl,
359 wl1271_debug(DEBUG_CMD, "cmd role start dev %d", wlvif->dev_role_id); 397 wl1271_debug(DEBUG_CMD, "cmd role start dev %d", wlvif->dev_role_id);
360 398
361 cmd->role_id = wlvif->dev_role_id; 399 cmd->role_id = wlvif->dev_role_id;
362 if (wlvif->band == IEEE80211_BAND_5GHZ) 400 if (band == IEEE80211_BAND_5GHZ)
363 cmd->band = WLCORE_BAND_5GHZ; 401 cmd->band = WLCORE_BAND_5GHZ;
364 cmd->channel = wlvif->channel; 402 cmd->channel = channel;
365 403
366 if (wlvif->dev_hlid == WL12XX_INVALID_LINK_ID) { 404 if (wlvif->dev_hlid == WL12XX_INVALID_LINK_ID) {
367 ret = wl12xx_allocate_link(wl, wlvif, &wlvif->dev_hlid); 405 ret = wl12xx_allocate_link(wl, wlvif, &wlvif->dev_hlid);
@@ -369,7 +407,7 @@ static int wl12xx_cmd_role_start_dev(struct wl1271 *wl,
369 goto out_free; 407 goto out_free;
370 } 408 }
371 cmd->device.hlid = wlvif->dev_hlid; 409 cmd->device.hlid = wlvif->dev_hlid;
372 cmd->device.session = wl12xx_get_new_session_id(wl, wlvif); 410 cmd->device.session = wl->session_ids[wlvif->dev_hlid];
373 411
374 wl1271_debug(DEBUG_CMD, "role start: roleid=%d, hlid=%d, session=%d", 412 wl1271_debug(DEBUG_CMD, "role start: roleid=%d, hlid=%d, session=%d",
375 cmd->role_id, cmd->device.hlid, cmd->device.session); 413 cmd->role_id, cmd->device.hlid, cmd->device.session);
@@ -420,12 +458,6 @@ static int wl12xx_cmd_role_stop_dev(struct wl1271 *wl,
420 goto out_free; 458 goto out_free;
421 } 459 }
422 460
423 ret = wl1271_cmd_wait_for_event(wl, ROLE_STOP_COMPLETE_EVENT_ID);
424 if (ret < 0) {
425 wl1271_error("cmd role stop dev event completion error");
426 goto out_free;
427 }
428
429 wl12xx_free_link(wl, wlvif, &wlvif->dev_hlid); 461 wl12xx_free_link(wl, wlvif, &wlvif->dev_hlid);
430 462
431out_free: 463out_free:
@@ -439,6 +471,7 @@ int wl12xx_cmd_role_start_sta(struct wl1271 *wl, struct wl12xx_vif *wlvif)
439{ 471{
440 struct ieee80211_vif *vif = wl12xx_wlvif_to_vif(wlvif); 472 struct ieee80211_vif *vif = wl12xx_wlvif_to_vif(wlvif);
441 struct wl12xx_cmd_role_start *cmd; 473 struct wl12xx_cmd_role_start *cmd;
474 u32 supported_rates;
442 int ret; 475 int ret;
443 476
444 cmd = kzalloc(sizeof(*cmd), GFP_KERNEL); 477 cmd = kzalloc(sizeof(*cmd), GFP_KERNEL);
@@ -459,7 +492,14 @@ int wl12xx_cmd_role_start_sta(struct wl1271 *wl, struct wl12xx_vif *wlvif)
459 cmd->sta.ssid_len = wlvif->ssid_len; 492 cmd->sta.ssid_len = wlvif->ssid_len;
460 memcpy(cmd->sta.ssid, wlvif->ssid, wlvif->ssid_len); 493 memcpy(cmd->sta.ssid, wlvif->ssid, wlvif->ssid_len);
461 memcpy(cmd->sta.bssid, vif->bss_conf.bssid, ETH_ALEN); 494 memcpy(cmd->sta.bssid, vif->bss_conf.bssid, ETH_ALEN);
462 cmd->sta.local_rates = cpu_to_le32(wlvif->rate_set); 495
496 supported_rates = CONF_TX_ENABLED_RATES | CONF_TX_MCS_RATES |
497 wlcore_hw_sta_get_ap_rate_mask(wl, wlvif);
498 if (wlvif->p2p)
499 supported_rates &= ~CONF_TX_CCK_RATES;
500
501 cmd->sta.local_rates = cpu_to_le32(supported_rates);
502
463 cmd->channel_type = wlcore_get_native_channel_type(wlvif->channel_type); 503 cmd->channel_type = wlcore_get_native_channel_type(wlvif->channel_type);
464 504
465 if (wlvif->sta.hlid == WL12XX_INVALID_LINK_ID) { 505 if (wlvif->sta.hlid == WL12XX_INVALID_LINK_ID) {
@@ -468,7 +508,11 @@ int wl12xx_cmd_role_start_sta(struct wl1271 *wl, struct wl12xx_vif *wlvif)
468 goto out_free; 508 goto out_free;
469 } 509 }
470 cmd->sta.hlid = wlvif->sta.hlid; 510 cmd->sta.hlid = wlvif->sta.hlid;
471 cmd->sta.session = wl12xx_get_new_session_id(wl, wlvif); 511 cmd->sta.session = wl->session_ids[wlvif->sta.hlid];
512 /*
513 * We don't have the correct remote rates in this stage. the rates
514 * will be reconfigured later, after authorization.
515 */
472 cmd->sta.remote_rates = cpu_to_le32(wlvif->rate_set); 516 cmd->sta.remote_rates = cpu_to_le32(wlvif->rate_set);
473 517
474 wl1271_debug(DEBUG_CMD, "role start: roleid=%d, hlid=%d, session=%d " 518 wl1271_debug(DEBUG_CMD, "role start: roleid=%d, hlid=%d, session=%d "
@@ -482,6 +526,7 @@ int wl12xx_cmd_role_start_sta(struct wl1271 *wl, struct wl12xx_vif *wlvif)
482 goto err_hlid; 526 goto err_hlid;
483 } 527 }
484 528
529 wlvif->sta.role_chan_type = wlvif->channel_type;
485 goto out_free; 530 goto out_free;
486 531
487err_hlid: 532err_hlid:
@@ -500,7 +545,6 @@ int wl12xx_cmd_role_stop_sta(struct wl1271 *wl, struct wl12xx_vif *wlvif)
500{ 545{
501 struct wl12xx_cmd_role_stop *cmd; 546 struct wl12xx_cmd_role_stop *cmd;
502 int ret; 547 int ret;
503 bool timeout = false;
504 548
505 if (WARN_ON(wlvif->sta.hlid == WL12XX_INVALID_LINK_ID)) 549 if (WARN_ON(wlvif->sta.hlid == WL12XX_INVALID_LINK_ID))
506 return -EINVAL; 550 return -EINVAL;
@@ -523,17 +567,6 @@ int wl12xx_cmd_role_stop_sta(struct wl1271 *wl, struct wl12xx_vif *wlvif)
523 goto out_free; 567 goto out_free;
524 } 568 }
525 569
526 /*
527 * Sometimes the firmware doesn't send this event, so we just
528 * time out without failing. Queue recovery for other
529 * failures.
530 */
531 ret = wl1271_cmd_wait_for_event_or_timeout(wl,
532 ROLE_STOP_COMPLETE_EVENT_ID,
533 &timeout);
534 if (ret)
535 wl12xx_queue_recovery_work(wl);
536
537 wl12xx_free_link(wl, wlvif, &wlvif->sta.hlid); 570 wl12xx_free_link(wl, wlvif, &wlvif->sta.hlid);
538 571
539out_free: 572out_free:
@@ -579,12 +612,15 @@ int wl12xx_cmd_role_start_ap(struct wl1271 *wl, struct wl12xx_vif *wlvif)
579 cmd->ap.bss_index = WL1271_AP_BSS_INDEX; 612 cmd->ap.bss_index = WL1271_AP_BSS_INDEX;
580 cmd->ap.global_hlid = wlvif->ap.global_hlid; 613 cmd->ap.global_hlid = wlvif->ap.global_hlid;
581 cmd->ap.broadcast_hlid = wlvif->ap.bcast_hlid; 614 cmd->ap.broadcast_hlid = wlvif->ap.bcast_hlid;
615 cmd->ap.global_session_id = wl->session_ids[wlvif->ap.global_hlid];
616 cmd->ap.bcast_session_id = wl->session_ids[wlvif->ap.bcast_hlid];
582 cmd->ap.basic_rate_set = cpu_to_le32(wlvif->basic_rate_set); 617 cmd->ap.basic_rate_set = cpu_to_le32(wlvif->basic_rate_set);
583 cmd->ap.beacon_interval = cpu_to_le16(wlvif->beacon_int); 618 cmd->ap.beacon_interval = cpu_to_le16(wlvif->beacon_int);
584 cmd->ap.dtim_interval = bss_conf->dtim_period; 619 cmd->ap.dtim_interval = bss_conf->dtim_period;
585 cmd->ap.beacon_expiry = WL1271_AP_DEF_BEACON_EXP; 620 cmd->ap.beacon_expiry = WL1271_AP_DEF_BEACON_EXP;
586 /* FIXME: Change when adding DFS */ 621 /* FIXME: Change when adding DFS */
587 cmd->ap.reset_tsf = 1; /* By default reset AP TSF */ 622 cmd->ap.reset_tsf = 1; /* By default reset AP TSF */
623 cmd->ap.wmm = wlvif->wmm_enabled;
588 cmd->channel = wlvif->channel; 624 cmd->channel = wlvif->channel;
589 cmd->channel_type = wlcore_get_native_channel_type(wlvif->channel_type); 625 cmd->channel_type = wlcore_get_native_channel_type(wlvif->channel_type);
590 626
@@ -599,8 +635,10 @@ int wl12xx_cmd_role_start_ap(struct wl1271 *wl, struct wl12xx_vif *wlvif)
599 memcpy(cmd->ap.ssid, bss_conf->ssid, bss_conf->ssid_len); 635 memcpy(cmd->ap.ssid, bss_conf->ssid, bss_conf->ssid_len);
600 } 636 }
601 637
602 supported_rates = CONF_TX_AP_ENABLED_RATES | CONF_TX_MCS_RATES | 638 supported_rates = CONF_TX_ENABLED_RATES | CONF_TX_MCS_RATES |
603 wlcore_hw_ap_get_mimo_wide_rate_mask(wl, wlvif); 639 wlcore_hw_ap_get_mimo_wide_rate_mask(wl, wlvif);
640 if (wlvif->p2p)
641 supported_rates &= ~CONF_TX_CCK_RATES;
604 642
605 wl1271_debug(DEBUG_CMD, "cmd role start ap with supported_rates 0x%08x", 643 wl1271_debug(DEBUG_CMD, "cmd role start ap with supported_rates 0x%08x",
606 supported_rates); 644 supported_rates);
@@ -799,8 +837,11 @@ int wl1271_cmd_interrogate(struct wl1271 *wl, u16 id, void *buf, size_t len)
799 * @id: acx id 837 * @id: acx id
800 * @buf: buffer containing acx, including all headers, must work with dma 838 * @buf: buffer containing acx, including all headers, must work with dma
801 * @len: length of buf 839 * @len: length of buf
840 * @valid_rets: bitmap of valid cmd status codes (i.e. return values).
841 * return the cmd status on success.
802 */ 842 */
803int wl1271_cmd_configure(struct wl1271 *wl, u16 id, void *buf, size_t len) 843int wlcore_cmd_configure_failsafe(struct wl1271 *wl, u16 id, void *buf,
844 size_t len, unsigned long valid_rets)
804{ 845{
805 struct acx_header *acx = buf; 846 struct acx_header *acx = buf;
806 int ret; 847 int ret;
@@ -812,12 +853,26 @@ int wl1271_cmd_configure(struct wl1271 *wl, u16 id, void *buf, size_t len)
812 /* payload length, does not include any headers */ 853 /* payload length, does not include any headers */
813 acx->len = cpu_to_le16(len - sizeof(*acx)); 854 acx->len = cpu_to_le16(len - sizeof(*acx));
814 855
815 ret = wl1271_cmd_send(wl, CMD_CONFIGURE, acx, len, 0); 856 ret = wlcore_cmd_send_failsafe(wl, CMD_CONFIGURE, acx, len, 0,
857 valid_rets);
816 if (ret < 0) { 858 if (ret < 0) {
817 wl1271_warning("CONFIGURE command NOK"); 859 wl1271_warning("CONFIGURE command NOK");
818 return ret; 860 return ret;
819 } 861 }
820 862
863 return ret;
864}
865
866/*
867 * wrapper for wlcore_cmd_configure that accepts only success status.
868 * return 0 on success
869 */
870int wl1271_cmd_configure(struct wl1271 *wl, u16 id, void *buf, size_t len)
871{
872 int ret = wlcore_cmd_configure_failsafe(wl, id, buf, len, 0);
873
874 if (ret < 0)
875 return ret;
821 return 0; 876 return 0;
822} 877}
823EXPORT_SYMBOL_GPL(wl1271_cmd_configure); 878EXPORT_SYMBOL_GPL(wl1271_cmd_configure);
@@ -1034,8 +1089,8 @@ int wl12xx_cmd_build_probe_req(struct wl1271 *wl, struct wl12xx_vif *wlvif,
1034 struct sk_buff *skb; 1089 struct sk_buff *skb;
1035 int ret; 1090 int ret;
1036 u32 rate; 1091 u32 rate;
1037 u16 template_id_2_4 = CMD_TEMPL_CFG_PROBE_REQ_2_4; 1092 u16 template_id_2_4 = wl->scan_templ_id_2_4;
1038 u16 template_id_5 = CMD_TEMPL_CFG_PROBE_REQ_5; 1093 u16 template_id_5 = wl->scan_templ_id_5;
1039 1094
1040 skb = ieee80211_probereq_get(wl->hw, vif, ssid, ssid_len, 1095 skb = ieee80211_probereq_get(wl->hw, vif, ssid, ssid_len,
1041 ie_len); 1096 ie_len);
@@ -1048,10 +1103,10 @@ int wl12xx_cmd_build_probe_req(struct wl1271 *wl, struct wl12xx_vif *wlvif,
1048 1103
1049 wl1271_dump(DEBUG_SCAN, "PROBE REQ: ", skb->data, skb->len); 1104 wl1271_dump(DEBUG_SCAN, "PROBE REQ: ", skb->data, skb->len);
1050 1105
1051 if (!sched_scan && 1106 if (sched_scan &&
1052 (wl->quirks & WLCORE_QUIRK_DUAL_PROBE_TMPL)) { 1107 (wl->quirks & WLCORE_QUIRK_DUAL_PROBE_TMPL)) {
1053 template_id_2_4 = CMD_TEMPL_APP_PROBE_REQ_2_4; 1108 template_id_2_4 = wl->sched_scan_templ_id_2_4;
1054 template_id_5 = CMD_TEMPL_APP_PROBE_REQ_5; 1109 template_id_5 = wl->sched_scan_templ_id_5;
1055 } 1110 }
1056 1111
1057 rate = wl1271_tx_min_rate_get(wl, wlvif->bitrate_masks[band]); 1112 rate = wl1271_tx_min_rate_get(wl, wlvif->bitrate_masks[band]);
@@ -1068,6 +1123,7 @@ out:
1068 dev_kfree_skb(skb); 1123 dev_kfree_skb(skb);
1069 return ret; 1124 return ret;
1070} 1125}
1126EXPORT_SYMBOL_GPL(wl12xx_cmd_build_probe_req);
1071 1127
1072struct sk_buff *wl1271_cmd_build_ap_probe_req(struct wl1271 *wl, 1128struct sk_buff *wl1271_cmd_build_ap_probe_req(struct wl1271 *wl,
1073 struct wl12xx_vif *wlvif, 1129 struct wl12xx_vif *wlvif,
@@ -1379,7 +1435,8 @@ out:
1379 return ret; 1435 return ret;
1380} 1436}
1381 1437
1382int wl12xx_cmd_set_peer_state(struct wl1271 *wl, u8 hlid) 1438int wl12xx_cmd_set_peer_state(struct wl1271 *wl, struct wl12xx_vif *wlvif,
1439 u8 hlid)
1383{ 1440{
1384 struct wl12xx_cmd_set_peer_state *cmd; 1441 struct wl12xx_cmd_set_peer_state *cmd;
1385 int ret = 0; 1442 int ret = 0;
@@ -1395,6 +1452,10 @@ int wl12xx_cmd_set_peer_state(struct wl1271 *wl, u8 hlid)
1395 cmd->hlid = hlid; 1452 cmd->hlid = hlid;
1396 cmd->state = WL1271_CMD_STA_STATE_CONNECTED; 1453 cmd->state = WL1271_CMD_STA_STATE_CONNECTED;
1397 1454
1455 /* wmm param is valid only for station role */
1456 if (wlvif->bss_type == BSS_TYPE_STA_BSS)
1457 cmd->wmm = wlvif->wmm_enabled;
1458
1398 ret = wl1271_cmd_send(wl, CMD_SET_PEER_STATE, cmd, sizeof(*cmd), 0); 1459 ret = wl1271_cmd_send(wl, CMD_SET_PEER_STATE, cmd, sizeof(*cmd), 0);
1399 if (ret < 0) { 1460 if (ret < 0) {
1400 wl1271_error("failed to send set peer state command"); 1461 wl1271_error("failed to send set peer state command");
@@ -1429,6 +1490,7 @@ int wl12xx_cmd_add_peer(struct wl1271 *wl, struct wl12xx_vif *wlvif,
1429 cmd->hlid = hlid; 1490 cmd->hlid = hlid;
1430 cmd->sp_len = sta->max_sp; 1491 cmd->sp_len = sta->max_sp;
1431 cmd->wmm = sta->wme ? 1 : 0; 1492 cmd->wmm = sta->wme ? 1 : 0;
1493 cmd->session_id = wl->session_ids[hlid];
1432 1494
1433 for (i = 0; i < NUM_ACCESS_CATEGORIES_COPY; i++) 1495 for (i = 0; i < NUM_ACCESS_CATEGORIES_COPY; i++)
1434 if (sta->wme && (sta->uapsd_queues & BIT(i))) 1496 if (sta->wme && (sta->uapsd_queues & BIT(i)))
@@ -1490,9 +1552,10 @@ int wl12xx_cmd_remove_peer(struct wl1271 *wl, u8 hlid)
1490 goto out_free; 1552 goto out_free;
1491 } 1553 }
1492 1554
1493 ret = wl1271_cmd_wait_for_event_or_timeout(wl, 1555 ret = wl->ops->wait_for_event(wl,
1494 PEER_REMOVE_COMPLETE_EVENT_ID, 1556 WLCORE_EVENT_PEER_REMOVE_COMPLETE,
1495 &timeout); 1557 &timeout);
1558
1496 /* 1559 /*
1497 * We are ok with a timeout here. The event is sometimes not sent 1560 * We are ok with a timeout here. The event is sometimes not sent
1498 * due to a firmware bug. In case of another error (like SDIO timeout) 1561 * due to a firmware bug. In case of another error (like SDIO timeout)
@@ -1508,6 +1571,131 @@ out:
1508 return ret; 1571 return ret;
1509} 1572}
1510 1573
1574static int wlcore_get_reg_conf_ch_idx(enum ieee80211_band band, u16 ch)
1575{
1576 int idx = -1;
1577
1578 switch (band) {
1579 case IEEE80211_BAND_5GHZ:
1580 if (ch >= 8 && ch <= 16)
1581 idx = ((ch-8)/4 + 18);
1582 else if (ch >= 34 && ch <= 64)
1583 idx = ((ch-34)/2 + 3 + 18);
1584 else if (ch >= 100 && ch <= 140)
1585 idx = ((ch-100)/4 + 15 + 18);
1586 else if (ch >= 149 && ch <= 165)
1587 idx = ((ch-149)/4 + 26 + 18);
1588 else
1589 idx = -1;
1590 break;
1591 case IEEE80211_BAND_2GHZ:
1592 if (ch >= 1 && ch <= 14)
1593 idx = ch - 1;
1594 else
1595 idx = -1;
1596 break;
1597 default:
1598 wl1271_error("get reg conf ch idx - unknown band: %d",
1599 (int)band);
1600 }
1601
1602 return idx;
1603}
1604
1605void wlcore_set_pending_regdomain_ch(struct wl1271 *wl, u16 channel,
1606 enum ieee80211_band band)
1607{
1608 int ch_bit_idx = 0;
1609
1610 if (!(wl->quirks & WLCORE_QUIRK_REGDOMAIN_CONF))
1611 return;
1612
1613 ch_bit_idx = wlcore_get_reg_conf_ch_idx(band, channel);
1614
1615 if (ch_bit_idx > 0 && ch_bit_idx <= WL1271_MAX_CHANNELS)
1616 set_bit(ch_bit_idx, (long *)wl->reg_ch_conf_pending);
1617}
1618
1619int wlcore_cmd_regdomain_config_locked(struct wl1271 *wl)
1620{
1621 struct wl12xx_cmd_regdomain_dfs_config *cmd = NULL;
1622 int ret = 0, i, b, ch_bit_idx;
1623 struct ieee80211_channel *channel;
1624 u32 tmp_ch_bitmap[2];
1625 u16 ch;
1626 struct wiphy *wiphy = wl->hw->wiphy;
1627 struct ieee80211_supported_band *band;
1628 bool timeout = false;
1629
1630 if (!(wl->quirks & WLCORE_QUIRK_REGDOMAIN_CONF))
1631 return 0;
1632
1633 wl1271_debug(DEBUG_CMD, "cmd reg domain config");
1634
1635 memset(tmp_ch_bitmap, 0, sizeof(tmp_ch_bitmap));
1636
1637 for (b = IEEE80211_BAND_2GHZ; b <= IEEE80211_BAND_5GHZ; b++) {
1638 band = wiphy->bands[b];
1639 for (i = 0; i < band->n_channels; i++) {
1640 channel = &band->channels[i];
1641 ch = channel->hw_value;
1642
1643 if (channel->flags & (IEEE80211_CHAN_DISABLED |
1644 IEEE80211_CHAN_RADAR |
1645 IEEE80211_CHAN_PASSIVE_SCAN))
1646 continue;
1647
1648 ch_bit_idx = wlcore_get_reg_conf_ch_idx(b, ch);
1649 if (ch_bit_idx < 0)
1650 continue;
1651
1652 set_bit(ch_bit_idx, (long *)tmp_ch_bitmap);
1653 }
1654 }
1655
1656 tmp_ch_bitmap[0] |= wl->reg_ch_conf_pending[0];
1657 tmp_ch_bitmap[1] |= wl->reg_ch_conf_pending[1];
1658
1659 if (!memcmp(tmp_ch_bitmap, wl->reg_ch_conf_last, sizeof(tmp_ch_bitmap)))
1660 goto out;
1661
1662 cmd = kzalloc(sizeof(*cmd), GFP_KERNEL);
1663 if (!cmd) {
1664 ret = -ENOMEM;
1665 goto out;
1666 }
1667
1668 cmd->ch_bit_map1 = cpu_to_le32(tmp_ch_bitmap[0]);
1669 cmd->ch_bit_map2 = cpu_to_le32(tmp_ch_bitmap[1]);
1670
1671 wl1271_debug(DEBUG_CMD,
1672 "cmd reg domain bitmap1: 0x%08x, bitmap2: 0x%08x",
1673 cmd->ch_bit_map1, cmd->ch_bit_map2);
1674
1675 ret = wl1271_cmd_send(wl, CMD_DFS_CHANNEL_CONFIG, cmd, sizeof(*cmd), 0);
1676 if (ret < 0) {
1677 wl1271_error("failed to send reg domain dfs config");
1678 goto out;
1679 }
1680
1681 ret = wl->ops->wait_for_event(wl,
1682 WLCORE_EVENT_DFS_CONFIG_COMPLETE,
1683 &timeout);
1684 if (ret < 0 || timeout) {
1685 wl1271_error("reg domain conf %serror",
1686 timeout ? "completion " : "");
1687 ret = timeout ? -ETIMEDOUT : ret;
1688 goto out;
1689 }
1690
1691 memcpy(wl->reg_ch_conf_last, tmp_ch_bitmap, sizeof(tmp_ch_bitmap));
1692 memset(wl->reg_ch_conf_pending, 0, sizeof(wl->reg_ch_conf_pending));
1693
1694out:
1695 kfree(cmd);
1696 return ret;
1697}
1698
1511int wl12xx_cmd_config_fwlog(struct wl1271 *wl) 1699int wl12xx_cmd_config_fwlog(struct wl1271 *wl)
1512{ 1700{
1513 struct wl12xx_cmd_config_fwlog *cmd; 1701 struct wl12xx_cmd_config_fwlog *cmd;
@@ -1593,12 +1781,12 @@ out:
1593} 1781}
1594 1782
1595static int wl12xx_cmd_roc(struct wl1271 *wl, struct wl12xx_vif *wlvif, 1783static int wl12xx_cmd_roc(struct wl1271 *wl, struct wl12xx_vif *wlvif,
1596 u8 role_id) 1784 u8 role_id, enum ieee80211_band band, u8 channel)
1597{ 1785{
1598 struct wl12xx_cmd_roc *cmd; 1786 struct wl12xx_cmd_roc *cmd;
1599 int ret = 0; 1787 int ret = 0;
1600 1788
1601 wl1271_debug(DEBUG_CMD, "cmd roc %d (%d)", wlvif->channel, role_id); 1789 wl1271_debug(DEBUG_CMD, "cmd roc %d (%d)", channel, role_id);
1602 1790
1603 if (WARN_ON(role_id == WL12XX_INVALID_ROLE_ID)) 1791 if (WARN_ON(role_id == WL12XX_INVALID_ROLE_ID))
1604 return -EINVAL; 1792 return -EINVAL;
@@ -1610,8 +1798,8 @@ static int wl12xx_cmd_roc(struct wl1271 *wl, struct wl12xx_vif *wlvif,
1610 } 1798 }
1611 1799
1612 cmd->role_id = role_id; 1800 cmd->role_id = role_id;
1613 cmd->channel = wlvif->channel; 1801 cmd->channel = channel;
1614 switch (wlvif->band) { 1802 switch (band) {
1615 case IEEE80211_BAND_2GHZ: 1803 case IEEE80211_BAND_2GHZ:
1616 cmd->band = WLCORE_BAND_2_4GHZ; 1804 cmd->band = WLCORE_BAND_2_4GHZ;
1617 break; 1805 break;
@@ -1666,30 +1854,18 @@ out:
1666 return ret; 1854 return ret;
1667} 1855}
1668 1856
1669int wl12xx_roc(struct wl1271 *wl, struct wl12xx_vif *wlvif, u8 role_id) 1857int wl12xx_roc(struct wl1271 *wl, struct wl12xx_vif *wlvif, u8 role_id,
1858 enum ieee80211_band band, u8 channel)
1670{ 1859{
1671 int ret = 0; 1860 int ret = 0;
1672 bool is_first_roc;
1673 1861
1674 if (WARN_ON(test_bit(role_id, wl->roc_map))) 1862 if (WARN_ON(test_bit(role_id, wl->roc_map)))
1675 return 0; 1863 return 0;
1676 1864
1677 is_first_roc = (find_first_bit(wl->roc_map, WL12XX_MAX_ROLES) >= 1865 ret = wl12xx_cmd_roc(wl, wlvif, role_id, band, channel);
1678 WL12XX_MAX_ROLES);
1679
1680 ret = wl12xx_cmd_roc(wl, wlvif, role_id);
1681 if (ret < 0) 1866 if (ret < 0)
1682 goto out; 1867 goto out;
1683 1868
1684 if (is_first_roc) {
1685 ret = wl1271_cmd_wait_for_event(wl,
1686 REMAIN_ON_CHANNEL_COMPLETE_EVENT_ID);
1687 if (ret < 0) {
1688 wl1271_error("cmd roc event completion error");
1689 goto out;
1690 }
1691 }
1692
1693 __set_bit(role_id, wl->roc_map); 1869 __set_bit(role_id, wl->roc_map);
1694out: 1870out:
1695 return ret; 1871 return ret;
@@ -1719,43 +1895,7 @@ out:
1719 return ret; 1895 return ret;
1720} 1896}
1721 1897
1722int wl12xx_cmd_channel_switch(struct wl1271 *wl, 1898int wl12xx_cmd_stop_channel_switch(struct wl1271 *wl, struct wl12xx_vif *wlvif)
1723 struct wl12xx_vif *wlvif,
1724 struct ieee80211_channel_switch *ch_switch)
1725{
1726 struct wl12xx_cmd_channel_switch *cmd;
1727 int ret;
1728
1729 wl1271_debug(DEBUG_ACX, "cmd channel switch");
1730
1731 cmd = kzalloc(sizeof(*cmd), GFP_KERNEL);
1732 if (!cmd) {
1733 ret = -ENOMEM;
1734 goto out;
1735 }
1736
1737 cmd->role_id = wlvif->role_id;
1738 cmd->channel = ch_switch->channel->hw_value;
1739 cmd->switch_time = ch_switch->count;
1740 cmd->stop_tx = ch_switch->block_tx;
1741
1742 /* FIXME: control from mac80211 in the future */
1743 cmd->post_switch_tx_disable = 0; /* Enable TX on the target channel */
1744
1745 ret = wl1271_cmd_send(wl, CMD_CHANNEL_SWITCH, cmd, sizeof(*cmd), 0);
1746 if (ret < 0) {
1747 wl1271_error("failed to send channel switch command");
1748 goto out_free;
1749 }
1750
1751out_free:
1752 kfree(cmd);
1753
1754out:
1755 return ret;
1756}
1757
1758int wl12xx_cmd_stop_channel_switch(struct wl1271 *wl)
1759{ 1899{
1760 struct wl12xx_cmd_stop_channel_switch *cmd; 1900 struct wl12xx_cmd_stop_channel_switch *cmd;
1761 int ret; 1901 int ret;
@@ -1768,6 +1908,8 @@ int wl12xx_cmd_stop_channel_switch(struct wl1271 *wl)
1768 goto out; 1908 goto out;
1769 } 1909 }
1770 1910
1911 cmd->role_id = wlvif->role_id;
1912
1771 ret = wl1271_cmd_send(wl, CMD_STOP_CHANNEL_SWICTH, cmd, sizeof(*cmd), 0); 1913 ret = wl1271_cmd_send(wl, CMD_STOP_CHANNEL_SWICTH, cmd, sizeof(*cmd), 0);
1772 if (ret < 0) { 1914 if (ret < 0) {
1773 wl1271_error("failed to stop channel switch command"); 1915 wl1271_error("failed to stop channel switch command");
@@ -1782,7 +1924,8 @@ out:
1782} 1924}
1783 1925
1784/* start dev role and roc on its channel */ 1926/* start dev role and roc on its channel */
1785int wl12xx_start_dev(struct wl1271 *wl, struct wl12xx_vif *wlvif) 1927int wl12xx_start_dev(struct wl1271 *wl, struct wl12xx_vif *wlvif,
1928 enum ieee80211_band band, int channel)
1786{ 1929{
1787 int ret; 1930 int ret;
1788 1931
@@ -1797,11 +1940,11 @@ int wl12xx_start_dev(struct wl1271 *wl, struct wl12xx_vif *wlvif)
1797 if (ret < 0) 1940 if (ret < 0)
1798 goto out; 1941 goto out;
1799 1942
1800 ret = wl12xx_cmd_role_start_dev(wl, wlvif); 1943 ret = wl12xx_cmd_role_start_dev(wl, wlvif, band, channel);
1801 if (ret < 0) 1944 if (ret < 0)
1802 goto out_disable; 1945 goto out_disable;
1803 1946
1804 ret = wl12xx_roc(wl, wlvif, wlvif->dev_role_id); 1947 ret = wl12xx_roc(wl, wlvif, wlvif->dev_role_id, band, channel);
1805 if (ret < 0) 1948 if (ret < 0)
1806 goto out_stop; 1949 goto out_stop;
1807 1950
diff --git a/drivers/net/wireless/ti/wlcore/cmd.h b/drivers/net/wireless/ti/wlcore/cmd.h
index 2409f3d71f63..fd34123047cd 100644
--- a/drivers/net/wireless/ti/wlcore/cmd.h
+++ b/drivers/net/wireless/ti/wlcore/cmd.h
@@ -31,6 +31,8 @@ struct acx_header;
31 31
32int wl1271_cmd_send(struct wl1271 *wl, u16 id, void *buf, size_t len, 32int wl1271_cmd_send(struct wl1271 *wl, u16 id, void *buf, size_t len,
33 size_t res_len); 33 size_t res_len);
34int wlcore_cmd_send_failsafe(struct wl1271 *wl, u16 id, void *buf, size_t len,
35 size_t res_len, unsigned long valid_rets);
34int wl12xx_cmd_role_enable(struct wl1271 *wl, u8 *addr, u8 role_type, 36int wl12xx_cmd_role_enable(struct wl1271 *wl, u8 *addr, u8 role_type,
35 u8 *role_id); 37 u8 *role_id);
36int wl12xx_cmd_role_disable(struct wl1271 *wl, u8 *role_id); 38int wl12xx_cmd_role_disable(struct wl1271 *wl, u8 *role_id);
@@ -39,11 +41,14 @@ int wl12xx_cmd_role_stop_sta(struct wl1271 *wl, struct wl12xx_vif *wlvif);
39int wl12xx_cmd_role_start_ap(struct wl1271 *wl, struct wl12xx_vif *wlvif); 41int wl12xx_cmd_role_start_ap(struct wl1271 *wl, struct wl12xx_vif *wlvif);
40int wl12xx_cmd_role_stop_ap(struct wl1271 *wl, struct wl12xx_vif *wlvif); 42int wl12xx_cmd_role_stop_ap(struct wl1271 *wl, struct wl12xx_vif *wlvif);
41int wl12xx_cmd_role_start_ibss(struct wl1271 *wl, struct wl12xx_vif *wlvif); 43int wl12xx_cmd_role_start_ibss(struct wl1271 *wl, struct wl12xx_vif *wlvif);
42int wl12xx_start_dev(struct wl1271 *wl, struct wl12xx_vif *wlvif); 44int wl12xx_start_dev(struct wl1271 *wl, struct wl12xx_vif *wlvif,
45 enum ieee80211_band band, int channel);
43int wl12xx_stop_dev(struct wl1271 *wl, struct wl12xx_vif *wlvif); 46int wl12xx_stop_dev(struct wl1271 *wl, struct wl12xx_vif *wlvif);
44int wl1271_cmd_test(struct wl1271 *wl, void *buf, size_t buf_len, u8 answer); 47int wl1271_cmd_test(struct wl1271 *wl, void *buf, size_t buf_len, u8 answer);
45int wl1271_cmd_interrogate(struct wl1271 *wl, u16 id, void *buf, size_t len); 48int wl1271_cmd_interrogate(struct wl1271 *wl, u16 id, void *buf, size_t len);
46int wl1271_cmd_configure(struct wl1271 *wl, u16 id, void *buf, size_t len); 49int wl1271_cmd_configure(struct wl1271 *wl, u16 id, void *buf, size_t len);
50int wlcore_cmd_configure_failsafe(struct wl1271 *wl, u16 id, void *buf,
51 size_t len, unsigned long valid_rets);
47int wl1271_cmd_data_path(struct wl1271 *wl, bool enable); 52int wl1271_cmd_data_path(struct wl1271 *wl, bool enable);
48int wl1271_cmd_ps_mode(struct wl1271 *wl, struct wl12xx_vif *wlvif, 53int wl1271_cmd_ps_mode(struct wl1271 *wl, struct wl12xx_vif *wlvif,
49 u8 ps_mode, u16 auto_ps_timeout); 54 u8 ps_mode, u16 auto_ps_timeout);
@@ -75,22 +80,30 @@ int wl1271_cmd_set_ap_key(struct wl1271 *wl, struct wl12xx_vif *wlvif,
75 u16 action, u8 id, u8 key_type, 80 u16 action, u8 id, u8 key_type,
76 u8 key_size, const u8 *key, u8 hlid, u32 tx_seq_32, 81 u8 key_size, const u8 *key, u8 hlid, u32 tx_seq_32,
77 u16 tx_seq_16); 82 u16 tx_seq_16);
78int wl12xx_cmd_set_peer_state(struct wl1271 *wl, u8 hlid); 83int wl12xx_cmd_set_peer_state(struct wl1271 *wl, struct wl12xx_vif *wlvif,
79int wl12xx_roc(struct wl1271 *wl, struct wl12xx_vif *wlvif, u8 role_id); 84 u8 hlid);
85int wl12xx_roc(struct wl1271 *wl, struct wl12xx_vif *wlvif, u8 role_id,
86 enum ieee80211_band band, u8 channel);
80int wl12xx_croc(struct wl1271 *wl, u8 role_id); 87int wl12xx_croc(struct wl1271 *wl, u8 role_id);
81int wl12xx_cmd_add_peer(struct wl1271 *wl, struct wl12xx_vif *wlvif, 88int wl12xx_cmd_add_peer(struct wl1271 *wl, struct wl12xx_vif *wlvif,
82 struct ieee80211_sta *sta, u8 hlid); 89 struct ieee80211_sta *sta, u8 hlid);
83int wl12xx_cmd_remove_peer(struct wl1271 *wl, u8 hlid); 90int wl12xx_cmd_remove_peer(struct wl1271 *wl, u8 hlid);
91void wlcore_set_pending_regdomain_ch(struct wl1271 *wl, u16 channel,
92 enum ieee80211_band band);
93int wlcore_cmd_regdomain_config_locked(struct wl1271 *wl);
84int wl12xx_cmd_config_fwlog(struct wl1271 *wl); 94int wl12xx_cmd_config_fwlog(struct wl1271 *wl);
85int wl12xx_cmd_start_fwlog(struct wl1271 *wl); 95int wl12xx_cmd_start_fwlog(struct wl1271 *wl);
86int wl12xx_cmd_stop_fwlog(struct wl1271 *wl); 96int wl12xx_cmd_stop_fwlog(struct wl1271 *wl);
87int wl12xx_cmd_channel_switch(struct wl1271 *wl, 97int wl12xx_cmd_channel_switch(struct wl1271 *wl,
88 struct wl12xx_vif *wlvif, 98 struct wl12xx_vif *wlvif,
89 struct ieee80211_channel_switch *ch_switch); 99 struct ieee80211_channel_switch *ch_switch);
90int wl12xx_cmd_stop_channel_switch(struct wl1271 *wl); 100int wl12xx_cmd_stop_channel_switch(struct wl1271 *wl,
101 struct wl12xx_vif *wlvif);
91int wl12xx_allocate_link(struct wl1271 *wl, struct wl12xx_vif *wlvif, 102int wl12xx_allocate_link(struct wl1271 *wl, struct wl12xx_vif *wlvif,
92 u8 *hlid); 103 u8 *hlid);
93void wl12xx_free_link(struct wl1271 *wl, struct wl12xx_vif *wlvif, u8 *hlid); 104void wl12xx_free_link(struct wl1271 *wl, struct wl12xx_vif *wlvif, u8 *hlid);
105int wlcore_cmd_wait_for_event_or_timeout(struct wl1271 *wl,
106 u32 mask, bool *timeout);
94 107
95enum wl1271_commands { 108enum wl1271_commands {
96 CMD_INTERROGATE = 1, /* use this to read information elements */ 109 CMD_INTERROGATE = 1, /* use this to read information elements */
@@ -149,8 +162,11 @@ enum wl1271_commands {
149 CMD_WFD_START_DISCOVERY = 45, 162 CMD_WFD_START_DISCOVERY = 45,
150 CMD_WFD_STOP_DISCOVERY = 46, 163 CMD_WFD_STOP_DISCOVERY = 46,
151 CMD_WFD_ATTRIBUTE_CONFIG = 47, 164 CMD_WFD_ATTRIBUTE_CONFIG = 47,
152 CMD_NOP = 48, 165 CMD_GENERIC_CFG = 48,
153 CMD_LAST_COMMAND, 166 CMD_NOP = 49,
167
168 /* start of 18xx specific commands */
169 CMD_DFS_CHANNEL_CONFIG = 60,
154 170
155 MAX_COMMAND_ID = 0xFFFF, 171 MAX_COMMAND_ID = 0xFFFF,
156}; 172};
@@ -167,8 +183,8 @@ enum cmd_templ {
167 CMD_TEMPL_PS_POLL, 183 CMD_TEMPL_PS_POLL,
168 CMD_TEMPL_KLV, 184 CMD_TEMPL_KLV,
169 CMD_TEMPL_DISCONNECT, 185 CMD_TEMPL_DISCONNECT,
170 CMD_TEMPL_APP_PROBE_REQ_2_4, 186 CMD_TEMPL_APP_PROBE_REQ_2_4_LEGACY,
171 CMD_TEMPL_APP_PROBE_REQ_5, 187 CMD_TEMPL_APP_PROBE_REQ_5_LEGACY,
172 CMD_TEMPL_BAR, /* for firmware internal use only */ 188 CMD_TEMPL_BAR, /* for firmware internal use only */
173 CMD_TEMPL_CTS, /* 189 CMD_TEMPL_CTS, /*
174 * For CTS-to-self (FastCTS) mechanism 190 * For CTS-to-self (FastCTS) mechanism
@@ -179,6 +195,8 @@ enum cmd_templ {
179 CMD_TEMPL_DEAUTH_AP, 195 CMD_TEMPL_DEAUTH_AP,
180 CMD_TEMPL_TEMPORARY, 196 CMD_TEMPL_TEMPORARY,
181 CMD_TEMPL_LINK_MEASUREMENT_REPORT, 197 CMD_TEMPL_LINK_MEASUREMENT_REPORT,
198 CMD_TEMPL_PROBE_REQ_2_4_PERIODIC,
199 CMD_TEMPL_PROBE_REQ_5_PERIODIC,
182 200
183 CMD_TEMPL_MAX = 0xff 201 CMD_TEMPL_MAX = 0xff
184}; 202};
@@ -220,7 +238,8 @@ enum {
220 CMD_STATUS_FW_RESET = 22, /* Driver internal use.*/ 238 CMD_STATUS_FW_RESET = 22, /* Driver internal use.*/
221 CMD_STATUS_TEMPLATE_OOM = 23, 239 CMD_STATUS_TEMPLATE_OOM = 23,
222 CMD_STATUS_NO_RX_BA_SESSION = 24, 240 CMD_STATUS_NO_RX_BA_SESSION = 24,
223 MAX_COMMAND_STATUS = 0xff 241
242 MAX_COMMAND_STATUS
224}; 243};
225 244
226#define CMDMBOX_HEADER_LEN 4 245#define CMDMBOX_HEADER_LEN 4
@@ -345,7 +364,15 @@ struct wl12xx_cmd_role_start {
345 364
346 u8 reset_tsf; 365 u8 reset_tsf;
347 366
348 u8 padding_1[4]; 367 /*
368 * ap supports wmm (note that there is additional
369 * per-sta wmm configuration)
370 */
371 u8 wmm;
372
373 u8 bcast_session_id;
374 u8 global_session_id;
375 u8 padding_1[1];
349 } __packed ap; 376 } __packed ap;
350 }; 377 };
351} __packed; 378} __packed;
@@ -515,7 +542,14 @@ struct wl12xx_cmd_set_peer_state {
515 542
516 u8 hlid; 543 u8 hlid;
517 u8 state; 544 u8 state;
518 u8 padding[2]; 545
546 /*
547 * wmm is relevant for sta role only.
548 * ap role configures the per-sta wmm params in
549 * the add_peer command.
550 */
551 u8 wmm;
552 u8 padding[1];
519} __packed; 553} __packed;
520 554
521struct wl12xx_cmd_roc { 555struct wl12xx_cmd_roc {
@@ -558,7 +592,7 @@ struct wl12xx_cmd_add_peer {
558 u8 bss_index; 592 u8 bss_index;
559 u8 sp_len; 593 u8 sp_len;
560 u8 wmm; 594 u8 wmm;
561 u8 padding1; 595 u8 session_id;
562} __packed; 596} __packed;
563 597
564struct wl12xx_cmd_remove_peer { 598struct wl12xx_cmd_remove_peer {
@@ -597,6 +631,13 @@ enum wl12xx_fwlogger_output {
597 WL12XX_FWLOG_OUTPUT_HOST, 631 WL12XX_FWLOG_OUTPUT_HOST,
598}; 632};
599 633
634struct wl12xx_cmd_regdomain_dfs_config {
635 struct wl1271_cmd_header header;
636
637 __le32 ch_bit_map1;
638 __le32 ch_bit_map2;
639} __packed;
640
600struct wl12xx_cmd_config_fwlog { 641struct wl12xx_cmd_config_fwlog {
601 struct wl1271_cmd_header header; 642 struct wl1271_cmd_header header;
602 643
@@ -626,27 +667,13 @@ struct wl12xx_cmd_stop_fwlog {
626 struct wl1271_cmd_header header; 667 struct wl1271_cmd_header header;
627} __packed; 668} __packed;
628 669
629struct wl12xx_cmd_channel_switch { 670struct wl12xx_cmd_stop_channel_switch {
630 struct wl1271_cmd_header header; 671 struct wl1271_cmd_header header;
631 672
632 u8 role_id; 673 u8 role_id;
633
634 /* The new serving channel */
635 u8 channel;
636 /* Relative time of the serving channel switch in TBTT units */
637 u8 switch_time;
638 /* Stop the role TX, should expect it after radar detection */
639 u8 stop_tx;
640 /* The target channel tx status 1-stopped 0-open*/
641 u8 post_switch_tx_disable;
642
643 u8 padding[3]; 674 u8 padding[3];
644} __packed; 675} __packed;
645 676
646struct wl12xx_cmd_stop_channel_switch {
647 struct wl1271_cmd_header header;
648} __packed;
649
650/* Used to check radio status after calibration */ 677/* Used to check radio status after calibration */
651#define MAX_TLV_LENGTH 500 678#define MAX_TLV_LENGTH 500
652#define TEST_CMD_P2G_CAL 2 /* TX BiP */ 679#define TEST_CMD_P2G_CAL 2 /* TX BiP */
diff --git a/drivers/net/wireless/ti/wlcore/conf.h b/drivers/net/wireless/ti/wlcore/conf.h
index 9e40760bafe1..2b96ff821341 100644
--- a/drivers/net/wireless/ti/wlcore/conf.h
+++ b/drivers/net/wireless/ti/wlcore/conf.h
@@ -57,20 +57,49 @@ enum {
57}; 57};
58 58
59enum { 59enum {
60 CONF_HW_RATE_INDEX_1MBPS = 0, 60 CONF_HW_RATE_INDEX_1MBPS = 0,
61 CONF_HW_RATE_INDEX_2MBPS = 1, 61 CONF_HW_RATE_INDEX_2MBPS = 1,
62 CONF_HW_RATE_INDEX_5_5MBPS = 2, 62 CONF_HW_RATE_INDEX_5_5MBPS = 2,
63 CONF_HW_RATE_INDEX_6MBPS = 3, 63 CONF_HW_RATE_INDEX_11MBPS = 3,
64 CONF_HW_RATE_INDEX_9MBPS = 4, 64 CONF_HW_RATE_INDEX_6MBPS = 4,
65 CONF_HW_RATE_INDEX_11MBPS = 5, 65 CONF_HW_RATE_INDEX_9MBPS = 5,
66 CONF_HW_RATE_INDEX_12MBPS = 6, 66 CONF_HW_RATE_INDEX_12MBPS = 6,
67 CONF_HW_RATE_INDEX_18MBPS = 7, 67 CONF_HW_RATE_INDEX_18MBPS = 7,
68 CONF_HW_RATE_INDEX_22MBPS = 8, 68 CONF_HW_RATE_INDEX_24MBPS = 8,
69 CONF_HW_RATE_INDEX_24MBPS = 9, 69 CONF_HW_RATE_INDEX_36MBPS = 9,
70 CONF_HW_RATE_INDEX_36MBPS = 10, 70 CONF_HW_RATE_INDEX_48MBPS = 10,
71 CONF_HW_RATE_INDEX_48MBPS = 11, 71 CONF_HW_RATE_INDEX_54MBPS = 11,
72 CONF_HW_RATE_INDEX_54MBPS = 12, 72 CONF_HW_RATE_INDEX_MCS0 = 12,
73 CONF_HW_RATE_INDEX_MAX = CONF_HW_RATE_INDEX_54MBPS, 73 CONF_HW_RATE_INDEX_MCS1 = 13,
74 CONF_HW_RATE_INDEX_MCS2 = 14,
75 CONF_HW_RATE_INDEX_MCS3 = 15,
76 CONF_HW_RATE_INDEX_MCS4 = 16,
77 CONF_HW_RATE_INDEX_MCS5 = 17,
78 CONF_HW_RATE_INDEX_MCS6 = 18,
79 CONF_HW_RATE_INDEX_MCS7 = 19,
80 CONF_HW_RATE_INDEX_MCS7_SGI = 20,
81 CONF_HW_RATE_INDEX_MCS0_40MHZ = 21,
82 CONF_HW_RATE_INDEX_MCS1_40MHZ = 22,
83 CONF_HW_RATE_INDEX_MCS2_40MHZ = 23,
84 CONF_HW_RATE_INDEX_MCS3_40MHZ = 24,
85 CONF_HW_RATE_INDEX_MCS4_40MHZ = 25,
86 CONF_HW_RATE_INDEX_MCS5_40MHZ = 26,
87 CONF_HW_RATE_INDEX_MCS6_40MHZ = 27,
88 CONF_HW_RATE_INDEX_MCS7_40MHZ = 28,
89 CONF_HW_RATE_INDEX_MCS7_40MHZ_SGI = 29,
90
91 /* MCS8+ rates overlap with 40Mhz rates */
92 CONF_HW_RATE_INDEX_MCS8 = 21,
93 CONF_HW_RATE_INDEX_MCS9 = 22,
94 CONF_HW_RATE_INDEX_MCS10 = 23,
95 CONF_HW_RATE_INDEX_MCS11 = 24,
96 CONF_HW_RATE_INDEX_MCS12 = 25,
97 CONF_HW_RATE_INDEX_MCS13 = 26,
98 CONF_HW_RATE_INDEX_MCS14 = 27,
99 CONF_HW_RATE_INDEX_MCS15 = 28,
100 CONF_HW_RATE_INDEX_MCS15_SGI = 29,
101
102 CONF_HW_RATE_INDEX_MAX = CONF_HW_RATE_INDEX_MCS7_40MHZ_SGI,
74}; 103};
75 104
76#define CONF_HW_RXTX_RATE_UNSUPPORTED 0xff 105#define CONF_HW_RXTX_RATE_UNSUPPORTED 0xff
@@ -415,11 +444,11 @@ struct conf_rx_settings {
415#define CONF_TX_RATE_MASK_BASIC_P2P CONF_HW_BIT_RATE_6MBPS 444#define CONF_TX_RATE_MASK_BASIC_P2P CONF_HW_BIT_RATE_6MBPS
416 445
417/* 446/*
418 * Rates supported for data packets when operating as AP. Note the absence 447 * Rates supported for data packets when operating as STA/AP. Note the absence
419 * of the 22Mbps rate. There is a FW limitation on 12 rates so we must drop 448 * of the 22Mbps rate. There is a FW limitation on 12 rates so we must drop
420 * one. The rate dropped is not mandatory under any operating mode. 449 * one. The rate dropped is not mandatory under any operating mode.
421 */ 450 */
422#define CONF_TX_AP_ENABLED_RATES (CONF_HW_BIT_RATE_1MBPS | \ 451#define CONF_TX_ENABLED_RATES (CONF_HW_BIT_RATE_1MBPS | \
423 CONF_HW_BIT_RATE_2MBPS | CONF_HW_BIT_RATE_5_5MBPS | \ 452 CONF_HW_BIT_RATE_2MBPS | CONF_HW_BIT_RATE_5_5MBPS | \
424 CONF_HW_BIT_RATE_6MBPS | CONF_HW_BIT_RATE_9MBPS | \ 453 CONF_HW_BIT_RATE_6MBPS | CONF_HW_BIT_RATE_9MBPS | \
425 CONF_HW_BIT_RATE_11MBPS | CONF_HW_BIT_RATE_12MBPS | \ 454 CONF_HW_BIT_RATE_11MBPS | CONF_HW_BIT_RATE_12MBPS | \
@@ -677,6 +706,18 @@ struct conf_tx_settings {
677 706
678 /* Time in ms for Tx watchdog timer to expire */ 707 /* Time in ms for Tx watchdog timer to expire */
679 u32 tx_watchdog_timeout; 708 u32 tx_watchdog_timeout;
709
710 /*
711 * when a slow link has this much packets pending, it becomes a low
712 * priority link, scheduling-wise
713 */
714 u8 slow_link_thold;
715
716 /*
717 * when a fast link has this much packets pending, it becomes a low
718 * priority link, scheduling-wise
719 */
720 u8 fast_link_thold;
680} __packed; 721} __packed;
681 722
682enum { 723enum {
@@ -1047,6 +1088,7 @@ struct conf_roam_trigger_settings {
1047struct conf_scan_settings { 1088struct conf_scan_settings {
1048 /* 1089 /*
1049 * The minimum time to wait on each channel for active scans 1090 * The minimum time to wait on each channel for active scans
1091 * This value will be used whenever there's a connected interface.
1050 * 1092 *
1051 * Range: u32 tu/1000 1093 * Range: u32 tu/1000
1052 */ 1094 */
@@ -1054,24 +1096,37 @@ struct conf_scan_settings {
1054 1096
1055 /* 1097 /*
1056 * The maximum time to wait on each channel for active scans 1098 * The maximum time to wait on each channel for active scans
1099 * This value will be currently used whenever there's a
1100 * connected interface. It shouldn't exceed 30000 (~30ms) to avoid
1101 * possible interference of voip traffic going on while scanning.
1057 * 1102 *
1058 * Range: u32 tu/1000 1103 * Range: u32 tu/1000
1059 */ 1104 */
1060 u32 max_dwell_time_active; 1105 u32 max_dwell_time_active;
1061 1106
1062 /* 1107 /* The minimum time to wait on each channel for active scans
1063 * The minimum time to wait on each channel for passive scans 1108 * when it's possible to have longer scan dwell times.
1109 * Currently this is used whenever we're idle on all interfaces.
1110 * Longer dwell times improve detection of networks within a
1111 * single scan.
1064 * 1112 *
1065 * Range: u32 tu/1000 1113 * Range: u32 tu/1000
1066 */ 1114 */
1067 u32 min_dwell_time_passive; 1115 u32 min_dwell_time_active_long;
1068 1116
1069 /* 1117 /* The maximum time to wait on each channel for active scans
1070 * The maximum time to wait on each channel for passive scans 1118 * when it's possible to have longer scan dwell times.
1119 * See min_dwell_time_active_long
1071 * 1120 *
1072 * Range: u32 tu/1000 1121 * Range: u32 tu/1000
1073 */ 1122 */
1074 u32 max_dwell_time_passive; 1123 u32 max_dwell_time_active_long;
1124
1125 /* time to wait on the channel for passive scans (in TU/1000) */
1126 u32 dwell_time_passive;
1127
1128 /* time to wait on the channel for DFS scans (in TU/1000) */
1129 u32 dwell_time_dfs;
1075 1130
1076 /* 1131 /*
1077 * Number of probe requests to transmit on each active scan channel 1132 * Number of probe requests to transmit on each active scan channel
@@ -1276,12 +1331,20 @@ struct conf_hangover_settings {
1276 u8 window_size; 1331 u8 window_size;
1277} __packed; 1332} __packed;
1278 1333
1334struct conf_recovery_settings {
1335 /* BUG() on fw recovery */
1336 u8 bug_on_recovery;
1337
1338 /* Prevent HW recovery. FW will remain stuck. */
1339 u8 no_recovery;
1340} __packed;
1341
1279/* 1342/*
1280 * The conf version consists of 4 bytes. The two MSB are the wlcore 1343 * The conf version consists of 4 bytes. The two MSB are the wlcore
1281 * version, the two LSB are the lower driver's private conf 1344 * version, the two LSB are the lower driver's private conf
1282 * version. 1345 * version.
1283 */ 1346 */
1284#define WLCORE_CONF_VERSION (0x0002 << 16) 1347#define WLCORE_CONF_VERSION (0x0005 << 16)
1285#define WLCORE_CONF_MASK 0xffff0000 1348#define WLCORE_CONF_MASK 0xffff0000
1286#define WLCORE_CONF_SIZE (sizeof(struct wlcore_conf_header) + \ 1349#define WLCORE_CONF_SIZE (sizeof(struct wlcore_conf_header) + \
1287 sizeof(struct wlcore_conf)) 1350 sizeof(struct wlcore_conf))
@@ -1309,6 +1372,7 @@ struct wlcore_conf {
1309 struct conf_fwlog fwlog; 1372 struct conf_fwlog fwlog;
1310 struct conf_rate_policy_settings rate; 1373 struct conf_rate_policy_settings rate;
1311 struct conf_hangover_settings hangover; 1374 struct conf_hangover_settings hangover;
1375 struct conf_recovery_settings recovery;
1312} __packed; 1376} __packed;
1313 1377
1314struct wlcore_conf_file { 1378struct wlcore_conf_file {
diff --git a/drivers/net/wireless/ti/wlcore/debugfs.c b/drivers/net/wireless/ti/wlcore/debugfs.c
index c86bb00c2488..e70a7c864865 100644
--- a/drivers/net/wireless/ti/wlcore/debugfs.c
+++ b/drivers/net/wireless/ti/wlcore/debugfs.c
@@ -490,7 +490,7 @@ static ssize_t driver_state_read(struct file *file, char __user *user_buf,
490 DRIVER_STATE_PRINT_HEX(chip.id); 490 DRIVER_STATE_PRINT_HEX(chip.id);
491 DRIVER_STATE_PRINT_STR(chip.fw_ver_str); 491 DRIVER_STATE_PRINT_STR(chip.fw_ver_str);
492 DRIVER_STATE_PRINT_STR(chip.phy_fw_ver_str); 492 DRIVER_STATE_PRINT_STR(chip.phy_fw_ver_str);
493 DRIVER_STATE_PRINT_INT(sched_scanning); 493 DRIVER_STATE_PRINT_INT(recovery_count);
494 494
495#undef DRIVER_STATE_PRINT_INT 495#undef DRIVER_STATE_PRINT_INT
496#undef DRIVER_STATE_PRINT_LONG 496#undef DRIVER_STATE_PRINT_LONG
@@ -560,7 +560,6 @@ static ssize_t vifs_state_read(struct file *file, char __user *user_buf,
560 if (wlvif->bss_type == BSS_TYPE_STA_BSS || 560 if (wlvif->bss_type == BSS_TYPE_STA_BSS ||
561 wlvif->bss_type == BSS_TYPE_IBSS) { 561 wlvif->bss_type == BSS_TYPE_IBSS) {
562 VIF_STATE_PRINT_INT(sta.hlid); 562 VIF_STATE_PRINT_INT(sta.hlid);
563 VIF_STATE_PRINT_INT(sta.ba_rx_bitmap);
564 VIF_STATE_PRINT_INT(sta.basic_rate_idx); 563 VIF_STATE_PRINT_INT(sta.basic_rate_idx);
565 VIF_STATE_PRINT_INT(sta.ap_rate_idx); 564 VIF_STATE_PRINT_INT(sta.ap_rate_idx);
566 VIF_STATE_PRINT_INT(sta.p2p_rate_idx); 565 VIF_STATE_PRINT_INT(sta.p2p_rate_idx);
@@ -577,6 +576,10 @@ static ssize_t vifs_state_read(struct file *file, char __user *user_buf,
577 VIF_STATE_PRINT_INT(ap.ucast_rate_idx[3]); 576 VIF_STATE_PRINT_INT(ap.ucast_rate_idx[3]);
578 } 577 }
579 VIF_STATE_PRINT_INT(last_tx_hlid); 578 VIF_STATE_PRINT_INT(last_tx_hlid);
579 VIF_STATE_PRINT_INT(tx_queue_count[0]);
580 VIF_STATE_PRINT_INT(tx_queue_count[1]);
581 VIF_STATE_PRINT_INT(tx_queue_count[2]);
582 VIF_STATE_PRINT_INT(tx_queue_count[3]);
580 VIF_STATE_PRINT_LHEX(links_map[0]); 583 VIF_STATE_PRINT_LHEX(links_map[0]);
581 VIF_STATE_PRINT_NSTR(ssid, wlvif->ssid_len); 584 VIF_STATE_PRINT_NSTR(ssid, wlvif->ssid_len);
582 VIF_STATE_PRINT_INT(band); 585 VIF_STATE_PRINT_INT(band);
@@ -589,7 +592,6 @@ static ssize_t vifs_state_read(struct file *file, char __user *user_buf,
589 VIF_STATE_PRINT_INT(beacon_int); 592 VIF_STATE_PRINT_INT(beacon_int);
590 VIF_STATE_PRINT_INT(default_key); 593 VIF_STATE_PRINT_INT(default_key);
591 VIF_STATE_PRINT_INT(aid); 594 VIF_STATE_PRINT_INT(aid);
592 VIF_STATE_PRINT_INT(session_counter);
593 VIF_STATE_PRINT_INT(psm_entry_retry); 595 VIF_STATE_PRINT_INT(psm_entry_retry);
594 VIF_STATE_PRINT_INT(power_level); 596 VIF_STATE_PRINT_INT(power_level);
595 VIF_STATE_PRINT_INT(rssi_thold); 597 VIF_STATE_PRINT_INT(rssi_thold);
@@ -993,7 +995,7 @@ static ssize_t sleep_auth_write(struct file *file,
993 return -EINVAL; 995 return -EINVAL;
994 } 996 }
995 997
996 if (value < 0 || value > WL1271_PSM_MAX) { 998 if (value > WL1271_PSM_MAX) {
997 wl1271_warning("sleep_auth must be between 0 and %d", 999 wl1271_warning("sleep_auth must be between 0 and %d",
998 WL1271_PSM_MAX); 1000 WL1271_PSM_MAX);
999 return -ERANGE; 1001 return -ERANGE;
diff --git a/drivers/net/wireless/ti/wlcore/event.c b/drivers/net/wireless/ti/wlcore/event.c
index 48907054d493..70f289aa1bc6 100644
--- a/drivers/net/wireless/ti/wlcore/event.c
+++ b/drivers/net/wireless/ti/wlcore/event.c
@@ -29,34 +29,39 @@
29#include "scan.h" 29#include "scan.h"
30#include "wl12xx_80211.h" 30#include "wl12xx_80211.h"
31 31
32static void wl1271_event_rssi_trigger(struct wl1271 *wl, 32void wlcore_event_rssi_trigger(struct wl1271 *wl, s8 *metric_arr)
33 struct wl12xx_vif *wlvif,
34 struct event_mailbox *mbox)
35{ 33{
36 struct ieee80211_vif *vif = wl12xx_wlvif_to_vif(wlvif); 34 struct wl12xx_vif *wlvif;
35 struct ieee80211_vif *vif;
37 enum nl80211_cqm_rssi_threshold_event event; 36 enum nl80211_cqm_rssi_threshold_event event;
38 s8 metric = mbox->rssi_snr_trigger_metric[0]; 37 s8 metric = metric_arr[0];
39 38
40 wl1271_debug(DEBUG_EVENT, "RSSI trigger metric: %d", metric); 39 wl1271_debug(DEBUG_EVENT, "RSSI trigger metric: %d", metric);
41 40
42 if (metric <= wlvif->rssi_thold) 41 /* TODO: check actual multi-role support */
43 event = NL80211_CQM_RSSI_THRESHOLD_EVENT_LOW; 42 wl12xx_for_each_wlvif_sta(wl, wlvif) {
44 else 43 if (metric <= wlvif->rssi_thold)
45 event = NL80211_CQM_RSSI_THRESHOLD_EVENT_HIGH; 44 event = NL80211_CQM_RSSI_THRESHOLD_EVENT_LOW;
46 45 else
47 if (event != wlvif->last_rssi_event) 46 event = NL80211_CQM_RSSI_THRESHOLD_EVENT_HIGH;
48 ieee80211_cqm_rssi_notify(vif, event, GFP_KERNEL); 47
49 wlvif->last_rssi_event = event; 48 vif = wl12xx_wlvif_to_vif(wlvif);
49 if (event != wlvif->last_rssi_event)
50 ieee80211_cqm_rssi_notify(vif, event, GFP_KERNEL);
51 wlvif->last_rssi_event = event;
52 }
50} 53}
54EXPORT_SYMBOL_GPL(wlcore_event_rssi_trigger);
51 55
52static void wl1271_stop_ba_event(struct wl1271 *wl, struct wl12xx_vif *wlvif) 56static void wl1271_stop_ba_event(struct wl1271 *wl, struct wl12xx_vif *wlvif)
53{ 57{
54 struct ieee80211_vif *vif = wl12xx_wlvif_to_vif(wlvif); 58 struct ieee80211_vif *vif = wl12xx_wlvif_to_vif(wlvif);
55 59
56 if (wlvif->bss_type != BSS_TYPE_AP_BSS) { 60 if (wlvif->bss_type != BSS_TYPE_AP_BSS) {
57 if (!wlvif->sta.ba_rx_bitmap) 61 u8 hlid = wlvif->sta.hlid;
62 if (!wl->links[hlid].ba_bitmap)
58 return; 63 return;
59 ieee80211_stop_rx_ba_session(vif, wlvif->sta.ba_rx_bitmap, 64 ieee80211_stop_rx_ba_session(vif, wl->links[hlid].ba_bitmap,
60 vif->bss_conf.bssid); 65 vif->bss_conf.bssid);
61 } else { 66 } else {
62 u8 hlid; 67 u8 hlid;
@@ -74,8 +79,7 @@ static void wl1271_stop_ba_event(struct wl1271 *wl, struct wl12xx_vif *wlvif)
74 } 79 }
75} 80}
76 81
77static void wl12xx_event_soft_gemini_sense(struct wl1271 *wl, 82void wlcore_event_soft_gemini_sense(struct wl1271 *wl, u8 enable)
78 u8 enable)
79{ 83{
80 struct wl12xx_vif *wlvif; 84 struct wl12xx_vif *wlvif;
81 85
@@ -87,201 +91,169 @@ static void wl12xx_event_soft_gemini_sense(struct wl1271 *wl,
87 wl1271_recalc_rx_streaming(wl, wlvif); 91 wl1271_recalc_rx_streaming(wl, wlvif);
88 } 92 }
89 } 93 }
90
91} 94}
95EXPORT_SYMBOL_GPL(wlcore_event_soft_gemini_sense);
92 96
93static void wl1271_event_mbox_dump(struct event_mailbox *mbox) 97void wlcore_event_sched_scan_completed(struct wl1271 *wl,
98 u8 status)
94{ 99{
95 wl1271_debug(DEBUG_EVENT, "MBOX DUMP:"); 100 wl1271_debug(DEBUG_EVENT, "PERIODIC_SCAN_COMPLETE_EVENT (status 0x%0x)",
96 wl1271_debug(DEBUG_EVENT, "\tvector: 0x%x", mbox->events_vector); 101 status);
97 wl1271_debug(DEBUG_EVENT, "\tmask: 0x%x", mbox->events_mask); 102
103 if (wl->sched_vif) {
104 ieee80211_sched_scan_stopped(wl->hw);
105 wl->sched_vif = NULL;
106 }
98} 107}
108EXPORT_SYMBOL_GPL(wlcore_event_sched_scan_completed);
99 109
100static int wl1271_event_process(struct wl1271 *wl) 110void wlcore_event_ba_rx_constraint(struct wl1271 *wl,
111 unsigned long roles_bitmap,
112 unsigned long allowed_bitmap)
101{ 113{
102 struct event_mailbox *mbox = wl->mbox;
103 struct ieee80211_vif *vif;
104 struct wl12xx_vif *wlvif; 114 struct wl12xx_vif *wlvif;
105 u32 vector;
106 bool disconnect_sta = false;
107 unsigned long sta_bitmap = 0;
108 int ret;
109
110 wl1271_event_mbox_dump(mbox);
111
112 vector = le32_to_cpu(mbox->events_vector);
113 vector &= ~(le32_to_cpu(mbox->events_mask));
114 wl1271_debug(DEBUG_EVENT, "vector: 0x%x", vector);
115 115
116 if (vector & SCAN_COMPLETE_EVENT_ID) { 116 wl1271_debug(DEBUG_EVENT, "%s: roles=0x%lx allowed=0x%lx",
117 wl1271_debug(DEBUG_EVENT, "status: 0x%x", 117 __func__, roles_bitmap, allowed_bitmap);
118 mbox->scheduled_scan_status);
119
120 wl1271_scan_stm(wl, wl->scan_vif);
121 }
122 118
123 if (vector & PERIODIC_SCAN_REPORT_EVENT_ID) { 119 wl12xx_for_each_wlvif(wl, wlvif) {
124 wl1271_debug(DEBUG_EVENT, "PERIODIC_SCAN_REPORT_EVENT " 120 if (wlvif->role_id == WL12XX_INVALID_ROLE_ID ||
125 "(status 0x%0x)", mbox->scheduled_scan_status); 121 !test_bit(wlvif->role_id , &roles_bitmap))
122 continue;
126 123
127 wl1271_scan_sched_scan_results(wl); 124 wlvif->ba_allowed = !!test_bit(wlvif->role_id,
125 &allowed_bitmap);
126 if (!wlvif->ba_allowed)
127 wl1271_stop_ba_event(wl, wlvif);
128 } 128 }
129}
130EXPORT_SYMBOL_GPL(wlcore_event_ba_rx_constraint);
129 131
130 if (vector & PERIODIC_SCAN_COMPLETE_EVENT_ID) { 132void wlcore_event_channel_switch(struct wl1271 *wl,
131 wl1271_debug(DEBUG_EVENT, "PERIODIC_SCAN_COMPLETE_EVENT " 133 unsigned long roles_bitmap,
132 "(status 0x%0x)", mbox->scheduled_scan_status); 134 bool success)
133 if (wl->sched_scanning) { 135{
134 ieee80211_sched_scan_stopped(wl->hw); 136 struct wl12xx_vif *wlvif;
135 wl->sched_scanning = false; 137 struct ieee80211_vif *vif;
136 }
137 }
138 138
139 if (vector & SOFT_GEMINI_SENSE_EVENT_ID) 139 wl1271_debug(DEBUG_EVENT, "%s: roles=0x%lx success=%d",
140 wl12xx_event_soft_gemini_sense(wl, 140 __func__, roles_bitmap, success);
141 mbox->soft_gemini_sense_info);
142 141
143 /* 142 wl12xx_for_each_wlvif_sta(wl, wlvif) {
144 * We are HW_MONITOR device. On beacon loss - queue 143 if (wlvif->role_id == WL12XX_INVALID_ROLE_ID ||
145 * connection loss work. Cancel it on REGAINED event. 144 !test_bit(wlvif->role_id , &roles_bitmap))
146 */ 145 continue;
147 if (vector & BSS_LOSE_EVENT_ID) {
148 /* TODO: check for multi-role */
149 int delay = wl->conf.conn.synch_fail_thold *
150 wl->conf.conn.bss_lose_timeout;
151 wl1271_info("Beacon loss detected.");
152 146
153 /* 147 if (!test_and_clear_bit(WLVIF_FLAG_CS_PROGRESS,
154 * if the work is already queued, it should take place. We 148 &wlvif->flags))
155 * don't want to delay the connection loss indication 149 continue;
156 * any more.
157 */
158 ieee80211_queue_delayed_work(wl->hw, &wl->connection_loss_work,
159 msecs_to_jiffies(delay));
160 150
161 wl12xx_for_each_wlvif_sta(wl, wlvif) { 151 vif = wl12xx_wlvif_to_vif(wlvif);
162 vif = wl12xx_wlvif_to_vif(wlvif);
163 152
164 ieee80211_cqm_rssi_notify( 153 ieee80211_chswitch_done(vif, success);
165 vif, 154 cancel_delayed_work(&wlvif->channel_switch_work);
166 NL80211_CQM_RSSI_BEACON_LOSS_EVENT,
167 GFP_KERNEL);
168 }
169 } 155 }
156}
157EXPORT_SYMBOL_GPL(wlcore_event_channel_switch);
170 158
171 if (vector & REGAINED_BSS_EVENT_ID) { 159void wlcore_event_dummy_packet(struct wl1271 *wl)
172 /* TODO: check for multi-role */ 160{
173 wl1271_info("Beacon regained."); 161 wl1271_debug(DEBUG_EVENT, "DUMMY_PACKET_ID_EVENT_ID");
174 cancel_delayed_work(&wl->connection_loss_work); 162 wl1271_tx_dummy_packet(wl);
175 163}
176 /* sanity check - we can't lose and gain the beacon together */ 164EXPORT_SYMBOL_GPL(wlcore_event_dummy_packet);
177 WARN(vector & BSS_LOSE_EVENT_ID,
178 "Concurrent beacon loss and gain from FW");
179 }
180 165
181 if (vector & RSSI_SNR_TRIGGER_0_EVENT_ID) { 166static void wlcore_disconnect_sta(struct wl1271 *wl, unsigned long sta_bitmap)
182 /* TODO: check actual multi-role support */ 167{
183 wl1271_debug(DEBUG_EVENT, "RSSI_SNR_TRIGGER_0_EVENT"); 168 u32 num_packets = wl->conf.tx.max_tx_retries;
184 wl12xx_for_each_wlvif_sta(wl, wlvif) { 169 struct wl12xx_vif *wlvif;
185 wl1271_event_rssi_trigger(wl, wlvif, mbox); 170 struct ieee80211_vif *vif;
171 struct ieee80211_sta *sta;
172 const u8 *addr;
173 int h;
174
175 for_each_set_bit(h, &sta_bitmap, WL12XX_MAX_LINKS) {
176 bool found = false;
177 /* find the ap vif connected to this sta */
178 wl12xx_for_each_wlvif_ap(wl, wlvif) {
179 if (!test_bit(h, wlvif->ap.sta_hlid_map))
180 continue;
181 found = true;
182 break;
186 } 183 }
187 } 184 if (!found)
185 continue;
188 186
189 if (vector & BA_SESSION_RX_CONSTRAINT_EVENT_ID) { 187 vif = wl12xx_wlvif_to_vif(wlvif);
190 u8 role_id = mbox->role_id; 188 addr = wl->links[h].addr;
191 wl1271_debug(DEBUG_EVENT, "BA_SESSION_RX_CONSTRAINT_EVENT_ID. "
192 "ba_allowed = 0x%x, role_id=%d",
193 mbox->rx_ba_allowed, role_id);
194 189
195 wl12xx_for_each_wlvif(wl, wlvif) { 190 rcu_read_lock();
196 if (role_id != 0xff && role_id != wlvif->role_id) 191 sta = ieee80211_find_sta(vif, addr);
197 continue; 192 if (sta) {
198 193 wl1271_debug(DEBUG_EVENT, "remove sta %d", h);
199 wlvif->ba_allowed = !!mbox->rx_ba_allowed; 194 ieee80211_report_low_ack(sta, num_packets);
200 if (!wlvif->ba_allowed)
201 wl1271_stop_ba_event(wl, wlvif);
202 } 195 }
196 rcu_read_unlock();
203 } 197 }
198}
204 199
205 if (vector & CHANNEL_SWITCH_COMPLETE_EVENT_ID) { 200void wlcore_event_max_tx_failure(struct wl1271 *wl, unsigned long sta_bitmap)
206 wl1271_debug(DEBUG_EVENT, "CHANNEL_SWITCH_COMPLETE_EVENT_ID. " 201{
207 "status = 0x%x", 202 wl1271_debug(DEBUG_EVENT, "MAX_TX_FAILURE_EVENT_ID");
208 mbox->channel_switch_status); 203 wlcore_disconnect_sta(wl, sta_bitmap);
209 /* 204}
210 * That event uses for two cases: 205EXPORT_SYMBOL_GPL(wlcore_event_max_tx_failure);
211 * 1) channel switch complete with status=0
212 * 2) channel switch failed status=1
213 */
214
215 /* TODO: configure only the relevant vif */
216 wl12xx_for_each_wlvif_sta(wl, wlvif) {
217 bool success;
218
219 if (!test_and_clear_bit(WLVIF_FLAG_CS_PROGRESS,
220 &wlvif->flags))
221 continue;
222
223 success = mbox->channel_switch_status ? false : true;
224 vif = wl12xx_wlvif_to_vif(wlvif);
225 206
226 ieee80211_chswitch_done(vif, success); 207void wlcore_event_inactive_sta(struct wl1271 *wl, unsigned long sta_bitmap)
227 } 208{
228 } 209 wl1271_debug(DEBUG_EVENT, "INACTIVE_STA_EVENT_ID");
210 wlcore_disconnect_sta(wl, sta_bitmap);
211}
212EXPORT_SYMBOL_GPL(wlcore_event_inactive_sta);
229 213
230 if ((vector & DUMMY_PACKET_EVENT_ID)) { 214void wlcore_event_roc_complete(struct wl1271 *wl)
231 wl1271_debug(DEBUG_EVENT, "DUMMY_PACKET_ID_EVENT_ID"); 215{
232 ret = wl1271_tx_dummy_packet(wl); 216 wl1271_debug(DEBUG_EVENT, "REMAIN_ON_CHANNEL_COMPLETE_EVENT_ID");
233 if (ret < 0) 217 if (wl->roc_vif)
234 return ret; 218 ieee80211_ready_on_channel(wl->hw);
235 } 219}
220EXPORT_SYMBOL_GPL(wlcore_event_roc_complete);
236 221
222void wlcore_event_beacon_loss(struct wl1271 *wl, unsigned long roles_bitmap)
223{
237 /* 224 /*
238 * "TX retries exceeded" has a different meaning according to mode. 225 * We are HW_MONITOR device. On beacon loss - queue
239 * In AP mode the offending station is disconnected. 226 * connection loss work. Cancel it on REGAINED event.
240 */ 227 */
241 if (vector & MAX_TX_RETRY_EVENT_ID) { 228 struct wl12xx_vif *wlvif;
242 wl1271_debug(DEBUG_EVENT, "MAX_TX_RETRY_EVENT_ID"); 229 struct ieee80211_vif *vif;
243 sta_bitmap |= le16_to_cpu(mbox->sta_tx_retry_exceeded); 230 int delay = wl->conf.conn.synch_fail_thold *
244 disconnect_sta = true; 231 wl->conf.conn.bss_lose_timeout;
245 }
246 232
247 if (vector & INACTIVE_STA_EVENT_ID) { 233 wl1271_info("Beacon loss detected. roles:0x%lx", roles_bitmap);
248 wl1271_debug(DEBUG_EVENT, "INACTIVE_STA_EVENT_ID");
249 sta_bitmap |= le16_to_cpu(mbox->sta_aging_status);
250 disconnect_sta = true;
251 }
252 234
253 if (disconnect_sta) { 235 wl12xx_for_each_wlvif_sta(wl, wlvif) {
254 u32 num_packets = wl->conf.tx.max_tx_retries; 236 if (wlvif->role_id == WL12XX_INVALID_ROLE_ID ||
255 struct ieee80211_sta *sta; 237 !test_bit(wlvif->role_id , &roles_bitmap))
256 const u8 *addr; 238 continue;
257 int h;
258
259 for_each_set_bit(h, &sta_bitmap, WL12XX_MAX_LINKS) {
260 bool found = false;
261 /* find the ap vif connected to this sta */
262 wl12xx_for_each_wlvif_ap(wl, wlvif) {
263 if (!test_bit(h, wlvif->ap.sta_hlid_map))
264 continue;
265 found = true;
266 break;
267 }
268 if (!found)
269 continue;
270 239
271 vif = wl12xx_wlvif_to_vif(wlvif); 240 /*
272 addr = wl->links[h].addr; 241 * if the work is already queued, it should take place.
242 * We don't want to delay the connection loss
243 * indication any more.
244 */
245 ieee80211_queue_delayed_work(wl->hw,
246 &wlvif->connection_loss_work,
247 msecs_to_jiffies(delay));
273 248
274 rcu_read_lock(); 249 vif = wl12xx_wlvif_to_vif(wlvif);
275 sta = ieee80211_find_sta(vif, addr); 250 ieee80211_cqm_rssi_notify(
276 if (sta) { 251 vif,
277 wl1271_debug(DEBUG_EVENT, "remove sta %d", h); 252 NL80211_CQM_RSSI_BEACON_LOSS_EVENT,
278 ieee80211_report_low_ack(sta, num_packets); 253 GFP_KERNEL);
279 }
280 rcu_read_unlock();
281 }
282 } 254 }
283 return 0;
284} 255}
256EXPORT_SYMBOL_GPL(wlcore_event_beacon_loss);
285 257
286int wl1271_event_unmask(struct wl1271 *wl) 258int wl1271_event_unmask(struct wl1271 *wl)
287{ 259{
@@ -305,12 +277,12 @@ int wl1271_event_handle(struct wl1271 *wl, u8 mbox_num)
305 277
306 /* first we read the mbox descriptor */ 278 /* first we read the mbox descriptor */
307 ret = wlcore_read(wl, wl->mbox_ptr[mbox_num], wl->mbox, 279 ret = wlcore_read(wl, wl->mbox_ptr[mbox_num], wl->mbox,
308 sizeof(*wl->mbox), false); 280 wl->mbox_size, false);
309 if (ret < 0) 281 if (ret < 0)
310 return ret; 282 return ret;
311 283
312 /* process the descriptor */ 284 /* process the descriptor */
313 ret = wl1271_event_process(wl); 285 ret = wl->ops->process_mailbox_events(wl);
314 if (ret < 0) 286 if (ret < 0)
315 return ret; 287 return ret;
316 288
diff --git a/drivers/net/wireless/ti/wlcore/event.h b/drivers/net/wireless/ti/wlcore/event.h
index 8adf18d6c58f..acc7a59d3828 100644
--- a/drivers/net/wireless/ti/wlcore/event.h
+++ b/drivers/net/wireless/ti/wlcore/event.h
@@ -46,33 +46,17 @@ enum {
46 RSSI_SNR_TRIGGER_5_EVENT_ID = BIT(5), 46 RSSI_SNR_TRIGGER_5_EVENT_ID = BIT(5),
47 RSSI_SNR_TRIGGER_6_EVENT_ID = BIT(6), 47 RSSI_SNR_TRIGGER_6_EVENT_ID = BIT(6),
48 RSSI_SNR_TRIGGER_7_EVENT_ID = BIT(7), 48 RSSI_SNR_TRIGGER_7_EVENT_ID = BIT(7),
49 MEASUREMENT_START_EVENT_ID = BIT(8), 49
50 MEASUREMENT_COMPLETE_EVENT_ID = BIT(9),
51 SCAN_COMPLETE_EVENT_ID = BIT(10),
52 WFD_DISCOVERY_COMPLETE_EVENT_ID = BIT(11),
53 AP_DISCOVERY_COMPLETE_EVENT_ID = BIT(12),
54 RESERVED1 = BIT(13),
55 PSPOLL_DELIVERY_FAILURE_EVENT_ID = BIT(14),
56 ROLE_STOP_COMPLETE_EVENT_ID = BIT(15),
57 RADAR_DETECTED_EVENT_ID = BIT(16),
58 CHANNEL_SWITCH_COMPLETE_EVENT_ID = BIT(17),
59 BSS_LOSE_EVENT_ID = BIT(18),
60 REGAINED_BSS_EVENT_ID = BIT(19),
61 MAX_TX_RETRY_EVENT_ID = BIT(20),
62 DUMMY_PACKET_EVENT_ID = BIT(21),
63 SOFT_GEMINI_SENSE_EVENT_ID = BIT(22),
64 CHANGE_AUTO_MODE_TIMEOUT_EVENT_ID = BIT(23),
65 SOFT_GEMINI_AVALANCHE_EVENT_ID = BIT(24),
66 PLT_RX_CALIBRATION_COMPLETE_EVENT_ID = BIT(25),
67 INACTIVE_STA_EVENT_ID = BIT(26),
68 PEER_REMOVE_COMPLETE_EVENT_ID = BIT(27),
69 PERIODIC_SCAN_COMPLETE_EVENT_ID = BIT(28),
70 PERIODIC_SCAN_REPORT_EVENT_ID = BIT(29),
71 BA_SESSION_RX_CONSTRAINT_EVENT_ID = BIT(30),
72 REMAIN_ON_CHANNEL_COMPLETE_EVENT_ID = BIT(31),
73 EVENT_MBOX_ALL_EVENT_ID = 0x7fffffff, 50 EVENT_MBOX_ALL_EVENT_ID = 0x7fffffff,
74}; 51};
75 52
53/* events the driver might want to wait for */
54enum wlcore_wait_event {
55 WLCORE_EVENT_ROLE_STOP_COMPLETE,
56 WLCORE_EVENT_PEER_REMOVE_COMPLETE,
57 WLCORE_EVENT_DFS_CONFIG_COMPLETE
58};
59
76enum { 60enum {
77 EVENT_ENTER_POWER_SAVE_FAIL = 0, 61 EVENT_ENTER_POWER_SAVE_FAIL = 0,
78 EVENT_ENTER_POWER_SAVE_SUCCESS, 62 EVENT_ENTER_POWER_SAVE_SUCCESS,
@@ -80,61 +64,24 @@ enum {
80 64
81#define NUM_OF_RSSI_SNR_TRIGGERS 8 65#define NUM_OF_RSSI_SNR_TRIGGERS 8
82 66
83struct event_mailbox {
84 __le32 events_vector;
85 __le32 events_mask;
86 __le32 reserved_1;
87 __le32 reserved_2;
88
89 u8 number_of_scan_results;
90 u8 scan_tag;
91 u8 completed_scan_status;
92 u8 reserved_3;
93
94 u8 soft_gemini_sense_info;
95 u8 soft_gemini_protective_info;
96 s8 rssi_snr_trigger_metric[NUM_OF_RSSI_SNR_TRIGGERS];
97 u8 change_auto_mode_timeout;
98 u8 scheduled_scan_status;
99 u8 reserved4;
100 /* tuned channel (roc) */
101 u8 roc_channel;
102
103 __le16 hlid_removed_bitmap;
104
105 /* bitmap of aged stations (by HLID) */
106 __le16 sta_aging_status;
107
108 /* bitmap of stations (by HLID) which exceeded max tx retries */
109 __le16 sta_tx_retry_exceeded;
110
111 /* discovery completed results */
112 u8 discovery_tag;
113 u8 number_of_preq_results;
114 u8 number_of_prsp_results;
115 u8 reserved_5;
116
117 /* rx ba constraint */
118 u8 role_id; /* 0xFF means any role. */
119 u8 rx_ba_allowed;
120 u8 reserved_6[2];
121
122 /* Channel switch results */
123
124 u8 channel_switch_role_id;
125 u8 channel_switch_status;
126 u8 reserved_7[2];
127
128 u8 ps_poll_delivery_failure_role_ids;
129 u8 stopped_role_ids;
130 u8 started_role_ids;
131
132 u8 reserved_8[9];
133} __packed;
134
135struct wl1271; 67struct wl1271;
136 68
137int wl1271_event_unmask(struct wl1271 *wl); 69int wl1271_event_unmask(struct wl1271 *wl);
138int wl1271_event_handle(struct wl1271 *wl, u8 mbox); 70int wl1271_event_handle(struct wl1271 *wl, u8 mbox);
139 71
72void wlcore_event_soft_gemini_sense(struct wl1271 *wl, u8 enable);
73void wlcore_event_sched_scan_completed(struct wl1271 *wl,
74 u8 status);
75void wlcore_event_ba_rx_constraint(struct wl1271 *wl,
76 unsigned long roles_bitmap,
77 unsigned long allowed_bitmap);
78void wlcore_event_channel_switch(struct wl1271 *wl,
79 unsigned long roles_bitmap,
80 bool success);
81void wlcore_event_beacon_loss(struct wl1271 *wl, unsigned long roles_bitmap);
82void wlcore_event_dummy_packet(struct wl1271 *wl);
83void wlcore_event_max_tx_failure(struct wl1271 *wl, unsigned long sta_bitmap);
84void wlcore_event_inactive_sta(struct wl1271 *wl, unsigned long sta_bitmap);
85void wlcore_event_roc_complete(struct wl1271 *wl);
86void wlcore_event_rssi_trigger(struct wl1271 *wl, s8 *metric_arr);
140#endif 87#endif
diff --git a/drivers/net/wireless/ti/wlcore/hw_ops.h b/drivers/net/wireless/ti/wlcore/hw_ops.h
index 2673d783ec1e..7fd260c02a0a 100644
--- a/drivers/net/wireless/ti/wlcore/hw_ops.h
+++ b/drivers/net/wireless/ti/wlcore/hw_ops.h
@@ -201,4 +201,45 @@ wlcore_hw_pre_pkt_send(struct wl1271 *wl, u32 buf_offset, u32 last_len)
201 return buf_offset; 201 return buf_offset;
202} 202}
203 203
204static inline void
205wlcore_hw_sta_rc_update(struct wl1271 *wl, struct wl12xx_vif *wlvif,
206 struct ieee80211_sta *sta, u32 changed)
207{
208 if (wl->ops->sta_rc_update)
209 wl->ops->sta_rc_update(wl, wlvif, sta, changed);
210}
211
212static inline int
213wlcore_hw_set_peer_cap(struct wl1271 *wl,
214 struct ieee80211_sta_ht_cap *ht_cap,
215 bool allow_ht_operation,
216 u32 rate_set, u8 hlid)
217{
218 if (wl->ops->set_peer_cap)
219 return wl->ops->set_peer_cap(wl, ht_cap, allow_ht_operation,
220 rate_set, hlid);
221
222 return 0;
223}
224
225static inline bool
226wlcore_hw_lnk_high_prio(struct wl1271 *wl, u8 hlid,
227 struct wl1271_link *lnk)
228{
229 if (!wl->ops->lnk_high_prio)
230 BUG_ON(1);
231
232 return wl->ops->lnk_high_prio(wl, hlid, lnk);
233}
234
235static inline bool
236wlcore_hw_lnk_low_prio(struct wl1271 *wl, u8 hlid,
237 struct wl1271_link *lnk)
238{
239 if (!wl->ops->lnk_low_prio)
240 BUG_ON(1);
241
242 return wl->ops->lnk_low_prio(wl, hlid, lnk);
243}
244
204#endif 245#endif
diff --git a/drivers/net/wireless/ti/wlcore/init.c b/drivers/net/wireless/ti/wlcore/init.c
index 32d157f62f31..5c6f11e157d9 100644
--- a/drivers/net/wireless/ti/wlcore/init.c
+++ b/drivers/net/wireless/ti/wlcore/init.c
@@ -41,14 +41,14 @@ int wl1271_init_templates_config(struct wl1271 *wl)
41 41
42 /* send empty templates for fw memory reservation */ 42 /* send empty templates for fw memory reservation */
43 ret = wl1271_cmd_template_set(wl, WL12XX_INVALID_ROLE_ID, 43 ret = wl1271_cmd_template_set(wl, WL12XX_INVALID_ROLE_ID,
44 CMD_TEMPL_CFG_PROBE_REQ_2_4, NULL, 44 wl->scan_templ_id_2_4, NULL,
45 WL1271_CMD_TEMPL_MAX_SIZE, 45 WL1271_CMD_TEMPL_MAX_SIZE,
46 0, WL1271_RATE_AUTOMATIC); 46 0, WL1271_RATE_AUTOMATIC);
47 if (ret < 0) 47 if (ret < 0)
48 return ret; 48 return ret;
49 49
50 ret = wl1271_cmd_template_set(wl, WL12XX_INVALID_ROLE_ID, 50 ret = wl1271_cmd_template_set(wl, WL12XX_INVALID_ROLE_ID,
51 CMD_TEMPL_CFG_PROBE_REQ_5, 51 wl->scan_templ_id_5,
52 NULL, WL1271_CMD_TEMPL_MAX_SIZE, 0, 52 NULL, WL1271_CMD_TEMPL_MAX_SIZE, 0,
53 WL1271_RATE_AUTOMATIC); 53 WL1271_RATE_AUTOMATIC);
54 if (ret < 0) 54 if (ret < 0)
@@ -56,14 +56,16 @@ int wl1271_init_templates_config(struct wl1271 *wl)
56 56
57 if (wl->quirks & WLCORE_QUIRK_DUAL_PROBE_TMPL) { 57 if (wl->quirks & WLCORE_QUIRK_DUAL_PROBE_TMPL) {
58 ret = wl1271_cmd_template_set(wl, WL12XX_INVALID_ROLE_ID, 58 ret = wl1271_cmd_template_set(wl, WL12XX_INVALID_ROLE_ID,
59 CMD_TEMPL_APP_PROBE_REQ_2_4, NULL, 59 wl->sched_scan_templ_id_2_4,
60 NULL,
60 WL1271_CMD_TEMPL_MAX_SIZE, 61 WL1271_CMD_TEMPL_MAX_SIZE,
61 0, WL1271_RATE_AUTOMATIC); 62 0, WL1271_RATE_AUTOMATIC);
62 if (ret < 0) 63 if (ret < 0)
63 return ret; 64 return ret;
64 65
65 ret = wl1271_cmd_template_set(wl, WL12XX_INVALID_ROLE_ID, 66 ret = wl1271_cmd_template_set(wl, WL12XX_INVALID_ROLE_ID,
66 CMD_TEMPL_APP_PROBE_REQ_5, NULL, 67 wl->sched_scan_templ_id_5,
68 NULL,
67 WL1271_CMD_TEMPL_MAX_SIZE, 69 WL1271_CMD_TEMPL_MAX_SIZE,
68 0, WL1271_RATE_AUTOMATIC); 70 0, WL1271_RATE_AUTOMATIC);
69 if (ret < 0) 71 if (ret < 0)
@@ -463,7 +465,7 @@ int wl1271_init_ap_rates(struct wl1271 *wl, struct wl12xx_vif *wlvif)
463 if ((wlvif->basic_rate_set & CONF_TX_OFDM_RATES)) 465 if ((wlvif->basic_rate_set & CONF_TX_OFDM_RATES))
464 supported_rates = CONF_TX_OFDM_RATES; 466 supported_rates = CONF_TX_OFDM_RATES;
465 else 467 else
466 supported_rates = CONF_TX_AP_ENABLED_RATES; 468 supported_rates = CONF_TX_ENABLED_RATES;
467 469
468 /* unconditionally enable HT rates */ 470 /* unconditionally enable HT rates */
469 supported_rates |= CONF_TX_MCS_RATES; 471 supported_rates |= CONF_TX_MCS_RATES;
@@ -575,9 +577,6 @@ int wl1271_init_vif_specific(struct wl1271 *wl, struct ieee80211_vif *vif)
575 /* Configure for power according to debugfs */ 577 /* Configure for power according to debugfs */
576 if (sta_auth != WL1271_PSM_ILLEGAL) 578 if (sta_auth != WL1271_PSM_ILLEGAL)
577 ret = wl1271_acx_sleep_auth(wl, sta_auth); 579 ret = wl1271_acx_sleep_auth(wl, sta_auth);
578 /* Configure for power always on */
579 else if (wl->quirks & WLCORE_QUIRK_NO_ELP)
580 ret = wl1271_acx_sleep_auth(wl, WL1271_PSM_CAM);
581 /* Configure for ELP power saving */ 580 /* Configure for ELP power saving */
582 else 581 else
583 ret = wl1271_acx_sleep_auth(wl, WL1271_PSM_ELP); 582 ret = wl1271_acx_sleep_auth(wl, WL1271_PSM_ELP);
@@ -679,6 +678,10 @@ int wl1271_hw_init(struct wl1271 *wl)
679 if (ret < 0) 678 if (ret < 0)
680 return ret; 679 return ret;
681 680
681 ret = wlcore_cmd_regdomain_config_locked(wl);
682 if (ret < 0)
683 return ret;
684
682 /* Bluetooth WLAN coexistence */ 685 /* Bluetooth WLAN coexistence */
683 ret = wl1271_init_pta(wl); 686 ret = wl1271_init_pta(wl);
684 if (ret < 0) 687 if (ret < 0)
diff --git a/drivers/net/wireless/ti/wlcore/io.h b/drivers/net/wireless/ti/wlcore/io.h
index f48530fec14f..af7d9f9b3b4d 100644
--- a/drivers/net/wireless/ti/wlcore/io.h
+++ b/drivers/net/wireless/ti/wlcore/io.h
@@ -105,13 +105,13 @@ static inline int __must_check wlcore_raw_read32(struct wl1271 *wl, int addr,
105{ 105{
106 int ret; 106 int ret;
107 107
108 ret = wlcore_raw_read(wl, addr, &wl->buffer_32, 108 ret = wlcore_raw_read(wl, addr, wl->buffer_32,
109 sizeof(wl->buffer_32), false); 109 sizeof(*wl->buffer_32), false);
110 if (ret < 0) 110 if (ret < 0)
111 return ret; 111 return ret;
112 112
113 if (val) 113 if (val)
114 *val = le32_to_cpu(wl->buffer_32); 114 *val = le32_to_cpu(*wl->buffer_32);
115 115
116 return 0; 116 return 0;
117} 117}
@@ -119,9 +119,9 @@ static inline int __must_check wlcore_raw_read32(struct wl1271 *wl, int addr,
119static inline int __must_check wlcore_raw_write32(struct wl1271 *wl, int addr, 119static inline int __must_check wlcore_raw_write32(struct wl1271 *wl, int addr,
120 u32 val) 120 u32 val)
121{ 121{
122 wl->buffer_32 = cpu_to_le32(val); 122 *wl->buffer_32 = cpu_to_le32(val);
123 return wlcore_raw_write(wl, addr, &wl->buffer_32, 123 return wlcore_raw_write(wl, addr, wl->buffer_32,
124 sizeof(wl->buffer_32), false); 124 sizeof(*wl->buffer_32), false);
125} 125}
126 126
127static inline int __must_check wlcore_read(struct wl1271 *wl, int addr, 127static inline int __must_check wlcore_read(struct wl1271 *wl, int addr,
diff --git a/drivers/net/wireless/ti/wlcore/main.c b/drivers/net/wireless/ti/wlcore/main.c
index ea9d8e011bc9..e1dfdf94d0f7 100644
--- a/drivers/net/wireless/ti/wlcore/main.c
+++ b/drivers/net/wireless/ti/wlcore/main.c
@@ -56,8 +56,8 @@
56#define WL1271_BOOT_RETRIES 3 56#define WL1271_BOOT_RETRIES 3
57 57
58static char *fwlog_param; 58static char *fwlog_param;
59static bool bug_on_recovery; 59static int bug_on_recovery = -1;
60static bool no_recovery; 60static int no_recovery = -1;
61 61
62static void __wl1271_op_remove_interface(struct wl1271 *wl, 62static void __wl1271_op_remove_interface(struct wl1271 *wl,
63 struct ieee80211_vif *vif, 63 struct ieee80211_vif *vif,
@@ -79,22 +79,22 @@ static int wl12xx_set_authorized(struct wl1271 *wl,
79 if (test_and_set_bit(WLVIF_FLAG_STA_STATE_SENT, &wlvif->flags)) 79 if (test_and_set_bit(WLVIF_FLAG_STA_STATE_SENT, &wlvif->flags))
80 return 0; 80 return 0;
81 81
82 ret = wl12xx_cmd_set_peer_state(wl, wlvif->sta.hlid); 82 ret = wl12xx_cmd_set_peer_state(wl, wlvif, wlvif->sta.hlid);
83 if (ret < 0) 83 if (ret < 0)
84 return ret; 84 return ret;
85 85
86 wl12xx_croc(wl, wlvif->role_id);
87
88 wl1271_info("Association completed."); 86 wl1271_info("Association completed.");
89 return 0; 87 return 0;
90} 88}
91 89
92static int wl1271_reg_notify(struct wiphy *wiphy, 90static void wl1271_reg_notify(struct wiphy *wiphy,
93 struct regulatory_request *request) 91 struct regulatory_request *request)
94{ 92{
95 struct ieee80211_supported_band *band; 93 struct ieee80211_supported_band *band;
96 struct ieee80211_channel *ch; 94 struct ieee80211_channel *ch;
97 int i; 95 int i;
96 struct ieee80211_hw *hw = wiphy_to_ieee80211_hw(wiphy);
97 struct wl1271 *wl = hw->priv;
98 98
99 band = wiphy->bands[IEEE80211_BAND_5GHZ]; 99 band = wiphy->bands[IEEE80211_BAND_5GHZ];
100 for (i = 0; i < band->n_channels; i++) { 100 for (i = 0; i < band->n_channels; i++) {
@@ -108,7 +108,8 @@ static int wl1271_reg_notify(struct wiphy *wiphy,
108 108
109 } 109 }
110 110
111 return 0; 111 if (likely(wl->state == WLCORE_STATE_ON))
112 wlcore_regdomain_config(wl);
112} 113}
113 114
114static int wl1271_set_rx_streaming(struct wl1271 *wl, struct wl12xx_vif *wlvif, 115static int wl1271_set_rx_streaming(struct wl1271 *wl, struct wl12xx_vif *wlvif,
@@ -303,6 +304,7 @@ out:
303static void wlcore_adjust_conf(struct wl1271 *wl) 304static void wlcore_adjust_conf(struct wl1271 *wl)
304{ 305{
305 /* Adjust settings according to optional module parameters */ 306 /* Adjust settings according to optional module parameters */
307
306 if (fwlog_param) { 308 if (fwlog_param) {
307 if (!strcmp(fwlog_param, "continuous")) { 309 if (!strcmp(fwlog_param, "continuous")) {
308 wl->conf.fwlog.mode = WL12XX_FWLOG_CONTINUOUS; 310 wl->conf.fwlog.mode = WL12XX_FWLOG_CONTINUOUS;
@@ -318,16 +320,22 @@ static void wlcore_adjust_conf(struct wl1271 *wl)
318 wl1271_error("Unknown fwlog parameter %s", fwlog_param); 320 wl1271_error("Unknown fwlog parameter %s", fwlog_param);
319 } 321 }
320 } 322 }
323
324 if (bug_on_recovery != -1)
325 wl->conf.recovery.bug_on_recovery = (u8) bug_on_recovery;
326
327 if (no_recovery != -1)
328 wl->conf.recovery.no_recovery = (u8) no_recovery;
321} 329}
322 330
323static void wl12xx_irq_ps_regulate_link(struct wl1271 *wl, 331static void wl12xx_irq_ps_regulate_link(struct wl1271 *wl,
324 struct wl12xx_vif *wlvif, 332 struct wl12xx_vif *wlvif,
325 u8 hlid, u8 tx_pkts) 333 u8 hlid, u8 tx_pkts)
326{ 334{
327 bool fw_ps, single_sta; 335 bool fw_ps, single_link;
328 336
329 fw_ps = test_bit(hlid, (unsigned long *)&wl->ap_fw_ps_map); 337 fw_ps = test_bit(hlid, (unsigned long *)&wl->ap_fw_ps_map);
330 single_sta = (wl->active_sta_count == 1); 338 single_link = (wl->active_link_count == 1);
331 339
332 /* 340 /*
333 * Wake up from high level PS if the STA is asleep with too little 341 * Wake up from high level PS if the STA is asleep with too little
@@ -338,10 +346,10 @@ static void wl12xx_irq_ps_regulate_link(struct wl1271 *wl,
338 346
339 /* 347 /*
340 * Start high-level PS if the STA is asleep with enough blocks in FW. 348 * Start high-level PS if the STA is asleep with enough blocks in FW.
341 * Make an exception if this is the only connected station. In this 349 * Make an exception if this is the only connected link. In this
342 * case FW-memory congestion is not a problem. 350 * case FW-memory congestion is less of a problem.
343 */ 351 */
344 else if (!single_sta && fw_ps && tx_pkts >= WL1271_PS_STA_MAX_PACKETS) 352 else if (!single_link && fw_ps && tx_pkts >= WL1271_PS_STA_MAX_PACKETS)
345 wl12xx_ps_link_start(wl, wlvif, hlid, true); 353 wl12xx_ps_link_start(wl, wlvif, hlid, true);
346} 354}
347 355
@@ -349,11 +357,8 @@ static void wl12xx_irq_update_links_status(struct wl1271 *wl,
349 struct wl12xx_vif *wlvif, 357 struct wl12xx_vif *wlvif,
350 struct wl_fw_status_2 *status) 358 struct wl_fw_status_2 *status)
351{ 359{
352 struct wl1271_link *lnk;
353 u32 cur_fw_ps_map; 360 u32 cur_fw_ps_map;
354 u8 hlid, cnt; 361 u8 hlid;
355
356 /* TODO: also use link_fast_bitmap here */
357 362
358 cur_fw_ps_map = le32_to_cpu(status->link_ps_bitmap); 363 cur_fw_ps_map = le32_to_cpu(status->link_ps_bitmap);
359 if (wl->ap_fw_ps_map != cur_fw_ps_map) { 364 if (wl->ap_fw_ps_map != cur_fw_ps_map) {
@@ -365,17 +370,9 @@ static void wl12xx_irq_update_links_status(struct wl1271 *wl,
365 wl->ap_fw_ps_map = cur_fw_ps_map; 370 wl->ap_fw_ps_map = cur_fw_ps_map;
366 } 371 }
367 372
368 for_each_set_bit(hlid, wlvif->ap.sta_hlid_map, WL12XX_MAX_LINKS) { 373 for_each_set_bit(hlid, wlvif->ap.sta_hlid_map, WL12XX_MAX_LINKS)
369 lnk = &wl->links[hlid];
370 cnt = status->counters.tx_lnk_free_pkts[hlid] -
371 lnk->prev_freed_pkts;
372
373 lnk->prev_freed_pkts = status->counters.tx_lnk_free_pkts[hlid];
374 lnk->allocated_pkts -= cnt;
375
376 wl12xx_irq_ps_regulate_link(wl, wlvif, hlid, 374 wl12xx_irq_ps_regulate_link(wl, wlvif, hlid,
377 lnk->allocated_pkts); 375 wl->links[hlid].allocated_pkts);
378 }
379} 376}
380 377
381static int wlcore_fw_status(struct wl1271 *wl, 378static int wlcore_fw_status(struct wl1271 *wl,
@@ -389,6 +386,7 @@ static int wlcore_fw_status(struct wl1271 *wl,
389 int i; 386 int i;
390 size_t status_len; 387 size_t status_len;
391 int ret; 388 int ret;
389 struct wl1271_link *lnk;
392 390
393 status_len = WLCORE_FW_STATUS_1_LEN(wl->num_rx_desc) + 391 status_len = WLCORE_FW_STATUS_1_LEN(wl->num_rx_desc) +
394 sizeof(*status_2) + wl->fw_status_priv_len; 392 sizeof(*status_2) + wl->fw_status_priv_len;
@@ -414,6 +412,17 @@ static int wlcore_fw_status(struct wl1271 *wl,
414 wl->tx_pkts_freed[i] = status_2->counters.tx_released_pkts[i]; 412 wl->tx_pkts_freed[i] = status_2->counters.tx_released_pkts[i];
415 } 413 }
416 414
415
416 for_each_set_bit(i, wl->links_map, WL12XX_MAX_LINKS) {
417 lnk = &wl->links[i];
418 /* prevent wrap-around in freed-packets counter */
419 lnk->allocated_pkts -=
420 (status_2->counters.tx_lnk_free_pkts[i] -
421 lnk->prev_freed_pkts) & 0xff;
422
423 lnk->prev_freed_pkts = status_2->counters.tx_lnk_free_pkts[i];
424 }
425
417 /* prevent wrap-around in total blocks counter */ 426 /* prevent wrap-around in total blocks counter */
418 if (likely(wl->tx_blocks_freed <= 427 if (likely(wl->tx_blocks_freed <=
419 le32_to_cpu(status_2->total_released_blks))) 428 le32_to_cpu(status_2->total_released_blks)))
@@ -466,6 +475,8 @@ static int wlcore_fw_status(struct wl1271 *wl,
466 wl->time_offset = (timespec_to_ns(&ts) >> 10) - 475 wl->time_offset = (timespec_to_ns(&ts) >> 10) -
467 (s64)le32_to_cpu(status_2->fw_localtime); 476 (s64)le32_to_cpu(status_2->fw_localtime);
468 477
478 wl->fw_fast_lnk_map = le32_to_cpu(status_2->link_fast_bitmap);
479
469 return 0; 480 return 0;
470} 481}
471 482
@@ -802,11 +813,13 @@ static void wl12xx_read_fwlog_panic(struct wl1271 *wl)
802 813
803 /* 814 /*
804 * Make sure the chip is awake and the logger isn't active. 815 * Make sure the chip is awake and the logger isn't active.
805 * Do not send a stop fwlog command if the fw is hanged. 816 * Do not send a stop fwlog command if the fw is hanged or if
817 * dbgpins are used (due to some fw bug).
806 */ 818 */
807 if (wl1271_ps_elp_wakeup(wl)) 819 if (wl1271_ps_elp_wakeup(wl))
808 goto out; 820 goto out;
809 if (!wl->watchdog_recovery) 821 if (!wl->watchdog_recovery &&
822 wl->conf.fwlog.output != WL12XX_FWLOG_OUTPUT_DBG_PINS)
810 wl12xx_cmd_stop_fwlog(wl); 823 wl12xx_cmd_stop_fwlog(wl);
811 824
812 /* Read the first memory block address */ 825 /* Read the first memory block address */
@@ -874,7 +887,8 @@ static void wlcore_print_recovery(struct wl1271 *wl)
874 if (ret < 0) 887 if (ret < 0)
875 return; 888 return;
876 889
877 wl1271_info("pc: 0x%x, hint_sts: 0x%08x", pc, hint_sts); 890 wl1271_info("pc: 0x%x, hint_sts: 0x%08x count: %d",
891 pc, hint_sts, ++wl->recovery_count);
878 892
879 wlcore_set_partition(wl, &wl->ptable[PART_WORK]); 893 wlcore_set_partition(wl, &wl->ptable[PART_WORK]);
880} 894}
@@ -897,10 +911,10 @@ static void wl1271_recovery_work(struct work_struct *work)
897 wlcore_print_recovery(wl); 911 wlcore_print_recovery(wl);
898 } 912 }
899 913
900 BUG_ON(bug_on_recovery && 914 BUG_ON(wl->conf.recovery.bug_on_recovery &&
901 !test_bit(WL1271_FLAG_INTENDED_FW_RECOVERY, &wl->flags)); 915 !test_bit(WL1271_FLAG_INTENDED_FW_RECOVERY, &wl->flags));
902 916
903 if (no_recovery) { 917 if (wl->conf.recovery.no_recovery) {
904 wl1271_info("No recovery (chosen on module load). Fw will remain stuck."); 918 wl1271_info("No recovery (chosen on module load). Fw will remain stuck.");
905 goto out_unlock; 919 goto out_unlock;
906 } 920 }
@@ -920,11 +934,6 @@ static void wl1271_recovery_work(struct work_struct *work)
920 /* Prevent spurious TX during FW restart */ 934 /* Prevent spurious TX during FW restart */
921 wlcore_stop_queues(wl, WLCORE_QUEUE_STOP_REASON_FW_RESTART); 935 wlcore_stop_queues(wl, WLCORE_QUEUE_STOP_REASON_FW_RESTART);
922 936
923 if (wl->sched_scanning) {
924 ieee80211_sched_scan_stopped(wl->hw);
925 wl->sched_scanning = false;
926 }
927
928 /* reboot the chipset */ 937 /* reboot the chipset */
929 while (!list_empty(&wl->wlvif_list)) { 938 while (!list_empty(&wl->wlvif_list)) {
930 wlvif = list_first_entry(&wl->wlvif_list, 939 wlvif = list_first_entry(&wl->wlvif_list,
@@ -1141,7 +1150,6 @@ int wl1271_plt_stop(struct wl1271 *wl)
1141 cancel_work_sync(&wl->recovery_work); 1150 cancel_work_sync(&wl->recovery_work);
1142 cancel_delayed_work_sync(&wl->elp_work); 1151 cancel_delayed_work_sync(&wl->elp_work);
1143 cancel_delayed_work_sync(&wl->tx_watchdog_work); 1152 cancel_delayed_work_sync(&wl->tx_watchdog_work);
1144 cancel_delayed_work_sync(&wl->connection_loss_work);
1145 1153
1146 mutex_lock(&wl->mutex); 1154 mutex_lock(&wl->mutex);
1147 wl1271_power_off(wl); 1155 wl1271_power_off(wl);
@@ -1169,9 +1177,13 @@ static void wl1271_op_tx(struct ieee80211_hw *hw,
1169 int q, mapping; 1177 int q, mapping;
1170 u8 hlid; 1178 u8 hlid;
1171 1179
1172 if (vif) 1180 if (!vif) {
1173 wlvif = wl12xx_vif_to_data(vif); 1181 wl1271_debug(DEBUG_TX, "DROP skb with no vif");
1182 ieee80211_free_txskb(hw, skb);
1183 return;
1184 }
1174 1185
1186 wlvif = wl12xx_vif_to_data(vif);
1175 mapping = skb_get_queue_mapping(skb); 1187 mapping = skb_get_queue_mapping(skb);
1176 q = wl1271_tx_get_queue(mapping); 1188 q = wl1271_tx_get_queue(mapping);
1177 1189
@@ -1185,9 +1197,9 @@ static void wl1271_op_tx(struct ieee80211_hw *hw,
1185 * allow these packets through. 1197 * allow these packets through.
1186 */ 1198 */
1187 if (hlid == WL12XX_INVALID_LINK_ID || 1199 if (hlid == WL12XX_INVALID_LINK_ID ||
1188 (wlvif && !test_bit(hlid, wlvif->links_map)) || 1200 (!test_bit(hlid, wlvif->links_map)) ||
1189 (wlcore_is_queue_stopped(wl, q) && 1201 (wlcore_is_queue_stopped_locked(wl, wlvif, q) &&
1190 !wlcore_is_queue_stopped_by_reason(wl, q, 1202 !wlcore_is_queue_stopped_by_reason_locked(wl, wlvif, q,
1191 WLCORE_QUEUE_STOP_REASON_WATERMARK))) { 1203 WLCORE_QUEUE_STOP_REASON_WATERMARK))) {
1192 wl1271_debug(DEBUG_TX, "DROP skb hlid %d q %d", hlid, q); 1204 wl1271_debug(DEBUG_TX, "DROP skb hlid %d q %d", hlid, q);
1193 ieee80211_free_txskb(hw, skb); 1205 ieee80211_free_txskb(hw, skb);
@@ -1199,16 +1211,17 @@ static void wl1271_op_tx(struct ieee80211_hw *hw,
1199 skb_queue_tail(&wl->links[hlid].tx_queue[q], skb); 1211 skb_queue_tail(&wl->links[hlid].tx_queue[q], skb);
1200 1212
1201 wl->tx_queue_count[q]++; 1213 wl->tx_queue_count[q]++;
1214 wlvif->tx_queue_count[q]++;
1202 1215
1203 /* 1216 /*
1204 * The workqueue is slow to process the tx_queue and we need stop 1217 * The workqueue is slow to process the tx_queue and we need stop
1205 * the queue here, otherwise the queue will get too long. 1218 * the queue here, otherwise the queue will get too long.
1206 */ 1219 */
1207 if (wl->tx_queue_count[q] >= WL1271_TX_QUEUE_HIGH_WATERMARK && 1220 if (wlvif->tx_queue_count[q] >= WL1271_TX_QUEUE_HIGH_WATERMARK &&
1208 !wlcore_is_queue_stopped_by_reason(wl, q, 1221 !wlcore_is_queue_stopped_by_reason_locked(wl, wlvif, q,
1209 WLCORE_QUEUE_STOP_REASON_WATERMARK)) { 1222 WLCORE_QUEUE_STOP_REASON_WATERMARK)) {
1210 wl1271_debug(DEBUG_TX, "op_tx: stopping queues for q %d", q); 1223 wl1271_debug(DEBUG_TX, "op_tx: stopping queues for q %d", q);
1211 wlcore_stop_queue_locked(wl, q, 1224 wlcore_stop_queue_locked(wl, wlvif, q,
1212 WLCORE_QUEUE_STOP_REASON_WATERMARK); 1225 WLCORE_QUEUE_STOP_REASON_WATERMARK);
1213 } 1226 }
1214 1227
@@ -1843,11 +1856,10 @@ static void wlcore_op_stop_locked(struct wl1271 *wl)
1843 cancel_work_sync(&wl->tx_work); 1856 cancel_work_sync(&wl->tx_work);
1844 cancel_delayed_work_sync(&wl->elp_work); 1857 cancel_delayed_work_sync(&wl->elp_work);
1845 cancel_delayed_work_sync(&wl->tx_watchdog_work); 1858 cancel_delayed_work_sync(&wl->tx_watchdog_work);
1846 cancel_delayed_work_sync(&wl->connection_loss_work);
1847 1859
1848 /* let's notify MAC80211 about the remaining pending TX frames */ 1860 /* let's notify MAC80211 about the remaining pending TX frames */
1849 wl12xx_tx_reset(wl);
1850 mutex_lock(&wl->mutex); 1861 mutex_lock(&wl->mutex);
1862 wl12xx_tx_reset(wl);
1851 1863
1852 wl1271_power_off(wl); 1864 wl1271_power_off(wl);
1853 /* 1865 /*
@@ -1870,14 +1882,17 @@ static void wlcore_op_stop_locked(struct wl1271 *wl)
1870 wl->time_offset = 0; 1882 wl->time_offset = 0;
1871 wl->ap_fw_ps_map = 0; 1883 wl->ap_fw_ps_map = 0;
1872 wl->ap_ps_map = 0; 1884 wl->ap_ps_map = 0;
1873 wl->sched_scanning = false;
1874 wl->sleep_auth = WL1271_PSM_ILLEGAL; 1885 wl->sleep_auth = WL1271_PSM_ILLEGAL;
1875 memset(wl->roles_map, 0, sizeof(wl->roles_map)); 1886 memset(wl->roles_map, 0, sizeof(wl->roles_map));
1876 memset(wl->links_map, 0, sizeof(wl->links_map)); 1887 memset(wl->links_map, 0, sizeof(wl->links_map));
1877 memset(wl->roc_map, 0, sizeof(wl->roc_map)); 1888 memset(wl->roc_map, 0, sizeof(wl->roc_map));
1889 memset(wl->session_ids, 0, sizeof(wl->session_ids));
1878 wl->active_sta_count = 0; 1890 wl->active_sta_count = 0;
1891 wl->active_link_count = 0;
1879 1892
1880 /* The system link is always allocated */ 1893 /* The system link is always allocated */
1894 wl->links[WL12XX_SYSTEM_HLID].allocated_pkts = 0;
1895 wl->links[WL12XX_SYSTEM_HLID].prev_freed_pkts = 0;
1881 __set_bit(WL12XX_SYSTEM_HLID, wl->links_map); 1896 __set_bit(WL12XX_SYSTEM_HLID, wl->links_map);
1882 1897
1883 /* 1898 /*
@@ -1903,6 +1918,12 @@ static void wlcore_op_stop_locked(struct wl1271 *wl)
1903 wl->tx_res_if = NULL; 1918 wl->tx_res_if = NULL;
1904 kfree(wl->target_mem_map); 1919 kfree(wl->target_mem_map);
1905 wl->target_mem_map = NULL; 1920 wl->target_mem_map = NULL;
1921
1922 /*
1923 * FW channels must be re-calibrated after recovery,
1924 * clear the last Reg-Domain channel configuration.
1925 */
1926 memset(wl->reg_ch_conf_last, 0, sizeof(wl->reg_ch_conf_last));
1906} 1927}
1907 1928
1908static void wlcore_op_stop(struct ieee80211_hw *hw) 1929static void wlcore_op_stop(struct ieee80211_hw *hw)
@@ -1918,6 +1939,71 @@ static void wlcore_op_stop(struct ieee80211_hw *hw)
1918 mutex_unlock(&wl->mutex); 1939 mutex_unlock(&wl->mutex);
1919} 1940}
1920 1941
1942static void wlcore_channel_switch_work(struct work_struct *work)
1943{
1944 struct delayed_work *dwork;
1945 struct wl1271 *wl;
1946 struct ieee80211_vif *vif;
1947 struct wl12xx_vif *wlvif;
1948 int ret;
1949
1950 dwork = container_of(work, struct delayed_work, work);
1951 wlvif = container_of(dwork, struct wl12xx_vif, channel_switch_work);
1952 wl = wlvif->wl;
1953
1954 wl1271_info("channel switch failed (role_id: %d).", wlvif->role_id);
1955
1956 mutex_lock(&wl->mutex);
1957
1958 if (unlikely(wl->state != WLCORE_STATE_ON))
1959 goto out;
1960
1961 /* check the channel switch is still ongoing */
1962 if (!test_and_clear_bit(WLVIF_FLAG_CS_PROGRESS, &wlvif->flags))
1963 goto out;
1964
1965 vif = wl12xx_wlvif_to_vif(wlvif);
1966 ieee80211_chswitch_done(vif, false);
1967
1968 ret = wl1271_ps_elp_wakeup(wl);
1969 if (ret < 0)
1970 goto out;
1971
1972 wl12xx_cmd_stop_channel_switch(wl, wlvif);
1973
1974 wl1271_ps_elp_sleep(wl);
1975out:
1976 mutex_unlock(&wl->mutex);
1977}
1978
1979static void wlcore_connection_loss_work(struct work_struct *work)
1980{
1981 struct delayed_work *dwork;
1982 struct wl1271 *wl;
1983 struct ieee80211_vif *vif;
1984 struct wl12xx_vif *wlvif;
1985
1986 dwork = container_of(work, struct delayed_work, work);
1987 wlvif = container_of(dwork, struct wl12xx_vif, connection_loss_work);
1988 wl = wlvif->wl;
1989
1990 wl1271_info("Connection loss work (role_id: %d).", wlvif->role_id);
1991
1992 mutex_lock(&wl->mutex);
1993
1994 if (unlikely(wl->state != WLCORE_STATE_ON))
1995 goto out;
1996
1997 /* Call mac80211 connection loss */
1998 if (!test_bit(WLVIF_FLAG_STA_ASSOCIATED, &wlvif->flags))
1999 goto out;
2000
2001 vif = wl12xx_wlvif_to_vif(wlvif);
2002 ieee80211_connection_loss(vif);
2003out:
2004 mutex_unlock(&wl->mutex);
2005}
2006
1921static int wl12xx_allocate_rate_policy(struct wl1271 *wl, u8 *idx) 2007static int wl12xx_allocate_rate_policy(struct wl1271 *wl, u8 *idx)
1922{ 2008{
1923 u8 policy = find_first_zero_bit(wl->rate_policies_map, 2009 u8 policy = find_first_zero_bit(wl->rate_policies_map,
@@ -2037,15 +2123,15 @@ static int wl12xx_init_vif_data(struct wl1271 *wl, struct ieee80211_vif *vif)
2037 for (i = 0; i < CONF_TX_MAX_AC_COUNT; i++) 2123 for (i = 0; i < CONF_TX_MAX_AC_COUNT; i++)
2038 wl12xx_allocate_rate_policy(wl, 2124 wl12xx_allocate_rate_policy(wl,
2039 &wlvif->ap.ucast_rate_idx[i]); 2125 &wlvif->ap.ucast_rate_idx[i]);
2040 wlvif->basic_rate_set = CONF_TX_AP_ENABLED_RATES; 2126 wlvif->basic_rate_set = CONF_TX_ENABLED_RATES;
2041 /* 2127 /*
2042 * TODO: check if basic_rate shouldn't be 2128 * TODO: check if basic_rate shouldn't be
2043 * wl1271_tx_min_rate_get(wl, wlvif->basic_rate_set); 2129 * wl1271_tx_min_rate_get(wl, wlvif->basic_rate_set);
2044 * instead (the same thing for STA above). 2130 * instead (the same thing for STA above).
2045 */ 2131 */
2046 wlvif->basic_rate = CONF_TX_AP_ENABLED_RATES; 2132 wlvif->basic_rate = CONF_TX_ENABLED_RATES;
2047 /* TODO: this seems to be used only for STA, check it */ 2133 /* TODO: this seems to be used only for STA, check it */
2048 wlvif->rate_set = CONF_TX_AP_ENABLED_RATES; 2134 wlvif->rate_set = CONF_TX_ENABLED_RATES;
2049 } 2135 }
2050 2136
2051 wlvif->bitrate_masks[IEEE80211_BAND_2GHZ] = wl->conf.tx.basic_rate; 2137 wlvif->bitrate_masks[IEEE80211_BAND_2GHZ] = wl->conf.tx.basic_rate;
@@ -2065,6 +2151,10 @@ static int wl12xx_init_vif_data(struct wl1271 *wl, struct ieee80211_vif *vif)
2065 wl1271_rx_streaming_enable_work); 2151 wl1271_rx_streaming_enable_work);
2066 INIT_WORK(&wlvif->rx_streaming_disable_work, 2152 INIT_WORK(&wlvif->rx_streaming_disable_work,
2067 wl1271_rx_streaming_disable_work); 2153 wl1271_rx_streaming_disable_work);
2154 INIT_DELAYED_WORK(&wlvif->channel_switch_work,
2155 wlcore_channel_switch_work);
2156 INIT_DELAYED_WORK(&wlvif->connection_loss_work,
2157 wlcore_connection_loss_work);
2068 INIT_LIST_HEAD(&wlvif->list); 2158 INIT_LIST_HEAD(&wlvif->list);
2069 2159
2070 setup_timer(&wlvif->rx_streaming_timer, wl1271_rx_streaming_timer, 2160 setup_timer(&wlvif->rx_streaming_timer, wl1271_rx_streaming_timer,
@@ -2198,6 +2288,81 @@ static void wl12xx_force_active_psm(struct wl1271 *wl)
2198 } 2288 }
2199} 2289}
2200 2290
2291struct wlcore_hw_queue_iter_data {
2292 unsigned long hw_queue_map[BITS_TO_LONGS(WLCORE_NUM_MAC_ADDRESSES)];
2293 /* current vif */
2294 struct ieee80211_vif *vif;
2295 /* is the current vif among those iterated */
2296 bool cur_running;
2297};
2298
2299static void wlcore_hw_queue_iter(void *data, u8 *mac,
2300 struct ieee80211_vif *vif)
2301{
2302 struct wlcore_hw_queue_iter_data *iter_data = data;
2303
2304 if (WARN_ON_ONCE(vif->hw_queue[0] == IEEE80211_INVAL_HW_QUEUE))
2305 return;
2306
2307 if (iter_data->cur_running || vif == iter_data->vif) {
2308 iter_data->cur_running = true;
2309 return;
2310 }
2311
2312 __set_bit(vif->hw_queue[0] / NUM_TX_QUEUES, iter_data->hw_queue_map);
2313}
2314
2315static int wlcore_allocate_hw_queue_base(struct wl1271 *wl,
2316 struct wl12xx_vif *wlvif)
2317{
2318 struct ieee80211_vif *vif = wl12xx_wlvif_to_vif(wlvif);
2319 struct wlcore_hw_queue_iter_data iter_data = {};
2320 int i, q_base;
2321
2322 iter_data.vif = vif;
2323
2324 /* mark all bits taken by active interfaces */
2325 ieee80211_iterate_active_interfaces_atomic(wl->hw,
2326 IEEE80211_IFACE_ITER_RESUME_ALL,
2327 wlcore_hw_queue_iter, &iter_data);
2328
2329 /* the current vif is already running in mac80211 (resume/recovery) */
2330 if (iter_data.cur_running) {
2331 wlvif->hw_queue_base = vif->hw_queue[0];
2332 wl1271_debug(DEBUG_MAC80211,
2333 "using pre-allocated hw queue base %d",
2334 wlvif->hw_queue_base);
2335
2336 /* interface type might have changed type */
2337 goto adjust_cab_queue;
2338 }
2339
2340 q_base = find_first_zero_bit(iter_data.hw_queue_map,
2341 WLCORE_NUM_MAC_ADDRESSES);
2342 if (q_base >= WLCORE_NUM_MAC_ADDRESSES)
2343 return -EBUSY;
2344
2345 wlvif->hw_queue_base = q_base * NUM_TX_QUEUES;
2346 wl1271_debug(DEBUG_MAC80211, "allocating hw queue base: %d",
2347 wlvif->hw_queue_base);
2348
2349 for (i = 0; i < NUM_TX_QUEUES; i++) {
2350 wl->queue_stop_reasons[wlvif->hw_queue_base + i] = 0;
2351 /* register hw queues in mac80211 */
2352 vif->hw_queue[i] = wlvif->hw_queue_base + i;
2353 }
2354
2355adjust_cab_queue:
2356 /* the last places are reserved for cab queues per interface */
2357 if (wlvif->bss_type == BSS_TYPE_AP_BSS)
2358 vif->cab_queue = NUM_TX_QUEUES * WLCORE_NUM_MAC_ADDRESSES +
2359 wlvif->hw_queue_base / NUM_TX_QUEUES;
2360 else
2361 vif->cab_queue = IEEE80211_INVAL_HW_QUEUE;
2362
2363 return 0;
2364}
2365
2201static int wl1271_op_add_interface(struct ieee80211_hw *hw, 2366static int wl1271_op_add_interface(struct ieee80211_hw *hw,
2202 struct ieee80211_vif *vif) 2367 struct ieee80211_vif *vif)
2203{ 2368{
@@ -2244,6 +2409,10 @@ static int wl1271_op_add_interface(struct ieee80211_hw *hw,
2244 goto out; 2409 goto out;
2245 } 2410 }
2246 2411
2412 ret = wlcore_allocate_hw_queue_base(wl, wlvif);
2413 if (ret < 0)
2414 goto out;
2415
2247 if (wl12xx_need_fw_change(wl, vif_count, true)) { 2416 if (wl12xx_need_fw_change(wl, vif_count, true)) {
2248 wl12xx_force_active_psm(wl); 2417 wl12xx_force_active_psm(wl);
2249 set_bit(WL1271_FLAG_INTENDED_FW_RECOVERY, &wl->flags); 2418 set_bit(WL1271_FLAG_INTENDED_FW_RECOVERY, &wl->flags);
@@ -2314,7 +2483,7 @@ static void __wl1271_op_remove_interface(struct wl1271 *wl,
2314 wl1271_info("down"); 2483 wl1271_info("down");
2315 2484
2316 if (wl->scan.state != WL1271_SCAN_STATE_IDLE && 2485 if (wl->scan.state != WL1271_SCAN_STATE_IDLE &&
2317 wl->scan_vif == vif) { 2486 wl->scan_wlvif == wlvif) {
2318 /* 2487 /*
2319 * Rearm the tx watchdog just before idling scan. This 2488 * Rearm the tx watchdog just before idling scan. This
2320 * prevents just-finished scans from triggering the watchdog 2489 * prevents just-finished scans from triggering the watchdog
@@ -2323,11 +2492,21 @@ static void __wl1271_op_remove_interface(struct wl1271 *wl,
2323 2492
2324 wl->scan.state = WL1271_SCAN_STATE_IDLE; 2493 wl->scan.state = WL1271_SCAN_STATE_IDLE;
2325 memset(wl->scan.scanned_ch, 0, sizeof(wl->scan.scanned_ch)); 2494 memset(wl->scan.scanned_ch, 0, sizeof(wl->scan.scanned_ch));
2326 wl->scan_vif = NULL; 2495 wl->scan_wlvif = NULL;
2327 wl->scan.req = NULL; 2496 wl->scan.req = NULL;
2328 ieee80211_scan_completed(wl->hw, true); 2497 ieee80211_scan_completed(wl->hw, true);
2329 } 2498 }
2330 2499
2500 if (wl->sched_vif == wlvif) {
2501 ieee80211_sched_scan_stopped(wl->hw);
2502 wl->sched_vif = NULL;
2503 }
2504
2505 if (wl->roc_vif == vif) {
2506 wl->roc_vif = NULL;
2507 ieee80211_remain_on_channel_expired(wl->hw);
2508 }
2509
2331 if (!test_bit(WL1271_FLAG_RECOVERY_IN_PROGRESS, &wl->flags)) { 2510 if (!test_bit(WL1271_FLAG_RECOVERY_IN_PROGRESS, &wl->flags)) {
2332 /* disable active roles */ 2511 /* disable active roles */
2333 ret = wl1271_ps_elp_wakeup(wl); 2512 ret = wl1271_ps_elp_wakeup(wl);
@@ -2396,9 +2575,6 @@ deinit:
2396 /* Configure for power according to debugfs */ 2575 /* Configure for power according to debugfs */
2397 if (sta_auth != WL1271_PSM_ILLEGAL) 2576 if (sta_auth != WL1271_PSM_ILLEGAL)
2398 wl1271_acx_sleep_auth(wl, sta_auth); 2577 wl1271_acx_sleep_auth(wl, sta_auth);
2399 /* Configure for power always on */
2400 else if (wl->quirks & WLCORE_QUIRK_NO_ELP)
2401 wl1271_acx_sleep_auth(wl, WL1271_PSM_CAM);
2402 /* Configure for ELP power saving */ 2578 /* Configure for ELP power saving */
2403 else 2579 else
2404 wl1271_acx_sleep_auth(wl, WL1271_PSM_ELP); 2580 wl1271_acx_sleep_auth(wl, WL1271_PSM_ELP);
@@ -2410,6 +2586,7 @@ unlock:
2410 del_timer_sync(&wlvif->rx_streaming_timer); 2586 del_timer_sync(&wlvif->rx_streaming_timer);
2411 cancel_work_sync(&wlvif->rx_streaming_enable_work); 2587 cancel_work_sync(&wlvif->rx_streaming_enable_work);
2412 cancel_work_sync(&wlvif->rx_streaming_disable_work); 2588 cancel_work_sync(&wlvif->rx_streaming_disable_work);
2589 cancel_delayed_work_sync(&wlvif->connection_loss_work);
2413 2590
2414 mutex_lock(&wl->mutex); 2591 mutex_lock(&wl->mutex);
2415} 2592}
@@ -2468,8 +2645,7 @@ static int wl12xx_op_change_interface(struct ieee80211_hw *hw,
2468 return ret; 2645 return ret;
2469} 2646}
2470 2647
2471static int wl1271_join(struct wl1271 *wl, struct wl12xx_vif *wlvif, 2648static int wlcore_join(struct wl1271 *wl, struct wl12xx_vif *wlvif)
2472 bool set_assoc)
2473{ 2649{
2474 int ret; 2650 int ret;
2475 bool is_ibss = (wlvif->bss_type == BSS_TYPE_IBSS); 2651 bool is_ibss = (wlvif->bss_type == BSS_TYPE_IBSS);
@@ -2489,18 +2665,111 @@ static int wl1271_join(struct wl1271 *wl, struct wl12xx_vif *wlvif,
2489 /* clear encryption type */ 2665 /* clear encryption type */
2490 wlvif->encryption_type = KEY_NONE; 2666 wlvif->encryption_type = KEY_NONE;
2491 2667
2492 if (set_assoc)
2493 set_bit(WLVIF_FLAG_STA_ASSOCIATED, &wlvif->flags);
2494
2495 if (is_ibss) 2668 if (is_ibss)
2496 ret = wl12xx_cmd_role_start_ibss(wl, wlvif); 2669 ret = wl12xx_cmd_role_start_ibss(wl, wlvif);
2497 else 2670 else {
2671 if (wl->quirks & WLCORE_QUIRK_START_STA_FAILS) {
2672 /*
2673 * TODO: this is an ugly workaround for wl12xx fw
2674 * bug - we are not able to tx/rx after the first
2675 * start_sta, so make dummy start+stop calls,
2676 * and then call start_sta again.
2677 * this should be fixed in the fw.
2678 */
2679 wl12xx_cmd_role_start_sta(wl, wlvif);
2680 wl12xx_cmd_role_stop_sta(wl, wlvif);
2681 }
2682
2498 ret = wl12xx_cmd_role_start_sta(wl, wlvif); 2683 ret = wl12xx_cmd_role_start_sta(wl, wlvif);
2684 }
2685
2686 return ret;
2687}
2688
2689static int wl1271_ssid_set(struct wl12xx_vif *wlvif, struct sk_buff *skb,
2690 int offset)
2691{
2692 u8 ssid_len;
2693 const u8 *ptr = cfg80211_find_ie(WLAN_EID_SSID, skb->data + offset,
2694 skb->len - offset);
2695
2696 if (!ptr) {
2697 wl1271_error("No SSID in IEs!");
2698 return -ENOENT;
2699 }
2700
2701 ssid_len = ptr[1];
2702 if (ssid_len > IEEE80211_MAX_SSID_LEN) {
2703 wl1271_error("SSID is too long!");
2704 return -EINVAL;
2705 }
2706
2707 wlvif->ssid_len = ssid_len;
2708 memcpy(wlvif->ssid, ptr+2, ssid_len);
2709 return 0;
2710}
2711
2712static int wlcore_set_ssid(struct wl1271 *wl, struct wl12xx_vif *wlvif)
2713{
2714 struct ieee80211_vif *vif = wl12xx_wlvif_to_vif(wlvif);
2715 struct sk_buff *skb;
2716 int ieoffset;
2717
2718 /* we currently only support setting the ssid from the ap probe req */
2719 if (wlvif->bss_type != BSS_TYPE_STA_BSS)
2720 return -EINVAL;
2721
2722 skb = ieee80211_ap_probereq_get(wl->hw, vif);
2723 if (!skb)
2724 return -EINVAL;
2725
2726 ieoffset = offsetof(struct ieee80211_mgmt,
2727 u.probe_req.variable);
2728 wl1271_ssid_set(wlvif, skb, ieoffset);
2729 dev_kfree_skb(skb);
2730
2731 return 0;
2732}
2733
2734static int wlcore_set_assoc(struct wl1271 *wl, struct wl12xx_vif *wlvif,
2735 struct ieee80211_bss_conf *bss_conf,
2736 u32 sta_rate_set)
2737{
2738 int ieoffset;
2739 int ret;
2740
2741 wlvif->aid = bss_conf->aid;
2742 wlvif->channel_type = cfg80211_get_chandef_type(&bss_conf->chandef);
2743 wlvif->beacon_int = bss_conf->beacon_int;
2744 wlvif->wmm_enabled = bss_conf->qos;
2745
2746 set_bit(WLVIF_FLAG_STA_ASSOCIATED, &wlvif->flags);
2747
2748 /*
2749 * with wl1271, we don't need to update the
2750 * beacon_int and dtim_period, because the firmware
2751 * updates it by itself when the first beacon is
2752 * received after a join.
2753 */
2754 ret = wl1271_cmd_build_ps_poll(wl, wlvif, wlvif->aid);
2499 if (ret < 0) 2755 if (ret < 0)
2500 goto out; 2756 return ret;
2501 2757
2502 if (!test_bit(WLVIF_FLAG_STA_ASSOCIATED, &wlvif->flags)) 2758 /*
2503 goto out; 2759 * Get a template for hardware connection maintenance
2760 */
2761 dev_kfree_skb(wlvif->probereq);
2762 wlvif->probereq = wl1271_cmd_build_ap_probe_req(wl,
2763 wlvif,
2764 NULL);
2765 ieoffset = offsetof(struct ieee80211_mgmt,
2766 u.probe_req.variable);
2767 wl1271_ssid_set(wlvif, wlvif->probereq, ieoffset);
2768
2769 /* enable the connection monitoring feature */
2770 ret = wl1271_acx_conn_monit_params(wl, wlvif, true);
2771 if (ret < 0)
2772 return ret;
2504 2773
2505 /* 2774 /*
2506 * The join command disable the keep-alive mode, shut down its process, 2775 * The join command disable the keep-alive mode, shut down its process,
@@ -2510,35 +2779,83 @@ static int wl1271_join(struct wl1271 *wl, struct wl12xx_vif *wlvif,
2510 */ 2779 */
2511 ret = wl1271_acx_keep_alive_mode(wl, wlvif, true); 2780 ret = wl1271_acx_keep_alive_mode(wl, wlvif, true);
2512 if (ret < 0) 2781 if (ret < 0)
2513 goto out; 2782 return ret;
2514 2783
2515 ret = wl1271_acx_aid(wl, wlvif, wlvif->aid); 2784 ret = wl1271_acx_aid(wl, wlvif, wlvif->aid);
2516 if (ret < 0) 2785 if (ret < 0)
2517 goto out; 2786 return ret;
2518 2787
2519 ret = wl12xx_cmd_build_klv_null_data(wl, wlvif); 2788 ret = wl12xx_cmd_build_klv_null_data(wl, wlvif);
2520 if (ret < 0) 2789 if (ret < 0)
2521 goto out; 2790 return ret;
2522 2791
2523 ret = wl1271_acx_keep_alive_config(wl, wlvif, 2792 ret = wl1271_acx_keep_alive_config(wl, wlvif,
2524 wlvif->sta.klv_template_id, 2793 wlvif->sta.klv_template_id,
2525 ACX_KEEP_ALIVE_TPL_VALID); 2794 ACX_KEEP_ALIVE_TPL_VALID);
2526 if (ret < 0) 2795 if (ret < 0)
2527 goto out; 2796 return ret;
2797
2798 /*
2799 * The default fw psm configuration is AUTO, while mac80211 default
2800 * setting is off (ACTIVE), so sync the fw with the correct value.
2801 */
2802 ret = wl1271_ps_set_mode(wl, wlvif, STATION_ACTIVE_MODE);
2803 if (ret < 0)
2804 return ret;
2805
2806 if (sta_rate_set) {
2807 wlvif->rate_set =
2808 wl1271_tx_enabled_rates_get(wl,
2809 sta_rate_set,
2810 wlvif->band);
2811 ret = wl1271_acx_sta_rate_policies(wl, wlvif);
2812 if (ret < 0)
2813 return ret;
2814 }
2528 2815
2529out:
2530 return ret; 2816 return ret;
2531} 2817}
2532 2818
2533static int wl1271_unjoin(struct wl1271 *wl, struct wl12xx_vif *wlvif) 2819static int wlcore_unset_assoc(struct wl1271 *wl, struct wl12xx_vif *wlvif)
2534{ 2820{
2535 int ret; 2821 int ret;
2822 bool sta = wlvif->bss_type == BSS_TYPE_STA_BSS;
2823
2824 /* make sure we are connected (sta) joined */
2825 if (sta &&
2826 !test_and_clear_bit(WLVIF_FLAG_STA_ASSOCIATED, &wlvif->flags))
2827 return false;
2828
2829 /* make sure we are joined (ibss) */
2830 if (!sta &&
2831 test_and_clear_bit(WLVIF_FLAG_IBSS_JOINED, &wlvif->flags))
2832 return false;
2833
2834 if (sta) {
2835 /* use defaults when not associated */
2836 wlvif->aid = 0;
2837
2838 /* free probe-request template */
2839 dev_kfree_skb(wlvif->probereq);
2840 wlvif->probereq = NULL;
2841
2842 /* disable connection monitor features */
2843 ret = wl1271_acx_conn_monit_params(wl, wlvif, false);
2844 if (ret < 0)
2845 return ret;
2846
2847 /* Disable the keep-alive feature */
2848 ret = wl1271_acx_keep_alive_mode(wl, wlvif, false);
2849 if (ret < 0)
2850 return ret;
2851 }
2536 2852
2537 if (test_and_clear_bit(WLVIF_FLAG_CS_PROGRESS, &wlvif->flags)) { 2853 if (test_and_clear_bit(WLVIF_FLAG_CS_PROGRESS, &wlvif->flags)) {
2538 struct ieee80211_vif *vif = wl12xx_wlvif_to_vif(wlvif); 2854 struct ieee80211_vif *vif = wl12xx_wlvif_to_vif(wlvif);
2539 2855
2540 wl12xx_cmd_stop_channel_switch(wl); 2856 wl12xx_cmd_stop_channel_switch(wl, wlvif);
2541 ieee80211_chswitch_done(vif, false); 2857 ieee80211_chswitch_done(vif, false);
2858 cancel_delayed_work(&wlvif->channel_switch_work);
2542 } 2859 }
2543 2860
2544 /* invalidate keep-alive template */ 2861 /* invalidate keep-alive template */
@@ -2546,17 +2863,11 @@ static int wl1271_unjoin(struct wl1271 *wl, struct wl12xx_vif *wlvif)
2546 wlvif->sta.klv_template_id, 2863 wlvif->sta.klv_template_id,
2547 ACX_KEEP_ALIVE_TPL_INVALID); 2864 ACX_KEEP_ALIVE_TPL_INVALID);
2548 2865
2549 /* to stop listening to a channel, we disconnect */
2550 ret = wl12xx_cmd_role_stop_sta(wl, wlvif);
2551 if (ret < 0)
2552 goto out;
2553
2554 /* reset TX security counters on a clean disconnect */ 2866 /* reset TX security counters on a clean disconnect */
2555 wlvif->tx_security_last_seq_lsb = 0; 2867 wlvif->tx_security_last_seq_lsb = 0;
2556 wlvif->tx_security_seq = 0; 2868 wlvif->tx_security_seq = 0;
2557 2869
2558out: 2870 return 0;
2559 return ret;
2560} 2871}
2561 2872
2562static void wl1271_set_band_rate(struct wl1271 *wl, struct wl12xx_vif *wlvif) 2873static void wl1271_set_band_rate(struct wl1271 *wl, struct wl12xx_vif *wlvif)
@@ -2565,147 +2876,10 @@ static void wl1271_set_band_rate(struct wl1271 *wl, struct wl12xx_vif *wlvif)
2565 wlvif->rate_set = wlvif->basic_rate_set; 2876 wlvif->rate_set = wlvif->basic_rate_set;
2566} 2877}
2567 2878
2568static int wl1271_sta_handle_idle(struct wl1271 *wl, struct wl12xx_vif *wlvif,
2569 bool idle)
2570{
2571 int ret;
2572 bool cur_idle = !test_bit(WLVIF_FLAG_IN_USE, &wlvif->flags);
2573
2574 if (idle == cur_idle)
2575 return 0;
2576
2577 if (idle) {
2578 /* no need to croc if we weren't busy (e.g. during boot) */
2579 if (wl12xx_dev_role_started(wlvif)) {
2580 ret = wl12xx_stop_dev(wl, wlvif);
2581 if (ret < 0)
2582 goto out;
2583 }
2584 wlvif->rate_set =
2585 wl1271_tx_min_rate_get(wl, wlvif->basic_rate_set);
2586 ret = wl1271_acx_sta_rate_policies(wl, wlvif);
2587 if (ret < 0)
2588 goto out;
2589 clear_bit(WLVIF_FLAG_IN_USE, &wlvif->flags);
2590 } else {
2591 /* The current firmware only supports sched_scan in idle */
2592 if (wl->sched_scanning) {
2593 wl1271_scan_sched_scan_stop(wl, wlvif);
2594 ieee80211_sched_scan_stopped(wl->hw);
2595 }
2596
2597 ret = wl12xx_start_dev(wl, wlvif);
2598 if (ret < 0)
2599 goto out;
2600 set_bit(WLVIF_FLAG_IN_USE, &wlvif->flags);
2601 }
2602
2603out:
2604 return ret;
2605}
2606
2607static int wl12xx_config_vif(struct wl1271 *wl, struct wl12xx_vif *wlvif, 2879static int wl12xx_config_vif(struct wl1271 *wl, struct wl12xx_vif *wlvif,
2608 struct ieee80211_conf *conf, u32 changed) 2880 struct ieee80211_conf *conf, u32 changed)
2609{ 2881{
2610 bool is_ap = (wlvif->bss_type == BSS_TYPE_AP_BSS); 2882 int ret;
2611 int channel, ret;
2612
2613 channel = ieee80211_frequency_to_channel(conf->channel->center_freq);
2614
2615 /* if the channel changes while joined, join again */
2616 if (changed & IEEE80211_CONF_CHANGE_CHANNEL &&
2617 ((wlvif->band != conf->channel->band) ||
2618 (wlvif->channel != channel) ||
2619 (wlvif->channel_type != conf->channel_type))) {
2620 /* send all pending packets */
2621 ret = wlcore_tx_work_locked(wl);
2622 if (ret < 0)
2623 return ret;
2624
2625 wlvif->band = conf->channel->band;
2626 wlvif->channel = channel;
2627 wlvif->channel_type = conf->channel_type;
2628
2629 if (is_ap) {
2630 wl1271_set_band_rate(wl, wlvif);
2631 ret = wl1271_init_ap_rates(wl, wlvif);
2632 if (ret < 0)
2633 wl1271_error("AP rate policy change failed %d",
2634 ret);
2635 } else {
2636 /*
2637 * FIXME: the mac80211 should really provide a fixed
2638 * rate to use here. for now, just use the smallest
2639 * possible rate for the band as a fixed rate for
2640 * association frames and other control messages.
2641 */
2642 if (!test_bit(WLVIF_FLAG_STA_ASSOCIATED, &wlvif->flags))
2643 wl1271_set_band_rate(wl, wlvif);
2644
2645 wlvif->basic_rate =
2646 wl1271_tx_min_rate_get(wl,
2647 wlvif->basic_rate_set);
2648 ret = wl1271_acx_sta_rate_policies(wl, wlvif);
2649 if (ret < 0)
2650 wl1271_warning("rate policy for channel "
2651 "failed %d", ret);
2652
2653 /*
2654 * change the ROC channel. do it only if we are
2655 * not idle. otherwise, CROC will be called
2656 * anyway.
2657 */
2658 if (!test_bit(WLVIF_FLAG_STA_ASSOCIATED,
2659 &wlvif->flags) &&
2660 wl12xx_dev_role_started(wlvif) &&
2661 !(conf->flags & IEEE80211_CONF_IDLE)) {
2662 ret = wl12xx_stop_dev(wl, wlvif);
2663 if (ret < 0)
2664 return ret;
2665
2666 ret = wl12xx_start_dev(wl, wlvif);
2667 if (ret < 0)
2668 return ret;
2669 }
2670 }
2671 }
2672
2673 if ((changed & IEEE80211_CONF_CHANGE_PS) && !is_ap) {
2674
2675 if ((conf->flags & IEEE80211_CONF_PS) &&
2676 test_bit(WLVIF_FLAG_STA_ASSOCIATED, &wlvif->flags) &&
2677 !test_bit(WLVIF_FLAG_IN_PS, &wlvif->flags)) {
2678
2679 int ps_mode;
2680 char *ps_mode_str;
2681
2682 if (wl->conf.conn.forced_ps) {
2683 ps_mode = STATION_POWER_SAVE_MODE;
2684 ps_mode_str = "forced";
2685 } else {
2686 ps_mode = STATION_AUTO_PS_MODE;
2687 ps_mode_str = "auto";
2688 }
2689
2690 wl1271_debug(DEBUG_PSM, "%s ps enabled", ps_mode_str);
2691
2692 ret = wl1271_ps_set_mode(wl, wlvif, ps_mode);
2693
2694 if (ret < 0)
2695 wl1271_warning("enter %s ps failed %d",
2696 ps_mode_str, ret);
2697
2698 } else if (!(conf->flags & IEEE80211_CONF_PS) &&
2699 test_bit(WLVIF_FLAG_IN_PS, &wlvif->flags)) {
2700
2701 wl1271_debug(DEBUG_PSM, "auto ps disabled");
2702
2703 ret = wl1271_ps_set_mode(wl, wlvif,
2704 STATION_ACTIVE_MODE);
2705 if (ret < 0)
2706 wl1271_warning("exit auto ps failed %d", ret);
2707 }
2708 }
2709 2883
2710 if (conf->power_level != wlvif->power_level) { 2884 if (conf->power_level != wlvif->power_level) {
2711 ret = wl1271_acx_tx_power(wl, wlvif, conf->power_level); 2885 ret = wl1271_acx_tx_power(wl, wlvif, conf->power_level);
@@ -2723,37 +2897,17 @@ static int wl1271_op_config(struct ieee80211_hw *hw, u32 changed)
2723 struct wl1271 *wl = hw->priv; 2897 struct wl1271 *wl = hw->priv;
2724 struct wl12xx_vif *wlvif; 2898 struct wl12xx_vif *wlvif;
2725 struct ieee80211_conf *conf = &hw->conf; 2899 struct ieee80211_conf *conf = &hw->conf;
2726 int channel, ret = 0; 2900 int ret = 0;
2727
2728 channel = ieee80211_frequency_to_channel(conf->channel->center_freq);
2729 2901
2730 wl1271_debug(DEBUG_MAC80211, "mac80211 config ch %d psm %s power %d %s" 2902 wl1271_debug(DEBUG_MAC80211, "mac80211 config psm %s power %d %s"
2731 " changed 0x%x", 2903 " changed 0x%x",
2732 channel,
2733 conf->flags & IEEE80211_CONF_PS ? "on" : "off", 2904 conf->flags & IEEE80211_CONF_PS ? "on" : "off",
2734 conf->power_level, 2905 conf->power_level,
2735 conf->flags & IEEE80211_CONF_IDLE ? "idle" : "in use", 2906 conf->flags & IEEE80211_CONF_IDLE ? "idle" : "in use",
2736 changed); 2907 changed);
2737 2908
2738 /*
2739 * mac80211 will go to idle nearly immediately after transmitting some
2740 * frames, such as the deauth. To make sure those frames reach the air,
2741 * wait here until the TX queue is fully flushed.
2742 */
2743 if ((changed & IEEE80211_CONF_CHANGE_CHANNEL) ||
2744 ((changed & IEEE80211_CONF_CHANGE_IDLE) &&
2745 (conf->flags & IEEE80211_CONF_IDLE)))
2746 wl1271_tx_flush(wl);
2747
2748 mutex_lock(&wl->mutex); 2909 mutex_lock(&wl->mutex);
2749 2910
2750 /* we support configuring the channel and band even while off */
2751 if (changed & IEEE80211_CONF_CHANGE_CHANNEL) {
2752 wl->band = conf->channel->band;
2753 wl->channel = channel;
2754 wl->channel_type = conf->channel_type;
2755 }
2756
2757 if (changed & IEEE80211_CONF_CHANGE_POWER) 2911 if (changed & IEEE80211_CONF_CHANGE_POWER)
2758 wl->power_level = conf->power_level; 2912 wl->power_level = conf->power_level;
2759 2913
@@ -3073,10 +3227,7 @@ static int wlcore_op_set_key(struct ieee80211_hw *hw, enum set_key_cmd cmd,
3073 * stop the queues and flush to ensure the next packets are 3227 * stop the queues and flush to ensure the next packets are
3074 * in sync with FW spare block accounting 3228 * in sync with FW spare block accounting
3075 */ 3229 */
3076 mutex_lock(&wl->mutex);
3077 wlcore_stop_queues(wl, WLCORE_QUEUE_STOP_REASON_SPARE_BLK); 3230 wlcore_stop_queues(wl, WLCORE_QUEUE_STOP_REASON_SPARE_BLK);
3078 mutex_unlock(&wl->mutex);
3079
3080 wl1271_tx_flush(wl); 3231 wl1271_tx_flush(wl);
3081 } 3232 }
3082 3233
@@ -3202,6 +3353,29 @@ int wlcore_set_key(struct wl1271 *wl, enum set_key_cmd cmd,
3202} 3353}
3203EXPORT_SYMBOL_GPL(wlcore_set_key); 3354EXPORT_SYMBOL_GPL(wlcore_set_key);
3204 3355
3356void wlcore_regdomain_config(struct wl1271 *wl)
3357{
3358 int ret;
3359
3360 if (!(wl->quirks & WLCORE_QUIRK_REGDOMAIN_CONF))
3361 return;
3362
3363 mutex_lock(&wl->mutex);
3364 ret = wl1271_ps_elp_wakeup(wl);
3365 if (ret < 0)
3366 goto out;
3367
3368 ret = wlcore_cmd_regdomain_config_locked(wl);
3369 if (ret < 0) {
3370 wl12xx_queue_recovery_work(wl);
3371 goto out;
3372 }
3373
3374 wl1271_ps_elp_sleep(wl);
3375out:
3376 mutex_unlock(&wl->mutex);
3377}
3378
3205static int wl1271_op_hw_scan(struct ieee80211_hw *hw, 3379static int wl1271_op_hw_scan(struct ieee80211_hw *hw,
3206 struct ieee80211_vif *vif, 3380 struct ieee80211_vif *vif,
3207 struct cfg80211_scan_request *req) 3381 struct cfg80211_scan_request *req)
@@ -3241,7 +3415,7 @@ static int wl1271_op_hw_scan(struct ieee80211_hw *hw,
3241 goto out_sleep; 3415 goto out_sleep;
3242 } 3416 }
3243 3417
3244 ret = wl1271_scan(hw->priv, vif, ssid, len, req); 3418 ret = wlcore_scan(hw->priv, vif, ssid, len, req);
3245out_sleep: 3419out_sleep:
3246 wl1271_ps_elp_sleep(wl); 3420 wl1271_ps_elp_sleep(wl);
3247out: 3421out:
@@ -3254,6 +3428,7 @@ static void wl1271_op_cancel_hw_scan(struct ieee80211_hw *hw,
3254 struct ieee80211_vif *vif) 3428 struct ieee80211_vif *vif)
3255{ 3429{
3256 struct wl1271 *wl = hw->priv; 3430 struct wl1271 *wl = hw->priv;
3431 struct wl12xx_vif *wlvif = wl12xx_vif_to_data(vif);
3257 int ret; 3432 int ret;
3258 3433
3259 wl1271_debug(DEBUG_MAC80211, "mac80211 cancel hw scan"); 3434 wl1271_debug(DEBUG_MAC80211, "mac80211 cancel hw scan");
@@ -3271,7 +3446,7 @@ static void wl1271_op_cancel_hw_scan(struct ieee80211_hw *hw,
3271 goto out; 3446 goto out;
3272 3447
3273 if (wl->scan.state != WL1271_SCAN_STATE_DONE) { 3448 if (wl->scan.state != WL1271_SCAN_STATE_DONE) {
3274 ret = wl1271_scan_stop(wl); 3449 ret = wl->ops->scan_stop(wl, wlvif);
3275 if (ret < 0) 3450 if (ret < 0)
3276 goto out_sleep; 3451 goto out_sleep;
3277 } 3452 }
@@ -3284,7 +3459,7 @@ static void wl1271_op_cancel_hw_scan(struct ieee80211_hw *hw,
3284 3459
3285 wl->scan.state = WL1271_SCAN_STATE_IDLE; 3460 wl->scan.state = WL1271_SCAN_STATE_IDLE;
3286 memset(wl->scan.scanned_ch, 0, sizeof(wl->scan.scanned_ch)); 3461 memset(wl->scan.scanned_ch, 0, sizeof(wl->scan.scanned_ch));
3287 wl->scan_vif = NULL; 3462 wl->scan_wlvif = NULL;
3288 wl->scan.req = NULL; 3463 wl->scan.req = NULL;
3289 ieee80211_scan_completed(wl->hw, true); 3464 ieee80211_scan_completed(wl->hw, true);
3290 3465
@@ -3318,15 +3493,11 @@ static int wl1271_op_sched_scan_start(struct ieee80211_hw *hw,
3318 if (ret < 0) 3493 if (ret < 0)
3319 goto out; 3494 goto out;
3320 3495
3321 ret = wl1271_scan_sched_scan_config(wl, wlvif, req, ies); 3496 ret = wl->ops->sched_scan_start(wl, wlvif, req, ies);
3322 if (ret < 0) 3497 if (ret < 0)
3323 goto out_sleep; 3498 goto out_sleep;
3324 3499
3325 ret = wl1271_scan_sched_scan_start(wl, wlvif); 3500 wl->sched_vif = wlvif;
3326 if (ret < 0)
3327 goto out_sleep;
3328
3329 wl->sched_scanning = true;
3330 3501
3331out_sleep: 3502out_sleep:
3332 wl1271_ps_elp_sleep(wl); 3503 wl1271_ps_elp_sleep(wl);
@@ -3353,7 +3524,7 @@ static void wl1271_op_sched_scan_stop(struct ieee80211_hw *hw,
3353 if (ret < 0) 3524 if (ret < 0)
3354 goto out; 3525 goto out;
3355 3526
3356 wl1271_scan_sched_scan_stop(wl, wlvif); 3527 wl->ops->sched_scan_stop(wl, wlvif);
3357 3528
3358 wl1271_ps_elp_sleep(wl); 3529 wl1271_ps_elp_sleep(wl);
3359out: 3530out:
@@ -3418,30 +3589,6 @@ out:
3418 return ret; 3589 return ret;
3419} 3590}
3420 3591
3421static int wl1271_ssid_set(struct ieee80211_vif *vif, struct sk_buff *skb,
3422 int offset)
3423{
3424 struct wl12xx_vif *wlvif = wl12xx_vif_to_data(vif);
3425 u8 ssid_len;
3426 const u8 *ptr = cfg80211_find_ie(WLAN_EID_SSID, skb->data + offset,
3427 skb->len - offset);
3428
3429 if (!ptr) {
3430 wl1271_error("No SSID in IEs!");
3431 return -ENOENT;
3432 }
3433
3434 ssid_len = ptr[1];
3435 if (ssid_len > IEEE80211_MAX_SSID_LEN) {
3436 wl1271_error("SSID is too long!");
3437 return -EINVAL;
3438 }
3439
3440 wlvif->ssid_len = ssid_len;
3441 memcpy(wlvif->ssid, ptr+2, ssid_len);
3442 return 0;
3443}
3444
3445static void wl12xx_remove_ie(struct sk_buff *skb, u8 eid, int ieoffset) 3592static void wl12xx_remove_ie(struct sk_buff *skb, u8 eid, int ieoffset)
3446{ 3593{
3447 int len; 3594 int len;
@@ -3622,7 +3769,7 @@ static int wlcore_set_beacon_template(struct wl1271 *wl,
3622 3769
3623 wl1271_debug(DEBUG_MASTER, "beacon updated"); 3770 wl1271_debug(DEBUG_MASTER, "beacon updated");
3624 3771
3625 ret = wl1271_ssid_set(vif, beacon, ieoffset); 3772 ret = wl1271_ssid_set(wlvif, beacon, ieoffset);
3626 if (ret < 0) { 3773 if (ret < 0) {
3627 dev_kfree_skb(beacon); 3774 dev_kfree_skb(beacon);
3628 goto out; 3775 goto out;
@@ -3639,6 +3786,12 @@ static int wlcore_set_beacon_template(struct wl1271 *wl,
3639 goto out; 3786 goto out;
3640 } 3787 }
3641 3788
3789 wlvif->wmm_enabled =
3790 cfg80211_find_vendor_ie(WLAN_OUI_MICROSOFT,
3791 WLAN_OUI_TYPE_MICROSOFT_WMM,
3792 beacon->data + ieoffset,
3793 beacon->len - ieoffset);
3794
3642 /* 3795 /*
3643 * In case we already have a probe-resp beacon set explicitly 3796 * In case we already have a probe-resp beacon set explicitly
3644 * by usermode, don't use the beacon data. 3797 * by usermode, don't use the beacon data.
@@ -3692,7 +3845,7 @@ static int wl1271_bss_beacon_info_changed(struct wl1271 *wl,
3692 bool is_ap = (wlvif->bss_type == BSS_TYPE_AP_BSS); 3845 bool is_ap = (wlvif->bss_type == BSS_TYPE_AP_BSS);
3693 int ret = 0; 3846 int ret = 0;
3694 3847
3695 if ((changed & BSS_CHANGED_BEACON_INT)) { 3848 if (changed & BSS_CHANGED_BEACON_INT) {
3696 wl1271_debug(DEBUG_MASTER, "beacon interval updated: %d", 3849 wl1271_debug(DEBUG_MASTER, "beacon interval updated: %d",
3697 bss_conf->beacon_int); 3850 bss_conf->beacon_int);
3698 3851
@@ -3705,7 +3858,7 @@ static int wl1271_bss_beacon_info_changed(struct wl1271 *wl,
3705 wl1271_ap_set_probe_resp_tmpl(wl, rate, vif); 3858 wl1271_ap_set_probe_resp_tmpl(wl, rate, vif);
3706 } 3859 }
3707 3860
3708 if ((changed & BSS_CHANGED_BEACON)) { 3861 if (changed & BSS_CHANGED_BEACON) {
3709 ret = wlcore_set_beacon_template(wl, vif, is_ap); 3862 ret = wlcore_set_beacon_template(wl, vif, is_ap);
3710 if (ret < 0) 3863 if (ret < 0)
3711 goto out; 3864 goto out;
@@ -3726,7 +3879,7 @@ static void wl1271_bss_info_changed_ap(struct wl1271 *wl,
3726 struct wl12xx_vif *wlvif = wl12xx_vif_to_data(vif); 3879 struct wl12xx_vif *wlvif = wl12xx_vif_to_data(vif);
3727 int ret = 0; 3880 int ret = 0;
3728 3881
3729 if ((changed & BSS_CHANGED_BASIC_RATES)) { 3882 if (changed & BSS_CHANGED_BASIC_RATES) {
3730 u32 rates = bss_conf->basic_rates; 3883 u32 rates = bss_conf->basic_rates;
3731 3884
3732 wlvif->basic_rate_set = wl1271_tx_enabled_rates_get(wl, rates, 3885 wlvif->basic_rate_set = wl1271_tx_enabled_rates_get(wl, rates,
@@ -3757,7 +3910,7 @@ static void wl1271_bss_info_changed_ap(struct wl1271 *wl,
3757 if (ret < 0) 3910 if (ret < 0)
3758 goto out; 3911 goto out;
3759 3912
3760 if ((changed & BSS_CHANGED_BEACON_ENABLED)) { 3913 if (changed & BSS_CHANGED_BEACON_ENABLED) {
3761 if (bss_conf->enable_beacon) { 3914 if (bss_conf->enable_beacon) {
3762 if (!test_bit(WLVIF_FLAG_AP_STARTED, &wlvif->flags)) { 3915 if (!test_bit(WLVIF_FLAG_AP_STARTED, &wlvif->flags)) {
3763 ret = wl12xx_cmd_role_start_ap(wl, wlvif); 3916 ret = wl12xx_cmd_role_start_ap(wl, wlvif);
@@ -3804,6 +3957,79 @@ out:
3804 return; 3957 return;
3805} 3958}
3806 3959
3960static int wlcore_set_bssid(struct wl1271 *wl, struct wl12xx_vif *wlvif,
3961 struct ieee80211_bss_conf *bss_conf,
3962 u32 sta_rate_set)
3963{
3964 u32 rates;
3965 int ret;
3966
3967 wl1271_debug(DEBUG_MAC80211,
3968 "changed_bssid: %pM, aid: %d, bcn_int: %d, brates: 0x%x sta_rate_set: 0x%x",
3969 bss_conf->bssid, bss_conf->aid,
3970 bss_conf->beacon_int,
3971 bss_conf->basic_rates, sta_rate_set);
3972
3973 wlvif->beacon_int = bss_conf->beacon_int;
3974 rates = bss_conf->basic_rates;
3975 wlvif->basic_rate_set =
3976 wl1271_tx_enabled_rates_get(wl, rates,
3977 wlvif->band);
3978 wlvif->basic_rate =
3979 wl1271_tx_min_rate_get(wl,
3980 wlvif->basic_rate_set);
3981
3982 if (sta_rate_set)
3983 wlvif->rate_set =
3984 wl1271_tx_enabled_rates_get(wl,
3985 sta_rate_set,
3986 wlvif->band);
3987
3988 /* we only support sched_scan while not connected */
3989 if (wl->sched_vif == wlvif)
3990 wl->ops->sched_scan_stop(wl, wlvif);
3991
3992 ret = wl1271_acx_sta_rate_policies(wl, wlvif);
3993 if (ret < 0)
3994 return ret;
3995
3996 ret = wl12xx_cmd_build_null_data(wl, wlvif);
3997 if (ret < 0)
3998 return ret;
3999
4000 ret = wl1271_build_qos_null_data(wl, wl12xx_wlvif_to_vif(wlvif));
4001 if (ret < 0)
4002 return ret;
4003
4004 wlcore_set_ssid(wl, wlvif);
4005
4006 set_bit(WLVIF_FLAG_IN_USE, &wlvif->flags);
4007
4008 return 0;
4009}
4010
4011static int wlcore_clear_bssid(struct wl1271 *wl, struct wl12xx_vif *wlvif)
4012{
4013 int ret;
4014
4015 /* revert back to minimum rates for the current band */
4016 wl1271_set_band_rate(wl, wlvif);
4017 wlvif->basic_rate = wl1271_tx_min_rate_get(wl, wlvif->basic_rate_set);
4018
4019 ret = wl1271_acx_sta_rate_policies(wl, wlvif);
4020 if (ret < 0)
4021 return ret;
4022
4023 if (wlvif->bss_type == BSS_TYPE_STA_BSS &&
4024 test_bit(WLVIF_FLAG_IN_USE, &wlvif->flags)) {
4025 ret = wl12xx_cmd_role_stop_sta(wl, wlvif);
4026 if (ret < 0)
4027 return ret;
4028 }
4029
4030 clear_bit(WLVIF_FLAG_IN_USE, &wlvif->flags);
4031 return 0;
4032}
3807/* STA/IBSS mode changes */ 4033/* STA/IBSS mode changes */
3808static void wl1271_bss_info_changed_sta(struct wl1271 *wl, 4034static void wl1271_bss_info_changed_sta(struct wl1271 *wl,
3809 struct ieee80211_vif *vif, 4035 struct ieee80211_vif *vif,
@@ -3811,7 +4037,7 @@ static void wl1271_bss_info_changed_sta(struct wl1271 *wl,
3811 u32 changed) 4037 u32 changed)
3812{ 4038{
3813 struct wl12xx_vif *wlvif = wl12xx_vif_to_data(vif); 4039 struct wl12xx_vif *wlvif = wl12xx_vif_to_data(vif);
3814 bool do_join = false, set_assoc = false; 4040 bool do_join = false;
3815 bool is_ibss = (wlvif->bss_type == BSS_TYPE_IBSS); 4041 bool is_ibss = (wlvif->bss_type == BSS_TYPE_IBSS);
3816 bool ibss_joined = false; 4042 bool ibss_joined = false;
3817 u32 sta_rate_set = 0; 4043 u32 sta_rate_set = 0;
@@ -3832,9 +4058,8 @@ static void wl1271_bss_info_changed_sta(struct wl1271 *wl,
3832 set_bit(WLVIF_FLAG_IBSS_JOINED, &wlvif->flags); 4058 set_bit(WLVIF_FLAG_IBSS_JOINED, &wlvif->flags);
3833 ibss_joined = true; 4059 ibss_joined = true;
3834 } else { 4060 } else {
3835 if (test_and_clear_bit(WLVIF_FLAG_IBSS_JOINED, 4061 wlcore_unset_assoc(wl, wlvif);
3836 &wlvif->flags)) 4062 wl12xx_cmd_role_stop_sta(wl, wlvif);
3837 wl1271_unjoin(wl, wlvif);
3838 } 4063 }
3839 } 4064 }
3840 4065
@@ -3852,13 +4077,7 @@ static void wl1271_bss_info_changed_sta(struct wl1271 *wl,
3852 do_join = true; 4077 do_join = true;
3853 } 4078 }
3854 4079
3855 if (changed & BSS_CHANGED_IDLE && !is_ibss) { 4080 if (changed & BSS_CHANGED_CQM) {
3856 ret = wl1271_sta_handle_idle(wl, wlvif, bss_conf->idle);
3857 if (ret < 0)
3858 wl1271_warning("idle mode change failed %d", ret);
3859 }
3860
3861 if ((changed & BSS_CHANGED_CQM)) {
3862 bool enable = false; 4081 bool enable = false;
3863 if (bss_conf->cqm_rssi_thold) 4082 if (bss_conf->cqm_rssi_thold)
3864 enable = true; 4083 enable = true;
@@ -3870,150 +4089,39 @@ static void wl1271_bss_info_changed_sta(struct wl1271 *wl,
3870 wlvif->rssi_thold = bss_conf->cqm_rssi_thold; 4089 wlvif->rssi_thold = bss_conf->cqm_rssi_thold;
3871 } 4090 }
3872 4091
3873 if (changed & BSS_CHANGED_BSSID) 4092 if (changed & (BSS_CHANGED_BSSID | BSS_CHANGED_HT |
3874 if (!is_zero_ether_addr(bss_conf->bssid)) { 4093 BSS_CHANGED_ASSOC)) {
3875 ret = wl12xx_cmd_build_null_data(wl, wlvif);
3876 if (ret < 0)
3877 goto out;
3878
3879 ret = wl1271_build_qos_null_data(wl, vif);
3880 if (ret < 0)
3881 goto out;
3882 }
3883
3884 if (changed & (BSS_CHANGED_ASSOC | BSS_CHANGED_HT)) {
3885 rcu_read_lock(); 4094 rcu_read_lock();
3886 sta = ieee80211_find_sta(vif, bss_conf->bssid); 4095 sta = ieee80211_find_sta(vif, bss_conf->bssid);
3887 if (!sta) 4096 if (sta) {
3888 goto sta_not_found; 4097 u8 *rx_mask = sta->ht_cap.mcs.rx_mask;
3889 4098
3890 /* save the supp_rates of the ap */ 4099 /* save the supp_rates of the ap */
3891 sta_rate_set = sta->supp_rates[wl->hw->conf.channel->band]; 4100 sta_rate_set = sta->supp_rates[wlvif->band];
3892 if (sta->ht_cap.ht_supported) 4101 if (sta->ht_cap.ht_supported)
3893 sta_rate_set |= 4102 sta_rate_set |=
3894 (sta->ht_cap.mcs.rx_mask[0] << HW_HT_RATES_OFFSET) | 4103 (rx_mask[0] << HW_HT_RATES_OFFSET) |
3895 (sta->ht_cap.mcs.rx_mask[1] << HW_MIMO_RATES_OFFSET); 4104 (rx_mask[1] << HW_MIMO_RATES_OFFSET);
3896 sta_ht_cap = sta->ht_cap; 4105 sta_ht_cap = sta->ht_cap;
3897 sta_exists = true; 4106 sta_exists = true;
3898 4107 }
3899sta_not_found: 4108
3900 rcu_read_unlock(); 4109 rcu_read_unlock();
3901 } 4110 }
3902 4111
3903 if ((changed & BSS_CHANGED_ASSOC)) { 4112 if (changed & BSS_CHANGED_BSSID) {
3904 if (bss_conf->assoc) { 4113 if (!is_zero_ether_addr(bss_conf->bssid)) {
3905 u32 rates; 4114 ret = wlcore_set_bssid(wl, wlvif, bss_conf,
3906 int ieoffset; 4115 sta_rate_set);
3907 wlvif->aid = bss_conf->aid;
3908 wlvif->channel_type =
3909 cfg80211_get_chandef_type(&bss_conf->chandef);
3910 wlvif->beacon_int = bss_conf->beacon_int;
3911 do_join = true;
3912 set_assoc = true;
3913
3914 /*
3915 * use basic rates from AP, and determine lowest rate
3916 * to use with control frames.
3917 */
3918 rates = bss_conf->basic_rates;
3919 wlvif->basic_rate_set =
3920 wl1271_tx_enabled_rates_get(wl, rates,
3921 wlvif->band);
3922 wlvif->basic_rate =
3923 wl1271_tx_min_rate_get(wl,
3924 wlvif->basic_rate_set);
3925 if (sta_rate_set)
3926 wlvif->rate_set =
3927 wl1271_tx_enabled_rates_get(wl,
3928 sta_rate_set,
3929 wlvif->band);
3930 ret = wl1271_acx_sta_rate_policies(wl, wlvif);
3931 if (ret < 0)
3932 goto out;
3933
3934 /*
3935 * with wl1271, we don't need to update the
3936 * beacon_int and dtim_period, because the firmware
3937 * updates it by itself when the first beacon is
3938 * received after a join.
3939 */
3940 ret = wl1271_cmd_build_ps_poll(wl, wlvif, wlvif->aid);
3941 if (ret < 0) 4116 if (ret < 0)
3942 goto out; 4117 goto out;
3943 4118
3944 /* 4119 /* Need to update the BSSID (for filtering etc) */
3945 * Get a template for hardware connection maintenance 4120 do_join = true;
3946 */
3947 dev_kfree_skb(wlvif->probereq);
3948 wlvif->probereq = wl1271_cmd_build_ap_probe_req(wl,
3949 wlvif,
3950 NULL);
3951 ieoffset = offsetof(struct ieee80211_mgmt,
3952 u.probe_req.variable);
3953 wl1271_ssid_set(vif, wlvif->probereq, ieoffset);
3954
3955 /* enable the connection monitoring feature */
3956 ret = wl1271_acx_conn_monit_params(wl, wlvif, true);
3957 if (ret < 0)
3958 goto out;
3959 } else { 4121 } else {
3960 /* use defaults when not associated */ 4122 ret = wlcore_clear_bssid(wl, wlvif);
3961 bool was_assoc =
3962 !!test_and_clear_bit(WLVIF_FLAG_STA_ASSOCIATED,
3963 &wlvif->flags);
3964 bool was_ifup =
3965 !!test_and_clear_bit(WLVIF_FLAG_STA_STATE_SENT,
3966 &wlvif->flags);
3967 wlvif->aid = 0;
3968
3969 /* free probe-request template */
3970 dev_kfree_skb(wlvif->probereq);
3971 wlvif->probereq = NULL;
3972
3973 /* revert back to minimum rates for the current band */
3974 wl1271_set_band_rate(wl, wlvif);
3975 wlvif->basic_rate =
3976 wl1271_tx_min_rate_get(wl,
3977 wlvif->basic_rate_set);
3978 ret = wl1271_acx_sta_rate_policies(wl, wlvif);
3979 if (ret < 0)
3980 goto out;
3981
3982 /* disable connection monitor features */
3983 ret = wl1271_acx_conn_monit_params(wl, wlvif, false);
3984
3985 /* Disable the keep-alive feature */
3986 ret = wl1271_acx_keep_alive_mode(wl, wlvif, false);
3987 if (ret < 0) 4123 if (ret < 0)
3988 goto out; 4124 goto out;
3989
3990 /* restore the bssid filter and go to dummy bssid */
3991 if (was_assoc) {
3992 /*
3993 * we might have to disable roc, if there was
3994 * no IF_OPER_UP notification.
3995 */
3996 if (!was_ifup) {
3997 ret = wl12xx_croc(wl, wlvif->role_id);
3998 if (ret < 0)
3999 goto out;
4000 }
4001 /*
4002 * (we also need to disable roc in case of
4003 * roaming on the same channel. until we will
4004 * have a better flow...)
4005 */
4006 if (test_bit(wlvif->dev_role_id, wl->roc_map)) {
4007 ret = wl12xx_croc(wl,
4008 wlvif->dev_role_id);
4009 if (ret < 0)
4010 goto out;
4011 }
4012
4013 wl1271_unjoin(wl, wlvif);
4014 if (!bss_conf->idle)
4015 wl12xx_start_dev(wl, wlvif);
4016 }
4017 } 4125 }
4018 } 4126 }
4019 4127
@@ -4043,71 +4151,87 @@ sta_not_found:
4043 goto out; 4151 goto out;
4044 4152
4045 if (do_join) { 4153 if (do_join) {
4046 ret = wl1271_join(wl, wlvif, set_assoc); 4154 ret = wlcore_join(wl, wlvif);
4047 if (ret < 0) { 4155 if (ret < 0) {
4048 wl1271_warning("cmd join failed %d", ret); 4156 wl1271_warning("cmd join failed %d", ret);
4049 goto out; 4157 goto out;
4050 } 4158 }
4159 }
4051 4160
4052 /* ROC until connected (after EAPOL exchange) */ 4161 if (changed & BSS_CHANGED_ASSOC) {
4053 if (!is_ibss) { 4162 if (bss_conf->assoc) {
4054 ret = wl12xx_roc(wl, wlvif, wlvif->role_id); 4163 ret = wlcore_set_assoc(wl, wlvif, bss_conf,
4164 sta_rate_set);
4055 if (ret < 0) 4165 if (ret < 0)
4056 goto out; 4166 goto out;
4057 4167
4058 if (test_bit(WLVIF_FLAG_STA_AUTHORIZED, &wlvif->flags)) 4168 if (test_bit(WLVIF_FLAG_STA_AUTHORIZED, &wlvif->flags))
4059 wl12xx_set_authorized(wl, wlvif); 4169 wl12xx_set_authorized(wl, wlvif);
4170 } else {
4171 wlcore_unset_assoc(wl, wlvif);
4060 } 4172 }
4061 /* 4173 }
4062 * stop device role if started (we might already be in 4174
4063 * STA/IBSS role). 4175 if (changed & BSS_CHANGED_PS) {
4064 */ 4176 if ((bss_conf->ps) &&
4065 if (wl12xx_dev_role_started(wlvif)) { 4177 test_bit(WLVIF_FLAG_STA_ASSOCIATED, &wlvif->flags) &&
4066 ret = wl12xx_stop_dev(wl, wlvif); 4178 !test_bit(WLVIF_FLAG_IN_PS, &wlvif->flags)) {
4179 int ps_mode;
4180 char *ps_mode_str;
4181
4182 if (wl->conf.conn.forced_ps) {
4183 ps_mode = STATION_POWER_SAVE_MODE;
4184 ps_mode_str = "forced";
4185 } else {
4186 ps_mode = STATION_AUTO_PS_MODE;
4187 ps_mode_str = "auto";
4188 }
4189
4190 wl1271_debug(DEBUG_PSM, "%s ps enabled", ps_mode_str);
4191
4192 ret = wl1271_ps_set_mode(wl, wlvif, ps_mode);
4067 if (ret < 0) 4193 if (ret < 0)
4068 goto out; 4194 wl1271_warning("enter %s ps failed %d",
4195 ps_mode_str, ret);
4196 } else if (!bss_conf->ps &&
4197 test_bit(WLVIF_FLAG_IN_PS, &wlvif->flags)) {
4198 wl1271_debug(DEBUG_PSM, "auto ps disabled");
4199
4200 ret = wl1271_ps_set_mode(wl, wlvif,
4201 STATION_ACTIVE_MODE);
4202 if (ret < 0)
4203 wl1271_warning("exit auto ps failed %d", ret);
4069 } 4204 }
4070 } 4205 }
4071 4206
4072 /* Handle new association with HT. Do this after join. */ 4207 /* Handle new association with HT. Do this after join. */
4073 if (sta_exists) { 4208 if (sta_exists &&
4074 if ((changed & BSS_CHANGED_HT) && 4209 (changed & BSS_CHANGED_HT)) {
4075 (bss_conf->chandef.width != NL80211_CHAN_WIDTH_20_NOHT)) { 4210 bool enabled =
4076 ret = wl1271_acx_set_ht_capabilities(wl, 4211 bss_conf->chandef.width != NL80211_CHAN_WIDTH_20_NOHT;
4077 &sta_ht_cap, 4212
4078 true, 4213 ret = wlcore_hw_set_peer_cap(wl,
4079 wlvif->sta.hlid); 4214 &sta_ht_cap,
4080 if (ret < 0) { 4215 enabled,
4081 wl1271_warning("Set ht cap true failed %d", 4216 wlvif->rate_set,
4082 ret); 4217 wlvif->sta.hlid);
4083 goto out; 4218 if (ret < 0) {
4084 } 4219 wl1271_warning("Set ht cap failed %d", ret);
4220 goto out;
4221
4085 } 4222 }
4086 /* handle new association without HT and disassociation */ 4223
4087 else if (changed & BSS_CHANGED_ASSOC) { 4224 if (enabled) {
4088 ret = wl1271_acx_set_ht_capabilities(wl, 4225 ret = wl1271_acx_set_ht_information(wl, wlvif,
4089 &sta_ht_cap, 4226 bss_conf->ht_operation_mode);
4090 false,
4091 wlvif->sta.hlid);
4092 if (ret < 0) { 4227 if (ret < 0) {
4093 wl1271_warning("Set ht cap false failed %d", 4228 wl1271_warning("Set ht information failed %d",
4094 ret); 4229 ret);
4095 goto out; 4230 goto out;
4096 } 4231 }
4097 } 4232 }
4098 } 4233 }
4099 4234
4100 /* Handle HT information change. Done after join. */
4101 if ((changed & BSS_CHANGED_HT) &&
4102 (bss_conf->chandef.width != NL80211_CHAN_WIDTH_20_NOHT)) {
4103 ret = wl1271_acx_set_ht_information(wl, wlvif,
4104 bss_conf->ht_operation_mode);
4105 if (ret < 0) {
4106 wl1271_warning("Set ht information failed %d", ret);
4107 goto out;
4108 }
4109 }
4110
4111 /* Handle arp filtering. Done after join. */ 4235 /* Handle arp filtering. Done after join. */
4112 if ((changed & BSS_CHANGED_ARP_FILTER) || 4236 if ((changed & BSS_CHANGED_ARP_FILTER) ||
4113 (!is_ibss && (changed & BSS_CHANGED_QOS))) { 4237 (!is_ibss && (changed & BSS_CHANGED_QOS))) {
@@ -4115,8 +4239,7 @@ sta_not_found:
4115 wlvif->sta.qos = bss_conf->qos; 4239 wlvif->sta.qos = bss_conf->qos;
4116 WARN_ON(wlvif->bss_type != BSS_TYPE_STA_BSS); 4240 WARN_ON(wlvif->bss_type != BSS_TYPE_STA_BSS);
4117 4241
4118 if (bss_conf->arp_addr_cnt == 1 && 4242 if (bss_conf->arp_addr_cnt == 1 && bss_conf->assoc) {
4119 bss_conf->arp_filter_enabled) {
4120 wlvif->ip_addr = addr; 4243 wlvif->ip_addr = addr;
4121 /* 4244 /*
4122 * The template should have been configured only upon 4245 * The template should have been configured only upon
@@ -4157,15 +4280,15 @@ static void wl1271_op_bss_info_changed(struct ieee80211_hw *hw,
4157 bool is_ap = (wlvif->bss_type == BSS_TYPE_AP_BSS); 4280 bool is_ap = (wlvif->bss_type == BSS_TYPE_AP_BSS);
4158 int ret; 4281 int ret;
4159 4282
4160 wl1271_debug(DEBUG_MAC80211, "mac80211 bss info changed 0x%x", 4283 wl1271_debug(DEBUG_MAC80211, "mac80211 bss info role %d changed 0x%x",
4161 (int)changed); 4284 wlvif->role_id, (int)changed);
4162 4285
4163 /* 4286 /*
4164 * make sure to cancel pending disconnections if our association 4287 * make sure to cancel pending disconnections if our association
4165 * state changed 4288 * state changed
4166 */ 4289 */
4167 if (!is_ap && (changed & BSS_CHANGED_ASSOC)) 4290 if (!is_ap && (changed & BSS_CHANGED_ASSOC))
4168 cancel_delayed_work_sync(&wl->connection_loss_work); 4291 cancel_delayed_work_sync(&wlvif->connection_loss_work);
4169 4292
4170 if (is_ap && (changed & BSS_CHANGED_BEACON_ENABLED) && 4293 if (is_ap && (changed & BSS_CHANGED_BEACON_ENABLED) &&
4171 !bss_conf->enable_beacon) 4294 !bss_conf->enable_beacon)
@@ -4194,6 +4317,76 @@ out:
4194 mutex_unlock(&wl->mutex); 4317 mutex_unlock(&wl->mutex);
4195} 4318}
4196 4319
4320static int wlcore_op_add_chanctx(struct ieee80211_hw *hw,
4321 struct ieee80211_chanctx_conf *ctx)
4322{
4323 wl1271_debug(DEBUG_MAC80211, "mac80211 add chanctx %d (type %d)",
4324 ieee80211_frequency_to_channel(ctx->def.chan->center_freq),
4325 cfg80211_get_chandef_type(&ctx->def));
4326 return 0;
4327}
4328
4329static void wlcore_op_remove_chanctx(struct ieee80211_hw *hw,
4330 struct ieee80211_chanctx_conf *ctx)
4331{
4332 wl1271_debug(DEBUG_MAC80211, "mac80211 remove chanctx %d (type %d)",
4333 ieee80211_frequency_to_channel(ctx->def.chan->center_freq),
4334 cfg80211_get_chandef_type(&ctx->def));
4335}
4336
4337static void wlcore_op_change_chanctx(struct ieee80211_hw *hw,
4338 struct ieee80211_chanctx_conf *ctx,
4339 u32 changed)
4340{
4341 wl1271_debug(DEBUG_MAC80211,
4342 "mac80211 change chanctx %d (type %d) changed 0x%x",
4343 ieee80211_frequency_to_channel(ctx->def.chan->center_freq),
4344 cfg80211_get_chandef_type(&ctx->def), changed);
4345}
4346
4347static int wlcore_op_assign_vif_chanctx(struct ieee80211_hw *hw,
4348 struct ieee80211_vif *vif,
4349 struct ieee80211_chanctx_conf *ctx)
4350{
4351 struct wl1271 *wl = hw->priv;
4352 struct wl12xx_vif *wlvif = wl12xx_vif_to_data(vif);
4353 int channel = ieee80211_frequency_to_channel(
4354 ctx->def.chan->center_freq);
4355
4356 wl1271_debug(DEBUG_MAC80211,
4357 "mac80211 assign chanctx (role %d) %d (type %d)",
4358 wlvif->role_id, channel, cfg80211_get_chandef_type(&ctx->def));
4359
4360 mutex_lock(&wl->mutex);
4361
4362 wlvif->band = ctx->def.chan->band;
4363 wlvif->channel = channel;
4364 wlvif->channel_type = cfg80211_get_chandef_type(&ctx->def);
4365
4366 /* update default rates according to the band */
4367 wl1271_set_band_rate(wl, wlvif);
4368
4369 mutex_unlock(&wl->mutex);
4370
4371 return 0;
4372}
4373
4374static void wlcore_op_unassign_vif_chanctx(struct ieee80211_hw *hw,
4375 struct ieee80211_vif *vif,
4376 struct ieee80211_chanctx_conf *ctx)
4377{
4378 struct wl1271 *wl = hw->priv;
4379 struct wl12xx_vif *wlvif = wl12xx_vif_to_data(vif);
4380
4381 wl1271_debug(DEBUG_MAC80211,
4382 "mac80211 unassign chanctx (role %d) %d (type %d)",
4383 wlvif->role_id,
4384 ieee80211_frequency_to_channel(ctx->def.chan->center_freq),
4385 cfg80211_get_chandef_type(&ctx->def));
4386
4387 wl1271_tx_flush(wl);
4388}
4389
4197static int wl1271_op_conf_tx(struct ieee80211_hw *hw, 4390static int wl1271_op_conf_tx(struct ieee80211_hw *hw,
4198 struct ieee80211_vif *vif, u16 queue, 4391 struct ieee80211_vif *vif, u16 queue,
4199 const struct ieee80211_tx_queue_params *params) 4392 const struct ieee80211_tx_queue_params *params)
@@ -4321,8 +4514,6 @@ void wl1271_free_sta(struct wl1271 *wl, struct wl12xx_vif *wlvif, u8 hlid)
4321 return; 4514 return;
4322 4515
4323 clear_bit(hlid, wlvif->ap.sta_hlid_map); 4516 clear_bit(hlid, wlvif->ap.sta_hlid_map);
4324 memset(wl->links[hlid].addr, 0, ETH_ALEN);
4325 wl->links[hlid].ba_bitmap = 0;
4326 __clear_bit(hlid, &wl->ap_ps_map); 4517 __clear_bit(hlid, &wl->ap_ps_map);
4327 __clear_bit(hlid, (unsigned long *)&wl->ap_fw_ps_map); 4518 __clear_bit(hlid, (unsigned long *)&wl->ap_fw_ps_map);
4328 wl12xx_free_link(wl, wlvif, &hlid); 4519 wl12xx_free_link(wl, wlvif, &hlid);
@@ -4382,6 +4573,45 @@ static int wl12xx_sta_remove(struct wl1271 *wl,
4382 return ret; 4573 return ret;
4383} 4574}
4384 4575
4576static void wlcore_roc_if_possible(struct wl1271 *wl,
4577 struct wl12xx_vif *wlvif)
4578{
4579 if (find_first_bit(wl->roc_map,
4580 WL12XX_MAX_ROLES) < WL12XX_MAX_ROLES)
4581 return;
4582
4583 if (WARN_ON(wlvif->role_id == WL12XX_INVALID_ROLE_ID))
4584 return;
4585
4586 wl12xx_roc(wl, wlvif, wlvif->role_id, wlvif->band, wlvif->channel);
4587}
4588
4589static void wlcore_update_inconn_sta(struct wl1271 *wl,
4590 struct wl12xx_vif *wlvif,
4591 struct wl1271_station *wl_sta,
4592 bool in_connection)
4593{
4594 if (in_connection) {
4595 if (WARN_ON(wl_sta->in_connection))
4596 return;
4597 wl_sta->in_connection = true;
4598 if (!wlvif->inconn_count++)
4599 wlcore_roc_if_possible(wl, wlvif);
4600 } else {
4601 if (!wl_sta->in_connection)
4602 return;
4603
4604 wl_sta->in_connection = false;
4605 wlvif->inconn_count--;
4606 if (WARN_ON(wlvif->inconn_count < 0))
4607 return;
4608
4609 if (!wlvif->inconn_count)
4610 if (test_bit(wlvif->role_id, wl->roc_map))
4611 wl12xx_croc(wl, wlvif->role_id);
4612 }
4613}
4614
4385static int wl12xx_update_sta_state(struct wl1271 *wl, 4615static int wl12xx_update_sta_state(struct wl1271 *wl,
4386 struct wl12xx_vif *wlvif, 4616 struct wl12xx_vif *wlvif,
4387 struct ieee80211_sta *sta, 4617 struct ieee80211_sta *sta,
@@ -4400,8 +4630,13 @@ static int wl12xx_update_sta_state(struct wl1271 *wl,
4400 /* Add station (AP mode) */ 4630 /* Add station (AP mode) */
4401 if (is_ap && 4631 if (is_ap &&
4402 old_state == IEEE80211_STA_NOTEXIST && 4632 old_state == IEEE80211_STA_NOTEXIST &&
4403 new_state == IEEE80211_STA_NONE) 4633 new_state == IEEE80211_STA_NONE) {
4404 return wl12xx_sta_add(wl, wlvif, sta); 4634 ret = wl12xx_sta_add(wl, wlvif, sta);
4635 if (ret)
4636 return ret;
4637
4638 wlcore_update_inconn_sta(wl, wlvif, wl_sta, true);
4639 }
4405 4640
4406 /* Remove station (AP mode) */ 4641 /* Remove station (AP mode) */
4407 if (is_ap && 4642 if (is_ap &&
@@ -4409,35 +4644,59 @@ static int wl12xx_update_sta_state(struct wl1271 *wl,
4409 new_state == IEEE80211_STA_NOTEXIST) { 4644 new_state == IEEE80211_STA_NOTEXIST) {
4410 /* must not fail */ 4645 /* must not fail */
4411 wl12xx_sta_remove(wl, wlvif, sta); 4646 wl12xx_sta_remove(wl, wlvif, sta);
4412 return 0; 4647
4648 wlcore_update_inconn_sta(wl, wlvif, wl_sta, false);
4413 } 4649 }
4414 4650
4415 /* Authorize station (AP mode) */ 4651 /* Authorize station (AP mode) */
4416 if (is_ap && 4652 if (is_ap &&
4417 new_state == IEEE80211_STA_AUTHORIZED) { 4653 new_state == IEEE80211_STA_AUTHORIZED) {
4418 ret = wl12xx_cmd_set_peer_state(wl, hlid); 4654 ret = wl12xx_cmd_set_peer_state(wl, wlvif, hlid);
4419 if (ret < 0) 4655 if (ret < 0)
4420 return ret; 4656 return ret;
4421 4657
4422 ret = wl1271_acx_set_ht_capabilities(wl, &sta->ht_cap, true, 4658 ret = wl1271_acx_set_ht_capabilities(wl, &sta->ht_cap, true,
4423 hlid); 4659 hlid);
4424 return ret; 4660 if (ret)
4661 return ret;
4662
4663 wlcore_update_inconn_sta(wl, wlvif, wl_sta, false);
4425 } 4664 }
4426 4665
4427 /* Authorize station */ 4666 /* Authorize station */
4428 if (is_sta && 4667 if (is_sta &&
4429 new_state == IEEE80211_STA_AUTHORIZED) { 4668 new_state == IEEE80211_STA_AUTHORIZED) {
4430 set_bit(WLVIF_FLAG_STA_AUTHORIZED, &wlvif->flags); 4669 set_bit(WLVIF_FLAG_STA_AUTHORIZED, &wlvif->flags);
4431 return wl12xx_set_authorized(wl, wlvif); 4670 ret = wl12xx_set_authorized(wl, wlvif);
4671 if (ret)
4672 return ret;
4432 } 4673 }
4433 4674
4434 if (is_sta && 4675 if (is_sta &&
4435 old_state == IEEE80211_STA_AUTHORIZED && 4676 old_state == IEEE80211_STA_AUTHORIZED &&
4436 new_state == IEEE80211_STA_ASSOC) { 4677 new_state == IEEE80211_STA_ASSOC) {
4437 clear_bit(WLVIF_FLAG_STA_AUTHORIZED, &wlvif->flags); 4678 clear_bit(WLVIF_FLAG_STA_AUTHORIZED, &wlvif->flags);
4438 return 0; 4679 clear_bit(WLVIF_FLAG_STA_STATE_SENT, &wlvif->flags);
4439 } 4680 }
4440 4681
4682 /* clear ROCs on failure or authorization */
4683 if (is_sta &&
4684 (new_state == IEEE80211_STA_AUTHORIZED ||
4685 new_state == IEEE80211_STA_NOTEXIST)) {
4686 if (test_bit(wlvif->role_id, wl->roc_map))
4687 wl12xx_croc(wl, wlvif->role_id);
4688 }
4689
4690 if (is_sta &&
4691 old_state == IEEE80211_STA_NOTEXIST &&
4692 new_state == IEEE80211_STA_NONE) {
4693 if (find_first_bit(wl->roc_map,
4694 WL12XX_MAX_ROLES) >= WL12XX_MAX_ROLES) {
4695 WARN_ON(wlvif->role_id == WL12XX_INVALID_ROLE_ID);
4696 wl12xx_roc(wl, wlvif, wlvif->role_id,
4697 wlvif->band, wlvif->channel);
4698 }
4699 }
4441 return 0; 4700 return 0;
4442} 4701}
4443 4702
@@ -4502,18 +4761,18 @@ static int wl1271_op_ampdu_action(struct ieee80211_hw *hw,
4502 4761
4503 if (wlvif->bss_type == BSS_TYPE_STA_BSS) { 4762 if (wlvif->bss_type == BSS_TYPE_STA_BSS) {
4504 hlid = wlvif->sta.hlid; 4763 hlid = wlvif->sta.hlid;
4505 ba_bitmap = &wlvif->sta.ba_rx_bitmap;
4506 } else if (wlvif->bss_type == BSS_TYPE_AP_BSS) { 4764 } else if (wlvif->bss_type == BSS_TYPE_AP_BSS) {
4507 struct wl1271_station *wl_sta; 4765 struct wl1271_station *wl_sta;
4508 4766
4509 wl_sta = (struct wl1271_station *)sta->drv_priv; 4767 wl_sta = (struct wl1271_station *)sta->drv_priv;
4510 hlid = wl_sta->hlid; 4768 hlid = wl_sta->hlid;
4511 ba_bitmap = &wl->links[hlid].ba_bitmap;
4512 } else { 4769 } else {
4513 ret = -EINVAL; 4770 ret = -EINVAL;
4514 goto out; 4771 goto out;
4515 } 4772 }
4516 4773
4774 ba_bitmap = &wl->links[hlid].ba_bitmap;
4775
4517 ret = wl1271_ps_elp_wakeup(wl); 4776 ret = wl1271_ps_elp_wakeup(wl);
4518 if (ret < 0) 4777 if (ret < 0)
4519 goto out; 4778 goto out;
@@ -4575,7 +4834,9 @@ static int wl1271_op_ampdu_action(struct ieee80211_hw *hw,
4575 * Falling break here on purpose for all TX APDU commands. 4834 * Falling break here on purpose for all TX APDU commands.
4576 */ 4835 */
4577 case IEEE80211_AMPDU_TX_START: 4836 case IEEE80211_AMPDU_TX_START:
4578 case IEEE80211_AMPDU_TX_STOP: 4837 case IEEE80211_AMPDU_TX_STOP_CONT:
4838 case IEEE80211_AMPDU_TX_STOP_FLUSH:
4839 case IEEE80211_AMPDU_TX_STOP_FLUSH_CONT:
4579 case IEEE80211_AMPDU_TX_OPERATIONAL: 4840 case IEEE80211_AMPDU_TX_OPERATIONAL:
4580 ret = -EINVAL; 4841 ret = -EINVAL;
4581 break; 4842 break;
@@ -4665,12 +4926,23 @@ static void wl12xx_op_channel_switch(struct ieee80211_hw *hw,
4665 4926
4666 /* TODO: change mac80211 to pass vif as param */ 4927 /* TODO: change mac80211 to pass vif as param */
4667 wl12xx_for_each_wlvif_sta(wl, wlvif) { 4928 wl12xx_for_each_wlvif_sta(wl, wlvif) {
4668 ret = wl12xx_cmd_channel_switch(wl, wlvif, ch_switch); 4929 unsigned long delay_usec;
4930
4931 ret = wl->ops->channel_switch(wl, wlvif, ch_switch);
4932 if (ret)
4933 goto out_sleep;
4934
4935 set_bit(WLVIF_FLAG_CS_PROGRESS, &wlvif->flags);
4669 4936
4670 if (!ret) 4937 /* indicate failure 5 seconds after channel switch time */
4671 set_bit(WLVIF_FLAG_CS_PROGRESS, &wlvif->flags); 4938 delay_usec = ieee80211_tu_to_usec(wlvif->beacon_int) *
4939 ch_switch->count;
4940 ieee80211_queue_delayed_work(hw, &wlvif->channel_switch_work,
4941 usecs_to_jiffies(delay_usec) +
4942 msecs_to_jiffies(5000));
4672 } 4943 }
4673 4944
4945out_sleep:
4674 wl1271_ps_elp_sleep(wl); 4946 wl1271_ps_elp_sleep(wl);
4675 4947
4676out: 4948out:
@@ -4684,6 +4956,144 @@ static void wlcore_op_flush(struct ieee80211_hw *hw, bool drop)
4684 wl1271_tx_flush(wl); 4956 wl1271_tx_flush(wl);
4685} 4957}
4686 4958
4959static int wlcore_op_remain_on_channel(struct ieee80211_hw *hw,
4960 struct ieee80211_vif *vif,
4961 struct ieee80211_channel *chan,
4962 int duration)
4963{
4964 struct wl12xx_vif *wlvif = wl12xx_vif_to_data(vif);
4965 struct wl1271 *wl = hw->priv;
4966 int channel, ret = 0;
4967
4968 channel = ieee80211_frequency_to_channel(chan->center_freq);
4969
4970 wl1271_debug(DEBUG_MAC80211, "mac80211 roc %d (%d)",
4971 channel, wlvif->role_id);
4972
4973 mutex_lock(&wl->mutex);
4974
4975 if (unlikely(wl->state != WLCORE_STATE_ON))
4976 goto out;
4977
4978 /* return EBUSY if we can't ROC right now */
4979 if (WARN_ON(wl->roc_vif ||
4980 find_first_bit(wl->roc_map,
4981 WL12XX_MAX_ROLES) < WL12XX_MAX_ROLES)) {
4982 ret = -EBUSY;
4983 goto out;
4984 }
4985
4986 ret = wl1271_ps_elp_wakeup(wl);
4987 if (ret < 0)
4988 goto out;
4989
4990 ret = wl12xx_start_dev(wl, wlvif, chan->band, channel);
4991 if (ret < 0)
4992 goto out_sleep;
4993
4994 wl->roc_vif = vif;
4995 ieee80211_queue_delayed_work(hw, &wl->roc_complete_work,
4996 msecs_to_jiffies(duration));
4997out_sleep:
4998 wl1271_ps_elp_sleep(wl);
4999out:
5000 mutex_unlock(&wl->mutex);
5001 return ret;
5002}
5003
5004static int __wlcore_roc_completed(struct wl1271 *wl)
5005{
5006 struct wl12xx_vif *wlvif;
5007 int ret;
5008
5009 /* already completed */
5010 if (unlikely(!wl->roc_vif))
5011 return 0;
5012
5013 wlvif = wl12xx_vif_to_data(wl->roc_vif);
5014
5015 if (!test_bit(WLVIF_FLAG_INITIALIZED, &wlvif->flags))
5016 return -EBUSY;
5017
5018 ret = wl12xx_stop_dev(wl, wlvif);
5019 if (ret < 0)
5020 return ret;
5021
5022 wl->roc_vif = NULL;
5023
5024 return 0;
5025}
5026
5027static int wlcore_roc_completed(struct wl1271 *wl)
5028{
5029 int ret;
5030
5031 wl1271_debug(DEBUG_MAC80211, "roc complete");
5032
5033 mutex_lock(&wl->mutex);
5034
5035 if (unlikely(wl->state != WLCORE_STATE_ON)) {
5036 ret = -EBUSY;
5037 goto out;
5038 }
5039
5040 ret = wl1271_ps_elp_wakeup(wl);
5041 if (ret < 0)
5042 goto out;
5043
5044 ret = __wlcore_roc_completed(wl);
5045
5046 wl1271_ps_elp_sleep(wl);
5047out:
5048 mutex_unlock(&wl->mutex);
5049
5050 return ret;
5051}
5052
5053static void wlcore_roc_complete_work(struct work_struct *work)
5054{
5055 struct delayed_work *dwork;
5056 struct wl1271 *wl;
5057 int ret;
5058
5059 dwork = container_of(work, struct delayed_work, work);
5060 wl = container_of(dwork, struct wl1271, roc_complete_work);
5061
5062 ret = wlcore_roc_completed(wl);
5063 if (!ret)
5064 ieee80211_remain_on_channel_expired(wl->hw);
5065}
5066
5067static int wlcore_op_cancel_remain_on_channel(struct ieee80211_hw *hw)
5068{
5069 struct wl1271 *wl = hw->priv;
5070
5071 wl1271_debug(DEBUG_MAC80211, "mac80211 croc");
5072
5073 /* TODO: per-vif */
5074 wl1271_tx_flush(wl);
5075
5076 /*
5077 * we can't just flush_work here, because it might deadlock
5078 * (as we might get called from the same workqueue)
5079 */
5080 cancel_delayed_work_sync(&wl->roc_complete_work);
5081 wlcore_roc_completed(wl);
5082
5083 return 0;
5084}
5085
5086static void wlcore_op_sta_rc_update(struct ieee80211_hw *hw,
5087 struct ieee80211_vif *vif,
5088 struct ieee80211_sta *sta,
5089 u32 changed)
5090{
5091 struct wl12xx_vif *wlvif = wl12xx_vif_to_data(vif);
5092 struct wl1271 *wl = hw->priv;
5093
5094 wlcore_hw_sta_rc_update(wl, wlvif, sta, changed);
5095}
5096
4687static bool wl1271_tx_frames_pending(struct ieee80211_hw *hw) 5097static bool wl1271_tx_frames_pending(struct ieee80211_hw *hw)
4688{ 5098{
4689 struct wl1271 *wl = hw->priv; 5099 struct wl1271 *wl = hw->priv;
@@ -4747,20 +5157,20 @@ static struct ieee80211_rate wl1271_rates[] = {
4747 5157
4748/* can't be const, mac80211 writes to this */ 5158/* can't be const, mac80211 writes to this */
4749static struct ieee80211_channel wl1271_channels[] = { 5159static struct ieee80211_channel wl1271_channels[] = {
4750 { .hw_value = 1, .center_freq = 2412, .max_power = 25 }, 5160 { .hw_value = 1, .center_freq = 2412, .max_power = WLCORE_MAX_TXPWR },
4751 { .hw_value = 2, .center_freq = 2417, .max_power = 25 }, 5161 { .hw_value = 2, .center_freq = 2417, .max_power = WLCORE_MAX_TXPWR },
4752 { .hw_value = 3, .center_freq = 2422, .max_power = 25 }, 5162 { .hw_value = 3, .center_freq = 2422, .max_power = WLCORE_MAX_TXPWR },
4753 { .hw_value = 4, .center_freq = 2427, .max_power = 25 }, 5163 { .hw_value = 4, .center_freq = 2427, .max_power = WLCORE_MAX_TXPWR },
4754 { .hw_value = 5, .center_freq = 2432, .max_power = 25 }, 5164 { .hw_value = 5, .center_freq = 2432, .max_power = WLCORE_MAX_TXPWR },
4755 { .hw_value = 6, .center_freq = 2437, .max_power = 25 }, 5165 { .hw_value = 6, .center_freq = 2437, .max_power = WLCORE_MAX_TXPWR },
4756 { .hw_value = 7, .center_freq = 2442, .max_power = 25 }, 5166 { .hw_value = 7, .center_freq = 2442, .max_power = WLCORE_MAX_TXPWR },
4757 { .hw_value = 8, .center_freq = 2447, .max_power = 25 }, 5167 { .hw_value = 8, .center_freq = 2447, .max_power = WLCORE_MAX_TXPWR },
4758 { .hw_value = 9, .center_freq = 2452, .max_power = 25 }, 5168 { .hw_value = 9, .center_freq = 2452, .max_power = WLCORE_MAX_TXPWR },
4759 { .hw_value = 10, .center_freq = 2457, .max_power = 25 }, 5169 { .hw_value = 10, .center_freq = 2457, .max_power = WLCORE_MAX_TXPWR },
4760 { .hw_value = 11, .center_freq = 2462, .max_power = 25 }, 5170 { .hw_value = 11, .center_freq = 2462, .max_power = WLCORE_MAX_TXPWR },
4761 { .hw_value = 12, .center_freq = 2467, .max_power = 25 }, 5171 { .hw_value = 12, .center_freq = 2467, .max_power = WLCORE_MAX_TXPWR },
4762 { .hw_value = 13, .center_freq = 2472, .max_power = 25 }, 5172 { .hw_value = 13, .center_freq = 2472, .max_power = WLCORE_MAX_TXPWR },
4763 { .hw_value = 14, .center_freq = 2484, .max_power = 25 }, 5173 { .hw_value = 14, .center_freq = 2484, .max_power = WLCORE_MAX_TXPWR },
4764}; 5174};
4765 5175
4766/* can't be const, mac80211 writes to this */ 5176/* can't be const, mac80211 writes to this */
@@ -4801,40 +5211,40 @@ static struct ieee80211_rate wl1271_rates_5ghz[] = {
4801 5211
4802/* 5 GHz band channels for WL1273 */ 5212/* 5 GHz band channels for WL1273 */
4803static struct ieee80211_channel wl1271_channels_5ghz[] = { 5213static struct ieee80211_channel wl1271_channels_5ghz[] = {
4804 { .hw_value = 7, .center_freq = 5035, .max_power = 25 }, 5214 { .hw_value = 7, .center_freq = 5035, .max_power = WLCORE_MAX_TXPWR },
4805 { .hw_value = 8, .center_freq = 5040, .max_power = 25 }, 5215 { .hw_value = 8, .center_freq = 5040, .max_power = WLCORE_MAX_TXPWR },
4806 { .hw_value = 9, .center_freq = 5045, .max_power = 25 }, 5216 { .hw_value = 9, .center_freq = 5045, .max_power = WLCORE_MAX_TXPWR },
4807 { .hw_value = 11, .center_freq = 5055, .max_power = 25 }, 5217 { .hw_value = 11, .center_freq = 5055, .max_power = WLCORE_MAX_TXPWR },
4808 { .hw_value = 12, .center_freq = 5060, .max_power = 25 }, 5218 { .hw_value = 12, .center_freq = 5060, .max_power = WLCORE_MAX_TXPWR },
4809 { .hw_value = 16, .center_freq = 5080, .max_power = 25 }, 5219 { .hw_value = 16, .center_freq = 5080, .max_power = WLCORE_MAX_TXPWR },
4810 { .hw_value = 34, .center_freq = 5170, .max_power = 25 }, 5220 { .hw_value = 34, .center_freq = 5170, .max_power = WLCORE_MAX_TXPWR },
4811 { .hw_value = 36, .center_freq = 5180, .max_power = 25 }, 5221 { .hw_value = 36, .center_freq = 5180, .max_power = WLCORE_MAX_TXPWR },
4812 { .hw_value = 38, .center_freq = 5190, .max_power = 25 }, 5222 { .hw_value = 38, .center_freq = 5190, .max_power = WLCORE_MAX_TXPWR },
4813 { .hw_value = 40, .center_freq = 5200, .max_power = 25 }, 5223 { .hw_value = 40, .center_freq = 5200, .max_power = WLCORE_MAX_TXPWR },
4814 { .hw_value = 42, .center_freq = 5210, .max_power = 25 }, 5224 { .hw_value = 42, .center_freq = 5210, .max_power = WLCORE_MAX_TXPWR },
4815 { .hw_value = 44, .center_freq = 5220, .max_power = 25 }, 5225 { .hw_value = 44, .center_freq = 5220, .max_power = WLCORE_MAX_TXPWR },
4816 { .hw_value = 46, .center_freq = 5230, .max_power = 25 }, 5226 { .hw_value = 46, .center_freq = 5230, .max_power = WLCORE_MAX_TXPWR },
4817 { .hw_value = 48, .center_freq = 5240, .max_power = 25 }, 5227 { .hw_value = 48, .center_freq = 5240, .max_power = WLCORE_MAX_TXPWR },
4818 { .hw_value = 52, .center_freq = 5260, .max_power = 25 }, 5228 { .hw_value = 52, .center_freq = 5260, .max_power = WLCORE_MAX_TXPWR },
4819 { .hw_value = 56, .center_freq = 5280, .max_power = 25 }, 5229 { .hw_value = 56, .center_freq = 5280, .max_power = WLCORE_MAX_TXPWR },
4820 { .hw_value = 60, .center_freq = 5300, .max_power = 25 }, 5230 { .hw_value = 60, .center_freq = 5300, .max_power = WLCORE_MAX_TXPWR },
4821 { .hw_value = 64, .center_freq = 5320, .max_power = 25 }, 5231 { .hw_value = 64, .center_freq = 5320, .max_power = WLCORE_MAX_TXPWR },
4822 { .hw_value = 100, .center_freq = 5500, .max_power = 25 }, 5232 { .hw_value = 100, .center_freq = 5500, .max_power = WLCORE_MAX_TXPWR },
4823 { .hw_value = 104, .center_freq = 5520, .max_power = 25 }, 5233 { .hw_value = 104, .center_freq = 5520, .max_power = WLCORE_MAX_TXPWR },
4824 { .hw_value = 108, .center_freq = 5540, .max_power = 25 }, 5234 { .hw_value = 108, .center_freq = 5540, .max_power = WLCORE_MAX_TXPWR },
4825 { .hw_value = 112, .center_freq = 5560, .max_power = 25 }, 5235 { .hw_value = 112, .center_freq = 5560, .max_power = WLCORE_MAX_TXPWR },
4826 { .hw_value = 116, .center_freq = 5580, .max_power = 25 }, 5236 { .hw_value = 116, .center_freq = 5580, .max_power = WLCORE_MAX_TXPWR },
4827 { .hw_value = 120, .center_freq = 5600, .max_power = 25 }, 5237 { .hw_value = 120, .center_freq = 5600, .max_power = WLCORE_MAX_TXPWR },
4828 { .hw_value = 124, .center_freq = 5620, .max_power = 25 }, 5238 { .hw_value = 124, .center_freq = 5620, .max_power = WLCORE_MAX_TXPWR },
4829 { .hw_value = 128, .center_freq = 5640, .max_power = 25 }, 5239 { .hw_value = 128, .center_freq = 5640, .max_power = WLCORE_MAX_TXPWR },
4830 { .hw_value = 132, .center_freq = 5660, .max_power = 25 }, 5240 { .hw_value = 132, .center_freq = 5660, .max_power = WLCORE_MAX_TXPWR },
4831 { .hw_value = 136, .center_freq = 5680, .max_power = 25 }, 5241 { .hw_value = 136, .center_freq = 5680, .max_power = WLCORE_MAX_TXPWR },
4832 { .hw_value = 140, .center_freq = 5700, .max_power = 25 }, 5242 { .hw_value = 140, .center_freq = 5700, .max_power = WLCORE_MAX_TXPWR },
4833 { .hw_value = 149, .center_freq = 5745, .max_power = 25 }, 5243 { .hw_value = 149, .center_freq = 5745, .max_power = WLCORE_MAX_TXPWR },
4834 { .hw_value = 153, .center_freq = 5765, .max_power = 25 }, 5244 { .hw_value = 153, .center_freq = 5765, .max_power = WLCORE_MAX_TXPWR },
4835 { .hw_value = 157, .center_freq = 5785, .max_power = 25 }, 5245 { .hw_value = 157, .center_freq = 5785, .max_power = WLCORE_MAX_TXPWR },
4836 { .hw_value = 161, .center_freq = 5805, .max_power = 25 }, 5246 { .hw_value = 161, .center_freq = 5805, .max_power = WLCORE_MAX_TXPWR },
4837 { .hw_value = 165, .center_freq = 5825, .max_power = 25 }, 5247 { .hw_value = 165, .center_freq = 5825, .max_power = WLCORE_MAX_TXPWR },
4838}; 5248};
4839 5249
4840static struct ieee80211_supported_band wl1271_band_5ghz = { 5250static struct ieee80211_supported_band wl1271_band_5ghz = {
@@ -4875,6 +5285,14 @@ static const struct ieee80211_ops wl1271_ops = {
4875 .set_bitrate_mask = wl12xx_set_bitrate_mask, 5285 .set_bitrate_mask = wl12xx_set_bitrate_mask,
4876 .channel_switch = wl12xx_op_channel_switch, 5286 .channel_switch = wl12xx_op_channel_switch,
4877 .flush = wlcore_op_flush, 5287 .flush = wlcore_op_flush,
5288 .remain_on_channel = wlcore_op_remain_on_channel,
5289 .cancel_remain_on_channel = wlcore_op_cancel_remain_on_channel,
5290 .add_chanctx = wlcore_op_add_chanctx,
5291 .remove_chanctx = wlcore_op_remove_chanctx,
5292 .change_chanctx = wlcore_op_change_chanctx,
5293 .assign_vif_chanctx = wlcore_op_assign_vif_chanctx,
5294 .unassign_vif_chanctx = wlcore_op_unassign_vif_chanctx,
5295 .sta_rc_update = wlcore_op_sta_rc_update,
4878 CFG80211_TESTMODE_CMD(wl1271_tm_cmd) 5296 CFG80211_TESTMODE_CMD(wl1271_tm_cmd)
4879}; 5297};
4880 5298
@@ -5044,34 +5462,6 @@ static struct bin_attribute fwlog_attr = {
5044 .read = wl1271_sysfs_read_fwlog, 5462 .read = wl1271_sysfs_read_fwlog,
5045}; 5463};
5046 5464
5047static void wl1271_connection_loss_work(struct work_struct *work)
5048{
5049 struct delayed_work *dwork;
5050 struct wl1271 *wl;
5051 struct ieee80211_vif *vif;
5052 struct wl12xx_vif *wlvif;
5053
5054 dwork = container_of(work, struct delayed_work, work);
5055 wl = container_of(dwork, struct wl1271, connection_loss_work);
5056
5057 wl1271_info("Connection loss work.");
5058
5059 mutex_lock(&wl->mutex);
5060
5061 if (unlikely(wl->state != WLCORE_STATE_ON))
5062 goto out;
5063
5064 /* Call mac80211 connection loss */
5065 wl12xx_for_each_wlvif_sta(wl, wlvif) {
5066 if (!test_bit(WLVIF_FLAG_STA_ASSOCIATED, &wlvif->flags))
5067 goto out;
5068 vif = wl12xx_wlvif_to_vif(wlvif);
5069 ieee80211_connection_loss(vif);
5070 }
5071out:
5072 mutex_unlock(&wl->mutex);
5073}
5074
5075static void wl12xx_derive_mac_addresses(struct wl1271 *wl, u32 oui, u32 nic) 5465static void wl12xx_derive_mac_addresses(struct wl1271 *wl, u32 oui, u32 nic)
5076{ 5466{
5077 int i; 5467 int i;
@@ -5117,7 +5507,7 @@ static int wl12xx_get_hw_info(struct wl1271 *wl)
5117 5507
5118 ret = wl12xx_set_power_on(wl); 5508 ret = wl12xx_set_power_on(wl);
5119 if (ret < 0) 5509 if (ret < 0)
5120 goto out; 5510 return ret;
5121 5511
5122 ret = wlcore_read_reg(wl, REG_CHIP_ID_B, &wl->chip.id); 5512 ret = wlcore_read_reg(wl, REG_CHIP_ID_B, &wl->chip.id);
5123 if (ret < 0) 5513 if (ret < 0)
@@ -5207,10 +5597,9 @@ static const struct ieee80211_iface_limit wlcore_iface_limits[] = {
5207 }, 5597 },
5208}; 5598};
5209 5599
5210static const struct ieee80211_iface_combination 5600static struct ieee80211_iface_combination
5211wlcore_iface_combinations[] = { 5601wlcore_iface_combinations[] = {
5212 { 5602 {
5213 .num_different_channels = 1,
5214 .max_interfaces = 3, 5603 .max_interfaces = 3,
5215 .limits = wlcore_iface_limits, 5604 .limits = wlcore_iface_limits,
5216 .n_limits = ARRAY_SIZE(wlcore_iface_limits), 5605 .n_limits = ARRAY_SIZE(wlcore_iface_limits),
@@ -5219,6 +5608,7 @@ wlcore_iface_combinations[] = {
5219 5608
5220static int wl1271_init_ieee80211(struct wl1271 *wl) 5609static int wl1271_init_ieee80211(struct wl1271 *wl)
5221{ 5610{
5611 int i;
5222 static const u32 cipher_suites[] = { 5612 static const u32 cipher_suites[] = {
5223 WLAN_CIPHER_SUITE_WEP40, 5613 WLAN_CIPHER_SUITE_WEP40,
5224 WLAN_CIPHER_SUITE_WEP104, 5614 WLAN_CIPHER_SUITE_WEP104,
@@ -5249,7 +5639,8 @@ static int wl1271_init_ieee80211(struct wl1271 *wl)
5249 IEEE80211_HW_AP_LINK_PS | 5639 IEEE80211_HW_AP_LINK_PS |
5250 IEEE80211_HW_AMPDU_AGGREGATION | 5640 IEEE80211_HW_AMPDU_AGGREGATION |
5251 IEEE80211_HW_TX_AMPDU_SETUP_IN_HW | 5641 IEEE80211_HW_TX_AMPDU_SETUP_IN_HW |
5252 IEEE80211_HW_SCAN_WHILE_IDLE; 5642 IEEE80211_HW_SCAN_WHILE_IDLE |
5643 IEEE80211_HW_QUEUE_CONTROL;
5253 5644
5254 wl->hw->wiphy->cipher_suites = cipher_suites; 5645 wl->hw->wiphy->cipher_suites = cipher_suites;
5255 wl->hw->wiphy->n_cipher_suites = ARRAY_SIZE(cipher_suites); 5646 wl->hw->wiphy->n_cipher_suites = ARRAY_SIZE(cipher_suites);
@@ -5271,6 +5662,8 @@ static int wl1271_init_ieee80211(struct wl1271 *wl)
5271 wl->hw->wiphy->max_sched_scan_ie_len = WL1271_CMD_TEMPL_MAX_SIZE - 5662 wl->hw->wiphy->max_sched_scan_ie_len = WL1271_CMD_TEMPL_MAX_SIZE -
5272 sizeof(struct ieee80211_header); 5663 sizeof(struct ieee80211_header);
5273 5664
5665 wl->hw->wiphy->max_remain_on_channel_duration = 5000;
5666
5274 wl->hw->wiphy->flags |= WIPHY_FLAG_AP_UAPSD | 5667 wl->hw->wiphy->flags |= WIPHY_FLAG_AP_UAPSD |
5275 WIPHY_FLAG_HAS_REMAIN_ON_CHANNEL; 5668 WIPHY_FLAG_HAS_REMAIN_ON_CHANNEL;
5276 5669
@@ -5279,6 +5672,22 @@ static int wl1271_init_ieee80211(struct wl1271 *wl)
5279 ARRAY_SIZE(wl1271_channels_5ghz) > 5672 ARRAY_SIZE(wl1271_channels_5ghz) >
5280 WL1271_MAX_CHANNELS); 5673 WL1271_MAX_CHANNELS);
5281 /* 5674 /*
5675 * clear channel flags from the previous usage
5676 * and restore max_power & max_antenna_gain values.
5677 */
5678 for (i = 0; i < ARRAY_SIZE(wl1271_channels); i++) {
5679 wl1271_band_2ghz.channels[i].flags = 0;
5680 wl1271_band_2ghz.channels[i].max_power = WLCORE_MAX_TXPWR;
5681 wl1271_band_2ghz.channels[i].max_antenna_gain = 0;
5682 }
5683
5684 for (i = 0; i < ARRAY_SIZE(wl1271_channels_5ghz); i++) {
5685 wl1271_band_5ghz.channels[i].flags = 0;
5686 wl1271_band_5ghz.channels[i].max_power = WLCORE_MAX_TXPWR;
5687 wl1271_band_5ghz.channels[i].max_antenna_gain = 0;
5688 }
5689
5690 /*
5282 * We keep local copies of the band structs because we need to 5691 * We keep local copies of the band structs because we need to
5283 * modify them on a per-device basis. 5692 * modify them on a per-device basis.
5284 */ 5693 */
@@ -5298,7 +5707,14 @@ static int wl1271_init_ieee80211(struct wl1271 *wl)
5298 wl->hw->wiphy->bands[IEEE80211_BAND_5GHZ] = 5707 wl->hw->wiphy->bands[IEEE80211_BAND_5GHZ] =
5299 &wl->bands[IEEE80211_BAND_5GHZ]; 5708 &wl->bands[IEEE80211_BAND_5GHZ];
5300 5709
5301 wl->hw->queues = 4; 5710 /*
5711 * allow 4 queues per mac address we support +
5712 * 1 cab queue per mac + one global offchannel Tx queue
5713 */
5714 wl->hw->queues = (NUM_TX_QUEUES + 1) * WLCORE_NUM_MAC_ADDRESSES + 1;
5715
5716 /* the last queue is the offchannel queue */
5717 wl->hw->offchannel_tx_hw_queue = wl->hw->queues - 1;
5302 wl->hw->max_rates = 1; 5718 wl->hw->max_rates = 1;
5303 5719
5304 wl->hw->wiphy->reg_notifier = wl1271_reg_notify; 5720 wl->hw->wiphy->reg_notifier = wl1271_reg_notify;
@@ -5311,6 +5727,7 @@ static int wl1271_init_ieee80211(struct wl1271 *wl)
5311 NL80211_PROBE_RESP_OFFLOAD_SUPPORT_P2P; 5727 NL80211_PROBE_RESP_OFFLOAD_SUPPORT_P2P;
5312 5728
5313 /* allowed interface combinations */ 5729 /* allowed interface combinations */
5730 wlcore_iface_combinations[0].num_different_channels = wl->num_channels;
5314 wl->hw->wiphy->iface_combinations = wlcore_iface_combinations; 5731 wl->hw->wiphy->iface_combinations = wlcore_iface_combinations;
5315 wl->hw->wiphy->n_iface_combinations = 5732 wl->hw->wiphy->n_iface_combinations =
5316 ARRAY_SIZE(wlcore_iface_combinations); 5733 ARRAY_SIZE(wlcore_iface_combinations);
@@ -5327,7 +5744,8 @@ static int wl1271_init_ieee80211(struct wl1271 *wl)
5327 5744
5328#define WL1271_DEFAULT_CHANNEL 0 5745#define WL1271_DEFAULT_CHANNEL 0
5329 5746
5330struct ieee80211_hw *wlcore_alloc_hw(size_t priv_size, u32 aggr_buf_size) 5747struct ieee80211_hw *wlcore_alloc_hw(size_t priv_size, u32 aggr_buf_size,
5748 u32 mbox_size)
5331{ 5749{
5332 struct ieee80211_hw *hw; 5750 struct ieee80211_hw *hw;
5333 struct wl1271 *wl; 5751 struct wl1271 *wl;
@@ -5369,9 +5787,8 @@ struct ieee80211_hw *wlcore_alloc_hw(size_t priv_size, u32 aggr_buf_size)
5369 INIT_WORK(&wl->tx_work, wl1271_tx_work); 5787 INIT_WORK(&wl->tx_work, wl1271_tx_work);
5370 INIT_WORK(&wl->recovery_work, wl1271_recovery_work); 5788 INIT_WORK(&wl->recovery_work, wl1271_recovery_work);
5371 INIT_DELAYED_WORK(&wl->scan_complete_work, wl1271_scan_complete_work); 5789 INIT_DELAYED_WORK(&wl->scan_complete_work, wl1271_scan_complete_work);
5790 INIT_DELAYED_WORK(&wl->roc_complete_work, wlcore_roc_complete_work);
5372 INIT_DELAYED_WORK(&wl->tx_watchdog_work, wl12xx_tx_watchdog_work); 5791 INIT_DELAYED_WORK(&wl->tx_watchdog_work, wl12xx_tx_watchdog_work);
5373 INIT_DELAYED_WORK(&wl->connection_loss_work,
5374 wl1271_connection_loss_work);
5375 5792
5376 wl->freezable_wq = create_freezable_workqueue("wl12xx_wq"); 5793 wl->freezable_wq = create_freezable_workqueue("wl12xx_wq");
5377 if (!wl->freezable_wq) { 5794 if (!wl->freezable_wq) {
@@ -5387,14 +5804,15 @@ struct ieee80211_hw *wlcore_alloc_hw(size_t priv_size, u32 aggr_buf_size)
5387 wl->flags = 0; 5804 wl->flags = 0;
5388 wl->sg_enabled = true; 5805 wl->sg_enabled = true;
5389 wl->sleep_auth = WL1271_PSM_ILLEGAL; 5806 wl->sleep_auth = WL1271_PSM_ILLEGAL;
5807 wl->recovery_count = 0;
5390 wl->hw_pg_ver = -1; 5808 wl->hw_pg_ver = -1;
5391 wl->ap_ps_map = 0; 5809 wl->ap_ps_map = 0;
5392 wl->ap_fw_ps_map = 0; 5810 wl->ap_fw_ps_map = 0;
5393 wl->quirks = 0; 5811 wl->quirks = 0;
5394 wl->platform_quirks = 0; 5812 wl->platform_quirks = 0;
5395 wl->sched_scanning = false;
5396 wl->system_hlid = WL12XX_SYSTEM_HLID; 5813 wl->system_hlid = WL12XX_SYSTEM_HLID;
5397 wl->active_sta_count = 0; 5814 wl->active_sta_count = 0;
5815 wl->active_link_count = 0;
5398 wl->fwlog_size = 0; 5816 wl->fwlog_size = 0;
5399 init_waitqueue_head(&wl->fwlog_waitq); 5817 init_waitqueue_head(&wl->fwlog_waitq);
5400 5818
@@ -5434,14 +5852,24 @@ struct ieee80211_hw *wlcore_alloc_hw(size_t priv_size, u32 aggr_buf_size)
5434 goto err_dummy_packet; 5852 goto err_dummy_packet;
5435 } 5853 }
5436 5854
5437 wl->mbox = kmalloc(sizeof(*wl->mbox), GFP_KERNEL | GFP_DMA); 5855 wl->mbox_size = mbox_size;
5856 wl->mbox = kmalloc(wl->mbox_size, GFP_KERNEL | GFP_DMA);
5438 if (!wl->mbox) { 5857 if (!wl->mbox) {
5439 ret = -ENOMEM; 5858 ret = -ENOMEM;
5440 goto err_fwlog; 5859 goto err_fwlog;
5441 } 5860 }
5442 5861
5862 wl->buffer_32 = kmalloc(sizeof(*wl->buffer_32), GFP_KERNEL);
5863 if (!wl->buffer_32) {
5864 ret = -ENOMEM;
5865 goto err_mbox;
5866 }
5867
5443 return hw; 5868 return hw;
5444 5869
5870err_mbox:
5871 kfree(wl->mbox);
5872
5445err_fwlog: 5873err_fwlog:
5446 free_page((unsigned long)wl->fwlog); 5874 free_page((unsigned long)wl->fwlog);
5447 5875
@@ -5480,6 +5908,8 @@ int wlcore_free_hw(struct wl1271 *wl)
5480 device_remove_file(wl->dev, &dev_attr_hw_pg_ver); 5908 device_remove_file(wl->dev, &dev_attr_hw_pg_ver);
5481 5909
5482 device_remove_file(wl->dev, &dev_attr_bt_coex_state); 5910 device_remove_file(wl->dev, &dev_attr_bt_coex_state);
5911 kfree(wl->buffer_32);
5912 kfree(wl->mbox);
5483 free_page((unsigned long)wl->fwlog); 5913 free_page((unsigned long)wl->fwlog);
5484 dev_kfree_skb(wl->dummy_packet); 5914 dev_kfree_skb(wl->dummy_packet);
5485 free_pages((unsigned long)wl->aggr_buf, get_order(wl->aggr_buf_size)); 5915 free_pages((unsigned long)wl->aggr_buf, get_order(wl->aggr_buf_size));
@@ -5712,10 +6142,10 @@ module_param_named(fwlog, fwlog_param, charp, 0);
5712MODULE_PARM_DESC(fwlog, 6142MODULE_PARM_DESC(fwlog,
5713 "FW logger options: continuous, ondemand, dbgpins or disable"); 6143 "FW logger options: continuous, ondemand, dbgpins or disable");
5714 6144
5715module_param(bug_on_recovery, bool, S_IRUSR | S_IWUSR); 6145module_param(bug_on_recovery, int, S_IRUSR | S_IWUSR);
5716MODULE_PARM_DESC(bug_on_recovery, "BUG() on fw recovery"); 6146MODULE_PARM_DESC(bug_on_recovery, "BUG() on fw recovery");
5717 6147
5718module_param(no_recovery, bool, S_IRUSR | S_IWUSR); 6148module_param(no_recovery, int, S_IRUSR | S_IWUSR);
5719MODULE_PARM_DESC(no_recovery, "Prevent HW recovery. FW will remain stuck."); 6149MODULE_PARM_DESC(no_recovery, "Prevent HW recovery. FW will remain stuck.");
5720 6150
5721MODULE_LICENSE("GPL"); 6151MODULE_LICENSE("GPL");
diff --git a/drivers/net/wireless/ti/wlcore/ps.c b/drivers/net/wireless/ti/wlcore/ps.c
index 4d1414a673fb..9b7b6e2e4fbc 100644
--- a/drivers/net/wireless/ti/wlcore/ps.c
+++ b/drivers/net/wireless/ti/wlcore/ps.c
@@ -151,9 +151,6 @@ int wl1271_ps_elp_wakeup(struct wl1271 *wl)
151 wl12xx_queue_recovery_work(wl); 151 wl12xx_queue_recovery_work(wl);
152 ret = -ETIMEDOUT; 152 ret = -ETIMEDOUT;
153 goto err; 153 goto err;
154 } else if (ret < 0) {
155 wl1271_error("ELP wakeup completion error.");
156 goto err;
157 } 154 }
158 } 155 }
159 156
@@ -242,11 +239,12 @@ static void wl1271_ps_filter_frames(struct wl1271 *wl, u8 hlid)
242 struct ieee80211_tx_info *info; 239 struct ieee80211_tx_info *info;
243 unsigned long flags; 240 unsigned long flags;
244 int filtered[NUM_TX_QUEUES]; 241 int filtered[NUM_TX_QUEUES];
242 struct wl1271_link *lnk = &wl->links[hlid];
245 243
246 /* filter all frames currently in the low level queues for this hlid */ 244 /* filter all frames currently in the low level queues for this hlid */
247 for (i = 0; i < NUM_TX_QUEUES; i++) { 245 for (i = 0; i < NUM_TX_QUEUES; i++) {
248 filtered[i] = 0; 246 filtered[i] = 0;
249 while ((skb = skb_dequeue(&wl->links[hlid].tx_queue[i]))) { 247 while ((skb = skb_dequeue(&lnk->tx_queue[i]))) {
250 filtered[i]++; 248 filtered[i]++;
251 249
252 if (WARN_ON(wl12xx_is_dummy_packet(wl, skb))) 250 if (WARN_ON(wl12xx_is_dummy_packet(wl, skb)))
@@ -260,8 +258,11 @@ static void wl1271_ps_filter_frames(struct wl1271 *wl, u8 hlid)
260 } 258 }
261 259
262 spin_lock_irqsave(&wl->wl_lock, flags); 260 spin_lock_irqsave(&wl->wl_lock, flags);
263 for (i = 0; i < NUM_TX_QUEUES; i++) 261 for (i = 0; i < NUM_TX_QUEUES; i++) {
264 wl->tx_queue_count[i] -= filtered[i]; 262 wl->tx_queue_count[i] -= filtered[i];
263 if (lnk->wlvif)
264 lnk->wlvif->tx_queue_count[i] -= filtered[i];
265 }
265 spin_unlock_irqrestore(&wl->wl_lock, flags); 266 spin_unlock_irqrestore(&wl->wl_lock, flags);
266 267
267 wl1271_handle_tx_low_watermark(wl); 268 wl1271_handle_tx_low_watermark(wl);
diff --git a/drivers/net/wireless/ti/wlcore/rx.c b/drivers/net/wireless/ti/wlcore/rx.c
index 9ee0ec6fd1db..6791a1a6afba 100644
--- a/drivers/net/wireless/ti/wlcore/rx.c
+++ b/drivers/net/wireless/ti/wlcore/rx.c
@@ -92,11 +92,16 @@ static void wl1271_rx_status(struct wl1271 *wl,
92 status->flag |= RX_FLAG_IV_STRIPPED | RX_FLAG_MMIC_STRIPPED | 92 status->flag |= RX_FLAG_IV_STRIPPED | RX_FLAG_MMIC_STRIPPED |
93 RX_FLAG_DECRYPTED; 93 RX_FLAG_DECRYPTED;
94 94
95 if (unlikely(desc_err_code == WL1271_RX_DESC_MIC_FAIL)) { 95 if (unlikely(desc_err_code & WL1271_RX_DESC_MIC_FAIL)) {
96 status->flag |= RX_FLAG_MMIC_ERROR; 96 status->flag |= RX_FLAG_MMIC_ERROR;
97 wl1271_warning("Michael MIC error"); 97 wl1271_warning("Michael MIC error. Desc: 0x%x",
98 desc_err_code);
98 } 99 }
99 } 100 }
101
102 if (beacon)
103 wlcore_set_pending_regdomain_ch(wl, (u16)desc->channel,
104 status->band);
100} 105}
101 106
102static int wl1271_rx_handle_data(struct wl1271 *wl, u8 *data, u32 length, 107static int wl1271_rx_handle_data(struct wl1271 *wl, u8 *data, u32 length,
@@ -108,7 +113,7 @@ static int wl1271_rx_handle_data(struct wl1271 *wl, u8 *data, u32 length,
108 u8 *buf; 113 u8 *buf;
109 u8 beacon = 0; 114 u8 beacon = 0;
110 u8 is_data = 0; 115 u8 is_data = 0;
111 u8 reserved = 0; 116 u8 reserved = 0, offset_to_data = 0;
112 u16 seq_num; 117 u16 seq_num;
113 u32 pkt_data_len; 118 u32 pkt_data_len;
114 119
@@ -128,6 +133,8 @@ static int wl1271_rx_handle_data(struct wl1271 *wl, u8 *data, u32 length,
128 133
129 if (rx_align == WLCORE_RX_BUF_UNALIGNED) 134 if (rx_align == WLCORE_RX_BUF_UNALIGNED)
130 reserved = RX_BUF_ALIGN; 135 reserved = RX_BUF_ALIGN;
136 else if (rx_align == WLCORE_RX_BUF_PADDED)
137 offset_to_data = RX_BUF_ALIGN;
131 138
132 /* the data read starts with the descriptor */ 139 /* the data read starts with the descriptor */
133 desc = (struct wl1271_rx_descriptor *) data; 140 desc = (struct wl1271_rx_descriptor *) data;
@@ -139,19 +146,15 @@ static int wl1271_rx_handle_data(struct wl1271 *wl, u8 *data, u32 length,
139 return 0; 146 return 0;
140 } 147 }
141 148
142 switch (desc->status & WL1271_RX_DESC_STATUS_MASK) {
143 /* discard corrupted packets */ 149 /* discard corrupted packets */
144 case WL1271_RX_DESC_DRIVER_RX_Q_FAIL: 150 if (desc->status & WL1271_RX_DESC_DECRYPT_FAIL) {
145 case WL1271_RX_DESC_DECRYPT_FAIL: 151 hdr = (void *)(data + sizeof(*desc) + offset_to_data);
146 wl1271_warning("corrupted packet in RX with status: 0x%x", 152 wl1271_warning("corrupted packet in RX: status: 0x%x len: %d",
147 desc->status & WL1271_RX_DESC_STATUS_MASK); 153 desc->status & WL1271_RX_DESC_STATUS_MASK,
148 return -EINVAL; 154 pkt_data_len);
149 case WL1271_RX_DESC_SUCCESS: 155 wl1271_dump((DEBUG_RX|DEBUG_CMD), "PKT: ", data + sizeof(*desc),
150 case WL1271_RX_DESC_MIC_FAIL: 156 min(pkt_data_len,
151 break; 157 ieee80211_hdrlen(hdr->frame_control)));
152 default:
153 wl1271_error("invalid RX descriptor status: 0x%x",
154 desc->status & WL1271_RX_DESC_STATUS_MASK);
155 return -EINVAL; 158 return -EINVAL;
156 } 159 }
157 160
diff --git a/drivers/net/wireless/ti/wlcore/rx.h b/drivers/net/wireless/ti/wlcore/rx.h
index 71eba1899915..3363f60fb7da 100644
--- a/drivers/net/wireless/ti/wlcore/rx.h
+++ b/drivers/net/wireless/ti/wlcore/rx.h
@@ -84,12 +84,11 @@
84 * Bits 3-5 - process_id tag (AP mode FW) 84 * Bits 3-5 - process_id tag (AP mode FW)
85 * Bits 6-7 - reserved 85 * Bits 6-7 - reserved
86 */ 86 */
87#define WL1271_RX_DESC_STATUS_MASK 0x03 87#define WL1271_RX_DESC_STATUS_MASK 0x07
88 88
89#define WL1271_RX_DESC_SUCCESS 0x00 89#define WL1271_RX_DESC_SUCCESS 0x00
90#define WL1271_RX_DESC_DECRYPT_FAIL 0x01 90#define WL1271_RX_DESC_DECRYPT_FAIL 0x01
91#define WL1271_RX_DESC_MIC_FAIL 0x02 91#define WL1271_RX_DESC_MIC_FAIL 0x02
92#define WL1271_RX_DESC_DRIVER_RX_Q_FAIL 0x03
93 92
94#define RX_MEM_BLOCK_MASK 0xFF 93#define RX_MEM_BLOCK_MASK 0xFF
95#define RX_BUF_SIZE_MASK 0xFFF00 94#define RX_BUF_SIZE_MASK 0xFFF00
diff --git a/drivers/net/wireless/ti/wlcore/scan.c b/drivers/net/wireless/ti/wlcore/scan.c
index d00501493dfe..f407101e525b 100644
--- a/drivers/net/wireless/ti/wlcore/scan.c
+++ b/drivers/net/wireless/ti/wlcore/scan.c
@@ -35,7 +35,6 @@ void wl1271_scan_complete_work(struct work_struct *work)
35{ 35{
36 struct delayed_work *dwork; 36 struct delayed_work *dwork;
37 struct wl1271 *wl; 37 struct wl1271 *wl;
38 struct ieee80211_vif *vif;
39 struct wl12xx_vif *wlvif; 38 struct wl12xx_vif *wlvif;
40 int ret; 39 int ret;
41 40
@@ -52,8 +51,7 @@ void wl1271_scan_complete_work(struct work_struct *work)
52 if (wl->scan.state == WL1271_SCAN_STATE_IDLE) 51 if (wl->scan.state == WL1271_SCAN_STATE_IDLE)
53 goto out; 52 goto out;
54 53
55 vif = wl->scan_vif; 54 wlvif = wl->scan_wlvif;
56 wlvif = wl12xx_vif_to_data(vif);
57 55
58 /* 56 /*
59 * Rearm the tx watchdog just before idling scan. This 57 * Rearm the tx watchdog just before idling scan. This
@@ -64,7 +62,7 @@ void wl1271_scan_complete_work(struct work_struct *work)
64 wl->scan.state = WL1271_SCAN_STATE_IDLE; 62 wl->scan.state = WL1271_SCAN_STATE_IDLE;
65 memset(wl->scan.scanned_ch, 0, sizeof(wl->scan.scanned_ch)); 63 memset(wl->scan.scanned_ch, 0, sizeof(wl->scan.scanned_ch));
66 wl->scan.req = NULL; 64 wl->scan.req = NULL;
67 wl->scan_vif = NULL; 65 wl->scan_wlvif = NULL;
68 66
69 ret = wl1271_ps_elp_wakeup(wl); 67 ret = wl1271_ps_elp_wakeup(wl);
70 if (ret < 0) 68 if (ret < 0)
@@ -82,6 +80,8 @@ void wl1271_scan_complete_work(struct work_struct *work)
82 wl12xx_queue_recovery_work(wl); 80 wl12xx_queue_recovery_work(wl);
83 } 81 }
84 82
83 wlcore_cmd_regdomain_config_locked(wl);
84
85 ieee80211_scan_completed(wl->hw, false); 85 ieee80211_scan_completed(wl->hw, false);
86 86
87out: 87out:
@@ -89,371 +89,99 @@ out:
89 89
90} 90}
91 91
92 92static void wlcore_started_vifs_iter(void *data, u8 *mac,
93static int wl1271_get_scan_channels(struct wl1271 *wl, 93 struct ieee80211_vif *vif)
94 struct cfg80211_scan_request *req,
95 struct basic_scan_channel_params *channels,
96 enum ieee80211_band band, bool passive)
97{
98 struct conf_scan_settings *c = &wl->conf.scan;
99 int i, j;
100 u32 flags;
101
102 for (i = 0, j = 0;
103 i < req->n_channels && j < WL1271_SCAN_MAX_CHANNELS;
104 i++) {
105 flags = req->channels[i]->flags;
106
107 if (!test_bit(i, wl->scan.scanned_ch) &&
108 !(flags & IEEE80211_CHAN_DISABLED) &&
109 (req->channels[i]->band == band) &&
110 /*
111 * In passive scans, we scan all remaining
112 * channels, even if not marked as such.
113 * In active scans, we only scan channels not
114 * marked as passive.
115 */
116 (passive || !(flags & IEEE80211_CHAN_PASSIVE_SCAN))) {
117 wl1271_debug(DEBUG_SCAN, "band %d, center_freq %d ",
118 req->channels[i]->band,
119 req->channels[i]->center_freq);
120 wl1271_debug(DEBUG_SCAN, "hw_value %d, flags %X",
121 req->channels[i]->hw_value,
122 req->channels[i]->flags);
123 wl1271_debug(DEBUG_SCAN,
124 "max_antenna_gain %d, max_power %d",
125 req->channels[i]->max_antenna_gain,
126 req->channels[i]->max_power);
127 wl1271_debug(DEBUG_SCAN, "beacon_found %d",
128 req->channels[i]->beacon_found);
129
130 if (!passive) {
131 channels[j].min_duration =
132 cpu_to_le32(c->min_dwell_time_active);
133 channels[j].max_duration =
134 cpu_to_le32(c->max_dwell_time_active);
135 } else {
136 channels[j].min_duration =
137 cpu_to_le32(c->min_dwell_time_passive);
138 channels[j].max_duration =
139 cpu_to_le32(c->max_dwell_time_passive);
140 }
141 channels[j].early_termination = 0;
142 channels[j].tx_power_att = req->channels[i]->max_power;
143 channels[j].channel = req->channels[i]->hw_value;
144
145 memset(&channels[j].bssid_lsb, 0xff, 4);
146 memset(&channels[j].bssid_msb, 0xff, 2);
147
148 /* Mark the channels we already used */
149 set_bit(i, wl->scan.scanned_ch);
150
151 j++;
152 }
153 }
154
155 return j;
156}
157
158#define WL1271_NOTHING_TO_SCAN 1
159
160static int wl1271_scan_send(struct wl1271 *wl, struct ieee80211_vif *vif,
161 enum ieee80211_band band,
162 bool passive, u32 basic_rate)
163{ 94{
164 struct wl12xx_vif *wlvif = wl12xx_vif_to_data(vif); 95 int *count = (int *)data;
165 struct wl1271_cmd_scan *cmd;
166 struct wl1271_cmd_trigger_scan_to *trigger;
167 int ret;
168 u16 scan_options = 0;
169
170 /* skip active scans if we don't have SSIDs */
171 if (!passive && wl->scan.req->n_ssids == 0)
172 return WL1271_NOTHING_TO_SCAN;
173
174 cmd = kzalloc(sizeof(*cmd), GFP_KERNEL);
175 trigger = kzalloc(sizeof(*trigger), GFP_KERNEL);
176 if (!cmd || !trigger) {
177 ret = -ENOMEM;
178 goto out;
179 }
180
181 if (wl->conf.scan.split_scan_timeout)
182 scan_options |= WL1271_SCAN_OPT_SPLIT_SCAN;
183
184 if (passive)
185 scan_options |= WL1271_SCAN_OPT_PASSIVE;
186
187 cmd->params.role_id = wlvif->role_id;
188
189 if (WARN_ON(cmd->params.role_id == WL12XX_INVALID_ROLE_ID)) {
190 ret = -EINVAL;
191 goto out;
192 }
193
194 cmd->params.scan_options = cpu_to_le16(scan_options);
195
196 cmd->params.n_ch = wl1271_get_scan_channels(wl, wl->scan.req,
197 cmd->channels,
198 band, passive);
199 if (cmd->params.n_ch == 0) {
200 ret = WL1271_NOTHING_TO_SCAN;
201 goto out;
202 }
203
204 cmd->params.tx_rate = cpu_to_le32(basic_rate);
205 cmd->params.n_probe_reqs = wl->conf.scan.num_probe_reqs;
206 cmd->params.tid_trigger = CONF_TX_AC_ANY_TID;
207 cmd->params.scan_tag = WL1271_SCAN_DEFAULT_TAG;
208
209 if (band == IEEE80211_BAND_2GHZ)
210 cmd->params.band = WL1271_SCAN_BAND_2_4_GHZ;
211 else
212 cmd->params.band = WL1271_SCAN_BAND_5_GHZ;
213
214 if (wl->scan.ssid_len && wl->scan.ssid) {
215 cmd->params.ssid_len = wl->scan.ssid_len;
216 memcpy(cmd->params.ssid, wl->scan.ssid, wl->scan.ssid_len);
217 }
218
219 memcpy(cmd->addr, vif->addr, ETH_ALEN);
220
221 ret = wl12xx_cmd_build_probe_req(wl, wlvif,
222 cmd->params.role_id, band,
223 wl->scan.ssid, wl->scan.ssid_len,
224 wl->scan.req->ie,
225 wl->scan.req->ie_len, false);
226 if (ret < 0) {
227 wl1271_error("PROBE request template failed");
228 goto out;
229 }
230
231 trigger->timeout = cpu_to_le32(wl->conf.scan.split_scan_timeout);
232 ret = wl1271_cmd_send(wl, CMD_TRIGGER_SCAN_TO, trigger,
233 sizeof(*trigger), 0);
234 if (ret < 0) {
235 wl1271_error("trigger scan to failed for hw scan");
236 goto out;
237 }
238
239 wl1271_dump(DEBUG_SCAN, "SCAN: ", cmd, sizeof(*cmd));
240 96
241 ret = wl1271_cmd_send(wl, CMD_SCAN, cmd, sizeof(*cmd), 0); 97 if (!vif->bss_conf.idle)
242 if (ret < 0) { 98 (*count)++;
243 wl1271_error("SCAN failed");
244 goto out;
245 }
246
247out:
248 kfree(cmd);
249 kfree(trigger);
250 return ret;
251} 99}
252 100
253void wl1271_scan_stm(struct wl1271 *wl, struct ieee80211_vif *vif) 101static int wlcore_count_started_vifs(struct wl1271 *wl)
254{ 102{
255 struct wl12xx_vif *wlvif = wl12xx_vif_to_data(vif); 103 int count = 0;
256 int ret = 0;
257 enum ieee80211_band band;
258 u32 rate, mask;
259
260 switch (wl->scan.state) {
261 case WL1271_SCAN_STATE_IDLE:
262 break;
263
264 case WL1271_SCAN_STATE_2GHZ_ACTIVE:
265 band = IEEE80211_BAND_2GHZ;
266 mask = wlvif->bitrate_masks[band];
267 if (wl->scan.req->no_cck) {
268 mask &= ~CONF_TX_CCK_RATES;
269 if (!mask)
270 mask = CONF_TX_RATE_MASK_BASIC_P2P;
271 }
272 rate = wl1271_tx_min_rate_get(wl, mask);
273 ret = wl1271_scan_send(wl, vif, band, false, rate);
274 if (ret == WL1271_NOTHING_TO_SCAN) {
275 wl->scan.state = WL1271_SCAN_STATE_2GHZ_PASSIVE;
276 wl1271_scan_stm(wl, vif);
277 }
278
279 break;
280
281 case WL1271_SCAN_STATE_2GHZ_PASSIVE:
282 band = IEEE80211_BAND_2GHZ;
283 mask = wlvif->bitrate_masks[band];
284 if (wl->scan.req->no_cck) {
285 mask &= ~CONF_TX_CCK_RATES;
286 if (!mask)
287 mask = CONF_TX_RATE_MASK_BASIC_P2P;
288 }
289 rate = wl1271_tx_min_rate_get(wl, mask);
290 ret = wl1271_scan_send(wl, vif, band, true, rate);
291 if (ret == WL1271_NOTHING_TO_SCAN) {
292 if (wl->enable_11a)
293 wl->scan.state = WL1271_SCAN_STATE_5GHZ_ACTIVE;
294 else
295 wl->scan.state = WL1271_SCAN_STATE_DONE;
296 wl1271_scan_stm(wl, vif);
297 }
298
299 break;
300 104
301 case WL1271_SCAN_STATE_5GHZ_ACTIVE: 105 ieee80211_iterate_active_interfaces_atomic(wl->hw,
302 band = IEEE80211_BAND_5GHZ; 106 IEEE80211_IFACE_ITER_RESUME_ALL,
303 rate = wl1271_tx_min_rate_get(wl, wlvif->bitrate_masks[band]); 107 wlcore_started_vifs_iter, &count);
304 ret = wl1271_scan_send(wl, vif, band, false, rate); 108 return count;
305 if (ret == WL1271_NOTHING_TO_SCAN) {
306 wl->scan.state = WL1271_SCAN_STATE_5GHZ_PASSIVE;
307 wl1271_scan_stm(wl, vif);
308 }
309
310 break;
311
312 case WL1271_SCAN_STATE_5GHZ_PASSIVE:
313 band = IEEE80211_BAND_5GHZ;
314 rate = wl1271_tx_min_rate_get(wl, wlvif->bitrate_masks[band]);
315 ret = wl1271_scan_send(wl, vif, band, true, rate);
316 if (ret == WL1271_NOTHING_TO_SCAN) {
317 wl->scan.state = WL1271_SCAN_STATE_DONE;
318 wl1271_scan_stm(wl, vif);
319 }
320
321 break;
322
323 case WL1271_SCAN_STATE_DONE:
324 wl->scan.failed = false;
325 cancel_delayed_work(&wl->scan_complete_work);
326 ieee80211_queue_delayed_work(wl->hw, &wl->scan_complete_work,
327 msecs_to_jiffies(0));
328 break;
329
330 default:
331 wl1271_error("invalid scan state");
332 break;
333 }
334
335 if (ret < 0) {
336 cancel_delayed_work(&wl->scan_complete_work);
337 ieee80211_queue_delayed_work(wl->hw, &wl->scan_complete_work,
338 msecs_to_jiffies(0));
339 }
340}
341
342int wl1271_scan(struct wl1271 *wl, struct ieee80211_vif *vif,
343 const u8 *ssid, size_t ssid_len,
344 struct cfg80211_scan_request *req)
345{
346 /*
347 * cfg80211 should guarantee that we don't get more channels
348 * than what we have registered.
349 */
350 BUG_ON(req->n_channels > WL1271_MAX_CHANNELS);
351
352 if (wl->scan.state != WL1271_SCAN_STATE_IDLE)
353 return -EBUSY;
354
355 wl->scan.state = WL1271_SCAN_STATE_2GHZ_ACTIVE;
356
357 if (ssid_len && ssid) {
358 wl->scan.ssid_len = ssid_len;
359 memcpy(wl->scan.ssid, ssid, ssid_len);
360 } else {
361 wl->scan.ssid_len = 0;
362 }
363
364 wl->scan_vif = vif;
365 wl->scan.req = req;
366 memset(wl->scan.scanned_ch, 0, sizeof(wl->scan.scanned_ch));
367
368 /* we assume failure so that timeout scenarios are handled correctly */
369 wl->scan.failed = true;
370 ieee80211_queue_delayed_work(wl->hw, &wl->scan_complete_work,
371 msecs_to_jiffies(WL1271_SCAN_TIMEOUT));
372
373 wl1271_scan_stm(wl, vif);
374
375 return 0;
376}
377
378int wl1271_scan_stop(struct wl1271 *wl)
379{
380 struct wl1271_cmd_header *cmd = NULL;
381 int ret = 0;
382
383 if (WARN_ON(wl->scan.state == WL1271_SCAN_STATE_IDLE))
384 return -EINVAL;
385
386 wl1271_debug(DEBUG_CMD, "cmd scan stop");
387
388 cmd = kzalloc(sizeof(*cmd), GFP_KERNEL);
389 if (!cmd) {
390 ret = -ENOMEM;
391 goto out;
392 }
393
394 ret = wl1271_cmd_send(wl, CMD_STOP_SCAN, cmd,
395 sizeof(*cmd), 0);
396 if (ret < 0) {
397 wl1271_error("cmd stop_scan failed");
398 goto out;
399 }
400out:
401 kfree(cmd);
402 return ret;
403} 109}
404 110
405static int 111static int
406wl1271_scan_get_sched_scan_channels(struct wl1271 *wl, 112wlcore_scan_get_channels(struct wl1271 *wl,
407 struct cfg80211_sched_scan_request *req, 113 struct ieee80211_channel *req_channels[],
408 struct conn_scan_ch_params *channels, 114 u32 n_channels,
409 u32 band, bool radar, bool passive, 115 u32 n_ssids,
410 int start, int max_channels, 116 struct conn_scan_ch_params *channels,
411 u8 *n_pactive_ch) 117 u32 band, bool radar, bool passive,
118 int start, int max_channels,
119 u8 *n_pactive_ch,
120 int scan_type)
412{ 121{
413 struct conf_sched_scan_settings *c = &wl->conf.sched_scan;
414 int i, j; 122 int i, j;
415 u32 flags; 123 u32 flags;
416 bool force_passive = !req->n_ssids; 124 bool force_passive = !n_ssids;
417 u32 min_dwell_time_active, max_dwell_time_active, delta_per_probe; 125 u32 min_dwell_time_active, max_dwell_time_active;
418 u32 dwell_time_passive, dwell_time_dfs; 126 u32 dwell_time_passive, dwell_time_dfs;
419 127
420 if (band == IEEE80211_BAND_5GHZ) 128 /* configure dwell times according to scan type */
421 delta_per_probe = c->dwell_time_delta_per_probe_5; 129 if (scan_type == SCAN_TYPE_SEARCH) {
422 else 130 struct conf_scan_settings *c = &wl->conf.scan;
423 delta_per_probe = c->dwell_time_delta_per_probe; 131 bool active_vif_exists = !!wlcore_count_started_vifs(wl);
132
133 min_dwell_time_active = active_vif_exists ?
134 c->min_dwell_time_active :
135 c->min_dwell_time_active_long;
136 max_dwell_time_active = active_vif_exists ?
137 c->max_dwell_time_active :
138 c->max_dwell_time_active_long;
139 dwell_time_passive = c->dwell_time_passive;
140 dwell_time_dfs = c->dwell_time_dfs;
141 } else {
142 struct conf_sched_scan_settings *c = &wl->conf.sched_scan;
143 u32 delta_per_probe;
424 144
425 min_dwell_time_active = c->base_dwell_time + 145 if (band == IEEE80211_BAND_5GHZ)
426 req->n_ssids * c->num_probe_reqs * delta_per_probe; 146 delta_per_probe = c->dwell_time_delta_per_probe_5;
147 else
148 delta_per_probe = c->dwell_time_delta_per_probe;
427 149
428 max_dwell_time_active = min_dwell_time_active + c->max_dwell_time_delta; 150 min_dwell_time_active = c->base_dwell_time +
151 n_ssids * c->num_probe_reqs * delta_per_probe;
429 152
153 max_dwell_time_active = min_dwell_time_active +
154 c->max_dwell_time_delta;
155 dwell_time_passive = c->dwell_time_passive;
156 dwell_time_dfs = c->dwell_time_dfs;
157 }
430 min_dwell_time_active = DIV_ROUND_UP(min_dwell_time_active, 1000); 158 min_dwell_time_active = DIV_ROUND_UP(min_dwell_time_active, 1000);
431 max_dwell_time_active = DIV_ROUND_UP(max_dwell_time_active, 1000); 159 max_dwell_time_active = DIV_ROUND_UP(max_dwell_time_active, 1000);
432 dwell_time_passive = DIV_ROUND_UP(c->dwell_time_passive, 1000); 160 dwell_time_passive = DIV_ROUND_UP(dwell_time_passive, 1000);
433 dwell_time_dfs = DIV_ROUND_UP(c->dwell_time_dfs, 1000); 161 dwell_time_dfs = DIV_ROUND_UP(dwell_time_dfs, 1000);
434 162
435 for (i = 0, j = start; 163 for (i = 0, j = start;
436 i < req->n_channels && j < max_channels; 164 i < n_channels && j < max_channels;
437 i++) { 165 i++) {
438 flags = req->channels[i]->flags; 166 flags = req_channels[i]->flags;
439 167
440 if (force_passive) 168 if (force_passive)
441 flags |= IEEE80211_CHAN_PASSIVE_SCAN; 169 flags |= IEEE80211_CHAN_PASSIVE_SCAN;
442 170
443 if ((req->channels[i]->band == band) && 171 if ((req_channels[i]->band == band) &&
444 !(flags & IEEE80211_CHAN_DISABLED) && 172 !(flags & IEEE80211_CHAN_DISABLED) &&
445 (!!(flags & IEEE80211_CHAN_RADAR) == radar) && 173 (!!(flags & IEEE80211_CHAN_RADAR) == radar) &&
446 /* if radar is set, we ignore the passive flag */ 174 /* if radar is set, we ignore the passive flag */
447 (radar || 175 (radar ||
448 !!(flags & IEEE80211_CHAN_PASSIVE_SCAN) == passive)) { 176 !!(flags & IEEE80211_CHAN_PASSIVE_SCAN) == passive)) {
449 wl1271_debug(DEBUG_SCAN, "band %d, center_freq %d ", 177 wl1271_debug(DEBUG_SCAN, "band %d, center_freq %d ",
450 req->channels[i]->band, 178 req_channels[i]->band,
451 req->channels[i]->center_freq); 179 req_channels[i]->center_freq);
452 wl1271_debug(DEBUG_SCAN, "hw_value %d, flags %X", 180 wl1271_debug(DEBUG_SCAN, "hw_value %d, flags %X",
453 req->channels[i]->hw_value, 181 req_channels[i]->hw_value,
454 req->channels[i]->flags); 182 req_channels[i]->flags);
455 wl1271_debug(DEBUG_SCAN, "max_power %d", 183 wl1271_debug(DEBUG_SCAN, "max_power %d",
456 req->channels[i]->max_power); 184 req_channels[i]->max_power);
457 wl1271_debug(DEBUG_SCAN, "min_dwell_time %d max dwell time %d", 185 wl1271_debug(DEBUG_SCAN, "min_dwell_time %d max dwell time %d",
458 min_dwell_time_active, 186 min_dwell_time_active,
459 max_dwell_time_active); 187 max_dwell_time_active);
@@ -473,10 +201,11 @@ wl1271_scan_get_sched_scan_channels(struct wl1271 *wl,
473 channels[j].max_duration = 201 channels[j].max_duration =
474 cpu_to_le16(max_dwell_time_active); 202 cpu_to_le16(max_dwell_time_active);
475 203
476 channels[j].tx_power_att = req->channels[i]->max_power; 204 channels[j].tx_power_att = req_channels[i]->max_power;
477 channels[j].channel = req->channels[i]->hw_value; 205 channels[j].channel = req_channels[i]->hw_value;
478 206
479 if ((band == IEEE80211_BAND_2GHZ) && 207 if (n_pactive_ch &&
208 (band == IEEE80211_BAND_2GHZ) &&
480 (channels[j].channel >= 12) && 209 (channels[j].channel >= 12) &&
481 (channels[j].channel <= 14) && 210 (channels[j].channel <= 14) &&
482 (flags & IEEE80211_CHAN_PASSIVE_SCAN) && 211 (flags & IEEE80211_CHAN_PASSIVE_SCAN) &&
@@ -500,51 +229,80 @@ wl1271_scan_get_sched_scan_channels(struct wl1271 *wl,
500 return j - start; 229 return j - start;
501} 230}
502 231
503static bool 232bool
504wl1271_scan_sched_scan_channels(struct wl1271 *wl, 233wlcore_set_scan_chan_params(struct wl1271 *wl,
505 struct cfg80211_sched_scan_request *req, 234 struct wlcore_scan_channels *cfg,
506 struct wl1271_cmd_sched_scan_config *cfg) 235 struct ieee80211_channel *channels[],
236 u32 n_channels,
237 u32 n_ssids,
238 int scan_type)
507{ 239{
508 u8 n_pactive_ch = 0; 240 u8 n_pactive_ch = 0;
509 241
510 cfg->passive[0] = 242 cfg->passive[0] =
511 wl1271_scan_get_sched_scan_channels(wl, req, cfg->channels_2, 243 wlcore_scan_get_channels(wl,
512 IEEE80211_BAND_2GHZ, 244 channels,
513 false, true, 0, 245 n_channels,
514 MAX_CHANNELS_2GHZ, 246 n_ssids,
515 &n_pactive_ch); 247 cfg->channels_2,
248 IEEE80211_BAND_2GHZ,
249 false, true, 0,
250 MAX_CHANNELS_2GHZ,
251 &n_pactive_ch,
252 scan_type);
516 cfg->active[0] = 253 cfg->active[0] =
517 wl1271_scan_get_sched_scan_channels(wl, req, cfg->channels_2, 254 wlcore_scan_get_channels(wl,
518 IEEE80211_BAND_2GHZ, 255 channels,
519 false, false, 256 n_channels,
520 cfg->passive[0], 257 n_ssids,
521 MAX_CHANNELS_2GHZ, 258 cfg->channels_2,
522 &n_pactive_ch); 259 IEEE80211_BAND_2GHZ,
260 false, false,
261 cfg->passive[0],
262 MAX_CHANNELS_2GHZ,
263 &n_pactive_ch,
264 scan_type);
523 cfg->passive[1] = 265 cfg->passive[1] =
524 wl1271_scan_get_sched_scan_channels(wl, req, cfg->channels_5, 266 wlcore_scan_get_channels(wl,
525 IEEE80211_BAND_5GHZ, 267 channels,
526 false, true, 0, 268 n_channels,
527 MAX_CHANNELS_5GHZ, 269 n_ssids,
528 &n_pactive_ch); 270 cfg->channels_5,
271 IEEE80211_BAND_5GHZ,
272 false, true, 0,
273 wl->max_channels_5,
274 &n_pactive_ch,
275 scan_type);
529 cfg->dfs = 276 cfg->dfs =
530 wl1271_scan_get_sched_scan_channels(wl, req, cfg->channels_5, 277 wlcore_scan_get_channels(wl,
531 IEEE80211_BAND_5GHZ, 278 channels,
532 true, true, 279 n_channels,
533 cfg->passive[1], 280 n_ssids,
534 MAX_CHANNELS_5GHZ, 281 cfg->channels_5,
535 &n_pactive_ch); 282 IEEE80211_BAND_5GHZ,
283 true, true,
284 cfg->passive[1],
285 wl->max_channels_5,
286 &n_pactive_ch,
287 scan_type);
536 cfg->active[1] = 288 cfg->active[1] =
537 wl1271_scan_get_sched_scan_channels(wl, req, cfg->channels_5, 289 wlcore_scan_get_channels(wl,
538 IEEE80211_BAND_5GHZ, 290 channels,
539 false, false, 291 n_channels,
540 cfg->passive[1] + cfg->dfs, 292 n_ssids,
541 MAX_CHANNELS_5GHZ, 293 cfg->channels_5,
542 &n_pactive_ch); 294 IEEE80211_BAND_5GHZ,
295 false, false,
296 cfg->passive[1] + cfg->dfs,
297 wl->max_channels_5,
298 &n_pactive_ch,
299 scan_type);
300
543 /* 802.11j channels are not supported yet */ 301 /* 802.11j channels are not supported yet */
544 cfg->passive[2] = 0; 302 cfg->passive[2] = 0;
545 cfg->active[2] = 0; 303 cfg->active[2] = 0;
546 304
547 cfg->n_pactive_ch = n_pactive_ch; 305 cfg->passive_active = n_pactive_ch;
548 306
549 wl1271_debug(DEBUG_SCAN, " 2.4GHz: active %d passive %d", 307 wl1271_debug(DEBUG_SCAN, " 2.4GHz: active %d passive %d",
550 cfg->active[0], cfg->passive[0]); 308 cfg->active[0], cfg->passive[0]);
@@ -556,10 +314,48 @@ wl1271_scan_sched_scan_channels(struct wl1271 *wl,
556 cfg->passive[1] || cfg->active[1] || cfg->dfs || 314 cfg->passive[1] || cfg->active[1] || cfg->dfs ||
557 cfg->passive[2] || cfg->active[2]; 315 cfg->passive[2] || cfg->active[2];
558} 316}
317EXPORT_SYMBOL_GPL(wlcore_set_scan_chan_params);
318
319int wlcore_scan(struct wl1271 *wl, struct ieee80211_vif *vif,
320 const u8 *ssid, size_t ssid_len,
321 struct cfg80211_scan_request *req)
322{
323 struct wl12xx_vif *wlvif = wl12xx_vif_to_data(vif);
324
325 /*
326 * cfg80211 should guarantee that we don't get more channels
327 * than what we have registered.
328 */
329 BUG_ON(req->n_channels > WL1271_MAX_CHANNELS);
330
331 if (wl->scan.state != WL1271_SCAN_STATE_IDLE)
332 return -EBUSY;
333
334 wl->scan.state = WL1271_SCAN_STATE_2GHZ_ACTIVE;
335
336 if (ssid_len && ssid) {
337 wl->scan.ssid_len = ssid_len;
338 memcpy(wl->scan.ssid, ssid, ssid_len);
339 } else {
340 wl->scan.ssid_len = 0;
341 }
342
343 wl->scan_wlvif = wlvif;
344 wl->scan.req = req;
345 memset(wl->scan.scanned_ch, 0, sizeof(wl->scan.scanned_ch));
346
347 /* we assume failure so that timeout scenarios are handled correctly */
348 wl->scan.failed = true;
349 ieee80211_queue_delayed_work(wl->hw, &wl->scan_complete_work,
350 msecs_to_jiffies(WL1271_SCAN_TIMEOUT));
559 351
352 wl->ops->scan_start(wl, wlvif, req);
353
354 return 0;
355}
560/* Returns the scan type to be used or a negative value on error */ 356/* Returns the scan type to be used or a negative value on error */
561static int 357int
562wl12xx_scan_sched_scan_ssid_list(struct wl1271 *wl, 358wlcore_scan_sched_scan_ssid_list(struct wl1271 *wl,
563 struct wl12xx_vif *wlvif, 359 struct wl12xx_vif *wlvif,
564 struct cfg80211_sched_scan_request *req) 360 struct cfg80211_sched_scan_request *req)
565{ 361{
@@ -662,160 +458,12 @@ out:
662 return ret; 458 return ret;
663 return type; 459 return type;
664} 460}
461EXPORT_SYMBOL_GPL(wlcore_scan_sched_scan_ssid_list);
665 462
666int wl1271_scan_sched_scan_config(struct wl1271 *wl, 463void wlcore_scan_sched_scan_results(struct wl1271 *wl)
667 struct wl12xx_vif *wlvif,
668 struct cfg80211_sched_scan_request *req,
669 struct ieee80211_sched_scan_ies *ies)
670{
671 struct wl1271_cmd_sched_scan_config *cfg = NULL;
672 struct conf_sched_scan_settings *c = &wl->conf.sched_scan;
673 int i, ret;
674 bool force_passive = !req->n_ssids;
675
676 wl1271_debug(DEBUG_CMD, "cmd sched_scan scan config");
677
678 cfg = kzalloc(sizeof(*cfg), GFP_KERNEL);
679 if (!cfg)
680 return -ENOMEM;
681
682 cfg->role_id = wlvif->role_id;
683 cfg->rssi_threshold = c->rssi_threshold;
684 cfg->snr_threshold = c->snr_threshold;
685 cfg->n_probe_reqs = c->num_probe_reqs;
686 /* cycles set to 0 it means infinite (until manually stopped) */
687 cfg->cycles = 0;
688 /* report APs when at least 1 is found */
689 cfg->report_after = 1;
690 /* don't stop scanning automatically when something is found */
691 cfg->terminate = 0;
692 cfg->tag = WL1271_SCAN_DEFAULT_TAG;
693 /* don't filter on BSS type */
694 cfg->bss_type = SCAN_BSS_TYPE_ANY;
695 /* currently NL80211 supports only a single interval */
696 for (i = 0; i < SCAN_MAX_CYCLE_INTERVALS; i++)
697 cfg->intervals[i] = cpu_to_le32(req->interval);
698
699 cfg->ssid_len = 0;
700 ret = wl12xx_scan_sched_scan_ssid_list(wl, wlvif, req);
701 if (ret < 0)
702 goto out;
703
704 cfg->filter_type = ret;
705
706 wl1271_debug(DEBUG_SCAN, "filter_type = %d", cfg->filter_type);
707
708 if (!wl1271_scan_sched_scan_channels(wl, req, cfg)) {
709 wl1271_error("scan channel list is empty");
710 ret = -EINVAL;
711 goto out;
712 }
713
714 if (!force_passive && cfg->active[0]) {
715 u8 band = IEEE80211_BAND_2GHZ;
716 ret = wl12xx_cmd_build_probe_req(wl, wlvif,
717 wlvif->role_id, band,
718 req->ssids[0].ssid,
719 req->ssids[0].ssid_len,
720 ies->ie[band],
721 ies->len[band], true);
722 if (ret < 0) {
723 wl1271_error("2.4GHz PROBE request template failed");
724 goto out;
725 }
726 }
727
728 if (!force_passive && cfg->active[1]) {
729 u8 band = IEEE80211_BAND_5GHZ;
730 ret = wl12xx_cmd_build_probe_req(wl, wlvif,
731 wlvif->role_id, band,
732 req->ssids[0].ssid,
733 req->ssids[0].ssid_len,
734 ies->ie[band],
735 ies->len[band], true);
736 if (ret < 0) {
737 wl1271_error("5GHz PROBE request template failed");
738 goto out;
739 }
740 }
741
742 wl1271_dump(DEBUG_SCAN, "SCAN_CFG: ", cfg, sizeof(*cfg));
743
744 ret = wl1271_cmd_send(wl, CMD_CONNECTION_SCAN_CFG, cfg,
745 sizeof(*cfg), 0);
746 if (ret < 0) {
747 wl1271_error("SCAN configuration failed");
748 goto out;
749 }
750out:
751 kfree(cfg);
752 return ret;
753}
754
755int wl1271_scan_sched_scan_start(struct wl1271 *wl, struct wl12xx_vif *wlvif)
756{
757 struct wl1271_cmd_sched_scan_start *start;
758 int ret = 0;
759
760 wl1271_debug(DEBUG_CMD, "cmd periodic scan start");
761
762 if (wlvif->bss_type != BSS_TYPE_STA_BSS)
763 return -EOPNOTSUPP;
764
765 if ((wl->quirks & WLCORE_QUIRK_NO_SCHED_SCAN_WHILE_CONN) &&
766 test_bit(WLVIF_FLAG_IN_USE, &wlvif->flags))
767 return -EBUSY;
768
769 start = kzalloc(sizeof(*start), GFP_KERNEL);
770 if (!start)
771 return -ENOMEM;
772
773 start->role_id = wlvif->role_id;
774 start->tag = WL1271_SCAN_DEFAULT_TAG;
775
776 ret = wl1271_cmd_send(wl, CMD_START_PERIODIC_SCAN, start,
777 sizeof(*start), 0);
778 if (ret < 0) {
779 wl1271_error("failed to send scan start command");
780 goto out_free;
781 }
782
783out_free:
784 kfree(start);
785 return ret;
786}
787
788void wl1271_scan_sched_scan_results(struct wl1271 *wl)
789{ 464{
790 wl1271_debug(DEBUG_SCAN, "got periodic scan results"); 465 wl1271_debug(DEBUG_SCAN, "got periodic scan results");
791 466
792 ieee80211_sched_scan_results(wl->hw); 467 ieee80211_sched_scan_results(wl->hw);
793} 468}
794 469EXPORT_SYMBOL_GPL(wlcore_scan_sched_scan_results);
795void wl1271_scan_sched_scan_stop(struct wl1271 *wl, struct wl12xx_vif *wlvif)
796{
797 struct wl1271_cmd_sched_scan_stop *stop;
798 int ret = 0;
799
800 wl1271_debug(DEBUG_CMD, "cmd periodic scan stop");
801
802 /* FIXME: what to do if alloc'ing to stop fails? */
803 stop = kzalloc(sizeof(*stop), GFP_KERNEL);
804 if (!stop) {
805 wl1271_error("failed to alloc memory to send sched scan stop");
806 return;
807 }
808
809 stop->role_id = wlvif->role_id;
810 stop->tag = WL1271_SCAN_DEFAULT_TAG;
811
812 ret = wl1271_cmd_send(wl, CMD_STOP_PERIODIC_SCAN, stop,
813 sizeof(*stop), 0);
814 if (ret < 0) {
815 wl1271_error("failed to send sched scan stop command");
816 goto out_free;
817 }
818
819out_free:
820 kfree(stop);
821}
diff --git a/drivers/net/wireless/ti/wlcore/scan.h b/drivers/net/wireless/ti/wlcore/scan.h
index 29f3c8d6b046..a6ab24b5c0f9 100644
--- a/drivers/net/wireless/ti/wlcore/scan.h
+++ b/drivers/net/wireless/ti/wlcore/scan.h
@@ -26,22 +26,20 @@
26 26
27#include "wlcore.h" 27#include "wlcore.h"
28 28
29int wl1271_scan(struct wl1271 *wl, struct ieee80211_vif *vif, 29int wlcore_scan(struct wl1271 *wl, struct ieee80211_vif *vif,
30 const u8 *ssid, size_t ssid_len, 30 const u8 *ssid, size_t ssid_len,
31 struct cfg80211_scan_request *req); 31 struct cfg80211_scan_request *req);
32int wl1271_scan_stop(struct wl1271 *wl);
33int wl1271_scan_build_probe_req(struct wl1271 *wl, 32int wl1271_scan_build_probe_req(struct wl1271 *wl,
34 const u8 *ssid, size_t ssid_len, 33 const u8 *ssid, size_t ssid_len,
35 const u8 *ie, size_t ie_len, u8 band); 34 const u8 *ie, size_t ie_len, u8 band);
36void wl1271_scan_stm(struct wl1271 *wl, struct ieee80211_vif *vif); 35void wl1271_scan_stm(struct wl1271 *wl, struct wl12xx_vif *wlvif);
37void wl1271_scan_complete_work(struct work_struct *work); 36void wl1271_scan_complete_work(struct work_struct *work);
38int wl1271_scan_sched_scan_config(struct wl1271 *wl, 37int wl1271_scan_sched_scan_config(struct wl1271 *wl,
39 struct wl12xx_vif *wlvif, 38 struct wl12xx_vif *wlvif,
40 struct cfg80211_sched_scan_request *req, 39 struct cfg80211_sched_scan_request *req,
41 struct ieee80211_sched_scan_ies *ies); 40 struct ieee80211_sched_scan_ies *ies);
42int wl1271_scan_sched_scan_start(struct wl1271 *wl, struct wl12xx_vif *wlvif); 41int wl1271_scan_sched_scan_start(struct wl1271 *wl, struct wl12xx_vif *wlvif);
43void wl1271_scan_sched_scan_stop(struct wl1271 *wl, struct wl12xx_vif *wlvif); 42void wlcore_scan_sched_scan_results(struct wl1271 *wl);
44void wl1271_scan_sched_scan_results(struct wl1271 *wl);
45 43
46#define WL1271_SCAN_MAX_CHANNELS 24 44#define WL1271_SCAN_MAX_CHANNELS 24
47#define WL1271_SCAN_DEFAULT_TAG 1 45#define WL1271_SCAN_DEFAULT_TAG 1
@@ -66,56 +64,6 @@ enum {
66 WL1271_SCAN_STATE_DONE 64 WL1271_SCAN_STATE_DONE
67}; 65};
68 66
69struct basic_scan_params {
70 /* Scan option flags (WL1271_SCAN_OPT_*) */
71 __le16 scan_options;
72 u8 role_id;
73 /* Number of scan channels in the list (maximum 30) */
74 u8 n_ch;
75 /* This field indicates the number of probe requests to send
76 per channel for an active scan */
77 u8 n_probe_reqs;
78 u8 tid_trigger;
79 u8 ssid_len;
80 u8 use_ssid_list;
81
82 /* Rate bit field for sending the probes */
83 __le32 tx_rate;
84
85 u8 ssid[IEEE80211_MAX_SSID_LEN];
86 /* Band to scan */
87 u8 band;
88
89 u8 scan_tag;
90 u8 padding2[2];
91} __packed;
92
93struct basic_scan_channel_params {
94 /* Duration in TU to wait for frames on a channel for active scan */
95 __le32 min_duration;
96 __le32 max_duration;
97 __le32 bssid_lsb;
98 __le16 bssid_msb;
99 u8 early_termination;
100 u8 tx_power_att;
101 u8 channel;
102 /* FW internal use only! */
103 u8 dfs_candidate;
104 u8 activity_detected;
105 u8 pad;
106} __packed;
107
108struct wl1271_cmd_scan {
109 struct wl1271_cmd_header header;
110
111 struct basic_scan_params params;
112 struct basic_scan_channel_params channels[WL1271_SCAN_MAX_CHANNELS];
113
114 /* src mac address */
115 u8 addr[ETH_ALEN];
116 u8 padding[2];
117} __packed;
118
119struct wl1271_cmd_trigger_scan_to { 67struct wl1271_cmd_trigger_scan_to {
120 struct wl1271_cmd_header header; 68 struct wl1271_cmd_header header;
121 69
@@ -123,9 +71,17 @@ struct wl1271_cmd_trigger_scan_to {
123} __packed; 71} __packed;
124 72
125#define MAX_CHANNELS_2GHZ 14 73#define MAX_CHANNELS_2GHZ 14
126#define MAX_CHANNELS_5GHZ 23
127#define MAX_CHANNELS_4GHZ 4 74#define MAX_CHANNELS_4GHZ 4
128 75
76/*
77 * This max value here is used only for the struct definition of
78 * wlcore_scan_channels. This struct is used by both 12xx
79 * and 18xx (which have different max 5ghz channels value).
80 * In order to make sure this is large enough, just use the
81 * max possible 5ghz channels.
82 */
83#define MAX_CHANNELS_5GHZ 42
84
129#define SCAN_MAX_CYCLE_INTERVALS 16 85#define SCAN_MAX_CYCLE_INTERVALS 16
130#define SCAN_MAX_BANDS 3 86#define SCAN_MAX_BANDS 3
131 87
@@ -160,43 +116,6 @@ struct conn_scan_ch_params {
160 u8 padding[3]; 116 u8 padding[3];
161} __packed; 117} __packed;
162 118
163struct wl1271_cmd_sched_scan_config {
164 struct wl1271_cmd_header header;
165
166 __le32 intervals[SCAN_MAX_CYCLE_INTERVALS];
167
168 s8 rssi_threshold; /* for filtering (in dBm) */
169 s8 snr_threshold; /* for filtering (in dB) */
170
171 u8 cycles; /* maximum number of scan cycles */
172 u8 report_after; /* report when this number of results are received */
173 u8 terminate; /* stop scanning after reporting */
174
175 u8 tag;
176 u8 bss_type; /* for filtering */
177 u8 filter_type;
178
179 u8 ssid_len; /* For SCAN_SSID_FILTER_SPECIFIC */
180 u8 ssid[IEEE80211_MAX_SSID_LEN];
181
182 u8 n_probe_reqs; /* Number of probes requests per channel */
183
184 u8 passive[SCAN_MAX_BANDS];
185 u8 active[SCAN_MAX_BANDS];
186
187 u8 dfs;
188
189 u8 n_pactive_ch; /* number of pactive (passive until fw detects energy)
190 channels in BG band */
191 u8 role_id;
192 u8 padding[1];
193
194 struct conn_scan_ch_params channels_2[MAX_CHANNELS_2GHZ];
195 struct conn_scan_ch_params channels_5[MAX_CHANNELS_5GHZ];
196 struct conn_scan_ch_params channels_4[MAX_CHANNELS_4GHZ];
197} __packed;
198
199
200#define SCHED_SCAN_MAX_SSIDS 16 119#define SCHED_SCAN_MAX_SSIDS 16
201 120
202enum { 121enum {
@@ -220,21 +139,34 @@ struct wl1271_cmd_sched_scan_ssid_list {
220 u8 padding[2]; 139 u8 padding[2];
221} __packed; 140} __packed;
222 141
223struct wl1271_cmd_sched_scan_start { 142struct wlcore_scan_channels {
224 struct wl1271_cmd_header header; 143 u8 passive[SCAN_MAX_BANDS]; /* number of passive scan channels */
144 u8 active[SCAN_MAX_BANDS]; /* number of active scan channels */
145 u8 dfs; /* number of dfs channels in 5ghz */
146 u8 passive_active; /* number of passive before active channels 2.4ghz */
225 147
226 u8 tag; 148 struct conn_scan_ch_params channels_2[MAX_CHANNELS_2GHZ];
227 u8 role_id; 149 struct conn_scan_ch_params channels_5[MAX_CHANNELS_5GHZ];
228 u8 padding[2]; 150 struct conn_scan_ch_params channels_4[MAX_CHANNELS_4GHZ];
229} __packed; 151};
230
231struct wl1271_cmd_sched_scan_stop {
232 struct wl1271_cmd_header header;
233 152
234 u8 tag; 153enum {
235 u8 role_id; 154 SCAN_TYPE_SEARCH = 0,
236 u8 padding[2]; 155 SCAN_TYPE_PERIODIC = 1,
237} __packed; 156 SCAN_TYPE_TRACKING = 2,
157};
238 158
159bool
160wlcore_set_scan_chan_params(struct wl1271 *wl,
161 struct wlcore_scan_channels *cfg,
162 struct ieee80211_channel *channels[],
163 u32 n_channels,
164 u32 n_ssids,
165 int scan_type);
166
167int
168wlcore_scan_sched_scan_ssid_list(struct wl1271 *wl,
169 struct wl12xx_vif *wlvif,
170 struct cfg80211_sched_scan_request *req);
239 171
240#endif /* __WL1271_SCAN_H__ */ 172#endif /* __WL1271_SCAN_H__ */
diff --git a/drivers/net/wireless/ti/wlcore/sdio.c b/drivers/net/wireless/ti/wlcore/sdio.c
index 646f703ae739..d4f184e2efed 100644
--- a/drivers/net/wireless/ti/wlcore/sdio.c
+++ b/drivers/net/wireless/ti/wlcore/sdio.c
@@ -326,8 +326,7 @@ static void wl1271_remove(struct sdio_func *func)
326 /* Undo decrement done above in wl1271_probe */ 326 /* Undo decrement done above in wl1271_probe */
327 pm_runtime_get_noresume(&func->dev); 327 pm_runtime_get_noresume(&func->dev);
328 328
329 platform_device_del(glue->core); 329 platform_device_unregister(glue->core);
330 platform_device_put(glue->core);
331 kfree(glue); 330 kfree(glue);
332} 331}
333 332
diff --git a/drivers/net/wireless/ti/wlcore/spi.c b/drivers/net/wireless/ti/wlcore/spi.c
index f06f4770ce02..2d700b7ae14c 100644
--- a/drivers/net/wireless/ti/wlcore/spi.c
+++ b/drivers/net/wireless/ti/wlcore/spi.c
@@ -270,7 +270,7 @@ static int __must_check wl12xx_spi_raw_write(struct device *child, int addr,
270 void *buf, size_t len, bool fixed) 270 void *buf, size_t len, bool fixed)
271{ 271{
272 struct wl12xx_spi_glue *glue = dev_get_drvdata(child->parent); 272 struct wl12xx_spi_glue *glue = dev_get_drvdata(child->parent);
273 struct spi_transfer t[2 * WSPI_MAX_NUM_OF_CHUNKS]; 273 struct spi_transfer t[2 * (WSPI_MAX_NUM_OF_CHUNKS + 1)];
274 struct spi_message m; 274 struct spi_message m;
275 u32 commands[WSPI_MAX_NUM_OF_CHUNKS]; 275 u32 commands[WSPI_MAX_NUM_OF_CHUNKS];
276 u32 *cmd; 276 u32 *cmd;
@@ -407,8 +407,7 @@ static int wl1271_remove(struct spi_device *spi)
407{ 407{
408 struct wl12xx_spi_glue *glue = spi_get_drvdata(spi); 408 struct wl12xx_spi_glue *glue = spi_get_drvdata(spi);
409 409
410 platform_device_del(glue->core); 410 platform_device_unregister(glue->core);
411 platform_device_put(glue->core);
412 kfree(glue); 411 kfree(glue);
413 412
414 return 0; 413 return 0;
diff --git a/drivers/net/wireless/ti/wlcore/tx.c b/drivers/net/wireless/ti/wlcore/tx.c
index a90d3cd09408..ece392c54d9c 100644
--- a/drivers/net/wireless/ti/wlcore/tx.c
+++ b/drivers/net/wireless/ti/wlcore/tx.c
@@ -104,7 +104,7 @@ static void wl1271_tx_regulate_link(struct wl1271 *wl,
104 struct wl12xx_vif *wlvif, 104 struct wl12xx_vif *wlvif,
105 u8 hlid) 105 u8 hlid)
106{ 106{
107 bool fw_ps, single_sta; 107 bool fw_ps, single_link;
108 u8 tx_pkts; 108 u8 tx_pkts;
109 109
110 if (WARN_ON(!test_bit(hlid, wlvif->links_map))) 110 if (WARN_ON(!test_bit(hlid, wlvif->links_map)))
@@ -112,15 +112,15 @@ static void wl1271_tx_regulate_link(struct wl1271 *wl,
112 112
113 fw_ps = test_bit(hlid, (unsigned long *)&wl->ap_fw_ps_map); 113 fw_ps = test_bit(hlid, (unsigned long *)&wl->ap_fw_ps_map);
114 tx_pkts = wl->links[hlid].allocated_pkts; 114 tx_pkts = wl->links[hlid].allocated_pkts;
115 single_sta = (wl->active_sta_count == 1); 115 single_link = (wl->active_link_count == 1);
116 116
117 /* 117 /*
118 * if in FW PS and there is enough data in FW we can put the link 118 * if in FW PS and there is enough data in FW we can put the link
119 * into high-level PS and clean out its TX queues. 119 * into high-level PS and clean out its TX queues.
120 * Make an exception if this is the only connected station. In this 120 * Make an exception if this is the only connected link. In this
121 * case FW-memory congestion is not a problem. 121 * case FW-memory congestion is less of a problem.
122 */ 122 */
123 if (!single_sta && fw_ps && tx_pkts >= WL1271_PS_STA_MAX_PACKETS) 123 if (!single_link && fw_ps && tx_pkts >= WL1271_PS_STA_MAX_PACKETS)
124 wl12xx_ps_link_start(wl, wlvif, hlid, true); 124 wl12xx_ps_link_start(wl, wlvif, hlid, true);
125} 125}
126 126
@@ -155,21 +155,18 @@ static u8 wl12xx_tx_get_hlid_ap(struct wl1271 *wl, struct wl12xx_vif *wlvif,
155u8 wl12xx_tx_get_hlid(struct wl1271 *wl, struct wl12xx_vif *wlvif, 155u8 wl12xx_tx_get_hlid(struct wl1271 *wl, struct wl12xx_vif *wlvif,
156 struct sk_buff *skb, struct ieee80211_sta *sta) 156 struct sk_buff *skb, struct ieee80211_sta *sta)
157{ 157{
158 struct ieee80211_hdr *hdr = (struct ieee80211_hdr *)skb->data; 158 struct ieee80211_tx_info *control;
159
160 if (!wlvif || wl12xx_is_dummy_packet(wl, skb))
161 return wl->system_hlid;
162 159
163 if (wlvif->bss_type == BSS_TYPE_AP_BSS) 160 if (wlvif->bss_type == BSS_TYPE_AP_BSS)
164 return wl12xx_tx_get_hlid_ap(wl, wlvif, skb, sta); 161 return wl12xx_tx_get_hlid_ap(wl, wlvif, skb, sta);
165 162
166 if ((test_bit(WLVIF_FLAG_STA_ASSOCIATED, &wlvif->flags) || 163 control = IEEE80211_SKB_CB(skb);
167 test_bit(WLVIF_FLAG_IBSS_JOINED, &wlvif->flags)) && 164 if (control->flags & IEEE80211_TX_CTL_TX_OFFCHAN) {
168 !ieee80211_is_auth(hdr->frame_control) && 165 wl1271_debug(DEBUG_TX, "tx offchannel");
169 !ieee80211_is_assoc_req(hdr->frame_control))
170 return wlvif->sta.hlid;
171 else
172 return wlvif->dev_hlid; 166 return wlvif->dev_hlid;
167 }
168
169 return wlvif->sta.hlid;
173} 170}
174 171
175unsigned int wlcore_calc_packet_alignment(struct wl1271 *wl, 172unsigned int wlcore_calc_packet_alignment(struct wl1271 *wl,
@@ -224,9 +221,7 @@ static int wl1271_tx_allocate(struct wl1271 *wl, struct wl12xx_vif *wlvif,
224 ac = wl1271_tx_get_queue(skb_get_queue_mapping(skb)); 221 ac = wl1271_tx_get_queue(skb_get_queue_mapping(skb));
225 wl->tx_allocated_pkts[ac]++; 222 wl->tx_allocated_pkts[ac]++;
226 223
227 if (!wl12xx_is_dummy_packet(wl, skb) && wlvif && 224 if (test_bit(hlid, wl->links_map))
228 wlvif->bss_type == BSS_TYPE_AP_BSS &&
229 test_bit(hlid, wlvif->ap.sta_hlid_map))
230 wl->links[hlid].allocated_pkts++; 225 wl->links[hlid].allocated_pkts++;
231 226
232 ret = 0; 227 ret = 0;
@@ -293,9 +288,14 @@ static void wl1271_tx_fill_hdr(struct wl1271 *wl, struct wl12xx_vif *wlvif,
293 288
294 tx_attr |= TX_HW_ATTR_TX_DUMMY_REQ; 289 tx_attr |= TX_HW_ATTR_TX_DUMMY_REQ;
295 } else if (wlvif) { 290 } else if (wlvif) {
291 u8 session_id = wl->session_ids[hlid];
292
293 if ((wl->quirks & WLCORE_QUIRK_AP_ZERO_SESSION_ID) &&
294 (wlvif->bss_type == BSS_TYPE_AP_BSS))
295 session_id = 0;
296
296 /* configure the tx attributes */ 297 /* configure the tx attributes */
297 tx_attr = wlvif->session_counter << 298 tx_attr = session_id << TX_HW_ATTR_OFST_SESSION_COUNTER;
298 TX_HW_ATTR_OFST_SESSION_COUNTER;
299 } 299 }
300 300
301 desc->hlid = hlid; 301 desc->hlid = hlid;
@@ -452,20 +452,22 @@ u32 wl1271_tx_enabled_rates_get(struct wl1271 *wl, u32 rate_set,
452void wl1271_handle_tx_low_watermark(struct wl1271 *wl) 452void wl1271_handle_tx_low_watermark(struct wl1271 *wl)
453{ 453{
454 int i; 454 int i;
455 struct wl12xx_vif *wlvif;
455 456
456 for (i = 0; i < NUM_TX_QUEUES; i++) { 457 wl12xx_for_each_wlvif(wl, wlvif) {
457 if (wlcore_is_queue_stopped_by_reason(wl, i, 458 for (i = 0; i < NUM_TX_QUEUES; i++) {
458 WLCORE_QUEUE_STOP_REASON_WATERMARK) && 459 if (wlcore_is_queue_stopped_by_reason(wl, wlvif, i,
459 wl->tx_queue_count[i] <= WL1271_TX_QUEUE_LOW_WATERMARK) { 460 WLCORE_QUEUE_STOP_REASON_WATERMARK) &&
460 /* firmware buffer has space, restart queues */ 461 wlvif->tx_queue_count[i] <=
461 wlcore_wake_queue(wl, i, 462 WL1271_TX_QUEUE_LOW_WATERMARK)
462 WLCORE_QUEUE_STOP_REASON_WATERMARK); 463 /* firmware buffer has space, restart queues */
464 wlcore_wake_queue(wl, wlvif, i,
465 WLCORE_QUEUE_STOP_REASON_WATERMARK);
463 } 466 }
464 } 467 }
465} 468}
466 469
467static struct sk_buff_head *wl1271_select_queue(struct wl1271 *wl, 470static int wlcore_select_ac(struct wl1271 *wl)
468 struct sk_buff_head *queues)
469{ 471{
470 int i, q = -1, ac; 472 int i, q = -1, ac;
471 u32 min_pkts = 0xffffffff; 473 u32 min_pkts = 0xffffffff;
@@ -479,45 +481,60 @@ static struct sk_buff_head *wl1271_select_queue(struct wl1271 *wl,
479 */ 481 */
480 for (i = 0; i < NUM_TX_QUEUES; i++) { 482 for (i = 0; i < NUM_TX_QUEUES; i++) {
481 ac = wl1271_tx_get_queue(i); 483 ac = wl1271_tx_get_queue(i);
482 if (!skb_queue_empty(&queues[ac]) && 484 if (wl->tx_queue_count[ac] &&
483 (wl->tx_allocated_pkts[ac] < min_pkts)) { 485 wl->tx_allocated_pkts[ac] < min_pkts) {
484 q = ac; 486 q = ac;
485 min_pkts = wl->tx_allocated_pkts[q]; 487 min_pkts = wl->tx_allocated_pkts[q];
486 } 488 }
487 } 489 }
488 490
489 if (q == -1) 491 return q;
490 return NULL;
491
492 return &queues[q];
493} 492}
494 493
495static struct sk_buff *wl12xx_lnk_skb_dequeue(struct wl1271 *wl, 494static struct sk_buff *wlcore_lnk_dequeue(struct wl1271 *wl,
496 struct wl1271_link *lnk) 495 struct wl1271_link *lnk, u8 q)
497{ 496{
498 struct sk_buff *skb; 497 struct sk_buff *skb;
499 unsigned long flags; 498 unsigned long flags;
500 struct sk_buff_head *queue;
501 499
502 queue = wl1271_select_queue(wl, lnk->tx_queue); 500 skb = skb_dequeue(&lnk->tx_queue[q]);
503 if (!queue)
504 return NULL;
505
506 skb = skb_dequeue(queue);
507 if (skb) { 501 if (skb) {
508 int q = wl1271_tx_get_queue(skb_get_queue_mapping(skb));
509 spin_lock_irqsave(&wl->wl_lock, flags); 502 spin_lock_irqsave(&wl->wl_lock, flags);
510 WARN_ON_ONCE(wl->tx_queue_count[q] <= 0); 503 WARN_ON_ONCE(wl->tx_queue_count[q] <= 0);
511 wl->tx_queue_count[q]--; 504 wl->tx_queue_count[q]--;
505 if (lnk->wlvif) {
506 WARN_ON_ONCE(lnk->wlvif->tx_queue_count[q] <= 0);
507 lnk->wlvif->tx_queue_count[q]--;
508 }
512 spin_unlock_irqrestore(&wl->wl_lock, flags); 509 spin_unlock_irqrestore(&wl->wl_lock, flags);
513 } 510 }
514 511
515 return skb; 512 return skb;
516} 513}
517 514
518static struct sk_buff *wl12xx_vif_skb_dequeue(struct wl1271 *wl, 515static struct sk_buff *wlcore_lnk_dequeue_high_prio(struct wl1271 *wl,
519 struct wl12xx_vif *wlvif, 516 u8 hlid, u8 ac,
520 u8 *hlid) 517 u8 *low_prio_hlid)
518{
519 struct wl1271_link *lnk = &wl->links[hlid];
520
521 if (!wlcore_hw_lnk_high_prio(wl, hlid, lnk)) {
522 if (*low_prio_hlid == WL12XX_INVALID_LINK_ID &&
523 !skb_queue_empty(&lnk->tx_queue[ac]) &&
524 wlcore_hw_lnk_low_prio(wl, hlid, lnk))
525 /* we found the first non-empty low priority queue */
526 *low_prio_hlid = hlid;
527
528 return NULL;
529 }
530
531 return wlcore_lnk_dequeue(wl, lnk, ac);
532}
533
534static struct sk_buff *wlcore_vif_dequeue_high_prio(struct wl1271 *wl,
535 struct wl12xx_vif *wlvif,
536 u8 ac, u8 *hlid,
537 u8 *low_prio_hlid)
521{ 538{
522 struct sk_buff *skb = NULL; 539 struct sk_buff *skb = NULL;
523 int i, h, start_hlid; 540 int i, h, start_hlid;
@@ -533,7 +550,8 @@ static struct sk_buff *wl12xx_vif_skb_dequeue(struct wl1271 *wl,
533 if (!test_bit(h, wlvif->links_map)) 550 if (!test_bit(h, wlvif->links_map))
534 continue; 551 continue;
535 552
536 skb = wl12xx_lnk_skb_dequeue(wl, &wl->links[h]); 553 skb = wlcore_lnk_dequeue_high_prio(wl, h, ac,
554 low_prio_hlid);
537 if (!skb) 555 if (!skb)
538 continue; 556 continue;
539 557
@@ -553,42 +571,74 @@ static struct sk_buff *wl1271_skb_dequeue(struct wl1271 *wl, u8 *hlid)
553 unsigned long flags; 571 unsigned long flags;
554 struct wl12xx_vif *wlvif = wl->last_wlvif; 572 struct wl12xx_vif *wlvif = wl->last_wlvif;
555 struct sk_buff *skb = NULL; 573 struct sk_buff *skb = NULL;
574 int ac;
575 u8 low_prio_hlid = WL12XX_INVALID_LINK_ID;
576
577 ac = wlcore_select_ac(wl);
578 if (ac < 0)
579 goto out;
556 580
557 /* continue from last wlvif (round robin) */ 581 /* continue from last wlvif (round robin) */
558 if (wlvif) { 582 if (wlvif) {
559 wl12xx_for_each_wlvif_continue(wl, wlvif) { 583 wl12xx_for_each_wlvif_continue(wl, wlvif) {
560 skb = wl12xx_vif_skb_dequeue(wl, wlvif, hlid); 584 if (!wlvif->tx_queue_count[ac])
561 if (skb) { 585 continue;
562 wl->last_wlvif = wlvif; 586
563 break; 587 skb = wlcore_vif_dequeue_high_prio(wl, wlvif, ac, hlid,
564 } 588 &low_prio_hlid);
589 if (!skb)
590 continue;
591
592 wl->last_wlvif = wlvif;
593 break;
565 } 594 }
566 } 595 }
567 596
568 /* dequeue from the system HLID before the restarting wlvif list */ 597 /* dequeue from the system HLID before the restarting wlvif list */
569 if (!skb) { 598 if (!skb) {
570 skb = wl12xx_lnk_skb_dequeue(wl, &wl->links[wl->system_hlid]); 599 skb = wlcore_lnk_dequeue_high_prio(wl, wl->system_hlid,
571 *hlid = wl->system_hlid; 600 ac, &low_prio_hlid);
601 if (skb) {
602 *hlid = wl->system_hlid;
603 wl->last_wlvif = NULL;
604 }
572 } 605 }
573 606
574 /* do a new pass over the wlvif list */ 607 /* Do a new pass over the wlvif list. But no need to continue
608 * after last_wlvif. The previous pass should have found it. */
575 if (!skb) { 609 if (!skb) {
576 wl12xx_for_each_wlvif(wl, wlvif) { 610 wl12xx_for_each_wlvif(wl, wlvif) {
577 skb = wl12xx_vif_skb_dequeue(wl, wlvif, hlid); 611 if (!wlvif->tx_queue_count[ac])
612 goto next;
613
614 skb = wlcore_vif_dequeue_high_prio(wl, wlvif, ac, hlid,
615 &low_prio_hlid);
578 if (skb) { 616 if (skb) {
579 wl->last_wlvif = wlvif; 617 wl->last_wlvif = wlvif;
580 break; 618 break;
581 } 619 }
582 620
583 /* 621next:
584 * No need to continue after last_wlvif. The previous
585 * pass should have found it.
586 */
587 if (wlvif == wl->last_wlvif) 622 if (wlvif == wl->last_wlvif)
588 break; 623 break;
589 } 624 }
590 } 625 }
591 626
627 /* no high priority skbs found - but maybe a low priority one? */
628 if (!skb && low_prio_hlid != WL12XX_INVALID_LINK_ID) {
629 struct wl1271_link *lnk = &wl->links[low_prio_hlid];
630 skb = wlcore_lnk_dequeue(wl, lnk, ac);
631
632 WARN_ON(!skb); /* we checked this before */
633 *hlid = low_prio_hlid;
634
635 /* ensure proper round robin in the vif/link levels */
636 wl->last_wlvif = lnk->wlvif;
637 if (lnk->wlvif)
638 lnk->wlvif->last_tx_hlid = low_prio_hlid;
639
640 }
641
592 if (!skb && 642 if (!skb &&
593 test_and_clear_bit(WL1271_FLAG_DUMMY_PACKET_PENDING, &wl->flags)) { 643 test_and_clear_bit(WL1271_FLAG_DUMMY_PACKET_PENDING, &wl->flags)) {
594 int q; 644 int q;
@@ -602,6 +652,7 @@ static struct sk_buff *wl1271_skb_dequeue(struct wl1271 *wl, u8 *hlid)
602 spin_unlock_irqrestore(&wl->wl_lock, flags); 652 spin_unlock_irqrestore(&wl->wl_lock, flags);
603 } 653 }
604 654
655out:
605 return skb; 656 return skb;
606} 657}
607 658
@@ -623,6 +674,8 @@ static void wl1271_skb_queue_head(struct wl1271 *wl, struct wl12xx_vif *wlvif,
623 674
624 spin_lock_irqsave(&wl->wl_lock, flags); 675 spin_lock_irqsave(&wl->wl_lock, flags);
625 wl->tx_queue_count[q]++; 676 wl->tx_queue_count[q]++;
677 if (wlvif)
678 wlvif->tx_queue_count[q]++;
626 spin_unlock_irqrestore(&wl->wl_lock, flags); 679 spin_unlock_irqrestore(&wl->wl_lock, flags);
627} 680}
628 681
@@ -699,7 +752,7 @@ int wlcore_tx_work_locked(struct wl1271 *wl)
699 bool has_data = false; 752 bool has_data = false;
700 753
701 wlvif = NULL; 754 wlvif = NULL;
702 if (!wl12xx_is_dummy_packet(wl, skb) && info->control.vif) 755 if (!wl12xx_is_dummy_packet(wl, skb))
703 wlvif = wl12xx_vif_to_data(info->control.vif); 756 wlvif = wl12xx_vif_to_data(info->control.vif);
704 else 757 else
705 hlid = wl->system_hlid; 758 hlid = wl->system_hlid;
@@ -972,10 +1025,11 @@ void wl1271_tx_reset_link_queues(struct wl1271 *wl, u8 hlid)
972 unsigned long flags; 1025 unsigned long flags;
973 struct ieee80211_tx_info *info; 1026 struct ieee80211_tx_info *info;
974 int total[NUM_TX_QUEUES]; 1027 int total[NUM_TX_QUEUES];
1028 struct wl1271_link *lnk = &wl->links[hlid];
975 1029
976 for (i = 0; i < NUM_TX_QUEUES; i++) { 1030 for (i = 0; i < NUM_TX_QUEUES; i++) {
977 total[i] = 0; 1031 total[i] = 0;
978 while ((skb = skb_dequeue(&wl->links[hlid].tx_queue[i]))) { 1032 while ((skb = skb_dequeue(&lnk->tx_queue[i]))) {
979 wl1271_debug(DEBUG_TX, "link freeing skb 0x%p", skb); 1033 wl1271_debug(DEBUG_TX, "link freeing skb 0x%p", skb);
980 1034
981 if (!wl12xx_is_dummy_packet(wl, skb)) { 1035 if (!wl12xx_is_dummy_packet(wl, skb)) {
@@ -990,8 +1044,11 @@ void wl1271_tx_reset_link_queues(struct wl1271 *wl, u8 hlid)
990 } 1044 }
991 1045
992 spin_lock_irqsave(&wl->wl_lock, flags); 1046 spin_lock_irqsave(&wl->wl_lock, flags);
993 for (i = 0; i < NUM_TX_QUEUES; i++) 1047 for (i = 0; i < NUM_TX_QUEUES; i++) {
994 wl->tx_queue_count[i] -= total[i]; 1048 wl->tx_queue_count[i] -= total[i];
1049 if (lnk->wlvif)
1050 lnk->wlvif->tx_queue_count[i] -= total[i];
1051 }
995 spin_unlock_irqrestore(&wl->wl_lock, flags); 1052 spin_unlock_irqrestore(&wl->wl_lock, flags);
996 1053
997 wl1271_handle_tx_low_watermark(wl); 1054 wl1271_handle_tx_low_watermark(wl);
@@ -1004,16 +1061,18 @@ void wl12xx_tx_reset_wlvif(struct wl1271 *wl, struct wl12xx_vif *wlvif)
1004 1061
1005 /* TX failure */ 1062 /* TX failure */
1006 for_each_set_bit(i, wlvif->links_map, WL12XX_MAX_LINKS) { 1063 for_each_set_bit(i, wlvif->links_map, WL12XX_MAX_LINKS) {
1007 if (wlvif->bss_type == BSS_TYPE_AP_BSS) 1064 if (wlvif->bss_type == BSS_TYPE_AP_BSS) {
1065 /* this calls wl12xx_free_link */
1008 wl1271_free_sta(wl, wlvif, i); 1066 wl1271_free_sta(wl, wlvif, i);
1009 else 1067 } else {
1010 wlvif->sta.ba_rx_bitmap = 0; 1068 u8 hlid = i;
1011 1069 wl12xx_free_link(wl, wlvif, &hlid);
1012 wl->links[i].allocated_pkts = 0; 1070 }
1013 wl->links[i].prev_freed_pkts = 0;
1014 } 1071 }
1015 wlvif->last_tx_hlid = 0; 1072 wlvif->last_tx_hlid = 0;
1016 1073
1074 for (i = 0; i < NUM_TX_QUEUES; i++)
1075 wlvif->tx_queue_count[i] = 0;
1017} 1076}
1018/* caller must hold wl->mutex and TX must be stopped */ 1077/* caller must hold wl->mutex and TX must be stopped */
1019void wl12xx_tx_reset(struct wl1271 *wl) 1078void wl12xx_tx_reset(struct wl1271 *wl)
@@ -1023,7 +1082,7 @@ void wl12xx_tx_reset(struct wl1271 *wl)
1023 struct ieee80211_tx_info *info; 1082 struct ieee80211_tx_info *info;
1024 1083
1025 /* only reset the queues if something bad happened */ 1084 /* only reset the queues if something bad happened */
1026 if (WARN_ON_ONCE(wl1271_tx_total_queue_count(wl) != 0)) { 1085 if (wl1271_tx_total_queue_count(wl) != 0) {
1027 for (i = 0; i < WL12XX_MAX_LINKS; i++) 1086 for (i = 0; i < WL12XX_MAX_LINKS; i++)
1028 wl1271_tx_reset_link_queues(wl, i); 1087 wl1271_tx_reset_link_queues(wl, i);
1029 1088
@@ -1135,45 +1194,48 @@ u32 wl1271_tx_min_rate_get(struct wl1271 *wl, u32 rate_set)
1135 1194
1136 return BIT(__ffs(rate_set)); 1195 return BIT(__ffs(rate_set));
1137} 1196}
1197EXPORT_SYMBOL_GPL(wl1271_tx_min_rate_get);
1138 1198
1139void wlcore_stop_queue_locked(struct wl1271 *wl, u8 queue, 1199void wlcore_stop_queue_locked(struct wl1271 *wl, struct wl12xx_vif *wlvif,
1140 enum wlcore_queue_stop_reason reason) 1200 u8 queue, enum wlcore_queue_stop_reason reason)
1141{ 1201{
1142 bool stopped = !!wl->queue_stop_reasons[queue]; 1202 int hwq = wlcore_tx_get_mac80211_queue(wlvif, queue);
1203 bool stopped = !!wl->queue_stop_reasons[hwq];
1143 1204
1144 /* queue should not be stopped for this reason */ 1205 /* queue should not be stopped for this reason */
1145 WARN_ON(test_and_set_bit(reason, &wl->queue_stop_reasons[queue])); 1206 WARN_ON_ONCE(test_and_set_bit(reason, &wl->queue_stop_reasons[hwq]));
1146 1207
1147 if (stopped) 1208 if (stopped)
1148 return; 1209 return;
1149 1210
1150 ieee80211_stop_queue(wl->hw, wl1271_tx_get_mac80211_queue(queue)); 1211 ieee80211_stop_queue(wl->hw, hwq);
1151} 1212}
1152 1213
1153void wlcore_stop_queue(struct wl1271 *wl, u8 queue, 1214void wlcore_stop_queue(struct wl1271 *wl, struct wl12xx_vif *wlvif, u8 queue,
1154 enum wlcore_queue_stop_reason reason) 1215 enum wlcore_queue_stop_reason reason)
1155{ 1216{
1156 unsigned long flags; 1217 unsigned long flags;
1157 1218
1158 spin_lock_irqsave(&wl->wl_lock, flags); 1219 spin_lock_irqsave(&wl->wl_lock, flags);
1159 wlcore_stop_queue_locked(wl, queue, reason); 1220 wlcore_stop_queue_locked(wl, wlvif, queue, reason);
1160 spin_unlock_irqrestore(&wl->wl_lock, flags); 1221 spin_unlock_irqrestore(&wl->wl_lock, flags);
1161} 1222}
1162 1223
1163void wlcore_wake_queue(struct wl1271 *wl, u8 queue, 1224void wlcore_wake_queue(struct wl1271 *wl, struct wl12xx_vif *wlvif, u8 queue,
1164 enum wlcore_queue_stop_reason reason) 1225 enum wlcore_queue_stop_reason reason)
1165{ 1226{
1166 unsigned long flags; 1227 unsigned long flags;
1228 int hwq = wlcore_tx_get_mac80211_queue(wlvif, queue);
1167 1229
1168 spin_lock_irqsave(&wl->wl_lock, flags); 1230 spin_lock_irqsave(&wl->wl_lock, flags);
1169 1231
1170 /* queue should not be clear for this reason */ 1232 /* queue should not be clear for this reason */
1171 WARN_ON(!test_and_clear_bit(reason, &wl->queue_stop_reasons[queue])); 1233 WARN_ON_ONCE(!test_and_clear_bit(reason, &wl->queue_stop_reasons[hwq]));
1172 1234
1173 if (wl->queue_stop_reasons[queue]) 1235 if (wl->queue_stop_reasons[hwq])
1174 goto out; 1236 goto out;
1175 1237
1176 ieee80211_wake_queue(wl->hw, wl1271_tx_get_mac80211_queue(queue)); 1238 ieee80211_wake_queue(wl->hw, hwq);
1177 1239
1178out: 1240out:
1179 spin_unlock_irqrestore(&wl->wl_lock, flags); 1241 spin_unlock_irqrestore(&wl->wl_lock, flags);
@@ -1183,48 +1245,74 @@ void wlcore_stop_queues(struct wl1271 *wl,
1183 enum wlcore_queue_stop_reason reason) 1245 enum wlcore_queue_stop_reason reason)
1184{ 1246{
1185 int i; 1247 int i;
1248 unsigned long flags;
1186 1249
1187 for (i = 0; i < NUM_TX_QUEUES; i++) 1250 spin_lock_irqsave(&wl->wl_lock, flags);
1188 wlcore_stop_queue(wl, i, reason); 1251
1252 /* mark all possible queues as stopped */
1253 for (i = 0; i < WLCORE_NUM_MAC_ADDRESSES * NUM_TX_QUEUES; i++)
1254 WARN_ON_ONCE(test_and_set_bit(reason,
1255 &wl->queue_stop_reasons[i]));
1256
1257 /* use the global version to make sure all vifs in mac80211 we don't
1258 * know are stopped.
1259 */
1260 ieee80211_stop_queues(wl->hw);
1261
1262 spin_unlock_irqrestore(&wl->wl_lock, flags);
1189} 1263}
1190EXPORT_SYMBOL_GPL(wlcore_stop_queues);
1191 1264
1192void wlcore_wake_queues(struct wl1271 *wl, 1265void wlcore_wake_queues(struct wl1271 *wl,
1193 enum wlcore_queue_stop_reason reason) 1266 enum wlcore_queue_stop_reason reason)
1194{ 1267{
1195 int i; 1268 int i;
1269 unsigned long flags;
1196 1270
1197 for (i = 0; i < NUM_TX_QUEUES; i++) 1271 spin_lock_irqsave(&wl->wl_lock, flags);
1198 wlcore_wake_queue(wl, i, reason); 1272
1273 /* mark all possible queues as awake */
1274 for (i = 0; i < WLCORE_NUM_MAC_ADDRESSES * NUM_TX_QUEUES; i++)
1275 WARN_ON_ONCE(!test_and_clear_bit(reason,
1276 &wl->queue_stop_reasons[i]));
1277
1278 /* use the global version to make sure all vifs in mac80211 we don't
1279 * know are woken up.
1280 */
1281 ieee80211_wake_queues(wl->hw);
1282
1283 spin_unlock_irqrestore(&wl->wl_lock, flags);
1199} 1284}
1200EXPORT_SYMBOL_GPL(wlcore_wake_queues);
1201 1285
1202void wlcore_reset_stopped_queues(struct wl1271 *wl) 1286bool wlcore_is_queue_stopped_by_reason(struct wl1271 *wl,
1287 struct wl12xx_vif *wlvif, u8 queue,
1288 enum wlcore_queue_stop_reason reason)
1203{ 1289{
1204 int i;
1205 unsigned long flags; 1290 unsigned long flags;
1291 bool stopped;
1206 1292
1207 spin_lock_irqsave(&wl->wl_lock, flags); 1293 spin_lock_irqsave(&wl->wl_lock, flags);
1208 1294 stopped = wlcore_is_queue_stopped_by_reason_locked(wl, wlvif, queue,
1209 for (i = 0; i < NUM_TX_QUEUES; i++) { 1295 reason);
1210 if (!wl->queue_stop_reasons[i])
1211 continue;
1212
1213 wl->queue_stop_reasons[i] = 0;
1214 ieee80211_wake_queue(wl->hw,
1215 wl1271_tx_get_mac80211_queue(i));
1216 }
1217
1218 spin_unlock_irqrestore(&wl->wl_lock, flags); 1296 spin_unlock_irqrestore(&wl->wl_lock, flags);
1297
1298 return stopped;
1219} 1299}
1220 1300
1221bool wlcore_is_queue_stopped_by_reason(struct wl1271 *wl, u8 queue, 1301bool wlcore_is_queue_stopped_by_reason_locked(struct wl1271 *wl,
1222 enum wlcore_queue_stop_reason reason) 1302 struct wl12xx_vif *wlvif, u8 queue,
1303 enum wlcore_queue_stop_reason reason)
1223{ 1304{
1224 return test_bit(reason, &wl->queue_stop_reasons[queue]); 1305 int hwq = wlcore_tx_get_mac80211_queue(wlvif, queue);
1306
1307 WARN_ON_ONCE(!spin_is_locked(&wl->wl_lock));
1308 return test_bit(reason, &wl->queue_stop_reasons[hwq]);
1225} 1309}
1226 1310
1227bool wlcore_is_queue_stopped(struct wl1271 *wl, u8 queue) 1311bool wlcore_is_queue_stopped_locked(struct wl1271 *wl, struct wl12xx_vif *wlvif,
1312 u8 queue)
1228{ 1313{
1229 return !!wl->queue_stop_reasons[queue]; 1314 int hwq = wlcore_tx_get_mac80211_queue(wlvif, queue);
1315
1316 WARN_ON_ONCE(!spin_is_locked(&wl->wl_lock));
1317 return !!wl->queue_stop_reasons[hwq];
1230} 1318}
diff --git a/drivers/net/wireless/ti/wlcore/tx.h b/drivers/net/wireless/ti/wlcore/tx.h
index 349520d8b724..55aa4acf9105 100644
--- a/drivers/net/wireless/ti/wlcore/tx.h
+++ b/drivers/net/wireless/ti/wlcore/tx.h
@@ -207,19 +207,22 @@ static inline int wl1271_tx_get_queue(int queue)
207 } 207 }
208} 208}
209 209
210static inline int wl1271_tx_get_mac80211_queue(int queue) 210static inline
211int wlcore_tx_get_mac80211_queue(struct wl12xx_vif *wlvif, int queue)
211{ 212{
213 int mac_queue = wlvif->hw_queue_base;
214
212 switch (queue) { 215 switch (queue) {
213 case CONF_TX_AC_VO: 216 case CONF_TX_AC_VO:
214 return 0; 217 return mac_queue + 0;
215 case CONF_TX_AC_VI: 218 case CONF_TX_AC_VI:
216 return 1; 219 return mac_queue + 1;
217 case CONF_TX_AC_BE: 220 case CONF_TX_AC_BE:
218 return 2; 221 return mac_queue + 2;
219 case CONF_TX_AC_BK: 222 case CONF_TX_AC_BK:
220 return 3; 223 return mac_queue + 3;
221 default: 224 default:
222 return 2; 225 return mac_queue + 2;
223 } 226 }
224} 227}
225 228
@@ -252,20 +255,26 @@ void wl12xx_rearm_rx_streaming(struct wl1271 *wl, unsigned long *active_hlids);
252unsigned int wlcore_calc_packet_alignment(struct wl1271 *wl, 255unsigned int wlcore_calc_packet_alignment(struct wl1271 *wl,
253 unsigned int packet_length); 256 unsigned int packet_length);
254void wl1271_free_tx_id(struct wl1271 *wl, int id); 257void wl1271_free_tx_id(struct wl1271 *wl, int id);
255void wlcore_stop_queue_locked(struct wl1271 *wl, u8 queue, 258void wlcore_stop_queue_locked(struct wl1271 *wl, struct wl12xx_vif *wlvif,
256 enum wlcore_queue_stop_reason reason); 259 u8 queue, enum wlcore_queue_stop_reason reason);
257void wlcore_stop_queue(struct wl1271 *wl, u8 queue, 260void wlcore_stop_queue(struct wl1271 *wl, struct wl12xx_vif *wlvif, u8 queue,
258 enum wlcore_queue_stop_reason reason); 261 enum wlcore_queue_stop_reason reason);
259void wlcore_wake_queue(struct wl1271 *wl, u8 queue, 262void wlcore_wake_queue(struct wl1271 *wl, struct wl12xx_vif *wlvif, u8 queue,
260 enum wlcore_queue_stop_reason reason); 263 enum wlcore_queue_stop_reason reason);
261void wlcore_stop_queues(struct wl1271 *wl, 264void wlcore_stop_queues(struct wl1271 *wl,
262 enum wlcore_queue_stop_reason reason); 265 enum wlcore_queue_stop_reason reason);
263void wlcore_wake_queues(struct wl1271 *wl, 266void wlcore_wake_queues(struct wl1271 *wl,
264 enum wlcore_queue_stop_reason reason); 267 enum wlcore_queue_stop_reason reason);
265void wlcore_reset_stopped_queues(struct wl1271 *wl); 268bool wlcore_is_queue_stopped_by_reason(struct wl1271 *wl,
266bool wlcore_is_queue_stopped_by_reason(struct wl1271 *wl, u8 queue, 269 struct wl12xx_vif *wlvif, u8 queue,
267 enum wlcore_queue_stop_reason reason); 270 enum wlcore_queue_stop_reason reason);
268bool wlcore_is_queue_stopped(struct wl1271 *wl, u8 queue); 271bool
272wlcore_is_queue_stopped_by_reason_locked(struct wl1271 *wl,
273 struct wl12xx_vif *wlvif,
274 u8 queue,
275 enum wlcore_queue_stop_reason reason);
276bool wlcore_is_queue_stopped_locked(struct wl1271 *wl, struct wl12xx_vif *wlvif,
277 u8 queue);
269 278
270/* from main.c */ 279/* from main.c */
271void wl1271_free_sta(struct wl1271 *wl, struct wl12xx_vif *wlvif, u8 hlid); 280void wl1271_free_sta(struct wl1271 *wl, struct wl12xx_vif *wlvif, u8 hlid);
diff --git a/drivers/net/wireless/ti/wlcore/wlcore.h b/drivers/net/wireless/ti/wlcore/wlcore.h
index c3884937c007..ebd8c6fad7cd 100644
--- a/drivers/net/wireless/ti/wlcore/wlcore.h
+++ b/drivers/net/wireless/ti/wlcore/wlcore.h
@@ -37,6 +37,9 @@
37 */ 37 */
38#define WLCORE_NUM_MAC_ADDRESSES 3 38#define WLCORE_NUM_MAC_ADDRESSES 3
39 39
40/* wl12xx/wl18xx maximum transmission power (in dBm) */
41#define WLCORE_MAX_TXPWR 25
42
40/* forward declaration */ 43/* forward declaration */
41struct wl1271_tx_hw_descr; 44struct wl1271_tx_hw_descr;
42enum wl_rx_buf_align; 45enum wl_rx_buf_align;
@@ -51,6 +54,9 @@ struct wlcore_ops {
51 int (*trigger_cmd)(struct wl1271 *wl, int cmd_box_addr, 54 int (*trigger_cmd)(struct wl1271 *wl, int cmd_box_addr,
52 void *buf, size_t len); 55 void *buf, size_t len);
53 int (*ack_event)(struct wl1271 *wl); 56 int (*ack_event)(struct wl1271 *wl);
57 int (*wait_for_event)(struct wl1271 *wl, enum wlcore_wait_event event,
58 bool *timeout);
59 int (*process_mailbox_events)(struct wl1271 *wl);
54 u32 (*calc_tx_blocks)(struct wl1271 *wl, u32 len, u32 spare_blks); 60 u32 (*calc_tx_blocks)(struct wl1271 *wl, u32 len, u32 spare_blks);
55 void (*set_tx_desc_blocks)(struct wl1271 *wl, 61 void (*set_tx_desc_blocks)(struct wl1271 *wl,
56 struct wl1271_tx_hw_descr *desc, 62 struct wl1271_tx_hw_descr *desc,
@@ -82,12 +88,32 @@ struct wlcore_ops {
82 int (*debugfs_init)(struct wl1271 *wl, struct dentry *rootdir); 88 int (*debugfs_init)(struct wl1271 *wl, struct dentry *rootdir);
83 int (*handle_static_data)(struct wl1271 *wl, 89 int (*handle_static_data)(struct wl1271 *wl,
84 struct wl1271_static_data *static_data); 90 struct wl1271_static_data *static_data);
91 int (*scan_start)(struct wl1271 *wl, struct wl12xx_vif *wlvif,
92 struct cfg80211_scan_request *req);
93 int (*scan_stop)(struct wl1271 *wl, struct wl12xx_vif *wlvif);
94 int (*sched_scan_start)(struct wl1271 *wl, struct wl12xx_vif *wlvif,
95 struct cfg80211_sched_scan_request *req,
96 struct ieee80211_sched_scan_ies *ies);
97 void (*sched_scan_stop)(struct wl1271 *wl, struct wl12xx_vif *wlvif);
85 int (*get_spare_blocks)(struct wl1271 *wl, bool is_gem); 98 int (*get_spare_blocks)(struct wl1271 *wl, bool is_gem);
86 int (*set_key)(struct wl1271 *wl, enum set_key_cmd cmd, 99 int (*set_key)(struct wl1271 *wl, enum set_key_cmd cmd,
87 struct ieee80211_vif *vif, 100 struct ieee80211_vif *vif,
88 struct ieee80211_sta *sta, 101 struct ieee80211_sta *sta,
89 struct ieee80211_key_conf *key_conf); 102 struct ieee80211_key_conf *key_conf);
103 int (*channel_switch)(struct wl1271 *wl,
104 struct wl12xx_vif *wlvif,
105 struct ieee80211_channel_switch *ch_switch);
90 u32 (*pre_pkt_send)(struct wl1271 *wl, u32 buf_offset, u32 last_len); 106 u32 (*pre_pkt_send)(struct wl1271 *wl, u32 buf_offset, u32 last_len);
107 void (*sta_rc_update)(struct wl1271 *wl, struct wl12xx_vif *wlvif,
108 struct ieee80211_sta *sta, u32 changed);
109 int (*set_peer_cap)(struct wl1271 *wl,
110 struct ieee80211_sta_ht_cap *ht_cap,
111 bool allow_ht_operation,
112 u32 rate_set, u8 hlid);
113 bool (*lnk_high_prio)(struct wl1271 *wl, u8 hlid,
114 struct wl1271_link *lnk);
115 bool (*lnk_low_prio)(struct wl1271 *wl, u8 hlid,
116 struct wl1271_link *lnk);
91}; 117};
92 118
93enum wlcore_partitions { 119enum wlcore_partitions {
@@ -202,6 +228,8 @@ struct wl1271 {
202 unsigned long klv_templates_map[ 228 unsigned long klv_templates_map[
203 BITS_TO_LONGS(WLCORE_MAX_KLV_TEMPLATES)]; 229 BITS_TO_LONGS(WLCORE_MAX_KLV_TEMPLATES)];
204 230
231 u8 session_ids[WL12XX_MAX_LINKS];
232
205 struct list_head wlvif_list; 233 struct list_head wlvif_list;
206 234
207 u8 sta_count; 235 u8 sta_count;
@@ -227,7 +255,8 @@ struct wl1271 {
227 255
228 /* Frames scheduled for transmission, not handled yet */ 256 /* Frames scheduled for transmission, not handled yet */
229 int tx_queue_count[NUM_TX_QUEUES]; 257 int tx_queue_count[NUM_TX_QUEUES];
230 unsigned long queue_stop_reasons[NUM_TX_QUEUES]; 258 unsigned long queue_stop_reasons[
259 NUM_TX_QUEUES * WLCORE_NUM_MAC_ADDRESSES];
231 260
232 /* Frames received, not handled yet by mac80211 */ 261 /* Frames received, not handled yet by mac80211 */
233 struct sk_buff_head deferred_rx_queue; 262 struct sk_buff_head deferred_rx_queue;
@@ -269,24 +298,30 @@ struct wl1271 {
269 struct work_struct recovery_work; 298 struct work_struct recovery_work;
270 bool watchdog_recovery; 299 bool watchdog_recovery;
271 300
301 /* Reg domain last configuration */
302 u32 reg_ch_conf_last[2];
303 /* Reg domain pending configuration */
304 u32 reg_ch_conf_pending[2];
305
272 /* Pointer that holds DMA-friendly block for the mailbox */ 306 /* Pointer that holds DMA-friendly block for the mailbox */
273 struct event_mailbox *mbox; 307 void *mbox;
274 308
275 /* The mbox event mask */ 309 /* The mbox event mask */
276 u32 event_mask; 310 u32 event_mask;
277 311
278 /* Mailbox pointers */ 312 /* Mailbox pointers */
313 u32 mbox_size;
279 u32 mbox_ptr[2]; 314 u32 mbox_ptr[2];
280 315
281 /* Are we currently scanning */ 316 /* Are we currently scanning */
282 struct ieee80211_vif *scan_vif; 317 struct wl12xx_vif *scan_wlvif;
283 struct wl1271_scan scan; 318 struct wl1271_scan scan;
284 struct delayed_work scan_complete_work; 319 struct delayed_work scan_complete_work;
285 320
286 /* Connection loss work */ 321 struct ieee80211_vif *roc_vif;
287 struct delayed_work connection_loss_work; 322 struct delayed_work roc_complete_work;
288 323
289 bool sched_scanning; 324 struct wl12xx_vif *sched_vif;
290 325
291 /* The current band */ 326 /* The current band */
292 enum ieee80211_band band; 327 enum ieee80211_band band;
@@ -299,7 +334,7 @@ struct wl1271 {
299 334
300 struct wl1271_stats stats; 335 struct wl1271_stats stats;
301 336
302 __le32 buffer_32; 337 __le32 *buffer_32;
303 u32 buffer_cmd; 338 u32 buffer_cmd;
304 u32 buffer_busyword[WL1271_BUSY_WORD_CNT]; 339 u32 buffer_busyword[WL1271_BUSY_WORD_CNT];
305 340
@@ -314,6 +349,8 @@ struct wl1271 {
314 349
315 bool enable_11a; 350 bool enable_11a;
316 351
352 int recovery_count;
353
317 /* Most recently reported noise in dBm */ 354 /* Most recently reported noise in dBm */
318 s8 noise; 355 s8 noise;
319 356
@@ -333,6 +370,12 @@ struct wl1271 {
333 */ 370 */
334 struct wl1271_link links[WL12XX_MAX_LINKS]; 371 struct wl1271_link links[WL12XX_MAX_LINKS];
335 372
373 /* number of currently active links */
374 int active_link_count;
375
376 /* Fast/slow links bitmap according to FW */
377 u32 fw_fast_lnk_map;
378
336 /* AP-mode - a bitmap of links currently in PS mode according to FW */ 379 /* AP-mode - a bitmap of links currently in PS mode according to FW */
337 u32 ap_fw_ps_map; 380 u32 ap_fw_ps_map;
338 381
@@ -367,6 +410,12 @@ struct wl1271 {
367 const char *sr_fw_name; 410 const char *sr_fw_name;
368 const char *mr_fw_name; 411 const char *mr_fw_name;
369 412
413 u8 scan_templ_id_2_4;
414 u8 scan_templ_id_5;
415 u8 sched_scan_templ_id_2_4;
416 u8 sched_scan_templ_id_5;
417 u8 max_channels_5;
418
370 /* per-chip-family private structure */ 419 /* per-chip-family private structure */
371 void *priv; 420 void *priv;
372 421
@@ -408,20 +457,28 @@ struct wl1271 {
408 /* the number of allocated MAC addresses in this chip */ 457 /* the number of allocated MAC addresses in this chip */
409 int num_mac_addr; 458 int num_mac_addr;
410 459
411 /* the minimum FW version required for the driver to work */ 460 /* minimum FW version required for the driver to work in single-role */
412 unsigned int min_fw_ver[NUM_FW_VER]; 461 unsigned int min_sr_fw_ver[NUM_FW_VER];
462
463 /* minimum FW version required for the driver to work in multi-role */
464 unsigned int min_mr_fw_ver[NUM_FW_VER];
413 465
414 struct completion nvs_loading_complete; 466 struct completion nvs_loading_complete;
467
468 /* number of concurrent channels the HW supports */
469 u32 num_channels;
415}; 470};
416 471
417int wlcore_probe(struct wl1271 *wl, struct platform_device *pdev); 472int wlcore_probe(struct wl1271 *wl, struct platform_device *pdev);
418int wlcore_remove(struct platform_device *pdev); 473int wlcore_remove(struct platform_device *pdev);
419struct ieee80211_hw *wlcore_alloc_hw(size_t priv_size, u32 aggr_buf_size); 474struct ieee80211_hw *wlcore_alloc_hw(size_t priv_size, u32 aggr_buf_size,
475 u32 mbox_size);
420int wlcore_free_hw(struct wl1271 *wl); 476int wlcore_free_hw(struct wl1271 *wl);
421int wlcore_set_key(struct wl1271 *wl, enum set_key_cmd cmd, 477int wlcore_set_key(struct wl1271 *wl, enum set_key_cmd cmd,
422 struct ieee80211_vif *vif, 478 struct ieee80211_vif *vif,
423 struct ieee80211_sta *sta, 479 struct ieee80211_sta *sta,
424 struct ieee80211_key_conf *key_conf); 480 struct ieee80211_key_conf *key_conf);
481void wlcore_regdomain_config(struct wl1271 *wl);
425 482
426static inline void 483static inline void
427wlcore_set_ht_cap(struct wl1271 *wl, enum ieee80211_band band, 484wlcore_set_ht_cap(struct wl1271 *wl, enum ieee80211_band band,
@@ -430,16 +487,27 @@ wlcore_set_ht_cap(struct wl1271 *wl, enum ieee80211_band band,
430 memcpy(&wl->ht_cap[band], ht_cap, sizeof(*ht_cap)); 487 memcpy(&wl->ht_cap[band], ht_cap, sizeof(*ht_cap));
431} 488}
432 489
490/* Tell wlcore not to care about this element when checking the version */
491#define WLCORE_FW_VER_IGNORE -1
492
433static inline void 493static inline void
434wlcore_set_min_fw_ver(struct wl1271 *wl, unsigned int chip, 494wlcore_set_min_fw_ver(struct wl1271 *wl, unsigned int chip,
435 unsigned int iftype, unsigned int major, 495 unsigned int iftype_sr, unsigned int major_sr,
436 unsigned int subtype, unsigned int minor) 496 unsigned int subtype_sr, unsigned int minor_sr,
497 unsigned int iftype_mr, unsigned int major_mr,
498 unsigned int subtype_mr, unsigned int minor_mr)
437{ 499{
438 wl->min_fw_ver[FW_VER_CHIP] = chip; 500 wl->min_sr_fw_ver[FW_VER_CHIP] = chip;
439 wl->min_fw_ver[FW_VER_IF_TYPE] = iftype; 501 wl->min_sr_fw_ver[FW_VER_IF_TYPE] = iftype_sr;
440 wl->min_fw_ver[FW_VER_MAJOR] = major; 502 wl->min_sr_fw_ver[FW_VER_MAJOR] = major_sr;
441 wl->min_fw_ver[FW_VER_SUBTYPE] = subtype; 503 wl->min_sr_fw_ver[FW_VER_SUBTYPE] = subtype_sr;
442 wl->min_fw_ver[FW_VER_MINOR] = minor; 504 wl->min_sr_fw_ver[FW_VER_MINOR] = minor_sr;
505
506 wl->min_mr_fw_ver[FW_VER_CHIP] = chip;
507 wl->min_mr_fw_ver[FW_VER_IF_TYPE] = iftype_mr;
508 wl->min_mr_fw_ver[FW_VER_MAJOR] = major_mr;
509 wl->min_mr_fw_ver[FW_VER_SUBTYPE] = subtype_mr;
510 wl->min_mr_fw_ver[FW_VER_MINOR] = minor_mr;
443} 511}
444 512
445/* Firmware image load chunk size */ 513/* Firmware image load chunk size */
@@ -450,6 +518,9 @@ wlcore_set_min_fw_ver(struct wl1271 *wl, unsigned int chip,
450/* Each RX/TX transaction requires an end-of-transaction transfer */ 518/* Each RX/TX transaction requires an end-of-transaction transfer */
451#define WLCORE_QUIRK_END_OF_TRANSACTION BIT(0) 519#define WLCORE_QUIRK_END_OF_TRANSACTION BIT(0)
452 520
521/* the first start_role(sta) sometimes doesn't work on wl12xx */
522#define WLCORE_QUIRK_START_STA_FAILS BIT(1)
523
453/* wl127x and SPI don't support SDIO block size alignment */ 524/* wl127x and SPI don't support SDIO block size alignment */
454#define WLCORE_QUIRK_TX_BLOCKSIZE_ALIGN BIT(2) 525#define WLCORE_QUIRK_TX_BLOCKSIZE_ALIGN BIT(2)
455 526
@@ -462,9 +533,6 @@ wlcore_set_min_fw_ver(struct wl1271 *wl, unsigned int chip,
462/* Older firmwares use an old NVS format */ 533/* Older firmwares use an old NVS format */
463#define WLCORE_QUIRK_LEGACY_NVS BIT(5) 534#define WLCORE_QUIRK_LEGACY_NVS BIT(5)
464 535
465/* Some firmwares may not support ELP */
466#define WLCORE_QUIRK_NO_ELP BIT(6)
467
468/* pad only the last frame in the aggregate buffer */ 536/* pad only the last frame in the aggregate buffer */
469#define WLCORE_QUIRK_TX_PAD_LAST_FRAME BIT(7) 537#define WLCORE_QUIRK_TX_PAD_LAST_FRAME BIT(7)
470 538
@@ -477,11 +545,11 @@ wlcore_set_min_fw_ver(struct wl1271 *wl, unsigned int chip,
477/* separate probe response templates for one-shot and sched scans */ 545/* separate probe response templates for one-shot and sched scans */
478#define WLCORE_QUIRK_DUAL_PROBE_TMPL BIT(10) 546#define WLCORE_QUIRK_DUAL_PROBE_TMPL BIT(10)
479 547
480/* TODO: move to the lower drivers when all usages are abstracted */ 548/* Firmware requires reg domain configuration for active calibration */
481#define CHIP_ID_1271_PG10 (0x4030101) 549#define WLCORE_QUIRK_REGDOMAIN_CONF BIT(11)
482#define CHIP_ID_1271_PG20 (0x4030111) 550
483#define CHIP_ID_1283_PG10 (0x05030101) 551/* The FW only support a zero session id for AP */
484#define CHIP_ID_1283_PG20 (0x05030111) 552#define WLCORE_QUIRK_AP_ZERO_SESSION_ID BIT(12)
485 553
486/* TODO: move all these common registers and values elsewhere */ 554/* TODO: move all these common registers and values elsewhere */
487#define HW_ACCESS_ELP_CTRL_REG 0x1FFFC 555#define HW_ACCESS_ELP_CTRL_REG 0x1FFFC
diff --git a/drivers/net/wireless/ti/wlcore/wlcore_i.h b/drivers/net/wireless/ti/wlcore/wlcore_i.h
index 6678d4b18611..20316ac328a2 100644
--- a/drivers/net/wireless/ti/wlcore/wlcore_i.h
+++ b/drivers/net/wireless/ti/wlcore/wlcore_i.h
@@ -109,17 +109,6 @@ enum {
109 NUM_FW_VER 109 NUM_FW_VER
110}; 110};
111 111
112#define FW_VER_CHIP_WL127X 6
113#define FW_VER_CHIP_WL128X 7
114
115#define FW_VER_IF_TYPE_STA 1
116#define FW_VER_IF_TYPE_AP 2
117
118#define FW_VER_MINOR_1_SPARE_STA_MIN 58
119#define FW_VER_MINOR_1_SPARE_AP_MIN 47
120
121#define FW_VER_MINOR_FWLOG_STA_MIN 70
122
123struct wl1271_chip { 112struct wl1271_chip {
124 u32 id; 113 u32 id;
125 char fw_ver_str[ETHTOOL_BUSINFO_LEN]; 114 char fw_ver_str[ETHTOOL_BUSINFO_LEN];
@@ -141,7 +130,10 @@ struct wl_fw_packet_counters {
141 /* Cumulative counter of released Voice memory blocks */ 130 /* Cumulative counter of released Voice memory blocks */
142 u8 tx_voice_released_blks; 131 u8 tx_voice_released_blks;
143 132
144 u8 padding[3]; 133 /* Tx rate of the last transmitted packet */
134 u8 tx_last_rate;
135
136 u8 padding[2];
145} __packed; 137} __packed;
146 138
147/* FW status registers */ 139/* FW status registers */
@@ -260,6 +252,8 @@ enum wl12xx_vif_flags {
260 WLVIF_FLAG_IN_USE, 252 WLVIF_FLAG_IN_USE,
261}; 253};
262 254
255struct wl12xx_vif;
256
263struct wl1271_link { 257struct wl1271_link {
264 /* AP-mode - TX queue per AC in link */ 258 /* AP-mode - TX queue per AC in link */
265 struct sk_buff_head tx_queue[NUM_TX_QUEUES]; 259 struct sk_buff_head tx_queue[NUM_TX_QUEUES];
@@ -272,6 +266,9 @@ struct wl1271_link {
272 266
273 /* bitmap of TIDs where RX BA sessions are active for this link */ 267 /* bitmap of TIDs where RX BA sessions are active for this link */
274 u8 ba_bitmap; 268 u8 ba_bitmap;
269
270 /* The wlvif this link belongs to. Might be null for global links */
271 struct wl12xx_vif *wlvif;
275}; 272};
276 273
277#define WL1271_MAX_RX_FILTERS 5 274#define WL1271_MAX_RX_FILTERS 5
@@ -315,6 +312,7 @@ struct wl12xx_rx_filter {
315 312
316struct wl1271_station { 313struct wl1271_station {
317 u8 hlid; 314 u8 hlid;
315 bool in_connection;
318}; 316};
319 317
320struct wl12xx_vif { 318struct wl12xx_vif {
@@ -332,7 +330,6 @@ struct wl12xx_vif {
332 union { 330 union {
333 struct { 331 struct {
334 u8 hlid; 332 u8 hlid;
335 u8 ba_rx_bitmap;
336 333
337 u8 basic_rate_idx; 334 u8 basic_rate_idx;
338 u8 ap_rate_idx; 335 u8 ap_rate_idx;
@@ -341,6 +338,8 @@ struct wl12xx_vif {
341 u8 klv_template_id; 338 u8 klv_template_id;
342 339
343 bool qos; 340 bool qos;
341 /* channel type we started the STA role with */
342 enum nl80211_channel_type role_chan_type;
344 } sta; 343 } sta;
345 struct { 344 struct {
346 u8 global_hlid; 345 u8 global_hlid;
@@ -362,6 +361,9 @@ struct wl12xx_vif {
362 /* the hlid of the last transmitted skb */ 361 /* the hlid of the last transmitted skb */
363 int last_tx_hlid; 362 int last_tx_hlid;
364 363
364 /* counters of packets per AC, across all links in the vif */
365 int tx_queue_count[NUM_TX_QUEUES];
366
365 unsigned long links_map[BITS_TO_LONGS(WL12XX_MAX_LINKS)]; 367 unsigned long links_map[BITS_TO_LONGS(WL12XX_MAX_LINKS)];
366 368
367 u8 ssid[IEEE80211_MAX_SSID_LEN + 1]; 369 u8 ssid[IEEE80211_MAX_SSID_LEN + 1];
@@ -396,9 +398,6 @@ struct wl12xx_vif {
396 /* Our association ID */ 398 /* Our association ID */
397 u16 aid; 399 u16 aid;
398 400
399 /* Session counter for the chipset */
400 int session_counter;
401
402 /* retry counter for PSM entries */ 401 /* retry counter for PSM entries */
403 u8 psm_entry_retry; 402 u8 psm_entry_retry;
404 403
@@ -416,11 +415,28 @@ struct wl12xx_vif {
416 bool ba_support; 415 bool ba_support;
417 bool ba_allowed; 416 bool ba_allowed;
418 417
418 bool wmm_enabled;
419
419 /* Rx Streaming */ 420 /* Rx Streaming */
420 struct work_struct rx_streaming_enable_work; 421 struct work_struct rx_streaming_enable_work;
421 struct work_struct rx_streaming_disable_work; 422 struct work_struct rx_streaming_disable_work;
422 struct timer_list rx_streaming_timer; 423 struct timer_list rx_streaming_timer;
423 424
425 struct delayed_work channel_switch_work;
426 struct delayed_work connection_loss_work;
427
428 /* number of in connection stations */
429 int inconn_count;
430
431 /*
432 * This vif's queues are mapped to mac80211 HW queues as:
433 * VO - hw_queue_base
434 * VI - hw_queue_base + 1
435 * BE - hw_queue_base + 2
436 * BK - hw_queue_base + 3
437 */
438 int hw_queue_base;
439
424 /* 440 /*
425 * This struct must be last! 441 * This struct must be last!
426 * data that has to be saved acrossed reconfigs (e.g. recovery) 442 * data that has to be saved acrossed reconfigs (e.g. recovery)
@@ -443,6 +459,7 @@ struct wl12xx_vif {
443 459
444static inline struct wl12xx_vif *wl12xx_vif_to_data(struct ieee80211_vif *vif) 460static inline struct wl12xx_vif *wl12xx_vif_to_data(struct ieee80211_vif *vif)
445{ 461{
462 WARN_ON(!vif);
446 return (struct wl12xx_vif *)vif->drv_priv; 463 return (struct wl12xx_vif *)vif->drv_priv;
447} 464}
448 465
diff --git a/drivers/nfc/Kconfig b/drivers/nfc/Kconfig
index ec857676c39f..80c728b28828 100644
--- a/drivers/nfc/Kconfig
+++ b/drivers/nfc/Kconfig
@@ -5,19 +5,6 @@
5menu "Near Field Communication (NFC) devices" 5menu "Near Field Communication (NFC) devices"
6 depends on NFC 6 depends on NFC
7 7
8config PN544_HCI_NFC
9 tristate "HCI PN544 NFC driver"
10 depends on I2C && NFC_HCI && NFC_SHDLC
11 select CRC_CCITT
12 default n
13 ---help---
14 NXP PN544 i2c driver.
15 This is a driver based on the SHDLC and HCI NFC kernel layers and
16 will thus not work with NXP libnfc library.
17
18 To compile this driver as a module, choose m here. The module will
19 be called pn544_hci.
20
21config NFC_PN533 8config NFC_PN533
22 tristate "NXP PN533 USB driver" 9 tristate "NXP PN533 USB driver"
23 depends on USB 10 depends on USB
@@ -39,4 +26,6 @@ config NFC_WILINK
39 Say Y here to compile support for Texas Instrument's NFC WiLink driver 26 Say Y here to compile support for Texas Instrument's NFC WiLink driver
40 into the kernel or say M to compile it as module. 27 into the kernel or say M to compile it as module.
41 28
29source "drivers/nfc/pn544/Kconfig"
30
42endmenu 31endmenu
diff --git a/drivers/nfc/Makefile b/drivers/nfc/Makefile
index 36c359043f54..574bbc04d97a 100644
--- a/drivers/nfc/Makefile
+++ b/drivers/nfc/Makefile
@@ -2,7 +2,7 @@
2# Makefile for nfc devices 2# Makefile for nfc devices
3# 3#
4 4
5obj-$(CONFIG_PN544_HCI_NFC) += pn544/ 5obj-$(CONFIG_NFC_PN544) += pn544/
6obj-$(CONFIG_NFC_PN533) += pn533.o 6obj-$(CONFIG_NFC_PN533) += pn533.o
7obj-$(CONFIG_NFC_WILINK) += nfcwilink.o 7obj-$(CONFIG_NFC_WILINK) += nfcwilink.o
8 8
diff --git a/drivers/nfc/nfcwilink.c b/drivers/nfc/nfcwilink.c
index 50b1ee41afc6..3b731acbc408 100644
--- a/drivers/nfc/nfcwilink.c
+++ b/drivers/nfc/nfcwilink.c
@@ -526,7 +526,7 @@ static int nfcwilink_probe(struct platform_device *pdev)
526 526
527 nfc_dev_dbg(&pdev->dev, "probe entry"); 527 nfc_dev_dbg(&pdev->dev, "probe entry");
528 528
529 drv = kzalloc(sizeof(struct nfcwilink), GFP_KERNEL); 529 drv = devm_kzalloc(&pdev->dev, sizeof(struct nfcwilink), GFP_KERNEL);
530 if (!drv) { 530 if (!drv) {
531 rc = -ENOMEM; 531 rc = -ENOMEM;
532 goto exit; 532 goto exit;
@@ -542,12 +542,13 @@ static int nfcwilink_probe(struct platform_device *pdev)
542 542
543 drv->ndev = nci_allocate_device(&nfcwilink_ops, 543 drv->ndev = nci_allocate_device(&nfcwilink_ops,
544 protocols, 544 protocols,
545 NFC_SE_NONE,
545 NFCWILINK_HDR_LEN, 546 NFCWILINK_HDR_LEN,
546 0); 547 0);
547 if (!drv->ndev) { 548 if (!drv->ndev) {
548 nfc_dev_err(&pdev->dev, "nci_allocate_device failed"); 549 nfc_dev_err(&pdev->dev, "nci_allocate_device failed");
549 rc = -ENOMEM; 550 rc = -ENOMEM;
550 goto free_exit; 551 goto exit;
551 } 552 }
552 553
553 nci_set_parent_dev(drv->ndev, &pdev->dev); 554 nci_set_parent_dev(drv->ndev, &pdev->dev);
@@ -566,9 +567,6 @@ static int nfcwilink_probe(struct platform_device *pdev)
566free_dev_exit: 567free_dev_exit:
567 nci_free_device(drv->ndev); 568 nci_free_device(drv->ndev);
568 569
569free_exit:
570 kfree(drv);
571
572exit: 570exit:
573 return rc; 571 return rc;
574} 572}
@@ -588,8 +586,6 @@ static int nfcwilink_remove(struct platform_device *pdev)
588 nci_unregister_device(ndev); 586 nci_unregister_device(ndev);
589 nci_free_device(ndev); 587 nci_free_device(ndev);
590 588
591 kfree(drv);
592
593 dev_set_drvdata(&pdev->dev, NULL); 589 dev_set_drvdata(&pdev->dev, NULL);
594 590
595 return 0; 591 return 0;
diff --git a/drivers/nfc/pn533.c b/drivers/nfc/pn533.c
index ada681b01a17..f696318cfb51 100644
--- a/drivers/nfc/pn533.c
+++ b/drivers/nfc/pn533.c
@@ -41,11 +41,6 @@
41#define SONY_VENDOR_ID 0x054c 41#define SONY_VENDOR_ID 0x054c
42#define PASORI_PRODUCT_ID 0x02e1 42#define PASORI_PRODUCT_ID 0x02e1
43 43
44#define PN533_QUIRKS_TYPE_A BIT(0)
45#define PN533_QUIRKS_TYPE_F BIT(1)
46#define PN533_QUIRKS_DEP BIT(2)
47#define PN533_QUIRKS_RAW_EXCHANGE BIT(3)
48
49#define PN533_DEVICE_STD 0x1 44#define PN533_DEVICE_STD 0x1
50#define PN533_DEVICE_PASORI 0x2 45#define PN533_DEVICE_PASORI 0x2
51 46
@@ -84,14 +79,18 @@ MODULE_DEVICE_TABLE(usb, pn533_table);
84#define PN533_LISTEN_TIME 2 79#define PN533_LISTEN_TIME 2
85 80
86/* frame definitions */ 81/* frame definitions */
87#define PN533_NORMAL_FRAME_MAX_LEN 262 /* 6 (PREAMBLE, SOF, LEN, LCS, TFI) 82#define PN533_FRAME_HEADER_LEN (sizeof(struct pn533_frame) \
88 254 (DATA) 83 + 2) /* data[0] TFI, data[1] CC */
89 2 (DCS, postamble) */ 84#define PN533_FRAME_TAIL_LEN 2 /* data[len] DCS, data[len + 1] postamble*/
90 85
91#define PN533_FRAME_TAIL_SIZE 2 86/*
92#define PN533_FRAME_SIZE(f) (sizeof(struct pn533_frame) + f->datalen + \ 87 * Max extended frame payload len, excluding TFI and CC
93 PN533_FRAME_TAIL_SIZE) 88 * which are already in PN533_FRAME_HEADER_LEN.
94#define PN533_FRAME_ACK_SIZE (sizeof(struct pn533_frame) + 1) 89 */
90#define PN533_FRAME_MAX_PAYLOAD_LEN 263
91
92#define PN533_FRAME_ACK_SIZE 6 /* Preamble (1), SoPC (2), ACK Code (2),
93 Postamble (1) */
95#define PN533_FRAME_CHECKSUM(f) (f->data[f->datalen]) 94#define PN533_FRAME_CHECKSUM(f) (f->data[f->datalen])
96#define PN533_FRAME_POSTAMBLE(f) (f->data[f->datalen + 1]) 95#define PN533_FRAME_POSTAMBLE(f) (f->data[f->datalen + 1])
97 96
@@ -105,8 +104,6 @@ MODULE_DEVICE_TABLE(usb, pn533_table);
105 104
106/* PN533 Commands */ 105/* PN533 Commands */
107#define PN533_FRAME_CMD(f) (f->data[1]) 106#define PN533_FRAME_CMD(f) (f->data[1])
108#define PN533_FRAME_CMD_PARAMS_PTR(f) (&f->data[2])
109#define PN533_FRAME_CMD_PARAMS_LEN(f) (f->datalen - 2)
110 107
111#define PN533_CMD_GET_FIRMWARE_VERSION 0x02 108#define PN533_CMD_GET_FIRMWARE_VERSION 0x02
112#define PN533_CMD_RF_CONFIGURATION 0x32 109#define PN533_CMD_RF_CONFIGURATION 0x32
@@ -120,6 +117,7 @@ MODULE_DEVICE_TABLE(usb, pn533_table);
120#define PN533_CMD_TG_INIT_AS_TARGET 0x8c 117#define PN533_CMD_TG_INIT_AS_TARGET 0x8c
121#define PN533_CMD_TG_GET_DATA 0x86 118#define PN533_CMD_TG_GET_DATA 0x86
122#define PN533_CMD_TG_SET_DATA 0x8e 119#define PN533_CMD_TG_SET_DATA 0x8e
120#define PN533_CMD_UNDEF 0xff
123 121
124#define PN533_CMD_RESPONSE(cmd) (cmd + 1) 122#define PN533_CMD_RESPONSE(cmd) (cmd + 1)
125 123
@@ -128,13 +126,12 @@ MODULE_DEVICE_TABLE(usb, pn533_table);
128#define PN533_CMD_MI_MASK 0x40 126#define PN533_CMD_MI_MASK 0x40
129#define PN533_CMD_RET_SUCCESS 0x00 127#define PN533_CMD_RET_SUCCESS 0x00
130 128
131/* PN533 status codes */
132#define PN533_STATUS_TARGET_RELEASED 0x29
133
134struct pn533; 129struct pn533;
135 130
136typedef int (*pn533_cmd_complete_t) (struct pn533 *dev, void *arg, 131typedef int (*pn533_cmd_complete_t) (struct pn533 *dev, void *arg, int status);
137 u8 *params, int params_len); 132
133typedef int (*pn533_send_async_complete_t) (struct pn533 *dev, void *arg,
134 struct sk_buff *resp);
138 135
139/* structs for pn533 commands */ 136/* structs for pn533 commands */
140 137
@@ -282,11 +279,6 @@ const struct pn533_poll_modulations poll_mod[] = {
282 279
283/* PN533_CMD_IN_ATR */ 280/* PN533_CMD_IN_ATR */
284 281
285struct pn533_cmd_activate_param {
286 u8 tg;
287 u8 next;
288} __packed;
289
290struct pn533_cmd_activate_response { 282struct pn533_cmd_activate_response {
291 u8 status; 283 u8 status;
292 u8 nfcid3t[10]; 284 u8 nfcid3t[10];
@@ -299,14 +291,6 @@ struct pn533_cmd_activate_response {
299 u8 gt[]; 291 u8 gt[];
300} __packed; 292} __packed;
301 293
302/* PN533_CMD_IN_JUMP_FOR_DEP */
303struct pn533_cmd_jump_dep {
304 u8 active;
305 u8 baud;
306 u8 next;
307 u8 data[];
308} __packed;
309
310struct pn533_cmd_jump_dep_response { 294struct pn533_cmd_jump_dep_response {
311 u8 status; 295 u8 status;
312 u8 tg; 296 u8 tg;
@@ -329,32 +313,13 @@ struct pn533_cmd_jump_dep_response {
329#define PN533_INIT_TARGET_RESP_ACTIVE 0x1 313#define PN533_INIT_TARGET_RESP_ACTIVE 0x1
330#define PN533_INIT_TARGET_RESP_DEP 0x4 314#define PN533_INIT_TARGET_RESP_DEP 0x4
331 315
332struct pn533_cmd_init_target {
333 u8 mode;
334 u8 mifare[6];
335 u8 felica[18];
336 u8 nfcid3[10];
337 u8 gb_len;
338 u8 gb[];
339} __packed;
340
341struct pn533_cmd_init_target_response {
342 u8 mode;
343 u8 cmd[];
344} __packed;
345
346struct pn533 { 316struct pn533 {
347 struct usb_device *udev; 317 struct usb_device *udev;
348 struct usb_interface *interface; 318 struct usb_interface *interface;
349 struct nfc_dev *nfc_dev; 319 struct nfc_dev *nfc_dev;
350 320
351 struct urb *out_urb; 321 struct urb *out_urb;
352 int out_maxlen;
353 struct pn533_frame *out_frame;
354
355 struct urb *in_urb; 322 struct urb *in_urb;
356 int in_maxlen;
357 struct pn533_frame *in_frame;
358 323
359 struct sk_buff_head resp_q; 324 struct sk_buff_head resp_q;
360 325
@@ -365,12 +330,12 @@ struct pn533 {
365 struct work_struct mi_work; 330 struct work_struct mi_work;
366 struct work_struct tg_work; 331 struct work_struct tg_work;
367 struct timer_list listen_timer; 332 struct timer_list listen_timer;
368 struct pn533_frame *wq_in_frame;
369 int wq_in_error; 333 int wq_in_error;
370 int cancel_listen; 334 int cancel_listen;
371 335
372 pn533_cmd_complete_t cmd_complete; 336 pn533_cmd_complete_t cmd_complete;
373 void *cmd_complete_arg; 337 void *cmd_complete_arg;
338 void *cmd_complete_mi_arg;
374 struct mutex cmd_lock; 339 struct mutex cmd_lock;
375 u8 cmd; 340 u8 cmd;
376 341
@@ -391,16 +356,17 @@ struct pn533 {
391 356
392 struct list_head cmd_queue; 357 struct list_head cmd_queue;
393 u8 cmd_pending; 358 u8 cmd_pending;
359
360 struct pn533_frame_ops *ops;
394}; 361};
395 362
396struct pn533_cmd { 363struct pn533_cmd {
397 struct list_head queue; 364 struct list_head queue;
398 struct pn533_frame *out_frame; 365 u8 cmd_code;
399 struct pn533_frame *in_frame; 366 struct sk_buff *req;
400 int in_frame_len; 367 struct sk_buff *resp;
401 pn533_cmd_complete_t cmd_complete; 368 int resp_len;
402 void *arg; 369 void *arg;
403 gfp_t flags;
404}; 370};
405 371
406struct pn533_frame { 372struct pn533_frame {
@@ -411,6 +377,22 @@ struct pn533_frame {
411 u8 data[]; 377 u8 data[];
412} __packed; 378} __packed;
413 379
380struct pn533_frame_ops {
381 void (*tx_frame_init)(void *frame, u8 cmd_code);
382 void (*tx_frame_finish)(void *frame);
383 void (*tx_update_payload_len)(void *frame, int len);
384 int tx_header_len;
385 int tx_tail_len;
386
387 bool (*rx_is_frame_valid)(void *frame);
388 int (*rx_frame_size)(void *frame);
389 int rx_header_len;
390 int rx_tail_len;
391
392 int max_payload_len;
393 u8 (*get_cmd_code)(void *frame);
394};
395
414/* The rule: value + checksum = 0 */ 396/* The rule: value + checksum = 0 */
415static inline u8 pn533_checksum(u8 value) 397static inline u8 pn533_checksum(u8 value)
416{ 398{
@@ -429,37 +411,21 @@ static u8 pn533_data_checksum(u8 *data, int datalen)
429 return pn533_checksum(sum); 411 return pn533_checksum(sum);
430} 412}
431 413
432/** 414static void pn533_tx_frame_init(void *_frame, u8 cmd_code)
433 * pn533_tx_frame_ack - create a ack frame
434 * @frame: The frame to be set as ack
435 *
436 * Ack is different type of standard frame. As a standard frame, it has
437 * preamble and start_frame. However the checksum of this frame must fail,
438 * i.e. datalen + datalen_checksum must NOT be zero. When the checksum test
439 * fails and datalen = 0 and datalen_checksum = 0xFF, the frame is a ack.
440 * After datalen_checksum field, the postamble is placed.
441 */
442static void pn533_tx_frame_ack(struct pn533_frame *frame)
443{ 415{
444 frame->preamble = 0; 416 struct pn533_frame *frame = _frame;
445 frame->start_frame = cpu_to_be16(PN533_SOF);
446 frame->datalen = 0;
447 frame->datalen_checksum = 0xFF;
448 /* data[0] is used as postamble */
449 frame->data[0] = 0;
450}
451 417
452static void pn533_tx_frame_init(struct pn533_frame *frame, u8 cmd)
453{
454 frame->preamble = 0; 418 frame->preamble = 0;
455 frame->start_frame = cpu_to_be16(PN533_SOF); 419 frame->start_frame = cpu_to_be16(PN533_SOF);
456 PN533_FRAME_IDENTIFIER(frame) = PN533_DIR_OUT; 420 PN533_FRAME_IDENTIFIER(frame) = PN533_DIR_OUT;
457 PN533_FRAME_CMD(frame) = cmd; 421 PN533_FRAME_CMD(frame) = cmd_code;
458 frame->datalen = 2; 422 frame->datalen = 2;
459} 423}
460 424
461static void pn533_tx_frame_finish(struct pn533_frame *frame) 425static void pn533_tx_frame_finish(void *_frame)
462{ 426{
427 struct pn533_frame *frame = _frame;
428
463 frame->datalen_checksum = pn533_checksum(frame->datalen); 429 frame->datalen_checksum = pn533_checksum(frame->datalen);
464 430
465 PN533_FRAME_CHECKSUM(frame) = 431 PN533_FRAME_CHECKSUM(frame) =
@@ -468,9 +434,17 @@ static void pn533_tx_frame_finish(struct pn533_frame *frame)
468 PN533_FRAME_POSTAMBLE(frame) = 0; 434 PN533_FRAME_POSTAMBLE(frame) = 0;
469} 435}
470 436
471static bool pn533_rx_frame_is_valid(struct pn533_frame *frame) 437static void pn533_tx_update_payload_len(void *_frame, int len)
438{
439 struct pn533_frame *frame = _frame;
440
441 frame->datalen += len;
442}
443
444static bool pn533_rx_frame_is_valid(void *_frame)
472{ 445{
473 u8 checksum; 446 u8 checksum;
447 struct pn533_frame *frame = _frame;
474 448
475 if (frame->start_frame != cpu_to_be16(PN533_SOF)) 449 if (frame->start_frame != cpu_to_be16(PN533_SOF))
476 return false; 450 return false;
@@ -497,28 +471,48 @@ static bool pn533_rx_frame_is_ack(struct pn533_frame *frame)
497 return true; 471 return true;
498} 472}
499 473
500static bool pn533_rx_frame_is_cmd_response(struct pn533_frame *frame, u8 cmd) 474static inline int pn533_rx_frame_size(void *frame)
475{
476 struct pn533_frame *f = frame;
477
478 return sizeof(struct pn533_frame) + f->datalen + PN533_FRAME_TAIL_LEN;
479}
480
481static u8 pn533_get_cmd_code(void *frame)
482{
483 struct pn533_frame *f = frame;
484
485 return PN533_FRAME_CMD(f);
486}
487
488struct pn533_frame_ops pn533_std_frame_ops = {
489 .tx_frame_init = pn533_tx_frame_init,
490 .tx_frame_finish = pn533_tx_frame_finish,
491 .tx_update_payload_len = pn533_tx_update_payload_len,
492 .tx_header_len = PN533_FRAME_HEADER_LEN,
493 .tx_tail_len = PN533_FRAME_TAIL_LEN,
494
495 .rx_is_frame_valid = pn533_rx_frame_is_valid,
496 .rx_frame_size = pn533_rx_frame_size,
497 .rx_header_len = PN533_FRAME_HEADER_LEN,
498 .rx_tail_len = PN533_FRAME_TAIL_LEN,
499
500 .max_payload_len = PN533_FRAME_MAX_PAYLOAD_LEN,
501 .get_cmd_code = pn533_get_cmd_code,
502};
503
504static bool pn533_rx_frame_is_cmd_response(struct pn533 *dev, void *frame)
501{ 505{
502 return (PN533_FRAME_CMD(frame) == PN533_CMD_RESPONSE(cmd)); 506 return (dev->ops->get_cmd_code(frame) == PN533_CMD_RESPONSE(dev->cmd));
503} 507}
504 508
505 509
506static void pn533_wq_cmd_complete(struct work_struct *work) 510static void pn533_wq_cmd_complete(struct work_struct *work)
507{ 511{
508 struct pn533 *dev = container_of(work, struct pn533, cmd_complete_work); 512 struct pn533 *dev = container_of(work, struct pn533, cmd_complete_work);
509 struct pn533_frame *in_frame;
510 int rc; 513 int rc;
511 514
512 in_frame = dev->wq_in_frame; 515 rc = dev->cmd_complete(dev, dev->cmd_complete_arg, dev->wq_in_error);
513
514 if (dev->wq_in_error)
515 rc = dev->cmd_complete(dev, dev->cmd_complete_arg, NULL,
516 dev->wq_in_error);
517 else
518 rc = dev->cmd_complete(dev, dev->cmd_complete_arg,
519 PN533_FRAME_CMD_PARAMS_PTR(in_frame),
520 PN533_FRAME_CMD_PARAMS_LEN(in_frame));
521
522 if (rc != -EINPROGRESS) 516 if (rc != -EINPROGRESS)
523 queue_work(dev->wq, &dev->cmd_work); 517 queue_work(dev->wq, &dev->cmd_work);
524} 518}
@@ -526,46 +520,47 @@ static void pn533_wq_cmd_complete(struct work_struct *work)
526static void pn533_recv_response(struct urb *urb) 520static void pn533_recv_response(struct urb *urb)
527{ 521{
528 struct pn533 *dev = urb->context; 522 struct pn533 *dev = urb->context;
529 struct pn533_frame *in_frame; 523 u8 *in_frame;
530
531 dev->wq_in_frame = NULL;
532 524
533 switch (urb->status) { 525 switch (urb->status) {
534 case 0: 526 case 0:
535 /* success */ 527 break; /* success */
536 break;
537 case -ECONNRESET: 528 case -ECONNRESET:
538 case -ENOENT: 529 case -ENOENT:
539 case -ESHUTDOWN: 530 nfc_dev_dbg(&dev->interface->dev,
540 nfc_dev_dbg(&dev->interface->dev, "Urb shutting down with" 531 "The urb has been canceled (status %d)",
541 " status: %d", urb->status); 532 urb->status);
542 dev->wq_in_error = urb->status; 533 dev->wq_in_error = urb->status;
543 goto sched_wq; 534 goto sched_wq;
535 break;
536 case -ESHUTDOWN:
544 default: 537 default:
545 nfc_dev_err(&dev->interface->dev, "Nonzero urb status received:" 538 nfc_dev_err(&dev->interface->dev,
546 " %d", urb->status); 539 "Urb failure (status %d)", urb->status);
547 dev->wq_in_error = urb->status; 540 dev->wq_in_error = urb->status;
548 goto sched_wq; 541 goto sched_wq;
549 } 542 }
550 543
551 in_frame = dev->in_urb->transfer_buffer; 544 in_frame = dev->in_urb->transfer_buffer;
552 545
553 if (!pn533_rx_frame_is_valid(in_frame)) { 546 nfc_dev_dbg(&dev->interface->dev, "Received a frame.");
547 print_hex_dump(KERN_DEBUG, "PN533 RX: ", DUMP_PREFIX_NONE, 16, 1,
548 in_frame, dev->ops->rx_frame_size(in_frame), false);
549
550 if (!dev->ops->rx_is_frame_valid(in_frame)) {
554 nfc_dev_err(&dev->interface->dev, "Received an invalid frame"); 551 nfc_dev_err(&dev->interface->dev, "Received an invalid frame");
555 dev->wq_in_error = -EIO; 552 dev->wq_in_error = -EIO;
556 goto sched_wq; 553 goto sched_wq;
557 } 554 }
558 555
559 if (!pn533_rx_frame_is_cmd_response(in_frame, dev->cmd)) { 556 if (!pn533_rx_frame_is_cmd_response(dev, in_frame)) {
560 nfc_dev_err(&dev->interface->dev, "The received frame is not " 557 nfc_dev_err(&dev->interface->dev,
561 "response to the last command"); 558 "It it not the response to the last command");
562 dev->wq_in_error = -EIO; 559 dev->wq_in_error = -EIO;
563 goto sched_wq; 560 goto sched_wq;
564 } 561 }
565 562
566 nfc_dev_dbg(&dev->interface->dev, "Received a valid frame");
567 dev->wq_in_error = 0; 563 dev->wq_in_error = 0;
568 dev->wq_in_frame = in_frame;
569 564
570sched_wq: 565sched_wq:
571 queue_work(dev->wq, &dev->cmd_complete_work); 566 queue_work(dev->wq, &dev->cmd_complete_work);
@@ -586,18 +581,19 @@ static void pn533_recv_ack(struct urb *urb)
586 581
587 switch (urb->status) { 582 switch (urb->status) {
588 case 0: 583 case 0:
589 /* success */ 584 break; /* success */
590 break;
591 case -ECONNRESET: 585 case -ECONNRESET:
592 case -ENOENT: 586 case -ENOENT:
593 case -ESHUTDOWN: 587 nfc_dev_dbg(&dev->interface->dev,
594 nfc_dev_dbg(&dev->interface->dev, "Urb shutting down with" 588 "The urb has been stopped (status %d)",
595 " status: %d", urb->status); 589 urb->status);
596 dev->wq_in_error = urb->status; 590 dev->wq_in_error = urb->status;
597 goto sched_wq; 591 goto sched_wq;
592 break;
593 case -ESHUTDOWN:
598 default: 594 default:
599 nfc_dev_err(&dev->interface->dev, "Nonzero urb status received:" 595 nfc_dev_err(&dev->interface->dev,
600 " %d", urb->status); 596 "Urb failure (status %d)", urb->status);
601 dev->wq_in_error = urb->status; 597 dev->wq_in_error = urb->status;
602 goto sched_wq; 598 goto sched_wq;
603 } 599 }
@@ -610,12 +606,10 @@ static void pn533_recv_ack(struct urb *urb)
610 goto sched_wq; 606 goto sched_wq;
611 } 607 }
612 608
613 nfc_dev_dbg(&dev->interface->dev, "Received a valid ack");
614
615 rc = pn533_submit_urb_for_response(dev, GFP_ATOMIC); 609 rc = pn533_submit_urb_for_response(dev, GFP_ATOMIC);
616 if (rc) { 610 if (rc) {
617 nfc_dev_err(&dev->interface->dev, "usb_submit_urb failed with" 611 nfc_dev_err(&dev->interface->dev,
618 " result %d", rc); 612 "usb_submit_urb failed with result %d", rc);
619 dev->wq_in_error = rc; 613 dev->wq_in_error = rc;
620 goto sched_wq; 614 goto sched_wq;
621 } 615 }
@@ -623,7 +617,6 @@ static void pn533_recv_ack(struct urb *urb)
623 return; 617 return;
624 618
625sched_wq: 619sched_wq:
626 dev->wq_in_frame = NULL;
627 queue_work(dev->wq, &dev->cmd_complete_work); 620 queue_work(dev->wq, &dev->cmd_complete_work);
628} 621}
629 622
@@ -636,47 +629,46 @@ static int pn533_submit_urb_for_ack(struct pn533 *dev, gfp_t flags)
636 629
637static int pn533_send_ack(struct pn533 *dev, gfp_t flags) 630static int pn533_send_ack(struct pn533 *dev, gfp_t flags)
638{ 631{
632 u8 ack[PN533_FRAME_ACK_SIZE] = {0x00, 0x00, 0xff, 0x00, 0xff, 0x00};
633 /* spec 7.1.1.3: Preamble, SoPC (2), ACK Code (2), Postamble */
639 int rc; 634 int rc;
640 635
641 nfc_dev_dbg(&dev->interface->dev, "%s", __func__); 636 nfc_dev_dbg(&dev->interface->dev, "%s", __func__);
642 637
643 pn533_tx_frame_ack(dev->out_frame); 638 dev->out_urb->transfer_buffer = ack;
644 639 dev->out_urb->transfer_buffer_length = sizeof(ack);
645 dev->out_urb->transfer_buffer = dev->out_frame;
646 dev->out_urb->transfer_buffer_length = PN533_FRAME_ACK_SIZE;
647 rc = usb_submit_urb(dev->out_urb, flags); 640 rc = usb_submit_urb(dev->out_urb, flags);
648 641
649 return rc; 642 return rc;
650} 643}
651 644
652static int __pn533_send_cmd_frame_async(struct pn533 *dev, 645static int __pn533_send_frame_async(struct pn533 *dev,
653 struct pn533_frame *out_frame, 646 struct sk_buff *out,
654 struct pn533_frame *in_frame, 647 struct sk_buff *in,
655 int in_frame_len, 648 int in_len,
656 pn533_cmd_complete_t cmd_complete, 649 pn533_cmd_complete_t cmd_complete,
657 void *arg, gfp_t flags) 650 void *arg)
658{ 651{
659 int rc; 652 int rc;
660 653
661 nfc_dev_dbg(&dev->interface->dev, "Sending command 0x%x", 654 dev->cmd = dev->ops->get_cmd_code(out->data);
662 PN533_FRAME_CMD(out_frame));
663
664 dev->cmd = PN533_FRAME_CMD(out_frame);
665 dev->cmd_complete = cmd_complete; 655 dev->cmd_complete = cmd_complete;
666 dev->cmd_complete_arg = arg; 656 dev->cmd_complete_arg = arg;
667 657
668 dev->out_urb->transfer_buffer = out_frame; 658 dev->out_urb->transfer_buffer = out->data;
669 dev->out_urb->transfer_buffer_length = 659 dev->out_urb->transfer_buffer_length = out->len;
670 PN533_FRAME_SIZE(out_frame);
671 660
672 dev->in_urb->transfer_buffer = in_frame; 661 dev->in_urb->transfer_buffer = in->data;
673 dev->in_urb->transfer_buffer_length = in_frame_len; 662 dev->in_urb->transfer_buffer_length = in_len;
674 663
675 rc = usb_submit_urb(dev->out_urb, flags); 664 print_hex_dump(KERN_DEBUG, "PN533 TX: ", DUMP_PREFIX_NONE, 16, 1,
665 out->data, out->len, false);
666
667 rc = usb_submit_urb(dev->out_urb, GFP_KERNEL);
676 if (rc) 668 if (rc)
677 return rc; 669 return rc;
678 670
679 rc = pn533_submit_urb_for_ack(dev, flags); 671 rc = pn533_submit_urb_for_ack(dev, GFP_KERNEL);
680 if (rc) 672 if (rc)
681 goto error; 673 goto error;
682 674
@@ -687,146 +679,325 @@ error:
687 return rc; 679 return rc;
688} 680}
689 681
690static void pn533_wq_cmd(struct work_struct *work) 682static void pn533_build_cmd_frame(struct pn533 *dev, u8 cmd_code,
683 struct sk_buff *skb)
691{ 684{
692 struct pn533 *dev = container_of(work, struct pn533, cmd_work); 685 /* payload is already there, just update datalen */
693 struct pn533_cmd *cmd; 686 int payload_len = skb->len;
687 struct pn533_frame_ops *ops = dev->ops;
694 688
695 mutex_lock(&dev->cmd_lock);
696 689
697 if (list_empty(&dev->cmd_queue)) { 690 skb_push(skb, ops->tx_header_len);
698 dev->cmd_pending = 0; 691 skb_put(skb, ops->tx_tail_len);
699 mutex_unlock(&dev->cmd_lock);
700 return;
701 }
702 692
703 cmd = list_first_entry(&dev->cmd_queue, struct pn533_cmd, queue); 693 ops->tx_frame_init(skb->data, cmd_code);
694 ops->tx_update_payload_len(skb->data, payload_len);
695 ops->tx_frame_finish(skb->data);
696}
704 697
705 list_del(&cmd->queue); 698struct pn533_send_async_complete_arg {
699 pn533_send_async_complete_t complete_cb;
700 void *complete_cb_context;
701 struct sk_buff *resp;
702 struct sk_buff *req;
703};
706 704
707 mutex_unlock(&dev->cmd_lock); 705static int pn533_send_async_complete(struct pn533 *dev, void *_arg, int status)
706{
707 struct pn533_send_async_complete_arg *arg = _arg;
708 708
709 __pn533_send_cmd_frame_async(dev, cmd->out_frame, cmd->in_frame, 709 struct sk_buff *req = arg->req;
710 cmd->in_frame_len, cmd->cmd_complete, 710 struct sk_buff *resp = arg->resp;
711 cmd->arg, cmd->flags);
712 711
713 kfree(cmd); 712 int rc;
713
714 dev_kfree_skb(req);
715
716 if (status < 0) {
717 arg->complete_cb(dev, arg->complete_cb_context,
718 ERR_PTR(status));
719 dev_kfree_skb(resp);
720 kfree(arg);
721 return status;
722 }
723
724 skb_put(resp, dev->ops->rx_frame_size(resp->data));
725 skb_pull(resp, dev->ops->rx_header_len);
726 skb_trim(resp, resp->len - dev->ops->rx_tail_len);
727
728 rc = arg->complete_cb(dev, arg->complete_cb_context, resp);
729
730 kfree(arg);
731 return rc;
714} 732}
715 733
716static int pn533_send_cmd_frame_async(struct pn533 *dev, 734static int __pn533_send_async(struct pn533 *dev, u8 cmd_code,
717 struct pn533_frame *out_frame, 735 struct sk_buff *req, struct sk_buff *resp,
718 struct pn533_frame *in_frame, 736 int resp_len,
719 int in_frame_len, 737 pn533_send_async_complete_t complete_cb,
720 pn533_cmd_complete_t cmd_complete, 738 void *complete_cb_context)
721 void *arg, gfp_t flags)
722{ 739{
723 struct pn533_cmd *cmd; 740 struct pn533_cmd *cmd;
741 struct pn533_send_async_complete_arg *arg;
724 int rc = 0; 742 int rc = 0;
725 743
726 nfc_dev_dbg(&dev->interface->dev, "%s", __func__); 744 nfc_dev_dbg(&dev->interface->dev, "Sending command 0x%x", cmd_code);
745
746 arg = kzalloc(sizeof(*arg), GFP_KERNEL);
747 if (!arg)
748 return -ENOMEM;
749
750 arg->complete_cb = complete_cb;
751 arg->complete_cb_context = complete_cb_context;
752 arg->resp = resp;
753 arg->req = req;
754
755 pn533_build_cmd_frame(dev, cmd_code, req);
727 756
728 mutex_lock(&dev->cmd_lock); 757 mutex_lock(&dev->cmd_lock);
729 758
730 if (!dev->cmd_pending) { 759 if (!dev->cmd_pending) {
731 rc = __pn533_send_cmd_frame_async(dev, out_frame, in_frame, 760 rc = __pn533_send_frame_async(dev, req, resp, resp_len,
732 in_frame_len, cmd_complete, 761 pn533_send_async_complete, arg);
733 arg, flags); 762 if (rc)
734 if (!rc) 763 goto error;
735 dev->cmd_pending = 1;
736 764
765 dev->cmd_pending = 1;
737 goto unlock; 766 goto unlock;
738 } 767 }
739 768
740 nfc_dev_dbg(&dev->interface->dev, "%s Queueing command", __func__); 769 nfc_dev_dbg(&dev->interface->dev, "%s Queueing command 0x%x", __func__,
770 cmd_code);
741 771
742 cmd = kzalloc(sizeof(struct pn533_cmd), flags); 772 cmd = kzalloc(sizeof(struct pn533_cmd), GFP_KERNEL);
743 if (!cmd) { 773 if (!cmd) {
744 rc = -ENOMEM; 774 rc = -ENOMEM;
745 goto unlock; 775 goto error;
746 } 776 }
747 777
748 INIT_LIST_HEAD(&cmd->queue); 778 INIT_LIST_HEAD(&cmd->queue);
749 cmd->out_frame = out_frame; 779 cmd->cmd_code = cmd_code;
750 cmd->in_frame = in_frame; 780 cmd->req = req;
751 cmd->in_frame_len = in_frame_len; 781 cmd->resp = resp;
752 cmd->cmd_complete = cmd_complete; 782 cmd->resp_len = resp_len;
753 cmd->arg = arg; 783 cmd->arg = arg;
754 cmd->flags = flags;
755 784
756 list_add_tail(&cmd->queue, &dev->cmd_queue); 785 list_add_tail(&cmd->queue, &dev->cmd_queue);
757 786
787 goto unlock;
788
789error:
790 kfree(arg);
758unlock: 791unlock:
759 mutex_unlock(&dev->cmd_lock); 792 mutex_unlock(&dev->cmd_lock);
793 return rc;
794}
795
796static int pn533_send_data_async(struct pn533 *dev, u8 cmd_code,
797 struct sk_buff *req,
798 pn533_send_async_complete_t complete_cb,
799 void *complete_cb_context)
800{
801 struct sk_buff *resp;
802 int rc;
803 int resp_len = dev->ops->rx_header_len +
804 dev->ops->max_payload_len +
805 dev->ops->rx_tail_len;
806
807 resp = nfc_alloc_recv_skb(resp_len, GFP_KERNEL);
808 if (!resp)
809 return -ENOMEM;
810
811 rc = __pn533_send_async(dev, cmd_code, req, resp, resp_len, complete_cb,
812 complete_cb_context);
813 if (rc)
814 dev_kfree_skb(resp);
760 815
761 return rc; 816 return rc;
762} 817}
763 818
764struct pn533_sync_cmd_response { 819static int pn533_send_cmd_async(struct pn533 *dev, u8 cmd_code,
820 struct sk_buff *req,
821 pn533_send_async_complete_t complete_cb,
822 void *complete_cb_context)
823{
824 struct sk_buff *resp;
765 int rc; 825 int rc;
766 struct completion done; 826 int resp_len = dev->ops->rx_header_len +
767}; 827 dev->ops->max_payload_len +
828 dev->ops->rx_tail_len;
829
830 resp = alloc_skb(resp_len, GFP_KERNEL);
831 if (!resp)
832 return -ENOMEM;
833
834 rc = __pn533_send_async(dev, cmd_code, req, resp, resp_len, complete_cb,
835 complete_cb_context);
836 if (rc)
837 dev_kfree_skb(resp);
768 838
769static int pn533_sync_cmd_complete(struct pn533 *dev, void *_arg, 839 return rc;
770 u8 *params, int params_len) 840}
841
842/*
843 * pn533_send_cmd_direct_async
844 *
845 * The function sends a piority cmd directly to the chip omiting the cmd
846 * queue. It's intended to be used by chaining mechanism of received responses
847 * where the host has to request every single chunk of data before scheduling
848 * next cmd from the queue.
849 */
850static int pn533_send_cmd_direct_async(struct pn533 *dev, u8 cmd_code,
851 struct sk_buff *req,
852 pn533_send_async_complete_t complete_cb,
853 void *complete_cb_context)
771{ 854{
772 struct pn533_sync_cmd_response *arg = _arg; 855 struct pn533_send_async_complete_arg *arg;
856 struct sk_buff *resp;
857 int rc;
858 int resp_len = dev->ops->rx_header_len +
859 dev->ops->max_payload_len +
860 dev->ops->rx_tail_len;
773 861
774 nfc_dev_dbg(&dev->interface->dev, "%s", __func__); 862 resp = alloc_skb(resp_len, GFP_KERNEL);
863 if (!resp)
864 return -ENOMEM;
865
866 arg = kzalloc(sizeof(*arg), GFP_KERNEL);
867 if (!arg) {
868 dev_kfree_skb(resp);
869 return -ENOMEM;
870 }
775 871
776 arg->rc = 0; 872 arg->complete_cb = complete_cb;
873 arg->complete_cb_context = complete_cb_context;
874 arg->resp = resp;
875 arg->req = req;
777 876
778 if (params_len < 0) /* error */ 877 pn533_build_cmd_frame(dev, cmd_code, req);
779 arg->rc = params_len;
780 878
879 rc = __pn533_send_frame_async(dev, req, resp, resp_len,
880 pn533_send_async_complete, arg);
881 if (rc < 0) {
882 dev_kfree_skb(resp);
883 kfree(arg);
884 }
885
886 return rc;
887}
888
889static void pn533_wq_cmd(struct work_struct *work)
890{
891 struct pn533 *dev = container_of(work, struct pn533, cmd_work);
892 struct pn533_cmd *cmd;
893
894 mutex_lock(&dev->cmd_lock);
895
896 if (list_empty(&dev->cmd_queue)) {
897 dev->cmd_pending = 0;
898 mutex_unlock(&dev->cmd_lock);
899 return;
900 }
901
902 cmd = list_first_entry(&dev->cmd_queue, struct pn533_cmd, queue);
903
904 list_del(&cmd->queue);
905
906 mutex_unlock(&dev->cmd_lock);
907
908 __pn533_send_frame_async(dev, cmd->req, cmd->resp, cmd->resp_len,
909 pn533_send_async_complete, cmd->arg);
910
911 kfree(cmd);
912}
913
914struct pn533_sync_cmd_response {
915 struct sk_buff *resp;
916 struct completion done;
917};
918
919static int pn533_send_sync_complete(struct pn533 *dev, void *_arg,
920 struct sk_buff *resp)
921{
922 struct pn533_sync_cmd_response *arg = _arg;
923
924 arg->resp = resp;
781 complete(&arg->done); 925 complete(&arg->done);
782 926
783 return 0; 927 return 0;
784} 928}
785 929
786static int pn533_send_cmd_frame_sync(struct pn533 *dev, 930/* pn533_send_cmd_sync
787 struct pn533_frame *out_frame, 931 *
788 struct pn533_frame *in_frame, 932 * Please note the req parameter is freed inside the function to
789 int in_frame_len) 933 * limit a number of return value interpretations by the caller.
934 *
935 * 1. negative in case of error during TX path -> req should be freed
936 *
937 * 2. negative in case of error during RX path -> req should not be freed
938 * as it's been already freed at the begining of RX path by
939 * async_complete_cb.
940 *
941 * 3. valid pointer in case of succesfult RX path
942 *
943 * A caller has to check a return value with IS_ERR macro. If the test pass,
944 * the returned pointer is valid.
945 *
946 * */
947static struct sk_buff *pn533_send_cmd_sync(struct pn533 *dev, u8 cmd_code,
948 struct sk_buff *req)
790{ 949{
791 int rc; 950 int rc;
792 struct pn533_sync_cmd_response arg; 951 struct pn533_sync_cmd_response arg;
793 952
794 nfc_dev_dbg(&dev->interface->dev, "%s", __func__);
795
796 init_completion(&arg.done); 953 init_completion(&arg.done);
797 954
798 rc = pn533_send_cmd_frame_async(dev, out_frame, in_frame, in_frame_len, 955 rc = pn533_send_cmd_async(dev, cmd_code, req,
799 pn533_sync_cmd_complete, &arg, GFP_KERNEL); 956 pn533_send_sync_complete, &arg);
800 if (rc) 957 if (rc) {
801 return rc; 958 dev_kfree_skb(req);
959 return ERR_PTR(rc);
960 }
802 961
803 wait_for_completion(&arg.done); 962 wait_for_completion(&arg.done);
804 963
805 return arg.rc; 964 return arg.resp;
806} 965}
807 966
808static void pn533_send_complete(struct urb *urb) 967static void pn533_send_complete(struct urb *urb)
809{ 968{
810 struct pn533 *dev = urb->context; 969 struct pn533 *dev = urb->context;
811 970
812 nfc_dev_dbg(&dev->interface->dev, "%s", __func__);
813
814 switch (urb->status) { 971 switch (urb->status) {
815 case 0: 972 case 0:
816 /* success */ 973 break; /* success */
817 break;
818 case -ECONNRESET: 974 case -ECONNRESET:
819 case -ENOENT: 975 case -ENOENT:
820 case -ESHUTDOWN: 976 nfc_dev_dbg(&dev->interface->dev,
821 nfc_dev_dbg(&dev->interface->dev, "Urb shutting down with" 977 "The urb has been stopped (status %d)",
822 " status: %d", urb->status); 978 urb->status);
823 break; 979 break;
980 case -ESHUTDOWN:
824 default: 981 default:
825 nfc_dev_dbg(&dev->interface->dev, "Nonzero urb status received:" 982 nfc_dev_err(&dev->interface->dev,
826 " %d", urb->status); 983 "Urb failure (status %d)", urb->status);
827 } 984 }
828} 985}
829 986
987static struct sk_buff *pn533_alloc_skb(struct pn533 *dev, unsigned int size)
988{
989 struct sk_buff *skb;
990
991 skb = alloc_skb(dev->ops->tx_header_len +
992 size +
993 dev->ops->tx_tail_len, GFP_KERNEL);
994
995 if (skb)
996 skb_reserve(skb, dev->ops->tx_header_len);
997
998 return skb;
999}
1000
830struct pn533_target_type_a { 1001struct pn533_target_type_a {
831 __be16 sens_res; 1002 __be16 sens_res;
832 u8 sel_res; 1003 u8 sel_res;
@@ -867,9 +1038,9 @@ static bool pn533_target_type_a_is_valid(struct pn533_target_type_a *type_a,
867 platconf = PN533_TYPE_A_SENS_RES_PLATCONF(type_a->sens_res); 1038 platconf = PN533_TYPE_A_SENS_RES_PLATCONF(type_a->sens_res);
868 1039
869 if ((ssd == PN533_TYPE_A_SENS_RES_SSD_JEWEL && 1040 if ((ssd == PN533_TYPE_A_SENS_RES_SSD_JEWEL &&
870 platconf != PN533_TYPE_A_SENS_RES_PLATCONF_JEWEL) || 1041 platconf != PN533_TYPE_A_SENS_RES_PLATCONF_JEWEL) ||
871 (ssd != PN533_TYPE_A_SENS_RES_SSD_JEWEL && 1042 (ssd != PN533_TYPE_A_SENS_RES_SSD_JEWEL &&
872 platconf == PN533_TYPE_A_SENS_RES_PLATCONF_JEWEL)) 1043 platconf == PN533_TYPE_A_SENS_RES_PLATCONF_JEWEL))
873 return false; 1044 return false;
874 1045
875 /* Requirements 4.8.2.1, 4.8.2.3, 4.8.2.5 and 4.8.2.7 from NFC Forum */ 1046 /* Requirements 4.8.2.1, 4.8.2.3, 4.8.2.5 and 4.8.2.7 from NFC Forum */
@@ -884,7 +1055,7 @@ static int pn533_target_found_type_a(struct nfc_target *nfc_tgt, u8 *tgt_data,
884{ 1055{
885 struct pn533_target_type_a *tgt_type_a; 1056 struct pn533_target_type_a *tgt_type_a;
886 1057
887 tgt_type_a = (struct pn533_target_type_a *) tgt_data; 1058 tgt_type_a = (struct pn533_target_type_a *)tgt_data;
888 1059
889 if (!pn533_target_type_a_is_valid(tgt_type_a, tgt_data_len)) 1060 if (!pn533_target_type_a_is_valid(tgt_type_a, tgt_data_len))
890 return -EPROTO; 1061 return -EPROTO;
@@ -942,14 +1113,13 @@ static int pn533_target_found_felica(struct nfc_target *nfc_tgt, u8 *tgt_data,
942{ 1113{
943 struct pn533_target_felica *tgt_felica; 1114 struct pn533_target_felica *tgt_felica;
944 1115
945 tgt_felica = (struct pn533_target_felica *) tgt_data; 1116 tgt_felica = (struct pn533_target_felica *)tgt_data;
946 1117
947 if (!pn533_target_felica_is_valid(tgt_felica, tgt_data_len)) 1118 if (!pn533_target_felica_is_valid(tgt_felica, tgt_data_len))
948 return -EPROTO; 1119 return -EPROTO;
949 1120
950 if (tgt_felica->nfcid2[0] == PN533_FELICA_SENSF_NFCID2_DEP_B1 && 1121 if ((tgt_felica->nfcid2[0] == PN533_FELICA_SENSF_NFCID2_DEP_B1) &&
951 tgt_felica->nfcid2[1] == 1122 (tgt_felica->nfcid2[1] == PN533_FELICA_SENSF_NFCID2_DEP_B2))
952 PN533_FELICA_SENSF_NFCID2_DEP_B2)
953 nfc_tgt->supported_protocols = NFC_PROTO_NFC_DEP_MASK; 1123 nfc_tgt->supported_protocols = NFC_PROTO_NFC_DEP_MASK;
954 else 1124 else
955 nfc_tgt->supported_protocols = NFC_PROTO_FELICA_MASK; 1125 nfc_tgt->supported_protocols = NFC_PROTO_FELICA_MASK;
@@ -979,9 +1149,9 @@ static bool pn533_target_jewel_is_valid(struct pn533_target_jewel *jewel,
979 platconf = PN533_TYPE_A_SENS_RES_PLATCONF(jewel->sens_res); 1149 platconf = PN533_TYPE_A_SENS_RES_PLATCONF(jewel->sens_res);
980 1150
981 if ((ssd == PN533_TYPE_A_SENS_RES_SSD_JEWEL && 1151 if ((ssd == PN533_TYPE_A_SENS_RES_SSD_JEWEL &&
982 platconf != PN533_TYPE_A_SENS_RES_PLATCONF_JEWEL) || 1152 platconf != PN533_TYPE_A_SENS_RES_PLATCONF_JEWEL) ||
983 (ssd != PN533_TYPE_A_SENS_RES_SSD_JEWEL && 1153 (ssd != PN533_TYPE_A_SENS_RES_SSD_JEWEL &&
984 platconf == PN533_TYPE_A_SENS_RES_PLATCONF_JEWEL)) 1154 platconf == PN533_TYPE_A_SENS_RES_PLATCONF_JEWEL))
985 return false; 1155 return false;
986 1156
987 return true; 1157 return true;
@@ -992,7 +1162,7 @@ static int pn533_target_found_jewel(struct nfc_target *nfc_tgt, u8 *tgt_data,
992{ 1162{
993 struct pn533_target_jewel *tgt_jewel; 1163 struct pn533_target_jewel *tgt_jewel;
994 1164
995 tgt_jewel = (struct pn533_target_jewel *) tgt_data; 1165 tgt_jewel = (struct pn533_target_jewel *)tgt_data;
996 1166
997 if (!pn533_target_jewel_is_valid(tgt_jewel, tgt_data_len)) 1167 if (!pn533_target_jewel_is_valid(tgt_jewel, tgt_data_len))
998 return -EPROTO; 1168 return -EPROTO;
@@ -1051,7 +1221,7 @@ static int pn533_target_found_type_b(struct nfc_target *nfc_tgt, u8 *tgt_data,
1051{ 1221{
1052 struct pn533_target_type_b *tgt_type_b; 1222 struct pn533_target_type_b *tgt_type_b;
1053 1223
1054 tgt_type_b = (struct pn533_target_type_b *) tgt_data; 1224 tgt_type_b = (struct pn533_target_type_b *)tgt_data;
1055 1225
1056 if (!pn533_target_type_b_is_valid(tgt_type_b, tgt_data_len)) 1226 if (!pn533_target_type_b_is_valid(tgt_type_b, tgt_data_len))
1057 return -EPROTO; 1227 return -EPROTO;
@@ -1061,50 +1231,37 @@ static int pn533_target_found_type_b(struct nfc_target *nfc_tgt, u8 *tgt_data,
1061 return 0; 1231 return 0;
1062} 1232}
1063 1233
1064struct pn533_poll_response { 1234static int pn533_target_found(struct pn533 *dev, u8 tg, u8 *tgdata,
1065 u8 nbtg; 1235 int tgdata_len)
1066 u8 tg;
1067 u8 target_data[];
1068} __packed;
1069
1070static int pn533_target_found(struct pn533 *dev,
1071 struct pn533_poll_response *resp, int resp_len)
1072{ 1236{
1073 int target_data_len;
1074 struct nfc_target nfc_tgt; 1237 struct nfc_target nfc_tgt;
1075 int rc; 1238 int rc;
1076 1239
1077 nfc_dev_dbg(&dev->interface->dev, "%s - modulation=%d", __func__, 1240 nfc_dev_dbg(&dev->interface->dev, "%s - modulation=%d", __func__,
1078 dev->poll_mod_curr); 1241 dev->poll_mod_curr);
1079 1242
1080 if (resp->tg != 1) 1243 if (tg != 1)
1081 return -EPROTO; 1244 return -EPROTO;
1082 1245
1083 memset(&nfc_tgt, 0, sizeof(struct nfc_target)); 1246 memset(&nfc_tgt, 0, sizeof(struct nfc_target));
1084 1247
1085 target_data_len = resp_len - sizeof(struct pn533_poll_response);
1086
1087 switch (dev->poll_mod_curr) { 1248 switch (dev->poll_mod_curr) {
1088 case PN533_POLL_MOD_106KBPS_A: 1249 case PN533_POLL_MOD_106KBPS_A:
1089 rc = pn533_target_found_type_a(&nfc_tgt, resp->target_data, 1250 rc = pn533_target_found_type_a(&nfc_tgt, tgdata, tgdata_len);
1090 target_data_len);
1091 break; 1251 break;
1092 case PN533_POLL_MOD_212KBPS_FELICA: 1252 case PN533_POLL_MOD_212KBPS_FELICA:
1093 case PN533_POLL_MOD_424KBPS_FELICA: 1253 case PN533_POLL_MOD_424KBPS_FELICA:
1094 rc = pn533_target_found_felica(&nfc_tgt, resp->target_data, 1254 rc = pn533_target_found_felica(&nfc_tgt, tgdata, tgdata_len);
1095 target_data_len);
1096 break; 1255 break;
1097 case PN533_POLL_MOD_106KBPS_JEWEL: 1256 case PN533_POLL_MOD_106KBPS_JEWEL:
1098 rc = pn533_target_found_jewel(&nfc_tgt, resp->target_data, 1257 rc = pn533_target_found_jewel(&nfc_tgt, tgdata, tgdata_len);
1099 target_data_len);
1100 break; 1258 break;
1101 case PN533_POLL_MOD_847KBPS_B: 1259 case PN533_POLL_MOD_847KBPS_B:
1102 rc = pn533_target_found_type_b(&nfc_tgt, resp->target_data, 1260 rc = pn533_target_found_type_b(&nfc_tgt, tgdata, tgdata_len);
1103 target_data_len);
1104 break; 1261 break;
1105 default: 1262 default:
1106 nfc_dev_err(&dev->interface->dev, "Unknown current poll" 1263 nfc_dev_err(&dev->interface->dev,
1107 " modulation"); 1264 "Unknown current poll modulation");
1108 return -EPROTO; 1265 return -EPROTO;
1109 } 1266 }
1110 1267
@@ -1112,13 +1269,14 @@ static int pn533_target_found(struct pn533 *dev,
1112 return rc; 1269 return rc;
1113 1270
1114 if (!(nfc_tgt.supported_protocols & dev->poll_protocols)) { 1271 if (!(nfc_tgt.supported_protocols & dev->poll_protocols)) {
1115 nfc_dev_dbg(&dev->interface->dev, "The target found does not" 1272 nfc_dev_dbg(&dev->interface->dev,
1116 " have the desired protocol"); 1273 "The Tg found doesn't have the desired protocol");
1117 return -EAGAIN; 1274 return -EAGAIN;
1118 } 1275 }
1119 1276
1120 nfc_dev_dbg(&dev->interface->dev, "Target found - supported protocols: " 1277 nfc_dev_dbg(&dev->interface->dev,
1121 "0x%x", nfc_tgt.supported_protocols); 1278 "Target found - supported protocols: 0x%x",
1279 nfc_tgt.supported_protocols);
1122 1280
1123 dev->tgt_available_prots = nfc_tgt.supported_protocols; 1281 dev->tgt_available_prots = nfc_tgt.supported_protocols;
1124 1282
@@ -1140,7 +1298,7 @@ static void pn533_poll_reset_mod_list(struct pn533 *dev)
1140static void pn533_poll_add_mod(struct pn533 *dev, u8 mod_index) 1298static void pn533_poll_add_mod(struct pn533 *dev, u8 mod_index)
1141{ 1299{
1142 dev->poll_mod_active[dev->poll_mod_count] = 1300 dev->poll_mod_active[dev->poll_mod_count] =
1143 (struct pn533_poll_modulations *) &poll_mod[mod_index]; 1301 (struct pn533_poll_modulations *)&poll_mod[mod_index];
1144 dev->poll_mod_count++; 1302 dev->poll_mod_count++;
1145} 1303}
1146 1304
@@ -1149,13 +1307,13 @@ static void pn533_poll_create_mod_list(struct pn533 *dev,
1149{ 1307{
1150 pn533_poll_reset_mod_list(dev); 1308 pn533_poll_reset_mod_list(dev);
1151 1309
1152 if (im_protocols & NFC_PROTO_MIFARE_MASK 1310 if ((im_protocols & NFC_PROTO_MIFARE_MASK) ||
1153 || im_protocols & NFC_PROTO_ISO14443_MASK 1311 (im_protocols & NFC_PROTO_ISO14443_MASK) ||
1154 || im_protocols & NFC_PROTO_NFC_DEP_MASK) 1312 (im_protocols & NFC_PROTO_NFC_DEP_MASK))
1155 pn533_poll_add_mod(dev, PN533_POLL_MOD_106KBPS_A); 1313 pn533_poll_add_mod(dev, PN533_POLL_MOD_106KBPS_A);
1156 1314
1157 if (im_protocols & NFC_PROTO_FELICA_MASK 1315 if (im_protocols & NFC_PROTO_FELICA_MASK ||
1158 || im_protocols & NFC_PROTO_NFC_DEP_MASK) { 1316 im_protocols & NFC_PROTO_NFC_DEP_MASK) {
1159 pn533_poll_add_mod(dev, PN533_POLL_MOD_212KBPS_FELICA); 1317 pn533_poll_add_mod(dev, PN533_POLL_MOD_212KBPS_FELICA);
1160 pn533_poll_add_mod(dev, PN533_POLL_MOD_424KBPS_FELICA); 1318 pn533_poll_add_mod(dev, PN533_POLL_MOD_424KBPS_FELICA);
1161 } 1319 }
@@ -1170,16 +1328,20 @@ static void pn533_poll_create_mod_list(struct pn533 *dev,
1170 pn533_poll_add_mod(dev, PN533_LISTEN_MOD); 1328 pn533_poll_add_mod(dev, PN533_LISTEN_MOD);
1171} 1329}
1172 1330
1173static int pn533_start_poll_complete(struct pn533 *dev, u8 *params, int params_len) 1331static int pn533_start_poll_complete(struct pn533 *dev, struct sk_buff *resp)
1174{ 1332{
1175 struct pn533_poll_response *resp; 1333 u8 nbtg, tg, *tgdata;
1176 int rc; 1334 int rc, tgdata_len;
1177 1335
1178 nfc_dev_dbg(&dev->interface->dev, "%s", __func__); 1336 nfc_dev_dbg(&dev->interface->dev, "%s", __func__);
1179 1337
1180 resp = (struct pn533_poll_response *) params; 1338 nbtg = resp->data[0];
1181 if (resp->nbtg) { 1339 tg = resp->data[1];
1182 rc = pn533_target_found(dev, resp, params_len); 1340 tgdata = &resp->data[2];
1341 tgdata_len = resp->len - 2; /* nbtg + tg */
1342
1343 if (nbtg) {
1344 rc = pn533_target_found(dev, tg, tgdata, tgdata_len);
1183 1345
1184 /* We must stop the poll after a valid target found */ 1346 /* We must stop the poll after a valid target found */
1185 if (rc == 0) { 1347 if (rc == 0) {
@@ -1191,158 +1353,134 @@ static int pn533_start_poll_complete(struct pn533 *dev, u8 *params, int params_l
1191 return -EAGAIN; 1353 return -EAGAIN;
1192} 1354}
1193 1355
1194static int pn533_init_target_frame(struct pn533_frame *frame, 1356static struct sk_buff *pn533_alloc_poll_tg_frame(struct pn533 *dev)
1195 u8 *gb, size_t gb_len)
1196{ 1357{
1197 struct pn533_cmd_init_target *cmd; 1358 struct sk_buff *skb;
1198 size_t cmd_len; 1359 u8 *felica, *nfcid3, *gb;
1360
1361 u8 *gbytes = dev->gb;
1362 size_t gbytes_len = dev->gb_len;
1363
1199 u8 felica_params[18] = {0x1, 0xfe, /* DEP */ 1364 u8 felica_params[18] = {0x1, 0xfe, /* DEP */
1200 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, /* random */ 1365 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, /* random */
1201 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 1366 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0,
1202 0xff, 0xff}; /* System code */ 1367 0xff, 0xff}; /* System code */
1368
1203 u8 mifare_params[6] = {0x1, 0x1, /* SENS_RES */ 1369 u8 mifare_params[6] = {0x1, 0x1, /* SENS_RES */
1204 0x0, 0x0, 0x0, 1370 0x0, 0x0, 0x0,
1205 0x40}; /* SEL_RES for DEP */ 1371 0x40}; /* SEL_RES for DEP */
1206 1372
1207 cmd_len = sizeof(struct pn533_cmd_init_target) + gb_len + 1; 1373 unsigned int skb_len = 36 + /* mode (1), mifare (6),
1208 cmd = kzalloc(cmd_len, GFP_KERNEL); 1374 felica (18), nfcid3 (10), gb_len (1) */
1209 if (cmd == NULL) 1375 gbytes_len +
1210 return -ENOMEM; 1376 1; /* len Tk*/
1211 1377
1212 pn533_tx_frame_init(frame, PN533_CMD_TG_INIT_AS_TARGET); 1378 skb = pn533_alloc_skb(dev, skb_len);
1379 if (!skb)
1380 return NULL;
1213 1381
1214 /* DEP support only */ 1382 /* DEP support only */
1215 cmd->mode |= PN533_INIT_TARGET_DEP; 1383 *skb_put(skb, 1) |= PN533_INIT_TARGET_DEP;
1384
1385 /* MIFARE params */
1386 memcpy(skb_put(skb, 6), mifare_params, 6);
1216 1387
1217 /* Felica params */ 1388 /* Felica params */
1218 memcpy(cmd->felica, felica_params, 18); 1389 felica = skb_put(skb, 18);
1219 get_random_bytes(cmd->felica + 2, 6); 1390 memcpy(felica, felica_params, 18);
1391 get_random_bytes(felica + 2, 6);
1220 1392
1221 /* NFCID3 */ 1393 /* NFCID3 */
1222 memset(cmd->nfcid3, 0, 10); 1394 nfcid3 = skb_put(skb, 10);
1223 memcpy(cmd->nfcid3, cmd->felica, 8); 1395 memset(nfcid3, 0, 10);
1224 1396 memcpy(nfcid3, felica, 8);
1225 /* MIFARE params */
1226 memcpy(cmd->mifare, mifare_params, 6);
1227 1397
1228 /* General bytes */ 1398 /* General bytes */
1229 cmd->gb_len = gb_len; 1399 *skb_put(skb, 1) = gbytes_len;
1230 memcpy(cmd->gb, gb, gb_len);
1231
1232 /* Len Tk */
1233 cmd->gb[gb_len] = 0;
1234
1235 memcpy(PN533_FRAME_CMD_PARAMS_PTR(frame), cmd, cmd_len);
1236 1400
1237 frame->datalen += cmd_len; 1401 gb = skb_put(skb, gbytes_len);
1402 memcpy(gb, gbytes, gbytes_len);
1238 1403
1239 pn533_tx_frame_finish(frame); 1404 /* Len Tk */
1240 1405 *skb_put(skb, 1) = 0;
1241 kfree(cmd);
1242 1406
1243 return 0; 1407 return skb;
1244} 1408}
1245 1409
1246#define PN533_CMD_DATAEXCH_HEAD_LEN (sizeof(struct pn533_frame) + 3) 1410#define PN533_CMD_DATAEXCH_HEAD_LEN 1
1247#define PN533_CMD_DATAEXCH_DATA_MAXLEN 262 1411#define PN533_CMD_DATAEXCH_DATA_MAXLEN 262
1248static int pn533_tm_get_data_complete(struct pn533 *dev, void *arg, 1412static int pn533_tm_get_data_complete(struct pn533 *dev, void *arg,
1249 u8 *params, int params_len) 1413 struct sk_buff *resp)
1250{ 1414{
1251 struct sk_buff *skb_resp = arg; 1415 u8 status;
1252 struct pn533_frame *in_frame = (struct pn533_frame *) skb_resp->data;
1253 1416
1254 nfc_dev_dbg(&dev->interface->dev, "%s", __func__); 1417 nfc_dev_dbg(&dev->interface->dev, "%s", __func__);
1255 1418
1256 if (params_len < 0) { 1419 if (IS_ERR(resp))
1257 nfc_dev_err(&dev->interface->dev, 1420 return PTR_ERR(resp);
1258 "Error %d when starting as a target",
1259 params_len);
1260 1421
1261 return params_len; 1422 status = resp->data[0];
1262 } 1423 skb_pull(resp, sizeof(status));
1263 1424
1264 if (params_len > 0 && params[0] != 0) { 1425 if (status != 0) {
1265 nfc_tm_deactivated(dev->nfc_dev); 1426 nfc_tm_deactivated(dev->nfc_dev);
1266
1267 dev->tgt_mode = 0; 1427 dev->tgt_mode = 0;
1268 1428 dev_kfree_skb(resp);
1269 kfree_skb(skb_resp);
1270 return 0; 1429 return 0;
1271 } 1430 }
1272 1431
1273 skb_put(skb_resp, PN533_FRAME_SIZE(in_frame)); 1432 return nfc_tm_data_received(dev->nfc_dev, resp);
1274 skb_pull(skb_resp, PN533_CMD_DATAEXCH_HEAD_LEN);
1275 skb_trim(skb_resp, skb_resp->len - PN533_FRAME_TAIL_SIZE);
1276
1277 return nfc_tm_data_received(dev->nfc_dev, skb_resp);
1278} 1433}
1279 1434
1280static void pn533_wq_tg_get_data(struct work_struct *work) 1435static void pn533_wq_tg_get_data(struct work_struct *work)
1281{ 1436{
1282 struct pn533 *dev = container_of(work, struct pn533, tg_work); 1437 struct pn533 *dev = container_of(work, struct pn533, tg_work);
1283 struct pn533_frame *in_frame;
1284 struct sk_buff *skb_resp;
1285 size_t skb_resp_len;
1286 1438
1287 nfc_dev_dbg(&dev->interface->dev, "%s", __func__); 1439 struct sk_buff *skb;
1440 int rc;
1288 1441
1289 skb_resp_len = PN533_CMD_DATAEXCH_HEAD_LEN + 1442 nfc_dev_dbg(&dev->interface->dev, "%s", __func__);
1290 PN533_CMD_DATAEXCH_DATA_MAXLEN +
1291 PN533_FRAME_TAIL_SIZE;
1292 1443
1293 skb_resp = nfc_alloc_recv_skb(skb_resp_len, GFP_KERNEL); 1444 skb = pn533_alloc_skb(dev, 0);
1294 if (!skb_resp) 1445 if (!skb)
1295 return; 1446 return;
1296 1447
1297 in_frame = (struct pn533_frame *)skb_resp->data; 1448 rc = pn533_send_data_async(dev, PN533_CMD_TG_GET_DATA, skb,
1449 pn533_tm_get_data_complete, NULL);
1298 1450
1299 pn533_tx_frame_init(dev->out_frame, PN533_CMD_TG_GET_DATA); 1451 if (rc < 0)
1300 pn533_tx_frame_finish(dev->out_frame); 1452 dev_kfree_skb(skb);
1301
1302 pn533_send_cmd_frame_async(dev, dev->out_frame, in_frame,
1303 skb_resp_len,
1304 pn533_tm_get_data_complete,
1305 skb_resp, GFP_KERNEL);
1306 1453
1307 return; 1454 return;
1308} 1455}
1309 1456
1310#define ATR_REQ_GB_OFFSET 17 1457#define ATR_REQ_GB_OFFSET 17
1311static int pn533_init_target_complete(struct pn533 *dev, u8 *params, int params_len) 1458static int pn533_init_target_complete(struct pn533 *dev, struct sk_buff *resp)
1312{ 1459{
1313 struct pn533_cmd_init_target_response *resp; 1460 u8 mode, *cmd, comm_mode = NFC_COMM_PASSIVE, *gb;
1314 u8 frame, comm_mode = NFC_COMM_PASSIVE, *gb;
1315 size_t gb_len; 1461 size_t gb_len;
1316 int rc; 1462 int rc;
1317 1463
1318 nfc_dev_dbg(&dev->interface->dev, "%s", __func__); 1464 nfc_dev_dbg(&dev->interface->dev, "%s", __func__);
1319 1465
1320 if (params_len < 0) { 1466 if (resp->len < ATR_REQ_GB_OFFSET + 1)
1321 nfc_dev_err(&dev->interface->dev,
1322 "Error %d when starting as a target",
1323 params_len);
1324
1325 return params_len;
1326 }
1327
1328 if (params_len < ATR_REQ_GB_OFFSET + 1)
1329 return -EINVAL; 1467 return -EINVAL;
1330 1468
1331 resp = (struct pn533_cmd_init_target_response *) params; 1469 mode = resp->data[0];
1470 cmd = &resp->data[1];
1332 1471
1333 nfc_dev_dbg(&dev->interface->dev, "Target mode 0x%x param len %d\n", 1472 nfc_dev_dbg(&dev->interface->dev, "Target mode 0x%x len %d\n",
1334 resp->mode, params_len); 1473 mode, resp->len);
1335 1474
1336 frame = resp->mode & PN533_INIT_TARGET_RESP_FRAME_MASK; 1475 if ((mode & PN533_INIT_TARGET_RESP_FRAME_MASK) ==
1337 if (frame == PN533_INIT_TARGET_RESP_ACTIVE) 1476 PN533_INIT_TARGET_RESP_ACTIVE)
1338 comm_mode = NFC_COMM_ACTIVE; 1477 comm_mode = NFC_COMM_ACTIVE;
1339 1478
1340 /* Again, only DEP */ 1479 if ((mode & PN533_INIT_TARGET_RESP_DEP) == 0) /* Only DEP supported */
1341 if ((resp->mode & PN533_INIT_TARGET_RESP_DEP) == 0)
1342 return -EOPNOTSUPP; 1480 return -EOPNOTSUPP;
1343 1481
1344 gb = resp->cmd + ATR_REQ_GB_OFFSET; 1482 gb = cmd + ATR_REQ_GB_OFFSET;
1345 gb_len = params_len - (ATR_REQ_GB_OFFSET + 1); 1483 gb_len = resp->len - (ATR_REQ_GB_OFFSET + 1);
1346 1484
1347 rc = nfc_tm_activated(dev->nfc_dev, NFC_PROTO_NFC_DEP_MASK, 1485 rc = nfc_tm_activated(dev->nfc_dev, NFC_PROTO_NFC_DEP_MASK,
1348 comm_mode, gb, gb_len); 1486 comm_mode, gb, gb_len);
@@ -1353,7 +1491,6 @@ static int pn533_init_target_complete(struct pn533 *dev, u8 *params, int params_
1353 } 1491 }
1354 1492
1355 dev->tgt_mode = 1; 1493 dev->tgt_mode = 1;
1356
1357 queue_work(dev->wq, &dev->tg_work); 1494 queue_work(dev->wq, &dev->tg_work);
1358 1495
1359 return 0; 1496 return 0;
@@ -1361,7 +1498,7 @@ static int pn533_init_target_complete(struct pn533 *dev, u8 *params, int params_
1361 1498
1362static void pn533_listen_mode_timer(unsigned long data) 1499static void pn533_listen_mode_timer(unsigned long data)
1363{ 1500{
1364 struct pn533 *dev = (struct pn533 *) data; 1501 struct pn533 *dev = (struct pn533 *)data;
1365 1502
1366 nfc_dev_dbg(&dev->interface->dev, "Listen mode timeout"); 1503 nfc_dev_dbg(&dev->interface->dev, "Listen mode timeout");
1367 1504
@@ -1376,88 +1513,104 @@ static void pn533_listen_mode_timer(unsigned long data)
1376} 1513}
1377 1514
1378static int pn533_poll_complete(struct pn533 *dev, void *arg, 1515static int pn533_poll_complete(struct pn533 *dev, void *arg,
1379 u8 *params, int params_len) 1516 struct sk_buff *resp)
1380{ 1517{
1381 struct pn533_poll_modulations *cur_mod; 1518 struct pn533_poll_modulations *cur_mod;
1382 int rc; 1519 int rc;
1383 1520
1384 nfc_dev_dbg(&dev->interface->dev, "%s", __func__); 1521 nfc_dev_dbg(&dev->interface->dev, "%s", __func__);
1385 1522
1386 if (params_len == -ENOENT) { 1523 if (IS_ERR(resp)) {
1387 if (dev->poll_mod_count != 0) 1524 rc = PTR_ERR(resp);
1388 return 0;
1389
1390 nfc_dev_err(&dev->interface->dev,
1391 "Polling operation has been stopped");
1392
1393 goto stop_poll;
1394 }
1395 1525
1396 if (params_len < 0) { 1526 nfc_dev_err(&dev->interface->dev, "%s Poll complete error %d",
1397 nfc_dev_err(&dev->interface->dev, 1527 __func__, rc);
1398 "Error %d when running poll", params_len);
1399 1528
1400 goto stop_poll; 1529 if (rc == -ENOENT) {
1530 if (dev->poll_mod_count != 0)
1531 return rc;
1532 else
1533 goto stop_poll;
1534 } else if (rc < 0) {
1535 nfc_dev_err(&dev->interface->dev,
1536 "Error %d when running poll", rc);
1537 goto stop_poll;
1538 }
1401 } 1539 }
1402 1540
1403 cur_mod = dev->poll_mod_active[dev->poll_mod_curr]; 1541 cur_mod = dev->poll_mod_active[dev->poll_mod_curr];
1404 1542
1405 if (cur_mod->len == 0) { 1543 if (cur_mod->len == 0) { /* Target mode */
1406 del_timer(&dev->listen_timer); 1544 del_timer(&dev->listen_timer);
1407 1545 rc = pn533_init_target_complete(dev, resp);
1408 return pn533_init_target_complete(dev, params, params_len); 1546 goto done;
1409 } else {
1410 rc = pn533_start_poll_complete(dev, params, params_len);
1411 if (!rc)
1412 return rc;
1413 } 1547 }
1414 1548
1415 pn533_poll_next_mod(dev); 1549 /* Initiator mode */
1550 rc = pn533_start_poll_complete(dev, resp);
1551 if (!rc)
1552 goto done;
1416 1553
1554 pn533_poll_next_mod(dev);
1417 queue_work(dev->wq, &dev->poll_work); 1555 queue_work(dev->wq, &dev->poll_work);
1418 1556
1419 return 0; 1557done:
1558 dev_kfree_skb(resp);
1559 return rc;
1420 1560
1421stop_poll: 1561stop_poll:
1562 nfc_dev_err(&dev->interface->dev, "Polling operation has been stopped");
1563
1422 pn533_poll_reset_mod_list(dev); 1564 pn533_poll_reset_mod_list(dev);
1423 dev->poll_protocols = 0; 1565 dev->poll_protocols = 0;
1424 return 0; 1566 return rc;
1425} 1567}
1426 1568
1427static void pn533_build_poll_frame(struct pn533 *dev, 1569static struct sk_buff *pn533_alloc_poll_in_frame(struct pn533 *dev,
1428 struct pn533_frame *frame, 1570 struct pn533_poll_modulations *mod)
1429 struct pn533_poll_modulations *mod)
1430{ 1571{
1431 nfc_dev_dbg(&dev->interface->dev, "mod len %d\n", mod->len); 1572 struct sk_buff *skb;
1432 1573
1433 if (mod->len == 0) { 1574 skb = pn533_alloc_skb(dev, mod->len);
1434 /* Listen mode */ 1575 if (!skb)
1435 pn533_init_target_frame(frame, dev->gb, dev->gb_len); 1576 return NULL;
1436 } else {
1437 /* Polling mode */
1438 pn533_tx_frame_init(frame, PN533_CMD_IN_LIST_PASSIVE_TARGET);
1439 1577
1440 memcpy(PN533_FRAME_CMD_PARAMS_PTR(frame), &mod->data, mod->len); 1578 memcpy(skb_put(skb, mod->len), &mod->data, mod->len);
1441 frame->datalen += mod->len;
1442 1579
1443 pn533_tx_frame_finish(frame); 1580 return skb;
1444 }
1445} 1581}
1446 1582
1447static int pn533_send_poll_frame(struct pn533 *dev) 1583static int pn533_send_poll_frame(struct pn533 *dev)
1448{ 1584{
1449 struct pn533_poll_modulations *cur_mod; 1585 struct pn533_poll_modulations *mod;
1586 struct sk_buff *skb;
1450 int rc; 1587 int rc;
1588 u8 cmd_code;
1451 1589
1452 cur_mod = dev->poll_mod_active[dev->poll_mod_curr]; 1590 mod = dev->poll_mod_active[dev->poll_mod_curr];
1453 1591
1454 pn533_build_poll_frame(dev, dev->out_frame, cur_mod); 1592 nfc_dev_dbg(&dev->interface->dev, "%s mod len %d\n",
1593 __func__, mod->len);
1455 1594
1456 rc = pn533_send_cmd_frame_async(dev, dev->out_frame, dev->in_frame, 1595 if (mod->len == 0) { /* Listen mode */
1457 dev->in_maxlen, pn533_poll_complete, 1596 cmd_code = PN533_CMD_TG_INIT_AS_TARGET;
1458 NULL, GFP_KERNEL); 1597 skb = pn533_alloc_poll_tg_frame(dev);
1459 if (rc) 1598 } else { /* Polling mode */
1599 cmd_code = PN533_CMD_IN_LIST_PASSIVE_TARGET;
1600 skb = pn533_alloc_poll_in_frame(dev, mod);
1601 }
1602
1603 if (!skb) {
1604 nfc_dev_err(&dev->interface->dev, "Failed to allocate skb.");
1605 return -ENOMEM;
1606 }
1607
1608 rc = pn533_send_cmd_async(dev, cmd_code, skb, pn533_poll_complete,
1609 NULL);
1610 if (rc < 0) {
1611 dev_kfree_skb(skb);
1460 nfc_dev_err(&dev->interface->dev, "Polling loop error %d", rc); 1612 nfc_dev_err(&dev->interface->dev, "Polling loop error %d", rc);
1613 }
1461 1614
1462 return rc; 1615 return rc;
1463} 1616}
@@ -1533,8 +1686,8 @@ static void pn533_stop_poll(struct nfc_dev *nfc_dev)
1533 del_timer(&dev->listen_timer); 1686 del_timer(&dev->listen_timer);
1534 1687
1535 if (!dev->poll_mod_count) { 1688 if (!dev->poll_mod_count) {
1536 nfc_dev_dbg(&dev->interface->dev, "Polling operation was not" 1689 nfc_dev_dbg(&dev->interface->dev,
1537 " running"); 1690 "Polling operation was not running");
1538 return; 1691 return;
1539 } 1692 }
1540 1693
@@ -1549,38 +1702,38 @@ static void pn533_stop_poll(struct nfc_dev *nfc_dev)
1549 1702
1550static int pn533_activate_target_nfcdep(struct pn533 *dev) 1703static int pn533_activate_target_nfcdep(struct pn533 *dev)
1551{ 1704{
1552 struct pn533_cmd_activate_param param; 1705 struct pn533_cmd_activate_response *rsp;
1553 struct pn533_cmd_activate_response *resp;
1554 u16 gt_len; 1706 u16 gt_len;
1555 int rc; 1707 int rc;
1556 1708
1557 nfc_dev_dbg(&dev->interface->dev, "%s", __func__); 1709 struct sk_buff *skb;
1710 struct sk_buff *resp;
1558 1711
1559 pn533_tx_frame_init(dev->out_frame, PN533_CMD_IN_ATR); 1712 nfc_dev_dbg(&dev->interface->dev, "%s", __func__);
1560 1713
1561 param.tg = 1; 1714 skb = pn533_alloc_skb(dev, sizeof(u8) * 2); /*TG + Next*/
1562 param.next = 0; 1715 if (!skb)
1563 memcpy(PN533_FRAME_CMD_PARAMS_PTR(dev->out_frame), &param, 1716 return -ENOMEM;
1564 sizeof(struct pn533_cmd_activate_param));
1565 dev->out_frame->datalen += sizeof(struct pn533_cmd_activate_param);
1566 1717
1567 pn533_tx_frame_finish(dev->out_frame); 1718 *skb_put(skb, sizeof(u8)) = 1; /* TG */
1719 *skb_put(skb, sizeof(u8)) = 0; /* Next */
1568 1720
1569 rc = pn533_send_cmd_frame_sync(dev, dev->out_frame, dev->in_frame, 1721 resp = pn533_send_cmd_sync(dev, PN533_CMD_IN_ATR, skb);
1570 dev->in_maxlen); 1722 if (IS_ERR(resp))
1571 if (rc) 1723 return PTR_ERR(resp);
1572 return rc;
1573 1724
1574 resp = (struct pn533_cmd_activate_response *) 1725 rsp = (struct pn533_cmd_activate_response *)resp->data;
1575 PN533_FRAME_CMD_PARAMS_PTR(dev->in_frame); 1726 rc = rsp->status & PN533_CMD_RET_MASK;
1576 rc = resp->status & PN533_CMD_RET_MASK; 1727 if (rc != PN533_CMD_RET_SUCCESS) {
1577 if (rc != PN533_CMD_RET_SUCCESS) 1728 dev_kfree_skb(resp);
1578 return -EIO; 1729 return -EIO;
1730 }
1579 1731
1580 /* ATR_RES general bytes are located at offset 16 */ 1732 /* ATR_RES general bytes are located at offset 16 */
1581 gt_len = PN533_FRAME_CMD_PARAMS_LEN(dev->in_frame) - 16; 1733 gt_len = resp->len - 16;
1582 rc = nfc_set_remote_general_bytes(dev->nfc_dev, resp->gt, gt_len); 1734 rc = nfc_set_remote_general_bytes(dev->nfc_dev, rsp->gt, gt_len);
1583 1735
1736 dev_kfree_skb(resp);
1584 return rc; 1737 return rc;
1585} 1738}
1586 1739
@@ -1591,38 +1744,38 @@ static int pn533_activate_target(struct nfc_dev *nfc_dev,
1591 int rc; 1744 int rc;
1592 1745
1593 nfc_dev_dbg(&dev->interface->dev, "%s - protocol=%u", __func__, 1746 nfc_dev_dbg(&dev->interface->dev, "%s - protocol=%u", __func__,
1594 protocol); 1747 protocol);
1595 1748
1596 if (dev->poll_mod_count) { 1749 if (dev->poll_mod_count) {
1597 nfc_dev_err(&dev->interface->dev, "Cannot activate while" 1750 nfc_dev_err(&dev->interface->dev,
1598 " polling"); 1751 "Cannot activate while polling");
1599 return -EBUSY; 1752 return -EBUSY;
1600 } 1753 }
1601 1754
1602 if (dev->tgt_active_prot) { 1755 if (dev->tgt_active_prot) {
1603 nfc_dev_err(&dev->interface->dev, "There is already an active" 1756 nfc_dev_err(&dev->interface->dev,
1604 " target"); 1757 "There is already an active target");
1605 return -EBUSY; 1758 return -EBUSY;
1606 } 1759 }
1607 1760
1608 if (!dev->tgt_available_prots) { 1761 if (!dev->tgt_available_prots) {
1609 nfc_dev_err(&dev->interface->dev, "There is no available target" 1762 nfc_dev_err(&dev->interface->dev,
1610 " to activate"); 1763 "There is no available target to activate");
1611 return -EINVAL; 1764 return -EINVAL;
1612 } 1765 }
1613 1766
1614 if (!(dev->tgt_available_prots & (1 << protocol))) { 1767 if (!(dev->tgt_available_prots & (1 << protocol))) {
1615 nfc_dev_err(&dev->interface->dev, "The target does not support" 1768 nfc_dev_err(&dev->interface->dev,
1616 " the requested protocol %u", protocol); 1769 "Target doesn't support requested proto %u",
1770 protocol);
1617 return -EINVAL; 1771 return -EINVAL;
1618 } 1772 }
1619 1773
1620 if (protocol == NFC_PROTO_NFC_DEP) { 1774 if (protocol == NFC_PROTO_NFC_DEP) {
1621 rc = pn533_activate_target_nfcdep(dev); 1775 rc = pn533_activate_target_nfcdep(dev);
1622 if (rc) { 1776 if (rc) {
1623 nfc_dev_err(&dev->interface->dev, "Error %d when" 1777 nfc_dev_err(&dev->interface->dev,
1624 " activating target with" 1778 "Activating target with DEP failed %d", rc);
1625 " NFC_DEP protocol", rc);
1626 return rc; 1779 return rc;
1627 } 1780 }
1628 } 1781 }
@@ -1637,8 +1790,10 @@ static void pn533_deactivate_target(struct nfc_dev *nfc_dev,
1637 struct nfc_target *target) 1790 struct nfc_target *target)
1638{ 1791{
1639 struct pn533 *dev = nfc_get_drvdata(nfc_dev); 1792 struct pn533 *dev = nfc_get_drvdata(nfc_dev);
1640 u8 tg; 1793
1641 u8 status; 1794 struct sk_buff *skb;
1795 struct sk_buff *resp;
1796
1642 int rc; 1797 int rc;
1643 1798
1644 nfc_dev_dbg(&dev->interface->dev, "%s", __func__); 1799 nfc_dev_dbg(&dev->interface->dev, "%s", __func__);
@@ -1649,83 +1804,69 @@ static void pn533_deactivate_target(struct nfc_dev *nfc_dev,
1649 } 1804 }
1650 1805
1651 dev->tgt_active_prot = 0; 1806 dev->tgt_active_prot = 0;
1652
1653 skb_queue_purge(&dev->resp_q); 1807 skb_queue_purge(&dev->resp_q);
1654 1808
1655 pn533_tx_frame_init(dev->out_frame, PN533_CMD_IN_RELEASE); 1809 skb = pn533_alloc_skb(dev, sizeof(u8));
1656 1810 if (!skb)
1657 tg = 1; 1811 return;
1658 memcpy(PN533_FRAME_CMD_PARAMS_PTR(dev->out_frame), &tg, sizeof(u8));
1659 dev->out_frame->datalen += sizeof(u8);
1660 1812
1661 pn533_tx_frame_finish(dev->out_frame); 1813 *skb_put(skb, 1) = 1; /* TG*/
1662 1814
1663 rc = pn533_send_cmd_frame_sync(dev, dev->out_frame, dev->in_frame, 1815 resp = pn533_send_cmd_sync(dev, PN533_CMD_IN_RELEASE, skb);
1664 dev->in_maxlen); 1816 if (IS_ERR(resp))
1665 if (rc) {
1666 nfc_dev_err(&dev->interface->dev, "Error when sending release"
1667 " command to the controller");
1668 return; 1817 return;
1669 }
1670 1818
1671 status = PN533_FRAME_CMD_PARAMS_PTR(dev->in_frame)[0]; 1819 rc = resp->data[0] & PN533_CMD_RET_MASK;
1672 rc = status & PN533_CMD_RET_MASK;
1673 if (rc != PN533_CMD_RET_SUCCESS) 1820 if (rc != PN533_CMD_RET_SUCCESS)
1674 nfc_dev_err(&dev->interface->dev, "Error 0x%x when releasing" 1821 nfc_dev_err(&dev->interface->dev,
1675 " the target", rc); 1822 "Error 0x%x when releasing the target", rc);
1676 1823
1824 dev_kfree_skb(resp);
1677 return; 1825 return;
1678} 1826}
1679 1827
1680 1828
1681static int pn533_in_dep_link_up_complete(struct pn533 *dev, void *arg, 1829static int pn533_in_dep_link_up_complete(struct pn533 *dev, void *arg,
1682 u8 *params, int params_len) 1830 struct sk_buff *resp)
1683{ 1831{
1684 struct pn533_cmd_jump_dep_response *resp; 1832 struct pn533_cmd_jump_dep_response *rsp;
1685 struct nfc_target nfc_target;
1686 u8 target_gt_len; 1833 u8 target_gt_len;
1687 int rc; 1834 int rc;
1688 struct pn533_cmd_jump_dep *cmd = (struct pn533_cmd_jump_dep *)arg; 1835 u8 active = *(u8 *)arg;
1689 u8 active = cmd->active;
1690 1836
1691 kfree(arg); 1837 kfree(arg);
1692 1838
1693 if (params_len == -ENOENT) { 1839 if (IS_ERR(resp))
1694 nfc_dev_dbg(&dev->interface->dev, ""); 1840 return PTR_ERR(resp);
1695 return 0;
1696 }
1697
1698 if (params_len < 0) {
1699 nfc_dev_err(&dev->interface->dev,
1700 "Error %d when bringing DEP link up",
1701 params_len);
1702 return 0;
1703 }
1704 1841
1705 if (dev->tgt_available_prots && 1842 if (dev->tgt_available_prots &&
1706 !(dev->tgt_available_prots & (1 << NFC_PROTO_NFC_DEP))) { 1843 !(dev->tgt_available_prots & (1 << NFC_PROTO_NFC_DEP))) {
1707 nfc_dev_err(&dev->interface->dev, 1844 nfc_dev_err(&dev->interface->dev,
1708 "The target does not support DEP"); 1845 "The target does not support DEP");
1709 return -EINVAL; 1846 rc = -EINVAL;
1847 goto error;
1710 } 1848 }
1711 1849
1712 resp = (struct pn533_cmd_jump_dep_response *) params; 1850 rsp = (struct pn533_cmd_jump_dep_response *)resp->data;
1713 rc = resp->status & PN533_CMD_RET_MASK; 1851
1852 rc = rsp->status & PN533_CMD_RET_MASK;
1714 if (rc != PN533_CMD_RET_SUCCESS) { 1853 if (rc != PN533_CMD_RET_SUCCESS) {
1715 nfc_dev_err(&dev->interface->dev, 1854 nfc_dev_err(&dev->interface->dev,
1716 "Bringing DEP link up failed %d", rc); 1855 "Bringing DEP link up failed %d", rc);
1717 return 0; 1856 goto error;
1718 } 1857 }
1719 1858
1720 if (!dev->tgt_available_prots) { 1859 if (!dev->tgt_available_prots) {
1860 struct nfc_target nfc_target;
1861
1721 nfc_dev_dbg(&dev->interface->dev, "Creating new target"); 1862 nfc_dev_dbg(&dev->interface->dev, "Creating new target");
1722 1863
1723 nfc_target.supported_protocols = NFC_PROTO_NFC_DEP_MASK; 1864 nfc_target.supported_protocols = NFC_PROTO_NFC_DEP_MASK;
1724 nfc_target.nfcid1_len = 10; 1865 nfc_target.nfcid1_len = 10;
1725 memcpy(nfc_target.nfcid1, resp->nfcid3t, nfc_target.nfcid1_len); 1866 memcpy(nfc_target.nfcid1, rsp->nfcid3t, nfc_target.nfcid1_len);
1726 rc = nfc_targets_found(dev->nfc_dev, &nfc_target, 1); 1867 rc = nfc_targets_found(dev->nfc_dev, &nfc_target, 1);
1727 if (rc) 1868 if (rc)
1728 return 0; 1869 goto error;
1729 1870
1730 dev->tgt_available_prots = 0; 1871 dev->tgt_available_prots = 0;
1731 } 1872 }
@@ -1733,15 +1874,17 @@ static int pn533_in_dep_link_up_complete(struct pn533 *dev, void *arg,
1733 dev->tgt_active_prot = NFC_PROTO_NFC_DEP; 1874 dev->tgt_active_prot = NFC_PROTO_NFC_DEP;
1734 1875
1735 /* ATR_RES general bytes are located at offset 17 */ 1876 /* ATR_RES general bytes are located at offset 17 */
1736 target_gt_len = PN533_FRAME_CMD_PARAMS_LEN(dev->in_frame) - 17; 1877 target_gt_len = resp->len - 17;
1737 rc = nfc_set_remote_general_bytes(dev->nfc_dev, 1878 rc = nfc_set_remote_general_bytes(dev->nfc_dev,
1738 resp->gt, target_gt_len); 1879 rsp->gt, target_gt_len);
1739 if (rc == 0) 1880 if (rc == 0)
1740 rc = nfc_dep_link_is_up(dev->nfc_dev, 1881 rc = nfc_dep_link_is_up(dev->nfc_dev,
1741 dev->nfc_dev->targets[0].idx, 1882 dev->nfc_dev->targets[0].idx,
1742 !active, NFC_RF_INITIATOR); 1883 !active, NFC_RF_INITIATOR);
1743 1884
1744 return 0; 1885error:
1886 dev_kfree_skb(resp);
1887 return rc;
1745} 1888}
1746 1889
1747static int pn533_mod_to_baud(struct pn533 *dev) 1890static int pn533_mod_to_baud(struct pn533 *dev)
@@ -1760,25 +1903,26 @@ static int pn533_mod_to_baud(struct pn533 *dev)
1760 1903
1761#define PASSIVE_DATA_LEN 5 1904#define PASSIVE_DATA_LEN 5
1762static int pn533_dep_link_up(struct nfc_dev *nfc_dev, struct nfc_target *target, 1905static int pn533_dep_link_up(struct nfc_dev *nfc_dev, struct nfc_target *target,
1763 u8 comm_mode, u8* gb, size_t gb_len) 1906 u8 comm_mode, u8 *gb, size_t gb_len)
1764{ 1907{
1765 struct pn533 *dev = nfc_get_drvdata(nfc_dev); 1908 struct pn533 *dev = nfc_get_drvdata(nfc_dev);
1766 struct pn533_cmd_jump_dep *cmd; 1909 struct sk_buff *skb;
1767 u8 cmd_len, *data_ptr; 1910 int rc, baud, skb_len;
1911 u8 *next, *arg;
1912
1768 u8 passive_data[PASSIVE_DATA_LEN] = {0x00, 0xff, 0xff, 0x00, 0x3}; 1913 u8 passive_data[PASSIVE_DATA_LEN] = {0x00, 0xff, 0xff, 0x00, 0x3};
1769 int rc, baud;
1770 1914
1771 nfc_dev_dbg(&dev->interface->dev, "%s", __func__); 1915 nfc_dev_dbg(&dev->interface->dev, "%s", __func__);
1772 1916
1773 if (dev->poll_mod_count) { 1917 if (dev->poll_mod_count) {
1774 nfc_dev_err(&dev->interface->dev, 1918 nfc_dev_err(&dev->interface->dev,
1775 "Cannot bring the DEP link up while polling"); 1919 "Cannot bring the DEP link up while polling");
1776 return -EBUSY; 1920 return -EBUSY;
1777 } 1921 }
1778 1922
1779 if (dev->tgt_active_prot) { 1923 if (dev->tgt_active_prot) {
1780 nfc_dev_err(&dev->interface->dev, 1924 nfc_dev_err(&dev->interface->dev,
1781 "There is already an active target"); 1925 "There is already an active target");
1782 return -EBUSY; 1926 return -EBUSY;
1783 } 1927 }
1784 1928
@@ -1789,43 +1933,48 @@ static int pn533_dep_link_up(struct nfc_dev *nfc_dev, struct nfc_target *target,
1789 return baud; 1933 return baud;
1790 } 1934 }
1791 1935
1792 cmd_len = sizeof(struct pn533_cmd_jump_dep) + gb_len; 1936 skb_len = 3 + gb_len; /* ActPass + BR + Next */
1793 if (comm_mode == NFC_COMM_PASSIVE) 1937 if (comm_mode == NFC_COMM_PASSIVE)
1794 cmd_len += PASSIVE_DATA_LEN; 1938 skb_len += PASSIVE_DATA_LEN;
1795 1939
1796 cmd = kzalloc(cmd_len, GFP_KERNEL); 1940 skb = pn533_alloc_skb(dev, skb_len);
1797 if (cmd == NULL) 1941 if (!skb)
1798 return -ENOMEM; 1942 return -ENOMEM;
1799 1943
1800 pn533_tx_frame_init(dev->out_frame, PN533_CMD_IN_JUMP_FOR_DEP); 1944 *skb_put(skb, 1) = !comm_mode; /* ActPass */
1945 *skb_put(skb, 1) = baud; /* Baud rate */
1801 1946
1802 cmd->active = !comm_mode; 1947 next = skb_put(skb, 1); /* Next */
1803 cmd->next = 0; 1948 *next = 0;
1804 cmd->baud = baud; 1949
1805 data_ptr = cmd->data; 1950 if (comm_mode == NFC_COMM_PASSIVE && baud > 0) {
1806 if (comm_mode == NFC_COMM_PASSIVE && cmd->baud > 0) { 1951 memcpy(skb_put(skb, PASSIVE_DATA_LEN), passive_data,
1807 memcpy(data_ptr, passive_data, PASSIVE_DATA_LEN); 1952 PASSIVE_DATA_LEN);
1808 cmd->next |= 1; 1953 *next |= 1;
1809 data_ptr += PASSIVE_DATA_LEN;
1810 } 1954 }
1811 1955
1812 if (gb != NULL && gb_len > 0) { 1956 if (gb != NULL && gb_len > 0) {
1813 cmd->next |= 4; /* We have some Gi */ 1957 memcpy(skb_put(skb, gb_len), gb, gb_len);
1814 memcpy(data_ptr, gb, gb_len); 1958 *next |= 4; /* We have some Gi */
1815 } else { 1959 } else {
1816 cmd->next = 0; 1960 *next = 0;
1817 } 1961 }
1818 1962
1819 memcpy(PN533_FRAME_CMD_PARAMS_PTR(dev->out_frame), cmd, cmd_len); 1963 arg = kmalloc(sizeof(*arg), GFP_KERNEL);
1820 dev->out_frame->datalen += cmd_len; 1964 if (!arg) {
1965 dev_kfree_skb(skb);
1966 return -ENOMEM;
1967 }
1821 1968
1822 pn533_tx_frame_finish(dev->out_frame); 1969 *arg = !comm_mode;
1823 1970
1824 rc = pn533_send_cmd_frame_async(dev, dev->out_frame, dev->in_frame, 1971 rc = pn533_send_cmd_async(dev, PN533_CMD_IN_JUMP_FOR_DEP, skb,
1825 dev->in_maxlen, pn533_in_dep_link_up_complete, 1972 pn533_in_dep_link_up_complete, arg);
1826 cmd, GFP_KERNEL); 1973
1827 if (rc < 0) 1974 if (rc < 0) {
1828 kfree(cmd); 1975 dev_kfree_skb(skb);
1976 kfree(arg);
1977 }
1829 1978
1830 return rc; 1979 return rc;
1831} 1980}
@@ -1834,6 +1983,8 @@ static int pn533_dep_link_down(struct nfc_dev *nfc_dev)
1834{ 1983{
1835 struct pn533 *dev = nfc_get_drvdata(nfc_dev); 1984 struct pn533 *dev = nfc_get_drvdata(nfc_dev);
1836 1985
1986 nfc_dev_dbg(&dev->interface->dev, "%s", __func__);
1987
1837 pn533_poll_reset_mod_list(dev); 1988 pn533_poll_reset_mod_list(dev);
1838 1989
1839 if (dev->tgt_mode || dev->tgt_active_prot) { 1990 if (dev->tgt_mode || dev->tgt_active_prot) {
@@ -1849,68 +2000,7 @@ static int pn533_dep_link_down(struct nfc_dev *nfc_dev)
1849 return 0; 2000 return 0;
1850} 2001}
1851 2002
1852static int pn533_build_tx_frame(struct pn533 *dev, struct sk_buff *skb,
1853 bool target)
1854{
1855 int payload_len = skb->len;
1856 struct pn533_frame *out_frame;
1857 u8 tg;
1858
1859 nfc_dev_dbg(&dev->interface->dev, "%s - Sending %d bytes", __func__,
1860 payload_len);
1861
1862 if (payload_len > PN533_CMD_DATAEXCH_DATA_MAXLEN) {
1863 /* TODO: Implement support to multi-part data exchange */
1864 nfc_dev_err(&dev->interface->dev, "Data length greater than the"
1865 " max allowed: %d",
1866 PN533_CMD_DATAEXCH_DATA_MAXLEN);
1867 return -ENOSYS;
1868 }
1869
1870 if (target == true) {
1871 switch (dev->device_type) {
1872 case PN533_DEVICE_PASORI:
1873 if (dev->tgt_active_prot == NFC_PROTO_FELICA) {
1874 skb_push(skb, PN533_CMD_DATAEXCH_HEAD_LEN - 1);
1875 out_frame = (struct pn533_frame *) skb->data;
1876 pn533_tx_frame_init(out_frame,
1877 PN533_CMD_IN_COMM_THRU);
1878
1879 break;
1880 }
1881
1882 default:
1883 skb_push(skb, PN533_CMD_DATAEXCH_HEAD_LEN);
1884 out_frame = (struct pn533_frame *) skb->data;
1885 pn533_tx_frame_init(out_frame,
1886 PN533_CMD_IN_DATA_EXCHANGE);
1887 tg = 1;
1888 memcpy(PN533_FRAME_CMD_PARAMS_PTR(out_frame),
1889 &tg, sizeof(u8));
1890 out_frame->datalen += sizeof(u8);
1891
1892 break;
1893 }
1894
1895 } else {
1896 skb_push(skb, PN533_CMD_DATAEXCH_HEAD_LEN - 1);
1897 out_frame = (struct pn533_frame *) skb->data;
1898 pn533_tx_frame_init(out_frame, PN533_CMD_TG_SET_DATA);
1899 }
1900
1901
1902 /* The data is already in the out_frame, just update the datalen */
1903 out_frame->datalen += payload_len;
1904
1905 pn533_tx_frame_finish(out_frame);
1906 skb_put(skb, PN533_FRAME_TAIL_SIZE);
1907
1908 return 0;
1909}
1910
1911struct pn533_data_exchange_arg { 2003struct pn533_data_exchange_arg {
1912 struct sk_buff *skb_resp;
1913 struct sk_buff *skb_out;
1914 data_exchange_cb_t cb; 2004 data_exchange_cb_t cb;
1915 void *cb_context; 2005 void *cb_context;
1916}; 2006};
@@ -1920,7 +2010,7 @@ static struct sk_buff *pn533_build_response(struct pn533 *dev)
1920 struct sk_buff *skb, *tmp, *t; 2010 struct sk_buff *skb, *tmp, *t;
1921 unsigned int skb_len = 0, tmp_len = 0; 2011 unsigned int skb_len = 0, tmp_len = 0;
1922 2012
1923 nfc_dev_dbg(&dev->interface->dev, "%s\n", __func__); 2013 nfc_dev_dbg(&dev->interface->dev, "%s", __func__);
1924 2014
1925 if (skb_queue_empty(&dev->resp_q)) 2015 if (skb_queue_empty(&dev->resp_q))
1926 return NULL; 2016 return NULL;
@@ -1954,46 +2044,44 @@ out:
1954} 2044}
1955 2045
1956static int pn533_data_exchange_complete(struct pn533 *dev, void *_arg, 2046static int pn533_data_exchange_complete(struct pn533 *dev, void *_arg,
1957 u8 *params, int params_len) 2047 struct sk_buff *resp)
1958{ 2048{
1959 struct pn533_data_exchange_arg *arg = _arg; 2049 struct pn533_data_exchange_arg *arg = _arg;
1960 struct sk_buff *skb = NULL, *skb_resp = arg->skb_resp; 2050 struct sk_buff *skb;
1961 struct pn533_frame *in_frame = (struct pn533_frame *) skb_resp->data; 2051 int rc = 0;
1962 int err = 0; 2052 u8 status, ret, mi;
1963 u8 status;
1964 u8 cmd_ret;
1965 2053
1966 nfc_dev_dbg(&dev->interface->dev, "%s", __func__); 2054 nfc_dev_dbg(&dev->interface->dev, "%s", __func__);
1967 2055
1968 dev_kfree_skb(arg->skb_out); 2056 if (IS_ERR(resp)) {
1969 2057 rc = PTR_ERR(resp);
1970 if (params_len < 0) { /* error */ 2058 goto _error;
1971 err = params_len;
1972 goto error;
1973 } 2059 }
1974 2060
1975 status = params[0]; 2061 status = resp->data[0];
2062 ret = status & PN533_CMD_RET_MASK;
2063 mi = status & PN533_CMD_MI_MASK;
2064
2065 skb_pull(resp, sizeof(status));
1976 2066
1977 cmd_ret = status & PN533_CMD_RET_MASK; 2067 if (ret != PN533_CMD_RET_SUCCESS) {
1978 if (cmd_ret != PN533_CMD_RET_SUCCESS) { 2068 nfc_dev_err(&dev->interface->dev,
1979 nfc_dev_err(&dev->interface->dev, "PN533 reported error %d when" 2069 "PN533 reported error %d when exchanging data",
1980 " exchanging data", cmd_ret); 2070 ret);
1981 err = -EIO; 2071 rc = -EIO;
1982 goto error; 2072 goto error;
1983 } 2073 }
1984 2074
1985 skb_put(skb_resp, PN533_FRAME_SIZE(in_frame)); 2075 skb_queue_tail(&dev->resp_q, resp);
1986 skb_pull(skb_resp, PN533_CMD_DATAEXCH_HEAD_LEN);
1987 skb_trim(skb_resp, skb_resp->len - PN533_FRAME_TAIL_SIZE);
1988 skb_queue_tail(&dev->resp_q, skb_resp);
1989 2076
1990 if (status & PN533_CMD_MI_MASK) { 2077 if (mi) {
2078 dev->cmd_complete_mi_arg = arg;
1991 queue_work(dev->wq, &dev->mi_work); 2079 queue_work(dev->wq, &dev->mi_work);
1992 return -EINPROGRESS; 2080 return -EINPROGRESS;
1993 } 2081 }
1994 2082
1995 skb = pn533_build_response(dev); 2083 skb = pn533_build_response(dev);
1996 if (skb == NULL) 2084 if (!skb)
1997 goto error; 2085 goto error;
1998 2086
1999 arg->cb(arg->cb_context, skb, 0); 2087 arg->cb(arg->cb_context, skb, 0);
@@ -2001,11 +2089,12 @@ static int pn533_data_exchange_complete(struct pn533 *dev, void *_arg,
2001 return 0; 2089 return 0;
2002 2090
2003error: 2091error:
2092 dev_kfree_skb(resp);
2093_error:
2004 skb_queue_purge(&dev->resp_q); 2094 skb_queue_purge(&dev->resp_q);
2005 dev_kfree_skb(skb_resp); 2095 arg->cb(arg->cb_context, NULL, rc);
2006 arg->cb(arg->cb_context, NULL, err);
2007 kfree(arg); 2096 kfree(arg);
2008 return 0; 2097 return rc;
2009} 2098}
2010 2099
2011static int pn533_transceive(struct nfc_dev *nfc_dev, 2100static int pn533_transceive(struct nfc_dev *nfc_dev,
@@ -2013,87 +2102,82 @@ static int pn533_transceive(struct nfc_dev *nfc_dev,
2013 data_exchange_cb_t cb, void *cb_context) 2102 data_exchange_cb_t cb, void *cb_context)
2014{ 2103{
2015 struct pn533 *dev = nfc_get_drvdata(nfc_dev); 2104 struct pn533 *dev = nfc_get_drvdata(nfc_dev);
2016 struct pn533_frame *out_frame, *in_frame; 2105 struct pn533_data_exchange_arg *arg = NULL;
2017 struct pn533_data_exchange_arg *arg;
2018 struct sk_buff *skb_resp;
2019 int skb_resp_len;
2020 int rc; 2106 int rc;
2021 2107
2022 nfc_dev_dbg(&dev->interface->dev, "%s", __func__); 2108 nfc_dev_dbg(&dev->interface->dev, "%s", __func__);
2023 2109
2024 if (!dev->tgt_active_prot) { 2110 if (skb->len > PN533_CMD_DATAEXCH_DATA_MAXLEN) {
2025 nfc_dev_err(&dev->interface->dev, "Cannot exchange data if" 2111 /* TODO: Implement support to multi-part data exchange */
2026 " there is no active target"); 2112 nfc_dev_err(&dev->interface->dev,
2027 rc = -EINVAL; 2113 "Data length greater than the max allowed: %d",
2114 PN533_CMD_DATAEXCH_DATA_MAXLEN);
2115 rc = -ENOSYS;
2028 goto error; 2116 goto error;
2029 } 2117 }
2030 2118
2031 rc = pn533_build_tx_frame(dev, skb, true); 2119 if (!dev->tgt_active_prot) {
2032 if (rc) 2120 nfc_dev_err(&dev->interface->dev,
2033 goto error; 2121 "Can't exchange data if there is no active target");
2034 2122 rc = -EINVAL;
2035 skb_resp_len = PN533_CMD_DATAEXCH_HEAD_LEN +
2036 PN533_CMD_DATAEXCH_DATA_MAXLEN +
2037 PN533_FRAME_TAIL_SIZE;
2038
2039 skb_resp = nfc_alloc_recv_skb(skb_resp_len, GFP_KERNEL);
2040 if (!skb_resp) {
2041 rc = -ENOMEM;
2042 goto error; 2123 goto error;
2043 } 2124 }
2044 2125
2045 in_frame = (struct pn533_frame *) skb_resp->data; 2126 arg = kmalloc(sizeof(*arg), GFP_KERNEL);
2046 out_frame = (struct pn533_frame *) skb->data;
2047
2048 arg = kmalloc(sizeof(struct pn533_data_exchange_arg), GFP_KERNEL);
2049 if (!arg) { 2127 if (!arg) {
2050 rc = -ENOMEM; 2128 rc = -ENOMEM;
2051 goto free_skb_resp; 2129 goto error;
2052 } 2130 }
2053 2131
2054 arg->skb_resp = skb_resp;
2055 arg->skb_out = skb;
2056 arg->cb = cb; 2132 arg->cb = cb;
2057 arg->cb_context = cb_context; 2133 arg->cb_context = cb_context;
2058 2134
2059 rc = pn533_send_cmd_frame_async(dev, out_frame, in_frame, skb_resp_len, 2135 switch (dev->device_type) {
2060 pn533_data_exchange_complete, arg, 2136 case PN533_DEVICE_PASORI:
2061 GFP_KERNEL); 2137 if (dev->tgt_active_prot == NFC_PROTO_FELICA) {
2062 if (rc) { 2138 rc = pn533_send_data_async(dev, PN533_CMD_IN_COMM_THRU,
2063 nfc_dev_err(&dev->interface->dev, "Error %d when trying to" 2139 skb,
2064 " perform data_exchange", rc); 2140 pn533_data_exchange_complete,
2065 goto free_arg; 2141 arg);
2142
2143 break;
2144 }
2145 default:
2146 *skb_push(skb, sizeof(u8)) = 1; /*TG*/
2147
2148 rc = pn533_send_data_async(dev, PN533_CMD_IN_DATA_EXCHANGE,
2149 skb, pn533_data_exchange_complete,
2150 arg);
2151
2152 break;
2066 } 2153 }
2067 2154
2155 if (rc < 0) /* rc from send_async */
2156 goto error;
2157
2068 return 0; 2158 return 0;
2069 2159
2070free_arg:
2071 kfree(arg);
2072free_skb_resp:
2073 kfree_skb(skb_resp);
2074error: 2160error:
2075 kfree_skb(skb); 2161 kfree(arg);
2162 dev_kfree_skb(skb);
2076 return rc; 2163 return rc;
2077} 2164}
2078 2165
2079static int pn533_tm_send_complete(struct pn533 *dev, void *arg, 2166static int pn533_tm_send_complete(struct pn533 *dev, void *arg,
2080 u8 *params, int params_len) 2167 struct sk_buff *resp)
2081{ 2168{
2082 struct sk_buff *skb_out = arg; 2169 u8 status;
2083 2170
2084 nfc_dev_dbg(&dev->interface->dev, "%s", __func__); 2171 nfc_dev_dbg(&dev->interface->dev, "%s", __func__);
2085 2172
2086 dev_kfree_skb(skb_out); 2173 if (IS_ERR(resp))
2174 return PTR_ERR(resp);
2087 2175
2088 if (params_len < 0) { 2176 status = resp->data[0];
2089 nfc_dev_err(&dev->interface->dev,
2090 "Error %d when sending data",
2091 params_len);
2092 2177
2093 return params_len; 2178 dev_kfree_skb(resp);
2094 }
2095 2179
2096 if (params_len > 0 && params[0] != 0) { 2180 if (status != 0) {
2097 nfc_tm_deactivated(dev->nfc_dev); 2181 nfc_tm_deactivated(dev->nfc_dev);
2098 2182
2099 dev->tgt_mode = 0; 2183 dev->tgt_mode = 0;
@@ -2109,30 +2193,21 @@ static int pn533_tm_send_complete(struct pn533 *dev, void *arg,
2109static int pn533_tm_send(struct nfc_dev *nfc_dev, struct sk_buff *skb) 2193static int pn533_tm_send(struct nfc_dev *nfc_dev, struct sk_buff *skb)
2110{ 2194{
2111 struct pn533 *dev = nfc_get_drvdata(nfc_dev); 2195 struct pn533 *dev = nfc_get_drvdata(nfc_dev);
2112 struct pn533_frame *out_frame;
2113 int rc; 2196 int rc;
2114 2197
2115 nfc_dev_dbg(&dev->interface->dev, "%s", __func__); 2198 nfc_dev_dbg(&dev->interface->dev, "%s", __func__);
2116 2199
2117 rc = pn533_build_tx_frame(dev, skb, false); 2200 if (skb->len > PN533_CMD_DATAEXCH_DATA_MAXLEN) {
2118 if (rc)
2119 goto error;
2120
2121 out_frame = (struct pn533_frame *) skb->data;
2122
2123 rc = pn533_send_cmd_frame_async(dev, out_frame, dev->in_frame,
2124 dev->in_maxlen, pn533_tm_send_complete,
2125 skb, GFP_KERNEL);
2126 if (rc) {
2127 nfc_dev_err(&dev->interface->dev, 2201 nfc_dev_err(&dev->interface->dev,
2128 "Error %d when trying to send data", rc); 2202 "Data length greater than the max allowed: %d",
2129 goto error; 2203 PN533_CMD_DATAEXCH_DATA_MAXLEN);
2204 return -ENOSYS;
2130 } 2205 }
2131 2206
2132 return 0; 2207 rc = pn533_send_data_async(dev, PN533_CMD_TG_SET_DATA, skb,
2133 2208 pn533_tm_send_complete, NULL);
2134error: 2209 if (rc < 0)
2135 kfree_skb(skb); 2210 dev_kfree_skb(skb);
2136 2211
2137 return rc; 2212 return rc;
2138} 2213}
@@ -2140,107 +2215,123 @@ error:
2140static void pn533_wq_mi_recv(struct work_struct *work) 2215static void pn533_wq_mi_recv(struct work_struct *work)
2141{ 2216{
2142 struct pn533 *dev = container_of(work, struct pn533, mi_work); 2217 struct pn533 *dev = container_of(work, struct pn533, mi_work);
2143 struct sk_buff *skb_cmd; 2218
2144 struct pn533_data_exchange_arg *arg = dev->cmd_complete_arg; 2219 struct sk_buff *skb;
2145 struct pn533_frame *out_frame, *in_frame;
2146 struct sk_buff *skb_resp;
2147 int skb_resp_len;
2148 int rc; 2220 int rc;
2149 2221
2150 nfc_dev_dbg(&dev->interface->dev, "%s", __func__); 2222 nfc_dev_dbg(&dev->interface->dev, "%s", __func__);
2151 2223
2152 /* This is a zero payload size skb */ 2224 skb = pn533_alloc_skb(dev, PN533_CMD_DATAEXCH_HEAD_LEN);
2153 skb_cmd = alloc_skb(PN533_CMD_DATAEXCH_HEAD_LEN + PN533_FRAME_TAIL_SIZE, 2225 if (!skb)
2154 GFP_KERNEL); 2226 goto error;
2155 if (skb_cmd == NULL)
2156 goto error_cmd;
2157
2158 skb_reserve(skb_cmd, PN533_CMD_DATAEXCH_HEAD_LEN);
2159 2227
2160 rc = pn533_build_tx_frame(dev, skb_cmd, true); 2228 switch (dev->device_type) {
2161 if (rc) 2229 case PN533_DEVICE_PASORI:
2162 goto error_frame; 2230 if (dev->tgt_active_prot == NFC_PROTO_FELICA) {
2231 rc = pn533_send_cmd_direct_async(dev,
2232 PN533_CMD_IN_COMM_THRU,
2233 skb,
2234 pn533_data_exchange_complete,
2235 dev->cmd_complete_mi_arg);
2163 2236
2164 skb_resp_len = PN533_CMD_DATAEXCH_HEAD_LEN + 2237 break;
2165 PN533_CMD_DATAEXCH_DATA_MAXLEN + 2238 }
2166 PN533_FRAME_TAIL_SIZE; 2239 default:
2167 skb_resp = alloc_skb(skb_resp_len, GFP_KERNEL); 2240 *skb_put(skb, sizeof(u8)) = 1; /*TG*/
2168 if (!skb_resp) {
2169 rc = -ENOMEM;
2170 goto error_frame;
2171 }
2172 2241
2173 in_frame = (struct pn533_frame *) skb_resp->data; 2242 rc = pn533_send_cmd_direct_async(dev,
2174 out_frame = (struct pn533_frame *) skb_cmd->data; 2243 PN533_CMD_IN_DATA_EXCHANGE,
2244 skb,
2245 pn533_data_exchange_complete,
2246 dev->cmd_complete_mi_arg);
2175 2247
2176 arg->skb_resp = skb_resp; 2248 break;
2177 arg->skb_out = skb_cmd; 2249 }
2178 2250
2179 rc = __pn533_send_cmd_frame_async(dev, out_frame, in_frame, 2251 if (rc == 0) /* success */
2180 skb_resp_len,
2181 pn533_data_exchange_complete,
2182 dev->cmd_complete_arg, GFP_KERNEL);
2183 if (!rc)
2184 return; 2252 return;
2185 2253
2186 nfc_dev_err(&dev->interface->dev, "Error %d when trying to" 2254 nfc_dev_err(&dev->interface->dev,
2187 " perform data_exchange", rc); 2255 "Error %d when trying to perform data_exchange", rc);
2188
2189 kfree_skb(skb_resp);
2190 2256
2191error_frame: 2257 dev_kfree_skb(skb);
2192 kfree_skb(skb_cmd); 2258 kfree(dev->cmd_complete_arg);
2193 2259
2194error_cmd: 2260error:
2195 pn533_send_ack(dev, GFP_KERNEL); 2261 pn533_send_ack(dev, GFP_KERNEL);
2196
2197 kfree(arg);
2198
2199 queue_work(dev->wq, &dev->cmd_work); 2262 queue_work(dev->wq, &dev->cmd_work);
2200} 2263}
2201 2264
2202static int pn533_set_configuration(struct pn533 *dev, u8 cfgitem, u8 *cfgdata, 2265static int pn533_set_configuration(struct pn533 *dev, u8 cfgitem, u8 *cfgdata,
2203 u8 cfgdata_len) 2266 u8 cfgdata_len)
2204{ 2267{
2205 int rc; 2268 struct sk_buff *skb;
2206 u8 *params; 2269 struct sk_buff *resp;
2270
2271 int skb_len;
2207 2272
2208 nfc_dev_dbg(&dev->interface->dev, "%s", __func__); 2273 nfc_dev_dbg(&dev->interface->dev, "%s", __func__);
2209 2274
2210 pn533_tx_frame_init(dev->out_frame, PN533_CMD_RF_CONFIGURATION); 2275 skb_len = sizeof(cfgitem) + cfgdata_len; /* cfgitem + cfgdata */
2211 2276
2212 params = PN533_FRAME_CMD_PARAMS_PTR(dev->out_frame); 2277 skb = pn533_alloc_skb(dev, skb_len);
2213 params[0] = cfgitem; 2278 if (!skb)
2214 memcpy(&params[1], cfgdata, cfgdata_len); 2279 return -ENOMEM;
2215 dev->out_frame->datalen += (1 + cfgdata_len);
2216 2280
2217 pn533_tx_frame_finish(dev->out_frame); 2281 *skb_put(skb, sizeof(cfgitem)) = cfgitem;
2282 memcpy(skb_put(skb, cfgdata_len), cfgdata, cfgdata_len);
2218 2283
2219 rc = pn533_send_cmd_frame_sync(dev, dev->out_frame, dev->in_frame, 2284 resp = pn533_send_cmd_sync(dev, PN533_CMD_RF_CONFIGURATION, skb);
2220 dev->in_maxlen); 2285 if (IS_ERR(resp))
2286 return PTR_ERR(resp);
2221 2287
2222 return rc; 2288 dev_kfree_skb(resp);
2289 return 0;
2290}
2291
2292static int pn533_get_firmware_version(struct pn533 *dev,
2293 struct pn533_fw_version *fv)
2294{
2295 struct sk_buff *skb;
2296 struct sk_buff *resp;
2297
2298 skb = pn533_alloc_skb(dev, 0);
2299 if (!skb)
2300 return -ENOMEM;
2301
2302 resp = pn533_send_cmd_sync(dev, PN533_CMD_GET_FIRMWARE_VERSION, skb);
2303 if (IS_ERR(resp))
2304 return PTR_ERR(resp);
2305
2306 fv->ic = resp->data[0];
2307 fv->ver = resp->data[1];
2308 fv->rev = resp->data[2];
2309 fv->support = resp->data[3];
2310
2311 dev_kfree_skb(resp);
2312 return 0;
2223} 2313}
2224 2314
2225static int pn533_fw_reset(struct pn533 *dev) 2315static int pn533_fw_reset(struct pn533 *dev)
2226{ 2316{
2227 int rc; 2317 struct sk_buff *skb;
2228 u8 *params; 2318 struct sk_buff *resp;
2229 2319
2230 nfc_dev_dbg(&dev->interface->dev, "%s", __func__); 2320 nfc_dev_dbg(&dev->interface->dev, "%s", __func__);
2231 2321
2232 pn533_tx_frame_init(dev->out_frame, 0x18); 2322 skb = pn533_alloc_skb(dev, sizeof(u8));
2323 if (!skb)
2324 return -ENOMEM;
2233 2325
2234 params = PN533_FRAME_CMD_PARAMS_PTR(dev->out_frame); 2326 *skb_put(skb, sizeof(u8)) = 0x1;
2235 params[0] = 0x1;
2236 dev->out_frame->datalen += 1;
2237 2327
2238 pn533_tx_frame_finish(dev->out_frame); 2328 resp = pn533_send_cmd_sync(dev, 0x18, skb);
2329 if (IS_ERR(resp))
2330 return PTR_ERR(resp);
2239 2331
2240 rc = pn533_send_cmd_frame_sync(dev, dev->out_frame, dev->in_frame, 2332 dev_kfree_skb(resp);
2241 dev->in_maxlen);
2242 2333
2243 return rc; 2334 return 0;
2244} 2335}
2245 2336
2246static struct nfc_ops pn533_nfc_ops = { 2337static struct nfc_ops pn533_nfc_ops = {
@@ -2337,7 +2428,7 @@ static int pn533_setup(struct pn533 *dev)
2337static int pn533_probe(struct usb_interface *interface, 2428static int pn533_probe(struct usb_interface *interface,
2338 const struct usb_device_id *id) 2429 const struct usb_device_id *id)
2339{ 2430{
2340 struct pn533_fw_version *fw_ver; 2431 struct pn533_fw_version fw_ver;
2341 struct pn533 *dev; 2432 struct pn533 *dev;
2342 struct usb_host_interface *iface_desc; 2433 struct usb_host_interface *iface_desc;
2343 struct usb_endpoint_descriptor *endpoint; 2434 struct usb_endpoint_descriptor *endpoint;
@@ -2359,41 +2450,32 @@ static int pn533_probe(struct usb_interface *interface,
2359 for (i = 0; i < iface_desc->desc.bNumEndpoints; ++i) { 2450 for (i = 0; i < iface_desc->desc.bNumEndpoints; ++i) {
2360 endpoint = &iface_desc->endpoint[i].desc; 2451 endpoint = &iface_desc->endpoint[i].desc;
2361 2452
2362 if (!in_endpoint && usb_endpoint_is_bulk_in(endpoint)) { 2453 if (!in_endpoint && usb_endpoint_is_bulk_in(endpoint))
2363 dev->in_maxlen = le16_to_cpu(endpoint->wMaxPacketSize);
2364 in_endpoint = endpoint->bEndpointAddress; 2454 in_endpoint = endpoint->bEndpointAddress;
2365 }
2366 2455
2367 if (!out_endpoint && usb_endpoint_is_bulk_out(endpoint)) { 2456 if (!out_endpoint && usb_endpoint_is_bulk_out(endpoint))
2368 dev->out_maxlen =
2369 le16_to_cpu(endpoint->wMaxPacketSize);
2370 out_endpoint = endpoint->bEndpointAddress; 2457 out_endpoint = endpoint->bEndpointAddress;
2371 }
2372 } 2458 }
2373 2459
2374 if (!in_endpoint || !out_endpoint) { 2460 if (!in_endpoint || !out_endpoint) {
2375 nfc_dev_err(&interface->dev, "Could not find bulk-in or" 2461 nfc_dev_err(&interface->dev,
2376 " bulk-out endpoint"); 2462 "Could not find bulk-in or bulk-out endpoint");
2377 rc = -ENODEV; 2463 rc = -ENODEV;
2378 goto error; 2464 goto error;
2379 } 2465 }
2380 2466
2381 dev->in_frame = kmalloc(PN533_NORMAL_FRAME_MAX_LEN, GFP_KERNEL);
2382 dev->in_urb = usb_alloc_urb(0, GFP_KERNEL); 2467 dev->in_urb = usb_alloc_urb(0, GFP_KERNEL);
2383 dev->out_frame = kmalloc(PN533_NORMAL_FRAME_MAX_LEN, GFP_KERNEL);
2384 dev->out_urb = usb_alloc_urb(0, GFP_KERNEL); 2468 dev->out_urb = usb_alloc_urb(0, GFP_KERNEL);
2385 2469
2386 if (!dev->in_frame || !dev->out_frame || 2470 if (!dev->in_urb || !dev->out_urb)
2387 !dev->in_urb || !dev->out_urb)
2388 goto error; 2471 goto error;
2389 2472
2390 usb_fill_bulk_urb(dev->in_urb, dev->udev, 2473 usb_fill_bulk_urb(dev->in_urb, dev->udev,
2391 usb_rcvbulkpipe(dev->udev, in_endpoint), 2474 usb_rcvbulkpipe(dev->udev, in_endpoint),
2392 NULL, 0, NULL, dev); 2475 NULL, 0, NULL, dev);
2393 usb_fill_bulk_urb(dev->out_urb, dev->udev, 2476 usb_fill_bulk_urb(dev->out_urb, dev->udev,
2394 usb_sndbulkpipe(dev->udev, out_endpoint), 2477 usb_sndbulkpipe(dev->udev, out_endpoint),
2395 NULL, 0, 2478 NULL, 0, pn533_send_complete, dev);
2396 pn533_send_complete, dev);
2397 2479
2398 INIT_WORK(&dev->cmd_work, pn533_wq_cmd); 2480 INIT_WORK(&dev->cmd_work, pn533_wq_cmd);
2399 INIT_WORK(&dev->cmd_complete_work, pn533_wq_cmd_complete); 2481 INIT_WORK(&dev->cmd_complete_work, pn533_wq_cmd_complete);
@@ -2414,18 +2496,7 @@ static int pn533_probe(struct usb_interface *interface,
2414 2496
2415 usb_set_intfdata(interface, dev); 2497 usb_set_intfdata(interface, dev);
2416 2498
2417 pn533_tx_frame_init(dev->out_frame, PN533_CMD_GET_FIRMWARE_VERSION); 2499 dev->ops = &pn533_std_frame_ops;
2418 pn533_tx_frame_finish(dev->out_frame);
2419
2420 rc = pn533_send_cmd_frame_sync(dev, dev->out_frame, dev->in_frame,
2421 dev->in_maxlen);
2422 if (rc)
2423 goto destroy_wq;
2424
2425 fw_ver = (struct pn533_fw_version *)
2426 PN533_FRAME_CMD_PARAMS_PTR(dev->in_frame);
2427 nfc_dev_info(&dev->interface->dev, "NXP PN533 firmware ver %d.%d now"
2428 " attached", fw_ver->ver, fw_ver->rev);
2429 2500
2430 dev->device_type = id->driver_info; 2501 dev->device_type = id->driver_info;
2431 switch (dev->device_type) { 2502 switch (dev->device_type) {
@@ -2444,9 +2515,21 @@ static int pn533_probe(struct usb_interface *interface,
2444 goto destroy_wq; 2515 goto destroy_wq;
2445 } 2516 }
2446 2517
2518 memset(&fw_ver, 0, sizeof(fw_ver));
2519 rc = pn533_get_firmware_version(dev, &fw_ver);
2520 if (rc < 0)
2521 goto destroy_wq;
2522
2523 nfc_dev_info(&dev->interface->dev,
2524 "NXP PN533 firmware ver %d.%d now attached",
2525 fw_ver.ver, fw_ver.rev);
2526
2527
2447 dev->nfc_dev = nfc_allocate_device(&pn533_nfc_ops, protocols, 2528 dev->nfc_dev = nfc_allocate_device(&pn533_nfc_ops, protocols,
2529 NFC_SE_NONE,
2530 dev->ops->tx_header_len +
2448 PN533_CMD_DATAEXCH_HEAD_LEN, 2531 PN533_CMD_DATAEXCH_HEAD_LEN,
2449 PN533_FRAME_TAIL_SIZE); 2532 dev->ops->tx_tail_len);
2450 if (!dev->nfc_dev) 2533 if (!dev->nfc_dev)
2451 goto destroy_wq; 2534 goto destroy_wq;
2452 2535
@@ -2472,9 +2555,7 @@ free_nfc_dev:
2472destroy_wq: 2555destroy_wq:
2473 destroy_workqueue(dev->wq); 2556 destroy_workqueue(dev->wq);
2474error: 2557error:
2475 kfree(dev->in_frame);
2476 usb_free_urb(dev->in_urb); 2558 usb_free_urb(dev->in_urb);
2477 kfree(dev->out_frame);
2478 usb_free_urb(dev->out_urb); 2559 usb_free_urb(dev->out_urb);
2479 kfree(dev); 2560 kfree(dev);
2480 return rc; 2561 return rc;
@@ -2505,9 +2586,7 @@ static void pn533_disconnect(struct usb_interface *interface)
2505 kfree(cmd); 2586 kfree(cmd);
2506 } 2587 }
2507 2588
2508 kfree(dev->in_frame);
2509 usb_free_urb(dev->in_urb); 2589 usb_free_urb(dev->in_urb);
2510 kfree(dev->out_frame);
2511 usb_free_urb(dev->out_urb); 2590 usb_free_urb(dev->out_urb);
2512 kfree(dev); 2591 kfree(dev);
2513 2592
diff --git a/drivers/nfc/pn544/Kconfig b/drivers/nfc/pn544/Kconfig
new file mode 100644
index 000000000000..c277790ac71c
--- /dev/null
+++ b/drivers/nfc/pn544/Kconfig
@@ -0,0 +1,23 @@
1config NFC_PN544
2 tristate "NXP PN544 NFC driver"
3 depends on NFC_HCI
4 select CRC_CCITT
5 default n
6 ---help---
7 NXP PN544 core driver.
8 This is a driver based on the HCI NFC kernel layers and
9 will thus not work with NXP libnfc library.
10
11 To compile this driver as a module, choose m here. The module will
12 be called pn544.
13 Say N if unsure.
14
15config NFC_PN544_I2C
16 tristate "NFC PN544 i2c support"
17 depends on NFC_PN544 && I2C && NFC_SHDLC
18 ---help---
19 This module adds support for the NXP pn544 i2c interface.
20 Select this if your platform is using the i2c bus.
21
22 If you choose to build a module, it'll be called pn544_i2c.
23 Say N if unsure. \ No newline at end of file
diff --git a/drivers/nfc/pn544/Makefile b/drivers/nfc/pn544/Makefile
index 725733881eb3..ac076793687d 100644
--- a/drivers/nfc/pn544/Makefile
+++ b/drivers/nfc/pn544/Makefile
@@ -2,6 +2,7 @@
2# Makefile for PN544 HCI based NFC driver 2# Makefile for PN544 HCI based NFC driver
3# 3#
4 4
5obj-$(CONFIG_PN544_HCI_NFC) += pn544_i2c.o 5pn544_i2c-objs = i2c.o
6 6
7pn544_i2c-y := pn544.o i2c.o 7obj-$(CONFIG_NFC_PN544) += pn544.o
8obj-$(CONFIG_NFC_PN544_I2C) += pn544_i2c.o
diff --git a/drivers/nfc/pn544/i2c.c b/drivers/nfc/pn544/i2c.c
index 7da9071b68b6..7f96ca2c46bd 100644
--- a/drivers/nfc/pn544/i2c.c
+++ b/drivers/nfc/pn544/i2c.c
@@ -376,12 +376,12 @@ static int __devinit pn544_hci_i2c_probe(struct i2c_client *client,
376 return -ENODEV; 376 return -ENODEV;
377 } 377 }
378 378
379 phy = kzalloc(sizeof(struct pn544_i2c_phy), GFP_KERNEL); 379 phy = devm_kzalloc(&client->dev, sizeof(struct pn544_i2c_phy),
380 GFP_KERNEL);
380 if (!phy) { 381 if (!phy) {
381 dev_err(&client->dev, 382 dev_err(&client->dev,
382 "Cannot allocate memory for pn544 i2c phy.\n"); 383 "Cannot allocate memory for pn544 i2c phy.\n");
383 r = -ENOMEM; 384 return -ENOMEM;
384 goto err_phy_alloc;
385 } 385 }
386 386
387 phy->i2c_dev = client; 387 phy->i2c_dev = client;
@@ -390,20 +390,18 @@ static int __devinit pn544_hci_i2c_probe(struct i2c_client *client,
390 pdata = client->dev.platform_data; 390 pdata = client->dev.platform_data;
391 if (pdata == NULL) { 391 if (pdata == NULL) {
392 dev_err(&client->dev, "No platform data\n"); 392 dev_err(&client->dev, "No platform data\n");
393 r = -EINVAL; 393 return -EINVAL;
394 goto err_pdata;
395 } 394 }
396 395
397 if (pdata->request_resources == NULL) { 396 if (pdata->request_resources == NULL) {
398 dev_err(&client->dev, "request_resources() missing\n"); 397 dev_err(&client->dev, "request_resources() missing\n");
399 r = -EINVAL; 398 return -EINVAL;
400 goto err_pdata;
401 } 399 }
402 400
403 r = pdata->request_resources(client); 401 r = pdata->request_resources(client);
404 if (r) { 402 if (r) {
405 dev_err(&client->dev, "Cannot get platform resources\n"); 403 dev_err(&client->dev, "Cannot get platform resources\n");
406 goto err_pdata; 404 return r;
407 } 405 }
408 406
409 phy->gpio_en = pdata->get_gpio(NFC_GPIO_ENABLE); 407 phy->gpio_en = pdata->get_gpio(NFC_GPIO_ENABLE);
@@ -435,10 +433,6 @@ err_rti:
435 if (pdata->free_resources != NULL) 433 if (pdata->free_resources != NULL)
436 pdata->free_resources(); 434 pdata->free_resources();
437 435
438err_pdata:
439 kfree(phy);
440
441err_phy_alloc:
442 return r; 436 return r;
443} 437}
444 438
@@ -458,8 +452,6 @@ static __devexit int pn544_hci_i2c_remove(struct i2c_client *client)
458 if (pdata->free_resources) 452 if (pdata->free_resources)
459 pdata->free_resources(); 453 pdata->free_resources();
460 454
461 kfree(phy);
462
463 return 0; 455 return 0;
464} 456}
465 457
@@ -472,29 +464,7 @@ static struct i2c_driver pn544_hci_i2c_driver = {
472 .remove = __devexit_p(pn544_hci_i2c_remove), 464 .remove = __devexit_p(pn544_hci_i2c_remove),
473}; 465};
474 466
475static int __init pn544_hci_i2c_init(void) 467module_i2c_driver(pn544_hci_i2c_driver);
476{
477 int r;
478
479 pr_debug(DRIVER_DESC ": %s\n", __func__);
480
481 r = i2c_add_driver(&pn544_hci_i2c_driver);
482 if (r) {
483 pr_err(PN544_HCI_I2C_DRIVER_NAME
484 ": driver registration failed\n");
485 return r;
486 }
487
488 return 0;
489}
490
491static void __exit pn544_hci_i2c_exit(void)
492{
493 i2c_del_driver(&pn544_hci_i2c_driver);
494}
495
496module_init(pn544_hci_i2c_init);
497module_exit(pn544_hci_i2c_exit);
498 468
499MODULE_LICENSE("GPL"); 469MODULE_LICENSE("GPL");
500MODULE_DESCRIPTION(DRIVER_DESC); 470MODULE_DESCRIPTION(DRIVER_DESC);
diff --git a/drivers/nfc/pn544/pn544.c b/drivers/nfc/pn544/pn544.c
index cc666de3b8e5..9c5f16e7baef 100644
--- a/drivers/nfc/pn544/pn544.c
+++ b/drivers/nfc/pn544/pn544.c
@@ -20,6 +20,7 @@
20 20
21#include <linux/delay.h> 21#include <linux/delay.h>
22#include <linux/slab.h> 22#include <linux/slab.h>
23#include <linux/module.h>
23 24
24#include <linux/nfc.h> 25#include <linux/nfc.h>
25#include <net/nfc/hci.h> 26#include <net/nfc/hci.h>
@@ -675,11 +676,17 @@ static int pn544_hci_im_transceive(struct nfc_hci_dev *hdev,
675 676
676static int pn544_hci_tm_send(struct nfc_hci_dev *hdev, struct sk_buff *skb) 677static int pn544_hci_tm_send(struct nfc_hci_dev *hdev, struct sk_buff *skb)
677{ 678{
679 int r;
680
678 /* Set default false for multiple information chaining */ 681 /* Set default false for multiple information chaining */
679 *skb_push(skb, 1) = 0; 682 *skb_push(skb, 1) = 0;
680 683
681 return nfc_hci_send_event(hdev, PN544_RF_READER_NFCIP1_TARGET_GATE, 684 r = nfc_hci_send_event(hdev, PN544_RF_READER_NFCIP1_TARGET_GATE,
682 PN544_HCI_EVT_SND_DATA, skb->data, skb->len); 685 PN544_HCI_EVT_SND_DATA, skb->data, skb->len);
686
687 kfree_skb(skb);
688
689 return r;
683} 690}
684 691
685static int pn544_hci_check_presence(struct nfc_hci_dev *hdev, 692static int pn544_hci_check_presence(struct nfc_hci_dev *hdev,
@@ -714,35 +721,40 @@ static int pn544_hci_check_presence(struct nfc_hci_dev *hdev,
714 return 0; 721 return 0;
715} 722}
716 723
717static void pn544_hci_event_received(struct nfc_hci_dev *hdev, u8 gate, 724/*
718 u8 event, struct sk_buff *skb) 725 * Returns:
726 * <= 0: driver handled the event, skb consumed
727 * 1: driver does not handle the event, please do standard processing
728 */
729static int pn544_hci_event_received(struct nfc_hci_dev *hdev, u8 gate, u8 event,
730 struct sk_buff *skb)
719{ 731{
720 struct sk_buff *rgb_skb = NULL; 732 struct sk_buff *rgb_skb = NULL;
721 int r = 0; 733 int r;
722 734
723 pr_debug("hci event %d", event); 735 pr_debug("hci event %d", event);
724 switch (event) { 736 switch (event) {
725 case PN544_HCI_EVT_ACTIVATED: 737 case PN544_HCI_EVT_ACTIVATED:
726 if (gate == PN544_RF_READER_NFCIP1_INITIATOR_GATE) 738 if (gate == PN544_RF_READER_NFCIP1_INITIATOR_GATE) {
727 nfc_hci_target_discovered(hdev, gate); 739 r = nfc_hci_target_discovered(hdev, gate);
728 else if (gate == PN544_RF_READER_NFCIP1_TARGET_GATE) { 740 } else if (gate == PN544_RF_READER_NFCIP1_TARGET_GATE) {
729 r = nfc_hci_get_param(hdev, gate, PN544_DEP_ATR_REQ, 741 r = nfc_hci_get_param(hdev, gate, PN544_DEP_ATR_REQ,
730 &rgb_skb); 742 &rgb_skb);
731
732 if (r < 0) 743 if (r < 0)
733 goto exit; 744 goto exit;
734 745
735 nfc_tm_activated(hdev->ndev, NFC_PROTO_NFC_DEP_MASK, 746 r = nfc_tm_activated(hdev->ndev, NFC_PROTO_NFC_DEP_MASK,
736 NFC_COMM_PASSIVE, rgb_skb->data, 747 NFC_COMM_PASSIVE, rgb_skb->data,
737 rgb_skb->len); 748 rgb_skb->len);
738 749
739 kfree_skb(rgb_skb); 750 kfree_skb(rgb_skb);
751 } else {
752 r = -EINVAL;
740 } 753 }
741
742 break; 754 break;
743 case PN544_HCI_EVT_DEACTIVATED: 755 case PN544_HCI_EVT_DEACTIVATED:
744 nfc_hci_send_event(hdev, gate, 756 r = nfc_hci_send_event(hdev, gate, NFC_HCI_EVT_END_OPERATION,
745 NFC_HCI_EVT_END_OPERATION, NULL, 0); 757 NULL, 0);
746 break; 758 break;
747 case PN544_HCI_EVT_RCV_DATA: 759 case PN544_HCI_EVT_RCV_DATA:
748 if (skb->len < 2) { 760 if (skb->len < 2) {
@@ -757,15 +769,15 @@ static void pn544_hci_event_received(struct nfc_hci_dev *hdev, u8 gate,
757 } 769 }
758 770
759 skb_pull(skb, 2); 771 skb_pull(skb, 2);
760 nfc_tm_data_received(hdev->ndev, skb); 772 return nfc_tm_data_received(hdev->ndev, skb);
761
762 return;
763 default: 773 default:
764 break; 774 return 1;
765 } 775 }
766 776
767exit: 777exit:
768 kfree_skb(skb); 778 kfree_skb(skb);
779
780 return r;
769} 781}
770 782
771static struct nfc_hci_ops pn544_hci_ops = { 783static struct nfc_hci_ops pn544_hci_ops = {
@@ -789,7 +801,7 @@ int pn544_hci_probe(void *phy_id, struct nfc_phy_ops *phy_ops, char *llc_name,
789 struct nfc_hci_dev **hdev) 801 struct nfc_hci_dev **hdev)
790{ 802{
791 struct pn544_hci_info *info; 803 struct pn544_hci_info *info;
792 u32 protocols; 804 u32 protocols, se;
793 struct nfc_hci_init_data init_data; 805 struct nfc_hci_init_data init_data;
794 int r; 806 int r;
795 807
@@ -822,8 +834,10 @@ int pn544_hci_probe(void *phy_id, struct nfc_phy_ops *phy_ops, char *llc_name,
822 NFC_PROTO_ISO14443_B_MASK | 834 NFC_PROTO_ISO14443_B_MASK |
823 NFC_PROTO_NFC_DEP_MASK; 835 NFC_PROTO_NFC_DEP_MASK;
824 836
825 info->hdev = nfc_hci_allocate_device(&pn544_hci_ops, &init_data, 837 se = NFC_SE_UICC | NFC_SE_EMBEDDED;
826 protocols, llc_name, 838
839 info->hdev = nfc_hci_allocate_device(&pn544_hci_ops, &init_data, 0,
840 protocols, se, llc_name,
827 phy_headroom + PN544_CMDS_HEADROOM, 841 phy_headroom + PN544_CMDS_HEADROOM,
828 phy_tailroom, phy_payload); 842 phy_tailroom, phy_payload);
829 if (!info->hdev) { 843 if (!info->hdev) {
@@ -851,6 +865,7 @@ err_alloc_hdev:
851err_info_alloc: 865err_info_alloc:
852 return r; 866 return r;
853} 867}
868EXPORT_SYMBOL(pn544_hci_probe);
854 869
855void pn544_hci_remove(struct nfc_hci_dev *hdev) 870void pn544_hci_remove(struct nfc_hci_dev *hdev)
856{ 871{
@@ -860,3 +875,7 @@ void pn544_hci_remove(struct nfc_hci_dev *hdev)
860 nfc_hci_free_device(hdev); 875 nfc_hci_free_device(hdev);
861 kfree(info); 876 kfree(info);
862} 877}
878EXPORT_SYMBOL(pn544_hci_remove);
879
880MODULE_LICENSE("GPL");
881MODULE_DESCRIPTION(DRIVER_DESC);
diff --git a/drivers/ssb/Kconfig b/drivers/ssb/Kconfig
index ff3c8a21f10d..5ff3a4f19443 100644
--- a/drivers/ssb/Kconfig
+++ b/drivers/ssb/Kconfig
@@ -136,6 +136,11 @@ config SSB_DRIVER_MIPS
136 136
137 If unsure, say N 137 If unsure, say N
138 138
139config SSB_SFLASH
140 bool "SSB serial flash support"
141 depends on SSB_DRIVER_MIPS && BROKEN
142 default y
143
139# Assumption: We are on embedded, if we compile the MIPS core. 144# Assumption: We are on embedded, if we compile the MIPS core.
140config SSB_EMBEDDED 145config SSB_EMBEDDED
141 bool 146 bool
@@ -162,8 +167,7 @@ config SSB_DRIVER_GIGE
162 167
163config SSB_DRIVER_GPIO 168config SSB_DRIVER_GPIO
164 bool "SSB GPIO driver" 169 bool "SSB GPIO driver"
165 depends on SSB 170 depends on SSB && GPIOLIB
166 select GPIOLIB
167 help 171 help
168 Driver to provide access to the GPIO pins on the bus. 172 Driver to provide access to the GPIO pins on the bus.
169 173
diff --git a/drivers/ssb/Makefile b/drivers/ssb/Makefile
index 9159ba77c388..b1ddc116d387 100644
--- a/drivers/ssb/Makefile
+++ b/drivers/ssb/Makefile
@@ -11,6 +11,7 @@ ssb-$(CONFIG_SSB_SDIOHOST) += sdio.o
11# built-in drivers 11# built-in drivers
12ssb-y += driver_chipcommon.o 12ssb-y += driver_chipcommon.o
13ssb-y += driver_chipcommon_pmu.o 13ssb-y += driver_chipcommon_pmu.o
14ssb-$(CONFIG_SSB_SFLASH) += driver_chipcommon_sflash.o
14ssb-$(CONFIG_SSB_DRIVER_MIPS) += driver_mipscore.o 15ssb-$(CONFIG_SSB_DRIVER_MIPS) += driver_mipscore.o
15ssb-$(CONFIG_SSB_DRIVER_EXTIF) += driver_extif.o 16ssb-$(CONFIG_SSB_DRIVER_EXTIF) += driver_extif.o
16ssb-$(CONFIG_SSB_DRIVER_PCICORE) += driver_pcicore.o 17ssb-$(CONFIG_SSB_DRIVER_PCICORE) += driver_pcicore.o
diff --git a/drivers/ssb/driver_chipcommon_sflash.c b/drivers/ssb/driver_chipcommon_sflash.c
new file mode 100644
index 000000000000..720665ca2bb1
--- /dev/null
+++ b/drivers/ssb/driver_chipcommon_sflash.c
@@ -0,0 +1,140 @@
1/*
2 * Sonics Silicon Backplane
3 * ChipCommon serial flash interface
4 *
5 * Licensed under the GNU/GPL. See COPYING for details.
6 */
7
8#include <linux/ssb/ssb.h>
9
10#include "ssb_private.h"
11
12struct ssb_sflash_tbl_e {
13 char *name;
14 u32 id;
15 u32 blocksize;
16 u16 numblocks;
17};
18
19static struct ssb_sflash_tbl_e ssb_sflash_st_tbl[] = {
20 { "M25P20", 0x11, 0x10000, 4, },
21 { "M25P40", 0x12, 0x10000, 8, },
22
23 { "M25P16", 0x14, 0x10000, 32, },
24 { "M25P32", 0x15, 0x10000, 64, },
25 { "M25P64", 0x16, 0x10000, 128, },
26 { "M25FL128", 0x17, 0x10000, 256, },
27 { 0 },
28};
29
30static struct ssb_sflash_tbl_e ssb_sflash_sst_tbl[] = {
31 { "SST25WF512", 1, 0x1000, 16, },
32 { "SST25VF512", 0x48, 0x1000, 16, },
33 { "SST25WF010", 2, 0x1000, 32, },
34 { "SST25VF010", 0x49, 0x1000, 32, },
35 { "SST25WF020", 3, 0x1000, 64, },
36 { "SST25VF020", 0x43, 0x1000, 64, },
37 { "SST25WF040", 4, 0x1000, 128, },
38 { "SST25VF040", 0x44, 0x1000, 128, },
39 { "SST25VF040B", 0x8d, 0x1000, 128, },
40 { "SST25WF080", 5, 0x1000, 256, },
41 { "SST25VF080B", 0x8e, 0x1000, 256, },
42 { "SST25VF016", 0x41, 0x1000, 512, },
43 { "SST25VF032", 0x4a, 0x1000, 1024, },
44 { "SST25VF064", 0x4b, 0x1000, 2048, },
45 { 0 },
46};
47
48static struct ssb_sflash_tbl_e ssb_sflash_at_tbl[] = {
49 { "AT45DB011", 0xc, 256, 512, },
50 { "AT45DB021", 0x14, 256, 1024, },
51 { "AT45DB041", 0x1c, 256, 2048, },
52 { "AT45DB081", 0x24, 256, 4096, },
53 { "AT45DB161", 0x2c, 512, 4096, },
54 { "AT45DB321", 0x34, 512, 8192, },
55 { "AT45DB642", 0x3c, 1024, 8192, },
56 { 0 },
57};
58
59static void ssb_sflash_cmd(struct ssb_chipcommon *cc, u32 opcode)
60{
61 int i;
62 chipco_write32(cc, SSB_CHIPCO_FLASHCTL,
63 SSB_CHIPCO_FLASHCTL_START | opcode);
64 for (i = 0; i < 1000; i++) {
65 if (!(chipco_read32(cc, SSB_CHIPCO_FLASHCTL) &
66 SSB_CHIPCO_FLASHCTL_BUSY))
67 return;
68 cpu_relax();
69 }
70 pr_err("SFLASH control command failed (timeout)!\n");
71}
72
73/* Initialize serial flash access */
74int ssb_sflash_init(struct ssb_chipcommon *cc)
75{
76 struct ssb_sflash_tbl_e *e;
77 u32 id, id2;
78
79 switch (cc->capabilities & SSB_CHIPCO_CAP_FLASHT) {
80 case SSB_CHIPCO_FLASHT_STSER:
81 ssb_sflash_cmd(cc, SSB_CHIPCO_FLASHCTL_ST_DP);
82
83 chipco_write32(cc, SSB_CHIPCO_FLASHADDR, 0);
84 ssb_sflash_cmd(cc, SSB_CHIPCO_FLASHCTL_ST_RES);
85 id = chipco_read32(cc, SSB_CHIPCO_FLASHDATA);
86
87 chipco_write32(cc, SSB_CHIPCO_FLASHADDR, 1);
88 ssb_sflash_cmd(cc, SSB_CHIPCO_FLASHCTL_ST_RES);
89 id2 = chipco_read32(cc, SSB_CHIPCO_FLASHDATA);
90
91 switch (id) {
92 case 0xbf:
93 for (e = ssb_sflash_sst_tbl; e->name; e++) {
94 if (e->id == id2)
95 break;
96 }
97 break;
98 case 0x13:
99 return -ENOTSUPP;
100 default:
101 for (e = ssb_sflash_st_tbl; e->name; e++) {
102 if (e->id == id)
103 break;
104 }
105 break;
106 }
107 if (!e->name) {
108 pr_err("Unsupported ST serial flash (id: 0x%X, id2: 0x%X)\n",
109 id, id2);
110 return -ENOTSUPP;
111 }
112
113 break;
114 case SSB_CHIPCO_FLASHT_ATSER:
115 ssb_sflash_cmd(cc, SSB_CHIPCO_FLASHCTL_AT_STATUS);
116 id = chipco_read32(cc, SSB_CHIPCO_FLASHDATA) & 0x3c;
117
118 for (e = ssb_sflash_at_tbl; e->name; e++) {
119 if (e->id == id)
120 break;
121 }
122 if (!e->name) {
123 pr_err("Unsupported Atmel serial flash (id: 0x%X)\n",
124 id);
125 return -ENOTSUPP;
126 }
127
128 break;
129 default:
130 pr_err("Unsupported flash type\n");
131 return -ENOTSUPP;
132 }
133
134 pr_info("Found %s serial flash (blocksize: 0x%X, blocks: %d)\n",
135 e->name, e->blocksize, e->numblocks);
136
137 pr_err("Serial flash support is not implemented yet!\n");
138
139 return -ENOTSUPP;
140}
diff --git a/drivers/ssb/driver_gpio.c b/drivers/ssb/driver_gpio.c
index 97ac0a38e3d0..accabe39b320 100644
--- a/drivers/ssb/driver_gpio.c
+++ b/drivers/ssb/driver_gpio.c
@@ -74,6 +74,16 @@ static void ssb_gpio_chipco_free(struct gpio_chip *chip, unsigned gpio)
74 ssb_chipco_gpio_pullup(&bus->chipco, 1 << gpio, 0); 74 ssb_chipco_gpio_pullup(&bus->chipco, 1 << gpio, 0);
75} 75}
76 76
77static int ssb_gpio_chipco_to_irq(struct gpio_chip *chip, unsigned gpio)
78{
79 struct ssb_bus *bus = ssb_gpio_get_bus(chip);
80
81 if (bus->bustype == SSB_BUSTYPE_SSB)
82 return ssb_mips_irq(bus->chipco.dev) + 2;
83 else
84 return -EINVAL;
85}
86
77static int ssb_gpio_chipco_init(struct ssb_bus *bus) 87static int ssb_gpio_chipco_init(struct ssb_bus *bus)
78{ 88{
79 struct gpio_chip *chip = &bus->gpio; 89 struct gpio_chip *chip = &bus->gpio;
@@ -86,6 +96,7 @@ static int ssb_gpio_chipco_init(struct ssb_bus *bus)
86 chip->set = ssb_gpio_chipco_set_value; 96 chip->set = ssb_gpio_chipco_set_value;
87 chip->direction_input = ssb_gpio_chipco_direction_input; 97 chip->direction_input = ssb_gpio_chipco_direction_input;
88 chip->direction_output = ssb_gpio_chipco_direction_output; 98 chip->direction_output = ssb_gpio_chipco_direction_output;
99 chip->to_irq = ssb_gpio_chipco_to_irq;
89 chip->ngpio = 16; 100 chip->ngpio = 16;
90 /* There is just one SoC in one device and its GPIO addresses should be 101 /* There is just one SoC in one device and its GPIO addresses should be
91 * deterministic to address them more easily. The other buses could get 102 * deterministic to address them more easily. The other buses could get
@@ -134,6 +145,16 @@ static int ssb_gpio_extif_direction_output(struct gpio_chip *chip,
134 return 0; 145 return 0;
135} 146}
136 147
148static int ssb_gpio_extif_to_irq(struct gpio_chip *chip, unsigned gpio)
149{
150 struct ssb_bus *bus = ssb_gpio_get_bus(chip);
151
152 if (bus->bustype == SSB_BUSTYPE_SSB)
153 return ssb_mips_irq(bus->extif.dev) + 2;
154 else
155 return -EINVAL;
156}
157
137static int ssb_gpio_extif_init(struct ssb_bus *bus) 158static int ssb_gpio_extif_init(struct ssb_bus *bus)
138{ 159{
139 struct gpio_chip *chip = &bus->gpio; 160 struct gpio_chip *chip = &bus->gpio;
@@ -144,6 +165,7 @@ static int ssb_gpio_extif_init(struct ssb_bus *bus)
144 chip->set = ssb_gpio_extif_set_value; 165 chip->set = ssb_gpio_extif_set_value;
145 chip->direction_input = ssb_gpio_extif_direction_input; 166 chip->direction_input = ssb_gpio_extif_direction_input;
146 chip->direction_output = ssb_gpio_extif_direction_output; 167 chip->direction_output = ssb_gpio_extif_direction_output;
168 chip->to_irq = ssb_gpio_extif_to_irq;
147 chip->ngpio = 5; 169 chip->ngpio = 5;
148 /* There is just one SoC in one device and its GPIO addresses should be 170 /* There is just one SoC in one device and its GPIO addresses should be
149 * deterministic to address them more easily. The other buses could get 171 * deterministic to address them more easily. The other buses could get
diff --git a/drivers/ssb/driver_mipscore.c b/drivers/ssb/driver_mipscore.c
index 5bd05b136d22..33b37dac40bd 100644
--- a/drivers/ssb/driver_mipscore.c
+++ b/drivers/ssb/driver_mipscore.c
@@ -10,6 +10,7 @@
10 10
11#include <linux/ssb/ssb.h> 11#include <linux/ssb/ssb.h>
12 12
13#include <linux/mtd/physmap.h>
13#include <linux/serial.h> 14#include <linux/serial.h>
14#include <linux/serial_core.h> 15#include <linux/serial_core.h>
15#include <linux/serial_reg.h> 16#include <linux/serial_reg.h>
@@ -17,6 +18,25 @@
17 18
18#include "ssb_private.h" 19#include "ssb_private.h"
19 20
21static const char *part_probes[] = { "bcm47xxpart", NULL };
22
23static struct physmap_flash_data ssb_pflash_data = {
24 .part_probe_types = part_probes,
25};
26
27static struct resource ssb_pflash_resource = {
28 .name = "ssb_pflash",
29 .flags = IORESOURCE_MEM,
30};
31
32struct platform_device ssb_pflash_dev = {
33 .name = "physmap-flash",
34 .dev = {
35 .platform_data = &ssb_pflash_data,
36 },
37 .resource = &ssb_pflash_resource,
38 .num_resources = 1,
39};
20 40
21static inline u32 mips_read32(struct ssb_mipscore *mcore, 41static inline u32 mips_read32(struct ssb_mipscore *mcore,
22 u16 offset) 42 u16 offset)
@@ -189,34 +209,43 @@ static void ssb_mips_serial_init(struct ssb_mipscore *mcore)
189static void ssb_mips_flash_detect(struct ssb_mipscore *mcore) 209static void ssb_mips_flash_detect(struct ssb_mipscore *mcore)
190{ 210{
191 struct ssb_bus *bus = mcore->dev->bus; 211 struct ssb_bus *bus = mcore->dev->bus;
212 struct ssb_pflash *pflash = &mcore->pflash;
192 213
193 /* When there is no chipcommon on the bus there is 4MB flash */ 214 /* When there is no chipcommon on the bus there is 4MB flash */
194 if (!ssb_chipco_available(&bus->chipco)) { 215 if (!ssb_chipco_available(&bus->chipco)) {
195 mcore->pflash.present = true; 216 pflash->present = true;
196 mcore->pflash.buswidth = 2; 217 pflash->buswidth = 2;
197 mcore->pflash.window = SSB_FLASH1; 218 pflash->window = SSB_FLASH1;
198 mcore->pflash.window_size = SSB_FLASH1_SZ; 219 pflash->window_size = SSB_FLASH1_SZ;
199 return; 220 goto ssb_pflash;
200 } 221 }
201 222
202 /* There is ChipCommon, so use it to read info about flash */ 223 /* There is ChipCommon, so use it to read info about flash */
203 switch (bus->chipco.capabilities & SSB_CHIPCO_CAP_FLASHT) { 224 switch (bus->chipco.capabilities & SSB_CHIPCO_CAP_FLASHT) {
204 case SSB_CHIPCO_FLASHT_STSER: 225 case SSB_CHIPCO_FLASHT_STSER:
205 case SSB_CHIPCO_FLASHT_ATSER: 226 case SSB_CHIPCO_FLASHT_ATSER:
206 pr_err("Serial flash not supported\n"); 227 pr_debug("Found serial flash\n");
228 ssb_sflash_init(&bus->chipco);
207 break; 229 break;
208 case SSB_CHIPCO_FLASHT_PARA: 230 case SSB_CHIPCO_FLASHT_PARA:
209 pr_debug("Found parallel flash\n"); 231 pr_debug("Found parallel flash\n");
210 mcore->pflash.present = true; 232 pflash->present = true;
211 mcore->pflash.window = SSB_FLASH2; 233 pflash->window = SSB_FLASH2;
212 mcore->pflash.window_size = SSB_FLASH2_SZ; 234 pflash->window_size = SSB_FLASH2_SZ;
213 if ((ssb_read32(bus->chipco.dev, SSB_CHIPCO_FLASH_CFG) 235 if ((ssb_read32(bus->chipco.dev, SSB_CHIPCO_FLASH_CFG)
214 & SSB_CHIPCO_CFG_DS16) == 0) 236 & SSB_CHIPCO_CFG_DS16) == 0)
215 mcore->pflash.buswidth = 1; 237 pflash->buswidth = 1;
216 else 238 else
217 mcore->pflash.buswidth = 2; 239 pflash->buswidth = 2;
218 break; 240 break;
219 } 241 }
242
243ssb_pflash:
244 if (pflash->present) {
245 ssb_pflash_data.width = pflash->buswidth;
246 ssb_pflash_resource.start = pflash->window;
247 ssb_pflash_resource.end = pflash->window + pflash->window_size;
248 }
220} 249}
221 250
222u32 ssb_cpu_clock(struct ssb_mipscore *mcore) 251u32 ssb_cpu_clock(struct ssb_mipscore *mcore)
diff --git a/drivers/ssb/main.c b/drivers/ssb/main.c
index c82c5c95fe85..db7705743a8f 100644
--- a/drivers/ssb/main.c
+++ b/drivers/ssb/main.c
@@ -540,6 +540,14 @@ static int ssb_devices_register(struct ssb_bus *bus)
540 dev_idx++; 540 dev_idx++;
541 } 541 }
542 542
543#ifdef CONFIG_SSB_DRIVER_MIPS
544 if (bus->mipscore.pflash.present) {
545 err = platform_device_register(&ssb_pflash_dev);
546 if (err)
547 pr_err("Error registering parallel flash\n");
548 }
549#endif
550
543 return 0; 551 return 0;
544error: 552error:
545 /* Unwind the already registered devices. */ 553 /* Unwind the already registered devices. */
diff --git a/drivers/ssb/ssb_private.h b/drivers/ssb/ssb_private.h
index 6c10b66c796c..53198dcec90e 100644
--- a/drivers/ssb/ssb_private.h
+++ b/drivers/ssb/ssb_private.h
@@ -217,6 +217,21 @@ extern u32 ssb_chipco_watchdog_timer_set_wdt(struct bcm47xx_wdt *wdt,
217 u32 ticks); 217 u32 ticks);
218extern u32 ssb_chipco_watchdog_timer_set_ms(struct bcm47xx_wdt *wdt, u32 ms); 218extern u32 ssb_chipco_watchdog_timer_set_ms(struct bcm47xx_wdt *wdt, u32 ms);
219 219
220/* driver_chipcommon_sflash.c */
221#ifdef CONFIG_SSB_SFLASH
222int ssb_sflash_init(struct ssb_chipcommon *cc);
223#else
224static inline int ssb_sflash_init(struct ssb_chipcommon *cc)
225{
226 pr_err("Serial flash not supported\n");
227 return 0;
228}
229#endif /* CONFIG_SSB_SFLASH */
230
231#ifdef CONFIG_SSB_DRIVER_MIPS
232extern struct platform_device ssb_pflash_dev;
233#endif
234
220#ifdef CONFIG_SSB_DRIVER_EXTIF 235#ifdef CONFIG_SSB_DRIVER_EXTIF
221extern u32 ssb_extif_watchdog_timer_set_wdt(struct bcm47xx_wdt *wdt, u32 ticks); 236extern u32 ssb_extif_watchdog_timer_set_wdt(struct bcm47xx_wdt *wdt, u32 ticks);
222extern u32 ssb_extif_watchdog_timer_set_ms(struct bcm47xx_wdt *wdt, u32 ms); 237extern u32 ssb_extif_watchdog_timer_set_ms(struct bcm47xx_wdt *wdt, u32 ms);
diff --git a/include/linux/bcma/bcma_driver_mips.h b/include/linux/bcma/bcma_driver_mips.h
index 0baf8a56b794..fb61f3fb4ddb 100644
--- a/include/linux/bcma/bcma_driver_mips.h
+++ b/include/linux/bcma/bcma_driver_mips.h
@@ -28,6 +28,7 @@
28#define BCMA_MIPS_MIPS74K_GPIOEN 0x0048 28#define BCMA_MIPS_MIPS74K_GPIOEN 0x0048
29#define BCMA_MIPS_MIPS74K_CLKCTLST 0x01E0 29#define BCMA_MIPS_MIPS74K_CLKCTLST 0x01E0
30 30
31#define BCMA_MIPS_OOBSELINA74 0x004
31#define BCMA_MIPS_OOBSELOUTA30 0x100 32#define BCMA_MIPS_OOBSELOUTA30 0x100
32 33
33struct bcma_device; 34struct bcma_device;
@@ -36,19 +37,23 @@ struct bcma_drv_mips {
36 struct bcma_device *core; 37 struct bcma_device *core;
37 u8 setup_done:1; 38 u8 setup_done:1;
38 u8 early_setup_done:1; 39 u8 early_setup_done:1;
39 unsigned int assigned_irqs;
40}; 40};
41 41
42#ifdef CONFIG_BCMA_DRIVER_MIPS 42#ifdef CONFIG_BCMA_DRIVER_MIPS
43extern void bcma_core_mips_init(struct bcma_drv_mips *mcore); 43extern void bcma_core_mips_init(struct bcma_drv_mips *mcore);
44extern void bcma_core_mips_early_init(struct bcma_drv_mips *mcore); 44extern void bcma_core_mips_early_init(struct bcma_drv_mips *mcore);
45
46extern unsigned int bcma_core_irq(struct bcma_device *core);
45#else 47#else
46static inline void bcma_core_mips_init(struct bcma_drv_mips *mcore) { } 48static inline void bcma_core_mips_init(struct bcma_drv_mips *mcore) { }
47static inline void bcma_core_mips_early_init(struct bcma_drv_mips *mcore) { } 49static inline void bcma_core_mips_early_init(struct bcma_drv_mips *mcore) { }
50
51static inline unsigned int bcma_core_irq(struct bcma_device *core)
52{
53 return 0;
54}
48#endif 55#endif
49 56
50extern u32 bcma_cpu_clock(struct bcma_drv_mips *mcore); 57extern u32 bcma_cpu_clock(struct bcma_drv_mips *mcore);
51 58
52extern unsigned int bcma_core_mips_irq(struct bcma_device *dev);
53
54#endif /* LINUX_BCMA_DRIVER_MIPS_H_ */ 59#endif /* LINUX_BCMA_DRIVER_MIPS_H_ */
diff --git a/include/linux/bcma/bcma_driver_pci.h b/include/linux/bcma/bcma_driver_pci.h
index 41da581e1612..31232247a1ee 100644
--- a/include/linux/bcma/bcma_driver_pci.h
+++ b/include/linux/bcma/bcma_driver_pci.h
@@ -179,6 +179,8 @@ struct pci_dev;
179#define BCMA_CORE_PCI_CFG_FUN_MASK 7 /* Function mask */ 179#define BCMA_CORE_PCI_CFG_FUN_MASK 7 /* Function mask */
180#define BCMA_CORE_PCI_CFG_OFF_MASK 0xfff /* Register mask */ 180#define BCMA_CORE_PCI_CFG_OFF_MASK 0xfff /* Register mask */
181 181
182#define BCMA_CORE_PCI_CFG_DEVCTRL 0xd8
183
182/* PCIE Root Capability Register bits (Host mode only) */ 184/* PCIE Root Capability Register bits (Host mode only) */
183#define BCMA_CORE_PCI_RC_CRS_VISIBILITY 0x0001 185#define BCMA_CORE_PCI_RC_CRS_VISIBILITY 0x0001
184 186
diff --git a/include/linux/ieee80211.h b/include/linux/ieee80211.h
index f0859cc73861..11c8bc87fdcb 100644
--- a/include/linux/ieee80211.h
+++ b/include/linux/ieee80211.h
@@ -180,7 +180,7 @@ struct ieee80211_hdr {
180 u8 addr3[6]; 180 u8 addr3[6];
181 __le16 seq_ctrl; 181 __le16 seq_ctrl;
182 u8 addr4[6]; 182 u8 addr4[6];
183} __attribute__ ((packed)); 183} __packed;
184 184
185struct ieee80211_hdr_3addr { 185struct ieee80211_hdr_3addr {
186 __le16 frame_control; 186 __le16 frame_control;
@@ -189,7 +189,7 @@ struct ieee80211_hdr_3addr {
189 u8 addr2[6]; 189 u8 addr2[6];
190 u8 addr3[6]; 190 u8 addr3[6];
191 __le16 seq_ctrl; 191 __le16 seq_ctrl;
192} __attribute__ ((packed)); 192} __packed;
193 193
194struct ieee80211_qos_hdr { 194struct ieee80211_qos_hdr {
195 __le16 frame_control; 195 __le16 frame_control;
@@ -199,7 +199,7 @@ struct ieee80211_qos_hdr {
199 u8 addr3[6]; 199 u8 addr3[6];
200 __le16 seq_ctrl; 200 __le16 seq_ctrl;
201 __le16 qos_ctrl; 201 __le16 qos_ctrl;
202} __attribute__ ((packed)); 202} __packed;
203 203
204/** 204/**
205 * ieee80211_has_tods - check if IEEE80211_FCTL_TODS is set 205 * ieee80211_has_tods - check if IEEE80211_FCTL_TODS is set
@@ -576,7 +576,7 @@ struct ieee80211s_hdr {
576 __le32 seqnum; 576 __le32 seqnum;
577 u8 eaddr1[6]; 577 u8 eaddr1[6];
578 u8 eaddr2[6]; 578 u8 eaddr2[6];
579} __attribute__ ((packed)); 579} __packed;
580 580
581/* Mesh flags */ 581/* Mesh flags */
582#define MESH_FLAGS_AE_A4 0x1 582#define MESH_FLAGS_AE_A4 0x1
@@ -614,7 +614,7 @@ struct ieee80211_quiet_ie {
614 u8 period; 614 u8 period;
615 __le16 duration; 615 __le16 duration;
616 __le16 offset; 616 __le16 offset;
617} __attribute__ ((packed)); 617} __packed;
618 618
619/** 619/**
620 * struct ieee80211_msrment_ie 620 * struct ieee80211_msrment_ie
@@ -626,7 +626,7 @@ struct ieee80211_msrment_ie {
626 u8 mode; 626 u8 mode;
627 u8 type; 627 u8 type;
628 u8 request[0]; 628 u8 request[0];
629} __attribute__ ((packed)); 629} __packed;
630 630
631/** 631/**
632 * struct ieee80211_channel_sw_ie 632 * struct ieee80211_channel_sw_ie
@@ -637,7 +637,7 @@ struct ieee80211_channel_sw_ie {
637 u8 mode; 637 u8 mode;
638 u8 new_ch_num; 638 u8 new_ch_num;
639 u8 count; 639 u8 count;
640} __attribute__ ((packed)); 640} __packed;
641 641
642/** 642/**
643 * struct ieee80211_tim 643 * struct ieee80211_tim
@@ -650,7 +650,7 @@ struct ieee80211_tim_ie {
650 u8 bitmap_ctrl; 650 u8 bitmap_ctrl;
651 /* variable size: 1 - 251 bytes */ 651 /* variable size: 1 - 251 bytes */
652 u8 virtual_map[1]; 652 u8 virtual_map[1];
653} __attribute__ ((packed)); 653} __packed;
654 654
655/** 655/**
656 * struct ieee80211_meshconf_ie 656 * struct ieee80211_meshconf_ie
@@ -665,7 +665,7 @@ struct ieee80211_meshconf_ie {
665 u8 meshconf_auth; 665 u8 meshconf_auth;
666 u8 meshconf_form; 666 u8 meshconf_form;
667 u8 meshconf_cap; 667 u8 meshconf_cap;
668} __attribute__ ((packed)); 668} __packed;
669 669
670/** 670/**
671 * enum mesh_config_capab_flags - Mesh Configuration IE capability field flags 671 * enum mesh_config_capab_flags - Mesh Configuration IE capability field flags
@@ -695,12 +695,17 @@ struct ieee80211_rann_ie {
695 __le32 rann_seq; 695 __le32 rann_seq;
696 __le32 rann_interval; 696 __le32 rann_interval;
697 __le32 rann_metric; 697 __le32 rann_metric;
698} __attribute__ ((packed)); 698} __packed;
699 699
700enum ieee80211_rann_flags { 700enum ieee80211_rann_flags {
701 RANN_FLAG_IS_GATE = 1 << 0, 701 RANN_FLAG_IS_GATE = 1 << 0,
702}; 702};
703 703
704enum ieee80211_ht_chanwidth_values {
705 IEEE80211_HT_CHANWIDTH_20MHZ = 0,
706 IEEE80211_HT_CHANWIDTH_ANY = 1,
707};
708
704#define WLAN_SA_QUERY_TR_ID_LEN 2 709#define WLAN_SA_QUERY_TR_ID_LEN 2
705 710
706struct ieee80211_mgmt { 711struct ieee80211_mgmt {
@@ -717,33 +722,33 @@ struct ieee80211_mgmt {
717 __le16 status_code; 722 __le16 status_code;
718 /* possibly followed by Challenge text */ 723 /* possibly followed by Challenge text */
719 u8 variable[0]; 724 u8 variable[0];
720 } __attribute__ ((packed)) auth; 725 } __packed auth;
721 struct { 726 struct {
722 __le16 reason_code; 727 __le16 reason_code;
723 } __attribute__ ((packed)) deauth; 728 } __packed deauth;
724 struct { 729 struct {
725 __le16 capab_info; 730 __le16 capab_info;
726 __le16 listen_interval; 731 __le16 listen_interval;
727 /* followed by SSID and Supported rates */ 732 /* followed by SSID and Supported rates */
728 u8 variable[0]; 733 u8 variable[0];
729 } __attribute__ ((packed)) assoc_req; 734 } __packed assoc_req;
730 struct { 735 struct {
731 __le16 capab_info; 736 __le16 capab_info;
732 __le16 status_code; 737 __le16 status_code;
733 __le16 aid; 738 __le16 aid;
734 /* followed by Supported rates */ 739 /* followed by Supported rates */
735 u8 variable[0]; 740 u8 variable[0];
736 } __attribute__ ((packed)) assoc_resp, reassoc_resp; 741 } __packed assoc_resp, reassoc_resp;
737 struct { 742 struct {
738 __le16 capab_info; 743 __le16 capab_info;
739 __le16 listen_interval; 744 __le16 listen_interval;
740 u8 current_ap[6]; 745 u8 current_ap[6];
741 /* followed by SSID and Supported rates */ 746 /* followed by SSID and Supported rates */
742 u8 variable[0]; 747 u8 variable[0];
743 } __attribute__ ((packed)) reassoc_req; 748 } __packed reassoc_req;
744 struct { 749 struct {
745 __le16 reason_code; 750 __le16 reason_code;
746 } __attribute__ ((packed)) disassoc; 751 } __packed disassoc;
747 struct { 752 struct {
748 __le64 timestamp; 753 __le64 timestamp;
749 __le16 beacon_int; 754 __le16 beacon_int;
@@ -751,11 +756,11 @@ struct ieee80211_mgmt {
751 /* followed by some of SSID, Supported rates, 756 /* followed by some of SSID, Supported rates,
752 * FH Params, DS Params, CF Params, IBSS Params, TIM */ 757 * FH Params, DS Params, CF Params, IBSS Params, TIM */
753 u8 variable[0]; 758 u8 variable[0];
754 } __attribute__ ((packed)) beacon; 759 } __packed beacon;
755 struct { 760 struct {
756 /* only variable items: SSID, Supported rates */ 761 /* only variable items: SSID, Supported rates */
757 u8 variable[0]; 762 u8 variable[0];
758 } __attribute__ ((packed)) probe_req; 763 } __packed probe_req;
759 struct { 764 struct {
760 __le64 timestamp; 765 __le64 timestamp;
761 __le16 beacon_int; 766 __le16 beacon_int;
@@ -763,7 +768,7 @@ struct ieee80211_mgmt {
763 /* followed by some of SSID, Supported rates, 768 /* followed by some of SSID, Supported rates,
764 * FH Params, DS Params, CF Params, IBSS Params */ 769 * FH Params, DS Params, CF Params, IBSS Params */
765 u8 variable[0]; 770 u8 variable[0];
766 } __attribute__ ((packed)) probe_resp; 771 } __packed probe_resp;
767 struct { 772 struct {
768 u8 category; 773 u8 category;
769 union { 774 union {
@@ -772,55 +777,59 @@ struct ieee80211_mgmt {
772 u8 dialog_token; 777 u8 dialog_token;
773 u8 status_code; 778 u8 status_code;
774 u8 variable[0]; 779 u8 variable[0];
775 } __attribute__ ((packed)) wme_action; 780 } __packed wme_action;
776 struct{ 781 struct{
777 u8 action_code; 782 u8 action_code;
778 u8 element_id; 783 u8 element_id;
779 u8 length; 784 u8 length;
780 struct ieee80211_channel_sw_ie sw_elem; 785 struct ieee80211_channel_sw_ie sw_elem;
781 } __attribute__((packed)) chan_switch; 786 } __packed chan_switch;
782 struct{ 787 struct{
783 u8 action_code; 788 u8 action_code;
784 u8 dialog_token; 789 u8 dialog_token;
785 u8 element_id; 790 u8 element_id;
786 u8 length; 791 u8 length;
787 struct ieee80211_msrment_ie msr_elem; 792 struct ieee80211_msrment_ie msr_elem;
788 } __attribute__((packed)) measurement; 793 } __packed measurement;
789 struct{ 794 struct{
790 u8 action_code; 795 u8 action_code;
791 u8 dialog_token; 796 u8 dialog_token;
792 __le16 capab; 797 __le16 capab;
793 __le16 timeout; 798 __le16 timeout;
794 __le16 start_seq_num; 799 __le16 start_seq_num;
795 } __attribute__((packed)) addba_req; 800 } __packed addba_req;
796 struct{ 801 struct{
797 u8 action_code; 802 u8 action_code;
798 u8 dialog_token; 803 u8 dialog_token;
799 __le16 status; 804 __le16 status;
800 __le16 capab; 805 __le16 capab;
801 __le16 timeout; 806 __le16 timeout;
802 } __attribute__((packed)) addba_resp; 807 } __packed addba_resp;
803 struct{ 808 struct{
804 u8 action_code; 809 u8 action_code;
805 __le16 params; 810 __le16 params;
806 __le16 reason_code; 811 __le16 reason_code;
807 } __attribute__((packed)) delba; 812 } __packed delba;
808 struct { 813 struct {
809 u8 action_code; 814 u8 action_code;
810 u8 variable[0]; 815 u8 variable[0];
811 } __attribute__((packed)) self_prot; 816 } __packed self_prot;
812 struct{ 817 struct{
813 u8 action_code; 818 u8 action_code;
814 u8 variable[0]; 819 u8 variable[0];
815 } __attribute__((packed)) mesh_action; 820 } __packed mesh_action;
816 struct { 821 struct {
817 u8 action; 822 u8 action;
818 u8 trans_id[WLAN_SA_QUERY_TR_ID_LEN]; 823 u8 trans_id[WLAN_SA_QUERY_TR_ID_LEN];
819 } __attribute__ ((packed)) sa_query; 824 } __packed sa_query;
820 struct { 825 struct {
821 u8 action; 826 u8 action;
822 u8 smps_control; 827 u8 smps_control;
823 } __attribute__ ((packed)) ht_smps; 828 } __packed ht_smps;
829 struct {
830 u8 action_code;
831 u8 chanwidth;
832 } __packed ht_notify_cw;
824 struct { 833 struct {
825 u8 action_code; 834 u8 action_code;
826 u8 dialog_token; 835 u8 dialog_token;
@@ -828,9 +837,9 @@ struct ieee80211_mgmt {
828 u8 variable[0]; 837 u8 variable[0];
829 } __packed tdls_discover_resp; 838 } __packed tdls_discover_resp;
830 } u; 839 } u;
831 } __attribute__ ((packed)) action; 840 } __packed action;
832 } u; 841 } u;
833} __attribute__ ((packed)); 842} __packed;
834 843
835/* Supported Rates value encodings in 802.11n-2009 7.3.2.2 */ 844/* Supported Rates value encodings in 802.11n-2009 7.3.2.2 */
836#define BSS_MEMBERSHIP_SELECTOR_HT_PHY 127 845#define BSS_MEMBERSHIP_SELECTOR_HT_PHY 127
@@ -846,7 +855,7 @@ struct ieee80211_mmie {
846 __le16 key_id; 855 __le16 key_id;
847 u8 sequence_number[6]; 856 u8 sequence_number[6];
848 u8 mic[8]; 857 u8 mic[8];
849} __attribute__ ((packed)); 858} __packed;
850 859
851struct ieee80211_vendor_ie { 860struct ieee80211_vendor_ie {
852 u8 element_id; 861 u8 element_id;
@@ -861,20 +870,20 @@ struct ieee80211_rts {
861 __le16 duration; 870 __le16 duration;
862 u8 ra[6]; 871 u8 ra[6];
863 u8 ta[6]; 872 u8 ta[6];
864} __attribute__ ((packed)); 873} __packed;
865 874
866struct ieee80211_cts { 875struct ieee80211_cts {
867 __le16 frame_control; 876 __le16 frame_control;
868 __le16 duration; 877 __le16 duration;
869 u8 ra[6]; 878 u8 ra[6];
870} __attribute__ ((packed)); 879} __packed;
871 880
872struct ieee80211_pspoll { 881struct ieee80211_pspoll {
873 __le16 frame_control; 882 __le16 frame_control;
874 __le16 aid; 883 __le16 aid;
875 u8 bssid[6]; 884 u8 bssid[6];
876 u8 ta[6]; 885 u8 ta[6];
877} __attribute__ ((packed)); 886} __packed;
878 887
879/* TDLS */ 888/* TDLS */
880 889
@@ -967,7 +976,7 @@ struct ieee80211_bar {
967 __u8 ta[6]; 976 __u8 ta[6];
968 __le16 control; 977 __le16 control;
969 __le16 start_seq_num; 978 __le16 start_seq_num;
970} __attribute__((packed)); 979} __packed;
971 980
972/* 802.11 BAR control masks */ 981/* 802.11 BAR control masks */
973#define IEEE80211_BAR_CTRL_ACK_POLICY_NORMAL 0x0000 982#define IEEE80211_BAR_CTRL_ACK_POLICY_NORMAL 0x0000
@@ -992,7 +1001,7 @@ struct ieee80211_mcs_info {
992 __le16 rx_highest; 1001 __le16 rx_highest;
993 u8 tx_params; 1002 u8 tx_params;
994 u8 reserved[3]; 1003 u8 reserved[3];
995} __attribute__((packed)); 1004} __packed;
996 1005
997/* 802.11n HT capability MSC set */ 1006/* 802.11n HT capability MSC set */
998#define IEEE80211_HT_MCS_RX_HIGHEST_MASK 0x3ff 1007#define IEEE80211_HT_MCS_RX_HIGHEST_MASK 0x3ff
@@ -1031,7 +1040,7 @@ struct ieee80211_ht_cap {
1031 __le16 extended_ht_cap_info; 1040 __le16 extended_ht_cap_info;
1032 __le32 tx_BF_cap_info; 1041 __le32 tx_BF_cap_info;
1033 u8 antenna_selection_info; 1042 u8 antenna_selection_info;
1034} __attribute__ ((packed)); 1043} __packed;
1035 1044
1036/* 802.11n HT capabilities masks (for cap_info) */ 1045/* 802.11n HT capabilities masks (for cap_info) */
1037#define IEEE80211_HT_CAP_LDPC_CODING 0x0001 1046#define IEEE80211_HT_CAP_LDPC_CODING 0x0001
@@ -1102,7 +1111,7 @@ struct ieee80211_ht_operation {
1102 __le16 operation_mode; 1111 __le16 operation_mode;
1103 __le16 stbc_param; 1112 __le16 stbc_param;
1104 u8 basic_set[16]; 1113 u8 basic_set[16];
1105} __attribute__ ((packed)); 1114} __packed;
1106 1115
1107/* for ht_param */ 1116/* for ht_param */
1108#define IEEE80211_HT_PARAM_CHA_SEC_OFFSET 0x03 1117#define IEEE80211_HT_PARAM_CHA_SEC_OFFSET 0x03
@@ -1311,16 +1320,21 @@ struct ieee80211_vht_operation {
1311#define WLAN_CAPABILITY_SPECTRUM_MGMT (1<<8) 1320#define WLAN_CAPABILITY_SPECTRUM_MGMT (1<<8)
1312#define WLAN_CAPABILITY_QOS (1<<9) 1321#define WLAN_CAPABILITY_QOS (1<<9)
1313#define WLAN_CAPABILITY_SHORT_SLOT_TIME (1<<10) 1322#define WLAN_CAPABILITY_SHORT_SLOT_TIME (1<<10)
1323#define WLAN_CAPABILITY_APSD (1<<11)
1324#define WLAN_CAPABILITY_RADIO_MEASURE (1<<12)
1314#define WLAN_CAPABILITY_DSSS_OFDM (1<<13) 1325#define WLAN_CAPABILITY_DSSS_OFDM (1<<13)
1326#define WLAN_CAPABILITY_DEL_BACK (1<<14)
1327#define WLAN_CAPABILITY_IMM_BACK (1<<15)
1315 1328
1316/* DMG (60gHz) 802.11ad */ 1329/* DMG (60gHz) 802.11ad */
1317/* type - bits 0..1 */ 1330/* type - bits 0..1 */
1331#define WLAN_CAPABILITY_DMG_TYPE_MASK (3<<0)
1318#define WLAN_CAPABILITY_DMG_TYPE_IBSS (1<<0) /* Tx by: STA */ 1332#define WLAN_CAPABILITY_DMG_TYPE_IBSS (1<<0) /* Tx by: STA */
1319#define WLAN_CAPABILITY_DMG_TYPE_PBSS (2<<0) /* Tx by: PCP */ 1333#define WLAN_CAPABILITY_DMG_TYPE_PBSS (2<<0) /* Tx by: PCP */
1320#define WLAN_CAPABILITY_DMG_TYPE_AP (3<<0) /* Tx by: AP */ 1334#define WLAN_CAPABILITY_DMG_TYPE_AP (3<<0) /* Tx by: AP */
1321 1335
1322#define WLAN_CAPABILITY_DMG_CBAP_ONLY (1<<2) 1336#define WLAN_CAPABILITY_DMG_CBAP_ONLY (1<<2)
1323#define WLAN_CAPABILITY_DMG_CBAP_SOURCE (1<<3) 1337#define WLAN_CAPABILITY_DMG_CBAP_SOURCE (1<<3)
1324#define WLAN_CAPABILITY_DMG_PRIVACY (1<<4) 1338#define WLAN_CAPABILITY_DMG_PRIVACY (1<<4)
1325#define WLAN_CAPABILITY_DMG_ECPAC (1<<5) 1339#define WLAN_CAPABILITY_DMG_ECPAC (1<<5)
1326 1340
@@ -1834,14 +1848,14 @@ struct ieee80211_country_ie_triplet {
1834 u8 first_channel; 1848 u8 first_channel;
1835 u8 num_channels; 1849 u8 num_channels;
1836 s8 max_power; 1850 s8 max_power;
1837 } __attribute__ ((packed)) chans; 1851 } __packed chans;
1838 struct { 1852 struct {
1839 u8 reg_extension_id; 1853 u8 reg_extension_id;
1840 u8 reg_class; 1854 u8 reg_class;
1841 u8 coverage_class; 1855 u8 coverage_class;
1842 } __attribute__ ((packed)) ext; 1856 } __packed ext;
1843 }; 1857 };
1844} __attribute__ ((packed)); 1858} __packed;
1845 1859
1846enum ieee80211_timeout_interval_type { 1860enum ieee80211_timeout_interval_type {
1847 WLAN_TIMEOUT_REASSOC_DEADLINE = 1 /* 802.11r */, 1861 WLAN_TIMEOUT_REASSOC_DEADLINE = 1 /* 802.11r */,
@@ -1884,7 +1898,10 @@ enum ieee80211_sa_query_action {
1884/* AKM suite selectors */ 1898/* AKM suite selectors */
1885#define WLAN_AKM_SUITE_8021X 0x000FAC01 1899#define WLAN_AKM_SUITE_8021X 0x000FAC01
1886#define WLAN_AKM_SUITE_PSK 0x000FAC02 1900#define WLAN_AKM_SUITE_PSK 0x000FAC02
1887#define WLAN_AKM_SUITE_SAE 0x000FAC08 1901#define WLAN_AKM_SUITE_8021X_SHA256 0x000FAC05
1902#define WLAN_AKM_SUITE_PSK_SHA256 0x000FAC06
1903#define WLAN_AKM_SUITE_TDLS 0x000FAC07
1904#define WLAN_AKM_SUITE_SAE 0x000FAC08
1888#define WLAN_AKM_SUITE_FT_OVER_SAE 0x000FAC09 1905#define WLAN_AKM_SUITE_FT_OVER_SAE 0x000FAC09
1889 1906
1890#define WLAN_MAX_KEY_LEN 32 1907#define WLAN_MAX_KEY_LEN 32
diff --git a/include/linux/ssb/ssb_driver_mips.h b/include/linux/ssb/ssb_driver_mips.h
index 07a9c7a2e088..afe79d40a99e 100644
--- a/include/linux/ssb/ssb_driver_mips.h
+++ b/include/linux/ssb/ssb_driver_mips.h
@@ -45,6 +45,11 @@ void ssb_mipscore_init(struct ssb_mipscore *mcore)
45{ 45{
46} 46}
47 47
48static inline unsigned int ssb_mips_irq(struct ssb_device *dev)
49{
50 return 0;
51}
52
48#endif /* CONFIG_SSB_DRIVER_MIPS */ 53#endif /* CONFIG_SSB_DRIVER_MIPS */
49 54
50#endif /* LINUX_SSB_MIPSCORE_H_ */ 55#endif /* LINUX_SSB_MIPSCORE_H_ */
diff --git a/include/net/bluetooth/a2mp.h b/include/net/bluetooth/a2mp.h
index 42f21766c538..487b54c1308f 100644
--- a/include/net/bluetooth/a2mp.h
+++ b/include/net/bluetooth/a2mp.h
@@ -23,6 +23,7 @@ enum amp_mgr_state {
23 READ_LOC_AMP_INFO, 23 READ_LOC_AMP_INFO,
24 READ_LOC_AMP_ASSOC, 24 READ_LOC_AMP_ASSOC,
25 READ_LOC_AMP_ASSOC_FINAL, 25 READ_LOC_AMP_ASSOC_FINAL,
26 WRITE_REMOTE_AMP_ASSOC,
26}; 27};
27 28
28struct amp_mgr { 29struct amp_mgr {
@@ -33,7 +34,7 @@ struct amp_mgr {
33 struct kref kref; 34 struct kref kref;
34 __u8 ident; 35 __u8 ident;
35 __u8 handle; 36 __u8 handle;
36 enum amp_mgr_state state; 37 unsigned long state;
37 unsigned long flags; 38 unsigned long flags;
38 39
39 struct list_head amp_ctrls; 40 struct list_head amp_ctrls;
@@ -144,5 +145,6 @@ void a2mp_discover_amp(struct l2cap_chan *chan);
144void a2mp_send_getinfo_rsp(struct hci_dev *hdev); 145void a2mp_send_getinfo_rsp(struct hci_dev *hdev);
145void a2mp_send_getampassoc_rsp(struct hci_dev *hdev, u8 status); 146void a2mp_send_getampassoc_rsp(struct hci_dev *hdev, u8 status);
146void a2mp_send_create_phy_link_req(struct hci_dev *hdev, u8 status); 147void a2mp_send_create_phy_link_req(struct hci_dev *hdev, u8 status);
148void a2mp_send_create_phy_link_rsp(struct hci_dev *hdev, u8 status);
147 149
148#endif /* __A2MP_H */ 150#endif /* __A2MP_H */
diff --git a/include/net/bluetooth/bluetooth.h b/include/net/bluetooth/bluetooth.h
index 2554b3f5222a..9531beee09b5 100644
--- a/include/net/bluetooth/bluetooth.h
+++ b/include/net/bluetooth/bluetooth.h
@@ -166,6 +166,29 @@ typedef struct {
166#define BDADDR_LE_PUBLIC 0x01 166#define BDADDR_LE_PUBLIC 0x01
167#define BDADDR_LE_RANDOM 0x02 167#define BDADDR_LE_RANDOM 0x02
168 168
169static inline bool bdaddr_type_is_valid(__u8 type)
170{
171 switch (type) {
172 case BDADDR_BREDR:
173 case BDADDR_LE_PUBLIC:
174 case BDADDR_LE_RANDOM:
175 return true;
176 }
177
178 return false;
179}
180
181static inline bool bdaddr_type_is_le(__u8 type)
182{
183 switch (type) {
184 case BDADDR_LE_PUBLIC:
185 case BDADDR_LE_RANDOM:
186 return true;
187 }
188
189 return false;
190}
191
169#define BDADDR_ANY (&(bdaddr_t) {{0, 0, 0, 0, 0, 0} }) 192#define BDADDR_ANY (&(bdaddr_t) {{0, 0, 0, 0, 0, 0} })
170#define BDADDR_LOCAL (&(bdaddr_t) {{0, 0, 0, 0xff, 0xff, 0xff} }) 193#define BDADDR_LOCAL (&(bdaddr_t) {{0, 0, 0, 0xff, 0xff, 0xff} })
171 194
diff --git a/include/net/bluetooth/hci.h b/include/net/bluetooth/hci.h
index 45eee08157bb..7f12c25f1fca 100644
--- a/include/net/bluetooth/hci.h
+++ b/include/net/bluetooth/hci.h
@@ -943,6 +943,12 @@ struct hci_rp_le_read_buffer_size {
943 __u8 le_max_pkt; 943 __u8 le_max_pkt;
944} __packed; 944} __packed;
945 945
946#define HCI_OP_LE_READ_LOCAL_FEATURES 0x2003
947struct hci_rp_le_read_local_features {
948 __u8 status;
949 __u8 features[8];
950} __packed;
951
946#define HCI_OP_LE_READ_ADV_TX_POWER 0x2007 952#define HCI_OP_LE_READ_ADV_TX_POWER 0x2007
947struct hci_rp_le_read_adv_tx_power { 953struct hci_rp_le_read_adv_tx_power {
948 __u8 status; 954 __u8 status;
@@ -995,6 +1001,12 @@ struct hci_cp_le_create_conn {
995 1001
996#define HCI_OP_LE_CREATE_CONN_CANCEL 0x200e 1002#define HCI_OP_LE_CREATE_CONN_CANCEL 0x200e
997 1003
1004#define HCI_OP_LE_READ_WHITE_LIST_SIZE 0x200f
1005struct hci_rp_le_read_white_list_size {
1006 __u8 status;
1007 __u8 size;
1008} __packed;
1009
998#define HCI_OP_LE_CONN_UPDATE 0x2013 1010#define HCI_OP_LE_CONN_UPDATE 0x2013
999struct hci_cp_le_conn_update { 1011struct hci_cp_le_conn_update {
1000 __le16 handle; 1012 __le16 handle;
@@ -1033,6 +1045,12 @@ struct hci_rp_le_ltk_neg_reply {
1033 __le16 handle; 1045 __le16 handle;
1034} __packed; 1046} __packed;
1035 1047
1048#define HCI_OP_LE_READ_SUPPORTED_STATES 0x201c
1049struct hci_rp_le_read_supported_states {
1050 __u8 status;
1051 __u8 le_states[8];
1052} __packed;
1053
1036/* ---- HCI Events ---- */ 1054/* ---- HCI Events ---- */
1037#define HCI_EV_INQUIRY_COMPLETE 0x01 1055#define HCI_EV_INQUIRY_COMPLETE 0x01
1038 1056
diff --git a/include/net/bluetooth/hci_core.h b/include/net/bluetooth/hci_core.h
index 014a2eaa5389..bcf8ffe2a843 100644
--- a/include/net/bluetooth/hci_core.h
+++ b/include/net/bluetooth/hci_core.h
@@ -152,6 +152,9 @@ struct hci_dev {
152 __u8 minor_class; 152 __u8 minor_class;
153 __u8 features[8]; 153 __u8 features[8];
154 __u8 host_features[8]; 154 __u8 host_features[8];
155 __u8 le_features[8];
156 __u8 le_white_list_size;
157 __u8 le_states[8];
155 __u8 commands[64]; 158 __u8 commands[64];
156 __u8 hci_ver; 159 __u8 hci_ver;
157 __u16 hci_rev; 160 __u16 hci_rev;
@@ -216,6 +219,7 @@ struct hci_dev {
216 unsigned long le_last_tx; 219 unsigned long le_last_tx;
217 220
218 struct workqueue_struct *workqueue; 221 struct workqueue_struct *workqueue;
222 struct workqueue_struct *req_workqueue;
219 223
220 struct work_struct power_on; 224 struct work_struct power_on;
221 struct delayed_work power_off; 225 struct delayed_work power_off;
diff --git a/include/net/bluetooth/l2cap.h b/include/net/bluetooth/l2cap.h
index 7588ef44ebaf..cdd33021f831 100644
--- a/include/net/bluetooth/l2cap.h
+++ b/include/net/bluetooth/l2cap.h
@@ -496,7 +496,6 @@ struct l2cap_chan {
496 __u16 frames_sent; 496 __u16 frames_sent;
497 __u16 unacked_frames; 497 __u16 unacked_frames;
498 __u8 retry_count; 498 __u8 retry_count;
499 __u16 srej_queue_next;
500 __u16 sdu_len; 499 __u16 sdu_len;
501 struct sk_buff *sdu; 500 struct sk_buff *sdu;
502 struct sk_buff *sdu_last_frag; 501 struct sk_buff *sdu_last_frag;
diff --git a/include/net/cfg80211.h b/include/net/cfg80211.h
index 8e6a6b73b9c9..36e076e374d2 100644
--- a/include/net/cfg80211.h
+++ b/include/net/cfg80211.h
@@ -281,9 +281,13 @@ struct ieee80211_supported_band {
281/** 281/**
282 * struct vif_params - describes virtual interface parameters 282 * struct vif_params - describes virtual interface parameters
283 * @use_4addr: use 4-address frames 283 * @use_4addr: use 4-address frames
284 * @macaddr: address to use for this virtual interface. This will only
285 * be used for non-netdevice interfaces. If this parameter is set
286 * to zero address the driver may determine the address as needed.
284 */ 287 */
285struct vif_params { 288struct vif_params {
286 int use_4addr; 289 int use_4addr;
290 u8 macaddr[ETH_ALEN];
287}; 291};
288 292
289/** 293/**
@@ -326,7 +330,7 @@ struct cfg80211_chan_def {
326 * cfg80211_get_chandef_type - return old channel type from chandef 330 * cfg80211_get_chandef_type - return old channel type from chandef
327 * @chandef: the channel definition 331 * @chandef: the channel definition
328 * 332 *
329 * Returns the old channel type (NOHT, HT20, HT40+/-) from a given 333 * Return: The old channel type (NOHT, HT20, HT40+/-) from a given
330 * chandef, which must have a bandwidth allowing this conversion. 334 * chandef, which must have a bandwidth allowing this conversion.
331 */ 335 */
332static inline enum nl80211_channel_type 336static inline enum nl80211_channel_type
@@ -364,7 +368,7 @@ void cfg80211_chandef_create(struct cfg80211_chan_def *chandef,
364 * @chandef1: first channel definition 368 * @chandef1: first channel definition
365 * @chandef2: second channel definition 369 * @chandef2: second channel definition
366 * 370 *
367 * Returns %true if the channels defined by the channel definitions are 371 * Return: %true if the channels defined by the channel definitions are
368 * identical, %false otherwise. 372 * identical, %false otherwise.
369 */ 373 */
370static inline bool 374static inline bool
@@ -382,7 +386,7 @@ cfg80211_chandef_identical(const struct cfg80211_chan_def *chandef1,
382 * @chandef1: first channel definition 386 * @chandef1: first channel definition
383 * @chandef2: second channel definition 387 * @chandef2: second channel definition
384 * 388 *
385 * Returns %NULL if the given channel definitions are incompatible, 389 * Return: %NULL if the given channel definitions are incompatible,
386 * chandef1 or chandef2 otherwise. 390 * chandef1 or chandef2 otherwise.
387 */ 391 */
388const struct cfg80211_chan_def * 392const struct cfg80211_chan_def *
@@ -392,6 +396,7 @@ cfg80211_chandef_compatible(const struct cfg80211_chan_def *chandef1,
392/** 396/**
393 * cfg80211_chandef_valid - check if a channel definition is valid 397 * cfg80211_chandef_valid - check if a channel definition is valid
394 * @chandef: the channel definition to check 398 * @chandef: the channel definition to check
399 * Return: %true if the channel definition is valid. %false otherwise.
395 */ 400 */
396bool cfg80211_chandef_valid(const struct cfg80211_chan_def *chandef); 401bool cfg80211_chandef_valid(const struct cfg80211_chan_def *chandef);
397 402
@@ -399,7 +404,8 @@ bool cfg80211_chandef_valid(const struct cfg80211_chan_def *chandef);
399 * cfg80211_chandef_usable - check if secondary channels can be used 404 * cfg80211_chandef_usable - check if secondary channels can be used
400 * @wiphy: the wiphy to validate against 405 * @wiphy: the wiphy to validate against
401 * @chandef: the channel definition to check 406 * @chandef: the channel definition to check
402 * @prohibited_flags: the regulatory chanenl flags that must not be set 407 * @prohibited_flags: the regulatory channel flags that must not be set
408 * Return: %true if secondary channels are usable. %false otherwise.
403 */ 409 */
404bool cfg80211_chandef_usable(struct wiphy *wiphy, 410bool cfg80211_chandef_usable(struct wiphy *wiphy,
405 const struct cfg80211_chan_def *chandef, 411 const struct cfg80211_chan_def *chandef,
@@ -521,6 +527,26 @@ struct cfg80211_beacon_data {
521 size_t probe_resp_len; 527 size_t probe_resp_len;
522}; 528};
523 529
530struct mac_address {
531 u8 addr[ETH_ALEN];
532};
533
534/**
535 * struct cfg80211_acl_data - Access control list data
536 *
537 * @acl_policy: ACL policy to be applied on the station's
538 entry specified by mac_addr
539 * @n_acl_entries: Number of MAC address entries passed
540 * @mac_addrs: List of MAC addresses of stations to be used for ACL
541 */
542struct cfg80211_acl_data {
543 enum nl80211_acl_policy acl_policy;
544 int n_acl_entries;
545
546 /* Keep it last */
547 struct mac_address mac_addrs[];
548};
549
524/** 550/**
525 * struct cfg80211_ap_settings - AP configuration 551 * struct cfg80211_ap_settings - AP configuration
526 * 552 *
@@ -540,6 +566,8 @@ struct cfg80211_beacon_data {
540 * @inactivity_timeout: time in seconds to determine station's inactivity. 566 * @inactivity_timeout: time in seconds to determine station's inactivity.
541 * @p2p_ctwindow: P2P CT Window 567 * @p2p_ctwindow: P2P CT Window
542 * @p2p_opp_ps: P2P opportunistic PS 568 * @p2p_opp_ps: P2P opportunistic PS
569 * @acl: ACL configuration used by the drivers which has support for
570 * MAC address based access control
543 */ 571 */
544struct cfg80211_ap_settings { 572struct cfg80211_ap_settings {
545 struct cfg80211_chan_def chandef; 573 struct cfg80211_chan_def chandef;
@@ -556,6 +584,7 @@ struct cfg80211_ap_settings {
556 int inactivity_timeout; 584 int inactivity_timeout;
557 u8 p2p_ctwindow; 585 u8 p2p_ctwindow;
558 bool p2p_opp_ps; 586 bool p2p_opp_ps;
587 const struct cfg80211_acl_data *acl;
559}; 588};
560 589
561/** 590/**
@@ -608,6 +637,8 @@ enum station_parameters_apply_mask {
608 * @sta_modify_mask: bitmap indicating which parameters changed 637 * @sta_modify_mask: bitmap indicating which parameters changed
609 * (for those that don't have a natural "no change" value), 638 * (for those that don't have a natural "no change" value),
610 * see &enum station_parameters_apply_mask 639 * see &enum station_parameters_apply_mask
640 * @local_pm: local link-specific mesh power save mode (no change when set
641 * to unknown)
611 */ 642 */
612struct station_parameters { 643struct station_parameters {
613 u8 *supported_rates; 644 u8 *supported_rates;
@@ -623,6 +654,7 @@ struct station_parameters {
623 struct ieee80211_vht_cap *vht_capa; 654 struct ieee80211_vht_cap *vht_capa;
624 u8 uapsd_queues; 655 u8 uapsd_queues;
625 u8 max_sp; 656 u8 max_sp;
657 enum nl80211_mesh_power_mode local_pm;
626}; 658};
627 659
628/** 660/**
@@ -653,6 +685,9 @@ struct station_parameters {
653 * @STATION_INFO_STA_FLAGS: @sta_flags filled 685 * @STATION_INFO_STA_FLAGS: @sta_flags filled
654 * @STATION_INFO_BEACON_LOSS_COUNT: @beacon_loss_count filled 686 * @STATION_INFO_BEACON_LOSS_COUNT: @beacon_loss_count filled
655 * @STATION_INFO_T_OFFSET: @t_offset filled 687 * @STATION_INFO_T_OFFSET: @t_offset filled
688 * @STATION_INFO_LOCAL_PM: @local_pm filled
689 * @STATION_INFO_PEER_PM: @peer_pm filled
690 * @STATION_INFO_NONPEER_PM: @nonpeer_pm filled
656 */ 691 */
657enum station_info_flags { 692enum station_info_flags {
658 STATION_INFO_INACTIVE_TIME = 1<<0, 693 STATION_INFO_INACTIVE_TIME = 1<<0,
@@ -676,6 +711,9 @@ enum station_info_flags {
676 STATION_INFO_STA_FLAGS = 1<<18, 711 STATION_INFO_STA_FLAGS = 1<<18,
677 STATION_INFO_BEACON_LOSS_COUNT = 1<<19, 712 STATION_INFO_BEACON_LOSS_COUNT = 1<<19,
678 STATION_INFO_T_OFFSET = 1<<20, 713 STATION_INFO_T_OFFSET = 1<<20,
714 STATION_INFO_LOCAL_PM = 1<<21,
715 STATION_INFO_PEER_PM = 1<<22,
716 STATION_INFO_NONPEER_PM = 1<<23,
679}; 717};
680 718
681/** 719/**
@@ -789,6 +827,9 @@ struct sta_bss_parameters {
789 * @sta_flags: station flags mask & values 827 * @sta_flags: station flags mask & values
790 * @beacon_loss_count: Number of times beacon loss event has triggered. 828 * @beacon_loss_count: Number of times beacon loss event has triggered.
791 * @t_offset: Time offset of the station relative to this host. 829 * @t_offset: Time offset of the station relative to this host.
830 * @local_pm: local mesh STA power save mode
831 * @peer_pm: peer mesh STA power save mode
832 * @nonpeer_pm: non-peer mesh STA power save mode
792 */ 833 */
793struct station_info { 834struct station_info {
794 u32 filled; 835 u32 filled;
@@ -818,6 +859,9 @@ struct station_info {
818 859
819 u32 beacon_loss_count; 860 u32 beacon_loss_count;
820 s64 t_offset; 861 s64 t_offset;
862 enum nl80211_mesh_power_mode local_pm;
863 enum nl80211_mesh_power_mode peer_pm;
864 enum nl80211_mesh_power_mode nonpeer_pm;
821 865
822 /* 866 /*
823 * Note: Add a new enum station_info_flags value for each new field and 867 * Note: Add a new enum station_info_flags value for each new field and
@@ -993,6 +1037,10 @@ struct bss_parameters {
993 * @dot11MeshHWMPconfirmationInterval: The minimum interval of time (in TUs) 1037 * @dot11MeshHWMPconfirmationInterval: The minimum interval of time (in TUs)
994 * during which a mesh STA can send only one Action frame containing 1038 * during which a mesh STA can send only one Action frame containing
995 * a PREQ element for root path confirmation. 1039 * a PREQ element for root path confirmation.
1040 * @power_mode: The default mesh power save mode which will be the initial
1041 * setting for new peer links.
1042 * @dot11MeshAwakeWindowDuration: The duration in TUs the STA will remain awake
1043 * after transmitting its beacon.
996 */ 1044 */
997struct mesh_config { 1045struct mesh_config {
998 u16 dot11MeshRetryTimeout; 1046 u16 dot11MeshRetryTimeout;
@@ -1020,6 +1068,8 @@ struct mesh_config {
1020 u32 dot11MeshHWMPactivePathToRootTimeout; 1068 u32 dot11MeshHWMPactivePathToRootTimeout;
1021 u16 dot11MeshHWMProotInterval; 1069 u16 dot11MeshHWMProotInterval;
1022 u16 dot11MeshHWMPconfirmationInterval; 1070 u16 dot11MeshHWMPconfirmationInterval;
1071 enum nl80211_mesh_power_mode power_mode;
1072 u16 dot11MeshAwakeWindowDuration;
1023}; 1073};
1024 1074
1025/** 1075/**
@@ -1034,6 +1084,8 @@ struct mesh_config {
1034 * @ie_len: length of vendor information elements 1084 * @ie_len: length of vendor information elements
1035 * @is_authenticated: this mesh requires authentication 1085 * @is_authenticated: this mesh requires authentication
1036 * @is_secure: this mesh uses security 1086 * @is_secure: this mesh uses security
1087 * @dtim_period: DTIM period to use
1088 * @beacon_interval: beacon interval to use
1037 * @mcast_rate: multicat rate for Mesh Node [6Mbps is the default for 802.11a] 1089 * @mcast_rate: multicat rate for Mesh Node [6Mbps is the default for 802.11a]
1038 * 1090 *
1039 * These parameters are fixed when the mesh is created. 1091 * These parameters are fixed when the mesh is created.
@@ -1049,6 +1101,8 @@ struct mesh_setup {
1049 u8 ie_len; 1101 u8 ie_len;
1050 bool is_authenticated; 1102 bool is_authenticated;
1051 bool is_secure; 1103 bool is_secure;
1104 u8 dtim_period;
1105 u16 beacon_interval;
1052 int mcast_rate[IEEE80211_NUM_BANDS]; 1106 int mcast_rate[IEEE80211_NUM_BANDS];
1053}; 1107};
1054 1108
@@ -1256,7 +1310,7 @@ struct cfg80211_bss {
1256 1310
1257 u8 bssid[ETH_ALEN]; 1311 u8 bssid[ETH_ALEN];
1258 1312
1259 u8 priv[0] __attribute__((__aligned__(sizeof(void *)))); 1313 u8 priv[0] __aligned(sizeof(void *));
1260}; 1314};
1261 1315
1262/** 1316/**
@@ -1266,7 +1320,7 @@ struct cfg80211_bss {
1266 * 1320 *
1267 * Note that the return value is an RCU-protected pointer, so 1321 * Note that the return value is an RCU-protected pointer, so
1268 * rcu_read_lock() must be held when calling this function. 1322 * rcu_read_lock() must be held when calling this function.
1269 * Returns %NULL if not found. 1323 * Return: %NULL if not found.
1270 */ 1324 */
1271const u8 *ieee80211_bss_get_ie(struct cfg80211_bss *bss, u8 ie); 1325const u8 *ieee80211_bss_get_ie(struct cfg80211_bss *bss, u8 ie);
1272 1326
@@ -1434,6 +1488,7 @@ struct cfg80211_ibss_params {
1434 * @ie: IEs for association request 1488 * @ie: IEs for association request
1435 * @ie_len: Length of assoc_ie in octets 1489 * @ie_len: Length of assoc_ie in octets
1436 * @privacy: indicates whether privacy-enabled APs should be used 1490 * @privacy: indicates whether privacy-enabled APs should be used
1491 * @mfp: indicate whether management frame protection is used
1437 * @crypto: crypto settings 1492 * @crypto: crypto settings
1438 * @key_len: length of WEP key for shared key authentication 1493 * @key_len: length of WEP key for shared key authentication
1439 * @key_idx: index of WEP key for shared key authentication 1494 * @key_idx: index of WEP key for shared key authentication
@@ -1454,6 +1509,7 @@ struct cfg80211_connect_params {
1454 u8 *ie; 1509 u8 *ie;
1455 size_t ie_len; 1510 size_t ie_len;
1456 bool privacy; 1511 bool privacy;
1512 enum nl80211_mfp mfp;
1457 struct cfg80211_crypto_settings crypto; 1513 struct cfg80211_crypto_settings crypto;
1458 const u8 *key; 1514 const u8 *key;
1459 u8 key_len, key_idx; 1515 u8 key_len, key_idx;
@@ -1763,6 +1819,13 @@ struct cfg80211_gtk_rekey_data {
1763 * 1819 *
1764 * @start_p2p_device: Start the given P2P device. 1820 * @start_p2p_device: Start the given P2P device.
1765 * @stop_p2p_device: Stop the given P2P device. 1821 * @stop_p2p_device: Stop the given P2P device.
1822 *
1823 * @set_mac_acl: Sets MAC address control list in AP and P2P GO mode.
1824 * Parameters include ACL policy, an array of MAC address of stations
1825 * and the number of MAC addresses. If there is already a list in driver
1826 * this new list replaces the existing one. Driver has to clear its ACL
1827 * when number of MAC addresses entries is passed as 0. Drivers which
1828 * advertise the support for MAC based ACL have to implement this callback.
1766 */ 1829 */
1767struct cfg80211_ops { 1830struct cfg80211_ops {
1768 int (*suspend)(struct wiphy *wiphy, struct cfg80211_wowlan *wow); 1831 int (*suspend)(struct wiphy *wiphy, struct cfg80211_wowlan *wow);
@@ -1983,6 +2046,9 @@ struct cfg80211_ops {
1983 struct wireless_dev *wdev); 2046 struct wireless_dev *wdev);
1984 void (*stop_p2p_device)(struct wiphy *wiphy, 2047 void (*stop_p2p_device)(struct wiphy *wiphy,
1985 struct wireless_dev *wdev); 2048 struct wireless_dev *wdev);
2049
2050 int (*set_mac_acl)(struct wiphy *wiphy, struct net_device *dev,
2051 const struct cfg80211_acl_data *params);
1986}; 2052};
1987 2053
1988/* 2054/*
@@ -2092,6 +2158,7 @@ struct ieee80211_iface_limit {
2092 * @beacon_int_infra_match: In this combination, the beacon intervals 2158 * @beacon_int_infra_match: In this combination, the beacon intervals
2093 * between infrastructure and AP types must match. This is required 2159 * between infrastructure and AP types must match. This is required
2094 * only in special cases. 2160 * only in special cases.
2161 * @radar_detect_widths: bitmap of channel widths supported for radar detection
2095 * 2162 *
2096 * These examples can be expressed as follows: 2163 * These examples can be expressed as follows:
2097 * 2164 *
@@ -2144,10 +2211,7 @@ struct ieee80211_iface_combination {
2144 u16 max_interfaces; 2211 u16 max_interfaces;
2145 u8 n_limits; 2212 u8 n_limits;
2146 bool beacon_int_infra_match; 2213 bool beacon_int_infra_match;
2147}; 2214 u8 radar_detect_widths;
2148
2149struct mac_address {
2150 u8 addr[ETH_ALEN];
2151}; 2215};
2152 2216
2153struct ieee80211_txrx_stypes { 2217struct ieee80211_txrx_stypes {
@@ -2290,6 +2354,9 @@ struct wiphy_wowlan_support {
2290 * @ap_sme_capa: AP SME capabilities, flags from &enum nl80211_ap_sme_features. 2354 * @ap_sme_capa: AP SME capabilities, flags from &enum nl80211_ap_sme_features.
2291 * @ht_capa_mod_mask: Specify what ht_cap values can be over-ridden. 2355 * @ht_capa_mod_mask: Specify what ht_cap values can be over-ridden.
2292 * If null, then none can be over-ridden. 2356 * If null, then none can be over-ridden.
2357 *
2358 * @max_acl_mac_addrs: Maximum number of MAC addresses that the device
2359 * supports for ACL.
2293 */ 2360 */
2294struct wiphy { 2361struct wiphy {
2295 /* assign these fields before you register the wiphy */ 2362 /* assign these fields before you register the wiphy */
@@ -2311,6 +2378,8 @@ struct wiphy {
2311 /* Supported interface modes, OR together BIT(NL80211_IFTYPE_...) */ 2378 /* Supported interface modes, OR together BIT(NL80211_IFTYPE_...) */
2312 u16 interface_modes; 2379 u16 interface_modes;
2313 2380
2381 u16 max_acl_mac_addrs;
2382
2314 u32 flags, features; 2383 u32 flags, features;
2315 2384
2316 u32 ap_sme_capa; 2385 u32 ap_sme_capa;
@@ -2364,12 +2433,12 @@ struct wiphy {
2364 struct ieee80211_supported_band *bands[IEEE80211_NUM_BANDS]; 2433 struct ieee80211_supported_band *bands[IEEE80211_NUM_BANDS];
2365 2434
2366 /* Lets us get back the wiphy on the callback */ 2435 /* Lets us get back the wiphy on the callback */
2367 int (*reg_notifier)(struct wiphy *wiphy, 2436 void (*reg_notifier)(struct wiphy *wiphy,
2368 struct regulatory_request *request); 2437 struct regulatory_request *request);
2369 2438
2370 /* fields below are read-only, assigned by cfg80211 */ 2439 /* fields below are read-only, assigned by cfg80211 */
2371 2440
2372 const struct ieee80211_regdomain *regd; 2441 const struct ieee80211_regdomain __rcu *regd;
2373 2442
2374 /* the item in /sys/class/ieee80211/ points to this, 2443 /* the item in /sys/class/ieee80211/ points to this,
2375 * you need use set_wiphy_dev() (see below) */ 2444 * you need use set_wiphy_dev() (see below) */
@@ -2392,7 +2461,7 @@ struct wiphy {
2392 const struct iw_handler_def *wext; 2461 const struct iw_handler_def *wext;
2393#endif 2462#endif
2394 2463
2395 char priv[0] __attribute__((__aligned__(NETDEV_ALIGN))); 2464 char priv[0] __aligned(NETDEV_ALIGN);
2396}; 2465};
2397 2466
2398static inline struct net *wiphy_net(struct wiphy *wiphy) 2467static inline struct net *wiphy_net(struct wiphy *wiphy)
@@ -2409,6 +2478,7 @@ static inline void wiphy_net_set(struct wiphy *wiphy, struct net *net)
2409 * wiphy_priv - return priv from wiphy 2478 * wiphy_priv - return priv from wiphy
2410 * 2479 *
2411 * @wiphy: the wiphy whose priv pointer to return 2480 * @wiphy: the wiphy whose priv pointer to return
2481 * Return: The priv of @wiphy.
2412 */ 2482 */
2413static inline void *wiphy_priv(struct wiphy *wiphy) 2483static inline void *wiphy_priv(struct wiphy *wiphy)
2414{ 2484{
@@ -2420,6 +2490,7 @@ static inline void *wiphy_priv(struct wiphy *wiphy)
2420 * priv_to_wiphy - return the wiphy containing the priv 2490 * priv_to_wiphy - return the wiphy containing the priv
2421 * 2491 *
2422 * @priv: a pointer previously returned by wiphy_priv 2492 * @priv: a pointer previously returned by wiphy_priv
2493 * Return: The wiphy of @priv.
2423 */ 2494 */
2424static inline struct wiphy *priv_to_wiphy(void *priv) 2495static inline struct wiphy *priv_to_wiphy(void *priv)
2425{ 2496{
@@ -2442,6 +2513,7 @@ static inline void set_wiphy_dev(struct wiphy *wiphy, struct device *dev)
2442 * wiphy_dev - get wiphy dev pointer 2513 * wiphy_dev - get wiphy dev pointer
2443 * 2514 *
2444 * @wiphy: The wiphy whose device struct to look up 2515 * @wiphy: The wiphy whose device struct to look up
2516 * Return: The dev of @wiphy.
2445 */ 2517 */
2446static inline struct device *wiphy_dev(struct wiphy *wiphy) 2518static inline struct device *wiphy_dev(struct wiphy *wiphy)
2447{ 2519{
@@ -2452,6 +2524,7 @@ static inline struct device *wiphy_dev(struct wiphy *wiphy)
2452 * wiphy_name - get wiphy name 2524 * wiphy_name - get wiphy name
2453 * 2525 *
2454 * @wiphy: The wiphy whose name to return 2526 * @wiphy: The wiphy whose name to return
2527 * Return: The name of @wiphy.
2455 */ 2528 */
2456static inline const char *wiphy_name(const struct wiphy *wiphy) 2529static inline const char *wiphy_name(const struct wiphy *wiphy)
2457{ 2530{
@@ -2467,8 +2540,8 @@ static inline const char *wiphy_name(const struct wiphy *wiphy)
2467 * Create a new wiphy and associate the given operations with it. 2540 * Create a new wiphy and associate the given operations with it.
2468 * @sizeof_priv bytes are allocated for private use. 2541 * @sizeof_priv bytes are allocated for private use.
2469 * 2542 *
2470 * The returned pointer must be assigned to each netdev's 2543 * Return: A pointer to the new wiphy. This pointer must be
2471 * ieee80211_ptr for proper operation. 2544 * assigned to each netdev's ieee80211_ptr for proper operation.
2472 */ 2545 */
2473struct wiphy *wiphy_new(const struct cfg80211_ops *ops, int sizeof_priv); 2546struct wiphy *wiphy_new(const struct cfg80211_ops *ops, int sizeof_priv);
2474 2547
@@ -2477,7 +2550,7 @@ struct wiphy *wiphy_new(const struct cfg80211_ops *ops, int sizeof_priv);
2477 * 2550 *
2478 * @wiphy: The wiphy to register. 2551 * @wiphy: The wiphy to register.
2479 * 2552 *
2480 * Returns a non-negative wiphy index or a negative error code. 2553 * Return: A non-negative wiphy index or a negative error code.
2481 */ 2554 */
2482extern int wiphy_register(struct wiphy *wiphy); 2555extern int wiphy_register(struct wiphy *wiphy);
2483 2556
@@ -2626,6 +2699,7 @@ static inline u8 *wdev_address(struct wireless_dev *wdev)
2626 * wdev_priv - return wiphy priv from wireless_dev 2699 * wdev_priv - return wiphy priv from wireless_dev
2627 * 2700 *
2628 * @wdev: The wireless device whose wiphy's priv pointer to return 2701 * @wdev: The wireless device whose wiphy's priv pointer to return
2702 * Return: The wiphy priv of @wdev.
2629 */ 2703 */
2630static inline void *wdev_priv(struct wireless_dev *wdev) 2704static inline void *wdev_priv(struct wireless_dev *wdev)
2631{ 2705{
@@ -2643,12 +2717,14 @@ static inline void *wdev_priv(struct wireless_dev *wdev)
2643 * ieee80211_channel_to_frequency - convert channel number to frequency 2717 * ieee80211_channel_to_frequency - convert channel number to frequency
2644 * @chan: channel number 2718 * @chan: channel number
2645 * @band: band, necessary due to channel number overlap 2719 * @band: band, necessary due to channel number overlap
2720 * Return: The corresponding frequency (in MHz), or 0 if the conversion failed.
2646 */ 2721 */
2647extern int ieee80211_channel_to_frequency(int chan, enum ieee80211_band band); 2722extern int ieee80211_channel_to_frequency(int chan, enum ieee80211_band band);
2648 2723
2649/** 2724/**
2650 * ieee80211_frequency_to_channel - convert frequency to channel number 2725 * ieee80211_frequency_to_channel - convert frequency to channel number
2651 * @freq: center frequency 2726 * @freq: center frequency
2727 * Return: The corresponding channel, or 0 if the conversion failed.
2652 */ 2728 */
2653extern int ieee80211_frequency_to_channel(int freq); 2729extern int ieee80211_frequency_to_channel(int freq);
2654 2730
@@ -2665,6 +2741,7 @@ extern struct ieee80211_channel *__ieee80211_get_channel(struct wiphy *wiphy,
2665 * ieee80211_get_channel - get channel struct from wiphy for specified frequency 2741 * ieee80211_get_channel - get channel struct from wiphy for specified frequency
2666 * @wiphy: the struct wiphy to get the channel for 2742 * @wiphy: the struct wiphy to get the channel for
2667 * @freq: the center frequency of the channel 2743 * @freq: the center frequency of the channel
2744 * Return: The channel struct from @wiphy at @freq.
2668 */ 2745 */
2669static inline struct ieee80211_channel * 2746static inline struct ieee80211_channel *
2670ieee80211_get_channel(struct wiphy *wiphy, int freq) 2747ieee80211_get_channel(struct wiphy *wiphy, int freq)
@@ -2679,10 +2756,10 @@ ieee80211_get_channel(struct wiphy *wiphy, int freq)
2679 * @basic_rates: bitmap of basic rates 2756 * @basic_rates: bitmap of basic rates
2680 * @bitrate: the bitrate for which to find the basic rate 2757 * @bitrate: the bitrate for which to find the basic rate
2681 * 2758 *
2682 * This function returns the basic rate corresponding to a given 2759 * Return: The basic rate corresponding to a given bitrate, that
2683 * bitrate, that is the next lower bitrate contained in the basic 2760 * is the next lower bitrate contained in the basic rate map,
2684 * rate map, which is, for this function, given as a bitmap of 2761 * which is, for this function, given as a bitmap of indices of
2685 * indices of rates in the band's bitrate table. 2762 * rates in the band's bitrate table.
2686 */ 2763 */
2687struct ieee80211_rate * 2764struct ieee80211_rate *
2688ieee80211_get_response_rate(struct ieee80211_supported_band *sband, 2765ieee80211_get_response_rate(struct ieee80211_supported_band *sband,
@@ -2775,18 +2852,21 @@ extern const unsigned char bridge_tunnel_header[6];
2775/** 2852/**
2776 * ieee80211_get_hdrlen_from_skb - get header length from data 2853 * ieee80211_get_hdrlen_from_skb - get header length from data
2777 * 2854 *
2855 * @skb: the frame
2856 *
2778 * Given an skb with a raw 802.11 header at the data pointer this function 2857 * Given an skb with a raw 802.11 header at the data pointer this function
2779 * returns the 802.11 header length in bytes (not including encryption 2858 * returns the 802.11 header length.
2780 * headers). If the data in the sk_buff is too short to contain a valid 802.11
2781 * header the function returns 0.
2782 * 2859 *
2783 * @skb: the frame 2860 * Return: The 802.11 header length in bytes (not including encryption
2861 * headers). Or 0 if the data in the sk_buff is too short to contain a valid
2862 * 802.11 header.
2784 */ 2863 */
2785unsigned int ieee80211_get_hdrlen_from_skb(const struct sk_buff *skb); 2864unsigned int ieee80211_get_hdrlen_from_skb(const struct sk_buff *skb);
2786 2865
2787/** 2866/**
2788 * ieee80211_hdrlen - get header length in bytes from frame control 2867 * ieee80211_hdrlen - get header length in bytes from frame control
2789 * @fc: frame control field in little-endian format 2868 * @fc: frame control field in little-endian format
2869 * Return: The header length in bytes.
2790 */ 2870 */
2791unsigned int __attribute_const__ ieee80211_hdrlen(__le16 fc); 2871unsigned int __attribute_const__ ieee80211_hdrlen(__le16 fc);
2792 2872
@@ -2794,7 +2874,7 @@ unsigned int __attribute_const__ ieee80211_hdrlen(__le16 fc);
2794 * ieee80211_get_mesh_hdrlen - get mesh extension header length 2874 * ieee80211_get_mesh_hdrlen - get mesh extension header length
2795 * @meshhdr: the mesh extension header, only the flags field 2875 * @meshhdr: the mesh extension header, only the flags field
2796 * (first byte) will be accessed 2876 * (first byte) will be accessed
2797 * Returns the length of the extension header, which is always at 2877 * Return: The length of the extension header, which is always at
2798 * least 6 bytes and at most 18 if address 5 and 6 are present. 2878 * least 6 bytes and at most 18 if address 5 and 6 are present.
2799 */ 2879 */
2800unsigned int ieee80211_get_mesh_hdrlen(struct ieee80211s_hdr *meshhdr); 2880unsigned int ieee80211_get_mesh_hdrlen(struct ieee80211s_hdr *meshhdr);
@@ -2812,6 +2892,7 @@ unsigned int ieee80211_get_mesh_hdrlen(struct ieee80211s_hdr *meshhdr);
2812 * @skb: the 802.11 data frame 2892 * @skb: the 802.11 data frame
2813 * @addr: the device MAC address 2893 * @addr: the device MAC address
2814 * @iftype: the virtual interface type 2894 * @iftype: the virtual interface type
2895 * Return: 0 on success. Non-zero on error.
2815 */ 2896 */
2816int ieee80211_data_to_8023(struct sk_buff *skb, const u8 *addr, 2897int ieee80211_data_to_8023(struct sk_buff *skb, const u8 *addr,
2817 enum nl80211_iftype iftype); 2898 enum nl80211_iftype iftype);
@@ -2823,6 +2904,7 @@ int ieee80211_data_to_8023(struct sk_buff *skb, const u8 *addr,
2823 * @iftype: the virtual interface type 2904 * @iftype: the virtual interface type
2824 * @bssid: the network bssid (used only for iftype STATION and ADHOC) 2905 * @bssid: the network bssid (used only for iftype STATION and ADHOC)
2825 * @qos: build 802.11 QoS data frame 2906 * @qos: build 802.11 QoS data frame
2907 * Return: 0 on success, or a negative error code.
2826 */ 2908 */
2827int ieee80211_data_from_8023(struct sk_buff *skb, const u8 *addr, 2909int ieee80211_data_from_8023(struct sk_buff *skb, const u8 *addr,
2828 enum nl80211_iftype iftype, u8 *bssid, bool qos); 2910 enum nl80211_iftype iftype, u8 *bssid, bool qos);
@@ -2850,6 +2932,7 @@ void ieee80211_amsdu_to_8023s(struct sk_buff *skb, struct sk_buff_head *list,
2850/** 2932/**
2851 * cfg80211_classify8021d - determine the 802.1p/1d tag for a data frame 2933 * cfg80211_classify8021d - determine the 802.1p/1d tag for a data frame
2852 * @skb: the data frame 2934 * @skb: the data frame
2935 * Return: The 802.1p/1d tag.
2853 */ 2936 */
2854unsigned int cfg80211_classify8021d(struct sk_buff *skb); 2937unsigned int cfg80211_classify8021d(struct sk_buff *skb);
2855 2938
@@ -2860,12 +2943,13 @@ unsigned int cfg80211_classify8021d(struct sk_buff *skb);
2860 * @ies: data consisting of IEs 2943 * @ies: data consisting of IEs
2861 * @len: length of data 2944 * @len: length of data
2862 * 2945 *
2863 * This function will return %NULL if the element ID could 2946 * Return: %NULL if the element ID could not be found or if
2864 * not be found or if the element is invalid (claims to be 2947 * the element is invalid (claims to be longer than the given
2865 * longer than the given data), or a pointer to the first byte 2948 * data), or a pointer to the first byte of the requested
2866 * of the requested element, that is the byte containing the 2949 * element, that is the byte containing the element ID.
2867 * element ID. There are no checks on the element length 2950 *
2868 * other than having to fit into the given data. 2951 * Note: There are no checks on the element length other than
2952 * having to fit into the given data.
2869 */ 2953 */
2870const u8 *cfg80211_find_ie(u8 eid, const u8 *ies, int len); 2954const u8 *cfg80211_find_ie(u8 eid, const u8 *ies, int len);
2871 2955
@@ -2877,12 +2961,13 @@ const u8 *cfg80211_find_ie(u8 eid, const u8 *ies, int len);
2877 * @ies: data consisting of IEs 2961 * @ies: data consisting of IEs
2878 * @len: length of data 2962 * @len: length of data
2879 * 2963 *
2880 * This function will return %NULL if the vendor specific element ID 2964 * Return: %NULL if the vendor specific element ID could not be found or if the
2881 * could not be found or if the element is invalid (claims to be 2965 * element is invalid (claims to be longer than the given data), or a pointer to
2882 * longer than the given data), or a pointer to the first byte 2966 * the first byte of the requested element, that is the byte containing the
2883 * of the requested element, that is the byte containing the 2967 * element ID.
2884 * element ID. There are no checks on the element length 2968 *
2885 * other than having to fit into the given data. 2969 * Note: There are no checks on the element length other than having to fit into
2970 * the given data.
2886 */ 2971 */
2887const u8 *cfg80211_find_vendor_ie(unsigned int oui, u8 oui_type, 2972const u8 *cfg80211_find_vendor_ie(unsigned int oui, u8 oui_type,
2888 const u8 *ies, int len); 2973 const u8 *ies, int len);
@@ -2915,6 +3000,8 @@ const u8 *cfg80211_find_vendor_ie(unsigned int oui, u8 oui_type,
2915 * 3000 *
2916 * Drivers should check the return value, its possible you can get 3001 * Drivers should check the return value, its possible you can get
2917 * an -ENOMEM. 3002 * an -ENOMEM.
3003 *
3004 * Return: 0 on success. -ENOMEM.
2918 */ 3005 */
2919extern int regulatory_hint(struct wiphy *wiphy, const char *alpha2); 3006extern int regulatory_hint(struct wiphy *wiphy, const char *alpha2);
2920 3007
@@ -2938,28 +3025,22 @@ extern void wiphy_apply_custom_regulatory(
2938 * freq_reg_info - get regulatory information for the given frequency 3025 * freq_reg_info - get regulatory information for the given frequency
2939 * @wiphy: the wiphy for which we want to process this rule for 3026 * @wiphy: the wiphy for which we want to process this rule for
2940 * @center_freq: Frequency in KHz for which we want regulatory information for 3027 * @center_freq: Frequency in KHz for which we want regulatory information for
2941 * @desired_bw_khz: the desired max bandwidth you want to use per
2942 * channel. Note that this is still 20 MHz if you want to use HT40
2943 * as HT40 makes use of two channels for its 40 MHz width bandwidth.
2944 * If set to 0 we'll assume you want the standard 20 MHz.
2945 * @reg_rule: the regulatory rule which we have for this frequency
2946 * 3028 *
2947 * Use this function to get the regulatory rule for a specific frequency on 3029 * Use this function to get the regulatory rule for a specific frequency on
2948 * a given wireless device. If the device has a specific regulatory domain 3030 * a given wireless device. If the device has a specific regulatory domain
2949 * it wants to follow we respect that unless a country IE has been received 3031 * it wants to follow we respect that unless a country IE has been received
2950 * and processed already. 3032 * and processed already.
2951 * 3033 *
2952 * Returns 0 if it was able to find a valid regulatory rule which does 3034 * Return: A valid pointer, or, when an error occurs, for example if no rule
2953 * apply to the given center_freq otherwise it returns non-zero. It will 3035 * can be found, the return value is encoded using ERR_PTR(). Use IS_ERR() to
2954 * also return -ERANGE if we determine the given center_freq does not even have 3036 * check and PTR_ERR() to obtain the numeric return value. The numeric return
2955 * a regulatory rule for a frequency range in the center_freq's band. See 3037 * value will be -ERANGE if we determine the given center_freq does not even
2956 * freq_in_rule_band() for our current definition of a band -- this is purely 3038 * have a regulatory rule for a frequency range in the center_freq's band.
2957 * subjective and right now its 802.11 specific. 3039 * See freq_in_rule_band() for our current definition of a band -- this is
3040 * purely subjective and right now it's 802.11 specific.
2958 */ 3041 */
2959extern int freq_reg_info(struct wiphy *wiphy, 3042const struct ieee80211_reg_rule *freq_reg_info(struct wiphy *wiphy,
2960 u32 center_freq, 3043 u32 center_freq);
2961 u32 desired_bw_khz,
2962 const struct ieee80211_reg_rule **reg_rule);
2963 3044
2964/* 3045/*
2965 * callbacks for asynchronous cfg80211 methods, notification 3046 * callbacks for asynchronous cfg80211 methods, notification
@@ -3006,7 +3087,8 @@ void cfg80211_sched_scan_stopped(struct wiphy *wiphy);
3006 * This informs cfg80211 that BSS information was found and 3087 * This informs cfg80211 that BSS information was found and
3007 * the BSS should be updated/added. 3088 * the BSS should be updated/added.
3008 * 3089 *
3009 * NOTE: Returns a referenced struct, must be released with cfg80211_put_bss()! 3090 * Return: A referenced struct, must be released with cfg80211_put_bss()!
3091 * Or %NULL on error.
3010 */ 3092 */
3011struct cfg80211_bss * __must_check 3093struct cfg80211_bss * __must_check
3012cfg80211_inform_bss_frame(struct wiphy *wiphy, 3094cfg80211_inform_bss_frame(struct wiphy *wiphy,
@@ -3031,7 +3113,8 @@ cfg80211_inform_bss_frame(struct wiphy *wiphy,
3031 * This informs cfg80211 that BSS information was found and 3113 * This informs cfg80211 that BSS information was found and
3032 * the BSS should be updated/added. 3114 * the BSS should be updated/added.
3033 * 3115 *
3034 * NOTE: Returns a referenced struct, must be released with cfg80211_put_bss()! 3116 * Return: A referenced struct, must be released with cfg80211_put_bss()!
3117 * Or %NULL on error.
3035 */ 3118 */
3036struct cfg80211_bss * __must_check 3119struct cfg80211_bss * __must_check
3037cfg80211_inform_bss(struct wiphy *wiphy, 3120cfg80211_inform_bss(struct wiphy *wiphy,
@@ -3308,16 +3391,18 @@ void wiphy_rfkill_stop_polling(struct wiphy *wiphy);
3308 * the testmode command. Since it is intended for a reply, calling 3391 * the testmode command. Since it is intended for a reply, calling
3309 * it outside of the @testmode_cmd operation is invalid. 3392 * it outside of the @testmode_cmd operation is invalid.
3310 * 3393 *
3311 * The returned skb (or %NULL if any errors happen) is pre-filled 3394 * The returned skb is pre-filled with the wiphy index and set up in
3312 * with the wiphy index and set up in a way that any data that is 3395 * a way that any data that is put into the skb (with skb_put(),
3313 * put into the skb (with skb_put(), nla_put() or similar) will end 3396 * nla_put() or similar) will end up being within the
3314 * up being within the %NL80211_ATTR_TESTDATA attribute, so all that 3397 * %NL80211_ATTR_TESTDATA attribute, so all that needs to be done
3315 * needs to be done with the skb is adding data for the corresponding 3398 * with the skb is adding data for the corresponding userspace tool
3316 * userspace tool which can then read that data out of the testdata 3399 * which can then read that data out of the testdata attribute. You
3317 * attribute. You must not modify the skb in any other way. 3400 * must not modify the skb in any other way.
3318 * 3401 *
3319 * When done, call cfg80211_testmode_reply() with the skb and return 3402 * When done, call cfg80211_testmode_reply() with the skb and return
3320 * its error code as the result of the @testmode_cmd operation. 3403 * its error code as the result of the @testmode_cmd operation.
3404 *
3405 * Return: An allocated and pre-filled skb. %NULL if any errors happen.
3321 */ 3406 */
3322struct sk_buff *cfg80211_testmode_alloc_reply_skb(struct wiphy *wiphy, 3407struct sk_buff *cfg80211_testmode_alloc_reply_skb(struct wiphy *wiphy,
3323 int approxlen); 3408 int approxlen);
@@ -3327,11 +3412,12 @@ struct sk_buff *cfg80211_testmode_alloc_reply_skb(struct wiphy *wiphy,
3327 * @skb: The skb, must have been allocated with 3412 * @skb: The skb, must have been allocated with
3328 * cfg80211_testmode_alloc_reply_skb() 3413 * cfg80211_testmode_alloc_reply_skb()
3329 * 3414 *
3330 * Returns an error code or 0 on success, since calling this 3415 * Since calling this function will usually be the last thing
3331 * function will usually be the last thing before returning 3416 * before returning from the @testmode_cmd you should return
3332 * from the @testmode_cmd you should return the error code. 3417 * the error code. Note that this function consumes the skb
3333 * Note that this function consumes the skb regardless of the 3418 * regardless of the return value.
3334 * return value. 3419 *
3420 * Return: An error code or 0 on success.
3335 */ 3421 */
3336int cfg80211_testmode_reply(struct sk_buff *skb); 3422int cfg80211_testmode_reply(struct sk_buff *skb);
3337 3423
@@ -3345,14 +3431,16 @@ int cfg80211_testmode_reply(struct sk_buff *skb);
3345 * This function allocates and pre-fills an skb for an event on the 3431 * This function allocates and pre-fills an skb for an event on the
3346 * testmode multicast group. 3432 * testmode multicast group.
3347 * 3433 *
3348 * The returned skb (or %NULL if any errors happen) is set up in the 3434 * The returned skb is set up in the same way as with
3349 * same way as with cfg80211_testmode_alloc_reply_skb() but prepared 3435 * cfg80211_testmode_alloc_reply_skb() but prepared for an event. As
3350 * for an event. As there, you should simply add data to it that will 3436 * there, you should simply add data to it that will then end up in the
3351 * then end up in the %NL80211_ATTR_TESTDATA attribute. Again, you must 3437 * %NL80211_ATTR_TESTDATA attribute. Again, you must not modify the skb
3352 * not modify the skb in any other way. 3438 * in any other way.
3353 * 3439 *
3354 * When done filling the skb, call cfg80211_testmode_event() with the 3440 * When done filling the skb, call cfg80211_testmode_event() with the
3355 * skb to send the event. 3441 * skb to send the event.
3442 *
3443 * Return: An allocated and pre-filled skb. %NULL if any errors happen.
3356 */ 3444 */
3357struct sk_buff *cfg80211_testmode_alloc_event_skb(struct wiphy *wiphy, 3445struct sk_buff *cfg80211_testmode_alloc_event_skb(struct wiphy *wiphy,
3358 int approxlen, gfp_t gfp); 3446 int approxlen, gfp_t gfp);
@@ -3533,13 +3621,13 @@ void cfg80211_conn_failed(struct net_device *dev, const u8 *mac_addr,
3533 * @len: length of the frame data 3621 * @len: length of the frame data
3534 * @gfp: context flags 3622 * @gfp: context flags
3535 * 3623 *
3536 * Returns %true if a user space application has registered for this frame. 3624 * This function is called whenever an Action frame is received for a station
3625 * mode interface, but is not processed in kernel.
3626 *
3627 * Return: %true if a user space application has registered for this frame.
3537 * For action frames, that makes it responsible for rejecting unrecognized 3628 * For action frames, that makes it responsible for rejecting unrecognized
3538 * action frames; %false otherwise, in which case for action frames the 3629 * action frames; %false otherwise, in which case for action frames the
3539 * driver is responsible for rejecting the frame. 3630 * driver is responsible for rejecting the frame.
3540 *
3541 * This function is called whenever an Action frame is received for a station
3542 * mode interface, but is not processed in kernel.
3543 */ 3631 */
3544bool cfg80211_rx_mgmt(struct wireless_dev *wdev, int freq, int sig_dbm, 3632bool cfg80211_rx_mgmt(struct wireless_dev *wdev, int freq, int sig_dbm,
3545 const u8 *buf, size_t len, gfp_t gfp); 3633 const u8 *buf, size_t len, gfp_t gfp);
@@ -3631,7 +3719,7 @@ void cfg80211_pmksa_candidate_notify(struct net_device *dev, int index,
3631 * This function is used in AP mode (only!) to inform userspace that 3719 * This function is used in AP mode (only!) to inform userspace that
3632 * a spurious class 3 frame was received, to be able to deauth the 3720 * a spurious class 3 frame was received, to be able to deauth the
3633 * sender. 3721 * sender.
3634 * Returns %true if the frame was passed to userspace (or this failed 3722 * Return: %true if the frame was passed to userspace (or this failed
3635 * for a reason other than not having a subscription.) 3723 * for a reason other than not having a subscription.)
3636 */ 3724 */
3637bool cfg80211_rx_spurious_frame(struct net_device *dev, 3725bool cfg80211_rx_spurious_frame(struct net_device *dev,
@@ -3647,7 +3735,7 @@ bool cfg80211_rx_spurious_frame(struct net_device *dev,
3647 * an associated station sent a 4addr frame but that wasn't expected. 3735 * an associated station sent a 4addr frame but that wasn't expected.
3648 * It is allowed and desirable to send this event only once for each 3736 * It is allowed and desirable to send this event only once for each
3649 * station to avoid event flooding. 3737 * station to avoid event flooding.
3650 * Returns %true if the frame was passed to userspace (or this failed 3738 * Return: %true if the frame was passed to userspace (or this failed
3651 * for a reason other than not having a subscription.) 3739 * for a reason other than not having a subscription.)
3652 */ 3740 */
3653bool cfg80211_rx_unexpected_4addr_frame(struct net_device *dev, 3741bool cfg80211_rx_unexpected_4addr_frame(struct net_device *dev,
@@ -3685,8 +3773,8 @@ void cfg80211_report_obss_beacon(struct wiphy *wiphy,
3685 * @wiphy: the wiphy 3773 * @wiphy: the wiphy
3686 * @chandef: the channel definition 3774 * @chandef: the channel definition
3687 * 3775 *
3688 * This function returns true if there is no secondary channel or the secondary 3776 * Return: %true if there is no secondary channel or the secondary channel(s)
3689 * channel(s) can be used for beaconing (i.e. is not a radar channel etc.) 3777 * can be used for beaconing (i.e. is not a radar channel etc.)
3690 */ 3778 */
3691bool cfg80211_reg_can_beacon(struct wiphy *wiphy, 3779bool cfg80211_reg_can_beacon(struct wiphy *wiphy,
3692 struct cfg80211_chan_def *chandef); 3780 struct cfg80211_chan_def *chandef);
@@ -3756,9 +3844,9 @@ void cfg80211_unregister_wdev(struct wireless_dev *wdev);
3756 * The function finds a given P2P attribute in the (vendor) IEs and 3844 * The function finds a given P2P attribute in the (vendor) IEs and
3757 * copies its contents to the given buffer. 3845 * copies its contents to the given buffer.
3758 * 3846 *
3759 * The return value is a negative error code (-%EILSEQ or -%ENOENT) if 3847 * Return: A negative error code (-%EILSEQ or -%ENOENT) if the data is
3760 * the data is malformed or the attribute can't be found (respectively), 3848 * malformed or the attribute can't be found (respectively), or the
3761 * or the length of the found attribute (which can be zero). 3849 * length of the found attribute (which can be zero).
3762 */ 3850 */
3763int cfg80211_get_p2p_attr(const u8 *ies, unsigned int len, 3851int cfg80211_get_p2p_attr(const u8 *ies, unsigned int len,
3764 enum ieee80211_p2p_attr_id attr, 3852 enum ieee80211_p2p_attr_id attr,
diff --git a/include/net/mac80211.h b/include/net/mac80211.h
index ee50c5eba50c..5c98d654fc75 100644
--- a/include/net/mac80211.h
+++ b/include/net/mac80211.h
@@ -173,7 +173,7 @@ struct ieee80211_chanctx_conf {
173 173
174 u8 rx_chains_static, rx_chains_dynamic; 174 u8 rx_chains_static, rx_chains_dynamic;
175 175
176 u8 drv_priv[0] __attribute__((__aligned__(sizeof(void *)))); 176 u8 drv_priv[0] __aligned(sizeof(void *));
177}; 177};
178 178
179/** 179/**
@@ -297,11 +297,9 @@ enum ieee80211_rssi_event {
297 * may filter ARP queries targeted for other addresses than listed here. 297 * may filter ARP queries targeted for other addresses than listed here.
298 * The driver must allow ARP queries targeted for all address listed here 298 * The driver must allow ARP queries targeted for all address listed here
299 * to pass through. An empty list implies no ARP queries need to pass. 299 * to pass through. An empty list implies no ARP queries need to pass.
300 * @arp_addr_cnt: Number of addresses currently on the list. 300 * @arp_addr_cnt: Number of addresses currently on the list. Note that this
301 * @arp_filter_enabled: Enable ARP filtering - if enabled, the hardware may 301 * may be larger than %IEEE80211_BSS_ARP_ADDR_LIST_LEN (the arp_addr_list
302 * filter ARP queries based on the @arp_addr_list, if disabled, the 302 * array size), it's up to the driver what to do in that case.
303 * hardware must not perform any ARP filtering. Note, that the filter will
304 * be enabled also in promiscuous mode.
305 * @qos: This is a QoS-enabled BSS. 303 * @qos: This is a QoS-enabled BSS.
306 * @idle: This interface is idle. There's also a global idle flag in the 304 * @idle: This interface is idle. There's also a global idle flag in the
307 * hardware config which may be more appropriate depending on what 305 * hardware config which may be more appropriate depending on what
@@ -338,8 +336,7 @@ struct ieee80211_bss_conf {
338 u32 cqm_rssi_hyst; 336 u32 cqm_rssi_hyst;
339 struct cfg80211_chan_def chandef; 337 struct cfg80211_chan_def chandef;
340 __be32 arp_addr_list[IEEE80211_BSS_ARP_ADDR_LIST_LEN]; 338 __be32 arp_addr_list[IEEE80211_BSS_ARP_ADDR_LIST_LEN];
341 u8 arp_addr_cnt; 339 int arp_addr_cnt;
342 bool arp_filter_enabled;
343 bool qos; 340 bool qos;
344 bool idle; 341 bool idle;
345 bool ps; 342 bool ps;
@@ -1059,7 +1056,7 @@ struct ieee80211_vif {
1059 u32 driver_flags; 1056 u32 driver_flags;
1060 1057
1061 /* must be last */ 1058 /* must be last */
1062 u8 drv_priv[0] __attribute__((__aligned__(sizeof(void *)))); 1059 u8 drv_priv[0] __aligned(sizeof(void *));
1063}; 1060};
1064 1061
1065static inline bool ieee80211_vif_is_mesh(struct ieee80211_vif *vif) 1062static inline bool ieee80211_vif_is_mesh(struct ieee80211_vif *vif)
@@ -1209,7 +1206,7 @@ struct ieee80211_sta {
1209 u8 max_sp; 1206 u8 max_sp;
1210 1207
1211 /* must be last */ 1208 /* must be last */
1212 u8 drv_priv[0] __attribute__((__aligned__(sizeof(void *)))); 1209 u8 drv_priv[0] __aligned(sizeof(void *));
1213}; 1210};
1214 1211
1215/** 1212/**
@@ -1522,6 +1519,8 @@ struct ieee80211_hw {
1522 * structure can then access it via hw->priv. Note that mac802111 drivers should 1519 * structure can then access it via hw->priv. Note that mac802111 drivers should
1523 * not use wiphy_priv() to try to get their private driver structure as this 1520 * not use wiphy_priv() to try to get their private driver structure as this
1524 * is already used internally by mac80211. 1521 * is already used internally by mac80211.
1522 *
1523 * Return: The mac80211 driver hw struct of @wiphy.
1525 */ 1524 */
1526struct ieee80211_hw *wiphy_to_ieee80211_hw(struct wiphy *wiphy); 1525struct ieee80211_hw *wiphy_to_ieee80211_hw(struct wiphy *wiphy);
1527 1526
@@ -1628,6 +1627,10 @@ void ieee80211_free_txskb(struct ieee80211_hw *hw, struct sk_buff *skb);
1628 * rekeying), it will not include a valid phase 1 key. The valid phase 1 key is 1627 * rekeying), it will not include a valid phase 1 key. The valid phase 1 key is
1629 * provided by update_tkip_key only. The trigger that makes mac80211 call this 1628 * provided by update_tkip_key only. The trigger that makes mac80211 call this
1630 * handler is software decryption with wrap around of iv16. 1629 * handler is software decryption with wrap around of iv16.
1630 *
1631 * The set_default_unicast_key() call updates the default WEP key index
1632 * configured to the hardware for WEP encryption type. This is required
1633 * for devices that support offload of data packets (e.g. ARP responses).
1631 */ 1634 */
1632 1635
1633/** 1636/**
@@ -2033,17 +2036,29 @@ enum ieee80211_filter_flags {
2033 * calling ieee80211_start_tx_ba_cb_irqsafe, because the peer 2036 * calling ieee80211_start_tx_ba_cb_irqsafe, because the peer
2034 * might receive the addBA frame and send a delBA right away! 2037 * might receive the addBA frame and send a delBA right away!
2035 * 2038 *
2036 * @IEEE80211_AMPDU_RX_START: start Rx aggregation 2039 * @IEEE80211_AMPDU_RX_START: start RX aggregation
2037 * @IEEE80211_AMPDU_RX_STOP: stop Rx aggregation 2040 * @IEEE80211_AMPDU_RX_STOP: stop RX aggregation
2038 * @IEEE80211_AMPDU_TX_START: start Tx aggregation 2041 * @IEEE80211_AMPDU_TX_START: start TX aggregation
2039 * @IEEE80211_AMPDU_TX_STOP: stop Tx aggregation
2040 * @IEEE80211_AMPDU_TX_OPERATIONAL: TX aggregation has become operational 2042 * @IEEE80211_AMPDU_TX_OPERATIONAL: TX aggregation has become operational
2043 * @IEEE80211_AMPDU_TX_STOP_CONT: stop TX aggregation but continue transmitting
2044 * queued packets, now unaggregated. After all packets are transmitted the
2045 * driver has to call ieee80211_stop_tx_ba_cb_irqsafe().
2046 * @IEEE80211_AMPDU_TX_STOP_FLUSH: stop TX aggregation and flush all packets,
2047 * called when the station is removed. There's no need or reason to call
2048 * ieee80211_stop_tx_ba_cb_irqsafe() in this case as mac80211 assumes the
2049 * session is gone and removes the station.
2050 * @IEEE80211_AMPDU_TX_STOP_FLUSH_CONT: called when TX aggregation is stopped
2051 * but the driver hasn't called ieee80211_stop_tx_ba_cb_irqsafe() yet and
2052 * now the connection is dropped and the station will be removed. Drivers
2053 * should clean up and drop remaining packets when this is called.
2041 */ 2054 */
2042enum ieee80211_ampdu_mlme_action { 2055enum ieee80211_ampdu_mlme_action {
2043 IEEE80211_AMPDU_RX_START, 2056 IEEE80211_AMPDU_RX_START,
2044 IEEE80211_AMPDU_RX_STOP, 2057 IEEE80211_AMPDU_RX_STOP,
2045 IEEE80211_AMPDU_TX_START, 2058 IEEE80211_AMPDU_TX_START,
2046 IEEE80211_AMPDU_TX_STOP, 2059 IEEE80211_AMPDU_TX_STOP_CONT,
2060 IEEE80211_AMPDU_TX_STOP_FLUSH,
2061 IEEE80211_AMPDU_TX_STOP_FLUSH_CONT,
2047 IEEE80211_AMPDU_TX_OPERATIONAL, 2062 IEEE80211_AMPDU_TX_OPERATIONAL,
2048}; 2063};
2049 2064
@@ -2194,6 +2209,10 @@ enum ieee80211_rate_control_changed {
2194 * After rekeying was done it should (for example during resume) notify 2209 * After rekeying was done it should (for example during resume) notify
2195 * userspace of the new replay counter using ieee80211_gtk_rekey_notify(). 2210 * userspace of the new replay counter using ieee80211_gtk_rekey_notify().
2196 * 2211 *
2212 * @set_default_unicast_key: Set the default (unicast) key index, useful for
2213 * WEP when the device sends data packets autonomously, e.g. for ARP
2214 * offloading. The index can be 0-3, or -1 for unsetting it.
2215 *
2197 * @hw_scan: Ask the hardware to service the scan request, no need to start 2216 * @hw_scan: Ask the hardware to service the scan request, no need to start
2198 * the scan state machine in stack. The scan must honour the channel 2217 * the scan state machine in stack. The scan must honour the channel
2199 * configuration done by the regulatory agent in the wiphy's 2218 * configuration done by the regulatory agent in the wiphy's
@@ -2474,7 +2493,13 @@ enum ieee80211_rate_control_changed {
2474 * 2493 *
2475 * @restart_complete: Called after a call to ieee80211_restart_hw(), when the 2494 * @restart_complete: Called after a call to ieee80211_restart_hw(), when the
2476 * reconfiguration has completed. This can help the driver implement the 2495 * reconfiguration has completed. This can help the driver implement the
2477 * reconfiguration step. This callback may sleep. 2496 * reconfiguration step. Also called when reconfiguring because the
2497 * driver's resume function returned 1, as this is just like an "inline"
2498 * hardware restart. This callback may sleep.
2499 *
2500 * @ipv6_addr_change: IPv6 address assignment on the given interface changed.
2501 * Currently, this is only called for managed or P2P client interfaces.
2502 * This callback is optional; it must not sleep.
2478 */ 2503 */
2479struct ieee80211_ops { 2504struct ieee80211_ops {
2480 void (*tx)(struct ieee80211_hw *hw, 2505 void (*tx)(struct ieee80211_hw *hw,
@@ -2522,6 +2547,8 @@ struct ieee80211_ops {
2522 void (*set_rekey_data)(struct ieee80211_hw *hw, 2547 void (*set_rekey_data)(struct ieee80211_hw *hw,
2523 struct ieee80211_vif *vif, 2548 struct ieee80211_vif *vif,
2524 struct cfg80211_gtk_rekey_data *data); 2549 struct cfg80211_gtk_rekey_data *data);
2550 void (*set_default_unicast_key)(struct ieee80211_hw *hw,
2551 struct ieee80211_vif *vif, int idx);
2525 int (*hw_scan)(struct ieee80211_hw *hw, struct ieee80211_vif *vif, 2552 int (*hw_scan)(struct ieee80211_hw *hw, struct ieee80211_vif *vif,
2526 struct cfg80211_scan_request *req); 2553 struct cfg80211_scan_request *req);
2527 void (*cancel_hw_scan)(struct ieee80211_hw *hw, 2554 void (*cancel_hw_scan)(struct ieee80211_hw *hw,
@@ -2606,6 +2633,7 @@ struct ieee80211_ops {
2606 int (*set_bitrate_mask)(struct ieee80211_hw *hw, struct ieee80211_vif *vif, 2633 int (*set_bitrate_mask)(struct ieee80211_hw *hw, struct ieee80211_vif *vif,
2607 const struct cfg80211_bitrate_mask *mask); 2634 const struct cfg80211_bitrate_mask *mask);
2608 void (*rssi_callback)(struct ieee80211_hw *hw, 2635 void (*rssi_callback)(struct ieee80211_hw *hw,
2636 struct ieee80211_vif *vif,
2609 enum ieee80211_rssi_event rssi_event); 2637 enum ieee80211_rssi_event rssi_event);
2610 2638
2611 void (*allow_buffered_frames)(struct ieee80211_hw *hw, 2639 void (*allow_buffered_frames)(struct ieee80211_hw *hw,
@@ -2648,6 +2676,12 @@ struct ieee80211_ops {
2648 struct ieee80211_chanctx_conf *ctx); 2676 struct ieee80211_chanctx_conf *ctx);
2649 2677
2650 void (*restart_complete)(struct ieee80211_hw *hw); 2678 void (*restart_complete)(struct ieee80211_hw *hw);
2679
2680#if IS_ENABLED(CONFIG_IPV6)
2681 void (*ipv6_addr_change)(struct ieee80211_hw *hw,
2682 struct ieee80211_vif *vif,
2683 struct inet6_dev *idev);
2684#endif
2651}; 2685};
2652 2686
2653/** 2687/**
@@ -2661,6 +2695,8 @@ struct ieee80211_ops {
2661 * 2695 *
2662 * @priv_data_len: length of private data 2696 * @priv_data_len: length of private data
2663 * @ops: callbacks for this device 2697 * @ops: callbacks for this device
2698 *
2699 * Return: A pointer to the new hardware device, or %NULL on error.
2664 */ 2700 */
2665struct ieee80211_hw *ieee80211_alloc_hw(size_t priv_data_len, 2701struct ieee80211_hw *ieee80211_alloc_hw(size_t priv_data_len,
2666 const struct ieee80211_ops *ops); 2702 const struct ieee80211_ops *ops);
@@ -2673,6 +2709,8 @@ struct ieee80211_hw *ieee80211_alloc_hw(size_t priv_data_len,
2673 * need to fill the contained wiphy's information. 2709 * need to fill the contained wiphy's information.
2674 * 2710 *
2675 * @hw: the device to register as returned by ieee80211_alloc_hw() 2711 * @hw: the device to register as returned by ieee80211_alloc_hw()
2712 *
2713 * Return: 0 on success. An error code otherwise.
2676 */ 2714 */
2677int ieee80211_register_hw(struct ieee80211_hw *hw); 2715int ieee80211_register_hw(struct ieee80211_hw *hw);
2678 2716
@@ -2719,6 +2757,8 @@ extern char *__ieee80211_create_tpt_led_trigger(
2719 * of the trigger so you can automatically link the LED device. 2757 * of the trigger so you can automatically link the LED device.
2720 * 2758 *
2721 * @hw: the hardware to get the LED trigger name for 2759 * @hw: the hardware to get the LED trigger name for
2760 *
2761 * Return: The name of the LED trigger. %NULL if not configured for LEDs.
2722 */ 2762 */
2723static inline char *ieee80211_get_tx_led_name(struct ieee80211_hw *hw) 2763static inline char *ieee80211_get_tx_led_name(struct ieee80211_hw *hw)
2724{ 2764{
@@ -2738,6 +2778,8 @@ static inline char *ieee80211_get_tx_led_name(struct ieee80211_hw *hw)
2738 * of the trigger so you can automatically link the LED device. 2778 * of the trigger so you can automatically link the LED device.
2739 * 2779 *
2740 * @hw: the hardware to get the LED trigger name for 2780 * @hw: the hardware to get the LED trigger name for
2781 *
2782 * Return: The name of the LED trigger. %NULL if not configured for LEDs.
2741 */ 2783 */
2742static inline char *ieee80211_get_rx_led_name(struct ieee80211_hw *hw) 2784static inline char *ieee80211_get_rx_led_name(struct ieee80211_hw *hw)
2743{ 2785{
@@ -2757,6 +2799,8 @@ static inline char *ieee80211_get_rx_led_name(struct ieee80211_hw *hw)
2757 * of the trigger so you can automatically link the LED device. 2799 * of the trigger so you can automatically link the LED device.
2758 * 2800 *
2759 * @hw: the hardware to get the LED trigger name for 2801 * @hw: the hardware to get the LED trigger name for
2802 *
2803 * Return: The name of the LED trigger. %NULL if not configured for LEDs.
2760 */ 2804 */
2761static inline char *ieee80211_get_assoc_led_name(struct ieee80211_hw *hw) 2805static inline char *ieee80211_get_assoc_led_name(struct ieee80211_hw *hw)
2762{ 2806{
@@ -2776,6 +2820,8 @@ static inline char *ieee80211_get_assoc_led_name(struct ieee80211_hw *hw)
2776 * of the trigger so you can automatically link the LED device. 2820 * of the trigger so you can automatically link the LED device.
2777 * 2821 *
2778 * @hw: the hardware to get the LED trigger name for 2822 * @hw: the hardware to get the LED trigger name for
2823 *
2824 * Return: The name of the LED trigger. %NULL if not configured for LEDs.
2779 */ 2825 */
2780static inline char *ieee80211_get_radio_led_name(struct ieee80211_hw *hw) 2826static inline char *ieee80211_get_radio_led_name(struct ieee80211_hw *hw)
2781{ 2827{
@@ -2793,9 +2839,10 @@ static inline char *ieee80211_get_radio_led_name(struct ieee80211_hw *hw)
2793 * @blink_table: the blink table -- needs to be ordered by throughput 2839 * @blink_table: the blink table -- needs to be ordered by throughput
2794 * @blink_table_len: size of the blink table 2840 * @blink_table_len: size of the blink table
2795 * 2841 *
2796 * This function returns %NULL (in case of error, or if no LED 2842 * Return: %NULL (in case of error, or if no LED triggers are
2797 * triggers are configured) or the name of the new trigger. 2843 * configured) or the name of the new trigger.
2798 * This function must be called before ieee80211_register_hw(). 2844 *
2845 * Note: This function must be called before ieee80211_register_hw().
2799 */ 2846 */
2800static inline char * 2847static inline char *
2801ieee80211_create_tpt_led_trigger(struct ieee80211_hw *hw, unsigned int flags, 2848ieee80211_create_tpt_led_trigger(struct ieee80211_hw *hw, unsigned int flags,
@@ -2928,10 +2975,10 @@ static inline void ieee80211_rx_ni(struct ieee80211_hw *hw,
2928 * Calls to this function for a single hardware must be synchronized against 2975 * Calls to this function for a single hardware must be synchronized against
2929 * each other. 2976 * each other.
2930 * 2977 *
2931 * The function returns -EINVAL when the requested PS mode is already set.
2932 *
2933 * @sta: currently connected sta 2978 * @sta: currently connected sta
2934 * @start: start or stop PS 2979 * @start: start or stop PS
2980 *
2981 * Return: 0 on success. -EINVAL when the requested PS mode is already set.
2935 */ 2982 */
2936int ieee80211_sta_ps_transition(struct ieee80211_sta *sta, bool start); 2983int ieee80211_sta_ps_transition(struct ieee80211_sta *sta, bool start);
2937 2984
@@ -2945,6 +2992,8 @@ int ieee80211_sta_ps_transition(struct ieee80211_sta *sta, bool start);
2945 * 2992 *
2946 * @sta: currently connected sta 2993 * @sta: currently connected sta
2947 * @start: start or stop PS 2994 * @start: start or stop PS
2995 *
2996 * Return: Like ieee80211_sta_ps_transition().
2948 */ 2997 */
2949static inline int ieee80211_sta_ps_transition_ni(struct ieee80211_sta *sta, 2998static inline int ieee80211_sta_ps_transition_ni(struct ieee80211_sta *sta,
2950 bool start) 2999 bool start)
@@ -3082,6 +3131,8 @@ void ieee80211_report_low_ack(struct ieee80211_sta *sta, u32 num_packets);
3082 * according to the current DTIM parameters/TIM bitmap. 3131 * according to the current DTIM parameters/TIM bitmap.
3083 * 3132 *
3084 * The driver is responsible for freeing the returned skb. 3133 * The driver is responsible for freeing the returned skb.
3134 *
3135 * Return: The beacon template. %NULL on error.
3085 */ 3136 */
3086struct sk_buff *ieee80211_beacon_get_tim(struct ieee80211_hw *hw, 3137struct sk_buff *ieee80211_beacon_get_tim(struct ieee80211_hw *hw,
3087 struct ieee80211_vif *vif, 3138 struct ieee80211_vif *vif,
@@ -3093,6 +3144,8 @@ struct sk_buff *ieee80211_beacon_get_tim(struct ieee80211_hw *hw,
3093 * @vif: &struct ieee80211_vif pointer from the add_interface callback. 3144 * @vif: &struct ieee80211_vif pointer from the add_interface callback.
3094 * 3145 *
3095 * See ieee80211_beacon_get_tim(). 3146 * See ieee80211_beacon_get_tim().
3147 *
3148 * Return: See ieee80211_beacon_get_tim().
3096 */ 3149 */
3097static inline struct sk_buff *ieee80211_beacon_get(struct ieee80211_hw *hw, 3150static inline struct sk_buff *ieee80211_beacon_get(struct ieee80211_hw *hw,
3098 struct ieee80211_vif *vif) 3151 struct ieee80211_vif *vif)
@@ -3109,6 +3162,8 @@ static inline struct sk_buff *ieee80211_beacon_get(struct ieee80211_hw *hw,
3109 * hardware. The destination address should be set by the caller. 3162 * hardware. The destination address should be set by the caller.
3110 * 3163 *
3111 * Can only be called in AP mode. 3164 * Can only be called in AP mode.
3165 *
3166 * Return: The Probe Response template. %NULL on error.
3112 */ 3167 */
3113struct sk_buff *ieee80211_proberesp_get(struct ieee80211_hw *hw, 3168struct sk_buff *ieee80211_proberesp_get(struct ieee80211_hw *hw,
3114 struct ieee80211_vif *vif); 3169 struct ieee80211_vif *vif);
@@ -3124,6 +3179,8 @@ struct sk_buff *ieee80211_proberesp_get(struct ieee80211_hw *hw,
3124 * 3179 *
3125 * Note: Caller (or hardware) is responsible for setting the 3180 * Note: Caller (or hardware) is responsible for setting the
3126 * &IEEE80211_FCTL_PM bit. 3181 * &IEEE80211_FCTL_PM bit.
3182 *
3183 * Return: The PS Poll template. %NULL on error.
3127 */ 3184 */
3128struct sk_buff *ieee80211_pspoll_get(struct ieee80211_hw *hw, 3185struct sk_buff *ieee80211_pspoll_get(struct ieee80211_hw *hw,
3129 struct ieee80211_vif *vif); 3186 struct ieee80211_vif *vif);
@@ -3139,6 +3196,8 @@ struct sk_buff *ieee80211_pspoll_get(struct ieee80211_hw *hw,
3139 * 3196 *
3140 * Note: Caller (or hardware) is responsible for setting the 3197 * Note: Caller (or hardware) is responsible for setting the
3141 * &IEEE80211_FCTL_PM bit as well as Duration and Sequence Control fields. 3198 * &IEEE80211_FCTL_PM bit as well as Duration and Sequence Control fields.
3199 *
3200 * Return: The nullfunc template. %NULL on error.
3142 */ 3201 */
3143struct sk_buff *ieee80211_nullfunc_get(struct ieee80211_hw *hw, 3202struct sk_buff *ieee80211_nullfunc_get(struct ieee80211_hw *hw,
3144 struct ieee80211_vif *vif); 3203 struct ieee80211_vif *vif);
@@ -3153,6 +3212,8 @@ struct sk_buff *ieee80211_nullfunc_get(struct ieee80211_hw *hw,
3153 * 3212 *
3154 * Creates a Probe Request template which can, for example, be uploaded to 3213 * Creates a Probe Request template which can, for example, be uploaded to
3155 * hardware. 3214 * hardware.
3215 *
3216 * Return: The Probe Request template. %NULL on error.
3156 */ 3217 */
3157struct sk_buff *ieee80211_probereq_get(struct ieee80211_hw *hw, 3218struct sk_buff *ieee80211_probereq_get(struct ieee80211_hw *hw,
3158 struct ieee80211_vif *vif, 3219 struct ieee80211_vif *vif,
@@ -3188,6 +3249,8 @@ void ieee80211_rts_get(struct ieee80211_hw *hw, struct ieee80211_vif *vif,
3188 * If the RTS is generated in firmware, but the host system must provide 3249 * If the RTS is generated in firmware, but the host system must provide
3189 * the duration field, the low-level driver uses this function to receive 3250 * the duration field, the low-level driver uses this function to receive
3190 * the duration field value in little-endian byteorder. 3251 * the duration field value in little-endian byteorder.
3252 *
3253 * Return: The duration.
3191 */ 3254 */
3192__le16 ieee80211_rts_duration(struct ieee80211_hw *hw, 3255__le16 ieee80211_rts_duration(struct ieee80211_hw *hw,
3193 struct ieee80211_vif *vif, size_t frame_len, 3256 struct ieee80211_vif *vif, size_t frame_len,
@@ -3223,6 +3286,8 @@ void ieee80211_ctstoself_get(struct ieee80211_hw *hw,
3223 * If the CTS-to-self is generated in firmware, but the host system must provide 3286 * If the CTS-to-self is generated in firmware, but the host system must provide
3224 * the duration field, the low-level driver uses this function to receive 3287 * the duration field, the low-level driver uses this function to receive
3225 * the duration field value in little-endian byteorder. 3288 * the duration field value in little-endian byteorder.
3289 *
3290 * Return: The duration.
3226 */ 3291 */
3227__le16 ieee80211_ctstoself_duration(struct ieee80211_hw *hw, 3292__le16 ieee80211_ctstoself_duration(struct ieee80211_hw *hw,
3228 struct ieee80211_vif *vif, 3293 struct ieee80211_vif *vif,
@@ -3239,6 +3304,8 @@ __le16 ieee80211_ctstoself_duration(struct ieee80211_hw *hw,
3239 * 3304 *
3240 * Calculate the duration field of some generic frame, given its 3305 * Calculate the duration field of some generic frame, given its
3241 * length and transmission rate (in 100kbps). 3306 * length and transmission rate (in 100kbps).
3307 *
3308 * Return: The duration.
3242 */ 3309 */
3243__le16 ieee80211_generic_frame_duration(struct ieee80211_hw *hw, 3310__le16 ieee80211_generic_frame_duration(struct ieee80211_hw *hw,
3244 struct ieee80211_vif *vif, 3311 struct ieee80211_vif *vif,
@@ -3255,9 +3322,10 @@ __le16 ieee80211_generic_frame_duration(struct ieee80211_hw *hw,
3255 * hardware/firmware does not implement buffering of broadcast/multicast 3322 * hardware/firmware does not implement buffering of broadcast/multicast
3256 * frames when power saving is used, 802.11 code buffers them in the host 3323 * frames when power saving is used, 802.11 code buffers them in the host
3257 * memory. The low-level driver uses this function to fetch next buffered 3324 * memory. The low-level driver uses this function to fetch next buffered
3258 * frame. In most cases, this is used when generating beacon frame. This 3325 * frame. In most cases, this is used when generating beacon frame.
3259 * function returns a pointer to the next buffered skb or NULL if no more 3326 *
3260 * buffered frames are available. 3327 * Return: A pointer to the next buffered skb or NULL if no more buffered
3328 * frames are available.
3261 * 3329 *
3262 * Note: buffered frames are returned only after DTIM beacon frame was 3330 * Note: buffered frames are returned only after DTIM beacon frame was
3263 * generated with ieee80211_beacon_get() and the low-level driver must thus 3331 * generated with ieee80211_beacon_get() and the low-level driver must thus
@@ -3437,6 +3505,8 @@ void ieee80211_stop_queue(struct ieee80211_hw *hw, int queue);
3437 * @queue: queue number (counted from zero). 3505 * @queue: queue number (counted from zero).
3438 * 3506 *
3439 * Drivers should use this function instead of netif_stop_queue. 3507 * Drivers should use this function instead of netif_stop_queue.
3508 *
3509 * Return: %true if the queue is stopped. %false otherwise.
3440 */ 3510 */
3441 3511
3442int ieee80211_queue_stopped(struct ieee80211_hw *hw, int queue); 3512int ieee80211_queue_stopped(struct ieee80211_hw *hw, int queue);
@@ -3634,7 +3704,9 @@ void ieee80211_stop_tx_ba_cb_irqsafe(struct ieee80211_vif *vif, const u8 *ra,
3634 * @vif: virtual interface to look for station on 3704 * @vif: virtual interface to look for station on
3635 * @addr: station's address 3705 * @addr: station's address
3636 * 3706 *
3637 * This function must be called under RCU lock and the 3707 * Return: The station, if found. %NULL otherwise.
3708 *
3709 * Note: This function must be called under RCU lock and the
3638 * resulting pointer is only valid under RCU lock as well. 3710 * resulting pointer is only valid under RCU lock as well.
3639 */ 3711 */
3640struct ieee80211_sta *ieee80211_find_sta(struct ieee80211_vif *vif, 3712struct ieee80211_sta *ieee80211_find_sta(struct ieee80211_vif *vif,
@@ -3647,7 +3719,9 @@ struct ieee80211_sta *ieee80211_find_sta(struct ieee80211_vif *vif,
3647 * @addr: remote station's address 3719 * @addr: remote station's address
3648 * @localaddr: local address (vif->sdata->vif.addr). Use NULL for 'any'. 3720 * @localaddr: local address (vif->sdata->vif.addr). Use NULL for 'any'.
3649 * 3721 *
3650 * This function must be called under RCU lock and the 3722 * Return: The station, if found. %NULL otherwise.
3723 *
3724 * Note: This function must be called under RCU lock and the
3651 * resulting pointer is only valid under RCU lock as well. 3725 * resulting pointer is only valid under RCU lock as well.
3652 * 3726 *
3653 * NOTE: You may pass NULL for localaddr, but then you will just get 3727 * NOTE: You may pass NULL for localaddr, but then you will just get
@@ -3754,6 +3828,11 @@ void ieee80211_iter_keys(struct ieee80211_hw *hw,
3754 * The iterator will not find a context that's being added (during 3828 * The iterator will not find a context that's being added (during
3755 * the driver callback to add it) but will find it while it's being 3829 * the driver callback to add it) but will find it while it's being
3756 * removed. 3830 * removed.
3831 *
3832 * Note that during hardware restart, all contexts that existed
3833 * before the restart are considered already present so will be
3834 * found while iterating, whether they've been re-added already
3835 * or not.
3757 */ 3836 */
3758void ieee80211_iter_chan_contexts_atomic( 3837void ieee80211_iter_chan_contexts_atomic(
3759 struct ieee80211_hw *hw, 3838 struct ieee80211_hw *hw,
@@ -3772,7 +3851,9 @@ void ieee80211_iter_chan_contexts_atomic(
3772 * information. This function must only be called from within the 3851 * information. This function must only be called from within the
3773 * .bss_info_changed callback function and only in managed mode. The function 3852 * .bss_info_changed callback function and only in managed mode. The function
3774 * is only useful when the interface is associated, otherwise it will return 3853 * is only useful when the interface is associated, otherwise it will return
3775 * NULL. 3854 * %NULL.
3855 *
3856 * Return: The Probe Request template. %NULL on error.
3776 */ 3857 */
3777struct sk_buff *ieee80211_ap_probereq_get(struct ieee80211_hw *hw, 3858struct sk_buff *ieee80211_ap_probereq_get(struct ieee80211_hw *hw,
3778 struct ieee80211_vif *vif); 3859 struct ieee80211_vif *vif);
@@ -4119,12 +4200,14 @@ void ieee80211_enable_rssi_reports(struct ieee80211_vif *vif,
4119void ieee80211_disable_rssi_reports(struct ieee80211_vif *vif); 4200void ieee80211_disable_rssi_reports(struct ieee80211_vif *vif);
4120 4201
4121/** 4202/**
4122 * ieee80211_ave_rssi - report the average rssi for the specified interface 4203 * ieee80211_ave_rssi - report the average RSSI for the specified interface
4123 * 4204 *
4124 * @vif: the specified virtual interface 4205 * @vif: the specified virtual interface
4125 * 4206 *
4126 * This function return the average rssi value for the requested interface. 4207 * Note: This function assumes that the given vif is valid.
4127 * It assumes that the given vif is valid. 4208 *
4209 * Return: The average RSSI value for the requested interface, or 0 if not
4210 * applicable.
4128 */ 4211 */
4129int ieee80211_ave_rssi(struct ieee80211_vif *vif); 4212int ieee80211_ave_rssi(struct ieee80211_vif *vif);
4130 4213
diff --git a/include/net/nfc/hci.h b/include/net/nfc/hci.h
index 671953e11575..b87a1692b086 100644
--- a/include/net/nfc/hci.h
+++ b/include/net/nfc/hci.h
@@ -57,8 +57,10 @@ struct nfc_hci_ops {
57 int (*tm_send)(struct nfc_hci_dev *hdev, struct sk_buff *skb); 57 int (*tm_send)(struct nfc_hci_dev *hdev, struct sk_buff *skb);
58 int (*check_presence)(struct nfc_hci_dev *hdev, 58 int (*check_presence)(struct nfc_hci_dev *hdev,
59 struct nfc_target *target); 59 struct nfc_target *target);
60 void (*event_received)(struct nfc_hci_dev *hdev, u8 gate, u8 event, 60 int (*event_received)(struct nfc_hci_dev *hdev, u8 gate, u8 event,
61 struct sk_buff *skb); 61 struct sk_buff *skb);
62 int (*enable_se)(struct nfc_dev *dev, u32 secure_element);
63 int (*disable_se)(struct nfc_dev *dev, u32 secure_element);
62}; 64};
63 65
64/* Pipes */ 66/* Pipes */
@@ -82,11 +84,23 @@ typedef int (*xmit) (struct sk_buff *skb, void *cb_data);
82 84
83#define NFC_HCI_MAX_GATES 256 85#define NFC_HCI_MAX_GATES 256
84 86
87/*
88 * These values can be specified by a driver to indicate it requires some
89 * adaptation of the HCI standard.
90 *
91 * NFC_HCI_QUIRK_SHORT_CLEAR - send HCI_ADM_CLEAR_ALL_PIPE cmd with no params
92 */
93enum {
94 NFC_HCI_QUIRK_SHORT_CLEAR = 0,
95};
96
85struct nfc_hci_dev { 97struct nfc_hci_dev {
86 struct nfc_dev *ndev; 98 struct nfc_dev *ndev;
87 99
88 u32 max_data_link_payload; 100 u32 max_data_link_payload;
89 101
102 bool shutting_down;
103
90 struct mutex msg_tx_mutex; 104 struct mutex msg_tx_mutex;
91 105
92 struct list_head msg_tx_queue; 106 struct list_head msg_tx_queue;
@@ -129,12 +143,16 @@ struct nfc_hci_dev {
129 143
130 u8 *gb; 144 u8 *gb;
131 size_t gb_len; 145 size_t gb_len;
146
147 unsigned long quirks;
132}; 148};
133 149
134/* hci device allocation */ 150/* hci device allocation */
135struct nfc_hci_dev *nfc_hci_allocate_device(struct nfc_hci_ops *ops, 151struct nfc_hci_dev *nfc_hci_allocate_device(struct nfc_hci_ops *ops,
136 struct nfc_hci_init_data *init_data, 152 struct nfc_hci_init_data *init_data,
153 unsigned long quirks,
137 u32 protocols, 154 u32 protocols,
155 u32 supported_se,
138 const char *llc_name, 156 const char *llc_name,
139 int tx_headroom, 157 int tx_headroom,
140 int tx_tailroom, 158 int tx_tailroom,
diff --git a/include/net/nfc/nci_core.h b/include/net/nfc/nci_core.h
index d705d8674949..5bc0c460edc0 100644
--- a/include/net/nfc/nci_core.h
+++ b/include/net/nfc/nci_core.h
@@ -147,6 +147,7 @@ struct nci_dev {
147/* ----- NCI Devices ----- */ 147/* ----- NCI Devices ----- */
148struct nci_dev *nci_allocate_device(struct nci_ops *ops, 148struct nci_dev *nci_allocate_device(struct nci_ops *ops,
149 __u32 supported_protocols, 149 __u32 supported_protocols,
150 __u32 supported_se,
150 int tx_headroom, 151 int tx_headroom,
151 int tx_tailroom); 152 int tx_tailroom);
152void nci_free_device(struct nci_dev *ndev); 153void nci_free_device(struct nci_dev *ndev);
diff --git a/include/net/nfc/nfc.h b/include/net/nfc/nfc.h
index fce80b2f9be7..87a6417fc934 100644
--- a/include/net/nfc/nfc.h
+++ b/include/net/nfc/nfc.h
@@ -68,6 +68,8 @@ struct nfc_ops {
68 void *cb_context); 68 void *cb_context);
69 int (*tm_send)(struct nfc_dev *dev, struct sk_buff *skb); 69 int (*tm_send)(struct nfc_dev *dev, struct sk_buff *skb);
70 int (*check_presence)(struct nfc_dev *dev, struct nfc_target *target); 70 int (*check_presence)(struct nfc_dev *dev, struct nfc_target *target);
71 int (*enable_se)(struct nfc_dev *dev, u32 secure_element);
72 int (*disable_se)(struct nfc_dev *dev, u32 secure_element);
71}; 73};
72 74
73#define NFC_TARGET_IDX_ANY -1 75#define NFC_TARGET_IDX_ANY -1
@@ -109,12 +111,17 @@ struct nfc_dev {
109 struct nfc_genl_data genl_data; 111 struct nfc_genl_data genl_data;
110 u32 supported_protocols; 112 u32 supported_protocols;
111 113
114 u32 supported_se;
115 u32 active_se;
116
112 int tx_headroom; 117 int tx_headroom;
113 int tx_tailroom; 118 int tx_tailroom;
114 119
115 struct timer_list check_pres_timer; 120 struct timer_list check_pres_timer;
116 struct work_struct check_pres_work; 121 struct work_struct check_pres_work;
117 122
123 bool shutting_down;
124
118 struct nfc_ops *ops; 125 struct nfc_ops *ops;
119}; 126};
120#define to_nfc_dev(_dev) container_of(_dev, struct nfc_dev, dev) 127#define to_nfc_dev(_dev) container_of(_dev, struct nfc_dev, dev)
@@ -123,6 +130,7 @@ extern struct class nfc_class;
123 130
124struct nfc_dev *nfc_allocate_device(struct nfc_ops *ops, 131struct nfc_dev *nfc_allocate_device(struct nfc_ops *ops,
125 u32 supported_protocols, 132 u32 supported_protocols,
133 u32 supported_se,
126 int tx_headroom, 134 int tx_headroom,
127 int tx_tailroom); 135 int tx_tailroom);
128 136
diff --git a/include/net/regulatory.h b/include/net/regulatory.h
index 7dcaa2794fde..f17ed590d64a 100644
--- a/include/net/regulatory.h
+++ b/include/net/regulatory.h
@@ -18,6 +18,7 @@
18 * OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE. 18 * OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE.
19 */ 19 */
20 20
21#include <linux/rcupdate.h>
21 22
22/** 23/**
23 * enum environment_cap - Environment parsed from country IE 24 * enum environment_cap - Environment parsed from country IE
@@ -35,6 +36,7 @@ enum environment_cap {
35/** 36/**
36 * struct regulatory_request - used to keep track of regulatory requests 37 * struct regulatory_request - used to keep track of regulatory requests
37 * 38 *
39 * @rcu_head: RCU head struct used to free the request
38 * @wiphy_idx: this is set if this request's initiator is 40 * @wiphy_idx: this is set if this request's initiator is
39 * %REGDOM_SET_BY_COUNTRY_IE or %REGDOM_SET_BY_DRIVER. This 41 * %REGDOM_SET_BY_COUNTRY_IE or %REGDOM_SET_BY_DRIVER. This
40 * can be used by the wireless core to deal with conflicts 42 * can be used by the wireless core to deal with conflicts
@@ -72,6 +74,7 @@ enum environment_cap {
72 * @list: used to insert into the reg_requests_list linked list 74 * @list: used to insert into the reg_requests_list linked list
73 */ 75 */
74struct regulatory_request { 76struct regulatory_request {
77 struct rcu_head rcu_head;
75 int wiphy_idx; 78 int wiphy_idx;
76 enum nl80211_reg_initiator initiator; 79 enum nl80211_reg_initiator initiator;
77 enum nl80211_user_reg_hint_type user_reg_hint_type; 80 enum nl80211_user_reg_hint_type user_reg_hint_type;
@@ -101,6 +104,7 @@ struct ieee80211_reg_rule {
101}; 104};
102 105
103struct ieee80211_regdomain { 106struct ieee80211_regdomain {
107 struct rcu_head rcu_head;
104 u32 n_reg_rules; 108 u32 n_reg_rules;
105 char alpha2[2]; 109 char alpha2[2];
106 u8 dfs_region; 110 u8 dfs_region;
diff --git a/include/uapi/linux/nfc.h b/include/uapi/linux/nfc.h
index 0e63cee8d810..7969f46f1bb3 100644
--- a/include/uapi/linux/nfc.h
+++ b/include/uapi/linux/nfc.h
@@ -5,20 +5,17 @@
5 * Lauro Ramos Venancio <lauro.venancio@openbossa.org> 5 * Lauro Ramos Venancio <lauro.venancio@openbossa.org>
6 * Aloisio Almeida Jr <aloisio.almeida@openbossa.org> 6 * Aloisio Almeida Jr <aloisio.almeida@openbossa.org>
7 * 7 *
8 * This program is free software; you can redistribute it and/or modify 8 * Permission to use, copy, modify, and/or distribute this software for any
9 * it under the terms of the GNU General Public License as published by 9 * purpose with or without fee is hereby granted, provided that the above
10 * the Free Software Foundation; either version 2 of the License, or 10 * copyright notice and this permission notice appear in all copies.
11 * (at your option) any later version.
12 * 11 *
13 * This program is distributed in the hope that it will be useful, 12 * THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES
14 * but WITHOUT ANY WARRANTY; without even the implied warranty of 13 * WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF
15 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the 14 * MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR
16 * GNU General Public License for more details. 15 * ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES
17 * 16 * WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN
18 * You should have received a copy of the GNU General Public License 17 * ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF
19 * along with this program; if not, write to the 18 * OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE.
20 * Free Software Foundation, Inc.,
21 * 59 Temple Place - Suite 330, Boston, MA 02111-1307, USA.
22 */ 19 */
23 20
24#ifndef __LINUX_NFC_H 21#ifndef __LINUX_NFC_H
@@ -67,6 +64,11 @@
67 * subsequent CONNECT and CC messages. 64 * subsequent CONNECT and CC messages.
68 * If one of the passed parameters is wrong none is set and -EINVAL is 65 * If one of the passed parameters is wrong none is set and -EINVAL is
69 * returned. 66 * returned.
67 * @NFC_CMD_ENABLE_SE: Enable the physical link to a specific secure element.
68 * Once enabled a secure element will handle card emulation mode, i.e.
69 * starting a poll from a device which has a secure element enabled means
70 * we want to do SE based card emulation.
71 * @NFC_CMD_DISABLE_SE: Disable the physical link to a specific secure element.
70 */ 72 */
71enum nfc_commands { 73enum nfc_commands {
72 NFC_CMD_UNSPEC, 74 NFC_CMD_UNSPEC,
@@ -86,6 +88,8 @@ enum nfc_commands {
86 NFC_EVENT_TM_DEACTIVATED, 88 NFC_EVENT_TM_DEACTIVATED,
87 NFC_CMD_LLC_GET_PARAMS, 89 NFC_CMD_LLC_GET_PARAMS,
88 NFC_CMD_LLC_SET_PARAMS, 90 NFC_CMD_LLC_SET_PARAMS,
91 NFC_CMD_ENABLE_SE,
92 NFC_CMD_DISABLE_SE,
89/* private: internal use only */ 93/* private: internal use only */
90 __NFC_CMD_AFTER_LAST 94 __NFC_CMD_AFTER_LAST
91}; 95};
@@ -114,6 +118,7 @@ enum nfc_commands {
114 * @NFC_ATTR_LLC_PARAM_LTO: Link TimeOut parameter 118 * @NFC_ATTR_LLC_PARAM_LTO: Link TimeOut parameter
115 * @NFC_ATTR_LLC_PARAM_RW: Receive Window size parameter 119 * @NFC_ATTR_LLC_PARAM_RW: Receive Window size parameter
116 * @NFC_ATTR_LLC_PARAM_MIUX: MIU eXtension parameter 120 * @NFC_ATTR_LLC_PARAM_MIUX: MIU eXtension parameter
121 * @NFC_ATTR_SE: Available Secure Elements
117 */ 122 */
118enum nfc_attrs { 123enum nfc_attrs {
119 NFC_ATTR_UNSPEC, 124 NFC_ATTR_UNSPEC,
@@ -134,6 +139,7 @@ enum nfc_attrs {
134 NFC_ATTR_LLC_PARAM_LTO, 139 NFC_ATTR_LLC_PARAM_LTO,
135 NFC_ATTR_LLC_PARAM_RW, 140 NFC_ATTR_LLC_PARAM_RW,
136 NFC_ATTR_LLC_PARAM_MIUX, 141 NFC_ATTR_LLC_PARAM_MIUX,
142 NFC_ATTR_SE,
137/* private: internal use only */ 143/* private: internal use only */
138 __NFC_ATTR_AFTER_LAST 144 __NFC_ATTR_AFTER_LAST
139}; 145};
@@ -172,6 +178,11 @@ enum nfc_attrs {
172#define NFC_PROTO_NFC_DEP_MASK (1 << NFC_PROTO_NFC_DEP) 178#define NFC_PROTO_NFC_DEP_MASK (1 << NFC_PROTO_NFC_DEP)
173#define NFC_PROTO_ISO14443_B_MASK (1 << NFC_PROTO_ISO14443_B) 179#define NFC_PROTO_ISO14443_B_MASK (1 << NFC_PROTO_ISO14443_B)
174 180
181/* NFC Secure Elements */
182#define NFC_SE_NONE 0x0
183#define NFC_SE_UICC 0x1
184#define NFC_SE_EMBEDDED 0x2
185
175struct sockaddr_nfc { 186struct sockaddr_nfc {
176 sa_family_t sa_family; 187 sa_family_t sa_family;
177 __u32 dev_idx; 188 __u32 dev_idx;
diff --git a/include/uapi/linux/nl80211.h b/include/uapi/linux/nl80211.h
index e3e19f8b16f2..5b7dbc1ea966 100644
--- a/include/uapi/linux/nl80211.h
+++ b/include/uapi/linux/nl80211.h
@@ -170,7 +170,8 @@
170 * %NL80211_ATTR_HIDDEN_SSID, %NL80211_ATTR_CIPHERS_PAIRWISE, 170 * %NL80211_ATTR_HIDDEN_SSID, %NL80211_ATTR_CIPHERS_PAIRWISE,
171 * %NL80211_ATTR_CIPHER_GROUP, %NL80211_ATTR_WPA_VERSIONS, 171 * %NL80211_ATTR_CIPHER_GROUP, %NL80211_ATTR_WPA_VERSIONS,
172 * %NL80211_ATTR_AKM_SUITES, %NL80211_ATTR_PRIVACY, 172 * %NL80211_ATTR_AKM_SUITES, %NL80211_ATTR_PRIVACY,
173 * %NL80211_ATTR_AUTH_TYPE and %NL80211_ATTR_INACTIVITY_TIMEOUT. 173 * %NL80211_ATTR_AUTH_TYPE, %NL80211_ATTR_INACTIVITY_TIMEOUT,
174 * %NL80211_ATTR_ACL_POLICY and %NL80211_ATTR_MAC_ADDRS.
174 * The channel to use can be set on the interface or be given using the 175 * The channel to use can be set on the interface or be given using the
175 * %NL80211_ATTR_WIPHY_FREQ and the attributes determining channel width. 176 * %NL80211_ATTR_WIPHY_FREQ and the attributes determining channel width.
176 * @NL80211_CMD_NEW_BEACON: old alias for %NL80211_CMD_START_AP 177 * @NL80211_CMD_NEW_BEACON: old alias for %NL80211_CMD_START_AP
@@ -374,8 +375,8 @@
374 * requests to connect to a specified network but without separating 375 * requests to connect to a specified network but without separating
375 * auth and assoc steps. For this, you need to specify the SSID in a 376 * auth and assoc steps. For this, you need to specify the SSID in a
376 * %NL80211_ATTR_SSID attribute, and can optionally specify the association 377 * %NL80211_ATTR_SSID attribute, and can optionally specify the association
377 * IEs in %NL80211_ATTR_IE, %NL80211_ATTR_AUTH_TYPE, %NL80211_ATTR_MAC, 378 * IEs in %NL80211_ATTR_IE, %NL80211_ATTR_AUTH_TYPE, %NL80211_ATTR_USE_MFP,
378 * %NL80211_ATTR_WIPHY_FREQ, %NL80211_ATTR_CONTROL_PORT, 379 * %NL80211_ATTR_MAC, %NL80211_ATTR_WIPHY_FREQ, %NL80211_ATTR_CONTROL_PORT,
379 * %NL80211_ATTR_CONTROL_PORT_ETHERTYPE and 380 * %NL80211_ATTR_CONTROL_PORT_ETHERTYPE and
380 * %NL80211_ATTR_CONTROL_PORT_NO_ENCRYPT. 381 * %NL80211_ATTR_CONTROL_PORT_NO_ENCRYPT.
381 * Background scan period can optionally be 382 * Background scan period can optionally be
@@ -586,6 +587,16 @@
586 * @NL80211_CMD_SET_MCAST_RATE: Change the rate used to send multicast frames 587 * @NL80211_CMD_SET_MCAST_RATE: Change the rate used to send multicast frames
587 * for IBSS or MESH vif. 588 * for IBSS or MESH vif.
588 * 589 *
590 * @NL80211_CMD_SET_MAC_ACL: sets ACL for MAC address based access control.
591 * This is to be used with the drivers advertising the support of MAC
592 * address based access control. List of MAC addresses is passed in
593 * %NL80211_ATTR_MAC_ADDRS and ACL policy is passed in
594 * %NL80211_ATTR_ACL_POLICY. Driver will enable ACL with this list, if it
595 * is not already done. The new list will replace any existing list. Driver
596 * will clear its ACL when the list of MAC addresses passed is empty. This
597 * command is used in AP/P2P GO mode. Driver has to make sure to clear its
598 * ACL list during %NL80211_CMD_STOP_AP.
599 *
589 * @NL80211_CMD_MAX: highest used command number 600 * @NL80211_CMD_MAX: highest used command number
590 * @__NL80211_CMD_AFTER_LAST: internal use 601 * @__NL80211_CMD_AFTER_LAST: internal use
591 */ 602 */
@@ -736,6 +747,8 @@ enum nl80211_commands {
736 747
737 NL80211_CMD_SET_MCAST_RATE, 748 NL80211_CMD_SET_MCAST_RATE,
738 749
750 NL80211_CMD_SET_MAC_ACL,
751
739 /* add new commands above here */ 752 /* add new commands above here */
740 753
741 /* used to define NL80211_CMD_MAX below */ 754 /* used to define NL80211_CMD_MAX below */
@@ -958,7 +971,7 @@ enum nl80211_commands {
958 * @NL80211_ATTR_USE_MFP: Whether management frame protection (IEEE 802.11w) is 971 * @NL80211_ATTR_USE_MFP: Whether management frame protection (IEEE 802.11w) is
959 * used for the association (&enum nl80211_mfp, represented as a u32); 972 * used for the association (&enum nl80211_mfp, represented as a u32);
960 * this attribute can be used 973 * this attribute can be used
961 * with %NL80211_CMD_ASSOCIATE request 974 * with %NL80211_CMD_ASSOCIATE and %NL80211_CMD_CONNECT requests
962 * 975 *
963 * @NL80211_ATTR_STA_FLAGS2: Attribute containing a 976 * @NL80211_ATTR_STA_FLAGS2: Attribute containing a
964 * &struct nl80211_sta_flag_update. 977 * &struct nl80211_sta_flag_update.
@@ -1310,6 +1323,19 @@ enum nl80211_commands {
1310 * if not given in START_AP 0 is assumed, if not given in SET_BSS 1323 * if not given in START_AP 0 is assumed, if not given in SET_BSS
1311 * no change is made. 1324 * no change is made.
1312 * 1325 *
1326 * @NL80211_ATTR_LOCAL_MESH_POWER_MODE: local mesh STA link-specific power mode
1327 * defined in &enum nl80211_mesh_power_mode.
1328 *
1329 * @NL80211_ATTR_ACL_POLICY: ACL policy, see &enum nl80211_acl_policy,
1330 * carried in a u32 attribute
1331 *
1332 * @NL80211_ATTR_MAC_ADDRS: Array of nested MAC addresses, used for
1333 * MAC ACL.
1334 *
1335 * @NL80211_ATTR_MAC_ACL_MAX: u32 attribute to advertise the maximum
1336 * number of MAC addresses that a device can support for MAC
1337 * ACL.
1338 *
1313 * @NL80211_ATTR_MAX: highest attribute number currently defined 1339 * @NL80211_ATTR_MAX: highest attribute number currently defined
1314 * @__NL80211_ATTR_AFTER_LAST: internal use 1340 * @__NL80211_ATTR_AFTER_LAST: internal use
1315 */ 1341 */
@@ -1580,6 +1606,14 @@ enum nl80211_attrs {
1580 NL80211_ATTR_P2P_CTWINDOW, 1606 NL80211_ATTR_P2P_CTWINDOW,
1581 NL80211_ATTR_P2P_OPPPS, 1607 NL80211_ATTR_P2P_OPPPS,
1582 1608
1609 NL80211_ATTR_LOCAL_MESH_POWER_MODE,
1610
1611 NL80211_ATTR_ACL_POLICY,
1612
1613 NL80211_ATTR_MAC_ADDRS,
1614
1615 NL80211_ATTR_MAC_ACL_MAX,
1616
1583 /* add attributes here, update the policy in nl80211.c */ 1617 /* add attributes here, update the policy in nl80211.c */
1584 1618
1585 __NL80211_ATTR_AFTER_LAST, 1619 __NL80211_ATTR_AFTER_LAST,
@@ -1697,6 +1731,9 @@ enum nl80211_iftype {
1697 * flag can't be changed, it is only valid while adding a station, and 1731 * flag can't be changed, it is only valid while adding a station, and
1698 * attempts to change it will silently be ignored (rather than rejected 1732 * attempts to change it will silently be ignored (rather than rejected
1699 * as errors.) 1733 * as errors.)
1734 * @NL80211_STA_FLAG_ASSOCIATED: station is associated; used with drivers
1735 * that support %NL80211_FEATURE_FULL_AP_CLIENT_STATE to transition a
1736 * previously added station into associated state
1700 * @NL80211_STA_FLAG_MAX: highest station flag number currently defined 1737 * @NL80211_STA_FLAG_MAX: highest station flag number currently defined
1701 * @__NL80211_STA_FLAG_AFTER_LAST: internal use 1738 * @__NL80211_STA_FLAG_AFTER_LAST: internal use
1702 */ 1739 */
@@ -1708,6 +1745,7 @@ enum nl80211_sta_flags {
1708 NL80211_STA_FLAG_MFP, 1745 NL80211_STA_FLAG_MFP,
1709 NL80211_STA_FLAG_AUTHENTICATED, 1746 NL80211_STA_FLAG_AUTHENTICATED,
1710 NL80211_STA_FLAG_TDLS_PEER, 1747 NL80211_STA_FLAG_TDLS_PEER,
1748 NL80211_STA_FLAG_ASSOCIATED,
1711 1749
1712 /* keep last */ 1750 /* keep last */
1713 __NL80211_STA_FLAG_AFTER_LAST, 1751 __NL80211_STA_FLAG_AFTER_LAST,
@@ -1834,6 +1872,10 @@ enum nl80211_sta_bss_param {
1834 * @NL80211_STA_INFO_STA_FLAGS: Contains a struct nl80211_sta_flag_update. 1872 * @NL80211_STA_INFO_STA_FLAGS: Contains a struct nl80211_sta_flag_update.
1835 * @NL80211_STA_INFO_BEACON_LOSS: count of times beacon loss was detected (u32) 1873 * @NL80211_STA_INFO_BEACON_LOSS: count of times beacon loss was detected (u32)
1836 * @NL80211_STA_INFO_T_OFFSET: timing offset with respect to this STA (s64) 1874 * @NL80211_STA_INFO_T_OFFSET: timing offset with respect to this STA (s64)
1875 * @NL80211_STA_INFO_LOCAL_PM: local mesh STA link-specific power mode
1876 * @NL80211_STA_INFO_PEER_PM: peer mesh STA link-specific power mode
1877 * @NL80211_STA_INFO_NONPEER_PM: neighbor mesh STA power save mode towards
1878 * non-peer STA
1837 * @__NL80211_STA_INFO_AFTER_LAST: internal 1879 * @__NL80211_STA_INFO_AFTER_LAST: internal
1838 * @NL80211_STA_INFO_MAX: highest possible station info attribute 1880 * @NL80211_STA_INFO_MAX: highest possible station info attribute
1839 */ 1881 */
@@ -1858,6 +1900,9 @@ enum nl80211_sta_info {
1858 NL80211_STA_INFO_STA_FLAGS, 1900 NL80211_STA_INFO_STA_FLAGS,
1859 NL80211_STA_INFO_BEACON_LOSS, 1901 NL80211_STA_INFO_BEACON_LOSS,
1860 NL80211_STA_INFO_T_OFFSET, 1902 NL80211_STA_INFO_T_OFFSET,
1903 NL80211_STA_INFO_LOCAL_PM,
1904 NL80211_STA_INFO_PEER_PM,
1905 NL80211_STA_INFO_NONPEER_PM,
1861 1906
1862 /* keep last */ 1907 /* keep last */
1863 __NL80211_STA_INFO_AFTER_LAST, 1908 __NL80211_STA_INFO_AFTER_LAST,
@@ -2249,6 +2294,34 @@ enum nl80211_mntr_flags {
2249}; 2294};
2250 2295
2251/** 2296/**
2297 * enum nl80211_mesh_power_mode - mesh power save modes
2298 *
2299 * @NL80211_MESH_POWER_UNKNOWN: The mesh power mode of the mesh STA is
2300 * not known or has not been set yet.
2301 * @NL80211_MESH_POWER_ACTIVE: Active mesh power mode. The mesh STA is
2302 * in Awake state all the time.
2303 * @NL80211_MESH_POWER_LIGHT_SLEEP: Light sleep mode. The mesh STA will
2304 * alternate between Active and Doze states, but will wake up for
2305 * neighbor's beacons.
2306 * @NL80211_MESH_POWER_DEEP_SLEEP: Deep sleep mode. The mesh STA will
2307 * alternate between Active and Doze states, but may not wake up
2308 * for neighbor's beacons.
2309 *
2310 * @__NL80211_MESH_POWER_AFTER_LAST - internal use
2311 * @NL80211_MESH_POWER_MAX - highest possible power save level
2312 */
2313
2314enum nl80211_mesh_power_mode {
2315 NL80211_MESH_POWER_UNKNOWN,
2316 NL80211_MESH_POWER_ACTIVE,
2317 NL80211_MESH_POWER_LIGHT_SLEEP,
2318 NL80211_MESH_POWER_DEEP_SLEEP,
2319
2320 __NL80211_MESH_POWER_AFTER_LAST,
2321 NL80211_MESH_POWER_MAX = __NL80211_MESH_POWER_AFTER_LAST - 1
2322};
2323
2324/**
2252 * enum nl80211_meshconf_params - mesh configuration parameters 2325 * enum nl80211_meshconf_params - mesh configuration parameters
2253 * 2326 *
2254 * Mesh configuration parameters. These can be changed while the mesh is 2327 * Mesh configuration parameters. These can be changed while the mesh is
@@ -2342,6 +2415,11 @@ enum nl80211_mntr_flags {
2342 * (in TUs) during which a mesh STA can send only one Action frame 2415 * (in TUs) during which a mesh STA can send only one Action frame
2343 * containing a PREQ element for root path confirmation. 2416 * containing a PREQ element for root path confirmation.
2344 * 2417 *
2418 * @NL80211_MESHCONF_POWER_MODE: Default mesh power mode for new peer links.
2419 * type &enum nl80211_mesh_power_mode (u32)
2420 *
2421 * @NL80211_MESHCONF_AWAKE_WINDOW: awake window duration (in TUs)
2422 *
2345 * @__NL80211_MESHCONF_ATTR_AFTER_LAST: internal use 2423 * @__NL80211_MESHCONF_ATTR_AFTER_LAST: internal use
2346 */ 2424 */
2347enum nl80211_meshconf_params { 2425enum nl80211_meshconf_params {
@@ -2371,6 +2449,8 @@ enum nl80211_meshconf_params {
2371 NL80211_MESHCONF_HWMP_PATH_TO_ROOT_TIMEOUT, 2449 NL80211_MESHCONF_HWMP_PATH_TO_ROOT_TIMEOUT,
2372 NL80211_MESHCONF_HWMP_ROOT_INTERVAL, 2450 NL80211_MESHCONF_HWMP_ROOT_INTERVAL,
2373 NL80211_MESHCONF_HWMP_CONFIRMATION_INTERVAL, 2451 NL80211_MESHCONF_HWMP_CONFIRMATION_INTERVAL,
2452 NL80211_MESHCONF_POWER_MODE,
2453 NL80211_MESHCONF_AWAKE_WINDOW,
2374 2454
2375 /* keep last */ 2455 /* keep last */
2376 __NL80211_MESHCONF_ATTR_AFTER_LAST, 2456 __NL80211_MESHCONF_ATTR_AFTER_LAST,
@@ -2933,6 +3013,8 @@ enum nl80211_iface_limit_attrs {
2933 * the infrastructure network's beacon interval. 3013 * the infrastructure network's beacon interval.
2934 * @NL80211_IFACE_COMB_NUM_CHANNELS: u32 attribute specifying how many 3014 * @NL80211_IFACE_COMB_NUM_CHANNELS: u32 attribute specifying how many
2935 * different channels may be used within this group. 3015 * different channels may be used within this group.
3016 * @NL80211_IFACE_COMB_RADAR_DETECT_WIDTHS: u32 attribute containing the bitmap
3017 * of supported channel widths for radar detection.
2936 * @NUM_NL80211_IFACE_COMB: number of attributes 3018 * @NUM_NL80211_IFACE_COMB: number of attributes
2937 * @MAX_NL80211_IFACE_COMB: highest attribute number 3019 * @MAX_NL80211_IFACE_COMB: highest attribute number
2938 * 3020 *
@@ -2965,6 +3047,7 @@ enum nl80211_if_combination_attrs {
2965 NL80211_IFACE_COMB_MAXNUM, 3047 NL80211_IFACE_COMB_MAXNUM,
2966 NL80211_IFACE_COMB_STA_AP_BI_MATCH, 3048 NL80211_IFACE_COMB_STA_AP_BI_MATCH,
2967 NL80211_IFACE_COMB_NUM_CHANNELS, 3049 NL80211_IFACE_COMB_NUM_CHANNELS,
3050 NL80211_IFACE_COMB_RADAR_DETECT_WIDTHS,
2968 3051
2969 /* keep last */ 3052 /* keep last */
2970 NUM_NL80211_IFACE_COMB, 3053 NUM_NL80211_IFACE_COMB,
@@ -3140,6 +3223,17 @@ enum nl80211_ap_sme_features {
3140 * setting 3223 * setting
3141 * @NL80211_FEATURE_P2P_GO_OPPPS: P2P GO implementation supports opportunistic 3224 * @NL80211_FEATURE_P2P_GO_OPPPS: P2P GO implementation supports opportunistic
3142 * powersave 3225 * powersave
3226 * @NL80211_FEATURE_FULL_AP_CLIENT_STATE: The driver supports full state
3227 * transitions for AP clients. Without this flag (and if the driver
3228 * doesn't have the AP SME in the device) the driver supports adding
3229 * stations only when they're associated and adds them in associated
3230 * state (to later be transitioned into authorized), with this flag
3231 * they should be added before even sending the authentication reply
3232 * and then transitioned into authenticated, associated and authorized
3233 * states using station flags.
3234 * Note that even for drivers that support this, the default is to add
3235 * stations in authenticated/associated state, so to add unauthenticated
3236 * stations the authenticated/associated bits have to be set in the mask.
3143 */ 3237 */
3144enum nl80211_feature_flags { 3238enum nl80211_feature_flags {
3145 NL80211_FEATURE_SK_TX_STATUS = 1 << 0, 3239 NL80211_FEATURE_SK_TX_STATUS = 1 << 0,
@@ -3155,6 +3249,7 @@ enum nl80211_feature_flags {
3155 NL80211_FEATURE_NEED_OBSS_SCAN = 1 << 10, 3249 NL80211_FEATURE_NEED_OBSS_SCAN = 1 << 10,
3156 NL80211_FEATURE_P2P_GO_CTWIN = 1 << 11, 3250 NL80211_FEATURE_P2P_GO_CTWIN = 1 << 11,
3157 NL80211_FEATURE_P2P_GO_OPPPS = 1 << 12, 3251 NL80211_FEATURE_P2P_GO_OPPPS = 1 << 12,
3252 NL80211_FEATURE_FULL_AP_CLIENT_STATE = 1 << 13,
3158}; 3253};
3159 3254
3160/** 3255/**
@@ -3182,7 +3277,7 @@ enum nl80211_probe_resp_offload_support_attr {
3182 * enum nl80211_connect_failed_reason - connection request failed reasons 3277 * enum nl80211_connect_failed_reason - connection request failed reasons
3183 * @NL80211_CONN_FAIL_MAX_CLIENTS: Maximum number of clients that can be 3278 * @NL80211_CONN_FAIL_MAX_CLIENTS: Maximum number of clients that can be
3184 * handled by the AP is reached. 3279 * handled by the AP is reached.
3185 * @NL80211_CONN_FAIL_BLOCKED_CLIENT: Client's MAC is in the AP's blocklist. 3280 * @NL80211_CONN_FAIL_BLOCKED_CLIENT: Connection request is rejected due to ACL.
3186 */ 3281 */
3187enum nl80211_connect_failed_reason { 3282enum nl80211_connect_failed_reason {
3188 NL80211_CONN_FAIL_MAX_CLIENTS, 3283 NL80211_CONN_FAIL_MAX_CLIENTS,
@@ -3210,4 +3305,22 @@ enum nl80211_scan_flags {
3210 NL80211_SCAN_FLAG_AP = 1<<2, 3305 NL80211_SCAN_FLAG_AP = 1<<2,
3211}; 3306};
3212 3307
3308/**
3309 * enum nl80211_acl_policy - access control policy
3310 *
3311 * Access control policy is applied on a MAC list set by
3312 * %NL80211_CMD_START_AP and %NL80211_CMD_SET_MAC_ACL, to
3313 * be used with %NL80211_ATTR_ACL_POLICY.
3314 *
3315 * @NL80211_ACL_POLICY_ACCEPT_UNLESS_LISTED: Deny stations which are
3316 * listed in ACL, i.e. allow all the stations which are not listed
3317 * in ACL to authenticate.
3318 * @NL80211_ACL_POLICY_DENY_UNLESS_LISTED: Allow the stations which are listed
3319 * in ACL, i.e. deny all the stations which are not listed in ACL.
3320 */
3321enum nl80211_acl_policy {
3322 NL80211_ACL_POLICY_ACCEPT_UNLESS_LISTED,
3323 NL80211_ACL_POLICY_DENY_UNLESS_LISTED,
3324};
3325
3213#endif /* __LINUX_NL80211_H */ 3326#endif /* __LINUX_NL80211_H */
diff --git a/net/bluetooth/a2mp.c b/net/bluetooth/a2mp.c
index 2f67d5ecc907..eb0f4b16ff09 100644
--- a/net/bluetooth/a2mp.c
+++ b/net/bluetooth/a2mp.c
@@ -290,7 +290,7 @@ static int a2mp_getinfo_req(struct amp_mgr *mgr, struct sk_buff *skb,
290 goto done; 290 goto done;
291 } 291 }
292 292
293 mgr->state = READ_LOC_AMP_INFO; 293 set_bit(READ_LOC_AMP_INFO, &mgr->state);
294 hci_send_cmd(hdev, HCI_OP_READ_LOCAL_AMP_INFO, 0, NULL); 294 hci_send_cmd(hdev, HCI_OP_READ_LOCAL_AMP_INFO, 0, NULL);
295 295
296done: 296done:
@@ -499,8 +499,16 @@ send_rsp:
499 if (hdev) 499 if (hdev)
500 hci_dev_put(hdev); 500 hci_dev_put(hdev);
501 501
502 a2mp_send(mgr, A2MP_CREATEPHYSLINK_RSP, hdr->ident, sizeof(rsp), 502 /* Reply error now and success after HCI Write Remote AMP Assoc
503 &rsp); 503 command complete with success status
504 */
505 if (rsp.status != A2MP_STATUS_SUCCESS) {
506 a2mp_send(mgr, A2MP_CREATEPHYSLINK_RSP, hdr->ident,
507 sizeof(rsp), &rsp);
508 } else {
509 set_bit(WRITE_REMOTE_AMP_ASSOC, &mgr->state);
510 mgr->ident = hdr->ident;
511 }
504 512
505 skb_pull(skb, le16_to_cpu(hdr->len)); 513 skb_pull(skb, le16_to_cpu(hdr->len));
506 return 0; 514 return 0;
@@ -840,7 +848,7 @@ struct amp_mgr *amp_mgr_lookup_by_state(u8 state)
840 848
841 mutex_lock(&amp_mgr_list_lock); 849 mutex_lock(&amp_mgr_list_lock);
842 list_for_each_entry(mgr, &amp_mgr_list, list) { 850 list_for_each_entry(mgr, &amp_mgr_list, list) {
843 if (mgr->state == state) { 851 if (test_and_clear_bit(state, &mgr->state)) {
844 amp_mgr_get(mgr); 852 amp_mgr_get(mgr);
845 mutex_unlock(&amp_mgr_list_lock); 853 mutex_unlock(&amp_mgr_list_lock);
846 return mgr; 854 return mgr;
@@ -949,6 +957,32 @@ clean:
949 kfree(req); 957 kfree(req);
950} 958}
951 959
960void a2mp_send_create_phy_link_rsp(struct hci_dev *hdev, u8 status)
961{
962 struct amp_mgr *mgr;
963 struct a2mp_physlink_rsp rsp;
964 struct hci_conn *hs_hcon;
965
966 mgr = amp_mgr_lookup_by_state(WRITE_REMOTE_AMP_ASSOC);
967 if (!mgr)
968 return;
969
970 hs_hcon = hci_conn_hash_lookup_state(hdev, AMP_LINK, BT_CONNECT);
971 if (!hs_hcon) {
972 rsp.status = A2MP_STATUS_UNABLE_START_LINK_CREATION;
973 } else {
974 rsp.remote_id = hs_hcon->remote_id;
975 rsp.status = A2MP_STATUS_SUCCESS;
976 }
977
978 BT_DBG("%s mgr %p hs_hcon %p status %u", hdev->name, mgr, hs_hcon,
979 status);
980
981 rsp.local_id = hdev->id;
982 a2mp_send(mgr, A2MP_CREATEPHYSLINK_RSP, mgr->ident, sizeof(rsp), &rsp);
983 amp_mgr_put(mgr);
984}
985
952void a2mp_discover_amp(struct l2cap_chan *chan) 986void a2mp_discover_amp(struct l2cap_chan *chan)
953{ 987{
954 struct l2cap_conn *conn = chan->conn; 988 struct l2cap_conn *conn = chan->conn;
diff --git a/net/bluetooth/amp.c b/net/bluetooth/amp.c
index 1b0d92c0643a..d459ed43c779 100644
--- a/net/bluetooth/amp.c
+++ b/net/bluetooth/amp.c
@@ -236,7 +236,7 @@ void amp_read_loc_assoc(struct hci_dev *hdev, struct amp_mgr *mgr)
236 236
237 cp.max_len = cpu_to_le16(hdev->amp_assoc_size); 237 cp.max_len = cpu_to_le16(hdev->amp_assoc_size);
238 238
239 mgr->state = READ_LOC_AMP_ASSOC; 239 set_bit(READ_LOC_AMP_ASSOC, &mgr->state);
240 hci_send_cmd(hdev, HCI_OP_READ_LOCAL_AMP_ASSOC, sizeof(cp), &cp); 240 hci_send_cmd(hdev, HCI_OP_READ_LOCAL_AMP_ASSOC, sizeof(cp), &cp);
241} 241}
242 242
@@ -250,7 +250,7 @@ void amp_read_loc_assoc_final_data(struct hci_dev *hdev,
250 cp.len_so_far = cpu_to_le16(0); 250 cp.len_so_far = cpu_to_le16(0);
251 cp.max_len = cpu_to_le16(hdev->amp_assoc_size); 251 cp.max_len = cpu_to_le16(hdev->amp_assoc_size);
252 252
253 mgr->state = READ_LOC_AMP_ASSOC_FINAL; 253 set_bit(READ_LOC_AMP_ASSOC_FINAL, &mgr->state);
254 254
255 /* Read Local AMP Assoc final link information data */ 255 /* Read Local AMP Assoc final link information data */
256 hci_send_cmd(hdev, HCI_OP_READ_LOCAL_AMP_ASSOC, sizeof(cp), &cp); 256 hci_send_cmd(hdev, HCI_OP_READ_LOCAL_AMP_ASSOC, sizeof(cp), &cp);
@@ -317,7 +317,9 @@ void amp_write_rem_assoc_continue(struct hci_dev *hdev, u8 handle)
317 if (!hcon) 317 if (!hcon)
318 return; 318 return;
319 319
320 amp_write_rem_assoc_frag(hdev, hcon); 320 /* Send A2MP create phylink rsp when all fragments are written */
321 if (amp_write_rem_assoc_frag(hdev, hcon))
322 a2mp_send_create_phy_link_rsp(hdev, 0);
321} 323}
322 324
323void amp_write_remote_assoc(struct hci_dev *hdev, u8 handle) 325void amp_write_remote_assoc(struct hci_dev *hdev, u8 handle)
@@ -403,26 +405,20 @@ void amp_physical_cfm(struct hci_conn *bredr_hcon, struct hci_conn *hs_hcon)
403 405
404void amp_create_logical_link(struct l2cap_chan *chan) 406void amp_create_logical_link(struct l2cap_chan *chan)
405{ 407{
408 struct hci_conn *hs_hcon = chan->hs_hcon;
406 struct hci_cp_create_accept_logical_link cp; 409 struct hci_cp_create_accept_logical_link cp;
407 struct hci_conn *hcon;
408 struct hci_dev *hdev; 410 struct hci_dev *hdev;
409 411
410 BT_DBG("chan %p", chan); 412 BT_DBG("chan %p hs_hcon %p dst %pMR", chan, hs_hcon, chan->conn->dst);
411 413
412 if (!chan->hs_hcon) 414 if (!hs_hcon)
413 return; 415 return;
414 416
415 hdev = hci_dev_hold(chan->hs_hcon->hdev); 417 hdev = hci_dev_hold(chan->hs_hcon->hdev);
416 if (!hdev) 418 if (!hdev)
417 return; 419 return;
418 420
419 BT_DBG("chan %p dst %pMR", chan, chan->conn->dst); 421 cp.phy_handle = hs_hcon->handle;
420
421 hcon = hci_conn_hash_lookup_ba(hdev, AMP_LINK, chan->conn->dst);
422 if (!hcon)
423 goto done;
424
425 cp.phy_handle = hcon->handle;
426 422
427 cp.tx_flow_spec.id = chan->local_id; 423 cp.tx_flow_spec.id = chan->local_id;
428 cp.tx_flow_spec.stype = chan->local_stype; 424 cp.tx_flow_spec.stype = chan->local_stype;
@@ -438,14 +434,13 @@ void amp_create_logical_link(struct l2cap_chan *chan)
438 cp.rx_flow_spec.acc_lat = cpu_to_le32(chan->remote_acc_lat); 434 cp.rx_flow_spec.acc_lat = cpu_to_le32(chan->remote_acc_lat);
439 cp.rx_flow_spec.flush_to = cpu_to_le32(chan->remote_flush_to); 435 cp.rx_flow_spec.flush_to = cpu_to_le32(chan->remote_flush_to);
440 436
441 if (hcon->out) 437 if (hs_hcon->out)
442 hci_send_cmd(hdev, HCI_OP_CREATE_LOGICAL_LINK, sizeof(cp), 438 hci_send_cmd(hdev, HCI_OP_CREATE_LOGICAL_LINK, sizeof(cp),
443 &cp); 439 &cp);
444 else 440 else
445 hci_send_cmd(hdev, HCI_OP_ACCEPT_LOGICAL_LINK, sizeof(cp), 441 hci_send_cmd(hdev, HCI_OP_ACCEPT_LOGICAL_LINK, sizeof(cp),
446 &cp); 442 &cp);
447 443
448done:
449 hci_dev_put(hdev); 444 hci_dev_put(hdev);
450} 445}
451 446
diff --git a/net/bluetooth/bnep/core.c b/net/bluetooth/bnep/core.c
index a5b639702637..e430b1abcd2f 100644
--- a/net/bluetooth/bnep/core.c
+++ b/net/bluetooth/bnep/core.c
@@ -33,7 +33,6 @@
33 33
34#include <net/bluetooth/bluetooth.h> 34#include <net/bluetooth/bluetooth.h>
35#include <net/bluetooth/hci_core.h> 35#include <net/bluetooth/hci_core.h>
36#include <net/bluetooth/l2cap.h>
37 36
38#include "bnep.h" 37#include "bnep.h"
39 38
diff --git a/net/bluetooth/hci_core.c b/net/bluetooth/hci_core.c
index 596660d37c5e..d13ce99b410a 100644
--- a/net/bluetooth/hci_core.c
+++ b/net/bluetooth/hci_core.c
@@ -1146,7 +1146,8 @@ static void hci_power_on(struct work_struct *work)
1146 return; 1146 return;
1147 1147
1148 if (test_bit(HCI_AUTO_OFF, &hdev->dev_flags)) 1148 if (test_bit(HCI_AUTO_OFF, &hdev->dev_flags))
1149 schedule_delayed_work(&hdev->power_off, HCI_AUTO_OFF_TIMEOUT); 1149 queue_delayed_work(hdev->req_workqueue, &hdev->power_off,
1150 HCI_AUTO_OFF_TIMEOUT);
1150 1151
1151 if (test_and_clear_bit(HCI_SETUP, &hdev->dev_flags)) 1152 if (test_and_clear_bit(HCI_SETUP, &hdev->dev_flags))
1152 mgmt_index_added(hdev); 1153 mgmt_index_added(hdev);
@@ -1621,8 +1622,8 @@ static int hci_do_le_scan(struct hci_dev *hdev, u8 type, u16 interval,
1621 if (err < 0) 1622 if (err < 0)
1622 return err; 1623 return err;
1623 1624
1624 schedule_delayed_work(&hdev->le_scan_disable, 1625 queue_delayed_work(hdev->workqueue, &hdev->le_scan_disable,
1625 msecs_to_jiffies(timeout)); 1626 msecs_to_jiffies(timeout));
1626 1627
1627 return 0; 1628 return 0;
1628} 1629}
@@ -1799,6 +1800,15 @@ int hci_register_dev(struct hci_dev *hdev)
1799 goto err; 1800 goto err;
1800 } 1801 }
1801 1802
1803 hdev->req_workqueue = alloc_workqueue(hdev->name,
1804 WQ_HIGHPRI | WQ_UNBOUND |
1805 WQ_MEM_RECLAIM, 1);
1806 if (!hdev->req_workqueue) {
1807 destroy_workqueue(hdev->workqueue);
1808 error = -ENOMEM;
1809 goto err;
1810 }
1811
1802 error = hci_add_sysfs(hdev); 1812 error = hci_add_sysfs(hdev);
1803 if (error < 0) 1813 if (error < 0)
1804 goto err_wqueue; 1814 goto err_wqueue;
@@ -1821,12 +1831,13 @@ int hci_register_dev(struct hci_dev *hdev)
1821 hci_notify(hdev, HCI_DEV_REG); 1831 hci_notify(hdev, HCI_DEV_REG);
1822 hci_dev_hold(hdev); 1832 hci_dev_hold(hdev);
1823 1833
1824 schedule_work(&hdev->power_on); 1834 queue_work(hdev->req_workqueue, &hdev->power_on);
1825 1835
1826 return id; 1836 return id;
1827 1837
1828err_wqueue: 1838err_wqueue:
1829 destroy_workqueue(hdev->workqueue); 1839 destroy_workqueue(hdev->workqueue);
1840 destroy_workqueue(hdev->req_workqueue);
1830err: 1841err:
1831 ida_simple_remove(&hci_index_ida, hdev->id); 1842 ida_simple_remove(&hci_index_ida, hdev->id);
1832 write_lock(&hci_dev_list_lock); 1843 write_lock(&hci_dev_list_lock);
@@ -1880,6 +1891,7 @@ void hci_unregister_dev(struct hci_dev *hdev)
1880 hci_del_sysfs(hdev); 1891 hci_del_sysfs(hdev);
1881 1892
1882 destroy_workqueue(hdev->workqueue); 1893 destroy_workqueue(hdev->workqueue);
1894 destroy_workqueue(hdev->req_workqueue);
1883 1895
1884 hci_dev_lock(hdev); 1896 hci_dev_lock(hdev);
1885 hci_blacklist_clear(hdev); 1897 hci_blacklist_clear(hdev);
@@ -2810,14 +2822,6 @@ static void hci_acldata_packet(struct hci_dev *hdev, struct sk_buff *skb)
2810 if (conn) { 2822 if (conn) {
2811 hci_conn_enter_active_mode(conn, BT_POWER_FORCE_ACTIVE_OFF); 2823 hci_conn_enter_active_mode(conn, BT_POWER_FORCE_ACTIVE_OFF);
2812 2824
2813 hci_dev_lock(hdev);
2814 if (test_bit(HCI_MGMT, &hdev->dev_flags) &&
2815 !test_and_set_bit(HCI_CONN_MGMT_CONNECTED, &conn->flags))
2816 mgmt_device_connected(hdev, &conn->dst, conn->type,
2817 conn->dst_type, 0, NULL, 0,
2818 conn->dev_class);
2819 hci_dev_unlock(hdev);
2820
2821 /* Send to upper protocol */ 2825 /* Send to upper protocol */
2822 l2cap_recv_acldata(conn, skb, flags); 2826 l2cap_recv_acldata(conn, skb, flags);
2823 return; 2827 return;
diff --git a/net/bluetooth/hci_event.c b/net/bluetooth/hci_event.c
index 705078a0cc39..0a4fd642d4b9 100644
--- a/net/bluetooth/hci_event.c
+++ b/net/bluetooth/hci_event.c
@@ -609,8 +609,17 @@ static void le_setup(struct hci_dev *hdev)
609 /* Read LE Buffer Size */ 609 /* Read LE Buffer Size */
610 hci_send_cmd(hdev, HCI_OP_LE_READ_BUFFER_SIZE, 0, NULL); 610 hci_send_cmd(hdev, HCI_OP_LE_READ_BUFFER_SIZE, 0, NULL);
611 611
612 /* Read LE Local Supported Features */
613 hci_send_cmd(hdev, HCI_OP_LE_READ_LOCAL_FEATURES, 0, NULL);
614
612 /* Read LE Advertising Channel TX Power */ 615 /* Read LE Advertising Channel TX Power */
613 hci_send_cmd(hdev, HCI_OP_LE_READ_ADV_TX_POWER, 0, NULL); 616 hci_send_cmd(hdev, HCI_OP_LE_READ_ADV_TX_POWER, 0, NULL);
617
618 /* Read LE White List Size */
619 hci_send_cmd(hdev, HCI_OP_LE_READ_WHITE_LIST_SIZE, 0, NULL);
620
621 /* Read LE Supported States */
622 hci_send_cmd(hdev, HCI_OP_LE_READ_SUPPORTED_STATES, 0, NULL);
614} 623}
615 624
616static void hci_setup(struct hci_dev *hdev) 625static void hci_setup(struct hci_dev *hdev)
@@ -1090,6 +1099,19 @@ static void hci_cc_le_read_buffer_size(struct hci_dev *hdev,
1090 hci_req_complete(hdev, HCI_OP_LE_READ_BUFFER_SIZE, rp->status); 1099 hci_req_complete(hdev, HCI_OP_LE_READ_BUFFER_SIZE, rp->status);
1091} 1100}
1092 1101
1102static void hci_cc_le_read_local_features(struct hci_dev *hdev,
1103 struct sk_buff *skb)
1104{
1105 struct hci_rp_le_read_local_features *rp = (void *) skb->data;
1106
1107 BT_DBG("%s status 0x%2.2x", hdev->name, rp->status);
1108
1109 if (!rp->status)
1110 memcpy(hdev->le_features, rp->features, 8);
1111
1112 hci_req_complete(hdev, HCI_OP_LE_READ_LOCAL_FEATURES, rp->status);
1113}
1114
1093static void hci_cc_le_read_adv_tx_power(struct hci_dev *hdev, 1115static void hci_cc_le_read_adv_tx_power(struct hci_dev *hdev,
1094 struct sk_buff *skb) 1116 struct sk_buff *skb)
1095{ 1117{
@@ -1290,6 +1312,19 @@ static void hci_cc_le_set_scan_enable(struct hci_dev *hdev,
1290 } 1312 }
1291} 1313}
1292 1314
1315static void hci_cc_le_read_white_list_size(struct hci_dev *hdev,
1316 struct sk_buff *skb)
1317{
1318 struct hci_rp_le_read_white_list_size *rp = (void *) skb->data;
1319
1320 BT_DBG("%s status 0x%2.2x size %u", hdev->name, rp->status, rp->size);
1321
1322 if (!rp->status)
1323 hdev->le_white_list_size = rp->size;
1324
1325 hci_req_complete(hdev, HCI_OP_LE_READ_WHITE_LIST_SIZE, rp->status);
1326}
1327
1293static void hci_cc_le_ltk_reply(struct hci_dev *hdev, struct sk_buff *skb) 1328static void hci_cc_le_ltk_reply(struct hci_dev *hdev, struct sk_buff *skb)
1294{ 1329{
1295 struct hci_rp_le_ltk_reply *rp = (void *) skb->data; 1330 struct hci_rp_le_ltk_reply *rp = (void *) skb->data;
@@ -1314,6 +1349,19 @@ static void hci_cc_le_ltk_neg_reply(struct hci_dev *hdev, struct sk_buff *skb)
1314 hci_req_complete(hdev, HCI_OP_LE_LTK_NEG_REPLY, rp->status); 1349 hci_req_complete(hdev, HCI_OP_LE_LTK_NEG_REPLY, rp->status);
1315} 1350}
1316 1351
1352static void hci_cc_le_read_supported_states(struct hci_dev *hdev,
1353 struct sk_buff *skb)
1354{
1355 struct hci_rp_le_read_supported_states *rp = (void *) skb->data;
1356
1357 BT_DBG("%s status 0x%2.2x", hdev->name, rp->status);
1358
1359 if (!rp->status)
1360 memcpy(hdev->le_states, rp->le_states, 8);
1361
1362 hci_req_complete(hdev, HCI_OP_LE_READ_SUPPORTED_STATES, rp->status);
1363}
1364
1317static void hci_cc_write_le_host_supported(struct hci_dev *hdev, 1365static void hci_cc_write_le_host_supported(struct hci_dev *hdev,
1318 struct sk_buff *skb) 1366 struct sk_buff *skb)
1319{ 1367{
@@ -2628,6 +2676,10 @@ static void hci_cmd_complete_evt(struct hci_dev *hdev, struct sk_buff *skb)
2628 hci_cc_le_read_buffer_size(hdev, skb); 2676 hci_cc_le_read_buffer_size(hdev, skb);
2629 break; 2677 break;
2630 2678
2679 case HCI_OP_LE_READ_LOCAL_FEATURES:
2680 hci_cc_le_read_local_features(hdev, skb);
2681 break;
2682
2631 case HCI_OP_LE_READ_ADV_TX_POWER: 2683 case HCI_OP_LE_READ_ADV_TX_POWER:
2632 hci_cc_le_read_adv_tx_power(hdev, skb); 2684 hci_cc_le_read_adv_tx_power(hdev, skb);
2633 break; 2685 break;
@@ -2664,6 +2716,10 @@ static void hci_cmd_complete_evt(struct hci_dev *hdev, struct sk_buff *skb)
2664 hci_cc_le_set_scan_enable(hdev, skb); 2716 hci_cc_le_set_scan_enable(hdev, skb);
2665 break; 2717 break;
2666 2718
2719 case HCI_OP_LE_READ_WHITE_LIST_SIZE:
2720 hci_cc_le_read_white_list_size(hdev, skb);
2721 break;
2722
2667 case HCI_OP_LE_LTK_REPLY: 2723 case HCI_OP_LE_LTK_REPLY:
2668 hci_cc_le_ltk_reply(hdev, skb); 2724 hci_cc_le_ltk_reply(hdev, skb);
2669 break; 2725 break;
@@ -2672,6 +2728,10 @@ static void hci_cmd_complete_evt(struct hci_dev *hdev, struct sk_buff *skb)
2672 hci_cc_le_ltk_neg_reply(hdev, skb); 2728 hci_cc_le_ltk_neg_reply(hdev, skb);
2673 break; 2729 break;
2674 2730
2731 case HCI_OP_LE_READ_SUPPORTED_STATES:
2732 hci_cc_le_read_supported_states(hdev, skb);
2733 break;
2734
2675 case HCI_OP_WRITE_LE_HOST_SUPPORTED: 2735 case HCI_OP_WRITE_LE_HOST_SUPPORTED:
2676 hci_cc_write_le_host_supported(hdev, skb); 2736 hci_cc_write_le_host_supported(hdev, skb);
2677 break; 2737 break;
@@ -2688,7 +2748,7 @@ static void hci_cmd_complete_evt(struct hci_dev *hdev, struct sk_buff *skb)
2688 if (ev->opcode != HCI_OP_NOP) 2748 if (ev->opcode != HCI_OP_NOP)
2689 del_timer(&hdev->cmd_timer); 2749 del_timer(&hdev->cmd_timer);
2690 2750
2691 if (ev->ncmd) { 2751 if (ev->ncmd && !test_bit(HCI_RESET, &hdev->flags)) {
2692 atomic_set(&hdev->cmd_cnt, 1); 2752 atomic_set(&hdev->cmd_cnt, 1);
2693 if (!skb_queue_empty(&hdev->cmd_q)) 2753 if (!skb_queue_empty(&hdev->cmd_q))
2694 queue_work(hdev->workqueue, &hdev->cmd_work); 2754 queue_work(hdev->workqueue, &hdev->cmd_work);
diff --git a/net/bluetooth/hci_sysfs.c b/net/bluetooth/hci_sysfs.c
index 55cceee02a84..23b4e242a31a 100644
--- a/net/bluetooth/hci_sysfs.c
+++ b/net/bluetooth/hci_sysfs.c
@@ -2,6 +2,7 @@
2 2
3#include <linux/debugfs.h> 3#include <linux/debugfs.h>
4#include <linux/module.h> 4#include <linux/module.h>
5#include <asm/unaligned.h>
5 6
6#include <net/bluetooth/bluetooth.h> 7#include <net/bluetooth/bluetooth.h>
7#include <net/bluetooth/hci_core.h> 8#include <net/bluetooth/hci_core.h>
@@ -461,19 +462,18 @@ static const struct file_operations blacklist_fops = {
461 462
462static void print_bt_uuid(struct seq_file *f, u8 *uuid) 463static void print_bt_uuid(struct seq_file *f, u8 *uuid)
463{ 464{
464 __be32 data0, data4; 465 u32 data0, data5;
465 __be16 data1, data2, data3, data5; 466 u16 data1, data2, data3, data4;
466 467
467 memcpy(&data0, &uuid[0], 4); 468 data5 = get_unaligned_le32(uuid);
468 memcpy(&data1, &uuid[4], 2); 469 data4 = get_unaligned_le16(uuid + 4);
469 memcpy(&data2, &uuid[6], 2); 470 data3 = get_unaligned_le16(uuid + 6);
470 memcpy(&data3, &uuid[8], 2); 471 data2 = get_unaligned_le16(uuid + 8);
471 memcpy(&data4, &uuid[10], 4); 472 data1 = get_unaligned_le16(uuid + 10);
472 memcpy(&data5, &uuid[14], 2); 473 data0 = get_unaligned_le32(uuid + 12);
473 474
474 seq_printf(f, "%.8x-%.4x-%.4x-%.4x-%.8x%.4x\n", 475 seq_printf(f, "%.8x-%.4x-%.4x-%.4x-%.4x%.8x\n",
475 ntohl(data0), ntohs(data1), ntohs(data2), ntohs(data3), 476 data0, data1, data2, data3, data4, data5);
476 ntohl(data4), ntohs(data5));
477} 477}
478 478
479static int uuids_show(struct seq_file *f, void *p) 479static int uuids_show(struct seq_file *f, void *p)
diff --git a/net/bluetooth/hidp/core.c b/net/bluetooth/hidp/core.c
index b2bcbe2dc328..a7352ff3fd1e 100644
--- a/net/bluetooth/hidp/core.c
+++ b/net/bluetooth/hidp/core.c
@@ -931,7 +931,7 @@ static int hidp_setup_hid(struct hidp_session *session,
931 hid->version = req->version; 931 hid->version = req->version;
932 hid->country = req->country; 932 hid->country = req->country;
933 933
934 strncpy(hid->name, req->name, 128); 934 strncpy(hid->name, req->name, sizeof(req->name) - 1);
935 935
936 snprintf(hid->phys, sizeof(hid->phys), "%pMR", 936 snprintf(hid->phys, sizeof(hid->phys), "%pMR",
937 &bt_sk(session->ctrl_sock->sk)->src); 937 &bt_sk(session->ctrl_sock->sk)->src);
diff --git a/net/bluetooth/l2cap_core.c b/net/bluetooth/l2cap_core.c
index 2c78208d793e..7c7e9321f1ea 100644
--- a/net/bluetooth/l2cap_core.c
+++ b/net/bluetooth/l2cap_core.c
@@ -1527,17 +1527,12 @@ static struct l2cap_conn *l2cap_conn_add(struct hci_conn *hcon, u8 status)
1527 BT_DBG("hcon %p conn %p hchan %p", hcon, conn, hchan); 1527 BT_DBG("hcon %p conn %p hchan %p", hcon, conn, hchan);
1528 1528
1529 switch (hcon->type) { 1529 switch (hcon->type) {
1530 case AMP_LINK:
1531 conn->mtu = hcon->hdev->block_mtu;
1532 break;
1533
1534 case LE_LINK: 1530 case LE_LINK:
1535 if (hcon->hdev->le_mtu) { 1531 if (hcon->hdev->le_mtu) {
1536 conn->mtu = hcon->hdev->le_mtu; 1532 conn->mtu = hcon->hdev->le_mtu;
1537 break; 1533 break;
1538 } 1534 }
1539 /* fall through */ 1535 /* fall through */
1540
1541 default: 1536 default:
1542 conn->mtu = hcon->hdev->acl_mtu; 1537 conn->mtu = hcon->hdev->acl_mtu;
1543 break; 1538 break;
@@ -3727,6 +3722,17 @@ sendresp:
3727static int l2cap_connect_req(struct l2cap_conn *conn, 3722static int l2cap_connect_req(struct l2cap_conn *conn,
3728 struct l2cap_cmd_hdr *cmd, u8 *data) 3723 struct l2cap_cmd_hdr *cmd, u8 *data)
3729{ 3724{
3725 struct hci_dev *hdev = conn->hcon->hdev;
3726 struct hci_conn *hcon = conn->hcon;
3727
3728 hci_dev_lock(hdev);
3729 if (test_bit(HCI_MGMT, &hdev->dev_flags) &&
3730 !test_and_set_bit(HCI_CONN_MGMT_CONNECTED, &hcon->flags))
3731 mgmt_device_connected(hdev, &hcon->dst, hcon->type,
3732 hcon->dst_type, 0, NULL, 0,
3733 hcon->dev_class);
3734 hci_dev_unlock(hdev);
3735
3730 l2cap_connect(conn, cmd, data, L2CAP_CONN_RSP, 0); 3736 l2cap_connect(conn, cmd, data, L2CAP_CONN_RSP, 0);
3731 return 0; 3737 return 0;
3732} 3738}
diff --git a/net/bluetooth/mgmt.c b/net/bluetooth/mgmt.c
index f559b966279c..e7f944f52ff2 100644
--- a/net/bluetooth/mgmt.c
+++ b/net/bluetooth/mgmt.c
@@ -777,14 +777,19 @@ static int set_powered(struct sock *sk, struct hci_dev *hdev, void *data,
777 777
778 BT_DBG("request for %s", hdev->name); 778 BT_DBG("request for %s", hdev->name);
779 779
780 if (cp->val != 0x00 && cp->val != 0x01)
781 return cmd_status(sk, hdev->id, MGMT_OP_SET_POWERED,
782 MGMT_STATUS_INVALID_PARAMS);
783
780 hci_dev_lock(hdev); 784 hci_dev_lock(hdev);
781 785
782 if (test_and_clear_bit(HCI_AUTO_OFF, &hdev->dev_flags)) { 786 if (test_and_clear_bit(HCI_AUTO_OFF, &hdev->dev_flags)) {
783 cancel_delayed_work(&hdev->power_off); 787 cancel_delayed_work(&hdev->power_off);
784 788
785 if (cp->val) { 789 if (cp->val) {
786 err = send_settings_rsp(sk, MGMT_OP_SET_POWERED, hdev); 790 mgmt_pending_add(sk, MGMT_OP_SET_POWERED, hdev,
787 mgmt_powered(hdev, 1); 791 data, len);
792 err = mgmt_powered(hdev, 1);
788 goto failed; 793 goto failed;
789 } 794 }
790 } 795 }
@@ -807,9 +812,9 @@ static int set_powered(struct sock *sk, struct hci_dev *hdev, void *data,
807 } 812 }
808 813
809 if (cp->val) 814 if (cp->val)
810 schedule_work(&hdev->power_on); 815 queue_work(hdev->req_workqueue, &hdev->power_on);
811 else 816 else
812 schedule_work(&hdev->power_off.work); 817 queue_work(hdev->req_workqueue, &hdev->power_off.work);
813 818
814 err = 0; 819 err = 0;
815 820
@@ -872,6 +877,10 @@ static int set_discoverable(struct sock *sk, struct hci_dev *hdev, void *data,
872 return cmd_status(sk, hdev->id, MGMT_OP_SET_DISCOVERABLE, 877 return cmd_status(sk, hdev->id, MGMT_OP_SET_DISCOVERABLE,
873 MGMT_STATUS_NOT_SUPPORTED); 878 MGMT_STATUS_NOT_SUPPORTED);
874 879
880 if (cp->val != 0x00 && cp->val != 0x01)
881 return cmd_status(sk, hdev->id, MGMT_OP_SET_DISCOVERABLE,
882 MGMT_STATUS_INVALID_PARAMS);
883
875 timeout = __le16_to_cpu(cp->timeout); 884 timeout = __le16_to_cpu(cp->timeout);
876 if (!cp->val && timeout > 0) 885 if (!cp->val && timeout > 0)
877 return cmd_status(sk, hdev->id, MGMT_OP_SET_DISCOVERABLE, 886 return cmd_status(sk, hdev->id, MGMT_OP_SET_DISCOVERABLE,
@@ -971,6 +980,10 @@ static int set_connectable(struct sock *sk, struct hci_dev *hdev, void *data,
971 return cmd_status(sk, hdev->id, MGMT_OP_SET_CONNECTABLE, 980 return cmd_status(sk, hdev->id, MGMT_OP_SET_CONNECTABLE,
972 MGMT_STATUS_NOT_SUPPORTED); 981 MGMT_STATUS_NOT_SUPPORTED);
973 982
983 if (cp->val != 0x00 && cp->val != 0x01)
984 return cmd_status(sk, hdev->id, MGMT_OP_SET_CONNECTABLE,
985 MGMT_STATUS_INVALID_PARAMS);
986
974 hci_dev_lock(hdev); 987 hci_dev_lock(hdev);
975 988
976 if (!hdev_is_powered(hdev)) { 989 if (!hdev_is_powered(hdev)) {
@@ -1041,6 +1054,10 @@ static int set_pairable(struct sock *sk, struct hci_dev *hdev, void *data,
1041 1054
1042 BT_DBG("request for %s", hdev->name); 1055 BT_DBG("request for %s", hdev->name);
1043 1056
1057 if (cp->val != 0x00 && cp->val != 0x01)
1058 return cmd_status(sk, hdev->id, MGMT_OP_SET_PAIRABLE,
1059 MGMT_STATUS_INVALID_PARAMS);
1060
1044 hci_dev_lock(hdev); 1061 hci_dev_lock(hdev);
1045 1062
1046 if (cp->val) 1063 if (cp->val)
@@ -1073,6 +1090,10 @@ static int set_link_security(struct sock *sk, struct hci_dev *hdev, void *data,
1073 return cmd_status(sk, hdev->id, MGMT_OP_SET_LINK_SECURITY, 1090 return cmd_status(sk, hdev->id, MGMT_OP_SET_LINK_SECURITY,
1074 MGMT_STATUS_NOT_SUPPORTED); 1091 MGMT_STATUS_NOT_SUPPORTED);
1075 1092
1093 if (cp->val != 0x00 && cp->val != 0x01)
1094 return cmd_status(sk, hdev->id, MGMT_OP_SET_LINK_SECURITY,
1095 MGMT_STATUS_INVALID_PARAMS);
1096
1076 hci_dev_lock(hdev); 1097 hci_dev_lock(hdev);
1077 1098
1078 if (!hdev_is_powered(hdev)) { 1099 if (!hdev_is_powered(hdev)) {
@@ -1133,13 +1154,15 @@ static int set_ssp(struct sock *sk, struct hci_dev *hdev, void *data, u16 len)
1133 1154
1134 BT_DBG("request for %s", hdev->name); 1155 BT_DBG("request for %s", hdev->name);
1135 1156
1136 hci_dev_lock(hdev); 1157 if (!lmp_ssp_capable(hdev))
1158 return cmd_status(sk, hdev->id, MGMT_OP_SET_SSP,
1159 MGMT_STATUS_NOT_SUPPORTED);
1137 1160
1138 if (!lmp_ssp_capable(hdev)) { 1161 if (cp->val != 0x00 && cp->val != 0x01)
1139 err = cmd_status(sk, hdev->id, MGMT_OP_SET_SSP, 1162 return cmd_status(sk, hdev->id, MGMT_OP_SET_SSP,
1140 MGMT_STATUS_NOT_SUPPORTED); 1163 MGMT_STATUS_INVALID_PARAMS);
1141 goto failed; 1164
1142 } 1165 hci_dev_lock(hdev);
1143 1166
1144 val = !!cp->val; 1167 val = !!cp->val;
1145 1168
@@ -1199,6 +1222,10 @@ static int set_hs(struct sock *sk, struct hci_dev *hdev, void *data, u16 len)
1199 return cmd_status(sk, hdev->id, MGMT_OP_SET_HS, 1222 return cmd_status(sk, hdev->id, MGMT_OP_SET_HS,
1200 MGMT_STATUS_NOT_SUPPORTED); 1223 MGMT_STATUS_NOT_SUPPORTED);
1201 1224
1225 if (cp->val != 0x00 && cp->val != 0x01)
1226 return cmd_status(sk, hdev->id, MGMT_OP_SET_HS,
1227 MGMT_STATUS_INVALID_PARAMS);
1228
1202 if (cp->val) 1229 if (cp->val)
1203 set_bit(HCI_HS_ENABLED, &hdev->dev_flags); 1230 set_bit(HCI_HS_ENABLED, &hdev->dev_flags);
1204 else 1231 else
@@ -1217,13 +1244,15 @@ static int set_le(struct sock *sk, struct hci_dev *hdev, void *data, u16 len)
1217 1244
1218 BT_DBG("request for %s", hdev->name); 1245 BT_DBG("request for %s", hdev->name);
1219 1246
1220 hci_dev_lock(hdev); 1247 if (!lmp_le_capable(hdev))
1248 return cmd_status(sk, hdev->id, MGMT_OP_SET_LE,
1249 MGMT_STATUS_NOT_SUPPORTED);
1221 1250
1222 if (!lmp_le_capable(hdev)) { 1251 if (cp->val != 0x00 && cp->val != 0x01)
1223 err = cmd_status(sk, hdev->id, MGMT_OP_SET_LE, 1252 return cmd_status(sk, hdev->id, MGMT_OP_SET_LE,
1224 MGMT_STATUS_NOT_SUPPORTED); 1253 MGMT_STATUS_INVALID_PARAMS);
1225 goto unlock; 1254
1226 } 1255 hci_dev_lock(hdev);
1227 1256
1228 val = !!cp->val; 1257 val = !!cp->val;
1229 enabled = lmp_host_le_capable(hdev); 1258 enabled = lmp_host_le_capable(hdev);
@@ -1332,7 +1361,8 @@ static bool enable_service_cache(struct hci_dev *hdev)
1332 return false; 1361 return false;
1333 1362
1334 if (!test_and_set_bit(HCI_SERVICE_CACHE, &hdev->dev_flags)) { 1363 if (!test_and_set_bit(HCI_SERVICE_CACHE, &hdev->dev_flags)) {
1335 schedule_delayed_work(&hdev->service_cache, CACHE_TIMEOUT); 1364 queue_delayed_work(hdev->workqueue, &hdev->service_cache,
1365 CACHE_TIMEOUT);
1336 return true; 1366 return true;
1337 } 1367 }
1338 1368
@@ -1422,13 +1452,19 @@ static int set_dev_class(struct sock *sk, struct hci_dev *hdev, void *data,
1422 1452
1423 BT_DBG("request for %s", hdev->name); 1453 BT_DBG("request for %s", hdev->name);
1424 1454
1425 hci_dev_lock(hdev); 1455 if (!lmp_bredr_capable(hdev))
1456 return cmd_status(sk, hdev->id, MGMT_OP_SET_DEV_CLASS,
1457 MGMT_STATUS_NOT_SUPPORTED);
1426 1458
1427 if (test_bit(HCI_PENDING_CLASS, &hdev->dev_flags)) { 1459 if (test_bit(HCI_PENDING_CLASS, &hdev->dev_flags))
1428 err = cmd_status(sk, hdev->id, MGMT_OP_SET_DEV_CLASS, 1460 return cmd_status(sk, hdev->id, MGMT_OP_SET_DEV_CLASS,
1429 MGMT_STATUS_BUSY); 1461 MGMT_STATUS_BUSY);
1430 goto unlock; 1462
1431 } 1463 if ((cp->minor & 0x03) != 0 || (cp->major & 0xe0) != 0)
1464 return cmd_status(sk, hdev->id, MGMT_OP_SET_DEV_CLASS,
1465 MGMT_STATUS_INVALID_PARAMS);
1466
1467 hci_dev_lock(hdev);
1432 1468
1433 hdev->major_class = cp->major; 1469 hdev->major_class = cp->major;
1434 hdev->minor_class = cp->minor; 1470 hdev->minor_class = cp->minor;
@@ -1483,9 +1519,21 @@ static int load_link_keys(struct sock *sk, struct hci_dev *hdev, void *data,
1483 MGMT_STATUS_INVALID_PARAMS); 1519 MGMT_STATUS_INVALID_PARAMS);
1484 } 1520 }
1485 1521
1522 if (cp->debug_keys != 0x00 && cp->debug_keys != 0x01)
1523 return cmd_status(sk, hdev->id, MGMT_OP_LOAD_LINK_KEYS,
1524 MGMT_STATUS_INVALID_PARAMS);
1525
1486 BT_DBG("%s debug_keys %u key_count %u", hdev->name, cp->debug_keys, 1526 BT_DBG("%s debug_keys %u key_count %u", hdev->name, cp->debug_keys,
1487 key_count); 1527 key_count);
1488 1528
1529 for (i = 0; i < key_count; i++) {
1530 struct mgmt_link_key_info *key = &cp->keys[i];
1531
1532 if (key->addr.type != BDADDR_BREDR)
1533 return cmd_status(sk, hdev->id, MGMT_OP_LOAD_LINK_KEYS,
1534 MGMT_STATUS_INVALID_PARAMS);
1535 }
1536
1489 hci_dev_lock(hdev); 1537 hci_dev_lock(hdev);
1490 1538
1491 hci_link_keys_clear(hdev); 1539 hci_link_keys_clear(hdev);
@@ -1533,12 +1581,22 @@ static int unpair_device(struct sock *sk, struct hci_dev *hdev, void *data,
1533 struct hci_conn *conn; 1581 struct hci_conn *conn;
1534 int err; 1582 int err;
1535 1583
1536 hci_dev_lock(hdev);
1537
1538 memset(&rp, 0, sizeof(rp)); 1584 memset(&rp, 0, sizeof(rp));
1539 bacpy(&rp.addr.bdaddr, &cp->addr.bdaddr); 1585 bacpy(&rp.addr.bdaddr, &cp->addr.bdaddr);
1540 rp.addr.type = cp->addr.type; 1586 rp.addr.type = cp->addr.type;
1541 1587
1588 if (!bdaddr_type_is_valid(cp->addr.type))
1589 return cmd_complete(sk, hdev->id, MGMT_OP_UNPAIR_DEVICE,
1590 MGMT_STATUS_INVALID_PARAMS,
1591 &rp, sizeof(rp));
1592
1593 if (cp->disconnect != 0x00 && cp->disconnect != 0x01)
1594 return cmd_complete(sk, hdev->id, MGMT_OP_UNPAIR_DEVICE,
1595 MGMT_STATUS_INVALID_PARAMS,
1596 &rp, sizeof(rp));
1597
1598 hci_dev_lock(hdev);
1599
1542 if (!hdev_is_powered(hdev)) { 1600 if (!hdev_is_powered(hdev)) {
1543 err = cmd_complete(sk, hdev->id, MGMT_OP_UNPAIR_DEVICE, 1601 err = cmd_complete(sk, hdev->id, MGMT_OP_UNPAIR_DEVICE,
1544 MGMT_STATUS_NOT_POWERED, &rp, sizeof(rp)); 1602 MGMT_STATUS_NOT_POWERED, &rp, sizeof(rp));
@@ -1596,6 +1654,7 @@ static int disconnect(struct sock *sk, struct hci_dev *hdev, void *data,
1596 u16 len) 1654 u16 len)
1597{ 1655{
1598 struct mgmt_cp_disconnect *cp = data; 1656 struct mgmt_cp_disconnect *cp = data;
1657 struct mgmt_rp_disconnect rp;
1599 struct hci_cp_disconnect dc; 1658 struct hci_cp_disconnect dc;
1600 struct pending_cmd *cmd; 1659 struct pending_cmd *cmd;
1601 struct hci_conn *conn; 1660 struct hci_conn *conn;
@@ -1603,17 +1662,26 @@ static int disconnect(struct sock *sk, struct hci_dev *hdev, void *data,
1603 1662
1604 BT_DBG(""); 1663 BT_DBG("");
1605 1664
1665 memset(&rp, 0, sizeof(rp));
1666 bacpy(&rp.addr.bdaddr, &cp->addr.bdaddr);
1667 rp.addr.type = cp->addr.type;
1668
1669 if (!bdaddr_type_is_valid(cp->addr.type))
1670 return cmd_complete(sk, hdev->id, MGMT_OP_DISCONNECT,
1671 MGMT_STATUS_INVALID_PARAMS,
1672 &rp, sizeof(rp));
1673
1606 hci_dev_lock(hdev); 1674 hci_dev_lock(hdev);
1607 1675
1608 if (!test_bit(HCI_UP, &hdev->flags)) { 1676 if (!test_bit(HCI_UP, &hdev->flags)) {
1609 err = cmd_status(sk, hdev->id, MGMT_OP_DISCONNECT, 1677 err = cmd_complete(sk, hdev->id, MGMT_OP_DISCONNECT,
1610 MGMT_STATUS_NOT_POWERED); 1678 MGMT_STATUS_NOT_POWERED, &rp, sizeof(rp));
1611 goto failed; 1679 goto failed;
1612 } 1680 }
1613 1681
1614 if (mgmt_pending_find(MGMT_OP_DISCONNECT, hdev)) { 1682 if (mgmt_pending_find(MGMT_OP_DISCONNECT, hdev)) {
1615 err = cmd_status(sk, hdev->id, MGMT_OP_DISCONNECT, 1683 err = cmd_complete(sk, hdev->id, MGMT_OP_DISCONNECT,
1616 MGMT_STATUS_BUSY); 1684 MGMT_STATUS_BUSY, &rp, sizeof(rp));
1617 goto failed; 1685 goto failed;
1618 } 1686 }
1619 1687
@@ -1624,8 +1692,8 @@ static int disconnect(struct sock *sk, struct hci_dev *hdev, void *data,
1624 conn = hci_conn_hash_lookup_ba(hdev, LE_LINK, &cp->addr.bdaddr); 1692 conn = hci_conn_hash_lookup_ba(hdev, LE_LINK, &cp->addr.bdaddr);
1625 1693
1626 if (!conn || conn->state == BT_OPEN || conn->state == BT_CLOSED) { 1694 if (!conn || conn->state == BT_OPEN || conn->state == BT_CLOSED) {
1627 err = cmd_status(sk, hdev->id, MGMT_OP_DISCONNECT, 1695 err = cmd_complete(sk, hdev->id, MGMT_OP_DISCONNECT,
1628 MGMT_STATUS_NOT_CONNECTED); 1696 MGMT_STATUS_NOT_CONNECTED, &rp, sizeof(rp));
1629 goto failed; 1697 goto failed;
1630 } 1698 }
1631 1699
@@ -1903,11 +1971,20 @@ static int pair_device(struct sock *sk, struct hci_dev *hdev, void *data,
1903 1971
1904 BT_DBG(""); 1972 BT_DBG("");
1905 1973
1974 memset(&rp, 0, sizeof(rp));
1975 bacpy(&rp.addr.bdaddr, &cp->addr.bdaddr);
1976 rp.addr.type = cp->addr.type;
1977
1978 if (!bdaddr_type_is_valid(cp->addr.type))
1979 return cmd_complete(sk, hdev->id, MGMT_OP_PAIR_DEVICE,
1980 MGMT_STATUS_INVALID_PARAMS,
1981 &rp, sizeof(rp));
1982
1906 hci_dev_lock(hdev); 1983 hci_dev_lock(hdev);
1907 1984
1908 if (!hdev_is_powered(hdev)) { 1985 if (!hdev_is_powered(hdev)) {
1909 err = cmd_status(sk, hdev->id, MGMT_OP_PAIR_DEVICE, 1986 err = cmd_complete(sk, hdev->id, MGMT_OP_PAIR_DEVICE,
1910 MGMT_STATUS_NOT_POWERED); 1987 MGMT_STATUS_NOT_POWERED, &rp, sizeof(rp));
1911 goto unlock; 1988 goto unlock;
1912 } 1989 }
1913 1990
@@ -1924,10 +2001,6 @@ static int pair_device(struct sock *sk, struct hci_dev *hdev, void *data,
1924 conn = hci_connect(hdev, LE_LINK, &cp->addr.bdaddr, 2001 conn = hci_connect(hdev, LE_LINK, &cp->addr.bdaddr,
1925 cp->addr.type, sec_level, auth_type); 2002 cp->addr.type, sec_level, auth_type);
1926 2003
1927 memset(&rp, 0, sizeof(rp));
1928 bacpy(&rp.addr.bdaddr, &cp->addr.bdaddr);
1929 rp.addr.type = cp->addr.type;
1930
1931 if (IS_ERR(conn)) { 2004 if (IS_ERR(conn)) {
1932 int status; 2005 int status;
1933 2006
@@ -2254,24 +2327,16 @@ static int add_remote_oob_data(struct sock *sk, struct hci_dev *hdev,
2254 2327
2255 hci_dev_lock(hdev); 2328 hci_dev_lock(hdev);
2256 2329
2257 if (!hdev_is_powered(hdev)) {
2258 err = cmd_complete(sk, hdev->id, MGMT_OP_ADD_REMOTE_OOB_DATA,
2259 MGMT_STATUS_NOT_POWERED, &cp->addr,
2260 sizeof(cp->addr));
2261 goto unlock;
2262 }
2263
2264 err = hci_add_remote_oob_data(hdev, &cp->addr.bdaddr, cp->hash, 2330 err = hci_add_remote_oob_data(hdev, &cp->addr.bdaddr, cp->hash,
2265 cp->randomizer); 2331 cp->randomizer);
2266 if (err < 0) 2332 if (err < 0)
2267 status = MGMT_STATUS_FAILED; 2333 status = MGMT_STATUS_FAILED;
2268 else 2334 else
2269 status = 0; 2335 status = MGMT_STATUS_SUCCESS;
2270 2336
2271 err = cmd_complete(sk, hdev->id, MGMT_OP_ADD_REMOTE_OOB_DATA, status, 2337 err = cmd_complete(sk, hdev->id, MGMT_OP_ADD_REMOTE_OOB_DATA, status,
2272 &cp->addr, sizeof(cp->addr)); 2338 &cp->addr, sizeof(cp->addr));
2273 2339
2274unlock:
2275 hci_dev_unlock(hdev); 2340 hci_dev_unlock(hdev);
2276 return err; 2341 return err;
2277} 2342}
@@ -2287,24 +2352,15 @@ static int remove_remote_oob_data(struct sock *sk, struct hci_dev *hdev,
2287 2352
2288 hci_dev_lock(hdev); 2353 hci_dev_lock(hdev);
2289 2354
2290 if (!hdev_is_powered(hdev)) {
2291 err = cmd_complete(sk, hdev->id,
2292 MGMT_OP_REMOVE_REMOTE_OOB_DATA,
2293 MGMT_STATUS_NOT_POWERED, &cp->addr,
2294 sizeof(cp->addr));
2295 goto unlock;
2296 }
2297
2298 err = hci_remove_remote_oob_data(hdev, &cp->addr.bdaddr); 2355 err = hci_remove_remote_oob_data(hdev, &cp->addr.bdaddr);
2299 if (err < 0) 2356 if (err < 0)
2300 status = MGMT_STATUS_INVALID_PARAMS; 2357 status = MGMT_STATUS_INVALID_PARAMS;
2301 else 2358 else
2302 status = 0; 2359 status = MGMT_STATUS_SUCCESS;
2303 2360
2304 err = cmd_complete(sk, hdev->id, MGMT_OP_REMOVE_REMOTE_OOB_DATA, 2361 err = cmd_complete(sk, hdev->id, MGMT_OP_REMOVE_REMOTE_OOB_DATA,
2305 status, &cp->addr, sizeof(cp->addr)); 2362 status, &cp->addr, sizeof(cp->addr));
2306 2363
2307unlock:
2308 hci_dev_unlock(hdev); 2364 hci_dev_unlock(hdev);
2309 return err; 2365 return err;
2310} 2366}
@@ -2365,31 +2421,45 @@ static int start_discovery(struct sock *sk, struct hci_dev *hdev,
2365 2421
2366 switch (hdev->discovery.type) { 2422 switch (hdev->discovery.type) {
2367 case DISCOV_TYPE_BREDR: 2423 case DISCOV_TYPE_BREDR:
2368 if (lmp_bredr_capable(hdev)) 2424 if (!lmp_bredr_capable(hdev)) {
2369 err = hci_do_inquiry(hdev, INQUIRY_LEN_BREDR); 2425 err = cmd_status(sk, hdev->id, MGMT_OP_START_DISCOVERY,
2370 else 2426 MGMT_STATUS_NOT_SUPPORTED);
2371 err = -ENOTSUPP; 2427 mgmt_pending_remove(cmd);
2428 goto failed;
2429 }
2430
2431 err = hci_do_inquiry(hdev, INQUIRY_LEN_BREDR);
2372 break; 2432 break;
2373 2433
2374 case DISCOV_TYPE_LE: 2434 case DISCOV_TYPE_LE:
2375 if (lmp_host_le_capable(hdev)) 2435 if (!lmp_host_le_capable(hdev)) {
2376 err = hci_le_scan(hdev, LE_SCAN_TYPE, LE_SCAN_INT, 2436 err = cmd_status(sk, hdev->id, MGMT_OP_START_DISCOVERY,
2377 LE_SCAN_WIN, LE_SCAN_TIMEOUT_LE_ONLY); 2437 MGMT_STATUS_NOT_SUPPORTED);
2378 else 2438 mgmt_pending_remove(cmd);
2379 err = -ENOTSUPP; 2439 goto failed;
2440 }
2441
2442 err = hci_le_scan(hdev, LE_SCAN_TYPE, LE_SCAN_INT,
2443 LE_SCAN_WIN, LE_SCAN_TIMEOUT_LE_ONLY);
2380 break; 2444 break;
2381 2445
2382 case DISCOV_TYPE_INTERLEAVED: 2446 case DISCOV_TYPE_INTERLEAVED:
2383 if (lmp_host_le_capable(hdev) && lmp_bredr_capable(hdev)) 2447 if (!lmp_host_le_capable(hdev) || !lmp_bredr_capable(hdev)) {
2384 err = hci_le_scan(hdev, LE_SCAN_TYPE, LE_SCAN_INT, 2448 err = cmd_status(sk, hdev->id, MGMT_OP_START_DISCOVERY,
2385 LE_SCAN_WIN, 2449 MGMT_STATUS_NOT_SUPPORTED);
2386 LE_SCAN_TIMEOUT_BREDR_LE); 2450 mgmt_pending_remove(cmd);
2387 else 2451 goto failed;
2388 err = -ENOTSUPP; 2452 }
2453
2454 err = hci_le_scan(hdev, LE_SCAN_TYPE, LE_SCAN_INT, LE_SCAN_WIN,
2455 LE_SCAN_TIMEOUT_BREDR_LE);
2389 break; 2456 break;
2390 2457
2391 default: 2458 default:
2392 err = -EINVAL; 2459 err = cmd_status(sk, hdev->id, MGMT_OP_START_DISCOVERY,
2460 MGMT_STATUS_INVALID_PARAMS);
2461 mgmt_pending_remove(cmd);
2462 goto failed;
2393 } 2463 }
2394 2464
2395 if (err < 0) 2465 if (err < 0)
@@ -2510,7 +2580,8 @@ static int confirm_name(struct sock *sk, struct hci_dev *hdev, void *data,
2510 hci_inquiry_cache_update_resolve(hdev, e); 2580 hci_inquiry_cache_update_resolve(hdev, e);
2511 } 2581 }
2512 2582
2513 err = 0; 2583 err = cmd_complete(sk, hdev->id, MGMT_OP_CONFIRM_NAME, 0, &cp->addr,
2584 sizeof(cp->addr));
2514 2585
2515failed: 2586failed:
2516 hci_dev_unlock(hdev); 2587 hci_dev_unlock(hdev);
@@ -2526,13 +2597,18 @@ static int block_device(struct sock *sk, struct hci_dev *hdev, void *data,
2526 2597
2527 BT_DBG("%s", hdev->name); 2598 BT_DBG("%s", hdev->name);
2528 2599
2600 if (!bdaddr_type_is_valid(cp->addr.type))
2601 return cmd_complete(sk, hdev->id, MGMT_OP_BLOCK_DEVICE,
2602 MGMT_STATUS_INVALID_PARAMS,
2603 &cp->addr, sizeof(cp->addr));
2604
2529 hci_dev_lock(hdev); 2605 hci_dev_lock(hdev);
2530 2606
2531 err = hci_blacklist_add(hdev, &cp->addr.bdaddr, cp->addr.type); 2607 err = hci_blacklist_add(hdev, &cp->addr.bdaddr, cp->addr.type);
2532 if (err < 0) 2608 if (err < 0)
2533 status = MGMT_STATUS_FAILED; 2609 status = MGMT_STATUS_FAILED;
2534 else 2610 else
2535 status = 0; 2611 status = MGMT_STATUS_SUCCESS;
2536 2612
2537 err = cmd_complete(sk, hdev->id, MGMT_OP_BLOCK_DEVICE, status, 2613 err = cmd_complete(sk, hdev->id, MGMT_OP_BLOCK_DEVICE, status,
2538 &cp->addr, sizeof(cp->addr)); 2614 &cp->addr, sizeof(cp->addr));
@@ -2551,13 +2627,18 @@ static int unblock_device(struct sock *sk, struct hci_dev *hdev, void *data,
2551 2627
2552 BT_DBG("%s", hdev->name); 2628 BT_DBG("%s", hdev->name);
2553 2629
2630 if (!bdaddr_type_is_valid(cp->addr.type))
2631 return cmd_complete(sk, hdev->id, MGMT_OP_UNBLOCK_DEVICE,
2632 MGMT_STATUS_INVALID_PARAMS,
2633 &cp->addr, sizeof(cp->addr));
2634
2554 hci_dev_lock(hdev); 2635 hci_dev_lock(hdev);
2555 2636
2556 err = hci_blacklist_del(hdev, &cp->addr.bdaddr, cp->addr.type); 2637 err = hci_blacklist_del(hdev, &cp->addr.bdaddr, cp->addr.type);
2557 if (err < 0) 2638 if (err < 0)
2558 status = MGMT_STATUS_INVALID_PARAMS; 2639 status = MGMT_STATUS_INVALID_PARAMS;
2559 else 2640 else
2560 status = 0; 2641 status = MGMT_STATUS_SUCCESS;
2561 2642
2562 err = cmd_complete(sk, hdev->id, MGMT_OP_UNBLOCK_DEVICE, status, 2643 err = cmd_complete(sk, hdev->id, MGMT_OP_UNBLOCK_DEVICE, status,
2563 &cp->addr, sizeof(cp->addr)); 2644 &cp->addr, sizeof(cp->addr));
@@ -2612,6 +2693,10 @@ static int set_fast_connectable(struct sock *sk, struct hci_dev *hdev,
2612 return cmd_status(sk, hdev->id, MGMT_OP_SET_FAST_CONNECTABLE, 2693 return cmd_status(sk, hdev->id, MGMT_OP_SET_FAST_CONNECTABLE,
2613 MGMT_STATUS_NOT_SUPPORTED); 2694 MGMT_STATUS_NOT_SUPPORTED);
2614 2695
2696 if (cp->val != 0x00 && cp->val != 0x01)
2697 return cmd_status(sk, hdev->id, MGMT_OP_SET_FAST_CONNECTABLE,
2698 MGMT_STATUS_INVALID_PARAMS);
2699
2615 if (!hdev_is_powered(hdev)) 2700 if (!hdev_is_powered(hdev))
2616 return cmd_status(sk, hdev->id, MGMT_OP_SET_FAST_CONNECTABLE, 2701 return cmd_status(sk, hdev->id, MGMT_OP_SET_FAST_CONNECTABLE,
2617 MGMT_STATUS_NOT_POWERED); 2702 MGMT_STATUS_NOT_POWERED);
@@ -2659,12 +2744,23 @@ done:
2659 return err; 2744 return err;
2660} 2745}
2661 2746
2747static bool ltk_is_valid(struct mgmt_ltk_info *key)
2748{
2749 if (key->authenticated != 0x00 && key->authenticated != 0x01)
2750 return false;
2751 if (key->master != 0x00 && key->master != 0x01)
2752 return false;
2753 if (!bdaddr_type_is_le(key->addr.type))
2754 return false;
2755 return true;
2756}
2757
2662static int load_long_term_keys(struct sock *sk, struct hci_dev *hdev, 2758static int load_long_term_keys(struct sock *sk, struct hci_dev *hdev,
2663 void *cp_data, u16 len) 2759 void *cp_data, u16 len)
2664{ 2760{
2665 struct mgmt_cp_load_long_term_keys *cp = cp_data; 2761 struct mgmt_cp_load_long_term_keys *cp = cp_data;
2666 u16 key_count, expected_len; 2762 u16 key_count, expected_len;
2667 int i; 2763 int i, err;
2668 2764
2669 key_count = __le16_to_cpu(cp->key_count); 2765 key_count = __le16_to_cpu(cp->key_count);
2670 2766
@@ -2674,11 +2770,20 @@ static int load_long_term_keys(struct sock *sk, struct hci_dev *hdev,
2674 BT_ERR("load_keys: expected %u bytes, got %u bytes", 2770 BT_ERR("load_keys: expected %u bytes, got %u bytes",
2675 len, expected_len); 2771 len, expected_len);
2676 return cmd_status(sk, hdev->id, MGMT_OP_LOAD_LONG_TERM_KEYS, 2772 return cmd_status(sk, hdev->id, MGMT_OP_LOAD_LONG_TERM_KEYS,
2677 EINVAL); 2773 MGMT_STATUS_INVALID_PARAMS);
2678 } 2774 }
2679 2775
2680 BT_DBG("%s key_count %u", hdev->name, key_count); 2776 BT_DBG("%s key_count %u", hdev->name, key_count);
2681 2777
2778 for (i = 0; i < key_count; i++) {
2779 struct mgmt_ltk_info *key = &cp->keys[i];
2780
2781 if (!ltk_is_valid(key))
2782 return cmd_status(sk, hdev->id,
2783 MGMT_OP_LOAD_LONG_TERM_KEYS,
2784 MGMT_STATUS_INVALID_PARAMS);
2785 }
2786
2682 hci_dev_lock(hdev); 2787 hci_dev_lock(hdev);
2683 2788
2684 hci_smp_ltks_clear(hdev); 2789 hci_smp_ltks_clear(hdev);
@@ -2698,9 +2803,12 @@ static int load_long_term_keys(struct sock *sk, struct hci_dev *hdev,
2698 key->enc_size, key->ediv, key->rand); 2803 key->enc_size, key->ediv, key->rand);
2699 } 2804 }
2700 2805
2806 err = cmd_complete(sk, hdev->id, MGMT_OP_LOAD_LONG_TERM_KEYS, 0,
2807 NULL, 0);
2808
2701 hci_dev_unlock(hdev); 2809 hci_dev_unlock(hdev);
2702 2810
2703 return 0; 2811 return err;
2704} 2812}
2705 2813
2706static const struct mgmt_handler { 2814static const struct mgmt_handler {
@@ -2946,7 +3054,13 @@ int mgmt_powered(struct hci_dev *hdev, u8 powered)
2946 } 3054 }
2947 } else { 3055 } else {
2948 u8 status = MGMT_STATUS_NOT_POWERED; 3056 u8 status = MGMT_STATUS_NOT_POWERED;
3057 u8 zero_cod[] = { 0, 0, 0 };
3058
2949 mgmt_pending_foreach(0, hdev, cmd_status_rsp, &status); 3059 mgmt_pending_foreach(0, hdev, cmd_status_rsp, &status);
3060
3061 if (memcmp(hdev->dev_class, zero_cod, sizeof(zero_cod)) != 0)
3062 mgmt_event(MGMT_EV_CLASS_OF_DEV_CHANGED, hdev,
3063 zero_cod, sizeof(zero_cod), NULL);
2950 } 3064 }
2951 3065
2952 err = new_settings(hdev, match.sk); 3066 err = new_settings(hdev, match.sk);
diff --git a/net/bluetooth/sco.c b/net/bluetooth/sco.c
index 531a93d613d4..57f250c20e39 100644
--- a/net/bluetooth/sco.c
+++ b/net/bluetooth/sco.c
@@ -352,7 +352,7 @@ static void __sco_sock_close(struct sock *sk)
352 352
353 case BT_CONNECTED: 353 case BT_CONNECTED:
354 case BT_CONFIG: 354 case BT_CONFIG:
355 if (sco_pi(sk)->conn) { 355 if (sco_pi(sk)->conn->hcon) {
356 sk->sk_state = BT_DISCONN; 356 sk->sk_state = BT_DISCONN;
357 sco_sock_set_timer(sk, SCO_DISCONN_TIMEOUT); 357 sco_sock_set_timer(sk, SCO_DISCONN_TIMEOUT);
358 hci_conn_put(sco_pi(sk)->conn->hcon); 358 hci_conn_put(sco_pi(sk)->conn->hcon);
diff --git a/net/mac80211/agg-rx.c b/net/mac80211/agg-rx.c
index 808338a1bce5..31bf2586fb84 100644
--- a/net/mac80211/agg-rx.c
+++ b/net/mac80211/agg-rx.c
@@ -83,8 +83,8 @@ void ___ieee80211_stop_rx_ba_session(struct sta_info *sta, u16 tid,
83 if (drv_ampdu_action(local, sta->sdata, IEEE80211_AMPDU_RX_STOP, 83 if (drv_ampdu_action(local, sta->sdata, IEEE80211_AMPDU_RX_STOP,
84 &sta->sta, tid, NULL, 0)) 84 &sta->sta, tid, NULL, 0))
85 sdata_info(sta->sdata, 85 sdata_info(sta->sdata,
86 "HW problem - can not stop rx aggregation for tid %d\n", 86 "HW problem - can not stop rx aggregation for %pM tid %d\n",
87 tid); 87 sta->sta.addr, tid);
88 88
89 /* check if this is a self generated aggregation halt */ 89 /* check if this is a self generated aggregation halt */
90 if (initiator == WLAN_BACK_RECIPIENT && tx) 90 if (initiator == WLAN_BACK_RECIPIENT && tx)
@@ -159,7 +159,8 @@ static void sta_rx_agg_session_timer_expired(unsigned long data)
159 } 159 }
160 rcu_read_unlock(); 160 rcu_read_unlock();
161 161
162 ht_dbg(sta->sdata, "rx session timer expired on tid %d\n", (u16)*ptid); 162 ht_dbg(sta->sdata, "RX session timer expired on %pM tid %d\n",
163 sta->sta.addr, (u16)*ptid);
163 164
164 set_bit(*ptid, sta->ampdu_mlme.tid_rx_timer_expired); 165 set_bit(*ptid, sta->ampdu_mlme.tid_rx_timer_expired);
165 ieee80211_queue_work(&sta->local->hw, &sta->ampdu_mlme.work); 166 ieee80211_queue_work(&sta->local->hw, &sta->ampdu_mlme.work);
@@ -247,7 +248,9 @@ void ieee80211_process_addba_request(struct ieee80211_local *local,
247 status = WLAN_STATUS_REQUEST_DECLINED; 248 status = WLAN_STATUS_REQUEST_DECLINED;
248 249
249 if (test_sta_flag(sta, WLAN_STA_BLOCK_BA)) { 250 if (test_sta_flag(sta, WLAN_STA_BLOCK_BA)) {
250 ht_dbg(sta->sdata, "Suspend in progress - Denying ADDBA request\n"); 251 ht_dbg(sta->sdata,
252 "Suspend in progress - Denying ADDBA request (%pM tid %d)\n",
253 sta->sta.addr, tid);
251 goto end_no_lock; 254 goto end_no_lock;
252 } 255 }
253 256
@@ -317,7 +320,8 @@ void ieee80211_process_addba_request(struct ieee80211_local *local,
317 320
318 ret = drv_ampdu_action(local, sta->sdata, IEEE80211_AMPDU_RX_START, 321 ret = drv_ampdu_action(local, sta->sdata, IEEE80211_AMPDU_RX_START,
319 &sta->sta, tid, &start_seq_num, 0); 322 &sta->sta, tid, &start_seq_num, 0);
320 ht_dbg(sta->sdata, "Rx A-MPDU request on tid %d result %d\n", tid, ret); 323 ht_dbg(sta->sdata, "Rx A-MPDU request on %pM tid %d result %d\n",
324 sta->sta.addr, tid, ret);
321 if (ret) { 325 if (ret) {
322 kfree(tid_agg_rx->reorder_buf); 326 kfree(tid_agg_rx->reorder_buf);
323 kfree(tid_agg_rx->reorder_time); 327 kfree(tid_agg_rx->reorder_time);
diff --git a/net/mac80211/agg-tx.c b/net/mac80211/agg-tx.c
index eb9df22418f0..13b7683de5a4 100644
--- a/net/mac80211/agg-tx.c
+++ b/net/mac80211/agg-tx.c
@@ -149,16 +149,133 @@ void ieee80211_assign_tid_tx(struct sta_info *sta, int tid,
149 rcu_assign_pointer(sta->ampdu_mlme.tid_tx[tid], tid_tx); 149 rcu_assign_pointer(sta->ampdu_mlme.tid_tx[tid], tid_tx);
150} 150}
151 151
152static inline int ieee80211_ac_from_tid(int tid)
153{
154 return ieee802_1d_to_ac[tid & 7];
155}
156
157/*
158 * When multiple aggregation sessions on multiple stations
159 * are being created/destroyed simultaneously, we need to
160 * refcount the global queue stop caused by that in order
161 * to not get into a situation where one of the aggregation
162 * setup or teardown re-enables queues before the other is
163 * ready to handle that.
164 *
165 * These two functions take care of this issue by keeping
166 * a global "agg_queue_stop" refcount.
167 */
168static void __acquires(agg_queue)
169ieee80211_stop_queue_agg(struct ieee80211_sub_if_data *sdata, int tid)
170{
171 int queue = sdata->vif.hw_queue[ieee80211_ac_from_tid(tid)];
172
173 if (atomic_inc_return(&sdata->local->agg_queue_stop[queue]) == 1)
174 ieee80211_stop_queue_by_reason(
175 &sdata->local->hw, queue,
176 IEEE80211_QUEUE_STOP_REASON_AGGREGATION);
177 __acquire(agg_queue);
178}
179
180static void __releases(agg_queue)
181ieee80211_wake_queue_agg(struct ieee80211_sub_if_data *sdata, int tid)
182{
183 int queue = sdata->vif.hw_queue[ieee80211_ac_from_tid(tid)];
184
185 if (atomic_dec_return(&sdata->local->agg_queue_stop[queue]) == 0)
186 ieee80211_wake_queue_by_reason(
187 &sdata->local->hw, queue,
188 IEEE80211_QUEUE_STOP_REASON_AGGREGATION);
189 __release(agg_queue);
190}
191
192/*
193 * splice packets from the STA's pending to the local pending,
194 * requires a call to ieee80211_agg_splice_finish later
195 */
196static void __acquires(agg_queue)
197ieee80211_agg_splice_packets(struct ieee80211_sub_if_data *sdata,
198 struct tid_ampdu_tx *tid_tx, u16 tid)
199{
200 struct ieee80211_local *local = sdata->local;
201 int queue = sdata->vif.hw_queue[ieee80211_ac_from_tid(tid)];
202 unsigned long flags;
203
204 ieee80211_stop_queue_agg(sdata, tid);
205
206 if (WARN(!tid_tx,
207 "TID %d gone but expected when splicing aggregates from the pending queue\n",
208 tid))
209 return;
210
211 if (!skb_queue_empty(&tid_tx->pending)) {
212 spin_lock_irqsave(&local->queue_stop_reason_lock, flags);
213 /* copy over remaining packets */
214 skb_queue_splice_tail_init(&tid_tx->pending,
215 &local->pending[queue]);
216 spin_unlock_irqrestore(&local->queue_stop_reason_lock, flags);
217 }
218}
219
220static void __releases(agg_queue)
221ieee80211_agg_splice_finish(struct ieee80211_sub_if_data *sdata, u16 tid)
222{
223 ieee80211_wake_queue_agg(sdata, tid);
224}
225
226static void ieee80211_remove_tid_tx(struct sta_info *sta, int tid)
227{
228 struct tid_ampdu_tx *tid_tx;
229
230 lockdep_assert_held(&sta->ampdu_mlme.mtx);
231 lockdep_assert_held(&sta->lock);
232
233 tid_tx = rcu_dereference_protected_tid_tx(sta, tid);
234
235 /*
236 * When we get here, the TX path will not be lockless any more wrt.
237 * aggregation, since the OPERATIONAL bit has long been cleared.
238 * Thus it will block on getting the lock, if it occurs. So if we
239 * stop the queue now, we will not get any more packets, and any
240 * that might be being processed will wait for us here, thereby
241 * guaranteeing that no packets go to the tid_tx pending queue any
242 * more.
243 */
244
245 ieee80211_agg_splice_packets(sta->sdata, tid_tx, tid);
246
247 /* future packets must not find the tid_tx struct any more */
248 ieee80211_assign_tid_tx(sta, tid, NULL);
249
250 ieee80211_agg_splice_finish(sta->sdata, tid);
251
252 kfree_rcu(tid_tx, rcu_head);
253}
254
152int ___ieee80211_stop_tx_ba_session(struct sta_info *sta, u16 tid, 255int ___ieee80211_stop_tx_ba_session(struct sta_info *sta, u16 tid,
153 enum ieee80211_back_parties initiator, 256 enum ieee80211_agg_stop_reason reason)
154 bool tx)
155{ 257{
156 struct ieee80211_local *local = sta->local; 258 struct ieee80211_local *local = sta->local;
157 struct tid_ampdu_tx *tid_tx; 259 struct tid_ampdu_tx *tid_tx;
260 enum ieee80211_ampdu_mlme_action action;
158 int ret; 261 int ret;
159 262
160 lockdep_assert_held(&sta->ampdu_mlme.mtx); 263 lockdep_assert_held(&sta->ampdu_mlme.mtx);
161 264
265 switch (reason) {
266 case AGG_STOP_DECLINED:
267 case AGG_STOP_LOCAL_REQUEST:
268 case AGG_STOP_PEER_REQUEST:
269 action = IEEE80211_AMPDU_TX_STOP_CONT;
270 break;
271 case AGG_STOP_DESTROY_STA:
272 action = IEEE80211_AMPDU_TX_STOP_FLUSH;
273 break;
274 default:
275 WARN_ON_ONCE(1);
276 return -EINVAL;
277 }
278
162 spin_lock_bh(&sta->lock); 279 spin_lock_bh(&sta->lock);
163 280
164 tid_tx = rcu_dereference_protected_tid_tx(sta, tid); 281 tid_tx = rcu_dereference_protected_tid_tx(sta, tid);
@@ -167,10 +284,19 @@ int ___ieee80211_stop_tx_ba_session(struct sta_info *sta, u16 tid,
167 return -ENOENT; 284 return -ENOENT;
168 } 285 }
169 286
170 /* if we're already stopping ignore any new requests to stop */ 287 /*
288 * if we're already stopping ignore any new requests to stop
289 * unless we're destroying it in which case notify the driver
290 */
171 if (test_bit(HT_AGG_STATE_STOPPING, &tid_tx->state)) { 291 if (test_bit(HT_AGG_STATE_STOPPING, &tid_tx->state)) {
172 spin_unlock_bh(&sta->lock); 292 spin_unlock_bh(&sta->lock);
173 return -EALREADY; 293 if (reason != AGG_STOP_DESTROY_STA)
294 return -EALREADY;
295 ret = drv_ampdu_action(local, sta->sdata,
296 IEEE80211_AMPDU_TX_STOP_FLUSH_CONT,
297 &sta->sta, tid, NULL, 0);
298 WARN_ON_ONCE(ret);
299 return 0;
174 } 300 }
175 301
176 if (test_bit(HT_AGG_STATE_WANT_START, &tid_tx->state)) { 302 if (test_bit(HT_AGG_STATE_WANT_START, &tid_tx->state)) {
@@ -212,11 +338,12 @@ int ___ieee80211_stop_tx_ba_session(struct sta_info *sta, u16 tid,
212 */ 338 */
213 synchronize_net(); 339 synchronize_net();
214 340
215 tid_tx->stop_initiator = initiator; 341 tid_tx->stop_initiator = reason == AGG_STOP_PEER_REQUEST ?
216 tid_tx->tx_stop = tx; 342 WLAN_BACK_RECIPIENT :
343 WLAN_BACK_INITIATOR;
344 tid_tx->tx_stop = reason == AGG_STOP_LOCAL_REQUEST;
217 345
218 ret = drv_ampdu_action(local, sta->sdata, 346 ret = drv_ampdu_action(local, sta->sdata, action,
219 IEEE80211_AMPDU_TX_STOP,
220 &sta->sta, tid, NULL, 0); 347 &sta->sta, tid, NULL, 0);
221 348
222 /* HW shall not deny going back to legacy */ 349 /* HW shall not deny going back to legacy */
@@ -227,7 +354,17 @@ int ___ieee80211_stop_tx_ba_session(struct sta_info *sta, u16 tid,
227 */ 354 */
228 } 355 }
229 356
230 return ret; 357 /*
358 * In the case of AGG_STOP_DESTROY_STA, the driver won't
359 * necessarily call ieee80211_stop_tx_ba_cb(), so this may
360 * seem like we can leave the tid_tx data pending forever.
361 * This is true, in a way, but "forever" is only until the
362 * station struct is actually destroyed. In the meantime,
363 * leaving it around ensures that we don't transmit packets
364 * to the driver on this TID which might confuse it.
365 */
366
367 return 0;
231} 368}
232 369
233/* 370/*
@@ -253,91 +390,18 @@ static void sta_addba_resp_timer_expired(unsigned long data)
253 test_bit(HT_AGG_STATE_RESPONSE_RECEIVED, &tid_tx->state)) { 390 test_bit(HT_AGG_STATE_RESPONSE_RECEIVED, &tid_tx->state)) {
254 rcu_read_unlock(); 391 rcu_read_unlock();
255 ht_dbg(sta->sdata, 392 ht_dbg(sta->sdata,
256 "timer expired on tid %d but we are not (or no longer) expecting addBA response there\n", 393 "timer expired on %pM tid %d but we are not (or no longer) expecting addBA response there\n",
257 tid); 394 sta->sta.addr, tid);
258 return; 395 return;
259 } 396 }
260 397
261 ht_dbg(sta->sdata, "addBA response timer expired on tid %d\n", tid); 398 ht_dbg(sta->sdata, "addBA response timer expired on %pM tid %d\n",
399 sta->sta.addr, tid);
262 400
263 ieee80211_stop_tx_ba_session(&sta->sta, tid); 401 ieee80211_stop_tx_ba_session(&sta->sta, tid);
264 rcu_read_unlock(); 402 rcu_read_unlock();
265} 403}
266 404
267static inline int ieee80211_ac_from_tid(int tid)
268{
269 return ieee802_1d_to_ac[tid & 7];
270}
271
272/*
273 * When multiple aggregation sessions on multiple stations
274 * are being created/destroyed simultaneously, we need to
275 * refcount the global queue stop caused by that in order
276 * to not get into a situation where one of the aggregation
277 * setup or teardown re-enables queues before the other is
278 * ready to handle that.
279 *
280 * These two functions take care of this issue by keeping
281 * a global "agg_queue_stop" refcount.
282 */
283static void __acquires(agg_queue)
284ieee80211_stop_queue_agg(struct ieee80211_sub_if_data *sdata, int tid)
285{
286 int queue = sdata->vif.hw_queue[ieee80211_ac_from_tid(tid)];
287
288 if (atomic_inc_return(&sdata->local->agg_queue_stop[queue]) == 1)
289 ieee80211_stop_queue_by_reason(
290 &sdata->local->hw, queue,
291 IEEE80211_QUEUE_STOP_REASON_AGGREGATION);
292 __acquire(agg_queue);
293}
294
295static void __releases(agg_queue)
296ieee80211_wake_queue_agg(struct ieee80211_sub_if_data *sdata, int tid)
297{
298 int queue = sdata->vif.hw_queue[ieee80211_ac_from_tid(tid)];
299
300 if (atomic_dec_return(&sdata->local->agg_queue_stop[queue]) == 0)
301 ieee80211_wake_queue_by_reason(
302 &sdata->local->hw, queue,
303 IEEE80211_QUEUE_STOP_REASON_AGGREGATION);
304 __release(agg_queue);
305}
306
307/*
308 * splice packets from the STA's pending to the local pending,
309 * requires a call to ieee80211_agg_splice_finish later
310 */
311static void __acquires(agg_queue)
312ieee80211_agg_splice_packets(struct ieee80211_sub_if_data *sdata,
313 struct tid_ampdu_tx *tid_tx, u16 tid)
314{
315 struct ieee80211_local *local = sdata->local;
316 int queue = sdata->vif.hw_queue[ieee80211_ac_from_tid(tid)];
317 unsigned long flags;
318
319 ieee80211_stop_queue_agg(sdata, tid);
320
321 if (WARN(!tid_tx,
322 "TID %d gone but expected when splicing aggregates from the pending queue\n",
323 tid))
324 return;
325
326 if (!skb_queue_empty(&tid_tx->pending)) {
327 spin_lock_irqsave(&local->queue_stop_reason_lock, flags);
328 /* copy over remaining packets */
329 skb_queue_splice_tail_init(&tid_tx->pending,
330 &local->pending[queue]);
331 spin_unlock_irqrestore(&local->queue_stop_reason_lock, flags);
332 }
333}
334
335static void __releases(agg_queue)
336ieee80211_agg_splice_finish(struct ieee80211_sub_if_data *sdata, u16 tid)
337{
338 ieee80211_wake_queue_agg(sdata, tid);
339}
340
341void ieee80211_tx_ba_session_handle_start(struct sta_info *sta, int tid) 405void ieee80211_tx_ba_session_handle_start(struct sta_info *sta, int tid)
342{ 406{
343 struct tid_ampdu_tx *tid_tx; 407 struct tid_ampdu_tx *tid_tx;
@@ -369,7 +433,8 @@ void ieee80211_tx_ba_session_handle_start(struct sta_info *sta, int tid)
369 &sta->sta, tid, &start_seq_num, 0); 433 &sta->sta, tid, &start_seq_num, 0);
370 if (ret) { 434 if (ret) {
371 ht_dbg(sdata, 435 ht_dbg(sdata,
372 "BA request denied - HW unavailable for tid %d\n", tid); 436 "BA request denied - HW unavailable for %pM tid %d\n",
437 sta->sta.addr, tid);
373 spin_lock_bh(&sta->lock); 438 spin_lock_bh(&sta->lock);
374 ieee80211_agg_splice_packets(sdata, tid_tx, tid); 439 ieee80211_agg_splice_packets(sdata, tid_tx, tid);
375 ieee80211_assign_tid_tx(sta, tid, NULL); 440 ieee80211_assign_tid_tx(sta, tid, NULL);
@@ -382,7 +447,8 @@ void ieee80211_tx_ba_session_handle_start(struct sta_info *sta, int tid)
382 447
383 /* activate the timer for the recipient's addBA response */ 448 /* activate the timer for the recipient's addBA response */
384 mod_timer(&tid_tx->addba_resp_timer, jiffies + ADDBA_RESP_INTERVAL); 449 mod_timer(&tid_tx->addba_resp_timer, jiffies + ADDBA_RESP_INTERVAL);
385 ht_dbg(sdata, "activated addBA response timer on tid %d\n", tid); 450 ht_dbg(sdata, "activated addBA response timer on %pM tid %d\n",
451 sta->sta.addr, tid);
386 452
387 spin_lock_bh(&sta->lock); 453 spin_lock_bh(&sta->lock);
388 sta->ampdu_mlme.last_addba_req_time[tid] = jiffies; 454 sta->ampdu_mlme.last_addba_req_time[tid] = jiffies;
@@ -429,7 +495,8 @@ static void sta_tx_agg_session_timer_expired(unsigned long data)
429 495
430 rcu_read_unlock(); 496 rcu_read_unlock();
431 497
432 ht_dbg(sta->sdata, "tx session timer expired on tid %d\n", (u16)*ptid); 498 ht_dbg(sta->sdata, "tx session timer expired on %pM tid %d\n",
499 sta->sta.addr, (u16)*ptid);
433 500
434 ieee80211_stop_tx_ba_session(&sta->sta, *ptid); 501 ieee80211_stop_tx_ba_session(&sta->sta, *ptid);
435} 502}
@@ -465,7 +532,8 @@ int ieee80211_start_tx_ba_session(struct ieee80211_sta *pubsta, u16 tid,
465 532
466 if (test_sta_flag(sta, WLAN_STA_BLOCK_BA)) { 533 if (test_sta_flag(sta, WLAN_STA_BLOCK_BA)) {
467 ht_dbg(sdata, 534 ht_dbg(sdata,
468 "BA sessions blocked - Denying BA session request\n"); 535 "BA sessions blocked - Denying BA session request %pM tid %d\n",
536 sta->sta.addr, tid);
469 return -EINVAL; 537 return -EINVAL;
470 } 538 }
471 539
@@ -506,8 +574,8 @@ int ieee80211_start_tx_ba_session(struct ieee80211_sta *pubsta, u16 tid,
506 time_before(jiffies, sta->ampdu_mlme.last_addba_req_time[tid] + 574 time_before(jiffies, sta->ampdu_mlme.last_addba_req_time[tid] +
507 HT_AGG_RETRIES_PERIOD)) { 575 HT_AGG_RETRIES_PERIOD)) {
508 ht_dbg(sdata, 576 ht_dbg(sdata,
509 "BA request denied - waiting a grace period after %d failed requests on tid %u\n", 577 "BA request denied - waiting a grace period after %d failed requests on %pM tid %u\n",
510 sta->ampdu_mlme.addba_req_num[tid], tid); 578 sta->ampdu_mlme.addba_req_num[tid], sta->sta.addr, tid);
511 ret = -EBUSY; 579 ret = -EBUSY;
512 goto err_unlock_sta; 580 goto err_unlock_sta;
513 } 581 }
@@ -516,8 +584,8 @@ int ieee80211_start_tx_ba_session(struct ieee80211_sta *pubsta, u16 tid,
516 /* check if the TID is not in aggregation flow already */ 584 /* check if the TID is not in aggregation flow already */
517 if (tid_tx || sta->ampdu_mlme.tid_start_tx[tid]) { 585 if (tid_tx || sta->ampdu_mlme.tid_start_tx[tid]) {
518 ht_dbg(sdata, 586 ht_dbg(sdata,
519 "BA request denied - session is not idle on tid %u\n", 587 "BA request denied - session is not idle on %pM tid %u\n",
520 tid); 588 sta->sta.addr, tid);
521 ret = -EAGAIN; 589 ret = -EAGAIN;
522 goto err_unlock_sta; 590 goto err_unlock_sta;
523 } 591 }
@@ -572,7 +640,8 @@ static void ieee80211_agg_tx_operational(struct ieee80211_local *local,
572 640
573 tid_tx = rcu_dereference_protected_tid_tx(sta, tid); 641 tid_tx = rcu_dereference_protected_tid_tx(sta, tid);
574 642
575 ht_dbg(sta->sdata, "Aggregation is on for tid %d\n", tid); 643 ht_dbg(sta->sdata, "Aggregation is on for %pM tid %d\n",
644 sta->sta.addr, tid);
576 645
577 drv_ampdu_action(local, sta->sdata, 646 drv_ampdu_action(local, sta->sdata,
578 IEEE80211_AMPDU_TX_OPERATIONAL, 647 IEEE80211_AMPDU_TX_OPERATIONAL,
@@ -660,14 +729,13 @@ void ieee80211_start_tx_ba_cb_irqsafe(struct ieee80211_vif *vif,
660EXPORT_SYMBOL(ieee80211_start_tx_ba_cb_irqsafe); 729EXPORT_SYMBOL(ieee80211_start_tx_ba_cb_irqsafe);
661 730
662int __ieee80211_stop_tx_ba_session(struct sta_info *sta, u16 tid, 731int __ieee80211_stop_tx_ba_session(struct sta_info *sta, u16 tid,
663 enum ieee80211_back_parties initiator, 732 enum ieee80211_agg_stop_reason reason)
664 bool tx)
665{ 733{
666 int ret; 734 int ret;
667 735
668 mutex_lock(&sta->ampdu_mlme.mtx); 736 mutex_lock(&sta->ampdu_mlme.mtx);
669 737
670 ret = ___ieee80211_stop_tx_ba_session(sta, tid, initiator, tx); 738 ret = ___ieee80211_stop_tx_ba_session(sta, tid, reason);
671 739
672 mutex_unlock(&sta->ampdu_mlme.mtx); 740 mutex_unlock(&sta->ampdu_mlme.mtx);
673 741
@@ -743,7 +811,9 @@ void ieee80211_stop_tx_ba_cb(struct ieee80211_vif *vif, u8 *ra, u8 tid)
743 tid_tx = rcu_dereference_protected_tid_tx(sta, tid); 811 tid_tx = rcu_dereference_protected_tid_tx(sta, tid);
744 812
745 if (!tid_tx || !test_bit(HT_AGG_STATE_STOPPING, &tid_tx->state)) { 813 if (!tid_tx || !test_bit(HT_AGG_STATE_STOPPING, &tid_tx->state)) {
746 ht_dbg(sdata, "unexpected callback to A-MPDU stop\n"); 814 ht_dbg(sdata,
815 "unexpected callback to A-MPDU stop for %pM tid %d\n",
816 sta->sta.addr, tid);
747 goto unlock_sta; 817 goto unlock_sta;
748 } 818 }
749 819
@@ -751,24 +821,7 @@ void ieee80211_stop_tx_ba_cb(struct ieee80211_vif *vif, u8 *ra, u8 tid)
751 ieee80211_send_delba(sta->sdata, ra, tid, 821 ieee80211_send_delba(sta->sdata, ra, tid,
752 WLAN_BACK_INITIATOR, WLAN_REASON_QSTA_NOT_USE); 822 WLAN_BACK_INITIATOR, WLAN_REASON_QSTA_NOT_USE);
753 823
754 /* 824 ieee80211_remove_tid_tx(sta, tid);
755 * When we get here, the TX path will not be lockless any more wrt.
756 * aggregation, since the OPERATIONAL bit has long been cleared.
757 * Thus it will block on getting the lock, if it occurs. So if we
758 * stop the queue now, we will not get any more packets, and any
759 * that might be being processed will wait for us here, thereby
760 * guaranteeing that no packets go to the tid_tx pending queue any
761 * more.
762 */
763
764 ieee80211_agg_splice_packets(sta->sdata, tid_tx, tid);
765
766 /* future packets must not find the tid_tx struct any more */
767 ieee80211_assign_tid_tx(sta, tid, NULL);
768
769 ieee80211_agg_splice_finish(sta->sdata, tid);
770
771 kfree_rcu(tid_tx, rcu_head);
772 825
773 unlock_sta: 826 unlock_sta:
774 spin_unlock_bh(&sta->lock); 827 spin_unlock_bh(&sta->lock);
@@ -819,13 +872,15 @@ void ieee80211_process_addba_resp(struct ieee80211_local *local,
819 goto out; 872 goto out;
820 873
821 if (mgmt->u.action.u.addba_resp.dialog_token != tid_tx->dialog_token) { 874 if (mgmt->u.action.u.addba_resp.dialog_token != tid_tx->dialog_token) {
822 ht_dbg(sta->sdata, "wrong addBA response token, tid %d\n", tid); 875 ht_dbg(sta->sdata, "wrong addBA response token, %pM tid %d\n",
876 sta->sta.addr, tid);
823 goto out; 877 goto out;
824 } 878 }
825 879
826 del_timer_sync(&tid_tx->addba_resp_timer); 880 del_timer_sync(&tid_tx->addba_resp_timer);
827 881
828 ht_dbg(sta->sdata, "switched off addBA timer for tid %d\n", tid); 882 ht_dbg(sta->sdata, "switched off addBA timer for %pM tid %d\n",
883 sta->sta.addr, tid);
829 884
830 /* 885 /*
831 * addba_resp_timer may have fired before we got here, and 886 * addba_resp_timer may have fired before we got here, and
@@ -835,8 +890,8 @@ void ieee80211_process_addba_resp(struct ieee80211_local *local,
835 if (test_bit(HT_AGG_STATE_WANT_STOP, &tid_tx->state) || 890 if (test_bit(HT_AGG_STATE_WANT_STOP, &tid_tx->state) ||
836 test_bit(HT_AGG_STATE_STOPPING, &tid_tx->state)) { 891 test_bit(HT_AGG_STATE_STOPPING, &tid_tx->state)) {
837 ht_dbg(sta->sdata, 892 ht_dbg(sta->sdata,
838 "got addBA resp for tid %d but we already gave up\n", 893 "got addBA resp for %pM tid %d but we already gave up\n",
839 tid); 894 sta->sta.addr, tid);
840 goto out; 895 goto out;
841 } 896 }
842 897
@@ -868,8 +923,7 @@ void ieee80211_process_addba_resp(struct ieee80211_local *local,
868 } 923 }
869 924
870 } else { 925 } else {
871 ___ieee80211_stop_tx_ba_session(sta, tid, WLAN_BACK_INITIATOR, 926 ___ieee80211_stop_tx_ba_session(sta, tid, AGG_STOP_DECLINED);
872 false);
873 } 927 }
874 928
875 out: 929 out:
diff --git a/net/mac80211/cfg.c b/net/mac80211/cfg.c
index 5c61677487cf..661b878bd19c 100644
--- a/net/mac80211/cfg.c
+++ b/net/mac80211/cfg.c
@@ -164,7 +164,17 @@ static int ieee80211_add_key(struct wiphy *wiphy, struct net_device *dev,
164 sta = sta_info_get(sdata, mac_addr); 164 sta = sta_info_get(sdata, mac_addr);
165 else 165 else
166 sta = sta_info_get_bss(sdata, mac_addr); 166 sta = sta_info_get_bss(sdata, mac_addr);
167 if (!sta) { 167 /*
168 * The ASSOC test makes sure the driver is ready to
169 * receive the key. When wpa_supplicant has roamed
170 * using FT, it attempts to set the key before
171 * association has completed, this rejects that attempt
172 * so it will set the key again after assocation.
173 *
174 * TODO: accept the key if we have a station entry and
175 * add it to the device after the station.
176 */
177 if (!sta || !test_sta_flag(sta, WLAN_STA_ASSOC)) {
168 ieee80211_key_free(sdata->local, key); 178 ieee80211_key_free(sdata->local, key);
169 err = -ENOENT; 179 err = -ENOENT;
170 goto out_unlock; 180 goto out_unlock;
@@ -510,6 +520,7 @@ static void sta_set_sinfo(struct sta_info *sta, struct station_info *sinfo)
510 BIT(NL80211_STA_FLAG_WME) | 520 BIT(NL80211_STA_FLAG_WME) |
511 BIT(NL80211_STA_FLAG_MFP) | 521 BIT(NL80211_STA_FLAG_MFP) |
512 BIT(NL80211_STA_FLAG_AUTHENTICATED) | 522 BIT(NL80211_STA_FLAG_AUTHENTICATED) |
523 BIT(NL80211_STA_FLAG_ASSOCIATED) |
513 BIT(NL80211_STA_FLAG_TDLS_PEER); 524 BIT(NL80211_STA_FLAG_TDLS_PEER);
514 if (test_sta_flag(sta, WLAN_STA_AUTHORIZED)) 525 if (test_sta_flag(sta, WLAN_STA_AUTHORIZED))
515 sinfo->sta_flags.set |= BIT(NL80211_STA_FLAG_AUTHORIZED); 526 sinfo->sta_flags.set |= BIT(NL80211_STA_FLAG_AUTHORIZED);
@@ -521,6 +532,8 @@ static void sta_set_sinfo(struct sta_info *sta, struct station_info *sinfo)
521 sinfo->sta_flags.set |= BIT(NL80211_STA_FLAG_MFP); 532 sinfo->sta_flags.set |= BIT(NL80211_STA_FLAG_MFP);
522 if (test_sta_flag(sta, WLAN_STA_AUTH)) 533 if (test_sta_flag(sta, WLAN_STA_AUTH))
523 sinfo->sta_flags.set |= BIT(NL80211_STA_FLAG_AUTHENTICATED); 534 sinfo->sta_flags.set |= BIT(NL80211_STA_FLAG_AUTHENTICATED);
535 if (test_sta_flag(sta, WLAN_STA_ASSOC))
536 sinfo->sta_flags.set |= BIT(NL80211_STA_FLAG_ASSOCIATED);
524 if (test_sta_flag(sta, WLAN_STA_TDLS_PEER)) 537 if (test_sta_flag(sta, WLAN_STA_TDLS_PEER))
525 sinfo->sta_flags.set |= BIT(NL80211_STA_FLAG_TDLS_PEER); 538 sinfo->sta_flags.set |= BIT(NL80211_STA_FLAG_TDLS_PEER);
526} 539}
@@ -930,6 +943,7 @@ static int ieee80211_start_ap(struct wiphy *wiphy, struct net_device *dev,
930 943
931 sdata->vif.bss_conf.beacon_int = params->beacon_interval; 944 sdata->vif.bss_conf.beacon_int = params->beacon_interval;
932 sdata->vif.bss_conf.dtim_period = params->dtim_period; 945 sdata->vif.bss_conf.dtim_period = params->dtim_period;
946 sdata->vif.bss_conf.enable_beacon = true;
933 947
934 sdata->vif.bss_conf.ssid_len = params->ssid_len; 948 sdata->vif.bss_conf.ssid_len = params->ssid_len;
935 if (params->ssid_len) 949 if (params->ssid_len)
@@ -1009,7 +1023,16 @@ static int ieee80211_stop_ap(struct wiphy *wiphy, struct net_device *dev)
1009 if (old_probe_resp) 1023 if (old_probe_resp)
1010 kfree_rcu(old_probe_resp, rcu_head); 1024 kfree_rcu(old_probe_resp, rcu_head);
1011 1025
1012 sta_info_flush(local, sdata); 1026 list_for_each_entry(vlan, &sdata->u.ap.vlans, u.vlan.list)
1027 sta_info_flush_defer(vlan);
1028 sta_info_flush_defer(sdata);
1029 rcu_barrier();
1030 list_for_each_entry(vlan, &sdata->u.ap.vlans, u.vlan.list)
1031 sta_info_flush_cleanup(vlan);
1032 sta_info_flush_cleanup(sdata);
1033
1034 sdata->vif.bss_conf.enable_beacon = false;
1035 clear_bit(SDATA_STATE_OFFCHANNEL_BEACON_STOPPED, &sdata->state);
1013 ieee80211_bss_info_change_notify(sdata, BSS_CHANGED_BEACON_ENABLED); 1036 ieee80211_bss_info_change_notify(sdata, BSS_CHANGED_BEACON_ENABLED);
1014 1037
1015 drv_stop_ap(sdata->local, sdata); 1038 drv_stop_ap(sdata->local, sdata);
@@ -1067,6 +1090,58 @@ static void ieee80211_send_layer2_update(struct sta_info *sta)
1067 netif_rx_ni(skb); 1090 netif_rx_ni(skb);
1068} 1091}
1069 1092
1093static int sta_apply_auth_flags(struct ieee80211_local *local,
1094 struct sta_info *sta,
1095 u32 mask, u32 set)
1096{
1097 int ret;
1098
1099 if (mask & BIT(NL80211_STA_FLAG_AUTHENTICATED) &&
1100 set & BIT(NL80211_STA_FLAG_AUTHENTICATED) &&
1101 !test_sta_flag(sta, WLAN_STA_AUTH)) {
1102 ret = sta_info_move_state(sta, IEEE80211_STA_AUTH);
1103 if (ret)
1104 return ret;
1105 }
1106
1107 if (mask & BIT(NL80211_STA_FLAG_ASSOCIATED) &&
1108 set & BIT(NL80211_STA_FLAG_ASSOCIATED) &&
1109 !test_sta_flag(sta, WLAN_STA_ASSOC)) {
1110 ret = sta_info_move_state(sta, IEEE80211_STA_ASSOC);
1111 if (ret)
1112 return ret;
1113 }
1114
1115 if (mask & BIT(NL80211_STA_FLAG_AUTHORIZED)) {
1116 if (set & BIT(NL80211_STA_FLAG_AUTHORIZED))
1117 ret = sta_info_move_state(sta, IEEE80211_STA_AUTHORIZED);
1118 else if (test_sta_flag(sta, WLAN_STA_AUTHORIZED))
1119 ret = sta_info_move_state(sta, IEEE80211_STA_ASSOC);
1120 else
1121 ret = 0;
1122 if (ret)
1123 return ret;
1124 }
1125
1126 if (mask & BIT(NL80211_STA_FLAG_ASSOCIATED) &&
1127 !(set & BIT(NL80211_STA_FLAG_ASSOCIATED)) &&
1128 test_sta_flag(sta, WLAN_STA_ASSOC)) {
1129 ret = sta_info_move_state(sta, IEEE80211_STA_AUTH);
1130 if (ret)
1131 return ret;
1132 }
1133
1134 if (mask & BIT(NL80211_STA_FLAG_AUTHENTICATED) &&
1135 !(set & BIT(NL80211_STA_FLAG_AUTHENTICATED)) &&
1136 test_sta_flag(sta, WLAN_STA_AUTH)) {
1137 ret = sta_info_move_state(sta, IEEE80211_STA_NONE);
1138 if (ret)
1139 return ret;
1140 }
1141
1142 return 0;
1143}
1144
1070static int sta_apply_parameters(struct ieee80211_local *local, 1145static int sta_apply_parameters(struct ieee80211_local *local,
1071 struct sta_info *sta, 1146 struct sta_info *sta,
1072 struct station_parameters *params) 1147 struct station_parameters *params)
@@ -1084,52 +1159,20 @@ static int sta_apply_parameters(struct ieee80211_local *local,
1084 mask = params->sta_flags_mask; 1159 mask = params->sta_flags_mask;
1085 set = params->sta_flags_set; 1160 set = params->sta_flags_set;
1086 1161
1087 /* 1162 if (ieee80211_vif_is_mesh(&sdata->vif)) {
1088 * In mesh mode, we can clear AUTHENTICATED flag but must 1163 /*
1089 * also make ASSOCIATED follow appropriately for the driver 1164 * In mesh mode, ASSOCIATED isn't part of the nl80211
1090 * API. See also below, after AUTHORIZED changes. 1165 * API but must follow AUTHENTICATED for driver state.
1091 */ 1166 */
1092 if (mask & BIT(NL80211_STA_FLAG_AUTHENTICATED)) { 1167 if (mask & BIT(NL80211_STA_FLAG_AUTHENTICATED))
1093 /* cfg80211 should not allow this in non-mesh modes */ 1168 mask |= BIT(NL80211_STA_FLAG_ASSOCIATED);
1094 if (WARN_ON(!ieee80211_vif_is_mesh(&sdata->vif))) 1169 if (set & BIT(NL80211_STA_FLAG_AUTHENTICATED))
1095 return -EINVAL; 1170 set |= BIT(NL80211_STA_FLAG_ASSOCIATED);
1096
1097 if (set & BIT(NL80211_STA_FLAG_AUTHENTICATED) &&
1098 !test_sta_flag(sta, WLAN_STA_AUTH)) {
1099 ret = sta_info_move_state(sta, IEEE80211_STA_AUTH);
1100 if (ret)
1101 return ret;
1102 ret = sta_info_move_state(sta, IEEE80211_STA_ASSOC);
1103 if (ret)
1104 return ret;
1105 }
1106 }
1107
1108 if (mask & BIT(NL80211_STA_FLAG_AUTHORIZED)) {
1109 if (set & BIT(NL80211_STA_FLAG_AUTHORIZED))
1110 ret = sta_info_move_state(sta, IEEE80211_STA_AUTHORIZED);
1111 else if (test_sta_flag(sta, WLAN_STA_AUTHORIZED))
1112 ret = sta_info_move_state(sta, IEEE80211_STA_ASSOC);
1113 if (ret)
1114 return ret;
1115 }
1116
1117 if (mask & BIT(NL80211_STA_FLAG_AUTHENTICATED)) {
1118 /* cfg80211 should not allow this in non-mesh modes */
1119 if (WARN_ON(!ieee80211_vif_is_mesh(&sdata->vif)))
1120 return -EINVAL;
1121
1122 if (!(set & BIT(NL80211_STA_FLAG_AUTHENTICATED)) &&
1123 test_sta_flag(sta, WLAN_STA_AUTH)) {
1124 ret = sta_info_move_state(sta, IEEE80211_STA_AUTH);
1125 if (ret)
1126 return ret;
1127 ret = sta_info_move_state(sta, IEEE80211_STA_NONE);
1128 if (ret)
1129 return ret;
1130 }
1131 } 1171 }
1132 1172
1173 ret = sta_apply_auth_flags(local, sta, mask, set);
1174 if (ret)
1175 return ret;
1133 1176
1134 if (mask & BIT(NL80211_STA_FLAG_SHORT_PREAMBLE)) { 1177 if (mask & BIT(NL80211_STA_FLAG_SHORT_PREAMBLE)) {
1135 if (set & BIT(NL80211_STA_FLAG_SHORT_PREAMBLE)) 1178 if (set & BIT(NL80211_STA_FLAG_SHORT_PREAMBLE))
@@ -1175,10 +1218,11 @@ static int sta_apply_parameters(struct ieee80211_local *local,
1175 sta->sta.aid = params->aid; 1218 sta->sta.aid = params->aid;
1176 1219
1177 /* 1220 /*
1178 * FIXME: updating the following information is racy when this 1221 * Some of the following updates would be racy if called on an
1179 * function is called from ieee80211_change_station(). 1222 * existing station, via ieee80211_change_station(). However,
1180 * However, all this information should be static so 1223 * all such changes are rejected by cfg80211 except for updates
1181 * maybe we should just reject attemps to change it. 1224 * changing the supported rates on an existing but not yet used
1225 * TDLS peer.
1182 */ 1226 */
1183 1227
1184 if (params->listen_interval >= 0) 1228 if (params->listen_interval >= 0)
@@ -1209,18 +1253,33 @@ static int sta_apply_parameters(struct ieee80211_local *local,
1209 1253
1210 if (ieee80211_vif_is_mesh(&sdata->vif)) { 1254 if (ieee80211_vif_is_mesh(&sdata->vif)) {
1211#ifdef CONFIG_MAC80211_MESH 1255#ifdef CONFIG_MAC80211_MESH
1212 if (sdata->u.mesh.security & IEEE80211_MESH_SEC_SECURED) 1256 if (sdata->u.mesh.security & IEEE80211_MESH_SEC_SECURED) {
1257 u32 changed = 0;
1258
1213 switch (params->plink_state) { 1259 switch (params->plink_state) {
1214 case NL80211_PLINK_LISTEN:
1215 case NL80211_PLINK_ESTAB: 1260 case NL80211_PLINK_ESTAB:
1261 if (sta->plink_state != NL80211_PLINK_ESTAB)
1262 changed = mesh_plink_inc_estab_count(
1263 sdata);
1264 sta->plink_state = params->plink_state;
1265 break;
1266 case NL80211_PLINK_LISTEN:
1216 case NL80211_PLINK_BLOCKED: 1267 case NL80211_PLINK_BLOCKED:
1268 case NL80211_PLINK_OPN_SNT:
1269 case NL80211_PLINK_OPN_RCVD:
1270 case NL80211_PLINK_CNF_RCVD:
1271 case NL80211_PLINK_HOLDING:
1272 if (sta->plink_state == NL80211_PLINK_ESTAB)
1273 changed = mesh_plink_dec_estab_count(
1274 sdata);
1217 sta->plink_state = params->plink_state; 1275 sta->plink_state = params->plink_state;
1218 break; 1276 break;
1219 default: 1277 default:
1220 /* nothing */ 1278 /* nothing */
1221 break; 1279 break;
1222 } 1280 }
1223 else 1281 ieee80211_bss_info_change_notify(sdata, changed);
1282 } else {
1224 switch (params->plink_action) { 1283 switch (params->plink_action) {
1225 case PLINK_ACTION_OPEN: 1284 case PLINK_ACTION_OPEN:
1226 mesh_plink_open(sta); 1285 mesh_plink_open(sta);
@@ -1229,6 +1288,7 @@ static int sta_apply_parameters(struct ieee80211_local *local,
1229 mesh_plink_block(sta); 1288 mesh_plink_block(sta);
1230 break; 1289 break;
1231 } 1290 }
1291 }
1232#endif 1292#endif
1233 } 1293 }
1234 1294
@@ -1263,6 +1323,10 @@ static int ieee80211_add_station(struct wiphy *wiphy, struct net_device *dev,
1263 if (!sta) 1323 if (!sta)
1264 return -ENOMEM; 1324 return -ENOMEM;
1265 1325
1326 /*
1327 * defaults -- if userspace wants something else we'll
1328 * change it accordingly in sta_apply_parameters()
1329 */
1266 sta_info_pre_move_state(sta, IEEE80211_STA_AUTH); 1330 sta_info_pre_move_state(sta, IEEE80211_STA_AUTH);
1267 sta_info_pre_move_state(sta, IEEE80211_STA_ASSOC); 1331 sta_info_pre_move_state(sta, IEEE80211_STA_ASSOC);
1268 1332
@@ -1299,7 +1363,6 @@ static int ieee80211_add_station(struct wiphy *wiphy, struct net_device *dev,
1299static int ieee80211_del_station(struct wiphy *wiphy, struct net_device *dev, 1363static int ieee80211_del_station(struct wiphy *wiphy, struct net_device *dev,
1300 u8 *mac) 1364 u8 *mac)
1301{ 1365{
1302 struct ieee80211_local *local = wiphy_priv(wiphy);
1303 struct ieee80211_sub_if_data *sdata; 1366 struct ieee80211_sub_if_data *sdata;
1304 1367
1305 sdata = IEEE80211_DEV_TO_SUB_IF(dev); 1368 sdata = IEEE80211_DEV_TO_SUB_IF(dev);
@@ -1307,7 +1370,7 @@ static int ieee80211_del_station(struct wiphy *wiphy, struct net_device *dev,
1307 if (mac) 1370 if (mac)
1308 return sta_info_destroy_addr_bss(sdata, mac); 1371 return sta_info_destroy_addr_bss(sdata, mac);
1309 1372
1310 sta_info_flush(local, sdata); 1373 sta_info_flush(sdata);
1311 return 0; 1374 return 0;
1312} 1375}
1313 1376
@@ -1613,6 +1676,9 @@ static int copy_mesh_setup(struct ieee80211_if_mesh *ifmsh,
1613 memcpy(sdata->vif.bss_conf.mcast_rate, setup->mcast_rate, 1676 memcpy(sdata->vif.bss_conf.mcast_rate, setup->mcast_rate,
1614 sizeof(setup->mcast_rate)); 1677 sizeof(setup->mcast_rate));
1615 1678
1679 sdata->vif.bss_conf.beacon_int = setup->beacon_interval;
1680 sdata->vif.bss_conf.dtim_period = setup->dtim_period;
1681
1616 return 0; 1682 return 0;
1617} 1683}
1618 1684
@@ -2195,7 +2261,8 @@ static int ieee80211_set_power_mgmt(struct wiphy *wiphy, struct net_device *dev,
2195 struct ieee80211_sub_if_data *sdata = IEEE80211_DEV_TO_SUB_IF(dev); 2261 struct ieee80211_sub_if_data *sdata = IEEE80211_DEV_TO_SUB_IF(dev);
2196 struct ieee80211_local *local = wdev_priv(dev->ieee80211_ptr); 2262 struct ieee80211_local *local = wdev_priv(dev->ieee80211_ptr);
2197 2263
2198 if (sdata->vif.type != NL80211_IFTYPE_STATION) 2264 if (sdata->vif.type != NL80211_IFTYPE_STATION &&
2265 sdata->vif.type != NL80211_IFTYPE_MESH_POINT)
2199 return -EOPNOTSUPP; 2266 return -EOPNOTSUPP;
2200 2267
2201 if (!(local->hw.flags & IEEE80211_HW_SUPPORTS_PS)) 2268 if (!(local->hw.flags & IEEE80211_HW_SUPPORTS_PS))
diff --git a/net/mac80211/chan.c b/net/mac80211/chan.c
index 53f03120db55..1bfe0a8b19d2 100644
--- a/net/mac80211/chan.c
+++ b/net/mac80211/chan.c
@@ -4,6 +4,7 @@
4 4
5#include <linux/nl80211.h> 5#include <linux/nl80211.h>
6#include <linux/export.h> 6#include <linux/export.h>
7#include <linux/rtnetlink.h>
7#include <net/cfg80211.h> 8#include <net/cfg80211.h>
8#include "ieee80211_i.h" 9#include "ieee80211_i.h"
9#include "driver-ops.h" 10#include "driver-ops.h"
@@ -197,6 +198,15 @@ static void __ieee80211_vif_release_channel(struct ieee80211_sub_if_data *sdata)
197 198
198 ctx = container_of(conf, struct ieee80211_chanctx, conf); 199 ctx = container_of(conf, struct ieee80211_chanctx, conf);
199 200
201 if (sdata->vif.type == NL80211_IFTYPE_AP) {
202 struct ieee80211_sub_if_data *vlan;
203
204 /* for the VLAN list */
205 ASSERT_RTNL();
206 list_for_each_entry(vlan, &sdata->u.ap.vlans, u.vlan.list)
207 rcu_assign_pointer(vlan->vif.chanctx_conf, NULL);
208 }
209
200 ieee80211_unassign_vif_chanctx(sdata, ctx); 210 ieee80211_unassign_vif_chanctx(sdata, ctx);
201 if (ctx->refcount == 0) 211 if (ctx->refcount == 0)
202 ieee80211_free_chanctx(local, ctx); 212 ieee80211_free_chanctx(local, ctx);
@@ -316,6 +326,15 @@ int ieee80211_vif_use_channel(struct ieee80211_sub_if_data *sdata,
316 goto out; 326 goto out;
317 } 327 }
318 328
329 if (sdata->vif.type == NL80211_IFTYPE_AP) {
330 struct ieee80211_sub_if_data *vlan;
331
332 /* for the VLAN list */
333 ASSERT_RTNL();
334 list_for_each_entry(vlan, &sdata->u.ap.vlans, u.vlan.list)
335 rcu_assign_pointer(vlan->vif.chanctx_conf, &ctx->conf);
336 }
337
319 ieee80211_recalc_smps_chanctx(local, ctx); 338 ieee80211_recalc_smps_chanctx(local, ctx);
320 out: 339 out:
321 mutex_unlock(&local->chanctx_mtx); 340 mutex_unlock(&local->chanctx_mtx);
@@ -331,6 +350,25 @@ void ieee80211_vif_release_channel(struct ieee80211_sub_if_data *sdata)
331 mutex_unlock(&sdata->local->chanctx_mtx); 350 mutex_unlock(&sdata->local->chanctx_mtx);
332} 351}
333 352
353void ieee80211_vif_vlan_copy_chanctx(struct ieee80211_sub_if_data *sdata)
354{
355 struct ieee80211_local *local = sdata->local;
356 struct ieee80211_sub_if_data *ap;
357 struct ieee80211_chanctx_conf *conf;
358
359 if (WARN_ON(sdata->vif.type != NL80211_IFTYPE_AP_VLAN || !sdata->bss))
360 return;
361
362 ap = container_of(sdata->bss, struct ieee80211_sub_if_data, u.ap);
363
364 mutex_lock(&local->chanctx_mtx);
365
366 conf = rcu_dereference_protected(ap->vif.chanctx_conf,
367 lockdep_is_held(&local->chanctx_mtx));
368 rcu_assign_pointer(sdata->vif.chanctx_conf, conf);
369 mutex_unlock(&local->chanctx_mtx);
370}
371
334void ieee80211_iter_chan_contexts_atomic( 372void ieee80211_iter_chan_contexts_atomic(
335 struct ieee80211_hw *hw, 373 struct ieee80211_hw *hw,
336 void (*iter)(struct ieee80211_hw *hw, 374 void (*iter)(struct ieee80211_hw *hw,
@@ -343,7 +381,8 @@ void ieee80211_iter_chan_contexts_atomic(
343 381
344 rcu_read_lock(); 382 rcu_read_lock();
345 list_for_each_entry_rcu(ctx, &local->chanctx_list, list) 383 list_for_each_entry_rcu(ctx, &local->chanctx_list, list)
346 iter(hw, &ctx->conf, iter_data); 384 if (ctx->driver_present)
385 iter(hw, &ctx->conf, iter_data);
347 rcu_read_unlock(); 386 rcu_read_unlock();
348} 387}
349EXPORT_SYMBOL_GPL(ieee80211_iter_chan_contexts_atomic); 388EXPORT_SYMBOL_GPL(ieee80211_iter_chan_contexts_atomic);
diff --git a/net/mac80211/driver-ops.h b/net/mac80211/driver-ops.h
index 698dc7e6f309..434b3c4f31b5 100644
--- a/net/mac80211/driver-ops.h
+++ b/net/mac80211/driver-ops.h
@@ -207,6 +207,14 @@ static inline void drv_bss_info_changed(struct ieee80211_local *local,
207{ 207{
208 might_sleep(); 208 might_sleep();
209 209
210 WARN_ON_ONCE(changed & (BSS_CHANGED_BEACON |
211 BSS_CHANGED_BEACON_ENABLED) &&
212 sdata->vif.type != NL80211_IFTYPE_AP &&
213 sdata->vif.type != NL80211_IFTYPE_ADHOC &&
214 sdata->vif.type != NL80211_IFTYPE_MESH_POINT);
215 WARN_ON_ONCE(sdata->vif.type == NL80211_IFTYPE_P2P_DEVICE &&
216 changed & ~BSS_CHANGED_IDLE);
217
210 check_sdata_in_driver(sdata); 218 check_sdata_in_driver(sdata);
211 219
212 trace_drv_bss_info_changed(local, sdata, info, changed); 220 trace_drv_bss_info_changed(local, sdata, info, changed);
@@ -561,7 +569,8 @@ static inline void drv_sta_rc_update(struct ieee80211_local *local,
561 check_sdata_in_driver(sdata); 569 check_sdata_in_driver(sdata);
562 570
563 WARN_ON(changed & IEEE80211_RC_SUPP_RATES_CHANGED && 571 WARN_ON(changed & IEEE80211_RC_SUPP_RATES_CHANGED &&
564 sdata->vif.type != NL80211_IFTYPE_ADHOC); 572 (sdata->vif.type != NL80211_IFTYPE_ADHOC &&
573 sdata->vif.type != NL80211_IFTYPE_MESH_POINT));
565 574
566 trace_drv_sta_rc_update(local, sdata, sta, changed); 575 trace_drv_sta_rc_update(local, sdata, sta, changed);
567 if (local->ops->sta_rc_update) 576 if (local->ops->sta_rc_update)
@@ -837,11 +846,12 @@ static inline void drv_set_rekey_data(struct ieee80211_local *local,
837} 846}
838 847
839static inline void drv_rssi_callback(struct ieee80211_local *local, 848static inline void drv_rssi_callback(struct ieee80211_local *local,
849 struct ieee80211_sub_if_data *sdata,
840 const enum ieee80211_rssi_event event) 850 const enum ieee80211_rssi_event event)
841{ 851{
842 trace_drv_rssi_callback(local, event); 852 trace_drv_rssi_callback(local, sdata, event);
843 if (local->ops->rssi_callback) 853 if (local->ops->rssi_callback)
844 local->ops->rssi_callback(&local->hw, event); 854 local->ops->rssi_callback(&local->hw, &sdata->vif, event);
845 trace_drv_return_void(local); 855 trace_drv_return_void(local);
846} 856}
847 857
@@ -913,6 +923,8 @@ static inline int drv_add_chanctx(struct ieee80211_local *local,
913 if (local->ops->add_chanctx) 923 if (local->ops->add_chanctx)
914 ret = local->ops->add_chanctx(&local->hw, &ctx->conf); 924 ret = local->ops->add_chanctx(&local->hw, &ctx->conf);
915 trace_drv_return_int(local, ret); 925 trace_drv_return_int(local, ret);
926 if (!ret)
927 ctx->driver_present = true;
916 928
917 return ret; 929 return ret;
918} 930}
@@ -924,6 +936,7 @@ static inline void drv_remove_chanctx(struct ieee80211_local *local,
924 if (local->ops->remove_chanctx) 936 if (local->ops->remove_chanctx)
925 local->ops->remove_chanctx(&local->hw, &ctx->conf); 937 local->ops->remove_chanctx(&local->hw, &ctx->conf);
926 trace_drv_return_void(local); 938 trace_drv_return_void(local);
939 ctx->driver_present = false;
927} 940}
928 941
929static inline void drv_change_chanctx(struct ieee80211_local *local, 942static inline void drv_change_chanctx(struct ieee80211_local *local,
@@ -931,8 +944,10 @@ static inline void drv_change_chanctx(struct ieee80211_local *local,
931 u32 changed) 944 u32 changed)
932{ 945{
933 trace_drv_change_chanctx(local, ctx, changed); 946 trace_drv_change_chanctx(local, ctx, changed);
934 if (local->ops->change_chanctx) 947 if (local->ops->change_chanctx) {
948 WARN_ON_ONCE(!ctx->driver_present);
935 local->ops->change_chanctx(&local->hw, &ctx->conf, changed); 949 local->ops->change_chanctx(&local->hw, &ctx->conf, changed);
950 }
936 trace_drv_return_void(local); 951 trace_drv_return_void(local);
937} 952}
938 953
@@ -945,10 +960,12 @@ static inline int drv_assign_vif_chanctx(struct ieee80211_local *local,
945 check_sdata_in_driver(sdata); 960 check_sdata_in_driver(sdata);
946 961
947 trace_drv_assign_vif_chanctx(local, sdata, ctx); 962 trace_drv_assign_vif_chanctx(local, sdata, ctx);
948 if (local->ops->assign_vif_chanctx) 963 if (local->ops->assign_vif_chanctx) {
964 WARN_ON_ONCE(!ctx->driver_present);
949 ret = local->ops->assign_vif_chanctx(&local->hw, 965 ret = local->ops->assign_vif_chanctx(&local->hw,
950 &sdata->vif, 966 &sdata->vif,
951 &ctx->conf); 967 &ctx->conf);
968 }
952 trace_drv_return_int(local, ret); 969 trace_drv_return_int(local, ret);
953 970
954 return ret; 971 return ret;
@@ -961,10 +978,12 @@ static inline void drv_unassign_vif_chanctx(struct ieee80211_local *local,
961 check_sdata_in_driver(sdata); 978 check_sdata_in_driver(sdata);
962 979
963 trace_drv_unassign_vif_chanctx(local, sdata, ctx); 980 trace_drv_unassign_vif_chanctx(local, sdata, ctx);
964 if (local->ops->unassign_vif_chanctx) 981 if (local->ops->unassign_vif_chanctx) {
982 WARN_ON_ONCE(!ctx->driver_present);
965 local->ops->unassign_vif_chanctx(&local->hw, 983 local->ops->unassign_vif_chanctx(&local->hw,
966 &sdata->vif, 984 &sdata->vif,
967 &ctx->conf); 985 &ctx->conf);
986 }
968 trace_drv_return_void(local); 987 trace_drv_return_void(local);
969} 988}
970 989
@@ -1003,4 +1022,32 @@ static inline void drv_restart_complete(struct ieee80211_local *local)
1003 trace_drv_return_void(local); 1022 trace_drv_return_void(local);
1004} 1023}
1005 1024
1025static inline void
1026drv_set_default_unicast_key(struct ieee80211_local *local,
1027 struct ieee80211_sub_if_data *sdata,
1028 int key_idx)
1029{
1030 check_sdata_in_driver(sdata);
1031
1032 WARN_ON_ONCE(key_idx < -1 || key_idx > 3);
1033
1034 trace_drv_set_default_unicast_key(local, sdata, key_idx);
1035 if (local->ops->set_default_unicast_key)
1036 local->ops->set_default_unicast_key(&local->hw, &sdata->vif,
1037 key_idx);
1038 trace_drv_return_void(local);
1039}
1040
1041#if IS_ENABLED(CONFIG_IPV6)
1042static inline void drv_ipv6_addr_change(struct ieee80211_local *local,
1043 struct ieee80211_sub_if_data *sdata,
1044 struct inet6_dev *idev)
1045{
1046 trace_drv_ipv6_addr_change(local, sdata);
1047 if (local->ops->ipv6_addr_change)
1048 local->ops->ipv6_addr_change(&local->hw, &sdata->vif, idev);
1049 trace_drv_return_void(local);
1050}
1051#endif
1052
1006#endif /* __MAC80211_DRIVER_OPS */ 1053#endif /* __MAC80211_DRIVER_OPS */
diff --git a/net/mac80211/ht.c b/net/mac80211/ht.c
index a71d891794a4..61ac7c48ac0c 100644
--- a/net/mac80211/ht.c
+++ b/net/mac80211/ht.c
@@ -62,6 +62,9 @@ void ieee80211_apply_htcap_overrides(struct ieee80211_sub_if_data *sdata,
62 __check_htcap_disable(sdata, ht_cap, IEEE80211_HT_CAP_SUP_WIDTH_20_40); 62 __check_htcap_disable(sdata, ht_cap, IEEE80211_HT_CAP_SUP_WIDTH_20_40);
63 __check_htcap_disable(sdata, ht_cap, IEEE80211_HT_CAP_SGI_40); 63 __check_htcap_disable(sdata, ht_cap, IEEE80211_HT_CAP_SGI_40);
64 64
65 /* Allow user to disable SGI-20 (SGI-40 is handled above) */
66 __check_htcap_disable(sdata, ht_cap, IEEE80211_HT_CAP_SGI_20);
67
65 /* Allow user to disable the max-AMSDU bit. */ 68 /* Allow user to disable the max-AMSDU bit. */
66 __check_htcap_disable(sdata, ht_cap, IEEE80211_HT_CAP_MAX_AMSDU); 69 __check_htcap_disable(sdata, ht_cap, IEEE80211_HT_CAP_MAX_AMSDU);
67 70
@@ -117,6 +120,21 @@ void ieee80211_ht_cap_ie_to_sta_ht_cap(struct ieee80211_sub_if_data *sdata,
117 IEEE80211_HT_CAP_SGI_20 | 120 IEEE80211_HT_CAP_SGI_20 |
118 IEEE80211_HT_CAP_SGI_40 | 121 IEEE80211_HT_CAP_SGI_40 |
119 IEEE80211_HT_CAP_DSSSCCK40)); 122 IEEE80211_HT_CAP_DSSSCCK40));
123
124 /* Unset 40 MHz if we're not using a 40 MHz channel */
125 switch (sdata->vif.bss_conf.chandef.width) {
126 case NL80211_CHAN_WIDTH_20_NOHT:
127 case NL80211_CHAN_WIDTH_20:
128 ht_cap->cap &= ~IEEE80211_HT_CAP_SGI_40;
129 ht_cap->cap &= ~IEEE80211_HT_CAP_SUP_WIDTH_20_40;
130 break;
131 case NL80211_CHAN_WIDTH_40:
132 case NL80211_CHAN_WIDTH_80:
133 case NL80211_CHAN_WIDTH_80P80:
134 case NL80211_CHAN_WIDTH_160:
135 break;
136 }
137
120 /* 138 /*
121 * The STBC bits are asymmetric -- if we don't have 139 * The STBC bits are asymmetric -- if we don't have
122 * TX then mask out the peer's RX and vice versa. 140 * TX then mask out the peer's RX and vice versa.
@@ -179,16 +197,19 @@ void ieee80211_ht_cap_ie_to_sta_ht_cap(struct ieee80211_sub_if_data *sdata,
179 ieee80211_apply_htcap_overrides(sdata, ht_cap); 197 ieee80211_apply_htcap_overrides(sdata, ht_cap);
180} 198}
181 199
182void ieee80211_sta_tear_down_BA_sessions(struct sta_info *sta, bool tx) 200void ieee80211_sta_tear_down_BA_sessions(struct sta_info *sta,
201 enum ieee80211_agg_stop_reason reason)
183{ 202{
184 int i; 203 int i;
185 204
186 cancel_work_sync(&sta->ampdu_mlme.work); 205 cancel_work_sync(&sta->ampdu_mlme.work);
187 206
188 for (i = 0; i < IEEE80211_NUM_TIDS; i++) { 207 for (i = 0; i < IEEE80211_NUM_TIDS; i++) {
189 __ieee80211_stop_tx_ba_session(sta, i, WLAN_BACK_INITIATOR, tx); 208 __ieee80211_stop_tx_ba_session(sta, i, reason);
190 __ieee80211_stop_rx_ba_session(sta, i, WLAN_BACK_RECIPIENT, 209 __ieee80211_stop_rx_ba_session(sta, i, WLAN_BACK_RECIPIENT,
191 WLAN_REASON_QSTA_LEAVE_QBSS, tx); 210 WLAN_REASON_QSTA_LEAVE_QBSS,
211 reason != AGG_STOP_DESTROY_STA &&
212 reason != AGG_STOP_PEER_REQUEST);
192 } 213 }
193} 214}
194 215
@@ -245,8 +266,7 @@ void ieee80211_ba_session_work(struct work_struct *work)
245 if (tid_tx && test_and_clear_bit(HT_AGG_STATE_WANT_STOP, 266 if (tid_tx && test_and_clear_bit(HT_AGG_STATE_WANT_STOP,
246 &tid_tx->state)) 267 &tid_tx->state))
247 ___ieee80211_stop_tx_ba_session(sta, tid, 268 ___ieee80211_stop_tx_ba_session(sta, tid,
248 WLAN_BACK_INITIATOR, 269 AGG_STOP_LOCAL_REQUEST);
249 true);
250 } 270 }
251 mutex_unlock(&sta->ampdu_mlme.mtx); 271 mutex_unlock(&sta->ampdu_mlme.mtx);
252} 272}
@@ -314,8 +334,7 @@ void ieee80211_process_delba(struct ieee80211_sub_if_data *sdata,
314 __ieee80211_stop_rx_ba_session(sta, tid, WLAN_BACK_INITIATOR, 0, 334 __ieee80211_stop_rx_ba_session(sta, tid, WLAN_BACK_INITIATOR, 0,
315 true); 335 true);
316 else 336 else
317 __ieee80211_stop_tx_ba_session(sta, tid, WLAN_BACK_RECIPIENT, 337 __ieee80211_stop_tx_ba_session(sta, tid, AGG_STOP_PEER_REQUEST);
318 true);
319} 338}
320 339
321int ieee80211_send_smps_action(struct ieee80211_sub_if_data *sdata, 340int ieee80211_send_smps_action(struct ieee80211_sub_if_data *sdata,
diff --git a/net/mac80211/ibss.c b/net/mac80211/ibss.c
index 8881fc77fb13..b4b866f41919 100644
--- a/net/mac80211/ibss.c
+++ b/net/mac80211/ibss.c
@@ -67,7 +67,7 @@ static void __ieee80211_sta_join_ibss(struct ieee80211_sub_if_data *sdata,
67 skb_reserve(skb, sdata->local->hw.extra_tx_headroom); 67 skb_reserve(skb, sdata->local->hw.extra_tx_headroom);
68 68
69 if (!ether_addr_equal(ifibss->bssid, bssid)) 69 if (!ether_addr_equal(ifibss->bssid, bssid))
70 sta_info_flush(sdata->local, sdata); 70 sta_info_flush(sdata);
71 71
72 /* if merging, indicate to driver that we leave the old IBSS */ 72 /* if merging, indicate to driver that we leave the old IBSS */
73 if (sdata->vif.bss_conf.ibss_joined) { 73 if (sdata->vif.bss_conf.ibss_joined) {
@@ -191,6 +191,7 @@ static void __ieee80211_sta_join_ibss(struct ieee80211_sub_if_data *sdata,
191 191
192 rcu_assign_pointer(ifibss->presp, skb); 192 rcu_assign_pointer(ifibss->presp, skb);
193 193
194 sdata->vif.bss_conf.enable_beacon = true;
194 sdata->vif.bss_conf.beacon_int = beacon_int; 195 sdata->vif.bss_conf.beacon_int = beacon_int;
195 sdata->vif.bss_conf.basic_rates = basic_rates; 196 sdata->vif.bss_conf.basic_rates = basic_rates;
196 bss_change = BSS_CHANGED_BEACON_INT; 197 bss_change = BSS_CHANGED_BEACON_INT;
@@ -425,11 +426,9 @@ static void ieee80211_rx_mgmt_auth_ibss(struct ieee80211_sub_if_data *sdata,
425} 426}
426 427
427static void ieee80211_rx_bss_info(struct ieee80211_sub_if_data *sdata, 428static void ieee80211_rx_bss_info(struct ieee80211_sub_if_data *sdata,
428 struct ieee80211_mgmt *mgmt, 429 struct ieee80211_mgmt *mgmt, size_t len,
429 size_t len,
430 struct ieee80211_rx_status *rx_status, 430 struct ieee80211_rx_status *rx_status,
431 struct ieee802_11_elems *elems, 431 struct ieee802_11_elems *elems)
432 bool beacon)
433{ 432{
434 struct ieee80211_local *local = sdata->local; 433 struct ieee80211_local *local = sdata->local;
435 int freq; 434 int freq;
@@ -530,7 +529,7 @@ static void ieee80211_rx_bss_info(struct ieee80211_sub_if_data *sdata,
530 } 529 }
531 530
532 bss = ieee80211_bss_info_update(local, rx_status, mgmt, len, elems, 531 bss = ieee80211_bss_info_update(local, rx_status, mgmt, len, elems,
533 channel, beacon); 532 channel);
534 if (!bss) 533 if (!bss)
535 return; 534 return;
536 535
@@ -703,8 +702,8 @@ static void ieee80211_sta_merge_ibss(struct ieee80211_sub_if_data *sdata)
703 sdata_info(sdata, 702 sdata_info(sdata,
704 "No active IBSS STAs - trying to scan for other IBSS networks with same SSID (merge)\n"); 703 "No active IBSS STAs - trying to scan for other IBSS networks with same SSID (merge)\n");
705 704
706 ieee80211_request_internal_scan(sdata, 705 ieee80211_request_ibss_scan(sdata, ifibss->ssid, ifibss->ssid_len,
707 ifibss->ssid, ifibss->ssid_len, NULL); 706 NULL);
708} 707}
709 708
710static void ieee80211_sta_create_ibss(struct ieee80211_sub_if_data *sdata) 709static void ieee80211_sta_create_ibss(struct ieee80211_sub_if_data *sdata)
@@ -802,9 +801,8 @@ static void ieee80211_sta_find_ibss(struct ieee80211_sub_if_data *sdata)
802 IEEE80211_SCAN_INTERVAL)) { 801 IEEE80211_SCAN_INTERVAL)) {
803 sdata_info(sdata, "Trigger new scan to find an IBSS to join\n"); 802 sdata_info(sdata, "Trigger new scan to find an IBSS to join\n");
804 803
805 ieee80211_request_internal_scan(sdata, 804 ieee80211_request_ibss_scan(sdata, ifibss->ssid,
806 ifibss->ssid, ifibss->ssid_len, 805 ifibss->ssid_len, chan);
807 ifibss->fixed_channel ? ifibss->channel : NULL);
808 } else { 806 } else {
809 int interval = IEEE80211_SCAN_INTERVAL; 807 int interval = IEEE80211_SCAN_INTERVAL;
810 808
@@ -878,14 +876,21 @@ static void ieee80211_rx_mgmt_probe_req(struct ieee80211_sub_if_data *sdata,
878 ieee80211_tx_skb(sdata, skb); 876 ieee80211_tx_skb(sdata, skb);
879} 877}
880 878
881static void ieee80211_rx_mgmt_probe_resp(struct ieee80211_sub_if_data *sdata, 879static
882 struct ieee80211_mgmt *mgmt, 880void ieee80211_rx_mgmt_probe_beacon(struct ieee80211_sub_if_data *sdata,
883 size_t len, 881 struct ieee80211_mgmt *mgmt, size_t len,
884 struct ieee80211_rx_status *rx_status) 882 struct ieee80211_rx_status *rx_status)
885{ 883{
886 size_t baselen; 884 size_t baselen;
887 struct ieee802_11_elems elems; 885 struct ieee802_11_elems elems;
888 886
887 BUILD_BUG_ON(offsetof(typeof(mgmt->u.probe_resp), variable) !=
888 offsetof(typeof(mgmt->u.beacon), variable));
889
890 /*
891 * either beacon or probe_resp but the variable field is at the
892 * same offset
893 */
889 baselen = (u8 *) mgmt->u.probe_resp.variable - (u8 *) mgmt; 894 baselen = (u8 *) mgmt->u.probe_resp.variable - (u8 *) mgmt;
890 if (baselen > len) 895 if (baselen > len)
891 return; 896 return;
@@ -893,25 +898,7 @@ static void ieee80211_rx_mgmt_probe_resp(struct ieee80211_sub_if_data *sdata,
893 ieee802_11_parse_elems(mgmt->u.probe_resp.variable, len - baselen, 898 ieee802_11_parse_elems(mgmt->u.probe_resp.variable, len - baselen,
894 &elems); 899 &elems);
895 900
896 ieee80211_rx_bss_info(sdata, mgmt, len, rx_status, &elems, false); 901 ieee80211_rx_bss_info(sdata, mgmt, len, rx_status, &elems);
897}
898
899static void ieee80211_rx_mgmt_beacon(struct ieee80211_sub_if_data *sdata,
900 struct ieee80211_mgmt *mgmt,
901 size_t len,
902 struct ieee80211_rx_status *rx_status)
903{
904 size_t baselen;
905 struct ieee802_11_elems elems;
906
907 /* Process beacon from the current BSS */
908 baselen = (u8 *) mgmt->u.beacon.variable - (u8 *) mgmt;
909 if (baselen > len)
910 return;
911
912 ieee802_11_parse_elems(mgmt->u.beacon.variable, len - baselen, &elems);
913
914 ieee80211_rx_bss_info(sdata, mgmt, len, rx_status, &elems, true);
915} 902}
916 903
917void ieee80211_ibss_rx_queued_mgmt(struct ieee80211_sub_if_data *sdata, 904void ieee80211_ibss_rx_queued_mgmt(struct ieee80211_sub_if_data *sdata,
@@ -935,12 +922,9 @@ void ieee80211_ibss_rx_queued_mgmt(struct ieee80211_sub_if_data *sdata,
935 ieee80211_rx_mgmt_probe_req(sdata, skb); 922 ieee80211_rx_mgmt_probe_req(sdata, skb);
936 break; 923 break;
937 case IEEE80211_STYPE_PROBE_RESP: 924 case IEEE80211_STYPE_PROBE_RESP:
938 ieee80211_rx_mgmt_probe_resp(sdata, mgmt, skb->len,
939 rx_status);
940 break;
941 case IEEE80211_STYPE_BEACON: 925 case IEEE80211_STYPE_BEACON:
942 ieee80211_rx_mgmt_beacon(sdata, mgmt, skb->len, 926 ieee80211_rx_mgmt_probe_beacon(sdata, mgmt, skb->len,
943 rx_status); 927 rx_status);
944 break; 928 break;
945 case IEEE80211_STYPE_AUTH: 929 case IEEE80211_STYPE_AUTH:
946 ieee80211_rx_mgmt_auth_ibss(sdata, mgmt, skb->len); 930 ieee80211_rx_mgmt_auth_ibss(sdata, mgmt, skb->len);
@@ -1183,7 +1167,7 @@ int ieee80211_ibss_leave(struct ieee80211_sub_if_data *sdata)
1183 memset(ifibss->bssid, 0, ETH_ALEN); 1167 memset(ifibss->bssid, 0, ETH_ALEN);
1184 ifibss->ssid_len = 0; 1168 ifibss->ssid_len = 0;
1185 1169
1186 sta_info_flush(sdata->local, sdata); 1170 sta_info_flush(sdata);
1187 1171
1188 spin_lock_bh(&ifibss->incomplete_lock); 1172 spin_lock_bh(&ifibss->incomplete_lock);
1189 while (!list_empty(&ifibss->incomplete_stations)) { 1173 while (!list_empty(&ifibss->incomplete_stations)) {
@@ -1206,6 +1190,8 @@ int ieee80211_ibss_leave(struct ieee80211_sub_if_data *sdata)
1206 RCU_INIT_POINTER(sdata->u.ibss.presp, NULL); 1190 RCU_INIT_POINTER(sdata->u.ibss.presp, NULL);
1207 sdata->vif.bss_conf.ibss_joined = false; 1191 sdata->vif.bss_conf.ibss_joined = false;
1208 sdata->vif.bss_conf.ibss_creator = false; 1192 sdata->vif.bss_conf.ibss_creator = false;
1193 sdata->vif.bss_conf.enable_beacon = false;
1194 clear_bit(SDATA_STATE_OFFCHANNEL_BEACON_STOPPED, &sdata->state);
1209 ieee80211_bss_info_change_notify(sdata, BSS_CHANGED_BEACON_ENABLED | 1195 ieee80211_bss_info_change_notify(sdata, BSS_CHANGED_BEACON_ENABLED |
1210 BSS_CHANGED_IBSS); 1196 BSS_CHANGED_IBSS);
1211 synchronize_rcu(); 1197 synchronize_rcu();
diff --git a/net/mac80211/ieee80211_i.h b/net/mac80211/ieee80211_i.h
index 42d0d0267730..5fba867d9e2e 100644
--- a/net/mac80211/ieee80211_i.h
+++ b/net/mac80211/ieee80211_i.h
@@ -92,8 +92,6 @@ struct ieee80211_bss {
92 92
93 u32 device_ts; 93 u32 device_ts;
94 94
95 u8 dtim_period;
96
97 bool wmm_used; 95 bool wmm_used;
98 bool uapsd_supported; 96 bool uapsd_supported;
99 97
@@ -140,7 +138,6 @@ enum ieee80211_bss_corrupt_data_flags {
140 138
141/** 139/**
142 * enum ieee80211_valid_data_flags - BSS valid data flags 140 * enum ieee80211_valid_data_flags - BSS valid data flags
143 * @IEEE80211_BSS_VALID_DTIM: DTIM data was gathered from non-corrupt IE
144 * @IEEE80211_BSS_VALID_WMM: WMM/UAPSD data was gathered from non-corrupt IE 141 * @IEEE80211_BSS_VALID_WMM: WMM/UAPSD data was gathered from non-corrupt IE
145 * @IEEE80211_BSS_VALID_RATES: Supported rates were gathered from non-corrupt IE 142 * @IEEE80211_BSS_VALID_RATES: Supported rates were gathered from non-corrupt IE
146 * @IEEE80211_BSS_VALID_ERP: ERP flag was gathered from non-corrupt IE 143 * @IEEE80211_BSS_VALID_ERP: ERP flag was gathered from non-corrupt IE
@@ -151,7 +148,6 @@ enum ieee80211_bss_corrupt_data_flags {
151 * beacon/probe response. 148 * beacon/probe response.
152 */ 149 */
153enum ieee80211_bss_valid_data_flags { 150enum ieee80211_bss_valid_data_flags {
154 IEEE80211_BSS_VALID_DTIM = BIT(0),
155 IEEE80211_BSS_VALID_WMM = BIT(1), 151 IEEE80211_BSS_VALID_WMM = BIT(1),
156 IEEE80211_BSS_VALID_RATES = BIT(2), 152 IEEE80211_BSS_VALID_RATES = BIT(2),
157 IEEE80211_BSS_VALID_ERP = BIT(3) 153 IEEE80211_BSS_VALID_ERP = BIT(3)
@@ -409,6 +405,8 @@ struct ieee80211_mgd_assoc_data {
409 405
410 u8 ap_ht_param; 406 u8 ap_ht_param;
411 407
408 struct ieee80211_vht_cap ap_vht_cap;
409
412 size_t ie_len; 410 size_t ie_len;
413 u8 ie[]; 411 u8 ie[];
414}; 412};
@@ -440,6 +438,7 @@ struct ieee80211_if_managed {
440 unsigned long timers_running; /* used for quiesce/restart */ 438 unsigned long timers_running; /* used for quiesce/restart */
441 bool powersave; /* powersave requested for this iface */ 439 bool powersave; /* powersave requested for this iface */
442 bool broken_ap; /* AP is broken -- turn off powersave */ 440 bool broken_ap; /* AP is broken -- turn off powersave */
441 u8 dtim_period;
443 enum ieee80211_smps_mode req_smps, /* requested smps mode */ 442 enum ieee80211_smps_mode req_smps, /* requested smps mode */
444 driver_smps_mode; /* smps mode request */ 443 driver_smps_mode; /* smps mode request */
445 444
@@ -662,10 +661,13 @@ enum ieee80211_sub_if_data_flags {
662 * change handling while the interface is up 661 * change handling while the interface is up
663 * @SDATA_STATE_OFFCHANNEL: This interface is currently in offchannel 662 * @SDATA_STATE_OFFCHANNEL: This interface is currently in offchannel
664 * mode, so queues are stopped 663 * mode, so queues are stopped
664 * @SDATA_STATE_OFFCHANNEL_BEACON_STOPPED: Beaconing was stopped due
665 * to offchannel, reset when offchannel returns
665 */ 666 */
666enum ieee80211_sdata_state_bits { 667enum ieee80211_sdata_state_bits {
667 SDATA_STATE_RUNNING, 668 SDATA_STATE_RUNNING,
668 SDATA_STATE_OFFCHANNEL, 669 SDATA_STATE_OFFCHANNEL,
670 SDATA_STATE_OFFCHANNEL_BEACON_STOPPED,
669}; 671};
670 672
671/** 673/**
@@ -688,6 +690,7 @@ struct ieee80211_chanctx {
688 690
689 enum ieee80211_chanctx_mode mode; 691 enum ieee80211_chanctx_mode mode;
690 int refcount; 692 int refcount;
693 bool driver_present;
691 694
692 struct ieee80211_chanctx_conf conf; 695 struct ieee80211_chanctx_conf conf;
693}; 696};
@@ -744,8 +747,6 @@ struct ieee80211_sub_if_data {
744 struct work_struct work; 747 struct work_struct work;
745 struct sk_buff_head skb_queue; 748 struct sk_buff_head skb_queue;
746 749
747 bool arp_filter_state;
748
749 u8 needed_rx_chains; 750 u8 needed_rx_chains;
750 enum ieee80211_smps_mode smps_mode; 751 enum ieee80211_smps_mode smps_mode;
751 752
@@ -773,6 +774,10 @@ struct ieee80211_sub_if_data {
773 u32 mntr_flags; 774 u32 mntr_flags;
774 } u; 775 } u;
775 776
777 spinlock_t cleanup_stations_lock;
778 struct list_head cleanup_stations;
779 struct work_struct cleanup_stations_wk;
780
776#ifdef CONFIG_MAC80211_DEBUGFS 781#ifdef CONFIG_MAC80211_DEBUGFS
777 struct { 782 struct {
778 struct dentry *dir; 783 struct dentry *dir;
@@ -782,6 +787,11 @@ struct ieee80211_sub_if_data {
782 struct dentry *default_mgmt_key; 787 struct dentry *default_mgmt_key;
783 } debugfs; 788 } debugfs;
784#endif 789#endif
790
791#ifdef CONFIG_PM
792 struct ieee80211_bss_conf suspend_bss_conf;
793#endif
794
785 /* must be last, dynamically sized area in this! */ 795 /* must be last, dynamically sized area in this! */
786 struct ieee80211_vif vif; 796 struct ieee80211_vif vif;
787}; 797};
@@ -1117,6 +1127,7 @@ struct ieee80211_local {
1117 struct timer_list dynamic_ps_timer; 1127 struct timer_list dynamic_ps_timer;
1118 struct notifier_block network_latency_notifier; 1128 struct notifier_block network_latency_notifier;
1119 struct notifier_block ifa_notifier; 1129 struct notifier_block ifa_notifier;
1130 struct notifier_block ifa6_notifier;
1120 1131
1121 /* 1132 /*
1122 * The dynamic ps timeout configured from user space via WEXT - 1133 * The dynamic ps timeout configured from user space via WEXT -
@@ -1329,9 +1340,9 @@ void ieee80211_mesh_rx_queued_mgmt(struct ieee80211_sub_if_data *sdata,
1329 1340
1330/* scan/BSS handling */ 1341/* scan/BSS handling */
1331void ieee80211_scan_work(struct work_struct *work); 1342void ieee80211_scan_work(struct work_struct *work);
1332int ieee80211_request_internal_scan(struct ieee80211_sub_if_data *sdata, 1343int ieee80211_request_ibss_scan(struct ieee80211_sub_if_data *sdata,
1333 const u8 *ssid, u8 ssid_len, 1344 const u8 *ssid, u8 ssid_len,
1334 struct ieee80211_channel *chan); 1345 struct ieee80211_channel *chan);
1335int ieee80211_request_scan(struct ieee80211_sub_if_data *sdata, 1346int ieee80211_request_scan(struct ieee80211_sub_if_data *sdata,
1336 struct cfg80211_scan_request *req); 1347 struct cfg80211_scan_request *req);
1337void ieee80211_scan_cancel(struct ieee80211_local *local); 1348void ieee80211_scan_cancel(struct ieee80211_local *local);
@@ -1345,8 +1356,7 @@ ieee80211_bss_info_update(struct ieee80211_local *local,
1345 struct ieee80211_mgmt *mgmt, 1356 struct ieee80211_mgmt *mgmt,
1346 size_t len, 1357 size_t len,
1347 struct ieee802_11_elems *elems, 1358 struct ieee802_11_elems *elems,
1348 struct ieee80211_channel *channel, 1359 struct ieee80211_channel *channel);
1349 bool beacon);
1350void ieee80211_rx_bss_put(struct ieee80211_local *local, 1360void ieee80211_rx_bss_put(struct ieee80211_local *local,
1351 struct ieee80211_bss *bss); 1361 struct ieee80211_bss *bss);
1352 1362
@@ -1357,10 +1367,8 @@ int ieee80211_request_sched_scan_stop(struct ieee80211_sub_if_data *sdata);
1357void ieee80211_sched_scan_stopped_work(struct work_struct *work); 1367void ieee80211_sched_scan_stopped_work(struct work_struct *work);
1358 1368
1359/* off-channel helpers */ 1369/* off-channel helpers */
1360void ieee80211_offchannel_stop_vifs(struct ieee80211_local *local, 1370void ieee80211_offchannel_stop_vifs(struct ieee80211_local *local);
1361 bool offchannel_ps_enable); 1371void ieee80211_offchannel_return(struct ieee80211_local *local);
1362void ieee80211_offchannel_return(struct ieee80211_local *local,
1363 bool offchannel_ps_disable);
1364void ieee80211_roc_setup(struct ieee80211_local *local); 1372void ieee80211_roc_setup(struct ieee80211_local *local);
1365void ieee80211_start_next_roc(struct ieee80211_local *local); 1373void ieee80211_start_next_roc(struct ieee80211_local *local);
1366void ieee80211_roc_purge(struct ieee80211_sub_if_data *sdata); 1374void ieee80211_roc_purge(struct ieee80211_sub_if_data *sdata);
@@ -1421,7 +1429,8 @@ void ___ieee80211_stop_rx_ba_session(struct sta_info *sta, u16 tid,
1421 u16 initiator, u16 reason, bool stop); 1429 u16 initiator, u16 reason, bool stop);
1422void __ieee80211_stop_rx_ba_session(struct sta_info *sta, u16 tid, 1430void __ieee80211_stop_rx_ba_session(struct sta_info *sta, u16 tid,
1423 u16 initiator, u16 reason, bool stop); 1431 u16 initiator, u16 reason, bool stop);
1424void ieee80211_sta_tear_down_BA_sessions(struct sta_info *sta, bool tx); 1432void ieee80211_sta_tear_down_BA_sessions(struct sta_info *sta,
1433 enum ieee80211_agg_stop_reason reason);
1425void ieee80211_process_delba(struct ieee80211_sub_if_data *sdata, 1434void ieee80211_process_delba(struct ieee80211_sub_if_data *sdata,
1426 struct sta_info *sta, 1435 struct sta_info *sta,
1427 struct ieee80211_mgmt *mgmt, size_t len); 1436 struct ieee80211_mgmt *mgmt, size_t len);
@@ -1435,11 +1444,9 @@ void ieee80211_process_addba_request(struct ieee80211_local *local,
1435 size_t len); 1444 size_t len);
1436 1445
1437int __ieee80211_stop_tx_ba_session(struct sta_info *sta, u16 tid, 1446int __ieee80211_stop_tx_ba_session(struct sta_info *sta, u16 tid,
1438 enum ieee80211_back_parties initiator, 1447 enum ieee80211_agg_stop_reason reason);
1439 bool tx);
1440int ___ieee80211_stop_tx_ba_session(struct sta_info *sta, u16 tid, 1448int ___ieee80211_stop_tx_ba_session(struct sta_info *sta, u16 tid,
1441 enum ieee80211_back_parties initiator, 1449 enum ieee80211_agg_stop_reason reason);
1442 bool tx);
1443void ieee80211_start_tx_ba_cb(struct ieee80211_vif *vif, u8 *ra, u16 tid); 1450void ieee80211_start_tx_ba_cb(struct ieee80211_vif *vif, u8 *ra, u16 tid);
1444void ieee80211_stop_tx_ba_cb(struct ieee80211_vif *vif, u8 *ra, u8 tid); 1451void ieee80211_stop_tx_ba_cb(struct ieee80211_vif *vif, u8 *ra, u8 tid);
1445void ieee80211_ba_session_work(struct work_struct *work); 1452void ieee80211_ba_session_work(struct work_struct *work);
@@ -1628,6 +1635,7 @@ ieee80211_vif_use_channel(struct ieee80211_sub_if_data *sdata,
1628 const struct cfg80211_chan_def *chandef, 1635 const struct cfg80211_chan_def *chandef,
1629 enum ieee80211_chanctx_mode mode); 1636 enum ieee80211_chanctx_mode mode);
1630void ieee80211_vif_release_channel(struct ieee80211_sub_if_data *sdata); 1637void ieee80211_vif_release_channel(struct ieee80211_sub_if_data *sdata);
1638void ieee80211_vif_vlan_copy_chanctx(struct ieee80211_sub_if_data *sdata);
1631 1639
1632void ieee80211_recalc_smps_chanctx(struct ieee80211_local *local, 1640void ieee80211_recalc_smps_chanctx(struct ieee80211_local *local,
1633 struct ieee80211_chanctx *chanctx); 1641 struct ieee80211_chanctx *chanctx);
diff --git a/net/mac80211/iface.c b/net/mac80211/iface.c
index 09a80b55cf5a..0a36dc6346bb 100644
--- a/net/mac80211/iface.c
+++ b/net/mac80211/iface.c
@@ -207,17 +207,8 @@ void ieee80211_recalc_idle(struct ieee80211_local *local)
207 207
208static int ieee80211_change_mtu(struct net_device *dev, int new_mtu) 208static int ieee80211_change_mtu(struct net_device *dev, int new_mtu)
209{ 209{
210 int meshhdrlen; 210 if (new_mtu < 256 || new_mtu > IEEE80211_MAX_DATA_LEN)
211 struct ieee80211_sub_if_data *sdata = IEEE80211_DEV_TO_SUB_IF(dev);
212
213 meshhdrlen = (sdata->vif.type == NL80211_IFTYPE_MESH_POINT) ? 5 : 0;
214
215 /* FIX: what would be proper limits for MTU?
216 * This interface uses 802.3 frames. */
217 if (new_mtu < 256 ||
218 new_mtu > IEEE80211_MAX_DATA_LEN - 24 - 6 - meshhdrlen) {
219 return -EINVAL; 211 return -EINVAL;
220 }
221 212
222 dev->mtu = new_mtu; 213 dev->mtu = new_mtu;
223 return 0; 214 return 0;
@@ -586,11 +577,13 @@ int ieee80211_do_open(struct wireless_dev *wdev, bool coming_up)
586 577
587 switch (sdata->vif.type) { 578 switch (sdata->vif.type) {
588 case NL80211_IFTYPE_AP_VLAN: 579 case NL80211_IFTYPE_AP_VLAN:
589 /* no need to tell driver, but set carrier */ 580 /* no need to tell driver, but set carrier and chanctx */
590 if (rtnl_dereference(sdata->bss->beacon)) 581 if (rtnl_dereference(sdata->bss->beacon)) {
582 ieee80211_vif_vlan_copy_chanctx(sdata);
591 netif_carrier_on(dev); 583 netif_carrier_on(dev);
592 else 584 } else {
593 netif_carrier_off(dev); 585 netif_carrier_off(dev);
586 }
594 break; 587 break;
595 case NL80211_IFTYPE_MONITOR: 588 case NL80211_IFTYPE_MONITOR:
596 if (sdata->u.mntr_flags & MONITOR_FLAG_COOK_FRAMES) { 589 if (sdata->u.mntr_flags & MONITOR_FLAG_COOK_FRAMES) {
@@ -754,7 +747,7 @@ static void ieee80211_do_stop(struct ieee80211_sub_if_data *sdata,
754 unsigned long flags; 747 unsigned long flags;
755 struct sk_buff *skb, *tmp; 748 struct sk_buff *skb, *tmp;
756 u32 hw_reconf_flags = 0; 749 u32 hw_reconf_flags = 0;
757 int i; 750 int i, flushed;
758 751
759 clear_bit(SDATA_STATE_RUNNING, &sdata->state); 752 clear_bit(SDATA_STATE_RUNNING, &sdata->state);
760 753
@@ -779,11 +772,15 @@ static void ieee80211_do_stop(struct ieee80211_sub_if_data *sdata,
779 * (because if we remove a STA after ops->remove_interface() 772 * (because if we remove a STA after ops->remove_interface()
780 * the driver will have removed the vif info already!) 773 * the driver will have removed the vif info already!)
781 * 774 *
782 * This is relevant only in AP, WDS and mesh modes, since in 775 * This is relevant only in WDS mode, in all other modes we've
783 * all other modes we've already removed all stations when 776 * already removed all stations when disconnecting or similar,
784 * disconnecting etc. 777 * so warn otherwise.
778 *
779 * We call sta_info_flush_cleanup() later, to combine RCU waits.
785 */ 780 */
786 sta_info_flush(local, sdata); 781 flushed = sta_info_flush_defer(sdata);
782 WARN_ON_ONCE((sdata->vif.type != NL80211_IFTYPE_WDS && flushed > 0) ||
783 (sdata->vif.type == NL80211_IFTYPE_WDS && flushed != 1));
787 784
788 /* 785 /*
789 * Don't count this interface for promisc/allmulti while it 786 * Don't count this interface for promisc/allmulti while it
@@ -839,6 +836,7 @@ static void ieee80211_do_stop(struct ieee80211_sub_if_data *sdata,
839 switch (sdata->vif.type) { 836 switch (sdata->vif.type) {
840 case NL80211_IFTYPE_AP_VLAN: 837 case NL80211_IFTYPE_AP_VLAN:
841 list_del(&sdata->u.vlan.list); 838 list_del(&sdata->u.vlan.list);
839 rcu_assign_pointer(sdata->vif.chanctx_conf, NULL);
842 /* no need to tell driver */ 840 /* no need to tell driver */
843 break; 841 break;
844 case NL80211_IFTYPE_MONITOR: 842 case NL80211_IFTYPE_MONITOR:
@@ -865,19 +863,16 @@ static void ieee80211_do_stop(struct ieee80211_sub_if_data *sdata,
865 cancel_work_sync(&sdata->work); 863 cancel_work_sync(&sdata->work);
866 /* 864 /*
867 * When we get here, the interface is marked down. 865 * When we get here, the interface is marked down.
868 * Call rcu_barrier() to wait both for the RX path 866 *
869 * should it be using the interface and enqueuing 867 * sta_info_flush_cleanup() requires rcu_barrier()
870 * frames at this very time on another CPU, and 868 * first to wait for the station call_rcu() calls
871 * for the sta free call_rcu callbacks. 869 * to complete, here we need at least sychronize_rcu()
870 * it to wait for the RX path in case it is using the
871 * interface and enqueuing frames at this very time on
872 * another CPU.
872 */ 873 */
873 rcu_barrier(); 874 rcu_barrier();
874 875 sta_info_flush_cleanup(sdata);
875 /*
876 * free_sta_rcu() enqueues a work for the actual
877 * sta cleanup, so we need to flush it while
878 * sdata is still valid.
879 */
880 flush_workqueue(local->workqueue);
881 876
882 skb_queue_purge(&sdata->skb_queue); 877 skb_queue_purge(&sdata->skb_queue);
883 878
@@ -976,7 +971,6 @@ static void ieee80211_set_multicast_list(struct net_device *dev)
976 */ 971 */
977static void ieee80211_teardown_sdata(struct ieee80211_sub_if_data *sdata) 972static void ieee80211_teardown_sdata(struct ieee80211_sub_if_data *sdata)
978{ 973{
979 struct ieee80211_local *local = sdata->local;
980 int flushed; 974 int flushed;
981 int i; 975 int i;
982 976
@@ -992,7 +986,7 @@ static void ieee80211_teardown_sdata(struct ieee80211_sub_if_data *sdata)
992 if (ieee80211_vif_is_mesh(&sdata->vif)) 986 if (ieee80211_vif_is_mesh(&sdata->vif))
993 mesh_rmc_free(sdata); 987 mesh_rmc_free(sdata);
994 988
995 flushed = sta_info_flush(local, sdata); 989 flushed = sta_info_flush(sdata);
996 WARN_ON(flushed); 990 WARN_ON(flushed);
997} 991}
998 992
@@ -1233,6 +1227,7 @@ static void ieee80211_setup_sdata(struct ieee80211_sub_if_data *sdata,
1233 case NL80211_IFTYPE_AP: 1227 case NL80211_IFTYPE_AP:
1234 skb_queue_head_init(&sdata->u.ap.ps.bc_buf); 1228 skb_queue_head_init(&sdata->u.ap.ps.bc_buf);
1235 INIT_LIST_HEAD(&sdata->u.ap.vlans); 1229 INIT_LIST_HEAD(&sdata->u.ap.vlans);
1230 sdata->vif.bss_conf.bssid = sdata->vif.addr;
1236 break; 1231 break;
1237 case NL80211_IFTYPE_P2P_CLIENT: 1232 case NL80211_IFTYPE_P2P_CLIENT:
1238 type = NL80211_IFTYPE_STATION; 1233 type = NL80211_IFTYPE_STATION;
@@ -1240,9 +1235,11 @@ static void ieee80211_setup_sdata(struct ieee80211_sub_if_data *sdata,
1240 sdata->vif.p2p = true; 1235 sdata->vif.p2p = true;
1241 /* fall through */ 1236 /* fall through */
1242 case NL80211_IFTYPE_STATION: 1237 case NL80211_IFTYPE_STATION:
1238 sdata->vif.bss_conf.bssid = sdata->u.mgd.bssid;
1243 ieee80211_sta_setup_sdata(sdata); 1239 ieee80211_sta_setup_sdata(sdata);
1244 break; 1240 break;
1245 case NL80211_IFTYPE_ADHOC: 1241 case NL80211_IFTYPE_ADHOC:
1242 sdata->vif.bss_conf.bssid = sdata->u.ibss.bssid;
1246 ieee80211_ibss_setup_sdata(sdata); 1243 ieee80211_ibss_setup_sdata(sdata);
1247 break; 1244 break;
1248 case NL80211_IFTYPE_MESH_POINT: 1245 case NL80211_IFTYPE_MESH_POINT:
@@ -1256,8 +1253,12 @@ static void ieee80211_setup_sdata(struct ieee80211_sub_if_data *sdata,
1256 MONITOR_FLAG_OTHER_BSS; 1253 MONITOR_FLAG_OTHER_BSS;
1257 break; 1254 break;
1258 case NL80211_IFTYPE_WDS: 1255 case NL80211_IFTYPE_WDS:
1256 sdata->vif.bss_conf.bssid = NULL;
1257 break;
1259 case NL80211_IFTYPE_AP_VLAN: 1258 case NL80211_IFTYPE_AP_VLAN:
1259 break;
1260 case NL80211_IFTYPE_P2P_DEVICE: 1260 case NL80211_IFTYPE_P2P_DEVICE:
1261 sdata->vif.bss_conf.bssid = sdata->vif.addr;
1261 break; 1262 break;
1262 case NL80211_IFTYPE_UNSPECIFIED: 1263 case NL80211_IFTYPE_UNSPECIFIED:
1263 case NUM_NL80211_IFTYPES: 1264 case NUM_NL80211_IFTYPES:
@@ -1498,6 +1499,15 @@ static void ieee80211_assign_perm_addr(struct ieee80211_local *local,
1498 mutex_unlock(&local->iflist_mtx); 1499 mutex_unlock(&local->iflist_mtx);
1499} 1500}
1500 1501
1502static void ieee80211_cleanup_sdata_stas_wk(struct work_struct *wk)
1503{
1504 struct ieee80211_sub_if_data *sdata;
1505
1506 sdata = container_of(wk, struct ieee80211_sub_if_data, cleanup_stations_wk);
1507
1508 ieee80211_cleanup_sdata_stas(sdata);
1509}
1510
1501int ieee80211_if_add(struct ieee80211_local *local, const char *name, 1511int ieee80211_if_add(struct ieee80211_local *local, const char *name,
1502 struct wireless_dev **new_wdev, enum nl80211_iftype type, 1512 struct wireless_dev **new_wdev, enum nl80211_iftype type,
1503 struct vif_params *params) 1513 struct vif_params *params)
@@ -1564,15 +1574,16 @@ int ieee80211_if_add(struct ieee80211_local *local, const char *name,
1564 /* initialise type-independent data */ 1574 /* initialise type-independent data */
1565 sdata->wdev.wiphy = local->hw.wiphy; 1575 sdata->wdev.wiphy = local->hw.wiphy;
1566 sdata->local = local; 1576 sdata->local = local;
1567#ifdef CONFIG_INET
1568 sdata->arp_filter_state = true;
1569#endif
1570 1577
1571 for (i = 0; i < IEEE80211_FRAGMENT_MAX; i++) 1578 for (i = 0; i < IEEE80211_FRAGMENT_MAX; i++)
1572 skb_queue_head_init(&sdata->fragments[i].skb_list); 1579 skb_queue_head_init(&sdata->fragments[i].skb_list);
1573 1580
1574 INIT_LIST_HEAD(&sdata->key_list); 1581 INIT_LIST_HEAD(&sdata->key_list);
1575 1582
1583 spin_lock_init(&sdata->cleanup_stations_lock);
1584 INIT_LIST_HEAD(&sdata->cleanup_stations);
1585 INIT_WORK(&sdata->cleanup_stations_wk, ieee80211_cleanup_sdata_stas_wk);
1586
1576 for (i = 0; i < IEEE80211_NUM_BANDS; i++) { 1587 for (i = 0; i < IEEE80211_NUM_BANDS; i++) {
1577 struct ieee80211_supported_band *sband; 1588 struct ieee80211_supported_band *sband;
1578 sband = local->hw.wiphy->bands[i]; 1589 sband = local->hw.wiphy->bands[i];
diff --git a/net/mac80211/key.c b/net/mac80211/key.c
index 619c5d697999..ef252eb58c36 100644
--- a/net/mac80211/key.c
+++ b/net/mac80211/key.c
@@ -204,8 +204,11 @@ static void __ieee80211_set_default_key(struct ieee80211_sub_if_data *sdata,
204 if (idx >= 0 && idx < NUM_DEFAULT_KEYS) 204 if (idx >= 0 && idx < NUM_DEFAULT_KEYS)
205 key = key_mtx_dereference(sdata->local, sdata->keys[idx]); 205 key = key_mtx_dereference(sdata->local, sdata->keys[idx]);
206 206
207 if (uni) 207 if (uni) {
208 rcu_assign_pointer(sdata->default_unicast_key, key); 208 rcu_assign_pointer(sdata->default_unicast_key, key);
209 drv_set_default_unicast_key(sdata->local, sdata, idx);
210 }
211
209 if (multi) 212 if (multi)
210 rcu_assign_pointer(sdata->default_multicast_key, key); 213 rcu_assign_pointer(sdata->default_multicast_key, key);
211 214
diff --git a/net/mac80211/main.c b/net/mac80211/main.c
index 1b087fff93e7..2bdd454e8bcf 100644
--- a/net/mac80211/main.c
+++ b/net/mac80211/main.c
@@ -23,6 +23,7 @@
23#include <linux/inetdevice.h> 23#include <linux/inetdevice.h>
24#include <net/net_namespace.h> 24#include <net/net_namespace.h>
25#include <net/cfg80211.h> 25#include <net/cfg80211.h>
26#include <net/addrconf.h>
26 27
27#include "ieee80211_i.h" 28#include "ieee80211_i.h"
28#include "driver-ops.h" 29#include "driver-ops.h"
@@ -207,76 +208,10 @@ void ieee80211_bss_info_change_notify(struct ieee80211_sub_if_data *sdata,
207 u32 changed) 208 u32 changed)
208{ 209{
209 struct ieee80211_local *local = sdata->local; 210 struct ieee80211_local *local = sdata->local;
210 static const u8 zero[ETH_ALEN] = { 0 };
211 211
212 if (!changed) 212 if (!changed)
213 return; 213 return;
214 214
215 if (sdata->vif.type == NL80211_IFTYPE_STATION) {
216 sdata->vif.bss_conf.bssid = sdata->u.mgd.bssid;
217 } else if (sdata->vif.type == NL80211_IFTYPE_ADHOC)
218 sdata->vif.bss_conf.bssid = sdata->u.ibss.bssid;
219 else if (sdata->vif.type == NL80211_IFTYPE_AP)
220 sdata->vif.bss_conf.bssid = sdata->vif.addr;
221 else if (sdata->vif.type == NL80211_IFTYPE_WDS)
222 sdata->vif.bss_conf.bssid = NULL;
223 else if (ieee80211_vif_is_mesh(&sdata->vif)) {
224 sdata->vif.bss_conf.bssid = zero;
225 } else if (sdata->vif.type == NL80211_IFTYPE_P2P_DEVICE) {
226 sdata->vif.bss_conf.bssid = sdata->vif.addr;
227 WARN_ONCE(changed & ~(BSS_CHANGED_IDLE),
228 "P2P Device BSS changed %#x", changed);
229 } else {
230 WARN_ON(1);
231 return;
232 }
233
234 switch (sdata->vif.type) {
235 case NL80211_IFTYPE_AP:
236 case NL80211_IFTYPE_ADHOC:
237 case NL80211_IFTYPE_WDS:
238 case NL80211_IFTYPE_MESH_POINT:
239 break;
240 default:
241 /* do not warn to simplify caller in scan.c */
242 changed &= ~BSS_CHANGED_BEACON_ENABLED;
243 if (WARN_ON(changed & BSS_CHANGED_BEACON))
244 return;
245 break;
246 }
247
248 if (changed & BSS_CHANGED_BEACON_ENABLED) {
249 if (local->quiescing || !ieee80211_sdata_running(sdata) ||
250 test_bit(SDATA_STATE_OFFCHANNEL, &sdata->state)) {
251 sdata->vif.bss_conf.enable_beacon = false;
252 } else {
253 /*
254 * Beacon should be enabled, but AP mode must
255 * check whether there is a beacon configured.
256 */
257 switch (sdata->vif.type) {
258 case NL80211_IFTYPE_AP:
259 sdata->vif.bss_conf.enable_beacon =
260 !!sdata->u.ap.beacon;
261 break;
262 case NL80211_IFTYPE_ADHOC:
263 sdata->vif.bss_conf.enable_beacon =
264 !!sdata->u.ibss.presp;
265 break;
266#ifdef CONFIG_MAC80211_MESH
267 case NL80211_IFTYPE_MESH_POINT:
268 sdata->vif.bss_conf.enable_beacon =
269 !!sdata->u.mesh.mesh_id_len;
270 break;
271#endif
272 default:
273 /* not reached */
274 WARN_ON(1);
275 break;
276 }
277 }
278 }
279
280 drv_bss_info_changed(local, sdata, &sdata->vif.bss_conf, changed); 215 drv_bss_info_changed(local, sdata, &sdata->vif.bss_conf, changed);
281} 216}
282 217
@@ -415,27 +350,19 @@ static int ieee80211_ifa_changed(struct notifier_block *nb,
415 350
416 /* Copy the addresses to the bss_conf list */ 351 /* Copy the addresses to the bss_conf list */
417 ifa = idev->ifa_list; 352 ifa = idev->ifa_list;
418 while (c < IEEE80211_BSS_ARP_ADDR_LIST_LEN && ifa) { 353 while (ifa) {
419 bss_conf->arp_addr_list[c] = ifa->ifa_address; 354 if (c < IEEE80211_BSS_ARP_ADDR_LIST_LEN)
355 bss_conf->arp_addr_list[c] = ifa->ifa_address;
420 ifa = ifa->ifa_next; 356 ifa = ifa->ifa_next;
421 c++; 357 c++;
422 } 358 }
423 359
424 /* If not all addresses fit the list, disable filtering */
425 if (ifa) {
426 sdata->arp_filter_state = false;
427 c = 0;
428 } else {
429 sdata->arp_filter_state = true;
430 }
431 bss_conf->arp_addr_cnt = c; 360 bss_conf->arp_addr_cnt = c;
432 361
433 /* Configure driver only if associated (which also implies it is up) */ 362 /* Configure driver only if associated (which also implies it is up) */
434 if (ifmgd->associated) { 363 if (ifmgd->associated)
435 bss_conf->arp_filter_enabled = sdata->arp_filter_state;
436 ieee80211_bss_info_change_notify(sdata, 364 ieee80211_bss_info_change_notify(sdata,
437 BSS_CHANGED_ARP_FILTER); 365 BSS_CHANGED_ARP_FILTER);
438 }
439 366
440 mutex_unlock(&ifmgd->mtx); 367 mutex_unlock(&ifmgd->mtx);
441 368
@@ -443,6 +370,37 @@ static int ieee80211_ifa_changed(struct notifier_block *nb,
443} 370}
444#endif 371#endif
445 372
373#if IS_ENABLED(CONFIG_IPV6)
374static int ieee80211_ifa6_changed(struct notifier_block *nb,
375 unsigned long data, void *arg)
376{
377 struct inet6_ifaddr *ifa = (struct inet6_ifaddr *)arg;
378 struct inet6_dev *idev = ifa->idev;
379 struct net_device *ndev = ifa->idev->dev;
380 struct ieee80211_local *local =
381 container_of(nb, struct ieee80211_local, ifa6_notifier);
382 struct wireless_dev *wdev = ndev->ieee80211_ptr;
383 struct ieee80211_sub_if_data *sdata;
384
385 /* Make sure it's our interface that got changed */
386 if (!wdev || wdev->wiphy != local->hw.wiphy)
387 return NOTIFY_DONE;
388
389 sdata = IEEE80211_DEV_TO_SUB_IF(ndev);
390
391 /*
392 * For now only support station mode. This is mostly because
393 * doing AP would have to handle AP_VLAN in some way ...
394 */
395 if (sdata->vif.type != NL80211_IFTYPE_STATION)
396 return NOTIFY_DONE;
397
398 drv_ipv6_addr_change(local, sdata, idev);
399
400 return NOTIFY_DONE;
401}
402#endif
403
446static int ieee80211_napi_poll(struct napi_struct *napi, int budget) 404static int ieee80211_napi_poll(struct napi_struct *napi, int budget)
447{ 405{
448 struct ieee80211_local *local = 406 struct ieee80211_local *local =
@@ -537,6 +495,7 @@ static const struct ieee80211_ht_cap mac80211_ht_capa_mod_mask = {
537 495
538 .cap_info = cpu_to_le16(IEEE80211_HT_CAP_SUP_WIDTH_20_40 | 496 .cap_info = cpu_to_le16(IEEE80211_HT_CAP_SUP_WIDTH_20_40 |
539 IEEE80211_HT_CAP_MAX_AMSDU | 497 IEEE80211_HT_CAP_MAX_AMSDU |
498 IEEE80211_HT_CAP_SGI_20 |
540 IEEE80211_HT_CAP_SGI_40), 499 IEEE80211_HT_CAP_SGI_40),
541 .mcs = { 500 .mcs = {
542 .rx_mask = { 0xff, 0xff, 0xff, 0xff, 0xff, 501 .rx_mask = { 0xff, 0xff, 0xff, 0xff, 0xff,
@@ -606,7 +565,8 @@ struct ieee80211_hw *ieee80211_alloc_hw(size_t priv_data_len,
606 wiphy->features |= NL80211_FEATURE_SK_TX_STATUS | 565 wiphy->features |= NL80211_FEATURE_SK_TX_STATUS |
607 NL80211_FEATURE_SAE | 566 NL80211_FEATURE_SAE |
608 NL80211_FEATURE_HT_IBSS | 567 NL80211_FEATURE_HT_IBSS |
609 NL80211_FEATURE_VIF_TXPOWER; 568 NL80211_FEATURE_VIF_TXPOWER |
569 NL80211_FEATURE_FULL_AP_CLIENT_STATE;
610 570
611 if (!ops->hw_scan) 571 if (!ops->hw_scan)
612 wiphy->features |= NL80211_FEATURE_LOW_PRIORITY_SCAN | 572 wiphy->features |= NL80211_FEATURE_LOW_PRIORITY_SCAN |
@@ -1049,12 +1009,25 @@ int ieee80211_register_hw(struct ieee80211_hw *hw)
1049 goto fail_ifa; 1009 goto fail_ifa;
1050#endif 1010#endif
1051 1011
1012#if IS_ENABLED(CONFIG_IPV6)
1013 local->ifa6_notifier.notifier_call = ieee80211_ifa6_changed;
1014 result = register_inet6addr_notifier(&local->ifa6_notifier);
1015 if (result)
1016 goto fail_ifa6;
1017#endif
1018
1052 netif_napi_add(&local->napi_dev, &local->napi, ieee80211_napi_poll, 1019 netif_napi_add(&local->napi_dev, &local->napi, ieee80211_napi_poll,
1053 local->hw.napi_weight); 1020 local->hw.napi_weight);
1054 1021
1055 return 0; 1022 return 0;
1056 1023
1024#if IS_ENABLED(CONFIG_IPV6)
1025 fail_ifa6:
1057#ifdef CONFIG_INET 1026#ifdef CONFIG_INET
1027 unregister_inetaddr_notifier(&local->ifa_notifier);
1028#endif
1029#endif
1030#if defined(CONFIG_INET) || defined(CONFIG_IPV6)
1058 fail_ifa: 1031 fail_ifa:
1059 pm_qos_remove_notifier(PM_QOS_NETWORK_LATENCY, 1032 pm_qos_remove_notifier(PM_QOS_NETWORK_LATENCY,
1060 &local->network_latency_notifier); 1033 &local->network_latency_notifier);
@@ -1090,6 +1063,9 @@ void ieee80211_unregister_hw(struct ieee80211_hw *hw)
1090#ifdef CONFIG_INET 1063#ifdef CONFIG_INET
1091 unregister_inetaddr_notifier(&local->ifa_notifier); 1064 unregister_inetaddr_notifier(&local->ifa_notifier);
1092#endif 1065#endif
1066#if IS_ENABLED(CONFIG_IPV6)
1067 unregister_inet6addr_notifier(&local->ifa6_notifier);
1068#endif
1093 1069
1094 rtnl_lock(); 1070 rtnl_lock();
1095 1071
diff --git a/net/mac80211/mesh.c b/net/mac80211/mesh.c
index 1bf03f9ff3ba..694e27376afa 100644
--- a/net/mac80211/mesh.c
+++ b/net/mac80211/mesh.c
@@ -20,16 +20,11 @@
20int mesh_allocated; 20int mesh_allocated;
21static struct kmem_cache *rm_cache; 21static struct kmem_cache *rm_cache;
22 22
23#ifdef CONFIG_MAC80211_MESH
24bool mesh_action_is_path_sel(struct ieee80211_mgmt *mgmt) 23bool mesh_action_is_path_sel(struct ieee80211_mgmt *mgmt)
25{ 24{
26 return (mgmt->u.action.u.mesh_action.action_code == 25 return (mgmt->u.action.u.mesh_action.action_code ==
27 WLAN_MESH_ACTION_HWMP_PATH_SELECTION); 26 WLAN_MESH_ACTION_HWMP_PATH_SELECTION);
28} 27}
29#else
30bool mesh_action_is_path_sel(struct ieee80211_mgmt *mgmt)
31{ return false; }
32#endif
33 28
34void ieee80211s_init(void) 29void ieee80211s_init(void)
35{ 30{
@@ -163,7 +158,7 @@ int mesh_rmc_init(struct ieee80211_sub_if_data *sdata)
163 return -ENOMEM; 158 return -ENOMEM;
164 sdata->u.mesh.rmc->idx_mask = RMC_BUCKETS - 1; 159 sdata->u.mesh.rmc->idx_mask = RMC_BUCKETS - 1;
165 for (i = 0; i < RMC_BUCKETS; i++) 160 for (i = 0; i < RMC_BUCKETS; i++)
166 INIT_LIST_HEAD(&sdata->u.mesh.rmc->bucket[i].list); 161 INIT_LIST_HEAD(&sdata->u.mesh.rmc->bucket[i]);
167 return 0; 162 return 0;
168} 163}
169 164
@@ -177,7 +172,7 @@ void mesh_rmc_free(struct ieee80211_sub_if_data *sdata)
177 return; 172 return;
178 173
179 for (i = 0; i < RMC_BUCKETS; i++) 174 for (i = 0; i < RMC_BUCKETS; i++)
180 list_for_each_entry_safe(p, n, &rmc->bucket[i].list, list) { 175 list_for_each_entry_safe(p, n, &rmc->bucket[i], list) {
181 list_del(&p->list); 176 list_del(&p->list);
182 kmem_cache_free(rm_cache, p); 177 kmem_cache_free(rm_cache, p);
183 } 178 }
@@ -210,7 +205,7 @@ int mesh_rmc_check(u8 *sa, struct ieee80211s_hdr *mesh_hdr,
210 /* Don't care about endianness since only match matters */ 205 /* Don't care about endianness since only match matters */
211 memcpy(&seqnum, &mesh_hdr->seqnum, sizeof(mesh_hdr->seqnum)); 206 memcpy(&seqnum, &mesh_hdr->seqnum, sizeof(mesh_hdr->seqnum));
212 idx = le32_to_cpu(mesh_hdr->seqnum) & rmc->idx_mask; 207 idx = le32_to_cpu(mesh_hdr->seqnum) & rmc->idx_mask;
213 list_for_each_entry_safe(p, n, &rmc->bucket[idx].list, list) { 208 list_for_each_entry_safe(p, n, &rmc->bucket[idx], list) {
214 ++entries; 209 ++entries;
215 if (time_after(jiffies, p->exp_time) || 210 if (time_after(jiffies, p->exp_time) ||
216 (entries == RMC_QUEUE_MAX_LEN)) { 211 (entries == RMC_QUEUE_MAX_LEN)) {
@@ -229,7 +224,7 @@ int mesh_rmc_check(u8 *sa, struct ieee80211s_hdr *mesh_hdr,
229 p->seqnum = seqnum; 224 p->seqnum = seqnum;
230 p->exp_time = jiffies + RMC_TIMEOUT; 225 p->exp_time = jiffies + RMC_TIMEOUT;
231 memcpy(p->sa, sa, ETH_ALEN); 226 memcpy(p->sa, sa, ETH_ALEN);
232 list_add(&p->list, &rmc->bucket[idx].list); 227 list_add(&p->list, &rmc->bucket[idx]);
233 return 0; 228 return 0;
234} 229}
235 230
@@ -607,6 +602,12 @@ void ieee80211_start_mesh(struct ieee80211_sub_if_data *sdata)
607{ 602{
608 struct ieee80211_if_mesh *ifmsh = &sdata->u.mesh; 603 struct ieee80211_if_mesh *ifmsh = &sdata->u.mesh;
609 struct ieee80211_local *local = sdata->local; 604 struct ieee80211_local *local = sdata->local;
605 u32 changed = BSS_CHANGED_BEACON |
606 BSS_CHANGED_BEACON_ENABLED |
607 BSS_CHANGED_HT |
608 BSS_CHANGED_BASIC_RATES |
609 BSS_CHANGED_BEACON_INT;
610 enum ieee80211_band band = ieee80211_get_sdata_band(sdata);
610 611
611 local->fif_other_bss++; 612 local->fif_other_bss++;
612 /* mesh ifaces must set allmulti to forward mcast traffic */ 613 /* mesh ifaces must set allmulti to forward mcast traffic */
@@ -624,15 +625,16 @@ void ieee80211_start_mesh(struct ieee80211_sub_if_data *sdata)
624 ieee80211_queue_work(&local->hw, &sdata->work); 625 ieee80211_queue_work(&local->hw, &sdata->work);
625 sdata->vif.bss_conf.ht_operation_mode = 626 sdata->vif.bss_conf.ht_operation_mode =
626 ifmsh->mshcfg.ht_opmode; 627 ifmsh->mshcfg.ht_opmode;
627 sdata->vif.bss_conf.beacon_int = MESH_DEFAULT_BEACON_INTERVAL; 628 sdata->vif.bss_conf.enable_beacon = true;
628 sdata->vif.bss_conf.basic_rates = 629 sdata->vif.bss_conf.basic_rates =
629 ieee80211_mandatory_rates(sdata->local, 630 ieee80211_mandatory_rates(local, band);
630 ieee80211_get_sdata_band(sdata)); 631
631 ieee80211_bss_info_change_notify(sdata, BSS_CHANGED_BEACON | 632 if (band == IEEE80211_BAND_5GHZ) {
632 BSS_CHANGED_BEACON_ENABLED | 633 sdata->vif.bss_conf.use_short_slot = true;
633 BSS_CHANGED_HT | 634 changed |= BSS_CHANGED_ERP_SLOT;
634 BSS_CHANGED_BASIC_RATES | 635 }
635 BSS_CHANGED_BEACON_INT); 636
637 ieee80211_bss_info_change_notify(sdata, changed);
636 638
637 netif_carrier_on(sdata->dev); 639 netif_carrier_on(sdata->dev);
638} 640}
@@ -646,10 +648,12 @@ void ieee80211_stop_mesh(struct ieee80211_sub_if_data *sdata)
646 648
647 /* stop the beacon */ 649 /* stop the beacon */
648 ifmsh->mesh_id_len = 0; 650 ifmsh->mesh_id_len = 0;
651 sdata->vif.bss_conf.enable_beacon = false;
652 clear_bit(SDATA_STATE_OFFCHANNEL_BEACON_STOPPED, &sdata->state);
649 ieee80211_bss_info_change_notify(sdata, BSS_CHANGED_BEACON_ENABLED); 653 ieee80211_bss_info_change_notify(sdata, BSS_CHANGED_BEACON_ENABLED);
650 654
651 /* flush STAs and mpaths on this iface */ 655 /* flush STAs and mpaths on this iface */
652 sta_info_flush(sdata->local, sdata); 656 sta_info_flush(sdata);
653 mesh_path_flush_by_iface(sdata); 657 mesh_path_flush_by_iface(sdata);
654 658
655 del_timer_sync(&sdata->u.mesh.housekeeping_timer); 659 del_timer_sync(&sdata->u.mesh.housekeeping_timer);
@@ -805,6 +809,7 @@ void ieee80211_mesh_notify_scan_completed(struct ieee80211_local *local)
805void ieee80211_mesh_init_sdata(struct ieee80211_sub_if_data *sdata) 809void ieee80211_mesh_init_sdata(struct ieee80211_sub_if_data *sdata)
806{ 810{
807 struct ieee80211_if_mesh *ifmsh = &sdata->u.mesh; 811 struct ieee80211_if_mesh *ifmsh = &sdata->u.mesh;
812 static u8 zero_addr[ETH_ALEN] = {};
808 813
809 setup_timer(&ifmsh->housekeeping_timer, 814 setup_timer(&ifmsh->housekeeping_timer,
810 ieee80211_mesh_housekeeping_timer, 815 ieee80211_mesh_housekeeping_timer,
@@ -830,4 +835,6 @@ void ieee80211_mesh_init_sdata(struct ieee80211_sub_if_data *sdata)
830 INIT_LIST_HEAD(&ifmsh->preq_queue.list); 835 INIT_LIST_HEAD(&ifmsh->preq_queue.list);
831 spin_lock_init(&ifmsh->mesh_preq_queue_lock); 836 spin_lock_init(&ifmsh->mesh_preq_queue_lock);
832 spin_lock_init(&ifmsh->sync_offset_lock); 837 spin_lock_init(&ifmsh->sync_offset_lock);
838
839 sdata->vif.bss_conf.bssid = zero_addr;
833} 840}
diff --git a/net/mac80211/mesh.h b/net/mac80211/mesh.h
index 7c9215fb2ac8..aff301544c7f 100644
--- a/net/mac80211/mesh.h
+++ b/net/mac80211/mesh.h
@@ -184,15 +184,13 @@ struct rmc_entry {
184}; 184};
185 185
186struct mesh_rmc { 186struct mesh_rmc {
187 struct rmc_entry bucket[RMC_BUCKETS]; 187 struct list_head bucket[RMC_BUCKETS];
188 u32 idx_mask; 188 u32 idx_mask;
189}; 189};
190 190
191#define IEEE80211_MESH_PEER_INACTIVITY_LIMIT (1800 * HZ) 191#define IEEE80211_MESH_PEER_INACTIVITY_LIMIT (1800 * HZ)
192#define IEEE80211_MESH_HOUSEKEEPING_INTERVAL (60 * HZ) 192#define IEEE80211_MESH_HOUSEKEEPING_INTERVAL (60 * HZ)
193 193
194#define MESH_DEFAULT_BEACON_INTERVAL 1000 /* in 1024 us units */
195
196#define MESH_PATH_EXPIRE (600 * HZ) 194#define MESH_PATH_EXPIRE (600 * HZ)
197 195
198/* Default maximum number of plinks per interface */ 196/* Default maximum number of plinks per interface */
@@ -307,6 +305,20 @@ extern int mesh_paths_generation;
307#ifdef CONFIG_MAC80211_MESH 305#ifdef CONFIG_MAC80211_MESH
308extern int mesh_allocated; 306extern int mesh_allocated;
309 307
308static inline
309u32 mesh_plink_inc_estab_count(struct ieee80211_sub_if_data *sdata)
310{
311 atomic_inc(&sdata->u.mesh.estab_plinks);
312 return mesh_accept_plinks_update(sdata);
313}
314
315static inline
316u32 mesh_plink_dec_estab_count(struct ieee80211_sub_if_data *sdata)
317{
318 atomic_dec(&sdata->u.mesh.estab_plinks);
319 return mesh_accept_plinks_update(sdata);
320}
321
310static inline int mesh_plink_free_count(struct ieee80211_sub_if_data *sdata) 322static inline int mesh_plink_free_count(struct ieee80211_sub_if_data *sdata)
311{ 323{
312 return sdata->u.mesh.mshcfg.dot11MeshMaxPeerLinks - 324 return sdata->u.mesh.mshcfg.dot11MeshMaxPeerLinks -
diff --git a/net/mac80211/mesh_hwmp.c b/net/mac80211/mesh_hwmp.c
index 47aeee2d8db1..6b4603a90031 100644
--- a/net/mac80211/mesh_hwmp.c
+++ b/net/mac80211/mesh_hwmp.c
@@ -215,16 +215,19 @@ static void prepare_frame_for_deferred_tx(struct ieee80211_sub_if_data *sdata,
215 skb->priority = 7; 215 skb->priority = 7;
216 216
217 info->control.vif = &sdata->vif; 217 info->control.vif = &sdata->vif;
218 info->flags |= IEEE80211_TX_INTFL_NEED_TXPROCESSING;
218 ieee80211_set_qos_hdr(sdata, skb); 219 ieee80211_set_qos_hdr(sdata, skb);
219} 220}
220 221
221/** 222/**
222 * mesh_send_path error - Sends a PERR mesh management frame 223 * mesh_path_error_tx - Sends a PERR mesh management frame
223 * 224 *
225 * @ttl: allowed remaining hops
224 * @target: broken destination 226 * @target: broken destination
225 * @target_sn: SN of the broken destination 227 * @target_sn: SN of the broken destination
226 * @target_rcode: reason code for this PERR 228 * @target_rcode: reason code for this PERR
227 * @ra: node this frame is addressed to 229 * @ra: node this frame is addressed to
230 * @sdata: local mesh subif
228 * 231 *
229 * Note: This function may be called with driver locks taken that the driver 232 * Note: This function may be called with driver locks taken that the driver
230 * also acquires in the TX path. To avoid a deadlock we don't transmit the 233 * also acquires in the TX path. To avoid a deadlock we don't transmit the
@@ -246,11 +249,13 @@ int mesh_path_error_tx(u8 ttl, u8 *target, __le32 target_sn,
246 return -EAGAIN; 249 return -EAGAIN;
247 250
248 skb = dev_alloc_skb(local->tx_headroom + 251 skb = dev_alloc_skb(local->tx_headroom +
252 IEEE80211_ENCRYPT_HEADROOM +
253 IEEE80211_ENCRYPT_TAILROOM +
249 hdr_len + 254 hdr_len +
250 2 + 15 /* PERR IE */); 255 2 + 15 /* PERR IE */);
251 if (!skb) 256 if (!skb)
252 return -1; 257 return -1;
253 skb_reserve(skb, local->tx_headroom); 258 skb_reserve(skb, local->tx_headroom + IEEE80211_ENCRYPT_HEADROOM);
254 mgmt = (struct ieee80211_mgmt *) skb_put(skb, hdr_len); 259 mgmt = (struct ieee80211_mgmt *) skb_put(skb, hdr_len);
255 memset(mgmt, 0, hdr_len); 260 memset(mgmt, 0, hdr_len);
256 mgmt->frame_control = cpu_to_le16(IEEE80211_FTYPE_MGMT | 261 mgmt->frame_control = cpu_to_le16(IEEE80211_FTYPE_MGMT |
@@ -350,6 +355,7 @@ static u32 airtime_link_metric_get(struct ieee80211_local *local,
350 * @sdata: local mesh subif 355 * @sdata: local mesh subif
351 * @mgmt: mesh management frame 356 * @mgmt: mesh management frame
352 * @hwmp_ie: hwmp information element (PREP or PREQ) 357 * @hwmp_ie: hwmp information element (PREP or PREQ)
358 * @action: type of hwmp ie
353 * 359 *
354 * This function updates the path routing information to the originator and the 360 * This function updates the path routing information to the originator and the
355 * transmitter of a HWMP PREQ or PREP frame. 361 * transmitter of a HWMP PREQ or PREP frame.
diff --git a/net/mac80211/mesh_plink.c b/net/mac80211/mesh_plink.c
index 4b274e9c91a5..81e612682bc3 100644
--- a/net/mac80211/mesh_plink.c
+++ b/net/mac80211/mesh_plink.c
@@ -41,20 +41,6 @@ static int mesh_plink_frame_tx(struct ieee80211_sub_if_data *sdata,
41 enum ieee80211_self_protected_actioncode action, 41 enum ieee80211_self_protected_actioncode action,
42 u8 *da, __le16 llid, __le16 plid, __le16 reason); 42 u8 *da, __le16 llid, __le16 plid, __le16 reason);
43 43
44static inline
45u32 mesh_plink_inc_estab_count(struct ieee80211_sub_if_data *sdata)
46{
47 atomic_inc(&sdata->u.mesh.estab_plinks);
48 return mesh_accept_plinks_update(sdata);
49}
50
51static inline
52u32 mesh_plink_dec_estab_count(struct ieee80211_sub_if_data *sdata)
53{
54 atomic_dec(&sdata->u.mesh.estab_plinks);
55 return mesh_accept_plinks_update(sdata);
56}
57
58/** 44/**
59 * mesh_plink_fsm_restart - restart a mesh peer link finite state machine 45 * mesh_plink_fsm_restart - restart a mesh peer link finite state machine
60 * 46 *
@@ -69,30 +55,6 @@ static inline void mesh_plink_fsm_restart(struct sta_info *sta)
69 sta->plink_retries = 0; 55 sta->plink_retries = 0;
70} 56}
71 57
72/*
73 * Allocate mesh sta entry and insert into station table
74 */
75static struct sta_info *mesh_plink_alloc(struct ieee80211_sub_if_data *sdata,
76 u8 *hw_addr)
77{
78 struct sta_info *sta;
79
80 if (sdata->local->num_sta >= MESH_MAX_PLINKS)
81 return NULL;
82
83 sta = sta_info_alloc(sdata, hw_addr, GFP_KERNEL);
84 if (!sta)
85 return NULL;
86
87 sta_info_pre_move_state(sta, IEEE80211_STA_AUTH);
88 sta_info_pre_move_state(sta, IEEE80211_STA_ASSOC);
89 sta_info_pre_move_state(sta, IEEE80211_STA_AUTHORIZED);
90
91 set_sta_flag(sta, WLAN_STA_WME);
92
93 return sta;
94}
95
96/** 58/**
97 * mesh_set_ht_prot_mode - set correct HT protection mode 59 * mesh_set_ht_prot_mode - set correct HT protection mode
98 * 60 *
@@ -323,53 +285,27 @@ free:
323 return err; 285 return err;
324} 286}
325 287
326/** 288static void mesh_sta_info_init(struct ieee80211_sub_if_data *sdata,
327 * mesh_peer_init - initialize new mesh peer and return resulting sta_info 289 struct sta_info *sta,
328 * 290 struct ieee802_11_elems *elems, bool insert)
329 * @sdata: local meshif
330 * @addr: peer's address
331 * @elems: IEs from beacon or mesh peering frame
332 *
333 * call under RCU
334 */
335static struct sta_info *mesh_peer_init(struct ieee80211_sub_if_data *sdata,
336 u8 *addr,
337 struct ieee802_11_elems *elems)
338{ 291{
339 struct ieee80211_local *local = sdata->local; 292 struct ieee80211_local *local = sdata->local;
340 enum ieee80211_band band = ieee80211_get_sdata_band(sdata); 293 enum ieee80211_band band = ieee80211_get_sdata_band(sdata);
341 struct ieee80211_supported_band *sband; 294 struct ieee80211_supported_band *sband;
342 u32 rates, basic_rates = 0; 295 u32 rates, basic_rates = 0, changed = 0;
343 struct sta_info *sta;
344 bool insert = false;
345 296
346 sband = local->hw.wiphy->bands[band]; 297 sband = local->hw.wiphy->bands[band];
347 rates = ieee80211_sta_get_rates(local, elems, band, &basic_rates); 298 rates = ieee80211_sta_get_rates(local, elems, band, &basic_rates);
348 299
349 sta = sta_info_get(sdata, addr);
350 if (!sta) {
351 /* Userspace handles peer allocation when security is enabled */
352 if (sdata->u.mesh.security & IEEE80211_MESH_SEC_AUTHED) {
353 cfg80211_notify_new_peer_candidate(sdata->dev, addr,
354 elems->ie_start,
355 elems->total_len,
356 GFP_ATOMIC);
357 return NULL;
358 }
359
360 sta = mesh_plink_alloc(sdata, addr);
361 if (!sta)
362 return NULL;
363 insert = true;
364 }
365
366 spin_lock_bh(&sta->lock); 300 spin_lock_bh(&sta->lock);
367 sta->last_rx = jiffies; 301 sta->last_rx = jiffies;
368 if (sta->plink_state == NL80211_PLINK_ESTAB) {
369 spin_unlock_bh(&sta->lock);
370 return sta;
371 }
372 302
303 /* rates and capabilities don't change during peering */
304 if (sta->plink_state == NL80211_PLINK_ESTAB)
305 goto out;
306
307 if (sta->sta.supp_rates[band] != rates)
308 changed |= IEEE80211_RC_SUPP_RATES_CHANGED;
373 sta->sta.supp_rates[band] = rates; 309 sta->sta.supp_rates[band] = rates;
374 if (elems->ht_cap_elem && 310 if (elems->ht_cap_elem &&
375 sdata->vif.bss_conf.chandef.width != NL80211_CHAN_WIDTH_20_NOHT) 311 sdata->vif.bss_conf.chandef.width != NL80211_CHAN_WIDTH_20_NOHT)
@@ -388,27 +324,115 @@ static struct sta_info *mesh_peer_init(struct ieee80211_sub_if_data *sdata,
388 ~IEEE80211_HT_CAP_SUP_WIDTH_20_40; 324 ~IEEE80211_HT_CAP_SUP_WIDTH_20_40;
389 ieee80211_ht_oper_to_chandef(sdata->vif.bss_conf.chandef.chan, 325 ieee80211_ht_oper_to_chandef(sdata->vif.bss_conf.chandef.chan,
390 elems->ht_operation, &chandef); 326 elems->ht_operation, &chandef);
327 if (sta->ch_width != chandef.width)
328 changed |= IEEE80211_RC_BW_CHANGED;
391 sta->ch_width = chandef.width; 329 sta->ch_width = chandef.width;
392 } 330 }
393 331
394 if (insert) 332 if (insert)
395 rate_control_rate_init(sta); 333 rate_control_rate_init(sta);
334 else
335 rate_control_rate_update(local, sband, sta, changed);
336out:
396 spin_unlock_bh(&sta->lock); 337 spin_unlock_bh(&sta->lock);
338}
397 339
398 if (insert && sta_info_insert(sta)) 340static struct sta_info *
341__mesh_sta_info_alloc(struct ieee80211_sub_if_data *sdata, u8 *hw_addr)
342{
343 struct sta_info *sta;
344
345 if (sdata->local->num_sta >= MESH_MAX_PLINKS)
399 return NULL; 346 return NULL;
400 347
348 sta = sta_info_alloc(sdata, hw_addr, GFP_KERNEL);
349 if (!sta)
350 return NULL;
351
352 sta->plink_state = NL80211_PLINK_LISTEN;
353 init_timer(&sta->plink_timer);
354
355 sta_info_pre_move_state(sta, IEEE80211_STA_AUTH);
356 sta_info_pre_move_state(sta, IEEE80211_STA_ASSOC);
357 sta_info_pre_move_state(sta, IEEE80211_STA_AUTHORIZED);
358
359 set_sta_flag(sta, WLAN_STA_WME);
360
361 return sta;
362}
363
364static struct sta_info *
365mesh_sta_info_alloc(struct ieee80211_sub_if_data *sdata, u8 *addr,
366 struct ieee802_11_elems *elems)
367{
368 struct sta_info *sta = NULL;
369
370 /* Userspace handles peer allocation when security is enabled */
371 if (sdata->u.mesh.security & IEEE80211_MESH_SEC_AUTHED)
372 cfg80211_notify_new_peer_candidate(sdata->dev, addr,
373 elems->ie_start,
374 elems->total_len,
375 GFP_KERNEL);
376 else
377 sta = __mesh_sta_info_alloc(sdata, addr);
378
401 return sta; 379 return sta;
402} 380}
403 381
382/*
383 * mesh_sta_info_get - return mesh sta info entry for @addr.
384 *
385 * @sdata: local meshif
386 * @addr: peer's address
387 * @elems: IEs from beacon or mesh peering frame.
388 *
389 * Return existing or newly allocated sta_info under RCU read lock.
390 * (re)initialize with given IEs.
391 */
392static struct sta_info *
393mesh_sta_info_get(struct ieee80211_sub_if_data *sdata,
394 u8 *addr, struct ieee802_11_elems *elems) __acquires(RCU)
395{
396 struct sta_info *sta = NULL;
397
398 rcu_read_lock();
399 sta = sta_info_get(sdata, addr);
400 if (sta) {
401 mesh_sta_info_init(sdata, sta, elems, false);
402 } else {
403 rcu_read_unlock();
404 /* can't run atomic */
405 sta = mesh_sta_info_alloc(sdata, addr, elems);
406 if (!sta) {
407 rcu_read_lock();
408 return NULL;
409 }
410
411 mesh_sta_info_init(sdata, sta, elems, true);
412
413 if (sta_info_insert_rcu(sta))
414 return NULL;
415 }
416
417 return sta;
418}
419
420/*
421 * mesh_neighbour_update - update or initialize new mesh neighbor.
422 *
423 * @sdata: local meshif
424 * @addr: peer's address
425 * @elems: IEs from beacon or mesh peering frame
426 *
427 * Initiates peering if appropriate.
428 */
404void mesh_neighbour_update(struct ieee80211_sub_if_data *sdata, 429void mesh_neighbour_update(struct ieee80211_sub_if_data *sdata,
405 u8 *hw_addr, 430 u8 *hw_addr,
406 struct ieee802_11_elems *elems) 431 struct ieee802_11_elems *elems)
407{ 432{
408 struct sta_info *sta; 433 struct sta_info *sta;
409 434
410 rcu_read_lock(); 435 sta = mesh_sta_info_get(sdata, hw_addr, elems);
411 sta = mesh_peer_init(sdata, hw_addr, elems);
412 if (!sta) 436 if (!sta)
413 goto out; 437 goto out;
414 438
@@ -646,6 +670,7 @@ void mesh_rx_plink_frame(struct ieee80211_sub_if_data *sdata, struct ieee80211_m
646 (ftype == WLAN_SP_MESH_PEERING_CLOSE && ie_len == 8)) 670 (ftype == WLAN_SP_MESH_PEERING_CLOSE && ie_len == 8))
647 memcpy(&llid, PLINK_GET_PLID(elems.peering), 2); 671 memcpy(&llid, PLINK_GET_PLID(elems.peering), 2);
648 672
673 /* WARNING: Only for sta pointer, is dropped & re-acquired */
649 rcu_read_lock(); 674 rcu_read_lock();
650 675
651 sta = sta_info_get(sdata, mgmt->sa); 676 sta = sta_info_get(sdata, mgmt->sa);
@@ -749,8 +774,9 @@ void mesh_rx_plink_frame(struct ieee80211_sub_if_data *sdata, struct ieee80211_m
749 } 774 }
750 775
751 if (event == OPN_ACPT) { 776 if (event == OPN_ACPT) {
777 rcu_read_unlock();
752 /* allocate sta entry if necessary and update info */ 778 /* allocate sta entry if necessary and update info */
753 sta = mesh_peer_init(sdata, mgmt->sa, &elems); 779 sta = mesh_sta_info_get(sdata, mgmt->sa, &elems);
754 if (!sta) { 780 if (!sta) {
755 mpl_dbg(sdata, "Mesh plink: failed to init peer!\n"); 781 mpl_dbg(sdata, "Mesh plink: failed to init peer!\n");
756 rcu_read_unlock(); 782 rcu_read_unlock();
diff --git a/net/mac80211/mlme.c b/net/mac80211/mlme.c
index 7753a9ca98a6..5913fb924b12 100644
--- a/net/mac80211/mlme.c
+++ b/net/mac80211/mlme.c
@@ -199,11 +199,11 @@ static u32 ieee80211_config_ht_tx(struct ieee80211_sub_if_data *sdata,
199 case NL80211_CHAN_WIDTH_40: 199 case NL80211_CHAN_WIDTH_40:
200 if (sdata->vif.bss_conf.chandef.chan->center_freq > 200 if (sdata->vif.bss_conf.chandef.chan->center_freq >
201 sdata->vif.bss_conf.chandef.center_freq1 && 201 sdata->vif.bss_conf.chandef.center_freq1 &&
202 chan->flags & IEEE80211_CHAN_NO_HT40PLUS) 202 chan->flags & IEEE80211_CHAN_NO_HT40MINUS)
203 disable_40 = true; 203 disable_40 = true;
204 if (sdata->vif.bss_conf.chandef.chan->center_freq < 204 if (sdata->vif.bss_conf.chandef.chan->center_freq <
205 sdata->vif.bss_conf.chandef.center_freq1 && 205 sdata->vif.bss_conf.chandef.center_freq1 &&
206 chan->flags & IEEE80211_CHAN_NO_HT40MINUS) 206 chan->flags & IEEE80211_CHAN_NO_HT40PLUS)
207 disable_40 = true; 207 disable_40 = true;
208 break; 208 break;
209 default: 209 default:
@@ -341,11 +341,13 @@ static void ieee80211_add_ht_ie(struct ieee80211_sub_if_data *sdata,
341 341
342static void ieee80211_add_vht_ie(struct ieee80211_sub_if_data *sdata, 342static void ieee80211_add_vht_ie(struct ieee80211_sub_if_data *sdata,
343 struct sk_buff *skb, 343 struct sk_buff *skb,
344 struct ieee80211_supported_band *sband) 344 struct ieee80211_supported_band *sband,
345 struct ieee80211_vht_cap *ap_vht_cap)
345{ 346{
346 u8 *pos; 347 u8 *pos;
347 u32 cap; 348 u32 cap;
348 struct ieee80211_sta_vht_cap vht_cap; 349 struct ieee80211_sta_vht_cap vht_cap;
350 int i;
349 351
350 BUILD_BUG_ON(sizeof(vht_cap) != sizeof(sband->vht_cap)); 352 BUILD_BUG_ON(sizeof(vht_cap) != sizeof(sband->vht_cap));
351 353
@@ -364,6 +366,42 @@ static void ieee80211_add_vht_ie(struct ieee80211_sub_if_data *sdata,
364 cap &= ~IEEE80211_VHT_CAP_SUPP_CHAN_WIDTH_160MHZ; 366 cap &= ~IEEE80211_VHT_CAP_SUPP_CHAN_WIDTH_160MHZ;
365 } 367 }
366 368
369 /*
370 * Some APs apparently get confused if our capabilities are better
371 * than theirs, so restrict what we advertise in the assoc request.
372 */
373 if (!(ap_vht_cap->vht_cap_info &
374 cpu_to_le32(IEEE80211_VHT_CAP_SU_BEAMFORMER_CAPABLE)))
375 cap &= ~IEEE80211_VHT_CAP_SU_BEAMFORMEE_CAPABLE;
376
377 if (!(ap_vht_cap->vht_cap_info &
378 cpu_to_le32(IEEE80211_VHT_CAP_TXSTBC)))
379 cap &= ~(IEEE80211_VHT_CAP_RXSTBC_1 |
380 IEEE80211_VHT_CAP_RXSTBC_3 |
381 IEEE80211_VHT_CAP_RXSTBC_4);
382
383 for (i = 0; i < 8; i++) {
384 int shift = i * 2;
385 u16 mask = IEEE80211_VHT_MCS_NOT_SUPPORTED << shift;
386 u16 ap_mcs, our_mcs;
387
388 ap_mcs = (le16_to_cpu(ap_vht_cap->supp_mcs.tx_mcs_map) &
389 mask) >> shift;
390 our_mcs = (le16_to_cpu(vht_cap.vht_mcs.rx_mcs_map) &
391 mask) >> shift;
392
393 switch (ap_mcs) {
394 default:
395 if (our_mcs <= ap_mcs)
396 break;
397 /* fall through */
398 case IEEE80211_VHT_MCS_NOT_SUPPORTED:
399 vht_cap.vht_mcs.rx_mcs_map &= cpu_to_le16(~mask);
400 vht_cap.vht_mcs.rx_mcs_map |=
401 cpu_to_le16(ap_mcs << shift);
402 }
403 }
404
367 /* reserve and fill IE */ 405 /* reserve and fill IE */
368 pos = skb_put(skb, sizeof(struct ieee80211_vht_cap) + 2); 406 pos = skb_put(skb, sizeof(struct ieee80211_vht_cap) + 2);
369 ieee80211_ie_build_vht_cap(pos, &vht_cap, cap); 407 ieee80211_ie_build_vht_cap(pos, &vht_cap, cap);
@@ -562,7 +600,8 @@ static void ieee80211_send_assoc(struct ieee80211_sub_if_data *sdata)
562 sband, chan, sdata->smps_mode); 600 sband, chan, sdata->smps_mode);
563 601
564 if (!(ifmgd->flags & IEEE80211_STA_DISABLE_VHT)) 602 if (!(ifmgd->flags & IEEE80211_STA_DISABLE_VHT))
565 ieee80211_add_vht_ie(sdata, skb, sband); 603 ieee80211_add_vht_ie(sdata, skb, sband,
604 &assoc_data->ap_vht_cap);
566 605
567 /* if present, add any custom non-vendor IEs that go after HT */ 606 /* if present, add any custom non-vendor IEs that go after HT */
568 if (assoc_data->ie_len && assoc_data->ie) { 607 if (assoc_data->ie_len && assoc_data->ie) {
@@ -1074,12 +1113,8 @@ void ieee80211_recalc_ps(struct ieee80211_local *local, s32 latency)
1074 if (beaconint_us > latency) { 1113 if (beaconint_us > latency) {
1075 local->ps_sdata = NULL; 1114 local->ps_sdata = NULL;
1076 } else { 1115 } else {
1077 struct ieee80211_bss *bss;
1078 int maxslp = 1; 1116 int maxslp = 1;
1079 u8 dtimper; 1117 u8 dtimper = found->u.mgd.dtim_period;
1080
1081 bss = (void *)found->u.mgd.associated->priv;
1082 dtimper = bss->dtim_period;
1083 1118
1084 /* If the TIM IE is invalid, pretend the value is 1 */ 1119 /* If the TIM IE is invalid, pretend the value is 1 */
1085 if (!dtimper) 1120 if (!dtimper)
@@ -1410,10 +1445,17 @@ static void ieee80211_set_associated(struct ieee80211_sub_if_data *sdata,
1410 1445
1411 ieee80211_led_assoc(local, 1); 1446 ieee80211_led_assoc(local, 1);
1412 1447
1413 if (local->hw.flags & IEEE80211_HW_NEED_DTIM_PERIOD) 1448 if (local->hw.flags & IEEE80211_HW_NEED_DTIM_PERIOD) {
1414 bss_conf->dtim_period = bss->dtim_period; 1449 /*
1415 else 1450 * If the AP is buggy we may get here with no DTIM period
1451 * known, so assume it's 1 which is the only safe assumption
1452 * in that case, although if the TIM IE is broken powersave
1453 * probably just won't work at all.
1454 */
1455 bss_conf->dtim_period = sdata->u.mgd.dtim_period ?: 1;
1456 } else {
1416 bss_conf->dtim_period = 0; 1457 bss_conf->dtim_period = 0;
1458 }
1417 1459
1418 bss_conf->assoc = 1; 1460 bss_conf->assoc = 1;
1419 1461
@@ -1423,10 +1465,8 @@ static void ieee80211_set_associated(struct ieee80211_sub_if_data *sdata,
1423 bss_info_changed |= BSS_CHANGED_CQM; 1465 bss_info_changed |= BSS_CHANGED_CQM;
1424 1466
1425 /* Enable ARP filtering */ 1467 /* Enable ARP filtering */
1426 if (bss_conf->arp_filter_enabled != sdata->arp_filter_state) { 1468 if (bss_conf->arp_addr_cnt)
1427 bss_conf->arp_filter_enabled = sdata->arp_filter_state;
1428 bss_info_changed |= BSS_CHANGED_ARP_FILTER; 1469 bss_info_changed |= BSS_CHANGED_ARP_FILTER;
1429 }
1430 1470
1431 ieee80211_bss_info_change_notify(sdata, bss_info_changed); 1471 ieee80211_bss_info_change_notify(sdata, bss_info_changed);
1432 1472
@@ -1447,7 +1487,6 @@ static void ieee80211_set_disassoc(struct ieee80211_sub_if_data *sdata,
1447{ 1487{
1448 struct ieee80211_if_managed *ifmgd = &sdata->u.mgd; 1488 struct ieee80211_if_managed *ifmgd = &sdata->u.mgd;
1449 struct ieee80211_local *local = sdata->local; 1489 struct ieee80211_local *local = sdata->local;
1450 struct sta_info *sta;
1451 u32 changed = 0; 1490 u32 changed = 0;
1452 1491
1453 ASSERT_MGD_MTX(ifmgd); 1492 ASSERT_MGD_MTX(ifmgd);
@@ -1479,14 +1518,6 @@ static void ieee80211_set_disassoc(struct ieee80211_sub_if_data *sdata,
1479 netif_tx_stop_all_queues(sdata->dev); 1518 netif_tx_stop_all_queues(sdata->dev);
1480 netif_carrier_off(sdata->dev); 1519 netif_carrier_off(sdata->dev);
1481 1520
1482 mutex_lock(&local->sta_mtx);
1483 sta = sta_info_get(sdata, ifmgd->bssid);
1484 if (sta) {
1485 set_sta_flag(sta, WLAN_STA_BLOCK_BA);
1486 ieee80211_sta_tear_down_BA_sessions(sta, false);
1487 }
1488 mutex_unlock(&local->sta_mtx);
1489
1490 /* 1521 /*
1491 * if we want to get out of ps before disassoc (why?) we have 1522 * if we want to get out of ps before disassoc (why?) we have
1492 * to do it before sending disassoc, as otherwise the null-packet 1523 * to do it before sending disassoc, as otherwise the null-packet
@@ -1518,7 +1549,7 @@ static void ieee80211_set_disassoc(struct ieee80211_sub_if_data *sdata,
1518 memset(ifmgd->bssid, 0, ETH_ALEN); 1549 memset(ifmgd->bssid, 0, ETH_ALEN);
1519 1550
1520 /* remove AP and TDLS peers */ 1551 /* remove AP and TDLS peers */
1521 sta_info_flush(local, sdata); 1552 sta_info_flush_defer(sdata);
1522 1553
1523 /* finally reset all BSS / config parameters */ 1554 /* finally reset all BSS / config parameters */
1524 changed |= ieee80211_reset_erp_info(sdata); 1555 changed |= ieee80211_reset_erp_info(sdata);
@@ -1540,10 +1571,8 @@ static void ieee80211_set_disassoc(struct ieee80211_sub_if_data *sdata,
1540 cancel_work_sync(&local->dynamic_ps_enable_work); 1571 cancel_work_sync(&local->dynamic_ps_enable_work);
1541 1572
1542 /* Disable ARP filtering */ 1573 /* Disable ARP filtering */
1543 if (sdata->vif.bss_conf.arp_filter_enabled) { 1574 if (sdata->vif.bss_conf.arp_addr_cnt)
1544 sdata->vif.bss_conf.arp_filter_enabled = false;
1545 changed |= BSS_CHANGED_ARP_FILTER; 1575 changed |= BSS_CHANGED_ARP_FILTER;
1546 }
1547 1576
1548 sdata->vif.bss_conf.qos = false; 1577 sdata->vif.bss_conf.qos = false;
1549 changed |= BSS_CHANGED_QOS; 1578 changed |= BSS_CHANGED_QOS;
@@ -1562,6 +1591,8 @@ static void ieee80211_set_disassoc(struct ieee80211_sub_if_data *sdata,
1562 1591
1563 sdata->u.mgd.timers_running = 0; 1592 sdata->u.mgd.timers_running = 0;
1564 1593
1594 sdata->vif.bss_conf.dtim_period = 0;
1595
1565 ifmgd->flags = 0; 1596 ifmgd->flags = 0;
1566 ieee80211_vif_release_channel(sdata); 1597 ieee80211_vif_release_channel(sdata);
1567} 1598}
@@ -2364,8 +2395,7 @@ ieee80211_rx_mgmt_assoc_resp(struct ieee80211_sub_if_data *sdata,
2364static void ieee80211_rx_bss_info(struct ieee80211_sub_if_data *sdata, 2395static void ieee80211_rx_bss_info(struct ieee80211_sub_if_data *sdata,
2365 struct ieee80211_mgmt *mgmt, size_t len, 2396 struct ieee80211_mgmt *mgmt, size_t len,
2366 struct ieee80211_rx_status *rx_status, 2397 struct ieee80211_rx_status *rx_status,
2367 struct ieee802_11_elems *elems, 2398 struct ieee802_11_elems *elems)
2368 bool beacon)
2369{ 2399{
2370 struct ieee80211_local *local = sdata->local; 2400 struct ieee80211_local *local = sdata->local;
2371 int freq; 2401 int freq;
@@ -2373,11 +2403,18 @@ static void ieee80211_rx_bss_info(struct ieee80211_sub_if_data *sdata,
2373 struct ieee80211_channel *channel; 2403 struct ieee80211_channel *channel;
2374 bool need_ps = false; 2404 bool need_ps = false;
2375 2405
2376 if (sdata->u.mgd.associated && 2406 if ((sdata->u.mgd.associated &&
2377 ether_addr_equal(mgmt->bssid, sdata->u.mgd.associated->bssid)) { 2407 ether_addr_equal(mgmt->bssid, sdata->u.mgd.associated->bssid)) ||
2378 bss = (void *)sdata->u.mgd.associated->priv; 2408 (sdata->u.mgd.assoc_data &&
2409 ether_addr_equal(mgmt->bssid,
2410 sdata->u.mgd.assoc_data->bss->bssid))) {
2379 /* not previously set so we may need to recalc */ 2411 /* not previously set so we may need to recalc */
2380 need_ps = !bss->dtim_period; 2412 need_ps = sdata->u.mgd.associated && !sdata->u.mgd.dtim_period;
2413
2414 if (elems->tim && !elems->parse_error) {
2415 struct ieee80211_tim_ie *tim_ie = elems->tim;
2416 sdata->u.mgd.dtim_period = tim_ie->dtim_period;
2417 }
2381 } 2418 }
2382 2419
2383 if (elems->ds_params && elems->ds_params_len == 1) 2420 if (elems->ds_params && elems->ds_params_len == 1)
@@ -2392,7 +2429,7 @@ static void ieee80211_rx_bss_info(struct ieee80211_sub_if_data *sdata,
2392 return; 2429 return;
2393 2430
2394 bss = ieee80211_bss_info_update(local, rx_status, mgmt, len, elems, 2431 bss = ieee80211_bss_info_update(local, rx_status, mgmt, len, elems,
2395 channel, beacon); 2432 channel);
2396 if (bss) 2433 if (bss)
2397 ieee80211_rx_bss_put(local, bss); 2434 ieee80211_rx_bss_put(local, bss);
2398 2435
@@ -2435,7 +2472,7 @@ static void ieee80211_rx_mgmt_probe_resp(struct ieee80211_sub_if_data *sdata,
2435 ieee802_11_parse_elems(mgmt->u.probe_resp.variable, len - baselen, 2472 ieee802_11_parse_elems(mgmt->u.probe_resp.variable, len - baselen,
2436 &elems); 2473 &elems);
2437 2474
2438 ieee80211_rx_bss_info(sdata, mgmt, len, rx_status, &elems, false); 2475 ieee80211_rx_bss_info(sdata, mgmt, len, rx_status, &elems);
2439 2476
2440 if (ifmgd->associated && 2477 if (ifmgd->associated &&
2441 ether_addr_equal(mgmt->bssid, ifmgd->associated->bssid)) 2478 ether_addr_equal(mgmt->bssid, ifmgd->associated->bssid))
@@ -2516,8 +2553,7 @@ static void ieee80211_rx_mgmt_beacon(struct ieee80211_sub_if_data *sdata,
2516 ieee802_11_parse_elems(mgmt->u.beacon.variable, 2553 ieee802_11_parse_elems(mgmt->u.beacon.variable,
2517 len - baselen, &elems); 2554 len - baselen, &elems);
2518 2555
2519 ieee80211_rx_bss_info(sdata, mgmt, len, rx_status, &elems, 2556 ieee80211_rx_bss_info(sdata, mgmt, len, rx_status, &elems);
2520 false);
2521 ifmgd->assoc_data->have_beacon = true; 2557 ifmgd->assoc_data->have_beacon = true;
2522 ifmgd->assoc_data->sent_assoc = false; 2558 ifmgd->assoc_data->sent_assoc = false;
2523 /* continue assoc process */ 2559 /* continue assoc process */
@@ -2559,12 +2595,12 @@ static void ieee80211_rx_mgmt_beacon(struct ieee80211_sub_if_data *sdata,
2559 if (sig > ifmgd->rssi_max_thold && 2595 if (sig > ifmgd->rssi_max_thold &&
2560 (last_sig <= ifmgd->rssi_min_thold || last_sig == 0)) { 2596 (last_sig <= ifmgd->rssi_min_thold || last_sig == 0)) {
2561 ifmgd->last_ave_beacon_signal = sig; 2597 ifmgd->last_ave_beacon_signal = sig;
2562 drv_rssi_callback(local, RSSI_EVENT_HIGH); 2598 drv_rssi_callback(local, sdata, RSSI_EVENT_HIGH);
2563 } else if (sig < ifmgd->rssi_min_thold && 2599 } else if (sig < ifmgd->rssi_min_thold &&
2564 (last_sig >= ifmgd->rssi_max_thold || 2600 (last_sig >= ifmgd->rssi_max_thold ||
2565 last_sig == 0)) { 2601 last_sig == 0)) {
2566 ifmgd->last_ave_beacon_signal = sig; 2602 ifmgd->last_ave_beacon_signal = sig;
2567 drv_rssi_callback(local, RSSI_EVENT_LOW); 2603 drv_rssi_callback(local, sdata, RSSI_EVENT_LOW);
2568 } 2604 }
2569 } 2605 }
2570 2606
@@ -2670,8 +2706,7 @@ static void ieee80211_rx_mgmt_beacon(struct ieee80211_sub_if_data *sdata,
2670 ifmgd->beacon_crc = ncrc; 2706 ifmgd->beacon_crc = ncrc;
2671 ifmgd->beacon_crc_valid = true; 2707 ifmgd->beacon_crc_valid = true;
2672 2708
2673 ieee80211_rx_bss_info(sdata, mgmt, len, rx_status, &elems, 2709 ieee80211_rx_bss_info(sdata, mgmt, len, rx_status, &elems);
2674 true);
2675 2710
2676 if (ieee80211_sta_wmm_params(local, sdata, elems.wmm_param, 2711 if (ieee80211_sta_wmm_params(local, sdata, elems.wmm_param,
2677 elems.wmm_param_len)) 2712 elems.wmm_param_len))
@@ -3121,23 +3156,22 @@ void ieee80211_sta_restart(struct ieee80211_sub_if_data *sdata)
3121{ 3156{
3122 struct ieee80211_if_managed *ifmgd = &sdata->u.mgd; 3157 struct ieee80211_if_managed *ifmgd = &sdata->u.mgd;
3123 3158
3124 if (!ifmgd->associated) 3159 mutex_lock(&ifmgd->mtx);
3160 if (!ifmgd->associated) {
3161 mutex_unlock(&ifmgd->mtx);
3125 return; 3162 return;
3163 }
3126 3164
3127 if (sdata->flags & IEEE80211_SDATA_DISCONNECT_RESUME) { 3165 if (sdata->flags & IEEE80211_SDATA_DISCONNECT_RESUME) {
3128 sdata->flags &= ~IEEE80211_SDATA_DISCONNECT_RESUME; 3166 sdata->flags &= ~IEEE80211_SDATA_DISCONNECT_RESUME;
3129 mutex_lock(&ifmgd->mtx); 3167 mlme_dbg(sdata, "driver requested disconnect after resume\n");
3130 if (ifmgd->associated) { 3168 ieee80211_sta_connection_lost(sdata,
3131 mlme_dbg(sdata, 3169 ifmgd->associated->bssid,
3132 "driver requested disconnect after resume\n"); 3170 WLAN_REASON_UNSPECIFIED);
3133 ieee80211_sta_connection_lost(sdata,
3134 ifmgd->associated->bssid,
3135 WLAN_REASON_UNSPECIFIED);
3136 mutex_unlock(&ifmgd->mtx);
3137 return;
3138 }
3139 mutex_unlock(&ifmgd->mtx); 3171 mutex_unlock(&ifmgd->mtx);
3172 return;
3140 } 3173 }
3174 mutex_unlock(&ifmgd->mtx);
3141 3175
3142 if (test_and_clear_bit(TMR_RUNNING_TIMER, &ifmgd->timers_running)) 3176 if (test_and_clear_bit(TMR_RUNNING_TIMER, &ifmgd->timers_running))
3143 add_timer(&ifmgd->timer); 3177 add_timer(&ifmgd->timer);
@@ -3744,7 +3778,7 @@ int ieee80211_mgd_assoc(struct ieee80211_sub_if_data *sdata,
3744 struct ieee80211_bss *bss = (void *)req->bss->priv; 3778 struct ieee80211_bss *bss = (void *)req->bss->priv;
3745 struct ieee80211_mgd_assoc_data *assoc_data; 3779 struct ieee80211_mgd_assoc_data *assoc_data;
3746 struct ieee80211_supported_band *sband; 3780 struct ieee80211_supported_band *sband;
3747 const u8 *ssidie, *ht_ie; 3781 const u8 *ssidie, *ht_ie, *vht_ie;
3748 int i, err; 3782 int i, err;
3749 3783
3750 assoc_data = kzalloc(sizeof(*assoc_data) + req->ie_len, GFP_KERNEL); 3784 assoc_data = kzalloc(sizeof(*assoc_data) + req->ie_len, GFP_KERNEL);
@@ -3863,6 +3897,12 @@ int ieee80211_mgd_assoc(struct ieee80211_sub_if_data *sdata,
3863 ((struct ieee80211_ht_operation *)(ht_ie + 2))->ht_param; 3897 ((struct ieee80211_ht_operation *)(ht_ie + 2))->ht_param;
3864 else 3898 else
3865 ifmgd->flags |= IEEE80211_STA_DISABLE_HT; 3899 ifmgd->flags |= IEEE80211_STA_DISABLE_HT;
3900 vht_ie = ieee80211_bss_get_ie(req->bss, WLAN_EID_VHT_CAPABILITY);
3901 if (vht_ie && vht_ie[1] >= sizeof(struct ieee80211_vht_cap))
3902 memcpy(&assoc_data->ap_vht_cap, vht_ie + 2,
3903 sizeof(struct ieee80211_vht_cap));
3904 else
3905 ifmgd->flags |= IEEE80211_STA_DISABLE_VHT;
3866 rcu_read_unlock(); 3906 rcu_read_unlock();
3867 3907
3868 if (bss->wmm_used && bss->uapsd_supported && 3908 if (bss->wmm_used && bss->uapsd_supported &&
@@ -3896,20 +3936,41 @@ int ieee80211_mgd_assoc(struct ieee80211_sub_if_data *sdata,
3896 /* kick off associate process */ 3936 /* kick off associate process */
3897 3937
3898 ifmgd->assoc_data = assoc_data; 3938 ifmgd->assoc_data = assoc_data;
3939 ifmgd->dtim_period = 0;
3899 3940
3900 err = ieee80211_prep_connection(sdata, req->bss, true); 3941 err = ieee80211_prep_connection(sdata, req->bss, true);
3901 if (err) 3942 if (err)
3902 goto err_clear; 3943 goto err_clear;
3903 3944
3904 if (!bss->dtim_period && 3945 if (sdata->local->hw.flags & IEEE80211_HW_NEED_DTIM_PERIOD) {
3905 sdata->local->hw.flags & IEEE80211_HW_NEED_DTIM_PERIOD) { 3946 const struct cfg80211_bss_ies *beacon_ies;
3906 /* 3947
3907 * Wait up to one beacon interval ... 3948 rcu_read_lock();
3908 * should this be more if we miss one? 3949 beacon_ies = rcu_dereference(req->bss->beacon_ies);
3909 */ 3950 if (!beacon_ies) {
3910 sdata_info(sdata, "waiting for beacon from %pM\n", 3951 /*
3911 ifmgd->bssid); 3952 * Wait up to one beacon interval ...
3912 assoc_data->timeout = TU_TO_EXP_TIME(req->bss->beacon_interval); 3953 * should this be more if we miss one?
3954 */
3955 sdata_info(sdata, "waiting for beacon from %pM\n",
3956 ifmgd->bssid);
3957 assoc_data->timeout =
3958 TU_TO_EXP_TIME(req->bss->beacon_interval);
3959 } else {
3960 const u8 *tim_ie = cfg80211_find_ie(WLAN_EID_TIM,
3961 beacon_ies->data,
3962 beacon_ies->len);
3963 if (tim_ie && tim_ie[1] >=
3964 sizeof(struct ieee80211_tim_ie)) {
3965 const struct ieee80211_tim_ie *tim;
3966 tim = (void *)(tim_ie + 2);
3967 ifmgd->dtim_period = tim->dtim_period;
3968 }
3969 assoc_data->have_beacon = true;
3970 assoc_data->sent_assoc = false;
3971 assoc_data->timeout = jiffies;
3972 }
3973 rcu_read_unlock();
3913 } else { 3974 } else {
3914 assoc_data->have_beacon = true; 3975 assoc_data->have_beacon = true;
3915 assoc_data->sent_assoc = false; 3976 assoc_data->sent_assoc = false;
diff --git a/net/mac80211/offchannel.c b/net/mac80211/offchannel.c
index a5379aea7d09..82baf5b6ecf4 100644
--- a/net/mac80211/offchannel.c
+++ b/net/mac80211/offchannel.c
@@ -102,8 +102,7 @@ static void ieee80211_offchannel_ps_disable(struct ieee80211_sub_if_data *sdata)
102 ieee80211_sta_reset_conn_monitor(sdata); 102 ieee80211_sta_reset_conn_monitor(sdata);
103} 103}
104 104
105void ieee80211_offchannel_stop_vifs(struct ieee80211_local *local, 105void ieee80211_offchannel_stop_vifs(struct ieee80211_local *local)
106 bool offchannel_ps_enable)
107{ 106{
108 struct ieee80211_sub_if_data *sdata; 107 struct ieee80211_sub_if_data *sdata;
109 108
@@ -126,16 +125,17 @@ void ieee80211_offchannel_stop_vifs(struct ieee80211_local *local,
126 set_bit(SDATA_STATE_OFFCHANNEL, &sdata->state); 125 set_bit(SDATA_STATE_OFFCHANNEL, &sdata->state);
127 126
128 /* Check to see if we should disable beaconing. */ 127 /* Check to see if we should disable beaconing. */
129 if (sdata->vif.type == NL80211_IFTYPE_AP || 128 if (sdata->vif.bss_conf.enable_beacon) {
130 sdata->vif.type == NL80211_IFTYPE_ADHOC || 129 set_bit(SDATA_STATE_OFFCHANNEL_BEACON_STOPPED,
131 sdata->vif.type == NL80211_IFTYPE_MESH_POINT) 130 &sdata->state);
131 sdata->vif.bss_conf.enable_beacon = false;
132 ieee80211_bss_info_change_notify( 132 ieee80211_bss_info_change_notify(
133 sdata, BSS_CHANGED_BEACON_ENABLED); 133 sdata, BSS_CHANGED_BEACON_ENABLED);
134 }
134 135
135 if (sdata->vif.type != NL80211_IFTYPE_MONITOR) { 136 if (sdata->vif.type != NL80211_IFTYPE_MONITOR) {
136 netif_tx_stop_all_queues(sdata->dev); 137 netif_tx_stop_all_queues(sdata->dev);
137 if (offchannel_ps_enable && 138 if (sdata->vif.type == NL80211_IFTYPE_STATION &&
138 (sdata->vif.type == NL80211_IFTYPE_STATION) &&
139 sdata->u.mgd.associated) 139 sdata->u.mgd.associated)
140 ieee80211_offchannel_ps_enable(sdata); 140 ieee80211_offchannel_ps_enable(sdata);
141 } 141 }
@@ -143,8 +143,7 @@ void ieee80211_offchannel_stop_vifs(struct ieee80211_local *local,
143 mutex_unlock(&local->iflist_mtx); 143 mutex_unlock(&local->iflist_mtx);
144} 144}
145 145
146void ieee80211_offchannel_return(struct ieee80211_local *local, 146void ieee80211_offchannel_return(struct ieee80211_local *local)
147 bool offchannel_ps_disable)
148{ 147{
149 struct ieee80211_sub_if_data *sdata; 148 struct ieee80211_sub_if_data *sdata;
150 149
@@ -163,11 +162,9 @@ void ieee80211_offchannel_return(struct ieee80211_local *local,
163 continue; 162 continue;
164 163
165 /* Tell AP we're back */ 164 /* Tell AP we're back */
166 if (offchannel_ps_disable && 165 if (sdata->vif.type == NL80211_IFTYPE_STATION &&
167 sdata->vif.type == NL80211_IFTYPE_STATION) { 166 sdata->u.mgd.associated)
168 if (sdata->u.mgd.associated) 167 ieee80211_offchannel_ps_disable(sdata);
169 ieee80211_offchannel_ps_disable(sdata);
170 }
171 168
172 if (sdata->vif.type != NL80211_IFTYPE_MONITOR) { 169 if (sdata->vif.type != NL80211_IFTYPE_MONITOR) {
173 /* 170 /*
@@ -183,11 +180,12 @@ void ieee80211_offchannel_return(struct ieee80211_local *local,
183 netif_tx_wake_all_queues(sdata->dev); 180 netif_tx_wake_all_queues(sdata->dev);
184 } 181 }
185 182
186 if (sdata->vif.type == NL80211_IFTYPE_AP || 183 if (test_and_clear_bit(SDATA_STATE_OFFCHANNEL_BEACON_STOPPED,
187 sdata->vif.type == NL80211_IFTYPE_ADHOC || 184 &sdata->state)) {
188 sdata->vif.type == NL80211_IFTYPE_MESH_POINT) 185 sdata->vif.bss_conf.enable_beacon = true;
189 ieee80211_bss_info_change_notify( 186 ieee80211_bss_info_change_notify(
190 sdata, BSS_CHANGED_BEACON_ENABLED); 187 sdata, BSS_CHANGED_BEACON_ENABLED);
188 }
191 } 189 }
192 mutex_unlock(&local->iflist_mtx); 190 mutex_unlock(&local->iflist_mtx);
193} 191}
@@ -385,7 +383,7 @@ void ieee80211_sw_roc_work(struct work_struct *work)
385 local->tmp_channel = NULL; 383 local->tmp_channel = NULL;
386 ieee80211_hw_config(local, 0); 384 ieee80211_hw_config(local, 0);
387 385
388 ieee80211_offchannel_return(local, true); 386 ieee80211_offchannel_return(local);
389 } 387 }
390 388
391 ieee80211_recalc_idle(local); 389 ieee80211_recalc_idle(local);
diff --git a/net/mac80211/pm.c b/net/mac80211/pm.c
index 79a48f37d409..e45b83610e85 100644
--- a/net/mac80211/pm.c
+++ b/net/mac80211/pm.c
@@ -7,25 +7,23 @@
7#include "led.h" 7#include "led.h"
8 8
9/* return value indicates whether the driver should be further notified */ 9/* return value indicates whether the driver should be further notified */
10static bool ieee80211_quiesce(struct ieee80211_sub_if_data *sdata) 10static void ieee80211_quiesce(struct ieee80211_sub_if_data *sdata)
11{ 11{
12 switch (sdata->vif.type) { 12 switch (sdata->vif.type) {
13 case NL80211_IFTYPE_STATION: 13 case NL80211_IFTYPE_STATION:
14 ieee80211_sta_quiesce(sdata); 14 ieee80211_sta_quiesce(sdata);
15 return true; 15 break;
16 case NL80211_IFTYPE_ADHOC: 16 case NL80211_IFTYPE_ADHOC:
17 ieee80211_ibss_quiesce(sdata); 17 ieee80211_ibss_quiesce(sdata);
18 return true; 18 break;
19 case NL80211_IFTYPE_MESH_POINT: 19 case NL80211_IFTYPE_MESH_POINT:
20 ieee80211_mesh_quiesce(sdata); 20 ieee80211_mesh_quiesce(sdata);
21 return true; 21 break;
22 case NL80211_IFTYPE_AP_VLAN:
23 case NL80211_IFTYPE_MONITOR:
24 /* don't tell driver about this */
25 return false;
26 default: 22 default:
27 return true; 23 break;
28 } 24 }
25
26 cancel_work_sync(&sdata->work);
29} 27}
30 28
31int __ieee80211_suspend(struct ieee80211_hw *hw, struct cfg80211_wowlan *wowlan) 29int __ieee80211_suspend(struct ieee80211_hw *hw, struct cfg80211_wowlan *wowlan)
@@ -44,7 +42,8 @@ int __ieee80211_suspend(struct ieee80211_hw *hw, struct cfg80211_wowlan *wowlan)
44 mutex_lock(&local->sta_mtx); 42 mutex_lock(&local->sta_mtx);
45 list_for_each_entry(sta, &local->sta_list, list) { 43 list_for_each_entry(sta, &local->sta_list, list) {
46 set_sta_flag(sta, WLAN_STA_BLOCK_BA); 44 set_sta_flag(sta, WLAN_STA_BLOCK_BA);
47 ieee80211_sta_tear_down_BA_sessions(sta, true); 45 ieee80211_sta_tear_down_BA_sessions(
46 sta, AGG_STOP_LOCAL_REQUEST);
48 } 47 }
49 mutex_unlock(&local->sta_mtx); 48 mutex_unlock(&local->sta_mtx);
50 } 49 }
@@ -94,10 +93,9 @@ int __ieee80211_suspend(struct ieee80211_hw *hw, struct cfg80211_wowlan *wowlan)
94 WARN_ON(err != 1); 93 WARN_ON(err != 1);
95 local->wowlan = false; 94 local->wowlan = false;
96 } else { 95 } else {
97 list_for_each_entry(sdata, &local->interfaces, list) { 96 list_for_each_entry(sdata, &local->interfaces, list)
98 cancel_work_sync(&sdata->work); 97 if (ieee80211_sdata_running(sdata))
99 ieee80211_quiesce(sdata); 98 ieee80211_quiesce(sdata);
100 }
101 goto suspend; 99 goto suspend;
102 } 100 }
103 } 101 }
@@ -124,17 +122,43 @@ int __ieee80211_suspend(struct ieee80211_hw *hw, struct cfg80211_wowlan *wowlan)
124 122
125 /* remove all interfaces */ 123 /* remove all interfaces */
126 list_for_each_entry(sdata, &local->interfaces, list) { 124 list_for_each_entry(sdata, &local->interfaces, list) {
127 cancel_work_sync(&sdata->work); 125 static u8 zero_addr[ETH_ALEN] = {};
126 u32 changed = 0;
128 127
129 if (!ieee80211_quiesce(sdata)) 128 if (!ieee80211_sdata_running(sdata))
130 continue; 129 continue;
131 130
132 if (!ieee80211_sdata_running(sdata)) 131 switch (sdata->vif.type) {
132 case NL80211_IFTYPE_AP_VLAN:
133 case NL80211_IFTYPE_MONITOR:
134 /* skip these */
133 continue; 135 continue;
136 case NL80211_IFTYPE_STATION:
137 if (sdata->vif.bss_conf.assoc)
138 changed = BSS_CHANGED_ASSOC |
139 BSS_CHANGED_BSSID |
140 BSS_CHANGED_IDLE;
141 break;
142 case NL80211_IFTYPE_AP:
143 case NL80211_IFTYPE_ADHOC:
144 case NL80211_IFTYPE_MESH_POINT:
145 if (sdata->vif.bss_conf.enable_beacon)
146 changed = BSS_CHANGED_BEACON_ENABLED;
147 break;
148 default:
149 break;
150 }
151
152 ieee80211_quiesce(sdata);
153
154 sdata->suspend_bss_conf = sdata->vif.bss_conf;
155 memset(&sdata->vif.bss_conf, 0, sizeof(sdata->vif.bss_conf));
156 sdata->vif.bss_conf.idle = true;
157 if (sdata->suspend_bss_conf.bssid)
158 sdata->vif.bss_conf.bssid = zero_addr;
134 159
135 /* disable beaconing */ 160 /* disable beaconing or remove association */
136 ieee80211_bss_info_change_notify(sdata, 161 ieee80211_bss_info_change_notify(sdata, changed);
137 BSS_CHANGED_BEACON_ENABLED);
138 162
139 if (sdata->vif.type == NL80211_IFTYPE_AP && 163 if (sdata->vif.type == NL80211_IFTYPE_AP &&
140 rcu_access_pointer(sdata->u.ap.beacon)) 164 rcu_access_pointer(sdata->u.ap.beacon))
diff --git a/net/mac80211/rx.c b/net/mac80211/rx.c
index 580704eba8b8..a19089565c4b 100644
--- a/net/mac80211/rx.c
+++ b/net/mac80211/rx.c
@@ -2353,7 +2353,7 @@ ieee80211_rx_h_action(struct ieee80211_rx_data *rx)
2353 sdata->vif.type != NL80211_IFTYPE_ADHOC) 2353 sdata->vif.type != NL80211_IFTYPE_ADHOC)
2354 break; 2354 break;
2355 2355
2356 /* verify action & smps_control are present */ 2356 /* verify action & smps_control/chanwidth are present */
2357 if (len < IEEE80211_MIN_ACTION_SIZE + 2) 2357 if (len < IEEE80211_MIN_ACTION_SIZE + 2)
2358 goto invalid; 2358 goto invalid;
2359 2359
@@ -2392,6 +2392,35 @@ ieee80211_rx_h_action(struct ieee80211_rx_data *rx)
2392 IEEE80211_RC_SMPS_CHANGED); 2392 IEEE80211_RC_SMPS_CHANGED);
2393 goto handled; 2393 goto handled;
2394 } 2394 }
2395 case WLAN_HT_ACTION_NOTIFY_CHANWIDTH: {
2396 struct ieee80211_supported_band *sband;
2397 u8 chanwidth = mgmt->u.action.u.ht_notify_cw.chanwidth;
2398 bool old_40mhz, new_40mhz;
2399
2400 /* If it doesn't support 40 MHz it can't change ... */
2401 if (!rx->sta->supports_40mhz)
2402 goto handled;
2403
2404 old_40mhz = rx->sta->sta.ht_cap.cap &
2405 IEEE80211_HT_CAP_SUP_WIDTH_20_40;
2406 new_40mhz = chanwidth == IEEE80211_HT_CHANWIDTH_ANY;
2407
2408 if (old_40mhz == new_40mhz)
2409 goto handled;
2410
2411 if (new_40mhz)
2412 rx->sta->sta.ht_cap.cap |=
2413 IEEE80211_HT_CAP_SUP_WIDTH_20_40;
2414 else
2415 rx->sta->sta.ht_cap.cap &=
2416 ~IEEE80211_HT_CAP_SUP_WIDTH_20_40;
2417
2418 sband = rx->local->hw.wiphy->bands[status->band];
2419
2420 rate_control_rate_update(local, sband, rx->sta,
2421 IEEE80211_RC_BW_CHANGED);
2422 goto handled;
2423 }
2395 default: 2424 default:
2396 goto invalid; 2425 goto invalid;
2397 } 2426 }
diff --git a/net/mac80211/scan.c b/net/mac80211/scan.c
index 8ed83dcc149f..607684c47d55 100644
--- a/net/mac80211/scan.c
+++ b/net/mac80211/scan.c
@@ -65,12 +65,11 @@ static bool is_uapsd_supported(struct ieee802_11_elems *elems)
65struct ieee80211_bss * 65struct ieee80211_bss *
66ieee80211_bss_info_update(struct ieee80211_local *local, 66ieee80211_bss_info_update(struct ieee80211_local *local,
67 struct ieee80211_rx_status *rx_status, 67 struct ieee80211_rx_status *rx_status,
68 struct ieee80211_mgmt *mgmt, 68 struct ieee80211_mgmt *mgmt, size_t len,
69 size_t len,
70 struct ieee802_11_elems *elems, 69 struct ieee802_11_elems *elems,
71 struct ieee80211_channel *channel, 70 struct ieee80211_channel *channel)
72 bool beacon)
73{ 71{
72 bool beacon = ieee80211_is_beacon(mgmt->frame_control);
74 struct cfg80211_bss *cbss; 73 struct cfg80211_bss *cbss;
75 struct ieee80211_bss *bss; 74 struct ieee80211_bss *bss;
76 int clen, srlen; 75 int clen, srlen;
@@ -113,18 +112,6 @@ ieee80211_bss_info_update(struct ieee80211_local *local,
113 bss->valid_data |= IEEE80211_BSS_VALID_ERP; 112 bss->valid_data |= IEEE80211_BSS_VALID_ERP;
114 } 113 }
115 114
116 if (elems->tim && (!elems->parse_error ||
117 !(bss->valid_data & IEEE80211_BSS_VALID_DTIM))) {
118 struct ieee80211_tim_ie *tim_ie = elems->tim;
119 bss->dtim_period = tim_ie->dtim_period;
120 if (!elems->parse_error)
121 bss->valid_data |= IEEE80211_BSS_VALID_DTIM;
122 }
123
124 /* If the beacon had no TIM IE, or it was invalid, use 1 */
125 if (beacon && !bss->dtim_period)
126 bss->dtim_period = 1;
127
128 /* replace old supported rates if we get new values */ 115 /* replace old supported rates if we get new values */
129 if (!elems->parse_error || 116 if (!elems->parse_error ||
130 !(bss->valid_data & IEEE80211_BSS_VALID_RATES)) { 117 !(bss->valid_data & IEEE80211_BSS_VALID_RATES)) {
@@ -215,7 +202,7 @@ void ieee80211_scan_rx(struct ieee80211_local *local, struct sk_buff *skb)
215 202
216 bss = ieee80211_bss_info_update(local, rx_status, 203 bss = ieee80211_bss_info_update(local, rx_status,
217 mgmt, skb->len, &elems, 204 mgmt, skb->len, &elems,
218 channel, beacon); 205 channel);
219 if (bss) 206 if (bss)
220 ieee80211_rx_bss_put(local, bss); 207 ieee80211_rx_bss_put(local, bss);
221} 208}
@@ -304,7 +291,7 @@ static void __ieee80211_scan_completed(struct ieee80211_hw *hw, bool aborted,
304 if (!was_hw_scan) { 291 if (!was_hw_scan) {
305 ieee80211_configure_filter(local); 292 ieee80211_configure_filter(local);
306 drv_sw_scan_complete(local); 293 drv_sw_scan_complete(local);
307 ieee80211_offchannel_return(local, true); 294 ieee80211_offchannel_return(local);
308 } 295 }
309 296
310 ieee80211_recalc_idle(local); 297 ieee80211_recalc_idle(local);
@@ -353,7 +340,7 @@ static int ieee80211_start_sw_scan(struct ieee80211_local *local)
353 local->next_scan_state = SCAN_DECISION; 340 local->next_scan_state = SCAN_DECISION;
354 local->scan_channel_idx = 0; 341 local->scan_channel_idx = 0;
355 342
356 ieee80211_offchannel_stop_vifs(local, true); 343 ieee80211_offchannel_stop_vifs(local);
357 344
358 ieee80211_configure_filter(local); 345 ieee80211_configure_filter(local);
359 346
@@ -690,12 +677,8 @@ static void ieee80211_scan_state_suspend(struct ieee80211_local *local,
690 local->scan_channel = NULL; 677 local->scan_channel = NULL;
691 ieee80211_hw_config(local, IEEE80211_CONF_CHANGE_CHANNEL); 678 ieee80211_hw_config(local, IEEE80211_CONF_CHANGE_CHANNEL);
692 679
693 /* 680 /* disable PS */
694 * Re-enable vifs and beaconing. Leave PS 681 ieee80211_offchannel_return(local);
695 * in off-channel state..will put that back
696 * on-channel at the end of scanning.
697 */
698 ieee80211_offchannel_return(local, false);
699 682
700 *next_delay = HZ / 5; 683 *next_delay = HZ / 5;
701 /* afterwards, resume scan & go to next channel */ 684 /* afterwards, resume scan & go to next channel */
@@ -705,8 +688,7 @@ static void ieee80211_scan_state_suspend(struct ieee80211_local *local,
705static void ieee80211_scan_state_resume(struct ieee80211_local *local, 688static void ieee80211_scan_state_resume(struct ieee80211_local *local,
706 unsigned long *next_delay) 689 unsigned long *next_delay)
707{ 690{
708 /* PS already is in off-channel mode */ 691 ieee80211_offchannel_stop_vifs(local);
709 ieee80211_offchannel_stop_vifs(local, false);
710 692
711 if (local->ops->flush) { 693 if (local->ops->flush) {
712 drv_flush(local, false); 694 drv_flush(local, false);
@@ -832,9 +814,9 @@ int ieee80211_request_scan(struct ieee80211_sub_if_data *sdata,
832 return res; 814 return res;
833} 815}
834 816
835int ieee80211_request_internal_scan(struct ieee80211_sub_if_data *sdata, 817int ieee80211_request_ibss_scan(struct ieee80211_sub_if_data *sdata,
836 const u8 *ssid, u8 ssid_len, 818 const u8 *ssid, u8 ssid_len,
837 struct ieee80211_channel *chan) 819 struct ieee80211_channel *chan)
838{ 820{
839 struct ieee80211_local *local = sdata->local; 821 struct ieee80211_local *local = sdata->local;
840 int ret = -EBUSY; 822 int ret = -EBUSY;
@@ -848,22 +830,36 @@ int ieee80211_request_internal_scan(struct ieee80211_sub_if_data *sdata,
848 830
849 /* fill internal scan request */ 831 /* fill internal scan request */
850 if (!chan) { 832 if (!chan) {
851 int i, nchan = 0; 833 int i, max_n;
834 int n_ch = 0;
852 835
853 for (band = 0; band < IEEE80211_NUM_BANDS; band++) { 836 for (band = 0; band < IEEE80211_NUM_BANDS; band++) {
854 if (!local->hw.wiphy->bands[band]) 837 if (!local->hw.wiphy->bands[band])
855 continue; 838 continue;
856 for (i = 0; 839
857 i < local->hw.wiphy->bands[band]->n_channels; 840 max_n = local->hw.wiphy->bands[band]->n_channels;
858 i++) { 841 for (i = 0; i < max_n; i++) {
859 local->int_scan_req->channels[nchan] = 842 struct ieee80211_channel *tmp_ch =
860 &local->hw.wiphy->bands[band]->channels[i]; 843 &local->hw.wiphy->bands[band]->channels[i];
861 nchan++; 844
845 if (tmp_ch->flags & (IEEE80211_CHAN_NO_IBSS |
846 IEEE80211_CHAN_DISABLED))
847 continue;
848
849 local->int_scan_req->channels[n_ch] = tmp_ch;
850 n_ch++;
862 } 851 }
863 } 852 }
864 853
865 local->int_scan_req->n_channels = nchan; 854 if (WARN_ON_ONCE(n_ch == 0))
855 goto unlock;
856
857 local->int_scan_req->n_channels = n_ch;
866 } else { 858 } else {
859 if (WARN_ON_ONCE(chan->flags & (IEEE80211_CHAN_NO_IBSS |
860 IEEE80211_CHAN_DISABLED)))
861 goto unlock;
862
867 local->int_scan_req->channels[0] = chan; 863 local->int_scan_req->channels[0] = chan;
868 local->int_scan_req->n_channels = 1; 864 local->int_scan_req->n_channels = 1;
869 } 865 }
diff --git a/net/mac80211/sta_info.c b/net/mac80211/sta_info.c
index f3e502502fee..227233c3ff7f 100644
--- a/net/mac80211/sta_info.c
+++ b/net/mac80211/sta_info.c
@@ -91,9 +91,8 @@ static int sta_info_hash_del(struct ieee80211_local *local,
91 return -ENOENT; 91 return -ENOENT;
92} 92}
93 93
94static void free_sta_work(struct work_struct *wk) 94static void cleanup_single_sta(struct sta_info *sta)
95{ 95{
96 struct sta_info *sta = container_of(wk, struct sta_info, free_sta_wk);
97 int ac, i; 96 int ac, i;
98 struct tid_ampdu_tx *tid_tx; 97 struct tid_ampdu_tx *tid_tx;
99 struct ieee80211_sub_if_data *sdata = sta->sdata; 98 struct ieee80211_sub_if_data *sdata = sta->sdata;
@@ -105,6 +104,16 @@ static void free_sta_work(struct work_struct *wk)
105 * neither mac80211 nor the driver can reference this 104 * neither mac80211 nor the driver can reference this
106 * sta struct any more except by still existing timers 105 * sta struct any more except by still existing timers
107 * associated with this station that we clean up below. 106 * associated with this station that we clean up below.
107 *
108 * Note though that this still uses the sdata and even
109 * calls the driver in AP and mesh mode, so interfaces
110 * of those types mush use call sta_info_flush_cleanup()
111 * (typically via sta_info_flush()) before deconfiguring
112 * the driver.
113 *
114 * In station mode, nothing happens here so it doesn't
115 * have to (and doesn't) do that, this is intentional to
116 * speed up roaming.
108 */ 117 */
109 118
110 if (test_sta_flag(sta, WLAN_STA_PS_STA)) { 119 if (test_sta_flag(sta, WLAN_STA_PS_STA)) {
@@ -153,11 +162,35 @@ static void free_sta_work(struct work_struct *wk)
153 sta_info_free(local, sta); 162 sta_info_free(local, sta);
154} 163}
155 164
165void ieee80211_cleanup_sdata_stas(struct ieee80211_sub_if_data *sdata)
166{
167 struct sta_info *sta;
168
169 spin_lock_bh(&sdata->cleanup_stations_lock);
170 while (!list_empty(&sdata->cleanup_stations)) {
171 sta = list_first_entry(&sdata->cleanup_stations,
172 struct sta_info, list);
173 list_del(&sta->list);
174 spin_unlock_bh(&sdata->cleanup_stations_lock);
175
176 cleanup_single_sta(sta);
177
178 spin_lock_bh(&sdata->cleanup_stations_lock);
179 }
180
181 spin_unlock_bh(&sdata->cleanup_stations_lock);
182}
183
156static void free_sta_rcu(struct rcu_head *h) 184static void free_sta_rcu(struct rcu_head *h)
157{ 185{
158 struct sta_info *sta = container_of(h, struct sta_info, rcu_head); 186 struct sta_info *sta = container_of(h, struct sta_info, rcu_head);
187 struct ieee80211_sub_if_data *sdata = sta->sdata;
188
189 spin_lock(&sdata->cleanup_stations_lock);
190 list_add_tail(&sta->list, &sdata->cleanup_stations);
191 spin_unlock(&sdata->cleanup_stations_lock);
159 192
160 ieee80211_queue_work(&sta->local->hw, &sta->free_sta_wk); 193 ieee80211_queue_work(&sdata->local->hw, &sdata->cleanup_stations_wk);
161} 194}
162 195
163/* protected by RCU */ 196/* protected by RCU */
@@ -310,7 +343,6 @@ struct sta_info *sta_info_alloc(struct ieee80211_sub_if_data *sdata,
310 343
311 spin_lock_init(&sta->lock); 344 spin_lock_init(&sta->lock);
312 INIT_WORK(&sta->drv_unblock_wk, sta_unblock); 345 INIT_WORK(&sta->drv_unblock_wk, sta_unblock);
313 INIT_WORK(&sta->free_sta_wk, free_sta_work);
314 INIT_WORK(&sta->ampdu_mlme.work, ieee80211_ba_session_work); 346 INIT_WORK(&sta->ampdu_mlme.work, ieee80211_ba_session_work);
315 mutex_init(&sta->ampdu_mlme.mtx); 347 mutex_init(&sta->ampdu_mlme.mtx);
316 348
@@ -348,11 +380,6 @@ struct sta_info *sta_info_alloc(struct ieee80211_sub_if_data *sdata,
348 380
349 sta_dbg(sdata, "Allocated STA %pM\n", sta->sta.addr); 381 sta_dbg(sdata, "Allocated STA %pM\n", sta->sta.addr);
350 382
351#ifdef CONFIG_MAC80211_MESH
352 sta->plink_state = NL80211_PLINK_LISTEN;
353 init_timer(&sta->plink_timer);
354#endif
355
356 return sta; 383 return sta;
357} 384}
358 385
@@ -752,7 +779,7 @@ int __must_check __sta_info_destroy(struct sta_info *sta)
752 * will be sufficient. 779 * will be sufficient.
753 */ 780 */
754 set_sta_flag(sta, WLAN_STA_BLOCK_BA); 781 set_sta_flag(sta, WLAN_STA_BLOCK_BA);
755 ieee80211_sta_tear_down_BA_sessions(sta, false); 782 ieee80211_sta_tear_down_BA_sessions(sta, AGG_STOP_DESTROY_STA);
756 783
757 ret = sta_info_hash_del(local, sta); 784 ret = sta_info_hash_del(local, sta);
758 if (ret) 785 if (ret)
@@ -862,21 +889,13 @@ void sta_info_init(struct ieee80211_local *local)
862 889
863void sta_info_stop(struct ieee80211_local *local) 890void sta_info_stop(struct ieee80211_local *local)
864{ 891{
865 del_timer(&local->sta_cleanup); 892 del_timer_sync(&local->sta_cleanup);
866 sta_info_flush(local, NULL);
867} 893}
868 894
869/** 895
870 * sta_info_flush - flush matching STA entries from the STA table 896int sta_info_flush_defer(struct ieee80211_sub_if_data *sdata)
871 *
872 * Returns the number of removed STA entries.
873 *
874 * @local: local interface data
875 * @sdata: matching rule for the net device (sta->dev) or %NULL to match all STAs
876 */
877int sta_info_flush(struct ieee80211_local *local,
878 struct ieee80211_sub_if_data *sdata)
879{ 897{
898 struct ieee80211_local *local = sdata->local;
880 struct sta_info *sta, *tmp; 899 struct sta_info *sta, *tmp;
881 int ret = 0; 900 int ret = 0;
882 901
@@ -884,7 +903,7 @@ int sta_info_flush(struct ieee80211_local *local,
884 903
885 mutex_lock(&local->sta_mtx); 904 mutex_lock(&local->sta_mtx);
886 list_for_each_entry_safe(sta, tmp, &local->sta_list, list) { 905 list_for_each_entry_safe(sta, tmp, &local->sta_list, list) {
887 if (!sdata || sdata == sta->sdata) { 906 if (sdata == sta->sdata) {
888 WARN_ON(__sta_info_destroy(sta)); 907 WARN_ON(__sta_info_destroy(sta));
889 ret++; 908 ret++;
890 } 909 }
@@ -894,6 +913,12 @@ int sta_info_flush(struct ieee80211_local *local,
894 return ret; 913 return ret;
895} 914}
896 915
916void sta_info_flush_cleanup(struct ieee80211_sub_if_data *sdata)
917{
918 ieee80211_cleanup_sdata_stas(sdata);
919 cancel_work_sync(&sdata->cleanup_stations_wk);
920}
921
897void ieee80211_sta_expire(struct ieee80211_sub_if_data *sdata, 922void ieee80211_sta_expire(struct ieee80211_sub_if_data *sdata,
898 unsigned long exp_time) 923 unsigned long exp_time)
899{ 924{
diff --git a/net/mac80211/sta_info.h b/net/mac80211/sta_info.h
index 1489bca9ea97..af7d78aa5523 100644
--- a/net/mac80211/sta_info.h
+++ b/net/mac80211/sta_info.h
@@ -92,6 +92,13 @@ enum ieee80211_sta_info_flags {
92#define HT_AGG_STATE_WANT_START 4 92#define HT_AGG_STATE_WANT_START 4
93#define HT_AGG_STATE_WANT_STOP 5 93#define HT_AGG_STATE_WANT_STOP 5
94 94
95enum ieee80211_agg_stop_reason {
96 AGG_STOP_DECLINED,
97 AGG_STOP_LOCAL_REQUEST,
98 AGG_STOP_PEER_REQUEST,
99 AGG_STOP_DESTROY_STA,
100};
101
95/** 102/**
96 * struct tid_ampdu_tx - TID aggregation information (Tx). 103 * struct tid_ampdu_tx - TID aggregation information (Tx).
97 * 104 *
@@ -299,7 +306,6 @@ struct sta_info {
299 spinlock_t lock; 306 spinlock_t lock;
300 307
301 struct work_struct drv_unblock_wk; 308 struct work_struct drv_unblock_wk;
302 struct work_struct free_sta_wk;
303 309
304 u16 listen_interval; 310 u16 listen_interval;
305 311
@@ -549,8 +555,39 @@ void sta_info_recalc_tim(struct sta_info *sta);
549 555
550void sta_info_init(struct ieee80211_local *local); 556void sta_info_init(struct ieee80211_local *local);
551void sta_info_stop(struct ieee80211_local *local); 557void sta_info_stop(struct ieee80211_local *local);
552int sta_info_flush(struct ieee80211_local *local, 558int sta_info_flush_defer(struct ieee80211_sub_if_data *sdata);
553 struct ieee80211_sub_if_data *sdata); 559
560/**
561 * sta_info_flush_cleanup - flush the sta_info cleanup queue
562 * @sdata: the interface
563 *
564 * Flushes the sta_info cleanup queue for a given interface;
565 * this is necessary before the interface is removed or, for
566 * AP/mesh interfaces, before it is deconfigured.
567 *
568 * Note an rcu_barrier() must precede the function, after all
569 * stations have been flushed/removed to ensure the call_rcu()
570 * calls that add stations to the cleanup queue have completed.
571 */
572void sta_info_flush_cleanup(struct ieee80211_sub_if_data *sdata);
573
574/**
575 * sta_info_flush - flush matching STA entries from the STA table
576 *
577 * Returns the number of removed STA entries.
578 *
579 * @sdata: sdata to remove all stations from
580 */
581static inline int sta_info_flush(struct ieee80211_sub_if_data *sdata)
582{
583 int ret = sta_info_flush_defer(sdata);
584
585 rcu_barrier();
586 sta_info_flush_cleanup(sdata);
587
588 return ret;
589}
590
554void sta_set_rate_info_tx(struct sta_info *sta, 591void sta_set_rate_info_tx(struct sta_info *sta,
555 const struct ieee80211_tx_rate *rate, 592 const struct ieee80211_tx_rate *rate,
556 struct rate_info *rinfo); 593 struct rate_info *rinfo);
@@ -563,4 +600,6 @@ void ieee80211_sta_ps_deliver_wakeup(struct sta_info *sta);
563void ieee80211_sta_ps_deliver_poll_response(struct sta_info *sta); 600void ieee80211_sta_ps_deliver_poll_response(struct sta_info *sta);
564void ieee80211_sta_ps_deliver_uapsd(struct sta_info *sta); 601void ieee80211_sta_ps_deliver_uapsd(struct sta_info *sta);
565 602
603void ieee80211_cleanup_sdata_stas(struct ieee80211_sub_if_data *sdata);
604
566#endif /* STA_INFO_H */ 605#endif /* STA_INFO_H */
diff --git a/net/mac80211/trace.h b/net/mac80211/trace.h
index a8270b441a6f..6ca53d64cb28 100644
--- a/net/mac80211/trace.h
+++ b/net/mac80211/trace.h
@@ -28,21 +28,27 @@
28#define VIF_PR_FMT " vif:%s(%d%s)" 28#define VIF_PR_FMT " vif:%s(%d%s)"
29#define VIF_PR_ARG __get_str(vif_name), __entry->vif_type, __entry->p2p ? "/p2p" : "" 29#define VIF_PR_ARG __get_str(vif_name), __entry->vif_type, __entry->p2p ? "/p2p" : ""
30 30
31#define CHANCTX_ENTRY __field(u32, control_freq) \ 31#define CHANDEF_ENTRY __field(u32, control_freq) \
32 __field(u32, chan_width) \ 32 __field(u32, chan_width) \
33 __field(u32, center_freq1) \ 33 __field(u32, center_freq1) \
34 __field(u32, center_freq2) \ 34 __field(u32, center_freq2)
35#define CHANDEF_ASSIGN(c) \
36 __entry->control_freq = (c)->chan->center_freq; \
37 __entry->chan_width = (c)->width; \
38 __entry->center_freq1 = (c)->center_freq1; \
39 __entry->center_freq1 = (c)->center_freq2;
40#define CHANDEF_PR_FMT " control:%d MHz width:%d center: %d/%d MHz"
41#define CHANDEF_PR_ARG __entry->control_freq, __entry->chan_width, \
42 __entry->center_freq1, __entry->center_freq2
43
44#define CHANCTX_ENTRY CHANDEF_ENTRY \
35 __field(u8, rx_chains_static) \ 45 __field(u8, rx_chains_static) \
36 __field(u8, rx_chains_dynamic) 46 __field(u8, rx_chains_dynamic)
37#define CHANCTX_ASSIGN __entry->control_freq = ctx->conf.def.chan->center_freq;\ 47#define CHANCTX_ASSIGN CHANDEF_ASSIGN(&ctx->conf.def) \
38 __entry->chan_width = ctx->conf.def.width; \
39 __entry->center_freq1 = ctx->conf.def.center_freq1; \
40 __entry->center_freq2 = ctx->conf.def.center_freq2; \
41 __entry->rx_chains_static = ctx->conf.rx_chains_static; \ 48 __entry->rx_chains_static = ctx->conf.rx_chains_static; \
42 __entry->rx_chains_dynamic = ctx->conf.rx_chains_dynamic 49 __entry->rx_chains_dynamic = ctx->conf.rx_chains_dynamic
43#define CHANCTX_PR_FMT " control:%d MHz width:%d center: %d/%d MHz chains:%d/%d" 50#define CHANCTX_PR_FMT CHANDEF_PR_FMT " chains:%d/%d"
44#define CHANCTX_PR_ARG __entry->control_freq, __entry->chan_width, \ 51#define CHANCTX_PR_ARG CHANDEF_PR_ARG, \
45 __entry->center_freq1, __entry->center_freq2, \
46 __entry->rx_chains_static, __entry->rx_chains_dynamic 52 __entry->rx_chains_static, __entry->rx_chains_dynamic
47 53
48 54
@@ -341,8 +347,11 @@ TRACE_EVENT(drv_bss_info_changed,
341 __field(s32, cqm_rssi_hyst); 347 __field(s32, cqm_rssi_hyst);
342 __field(u32, channel_width); 348 __field(u32, channel_width);
343 __field(u32, channel_cfreq1); 349 __field(u32, channel_cfreq1);
344 __dynamic_array(u32, arp_addr_list, info->arp_addr_cnt); 350 __dynamic_array(u32, arp_addr_list,
345 __field(bool, arp_filter_enabled); 351 info->arp_addr_cnt > IEEE80211_BSS_ARP_ADDR_LIST_LEN ?
352 IEEE80211_BSS_ARP_ADDR_LIST_LEN :
353 info->arp_addr_cnt);
354 __field(int, arp_addr_cnt);
346 __field(bool, qos); 355 __field(bool, qos);
347 __field(bool, idle); 356 __field(bool, idle);
348 __field(bool, ps); 357 __field(bool, ps);
@@ -378,9 +387,11 @@ TRACE_EVENT(drv_bss_info_changed,
378 __entry->cqm_rssi_hyst = info->cqm_rssi_hyst; 387 __entry->cqm_rssi_hyst = info->cqm_rssi_hyst;
379 __entry->channel_width = info->chandef.width; 388 __entry->channel_width = info->chandef.width;
380 __entry->channel_cfreq1 = info->chandef.center_freq1; 389 __entry->channel_cfreq1 = info->chandef.center_freq1;
390 __entry->arp_addr_cnt = info->arp_addr_cnt;
381 memcpy(__get_dynamic_array(arp_addr_list), info->arp_addr_list, 391 memcpy(__get_dynamic_array(arp_addr_list), info->arp_addr_list,
382 sizeof(u32) * info->arp_addr_cnt); 392 sizeof(u32) * (info->arp_addr_cnt > IEEE80211_BSS_ARP_ADDR_LIST_LEN ?
383 __entry->arp_filter_enabled = info->arp_filter_enabled; 393 IEEE80211_BSS_ARP_ADDR_LIST_LEN :
394 info->arp_addr_cnt));
384 __entry->qos = info->qos; 395 __entry->qos = info->qos;
385 __entry->idle = info->idle; 396 __entry->idle = info->idle;
386 __entry->ps = info->ps; 397 __entry->ps = info->ps;
@@ -1178,23 +1189,26 @@ TRACE_EVENT(drv_set_rekey_data,
1178 1189
1179TRACE_EVENT(drv_rssi_callback, 1190TRACE_EVENT(drv_rssi_callback,
1180 TP_PROTO(struct ieee80211_local *local, 1191 TP_PROTO(struct ieee80211_local *local,
1192 struct ieee80211_sub_if_data *sdata,
1181 enum ieee80211_rssi_event rssi_event), 1193 enum ieee80211_rssi_event rssi_event),
1182 1194
1183 TP_ARGS(local, rssi_event), 1195 TP_ARGS(local, sdata, rssi_event),
1184 1196
1185 TP_STRUCT__entry( 1197 TP_STRUCT__entry(
1186 LOCAL_ENTRY 1198 LOCAL_ENTRY
1199 VIF_ENTRY
1187 __field(u32, rssi_event) 1200 __field(u32, rssi_event)
1188 ), 1201 ),
1189 1202
1190 TP_fast_assign( 1203 TP_fast_assign(
1191 LOCAL_ASSIGN; 1204 LOCAL_ASSIGN;
1205 VIF_ASSIGN;
1192 __entry->rssi_event = rssi_event; 1206 __entry->rssi_event = rssi_event;
1193 ), 1207 ),
1194 1208
1195 TP_printk( 1209 TP_printk(
1196 LOCAL_PR_FMT " rssi_event:%d", 1210 LOCAL_PR_FMT VIF_PR_FMT " rssi_event:%d",
1197 LOCAL_PR_ARG, __entry->rssi_event 1211 LOCAL_PR_ARG, VIF_PR_ARG, __entry->rssi_event
1198 ) 1212 )
1199); 1213);
1200 1214
@@ -1426,6 +1440,14 @@ DEFINE_EVENT(local_only_evt, drv_restart_complete,
1426 TP_ARGS(local) 1440 TP_ARGS(local)
1427); 1441);
1428 1442
1443#if IS_ENABLED(CONFIG_IPV6)
1444DEFINE_EVENT(local_sdata_evt, drv_ipv6_addr_change,
1445 TP_PROTO(struct ieee80211_local *local,
1446 struct ieee80211_sub_if_data *sdata),
1447 TP_ARGS(local, sdata)
1448);
1449#endif
1450
1429/* 1451/*
1430 * Tracing for API calls that drivers call. 1452 * Tracing for API calls that drivers call.
1431 */ 1453 */
@@ -1815,6 +1837,29 @@ TRACE_EVENT(stop_queue,
1815 ) 1837 )
1816); 1838);
1817 1839
1840TRACE_EVENT(drv_set_default_unicast_key,
1841 TP_PROTO(struct ieee80211_local *local,
1842 struct ieee80211_sub_if_data *sdata,
1843 int key_idx),
1844
1845 TP_ARGS(local, sdata, key_idx),
1846
1847 TP_STRUCT__entry(
1848 LOCAL_ENTRY
1849 VIF_ENTRY
1850 __field(int, key_idx)
1851 ),
1852
1853 TP_fast_assign(
1854 LOCAL_ASSIGN;
1855 VIF_ASSIGN;
1856 __entry->key_idx = key_idx;
1857 ),
1858
1859 TP_printk(LOCAL_PR_FMT VIF_PR_FMT " key_idx:%d",
1860 LOCAL_PR_ARG, VIF_PR_ARG, __entry->key_idx)
1861);
1862
1818#ifdef CONFIG_MAC80211_MESSAGE_TRACING 1863#ifdef CONFIG_MAC80211_MESSAGE_TRACING
1819#undef TRACE_SYSTEM 1864#undef TRACE_SYSTEM
1820#define TRACE_SYSTEM mac80211_msg 1865#define TRACE_SYSTEM mac80211_msg
diff --git a/net/mac80211/tx.c b/net/mac80211/tx.c
index e9eadc40c09c..a2cb6a302cc7 100644
--- a/net/mac80211/tx.c
+++ b/net/mac80211/tx.c
@@ -1673,10 +1673,13 @@ netdev_tx_t ieee80211_monitor_start_xmit(struct sk_buff *skb,
1673 chanctx_conf = 1673 chanctx_conf =
1674 rcu_dereference(tmp_sdata->vif.chanctx_conf); 1674 rcu_dereference(tmp_sdata->vif.chanctx_conf);
1675 } 1675 }
1676 if (!chanctx_conf)
1677 goto fail_rcu;
1678 1676
1679 chan = chanctx_conf->def.chan; 1677 if (chanctx_conf)
1678 chan = chanctx_conf->def.chan;
1679 else if (!local->use_chanctx)
1680 chan = local->_oper_channel;
1681 else
1682 goto fail_rcu;
1680 1683
1681 /* 1684 /*
1682 * Frame injection is not allowed if beaconing is not allowed 1685 * Frame injection is not allowed if beaconing is not allowed
@@ -1784,16 +1787,16 @@ netdev_tx_t ieee80211_subif_start_xmit(struct sk_buff *skb,
1784 break; 1787 break;
1785 /* fall through */ 1788 /* fall through */
1786 case NL80211_IFTYPE_AP: 1789 case NL80211_IFTYPE_AP:
1790 if (sdata->vif.type == NL80211_IFTYPE_AP)
1791 chanctx_conf = rcu_dereference(sdata->vif.chanctx_conf);
1792 if (!chanctx_conf)
1793 goto fail_rcu;
1787 fc |= cpu_to_le16(IEEE80211_FCTL_FROMDS); 1794 fc |= cpu_to_le16(IEEE80211_FCTL_FROMDS);
1788 /* DA BSSID SA */ 1795 /* DA BSSID SA */
1789 memcpy(hdr.addr1, skb->data, ETH_ALEN); 1796 memcpy(hdr.addr1, skb->data, ETH_ALEN);
1790 memcpy(hdr.addr2, sdata->vif.addr, ETH_ALEN); 1797 memcpy(hdr.addr2, sdata->vif.addr, ETH_ALEN);
1791 memcpy(hdr.addr3, skb->data + ETH_ALEN, ETH_ALEN); 1798 memcpy(hdr.addr3, skb->data + ETH_ALEN, ETH_ALEN);
1792 hdrlen = 24; 1799 hdrlen = 24;
1793 if (sdata->vif.type == NL80211_IFTYPE_AP)
1794 chanctx_conf = rcu_dereference(sdata->vif.chanctx_conf);
1795 if (!chanctx_conf)
1796 goto fail_rcu;
1797 band = chanctx_conf->def.chan->band; 1800 band = chanctx_conf->def.chan->band;
1798 break; 1801 break;
1799 case NL80211_IFTYPE_WDS: 1802 case NL80211_IFTYPE_WDS:
@@ -2261,9 +2264,8 @@ void ieee80211_tx_pending(unsigned long data)
2261 2264
2262/* functions for drivers to get certain frames */ 2265/* functions for drivers to get certain frames */
2263 2266
2264static void ieee80211_beacon_add_tim(struct ieee80211_sub_if_data *sdata, 2267static void __ieee80211_beacon_add_tim(struct ieee80211_sub_if_data *sdata,
2265 struct ps_data *ps, 2268 struct ps_data *ps, struct sk_buff *skb)
2266 struct sk_buff *skb)
2267{ 2269{
2268 u8 *pos, *tim; 2270 u8 *pos, *tim;
2269 int aid0 = 0; 2271 int aid0 = 0;
@@ -2325,6 +2327,31 @@ static void ieee80211_beacon_add_tim(struct ieee80211_sub_if_data *sdata,
2325 } 2327 }
2326} 2328}
2327 2329
2330static int ieee80211_beacon_add_tim(struct ieee80211_sub_if_data *sdata,
2331 struct ps_data *ps, struct sk_buff *skb)
2332{
2333 struct ieee80211_local *local = sdata->local;
2334
2335 /*
2336 * Not very nice, but we want to allow the driver to call
2337 * ieee80211_beacon_get() as a response to the set_tim()
2338 * callback. That, however, is already invoked under the
2339 * sta_lock to guarantee consistent and race-free update
2340 * of the tim bitmap in mac80211 and the driver.
2341 */
2342 if (local->tim_in_locked_section) {
2343 __ieee80211_beacon_add_tim(sdata, ps, skb);
2344 } else {
2345 unsigned long flags;
2346
2347 spin_lock_irqsave(&local->tim_lock, flags);
2348 __ieee80211_beacon_add_tim(sdata, ps, skb);
2349 spin_unlock_irqrestore(&local->tim_lock, flags);
2350 }
2351
2352 return 0;
2353}
2354
2328struct sk_buff *ieee80211_beacon_get_tim(struct ieee80211_hw *hw, 2355struct sk_buff *ieee80211_beacon_get_tim(struct ieee80211_hw *hw,
2329 struct ieee80211_vif *vif, 2356 struct ieee80211_vif *vif,
2330 u16 *tim_offset, u16 *tim_length) 2357 u16 *tim_offset, u16 *tim_length)
@@ -2369,22 +2396,7 @@ struct sk_buff *ieee80211_beacon_get_tim(struct ieee80211_hw *hw,
2369 memcpy(skb_put(skb, beacon->head_len), beacon->head, 2396 memcpy(skb_put(skb, beacon->head_len), beacon->head,
2370 beacon->head_len); 2397 beacon->head_len);
2371 2398
2372 /* 2399 ieee80211_beacon_add_tim(sdata, &ap->ps, skb);
2373 * Not very nice, but we want to allow the driver to call
2374 * ieee80211_beacon_get() as a response to the set_tim()
2375 * callback. That, however, is already invoked under the
2376 * sta_lock to guarantee consistent and race-free update
2377 * of the tim bitmap in mac80211 and the driver.
2378 */
2379 if (local->tim_in_locked_section) {
2380 ieee80211_beacon_add_tim(sdata, &ap->ps, skb);
2381 } else {
2382 unsigned long flags;
2383
2384 spin_lock_irqsave(&local->tim_lock, flags);
2385 ieee80211_beacon_add_tim(sdata, &ap->ps, skb);
2386 spin_unlock_irqrestore(&local->tim_lock, flags);
2387 }
2388 2400
2389 if (tim_offset) 2401 if (tim_offset)
2390 *tim_offset = beacon->head_len; 2402 *tim_offset = beacon->head_len;
diff --git a/net/mac80211/util.c b/net/mac80211/util.c
index f11e8c540db4..7519018ff71a 100644
--- a/net/mac80211/util.c
+++ b/net/mac80211/util.c
@@ -1358,6 +1358,7 @@ int ieee80211_reconfig(struct ieee80211_local *local)
1358 struct ieee80211_chanctx *ctx; 1358 struct ieee80211_chanctx *ctx;
1359 struct sta_info *sta; 1359 struct sta_info *sta;
1360 int res, i; 1360 int res, i;
1361 bool reconfig_due_to_wowlan = false;
1361 1362
1362#ifdef CONFIG_PM 1363#ifdef CONFIG_PM
1363 if (local->suspended) 1364 if (local->suspended)
@@ -1377,6 +1378,7 @@ int ieee80211_reconfig(struct ieee80211_local *local)
1377 * res is 1, which means the driver requested 1378 * res is 1, which means the driver requested
1378 * to go through a regular reset on wakeup. 1379 * to go through a regular reset on wakeup.
1379 */ 1380 */
1381 reconfig_due_to_wowlan = true;
1380 } 1382 }
1381#endif 1383#endif
1382 /* everything else happens only if HW was up & running */ 1384 /* everything else happens only if HW was up & running */
@@ -1526,6 +1528,11 @@ int ieee80211_reconfig(struct ieee80211_local *local)
1526 BSS_CHANGED_IDLE | 1528 BSS_CHANGED_IDLE |
1527 BSS_CHANGED_TXPOWER; 1529 BSS_CHANGED_TXPOWER;
1528 1530
1531#ifdef CONFIG_PM
1532 if (local->resuming && !reconfig_due_to_wowlan)
1533 sdata->vif.bss_conf = sdata->suspend_bss_conf;
1534#endif
1535
1529 switch (sdata->vif.type) { 1536 switch (sdata->vif.type) {
1530 case NL80211_IFTYPE_STATION: 1537 case NL80211_IFTYPE_STATION:
1531 changed |= BSS_CHANGED_ASSOC | 1538 changed |= BSS_CHANGED_ASSOC |
@@ -1550,9 +1557,11 @@ int ieee80211_reconfig(struct ieee80211_local *local)
1550 1557
1551 /* fall through */ 1558 /* fall through */
1552 case NL80211_IFTYPE_MESH_POINT: 1559 case NL80211_IFTYPE_MESH_POINT:
1553 changed |= BSS_CHANGED_BEACON | 1560 if (sdata->vif.bss_conf.enable_beacon) {
1554 BSS_CHANGED_BEACON_ENABLED; 1561 changed |= BSS_CHANGED_BEACON |
1555 ieee80211_bss_info_change_notify(sdata, changed); 1562 BSS_CHANGED_BEACON_ENABLED;
1563 ieee80211_bss_info_change_notify(sdata, changed);
1564 }
1556 break; 1565 break;
1557 case NL80211_IFTYPE_WDS: 1566 case NL80211_IFTYPE_WDS:
1558 break; 1567 break;
@@ -1632,7 +1641,8 @@ int ieee80211_reconfig(struct ieee80211_local *local)
1632 mutex_lock(&local->sta_mtx); 1641 mutex_lock(&local->sta_mtx);
1633 1642
1634 list_for_each_entry(sta, &local->sta_list, list) { 1643 list_for_each_entry(sta, &local->sta_list, list) {
1635 ieee80211_sta_tear_down_BA_sessions(sta, true); 1644 ieee80211_sta_tear_down_BA_sessions(
1645 sta, AGG_STOP_LOCAL_REQUEST);
1636 clear_sta_flag(sta, WLAN_STA_BLOCK_BA); 1646 clear_sta_flag(sta, WLAN_STA_BLOCK_BA);
1637 } 1647 }
1638 1648
@@ -1646,10 +1656,11 @@ int ieee80211_reconfig(struct ieee80211_local *local)
1646 * If this is for hw restart things are still running. 1656 * If this is for hw restart things are still running.
1647 * We may want to change that later, however. 1657 * We may want to change that later, however.
1648 */ 1658 */
1649 if (!local->suspended) { 1659 if (!local->suspended || reconfig_due_to_wowlan)
1650 drv_restart_complete(local); 1660 drv_restart_complete(local);
1661
1662 if (!local->suspended)
1651 return 0; 1663 return 0;
1652 }
1653 1664
1654#ifdef CONFIG_PM 1665#ifdef CONFIG_PM
1655 /* first set suspended false, then resuming */ 1666 /* first set suspended false, then resuming */
@@ -1864,7 +1875,7 @@ u8 *ieee80211_ie_build_ht_cap(u8 *pos, struct ieee80211_sta_ht_cap *ht_cap,
1864} 1875}
1865 1876
1866u8 *ieee80211_ie_build_vht_cap(u8 *pos, struct ieee80211_sta_vht_cap *vht_cap, 1877u8 *ieee80211_ie_build_vht_cap(u8 *pos, struct ieee80211_sta_vht_cap *vht_cap,
1867 u32 cap) 1878 u32 cap)
1868{ 1879{
1869 __le32 tmp; 1880 __le32 tmp;
1870 1881
diff --git a/net/nfc/core.c b/net/nfc/core.c
index aa64ea441676..25522e56d350 100644
--- a/net/nfc/core.c
+++ b/net/nfc/core.c
@@ -338,7 +338,7 @@ int nfc_activate_target(struct nfc_dev *dev, u32 target_idx, u32 protocol)
338 dev->active_target = target; 338 dev->active_target = target;
339 dev->rf_mode = NFC_RF_INITIATOR; 339 dev->rf_mode = NFC_RF_INITIATOR;
340 340
341 if (dev->ops->check_presence) 341 if (dev->ops->check_presence && !dev->shutting_down)
342 mod_timer(&dev->check_pres_timer, jiffies + 342 mod_timer(&dev->check_pres_timer, jiffies +
343 msecs_to_jiffies(NFC_CHECK_PRES_FREQ_MS)); 343 msecs_to_jiffies(NFC_CHECK_PRES_FREQ_MS));
344 } 344 }
@@ -429,7 +429,7 @@ int nfc_data_exchange(struct nfc_dev *dev, u32 target_idx, struct sk_buff *skb,
429 rc = dev->ops->im_transceive(dev, dev->active_target, skb, cb, 429 rc = dev->ops->im_transceive(dev, dev->active_target, skb, cb,
430 cb_context); 430 cb_context);
431 431
432 if (!rc && dev->ops->check_presence) 432 if (!rc && dev->ops->check_presence && !dev->shutting_down)
433 mod_timer(&dev->check_pres_timer, jiffies + 433 mod_timer(&dev->check_pres_timer, jiffies +
434 msecs_to_jiffies(NFC_CHECK_PRES_FREQ_MS)); 434 msecs_to_jiffies(NFC_CHECK_PRES_FREQ_MS));
435 } else if (dev->rf_mode == NFC_RF_TARGET && dev->ops->tm_send != NULL) { 435 } else if (dev->rf_mode == NFC_RF_TARGET && dev->ops->tm_send != NULL) {
@@ -684,11 +684,6 @@ static void nfc_release(struct device *d)
684 684
685 pr_debug("dev_name=%s\n", dev_name(&dev->dev)); 685 pr_debug("dev_name=%s\n", dev_name(&dev->dev));
686 686
687 if (dev->ops->check_presence) {
688 del_timer_sync(&dev->check_pres_timer);
689 cancel_work_sync(&dev->check_pres_work);
690 }
691
692 nfc_genl_data_exit(&dev->genl_data); 687 nfc_genl_data_exit(&dev->genl_data);
693 kfree(dev->targets); 688 kfree(dev->targets);
694 kfree(dev); 689 kfree(dev);
@@ -706,15 +701,16 @@ static void nfc_check_pres_work(struct work_struct *work)
706 rc = dev->ops->check_presence(dev, dev->active_target); 701 rc = dev->ops->check_presence(dev, dev->active_target);
707 if (rc == -EOPNOTSUPP) 702 if (rc == -EOPNOTSUPP)
708 goto exit; 703 goto exit;
709 if (!rc) { 704 if (rc) {
710 mod_timer(&dev->check_pres_timer, jiffies +
711 msecs_to_jiffies(NFC_CHECK_PRES_FREQ_MS));
712 } else {
713 u32 active_target_idx = dev->active_target->idx; 705 u32 active_target_idx = dev->active_target->idx;
714 device_unlock(&dev->dev); 706 device_unlock(&dev->dev);
715 nfc_target_lost(dev, active_target_idx); 707 nfc_target_lost(dev, active_target_idx);
716 return; 708 return;
717 } 709 }
710
711 if (!dev->shutting_down)
712 mod_timer(&dev->check_pres_timer, jiffies +
713 msecs_to_jiffies(NFC_CHECK_PRES_FREQ_MS));
718 } 714 }
719 715
720exit: 716exit:
@@ -761,6 +757,7 @@ struct nfc_dev *nfc_get_device(unsigned int idx)
761 */ 757 */
762struct nfc_dev *nfc_allocate_device(struct nfc_ops *ops, 758struct nfc_dev *nfc_allocate_device(struct nfc_ops *ops,
763 u32 supported_protocols, 759 u32 supported_protocols,
760 u32 supported_se,
764 int tx_headroom, int tx_tailroom) 761 int tx_headroom, int tx_tailroom)
765{ 762{
766 struct nfc_dev *dev; 763 struct nfc_dev *dev;
@@ -778,6 +775,8 @@ struct nfc_dev *nfc_allocate_device(struct nfc_ops *ops,
778 775
779 dev->ops = ops; 776 dev->ops = ops;
780 dev->supported_protocols = supported_protocols; 777 dev->supported_protocols = supported_protocols;
778 dev->supported_se = supported_se;
779 dev->active_se = NFC_SE_NONE;
781 dev->tx_headroom = tx_headroom; 780 dev->tx_headroom = tx_headroom;
782 dev->tx_tailroom = tx_tailroom; 781 dev->tx_tailroom = tx_tailroom;
783 782
@@ -853,26 +852,27 @@ void nfc_unregister_device(struct nfc_dev *dev)
853 852
854 id = dev->idx; 853 id = dev->idx;
855 854
856 mutex_lock(&nfc_devlist_mutex); 855 if (dev->ops->check_presence) {
857 nfc_devlist_generation++; 856 device_lock(&dev->dev);
858 857 dev->shutting_down = true;
859 /* lock to avoid unregistering a device while an operation 858 device_unlock(&dev->dev);
860 is in progress */ 859 del_timer_sync(&dev->check_pres_timer);
861 device_lock(&dev->dev); 860 cancel_work_sync(&dev->check_pres_work);
862 device_del(&dev->dev); 861 }
863 device_unlock(&dev->dev);
864 862
865 mutex_unlock(&nfc_devlist_mutex); 863 rc = nfc_genl_device_removed(dev);
864 if (rc)
865 pr_debug("The userspace won't be notified that the device %s "
866 "was removed\n", dev_name(&dev->dev));
866 867
867 nfc_llcp_unregister_device(dev); 868 nfc_llcp_unregister_device(dev);
868 869
869 rc = nfc_genl_device_removed(dev); 870 mutex_lock(&nfc_devlist_mutex);
870 if (rc) 871 nfc_devlist_generation++;
871 pr_debug("The userspace won't be notified that the device %s was removed\n", 872 device_del(&dev->dev);
872 dev_name(&dev->dev)); 873 mutex_unlock(&nfc_devlist_mutex);
873 874
874 ida_simple_remove(&nfc_index_ida, id); 875 ida_simple_remove(&nfc_index_ida, id);
875
876} 876}
877EXPORT_SYMBOL(nfc_unregister_device); 877EXPORT_SYMBOL(nfc_unregister_device);
878 878
diff --git a/net/nfc/hci/command.c b/net/nfc/hci/command.c
index 7d99410e6c1a..64f922be9281 100644
--- a/net/nfc/hci/command.c
+++ b/net/nfc/hci/command.c
@@ -280,14 +280,19 @@ static int nfc_hci_delete_pipe(struct nfc_hci_dev *hdev, u8 pipe)
280static int nfc_hci_clear_all_pipes(struct nfc_hci_dev *hdev) 280static int nfc_hci_clear_all_pipes(struct nfc_hci_dev *hdev)
281{ 281{
282 u8 param[2]; 282 u8 param[2];
283 size_t param_len = 2;
283 284
284 /* TODO: Find out what the identity reference data is 285 /* TODO: Find out what the identity reference data is
285 * and fill param with it. HCI spec 6.1.3.5 */ 286 * and fill param with it. HCI spec 6.1.3.5 */
286 287
287 pr_debug("\n"); 288 pr_debug("\n");
288 289
290 if (test_bit(NFC_HCI_QUIRK_SHORT_CLEAR, &hdev->quirks))
291 param_len = 0;
292
289 return nfc_hci_execute_cmd(hdev, NFC_HCI_ADMIN_PIPE, 293 return nfc_hci_execute_cmd(hdev, NFC_HCI_ADMIN_PIPE,
290 NFC_HCI_ADM_CLEAR_ALL_PIPE, param, 2, NULL); 294 NFC_HCI_ADM_CLEAR_ALL_PIPE, param, param_len,
295 NULL);
291} 296}
292 297
293int nfc_hci_disconnect_gate(struct nfc_hci_dev *hdev, u8 gate) 298int nfc_hci_disconnect_gate(struct nfc_hci_dev *hdev, u8 gate)
diff --git a/net/nfc/hci/core.c b/net/nfc/hci/core.c
index 7bea574d5934..91020b210d87 100644
--- a/net/nfc/hci/core.c
+++ b/net/nfc/hci/core.c
@@ -57,6 +57,8 @@ static void nfc_hci_msg_tx_work(struct work_struct *work)
57 int r = 0; 57 int r = 0;
58 58
59 mutex_lock(&hdev->msg_tx_mutex); 59 mutex_lock(&hdev->msg_tx_mutex);
60 if (hdev->shutting_down)
61 goto exit;
60 62
61 if (hdev->cmd_pending_msg) { 63 if (hdev->cmd_pending_msg) {
62 if (timer_pending(&hdev->cmd_timer) == 0) { 64 if (timer_pending(&hdev->cmd_timer) == 0) {
@@ -295,6 +297,12 @@ void nfc_hci_event_received(struct nfc_hci_dev *hdev, u8 pipe, u8 event,
295 goto exit; 297 goto exit;
296 } 298 }
297 299
300 if (hdev->ops->event_received) {
301 r = hdev->ops->event_received(hdev, gate, event, skb);
302 if (r <= 0)
303 goto exit_noskb;
304 }
305
298 switch (event) { 306 switch (event) {
299 case NFC_HCI_EVT_TARGET_DISCOVERED: 307 case NFC_HCI_EVT_TARGET_DISCOVERED:
300 if (skb->len < 1) { /* no status data? */ 308 if (skb->len < 1) { /* no status data? */
@@ -320,17 +328,15 @@ void nfc_hci_event_received(struct nfc_hci_dev *hdev, u8 pipe, u8 event,
320 r = nfc_hci_target_discovered(hdev, gate); 328 r = nfc_hci_target_discovered(hdev, gate);
321 break; 329 break;
322 default: 330 default:
323 if (hdev->ops->event_received) { 331 pr_info("Discarded unknown event %x to gate %x\n", event, gate);
324 hdev->ops->event_received(hdev, gate, event, skb); 332 r = -EINVAL;
325 return;
326 }
327
328 break; 333 break;
329 } 334 }
330 335
331exit: 336exit:
332 kfree_skb(skb); 337 kfree_skb(skb);
333 338
339exit_noskb:
334 if (r) { 340 if (r) {
335 /* TODO: There was an error dispatching the event, 341 /* TODO: There was an error dispatching the event,
336 * how to propagate up to nfc core? 342 * how to propagate up to nfc core?
@@ -669,8 +675,10 @@ static int hci_tm_send(struct nfc_dev *nfc_dev, struct sk_buff *skb)
669 675
670 if (hdev->ops->tm_send) 676 if (hdev->ops->tm_send)
671 return hdev->ops->tm_send(hdev, skb); 677 return hdev->ops->tm_send(hdev, skb);
672 else 678
673 return -ENOTSUPP; 679 kfree_skb(skb);
680
681 return -ENOTSUPP;
674} 682}
675 683
676static int hci_check_presence(struct nfc_dev *nfc_dev, 684static int hci_check_presence(struct nfc_dev *nfc_dev,
@@ -787,7 +795,9 @@ static struct nfc_ops hci_nfc_ops = {
787 795
788struct nfc_hci_dev *nfc_hci_allocate_device(struct nfc_hci_ops *ops, 796struct nfc_hci_dev *nfc_hci_allocate_device(struct nfc_hci_ops *ops,
789 struct nfc_hci_init_data *init_data, 797 struct nfc_hci_init_data *init_data,
798 unsigned long quirks,
790 u32 protocols, 799 u32 protocols,
800 u32 supported_se,
791 const char *llc_name, 801 const char *llc_name,
792 int tx_headroom, 802 int tx_headroom,
793 int tx_tailroom, 803 int tx_tailroom,
@@ -813,7 +823,7 @@ struct nfc_hci_dev *nfc_hci_allocate_device(struct nfc_hci_ops *ops,
813 return NULL; 823 return NULL;
814 } 824 }
815 825
816 hdev->ndev = nfc_allocate_device(&hci_nfc_ops, protocols, 826 hdev->ndev = nfc_allocate_device(&hci_nfc_ops, protocols, supported_se,
817 tx_headroom + HCI_CMDS_HEADROOM, 827 tx_headroom + HCI_CMDS_HEADROOM,
818 tx_tailroom); 828 tx_tailroom);
819 if (!hdev->ndev) { 829 if (!hdev->ndev) {
@@ -830,6 +840,8 @@ struct nfc_hci_dev *nfc_hci_allocate_device(struct nfc_hci_ops *ops,
830 840
831 memset(hdev->gate2pipe, NFC_HCI_INVALID_PIPE, sizeof(hdev->gate2pipe)); 841 memset(hdev->gate2pipe, NFC_HCI_INVALID_PIPE, sizeof(hdev->gate2pipe));
832 842
843 hdev->quirks = quirks;
844
833 return hdev; 845 return hdev;
834} 846}
835EXPORT_SYMBOL(nfc_hci_allocate_device); 847EXPORT_SYMBOL(nfc_hci_allocate_device);
@@ -868,6 +880,28 @@ void nfc_hci_unregister_device(struct nfc_hci_dev *hdev)
868{ 880{
869 struct hci_msg *msg, *n; 881 struct hci_msg *msg, *n;
870 882
883 mutex_lock(&hdev->msg_tx_mutex);
884
885 if (hdev->cmd_pending_msg) {
886 if (hdev->cmd_pending_msg->cb)
887 hdev->cmd_pending_msg->cb(
888 hdev->cmd_pending_msg->cb_context,
889 NULL, -ESHUTDOWN);
890 kfree(hdev->cmd_pending_msg);
891 hdev->cmd_pending_msg = NULL;
892 }
893
894 hdev->shutting_down = true;
895
896 mutex_unlock(&hdev->msg_tx_mutex);
897
898 del_timer_sync(&hdev->cmd_timer);
899 cancel_work_sync(&hdev->msg_tx_work);
900
901 cancel_work_sync(&hdev->msg_rx_work);
902
903 nfc_unregister_device(hdev->ndev);
904
871 skb_queue_purge(&hdev->rx_hcp_frags); 905 skb_queue_purge(&hdev->rx_hcp_frags);
872 skb_queue_purge(&hdev->msg_rx_queue); 906 skb_queue_purge(&hdev->msg_rx_queue);
873 907
@@ -876,13 +910,6 @@ void nfc_hci_unregister_device(struct nfc_hci_dev *hdev)
876 skb_queue_purge(&msg->msg_frags); 910 skb_queue_purge(&msg->msg_frags);
877 kfree(msg); 911 kfree(msg);
878 } 912 }
879
880 del_timer_sync(&hdev->cmd_timer);
881
882 nfc_unregister_device(hdev->ndev);
883
884 cancel_work_sync(&hdev->msg_tx_work);
885 cancel_work_sync(&hdev->msg_rx_work);
886} 913}
887EXPORT_SYMBOL(nfc_hci_unregister_device); 914EXPORT_SYMBOL(nfc_hci_unregister_device);
888 915
diff --git a/net/nfc/hci/hcp.c b/net/nfc/hci/hcp.c
index bc308a7ca609..b6b4109f2343 100644
--- a/net/nfc/hci/hcp.c
+++ b/net/nfc/hci/hcp.c
@@ -105,6 +105,13 @@ int nfc_hci_hcp_message_tx(struct nfc_hci_dev *hdev, u8 pipe,
105 } 105 }
106 106
107 mutex_lock(&hdev->msg_tx_mutex); 107 mutex_lock(&hdev->msg_tx_mutex);
108
109 if (hdev->shutting_down) {
110 err = -ESHUTDOWN;
111 mutex_unlock(&hdev->msg_tx_mutex);
112 goto out_skb_err;
113 }
114
108 list_add_tail(&cmd->msg_l, &hdev->msg_tx_queue); 115 list_add_tail(&cmd->msg_l, &hdev->msg_tx_queue);
109 mutex_unlock(&hdev->msg_tx_mutex); 116 mutex_unlock(&hdev->msg_tx_mutex);
110 117
diff --git a/net/nfc/llcp/commands.c b/net/nfc/llcp/commands.c
index df24be48d4da..c6bc3bd95052 100644
--- a/net/nfc/llcp/commands.c
+++ b/net/nfc/llcp/commands.c
@@ -304,6 +304,8 @@ int nfc_llcp_send_symm(struct nfc_dev *dev)
304 304
305 skb = llcp_add_header(skb, 0, 0, LLCP_PDU_SYMM); 305 skb = llcp_add_header(skb, 0, 0, LLCP_PDU_SYMM);
306 306
307 __net_timestamp(skb);
308
307 nfc_llcp_send_to_raw_sock(local, skb, NFC_LLCP_DIRECTION_TX); 309 nfc_llcp_send_to_raw_sock(local, skb, NFC_LLCP_DIRECTION_TX);
308 310
309 return nfc_data_exchange(dev, local->target_idx, skb, 311 return nfc_data_exchange(dev, local->target_idx, skb,
diff --git a/net/nfc/llcp/llcp.c b/net/nfc/llcp/llcp.c
index ec43914c92a9..85bc75c38dea 100644
--- a/net/nfc/llcp/llcp.c
+++ b/net/nfc/llcp/llcp.c
@@ -54,7 +54,6 @@ static void nfc_llcp_socket_purge(struct nfc_llcp_sock *sock)
54 54
55 skb_queue_purge(&sock->tx_queue); 55 skb_queue_purge(&sock->tx_queue);
56 skb_queue_purge(&sock->tx_pending_queue); 56 skb_queue_purge(&sock->tx_pending_queue);
57 skb_queue_purge(&sock->tx_backlog_queue);
58 57
59 if (local == NULL) 58 if (local == NULL)
60 return; 59 return;
@@ -668,6 +667,8 @@ static void nfc_llcp_tx_work(struct work_struct *work)
668 if (ptype == LLCP_PDU_I) 667 if (ptype == LLCP_PDU_I)
669 copy_skb = skb_copy(skb, GFP_ATOMIC); 668 copy_skb = skb_copy(skb, GFP_ATOMIC);
670 669
670 __net_timestamp(skb);
671
671 nfc_llcp_send_to_raw_sock(local, skb, 672 nfc_llcp_send_to_raw_sock(local, skb,
672 NFC_LLCP_DIRECTION_TX); 673 NFC_LLCP_DIRECTION_TX);
673 674
@@ -781,9 +782,15 @@ static void nfc_llcp_recv_ui(struct nfc_llcp_local *local,
781 782
782 /* There is no sequence with UI frames */ 783 /* There is no sequence with UI frames */
783 skb_pull(skb, LLCP_HEADER_SIZE); 784 skb_pull(skb, LLCP_HEADER_SIZE);
784 if (sock_queue_rcv_skb(&llcp_sock->sk, skb)) { 785 if (!sock_queue_rcv_skb(&llcp_sock->sk, skb)) {
785 pr_err("receive queue is full\n"); 786 /*
786 skb_queue_head(&llcp_sock->tx_backlog_queue, skb); 787 * UI frames will be freed from the socket layer, so we
788 * need to keep them alive until someone receives them.
789 */
790 skb_get(skb);
791 } else {
792 pr_err("Receive queue is full\n");
793 kfree_skb(skb);
787 } 794 }
788 795
789 nfc_llcp_sock_put(llcp_sock); 796 nfc_llcp_sock_put(llcp_sock);
@@ -976,9 +983,15 @@ static void nfc_llcp_recv_hdlc(struct nfc_llcp_local *local,
976 pr_err("Received out of sequence I PDU\n"); 983 pr_err("Received out of sequence I PDU\n");
977 984
978 skb_pull(skb, LLCP_HEADER_SIZE + LLCP_SEQUENCE_SIZE); 985 skb_pull(skb, LLCP_HEADER_SIZE + LLCP_SEQUENCE_SIZE);
979 if (sock_queue_rcv_skb(&llcp_sock->sk, skb)) { 986 if (!sock_queue_rcv_skb(&llcp_sock->sk, skb)) {
980 pr_err("receive queue is full\n"); 987 /*
981 skb_queue_head(&llcp_sock->tx_backlog_queue, skb); 988 * I frames will be freed from the socket layer, so we
989 * need to keep them alive until someone receives them.
990 */
991 skb_get(skb);
992 } else {
993 pr_err("Receive queue is full\n");
994 kfree_skb(skb);
982 } 995 }
983 } 996 }
984 997
@@ -1245,6 +1258,8 @@ static void nfc_llcp_rx_work(struct work_struct *work)
1245 print_hex_dump(KERN_DEBUG, "LLCP Rx: ", DUMP_PREFIX_OFFSET, 1258 print_hex_dump(KERN_DEBUG, "LLCP Rx: ", DUMP_PREFIX_OFFSET,
1246 16, 1, skb->data, skb->len, true); 1259 16, 1, skb->data, skb->len, true);
1247 1260
1261 __net_timestamp(skb);
1262
1248 nfc_llcp_send_to_raw_sock(local, skb, NFC_LLCP_DIRECTION_RX); 1263 nfc_llcp_send_to_raw_sock(local, skb, NFC_LLCP_DIRECTION_RX);
1249 1264
1250 switch (ptype) { 1265 switch (ptype) {
@@ -1296,6 +1311,13 @@ static void nfc_llcp_rx_work(struct work_struct *work)
1296 local->rx_pending = NULL; 1311 local->rx_pending = NULL;
1297} 1312}
1298 1313
1314static void __nfc_llcp_recv(struct nfc_llcp_local *local, struct sk_buff *skb)
1315{
1316 local->rx_pending = skb;
1317 del_timer(&local->link_timer);
1318 schedule_work(&local->rx_work);
1319}
1320
1299void nfc_llcp_recv(void *data, struct sk_buff *skb, int err) 1321void nfc_llcp_recv(void *data, struct sk_buff *skb, int err)
1300{ 1322{
1301 struct nfc_llcp_local *local = (struct nfc_llcp_local *) data; 1323 struct nfc_llcp_local *local = (struct nfc_llcp_local *) data;
@@ -1306,9 +1328,7 @@ void nfc_llcp_recv(void *data, struct sk_buff *skb, int err)
1306 return; 1328 return;
1307 } 1329 }
1308 1330
1309 local->rx_pending = skb_get(skb); 1331 __nfc_llcp_recv(local, skb);
1310 del_timer(&local->link_timer);
1311 schedule_work(&local->rx_work);
1312} 1332}
1313 1333
1314int nfc_llcp_data_received(struct nfc_dev *dev, struct sk_buff *skb) 1334int nfc_llcp_data_received(struct nfc_dev *dev, struct sk_buff *skb)
@@ -1319,9 +1339,7 @@ int nfc_llcp_data_received(struct nfc_dev *dev, struct sk_buff *skb)
1319 if (local == NULL) 1339 if (local == NULL)
1320 return -ENODEV; 1340 return -ENODEV;
1321 1341
1322 local->rx_pending = skb_get(skb); 1342 __nfc_llcp_recv(local, skb);
1323 del_timer(&local->link_timer);
1324 schedule_work(&local->rx_work);
1325 1343
1326 return 0; 1344 return 0;
1327} 1345}
diff --git a/net/nfc/llcp/llcp.h b/net/nfc/llcp/llcp.h
index 0d62366f8cc3..0eae5c509504 100644
--- a/net/nfc/llcp/llcp.h
+++ b/net/nfc/llcp/llcp.h
@@ -121,7 +121,6 @@ struct nfc_llcp_sock {
121 121
122 struct sk_buff_head tx_queue; 122 struct sk_buff_head tx_queue;
123 struct sk_buff_head tx_pending_queue; 123 struct sk_buff_head tx_pending_queue;
124 struct sk_buff_head tx_backlog_queue;
125 124
126 struct list_head accept_queue; 125 struct list_head accept_queue;
127 struct sock *parent; 126 struct sock *parent;
diff --git a/net/nfc/llcp/sock.c b/net/nfc/llcp/sock.c
index fea22eb41b82..5332751943a9 100644
--- a/net/nfc/llcp/sock.c
+++ b/net/nfc/llcp/sock.c
@@ -672,25 +672,27 @@ static int llcp_sock_recvmsg(struct kiocb *iocb, struct socket *sock,
672 copied = min_t(unsigned int, rlen, len); 672 copied = min_t(unsigned int, rlen, len);
673 673
674 cskb = skb; 674 cskb = skb;
675 if (memcpy_toiovec(msg->msg_iov, cskb->data, copied)) { 675 if (skb_copy_datagram_iovec(cskb, 0, msg->msg_iov, copied)) {
676 if (!(flags & MSG_PEEK)) 676 if (!(flags & MSG_PEEK))
677 skb_queue_head(&sk->sk_receive_queue, skb); 677 skb_queue_head(&sk->sk_receive_queue, skb);
678 return -EFAULT; 678 return -EFAULT;
679 } 679 }
680 680
681 sock_recv_timestamp(msg, sk, skb);
682
681 if (sk->sk_type == SOCK_DGRAM && msg->msg_name) { 683 if (sk->sk_type == SOCK_DGRAM && msg->msg_name) {
682 struct nfc_llcp_ui_cb *ui_cb = nfc_llcp_ui_skb_cb(skb); 684 struct nfc_llcp_ui_cb *ui_cb = nfc_llcp_ui_skb_cb(skb);
683 struct sockaddr_nfc_llcp sockaddr; 685 struct sockaddr_nfc_llcp *sockaddr =
686 (struct sockaddr_nfc_llcp *) msg->msg_name;
684 687
685 pr_debug("Datagram socket %d %d\n", ui_cb->dsap, ui_cb->ssap); 688 msg->msg_namelen = sizeof(struct sockaddr_nfc_llcp);
686 689
687 sockaddr.sa_family = AF_NFC; 690 pr_debug("Datagram socket %d %d\n", ui_cb->dsap, ui_cb->ssap);
688 sockaddr.nfc_protocol = NFC_PROTO_NFC_DEP;
689 sockaddr.dsap = ui_cb->dsap;
690 sockaddr.ssap = ui_cb->ssap;
691 691
692 memcpy(msg->msg_name, &sockaddr, sizeof(sockaddr)); 692 sockaddr->sa_family = AF_NFC;
693 msg->msg_namelen = sizeof(sockaddr); 693 sockaddr->nfc_protocol = NFC_PROTO_NFC_DEP;
694 sockaddr->dsap = ui_cb->dsap;
695 sockaddr->ssap = ui_cb->ssap;
694 } 696 }
695 697
696 /* Mark read part of skb as used */ 698 /* Mark read part of skb as used */
@@ -806,7 +808,6 @@ struct sock *nfc_llcp_sock_alloc(struct socket *sock, int type, gfp_t gfp)
806 llcp_sock->reserved_ssap = LLCP_SAP_MAX; 808 llcp_sock->reserved_ssap = LLCP_SAP_MAX;
807 skb_queue_head_init(&llcp_sock->tx_queue); 809 skb_queue_head_init(&llcp_sock->tx_queue);
808 skb_queue_head_init(&llcp_sock->tx_pending_queue); 810 skb_queue_head_init(&llcp_sock->tx_pending_queue);
809 skb_queue_head_init(&llcp_sock->tx_backlog_queue);
810 INIT_LIST_HEAD(&llcp_sock->accept_queue); 811 INIT_LIST_HEAD(&llcp_sock->accept_queue);
811 812
812 if (sock != NULL) 813 if (sock != NULL)
@@ -821,7 +822,6 @@ void nfc_llcp_sock_free(struct nfc_llcp_sock *sock)
821 822
822 skb_queue_purge(&sock->tx_queue); 823 skb_queue_purge(&sock->tx_queue);
823 skb_queue_purge(&sock->tx_pending_queue); 824 skb_queue_purge(&sock->tx_pending_queue);
824 skb_queue_purge(&sock->tx_backlog_queue);
825 825
826 list_del_init(&sock->accept_queue); 826 list_del_init(&sock->accept_queue);
827 827
diff --git a/net/nfc/nci/core.c b/net/nfc/nci/core.c
index 5f98dc1bf039..48ada0ec749e 100644
--- a/net/nfc/nci/core.c
+++ b/net/nfc/nci/core.c
@@ -658,6 +658,7 @@ static struct nfc_ops nci_nfc_ops = {
658 */ 658 */
659struct nci_dev *nci_allocate_device(struct nci_ops *ops, 659struct nci_dev *nci_allocate_device(struct nci_ops *ops,
660 __u32 supported_protocols, 660 __u32 supported_protocols,
661 __u32 supported_se,
661 int tx_headroom, int tx_tailroom) 662 int tx_headroom, int tx_tailroom)
662{ 663{
663 struct nci_dev *ndev; 664 struct nci_dev *ndev;
@@ -680,6 +681,7 @@ struct nci_dev *nci_allocate_device(struct nci_ops *ops,
680 681
681 ndev->nfc_dev = nfc_allocate_device(&nci_nfc_ops, 682 ndev->nfc_dev = nfc_allocate_device(&nci_nfc_ops,
682 supported_protocols, 683 supported_protocols,
684 supported_se,
683 tx_headroom + NCI_DATA_HDR_SIZE, 685 tx_headroom + NCI_DATA_HDR_SIZE,
684 tx_tailroom); 686 tx_tailroom);
685 if (!ndev->nfc_dev) 687 if (!ndev->nfc_dev)
diff --git a/net/nfc/netlink.c b/net/nfc/netlink.c
index 3568ae16786d..504b883439f1 100644
--- a/net/nfc/netlink.c
+++ b/net/nfc/netlink.c
@@ -366,6 +366,7 @@ static int nfc_genl_send_device(struct sk_buff *msg, struct nfc_dev *dev,
366 if (nla_put_string(msg, NFC_ATTR_DEVICE_NAME, nfc_device_name(dev)) || 366 if (nla_put_string(msg, NFC_ATTR_DEVICE_NAME, nfc_device_name(dev)) ||
367 nla_put_u32(msg, NFC_ATTR_DEVICE_INDEX, dev->idx) || 367 nla_put_u32(msg, NFC_ATTR_DEVICE_INDEX, dev->idx) ||
368 nla_put_u32(msg, NFC_ATTR_PROTOCOLS, dev->supported_protocols) || 368 nla_put_u32(msg, NFC_ATTR_PROTOCOLS, dev->supported_protocols) ||
369 nla_put_u32(msg, NFC_ATTR_SE, dev->supported_se) ||
369 nla_put_u8(msg, NFC_ATTR_DEVICE_POWERED, dev->dev_up) || 370 nla_put_u8(msg, NFC_ATTR_DEVICE_POWERED, dev->dev_up) ||
370 nla_put_u8(msg, NFC_ATTR_RF_MODE, dev->rf_mode)) 371 nla_put_u8(msg, NFC_ATTR_RF_MODE, dev->rf_mode))
371 goto nla_put_failure; 372 goto nla_put_failure;
diff --git a/net/wireless/ap.c b/net/wireless/ap.c
index 324e8d851dc4..a4a14e8f55cc 100644
--- a/net/wireless/ap.c
+++ b/net/wireless/ap.c
@@ -46,3 +46,65 @@ int cfg80211_stop_ap(struct cfg80211_registered_device *rdev,
46 46
47 return err; 47 return err;
48} 48}
49
50void cfg80211_ch_switch_notify(struct net_device *dev,
51 struct cfg80211_chan_def *chandef)
52{
53 struct wireless_dev *wdev = dev->ieee80211_ptr;
54 struct wiphy *wiphy = wdev->wiphy;
55 struct cfg80211_registered_device *rdev = wiphy_to_dev(wiphy);
56
57 trace_cfg80211_ch_switch_notify(dev, chandef);
58
59 wdev_lock(wdev);
60
61 if (WARN_ON(wdev->iftype != NL80211_IFTYPE_AP &&
62 wdev->iftype != NL80211_IFTYPE_P2P_GO))
63 goto out;
64
65 wdev->channel = chandef->chan;
66 nl80211_ch_switch_notify(rdev, dev, chandef, GFP_KERNEL);
67out:
68 wdev_unlock(wdev);
69 return;
70}
71EXPORT_SYMBOL(cfg80211_ch_switch_notify);
72
73bool cfg80211_rx_spurious_frame(struct net_device *dev,
74 const u8 *addr, gfp_t gfp)
75{
76 struct wireless_dev *wdev = dev->ieee80211_ptr;
77 bool ret;
78
79 trace_cfg80211_rx_spurious_frame(dev, addr);
80
81 if (WARN_ON(wdev->iftype != NL80211_IFTYPE_AP &&
82 wdev->iftype != NL80211_IFTYPE_P2P_GO)) {
83 trace_cfg80211_return_bool(false);
84 return false;
85 }
86 ret = nl80211_unexpected_frame(dev, addr, gfp);
87 trace_cfg80211_return_bool(ret);
88 return ret;
89}
90EXPORT_SYMBOL(cfg80211_rx_spurious_frame);
91
92bool cfg80211_rx_unexpected_4addr_frame(struct net_device *dev,
93 const u8 *addr, gfp_t gfp)
94{
95 struct wireless_dev *wdev = dev->ieee80211_ptr;
96 bool ret;
97
98 trace_cfg80211_rx_unexpected_4addr_frame(dev, addr);
99
100 if (WARN_ON(wdev->iftype != NL80211_IFTYPE_AP &&
101 wdev->iftype != NL80211_IFTYPE_P2P_GO &&
102 wdev->iftype != NL80211_IFTYPE_AP_VLAN)) {
103 trace_cfg80211_return_bool(false);
104 return false;
105 }
106 ret = nl80211_unexpected_4addr_frame(dev, addr, gfp);
107 trace_cfg80211_return_bool(ret);
108 return ret;
109}
110EXPORT_SYMBOL(cfg80211_rx_unexpected_4addr_frame);
diff --git a/net/wireless/chan.c b/net/wireless/chan.c
index a7990bb16529..396373f3ec26 100644
--- a/net/wireless/chan.c
+++ b/net/wireless/chan.c
@@ -76,6 +76,10 @@ bool cfg80211_chandef_valid(const struct cfg80211_chan_def *chandef)
76 return false; 76 return false;
77 if (!chandef->center_freq2) 77 if (!chandef->center_freq2)
78 return false; 78 return false;
79 /* adjacent is not allowed -- that's a 160 MHz channel */
80 if (chandef->center_freq1 - chandef->center_freq2 == 80 ||
81 chandef->center_freq2 - chandef->center_freq1 == 80)
82 return false;
79 break; 83 break;
80 case NL80211_CHAN_WIDTH_80: 84 case NL80211_CHAN_WIDTH_80:
81 if (chandef->center_freq1 != control_freq + 30 && 85 if (chandef->center_freq1 != control_freq + 30 &&
diff --git a/net/wireless/core.c b/net/wireless/core.c
index 14d990400354..ce827242f390 100644
--- a/net/wireless/core.c
+++ b/net/wireless/core.c
@@ -57,9 +57,6 @@ struct cfg80211_registered_device *cfg80211_rdev_by_wiphy_idx(int wiphy_idx)
57{ 57{
58 struct cfg80211_registered_device *result = NULL, *rdev; 58 struct cfg80211_registered_device *result = NULL, *rdev;
59 59
60 if (!wiphy_idx_valid(wiphy_idx))
61 return NULL;
62
63 assert_cfg80211_lock(); 60 assert_cfg80211_lock();
64 61
65 list_for_each_entry(rdev, &cfg80211_rdev_list, list) { 62 list_for_each_entry(rdev, &cfg80211_rdev_list, list) {
@@ -74,10 +71,8 @@ struct cfg80211_registered_device *cfg80211_rdev_by_wiphy_idx(int wiphy_idx)
74 71
75int get_wiphy_idx(struct wiphy *wiphy) 72int get_wiphy_idx(struct wiphy *wiphy)
76{ 73{
77 struct cfg80211_registered_device *rdev; 74 struct cfg80211_registered_device *rdev = wiphy_to_dev(wiphy);
78 if (!wiphy) 75
79 return WIPHY_IDX_STALE;
80 rdev = wiphy_to_dev(wiphy);
81 return rdev->wiphy_idx; 76 return rdev->wiphy_idx;
82} 77}
83 78
@@ -86,9 +81,6 @@ struct wiphy *wiphy_idx_to_wiphy(int wiphy_idx)
86{ 81{
87 struct cfg80211_registered_device *rdev; 82 struct cfg80211_registered_device *rdev;
88 83
89 if (!wiphy_idx_valid(wiphy_idx))
90 return NULL;
91
92 assert_cfg80211_lock(); 84 assert_cfg80211_lock();
93 85
94 rdev = cfg80211_rdev_by_wiphy_idx(wiphy_idx); 86 rdev = cfg80211_rdev_by_wiphy_idx(wiphy_idx);
@@ -309,7 +301,7 @@ struct wiphy *wiphy_new(const struct cfg80211_ops *ops, int sizeof_priv)
309 301
310 rdev->wiphy_idx = wiphy_counter++; 302 rdev->wiphy_idx = wiphy_counter++;
311 303
312 if (unlikely(!wiphy_idx_valid(rdev->wiphy_idx))) { 304 if (unlikely(rdev->wiphy_idx < 0)) {
313 wiphy_counter--; 305 wiphy_counter--;
314 mutex_unlock(&cfg80211_mutex); 306 mutex_unlock(&cfg80211_mutex);
315 /* ugh, wrapped! */ 307 /* ugh, wrapped! */
@@ -390,8 +382,11 @@ static int wiphy_verify_combinations(struct wiphy *wiphy)
390 382
391 c = &wiphy->iface_combinations[i]; 383 c = &wiphy->iface_combinations[i];
392 384
393 /* Combinations with just one interface aren't real */ 385 /*
394 if (WARN_ON(c->max_interfaces < 2)) 386 * Combinations with just one interface aren't real,
387 * however we make an exception for DFS.
388 */
389 if (WARN_ON((c->max_interfaces < 2) && !c->radar_detect_widths))
395 return -EINVAL; 390 return -EINVAL;
396 391
397 /* Need at least one channel */ 392 /* Need at least one channel */
@@ -406,6 +401,11 @@ static int wiphy_verify_combinations(struct wiphy *wiphy)
406 CFG80211_MAX_NUM_DIFFERENT_CHANNELS)) 401 CFG80211_MAX_NUM_DIFFERENT_CHANNELS))
407 return -EINVAL; 402 return -EINVAL;
408 403
404 /* DFS only works on one channel. */
405 if (WARN_ON(c->radar_detect_widths &&
406 (c->num_different_channels > 1)))
407 return -EINVAL;
408
409 if (WARN_ON(!c->n_limits)) 409 if (WARN_ON(!c->n_limits))
410 return -EINVAL; 410 return -EINVAL;
411 411
@@ -478,6 +478,11 @@ int wiphy_register(struct wiphy *wiphy)
478 ETH_ALEN))) 478 ETH_ALEN)))
479 return -EINVAL; 479 return -EINVAL;
480 480
481 if (WARN_ON(wiphy->max_acl_mac_addrs &&
482 (!(wiphy->flags & WIPHY_FLAG_HAVE_AP_SME) ||
483 !rdev->ops->set_mac_acl)))
484 return -EINVAL;
485
481 if (wiphy->addresses) 486 if (wiphy->addresses)
482 memcpy(wiphy->perm_addr, wiphy->addresses[0].addr, ETH_ALEN); 487 memcpy(wiphy->perm_addr, wiphy->addresses[0].addr, ETH_ALEN);
483 488
diff --git a/net/wireless/core.h b/net/wireless/core.h
index 3563097169cb..8396f7671c8d 100644
--- a/net/wireless/core.h
+++ b/net/wireless/core.h
@@ -18,6 +18,9 @@
18#include <net/cfg80211.h> 18#include <net/cfg80211.h>
19#include "reg.h" 19#include "reg.h"
20 20
21
22#define WIPHY_IDX_INVALID -1
23
21struct cfg80211_registered_device { 24struct cfg80211_registered_device {
22 const struct cfg80211_ops *ops; 25 const struct cfg80211_ops *ops;
23 struct list_head list; 26 struct list_head list;
@@ -86,7 +89,7 @@ struct cfg80211_registered_device {
86 89
87 /* must be last because of the way we do wiphy_priv(), 90 /* must be last because of the way we do wiphy_priv(),
88 * and it should at least be aligned to NETDEV_ALIGN */ 91 * and it should at least be aligned to NETDEV_ALIGN */
89 struct wiphy wiphy __attribute__((__aligned__(NETDEV_ALIGN))); 92 struct wiphy wiphy __aligned(NETDEV_ALIGN);
90}; 93};
91 94
92static inline 95static inline
@@ -96,13 +99,6 @@ struct cfg80211_registered_device *wiphy_to_dev(struct wiphy *wiphy)
96 return container_of(wiphy, struct cfg80211_registered_device, wiphy); 99 return container_of(wiphy, struct cfg80211_registered_device, wiphy);
97} 100}
98 101
99/* Note 0 is valid, hence phy0 */
100static inline
101bool wiphy_idx_valid(int wiphy_idx)
102{
103 return wiphy_idx >= 0;
104}
105
106static inline void 102static inline void
107cfg80211_rdev_free_wowlan(struct cfg80211_registered_device *rdev) 103cfg80211_rdev_free_wowlan(struct cfg80211_registered_device *rdev)
108{ 104{
@@ -126,12 +122,6 @@ static inline void assert_cfg80211_lock(void)
126 lockdep_assert_held(&cfg80211_mutex); 122 lockdep_assert_held(&cfg80211_mutex);
127} 123}
128 124
129/*
130 * You can use this to mark a wiphy_idx as not having an associated wiphy.
131 * It guarantees cfg80211_rdev_by_wiphy_idx(wiphy_idx) will return NULL
132 */
133#define WIPHY_IDX_STALE -1
134
135struct cfg80211_internal_bss { 125struct cfg80211_internal_bss {
136 struct list_head list; 126 struct list_head list;
137 struct rb_node rbn; 127 struct rb_node rbn;
@@ -435,7 +425,8 @@ int cfg80211_can_use_iftype_chan(struct cfg80211_registered_device *rdev,
435 struct wireless_dev *wdev, 425 struct wireless_dev *wdev,
436 enum nl80211_iftype iftype, 426 enum nl80211_iftype iftype,
437 struct ieee80211_channel *chan, 427 struct ieee80211_channel *chan,
438 enum cfg80211_chan_mode chanmode); 428 enum cfg80211_chan_mode chanmode,
429 u8 radar_detect);
439 430
440static inline int 431static inline int
441cfg80211_can_change_interface(struct cfg80211_registered_device *rdev, 432cfg80211_can_change_interface(struct cfg80211_registered_device *rdev,
@@ -443,7 +434,7 @@ cfg80211_can_change_interface(struct cfg80211_registered_device *rdev,
443 enum nl80211_iftype iftype) 434 enum nl80211_iftype iftype)
444{ 435{
445 return cfg80211_can_use_iftype_chan(rdev, wdev, iftype, NULL, 436 return cfg80211_can_use_iftype_chan(rdev, wdev, iftype, NULL,
446 CHAN_MODE_UNDEFINED); 437 CHAN_MODE_UNDEFINED, 0);
447} 438}
448 439
449static inline int 440static inline int
@@ -460,7 +451,7 @@ cfg80211_can_use_chan(struct cfg80211_registered_device *rdev,
460 enum cfg80211_chan_mode chanmode) 451 enum cfg80211_chan_mode chanmode)
461{ 452{
462 return cfg80211_can_use_iftype_chan(rdev, wdev, wdev->iftype, 453 return cfg80211_can_use_iftype_chan(rdev, wdev, wdev->iftype,
463 chan, chanmode); 454 chan, chanmode, 0);
464} 455}
465 456
466void 457void
diff --git a/net/wireless/mesh.c b/net/wireless/mesh.c
index f9d6ce5cfabb..55957a284f6c 100644
--- a/net/wireless/mesh.c
+++ b/net/wireless/mesh.c
@@ -44,6 +44,10 @@
44 44
45#define MESH_SYNC_NEIGHBOR_OFFSET_MAX 50 45#define MESH_SYNC_NEIGHBOR_OFFSET_MAX 50
46 46
47#define MESH_DEFAULT_BEACON_INTERVAL 1000 /* in 1024 us units (=TUs) */
48#define MESH_DEFAULT_DTIM_PERIOD 2
49#define MESH_DEFAULT_AWAKE_WINDOW 10 /* in 1024 us units (=TUs) */
50
47const struct mesh_config default_mesh_config = { 51const struct mesh_config default_mesh_config = {
48 .dot11MeshRetryTimeout = MESH_RET_T, 52 .dot11MeshRetryTimeout = MESH_RET_T,
49 .dot11MeshConfirmTimeout = MESH_CONF_T, 53 .dot11MeshConfirmTimeout = MESH_CONF_T,
@@ -69,6 +73,8 @@ const struct mesh_config default_mesh_config = {
69 .dot11MeshHWMPactivePathToRootTimeout = MESH_PATH_TO_ROOT_TIMEOUT, 73 .dot11MeshHWMPactivePathToRootTimeout = MESH_PATH_TO_ROOT_TIMEOUT,
70 .dot11MeshHWMProotInterval = MESH_ROOT_INTERVAL, 74 .dot11MeshHWMProotInterval = MESH_ROOT_INTERVAL,
71 .dot11MeshHWMPconfirmationInterval = MESH_ROOT_CONFIRMATION_INTERVAL, 75 .dot11MeshHWMPconfirmationInterval = MESH_ROOT_CONFIRMATION_INTERVAL,
76 .power_mode = NL80211_MESH_POWER_ACTIVE,
77 .dot11MeshAwakeWindowDuration = MESH_DEFAULT_AWAKE_WINDOW,
72}; 78};
73 79
74const struct mesh_setup default_mesh_setup = { 80const struct mesh_setup default_mesh_setup = {
@@ -79,6 +85,8 @@ const struct mesh_setup default_mesh_setup = {
79 .ie = NULL, 85 .ie = NULL,
80 .ie_len = 0, 86 .ie_len = 0,
81 .is_secure = false, 87 .is_secure = false,
88 .beacon_interval = MESH_DEFAULT_BEACON_INTERVAL,
89 .dtim_period = MESH_DEFAULT_DTIM_PERIOD,
82}; 90};
83 91
84int __cfg80211_join_mesh(struct cfg80211_registered_device *rdev, 92int __cfg80211_join_mesh(struct cfg80211_registered_device *rdev,
diff --git a/net/wireless/mlme.c b/net/wireless/mlme.c
index 5e8123ee63fd..461e692cdfec 100644
--- a/net/wireless/mlme.c
+++ b/net/wireless/mlme.c
@@ -987,65 +987,3 @@ void cfg80211_pmksa_candidate_notify(struct net_device *dev, int index,
987 nl80211_pmksa_candidate_notify(rdev, dev, index, bssid, preauth, gfp); 987 nl80211_pmksa_candidate_notify(rdev, dev, index, bssid, preauth, gfp);
988} 988}
989EXPORT_SYMBOL(cfg80211_pmksa_candidate_notify); 989EXPORT_SYMBOL(cfg80211_pmksa_candidate_notify);
990
991void cfg80211_ch_switch_notify(struct net_device *dev,
992 struct cfg80211_chan_def *chandef)
993{
994 struct wireless_dev *wdev = dev->ieee80211_ptr;
995 struct wiphy *wiphy = wdev->wiphy;
996 struct cfg80211_registered_device *rdev = wiphy_to_dev(wiphy);
997
998 trace_cfg80211_ch_switch_notify(dev, chandef);
999
1000 wdev_lock(wdev);
1001
1002 if (WARN_ON(wdev->iftype != NL80211_IFTYPE_AP &&
1003 wdev->iftype != NL80211_IFTYPE_P2P_GO))
1004 goto out;
1005
1006 wdev->channel = chandef->chan;
1007 nl80211_ch_switch_notify(rdev, dev, chandef, GFP_KERNEL);
1008out:
1009 wdev_unlock(wdev);
1010 return;
1011}
1012EXPORT_SYMBOL(cfg80211_ch_switch_notify);
1013
1014bool cfg80211_rx_spurious_frame(struct net_device *dev,
1015 const u8 *addr, gfp_t gfp)
1016{
1017 struct wireless_dev *wdev = dev->ieee80211_ptr;
1018 bool ret;
1019
1020 trace_cfg80211_rx_spurious_frame(dev, addr);
1021
1022 if (WARN_ON(wdev->iftype != NL80211_IFTYPE_AP &&
1023 wdev->iftype != NL80211_IFTYPE_P2P_GO)) {
1024 trace_cfg80211_return_bool(false);
1025 return false;
1026 }
1027 ret = nl80211_unexpected_frame(dev, addr, gfp);
1028 trace_cfg80211_return_bool(ret);
1029 return ret;
1030}
1031EXPORT_SYMBOL(cfg80211_rx_spurious_frame);
1032
1033bool cfg80211_rx_unexpected_4addr_frame(struct net_device *dev,
1034 const u8 *addr, gfp_t gfp)
1035{
1036 struct wireless_dev *wdev = dev->ieee80211_ptr;
1037 bool ret;
1038
1039 trace_cfg80211_rx_unexpected_4addr_frame(dev, addr);
1040
1041 if (WARN_ON(wdev->iftype != NL80211_IFTYPE_AP &&
1042 wdev->iftype != NL80211_IFTYPE_P2P_GO &&
1043 wdev->iftype != NL80211_IFTYPE_AP_VLAN)) {
1044 trace_cfg80211_return_bool(false);
1045 return false;
1046 }
1047 ret = nl80211_unexpected_4addr_frame(dev, addr, gfp);
1048 trace_cfg80211_return_bool(ret);
1049 return ret;
1050}
1051EXPORT_SYMBOL(cfg80211_rx_unexpected_4addr_frame);
diff --git a/net/wireless/nl80211.c b/net/wireless/nl80211.c
index f45706adaf34..b5978ab4ad7a 100644
--- a/net/wireless/nl80211.c
+++ b/net/wireless/nl80211.c
@@ -365,6 +365,8 @@ static const struct nla_policy nl80211_policy[NL80211_ATTR_MAX+1] = {
365 [NL80211_ATTR_SCAN_FLAGS] = { .type = NLA_U32 }, 365 [NL80211_ATTR_SCAN_FLAGS] = { .type = NLA_U32 },
366 [NL80211_ATTR_P2P_CTWINDOW] = { .type = NLA_U8 }, 366 [NL80211_ATTR_P2P_CTWINDOW] = { .type = NLA_U8 },
367 [NL80211_ATTR_P2P_OPPPS] = { .type = NLA_U8 }, 367 [NL80211_ATTR_P2P_OPPPS] = { .type = NLA_U8 },
368 [NL80211_ATTR_ACL_POLICY] = {. type = NLA_U32 },
369 [NL80211_ATTR_MAC_ADDRS] = { .type = NLA_NESTED },
368}; 370};
369 371
370/* policy for the key attributes */ 372/* policy for the key attributes */
@@ -856,6 +858,9 @@ static int nl80211_put_iface_combinations(struct wiphy *wiphy,
856 nla_put_u32(msg, NL80211_IFACE_COMB_MAXNUM, 858 nla_put_u32(msg, NL80211_IFACE_COMB_MAXNUM,
857 c->max_interfaces)) 859 c->max_interfaces))
858 goto nla_put_failure; 860 goto nla_put_failure;
861 if (nla_put_u32(msg, NL80211_IFACE_COMB_RADAR_DETECT_WIDTHS,
862 c->radar_detect_widths))
863 goto nla_put_failure;
859 864
860 nla_nest_end(msg, nl_combi); 865 nla_nest_end(msg, nl_combi);
861 } 866 }
@@ -1265,6 +1270,12 @@ static int nl80211_send_wiphy(struct sk_buff *msg, u32 portid, u32 seq, int flag
1265 dev->wiphy.ht_capa_mod_mask)) 1270 dev->wiphy.ht_capa_mod_mask))
1266 goto nla_put_failure; 1271 goto nla_put_failure;
1267 1272
1273 if (dev->wiphy.flags & WIPHY_FLAG_HAVE_AP_SME &&
1274 dev->wiphy.max_acl_mac_addrs &&
1275 nla_put_u32(msg, NL80211_ATTR_MAC_ACL_MAX,
1276 dev->wiphy.max_acl_mac_addrs))
1277 goto nla_put_failure;
1278
1268 return genlmsg_end(msg, hdr); 1279 return genlmsg_end(msg, hdr);
1269 1280
1270 nla_put_failure: 1281 nla_put_failure:
@@ -2079,6 +2090,13 @@ static int nl80211_new_interface(struct sk_buff *skb, struct genl_info *info)
2079 !(rdev->wiphy.interface_modes & (1 << type))) 2090 !(rdev->wiphy.interface_modes & (1 << type)))
2080 return -EOPNOTSUPP; 2091 return -EOPNOTSUPP;
2081 2092
2093 if (type == NL80211_IFTYPE_P2P_DEVICE && info->attrs[NL80211_ATTR_MAC]) {
2094 nla_memcpy(params.macaddr, info->attrs[NL80211_ATTR_MAC],
2095 ETH_ALEN);
2096 if (!is_valid_ether_addr(params.macaddr))
2097 return -EADDRNOTAVAIL;
2098 }
2099
2082 if (info->attrs[NL80211_ATTR_4ADDR]) { 2100 if (info->attrs[NL80211_ATTR_4ADDR]) {
2083 params.use_4addr = !!nla_get_u8(info->attrs[NL80211_ATTR_4ADDR]); 2101 params.use_4addr = !!nla_get_u8(info->attrs[NL80211_ATTR_4ADDR]);
2084 err = nl80211_valid_4addr(rdev, NULL, params.use_4addr, type); 2102 err = nl80211_valid_4addr(rdev, NULL, params.use_4addr, type);
@@ -2481,6 +2499,97 @@ static int nl80211_del_key(struct sk_buff *skb, struct genl_info *info)
2481 return err; 2499 return err;
2482} 2500}
2483 2501
2502/* This function returns an error or the number of nested attributes */
2503static int validate_acl_mac_addrs(struct nlattr *nl_attr)
2504{
2505 struct nlattr *attr;
2506 int n_entries = 0, tmp;
2507
2508 nla_for_each_nested(attr, nl_attr, tmp) {
2509 if (nla_len(attr) != ETH_ALEN)
2510 return -EINVAL;
2511
2512 n_entries++;
2513 }
2514
2515 return n_entries;
2516}
2517
2518/*
2519 * This function parses ACL information and allocates memory for ACL data.
2520 * On successful return, the calling function is responsible to free the
2521 * ACL buffer returned by this function.
2522 */
2523static struct cfg80211_acl_data *parse_acl_data(struct wiphy *wiphy,
2524 struct genl_info *info)
2525{
2526 enum nl80211_acl_policy acl_policy;
2527 struct nlattr *attr;
2528 struct cfg80211_acl_data *acl;
2529 int i = 0, n_entries, tmp;
2530
2531 if (!wiphy->max_acl_mac_addrs)
2532 return ERR_PTR(-EOPNOTSUPP);
2533
2534 if (!info->attrs[NL80211_ATTR_ACL_POLICY])
2535 return ERR_PTR(-EINVAL);
2536
2537 acl_policy = nla_get_u32(info->attrs[NL80211_ATTR_ACL_POLICY]);
2538 if (acl_policy != NL80211_ACL_POLICY_ACCEPT_UNLESS_LISTED &&
2539 acl_policy != NL80211_ACL_POLICY_DENY_UNLESS_LISTED)
2540 return ERR_PTR(-EINVAL);
2541
2542 if (!info->attrs[NL80211_ATTR_MAC_ADDRS])
2543 return ERR_PTR(-EINVAL);
2544
2545 n_entries = validate_acl_mac_addrs(info->attrs[NL80211_ATTR_MAC_ADDRS]);
2546 if (n_entries < 0)
2547 return ERR_PTR(n_entries);
2548
2549 if (n_entries > wiphy->max_acl_mac_addrs)
2550 return ERR_PTR(-ENOTSUPP);
2551
2552 acl = kzalloc(sizeof(*acl) + (sizeof(struct mac_address) * n_entries),
2553 GFP_KERNEL);
2554 if (!acl)
2555 return ERR_PTR(-ENOMEM);
2556
2557 nla_for_each_nested(attr, info->attrs[NL80211_ATTR_MAC_ADDRS], tmp) {
2558 memcpy(acl->mac_addrs[i].addr, nla_data(attr), ETH_ALEN);
2559 i++;
2560 }
2561
2562 acl->n_acl_entries = n_entries;
2563 acl->acl_policy = acl_policy;
2564
2565 return acl;
2566}
2567
2568static int nl80211_set_mac_acl(struct sk_buff *skb, struct genl_info *info)
2569{
2570 struct cfg80211_registered_device *rdev = info->user_ptr[0];
2571 struct net_device *dev = info->user_ptr[1];
2572 struct cfg80211_acl_data *acl;
2573 int err;
2574
2575 if (dev->ieee80211_ptr->iftype != NL80211_IFTYPE_AP &&
2576 dev->ieee80211_ptr->iftype != NL80211_IFTYPE_P2P_GO)
2577 return -EOPNOTSUPP;
2578
2579 if (!dev->ieee80211_ptr->beacon_interval)
2580 return -EINVAL;
2581
2582 acl = parse_acl_data(&rdev->wiphy, info);
2583 if (IS_ERR(acl))
2584 return PTR_ERR(acl);
2585
2586 err = rdev_set_mac_acl(rdev, dev, acl);
2587
2588 kfree(acl);
2589
2590 return err;
2591}
2592
2484static int nl80211_parse_beacon(struct genl_info *info, 2593static int nl80211_parse_beacon(struct genl_info *info,
2485 struct cfg80211_beacon_data *bcn) 2594 struct cfg80211_beacon_data *bcn)
2486{ 2595{
@@ -2724,6 +2833,12 @@ static int nl80211_start_ap(struct sk_buff *skb, struct genl_info *info)
2724 if (err) 2833 if (err)
2725 return err; 2834 return err;
2726 2835
2836 if (info->attrs[NL80211_ATTR_ACL_POLICY]) {
2837 params.acl = parse_acl_data(&rdev->wiphy, info);
2838 if (IS_ERR(params.acl))
2839 return PTR_ERR(params.acl);
2840 }
2841
2727 err = rdev_start_ap(rdev, dev, &params); 2842 err = rdev_start_ap(rdev, dev, &params);
2728 if (!err) { 2843 if (!err) {
2729 wdev->preset_chandef = params.chandef; 2844 wdev->preset_chandef = params.chandef;
@@ -2732,6 +2847,9 @@ static int nl80211_start_ap(struct sk_buff *skb, struct genl_info *info)
2732 wdev->ssid_len = params.ssid_len; 2847 wdev->ssid_len = params.ssid_len;
2733 memcpy(wdev->ssid, params.ssid, wdev->ssid_len); 2848 memcpy(wdev->ssid, params.ssid, wdev->ssid_len);
2734 } 2849 }
2850
2851 kfree(params.acl);
2852
2735 return err; 2853 return err;
2736} 2854}
2737 2855
@@ -3001,6 +3119,18 @@ static int nl80211_send_station(struct sk_buff *msg, u32 portid, u32 seq,
3001 nla_put_u32(msg, NL80211_STA_INFO_BEACON_LOSS, 3119 nla_put_u32(msg, NL80211_STA_INFO_BEACON_LOSS,
3002 sinfo->beacon_loss_count)) 3120 sinfo->beacon_loss_count))
3003 goto nla_put_failure; 3121 goto nla_put_failure;
3122 if ((sinfo->filled & STATION_INFO_LOCAL_PM) &&
3123 nla_put_u32(msg, NL80211_STA_INFO_LOCAL_PM,
3124 sinfo->local_pm))
3125 goto nla_put_failure;
3126 if ((sinfo->filled & STATION_INFO_PEER_PM) &&
3127 nla_put_u32(msg, NL80211_STA_INFO_PEER_PM,
3128 sinfo->peer_pm))
3129 goto nla_put_failure;
3130 if ((sinfo->filled & STATION_INFO_NONPEER_PM) &&
3131 nla_put_u32(msg, NL80211_STA_INFO_NONPEER_PM,
3132 sinfo->nonpeer_pm))
3133 goto nla_put_failure;
3004 if (sinfo->filled & STATION_INFO_BSS_PARAM) { 3134 if (sinfo->filled & STATION_INFO_BSS_PARAM) {
3005 bss_param = nla_nest_start(msg, NL80211_STA_INFO_BSS_PARAM); 3135 bss_param = nla_nest_start(msg, NL80211_STA_INFO_BSS_PARAM);
3006 if (!bss_param) 3136 if (!bss_param)
@@ -3188,13 +3318,9 @@ static int nl80211_set_station(struct sk_buff *skb, struct genl_info *info)
3188 nla_len(info->attrs[NL80211_ATTR_STA_SUPPORTED_RATES]); 3318 nla_len(info->attrs[NL80211_ATTR_STA_SUPPORTED_RATES]);
3189 } 3319 }
3190 3320
3191 if (info->attrs[NL80211_ATTR_STA_LISTEN_INTERVAL]) 3321 if (info->attrs[NL80211_ATTR_STA_LISTEN_INTERVAL] ||
3192 params.listen_interval = 3322 info->attrs[NL80211_ATTR_HT_CAPABILITY])
3193 nla_get_u16(info->attrs[NL80211_ATTR_STA_LISTEN_INTERVAL]); 3323 return -EINVAL;
3194
3195 if (info->attrs[NL80211_ATTR_HT_CAPABILITY])
3196 params.ht_capa =
3197 nla_data(info->attrs[NL80211_ATTR_HT_CAPABILITY]);
3198 3324
3199 if (!rdev->ops->change_station) 3325 if (!rdev->ops->change_station)
3200 return -EOPNOTSUPP; 3326 return -EOPNOTSUPP;
@@ -3210,6 +3336,17 @@ static int nl80211_set_station(struct sk_buff *skb, struct genl_info *info)
3210 params.plink_state = 3336 params.plink_state =
3211 nla_get_u8(info->attrs[NL80211_ATTR_STA_PLINK_STATE]); 3337 nla_get_u8(info->attrs[NL80211_ATTR_STA_PLINK_STATE]);
3212 3338
3339 if (info->attrs[NL80211_ATTR_LOCAL_MESH_POWER_MODE]) {
3340 enum nl80211_mesh_power_mode pm = nla_get_u32(
3341 info->attrs[NL80211_ATTR_LOCAL_MESH_POWER_MODE]);
3342
3343 if (pm <= NL80211_MESH_POWER_UNKNOWN ||
3344 pm > NL80211_MESH_POWER_MAX)
3345 return -EINVAL;
3346
3347 params.local_pm = pm;
3348 }
3349
3213 switch (dev->ieee80211_ptr->iftype) { 3350 switch (dev->ieee80211_ptr->iftype) {
3214 case NL80211_IFTYPE_AP: 3351 case NL80211_IFTYPE_AP:
3215 case NL80211_IFTYPE_AP_VLAN: 3352 case NL80211_IFTYPE_AP_VLAN:
@@ -3217,6 +3354,8 @@ static int nl80211_set_station(struct sk_buff *skb, struct genl_info *info)
3217 /* disallow mesh-specific things */ 3354 /* disallow mesh-specific things */
3218 if (params.plink_action) 3355 if (params.plink_action)
3219 return -EINVAL; 3356 return -EINVAL;
3357 if (params.local_pm)
3358 return -EINVAL;
3220 3359
3221 /* TDLS can't be set, ... */ 3360 /* TDLS can't be set, ... */
3222 if (params.sta_flags_set & BIT(NL80211_STA_FLAG_TDLS_PEER)) 3361 if (params.sta_flags_set & BIT(NL80211_STA_FLAG_TDLS_PEER))
@@ -3231,11 +3370,25 @@ static int nl80211_set_station(struct sk_buff *skb, struct genl_info *info)
3231 /* accept only the listed bits */ 3370 /* accept only the listed bits */
3232 if (params.sta_flags_mask & 3371 if (params.sta_flags_mask &
3233 ~(BIT(NL80211_STA_FLAG_AUTHORIZED) | 3372 ~(BIT(NL80211_STA_FLAG_AUTHORIZED) |
3373 BIT(NL80211_STA_FLAG_AUTHENTICATED) |
3374 BIT(NL80211_STA_FLAG_ASSOCIATED) |
3234 BIT(NL80211_STA_FLAG_SHORT_PREAMBLE) | 3375 BIT(NL80211_STA_FLAG_SHORT_PREAMBLE) |
3235 BIT(NL80211_STA_FLAG_WME) | 3376 BIT(NL80211_STA_FLAG_WME) |
3236 BIT(NL80211_STA_FLAG_MFP))) 3377 BIT(NL80211_STA_FLAG_MFP)))
3237 return -EINVAL; 3378 return -EINVAL;
3238 3379
3380 /* but authenticated/associated only if driver handles it */
3381 if (!(rdev->wiphy.features &
3382 NL80211_FEATURE_FULL_AP_CLIENT_STATE) &&
3383 params.sta_flags_mask &
3384 (BIT(NL80211_STA_FLAG_AUTHENTICATED) |
3385 BIT(NL80211_STA_FLAG_ASSOCIATED)))
3386 return -EINVAL;
3387
3388 /* reject other things that can't change */
3389 if (params.supported_rates)
3390 return -EINVAL;
3391
3239 /* must be last in here for error handling */ 3392 /* must be last in here for error handling */
3240 params.vlan = get_vlan(info, rdev); 3393 params.vlan = get_vlan(info, rdev);
3241 if (IS_ERR(params.vlan)) 3394 if (IS_ERR(params.vlan))
@@ -3255,9 +3408,7 @@ static int nl80211_set_station(struct sk_buff *skb, struct genl_info *info)
3255 /* disallow things sta doesn't support */ 3408 /* disallow things sta doesn't support */
3256 if (params.plink_action) 3409 if (params.plink_action)
3257 return -EINVAL; 3410 return -EINVAL;
3258 if (params.ht_capa) 3411 if (params.local_pm)
3259 return -EINVAL;
3260 if (params.listen_interval >= 0)
3261 return -EINVAL; 3412 return -EINVAL;
3262 /* reject any changes other than AUTHORIZED */ 3413 /* reject any changes other than AUTHORIZED */
3263 if (params.sta_flags_mask & ~BIT(NL80211_STA_FLAG_AUTHORIZED)) 3414 if (params.sta_flags_mask & ~BIT(NL80211_STA_FLAG_AUTHORIZED))
@@ -3267,9 +3418,7 @@ static int nl80211_set_station(struct sk_buff *skb, struct genl_info *info)
3267 /* disallow things mesh doesn't support */ 3418 /* disallow things mesh doesn't support */
3268 if (params.vlan) 3419 if (params.vlan)
3269 return -EINVAL; 3420 return -EINVAL;
3270 if (params.ht_capa) 3421 if (params.supported_rates)
3271 return -EINVAL;
3272 if (params.listen_interval >= 0)
3273 return -EINVAL; 3422 return -EINVAL;
3274 /* 3423 /*
3275 * No special handling for TDLS here -- the userspace 3424 * No special handling for TDLS here -- the userspace
@@ -3393,17 +3542,31 @@ static int nl80211_new_station(struct sk_buff *skb, struct genl_info *info)
3393 /* but don't bother the driver with it */ 3542 /* but don't bother the driver with it */
3394 params.sta_flags_mask &= ~BIT(NL80211_STA_FLAG_TDLS_PEER); 3543 params.sta_flags_mask &= ~BIT(NL80211_STA_FLAG_TDLS_PEER);
3395 3544
3545 /* allow authenticated/associated only if driver handles it */
3546 if (!(rdev->wiphy.features &
3547 NL80211_FEATURE_FULL_AP_CLIENT_STATE) &&
3548 params.sta_flags_mask &
3549 (BIT(NL80211_STA_FLAG_AUTHENTICATED) |
3550 BIT(NL80211_STA_FLAG_ASSOCIATED)))
3551 return -EINVAL;
3552
3396 /* must be last in here for error handling */ 3553 /* must be last in here for error handling */
3397 params.vlan = get_vlan(info, rdev); 3554 params.vlan = get_vlan(info, rdev);
3398 if (IS_ERR(params.vlan)) 3555 if (IS_ERR(params.vlan))
3399 return PTR_ERR(params.vlan); 3556 return PTR_ERR(params.vlan);
3400 break; 3557 break;
3401 case NL80211_IFTYPE_MESH_POINT: 3558 case NL80211_IFTYPE_MESH_POINT:
3559 /* associated is disallowed */
3560 if (params.sta_flags_mask & BIT(NL80211_STA_FLAG_ASSOCIATED))
3561 return -EINVAL;
3402 /* TDLS peers cannot be added */ 3562 /* TDLS peers cannot be added */
3403 if (params.sta_flags_set & BIT(NL80211_STA_FLAG_TDLS_PEER)) 3563 if (params.sta_flags_set & BIT(NL80211_STA_FLAG_TDLS_PEER))
3404 return -EINVAL; 3564 return -EINVAL;
3405 break; 3565 break;
3406 case NL80211_IFTYPE_STATION: 3566 case NL80211_IFTYPE_STATION:
3567 /* associated is disallowed */
3568 if (params.sta_flags_mask & BIT(NL80211_STA_FLAG_ASSOCIATED))
3569 return -EINVAL;
3407 /* Only TDLS peers can be added */ 3570 /* Only TDLS peers can be added */
3408 if (!(params.sta_flags_set & BIT(NL80211_STA_FLAG_TDLS_PEER))) 3571 if (!(params.sta_flags_set & BIT(NL80211_STA_FLAG_TDLS_PEER)))
3409 return -EINVAL; 3572 return -EINVAL;
@@ -3787,12 +3950,8 @@ static int nl80211_req_set_reg(struct sk_buff *skb, struct genl_info *info)
3787 * window between nl80211_init() and regulatory_init(), if that is 3950 * window between nl80211_init() and regulatory_init(), if that is
3788 * even possible. 3951 * even possible.
3789 */ 3952 */
3790 mutex_lock(&cfg80211_mutex); 3953 if (unlikely(!rcu_access_pointer(cfg80211_regdomain)))
3791 if (unlikely(!cfg80211_regdomain)) {
3792 mutex_unlock(&cfg80211_mutex);
3793 return -EINPROGRESS; 3954 return -EINPROGRESS;
3794 }
3795 mutex_unlock(&cfg80211_mutex);
3796 3955
3797 if (!info->attrs[NL80211_ATTR_REG_ALPHA2]) 3956 if (!info->attrs[NL80211_ATTR_REG_ALPHA2])
3798 return -EINVAL; 3957 return -EINVAL;
@@ -3908,7 +4067,11 @@ static int nl80211_get_mesh_config(struct sk_buff *skb,
3908 nla_put_u16(msg, NL80211_MESHCONF_HWMP_ROOT_INTERVAL, 4067 nla_put_u16(msg, NL80211_MESHCONF_HWMP_ROOT_INTERVAL,
3909 cur_params.dot11MeshHWMProotInterval) || 4068 cur_params.dot11MeshHWMProotInterval) ||
3910 nla_put_u16(msg, NL80211_MESHCONF_HWMP_CONFIRMATION_INTERVAL, 4069 nla_put_u16(msg, NL80211_MESHCONF_HWMP_CONFIRMATION_INTERVAL,
3911 cur_params.dot11MeshHWMPconfirmationInterval)) 4070 cur_params.dot11MeshHWMPconfirmationInterval) ||
4071 nla_put_u32(msg, NL80211_MESHCONF_POWER_MODE,
4072 cur_params.power_mode) ||
4073 nla_put_u16(msg, NL80211_MESHCONF_AWAKE_WINDOW,
4074 cur_params.dot11MeshAwakeWindowDuration))
3912 goto nla_put_failure; 4075 goto nla_put_failure;
3913 nla_nest_end(msg, pinfoattr); 4076 nla_nest_end(msg, pinfoattr);
3914 genlmsg_end(msg, hdr); 4077 genlmsg_end(msg, hdr);
@@ -3947,6 +4110,8 @@ static const struct nla_policy nl80211_meshconf_params_policy[NL80211_MESHCONF_A
3947 [NL80211_MESHCONF_HWMP_PATH_TO_ROOT_TIMEOUT] = { .type = NLA_U32 }, 4110 [NL80211_MESHCONF_HWMP_PATH_TO_ROOT_TIMEOUT] = { .type = NLA_U32 },
3948 [NL80211_MESHCONF_HWMP_ROOT_INTERVAL] = { .type = NLA_U16 }, 4111 [NL80211_MESHCONF_HWMP_ROOT_INTERVAL] = { .type = NLA_U16 },
3949 [NL80211_MESHCONF_HWMP_CONFIRMATION_INTERVAL] = { .type = NLA_U16 }, 4112 [NL80211_MESHCONF_HWMP_CONFIRMATION_INTERVAL] = { .type = NLA_U16 },
4113 [NL80211_MESHCONF_POWER_MODE] = { .type = NLA_U32 },
4114 [NL80211_MESHCONF_AWAKE_WINDOW] = { .type = NLA_U16 },
3950}; 4115};
3951 4116
3952static const struct nla_policy 4117static const struct nla_policy
@@ -3967,13 +4132,15 @@ static int nl80211_parse_mesh_config(struct genl_info *info,
3967 struct nlattr *tb[NL80211_MESHCONF_ATTR_MAX + 1]; 4132 struct nlattr *tb[NL80211_MESHCONF_ATTR_MAX + 1];
3968 u32 mask = 0; 4133 u32 mask = 0;
3969 4134
3970#define FILL_IN_MESH_PARAM_IF_SET(table, cfg, param, mask, attr_num, nla_fn) \ 4135#define FILL_IN_MESH_PARAM_IF_SET(tb, cfg, param, min, max, mask, attr, fn) \
3971do {\ 4136do { \
3972 if (table[attr_num]) {\ 4137 if (tb[attr]) { \
3973 cfg->param = nla_fn(table[attr_num]); \ 4138 if (fn(tb[attr]) < min || fn(tb[attr]) > max) \
3974 mask |= (1 << (attr_num - 1)); \ 4139 return -EINVAL; \
3975 } \ 4140 cfg->param = fn(tb[attr]); \
3976} while (0);\ 4141 mask |= (1 << (attr - 1)); \
4142 } \
4143} while (0)
3977 4144
3978 4145
3979 if (!info->attrs[NL80211_ATTR_MESH_CONFIG]) 4146 if (!info->attrs[NL80211_ATTR_MESH_CONFIG])
@@ -3988,83 +4155,98 @@ do {\
3988 BUILD_BUG_ON(NL80211_MESHCONF_ATTR_MAX > 32); 4155 BUILD_BUG_ON(NL80211_MESHCONF_ATTR_MAX > 32);
3989 4156
3990 /* Fill in the params struct */ 4157 /* Fill in the params struct */
3991 FILL_IN_MESH_PARAM_IF_SET(tb, cfg, dot11MeshRetryTimeout, 4158 FILL_IN_MESH_PARAM_IF_SET(tb, cfg, dot11MeshRetryTimeout, 1, 255,
3992 mask, NL80211_MESHCONF_RETRY_TIMEOUT, 4159 mask, NL80211_MESHCONF_RETRY_TIMEOUT,
3993 nla_get_u16); 4160 nla_get_u16);
3994 FILL_IN_MESH_PARAM_IF_SET(tb, cfg, dot11MeshConfirmTimeout, 4161 FILL_IN_MESH_PARAM_IF_SET(tb, cfg, dot11MeshConfirmTimeout, 1, 255,
3995 mask, NL80211_MESHCONF_CONFIRM_TIMEOUT, 4162 mask, NL80211_MESHCONF_CONFIRM_TIMEOUT,
3996 nla_get_u16); 4163 nla_get_u16);
3997 FILL_IN_MESH_PARAM_IF_SET(tb, cfg, dot11MeshHoldingTimeout, 4164 FILL_IN_MESH_PARAM_IF_SET(tb, cfg, dot11MeshHoldingTimeout, 1, 255,
3998 mask, NL80211_MESHCONF_HOLDING_TIMEOUT, 4165 mask, NL80211_MESHCONF_HOLDING_TIMEOUT,
3999 nla_get_u16); 4166 nla_get_u16);
4000 FILL_IN_MESH_PARAM_IF_SET(tb, cfg, dot11MeshMaxPeerLinks, 4167 FILL_IN_MESH_PARAM_IF_SET(tb, cfg, dot11MeshMaxPeerLinks, 0, 255,
4001 mask, NL80211_MESHCONF_MAX_PEER_LINKS, 4168 mask, NL80211_MESHCONF_MAX_PEER_LINKS,
4002 nla_get_u16); 4169 nla_get_u16);
4003 FILL_IN_MESH_PARAM_IF_SET(tb, cfg, dot11MeshMaxRetries, 4170 FILL_IN_MESH_PARAM_IF_SET(tb, cfg, dot11MeshMaxRetries, 0, 16,
4004 mask, NL80211_MESHCONF_MAX_RETRIES, 4171 mask, NL80211_MESHCONF_MAX_RETRIES,
4005 nla_get_u8); 4172 nla_get_u8);
4006 FILL_IN_MESH_PARAM_IF_SET(tb, cfg, dot11MeshTTL, 4173 FILL_IN_MESH_PARAM_IF_SET(tb, cfg, dot11MeshTTL, 1, 255,
4007 mask, NL80211_MESHCONF_TTL, nla_get_u8); 4174 mask, NL80211_MESHCONF_TTL, nla_get_u8);
4008 FILL_IN_MESH_PARAM_IF_SET(tb, cfg, element_ttl, 4175 FILL_IN_MESH_PARAM_IF_SET(tb, cfg, element_ttl, 1, 255,
4009 mask, NL80211_MESHCONF_ELEMENT_TTL, 4176 mask, NL80211_MESHCONF_ELEMENT_TTL,
4010 nla_get_u8); 4177 nla_get_u8);
4011 FILL_IN_MESH_PARAM_IF_SET(tb, cfg, auto_open_plinks, 4178 FILL_IN_MESH_PARAM_IF_SET(tb, cfg, auto_open_plinks, 0, 1,
4012 mask, NL80211_MESHCONF_AUTO_OPEN_PLINKS, 4179 mask, NL80211_MESHCONF_AUTO_OPEN_PLINKS,
4013 nla_get_u8); 4180 nla_get_u8);
4014 FILL_IN_MESH_PARAM_IF_SET(tb, cfg, dot11MeshNbrOffsetMaxNeighbor, mask, 4181 FILL_IN_MESH_PARAM_IF_SET(tb, cfg, dot11MeshNbrOffsetMaxNeighbor,
4182 1, 255, mask,
4015 NL80211_MESHCONF_SYNC_OFFSET_MAX_NEIGHBOR, 4183 NL80211_MESHCONF_SYNC_OFFSET_MAX_NEIGHBOR,
4016 nla_get_u32); 4184 nla_get_u32);
4017 FILL_IN_MESH_PARAM_IF_SET(tb, cfg, dot11MeshHWMPmaxPREQretries, 4185 FILL_IN_MESH_PARAM_IF_SET(tb, cfg, dot11MeshHWMPmaxPREQretries, 0, 255,
4018 mask, NL80211_MESHCONF_HWMP_MAX_PREQ_RETRIES, 4186 mask, NL80211_MESHCONF_HWMP_MAX_PREQ_RETRIES,
4019 nla_get_u8); 4187 nla_get_u8);
4020 FILL_IN_MESH_PARAM_IF_SET(tb, cfg, path_refresh_time, 4188 FILL_IN_MESH_PARAM_IF_SET(tb, cfg, path_refresh_time, 1, 65535,
4021 mask, NL80211_MESHCONF_PATH_REFRESH_TIME, 4189 mask, NL80211_MESHCONF_PATH_REFRESH_TIME,
4022 nla_get_u32); 4190 nla_get_u32);
4023 FILL_IN_MESH_PARAM_IF_SET(tb, cfg, min_discovery_timeout, 4191 FILL_IN_MESH_PARAM_IF_SET(tb, cfg, min_discovery_timeout, 1, 65535,
4024 mask, NL80211_MESHCONF_MIN_DISCOVERY_TIMEOUT, 4192 mask, NL80211_MESHCONF_MIN_DISCOVERY_TIMEOUT,
4025 nla_get_u16); 4193 nla_get_u16);
4026 FILL_IN_MESH_PARAM_IF_SET(tb, cfg, dot11MeshHWMPactivePathTimeout, mask, 4194 FILL_IN_MESH_PARAM_IF_SET(tb, cfg, dot11MeshHWMPactivePathTimeout,
4195 1, 65535, mask,
4027 NL80211_MESHCONF_HWMP_ACTIVE_PATH_TIMEOUT, 4196 NL80211_MESHCONF_HWMP_ACTIVE_PATH_TIMEOUT,
4028 nla_get_u32); 4197 nla_get_u32);
4029 FILL_IN_MESH_PARAM_IF_SET(tb, cfg, dot11MeshHWMPpreqMinInterval, 4198 FILL_IN_MESH_PARAM_IF_SET(tb, cfg, dot11MeshHWMPpreqMinInterval,
4030 mask, NL80211_MESHCONF_HWMP_PREQ_MIN_INTERVAL, 4199 1, 65535, mask,
4200 NL80211_MESHCONF_HWMP_PREQ_MIN_INTERVAL,
4031 nla_get_u16); 4201 nla_get_u16);
4032 FILL_IN_MESH_PARAM_IF_SET(tb, cfg, dot11MeshHWMPperrMinInterval, 4202 FILL_IN_MESH_PARAM_IF_SET(tb, cfg, dot11MeshHWMPperrMinInterval,
4033 mask, NL80211_MESHCONF_HWMP_PERR_MIN_INTERVAL, 4203 1, 65535, mask,
4204 NL80211_MESHCONF_HWMP_PERR_MIN_INTERVAL,
4034 nla_get_u16); 4205 nla_get_u16);
4035 FILL_IN_MESH_PARAM_IF_SET(tb, cfg, 4206 FILL_IN_MESH_PARAM_IF_SET(tb, cfg,
4036 dot11MeshHWMPnetDiameterTraversalTime, mask, 4207 dot11MeshHWMPnetDiameterTraversalTime,
4208 1, 65535, mask,
4037 NL80211_MESHCONF_HWMP_NET_DIAM_TRVS_TIME, 4209 NL80211_MESHCONF_HWMP_NET_DIAM_TRVS_TIME,
4038 nla_get_u16); 4210 nla_get_u16);
4039 FILL_IN_MESH_PARAM_IF_SET(tb, cfg, dot11MeshHWMPRootMode, mask, 4211 FILL_IN_MESH_PARAM_IF_SET(tb, cfg, dot11MeshHWMPRootMode, 0, 4,
4040 NL80211_MESHCONF_HWMP_ROOTMODE, nla_get_u8); 4212 mask, NL80211_MESHCONF_HWMP_ROOTMODE,
4041 FILL_IN_MESH_PARAM_IF_SET(tb, cfg, dot11MeshHWMPRannInterval, mask, 4213 nla_get_u8);
4042 NL80211_MESHCONF_HWMP_RANN_INTERVAL, 4214 FILL_IN_MESH_PARAM_IF_SET(tb, cfg, dot11MeshHWMPRannInterval, 1, 65535,
4215 mask, NL80211_MESHCONF_HWMP_RANN_INTERVAL,
4043 nla_get_u16); 4216 nla_get_u16);
4044 FILL_IN_MESH_PARAM_IF_SET(tb, cfg, 4217 FILL_IN_MESH_PARAM_IF_SET(tb, cfg,
4045 dot11MeshGateAnnouncementProtocol, mask, 4218 dot11MeshGateAnnouncementProtocol, 0, 1,
4046 NL80211_MESHCONF_GATE_ANNOUNCEMENTS, 4219 mask, NL80211_MESHCONF_GATE_ANNOUNCEMENTS,
4047 nla_get_u8); 4220 nla_get_u8);
4048 FILL_IN_MESH_PARAM_IF_SET(tb, cfg, dot11MeshForwarding, 4221 FILL_IN_MESH_PARAM_IF_SET(tb, cfg, dot11MeshForwarding, 0, 1,
4049 mask, NL80211_MESHCONF_FORWARDING, 4222 mask, NL80211_MESHCONF_FORWARDING,
4050 nla_get_u8); 4223 nla_get_u8);
4051 FILL_IN_MESH_PARAM_IF_SET(tb, cfg, rssi_threshold, 4224 FILL_IN_MESH_PARAM_IF_SET(tb, cfg, rssi_threshold, 1, 255,
4052 mask, NL80211_MESHCONF_RSSI_THRESHOLD, 4225 mask, NL80211_MESHCONF_RSSI_THRESHOLD,
4053 nla_get_u32); 4226 nla_get_u32);
4054 FILL_IN_MESH_PARAM_IF_SET(tb, cfg, ht_opmode, 4227 FILL_IN_MESH_PARAM_IF_SET(tb, cfg, ht_opmode, 0, 16,
4055 mask, NL80211_MESHCONF_HT_OPMODE, 4228 mask, NL80211_MESHCONF_HT_OPMODE,
4056 nla_get_u16); 4229 nla_get_u16);
4057 FILL_IN_MESH_PARAM_IF_SET(tb, cfg, dot11MeshHWMPactivePathToRootTimeout, 4230 FILL_IN_MESH_PARAM_IF_SET(tb, cfg, dot11MeshHWMPactivePathToRootTimeout,
4058 mask, 4231 1, 65535, mask,
4059 NL80211_MESHCONF_HWMP_PATH_TO_ROOT_TIMEOUT, 4232 NL80211_MESHCONF_HWMP_PATH_TO_ROOT_TIMEOUT,
4060 nla_get_u32); 4233 nla_get_u32);
4061 FILL_IN_MESH_PARAM_IF_SET(tb, cfg, dot11MeshHWMProotInterval, 4234 FILL_IN_MESH_PARAM_IF_SET(tb, cfg, dot11MeshHWMProotInterval, 1, 65535,
4062 mask, NL80211_MESHCONF_HWMP_ROOT_INTERVAL, 4235 mask, NL80211_MESHCONF_HWMP_ROOT_INTERVAL,
4063 nla_get_u16); 4236 nla_get_u16);
4064 FILL_IN_MESH_PARAM_IF_SET(tb, cfg, 4237 FILL_IN_MESH_PARAM_IF_SET(tb, cfg,
4065 dot11MeshHWMPconfirmationInterval, mask, 4238 dot11MeshHWMPconfirmationInterval,
4239 1, 65535, mask,
4066 NL80211_MESHCONF_HWMP_CONFIRMATION_INTERVAL, 4240 NL80211_MESHCONF_HWMP_CONFIRMATION_INTERVAL,
4067 nla_get_u16); 4241 nla_get_u16);
4242 FILL_IN_MESH_PARAM_IF_SET(tb, cfg, power_mode,
4243 NL80211_MESH_POWER_ACTIVE,
4244 NL80211_MESH_POWER_MAX,
4245 mask, NL80211_MESHCONF_POWER_MODE,
4246 nla_get_u32);
4247 FILL_IN_MESH_PARAM_IF_SET(tb, cfg, dot11MeshAwakeWindowDuration,
4248 0, 65535, mask,
4249 NL80211_MESHCONF_AWAKE_WINDOW, nla_get_u16);
4068 if (mask_out) 4250 if (mask_out)
4069 *mask_out = mask; 4251 *mask_out = mask;
4070 4252
@@ -4152,6 +4334,7 @@ static int nl80211_update_mesh_config(struct sk_buff *skb,
4152 4334
4153static int nl80211_get_reg(struct sk_buff *skb, struct genl_info *info) 4335static int nl80211_get_reg(struct sk_buff *skb, struct genl_info *info)
4154{ 4336{
4337 const struct ieee80211_regdomain *regdom;
4155 struct sk_buff *msg; 4338 struct sk_buff *msg;
4156 void *hdr = NULL; 4339 void *hdr = NULL;
4157 struct nlattr *nl_reg_rules; 4340 struct nlattr *nl_reg_rules;
@@ -4174,35 +4357,36 @@ static int nl80211_get_reg(struct sk_buff *skb, struct genl_info *info)
4174 if (!hdr) 4357 if (!hdr)
4175 goto put_failure; 4358 goto put_failure;
4176 4359
4177 if (nla_put_string(msg, NL80211_ATTR_REG_ALPHA2,
4178 cfg80211_regdomain->alpha2) ||
4179 (cfg80211_regdomain->dfs_region &&
4180 nla_put_u8(msg, NL80211_ATTR_DFS_REGION,
4181 cfg80211_regdomain->dfs_region)))
4182 goto nla_put_failure;
4183
4184 if (reg_last_request_cell_base() && 4360 if (reg_last_request_cell_base() &&
4185 nla_put_u32(msg, NL80211_ATTR_USER_REG_HINT_TYPE, 4361 nla_put_u32(msg, NL80211_ATTR_USER_REG_HINT_TYPE,
4186 NL80211_USER_REG_HINT_CELL_BASE)) 4362 NL80211_USER_REG_HINT_CELL_BASE))
4187 goto nla_put_failure; 4363 goto nla_put_failure;
4188 4364
4365 rcu_read_lock();
4366 regdom = rcu_dereference(cfg80211_regdomain);
4367
4368 if (nla_put_string(msg, NL80211_ATTR_REG_ALPHA2, regdom->alpha2) ||
4369 (regdom->dfs_region &&
4370 nla_put_u8(msg, NL80211_ATTR_DFS_REGION, regdom->dfs_region)))
4371 goto nla_put_failure_rcu;
4372
4189 nl_reg_rules = nla_nest_start(msg, NL80211_ATTR_REG_RULES); 4373 nl_reg_rules = nla_nest_start(msg, NL80211_ATTR_REG_RULES);
4190 if (!nl_reg_rules) 4374 if (!nl_reg_rules)
4191 goto nla_put_failure; 4375 goto nla_put_failure_rcu;
4192 4376
4193 for (i = 0; i < cfg80211_regdomain->n_reg_rules; i++) { 4377 for (i = 0; i < regdom->n_reg_rules; i++) {
4194 struct nlattr *nl_reg_rule; 4378 struct nlattr *nl_reg_rule;
4195 const struct ieee80211_reg_rule *reg_rule; 4379 const struct ieee80211_reg_rule *reg_rule;
4196 const struct ieee80211_freq_range *freq_range; 4380 const struct ieee80211_freq_range *freq_range;
4197 const struct ieee80211_power_rule *power_rule; 4381 const struct ieee80211_power_rule *power_rule;
4198 4382
4199 reg_rule = &cfg80211_regdomain->reg_rules[i]; 4383 reg_rule = &regdom->reg_rules[i];
4200 freq_range = &reg_rule->freq_range; 4384 freq_range = &reg_rule->freq_range;
4201 power_rule = &reg_rule->power_rule; 4385 power_rule = &reg_rule->power_rule;
4202 4386
4203 nl_reg_rule = nla_nest_start(msg, i); 4387 nl_reg_rule = nla_nest_start(msg, i);
4204 if (!nl_reg_rule) 4388 if (!nl_reg_rule)
4205 goto nla_put_failure; 4389 goto nla_put_failure_rcu;
4206 4390
4207 if (nla_put_u32(msg, NL80211_ATTR_REG_RULE_FLAGS, 4391 if (nla_put_u32(msg, NL80211_ATTR_REG_RULE_FLAGS,
4208 reg_rule->flags) || 4392 reg_rule->flags) ||
@@ -4216,10 +4400,11 @@ static int nl80211_get_reg(struct sk_buff *skb, struct genl_info *info)
4216 power_rule->max_antenna_gain) || 4400 power_rule->max_antenna_gain) ||
4217 nla_put_u32(msg, NL80211_ATTR_POWER_RULE_MAX_EIRP, 4401 nla_put_u32(msg, NL80211_ATTR_POWER_RULE_MAX_EIRP,
4218 power_rule->max_eirp)) 4402 power_rule->max_eirp))
4219 goto nla_put_failure; 4403 goto nla_put_failure_rcu;
4220 4404
4221 nla_nest_end(msg, nl_reg_rule); 4405 nla_nest_end(msg, nl_reg_rule);
4222 } 4406 }
4407 rcu_read_unlock();
4223 4408
4224 nla_nest_end(msg, nl_reg_rules); 4409 nla_nest_end(msg, nl_reg_rules);
4225 4410
@@ -4227,6 +4412,8 @@ static int nl80211_get_reg(struct sk_buff *skb, struct genl_info *info)
4227 err = genlmsg_reply(msg, info); 4412 err = genlmsg_reply(msg, info);
4228 goto out; 4413 goto out;
4229 4414
4415nla_put_failure_rcu:
4416 rcu_read_unlock();
4230nla_put_failure: 4417nla_put_failure:
4231 genlmsg_cancel(msg, hdr); 4418 genlmsg_cancel(msg, hdr);
4232put_failure: 4419put_failure:
@@ -4259,27 +4446,18 @@ static int nl80211_set_reg(struct sk_buff *skb, struct genl_info *info)
4259 dfs_region = nla_get_u8(info->attrs[NL80211_ATTR_DFS_REGION]); 4446 dfs_region = nla_get_u8(info->attrs[NL80211_ATTR_DFS_REGION]);
4260 4447
4261 nla_for_each_nested(nl_reg_rule, info->attrs[NL80211_ATTR_REG_RULES], 4448 nla_for_each_nested(nl_reg_rule, info->attrs[NL80211_ATTR_REG_RULES],
4262 rem_reg_rules) { 4449 rem_reg_rules) {
4263 num_rules++; 4450 num_rules++;
4264 if (num_rules > NL80211_MAX_SUPP_REG_RULES) 4451 if (num_rules > NL80211_MAX_SUPP_REG_RULES)
4265 return -EINVAL; 4452 return -EINVAL;
4266 } 4453 }
4267 4454
4268 mutex_lock(&cfg80211_mutex);
4269
4270 if (!reg_is_valid_request(alpha2)) {
4271 r = -EINVAL;
4272 goto bad_reg;
4273 }
4274
4275 size_of_regd = sizeof(struct ieee80211_regdomain) + 4455 size_of_regd = sizeof(struct ieee80211_regdomain) +
4276 (num_rules * sizeof(struct ieee80211_reg_rule)); 4456 num_rules * sizeof(struct ieee80211_reg_rule);
4277 4457
4278 rd = kzalloc(size_of_regd, GFP_KERNEL); 4458 rd = kzalloc(size_of_regd, GFP_KERNEL);
4279 if (!rd) { 4459 if (!rd)
4280 r = -ENOMEM; 4460 return -ENOMEM;
4281 goto bad_reg;
4282 }
4283 4461
4284 rd->n_reg_rules = num_rules; 4462 rd->n_reg_rules = num_rules;
4285 rd->alpha2[0] = alpha2[0]; 4463 rd->alpha2[0] = alpha2[0];
@@ -4293,10 +4471,10 @@ static int nl80211_set_reg(struct sk_buff *skb, struct genl_info *info)
4293 rd->dfs_region = dfs_region; 4471 rd->dfs_region = dfs_region;
4294 4472
4295 nla_for_each_nested(nl_reg_rule, info->attrs[NL80211_ATTR_REG_RULES], 4473 nla_for_each_nested(nl_reg_rule, info->attrs[NL80211_ATTR_REG_RULES],
4296 rem_reg_rules) { 4474 rem_reg_rules) {
4297 nla_parse(tb, NL80211_REG_RULE_ATTR_MAX, 4475 nla_parse(tb, NL80211_REG_RULE_ATTR_MAX,
4298 nla_data(nl_reg_rule), nla_len(nl_reg_rule), 4476 nla_data(nl_reg_rule), nla_len(nl_reg_rule),
4299 reg_rule_policy); 4477 reg_rule_policy);
4300 r = parse_reg_rule(tb, &rd->reg_rules[rule_idx]); 4478 r = parse_reg_rule(tb, &rd->reg_rules[rule_idx]);
4301 if (r) 4479 if (r)
4302 goto bad_reg; 4480 goto bad_reg;
@@ -4309,16 +4487,14 @@ static int nl80211_set_reg(struct sk_buff *skb, struct genl_info *info)
4309 } 4487 }
4310 } 4488 }
4311 4489
4312 BUG_ON(rule_idx != num_rules); 4490 mutex_lock(&cfg80211_mutex);
4313 4491
4314 r = set_regdom(rd); 4492 r = set_regdom(rd);
4315 4493 /* set_regdom took ownership */
4494 rd = NULL;
4316 mutex_unlock(&cfg80211_mutex); 4495 mutex_unlock(&cfg80211_mutex);
4317 4496
4318 return r;
4319
4320 bad_reg: 4497 bad_reg:
4321 mutex_unlock(&cfg80211_mutex);
4322 kfree(rd); 4498 kfree(rd);
4323 return r; 4499 return r;
4324} 4500}
@@ -5867,6 +6043,15 @@ static int nl80211_connect(struct sk_buff *skb, struct genl_info *info)
5867 connect.ie_len = nla_len(info->attrs[NL80211_ATTR_IE]); 6043 connect.ie_len = nla_len(info->attrs[NL80211_ATTR_IE]);
5868 } 6044 }
5869 6045
6046 if (info->attrs[NL80211_ATTR_USE_MFP]) {
6047 connect.mfp = nla_get_u32(info->attrs[NL80211_ATTR_USE_MFP]);
6048 if (connect.mfp != NL80211_MFP_REQUIRED &&
6049 connect.mfp != NL80211_MFP_NO)
6050 return -EINVAL;
6051 } else {
6052 connect.mfp = NL80211_MFP_NO;
6053 }
6054
5870 if (info->attrs[NL80211_ATTR_WIPHY_FREQ]) { 6055 if (info->attrs[NL80211_ATTR_WIPHY_FREQ]) {
5871 connect.channel = 6056 connect.channel =
5872 ieee80211_get_channel(wiphy, 6057 ieee80211_get_channel(wiphy,
@@ -6652,6 +6837,21 @@ static int nl80211_join_mesh(struct sk_buff *skb, struct genl_info *info)
6652 nla_get_u32(info->attrs[NL80211_ATTR_MCAST_RATE]))) 6837 nla_get_u32(info->attrs[NL80211_ATTR_MCAST_RATE])))
6653 return -EINVAL; 6838 return -EINVAL;
6654 6839
6840 if (info->attrs[NL80211_ATTR_BEACON_INTERVAL]) {
6841 setup.beacon_interval =
6842 nla_get_u32(info->attrs[NL80211_ATTR_BEACON_INTERVAL]);
6843 if (setup.beacon_interval < 10 ||
6844 setup.beacon_interval > 10000)
6845 return -EINVAL;
6846 }
6847
6848 if (info->attrs[NL80211_ATTR_DTIM_PERIOD]) {
6849 setup.dtim_period =
6850 nla_get_u32(info->attrs[NL80211_ATTR_DTIM_PERIOD]);
6851 if (setup.dtim_period < 1 || setup.dtim_period > 100)
6852 return -EINVAL;
6853 }
6854
6655 if (info->attrs[NL80211_ATTR_MESH_SETUP]) { 6855 if (info->attrs[NL80211_ATTR_MESH_SETUP]) {
6656 /* parse additional setup parameters if given */ 6856 /* parse additional setup parameters if given */
6657 err = nl80211_parse_mesh_setup(info, &setup); 6857 err = nl80211_parse_mesh_setup(info, &setup);
@@ -7784,6 +7984,14 @@ static struct genl_ops nl80211_ops[] = {
7784 .internal_flags = NL80211_FLAG_NEED_NETDEV | 7984 .internal_flags = NL80211_FLAG_NEED_NETDEV |
7785 NL80211_FLAG_NEED_RTNL, 7985 NL80211_FLAG_NEED_RTNL,
7786 }, 7986 },
7987 {
7988 .cmd = NL80211_CMD_SET_MAC_ACL,
7989 .doit = nl80211_set_mac_acl,
7990 .policy = nl80211_policy,
7991 .flags = GENL_ADMIN_PERM,
7992 .internal_flags = NL80211_FLAG_NEED_NETDEV |
7993 NL80211_FLAG_NEED_RTNL,
7994 },
7787}; 7995};
7788 7996
7789static struct genl_multicast_group nl80211_mlme_mcgrp = { 7997static struct genl_multicast_group nl80211_mlme_mcgrp = {
@@ -8051,7 +8259,7 @@ void nl80211_send_reg_change_event(struct regulatory_request *request)
8051 goto nla_put_failure; 8259 goto nla_put_failure;
8052 } 8260 }
8053 8261
8054 if (wiphy_idx_valid(request->wiphy_idx) && 8262 if (request->wiphy_idx != WIPHY_IDX_INVALID &&
8055 nla_put_u32(msg, NL80211_ATTR_WIPHY, request->wiphy_idx)) 8263 nla_put_u32(msg, NL80211_ATTR_WIPHY, request->wiphy_idx))
8056 goto nla_put_failure; 8264 goto nla_put_failure;
8057 8265
diff --git a/net/wireless/rdev-ops.h b/net/wireless/rdev-ops.h
index 6c0c8191f837..422d38291d66 100644
--- a/net/wireless/rdev-ops.h
+++ b/net/wireless/rdev-ops.h
@@ -875,4 +875,16 @@ static inline void rdev_stop_p2p_device(struct cfg80211_registered_device *rdev,
875 rdev->ops->stop_p2p_device(&rdev->wiphy, wdev); 875 rdev->ops->stop_p2p_device(&rdev->wiphy, wdev);
876 trace_rdev_return_void(&rdev->wiphy); 876 trace_rdev_return_void(&rdev->wiphy);
877} 877}
878
879static inline int rdev_set_mac_acl(struct cfg80211_registered_device *rdev,
880 struct net_device *dev,
881 struct cfg80211_acl_data *params)
882{
883 int ret;
884
885 trace_rdev_set_mac_acl(&rdev->wiphy, dev, params);
886 ret = rdev->ops->set_mac_acl(&rdev->wiphy, dev, params);
887 trace_rdev_return_int(&rdev->wiphy, ret);
888 return ret;
889}
878#endif /* __CFG80211_RDEV_OPS */ 890#endif /* __CFG80211_RDEV_OPS */
diff --git a/net/wireless/reg.c b/net/wireless/reg.c
index 6e5308998e30..6ea626b30a2a 100644
--- a/net/wireless/reg.c
+++ b/net/wireless/reg.c
@@ -48,7 +48,6 @@
48#include <linux/export.h> 48#include <linux/export.h>
49#include <linux/slab.h> 49#include <linux/slab.h>
50#include <linux/list.h> 50#include <linux/list.h>
51#include <linux/random.h>
52#include <linux/ctype.h> 51#include <linux/ctype.h>
53#include <linux/nl80211.h> 52#include <linux/nl80211.h>
54#include <linux/platform_device.h> 53#include <linux/platform_device.h>
@@ -66,6 +65,13 @@
66#define REG_DBG_PRINT(args...) 65#define REG_DBG_PRINT(args...)
67#endif 66#endif
68 67
68enum reg_request_treatment {
69 REG_REQ_OK,
70 REG_REQ_IGNORE,
71 REG_REQ_INTERSECT,
72 REG_REQ_ALREADY_SET,
73};
74
69static struct regulatory_request core_request_world = { 75static struct regulatory_request core_request_world = {
70 .initiator = NL80211_REGDOM_SET_BY_CORE, 76 .initiator = NL80211_REGDOM_SET_BY_CORE,
71 .alpha2[0] = '0', 77 .alpha2[0] = '0',
@@ -76,7 +82,8 @@ static struct regulatory_request core_request_world = {
76}; 82};
77 83
78/* Receipt of information from last regulatory request */ 84/* Receipt of information from last regulatory request */
79static struct regulatory_request *last_request = &core_request_world; 85static struct regulatory_request __rcu *last_request =
86 (void __rcu *)&core_request_world;
80 87
81/* To trigger userspace events */ 88/* To trigger userspace events */
82static struct platform_device *reg_pdev; 89static struct platform_device *reg_pdev;
@@ -88,16 +95,16 @@ static struct device_type reg_device_type = {
88/* 95/*
89 * Central wireless core regulatory domains, we only need two, 96 * Central wireless core regulatory domains, we only need two,
90 * the current one and a world regulatory domain in case we have no 97 * the current one and a world regulatory domain in case we have no
91 * information to give us an alpha2 98 * information to give us an alpha2.
92 */ 99 */
93const struct ieee80211_regdomain *cfg80211_regdomain; 100const struct ieee80211_regdomain __rcu *cfg80211_regdomain;
94 101
95/* 102/*
96 * Protects static reg.c components: 103 * Protects static reg.c components:
97 * - cfg80211_world_regdom 104 * - cfg80211_regdomain (if not used with RCU)
98 * - cfg80211_regdom 105 * - cfg80211_world_regdom
99 * - last_request 106 * - last_request (if not used with RCU)
100 * - reg_num_devs_support_basehint 107 * - reg_num_devs_support_basehint
101 */ 108 */
102static DEFINE_MUTEX(reg_mutex); 109static DEFINE_MUTEX(reg_mutex);
103 110
@@ -112,6 +119,31 @@ static inline void assert_reg_lock(void)
112 lockdep_assert_held(&reg_mutex); 119 lockdep_assert_held(&reg_mutex);
113} 120}
114 121
122static const struct ieee80211_regdomain *get_cfg80211_regdom(void)
123{
124 return rcu_dereference_protected(cfg80211_regdomain,
125 lockdep_is_held(&reg_mutex));
126}
127
128static const struct ieee80211_regdomain *get_wiphy_regdom(struct wiphy *wiphy)
129{
130 return rcu_dereference_protected(wiphy->regd,
131 lockdep_is_held(&reg_mutex));
132}
133
134static void rcu_free_regdom(const struct ieee80211_regdomain *r)
135{
136 if (!r)
137 return;
138 kfree_rcu((struct ieee80211_regdomain *)r, rcu_head);
139}
140
141static struct regulatory_request *get_last_request(void)
142{
143 return rcu_dereference_check(last_request,
144 lockdep_is_held(&reg_mutex));
145}
146
115/* Used to queue up regulatory hints */ 147/* Used to queue up regulatory hints */
116static LIST_HEAD(reg_requests_list); 148static LIST_HEAD(reg_requests_list);
117static spinlock_t reg_requests_lock; 149static spinlock_t reg_requests_lock;
@@ -177,28 +209,37 @@ static char user_alpha2[2];
177module_param(ieee80211_regdom, charp, 0444); 209module_param(ieee80211_regdom, charp, 0444);
178MODULE_PARM_DESC(ieee80211_regdom, "IEEE 802.11 regulatory domain code"); 210MODULE_PARM_DESC(ieee80211_regdom, "IEEE 802.11 regulatory domain code");
179 211
180static void reset_regdomains(bool full_reset) 212static void reset_regdomains(bool full_reset,
213 const struct ieee80211_regdomain *new_regdom)
181{ 214{
215 const struct ieee80211_regdomain *r;
216 struct regulatory_request *lr;
217
218 assert_reg_lock();
219
220 r = get_cfg80211_regdom();
221
182 /* avoid freeing static information or freeing something twice */ 222 /* avoid freeing static information or freeing something twice */
183 if (cfg80211_regdomain == cfg80211_world_regdom) 223 if (r == cfg80211_world_regdom)
184 cfg80211_regdomain = NULL; 224 r = NULL;
185 if (cfg80211_world_regdom == &world_regdom) 225 if (cfg80211_world_regdom == &world_regdom)
186 cfg80211_world_regdom = NULL; 226 cfg80211_world_regdom = NULL;
187 if (cfg80211_regdomain == &world_regdom) 227 if (r == &world_regdom)
188 cfg80211_regdomain = NULL; 228 r = NULL;
189 229
190 kfree(cfg80211_regdomain); 230 rcu_free_regdom(r);
191 kfree(cfg80211_world_regdom); 231 rcu_free_regdom(cfg80211_world_regdom);
192 232
193 cfg80211_world_regdom = &world_regdom; 233 cfg80211_world_regdom = &world_regdom;
194 cfg80211_regdomain = NULL; 234 rcu_assign_pointer(cfg80211_regdomain, new_regdom);
195 235
196 if (!full_reset) 236 if (!full_reset)
197 return; 237 return;
198 238
199 if (last_request != &core_request_world) 239 lr = get_last_request();
200 kfree(last_request); 240 if (lr != &core_request_world && lr)
201 last_request = &core_request_world; 241 kfree_rcu(lr, rcu_head);
242 rcu_assign_pointer(last_request, &core_request_world);
202} 243}
203 244
204/* 245/*
@@ -207,30 +248,29 @@ static void reset_regdomains(bool full_reset)
207 */ 248 */
208static void update_world_regdomain(const struct ieee80211_regdomain *rd) 249static void update_world_regdomain(const struct ieee80211_regdomain *rd)
209{ 250{
210 BUG_ON(!last_request); 251 struct regulatory_request *lr;
252
253 lr = get_last_request();
254
255 WARN_ON(!lr);
211 256
212 reset_regdomains(false); 257 reset_regdomains(false, rd);
213 258
214 cfg80211_world_regdom = rd; 259 cfg80211_world_regdom = rd;
215 cfg80211_regdomain = rd;
216} 260}
217 261
218bool is_world_regdom(const char *alpha2) 262bool is_world_regdom(const char *alpha2)
219{ 263{
220 if (!alpha2) 264 if (!alpha2)
221 return false; 265 return false;
222 if (alpha2[0] == '0' && alpha2[1] == '0') 266 return alpha2[0] == '0' && alpha2[1] == '0';
223 return true;
224 return false;
225} 267}
226 268
227static bool is_alpha2_set(const char *alpha2) 269static bool is_alpha2_set(const char *alpha2)
228{ 270{
229 if (!alpha2) 271 if (!alpha2)
230 return false; 272 return false;
231 if (alpha2[0] != 0 && alpha2[1] != 0) 273 return alpha2[0] && alpha2[1];
232 return true;
233 return false;
234} 274}
235 275
236static bool is_unknown_alpha2(const char *alpha2) 276static bool is_unknown_alpha2(const char *alpha2)
@@ -241,9 +281,7 @@ static bool is_unknown_alpha2(const char *alpha2)
241 * Special case where regulatory domain was built by driver 281 * Special case where regulatory domain was built by driver
242 * but a specific alpha2 cannot be determined 282 * but a specific alpha2 cannot be determined
243 */ 283 */
244 if (alpha2[0] == '9' && alpha2[1] == '9') 284 return alpha2[0] == '9' && alpha2[1] == '9';
245 return true;
246 return false;
247} 285}
248 286
249static bool is_intersected_alpha2(const char *alpha2) 287static bool is_intersected_alpha2(const char *alpha2)
@@ -255,39 +293,30 @@ static bool is_intersected_alpha2(const char *alpha2)
255 * result of an intersection between two regulatory domain 293 * result of an intersection between two regulatory domain
256 * structures 294 * structures
257 */ 295 */
258 if (alpha2[0] == '9' && alpha2[1] == '8') 296 return alpha2[0] == '9' && alpha2[1] == '8';
259 return true;
260 return false;
261} 297}
262 298
263static bool is_an_alpha2(const char *alpha2) 299static bool is_an_alpha2(const char *alpha2)
264{ 300{
265 if (!alpha2) 301 if (!alpha2)
266 return false; 302 return false;
267 if (isalpha(alpha2[0]) && isalpha(alpha2[1])) 303 return isalpha(alpha2[0]) && isalpha(alpha2[1]);
268 return true;
269 return false;
270} 304}
271 305
272static bool alpha2_equal(const char *alpha2_x, const char *alpha2_y) 306static bool alpha2_equal(const char *alpha2_x, const char *alpha2_y)
273{ 307{
274 if (!alpha2_x || !alpha2_y) 308 if (!alpha2_x || !alpha2_y)
275 return false; 309 return false;
276 if (alpha2_x[0] == alpha2_y[0] && 310 return alpha2_x[0] == alpha2_y[0] && alpha2_x[1] == alpha2_y[1];
277 alpha2_x[1] == alpha2_y[1])
278 return true;
279 return false;
280} 311}
281 312
282static bool regdom_changes(const char *alpha2) 313static bool regdom_changes(const char *alpha2)
283{ 314{
284 assert_cfg80211_lock(); 315 const struct ieee80211_regdomain *r = get_cfg80211_regdom();
285 316
286 if (!cfg80211_regdomain) 317 if (!r)
287 return true; 318 return true;
288 if (alpha2_equal(cfg80211_regdomain->alpha2, alpha2)) 319 return !alpha2_equal(r->alpha2, alpha2);
289 return false;
290 return true;
291} 320}
292 321
293/* 322/*
@@ -301,38 +330,36 @@ static bool is_user_regdom_saved(void)
301 return false; 330 return false;
302 331
303 /* This would indicate a mistake on the design */ 332 /* This would indicate a mistake on the design */
304 if (WARN((!is_world_regdom(user_alpha2) && 333 if (WARN(!is_world_regdom(user_alpha2) && !is_an_alpha2(user_alpha2),
305 !is_an_alpha2(user_alpha2)),
306 "Unexpected user alpha2: %c%c\n", 334 "Unexpected user alpha2: %c%c\n",
307 user_alpha2[0], 335 user_alpha2[0], user_alpha2[1]))
308 user_alpha2[1]))
309 return false; 336 return false;
310 337
311 return true; 338 return true;
312} 339}
313 340
314static int reg_copy_regd(const struct ieee80211_regdomain **dst_regd, 341static const struct ieee80211_regdomain *
315 const struct ieee80211_regdomain *src_regd) 342reg_copy_regd(const struct ieee80211_regdomain *src_regd)
316{ 343{
317 struct ieee80211_regdomain *regd; 344 struct ieee80211_regdomain *regd;
318 int size_of_regd = 0; 345 int size_of_regd;
319 unsigned int i; 346 unsigned int i;
320 347
321 size_of_regd = sizeof(struct ieee80211_regdomain) + 348 size_of_regd =
322 ((src_regd->n_reg_rules + 1) * sizeof(struct ieee80211_reg_rule)); 349 sizeof(struct ieee80211_regdomain) +
350 src_regd->n_reg_rules * sizeof(struct ieee80211_reg_rule);
323 351
324 regd = kzalloc(size_of_regd, GFP_KERNEL); 352 regd = kzalloc(size_of_regd, GFP_KERNEL);
325 if (!regd) 353 if (!regd)
326 return -ENOMEM; 354 return ERR_PTR(-ENOMEM);
327 355
328 memcpy(regd, src_regd, sizeof(struct ieee80211_regdomain)); 356 memcpy(regd, src_regd, sizeof(struct ieee80211_regdomain));
329 357
330 for (i = 0; i < src_regd->n_reg_rules; i++) 358 for (i = 0; i < src_regd->n_reg_rules; i++)
331 memcpy(&regd->reg_rules[i], &src_regd->reg_rules[i], 359 memcpy(&regd->reg_rules[i], &src_regd->reg_rules[i],
332 sizeof(struct ieee80211_reg_rule)); 360 sizeof(struct ieee80211_reg_rule));
333 361
334 *dst_regd = regd; 362 return regd;
335 return 0;
336} 363}
337 364
338#ifdef CONFIG_CFG80211_INTERNAL_REGDB 365#ifdef CONFIG_CFG80211_INTERNAL_REGDB
@@ -347,9 +374,8 @@ static DEFINE_MUTEX(reg_regdb_search_mutex);
347static void reg_regdb_search(struct work_struct *work) 374static void reg_regdb_search(struct work_struct *work)
348{ 375{
349 struct reg_regdb_search_request *request; 376 struct reg_regdb_search_request *request;
350 const struct ieee80211_regdomain *curdom, *regdom; 377 const struct ieee80211_regdomain *curdom, *regdom = NULL;
351 int i, r; 378 int i;
352 bool set_reg = false;
353 379
354 mutex_lock(&cfg80211_mutex); 380 mutex_lock(&cfg80211_mutex);
355 381
@@ -360,14 +386,11 @@ static void reg_regdb_search(struct work_struct *work)
360 list); 386 list);
361 list_del(&request->list); 387 list_del(&request->list);
362 388
363 for (i=0; i<reg_regdb_size; i++) { 389 for (i = 0; i < reg_regdb_size; i++) {
364 curdom = reg_regdb[i]; 390 curdom = reg_regdb[i];
365 391
366 if (!memcmp(request->alpha2, curdom->alpha2, 2)) { 392 if (alpha2_equal(request->alpha2, curdom->alpha2)) {
367 r = reg_copy_regd(&regdom, curdom); 393 regdom = reg_copy_regd(curdom);
368 if (r)
369 break;
370 set_reg = true;
371 break; 394 break;
372 } 395 }
373 } 396 }
@@ -376,7 +399,7 @@ static void reg_regdb_search(struct work_struct *work)
376 } 399 }
377 mutex_unlock(&reg_regdb_search_mutex); 400 mutex_unlock(&reg_regdb_search_mutex);
378 401
379 if (set_reg) 402 if (!IS_ERR_OR_NULL(regdom))
380 set_regdom(regdom); 403 set_regdom(regdom);
381 404
382 mutex_unlock(&cfg80211_mutex); 405 mutex_unlock(&cfg80211_mutex);
@@ -434,15 +457,14 @@ static int call_crda(const char *alpha2)
434 return kobject_uevent(&reg_pdev->dev.kobj, KOBJ_CHANGE); 457 return kobject_uevent(&reg_pdev->dev.kobj, KOBJ_CHANGE);
435} 458}
436 459
437/* Used by nl80211 before kmalloc'ing our regulatory domain */ 460static bool reg_is_valid_request(const char *alpha2)
438bool reg_is_valid_request(const char *alpha2)
439{ 461{
440 assert_cfg80211_lock(); 462 struct regulatory_request *lr = get_last_request();
441 463
442 if (!last_request) 464 if (!lr || lr->processed)
443 return false; 465 return false;
444 466
445 return alpha2_equal(last_request->alpha2, alpha2); 467 return alpha2_equal(lr->alpha2, alpha2);
446} 468}
447 469
448/* Sanity check on a regulatory rule */ 470/* Sanity check on a regulatory rule */
@@ -460,7 +482,7 @@ static bool is_valid_reg_rule(const struct ieee80211_reg_rule *rule)
460 freq_diff = freq_range->end_freq_khz - freq_range->start_freq_khz; 482 freq_diff = freq_range->end_freq_khz - freq_range->start_freq_khz;
461 483
462 if (freq_range->end_freq_khz <= freq_range->start_freq_khz || 484 if (freq_range->end_freq_khz <= freq_range->start_freq_khz ||
463 freq_range->max_bandwidth_khz > freq_diff) 485 freq_range->max_bandwidth_khz > freq_diff)
464 return false; 486 return false;
465 487
466 return true; 488 return true;
@@ -487,8 +509,7 @@ static bool is_valid_rd(const struct ieee80211_regdomain *rd)
487} 509}
488 510
489static bool reg_does_bw_fit(const struct ieee80211_freq_range *freq_range, 511static bool reg_does_bw_fit(const struct ieee80211_freq_range *freq_range,
490 u32 center_freq_khz, 512 u32 center_freq_khz, u32 bw_khz)
491 u32 bw_khz)
492{ 513{
493 u32 start_freq_khz, end_freq_khz; 514 u32 start_freq_khz, end_freq_khz;
494 515
@@ -518,7 +539,7 @@ static bool reg_does_bw_fit(const struct ieee80211_freq_range *freq_range,
518 * regulatory rule support for other "bands". 539 * regulatory rule support for other "bands".
519 **/ 540 **/
520static bool freq_in_rule_band(const struct ieee80211_freq_range *freq_range, 541static bool freq_in_rule_band(const struct ieee80211_freq_range *freq_range,
521 u32 freq_khz) 542 u32 freq_khz)
522{ 543{
523#define ONE_GHZ_IN_KHZ 1000000 544#define ONE_GHZ_IN_KHZ 1000000
524 /* 545 /*
@@ -540,10 +561,9 @@ static bool freq_in_rule_band(const struct ieee80211_freq_range *freq_range,
540 * Helper for regdom_intersect(), this does the real 561 * Helper for regdom_intersect(), this does the real
541 * mathematical intersection fun 562 * mathematical intersection fun
542 */ 563 */
543static int reg_rules_intersect( 564static int reg_rules_intersect(const struct ieee80211_reg_rule *rule1,
544 const struct ieee80211_reg_rule *rule1, 565 const struct ieee80211_reg_rule *rule2,
545 const struct ieee80211_reg_rule *rule2, 566 struct ieee80211_reg_rule *intersected_rule)
546 struct ieee80211_reg_rule *intersected_rule)
547{ 567{
548 const struct ieee80211_freq_range *freq_range1, *freq_range2; 568 const struct ieee80211_freq_range *freq_range1, *freq_range2;
549 struct ieee80211_freq_range *freq_range; 569 struct ieee80211_freq_range *freq_range;
@@ -560,11 +580,11 @@ static int reg_rules_intersect(
560 power_rule = &intersected_rule->power_rule; 580 power_rule = &intersected_rule->power_rule;
561 581
562 freq_range->start_freq_khz = max(freq_range1->start_freq_khz, 582 freq_range->start_freq_khz = max(freq_range1->start_freq_khz,
563 freq_range2->start_freq_khz); 583 freq_range2->start_freq_khz);
564 freq_range->end_freq_khz = min(freq_range1->end_freq_khz, 584 freq_range->end_freq_khz = min(freq_range1->end_freq_khz,
565 freq_range2->end_freq_khz); 585 freq_range2->end_freq_khz);
566 freq_range->max_bandwidth_khz = min(freq_range1->max_bandwidth_khz, 586 freq_range->max_bandwidth_khz = min(freq_range1->max_bandwidth_khz,
567 freq_range2->max_bandwidth_khz); 587 freq_range2->max_bandwidth_khz);
568 588
569 freq_diff = freq_range->end_freq_khz - freq_range->start_freq_khz; 589 freq_diff = freq_range->end_freq_khz - freq_range->start_freq_khz;
570 if (freq_range->max_bandwidth_khz > freq_diff) 590 if (freq_range->max_bandwidth_khz > freq_diff)
@@ -575,7 +595,7 @@ static int reg_rules_intersect(
575 power_rule->max_antenna_gain = min(power_rule1->max_antenna_gain, 595 power_rule->max_antenna_gain = min(power_rule1->max_antenna_gain,
576 power_rule2->max_antenna_gain); 596 power_rule2->max_antenna_gain);
577 597
578 intersected_rule->flags = (rule1->flags | rule2->flags); 598 intersected_rule->flags = rule1->flags | rule2->flags;
579 599
580 if (!is_valid_reg_rule(intersected_rule)) 600 if (!is_valid_reg_rule(intersected_rule))
581 return -EINVAL; 601 return -EINVAL;
@@ -596,9 +616,9 @@ static int reg_rules_intersect(
596 * resulting intersection of rules between rd1 and rd2. We will 616 * resulting intersection of rules between rd1 and rd2. We will
597 * kzalloc() this structure for you. 617 * kzalloc() this structure for you.
598 */ 618 */
599static struct ieee80211_regdomain *regdom_intersect( 619static struct ieee80211_regdomain *
600 const struct ieee80211_regdomain *rd1, 620regdom_intersect(const struct ieee80211_regdomain *rd1,
601 const struct ieee80211_regdomain *rd2) 621 const struct ieee80211_regdomain *rd2)
602{ 622{
603 int r, size_of_regd; 623 int r, size_of_regd;
604 unsigned int x, y; 624 unsigned int x, y;
@@ -607,12 +627,7 @@ static struct ieee80211_regdomain *regdom_intersect(
607 struct ieee80211_reg_rule *intersected_rule; 627 struct ieee80211_reg_rule *intersected_rule;
608 struct ieee80211_regdomain *rd; 628 struct ieee80211_regdomain *rd;
609 /* This is just a dummy holder to help us count */ 629 /* This is just a dummy holder to help us count */
610 struct ieee80211_reg_rule irule; 630 struct ieee80211_reg_rule dummy_rule;
611
612 /* Uses the stack temporarily for counter arithmetic */
613 intersected_rule = &irule;
614
615 memset(intersected_rule, 0, sizeof(struct ieee80211_reg_rule));
616 631
617 if (!rd1 || !rd2) 632 if (!rd1 || !rd2)
618 return NULL; 633 return NULL;
@@ -629,11 +644,8 @@ static struct ieee80211_regdomain *regdom_intersect(
629 rule1 = &rd1->reg_rules[x]; 644 rule1 = &rd1->reg_rules[x];
630 for (y = 0; y < rd2->n_reg_rules; y++) { 645 for (y = 0; y < rd2->n_reg_rules; y++) {
631 rule2 = &rd2->reg_rules[y]; 646 rule2 = &rd2->reg_rules[y];
632 if (!reg_rules_intersect(rule1, rule2, 647 if (!reg_rules_intersect(rule1, rule2, &dummy_rule))
633 intersected_rule))
634 num_rules++; 648 num_rules++;
635 memset(intersected_rule, 0,
636 sizeof(struct ieee80211_reg_rule));
637 } 649 }
638 } 650 }
639 651
@@ -641,15 +653,15 @@ static struct ieee80211_regdomain *regdom_intersect(
641 return NULL; 653 return NULL;
642 654
643 size_of_regd = sizeof(struct ieee80211_regdomain) + 655 size_of_regd = sizeof(struct ieee80211_regdomain) +
644 ((num_rules + 1) * sizeof(struct ieee80211_reg_rule)); 656 num_rules * sizeof(struct ieee80211_reg_rule);
645 657
646 rd = kzalloc(size_of_regd, GFP_KERNEL); 658 rd = kzalloc(size_of_regd, GFP_KERNEL);
647 if (!rd) 659 if (!rd)
648 return NULL; 660 return NULL;
649 661
650 for (x = 0; x < rd1->n_reg_rules; x++) { 662 for (x = 0; x < rd1->n_reg_rules && rule_idx < num_rules; x++) {
651 rule1 = &rd1->reg_rules[x]; 663 rule1 = &rd1->reg_rules[x];
652 for (y = 0; y < rd2->n_reg_rules; y++) { 664 for (y = 0; y < rd2->n_reg_rules && rule_idx < num_rules; y++) {
653 rule2 = &rd2->reg_rules[y]; 665 rule2 = &rd2->reg_rules[y];
654 /* 666 /*
655 * This time around instead of using the stack lets 667 * This time around instead of using the stack lets
@@ -657,8 +669,7 @@ static struct ieee80211_regdomain *regdom_intersect(
657 * a memcpy() 669 * a memcpy()
658 */ 670 */
659 intersected_rule = &rd->reg_rules[rule_idx]; 671 intersected_rule = &rd->reg_rules[rule_idx];
660 r = reg_rules_intersect(rule1, rule2, 672 r = reg_rules_intersect(rule1, rule2, intersected_rule);
661 intersected_rule);
662 /* 673 /*
663 * No need to memset here the intersected rule here as 674 * No need to memset here the intersected rule here as
664 * we're not using the stack anymore 675 * we're not using the stack anymore
@@ -699,34 +710,16 @@ static u32 map_regdom_flags(u32 rd_flags)
699 return channel_flags; 710 return channel_flags;
700} 711}
701 712
702static int freq_reg_info_regd(struct wiphy *wiphy, 713static const struct ieee80211_reg_rule *
703 u32 center_freq, 714freq_reg_info_regd(struct wiphy *wiphy, u32 center_freq,
704 u32 desired_bw_khz, 715 const struct ieee80211_regdomain *regd)
705 const struct ieee80211_reg_rule **reg_rule,
706 const struct ieee80211_regdomain *custom_regd)
707{ 716{
708 int i; 717 int i;
709 bool band_rule_found = false; 718 bool band_rule_found = false;
710 const struct ieee80211_regdomain *regd;
711 bool bw_fits = false; 719 bool bw_fits = false;
712 720
713 if (!desired_bw_khz)
714 desired_bw_khz = MHZ_TO_KHZ(20);
715
716 regd = custom_regd ? custom_regd : cfg80211_regdomain;
717
718 /*
719 * Follow the driver's regulatory domain, if present, unless a country
720 * IE has been processed or a user wants to help complaince further
721 */
722 if (!custom_regd &&
723 last_request->initiator != NL80211_REGDOM_SET_BY_COUNTRY_IE &&
724 last_request->initiator != NL80211_REGDOM_SET_BY_USER &&
725 wiphy->regd)
726 regd = wiphy->regd;
727
728 if (!regd) 721 if (!regd)
729 return -EINVAL; 722 return ERR_PTR(-EINVAL);
730 723
731 for (i = 0; i < regd->n_reg_rules; i++) { 724 for (i = 0; i < regd->n_reg_rules; i++) {
732 const struct ieee80211_reg_rule *rr; 725 const struct ieee80211_reg_rule *rr;
@@ -743,33 +736,36 @@ static int freq_reg_info_regd(struct wiphy *wiphy,
743 if (!band_rule_found) 736 if (!band_rule_found)
744 band_rule_found = freq_in_rule_band(fr, center_freq); 737 band_rule_found = freq_in_rule_band(fr, center_freq);
745 738
746 bw_fits = reg_does_bw_fit(fr, 739 bw_fits = reg_does_bw_fit(fr, center_freq, MHZ_TO_KHZ(20));
747 center_freq,
748 desired_bw_khz);
749 740
750 if (band_rule_found && bw_fits) { 741 if (band_rule_found && bw_fits)
751 *reg_rule = rr; 742 return rr;
752 return 0;
753 }
754 } 743 }
755 744
756 if (!band_rule_found) 745 if (!band_rule_found)
757 return -ERANGE; 746 return ERR_PTR(-ERANGE);
758 747
759 return -EINVAL; 748 return ERR_PTR(-EINVAL);
760} 749}
761 750
762int freq_reg_info(struct wiphy *wiphy, 751const struct ieee80211_reg_rule *freq_reg_info(struct wiphy *wiphy,
763 u32 center_freq, 752 u32 center_freq)
764 u32 desired_bw_khz,
765 const struct ieee80211_reg_rule **reg_rule)
766{ 753{
767 assert_cfg80211_lock(); 754 const struct ieee80211_regdomain *regd;
768 return freq_reg_info_regd(wiphy, 755 struct regulatory_request *lr = get_last_request();
769 center_freq, 756
770 desired_bw_khz, 757 /*
771 reg_rule, 758 * Follow the driver's regulatory domain, if present, unless a country
772 NULL); 759 * IE has been processed or a user wants to help complaince further
760 */
761 if (lr->initiator != NL80211_REGDOM_SET_BY_COUNTRY_IE &&
762 lr->initiator != NL80211_REGDOM_SET_BY_USER &&
763 wiphy->regd)
764 regd = get_wiphy_regdom(wiphy);
765 else
766 regd = get_cfg80211_regdom();
767
768 return freq_reg_info_regd(wiphy, center_freq, regd);
773} 769}
774EXPORT_SYMBOL(freq_reg_info); 770EXPORT_SYMBOL(freq_reg_info);
775 771
@@ -792,7 +788,6 @@ static const char *reg_initiator_name(enum nl80211_reg_initiator initiator)
792} 788}
793 789
794static void chan_reg_rule_print_dbg(struct ieee80211_channel *chan, 790static void chan_reg_rule_print_dbg(struct ieee80211_channel *chan,
795 u32 desired_bw_khz,
796 const struct ieee80211_reg_rule *reg_rule) 791 const struct ieee80211_reg_rule *reg_rule)
797{ 792{
798 const struct ieee80211_power_rule *power_rule; 793 const struct ieee80211_power_rule *power_rule;
@@ -807,21 +802,16 @@ static void chan_reg_rule_print_dbg(struct ieee80211_channel *chan,
807 else 802 else
808 snprintf(max_antenna_gain, 32, "%d", power_rule->max_antenna_gain); 803 snprintf(max_antenna_gain, 32, "%d", power_rule->max_antenna_gain);
809 804
810 REG_DBG_PRINT("Updating information on frequency %d MHz " 805 REG_DBG_PRINT("Updating information on frequency %d MHz with regulatory rule:\n",
811 "for a %d MHz width channel with regulatory rule:\n", 806 chan->center_freq);
812 chan->center_freq,
813 KHZ_TO_MHZ(desired_bw_khz));
814 807
815 REG_DBG_PRINT("%d KHz - %d KHz @ %d KHz), (%s mBi, %d mBm)\n", 808 REG_DBG_PRINT("%d KHz - %d KHz @ %d KHz), (%s mBi, %d mBm)\n",
816 freq_range->start_freq_khz, 809 freq_range->start_freq_khz, freq_range->end_freq_khz,
817 freq_range->end_freq_khz, 810 freq_range->max_bandwidth_khz, max_antenna_gain,
818 freq_range->max_bandwidth_khz,
819 max_antenna_gain,
820 power_rule->max_eirp); 811 power_rule->max_eirp);
821} 812}
822#else 813#else
823static void chan_reg_rule_print_dbg(struct ieee80211_channel *chan, 814static void chan_reg_rule_print_dbg(struct ieee80211_channel *chan,
824 u32 desired_bw_khz,
825 const struct ieee80211_reg_rule *reg_rule) 815 const struct ieee80211_reg_rule *reg_rule)
826{ 816{
827 return; 817 return;
@@ -831,43 +821,25 @@ static void chan_reg_rule_print_dbg(struct ieee80211_channel *chan,
831/* 821/*
832 * Note that right now we assume the desired channel bandwidth 822 * Note that right now we assume the desired channel bandwidth
833 * is always 20 MHz for each individual channel (HT40 uses 20 MHz 823 * is always 20 MHz for each individual channel (HT40 uses 20 MHz
834 * per channel, the primary and the extension channel). To support 824 * per channel, the primary and the extension channel).
835 * smaller custom bandwidths such as 5 MHz or 10 MHz we'll need a
836 * new ieee80211_channel.target_bw and re run the regulatory check
837 * on the wiphy with the target_bw specified. Then we can simply use
838 * that below for the desired_bw_khz below.
839 */ 825 */
840static void handle_channel(struct wiphy *wiphy, 826static void handle_channel(struct wiphy *wiphy,
841 enum nl80211_reg_initiator initiator, 827 enum nl80211_reg_initiator initiator,
842 enum ieee80211_band band, 828 struct ieee80211_channel *chan)
843 unsigned int chan_idx)
844{ 829{
845 int r;
846 u32 flags, bw_flags = 0; 830 u32 flags, bw_flags = 0;
847 u32 desired_bw_khz = MHZ_TO_KHZ(20);
848 const struct ieee80211_reg_rule *reg_rule = NULL; 831 const struct ieee80211_reg_rule *reg_rule = NULL;
849 const struct ieee80211_power_rule *power_rule = NULL; 832 const struct ieee80211_power_rule *power_rule = NULL;
850 const struct ieee80211_freq_range *freq_range = NULL; 833 const struct ieee80211_freq_range *freq_range = NULL;
851 struct ieee80211_supported_band *sband;
852 struct ieee80211_channel *chan;
853 struct wiphy *request_wiphy = NULL; 834 struct wiphy *request_wiphy = NULL;
835 struct regulatory_request *lr = get_last_request();
854 836
855 assert_cfg80211_lock(); 837 request_wiphy = wiphy_idx_to_wiphy(lr->wiphy_idx);
856
857 request_wiphy = wiphy_idx_to_wiphy(last_request->wiphy_idx);
858
859 sband = wiphy->bands[band];
860 BUG_ON(chan_idx >= sband->n_channels);
861 chan = &sband->channels[chan_idx];
862 838
863 flags = chan->orig_flags; 839 flags = chan->orig_flags;
864 840
865 r = freq_reg_info(wiphy, 841 reg_rule = freq_reg_info(wiphy, MHZ_TO_KHZ(chan->center_freq));
866 MHZ_TO_KHZ(chan->center_freq), 842 if (IS_ERR(reg_rule)) {
867 desired_bw_khz,
868 &reg_rule);
869
870 if (r) {
871 /* 843 /*
872 * We will disable all channels that do not match our 844 * We will disable all channels that do not match our
873 * received regulatory rule unless the hint is coming 845 * received regulatory rule unless the hint is coming
@@ -879,7 +851,7 @@ static void handle_channel(struct wiphy *wiphy,
879 * while 5 GHz is still supported. 851 * while 5 GHz is still supported.
880 */ 852 */
881 if (initiator == NL80211_REGDOM_SET_BY_COUNTRY_IE && 853 if (initiator == NL80211_REGDOM_SET_BY_COUNTRY_IE &&
882 r == -ERANGE) 854 PTR_ERR(reg_rule) == -ERANGE)
883 return; 855 return;
884 856
885 REG_DBG_PRINT("Disabling freq %d MHz\n", chan->center_freq); 857 REG_DBG_PRINT("Disabling freq %d MHz\n", chan->center_freq);
@@ -887,7 +859,7 @@ static void handle_channel(struct wiphy *wiphy,
887 return; 859 return;
888 } 860 }
889 861
890 chan_reg_rule_print_dbg(chan, desired_bw_khz, reg_rule); 862 chan_reg_rule_print_dbg(chan, reg_rule);
891 863
892 power_rule = &reg_rule->power_rule; 864 power_rule = &reg_rule->power_rule;
893 freq_range = &reg_rule->freq_range; 865 freq_range = &reg_rule->freq_range;
@@ -895,7 +867,7 @@ static void handle_channel(struct wiphy *wiphy,
895 if (freq_range->max_bandwidth_khz < MHZ_TO_KHZ(40)) 867 if (freq_range->max_bandwidth_khz < MHZ_TO_KHZ(40))
896 bw_flags = IEEE80211_CHAN_NO_HT40; 868 bw_flags = IEEE80211_CHAN_NO_HT40;
897 869
898 if (last_request->initiator == NL80211_REGDOM_SET_BY_DRIVER && 870 if (lr->initiator == NL80211_REGDOM_SET_BY_DRIVER &&
899 request_wiphy && request_wiphy == wiphy && 871 request_wiphy && request_wiphy == wiphy &&
900 request_wiphy->flags & WIPHY_FLAG_STRICT_REGULATORY) { 872 request_wiphy->flags & WIPHY_FLAG_STRICT_REGULATORY) {
901 /* 873 /*
@@ -914,8 +886,9 @@ static void handle_channel(struct wiphy *wiphy,
914 886
915 chan->beacon_found = false; 887 chan->beacon_found = false;
916 chan->flags = flags | bw_flags | map_regdom_flags(reg_rule->flags); 888 chan->flags = flags | bw_flags | map_regdom_flags(reg_rule->flags);
917 chan->max_antenna_gain = min(chan->orig_mag, 889 chan->max_antenna_gain =
918 (int) MBI_TO_DBI(power_rule->max_antenna_gain)); 890 min_t(int, chan->orig_mag,
891 MBI_TO_DBI(power_rule->max_antenna_gain));
919 chan->max_reg_power = (int) MBM_TO_DBM(power_rule->max_eirp); 892 chan->max_reg_power = (int) MBM_TO_DBM(power_rule->max_eirp);
920 if (chan->orig_mpwr) { 893 if (chan->orig_mpwr) {
921 /* 894 /*
@@ -935,68 +908,65 @@ static void handle_channel(struct wiphy *wiphy,
935} 908}
936 909
937static void handle_band(struct wiphy *wiphy, 910static void handle_band(struct wiphy *wiphy,
938 enum ieee80211_band band, 911 enum nl80211_reg_initiator initiator,
939 enum nl80211_reg_initiator initiator) 912 struct ieee80211_supported_band *sband)
940{ 913{
941 unsigned int i; 914 unsigned int i;
942 struct ieee80211_supported_band *sband;
943 915
944 BUG_ON(!wiphy->bands[band]); 916 if (!sband)
945 sband = wiphy->bands[band]; 917 return;
946 918
947 for (i = 0; i < sband->n_channels; i++) 919 for (i = 0; i < sband->n_channels; i++)
948 handle_channel(wiphy, initiator, band, i); 920 handle_channel(wiphy, initiator, &sband->channels[i]);
949} 921}
950 922
951static bool reg_request_cell_base(struct regulatory_request *request) 923static bool reg_request_cell_base(struct regulatory_request *request)
952{ 924{
953 if (request->initiator != NL80211_REGDOM_SET_BY_USER) 925 if (request->initiator != NL80211_REGDOM_SET_BY_USER)
954 return false; 926 return false;
955 if (request->user_reg_hint_type != NL80211_USER_REG_HINT_CELL_BASE) 927 return request->user_reg_hint_type == NL80211_USER_REG_HINT_CELL_BASE;
956 return false;
957 return true;
958} 928}
959 929
960bool reg_last_request_cell_base(void) 930bool reg_last_request_cell_base(void)
961{ 931{
962 bool val; 932 bool val;
963 assert_cfg80211_lock();
964 933
965 mutex_lock(&reg_mutex); 934 mutex_lock(&reg_mutex);
966 val = reg_request_cell_base(last_request); 935 val = reg_request_cell_base(get_last_request());
967 mutex_unlock(&reg_mutex); 936 mutex_unlock(&reg_mutex);
937
968 return val; 938 return val;
969} 939}
970 940
971#ifdef CONFIG_CFG80211_CERTIFICATION_ONUS 941#ifdef CONFIG_CFG80211_CERTIFICATION_ONUS
972
973/* Core specific check */ 942/* Core specific check */
974static int reg_ignore_cell_hint(struct regulatory_request *pending_request) 943static enum reg_request_treatment
944reg_ignore_cell_hint(struct regulatory_request *pending_request)
975{ 945{
946 struct regulatory_request *lr = get_last_request();
947
976 if (!reg_num_devs_support_basehint) 948 if (!reg_num_devs_support_basehint)
977 return -EOPNOTSUPP; 949 return REG_REQ_IGNORE;
978 950
979 if (reg_request_cell_base(last_request)) { 951 if (reg_request_cell_base(lr) &&
980 if (!regdom_changes(pending_request->alpha2)) 952 !regdom_changes(pending_request->alpha2))
981 return -EALREADY; 953 return REG_REQ_ALREADY_SET;
982 return 0; 954
983 } 955 return REG_REQ_OK;
984 return 0;
985} 956}
986 957
987/* Device specific check */ 958/* Device specific check */
988static bool reg_dev_ignore_cell_hint(struct wiphy *wiphy) 959static bool reg_dev_ignore_cell_hint(struct wiphy *wiphy)
989{ 960{
990 if (!(wiphy->features & NL80211_FEATURE_CELL_BASE_REG_HINTS)) 961 return !(wiphy->features & NL80211_FEATURE_CELL_BASE_REG_HINTS);
991 return true;
992 return false;
993} 962}
994#else 963#else
995static int reg_ignore_cell_hint(struct regulatory_request *pending_request) 964static int reg_ignore_cell_hint(struct regulatory_request *pending_request)
996{ 965{
997 return -EOPNOTSUPP; 966 return REG_REQ_IGNORE;
998} 967}
999static int reg_dev_ignore_cell_hint(struct wiphy *wiphy) 968
969static bool reg_dev_ignore_cell_hint(struct wiphy *wiphy)
1000{ 970{
1001 return true; 971 return true;
1002} 972}
@@ -1006,18 +976,17 @@ static int reg_dev_ignore_cell_hint(struct wiphy *wiphy)
1006static bool ignore_reg_update(struct wiphy *wiphy, 976static bool ignore_reg_update(struct wiphy *wiphy,
1007 enum nl80211_reg_initiator initiator) 977 enum nl80211_reg_initiator initiator)
1008{ 978{
1009 if (!last_request) { 979 struct regulatory_request *lr = get_last_request();
1010 REG_DBG_PRINT("Ignoring regulatory request %s since " 980
1011 "last_request is not set\n", 981 if (!lr) {
982 REG_DBG_PRINT("Ignoring regulatory request %s since last_request is not set\n",
1012 reg_initiator_name(initiator)); 983 reg_initiator_name(initiator));
1013 return true; 984 return true;
1014 } 985 }
1015 986
1016 if (initiator == NL80211_REGDOM_SET_BY_CORE && 987 if (initiator == NL80211_REGDOM_SET_BY_CORE &&
1017 wiphy->flags & WIPHY_FLAG_CUSTOM_REGULATORY) { 988 wiphy->flags & WIPHY_FLAG_CUSTOM_REGULATORY) {
1018 REG_DBG_PRINT("Ignoring regulatory request %s " 989 REG_DBG_PRINT("Ignoring regulatory request %s since the driver uses its own custom regulatory domain\n",
1019 "since the driver uses its own custom "
1020 "regulatory domain\n",
1021 reg_initiator_name(initiator)); 990 reg_initiator_name(initiator));
1022 return true; 991 return true;
1023 } 992 }
@@ -1028,22 +997,35 @@ static bool ignore_reg_update(struct wiphy *wiphy,
1028 */ 997 */
1029 if (wiphy->flags & WIPHY_FLAG_STRICT_REGULATORY && !wiphy->regd && 998 if (wiphy->flags & WIPHY_FLAG_STRICT_REGULATORY && !wiphy->regd &&
1030 initiator != NL80211_REGDOM_SET_BY_COUNTRY_IE && 999 initiator != NL80211_REGDOM_SET_BY_COUNTRY_IE &&
1031 !is_world_regdom(last_request->alpha2)) { 1000 !is_world_regdom(lr->alpha2)) {
1032 REG_DBG_PRINT("Ignoring regulatory request %s " 1001 REG_DBG_PRINT("Ignoring regulatory request %s since the driver requires its own regulatory domain to be set first\n",
1033 "since the driver requires its own regulatory "
1034 "domain to be set first\n",
1035 reg_initiator_name(initiator)); 1002 reg_initiator_name(initiator));
1036 return true; 1003 return true;
1037 } 1004 }
1038 1005
1039 if (reg_request_cell_base(last_request)) 1006 if (reg_request_cell_base(lr))
1040 return reg_dev_ignore_cell_hint(wiphy); 1007 return reg_dev_ignore_cell_hint(wiphy);
1041 1008
1042 return false; 1009 return false;
1043} 1010}
1044 1011
1045static void handle_reg_beacon(struct wiphy *wiphy, 1012static bool reg_is_world_roaming(struct wiphy *wiphy)
1046 unsigned int chan_idx, 1013{
1014 const struct ieee80211_regdomain *cr = get_cfg80211_regdom();
1015 const struct ieee80211_regdomain *wr = get_wiphy_regdom(wiphy);
1016 struct regulatory_request *lr = get_last_request();
1017
1018 if (is_world_regdom(cr->alpha2) || (wr && is_world_regdom(wr->alpha2)))
1019 return true;
1020
1021 if (lr && lr->initiator != NL80211_REGDOM_SET_BY_COUNTRY_IE &&
1022 wiphy->flags & WIPHY_FLAG_CUSTOM_REGULATORY)
1023 return true;
1024
1025 return false;
1026}
1027
1028static void handle_reg_beacon(struct wiphy *wiphy, unsigned int chan_idx,
1047 struct reg_beacon *reg_beacon) 1029 struct reg_beacon *reg_beacon)
1048{ 1030{
1049 struct ieee80211_supported_band *sband; 1031 struct ieee80211_supported_band *sband;
@@ -1051,8 +1033,6 @@ static void handle_reg_beacon(struct wiphy *wiphy,
1051 bool channel_changed = false; 1033 bool channel_changed = false;
1052 struct ieee80211_channel chan_before; 1034 struct ieee80211_channel chan_before;
1053 1035
1054 assert_cfg80211_lock();
1055
1056 sband = wiphy->bands[reg_beacon->chan.band]; 1036 sband = wiphy->bands[reg_beacon->chan.band];
1057 chan = &sband->channels[chan_idx]; 1037 chan = &sband->channels[chan_idx];
1058 1038
@@ -1064,6 +1044,9 @@ static void handle_reg_beacon(struct wiphy *wiphy,
1064 1044
1065 chan->beacon_found = true; 1045 chan->beacon_found = true;
1066 1046
1047 if (!reg_is_world_roaming(wiphy))
1048 return;
1049
1067 if (wiphy->flags & WIPHY_FLAG_DISABLE_BEACON_HINTS) 1050 if (wiphy->flags & WIPHY_FLAG_DISABLE_BEACON_HINTS)
1068 return; 1051 return;
1069 1052
@@ -1094,8 +1077,6 @@ static void wiphy_update_new_beacon(struct wiphy *wiphy,
1094 unsigned int i; 1077 unsigned int i;
1095 struct ieee80211_supported_band *sband; 1078 struct ieee80211_supported_band *sband;
1096 1079
1097 assert_cfg80211_lock();
1098
1099 if (!wiphy->bands[reg_beacon->chan.band]) 1080 if (!wiphy->bands[reg_beacon->chan.band])
1100 return; 1081 return;
1101 1082
@@ -1114,11 +1095,6 @@ static void wiphy_update_beacon_reg(struct wiphy *wiphy)
1114 struct ieee80211_supported_band *sband; 1095 struct ieee80211_supported_band *sband;
1115 struct reg_beacon *reg_beacon; 1096 struct reg_beacon *reg_beacon;
1116 1097
1117 assert_cfg80211_lock();
1118
1119 if (list_empty(&reg_beacon_list))
1120 return;
1121
1122 list_for_each_entry(reg_beacon, &reg_beacon_list, list) { 1098 list_for_each_entry(reg_beacon, &reg_beacon_list, list) {
1123 if (!wiphy->bands[reg_beacon->chan.band]) 1099 if (!wiphy->bands[reg_beacon->chan.band])
1124 continue; 1100 continue;
@@ -1128,18 +1104,6 @@ static void wiphy_update_beacon_reg(struct wiphy *wiphy)
1128 } 1104 }
1129} 1105}
1130 1106
1131static bool reg_is_world_roaming(struct wiphy *wiphy)
1132{
1133 if (is_world_regdom(cfg80211_regdomain->alpha2) ||
1134 (wiphy->regd && is_world_regdom(wiphy->regd->alpha2)))
1135 return true;
1136 if (last_request &&
1137 last_request->initiator != NL80211_REGDOM_SET_BY_COUNTRY_IE &&
1138 wiphy->flags & WIPHY_FLAG_CUSTOM_REGULATORY)
1139 return true;
1140 return false;
1141}
1142
1143/* Reap the advantages of previously found beacons */ 1107/* Reap the advantages of previously found beacons */
1144static void reg_process_beacons(struct wiphy *wiphy) 1108static void reg_process_beacons(struct wiphy *wiphy)
1145{ 1109{
@@ -1149,39 +1113,29 @@ static void reg_process_beacons(struct wiphy *wiphy)
1149 */ 1113 */
1150 if (!last_request) 1114 if (!last_request)
1151 return; 1115 return;
1152 if (!reg_is_world_roaming(wiphy))
1153 return;
1154 wiphy_update_beacon_reg(wiphy); 1116 wiphy_update_beacon_reg(wiphy);
1155} 1117}
1156 1118
1157static bool is_ht40_not_allowed(struct ieee80211_channel *chan) 1119static bool is_ht40_allowed(struct ieee80211_channel *chan)
1158{ 1120{
1159 if (!chan) 1121 if (!chan)
1160 return true; 1122 return false;
1161 if (chan->flags & IEEE80211_CHAN_DISABLED) 1123 if (chan->flags & IEEE80211_CHAN_DISABLED)
1162 return true; 1124 return false;
1163 /* This would happen when regulatory rules disallow HT40 completely */ 1125 /* This would happen when regulatory rules disallow HT40 completely */
1164 if (IEEE80211_CHAN_NO_HT40 == (chan->flags & (IEEE80211_CHAN_NO_HT40))) 1126 if ((chan->flags & IEEE80211_CHAN_NO_HT40) == IEEE80211_CHAN_NO_HT40)
1165 return true; 1127 return false;
1166 return false; 1128 return true;
1167} 1129}
1168 1130
1169static void reg_process_ht_flags_channel(struct wiphy *wiphy, 1131static void reg_process_ht_flags_channel(struct wiphy *wiphy,
1170 enum ieee80211_band band, 1132 struct ieee80211_channel *channel)
1171 unsigned int chan_idx)
1172{ 1133{
1173 struct ieee80211_supported_band *sband; 1134 struct ieee80211_supported_band *sband = wiphy->bands[channel->band];
1174 struct ieee80211_channel *channel;
1175 struct ieee80211_channel *channel_before = NULL, *channel_after = NULL; 1135 struct ieee80211_channel *channel_before = NULL, *channel_after = NULL;
1176 unsigned int i; 1136 unsigned int i;
1177 1137
1178 assert_cfg80211_lock(); 1138 if (!is_ht40_allowed(channel)) {
1179
1180 sband = wiphy->bands[band];
1181 BUG_ON(chan_idx >= sband->n_channels);
1182 channel = &sband->channels[chan_idx];
1183
1184 if (is_ht40_not_allowed(channel)) {
1185 channel->flags |= IEEE80211_CHAN_NO_HT40; 1139 channel->flags |= IEEE80211_CHAN_NO_HT40;
1186 return; 1140 return;
1187 } 1141 }
@@ -1192,6 +1146,7 @@ static void reg_process_ht_flags_channel(struct wiphy *wiphy,
1192 */ 1146 */
1193 for (i = 0; i < sband->n_channels; i++) { 1147 for (i = 0; i < sband->n_channels; i++) {
1194 struct ieee80211_channel *c = &sband->channels[i]; 1148 struct ieee80211_channel *c = &sband->channels[i];
1149
1195 if (c->center_freq == (channel->center_freq - 20)) 1150 if (c->center_freq == (channel->center_freq - 20))
1196 channel_before = c; 1151 channel_before = c;
1197 if (c->center_freq == (channel->center_freq + 20)) 1152 if (c->center_freq == (channel->center_freq + 20))
@@ -1203,28 +1158,27 @@ static void reg_process_ht_flags_channel(struct wiphy *wiphy,
1203 * if that ever changes we also need to change the below logic 1158 * if that ever changes we also need to change the below logic
1204 * to include that as well. 1159 * to include that as well.
1205 */ 1160 */
1206 if (is_ht40_not_allowed(channel_before)) 1161 if (!is_ht40_allowed(channel_before))
1207 channel->flags |= IEEE80211_CHAN_NO_HT40MINUS; 1162 channel->flags |= IEEE80211_CHAN_NO_HT40MINUS;
1208 else 1163 else
1209 channel->flags &= ~IEEE80211_CHAN_NO_HT40MINUS; 1164 channel->flags &= ~IEEE80211_CHAN_NO_HT40MINUS;
1210 1165
1211 if (is_ht40_not_allowed(channel_after)) 1166 if (!is_ht40_allowed(channel_after))
1212 channel->flags |= IEEE80211_CHAN_NO_HT40PLUS; 1167 channel->flags |= IEEE80211_CHAN_NO_HT40PLUS;
1213 else 1168 else
1214 channel->flags &= ~IEEE80211_CHAN_NO_HT40PLUS; 1169 channel->flags &= ~IEEE80211_CHAN_NO_HT40PLUS;
1215} 1170}
1216 1171
1217static void reg_process_ht_flags_band(struct wiphy *wiphy, 1172static void reg_process_ht_flags_band(struct wiphy *wiphy,
1218 enum ieee80211_band band) 1173 struct ieee80211_supported_band *sband)
1219{ 1174{
1220 unsigned int i; 1175 unsigned int i;
1221 struct ieee80211_supported_band *sband;
1222 1176
1223 BUG_ON(!wiphy->bands[band]); 1177 if (!sband)
1224 sband = wiphy->bands[band]; 1178 return;
1225 1179
1226 for (i = 0; i < sband->n_channels; i++) 1180 for (i = 0; i < sband->n_channels; i++)
1227 reg_process_ht_flags_channel(wiphy, band, i); 1181 reg_process_ht_flags_channel(wiphy, &sband->channels[i]);
1228} 1182}
1229 1183
1230static void reg_process_ht_flags(struct wiphy *wiphy) 1184static void reg_process_ht_flags(struct wiphy *wiphy)
@@ -1234,34 +1188,29 @@ static void reg_process_ht_flags(struct wiphy *wiphy)
1234 if (!wiphy) 1188 if (!wiphy)
1235 return; 1189 return;
1236 1190
1237 for (band = 0; band < IEEE80211_NUM_BANDS; band++) { 1191 for (band = 0; band < IEEE80211_NUM_BANDS; band++)
1238 if (wiphy->bands[band]) 1192 reg_process_ht_flags_band(wiphy, wiphy->bands[band]);
1239 reg_process_ht_flags_band(wiphy, band);
1240 }
1241
1242} 1193}
1243 1194
1244static void wiphy_update_regulatory(struct wiphy *wiphy, 1195static void wiphy_update_regulatory(struct wiphy *wiphy,
1245 enum nl80211_reg_initiator initiator) 1196 enum nl80211_reg_initiator initiator)
1246{ 1197{
1247 enum ieee80211_band band; 1198 enum ieee80211_band band;
1248 1199 struct regulatory_request *lr = get_last_request();
1249 assert_reg_lock();
1250 1200
1251 if (ignore_reg_update(wiphy, initiator)) 1201 if (ignore_reg_update(wiphy, initiator))
1252 return; 1202 return;
1253 1203
1254 last_request->dfs_region = cfg80211_regdomain->dfs_region; 1204 lr->dfs_region = get_cfg80211_regdom()->dfs_region;
1255 1205
1256 for (band = 0; band < IEEE80211_NUM_BANDS; band++) { 1206 for (band = 0; band < IEEE80211_NUM_BANDS; band++)
1257 if (wiphy->bands[band]) 1207 handle_band(wiphy, initiator, wiphy->bands[band]);
1258 handle_band(wiphy, band, initiator);
1259 }
1260 1208
1261 reg_process_beacons(wiphy); 1209 reg_process_beacons(wiphy);
1262 reg_process_ht_flags(wiphy); 1210 reg_process_ht_flags(wiphy);
1211
1263 if (wiphy->reg_notifier) 1212 if (wiphy->reg_notifier)
1264 wiphy->reg_notifier(wiphy, last_request); 1213 wiphy->reg_notifier(wiphy, lr);
1265} 1214}
1266 1215
1267static void update_all_wiphy_regulatory(enum nl80211_reg_initiator initiator) 1216static void update_all_wiphy_regulatory(enum nl80211_reg_initiator initiator)
@@ -1269,6 +1218,8 @@ static void update_all_wiphy_regulatory(enum nl80211_reg_initiator initiator)
1269 struct cfg80211_registered_device *rdev; 1218 struct cfg80211_registered_device *rdev;
1270 struct wiphy *wiphy; 1219 struct wiphy *wiphy;
1271 1220
1221 assert_cfg80211_lock();
1222
1272 list_for_each_entry(rdev, &cfg80211_rdev_list, list) { 1223 list_for_each_entry(rdev, &cfg80211_rdev_list, list) {
1273 wiphy = &rdev->wiphy; 1224 wiphy = &rdev->wiphy;
1274 wiphy_update_regulatory(wiphy, initiator); 1225 wiphy_update_regulatory(wiphy, initiator);
@@ -1280,47 +1231,30 @@ static void update_all_wiphy_regulatory(enum nl80211_reg_initiator initiator)
1280 if (initiator == NL80211_REGDOM_SET_BY_CORE && 1231 if (initiator == NL80211_REGDOM_SET_BY_CORE &&
1281 wiphy->flags & WIPHY_FLAG_CUSTOM_REGULATORY && 1232 wiphy->flags & WIPHY_FLAG_CUSTOM_REGULATORY &&
1282 wiphy->reg_notifier) 1233 wiphy->reg_notifier)
1283 wiphy->reg_notifier(wiphy, last_request); 1234 wiphy->reg_notifier(wiphy, get_last_request());
1284 } 1235 }
1285} 1236}
1286 1237
1287static void handle_channel_custom(struct wiphy *wiphy, 1238static void handle_channel_custom(struct wiphy *wiphy,
1288 enum ieee80211_band band, 1239 struct ieee80211_channel *chan,
1289 unsigned int chan_idx,
1290 const struct ieee80211_regdomain *regd) 1240 const struct ieee80211_regdomain *regd)
1291{ 1241{
1292 int r;
1293 u32 desired_bw_khz = MHZ_TO_KHZ(20);
1294 u32 bw_flags = 0; 1242 u32 bw_flags = 0;
1295 const struct ieee80211_reg_rule *reg_rule = NULL; 1243 const struct ieee80211_reg_rule *reg_rule = NULL;
1296 const struct ieee80211_power_rule *power_rule = NULL; 1244 const struct ieee80211_power_rule *power_rule = NULL;
1297 const struct ieee80211_freq_range *freq_range = NULL; 1245 const struct ieee80211_freq_range *freq_range = NULL;
1298 struct ieee80211_supported_band *sband;
1299 struct ieee80211_channel *chan;
1300
1301 assert_reg_lock();
1302 1246
1303 sband = wiphy->bands[band]; 1247 reg_rule = freq_reg_info_regd(wiphy, MHZ_TO_KHZ(chan->center_freq),
1304 BUG_ON(chan_idx >= sband->n_channels); 1248 regd);
1305 chan = &sband->channels[chan_idx];
1306
1307 r = freq_reg_info_regd(wiphy,
1308 MHZ_TO_KHZ(chan->center_freq),
1309 desired_bw_khz,
1310 &reg_rule,
1311 regd);
1312 1249
1313 if (r) { 1250 if (IS_ERR(reg_rule)) {
1314 REG_DBG_PRINT("Disabling freq %d MHz as custom " 1251 REG_DBG_PRINT("Disabling freq %d MHz as custom regd has no rule that fits it\n",
1315 "regd has no rule that fits a %d MHz " 1252 chan->center_freq);
1316 "wide channel\n",
1317 chan->center_freq,
1318 KHZ_TO_MHZ(desired_bw_khz));
1319 chan->flags = IEEE80211_CHAN_DISABLED; 1253 chan->flags = IEEE80211_CHAN_DISABLED;
1320 return; 1254 return;
1321 } 1255 }
1322 1256
1323 chan_reg_rule_print_dbg(chan, desired_bw_khz, reg_rule); 1257 chan_reg_rule_print_dbg(chan, reg_rule);
1324 1258
1325 power_rule = &reg_rule->power_rule; 1259 power_rule = &reg_rule->power_rule;
1326 freq_range = &reg_rule->freq_range; 1260 freq_range = &reg_rule->freq_range;
@@ -1334,17 +1268,17 @@ static void handle_channel_custom(struct wiphy *wiphy,
1334 (int) MBM_TO_DBM(power_rule->max_eirp); 1268 (int) MBM_TO_DBM(power_rule->max_eirp);
1335} 1269}
1336 1270
1337static void handle_band_custom(struct wiphy *wiphy, enum ieee80211_band band, 1271static void handle_band_custom(struct wiphy *wiphy,
1272 struct ieee80211_supported_band *sband,
1338 const struct ieee80211_regdomain *regd) 1273 const struct ieee80211_regdomain *regd)
1339{ 1274{
1340 unsigned int i; 1275 unsigned int i;
1341 struct ieee80211_supported_band *sband;
1342 1276
1343 BUG_ON(!wiphy->bands[band]); 1277 if (!sband)
1344 sband = wiphy->bands[band]; 1278 return;
1345 1279
1346 for (i = 0; i < sband->n_channels; i++) 1280 for (i = 0; i < sband->n_channels; i++)
1347 handle_channel_custom(wiphy, band, i, regd); 1281 handle_channel_custom(wiphy, &sband->channels[i], regd);
1348} 1282}
1349 1283
1350/* Used by drivers prior to wiphy registration */ 1284/* Used by drivers prior to wiphy registration */
@@ -1354,60 +1288,50 @@ void wiphy_apply_custom_regulatory(struct wiphy *wiphy,
1354 enum ieee80211_band band; 1288 enum ieee80211_band band;
1355 unsigned int bands_set = 0; 1289 unsigned int bands_set = 0;
1356 1290
1357 mutex_lock(&reg_mutex);
1358 for (band = 0; band < IEEE80211_NUM_BANDS; band++) { 1291 for (band = 0; band < IEEE80211_NUM_BANDS; band++) {
1359 if (!wiphy->bands[band]) 1292 if (!wiphy->bands[band])
1360 continue; 1293 continue;
1361 handle_band_custom(wiphy, band, regd); 1294 handle_band_custom(wiphy, wiphy->bands[band], regd);
1362 bands_set++; 1295 bands_set++;
1363 } 1296 }
1364 mutex_unlock(&reg_mutex);
1365 1297
1366 /* 1298 /*
1367 * no point in calling this if it won't have any effect 1299 * no point in calling this if it won't have any effect
1368 * on your device's supportd bands. 1300 * on your device's supported bands.
1369 */ 1301 */
1370 WARN_ON(!bands_set); 1302 WARN_ON(!bands_set);
1371} 1303}
1372EXPORT_SYMBOL(wiphy_apply_custom_regulatory); 1304EXPORT_SYMBOL(wiphy_apply_custom_regulatory);
1373 1305
1374/*
1375 * Return value which can be used by ignore_request() to indicate
1376 * it has been determined we should intersect two regulatory domains
1377 */
1378#define REG_INTERSECT 1
1379
1380/* This has the logic which determines when a new request 1306/* This has the logic which determines when a new request
1381 * should be ignored. */ 1307 * should be ignored. */
1382static int ignore_request(struct wiphy *wiphy, 1308static enum reg_request_treatment
1309get_reg_request_treatment(struct wiphy *wiphy,
1383 struct regulatory_request *pending_request) 1310 struct regulatory_request *pending_request)
1384{ 1311{
1385 struct wiphy *last_wiphy = NULL; 1312 struct wiphy *last_wiphy = NULL;
1386 1313 struct regulatory_request *lr = get_last_request();
1387 assert_cfg80211_lock();
1388 1314
1389 /* All initial requests are respected */ 1315 /* All initial requests are respected */
1390 if (!last_request) 1316 if (!lr)
1391 return 0; 1317 return REG_REQ_OK;
1392 1318
1393 switch (pending_request->initiator) { 1319 switch (pending_request->initiator) {
1394 case NL80211_REGDOM_SET_BY_CORE: 1320 case NL80211_REGDOM_SET_BY_CORE:
1395 return 0; 1321 return REG_REQ_OK;
1396 case NL80211_REGDOM_SET_BY_COUNTRY_IE: 1322 case NL80211_REGDOM_SET_BY_COUNTRY_IE:
1397 1323 if (reg_request_cell_base(lr)) {
1398 if (reg_request_cell_base(last_request)) {
1399 /* Trust a Cell base station over the AP's country IE */ 1324 /* Trust a Cell base station over the AP's country IE */
1400 if (regdom_changes(pending_request->alpha2)) 1325 if (regdom_changes(pending_request->alpha2))
1401 return -EOPNOTSUPP; 1326 return REG_REQ_IGNORE;
1402 return -EALREADY; 1327 return REG_REQ_ALREADY_SET;
1403 } 1328 }
1404 1329
1405 last_wiphy = wiphy_idx_to_wiphy(last_request->wiphy_idx); 1330 last_wiphy = wiphy_idx_to_wiphy(lr->wiphy_idx);
1406 1331
1407 if (unlikely(!is_an_alpha2(pending_request->alpha2))) 1332 if (unlikely(!is_an_alpha2(pending_request->alpha2)))
1408 return -EINVAL; 1333 return -EINVAL;
1409 if (last_request->initiator == 1334 if (lr->initiator == NL80211_REGDOM_SET_BY_COUNTRY_IE) {
1410 NL80211_REGDOM_SET_BY_COUNTRY_IE) {
1411 if (last_wiphy != wiphy) { 1335 if (last_wiphy != wiphy) {
1412 /* 1336 /*
1413 * Two cards with two APs claiming different 1337 * Two cards with two APs claiming different
@@ -1416,23 +1340,23 @@ static int ignore_request(struct wiphy *wiphy,
1416 * to be correct. Reject second one for now. 1340 * to be correct. Reject second one for now.
1417 */ 1341 */
1418 if (regdom_changes(pending_request->alpha2)) 1342 if (regdom_changes(pending_request->alpha2))
1419 return -EOPNOTSUPP; 1343 return REG_REQ_IGNORE;
1420 return -EALREADY; 1344 return REG_REQ_ALREADY_SET;
1421 } 1345 }
1422 /* 1346 /*
1423 * Two consecutive Country IE hints on the same wiphy. 1347 * Two consecutive Country IE hints on the same wiphy.
1424 * This should be picked up early by the driver/stack 1348 * This should be picked up early by the driver/stack
1425 */ 1349 */
1426 if (WARN_ON(regdom_changes(pending_request->alpha2))) 1350 if (WARN_ON(regdom_changes(pending_request->alpha2)))
1427 return 0; 1351 return REG_REQ_OK;
1428 return -EALREADY; 1352 return REG_REQ_ALREADY_SET;
1429 } 1353 }
1430 return 0; 1354 return 0;
1431 case NL80211_REGDOM_SET_BY_DRIVER: 1355 case NL80211_REGDOM_SET_BY_DRIVER:
1432 if (last_request->initiator == NL80211_REGDOM_SET_BY_CORE) { 1356 if (lr->initiator == NL80211_REGDOM_SET_BY_CORE) {
1433 if (regdom_changes(pending_request->alpha2)) 1357 if (regdom_changes(pending_request->alpha2))
1434 return 0; 1358 return REG_REQ_OK;
1435 return -EALREADY; 1359 return REG_REQ_ALREADY_SET;
1436 } 1360 }
1437 1361
1438 /* 1362 /*
@@ -1440,59 +1364,59 @@ static int ignore_request(struct wiphy *wiphy,
1440 * back in or if you add a new device for which the previously 1364 * back in or if you add a new device for which the previously
1441 * loaded card also agrees on the regulatory domain. 1365 * loaded card also agrees on the regulatory domain.
1442 */ 1366 */
1443 if (last_request->initiator == NL80211_REGDOM_SET_BY_DRIVER && 1367 if (lr->initiator == NL80211_REGDOM_SET_BY_DRIVER &&
1444 !regdom_changes(pending_request->alpha2)) 1368 !regdom_changes(pending_request->alpha2))
1445 return -EALREADY; 1369 return REG_REQ_ALREADY_SET;
1446 1370
1447 return REG_INTERSECT; 1371 return REG_REQ_INTERSECT;
1448 case NL80211_REGDOM_SET_BY_USER: 1372 case NL80211_REGDOM_SET_BY_USER:
1449 if (reg_request_cell_base(pending_request)) 1373 if (reg_request_cell_base(pending_request))
1450 return reg_ignore_cell_hint(pending_request); 1374 return reg_ignore_cell_hint(pending_request);
1451 1375
1452 if (reg_request_cell_base(last_request)) 1376 if (reg_request_cell_base(lr))
1453 return -EOPNOTSUPP; 1377 return REG_REQ_IGNORE;
1454 1378
1455 if (last_request->initiator == NL80211_REGDOM_SET_BY_COUNTRY_IE) 1379 if (lr->initiator == NL80211_REGDOM_SET_BY_COUNTRY_IE)
1456 return REG_INTERSECT; 1380 return REG_REQ_INTERSECT;
1457 /* 1381 /*
1458 * If the user knows better the user should set the regdom 1382 * If the user knows better the user should set the regdom
1459 * to their country before the IE is picked up 1383 * to their country before the IE is picked up
1460 */ 1384 */
1461 if (last_request->initiator == NL80211_REGDOM_SET_BY_USER && 1385 if (lr->initiator == NL80211_REGDOM_SET_BY_USER &&
1462 last_request->intersect) 1386 lr->intersect)
1463 return -EOPNOTSUPP; 1387 return REG_REQ_IGNORE;
1464 /* 1388 /*
1465 * Process user requests only after previous user/driver/core 1389 * Process user requests only after previous user/driver/core
1466 * requests have been processed 1390 * requests have been processed
1467 */ 1391 */
1468 if (last_request->initiator == NL80211_REGDOM_SET_BY_CORE || 1392 if ((lr->initiator == NL80211_REGDOM_SET_BY_CORE ||
1469 last_request->initiator == NL80211_REGDOM_SET_BY_DRIVER || 1393 lr->initiator == NL80211_REGDOM_SET_BY_DRIVER ||
1470 last_request->initiator == NL80211_REGDOM_SET_BY_USER) { 1394 lr->initiator == NL80211_REGDOM_SET_BY_USER) &&
1471 if (regdom_changes(last_request->alpha2)) 1395 regdom_changes(lr->alpha2))
1472 return -EAGAIN; 1396 return REG_REQ_IGNORE;
1473 }
1474 1397
1475 if (!regdom_changes(pending_request->alpha2)) 1398 if (!regdom_changes(pending_request->alpha2))
1476 return -EALREADY; 1399 return REG_REQ_ALREADY_SET;
1477 1400
1478 return 0; 1401 return REG_REQ_OK;
1479 } 1402 }
1480 1403
1481 return -EINVAL; 1404 return REG_REQ_IGNORE;
1482} 1405}
1483 1406
1484static void reg_set_request_processed(void) 1407static void reg_set_request_processed(void)
1485{ 1408{
1486 bool need_more_processing = false; 1409 bool need_more_processing = false;
1410 struct regulatory_request *lr = get_last_request();
1487 1411
1488 last_request->processed = true; 1412 lr->processed = true;
1489 1413
1490 spin_lock(&reg_requests_lock); 1414 spin_lock(&reg_requests_lock);
1491 if (!list_empty(&reg_requests_list)) 1415 if (!list_empty(&reg_requests_list))
1492 need_more_processing = true; 1416 need_more_processing = true;
1493 spin_unlock(&reg_requests_lock); 1417 spin_unlock(&reg_requests_lock);
1494 1418
1495 if (last_request->initiator == NL80211_REGDOM_SET_BY_USER) 1419 if (lr->initiator == NL80211_REGDOM_SET_BY_USER)
1496 cancel_delayed_work(&reg_timeout); 1420 cancel_delayed_work(&reg_timeout);
1497 1421
1498 if (need_more_processing) 1422 if (need_more_processing)
@@ -1508,116 +1432,122 @@ static void reg_set_request_processed(void)
1508 * The Wireless subsystem can use this function to hint to the wireless core 1432 * The Wireless subsystem can use this function to hint to the wireless core
1509 * what it believes should be the current regulatory domain. 1433 * what it believes should be the current regulatory domain.
1510 * 1434 *
1511 * Returns zero if all went fine, %-EALREADY if a regulatory domain had 1435 * Returns one of the different reg request treatment values.
1512 * already been set or other standard error codes.
1513 * 1436 *
1514 * Caller must hold &cfg80211_mutex and &reg_mutex 1437 * Caller must hold &reg_mutex
1515 */ 1438 */
1516static int __regulatory_hint(struct wiphy *wiphy, 1439static enum reg_request_treatment
1517 struct regulatory_request *pending_request) 1440__regulatory_hint(struct wiphy *wiphy,
1441 struct regulatory_request *pending_request)
1518{ 1442{
1443 const struct ieee80211_regdomain *regd;
1519 bool intersect = false; 1444 bool intersect = false;
1520 int r = 0; 1445 enum reg_request_treatment treatment;
1521 1446 struct regulatory_request *lr;
1522 assert_cfg80211_lock();
1523 1447
1524 r = ignore_request(wiphy, pending_request); 1448 treatment = get_reg_request_treatment(wiphy, pending_request);
1525 1449
1526 if (r == REG_INTERSECT) { 1450 switch (treatment) {
1451 case REG_REQ_INTERSECT:
1527 if (pending_request->initiator == 1452 if (pending_request->initiator ==
1528 NL80211_REGDOM_SET_BY_DRIVER) { 1453 NL80211_REGDOM_SET_BY_DRIVER) {
1529 r = reg_copy_regd(&wiphy->regd, cfg80211_regdomain); 1454 regd = reg_copy_regd(get_cfg80211_regdom());
1530 if (r) { 1455 if (IS_ERR(regd)) {
1531 kfree(pending_request); 1456 kfree(pending_request);
1532 return r; 1457 return PTR_ERR(regd);
1533 } 1458 }
1459 rcu_assign_pointer(wiphy->regd, regd);
1534 } 1460 }
1535 intersect = true; 1461 intersect = true;
1536 } else if (r) { 1462 break;
1463 case REG_REQ_OK:
1464 break;
1465 default:
1537 /* 1466 /*
1538 * If the regulatory domain being requested by the 1467 * If the regulatory domain being requested by the
1539 * driver has already been set just copy it to the 1468 * driver has already been set just copy it to the
1540 * wiphy 1469 * wiphy
1541 */ 1470 */
1542 if (r == -EALREADY && 1471 if (treatment == REG_REQ_ALREADY_SET &&
1543 pending_request->initiator == 1472 pending_request->initiator == NL80211_REGDOM_SET_BY_DRIVER) {
1544 NL80211_REGDOM_SET_BY_DRIVER) { 1473 regd = reg_copy_regd(get_cfg80211_regdom());
1545 r = reg_copy_regd(&wiphy->regd, cfg80211_regdomain); 1474 if (IS_ERR(regd)) {
1546 if (r) {
1547 kfree(pending_request); 1475 kfree(pending_request);
1548 return r; 1476 return REG_REQ_IGNORE;
1549 } 1477 }
1550 r = -EALREADY; 1478 treatment = REG_REQ_ALREADY_SET;
1479 rcu_assign_pointer(wiphy->regd, regd);
1551 goto new_request; 1480 goto new_request;
1552 } 1481 }
1553 kfree(pending_request); 1482 kfree(pending_request);
1554 return r; 1483 return treatment;
1555 } 1484 }
1556 1485
1557new_request: 1486new_request:
1558 if (last_request != &core_request_world) 1487 lr = get_last_request();
1559 kfree(last_request); 1488 if (lr != &core_request_world && lr)
1489 kfree_rcu(lr, rcu_head);
1560 1490
1561 last_request = pending_request; 1491 pending_request->intersect = intersect;
1562 last_request->intersect = intersect; 1492 pending_request->processed = false;
1493 rcu_assign_pointer(last_request, pending_request);
1494 lr = pending_request;
1563 1495
1564 pending_request = NULL; 1496 pending_request = NULL;
1565 1497
1566 if (last_request->initiator == NL80211_REGDOM_SET_BY_USER) { 1498 if (lr->initiator == NL80211_REGDOM_SET_BY_USER) {
1567 user_alpha2[0] = last_request->alpha2[0]; 1499 user_alpha2[0] = lr->alpha2[0];
1568 user_alpha2[1] = last_request->alpha2[1]; 1500 user_alpha2[1] = lr->alpha2[1];
1569 } 1501 }
1570 1502
1571 /* When r == REG_INTERSECT we do need to call CRDA */ 1503 /* When r == REG_REQ_INTERSECT we do need to call CRDA */
1572 if (r < 0) { 1504 if (treatment != REG_REQ_OK && treatment != REG_REQ_INTERSECT) {
1573 /* 1505 /*
1574 * Since CRDA will not be called in this case as we already 1506 * Since CRDA will not be called in this case as we already
1575 * have applied the requested regulatory domain before we just 1507 * have applied the requested regulatory domain before we just
1576 * inform userspace we have processed the request 1508 * inform userspace we have processed the request
1577 */ 1509 */
1578 if (r == -EALREADY) { 1510 if (treatment == REG_REQ_ALREADY_SET) {
1579 nl80211_send_reg_change_event(last_request); 1511 nl80211_send_reg_change_event(lr);
1580 reg_set_request_processed(); 1512 reg_set_request_processed();
1581 } 1513 }
1582 return r; 1514 return treatment;
1583 } 1515 }
1584 1516
1585 return call_crda(last_request->alpha2); 1517 if (call_crda(lr->alpha2))
1518 return REG_REQ_IGNORE;
1519 return REG_REQ_OK;
1586} 1520}
1587 1521
1588/* This processes *all* regulatory hints */ 1522/* This processes *all* regulatory hints */
1589static void reg_process_hint(struct regulatory_request *reg_request, 1523static void reg_process_hint(struct regulatory_request *reg_request,
1590 enum nl80211_reg_initiator reg_initiator) 1524 enum nl80211_reg_initiator reg_initiator)
1591{ 1525{
1592 int r = 0;
1593 struct wiphy *wiphy = NULL; 1526 struct wiphy *wiphy = NULL;
1594 1527
1595 BUG_ON(!reg_request->alpha2); 1528 if (WARN_ON(!reg_request->alpha2))
1529 return;
1596 1530
1597 if (wiphy_idx_valid(reg_request->wiphy_idx)) 1531 if (reg_request->wiphy_idx != WIPHY_IDX_INVALID)
1598 wiphy = wiphy_idx_to_wiphy(reg_request->wiphy_idx); 1532 wiphy = wiphy_idx_to_wiphy(reg_request->wiphy_idx);
1599 1533
1600 if (reg_initiator == NL80211_REGDOM_SET_BY_DRIVER && 1534 if (reg_initiator == NL80211_REGDOM_SET_BY_DRIVER && !wiphy) {
1601 !wiphy) {
1602 kfree(reg_request); 1535 kfree(reg_request);
1603 return; 1536 return;
1604 } 1537 }
1605 1538
1606 r = __regulatory_hint(wiphy, reg_request); 1539 switch (__regulatory_hint(wiphy, reg_request)) {
1607 /* This is required so that the orig_* parameters are saved */ 1540 case REG_REQ_ALREADY_SET:
1608 if (r == -EALREADY && wiphy && 1541 /* This is required so that the orig_* parameters are saved */
1609 wiphy->flags & WIPHY_FLAG_STRICT_REGULATORY) { 1542 if (wiphy && wiphy->flags & WIPHY_FLAG_STRICT_REGULATORY)
1610 wiphy_update_regulatory(wiphy, reg_initiator); 1543 wiphy_update_regulatory(wiphy, reg_initiator);
1611 return; 1544 break;
1545 default:
1546 if (reg_initiator == NL80211_REGDOM_SET_BY_USER)
1547 schedule_delayed_work(&reg_timeout,
1548 msecs_to_jiffies(3142));
1549 break;
1612 } 1550 }
1613
1614 /*
1615 * We only time out user hints, given that they should be the only
1616 * source of bogus requests.
1617 */
1618 if (r != -EALREADY &&
1619 reg_initiator == NL80211_REGDOM_SET_BY_USER)
1620 schedule_delayed_work(&reg_timeout, msecs_to_jiffies(3142));
1621} 1551}
1622 1552
1623/* 1553/*
@@ -1627,15 +1557,15 @@ static void reg_process_hint(struct regulatory_request *reg_request,
1627 */ 1557 */
1628static void reg_process_pending_hints(void) 1558static void reg_process_pending_hints(void)
1629{ 1559{
1630 struct regulatory_request *reg_request; 1560 struct regulatory_request *reg_request, *lr;
1631 1561
1632 mutex_lock(&cfg80211_mutex); 1562 mutex_lock(&cfg80211_mutex);
1633 mutex_lock(&reg_mutex); 1563 mutex_lock(&reg_mutex);
1564 lr = get_last_request();
1634 1565
1635 /* When last_request->processed becomes true this will be rescheduled */ 1566 /* When last_request->processed becomes true this will be rescheduled */
1636 if (last_request && !last_request->processed) { 1567 if (lr && !lr->processed) {
1637 REG_DBG_PRINT("Pending regulatory request, waiting " 1568 REG_DBG_PRINT("Pending regulatory request, waiting for it to be processed...\n");
1638 "for it to be processed...\n");
1639 goto out; 1569 goto out;
1640 } 1570 }
1641 1571
@@ -1666,23 +1596,14 @@ static void reg_process_pending_beacon_hints(void)
1666 struct cfg80211_registered_device *rdev; 1596 struct cfg80211_registered_device *rdev;
1667 struct reg_beacon *pending_beacon, *tmp; 1597 struct reg_beacon *pending_beacon, *tmp;
1668 1598
1669 /*
1670 * No need to hold the reg_mutex here as we just touch wiphys
1671 * and do not read or access regulatory variables.
1672 */
1673 mutex_lock(&cfg80211_mutex); 1599 mutex_lock(&cfg80211_mutex);
1600 mutex_lock(&reg_mutex);
1674 1601
1675 /* This goes through the _pending_ beacon list */ 1602 /* This goes through the _pending_ beacon list */
1676 spin_lock_bh(&reg_pending_beacons_lock); 1603 spin_lock_bh(&reg_pending_beacons_lock);
1677 1604
1678 if (list_empty(&reg_pending_beacons)) {
1679 spin_unlock_bh(&reg_pending_beacons_lock);
1680 goto out;
1681 }
1682
1683 list_for_each_entry_safe(pending_beacon, tmp, 1605 list_for_each_entry_safe(pending_beacon, tmp,
1684 &reg_pending_beacons, list) { 1606 &reg_pending_beacons, list) {
1685
1686 list_del_init(&pending_beacon->list); 1607 list_del_init(&pending_beacon->list);
1687 1608
1688 /* Applies the beacon hint to current wiphys */ 1609 /* Applies the beacon hint to current wiphys */
@@ -1694,7 +1615,7 @@ static void reg_process_pending_beacon_hints(void)
1694 } 1615 }
1695 1616
1696 spin_unlock_bh(&reg_pending_beacons_lock); 1617 spin_unlock_bh(&reg_pending_beacons_lock);
1697out: 1618 mutex_unlock(&reg_mutex);
1698 mutex_unlock(&cfg80211_mutex); 1619 mutex_unlock(&cfg80211_mutex);
1699} 1620}
1700 1621
@@ -1706,10 +1627,8 @@ static void reg_todo(struct work_struct *work)
1706 1627
1707static void queue_regulatory_request(struct regulatory_request *request) 1628static void queue_regulatory_request(struct regulatory_request *request)
1708{ 1629{
1709 if (isalpha(request->alpha2[0])) 1630 request->alpha2[0] = toupper(request->alpha2[0]);
1710 request->alpha2[0] = toupper(request->alpha2[0]); 1631 request->alpha2[1] = toupper(request->alpha2[1]);
1711 if (isalpha(request->alpha2[1]))
1712 request->alpha2[1] = toupper(request->alpha2[1]);
1713 1632
1714 spin_lock(&reg_requests_lock); 1633 spin_lock(&reg_requests_lock);
1715 list_add_tail(&request->list, &reg_requests_list); 1634 list_add_tail(&request->list, &reg_requests_list);
@@ -1726,8 +1645,7 @@ static int regulatory_hint_core(const char *alpha2)
1726{ 1645{
1727 struct regulatory_request *request; 1646 struct regulatory_request *request;
1728 1647
1729 request = kzalloc(sizeof(struct regulatory_request), 1648 request = kzalloc(sizeof(struct regulatory_request), GFP_KERNEL);
1730 GFP_KERNEL);
1731 if (!request) 1649 if (!request)
1732 return -ENOMEM; 1650 return -ENOMEM;
1733 1651
@@ -1746,13 +1664,14 @@ int regulatory_hint_user(const char *alpha2,
1746{ 1664{
1747 struct regulatory_request *request; 1665 struct regulatory_request *request;
1748 1666
1749 BUG_ON(!alpha2); 1667 if (WARN_ON(!alpha2))
1668 return -EINVAL;
1750 1669
1751 request = kzalloc(sizeof(struct regulatory_request), GFP_KERNEL); 1670 request = kzalloc(sizeof(struct regulatory_request), GFP_KERNEL);
1752 if (!request) 1671 if (!request)
1753 return -ENOMEM; 1672 return -ENOMEM;
1754 1673
1755 request->wiphy_idx = WIPHY_IDX_STALE; 1674 request->wiphy_idx = WIPHY_IDX_INVALID;
1756 request->alpha2[0] = alpha2[0]; 1675 request->alpha2[0] = alpha2[0];
1757 request->alpha2[1] = alpha2[1]; 1676 request->alpha2[1] = alpha2[1];
1758 request->initiator = NL80211_REGDOM_SET_BY_USER; 1677 request->initiator = NL80211_REGDOM_SET_BY_USER;
@@ -1768,8 +1687,8 @@ int regulatory_hint(struct wiphy *wiphy, const char *alpha2)
1768{ 1687{
1769 struct regulatory_request *request; 1688 struct regulatory_request *request;
1770 1689
1771 BUG_ON(!alpha2); 1690 if (WARN_ON(!alpha2 || !wiphy))
1772 BUG_ON(!wiphy); 1691 return -EINVAL;
1773 1692
1774 request = kzalloc(sizeof(struct regulatory_request), GFP_KERNEL); 1693 request = kzalloc(sizeof(struct regulatory_request), GFP_KERNEL);
1775 if (!request) 1694 if (!request)
@@ -1777,9 +1696,6 @@ int regulatory_hint(struct wiphy *wiphy, const char *alpha2)
1777 1696
1778 request->wiphy_idx = get_wiphy_idx(wiphy); 1697 request->wiphy_idx = get_wiphy_idx(wiphy);
1779 1698
1780 /* Must have registered wiphy first */
1781 BUG_ON(!wiphy_idx_valid(request->wiphy_idx));
1782
1783 request->alpha2[0] = alpha2[0]; 1699 request->alpha2[0] = alpha2[0];
1784 request->alpha2[1] = alpha2[1]; 1700 request->alpha2[1] = alpha2[1];
1785 request->initiator = NL80211_REGDOM_SET_BY_DRIVER; 1701 request->initiator = NL80211_REGDOM_SET_BY_DRIVER;
@@ -1794,18 +1710,17 @@ EXPORT_SYMBOL(regulatory_hint);
1794 * We hold wdev_lock() here so we cannot hold cfg80211_mutex() and 1710 * We hold wdev_lock() here so we cannot hold cfg80211_mutex() and
1795 * therefore cannot iterate over the rdev list here. 1711 * therefore cannot iterate over the rdev list here.
1796 */ 1712 */
1797void regulatory_hint_11d(struct wiphy *wiphy, 1713void regulatory_hint_11d(struct wiphy *wiphy, enum ieee80211_band band,
1798 enum ieee80211_band band, 1714 const u8 *country_ie, u8 country_ie_len)
1799 const u8 *country_ie,
1800 u8 country_ie_len)
1801{ 1715{
1802 char alpha2[2]; 1716 char alpha2[2];
1803 enum environment_cap env = ENVIRON_ANY; 1717 enum environment_cap env = ENVIRON_ANY;
1804 struct regulatory_request *request; 1718 struct regulatory_request *request, *lr;
1805 1719
1806 mutex_lock(&reg_mutex); 1720 mutex_lock(&reg_mutex);
1721 lr = get_last_request();
1807 1722
1808 if (unlikely(!last_request)) 1723 if (unlikely(!lr))
1809 goto out; 1724 goto out;
1810 1725
1811 /* IE len must be evenly divisible by 2 */ 1726 /* IE len must be evenly divisible by 2 */
@@ -1828,9 +1743,8 @@ void regulatory_hint_11d(struct wiphy *wiphy,
1828 * We leave conflict resolution to the workqueue, where can hold 1743 * We leave conflict resolution to the workqueue, where can hold
1829 * cfg80211_mutex. 1744 * cfg80211_mutex.
1830 */ 1745 */
1831 if (likely(last_request->initiator == 1746 if (lr->initiator == NL80211_REGDOM_SET_BY_COUNTRY_IE &&
1832 NL80211_REGDOM_SET_BY_COUNTRY_IE && 1747 lr->wiphy_idx != WIPHY_IDX_INVALID)
1833 wiphy_idx_valid(last_request->wiphy_idx)))
1834 goto out; 1748 goto out;
1835 1749
1836 request = kzalloc(sizeof(struct regulatory_request), GFP_KERNEL); 1750 request = kzalloc(sizeof(struct regulatory_request), GFP_KERNEL);
@@ -1843,12 +1757,7 @@ void regulatory_hint_11d(struct wiphy *wiphy,
1843 request->initiator = NL80211_REGDOM_SET_BY_COUNTRY_IE; 1757 request->initiator = NL80211_REGDOM_SET_BY_COUNTRY_IE;
1844 request->country_ie_env = env; 1758 request->country_ie_env = env;
1845 1759
1846 mutex_unlock(&reg_mutex);
1847
1848 queue_regulatory_request(request); 1760 queue_regulatory_request(request);
1849
1850 return;
1851
1852out: 1761out:
1853 mutex_unlock(&reg_mutex); 1762 mutex_unlock(&reg_mutex);
1854} 1763}
@@ -1863,8 +1772,7 @@ static void restore_alpha2(char *alpha2, bool reset_user)
1863 if (is_user_regdom_saved()) { 1772 if (is_user_regdom_saved()) {
1864 /* Unless we're asked to ignore it and reset it */ 1773 /* Unless we're asked to ignore it and reset it */
1865 if (reset_user) { 1774 if (reset_user) {
1866 REG_DBG_PRINT("Restoring regulatory settings " 1775 REG_DBG_PRINT("Restoring regulatory settings including user preference\n");
1867 "including user preference\n");
1868 user_alpha2[0] = '9'; 1776 user_alpha2[0] = '9';
1869 user_alpha2[1] = '7'; 1777 user_alpha2[1] = '7';
1870 1778
@@ -1874,26 +1782,20 @@ static void restore_alpha2(char *alpha2, bool reset_user)
1874 * back as they were for a full restore. 1782 * back as they were for a full restore.
1875 */ 1783 */
1876 if (!is_world_regdom(ieee80211_regdom)) { 1784 if (!is_world_regdom(ieee80211_regdom)) {
1877 REG_DBG_PRINT("Keeping preference on " 1785 REG_DBG_PRINT("Keeping preference on module parameter ieee80211_regdom: %c%c\n",
1878 "module parameter ieee80211_regdom: %c%c\n", 1786 ieee80211_regdom[0], ieee80211_regdom[1]);
1879 ieee80211_regdom[0],
1880 ieee80211_regdom[1]);
1881 alpha2[0] = ieee80211_regdom[0]; 1787 alpha2[0] = ieee80211_regdom[0];
1882 alpha2[1] = ieee80211_regdom[1]; 1788 alpha2[1] = ieee80211_regdom[1];
1883 } 1789 }
1884 } else { 1790 } else {
1885 REG_DBG_PRINT("Restoring regulatory settings " 1791 REG_DBG_PRINT("Restoring regulatory settings while preserving user preference for: %c%c\n",
1886 "while preserving user preference for: %c%c\n", 1792 user_alpha2[0], user_alpha2[1]);
1887 user_alpha2[0],
1888 user_alpha2[1]);
1889 alpha2[0] = user_alpha2[0]; 1793 alpha2[0] = user_alpha2[0];
1890 alpha2[1] = user_alpha2[1]; 1794 alpha2[1] = user_alpha2[1];
1891 } 1795 }
1892 } else if (!is_world_regdom(ieee80211_regdom)) { 1796 } else if (!is_world_regdom(ieee80211_regdom)) {
1893 REG_DBG_PRINT("Keeping preference on " 1797 REG_DBG_PRINT("Keeping preference on module parameter ieee80211_regdom: %c%c\n",
1894 "module parameter ieee80211_regdom: %c%c\n", 1798 ieee80211_regdom[0], ieee80211_regdom[1]);
1895 ieee80211_regdom[0],
1896 ieee80211_regdom[1]);
1897 alpha2[0] = ieee80211_regdom[0]; 1799 alpha2[0] = ieee80211_regdom[0];
1898 alpha2[1] = ieee80211_regdom[1]; 1800 alpha2[1] = ieee80211_regdom[1];
1899 } else 1801 } else
@@ -1948,7 +1850,7 @@ static void restore_regulatory_settings(bool reset_user)
1948 mutex_lock(&cfg80211_mutex); 1850 mutex_lock(&cfg80211_mutex);
1949 mutex_lock(&reg_mutex); 1851 mutex_lock(&reg_mutex);
1950 1852
1951 reset_regdomains(true); 1853 reset_regdomains(true, &world_regdom);
1952 restore_alpha2(alpha2, reset_user); 1854 restore_alpha2(alpha2, reset_user);
1953 1855
1954 /* 1856 /*
@@ -1958,49 +1860,35 @@ static void restore_regulatory_settings(bool reset_user)
1958 * settings. 1860 * settings.
1959 */ 1861 */
1960 spin_lock(&reg_requests_lock); 1862 spin_lock(&reg_requests_lock);
1961 if (!list_empty(&reg_requests_list)) { 1863 list_for_each_entry_safe(reg_request, tmp, &reg_requests_list, list) {
1962 list_for_each_entry_safe(reg_request, tmp, 1864 if (reg_request->initiator != NL80211_REGDOM_SET_BY_USER)
1963 &reg_requests_list, list) { 1865 continue;
1964 if (reg_request->initiator != 1866 list_move_tail(&reg_request->list, &tmp_reg_req_list);
1965 NL80211_REGDOM_SET_BY_USER)
1966 continue;
1967 list_move_tail(&reg_request->list, &tmp_reg_req_list);
1968 }
1969 } 1867 }
1970 spin_unlock(&reg_requests_lock); 1868 spin_unlock(&reg_requests_lock);
1971 1869
1972 /* Clear beacon hints */ 1870 /* Clear beacon hints */
1973 spin_lock_bh(&reg_pending_beacons_lock); 1871 spin_lock_bh(&reg_pending_beacons_lock);
1974 if (!list_empty(&reg_pending_beacons)) { 1872 list_for_each_entry_safe(reg_beacon, btmp, &reg_pending_beacons, list) {
1975 list_for_each_entry_safe(reg_beacon, btmp, 1873 list_del(&reg_beacon->list);
1976 &reg_pending_beacons, list) { 1874 kfree(reg_beacon);
1977 list_del(&reg_beacon->list);
1978 kfree(reg_beacon);
1979 }
1980 } 1875 }
1981 spin_unlock_bh(&reg_pending_beacons_lock); 1876 spin_unlock_bh(&reg_pending_beacons_lock);
1982 1877
1983 if (!list_empty(&reg_beacon_list)) { 1878 list_for_each_entry_safe(reg_beacon, btmp, &reg_beacon_list, list) {
1984 list_for_each_entry_safe(reg_beacon, btmp, 1879 list_del(&reg_beacon->list);
1985 &reg_beacon_list, list) { 1880 kfree(reg_beacon);
1986 list_del(&reg_beacon->list);
1987 kfree(reg_beacon);
1988 }
1989 } 1881 }
1990 1882
1991 /* First restore to the basic regulatory settings */ 1883 /* First restore to the basic regulatory settings */
1992 cfg80211_regdomain = cfg80211_world_regdom; 1884 world_alpha2[0] = cfg80211_world_regdom->alpha2[0];
1993 world_alpha2[0] = cfg80211_regdomain->alpha2[0]; 1885 world_alpha2[1] = cfg80211_world_regdom->alpha2[1];
1994 world_alpha2[1] = cfg80211_regdomain->alpha2[1];
1995 1886
1996 list_for_each_entry(rdev, &cfg80211_rdev_list, list) { 1887 list_for_each_entry(rdev, &cfg80211_rdev_list, list) {
1997 if (rdev->wiphy.flags & WIPHY_FLAG_CUSTOM_REGULATORY) 1888 if (rdev->wiphy.flags & WIPHY_FLAG_CUSTOM_REGULATORY)
1998 restore_custom_reg_settings(&rdev->wiphy); 1889 restore_custom_reg_settings(&rdev->wiphy);
1999 } 1890 }
2000 1891
2001 mutex_unlock(&reg_mutex);
2002 mutex_unlock(&cfg80211_mutex);
2003
2004 regulatory_hint_core(world_alpha2); 1892 regulatory_hint_core(world_alpha2);
2005 1893
2006 /* 1894 /*
@@ -2011,20 +1899,8 @@ static void restore_regulatory_settings(bool reset_user)
2011 if (is_an_alpha2(alpha2)) 1899 if (is_an_alpha2(alpha2))
2012 regulatory_hint_user(user_alpha2, NL80211_USER_REG_HINT_USER); 1900 regulatory_hint_user(user_alpha2, NL80211_USER_REG_HINT_USER);
2013 1901
2014 if (list_empty(&tmp_reg_req_list))
2015 return;
2016
2017 mutex_lock(&cfg80211_mutex);
2018 mutex_lock(&reg_mutex);
2019
2020 spin_lock(&reg_requests_lock); 1902 spin_lock(&reg_requests_lock);
2021 list_for_each_entry_safe(reg_request, tmp, &tmp_reg_req_list, list) { 1903 list_splice_tail_init(&tmp_reg_req_list, &reg_requests_list);
2022 REG_DBG_PRINT("Adding request for country %c%c back "
2023 "into the queue\n",
2024 reg_request->alpha2[0],
2025 reg_request->alpha2[1]);
2026 list_move_tail(&reg_request->list, &reg_requests_list);
2027 }
2028 spin_unlock(&reg_requests_lock); 1904 spin_unlock(&reg_requests_lock);
2029 1905
2030 mutex_unlock(&reg_mutex); 1906 mutex_unlock(&reg_mutex);
@@ -2037,8 +1913,7 @@ static void restore_regulatory_settings(bool reset_user)
2037 1913
2038void regulatory_hint_disconnect(void) 1914void regulatory_hint_disconnect(void)
2039{ 1915{
2040 REG_DBG_PRINT("All devices are disconnected, going to " 1916 REG_DBG_PRINT("All devices are disconnected, going to restore regulatory settings\n");
2041 "restore regulatory settings\n");
2042 restore_regulatory_settings(false); 1917 restore_regulatory_settings(false);
2043} 1918}
2044 1919
@@ -2051,31 +1926,48 @@ static bool freq_is_chan_12_13_14(u16 freq)
2051 return false; 1926 return false;
2052} 1927}
2053 1928
1929static bool pending_reg_beacon(struct ieee80211_channel *beacon_chan)
1930{
1931 struct reg_beacon *pending_beacon;
1932
1933 list_for_each_entry(pending_beacon, &reg_pending_beacons, list)
1934 if (beacon_chan->center_freq ==
1935 pending_beacon->chan.center_freq)
1936 return true;
1937 return false;
1938}
1939
2054int regulatory_hint_found_beacon(struct wiphy *wiphy, 1940int regulatory_hint_found_beacon(struct wiphy *wiphy,
2055 struct ieee80211_channel *beacon_chan, 1941 struct ieee80211_channel *beacon_chan,
2056 gfp_t gfp) 1942 gfp_t gfp)
2057{ 1943{
2058 struct reg_beacon *reg_beacon; 1944 struct reg_beacon *reg_beacon;
1945 bool processing;
2059 1946
2060 if (likely((beacon_chan->beacon_found || 1947 if (beacon_chan->beacon_found ||
2061 (beacon_chan->flags & IEEE80211_CHAN_RADAR) || 1948 beacon_chan->flags & IEEE80211_CHAN_RADAR ||
2062 (beacon_chan->band == IEEE80211_BAND_2GHZ && 1949 (beacon_chan->band == IEEE80211_BAND_2GHZ &&
2063 !freq_is_chan_12_13_14(beacon_chan->center_freq))))) 1950 !freq_is_chan_12_13_14(beacon_chan->center_freq)))
1951 return 0;
1952
1953 spin_lock_bh(&reg_pending_beacons_lock);
1954 processing = pending_reg_beacon(beacon_chan);
1955 spin_unlock_bh(&reg_pending_beacons_lock);
1956
1957 if (processing)
2064 return 0; 1958 return 0;
2065 1959
2066 reg_beacon = kzalloc(sizeof(struct reg_beacon), gfp); 1960 reg_beacon = kzalloc(sizeof(struct reg_beacon), gfp);
2067 if (!reg_beacon) 1961 if (!reg_beacon)
2068 return -ENOMEM; 1962 return -ENOMEM;
2069 1963
2070 REG_DBG_PRINT("Found new beacon on " 1964 REG_DBG_PRINT("Found new beacon on frequency: %d MHz (Ch %d) on %s\n",
2071 "frequency: %d MHz (Ch %d) on %s\n",
2072 beacon_chan->center_freq, 1965 beacon_chan->center_freq,
2073 ieee80211_frequency_to_channel(beacon_chan->center_freq), 1966 ieee80211_frequency_to_channel(beacon_chan->center_freq),
2074 wiphy_name(wiphy)); 1967 wiphy_name(wiphy));
2075 1968
2076 memcpy(&reg_beacon->chan, beacon_chan, 1969 memcpy(&reg_beacon->chan, beacon_chan,
2077 sizeof(struct ieee80211_channel)); 1970 sizeof(struct ieee80211_channel));
2078
2079 1971
2080 /* 1972 /*
2081 * Since we can be called from BH or and non-BH context 1973 * Since we can be called from BH or and non-BH context
@@ -2155,21 +2047,19 @@ static void print_dfs_region(u8 dfs_region)
2155 pr_info(" DFS Master region JP"); 2047 pr_info(" DFS Master region JP");
2156 break; 2048 break;
2157 default: 2049 default:
2158 pr_info(" DFS Master region Uknown"); 2050 pr_info(" DFS Master region Unknown");
2159 break; 2051 break;
2160 } 2052 }
2161} 2053}
2162 2054
2163static void print_regdomain(const struct ieee80211_regdomain *rd) 2055static void print_regdomain(const struct ieee80211_regdomain *rd)
2164{ 2056{
2057 struct regulatory_request *lr = get_last_request();
2165 2058
2166 if (is_intersected_alpha2(rd->alpha2)) { 2059 if (is_intersected_alpha2(rd->alpha2)) {
2167 2060 if (lr->initiator == NL80211_REGDOM_SET_BY_COUNTRY_IE) {
2168 if (last_request->initiator ==
2169 NL80211_REGDOM_SET_BY_COUNTRY_IE) {
2170 struct cfg80211_registered_device *rdev; 2061 struct cfg80211_registered_device *rdev;
2171 rdev = cfg80211_rdev_by_wiphy_idx( 2062 rdev = cfg80211_rdev_by_wiphy_idx(lr->wiphy_idx);
2172 last_request->wiphy_idx);
2173 if (rdev) { 2063 if (rdev) {
2174 pr_info("Current regulatory domain updated by AP to: %c%c\n", 2064 pr_info("Current regulatory domain updated by AP to: %c%c\n",
2175 rdev->country_ie_alpha2[0], 2065 rdev->country_ie_alpha2[0],
@@ -2178,22 +2068,21 @@ static void print_regdomain(const struct ieee80211_regdomain *rd)
2178 pr_info("Current regulatory domain intersected:\n"); 2068 pr_info("Current regulatory domain intersected:\n");
2179 } else 2069 } else
2180 pr_info("Current regulatory domain intersected:\n"); 2070 pr_info("Current regulatory domain intersected:\n");
2181 } else if (is_world_regdom(rd->alpha2)) 2071 } else if (is_world_regdom(rd->alpha2)) {
2182 pr_info("World regulatory domain updated:\n"); 2072 pr_info("World regulatory domain updated:\n");
2183 else { 2073 } else {
2184 if (is_unknown_alpha2(rd->alpha2)) 2074 if (is_unknown_alpha2(rd->alpha2))
2185 pr_info("Regulatory domain changed to driver built-in settings (unknown country)\n"); 2075 pr_info("Regulatory domain changed to driver built-in settings (unknown country)\n");
2186 else { 2076 else {
2187 if (reg_request_cell_base(last_request)) 2077 if (reg_request_cell_base(lr))
2188 pr_info("Regulatory domain changed " 2078 pr_info("Regulatory domain changed to country: %c%c by Cell Station\n",
2189 "to country: %c%c by Cell Station\n",
2190 rd->alpha2[0], rd->alpha2[1]); 2079 rd->alpha2[0], rd->alpha2[1]);
2191 else 2080 else
2192 pr_info("Regulatory domain changed " 2081 pr_info("Regulatory domain changed to country: %c%c\n",
2193 "to country: %c%c\n",
2194 rd->alpha2[0], rd->alpha2[1]); 2082 rd->alpha2[0], rd->alpha2[1]);
2195 } 2083 }
2196 } 2084 }
2085
2197 print_dfs_region(rd->dfs_region); 2086 print_dfs_region(rd->dfs_region);
2198 print_rd_rules(rd); 2087 print_rd_rules(rd);
2199} 2088}
@@ -2207,22 +2096,23 @@ static void print_regdomain_info(const struct ieee80211_regdomain *rd)
2207/* Takes ownership of rd only if it doesn't fail */ 2096/* Takes ownership of rd only if it doesn't fail */
2208static int __set_regdom(const struct ieee80211_regdomain *rd) 2097static int __set_regdom(const struct ieee80211_regdomain *rd)
2209{ 2098{
2099 const struct ieee80211_regdomain *regd;
2210 const struct ieee80211_regdomain *intersected_rd = NULL; 2100 const struct ieee80211_regdomain *intersected_rd = NULL;
2211 struct wiphy *request_wiphy; 2101 struct wiphy *request_wiphy;
2102 struct regulatory_request *lr = get_last_request();
2103
2212 /* Some basic sanity checks first */ 2104 /* Some basic sanity checks first */
2213 2105
2106 if (!reg_is_valid_request(rd->alpha2))
2107 return -EINVAL;
2108
2214 if (is_world_regdom(rd->alpha2)) { 2109 if (is_world_regdom(rd->alpha2)) {
2215 if (WARN_ON(!reg_is_valid_request(rd->alpha2)))
2216 return -EINVAL;
2217 update_world_regdomain(rd); 2110 update_world_regdomain(rd);
2218 return 0; 2111 return 0;
2219 } 2112 }
2220 2113
2221 if (!is_alpha2_set(rd->alpha2) && !is_an_alpha2(rd->alpha2) && 2114 if (!is_alpha2_set(rd->alpha2) && !is_an_alpha2(rd->alpha2) &&
2222 !is_unknown_alpha2(rd->alpha2)) 2115 !is_unknown_alpha2(rd->alpha2))
2223 return -EINVAL;
2224
2225 if (!last_request)
2226 return -EINVAL; 2116 return -EINVAL;
2227 2117
2228 /* 2118 /*
@@ -2230,7 +2120,7 @@ static int __set_regdom(const struct ieee80211_regdomain *rd)
2230 * rd is non static (it means CRDA was present and was used last) 2120 * rd is non static (it means CRDA was present and was used last)
2231 * and the pending request came in from a country IE 2121 * and the pending request came in from a country IE
2232 */ 2122 */
2233 if (last_request->initiator != NL80211_REGDOM_SET_BY_COUNTRY_IE) { 2123 if (lr->initiator != NL80211_REGDOM_SET_BY_COUNTRY_IE) {
2234 /* 2124 /*
2235 * If someone else asked us to change the rd lets only bother 2125 * If someone else asked us to change the rd lets only bother
2236 * checking if the alpha2 changes if CRDA was already called 2126 * checking if the alpha2 changes if CRDA was already called
@@ -2246,29 +2136,23 @@ static int __set_regdom(const struct ieee80211_regdomain *rd)
2246 * internal EEPROM data 2136 * internal EEPROM data
2247 */ 2137 */
2248 2138
2249 if (WARN_ON(!reg_is_valid_request(rd->alpha2)))
2250 return -EINVAL;
2251
2252 if (!is_valid_rd(rd)) { 2139 if (!is_valid_rd(rd)) {
2253 pr_err("Invalid regulatory domain detected:\n"); 2140 pr_err("Invalid regulatory domain detected:\n");
2254 print_regdomain_info(rd); 2141 print_regdomain_info(rd);
2255 return -EINVAL; 2142 return -EINVAL;
2256 } 2143 }
2257 2144
2258 request_wiphy = wiphy_idx_to_wiphy(last_request->wiphy_idx); 2145 request_wiphy = wiphy_idx_to_wiphy(lr->wiphy_idx);
2259 if (!request_wiphy && 2146 if (!request_wiphy &&
2260 (last_request->initiator == NL80211_REGDOM_SET_BY_DRIVER || 2147 (lr->initiator == NL80211_REGDOM_SET_BY_DRIVER ||
2261 last_request->initiator == NL80211_REGDOM_SET_BY_COUNTRY_IE)) { 2148 lr->initiator == NL80211_REGDOM_SET_BY_COUNTRY_IE)) {
2262 schedule_delayed_work(&reg_timeout, 0); 2149 schedule_delayed_work(&reg_timeout, 0);
2263 return -ENODEV; 2150 return -ENODEV;
2264 } 2151 }
2265 2152
2266 if (!last_request->intersect) { 2153 if (!lr->intersect) {
2267 int r; 2154 if (lr->initiator != NL80211_REGDOM_SET_BY_DRIVER) {
2268 2155 reset_regdomains(false, rd);
2269 if (last_request->initiator != NL80211_REGDOM_SET_BY_DRIVER) {
2270 reset_regdomains(false);
2271 cfg80211_regdomain = rd;
2272 return 0; 2156 return 0;
2273 } 2157 }
2274 2158
@@ -2284,20 +2168,19 @@ static int __set_regdom(const struct ieee80211_regdomain *rd)
2284 if (request_wiphy->regd) 2168 if (request_wiphy->regd)
2285 return -EALREADY; 2169 return -EALREADY;
2286 2170
2287 r = reg_copy_regd(&request_wiphy->regd, rd); 2171 regd = reg_copy_regd(rd);
2288 if (r) 2172 if (IS_ERR(regd))
2289 return r; 2173 return PTR_ERR(regd);
2290 2174
2291 reset_regdomains(false); 2175 rcu_assign_pointer(request_wiphy->regd, regd);
2292 cfg80211_regdomain = rd; 2176 reset_regdomains(false, rd);
2293 return 0; 2177 return 0;
2294 } 2178 }
2295 2179
2296 /* Intersection requires a bit more work */ 2180 /* Intersection requires a bit more work */
2297 2181
2298 if (last_request->initiator != NL80211_REGDOM_SET_BY_COUNTRY_IE) { 2182 if (lr->initiator != NL80211_REGDOM_SET_BY_COUNTRY_IE) {
2299 2183 intersected_rd = regdom_intersect(rd, get_cfg80211_regdom());
2300 intersected_rd = regdom_intersect(rd, cfg80211_regdomain);
2301 if (!intersected_rd) 2184 if (!intersected_rd)
2302 return -EINVAL; 2185 return -EINVAL;
2303 2186
@@ -2306,15 +2189,14 @@ static int __set_regdom(const struct ieee80211_regdomain *rd)
2306 * However if a driver requested this specific regulatory 2189 * However if a driver requested this specific regulatory
2307 * domain we keep it for its private use 2190 * domain we keep it for its private use
2308 */ 2191 */
2309 if (last_request->initiator == NL80211_REGDOM_SET_BY_DRIVER) 2192 if (lr->initiator == NL80211_REGDOM_SET_BY_DRIVER)
2310 request_wiphy->regd = rd; 2193 rcu_assign_pointer(request_wiphy->regd, rd);
2311 else 2194 else
2312 kfree(rd); 2195 kfree(rd);
2313 2196
2314 rd = NULL; 2197 rd = NULL;
2315 2198
2316 reset_regdomains(false); 2199 reset_regdomains(false, intersected_rd);
2317 cfg80211_regdomain = intersected_rd;
2318 2200
2319 return 0; 2201 return 0;
2320 } 2202 }
@@ -2326,15 +2208,15 @@ static int __set_regdom(const struct ieee80211_regdomain *rd)
2326/* 2208/*
2327 * Use this call to set the current regulatory domain. Conflicts with 2209 * Use this call to set the current regulatory domain. Conflicts with
2328 * multiple drivers can be ironed out later. Caller must've already 2210 * multiple drivers can be ironed out later. Caller must've already
2329 * kmalloc'd the rd structure. Caller must hold cfg80211_mutex 2211 * kmalloc'd the rd structure.
2330 */ 2212 */
2331int set_regdom(const struct ieee80211_regdomain *rd) 2213int set_regdom(const struct ieee80211_regdomain *rd)
2332{ 2214{
2215 struct regulatory_request *lr;
2333 int r; 2216 int r;
2334 2217
2335 assert_cfg80211_lock();
2336
2337 mutex_lock(&reg_mutex); 2218 mutex_lock(&reg_mutex);
2219 lr = get_last_request();
2338 2220
2339 /* Note that this doesn't update the wiphys, this is done below */ 2221 /* Note that this doesn't update the wiphys, this is done below */
2340 r = __set_regdom(rd); 2222 r = __set_regdom(rd);
@@ -2343,23 +2225,25 @@ int set_regdom(const struct ieee80211_regdomain *rd)
2343 reg_set_request_processed(); 2225 reg_set_request_processed();
2344 2226
2345 kfree(rd); 2227 kfree(rd);
2346 mutex_unlock(&reg_mutex); 2228 goto out;
2347 return r;
2348 } 2229 }
2349 2230
2350 /* This would make this whole thing pointless */ 2231 /* This would make this whole thing pointless */
2351 if (!last_request->intersect) 2232 if (WARN_ON(!lr->intersect && rd != get_cfg80211_regdom())) {
2352 BUG_ON(rd != cfg80211_regdomain); 2233 r = -EINVAL;
2234 goto out;
2235 }
2353 2236
2354 /* update all wiphys now with the new established regulatory domain */ 2237 /* update all wiphys now with the new established regulatory domain */
2355 update_all_wiphy_regulatory(last_request->initiator); 2238 update_all_wiphy_regulatory(lr->initiator);
2356 2239
2357 print_regdomain(cfg80211_regdomain); 2240 print_regdomain(get_cfg80211_regdom());
2358 2241
2359 nl80211_send_reg_change_event(last_request); 2242 nl80211_send_reg_change_event(lr);
2360 2243
2361 reg_set_request_processed(); 2244 reg_set_request_processed();
2362 2245
2246 out:
2363 mutex_unlock(&reg_mutex); 2247 mutex_unlock(&reg_mutex);
2364 2248
2365 return r; 2249 return r;
@@ -2368,13 +2252,21 @@ int set_regdom(const struct ieee80211_regdomain *rd)
2368#ifdef CONFIG_HOTPLUG 2252#ifdef CONFIG_HOTPLUG
2369int reg_device_uevent(struct device *dev, struct kobj_uevent_env *env) 2253int reg_device_uevent(struct device *dev, struct kobj_uevent_env *env)
2370{ 2254{
2371 if (last_request && !last_request->processed) { 2255 struct regulatory_request *lr;
2372 if (add_uevent_var(env, "COUNTRY=%c%c", 2256 u8 alpha2[2];
2373 last_request->alpha2[0], 2257 bool add = false;
2374 last_request->alpha2[1])) 2258
2375 return -ENOMEM; 2259 rcu_read_lock();
2260 lr = get_last_request();
2261 if (lr && !lr->processed) {
2262 memcpy(alpha2, lr->alpha2, 2);
2263 add = true;
2376 } 2264 }
2265 rcu_read_unlock();
2377 2266
2267 if (add)
2268 return add_uevent_var(env, "COUNTRY=%c%c",
2269 alpha2[0], alpha2[1]);
2378 return 0; 2270 return 0;
2379} 2271}
2380#else 2272#else
@@ -2386,8 +2278,6 @@ int reg_device_uevent(struct device *dev, struct kobj_uevent_env *env)
2386 2278
2387void wiphy_regulatory_register(struct wiphy *wiphy) 2279void wiphy_regulatory_register(struct wiphy *wiphy)
2388{ 2280{
2389 assert_cfg80211_lock();
2390
2391 mutex_lock(&reg_mutex); 2281 mutex_lock(&reg_mutex);
2392 2282
2393 if (!reg_dev_ignore_cell_hint(wiphy)) 2283 if (!reg_dev_ignore_cell_hint(wiphy))
@@ -2402,32 +2292,32 @@ void wiphy_regulatory_register(struct wiphy *wiphy)
2402void wiphy_regulatory_deregister(struct wiphy *wiphy) 2292void wiphy_regulatory_deregister(struct wiphy *wiphy)
2403{ 2293{
2404 struct wiphy *request_wiphy = NULL; 2294 struct wiphy *request_wiphy = NULL;
2405 2295 struct regulatory_request *lr;
2406 assert_cfg80211_lock();
2407 2296
2408 mutex_lock(&reg_mutex); 2297 mutex_lock(&reg_mutex);
2298 lr = get_last_request();
2409 2299
2410 if (!reg_dev_ignore_cell_hint(wiphy)) 2300 if (!reg_dev_ignore_cell_hint(wiphy))
2411 reg_num_devs_support_basehint--; 2301 reg_num_devs_support_basehint--;
2412 2302
2413 kfree(wiphy->regd); 2303 rcu_free_regdom(get_wiphy_regdom(wiphy));
2304 rcu_assign_pointer(wiphy->regd, NULL);
2414 2305
2415 if (last_request) 2306 if (lr)
2416 request_wiphy = wiphy_idx_to_wiphy(last_request->wiphy_idx); 2307 request_wiphy = wiphy_idx_to_wiphy(lr->wiphy_idx);
2417 2308
2418 if (!request_wiphy || request_wiphy != wiphy) 2309 if (!request_wiphy || request_wiphy != wiphy)
2419 goto out; 2310 goto out;
2420 2311
2421 last_request->wiphy_idx = WIPHY_IDX_STALE; 2312 lr->wiphy_idx = WIPHY_IDX_INVALID;
2422 last_request->country_ie_env = ENVIRON_ANY; 2313 lr->country_ie_env = ENVIRON_ANY;
2423out: 2314out:
2424 mutex_unlock(&reg_mutex); 2315 mutex_unlock(&reg_mutex);
2425} 2316}
2426 2317
2427static void reg_timeout_work(struct work_struct *work) 2318static void reg_timeout_work(struct work_struct *work)
2428{ 2319{
2429 REG_DBG_PRINT("Timeout while waiting for CRDA to reply, " 2320 REG_DBG_PRINT("Timeout while waiting for CRDA to reply, restoring regulatory settings\n");
2430 "restoring regulatory settings\n");
2431 restore_regulatory_settings(true); 2321 restore_regulatory_settings(true);
2432} 2322}
2433 2323
@@ -2446,13 +2336,13 @@ int __init regulatory_init(void)
2446 2336
2447 reg_regdb_size_check(); 2337 reg_regdb_size_check();
2448 2338
2449 cfg80211_regdomain = cfg80211_world_regdom; 2339 rcu_assign_pointer(cfg80211_regdomain, cfg80211_world_regdom);
2450 2340
2451 user_alpha2[0] = '9'; 2341 user_alpha2[0] = '9';
2452 user_alpha2[1] = '7'; 2342 user_alpha2[1] = '7';
2453 2343
2454 /* We always try to get an update for the static regdomain */ 2344 /* We always try to get an update for the static regdomain */
2455 err = regulatory_hint_core(cfg80211_regdomain->alpha2); 2345 err = regulatory_hint_core(cfg80211_world_regdom->alpha2);
2456 if (err) { 2346 if (err) {
2457 if (err == -ENOMEM) 2347 if (err == -ENOMEM)
2458 return err; 2348 return err;
@@ -2464,10 +2354,6 @@ int __init regulatory_init(void)
2464 * errors as non-fatal. 2354 * errors as non-fatal.
2465 */ 2355 */
2466 pr_err("kobject_uevent_env() was unable to call CRDA during init\n"); 2356 pr_err("kobject_uevent_env() was unable to call CRDA during init\n");
2467#ifdef CONFIG_CFG80211_REG_DEBUG
2468 /* We want to find out exactly why when debugging */
2469 WARN_ON(err);
2470#endif
2471 } 2357 }
2472 2358
2473 /* 2359 /*
@@ -2481,7 +2367,7 @@ int __init regulatory_init(void)
2481 return 0; 2367 return 0;
2482} 2368}
2483 2369
2484void /* __init_or_exit */ regulatory_exit(void) 2370void regulatory_exit(void)
2485{ 2371{
2486 struct regulatory_request *reg_request, *tmp; 2372 struct regulatory_request *reg_request, *tmp;
2487 struct reg_beacon *reg_beacon, *btmp; 2373 struct reg_beacon *reg_beacon, *btmp;
@@ -2489,43 +2375,27 @@ void /* __init_or_exit */ regulatory_exit(void)
2489 cancel_work_sync(&reg_work); 2375 cancel_work_sync(&reg_work);
2490 cancel_delayed_work_sync(&reg_timeout); 2376 cancel_delayed_work_sync(&reg_timeout);
2491 2377
2492 mutex_lock(&cfg80211_mutex); 2378 /* Lock to suppress warnings */
2493 mutex_lock(&reg_mutex); 2379 mutex_lock(&reg_mutex);
2494 2380 reset_regdomains(true, NULL);
2495 reset_regdomains(true); 2381 mutex_unlock(&reg_mutex);
2496 2382
2497 dev_set_uevent_suppress(&reg_pdev->dev, true); 2383 dev_set_uevent_suppress(&reg_pdev->dev, true);
2498 2384
2499 platform_device_unregister(reg_pdev); 2385 platform_device_unregister(reg_pdev);
2500 2386
2501 spin_lock_bh(&reg_pending_beacons_lock); 2387 list_for_each_entry_safe(reg_beacon, btmp, &reg_pending_beacons, list) {
2502 if (!list_empty(&reg_pending_beacons)) { 2388 list_del(&reg_beacon->list);
2503 list_for_each_entry_safe(reg_beacon, btmp, 2389 kfree(reg_beacon);
2504 &reg_pending_beacons, list) {
2505 list_del(&reg_beacon->list);
2506 kfree(reg_beacon);
2507 }
2508 } 2390 }
2509 spin_unlock_bh(&reg_pending_beacons_lock);
2510 2391
2511 if (!list_empty(&reg_beacon_list)) { 2392 list_for_each_entry_safe(reg_beacon, btmp, &reg_beacon_list, list) {
2512 list_for_each_entry_safe(reg_beacon, btmp, 2393 list_del(&reg_beacon->list);
2513 &reg_beacon_list, list) { 2394 kfree(reg_beacon);
2514 list_del(&reg_beacon->list);
2515 kfree(reg_beacon);
2516 }
2517 } 2395 }
2518 2396
2519 spin_lock(&reg_requests_lock); 2397 list_for_each_entry_safe(reg_request, tmp, &reg_requests_list, list) {
2520 if (!list_empty(&reg_requests_list)) { 2398 list_del(&reg_request->list);
2521 list_for_each_entry_safe(reg_request, tmp, 2399 kfree(reg_request);
2522 &reg_requests_list, list) {
2523 list_del(&reg_request->list);
2524 kfree(reg_request);
2525 }
2526 } 2400 }
2527 spin_unlock(&reg_requests_lock);
2528
2529 mutex_unlock(&reg_mutex);
2530 mutex_unlock(&cfg80211_mutex);
2531} 2401}
diff --git a/net/wireless/reg.h b/net/wireless/reg.h
index 4c0a32ffd530..af2d5f8a5d82 100644
--- a/net/wireless/reg.h
+++ b/net/wireless/reg.h
@@ -16,10 +16,9 @@
16 * OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE. 16 * OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE.
17 */ 17 */
18 18
19extern const struct ieee80211_regdomain *cfg80211_regdomain; 19extern const struct ieee80211_regdomain __rcu *cfg80211_regdomain;
20 20
21bool is_world_regdom(const char *alpha2); 21bool is_world_regdom(const char *alpha2);
22bool reg_is_valid_request(const char *alpha2);
23bool reg_supported_dfs_region(u8 dfs_region); 22bool reg_supported_dfs_region(u8 dfs_region);
24 23
25int regulatory_hint_user(const char *alpha2, 24int regulatory_hint_user(const char *alpha2,
@@ -55,8 +54,8 @@ bool reg_last_request_cell_base(void);
55 * set the wiphy->disable_beacon_hints to true. 54 * set the wiphy->disable_beacon_hints to true.
56 */ 55 */
57int regulatory_hint_found_beacon(struct wiphy *wiphy, 56int regulatory_hint_found_beacon(struct wiphy *wiphy,
58 struct ieee80211_channel *beacon_chan, 57 struct ieee80211_channel *beacon_chan,
59 gfp_t gfp); 58 gfp_t gfp);
60 59
61/** 60/**
62 * regulatory_hint_11d - hints a country IE as a regulatory domain 61 * regulatory_hint_11d - hints a country IE as a regulatory domain
diff --git a/net/wireless/sme.c b/net/wireless/sme.c
index f2431e41a373..a825dfe12cf7 100644
--- a/net/wireless/sme.c
+++ b/net/wireless/sme.c
@@ -192,7 +192,8 @@ static int cfg80211_conn_do_work(struct wireless_dev *wdev)
192 prev_bssid, 192 prev_bssid,
193 params->ssid, params->ssid_len, 193 params->ssid, params->ssid_len,
194 params->ie, params->ie_len, 194 params->ie, params->ie_len,
195 false, &params->crypto, 195 params->mfp != NL80211_MFP_NO,
196 &params->crypto,
196 params->flags, &params->ht_capa, 197 params->flags, &params->ht_capa,
197 &params->ht_capa_mask); 198 &params->ht_capa_mask);
198 if (err) 199 if (err)
@@ -519,10 +520,8 @@ void __cfg80211_connect_result(struct net_device *dev, const u8 *bssid,
519 * - country_ie + 2, the start of the country ie data, and 520 * - country_ie + 2, the start of the country ie data, and
520 * - and country_ie[1] which is the IE length 521 * - and country_ie[1] which is the IE length
521 */ 522 */
522 regulatory_hint_11d(wdev->wiphy, 523 regulatory_hint_11d(wdev->wiphy, bss->channel->band,
523 bss->channel->band, 524 country_ie + 2, country_ie[1]);
524 country_ie + 2,
525 country_ie[1]);
526 kfree(country_ie); 525 kfree(country_ie);
527} 526}
528 527
diff --git a/net/wireless/trace.h b/net/wireless/trace.h
index 2134576f426e..8bc553199686 100644
--- a/net/wireless/trace.h
+++ b/net/wireless/trace.h
@@ -1767,6 +1767,24 @@ DEFINE_EVENT(wiphy_wdev_evt, rdev_stop_p2p_device,
1767 TP_ARGS(wiphy, wdev) 1767 TP_ARGS(wiphy, wdev)
1768); 1768);
1769 1769
1770TRACE_EVENT(rdev_set_mac_acl,
1771 TP_PROTO(struct wiphy *wiphy, struct net_device *netdev,
1772 struct cfg80211_acl_data *params),
1773 TP_ARGS(wiphy, netdev, params),
1774 TP_STRUCT__entry(
1775 WIPHY_ENTRY
1776 NETDEV_ENTRY
1777 __field(u32, acl_policy)
1778 ),
1779 TP_fast_assign(
1780 WIPHY_ASSIGN;
1781 WIPHY_ASSIGN;
1782 __entry->acl_policy = params->acl_policy;
1783 ),
1784 TP_printk(WIPHY_PR_FMT ", " NETDEV_PR_FMT ", acl policy: %d",
1785 WIPHY_PR_ARG, NETDEV_PR_ARG, __entry->acl_policy)
1786);
1787
1770/************************************************************* 1788/*************************************************************
1771 * cfg80211 exported functions traces * 1789 * cfg80211 exported functions traces *
1772 *************************************************************/ 1790 *************************************************************/
diff --git a/net/wireless/util.c b/net/wireless/util.c
index 16d76a807c2f..d7873c7ae0ec 100644
--- a/net/wireless/util.c
+++ b/net/wireless/util.c
@@ -1184,7 +1184,8 @@ int cfg80211_can_use_iftype_chan(struct cfg80211_registered_device *rdev,
1184 struct wireless_dev *wdev, 1184 struct wireless_dev *wdev,
1185 enum nl80211_iftype iftype, 1185 enum nl80211_iftype iftype,
1186 struct ieee80211_channel *chan, 1186 struct ieee80211_channel *chan,
1187 enum cfg80211_chan_mode chanmode) 1187 enum cfg80211_chan_mode chanmode,
1188 u8 radar_detect)
1188{ 1189{
1189 struct wireless_dev *wdev_iter; 1190 struct wireless_dev *wdev_iter;
1190 u32 used_iftypes = BIT(iftype); 1191 u32 used_iftypes = BIT(iftype);
@@ -1195,14 +1196,46 @@ int cfg80211_can_use_iftype_chan(struct cfg80211_registered_device *rdev,
1195 enum cfg80211_chan_mode chmode; 1196 enum cfg80211_chan_mode chmode;
1196 int num_different_channels = 0; 1197 int num_different_channels = 0;
1197 int total = 1; 1198 int total = 1;
1199 bool radar_required;
1198 int i, j; 1200 int i, j;
1199 1201
1200 ASSERT_RTNL(); 1202 ASSERT_RTNL();
1201 lockdep_assert_held(&rdev->devlist_mtx); 1203 lockdep_assert_held(&rdev->devlist_mtx);
1202 1204
1205 if (WARN_ON(hweight32(radar_detect) > 1))
1206 return -EINVAL;
1207
1208 switch (iftype) {
1209 case NL80211_IFTYPE_ADHOC:
1210 case NL80211_IFTYPE_AP:
1211 case NL80211_IFTYPE_AP_VLAN:
1212 case NL80211_IFTYPE_MESH_POINT:
1213 case NL80211_IFTYPE_P2P_GO:
1214 case NL80211_IFTYPE_WDS:
1215 radar_required = !!(chan &&
1216 (chan->flags & IEEE80211_CHAN_RADAR));
1217 break;
1218 case NL80211_IFTYPE_P2P_CLIENT:
1219 case NL80211_IFTYPE_STATION:
1220 case NL80211_IFTYPE_MONITOR:
1221 radar_required = false;
1222 break;
1223 case NL80211_IFTYPE_P2P_DEVICE:
1224 case NUM_NL80211_IFTYPES:
1225 case NL80211_IFTYPE_UNSPECIFIED:
1226 default:
1227 return -EINVAL;
1228 }
1229
1230 if (radar_required && !radar_detect)
1231 return -EINVAL;
1232
1203 /* Always allow software iftypes */ 1233 /* Always allow software iftypes */
1204 if (rdev->wiphy.software_iftypes & BIT(iftype)) 1234 if (rdev->wiphy.software_iftypes & BIT(iftype)) {
1235 if (radar_detect)
1236 return -EINVAL;
1205 return 0; 1237 return 0;
1238 }
1206 1239
1207 memset(num, 0, sizeof(num)); 1240 memset(num, 0, sizeof(num));
1208 memset(used_channels, 0, sizeof(used_channels)); 1241 memset(used_channels, 0, sizeof(used_channels));
@@ -1275,7 +1308,7 @@ int cfg80211_can_use_iftype_chan(struct cfg80211_registered_device *rdev,
1275 used_iftypes |= BIT(wdev_iter->iftype); 1308 used_iftypes |= BIT(wdev_iter->iftype);
1276 } 1309 }
1277 1310
1278 if (total == 1) 1311 if (total == 1 && !radar_detect)
1279 return 0; 1312 return 0;
1280 1313
1281 for (i = 0; i < rdev->wiphy.n_iface_combinations; i++) { 1314 for (i = 0; i < rdev->wiphy.n_iface_combinations; i++) {
@@ -1308,6 +1341,9 @@ int cfg80211_can_use_iftype_chan(struct cfg80211_registered_device *rdev,
1308 } 1341 }
1309 } 1342 }
1310 1343
1344 if (radar_detect && !(c->radar_detect_widths & radar_detect))
1345 goto cont;
1346
1311 /* 1347 /*
1312 * Finally check that all iftypes that we're currently 1348 * Finally check that all iftypes that we're currently
1313 * using are actually part of this combination. If they 1349 * using are actually part of this combination. If they
generated by cgit v1.2.2 (git 2.25.0) at 2024-10-13 14:18:30 -0400